From 2317451acc84174cbe30d1899428d1b2953a4363 Mon Sep 17 00:00:00 2001 From: Makoto Onuki Date: Wed, 4 Jan 2017 14:36:59 -0800 Subject: DO NOT MERGE Do not call RecoverySystem with DPMS lock held Note DPM.wipeData() on a secondary user is now blocking, just like it's been always blocking on the primary user. Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user, 2) a secondary user and 3) work profile. Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests Bug 30681079 Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838 Merged-in: Ia832bed0f22396998d6307ab46e262dae9463838 (cherry picked from commit efdec8f5688ce6b0a287eddb6d5dad93ffa0e1ee) --- .../devicepolicy/DevicePolicyManagerService.java | 62 ++++++++++++---------- 1 file changed, 34 insertions(+), 28 deletions(-) diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 86ee15d6e57f..24f26714e621 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -4536,7 +4536,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - private void wipeDataLocked(boolean wipeExtRequested, String reason) { + private void wipeDataNoLock(boolean wipeExtRequested, String reason) { if (wipeExtRequested) { StorageManager sm = (StorageManager) mContext.getSystemService( Context.STORAGE_SERVICE); @@ -4556,13 +4556,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } final int userHandle = mInjector.userHandleGetCallingUserId(); enforceFullCrossUsersPermission(userHandle); + + final String source; synchronized (this) { // This API can only be called by an active device admin, // so try to retrieve it to check that the caller is one. final ActiveAdmin admin = getActiveAdminForCallerLocked(null, DeviceAdminInfo.USES_POLICY_WIPE_DATA); - - final String source = admin.info.getComponent().flattenToShortString(); + source = admin.info.getComponent().flattenToShortString(); long ident = mInjector.binderClearCallingIdentity(); try { @@ -4577,39 +4578,44 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { manager.wipe(); } } - boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0; - wipeDeviceOrUserLocked(wipeExtRequested, userHandle, - "DevicePolicyManager.wipeData() from " + source); } finally { mInjector.binderRestoreCallingIdentity(ident); } } + final boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0; + wipeDeviceNoLock(wipeExtRequested, userHandle, + "DevicePolicyManager.wipeData() from " + source); } - private void wipeDeviceOrUserLocked(boolean wipeExtRequested, final int userHandle, String reason) { - if (userHandle == UserHandle.USER_SYSTEM) { - wipeDataLocked(wipeExtRequested, reason); - } else { - mHandler.post(new Runnable() { - @Override - public void run() { - try { - IActivityManager am = mInjector.getIActivityManager(); - if (am.getCurrentUser().id == userHandle) { - am.switchUser(UserHandle.USER_SYSTEM); - } + private void wipeDeviceNoLock(boolean wipeExtRequested, final int userHandle, String reason) { + final long ident = mInjector.binderClearCallingIdentity(); + try { + if (userHandle == UserHandle.USER_SYSTEM) { + wipeDataNoLock(wipeExtRequested, reason); + } else { + mHandler.post(new Runnable() { + @Override + public void run() { + try { + IActivityManager am = mInjector.getIActivityManager(); + if (am.getCurrentUser().id == userHandle) { + am.switchUser(UserHandle.USER_SYSTEM); + } - boolean isManagedProfile = isManagedProfile(userHandle); - if (!mUserManager.removeUser(userHandle)) { - Slog.w(LOG_TAG, "Couldn't remove user " + userHandle); - } else if (isManagedProfile) { - sendWipeProfileNotification(); + boolean isManagedProfile = isManagedProfile(userHandle); + if (!mUserManager.removeUser(userHandle)) { + Slog.w(LOG_TAG, "Couldn't remove user " + userHandle); + } else if (isManagedProfile) { + sendWipeProfileNotification(); + } + } catch (RemoteException re) { + // Shouldn't happen } - } catch (RemoteException re) { - // Shouldn't happen } - } - }); + }); + } + } finally { + mInjector.binderRestoreCallingIdentity(ident); } } @@ -4789,7 +4795,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } if (wipeData) { // Call without holding lock. - wipeDeviceOrUserLocked(false, identifier, + wipeDeviceNoLock(false, identifier, "reportFailedPasswordAttempt()"); } } finally { -- cgit v1.2.3-59-g8ed1b