Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5d5648f4 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Automerger Merge Worker
Browse files

Merge "Add SafetyNet logging for b/79776455" into rvc-dev am: 0b2bb19d am: 8c79a511 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/11853950

Change-Id: I5946c5cf2acbf4227a32c4c2d85f57e13a9f2366
parents b2a46806 8c79a511

packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java

+24 −12
Original line number Diff line number Diff line
@@ -79,6 +79,7 @@ import android.telephony.SubscriptionInfo; 
import android.telephony.SubscriptionManager;

import android.telephony.SubscriptionManager.OnSubscriptionsChangedListener;

import android.telephony.TelephonyManager;

import android.util.EventLog;

import android.util.Log;

import android.util.SparseArray;

import android.util.SparseBooleanArray;
@@ -1074,6 +1075,17 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                != LockPatternUtils.StrongAuthTracker.STRONG_AUTH_NOT_REQUIRED;

    }



    private boolean isUserEncryptedOrLockdown(int userId) {

        // Biometrics should not be started in this case. Think carefully before modifying this

        // method, see b/79776455

        final int strongAuth = mStrongAuthTracker.getStrongAuthForUser(userId);

        final boolean isLockDown =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW)

                        || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);

        final boolean isEncrypted = containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT);

        return isLockDown || isEncrypted;

    }



    private boolean containsFlag(int haystack, int needle) {

        return (haystack & needle) != 0;

    }
@@ -1904,11 +1916,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
        final boolean allowedOnBouncer =

                !(mFingerprintLockedOut && mBouncer && mCredentialAttempted);

        final int user = getCurrentUser();

        final int strongAuth = mStrongAuthTracker.getStrongAuthForUser(user);

        final boolean isLockDown =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW)

                        || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);

        final boolean isEncrypted = containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT);



        // Only listen if this KeyguardUpdateMonitor belongs to the primary user. There is an

        // instance of KeyguardUpdateMonitor for each user but KeyguardUpdateMonitor is user-aware.
@@ -1917,7 +1924,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                shouldListenForFingerprintAssistant() || (mKeyguardOccluded && mIsDreaming))

                && !mSwitchingUser && !isFingerprintDisabled(getCurrentUser())

                && (!mKeyguardGoingAway || !mDeviceInteractive) && mIsPrimaryUser

                && allowedOnBouncer && !isLockDown && !isEncrypted;

                && allowedOnBouncer && !isUserEncryptedOrLockdown(user);

        return shouldListen;

    }
@@ -1931,11 +1938,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                && !statusBarShadeLocked;

        final int user = getCurrentUser();

        final int strongAuth = mStrongAuthTracker.getStrongAuthForUser(user);

        final boolean isLockDown =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW)

                        || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);

        final boolean isEncrypted =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT);

        final boolean isTimedOut =

                containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_TIMEOUT);
@@ -1958,7 +1960,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                && !mSwitchingUser && !isFaceDisabled(user) && becauseCannotSkipBouncer

                && !mKeyguardGoingAway && mFaceSettingEnabledForUser.get(user) && !mLockIconPressed

                && strongAuthAllowsScanning && mIsPrimaryUser

                && !mSecureCameraLaunched && !isLockDown && !isEncrypted;

                && !mSecureCameraLaunched && !isUserEncryptedOrLockdown(user);



        // Aggregate relevant fields for debug logging.

        if (DEBUG_FACE || DEBUG_SPEW) {
@@ -2031,6 +2033,11 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
            if (mFingerprintCancelSignal != null) {

                mFingerprintCancelSignal.cancel();

            }



            if (isUserEncryptedOrLockdown(userId)) {

                // If this happens, shouldListenForFingerprint() is wrong. SafetyNet for b/79776455

                EventLog.writeEvent(0x534e4554, "79776455", "startListeningForFingerprint");

            }

            mFingerprintCancelSignal = new CancellationSignal();

            mFpm.authenticate(null, mFingerprintCancelSignal, 0, mFingerprintAuthenticationCallback,

                    null, userId);
@@ -2049,6 +2056,11 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
            if (mFaceCancelSignal != null) {

                mFaceCancelSignal.cancel();

            }



            if (isUserEncryptedOrLockdown(userId)) {

                // If this happens, shouldListenForFace() is wrong. SafetyNet for b/79776455

                EventLog.writeEvent(0x534e4554, "79776455", "startListeningForFace");

            }

            mFaceCancelSignal = new CancellationSignal();

            mFaceManager.authenticate(null, mFaceCancelSignal, 0,

                    mFaceAuthenticationCallback, null, userId);