Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dbd2410f authored by Xiaozhen Lin's avatar Xiaozhen Lin
Browse files

Allow toggling USB data access in lockdown mode 

This change introduces a toggle within lockdown mode settings to enable/disable USB data access while maintaining other security restrictions.

Bug: 287498482
Test: manual testing
Change-Id: I32db2a5892aa6e132a15e5a5729baef5e78cda48
parent b8e8bee3

services/usb/java/com/android/server/usb/UsbService.java

+36 −0
Original line number Diff line number Diff line
@@ -48,6 +48,7 @@ import android.hardware.usb.UsbPort; 
import android.hardware.usb.UsbPortStatus;

import android.os.Binder;

import android.os.Bundle;

import android.os.Looper;

import android.os.ParcelFileDescriptor;

import android.os.RemoteException;

import android.os.UserHandle;
@@ -65,6 +66,7 @@ import com.android.internal.util.DumpUtils; 
import com.android.internal.util.IndentingPrintWriter;

import com.android.internal.util.Preconditions;

import com.android.internal.util.dump.DualDumpOutputStream;

import com.android.internal.widget.LockPatternUtils;

import com.android.server.FgThread;

import com.android.server.SystemServerInitThreadPool;

import com.android.server.SystemService;
@@ -151,6 +153,7 @@ public class UsbService extends IUsbManager.Stub { 
    private final UsbPermissionManager mPermissionManager;



    static final int PACKAGE_MONITOR_OPERATION_ID = 1;

    static final int STRONG_AUTH_OPERATION_ID = 2;

    /**

     * The user id of the current user. There might be several profiles (with separate user ids)

     * per user.
@@ -272,6 +275,10 @@ public class UsbService extends IUsbManager.Stub { 
        if (android.hardware.usb.flags.Flags.enableUsbDataSignalStaking()) {

            new PackageUninstallMonitor()

                    .register(mContext, UserHandle.ALL, BackgroundThread.getHandler());



            new LockPatternUtils(mContext)

                    .registerStrongAuthTracker(new StrongAuthTracker(mContext,

                            BackgroundThread.getHandler().getLooper()));

        }

    }
@@ -1394,4 +1401,33 @@ public class UsbService extends IUsbManager.Stub { 
            }

        }

    }



    /**

     * Implements a callback within StrongAuthTracker to disable USB data signaling

     * when the device enters lockdown mode. This likely involves updating a state

     * that controls USB data behavior.

     */

    private class StrongAuthTracker extends LockPatternUtils.StrongAuthTracker {

        private boolean mLockdownModeStatus;



        StrongAuthTracker(Context context, Looper looper) {

            super(context, looper);

        }



        @Override

        public synchronized void onStrongAuthRequiredChanged(int userId) {



            boolean lockDownTriggeredByUser = (getStrongAuthForUser(userId)

                    & STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN) != 0;

            //if it goes into the same lockdown status, no change is needed

            if (mLockdownModeStatus == lockDownTriggeredByUser) {

                return;

            }

            mLockdownModeStatus = lockDownTriggeredByUser;

            for (UsbPort port: mPortManager.getPorts()) {

                enableUsbData(port.getId(), !lockDownTriggeredByUser, STRONG_AUTH_OPERATION_ID,

                        new IUsbOperationInternal.Default());

            }

        }

    }

}