Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c5f95cea authored by Adrian Roos's avatar Adrian Roos
Browse files

Restart trust agents when updated or when they are dead 

ActivityManager restarts the trust agent service for us
when it gets killed automatically. This does not apply
when its process crashes too often or when its package
gets updated however.
To catch the update case, the trust agent connection
is removed as soon as the package disappears, and then
readded when the new package appears.
To catch the repeated crashing case, the connection is
reset if it hasn't successfully connected for several minutes.

Also adds a button to SampleTrustAgent to simulate a crash.

Bug: 16137258
Change-Id: I1b18fc7a3025e23e25ca1623b6af658d5430a94b
parent 866cf65c

packages/Keyguard/test/SampleTrustAgent/AndroidManifest.xml

+4 −0
Original line number Diff line number Diff line
@@ -38,6 +38,10 @@ 
          android:label="@string/app_name"

          android:exported="true"

          android:launchMode="singleInstance" >

          <intent-filter>

              <action android:name="android.intent.action.MAIN" />

              <category android:name="android.intent.category.LAUNCHER" />

          </intent-filter>

      </activity>

    </application>

</manifest>

packages/Keyguard/test/SampleTrustAgent/res/layout/sample_trust_agent_settings.xml

+7 −3
Original line number Diff line number Diff line
@@ -28,6 +28,10 @@ 
            android:layout_width="match_parent"

            android:layout_height="wrap_content"

            android:text="Revoke trust" />

    <Button android:id="@+id/crash"

            android:layout_width="match_parent"

            android:layout_height="wrap_content"

            android:text="Crash" />

    <CheckBox android:id="@+id/report_unlock_attempts"

            android:layout_width="match_parent"

            android:layout_height="wrap_content"

packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgentSettings.java

+3 −0
Original line number Diff line number Diff line
@@ -37,6 +37,7 @@ public class SampleTrustAgentSettings extends Activity implements View.OnClickLi 


        findViewById(R.id.enable_trust).setOnClickListener(this);

        findViewById(R.id.revoke_trust).setOnClickListener(this);

        findViewById(R.id.crash).setOnClickListener(this);



        mReportUnlockAttempts = (CheckBox) findViewById(R.id.report_unlock_attempts);

        mReportUnlockAttempts.setOnCheckedChangeListener(this);
@@ -56,6 +57,8 @@ public class SampleTrustAgentSettings extends Activity implements View.OnClickLi 
                    null /* extra */);

        } else if (id == R.id.revoke_trust) {

            SampleTrustAgent.sendRevokeTrust(this);

        } else if (id == R.id.crash) {

            throw new RuntimeException("crash");

        }

    }

services/core/java/com/android/server/trust/TrustAgentWrapper.java

+48 −3
Original line number Diff line number Diff line
@@ -24,6 +24,7 @@ import android.os.Handler; 
import android.os.IBinder;

import android.os.Message;

import android.os.RemoteException;

import android.os.SystemClock;

import android.os.UserHandle;

import android.util.Log;

import android.util.Slog;
@@ -41,6 +42,13 @@ public class TrustAgentWrapper { 
    private static final int MSG_GRANT_TRUST = 1;

    private static final int MSG_REVOKE_TRUST = 2;

    private static final int MSG_TRUST_TIMEOUT = 3;

    private static final int MSG_RESTART_TIMEOUT = 4;



    /**

     * Time in uptime millis that we wait for the service connection, both when starting

     * and when the service disconnects.

     */

    private static final long RESTART_TIMEOUT_MILLIS = 5 * 60000;



    /**

     * Long extra for {@link #MSG_GRANT_TRUST}
@@ -53,6 +61,8 @@ public class TrustAgentWrapper { 
    private final ComponentName mName;



    private ITrustAgentService mTrustAgentService;

    private boolean mBound;

    private long mScheduledRestartUptimeMillis;



    // Trust state

    private boolean mTrusted;
@@ -95,6 +105,10 @@ public class TrustAgentWrapper { 
                    }

                    mTrustManagerService.updateTrust(mUserId);

                    break;

                case MSG_RESTART_TIMEOUT:

                    unbind();

                    mTrustManagerService.resetAgent(mName, mUserId);

                    break;

            }

        }

    };
@@ -123,6 +137,7 @@ public class TrustAgentWrapper { 
        @Override

        public void onServiceConnected(ComponentName name, IBinder service) {

            if (DEBUG) Log.v(TAG, "TrustAgent started : " + name.flattenToString());

            mHandler.removeMessages(MSG_RESTART_TIMEOUT);

            mTrustAgentService = ITrustAgentService.Stub.asInterface(service);

            mTrustManagerService.mArchive.logAgentConnected(mUserId, name);

            setCallback(mCallback);
@@ -134,6 +149,9 @@ public class TrustAgentWrapper { 
            mTrustAgentService = null;

            mTrustManagerService.mArchive.logAgentDied(mUserId, name);

            mHandler.sendEmptyMessage(MSG_REVOKE_TRUST);

            if (mBound) {

                scheduleRestart();

            }

        }

    };
@@ -144,9 +162,12 @@ public class TrustAgentWrapper { 
        mTrustManagerService = trustManagerService;

        mUserId = user.getIdentifier();

        mName = intent.getComponent();

        if (!context.bindServiceAsUser(intent, mConnection, Context.BIND_AUTO_CREATE, user)) {

            if (DEBUG) Log.v(TAG, "can't bind to TrustAgent " + mName.flattenToShortString());

            // TODO: retry somehow?

        // Schedules a restart for when connecting times out. If the connection succeeds,

        // the restart is canceled in mCallback's onConnected.

        scheduleRestart();

        mBound = context.bindServiceAsUser(intent, mConnection, Context.BIND_AUTO_CREATE, user);

        if (!mBound) {

            Log.e(TAG, "Can't bind to TrustAgent " + mName.flattenToShortString());

        }

    }
@@ -184,14 +205,38 @@ public class TrustAgentWrapper { 
    }



    public void unbind() {

        if (!mBound) {

            return;

        }

        if (DEBUG) Log.v(TAG, "TrustAgent unbound : " + mName.flattenToShortString());

        mTrustManagerService.mArchive.logAgentStopped(mUserId, mName);

        mContext.unbindService(mConnection);

        mBound = false;

        mTrustAgentService = null;

        mHandler.sendEmptyMessage(MSG_REVOKE_TRUST);

        mHandler.removeMessages(MSG_RESTART_TIMEOUT);

    }



    public boolean isConnected() {

        return mTrustAgentService != null;

    }



    public boolean isBound() {

        return mBound;

    }



    /**

     * If not connected, returns the time at which the agent is restarted.

     *

     * @return restart time in uptime millis.

     */

    public long getScheduledRestartUptimeMillis() {

        return mScheduledRestartUptimeMillis;

    }



    private void scheduleRestart() {

        mHandler.removeMessages(MSG_RESTART_TIMEOUT);

        mScheduledRestartUptimeMillis = SystemClock.uptimeMillis() + RESTART_TIMEOUT_MILLIS;

        mHandler.sendEmptyMessageAtTime(MSG_RESTART_TIMEOUT, mScheduledRestartUptimeMillis);

    }

}

services/core/java/com/android/server/trust/TrustArchive.java

+1 −1
Original line number Diff line number Diff line
@@ -130,7 +130,7 @@ public class TrustArchive { 
        }

    }



    private static String formatDuration(long duration) {

    public static String formatDuration(long duration) {

        StringBuilder sb = new StringBuilder();

        TimeUtils.formatDuration(duration, sb);

        return sb.toString();