Rename isSecureLockDeviceAvailable and return type (297d2d1f) · Commits · e / os / android_frameworks_base

core/api/system-current.txt

+1 −1

Original line number	Diff line number	Diff line
		@@ -13007,7 +13007,7 @@ package android.security.authenticationpolicy {
		@FlaggedApi("android.security.secure_lockdown") public final class AuthenticationPolicyManager {
		method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int disableSecureLockDevice(@NonNull android.security.authenticationpolicy.DisableSecureLockDeviceParams);
		method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int enableSecureLockDevice(@NonNull android.security.authenticationpolicy.EnableSecureLockDeviceParams);
		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int isSecureLockDeviceAvailable();
		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int getSecureLockDeviceAvailability();
		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public boolean isSecureLockDeviceEnabled();
		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void registerSecureLockDeviceStatusListener(@NonNull java.util.concurrent.Executor, @NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);
		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void unregisterSecureLockDeviceStatusListener(@NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);

core/java/android/security/authenticationpolicy/AuthenticationPolicyManager.java

+18 −15

Original line number	Diff line number	Diff line
		@@ -63,7 +63,7 @@ import java.util.concurrent.Executor;
		*
		* <p>
		* To check if the device meets the requirements to enable secure lock, call
		* {@link #isSecureLockDeviceAvailable}. This will require the caller to have the
		* {@link #getSecureLockDeviceAvailability}. This will require the caller to have the
		* {@link android.Manifest.permission#MANAGE_SECURE_LOCK_DEVICE} permission.
		*
		* <p>
		@@ -237,7 +237,7 @@ public final class AuthenticationPolicyManager {
		ERROR_INSUFFICIENT_BIOMETRICS,
		})
		@Retention(RetentionPolicy.SOURCE)
		public @interface IsSecureLockDeviceAvailableRequestStatus {}
		public @interface GetSecureLockDeviceAvailabilityRequestStatus {}

		/** @hide */
		public AuthenticationPolicyManager(@NonNull Context context,
		@@ -266,12 +266,13 @@ public final class AuthenticationPolicyManager {
		/**
		* Called when the availability of secure lock device changes for the listening user.
		* @param available An int of type
		* {@link AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus} that
		* {@link AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus} that
		* indicates if the listening user has the necessary requirements to
		* enable secure lock device ({@link #SUCCESS} if the user can enable
		* secure lock device).
		*/
		void onSecureLockDeviceAvailableStatusChanged(int available);
		void onSecureLockDeviceAvailableStatusChanged(
		@GetSecureLockDeviceAvailabilityRequestStatus int available);
		}

		/**
		@@ -323,7 +324,8 @@ public final class AuthenticationPolicyManager {
		}

		@Override
		public void onSecureLockDeviceAvailableStatusChanged(int available) {
		public void onSecureLockDeviceAvailableStatusChanged(
		@GetSecureLockDeviceAvailabilityRequestStatus int available) {
		if (!mSecureLockDeviceStatusListeners.containsKey(listener)) {
		if (DEBUG) {
		Log.d(TAG, "Listener " + listener + " no longer registered. Skipping "
		@@ -398,22 +400,23 @@ public final class AuthenticationPolicyManager {
		* Called by a privileged component to indicate if secure lock device is available for the
		* calling user.
		*
		* @return {@link IsSecureLockDeviceAvailableRequestStatus} int indicating whether secure lock
		* device is available for the calling user. This will return {@link #SUCCESS} if the device
		* meets all requirements to enable secure lock device, {@link #ERROR_INSUFFICIENT_BIOMETRICS}
		* if the device is missing a strong biometric enrollment, {@link #ERROR_NO_BIOMETRICS_ENROLLED}
		* if the device has no biometric enrollments, or {@link #ERROR_UNSUPPORTED} if secure lock
		* @return {@link GetSecureLockDeviceAvailabilityRequestStatus} int indicating whether secure
		* lock device is available for the calling user. This will return {@link #SUCCESS} if the
		* device meets all requirements to enable secure lock device,
		* {@link #ERROR_INSUFFICIENT_BIOMETRICS} if the device does not have a biometric sensor of
		* sufficient strength, {@link #ERROR_NO_BIOMETRICS_ENROLLED} if the user does not have
		* enrollments on the strong biometric sensor, or {@link #ERROR_UNSUPPORTED} if secure lock
		* device is otherwise unsupported.
		*
		* @hide
		*/
		@IsSecureLockDeviceAvailableRequestStatus
		@GetSecureLockDeviceAvailabilityRequestStatus
		@RequiresPermission(MANAGE_SECURE_LOCK_DEVICE)
		@SystemApi
		@FlaggedApi(FLAG_SECURE_LOCK_DEVICE)
		public int isSecureLockDeviceAvailable() {
		public int getSecureLockDeviceAvailability() {
		try {
		return mAuthenticationPolicyService.isSecureLockDeviceAvailable(mContext.getUser());
		return mAuthenticationPolicyService.getSecureLockDeviceAvailability(mContext.getUser());
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		@@ -422,8 +425,8 @@ public final class AuthenticationPolicyManager {

		/**
		* Called by a privileged component to remotely enable secure lock on the device across all
		* users. This operation will first check {@link #isSecureLockDeviceAvailable()} to see if the
		* calling user meets the requirements to enable secure lock device, including a strong
		* users. This operation will first check {@link #getSecureLockDeviceAvailability()} to see if
		* the calling user meets the requirements to enable secure lock device, including a strong
		* biometric enrollment, and will return an error if not.
		*
		* Secure lock is an enhanced security state that restricts access to sensitive data (app

core/java/android/security/authenticationpolicy/IAuthenticationPolicyService.aidl

+1 −1

Original line number	Diff line number	Diff line
		@@ -34,7 +34,7 @@ interface IAuthenticationPolicyService {
		int disableSecureLockDevice(in UserHandle user, in DisableSecureLockDeviceParams params);

		@EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")
		int isSecureLockDeviceAvailable(in UserHandle user);
		int getSecureLockDeviceAvailability(in UserHandle user);

		@EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")
		boolean isSecureLockDeviceEnabled();

core/java/android/security/authenticationpolicy/ISecureLockDeviceStatusListener.aidl

+1 −1

Original line number	Diff line number	Diff line
		@@ -30,7 +30,7 @@ oneway interface ISecureLockDeviceStatusListener {
		/**
		* Called when the availability of secure lock device changes for the listening user.
		* @param available An int of type
		* {@link AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus} that
		* {@link AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus} that
		* indicates if the listening user has the necessary requirements to
		* enable secure lock device ({@link #SUCCESS} if the user can enable
		* secure lock device).

services/core/java/com/android/server/security/authenticationpolicy/AuthenticationPolicyService.java

+9 −9

Original line number	Diff line number	Diff line
		@@ -54,7 +54,7 @@ import android.proximity.IProximityResultCallback;
		import android.security.authenticationpolicy.AuthenticationPolicyManager;
		import android.security.authenticationpolicy.AuthenticationPolicyManager.DisableSecureLockDeviceRequestStatus;
		import android.security.authenticationpolicy.AuthenticationPolicyManager.EnableSecureLockDeviceRequestStatus;
		import android.security.authenticationpolicy.AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus;
		import android.security.authenticationpolicy.AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus;
		import android.security.authenticationpolicy.DisableSecureLockDeviceParams;
		import android.security.authenticationpolicy.EnableSecureLockDeviceParams;
		import android.security.authenticationpolicy.IAuthenticationPolicyService;
		@@ -407,23 +407,23 @@ public class AuthenticationPolicyService extends SystemService {

		private final IBinder mService = new IAuthenticationPolicyService.Stub() {
		/**
		* @see AuthenticationPolicyManager#isSecureLockDeviceAvailable()
		* @see AuthenticationPolicyManager#getSecureLockDeviceAvailability()
		* @param user user associated with the calling context to check for secure lock device
		* availability
		* @return {@link IsSecureLockDeviceAvailableRequestStatus} int indicating whether secure
		* lock device is available for the calling user
		* @return {@link GetSecureLockDeviceAvailabilityRequestStatus} int indicating whether
		* secure lock device is available for the calling user
		*/
		@Override
		@EnforcePermission(MANAGE_SECURE_LOCK_DEVICE)
		@IsSecureLockDeviceAvailableRequestStatus
		public int isSecureLockDeviceAvailable(UserHandle user) {
		isSecureLockDeviceAvailable_enforcePermission();
		enforceCrossUserPermission(user, TAG + "#isSecureLockDeviceAvailable");
		@GetSecureLockDeviceAvailabilityRequestStatus
		public int getSecureLockDeviceAvailability(UserHandle user) {
		getSecureLockDeviceAvailability_enforcePermission();
		enforceCrossUserPermission(user, TAG + "#getSecureLockDeviceAvailability");

		// Required for internal service to acquire necessary system permissions
		final long identity = Binder.clearCallingIdentity();
		try {
		return mSecureLockDeviceService.isSecureLockDeviceAvailable(user);
		return mSecureLockDeviceService.getSecureLockDeviceAvailability(user);
		} finally {
		Binder.restoreCallingIdentity(identity);
		}