commit cb4ed1bdb917cf608ce51aba882be9766e5a4b9c
author Adrian Roos <roosa@google.com> Wed Apr 12 13:03:04 2017 -0700
committer Adrian Roos <roosa@google.com> Tue Apr 18 20:50:52 2017 +0000
tree 80b85285ded97ddd10609f1f9dffbbc5e888fc43
parent 7afd4cdf82018716c9696832afa86e76a82bc1ad

Credential FRP: keep gatekeeperd credentials after reset

Gatekeeperd now delays clearing all user credentials
until the device setup is complete or we enroll a new
credential (whichever comes first).

Bug: 36814845
Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works
Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4

gatekeeperd/IGateKeeperService.h

diff --git a/gatekeeperd/IGateKeeperService.h b/gatekeeperd/IGateKeeperService.h
index f070486..2816efc 100644
--- a/gatekeeperd/IGateKeeperService.h
+++ b/gatekeeperd/IGateKeeperService.h
@@ -33,6 +33,7 @@
         VERIFY_CHALLENGE = IBinder::FIRST_CALL_TRANSACTION + 2,
         GET_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 3,
         CLEAR_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 4,
+        REPORT_DEVICE_SETUP_COMPLETE = IBinder::FIRST_CALL_TRANSACTION + 5,
     };
 
     enum {
@@ -95,6 +96,12 @@
      * Clears the secure user ID associated with the user.
      */
     virtual void clearSecureUserId(uint32_t uid) = 0;
+
+    /**
+     * Notifies gatekeeper that device setup has been completed and any potentially still existing
+     * state from before a factory reset can be cleaned up (if it has not been already).
+     */
+    virtual void reportDeviceSetupComplete() = 0;
 };
 
 // ----------------------------------------------------------------------------