Loading core/res/res/values/config.xml +7 −3 Original line number Diff line number Diff line Loading @@ -2227,7 +2227,7 @@ <!-- The name of the package that will hold the system gallery role. --> <string name="config_systemGallery" translatable="false">com.android.gallery3d</string> <!-- The names of the packages that will hold the automotive projection role. --> <string name="config_systemAutomotiveProjection" translatable="false"></string> <string name="config_systemAutomotiveProjection" translatable="false">com.google.android.projection.gearhead:fdb00c43dbde8b51cb312aa81d3b5fa17713adb94b28f598d77f8eb89daceedf</string> <!-- The name of the package that will hold the system cluster service role. --> <string name="config_systemAutomotiveCluster" translatable="false"></string> <!-- The name of the package that will hold the system shell role. --> Loading Loading @@ -4203,7 +4203,9 @@ Note that config_companionDeviceManagerPackage and config_companionDeviceCerts are parallel arrays. --> <string-array name="config_companionDevicePackages" translatable="false"></string-array> <string-array name="config_companionDevicePackages" translatable="false"> <item>com.google.android.projection.gearhead</item> </string-array> <!-- A list of SHA256 Certificates managing companion device(s) by the same manufacturers as the main device. It will fall back to showing a prompt if the association has been called Loading @@ -4212,7 +4214,9 @@ arrays. Example: "1A:2B:3C:4D" --> <string-array name="config_companionDeviceCerts" translatable="false"></string-array> <string-array name="config_companionDeviceCerts" translatable="false"> <item>FD:B0:0C:43:DB:DE:8B:51:CB:31:2A:A8:1D:3B:5F:A1:77:13:AD:B9:4B:28:F5:98:D7:7F:8E:B8:9D:AC:EE:DF</item> </string-array> <!-- The package name for the default wellbeing app. This package must be trusted, as it has the permissions to control other applications Loading services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +26 −0 Original line number Diff line number Diff line Loading @@ -154,6 +154,7 @@ import java.util.Arrays; import java.util.Collection; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Map; Loading Loading @@ -239,6 +240,25 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt NOTIFICATION_PERMISSIONS.add(Manifest.permission.POST_NOTIFICATIONS); } private static final String PACKAGE_ANDROID_AUTO = "com.google.android.projection.gearhead"; private static final String SIGNATURE_ANDROID_AUTO = "FDB00C43DBDE8B51CB312AA81D3B5FA17713ADB94B28F598D77F8EB89DACEEDF"; private static final Set<String> ANDROID_AUTO_CERTS = new HashSet(Arrays.asList(SIGNATURE_ANDROID_AUTO)); private static final ArrayList<String> PERMISSIONS_ANDROID_AUTO = new ArrayList<String>( Arrays.asList( Manifest.permission.INTERNAL_SYSTEM_WINDOW, Manifest.permission.MANAGE_COMPANION_DEVICES, Manifest.permission.MANAGE_USB, Manifest.permission.MODIFY_AUDIO_ROUTING, Manifest.permission.READ_PHONE_STATE, Manifest.permission.READ_PRIVILEGED_PHONE_STATE, Manifest.permission.REQUEST_COMPANION_SELF_MANAGED, Manifest.permission.BLUETOOTH_PRIVILEGED, Manifest.permission.LOCAL_MAC_ADDRESS, Manifest.permission.CONTROL_INCALL_EXPERIENCE, Manifest.permission.COMPANION_APPROVE_WIFI_CONNECTIONS, Manifest.permission.START_ACTIVITIES_FROM_BACKGROUND ) ); /** Set of source package names for Privileged Permission Allowlist */ private final ArraySet<String> mPrivilegedPermissionAllowlistSourcePackageNames = new ArraySet<>(); Loading Loading @@ -962,6 +982,12 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt return PackageManager.PERMISSION_DENIED; } if (PACKAGE_ANDROID_AUTO.equals(pkg.getPackageName()) && pkg.getSigningDetails().hasAncestorOrSelfWithDigest(ANDROID_AUTO_CERTS) && PERMISSIONS_ANDROID_AUTO.contains(permissionName)) { return PackageManager.PERMISSION_GRANTED; } if (checkSinglePermissionInternalLocked(uidState, permissionName, isInstantApp)) { return PackageManager.PERMISSION_GRANTED; } Loading Loading
core/res/res/values/config.xml +7 −3 Original line number Diff line number Diff line Loading @@ -2227,7 +2227,7 @@ <!-- The name of the package that will hold the system gallery role. --> <string name="config_systemGallery" translatable="false">com.android.gallery3d</string> <!-- The names of the packages that will hold the automotive projection role. --> <string name="config_systemAutomotiveProjection" translatable="false"></string> <string name="config_systemAutomotiveProjection" translatable="false">com.google.android.projection.gearhead:fdb00c43dbde8b51cb312aa81d3b5fa17713adb94b28f598d77f8eb89daceedf</string> <!-- The name of the package that will hold the system cluster service role. --> <string name="config_systemAutomotiveCluster" translatable="false"></string> <!-- The name of the package that will hold the system shell role. --> Loading Loading @@ -4203,7 +4203,9 @@ Note that config_companionDeviceManagerPackage and config_companionDeviceCerts are parallel arrays. --> <string-array name="config_companionDevicePackages" translatable="false"></string-array> <string-array name="config_companionDevicePackages" translatable="false"> <item>com.google.android.projection.gearhead</item> </string-array> <!-- A list of SHA256 Certificates managing companion device(s) by the same manufacturers as the main device. It will fall back to showing a prompt if the association has been called Loading @@ -4212,7 +4214,9 @@ arrays. Example: "1A:2B:3C:4D" --> <string-array name="config_companionDeviceCerts" translatable="false"></string-array> <string-array name="config_companionDeviceCerts" translatable="false"> <item>FD:B0:0C:43:DB:DE:8B:51:CB:31:2A:A8:1D:3B:5F:A1:77:13:AD:B9:4B:28:F5:98:D7:7F:8E:B8:9D:AC:EE:DF</item> </string-array> <!-- The package name for the default wellbeing app. This package must be trusted, as it has the permissions to control other applications Loading
services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +26 −0 Original line number Diff line number Diff line Loading @@ -154,6 +154,7 @@ import java.util.Arrays; import java.util.Collection; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Map; Loading Loading @@ -239,6 +240,25 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt NOTIFICATION_PERMISSIONS.add(Manifest.permission.POST_NOTIFICATIONS); } private static final String PACKAGE_ANDROID_AUTO = "com.google.android.projection.gearhead"; private static final String SIGNATURE_ANDROID_AUTO = "FDB00C43DBDE8B51CB312AA81D3B5FA17713ADB94B28F598D77F8EB89DACEEDF"; private static final Set<String> ANDROID_AUTO_CERTS = new HashSet(Arrays.asList(SIGNATURE_ANDROID_AUTO)); private static final ArrayList<String> PERMISSIONS_ANDROID_AUTO = new ArrayList<String>( Arrays.asList( Manifest.permission.INTERNAL_SYSTEM_WINDOW, Manifest.permission.MANAGE_COMPANION_DEVICES, Manifest.permission.MANAGE_USB, Manifest.permission.MODIFY_AUDIO_ROUTING, Manifest.permission.READ_PHONE_STATE, Manifest.permission.READ_PRIVILEGED_PHONE_STATE, Manifest.permission.REQUEST_COMPANION_SELF_MANAGED, Manifest.permission.BLUETOOTH_PRIVILEGED, Manifest.permission.LOCAL_MAC_ADDRESS, Manifest.permission.CONTROL_INCALL_EXPERIENCE, Manifest.permission.COMPANION_APPROVE_WIFI_CONNECTIONS, Manifest.permission.START_ACTIVITIES_FROM_BACKGROUND ) ); /** Set of source package names for Privileged Permission Allowlist */ private final ArraySet<String> mPrivilegedPermissionAllowlistSourcePackageNames = new ArraySet<>(); Loading Loading @@ -962,6 +982,12 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt return PackageManager.PERMISSION_DENIED; } if (PACKAGE_ANDROID_AUTO.equals(pkg.getPackageName()) && pkg.getSigningDetails().hasAncestorOrSelfWithDigest(ANDROID_AUTO_CERTS) && PERMISSIONS_ANDROID_AUTO.contains(permissionName)) { return PackageManager.PERMISSION_GRANTED; } if (checkSinglePermissionInternalLocked(uidState, permissionName, isInstantApp)) { return PackageManager.PERMISSION_GRANTED; } Loading
