diff options
| author | 2017-01-12 13:46:05 +0000 | |
|---|---|---|
| committer | 2017-01-12 13:46:09 +0000 | |
| commit | 3e17ea13c14eb8d2b6afffaa110d86f2cede8670 (patch) | |
| tree | 6a1768aba442144d97956f03835898e617f8363a | |
| parent | a5db0b90d9bad9389c4149153f32673eb24a6cd6 (diff) | |
| parent | 2df5919faadc172d71fbb1a20d1f13667a1981af (diff) | |
Merge "[DPM] Allow lower strong auth timeout on debuggable builds"
| -rw-r--r-- | services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 46edf4345e21..cfd2bed7574b 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -4360,8 +4360,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { Preconditions.checkArgument(timeoutMs >= 0, "Timeout must not be a negative number."); // timeoutMs with value 0 means that the admin doesn't participate // timeoutMs is clamped to the interval in case the internal constants change in the future - if (timeoutMs != 0 && timeoutMs < MINIMUM_STRONG_AUTH_TIMEOUT_MS) { - timeoutMs = MINIMUM_STRONG_AUTH_TIMEOUT_MS; + final long minimumStrongAuthTimeout = getMinimumStrongAuthTimeoutMs(); + if (timeoutMs != 0 && timeoutMs < minimumStrongAuthTimeout) { + timeoutMs = minimumStrongAuthTimeout; } if (timeoutMs > DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS) { timeoutMs = DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS; @@ -4405,10 +4406,21 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { strongAuthUnlockTimeout = Math.min(timeout, strongAuthUnlockTimeout); } } - return Math.max(strongAuthUnlockTimeout, MINIMUM_STRONG_AUTH_TIMEOUT_MS); + return Math.max(strongAuthUnlockTimeout, getMinimumStrongAuthTimeoutMs()); } } + private long getMinimumStrongAuthTimeoutMs() { + if (!mInjector.isBuildDebuggable()) { + return MINIMUM_STRONG_AUTH_TIMEOUT_MS; + } + // ideally the property was named persist.sys.min_strong_auth_timeout, but system property + // name cannot be longer than 31 characters + return Math.min(mInjector.systemPropertiesGetLong("persist.sys.min_str_auth_timeo", + MINIMUM_STRONG_AUTH_TIMEOUT_MS), + MINIMUM_STRONG_AUTH_TIMEOUT_MS); + } + @Override public void lockNow(int flags, boolean parent) { if (!mHasFeature) { |