Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7a5cbfc6 authored Feb 17, 2020 by Rubin Xu

Rename ro.device_owner system property

This is renamed to ro.organization_owned to cover the extended
usage now that there is a new management mode for fully-managed
organization owned devices: organization-owned managed profile.
A device is considered fully-managed if there is a device owner
or an organization-owned managed profile.

Test: atest liblog-unit-tests
Test: atest propertyinfoserializer_tests
Bug: 148437300
Change-Id: Iaa8ea246c973732526abc1da5b307af8bce1a0af

parent 529605bc

liblog/properties.cpp

+1 −1

Original line number	Diff line number	Diff line
		@@ -405,7 +405,7 @@ int __android_log_security() {
		static struct cache2_char security = {
		PTHREAD_MUTEX_INITIALIZER, 0,
		"persist.logd.security", {{NULL, 0xFFFFFFFF}, BOOLEAN_FALSE},
		"ro.device_owner", {{NULL, 0xFFFFFFFF}, BOOLEAN_FALSE},
		"ro.organization_owned", {{NULL, 0xFFFFFFFF}, BOOLEAN_FALSE},
		evaluate_security};

		return do_cache2_char(&security);

liblog/tests/liblog_test.cpp

+2 −2

Original line number	Diff line number	Diff line
		@@ -1637,7 +1637,7 @@ TEST(liblog, enoent) {
		TEST(liblog, __security) {
		#ifdef __ANDROID__
		static const char persist_key[] = "persist.logd.security";
		static const char readonly_key[] = "ro.device_owner";
		static const char readonly_key[] = "ro.organization_owned";
		// A silly default value that can never be in readonly_key so
		// that it can be determined the property is not set.
		static const char nothing_val[] = "_NOTHING_TO_SEE_HERE_";
		@@ -1657,7 +1657,7 @@ TEST(liblog, __security) {
		if (!strcmp(readonly, nothing_val)) {
		// Lets check if we can set the value (we should not be allowed to do so)
		EXPECT_FALSE(__android_log_security());
		fprintf(stderr, "WARNING: setting ro.device_owner to a domain\n");
		fprintf(stderr, "WARNING: setting ro.organization_owned to a domain\n");
		static const char domain[] = "com.google.android.SecOps.DeviceOwner";
		EXPECT_NE(0, property_set(readonly_key, domain));
		useconds_t total_time = 0;

logd/README.property

+1 −1

Original line number	Diff line number	Diff line
		@@ -6,7 +6,7 @@ ro.logd.auditd.dmesg bool true selinux audit messages sent to dmesg.
		ro.logd.auditd.main bool true selinux audit messages sent to main.
		ro.logd.auditd.events bool true selinux audit messages sent to events.
		persist.logd.security bool false Enable security buffer.
		ro.device_owner bool false Override persist.logd.security to false
		ro.organization_owned bool false Override persist.logd.security to false
		ro.logd.kernel bool+ svelte+ Enable klogd daemon
		ro.logd.statistics bool+ svelte+ Enable logcat -S statistics.
		ro.debuggable number if not "1", logd.statistics &

property_service/libpropertyinfoserializer/property_info_serializer_test.cpp

+2 −2

Original line number	Diff line number	Diff line
		@@ -317,7 +317,7 @@ TEST(propertyinfoserializer, RealProperties) {
		{"ro.boot.bootreason", "u:object_r:bootloader_boot_reason_prop:s0", "string", false},
		{"persist.sys.boot.reason", "u:object_r:last_boot_reason_prop:s0", "string", false},
		{"sys.boot.reason", "u:object_r:system_boot_reason_prop:s0", "string", false},
		{"ro.device_owner", "u:object_r:device_logging_prop:s0", "string", false},
		{"ro.organization_owned", "u:object_r:device_logging_prop:s0", "string", false},

		{"selinux.restorecon_recursive", "u:object_r:restorecon_prop:s0", "string", false},

		@@ -669,7 +669,7 @@ TEST(propertyinfoserializer, RealProperties) {
		{"ro.crypto.type", "u:object_r:vold_prop:s0"},
		{"ro.dalvik.vm.native.bridge", "u:object_r:dalvik_prop:s0"},
		{"ro.debuggable", "u:object_r:default_prop:s0"},
		{"ro.device_owner", "u:object_r:device_logging_prop:s0"},
		{"ro.organization_owned", "u:object_r:device_logging_prop:s0"},
		{"ro.expect.recovery_id", "u:object_r:default_prop:s0"},
		{"ro.frp.pst", "u:object_r:default_prop:s0"},
		{"ro.hardware", "u:object_r:default_prop:s0"},