diff options
| author | Adrian Roos <roosa@google.com> | 2014-06-25 23:28:53 +0200 |
|---|---|---|
| committer | Adrian Roos <roosa@google.com> | 2014-06-25 23:28:53 +0200 |
| commit | 2c12cfa1d53b586ae8a8d6aca64a4de771dc85b0 (patch) | |
| tree | c766f344a66353c72b24f2a7a21649d3e91c6eb7 /services/core/java/com/android/server/trust | |
| parent | 88f5993692ac768c0bb6a782a79ca7c6932d5731 (diff) | |
| download | frameworks_base-2c12cfa1d53b586ae8a8d6aca64a4de771dc85b0.zip frameworks_base-2c12cfa1d53b586ae8a8d6aca64a4de771dc85b0.tar.gz frameworks_base-2c12cfa1d53b586ae8a8d6aca64a4de771dc85b0.tar.bz2 | |
Trust Agents: Add facility to request credential entry
Bug: 15871777
Change-Id: I43c80151f6403ff62961aeb3dc7aafe049e18a62
Diffstat (limited to 'services/core/java/com/android/server/trust')
| -rw-r--r-- | services/core/java/com/android/server/trust/TrustManagerService.java | 30 |
1 files changed, 28 insertions, 2 deletions
diff --git a/services/core/java/com/android/server/trust/TrustManagerService.java b/services/core/java/com/android/server/trust/TrustManagerService.java index 32546df..1aec569 100644 --- a/services/core/java/com/android/server/trust/TrustManagerService.java +++ b/services/core/java/com/android/server/trust/TrustManagerService.java @@ -88,6 +88,7 @@ public class TrustManagerService extends SystemService { private static final int MSG_UNREGISTER_LISTENER = 2; private static final int MSG_DISPATCH_UNLOCK_ATTEMPT = 3; private static final int MSG_ENABLED_AGENTS_CHANGED = 4; + private static final int MSG_REQUIRE_CREDENTIAL_ENTRY = 5; private final ArraySet<AgentInfo> mActiveAgents = new ArraySet<AgentInfo>(); private final ArrayList<ITrustListener> mTrustListeners = new ArrayList<ITrustListener>(); @@ -314,6 +315,17 @@ public class TrustManagerService extends SystemService { } } + + private void requireCredentialEntry(int userId) { + if (userId == UserHandle.USER_ALL) { + mUserHasAuthenticatedSinceBoot.clear(); + updateTrustAll(); + } else { + mUserHasAuthenticatedSinceBoot.put(userId, false); + updateTrust(userId); + } + } + // Listeners private void addListener(ITrustListener listener) { @@ -367,6 +379,17 @@ public class TrustManagerService extends SystemService { } @Override + public void reportRequireCredentialEntry(int userId) throws RemoteException { + enforceReportPermission(); + if (userId == UserHandle.USER_ALL || userId >= UserHandle.USER_OWNER) { + mHandler.obtainMessage(MSG_REQUIRE_CREDENTIAL_ENTRY, userId, 0).sendToTarget(); + } else { + throw new IllegalArgumentException( + "userId must be an explicit user id or USER_ALL"); + } + } + + @Override public void registerTrustListener(ITrustListener trustListener) throws RemoteException { enforceListenerPermission(); mHandler.obtainMessage(MSG_REGISTER_LISTENER, trustListener).sendToTarget(); @@ -379,8 +402,8 @@ public class TrustManagerService extends SystemService { } private void enforceReportPermission() { - mContext.enforceCallingPermission(Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE, - "reporting trust events"); + mContext.enforceCallingOrSelfPermission( + Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE, "reporting trust events"); } private void enforceListenerPermission() { @@ -460,6 +483,9 @@ public class TrustManagerService extends SystemService { case MSG_ENABLED_AGENTS_CHANGED: refreshAgentList(); break; + case MSG_REQUIRE_CREDENTIAL_ENTRY: + requireCredentialEntry(msg.arg1); + break; } } }; |