Loading api/system-current.txt +1 −0 Original line number Original line Diff line number Diff line Loading @@ -169,6 +169,7 @@ package android { field public static final java.lang.String READ_INSTALL_SESSIONS = "android.permission.READ_INSTALL_SESSIONS"; field public static final java.lang.String READ_INSTALL_SESSIONS = "android.permission.READ_INSTALL_SESSIONS"; field public static final java.lang.String READ_LOGS = "android.permission.READ_LOGS"; field public static final java.lang.String READ_LOGS = "android.permission.READ_LOGS"; field public static final java.lang.String READ_NETWORK_USAGE_HISTORY = "android.permission.READ_NETWORK_USAGE_HISTORY"; field public static final java.lang.String READ_NETWORK_USAGE_HISTORY = "android.permission.READ_NETWORK_USAGE_HISTORY"; field public static final java.lang.String READ_OEM_UNLOCK_STATE = "android.permission.READ_OEM_UNLOCK_STATE"; field public static final java.lang.String READ_PHONE_STATE = "android.permission.READ_PHONE_STATE"; field public static final java.lang.String READ_PHONE_STATE = "android.permission.READ_PHONE_STATE"; field public static final java.lang.String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE"; field public static final java.lang.String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE"; field public static final java.lang.String READ_SEARCH_INDEXABLES = "android.permission.READ_SEARCH_INDEXABLES"; field public static final java.lang.String READ_SEARCH_INDEXABLES = "android.permission.READ_SEARCH_INDEXABLES"; core/res/AndroidManifest.xml +5 −0 Original line number Original line Diff line number Diff line Loading @@ -1416,6 +1416,11 @@ <permission android:name="android.permission.DVB_DEVICE" <permission android:name="android.permission.DVB_DEVICE" android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged" /> <!-- @SystemApi Allows reading the OEM unlock state @hide <p>Not for use by third-party applications. --> <permission android:name="android.permission.READ_OEM_UNLOCK_STATE" android:protectionLevel="signature|privileged" /> <!-- @hide Allows enabling/disabling OEM unlock <!-- @hide Allows enabling/disabling OEM unlock <p>Not for use by third-party applications. --> <p>Not for use by third-party applications. --> <permission android:name="android.permission.OEM_UNLOCK_STATE" <permission android:name="android.permission.OEM_UNLOCK_STATE" Loading services/core/java/com/android/server/PersistentDataBlockService.java +16 −6 Original line number Original line Diff line number Diff line Loading @@ -125,10 +125,20 @@ public class PersistentDataBlockService extends SystemService { SystemProperties.set(OEM_UNLOCK_PROP, enabled ? "1" : "0"); SystemProperties.set(OEM_UNLOCK_PROP, enabled ? "1" : "0"); } } private void enforceOemUnlockPermission() { private void enforceOemUnlockReadPermission() { if (mContext.checkCallingOrSelfPermission(Manifest.permission.READ_OEM_UNLOCK_STATE) == PackageManager.PERMISSION_DENIED && mContext.checkCallingOrSelfPermission(Manifest.permission.OEM_UNLOCK_STATE) == PackageManager.PERMISSION_DENIED) { throw new SecurityException("Can't access OEM unlock state. Requires " + "READ_OEM_UNLOCK_STATE or OEM_UNLOCK_STATE permission."); } } private void enforceOemUnlockWritePermission() { mContext.enforceCallingOrSelfPermission( mContext.enforceCallingOrSelfPermission( Manifest.permission.OEM_UNLOCK_STATE, Manifest.permission.OEM_UNLOCK_STATE, "Can't access OEM unlock state"); "Can't modify OEM unlock state"); } } private void enforceUid(int callingUid) { private void enforceUid(int callingUid) { Loading Loading @@ -425,7 +435,7 @@ public class PersistentDataBlockService extends SystemService { @Override @Override public void wipe() { public void wipe() { enforceOemUnlockPermission(); enforceOemUnlockWritePermission(); synchronized (mLock) { synchronized (mLock) { int ret = nativeWipe(mDataBlockFile); int ret = nativeWipe(mDataBlockFile); Loading @@ -442,7 +452,7 @@ public class PersistentDataBlockService extends SystemService { if (ActivityManager.isUserAMonkey()) { if (ActivityManager.isUserAMonkey()) { return; return; } } enforceOemUnlockPermission(); enforceOemUnlockWritePermission(); enforceIsAdmin(); enforceIsAdmin(); synchronized (mLock) { synchronized (mLock) { Loading @@ -453,13 +463,13 @@ public class PersistentDataBlockService extends SystemService { @Override @Override public boolean getOemUnlockEnabled() { public boolean getOemUnlockEnabled() { enforceOemUnlockPermission(); enforceOemUnlockReadPermission(); return doGetOemUnlockEnabled(); return doGetOemUnlockEnabled(); } } @Override @Override public int getFlashLockState() { public int getFlashLockState() { enforceOemUnlockPermission(); enforceOemUnlockReadPermission(); String locked = SystemProperties.get(FLASH_LOCK_PROP); String locked = SystemProperties.get(FLASH_LOCK_PROP); switch (locked) { switch (locked) { case FLASH_LOCK_LOCKED: case FLASH_LOCK_LOCKED: Loading Loading
api/system-current.txt +1 −0 Original line number Original line Diff line number Diff line Loading @@ -169,6 +169,7 @@ package android { field public static final java.lang.String READ_INSTALL_SESSIONS = "android.permission.READ_INSTALL_SESSIONS"; field public static final java.lang.String READ_INSTALL_SESSIONS = "android.permission.READ_INSTALL_SESSIONS"; field public static final java.lang.String READ_LOGS = "android.permission.READ_LOGS"; field public static final java.lang.String READ_LOGS = "android.permission.READ_LOGS"; field public static final java.lang.String READ_NETWORK_USAGE_HISTORY = "android.permission.READ_NETWORK_USAGE_HISTORY"; field public static final java.lang.String READ_NETWORK_USAGE_HISTORY = "android.permission.READ_NETWORK_USAGE_HISTORY"; field public static final java.lang.String READ_OEM_UNLOCK_STATE = "android.permission.READ_OEM_UNLOCK_STATE"; field public static final java.lang.String READ_PHONE_STATE = "android.permission.READ_PHONE_STATE"; field public static final java.lang.String READ_PHONE_STATE = "android.permission.READ_PHONE_STATE"; field public static final java.lang.String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE"; field public static final java.lang.String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE"; field public static final java.lang.String READ_SEARCH_INDEXABLES = "android.permission.READ_SEARCH_INDEXABLES"; field public static final java.lang.String READ_SEARCH_INDEXABLES = "android.permission.READ_SEARCH_INDEXABLES";
core/res/AndroidManifest.xml +5 −0 Original line number Original line Diff line number Diff line Loading @@ -1416,6 +1416,11 @@ <permission android:name="android.permission.DVB_DEVICE" <permission android:name="android.permission.DVB_DEVICE" android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged" /> <!-- @SystemApi Allows reading the OEM unlock state @hide <p>Not for use by third-party applications. --> <permission android:name="android.permission.READ_OEM_UNLOCK_STATE" android:protectionLevel="signature|privileged" /> <!-- @hide Allows enabling/disabling OEM unlock <!-- @hide Allows enabling/disabling OEM unlock <p>Not for use by third-party applications. --> <p>Not for use by third-party applications. --> <permission android:name="android.permission.OEM_UNLOCK_STATE" <permission android:name="android.permission.OEM_UNLOCK_STATE" Loading
services/core/java/com/android/server/PersistentDataBlockService.java +16 −6 Original line number Original line Diff line number Diff line Loading @@ -125,10 +125,20 @@ public class PersistentDataBlockService extends SystemService { SystemProperties.set(OEM_UNLOCK_PROP, enabled ? "1" : "0"); SystemProperties.set(OEM_UNLOCK_PROP, enabled ? "1" : "0"); } } private void enforceOemUnlockPermission() { private void enforceOemUnlockReadPermission() { if (mContext.checkCallingOrSelfPermission(Manifest.permission.READ_OEM_UNLOCK_STATE) == PackageManager.PERMISSION_DENIED && mContext.checkCallingOrSelfPermission(Manifest.permission.OEM_UNLOCK_STATE) == PackageManager.PERMISSION_DENIED) { throw new SecurityException("Can't access OEM unlock state. Requires " + "READ_OEM_UNLOCK_STATE or OEM_UNLOCK_STATE permission."); } } private void enforceOemUnlockWritePermission() { mContext.enforceCallingOrSelfPermission( mContext.enforceCallingOrSelfPermission( Manifest.permission.OEM_UNLOCK_STATE, Manifest.permission.OEM_UNLOCK_STATE, "Can't access OEM unlock state"); "Can't modify OEM unlock state"); } } private void enforceUid(int callingUid) { private void enforceUid(int callingUid) { Loading Loading @@ -425,7 +435,7 @@ public class PersistentDataBlockService extends SystemService { @Override @Override public void wipe() { public void wipe() { enforceOemUnlockPermission(); enforceOemUnlockWritePermission(); synchronized (mLock) { synchronized (mLock) { int ret = nativeWipe(mDataBlockFile); int ret = nativeWipe(mDataBlockFile); Loading @@ -442,7 +452,7 @@ public class PersistentDataBlockService extends SystemService { if (ActivityManager.isUserAMonkey()) { if (ActivityManager.isUserAMonkey()) { return; return; } } enforceOemUnlockPermission(); enforceOemUnlockWritePermission(); enforceIsAdmin(); enforceIsAdmin(); synchronized (mLock) { synchronized (mLock) { Loading @@ -453,13 +463,13 @@ public class PersistentDataBlockService extends SystemService { @Override @Override public boolean getOemUnlockEnabled() { public boolean getOemUnlockEnabled() { enforceOemUnlockPermission(); enforceOemUnlockReadPermission(); return doGetOemUnlockEnabled(); return doGetOemUnlockEnabled(); } } @Override @Override public int getFlashLockState() { public int getFlashLockState() { enforceOemUnlockPermission(); enforceOemUnlockReadPermission(); String locked = SystemProperties.get(FLASH_LOCK_PROP); String locked = SystemProperties.get(FLASH_LOCK_PROP); switch (locked) { switch (locked) { case FLASH_LOCK_LOCKED: case FLASH_LOCK_LOCKED: Loading
