From 4ab7e595a5deef72448da950f2f973bc0c90fe18 Mon Sep 17 00:00:00 2001 From: Adrian Roos Date: Wed, 13 Apr 2016 15:38:13 -0700 Subject: [PATCH] StrongAuthTracker: Don't rely on USER_PRESENT USER_PRESENT is sent via the background queue. A delay there can cause us not to recognize that the user has unlocked and prompt for the credential again, when trust or fingerprint would be sufficient. Also removes an obsolete reference to USER_PRESENT from TrustManagerService. Change-Id: Ie8d1a180170df5f0c8f9e71660504fd71eeacd99 Fixes: 27830458 --- core/java/com/android/internal/widget/ILockSettings.aidl | 1 + .../com/android/internal/widget/LockPatternUtils.java | 8 ++++++++ .../android/systemui/keyguard/KeyguardViewMediator.java | 4 +++- .../java/com/android/server/LockSettingsService.java | 9 ++++++--- .../com/android/server/trust/TrustManagerService.java | 1 - 5 files changed, 18 insertions(+), 5 deletions(-) diff --git a/core/java/com/android/internal/widget/ILockSettings.aidl b/core/java/com/android/internal/widget/ILockSettings.aidl index 21c4d12350424..b2fc2bb8c89f4 100644 --- a/core/java/com/android/internal/widget/ILockSettings.aidl +++ b/core/java/com/android/internal/widget/ILockSettings.aidl @@ -43,4 +43,5 @@ interface ILockSettings { void unregisterStrongAuthTracker(in IStrongAuthTracker tracker); void requireStrongAuth(int strongAuthReason, int userId); void systemReady(); + void userPresent(int userId); } diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java index bceeaca8e343c..d9b63296dea9e 100644 --- a/core/java/com/android/internal/widget/LockPatternUtils.java +++ b/core/java/com/android/internal/widget/LockPatternUtils.java @@ -172,6 +172,14 @@ public class LockPatternUtils { } } + public void userPresent(int userId) { + try { + getLockSettings().userPresent(userId); + } catch (RemoteException e) { + throw e.rethrowFromSystemServer(); + } + } + public static final class RequestThrottledException extends Exception { private int mTimeoutMs; public RequestThrottledException(int timeoutMs) { diff --git a/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java b/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java index f892fd6417925..1abd073e4772d 100644 --- a/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java +++ b/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java @@ -1477,12 +1477,14 @@ public class KeyguardViewMediator extends SystemUI { private void sendUserPresentBroadcast() { synchronized (this) { if (mBootCompleted) { - final UserHandle currentUser = new UserHandle(KeyguardUpdateMonitor.getCurrentUser()); + int currentUserId = KeyguardUpdateMonitor.getCurrentUser(); + final UserHandle currentUser = new UserHandle(currentUserId); final UserManager um = (UserManager) mContext.getSystemService( Context.USER_SERVICE); for (int profileId : um.getProfileIdsWithDisabled(currentUser.getIdentifier())) { mContext.sendBroadcastAsUser(USER_PRESENT_INTENT, UserHandle.of(profileId)); } + getLockPatternUtils().userPresent(currentUserId); } else { mBootSendUserPresent = true; } diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java index 4ac75cabca3b8..f2b4e5218ac3d 100644 --- a/services/core/java/com/android/server/LockSettingsService.java +++ b/services/core/java/com/android/server/LockSettingsService.java @@ -229,7 +229,6 @@ public class LockSettingsService extends ILockSettings.Stub { filter.addAction(Intent.ACTION_USER_ADDED); filter.addAction(Intent.ACTION_USER_STARTING); filter.addAction(Intent.ACTION_USER_REMOVED); - filter.addAction(Intent.ACTION_USER_PRESENT); mContext.registerReceiverAsUser(mBroadcastReceiver, UserHandle.ALL, filter, null, null); mStorage = new LockSettingsStorage(context, new LockSettingsStorage.Callback() { @@ -369,8 +368,6 @@ public class LockSettingsService extends ILockSettings.Stub { } else if (Intent.ACTION_USER_STARTING.equals(intent.getAction())) { final int userHandle = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, 0); mStorage.prefetchUser(userHandle); - } else if (Intent.ACTION_USER_PRESENT.equals(intent.getAction())) { - mStrongAuth.reportUnlock(getSendingUserId()); } else if (Intent.ACTION_USER_REMOVED.equals(intent.getAction())) { final int userHandle = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, 0); if (userHandle > 0) { @@ -1347,6 +1344,12 @@ public class LockSettingsService extends ILockSettings.Stub { mStrongAuth.requireStrongAuth(strongAuthReason, userId); } + @Override + public void userPresent(int userId) { + checkWritePermission(userId); + mStrongAuth.reportUnlock(userId); + } + private static final String[] VALID_SETTINGS = new String[] { LockPatternUtils.LOCKOUT_PERMANENT_KEY, LockPatternUtils.LOCKOUT_ATTEMPT_DEADLINE, diff --git a/services/core/java/com/android/server/trust/TrustManagerService.java b/services/core/java/com/android/server/trust/TrustManagerService.java index 984fb7627fea1..3c84fc27141cb 100644 --- a/services/core/java/com/android/server/trust/TrustManagerService.java +++ b/services/core/java/com/android/server/trust/TrustManagerService.java @@ -974,7 +974,6 @@ public class TrustManagerService extends SystemService { public void register(Context context) { IntentFilter filter = new IntentFilter(); filter.addAction(DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED); - filter.addAction(Intent.ACTION_USER_PRESENT); filter.addAction(Intent.ACTION_USER_ADDED); filter.addAction(Intent.ACTION_USER_REMOVED); context.registerReceiverAsUser(this,