Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cd410ba4 authored by Amith Yamasani's avatar Amith Yamasani
Browse files

Use the correct method to check if device is encrypted 

DPM's method will return false if encrypted by default password,
preventing the changing of encryption password to lockscreen password.

Check if the device is encrypted by some means, instead.

Also fix a SecurityException when Device Admin queries encryption state
(recent regression)

Bug: 17881324
Change-Id: Id897e61c5e254ab3f8dc569285428a73005303ea
parent fe511970

core/java/com/android/internal/widget/LockPatternUtils.java

+1 −4
Original line number Diff line number Diff line
@@ -728,12 +728,9 @@ public class LockPatternUtils { 


    /** Update the encryption password if it is enabled **/

    private void updateEncryptionPassword(final int type, final String password) {

        DevicePolicyManager dpm = getDevicePolicyManager();

        if (dpm.getStorageEncryptionStatus(getCurrentOrCallingUserId())

                != DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE) {

        if (!isDeviceEncryptionEnabled()) {

            return;

        }



        final IBinder service = ServiceManager.getService("mount");

        if (service == null) {

            Log.e(TAG, "Could not find the mount service to update the encryption password");

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+8 −3
Original line number Diff line number Diff line
@@ -3390,9 +3390,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
    private int getEncryptionStatus() {

        String status = SystemProperties.get("ro.crypto.state", "unsupported");

        if ("encrypted".equalsIgnoreCase(status)) {

            final long token = Binder.clearCallingIdentity();

            try {

                return LockPatternUtils.isDeviceEncrypted()

                        ? DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE

                        : DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE;

            } finally {

                Binder.restoreCallingIdentity(token);

            }

        } else if ("unencrypted".equalsIgnoreCase(status)) {

            return DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE;

        } else {