-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathOemLock.h
More file actions
71 lines (57 loc) · 2.45 KB
/
Copy pathOemLock.h
File metadata and controls
71 lines (57 loc) · 2.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#pragma once
#include <aidl/android/hardware/oemlock/BnOemLock.h>
#include <aidl/android/hardware/oemlock/OemLockSecureStatus.h>
#include <tee_client_api.h>
namespace aidl {
namespace android {
namespace hardware {
namespace oemlock {
using ::aidl::android::hardware::oemlock::IOemLock;
using ::aidl::android::hardware::oemlock::OemLockSecureStatus;
class OemLock : public BnOemLock {
public:
OemLock();
virtual ~OemLock();
// Methods from ::aidl::android::hardware::oemlock::IOemLock follow.
::ndk::ScopedAStatus getName(std::string* out_name) override;
::ndk::ScopedAStatus isOemUnlockAllowedByCarrier(bool* out_allowed) override;
::ndk::ScopedAStatus isOemUnlockAllowedByDevice(bool* out_allowed) override;
::ndk::ScopedAStatus setOemUnlockAllowedByCarrier(bool in_allowed, const std::vector<uint8_t>& in_signature, OemLockSecureStatus* _aidl_return) override;
::ndk::ScopedAStatus setOemUnlockAllowedByDevice(bool in_allowed) override;
private:
// TA AVB UUID
static constexpr TEEC_UUID TA_AVB_UUID = {
0x023f8f1a, 0x292a, 0x432b,
{ 0x8f, 0xc4, 0xde, 0x84, 0x71, 0x35, 0x80, 0x67 }
};
static constexpr uint32_t TA_AVB_CMD_READ_LOCK_STATE = 2;
static constexpr uint32_t TA_AVB_CMD_WRITE_LOCK_STATE = 3;
static constexpr uint32_t TA_AVB_CMD_READ_PERSIST_VALUE = 4;
static constexpr uint32_t TA_AVB_CMD_WRITE_PERSIST_VALUE = 5;
// Persistent value keys
static constexpr const char* UNLOCK_ABILITY_KEY = "unlock_ability";
static constexpr const char* CRITICAL_LOCK_STATE_KEY = "critical_lock_state";
bool isCarrierUnlockAllowed();
bool isDeviceUnlockAllowed();
bool setCarrierUnlockAllowed(bool allowed);
bool setDeviceUnlockAllowed(bool allowed);
bool getDeviceLockState(bool* locked);
bool setDeviceLockState(bool locked);
// TA AVB communication
bool initTeeContext();
void cleanupTeeContext();
bool invokeAvbCommand(uint32_t cmd, uint32_t *lock_state, bool write = false);
bool readPersistValue(const char* key, uint32_t* value);
bool writePersistValue(const char* key, uint32_t value);
static const char* kCarrierUnlockProp;
static const char* kDeviceUnlockProp;
static const char* kUnlockAbilityProp;
bool mAllowedByCarrier;
bool mAllowedByDevice;
TEEC_Context mTeeContext;
bool mTeeInitialized;
};
} // namespace oemlock
} // namespace hardware
} // namespace android
} // namespace aidl