Loading services/core/java/com/android/server/trust/TrustManagerService.java +20 −4 Original line number Diff line number Diff line Loading @@ -158,10 +158,26 @@ public class TrustManagerService extends SystemService { private VirtualDeviceManagerInternal mVirtualDeviceManager; private enum TrustState { UNTRUSTED, // the phone is not unlocked by any trustagents TRUSTABLE, // the phone is in a semi-locked state that can be unlocked if // FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE is passed and a trustagent is trusted TRUSTED // the phone is unlocked // UNTRUSTED means that TrustManagerService is currently *not* giving permission for the // user's Keyguard to be dismissed, and grants of trust by trust agents are remembered in // the corresponding TrustAgentWrapper but are not recognized until the device is unlocked // for the user. I.e., if the device is locked and the state is UNTRUSTED, it cannot be // unlocked by a trust agent. Automotive devices are an exception; grants of trust are // always recognized on them. UNTRUSTED, // TRUSTABLE is the same as UNTRUSTED except that new grants of trust using // FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE are recognized for moving to TRUSTED. I.e., if // the device is locked and the state is TRUSTABLE, it can be unlocked by a trust agent, // provided that the trust agent chooses to use Active Unlock. The TRUSTABLE state is only // possible as a result of a downgrade from TRUSTED, after a trust agent used // FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE in its most recent grant. TRUSTABLE, // TRUSTED means that TrustManagerService is currently giving permission for the user's // Keyguard to be dismissed. This implies that the device is unlocked for the user (where // the case of Keyguard showing but dismissible just with swipe counts as "unlocked"). TRUSTED }; @GuardedBy("mUserTrustState") Loading Loading
services/core/java/com/android/server/trust/TrustManagerService.java +20 −4 Original line number Diff line number Diff line Loading @@ -158,10 +158,26 @@ public class TrustManagerService extends SystemService { private VirtualDeviceManagerInternal mVirtualDeviceManager; private enum TrustState { UNTRUSTED, // the phone is not unlocked by any trustagents TRUSTABLE, // the phone is in a semi-locked state that can be unlocked if // FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE is passed and a trustagent is trusted TRUSTED // the phone is unlocked // UNTRUSTED means that TrustManagerService is currently *not* giving permission for the // user's Keyguard to be dismissed, and grants of trust by trust agents are remembered in // the corresponding TrustAgentWrapper but are not recognized until the device is unlocked // for the user. I.e., if the device is locked and the state is UNTRUSTED, it cannot be // unlocked by a trust agent. Automotive devices are an exception; grants of trust are // always recognized on them. UNTRUSTED, // TRUSTABLE is the same as UNTRUSTED except that new grants of trust using // FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE are recognized for moving to TRUSTED. I.e., if // the device is locked and the state is TRUSTABLE, it can be unlocked by a trust agent, // provided that the trust agent chooses to use Active Unlock. The TRUSTABLE state is only // possible as a result of a downgrade from TRUSTED, after a trust agent used // FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE in its most recent grant. TRUSTABLE, // TRUSTED means that TrustManagerService is currently giving permission for the user's // Keyguard to be dismissed. This implies that the device is unlocked for the user (where // the case of Keyguard showing but dismissible just with swipe counts as "unlocked"). TRUSTED }; @GuardedBy("mUserTrustState") Loading
