Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Disallow OEM unlock when DISALLOW_FACTORY_RESET applies" into nyc-mr1-dev

Browse Source
This commit is contained in:
Mahaver Chopra
2016-05-24 12:22:49 +00:00
committed by Android (Google) Code Review
parent a44129dd55 830e32cdcc
commit dd86aa141e
2 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
services/core/java/com/android/server/PersistentDataBlockService.java
View File

@@ -146,6 +146,15 @@ public class PersistentDataBlockService extends SystemService {
"Only the Admin user is allowed to change OEM unlock state"); "Only the Admin user is allowed to change OEM unlock state");
} }
} }
private void enforceFactoryResetAllowed() {
final boolean isOemUnlockRestricted = UserManager.get(mContext)
.hasUserRestriction(UserManager.DISALLOW_FACTORY_RESET);
if (isOemUnlockRestricted) {
throw new SecurityException("OEM unlock is disallowed by DISALLOW_FACTORY_RESET");
}
}
private int getTotalDataSizeLocked(DataInputStream inputStream) throws IOException { private int getTotalDataSizeLocked(DataInputStream inputStream) throws IOException {
// skip over checksum // skip over checksum
inputStream.skipBytes(DIGEST_SIZE_BYTES); inputStream.skipBytes(DIGEST_SIZE_BYTES);
@@ -452,7 +461,9 @@ public class PersistentDataBlockService extends SystemService {
Settings.Global.OEM_UNLOCK_DISALLOWED, 0) == 1) { Settings.Global.OEM_UNLOCK_DISALLOWED, 0) == 1) {
throw new SecurityException("OEM unlock has been disallowed."); throw new SecurityException("OEM unlock has been disallowed.");
} }
if (enabled) {
enforceFactoryResetAllowed();
}
synchronized (mLock) { synchronized (mLock) {
doSetOemUnlockEnabledLocked(enabled); doSetOemUnlockEnabledLocked(enabled);
computeAndWriteDigestLocked(); computeAndWriteDigestLocked();

9
services/core/java/com/android/server/pm/UserRestrictionsUtils.java
View File

@@ -33,6 +33,7 @@ import android.os.RemoteException;
import android.os.SystemProperties; import android.os.SystemProperties;
import android.os.UserHandle; import android.os.UserHandle;
import android.os.UserManager; import android.os.UserManager;
import android.service.persistentdata.PersistentDataBlockManager;
import android.telephony.SubscriptionInfo; import android.telephony.SubscriptionInfo;
import android.telephony.SubscriptionManager; import android.telephony.SubscriptionManager;
import android.util.Log; import android.util.Log;
@@ -424,6 +425,14 @@ public class UserRestrictionsUtils {
android.provider.Settings.Global.SAFE_BOOT_DISALLOWED, android.provider.Settings.Global.SAFE_BOOT_DISALLOWED,
newValue ? 1 : 0); newValue ? 1 : 0);
break; break;
case UserManager.DISALLOW_FACTORY_RESET:
if (newValue) {
PersistentDataBlockManager manager = (PersistentDataBlockManager) context
.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
if (manager != null) {
manager.setOemUnlockEnabled(false);
}
}
} }
} finally { } finally {
Binder.restoreCallingIdentity(id); Binder.restoreCallingIdentity(id);