diff options
4 files changed, 19 insertions, 6 deletions
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index b0e86f41a7e8..451acf31447c 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -6150,23 +6150,28 @@ public class DevicePolicyManager { /** * Called by device owners to retrieve device logs from before the device's last reboot. * <p> - * <strong> The device logs are retrieved from a RAM region which is not guaranteed to be - * corruption-free during power cycles, due to hardware variations and limitations. As a result, - * this API is provided as best-effort and the returned logs may be empty or contain corrupted - * data. </strong> + * <strong> This API is not supported on all devices. Calling this API on unsupported devices + * will result in {@code null} being returned. The device logs are retrieved from a RAM region + * which is not guaranteed to be corruption-free during power cycles, as a result be cautious + * about data corruption when parsing. </strong> * <p> * There must be only one user on the device, managed by the device owner. Otherwise a * {@link SecurityException} will be thrown. * * @param admin Which device owner this request is associated with. - * @return Device logs from before the latest reboot of the system. + * @return Device logs from before the latest reboot of the system, or {@code null} if this API + * is not supported on the device. * @throws SecurityException if {@code admin} is not a device owner. */ public List<SecurityEvent> retrievePreRebootSecurityLogs(@NonNull ComponentName admin) { throwIfParentInstance("retrievePreRebootSecurityLogs"); try { ParceledListSlice<SecurityEvent> list = mService.retrievePreRebootSecurityLogs(admin); - return list.getList(); + if (list != null) { + return list.getList(); + } else { + return null; + } } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml index e73fa9a81cc0..2a83d888bde5 100644 --- a/core/res/res/values/config.xml +++ b/core/res/res/values/config.xml @@ -2474,4 +2474,6 @@ remote provider --> <string name="config_tvRemoteServicePackage" translatable="false"></string> + <!-- True if the device supports persisting security logs across reboots. --> + <bool name="config_supportPreRebootSecurityLogs">false</bool> </resources> diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml index 14c17f37e35a..c64a93485b07 100644 --- a/core/res/res/values/symbols.xml +++ b/core/res/res/values/symbols.xml @@ -2586,4 +2586,6 @@ <!-- TV Remote Service package --> <java-symbol type="string" name="config_tvRemoteServicePackage" /> + + <java-symbol type="bool" name="config_supportPreRebootSecurityLogs" /> </resources> diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 764ac0590134..d0128b743767 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -8871,6 +8871,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { Preconditions.checkNotNull(admin); ensureDeviceOwnerManagingSingleUser(admin); + if (!mContext.getResources().getBoolean(R.bool.config_supportPreRebootSecurityLogs)) { + return null; + } + ArrayList<SecurityEvent> output = new ArrayList<SecurityEvent>(); try { SecurityLog.readPreviousEvents(output); |