Google Git
Sign in
android / platform / system / security / 80592e62a6ae095041e95b811ad7066dd44d37f6
commit80592e62a6ae095041e95b811ad7066dd44d37f6[log] [tgz]
authorMax Bires <jbires@google.com>Wed Nov 29 14:38:48 2017 -0800
committerandroid-build-team Robot <android-build-team-robot@google.com>Thu Jan 04 19:31:56 2018 +0000
tree9efbd9228978118d6882c9220cddd4c96d59aced
parent71fe9d0ff90fee7a15e9be352f87adf638d82d8d [diff]
Fixing security vuln by tightening race condition window.

A proper fix for this feature requires reworking binder permission
checking to take the selinux context and not the pid. This is feature
work that should be done for P to properly fix these race conditions
that occur elsewhere in the code.

Bug: 68217699
Test: KeyStore keygen permissions cannot be bypassed through PID cycling
Change-Id: I1ba5210010d6c413c9b1dbde3df0cc566400bfac
Merged-In: I1ba5210010d6c413c9b1dbde3df0cc566400bfac
(cherry picked from commit ef4f067c03543d8c8f2f8218bc69af12692ba000)
(cherry picked from commit 05fbbe5f3d47454a85da374cad9b54e4978c2c70)
1 file changed
tree: 9efbd9228978118d6882c9220cddd4c96d59aced
  1. keystore/
  2. keystore-engine/
  3. softkeymaster/
  4. MODULE_LICENSE_APACHE2
  5. NOTICE
  6. OWNERS