Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 18ea893a authored by Adrian Roos's avatar Adrian Roos
Browse files

Ensure trust agents are only provided by platform packages 

Prevents the TrustManagerService from binding to any non-platform
trust agents and updates the SampleTrustAgent to use the new
permission.

Bug: 15287044
Change-Id: I38c3deebd5ad359075e68f52d19417bab5ab43db
parent becab9a7

core/java/android/service/trust/TrustAgentService.java

+2 −0
Original line number Diff line number Diff line
@@ -33,6 +33,8 @@ import android.util.Slog; 
 * A service that notifies the system about whether it believes the environment of the device

 * to be trusted.

 *

 * <p>Trust agents may only be provided by the platform.</p>

 *

 * <p>To extend this class, you must declare the service in your manifest file with

 * the {@link android.Manifest.permission#BIND_TRUST_AGENT} permission

 * and include an intent filter with the {@link #SERVICE_INTERFACE} action. For example:</p>

core/res/AndroidManifest.xml

+7 −0
Original line number Diff line number Diff line
@@ -2610,6 +2610,13 @@ 
                android:label="@string/permlab_trust_listener"

                android:description="@string/permdesc_trust_listener" />



    <!-- Allows an application to provide a trust agent.

         @hide For security reasons, this is a platform-only permission. -->

    <permission android:name="android.permission.PROVIDE_TRUST_AGENT"

                android:protectionLevel="signatureOrSystem"

                android:label="@string/permlab_provide_trust_agent"

                android:description="@string/permdesc_provide_trust_agent" />



    <!-- Must be required by an {@link

         android.service.trust.TrustAgentService},

         to ensure that only the system can bind to it. -->

core/res/res/values/strings.xml

+5 −0
Original line number Diff line number Diff line
@@ -3777,6 +3777,11 @@ 
    <!-- Description of an application permission that lets it listen to trust state changes. -->

    <string name="permdesc_trust_listener">Allows an application to listen for changes in trust state.</string>



    <!-- Title of an application permission that lets it provide a trust agent. -->

    <string name="permlab_provide_trust_agent">Provide a trust agent.</string>

    <!-- Description of an application permission that lets it provide a trust agent. -->

    <string name="permdesc_provide_trust_agent">Allows an application to provide a trust agent.</string>



    <!-- Title of an application permission that lets it bind to a trust agent service. -->

    <string name="permlab_bind_trust_agent_service">Bind to a trust agent service</string>

    <!-- Description of an application permission that lets it bind to a trust agent service. -->

packages/Keyguard/test/SampleTrustAgent/Android.mk

+2 −3
Original line number Diff line number Diff line
@@ -20,9 +20,8 @@ LOCAL_SRC_FILES := $(call all-java-files-under, src) 


LOCAL_PACKAGE_NAME := SampleTrustAgent



# Remove these to verify permission checks are working correctly

#LOCAL_CERTIFICATE := platform

#LOCAL_PRIVILEGED_MODULE := true

# Remove this to verify permission checks are working correctly

LOCAL_CERTIFICATE := platform



LOCAL_MODULE_TAGS := tests

packages/Keyguard/test/SampleTrustAgent/AndroidManifest.xml

+1 −0
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ 
    package="com.android.trustagent.test">

    <uses-sdk android:minSdkVersion="10" android:targetSdkVersion="17"/>

    <uses-permission android:name="android.permission.CONTROL_KEYGUARD" />

    <uses-permission android:name="android.permission.PROVIDE_TRUST_AGENT" />

    <application android:label="@string/app_name">

      <service

          android:name=".SampleTrustAgent"