From bdc58c66af3440f963731cdcdf820d7108d9f98a Mon Sep 17 00:00:00 2001 From: Fyodor Kupolov Date: Thu, 29 Jan 2015 13:24:03 -0800 Subject: Removed userHandle from setXXX methods User handle is now extracted from UID of the calling process. Previously setXXX methods may not work properly, if userHandle parameter was different from a user of the calling process. In practice, this wouldn't have happened because setters were always called with a userHandle of the caller process. Bug:17202572 Change-Id: I1c08c54c975a04b8c54719a1e280ad3cfaff2e67 --- .../devicepolicy/DevicePolicyManagerService.java | 86 +++++++++++----------- 1 file changed, 41 insertions(+), 45 deletions(-) (limited to 'services/devicepolicy/java/com/android') diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index e4d0b77..5845363 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -1914,12 +1914,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordQuality(ComponentName who, int quality, int userHandle) { + public void setPasswordQuality(ComponentName who, int quality) { if (!mHasFeature) { return; } + final int userHandle = UserHandle.getCallingUserId(); validateQualityConstant(quality); - enforceCrossUserPermission(userHandle); synchronized (this) { if (who == null) { @@ -1963,11 +1963,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordMinimumLength(ComponentName who, int length, int userHandle) { + public void setPasswordMinimumLength(ComponentName who, int length) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2010,11 +2010,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordHistoryLength(ComponentName who, int length, int userHandle) { + public void setPasswordHistoryLength(ComponentName who, int length) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2057,11 +2057,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordExpirationTimeout(ComponentName who, long timeout, int userHandle) { + public void setPasswordExpirationTimeout(ComponentName who, long timeout) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2226,11 +2226,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordMinimumUpperCase(ComponentName who, int length, int userHandle) { + public void setPasswordMinimumUpperCase(ComponentName who, int length) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2273,8 +2273,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordMinimumLowerCase(ComponentName who, int length, int userHandle) { - enforceCrossUserPermission(userHandle); + public void setPasswordMinimumLowerCase(ComponentName who, int length) { + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2317,11 +2317,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordMinimumLetters(ComponentName who, int length, int userHandle) { + public void setPasswordMinimumLetters(ComponentName who, int length) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2364,11 +2364,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordMinimumNumeric(ComponentName who, int length, int userHandle) { + public void setPasswordMinimumNumeric(ComponentName who, int length) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2411,11 +2411,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordMinimumSymbols(ComponentName who, int length, int userHandle) { + public void setPasswordMinimumSymbols(ComponentName who, int length) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2458,11 +2458,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setPasswordMinimumNonLetter(ComponentName who, int length, int userHandle) { + public void setPasswordMinimumNonLetter(ComponentName who, int length) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2522,8 +2522,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { // This API can only be called by an active device admin, // so try to retrieve it to check that the caller is one. - getActiveAdminForCallerLocked(null, - DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD); + getActiveAdminForCallerLocked(null, DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD); if (policy.mActivePasswordQuality < getPasswordQuality(null, userHandle) || policy.mActivePasswordLength < getPasswordMinimumLength(null, userHandle)) { return false; @@ -2556,11 +2555,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - public void setMaximumFailedPasswordsForWipe(ComponentName who, int num, int userHandle) { + public void setMaximumFailedPasswordsForWipe(ComponentName who, int num) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -2632,11 +2631,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return strictestAdmin; } - public boolean resetPassword(String passwordOrNull, int flags, int userHandle) { + public boolean resetPassword(String passwordOrNull, int flags) { if (!mHasFeature) { return false; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); enforceNotManagedProfile(userHandle, "reset the password"); String password = passwordOrNull != null ? passwordOrNull : ""; @@ -2767,11 +2766,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return true; } - public void setMaximumTimeToLock(ComponentName who, long timeMs, int userHandle) { + public void setMaximumTimeToLock(ComponentName who, long timeMs) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -3231,11 +3230,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } public ComponentName setGlobalProxy(ComponentName who, String proxySpec, - String exclusionList, int userHandle) { + String exclusionList) { if (!mHasFeature) { return null; } - enforceCrossUserPermission(userHandle); synchronized(this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -3261,7 +3259,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { // If the user is not the owner, don't set the global proxy. Fail silently. if (UserHandle.getCallingUserId() != UserHandle.USER_OWNER) { Slog.w(LOG_TAG, "Only the owner is allowed to set the global proxy. User " - + userHandle + " is not permitted."); + + UserHandle.getCallingUserId() + " is not permitted."); return null; } if (proxySpec == null) { @@ -3371,11 +3369,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { * Set the storage encryption request for a single admin. Returns the new total request * status (for all admins). */ - public int setStorageEncryption(ComponentName who, boolean encrypt, int userHandle) { + public int setStorageEncryption(ComponentName who, boolean encrypt) { if (!mHasFeature) { return DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { // Check for permissions if (who == null) { @@ -3507,11 +3505,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { /** * Set whether the screen capture is disabled for the user managed by the specified admin. */ - public void setScreenCaptureDisabled(ComponentName who, int userHandle, boolean disabled) { + public void setScreenCaptureDisabled(ComponentName who, boolean disabled) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -3566,11 +3564,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { /** * Set whether auto time is required by the specified admin (must be device owner). */ - public void setAutoTimeRequired(ComponentName who, int userHandle, boolean required) { + public void setAutoTimeRequired(ComponentName who, boolean required) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -3617,11 +3615,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { /** * Disables all device cameras according to the specified admin. */ - public void setCameraDisabled(ComponentName who, boolean disabled, int userHandle) { + public void setCameraDisabled(ComponentName who, boolean disabled) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); @@ -3666,11 +3664,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { /** * Selectively disable keyguard features. */ - public void setKeyguardDisabledFeatures(ComponentName who, int which, int userHandle) { + public void setKeyguardDisabledFeatures(ComponentName who, int which) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); enforceNotManagedProfile(userHandle, "disable keyguard features"); synchronized (this) { if (who == null) { @@ -4216,11 +4214,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } public void setTrustAgentConfiguration(ComponentName admin, ComponentName agent, - PersistableBundle args, int userHandle) { + PersistableBundle args) { if (!mHasFeature) { return; } - enforceCrossUserPermission(userHandle); + final int userHandle = UserHandle.getCallingUserId(); enforceNotManagedProfile(userHandle, "set trust agent configuration"); synchronized (this) { if (admin == null) { @@ -5361,8 +5359,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @Override public void setMasterVolumeMuted(ComponentName who, boolean on) { - final ContentResolver contentResolver = mContext.getContentResolver(); - synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); -- cgit v1.1