From 25d8e56c538e3a5078ec575f7e3c657dda48e82d Mon Sep 17 00:00:00 2001 From: Andreea Costinas Date: Thu, 24 Oct 2024 12:48:38 +0000 Subject: [PATCH] Relax WiFi cert installation restrictions in HSUM mode The Settings app runs under the current user, which previously lacked the necessary permissions to install client certificates in HSUM mode. This change allows any admin user to install these certificates. Bug: b/370013519 Flag: EXEMPT bugfix Test: manually installed and removed client certificate for WiFi Change-Id: I57a7364c76a0adb7ed4112e48fb20070ab9d7bff --- .../settings/UserCredentialsSettings.java | 18 +++++++++--------- .../settings/security/CredentialStorage.java | 14 ++------------ 2 files changed, 11 insertions(+), 21 deletions(-) diff --git a/src/com/android/settings/UserCredentialsSettings.java b/src/com/android/settings/UserCredentialsSettings.java index 495065023e4..210543ff07f 100644 --- a/src/com/android/settings/UserCredentialsSettings.java +++ b/src/com/android/settings/UserCredentialsSettings.java @@ -291,23 +291,23 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment // Certificates can be installed into SYSTEM_UID or WIFI_UID through CertInstaller. final int myUserId = UserHandle.myUserId(); final int systemUid = UserHandle.getUid(myUserId, Process.SYSTEM_UID); - final int wifiUid = UserHandle.getUid(myUserId, Process.WIFI_UID); - try { KeyStore processKeystore = KeyStore.getInstance(KEYSTORE_PROVIDER); processKeystore.load(null); KeyStore wifiKeystore = null; - if (myUserId == 0) { - wifiKeystore = KeyStore.getInstance(KEYSTORE_PROVIDER); - wifiKeystore.load(new AndroidKeyStoreLoadStoreParameter( - KeyProperties.NAMESPACE_WIFI)); - } List credentials = new ArrayList<>(); credentials.addAll(getCredentialsForUid(processKeystore, systemUid).values()); - if (wifiKeystore != null) { - credentials.addAll(getCredentialsForUid(wifiKeystore, wifiUid).values()); + + UserManager userManager = getContext().getSystemService(UserManager.class); + if (userManager.isAdminUser()) { + wifiKeystore = KeyStore.getInstance(KEYSTORE_PROVIDER); + wifiKeystore.load( + new AndroidKeyStoreLoadStoreParameter(KeyProperties.NAMESPACE_WIFI)); + credentials.addAll( + getCredentialsForUid(wifiKeystore, Process.WIFI_UID).values()); } + return credentials; } catch (Exception e) { throw new RuntimeException("Failed to load credentials from Keystore.", e); diff --git a/src/com/android/settings/security/CredentialStorage.java b/src/com/android/settings/security/CredentialStorage.java index b62aeae9382..b1c65a7c3c0 100644 --- a/src/com/android/settings/security/CredentialStorage.java +++ b/src/com/android/settings/security/CredentialStorage.java @@ -128,22 +128,12 @@ public final class CredentialStorage extends FragmentActivity { final int uid = bundle.getInt(Credentials.EXTRA_INSTALL_AS_UID, KeyProperties.UID_SELF); - if (uid != KeyProperties.UID_SELF && !UserHandle.isSameUser(uid, Process.myUid())) { - final int dstUserId = UserHandle.getUserId(uid); - - // Restrict install target to the wifi uid. - if (uid != Process.WIFI_UID) { + if (uid != KeyProperties.UID_SELF && uid != Process.WIFI_UID) { + if (!UserHandle.isSameUser(uid, Process.myUid())) { Log.e(TAG, "Failed to install credentials as uid " + uid + ": cross-user installs" + " may only target wifi uids"); return true; } - - final Intent installIntent = new Intent(ACTION_INSTALL) - .setPackage(getPackageName()) - .setFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT) - .putExtras(bundle); - startActivityAsUser(installIntent, new UserHandle(dstUserId)); - return true; } String alias = bundle.getString(Credentials.EXTRA_USER_KEY_ALIAS, null);