Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 02161f43 authored by Danny Lin's avatar Danny Lin Committed by Aayush Gupta
Browse files

Add support for app signature spoofing

This is needed by microG GmsCore to pretend to be the official Google
Play Services package, because client apps check the package signature
to make sure it matches Google's official certificate.

This was forward-ported from the Android 10 patch by gudenau:
https://github.com/microg/android_packages_apps_GmsCore/pull/957

Changes made for Android 11:
  - Updated PackageInfo calls
  - Added new permission to public API surface, needed for
    PermissionController which is now an updatable APEX on 11
  - Added a dummy permission group to allow users to manage the
    permission through the PermissionController UI
    (by Vachounet <vachounet@live.fr>)
  - Updated location provider comment for conciseness

Change-Id: Ied7d6ce0b83a2d2345c3abba0429998d86494a88
parent e2c0987c
Loading
Loading
Loading
Loading
+2 −0
Original line number Diff line number Diff line
@@ -79,6 +79,7 @@ package android {
    field public static final String DUMP = "android.permission.DUMP";
    field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR";
    field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST";
    field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE";
    field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE";
    field public static final String GET_ACCOUNTS = "android.permission.GET_ACCOUNTS";
    field public static final String GET_ACCOUNTS_PRIVILEGED = "android.permission.GET_ACCOUNTS_PRIVILEGED";
@@ -182,6 +183,7 @@ package android {
    field public static final String CALL_LOG = "android.permission-group.CALL_LOG";
    field public static final String CAMERA = "android.permission-group.CAMERA";
    field public static final String CONTACTS = "android.permission-group.CONTACTS";
    field public static final String FAKE_PACKAGE = "android.permission-group.FAKE_PACKAGE";
    field public static final String LOCATION = "android.permission-group.LOCATION";
    field public static final String MICROPHONE = "android.permission-group.MICROPHONE";
    field public static final String PHONE = "android.permission-group.PHONE";
+15 −0
Original line number Diff line number Diff line
@@ -2842,6 +2842,21 @@
        android:description="@string/permdesc_getPackageSize"
        android:protectionLevel="normal" />

    <!-- Dummy user-facing group for faking package signature -->
    <permission-group android:name="android.permission-group.FAKE_PACKAGE"
        android:label="@string/permgrouplab_fake_package_signature"
        android:description="@string/permgroupdesc_fake_package_signature"
        android:request="@string/permgrouprequest_fake_package_signature"
        android:priority="100" />

    <!-- Allows an application to change the package signature as
         seen by applications -->
    <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
        android:permissionGroup="android.permission-group.UNDEFINED"
        android:protectionLevel="dangerous"
        android:label="@string/permlab_fakePackageSignature"
        android:description="@string/permdesc_fakePackageSignature" />

    <!-- @deprecated No longer useful, see
         {@link android.content.pm.PackageManager#addPackageToPreferred}
         for details. -->
+12 −0
Original line number Diff line number Diff line
@@ -5749,4 +5749,16 @@ ul.</string>
    <string name="config_pdp_reject_service_not_subscribed"></string>
    <!-- pdp data reject dialog string for cause 55 (MULTI_CONN_TO_SAME_PDN_NOT_ALLOWED) [CHAR LIMIT=100] -->
    <string name="config_pdp_reject_multi_conn_to_same_pdn_not_allowed"></string>

    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permlab_fakePackageSignature">Spoof package signature</string>
    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permdesc_fakePackageSignature">Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Legitimate uses include an emulator pretending to be what it emulates. Grant this permission with caution only!</string>
    <!-- Title of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permgrouplab_fake_package_signature">Spoof package signature</string>
    <!-- Description of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permgroupdesc_fake_package_signature">allow to spoof package signature</string>
    <!-- Message shown to the user when the apps requests permission from this group. If ever possible this should stay below 80 characters (assuming the parameters takes 20 characters). Don't abbreviate until the message reaches 120 characters though. [CHAR LIMIT=120] -->
    <string name="permgrouprequest_fake_package_signature">Allow
        &lt;b><xliff:g id="app_name" example="Gmail">%1$s</xliff:g>&lt;/b> to spoof package signature?</string>
</resources>
+2 −0
Original line number Diff line number Diff line
@@ -79,6 +79,7 @@ package android {
    field public static final String DUMP = "android.permission.DUMP";
    field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR";
    field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST";
    field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE";
    field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE";
    field public static final String GET_ACCOUNTS = "android.permission.GET_ACCOUNTS";
    field public static final String GET_ACCOUNTS_PRIVILEGED = "android.permission.GET_ACCOUNTS_PRIVILEGED";
@@ -182,6 +183,7 @@ package android {
    field public static final String CALL_LOG = "android.permission-group.CALL_LOG";
    field public static final String CAMERA = "android.permission-group.CAMERA";
    field public static final String CONTACTS = "android.permission-group.CONTACTS";
    field public static final String FAKE_PACKAGE = "android.permission-group.FAKE_PACKAGE";
    field public static final String LOCATION = "android.permission-group.LOCATION";
    field public static final String MICROPHONE = "android.permission-group.MICROPHONE";
    field public static final String PHONE = "android.permission-group.PHONE";
+21 −2
Original line number Diff line number Diff line
@@ -4456,8 +4456,9 @@ public class PackageManagerService extends IPackageManager.Stub
                });
            }
            PackageInfo packageInfo = PackageInfoUtils.generate(p, gids, flags,
                    ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId, ps);
            PackageInfo packageInfo = mayFakeSignature(p, PackageInfoUtils.generate(p, gids, flags,
                    ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId, ps),
                    permissions);
            if (packageInfo == null) {
                return null;
@@ -4493,6 +4494,24 @@ public class PackageManagerService extends IPackageManager.Stub
        }
    }
    private PackageInfo mayFakeSignature(AndroidPackage p, PackageInfo pi,
            Set<String> permissions) {
        try {
            if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE")
                    && p.getTargetSdkVersion() > Build.VERSION_CODES.LOLLIPOP_MR1
                    && p.getMetaData() != null) {
                String sig = p.getMetaData().getString("fake-signature");
                if (sig != null) {
                    pi.signatures = new Signature[] {new Signature(sig)};
                }
            }
        } catch (Throwable t) {
            // We should never die because of any failures, this is system code!
            Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t);
        }
        return pi;
    }
    @Override
    public void checkPackageStartable(String packageName, int userId) {
        final int callingUid = Binder.getCallingUid();