[gatekeeper] document timeout requirements

GateKeeper may throttle the user, document the return
value of calls in this case.

No code changes.

Bug:21118563
Change-Id: Idd6c392d01c22627f828d86dd219a4a1d6e81439
diff --git a/include/hardware/gatekeeper.h b/include/hardware/gatekeeper.h
index 89d96b1..ebe79b8 100644
--- a/include/hardware/gatekeeper.h
+++ b/include/hardware/gatekeeper.h
@@ -80,7 +80,12 @@
      * - enrolled_password_handle_length: pointer to the length in bytes of the buffer allocated
      *   by this function and pointed to by *enrolled_password_handle_length.
      *
-     * Returns: 0 on success or an error code less than 0 on error.
+     * Returns:
+     * - 0 on success
+     * - An error code < 0 on failure, or
+     * - A timeout value T > 0 if the call should not be re-attempted until T milliseconds
+     *   have elapsed.
+     *
      * On error, enrolled_password_handle will not be allocated.
      */
     int (*enroll)(const struct gatekeeper_device *dev, uint32_t uid,
@@ -123,7 +128,11 @@
      * - auth_token_length: on success, the length in bytes of the authentication
      *   token assigned to *auth_token will be assigned to *auth_token_length
      *
-     * Returns: 0 on success or an error code less than 0 on error
+     * Returns:
+     * - 0 on success
+     * - An error code < 0 on failure, or
+     * - A timeout value T > 0 if the call should not be re-attempted until T milliseconds
+     *   have elapsed.
      * On error, auth token will not be allocated
      */
     int (*verify)(const struct gatekeeper_device *dev, uint32_t uid, uint64_t challenge,