Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 7b0f8f08ac7b3ed5cf462b92283713b033d6a64a^! / . / services / java / com / android / server / DevicePolicyManagerService.java
commit7b0f8f08ac7b3ed5cf462b92283713b033d6a64a[log] [tgz]
authorAndy Stadler <stadler@google.com>Wed Jan 12 14:59:52 2011 -0800
committerAndy Stadler <stadler@google.com>Wed Jan 12 21:11:32 2011 -0800
treefa636796f48c9fe7fb3406fceace9e08633727c8
parent7cc5e1d5488c9e0a3f898a62b626ffb3ae074440 [diff] [blame]
API changes to support encryption in DPM

* New uses-policies value
* Definitions for storage domain and encryption status
* API to get and set encryption status
* Intent to launch encryption changes
* Both new calls bottom out in the DPM service and are suitable for
  a device that does not support encryption.

NOTE: Nobody should use ACTION_START_ENCRYPTION yet.  It needs a receiver
  to be built in Settings (different CL).

Change-Id: I2ae193bedbec59f6ba46c0ec7de12ecf321e5803

diff --git a/services/java/com/android/server/DevicePolicyManagerService.java b/services/java/com/android/server/DevicePolicyManagerService.java
index 470af67..c0ce256 100644
--- a/services/java/com/android/server/DevicePolicyManagerService.java
+++ b/services/java/com/android/server/DevicePolicyManagerService.java

@@ -1822,6 +1822,41 @@
                 exclusionList);
     }
 
+    /**
+     * Set the storage encryption request.
+     */
+    public int setStorageEncryption(ComponentName who, boolean encrypt) {
+        synchronized (this) {
+            // Check for permissions
+            if (who == null) {
+                throw new NullPointerException("ComponentName is null");
+            }
+            ActiveAdmin ap = getActiveAdminForCallerLocked(who,
+                    DeviceAdminInfo.USES_ENCRYPTED_STORAGE);
+
+            // TODO: (1) Record the value for the admin so it's sticky
+            // TODO: (2) Compute "max" for all admins (if any admin requests encryption, then
+            //           we enable it.
+            // TODO: (3) Work with filesystem / mount service to start/stop encryption
+            return DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;
+        }
+    }
+
+    /**
+     * Get the current storage encryption status for a given storage domain.
+     */
+    public int getStorageEncryption(ComponentName who) {
+        synchronized (this) {
+            // Check for permissions if a particular caller is specified
+            if (who != null) {
+                getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_ENCRYPTED_STORAGE);
+            }
+
+            // TODO: Work with filesystem / mount service to query encryption status
+            return DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;
+        }
+    }
+
     @Override
     protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
         if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)