Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / 9b5439b32a2b8ac2fa15392c509178eb299327b2
commit9b5439b32a2b8ac2fa15392c509178eb299327b2[log] [tgz]
authorSong Chun Fan <schfan@google.com>Wed Oct 16 14:23:00 2024 -0700
committerSong Chun Fan <schfan@google.com>Tue Oct 22 13:38:43 2024 -0700
tree412404c460d4eb7923783463471c9a3d8cc82ae7
parent425d3d5aa3c5511a5197cd0f4f8f919e498e7ecb [diff]
[7/N] only the current verifier can call VerificationSession APIs

Only the current verifier bound by the system can call
VerificationSession APIs and the PackageInstaller API to change the
verification policy. This makes sure that even if there are multiple
verifiers installed on the device, only the one bound by the system can
affect the ongoing installations.

+ Removes @RequiresPermission from VerificationSession APIs because we
  no longer directly check for caller permission (instead, we are
checking for UID matches)
+ Add shell commands to get/set the global policy (for testing)
+ Improve error handling when binding to the verifier has failed
+ Some code polish

FLAG: android.content.pm.verification_service

BUG: 360129657
Test: atest CtsPackageManagerTestCases:VerifierServiceTest

Change-Id: If90d075ff117c666ae71bb593cad284f65f4d123
10 files changed
tree: 412404c460d4eb7923783463471c9a3d8cc82ae7
  1. .prebuilt_info/
  2. android-sdk-flags/
  3. apct-tests/
  4. apex/
  5. api/
  6. boot/
  7. cmds/
  8. config/
  9. core/
  10. data/
  11. docs/
  12. drm/
  13. errorprone/
  14. graphics/
  15. identity/
  16. keystore/
  17. libs/
  18. location/
  19. media/
  20. mime/
  21. mms/
  22. native/
  23. nfc/
  24. nfc-extras/
  25. obex/
  26. omapi/
  27. opengl/
  28. packages/
  29. proto/
  30. ravenwood/
  31. rs/
  32. samples/
  33. sax/
  34. services/
  35. startop/
  36. telecomm/
  37. telephony/
  38. test-base/
  39. test-junit/
  40. test-legacy/
  41. test-mock/
  42. test-runner/
  43. tests/
  44. tools/
  45. wifi/
  46. .clang-format
  47. .gitignore
  48. .mailmap
  49. AconfigFlags.bp
  50. ACTIVITY_MANAGER_OWNERS
  51. ADPF_OWNERS
  52. Android.bp
  53. BAL_OWNERS
  54. BATTERY_STATS_OWNERS
  55. BROADCASTS_OWNERS
  56. CleanSpec.mk
  57. framework-jarjar-rules.txt
  58. GAME_MANAGER_OWNERS
  59. INPUT_OWNERS
  60. INTENT_OWNERS
  61. lint-baseline.xml
  62. LSE_APP_COMPAT_OWNERS
  63. MEMORY_OWNERS
  64. METADATA
  65. MODULE_LICENSE_APACHE2
  66. MULTIUSER_OWNERS
  67. NOTICE
  68. OOM_ADJUSTER_OWNERS
  69. OWNERS
  70. OWNERS.md
  71. PACKAGE_MANAGER_OWNERS
  72. pathmap.mk
  73. PERFORMANCE_OWNERS
  74. PREUPLOAD.cfg
  75. ProtoLibraries.bp
  76. Ravenwood.bp
  77. SECURITY_STATE_OWNERS
  78. SQLITE_OWNERS
  79. TEST_MAPPING
  80. TestProtoLibraries.bp
  81. THERMAL_OWNERS
  82. TRACE_OWNERS
  83. WEAR_OWNERS
  84. ZYGOTE_OWNERS