Merge "Clear identity when checking strongauth flags" into rvc-qpr-dev am: 90c7090e

        public void authenticate(final IBinder token, final long opId, final int userId,

                final IFingerprintServiceReceiver receiver, final int flags,

                final String opPackageName) {

            if (Utils.isUserEncryptedOrLockdown(mLockPatternUtils, userId)

                    && Utils.isKeyguard(getContext(), opPackageName)) {

            // Keyguard check must be done on the caller's binder identity, since it also checks

            // permission.

            final boolean isKeyguard = Utils.isKeyguard(getContext(), opPackageName);

            // Clear calling identity when checking LockPatternUtils for StrongAuth flags.

            final long identity = Binder.clearCallingIdentity();

            try {

                if (isKeyguard && Utils.isUserEncryptedOrLockdown(mLockPatternUtils, userId)) {

                    // If this happens, something in KeyguardUpdateMonitor is wrong.

                    // SafetyNet for b/79776455

                    EventLog.writeEvent(0x534e4554, "79776455");

                    Slog.e(TAG, "Authenticate invoked when user is encrypted or lockdown");

                    return;

                }

            } finally {

                Binder.restoreCallingIdentity(identity);

            }

            updateActiveGroup(userId, opPackageName);

            final boolean restricted = isRestricted();