1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.service.persistentdata;
18 
19 import android.os.ParcelFileDescriptor;
20 
21 /**
22  * Internal interface through which to communicate to the
23  * PersistentDataBlockService. The persistent data block allows writing
24  * raw data and setting the OEM unlock enabled/disabled bit contained
25  * in the partition.
26  *
27  * @hide
28  */
29 interface IPersistentDataBlockService {
write(in byte[] data)30     int write(in byte[] data);
read()31     byte[] read();
wipe()32     void wipe();
getDataBlockSize()33     int getDataBlockSize();
getMaximumDataBlockSize()34     long getMaximumDataBlockSize();
35 
setOemUnlockEnabled(boolean enabled)36     void setOemUnlockEnabled(boolean enabled);
getOemUnlockEnabled()37     boolean getOemUnlockEnabled();
getFlashLockState()38     int getFlashLockState();
hasFrpCredentialHandle()39     boolean hasFrpCredentialHandle();
getPersistentDataPackageName()40     String getPersistentDataPackageName();
41 
42     /**
43      * Returns true if Factory Reset Protection (FRP) is active, meaning the device rebooted and has
44      * not been able to transition to the FRP inactive state.
45      */
isFactoryResetProtectionActive()46     boolean isFactoryResetProtectionActive();
47 
48     /**
49      * Attempts to deactivate Factory Reset Protection (FRP) with the provided secret.  If the
50      * provided secret matches the stored FRP secret, FRP is deactivated and the method returns
51      * true.  Otherwise, FRP state remains unchanged and the method returns false.
52      */
deactivateFactoryResetProtection(in byte[] secret)53     boolean deactivateFactoryResetProtection(in byte[] secret);
54 
55     /**
56      * Stores the provided Factory Reset Protection (FRP) secret as the secret to be used for future
57      * FRP deactivation.  The secret must be 32 bytes in length.  Setting the all-zeros "default"
58      * value disables the FRP feature entirely.
59      *
60      * It's the responsibility of the caller to ensure that copies of the FRP secret are stored
61      * securely where they can be recovered and used to deactivate FRP after an untrusted reset.
62      * This method will store a copy in /data/system and use that to automatically deactivate FRP
63      * until /data is wiped.
64      *
65      * Note that this method does nothing if FRP is currently active.
66      *
67      * Returns true if the secret was successfully changed, false otherwise.
68      */
setFactoryResetProtectionSecret(in byte[] secret)69     boolean setFactoryResetProtectionSecret(in byte[] secret);
70 }
71