From 09ad6bfe9619ff7a61209131f1f3182d53d840d0 Mon Sep 17 00:00:00 2001 From: Craig Lafayette Date: Tue, 2 Jun 2015 16:41:49 -0400 Subject: [PATCH] Remove FRP wipe support for device initializers - Remove ManagedProvisioning NFC parameter key from DevicePolicyManager - Remove wipeIfAllowed from PersistentDataBlockManager Bug: 21558883 Change-Id: I59354b7bb1ef7e0b0346ff9a7d1654780231dff0 --- api/current.txt | 1 - api/system-current.txt | 9 --- .../app/admin/DevicePolicyManager.java | 13 ---- .../IPersistentDataBlockService.aidl | 3 - .../PersistentDataBlockManager.java | 74 ------------------- core/res/AndroidManifest.xml | 2 - .../server/PersistentDataBlockService.java | 27 ------- 7 files changed, 129 deletions(-) diff --git a/api/current.txt b/api/current.txt index cfb9398ac2315..08d12c046bd24 100644 --- a/api/current.txt +++ b/api/current.txt @@ -5828,7 +5828,6 @@ package android.app.admin { field public static final java.lang.String EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED = "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"; field public static final java.lang.String EXTRA_PROVISIONING_LOCALE = "android.app.extra.PROVISIONING_LOCALE"; field public static final java.lang.String EXTRA_PROVISIONING_LOCAL_TIME = "android.app.extra.PROVISIONING_LOCAL_TIME"; - field public static final java.lang.String EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS = "android.app.extra.PROVISIONING_RESET_PROTECTION_PARAMETERS"; field public static final java.lang.String EXTRA_PROVISIONING_SKIP_ENCRYPTION = "android.app.extra.PROVISIONING_SKIP_ENCRYPTION"; field public static final java.lang.String EXTRA_PROVISIONING_TIME_ZONE = "android.app.extra.PROVISIONING_TIME_ZONE"; field public static final java.lang.String EXTRA_PROVISIONING_WIFI_HIDDEN = "android.app.extra.PROVISIONING_WIFI_HIDDEN"; diff --git a/api/system-current.txt b/api/system-current.txt index 6035ef29b48af..bc15184034156 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -5940,7 +5940,6 @@ package android.app.admin { field public static final java.lang.String EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED = "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"; field public static final java.lang.String EXTRA_PROVISIONING_LOCALE = "android.app.extra.PROVISIONING_LOCALE"; field public static final java.lang.String EXTRA_PROVISIONING_LOCAL_TIME = "android.app.extra.PROVISIONING_LOCAL_TIME"; - field public static final java.lang.String EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS = "android.app.extra.PROVISIONING_RESET_PROTECTION_PARAMETERS"; field public static final java.lang.String EXTRA_PROVISIONING_SKIP_ENCRYPTION = "android.app.extra.PROVISIONING_SKIP_ENCRYPTION"; field public static final java.lang.String EXTRA_PROVISIONING_TIME_ZONE = "android.app.extra.PROVISIONING_TIME_ZONE"; field public static final java.lang.String EXTRA_PROVISIONING_WIFI_HIDDEN = "android.app.extra.PROVISIONING_WIFI_HIDDEN"; @@ -30954,7 +30953,6 @@ package android.service.persistentdata { method public abstract byte[] read() throws android.os.RemoteException; method public abstract void setOemUnlockEnabled(boolean) throws android.os.RemoteException; method public abstract void wipe() throws android.os.RemoteException; - method public abstract void wipeIfAllowed(android.os.Bundle, android.app.PendingIntent) throws android.os.RemoteException; method public abstract int write(byte[]) throws android.os.RemoteException; } @@ -30966,14 +30964,7 @@ package android.service.persistentdata { method public byte[] read(); method public void setOemUnlockEnabled(boolean); method public void wipe(); - method public void wipeIfAllowed(android.os.Bundle, android.app.PendingIntent); method public int write(byte[]); - field public static final java.lang.String ACTION_WIPE_IF_ALLOWED = "android.service.persistentdata.action.WIPE_IF_ALLOWED"; - field public static final java.lang.String EXTRA_WIPE_IF_ALLOWED_CALLBACK = "android.service.persistentdata.extra.WIPE_IF_ALLOWED_CALLBACK"; - field public static final int STATUS_ERROR_NETWORK_ERROR = 2; // 0x2 - field public static final int STATUS_ERROR_NOT_COMPLIANT = 3; // 0x3 - field public static final int STATUS_ERROR_REMOTE_EXCEPTION = 1; // 0x1 - field public static final int STATUS_SUCCESS = 0; // 0x0 } } diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index 996748ae990b4..3052536500951 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -539,19 +539,6 @@ public class DevicePolicyManager { public static final String EXTRA_PROVISIONING_DEVICE_INITIALIZER_CERTIFICATE_CHECKSUM = "android.app.extra.PROVISIONING_DEVICE_INITIALIZER_CERTIFICATE_CHECKSUM"; - /** - * A {@link android.os.Parcelable} extra of type {@link android.os.PersistableBundle} that - * holds data needed by the system to wipe factory reset protection. The data needed to wipe - * the device depend on the installed factory reset protection implementation. For example, - * if an account is needed to unlock a device, this extra may contain data used to - * authenticate that account. - * - *

Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC_V2} that starts device owner - * provisioning via an NFC bump. - */ - public static final String EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS - = "android.app.extra.PROVISIONING_RESET_PROTECTION_PARAMETERS"; - /** * This MIME type is used for starting the Device Owner provisioning that does not require * provisioning features introduced in Android API level diff --git a/core/java/android/service/persistentdata/IPersistentDataBlockService.aidl b/core/java/android/service/persistentdata/IPersistentDataBlockService.aidl index 0071a33bbb235..52db22397b65f 100644 --- a/core/java/android/service/persistentdata/IPersistentDataBlockService.aidl +++ b/core/java/android/service/persistentdata/IPersistentDataBlockService.aidl @@ -16,8 +16,6 @@ package android.service.persistentdata; -import android.app.PendingIntent; -import android.os.Bundle; import android.os.ParcelFileDescriptor; /** @@ -32,7 +30,6 @@ interface IPersistentDataBlockService { int write(in byte[] data); byte[] read(); void wipe(); - void wipeIfAllowed(in Bundle bundle, in PendingIntent pi); int getDataBlockSize(); long getMaximumDataBlockSize(); diff --git a/core/java/android/service/persistentdata/PersistentDataBlockManager.java b/core/java/android/service/persistentdata/PersistentDataBlockManager.java index 31570c6887a19..0ffdf68c4b301 100644 --- a/core/java/android/service/persistentdata/PersistentDataBlockManager.java +++ b/core/java/android/service/persistentdata/PersistentDataBlockManager.java @@ -17,8 +17,6 @@ package android.service.persistentdata; import android.annotation.SystemApi; -import android.app.PendingIntent; -import android.os.Bundle; import android.os.RemoteException; import android.util.Slog; @@ -43,56 +41,6 @@ import android.util.Slog; @SystemApi public class PersistentDataBlockManager { private static final String TAG = PersistentDataBlockManager.class.getSimpleName(); - - /** - * Broadcast action that will be called when the {@link #wipeIfAllowed(Bundle,PendingIntent)} - * method is called. A broadcast with this action will be sent to the package allowed to write - * to the persistent data block. Packages receiving this broadcasts should respond by using the - * {@link android.app.PendingIntent} sent in the {@link #EXTRA_WIPE_IF_ALLOWED_CALLBACK} extra. - */ - public static final String ACTION_WIPE_IF_ALLOWED - = "android.service.persistentdata.action.WIPE_IF_ALLOWED"; - - /** - * A {@link android.os.Parcelable} extra of type {@link android.app.PendingIntent} used to - * response to {@link #wipeIfAllowed(Bundle,PendingIntent)}. This extra will set in broadcasts - * with an action of {@link #ACTION_WIPE_IF_ALLOWED}. - */ - public static final String EXTRA_WIPE_IF_ALLOWED_CALLBACK - = "android.service.persistentdata.extra.WIPE_IF_ALLOWED_CALLBACK"; - - /** - * Result code indicating that the data block was wiped. - * - *

This value is set as result code of the {@link android.app.PendingIntent} argument to - * {@link #wipeIfAllowed(Bundle,PendingIntent)} - */ - public static final int STATUS_SUCCESS = 0; - - /** - * Result code indicating that a remote exception was received while processing the request. - * - *

This value is set as result code of the {@link android.app.PendingIntent} argument to - * {@link #wipeIfAllowed(Bundle,PendingIntent)} - */ - public static final int STATUS_ERROR_REMOTE_EXCEPTION = 1; - - /** - * Result code indicating that a network error occurred while processing the request. - * - *

This value is set as result code of the {@link android.app.PendingIntent} argument to - * {@link #wipeIfAllowed(Bundle,PendingIntent)} - */ - public static final int STATUS_ERROR_NETWORK_ERROR = 2; - - /** - * Result code indicating that the data block could not be cleared with the provided data. - * - *

This value is set as result code of the {@link android.app.PendingIntent} argument to - * {@link #wipeIfAllowed(Bundle,PendingIntent)} - */ - public static final int STATUS_ERROR_NOT_COMPLIANT = 3; - private IPersistentDataBlockService sService; public PersistentDataBlockManager(IPersistentDataBlockService service) { @@ -169,28 +117,6 @@ public class PersistentDataBlockManager { } } - /** - * Attempt to wipe the data block by sending a broadcast to the package allowed to modify the - * datablock. The allowed package can refuse to wipe the data block based on the contents of - * the specified bundle. This bundle may contain data used by the allowed package to wipe the - * partition such as account credentials or an authorization token. - * @param bundle data used to wipe the data block. The contents of this bundle depend on the - * allowed package receiving the data. - * @param pi intent called when attempt finished. The result code of this intent will be set - * to one of {@link #STATUS_SUCCESS}, {@link #STATUS_ERROR_REMOTE_EXCEPTION}, - * {@link #STATUS_ERROR_NETWORK_ERROR}, or {@link #STATUS_ERROR_NOT_COMPLIANT}. - */ - public void wipeIfAllowed(Bundle bundle, PendingIntent pi) { - if (pi == null) { - throw new NullPointerException(); - } - try { - sService.wipeIfAllowed(bundle, pi); - } catch (RemoteException e) { - onError("wiping persistent partition"); - } - } - /** * Writes a byte enabling or disabling the ability to "OEM unlock" the device. */ diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 482ca13a677d3..5a4a6016a8817 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -314,8 +314,6 @@ - - diff --git a/services/core/java/com/android/server/PersistentDataBlockService.java b/services/core/java/com/android/server/PersistentDataBlockService.java index 56f9942cb784d..94316fe826e0e 100644 --- a/services/core/java/com/android/server/PersistentDataBlockService.java +++ b/services/core/java/com/android/server/PersistentDataBlockService.java @@ -18,18 +18,14 @@ package com.android.server; import android.Manifest; import android.app.ActivityManager; -import android.app.PendingIntent; import android.content.Context; -import android.content.Intent; import android.content.pm.PackageManager; import android.os.Binder; -import android.os.Bundle; import android.os.IBinder; import android.os.RemoteException; import android.os.SystemProperties; import android.os.UserHandle; import android.service.persistentdata.IPersistentDataBlockService; -import android.service.persistentdata.PersistentDataBlockManager; import android.util.Slog; import com.android.internal.R; @@ -431,29 +427,6 @@ public class PersistentDataBlockService extends SystemService { } } - @Override - public void wipeIfAllowed(Bundle bundle, PendingIntent pi) { - // Should only be called by owner - if (UserHandle.getCallingUserId() != UserHandle.USER_OWNER) { - throw new SecurityException("Only the Owner is allowed to wipe"); - } - // Caller must be able to query the the state of the PersistentDataBlock - enforcePersistentDataBlockAccess(); - String allowedPackage = mContext.getResources() - .getString(R.string.config_persistentDataPackageName); - Intent intent = new Intent(); - intent.setPackage(allowedPackage); - intent.setAction(PersistentDataBlockManager.ACTION_WIPE_IF_ALLOWED); - intent.putExtras(bundle); - intent.putExtra(PersistentDataBlockManager.EXTRA_WIPE_IF_ALLOWED_CALLBACK, pi); - long id = Binder.clearCallingIdentity(); - try { - mContext.sendBroadcastAsUser(intent, UserHandle.OWNER); - } finally { - restoreCallingIdentity(id); - } - } - @Override public void setOemUnlockEnabled(boolean enabled) { // do not allow monkey to flip the flag