Cross Reference: /frameworks/base/services/core/java/com/android/server/LockSettingsService.java

History log of /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
da3d71f01e5e5da0601c88d92076062d1d985176	23-May-2017	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Restore resetKeyStore() logic of clearing SYSTEM uid" into oc-dev
1cf91a094f8b719fc1ab20a7a6861278633cdf28	26-Apr-2017	Rubin Xu <rubinxu@google.com>	Restore resetKeyStore() logic of clearing SYSTEM uid Keystore no longer clears keys critical to device encryption flow so no need to skip clearing SYSTEM's keystore entries here. Bug: 34600579 Test: Add device lock under synthtic password, goto Settings/security/encryption, tap clear credentials and verify device lock is still intact. Change-Id: I191a545181771693fd2d75f1c23d14a6b74278af Merged-In: I191a545181771693fd2d75f1c23d14a6b74278af /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
04a4e1de71189c6ead8cb363f393ea7e0e4db0c7	15-May-2017	Rubin Xu <rubinxu@google.com>	Fix a deadlock in LockSettingsService Order of taking locks in LSS: mSeparateChallengeLock -> mSpManager -> this. Since getGateKeeperService().getSecureUserId() will end up calling getSeparateProfileChallengeEnabled() which tries to acquire mSeparateChallengeLock , we shouldn't be holding this lock while calling getSecureUserId() Also spell out the order of taking locks in a comment. Test: while device lockscreen is being changed, run "adb shell dumpsys lock_settings" and verify device is not locked up. Bug: 37663848 Change-Id: I6b780ab5d1e33b07392f0ab0df29ecc3956f89ff /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
faf37babb0bc0962c01750b222fc03bd197b0b62	22-Apr-2017	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Let unlocked profile verifyCredential under unified lock" into oc-dev
c93cdef2fa5403ac46767f1853f4e803824d4d20	21-Apr-2017	Charles He <qiurui@google.com>	Let unlocked profile verifyCredential under unified lock When unified work challenge is enabled and the primary user is unlocked, LockSettingsService should unlock the managed profile subsequently by calling verifyCredential() in most cases. Previously, verifyCredential() is not called on managed profiles when any one of the two conditions are met: 1. when the profile is not yet running 2. when the profile is already unlocked These were introduced to make sure the managed profile stays locked when it is in QUIET_MODE (i.e. work mode off). However, condition 2 is problematic. Specifically, it also prevents auth tokens, etc., from being refreshed (side effects of verifyCredential()), even when the profile is not in QUIET_MODE. We remove condition 2 in this change to make sure verifyCredential() is still called on the managed profile when it is RUNNING_UNLOCKED. Condition 1 alone should be able to handle the QUIET_MODE case. Unit test is also updated in case regression occurs. Bug: 36851574 Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Test: CTS verifier > BYOD managed provisioning > Authentication-bound keys Test: (all of above are run on both sailfish and angler) Change-Id: Ice89c1eedacaf07e076252a2a571a1eb100ef791 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
308f30b8e633bc808a1df675e76fca0c4ee58484	12-Apr-2017	Rubin Xu <rubinxu@google.com>	Do not check user escrow state if synthetic password is not enabled yet 1. when adding escrow tokens, do not throw SecurityException if the user hasn't migrated to synthetic password yet. 2. during migration, activate any pending escrow tokens. 3. Disable escrow before attempting to activate escrow tokens, this currently includes whenever the user authenticates, and when synthetic password migration happens. Also, add some comments in SyntheticPasswordManager and remove an invalid call to destroy escrow data. Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Bug: 36776133 Change-Id: If4b9d385fb43e09d90b6dde6d25b4fcc0c6b7ddc Merged-In: If4b9d385fb43e09d90b6dde6d25b4fcc0c6b7ddc /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
fe9a53bc45fd0124a876dc0a49680aaf86641d3e	31-Mar-2017	Jeff Sharkey <jsharkey@android.com>	Consistent dump() permission checking. This change introduces new methods on DumpUtils that can check if the caller has DUMP and/or PACKAGE_USAGE_STATS access. It then moves all existing dump() methods to use these checks so that we emit consistent error messages. Test: cts-tradefed run commandAndExit cts-dev -m CtsSecurityTestCases -t android.security.cts.ServicePermissionsTest Bug: 32806790 Change-Id: Iaff6b9506818ee082b1e169c89ebe1001b3bfeca /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
282cfefea0fbbd299839e353e6d30affdcd4a55c	27-Mar-2017	Chris Wren <cwren@android.com>	standardize system notification IDs All the trivial cases, plus some fixes to try to mitigate collisions with the complex ones. Complex services to follow in another CL, Bug: 32584866 Test: make framework services Change-Id: Ie9663600171d8ede11676e9d66f009dbb06def03 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
8e87af55337a19cf7242a1bf2f516bc26ae65f9e	03-Mar-2017	Andrew Scull <ascull@google.com>	Don't unlock the work profile if it is turned off. Test: Turn off work, lock and unlock device with PIN/password/pattern, turn on work and now you get a screen lock prompt. Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Change-Id: I0c6946af4ffb1546ffbd4d80c11fa4b8ab5555bc /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
f34d2f607f6dc4f7345c3fd7bacb580ac98c31c5	20-Mar-2017	Rubin Xu <rubinxu@google.com>	Load DevicePolicyManager only when needed in LockSettingsService Since DevicePolicyManager is published later than LockSettingsService, we shouldn't be getting DevicePolicyManager when LockSettingsService is being constructed. Bug: 36424241 Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedProfileOwnerTest#testResetPasswordWithToken Change-Id: I5e9da78e4fe802c70d34dc3c9dae4f2677ed631d /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
18a8af21b52e71a8f3f04c8834b5531ebdcefc20	17-Mar-2017	Andrew Zeng <zenga@google.com>	Merge "Fix NPE in LockSettingsService." into cw-f-dev am: 4aff3d53ef am: a01e2212c8 am: d4e88e2642 Change-Id: Ie7d409e8ef3ec5c3201bcaf0ae125ca71dc10c08
8b30ec3f49d4c8037bc6aa03ed6dd91aff3968ad	05-Mar-2017	Rubin Xu <rubinxu@google.com>	Fix SynthethicPassowrdManager unit tests Mock DevicePolicyManager in the unit tests. Bug: 34600579 Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Change-Id: Ieca30a74d7d9d867994e912d188231510f54e76c /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
750563ee508e3ad9af6a70ccc669c070f892cfcb	11-Mar-2017	Andrew Zeng <zenga@google.com>	Fix NPE in LockSettingsService. Bug: 33789922 Change-Id: Iecdedd8d73d9f749f15a64131cc894d9f92de9d1 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
48a58baea2a39c41aa0dfb4a0384bd00d76d120b	07-Mar-2017	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Enable escrow tokens on automotive builds."
c068aa22090f9eb1a6af7f7acbdb29a3bac28f90	07-Mar-2017	Rubin Xu <rubinxu@google.com>	Merge "Allow user with a profile owner to have escrow tokens"
cb18d56eec278b0eeea82c9f309004cb179e79ca	07-Mar-2017	Rakesh Iyer <rni@google.com>	Enable escrow tokens on automotive builds. Cars head units are protected by physical security mechanisms (doors, locks) so enable escrow tokens on them. Bug:33458687 Test: Verified using test trust agent in packages/services/Car Change-Id: Ic7974a64192cd6d28fec67fe54025efe84cc50fc /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
af759c52ce01fe6b5144957e38da956af01a217b	15-Feb-2017	Geoffrey Pitsch <gpitsch@google.com>	Channels for Frameworks notifications Adapts all notifications used by system services to use channels. Channels are initialized by SystemServer after the NotificationService has started. Test: runtest systemui-notification Change-Id: I25c45293b786adb57787aeab4c2613c9d7c89dab /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
bc7a47c6d30943be512f9f982ae4803ff3cdc52a	22-Feb-2017	Rubin Xu <rubinxu@google.com>	Allow user with a profile owner to have escrow tokens This mainly covers the unicorn case where the primary user has a profile owner set on it. Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedProfileOwnerTest#testResetPasswordWithToken Bug: 35457534 Change-Id: Ieee883cce17c0b54b6e63fe113ada009e16150ad /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
df406d802e9f6348f307ebbe1809c5cdc6c0b64e	16-Feb-2017	Rubin Xu <rubinxu@google.com>	Normalize empty credential into null Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Bug: 31000522 Change-Id: I2f804a5790449f0d2d4d57fe6e34be03a84fb805 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
f095f8366bac52ac1eeb2b3eb1a403294ceeb541	31-Jan-2017	Rubin Xu <rubinxu@google.com>	Add escrow token support to synthetic password flow Escrow token provides an alternative way to derive synthetic password for a given user. In the new flow, a pre-provisioned escrow token should be able to do anything the user password can do, since they both derives the synthetici password which is the master key in the new auth flow. Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Bug: 33126414 Change-Id: Ib5ee38fd61f66de3245427ce992ebc12f1873a26 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
3bf722a8d54ca7192dfe07ee7b73eac7d25ccac5	15-Dec-2016	Rubin Xu <rubinxu@google.com>	Add synthetic password to authentication flow The user password is used to unlock a per-user synthetic password which serves the purpose of what the user password previsouly achieves (protect keystore, vold disk encryption, auth token generation). Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Test: manual 1. Start with fresh device, enable synthetic password with "adb shell cmd lock_settings sp 1" 1.1 add device lock, reboot and verify (positive & negative); change device lock, reboot and verify. 1.2 Inflate a work profile, reboot and verify device lock. check SID with "adb shell dumpsys lock_settings" 1.3 Un-unify and add work challenge, reboot and verify work challenge and SID. 1.4 Re-unify work challenge, reboot and verify. 1.5 Clear device lock, reboot and verify lock and SID. 2. Start with a fresh device, add a device lock and inflate a work profile. 2.1 Enable synthetic password, note current SID 2.2 Reboot and unlock device. Verify synthetic password is generated and SID remains. 2.3 Clear device lock, reboot and verify (SID should be cleared) 3. Start with a fresh device, inflate a work profile, add separate work challenge 3.1 Enable synthetic password, not current SID 3.2 Reboot and unlock device and profile. Verify synthetic password is generated. 3.3 Clear device lock only, reboot and verify (work profile SID should remain) All steps tested on marlin (FBE) and bullhead (FDE) Bug: 33126414 Change-Id: Idb9ebfc7bba2fe40670c5fee2189e873d9704540 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a55b168b5d5a0584b2411793f870a7849c5014f1	31-Jan-2017	Rubin Xu <rubinxu@google.com>	Small tweaks in LockSettingsService Paves way for synthetic password flow: Two notable changes: 1. when unify/un-unify work challenges, provide the old work profile password. 2. when clearing lock, supply old credentials. Test: Unit test to be added in a follow up CL. Bug: 33126414 Change-Id: I2a9553c5e7cc701338436e99e5a1289cebd1eda9 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
0cbc19e4a66f7db51596b57ca91afc6f5b27f3b4	09-Dec-2016	Rubin Xu <rubinxu@google.com>	Add unit tests for LockSettingsService Add infrastructure and first sets of unit tests for LockSettingsService Bug: 33126408 Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Change-Id: I4f3b7f6eaef7122f72b06bd11ce49134a093fe35 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
e71f583c782a98e977d6a5c450dff856b132e5c6	13-Jan-2017	Michal Karpinski <mkarpinski@google.com>	Strong auth timeout refactor Move timeout scheduling mechanism from KeyguardUpdateMonitor to LockSettingsStrongAuth. Move reporting about successful strong auth unlock from KeyguardUpdateMonitor#reportSuccessfulStrongAuthUnlockAttempt() to LockSettingsService#doVerifyCredential() - the latter also covers work challenge strong auth unlocking. Test: manual with all types of strong and non-strong auth, including work challenge Bug: 29825955 Change-Id: I38e51b21e3a455b95e3c857e091fe07ee388c7f8 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
3aac3ebee1079ba56afde5d149b0653c891cb5a8	13-Jan-2017	Andrew Scull <ascull@google.com>	resolve merge conflicts of ad4aa1ce7d3d to nyc-mr1-dev am: eb35ad9969 Change-Id: I4fd9ce4c79db5a10f28008c89205fc9c8ef2888f
eb35ad9969a173ac4d6279a5e322e8176c2ae6d1	13-Jan-2017	Andrew Scull <ascull@google.com>	resolve merge conflicts of ad4aa1ce7d3d to nyc-mr1-dev Change-Id: I97ef31536cd06495a08a3f94f81df2d1376186e0
ad4aa1ce7d3dd2dd8d5690eb2f7653ca3c27000e	13-Jan-2017	Andrew Scull <ascull@google.com>	resolve merge conflicts of e4cefbf4fce4 to nyc-dr1-dev Change-Id: Ib536a33ba381c28397320edd516d52727e5bdacc
e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5	02-Dec-2016	Andrew Scull <ascull@google.com>	Don't save password metrics to disk. On FBE devices, don't save the metrics to disk but compute them when the password is first entered and only store them in RAM. Merged-in: 5daf273b7e3272269c53eda20ce494d0e7a365b5 Bug: 32793550 Change-Id: Icee7f615167761177b224b342970a36c7d90f6ba /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
1de89b3bec2f296763f3ecde9a36ecbca2110f3d	30-Nov-2016	Rubin Xu <rubinxu@google.com>	Refactor LockSettingsService to unify the handling of pattern and password Also fix LockSettingsStorageTests. More unit tests on LockSettingsService to be added in the next CL. Bug: 33126408 Test: runtest frameworks-services -c com.android.server.LockSettingsStorageTests Change-Id: I0f143b26fed1d5ae122fba3b57bd39c7793ad8d9 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
85a63bc1a06870b5a86926b0bce94a2bf559e3f0	24-Oct-2016	Andrew Scull <ascull@google.com>	Evict CE key on request and when work mode is turned off. DPMS.lockNow takes a flag which can request the managed profile CE key to be evicted. Test: com.android.cts.devicepolicy.ManagedProfileTest#testLockNowWithKeyEviction* Bug: 31000719 Change-Id: I68f4d6eed4b041c39fd13375f7f284f5d6ac33da /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
5daf273b7e3272269c53eda20ce494d0e7a365b5	14-Nov-2016	Andrew Scull <ascull@google.com>	Don't save the password metrics to disk. Only store the metrics in RAM, computing them at first log in. Test: com.android.cts.devicepolicy.DeviceAdminHostSideTestApi24 Bug: 32793550 Change-Id: Iaf9516c193f054331e3e2c68cb3f627bd543b408 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
d39d4d7d38c9e27a640ad3ddc0938083f8f539ff	25-Nov-2016	Rubin Xu <rubinxu@google.com>	Fix boot loop when upgrading direclty from L to N am: bfc7faaf35 am: 492f5263a4 am: 873c99c30b am: 5adffe2c77 Change-Id: I9ae16f0de5b6f71d8343db369528c27a40d36be4
492f5263a44bc5125140ab9a7cabdb8626435eca	25-Nov-2016	Rubin Xu <rubinxu@google.com>	Fix boot loop when upgrading direclty from L to N am: bfc7faaf35 Change-Id: Iaaf32f1c6fd70dd394252f963d87897899fb2e55
bfc7faaf353ea75ab04e986edbc79478679d40f6	22-Nov-2016	Rubin Xu <rubinxu@google.com>	Fix boot loop when upgrading direclty from L to N A second attempt to fix the upgrade problem due to SID == 0 in the above upgrade path. The previous fix contains a bug where it would cause future attempts to unify work challenge to silently fail, and crash SystemUi when unlocking. This fix adds a check for non-zero SID before doing the initial work profile unification (which caused the upgrade crash when SID == 0). This means the initial work profile unification would only happen when the user has unlocked the lockscreen and SID is generated. Bug: 32490092 Bug: 33050562 Change-Id: Ib28951b2ec26b4f091df7763d9902f55616fcb5c /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
794e9022c97ae8a47f7235c298be04000712aa2e	22-Nov-2016	Zach Jang <zachjang@google.com>	Revert "Catch KeyStoreException for setting profile lock" am: e61672ab08 am: fe3b0b2cc1 am: f516131a38 am: af98d20dc6 Change-Id: Ib443a1fea735b8aa240d724fc7a24c91102440ef
fe3b0b2cc171b9278ca41b4544daae7b81e3e8b3	22-Nov-2016	Zach Jang <zachjang@google.com>	Revert "Catch KeyStoreException for setting profile lock" am: e61672ab08 Change-Id: Ie1a720181bf542bbf213af8b6b83eff0ecd84a98
e61672ab087df4857a4f0923258b945800046589	22-Nov-2016	Zach Jang <zachjang@google.com>	Revert "Catch KeyStoreException for setting profile lock" This reverts commit c8fa5ed8f2d492aa5e005fcdb5991c3f980de045. Change-Id: Ia1425e649e102cb79280d75e5f49db670214cec3 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a79a655e4b97d204c220d20ad5352e48d261afd5	18-Nov-2016	Ricky Wai <rickywai@google.com>	Catch KeyStoreException for setting profile lock am: c8fa5ed8f2 am: 3b546019dc am: c40b9a8ee2 am: b5ddc22675 Change-Id: Idc10bc9e849e4f5d23bba8ee33a7caf72626428b
3b546019dc39ced57f13ee8caded15fb87e153c4	18-Nov-2016	Ricky Wai <rickywai@google.com>	Catch KeyStoreException for setting profile lock am: c8fa5ed8f2 Change-Id: I28777d9d80ba13df463e05b95dd2524633554c9d
c8fa5ed8f2d492aa5e005fcdb5991c3f980de045	17-Nov-2016	Ricky Wai <rickywai@google.com>	Catch KeyStoreException for setting profile lock When device upgrades from L->N, sid(in gatekeeper) could be 0 even primary profile screenlock is set. We are now trying to catch the exception so when sid==0 happens, it will try to tie profile lock again when primary profile is unlocked. Bug: 32490092 Change-Id: I73011d872ac15e7e09be9bda0165cf7f6a75493a /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
2250d56a0b47b93016018340c8f4040325aa5611	08-Nov-2016	Sudheer Shanka <sudheersai@google.com>	Rename MountService to StorageManagerService. Bug: 30977067 Test: Existing tests pass Change-Id: Ieac0f11c2b249dcd60441b14c1f391e6f8131d42 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
dc589ac82b5fe2063f4cfd94c8ae26d43d5420a0	11-Nov-2016	Sudheer Shanka <sudheersai@google.com>	Update usage of ActivityManagerNative. - Remove references to ActivityManagerProxy. - Add isSystemReady to ActivityManager. Bug: 30977067 Test: cts/hostsidetests/services/activityandwindowmanager/util/run-test android.server.cts adb shell am instrument -e class com.android.server.am.ActivityManagerTest,com.android.server.am.TaskStackChangedListenerTest \ -w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I07390b6124fb1515821f5c0b37baf6ae74adc8fa /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
2fef6f7b155f2ff0d3531fe63b8e1c745bb3dc9d	02-Nov-2016	Jorim Jaggi <jjaggi@google.com>	Add ability to modify credential via shell command Test: adb shell locksettings set-pattern 1234 Test: adb shell locksettings set-pin --old 1234 1234 Test: adb shell locksettings set-password --old 1234 1234 Test: adb shell locksettings clear --old 1234 Test: runtest frameworks-services -c com.android.server.LockSettingsShellCommandTest Change-Id: I8f541effc7eab0d7453cd9a9b46c280a6425e258 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
794e66cfd270c4ab5ab2db614f6561c1e48316ba	03-Nov-2016	Greg Plesur <plesur@google.com>	New Wear devices need to update their DISABLE_LOCKSCREEN_KEY. am: eb2e45369a am: a71a0b8da1 am: e44736a819 Change-Id: I36f1980ede5ea483c4750386a7b5905254ce33f8
eb2e45369a92548e34b664d466d0578f966f7cef	02-Nov-2016	Greg Plesur <plesur@google.com>	New Wear devices need to update their DISABLE_LOCKSCREEN_KEY. Previous versions of Wear forced this flag to "true." BUG: 32591969 Change-Id: I9619eee5df5f67e92818ef0b7b45ddd2299449f1 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a76b07131edd28fd113afd1b9484d33e3a627663	18-Aug-2016	Jim Miller <jaggies@google.com>	Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c am: 229de7088e am: cb83f6188b am: e3457fc127 am: 7329e02153 am: cf7d8468ac Change-Id: Ie7476d7f2b91e155481c322e7bdc3e60123d89de
cf7d8468ac19fa298c1f3d9e65871280fd09e661	18-Aug-2016	Jim Miller <jaggies@google.com>	Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c am: 229de7088e am: cb83f6188b am: e3457fc127 am: 7329e02153 Change-Id: I1dadbc10574e60565d0e30d2ba9e26bc352ebf10
669a15353130d90213d8c483dd444728f86255d4	18-Aug-2016	Jim Miller <jaggies@google.com>	Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c am: 229de7088e am: cb83f6188b am: e3457fc127 Change-Id: I1bc40c141498e62cad36acc9568177cb88debc11
e3457fc127593ed13040cf246bdfbc3c3bfdecfe	18-Aug-2016	Jim Miller <jaggies@google.com>	Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c am: 229de7088e am: cb83f6188b Change-Id: I82302931ab714e25ec21721dc05480e1f2d447b0
229de7088e800815f5737cec4980e47754e03d63	18-Aug-2016	Jim Miller <jaggies@google.com>	Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c Change-Id: I07def32199ecdbbb32aa6ecaca20724cfc81265c
485fbda04c7651413122422121fc96e4227a5f77	18-Aug-2016	Jim Miller <jaggies@google.com>	Fix vulnerability in LockSettings service am: 2d71384a13 Change-Id: I62ca5fb150022fe0971329294b1063957f397248
2d71384a139ae27cbc7b57f06662bf6ee2010f2b	11-Aug-2016	Jim Miller <jaggies@google.com>	Fix vulnerability in LockSettings service Fixes bug 30003944 Change-Id: I8700d4424c6186c8d5e71d2fdede0223ad86904d /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
eddf518763261536f31b777b0e262f85676d6967	10-Aug-2016	Jeff Sharkey <jsharkey@android.com>	Check calling thread when verifying credentials. This operation can do quite a bit of heavy I/O lifting, so use StrictMode to catch any callers on the main thread. Bug: 30622925 Change-Id: I5bfcb33a0d1563d5c38e1a1a4b32e7c1bba6bee6 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
b6edaa952eb04137c126f61122571f41087ad980	27-Jul-2016	Jeff Sharkey <jsharkey@android.com>	Polish around locked user communication. Based on user feedback, using a notification to communicate that a user was locked was confusing. Instead, this CL moves to showing a message in the keyguard indicator slot at the bottom of the screen, which is where we communicate other information such as charging status. Since a locked user is a very limiting experience, this new message takes precedence over any other indicator message. Bug: 28942360 Change-Id: I708d2b4b41079d09d46c17365c750488204e3090 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
29d157bf0557bda04ffeda64f2dd4239d91aa5f4	16-Jul-2016	Jim Miller <jaggies@google.com>	Fix vulnerability in LockSettings service Fixes bug 30003944 Change-Id: I8700d4424c6186c8d5e71d2fdede0223ad86904d /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
97c8f8d16132747f3fe98f076a215f850b4f7c05	13-Jul-2016	Ricky Wai <rickywai@google.com>	Remove tied profile encryption key cache in keystore Bug: 28928518 Change-Id: I20dd097d72e14253bc8b61d594ae84d0b56c8582 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
702589d0605b5e8c1b47e67c6b24f662a051440a	09-Jul-2016	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Preparations for different scrim depending on wallpaper" into nyc-mr1-dev
e8fde5d9666eea10307cbc27f4b1a94d3cbb4ec9	01-Jul-2016	Jorim Jaggi <jjaggi@google.com>	Improve initial unlock delay (1/2) When checking for the credentials, we add a new callback onEarlyVerified which gets called as soon as we know that the credential was correct. In KeyguardUpdateMonitor, we track the unlocked state of the user, and if it's still locked, we slow down all the transitions to allow for a more gradual unlock experience. Bug: 29007436 Change-Id: I406d228f9f3e41e07fe3292a61df175a7f579e4d /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
49fd32057410a1191eb9965745742c7e9ea68f3b	08-Jul-2016	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Fix bug with launching home activity from LockSettingsService" into nyc-mr1-dev
016593fe848868808a4645ce2302c2ab07348c30	07-Jul-2016	Jim Miller <jaggies@google.com>	Fix bug with launching home activity from LockSettingsService This fixes a bug where LockSettingsService was sending a broadcast instead of launching the home activity. Fixes bug 29988032 Change-Id: Ibdbb15928fee575375576a31181d91323073a9fb /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
e31f6b8024d1a0cfa71894e9a8ce1b39a9f85b2f	02-Jul-2016	Jorim Jaggi <jjaggi@google.com>	Preparations for different scrim depending on wallpaper - Allow wallpaper info to be queried by user - Refactor ScrimController for extensibility Bug: 28936996 Change-Id: Ib019331a844110f1f24f35d225d2648626545233 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a8e3f77332f655b7d195e1c3e3e0ba931cb8c1cd	27-Jun-2016	Ricky Wai <rickywai@google.com>	Do not show user locked notification after reboot when there is no lock Bug: 29384349 Change-Id: I19995beacf565fff36d98558605694cdbe5bcedb /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
8cbe1a6309ed330000269dccbfce26de97f11e83	17-Jun-2016	Amith Yamasani <yamasani@google.com>	Merge "Clean up ex-users in lock settings db" into nyc-dev
f11a574027a8dbe18d79ce467984d63d07fea9e1	16-Jun-2016	Amith Yamasani <yamasani@google.com>	Clean up ex-users in lock settings db Just in case a userid was not properly cleaned when the user was removed, make sure it is cleaned up when a new user takes up the same userid. This prevents inconsistent lockscreen state and avoids a crash in Settings when trying to set a password for the new user. Fixes: 29412112 Change-Id: Ic4f0efbb97786b0290c74325b28c9d74825e9e53 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
43f6a45e7e111af8a843e001b555082cb356a529	16-Jun-2016	Ricky Wai <rickywai@google.com>	Merge "Add permission checking on service calls in LockSettingsService" into nyc-dev
d04aaa323c3a788d26f18fc66e0a59b47e525b38	13-Jun-2016	Amith Yamasani <yamasani@google.com>	More thorough cleansing of expired users If any /data/system_[c\|d]e folders were not erased when the user was removed (maybe due to a reboot), make sure they're cleaned up on restart as well as when the userId is recycled later. Mark the users' system folders with the correct serial number for later verification. AccountManager shouldn't be querying accounts of partially created/destroyed users. Change-Id: I4313756b7464f34cd5ce4fb296d61daa50b41fcb Fixes: 29285673 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
7f405f170f66d201f893a2f29866f528f0ec7fc8	31-May-2016	Ricky Wai <rickywai@google.com>	Add permission checking on service calls in LockSettingsService Bug: 28941207 Change-Id: I113db10bb57f250d44361a0a5144a7d1c990ba4d /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
6c8187282ecc20419a5a70371bc6a21af6d364e0	27-May-2016	Toni Barzic <tbarzic@google.com>	Clear calling identity before calling mountService Change I8106bfba28da401b9fd38349c6a9fa9a24f54712 unwittingly reintroduced requirement for apps that change password to have STORAGE_INTERNAL permission. This fixes the problem by clearing calling identity before calling mountServce in fixateNewestUserKeyAuth, like it's done in addUserKeyAuth. BUG=28154455 BUG=27600227 Change-Id: I1bcd9f6eefa892b021d93df2638c8dba4d4b5400 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a39d888651493d20f3814cd88a39a521450b3eac	26-May-2016	Jeff Sharkey <jsharkey@google.com>	Merge "Suppress unlock notifications on non-FBE devices." into nyc-dev
4a39936d3669696dc6a25a4023daf7a7e4b158ef	26-May-2016	Jeff Sharkey <jsharkey@android.com>	Suppress unlock notifications on non-FBE devices. We have a longer-term plan to clean up FBE unlock notifications, but in the meantime don't confuse users by quickly flashing them on non-FBE devices. Bug: 28840764 Change-Id: I696508ef981b6f8f51f22ea24487d87d27d5b6e3 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
1cb6f9d8a4827d50e26bf83068a928e47c5c1f1e	26-May-2016	Ricky Wai <rickywai@google.com>	Merge "Add resetKeyStore() in LockSettingsService" into nyc-dev
7b9eb419e35f12963eeea119b51a241146029b74	12-May-2016	Ricky Wai <rickywai@google.com>	Store work lock type even it uses unified lock If we are not storing this, LockPatternUtils.isSecure(workUserId) will return false, and cause some methods like trySetQuietModeDisabled() cannot show screen lock correctly. Bug: 28738725 Change-Id: I7d0b61022b0afff2dac4cdae72d558118ea892e7 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
d398244513c62c9ea14a0f1c6ffef832e803c16f	24-May-2016	Ricky Wai <rickywai@google.com>	Hide work profile key in user credentials screen Bug: 28878708 Change-Id: Ib250fae2388b061430d93b7d65133002ce664993 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
f420c413b9abd58dcbea881535da5b603f7f7afc	25-May-2016	Ricky Wai <rickywai@google.com>	Merge "Unlock work profile storage even work mode is off" into nyc-dev
99df649aa4907d9f9c6fe4bdf4acb517003f97f2	25-May-2016	Ricky Wai <rickywai@google.com>	Merge "Do not tie managed profile synchronously in onUnlockUser()" into nyc-dev
4613fe41ac9e817e76d7087de45bf01f4a6584d6	24-May-2016	Ricky Wai <rickywai@google.com>	Add resetKeyStore() in LockSettingsService Before resetKeyStore(), it will back up child profile keys, and will be restored after primary profile keystore is cleared. Bug: 28878708 Change-Id: I0cb4a1f885d468894bc7eb95af694328bf92ce16 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
89e3f2ba98ea6d69b1846e996c4c279a9b20c4e9	25-May-2016	Jim Miller <jaggies@google.com>	Merge "Fix missing permission check when saving pattern/password" into mnc-dev am: 45c77d951a am: 9bf8474c27 * commit '9bf8474c27642f48aa27e2edf1bdd83b27d692c1': Fix missing permission check when saving pattern/password Change-Id: I4238a43dc30be54375b6db129b360cc7d0a90b0e
9bf8474c27642f48aa27e2edf1bdd83b27d692c1	25-May-2016	Jim Miller <jaggies@google.com>	Merge "Fix missing permission check when saving pattern/password" into mnc-dev am: 45c77d951a * commit '45c77d951ab5203b8e19c2ed2ce3a0816e42b118': Fix missing permission check when saving pattern/password Change-Id: I81947e95d5365bbf6a4927435f43c73dc4ac2bb0
4266feeb93fae4603e8a43d065160430a4c784a5	23-May-2016	Ricky Wai <rickywai@google.com>	Unlock work profile storage even work mode is off Bug: 28860823 Change-Id: Ic89027f163e4c4e1ba9e8c24174475b6a4a983a4 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
d86ac8116bfc64c61d8124ff8d3e92be5e55cd3e	23-May-2016	Victor Chang <vichang@google.com>	Merge "New api in LockSettingsService to get StrongAuth synchronously" into nyc-dev
a0940d33dcbac0245ad5467d9c302f8eaee615dc	16-May-2016	Victor Chang <vichang@google.com>	New api in LockSettingsService to get StrongAuth synchronously Not all client needs to monitor the StrongAuth, e.g. ConfirmDeviceCredentialBaseFragment Provide a quick method to get StrongAuth Bug: 28752364 Change-Id: Iecfd217046da38e43297bdd5832cf7d637b979ed /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
cc70155f3bf18341296aaa2163bd2e7df6997b11	17-May-2016	Paul Crowley <paulcrowley@google.com>	Two phases to set the password for disk encryption Revert "Revert "Two phases to set the password for disk encryption"" This reverts commit a1eb750e75ff7c7ef7698deed4442449c33334c8. Bug: 28154455 Bug: 28694324 Change-Id: I8106bfba28da401b9fd38349c6a9fa9a24f54712 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
b0cdf3845fd33cc40a929a2b9b882bf0a3a994d3	16-May-2016	Ricky Wai <rickywai@google.com>	Do not tie managed profile synchronously in onUnlockUser() Bug: 28736098 Change-Id: I2c687c11b9991d0771cfe721e80ac1541c477f2e /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
f829c1463b4805545d15924ad6243b9405eb83d6	10-May-2016	Paul Crowley <paulcrowley@google.com>	Merge "Revert "Two phases to set the password for disk encryption"" into nyc-dev
a1eb750e75ff7c7ef7698deed4442449c33334c8	10-May-2016	Paul Crowley <paulcrowley@google.com>	Revert "Two phases to set the password for disk encryption" This reverts commit 17e5dce5112fece2d2b9cd070c2f96bf65108e40. Bug: 28694324 Change-Id: I6d89bc26cb429b195c9bcf640666c495617257b7 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
84812583030b3799e8a1203b480b78d3825b7adb	10-May-2016	Ricky Wai <rickywai@google.com>	Hide notification before tie managed profile lock We should hide the notification asap before setting managed profile lock, to reduce the time that user is unlocked while the notification is still showing. Bug: 28689675 Change-Id: I289302302e3079726998adefebe2e8b113b2e52a /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
17e5dce5112fece2d2b9cd070c2f96bf65108e40	22-Apr-2016	Paul Crowley <paulcrowley@google.com>	Two phases to set the password for disk encryption In one phase, we make the new password work, and in the second we make it the only one which works ("fixation"). This means that we can set the password in Gatekeeper between these two phases, and a crash doesn't break things. Unlocking a user automatically fixates the presented credential. Bug: 28154455 Change-Id: I18812f9ce753486ce4e33b4fe2cca392b006b39c /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
3423a513e7c0c0a0a7ae0fada1fc684c990c0aa2	04-May-2016	Ricky Wai <rickywai@google.com>	Merge "Do not show exception stack trace when no child profile key" into nyc-dev
de3a068af63abc0f4173d4c4b2d8530bae6dd203	03-May-2016	Ricky Wai <rickywai@google.com>	Do not show exception stack trace when no child profile key Bug: 28396912 Change-Id: I48e3f3223d04a0ba3dd2d975901b0504ce0dd25f /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
0bbd108aa1fee8c69bbaf41990d3f3d8a99d54cb	27-Apr-2016	Paul Lawrence <paullawrence@google.com>	Check permission on clearPassword and other CryptKeeper APIs Note - this should only ever be called from LockScreen after getting the password to avoid the double prompt Bug: 28376346 Change-Id: Ic44df4fdcc23408c56b1b9375deed1c6ad2af544 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
ce18c8167766f92856f94a8e88e19de4698960e6	28-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Introduce "unlocking" vs "unlocked" nuance. There is a narrow window of time during user unlock where we're reconciling user storage and dispatching the "unlock" status to various internal system services. While in this "unlocking" state, apps need to be told that the user still isn't actually "unlocked" so they don't try making calls to AccountManager, etc. The majority of internal services are interested in merging together both the "unlocking" and "unlocked" state, so update them. Clarify naming in AccountManagerService to make it clear that a local list is being used, which mirrors the naming in MountService. To match UX/PM requested behavior, move PRE_BOOT_COMPLETED dispatch after the user is unlocked, but block BOOT_COMPLETED dispatch until after all PRE_BOOT receivers are finished to avoid ANRs. Bug: 28040947, 28164677 Change-Id: I57af2351633d9159f4483f19657ce0b62118d1ce /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
7881cf8f818317cc6efe4d6a4c42da94d6bab223	15-Apr-2016	Ricky Wai <rickywai@google.com>	Make "work mode on dialog" show personal challenge in unified work lock Bug: 28183335 Change-Id: Ib212b283b9561f88899f6e7ea130944391b6e558 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a482c6e5e61c2c01502a344240ef596dfbe84f26	22-Apr-2016	Paul Crowley <paulcrowley@google.com>	Merge "Clear calling identity before calling mountService" into nyc-dev
b5383455b6cae093e60684b4f5cccb0cc440330d	14-Apr-2016	Jim Miller <jaggies@google.com>	Fix missing permission check when saving pattern/password Fixes bug 28163930 Change-Id: Ic98ef20933b352159b88fdef331e83e9ef6e1f20 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
fd24108ca9876ac4f3598cf06464b78b61f32a96	19-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Don't block while dispatching PRE_BOOT. While we're waiting on the final UX around PRE_BOOT_COMPLETED, don't frustrate users by giving them a lockscreen that appears frozen for several seconds. Bug: 28164677 Change-Id: I54b62cea9bb83bc0f82fdf7e6e46a4640e1a30de /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
275c94aea32e3c95cbf8177c80c77a1b191e7fa3	15-Apr-2016	Jim Miller <jaggies@google.com>	Merge "Fix missing permission check when saving pattern/password" into nyc-dev
23abc598a5bdeb5d1cf66f83ff14eb3f440d5a9a	15-Apr-2016	Benjamin Franz <bfranz@google.com>	Merge "Don't show the unlock notification when Work mode is off" into nyc-dev
f02420c5e1bcc8b2c278f272aca633fe6d2b4e88	04-Apr-2016	Benjamin Franz <bfranz@google.com>	Maybe decrypt user when quiet mode is disabled When quiet mode is disabled for a user and that user is not currently decrypted, we show a confirm credentials screen to trigger decryption of that user. Only if that was successful, do we actually disable quiet mode. Bug: 27764124 Change-Id: Ib1f649194d89e225dad62c14f3ddba1fa3d79da2 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
e484eaff00096f3819c5002b66487b8c1d16ef57	14-Apr-2016	Jim Miller <jaggies@google.com>	Fix missing permission check when saving pattern/password Fixes bug 28163930 Change-Id: Ic98ef20933b352159b88fdef331e83e9ef6e1f20 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
4ab7e595a5deef72448da950f2f973bc0c90fe18	14-Apr-2016	Adrian Roos <roosa@google.com>	StrongAuthTracker: Don't rely on USER_PRESENT USER_PRESENT is sent via the background queue. A delay there can cause us not to recognize that the user has unlocked and prompt for the credential again, when trust or fingerprint would be sufficient. Also removes an obsolete reference to USER_PRESENT from TrustManagerService. Change-Id: Ie8d1a180170df5f0c8f9e71660504fd71eeacd99 Fixes: 27830458 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
53940d4c7f45a26d8b571982a1f8f4b8094aa5e0	05-Apr-2016	Ricky Wai <rickywai@google.com>	Fingerprint should confirm device lock when unified When unified and adding a fingerprint, the user is prompted to set up a backup Bug:27419438 Change-Id: I3e857fa07c50ee0904f685b721595ef6cfe729f9 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
dc283a897680ffd33c4d15535ebe778ba5b42c43	24-Mar-2016	Ricky Wai <rickywai@google.com>	Keymaster init for work profile Changes: (1) When unified work challenge is enabled and screen lock is secure - Store work profile secure key in primary profile - When primary user keystore unlocked, unlock work profile keystore - When primary user change lock to none, remove work secure key (2) When unified work challenge is enabled but screen lock is not secure - When screen lock changes to secure, store work secure key in primary (3) When user changes work challenge from unified to separated - Remove work secure key in primary (4) When user changes work challenge from separate to unified - Do (1) and (2) Bug: 27460698 Change-Id: I8f77bde5dc6b8e59c90256e75c5990100e93366b /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
0f9dd1e2f5561c57a2a233a42749dbfe12a5dc44	06-Apr-2016	Selim Cinek <cinek@google.com>	Deprecated the contentinfo and the number It was mainly adding noise to the notification rather than useful information. Bug: 27431551 Change-Id: Ie22c9935d60eeac1cca5d9ce97239aadfac9b3cf /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
f52709c42e81537db1471ffeb552b4340324c795	01-Apr-2016	Benjamin Franz <bfranz@google.com>	Don't show the unlock notification when Work mode is off Currently we show the unlock work profile notification when work mode is off. This CL stops this from happening. Bug: 27764124 Change-Id: I63e4e09ab8c35a69d10118cf06d8ef33b1e1eb05 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
815036f055173d4dfcddd03a4e6c03d24bff00c7	29-Mar-2016	Paul Crowley <paulcrowley@google.com>	Clear calling identity before calling mountService Apps that change the password shouldn't need the STORAGE_INTERNAL permission. Bug: 27600227 Change-Id: I73e86c3400c19e9b1cea786dc472ab571ac18803 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
bd91e2f3f6aca512a02be645b2515b5e3331e177	22-Mar-2016	Jeff Sharkey <jsharkey@android.com>	Update PRE_BOOT_COMPLETED for FBE. Now that CE data isn't available until after a user is unlocked, we need to delay the PRE_BOOT_COMPLETED broadcasts. This is done by adding a new RUNNING_UNLOCKING user state to the UserController lifecycle. We now track the last fingerprint a user was logged in under, and we dispatch PRE_BOOT receivers when that fingerprint changes. To work around battery pull issues, we only persist the updated fingerprint once all PRE_BOOT receivers have finished. This is less granular than the original solution, but it's still correct. We only consider a user as "logged in" once it transitions into the RUNNING_UNLOCKED state. When starting a process, track if the user was "unlocked" when started, so that we only spin up unaware providers in processes started before user unlock. Add generic IProgressListener to communicate PRE_BOOT progress and strings up to lock screen. For now, LockSettingsService just blocks until finished, but it could display these strings in the future. Bug: 27220885 Change-Id: I349439776b885acd32f6a578d8951ffd95640be2 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
042a68ae3297db27c4bd6aca7f1c39001261b85e	03-Mar-2016	Jim Miller <jaggies@google.com>	Merge "Attempt to fix bug where OwnerInfo gets lost." into nyc-dev
325c56741a4896741f3e3c5894c20ee55090a31b	02-Mar-2016	Jim Miller <jaggies@google.com>	Attempt to fix bug where OwnerInfo gets lost. Bug 27419272 Change-Id: I2f938606c3155afd2fc31b5da640b7b74c397a14 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
0a587d2840ca105746a9e14d018dc8ec2b3442be	23-Feb-2016	Clara Bayarri <clarabayarri@google.com>	Unlock Keystore/Keymaster separately for Work Challenge The Keystore should be unlocked by the work challenge when the work profile has its own lock, and should not be unlocked by the device lock in this case. Tested use cases: When unified, both users have the password key set to the parent's Setting a work challenge changes the work profile's password key to its own Unifying causes the work challenge key to be set to null first and then when the device password is reset right after that it is reset to the same as the parent Unlocking when locks are unified unlocks both using the same password key Unlocking the device when not unified only unlocks the parent Unlocking the work challenge only unlocks the work profile Bug:26817206 Change-Id: I99dca279687f4f77636992e355dbdb607bbf7b6d /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
b1b302660cf5b1b1c5b342cc90eca93b8f66890c	09-Feb-2016	Kenny Guy <kennyguy@google.com>	Support FBE for managed profiles. Allow launcher to see and attempt to launch non-crypto aware application when profile is locked. Hide unlock notification until parent user is unlocked. Have unlock notitication use confirm credentials to unlock the profile. Updated notification strings as per suggestions in mocks to make it clearer between users and profiles. Bug: 27038260 Change-Id: If2d2c8148670d814544f4edd44193d15da32a289 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
faeb3eb0ba190e6d6cfe2b82ce20af587848de57	08-Feb-2016	Paul Crowley <paulcrowley@google.com>	Password security for FBE disk encryption keys Add the means to protect FBE keys with a combination of an auth token from Gatekeeper, and a hash of the password. Both of these must be passed to unlock_user_key. Keys are created unprotected, and change_user_key changes the way they are protected. Bug: 22950892 Change-Id: Ie13bc6f82059ce941b0e664a5b60355e52b45f30 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
98e0a266ea27e8dcd4d5e4380921f40f00e7b685	04-Feb-2016	Paul Crowley <paulcrowley@google.com>	Always get an auth token when we verify. We need the auth token for FBE. In a future commit I'll get rid of the "verify" method altogether, but no need right now. Bug: 22950892 Change-Id: Ied2b666f0613dd97e021d3416ec06e44b9397d11 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
b1135b7196c87d74b293fea3f89400aa4f1dd084	03-Feb-2016	Jim Miller <jaggies@google.com>	Add new icon for fbe notification Fixes bug 26863369 Change-Id: I967d585fa251782d18a5f24c025b28d40268dc85 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
e6c28031edb8137beb5d32ffed9e4dc4897d011b	29-Jan-2016	Jim Miller <jaggies@google.com>	FBE notification improvements - change language for FBE "account locked" notification - use lock icon Fixes bug 26863154 Change-Id: I1cf2e230cf717cadd26879a90fdccbade59057a8 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
4f93c58b393bad5d0bcc4237fa66f14fb9c9ee28	28-Jan-2016	Jim Miller <jaggies@google.com>	Add account locked notification when users are encrypted Fixes bug 26407543 Change-Id: Ic66669cd5f75b5fa41449e33133439752cef112b /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a7aa4d6f0b91e050c083c19459b0c8b265c92617	20-Jan-2016	Rakesh Iyer <rni@google.com>	Allow smart unlock right after boot. This change enables relaxing the constraint by which strong authentication is needed after device reboot. There are very limited use cases where this might be safe, one of which is in a car. Cars head units usually are protected physically by the car and have hardware anti-theft mechanisms so we can potentially allow for Android to allow users to use smart unlock to avoid the lockscreen just after boot. This change adds in a config flag that sets the default trust flags, which can be set to allow smart unlock after boot for car head units. Bug: 26559008 Change-Id: Id6338a97b617ddaf3d2fae5d51235429a42b81cc /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a1771110d67fa7361f92d92f2e91019882ce3305	18-Dec-2015	Clara Bayarri <clarabayarri@google.com>	Create Work Challenge per-user condition Change the current static condition to a per-user condition so we can check and enable/disable the work challenge properly. Also add an isAllowed API, as the Work Challenge can only be used when the user's DPC targets N or above to maintain backwards compatibility. Change-Id: I0cb8b475838816801868ffb24726407aa257b4de /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
5a0fed684150f53d2d4293408f445f6092c24183	15-Dec-2015	Bryce Lee <brycelee@google.com>	Allow access to deprecated LOCK_PATTERN_ENABLED flag. am: 4614596a39 am: 36393a5674 am: 4ab8b0696a am: 0510ad1bc9 * commit '0510ad1bc9a2da4fa84f1a5417a218dba48563e3': Allow access to deprecated LOCK_PATTERN_ENABLED flag.
4614596a395b6c86fff3f35a07edda2e848d743c	14-Dec-2015	Bryce Lee <brycelee@google.com>	Allow access to deprecated LOCK_PATTERN_ENABLED flag. It is possible that older platforms may have not cleared the lock pattern, but instead only checked this flag to determine the lock pattern enabled state. In such cases, upgrading to a platform with that only checks the lock pattern can lead to the lock screen being re-enabled by accident. These new methods allow this condition to be identified and resolved. Bug: 26029690 Change-Id: I8f7ebc0e1915049afe49c219c87010aa38a16244 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
b9fe53705ca851c39abe44e980219fd6733bf821	03-Dec-2015	Jeff Sharkey <jsharkey@android.com>	Attempt to unlock users with null token. When starting a locked user, try unlocking their storace will a null token, which will typically succeed if there is an insecure lockscreen (no PIN or pattern). For users with a secure lockscreen, pass through a stub token for now to indicate that it came from a user challenge. Eventually we'll hook that up to gatekeeperd. Without this, we were only unlocking users with secure lockscreens. Bug: 25943941 Change-Id: Ia0324d50f43f55dfe0b8366793ddc5d25d885922 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
10ad84a17d7248488c1653bacc9f20d3a7193999	01-Dec-2015	Clara Bayarri <clarabayarri@google.com>	Create a separate Work Challenge check This allows us to tell lock checks from FBE checks separately, and will be useful when dealing with password unification. Change-Id: Ifbea425f749fee4d6d51faddd8b64bf717a1a5f8 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
56878a93989a49538fabccfb7218face645030bf	29-Oct-2015	Clara Bayarri <clarabayarri@google.com>	Create work challenge timeout The work challenge should be locked whenever the device goes to sleep + admin timeout or when the power button is pressed if the lock setting is on. This change creates the infrastructure to lock a specific user instead of the device and uses it in these cases. Then, the current code that brings up the work challenge can check to only show it if the user is locked. Change-Id: I89b4342b1458d97734d7afa66be52bf04ec3a3d4 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
8924e8759f9a8cffb5ad538ca40a7826793aac07	30-Nov-2015	Jeff Sharkey <jsharkey@android.com>	Wire up lifecycle, send unlocked broadcast. When the correct lock pattern is presented, ask the system to also unlock credential-encrypted storage, if enabled. The token passed along is empty for now, but can be wired up to gatekeeper in the future. During each system boot, ask vold to lock all users keys to give us a known starting state. This also has the effect of chmod'ing away any CE data when in emulation mode. Define and send a new foreground broadcast when the CE storage is unlocked for the first time. Add stronger last-ditch checking for encryption-awareness before starting an app. Bug: 22358539 Change-Id: Id1f1bece96a2b4e6f061214d565d51c7396ab521 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
7c69636c9a406265e1da368f3edfd8fb9651132c	16-Sep-2015	Xiaohui Chen <xiaohuic@google.com>	Cleanup USER_OWNER in various services Bug: 19913735 Change-Id: I980370bab18e1b9ccf4043eed2b9fd721a940f72 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
7f5ef05b3f0417e863aaac0f663364582f30c626	26-Aug-2015	Adrian Roos <roosa@google.com>	am 60aff469: am f90169d1: am 5bc2a2c0: am d56892da: Merge "Disable fingerprint after user lockout" into mnc-dr-dev * commit '60aff469b2abd8787ba4c3d326909128b57d06ea': Disable fingerprint after user lockout
873010dfeea11e0f9982c66ad9bdc990d055b129	26-Aug-2015	Adrian Roos <roosa@google.com>	Disable fingerprint after user lockout Bug: 22677859 Change-Id: I38b918d2e40b5bb423f2e5c171fe65bed8d440a6 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
e3b07451c3ca7064cb70f1829cf35963cba74bd8	22-Aug-2015	Adrian Roos <roosa@google.com>	resolved conflicts for merge of bcc26c02 to master Change-Id: I4260ff0d090cfa9741fd3adcfcadcbbff6839388
b5e4722891e7bbf2fffcd995af02838667a3abab	15-Aug-2015	Adrian Roos <roosa@google.com>	Add StrongAuthTracker Bug: 22846469 Bug: 22115393 Change-Id: I6ef5322d02e540fc043e7f20d3aabf595ce7c224 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
6086a25eb7721d7a59445796b73ee4c3f2e87701	30-Jul-2015	Adrian Roos <roosa@google.com>	am 5334b265: am aeda904f: am 4371922d: am 8e9b33f8: am 726d47b7: Merge "Fix and deprecate lock pattern related settings" into mnc-dev * commit '5334b265af71a31b0cf428b97b437ac040c067dc': Fix and deprecate lock pattern related settings
7811d9f5095a343acd218f4bb0a0e9e8f480b401	28-Jul-2015	Adrian Roos <roosa@google.com>	Fix and deprecate lock pattern related settings Bug: 22557690 Change-Id: Ib4b3ef7cebe815ba9d9d2284f945a9ec746b216c /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
2c4a573f38a942b75d0321e66da2042753188cb7	10-Jul-2015	Andres Morales <anmorales@google.com>	[LockSettings] fail hard when there's an error enrolling Soft failing causes state to go out of whack Bug: 22367550 Change-Id: I9f078cf1c39c35913c672741d8fb1be0b9c8c9e8 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
3188574c14c479a2898e5251b6b01db6be007975	30-Jun-2015	Andres Morales <anmorales@google.com>	Merge "[LockSettings] adjust legacy patterns to base 0 for unlocking keystore" into mnc-dev
59ef126f0787fb1edeec8fcc3ebaadaf12f18c06	26-Jun-2015	Andres Morales <anmorales@google.com>	[LockSettings] adjust legacy patterns to base 0 for unlocking keystore Otherwise, L keys will be lost as they're encrypted with the base 0 pattern. Keystore password is then re-enrolled with the base '1' pattern. Bug: 22118231 Change-Id: I37aea2afc3069f1ba48cb073268f1d66978b723e /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
f1900b500f71c372376b5d951d581afcca8d7b57	25-Jun-2015	Andres Morales <anmorales@google.com>	Merge "[LockSettings] clear secure user id when user is removed" into mnc-dev
070fe63962baf30a648f7f85a7d00c177fc8b7c5	24-Jun-2015	Andres Morales <anmorales@google.com>	[LockSettings] clear secure user id when user is removed Needed for QCOM HALs and for general good housekeeping Bug: 22011857 Change-Id: I6cc157a88ee125ecbf81fc51c226c63ba1d34b80 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
6d2c0e5ee2f717d4a5c00df08aca21c76eea8278	23-Jun-2015	Svetoslav Ganov <svetoslavganov@google.com>	Remove not needed contacts related permissions. This reverts commit ed5ff51b2ca7c051e2719dfc8a8a083e6208848e. Change-Id: If2407e4e474a438d95e1b7ad1aa6f441bb3ace08 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
ed5ff51b2ca7c051e2719dfc8a8a083e6208848e	23-Jun-2015	Bart Sears <bsears@google.com>	Revert "Remove not needed contacts related perissions." Broke the build, reverting. This reverts commit a2991da0d671adf511ccb884cf25bf1241303f92. Change-Id: I2bdfa70fbd8a6c03e48426f85eeb63896762d5da /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a2991da0d671adf511ccb884cf25bf1241303f92	22-Jun-2015	Svet Ganov <svetoslavganov@google.com>	Remove not needed contacts related perissions. Removing the read/write profile/social stream permissions as they are not needed anymore. These permissions are for accessing data nested in the conacts provider which is already guaded by the read/write contacts runtime permissions. The removed permissions would be in the contacts group which means they would not provide more protection compated to read/write contacts. Also removing the permissions voids the need for app op support for legacy apps. Removed deprecated APIs for social streams as these were deprecated and will go away in the next release. We want apps targeting M to not be able to compile if still suing these APIs to help with migration. Change-Id: I26ed9055847af7f92c78eb0f4ac8f9f1aa616fcd /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
e40bad8cf9397becdf05776c775c8286d3de46fa	28-May-2015	Andres Morales <anmorales@google.com>	[LockSettings] migrate patterns to be indexed at '1' Base zero patterns (ones where the top left is idx 0) are not handled properly by scrypt. Add logic to re-enroll base zero patterns such that the top left is idx 1. Bug: 21433955 Change-Id: I7f67f2c67d40dd1be6c62117710dc3b0392275a2 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
2397427cb1a0bad8a42e6a342dcf29b31e40a234	15-May-2015	Andres Morales <anmorales@google.com>	[LockSettings] migrate password attempt throttling to hardware leverage root protected, cryptographically secured hardware if available Bug: 21118563 Change-Id: Ifa804c5a0728bfd14466eb2a84051bace6d33d57 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
83ce095c848b972156256855d0f2a2ff4aa068fd	12-May-2015	Chad Brubaker <cbrubaker@google.com>	Add keystore onUserAdded/Removed methods (cherry-picked from commit 31c2897105e6d71f8e6edeab312d2147bbdbaeb1) Change-Id: I73fe9344ec5660e58425d5c85d14381820533d57 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
a91a8504191d91d288c55821caa5bf00c9be26a2	07-May-2015	Chad Brubaker <cbrubaker@google.com>	Cleanup keystore password changing and unlocking Add KeyStore.onUserPasswordChanged for the lockscreen to call when the user changes their password. Keystore will then handle the logic of deleting keys. Instead of calling Keystore.password_uid for both unlocking and password changes the behavior has been split into Keystore.unlock and onUserPasswordChanged. Change-Id: I324914c00195d762cbaa8c63084e41fa796b7df8 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
4383058bf4956f3a3132a58f0904087fdd569526	22-Apr-2015	Adrian Roos <roosa@google.com>	Migrate lockscreen.disabled on upgrade Bug: 19962043 Change-Id: Iecec4ea869aeb9d814f7447b4805caa571f3fd01 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
301ea449921663ffe5673fb5751a7185a40bd5ea	17-Apr-2015	Andres Morales <anmorales@google.com>	Recover from dead GateKeeperService Binder Change-Id: Ie25b46225a88fd59e6426a338bb94152d2c1b302 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
cfb61601fa4e92445655de7b82d2bc0ea9000824	17-Apr-2015	Andres Morales <anmorales@google.com>	Clear secure user ID and notify keystore when lock is cleared Change-Id: Id5bbde81b83add09e8362d439b19f1febe451003 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
d9fc85ac27742adbe89e54fd35f3cb2469e94b91	10-Apr-2015	Andres Morales <anmorales@google.com>	Add challenge to IGateKeeperService required for enrolling secondary auth form-factors Change-Id: Id5a1eb1ed22f01fbaabe8e4ebddfc42d58322625 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
8fa5665f0e757cec0063fb4cf1354f1596f93a91	31-Mar-2015	Andres Morales <anmorales@google.com>	Wire up GateKeeper to LockSettingsService Adds: - Communication to GKService - password upgrade flow - enroll takes previous credential Change-Id: I0161b64642be3d0e34ff4a9e6e3ca8569f2d7c0a /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
855fa30b74c99410869a7cdfa4cf07b37937c238	02-Apr-2015	Adrian Roos <roosa@google.com>	Prevent non-platform apps from reading password type Bug: 20040521 Change-Id: I2b11dd05ff1c978ef658c9f5434eed578b742992 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
08c7116ab9cd04ad6dd3c04aa1017237e7f409ac	28-Feb-2015	John Spurlock <jspurlock@google.com>	Remove unused imports in frameworks/base. Change-Id: I031443de83f93eb57a98863001826671b18f3b17 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
001b00d3bd8c20c7e73cb8101cbe98291bd5e68f	24-Feb-2015	Adrian Roos <roosa@google.com>	Prevent regular processes from accessing the password history Bug: 19019350 Change-Id: Iee410d62827fe0f9d43e08dd8869e8eea590382f /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
072543f58037697772663ed34ee26317e9d662c5	13-Feb-2015	Amith Yamasani <yamasani@google.com>	Backup/restore owner info from locksettings Backup the owner info string and whether or not owner info is to be shown on the lockscreen. Watch for changes to the two settings in LockSettingsService and inform backup manager. Bump up version numbers for the new entity. Bug: 19300363 Change-Id: I35485c961d18b26be68873f4d5eeedc5ae513cc8 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
9dd16ebcf2a25c189a39b72847d3db2b1189cb4d	08-Jan-2015	Adrian Roos <roosa@google.com>	LockPatternUtils clean up continued - Deprecate Settings.Secure.LOCK_PATTERN_ENABLED - Remove unused permanent lock out - Disallow empty/null arguments to saveLockPattern and saveLockPassword - Refactor repeated quality checks Change-Id: I6f369eb60f8f6bb1e33384cd06534c713ab52e79 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
db0f76e1d85f8cb878a9540ac1b692636f9fd89e	07-Jan-2015	Adrian Roos <roosa@google.com>	Directly dispatch USER_REMOVED to LockSettingsService Bug: 18931518 Change-Id: Ibaf875a06868ae3196115d77eed6874daf2fec16 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
230635efe7ffb09d6dc56bfd9193aa1d89c8a898	07-Jan-2015	Adrian Roos <roosa@google.com>	Purge biometric weak and keyguard widgets Bug: 18931518 Change-Id: I5da41908b1d6895a69f981e139f2d268327fafcd /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
138b83347b8da29166ee2eb09fa8126686bda3c7	11-Nov-2014	Adrian Roos <roosa@google.com>	Obliterate LockPatternUtilsCache It is disabled dead code already and not useful anymore with the new caching in LockSettingsService. Bug: 18163444 Change-Id: Icc184e923e0fbeab31ed128336c01f835b24c6f2 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
3dcae68501a1fc1c433d12a9d55a31c7eaab016c	29-Oct-2014	Adrian Roos <roosa@google.com>	Add caching to LockSettingsStorage Bug: 18163444 Change-Id: I4caa80ca55efec761e965807ae793db41864321f /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
450ce9fc8a1522819aec151433e6f509dfe60690	29-Oct-2014	Adrian Roos <roosa@google.com>	Disable LockPatternUtilsCache Also fix a bug where hasPattern and hasPassword were not invalidated properly. Bug: 18163444 Change-Id: I5bd8cc4e7c0d00497ee7a42f3c34449aa3f95a6c /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
261d5ab8f4c3fdd34163468fd48ab07f7ad13d3c	29-Oct-2014	Adrian Roos <roosa@google.com>	Refactor LockSettingsService into storage and logic Creates a new LockSettingsStorage class to handle stroring and retreiving data. Bug: 18163444 Change-Id: Ia3bc4ad679c5e1217756ae6b3b80cfce3599baed /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
49d810cb632bd4c334ebfd3932658fa6973bcbef	23-Sep-2014	Robin Lee <rgl@google.com>	Reset keystore when user is added or removed Because user IDs are recycled it is not safe to leave this kind of information around after deleting. Bug: 17403144 Change-Id: I441f85750cf8818adaf62a1acdb2ba7b4bfc1b7e /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
1096cf8664963a136a325b2bc511c8f381b9ba77	01-Sep-2014	Robin Lee <rgl@google.com>	Delete locksettings files for toplevel users only Fixes an issue created by change: I7941707ca66ac25bd122fd22e5e0f639e7af697e Bug: 16233206 Change-Id: Ia905d153e94303acd611178333adc77c68933711 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
f0246a8a14d69680d1776620e75a485cf963e574	13-Aug-2014	Robin Lee <rgl@google.com>	Keep managed profile keystores in sync with owner Fixes setting a keyguard password for keystore in a multi-user setup while we're at it. Bug: 16233206. Change-Id: I7941707ca66ac25bd122fd22e5e0f639e7af697e /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
987672d2621fa5278dbf48cbef46c50d3fafe4c1	18-Jul-2014	Geoffrey Borggaard <geoffreyb@google.com>	Fixes setting password through DevicePolicyManager LockPatternUtils wasn't taking the userId into account when looking up the salt. Bug: 16204999 Change-Id: I0626b5a0a55c244122c24fb4446f270918f3187c /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
4f7884542ce8fba5bfed01ed834a32e6d3e2dea5	22-May-2014	Adrian Roos <roosa@google.com>	Add a cache to LockPatternUtils Caches responses from LockSettingsService in the client process. Bug: 15088101 Change-Id: If77c5ec45f52a02c800d50cb8550bfcb180f301d /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
945490c12e32b1c13b9097c00702558260b2011f	27-Mar-2014	Paul Lawrence <paullawrence@google.com>	Don't double prompt on booting encrypted device vold will store password securely until KeyGuard requests it and hands it on to KeyStore. This is a revision of https://googleplex-android-review.git.corp.google.com/#/c/418123/ which was reverted. It had two bugs in LockSettingsService.checkVoldPassword. 1) We were not checking password for null, which caused an exception 2) checkPattern/checkPassword return true if there is no saved pattern or password. This leads to situations where we get true returned even when the password doesn't match. Call the correct one based on what is there, not what vold thinks ought to be there. Bug: 12990752 Change-Id: I05315753387b1e508de5aa79b5a68ad7315791d4 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
6ee7d25010d4f23b44a151f3953225ba253de8af	26-Mar-2014	Paul Lawrence <paullawrence@google.com>	Revert "Don't prompt at boot if we already did that when decrypting" This reverts commit 493e3e7e6523fd94cc1acae3e45935a1227d58c3. Should fixes Bug: 13611885 Bug: 13656830 Change-Id: I117c988bb6679f44f8add4fcc18f45cb8238dfb4 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
493e3e7e6523fd94cc1acae3e45935a1227d58c3	06-Feb-2014	Paul Lawrence <paullawrence@google.com>	Don't prompt at boot if we already did that when decrypting vold will store password securely until KeyGuard requests it and hands it on to KeyStore. Needs matching vold changes from https://googleplex-android-review.git.corp.google.com/#/c/432050/ Bug: 12990752 Change-Id: I930ed8180cf0b8feb1e58db043d5fb6dff1bab20 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java
49782e46c0eb85a25ae2abcf80880c48dbab5aea	20-Dec-2013	Amith Yamasani <yamasani@google.com>	am 9158825f: Move some system services to separate directories * commit '9158825f9c41869689d6b1786d7c7aa8bdd524ce': Move some system services to separate directories
9158825f9c41869689d6b1786d7c7aa8bdd524ce	22-Nov-2013	Amith Yamasani <yamasani@google.com>	Move some system services to separate directories Refactored the directory structure so that services can be optionally excluded. This is step 1. Will be followed by another change that makes it possible to remove services from the build. Change-Id: Ideacedfd34b5e213217ad3ff4ebb21c4a8e73f85 /frameworks/base/services/core/java/com/android/server/LockSettingsService.java