Fix for TestDirectBootEmulated testcase

In case of emulated FBE the secrets are empty hence add this exception to prevent from unlocking userkey. Bug: 177617301 Test: android.appsecurity.cts.DirectBootHostTest#testDirectBootEmulated Change-Id: I5be2ceb61d9ef47219862e75cc8ec03ab5513426
author: N Harish <kqn736@zebra.com> 2021-01-25 17:22:33 +0530
committer: Anish Khan <mkhan3@zebra.corp-partner.google.com> 2021-01-25 14:05:44 +0000
commit: 2912b101aaa34abfa9637f2f00c992e7d129b994 (patch)
tree: 93f925525d7a1fd955f9cba64802793456001d68
parent: 7166f0b425525a4250609afa2847ce30fc9f5987 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java
index 5c34584d0adf..4e2519b47a47 100644
--- a/services/core/java/com/android/server/StorageManagerService.java
+++ b/services/core/java/com/android/server/StorageManagerService.java
@@ -3297,6 +3297,12 @@ class StorageManagerService extends IStorageManager.Stub
         enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);
 
         if (isFsEncrypted) {
+            // When a user has secure lock screen, require secret to actually unlock.
+            // This check is mostly in place for emulation mode.
+            if (StorageManager.isFileEncryptedEmulatedOnly() &&
+                mLockPatternUtils.isSecure(userId) && ArrayUtils.isEmpty(secret)) {
+                throw new IllegalStateException("Secret required to unlock secure user " + userId);
+            }
             try {
                 mVold.unlockUserKey(userId, serialNumber, encodeBytes(token),
                         encodeBytes(secret));
author	N Harish <kqn736@zebra.com>	2021-01-25 17:22:33 +0530
committer	Anish Khan <mkhan3@zebra.corp-partner.google.com>	2021-01-25 14:05:44 +0000
commit	2912b101aaa34abfa9637f2f00c992e7d129b994 (patch)
tree	93f925525d7a1fd955f9cba64802793456001d68
parent	7166f0b425525a4250609afa2847ce30fc9f5987 (diff)