| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
Test: manual
Bug: 30352311
CVE-2017-0498
Change-Id: I1024f2a56badde5c123d025d6fe02f42559cbcb1
(cherry picked from commit f6f1d627483b4dad9d65176769a1ee92c59a4810)
(cherry picked from commit 71d2a41dd9c8be8c4bca5eba339802e1e0c2be3c)
(cherry picked from commit 5f621b5b1549e8379aee05807652d5111382ccc6)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid potential race condition between FRP wipe and write operations
during factory reset by making the FRP partition unwritable after
wipe.
Bug: 30352311
Test: manual
CVE-2017-0498
Change-Id: If3f024a1611366c0677a996705724458094fcfad
(cherry picked from commit a629c772f4a7a5ddf7ff9f78fb19f7ab86c2a9c2)
(cherry picked from commit a9437bd1caeeb38780d920a81bde8cc7ca280fe0)
(cherry picked from commit 1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b)
|
|
|
|
|
|
|
|
|
| |
- Remove ManagedProvisioning NFC parameter key from
DevicePolicyManager
- Remove wipeIfAllowed from PersistentDataBlockManager
Bug: 21558883
Change-Id: I59354b7bb1ef7e0b0346ff9a7d1654780231dff0
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add method to allow authorized data block wipe in support of factory
reset protection. This will allow ManagedProvisioning to respond to
and pass factory reset protection challenges during automated device
setup.
- Adds the wipeIfAllowed method to clear the data block
- Creates a protected-broadcast to send to allowed package
Bug: 19792435
Change-Id: I897f2ea2afb1222a1fc8ac49290ee45ea4d3f2d7
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| | |
This state is never trusted, but it permits us to build
more appropriately message the user if their device is in
a state where its OK to reset.
Change-Id: I26cc0f928d7fdeff8837e4c2c4b8859fede7846d
|
|/
|
|
|
|
|
|
|
| |
OEM unlock enabled bit is not computed in the checksum,
causing OEM Unlocking to be disabled after the second
reboot.
Bug: 19829441
Change-Id: I100bf5d3958b89323ee35b9e97b19c162209fcd7
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not all devices invoke recovery on every userdata wipe,
so we can't rely on code in the
recovery OS to do this. This results in fastboot -w
not properly wiping the FRP partition. This patch
fixes the issue by having the framework level service
check the OEM unlock enabled bit, and wiping the partition
if it is set.
Bug: 18644051
Change-Id: Id97a29916fe39561700912a920c5741109842bdb
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allows ManagedProvisioning to determine whether there's a
challenge and thus whether to disable NFC provisioning.
Other implementation option: new hidden boolean API method.
Can't think of benefit of new API method "isBlockInUse", other
than doesn't leak PDB size and is more explicitly tied to the
use case. Open to either impl if anyone has opinions on the matter.
Bug: 18508767
Change-Id: I28d2eb5a0837ff85cb91f140b17ce1dd843fe9d6
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It will be hard to mandate the contents
of the FRP partition out of factory. Further, for upgrading
units, it would require that OEMs format the partition and then store
a bit saying that they've done so. This adds another attack vector.
Now defeating FRP means either compromising the FRP partition
OR wherever the OEMs decide to store that bit.
This patch adds a checksum to the FRP partition. If the checksum
is not valid, the partition is wiped - disabling OEM unlock.
This ensures that no matter what data comes on the partition, we will
always disable OEM unlock by default. It also allows OEMs to not have to
worry about initializing the partition, as it happens automatically.
Bug: 18322021
Change-Id: Ib30782baa771591c30ea95054d3b83f36fc08cc2
|
|
|
|
|
| |
Bug:18191568
Change-Id: Ie09823945af04accead99216580efc958bf6aefe
|
|
|
|
| |
Bug: 11435021
Change-Id: I3a6865bc6c9fde245d8f4af3230716eac4a3f1b1
|
|
|
|
|
| |
Bug: 16795591
Change-Id: Id5e5dc5c26408752fe85f6f6fc2c67d9408b6a2a
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of the requirements is that when the user does a
factory reset through settings, all data on the
persistent partition should be cleared.
This adds one last API method that allows settings
to wipe the partition.
Bug: 14288780
Change-Id: Ib87ee741d1e5195814516ae1d66eb7c4cf754dcf
|
|
Permits apps with permission
android.permission.ACCESS_PERSISTENT_PARTITION to obtain
a read and write data blocks to the PST partition.
Only one block ever exists at one time in PST. When
a client writes another block, the previous one is
overwritten.
This permits storing a block of data that will live
across factory resets.
Change-Id: I8f23df3531f3c0512118eb4b7530eff8a8e81c83
|