Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8077c745 authored by Sam Mortimer's avatar Sam Mortimer Committed by Mohammed Althaf T
Browse files

Reset all package signatures on boot 

Can be used to make a special build that resets all
package signatures without wiping any data.

Change-Id: Iff65f2ed3c9d0f80be7221ff90803eda4732cac0
parent 8e264f2c

services/core/java/com/android/server/pm/InstallPackageHelper.java

+15 −1
Original line number Diff line number Diff line
@@ -207,6 +207,10 @@ final class InstallPackageHelper { 
    private final SharedLibrariesImpl mSharedLibraries;

    private final PackageManagerServiceInjector mInjector;



    private static final boolean RESET_ALL_PACKAGE_SIGNATURES_ON_BOOT = true;



    boolean mResetSignatures;



    // TODO(b/198166813): remove PMS dependency

    InstallPackageHelper(PackageManagerService pm, AppDataHelper appDataHelper) {

        mPm = pm;
@@ -1274,7 +1278,13 @@ final class InstallPackageHelper { 
                final KeySetManagerService ksms = mPm.mSettings.getKeySetManagerService();

                final SharedUserSetting signatureCheckSus = mPm.mSettings.getSharedUserSettingLPr(

                        signatureCheckPs);

                if (ksms.shouldCheckUpgradeKeySetLocked(signatureCheckPs, signatureCheckSus,

                if (mResetSignatures) {

                    Slog.d(TAG, "resetting signatures on package " + parsedPackage.getPackageName());

                    ps.signatures.mSigningDetails = parsedPackage.getSigningDetails();

                    if (ps.sharedUser != null) {

                        ps.sharedUser.signatures.mSigningDetails = parsedPackage.getSigningDetails();

                    }

                } else if (ksms.shouldCheckUpgradeKeySetLocked(signatureCheckPs, signatureCheckSus,

                        scanFlags)) {

                    if (!ksms.checkUpgradeKeySetLocked(signatureCheckPs, parsedPackage)) {

                        throw new PrepareFailure(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package "
@@ -4162,6 +4172,8 @@ final class InstallPackageHelper { 
                            + " is an APEX package and can't be installed as an APK.");

        }



        mResetSignatures = RESET_ALL_PACKAGE_SIGNATURES_ON_BOOT;



        // Make sure we're not adding any bogus keyset info

        final KeySetManagerService ksms = mPm.mSettings.getKeySetManagerService();

        ksms.assertScannedPackageValid(pkg);
@@ -4257,6 +4269,8 @@ final class InstallPackageHelper { 
            // required for its target SDK.

            ScanPackageUtils.assertMinSignatureSchemeIsValid(pkg, parseFlags);

        }



        mResetSignatures = false;

    }



    private void assertStaticSharedLibraryVersionCodeIsValid(AndroidPackage pkg)