From fadb2b3a27e4c23f5c566e6f7eadfaed9e23e68c Mon Sep 17 00:00:00 2001
From: Benjamin Franz <bfranz@google.com>
Date: Wed, 14 Jan 2015 18:22:42 +0000
Subject: Avoid SecurityException when calling getUserData

Currently we risk getting a SecurityException in a number of places,
where getUserData is called for a different user than the calling user.
To avoid this, the caller is cleared in a helper function.

Bug: 18662452
Change-Id: Ibc131c602e52d9f013fe739a9c18e693181ded67
---
 .../devicepolicy/DevicePolicyManagerService.java   | 63 ++++++++++++++--------
 1 file changed, 42 insertions(+), 21 deletions(-)

diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 579fae4e2ccb..6d6ac1ef291d 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -989,6 +989,25 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
         }
     }
 
+    /**
+     * Creates and loads the policy data from xml for data that is shared between
+     * various profiles of a user. In contrast to {@link #getUserData(int)}
+     * it allows access to data of users other than the calling user.
+     *
+     * This function should only be used for shared data, e.g. everything regarding
+     * passwords and should be removed once multiple screen locks are present.
+     * @param userHandle the user for whom to load the policy data
+     * @return
+     */
+    DevicePolicyData getUserDataUnchecked(int userHandle) {
+        long ident = Binder.clearCallingIdentity();
+        try {
+            return getUserData(userHandle);
+        } finally {
+            Binder.restoreCallingIdentity(ident);
+        }
+    }
+
     void removeUserData(int userHandle) {
         synchronized (this) {
             if (userHandle == UserHandle.USER_OWNER) {
@@ -1927,7 +1946,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i<N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -1974,7 +1993,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i<N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2021,7 +2040,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i = 0; i < N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2082,7 +2101,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
 
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i = 0; i < N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2180,7 +2199,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
 
         List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
         for (UserInfo userInfo : profiles) {
-            DevicePolicyData policy = getUserData(userInfo.id);
+            DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
             final int N = policy.mAdminList.size();
             for (int i = 0; i < N; i++) {
                 ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2237,7 +2256,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i<N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2281,7 +2300,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i<N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2328,7 +2347,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i<N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2375,7 +2394,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i = 0; i < N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2422,7 +2441,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i<N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2469,7 +2488,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i<N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -2494,8 +2513,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // If the user this is called from is part of a profile group, that is the parent
             // of the group.
             UserInfo parent = getProfileParent(userHandle);
-            int id = parent == null ? userHandle : parent.id;
-            DevicePolicyData policy = getUserData(id);
+            int id = (parent == null) ? userHandle : parent.id;
+            DevicePolicyData policy = getUserDataUnchecked(id);
 
             // This API can only be called by an active device admin,
             // so try to retrieve it to check that the caller is one.
@@ -2525,7 +2544,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                     DeviceAdminInfo.USES_POLICY_WATCH_LOGIN);
 
             // The active password is stored in the parent.
-            DevicePolicyData policy = getUserData(getProfileParent(userHandle).id);
+            UserInfo parent = getProfileParent(userHandle);
+            int id = (parent == null) ? userHandle : parent.id;
+            DevicePolicyData policy = getUserDataUnchecked(id);
 
             return policy.mFailedPasswordAttempts;
         }
@@ -2588,7 +2609,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
         int count = 0;
         ActiveAdmin strictestAdmin = null;
         for (UserInfo userInfo : mUserManager.getProfiles(userHandle)) {
-            DevicePolicyData policy = getUserData(userInfo.id);
+            DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
             for (ActiveAdmin admin : policy.mAdminList) {
                 if (admin.maximumFailedPasswordsForWipe ==
                         ActiveAdmin.DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE) {
@@ -2801,7 +2822,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // Return strictest policy for this user and profiles that are visible from this user.
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i<N; i++) {
                     ActiveAdmin admin = policy.mAdminList.get(i);
@@ -3123,7 +3144,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
             for (UserInfo userInfo : profiles) {
                 int profileId = userInfo.id;
-                DevicePolicyData policy = getUserData(profileId);
+                DevicePolicyData policy = getUserDataUnchecked(profileId);
                 final int N = policy.mAdminList.size();
                 if (N > 0) {
                     for (int i=0; i<N; i++) {
@@ -4243,7 +4264,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             // and return null.
             boolean allAdminsHaveOptions = true;
             for (UserInfo userInfo : profiles) {
-                DevicePolicyData policy = getUserData(userInfo.id);
+                DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
                 final int N = policy.mAdminList.size();
                 for (int i=0; i < N; i++) {
                     final ActiveAdmin active = policy.mAdminList.get(i);
@@ -4474,7 +4495,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             for (int i = 0; i < PROFILES_SIZE; ++i) {
                 // Just loop though all admins, only device or profiles
                 // owners can have permitted lists set.
-                DevicePolicyData policy = getUserData(profiles.get(i).id);
+                DevicePolicyData policy = getUserDataUnchecked(profiles.get(i).id);
                 final int N = policy.mAdminList.size();
                 for (int j = 0; j < N; j++) {
                     ActiveAdmin admin = policy.mAdminList.get(j);
@@ -4639,7 +4660,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             for (int i = 0; i < PROFILES_SIZE; ++i) {
                 // Just loop though all admins, only device or profiles
                 // owners can have permitted lists set.
-                DevicePolicyData policy = getUserData(profiles.get(i).id);
+                DevicePolicyData policy = getUserDataUnchecked(profiles.get(i).id);
                 final int N = policy.mAdminList.size();
                 for (int j = 0; j < N; j++) {
                     ActiveAdmin admin = policy.mAdminList.get(j);
@@ -5428,7 +5449,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                     return Collections.emptyList();
                 }
 
-                DevicePolicyData policy = getUserData(profileId);
+                DevicePolicyData policy = getUserDataUnchecked(profileId);
                 ActiveAdmin admin = policy.mAdminMap.get(ownerComponent);
 
                 if (admin == null || admin.crossProfileWidgetProviders == null
-- 
cgit v1.2.3-59-g8ed1b