* commit 'a4e0fca089747acb31343428b9bfbbd6224ef93d': Remove FRP wipe support for device initializers
This commit is contained in:
Craig Lafayette
@@ -5852,7 +5852,6 @@ package android.app.admin {
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED = "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_LOCALE = "android.app.extra.PROVISIONING_LOCALE";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_LOCAL_TIME = "android.app.extra.PROVISIONING_LOCAL_TIME";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS = "android.app.extra.PROVISIONING_RESET_PROTECTION_PARAMETERS";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_SKIP_ENCRYPTION = "android.app.extra.PROVISIONING_SKIP_ENCRYPTION";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_TIME_ZONE = "android.app.extra.PROVISIONING_TIME_ZONE";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_HIDDEN = "android.app.extra.PROVISIONING_WIFI_HIDDEN";
|
||||
|
||||
@@ -5969,7 +5969,6 @@ package android.app.admin {
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED = "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_LOCALE = "android.app.extra.PROVISIONING_LOCALE";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_LOCAL_TIME = "android.app.extra.PROVISIONING_LOCAL_TIME";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS = "android.app.extra.PROVISIONING_RESET_PROTECTION_PARAMETERS";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_SKIP_ENCRYPTION = "android.app.extra.PROVISIONING_SKIP_ENCRYPTION";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_TIME_ZONE = "android.app.extra.PROVISIONING_TIME_ZONE";
|
||||
field public static final java.lang.String EXTRA_PROVISIONING_WIFI_HIDDEN = "android.app.extra.PROVISIONING_WIFI_HIDDEN";
|
||||
@@ -30918,7 +30917,6 @@ package android.service.persistentdata {
|
||||
method public abstract byte[] read() throws android.os.RemoteException;
|
||||
method public abstract void setOemUnlockEnabled(boolean) throws android.os.RemoteException;
|
||||
method public abstract void wipe() throws android.os.RemoteException;
|
||||
method public abstract void wipeIfAllowed(android.os.Bundle, android.app.PendingIntent) throws android.os.RemoteException;
|
||||
method public abstract int write(byte[]) throws android.os.RemoteException;
|
||||
}
|
||||
|
||||
@@ -30930,14 +30928,7 @@ package android.service.persistentdata {
|
||||
method public byte[] read();
|
||||
method public void setOemUnlockEnabled(boolean);
|
||||
method public void wipe();
|
||||
method public void wipeIfAllowed(android.os.Bundle, android.app.PendingIntent);
|
||||
method public int write(byte[]);
|
||||
field public static final java.lang.String ACTION_WIPE_IF_ALLOWED = "android.service.persistentdata.action.WIPE_IF_ALLOWED";
|
||||
field public static final java.lang.String EXTRA_WIPE_IF_ALLOWED_CALLBACK = "android.service.persistentdata.extra.WIPE_IF_ALLOWED_CALLBACK";
|
||||
field public static final int STATUS_ERROR_NETWORK_ERROR = 2; // 0x2
|
||||
field public static final int STATUS_ERROR_NOT_COMPLIANT = 3; // 0x3
|
||||
field public static final int STATUS_ERROR_REMOTE_EXCEPTION = 1; // 0x1
|
||||
field public static final int STATUS_SUCCESS = 0; // 0x0
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -551,19 +551,6 @@ public class DevicePolicyManager {
|
||||
public static final String EXTRA_PROVISIONING_DEVICE_INITIALIZER_SIGNATURE_CHECKSUM
|
||||
= "android.app.extra.PROVISIONING_DEVICE_INITIALIZER_SIGNATURE_CHECKSUM";
|
||||
|
||||
/**
|
||||
* A {@link android.os.Parcelable} extra of type {@link android.os.PersistableBundle} that
|
||||
* holds data needed by the system to wipe factory reset protection. The data needed to wipe
|
||||
* the device depend on the installed factory reset protection implementation. For example,
|
||||
* if an account is needed to unlock a device, this extra may contain data used to
|
||||
* authenticate that account.
|
||||
*
|
||||
* <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC_V2} that starts device owner
|
||||
* provisioning via an NFC bump.
|
||||
*/
|
||||
public static final String EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS
|
||||
= "android.app.extra.PROVISIONING_RESET_PROTECTION_PARAMETERS";
|
||||
|
||||
/**
|
||||
* This MIME type is used for starting the Device Owner provisioning that does not require
|
||||
* provisioning features introduced in Android API level
|
||||
|
||||
@@ -16,8 +16,6 @@
|
||||
|
||||
package android.service.persistentdata;
|
||||
|
||||
import android.app.PendingIntent;
|
||||
import android.os.Bundle;
|
||||
import android.os.ParcelFileDescriptor;
|
||||
|
||||
/**
|
||||
@@ -32,7 +30,6 @@ interface IPersistentDataBlockService {
|
||||
int write(in byte[] data);
|
||||
byte[] read();
|
||||
void wipe();
|
||||
void wipeIfAllowed(in Bundle bundle, in PendingIntent pi);
|
||||
int getDataBlockSize();
|
||||
long getMaximumDataBlockSize();
|
||||
|
||||
|
||||
@@ -17,8 +17,6 @@
|
||||
package android.service.persistentdata;
|
||||
|
||||
import android.annotation.SystemApi;
|
||||
import android.app.PendingIntent;
|
||||
import android.os.Bundle;
|
||||
import android.os.RemoteException;
|
||||
import android.util.Slog;
|
||||
|
||||
@@ -43,56 +41,6 @@ import android.util.Slog;
|
||||
@SystemApi
|
||||
public class PersistentDataBlockManager {
|
||||
private static final String TAG = PersistentDataBlockManager.class.getSimpleName();
|
||||
|
||||
/**
|
||||
* Broadcast action that will be called when the {@link #wipeIfAllowed(Bundle,PendingIntent)}
|
||||
* method is called. A broadcast with this action will be sent to the package allowed to write
|
||||
* to the persistent data block. Packages receiving this broadcasts should respond by using the
|
||||
* {@link android.app.PendingIntent} sent in the {@link #EXTRA_WIPE_IF_ALLOWED_CALLBACK} extra.
|
||||
*/
|
||||
public static final String ACTION_WIPE_IF_ALLOWED
|
||||
= "android.service.persistentdata.action.WIPE_IF_ALLOWED";
|
||||
|
||||
/**
|
||||
* A {@link android.os.Parcelable} extra of type {@link android.app.PendingIntent} used to
|
||||
* response to {@link #wipeIfAllowed(Bundle,PendingIntent)}. This extra will set in broadcasts
|
||||
* with an action of {@link #ACTION_WIPE_IF_ALLOWED}.
|
||||
*/
|
||||
public static final String EXTRA_WIPE_IF_ALLOWED_CALLBACK
|
||||
= "android.service.persistentdata.extra.WIPE_IF_ALLOWED_CALLBACK";
|
||||
|
||||
/**
|
||||
* Result code indicating that the data block was wiped.
|
||||
*
|
||||
* <p>This value is set as result code of the {@link android.app.PendingIntent} argument to
|
||||
* {@link #wipeIfAllowed(Bundle,PendingIntent)}
|
||||
*/
|
||||
public static final int STATUS_SUCCESS = 0;
|
||||
|
||||
/**
|
||||
* Result code indicating that a remote exception was received while processing the request.
|
||||
*
|
||||
* <p>This value is set as result code of the {@link android.app.PendingIntent} argument to
|
||||
* {@link #wipeIfAllowed(Bundle,PendingIntent)}
|
||||
*/
|
||||
public static final int STATUS_ERROR_REMOTE_EXCEPTION = 1;
|
||||
|
||||
/**
|
||||
* Result code indicating that a network error occurred while processing the request.
|
||||
*
|
||||
* <p>This value is set as result code of the {@link android.app.PendingIntent} argument to
|
||||
* {@link #wipeIfAllowed(Bundle,PendingIntent)}
|
||||
*/
|
||||
public static final int STATUS_ERROR_NETWORK_ERROR = 2;
|
||||
|
||||
/**
|
||||
* Result code indicating that the data block could not be cleared with the provided data.
|
||||
*
|
||||
* <p>This value is set as result code of the {@link android.app.PendingIntent} argument to
|
||||
* {@link #wipeIfAllowed(Bundle,PendingIntent)}
|
||||
*/
|
||||
public static final int STATUS_ERROR_NOT_COMPLIANT = 3;
|
||||
|
||||
private IPersistentDataBlockService sService;
|
||||
|
||||
public PersistentDataBlockManager(IPersistentDataBlockService service) {
|
||||
@@ -169,28 +117,6 @@ public class PersistentDataBlockManager {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Attempt to wipe the data block by sending a broadcast to the package allowed to modify the
|
||||
* datablock. The allowed package can refuse to wipe the data block based on the contents of
|
||||
* the specified bundle. This bundle may contain data used by the allowed package to wipe the
|
||||
* partition such as account credentials or an authorization token.
|
||||
* @param bundle data used to wipe the data block. The contents of this bundle depend on the
|
||||
* allowed package receiving the data.
|
||||
* @param pi intent called when attempt finished. The result code of this intent will be set
|
||||
* to one of {@link #STATUS_SUCCESS}, {@link #STATUS_ERROR_REMOTE_EXCEPTION},
|
||||
* {@link #STATUS_ERROR_NETWORK_ERROR}, or {@link #STATUS_ERROR_NOT_COMPLIANT}.
|
||||
*/
|
||||
public void wipeIfAllowed(Bundle bundle, PendingIntent pi) {
|
||||
if (pi == null) {
|
||||
throw new NullPointerException();
|
||||
}
|
||||
try {
|
||||
sService.wipeIfAllowed(bundle, pi);
|
||||
} catch (RemoteException e) {
|
||||
onError("wiping persistent partition");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Writes a byte enabling or disabling the ability to "OEM unlock" the device.
|
||||
*/
|
||||
|
||||
@@ -316,8 +316,6 @@
|
||||
<protected-broadcast android:name="android.intent.action.ACTION_SET_RADIO_CAPABILITY_FAILED" />
|
||||
|
||||
<protected-broadcast android:name="android.internal.policy.action.BURN_IN_PROTECTION" />
|
||||
<protected-broadcast android:name="android.service.persistentdata.action.WIPE_IF_ALLOWED" />
|
||||
|
||||
<protected-broadcast android:name="android.app.action.SYSTEM_UPDATE_POLICY_CHANGED" />
|
||||
<!-- ====================================================================== -->
|
||||
<!-- RUNTIME PERMISSIONS -->
|
||||
|
||||
@@ -18,18 +18,14 @@ package com.android.server;
|
||||
|
||||
import android.Manifest;
|
||||
import android.app.ActivityManager;
|
||||
import android.app.PendingIntent;
|
||||
import android.content.Context;
|
||||
import android.content.Intent;
|
||||
import android.content.pm.PackageManager;
|
||||
import android.os.Binder;
|
||||
import android.os.Bundle;
|
||||
import android.os.IBinder;
|
||||
import android.os.RemoteException;
|
||||
import android.os.SystemProperties;
|
||||
import android.os.UserHandle;
|
||||
import android.service.persistentdata.IPersistentDataBlockService;
|
||||
import android.service.persistentdata.PersistentDataBlockManager;
|
||||
import android.util.Slog;
|
||||
|
||||
import com.android.internal.R;
|
||||
@@ -431,29 +427,6 @@ public class PersistentDataBlockService extends SystemService {
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void wipeIfAllowed(Bundle bundle, PendingIntent pi) {
|
||||
// Should only be called by owner
|
||||
if (UserHandle.getCallingUserId() != UserHandle.USER_OWNER) {
|
||||
throw new SecurityException("Only the Owner is allowed to wipe");
|
||||
}
|
||||
// Caller must be able to query the the state of the PersistentDataBlock
|
||||
enforcePersistentDataBlockAccess();
|
||||
String allowedPackage = mContext.getResources()
|
||||
.getString(R.string.config_persistentDataPackageName);
|
||||
Intent intent = new Intent();
|
||||
intent.setPackage(allowedPackage);
|
||||
intent.setAction(PersistentDataBlockManager.ACTION_WIPE_IF_ALLOWED);
|
||||
intent.putExtras(bundle);
|
||||
intent.putExtra(PersistentDataBlockManager.EXTRA_WIPE_IF_ALLOWED_CALLBACK, pi);
|
||||
long id = Binder.clearCallingIdentity();
|
||||
try {
|
||||
mContext.sendBroadcastAsUser(intent, UserHandle.OWNER);
|
||||
} finally {
|
||||
restoreCallingIdentity(id);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setOemUnlockEnabled(boolean enabled) {
|
||||
// do not allow monkey to flip the flag
|
||||
|
||||
Reference in New Issue
Block a user