From 002031a5405fda9ea2b38fe30aa02d839105d297 Mon Sep 17 00:00:00 2001
From: Daniel Yu <dsyu@google.com>
Date: Wed, 13 Jul 2016 12:12:59 -0700
Subject: [PATCH] docs: Adding update for
 DevicePolicyManager.getStorageEncryptionStatus() and Direct Boot for DP5

getStorageEncryptionStatus() now returns new
ENCRYPTION_STATUS_ACTIVE_PER_USER if the device is not
using direct boot (and the not-new ENCRYPTION_STATUS_ACTIVE
is returned if direct boot is used)

Bug: 30112425
Change-Id: I27c11b2afe2afd9a19c9f8268f486b09af22e6ac
---
 docs/html/preview/features/direct-boot.jd | 32 +++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/docs/html/preview/features/direct-boot.jd b/docs/html/preview/features/direct-boot.jd
index 8351f4b4b10fe..60f6141856e18 100644
--- a/docs/html/preview/features/direct-boot.jd
+++ b/docs/html/preview/features/direct-boot.jd
@@ -14,6 +14,7 @@ page.image=images/cards/card-nyc_2x.jpg
     <li><a href="#notification">Getting Notified of User Unlock</a></li>
     <li><a href="#migrating">Migrating Existing Data</a></li>
     <li><a href="#testing">Testing Your Encryption Aware App</a></li>
+    <li><a href="#dpm">Checking Device Policy Encryption Status</a></li>
   </ol>
 </div>
 </div>
@@ -186,3 +187,34 @@ $ adb shell sm set-emulate-fbe false
 </pre>
 
 <p>Using these commands causes the device to reboot.</p>
+
+<h2 id="dpm">Checking Device Policy Encryption Status</h2>
+
+<p>Device administration apps can use
+{@link android.app.admin.DevicePolicyManager#getStorageEncryptionStatus
+DevicePolicyManager.getStorageEncryptionStatus()} to check the current
+encryption status of the device. If your app is targeting an API level
+lower than Android N,
+{@link android.app.admin.DevicePolicyManager#getStorageEncryptionStatus
+getStorageEncryptionStatus()} will return
+{@link android.app.admin.DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE
+ENCRYPTION_STATUS_ACTIVE} if the device is either using full-disk encryption,
+or file-based encryption with Direct Boot. In both of these cases, data is
+always stored encrypted at rest. If your app is targeting an API level of
+Android N or higher,
+{@link android.app.admin.DevicePolicyManager#getStorageEncryptionStatus
+getStorageEncryptionStatus()} will return
+{@link android.app.admin.DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE
+ENCRYPTION_STATUS_ACTIVE} if the device is using full-disk encryption. It will
+return
+{@link android.app.admin.DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE_PER_USER
+ENCRYPTION_STATUS_ACTIVE_PER_USER} if the device is using file-based encryption
+with Direct Boot.</p>
+
+<p>If you build a device administration app
+that targets Android N, make sure to check for both
+{@link android.app.admin.DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE
+ENCRYPTION_STATUS_ACTIVE} and
+{@link android.app.admin.DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE_PER_USER
+ENCRYPTION_STATUS_ACTIVE_PER_USER} to determine if the device is
+encrypted.</p>