Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / f3aa25f12c06a1d89f0aaa5cf715f97adae88db0^2..f3aa25f12c06a1d89f0aaa5cf715f97adae88db0 / .
commitf3aa25f12c06a1d89f0aaa5cf715f97adae88db0[log] [tgz]
authorXin Li <delphij@google.com>Thu Dec 07 07:24:30 2017 +0000
committerandroid-build-merger <android-build-merger@google.com>Thu Dec 07 07:24:30 2017 +0000
tree8a3b7c5742ba2987dda6f3dfa39f0fa5c9cdc17b
parentcb0f0cb10f35f7bfd89bea78cc889b119d1935a9 [diff]
parent4a8909eb5d1dafa6ba26f02c085d5579dd1c69ca [diff]
DO NOT MERGE: Merge Oreo MR1 into master am: 47924d1aec  -s ours
am: 4a8909eb5d

Change-Id: I36b5a06a737cf1410e446bed096e784d4cf40f58

diff --git a/keystore/auth_token_table.cpp b/keystore/auth_token_table.cpp
index 8b81e47..46b644d 100644
--- a/keystore/auth_token_table.cpp
+++ b/keystore/auth_token_table.cpp

@@ -244,7 +244,7 @@
     return (token_->userId == entry.token_->userId &&
             token_->authenticatorType == entry.token_->authenticatorType &&
             token_->authenticatorId == entry.token_->authenticatorId &&
-            timestamp_host_order() > entry.timestamp_host_order());
+            is_newer_than(&entry));
 }
 
 }  // namespace keymaster

diff --git a/keystore/auth_token_table.h b/keystore/auth_token_table.h
index 422c710..0056b26 100644
--- a/keystore/auth_token_table.h
+++ b/keystore/auth_token_table.h

@@ -114,9 +114,15 @@
         bool Supersedes(const Entry& entry) const;
         bool SatisfiesAuth(const std::vector<uint64_t>& sids, HardwareAuthenticatorType auth_type);
 
-        bool is_newer_than(const Entry* entry) {
+        bool is_newer_than(const Entry* entry) const {
             if (!entry) return true;
-            return timestamp_host_order() > entry->timestamp_host_order();
+            uint64_t ts = timestamp_host_order();
+            uint64_t other_ts = entry->timestamp_host_order();
+            // Normally comparing timestamp_host_order alone is sufficient, but here is an
+            // additional hack to compare time_received value for some devices where their auth
+            // tokens contain fixed timestamp (due to the a stuck secure RTC on them)
+            return (ts > other_ts) ||
+                   ((ts == other_ts) && (time_received_ > entry->time_received_));
         }
 
         void mark_completed() { operation_completed_ = true; }

diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index eb5fe86..be13a7b 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp

@@ -693,6 +693,8 @@
                                                        const hidl_vec<uint8_t>& entropy, int uid,
                                                        int flags,
                                                        KeyCharacteristics* outCharacteristics) {
+    // TODO(jbires): remove this getCallingUid call upon implementation of b/25646100
+    uid_t originalUid = IPCThreadState::self()->getCallingUid();
     uid = getEffectiveUid(uid);
     KeyStoreServiceReturnCode rc =
         checkBinderPermissionAndKeystoreState(P_INSERT, uid, flags & KEYSTORE_FLAG_ENCRYPTED);
@@ -705,7 +707,10 @@
     }
 
     if (containsTag(params, Tag::INCLUDE_UNIQUE_ID)) {
-        if (!checkBinderPermission(P_GEN_UNIQUE_ID)) return ResponseCode::PERMISSION_DENIED;
+        if (!checkBinderPermission(P_GEN_UNIQUE_ID) &&
+              originalUid != IPCThreadState::self()->getCallingUid()) {
+            return ResponseCode::PERMISSION_DENIED;
+        }
     }
 
     bool usingFallback = false;