Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 787b6f22 authored by David Brazdil's avatar David Brazdil
Browse files

Add android:usesNonSdkApi manifest attribute 

ActivityManagerService decides on the non-SDK API enforcement policy
of every newly spawned process. System apps can be exempted by adding
their package name to a config XML file, tests can pass a flag to
'am instrument'. This patch adds a new @hide attribute on the <application>
manifest tag, "android:usesNonSdkApi", which can be used by both
system apps and tests, and is automatically set by the build system.

The use of the attribute remains guarded as follows:
- if invoked via 'am instrument', must hold shell user permission,
- if app launched, must be a system app or an updated system app.
The attribute is ignored in all other cases.

Bug: 113315999
Test: N/A
Change-Id: I2f6cb56f63fa2c5dd6c7c25fcefe8205da1ec96a
parent 32f68e6b

core/java/android/content/pm/ApplicationInfo.java

+14 −2
Original line number Diff line number Diff line
@@ -1008,6 +1008,13 @@ public class ApplicationInfo extends PackageItemInfo implements Parcelable { 
     */

    public String appComponentFactory;



    /**

     * Indicates whether this package requires access to non-SDK APIs. Only system apps

     * and tests are allowed to use this property.

     * @hide

     */

    public boolean usesNonSdkApi;



    /**

     * The category of this app. Categories are used to cluster multiple apps

     * together into meaningful groups, such as when summarizing battery,
@@ -1712,8 +1719,13 @@ public class ApplicationInfo extends PackageItemInfo implements Parcelable { 
    }



    private boolean isAllowedToUseHiddenApis() {

        return isSignedWithPlatformKey()

            || (isPackageWhitelistedForHiddenApis() && (isSystemApp() || isUpdatedSystemApp()));

        if (isSignedWithPlatformKey()) {

            return true;

        } else if (isSystemApp() || isUpdatedSystemApp()) {

            return usesNonSdkApi || isPackageWhitelistedForHiddenApis();

        } else {

            return false;

        }

    }



    /**

core/java/android/content/pm/PackageParser.java

+3 −0
Original line number Diff line number Diff line
@@ -3659,6 +3659,9 @@ public class PackageParser { 
            ai.appComponentFactory = buildClassName(ai.packageName, factory, outError);

        }



        ai.usesNonSdkApi = sa.getBoolean(

                com.android.internal.R.styleable.AndroidManifestApplication_usesNonSdkApi, false);



        if (outError[0] == null) {

            CharSequence pname;

            if (owner.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.FROYO) {

core/res/res/values/attrs_manifest.xml

+5 −0
Original line number Diff line number Diff line
@@ -1388,6 +1388,8 @@ 
         instantiates items without it.-->

    <attr name="appComponentFactory" format="string" />



    <attr name="usesNonSdkApi" format="boolean" />



    <!-- The <code>manifest</code> tag is the root of an

         <code>AndroidManifest.xml</code> file,

         describing the contents of an Android package (.apk) file.  One
@@ -1561,6 +1563,9 @@ 


        <attr name="appComponentFactory" />



        <!-- Declares that this application should be invoked without non-SDK API enforcement -->

        <attr name="usesNonSdkApi" />



    </declare-styleable>

    <!-- The <code>permission</code> tag declares a security permission that can be

         used to control access from other packages to specific components or

core/res/res/values/public.xml

+5 −0
Original line number Diff line number Diff line
@@ -2911,6 +2911,11 @@ 
        <public name="supportsAmbientMode" />

    </public-group>



    <public-group type="attr" first-id="0x0101058d">

        <!-- @hide For use by platform and tools only. Developers should not specify this value. -->

        <public name="usesNonSdkApi" />

    </public-group>



    <public-group type="style" first-id="0x010302e2">

    </public-group>

services/core/java/com/android/server/am/ActivityManagerService.java

+2 −2
Original line number Diff line number Diff line
@@ -17056,8 +17056,8 @@ public class ActivityManagerService extends IActivityManager.Stub 
            activeInstr.mUiAutomationConnection = uiAutomationConnection;

            activeInstr.mResultClass = className;













            boolean disableHiddenApiChecks =













                    (flags & INSTRUMENTATION_FLAG_DISABLE_HIDDEN_API_CHECKS) != 0;













            boolean disableHiddenApiChecks = ai.usesNonSdkApi













                    || (flags & INSTRUMENTATION_FLAG_DISABLE_HIDDEN_API_CHECKS) != 0;















            if (disableHiddenApiChecks) {















                enforceCallingPermission(android.Manifest.permission.DISABLE_HIDDEN_API_CHECKS,















                        "disable hidden API checks");