Add permission check on onKeyguardVisibilityChanged
Without this permission check any app can toggle the locked state of
keymaster once it has been unlocked for the first time.
Bug: 144285084
Test: Manually tested with debugger that the requred code paths are
run.
Change-Id: Idb8a200dc2963e1085e9fddd0c565c5172465e65
Merged-In: Idb8a200dc2963e1085e9fddd0c565c5172465e65
(cherry picked from commit 21f452c3722ad7fa39c7d84c4723bcbb723ab164)
(cherry picked from commit 3cac4c660ad0392c34f0c688bfc188a10d4f28d3)
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index bc07c21..6b26b57 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -2344,15 +2344,24 @@
}
Status KeyStoreService::onKeyguardVisibilityChanged(bool isShowing, int32_t userId,
- int32_t* aidl_return) {
+ int32_t* _aidl_return) {
KEYSTORE_SERVICE_LOCK;
- enforcement_policy.set_device_locked(isShowing, userId);
- if (!isShowing) {
+ if (isShowing) {
+ if (!checkBinderPermission(P_LOCK, UID_SELF)) {
+ LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == true but "
+ "without LOCK permission";
+ return AIDL_RETURN(ResponseCode::PERMISSION_DENIED);
+ }
+ } else {
+ if (!checkBinderPermission(P_UNLOCK, UID_SELF)) {
+ LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == false but "
+ "without UNLOCK permission";
+ return AIDL_RETURN(ResponseCode::PERMISSION_DENIED);
+ }
mActiveUserId = userId;
}
- *aidl_return = static_cast<int32_t>(ResponseCode::NO_ERROR);
-
- return Status::ok();
+ enforcement_policy.set_device_locked(isShowing, userId);
+ return AIDL_RETURN(ResponseCode::NO_ERROR);
}
} // namespace keystore