Expand abbreviation in constant identifier.
The abbreviation is not in common use. Also remove FBE from
documentation as it also isn't used elsewhere.
Test: Build success
Bug: 37621349
Change-Id: Icf19be5e96e71dcd45aa7cac8f58b05b6d77d02b
diff --git a/api/current.txt b/api/current.txt
index bc74a0a..cc0b94f 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -6494,7 +6494,7 @@
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_PROXY_PORT = "android.app.extra.PROVISIONING_WIFI_PROXY_PORT";
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SECURITY_TYPE = "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE";
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SSID = "android.app.extra.PROVISIONING_WIFI_SSID";
- field public static final int FLAG_EVICT_CE_KEY = 1; // 0x1
+ field public static final int FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY = 1; // 0x1
field public static final int FLAG_MANAGED_CAN_ACCESS_PARENT = 2; // 0x2
field public static final int FLAG_PARENT_CAN_ACCESS_MANAGED = 1; // 0x1
field public static final int KEYGUARD_DISABLE_FEATURES_ALL = 2147483647; // 0x7fffffff
diff --git a/api/removed.txt b/api/removed.txt
index 13bccd6..d8ee64e 100644
--- a/api/removed.txt
+++ b/api/removed.txt
@@ -18,6 +18,7 @@
method public deprecated java.lang.String getDeviceInitializerApp();
method public deprecated android.content.ComponentName getDeviceInitializerComponent();
method public void setAffiliationIds(android.content.ComponentName, java.util.List<java.lang.String>);
+ field public static final deprecated int FLAG_EVICT_CE_KEY = 1; // 0x1
}
}
diff --git a/api/system-current.txt b/api/system-current.txt
index 1d3299e..0f68e4c 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -6737,7 +6737,7 @@
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_PROXY_PORT = "android.app.extra.PROVISIONING_WIFI_PROXY_PORT";
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SECURITY_TYPE = "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE";
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SSID = "android.app.extra.PROVISIONING_WIFI_SSID";
- field public static final int FLAG_EVICT_CE_KEY = 1; // 0x1
+ field public static final int FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY = 1; // 0x1
field public static final int FLAG_MANAGED_CAN_ACCESS_PARENT = 2; // 0x2
field public static final int FLAG_PARENT_CAN_ACCESS_MANAGED = 1; // 0x1
field public static final int KEYGUARD_DISABLE_FEATURES_ALL = 2147483647; // 0x7fffffff
diff --git a/api/system-removed.txt b/api/system-removed.txt
index 2ef8690..2303686 100644
--- a/api/system-removed.txt
+++ b/api/system-removed.txt
@@ -16,6 +16,7 @@
method public deprecated android.os.UserHandle createAndInitializeUser(android.content.ComponentName, java.lang.String, java.lang.String, android.content.ComponentName, android.os.Bundle);
method public deprecated android.os.UserHandle createUser(android.content.ComponentName, java.lang.String);
method public void setAffiliationIds(android.content.ComponentName, java.util.List<java.lang.String>);
+ field public static final deprecated int FLAG_EVICT_CE_KEY = 1; // 0x1
}
}
diff --git a/api/test-current.txt b/api/test-current.txt
index df4b94a..dfe6680 100644
--- a/api/test-current.txt
+++ b/api/test-current.txt
@@ -6524,7 +6524,7 @@
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SECURITY_TYPE = "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE";
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_SSID = "android.app.extra.PROVISIONING_WIFI_SSID";
field public static final java.lang.String EXTRA_RESTRICTION = "android.app.extra.RESTRICTION";
- field public static final int FLAG_EVICT_CE_KEY = 1; // 0x1
+ field public static final int FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY = 1; // 0x1
field public static final int FLAG_MANAGED_CAN_ACCESS_PARENT = 2; // 0x2
field public static final int FLAG_PARENT_CAN_ACCESS_MANAGED = 1; // 0x1
field public static final int KEYGUARD_DISABLE_FEATURES_ALL = 2147483647; // 0x7fffffff
diff --git a/api/test-removed.txt b/api/test-removed.txt
index 13bccd6..d8ee64e 100644
--- a/api/test-removed.txt
+++ b/api/test-removed.txt
@@ -18,6 +18,7 @@
method public deprecated java.lang.String getDeviceInitializerApp();
method public deprecated android.content.ComponentName getDeviceInitializerComponent();
method public void setAffiliationIds(android.content.ComponentName, java.util.List<java.lang.String>);
+ field public static final deprecated int FLAG_EVICT_CE_KEY = 1; // 0x1
}
}
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index f5df67b..8fcabce 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -3030,17 +3030,24 @@
* keyring. The user's credential will need to be entered again in order to derive the
* credential encryption key that will be stored back in the keyring for future use.
* <p>
- * This flag can only be used by a profile owner when locking a managed profile on an FBE
- * device.
+ * This flag can only be used by a profile owner when locking a managed profile when
+ * {@link #getStorageEncryptionStatus} returns {@link #ENCRYPTION_STATUS_ACTIVE_PER_USER}.
* <p>
* In order to secure user data, the user will be stopped and restarted so apps should wait
* until they are next run to perform further actions.
*/
+ public static final int FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY = 1;
+
+ /**
+ * Instead use {@link #FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY}.
+ * @removed
+ */
+ @Deprecated
public static final int FLAG_EVICT_CE_KEY = 1;
/** @hide */
@Retention(RetentionPolicy.SOURCE)
- @IntDef(flag=true, value={FLAG_EVICT_CE_KEY})
+ @IntDef(flag=true, value={FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY})
public @interface LockNowFlag {}
/**
@@ -3072,15 +3079,17 @@
* This method can be called on the {@link DevicePolicyManager} instance returned by
* {@link #getParentProfileInstance(ComponentName)} in order to lock the parent profile.
*
- * @param flags May be 0 or {@link #FLAG_EVICT_CE_KEY}.
+ * @param flags May be 0 or {@link #FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY}.
* @throws SecurityException if the calling application does not own an active administrator
* that uses {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} or the
- * {@link #FLAG_EVICT_CE_KEY} flag is passed by an application that is not a profile
+ * {@link #FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY} flag is passed by an application
+ * that is not a profile
* owner of a managed profile.
- * @throws IllegalArgumentException if the {@link #FLAG_EVICT_CE_KEY} flag is passed when
- * locking the parent profile.
- * @throws UnsupportedOperationException if the {@link #FLAG_EVICT_CE_KEY} flag is passed on a
- * non-FBE device.
+ * @throws IllegalArgumentException if the {@link #FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY} flag is
+ * passed when locking the parent profile.
+ * @throws UnsupportedOperationException if the {@link #FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY}
+ * flag is passed when {@link #getStorageEncryptionStatus} does not return
+ * {@link #ENCRYPTION_STATUS_ACTIVE_PER_USER}.
*/
public void lockNow(@LockNowFlag int flags) {
if (mService != null) {
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 2f26f43..e60a651 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -4637,19 +4637,20 @@
final long ident = mInjector.binderClearCallingIdentity();
try {
// Evict key
- if ((flags & DevicePolicyManager.FLAG_EVICT_CE_KEY) != 0) {
- enforceManagedProfile(callingUserId, "set FLAG_EVICT_CE_KEY");
+ if ((flags & DevicePolicyManager.FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY) != 0) {
+ enforceManagedProfile(
+ callingUserId, "set FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY");
if (!isProfileOwner(admin.info.getComponent(), callingUserId)) {
- throw new SecurityException(
- "Only profile owner admins can set FLAG_EVICT_CE_KEY");
+ throw new SecurityException("Only profile owner admins can set "
+ + "FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY");
}
if (parent) {
throw new IllegalArgumentException(
- "Cannot set FLAG_EVICT_CE_KEY for the parent");
+ "Cannot set FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY for the parent");
}
if (!mInjector.storageManagerIsFileBasedEncryptionEnabled()) {
throw new UnsupportedOperationException(
- "FLAG_EVICT_CE_KEY only applies to FBE devices");
+ "FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY only applies to FBE devices");
}
mUserManager.evictCredentialEncryptionKey(callingUserId);
}