Loading core/java/com/android/server/SystemConfig.java +19 −0 Original line number Original line Diff line number Diff line Loading @@ -229,6 +229,7 @@ public class SystemConfig { private ArrayMap<String, Set<String>> mPackageToUserTypeBlacklist = new ArrayMap<>(); private ArrayMap<String, Set<String>> mPackageToUserTypeBlacklist = new ArrayMap<>(); private final ArraySet<String> mRollbackWhitelistedPackages = new ArraySet<>(); private final ArraySet<String> mRollbackWhitelistedPackages = new ArraySet<>(); private final ArraySet<String> mWhitelistedStagedInstallers = new ArraySet<>(); /** /** * Map of system pre-defined, uniquely named actors; keys are namespace, * Map of system pre-defined, uniquely named actors; keys are namespace, Loading Loading @@ -394,6 +395,10 @@ public class SystemConfig { return mRollbackWhitelistedPackages; return mRollbackWhitelistedPackages; } } public Set<String> getWhitelistedStagedInstallers() { return mWhitelistedStagedInstallers; } public ArraySet<String> getAppDataIsolationWhitelistedApps() { public ArraySet<String> getAppDataIsolationWhitelistedApps() { return mAppDataIsolationWhitelistedApps; return mAppDataIsolationWhitelistedApps; } } Loading Loading @@ -1137,6 +1142,20 @@ public class SystemConfig { } } XmlUtils.skipCurrentTag(parser); XmlUtils.skipCurrentTag(parser); } break; } break; case "whitelisted-staged-installer": { if (allowAppConfigs) { String pkgname = parser.getAttributeValue(null, "package"); if (pkgname == null) { Slog.w(TAG, "<" + name + "> without package in " + permFile + " at " + parser.getPositionDescription()); } else { mWhitelistedStagedInstallers.add(pkgname); } } else { logNotAllowedInPartition(name, permFile, parser); } XmlUtils.skipCurrentTag(parser); } break; default: { default: { Slog.w(TAG, "Tag " + name + " is unknown in " Slog.w(TAG, "Tag " + name + " is unknown in " + permFile + " at " + parser.getPositionDescription()); + permFile + " at " + parser.getPositionDescription()); Loading services/tests/servicestests/src/com/android/server/systemconfig/SystemConfigTest.java +45 −2 Original line number Original line Diff line number Diff line Loading @@ -16,6 +16,8 @@ package com.android.server.systemconfig; package com.android.server.systemconfig; import static com.google.common.truth.Truth.assertThat; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals; import android.platform.test.annotations.Presubmit; import android.platform.test.annotations.Presubmit; Loading Loading @@ -180,8 +182,48 @@ public class SystemConfigTest { assertEquals(packageTwoExpected, packageTwo); assertEquals(packageTwoExpected, packageTwo); } } /** * Tests that readPermissions works correctly with {@link SystemConfig#ALLOW_APP_CONFIGS} * permission flag for the tag: whitelisted-staged-installer. */ @Test public void readPermissions_allowAppConfigs_parsesStagedInstallerWhitelist() throws IOException { final String contents = "<config>\n" + " <whitelisted-staged-installer package=\"com.android.package1\" />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "staged-installer-whitelist.xml", contents); mSysConfig.readPermissions(folder, /* Grant all permission flags */ ~0); assertThat(mSysConfig.getWhitelistedStagedInstallers()) .containsExactly("com.android.package1"); } /** * Tests that readPermissions works correctly without {@link SystemConfig#ALLOW_APP_CONFIGS} * permission flag for the tag: whitelisted-staged-installer. */ @Test public void readPermissions_notAllowAppConfigs_wontParseStagedInstallerWhitelist() throws IOException { final String contents = "<config>\n" + " <whitelisted-staged-installer package=\"com.android.package1\" />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "staged-installer-whitelist.xml", contents); mSysConfig.readPermissions(folder, /* Grant all but ALLOW_APP_CONFIGS flag */ ~0x08); assertThat(mSysConfig.getWhitelistedStagedInstallers()).isEmpty(); } /** /** * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents. * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents. * * @param folderName subdirectory of mTemporaryFolder to put the file, creating if needed * @param folderName subdirectory of mTemporaryFolder to put the file, creating if needed * @return the folder * @return the folder */ */ Loading @@ -194,6 +236,7 @@ public class SystemConfigTest { /** /** * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents. * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents. * * @param folder pre-existing subdirectory of mTemporaryFolder to put the file * @param folder pre-existing subdirectory of mTemporaryFolder to put the file * @param fileName name of the file (e.g. filename.xml) to create * @param fileName name of the file (e.g. filename.xml) to create * @param contents contents to write to the file * @param contents contents to write to the file Loading Loading
core/java/com/android/server/SystemConfig.java +19 −0 Original line number Original line Diff line number Diff line Loading @@ -229,6 +229,7 @@ public class SystemConfig { private ArrayMap<String, Set<String>> mPackageToUserTypeBlacklist = new ArrayMap<>(); private ArrayMap<String, Set<String>> mPackageToUserTypeBlacklist = new ArrayMap<>(); private final ArraySet<String> mRollbackWhitelistedPackages = new ArraySet<>(); private final ArraySet<String> mRollbackWhitelistedPackages = new ArraySet<>(); private final ArraySet<String> mWhitelistedStagedInstallers = new ArraySet<>(); /** /** * Map of system pre-defined, uniquely named actors; keys are namespace, * Map of system pre-defined, uniquely named actors; keys are namespace, Loading Loading @@ -394,6 +395,10 @@ public class SystemConfig { return mRollbackWhitelistedPackages; return mRollbackWhitelistedPackages; } } public Set<String> getWhitelistedStagedInstallers() { return mWhitelistedStagedInstallers; } public ArraySet<String> getAppDataIsolationWhitelistedApps() { public ArraySet<String> getAppDataIsolationWhitelistedApps() { return mAppDataIsolationWhitelistedApps; return mAppDataIsolationWhitelistedApps; } } Loading Loading @@ -1137,6 +1142,20 @@ public class SystemConfig { } } XmlUtils.skipCurrentTag(parser); XmlUtils.skipCurrentTag(parser); } break; } break; case "whitelisted-staged-installer": { if (allowAppConfigs) { String pkgname = parser.getAttributeValue(null, "package"); if (pkgname == null) { Slog.w(TAG, "<" + name + "> without package in " + permFile + " at " + parser.getPositionDescription()); } else { mWhitelistedStagedInstallers.add(pkgname); } } else { logNotAllowedInPartition(name, permFile, parser); } XmlUtils.skipCurrentTag(parser); } break; default: { default: { Slog.w(TAG, "Tag " + name + " is unknown in " Slog.w(TAG, "Tag " + name + " is unknown in " + permFile + " at " + parser.getPositionDescription()); + permFile + " at " + parser.getPositionDescription()); Loading
services/tests/servicestests/src/com/android/server/systemconfig/SystemConfigTest.java +45 −2 Original line number Original line Diff line number Diff line Loading @@ -16,6 +16,8 @@ package com.android.server.systemconfig; package com.android.server.systemconfig; import static com.google.common.truth.Truth.assertThat; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals; import android.platform.test.annotations.Presubmit; import android.platform.test.annotations.Presubmit; Loading Loading @@ -180,8 +182,48 @@ public class SystemConfigTest { assertEquals(packageTwoExpected, packageTwo); assertEquals(packageTwoExpected, packageTwo); } } /** * Tests that readPermissions works correctly with {@link SystemConfig#ALLOW_APP_CONFIGS} * permission flag for the tag: whitelisted-staged-installer. */ @Test public void readPermissions_allowAppConfigs_parsesStagedInstallerWhitelist() throws IOException { final String contents = "<config>\n" + " <whitelisted-staged-installer package=\"com.android.package1\" />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "staged-installer-whitelist.xml", contents); mSysConfig.readPermissions(folder, /* Grant all permission flags */ ~0); assertThat(mSysConfig.getWhitelistedStagedInstallers()) .containsExactly("com.android.package1"); } /** * Tests that readPermissions works correctly without {@link SystemConfig#ALLOW_APP_CONFIGS} * permission flag for the tag: whitelisted-staged-installer. */ @Test public void readPermissions_notAllowAppConfigs_wontParseStagedInstallerWhitelist() throws IOException { final String contents = "<config>\n" + " <whitelisted-staged-installer package=\"com.android.package1\" />\n" + "</config>"; final File folder = createTempSubfolder("folder"); createTempFile(folder, "staged-installer-whitelist.xml", contents); mSysConfig.readPermissions(folder, /* Grant all but ALLOW_APP_CONFIGS flag */ ~0x08); assertThat(mSysConfig.getWhitelistedStagedInstallers()).isEmpty(); } /** /** * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents. * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents. * * @param folderName subdirectory of mTemporaryFolder to put the file, creating if needed * @param folderName subdirectory of mTemporaryFolder to put the file, creating if needed * @return the folder * @return the folder */ */ Loading @@ -194,6 +236,7 @@ public class SystemConfigTest { /** /** * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents. * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents. * * @param folder pre-existing subdirectory of mTemporaryFolder to put the file * @param folder pre-existing subdirectory of mTemporaryFolder to put the file * @param fileName name of the file (e.g. filename.xml) to create * @param fileName name of the file (e.g. filename.xml) to create * @param contents contents to write to the file * @param contents contents to write to the file Loading
