Gitiles
Code Review Sign In
review.blissroms.org / platform_system_core_old / a80cafd98a934f9557f12dc1e686bca8660f2e92^2..a80cafd98a934f9557f12dc1e686bca8660f2e92 / .
commita80cafd98a934f9557f12dc1e686bca8660f2e92[log] [tgz]
authorAndres Morales <anmorales@google.com>Fri Jul 10 18:05:33 2015 +0000
committerAndroid Git Automerger <android-git-automerger@android.com>Fri Jul 10 18:05:33 2015 +0000
tree3069ebd6f6cf08f1a41526623b4e13156181faa5
parent8601f0ebbf5d33e6f0a62412fc071ab57b05f0a7 [diff]
parentdbe2de8e8df1d6a0c716d5ce80ac0f04d7082fab [diff]
am beb4fa62: am b8fb72e0: am 0b0435ea: [gatekeeperd] fix file descriptor leak

* commit 'beb4fa627b8da911a2d61d5e51b8df6af6c76c74':
  [gatekeeperd] fix file descriptor leak

diff --git a/gatekeeperd/SoftGateKeeper.h b/gatekeeperd/SoftGateKeeper.h
index 75fe11d..bb25c81 100644
--- a/gatekeeperd/SoftGateKeeper.h
+++ b/gatekeeperd/SoftGateKeeper.h

@@ -25,8 +25,10 @@
 #include <crypto_scrypt.h>
 }
 
+#include <base/memory.h>
 #include <UniquePtr.h>
 #include <gatekeeper/gatekeeper.h>
+
 #include <iostream>
 #include <unordered_map>
 
@@ -150,7 +152,8 @@
     }
 
     bool DoVerify(const password_handle_t *expected_handle, const SizedBuffer &password) {
-        FastHashMap::const_iterator it = fast_hash_map_.find(expected_handle->user_id);
+        FastHashMap::const_iterator it = fast_hash_map_.find(
+                android::base::get_unaligned(&expected_handle->user_id));
         if (it != fast_hash_map_.end() && VerifyFast(it->second, password)) {
             return true;
         } else {

diff --git a/gatekeeperd/tests/Android.mk b/gatekeeperd/tests/Android.mk
index 6fc4ac0..a62b1d4 100644
--- a/gatekeeperd/tests/Android.mk
+++ b/gatekeeperd/tests/Android.mk

@@ -20,7 +20,7 @@
 LOCAL_MODULE := gatekeeperd-unit-tests
 LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk
 LOCAL_CFLAGS += -g -Wall -Werror -std=gnu++11 -Wno-missing-field-initializers
-LOCAL_SHARED_LIBRARIES := libgatekeeper libcrypto
+LOCAL_SHARED_LIBRARIES := libgatekeeper libcrypto libbase
 LOCAL_STATIC_LIBRARIES := libscrypt_static
 LOCAL_C_INCLUDES := external/scrypt/lib/crypto
 LOCAL_SRC_FILES := \

diff --git a/gatekeeperd/tests/gatekeeper_test.cpp b/gatekeeperd/tests/gatekeeper_test.cpp
index c504f92..47a8bfa 100644
--- a/gatekeeperd/tests/gatekeeper_test.cpp
+++ b/gatekeeperd/tests/gatekeeper_test.cpp

@@ -18,9 +18,8 @@
 #include <iostream>
 
 #include <gtest/gtest.h>
-#include <UniquePtr.h>
-
 #include <hardware/hw_auth_token.h>
+#include <UniquePtr.h>
 
 #include "../SoftGateKeeper.h"
 

diff --git a/init/builtins.cpp b/init/builtins.cpp
index ca31c50..58e9087 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp

@@ -839,18 +839,31 @@
     return 0;
 }
 
+static bool is_file_crypto() {
+    char prop_value[PROP_VALUE_MAX] = {0};
+    property_get("ro.crypto.type", prop_value);
+    return strcmp(prop_value, "file") == 0;
+}
+
 int do_installkey(int nargs, char **args)
 {
     if (nargs != 2) {
         return -1;
     }
-
-    char prop_value[PROP_VALUE_MAX] = {0};
-    property_get("ro.crypto.type", prop_value);
-    if (strcmp(prop_value, "file")) {
+    if (!is_file_crypto()) {
         return 0;
     }
-
     return e4crypt_create_device_key(args[1],
                                      do_installkeys_ensure_dir_exists);
 }
+
+int do_setusercryptopolicies(int nargs, char **args)
+{
+    if (nargs != 2) {
+        return -1;
+    }
+    if (!is_file_crypto()) {
+        return 0;
+    }
+    return e4crypt_set_user_crypto_policies(args[1]);
+}

diff --git a/init/init_parser.cpp b/init/init_parser.cpp
index 956ed25..ed77b6f 100644
--- a/init/init_parser.cpp
+++ b/init/init_parser.cpp

@@ -187,6 +187,7 @@
         if (!strcmp(s, "etenv")) return K_setenv;
         if (!strcmp(s, "etprop")) return K_setprop;
         if (!strcmp(s, "etrlimit")) return K_setrlimit;
+        if (!strcmp(s, "etusercryptopolicies")) return K_setusercryptopolicies;
         if (!strcmp(s, "ocket")) return K_socket;
         if (!strcmp(s, "tart")) return K_start;
         if (!strcmp(s, "top")) return K_stop;

diff --git a/init/keywords.h b/init/keywords.h
index e637d7d..d5c7667 100644
--- a/init/keywords.h
+++ b/init/keywords.h

@@ -22,6 +22,7 @@
 int do_rmdir(int nargs, char **args);
 int do_setprop(int nargs, char **args);
 int do_setrlimit(int nargs, char **args);
+int do_setusercryptopolicies(int nargs, char **args);
 int do_start(int nargs, char **args);
 int do_stop(int nargs, char **args);
 int do_swapon_all(int nargs, char **args);
@@ -86,6 +87,7 @@
     KEYWORD(setenv,      OPTION,  2, 0)
     KEYWORD(setprop,     COMMAND, 2, do_setprop)
     KEYWORD(setrlimit,   COMMAND, 3, do_setrlimit)
+    KEYWORD(setusercryptopolicies,   COMMAND, 1, do_setusercryptopolicies)
     KEYWORD(socket,      OPTION,  0, 0)
     KEYWORD(start,       COMMAND, 1, do_start)
     KEYWORD(stop,        COMMAND, 1, do_stop)

diff --git a/rootdir/init.rc b/rootdir/init.rc
index 3196a8f..f7104ee 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc

@@ -263,6 +263,7 @@
 
     # Emulated internal storage area
     mkdir /data/media 0770 media_rw media_rw
+
     # Start bootcharting as soon as possible after the data partition is
     # mounted to collect more data.
     mkdir /data/bootchart 0755 shell shell
@@ -300,6 +301,7 @@
     chmod 0660 /data/misc/wifi/wpa_supplicant.conf
     mkdir /data/local 0751 root root
     mkdir /data/misc/media 0700 media media
+    mkdir /data/misc/vold 0700 root root
 
     # For security reasons, /data/local/tmp should always be empty.
     # Do not place files or directories in /data/local/tmp
@@ -349,6 +351,8 @@
     mkdir /data/system/heapdump 0700 system system
     mkdir /data/user 0711 system system
 
+    setusercryptopolicies /data/user
+
     # Reload policy from /data/security if present.
     setprop selinux.reload_policy 1
 
@@ -567,6 +571,7 @@
     onrestart restart zygote
     onrestart restart media
     onrestart restart surfaceflinger
+    onrestart restart inputflinger
     onrestart restart drm
 
 service vold /system/bin/vold \
@@ -604,6 +609,12 @@
     group graphics drmrpc
     onrestart restart zygote
 
+service inputflinger /system/bin/inputflinger
+    class main
+    user system
+    group input
+#    onrestart restart zygote
+
 service drm /system/bin/drmserver
     class main
     user drm