Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a00f801b authored by Adam Bookatz's avatar Adam Bookatz
Browse files

Communal profile is always keyguard-unlocked 

The Communal Profile is a profile with no parent, and is expected to
be visible over any user's lockscreen. By its very nature, it is
therefore never considered locked. If something (such as
GrantPermissionsActivity) asks whether the device is locked for this
user, it should therefore be told no.

We accomplish this by making sure that unsecured profiles (like the
communal profile) are set to unlocked, just like how managed profiles
were.

Bug: 311073113
Flag: ACONFIG android.multiuser.support_communal_profile DISABLED
Test: atest CtsAppTestCase:asndroid.app.cts.KeyguardManagerStatusTest
Test: Manually confirmed that permissions can be accepted, despite it
requiring a keyguard check

Change-Id: Iffe150cfb6ff65a9c870eafe5b3a2903638cfaf3
parent 4e60e545

services/core/java/com/android/server/trust/TrustAgentWrapper.java

+2 −0
Original line number Original line Diff line number Diff line
@@ -443,6 +443,8 @@ public class TrustAgentWrapper { 
                mPendingSuccessfulUnlock = false;

                mPendingSuccessfulUnlock = false;

            }

            }





            // It's okay to use the "Inner" version of isDeviceLocked since they differ only for

            // profiles, which cannot be switched to and thus don't support trust agents anyway.

            if (mTrustManagerService.isDeviceLockedInner(mUserId)) {

            if (mTrustManagerService.isDeviceLockedInner(mUserId)) {

                onDeviceLocked();

                onDeviceLocked();

            } else {

            } else {

services/core/java/com/android/server/trust/TrustManagerService.java

+22 −12
Original line number Original line Diff line number Diff line
@@ -184,25 +184,30 @@ public class TrustManagerService extends SystemService { 
            new SparseArray<>();

            new SparseArray<>();





    /**

    /**

     * Stores the locked state for users on the device. There are three different type of users

     * Stores the locked state for users on the device. There are several different types of users

     * which are handled slightly differently:

     * which are handled slightly differently:

     * <ul>

     * <ul>

     *  <li> Users with real keyguard

     *  <li> Users with real keyguard:

     *  These are users who can be switched to ({@link UserInfo#supportsSwitchToByUser()}). Their

     *  These are users who can be switched to ({@link UserInfo#supportsSwitchToByUser()}). Their

     *  locked state is derived by a combination of user secure state, keyguard state, trust agent

     *  locked state is derived by a combination of user secure state, keyguard state, trust agent

     *  decision and biometric authentication result. These are updated via

     *  decision and biometric authentication result. These are updated via

     *  {@link #refreshDeviceLockedForUser(int)} and result stored in {@link #mDeviceLockedForUser}.

     *  {@link #refreshDeviceLockedForUser(int)} and result stored in {@link #mDeviceLockedForUser}.

     *  <li> Managed profiles with unified challenge

     *  <li> Profiles with unified challenge:

     *  Managed profile with unified challenge always shares the same locked state as their parent,

     *  Profiles with a unified challenge always share the same locked state as their parent,

     *  so their locked state is not recorded in  {@link #mDeviceLockedForUser}. Instead,

     *  so their locked state is not recorded in  {@link #mDeviceLockedForUser}. Instead,

     *  {@link ITrustManager#isDeviceLocked(int)} always resolves their parent user handle and

     *  {@link ITrustManager#isDeviceLocked(int)} always resolves their parent user handle and

     *  queries its locked state instead.

     *  queries its locked state instead.

     *  <li> Managed profiles with separate challenge

     *  <li> Profiles without unified challenge:

     *  Locked state for profile with separate challenge is determined by other parts of the

     *  The locked state for profiles that do not have a unified challenge (e.g. they have a

     *  framework (mostly PowerManager) and pushed to TrustManagerService via

     *  separate challenge from their parent, or they have no parent at all) is determined by other

     *  {@link ITrustManager#setDeviceLockedForUser(int, boolean)}. Although in a corner case when

     *  parts of the framework (mostly PowerManager) and pushed to TrustManagerService via

     *  the profile has a separate but empty challenge, setting its {@link #mDeviceLockedForUser} to

     *  {@link ITrustManager#setDeviceLockedForUser(int, boolean)}.

     *  {@code false} is actually done by {@link #refreshDeviceLockedForUser(int)}.

     *  However, in the case where such a profile has an empty challenge, setting its

     *  {@link #mDeviceLockedForUser} to {@code false} is actually done by

     *  {@link #refreshDeviceLockedForUser(int)}.

     *  (This serves as a corner case for managed profiles with a separate but empty challenge. It

     *  is always currently the case for Communal profiles, for which having a non-empty challenge

     *  is not currently supported.)

     * </ul>

     * </ul>

     * TODO: Rename {@link ITrustManager#setDeviceLockedForUser(int, boolean)} to

     * TODO: Rename {@link ITrustManager#setDeviceLockedForUser(int, boolean)} to

     * {@code setDeviceLockedForProfile} to better reflect its purpose. Unifying

     * {@code setDeviceLockedForProfile} to better reflect its purpose. Unifying
@@ -788,7 +793,7 @@ public class TrustManagerService extends SystemService { 




    /**

    /**

     * Update the user's locked state. Only applicable to users with a real keyguard

     * Update the user's locked state. Only applicable to users with a real keyguard

     * ({@link UserInfo#supportsSwitchToByUser}) and unsecured managed profiles.

     * ({@link UserInfo#supportsSwitchToByUser}) and unsecured profiles.

     *

     *

     * If this is called due to an unlock operation set unlockedUser to prevent the lock from

     * If this is called due to an unlock operation set unlockedUser to prevent the lock from

     * being prematurely reset for that user while keyguard is still in the process of going away.

     * being prematurely reset for that user while keyguard is still in the process of going away.
@@ -820,7 +825,11 @@ public class TrustManagerService extends SystemService { 
            boolean secure = mLockPatternUtils.isSecure(id);

            boolean secure = mLockPatternUtils.isSecure(id);





            if (!info.supportsSwitchToByUser()) {

            if (!info.supportsSwitchToByUser()) {

                if (info.isManagedProfile() && !secure) {

                if (info.isProfile() && !secure

                        && !mLockPatternUtils.isProfileWithUnifiedChallenge(id)) {

                    // Unsecured profiles need to be explicitly set to false.

                    // However, Unified challenge profiles officially shouldn't have a presence in

                    // mDeviceLockedForUser at all, since that's not how they're tracked.

                    setDeviceLockedForUser(id, false);

                    setDeviceLockedForUser(id, false);

                }

                }

                continue;

                continue;
@@ -1780,6 +1789,7 @@ public class TrustManagerService extends SystemService { 
        }

        }

    }

    }





    /** If the userId has a parent, returns that parent's userId. Otherwise userId is returned. */

    private int resolveProfileParent(int userId) {

    private int resolveProfileParent(int userId) {

        final long identity = Binder.clearCallingIdentity();

        final long identity = Binder.clearCallingIdentity();

        try {

        try {