commit b31912544661f0ea3d05e07a8250530660101c0b
author Pavel Grafov <pgrafov@google.com> Fri Jul 14 12:30:31 2017 +0100
committer Pavel Grafov <pgrafov@google.com> Mon Jul 24 19:00:42 2017 +0000
tree e85b6e17a47f06f4c87e1b00b531a177032ab516
parent bfa0ed51105dc3b1a65e25201ffba90a3aabf9dc

Don't attribute incorrect unified challenge attempt to profile.

If the profile uses unified challenge and we attempt to check its
password instead of parent user's password (as would be the case in
the UI), we shouldn't try report this attempt sinse the user doesn't
have a real password of its own and SecurityException will be thrown
from DPMS.reportFailedPasswordAttempt.

Test: adb shell cmd lock_settings verify --user 10 --old 12368
Bug: 63295016
Change-Id: Ieb60a064a79095be9fde12cbd6ffca8076d769c3
(cherry picked from commit 01376594b793eeb66f850408dcfb615f1bcbc9a2)

services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java

diff --git a/services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java b/services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java
index 4facbb8..3c236b4 100644
--- a/services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java
+++ b/services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java
@@ -168,7 +168,9 @@
                     result = mLockPatternUtils.checkPattern(stringToPattern(mOld), mCurrentUserId);
                 }
                 if (!result) {
-                    mLockPatternUtils.reportFailedPasswordAttempt(mCurrentUserId);
+                    if (!mLockPatternUtils.isManagedProfileWithUnifiedChallenge(mCurrentUserId)) {
+                        mLockPatternUtils.reportFailedPasswordAttempt(mCurrentUserId);
+                    }
                     getOutPrintWriter().println("Old password '" + mOld + "' didn't match");
                 }
                 return result;