Loading android/config.go +8 −0 Original line number Diff line number Diff line Loading @@ -950,6 +950,14 @@ func (c *config) FlattenApex() bool { return Bool(c.productVariables.FlattenApex) } func (c *config) EnforceSystemCertificate() bool { return Bool(c.productVariables.EnforceSystemCertificate) } func (c *config) EnforceSystemCertificateWhitelist() []string { return c.productVariables.EnforceSystemCertificateWhitelist } func stringSlice(s *[]string) []string { if s != nil { return *s Loading android/variable.go +3 −0 Original line number Diff line number Diff line Loading @@ -263,6 +263,9 @@ type productVariables struct { DexpreoptGlobalConfig *string `json:",omitempty"` ManifestPackageNameOverrides []string `json:",omitempty"` EnforceSystemCertificate *bool `json:",omitempty"` EnforceSystemCertificateWhitelist []string `json:",omitempty"` } func boolPtr(v bool) *bool { Loading java/app.go +14 −0 Original line number Diff line number Diff line Loading @@ -263,6 +263,20 @@ func (a *AndroidApp) generateAndroidBuildActions(ctx android.ModuleContext) { packageFile := android.PathForModuleOut(ctx, "package.apk") CreateAppPackage(ctx, packageFile, a.exportPackage, jniJarFile, dexJarFile, certificates) if !a.Module.Platform() { certPath := a.certificate.Pem.String() systemCertPath := ctx.Config().DefaultAppCertificateDir(ctx).String() if strings.HasPrefix(certPath, systemCertPath) { enforceSystemCert := ctx.Config().EnforceSystemCertificate() whitelist := ctx.Config().EnforceSystemCertificateWhitelist() if enforceSystemCert && !inList(a.Module.Name(), whitelist) { ctx.PropertyErrorf("certificate", "The module in product partition cannot be signed with certificate in system.") } } } a.outputFile = packageFile bundleFile := android.PathForModuleOut(ctx, "base.zip") Loading Loading
android/config.go +8 −0 Original line number Diff line number Diff line Loading @@ -950,6 +950,14 @@ func (c *config) FlattenApex() bool { return Bool(c.productVariables.FlattenApex) } func (c *config) EnforceSystemCertificate() bool { return Bool(c.productVariables.EnforceSystemCertificate) } func (c *config) EnforceSystemCertificateWhitelist() []string { return c.productVariables.EnforceSystemCertificateWhitelist } func stringSlice(s *[]string) []string { if s != nil { return *s Loading
android/variable.go +3 −0 Original line number Diff line number Diff line Loading @@ -263,6 +263,9 @@ type productVariables struct { DexpreoptGlobalConfig *string `json:",omitempty"` ManifestPackageNameOverrides []string `json:",omitempty"` EnforceSystemCertificate *bool `json:",omitempty"` EnforceSystemCertificateWhitelist []string `json:",omitempty"` } func boolPtr(v bool) *bool { Loading
java/app.go +14 −0 Original line number Diff line number Diff line Loading @@ -263,6 +263,20 @@ func (a *AndroidApp) generateAndroidBuildActions(ctx android.ModuleContext) { packageFile := android.PathForModuleOut(ctx, "package.apk") CreateAppPackage(ctx, packageFile, a.exportPackage, jniJarFile, dexJarFile, certificates) if !a.Module.Platform() { certPath := a.certificate.Pem.String() systemCertPath := ctx.Config().DefaultAppCertificateDir(ctx).String() if strings.HasPrefix(certPath, systemCertPath) { enforceSystemCert := ctx.Config().EnforceSystemCertificate() whitelist := ctx.Config().EnforceSystemCertificateWhitelist() if enforceSystemCert && !inList(a.Module.Name(), whitelist) { ctx.PropertyErrorf("certificate", "The module in product partition cannot be signed with certificate in system.") } } } a.outputFile = packageFile bundleFile := android.PathForModuleOut(ctx, "base.zip") Loading
