diff options
author | Robin Lee <rgl@google.com> | 2014-09-02 14:53:50 +0100 |
---|---|---|
committer | Robin Lee <rgl@google.com> | 2014-09-02 17:22:50 +0100 |
commit | 93772c3bc4a51019792e88c2a2e451f20895d73a (patch) | |
tree | 6d10281a29f1f1fa325175c15858e0b1460ad843 /src | |
parent | c78c452496bd346dce7fa65f13a402c641668321 (diff) | |
download | android_packages_apps_KeyChain-93772c3bc4a51019792e88c2a2e451f20895d73a.tar.gz android_packages_apps_KeyChain-93772c3bc4a51019792e88c2a2e451f20895d73a.tar.bz2 android_packages_apps_KeyChain-93772c3bc4a51019792e88c2a2e451f20895d73a.zip |
Tag keystore aliases with user-specific SYSTEM_UID
Now copies what keystore does - any requests coming from non-owner
userIds were being broken by aliases having the wrong UID prefixed
onto them.
Bug: 17323993
Change-Id: Iece3b6aa17701347299abefeaa0fcdbb59e97154
Diffstat (limited to 'src')
-rw-r--r-- | src/com/android/keychain/KeyChainService.java | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/com/android/keychain/KeyChainService.java b/src/com/android/keychain/KeyChainService.java index 2564d03..6e77357 100644 --- a/src/com/android/keychain/KeyChainService.java +++ b/src/com/android/keychain/KeyChainService.java @@ -28,6 +28,7 @@ import android.database.sqlite.SQLiteOpenHelper; import android.os.Binder; import android.os.IBinder; import android.os.Process; +import android.os.UserHandle; import android.os.UserManager; import android.security.Credentials; import android.security.IKeyChainService; @@ -94,9 +95,11 @@ public class KeyChainService extends IntentService { if (!mKeyStore.grant(keystoreAlias, uid)) { return null; } + final int userHandle = UserHandle.getUserId(uid); + final int systemUidForUser = UserHandle.getUid(userHandle, Process.SYSTEM_UID); final StringBuilder sb = new StringBuilder(); - sb.append(Process.SYSTEM_UID); + sb.append(systemUidForUser); sb.append('_'); sb.append(keystoreAlias); |