com/android/server/oemlock/PersistentDataBlockLock.java - platform/prebuilts/fullsdk/sources/android-29 - Git at Google

 /*
  * Copyright (C) 2017 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package com.android.server.oemlock;

 import android.annotation.Nullable;
 import android.content.Context;
 import android.os.UserHandle;
 import android.os.UserManager;
 import android.service.persistentdata.PersistentDataBlockManager;
 import android.util.Slog;

 /**
  * Implementation of the OEM lock using the persistent data block to communicate with the
  * bootloader.
  *
  * The carrier flag is stored as a user restriction on the system user. The user flag is set in the
  * presistent data block but depends on the carrier flag.
  */
 class PersistentDataBlockLock extends OemLock {
     private static final String TAG = "OemLock";

     private Context mContext;

     PersistentDataBlockLock(Context context) {
         mContext = context;
     }

     @Override
     @Nullable
     String getLockName() {
         return "";
     }

     @Override
     void setOemUnlockAllowedByCarrier(boolean allowed, @Nullable byte[] signature) {
         // Note: this implementation does not require a signature
         if (signature != null) {
             Slog.w(TAG, "Signature provided but is not being used");
         }

         // Continue using user restriction for backwards compatibility
         UserManager.get(mContext).setUserRestriction(
                 UserManager.DISALLOW_OEM_UNLOCK, !allowed, UserHandle.SYSTEM);

         if (!allowed) {
             disallowUnlockIfNotUnlocked();
         }
     }

     @Override
     boolean isOemUnlockAllowedByCarrier() {
         return !UserManager.get(mContext)
                 .hasUserRestriction(UserManager.DISALLOW_OEM_UNLOCK, UserHandle.SYSTEM);
     }

     @Override
     void setOemUnlockAllowedByDevice(boolean allowedByDevice) {
         // The method name is misleading as it really just means whether or not the device can be
         // unlocked but doesn't actually do any unlocking.
         final PersistentDataBlockManager pdbm = (PersistentDataBlockManager)
                 mContext.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
         if (pdbm == null) {
             Slog.w(TAG, "PersistentDataBlock is not supported on this device");
             return;
         }
         pdbm.setOemUnlockEnabled(allowedByDevice);
     }

     @Override
     boolean isOemUnlockAllowedByDevice() {
         final PersistentDataBlockManager pdbm = (PersistentDataBlockManager)
             mContext.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
         if (pdbm == null) {
             Slog.w(TAG, "PersistentDataBlock is not supported on this device");
             return false;
         }
         return pdbm.getOemUnlockEnabled();
     }

     /**
      * Update state to prevent the bootloader from being able to unlock the device unless the device
      * has already been unlocked by the bootloader in which case it is too late as it would remain
      * unlocked.
      */
     private void disallowUnlockIfNotUnlocked() {
         final PersistentDataBlockManager pdbm = (PersistentDataBlockManager)
             mContext.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
         if (pdbm == null) {
             Slog.w(TAG, "PersistentDataBlock is not supported on this device");
             return;
         }
         if (pdbm.getFlashLockState() != PersistentDataBlockManager.FLASH_LOCK_UNLOCKED) {
             pdbm.setOemUnlockEnabled(false);
         }
     }
 }
	/*
	* Copyright (C) 2017 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package com.android.server.oemlock;

	import android.annotation.Nullable;
	import android.content.Context;
	import android.os.UserHandle;
	import android.os.UserManager;
	import android.service.persistentdata.PersistentDataBlockManager;
	import android.util.Slog;

	/**
	* Implementation of the OEM lock using the persistent data block to communicate with the
	* bootloader.
	*
	* The carrier flag is stored as a user restriction on the system user. The user flag is set in the
	* presistent data block but depends on the carrier flag.
	*/
	class PersistentDataBlockLock extends OemLock {
	private static final String TAG = "OemLock";

	private Context mContext;

	PersistentDataBlockLock(Context context) {
	mContext = context;
	}

	@Override
	@Nullable
	String getLockName() {
	return "";
	}

	@Override
	void setOemUnlockAllowedByCarrier(boolean allowed, @Nullable byte[] signature) {
	// Note: this implementation does not require a signature
	if (signature != null) {
	Slog.w(TAG, "Signature provided but is not being used");
	}

	// Continue using user restriction for backwards compatibility
	UserManager.get(mContext).setUserRestriction(
	UserManager.DISALLOW_OEM_UNLOCK, !allowed, UserHandle.SYSTEM);

	if (!allowed) {
	disallowUnlockIfNotUnlocked();
	}
	}

	@Override
	boolean isOemUnlockAllowedByCarrier() {
	return !UserManager.get(mContext)
	.hasUserRestriction(UserManager.DISALLOW_OEM_UNLOCK, UserHandle.SYSTEM);
	}

	@Override
	void setOemUnlockAllowedByDevice(boolean allowedByDevice) {
	// The method name is misleading as it really just means whether or not the device can be
	// unlocked but doesn't actually do any unlocking.
	final PersistentDataBlockManager pdbm = (PersistentDataBlockManager)
	mContext.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
	if (pdbm == null) {
	Slog.w(TAG, "PersistentDataBlock is not supported on this device");
	return;
	}
	pdbm.setOemUnlockEnabled(allowedByDevice);
	}

	@Override
	boolean isOemUnlockAllowedByDevice() {
	final PersistentDataBlockManager pdbm = (PersistentDataBlockManager)
	mContext.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
	if (pdbm == null) {
	Slog.w(TAG, "PersistentDataBlock is not supported on this device");
	return false;
	}
	return pdbm.getOemUnlockEnabled();
	}

	/**
	* Update state to prevent the bootloader from being able to unlock the device unless the device
	* has already been unlocked by the bootloader in which case it is too late as it would remain
	* unlocked.
	*/
	private void disallowUnlockIfNotUnlocked() {
	final PersistentDataBlockManager pdbm = (PersistentDataBlockManager)
	mContext.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
	if (pdbm == null) {
	Slog.w(TAG, "PersistentDataBlock is not supported on this device");
	return;
	}
	if (pdbm.getFlashLockState() != PersistentDataBlockManager.FLASH_LOCK_UNLOCKED) {
	pdbm.setOemUnlockEnabled(false);
	}
	}
	}