diff options
3 files changed, 11 insertions, 0 deletions
diff --git a/core/java/android/os/RecoverySystem.java b/core/java/android/os/RecoverySystem.java index cdde4c723da0..7aee455d5189 100644 --- a/core/java/android/os/RecoverySystem.java +++ b/core/java/android/os/RecoverySystem.java @@ -19,6 +19,7 @@ package android.os; import android.content.BroadcastReceiver; import android.content.Context; import android.content.Intent; +import android.os.UserManager; import android.util.Log; import java.io.ByteArrayInputStream; @@ -348,6 +349,7 @@ public class RecoverySystem { * * @throws IOException if writing the recovery command file * fails, or if the reboot itself fails. + * @throws SecurityException if the current user is not allowed to wipe data. */ public static void rebootWipeUserData(Context context) throws IOException { rebootWipeUserData(context, false); @@ -367,11 +369,16 @@ public class RecoverySystem { * * @throws IOException if writing the recovery command file * fails, or if the reboot itself fails. + * @throws SecurityException if the current user is not allowed to wipe data. * * @hide */ public static void rebootWipeUserData(Context context, boolean shutdown) throws IOException { + UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE); + if (um.hasUserRestriction(UserManager.DISALLOW_FACTORY_RESET)) { + throw new SecurityException("Wiping data is not allowed for this user."); + } final ConditionVariable condition = new ConditionVariable(); Intent intent = new Intent("android.intent.action.MASTER_CLEAR_NOTIFICATION"); diff --git a/services/core/java/com/android/server/MasterClearReceiver.java b/services/core/java/com/android/server/MasterClearReceiver.java index e570b0bd0978..e88bdf8683cf 100644 --- a/services/core/java/com/android/server/MasterClearReceiver.java +++ b/services/core/java/com/android/server/MasterClearReceiver.java @@ -49,6 +49,8 @@ public class MasterClearReceiver extends BroadcastReceiver { Log.wtf(TAG, "Still running after master clear?!"); } catch (IOException e) { Slog.e(TAG, "Can't perform master clear/factory reset", e); + } catch (SecurityException e) { + Slog.e(TAG, "Can't perform master clear/factory reset", e); } } }; diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 3cb15e365e2f..e956dfb0900d 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -2480,6 +2480,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { RecoverySystem.rebootWipeUserData(mContext); } catch (IOException e) { Slog.w(LOG_TAG, "Failed requesting data wipe", e); + } catch (SecurityException e) { + Slog.w(LOG_TAG, "Failed requesting data wipe", e); } } } |