Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit da113638 authored by Adrian Roos's avatar Adrian Roos
Browse files

Ensure trust agents are only provided by platform packages 

Ensures that Settings only shows TrustAgentServices from
platform packages.

Bug: 15287044
Change-Id: I62c131d99c7266f8617ec32a50a4f5549a07b4b7
parent 820848a0

src/com/android/settings/AdvancedSecuritySettings.java

+1 −0
Original line number Diff line number Diff line
@@ -109,6 +109,7 @@ public class AdvancedSecuritySettings extends ListFragment implements View.OnCli 


        for (ResolveInfo resolveInfo : resolveInfos) {

            if (resolveInfo.serviceInfo == null) continue;

            if (!TrustAgentUtils.checkProvidePermission(resolveInfo, pm)) continue;

            ComponentName name = TrustAgentUtils.getComponentName(resolveInfo);

            if (!mAvailableAgents.containsKey(name)) {

                AgentInfo agentInfo = new AgentInfo();

src/com/android/settings/SecuritySettings.java

+1 −0
Original line number Diff line number Diff line
@@ -317,6 +317,7 @@ public class SecuritySettings extends RestrictedSettingsFragment 
                    PackageManager.GET_META_DATA);

            for (ResolveInfo resolveInfo : resolveInfos) {

                if (resolveInfo.serviceInfo == null) continue;

                if (!TrustAgentUtils.checkProvidePermission(resolveInfo, pm)) continue;

                TrustAgentUtils.TrustAgentComponentInfo trustAgentComponentInfo =

                        TrustAgentUtils.getSettingsComponent(pm, resolveInfo);

                if (trustAgentComponentInfo.componentName == null ||

src/com/android/settings/TrustAgentUtils.java

+18 −0
Original line number Diff line number Diff line
@@ -16,6 +16,8 @@ 


package com.android.settings;



import com.android.internal.Manifest;



import android.content.ComponentName;

import android.content.pm.PackageManager;

import android.content.pm.ResolveInfo;
@@ -24,6 +26,7 @@ import android.content.res.TypedArray; 
import android.content.res.XmlResourceParser;

import android.service.trust.TrustAgentService;

import android.util.AttributeSet;

import android.util.Log;

import android.util.Slog;

import android.util.Xml;
@@ -36,6 +39,21 @@ public class TrustAgentUtils { 
    static final String TAG = "TrustAgentUtils";



    private static final String TRUST_AGENT_META_DATA = TrustAgentService.TRUST_AGENT_META_DATA;

    private static final String PERMISSION_PROVIDE_AGENT = Manifest.permission.PROVIDE_TRUST_AGENT;



    /**

     * @return true, if the service in resolveInfo has the permission to provide a trust agent.

     */

    public static boolean checkProvidePermission(ResolveInfo resolveInfo, PackageManager pm) {

        String packageName = resolveInfo.serviceInfo.packageName;

        if (pm.checkPermission(PERMISSION_PROVIDE_AGENT, packageName)

                != PackageManager.PERMISSION_GRANTED) {

            Log.w(TAG, "Skipping agent because package " + packageName

                    + " does not have permission " + PERMISSION_PROVIDE_AGENT + ".");

            return false;

        }

        return true;

    }



    public static class TrustAgentComponentInfo {

        ComponentName componentName;