Loading packages/SystemUI/src/com/android/keyguard/KeyguardListenModel.kt +1 −1 Original line number Original line Diff line number Diff line Loading @@ -26,7 +26,6 @@ data class KeyguardFingerprintListenModel( val credentialAttempted: Boolean, val credentialAttempted: Boolean, val deviceInteractive: Boolean, val deviceInteractive: Boolean, val dreaming: Boolean, val dreaming: Boolean, val encryptedOrLockdown: Boolean, val fingerprintDisabled: Boolean, val fingerprintDisabled: Boolean, val fingerprintLockedOut: Boolean, val fingerprintLockedOut: Boolean, val goingToSleep: Boolean, val goingToSleep: Boolean, Loading @@ -37,6 +36,7 @@ data class KeyguardFingerprintListenModel( val primaryUser: Boolean, val primaryUser: Boolean, val shouldListenSfpsState: Boolean, val shouldListenSfpsState: Boolean, val shouldListenForFingerprintAssistant: Boolean, val shouldListenForFingerprintAssistant: Boolean, val strongerAuthRequired: Boolean, val switchingUser: Boolean, val switchingUser: Boolean, val udfps: Boolean, val udfps: Boolean, val userDoesNotHaveTrust: Boolean val userDoesNotHaveTrust: Boolean Loading packages/SystemUI/src/com/android/keyguard/KeyguardSecurityContainerController.java +5 −3 Original line number Original line Diff line number Diff line Loading @@ -363,16 +363,18 @@ public class KeyguardSecurityContainerController extends ViewController<Keyguard final boolean sfpsEnabled = getResources().getBoolean( final boolean sfpsEnabled = getResources().getBoolean( R.bool.config_show_sidefps_hint_on_bouncer); R.bool.config_show_sidefps_hint_on_bouncer); final boolean fpsDetectionRunning = mUpdateMonitor.isFingerprintDetectionRunning(); final boolean fpsDetectionRunning = mUpdateMonitor.isFingerprintDetectionRunning(); final boolean needsStrongAuth = mUpdateMonitor.userNeedsStrongAuth(); final boolean isUnlockingWithFpAllowed = mUpdateMonitor.isUnlockingWithFingerprintAllowed(); boolean toShow = mBouncerVisible && sfpsEnabled && fpsDetectionRunning && !needsStrongAuth; boolean toShow = mBouncerVisible && sfpsEnabled && fpsDetectionRunning && isUnlockingWithFpAllowed; if (DEBUG) { if (DEBUG) { Log.d(TAG, "sideFpsToShow=" + toShow + ", " Log.d(TAG, "sideFpsToShow=" + toShow + ", " + "mBouncerVisible=" + mBouncerVisible + ", " + "mBouncerVisible=" + mBouncerVisible + ", " + "configEnabled=" + sfpsEnabled + ", " + "configEnabled=" + sfpsEnabled + ", " + "fpsDetectionRunning=" + fpsDetectionRunning + ", " + "fpsDetectionRunning=" + fpsDetectionRunning + ", " + "needsStrongAuth=" + needsStrongAuth); + "isUnlockingWithFpAllowed=" + isUnlockingWithFpAllowed); } } if (toShow) { if (toShow) { mSideFpsController.get().show(SideFpsUiRequestSource.PRIMARY_BOUNCER); mSideFpsController.get().show(SideFpsUiRequestSource.PRIMARY_BOUNCER); Loading packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java +92 −59 Original line number Original line Diff line number Diff line Loading @@ -27,6 +27,8 @@ import static android.hardware.biometrics.BiometricConstants.BIOMETRIC_LOCKOUT_P import static android.hardware.biometrics.BiometricConstants.BIOMETRIC_LOCKOUT_TIMED; import static android.hardware.biometrics.BiometricConstants.BIOMETRIC_LOCKOUT_TIMED; import static android.hardware.biometrics.BiometricConstants.LockoutMode; import static android.hardware.biometrics.BiometricConstants.LockoutMode; import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ACQUIRED_START; import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ACQUIRED_START; import static android.hardware.biometrics.BiometricSourceType.FACE; import static android.hardware.biometrics.BiometricSourceType.FINGERPRINT; import static android.os.BatteryManager.BATTERY_STATUS_UNKNOWN; import static android.os.BatteryManager.BATTERY_STATUS_UNKNOWN; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT; Loading Loading @@ -228,7 +230,15 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab * Biometric authentication: Cancelling and waiting for the relevant biometric service to * Biometric authentication: Cancelling and waiting for the relevant biometric service to * send us the confirmation that cancellation has happened. * send us the confirmation that cancellation has happened. */ */ private static final int BIOMETRIC_STATE_CANCELLING = 2; @VisibleForTesting protected static final int BIOMETRIC_STATE_CANCELLING = 2; /** * Biometric state: During cancelling we got another request to start listening, so when we * receive the cancellation done signal, we should start listening again. */ @VisibleForTesting protected static final int BIOMETRIC_STATE_CANCELLING_RESTARTING = 3; /** /** * Action indicating keyguard *can* start biometric authentiation. * Action indicating keyguard *can* start biometric authentiation. Loading @@ -243,12 +253,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab */ */ private static final int BIOMETRIC_ACTION_UPDATE = 2; private static final int BIOMETRIC_ACTION_UPDATE = 2; /** * Biometric state: During cancelling we got another request to start listening, so when we * receive the cancellation done signal, we should start listening again. */ private static final int BIOMETRIC_STATE_CANCELLING_RESTARTING = 3; @VisibleForTesting @VisibleForTesting public static final int BIOMETRIC_HELP_FINGERPRINT_NOT_RECOGNIZED = -1; public static final int BIOMETRIC_HELP_FINGERPRINT_NOT_RECOGNIZED = -1; public static final int BIOMETRIC_HELP_FACE_NOT_RECOGNIZED = -2; public static final int BIOMETRIC_HELP_FACE_NOT_RECOGNIZED = -2; Loading Loading @@ -356,7 +360,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab private KeyguardBypassController mKeyguardBypassController; private KeyguardBypassController mKeyguardBypassController; private List<SubscriptionInfo> mSubscriptionInfo; private List<SubscriptionInfo> mSubscriptionInfo; private int mFingerprintRunningState = BIOMETRIC_STATE_STOPPED; @VisibleForTesting protected int mFingerprintRunningState = BIOMETRIC_STATE_STOPPED; private int mFaceRunningState = BIOMETRIC_STATE_STOPPED; private int mFaceRunningState = BIOMETRIC_STATE_STOPPED; private boolean mIsDreaming; private boolean mIsDreaming; private boolean mLogoutEnabled; private boolean mLogoutEnabled; Loading Loading @@ -790,7 +795,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab new BiometricAuthenticated(true, isStrongBiometric)); new BiometricAuthenticated(true, isStrongBiometric)); // Update/refresh trust state only if user can skip bouncer // Update/refresh trust state only if user can skip bouncer if (getUserCanSkipBouncer(userId)) { if (getUserCanSkipBouncer(userId)) { mTrustManager.unlockedByBiometricForUser(userId, BiometricSourceType.FINGERPRINT); mTrustManager.unlockedByBiometricForUser(userId, FINGERPRINT); } } // Don't send cancel if authentication succeeds // Don't send cancel if authentication succeeds mFingerprintCancelSignal = null; mFingerprintCancelSignal = null; Loading @@ -800,7 +805,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAuthenticated(userId, BiometricSourceType.FINGERPRINT, cb.onBiometricAuthenticated(userId, FINGERPRINT, isStrongBiometric); isStrongBiometric); } } } } Loading Loading @@ -833,7 +838,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAuthFailed(BiometricSourceType.FINGERPRINT); cb.onBiometricAuthFailed(FINGERPRINT); } } } } if (isUdfpsSupported()) { if (isUdfpsSupported()) { Loading @@ -858,7 +863,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAcquired(BiometricSourceType.FINGERPRINT, acquireInfo); cb.onBiometricAcquired(FINGERPRINT, acquireInfo); } } } } } } Loading Loading @@ -892,7 +897,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricHelp(msgId, helpString, BiometricSourceType.FINGERPRINT); cb.onBiometricHelp(msgId, helpString, FINGERPRINT); } } } } } } Loading Loading @@ -944,7 +949,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab if (msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) { if (msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) { lockedOutStateChanged = !mFingerprintLockedOutPermanent; lockedOutStateChanged = !mFingerprintLockedOutPermanent; mFingerprintLockedOutPermanent = true; mFingerprintLockedOutPermanent = true; mLogger.d("Fingerprint locked out - requiring strong auth"); mLogger.d("Fingerprint permanently locked out - requiring stronger auth"); mLockPatternUtils.requireStrongAuth( mLockPatternUtils.requireStrongAuth( STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, getCurrentUser()); STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, getCurrentUser()); } } Loading @@ -953,6 +958,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab || msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) { || msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) { lockedOutStateChanged |= !mFingerprintLockedOut; lockedOutStateChanged |= !mFingerprintLockedOut; mFingerprintLockedOut = true; mFingerprintLockedOut = true; mLogger.d("Fingerprint temporarily locked out - requiring stronger auth"); if (isUdfpsEnrolled()) { if (isUdfpsEnrolled()) { updateFingerprintListeningState(BIOMETRIC_ACTION_UPDATE); updateFingerprintListeningState(BIOMETRIC_ACTION_UPDATE); } } Loading @@ -963,12 +969,12 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricError(msgId, errString, BiometricSourceType.FINGERPRINT); cb.onBiometricError(msgId, errString, FINGERPRINT); } } } } if (lockedOutStateChanged) { if (lockedOutStateChanged) { notifyLockedOutStateChanged(BiometricSourceType.FINGERPRINT); notifyLockedOutStateChanged(FINGERPRINT); } } } } Loading Loading @@ -996,7 +1002,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab } } if (changed) { if (changed) { notifyLockedOutStateChanged(BiometricSourceType.FINGERPRINT); notifyLockedOutStateChanged(FINGERPRINT); } } } } Loading @@ -1019,7 +1025,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricRunningStateChanged(isFingerprintDetectionRunning(), cb.onBiometricRunningStateChanged(isFingerprintDetectionRunning(), BiometricSourceType.FINGERPRINT); FINGERPRINT); } } } } } } Loading @@ -1032,7 +1038,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab new BiometricAuthenticated(true, isStrongBiometric)); new BiometricAuthenticated(true, isStrongBiometric)); // Update/refresh trust state only if user can skip bouncer // Update/refresh trust state only if user can skip bouncer if (getUserCanSkipBouncer(userId)) { if (getUserCanSkipBouncer(userId)) { mTrustManager.unlockedByBiometricForUser(userId, BiometricSourceType.FACE); mTrustManager.unlockedByBiometricForUser(userId, FACE); } } // Don't send cancel if authentication succeeds // Don't send cancel if authentication succeeds mFaceCancelSignal = null; mFaceCancelSignal = null; Loading @@ -1043,7 +1049,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAuthenticated(userId, cb.onBiometricAuthenticated(userId, BiometricSourceType.FACE, FACE, isStrongBiometric); isStrongBiometric); } } } } Loading @@ -1065,7 +1071,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAuthFailed(BiometricSourceType.FACE); cb.onBiometricAuthFailed(FACE); } } } } handleFaceHelp(BIOMETRIC_HELP_FACE_NOT_RECOGNIZED, handleFaceHelp(BIOMETRIC_HELP_FACE_NOT_RECOGNIZED, Loading @@ -1078,7 +1084,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAcquired(BiometricSourceType.FACE, acquireInfo); cb.onBiometricAcquired(FACE, acquireInfo); } } } } } } Loading Loading @@ -1113,7 +1119,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricHelp(msgId, helpString, BiometricSourceType.FACE); cb.onBiometricHelp(msgId, helpString, FACE); } } } } } } Loading Loading @@ -1181,12 +1187,12 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricError(msgId, errString, cb.onBiometricError(msgId, errString, BiometricSourceType.FACE); FACE); } } } } if (lockedOutStateChanged) { if (lockedOutStateChanged) { notifyLockedOutStateChanged(BiometricSourceType.FACE); notifyLockedOutStateChanged(FACE); } } } } Loading @@ -1200,7 +1206,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab FACE_AUTH_TRIGGERED_FACE_LOCKOUT_RESET), getBiometricLockoutDelay()); FACE_AUTH_TRIGGERED_FACE_LOCKOUT_RESET), getBiometricLockoutDelay()); if (changed) { if (changed) { notifyLockedOutStateChanged(BiometricSourceType.FACE); notifyLockedOutStateChanged(FACE); } } } } Loading @@ -1223,7 +1229,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricRunningStateChanged(isFaceDetectionRunning(), cb.onBiometricRunningStateChanged(isFaceDetectionRunning(), BiometricSourceType.FACE); FACE); } } } } } } Loading Loading @@ -1364,7 +1370,39 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab } } public boolean isUnlockingWithBiometricAllowed(boolean isStrongBiometric) { public boolean isUnlockingWithBiometricAllowed(boolean isStrongBiometric) { return mStrongAuthTracker.isUnlockingWithBiometricAllowed(isStrongBiometric); // StrongAuthTracker#isUnlockingWithBiometricAllowed includes // STRONG_AUTH_REQUIRED_AFTER_LOCKOUT which is the same as mFingerprintLockedOutPermanent; // however the strong auth tracker does not include the temporary lockout // mFingerprintLockedOut. return mStrongAuthTracker.isUnlockingWithBiometricAllowed(isStrongBiometric) && !mFingerprintLockedOut; } private boolean isUnlockingWithFaceAllowed() { return mStrongAuthTracker.isUnlockingWithBiometricAllowed(false); } /** * Whether fingerprint is allowed ot be used for unlocking based on the strongAuthTracker * and temporary lockout state (tracked by FingerprintManager via error codes). */ public boolean isUnlockingWithFingerprintAllowed() { return isUnlockingWithBiometricAllowed(true); } /** * Whether the given biometric is allowed based on strongAuth & lockout states. */ public boolean isUnlockingWithBiometricAllowed( @NonNull BiometricSourceType biometricSourceType) { switch (biometricSourceType) { case FINGERPRINT: return isUnlockingWithFingerprintAllowed(); case FACE: return isUnlockingWithFaceAllowed(); default: return false; } } } public boolean isUserInLockdown(int userId) { public boolean isUserInLockdown(int userId) { Loading @@ -1386,11 +1424,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab return isEncrypted || isLockDown; return isEncrypted || isLockDown; } } public boolean userNeedsStrongAuth() { return mStrongAuthTracker.getStrongAuthForUser(getCurrentUser()) != LockPatternUtils.StrongAuthTracker.STRONG_AUTH_NOT_REQUIRED; } private boolean containsFlag(int haystack, int needle) { private boolean containsFlag(int haystack, int needle) { return (haystack & needle) != 0; return (haystack & needle) != 0; } } Loading Loading @@ -1560,12 +1593,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab } } }; }; private final FingerprintManager.FingerprintDetectionCallback mFingerprintDetectionCallback = (sensorId, userId, isStrongBiometric) -> { // Trigger the fingerprint success path so the bouncer can be shown handleFingerprintAuthenticated(userId, isStrongBiometric); }; /** /** * Propagates a pointer down event to keyguard. * Propagates a pointer down event to keyguard. */ */ Loading Loading @@ -2636,27 +2663,25 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab && (!mKeyguardGoingAway || !mDeviceInteractive) && (!mKeyguardGoingAway || !mDeviceInteractive) && mIsPrimaryUser && mIsPrimaryUser && biometricEnabledForUser; && biometricEnabledForUser; final boolean strongerAuthRequired = !isUnlockingWithFingerprintAllowed(); final boolean shouldListenBouncerState = !(mFingerprintLockedOut final boolean isSideFps = isSfpsSupported() && isSfpsEnrolled(); && mPrimaryBouncerIsOrWillBeShowing && mCredentialAttempted); final boolean shouldListenBouncerState = !strongerAuthRequired || !mPrimaryBouncerIsOrWillBeShowing; final boolean isEncryptedOrLockdownForUser = isEncryptedOrLockdown(user); final boolean shouldListenUdfpsState = !isUdfps final boolean shouldListenUdfpsState = !isUdfps || (!userCanSkipBouncer || (!userCanSkipBouncer && !isEncryptedOrLockdownForUser && !strongerAuthRequired && userDoesNotHaveTrust); && userDoesNotHaveTrust); boolean shouldListenSideFpsState = true; boolean shouldListenSideFpsState = true; if (isSfpsSupported() && isSfpsEnrolled()) { if (isSideFps) { shouldListenSideFpsState = shouldListenSideFpsState = mSfpsRequireScreenOnToAuthPrefEnabled ? isDeviceInteractive() : true; mSfpsRequireScreenOnToAuthPrefEnabled ? isDeviceInteractive() : true; } } boolean shouldListen = shouldListenKeyguardState && shouldListenUserState boolean shouldListen = shouldListenKeyguardState && shouldListenUserState && shouldListenBouncerState && shouldListenUdfpsState && !isFingerprintLockedOut() && shouldListenBouncerState && shouldListenUdfpsState && shouldListenSideFpsState; && shouldListenSideFpsState; maybeLogListenerModelData( maybeLogListenerModelData( new KeyguardFingerprintListenModel( new KeyguardFingerprintListenModel( System.currentTimeMillis(), System.currentTimeMillis(), Loading @@ -2668,7 +2693,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab mCredentialAttempted, mCredentialAttempted, mDeviceInteractive, mDeviceInteractive, mIsDreaming, mIsDreaming, isEncryptedOrLockdownForUser, fingerprintDisabledForUser, fingerprintDisabledForUser, mFingerprintLockedOut, mFingerprintLockedOut, mGoingToSleep, mGoingToSleep, Loading @@ -2679,6 +2703,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab mIsPrimaryUser, mIsPrimaryUser, shouldListenSideFpsState, shouldListenSideFpsState, shouldListenForFingerprintAssistant, shouldListenForFingerprintAssistant, strongerAuthRequired, mSwitchingUser, mSwitchingUser, isUdfps, isUdfps, userDoesNotHaveTrust)); userDoesNotHaveTrust)); Loading Loading @@ -2706,10 +2731,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab final boolean isEncryptedOrTimedOut = final boolean isEncryptedOrTimedOut = containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT) containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT) || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_TIMEOUT); || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_TIMEOUT); final boolean fpLockedOut = isFingerprintLockedOut(); // TODO: always disallow when fp is already locked out? final boolean fpLockedOut = mFingerprintLockedOut || mFingerprintLockedOutPermanent; final boolean canBypass = mKeyguardBypassController != null final boolean canBypass = mKeyguardBypassController != null && mKeyguardBypassController.canBypass(); && mKeyguardBypassController.canBypass(); // There's no reason to ask the HAL for authentication when the user can dismiss the // There's no reason to ask the HAL for authentication when the user can dismiss the Loading Loading @@ -2831,15 +2853,22 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab // Waiting for restart via handleFingerprintError(). // Waiting for restart via handleFingerprintError(). return; return; } } mLogger.v("startListeningForFingerprint()"); if (unlockPossible) { if (unlockPossible) { mFingerprintCancelSignal = new CancellationSignal(); mFingerprintCancelSignal = new CancellationSignal(); if (isEncryptedOrLockdown(userId)) { if (!isUnlockingWithFingerprintAllowed()) { mFpm.detectFingerprint(mFingerprintCancelSignal, mFingerprintDetectionCallback, mLogger.v("startListeningForFingerprint - detect"); mFpm.detectFingerprint( mFingerprintCancelSignal, (sensorId, user, isStrongBiometric) -> { mLogger.d("fingerprint detected"); // Trigger the fingerprint success path so the bouncer can be shown handleFingerprintAuthenticated(user, isStrongBiometric); }, userId); userId); } else { } else { mLogger.v("startListeningForFingerprint - authenticate"); mFpm.authenticate(null /* crypto */, mFingerprintCancelSignal, mFpm.authenticate(null /* crypto */, mFingerprintCancelSignal, mFingerprintAuthenticationCallback, null /* handler */, mFingerprintAuthenticationCallback, null /* handler */, FingerprintManager.SENSOR_ID_ANY, userId, 0 /* flags */); FingerprintManager.SENSOR_ID_ANY, userId, 0 /* flags */); Loading Loading @@ -3056,11 +3085,15 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab } } } } // Immediately stop previous biometric listening states. // Resetting lockout states updates the biometric listening states. if (mFaceManager != null && !mFaceSensorProperties.isEmpty()) { if (mFaceManager != null && !mFaceSensorProperties.isEmpty()) { stopListeningForFace(FACE_AUTH_UPDATED_USER_SWITCHING); handleFaceLockoutReset(mFaceManager.getLockoutModeForUser( handleFaceLockoutReset(mFaceManager.getLockoutModeForUser( mFaceSensorProperties.get(0).sensorId, userId)); mFaceSensorProperties.get(0).sensorId, userId)); } } if (mFpm != null && !mFingerprintSensorProperties.isEmpty()) { if (mFpm != null && !mFingerprintSensorProperties.isEmpty()) { stopListeningForFingerprint(); handleFingerprintLockoutReset(mFpm.getLockoutModeForUser( handleFingerprintLockoutReset(mFpm.getLockoutModeForUser( mFingerprintSensorProperties.get(0).sensorId, userId)); mFingerprintSensorProperties.get(0).sensorId, userId)); } } Loading Loading @@ -3467,7 +3500,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab @AnyThread @AnyThread public void setSwitchingUser(boolean switching) { public void setSwitchingUser(boolean switching) { mSwitchingUser = switching; mSwitchingUser = switching; // Since this comes in on a binder thread, we need to post if first // Since this comes in on a binder thread, we need to post it first mHandler.post(() -> updateBiometricListeningState(BIOMETRIC_ACTION_UPDATE, mHandler.post(() -> updateBiometricListeningState(BIOMETRIC_ACTION_UPDATE, FACE_AUTH_UPDATED_USER_SWITCHING)); FACE_AUTH_UPDATED_USER_SWITCHING)); } } Loading Loading @@ -3559,8 +3592,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab Assert.isMainThread(); Assert.isMainThread(); mUserFingerprintAuthenticated.clear(); mUserFingerprintAuthenticated.clear(); mUserFaceAuthenticated.clear(); mUserFaceAuthenticated.clear(); mTrustManager.clearAllBiometricRecognized(BiometricSourceType.FINGERPRINT, unlockedUser); mTrustManager.clearAllBiometricRecognized(FINGERPRINT, unlockedUser); mTrustManager.clearAllBiometricRecognized(BiometricSourceType.FACE, unlockedUser); mTrustManager.clearAllBiometricRecognized(FACE, unlockedUser); mLogger.d("clearBiometricRecognized"); mLogger.d("clearBiometricRecognized"); for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { Loading packages/SystemUI/src/com/android/systemui/biometrics/AuthRippleController.kt +5 −5 Original line number Original line Diff line number Diff line Loading @@ -116,9 +116,9 @@ class AuthRippleController @Inject constructor( notificationShadeWindowController.setForcePluginOpen(false, this) notificationShadeWindowController.setForcePluginOpen(false, this) } } fun showUnlockRipple(biometricSourceType: BiometricSourceType?) { fun showUnlockRipple(biometricSourceType: BiometricSourceType) { if (!keyguardStateController.isShowing || if (!keyguardStateController.isShowing || keyguardUpdateMonitor.userNeedsStrongAuth()) { !keyguardUpdateMonitor.isUnlockingWithBiometricAllowed(biometricSourceType)) { return return } } Loading Loading @@ -246,7 +246,7 @@ class AuthRippleController @Inject constructor( object : KeyguardUpdateMonitorCallback() { object : KeyguardUpdateMonitorCallback() { override fun onBiometricAuthenticated( override fun onBiometricAuthenticated( userId: Int, userId: Int, biometricSourceType: BiometricSourceType?, biometricSourceType: BiometricSourceType, isStrongBiometric: Boolean isStrongBiometric: Boolean ) { ) { if (biometricSourceType == BiometricSourceType.FINGERPRINT) { if (biometricSourceType == BiometricSourceType.FINGERPRINT) { Loading @@ -255,14 +255,14 @@ class AuthRippleController @Inject constructor( showUnlockRipple(biometricSourceType) showUnlockRipple(biometricSourceType) } } override fun onBiometricAuthFailed(biometricSourceType: BiometricSourceType?) { override fun onBiometricAuthFailed(biometricSourceType: BiometricSourceType) { if (biometricSourceType == BiometricSourceType.FINGERPRINT) { if (biometricSourceType == BiometricSourceType.FINGERPRINT) { mView.retractDwellRipple() mView.retractDwellRipple() } } } } override fun onBiometricAcquired( override fun onBiometricAcquired( biometricSourceType: BiometricSourceType?, biometricSourceType: BiometricSourceType, acquireInfo: Int acquireInfo: Int ) { ) { if (biometricSourceType == BiometricSourceType.FINGERPRINT && if (biometricSourceType == BiometricSourceType.FINGERPRINT && Loading packages/SystemUI/src/com/android/systemui/keyguard/domain/interactor/PrimaryBouncerInteractor.kt +2 −1 Original line number Original line Diff line number Diff line Loading @@ -17,6 +17,7 @@ package com.android.systemui.keyguard.domain.interactor package com.android.systemui.keyguard.domain.interactor import android.content.res.ColorStateList import android.content.res.ColorStateList import android.hardware.biometrics.BiometricSourceType import android.os.Handler import android.os.Handler import android.os.Trace import android.os.Trace import android.os.UserHandle import android.os.UserHandle Loading Loading @@ -71,7 +72,7 @@ constructor( KeyguardUpdateMonitor.getCurrentUser() KeyguardUpdateMonitor.getCurrentUser() ) && ) && !needsFullscreenBouncer() && !needsFullscreenBouncer() && !keyguardUpdateMonitor.userNeedsStrongAuth() && keyguardUpdateMonitor.isUnlockingWithBiometricAllowed(BiometricSourceType.FACE) && !keyguardBypassController.bypassEnabled !keyguardBypassController.bypassEnabled /** Runnable to show the primary bouncer. */ /** Runnable to show the primary bouncer. */ Loading Loading
packages/SystemUI/src/com/android/keyguard/KeyguardListenModel.kt +1 −1 Original line number Original line Diff line number Diff line Loading @@ -26,7 +26,6 @@ data class KeyguardFingerprintListenModel( val credentialAttempted: Boolean, val credentialAttempted: Boolean, val deviceInteractive: Boolean, val deviceInteractive: Boolean, val dreaming: Boolean, val dreaming: Boolean, val encryptedOrLockdown: Boolean, val fingerprintDisabled: Boolean, val fingerprintDisabled: Boolean, val fingerprintLockedOut: Boolean, val fingerprintLockedOut: Boolean, val goingToSleep: Boolean, val goingToSleep: Boolean, Loading @@ -37,6 +36,7 @@ data class KeyguardFingerprintListenModel( val primaryUser: Boolean, val primaryUser: Boolean, val shouldListenSfpsState: Boolean, val shouldListenSfpsState: Boolean, val shouldListenForFingerprintAssistant: Boolean, val shouldListenForFingerprintAssistant: Boolean, val strongerAuthRequired: Boolean, val switchingUser: Boolean, val switchingUser: Boolean, val udfps: Boolean, val udfps: Boolean, val userDoesNotHaveTrust: Boolean val userDoesNotHaveTrust: Boolean Loading
packages/SystemUI/src/com/android/keyguard/KeyguardSecurityContainerController.java +5 −3 Original line number Original line Diff line number Diff line Loading @@ -363,16 +363,18 @@ public class KeyguardSecurityContainerController extends ViewController<Keyguard final boolean sfpsEnabled = getResources().getBoolean( final boolean sfpsEnabled = getResources().getBoolean( R.bool.config_show_sidefps_hint_on_bouncer); R.bool.config_show_sidefps_hint_on_bouncer); final boolean fpsDetectionRunning = mUpdateMonitor.isFingerprintDetectionRunning(); final boolean fpsDetectionRunning = mUpdateMonitor.isFingerprintDetectionRunning(); final boolean needsStrongAuth = mUpdateMonitor.userNeedsStrongAuth(); final boolean isUnlockingWithFpAllowed = mUpdateMonitor.isUnlockingWithFingerprintAllowed(); boolean toShow = mBouncerVisible && sfpsEnabled && fpsDetectionRunning && !needsStrongAuth; boolean toShow = mBouncerVisible && sfpsEnabled && fpsDetectionRunning && isUnlockingWithFpAllowed; if (DEBUG) { if (DEBUG) { Log.d(TAG, "sideFpsToShow=" + toShow + ", " Log.d(TAG, "sideFpsToShow=" + toShow + ", " + "mBouncerVisible=" + mBouncerVisible + ", " + "mBouncerVisible=" + mBouncerVisible + ", " + "configEnabled=" + sfpsEnabled + ", " + "configEnabled=" + sfpsEnabled + ", " + "fpsDetectionRunning=" + fpsDetectionRunning + ", " + "fpsDetectionRunning=" + fpsDetectionRunning + ", " + "needsStrongAuth=" + needsStrongAuth); + "isUnlockingWithFpAllowed=" + isUnlockingWithFpAllowed); } } if (toShow) { if (toShow) { mSideFpsController.get().show(SideFpsUiRequestSource.PRIMARY_BOUNCER); mSideFpsController.get().show(SideFpsUiRequestSource.PRIMARY_BOUNCER); Loading
packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java +92 −59 Original line number Original line Diff line number Diff line Loading @@ -27,6 +27,8 @@ import static android.hardware.biometrics.BiometricConstants.BIOMETRIC_LOCKOUT_P import static android.hardware.biometrics.BiometricConstants.BIOMETRIC_LOCKOUT_TIMED; import static android.hardware.biometrics.BiometricConstants.BIOMETRIC_LOCKOUT_TIMED; import static android.hardware.biometrics.BiometricConstants.LockoutMode; import static android.hardware.biometrics.BiometricConstants.LockoutMode; import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ACQUIRED_START; import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ACQUIRED_START; import static android.hardware.biometrics.BiometricSourceType.FACE; import static android.hardware.biometrics.BiometricSourceType.FINGERPRINT; import static android.os.BatteryManager.BATTERY_STATUS_UNKNOWN; import static android.os.BatteryManager.BATTERY_STATUS_UNKNOWN; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT; Loading Loading @@ -228,7 +230,15 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab * Biometric authentication: Cancelling and waiting for the relevant biometric service to * Biometric authentication: Cancelling and waiting for the relevant biometric service to * send us the confirmation that cancellation has happened. * send us the confirmation that cancellation has happened. */ */ private static final int BIOMETRIC_STATE_CANCELLING = 2; @VisibleForTesting protected static final int BIOMETRIC_STATE_CANCELLING = 2; /** * Biometric state: During cancelling we got another request to start listening, so when we * receive the cancellation done signal, we should start listening again. */ @VisibleForTesting protected static final int BIOMETRIC_STATE_CANCELLING_RESTARTING = 3; /** /** * Action indicating keyguard *can* start biometric authentiation. * Action indicating keyguard *can* start biometric authentiation. Loading @@ -243,12 +253,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab */ */ private static final int BIOMETRIC_ACTION_UPDATE = 2; private static final int BIOMETRIC_ACTION_UPDATE = 2; /** * Biometric state: During cancelling we got another request to start listening, so when we * receive the cancellation done signal, we should start listening again. */ private static final int BIOMETRIC_STATE_CANCELLING_RESTARTING = 3; @VisibleForTesting @VisibleForTesting public static final int BIOMETRIC_HELP_FINGERPRINT_NOT_RECOGNIZED = -1; public static final int BIOMETRIC_HELP_FINGERPRINT_NOT_RECOGNIZED = -1; public static final int BIOMETRIC_HELP_FACE_NOT_RECOGNIZED = -2; public static final int BIOMETRIC_HELP_FACE_NOT_RECOGNIZED = -2; Loading Loading @@ -356,7 +360,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab private KeyguardBypassController mKeyguardBypassController; private KeyguardBypassController mKeyguardBypassController; private List<SubscriptionInfo> mSubscriptionInfo; private List<SubscriptionInfo> mSubscriptionInfo; private int mFingerprintRunningState = BIOMETRIC_STATE_STOPPED; @VisibleForTesting protected int mFingerprintRunningState = BIOMETRIC_STATE_STOPPED; private int mFaceRunningState = BIOMETRIC_STATE_STOPPED; private int mFaceRunningState = BIOMETRIC_STATE_STOPPED; private boolean mIsDreaming; private boolean mIsDreaming; private boolean mLogoutEnabled; private boolean mLogoutEnabled; Loading Loading @@ -790,7 +795,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab new BiometricAuthenticated(true, isStrongBiometric)); new BiometricAuthenticated(true, isStrongBiometric)); // Update/refresh trust state only if user can skip bouncer // Update/refresh trust state only if user can skip bouncer if (getUserCanSkipBouncer(userId)) { if (getUserCanSkipBouncer(userId)) { mTrustManager.unlockedByBiometricForUser(userId, BiometricSourceType.FINGERPRINT); mTrustManager.unlockedByBiometricForUser(userId, FINGERPRINT); } } // Don't send cancel if authentication succeeds // Don't send cancel if authentication succeeds mFingerprintCancelSignal = null; mFingerprintCancelSignal = null; Loading @@ -800,7 +805,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAuthenticated(userId, BiometricSourceType.FINGERPRINT, cb.onBiometricAuthenticated(userId, FINGERPRINT, isStrongBiometric); isStrongBiometric); } } } } Loading Loading @@ -833,7 +838,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAuthFailed(BiometricSourceType.FINGERPRINT); cb.onBiometricAuthFailed(FINGERPRINT); } } } } if (isUdfpsSupported()) { if (isUdfpsSupported()) { Loading @@ -858,7 +863,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAcquired(BiometricSourceType.FINGERPRINT, acquireInfo); cb.onBiometricAcquired(FINGERPRINT, acquireInfo); } } } } } } Loading Loading @@ -892,7 +897,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricHelp(msgId, helpString, BiometricSourceType.FINGERPRINT); cb.onBiometricHelp(msgId, helpString, FINGERPRINT); } } } } } } Loading Loading @@ -944,7 +949,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab if (msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) { if (msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) { lockedOutStateChanged = !mFingerprintLockedOutPermanent; lockedOutStateChanged = !mFingerprintLockedOutPermanent; mFingerprintLockedOutPermanent = true; mFingerprintLockedOutPermanent = true; mLogger.d("Fingerprint locked out - requiring strong auth"); mLogger.d("Fingerprint permanently locked out - requiring stronger auth"); mLockPatternUtils.requireStrongAuth( mLockPatternUtils.requireStrongAuth( STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, getCurrentUser()); STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, getCurrentUser()); } } Loading @@ -953,6 +958,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab || msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) { || msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) { lockedOutStateChanged |= !mFingerprintLockedOut; lockedOutStateChanged |= !mFingerprintLockedOut; mFingerprintLockedOut = true; mFingerprintLockedOut = true; mLogger.d("Fingerprint temporarily locked out - requiring stronger auth"); if (isUdfpsEnrolled()) { if (isUdfpsEnrolled()) { updateFingerprintListeningState(BIOMETRIC_ACTION_UPDATE); updateFingerprintListeningState(BIOMETRIC_ACTION_UPDATE); } } Loading @@ -963,12 +969,12 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricError(msgId, errString, BiometricSourceType.FINGERPRINT); cb.onBiometricError(msgId, errString, FINGERPRINT); } } } } if (lockedOutStateChanged) { if (lockedOutStateChanged) { notifyLockedOutStateChanged(BiometricSourceType.FINGERPRINT); notifyLockedOutStateChanged(FINGERPRINT); } } } } Loading Loading @@ -996,7 +1002,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab } } if (changed) { if (changed) { notifyLockedOutStateChanged(BiometricSourceType.FINGERPRINT); notifyLockedOutStateChanged(FINGERPRINT); } } } } Loading @@ -1019,7 +1025,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricRunningStateChanged(isFingerprintDetectionRunning(), cb.onBiometricRunningStateChanged(isFingerprintDetectionRunning(), BiometricSourceType.FINGERPRINT); FINGERPRINT); } } } } } } Loading @@ -1032,7 +1038,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab new BiometricAuthenticated(true, isStrongBiometric)); new BiometricAuthenticated(true, isStrongBiometric)); // Update/refresh trust state only if user can skip bouncer // Update/refresh trust state only if user can skip bouncer if (getUserCanSkipBouncer(userId)) { if (getUserCanSkipBouncer(userId)) { mTrustManager.unlockedByBiometricForUser(userId, BiometricSourceType.FACE); mTrustManager.unlockedByBiometricForUser(userId, FACE); } } // Don't send cancel if authentication succeeds // Don't send cancel if authentication succeeds mFaceCancelSignal = null; mFaceCancelSignal = null; Loading @@ -1043,7 +1049,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAuthenticated(userId, cb.onBiometricAuthenticated(userId, BiometricSourceType.FACE, FACE, isStrongBiometric); isStrongBiometric); } } } } Loading @@ -1065,7 +1071,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAuthFailed(BiometricSourceType.FACE); cb.onBiometricAuthFailed(FACE); } } } } handleFaceHelp(BIOMETRIC_HELP_FACE_NOT_RECOGNIZED, handleFaceHelp(BIOMETRIC_HELP_FACE_NOT_RECOGNIZED, Loading @@ -1078,7 +1084,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricAcquired(BiometricSourceType.FACE, acquireInfo); cb.onBiometricAcquired(FACE, acquireInfo); } } } } } } Loading Loading @@ -1113,7 +1119,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricHelp(msgId, helpString, BiometricSourceType.FACE); cb.onBiometricHelp(msgId, helpString, FACE); } } } } } } Loading Loading @@ -1181,12 +1187,12 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricError(msgId, errString, cb.onBiometricError(msgId, errString, BiometricSourceType.FACE); FACE); } } } } if (lockedOutStateChanged) { if (lockedOutStateChanged) { notifyLockedOutStateChanged(BiometricSourceType.FACE); notifyLockedOutStateChanged(FACE); } } } } Loading @@ -1200,7 +1206,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab FACE_AUTH_TRIGGERED_FACE_LOCKOUT_RESET), getBiometricLockoutDelay()); FACE_AUTH_TRIGGERED_FACE_LOCKOUT_RESET), getBiometricLockoutDelay()); if (changed) { if (changed) { notifyLockedOutStateChanged(BiometricSourceType.FACE); notifyLockedOutStateChanged(FACE); } } } } Loading @@ -1223,7 +1229,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { if (cb != null) { cb.onBiometricRunningStateChanged(isFaceDetectionRunning(), cb.onBiometricRunningStateChanged(isFaceDetectionRunning(), BiometricSourceType.FACE); FACE); } } } } } } Loading Loading @@ -1364,7 +1370,39 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab } } public boolean isUnlockingWithBiometricAllowed(boolean isStrongBiometric) { public boolean isUnlockingWithBiometricAllowed(boolean isStrongBiometric) { return mStrongAuthTracker.isUnlockingWithBiometricAllowed(isStrongBiometric); // StrongAuthTracker#isUnlockingWithBiometricAllowed includes // STRONG_AUTH_REQUIRED_AFTER_LOCKOUT which is the same as mFingerprintLockedOutPermanent; // however the strong auth tracker does not include the temporary lockout // mFingerprintLockedOut. return mStrongAuthTracker.isUnlockingWithBiometricAllowed(isStrongBiometric) && !mFingerprintLockedOut; } private boolean isUnlockingWithFaceAllowed() { return mStrongAuthTracker.isUnlockingWithBiometricAllowed(false); } /** * Whether fingerprint is allowed ot be used for unlocking based on the strongAuthTracker * and temporary lockout state (tracked by FingerprintManager via error codes). */ public boolean isUnlockingWithFingerprintAllowed() { return isUnlockingWithBiometricAllowed(true); } /** * Whether the given biometric is allowed based on strongAuth & lockout states. */ public boolean isUnlockingWithBiometricAllowed( @NonNull BiometricSourceType biometricSourceType) { switch (biometricSourceType) { case FINGERPRINT: return isUnlockingWithFingerprintAllowed(); case FACE: return isUnlockingWithFaceAllowed(); default: return false; } } } public boolean isUserInLockdown(int userId) { public boolean isUserInLockdown(int userId) { Loading @@ -1386,11 +1424,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab return isEncrypted || isLockDown; return isEncrypted || isLockDown; } } public boolean userNeedsStrongAuth() { return mStrongAuthTracker.getStrongAuthForUser(getCurrentUser()) != LockPatternUtils.StrongAuthTracker.STRONG_AUTH_NOT_REQUIRED; } private boolean containsFlag(int haystack, int needle) { private boolean containsFlag(int haystack, int needle) { return (haystack & needle) != 0; return (haystack & needle) != 0; } } Loading Loading @@ -1560,12 +1593,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab } } }; }; private final FingerprintManager.FingerprintDetectionCallback mFingerprintDetectionCallback = (sensorId, userId, isStrongBiometric) -> { // Trigger the fingerprint success path so the bouncer can be shown handleFingerprintAuthenticated(userId, isStrongBiometric); }; /** /** * Propagates a pointer down event to keyguard. * Propagates a pointer down event to keyguard. */ */ Loading Loading @@ -2636,27 +2663,25 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab && (!mKeyguardGoingAway || !mDeviceInteractive) && (!mKeyguardGoingAway || !mDeviceInteractive) && mIsPrimaryUser && mIsPrimaryUser && biometricEnabledForUser; && biometricEnabledForUser; final boolean strongerAuthRequired = !isUnlockingWithFingerprintAllowed(); final boolean shouldListenBouncerState = !(mFingerprintLockedOut final boolean isSideFps = isSfpsSupported() && isSfpsEnrolled(); && mPrimaryBouncerIsOrWillBeShowing && mCredentialAttempted); final boolean shouldListenBouncerState = !strongerAuthRequired || !mPrimaryBouncerIsOrWillBeShowing; final boolean isEncryptedOrLockdownForUser = isEncryptedOrLockdown(user); final boolean shouldListenUdfpsState = !isUdfps final boolean shouldListenUdfpsState = !isUdfps || (!userCanSkipBouncer || (!userCanSkipBouncer && !isEncryptedOrLockdownForUser && !strongerAuthRequired && userDoesNotHaveTrust); && userDoesNotHaveTrust); boolean shouldListenSideFpsState = true; boolean shouldListenSideFpsState = true; if (isSfpsSupported() && isSfpsEnrolled()) { if (isSideFps) { shouldListenSideFpsState = shouldListenSideFpsState = mSfpsRequireScreenOnToAuthPrefEnabled ? isDeviceInteractive() : true; mSfpsRequireScreenOnToAuthPrefEnabled ? isDeviceInteractive() : true; } } boolean shouldListen = shouldListenKeyguardState && shouldListenUserState boolean shouldListen = shouldListenKeyguardState && shouldListenUserState && shouldListenBouncerState && shouldListenUdfpsState && !isFingerprintLockedOut() && shouldListenBouncerState && shouldListenUdfpsState && shouldListenSideFpsState; && shouldListenSideFpsState; maybeLogListenerModelData( maybeLogListenerModelData( new KeyguardFingerprintListenModel( new KeyguardFingerprintListenModel( System.currentTimeMillis(), System.currentTimeMillis(), Loading @@ -2668,7 +2693,6 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab mCredentialAttempted, mCredentialAttempted, mDeviceInteractive, mDeviceInteractive, mIsDreaming, mIsDreaming, isEncryptedOrLockdownForUser, fingerprintDisabledForUser, fingerprintDisabledForUser, mFingerprintLockedOut, mFingerprintLockedOut, mGoingToSleep, mGoingToSleep, Loading @@ -2679,6 +2703,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab mIsPrimaryUser, mIsPrimaryUser, shouldListenSideFpsState, shouldListenSideFpsState, shouldListenForFingerprintAssistant, shouldListenForFingerprintAssistant, strongerAuthRequired, mSwitchingUser, mSwitchingUser, isUdfps, isUdfps, userDoesNotHaveTrust)); userDoesNotHaveTrust)); Loading Loading @@ -2706,10 +2731,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab final boolean isEncryptedOrTimedOut = final boolean isEncryptedOrTimedOut = containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT) containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_BOOT) || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_TIMEOUT); || containsFlag(strongAuth, STRONG_AUTH_REQUIRED_AFTER_TIMEOUT); final boolean fpLockedOut = isFingerprintLockedOut(); // TODO: always disallow when fp is already locked out? final boolean fpLockedOut = mFingerprintLockedOut || mFingerprintLockedOutPermanent; final boolean canBypass = mKeyguardBypassController != null final boolean canBypass = mKeyguardBypassController != null && mKeyguardBypassController.canBypass(); && mKeyguardBypassController.canBypass(); // There's no reason to ask the HAL for authentication when the user can dismiss the // There's no reason to ask the HAL for authentication when the user can dismiss the Loading Loading @@ -2831,15 +2853,22 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab // Waiting for restart via handleFingerprintError(). // Waiting for restart via handleFingerprintError(). return; return; } } mLogger.v("startListeningForFingerprint()"); if (unlockPossible) { if (unlockPossible) { mFingerprintCancelSignal = new CancellationSignal(); mFingerprintCancelSignal = new CancellationSignal(); if (isEncryptedOrLockdown(userId)) { if (!isUnlockingWithFingerprintAllowed()) { mFpm.detectFingerprint(mFingerprintCancelSignal, mFingerprintDetectionCallback, mLogger.v("startListeningForFingerprint - detect"); mFpm.detectFingerprint( mFingerprintCancelSignal, (sensorId, user, isStrongBiometric) -> { mLogger.d("fingerprint detected"); // Trigger the fingerprint success path so the bouncer can be shown handleFingerprintAuthenticated(user, isStrongBiometric); }, userId); userId); } else { } else { mLogger.v("startListeningForFingerprint - authenticate"); mFpm.authenticate(null /* crypto */, mFingerprintCancelSignal, mFpm.authenticate(null /* crypto */, mFingerprintCancelSignal, mFingerprintAuthenticationCallback, null /* handler */, mFingerprintAuthenticationCallback, null /* handler */, FingerprintManager.SENSOR_ID_ANY, userId, 0 /* flags */); FingerprintManager.SENSOR_ID_ANY, userId, 0 /* flags */); Loading Loading @@ -3056,11 +3085,15 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab } } } } // Immediately stop previous biometric listening states. // Resetting lockout states updates the biometric listening states. if (mFaceManager != null && !mFaceSensorProperties.isEmpty()) { if (mFaceManager != null && !mFaceSensorProperties.isEmpty()) { stopListeningForFace(FACE_AUTH_UPDATED_USER_SWITCHING); handleFaceLockoutReset(mFaceManager.getLockoutModeForUser( handleFaceLockoutReset(mFaceManager.getLockoutModeForUser( mFaceSensorProperties.get(0).sensorId, userId)); mFaceSensorProperties.get(0).sensorId, userId)); } } if (mFpm != null && !mFingerprintSensorProperties.isEmpty()) { if (mFpm != null && !mFingerprintSensorProperties.isEmpty()) { stopListeningForFingerprint(); handleFingerprintLockoutReset(mFpm.getLockoutModeForUser( handleFingerprintLockoutReset(mFpm.getLockoutModeForUser( mFingerprintSensorProperties.get(0).sensorId, userId)); mFingerprintSensorProperties.get(0).sensorId, userId)); } } Loading Loading @@ -3467,7 +3500,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab @AnyThread @AnyThread public void setSwitchingUser(boolean switching) { public void setSwitchingUser(boolean switching) { mSwitchingUser = switching; mSwitchingUser = switching; // Since this comes in on a binder thread, we need to post if first // Since this comes in on a binder thread, we need to post it first mHandler.post(() -> updateBiometricListeningState(BIOMETRIC_ACTION_UPDATE, mHandler.post(() -> updateBiometricListeningState(BIOMETRIC_ACTION_UPDATE, FACE_AUTH_UPDATED_USER_SWITCHING)); FACE_AUTH_UPDATED_USER_SWITCHING)); } } Loading Loading @@ -3559,8 +3592,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab Assert.isMainThread(); Assert.isMainThread(); mUserFingerprintAuthenticated.clear(); mUserFingerprintAuthenticated.clear(); mUserFaceAuthenticated.clear(); mUserFaceAuthenticated.clear(); mTrustManager.clearAllBiometricRecognized(BiometricSourceType.FINGERPRINT, unlockedUser); mTrustManager.clearAllBiometricRecognized(FINGERPRINT, unlockedUser); mTrustManager.clearAllBiometricRecognized(BiometricSourceType.FACE, unlockedUser); mTrustManager.clearAllBiometricRecognized(FACE, unlockedUser); mLogger.d("clearBiometricRecognized"); mLogger.d("clearBiometricRecognized"); for (int i = 0; i < mCallbacks.size(); i++) { for (int i = 0; i < mCallbacks.size(); i++) { Loading
packages/SystemUI/src/com/android/systemui/biometrics/AuthRippleController.kt +5 −5 Original line number Original line Diff line number Diff line Loading @@ -116,9 +116,9 @@ class AuthRippleController @Inject constructor( notificationShadeWindowController.setForcePluginOpen(false, this) notificationShadeWindowController.setForcePluginOpen(false, this) } } fun showUnlockRipple(biometricSourceType: BiometricSourceType?) { fun showUnlockRipple(biometricSourceType: BiometricSourceType) { if (!keyguardStateController.isShowing || if (!keyguardStateController.isShowing || keyguardUpdateMonitor.userNeedsStrongAuth()) { !keyguardUpdateMonitor.isUnlockingWithBiometricAllowed(biometricSourceType)) { return return } } Loading Loading @@ -246,7 +246,7 @@ class AuthRippleController @Inject constructor( object : KeyguardUpdateMonitorCallback() { object : KeyguardUpdateMonitorCallback() { override fun onBiometricAuthenticated( override fun onBiometricAuthenticated( userId: Int, userId: Int, biometricSourceType: BiometricSourceType?, biometricSourceType: BiometricSourceType, isStrongBiometric: Boolean isStrongBiometric: Boolean ) { ) { if (biometricSourceType == BiometricSourceType.FINGERPRINT) { if (biometricSourceType == BiometricSourceType.FINGERPRINT) { Loading @@ -255,14 +255,14 @@ class AuthRippleController @Inject constructor( showUnlockRipple(biometricSourceType) showUnlockRipple(biometricSourceType) } } override fun onBiometricAuthFailed(biometricSourceType: BiometricSourceType?) { override fun onBiometricAuthFailed(biometricSourceType: BiometricSourceType) { if (biometricSourceType == BiometricSourceType.FINGERPRINT) { if (biometricSourceType == BiometricSourceType.FINGERPRINT) { mView.retractDwellRipple() mView.retractDwellRipple() } } } } override fun onBiometricAcquired( override fun onBiometricAcquired( biometricSourceType: BiometricSourceType?, biometricSourceType: BiometricSourceType, acquireInfo: Int acquireInfo: Int ) { ) { if (biometricSourceType == BiometricSourceType.FINGERPRINT && if (biometricSourceType == BiometricSourceType.FINGERPRINT && Loading
packages/SystemUI/src/com/android/systemui/keyguard/domain/interactor/PrimaryBouncerInteractor.kt +2 −1 Original line number Original line Diff line number Diff line Loading @@ -17,6 +17,7 @@ package com.android.systemui.keyguard.domain.interactor package com.android.systemui.keyguard.domain.interactor import android.content.res.ColorStateList import android.content.res.ColorStateList import android.hardware.biometrics.BiometricSourceType import android.os.Handler import android.os.Handler import android.os.Trace import android.os.Trace import android.os.UserHandle import android.os.UserHandle Loading Loading @@ -71,7 +72,7 @@ constructor( KeyguardUpdateMonitor.getCurrentUser() KeyguardUpdateMonitor.getCurrentUser() ) && ) && !needsFullscreenBouncer() && !needsFullscreenBouncer() && !keyguardUpdateMonitor.userNeedsStrongAuth() && keyguardUpdateMonitor.isUnlockingWithBiometricAllowed(BiometricSourceType.FACE) && !keyguardBypassController.bypassEnabled !keyguardBypassController.bypassEnabled /** Runnable to show the primary bouncer. */ /** Runnable to show the primary bouncer. */ Loading
