Delay touching disks when secure keyguard showing. We've tried our best to protect against malicious storage devices with limited SELinux domains, but let's be even more paranoid and refuse to look at disks inserted while a secure keyguard is showing. We'll gladly scan them right away once the user confirms their credentials. Test: builds, boots, manual testing Bug: 68054513 Change-Id: I37fd6c25bbd6631fa4ba3f84e19384d746a22498

commit: 401b2603516a64d3ee7804e270c966828e6b454a [log] [tgz]
author: Jeff Sharkey <jsharkey@android.com> Thu Dec 14 22:15:20 2017 -0700
committer: Jeff Sharkey <jsharkey@android.com> Fri Dec 15 13:44:55 2017 -0700
tree: 3f3e72637a13b91fda19d2b8919453bbca6a2a94
parent: 0667b7e7ddb797a6b5dae029f3c7a50d5ca10977 [diff] [blame]
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index e8e151f..9d8b990 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp

@@ -285,6 +285,13 @@
     return translate(VolumeManager::Instance()->onUserStopped(userId));
 }
 
+binder::Status VoldNativeService::onSecureKeyguardStateChanged(bool isShowing) {
+    ENFORCE_UID(AID_SYSTEM);
+    ACQUIRE_LOCK;
+
+    return translate(VolumeManager::Instance()->onSecureKeyguardStateChanged(isShowing));
+}
+
 binder::Status VoldNativeService::partition(const std::string& diskId, int32_t partitionType,
         int32_t ratio) {
     ENFORCE_UID(AID_SYSTEM);
commit	401b2603516a64d3ee7804e270c966828e6b454a	[log] [tgz]
author	Jeff Sharkey <jsharkey@android.com>	Thu Dec 14 22:15:20 2017 -0700
committer	Jeff Sharkey <jsharkey@android.com>	Fri Dec 15 13:44:55 2017 -0700
tree	3f3e72637a13b91fda19d2b8919453bbca6a2a94
parent	0667b7e7ddb797a6b5dae029f3c7a50d5ca10977 [diff] [blame]