diff options
author | Pavel Grafov <pgrafov@google.com> | 2017-06-28 19:03:58 +0100 |
---|---|---|
committer | Pavel Grafov <pgrafov@google.com> | 2017-06-28 20:38:33 +0100 |
commit | 9890f89ca2ec281709da9a002ac4dca163d27aa5 (patch) | |
tree | 9152f321dcd4a819a02b324fa9bc88901ec839ae /gatekeeperd | |
parent | 667a2a4b82637b36811103b902136fdb55166310 (diff) | |
download | core-9890f89ca2ec281709da9a002ac4dca163d27aa5.tar.gz core-9890f89ca2ec281709da9a002ac4dca163d27aa5.tar.bz2 core-9890f89ca2ec281709da9a002ac4dca163d27aa5.zip |
Don't look up parent user SID.
This is a revert of http://ag/741442
Every user now has their own SID, so there is no need to look up
profile parent anymore.
Bug: 38259874
Test: manual, using ConfirmCredential sample app in work profile.
Test: manual, making sure keys survive N->O-MR1 upgrade.
Change-Id: Ib2f52baeb7c5bfeec95431fccfd6ddd537019954
Diffstat (limited to 'gatekeeperd')
-rw-r--r-- | gatekeeperd/Android.mk | 3 | ||||
-rw-r--r-- | gatekeeperd/IUserManager.cpp | 57 | ||||
-rw-r--r-- | gatekeeperd/IUserManager.h | 46 | ||||
-rw-r--r-- | gatekeeperd/gatekeeperd.cpp | 19 |
4 files changed, 2 insertions, 123 deletions
diff --git a/gatekeeperd/Android.mk b/gatekeeperd/Android.mk index 0dfd9d8a9..28f0b07ab 100644 --- a/gatekeeperd/Android.mk +++ b/gatekeeperd/Android.mk @@ -21,8 +21,7 @@ LOCAL_CFLAGS := -Wall -Wextra -Werror -Wunused LOCAL_SRC_FILES := \ SoftGateKeeperDevice.cpp \ IGateKeeperService.cpp \ - gatekeeperd.cpp \ - IUserManager.cpp + gatekeeperd.cpp LOCAL_MODULE := gatekeeperd LOCAL_SHARED_LIBRARIES := \ diff --git a/gatekeeperd/IUserManager.cpp b/gatekeeperd/IUserManager.cpp deleted file mode 100644 index 8167d1919..000000000 --- a/gatekeeperd/IUserManager.cpp +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (C) 2015 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#define LOG_TAG "IUserManager" -#include <stdint.h> -#include <sys/types.h> -#include <utils/Log.h> -#include <binder/Parcel.h> - -#include "IUserManager.h" - -namespace android { - -class BpUserManager : public BpInterface<IUserManager> -{ -public: - explicit BpUserManager(const sp<IBinder>& impl) : - BpInterface<IUserManager>(impl) { - } - virtual int32_t getCredentialOwnerProfile(int32_t user_id) { - Parcel data, reply; - data.writeInterfaceToken(IUserManager::getInterfaceDescriptor()); - data.writeInt32(user_id); - status_t rc = remote()->transact(GET_CREDENTIAL_OWNER_PROFILE, data, &reply, 0); - if (rc != NO_ERROR) { - ALOGE("%s: failed (%d)\n", __func__, rc); - return -1; - } - - int32_t exception = reply.readExceptionCode(); - if (exception != 0) { - ALOGE("%s: got exception (%d)\n", __func__, exception); - return -1; - } - - return reply.readInt32(); - } - -}; - -IMPLEMENT_META_INTERFACE(UserManager, "android.os.IUserManager"); - -}; // namespace android - diff --git a/gatekeeperd/IUserManager.h b/gatekeeperd/IUserManager.h deleted file mode 100644 index 640e9b511..000000000 --- a/gatekeeperd/IUserManager.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (C) 2015 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef IUSERMANAGER_H_ -#define IUSERMANAGER_H_ - -#include <inttypes.h> -#include <utils/Errors.h> -#include <binder/IInterface.h> -#include <binder/Parcel.h> -#include <utils/Vector.h> - -namespace android { - -/* -* Communication channel to UserManager -*/ -class IUserManager : public IInterface { - public: - // must be kept in sync with IUserManager.aidl - enum { - GET_CREDENTIAL_OWNER_PROFILE = IBinder::FIRST_CALL_TRANSACTION + 0, - }; - - virtual int32_t getCredentialOwnerProfile(int32_t user_id) = 0; - - DECLARE_META_INTERFACE(UserManager); -}; - -}; // namespace android - -#endif // IUSERMANAGER_H_ - diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp index c6369f9ed..184c6d222 100644 --- a/gatekeeperd/gatekeeperd.cpp +++ b/gatekeeperd/gatekeeperd.cpp @@ -37,7 +37,6 @@ #include <utils/String16.h> #include "SoftGateKeeperDevice.h" -#include "IUserManager.h" #include <hidl/HidlSupport.h> #include <android/hardware/gatekeeper/1.0/IGatekeeper.h> @@ -334,23 +333,7 @@ public: return ret; } - virtual uint64_t getSecureUserId(uint32_t uid) { - uint64_t sid = read_sid(uid); - if (sid == 0) { - // might be a work profile, look up the parent - sp<IServiceManager> sm = defaultServiceManager(); - sp<IBinder> binder = sm->getService(String16("user")); - sp<IUserManager> um = interface_cast<IUserManager>(binder); - int32_t parent = um->getCredentialOwnerProfile(uid); - if (parent < 0) { - return 0; - } else if (parent != (int32_t) uid) { - return read_sid(parent); - } - } - return sid; - - } + virtual uint64_t getSecureUserId(uint32_t uid) { return read_sid(uid); } virtual void clearSecureUserId(uint32_t uid) { IPCThreadState* ipc = IPCThreadState::self(); |