diff options
Diffstat (limited to 'services')
| -rw-r--r-- | services/java/com/android/server/pm/PackageManagerService.java | 12 | ||||
| -rw-r--r-- | services/java/com/android/server/pm/Settings.java | 30 |
2 files changed, 41 insertions, 1 deletions
diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java index 4e5ca8e..9ebdd52 100644 --- a/services/java/com/android/server/pm/PackageManagerService.java +++ b/services/java/com/android/server/pm/PackageManagerService.java @@ -71,6 +71,7 @@ import android.content.pm.ServiceInfo; import android.content.pm.Signature; import android.content.pm.UserInfo; import android.content.pm.ManifestDigest; +import android.content.pm.VerifierDeviceIdentity; import android.net.Uri; import android.os.Binder; import android.os.Build; @@ -8405,4 +8406,15 @@ public class PackageManagerService extends IPackageManager.Stub { mUserManager.removeUser(userId); return true; } + + @Override + public VerifierDeviceIdentity getVerifierDeviceIdentity() throws RemoteException { + mContext.enforceCallingOrSelfPermission( + android.Manifest.permission.PACKAGE_VERIFICATION_AGENT, + "Only package verification agents can read the verifier device identity"); + + synchronized (mPackages) { + return mSettings.getVerifierDeviceIdentityLPw(); + } + } } diff --git a/services/java/com/android/server/pm/Settings.java b/services/java/com/android/server/pm/Settings.java index f270003..7cdb5b1 100644 --- a/services/java/com/android/server/pm/Settings.java +++ b/services/java/com/android/server/pm/Settings.java @@ -39,6 +39,7 @@ import android.content.pm.PackageManager; import android.content.pm.PackageParser; import android.content.pm.PermissionInfo; import android.content.pm.Signature; +import android.content.pm.VerifierDeviceIdentity; import android.os.Binder; import android.os.Environment; import android.os.FileUtils; @@ -86,7 +87,10 @@ final class Settings { // used to grant newer permissions one time during a system upgrade. int mInternalSdkPlatform; int mExternalSdkPlatform; - + + /** Device identity for the purpose of package verification. */ + private VerifierDeviceIdentity mVerifierDeviceIdentity; + // The user's preferred activities associated with particular intent // filters. final IntentResolver<PreferredActivity, PreferredActivity> mPreferredActivities = @@ -865,6 +869,12 @@ final class Settings { serializer.attribute(null, "external", Integer.toString(mExternalSdkPlatform)); serializer.endTag(null, "last-platform-version"); + if (mVerifierDeviceIdentity != null) { + serializer.startTag(null, "verifier"); + serializer.attribute(null, "device", mVerifierDeviceIdentity.toString()); + serializer.endTag(null, "verifier"); + } + serializer.startTag(null, "permission-trees"); for (BasePermission bp : mPermissionTrees.values()) { writePermissionLPr(serializer, bp); @@ -1280,6 +1290,14 @@ final class Settings { } } catch (NumberFormatException e) { } + } else if (tagName.equals("verifier")) { + final String deviceIdentity = parser.getAttributeValue(null, "device"); + try { + mVerifierDeviceIdentity = VerifierDeviceIdentity.parse(deviceIdentity); + } catch (IllegalArgumentException e) { + Slog.w(PackageManagerService.TAG, "Discard invalid verifier device id: " + + e.getMessage()); + } } else { Slog.w(PackageManagerService.TAG, "Unknown element under <packages>: " + parser.getName()); @@ -1894,6 +1912,16 @@ final class Settings { return PackageManagerService.FIRST_APPLICATION_UID + N; } + public VerifierDeviceIdentity getVerifierDeviceIdentityLPw() { + if (mVerifierDeviceIdentity == null) { + mVerifierDeviceIdentity = VerifierDeviceIdentity.generate(); + + writeLPr(); + } + + return mVerifierDeviceIdentity; + } + public PackageSetting getDisabledSystemPkgLPr(String name) { PackageSetting ps = mDisabledSysPackages.get(name); return ps; |