Merge "Use correct call to get Android user ID"
am: 91fc4caa02
Change-Id: I9a86af493af6bdd369609a53da46e77ca02f77a5
diff --git a/keystore/Android.bp b/keystore/Android.bp
index 9bf6cf3..ed60596 100644
--- a/keystore/Android.bp
+++ b/keystore/Android.bp
@@ -50,6 +50,7 @@
"libbase",
"libbinder",
"libcrypto",
+ "libcutils",
"libhardware",
"libhidlbase",
"libhidltransport",
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 8fef8d6..62b21c8 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -30,6 +30,7 @@
#include <binder/IPCThreadState.h>
#include <binder/IPermissionController.h>
#include <binder/IServiceManager.h>
+#include <cutils/multiuser.h>
#include <log/log_event_list.h>
#include <private/android_filesystem_config.h>
@@ -862,7 +863,7 @@
// Most Java processes don't have access to this tag
KeyParameter user_id;
user_id.tag = Tag::USER_ID;
- user_id.f.integer = mActiveUserId;
+ user_id.f.integer = multiuser_get_user_id(uid);
keyCharacteristics.push_back(user_id);
}
@@ -995,7 +996,6 @@
const ::std::vector<uint8_t>& keyData, int uid, int flags,
::android::security::keymaster::KeyCharacteristics* outCharacteristics,
int32_t* aidl_return) {
-
uid = getEffectiveUid(uid);
auto logOnScopeExit = android::base::make_scope_guard([&] {
if (__android_log_security()) {
@@ -1103,7 +1103,7 @@
// Most Java processes don't have access to this tag
KeyParameter user_id;
user_id.tag = Tag::USER_ID;
- user_id.f.integer = mActiveUserId;
+ user_id.f.integer = multiuser_get_user_id(uid);
opParams.push_back(user_id);
}
@@ -2303,9 +2303,6 @@
Status KeyStoreService::onKeyguardVisibilityChanged(bool isShowing, int32_t userId,
int32_t* aidl_return) {
enforcement_policy.set_device_locked(isShowing, userId);
- if (!isShowing) {
- mActiveUserId = userId;
- }
*aidl_return = static_cast<int32_t>(ResponseCode::NO_ERROR);
return Status::ok();
diff --git a/keystore/key_store_service.h b/keystore/key_store_service.h
index 0056342..8d3f1f2 100644
--- a/keystore/key_store_service.h
+++ b/keystore/key_store_service.h
@@ -39,7 +39,7 @@
public:
explicit KeyStoreService(KeyStore* keyStore)
: mKeyStore(keyStore), mOperationMap(this),
- mConfirmationManager(new ConfirmationManager(this)), mActiveUserId(0) {}
+ mConfirmationManager(new ConfirmationManager(this)) {}
virtual ~KeyStoreService() = default;
void binderDied(const android::wp<android::IBinder>& who);
@@ -300,7 +300,6 @@
android::sp<ConfirmationManager> mConfirmationManager;
keystore::AuthTokenTable mAuthTokenTable;
KeystoreKeymasterEnforcement enforcement_policy;
- int32_t mActiveUserId;
};
}; // namespace keystore