From 63da1c7cd5d3dbe2d7216381fb2c0b559b6635d2 Mon Sep 17 00:00:00 2001
From: Rubin Xu <rubinxu@google.com>
Date: Wed, 13 Nov 2019 15:25:42 +0000
Subject: Force a garbage collection after lockscreen verification

This is to attempt erasing any lockscreen password remnants from memory,
which is a NIAP certification requirement.

Bug: 142861621
Test: reboot device, enter lockscreen password, then use pmdump to dump
process memory for SystemUi, verify password does not exist in the dump.

Merged-In: Ifbec81a64e4c592b566f5653bd93fd7326693ec7
Change-Id: Ifbec81a64e4c592b566f5653bd93fd7326693ec7
(cherry picked from commit 20aa6cd497a6677ce8c1f80142630624fa0b1c2f)
---
 .../src/com/android/keyguard/KeyguardSecurityContainer.java    | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/packages/SystemUI/src/com/android/keyguard/KeyguardSecurityContainer.java b/packages/SystemUI/src/com/android/keyguard/KeyguardSecurityContainer.java
index ca7cd0d666ad..ace24a3b7ce1 100644
--- a/packages/SystemUI/src/com/android/keyguard/KeyguardSecurityContainer.java
+++ b/packages/SystemUI/src/com/android/keyguard/KeyguardSecurityContainer.java
@@ -44,6 +44,7 @@ import com.android.internal.logging.MetricsLogger;
 import com.android.internal.logging.nano.MetricsProto.MetricsEvent;
 import com.android.internal.widget.LockPatternUtils;
 import com.android.keyguard.KeyguardSecurityModel.SecurityMode;
+import com.android.settingslib.utils.ThreadUtils;
 import com.android.systemui.Dependency;
 import com.android.systemui.R;
 import com.android.systemui.SystemUIFactory;
@@ -615,6 +616,15 @@ public class KeyguardSecurityContainer extends FrameLayout implements KeyguardSe
                 StatsLog.write(StatsLog.KEYGUARD_BOUNCER_PASSWORD_ENTERED,
                     StatsLog.KEYGUARD_BOUNCER_PASSWORD_ENTERED__RESULT__SUCCESS);
                 mLockPatternUtils.reportSuccessfulPasswordAttempt(userId);
+                // Force a garbage collection in an attempt to erase any lockscreen password left in
+                // memory. Do it asynchronously with a 5-sec delay to avoid making the keyguard
+                // dismiss animation janky.
+                ThreadUtils.postOnBackgroundThread(() -> {
+                    try {
+                        Thread.sleep(5000);
+                    } catch (InterruptedException ignored) { }
+                    Runtime.getRuntime().gc();
+                });
             } else {
                 StatsLog.write(StatsLog.KEYGUARD_BOUNCER_PASSWORD_ENTERED,
                     StatsLog.KEYGUARD_BOUNCER_PASSWORD_ENTERED__RESULT__FAILURE);
-- 
cgit v1.2.3-59-g8ed1b