commit a31c23da300b5d1f4b1fc261bb0dcb1fee9b61f1
author Andres Morales <anmorales@google.com> Thu Oct 30 15:31:31 2014 -0700
committer Andres Morales <anmorales@google.com> Fri Oct 31 15:49:35 2014 -0700
tree 818b5d62cca32a9f37de590283a40abf2eb6106a
parent e8f676c0e580f5ffffbc23befd4b4ffac0d0a332

Only allow USER_OWNER to access PDB and change OEM unlock ability

Bug:18191568
Change-Id: Ie09823945af04accead99216580efc958bf6aefe

services/core/java/com/android/server/PersistentDataBlockService.java

diff --git a/services/core/java/com/android/server/PersistentDataBlockService.java b/services/core/java/com/android/server/PersistentDataBlockService.java
index 6f378fd..de90aa2 100644
--- a/services/core/java/com/android/server/PersistentDataBlockService.java
+++ b/services/core/java/com/android/server/PersistentDataBlockService.java
@@ -72,7 +72,7 @@
     private final String mDataBlockFile;
     private final Object mLock = new Object();
 
-    private int mAllowedAppId = -1;
+    private int mAllowedUid = -1;
     /*
      * Separate lock for OEM unlock related operations as they can happen in parallel with regular
      * block operations.
@@ -86,11 +86,11 @@
         mContext = context;
         mDataBlockFile = SystemProperties.get(PERSISTENT_DATA_BLOCK_PROP);
         mBlockDeviceSize = -1; // Load lazily
-        mAllowedAppId = getAllowedAppId(UserHandle.USER_OWNER);
+        mAllowedUid = getAllowedUid(UserHandle.USER_OWNER);
     }
 
 
-    private int getAllowedAppId(int userHandle) {
+    private int getAllowedUid(int userHandle) {
         String allowedPackage = mContext.getResources()
                 .getString(R.string.config_persistentDataPackageName);
         PackageManager pm = mContext.getPackageManager();
@@ -101,7 +101,7 @@
             // not expected
             Slog.e(TAG, "not able to find package " + allowedPackage, e);
         }
-        return UserHandle.getAppId(allowedUid);
+        return allowedUid;
     }
 
     @Override
@@ -116,11 +116,17 @@
     }
 
     private void enforceUid(int callingUid) {
-        if (UserHandle.getAppId(callingUid) != mAllowedAppId) {
+        if (callingUid != mAllowedUid) {
             throw new SecurityException("uid " + callingUid + " not allowed to access PST");
         }
     }
 
+    private void enforceIsOwner() {
+        if (!Binder.getCallingUserHandle().isOwner()) {
+            throw new SecurityException("Only the Owner is allowed to change OEM unlock state");
+        }
+    }
+
     private int getTotalDataSizeLocked(DataInputStream inputStream) throws IOException {
         int totalDataSize;
         int blockId = inputStream.readInt();
@@ -249,6 +255,7 @@
                 return;
             }
             enforceOemUnlockPermission();
+            enforceIsOwner();
             FileOutputStream outputStream;
             try {
                 outputStream = new FileOutputStream(new File(mDataBlockFile));