Limit IsSeparateProfileChallengeAllowed to system callers Fixes: 128599668 Test: build, set up separate challenge Merged-In: I2fef9ab13614627c0f1bcca04759d0974fc6181a Change-Id: I2fef9ab13614627c0f1bcca04759d0974fc6181a (cherry picked from commit 9061fcc46bb1ac5ffc16d036b632dd80963b7b52)

commit: 5075ddb97ab93e3706b2d865a1df0882e821a5bd [log] [tgz]
author: Pavel Grafov <pgrafov@google.com> Wed Apr 10 12:47:25 2019 +0100
committer: Greg Wroblewski <musashi@google.com> Mon Apr 15 12:15:23 2019 -0700
tree: adb28ec892f05375ae9ec036aa2efd0164941616
parent: 97b6be04874ad9a34ce5df6f49321f43794a1ed5 [diff]
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 99557a3..f6ef5e2 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

@@ -3075,6 +3075,9 @@
 
     @Override
     public boolean isSeparateProfileChallengeAllowed(int userHandle) {
+        if (!isCallerWithSystemUid()) {
+            throw new SecurityException("Caller must be system");
+        }
         ComponentName profileOwner = getProfileOwner(userHandle);
         // Profile challenge is supported on N or newer release.
         return profileOwner != null &&
commit	5075ddb97ab93e3706b2d865a1df0882e821a5bd	[log] [tgz]
author	Pavel Grafov <pgrafov@google.com>	Wed Apr 10 12:47:25 2019 +0100
committer	Greg Wroblewski <musashi@google.com>	Mon Apr 15 12:15:23 2019 -0700
tree	adb28ec892f05375ae9ec036aa2efd0164941616
parent	97b6be04874ad9a34ce5df6f49321f43794a1ed5 [diff]