da3d71f01e5e5da0601c88d92076062d1d985176 |
|
23-May-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Restore resetKeyStore() logic of clearing SYSTEM uid" into oc-dev
|
1cf91a094f8b719fc1ab20a7a6861278633cdf28 |
|
26-Apr-2017 |
Rubin Xu <rubinxu@google.com> |
Restore resetKeyStore() logic of clearing SYSTEM uid Keystore no longer clears keys critical to device encryption flow so no need to skip clearing SYSTEM's keystore entries here. Bug: 34600579 Test: Add device lock under synthtic password, goto Settings/security/encryption, tap clear credentials and verify device lock is still intact. Change-Id: I191a545181771693fd2d75f1c23d14a6b74278af Merged-In: I191a545181771693fd2d75f1c23d14a6b74278af
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
04a4e1de71189c6ead8cb363f393ea7e0e4db0c7 |
|
15-May-2017 |
Rubin Xu <rubinxu@google.com> |
Fix a deadlock in LockSettingsService Order of taking locks in LSS: mSeparateChallengeLock -> mSpManager -> this. Since getGateKeeperService().getSecureUserId() will end up calling getSeparateProfileChallengeEnabled() which tries to acquire mSeparateChallengeLock , we shouldn't be holding this lock while calling getSecureUserId() Also spell out the order of taking locks in a comment. Test: while device lockscreen is being changed, run "adb shell dumpsys lock_settings" and verify device is not locked up. Bug: 37663848 Change-Id: I6b780ab5d1e33b07392f0ab0df29ecc3956f89ff
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
faf37babb0bc0962c01750b222fc03bd197b0b62 |
|
22-Apr-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Let unlocked profile verifyCredential under unified lock" into oc-dev
|
c93cdef2fa5403ac46767f1853f4e803824d4d20 |
|
21-Apr-2017 |
Charles He <qiurui@google.com> |
Let unlocked profile verifyCredential under unified lock When unified work challenge is enabled and the primary user is unlocked, LockSettingsService should unlock the managed profile subsequently by calling verifyCredential() in most cases. Previously, verifyCredential() is not called on managed profiles when any one of the two conditions are met: 1. when the profile is not yet running 2. when the profile is already unlocked These were introduced to make sure the managed profile stays locked when it is in QUIET_MODE (i.e. work mode off). However, condition 2 is problematic. Specifically, it also prevents auth tokens, etc., from being refreshed (side effects of verifyCredential()), even when the profile is not in QUIET_MODE. We remove condition 2 in this change to make sure verifyCredential() is still called on the managed profile when it is RUNNING_UNLOCKED. Condition 1 alone should be able to handle the QUIET_MODE case. Unit test is also updated in case regression occurs. Bug: 36851574 Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Test: CTS verifier > BYOD managed provisioning > Authentication-bound keys Test: (all of above are run on both sailfish and angler) Change-Id: Ice89c1eedacaf07e076252a2a571a1eb100ef791
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
308f30b8e633bc808a1df675e76fca0c4ee58484 |
|
12-Apr-2017 |
Rubin Xu <rubinxu@google.com> |
Do not check user escrow state if synthetic password is not enabled yet 1. when adding escrow tokens, do not throw SecurityException if the user hasn't migrated to synthetic password yet. 2. during migration, activate any pending escrow tokens. 3. Disable escrow before attempting to activate escrow tokens, this currently includes whenever the user authenticates, and when synthetic password migration happens. Also, add some comments in SyntheticPasswordManager and remove an invalid call to destroy escrow data. Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Bug: 36776133 Change-Id: If4b9d385fb43e09d90b6dde6d25b4fcc0c6b7ddc Merged-In: If4b9d385fb43e09d90b6dde6d25b4fcc0c6b7ddc
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
fe9a53bc45fd0124a876dc0a49680aaf86641d3e |
|
31-Mar-2017 |
Jeff Sharkey <jsharkey@android.com> |
Consistent dump() permission checking. This change introduces new methods on DumpUtils that can check if the caller has DUMP and/or PACKAGE_USAGE_STATS access. It then moves all existing dump() methods to use these checks so that we emit consistent error messages. Test: cts-tradefed run commandAndExit cts-dev -m CtsSecurityTestCases -t android.security.cts.ServicePermissionsTest Bug: 32806790 Change-Id: Iaff6b9506818ee082b1e169c89ebe1001b3bfeca
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
282cfefea0fbbd299839e353e6d30affdcd4a55c |
|
27-Mar-2017 |
Chris Wren <cwren@android.com> |
standardize system notification IDs All the trivial cases, plus some fixes to try to mitigate collisions with the complex ones. Complex services to follow in another CL, Bug: 32584866 Test: make framework services Change-Id: Ie9663600171d8ede11676e9d66f009dbb06def03
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
8e87af55337a19cf7242a1bf2f516bc26ae65f9e |
|
03-Mar-2017 |
Andrew Scull <ascull@google.com> |
Don't unlock the work profile if it is turned off. Test: Turn off work, lock and unlock device with PIN/password/pattern, turn on work and now you get a screen lock prompt. Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Change-Id: I0c6946af4ffb1546ffbd4d80c11fa4b8ab5555bc
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
f34d2f607f6dc4f7345c3fd7bacb580ac98c31c5 |
|
20-Mar-2017 |
Rubin Xu <rubinxu@google.com> |
Load DevicePolicyManager only when needed in LockSettingsService Since DevicePolicyManager is published later than LockSettingsService, we shouldn't be getting DevicePolicyManager when LockSettingsService is being constructed. Bug: 36424241 Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedProfileOwnerTest#testResetPasswordWithToken Change-Id: I5e9da78e4fe802c70d34dc3c9dae4f2677ed631d
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
18a8af21b52e71a8f3f04c8834b5531ebdcefc20 |
|
17-Mar-2017 |
Andrew Zeng <zenga@google.com> |
Merge "Fix NPE in LockSettingsService." into cw-f-dev am: 4aff3d53ef am: a01e2212c8 am: d4e88e2642 Change-Id: Ie7d409e8ef3ec5c3201bcaf0ae125ca71dc10c08
|
8b30ec3f49d4c8037bc6aa03ed6dd91aff3968ad |
|
05-Mar-2017 |
Rubin Xu <rubinxu@google.com> |
Fix SynthethicPassowrdManager unit tests Mock DevicePolicyManager in the unit tests. Bug: 34600579 Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Change-Id: Ieca30a74d7d9d867994e912d188231510f54e76c
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
750563ee508e3ad9af6a70ccc669c070f892cfcb |
|
11-Mar-2017 |
Andrew Zeng <zenga@google.com> |
Fix NPE in LockSettingsService. Bug: 33789922 Change-Id: Iecdedd8d73d9f749f15a64131cc894d9f92de9d1
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
48a58baea2a39c41aa0dfb4a0384bd00d76d120b |
|
07-Mar-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Enable escrow tokens on automotive builds."
|
c068aa22090f9eb1a6af7f7acbdb29a3bac28f90 |
|
07-Mar-2017 |
Rubin Xu <rubinxu@google.com> |
Merge "Allow user with a profile owner to have escrow tokens"
|
cb18d56eec278b0eeea82c9f309004cb179e79ca |
|
07-Mar-2017 |
Rakesh Iyer <rni@google.com> |
Enable escrow tokens on automotive builds. Cars head units are protected by physical security mechanisms (doors, locks) so enable escrow tokens on them. Bug:33458687 Test: Verified using test trust agent in packages/services/Car Change-Id: Ic7974a64192cd6d28fec67fe54025efe84cc50fc
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
af759c52ce01fe6b5144957e38da956af01a217b |
|
15-Feb-2017 |
Geoffrey Pitsch <gpitsch@google.com> |
Channels for Frameworks notifications Adapts all notifications used by system services to use channels. Channels are initialized by SystemServer after the NotificationService has started. Test: runtest systemui-notification Change-Id: I25c45293b786adb57787aeab4c2613c9d7c89dab
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
bc7a47c6d30943be512f9f982ae4803ff3cdc52a |
|
22-Feb-2017 |
Rubin Xu <rubinxu@google.com> |
Allow user with a profile owner to have escrow tokens This mainly covers the unicorn case where the primary user has a profile owner set on it. Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedProfileOwnerTest#testResetPasswordWithToken Bug: 35457534 Change-Id: Ieee883cce17c0b54b6e63fe113ada009e16150ad
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
df406d802e9f6348f307ebbe1809c5cdc6c0b64e |
|
16-Feb-2017 |
Rubin Xu <rubinxu@google.com> |
Normalize empty credential into null Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Bug: 31000522 Change-Id: I2f804a5790449f0d2d4d57fe6e34be03a84fb805
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
f095f8366bac52ac1eeb2b3eb1a403294ceeb541 |
|
31-Jan-2017 |
Rubin Xu <rubinxu@google.com> |
Add escrow token support to synthetic password flow Escrow token provides an alternative way to derive synthetic password for a given user. In the new flow, a pre-provisioned escrow token should be able to do anything the user password can do, since they both derives the synthetici password which is the master key in the new auth flow. Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Bug: 33126414 Change-Id: Ib5ee38fd61f66de3245427ce992ebc12f1873a26
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
3bf722a8d54ca7192dfe07ee7b73eac7d25ccac5 |
|
15-Dec-2016 |
Rubin Xu <rubinxu@google.com> |
Add synthetic password to authentication flow The user password is used to unlock a per-user synthetic password which serves the purpose of what the user password previsouly achieves (protect keystore, vold disk encryption, auth token generation). Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests Test: manual 1. Start with fresh device, enable synthetic password with "adb shell cmd lock_settings sp 1" 1.1 add device lock, reboot and verify (positive & negative); change device lock, reboot and verify. 1.2 Inflate a work profile, reboot and verify device lock. check SID with "adb shell dumpsys lock_settings" 1.3 Un-unify and add work challenge, reboot and verify work challenge and SID. 1.4 Re-unify work challenge, reboot and verify. 1.5 Clear device lock, reboot and verify lock and SID. 2. Start with a fresh device, add a device lock and inflate a work profile. 2.1 Enable synthetic password, note current SID 2.2 Reboot and unlock device. Verify synthetic password is generated and SID remains. 2.3 Clear device lock, reboot and verify (SID should be cleared) 3. Start with a fresh device, inflate a work profile, add separate work challenge 3.1 Enable synthetic password, not current SID 3.2 Reboot and unlock device and profile. Verify synthetic password is generated. 3.3 Clear device lock only, reboot and verify (work profile SID should remain) All steps tested on marlin (FBE) and bullhead (FDE) Bug: 33126414 Change-Id: Idb9ebfc7bba2fe40670c5fee2189e873d9704540
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a55b168b5d5a0584b2411793f870a7849c5014f1 |
|
31-Jan-2017 |
Rubin Xu <rubinxu@google.com> |
Small tweaks in LockSettingsService Paves way for synthetic password flow: Two notable changes: 1. when unify/un-unify work challenges, provide the old work profile password. 2. when clearing lock, supply old credentials. Test: Unit test to be added in a follow up CL. Bug: 33126414 Change-Id: I2a9553c5e7cc701338436e99e5a1289cebd1eda9
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
0cbc19e4a66f7db51596b57ca91afc6f5b27f3b4 |
|
09-Dec-2016 |
Rubin Xu <rubinxu@google.com> |
Add unit tests for LockSettingsService Add infrastructure and first sets of unit tests for LockSettingsService Bug: 33126408 Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Change-Id: I4f3b7f6eaef7122f72b06bd11ce49134a093fe35
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
e71f583c782a98e977d6a5c450dff856b132e5c6 |
|
13-Jan-2017 |
Michal Karpinski <mkarpinski@google.com> |
Strong auth timeout refactor Move timeout scheduling mechanism from KeyguardUpdateMonitor to LockSettingsStrongAuth. Move reporting about successful strong auth unlock from KeyguardUpdateMonitor#reportSuccessfulStrongAuthUnlockAttempt() to LockSettingsService#doVerifyCredential() - the latter also covers work challenge strong auth unlocking. Test: manual with all types of strong and non-strong auth, including work challenge Bug: 29825955 Change-Id: I38e51b21e3a455b95e3c857e091fe07ee388c7f8
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
3aac3ebee1079ba56afde5d149b0653c891cb5a8 |
|
13-Jan-2017 |
Andrew Scull <ascull@google.com> |
resolve merge conflicts of ad4aa1ce7d3d to nyc-mr1-dev am: eb35ad9969 Change-Id: I4fd9ce4c79db5a10f28008c89205fc9c8ef2888f
|
eb35ad9969a173ac4d6279a5e322e8176c2ae6d1 |
|
13-Jan-2017 |
Andrew Scull <ascull@google.com> |
resolve merge conflicts of ad4aa1ce7d3d to nyc-mr1-dev Change-Id: I97ef31536cd06495a08a3f94f81df2d1376186e0
|
ad4aa1ce7d3dd2dd8d5690eb2f7653ca3c27000e |
|
13-Jan-2017 |
Andrew Scull <ascull@google.com> |
resolve merge conflicts of e4cefbf4fce4 to nyc-dr1-dev Change-Id: Ib536a33ba381c28397320edd516d52727e5bdacc
|
e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5 |
|
02-Dec-2016 |
Andrew Scull <ascull@google.com> |
Don't save password metrics to disk. On FBE devices, don't save the metrics to disk but compute them when the password is first entered and only store them in RAM. Merged-in: 5daf273b7e3272269c53eda20ce494d0e7a365b5 Bug: 32793550 Change-Id: Icee7f615167761177b224b342970a36c7d90f6ba
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
1de89b3bec2f296763f3ecde9a36ecbca2110f3d |
|
30-Nov-2016 |
Rubin Xu <rubinxu@google.com> |
Refactor LockSettingsService to unify the handling of pattern and password Also fix LockSettingsStorageTests. More unit tests on LockSettingsService to be added in the next CL. Bug: 33126408 Test: runtest frameworks-services -c com.android.server.LockSettingsStorageTests Change-Id: I0f143b26fed1d5ae122fba3b57bd39c7793ad8d9
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
85a63bc1a06870b5a86926b0bce94a2bf559e3f0 |
|
24-Oct-2016 |
Andrew Scull <ascull@google.com> |
Evict CE key on request and when work mode is turned off. DPMS.lockNow takes a flag which can request the managed profile CE key to be evicted. Test: com.android.cts.devicepolicy.ManagedProfileTest#testLockNowWithKeyEviction* Bug: 31000719 Change-Id: I68f4d6eed4b041c39fd13375f7f284f5d6ac33da
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
5daf273b7e3272269c53eda20ce494d0e7a365b5 |
|
14-Nov-2016 |
Andrew Scull <ascull@google.com> |
Don't save the password metrics to disk. Only store the metrics in RAM, computing them at first log in. Test: com.android.cts.devicepolicy.DeviceAdminHostSideTestApi24 Bug: 32793550 Change-Id: Iaf9516c193f054331e3e2c68cb3f627bd543b408
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
d39d4d7d38c9e27a640ad3ddc0938083f8f539ff |
|
25-Nov-2016 |
Rubin Xu <rubinxu@google.com> |
Fix boot loop when upgrading direclty from L to N am: bfc7faaf35 am: 492f5263a4 am: 873c99c30b am: 5adffe2c77 Change-Id: I9ae16f0de5b6f71d8343db369528c27a40d36be4
|
492f5263a44bc5125140ab9a7cabdb8626435eca |
|
25-Nov-2016 |
Rubin Xu <rubinxu@google.com> |
Fix boot loop when upgrading direclty from L to N am: bfc7faaf35 Change-Id: Iaaf32f1c6fd70dd394252f963d87897899fb2e55
|
bfc7faaf353ea75ab04e986edbc79478679d40f6 |
|
22-Nov-2016 |
Rubin Xu <rubinxu@google.com> |
Fix boot loop when upgrading direclty from L to N A second attempt to fix the upgrade problem due to SID == 0 in the above upgrade path. The previous fix contains a bug where it would cause future attempts to unify work challenge to silently fail, and crash SystemUi when unlocking. This fix adds a check for non-zero SID before doing the initial work profile unification (which caused the upgrade crash when SID == 0). This means the initial work profile unification would only happen when the user has unlocked the lockscreen and SID is generated. Bug: 32490092 Bug: 33050562 Change-Id: Ib28951b2ec26b4f091df7763d9902f55616fcb5c
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
794e9022c97ae8a47f7235c298be04000712aa2e |
|
22-Nov-2016 |
Zach Jang <zachjang@google.com> |
Revert "Catch KeyStoreException for setting profile lock" am: e61672ab08 am: fe3b0b2cc1 am: f516131a38 am: af98d20dc6 Change-Id: Ib443a1fea735b8aa240d724fc7a24c91102440ef
|
fe3b0b2cc171b9278ca41b4544daae7b81e3e8b3 |
|
22-Nov-2016 |
Zach Jang <zachjang@google.com> |
Revert "Catch KeyStoreException for setting profile lock" am: e61672ab08 Change-Id: Ie1a720181bf542bbf213af8b6b83eff0ecd84a98
|
e61672ab087df4857a4f0923258b945800046589 |
|
22-Nov-2016 |
Zach Jang <zachjang@google.com> |
Revert "Catch KeyStoreException for setting profile lock" This reverts commit c8fa5ed8f2d492aa5e005fcdb5991c3f980de045. Change-Id: Ia1425e649e102cb79280d75e5f49db670214cec3
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a79a655e4b97d204c220d20ad5352e48d261afd5 |
|
18-Nov-2016 |
Ricky Wai <rickywai@google.com> |
Catch KeyStoreException for setting profile lock am: c8fa5ed8f2 am: 3b546019dc am: c40b9a8ee2 am: b5ddc22675 Change-Id: Idc10bc9e849e4f5d23bba8ee33a7caf72626428b
|
3b546019dc39ced57f13ee8caded15fb87e153c4 |
|
18-Nov-2016 |
Ricky Wai <rickywai@google.com> |
Catch KeyStoreException for setting profile lock am: c8fa5ed8f2 Change-Id: I28777d9d80ba13df463e05b95dd2524633554c9d
|
c8fa5ed8f2d492aa5e005fcdb5991c3f980de045 |
|
17-Nov-2016 |
Ricky Wai <rickywai@google.com> |
Catch KeyStoreException for setting profile lock When device upgrades from L->N, sid(in gatekeeper) could be 0 even primary profile screenlock is set. We are now trying to catch the exception so when sid==0 happens, it will try to tie profile lock again when primary profile is unlocked. Bug: 32490092 Change-Id: I73011d872ac15e7e09be9bda0165cf7f6a75493a
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
2250d56a0b47b93016018340c8f4040325aa5611 |
|
08-Nov-2016 |
Sudheer Shanka <sudheersai@google.com> |
Rename MountService to StorageManagerService. Bug: 30977067 Test: Existing tests pass Change-Id: Ieac0f11c2b249dcd60441b14c1f391e6f8131d42
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
dc589ac82b5fe2063f4cfd94c8ae26d43d5420a0 |
|
11-Nov-2016 |
Sudheer Shanka <sudheersai@google.com> |
Update usage of ActivityManagerNative. - Remove references to ActivityManagerProxy. - Add isSystemReady to ActivityManager. Bug: 30977067 Test: cts/hostsidetests/services/activityandwindowmanager/util/run-test android.server.cts adb shell am instrument -e class com.android.server.am.ActivityManagerTest,com.android.server.am.TaskStackChangedListenerTest \ -w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I07390b6124fb1515821f5c0b37baf6ae74adc8fa
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
2fef6f7b155f2ff0d3531fe63b8e1c745bb3dc9d |
|
02-Nov-2016 |
Jorim Jaggi <jjaggi@google.com> |
Add ability to modify credential via shell command Test: adb shell locksettings set-pattern 1234 Test: adb shell locksettings set-pin --old 1234 1234 Test: adb shell locksettings set-password --old 1234 1234 Test: adb shell locksettings clear --old 1234 Test: runtest frameworks-services -c com.android.server.LockSettingsShellCommandTest Change-Id: I8f541effc7eab0d7453cd9a9b46c280a6425e258
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
794e66cfd270c4ab5ab2db614f6561c1e48316ba |
|
03-Nov-2016 |
Greg Plesur <plesur@google.com> |
New Wear devices need to update their DISABLE_LOCKSCREEN_KEY. am: eb2e45369a am: a71a0b8da1 am: e44736a819 Change-Id: I36f1980ede5ea483c4750386a7b5905254ce33f8
|
eb2e45369a92548e34b664d466d0578f966f7cef |
|
02-Nov-2016 |
Greg Plesur <plesur@google.com> |
New Wear devices need to update their DISABLE_LOCKSCREEN_KEY. Previous versions of Wear forced this flag to "true." BUG: 32591969 Change-Id: I9619eee5df5f67e92818ef0b7b45ddd2299449f1
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a76b07131edd28fd113afd1b9484d33e3a627663 |
|
18-Aug-2016 |
Jim Miller <jaggies@google.com> |
Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c am: 229de7088e am: cb83f6188b am: e3457fc127 am: 7329e02153 am: cf7d8468ac Change-Id: Ie7476d7f2b91e155481c322e7bdc3e60123d89de
|
cf7d8468ac19fa298c1f3d9e65871280fd09e661 |
|
18-Aug-2016 |
Jim Miller <jaggies@google.com> |
Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c am: 229de7088e am: cb83f6188b am: e3457fc127 am: 7329e02153 Change-Id: I1dadbc10574e60565d0e30d2ba9e26bc352ebf10
|
669a15353130d90213d8c483dd444728f86255d4 |
|
18-Aug-2016 |
Jim Miller <jaggies@google.com> |
Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c am: 229de7088e am: cb83f6188b am: e3457fc127 Change-Id: I1bc40c141498e62cad36acc9568177cb88debc11
|
e3457fc127593ed13040cf246bdfbc3c3bfdecfe |
|
18-Aug-2016 |
Jim Miller <jaggies@google.com> |
Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c am: 229de7088e am: cb83f6188b Change-Id: I82302931ab714e25ec21721dc05480e1f2d447b0
|
229de7088e800815f5737cec4980e47754e03d63 |
|
18-Aug-2016 |
Jim Miller <jaggies@google.com> |
Fix vulnerability in LockSettings service am: 2d71384a13 am: 485fbda04c Change-Id: I07def32199ecdbbb32aa6ecaca20724cfc81265c
|
485fbda04c7651413122422121fc96e4227a5f77 |
|
18-Aug-2016 |
Jim Miller <jaggies@google.com> |
Fix vulnerability in LockSettings service am: 2d71384a13 Change-Id: I62ca5fb150022fe0971329294b1063957f397248
|
2d71384a139ae27cbc7b57f06662bf6ee2010f2b |
|
11-Aug-2016 |
Jim Miller <jaggies@google.com> |
Fix vulnerability in LockSettings service Fixes bug 30003944 Change-Id: I8700d4424c6186c8d5e71d2fdede0223ad86904d
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
eddf518763261536f31b777b0e262f85676d6967 |
|
10-Aug-2016 |
Jeff Sharkey <jsharkey@android.com> |
Check calling thread when verifying credentials. This operation can do quite a bit of heavy I/O lifting, so use StrictMode to catch any callers on the main thread. Bug: 30622925 Change-Id: I5bfcb33a0d1563d5c38e1a1a4b32e7c1bba6bee6
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
b6edaa952eb04137c126f61122571f41087ad980 |
|
27-Jul-2016 |
Jeff Sharkey <jsharkey@android.com> |
Polish around locked user communication. Based on user feedback, using a notification to communicate that a user was locked was confusing. Instead, this CL moves to showing a message in the keyguard indicator slot at the bottom of the screen, which is where we communicate other information such as charging status. Since a locked user is a very limiting experience, this new message takes precedence over any other indicator message. Bug: 28942360 Change-Id: I708d2b4b41079d09d46c17365c750488204e3090
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
29d157bf0557bda04ffeda64f2dd4239d91aa5f4 |
|
16-Jul-2016 |
Jim Miller <jaggies@google.com> |
Fix vulnerability in LockSettings service Fixes bug 30003944 Change-Id: I8700d4424c6186c8d5e71d2fdede0223ad86904d
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
97c8f8d16132747f3fe98f076a215f850b4f7c05 |
|
13-Jul-2016 |
Ricky Wai <rickywai@google.com> |
Remove tied profile encryption key cache in keystore Bug: 28928518 Change-Id: I20dd097d72e14253bc8b61d594ae84d0b56c8582
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
702589d0605b5e8c1b47e67c6b24f662a051440a |
|
09-Jul-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Preparations for different scrim depending on wallpaper" into nyc-mr1-dev
|
e8fde5d9666eea10307cbc27f4b1a94d3cbb4ec9 |
|
01-Jul-2016 |
Jorim Jaggi <jjaggi@google.com> |
Improve initial unlock delay (1/2) When checking for the credentials, we add a new callback onEarlyVerified which gets called as soon as we know that the credential was correct. In KeyguardUpdateMonitor, we track the unlocked state of the user, and if it's still locked, we slow down all the transitions to allow for a more gradual unlock experience. Bug: 29007436 Change-Id: I406d228f9f3e41e07fe3292a61df175a7f579e4d
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
49fd32057410a1191eb9965745742c7e9ea68f3b |
|
08-Jul-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Fix bug with launching home activity from LockSettingsService" into nyc-mr1-dev
|
016593fe848868808a4645ce2302c2ab07348c30 |
|
07-Jul-2016 |
Jim Miller <jaggies@google.com> |
Fix bug with launching home activity from LockSettingsService This fixes a bug where LockSettingsService was sending a broadcast instead of launching the home activity. Fixes bug 29988032 Change-Id: Ibdbb15928fee575375576a31181d91323073a9fb
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
e31f6b8024d1a0cfa71894e9a8ce1b39a9f85b2f |
|
02-Jul-2016 |
Jorim Jaggi <jjaggi@google.com> |
Preparations for different scrim depending on wallpaper - Allow wallpaper info to be queried by user - Refactor ScrimController for extensibility Bug: 28936996 Change-Id: Ib019331a844110f1f24f35d225d2648626545233
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a8e3f77332f655b7d195e1c3e3e0ba931cb8c1cd |
|
27-Jun-2016 |
Ricky Wai <rickywai@google.com> |
Do not show user locked notification after reboot when there is no lock Bug: 29384349 Change-Id: I19995beacf565fff36d98558605694cdbe5bcedb
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
8cbe1a6309ed330000269dccbfce26de97f11e83 |
|
17-Jun-2016 |
Amith Yamasani <yamasani@google.com> |
Merge "Clean up ex-users in lock settings db" into nyc-dev
|
f11a574027a8dbe18d79ce467984d63d07fea9e1 |
|
16-Jun-2016 |
Amith Yamasani <yamasani@google.com> |
Clean up ex-users in lock settings db Just in case a userid was not properly cleaned when the user was removed, make sure it is cleaned up when a new user takes up the same userid. This prevents inconsistent lockscreen state and avoids a crash in Settings when trying to set a password for the new user. Fixes: 29412112 Change-Id: Ic4f0efbb97786b0290c74325b28c9d74825e9e53
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
43f6a45e7e111af8a843e001b555082cb356a529 |
|
16-Jun-2016 |
Ricky Wai <rickywai@google.com> |
Merge "Add permission checking on service calls in LockSettingsService" into nyc-dev
|
d04aaa323c3a788d26f18fc66e0a59b47e525b38 |
|
13-Jun-2016 |
Amith Yamasani <yamasani@google.com> |
More thorough cleansing of expired users If any /data/system_[c|d]e folders were not erased when the user was removed (maybe due to a reboot), make sure they're cleaned up on restart as well as when the userId is recycled later. Mark the users' system folders with the correct serial number for later verification. AccountManager shouldn't be querying accounts of partially created/destroyed users. Change-Id: I4313756b7464f34cd5ce4fb296d61daa50b41fcb Fixes: 29285673
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
7f405f170f66d201f893a2f29866f528f0ec7fc8 |
|
31-May-2016 |
Ricky Wai <rickywai@google.com> |
Add permission checking on service calls in LockSettingsService Bug: 28941207 Change-Id: I113db10bb57f250d44361a0a5144a7d1c990ba4d
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
6c8187282ecc20419a5a70371bc6a21af6d364e0 |
|
27-May-2016 |
Toni Barzic <tbarzic@google.com> |
Clear calling identity before calling mountService Change I8106bfba28da401b9fd38349c6a9fa9a24f54712 unwittingly reintroduced requirement for apps that change password to have STORAGE_INTERNAL permission. This fixes the problem by clearing calling identity before calling mountServce in fixateNewestUserKeyAuth, like it's done in addUserKeyAuth. BUG=28154455 BUG=27600227 Change-Id: I1bcd9f6eefa892b021d93df2638c8dba4d4b5400
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a39d888651493d20f3814cd88a39a521450b3eac |
|
26-May-2016 |
Jeff Sharkey <jsharkey@google.com> |
Merge "Suppress unlock notifications on non-FBE devices." into nyc-dev
|
4a39936d3669696dc6a25a4023daf7a7e4b158ef |
|
26-May-2016 |
Jeff Sharkey <jsharkey@android.com> |
Suppress unlock notifications on non-FBE devices. We have a longer-term plan to clean up FBE unlock notifications, but in the meantime don't confuse users by quickly flashing them on non-FBE devices. Bug: 28840764 Change-Id: I696508ef981b6f8f51f22ea24487d87d27d5b6e3
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
1cb6f9d8a4827d50e26bf83068a928e47c5c1f1e |
|
26-May-2016 |
Ricky Wai <rickywai@google.com> |
Merge "Add resetKeyStore() in LockSettingsService" into nyc-dev
|
7b9eb419e35f12963eeea119b51a241146029b74 |
|
12-May-2016 |
Ricky Wai <rickywai@google.com> |
Store work lock type even it uses unified lock If we are not storing this, LockPatternUtils.isSecure(workUserId) will return false, and cause some methods like trySetQuietModeDisabled() cannot show screen lock correctly. Bug: 28738725 Change-Id: I7d0b61022b0afff2dac4cdae72d558118ea892e7
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
d398244513c62c9ea14a0f1c6ffef832e803c16f |
|
24-May-2016 |
Ricky Wai <rickywai@google.com> |
Hide work profile key in user credentials screen Bug: 28878708 Change-Id: Ib250fae2388b061430d93b7d65133002ce664993
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
f420c413b9abd58dcbea881535da5b603f7f7afc |
|
25-May-2016 |
Ricky Wai <rickywai@google.com> |
Merge "Unlock work profile storage even work mode is off" into nyc-dev
|
99df649aa4907d9f9c6fe4bdf4acb517003f97f2 |
|
25-May-2016 |
Ricky Wai <rickywai@google.com> |
Merge "Do not tie managed profile synchronously in onUnlockUser()" into nyc-dev
|
4613fe41ac9e817e76d7087de45bf01f4a6584d6 |
|
24-May-2016 |
Ricky Wai <rickywai@google.com> |
Add resetKeyStore() in LockSettingsService Before resetKeyStore(), it will back up child profile keys, and will be restored after primary profile keystore is cleared. Bug: 28878708 Change-Id: I0cb4a1f885d468894bc7eb95af694328bf92ce16
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
89e3f2ba98ea6d69b1846e996c4c279a9b20c4e9 |
|
25-May-2016 |
Jim Miller <jaggies@google.com> |
Merge "Fix missing permission check when saving pattern/password" into mnc-dev am: 45c77d951a am: 9bf8474c27 * commit '9bf8474c27642f48aa27e2edf1bdd83b27d692c1': Fix missing permission check when saving pattern/password Change-Id: I4238a43dc30be54375b6db129b360cc7d0a90b0e
|
9bf8474c27642f48aa27e2edf1bdd83b27d692c1 |
|
25-May-2016 |
Jim Miller <jaggies@google.com> |
Merge "Fix missing permission check when saving pattern/password" into mnc-dev am: 45c77d951a * commit '45c77d951ab5203b8e19c2ed2ce3a0816e42b118': Fix missing permission check when saving pattern/password Change-Id: I81947e95d5365bbf6a4927435f43c73dc4ac2bb0
|
4266feeb93fae4603e8a43d065160430a4c784a5 |
|
23-May-2016 |
Ricky Wai <rickywai@google.com> |
Unlock work profile storage even work mode is off Bug: 28860823 Change-Id: Ic89027f163e4c4e1ba9e8c24174475b6a4a983a4
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
d86ac8116bfc64c61d8124ff8d3e92be5e55cd3e |
|
23-May-2016 |
Victor Chang <vichang@google.com> |
Merge "New api in LockSettingsService to get StrongAuth synchronously" into nyc-dev
|
a0940d33dcbac0245ad5467d9c302f8eaee615dc |
|
16-May-2016 |
Victor Chang <vichang@google.com> |
New api in LockSettingsService to get StrongAuth synchronously Not all client needs to monitor the StrongAuth, e.g. ConfirmDeviceCredentialBaseFragment Provide a quick method to get StrongAuth Bug: 28752364 Change-Id: Iecfd217046da38e43297bdd5832cf7d637b979ed
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
cc70155f3bf18341296aaa2163bd2e7df6997b11 |
|
17-May-2016 |
Paul Crowley <paulcrowley@google.com> |
Two phases to set the password for disk encryption Revert "Revert "Two phases to set the password for disk encryption"" This reverts commit a1eb750e75ff7c7ef7698deed4442449c33334c8. Bug: 28154455 Bug: 28694324 Change-Id: I8106bfba28da401b9fd38349c6a9fa9a24f54712
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
b0cdf3845fd33cc40a929a2b9b882bf0a3a994d3 |
|
16-May-2016 |
Ricky Wai <rickywai@google.com> |
Do not tie managed profile synchronously in onUnlockUser() Bug: 28736098 Change-Id: I2c687c11b9991d0771cfe721e80ac1541c477f2e
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
f829c1463b4805545d15924ad6243b9405eb83d6 |
|
10-May-2016 |
Paul Crowley <paulcrowley@google.com> |
Merge "Revert "Two phases to set the password for disk encryption"" into nyc-dev
|
a1eb750e75ff7c7ef7698deed4442449c33334c8 |
|
10-May-2016 |
Paul Crowley <paulcrowley@google.com> |
Revert "Two phases to set the password for disk encryption" This reverts commit 17e5dce5112fece2d2b9cd070c2f96bf65108e40. Bug: 28694324 Change-Id: I6d89bc26cb429b195c9bcf640666c495617257b7
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
84812583030b3799e8a1203b480b78d3825b7adb |
|
10-May-2016 |
Ricky Wai <rickywai@google.com> |
Hide notification before tie managed profile lock We should hide the notification asap before setting managed profile lock, to reduce the time that user is unlocked while the notification is still showing. Bug: 28689675 Change-Id: I289302302e3079726998adefebe2e8b113b2e52a
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
17e5dce5112fece2d2b9cd070c2f96bf65108e40 |
|
22-Apr-2016 |
Paul Crowley <paulcrowley@google.com> |
Two phases to set the password for disk encryption In one phase, we make the new password work, and in the second we make it the only one which works ("fixation"). This means that we can set the password in Gatekeeper between these two phases, and a crash doesn't break things. Unlocking a user automatically fixates the presented credential. Bug: 28154455 Change-Id: I18812f9ce753486ce4e33b4fe2cca392b006b39c
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
3423a513e7c0c0a0a7ae0fada1fc684c990c0aa2 |
|
04-May-2016 |
Ricky Wai <rickywai@google.com> |
Merge "Do not show exception stack trace when no child profile key" into nyc-dev
|
de3a068af63abc0f4173d4c4b2d8530bae6dd203 |
|
03-May-2016 |
Ricky Wai <rickywai@google.com> |
Do not show exception stack trace when no child profile key Bug: 28396912 Change-Id: I48e3f3223d04a0ba3dd2d975901b0504ce0dd25f
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
0bbd108aa1fee8c69bbaf41990d3f3d8a99d54cb |
|
27-Apr-2016 |
Paul Lawrence <paullawrence@google.com> |
Check permission on clearPassword and other CryptKeeper APIs Note - this should only ever be called from LockScreen after getting the password to avoid the double prompt Bug: 28376346 Change-Id: Ic44df4fdcc23408c56b1b9375deed1c6ad2af544
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
ce18c8167766f92856f94a8e88e19de4698960e6 |
|
28-Apr-2016 |
Jeff Sharkey <jsharkey@android.com> |
Introduce "unlocking" vs "unlocked" nuance. There is a narrow window of time during user unlock where we're reconciling user storage and dispatching the "unlock" status to various internal system services. While in this "unlocking" state, apps need to be told that the user still isn't actually "unlocked" so they don't try making calls to AccountManager, etc. The majority of internal services are interested in merging together both the "unlocking" and "unlocked" state, so update them. Clarify naming in AccountManagerService to make it clear that a local list is being used, which mirrors the naming in MountService. To match UX/PM requested behavior, move PRE_BOOT_COMPLETED dispatch after the user is unlocked, but block BOOT_COMPLETED dispatch until after all PRE_BOOT receivers are finished to avoid ANRs. Bug: 28040947, 28164677 Change-Id: I57af2351633d9159f4483f19657ce0b62118d1ce
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
7881cf8f818317cc6efe4d6a4c42da94d6bab223 |
|
15-Apr-2016 |
Ricky Wai <rickywai@google.com> |
Make "work mode on dialog" show personal challenge in unified work lock Bug: 28183335 Change-Id: Ib212b283b9561f88899f6e7ea130944391b6e558
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a482c6e5e61c2c01502a344240ef596dfbe84f26 |
|
22-Apr-2016 |
Paul Crowley <paulcrowley@google.com> |
Merge "Clear calling identity before calling mountService" into nyc-dev
|
b5383455b6cae093e60684b4f5cccb0cc440330d |
|
14-Apr-2016 |
Jim Miller <jaggies@google.com> |
Fix missing permission check when saving pattern/password Fixes bug 28163930 Change-Id: Ic98ef20933b352159b88fdef331e83e9ef6e1f20
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
fd24108ca9876ac4f3598cf06464b78b61f32a96 |
|
19-Apr-2016 |
Jeff Sharkey <jsharkey@android.com> |
Don't block while dispatching PRE_BOOT. While we're waiting on the final UX around PRE_BOOT_COMPLETED, don't frustrate users by giving them a lockscreen that appears frozen for several seconds. Bug: 28164677 Change-Id: I54b62cea9bb83bc0f82fdf7e6e46a4640e1a30de
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
275c94aea32e3c95cbf8177c80c77a1b191e7fa3 |
|
15-Apr-2016 |
Jim Miller <jaggies@google.com> |
Merge "Fix missing permission check when saving pattern/password" into nyc-dev
|
23abc598a5bdeb5d1cf66f83ff14eb3f440d5a9a |
|
15-Apr-2016 |
Benjamin Franz <bfranz@google.com> |
Merge "Don't show the unlock notification when Work mode is off" into nyc-dev
|
f02420c5e1bcc8b2c278f272aca633fe6d2b4e88 |
|
04-Apr-2016 |
Benjamin Franz <bfranz@google.com> |
Maybe decrypt user when quiet mode is disabled When quiet mode is disabled for a user and that user is not currently decrypted, we show a confirm credentials screen to trigger decryption of that user. Only if that was successful, do we actually disable quiet mode. Bug: 27764124 Change-Id: Ib1f649194d89e225dad62c14f3ddba1fa3d79da2
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
e484eaff00096f3819c5002b66487b8c1d16ef57 |
|
14-Apr-2016 |
Jim Miller <jaggies@google.com> |
Fix missing permission check when saving pattern/password Fixes bug 28163930 Change-Id: Ic98ef20933b352159b88fdef331e83e9ef6e1f20
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
4ab7e595a5deef72448da950f2f973bc0c90fe18 |
|
14-Apr-2016 |
Adrian Roos <roosa@google.com> |
StrongAuthTracker: Don't rely on USER_PRESENT USER_PRESENT is sent via the background queue. A delay there can cause us not to recognize that the user has unlocked and prompt for the credential again, when trust or fingerprint would be sufficient. Also removes an obsolete reference to USER_PRESENT from TrustManagerService. Change-Id: Ie8d1a180170df5f0c8f9e71660504fd71eeacd99 Fixes: 27830458
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
53940d4c7f45a26d8b571982a1f8f4b8094aa5e0 |
|
05-Apr-2016 |
Ricky Wai <rickywai@google.com> |
Fingerprint should confirm device lock when unified When unified and adding a fingerprint, the user is prompted to set up a backup Bug:27419438 Change-Id: I3e857fa07c50ee0904f685b721595ef6cfe729f9
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
dc283a897680ffd33c4d15535ebe778ba5b42c43 |
|
24-Mar-2016 |
Ricky Wai <rickywai@google.com> |
Keymaster init for work profile Changes: (1) When unified work challenge is enabled and screen lock is secure - Store work profile secure key in primary profile - When primary user keystore unlocked, unlock work profile keystore - When primary user change lock to none, remove work secure key (2) When unified work challenge is enabled but screen lock is not secure - When screen lock changes to secure, store work secure key in primary (3) When user changes work challenge from unified to separated - Remove work secure key in primary (4) When user changes work challenge from separate to unified - Do (1) and (2) Bug: 27460698 Change-Id: I8f77bde5dc6b8e59c90256e75c5990100e93366b
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
0f9dd1e2f5561c57a2a233a42749dbfe12a5dc44 |
|
06-Apr-2016 |
Selim Cinek <cinek@google.com> |
Deprecated the contentinfo and the number It was mainly adding noise to the notification rather than useful information. Bug: 27431551 Change-Id: Ie22c9935d60eeac1cca5d9ce97239aadfac9b3cf
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
f52709c42e81537db1471ffeb552b4340324c795 |
|
01-Apr-2016 |
Benjamin Franz <bfranz@google.com> |
Don't show the unlock notification when Work mode is off Currently we show the unlock work profile notification when work mode is off. This CL stops this from happening. Bug: 27764124 Change-Id: I63e4e09ab8c35a69d10118cf06d8ef33b1e1eb05
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
815036f055173d4dfcddd03a4e6c03d24bff00c7 |
|
29-Mar-2016 |
Paul Crowley <paulcrowley@google.com> |
Clear calling identity before calling mountService Apps that change the password shouldn't need the STORAGE_INTERNAL permission. Bug: 27600227 Change-Id: I73e86c3400c19e9b1cea786dc472ab571ac18803
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
bd91e2f3f6aca512a02be645b2515b5e3331e177 |
|
22-Mar-2016 |
Jeff Sharkey <jsharkey@android.com> |
Update PRE_BOOT_COMPLETED for FBE. Now that CE data isn't available until after a user is unlocked, we need to delay the PRE_BOOT_COMPLETED broadcasts. This is done by adding a new RUNNING_UNLOCKING user state to the UserController lifecycle. We now track the last fingerprint a user was logged in under, and we dispatch PRE_BOOT receivers when that fingerprint changes. To work around battery pull issues, we only persist the updated fingerprint once all PRE_BOOT receivers have finished. This is less granular than the original solution, but it's still correct. We only consider a user as "logged in" once it transitions into the RUNNING_UNLOCKED state. When starting a process, track if the user was "unlocked" when started, so that we only spin up unaware providers in processes started before user unlock. Add generic IProgressListener to communicate PRE_BOOT progress and strings up to lock screen. For now, LockSettingsService just blocks until finished, but it could display these strings in the future. Bug: 27220885 Change-Id: I349439776b885acd32f6a578d8951ffd95640be2
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
042a68ae3297db27c4bd6aca7f1c39001261b85e |
|
03-Mar-2016 |
Jim Miller <jaggies@google.com> |
Merge "Attempt to fix bug where OwnerInfo gets lost." into nyc-dev
|
325c56741a4896741f3e3c5894c20ee55090a31b |
|
02-Mar-2016 |
Jim Miller <jaggies@google.com> |
Attempt to fix bug where OwnerInfo gets lost. Bug 27419272 Change-Id: I2f938606c3155afd2fc31b5da640b7b74c397a14
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
0a587d2840ca105746a9e14d018dc8ec2b3442be |
|
23-Feb-2016 |
Clara Bayarri <clarabayarri@google.com> |
Unlock Keystore/Keymaster separately for Work Challenge The Keystore should be unlocked by the work challenge when the work profile has its own lock, and should not be unlocked by the device lock in this case. Tested use cases: When unified, both users have the password key set to the parent's Setting a work challenge changes the work profile's password key to its own Unifying causes the work challenge key to be set to null first and then when the device password is reset right after that it is reset to the same as the parent Unlocking when locks are unified unlocks both using the same password key Unlocking the device when not unified only unlocks the parent Unlocking the work challenge only unlocks the work profile Bug:26817206 Change-Id: I99dca279687f4f77636992e355dbdb607bbf7b6d
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
b1b302660cf5b1b1c5b342cc90eca93b8f66890c |
|
09-Feb-2016 |
Kenny Guy <kennyguy@google.com> |
Support FBE for managed profiles. Allow launcher to see and attempt to launch non-crypto aware application when profile is locked. Hide unlock notification until parent user is unlocked. Have unlock notitication use confirm credentials to unlock the profile. Updated notification strings as per suggestions in mocks to make it clearer between users and profiles. Bug: 27038260 Change-Id: If2d2c8148670d814544f4edd44193d15da32a289
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
faeb3eb0ba190e6d6cfe2b82ce20af587848de57 |
|
08-Feb-2016 |
Paul Crowley <paulcrowley@google.com> |
Password security for FBE disk encryption keys Add the means to protect FBE keys with a combination of an auth token from Gatekeeper, and a hash of the password. Both of these must be passed to unlock_user_key. Keys are created unprotected, and change_user_key changes the way they are protected. Bug: 22950892 Change-Id: Ie13bc6f82059ce941b0e664a5b60355e52b45f30
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
98e0a266ea27e8dcd4d5e4380921f40f00e7b685 |
|
04-Feb-2016 |
Paul Crowley <paulcrowley@google.com> |
Always get an auth token when we verify. We need the auth token for FBE. In a future commit I'll get rid of the "verify" method altogether, but no need right now. Bug: 22950892 Change-Id: Ied2b666f0613dd97e021d3416ec06e44b9397d11
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
b1135b7196c87d74b293fea3f89400aa4f1dd084 |
|
03-Feb-2016 |
Jim Miller <jaggies@google.com> |
Add new icon for fbe notification Fixes bug 26863369 Change-Id: I967d585fa251782d18a5f24c025b28d40268dc85
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
e6c28031edb8137beb5d32ffed9e4dc4897d011b |
|
29-Jan-2016 |
Jim Miller <jaggies@google.com> |
FBE notification improvements - change language for FBE "account locked" notification - use lock icon Fixes bug 26863154 Change-Id: I1cf2e230cf717cadd26879a90fdccbade59057a8
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
4f93c58b393bad5d0bcc4237fa66f14fb9c9ee28 |
|
28-Jan-2016 |
Jim Miller <jaggies@google.com> |
Add account locked notification when users are encrypted Fixes bug 26407543 Change-Id: Ic66669cd5f75b5fa41449e33133439752cef112b
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a7aa4d6f0b91e050c083c19459b0c8b265c92617 |
|
20-Jan-2016 |
Rakesh Iyer <rni@google.com> |
Allow smart unlock right after boot. This change enables relaxing the constraint by which strong authentication is needed after device reboot. There are very limited use cases where this might be safe, one of which is in a car. Cars head units usually are protected physically by the car and have hardware anti-theft mechanisms so we can potentially allow for Android to allow users to use smart unlock to avoid the lockscreen just after boot. This change adds in a config flag that sets the default trust flags, which can be set to allow smart unlock after boot for car head units. Bug: 26559008 Change-Id: Id6338a97b617ddaf3d2fae5d51235429a42b81cc
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a1771110d67fa7361f92d92f2e91019882ce3305 |
|
18-Dec-2015 |
Clara Bayarri <clarabayarri@google.com> |
Create Work Challenge per-user condition Change the current static condition to a per-user condition so we can check and enable/disable the work challenge properly. Also add an isAllowed API, as the Work Challenge can only be used when the user's DPC targets N or above to maintain backwards compatibility. Change-Id: I0cb8b475838816801868ffb24726407aa257b4de
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
5a0fed684150f53d2d4293408f445f6092c24183 |
|
15-Dec-2015 |
Bryce Lee <brycelee@google.com> |
Allow access to deprecated LOCK_PATTERN_ENABLED flag. am: 4614596a39 am: 36393a5674 am: 4ab8b0696a am: 0510ad1bc9 * commit '0510ad1bc9a2da4fa84f1a5417a218dba48563e3': Allow access to deprecated LOCK_PATTERN_ENABLED flag.
|
4614596a395b6c86fff3f35a07edda2e848d743c |
|
14-Dec-2015 |
Bryce Lee <brycelee@google.com> |
Allow access to deprecated LOCK_PATTERN_ENABLED flag. It is possible that older platforms may have not cleared the lock pattern, but instead only checked this flag to determine the lock pattern enabled state. In such cases, upgrading to a platform with that only checks the lock pattern can lead to the lock screen being re-enabled by accident. These new methods allow this condition to be identified and resolved. Bug: 26029690 Change-Id: I8f7ebc0e1915049afe49c219c87010aa38a16244
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
b9fe53705ca851c39abe44e980219fd6733bf821 |
|
03-Dec-2015 |
Jeff Sharkey <jsharkey@android.com> |
Attempt to unlock users with null token. When starting a locked user, try unlocking their storace will a null token, which will typically succeed if there is an insecure lockscreen (no PIN or pattern). For users with a secure lockscreen, pass through a stub token for now to indicate that it came from a user challenge. Eventually we'll hook that up to gatekeeperd. Without this, we were only unlocking users with secure lockscreens. Bug: 25943941 Change-Id: Ia0324d50f43f55dfe0b8366793ddc5d25d885922
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
10ad84a17d7248488c1653bacc9f20d3a7193999 |
|
01-Dec-2015 |
Clara Bayarri <clarabayarri@google.com> |
Create a separate Work Challenge check This allows us to tell lock checks from FBE checks separately, and will be useful when dealing with password unification. Change-Id: Ifbea425f749fee4d6d51faddd8b64bf717a1a5f8
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
56878a93989a49538fabccfb7218face645030bf |
|
29-Oct-2015 |
Clara Bayarri <clarabayarri@google.com> |
Create work challenge timeout The work challenge should be locked whenever the device goes to sleep + admin timeout or when the power button is pressed if the lock setting is on. This change creates the infrastructure to lock a specific user instead of the device and uses it in these cases. Then, the current code that brings up the work challenge can check to only show it if the user is locked. Change-Id: I89b4342b1458d97734d7afa66be52bf04ec3a3d4
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
8924e8759f9a8cffb5ad538ca40a7826793aac07 |
|
30-Nov-2015 |
Jeff Sharkey <jsharkey@android.com> |
Wire up lifecycle, send unlocked broadcast. When the correct lock pattern is presented, ask the system to also unlock credential-encrypted storage, if enabled. The token passed along is empty for now, but can be wired up to gatekeeper in the future. During each system boot, ask vold to lock all users keys to give us a known starting state. This also has the effect of chmod'ing away any CE data when in emulation mode. Define and send a new foreground broadcast when the CE storage is unlocked for the first time. Add stronger last-ditch checking for encryption-awareness before starting an app. Bug: 22358539 Change-Id: Id1f1bece96a2b4e6f061214d565d51c7396ab521
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
7c69636c9a406265e1da368f3edfd8fb9651132c |
|
16-Sep-2015 |
Xiaohui Chen <xiaohuic@google.com> |
Cleanup USER_OWNER in various services Bug: 19913735 Change-Id: I980370bab18e1b9ccf4043eed2b9fd721a940f72
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
7f5ef05b3f0417e863aaac0f663364582f30c626 |
|
26-Aug-2015 |
Adrian Roos <roosa@google.com> |
am 60aff469: am f90169d1: am 5bc2a2c0: am d56892da: Merge "Disable fingerprint after user lockout" into mnc-dr-dev * commit '60aff469b2abd8787ba4c3d326909128b57d06ea': Disable fingerprint after user lockout
|
873010dfeea11e0f9982c66ad9bdc990d055b129 |
|
26-Aug-2015 |
Adrian Roos <roosa@google.com> |
Disable fingerprint after user lockout Bug: 22677859 Change-Id: I38b918d2e40b5bb423f2e5c171fe65bed8d440a6
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
e3b07451c3ca7064cb70f1829cf35963cba74bd8 |
|
22-Aug-2015 |
Adrian Roos <roosa@google.com> |
resolved conflicts for merge of bcc26c02 to master Change-Id: I4260ff0d090cfa9741fd3adcfcadcbbff6839388
|
b5e4722891e7bbf2fffcd995af02838667a3abab |
|
15-Aug-2015 |
Adrian Roos <roosa@google.com> |
Add StrongAuthTracker Bug: 22846469 Bug: 22115393 Change-Id: I6ef5322d02e540fc043e7f20d3aabf595ce7c224
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
6086a25eb7721d7a59445796b73ee4c3f2e87701 |
|
30-Jul-2015 |
Adrian Roos <roosa@google.com> |
am 5334b265: am aeda904f: am 4371922d: am 8e9b33f8: am 726d47b7: Merge "Fix and deprecate lock pattern related settings" into mnc-dev * commit '5334b265af71a31b0cf428b97b437ac040c067dc': Fix and deprecate lock pattern related settings
|
7811d9f5095a343acd218f4bb0a0e9e8f480b401 |
|
28-Jul-2015 |
Adrian Roos <roosa@google.com> |
Fix and deprecate lock pattern related settings Bug: 22557690 Change-Id: Ib4b3ef7cebe815ba9d9d2284f945a9ec746b216c
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
2c4a573f38a942b75d0321e66da2042753188cb7 |
|
10-Jul-2015 |
Andres Morales <anmorales@google.com> |
[LockSettings] fail hard when there's an error enrolling Soft failing causes state to go out of whack Bug: 22367550 Change-Id: I9f078cf1c39c35913c672741d8fb1be0b9c8c9e8
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
3188574c14c479a2898e5251b6b01db6be007975 |
|
30-Jun-2015 |
Andres Morales <anmorales@google.com> |
Merge "[LockSettings] adjust legacy patterns to base 0 for unlocking keystore" into mnc-dev
|
59ef126f0787fb1edeec8fcc3ebaadaf12f18c06 |
|
26-Jun-2015 |
Andres Morales <anmorales@google.com> |
[LockSettings] adjust legacy patterns to base 0 for unlocking keystore Otherwise, L keys will be lost as they're encrypted with the base 0 pattern. Keystore password is then re-enrolled with the base '1' pattern. Bug: 22118231 Change-Id: I37aea2afc3069f1ba48cb073268f1d66978b723e
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
f1900b500f71c372376b5d951d581afcca8d7b57 |
|
25-Jun-2015 |
Andres Morales <anmorales@google.com> |
Merge "[LockSettings] clear secure user id when user is removed" into mnc-dev
|
070fe63962baf30a648f7f85a7d00c177fc8b7c5 |
|
24-Jun-2015 |
Andres Morales <anmorales@google.com> |
[LockSettings] clear secure user id when user is removed Needed for QCOM HALs and for general good housekeeping Bug: 22011857 Change-Id: I6cc157a88ee125ecbf81fc51c226c63ba1d34b80
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
6d2c0e5ee2f717d4a5c00df08aca21c76eea8278 |
|
23-Jun-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Remove not needed contacts related permissions. This reverts commit ed5ff51b2ca7c051e2719dfc8a8a083e6208848e. Change-Id: If2407e4e474a438d95e1b7ad1aa6f441bb3ace08
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
ed5ff51b2ca7c051e2719dfc8a8a083e6208848e |
|
23-Jun-2015 |
Bart Sears <bsears@google.com> |
Revert "Remove not needed contacts related perissions." Broke the build, reverting. This reverts commit a2991da0d671adf511ccb884cf25bf1241303f92. Change-Id: I2bdfa70fbd8a6c03e48426f85eeb63896762d5da
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a2991da0d671adf511ccb884cf25bf1241303f92 |
|
22-Jun-2015 |
Svet Ganov <svetoslavganov@google.com> |
Remove not needed contacts related perissions. Removing the read/write profile/social stream permissions as they are not needed anymore. These permissions are for accessing data nested in the conacts provider which is already guaded by the read/write contacts runtime permissions. The removed permissions would be in the contacts group which means they would not provide more protection compated to read/write contacts. Also removing the permissions voids the need for app op support for legacy apps. Removed deprecated APIs for social streams as these were deprecated and will go away in the next release. We want apps targeting M to not be able to compile if still suing these APIs to help with migration. Change-Id: I26ed9055847af7f92c78eb0f4ac8f9f1aa616fcd
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
e40bad8cf9397becdf05776c775c8286d3de46fa |
|
28-May-2015 |
Andres Morales <anmorales@google.com> |
[LockSettings] migrate patterns to be indexed at '1' Base zero patterns (ones where the top left is idx 0) are not handled properly by scrypt. Add logic to re-enroll base zero patterns such that the top left is idx 1. Bug: 21433955 Change-Id: I7f67f2c67d40dd1be6c62117710dc3b0392275a2
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
2397427cb1a0bad8a42e6a342dcf29b31e40a234 |
|
15-May-2015 |
Andres Morales <anmorales@google.com> |
[LockSettings] migrate password attempt throttling to hardware leverage root protected, cryptographically secured hardware if available Bug: 21118563 Change-Id: Ifa804c5a0728bfd14466eb2a84051bace6d33d57
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
83ce095c848b972156256855d0f2a2ff4aa068fd |
|
12-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add keystore onUserAdded/Removed methods (cherry-picked from commit 31c2897105e6d71f8e6edeab312d2147bbdbaeb1) Change-Id: I73fe9344ec5660e58425d5c85d14381820533d57
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
a91a8504191d91d288c55821caa5bf00c9be26a2 |
|
07-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup keystore password changing and unlocking Add KeyStore.onUserPasswordChanged for the lockscreen to call when the user changes their password. Keystore will then handle the logic of deleting keys. Instead of calling Keystore.password_uid for both unlocking and password changes the behavior has been split into Keystore.unlock and onUserPasswordChanged. Change-Id: I324914c00195d762cbaa8c63084e41fa796b7df8
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
4383058bf4956f3a3132a58f0904087fdd569526 |
|
22-Apr-2015 |
Adrian Roos <roosa@google.com> |
Migrate lockscreen.disabled on upgrade Bug: 19962043 Change-Id: Iecec4ea869aeb9d814f7447b4805caa571f3fd01
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
301ea449921663ffe5673fb5751a7185a40bd5ea |
|
17-Apr-2015 |
Andres Morales <anmorales@google.com> |
Recover from dead GateKeeperService Binder Change-Id: Ie25b46225a88fd59e6426a338bb94152d2c1b302
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
cfb61601fa4e92445655de7b82d2bc0ea9000824 |
|
17-Apr-2015 |
Andres Morales <anmorales@google.com> |
Clear secure user ID and notify keystore when lock is cleared Change-Id: Id5bbde81b83add09e8362d439b19f1febe451003
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
d9fc85ac27742adbe89e54fd35f3cb2469e94b91 |
|
10-Apr-2015 |
Andres Morales <anmorales@google.com> |
Add challenge to IGateKeeperService required for enrolling secondary auth form-factors Change-Id: Id5a1eb1ed22f01fbaabe8e4ebddfc42d58322625
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
8fa5665f0e757cec0063fb4cf1354f1596f93a91 |
|
31-Mar-2015 |
Andres Morales <anmorales@google.com> |
Wire up GateKeeper to LockSettingsService Adds: - Communication to GKService - password upgrade flow - enroll takes previous credential Change-Id: I0161b64642be3d0e34ff4a9e6e3ca8569f2d7c0a
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
855fa30b74c99410869a7cdfa4cf07b37937c238 |
|
02-Apr-2015 |
Adrian Roos <roosa@google.com> |
Prevent non-platform apps from reading password type Bug: 20040521 Change-Id: I2b11dd05ff1c978ef658c9f5434eed578b742992
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
08c7116ab9cd04ad6dd3c04aa1017237e7f409ac |
|
28-Feb-2015 |
John Spurlock <jspurlock@google.com> |
Remove unused imports in frameworks/base. Change-Id: I031443de83f93eb57a98863001826671b18f3b17
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
001b00d3bd8c20c7e73cb8101cbe98291bd5e68f |
|
24-Feb-2015 |
Adrian Roos <roosa@google.com> |
Prevent regular processes from accessing the password history Bug: 19019350 Change-Id: Iee410d62827fe0f9d43e08dd8869e8eea590382f
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
072543f58037697772663ed34ee26317e9d662c5 |
|
13-Feb-2015 |
Amith Yamasani <yamasani@google.com> |
Backup/restore owner info from locksettings Backup the owner info string and whether or not owner info is to be shown on the lockscreen. Watch for changes to the two settings in LockSettingsService and inform backup manager. Bump up version numbers for the new entity. Bug: 19300363 Change-Id: I35485c961d18b26be68873f4d5eeedc5ae513cc8
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
9dd16ebcf2a25c189a39b72847d3db2b1189cb4d |
|
08-Jan-2015 |
Adrian Roos <roosa@google.com> |
LockPatternUtils clean up continued - Deprecate Settings.Secure.LOCK_PATTERN_ENABLED - Remove unused permanent lock out - Disallow empty/null arguments to saveLockPattern and saveLockPassword - Refactor repeated quality checks Change-Id: I6f369eb60f8f6bb1e33384cd06534c713ab52e79
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
db0f76e1d85f8cb878a9540ac1b692636f9fd89e |
|
07-Jan-2015 |
Adrian Roos <roosa@google.com> |
Directly dispatch USER_REMOVED to LockSettingsService Bug: 18931518 Change-Id: Ibaf875a06868ae3196115d77eed6874daf2fec16
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
230635efe7ffb09d6dc56bfd9193aa1d89c8a898 |
|
07-Jan-2015 |
Adrian Roos <roosa@google.com> |
Purge biometric weak and keyguard widgets Bug: 18931518 Change-Id: I5da41908b1d6895a69f981e139f2d268327fafcd
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
138b83347b8da29166ee2eb09fa8126686bda3c7 |
|
11-Nov-2014 |
Adrian Roos <roosa@google.com> |
Obliterate LockPatternUtilsCache It is disabled dead code already and not useful anymore with the new caching in LockSettingsService. Bug: 18163444 Change-Id: Icc184e923e0fbeab31ed128336c01f835b24c6f2
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
3dcae68501a1fc1c433d12a9d55a31c7eaab016c |
|
29-Oct-2014 |
Adrian Roos <roosa@google.com> |
Add caching to LockSettingsStorage Bug: 18163444 Change-Id: I4caa80ca55efec761e965807ae793db41864321f
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
450ce9fc8a1522819aec151433e6f509dfe60690 |
|
29-Oct-2014 |
Adrian Roos <roosa@google.com> |
Disable LockPatternUtilsCache Also fix a bug where hasPattern and hasPassword were not invalidated properly. Bug: 18163444 Change-Id: I5bd8cc4e7c0d00497ee7a42f3c34449aa3f95a6c
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
261d5ab8f4c3fdd34163468fd48ab07f7ad13d3c |
|
29-Oct-2014 |
Adrian Roos <roosa@google.com> |
Refactor LockSettingsService into storage and logic Creates a new LockSettingsStorage class to handle stroring and retreiving data. Bug: 18163444 Change-Id: Ia3bc4ad679c5e1217756ae6b3b80cfce3599baed
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
49d810cb632bd4c334ebfd3932658fa6973bcbef |
|
23-Sep-2014 |
Robin Lee <rgl@google.com> |
Reset keystore when user is added or removed Because user IDs are recycled it is not safe to leave this kind of information around after deleting. Bug: 17403144 Change-Id: I441f85750cf8818adaf62a1acdb2ba7b4bfc1b7e
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
1096cf8664963a136a325b2bc511c8f381b9ba77 |
|
01-Sep-2014 |
Robin Lee <rgl@google.com> |
Delete locksettings files for toplevel users only Fixes an issue created by change: I7941707ca66ac25bd122fd22e5e0f639e7af697e Bug: 16233206 Change-Id: Ia905d153e94303acd611178333adc77c68933711
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
f0246a8a14d69680d1776620e75a485cf963e574 |
|
13-Aug-2014 |
Robin Lee <rgl@google.com> |
Keep managed profile keystores in sync with owner Fixes setting a keyguard password for keystore in a multi-user setup while we're at it. Bug: 16233206. Change-Id: I7941707ca66ac25bd122fd22e5e0f639e7af697e
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
987672d2621fa5278dbf48cbef46c50d3fafe4c1 |
|
18-Jul-2014 |
Geoffrey Borggaard <geoffreyb@google.com> |
Fixes setting password through DevicePolicyManager LockPatternUtils wasn't taking the userId into account when looking up the salt. Bug: 16204999 Change-Id: I0626b5a0a55c244122c24fb4446f270918f3187c
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
4f7884542ce8fba5bfed01ed834a32e6d3e2dea5 |
|
22-May-2014 |
Adrian Roos <roosa@google.com> |
Add a cache to LockPatternUtils Caches responses from LockSettingsService in the client process. Bug: 15088101 Change-Id: If77c5ec45f52a02c800d50cb8550bfcb180f301d
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
945490c12e32b1c13b9097c00702558260b2011f |
|
27-Mar-2014 |
Paul Lawrence <paullawrence@google.com> |
Don't double prompt on booting encrypted device vold will store password securely until KeyGuard requests it and hands it on to KeyStore. This is a revision of https://googleplex-android-review.git.corp.google.com/#/c/418123/ which was reverted. It had two bugs in LockSettingsService.checkVoldPassword. 1) We were not checking password for null, which caused an exception 2) checkPattern/checkPassword return true if there is no saved pattern or password. This leads to situations where we get true returned even when the password doesn't match. Call the correct one based on what is there, not what vold thinks ought to be there. Bug: 12990752 Change-Id: I05315753387b1e508de5aa79b5a68ad7315791d4
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
6ee7d25010d4f23b44a151f3953225ba253de8af |
|
26-Mar-2014 |
Paul Lawrence <paullawrence@google.com> |
Revert "Don't prompt at boot if we already did that when decrypting" This reverts commit 493e3e7e6523fd94cc1acae3e45935a1227d58c3. Should fixes Bug: 13611885 Bug: 13656830 Change-Id: I117c988bb6679f44f8add4fcc18f45cb8238dfb4
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
493e3e7e6523fd94cc1acae3e45935a1227d58c3 |
|
06-Feb-2014 |
Paul Lawrence <paullawrence@google.com> |
Don't prompt at boot if we already did that when decrypting vold will store password securely until KeyGuard requests it and hands it on to KeyStore. Needs matching vold changes from https://googleplex-android-review.git.corp.google.com/#/c/432050/ Bug: 12990752 Change-Id: I930ed8180cf0b8feb1e58db043d5fb6dff1bab20
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|
49782e46c0eb85a25ae2abcf80880c48dbab5aea |
|
20-Dec-2013 |
Amith Yamasani <yamasani@google.com> |
am 9158825f: Move some system services to separate directories * commit '9158825f9c41869689d6b1786d7c7aa8bdd524ce': Move some system services to separate directories
|
9158825f9c41869689d6b1786d7c7aa8bdd524ce |
|
22-Nov-2013 |
Amith Yamasani <yamasani@google.com> |
Move some system services to separate directories Refactored the directory structure so that services can be optionally excluded. This is step 1. Will be followed by another change that makes it possible to remove services from the build. Change-Id: Ideacedfd34b5e213217ad3ff4ebb21c4a8e73f85
/frameworks/base/services/core/java/com/android/server/LockSettingsService.java
|