TrustManagerService: clear calling identity in isTrustUsuallyManaged()
Since LockPatternUtils.isTrustUsuallyManaged() now requires the
ACCESS_KEYGUARD_SECURE_STORAGE permission (via its use of
ILockSettings.getBoolean()), TrustManagerService.isTrustUsuallyManaged()
should clear the calling identity after checking for the TRUST_LISTENER
permission. Otherwise it starts requiring the
ACCESS_KEYGUARD_SECURE_STORAGE permission as well.
Found by code review when re-checking the specific scenario reported in
b/156606120. Note that this is a hidden API and its only callers have
the ACCESS_KEYGUARD_SECURE_STORAGE permission already, so it shouldn't
actually cause a problem to start requiring it. I'm just making this
change to preserve the intent of this API.
Bug: 156606120
Bug: 256170784
Change-Id: I51a6142bdb7ac092ffad92cde5798ed2aa05a233
1 file changed
