diff options
author | Makoto Onuki <omakoto@google.com> | 2017-01-04 14:36:59 -0800 |
---|---|---|
committer | Sean McCreary <mccreary@mcwest.org> | 2017-04-06 16:27:03 -0600 |
commit | d81dca8b1a4786940cfcb8c7aeba72ab541bd58a (patch) | |
tree | 1821edceea0215ea66c580673c9d05a615c21126 | |
parent | e53c4cb312e5bd0f5ef8415a6c476e59f060b639 (diff) | |
download | frameworks_base-d81dca8b1a4786940cfcb8c7aeba72ab541bd58a.zip frameworks_base-d81dca8b1a4786940cfcb8c7aeba72ab541bd58a.tar.gz frameworks_base-d81dca8b1a4786940cfcb8c7aeba72ab541bd58a.tar.bz2 |
Do not call RecoverySystem with DPMS lock held
Note DPM.wipeData() on a secondary user is now blocking, just like
it's been always blocking on the primary user.
Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user,
2) a secondary user and 3) work profile.
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Bug 30681079
AOSP-Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838
Merged-in: Ib97a92a6af87a5589d2643b9ae0522395735e1a5
CVE-2017-0560
Change-Id: Icc6a5e655ed184e2a386e79bd5cf2c231f22e403
(cherry picked from commit efdec8f5688ce6b0a287eddb6d5dad93ffa0e1ee)
-rw-r--r-- | services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java | 60 |
1 files changed, 33 insertions, 27 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 302d23a..911862e 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -3322,7 +3322,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - private void wipeDataLocked(boolean wipeExtRequested, String reason) { + private void wipeDataNoLock(boolean wipeExtRequested, String reason) { if (wipeExtRequested) { StorageManager sm = (StorageManager) mContext.getSystemService( Context.STORAGE_SERVICE); @@ -3341,13 +3341,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return; } enforceCrossUserPermission(userHandle); + + final String source; synchronized (this) { // This API can only be called by an active device admin, // so try to retrieve it to check that the caller is one. final ActiveAdmin admin = getActiveAdminForCallerLocked(null, DeviceAdminInfo.USES_POLICY_WIPE_DATA); - final String source; final ComponentName cname = admin.info.getComponent(); if (cname != null) { source = cname.flattenToShortString(); @@ -3372,39 +3373,44 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { manager.wipe(); } } - boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0; - wipeDeviceOrUserLocked(wipeExtRequested, userHandle, - "DevicePolicyManager.wipeData() from " + source); } finally { Binder.restoreCallingIdentity(ident); } } + final boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0; + wipeDeviceNoLock(wipeExtRequested, userHandle, + "DevicePolicyManager.wipeData() from " + source); } - private void wipeDeviceOrUserLocked(boolean wipeExtRequested, final int userHandle, String reason) { - if (userHandle == UserHandle.USER_OWNER) { - wipeDataLocked(wipeExtRequested, reason); - } else { - mHandler.post(new Runnable() { - @Override - public void run() { - try { - IActivityManager am = ActivityManagerNative.getDefault(); - if (am.getCurrentUser().id == userHandle) { - am.switchUser(UserHandle.USER_OWNER); - } + private void wipeDeviceNoLock(boolean wipeExtRequested, final int userHandle, String reason) { + final long ident = Binder.clearCallingIdentity(); + try { + if (userHandle == UserHandle.USER_OWNER) { + wipeDataNoLock(wipeExtRequested, reason); + } else { + mHandler.post(new Runnable() { + @Override + public void run() { + try { + IActivityManager am = ActivityManagerNative.getDefault(); + if (am.getCurrentUser().id == userHandle) { + am.switchUser(UserHandle.USER_OWNER); + } - boolean isManagedProfile = isManagedProfile(userHandle); - if (!mUserManager.removeUser(userHandle)) { - Slog.w(LOG_TAG, "Couldn't remove user " + userHandle); - } else if (isManagedProfile) { - sendWipeProfileNotification(); + boolean isManagedProfile = isManagedProfile(userHandle); + if (!mUserManager.removeUser(userHandle)) { + Slog.w(LOG_TAG, "Couldn't remove user " + userHandle); + } else if (isManagedProfile) { + sendWipeProfileNotification(); + } + } catch (RemoteException re) { + // Shouldn't happen } - } catch (RemoteException re) { - // Shouldn't happen } - } - }); + }); + } + } finally { + Binder.restoreCallingIdentity(ident); } } @@ -3562,7 +3568,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } if (wipeData) { // Call without holding lock. - wipeDeviceOrUserLocked(false, identifier, + wipeDeviceNoLock(false, identifier, "reportFailedPasswordAttempt()"); } } finally { |