Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cb9fbc3a authored by Adrian Roos's avatar Adrian Roos
Browse files

Enforce that trust agents declare the BIND_TRUST_AGENT permission

Change-Id: Iba10b6fb140362c368fb12b7d3c6be550897de40
parent 7046bfd0
Loading
Loading
Loading
Loading
+21 −0
Original line number Diff line number Diff line
@@ -16,12 +16,17 @@

package android.service.trust;

import android.Manifest;
import android.annotation.SdkConstant;
import android.app.Service;
import android.content.ComponentName;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.content.pm.ServiceInfo;
import android.os.Handler;
import android.os.IBinder;
import android.os.RemoteException;
import android.util.Log;
import android.util.Slog;

/**
@@ -83,6 +88,22 @@ public class TrustAgentService extends Service {
        };
    };

    @Override
    public void onCreate() {
        super.onCreate();
        ComponentName component = new ComponentName(this, getClass());
        try {
            ServiceInfo serviceInfo = getPackageManager().getServiceInfo(component, 0 /* flags */);
            if (!Manifest.permission.BIND_TRUST_AGENT.equals(serviceInfo.permission)) {
                throw new IllegalStateException(component.flattenToShortString()
                        + " is not declared with the permission "
                        + "\"" + Manifest.permission.BIND_TRUST_AGENT + "\"");
            }
        } catch (PackageManager.NameNotFoundException e) {
            Log.e(TAG, "Can't get ServiceInfo for " + component.toShortString());
        }
    }

    /**
     * Called when the user attempted to authenticate on the device.
     *
+1 −0
Original line number Diff line number Diff line
@@ -22,6 +22,7 @@
      <service
          android:name=".SampleTrustAgent"
          android:label="@string/app_name"
          android:permission="android.permission.BIND_TRUST_AGENT"
          android:exported="true">
        <intent-filter>
          <action android:name="android.service.trust.TrustAgentService" />