From d81dca8b1a4786940cfcb8c7aeba72ab541bd58a Mon Sep 17 00:00:00 2001 From: Makoto Onuki Date: Wed, 4 Jan 2017 14:36:59 -0800 Subject: Do not call RecoverySystem with DPMS lock held Note DPM.wipeData() on a secondary user is now blocking, just like it's been always blocking on the primary user. Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user, 2) a secondary user and 3) work profile. Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests Bug 30681079 AOSP-Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838 Merged-in: Ib97a92a6af87a5589d2643b9ae0522395735e1a5 CVE-2017-0560 Change-Id: Icc6a5e655ed184e2a386e79bd5cf2c231f22e403 (cherry picked from commit efdec8f5688ce6b0a287eddb6d5dad93ffa0e1ee) --- .../devicepolicy/DevicePolicyManagerService.java | 60 ++++++++++++---------- 1 file changed, 33 insertions(+), 27 deletions(-) diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 302d23a..911862e 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -3322,7 +3322,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - private void wipeDataLocked(boolean wipeExtRequested, String reason) { + private void wipeDataNoLock(boolean wipeExtRequested, String reason) { if (wipeExtRequested) { StorageManager sm = (StorageManager) mContext.getSystemService( Context.STORAGE_SERVICE); @@ -3341,13 +3341,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return; } enforceCrossUserPermission(userHandle); + + final String source; synchronized (this) { // This API can only be called by an active device admin, // so try to retrieve it to check that the caller is one. final ActiveAdmin admin = getActiveAdminForCallerLocked(null, DeviceAdminInfo.USES_POLICY_WIPE_DATA); - final String source; final ComponentName cname = admin.info.getComponent(); if (cname != null) { source = cname.flattenToShortString(); @@ -3372,39 +3373,44 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { manager.wipe(); } } - boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0; - wipeDeviceOrUserLocked(wipeExtRequested, userHandle, - "DevicePolicyManager.wipeData() from " + source); } finally { Binder.restoreCallingIdentity(ident); } } + final boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0; + wipeDeviceNoLock(wipeExtRequested, userHandle, + "DevicePolicyManager.wipeData() from " + source); } - private void wipeDeviceOrUserLocked(boolean wipeExtRequested, final int userHandle, String reason) { - if (userHandle == UserHandle.USER_OWNER) { - wipeDataLocked(wipeExtRequested, reason); - } else { - mHandler.post(new Runnable() { - @Override - public void run() { - try { - IActivityManager am = ActivityManagerNative.getDefault(); - if (am.getCurrentUser().id == userHandle) { - am.switchUser(UserHandle.USER_OWNER); - } + private void wipeDeviceNoLock(boolean wipeExtRequested, final int userHandle, String reason) { + final long ident = Binder.clearCallingIdentity(); + try { + if (userHandle == UserHandle.USER_OWNER) { + wipeDataNoLock(wipeExtRequested, reason); + } else { + mHandler.post(new Runnable() { + @Override + public void run() { + try { + IActivityManager am = ActivityManagerNative.getDefault(); + if (am.getCurrentUser().id == userHandle) { + am.switchUser(UserHandle.USER_OWNER); + } - boolean isManagedProfile = isManagedProfile(userHandle); - if (!mUserManager.removeUser(userHandle)) { - Slog.w(LOG_TAG, "Couldn't remove user " + userHandle); - } else if (isManagedProfile) { - sendWipeProfileNotification(); + boolean isManagedProfile = isManagedProfile(userHandle); + if (!mUserManager.removeUser(userHandle)) { + Slog.w(LOG_TAG, "Couldn't remove user " + userHandle); + } else if (isManagedProfile) { + sendWipeProfileNotification(); + } + } catch (RemoteException re) { + // Shouldn't happen } - } catch (RemoteException re) { - // Shouldn't happen } - } - }); + }); + } + } finally { + Binder.restoreCallingIdentity(ident); } } @@ -3562,7 +3568,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } if (wipeData) { // Call without holding lock. - wipeDeviceOrUserLocked(false, identifier, + wipeDeviceNoLock(false, identifier, "reportFailedPasswordAttempt()"); } } finally { -- cgit v1.1