Disallow direct-boot aware activities to bypass work lock
Effectively reverting 89927b3cd96472c478a988d6c731cd09d412a043, which
allowed direct-boot aware activities in the work profile to show before
the profile was unlocked. This causes problems with key eviction
introduced in O. Specifically, many system activities (e.g.
ChooserActivity, activities in Settings, etc.) are marked direct-boot
aware, and therefore can be started while the work profile is locked
with key evicted. Currently they either bypass the keyguard when they
should not, or simply crash due to profile still being locked.
In the future, we need to create a new mechanism to allow activities
such as video calls, alarm clocks, etc. to bypass the work keyguard. It
probably involves checking for something like FLAG_SHOW_WHEN_LOCKED.
Bug: 36961785
Bug: 35708183
Bug: 30296144
Test: manual, by following the steps in the bugs quoted
Test: runtest -c com.android.server.am.ActivityManagerServiceTest frameworks-services
Change-Id: I5ccaaf963f3dd96e4abb785a10aa258b15363178
4 files changed