commit ada6ce9436e2d4b466dabb5fc10b822cf482a9ce
author Eric Biggers <ebiggers@google.com> Tue Dec 12 23:18:01 2023 +0000
committer Eric Biggers <ebiggers@google.com> Tue Dec 12 23:45:06 2023 +0000
tree 523e0dca17e2d1c61c8281159704c28e62fa2e2e
parent 91755c24d0d4f74a8a86a6614b2136c4eb42111c

Sync tieProfileLockIfNecessary() with internal main

The internal-first commit ab75d2ceb232 (http://ag/23150174) modified
tieProfileLockIfNecessary(), which is now causing conflicts.  As the
modification to tieProfileLockIfNecessary() (which simply made it not
crash when called with a profile that does not have a parent) does not
depend on the rest of the change, cherry-pick it separately.

Test: atest com.android.server.locksettings
Merged-In: Ib0e4e52c10f0e95913ddfde606d6995de3538f27
Change-Id: I323811363d8801d4f0bc84f241ad042f45bb3358

services/core/java/com/android/server/locksettings/LockSettingsService.java

diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
index c3049dbc..0dc4467 100644
--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
+++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
@@ -433,11 +433,14 @@
         if (mStorage.hasChildProfileLock(profileUserId)) {
             return;
         }
+        final UserInfo parent = mUserManager.getProfileParent(profileUserId);
+        if (parent == null) {
+            return;
+        }
         // If parent does not have a screen lock, simply clear credential from the profile,
         // to maintain the invariant that unified profile should always have the same secure state
         // as its parent.
-        final int parentId = mUserManager.getProfileParent(profileUserId).id;
-        if (!isUserSecure(parentId) && !profileUserPassword.isNone()) {
+        if (!isUserSecure(parent.id) && !profileUserPassword.isNone()) {
             Slogf.i(TAG, "Clearing password for profile user %d to match parent", profileUserId);
             setLockCredentialInternal(LockscreenCredential.createNone(), profileUserPassword,
                     profileUserId, /* isLockTiedToParent= */ true);
@@ -448,7 +451,7 @@
         // This can only happen during an upgrade path where SID is yet to be
         // generated when the user unlocks for the first time.
         try {
-            parentSid = getGateKeeperService().getSecureUserId(parentId);
+            parentSid = getGateKeeperService().getSecureUserId(parent.id);
             if (parentSid == 0) {
                 return;
             }
@@ -459,7 +462,7 @@
         try (LockscreenCredential unifiedProfilePassword = generateRandomProfilePassword()) {
             setLockCredentialInternal(unifiedProfilePassword, profileUserPassword, profileUserId,
                     /* isLockTiedToParent= */ true);
-            tieProfileLockToParent(profileUserId, parentId, unifiedProfilePassword);
+            tieProfileLockToParent(profileUserId, parent.id, unifiedProfilePassword);
             mManagedProfilePasswordCache.storePassword(profileUserId, unifiedProfilePassword,
                     parentSid);
         }