Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 612f64b2 authored by Matt Pietal's avatar Matt Pietal
Browse files

[DO NOT MERGE] Keyguard - Treat messsages to lock with priority 

When switching users and attempting to lock the device, the sysui main
thread becomes overwhelmed with events, creating a significant lag
between the time a message is posted and processed on the main
thread. This can be dangerous when these events are critical for
security, such as calls coming from PhoneWindowManager#lockNow() that
call KeyguardViewMediator#doKeyguardTimeout(). On older devices with
slower CPUs and less memory, the delay in processing can be
significant (15 - 30s).

The result of not prioritizing these events leads to a window of time
where a guest user can switch back to the owner, and gain access to
the owner's homescreen without needing to unlock the device with the
owner's credentials.

As a mitigation, prioritize two events originating in two specific
methods to make sure the device locks as soon as possible as well as
have the system server preemptively update its local cache.

Bug: 151095871
Test: Very manual race condition - follow steps listed in bug
Change-Id: I7585a0a5eeb308e0e32a4f77f581556d883b5cda
Merged-In: I7585a0a5eeb308e0e32a4f77f581556d883b5cda
(cherry picked from commit 28c53ab8)
(cherry picked from commit f8023c98)
parent 1afdf373

core/java/com/android/internal/policy/IKeyguardStateCallback.aidl

+1 −1
Original line number Diff line number Diff line
@@ -16,7 +16,7 @@ 
package com.android.internal.policy;



interface IKeyguardStateCallback {

    void onShowingStateChanged(boolean showing);

    void onShowingStateChanged(boolean showing, int userId);

    void onSimSecureStateChanged(boolean simSecure);

    void onInputRestrictedStateChanged(boolean inputRestricted);

    void onTrustedChanged(boolean trusted);

packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java

+11 −5
Original line number Diff line number Diff line
@@ -1475,7 +1475,9 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable, 
    public void doKeyguardTimeout(Bundle options) {

        mHandler.removeMessages(KEYGUARD_TIMEOUT);

        Message msg = mHandler.obtainMessage(KEYGUARD_TIMEOUT, options);

        mHandler.sendMessage(msg);

        // Treat these messages with priority - A call to timeout means the device should lock

        // as soon as possible and not wait for other messages on the thread to process first.

        mHandler.sendMessageAtFrontOfQueue(msg);

    }



    /**
@@ -1664,12 +1666,15 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable, 
     * @see #handleShow

     */

    private void showLocked(Bundle options) {

        Trace.beginSection("KeyguardViewMediator#showLocked aqcuiring mShowKeyguardWakeLock");

        Trace.beginSection("KeyguardViewMediator#showLocked acquiring mShowKeyguardWakeLock");

        if (DEBUG) Log.d(TAG, "showLocked");

        // ensure we stay awake until we are finished displaying the keyguard

        mShowKeyguardWakeLock.acquire();

        Message msg = mHandler.obtainMessage(SHOW, options);

        mHandler.sendMessage(msg);

        // Treat these messages with priority - This call can originate from #doKeyguardTimeout,

        // meaning the device should lock as soon as possible and not wait for other messages on

        // the thread to process first.

        mHandler.sendMessageAtFrontOfQueue(msg);

        Trace.endSection();

    }
@@ -1855,6 +1860,7 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable, 
                case KEYGUARD_TIMEOUT:

                    synchronized (KeyguardViewMediator.this) {

                        doKeyguardLocked((Bundle) msg.obj);

                        notifyDefaultDisplayCallbacks(mShowing);

                    }

                    break;

                case DISMISS:
@@ -2843,7 +2849,7 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable, 
            for (int i = size - 1; i >= 0; i--) {

                IKeyguardStateCallback callback = mKeyguardStateCallbacks.get(i);

                try {

                    callback.onShowingStateChanged(showing);

                    callback.onShowingStateChanged(showing, KeyguardUpdateMonitor.getCurrentUser());

                } catch (RemoteException e) {

                    Slog.w(TAG, "Failed to call onShowingStateChanged", e);

                    if (e instanceof DeadObjectException) {
@@ -2892,7 +2898,7 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable, 
            mKeyguardStateCallbacks.add(callback);

            try {

                callback.onSimSecureStateChanged(mUpdateMonitor.isSimPinSecure());

                callback.onShowingStateChanged(mShowing);

                callback.onShowingStateChanged(mShowing, KeyguardUpdateMonitor.getCurrentUser());

                callback.onInputRestrictedStateChanged(mInputRestricted);

                callback.onTrustedChanged(mUpdateMonitor.getUserHasTrust(

                        KeyguardUpdateMonitor.getCurrentUser()));

services/core/java/com/android/server/policy/keyguard/KeyguardServiceWrapper.java

+6 −0
Original line number Diff line number Diff line
@@ -195,6 +195,12 @@ public class KeyguardServiceWrapper implements IKeyguardService { 


    @Override // Binder interface

    public void doKeyguardTimeout(Bundle options) {

        int userId = mKeyguardStateMonitor.getCurrentUser();

        if (mKeyguardStateMonitor.isSecure(userId)) {

            // Preemptively inform the cache that the keyguard will soon be showing, as calls to

            // doKeyguardTimeout are a signal to lock the device as soon as possible.

            mKeyguardStateMonitor.onShowingStateChanged(true, userId);

        }

        try {

            mService.doKeyguardTimeout(options);

        } catch (RemoteException e) {

services/core/java/com/android/server/policy/keyguard/KeyguardStateMonitor.java

+7 −1
Original line number Diff line number Diff line
@@ -83,8 +83,14 @@ public class KeyguardStateMonitor extends IKeyguardStateCallback.Stub { 
        return mHasLockscreenWallpaper;

    }



    public int getCurrentUser() {

        return mCurrentUserId;

    }



    @Override // Binder interface

    public void onShowingStateChanged(boolean showing) {

    public void onShowingStateChanged(boolean showing, int userId) {

        if (userId != mCurrentUserId) return;



        mIsShowing = showing;



        mCallback.onShowingChanged();