OEM-Unlock

From Android Wiki
Jump to navigation Jump to search

The Option OEM-Unlock (available since Android 5.0 verweis=Lollipop "Lollipop"[1]) is a checkbox in the developer options. It is used as a security feature against the unauthorized unlock of the bootloader of the device. The, normally disabled, option controls, if the bootloader of the device can be unlocked using an OEM routine (a routinge, implemented by the manufacturer of the device, to unlock the bootloader). If the option is disabled and someone tries to unlock the bootloader of the device, the bootloader will fail this action by providing an error message.

Apart from the possibility to unlock the bootloader, OEM-Unlock (if enabled) also disables the Android Factory Reset Protection (FRP) of the Device Protection toolset. If this feature is disabled, the device can be resetted using a factory reset method and can than be setup without needing to authenticate with a previously synchronized Google account.

Technical implementation

When implementing an option like the OEM-Unlock, both, the bootloader, and the Android system needs to access a common, persistent storage for settings.[2] This also requires a raw format to save data, as not both independent systems may have the same abstraction layer and support libraries. In this case, Android provides a specific partition, which can persist data. The partition can vary from system to system, which is why the used partition is saved in the system property ro.frp.pst.[3] On an HTC 10, e.g., the partition frp (short for Factory Reset Protection) is used,[4] whereas Samsung devices, which are based on a Snapdragon 625 MSM8976, uses the persistent partition.[5] The block devices of the partition also vary from device to device.

If the OEM-Unlock option is enabled in the developer options, Android saves the new value of the option (1 for enabled and 0 for disabled) as the content of the configured partition. The bootloader can, if needed by the bootloader unlock implementation, read this value and prevent the unlock, if necessary.

References

  1. "FYI: Android 5.0 Introduces “Enable OEM Unlock” Option in...". Droid Life. 2014-11-04. Abgerufen am 2018-09-16. 
  2. "Nexus 9 Notes". newandroidbook.com. Abgerufen am 2018-09-16. 
  3. "aosp-mirror/platform_frameworks_base". GitHub. Abgerufen am 2018-09-16. 
  4. "LineageOS/android_device_htc_pme". GitHub. Abgerufen am 2018-09-16. 
  5. "LineageOS/android_device_samsung_msm8976-common". GitHub. Abgerufen am 2018-09-16.