diff options
Diffstat (limited to 'core/java/android')
| -rw-r--r-- | core/java/android/app/admin/DevicePolicyManager.java | 28 | ||||
| -rw-r--r-- | core/java/android/app/admin/IDevicePolicyManager.aidl | 3 | ||||
| -rw-r--r-- | core/java/android/auditing/SecurityLog.java | 30 | ||||
| -rw-r--r-- | core/java/android/auditing/SecurityLogTags.logtags | 13 |
4 files changed, 56 insertions, 18 deletions
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index fef2a0e60806..a3c615db7eb3 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -2973,6 +2973,34 @@ public class DevicePolicyManager { } /** + * Should be called when keyguard has been dismissed. + * @hide + */ + public void reportKeyguardDismissed() { + if (mService != null) { + try { + mService.reportKeyguardDismissed(); + } catch (RemoteException e) { + Log.w(TAG, REMOTE_EXCEPTION_MESSAGE, e); + } + } + } + + /** + * Should be called when keyguard view has been shown to the user. + * @hide + */ + public void reportKeyguardSecured() { + if (mService != null) { + try { + mService.reportKeyguardSecured(); + } catch (RemoteException e) { + Log.w(TAG, REMOTE_EXCEPTION_MESSAGE, e); + } + } + } + + /** * @hide * Sets the given package as the device owner. * Same as {@link #setDeviceOwner(ComponentName, String)} but without setting a device owner name. diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl index 20d4a299d826..6333013612db 100644 --- a/core/java/android/app/admin/IDevicePolicyManager.aidl +++ b/core/java/android/app/admin/IDevicePolicyManager.aidl @@ -116,6 +116,9 @@ interface IDevicePolicyManager { void reportFailedPasswordAttempt(int userHandle); void reportSuccessfulPasswordAttempt(int userHandle); + void reportKeyguardDismissed(); + void reportKeyguardSecured(); + boolean setDeviceOwner(in ComponentName who, String ownerName, int userId); ComponentName getDeviceOwnerComponent(boolean callingUserOnly); String getDeviceOwnerName(); diff --git a/core/java/android/auditing/SecurityLog.java b/core/java/android/auditing/SecurityLog.java index 87dc1d85cd06..8d8d2f59c677 100644 --- a/core/java/android/auditing/SecurityLog.java +++ b/core/java/android/auditing/SecurityLog.java @@ -34,7 +34,8 @@ public class SecurityLog { /** @hide */ @Retention(RetentionPolicy.SOURCE) @IntDef({TAG_ADB_SHELL_INTERACTIVE, TAG_ADB_SHELL_CMD, TAG_SYNC_RECV_FILE, TAG_SYNC_SEND_FILE, - TAG_APP_PROCESS_START, TAG_DEVICE_UNLOCK_ATTEMPT, TAG_DEVICE_LOCKED}) + TAG_APP_PROCESS_START, TAG_KEYGUARD_DISMISSED, TAG_KEYGUARD_DISMISS_AUTH_ATTEMPT, + TAG_KEYGUARD_SECURED}) public @interface SECURITY_LOG_TAG {} /** @@ -68,21 +69,24 @@ public class SecurityLog { * seinfo tag (String), SHA-256 hash of the APK in hexadecimal (String) */ public static final int TAG_APP_PROCESS_START = SecurityLogTags.SECURITY_APP_PROCESS_START; - /** - * Indicate that there has been an attempt to unlock the device. The log entry contains the - * following information about the attempt in order, accessible via - * {@link SecurityEvent#getData()}}: unlock result (integer, 1 for successful unlock, 0 for - * unsuccessful), unlock method (String) + * Indicate that keyguard is being dismissed. + * There is no extra payload in the log event. */ - public static final int TAG_DEVICE_UNLOCK_ATTEMPT = - SecurityLogTags.SECURITY_DEVICE_UNLOCK_ATTEMPT; - + public static final int TAG_KEYGUARD_DISMISSED = + SecurityLogTags.SECURITY_KEYGUARD_DISMISSED; + /** + * Indicate that there has been an authentication attempt to dismiss the keyguard. The log entry + * contains the attempt result (integer, 1 for successful, 0 for unsuccessful), accessible via + * {@link SecurityEvent#getData()}} + */ + public static final int TAG_KEYGUARD_DISMISS_AUTH_ATTEMPT = + SecurityLogTags.SECURITY_KEYGUARD_DISMISS_AUTH_ATTEMPT; /** * Indicate that the device has been locked, either by user or by timeout. + * There is no extra payload in the log event. */ - public static final int TAG_DEVICE_LOCKED = SecurityLogTags.SECURITY_DEVICE_LOCKED; - + public static final int TAG_KEYGUARD_SECURED = SecurityLogTags.SECURITY_KEYGUARD_SECURED; /** * Returns if device logging is enabled. Log producers should only write new logs if this is @@ -128,7 +132,9 @@ public class SecurityLog { * Returns the tag of this log entry, which specifies entry's semantics. * Could be one of {@link SecurityLog#TAG_SYNC_RECV_FILE}, * {@link SecurityLog#TAG_SYNC_SEND_FILE}, {@link SecurityLog#TAG_ADB_SHELL_CMD}, - * {@link SecurityLog#TAG_ADB_SHELL_INTERACTIVE}, {@link SecurityLog#TAG_APP_PROCESS_START}. + * {@link SecurityLog#TAG_ADB_SHELL_INTERACTIVE}, {@link SecurityLog#TAG_APP_PROCESS_START}, + * {@link SecurityLog#TAG_KEYGUARD_DISMISSED}, {@link SecurityLog#TAG_KEYGUARD_SECURED}, + * {@link SecurityLog#TAG_KEYGUARD_DISMISS_AUTH_ATTEMPT}. */ public @SECURITY_LOG_TAG int getTag() { return mEvent.getTag(); diff --git a/core/java/android/auditing/SecurityLogTags.logtags b/core/java/android/auditing/SecurityLogTags.logtags index 455acff3048e..cf858940058b 100644 --- a/core/java/android/auditing/SecurityLogTags.logtags +++ b/core/java/android/auditing/SecurityLogTags.logtags @@ -3,9 +3,10 @@ option java_package android.auditing 210001 security_adb_shell_interactive -210002 security_adb_shell_command (command|3) -210003 security_adb_sync_recv (path|3) -210004 security_adb_sync_send (path|3) -210005 security_app_process_start (process|3),(start_time|2|3),(uid|1),(pid|1),(seinfo|3),(sha256|3) -210006 security_device_unlock_attempt (success|1),(method|3) -210007 security_device_locked
\ No newline at end of file +210002 security_adb_shell_command (command|3) +210003 security_adb_sync_recv (path|3) +210004 security_adb_sync_send (path|3) +210005 security_app_process_start (process|3),(start_time|2|3),(uid|1),(pid|1),(seinfo|3),(sha256|3) +210006 security_keyguard_dismissed +210007 security_keyguard_dismiss_auth_attempt (success|1) +210008 security_keyguard_secured |