diff options
| author | 2024-09-23 21:49:32 +0000 | |
|---|---|---|
| committer | 2024-09-26 16:28:33 +0000 | |
| commit | 26e845bd915f743e801beeabbf39b13a30e340b2 (patch) | |
| tree | 26bb2fbce2c94186cf6f759811cdc3bafe6351be | |
| parent | 0bbf1ddeb767ca2127f7bdab18b0f90d624c7487 (diff) | |
Add missing lock to areAllUsersAffiliatedWithDeviceLocked
Added missing guards and @Guarded annotation by `getLockObject()`
Bug: 323495252
Change-Id: I49e835025940ee69138ee9782ef13e66fd7ee785
Test: Run CTS-Verifier "Check new user disclaimer" test and see a notification and a dialog are shown.
Flag: EXEMPT bugfix
| -rw-r--r-- | services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index b6a4481902ab..4e89b85305d1 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -4152,8 +4152,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } private void checkAllUsersAreAffiliatedWithDevice() { - Preconditions.checkCallAuthorization(areAllUsersAffiliatedWithDeviceLocked(), - "operation not allowed when device has unaffiliated users"); + synchronized (getLockObject()) { + Preconditions.checkCallAuthorization(areAllUsersAffiliatedWithDeviceLocked(), + "operation not allowed when device has unaffiliated users"); + } } @Override @@ -11362,7 +11364,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { if (mOwners.hasDeviceOwner()) { return false; } - + final ComponentName profileOwner = getProfileOwnerAsUser(userId); if (profileOwner == null) { return false; @@ -11371,7 +11373,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { if (isManagedProfile(userId)) { return false; } - + return true; } private void enforceCanQueryLockTaskLocked(ComponentName who, String callerPackageName) { @@ -18213,6 +18215,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return false; } + @GuardedBy("getLockObject()") private boolean areAllUsersAffiliatedWithDeviceLocked() { return mInjector.binderWithCleanCallingIdentity(() -> { final List<UserInfo> userInfos = mUserManager.getAliveUsers(); @@ -18310,10 +18313,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final CallerIdentity caller = getCallerIdentity(admin, packageName); if (isPermissionCheckFlagEnabled()) { - Preconditions.checkCallAuthorization(isOrganizationOwnedDeviceWithManagedProfile() - || areAllUsersAffiliatedWithDeviceLocked()); - enforcePermission(MANAGE_DEVICE_POLICY_SECURITY_LOGGING, caller.getPackageName(), - UserHandle.USER_ALL); + synchronized (getLockObject()) { + Preconditions.checkCallAuthorization(isOrganizationOwnedDeviceWithManagedProfile() + || areAllUsersAffiliatedWithDeviceLocked()); + enforcePermission(MANAGE_DEVICE_POLICY_SECURITY_LOGGING, caller.getPackageName(), + UserHandle.USER_ALL); + } } else { if (admin != null) { Preconditions.checkCallAuthorization( @@ -18325,8 +18330,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { isCallerDelegate(caller, DELEGATION_SECURITY_LOGGING)); } - Preconditions.checkCallAuthorization(isOrganizationOwnedDeviceWithManagedProfile() - || areAllUsersAffiliatedWithDeviceLocked()); + synchronized (getLockObject()) { + Preconditions.checkCallAuthorization(isOrganizationOwnedDeviceWithManagedProfile() + || areAllUsersAffiliatedWithDeviceLocked()); + } } DevicePolicyEventLogger @@ -24540,7 +24547,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } }); } - + + @GuardedBy("getLockObject()") private void migrateUserControlDisabledPackagesLocked() { Binder.withCleanCallingIdentity(() -> { List<UserInfo> users = mUserManager.getUsers(); |