Merge cherrypicks of [10745155, 10743283, 10746098, 10735615, 10743284, 10745369, 10745156, 10745157, 10746136, 10746137, 10745215, 10746138, 10745216, 10745217, 10746139, 10745218, 10743285, 10746118, 10746119, 10745827, 10745158, 10745159, 10743224, 10743225, 10745492] into qt-qpr2-release
Change-Id: I16583efcd9db10fd33938f0dbf4cf3adf6a98a18
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 2336e57..b6b7295 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -1359,12 +1359,23 @@
}
Status KeyStoreService::onKeyguardVisibilityChanged(bool isShowing, int32_t userId,
- int32_t* aidl_return) {
+ int32_t* _aidl_return) {
KEYSTORE_SERVICE_LOCK;
+ if (isShowing) {
+ if (!checkBinderPermission(P_LOCK, UID_SELF)) {
+ LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == true but "
+ "without LOCK permission";
+ return AIDL_RETURN(ResponseCode::PERMISSION_DENIED);
+ }
+ } else {
+ if (!checkBinderPermission(P_UNLOCK, UID_SELF)) {
+ LOG(WARNING) << "onKeyguardVisibilityChanged called with isShowing == false but "
+ "without UNLOCK permission";
+ return AIDL_RETURN(ResponseCode::PERMISSION_DENIED);
+ }
+ }
mKeyStore->getEnforcementPolicy().set_device_locked(isShowing, userId);
- *aidl_return = static_cast<int32_t>(ResponseCode::NO_ERROR);
-
- return Status::ok();
+ return AIDL_RETURN(ResponseCode::NO_ERROR);
}
} // namespace keystore