PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ignore OEM Unlocking when wiping PDB during factory reset on V+

Browse Source 
On Android V and newer, the PDB will no longer wipe itself on start,
even if OEM Unlocking is enabled, so trusted factory resets must
wipe it.

Bug: 336362291
Flag: EXEMPT bugfix
Test: atest & manual testing
Change-Id: I67cc0fc3e7470c5ddddd03d23942706345361f8f
This commit is contained in:
Vlad Marica
2024-05-22 22:50:06 +00:00
parent f440ce5975
commit 31938e13d8
2 changed files with 42 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/com/android/settings/MainClearConfirm.java
View File

@@ -151,15 +151,20 @@ public class MainClearConfirm extends InstrumentedFragment {
if (pdbManager == null) {
return false;
}
// The persistent data block will persist if the device is still being provisioned.
if (isDeviceStillBeingProvisioned()) {
return false;
}
// If OEM unlock is allowed, the persistent data block will be wiped during FR
// process. If disabled, it will be wiped here instead.
if (isOemUnlockedAllowed()) {
// If OEM unlock is allowed, the persistent data block will be wiped during the FR
// process on devices without FRP Hardening. If disabled, it will be wiped here instead.
// On devices with FRP Hardening, the persistent data block should always be wiped,
// regardless of the OEM Unlocking state.
if (!android.security.Flags.frpEnforcement() && isOemUnlockedAllowed()) {
return false;
}
final DevicePolicyManager dpm = (DevicePolicyManager) getActivity()
.getSystemService(Context.DEVICE_POLICY_SERVICE);
// Do not erase the factory reset protection data (from Settings) if factory reset
@@ -167,6 +172,7 @@ public class MainClearConfirm extends InstrumentedFragment {
if (!dpm.isFactoryResetProtectionPolicySupported()) {
return false;
}
// Do not erase the factory reset protection data (from Settings) if the
// device is an organization-owned managed profile device and a factory
// reset protection policy has been set.
@@ -175,6 +181,7 @@ public class MainClearConfirm extends InstrumentedFragment {
&& frpPolicy.isNotEmpty()) {
return false;
}
return true;
}