Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d18fe9e3 authored by Seth Moore's avatar Seth Moore
Browse files

Add new privileged permission for unique id attestation 

This permission will eventually replace the sepolicy that we have now,
making it possible to test unique id attestation, which is no longer
possible due to the deprecation of shared uids.

Skipping automerger because the framework manifest has diverged too
much across aosp and tm-dev to allow for clean auto merges, and
presubmits block.

Test: KeyAttestationTest
Bug: 216778747
Merged-In: Iecde35b9a79456b293118d8089dd2a3b0905f5f3
Change-Id: Iecde35b9a79456b293118d8089dd2a3b0905f5f3
parent a535dfe2

core/api/test-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -34,6 +34,7 @@ package android { 
    field public static final String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE";

    field public static final String RECORD_BACKGROUND_AUDIO = "android.permission.RECORD_BACKGROUND_AUDIO";

    field public static final String REMOVE_TASKS = "android.permission.REMOVE_TASKS";

    field public static final String REQUEST_UNIQUE_ID_ATTESTATION = "android.permission.REQUEST_UNIQUE_ID_ATTESTATION";

    field public static final String RESET_APP_ERRORS = "android.permission.RESET_APP_ERRORS";

    field public static final String SET_AND_VERIFY_LOCKSCREEN_CREDENTIALS = "android.permission.SET_AND_VERIFY_LOCKSCREEN_CREDENTIALS";

    field public static final String START_TASKS_FROM_RECENTS = "android.permission.START_TASKS_FROM_RECENTS";

core/res/AndroidManifest.xml

+6 −0
Original line number Diff line number Diff line
@@ -3409,6 +3409,12 @@ 
    <permission android:name="android.permission.UPDATE_FONTS"

        android:protectionLevel="signature|privileged" />



    <!-- Allows the caller to generate keymint keys with the INCLUDE_UNIQUE_ID tag, which

         uniquely identifies the device via the attestation certificate.

         @hide @TestApi -->

    <permission android:name="android.permission.REQUEST_UNIQUE_ID_ATTESTATION"

         android:protectionLevel="signature" />



    <!-- ========================================= -->

    <!-- Permissions for special development tools -->

    <!-- ========================================= -->

packages/Shell/AndroidManifest.xml

+3 −0
Original line number Diff line number Diff line
@@ -606,6 +606,9 @@ 
    <!-- Permission required for ATS test - CarDevicePolicyManagerTest -->

    <uses-permission android:name="android.permission.LOCK_DEVICE" />



    <!-- Permission required for CTS test - CtsKeystoreTestCases -->

    <uses-permission android:name="android.permission.REQUEST_UNIQUE_ID_ATTESTATION" />



    <application android:label="@string/app_label"

                android:theme="@android:style/Theme.DeviceDefault.DayNight"

                android:defaultToDeviceProtectedStorage="true"