summaryrefslogtreecommitdiffstats
path: root/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
diff options
context:
space:
mode:
Diffstat (limited to 'services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java')
-rw-r--r--services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java31
1 files changed, 31 insertions, 0 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index cd2885b..c1a4243 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -93,6 +93,7 @@ import android.security.IKeyChainAliasCallback;
import android.security.IKeyChainService;
import android.security.KeyChain;
import android.security.KeyChain.KeyChainConnection;
+import android.security.KeyStore;
import android.service.persistentdata.PersistentDataBlockManager;
import android.text.TextUtils;
import android.util.Log;
@@ -4194,6 +4195,36 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
}
}
+ @Override
+ public boolean requireSecureKeyguard(int userHandle) {
+ if (!mHasFeature) {
+ return false;
+ }
+
+ int passwordQuality = getPasswordQuality(null, userHandle);
+ if (passwordQuality > DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
+ return true;
+ }
+
+ int encryptionStatus = getStorageEncryptionStatus(userHandle);
+ if (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE
+ || encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVATING) {
+ return true;
+ }
+
+ // Keystore.isEmpty() requires system UID
+ long token = Binder.clearCallingIdentity();
+ try {
+ if (!KeyStore.getInstance().isEmpty()) {
+ return true;
+ }
+ } finally {
+ Binder.restoreCallingIdentity(token);
+ }
+
+ return false;
+ }
+
// Returns the active device owner or null if there is no device owner.
private ActiveAdmin getDeviceOwnerAdmin() {
String deviceOwnerPackageName = getDeviceOwner();
generated by cgit v1.1 at 2024-06-08 23:30:57 +0000