commit 6391867773044f284a6f53dae9b91129af00f337
author Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Wed Feb 19 23:18:16 2020 +0000
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Wed Feb 19 23:18:16 2020 +0000
tree 0363bcaae57f05c64095ff6460c5161492b1fe30
parent 8210743f1277a47ab88070e18b8b3c33ee5f554c
parent 10938d3e263445c48ca5e48e05544603bcb96f79

Merge "Port credstore to IdentityCredential AIDL." am: c092adeb2b am: 4718a821b3 am: 10938d3e26

Change-Id: I3c8857252d86fdacdbe8ab0d762f5c1f3db797ff

keystore/key_store_service.cpp

diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 666b48a..75fcbde 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -1322,11 +1322,22 @@
 }
 
 Status KeyStoreService::onKeyguardVisibilityChanged(bool isShowing, int32_t userId,
-                                                    int32_t* aidl_return) {
+                                                    int32_t* _aidl_return) {
+    if (isShowing) {
+        if (!checkBinderPermission(P_LOCK, UID_SELF)) {
+            LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == true but "
+                            "without LOCK permission";
+            return AIDL_RETURN(ResponseCode::PERMISSION_DENIED);
+        }
+    } else {
+        if (!checkBinderPermission(P_UNLOCK, UID_SELF)) {
+            LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == false but "
+                            "without UNLOCK permission";
+            return AIDL_RETURN(ResponseCode::PERMISSION_DENIED);
+        }
+    }
     mKeyStore->getEnforcementPolicy().set_device_locked(isShowing, userId);
-    *aidl_return = static_cast<int32_t>(ResponseCode::NO_ERROR);
-
-    return Status::ok();
+    return AIDL_RETURN(ResponseCode::NO_ERROR);
 }
 
 }  // namespace keystore