Loading services/core/java/com/android/server/SystemConfig.java +25 −0 Original line number Diff line number Diff line Loading @@ -329,6 +329,8 @@ public class SystemConfig { private final Set<String> mInstallConstraintsAllowlist = new ArraySet<>(); private String mModulesInstallerPackageName; // Update ownership for system applications and the installers eligible to update them. private final ArrayMap<String, String> mUpdateOwnersForSystemApps = new ArrayMap<>(); /** * Map of system pre-defined, uniquely named actors; keys are namespace, Loading Loading @@ -475,6 +477,13 @@ public class SystemConfig { return mModulesInstallerPackageName; } /** * Gets the update owner of the given package from "update-ownership" tags in sysconfig. */ public @Nullable String getSystemAppUpdateOwnerPackageName(@NonNull String packageName) { return mUpdateOwnersForSystemApps.get(packageName); } public ArraySet<String> getAppDataIsolationWhitelistedApps() { return mAppDataIsolationWhitelistedApps; } Loading Loading @@ -1405,6 +1414,22 @@ public class SystemConfig { } XmlUtils.skipCurrentTag(parser); } break; case "update-ownership": { final String packageName = parser.getAttributeValue(null /* namespace */, "package"); final String installerName = parser.getAttributeValue(null /* namespace */, "installer"); if (TextUtils.isEmpty(packageName)) { Slog.w(TAG, "<" + name + "> without valid package in " + permFile + " at " + parser.getPositionDescription()); } else if (TextUtils.isEmpty(installerName)) { Slog.w(TAG, "<" + name + "> without valid installer in " + permFile + " at " + parser.getPositionDescription()); } else { mUpdateOwnersForSystemApps.put(packageName, installerName); } XmlUtils.skipCurrentTag(parser); } break; default: { Slog.w(TAG, "Tag " + name + " is unknown in " + permFile + " at " + parser.getPositionDescription()); Loading services/tests/servicestests/src/com/android/server/systemconfig/SystemConfigTest.java +52 −0 Original line number Diff line number Diff line Loading @@ -594,6 +594,58 @@ public class SystemConfigTest { assertFooIsOnlySharedLibrary(); } /** * Tests that readPermissions works correctly for the tag: {@code update-ownership}. */ @Test public void readPermissions_updateOwnership_successful() throws IOException { final String contents = "<config>\n" + " <update-ownership package=\"com.foo\" installer=\"com.bar\" />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "update_ownership.xml", contents); readPermissions(folder, /* Grant all permission flags */ ~0); assertThat(mSysConfig.getSystemAppUpdateOwnerPackageName("com.foo")) .isEqualTo("com.bar"); } /** * Tests that readPermissions works correctly for the tag: {@code update-ownership}. */ @Test public void readPermissions_updateOwnership_noPackage() throws IOException { final String contents = "<config>\n" + " <update-ownership />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "update_ownership.xml", contents); readPermissions(folder, /* Grant all permission flags */ ~0); assertThat(mSysConfig.getSystemAppUpdateOwnerPackageName("com.foo")).isNull(); } /** * Tests that readPermissions works correctly for the tag: {@code update-ownership}. */ @Test public void readPermissions_updateOwnership_noInstaller() throws IOException { final String contents = "<config>\n" + " <update-ownership package=\"com.foo\" />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "update_ownership.xml", contents); readPermissions(folder, /* Grant all permission flags */ ~0); assertThat(mSysConfig.getSystemAppUpdateOwnerPackageName("com.foo")).isNull(); } private void parseSharedLibraries(String contents) throws IOException { File folder = createTempSubfolder("permissions_folder"); createTempFile(folder, "permissions.xml", contents); Loading Loading
services/core/java/com/android/server/SystemConfig.java +25 −0 Original line number Diff line number Diff line Loading @@ -329,6 +329,8 @@ public class SystemConfig { private final Set<String> mInstallConstraintsAllowlist = new ArraySet<>(); private String mModulesInstallerPackageName; // Update ownership for system applications and the installers eligible to update them. private final ArrayMap<String, String> mUpdateOwnersForSystemApps = new ArrayMap<>(); /** * Map of system pre-defined, uniquely named actors; keys are namespace, Loading Loading @@ -475,6 +477,13 @@ public class SystemConfig { return mModulesInstallerPackageName; } /** * Gets the update owner of the given package from "update-ownership" tags in sysconfig. */ public @Nullable String getSystemAppUpdateOwnerPackageName(@NonNull String packageName) { return mUpdateOwnersForSystemApps.get(packageName); } public ArraySet<String> getAppDataIsolationWhitelistedApps() { return mAppDataIsolationWhitelistedApps; } Loading Loading @@ -1405,6 +1414,22 @@ public class SystemConfig { } XmlUtils.skipCurrentTag(parser); } break; case "update-ownership": { final String packageName = parser.getAttributeValue(null /* namespace */, "package"); final String installerName = parser.getAttributeValue(null /* namespace */, "installer"); if (TextUtils.isEmpty(packageName)) { Slog.w(TAG, "<" + name + "> without valid package in " + permFile + " at " + parser.getPositionDescription()); } else if (TextUtils.isEmpty(installerName)) { Slog.w(TAG, "<" + name + "> without valid installer in " + permFile + " at " + parser.getPositionDescription()); } else { mUpdateOwnersForSystemApps.put(packageName, installerName); } XmlUtils.skipCurrentTag(parser); } break; default: { Slog.w(TAG, "Tag " + name + " is unknown in " + permFile + " at " + parser.getPositionDescription()); Loading
services/tests/servicestests/src/com/android/server/systemconfig/SystemConfigTest.java +52 −0 Original line number Diff line number Diff line Loading @@ -594,6 +594,58 @@ public class SystemConfigTest { assertFooIsOnlySharedLibrary(); } /** * Tests that readPermissions works correctly for the tag: {@code update-ownership}. */ @Test public void readPermissions_updateOwnership_successful() throws IOException { final String contents = "<config>\n" + " <update-ownership package=\"com.foo\" installer=\"com.bar\" />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "update_ownership.xml", contents); readPermissions(folder, /* Grant all permission flags */ ~0); assertThat(mSysConfig.getSystemAppUpdateOwnerPackageName("com.foo")) .isEqualTo("com.bar"); } /** * Tests that readPermissions works correctly for the tag: {@code update-ownership}. */ @Test public void readPermissions_updateOwnership_noPackage() throws IOException { final String contents = "<config>\n" + " <update-ownership />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "update_ownership.xml", contents); readPermissions(folder, /* Grant all permission flags */ ~0); assertThat(mSysConfig.getSystemAppUpdateOwnerPackageName("com.foo")).isNull(); } /** * Tests that readPermissions works correctly for the tag: {@code update-ownership}. */ @Test public void readPermissions_updateOwnership_noInstaller() throws IOException { final String contents = "<config>\n" + " <update-ownership package=\"com.foo\" />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "update_ownership.xml", contents); readPermissions(folder, /* Grant all permission flags */ ~0); assertThat(mSysConfig.getSystemAppUpdateOwnerPackageName("com.foo")).isNull(); } private void parseSharedLibraries(String contents) throws IOException { File folder = createTempSubfolder("permissions_folder"); createTempFile(folder, "permissions.xml", contents); Loading
