Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 35eb8a15 authored by Kevin Chyn's avatar Kevin Chyn
Browse files

Revert "Do not start biometric auth if encrypted or lockdown" 

Bug: 159260556
Bug: 79776455

This reverts commit fec0165e.

Reason for revert: b/159260556

Change-Id: I9f1883291591322704ee15847f4d0a285a44f8d1
parent 508c327d

packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java

+8 −14
Original line number Diff line number Diff line
@@ -1903,12 +1903,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
    private boolean shouldListenForFingerprint() {

        final boolean allowedOnBouncer =

                !(mFingerprintLockedOut && mBouncer && mCredentialAttempted);

        final int user = getCurrentUser();

        final int strongAuth = mStrongAuthTracker.getStrongAuthForUser(user);

        final boolean isLockDown =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW)

                        || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);

        final boolean isEncrypted = containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT);



        // Only listen if this KeyguardUpdateMonitor belongs to the primary user. There is an

        // instance of KeyguardUpdateMonitor for each user but KeyguardUpdateMonitor is user-aware.
@@ -1917,7 +1911,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                shouldListenForFingerprintAssistant() || (mKeyguardOccluded && mIsDreaming))

                && !mSwitchingUser && !isFingerprintDisabled(getCurrentUser())

                && (!mKeyguardGoingAway || !mDeviceInteractive) && mIsPrimaryUser

                && allowedOnBouncer && !isLockDown && !isEncrypted;

                && allowedOnBouncer;

        return shouldListen;

    }
@@ -1934,10 +1928,9 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
        final boolean isLockDown =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW)

                        || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);

        final boolean isEncrypted =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT);

        final boolean isTimedOut =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_TIMEOUT);

        final boolean isEncryptedOrTimedOut =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT)

                        || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_TIMEOUT);



        boolean canBypass = mKeyguardBypassController != null

                && mKeyguardBypassController.canBypass();
@@ -1946,9 +1939,10 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
        // TrustAgents or biometrics are keeping the device unlocked.

        boolean becauseCannotSkipBouncer = !getUserCanSkipBouncer(user) || canBypass;



        // Scan even when timeout to show a preemptive bouncer when bypassing.

        // Scan even when encrypted or timeout to show a preemptive bouncer when bypassing.

        // Lock-down mode shouldn't scan, since it is more explicit.

        boolean strongAuthAllowsScanning = (!isTimedOut || canBypass && !mBouncer);

        boolean strongAuthAllowsScanning = (!isEncryptedOrTimedOut || canBypass && !mBouncer)

                && !isLockDown;



        // Only listen if this KeyguardUpdateMonitor belongs to the primary user. There is an

        // instance of KeyguardUpdateMonitor for each user but KeyguardUpdateMonitor is user-aware.
@@ -1958,7 +1952,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                && !mSwitchingUser && !isFaceDisabled(user) && becauseCannotSkipBouncer

                && !mKeyguardGoingAway && mFaceSettingEnabledForUser.get(user) && !mLockIconPressed

                && strongAuthAllowsScanning && mIsPrimaryUser

                && !mSecureCameraLaunched && !isLockDown && !isEncrypted;

                && !mSecureCameraLaunched;



        // Aggregate relevant fields for debug logging.

        if (DEBUG_FACE || DEBUG_SPEW) {

packages/SystemUI/tests/src/com/android/keyguard/KeyguardUpdateMonitorTest.java

+8 −12
Original line number Diff line number Diff line
@@ -451,6 +451,12 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        verify(mFaceManager, never()).authenticate(any(), any(), anyInt(), any(), any(), anyInt());

    }



    @Test

    public void requiresAuthentication_whenEncryptedKeyguard_andBypass() {

        testStrongAuthExceptOnBouncer(

                KeyguardUpdateMonitor.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT);

    }



    @Test

    public void requiresAuthentication_whenTimeoutKeyguard_andBypass() {

        testStrongAuthExceptOnBouncer(
@@ -507,20 +513,10 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 


    @Test

    public void testIgnoresAuth_whenLockdown() {

        testIgnoresAuth(

                KeyguardUpdateMonitor.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);

    }



    @Test

    public void testIgnoresAuth_whenEncrypted() {

        testIgnoresAuth(

                KeyguardUpdateMonitor.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT);

    }



    private void testIgnoresAuth(int strongAuth) {

        mKeyguardUpdateMonitor.dispatchStartedWakingUp();

        mTestableLooper.processAllMessages();

        when(mStrongAuthTracker.getStrongAuthForUser(anyInt())).thenReturn(strongAuth);

        when(mStrongAuthTracker.getStrongAuthForUser(anyInt())).thenReturn(

                KeyguardUpdateMonitor.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);



        mKeyguardUpdateMonitor.onKeyguardVisibilityChanged(true);

        verify(mFaceManager, never()).authenticate(any(), any(), anyInt(), any(), any(), anyInt());