Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / fbe01199cbcd2e73c57e23b91464bc6d593d81be^1..fbe01199cbcd2e73c57e23b91464bc6d593d81be / .
commitfbe01199cbcd2e73c57e23b91464bc6d593d81be[log] [tgz]
authorTreehugger Robot <treehugger-gerrit@google.com>Thu Jan 23 19:00:24 2020 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Thu Jan 23 19:00:24 2020 +0000
tree4aa1790a5362e252b0b2bbe377ea2ab7dec00816
parent662e346347345b90298ba73a90749ed29c03c854 [diff]
parent36ae17f8dc8d3733fe3b7af3286ac21b3e661bf5 [diff]
Merge "Revert "Fixing security vuln by tightening race condition window.""
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 5bc5a78..41b4109 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp

@@ -613,8 +613,6 @@
     const ::android::sp<::android::security::keystore::IKeystoreKeyCharacteristicsCallback>& cb,
     const String16& name, const KeymasterArguments& params, const ::std::vector<uint8_t>& entropy,
     int uid, int flags, int32_t* _aidl_return) {
-    // TODO(jbires): remove this getCallingUid call upon implementation of b/25646100
-    uid_t originalUid = IPCThreadState::self()->getCallingUid();
     uid = getEffectiveUid(uid);
     auto logOnScopeExit = android::base::make_scope_guard([&] {
         if (__android_log_security()) {
@@ -634,9 +632,7 @@
     }
 
     if (containsTag(params.getParameters(), Tag::INCLUDE_UNIQUE_ID)) {
-        // TODO(jbires): remove uid checking upon implementation of b/25646100
-        if (!checkBinderPermission(P_GEN_UNIQUE_ID) ||
-            originalUid != IPCThreadState::self()->getCallingUid()) {
+        if (!checkBinderPermission(P_GEN_UNIQUE_ID)) {
             return AIDL_RETURN(ResponseCode::PERMISSION_DENIED);
         }
     }