Allow any device with a device_owner to execute setDeviceOwnerSystemPropertyLocked(). am: 735b4dc0af

am: d78a0d21cb Change-Id: I2e45ee1174cb287d8ce142ac4176148ceca5b248
2017-02-09 19:53:06 +00:00
parent 3b7ee3598f d78a0d21cb
commit 82a3793269
1 changed files with 8 additions and 5 deletions
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -1780,11 +1780,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
    }

    private void setDeviceOwnerSystemPropertyLocked() {
-        // Device owner may still be provisioned, do not set the read-only system property yet.
-        // Wear devices don't set device_provisioned until the device is paired, so allow
-        // device_owner property to be set without that.
-        if (!mIsWatch
-                && mInjector.settingsGlobalGetInt(Settings.Global.DEVICE_PROVISIONED, 0) == 0) {
+        final boolean deviceProvisioned =
+                mInjector.settingsGlobalGetInt(Settings.Global.DEVICE_PROVISIONED, 0) != 0;
+        // If the device is not provisioned and there is currently no device owner, do not set the
+        // read-only system property yet, since Device owner may still be provisioned. For Wear
+        // devices, if there is already a device owner then it's OK to set the property to true now,
+        // regardless the provision state.
+        final boolean isWatchWithDeviceOwner = mIsWatch && mOwners.hasDeviceOwner();
+        if (!isWatchWithDeviceOwner && !deviceProvisioned) {
            return;
        }
        // Still at the first stage of CryptKeeper double bounce, mOwners.hasDeviceOwner is