Accessibility no longer overrides strong encryption. (a6711ff6) · Commits · e / os / android_frameworks_base

core/java/android/view/AccessibilityManagerInternal.java

deleted100644 → 0

+0 −31

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2014 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		package android.view;

		/**
		* Accessibility manager local system service interface.
		*
		* @hide Only for use within the system server.
		*/
		public abstract class AccessibilityManagerInternal {

		/**
		* Queries if the accessibility manager service permits setting
		* a non-default encryption password.
		*/
		public abstract boolean isNonDefaultEncryptionPasswordAllowed();
		}

services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java

+0 −29

Original line number	Diff line number	Diff line
		@@ -67,7 +67,6 @@ import android.util.Pools.Pool;
		import android.util.Pools.SimplePool;
		import android.util.Slog;
		import android.util.SparseArray;
		import android.view.AccessibilityManagerInternal;
		import android.view.Display;
		import android.view.IWindow;
		import android.view.InputDevice;
		@@ -235,7 +234,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub {
		registerBroadcastReceivers();
		new AccessibilityContentObserver(mMainHandler).register(
		context.getContentResolver());
		LocalServices.addService(AccessibilityManagerInternal.class, new LocalService());
		}

		private UserState getUserStateLocked(int userId) {
		@@ -1331,7 +1329,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub {
		updateTouchExplorationLocked(userState);
		updateEnhancedWebAccessibilityLocked(userState);
		updateDisplayColorAdjustmentSettingsLocked(userState);
		updateEncryptionState(userState);
		scheduleUpdateInputFilter(userState);
		scheduleUpdateClientsIfNeededLocked(userState);
		}
		@@ -1608,22 +1605,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub {
		DisplayAdjustmentUtils.applyAdjustments(mContext, userState.mUserId);
		}

		private void updateEncryptionState(UserState userState) {
		if (userState.mUserId != UserHandle.USER_OWNER) {
		return;
		}
		final long identity = Binder.clearCallingIdentity();
		try {
		if (hasRunningServicesLocked(userState) && LockPatternUtils.isDeviceEncrypted()) {
		// If there are running accessibility services we do not have encryption as
		// the user needs the accessibility layer to be running to authenticate.
		mLockPatternUtils.clearEncryptionPassword();
		}
		} finally {
		Binder.restoreCallingIdentity(identity);
		}
		}

		private boolean hasRunningServicesLocked(UserState userState) {
		return !userState.mBoundServices.isEmpty() \|\| !userState.mBindingServices.isEmpty();
		}
		@@ -3969,14 +3950,4 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub {
		}
		}
		}

		private final class LocalService extends AccessibilityManagerInternal {
		@Override
		public boolean isNonDefaultEncryptionPasswordAllowed() {
		synchronized (mLock) {
		UserState userState = getCurrentUserStateLocked();
		return !hasRunningServicesLocked(userState);
		}
		}
		}
		}

services/core/java/com/android/server/MountService.java

+1 −15

Original line number	Diff line number	Diff line
		@@ -63,7 +63,6 @@ import android.util.AttributeSet;
		import android.util.Slog;
		import android.util.Xml;

		import android.view.AccessibilityManagerInternal;
		import com.android.internal.annotations.GuardedBy;
		import com.android.internal.annotations.VisibleForTesting;
		import com.android.internal.app.IMediaContainerService;
		@@ -558,8 +557,6 @@ class MountService extends IMountService.Stub

		private final Handler mHandler;

		private final AccessibilityManagerInternal mAccessibilityManagerInternal;

		void waitForAsecScan() {
		waitForLatch(mAsecsScanned);
		}
		@@ -1462,9 +1459,6 @@ class MountService extends IMountService.Stub
		hthread.start();
		mHandler = new MountServiceHandler(hthread.getLooper());

		mAccessibilityManagerInternal = LocalServices.getService(
		AccessibilityManagerInternal.class);

		// Watch for user changes
		final IntentFilter userFilter = new IntentFilter();
		userFilter.addAction(Intent.ACTION_USER_ADDED);
		@@ -2263,16 +2257,8 @@ class MountService extends IMountService.Stub
		Slog.i(TAG, "changing encryption password...");
		}

		final NativeDaemonEvent event;
		try {
		// The accessibility layer may veto having a non-default encryption
		// password because if there are enabled accessibility services the
		// user cannot authenticate as the latter need access to the data.
		if (!TextUtils.isEmpty(password)
		&& !mAccessibilityManagerInternal.isNonDefaultEncryptionPasswordAllowed()) {
		return getEncryptionState();
		}
		event = mConnector.execute("cryptfs", "changepw", CRYPTO_TYPES[type],
		NativeDaemonEvent event = mConnector.execute("cryptfs", "changepw", CRYPTO_TYPES[type],
		new SensitiveArg(toHex(password)));
		return Integer.parseInt(event.getMessage());
		} catch (NativeDaemonConnectorException e) {