summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorRobin Lee <rgl@google.com>2014-09-02 14:53:50 +0100
committerRobin Lee <rgl@google.com>2014-09-02 17:22:50 +0100
commit93772c3bc4a51019792e88c2a2e451f20895d73a (patch)
tree6d10281a29f1f1fa325175c15858e0b1460ad843 /src
parentc78c452496bd346dce7fa65f13a402c641668321 (diff)
downloadandroid_packages_apps_KeyChain-93772c3bc4a51019792e88c2a2e451f20895d73a.tar.gz
android_packages_apps_KeyChain-93772c3bc4a51019792e88c2a2e451f20895d73a.tar.bz2
android_packages_apps_KeyChain-93772c3bc4a51019792e88c2a2e451f20895d73a.zip
Tag keystore aliases with user-specific SYSTEM_UID
Now copies what keystore does - any requests coming from non-owner userIds were being broken by aliases having the wrong UID prefixed onto them. Bug: 17323993 Change-Id: Iece3b6aa17701347299abefeaa0fcdbb59e97154
Diffstat (limited to 'src')
-rw-r--r--src/com/android/keychain/KeyChainService.java5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/com/android/keychain/KeyChainService.java b/src/com/android/keychain/KeyChainService.java
index 2564d03..6e77357 100644
--- a/src/com/android/keychain/KeyChainService.java
+++ b/src/com/android/keychain/KeyChainService.java
@@ -28,6 +28,7 @@ import android.database.sqlite.SQLiteOpenHelper;
import android.os.Binder;
import android.os.IBinder;
import android.os.Process;
+import android.os.UserHandle;
import android.os.UserManager;
import android.security.Credentials;
import android.security.IKeyChainService;
@@ -94,9 +95,11 @@ public class KeyChainService extends IntentService {
if (!mKeyStore.grant(keystoreAlias, uid)) {
return null;
}
+ final int userHandle = UserHandle.getUserId(uid);
+ final int systemUidForUser = UserHandle.getUid(userHandle, Process.SYSTEM_UID);
final StringBuilder sb = new StringBuilder();
- sb.append(Process.SYSTEM_UID);
+ sb.append(systemUidForUser);
sb.append('_');
sb.append(keystoreAlias);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-01 15:31:32 +0000