Do not toggle OEM unlock if bootloader unlocked
Bug: 30681215
Change-Id: Ia0fd55dd7b6b731d6f5733fc733621e99bd7b153
diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java
index 1dae0f8..03d3cf2 100644
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java
@@ -614,7 +614,8 @@
/**
* Specifies if a user is not allowed to enable the oem unlock setting. The default value is
- * <code>false</code>.
+ * <code>false</code>. Setting this restriction has no effect if the bootloader is already
+ * unlocked.
*
* @see DevicePolicyManager#addUserRestriction(ComponentName, String)
* @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
diff --git a/core/java/android/service/persistentdata/PersistentDataBlockManager.java b/core/java/android/service/persistentdata/PersistentDataBlockManager.java
index cfeed51..0f92ed0 100644
--- a/core/java/android/service/persistentdata/PersistentDataBlockManager.java
+++ b/core/java/android/service/persistentdata/PersistentDataBlockManager.java
@@ -163,10 +163,9 @@
/**
* Retrieves available information about this device's flash lock state.
*
- * @return FLASH_LOCK_STATE_LOCKED if device bootloader is locked,
- * FLASH_LOCK_STATE_UNLOCKED if device bootloader is unlocked,
- * or FLASH_LOCK_STATE unknown if this information cannot be ascertained
- * on this device.
+ * @return {@link #FLASH_LOCK_LOCKED} if device bootloader is locked,
+ * {@link #FLASH_LOCK_UNLOCKED} if device bootloader is unlocked, or {@link #FLASH_LOCK_UNKNOWN}
+ * if this information cannot be ascertained on this device.
*/
@FlashLockState
public int getFlashLockState() {
diff --git a/services/core/java/com/android/server/pm/UserRestrictionsUtils.java b/services/core/java/com/android/server/pm/UserRestrictionsUtils.java
index 772c64e..3df13a9 100644
--- a/services/core/java/com/android/server/pm/UserRestrictionsUtils.java
+++ b/services/core/java/com/android/server/pm/UserRestrictionsUtils.java
@@ -26,11 +26,9 @@
import android.app.ActivityManagerNative;
import android.content.ContentResolver;
import android.content.Context;
-import android.net.Uri;
import android.os.Binder;
import android.os.Bundle;
import android.os.RemoteException;
-import android.os.SystemProperties;
import android.os.UserHandle;
import android.os.UserManager;
import android.service.persistentdata.PersistentDataBlockManager;
@@ -188,8 +186,7 @@
serializer.endTag(null, tag);
}
- public static void readRestrictions(XmlPullParser parser, Bundle restrictions)
- throws IOException {
+ public static void readRestrictions(XmlPullParser parser, Bundle restrictions) {
for (String key : USER_RESTRICTIONS) {
final String value = parser.getAttributeValue(null, key);
if (value != null) {
@@ -437,7 +434,13 @@
if (newValue) {
PersistentDataBlockManager manager = (PersistentDataBlockManager) context
.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
- if (manager != null && manager.getOemUnlockEnabled()) {
+ if (manager != null
+ && manager.getOemUnlockEnabled()
+ && manager.getFlashLockState()
+ != PersistentDataBlockManager.FLASH_LOCK_UNLOCKED) {
+ // Only disable OEM unlock if the bootloader is locked. If it's already
+ // unlocked, setting the OEM unlock enabled flag to false has no effect
+ // (the bootloader would remain unlocked).
manager.setOemUnlockEnabled(false);
}
}