Allow any device with a device_owner to execute setDeviceOwnerSystemPropertyLocked().
am: 735b4dc0af
Change-Id: I5c8ca6d0a63af83cde91c17d10a634469c726442
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 7719d5a..9629cf3 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -1780,11 +1780,14 @@
}
private void setDeviceOwnerSystemPropertyLocked() {
- // Device owner may still be provisioned, do not set the read-only system property yet.
- // Wear devices don't set device_provisioned until the device is paired, so allow
- // device_owner property to be set without that.
- if (!mIsWatch
- && mInjector.settingsGlobalGetInt(Settings.Global.DEVICE_PROVISIONED, 0) == 0) {
+ final boolean deviceProvisioned =
+ mInjector.settingsGlobalGetInt(Settings.Global.DEVICE_PROVISIONED, 0) != 0;
+ // If the device is not provisioned and there is currently no device owner, do not set the
+ // read-only system property yet, since Device owner may still be provisioned. For Wear
+ // devices, if there is already a device owner then it's OK to set the property to true now,
+ // regardless the provision state.
+ final boolean isWatchWithDeviceOwner = mIsWatch && mOwners.hasDeviceOwner();
+ if (!isWatchWithDeviceOwner && !deviceProvisioned) {
return;
}
// Still at the first stage of CryptKeeper double bounce, mOwners.hasDeviceOwner is