Always send userId to FaceService resetLockout may take longer on some devices, causing FaceSettings setActiveUser to be overwritten. To be safe, invoke updateActiveGroup whenever user-specific functionality is invoked from the upper layers. Ideally setActiveUser + operation should be atomic. In the future perhaps we could consider changing HIDL so each method is user-aware, but for now this is the only thing we can do. Fixes: 136264301 Test: Set up work profile on device, repeatedly do the following 1) Go to settings, enroll face 2) Back out, go back in, delete face 3) Enroll face 4) Delete face, go back out Change-Id: Ic32587cd4613f2bfd71171df6b69fe6028812ca8

commit: 593e62640de791af39ce57338b75d775186b6e94 [log] [tgz]
author: Kevin Chyn <kchyn@google.com> Fri Jun 28 13:24:44 2019 -0700
committer: Kevin Chyn <kchyn@google.com> Fri Jun 28 13:27:45 2019 -0700
tree: 0861c1c2d6183f50c70b255aa55d1df6cbc48830
parent: d2310e6ce337acd5f31a9342151458422826a5d8 [diff] [blame]
diff --git a/services/core/java/com/android/server/biometrics/face/FaceService.java b/services/core/java/com/android/server/biometrics/face/FaceService.java
index def7f75..72bac74 100644
--- a/services/core/java/com/android/server/biometrics/face/FaceService.java
+++ b/services/core/java/com/android/server/biometrics/face/FaceService.java

@@ -346,10 +346,11 @@
         }
 
         @Override // Binder call
-        public void enroll(final IBinder token, final byte[] cryptoToken,
+        public void enroll(int userId, final IBinder token, final byte[] cryptoToken,
                 final IFaceServiceReceiver receiver, final String opPackageName,
                 final int[] disabledFeatures) {
             checkPermission(MANAGE_BIOMETRIC);
+            updateActiveGroup(userId, opPackageName);
 
             mNotificationManager.cancelAsUser(NOTIFICATION_TAG, NOTIFICATION_ID,
                     UserHandle.CURRENT);
@@ -448,8 +449,9 @@
 
         @Override // Binder call
         public void remove(final IBinder token, final int faceId, final int userId,
-                final IFaceServiceReceiver receiver) {
+                final IFaceServiceReceiver receiver, final String opPackageName) {
             checkPermission(MANAGE_BIOMETRIC);
+            updateActiveGroup(userId, opPackageName);
 
             if (token == null) {
                 Slog.w(TAG, "remove(): token is null");
@@ -612,9 +614,10 @@
         }
 
         @Override
-        public void setFeature(int feature, boolean enabled, final byte[] token,
-                IFaceServiceReceiver receiver) {
+        public void setFeature(int userId, int feature, boolean enabled, final byte[] token,
+                IFaceServiceReceiver receiver, final String opPackageName) {
             checkPermission(MANAGE_BIOMETRIC);
+            updateActiveGroup(userId, opPackageName);
 
             mHandler.post(() -> {
                 if (!FaceService.this.hasEnrolledBiometrics(mCurrentUserId)) {
@@ -644,8 +647,10 @@
         }
 
         @Override
-        public void getFeature(int feature, IFaceServiceReceiver receiver) {
+        public void getFeature(int userId, int feature, IFaceServiceReceiver receiver,
+                final String opPackageName) {
             checkPermission(MANAGE_BIOMETRIC);
+            updateActiveGroup(userId, opPackageName);
 
             mHandler.post(() -> {
                 // This should ideally return tri-state, but the user isn't shown settings unless
commit	593e62640de791af39ce57338b75d775186b6e94	[log] [tgz]
author	Kevin Chyn <kchyn@google.com>	Fri Jun 28 13:24:44 2019 -0700
committer	Kevin Chyn <kchyn@google.com>	Fri Jun 28 13:27:45 2019 -0700
tree	0861c1c2d6183f50c70b255aa55d1df6cbc48830
parent	d2310e6ce337acd5f31a9342151458422826a5d8 [diff] [blame]