OEM-Unlock: Difference between revisions

From Android Wiki
(Created page with "The Option '''OEM-Unlock''' (available since Android {{Android|5.0}}<ref>{{Internetquelle|titel=FYI: Android 5.0 Introduces "Enable OEM Unlock" Option in Developer Options|url...")
 
No edit summary
 
Line 1: Line 1:
The Option '''OEM-Unlock''' (available since Android {{Android|5.0}}<ref>{{Internetquelle|titel=FYI: Android 5.0 Introduces "Enable OEM Unlock" Option in Developer Options|url=http://www.droid-life.com/2014/11/04/fyi-android-5-0-introduces-enable-oem-unlock-option-in-developer-options/|zugriff=2015-12-06|werk=Droid Life}}</ref>) is a checkbox in the developer options. It is used as a security feature against the unauthorized unlock of the bootloader of the device. The, normally disabled, option controls, if the bootloader of the device can be unlocked using an OEM routine (a routinge, implemented by the manufacturer of the device, to unlock the bootloader). If the option is disabled and someone tries to unlock the bootloader of the device, the bootloader will fail this action by providing an error message.
The Option '''OEM-Unlock''' (available since Android {{Android|5.0}}<ref>{{Cite web|url=http://www.droid-life.com/2014/11/04/fyi-android-5-0-introduces-enable-oem-unlock-option-in-developer-options/|title=FYI: Android 5.0 Introduces “Enable OEM Unlock” Option in...|date=2014-11-04|website=Droid Life|language=en-US|access-date=2018-09-16}}</ref>) is a checkbox in the developer options. It is used as a security feature against the unauthorized unlock of the bootloader of the device. The, normally disabled, option controls, if the bootloader of the device can be unlocked using an OEM routine (a routinge, implemented by the manufacturer of the device, to unlock the bootloader). If the option is disabled and someone tries to unlock the bootloader of the device, the bootloader will fail this action by providing an error message.


Apart from the possibility to unlock the bootloader, OEM-Unlock (if enabled) also disables the Android Factory Reset Protection (FRP) of the Device Protection toolset. If this feature is disabled, the device can be resetted using a factory reset method and can than be setup without needing to authenticate with a previously synchronized Google account.
Apart from the possibility to unlock the bootloader, OEM-Unlock (if enabled) also disables the Android Factory Reset Protection (FRP) of the Device Protection toolset. If this feature is disabled, the device can be resetted using a factory reset method and can than be setup without needing to authenticate with a previously synchronized Google account.


== Technical implementation ==
== Technical implementation ==
When implementing an option like the OEM-Unlock, both, the bootloader, and the Android system needs to access a common, persistent storage for settings.<ref>{{Internetquelle|url=http://newandroidbook.com/Articles/Nexus9.html|titel=Nexus 9 Notes|werk=newandroidbook.com|zugriff=2017-07-26}}</ref> This also requires a raw format to save data, as not both independent systems may have the same abstraction layer and support libraries. In this case, Android provides a specific partition, which can persist data. The partition can vary from system to system, which is why the used partition is saved in the system property '''ro.frp.pst'''.<ref>{{Internetquelle|url=https://github.com/android/platform_frameworks_base/blob/e426dac4e2e668ff6af027ec0c8bbfff40596ba1/services/core/java/com/android/server/PersistentDataBlockService.java#L69|titel=android/platform_frameworks_base|werk=GitHub|sprache=en|zugriff=2017-07-26}}</ref> On an HTC 10, e.g., the partition ''frp'' (short for '''F'''actory '''R'''eset '''P'''rotection) is used,<ref>{{Internetquelle|url=https://github.com/LineageOS/android_device_htc_pme/blob/cea96b1061baf50f46b69dd214f390a6d11a8737/system.prop#L51|titel=LineageOS/android_device_htc_pme|werk=GitHub|sprache=en|zugriff=2017-07-26}}</ref> whereas Samsung devices, which are based on a Snapdragon 625 MSM8976, uses the ''persistent'' partition.<ref>{{Internetquelle|url=https://github.com/LineageOS/android_device_samsung_msm8976-common/blob/022b32e4bf4257fb573a300229560c38a2965db6/system.prop#L59|titel=LineageOS/android_device_samsung_msm8976-common|werk=GitHub|sprache=en|zugriff=2017-07-26}}</ref> The block devices of the partition also vary from device to device.
When implementing an option like the OEM-Unlock, both, the bootloader, and the Android system needs to access a common, persistent storage for settings.<ref>{{Cite web|url=http://newandroidbook.com/Articles/Nexus9.html|title=Nexus 9 Notes|website=newandroidbook.com|access-date=2018-09-16}}</ref> This also requires a raw format to save data, as not both independent systems may have the same abstraction layer and support libraries. In this case, Android provides a specific partition, which can persist data. The partition can vary from system to system, which is why the used partition is saved in the system property '''ro.frp.pst'''.<ref>{{Cite web|url=https://github.com/android/platform_frameworks_base/blob/e426dac4e2e668ff6af027ec0c8bbfff40596ba1/services/core/java/com/android/server/PersistentDataBlockService.java#L69|title=aosp-mirror/platform_frameworks_base|website=GitHub|language=en|access-date=2018-09-16}}</ref> On an HTC 10, e.g., the partition ''frp'' (short for '''F'''actory '''R'''eset '''P'''rotection) is used,<ref>{{Cite web|url=https://github.com/LineageOS/android_device_htc_pme/blob/cea96b1061baf50f46b69dd214f390a6d11a8737/system.prop#L51|title=LineageOS/android_device_htc_pme|website=GitHub|language=en|access-date=2018-09-16}}</ref> whereas Samsung devices, which are based on a Snapdragon 625 MSM8976, uses the ''persistent'' partition.<ref>{{Cite web|url=https://github.com/LineageOS/android_device_samsung_msm8976-common/blob/022b32e4bf4257fb573a300229560c38a2965db6/system.prop#L59|title=LineageOS/android_device_samsung_msm8976-common|website=GitHub|language=en|access-date=2018-09-16}}</ref> The block devices of the partition also vary from device to device.


If the OEM-Unlock option is enabled in the developer options, Android saves the new value of the option (1 for enabled and 0 for disabled) as the content of the configured partition. The bootloader can, if needed by the bootloader unlock implementation, read this value and prevent the unlock, if necessary.
If the OEM-Unlock option is enabled in the developer options, Android saves the new value of the option (1 for enabled and 0 for disabled) as the content of the configured partition. The bootloader can, if needed by the bootloader unlock implementation, read this value and prevent the unlock, if necessary.

Latest revision as of 18:31, 16 September 2018

The Option OEM-Unlock (available since Android 5.0 verweis=Lollipop "Lollipop"[1]) is a checkbox in the developer options. It is used as a security feature against the unauthorized unlock of the bootloader of the device. The, normally disabled, option controls, if the bootloader of the device can be unlocked using an OEM routine (a routinge, implemented by the manufacturer of the device, to unlock the bootloader). If the option is disabled and someone tries to unlock the bootloader of the device, the bootloader will fail this action by providing an error message.

Apart from the possibility to unlock the bootloader, OEM-Unlock (if enabled) also disables the Android Factory Reset Protection (FRP) of the Device Protection toolset. If this feature is disabled, the device can be resetted using a factory reset method and can than be setup without needing to authenticate with a previously synchronized Google account.

Technical implementation

When implementing an option like the OEM-Unlock, both, the bootloader, and the Android system needs to access a common, persistent storage for settings.[2] This also requires a raw format to save data, as not both independent systems may have the same abstraction layer and support libraries. In this case, Android provides a specific partition, which can persist data. The partition can vary from system to system, which is why the used partition is saved in the system property ro.frp.pst.[3] On an HTC 10, e.g., the partition frp (short for Factory Reset Protection) is used,[4] whereas Samsung devices, which are based on a Snapdragon 625 MSM8976, uses the persistent partition.[5] The block devices of the partition also vary from device to device.

If the OEM-Unlock option is enabled in the developer options, Android saves the new value of the option (1 for enabled and 0 for disabled) as the content of the configured partition. The bootloader can, if needed by the bootloader unlock implementation, read this value and prevent the unlock, if necessary.

References

  1. Lua error: Internal error: The interpreter exited with status 127.
  2. Lua error: Internal error: The interpreter exited with status 127.
  3. Lua error: Internal error: The interpreter exited with status 127.
  4. Lua error: Internal error: The interpreter exited with status 127.
  5. Lua error: Internal error: The interpreter exited with status 127.