Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0c4110e0 authored by Winson's avatar Winson
Browse files

Migrate approved/denied domain states and add tests 

Allows shell configured values to persist across package updates and
validates the behavior with new unit tests.

Also fixes a bug with failing to recalculate hasAutoVerifyDomains
during an update.

Bug: 180535047

Test: atest DomainVerificationPackageTest

Change-Id: I793171491c8373ad67a38b5a02a57f46e4d5828a
parent 3cd3a80f

core/java/android/content/pm/verify/domain/DomainVerificationManager.java

+0 −22
Original line number Diff line number Diff line
@@ -162,28 +162,6 @@ public final class DomainVerificationManager { 
        }

    }



    /**

     * For determine re-verify policy. This is hidden from the domain verification agent so that no

     * behavior is made based on the result.

     *

     * @hide

     */

    public static boolean isStateDefault(@DomainVerificationState.State int state) {

        switch (state) {

            case DomainVerificationState.STATE_NO_RESPONSE:

            case DomainVerificationState.STATE_MIGRATED:

            case DomainVerificationState.STATE_RESTORED:

                return true;

            case DomainVerificationState.STATE_SUCCESS:

            case DomainVerificationState.STATE_APPROVED:

            case DomainVerificationState.STATE_DENIED:

            case DomainVerificationState.STATE_LEGACY_FAILURE:

            case DomainVerificationState.STATE_SYS_CONFIG:

            default:

                return false;

        }

    }



    /**

     * @hide

     */

core/java/android/content/pm/verify/domain/DomainVerificationState.java

+46 −0
Original line number Diff line number Diff line
@@ -97,4 +97,50 @@ public interface DomainVerificationState { 
     * @see DomainVerificationManager#STATE_FIRST_VERIFIER_DEFINED

     */

    int STATE_FIRST_VERIFIER_DEFINED = 0b10000000000;





    /**

     * For determining re-verify policy. This is hidden from the domain verification agent so that

     * no behavior is made based on the result.

     *

     * @hide

     */

    static boolean isDefault(@State int state) {

        switch (state) {

            case STATE_NO_RESPONSE:

            case STATE_MIGRATED:

            case STATE_RESTORED:

                return true;

            case STATE_SUCCESS:

            case STATE_APPROVED:

            case STATE_DENIED:

            case STATE_LEGACY_FAILURE:

            case STATE_SYS_CONFIG:

            default:

                return false;

        }

    }



    /**

     * Whether the state is migrated when updating a package. Generally this is only for states

     * that maintain verification state or were set by an explicit user or developer action.

     *

     * @hide

     */

    static boolean shouldMigrate(@State int state) {

        switch (state) {

            case STATE_SUCCESS:

            case STATE_MIGRATED:

            case STATE_RESTORED:

            case STATE_APPROVED:

            case STATE_DENIED:

                return true;

            case STATE_NO_RESPONSE:

            case STATE_LEGACY_FAILURE:

            case STATE_SYS_CONFIG:

            case STATE_FIRST_VERIFIER_DEFINED:

            default:

                return false;

        }

    }

}

services/core/java/com/android/server/pm/verify/domain/DomainVerificationService.java

+9 −16
Original line number Diff line number Diff line
@@ -793,19 +793,12 @@ public class DomainVerificationService extends SystemService 
                Integer oldStateInteger = oldStateMap.get(domain);

                if (oldStateInteger != null) {

                    int oldState = oldStateInteger;

                    switch (oldState) {

                        case DomainVerificationState.STATE_SUCCESS:

                        case DomainVerificationState.STATE_RESTORED:

                        case DomainVerificationState.STATE_MIGRATED:

                    // If the following case fails, the state code is left unset

                    // (STATE_NO_RESPONSE) to signal to the verification agent that any existing

                    // error has been cleared and the domain should be re-attempted. This makes

                    // update of a package a signal to re-verify.

                    if (DomainVerificationState.shouldMigrate(oldState)) {

                        newStateMap.put(domain, oldState);

                            break;

                        default:

                            // In all other cases, the state code is left unset

                            // (STATE_NO_RESPONSE) to signal to the verification agent that any

                            // existing error has been cleared and the domain should be

                            // re-attempted. This makes update of a package a signal to

                            // re-verify.

                            break;

                    }

                }

            }
@@ -872,7 +865,7 @@ public class DomainVerificationService extends SystemService 
        boolean hasAutoVerifyDomains = !domains.isEmpty();

        boolean isPendingOrRestored = pkgState != null;

        if (isPendingOrRestored) {

            pkgState.setId(domainSetId);

            pkgState = new DomainVerificationPkgState(pkgState, domainSetId, hasAutoVerifyDomains);

        } else {

            pkgState = new DomainVerificationPkgState(pkgName, domainSetId, hasAutoVerifyDomains);

        }
@@ -1185,7 +1178,7 @@ public class DomainVerificationService extends SystemService 
    /**

     * Determine whether or not a broadcast should be sent at boot for the given {@param pkgState}.

     * Sends only if the only states recorded are default as decided by {@link

     * DomainVerificationManager#isStateDefault(int)}.

     * DomainVerificationState#isDefault(int)}.

     *

     * If any other state is set, it's assumed that the domain verification agent is aware of the

     * package and has already scheduled future verification requests.
@@ -1199,7 +1192,7 @@ public class DomainVerificationService extends SystemService 
        int statesSize = stateMap.size();

        for (int stateIndex = 0; stateIndex < statesSize; stateIndex++) {

            Integer state = stateMap.valueAt(stateIndex);

            if (!DomainVerificationManager.isStateDefault(state)) {

            if (!DomainVerificationState.isDefault(state)) {

                return false;

            }

        }

services/core/java/com/android/server/pm/verify/domain/models/DomainVerificationPkgState.java

+6 −4
Original line number Diff line number Diff line
@@ -68,6 +68,12 @@ public class DomainVerificationPkgState { 
        this(packageName, id, hasAutoVerifyDomains, new ArrayMap<>(0), new SparseArray<>(0));

    }



    public DomainVerificationPkgState(@NonNull DomainVerificationPkgState pkgState,

            @NonNull UUID id, boolean hasAutoVerifyDomains) {

        this(pkgState.getPackageName(), id, hasAutoVerifyDomains, pkgState.getStateMap(),

                pkgState.getUserStates());

    }



    @Nullable

    public DomainVerificationInternalUserState getUserState(@UserIdInt int userId) {

        return mUserStates.get(userId);
@@ -84,10 +90,6 @@ public class DomainVerificationPkgState { 
        return userState;

    }



    public void setId(@NonNull UUID id) {

        mId = id;

    }



    public void removeUser(@UserIdInt int userId) {

        mUserStates.remove(userId);

    }

services/tests/PackageManagerServiceTests/unit/Android.bp

+1 −1
Original line number Diff line number Diff line
@@ -28,9 +28,9 @@ android_test { 
        "androidx.test.rules",

        "androidx.test.runner",

        "junit",

        "kotlin-test",

        "services.core",

        "servicestests-utils",

        "testng",

        "truth-prebuilt",

    ],

    platform_apis: true,