diff options
| author | 2019-07-26 12:41:33 -0700 | |
|---|---|---|
| committer | 2019-07-26 13:10:47 -0700 | |
| commit | 27f9231e496a725b4752b59f0bb66b7632fe5643 (patch) | |
| tree | 262924b52b6ce163a0e701ac56715a8f40d9572f | |
| parent | 5818412305a0c2fbaa399874ca00d479dd20d135 (diff) | |
Do not use canAuthenticate() to check if user can reset lockout
canAuthenticate() is meant for apps so it will reflect the
FACE_UNLOCK_APP_ENABLED setting. If disabled, resetLockout will not be
run for that user.
Fixes: 138269776
Test: Disable unlocking for apps, get locked out, enter password.
Lockout is reset now.
Change-Id: I5d7bf3abbac7c8982595d5733464a887ab5184ab
4 files changed, 40 insertions, 1 deletions
diff --git a/core/java/android/hardware/biometrics/BiometricManager.java b/core/java/android/hardware/biometrics/BiometricManager.java index af66dc161343..d8110f33d723 100644 --- a/core/java/android/hardware/biometrics/BiometricManager.java +++ b/core/java/android/hardware/biometrics/BiometricManager.java @@ -129,6 +129,25 @@ public class BiometricManager { } /** + * @hide + * @param userId + * @return + */ + @RequiresPermission(USE_BIOMETRIC_INTERNAL) + public boolean hasEnrolledBiometrics(int userId) { + if (mService != null) { + try { + return mService.hasEnrolledBiometrics(userId); + } catch (RemoteException e) { + Slog.w(TAG, "Remote exception in hasEnrolledBiometrics(): " + e); + return false; + } + } else { + return false; + } + } + + /** * Listens for changes to biometric eligibility on keyguard from user settings. * @param callback * @hide diff --git a/core/java/android/hardware/biometrics/IBiometricService.aidl b/core/java/android/hardware/biometrics/IBiometricService.aidl index 18c14cb835a8..f0a0b2f0235f 100644 --- a/core/java/android/hardware/biometrics/IBiometricService.aidl +++ b/core/java/android/hardware/biometrics/IBiometricService.aidl @@ -42,6 +42,9 @@ interface IBiometricService { // Checks if biometrics can be used. int canAuthenticate(String opPackageName, int userId); + // Checks if any biometrics are enrolled. + boolean hasEnrolledBiometrics(int userId); + // Register callback for when keyguard biometric eligibility changes. void registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback); diff --git a/services/core/java/com/android/server/biometrics/BiometricService.java b/services/core/java/com/android/server/biometrics/BiometricService.java index bd3cd5439b32..af2f24f959b4 100644 --- a/services/core/java/com/android/server/biometrics/BiometricService.java +++ b/services/core/java/com/android/server/biometrics/BiometricService.java @@ -789,6 +789,23 @@ public class BiometricService extends SystemService { return error; } + @Override + public boolean hasEnrolledBiometrics(int userId) { + checkInternalPermission(); + + final long ident = Binder.clearCallingIdentity(); + try { + for (int i = 0; i < mAuthenticators.size(); i++) { + if (mAuthenticators.get(i).mAuthenticator.hasEnrolledTemplates(userId)) { + return true; + } + } + } finally { + Binder.restoreCallingIdentity(ident); + } + return false; + } + @Override // Binder call public void registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback) throws RemoteException { diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java index 433ce811c8d7..9510db09aa25 100644 --- a/services/core/java/com/android/server/locksettings/LockSettingsService.java +++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java @@ -446,7 +446,7 @@ public class LockSettingsService extends ILockSettings.Stub { public boolean hasEnrolledBiometrics(int userId) { BiometricManager bm = mContext.getSystemService(BiometricManager.class); - return bm.canAuthenticate(userId) == BiometricManager.BIOMETRIC_SUCCESS; + return bm.hasEnrolledBiometrics(userId); } public int binderGetCallingUid() { |