DPMS: allow getPasswordMinimumMetrics() to anyone who can set LSKF - platform/frameworks/base

diff options

author	Eric Biggers <ebiggers@google.com>	2023-06-26 23:11:07 +0000
committer	Eric Biggers <ebiggers@google.com>	2023-10-06 17:03:21 +0000
commit	f30bd8b693c675362edb513b3ecb4edeb026c0ca (patch)
tree	bbd3a96a9d279b211c48c99ae562c302f94b56e2 /libs/androidfw/FileStream.cpp
parent	220d6a284ebe18675e9b017474c3b07e65be55ba (diff)

DPMS: allow getPasswordMinimumMetrics() to anyone who can set LSKF

Everyone who sets a new LSKF is supposed to first validate it against the minimum password metrics. Yet, the SET_AND_VERIFY_LOCKSCREEN_CREDENTIALS or ACCESS_KEYGUARD_SECURE_STORAGE permission is sufficient to set a new LSKF but isn't necessarily sufficient to get the minimum password metrics. This is preventing 'KeyguardManager#setLock(int, byte[], int, byte[])' from being fixed to properly validate the new LSKF. To fix this, make DevicePolicyManagerService#getPasswordMinimumMetrics() accept these permissions. Bug: 219511761 Bug: 232900169 Bug: 243881358 Test: see I46d8bf920526a00d6e6d2145d06c8e39f8047ea8 Change-Id: Ic69fd01dadf95ab49b025295711fa020180690ff Merged-In: Ic69fd01dadf95ab49b025295711fa020180690ff (cherry picked from commit 62dbf2533080e2332f71757a7e3a55227946835f)

Diffstat (limited to 'libs/androidfw/FileStream.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: