diff options
| -rw-r--r-- | services/core/java/com/android/server/biometrics/face/FaceService.java | 8 | ||||
| -rw-r--r-- | services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java | 6 |
2 files changed, 13 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/biometrics/face/FaceService.java b/services/core/java/com/android/server/biometrics/face/FaceService.java index fe762c06458a..5e4bf3308ec6 100644 --- a/services/core/java/com/android/server/biometrics/face/FaceService.java +++ b/services/core/java/com/android/server/biometrics/face/FaceService.java @@ -46,9 +46,9 @@ import android.os.RemoteException; import android.os.SELinux; import android.os.UserHandle; import android.os.UserManager; -import android.service.restricted_image.RestrictedImagesDumpProto; import android.service.restricted_image.RestrictedImageProto; import android.service.restricted_image.RestrictedImageSetProto; +import android.service.restricted_image.RestrictedImagesDumpProto; import android.util.Slog; import android.util.proto.ProtoOutputStream; @@ -383,6 +383,12 @@ public class FaceService extends BiometricServiceBase { @Override // Binder call public void resetLockout(byte[] token) { checkPermission(MANAGE_BIOMETRIC); + + if (!FaceService.this.hasEnrolledBiometrics(mCurrentUserId)) { + Slog.w(TAG, "Ignoring lockout reset, no templates enrolled"); + return; + } + try { mDaemonWrapper.resetLockout(token); } catch (RemoteException e) { diff --git a/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java b/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java index 164468e99967..3d9a47be56ea 100644 --- a/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java +++ b/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java @@ -419,6 +419,12 @@ public class FingerprintService extends BiometricServiceBase { @Override // Binder call public void resetTimeout(byte [] token) { checkPermission(RESET_FINGERPRINT_LOCKOUT); + + if (!FingerprintService.this.hasEnrolledBiometrics(mCurrentUserId)) { + Slog.w(TAG, "Ignoring lockout reset, no templates enrolled"); + return; + } + // TODO: confirm security token when we move timeout management into the HAL layer. mHandler.post(mResetFailedAttemptsForCurrentUserRunnable); } |