Loading core/java/android/content/pm/verify/domain/DomainVerificationState.java +15 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,8 @@ public interface DomainVerificationState { STATE_DENIED, STATE_LEGACY_FAILURE, STATE_SYS_CONFIG, STATE_FIRST_VERIFIER_DEFINED STATE_PRE_VERIFIED, STATE_FIRST_VERIFIER_DEFINED, }) @interface State { } Loading Loading @@ -91,6 +92,13 @@ public interface DomainVerificationState { */ int STATE_SYS_CONFIG = 7; /** * The application has temporarily been granted auto verification for a set of domains as * specified by a trusted installer during the installation. This will treat the domain as * verified, but it should be updated by the verification agent. */ int STATE_PRE_VERIFIED = 8; /** * @see DomainVerificationInfo#STATE_FIRST_VERIFIER_DEFINED */ Loading @@ -115,6 +123,8 @@ public interface DomainVerificationState { return "legacy_failure"; case DomainVerificationState.STATE_SYS_CONFIG: return "system_configured"; case DomainVerificationState.STATE_PRE_VERIFIED: return "pre_verified"; default: return String.valueOf(state); } Loading @@ -135,6 +145,7 @@ public interface DomainVerificationState { case STATE_DENIED: case STATE_LEGACY_FAILURE: case STATE_SYS_CONFIG: case STATE_PRE_VERIFIED: default: return false; } Loading @@ -151,6 +162,7 @@ public interface DomainVerificationState { case DomainVerificationState.STATE_MIGRATED: case DomainVerificationState.STATE_RESTORED: case DomainVerificationState.STATE_SYS_CONFIG: case DomainVerificationState.STATE_PRE_VERIFIED: return true; case DomainVerificationState.STATE_NO_RESPONSE: case DomainVerificationState.STATE_DENIED: Loading @@ -173,6 +185,7 @@ public interface DomainVerificationState { case DomainVerificationState.STATE_MIGRATED: case DomainVerificationState.STATE_RESTORED: case DomainVerificationState.STATE_LEGACY_FAILURE: case DomainVerificationState.STATE_PRE_VERIFIED: return true; case DomainVerificationState.STATE_APPROVED: case DomainVerificationState.STATE_DENIED: Loading @@ -194,6 +207,7 @@ public interface DomainVerificationState { case STATE_RESTORED: case STATE_APPROVED: case STATE_DENIED: case STATE_PRE_VERIFIED: return true; case STATE_NO_RESPONSE: case STATE_LEGACY_FAILURE: Loading services/core/java/com/android/server/pm/InstallPackageHelper.java +4 −2 Original line number Diff line number Diff line Loading @@ -592,9 +592,11 @@ final class InstallPackageHelper { mPm.addAllPackageProperties(pkg); if (oldPkgSetting == null || oldPkgSetting.getPkg() == null) { mPm.mDomainVerificationManager.addPackage(pkgSetting); mPm.mDomainVerificationManager.addPackage(pkgSetting, request.getPreVerifiedDomains()); } else { mPm.mDomainVerificationManager.migrateState(oldPkgSetting, pkgSetting); mPm.mDomainVerificationManager.migrateState(oldPkgSetting, pkgSetting, request.getPreVerifiedDomains()); } int collectionSize = ArrayUtils.size(pkg.getInstrumentations()); Loading services/core/java/com/android/server/pm/verify/domain/DomainVerificationManagerInternal.java +20 −6 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ import android.content.pm.IntentFilterVerificationInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ResolveInfo; import android.content.pm.verify.domain.DomainSet; import android.content.pm.verify.domain.DomainVerificationInfo; import android.content.pm.verify.domain.DomainVerificationManager; import android.content.pm.verify.domain.DomainVerificationState; Loading Loading @@ -230,13 +231,20 @@ public interface DomainVerificationManagerInternal { * broadcast will be sent to the domain verification agent so it may re-run any verification * logic for the newly associated domains. * <p> * This will mutate internal {@link DomainVerificationPkgState} and so will hold the internal * lock. This should never be called from within the domain verification classes themselves. * Optionally, the caller can specify a set of domains that are already pre-verified by the * installer. These domains, if specified with autoVerify in the manifest, will be regarded as * verified as soon as the app is installed, until the domain verification agent sends back the * real verification results. * <p> * This method will mutate internal {@link DomainVerificationPkgState} and so will hold the * internal lock. This should never be called from within the domain verification classes * themselves. * <p> * This will NOT call {@link #writeSettings(Computer, TypedXmlSerializer, boolean, int)}. That must be * handled by the caller. */ void addPackage(@NonNull PackageStateInternal newPkgSetting); void addPackage(@NonNull PackageStateInternal newPkgSetting, @Nullable DomainSet preVerifiedDomains); /** * Migrates verification state from a previous install to a new one. It is expected that the Loading @@ -245,14 +253,20 @@ public interface DomainVerificationManagerInternal { * domains under the assumption that the new package will pass the same server side config as * the previous package, as they have matching signatures. * <p> * This will mutate internal {@link DomainVerificationPkgState} and so will hold the internal * lock. This should never be called from within the domain verification classes themselves. * Optionally, the caller can specify a set of domains that are already pre-verified by the * installer. These domains, if specified with autoVerify in the manifest, will be regarded as * verified as soon as the app is updated, until the domain verification agent sends back the * real verification results. * <p> * This method will mutate internal {@link DomainVerificationPkgState} and so will hold the * internal lock. This should never be called from within the domain verification classes * themselves. * <p> * This will NOT call {@link #writeSettings(Computer, TypedXmlSerializer, boolean, int)}. That must be * handled by the caller. */ void migrateState(@NonNull PackageStateInternal oldPkgSetting, @NonNull PackageStateInternal newPkgSetting); @NonNull PackageStateInternal newPkgSetting, @Nullable DomainSet preVerifiedDomains); /** * Serializes the entire internal state. This is equivalent to a full backup of the existing Loading services/core/java/com/android/server/pm/verify/domain/DomainVerificationService.java +31 −2 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ResolveInfo; import android.content.pm.verify.domain.DomainOwner; import android.content.pm.verify.domain.DomainSet; import android.content.pm.verify.domain.DomainVerificationInfo; import android.content.pm.verify.domain.DomainVerificationManager; import android.content.pm.verify.domain.DomainVerificationState; Loading Loading @@ -859,7 +860,7 @@ public class DomainVerificationService extends SystemService @Override public void migrateState(@NonNull PackageStateInternal oldPkgSetting, @NonNull PackageStateInternal newPkgSetting) { @NonNull PackageStateInternal newPkgSetting, @Nullable DomainSet preVerifiedDomains) { String pkgName = newPkgSetting.getPackageName(); boolean sendBroadcast; Loading Loading @@ -935,6 +936,9 @@ public class DomainVerificationService extends SystemService sendBroadcast = hasAutoVerifyDomains && needsBroadcast; // Apply pre-verified states as the last step of migration applyPreVerifiedState(newStateMap, newAutoVerifyDomains, preVerifiedDomains); mAttachedPkgStates.put(pkgName, newDomainSetId, new DomainVerificationPkgState( pkgName, newDomainSetId, hasAutoVerifyDomains, newStateMap, newUserStates, null /* signature */)); Loading @@ -947,7 +951,8 @@ public class DomainVerificationService extends SystemService // TODO(b/159952358): Handle valid domainSetIds for PackageStateInternals with no AndroidPackage @Override public void addPackage(@NonNull PackageStateInternal newPkgSetting) { public void addPackage(@NonNull PackageStateInternal newPkgSetting, @Nullable DomainSet preVerifiedDomains) { // TODO(b/159952358): Optimize packages without any domains. Those wouldn't have to be in // the state map, but it would require handling the "migration" case where an app either // gains or loses all domains. Loading Loading @@ -1029,6 +1034,9 @@ public class DomainVerificationService extends SystemService DomainVerificationState.STATE_MIGRATED); } } // Apply pre-verified states before sending out broadcast applyPreVerifiedState(pkgState.getStateMap(), autoVerifyDomains, preVerifiedDomains); } synchronized (mLock) { Loading @@ -1040,6 +1048,27 @@ public class DomainVerificationService extends SystemService } } private void applyPreVerifiedState(ArrayMap<String, Integer> stateMap, ArraySet<String> autoVerifyDomains, DomainSet preVerifiedDomains) { // If any pre-verified domains are provided, treating them as verified as well. This // allows the app to be opened immediately by the corresponding app links, but the // pre-verified state can still be overwritten by the domain verification agent in the // future. if (preVerifiedDomains != null && !autoVerifyDomains.isEmpty()) { for (String preVerifiedDomain : preVerifiedDomains.getDomains()) { if (autoVerifyDomains.contains(preVerifiedDomain) && !stateMap.containsKey(preVerifiedDomain)) { // Only set the pre-verified state if there's no existing state stateMap.put(preVerifiedDomain, DomainVerificationState.STATE_PRE_VERIFIED); if (DEBUG_APPROVAL) { Slog.d(TAG, "Inserted pre-verified domain: " + preVerifiedDomain); } } } } } /** * Applies any immutable state as the final step when adding or migrating state. Currently only * applies {@link SystemConfig#getLinkedApps()}, which approves all domains for a system app. Loading services/core/java/com/android/server/pm/verify/domain/DomainVerificationShell.java +1 −0 Original line number Diff line number Diff line Loading @@ -62,6 +62,7 @@ public class DomainVerificationShell { pw.println(" - restored: preserved verification from a user data restore"); pw.println(" - legacy_failure: rejected by a legacy verifier, unknown reason"); pw.println(" - system_configured: automatically approved by the device config"); pw.println(" - pre_verified: the domain was pre-verified by the installer"); pw.println(" - >= 1024: Custom error code which is specific to the device verifier"); pw.println(" --user <USER_ID>: include user selections (includes all domains, not"); pw.println(" just autoVerify ones)"); Loading Loading
core/java/android/content/pm/verify/domain/DomainVerificationState.java +15 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,8 @@ public interface DomainVerificationState { STATE_DENIED, STATE_LEGACY_FAILURE, STATE_SYS_CONFIG, STATE_FIRST_VERIFIER_DEFINED STATE_PRE_VERIFIED, STATE_FIRST_VERIFIER_DEFINED, }) @interface State { } Loading Loading @@ -91,6 +92,13 @@ public interface DomainVerificationState { */ int STATE_SYS_CONFIG = 7; /** * The application has temporarily been granted auto verification for a set of domains as * specified by a trusted installer during the installation. This will treat the domain as * verified, but it should be updated by the verification agent. */ int STATE_PRE_VERIFIED = 8; /** * @see DomainVerificationInfo#STATE_FIRST_VERIFIER_DEFINED */ Loading @@ -115,6 +123,8 @@ public interface DomainVerificationState { return "legacy_failure"; case DomainVerificationState.STATE_SYS_CONFIG: return "system_configured"; case DomainVerificationState.STATE_PRE_VERIFIED: return "pre_verified"; default: return String.valueOf(state); } Loading @@ -135,6 +145,7 @@ public interface DomainVerificationState { case STATE_DENIED: case STATE_LEGACY_FAILURE: case STATE_SYS_CONFIG: case STATE_PRE_VERIFIED: default: return false; } Loading @@ -151,6 +162,7 @@ public interface DomainVerificationState { case DomainVerificationState.STATE_MIGRATED: case DomainVerificationState.STATE_RESTORED: case DomainVerificationState.STATE_SYS_CONFIG: case DomainVerificationState.STATE_PRE_VERIFIED: return true; case DomainVerificationState.STATE_NO_RESPONSE: case DomainVerificationState.STATE_DENIED: Loading @@ -173,6 +185,7 @@ public interface DomainVerificationState { case DomainVerificationState.STATE_MIGRATED: case DomainVerificationState.STATE_RESTORED: case DomainVerificationState.STATE_LEGACY_FAILURE: case DomainVerificationState.STATE_PRE_VERIFIED: return true; case DomainVerificationState.STATE_APPROVED: case DomainVerificationState.STATE_DENIED: Loading @@ -194,6 +207,7 @@ public interface DomainVerificationState { case STATE_RESTORED: case STATE_APPROVED: case STATE_DENIED: case STATE_PRE_VERIFIED: return true; case STATE_NO_RESPONSE: case STATE_LEGACY_FAILURE: Loading
services/core/java/com/android/server/pm/InstallPackageHelper.java +4 −2 Original line number Diff line number Diff line Loading @@ -592,9 +592,11 @@ final class InstallPackageHelper { mPm.addAllPackageProperties(pkg); if (oldPkgSetting == null || oldPkgSetting.getPkg() == null) { mPm.mDomainVerificationManager.addPackage(pkgSetting); mPm.mDomainVerificationManager.addPackage(pkgSetting, request.getPreVerifiedDomains()); } else { mPm.mDomainVerificationManager.migrateState(oldPkgSetting, pkgSetting); mPm.mDomainVerificationManager.migrateState(oldPkgSetting, pkgSetting, request.getPreVerifiedDomains()); } int collectionSize = ArrayUtils.size(pkg.getInstrumentations()); Loading
services/core/java/com/android/server/pm/verify/domain/DomainVerificationManagerInternal.java +20 −6 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ import android.content.pm.IntentFilterVerificationInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ResolveInfo; import android.content.pm.verify.domain.DomainSet; import android.content.pm.verify.domain.DomainVerificationInfo; import android.content.pm.verify.domain.DomainVerificationManager; import android.content.pm.verify.domain.DomainVerificationState; Loading Loading @@ -230,13 +231,20 @@ public interface DomainVerificationManagerInternal { * broadcast will be sent to the domain verification agent so it may re-run any verification * logic for the newly associated domains. * <p> * This will mutate internal {@link DomainVerificationPkgState} and so will hold the internal * lock. This should never be called from within the domain verification classes themselves. * Optionally, the caller can specify a set of domains that are already pre-verified by the * installer. These domains, if specified with autoVerify in the manifest, will be regarded as * verified as soon as the app is installed, until the domain verification agent sends back the * real verification results. * <p> * This method will mutate internal {@link DomainVerificationPkgState} and so will hold the * internal lock. This should never be called from within the domain verification classes * themselves. * <p> * This will NOT call {@link #writeSettings(Computer, TypedXmlSerializer, boolean, int)}. That must be * handled by the caller. */ void addPackage(@NonNull PackageStateInternal newPkgSetting); void addPackage(@NonNull PackageStateInternal newPkgSetting, @Nullable DomainSet preVerifiedDomains); /** * Migrates verification state from a previous install to a new one. It is expected that the Loading @@ -245,14 +253,20 @@ public interface DomainVerificationManagerInternal { * domains under the assumption that the new package will pass the same server side config as * the previous package, as they have matching signatures. * <p> * This will mutate internal {@link DomainVerificationPkgState} and so will hold the internal * lock. This should never be called from within the domain verification classes themselves. * Optionally, the caller can specify a set of domains that are already pre-verified by the * installer. These domains, if specified with autoVerify in the manifest, will be regarded as * verified as soon as the app is updated, until the domain verification agent sends back the * real verification results. * <p> * This method will mutate internal {@link DomainVerificationPkgState} and so will hold the * internal lock. This should never be called from within the domain verification classes * themselves. * <p> * This will NOT call {@link #writeSettings(Computer, TypedXmlSerializer, boolean, int)}. That must be * handled by the caller. */ void migrateState(@NonNull PackageStateInternal oldPkgSetting, @NonNull PackageStateInternal newPkgSetting); @NonNull PackageStateInternal newPkgSetting, @Nullable DomainSet preVerifiedDomains); /** * Serializes the entire internal state. This is equivalent to a full backup of the existing Loading
services/core/java/com/android/server/pm/verify/domain/DomainVerificationService.java +31 −2 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ResolveInfo; import android.content.pm.verify.domain.DomainOwner; import android.content.pm.verify.domain.DomainSet; import android.content.pm.verify.domain.DomainVerificationInfo; import android.content.pm.verify.domain.DomainVerificationManager; import android.content.pm.verify.domain.DomainVerificationState; Loading Loading @@ -859,7 +860,7 @@ public class DomainVerificationService extends SystemService @Override public void migrateState(@NonNull PackageStateInternal oldPkgSetting, @NonNull PackageStateInternal newPkgSetting) { @NonNull PackageStateInternal newPkgSetting, @Nullable DomainSet preVerifiedDomains) { String pkgName = newPkgSetting.getPackageName(); boolean sendBroadcast; Loading Loading @@ -935,6 +936,9 @@ public class DomainVerificationService extends SystemService sendBroadcast = hasAutoVerifyDomains && needsBroadcast; // Apply pre-verified states as the last step of migration applyPreVerifiedState(newStateMap, newAutoVerifyDomains, preVerifiedDomains); mAttachedPkgStates.put(pkgName, newDomainSetId, new DomainVerificationPkgState( pkgName, newDomainSetId, hasAutoVerifyDomains, newStateMap, newUserStates, null /* signature */)); Loading @@ -947,7 +951,8 @@ public class DomainVerificationService extends SystemService // TODO(b/159952358): Handle valid domainSetIds for PackageStateInternals with no AndroidPackage @Override public void addPackage(@NonNull PackageStateInternal newPkgSetting) { public void addPackage(@NonNull PackageStateInternal newPkgSetting, @Nullable DomainSet preVerifiedDomains) { // TODO(b/159952358): Optimize packages without any domains. Those wouldn't have to be in // the state map, but it would require handling the "migration" case where an app either // gains or loses all domains. Loading Loading @@ -1029,6 +1034,9 @@ public class DomainVerificationService extends SystemService DomainVerificationState.STATE_MIGRATED); } } // Apply pre-verified states before sending out broadcast applyPreVerifiedState(pkgState.getStateMap(), autoVerifyDomains, preVerifiedDomains); } synchronized (mLock) { Loading @@ -1040,6 +1048,27 @@ public class DomainVerificationService extends SystemService } } private void applyPreVerifiedState(ArrayMap<String, Integer> stateMap, ArraySet<String> autoVerifyDomains, DomainSet preVerifiedDomains) { // If any pre-verified domains are provided, treating them as verified as well. This // allows the app to be opened immediately by the corresponding app links, but the // pre-verified state can still be overwritten by the domain verification agent in the // future. if (preVerifiedDomains != null && !autoVerifyDomains.isEmpty()) { for (String preVerifiedDomain : preVerifiedDomains.getDomains()) { if (autoVerifyDomains.contains(preVerifiedDomain) && !stateMap.containsKey(preVerifiedDomain)) { // Only set the pre-verified state if there's no existing state stateMap.put(preVerifiedDomain, DomainVerificationState.STATE_PRE_VERIFIED); if (DEBUG_APPROVAL) { Slog.d(TAG, "Inserted pre-verified domain: " + preVerifiedDomain); } } } } } /** * Applies any immutable state as the final step when adding or migrating state. Currently only * applies {@link SystemConfig#getLinkedApps()}, which approves all domains for a system app. Loading
services/core/java/com/android/server/pm/verify/domain/DomainVerificationShell.java +1 −0 Original line number Diff line number Diff line Loading @@ -62,6 +62,7 @@ public class DomainVerificationShell { pw.println(" - restored: preserved verification from a user data restore"); pw.println(" - legacy_failure: rejected by a legacy verifier, unknown reason"); pw.println(" - system_configured: automatically approved by the device config"); pw.println(" - pre_verified: the domain was pre-verified by the installer"); pw.println(" - >= 1024: Custom error code which is specific to the device verifier"); pw.println(" --user <USER_ID>: include user selections (includes all domains, not"); pw.println(" just autoVerify ones)"); Loading
