DevicePolicyManagerService.java revision 9327f4f671de3cbb795612bf4f314ceff88de865
1/* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server; 18 19import com.android.common.FastXmlSerializer; 20import com.android.internal.widget.LockPatternUtils; 21 22import org.xmlpull.v1.XmlPullParser; 23import org.xmlpull.v1.XmlPullParserException; 24import org.xmlpull.v1.XmlSerializer; 25 26import android.app.Activity; 27import android.app.DeviceAdmin; 28import android.app.DeviceAdminInfo; 29import android.app.DevicePolicyManager; 30import android.app.IDevicePolicyManager; 31import android.content.BroadcastReceiver; 32import android.content.ComponentName; 33import android.content.Context; 34import android.content.Intent; 35import android.content.pm.PackageManager; 36import android.content.pm.ResolveInfo; 37import android.os.Binder; 38import android.os.IBinder; 39import android.os.IPowerManager; 40import android.os.RecoverySystem; 41import android.os.RemoteCallback; 42import android.os.RemoteException; 43import android.os.ServiceManager; 44import android.os.SystemClock; 45import android.util.Log; 46import android.util.Xml; 47import android.view.WindowManagerPolicy; 48 49import java.io.File; 50import java.io.FileInputStream; 51import java.io.FileOutputStream; 52import java.io.IOException; 53import java.util.ArrayList; 54import java.util.HashMap; 55import java.util.List; 56 57/** 58 * Implementation of the device policy APIs. 59 */ 60public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 61 private static final String TAG = "DevicePolicyManagerService"; 62 63 private final Context mContext; 64 65 IPowerManager mIPowerManager; 66 67 int mActivePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; 68 int mActivePasswordLength = 0; 69 int mFailedPasswordAttempts = 0; 70 71 final HashMap<ComponentName, ActiveAdmin> mAdminMap 72 = new HashMap<ComponentName, ActiveAdmin>(); 73 final ArrayList<ActiveAdmin> mAdminList 74 = new ArrayList<ActiveAdmin>(); 75 76 static class ActiveAdmin { 77 final DeviceAdminInfo info; 78 79 int passwordQuality = DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; 80 int minimumPasswordLength = 0; 81 long maximumTimeToUnlock = 0; 82 int maximumFailedPasswordsForWipe = 0; 83 84 ActiveAdmin(DeviceAdminInfo _info) { 85 info = _info; 86 } 87 88 int getUid() { return info.getActivityInfo().applicationInfo.uid; } 89 90 void writeToXml(XmlSerializer out) 91 throws IllegalArgumentException, IllegalStateException, IOException { 92 if (passwordQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { 93 out.startTag(null, "password-quality"); 94 out.attribute(null, "value", Integer.toString(passwordQuality)); 95 out.endTag(null, "password-quality"); 96 if (minimumPasswordLength > 0) { 97 out.startTag(null, "min-password-length"); 98 out.attribute(null, "value", Integer.toString(minimumPasswordLength)); 99 out.endTag(null, "mn-password-length"); 100 } 101 } 102 if (maximumTimeToUnlock != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { 103 out.startTag(null, "max-time-to-unlock"); 104 out.attribute(null, "value", Long.toString(maximumTimeToUnlock)); 105 out.endTag(null, "max-time-to-unlock"); 106 } 107 if (maximumFailedPasswordsForWipe != 0) { 108 out.startTag(null, "max-failed-password-wipe"); 109 out.attribute(null, "value", Integer.toString(maximumFailedPasswordsForWipe)); 110 out.endTag(null, "max-failed-password-wipe"); 111 } 112 } 113 114 void readFromXml(XmlPullParser parser) 115 throws XmlPullParserException, IOException { 116 int outerDepth = parser.getDepth(); 117 int type; 118 while ((type=parser.next()) != XmlPullParser.END_DOCUMENT 119 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { 120 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { 121 continue; 122 } 123 String tag = parser.getName(); 124 if ("password-quality".equals(tag)) { 125 passwordQuality = Integer.parseInt( 126 parser.getAttributeValue(null, "value")); 127 } else if ("min-password-length".equals(tag)) { 128 minimumPasswordLength = Integer.parseInt( 129 parser.getAttributeValue(null, "value")); 130 } else if ("max-time-to-unlock".equals(tag)) { 131 maximumTimeToUnlock = Long.parseLong( 132 parser.getAttributeValue(null, "value")); 133 } else if ("max-failed-password-wipe".equals(tag)) { 134 maximumFailedPasswordsForWipe = Integer.parseInt( 135 parser.getAttributeValue(null, "value")); 136 } 137 } 138 } 139 } 140 141 /** 142 * Instantiates the service. 143 */ 144 public DevicePolicyManagerService(Context context) { 145 mContext = context; 146 } 147 148 private IPowerManager getIPowerManager() { 149 if (mIPowerManager == null) { 150 IBinder b = ServiceManager.getService(Context.POWER_SERVICE); 151 mIPowerManager = IPowerManager.Stub.asInterface(b); 152 } 153 return mIPowerManager; 154 } 155 156 ActiveAdmin getActiveAdminUncheckedLocked(ComponentName who) { 157 ActiveAdmin admin = mAdminMap.get(who); 158 if (admin != null 159 && who.getPackageName().equals(admin.info.getActivityInfo().packageName) 160 && who.getClassName().equals(admin.info.getActivityInfo().name)) { 161 return admin; 162 } 163 return null; 164 } 165 166 ActiveAdmin getActiveAdminForCallerLocked(ComponentName who, int reqPolicy) 167 throws SecurityException { 168 final int callingUid = Binder.getCallingUid(); 169 if (who != null) { 170 ActiveAdmin admin = mAdminMap.get(who); 171 if (admin == null) { 172 throw new SecurityException("No active admin " + who); 173 } 174 if (admin.getUid() != callingUid) { 175 throw new SecurityException("Admin " + who + " is not owned by uid " 176 + Binder.getCallingUid()); 177 } 178 if (!admin.info.usesPolicy(reqPolicy)) { 179 throw new SecurityException("Admin " + admin.info.getComponent() 180 + " did not specify uses-policy for: " 181 + admin.info.getTagForPolicy(reqPolicy)); 182 } 183 return admin; 184 } else { 185 final int N = mAdminList.size(); 186 for (int i=0; i<N; i++) { 187 ActiveAdmin admin = mAdminList.get(i); 188 if (admin.getUid() == callingUid && admin.info.usesPolicy(reqPolicy)) { 189 return admin; 190 } 191 } 192 throw new SecurityException("No active admin owned by uid " 193 + Binder.getCallingUid() + " for policy #" + reqPolicy); 194 } 195 } 196 197 void sendAdminCommandLocked(ActiveAdmin admin, String action) { 198 Intent intent = new Intent(action); 199 intent.setComponent(admin.info.getComponent()); 200 mContext.sendBroadcast(intent); 201 } 202 203 void sendAdminCommandLocked(String action, int reqPolicy) { 204 final int N = mAdminList.size(); 205 if (N > 0) { 206 for (int i=0; i<N; i++) { 207 ActiveAdmin admin = mAdminList.get(i); 208 if (admin.info.usesPolicy(reqPolicy)) { 209 sendAdminCommandLocked(admin, action); 210 } 211 } 212 } 213 } 214 215 void removeActiveAdminLocked(ComponentName adminReceiver) { 216 ActiveAdmin admin = getActiveAdminUncheckedLocked(adminReceiver); 217 if (admin != null) { 218 sendAdminCommandLocked(admin, 219 DeviceAdmin.ACTION_DEVICE_ADMIN_DISABLED); 220 // XXX need to wait for it to complete. 221 mAdminList.remove(admin); 222 mAdminMap.remove(adminReceiver); 223 } 224 } 225 226 public DeviceAdminInfo findAdmin(ComponentName adminName) { 227 Intent resolveIntent = new Intent(); 228 resolveIntent.setComponent(adminName); 229 List<ResolveInfo> infos = mContext.getPackageManager().queryBroadcastReceivers( 230 resolveIntent, PackageManager.GET_META_DATA); 231 if (infos == null || infos.size() <= 0) { 232 throw new IllegalArgumentException("Unknown admin: " + adminName); 233 } 234 235 try { 236 return new DeviceAdminInfo(mContext, infos.get(0)); 237 } catch (XmlPullParserException e) { 238 Log.w(TAG, "Bad device admin requested: " + adminName, e); 239 return null; 240 } catch (IOException e) { 241 Log.w(TAG, "Bad device admin requested: " + adminName, e); 242 return null; 243 } 244 } 245 246 private static JournaledFile makeJournaledFile() { 247 final String base = "/data/system/device_policies.xml"; 248 return new JournaledFile(new File(base), new File(base + ".tmp")); 249 } 250 251 private void saveSettingsLocked() { 252 JournaledFile journal = makeJournaledFile(); 253 FileOutputStream stream = null; 254 try { 255 stream = new FileOutputStream(journal.chooseForWrite(), false); 256 XmlSerializer out = new FastXmlSerializer(); 257 out.setOutput(stream, "utf-8"); 258 out.startDocument(null, true); 259 260 out.startTag(null, "policies"); 261 262 final int N = mAdminList.size(); 263 for (int i=0; i<N; i++) { 264 ActiveAdmin ap = mAdminList.get(i); 265 if (ap != null) { 266 out.startTag(null, "admin"); 267 out.attribute(null, "name", ap.info.getComponent().flattenToString()); 268 ap.writeToXml(out); 269 out.endTag(null, "admin"); 270 } 271 } 272 273 out.endTag(null, "policies"); 274 275 if (mFailedPasswordAttempts != 0) { 276 out.startTag(null, "failed-password-attempts"); 277 out.attribute(null, "value", Integer.toString(mFailedPasswordAttempts)); 278 out.endTag(null, "failed-password-attempts"); 279 } 280 281 out.endDocument(); 282 stream.close(); 283 journal.commit(); 284 } catch (IOException e) { 285 try { 286 if (stream != null) { 287 stream.close(); 288 } 289 } catch (IOException ex) { 290 // Ignore 291 } 292 journal.rollback(); 293 } 294 } 295 296 private void loadSettingsLocked() { 297 JournaledFile journal = makeJournaledFile(); 298 FileInputStream stream = null; 299 File file = journal.chooseForRead(); 300 try { 301 stream = new FileInputStream(file); 302 XmlPullParser parser = Xml.newPullParser(); 303 parser.setInput(stream, null); 304 305 int type; 306 while ((type=parser.next()) != XmlPullParser.END_DOCUMENT 307 && type != XmlPullParser.START_TAG) { 308 } 309 String tag = parser.getName(); 310 if (!"policies".equals(tag)) { 311 throw new XmlPullParserException( 312 "Settings do not start with policies tag: found " + tag); 313 } 314 type = parser.next(); 315 int outerDepth = parser.getDepth(); 316 while ((type=parser.next()) != XmlPullParser.END_DOCUMENT 317 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { 318 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) { 319 continue; 320 } 321 tag = parser.getName(); 322 if ("admin".equals(tag)) { 323 DeviceAdminInfo dai = findAdmin( 324 ComponentName.unflattenFromString( 325 parser.getAttributeValue(null, "name"))); 326 if (dai != null) { 327 ActiveAdmin ap = new ActiveAdmin(dai); 328 ap.readFromXml(parser); 329 mAdminMap.put(ap.info.getComponent(), ap); 330 mAdminList.add(ap); 331 } 332 } else if ("failed-password-attempts".equals(tag)) { 333 mFailedPasswordAttempts = Integer.parseInt( 334 parser.getAttributeValue(null, "value")); 335 } 336 } 337 } catch (NullPointerException e) { 338 Log.w(TAG, "failed parsing " + file + " " + e); 339 } catch (NumberFormatException e) { 340 Log.w(TAG, "failed parsing " + file + " " + e); 341 } catch (XmlPullParserException e) { 342 Log.w(TAG, "failed parsing " + file + " " + e); 343 } catch (IOException e) { 344 Log.w(TAG, "failed parsing " + file + " " + e); 345 } catch (IndexOutOfBoundsException e) { 346 Log.w(TAG, "failed parsing " + file + " " + e); 347 } 348 try { 349 if (stream != null) { 350 stream.close(); 351 } 352 } catch (IOException e) { 353 // Ignore 354 } 355 356 long timeMs = getMaximumTimeToLock(null); 357 if (timeMs <= 0) { 358 timeMs = Integer.MAX_VALUE; 359 } 360 try { 361 getIPowerManager().setMaximumScreenOffTimeount((int)timeMs); 362 } catch (RemoteException e) { 363 Log.w(TAG, "Failure talking with power manager", e); 364 } 365 } 366 367 public void systemReady() { 368 synchronized (this) { 369 loadSettingsLocked(); 370 } 371 } 372 373 public void setActiveAdmin(ComponentName adminReceiver) { 374 mContext.enforceCallingOrSelfPermission( 375 android.Manifest.permission.BIND_DEVICE_ADMIN, null); 376 377 DeviceAdminInfo info = findAdmin(adminReceiver); 378 if (info == null) { 379 throw new IllegalArgumentException("Bad admin: " + adminReceiver); 380 } 381 synchronized (this) { 382 long ident = Binder.clearCallingIdentity(); 383 try { 384 if (getActiveAdminUncheckedLocked(adminReceiver) != null) { 385 throw new IllegalArgumentException("Admin is already added"); 386 } 387 ActiveAdmin admin = new ActiveAdmin(info); 388 mAdminMap.put(adminReceiver, admin); 389 mAdminList.add(admin); 390 saveSettingsLocked(); 391 sendAdminCommandLocked(admin, 392 DeviceAdmin.ACTION_DEVICE_ADMIN_ENABLED); 393 } finally { 394 Binder.restoreCallingIdentity(ident); 395 } 396 } 397 } 398 399 public boolean isAdminActive(ComponentName adminReceiver) { 400 synchronized (this) { 401 return getActiveAdminUncheckedLocked(adminReceiver) != null; 402 } 403 } 404 405 public List<ComponentName> getActiveAdmins() { 406 synchronized (this) { 407 final int N = mAdminList.size(); 408 if (N <= 0) { 409 return null; 410 } 411 ArrayList<ComponentName> res = new ArrayList<ComponentName>(N); 412 for (int i=0; i<N; i++) { 413 res.add(mAdminList.get(i).info.getComponent()); 414 } 415 return res; 416 } 417 } 418 419 public void removeActiveAdmin(ComponentName adminReceiver) { 420 synchronized (this) { 421 ActiveAdmin admin = getActiveAdminUncheckedLocked(adminReceiver); 422 if (admin == null) { 423 return; 424 } 425 if (admin.getUid() != Binder.getCallingUid()) { 426 mContext.enforceCallingOrSelfPermission( 427 android.Manifest.permission.BIND_DEVICE_ADMIN, null); 428 } 429 long ident = Binder.clearCallingIdentity(); 430 try { 431 removeActiveAdminLocked(adminReceiver); 432 } finally { 433 Binder.restoreCallingIdentity(ident); 434 } 435 } 436 } 437 438 public void setPasswordQuality(ComponentName who, int mode) { 439 synchronized (this) { 440 if (who == null) { 441 throw new NullPointerException("ComponentName is null"); 442 } 443 ActiveAdmin ap = getActiveAdminForCallerLocked(who, 444 DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD); 445 if (ap.passwordQuality != mode) { 446 ap.passwordQuality = mode; 447 saveSettingsLocked(); 448 } 449 } 450 } 451 452 public int getPasswordQuality(ComponentName who) { 453 synchronized (this) { 454 int mode = DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; 455 456 if (who != null) { 457 ActiveAdmin admin = getActiveAdminUncheckedLocked(who); 458 return admin != null ? admin.passwordQuality : mode; 459 } 460 461 final int N = mAdminList.size(); 462 for (int i=0; i<N; i++) { 463 ActiveAdmin admin = mAdminList.get(i); 464 if (mode < admin.passwordQuality) { 465 mode = admin.passwordQuality; 466 } 467 } 468 return mode; 469 } 470 } 471 472 public void setPasswordMinimumLength(ComponentName who, int length) { 473 synchronized (this) { 474 if (who == null) { 475 throw new NullPointerException("ComponentName is null"); 476 } 477 ActiveAdmin ap = getActiveAdminForCallerLocked(who, 478 DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD); 479 if (ap.minimumPasswordLength != length) { 480 ap.minimumPasswordLength = length; 481 saveSettingsLocked(); 482 } 483 } 484 } 485 486 public int getPasswordMinimumLength(ComponentName who) { 487 synchronized (this) { 488 int length = 0; 489 490 if (who != null) { 491 ActiveAdmin admin = getActiveAdminUncheckedLocked(who); 492 return admin != null ? admin.minimumPasswordLength : length; 493 } 494 495 final int N = mAdminList.size(); 496 for (int i=0; i<N; i++) { 497 ActiveAdmin admin = mAdminList.get(i); 498 if (length < admin.minimumPasswordLength) { 499 length = admin.minimumPasswordLength; 500 } 501 } 502 return length; 503 } 504 } 505 506 public boolean isActivePasswordSufficient() { 507 synchronized (this) { 508 // This API can only be called by an active device admin, 509 // so try to retrieve it to check that the caller is one. 510 getActiveAdminForCallerLocked(null, 511 DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD); 512 return mActivePasswordQuality >= getPasswordQuality(null) 513 && mActivePasswordLength >= getPasswordMinimumLength(null); 514 } 515 } 516 517 public int getCurrentFailedPasswordAttempts() { 518 synchronized (this) { 519 // This API can only be called by an active device admin, 520 // so try to retrieve it to check that the caller is one. 521 getActiveAdminForCallerLocked(null, 522 DeviceAdminInfo.USES_POLICY_WATCH_LOGIN); 523 return mFailedPasswordAttempts; 524 } 525 } 526 527 public void setMaximumFailedPasswordsForWipe(ComponentName who, int num) { 528 synchronized (this) { 529 // This API can only be called by an active device admin, 530 // so try to retrieve it to check that the caller is one. 531 getActiveAdminForCallerLocked(who, 532 DeviceAdminInfo.USES_POLICY_WIPE_DATA); 533 ActiveAdmin ap = getActiveAdminForCallerLocked(who, 534 DeviceAdminInfo.USES_POLICY_WATCH_LOGIN); 535 if (ap.maximumFailedPasswordsForWipe != num) { 536 ap.maximumFailedPasswordsForWipe = num; 537 saveSettingsLocked(); 538 } 539 } 540 } 541 542 public int getMaximumFailedPasswordsForWipe(ComponentName who) { 543 synchronized (this) { 544 int count = 0; 545 546 if (who != null) { 547 ActiveAdmin admin = getActiveAdminUncheckedLocked(who); 548 return admin != null ? admin.maximumFailedPasswordsForWipe : count; 549 } 550 551 final int N = mAdminList.size(); 552 for (int i=0; i<N; i++) { 553 ActiveAdmin admin = mAdminList.get(i); 554 if (count == 0) { 555 count = admin.maximumFailedPasswordsForWipe; 556 } else if (admin.maximumFailedPasswordsForWipe != 0 557 && count > admin.maximumFailedPasswordsForWipe) { 558 count = admin.maximumFailedPasswordsForWipe; 559 } 560 } 561 return count; 562 } 563 } 564 565 public boolean resetPassword(String password) { 566 int quality; 567 synchronized (this) { 568 // This API can only be called by an active device admin, 569 // so try to retrieve it to check that the caller is one. 570 getActiveAdminForCallerLocked(null, 571 DeviceAdminInfo.USES_POLICY_RESET_PASSWORD); 572 quality = getPasswordQuality(null); 573 if (quality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { 574 int adjQuality = LockPatternUtils.adjustPasswordMode(password, quality); 575 if (adjQuality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { 576 Log.w(TAG, "resetPassword: password does not meet quality " + quality); 577 return false; 578 } 579 quality = adjQuality; 580 } 581 int length = getPasswordMinimumLength(null); 582 if (password.length() < length) { 583 Log.w(TAG, "resetPassword: password does not meet length " + length); 584 return false; 585 } 586 } 587 588 // Don't do this with the lock held, because it is going to call 589 // back in to the service. 590 long ident = Binder.clearCallingIdentity(); 591 try { 592 LockPatternUtils utils = new LockPatternUtils(mContext); 593 utils.saveLockPassword(password, quality); 594 } finally { 595 Binder.restoreCallingIdentity(ident); 596 } 597 598 return true; 599 } 600 601 public void setMaximumTimeToLock(ComponentName who, long timeMs) { 602 synchronized (this) { 603 if (who == null) { 604 throw new NullPointerException("ComponentName is null"); 605 } 606 ActiveAdmin ap = getActiveAdminForCallerLocked(who, 607 DeviceAdminInfo.USES_POLICY_LIMIT_UNLOCK); 608 if (ap.maximumTimeToUnlock != timeMs) { 609 ap.maximumTimeToUnlock = timeMs; 610 611 long ident = Binder.clearCallingIdentity(); 612 try { 613 saveSettingsLocked(); 614 615 timeMs = getMaximumTimeToLock(null); 616 if (timeMs <= 0) { 617 timeMs = Integer.MAX_VALUE; 618 } 619 620 try { 621 getIPowerManager().setMaximumScreenOffTimeount((int)timeMs); 622 } catch (RemoteException e) { 623 Log.w(TAG, "Failure talking with power manager", e); 624 } 625 } finally { 626 Binder.restoreCallingIdentity(ident); 627 } 628 } 629 } 630 } 631 632 public long getMaximumTimeToLock(ComponentName who) { 633 synchronized (this) { 634 long time = 0; 635 636 if (who != null) { 637 ActiveAdmin admin = getActiveAdminUncheckedLocked(who); 638 return admin != null ? admin.maximumTimeToUnlock : time; 639 } 640 641 final int N = mAdminList.size(); 642 for (int i=0; i<N; i++) { 643 ActiveAdmin admin = mAdminList.get(i); 644 if (time == 0) { 645 time = admin.maximumTimeToUnlock; 646 } else if (admin.maximumTimeToUnlock != 0 647 && time > admin.maximumTimeToUnlock) { 648 time = admin.maximumTimeToUnlock; 649 } 650 } 651 return time; 652 } 653 } 654 655 public void lockNow() { 656 synchronized (this) { 657 // This API can only be called by an active device admin, 658 // so try to retrieve it to check that the caller is one. 659 getActiveAdminForCallerLocked(null, 660 DeviceAdminInfo.USES_POLICY_FORCE_LOCK); 661 long ident = Binder.clearCallingIdentity(); 662 try { 663 mIPowerManager.goToSleepWithReason(SystemClock.uptimeMillis(), 664 WindowManagerPolicy.OFF_BECAUSE_OF_ADMIN); 665 } catch (RemoteException e) { 666 } finally { 667 Binder.restoreCallingIdentity(ident); 668 } 669 } 670 } 671 672 void wipeDataLocked(int flags) { 673 try { 674 RecoverySystem.rebootWipeUserData(mContext); 675 } catch (IOException e) { 676 Log.w(TAG, "Failed requesting data wipe", e); 677 } 678 } 679 680 public void wipeData(int flags) { 681 synchronized (this) { 682 // This API can only be called by an active device admin, 683 // so try to retrieve it to check that the caller is one. 684 getActiveAdminForCallerLocked(null, 685 DeviceAdminInfo.USES_POLICY_WIPE_DATA); 686 long ident = Binder.clearCallingIdentity(); 687 try { 688 wipeDataLocked(flags); 689 } finally { 690 Binder.restoreCallingIdentity(ident); 691 } 692 } 693 } 694 695 public void getRemoveWarning(ComponentName comp, final RemoteCallback result) { 696 mContext.enforceCallingOrSelfPermission( 697 android.Manifest.permission.BIND_DEVICE_ADMIN, null); 698 699 synchronized (this) { 700 ActiveAdmin admin = getActiveAdminUncheckedLocked(comp); 701 if (admin == null) { 702 try { 703 result.sendResult(null); 704 } catch (RemoteException e) { 705 } 706 return; 707 } 708 Intent intent = new Intent(DeviceAdmin.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED); 709 intent.setComponent(admin.info.getComponent()); 710 mContext.sendOrderedBroadcast(intent, null, new BroadcastReceiver() { 711 @Override 712 public void onReceive(Context context, Intent intent) { 713 try { 714 result.sendResult(getResultExtras(false)); 715 } catch (RemoteException e) { 716 } 717 } 718 }, null, Activity.RESULT_OK, null, null); 719 } 720 } 721 722 public void setActivePasswordState(int quality, int length) { 723 mContext.enforceCallingOrSelfPermission( 724 android.Manifest.permission.BIND_DEVICE_ADMIN, null); 725 726 synchronized (this) { 727 if (mActivePasswordQuality != quality || mActivePasswordLength != length 728 || mFailedPasswordAttempts != 0) { 729 long ident = Binder.clearCallingIdentity(); 730 try { 731 mActivePasswordQuality = quality; 732 mActivePasswordLength = length; 733 if (mFailedPasswordAttempts != 0) { 734 mFailedPasswordAttempts = 0; 735 saveSettingsLocked(); 736 } 737 sendAdminCommandLocked(DeviceAdmin.ACTION_PASSWORD_CHANGED, 738 DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD); 739 } finally { 740 Binder.restoreCallingIdentity(ident); 741 } 742 } 743 } 744 } 745 746 public void reportFailedPasswordAttempt() { 747 mContext.enforceCallingOrSelfPermission( 748 android.Manifest.permission.BIND_DEVICE_ADMIN, null); 749 750 synchronized (this) { 751 long ident = Binder.clearCallingIdentity(); 752 try { 753 mFailedPasswordAttempts++; 754 saveSettingsLocked(); 755 int max = getMaximumFailedPasswordsForWipe(null); 756 if (max > 0 && mFailedPasswordAttempts >= max) { 757 wipeDataLocked(0); 758 } 759 sendAdminCommandLocked(DeviceAdmin.ACTION_PASSWORD_FAILED, 760 DeviceAdminInfo.USES_POLICY_WATCH_LOGIN); 761 } finally { 762 Binder.restoreCallingIdentity(ident); 763 } 764 } 765 } 766 767 public void reportSuccessfulPasswordAttempt() { 768 mContext.enforceCallingOrSelfPermission( 769 android.Manifest.permission.BIND_DEVICE_ADMIN, null); 770 771 synchronized (this) { 772 if (mFailedPasswordAttempts != 0) { 773 long ident = Binder.clearCallingIdentity(); 774 try { 775 mFailedPasswordAttempts = 0; 776 saveSettingsLocked(); 777 sendAdminCommandLocked(DeviceAdmin.ACTION_PASSWORD_SUCCEEDED, 778 DeviceAdminInfo.USES_POLICY_WATCH_LOGIN); 779 } finally { 780 Binder.restoreCallingIdentity(ident); 781 } 782 } 783 } 784 } 785} 786