From 7c9c3bc9c2d3f98ff839f73dc76750dc23693eae Mon Sep 17 00:00:00 2001
From: Andres Morales <anmorales@google.com>
Date: Thu, 16 Apr 2015 15:57:17 -0700
Subject: Implement clear SID API

Change-Id: I4ada55674edff32d3e39d460070e03abbf847359
---
 gatekeeperd/gatekeeperd.cpp | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'gatekeeperd/gatekeeperd.cpp')

diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index 82aa422..a242504 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -173,6 +173,17 @@ public:
         return read_sid(uid);
     }
 
+    virtual void clearSecureUserId(uint32_t uid) {
+        IPCThreadState* ipc = IPCThreadState::self();
+        const int calling_pid = ipc->getCallingPid();
+        const int calling_uid = ipc->getCallingUid();
+        if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
+            ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid);
+            return;
+        }
+        store_sid(uid, 0);
+    }
+
     virtual status_t dump(int fd, const Vector<String16> &) {
         IPCThreadState* ipc = IPCThreadState::self();
         const int pid = ipc->getCallingPid();
-- 
cgit v1.1