Only wipe device if primary user (for failed password attempts)
When a DeviceAdmin requests a device wipe due to a number of incorrect
password attempts, only primary user can wipe the device. Secondary users
can only remove themselves from the device.
Bug: 7554445
Change-Id: I24331cb4eff37571fcd792abb2efc794f7b3f2d2
diff --git a/services/java/com/android/server/DevicePolicyManagerService.java b/services/java/com/android/server/DevicePolicyManagerService.java
index a5e26a8..5ba71a4 100644
--- a/services/java/com/android/server/DevicePolicyManagerService.java
+++ b/services/java/com/android/server/DevicePolicyManagerService.java
@@ -1875,28 +1875,32 @@
DeviceAdminInfo.USES_POLICY_WIPE_DATA);
long ident = Binder.clearCallingIdentity();
try {
- if (userHandle == UserHandle.USER_OWNER) {
- wipeDataLocked(flags);
- } else {
- lockNowUnchecked();
- mHandler.post(new Runnable() {
- public void run() {
- try {
- ActivityManagerNative.getDefault().switchUser(0);
- ((UserManager) mContext.getSystemService(Context.USER_SERVICE))
- .removeUser(userHandle);
- } catch (RemoteException re) {
- // Shouldn't happen
- }
- }
- });
- }
+ wipeDeviceOrUserLocked(flags, userHandle);
} finally {
Binder.restoreCallingIdentity(ident);
}
}
}
+ private void wipeDeviceOrUserLocked(int flags, final int userHandle) {
+ if (userHandle == UserHandle.USER_OWNER) {
+ wipeDataLocked(flags);
+ } else {
+ lockNowUnchecked();
+ mHandler.post(new Runnable() {
+ public void run() {
+ try {
+ ActivityManagerNative.getDefault().switchUser(0);
+ ((UserManager) mContext.getSystemService(Context.USER_SERVICE))
+ .removeUser(userHandle);
+ } catch (RemoteException re) {
+ // Shouldn't happen
+ }
+ }
+ });
+ }
+ }
+
public void getRemoveWarning(ComponentName comp, final RemoteCallback result, int userHandle) {
enforceCrossUserPermission(userHandle);
mContext.enforceCallingOrSelfPermission(
@@ -1996,7 +2000,7 @@
saveSettingsLocked(userHandle);
int max = getMaximumFailedPasswordsForWipe(null, userHandle);
if (max > 0 && policy.mFailedPasswordAttempts >= max) {
- wipeDataLocked(0);
+ wipeDeviceOrUserLocked(0, userHandle);
}
sendAdminCommandLocked(DeviceAdminReceiver.ACTION_PASSWORD_FAILED,
DeviceAdminInfo.USES_POLICY_WATCH_LOGIN, userHandle);