1*4d7e907cSAndroid Build Coastguard Worker/* 2*4d7e907cSAndroid Build Coastguard Worker * Copyright (C) 2017 The Android Open Source Project 3*4d7e907cSAndroid Build Coastguard Worker * 4*4d7e907cSAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License"); 5*4d7e907cSAndroid Build Coastguard Worker * you may not use this file except in compliance with the License. 6*4d7e907cSAndroid Build Coastguard Worker * You may obtain a copy of the License at 7*4d7e907cSAndroid Build Coastguard Worker * 8*4d7e907cSAndroid Build Coastguard Worker * http://www.apache.org/licenses/LICENSE-2.0 9*4d7e907cSAndroid Build Coastguard Worker * 10*4d7e907cSAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software 11*4d7e907cSAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS, 12*4d7e907cSAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*4d7e907cSAndroid Build Coastguard Worker * See the License for the specific language governing permissions and 14*4d7e907cSAndroid Build Coastguard Worker * limitations under the License. 15*4d7e907cSAndroid Build Coastguard Worker */ 16*4d7e907cSAndroid Build Coastguard Workerpackage [email protected]; 17*4d7e907cSAndroid Build Coastguard Worker 18*4d7e907cSAndroid Build Coastguard Worker/* 19*4d7e907cSAndroid Build Coastguard Worker * The OEM lock prevents the bootloader from allowing the device to be flashed. 20*4d7e907cSAndroid Build Coastguard Worker * 21*4d7e907cSAndroid Build Coastguard Worker * Both the carrier and the device itself have a say as to whether OEM unlock is 22*4d7e907cSAndroid Build Coastguard Worker * allowed and both must agree that is allowed in order for unlock to be 23*4d7e907cSAndroid Build Coastguard Worker * possible. 24*4d7e907cSAndroid Build Coastguard Worker */ 25*4d7e907cSAndroid Build Coastguard Workerinterface IOemLock { 26*4d7e907cSAndroid Build Coastguard Worker /** 27*4d7e907cSAndroid Build Coastguard Worker * Returns a vendor specific identifier of the HAL. 28*4d7e907cSAndroid Build Coastguard Worker * 29*4d7e907cSAndroid Build Coastguard Worker * The name returned must not be interpreted by the framework but must be 30*4d7e907cSAndroid Build Coastguard Worker * passed to vendor code which may use it to identify the security protocol 31*4d7e907cSAndroid Build Coastguard Worker * used by setOemUnlockAllowedByCarrier. This allows the vendor to identify 32*4d7e907cSAndroid Build Coastguard Worker * the protocol without having to maintain a device-to-protocol mapping. 33*4d7e907cSAndroid Build Coastguard Worker * 34*4d7e907cSAndroid Build Coastguard Worker * @return name of the implementation. 35*4d7e907cSAndroid Build Coastguard Worker */ 36*4d7e907cSAndroid Build Coastguard Worker getName() generates (OemLockStatus status, string name); 37*4d7e907cSAndroid Build Coastguard Worker 38*4d7e907cSAndroid Build Coastguard Worker /** 39*4d7e907cSAndroid Build Coastguard Worker * Updates whether OEM unlock is allowed by the carrier. 40*4d7e907cSAndroid Build Coastguard Worker * 41*4d7e907cSAndroid Build Coastguard Worker * The implementation may require a vendor defined signature to prove the 42*4d7e907cSAndroid Build Coastguard Worker * validity of this request in order to harden its security. 43*4d7e907cSAndroid Build Coastguard Worker * 44*4d7e907cSAndroid Build Coastguard Worker * @param allowed is the new value of the flag. 45*4d7e907cSAndroid Build Coastguard Worker * @param signature to prove validity of this request or empty if not 46*4d7e907cSAndroid Build Coastguard Worker * required. 47*4d7e907cSAndroid Build Coastguard Worker * @return status is OK if the flag was successfully updated, 48*4d7e907cSAndroid Build Coastguard Worker * INVALID_SIGNATURE if a signature is required but the wrong one 49*4d7e907cSAndroid Build Coastguard Worker * was provided or FAILED if the update was otherwise unsuccessful. 50*4d7e907cSAndroid Build Coastguard Worker */ 51*4d7e907cSAndroid Build Coastguard Worker setOemUnlockAllowedByCarrier(bool allowed, vec<uint8_t> signature) 52*4d7e907cSAndroid Build Coastguard Worker generates (OemLockSecureStatus status); 53*4d7e907cSAndroid Build Coastguard Worker 54*4d7e907cSAndroid Build Coastguard Worker /** 55*4d7e907cSAndroid Build Coastguard Worker * Returns whether OEM unlock is allowed by the carrier. 56*4d7e907cSAndroid Build Coastguard Worker * 57*4d7e907cSAndroid Build Coastguard Worker * @return status is OK if the flag was successfully read. 58*4d7e907cSAndroid Build Coastguard Worker * @return allowed is the current state of the flag. 59*4d7e907cSAndroid Build Coastguard Worker */ 60*4d7e907cSAndroid Build Coastguard Worker isOemUnlockAllowedByCarrier() generates (OemLockStatus status, bool allowed); 61*4d7e907cSAndroid Build Coastguard Worker 62*4d7e907cSAndroid Build Coastguard Worker /** 63*4d7e907cSAndroid Build Coastguard Worker * Updates whether OEM unlock is allowed by the device. 64*4d7e907cSAndroid Build Coastguard Worker * 65*4d7e907cSAndroid Build Coastguard Worker * @param allowed is the new value of the flag. 66*4d7e907cSAndroid Build Coastguard Worker * @return status is OK if the flag was successfully updated. 67*4d7e907cSAndroid Build Coastguard Worker */ 68*4d7e907cSAndroid Build Coastguard Worker setOemUnlockAllowedByDevice(bool allowed) generates (OemLockStatus status); 69*4d7e907cSAndroid Build Coastguard Worker 70*4d7e907cSAndroid Build Coastguard Worker /** 71*4d7e907cSAndroid Build Coastguard Worker * Returns whether OEM unlock ia allowed by the device. 72*4d7e907cSAndroid Build Coastguard Worker * 73*4d7e907cSAndroid Build Coastguard Worker * @return status is OK if the flag was successfully read. 74*4d7e907cSAndroid Build Coastguard Worker * @return allowed is the current state of the flag. 75*4d7e907cSAndroid Build Coastguard Worker */ 76*4d7e907cSAndroid Build Coastguard Worker isOemUnlockAllowedByDevice() generates (OemLockStatus status, bool allowed); 77*4d7e907cSAndroid Build Coastguard Worker}; 78