From 74e9b18b2de2127e081b170cdd4622193cfb7543 Mon Sep 17 00:00:00 2001
From: Andres Morales <anmorales@google.com>
Date: Mon, 22 Feb 2016 12:33:33 -0800
Subject: [PATCH] Add SystemApi for retrieving device flash lock state

Bug: 26039090
Change-Id: Ib51c4862d897cc91a0788379c761ed49a2adf271
---
 api/system-current.txt                        |  8 ++++
 .../IPersistentDataBlockService.aidl          |  2 +
 .../PersistentDataBlockManager.java           | 43 +++++++++++++++++++
 .../server/PersistentDataBlockService.java    | 18 ++++++++
 4 files changed, 71 insertions(+)

diff --git a/api/system-current.txt b/api/system-current.txt
index ec422c0269506..e9d553b876340 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -37049,6 +37049,7 @@ package android.service.persistentdata {
 
   public abstract interface IPersistentDataBlockService implements android.os.IInterface {
     method public abstract int getDataBlockSize() throws android.os.RemoteException;
+    method public abstract int getFlashLockState() throws android.os.RemoteException;
     method public abstract long getMaximumDataBlockSize() throws android.os.RemoteException;
     method public abstract boolean getOemUnlockEnabled() throws android.os.RemoteException;
     method public abstract byte[] read() throws android.os.RemoteException;
@@ -37060,12 +37061,19 @@ package android.service.persistentdata {
   public class PersistentDataBlockManager {
     ctor public PersistentDataBlockManager(android.service.persistentdata.IPersistentDataBlockService);
     method public int getDataBlockSize();
+    method public int getFlashLockState();
     method public long getMaximumDataBlockSize();
     method public boolean getOemUnlockEnabled();
     method public byte[] read();
     method public void setOemUnlockEnabled(boolean);
     method public void wipe();
     method public int write(byte[]);
+    field public static final int FLASH_LOCK_LOCKED = 1; // 0x1
+    field public static final int FLASH_LOCK_UNKNOWN = -1; // 0xffffffff
+    field public static final int FLASH_LOCK_UNLOCKED = 0; // 0x0
+  }
+
+  public static abstract class PersistentDataBlockManager.FlashLockState implements java.lang.annotation.Annotation {
   }
 
 }
diff --git a/core/java/android/service/persistentdata/IPersistentDataBlockService.aidl b/core/java/android/service/persistentdata/IPersistentDataBlockService.aidl
index 52db22397b65f..626b40827334d 100644
--- a/core/java/android/service/persistentdata/IPersistentDataBlockService.aidl
+++ b/core/java/android/service/persistentdata/IPersistentDataBlockService.aidl
@@ -35,4 +35,6 @@ interface IPersistentDataBlockService {
 
     void setOemUnlockEnabled(boolean enabled);
     boolean getOemUnlockEnabled();
+    int getFlashLockState();
 }
+
diff --git a/core/java/android/service/persistentdata/PersistentDataBlockManager.java b/core/java/android/service/persistentdata/PersistentDataBlockManager.java
index 0ffdf68c4b301..ddb6980046ed8 100644
--- a/core/java/android/service/persistentdata/PersistentDataBlockManager.java
+++ b/core/java/android/service/persistentdata/PersistentDataBlockManager.java
@@ -17,9 +17,13 @@
 package android.service.persistentdata;
 
 import android.annotation.SystemApi;
+import android.annotation.IntDef;
 import android.os.RemoteException;
 import android.util.Slog;
 
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
 /**
  * Interface for reading and writing data blocks to a persistent partition.
  *
@@ -43,6 +47,27 @@ public class PersistentDataBlockManager {
     private static final String TAG = PersistentDataBlockManager.class.getSimpleName();
     private IPersistentDataBlockService sService;
 
+    /**
+     * Indicates that the device's bootloader lock state is UNKNOWN.
+     */
+    public static final int FLASH_LOCK_UNKNOWN = -1;
+    /**
+     * Indicates that the device's bootloader is UNLOCKED.
+     */
+    public static final int FLASH_LOCK_UNLOCKED = 0;
+    /**
+     * Indicates that the device's bootloader is LOCKED.
+     */
+    public static final int FLASH_LOCK_LOCKED = 1;
+
+    @IntDef({
+        FLASH_LOCK_UNKNOWN,
+        FLASH_LOCK_LOCKED,
+        FLASH_LOCK_UNLOCKED,
+    })
+    @Retention(RetentionPolicy.SOURCE)
+    public @interface FlashLockState {}
+
     public PersistentDataBlockManager(IPersistentDataBlockService service) {
         sService = service;
     }
@@ -140,6 +165,24 @@ public class PersistentDataBlockManager {
         }
     }
 
+    /**
+     * Retrieves available information about this device's flash lock state.
+     *
+     * @return FLASH_LOCK_STATE_LOCKED if device bootloader is locked,
+     * FLASH_LOCK_STATE_UNLOCKED if device bootloader is unlocked,
+     * or FLASH_LOCK_STATE unknown if this information cannot be ascertained
+     * on this device.
+     */
+    @FlashLockState
+    public int getFlashLockState() {
+        try {
+            return sService.getFlashLockState();
+        } catch (RemoteException e) {
+            onError("getting flash lock state");
+            return FLASH_LOCK_UNKNOWN;
+        }
+    }
+
     private void onError(String msg) {
         Slog.v(TAG, "Remote exception while " + msg);
     }
diff --git a/services/core/java/com/android/server/PersistentDataBlockService.java b/services/core/java/com/android/server/PersistentDataBlockService.java
index a291cc72ea60a..2085f3277648e 100644
--- a/services/core/java/com/android/server/PersistentDataBlockService.java
+++ b/services/core/java/com/android/server/PersistentDataBlockService.java
@@ -27,6 +27,7 @@ import android.os.SystemProperties;
 import android.os.UserHandle;
 import android.os.UserManager;
 import android.service.persistentdata.IPersistentDataBlockService;
+import android.service.persistentdata.PersistentDataBlockManager;
 import android.util.Slog;
 
 import com.android.internal.R;
@@ -72,6 +73,9 @@ public class PersistentDataBlockService extends SystemService {
     private static final int MAX_DATA_BLOCK_SIZE = 1024 * 100;
     public static final int DIGEST_SIZE_BYTES = 32;
     private static final String OEM_UNLOCK_PROP = "sys.oem_unlock_allowed";
+    private static final String FLASH_LOCK_PROP = "ro.boot.flash.locked";
+    private static final String FLASH_LOCK_LOCKED = "1";
+    private static final String FLASH_LOCK_UNLOCKED = "0";
 
     private final Context mContext;
     private final String mDataBlockFile;
@@ -453,6 +457,20 @@ public class PersistentDataBlockService extends SystemService {
             return doGetOemUnlockEnabled();
         }
 
+        @Override
+        public int getFlashLockState() {
+            enforceOemUnlockPermission();
+            String locked = SystemProperties.get(FLASH_LOCK_PROP);
+            switch (locked) {
+                case FLASH_LOCK_LOCKED:
+                    return PersistentDataBlockManager.FLASH_LOCK_LOCKED;
+                case FLASH_LOCK_UNLOCKED:
+                    return PersistentDataBlockManager.FLASH_LOCK_UNLOCKED;
+                default:
+                    return PersistentDataBlockManager.FLASH_LOCK_UNKNOWN;
+            }
+        }
+
         @Override
         public int getDataBlockSize() {
             enforcePersistentDataBlockAccess();