Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7d95f154 authored by Lucas Dupin's avatar Lucas Dupin
Browse files

Disable bypass and bouncer delay when no face auth 

KeyguardUpdateMonitor#isUnlockWithFacePossible was returning true
when the user had disabled face unlock.

This was causing bypass to still be enabled (hiding all notifications)
and bouncer was also being delayed, even though we were not scanning.

Fixes: 134977472
Test: auth with bypass (toggling face auth setting on/off)
Test: auth without bypass (toggling face auth setting on/off)
Change-Id: I234eb303db87fe0dafa2073a9bdf819c665018d6
parent 07b86837

core/java/android/hardware/biometrics/IBiometricEnabledOnKeyguardCallback.aidl

+1 −1
Original line number Diff line number Diff line
@@ -22,5 +22,5 @@ import android.hardware.biometrics.BiometricSourceType; 
 * @hide

 */

oneway interface IBiometricEnabledOnKeyguardCallback {

    void onChanged(in BiometricSourceType type, boolean enabled);

    void onChanged(in BiometricSourceType type, boolean enabled, int userId);

}
 
 No newline at end of file

packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java

+10 −8
Original line number Diff line number Diff line
@@ -377,14 +377,15 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener { 
        }

    };



    private boolean mFaceSettingEnabledForUser;

    private SparseBooleanArray mFaceSettingEnabledForUser = new SparseBooleanArray();

    private BiometricManager mBiometricManager;

    private IBiometricEnabledOnKeyguardCallback mBiometricEnabledCallback =

            new IBiometricEnabledOnKeyguardCallback.Stub() {

        @Override

        public void onChanged(BiometricSourceType type, boolean enabled) throws RemoteException {

        public void onChanged(BiometricSourceType type, boolean enabled, int userId)

                throws RemoteException {

            if (type == BiometricSourceType.FACE) {

                mFaceSettingEnabledForUser = enabled;

                mFaceSettingEnabledForUser.put(userId, enabled);

                updateFaceListeningState();

            }

        }
@@ -1711,7 +1712,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener { 
        // instance of KeyguardUpdateMonitor for each user but KeyguardUpdateMonitor is user-aware.

        return (mBouncer || mAuthInterruptActive || awakeKeyguard || shouldListenForFaceAssistant())

                && !mSwitchingUser && !isFaceDisabled(user) && becauseCannotSkipBouncer

                && !mKeyguardGoingAway && mFaceSettingEnabledForUser && !mLockIconPressed

                && !mKeyguardGoingAway && mFaceSettingEnabledForUser.get(user) && !mLockIconPressed

                && strongAuthAllowsScanning && mIsPrimaryUser

                && !mSecureCameraLaunched;

    }
@@ -1783,13 +1784,14 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener { 
    }



    /**

     * If face hardware is available and user has enrolled. Not considering encryption or

     * lockdown state.

     * If face hardware is available, user has enrolled and enabled auth via setting.

     * Not considering encryption or lock down state.

     */

    public boolean isUnlockWithFacePossible(int userId) {

        return mFaceManager != null && mFaceManager.isHardwareDetected()

                && !isFaceDisabled(userId)

                && mFaceManager.hasEnrolledTemplates(userId);

                && mFaceManager.hasEnrolledTemplates(userId)

                && mFaceSettingEnabledForUser.get(userId);

    }



    private void stopListeningForFingerprint() {
@@ -2657,7 +2659,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener { 
            pw.println("    possible=" + isUnlockWithFacePossible(userId));

            pw.println("    strongAuthFlags=" + Integer.toHexString(strongAuthFlags));

            pw.println("    trustManaged=" + getUserTrustIsManaged(userId));

            pw.println("    enabledByUser=" + mFaceSettingEnabledForUser);

            pw.println("    enabledByUser=" + mFaceSettingEnabledForUser.get(userId));

            pw.println("    mSecureCameraLaunched=" + mSecureCameraLaunched);

        }

    }

packages/SystemUI/src/com/android/systemui/statusbar/phone/UnlockMethodCache.java

+8 −4
Original line number Diff line number Diff line
@@ -107,6 +107,9 @@ public class UnlockMethodCache { 
        mListeners.remove(listener);

    }



    /**

     * If there are faces enrolled and user enabled face auth on keyguard.

     */

    public boolean isUnlockingWithFacePossible() {

        return mIsUnlockingWithFacePossible;

    }
@@ -119,15 +122,16 @@ public class UnlockMethodCache { 
                || (Build.IS_DEBUGGABLE && DEBUG_AUTH_WITH_ADB && mDebugUnlocked);

        boolean trustManaged = mKeyguardUpdateMonitor.getUserTrustIsManaged(user);

        boolean trusted = mKeyguardUpdateMonitor.getUserHasTrust(user);

        boolean hasEnrolledFaces = mKeyguardUpdateMonitor.isUnlockWithFacePossible(user);

        boolean changed = secure != mSecure || canSkipBouncer != mCanSkipBouncer ||

                trustManaged != mTrustManaged || mIsUnlockingWithFacePossible != hasEnrolledFaces;

        boolean isUnlockingWithFacePossible = mKeyguardUpdateMonitor.isUnlockWithFacePossible(user);

        boolean changed = secure != mSecure || canSkipBouncer != mCanSkipBouncer

                || trustManaged != mTrustManaged

                || mIsUnlockingWithFacePossible != isUnlockingWithFacePossible;

        if (changed || updateAlways) {

            mSecure = secure;

            mCanSkipBouncer = canSkipBouncer;

            mTrusted = trusted;

            mTrustManaged = trustManaged;

            mIsUnlockingWithFacePossible = hasEnrolledFaces;

            mIsUnlockingWithFacePossible = isUnlockingWithFacePossible;

            notifyListeners();

        }

        Trace.endSection();

packages/SystemUI/tests/src/com/android/keyguard/KeyguardUpdateMonitorTest.java

+2 −1
Original line number Diff line number Diff line
@@ -103,7 +103,8 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        when(context.getPackageManager()).thenReturn(mPackageManager);

        doAnswer(invocation -> {

            IBiometricEnabledOnKeyguardCallback callback = invocation.getArgument(0);

            callback.onChanged(BiometricSourceType.FACE, true /* enabled */);

            callback.onChanged(BiometricSourceType.FACE, true /* enabled */,

                    KeyguardUpdateMonitor.getCurrentUser());

            return null;

        }).when(mBiometricManager).registerEnabledOnKeyguardCallback(any());

        when(mFaceManager.isHardwareDetected()).thenReturn(true);

services/core/java/com/android/server/biometrics/BiometricService.java

+6 −5
Original line number Diff line number Diff line
@@ -521,8 +521,8 @@ public class BiometricService extends SystemService { 
            List<EnabledOnKeyguardCallback> callbacks = mEnabledOnKeyguardCallbacks;

            for (int i = 0; i < callbacks.size(); i++) {

                callbacks.get(i).notify(BiometricSourceType.FACE,

                        mFaceEnabledOnKeyguard.getOrDefault(userId,

                                DEFAULT_KEYGUARD_ENABLED));

                        mFaceEnabledOnKeyguard.getOrDefault(userId, DEFAULT_KEYGUARD_ENABLED),

                        userId);

            }

        }

    }
@@ -540,9 +540,9 @@ public class BiometricService extends SystemService { 
            }

        }



        void notify(BiometricSourceType sourceType, boolean enabled) {

        void notify(BiometricSourceType sourceType, boolean enabled, int userId) {

            try {

                mCallback.onChanged(sourceType, enabled);

                mCallback.onChanged(sourceType, enabled, userId);

            } catch (DeadObjectException e) {

                Slog.w(TAG, "Death while invoking notify", e);

                mEnabledOnKeyguardCallbacks.remove(this);
@@ -796,7 +796,8 @@ public class BiometricService extends SystemService { 
            mEnabledOnKeyguardCallbacks.add(new EnabledOnKeyguardCallback(callback));

            try {

                callback.onChanged(BiometricSourceType.FACE,

                        mSettingObserver.getFaceEnabledOnKeyguard());

                        mSettingObserver.getFaceEnabledOnKeyguard(),

                        UserHandle.getCallingUserId());

            } catch (RemoteException e) {

                Slog.w(TAG, "Remote exception", e);

            }