Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e981394e authored by Oliver Scott's avatar Oliver Scott Committed by Nishith Khanna
Browse files

SetupWizard: Turn off OEM unlocking during initial setup if bootloader is locked 

* Some /e/ OS devices is meant to be used with a locked bootloader, and
  OEM unlocking set to off.
* Does what Settings -> Developer Options -> OEM unlocking off does but silently,
  wihout having to enable Developer Options.
* If you've locked the bootloader, and the device has booted into SetupWizard,
  it should be safe to run this since at that point you can most definitely
  get into Settings and run this yourself as well, and we do have the same
  kinds of checks here.
* Additionally grant missing permissions which was missing in CalyxOS.

Change-Id: I739d0808fc5c66656128f755451441de96764a90
parent c4e133cd

AndroidManifest.xml

+1 −0
Original line number Diff line number Diff line
@@ -25,6 +25,7 @@ 
    <uses-permission android:name="android.permission.MANAGE_ACCOUNTS" />

    <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS" />

    <uses-permission android:name="android.permission.MANAGE_USERS" />

    <uses-permission android:name="android.permission.MANAGE_USER_OEM_UNLOCK_STATE" />

    <uses-permission android:name="android.permission.CHANGE_COMPONENT_ENABLED_STATE" />

    <uses-permission android:name="android.permission.EXPAND_STATUS_BAR" />

    <uses-permission android:name="lineageos.permission.HARDWARE_ABSTRACTION_ACCESS" />

privapp_whitelist_org.lineageos.setupwizard.xml

+1 −0
Original line number Diff line number Diff line
@@ -11,6 +11,7 @@ 
        <permission name="android.permission.GET_ACCOUNTS_PRIVILEGED" />

        <permission name="android.permission.INTERACT_ACROSS_USERS" />

        <permission name="android.permission.MANAGE_USERS" />

        <permission name="android.permission.MANAGE_USER_OEM_UNLOCK_STATE" />

        <permission name="android.permission.READ_PRIVILEGED_PHONE_STATE" />

        <permission name="android.permission.SET_TIME" />

        <permission name="android.permission.SET_TIME_ZONE" />

src/org/lineageos/setupwizard/SetupWizardApp.java

+8 −0
Original line number Diff line number Diff line 
/*

 * SPDX-FileCopyrightText: 2013 The CyanogenMod Project

 * SPDX-FileCopyrightText: 2017-2024 The LineageOS Project

 * SPDX-FileCopyrightText: 2022 The Calyx Institute

 * SPDX-License-Identifier: Apache-2.0

 */
@@ -12,6 +13,7 @@ import android.os.Bundle; 
import android.os.Handler;

import android.os.Looper;

import android.provider.Settings;

import android.service.oemlock.OemLockManager;

import android.util.Log;



import org.lineageos.setupwizard.util.SetupWizardUtils;
@@ -66,6 +68,12 @@ public class SetupWizardApp extends Application { 
        }

        sStatusBarManager = SetupWizardUtils.disableStatusBar(this);

        mHandler.postDelayed(mRadioTimeoutRunnable, SetupWizardApp.RADIO_READY_TIMEOUT);

        // If the bootloader is locked, and OEM unlocking is allowed, turn it off

        if (SetupWizardUtils.isOwner()

                && !SetupWizardUtils.isBootloaderUnlocked(this)

                && SetupWizardUtils.isOemunlockAllowed(this)) {

            getSystemService(OemLockManager.class).setOemUnlockAllowedByUser(false);

        }

        if (SetupWizardUtils.hasGMS(this)) {

            SetupWizardUtils.disableHome(this);

            if (SetupWizardUtils.isOwner()) {

src/org/lineageos/setupwizard/util/SetupWizardUtils.java

+18 −0
Original line number Diff line number Diff line 
/*

 * SPDX-FileCopyrightText: 2013 The CyanogenMod Project

 * SPDX-FileCopyrightText: 2017-2024 The LineageOS Project

 * SPDX-FileCopyrightText: 2022 The Calyx Institute

 * SPDX-License-Identifier: Apache-2.0

 */
@@ -46,6 +47,7 @@ import android.os.UserManager; 
import android.provider.Settings;

import android.sysprop.TelephonyProperties;

import android.telephony.SubscriptionInfo;

import android.service.oemlock.OemLockManager;

import android.telephony.SubscriptionManager;

import android.telephony.TelephonyManager;

import android.util.Log;
@@ -231,6 +233,22 @@ public class SetupWizardUtils { 
        };

    }



    public static boolean isBootloaderUnlocked(Context context) {

        OemLockManager oemLockManager = context.getSystemService(OemLockManager.class);

        if (oemLockManager != null) {

            return oemLockManager.isDeviceOemUnlocked();

        }

        return true; // Default to unlocked

    }



    public static boolean isOemunlockAllowed(Context context) {

        OemLockManager oemLockManager = context.getSystemService(OemLockManager.class);

        if (oemLockManager != null) {

            return oemLockManager.isOemUnlockAllowed();

        }

        return true; // Default to unlock allowed

    }



    /**

     * Disable the Home component, which is presumably SetupWizardActivity at this time.

     */