Loading services/core/java/com/android/server/pm/PackageManagerService.java +15 −3 Original line number Diff line number Diff line Loading @@ -10006,8 +10006,7 @@ Slog.e("TODD", // priv-apps. synchronized (mPackages) { PackageSetting platformPkgSetting = mSettings.mPackages.get("android"); if (!pkg.packageName.equals("android") && (compareSignatures(platformPkgSetting.signatures.mSigningDetails.signatures, if ((compareSignatures(platformPkgSetting.signatures.mSigningDetails.signatures, pkg.mSigningDetails.signatures) != PackageManager.SIGNATURE_MATCH)) { scanFlags |= SCAN_AS_PRIVILEGED; } Loading Loading @@ -10474,7 +10473,20 @@ Slog.e("TODD", pkg.applicationInfo.flags |= ApplicationInfo.FLAG_UPDATED_SYSTEM_APP; } SELinuxMMAC.assignSeInfoValue(pkg); // SELinux sandboxes become more restrictive as targetSdkVersion increases. // To ensure that apps with sharedUserId are placed in the same selinux domain // without breaking any assumptions about access, put them into the least // restrictive targetSdkVersion=25 domain. // TODO(b/72290969): Base this on the actual targetSdkVersion(s) of the apps within the // sharedUserSetting, instead of defaulting to the least restrictive domain. final int targetSdk = (sharedUserSetting != null) ? 25 : pkg.applicationInfo.targetSdkVersion; // TODO(b/71593002): isPrivileged for sharedUser and appInfo should never be out of sync. // They currently can be if the sharedUser apps are signed with the platform key. final boolean isPrivileged = (sharedUserSetting != null) ? sharedUserSetting.isPrivileged() | pkg.isPrivileged() : pkg.isPrivileged(); SELinuxMMAC.assignSeInfoValue(pkg, isPrivileged, targetSdk); pkg.mExtras = pkgSetting; pkg.applicationInfo.processName = fixProcessName( services/core/java/com/android/server/pm/SELinuxMMAC.java +5 −3 Original line number Diff line number Diff line Loading @@ -315,7 +315,8 @@ public final class SELinuxMMAC { * * @param pkg object representing the package to be labeled. */ public static void assignSeInfoValue(PackageParser.Package pkg) { public static void assignSeInfoValue(PackageParser.Package pkg, boolean isPrivileged, int targetSdkVersion) { synchronized (sPolicies) { if (!sPolicyRead) { if (DEBUG_POLICY) { Loading @@ -335,10 +336,11 @@ public final class SELinuxMMAC { if (pkg.applicationInfo.targetSandboxVersion == 2) pkg.applicationInfo.seInfo += SANDBOX_V2_STR; if (pkg.applicationInfo.isPrivilegedApp()) if (isPrivileged) { pkg.applicationInfo.seInfo += PRIVILEGED_APP_STR; } pkg.applicationInfo.seInfo += TARGETSDKVERSION_STR + pkg.applicationInfo.targetSdkVersion; pkg.applicationInfo.seInfo += TARGETSDKVERSION_STR + targetSdkVersion; if (DEBUG_POLICY_INSTALL) { Slog.i(TAG, "package (" + pkg.packageName + ") labeled with " + Loading Loading
services/core/java/com/android/server/pm/PackageManagerService.java +15 −3 Original line number Diff line number Diff line Loading @@ -10006,8 +10006,7 @@ Slog.e("TODD", // priv-apps. synchronized (mPackages) { PackageSetting platformPkgSetting = mSettings.mPackages.get("android"); if (!pkg.packageName.equals("android") && (compareSignatures(platformPkgSetting.signatures.mSigningDetails.signatures, if ((compareSignatures(platformPkgSetting.signatures.mSigningDetails.signatures, pkg.mSigningDetails.signatures) != PackageManager.SIGNATURE_MATCH)) { scanFlags |= SCAN_AS_PRIVILEGED; } Loading Loading @@ -10474,7 +10473,20 @@ Slog.e("TODD", pkg.applicationInfo.flags |= ApplicationInfo.FLAG_UPDATED_SYSTEM_APP; } SELinuxMMAC.assignSeInfoValue(pkg); // SELinux sandboxes become more restrictive as targetSdkVersion increases. // To ensure that apps with sharedUserId are placed in the same selinux domain // without breaking any assumptions about access, put them into the least // restrictive targetSdkVersion=25 domain. // TODO(b/72290969): Base this on the actual targetSdkVersion(s) of the apps within the // sharedUserSetting, instead of defaulting to the least restrictive domain. final int targetSdk = (sharedUserSetting != null) ? 25 : pkg.applicationInfo.targetSdkVersion; // TODO(b/71593002): isPrivileged for sharedUser and appInfo should never be out of sync. // They currently can be if the sharedUser apps are signed with the platform key. final boolean isPrivileged = (sharedUserSetting != null) ? sharedUserSetting.isPrivileged() | pkg.isPrivileged() : pkg.isPrivileged(); SELinuxMMAC.assignSeInfoValue(pkg, isPrivileged, targetSdk); pkg.mExtras = pkgSetting; pkg.applicationInfo.processName = fixProcessName(
services/core/java/com/android/server/pm/SELinuxMMAC.java +5 −3 Original line number Diff line number Diff line Loading @@ -315,7 +315,8 @@ public final class SELinuxMMAC { * * @param pkg object representing the package to be labeled. */ public static void assignSeInfoValue(PackageParser.Package pkg) { public static void assignSeInfoValue(PackageParser.Package pkg, boolean isPrivileged, int targetSdkVersion) { synchronized (sPolicies) { if (!sPolicyRead) { if (DEBUG_POLICY) { Loading @@ -335,10 +336,11 @@ public final class SELinuxMMAC { if (pkg.applicationInfo.targetSandboxVersion == 2) pkg.applicationInfo.seInfo += SANDBOX_V2_STR; if (pkg.applicationInfo.isPrivilegedApp()) if (isPrivileged) { pkg.applicationInfo.seInfo += PRIVILEGED_APP_STR; } pkg.applicationInfo.seInfo += TARGETSDKVERSION_STR + pkg.applicationInfo.targetSdkVersion; pkg.applicationInfo.seInfo += TARGETSDKVERSION_STR + targetSdkVersion; if (DEBUG_POLICY_INSTALL) { Slog.i(TAG, "package (" + pkg.packageName + ") labeled with " + Loading
