Loading core/java/android/app/KeyguardManager.java +10 −7 Original line number Diff line number Diff line Loading @@ -167,10 +167,11 @@ public class KeyguardManager { * clicking this button, the activity returns * {@link #RESULT_ALTERNATE} * * @return the intent for launching the activity or null if the credential of the previous * owner can not be verified (e.g. because there was none, or the device does not support * verifying credentials after a factory reset, or device setup has already been completed). * * @return the intent for launching the activity or null if the previous owner of the device * did not set a credential. * @throws UnsupportedOperationException if the device does not support factory reset * credentials * @throws IllegalStateException if the device has already been provisioned * @hide */ @SystemApi Loading @@ -178,14 +179,14 @@ public class KeyguardManager { CharSequence title, CharSequence description, CharSequence alternateButtonLabel) { if (!LockPatternUtils.frpCredentialEnabled(mContext)) { Log.w(TAG, "Factory reset credentials not supported."); return null; throw new UnsupportedOperationException("not supported on this device"); } // Cannot verify credential if the device is provisioned if (Settings.Global.getInt(mContext.getContentResolver(), Settings.Global.DEVICE_PROVISIONED, 0) != 0) { Log.e(TAG, "Factory reset credential cannot be verified after provisioning."); return null; throw new IllegalStateException("must not be provisioned yet"); } // Make sure we have a credential Loading @@ -194,8 +195,10 @@ public class KeyguardManager { ServiceManager.getService(Context.PERSISTENT_DATA_BLOCK_SERVICE)); if (pdb == null) { Log.e(TAG, "No persistent data block service"); return null; throw new UnsupportedOperationException("not supported on this device"); } // The following will throw an UnsupportedOperationException if the device does not // support factory reset credentials (or something went wrong retrieving it). if (!pdb.hasFrpCredentialHandle()) { Log.i(TAG, "The persistent data block does not have a factory reset credential."); return null; Loading services/core/java/com/android/server/PersistentDataBlockManagerInternal.java +5 −1 Original line number Diff line number Diff line Loading @@ -24,7 +24,11 @@ public interface PersistentDataBlockManagerInternal { /** Stores the handle to a lockscreen credential to be used for Factory Reset Protection. */ void setFrpCredentialHandle(byte[] handle); /** Retrieves handle to a lockscreen credential to be used for Factory Reset Protection. */ /** * Retrieves handle to a lockscreen credential to be used for Factory Reset Protection. * * @throws IllegalStateException if the underlying storage is corrupt or inaccessible. */ byte[] getFrpCredentialHandle(); /** Update the OEM unlock enabled bit, bypassing user restriction checks. */ Loading services/core/java/com/android/server/PersistentDataBlockService.java +10 −6 Original line number Diff line number Diff line Loading @@ -28,6 +28,7 @@ import android.os.UserHandle; import android.os.UserManager; import android.service.persistentdata.IPersistentDataBlockService; import android.service.persistentdata.PersistentDataBlockManager; import android.util.Log; import android.util.Slog; import com.android.internal.R; Loading Loading @@ -582,7 +583,12 @@ public class PersistentDataBlockService extends SystemService { @Override public boolean hasFrpCredentialHandle() { enforcePersistentDataBlockAccess(); try { return mInternalService.getFrpCredentialHandle() != null; } catch (IllegalStateException e) { Slog.e(TAG, "error reading frp handle", e); throw new UnsupportedOperationException("cannot read frp credential"); } } }; Loading Loading @@ -638,7 +644,7 @@ public class PersistentDataBlockService extends SystemService { @Override public byte[] getFrpCredentialHandle() { if (!enforceChecksumValidity()) { return null; throw new IllegalStateException("invalid checksum"); } DataInputStream inputStream; Loading @@ -646,8 +652,7 @@ public class PersistentDataBlockService extends SystemService { inputStream = new DataInputStream( new FileInputStream(new File(mDataBlockFile))); } catch (FileNotFoundException e) { Slog.e(TAG, "partition not available"); return null; throw new IllegalStateException("frp partition not available"); } try { Loading @@ -662,8 +667,7 @@ public class PersistentDataBlockService extends SystemService { return bytes; } } catch (IOException e) { Slog.e(TAG, "unable to access persistent partition", e); return null; throw new IllegalStateException("frp handle not readable", e); } finally { IoUtils.closeQuietly(inputStream); } Loading services/core/java/com/android/server/locksettings/LockSettingsStorage.java +8 −3 Original line number Diff line number Diff line Loading @@ -627,7 +627,12 @@ class LockSettingsStorage { if (persistentDataBlock == null) { return PersistentData.NONE; } try { return PersistentData.fromBytes(persistentDataBlock.getFrpCredentialHandle()); } catch (IllegalStateException e) { Slog.e(TAG, "Error reading persistent data block", e); return PersistentData.NONE; } } public static class PersistentData { Loading Loading @@ -670,11 +675,11 @@ class LockSettingsStorage { return new PersistentData(type, userId, qualityForUi, payload); } else { Slog.wtf(TAG, "Unknown PersistentData version code: " + version); return null; return NONE; } } catch (IOException e) { Slog.wtf(TAG, "Could not parse PersistentData", e); return null; return NONE; } } Loading services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStorageTestable.java +8 −0 Original line number Diff line number Diff line Loading @@ -18,11 +18,14 @@ package com.android.server.locksettings; import android.content.Context; import com.android.server.PersistentDataBlockManagerInternal; import java.io.File; public class LockSettingsStorageTestable extends LockSettingsStorage { public File mStorageDir; public PersistentDataBlockManagerInternal mPersistentDataBlock; public LockSettingsStorageTestable(Context context, File storageDir) { super(context); Loading Loading @@ -53,6 +56,11 @@ public class LockSettingsStorageTestable extends LockSettingsStorage { userId).getAbsolutePath()); } @Override public PersistentDataBlockManagerInternal getPersistentDataBlock() { return mPersistentDataBlock; } private File makeDirs(File baseDir, String filePath) { File path = new File(filePath); if (path.getParent() == null) { Loading Loading
core/java/android/app/KeyguardManager.java +10 −7 Original line number Diff line number Diff line Loading @@ -167,10 +167,11 @@ public class KeyguardManager { * clicking this button, the activity returns * {@link #RESULT_ALTERNATE} * * @return the intent for launching the activity or null if the credential of the previous * owner can not be verified (e.g. because there was none, or the device does not support * verifying credentials after a factory reset, or device setup has already been completed). * * @return the intent for launching the activity or null if the previous owner of the device * did not set a credential. * @throws UnsupportedOperationException if the device does not support factory reset * credentials * @throws IllegalStateException if the device has already been provisioned * @hide */ @SystemApi Loading @@ -178,14 +179,14 @@ public class KeyguardManager { CharSequence title, CharSequence description, CharSequence alternateButtonLabel) { if (!LockPatternUtils.frpCredentialEnabled(mContext)) { Log.w(TAG, "Factory reset credentials not supported."); return null; throw new UnsupportedOperationException("not supported on this device"); } // Cannot verify credential if the device is provisioned if (Settings.Global.getInt(mContext.getContentResolver(), Settings.Global.DEVICE_PROVISIONED, 0) != 0) { Log.e(TAG, "Factory reset credential cannot be verified after provisioning."); return null; throw new IllegalStateException("must not be provisioned yet"); } // Make sure we have a credential Loading @@ -194,8 +195,10 @@ public class KeyguardManager { ServiceManager.getService(Context.PERSISTENT_DATA_BLOCK_SERVICE)); if (pdb == null) { Log.e(TAG, "No persistent data block service"); return null; throw new UnsupportedOperationException("not supported on this device"); } // The following will throw an UnsupportedOperationException if the device does not // support factory reset credentials (or something went wrong retrieving it). if (!pdb.hasFrpCredentialHandle()) { Log.i(TAG, "The persistent data block does not have a factory reset credential."); return null; Loading
services/core/java/com/android/server/PersistentDataBlockManagerInternal.java +5 −1 Original line number Diff line number Diff line Loading @@ -24,7 +24,11 @@ public interface PersistentDataBlockManagerInternal { /** Stores the handle to a lockscreen credential to be used for Factory Reset Protection. */ void setFrpCredentialHandle(byte[] handle); /** Retrieves handle to a lockscreen credential to be used for Factory Reset Protection. */ /** * Retrieves handle to a lockscreen credential to be used for Factory Reset Protection. * * @throws IllegalStateException if the underlying storage is corrupt or inaccessible. */ byte[] getFrpCredentialHandle(); /** Update the OEM unlock enabled bit, bypassing user restriction checks. */ Loading
services/core/java/com/android/server/PersistentDataBlockService.java +10 −6 Original line number Diff line number Diff line Loading @@ -28,6 +28,7 @@ import android.os.UserHandle; import android.os.UserManager; import android.service.persistentdata.IPersistentDataBlockService; import android.service.persistentdata.PersistentDataBlockManager; import android.util.Log; import android.util.Slog; import com.android.internal.R; Loading Loading @@ -582,7 +583,12 @@ public class PersistentDataBlockService extends SystemService { @Override public boolean hasFrpCredentialHandle() { enforcePersistentDataBlockAccess(); try { return mInternalService.getFrpCredentialHandle() != null; } catch (IllegalStateException e) { Slog.e(TAG, "error reading frp handle", e); throw new UnsupportedOperationException("cannot read frp credential"); } } }; Loading Loading @@ -638,7 +644,7 @@ public class PersistentDataBlockService extends SystemService { @Override public byte[] getFrpCredentialHandle() { if (!enforceChecksumValidity()) { return null; throw new IllegalStateException("invalid checksum"); } DataInputStream inputStream; Loading @@ -646,8 +652,7 @@ public class PersistentDataBlockService extends SystemService { inputStream = new DataInputStream( new FileInputStream(new File(mDataBlockFile))); } catch (FileNotFoundException e) { Slog.e(TAG, "partition not available"); return null; throw new IllegalStateException("frp partition not available"); } try { Loading @@ -662,8 +667,7 @@ public class PersistentDataBlockService extends SystemService { return bytes; } } catch (IOException e) { Slog.e(TAG, "unable to access persistent partition", e); return null; throw new IllegalStateException("frp handle not readable", e); } finally { IoUtils.closeQuietly(inputStream); } Loading
services/core/java/com/android/server/locksettings/LockSettingsStorage.java +8 −3 Original line number Diff line number Diff line Loading @@ -627,7 +627,12 @@ class LockSettingsStorage { if (persistentDataBlock == null) { return PersistentData.NONE; } try { return PersistentData.fromBytes(persistentDataBlock.getFrpCredentialHandle()); } catch (IllegalStateException e) { Slog.e(TAG, "Error reading persistent data block", e); return PersistentData.NONE; } } public static class PersistentData { Loading Loading @@ -670,11 +675,11 @@ class LockSettingsStorage { return new PersistentData(type, userId, qualityForUi, payload); } else { Slog.wtf(TAG, "Unknown PersistentData version code: " + version); return null; return NONE; } } catch (IOException e) { Slog.wtf(TAG, "Could not parse PersistentData", e); return null; return NONE; } } Loading
services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStorageTestable.java +8 −0 Original line number Diff line number Diff line Loading @@ -18,11 +18,14 @@ package com.android.server.locksettings; import android.content.Context; import com.android.server.PersistentDataBlockManagerInternal; import java.io.File; public class LockSettingsStorageTestable extends LockSettingsStorage { public File mStorageDir; public PersistentDataBlockManagerInternal mPersistentDataBlock; public LockSettingsStorageTestable(Context context, File storageDir) { super(context); Loading Loading @@ -53,6 +56,11 @@ public class LockSettingsStorageTestable extends LockSettingsStorage { userId).getAbsolutePath()); } @Override public PersistentDataBlockManagerInternal getPersistentDataBlock() { return mPersistentDataBlock; } private File makeDirs(File baseDir, String filePath) { File path = new File(filePath); if (path.getParent() == null) { Loading
