commit 8004fba34af622a04d16207df23b9237d3e409ab
author Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> Wed Jun 26 17:13:09 2024 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Jun 26 17:13:09 2024 +0000
tree 4e22b2aa2cfd2567618b770c7e01bba0590fe47d
parent cff76e7d5df2a89c255eb2097187ea4e0541c3a1
parent 41e98ee9470f592fcca8cabca99843c5d6c83ce4

Merge "Allow native applications with UID as ROOT to perform attestation." into main

keystore/keystore_attestation_id.cpp

diff --git a/keystore/keystore_attestation_id.cpp b/keystore/keystore_attestation_id.cpp
index d607fbf..bcd3318 100644
--- a/keystore/keystore_attestation_id.cpp
+++ b/keystore/keystore_attestation_id.cpp
@@ -49,7 +49,6 @@
 namespace {
 
 constexpr const char* kAttestationSystemPackageName = "AndroidSystem";
-constexpr const char* kUnknownPackageName = "UnknownPackage";
 constexpr const size_t kMaxAttempts = 3;
 constexpr const unsigned long kRetryIntervalUsecs = 500000;  // sleep for 500 ms
 
@@ -274,7 +273,7 @@
 StatusOr<std::vector<uint8_t>> gather_attestation_application_id(uid_t uid) {
     KeyAttestationApplicationId key_attestation_id;
 
-    if (uid == AID_SYSTEM) {
+    if (uid == AID_SYSTEM || uid == AID_ROOT) {
         /* Use a fixed ID for system callers */
         auto pinfo = KeyAttestationPackageInfo();
         pinfo.packageName = String16(kAttestationSystemPackageName);
@@ -301,8 +300,6 @@
             }
         }
 
-        // Package Manager call has failed, perform attestation but indicate that the
-        // caller is unknown.
         if (!status.isOk()) {
             ALOGW("package manager request for key attestation ID failed with: %s %d",
                   status.exceptionMessage().c_str(), status.exceptionCode());