diff options
| author | Jason parks <jparks@google.com> | 2011-01-21 11:59:15 -0800 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2011-01-21 11:59:15 -0800 |
| commit | 0512d080a5ae7eccb154be4302aaf4b5fb8aa5a6 (patch) | |
| tree | f0ee758511f4b7454ae993d8abfd0ca41901f676 | |
| parent | 0f2ef34b5a7158ab105edfb0d6c5904ae23e89fa (diff) | |
| parent | 8888c597c4bc3002e48738b6aea6fd43f69c0f78 (diff) | |
| download | frameworks_base-0512d080a5ae7eccb154be4302aaf4b5fb8aa5a6.zip frameworks_base-0512d080a5ae7eccb154be4302aaf4b5fb8aa5a6.tar.gz frameworks_base-0512d080a5ae7eccb154be4302aaf4b5fb8aa5a6.tar.bz2 | |
Merge "Add and enforce the permission for encrypting/decrypting." into honeycomb
| -rw-r--r-- | core/res/AndroidManifest.xml | 7 | ||||
| -rw-r--r-- | services/java/com/android/server/MountService.java | 9 |
2 files changed, 13 insertions, 3 deletions
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 9b890fa..08ce256 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -1284,6 +1284,13 @@ android:description="@string/permlab_copyProtectedData" android:protectionLevel="signature" /> + <!-- Internal permission protecting access to the encryption methods + @hide + --> + <permission android:name="android.permission.CRYPT_KEEPER" + android:protectionLevel="signatureOrSystem" /> + + <!-- C2DM permission. @hide Used internally. --> diff --git a/services/java/com/android/server/MountService.java b/services/java/com/android/server/MountService.java index d862585..7440f52 100644 --- a/services/java/com/android/server/MountService.java +++ b/services/java/com/android/server/MountService.java @@ -19,6 +19,7 @@ package com.android.server; import com.android.internal.app.IMediaContainerService; import com.android.server.am.ActivityManagerService; +import android.Manifest; import android.content.BroadcastReceiver; import android.content.ComponentName; import android.content.Context; @@ -1635,7 +1636,8 @@ class MountService extends IMountService.Stub implements INativeDaemonConnectorC throw new IllegalArgumentException("password cannot be null"); } - // TODO: Enforce a permission + mContext.enforceCallingOrSelfPermission(Manifest.permission.CRYPT_KEEPER, + "no permission to access the crypt keeper"); waitForReady(); @@ -1675,12 +1677,13 @@ class MountService extends IMountService.Stub implements INativeDaemonConnectorC throw new IllegalArgumentException("password cannot be null"); } - // TODO: Enforce a permission + mContext.enforceCallingOrSelfPermission(Manifest.permission.CRYPT_KEEPER, + "no permission to access the crypt keeper"); waitForReady(); if (DEBUG_EVENTS) { - Slog.i(TAG, "decrypting storage..."); + Slog.i(TAG, "encrypting storage..."); } try { |