Loading services/core/java/com/android/server/trust/TrustAgentWrapper.java +16 −11 Original line number Diff line number Diff line Loading @@ -122,16 +122,9 @@ public class TrustAgentWrapper { if (!TrustManagerService.ENABLE_ACTIVE_UNLOCK_FLAG) { return; } if (!mWaitingForTrustableDowngrade) { return; } // are these the broadcasts we want to listen to if (Intent.ACTION_SCREEN_OFF.equals(intent.getAction()) || Intent.ACTION_USER_PRESENT.equals(intent.getAction())) { mTrusted = false; mTrustable = true; mWaitingForTrustableDowngrade = false; mTrustManagerService.updateTrust(mUserId, 0); if (Intent.ACTION_SCREEN_OFF.equals(intent.getAction())) { downgradeToTrustable(); } } }; Loading Loading @@ -480,8 +473,7 @@ public class TrustAgentWrapper { final String pathUri = mAlarmIntent.toUri(Intent.URI_INTENT_SCHEME); alarmFilter.addDataPath(pathUri, PatternMatcher.PATTERN_LITERAL); IntentFilter trustableFilter = new IntentFilter(Intent.ACTION_USER_PRESENT); trustableFilter.addAction(Intent.ACTION_SCREEN_OFF); IntentFilter trustableFilter = new IntentFilter(Intent.ACTION_SCREEN_OFF); // Schedules a restart for when connecting times out. If the connection succeeds, // the restart is canceled in mCallback's onConnected. Loading Loading @@ -668,6 +660,19 @@ public class TrustAgentWrapper { mTrustable = false; } /** * Downgrades the trustagent to trustable as a result of a keyguard or screen related event, and * then updates the trust state of the phone to reflect the change. */ public void downgradeToTrustable() { if (mWaitingForTrustableDowngrade) { mWaitingForTrustableDowngrade = false; mTrusted = false; mTrustable = true; mTrustManagerService.updateTrust(mUserId, 0); } } public boolean isManagingTrust() { return mManagingTrust && !mTrustDisabledByDpm; } Loading services/core/java/com/android/server/trust/TrustManagerService.java +17 −0 Original line number Diff line number Diff line Loading @@ -1184,6 +1184,22 @@ public class TrustManagerService extends SystemService { return false; } /** * We downgrade to trustable whenever keyguard changes its showing value. * - becomes showing: something has caused the device to show keyguard which happens due to * user intent to lock the device either through direct action or a timeout * - becomes not showing: keyguard was dismissed and we no longer need to keep the device * unlocked * */ private void dispatchTrustableDowngrade() { for (int i = 0; i < mActiveAgents.size(); i++) { AgentInfo info = mActiveAgents.valueAt(i); if (info.userId == mCurrentUser) { info.agent.downgradeToTrustable(); } } } private List<String> getTrustGrantedMessages(int userId) { if (!mStrongAuthTracker.isTrustAllowedForUser(userId)) { return new ArrayList<>(); Loading Loading @@ -1752,6 +1768,7 @@ public class TrustManagerService extends SystemService { refreshDeviceLockedForUser(UserHandle.USER_ALL); break; case MSG_KEYGUARD_SHOWING_CHANGED: dispatchTrustableDowngrade(); refreshDeviceLockedForUser(mCurrentUser); break; case MSG_START_USER: Loading tests/TrustTests/src/android/trust/test/TemporaryAndRenewableTrustTest.kt +5 −6 Original line number Diff line number Diff line Loading @@ -29,7 +29,7 @@ import androidx.test.ext.junit.rules.ActivityScenarioRule import androidx.test.ext.junit.runners.AndroidJUnit4 import androidx.test.platform.app.InstrumentationRegistry.getInstrumentation import androidx.test.uiautomator.UiDevice import com.google.common.truth.Truth.assertThat import android.trust.test.lib.wait import org.junit.Before import org.junit.Rule import org.junit.Test Loading Loading @@ -74,9 +74,9 @@ class TemporaryAndRenewableTrustTest { uiDevice.sleep() lockStateTrackingRule.assertLocked() uiDevice.wakeUp() trustAgentRule.agent.grantTrust( GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} uiDevice.wakeUp() lockStateTrackingRule.assertLocked() } Loading @@ -98,9 +98,9 @@ class TemporaryAndRenewableTrustTest { lockStateTrackingRule.assertLocked() uiDevice.wakeUp() trustAgentRule.agent.grantTrust( GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} uiDevice.wakeUp() lockStateTrackingRule.assertUnlocked() } Loading @@ -116,6 +116,7 @@ class TemporaryAndRenewableTrustTest { uiDevice.sleep() lockStateTrackingRule.assertLocked() uiDevice.wakeUp() Log.i(TAG, "Renewing trust and unlocking") var result: GrantTrustResult? = null Loading @@ -124,10 +125,9 @@ class TemporaryAndRenewableTrustTest { Log.i(TAG, "Callback received; status=${it.status}") result = it } uiDevice.wakeUp() lockStateTrackingRule.assertUnlocked() assertThat(result?.status).isEqualTo(STATUS_UNLOCKED_BY_GRANT) wait("callback triggered") { result?.status == STATUS_UNLOCKED_BY_GRANT } } @Test Loading @@ -141,7 +141,6 @@ class TemporaryAndRenewableTrustTest { trustAgentRule.agent.revokeTrust() await(500) uiDevice.wakeUp() await(500) trustAgentRule.agent.grantTrust( GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} Loading Loading
services/core/java/com/android/server/trust/TrustAgentWrapper.java +16 −11 Original line number Diff line number Diff line Loading @@ -122,16 +122,9 @@ public class TrustAgentWrapper { if (!TrustManagerService.ENABLE_ACTIVE_UNLOCK_FLAG) { return; } if (!mWaitingForTrustableDowngrade) { return; } // are these the broadcasts we want to listen to if (Intent.ACTION_SCREEN_OFF.equals(intent.getAction()) || Intent.ACTION_USER_PRESENT.equals(intent.getAction())) { mTrusted = false; mTrustable = true; mWaitingForTrustableDowngrade = false; mTrustManagerService.updateTrust(mUserId, 0); if (Intent.ACTION_SCREEN_OFF.equals(intent.getAction())) { downgradeToTrustable(); } } }; Loading Loading @@ -480,8 +473,7 @@ public class TrustAgentWrapper { final String pathUri = mAlarmIntent.toUri(Intent.URI_INTENT_SCHEME); alarmFilter.addDataPath(pathUri, PatternMatcher.PATTERN_LITERAL); IntentFilter trustableFilter = new IntentFilter(Intent.ACTION_USER_PRESENT); trustableFilter.addAction(Intent.ACTION_SCREEN_OFF); IntentFilter trustableFilter = new IntentFilter(Intent.ACTION_SCREEN_OFF); // Schedules a restart for when connecting times out. If the connection succeeds, // the restart is canceled in mCallback's onConnected. Loading Loading @@ -668,6 +660,19 @@ public class TrustAgentWrapper { mTrustable = false; } /** * Downgrades the trustagent to trustable as a result of a keyguard or screen related event, and * then updates the trust state of the phone to reflect the change. */ public void downgradeToTrustable() { if (mWaitingForTrustableDowngrade) { mWaitingForTrustableDowngrade = false; mTrusted = false; mTrustable = true; mTrustManagerService.updateTrust(mUserId, 0); } } public boolean isManagingTrust() { return mManagingTrust && !mTrustDisabledByDpm; } Loading
services/core/java/com/android/server/trust/TrustManagerService.java +17 −0 Original line number Diff line number Diff line Loading @@ -1184,6 +1184,22 @@ public class TrustManagerService extends SystemService { return false; } /** * We downgrade to trustable whenever keyguard changes its showing value. * - becomes showing: something has caused the device to show keyguard which happens due to * user intent to lock the device either through direct action or a timeout * - becomes not showing: keyguard was dismissed and we no longer need to keep the device * unlocked * */ private void dispatchTrustableDowngrade() { for (int i = 0; i < mActiveAgents.size(); i++) { AgentInfo info = mActiveAgents.valueAt(i); if (info.userId == mCurrentUser) { info.agent.downgradeToTrustable(); } } } private List<String> getTrustGrantedMessages(int userId) { if (!mStrongAuthTracker.isTrustAllowedForUser(userId)) { return new ArrayList<>(); Loading Loading @@ -1752,6 +1768,7 @@ public class TrustManagerService extends SystemService { refreshDeviceLockedForUser(UserHandle.USER_ALL); break; case MSG_KEYGUARD_SHOWING_CHANGED: dispatchTrustableDowngrade(); refreshDeviceLockedForUser(mCurrentUser); break; case MSG_START_USER: Loading
tests/TrustTests/src/android/trust/test/TemporaryAndRenewableTrustTest.kt +5 −6 Original line number Diff line number Diff line Loading @@ -29,7 +29,7 @@ import androidx.test.ext.junit.rules.ActivityScenarioRule import androidx.test.ext.junit.runners.AndroidJUnit4 import androidx.test.platform.app.InstrumentationRegistry.getInstrumentation import androidx.test.uiautomator.UiDevice import com.google.common.truth.Truth.assertThat import android.trust.test.lib.wait import org.junit.Before import org.junit.Rule import org.junit.Test Loading Loading @@ -74,9 +74,9 @@ class TemporaryAndRenewableTrustTest { uiDevice.sleep() lockStateTrackingRule.assertLocked() uiDevice.wakeUp() trustAgentRule.agent.grantTrust( GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} uiDevice.wakeUp() lockStateTrackingRule.assertLocked() } Loading @@ -98,9 +98,9 @@ class TemporaryAndRenewableTrustTest { lockStateTrackingRule.assertLocked() uiDevice.wakeUp() trustAgentRule.agent.grantTrust( GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} uiDevice.wakeUp() lockStateTrackingRule.assertUnlocked() } Loading @@ -116,6 +116,7 @@ class TemporaryAndRenewableTrustTest { uiDevice.sleep() lockStateTrackingRule.assertLocked() uiDevice.wakeUp() Log.i(TAG, "Renewing trust and unlocking") var result: GrantTrustResult? = null Loading @@ -124,10 +125,9 @@ class TemporaryAndRenewableTrustTest { Log.i(TAG, "Callback received; status=${it.status}") result = it } uiDevice.wakeUp() lockStateTrackingRule.assertUnlocked() assertThat(result?.status).isEqualTo(STATUS_UNLOCKED_BY_GRANT) wait("callback triggered") { result?.status == STATUS_UNLOCKED_BY_GRANT } } @Test Loading @@ -141,7 +141,6 @@ class TemporaryAndRenewableTrustTest { trustAgentRule.agent.revokeTrust() await(500) uiDevice.wakeUp() await(500) trustAgentRule.agent.grantTrust( GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} Loading
