Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / cdcd2b219618622627cd2406bad867c55f892431
commitcdcd2b219618622627cd2406bad867c55f892431[log] [tgz]
authorChirayu Desai <chirayudesai1@gmail.com>Wed Jan 30 18:18:10 2019 +0530
committerhmtheboy154 <buingoc67@gmail.com>Sun Mar 16 13:24:45 2025 -0400
tree5d28189d981aba6c38e48ff98ba23405e06b12e9
parentca812cfb1c423a18736f7df061894554b6293faa [diff]
Allow microG and only microG to spoof package signature

* Create a new privileged permission FAKE_PACKAGE_SIGNATURE,
  which is required to spoof signature.
  This means it cannot be used by normal user apps.
* Add package name checks to allow only GmsCore and FakeStore
  to use this, since they're the only apps we want using this.
* Since both of those apps are system apps, package name checks
  are fine since no other app can pretend to be that package,
  it'd have to be signed the private keys used to sign those apps.
* Only allow them to spoof a hardcoded Google signature,
  since we do not want to allow spoofing of arbitrary signatures.

This patch originally started off from the upstream patches, but has been
significantly changed to heavily restrict the usage of this.

References:
* Upstream microG spoofing patches:
  https://github.com/microg/GmsCore/tree/master/patches
* ProtonAOSP Android 12 port:
  https://github.com/ProtonAOSP/android_frameworks_base/commit/0deff13d05e451fbe3803f66be73853237c6729c

Test: microG, open Self Check, verify output
Change-Id: I70af90eb808eaa892b2bad053350d502d84ca884
2 files changed
tree: 5d28189d981aba6c38e48ff98ba23405e06b12e9
  1. .prebuilt_info/
  2. android-sdk-flags/
  3. apct-tests/
  4. apex/
  5. api/
  6. boot/
  7. cmds/
  8. config/
  9. core/
  10. data/
  11. docs/
  12. drm/
  13. errorprone/
  14. graphics/
  15. identity/
  16. keystore/
  17. libs/
  18. location/
  19. media/
  20. mime/
  21. mms/
  22. native/
  23. nfc/
  24. nfc-extras/
  25. obex/
  26. omapi/
  27. opengl/
  28. packages/
  29. proto/
  30. ravenwood/
  31. rs/
  32. samples/
  33. sax/
  34. services/
  35. startop/
  36. telecomm/
  37. telephony/
  38. test-base/
  39. test-junit/
  40. test-legacy/
  41. test-mock/
  42. test-runner/
  43. tests/
  44. tools/
  45. wifi/
  46. .clang-format
  47. .gitignore
  48. .mailmap
  49. AconfigFlags.bp
  50. ACTIVITY_MANAGER_OWNERS
  51. ADPF_OWNERS
  52. Android.bp
  53. BAL_OWNERS
  54. BATTERY_STATS_OWNERS
  55. BROADCASTS_OWNERS
  56. CleanSpec.mk
  57. framework-jarjar-rules.txt
  58. GAME_MANAGER_OWNERS
  59. INPUT_OWNERS
  60. INTENT_OWNERS
  61. lint-baseline.xml
  62. LSE_APP_COMPAT_OWNERS
  63. MEMORY_OWNERS
  64. METADATA
  65. MODULE_LICENSE_APACHE2
  66. MULTIUSER_OWNERS
  67. NOTICE
  68. OOM_ADJUSTER_OWNERS
  69. OWNERS
  70. OWNERS.md
  71. PACKAGE_MANAGER_OWNERS
  72. pathmap.mk
  73. PERFORMANCE_OWNERS
  74. PREUPLOAD.cfg
  75. ProtoLibraries.bp
  76. Ravenwood.bp
  77. SECURITY_STATE_OWNERS
  78. SQLITE_OWNERS
  79. TEST_MAPPING
  80. TestProtoLibraries.bp
  81. THERMAL_OWNERS
  82. TRACE_OWNERS
  83. WEAR_OWNERS
  84. ZYGOTE_OWNERS