Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

DO NOT MERGE Do not call RecoverySystem with DPMS lock held

Browse Source 
Note DPM.wipeData() on a secondary user is now blocking, just like
it's been always blocking on the primary user.

Bug 30681079

Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838
This commit is contained in:
Suprabh Shukla
2017-01-30 20:52:04 -08:00
parent 63a27d773b
commit 835c8b3d69
1 changed files with 28 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
View File

@@ -2980,7 +2980,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
return false; return false;
} }
private void wipeDataLocked(boolean wipeExtRequested, String reason) { private void wipeDataNoLock(boolean wipeExtRequested, String reason) {
// If the SD card is encrypted and non-removable, we have to force a wipe. // If the SD card is encrypted and non-removable, we have to force a wipe.
boolean forceExtWipe = !Environment.isExternalStorageRemovable() && isExtStorageEncrypted(); boolean forceExtWipe = !Environment.isExternalStorageRemovable() && isExtStorageEncrypted();
@@ -3007,13 +3007,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
return; return;
} }
enforceCrossUserPermission(userHandle); enforceCrossUserPermission(userHandle);
final String source;
synchronized (this) { synchronized (this) {
// This API can only be called by an active device admin, // This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one. // so try to retrieve it to check that the caller is one.
final ActiveAdmin admin = getActiveAdminForCallerLocked(null, final ActiveAdmin admin = getActiveAdminForCallerLocked(null,
DeviceAdminInfo.USES_POLICY_WIPE_DATA); DeviceAdminInfo.USES_POLICY_WIPE_DATA);
final String source;
final ComponentName cname = admin.info.getComponent(); final ComponentName cname = admin.info.getComponent();
if (cname != null) { if (cname != null) {
source = cname.flattenToShortString(); source = cname.flattenToShortString();
@@ -3035,34 +3035,39 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
manager.wipe(); manager.wipe();
} }
} }
boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0;
wipeDeviceOrUserLocked(wipeExtRequested, userHandle,
"DevicePolicyManager.wipeData() from " + source);
} finally { } finally {
Binder.restoreCallingIdentity(ident); Binder.restoreCallingIdentity(ident);
} }
} }
boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0;
wipeDeviceNoLock(wipeExtRequested, userHandle,
"DevicePolicyManager.wipeData() from " + source);
} }
private void wipeDeviceOrUserLocked(boolean wipeExtRequested, final int userHandle, String reason) { private void wipeDeviceNoLock(boolean wipeExtRequested, final int userHandle, String reason) {
if (userHandle == UserHandle.USER_OWNER) { final long iden = Binder.clearCallingIdentity();
wipeDataLocked(wipeExtRequested, reason); try {
} else { if (userHandle == UserHandle.USER_OWNER) {
mHandler.post(new Runnable() { wipeDataNoLock(wipeExtRequested, reason);
public void run() { } else {
try { mHandler.post(new Runnable() {
IActivityManager am = ActivityManagerNative.getDefault(); public void run() {
if (am.getCurrentUser().id == userHandle) { try {
am.switchUser(UserHandle.USER_OWNER); IActivityManager am = ActivityManagerNative.getDefault();
if (am.getCurrentUser().id == userHandle) {
am.switchUser(UserHandle.USER_OWNER);
}
if (!mUserManager.removeUser(userHandle)) {
Slog.w(LOG_TAG, "Couldn't remove user " + userHandle);
}
} catch (RemoteException re) {
// Shouldn't happen
} }
if (!mUserManager.removeUser(userHandle)) {
Slog.w(LOG_TAG, "Couldn't remove user " + userHandle);
}
} catch (RemoteException re) {
// Shouldn't happen
} }
} });
}); }
} finally {
Binder.restoreCallingIdentity(iden);
} }
} }
@@ -3201,7 +3206,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
} }
if (wipeData) { if (wipeData) {
// Call without holding lock. // Call without holding lock.
wipeDeviceOrUserLocked(false, identifier, wipeDeviceNoLock(false, identifier,
"reportFailedPasswordAttempt()"); "reportFailedPasswordAttempt()");
} }
} finally { } finally {