summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorN Harish <kqn736@zebra.com>2021-01-25 17:22:33 +0530
committerMohammad Anish Khan <mkhan3@zebra.com>2021-01-25 19:33:51 +0530
commite7ddd1650d811638cd8f12b6c73e3734ecc7e835 (patch)
treea0e10a5d2dab713b4ee054d8ae2aff172cc2a6a7
parentf6e442814abf261be425218323ea2dff075b5a67 (diff)
downloadbase-e7ddd1650d811638cd8f12b6c73e3734ecc7e835.tar.gz
Fix for TestDirectBootEmulated testcase
In case of emulated FBE the secrets are empty hence add this exception to prevent from unlocking userkey. Bug: 177617301 Test: android.appsecurity.cts.DirectBootHostTest#testDirectBootEmulated Change-Id: I5be2ceb61d9ef47219862e75cc8ec03ab5513426
Diffstat
-rw-r--r--services/core/java/com/android/server/StorageManagerService.java6
1 files changed, 6 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java
index 678387c540ed..42b821226c49 100644
--- a/services/core/java/com/android/server/StorageManagerService.java
+++ b/services/core/java/com/android/server/StorageManagerService.java
@@ -3294,6 +3294,12 @@ class StorageManagerService extends IStorageManager.Stub
enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);
if (isFsEncrypted) {
+ // When a user has secure lock screen, require secret to actually unlock.
+ // This check is mostly in place for emulation mode.
+ if (StorageManager.isFileEncryptedEmulatedOnly() &&
+ mLockPatternUtils.isSecure(userId) && ArrayUtils.isEmpty(secret)) {
+ throw new IllegalStateException("Secret required to unlock secure user " + userId);
+ }
try {
mVold.unlockUserKey(userId, serialNumber, encodeBytes(token),
encodeBytes(secret));
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 12:21:21 +0000