Kill off untrusted password reset
Time has come that we can finally ditch untrusted password reset i.e.
changing lockscreen password without providing the existing password or
an activiated password reset token. In this change, we are:
1. Preventing any DPC / legacy device admin from invoking
DPM.resetPassword(), the primary route to invoke untrusted password
reset. Depending on their target SDK level, resetPassword() will either
throw SecurityException, or fail silently.
2. Still allowing privilleged app holding RESET_PASSWORD permission to
call this API, but it's limited to setting a new passowrd on an
unsecured device.
3. Removing synthetic password caching mechanism in LockSettingsService,
whose sole purpose was to support untrusted password reset.
Bug: 137939224
Test: atest com.android.server.locksettings
Test: atest com.android.server.devicepolicy.DevicePolicyManagerTest
Change-Id: Ie3e5e277984b6fc2f1d378880363028752bad775
12 files changed