Rename isSecureLockDeviceAvailable and return type (297d2d1f) · Commits · e / os / android_frameworks_base

core/api/system-current.txt

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -13007,7 +13007,7 @@ package android.security.authenticationpolicy {
	@FlaggedApi("android.security.secure_lockdown") public final class AuthenticationPolicyManager {		@FlaggedApi("android.security.secure_lockdown") public final class AuthenticationPolicyManager {
	method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int disableSecureLockDevice(@NonNull android.security.authenticationpolicy.DisableSecureLockDeviceParams);		method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int disableSecureLockDevice(@NonNull android.security.authenticationpolicy.DisableSecureLockDeviceParams);
	method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int enableSecureLockDevice(@NonNull android.security.authenticationpolicy.EnableSecureLockDeviceParams);		method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int enableSecureLockDevice(@NonNull android.security.authenticationpolicy.EnableSecureLockDeviceParams);
	method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int isSecureLockDeviceAvailable();		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int getSecureLockDeviceAvailability();
	method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public boolean isSecureLockDeviceEnabled();		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public boolean isSecureLockDeviceEnabled();
	method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void registerSecureLockDeviceStatusListener(@NonNull java.util.concurrent.Executor, @NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void registerSecureLockDeviceStatusListener(@NonNull java.util.concurrent.Executor, @NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);
	method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void unregisterSecureLockDeviceStatusListener(@NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);		method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void unregisterSecureLockDeviceStatusListener(@NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);

core/java/android/security/authenticationpolicy/AuthenticationPolicyManager.java

+18 −15

Original line number	Original line	Diff line number	Diff line
	@@ -63,7 +63,7 @@ import java.util.concurrent.Executor;
	*		*
	* <p>		* <p>
	* To check if the device meets the requirements to enable secure lock, call		* To check if the device meets the requirements to enable secure lock, call
	* {@link #isSecureLockDeviceAvailable}. This will require the caller to have the		* {@link #getSecureLockDeviceAvailability}. This will require the caller to have the
	* {@link android.Manifest.permission#MANAGE_SECURE_LOCK_DEVICE} permission.		* {@link android.Manifest.permission#MANAGE_SECURE_LOCK_DEVICE} permission.
	*		*
	* <p>		* <p>
	@@ -237,7 +237,7 @@ public final class AuthenticationPolicyManager {
	ERROR_INSUFFICIENT_BIOMETRICS,		ERROR_INSUFFICIENT_BIOMETRICS,
	})		})
	@Retention(RetentionPolicy.SOURCE)		@Retention(RetentionPolicy.SOURCE)
	public @interface IsSecureLockDeviceAvailableRequestStatus {}		public @interface GetSecureLockDeviceAvailabilityRequestStatus {}

	/** @hide */		/** @hide */
	public AuthenticationPolicyManager(@NonNull Context context,		public AuthenticationPolicyManager(@NonNull Context context,
	@@ -266,12 +266,13 @@ public final class AuthenticationPolicyManager {
	/**		/**
	* Called when the availability of secure lock device changes for the listening user.		* Called when the availability of secure lock device changes for the listening user.
	* @param available An int of type		* @param available An int of type
	* {@link AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus} that		* {@link AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus} that
	* indicates if the listening user has the necessary requirements to		* indicates if the listening user has the necessary requirements to
	* enable secure lock device ({@link #SUCCESS} if the user can enable		* enable secure lock device ({@link #SUCCESS} if the user can enable
	* secure lock device).		* secure lock device).
	*/		*/
	void onSecureLockDeviceAvailableStatusChanged(int available);		void onSecureLockDeviceAvailableStatusChanged(
			@GetSecureLockDeviceAvailabilityRequestStatus int available);
	}		}

	/**		/**
	@@ -323,7 +324,8 @@ public final class AuthenticationPolicyManager {
	}		}

	@Override		@Override
	public void onSecureLockDeviceAvailableStatusChanged(int available) {		public void onSecureLockDeviceAvailableStatusChanged(
			@GetSecureLockDeviceAvailabilityRequestStatus int available) {
	if (!mSecureLockDeviceStatusListeners.containsKey(listener)) {		if (!mSecureLockDeviceStatusListeners.containsKey(listener)) {
	if (DEBUG) {		if (DEBUG) {
	Log.d(TAG, "Listener " + listener + " no longer registered. Skipping "		Log.d(TAG, "Listener " + listener + " no longer registered. Skipping "
	@@ -398,22 +400,23 @@ public final class AuthenticationPolicyManager {
	* Called by a privileged component to indicate if secure lock device is available for the		* Called by a privileged component to indicate if secure lock device is available for the
	* calling user.		* calling user.
	*		*
	* @return {@link IsSecureLockDeviceAvailableRequestStatus} int indicating whether secure lock		* @return {@link GetSecureLockDeviceAvailabilityRequestStatus} int indicating whether secure
	* device is available for the calling user. This will return {@link #SUCCESS} if the device		* lock device is available for the calling user. This will return {@link #SUCCESS} if the
	* meets all requirements to enable secure lock device, {@link #ERROR_INSUFFICIENT_BIOMETRICS}		* device meets all requirements to enable secure lock device,
	* if the device is missing a strong biometric enrollment, {@link #ERROR_NO_BIOMETRICS_ENROLLED}		* {@link #ERROR_INSUFFICIENT_BIOMETRICS} if the device does not have a biometric sensor of
	* if the device has no biometric enrollments, or {@link #ERROR_UNSUPPORTED} if secure lock		* sufficient strength, {@link #ERROR_NO_BIOMETRICS_ENROLLED} if the user does not have
			* enrollments on the strong biometric sensor, or {@link #ERROR_UNSUPPORTED} if secure lock
	* device is otherwise unsupported.		* device is otherwise unsupported.
	*		*
	* @hide		* @hide
	*/		*/
	@IsSecureLockDeviceAvailableRequestStatus		@GetSecureLockDeviceAvailabilityRequestStatus
	@RequiresPermission(MANAGE_SECURE_LOCK_DEVICE)		@RequiresPermission(MANAGE_SECURE_LOCK_DEVICE)
	@SystemApi		@SystemApi
	@FlaggedApi(FLAG_SECURE_LOCK_DEVICE)		@FlaggedApi(FLAG_SECURE_LOCK_DEVICE)
	public int isSecureLockDeviceAvailable() {		public int getSecureLockDeviceAvailability() {
	try {		try {
	return mAuthenticationPolicyService.isSecureLockDeviceAvailable(mContext.getUser());		return mAuthenticationPolicyService.getSecureLockDeviceAvailability(mContext.getUser());
	} catch (RemoteException e) {		} catch (RemoteException e) {
	throw e.rethrowFromSystemServer();		throw e.rethrowFromSystemServer();
	}		}
	@@ -422,8 +425,8 @@ public final class AuthenticationPolicyManager {

	/**		/**
	* Called by a privileged component to remotely enable secure lock on the device across all		* Called by a privileged component to remotely enable secure lock on the device across all
	* users. This operation will first check {@link #isSecureLockDeviceAvailable()} to see if the		* users. This operation will first check {@link #getSecureLockDeviceAvailability()} to see if
	* calling user meets the requirements to enable secure lock device, including a strong		* the calling user meets the requirements to enable secure lock device, including a strong
	* biometric enrollment, and will return an error if not.		* biometric enrollment, and will return an error if not.
	*		*
	* Secure lock is an enhanced security state that restricts access to sensitive data (app		* Secure lock is an enhanced security state that restricts access to sensitive data (app

core/java/android/security/authenticationpolicy/IAuthenticationPolicyService.aidl

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -34,7 +34,7 @@ interface IAuthenticationPolicyService {
	int disableSecureLockDevice(in UserHandle user, in DisableSecureLockDeviceParams params);		int disableSecureLockDevice(in UserHandle user, in DisableSecureLockDeviceParams params);

	@EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")		@EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")
	int isSecureLockDeviceAvailable(in UserHandle user);		int getSecureLockDeviceAvailability(in UserHandle user);

	@EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")		@EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")
	boolean isSecureLockDeviceEnabled();		boolean isSecureLockDeviceEnabled();

core/java/android/security/authenticationpolicy/ISecureLockDeviceStatusListener.aidl

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -30,7 +30,7 @@ oneway interface ISecureLockDeviceStatusListener {
	/**		/**
	* Called when the availability of secure lock device changes for the listening user.		* Called when the availability of secure lock device changes for the listening user.
	* @param available An int of type		* @param available An int of type
	* {@link AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus} that		* {@link AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus} that
	* indicates if the listening user has the necessary requirements to		* indicates if the listening user has the necessary requirements to
	* enable secure lock device ({@link #SUCCESS} if the user can enable		* enable secure lock device ({@link #SUCCESS} if the user can enable
	* secure lock device).		* secure lock device).

services/core/java/com/android/server/security/authenticationpolicy/AuthenticationPolicyService.java

+9 −9

Original line number	Original line	Diff line number	Diff line
	@@ -54,7 +54,7 @@ import android.proximity.IProximityResultCallback;
	import android.security.authenticationpolicy.AuthenticationPolicyManager;		import android.security.authenticationpolicy.AuthenticationPolicyManager;
	import android.security.authenticationpolicy.AuthenticationPolicyManager.DisableSecureLockDeviceRequestStatus;		import android.security.authenticationpolicy.AuthenticationPolicyManager.DisableSecureLockDeviceRequestStatus;
	import android.security.authenticationpolicy.AuthenticationPolicyManager.EnableSecureLockDeviceRequestStatus;		import android.security.authenticationpolicy.AuthenticationPolicyManager.EnableSecureLockDeviceRequestStatus;
	import android.security.authenticationpolicy.AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus;		import android.security.authenticationpolicy.AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus;
	import android.security.authenticationpolicy.DisableSecureLockDeviceParams;		import android.security.authenticationpolicy.DisableSecureLockDeviceParams;
	import android.security.authenticationpolicy.EnableSecureLockDeviceParams;		import android.security.authenticationpolicy.EnableSecureLockDeviceParams;
	import android.security.authenticationpolicy.IAuthenticationPolicyService;		import android.security.authenticationpolicy.IAuthenticationPolicyService;
	@@ -407,23 +407,23 @@ public class AuthenticationPolicyService extends SystemService {

	private final IBinder mService = new IAuthenticationPolicyService.Stub() {		private final IBinder mService = new IAuthenticationPolicyService.Stub() {
	/**		/**
	* @see AuthenticationPolicyManager#isSecureLockDeviceAvailable()		* @see AuthenticationPolicyManager#getSecureLockDeviceAvailability()
	* @param user user associated with the calling context to check for secure lock device		* @param user user associated with the calling context to check for secure lock device
	* availability		* availability
	* @return {@link IsSecureLockDeviceAvailableRequestStatus} int indicating whether secure		* @return {@link GetSecureLockDeviceAvailabilityRequestStatus} int indicating whether
	* lock device is available for the calling user		* secure lock device is available for the calling user
	*/		*/
	@Override		@Override
	@EnforcePermission(MANAGE_SECURE_LOCK_DEVICE)		@EnforcePermission(MANAGE_SECURE_LOCK_DEVICE)
	@IsSecureLockDeviceAvailableRequestStatus		@GetSecureLockDeviceAvailabilityRequestStatus
	public int isSecureLockDeviceAvailable(UserHandle user) {		public int getSecureLockDeviceAvailability(UserHandle user) {
	isSecureLockDeviceAvailable_enforcePermission();		getSecureLockDeviceAvailability_enforcePermission();
	enforceCrossUserPermission(user, TAG + "#isSecureLockDeviceAvailable");		enforceCrossUserPermission(user, TAG + "#getSecureLockDeviceAvailability");

	// Required for internal service to acquire necessary system permissions		// Required for internal service to acquire necessary system permissions
	final long identity = Binder.clearCallingIdentity();		final long identity = Binder.clearCallingIdentity();
	try {		try {
	return mSecureLockDeviceService.isSecureLockDeviceAvailable(user);		return mSecureLockDeviceService.getSecureLockDeviceAvailability(user);
	} finally {		} finally {
	Binder.restoreCallingIdentity(identity);		Binder.restoreCallingIdentity(identity);
	}		}