Loading core/java/android/view/AccessibilityManagerInternal.java 0 → 100644 +31 −0 Original line number Diff line number Diff line /* * Copyright (C) 2014 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.view; /** * Accessibility manager local system service interface. * * @hide Only for use within the system server. */ public abstract class AccessibilityManagerInternal { /** * Queries if the accessibility manager service permits setting * a non-default encryption password. */ public abstract boolean isNonDefaultEncryptionPasswordAllowed(); } core/java/com/android/internal/widget/LockPatternUtils.java +24 −0 Original line number Diff line number Diff line Loading @@ -877,6 +877,30 @@ public class LockPatternUtils { } } /** * Gets whether the device is encrypted. * * @return Whether the device is encrypted. */ public static boolean isDeviceEncrypted() { IMountService mountService = IMountService.Stub.asInterface( ServiceManager.getService("mount")); try { return mountService.getEncryptionState() != IMountService.ENCRYPTION_STATE_NONE && mountService.getPasswordType() != StorageManager.CRYPT_TYPE_DEFAULT; } catch (RemoteException re) { Log.e(TAG, "Error getting encryption state", re); } return true; } /** * Clears the encryption password. */ public void clearEncryptionPassword() { updateEncryptionPassword(StorageManager.CRYPT_TYPE_DEFAULT, null); } /** * Retrieves the quality mode we're in. * {@see DevicePolicyManager#getPasswordQuality(android.content.ComponentName)} Loading services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java +32 −0 Original line number Diff line number Diff line Loading @@ -67,6 +67,7 @@ import android.util.Pools.Pool; import android.util.Pools.SimplePool; import android.util.Slog; import android.util.SparseArray; import android.view.AccessibilityManagerInternal; import android.view.Display; import android.view.IWindow; import android.view.InputDevice; Loading @@ -91,6 +92,7 @@ import android.view.accessibility.IAccessibilityManagerClient; import com.android.internal.R; import com.android.internal.content.PackageMonitor; import com.android.internal.statusbar.IStatusBarService; import com.android.internal.widget.LockPatternUtils; import com.android.server.LocalServices; import org.xmlpull.v1.XmlPullParserException; Loading Loading @@ -202,6 +204,8 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { private final UserManager mUserManager; private final LockPatternUtils mLockPatternUtils; private int mCurrentUserId = UserHandle.USER_OWNER; //TODO: Remove this hack Loading @@ -225,9 +229,11 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { mUserManager = (UserManager) context.getSystemService(Context.USER_SERVICE); mSecurityPolicy = new SecurityPolicy(); mMainHandler = new MainHandler(mContext.getMainLooper()); mLockPatternUtils = new LockPatternUtils(context); registerBroadcastReceivers(); new AccessibilityContentObserver(mMainHandler).register( context.getContentResolver()); LocalServices.addService(AccessibilityManagerInternal.class, new LocalService()); } private UserState getUserStateLocked(int userId) { Loading Loading @@ -1294,6 +1300,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { updateTouchExplorationLocked(userState); updateEnhancedWebAccessibilityLocked(userState); updateDisplayColorAdjustmentSettingsLocked(userState); updateEncryptionState(userState); scheduleUpdateInputFilter(userState); scheduleUpdateClientsIfNeededLocked(userState); } Loading Loading @@ -1570,6 +1577,21 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { DisplayAdjustmentUtils.applyAdjustments(mContext, userState.mUserId); } private void updateEncryptionState(UserState userState) { if (userState.mUserId != UserHandle.USER_OWNER) { return; } if (hasRunningServicesLocked(userState) && LockPatternUtils.isDeviceEncrypted()) { // If there are running accessibility services we do not have encryption as // the user needs the accessibility layer to be running to authenticate. mLockPatternUtils.clearEncryptionPassword(); } } private boolean hasRunningServicesLocked(UserState userState) { return !userState.mBoundServices.isEmpty() || !userState.mBindingServices.isEmpty(); } private MagnificationSpec getCompatibleMagnificationSpecLocked(int windowId) { IBinder windowToken = mGlobalWindowTokens.get(windowId); if (windowToken == null) { Loading Loading @@ -3883,4 +3905,14 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { } } } private final class LocalService extends AccessibilityManagerInternal { @Override public boolean isNonDefaultEncryptionPasswordAllowed() { synchronized (mLock) { UserState userState = getCurrentUserStateLocked(); return !hasRunningServicesLocked(userState); } } } } services/core/java/com/android/server/MountService.java +15 −2 Original line number Diff line number Diff line Loading @@ -63,6 +63,7 @@ import android.util.AttributeSet; import android.util.Slog; import android.util.Xml; import android.view.AccessibilityManagerInternal; import com.android.internal.annotations.GuardedBy; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.app.IMediaContainerService; Loading Loading @@ -557,6 +558,8 @@ class MountService extends IMountService.Stub private final Handler mHandler; private final AccessibilityManagerInternal mAccessibilityManagerInternal; void waitForAsecScan() { waitForLatch(mAsecsScanned); } Loading Loading @@ -1454,6 +1457,9 @@ class MountService extends IMountService.Stub hthread.start(); mHandler = new MountServiceHandler(hthread.getLooper()); mAccessibilityManagerInternal = LocalServices.getService( AccessibilityManagerInternal.class); // Watch for user changes final IntentFilter userFilter = new IntentFilter(); userFilter.addAction(Intent.ACTION_USER_ADDED); Loading Loading @@ -2254,6 +2260,13 @@ class MountService extends IMountService.Stub final NativeDaemonEvent event; try { // The accessibility layer may veto having a non-default encryption // password because if there are enabled accessibility services the // user cannot authenticate as the latter need access to the data. if (!TextUtils.isEmpty(password) && !mAccessibilityManagerInternal.isNonDefaultEncryptionPasswordAllowed()) { return getEncryptionState(); } event = mConnector.execute("cryptfs", "changepw", CRYPTO_TYPES[type], new SensitiveArg(toHex(password))); return Integer.parseInt(event.getMessage()); Loading Loading @@ -2302,7 +2315,7 @@ class MountService extends IMountService.Stub * @return The type, one of the CRYPT_TYPE_XXX consts from StorageManager. */ @Override public int getPasswordType() throws RemoteException { public int getPasswordType() { waitForReady(); Loading Loading
core/java/android/view/AccessibilityManagerInternal.java 0 → 100644 +31 −0 Original line number Diff line number Diff line /* * Copyright (C) 2014 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.view; /** * Accessibility manager local system service interface. * * @hide Only for use within the system server. */ public abstract class AccessibilityManagerInternal { /** * Queries if the accessibility manager service permits setting * a non-default encryption password. */ public abstract boolean isNonDefaultEncryptionPasswordAllowed(); }
core/java/com/android/internal/widget/LockPatternUtils.java +24 −0 Original line number Diff line number Diff line Loading @@ -877,6 +877,30 @@ public class LockPatternUtils { } } /** * Gets whether the device is encrypted. * * @return Whether the device is encrypted. */ public static boolean isDeviceEncrypted() { IMountService mountService = IMountService.Stub.asInterface( ServiceManager.getService("mount")); try { return mountService.getEncryptionState() != IMountService.ENCRYPTION_STATE_NONE && mountService.getPasswordType() != StorageManager.CRYPT_TYPE_DEFAULT; } catch (RemoteException re) { Log.e(TAG, "Error getting encryption state", re); } return true; } /** * Clears the encryption password. */ public void clearEncryptionPassword() { updateEncryptionPassword(StorageManager.CRYPT_TYPE_DEFAULT, null); } /** * Retrieves the quality mode we're in. * {@see DevicePolicyManager#getPasswordQuality(android.content.ComponentName)} Loading
services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java +32 −0 Original line number Diff line number Diff line Loading @@ -67,6 +67,7 @@ import android.util.Pools.Pool; import android.util.Pools.SimplePool; import android.util.Slog; import android.util.SparseArray; import android.view.AccessibilityManagerInternal; import android.view.Display; import android.view.IWindow; import android.view.InputDevice; Loading @@ -91,6 +92,7 @@ import android.view.accessibility.IAccessibilityManagerClient; import com.android.internal.R; import com.android.internal.content.PackageMonitor; import com.android.internal.statusbar.IStatusBarService; import com.android.internal.widget.LockPatternUtils; import com.android.server.LocalServices; import org.xmlpull.v1.XmlPullParserException; Loading Loading @@ -202,6 +204,8 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { private final UserManager mUserManager; private final LockPatternUtils mLockPatternUtils; private int mCurrentUserId = UserHandle.USER_OWNER; //TODO: Remove this hack Loading @@ -225,9 +229,11 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { mUserManager = (UserManager) context.getSystemService(Context.USER_SERVICE); mSecurityPolicy = new SecurityPolicy(); mMainHandler = new MainHandler(mContext.getMainLooper()); mLockPatternUtils = new LockPatternUtils(context); registerBroadcastReceivers(); new AccessibilityContentObserver(mMainHandler).register( context.getContentResolver()); LocalServices.addService(AccessibilityManagerInternal.class, new LocalService()); } private UserState getUserStateLocked(int userId) { Loading Loading @@ -1294,6 +1300,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { updateTouchExplorationLocked(userState); updateEnhancedWebAccessibilityLocked(userState); updateDisplayColorAdjustmentSettingsLocked(userState); updateEncryptionState(userState); scheduleUpdateInputFilter(userState); scheduleUpdateClientsIfNeededLocked(userState); } Loading Loading @@ -1570,6 +1577,21 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { DisplayAdjustmentUtils.applyAdjustments(mContext, userState.mUserId); } private void updateEncryptionState(UserState userState) { if (userState.mUserId != UserHandle.USER_OWNER) { return; } if (hasRunningServicesLocked(userState) && LockPatternUtils.isDeviceEncrypted()) { // If there are running accessibility services we do not have encryption as // the user needs the accessibility layer to be running to authenticate. mLockPatternUtils.clearEncryptionPassword(); } } private boolean hasRunningServicesLocked(UserState userState) { return !userState.mBoundServices.isEmpty() || !userState.mBindingServices.isEmpty(); } private MagnificationSpec getCompatibleMagnificationSpecLocked(int windowId) { IBinder windowToken = mGlobalWindowTokens.get(windowId); if (windowToken == null) { Loading Loading @@ -3883,4 +3905,14 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub { } } } private final class LocalService extends AccessibilityManagerInternal { @Override public boolean isNonDefaultEncryptionPasswordAllowed() { synchronized (mLock) { UserState userState = getCurrentUserStateLocked(); return !hasRunningServicesLocked(userState); } } } }
services/core/java/com/android/server/MountService.java +15 −2 Original line number Diff line number Diff line Loading @@ -63,6 +63,7 @@ import android.util.AttributeSet; import android.util.Slog; import android.util.Xml; import android.view.AccessibilityManagerInternal; import com.android.internal.annotations.GuardedBy; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.app.IMediaContainerService; Loading Loading @@ -557,6 +558,8 @@ class MountService extends IMountService.Stub private final Handler mHandler; private final AccessibilityManagerInternal mAccessibilityManagerInternal; void waitForAsecScan() { waitForLatch(mAsecsScanned); } Loading Loading @@ -1454,6 +1457,9 @@ class MountService extends IMountService.Stub hthread.start(); mHandler = new MountServiceHandler(hthread.getLooper()); mAccessibilityManagerInternal = LocalServices.getService( AccessibilityManagerInternal.class); // Watch for user changes final IntentFilter userFilter = new IntentFilter(); userFilter.addAction(Intent.ACTION_USER_ADDED); Loading Loading @@ -2254,6 +2260,13 @@ class MountService extends IMountService.Stub final NativeDaemonEvent event; try { // The accessibility layer may veto having a non-default encryption // password because if there are enabled accessibility services the // user cannot authenticate as the latter need access to the data. if (!TextUtils.isEmpty(password) && !mAccessibilityManagerInternal.isNonDefaultEncryptionPasswordAllowed()) { return getEncryptionState(); } event = mConnector.execute("cryptfs", "changepw", CRYPTO_TYPES[type], new SensitiveArg(toHex(password))); return Integer.parseInt(event.getMessage()); Loading Loading @@ -2302,7 +2315,7 @@ class MountService extends IMountService.Stub * @return The type, one of the CRYPT_TYPE_XXX consts from StorageManager. */ @Override public int getPasswordType() throws RemoteException { public int getPasswordType() { waitForReady(); Loading
