diff options
| -rw-r--r-- | core/java/com/android/internal/widget/ILockSettings.aidl | 1 | ||||
| -rw-r--r-- | services/core/java/com/android/server/locksettings/LockSettingsService.java | 53 |
2 files changed, 4 insertions, 50 deletions
diff --git a/core/java/com/android/internal/widget/ILockSettings.aidl b/core/java/com/android/internal/widget/ILockSettings.aidl index d16d9c619403..654b46164dcf 100644 --- a/core/java/com/android/internal/widget/ILockSettings.aidl +++ b/core/java/com/android/internal/widget/ILockSettings.aidl @@ -95,5 +95,4 @@ interface ILockSettings { boolean hasSecureLockScreen(); boolean tryUnlockWithCachedUnifiedChallenge(int userId); void removeCachedUnifiedChallenge(int userId); - void updateEncryptionPassword(int type, in byte[] password); } diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java index 7d5b7e535ca9..45f85edeff7e 100644 --- a/services/core/java/com/android/server/locksettings/LockSettingsService.java +++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java @@ -1761,7 +1761,10 @@ public class LockSettingsService extends ILockSettings.Stub { } private void onPostPasswordChanged(LockscreenCredential newCredential, int userHandle) { - updateEncryptionPasswordIfNeeded(newCredential, userHandle); + if (userHandle == UserHandle.USER_SYSTEM && isDeviceEncryptionEnabled() && + shouldEncryptWithCredentials() && newCredential.isNone()) { + setCredentialRequiredToDecrypt(false); + } if (newCredential.isPattern()) { setBoolean(LockPatternUtils.PATTERN_EVER_CHOSEN_KEY, true, userHandle); } @@ -1770,26 +1773,6 @@ public class LockSettingsService extends ILockSettings.Stub { } /** - * Update device encryption password if calling user is USER_SYSTEM and device supports - * encryption. - */ - private void updateEncryptionPasswordIfNeeded(LockscreenCredential credential, int userHandle) { - // Update the device encryption password. - if (userHandle != UserHandle.USER_SYSTEM || !isDeviceEncryptionEnabled()) { - return; - } - if (!shouldEncryptWithCredentials()) { - updateEncryptionPassword(StorageManager.CRYPT_TYPE_DEFAULT, null); - return; - } - if (credential.isNone()) { - // Set the encryption password to default. - setCredentialRequiredToDecrypt(false); - } - updateEncryptionPassword(credential.getStorageCryptType(), credential.getCredential()); - } - - /** * Store the hash of the *current* password in the password history list, if device policy * enforces password history requirement. */ @@ -1883,34 +1866,6 @@ public class LockSettingsService extends ILockSettings.Stub { } } - /** Update the encryption password if it is enabled **/ - @Override - public void updateEncryptionPassword(final int type, final byte[] password) { - if (!hasSecureLockScreen() && password != null && password.length != 0) { - throw new UnsupportedOperationException( - "This operation requires the lock screen feature."); - } - if (!isDeviceEncryptionEnabled()) { - return; - } - final IBinder service = ServiceManager.getService("mount"); - if (service == null) { - Slog.e(TAG, "Could not find the mount service to update the encryption password"); - return; - } - - // TODO(b/120484642): This is a location where we still use a String for vold - String passwordString = password != null ? new String(password) : null; - mHandler.post(() -> { - IStorageManager storageManager = mInjector.getStorageManager(); - try { - storageManager.changeEncryptionPassword(type, passwordString); - } catch (RemoteException e) { - Slog.e(TAG, "Error changing encryption password", e); - } - }); - } - @VisibleForTesting /** Note: this method is overridden in unit tests */ protected void tieProfileLockToParent(int userId, LockscreenCredential password) { if (DEBUG) Slog.v(TAG, "tieProfileLockToParent for user: " + userId); |