Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dbece7a4 authored by Zachary Iqbal's avatar Zachary Iqbal
Browse files

Default Trust Agents are now always enforced. 

Notes:
- Even when the system has a trust agent initalized, the default trust agent will be used, if specified.

Bug: 37643316
Test: Manually set config.xml to whitelist agent.
Change-Id: Id7600798b85debbca21e2f87c3d3d6928494c1cb
parent 66319381

services/core/java/com/android/server/trust/TrustManagerService.java

+16 −13
Original line number Diff line number Diff line
@@ -67,6 +67,7 @@ import java.io.FileDescriptor; 
import java.io.IOException;

import java.io.PrintWriter;

import java.util.ArrayList;

import java.util.Collections;

import java.util.List;

import org.xmlpull.v1.XmlPullParser;

import org.xmlpull.v1.XmlPullParserException;
@@ -575,20 +576,22 @@ public class TrustManagerService extends SystemService { 
    }



    private void maybeEnableFactoryTrustAgents(LockPatternUtils utils, int userId) {

        ComponentName defaultAgent = getDefaultFactoryTrustAgent(mContext);

        boolean shouldUseDefaultAgent = defaultAgent != null;



        if (shouldUseDefaultAgent) {

            Log.i(TAG, "Enabling " + defaultAgent + " because it is a default agent.");

            utils.setEnabledTrustAgents(Collections.singleton(defaultAgent), userId);

        } else { // A default agent is not set; perform regular trust agent discovery

            if (0 != Settings.Secure.getIntForUser(mContext.getContentResolver(),

                    Settings.Secure.TRUST_AGENTS_INITIALIZED, 0, userId)) {

                return;

            }

            PackageManager pm = mContext.getPackageManager();

            List<ResolveInfo> resolveInfos = resolveAllowedTrustAgents(pm, userId);

        ComponentName defaultAgent = getDefaultFactoryTrustAgent(mContext);

        boolean shouldUseDefaultAgent = defaultAgent != null;



            ArraySet<ComponentName> discoveredAgents = new ArraySet<>();



        if (shouldUseDefaultAgent) {

            discoveredAgents.add(defaultAgent);

            Log.i(TAG, "Enabling " + defaultAgent + " because it is a default agent.");

        } else { // A default agent is not set; perform regular trust agent discovery

            for (ResolveInfo resolveInfo : resolveInfos) {

                ComponentName componentName = getComponentName(resolveInfo);

                int applicationInfoFlags = resolveInfo.serviceInfo.applicationInfo.flags;
@@ -599,13 +602,13 @@ public class TrustManagerService extends SystemService { 
                }

                discoveredAgents.add(componentName);

            }

        }



            List<ComponentName> previouslyEnabledAgents = utils.getEnabledTrustAgents(userId);

            if (previouslyEnabledAgents != null) {

                discoveredAgents.addAll(previouslyEnabledAgents);

            }

            utils.setEnabledTrustAgents(discoveredAgents, userId);

        }

        Settings.Secure.putIntForUser(mContext.getContentResolver(),

                Settings.Secure.TRUST_AGENTS_INITIALIZED, 1, userId);

    }