diff options
author | Andres Morales | 2015-04-16 17:57:17 -0500 |
---|---|---|
committer | Andres Morales | 2015-04-16 17:57:17 -0500 |
commit | 7c9c3bc9c2d3f98ff839f73dc76750dc23693eae (patch) | |
tree | 4f243ac382dd3eef1780b36542dd184e05e604be /gatekeeperd | |
parent | 6a49c2fa4371cad600f4a96da3d1644df862d2a5 (diff) | |
download | platform-system-core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.tar.gz platform-system-core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.tar.xz platform-system-core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.zip |
Implement clear SID API
Change-Id: I4ada55674edff32d3e39d460070e03abbf847359
Diffstat (limited to 'gatekeeperd')
-rw-r--r-- | gatekeeperd/IGateKeeperService.cpp | 7 | ||||
-rw-r--r-- | gatekeeperd/IGateKeeperService.h | 6 | ||||
-rw-r--r-- | gatekeeperd/gatekeeperd.cpp | 11 |
3 files changed, 24 insertions, 0 deletions
diff --git a/gatekeeperd/IGateKeeperService.cpp b/gatekeeperd/IGateKeeperService.cpp index d4ed53377..f5bbbf1f2 100644 --- a/gatekeeperd/IGateKeeperService.cpp +++ b/gatekeeperd/IGateKeeperService.cpp | |||
@@ -123,6 +123,13 @@ status_t BnGateKeeperService::onTransact( | |||
123 | reply->writeInt64(sid); | 123 | reply->writeInt64(sid); |
124 | return NO_ERROR; | 124 | return NO_ERROR; |
125 | } | 125 | } |
126 | case CLEAR_SECURE_USER_ID: { | ||
127 | CHECK_INTERFACE(IGateKeeperService, data, reply); | ||
128 | uint32_t uid = data.readInt32(); | ||
129 | clearSecureUserId(uid); | ||
130 | reply->writeNoException(); | ||
131 | return NO_ERROR; | ||
132 | } | ||
126 | default: | 133 | default: |
127 | return BBinder::onTransact(code, data, reply, flags); | 134 | return BBinder::onTransact(code, data, reply, flags); |
128 | } | 135 | } |
diff --git a/gatekeeperd/IGateKeeperService.h b/gatekeeperd/IGateKeeperService.h index 51e179d10..a7773187e 100644 --- a/gatekeeperd/IGateKeeperService.h +++ b/gatekeeperd/IGateKeeperService.h | |||
@@ -32,6 +32,7 @@ public: | |||
32 | VERIFY = IBinder::FIRST_CALL_TRANSACTION + 1, | 32 | VERIFY = IBinder::FIRST_CALL_TRANSACTION + 1, |
33 | VERIFY_CHALLENGE = IBinder::FIRST_CALL_TRANSACTION + 2, | 33 | VERIFY_CHALLENGE = IBinder::FIRST_CALL_TRANSACTION + 2, |
34 | GET_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 3, | 34 | GET_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 3, |
35 | CLEAR_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 4, | ||
35 | }; | 36 | }; |
36 | 37 | ||
37 | // DECLARE_META_INTERFACE - C++ client interface not needed | 38 | // DECLARE_META_INTERFACE - C++ client interface not needed |
@@ -70,6 +71,11 @@ public: | |||
70 | * Returns the secure user ID for the provided android user | 71 | * Returns the secure user ID for the provided android user |
71 | */ | 72 | */ |
72 | virtual uint64_t getSecureUserId(uint32_t uid) = 0; | 73 | virtual uint64_t getSecureUserId(uint32_t uid) = 0; |
74 | |||
75 | /** | ||
76 | * Clears the secure user ID associated with the user. | ||
77 | */ | ||
78 | virtual void clearSecureUserId(uint32_t uid) = 0; | ||
73 | }; | 79 | }; |
74 | 80 | ||
75 | // ---------------------------------------------------------------------------- | 81 | // ---------------------------------------------------------------------------- |
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp index 82aa422dd..a24250464 100644 --- a/gatekeeperd/gatekeeperd.cpp +++ b/gatekeeperd/gatekeeperd.cpp | |||
@@ -173,6 +173,17 @@ public: | |||
173 | return read_sid(uid); | 173 | return read_sid(uid); |
174 | } | 174 | } |
175 | 175 | ||
176 | virtual void clearSecureUserId(uint32_t uid) { | ||
177 | IPCThreadState* ipc = IPCThreadState::self(); | ||
178 | const int calling_pid = ipc->getCallingPid(); | ||
179 | const int calling_uid = ipc->getCallingUid(); | ||
180 | if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) { | ||
181 | ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid); | ||
182 | return; | ||
183 | } | ||
184 | store_sid(uid, 0); | ||
185 | } | ||
186 | |||
176 | virtual status_t dump(int fd, const Vector<String16> &) { | 187 | virtual status_t dump(int fd, const Vector<String16> &) { |
177 | IPCThreadState* ipc = IPCThreadState::self(); | 188 | IPCThreadState* ipc = IPCThreadState::self(); |
178 | const int pid = ipc->getCallingPid(); | 189 | const int pid = ipc->getCallingPid(); |