Merge "Accessibility no longer overrides strong encryption." into lmp-dev
This commit is contained in:
Svetoslav
Android (Google) Code Review
@ -1,31 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2014 The Android Open Source Project
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package android.view;
|
||||
|
||||
/**
|
||||
* Accessibility manager local system service interface.
|
||||
*
|
||||
* @hide Only for use within the system server.
|
||||
*/
|
||||
public abstract class AccessibilityManagerInternal {
|
||||
|
||||
/**
|
||||
* Queries if the accessibility manager service permits setting
|
||||
* a non-default encryption password.
|
||||
*/
|
||||
public abstract boolean isNonDefaultEncryptionPasswordAllowed();
|
||||
}
|
||||
@ -67,7 +67,6 @@ import android.util.Pools.Pool;
|
||||
import android.util.Pools.SimplePool;
|
||||
import android.util.Slog;
|
||||
import android.util.SparseArray;
|
||||
import android.view.AccessibilityManagerInternal;
|
||||
import android.view.Display;
|
||||
import android.view.IWindow;
|
||||
import android.view.InputDevice;
|
||||
@ -235,7 +234,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub {
|
||||
registerBroadcastReceivers();
|
||||
new AccessibilityContentObserver(mMainHandler).register(
|
||||
context.getContentResolver());
|
||||
LocalServices.addService(AccessibilityManagerInternal.class, new LocalService());
|
||||
}
|
||||
|
||||
private UserState getUserStateLocked(int userId) {
|
||||
@ -1331,7 +1329,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub {
|
||||
updateTouchExplorationLocked(userState);
|
||||
updateEnhancedWebAccessibilityLocked(userState);
|
||||
updateDisplayColorAdjustmentSettingsLocked(userState);
|
||||
updateEncryptionState(userState);
|
||||
scheduleUpdateInputFilter(userState);
|
||||
scheduleUpdateClientsIfNeededLocked(userState);
|
||||
}
|
||||
@ -1608,22 +1605,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub {
|
||||
DisplayAdjustmentUtils.applyAdjustments(mContext, userState.mUserId);
|
||||
}
|
||||
|
||||
private void updateEncryptionState(UserState userState) {
|
||||
if (userState.mUserId != UserHandle.USER_OWNER) {
|
||||
return;
|
||||
}
|
||||
final long identity = Binder.clearCallingIdentity();
|
||||
try {
|
||||
if (hasRunningServicesLocked(userState) && LockPatternUtils.isDeviceEncrypted()) {
|
||||
// If there are running accessibility services we do not have encryption as
|
||||
// the user needs the accessibility layer to be running to authenticate.
|
||||
mLockPatternUtils.clearEncryptionPassword();
|
||||
}
|
||||
} finally {
|
||||
Binder.restoreCallingIdentity(identity);
|
||||
}
|
||||
}
|
||||
|
||||
private boolean hasRunningServicesLocked(UserState userState) {
|
||||
return !userState.mBoundServices.isEmpty() || !userState.mBindingServices.isEmpty();
|
||||
}
|
||||
@ -3969,14 +3950,4 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private final class LocalService extends AccessibilityManagerInternal {
|
||||
@Override
|
||||
public boolean isNonDefaultEncryptionPasswordAllowed() {
|
||||
synchronized (mLock) {
|
||||
UserState userState = getCurrentUserStateLocked();
|
||||
return !hasRunningServicesLocked(userState);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -63,7 +63,6 @@ import android.util.AttributeSet;
|
||||
import android.util.Slog;
|
||||
import android.util.Xml;
|
||||
|
||||
import android.view.AccessibilityManagerInternal;
|
||||
import com.android.internal.annotations.GuardedBy;
|
||||
import com.android.internal.annotations.VisibleForTesting;
|
||||
import com.android.internal.app.IMediaContainerService;
|
||||
@ -558,8 +557,6 @@ class MountService extends IMountService.Stub
|
||||
|
||||
private final Handler mHandler;
|
||||
|
||||
private final AccessibilityManagerInternal mAccessibilityManagerInternal;
|
||||
|
||||
void waitForAsecScan() {
|
||||
waitForLatch(mAsecsScanned);
|
||||
}
|
||||
@ -1462,9 +1459,6 @@ class MountService extends IMountService.Stub
|
||||
hthread.start();
|
||||
mHandler = new MountServiceHandler(hthread.getLooper());
|
||||
|
||||
mAccessibilityManagerInternal = LocalServices.getService(
|
||||
AccessibilityManagerInternal.class);
|
||||
|
||||
// Watch for user changes
|
||||
final IntentFilter userFilter = new IntentFilter();
|
||||
userFilter.addAction(Intent.ACTION_USER_ADDED);
|
||||
@ -2263,16 +2257,8 @@ class MountService extends IMountService.Stub
|
||||
Slog.i(TAG, "changing encryption password...");
|
||||
}
|
||||
|
||||
final NativeDaemonEvent event;
|
||||
try {
|
||||
// The accessibility layer may veto having a non-default encryption
|
||||
// password because if there are enabled accessibility services the
|
||||
// user cannot authenticate as the latter need access to the data.
|
||||
if (!TextUtils.isEmpty(password)
|
||||
&& !mAccessibilityManagerInternal.isNonDefaultEncryptionPasswordAllowed()) {
|
||||
return getEncryptionState();
|
||||
}
|
||||
event = mConnector.execute("cryptfs", "changepw", CRYPTO_TYPES[type],
|
||||
NativeDaemonEvent event = mConnector.execute("cryptfs", "changepw", CRYPTO_TYPES[type],
|
||||
new SensitiveArg(toHex(password)));
|
||||
return Integer.parseInt(event.getMessage());
|
||||
} catch (NativeDaemonConnectorException e) {
|
||||
|
||||
Reference in New Issue
Block a user