78 lines
3 KiB
Text
78 lines
3 KiB
Text
|
/*
|
||
|
|
* Copyright (C) 2017 The Android Open Source Project
|
||
|
|
*
|
||
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
|
* you may not use this file except in compliance with the License.
|
||
|
|
* You may obtain a copy of the License at
|
||
|
|
*
|
||
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||
|
|
*
|
||
|
|
* Unless required by applicable law or agreed to in writing, software
|
||
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
|
* See the License for the specific language governing permissions and
|
||
|
|
* limitations under the License.
|
||
|
|
*/
|
||
|
|
package android.hardware.oemlock@1.0;
|
||
|
|
|
||
|
|
/*
|
||
|
|
* The OEM lock prevents the bootloader from allowing the device to be flashed.
|
||
|
|
*
|
||
|
|
* Both the carrier and the device itself have a say as to whether OEM unlock is
|
||
|
|
* allowed and both must agree that is allowed in order for unlock to be
|
||
|
|
* possible.
|
||
|
|
*/
|
||
|
|
interface IOemLock {
|
||
|
|
/**
|
||
|
|
* Returns a vendor specific identifier of the HAL.
|
||
|
|
*
|
||
|
|
* The name returned must not be interpreted by the framework but must be
|
||
|
|
* passed to vendor code which may use it to identify the security protocol
|
||
|
|
* used by setOemUnlockAllowedByCarrier. This allows the vendor to identify
|
||
|
|
* the protocol without having to maintain a device-to-protocol mapping.
|
||
|
|
*
|
||
|
|
* @return name of the implementation.
|
||
|
|
*/
|
||
|
|
getName() generates (OemLockStatus status, string name);
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Updates whether OEM unlock is allowed by the carrier.
|
||
|
|
*
|
||
|
|
* The implementation may require a vendor defined signature to prove the
|
||
|
|
* validity of this request in order to harden its security.
|
||
|
|
*
|
||
|
|
* @param allowed is the new value of the flag.
|
||
|
|
* @param signature to prove validity of this request or empty if not
|
||
|
|
* required.
|
||
|
|
* @return status is OK if the flag was successfully updated,
|
||
|
|
* INVALID_SIGNATURE if a signature is required but the wrong one
|
||
|
|
* was provided or FAILED if the update was otherwise unsuccessful.
|
||
|
|
*/
|
||
|
|
setOemUnlockAllowedByCarrier(bool allowed, vec<uint8_t> signature)
|
||
|
|
generates (OemLockSecureStatus status);
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Returns whether OEM unlock is allowed by the carrier.
|
||
|
|
*
|
||
|
|
* @return status is OK if the flag was successfully read.
|
||
|
|
* @return allowed is the current state of the flag.
|
||
|
|
*/
|
||
|
|
isOemUnlockAllowedByCarrier() generates (OemLockStatus status, bool allowed);
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Updates whether OEM unlock is allowed by the device.
|
||
|
|
*
|
||
|
|
* @param allowed is the new value of the flag.
|
||
|
|
* @return status is OK if the flag was successfully updated.
|
||
|
|
*/
|
||
|
|
setOemUnlockAllowedByDevice(bool allowed) generates (OemLockStatus status);
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Returns whether OEM unlock ia allowed by the device.
|
||
|
|
*
|
||
|
|
* @return status is OK if the flag was successfully read.
|
||
|
|
* @return allowed is the current state of the flag.
|
||
|
|
*/
|
||
|
|
isOemUnlockAllowedByDevice() generates (OemLockStatus status, bool allowed);
|
||
|
|
};
|