Merge "Evict CE key on request and when work mode is turned off."

    method public boolean isSecurityLoggingEnabled(android.content.ComponentName);

    method public boolean isUninstallBlocked(android.content.ComponentName, java.lang.String);

    method public void lockNow();

    method public void lockNow(int);

    method public void reboot(android.content.ComponentName);

    method public void removeActiveAdmin(android.content.ComponentName);

    method public boolean removeCrossProfileWidgetProvider(android.content.ComponentName, java.lang.String);

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_PROXY_PORT = "android.app.extra.PROVISIONING_WIFI_PROXY_PORT";

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SECURITY_TYPE = "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE";

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SSID = "android.app.extra.PROVISIONING_WIFI_SSID";

    field public static final int FLAG_EVICT_CE_KEY = 1; // 0x1

    field public static final int FLAG_MANAGED_CAN_ACCESS_PARENT = 2; // 0x2

    field public static final int FLAG_PARENT_CAN_ACCESS_MANAGED = 1; // 0x1

    field public static final int KEYGUARD_DISABLE_FEATURES_ALL = 2147483647; // 0x7fffffff

    method public boolean isSecurityLoggingEnabled(android.content.ComponentName);

    method public boolean isUninstallBlocked(android.content.ComponentName, java.lang.String);

    method public void lockNow();

    method public void lockNow(int);

    method public void notifyPendingSystemUpdate(long);

    method public void reboot(android.content.ComponentName);

    method public void removeActiveAdmin(android.content.ComponentName);

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_PROXY_PORT = "android.app.extra.PROVISIONING_WIFI_PROXY_PORT";

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SECURITY_TYPE = "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE";

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SSID = "android.app.extra.PROVISIONING_WIFI_SSID";

    field public static final int FLAG_EVICT_CE_KEY = 1; // 0x1

    field public static final int FLAG_MANAGED_CAN_ACCESS_PARENT = 2; // 0x2

    field public static final int FLAG_PARENT_CAN_ACCESS_MANAGED = 1; // 0x1

    field public static final int KEYGUARD_DISABLE_FEATURES_ALL = 2147483647; // 0x7fffffff

    method public boolean isSecurityLoggingEnabled(android.content.ComponentName);

    method public boolean isUninstallBlocked(android.content.ComponentName, java.lang.String);

    method public void lockNow();

    method public void lockNow(int);

    method public void reboot(android.content.ComponentName);

    method public void removeActiveAdmin(android.content.ComponentName);

    method public boolean removeCrossProfileWidgetProvider(android.content.ComponentName, java.lang.String);

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_PROXY_PORT = "android.app.extra.PROVISIONING_WIFI_PROXY_PORT";

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SECURITY_TYPE = "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE";

    field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SSID = "android.app.extra.PROVISIONING_WIFI_SSID";

    field public static final int FLAG_EVICT_CE_KEY = 1; // 0x1

    field public static final int FLAG_MANAGED_CAN_ACCESS_PARENT = 2; // 0x2

    field public static final int FLAG_PARENT_CAN_ACCESS_MANAGED = 1; // 0x1

    field public static final int KEYGUARD_DISABLE_FEATURES_ALL = 2147483647; // 0x7fffffff

    boolean requestAutoFillData(in IResultReceiver receiver, in Bundle receiverExtras,

            in IBinder activityToken, int flags);

    void dismissKeyguard(in IBinder token, in IKeyguardDismissCallback callback);

    int restartUserInBackground(int userId);

    // WARNING: when these transactions are updated, check if they are any callers on the native

    // side. If so, make sure they are using the correct transaction ids and arguments.

        return DEFAULT_STRONG_AUTH_TIMEOUT_MS;

    }

    /**

     * Flag for {@link #lockNow(int)}: also evict the user's credential encryption key from the

     * keyring. The user's credential will need to be entered again in order to derive the

     * credential encryption key that will be stored back in the keyring for future use.

     * <p>

     * This flag can only be used by a profile owner when locking a managed profile on an FBE

     * device.

     * <p>

     * In order to secure user data, the user will be stopped and restarted so apps should wait

     * until they are next run to perform further actions.

     */

    public static final int FLAG_EVICT_CE_KEY = 1;

    /** @hide */

    @Retention(RetentionPolicy.SOURCE)

    @IntDef(flag=true, value={FLAG_EVICT_CE_KEY})

    public @interface LockNowFlag {}

    /**

     * Make the device lock immediately, as if the lock screen timeout has expired at the point of

     * this call.

     * <p>

     * This method can be called on the {@link DevicePolicyManager} instance returned by

     * {@link #getParentProfileInstance(ComponentName)} in order to lock the parent profile.

     * <p>

     * Equivalent to calling {@link #lockNow(int)} with no flags.

     *

     * @throws SecurityException if the calling application does not own an active administrator

     *             that uses {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK}

     */

    public void lockNow() {

        lockNow(0);

    }

    /**

     * Make the device lock immediately, as if the lock screen timeout has expired at the point of

     * this call.

     * <p>

     * The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK}

     * to be able to call this method; if it has not, a security exception will be thrown.

     * <p>

     * This method can be called on the {@link DevicePolicyManager} instance returned by

     * {@link #getParentProfileInstance(ComponentName)} in order to lock the parent profile.

     *

     * @param flags May be 0 or {@link #FLAG_EVICT_CE_KEY}.

     * @throws SecurityException if the calling application does not own an active administrator

     *             that uses {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} or the

     *             {@link #FLAG_EVICT_CE_KEY} flag is passed by an application that is not a profile

     *             owner of a managed profile.

     * @throws IllegalArgumentException if the {@link #FLAG_EVICT_CE_KEY} flag is passed when

     *             locking the parent profile.

     * @throws UnsupportedOperationException if the {@link #FLAG_EVICT_CE_KEY} flag is passed on a

     *             non-FBE device.

     */

    public void lockNow(@LockNowFlag int flags) {

        if (mService != null) {

            try {

                mService.lockNow(mParentInstance);

                mService.lockNow(flags, mParentInstance);

            } catch (RemoteException e) {

                throw e.rethrowFromSystemServer();

            }