Merge "Remove obsolete Smart Lock developer settings" into main am: a1bb1ff8ff... (1885505c) · Commits · e / os / android_frameworks_base

core/java/android/provider/Settings.java

+0 −14

Original line number	Original line	Diff line number	Diff line
	@@ -10441,20 +10441,6 @@ public final class Settings {
	public static final String ASSIST_LONG_PRESS_HOME_ENABLED =		public static final String ASSIST_LONG_PRESS_HOME_ENABLED =
	"assist_long_press_home_enabled";		"assist_long_press_home_enabled";

	/**
	* Control whether Trust Agents are in active unlock or extend unlock mode.
	* @hide
	*/
	@Readable
	public static final String TRUST_AGENTS_EXTEND_UNLOCK = "trust_agents_extend_unlock";

	/**
	* Control whether the screen locks when trust is lost.
	* @hide
	*/
	@Readable
	public static final String LOCK_SCREEN_WHEN_TRUST_LOST = "lock_screen_when_trust_lost";

	/**		/**
	* Control whether Night display is currently activated.		* Control whether Night display is currently activated.
	* @hide		* @hide

packages/SettingsProvider/src/android/provider/settings/backup/SecureSettings.java

+0 −2

Original line number	Original line	Diff line number	Diff line
	@@ -163,12 +163,10 @@ public class SecureSettings {
	Settings.Secure.CHARGING_VIBRATION_ENABLED,		Settings.Secure.CHARGING_VIBRATION_ENABLED,
	Settings.Secure.ACCESSIBILITY_NON_INTERACTIVE_UI_TIMEOUT_MS,		Settings.Secure.ACCESSIBILITY_NON_INTERACTIVE_UI_TIMEOUT_MS,
	Settings.Secure.ACCESSIBILITY_INTERACTIVE_UI_TIMEOUT_MS,		Settings.Secure.ACCESSIBILITY_INTERACTIVE_UI_TIMEOUT_MS,
	Settings.Secure.TRUST_AGENTS_EXTEND_UNLOCK,
	Settings.Secure.UI_NIGHT_MODE,		Settings.Secure.UI_NIGHT_MODE,
	Settings.Secure.UI_NIGHT_MODE_CUSTOM_TYPE,		Settings.Secure.UI_NIGHT_MODE_CUSTOM_TYPE,
	Settings.Secure.DARK_THEME_CUSTOM_START_TIME,		Settings.Secure.DARK_THEME_CUSTOM_START_TIME,
	Settings.Secure.DARK_THEME_CUSTOM_END_TIME,		Settings.Secure.DARK_THEME_CUSTOM_END_TIME,
	Settings.Secure.LOCK_SCREEN_WHEN_TRUST_LOST,
	Settings.Secure.SKIP_DIRECTION,		Settings.Secure.SKIP_DIRECTION,
	Settings.Secure.THEME_CUSTOMIZATION_OVERLAY_PACKAGES,		Settings.Secure.THEME_CUSTOMIZATION_OVERLAY_PACKAGES,
	Settings.Secure.BACK_GESTURE_INSET_SCALE_LEFT,		Settings.Secure.BACK_GESTURE_INSET_SCALE_LEFT,

packages/SettingsProvider/src/android/provider/settings/validators/SecureSettingsValidators.java

+0 −2

Original line number	Original line	Diff line number	Diff line
	@@ -242,9 +242,7 @@ public class SecureSettingsValidators {
	Secure.ACCESSIBILITY_INTERACTIVE_UI_TIMEOUT_MS, NON_NEGATIVE_INTEGER_VALIDATOR);		Secure.ACCESSIBILITY_INTERACTIVE_UI_TIMEOUT_MS, NON_NEGATIVE_INTEGER_VALIDATOR);
	VALIDATORS.put(Secure.USER_SETUP_COMPLETE, BOOLEAN_VALIDATOR);		VALIDATORS.put(Secure.USER_SETUP_COMPLETE, BOOLEAN_VALIDATOR);
	VALIDATORS.put(Secure.ASSIST_GESTURE_SETUP_COMPLETE, BOOLEAN_VALIDATOR);		VALIDATORS.put(Secure.ASSIST_GESTURE_SETUP_COMPLETE, BOOLEAN_VALIDATOR);
	VALIDATORS.put(Secure.TRUST_AGENTS_EXTEND_UNLOCK, BOOLEAN_VALIDATOR);
	VALIDATORS.put(Secure.LOCK_SCREEN_CUSTOM_CLOCK_FACE, JSON_OBJECT_VALIDATOR);		VALIDATORS.put(Secure.LOCK_SCREEN_CUSTOM_CLOCK_FACE, JSON_OBJECT_VALIDATOR);
	VALIDATORS.put(Secure.LOCK_SCREEN_WHEN_TRUST_LOST, BOOLEAN_VALIDATOR);
	VALIDATORS.put(Secure.SKIP_GESTURE, BOOLEAN_VALIDATOR);		VALIDATORS.put(Secure.SKIP_GESTURE, BOOLEAN_VALIDATOR);
	/*		/*
	* Only used if FeatureFlag "settings_skip_direction_mutable" is enabled.		* Only used if FeatureFlag "settings_skip_direction_mutable" is enabled.

services/core/java/com/android/server/trust/TrustManagerService.java

+7 −113

Original line number	Original line	Diff line number	Diff line
	@@ -31,7 +31,6 @@ import android.app.trust.ITrustListener;
	import android.app.trust.ITrustManager;		import android.app.trust.ITrustManager;
	import android.content.BroadcastReceiver;		import android.content.BroadcastReceiver;
	import android.content.ComponentName;		import android.content.ComponentName;
	import android.content.ContentResolver;
	import android.content.Context;		import android.content.Context;
	import android.content.Intent;		import android.content.Intent;
	import android.content.IntentFilter;		import android.content.IntentFilter;
	@@ -42,11 +41,9 @@ import android.content.pm.UserInfo;
	import android.content.res.Resources;		import android.content.res.Resources;
	import android.content.res.TypedArray;		import android.content.res.TypedArray;
	import android.content.res.XmlResourceParser;		import android.content.res.XmlResourceParser;
	import android.database.ContentObserver;
	import android.graphics.drawable.Drawable;		import android.graphics.drawable.Drawable;
	import android.hardware.biometrics.BiometricManager;		import android.hardware.biometrics.BiometricManager;
	import android.hardware.biometrics.BiometricSourceType;		import android.hardware.biometrics.BiometricSourceType;
	import android.net.Uri;
	import android.os.Binder;		import android.os.Binder;
	import android.os.Build;		import android.os.Build;
	import android.os.Bundle;		import android.os.Bundle;
	@@ -237,7 +234,6 @@ public class TrustManagerService extends SystemService {
	mIdleTrustableTimeoutAlarmListenerForUser = new SparseArray<>();		mIdleTrustableTimeoutAlarmListenerForUser = new SparseArray<>();
	private AlarmManager mAlarmManager;		private AlarmManager mAlarmManager;
	private final Object mAlarmLock = new Object();		private final Object mAlarmLock = new Object();
	private final SettingsObserver mSettingsObserver;

	private final StrongAuthTracker mStrongAuthTracker;		private final StrongAuthTracker mStrongAuthTracker;

	@@ -279,7 +275,6 @@ public class TrustManagerService extends SystemService {
	mLockPatternUtils = injector.getLockPatternUtils();		mLockPatternUtils = injector.getLockPatternUtils();
	mStrongAuthTracker = new StrongAuthTracker(context, injector.getLooper());		mStrongAuthTracker = new StrongAuthTracker(context, injector.getLooper());
	mAlarmManager = (AlarmManager) mContext.getSystemService(Context.ALARM_SERVICE);		mAlarmManager = (AlarmManager) mContext.getSystemService(Context.ALARM_SERVICE);
	mSettingsObserver = new SettingsObserver(mHandler);
	}		}

	@Override		@Override
	@@ -307,103 +302,10 @@ public class TrustManagerService extends SystemService {
	}		}
	}		}

	// Extend unlock config and logic		// Automotive head units can be unlocked by a trust agent, even when the agent doesn't use
	private final class SettingsObserver extends ContentObserver {		// FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE.
	private final Uri TRUST_AGENTS_EXTEND_UNLOCK =		private boolean isAutomotive() {
	Settings.Secure.getUriFor(Settings.Secure.TRUST_AGENTS_EXTEND_UNLOCK);		return getContext().getPackageManager().hasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE);

	private final Uri LOCK_SCREEN_WHEN_TRUST_LOST =
	Settings.Secure.getUriFor(Settings.Secure.LOCK_SCREEN_WHEN_TRUST_LOST);

	private final boolean mIsAutomotive;
	private final ContentResolver mContentResolver;
	private boolean mTrustAgentsNonrenewableTrust;
	private boolean mLockWhenTrustLost;

	/**
	* Creates a settings observer
	*
	* @param handler The handler to run {@link #onChange} on, or null if none.
	*/
	SettingsObserver(Handler handler) {
	super(handler);

	PackageManager packageManager = getContext().getPackageManager();
	mIsAutomotive = packageManager.hasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE);

	mContentResolver = getContext().getContentResolver();
	updateContentObserver();
	}

	void updateContentObserver() {
	mContentResolver.unregisterContentObserver(this);
	mContentResolver.registerContentObserver(TRUST_AGENTS_EXTEND_UNLOCK,
	false /* notifyForDescendents */,
	this /* observer */,
	mCurrentUser);
	mContentResolver.registerContentObserver(LOCK_SCREEN_WHEN_TRUST_LOST,
	false /* notifyForDescendents */,
	this /* observer */,
	mCurrentUser);

	// Update the value immediately
	onChange(true /* selfChange */, TRUST_AGENTS_EXTEND_UNLOCK);
	onChange(true /* selfChange */, LOCK_SCREEN_WHEN_TRUST_LOST);
	}

	@Override
	public void onChange(boolean selfChange, Uri uri) {
	if (TRUST_AGENTS_EXTEND_UNLOCK.equals(uri)) {
	// Smart lock should only grant non-renewable trust. The only exception is for
	// automotive, where it can actively unlock the head unit.
	int defaultValue = mIsAutomotive ? 0 : 1;

	mTrustAgentsNonrenewableTrust =
	Settings.Secure.getIntForUser(
	mContentResolver,
	Settings.Secure.TRUST_AGENTS_EXTEND_UNLOCK,
	defaultValue,
	mCurrentUser) != 0;
	} else if (LOCK_SCREEN_WHEN_TRUST_LOST.equals(uri)) {
	mLockWhenTrustLost =
	Settings.Secure.getIntForUser(
	mContentResolver,
	Settings.Secure.LOCK_SCREEN_WHEN_TRUST_LOST,
	0 /* default */,
	mCurrentUser) != 0;
	}
	}

	boolean getTrustAgentsNonrenewableTrust() {
	return mTrustAgentsNonrenewableTrust;
	}

	boolean getLockWhenTrustLost() {
	return mLockWhenTrustLost;
	}
	}

	private void maybeLockScreen(int userId) {
	if (userId != mCurrentUser) {
	return;
	}

	if (mSettingsObserver.getLockWhenTrustLost()) {
	if (DEBUG) Slog.d(TAG, "Locking device because trust was lost");
	try {
	WindowManagerGlobal.getWindowManagerService().lockNow(null);
	} catch (RemoteException e) {
	Slog.e(TAG, "Error locking screen when trust was lost");
	}

	// If active unlocking is not allowed, cancel any pending trust timeouts because the
	// screen is already locked.
	TrustedTimeoutAlarmListener alarm = mTrustTimeoutAlarmListenerForUser.get(userId);
	if (alarm != null && mSettingsObserver.getTrustAgentsNonrenewableTrust()) {
	mAlarmManager.cancel(alarm);
	alarm.setQueued(false /* isQueued */);
	}
	}
	}		}

	private void scheduleTrustTimeout(boolean override, boolean isTrustableTimeout) {		private void scheduleTrustTimeout(boolean override, boolean isTrustableTimeout) {
	@@ -600,12 +502,10 @@ public class TrustManagerService extends SystemService {
	synchronized (mUserTrustState) {		synchronized (mUserTrustState) {
	wasTrusted = (mUserTrustState.get(userId) == TrustState.TRUSTED);		wasTrusted = (mUserTrustState.get(userId) == TrustState.TRUSTED);
	wasTrustable = (mUserTrustState.get(userId) == TrustState.TRUSTABLE);		wasTrustable = (mUserTrustState.get(userId) == TrustState.TRUSTABLE);
	boolean isAutomotive = getContext().getPackageManager().hasSystemFeature(
	PackageManager.FEATURE_AUTOMOTIVE);
	boolean renewingTrust = wasTrustable && (		boolean renewingTrust = wasTrustable && (
	(flags & TrustAgentService.FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) != 0);		(flags & TrustAgentService.FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) != 0);
	boolean canMoveToTrusted =		boolean canMoveToTrusted =
	alreadyUnlocked \|\| isFromUnlock \|\| renewingTrust \|\| isAutomotive;		alreadyUnlocked \|\| isFromUnlock \|\| renewingTrust \|\| isAutomotive();
	boolean upgradingTrustForCurrentUser = (userId == mCurrentUser);		boolean upgradingTrustForCurrentUser = (userId == mCurrentUser);

	if (trustedByAtLeastOneAgent && wasTrusted) {		if (trustedByAtLeastOneAgent && wasTrusted) {
	@@ -632,9 +532,7 @@ public class TrustManagerService extends SystemService {
	isNowTrusted, newlyUnlocked, userId, flags, getTrustGrantedMessages(userId));		isNowTrusted, newlyUnlocked, userId, flags, getTrustGrantedMessages(userId));
	if (isNowTrusted != wasTrusted) {		if (isNowTrusted != wasTrusted) {
	refreshDeviceLockedForUser(userId);		refreshDeviceLockedForUser(userId);
	if (!isNowTrusted) {		if (isNowTrusted) {
	maybeLockScreen(userId);
	} else {
	boolean isTrustableTimeout =		boolean isTrustableTimeout =
	(flags & FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) != 0;		(flags & FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) != 0;
	// Every time we grant renewable trust we should override the idle trustable		// Every time we grant renewable trust we should override the idle trustable
	@@ -1855,9 +1753,7 @@ public class TrustManagerService extends SystemService {
	synchronized(mUsersUnlockedByBiometric) {		synchronized(mUsersUnlockedByBiometric) {
	mUsersUnlockedByBiometric.put(userId, true);		mUsersUnlockedByBiometric.put(userId, true);
	}		}
	// In non-renewable trust mode we need to refresh trust state here, which will call		int updateTrustOnUnlock = isAutomotive() ? 0 : 1;
	// refreshDeviceLockedForUser()
	int updateTrustOnUnlock = mSettingsObserver.getTrustAgentsNonrenewableTrust() ? 1 : 0;
	mHandler.obtainMessage(MSG_REFRESH_DEVICE_LOCKED_FOR_USER, userId,		mHandler.obtainMessage(MSG_REFRESH_DEVICE_LOCKED_FOR_USER, userId,
	updateTrustOnUnlock).sendToTarget();		updateTrustOnUnlock).sendToTarget();
	mHandler.obtainMessage(MSG_REFRESH_TRUSTABLE_TIMERS_AFTER_AUTH, userId).sendToTarget();		mHandler.obtainMessage(MSG_REFRESH_TRUSTABLE_TIMERS_AFTER_AUTH, userId).sendToTarget();
	@@ -1966,7 +1862,6 @@ public class TrustManagerService extends SystemService {
	break;		break;
	case MSG_SWITCH_USER:		case MSG_SWITCH_USER:
	mCurrentUser = msg.arg1;		mCurrentUser = msg.arg1;
	mSettingsObserver.updateContentObserver();
	refreshDeviceLockedForUser(UserHandle.USER_ALL);		refreshDeviceLockedForUser(UserHandle.USER_ALL);
	break;		break;
	case MSG_STOP_USER:		case MSG_STOP_USER:
	@@ -2196,7 +2091,6 @@ public class TrustManagerService extends SystemService {
	mLockPatternUtils.requireStrongAuth(		mLockPatternUtils.requireStrongAuth(
	mStrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED, mUserId);		mStrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED, mUserId);
	}		}
	maybeLockScreen(mUserId);
	}		}

	protected abstract void handleAlarm();		protected abstract void handleAlarm();