Merge pull request #102 from scento/aosp-m-patch-feature

diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml

index 08bccc1..45b0094 100644

--- a/core/res/AndroidManifest.xml

+++ b/core/res/AndroidManifest.xml

@@ -1622,6 +1622,13 @@

         android:label="@string/permlab_getPackageSize"

         android:description="@string/permdesc_getPackageSize"

         android:protectionLevel="normal" />

+    

+    <!-- @hide Allows an application to change the package signature as

+         seen by applications -->

+    <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"

+        android:protectionLevel="dangerous"

+        android:label="@string/permlab_fakePackageSignature"

+        android:description="@string/permdesc_fakePackageSignature" />

     <!-- @deprecated No longer useful, see

          {@link android.content.pm.PackageManager#addPackageToPreferred}

diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml

index 6c96f84..c391f30 100644

--- a/core/res/res/values/config.xml

+++ b/core/res/res/values/config.xml

@@ -1176,6 +1176,8 @@

     <string-array name="config_locationProviderPackageNames" translatable="false">

         <!-- The standard AOSP fused location provider -->

         <item>com.android.location.fused</item>

+        <!-- The (faked) microg fused location provider -->

+        <item>com.google.android.gms</item>

     </string-array>

     <!-- This string array can be overriden to enable test location providers initially. -->

diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml

index 8a9b9cf..cd7ec0d 100644

--- a/core/res/res/values/strings.xml

+++ b/core/res/res/values/strings.xml

@@ -615,6 +615,11 @@

     <!--  Permissions -->

+   <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->

+    <string name="permlab_fakePackageSignature">Spoof package signature</string>

+    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->

+    <string name="permdesc_fakePackageSignature">Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Grant this permission with caution only!</string>

+

     <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->

     <string name="permlab_statusBar">disable or modify status bar</string>

     <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->

diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java

index c1d091b..8195e32 100644

--- a/services/core/java/com/android/server/pm/PackageManagerService.java

+++ b/services/core/java/com/android/server/pm/PackageManagerService.java

@@ -2653,8 +2653,27 @@ public class PackageManagerService extends IPackageManager.Stub {

         final Set<String> permissions = permissionsState.getPermissions(userId);

         final PackageUserState state = ps.readUserState(userId);

-        return PackageParser.generatePackageInfo(p, gids, flags,

-                ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId);

+        return mayFakeSignature(p, PackageParser.generatePackageInfo(p, gids, flags,

+                ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId),

+                permissions);

+    }

+

+    private PackageInfo mayFakeSignature(PackageParser.Package p, PackageInfo pi,

+            Set<String> permissions) {

+        try {

+            if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE")

+                    && p.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1

+                    && p.mAppMetaData != null) {

+                String sig = p.mAppMetaData.getString("fake-signature");

+                if (sig != null) {

+                    pi.signatures = new Signature[] {new Signature(sig)};

+                }

+            }

+        } catch (Throwable t) {

+            // We should never die because of any failures, this is system code!

+            Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t);

+        }

+        return pi;

     }

 No newline at end of file