From 628a08842cd831274dc3c95352a90e0e5e9f0da0 Mon Sep 17 00:00:00 2001
From: Kenny Guy <kennyguy@google.com>
Date: Mon, 27 Feb 2017 18:57:37 +0000
Subject: [PATCH] DO NOT MERGE Clear calling identity before checking if user
 is running.

Fix crash with isActivePasswordSufficient when
checking if user is running.

Bug: 35667752
Change-Id: I9775de84bb41432aac29591952d08b11f9530a3f
---
 .../server/devicepolicy/DevicePolicyManagerService.java    | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 8dd74c319615a..22d11e2681242 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -3653,7 +3653,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
 
     private boolean isActivePasswordSufficientForUserLocked(
             DevicePolicyData policy, int userHandle, boolean parent) {
-        enforceUserUnlocked(userHandle, parent);
+        final long id = Binder.clearCallingIdentity();
+        try {
+            enforceUserUnlocked(userHandle, parent);
+        } finally {
+            Binder.restoreCallingIdentity(id);
+        }
 
         if (policy.mActivePasswordQuality < getPasswordQuality(null, userHandle, parent)
                 || policy.mActivePasswordLength < getPasswordMinimumLength(