diff options
| author | Amith Yamasani <yamasani@google.com> | 2014-10-17 11:16:58 -0700 |
|---|---|---|
| committer | Amith Yamasani <yamasani@google.com> | 2014-10-17 11:43:57 -0700 |
| commit | cd410ba4e816b657020cafb23e69206734726b42 (patch) | |
| tree | 9eaaf922204e95133d6468cdb31157237b80cfda | |
| parent | fe51197084ab70ea48a9ddf13ecc0d0afe81d0ea (diff) | |
| download | frameworks_base-cd410ba4e816b657020cafb23e69206734726b42.zip frameworks_base-cd410ba4e816b657020cafb23e69206734726b42.tar.gz frameworks_base-cd410ba4e816b657020cafb23e69206734726b42.tar.bz2 | |
Use the correct method to check if device is encrypted
DPM's method will return false if encrypted by default password,
preventing the changing of encryption password to lockscreen password.
Check if the device is encrypted by some means, instead.
Also fix a SecurityException when Device Admin queries encryption state
(recent regression)
Bug: 17881324
Change-Id: Id897e61c5e254ab3f8dc569285428a73005303ea
| -rw-r--r-- | core/java/com/android/internal/widget/LockPatternUtils.java | 5 | ||||
| -rw-r--r-- | services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java | 11 |
2 files changed, 9 insertions, 7 deletions
diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java index 9a1c9fc..412b4d2 100644 --- a/core/java/com/android/internal/widget/LockPatternUtils.java +++ b/core/java/com/android/internal/widget/LockPatternUtils.java @@ -728,12 +728,9 @@ public class LockPatternUtils { /** Update the encryption password if it is enabled **/ private void updateEncryptionPassword(final int type, final String password) { - DevicePolicyManager dpm = getDevicePolicyManager(); - if (dpm.getStorageEncryptionStatus(getCurrentOrCallingUserId()) - != DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE) { + if (!isDeviceEncryptionEnabled()) { return; } - final IBinder service = ServiceManager.getService("mount"); if (service == null) { Log.e(TAG, "Could not find the mount service to update the encryption password"); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index fc5c053..fe4b7b9 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -3390,9 +3390,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { private int getEncryptionStatus() { String status = SystemProperties.get("ro.crypto.state", "unsupported"); if ("encrypted".equalsIgnoreCase(status)) { - return LockPatternUtils.isDeviceEncrypted() - ? DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE - : DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE; + final long token = Binder.clearCallingIdentity(); + try { + return LockPatternUtils.isDeviceEncrypted() + ? DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE + : DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE; + } finally { + Binder.restoreCallingIdentity(token); + } } else if ("unencrypted".equalsIgnoreCase(status)) { return DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE; } else { |