Add permission checks for Verification API calls (7e67151b) · Commits · e / os / android_frameworks_base

api/current.txt

+1 −0

Original line number	Diff line number	Diff line
		@@ -76,6 +76,7 @@ package android {
		field public static final java.lang.String MOUNT_UNMOUNT_FILESYSTEMS = "android.permission.MOUNT_UNMOUNT_FILESYSTEMS";
		field public static final java.lang.String NET_TUNNELING = "android.permission.NET_TUNNELING";
		field public static final java.lang.String NFC = "android.permission.NFC";
		field public static final java.lang.String PACKAGE_VERIFICATION_AGENT = "android.permission.PACKAGE_VERIFICATION_AGENT";
		field public static final deprecated java.lang.String PERSISTENT_ACTIVITY = "android.permission.PERSISTENT_ACTIVITY";
		field public static final java.lang.String PROCESS_OUTGOING_CALLS = "android.permission.PROCESS_OUTGOING_CALLS";
		field public static final java.lang.String READ_CALENDAR = "android.permission.READ_CALENDAR";

+6 −1

Original line number	Diff line number	Diff line
		@@ -2319,6 +2319,9 @@ public abstract class PackageManager {
		* {@link PackageManager#EXTRA_VERIFICATION_ID} Intent extra
		* @param verificationCode either {@link PackageManager#VERIFICATION_ALLOW}
		* or {@link PackageManager#VERIFICATION_REJECT}.
		* @throws SecurityException if the caller does not have the
		* {@link android.Manifest.permission#PACKAGE_VERIFICATION_AGENT}
		* permission.
		*/
		public abstract void verifyPendingInstall(int id, int verificationCode);

		@@ -2342,9 +2345,11 @@ public abstract class PackageManager {
		* @param millisecondsToDelay the amount of time requested for the timeout.
		* Must be positive and less than
		* {@link PackageManager#MAXIMUM_VERIFICATION_TIMEOUT}.
		*
		* @throws IllegalArgumentException if {@code millisecondsToDelay} is out
		* of bounds or {@code verificationCodeAtTimeout} is unknown.
		* @throws SecurityException if the caller does not have the
		* {@link android.Manifest.permission#PACKAGE_VERIFICATION_AGENT}
		* permission.
		*/
		public abstract void extendVerificationTimeout(int id,
		int verificationCodeAtTimeout, long millisecondsToDelay);

+0 −1

Original line number	Diff line number	Diff line
		@@ -1662,7 +1662,6 @@

		<!-- Package verifier needs to have this permission before the PackageManager will
		trust it to verify packages.
		@hide
		-->
		<permission android:name="android.permission.PACKAGE_VERIFICATION_AGENT"
		android:label="@string/permlab_packageVerificationAgent"

+8 −0

Original line number	Diff line number	Diff line
		@@ -5531,6 +5531,10 @@ public class PackageManagerService extends IPackageManager.Stub {

		@Override
		public void verifyPendingInstall(int id, int verificationCode) throws RemoteException {
		mContext.enforceCallingOrSelfPermission(
		android.Manifest.permission.PACKAGE_VERIFICATION_AGENT,
		"Only package verification agents can verify applications");

		final Message msg = mHandler.obtainMessage(PACKAGE_VERIFIED);
		final PackageVerificationResponse response = new PackageVerificationResponse(
		verificationCode, Binder.getCallingUid());
		@@ -5542,6 +5546,10 @@ public class PackageManagerService extends IPackageManager.Stub {
		@Override
		public void extendVerificationTimeout(int id, int verificationCodeAtTimeout,
		long millisecondsToDelay) {
		mContext.enforceCallingOrSelfPermission(
		android.Manifest.permission.PACKAGE_VERIFICATION_AGENT,
		"Only package verification agents can extend verification timeouts");

		final PackageVerificationState state = mPendingVerification.get(id);
		final PackageVerificationResponse response = new PackageVerificationResponse(
		verificationCodeAtTimeout, Binder.getCallingUid());