Loading services/core/Android.bp +1 −0 Original line number Diff line number Diff line Loading @@ -164,6 +164,7 @@ java_library_static { "android.hardware.biometrics.fingerprint-V2.3-java", "android.hardware.biometrics.fingerprint-V2-java", "android.hardware.oemlock-V1.0-java", "android.hardware.oemlock-V1-java", "android.hardware.configstore-V1.1-java", "android.hardware.ir-V1-java", "android.hardware.rebootescrow-V1-java", Loading services/core/java/com/android/server/oemlock/OemLockService.java +8 −6 Original line number Diff line number Diff line Loading @@ -21,7 +21,6 @@ import android.annotation.Nullable; import android.app.ActivityManager; import android.content.Context; import android.content.pm.PackageManager; import android.hardware.oemlock.V1_0.IOemLock; import android.os.Binder; import android.os.Bundle; import android.os.IBinder; Loading Loading @@ -54,15 +53,18 @@ public class OemLockService extends SystemService { private OemLock mOemLock; public static boolean isHalPresent() { return VendorLock.getOemLockHalService() != null; return (VendorLockHidl.getOemLockHalService() != null) || (VendorLockAidl.getOemLockHalService() != null); } /** Select the OEM lock implementation */ private static OemLock getOemLock(Context context) { final IOemLock oemLockHal = VendorLock.getOemLockHalService(); if (oemLockHal != null) { Slog.i(TAG, "Using vendor lock via the HAL"); return new VendorLock(context, oemLockHal); if (VendorLockAidl.getOemLockHalService() != null) { Slog.i(TAG, "Using vendor lock via the HAL(aidl)"); return new VendorLockAidl(context); } else if (VendorLockHidl.getOemLockHalService() != null) { Slog.i(TAG, "Using vendor lock via the HAL(hidl)"); return new VendorLockHidl(context); } else { Slog.i(TAG, "Using persistent data block based lock"); return new PersistentDataBlockLock(context); Loading services/core/java/com/android/server/oemlock/VendorLockAidl.java 0 → 100644 +115 −0 Original line number Diff line number Diff line /* * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.oemlock; import android.annotation.Nullable; import android.content.Context; import android.hardware.oemlock.IOemLock; import android.hardware.oemlock.OemLockSecureStatus; import android.os.RemoteException; import android.os.ServiceManager; import android.util.Slog; /** Uses the OEM lock HAL. */ class VendorLockAidl extends OemLock { private static final String TAG = "OemLock"; private IOemLock mOemLock; static IOemLock getOemLockHalService() { return IOemLock.Stub.asInterface( ServiceManager.waitForDeclaredService(IOemLock.DESCRIPTOR + "/default")); } VendorLockAidl(Context context) { mOemLock = getOemLockHalService(); } @Override @Nullable String getLockName() { try { return mOemLock.getName(); } catch (RemoteException e) { Slog.e(TAG, "Failed to get name from HAL", e); throw e.rethrowFromSystemServer(); } } @Override void setOemUnlockAllowedByCarrier(boolean allowed, @Nullable byte[] signature) { try { final int status; if (signature == null) { status = mOemLock.setOemUnlockAllowedByCarrier(allowed, new byte[0]); } else { status = mOemLock.setOemUnlockAllowedByCarrier(allowed, signature); } switch (status) { case OemLockSecureStatus.OK: Slog.i(TAG, "Updated carrier allows OEM lock state to: " + allowed); return; case OemLockSecureStatus.INVALID_SIGNATURE: if (signature == null) { throw new IllegalArgumentException("Signature required for carrier unlock"); } throw new SecurityException( "Invalid signature used in attempt to carrier unlock"); default: Slog.e(TAG, "Unknown return value indicates code is out of sync with HAL"); // Fallthrough case OemLockSecureStatus.FAILED: throw new RuntimeException("Failed to set carrier OEM unlock state"); } } catch (RemoteException e) { Slog.e(TAG, "Failed to set carrier state with HAL", e); throw e.rethrowFromSystemServer(); } } @Override boolean isOemUnlockAllowedByCarrier() { try { return mOemLock.isOemUnlockAllowedByCarrier(); } catch (RemoteException e) { Slog.e(TAG, "Failed to get carrier state from HAL"); throw e.rethrowFromSystemServer(); } } @Override void setOemUnlockAllowedByDevice(boolean allowedByDevice) { try { mOemLock.setOemUnlockAllowedByDevice(allowedByDevice); } catch (RemoteException e) { Slog.e(TAG, "Failed to set device state with HAL", e); throw e.rethrowFromSystemServer(); } } @Override boolean isOemUnlockAllowedByDevice() { try { return mOemLock.isOemUnlockAllowedByDevice(); } catch (RemoteException e) { Slog.e(TAG, "Failed to get devie state from HAL"); throw e.rethrowFromSystemServer(); } } } services/core/java/com/android/server/oemlock/VendorLock.java→services/core/java/com/android/server/oemlock/VendorLockHidl.java +23 −23 Original line number Diff line number Diff line Loading @@ -27,10 +27,8 @@ import android.util.Slog; import java.util.ArrayList; import java.util.NoSuchElementException; /** * Uses the OEM lock HAL. */ class VendorLock extends OemLock { /** Uses the OEM lock HAL. */ class VendorLockHidl extends OemLock { private static final String TAG = "OemLock"; private Context mContext; Loading @@ -40,26 +38,27 @@ class VendorLock extends OemLock { try { return IOemLock.getService(/* retry */ true); } catch (NoSuchElementException e) { Slog.i(TAG, "OemLock HAL not present on device"); Slog.i(TAG, "OemLock Hidl HAL not present on device"); return null; } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } VendorLock(Context context, IOemLock oemLock) { VendorLockHidl(Context context) { mContext = context; mOemLock = oemLock; mOemLock = getOemLockHalService(); } @Override @Nullable String getLockName() { final Integer[] requestStatus = new Integer[1]; final String[] lockName = new String[1]; final Integer[] requestStatus = new Integer[1]; try { mOemLock.getName((status, name) -> { mOemLock.getName( (status, name) -> { requestStatus[0] = status; lockName[0] = name; }); Loading Loading @@ -113,11 +112,11 @@ class VendorLock extends OemLock { @Override boolean isOemUnlockAllowedByCarrier() { final Integer[] requestStatus = new Integer[1]; final Boolean[] allowedByCarrier = new Boolean[1]; final Integer[] requestStatus = new Integer[1]; try { mOemLock.isOemUnlockAllowedByCarrier((status, allowed) -> { mOemLock.isOemUnlockAllowedByCarrier( (status, allowed) -> { requestStatus[0] = status; allowedByCarrier[0] = allowed; }); Loading Loading @@ -161,11 +160,12 @@ class VendorLock extends OemLock { @Override boolean isOemUnlockAllowedByDevice() { final Integer[] requestStatus = new Integer[1]; final Boolean[] allowedByDevice = new Boolean[1]; final Integer[] requestStatus = new Integer[1]; try { mOemLock.isOemUnlockAllowedByDevice((status, allowed) -> { mOemLock.isOemUnlockAllowedByDevice( (status, allowed) -> { requestStatus[0] = status; allowedByDevice[0] = allowed; }); Loading Loading
services/core/Android.bp +1 −0 Original line number Diff line number Diff line Loading @@ -164,6 +164,7 @@ java_library_static { "android.hardware.biometrics.fingerprint-V2.3-java", "android.hardware.biometrics.fingerprint-V2-java", "android.hardware.oemlock-V1.0-java", "android.hardware.oemlock-V1-java", "android.hardware.configstore-V1.1-java", "android.hardware.ir-V1-java", "android.hardware.rebootescrow-V1-java", Loading
services/core/java/com/android/server/oemlock/OemLockService.java +8 −6 Original line number Diff line number Diff line Loading @@ -21,7 +21,6 @@ import android.annotation.Nullable; import android.app.ActivityManager; import android.content.Context; import android.content.pm.PackageManager; import android.hardware.oemlock.V1_0.IOemLock; import android.os.Binder; import android.os.Bundle; import android.os.IBinder; Loading Loading @@ -54,15 +53,18 @@ public class OemLockService extends SystemService { private OemLock mOemLock; public static boolean isHalPresent() { return VendorLock.getOemLockHalService() != null; return (VendorLockHidl.getOemLockHalService() != null) || (VendorLockAidl.getOemLockHalService() != null); } /** Select the OEM lock implementation */ private static OemLock getOemLock(Context context) { final IOemLock oemLockHal = VendorLock.getOemLockHalService(); if (oemLockHal != null) { Slog.i(TAG, "Using vendor lock via the HAL"); return new VendorLock(context, oemLockHal); if (VendorLockAidl.getOemLockHalService() != null) { Slog.i(TAG, "Using vendor lock via the HAL(aidl)"); return new VendorLockAidl(context); } else if (VendorLockHidl.getOemLockHalService() != null) { Slog.i(TAG, "Using vendor lock via the HAL(hidl)"); return new VendorLockHidl(context); } else { Slog.i(TAG, "Using persistent data block based lock"); return new PersistentDataBlockLock(context); Loading
services/core/java/com/android/server/oemlock/VendorLockAidl.java 0 → 100644 +115 −0 Original line number Diff line number Diff line /* * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.oemlock; import android.annotation.Nullable; import android.content.Context; import android.hardware.oemlock.IOemLock; import android.hardware.oemlock.OemLockSecureStatus; import android.os.RemoteException; import android.os.ServiceManager; import android.util.Slog; /** Uses the OEM lock HAL. */ class VendorLockAidl extends OemLock { private static final String TAG = "OemLock"; private IOemLock mOemLock; static IOemLock getOemLockHalService() { return IOemLock.Stub.asInterface( ServiceManager.waitForDeclaredService(IOemLock.DESCRIPTOR + "/default")); } VendorLockAidl(Context context) { mOemLock = getOemLockHalService(); } @Override @Nullable String getLockName() { try { return mOemLock.getName(); } catch (RemoteException e) { Slog.e(TAG, "Failed to get name from HAL", e); throw e.rethrowFromSystemServer(); } } @Override void setOemUnlockAllowedByCarrier(boolean allowed, @Nullable byte[] signature) { try { final int status; if (signature == null) { status = mOemLock.setOemUnlockAllowedByCarrier(allowed, new byte[0]); } else { status = mOemLock.setOemUnlockAllowedByCarrier(allowed, signature); } switch (status) { case OemLockSecureStatus.OK: Slog.i(TAG, "Updated carrier allows OEM lock state to: " + allowed); return; case OemLockSecureStatus.INVALID_SIGNATURE: if (signature == null) { throw new IllegalArgumentException("Signature required for carrier unlock"); } throw new SecurityException( "Invalid signature used in attempt to carrier unlock"); default: Slog.e(TAG, "Unknown return value indicates code is out of sync with HAL"); // Fallthrough case OemLockSecureStatus.FAILED: throw new RuntimeException("Failed to set carrier OEM unlock state"); } } catch (RemoteException e) { Slog.e(TAG, "Failed to set carrier state with HAL", e); throw e.rethrowFromSystemServer(); } } @Override boolean isOemUnlockAllowedByCarrier() { try { return mOemLock.isOemUnlockAllowedByCarrier(); } catch (RemoteException e) { Slog.e(TAG, "Failed to get carrier state from HAL"); throw e.rethrowFromSystemServer(); } } @Override void setOemUnlockAllowedByDevice(boolean allowedByDevice) { try { mOemLock.setOemUnlockAllowedByDevice(allowedByDevice); } catch (RemoteException e) { Slog.e(TAG, "Failed to set device state with HAL", e); throw e.rethrowFromSystemServer(); } } @Override boolean isOemUnlockAllowedByDevice() { try { return mOemLock.isOemUnlockAllowedByDevice(); } catch (RemoteException e) { Slog.e(TAG, "Failed to get devie state from HAL"); throw e.rethrowFromSystemServer(); } } }
services/core/java/com/android/server/oemlock/VendorLock.java→services/core/java/com/android/server/oemlock/VendorLockHidl.java +23 −23 Original line number Diff line number Diff line Loading @@ -27,10 +27,8 @@ import android.util.Slog; import java.util.ArrayList; import java.util.NoSuchElementException; /** * Uses the OEM lock HAL. */ class VendorLock extends OemLock { /** Uses the OEM lock HAL. */ class VendorLockHidl extends OemLock { private static final String TAG = "OemLock"; private Context mContext; Loading @@ -40,26 +38,27 @@ class VendorLock extends OemLock { try { return IOemLock.getService(/* retry */ true); } catch (NoSuchElementException e) { Slog.i(TAG, "OemLock HAL not present on device"); Slog.i(TAG, "OemLock Hidl HAL not present on device"); return null; } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } VendorLock(Context context, IOemLock oemLock) { VendorLockHidl(Context context) { mContext = context; mOemLock = oemLock; mOemLock = getOemLockHalService(); } @Override @Nullable String getLockName() { final Integer[] requestStatus = new Integer[1]; final String[] lockName = new String[1]; final Integer[] requestStatus = new Integer[1]; try { mOemLock.getName((status, name) -> { mOemLock.getName( (status, name) -> { requestStatus[0] = status; lockName[0] = name; }); Loading Loading @@ -113,11 +112,11 @@ class VendorLock extends OemLock { @Override boolean isOemUnlockAllowedByCarrier() { final Integer[] requestStatus = new Integer[1]; final Boolean[] allowedByCarrier = new Boolean[1]; final Integer[] requestStatus = new Integer[1]; try { mOemLock.isOemUnlockAllowedByCarrier((status, allowed) -> { mOemLock.isOemUnlockAllowedByCarrier( (status, allowed) -> { requestStatus[0] = status; allowedByCarrier[0] = allowed; }); Loading Loading @@ -161,11 +160,12 @@ class VendorLock extends OemLock { @Override boolean isOemUnlockAllowedByDevice() { final Integer[] requestStatus = new Integer[1]; final Boolean[] allowedByDevice = new Boolean[1]; final Integer[] requestStatus = new Integer[1]; try { mOemLock.isOemUnlockAllowedByDevice((status, allowed) -> { mOemLock.isOemUnlockAllowedByDevice( (status, allowed) -> { requestStatus[0] = status; allowedByDevice[0] = allowed; }); Loading
