diff options
| author | Rubin Xu <rubinxu@google.com> | 2019-08-23 13:34:25 +0100 |
|---|---|---|
| committer | Rubin Xu <rubinxu@google.com> | 2019-09-25 10:30:57 +0100 |
| commit | 0f1e56de1f7daf984f174616c66fb19eaed2b4e5 (patch) | |
| tree | a3acaad2337557885463e31ce8f958158d9c35b0 /core/java/android/os/UserManagerInternal.java | |
| parent | 5172c8708e58a7f801c88e17a625f25a649eb0d4 (diff) | |
Stop LockSettingsService from calling DevicePolicyManager directly
This is a violation of layering (LSS is considered a lower level
component than DPM) and source of deadlock due to lock inversion.
This change tries to remove most of the direct calls into DPM from
LSS. After this, there will only be a handful non-critical invocations
remaining:
1. DPM.reportPasswordChanged()
This is always called on a handler thread so it's OK (LSS does not
hold any hold while calling out). Consider this as a (asynchronous)
broadcast.
2. DPMi.reportSeparateProfileChallengeChanged()
This is now moved to the handler thread, similar to
DPM.reportPasswordChanged().
3. DPMi.canUserHaveUntrustedCredentialReset()
This is still a violation but it will soon be removed as we
remove the caching of syhnthetic password alltogether (deprecating
old resetPassword()). So I'll leave it for now.
Test: atest com.android.server.locksettings
Test: atest com.android.server.devicepolicy.DevicePolicyManagerTest
Test: atest MixedManagedProfileOwnerTest#testResetPasswordWithToken
Test: atest MixedDeviceOwnerTest#testResetPasswordWithToken
Bug: 37090873
Bug: 141537958
Change-Id: Ie44cb418ab255bd016c5dd448674beabd362b74c
Diffstat (limited to 'core/java/android/os/UserManagerInternal.java')
| -rw-r--r-- | core/java/android/os/UserManagerInternal.java | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/core/java/android/os/UserManagerInternal.java b/core/java/android/os/UserManagerInternal.java index a5b71f64668d..59fb3d9fcdad 100644 --- a/core/java/android/os/UserManagerInternal.java +++ b/core/java/android/os/UserManagerInternal.java @@ -86,12 +86,22 @@ public abstract class UserManagerInternal { public abstract void setDeviceManaged(boolean isManaged); /** + * Returns whether the device is managed by device owner. + */ + public abstract boolean isDeviceManaged(); + + /** * Called by {@link com.android.server.devicepolicy.DevicePolicyManagerService} to update * whether the user is managed by profile owner. */ public abstract void setUserManaged(int userId, boolean isManaged); /** + * whether a profile owner manages this user. + */ + public abstract boolean isUserManaged(int userId); + + /** * Called by {@link com.android.server.devicepolicy.DevicePolicyManagerService} to omit * restriction check, because DevicePolicyManager must always be able to set user icon * regardless of any restriction. |