From 8ae1be120806d0189f65a492004a7b5416aa6c6f Mon Sep 17 00:00:00 2001
From: Jim Miller <jaggies@google.com>
Date: Wed, 5 Aug 2015 13:03:21 -0700
Subject: [PATCH] Disable fingerprint when remotely reset by DPM

When the device is lost or stolen, it's safer to
fall back to strong authentication (pin, pattern or
password).  This disables fingerprint like we do with
trust agents.

Fixes bug 21620081

Change-Id: I7bbe54be3721b2f160b783daeb3acbe434705046
---
 .../src/com/android/keyguard/KeyguardUpdateMonitor.java    | 7 ++++++-
 .../java/com/android/server/trust/TrustManagerService.java | 6 ++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java
index c7adc986565f4..113b1f4a2b1cb 100644
--- a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java
+++ b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java
@@ -548,6 +548,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
 
     private final BroadcastReceiver mBroadcastReceiver = new BroadcastReceiver() {
 
+        @Override
         public void onReceive(Context context, Intent intent) {
             final String action = intent.getAction();
             if (DEBUG) Log.d(TAG, "received broadcast " + action);
@@ -599,6 +600,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
 
     private final BroadcastReceiver mBroadcastAllReceiver = new BroadcastReceiver() {
 
+        @Override
         public void onReceive(Context context, Intent intent) {
             final String action = intent.getAction();
             if (AlarmManager.ACTION_NEXT_ALARM_CLOCK_CHANGED.equals(action)) {
@@ -713,6 +715,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
             return new SimData(state, slotId, subId);
         }
 
+        @Override
         public String toString() {
             return "SimData{state=" + simState + ",slotId=" + slotId + ",subId=" + subId + "}";
         }
@@ -895,7 +898,9 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener {
     }
 
     private boolean shouldListenForFingerprint() {
-        return mKeyguardIsVisible && !mSwitchingUser;
+        return mKeyguardIsVisible && !mSwitchingUser &&
+                mTrustManager.hasUserAuthenticatedSinceBoot(
+                        ActivityManager.getCurrentUser());
     }
 
     private void startListeningForFingerprint() {
diff --git a/services/core/java/com/android/server/trust/TrustManagerService.java b/services/core/java/com/android/server/trust/TrustManagerService.java
index 15da8290ae407..174bf16bbbe63 100644
--- a/services/core/java/com/android/server/trust/TrustManagerService.java
+++ b/services/core/java/com/android/server/trust/TrustManagerService.java
@@ -579,8 +579,14 @@ public class TrustManagerService extends SystemService {
     private void clearUserHasAuthenticated(int userId) {
         if (userId == UserHandle.USER_ALL) {
             mUserHasAuthenticated.clear();
+            synchronized (mUserHasAuthenticatedSinceBoot) {
+                mUserHasAuthenticatedSinceBoot.clear();
+            }
         } else {
             mUserHasAuthenticated.put(userId, false);
+            synchronized (mUserHasAuthenticatedSinceBoot) {
+                mUserHasAuthenticatedSinceBoot.put(userId, false);
+            }
         }
     }