diff options
14 files changed, 170 insertions, 65 deletions
diff --git a/api/system-current.txt b/api/system-current.txt index e6b4c60..4b283fe 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -30942,7 +30942,8 @@ package android.service.trust { public class TrustAgentService extends android.app.Service { ctor public TrustAgentService(); - method public final void grantTrust(java.lang.CharSequence, long, boolean); + method public final deprecated void grantTrust(java.lang.CharSequence, long, boolean); + method public final void grantTrust(java.lang.CharSequence, long, int); method public final android.os.IBinder onBind(android.content.Intent); method public boolean onConfigure(java.util.List<android.os.PersistableBundle>); method public void onDeviceLocked(); @@ -30951,6 +30952,8 @@ package android.service.trust { method public void onUnlockAttempt(boolean); method public final void revokeTrust(); method public final void setManagingTrust(boolean); + field public static final int FLAG_GRANT_TRUST_DISMISS_KEYGUARD = 2; // 0x2 + field public static final int FLAG_GRANT_TRUST_INITIATED_BY_USER = 1; // 0x1 field public static final java.lang.String SERVICE_INTERFACE = "android.service.trust.TrustAgentService"; field public static final java.lang.String TRUST_AGENT_META_DATA = "android.service.trust.trustagent"; } diff --git a/core/java/android/app/trust/ITrustListener.aidl b/core/java/android/app/trust/ITrustListener.aidl index d80f58c..506dd12 100644 --- a/core/java/android/app/trust/ITrustListener.aidl +++ b/core/java/android/app/trust/ITrustListener.aidl @@ -22,6 +22,6 @@ package android.app.trust; * {@hide} */ oneway interface ITrustListener { - void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser); + void onTrustChanged(boolean enabled, int userId, int flags); void onTrustManagedChanged(boolean managed, int userId); }
\ No newline at end of file diff --git a/core/java/android/app/trust/TrustManager.java b/core/java/android/app/trust/TrustManager.java index 705a144..b5c5317 100644 --- a/core/java/android/app/trust/TrustManager.java +++ b/core/java/android/app/trust/TrustManager.java @@ -34,7 +34,7 @@ public class TrustManager { private static final int MSG_TRUST_MANAGED_CHANGED = 2; private static final String TAG = "TrustManager"; - private static final String DATA_INITIATED_BY_USER = "initiatedByUser"; + private static final String DATA_FLAGS = "initiatedByUser"; private final ITrustManager mService; private final ArrayMap<TrustListener, ITrustListener> mTrustListeners; @@ -109,11 +109,11 @@ public class TrustManager { try { ITrustListener.Stub iTrustListener = new ITrustListener.Stub() { @Override - public void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser) { + public void onTrustChanged(boolean enabled, int userId, int flags) { Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId, trustListener); - if (initiatedByUser) { - m.getData().putBoolean(DATA_INITIATED_BY_USER, initiatedByUser); + if (flags != 0) { + m.getData().putInt(DATA_FLAGS, flags); } m.sendToTarget(); } @@ -156,11 +156,8 @@ public class TrustManager { public void handleMessage(Message msg) { switch(msg.what) { case MSG_TRUST_CHANGED: - boolean initiatedByUser = msg.peekData() != null && - msg.peekData().getBoolean(DATA_INITIATED_BY_USER); - ((TrustListener)msg.obj).onTrustChanged( - msg.arg1 != 0, msg.arg2, initiatedByUser); - + int flags = msg.peekData() != null ? msg.peekData().getInt(DATA_FLAGS) : 0; + ((TrustListener)msg.obj).onTrustChanged(msg.arg1 != 0, msg.arg2, flags); break; case MSG_TRUST_MANAGED_CHANGED: ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2); @@ -174,10 +171,11 @@ public class TrustManager { * Reports that the trust state has changed. * @param enabled if true, the system believes the environment to be trusted. * @param userId the user, for which the trust changed. - * @param initiatedByUser indicates that the user has explicitly initiated an action that - * proves the user is about to use the device. + * @param flags flags specified by the trust agent when granting trust. See + * {@link android.service.trust.TrustAgentService#grantTrust(CharSequence, long, int) + * TrustAgentService.grantTrust(CharSequence, long, int)}. */ - void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser); + void onTrustChanged(boolean enabled, int userId, int flags); /** * Reports that whether trust is managed has changed diff --git a/core/java/android/service/trust/ITrustAgentServiceCallback.aidl b/core/java/android/service/trust/ITrustAgentServiceCallback.aidl index 76b2be0..ec66cc8 100644 --- a/core/java/android/service/trust/ITrustAgentServiceCallback.aidl +++ b/core/java/android/service/trust/ITrustAgentServiceCallback.aidl @@ -24,7 +24,7 @@ import android.os.UserHandle; * @hide */ oneway interface ITrustAgentServiceCallback { - void grantTrust(CharSequence message, long durationMs, boolean initiatedByUser); + void grantTrust(CharSequence message, long durationMs, int flags); void revokeTrust(); void setManagingTrust(boolean managingTrust); void onConfigureCompleted(boolean result, IBinder token); diff --git a/core/java/android/service/trust/TrustAgentService.java b/core/java/android/service/trust/TrustAgentService.java index a3178e2..9d7ffad 100644 --- a/core/java/android/service/trust/TrustAgentService.java +++ b/core/java/android/service/trust/TrustAgentService.java @@ -17,6 +17,7 @@ package android.service.trust; import android.Manifest; +import android.annotation.IntDef; import android.annotation.SdkConstant; import android.annotation.SystemApi; import android.app.Service; @@ -32,6 +33,8 @@ import android.os.RemoteException; import android.util.Log; import android.util.Slog; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; import java.util.List; /** @@ -69,6 +72,7 @@ import java.util.List; */ @SystemApi public class TrustAgentService extends Service { + private final String TAG = TrustAgentService.class.getSimpleName() + "[" + getClass().getSimpleName() + "]"; private static final boolean DEBUG = false; @@ -86,6 +90,34 @@ public class TrustAgentService extends Service { */ public static final String TRUST_AGENT_META_DATA = "android.service.trust.trustagent"; + + /** + * Flag for {@link #grantTrust(CharSequence, long, int)} indicating that trust is being granted + * as the direct result of user action - such as solving a security challenge. The hint is used + * by the system to optimize the experience. Behavior may vary by device and release, so + * one should only set this parameter if it meets the above criteria rather than relying on + * the behavior of any particular device or release. + */ + public static final int FLAG_GRANT_TRUST_INITIATED_BY_USER = 1 << 0; + + /** + * Flag for {@link #grantTrust(CharSequence, long, int)} indicating that the agent would like + * to dismiss the keyguard. When using this flag, the {@code TrustAgentService} must ensure + * it is only set in response to a direct user action with the expectation of dismissing the + * keyguard. + */ + public static final int FLAG_GRANT_TRUST_DISMISS_KEYGUARD = 1 << 1; + + /** @hide */ + @Retention(RetentionPolicy.SOURCE) + @IntDef(flag = true, + value = { + FLAG_GRANT_TRUST_INITIATED_BY_USER, + FLAG_GRANT_TRUST_DISMISS_KEYGUARD, + }) + public @interface GrantTrustFlags {} + + private static final int MSG_UNLOCK_ATTEMPT = 1; private static final int MSG_CONFIGURE = 2; private static final int MSG_TRUST_TIMEOUT = 3; @@ -228,11 +260,35 @@ public class TrustAgentService extends Service { * direct result of user action - such as solving a security challenge. The hint is used * by the system to optimize the experience. Behavior may vary by device and release, so * one should only set this parameter if it meets the above criteria rather than relying on - * the behavior of any particular device or release. + * the behavior of any particular device or release. Corresponds to + * {@link #FLAG_GRANT_TRUST_INITIATED_BY_USER}. * @throws IllegalStateException if the agent is not currently managing trust. + * + * @deprecated use {@link #grantTrust(CharSequence, long, int)} instead. */ + @Deprecated public final void grantTrust( final CharSequence message, final long durationMs, final boolean initiatedByUser) { + grantTrust(message, durationMs, initiatedByUser ? FLAG_GRANT_TRUST_INITIATED_BY_USER : 0); + } + + /** + * Call to grant trust on the device. + * + * @param message describes why the device is trusted, e.g. "Trusted by location". + * @param durationMs amount of time in milliseconds to keep the device in a trusted state. + * Trust for this agent will automatically be revoked when the timeout expires unless + * extended by a subsequent call to this function. The timeout is measured from the + * invocation of this function as dictated by {@link SystemClock#elapsedRealtime())}. + * For security reasons, the value should be no larger than necessary. + * The value may be adjusted by the system as necessary to comply with a policy controlled + * by the system or {@link DevicePolicyManager} restrictions. See {@link #onTrustTimeout()} + * for determining when trust expires. + * @param flags TBDocumented + * @throws IllegalStateException if the agent is not currently managing trust. + */ + public final void grantTrust( + final CharSequence message, final long durationMs, @GrantTrustFlags final int flags) { synchronized (mLock) { if (!mManagingTrust) { throw new IllegalStateException("Cannot grant trust if agent is not managing trust." @@ -240,7 +296,7 @@ public class TrustAgentService extends Service { } if (mCallback != null) { try { - mCallback.grantTrust(message.toString(), durationMs, initiatedByUser); + mCallback.grantTrust(message.toString(), durationMs, flags); } catch (RemoteException e) { onError("calling enableTrust()"); } @@ -250,7 +306,7 @@ public class TrustAgentService extends Service { mPendingGrantTrustTask = new Runnable() { @Override public void run() { - grantTrust(message, durationMs, initiatedByUser); + grantTrust(message, durationMs, flags); } }; } diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardHostView.java b/packages/Keyguard/src/com/android/keyguard/KeyguardHostView.java index a88497c..be71b034 100644 --- a/packages/Keyguard/src/com/android/keyguard/KeyguardHostView.java +++ b/packages/Keyguard/src/com/android/keyguard/KeyguardHostView.java @@ -23,6 +23,7 @@ import android.content.res.Resources; import android.graphics.Canvas; import android.media.AudioManager; import android.os.SystemClock; +import android.service.trust.TrustAgentService; import android.telephony.TelephonyManager; import android.util.AttributeSet; import android.util.Log; @@ -69,14 +70,27 @@ public class KeyguardHostView extends FrameLayout implements SecurityCallback { } @Override - public void onTrustInitiatedByUser(int userId) { + public void onTrustGrantedWithFlags(int flags, int userId) { if (userId != mLockPatternUtils.getCurrentUser()) return; if (!isAttachedToWindow()) return; - - if (isVisibleToUser()) { - dismiss(false /* authenticated */); - } else { - mViewMediatorCallback.playTrustedSound(); + boolean bouncerVisible = isVisibleToUser(); + boolean initiatedByUser = + (flags & TrustAgentService.FLAG_GRANT_TRUST_INITIATED_BY_USER) != 0; + boolean dismissKeyguard = + (flags & TrustAgentService.FLAG_GRANT_TRUST_DISMISS_KEYGUARD) != 0; + + if (initiatedByUser || dismissKeyguard) { + if (mViewMediatorCallback.isScreenOn() && (bouncerVisible || dismissKeyguard)) { + if (!bouncerVisible) { + // The trust agent dismissed the keyguard without the user proving + // that they are present (by swiping up to show the bouncer). That's fine if + // the user proved presence via some other way to the trust agent. + Log.i(TAG, "TrustAgent dismissed Keyguard."); + } + dismiss(false /* authenticated */); + } else { + mViewMediatorCallback.playTrustedSound(); + } } } }; diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java index 50c9f2d..1eec532 100644 --- a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java +++ b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java @@ -58,12 +58,12 @@ import android.hardware.fingerprint.FingerprintManager; import android.hardware.fingerprint.FingerprintManager.AuthenticationCallback; import android.hardware.fingerprint.FingerprintUtils; import android.hardware.fingerprint.FingerprintManager.AuthenticationResult; +import android.service.trust.TrustAgentService; import android.telephony.SubscriptionInfo; import android.telephony.SubscriptionManager; import android.telephony.SubscriptionManager.OnSubscriptionsChangedListener; import android.telephony.TelephonyManager; import android.util.Log; -import android.util.Slog; import android.util.SparseBooleanArray; import com.google.android.collect.Lists; @@ -245,15 +245,14 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener { private SparseBooleanArray mUserFaceUnlockRunning = new SparseBooleanArray(); @Override - public void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser) { + public void onTrustChanged(boolean enabled, int userId, int flags) { mUserHasTrust.put(userId, enabled); - for (int i = 0; i < mCallbacks.size(); i++) { KeyguardUpdateMonitorCallback cb = mCallbacks.get(i).get(); if (cb != null) { cb.onTrustChanged(userId); - if (enabled && initiatedByUser) { - cb.onTrustInitiatedByUser(userId); + if (enabled && flags != 0) { + cb.onTrustGrantedWithFlags(flags, userId); } } } diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitorCallback.java b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitorCallback.java index 756a7a4..26e6973 100644 --- a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitorCallback.java +++ b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitorCallback.java @@ -171,9 +171,9 @@ public class KeyguardUpdateMonitorCallback { public void onTrustManagedChanged(int userId) { } /** - * Called when the user has proved to a trust agent that they want to use the device. + * Called after trust was granted with non-zero flags. */ - public void onTrustInitiatedByUser(int userId) { } + public void onTrustGrantedWithFlags(int flags, int userId) { } /** * Called when a fingerprint is recognized. diff --git a/packages/Keyguard/src/com/android/keyguard/ViewMediatorCallback.java b/packages/Keyguard/src/com/android/keyguard/ViewMediatorCallback.java index 5bbcc8c..f5c809a 100644 --- a/packages/Keyguard/src/com/android/keyguard/ViewMediatorCallback.java +++ b/packages/Keyguard/src/com/android/keyguard/ViewMediatorCallback.java @@ -76,4 +76,9 @@ public interface ViewMediatorCallback { * (legacy API) */ boolean isInputRestricted(); + + /** + * @return true if the screen is on + */ + boolean isScreenOn(); } diff --git a/packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgent.java b/packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgent.java index e6a0dd7..b8f16e7 100644 --- a/packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgent.java +++ b/packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgent.java @@ -38,7 +38,7 @@ public class SampleTrustAgent extends TrustAgentService * <pre> * $ adb shell am broadcast -a action.sample_trust_agent.grant_trust\ * -e extra.message SampleTrust\ - * --el extra.duration 1000 --ez extra.init_by_user false + * --el extra.duration 1000 --ez extra.init_by_user false --ez extra.dismiss_keyguard false * </pre> */ private static final boolean ALLOW_EXTERNAL_BROADCASTS = false; @@ -51,6 +51,7 @@ public class SampleTrustAgent extends TrustAgentService private static final String EXTRA_MESSAGE = "extra.message"; private static final String EXTRA_DURATION = "extra.duration"; private static final String EXTRA_INITIATED_BY_USER = "extra.init_by_user"; + private static final String EXTRA_DISMISS_KEYGUARD = "extra.dismiss_keyguard"; private static final String PREFERENCE_REPORT_UNLOCK_ATTEMPTS = "preference.report_unlock_attempts"; @@ -141,10 +142,17 @@ public class SampleTrustAgent extends TrustAgentService public void onReceive(Context context, Intent intent) { String action = intent.getAction(); if (ACTION_GRANT_TRUST.equals(action)) { + int flags = 0; + if (intent.getBooleanExtra(EXTRA_INITIATED_BY_USER, false)) { + flags |= TrustAgentService.FLAG_GRANT_TRUST_INITIATED_BY_USER; + } + if (intent.getBooleanExtra(EXTRA_DISMISS_KEYGUARD, false)) { + flags |= TrustAgentService.FLAG_GRANT_TRUST_DISMISS_KEYGUARD; + } + try { grantTrust(intent.getStringExtra(EXTRA_MESSAGE), - intent.getLongExtra(EXTRA_DURATION, 0), - intent.getBooleanExtra(EXTRA_INITIATED_BY_USER, false)); + intent.getLongExtra(EXTRA_DURATION, 0), flags); } catch (IllegalStateException e) { logAndShowToast("IllegalStateException: " + e.getMessage()); } diff --git a/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java b/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java index 97a4c55..f16fb5c 100644 --- a/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java +++ b/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java @@ -505,6 +505,11 @@ public class KeyguardViewMediator extends SystemUI { public boolean isInputRestricted() { return KeyguardViewMediator.this.isInputRestricted(); } + + @Override + public boolean isScreenOn() { + return mScreenOn; + } }; public void userActivity() { diff --git a/services/core/java/com/android/server/trust/TrustAgentWrapper.java b/services/core/java/com/android/server/trust/TrustAgentWrapper.java index dec195d..fb7d186 100644 --- a/services/core/java/com/android/server/trust/TrustAgentWrapper.java +++ b/services/core/java/com/android/server/trust/TrustAgentWrapper.java @@ -116,7 +116,7 @@ public class TrustAgentWrapper { } mTrusted = true; mMessage = (CharSequence) msg.obj; - boolean initiatedByUser = msg.arg1 != 0; + int flags = msg.arg1; long durationMs = msg.getData().getLong(DATA_DURATION); if (durationMs > 0) { final long duration; @@ -141,8 +141,8 @@ public class TrustAgentWrapper { } mTrustManagerService.mArchive.logGrantTrust(mUserId, mName, (mMessage != null ? mMessage.toString() : null), - durationMs, initiatedByUser); - mTrustManagerService.updateTrust(mUserId, initiatedByUser); + durationMs, flags); + mTrustManagerService.updateTrust(mUserId, flags); break; case MSG_TRUST_TIMEOUT: if (DEBUG) Slog.v(TAG, "Trust timed out : " + mName.flattenToShortString()); @@ -156,7 +156,7 @@ public class TrustAgentWrapper { if (msg.what == MSG_REVOKE_TRUST) { mTrustManagerService.mArchive.logRevokeTrust(mUserId, mName); } - mTrustManagerService.updateTrust(mUserId, false); + mTrustManagerService.updateTrust(mUserId, 0); break; case MSG_RESTART_TIMEOUT: destroy(); @@ -171,7 +171,7 @@ public class TrustAgentWrapper { if (DEBUG) Log.v(TAG, "Re-enabling agent because it acknowledged " + "enabled features: " + mName); mTrustDisabledByDpm = false; - mTrustManagerService.updateTrust(mUserId, false); + mTrustManagerService.updateTrust(mUserId, 0); } } else { if (DEBUG) Log.w(TAG, "Ignoring MSG_SET_TRUST_AGENT_FEATURES_COMPLETED " @@ -185,7 +185,7 @@ public class TrustAgentWrapper { mMessage = null; } mTrustManagerService.mArchive.logManagingTrust(mUserId, mName, mManagingTrust); - mTrustManagerService.updateTrust(mUserId, false); + mTrustManagerService.updateTrust(mUserId, 0); break; } } @@ -194,12 +194,12 @@ public class TrustAgentWrapper { private ITrustAgentServiceCallback mCallback = new ITrustAgentServiceCallback.Stub() { @Override - public void grantTrust(CharSequence userMessage, long durationMs, boolean initiatedByUser) { + public void grantTrust(CharSequence userMessage, long durationMs, int flags) { if (DEBUG) Slog.v(TAG, "enableTrust(" + userMessage + ", durationMs = " + durationMs - + ", initiatedByUser = " + initiatedByUser + ")"); + + ", flags = " + flags + ")"); Message msg = mHandler.obtainMessage( - MSG_GRANT_TRUST, initiatedByUser ? 1 : 0, 0, userMessage); + MSG_GRANT_TRUST, flags, 0, userMessage); msg.getData().putLong(DATA_DURATION, durationMs); msg.sendToTarget(); } @@ -381,7 +381,7 @@ public class TrustAgentWrapper { } if (mTrustDisabledByDpm != trustDisabled) { mTrustDisabledByDpm = trustDisabled; - mTrustManagerService.updateTrust(mUserId, false); + mTrustManagerService.updateTrust(mUserId, 0); } return trustDisabled; } diff --git a/services/core/java/com/android/server/trust/TrustArchive.java b/services/core/java/com/android/server/trust/TrustArchive.java index 7253716..fd63d48 100644 --- a/services/core/java/com/android/server/trust/TrustArchive.java +++ b/services/core/java/com/android/server/trust/TrustArchive.java @@ -19,6 +19,7 @@ package com.android.server.trust; import android.content.ComponentName; import android.os.SystemClock; import android.os.UserHandle; +import android.service.trust.TrustAgentService; import android.util.TimeUtils; import java.io.PrintWriter; @@ -48,20 +49,20 @@ public class TrustArchive { // grantTrust final String message; final long duration; - final boolean userInitiated; + final int flags; // managingTrust final boolean managingTrust; private Event(int type, int userId, ComponentName agent, String message, - long duration, boolean userInitiated, boolean managingTrust) { + long duration, int flags, boolean managingTrust) { this.type = type; this.userId = userId; this.agent = agent; this.elapsedTimestamp = SystemClock.elapsedRealtime(); this.message = message; this.duration = duration; - this.userInitiated = userInitiated; + this.flags = flags; this.managingTrust = managingTrust; } } @@ -69,33 +70,33 @@ public class TrustArchive { ArrayDeque<Event> mEvents = new ArrayDeque<Event>(); public void logGrantTrust(int userId, ComponentName agent, String message, - long duration, boolean userInitiated) { + long duration, int flags) { addEvent(new Event(TYPE_GRANT_TRUST, userId, agent, message, duration, - userInitiated, false)); + flags, false)); } public void logRevokeTrust(int userId, ComponentName agent) { - addEvent(new Event(TYPE_REVOKE_TRUST, userId, agent, null, 0, false, false)); + addEvent(new Event(TYPE_REVOKE_TRUST, userId, agent, null, 0, 0, false)); } public void logTrustTimeout(int userId, ComponentName agent) { - addEvent(new Event(TYPE_TRUST_TIMEOUT, userId, agent, null, 0, false, false)); + addEvent(new Event(TYPE_TRUST_TIMEOUT, userId, agent, null, 0, 0, false)); } public void logAgentDied(int userId, ComponentName agent) { - addEvent(new Event(TYPE_AGENT_DIED, userId, agent, null, 0, false, false)); + addEvent(new Event(TYPE_AGENT_DIED, userId, agent, null, 0, 0, false)); } public void logAgentConnected(int userId, ComponentName agent) { - addEvent(new Event(TYPE_AGENT_CONNECTED, userId, agent, null, 0, false, false)); + addEvent(new Event(TYPE_AGENT_CONNECTED, userId, agent, null, 0, 0, false)); } public void logAgentStopped(int userId, ComponentName agent) { - addEvent(new Event(TYPE_AGENT_STOPPED, userId, agent, null, 0, false, false)); + addEvent(new Event(TYPE_AGENT_STOPPED, userId, agent, null, 0, 0, false)); } public void logManagingTrust(int userId, ComponentName agent, boolean managing) { - addEvent(new Event(TYPE_MANAGING_TRUST, userId, agent, null, 0, false, managing)); + addEvent(new Event(TYPE_MANAGING_TRUST, userId, agent, null, 0, 0, managing)); } private void addEvent(Event e) { @@ -129,8 +130,8 @@ public class TrustArchive { } switch (ev.type) { case TYPE_GRANT_TRUST: - writer.printf(", message=\"%s\", duration=%s, initiatedByUser=%d", - ev.message, formatDuration(ev.duration), ev.userInitiated ? 1 : 0); + writer.printf(", message=\"%s\", duration=%s, flags=%s", + ev.message, formatDuration(ev.duration), dumpGrantFlags(ev.flags)); break; case TYPE_MANAGING_TRUST: writer.printf(", managingTrust=" + ev.managingTrust); @@ -184,4 +185,20 @@ public class TrustArchive { return "Unknown(" + type + ")"; } } + + private String dumpGrantFlags(int flags) { + StringBuilder sb = new StringBuilder(); + if ((flags & TrustAgentService.FLAG_GRANT_TRUST_INITIATED_BY_USER) != 0) { + if (sb.length() != 0) sb.append('|'); + sb.append("INITIATED_BY_USER"); + } + if ((flags & TrustAgentService.FLAG_GRANT_TRUST_DISMISS_KEYGUARD) != 0) { + if (sb.length() != 0) sb.append('|'); + sb.append("DISMISS_KEYGUARD"); + } + if (sb.length() == 0) { + sb.append('0'); + } + return sb.toString(); + } } diff --git a/services/core/java/com/android/server/trust/TrustManagerService.java b/services/core/java/com/android/server/trust/TrustManagerService.java index b38d33d..7d2fb43 100644 --- a/services/core/java/com/android/server/trust/TrustManagerService.java +++ b/services/core/java/com/android/server/trust/TrustManagerService.java @@ -179,11 +179,11 @@ public class TrustManagerService extends SystemService { private void updateTrustAll() { List<UserInfo> userInfos = mUserManager.getUsers(true /* excludeDying */); for (UserInfo userInfo : userInfos) { - updateTrust(userInfo.id, false); + updateTrust(userInfo.id, 0); } } - public void updateTrust(int userId, boolean initiatedByUser) { + public void updateTrust(int userId, int flags) { dispatchOnTrustManagedChanged(aggregateIsTrustManaged(userId), userId); boolean trusted = aggregateIsTrusted(userId); boolean changed; @@ -191,7 +191,7 @@ public class TrustManagerService extends SystemService { changed = mUserIsTrusted.get(userId) != trusted; mUserIsTrusted.put(userId, trusted); } - dispatchOnTrustChanged(trusted, userId, initiatedByUser); + dispatchOnTrustChanged(trusted, userId, flags); if (changed) { refreshDeviceLockedForUser(userId); } @@ -281,7 +281,7 @@ public class TrustManagerService extends SystemService { if (userId == UserHandle.USER_ALL) { updateTrustAll(); } else { - updateTrust(userId, false /* initiatedByUser */); + updateTrust(userId, 0); } } } @@ -394,7 +394,7 @@ public class TrustManagerService extends SystemService { } } if (trustMayHaveChanged) { - updateTrust(userId, false); + updateTrust(userId, 0); } refreshAgentList(userId); } @@ -587,11 +587,11 @@ public class TrustManagerService extends SystemService { } } - private void dispatchOnTrustChanged(boolean enabled, int userId, boolean initiatedByUser) { - if (!enabled) initiatedByUser = false; + private void dispatchOnTrustChanged(boolean enabled, int userId, int flags) { + if (!enabled) flags = 0; for (int i = 0; i < mTrustListeners.size(); i++) { try { - mTrustListeners.get(i).onTrustChanged(enabled, userId, initiatedByUser); + mTrustListeners.get(i).onTrustChanged(enabled, userId, flags); } catch (DeadObjectException e) { Slog.d(TAG, "Removing dead TrustListener."); mTrustListeners.remove(i); |