Implement clear SID API

Change-Id: I4ada55674edff32d3e39d460070e03abbf847359
author: Andres Morales <anmorales@google.com> 2015-04-16 15:57:17 -0700
committer: Andres Morales <anmorales@google.com> 2015-04-16 15:57:17 -0700
commit: 7c9c3bc9c2d3f98ff839f73dc76750dc23693eae (patch)
tree: 4f243ac382dd3eef1780b36542dd184e05e604be /gatekeeperd/gatekeeperd.cpp
parent: 6a49c2fa4371cad600f4a96da3d1644df862d2a5 (diff)
download: system_core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.zip
system_core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.tar.gz
system_core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.tar.bz2
1 files changed, 11 insertions, 0 deletions
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index 82aa422..a242504 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -173,6 +173,17 @@ public:
         return read_sid(uid);
     }
 
+    virtual void clearSecureUserId(uint32_t uid) {
+        IPCThreadState* ipc = IPCThreadState::self();
+        const int calling_pid = ipc->getCallingPid();
+        const int calling_uid = ipc->getCallingUid();
+        if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
+            ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid);
+            return;
+        }
+        store_sid(uid, 0);
+    }
+
     virtual status_t dump(int fd, const Vector<String16> &) {
         IPCThreadState* ipc = IPCThreadState::self();
         const int pid = ipc->getCallingPid();
author	Andres Morales <anmorales@google.com>	2015-04-16 15:57:17 -0700
committer	Andres Morales <anmorales@google.com>	2015-04-16 15:57:17 -0700
commit	7c9c3bc9c2d3f98ff839f73dc76750dc23693eae (patch)
tree	4f243ac382dd3eef1780b36542dd184e05e604be /gatekeeperd/gatekeeperd.cpp
parent	6a49c2fa4371cad600f4a96da3d1644df862d2a5 (diff)
download	system_core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.zip system_core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.tar.gz system_core-7c9c3bc9c2d3f98ff839f73dc76750dc23693eae.tar.bz2