3/n: Move generateChallenge/resetLockout/revokeChallenge off critical path
1) Introduces BiometricDeferredQueue in LockSettings package to move
slow operations off of the critical unlock path.
2) Changes generateChallenge to require sensorId. Callers to
generateChallengeBlocking are currently not affected. Their path
will need to be updated in the future.
3) Adds resetLockoutRequiresHardwareAuthToken for fingerprint sensor
properties, since IBiometricsFingerprint@2.1 and its derivatives
do not require the HAT yet
Fixes: 145978626
Test: atest com.android.server.biometrics
Test: Able to enroll after entering password
Test: Reset lockout on face device with single-profile-per-user
Test: Reset lockout on face device with managed profile + unified
credential
Test: Reset lockout on face device with managed profile and separate
credential (both owner and managed profile)
Test: Reset lockout for secondary user
Change-Id: Id4d7c39274a52ef61709161b6f24ec4f5d76720e
26 files changed