DO NOT MERGE Do not call RecoverySystem with DPMS lock held

Note DPM.wipeData() on a secondary user is now blocking, just like it's been always blocking on the primary user. Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user, 2) a secondary user and 3) work profile. Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests Bug 30681079 Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838 Merged-in: Ia832bed0f22396998d6307ab46e262dae9463838 (cherry picked from commit efdec8f568)
2017-01-04 14:36:59 -08:00
parent f98ed6863a
commit 2317451acc
1 changed files with 34 additions and 28 deletions
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@ -4536,7 +4536,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        }
    }

-    private void wipeDataLocked(boolean wipeExtRequested, String reason) {
+    private void wipeDataNoLock(boolean wipeExtRequested, String reason) {
        if (wipeExtRequested) {
            StorageManager sm = (StorageManager) mContext.getSystemService(
                    Context.STORAGE_SERVICE);
@ -4556,13 +4556,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        }
        final int userHandle = mInjector.userHandleGetCallingUserId();
        enforceFullCrossUsersPermission(userHandle);
+
+        final String source;
        synchronized (this) {
            // This API can only be called by an active device admin,
            // so try to retrieve it to check that the caller is one.
            final ActiveAdmin admin = getActiveAdminForCallerLocked(null,
                    DeviceAdminInfo.USES_POLICY_WIPE_DATA);
-
-            final String source = admin.info.getComponent().flattenToShortString();
+            source = admin.info.getComponent().flattenToShortString();

            long ident = mInjector.binderClearCallingIdentity();
            try {
@ -4577,39 +4578,44 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                        manager.wipe();
                    }
                }
-                boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0;
-                wipeDeviceOrUserLocked(wipeExtRequested, userHandle,
-                        "DevicePolicyManager.wipeData() from " + source);
            } finally {
                mInjector.binderRestoreCallingIdentity(ident);
            }
        }
+        final boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0;
+        wipeDeviceNoLock(wipeExtRequested, userHandle,
+                "DevicePolicyManager.wipeData() from " + source);
    }

-    private void wipeDeviceOrUserLocked(boolean wipeExtRequested, final int userHandle, String reason) {
-        if (userHandle == UserHandle.USER_SYSTEM) {
-            wipeDataLocked(wipeExtRequested, reason);
-        } else {
-            mHandler.post(new Runnable() {
-                @Override
-                public void run() {
-                    try {
-                        IActivityManager am = mInjector.getIActivityManager();
-                        if (am.getCurrentUser().id == userHandle) {
-                            am.switchUser(UserHandle.USER_SYSTEM);
-                        }
+    private void wipeDeviceNoLock(boolean wipeExtRequested, final int userHandle, String reason) {
+        final long ident = mInjector.binderClearCallingIdentity();
+        try {
+            if (userHandle == UserHandle.USER_SYSTEM) {
+                wipeDataNoLock(wipeExtRequested, reason);
+            } else {
+                mHandler.post(new Runnable() {
+                    @Override
+                    public void run() {
+                        try {
+                            IActivityManager am = mInjector.getIActivityManager();
+                            if (am.getCurrentUser().id == userHandle) {
+                                am.switchUser(UserHandle.USER_SYSTEM);
+                            }

-                        boolean isManagedProfile = isManagedProfile(userHandle);
-                        if (!mUserManager.removeUser(userHandle)) {
-                            Slog.w(LOG_TAG, "Couldn't remove user " + userHandle);
-                        } else if (isManagedProfile) {
-                            sendWipeProfileNotification();
+                            boolean isManagedProfile = isManagedProfile(userHandle);
+                            if (!mUserManager.removeUser(userHandle)) {
+                                Slog.w(LOG_TAG, "Couldn't remove user " + userHandle);
+                            } else if (isManagedProfile) {
+                                sendWipeProfileNotification();
+                            }
+                        } catch (RemoteException re) {
+                            // Shouldn't happen
                        }
-                    } catch (RemoteException re) {
-                        // Shouldn't happen
                    }
-                }
-            });
+                });
+            }
+        } finally {
+            mInjector.binderRestoreCallingIdentity(ident);
        }
    }

@ -4789,7 +4795,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            }
            if (wipeData) {
                // Call without holding lock.
-                wipeDeviceOrUserLocked(false, identifier,
+                wipeDeviceNoLock(false, identifier,
                        "reportFailedPasswordAttempt()");
            }
        } finally {