Loading services/core/java/com/android/server/biometrics/BiometricService.java +2 −3 Original line number Diff line number Diff line Loading @@ -760,7 +760,6 @@ public class BiometricService extends SystemService { @Override // Binder call public int canAuthenticate(String opPackageName) { checkPermission(); checkAppOp(opPackageName, Binder.getCallingUid()); final int userId = UserHandle.getCallingUserId(); final long ident = Binder.clearCallingIdentity(); Loading Loading @@ -833,9 +832,9 @@ public class BiometricService extends SystemService { } private void checkPermission() { if (getContext().checkCallingPermission(USE_FINGERPRINT) if (getContext().checkCallingOrSelfPermission(USE_FINGERPRINT) != PackageManager.PERMISSION_GRANTED) { getContext().enforceCallingPermission(USE_BIOMETRIC, getContext().enforceCallingOrSelfPermission(USE_BIOMETRIC, "Must have USE_BIOMETRIC permission"); } } Loading services/core/java/com/android/server/locksettings/LockSettingsService.java +7 −5 Original line number Diff line number Diff line Loading @@ -421,8 +421,9 @@ public class LockSettingsService extends ILockSettings.Stub { new PasswordSlotManager()); } public boolean hasBiometrics() { return BiometricManager.hasBiometrics(mContext); public boolean hasEnrolledBiometrics() { BiometricManager bm = mContext.getSystemService(BiometricManager.class); return bm.canAuthenticate() == BiometricManager.BIOMETRIC_SUCCESS; } public int binderGetCallingUid() { Loading Loading @@ -2502,7 +2503,8 @@ public class LockSettingsService extends ILockSettings.Stub { // TODO: When lockout is handled under the HAL for all biometrics (fingerprint), // we need to generate challenge for each one, have it signed by GK and reset lockout // for each modality. if (!hasChallenge && pm.hasSystemFeature(PackageManager.FEATURE_FACE)) { if (!hasChallenge && pm.hasSystemFeature(PackageManager.FEATURE_FACE) && mInjector.hasEnrolledBiometrics()) { challenge = mContext.getSystemService(FaceManager.class).generateChallenge(); } Loading Loading @@ -2544,8 +2546,8 @@ public class LockSettingsService extends ILockSettings.Stub { if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK) { notifyActivePasswordMetricsAvailable(credentialType, userCredential, userId); unlockKeystore(authResult.authToken.deriveKeyStorePassword(), userId); // Reset lockout if (mInjector.hasBiometrics()) { // Reset lockout only if user has enrolled templates if (mInjector.hasEnrolledBiometrics()) { BiometricManager bm = mContext.getSystemService(BiometricManager.class); Slog.i(TAG, "Resetting lockout, length: " + authResult.gkResponse.getPayload().length); Loading services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java +1 −1 Original line number Diff line number Diff line Loading @@ -110,7 +110,7 @@ public class LockSettingsServiceTestable extends LockSettingsService { } @Override public boolean hasBiometrics() { public boolean hasEnrolledBiometrics() { return false; } Loading Loading
services/core/java/com/android/server/biometrics/BiometricService.java +2 −3 Original line number Diff line number Diff line Loading @@ -760,7 +760,6 @@ public class BiometricService extends SystemService { @Override // Binder call public int canAuthenticate(String opPackageName) { checkPermission(); checkAppOp(opPackageName, Binder.getCallingUid()); final int userId = UserHandle.getCallingUserId(); final long ident = Binder.clearCallingIdentity(); Loading Loading @@ -833,9 +832,9 @@ public class BiometricService extends SystemService { } private void checkPermission() { if (getContext().checkCallingPermission(USE_FINGERPRINT) if (getContext().checkCallingOrSelfPermission(USE_FINGERPRINT) != PackageManager.PERMISSION_GRANTED) { getContext().enforceCallingPermission(USE_BIOMETRIC, getContext().enforceCallingOrSelfPermission(USE_BIOMETRIC, "Must have USE_BIOMETRIC permission"); } } Loading
services/core/java/com/android/server/locksettings/LockSettingsService.java +7 −5 Original line number Diff line number Diff line Loading @@ -421,8 +421,9 @@ public class LockSettingsService extends ILockSettings.Stub { new PasswordSlotManager()); } public boolean hasBiometrics() { return BiometricManager.hasBiometrics(mContext); public boolean hasEnrolledBiometrics() { BiometricManager bm = mContext.getSystemService(BiometricManager.class); return bm.canAuthenticate() == BiometricManager.BIOMETRIC_SUCCESS; } public int binderGetCallingUid() { Loading Loading @@ -2502,7 +2503,8 @@ public class LockSettingsService extends ILockSettings.Stub { // TODO: When lockout is handled under the HAL for all biometrics (fingerprint), // we need to generate challenge for each one, have it signed by GK and reset lockout // for each modality. if (!hasChallenge && pm.hasSystemFeature(PackageManager.FEATURE_FACE)) { if (!hasChallenge && pm.hasSystemFeature(PackageManager.FEATURE_FACE) && mInjector.hasEnrolledBiometrics()) { challenge = mContext.getSystemService(FaceManager.class).generateChallenge(); } Loading Loading @@ -2544,8 +2546,8 @@ public class LockSettingsService extends ILockSettings.Stub { if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK) { notifyActivePasswordMetricsAvailable(credentialType, userCredential, userId); unlockKeystore(authResult.authToken.deriveKeyStorePassword(), userId); // Reset lockout if (mInjector.hasBiometrics()) { // Reset lockout only if user has enrolled templates if (mInjector.hasEnrolledBiometrics()) { BiometricManager bm = mContext.getSystemService(BiometricManager.class); Slog.i(TAG, "Resetting lockout, length: " + authResult.gkResponse.getPayload().length); Loading
services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java +1 −1 Original line number Diff line number Diff line Loading @@ -110,7 +110,7 @@ public class LockSettingsServiceTestable extends LockSettingsService { } @Override public boolean hasBiometrics() { public boolean hasEnrolledBiometrics() { return false; } Loading
