From 5a110cf4720b74526880f78056bff863b3954c19 Mon Sep 17 00:00:00 2001
From: Sudheer Shanka <sudheersai@google.com>
Date: Wed, 8 Jun 2016 17:13:24 -0700
Subject: Reduce shell power over user management.

Remove MANAGE_USERS permission from shell and whitelist it for
some specific functionality.

Bug: 29189712
Change-Id: Ifb37448c091af91991964511e3efb1bb4dea1ff3
---
 packages/Shell/AndroidManifest.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'packages')

diff --git a/packages/Shell/AndroidManifest.xml b/packages/Shell/AndroidManifest.xml
index b9daf59..6a20733 100644
--- a/packages/Shell/AndroidManifest.xml
+++ b/packages/Shell/AndroidManifest.xml
@@ -89,7 +89,7 @@
     <uses-permission android:name="android.permission.WRITE_MEDIA_STORAGE" />
     <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS" />
     <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" />
-    <uses-permission android:name="android.permission.MANAGE_USERS" />
+    <uses-permission android:name="android.permission.CREATE_USERS" />
     <uses-permission android:name="android.permission.MANAGE_DEVICE_ADMINS" />
     <uses-permission android:name="android.permission.BLUETOOTH_STACK" />
     <uses-permission android:name="android.permission.GET_ACCOUNTS" />
-- 
cgit v1.1


From 3d2b855e53776b4406e1fb01f6198be89c9f8114 Mon Sep 17 00:00:00 2001
From: Jim Miller <jaggies@google.com>
Date: Thu, 18 Aug 2016 20:22:33 -0700
Subject: Bind fingerprint when we start authentication - DO NOT MERGE

This fixes a bug where it was possible to authenticate the wrong user.
We now bind the userId when we start authentication and confirm it when
authentication completes.

Fixes bug 30744668

Change-Id: I346d92c301414ed81e11fa9c171584c7ae4341c2
(cherry picked from commit b6f4b48df273d210d13631b4c2426482feb40c97)
---
 .../Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'packages')

diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java
index 57ee319..f31df51 100644
--- a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java
+++ b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java
@@ -430,7 +430,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
         }
     }
 
-    private void handleFingerprintAuthenticated() {
+
+    private void handleFingerprintAuthenticated(int authUserId) {
         try {
             final int userId;
             try {
@@ -439,6 +440,10 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
                 Log.e(TAG, "Failed to get current user id: ", e);
                 return;
             }
+            if (userId != authUserId) {
+                Log.d(TAG, "Fingerprint authenticated for wrong user: " + authUserId);
+                return;
+            }
             if (isFingerprintDisabled(userId)) {
                 Log.d(TAG, "Fingerprint disabled by DPM for userId: " + userId);
                 return;
@@ -705,7 +710,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
 
         @Override
         public void onAuthenticationSucceeded(AuthenticationResult result) {
-            handleFingerprintAuthenticated();
+            handleFingerprintAuthenticated(result.getUserId());
         }
 
         @Override
-- 
cgit v1.1