Skip to content

Commit 463ca1f

Browse files
committed
introduce a14 patches and fix missing lint-baseline patch
1 parent 4d1c882 commit 463ca1f

19 files changed

+408
-11
lines changed

config/signing/axp/A14

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
../lineage/A14

config/signing/lineage/A13/bootable_recovery.patch

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,3 @@
1-
21
project bootable/recovery/
32
diff --git a/otautil/verifier.cpp b/otautil/verifier.cpp
43
index 8a65566e..37f3bc88 100644
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
../A12/bootable_recovery.patch
1+
../A13/bootable_recovery.patch
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
../A12/build_make_tools_releasetools_fixpython.patch
1+
../A13/build_make_tools_releasetools_fixpython.patch
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
../A12/system_update_engine.patch
1+
../A13/system_update_engine.patch
Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
2+
project frameworks/base/
3+
diff --git a/core/api/current.txt b/core/api/current.txt
4+
index 487e57d114c9..04e69741b9fd 100644
5+
--- a/core/api/current.txt
6+
+++ b/core/api/current.txt
7+
@@ -100,6 +101,7 @@ package android {
8+
field public static final String EXECUTE_APP_ACTION = "android.permission.EXECUTE_APP_ACTION";
9+
field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR";
10+
field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST";
11+
+ field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE";
12+
field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE";
13+
field public static final String FOREGROUND_SERVICE_CAMERA = "android.permission.FOREGROUND_SERVICE_CAMERA";
14+
field public static final String FOREGROUND_SERVICE_CONNECTED_DEVICE = "android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE";
15+
@@ -244,6 +245,7 @@ package android {
16+
field public static final String CALL_LOG = "android.permission-group.CALL_LOG";
17+
field public static final String CAMERA = "android.permission-group.CAMERA";
18+
field public static final String CONTACTS = "android.permission-group.CONTACTS";
19+
+ field public static final String FAKE_PACKAGE = "android.permission-group.FAKE_PACKAGE";
20+
field public static final String LOCATION = "android.permission-group.LOCATION";
21+
field public static final String MICROPHONE = "android.permission-group.MICROPHONE";
22+
field public static final String NEARBY_DEVICES = "android.permission-group.NEARBY_DEVICES";
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,74 @@
1+
project frameworks/base/
2+
diff --git a/services/core/java/com/android/server/pm/ComputerEngine.java b/services/core/java/com/android/server/pm/ComputerEngine.java
3+
index 58448bfefdaf..cc3db2db7759 100644
4+
--- a/services/core/java/com/android/server/pm/ComputerEngine.java
5+
+++ b/services/core/java/com/android/server/pm/ComputerEngine.java
6+
@@ -169,6 +170,7 @@ import java.io.FileOutputStream;
7+
import java.io.IOException;
8+
import java.io.PrintWriter;
9+
import java.nio.charset.StandardCharsets;
10+
+import java.security.cert.CertificateException;
11+
import java.util.ArrayList;
12+
import java.util.Collection;
13+
import java.util.Collections;
14+
@@ -1466,6 +1467,41 @@ public class ComputerEngine implements Computer {
15+
return result;
16+
}
17+
18+
+ private boolean requestsFakeSignature(AndroidPackage p) {
19+
+ return p.getMetaData() != null &&
20+
+ p.getMetaData().getString("fake-signature") != null;
21+
+ }
22+
+
23+
+ private PackageInfo mayFakeSignature(AndroidPackage p, PackageInfo pi,
24+
+ Set<String> permissions) {
25+
+ try {
26+
+ if (p.getMetaData() != null &&
27+
+ p.getTargetSdkVersion() > Build.VERSION_CODES.LOLLIPOP_MR1) {
28+
+ String sig = p.getMetaData().getString("fake-signature");
29+
+ if (sig != null &&
30+
+ permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE")) {
31+
+ pi.signatures = new Signature[] {new Signature(sig)};
32+
+ try {
33+
+ pi.signingInfo = new SigningInfo(
34+
+ new SigningDetails(
35+
+ pi.signatures,
36+
+ SigningDetails.SignatureSchemeVersion.SIGNING_BLOCK_V3,
37+
+ SigningDetails.toSigningKeys(pi.signatures),
38+
+ null
39+
+ )
40+
+ );
41+
+ } catch (CertificateException e) {
42+
+ Slog.e(TAG, "Caught an exception when creating signing keys: ", e);
43+
+ }
44+
+ }
45+
+ }
46+
+ } catch (Throwable t) {
47+
+ // We should never die because of any failures, this is system code!
48+
+ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t);
49+
+ }
50+
+ return pi;
51+
+ }
52+
+
53+
public final PackageInfo generatePackageInfo(PackageStateInternal ps,
54+
@PackageManager.PackageInfoFlagsBits long flags, int userId) {
55+
if (!mUserManager.exists(userId)) return null;
56+
@@ -1500,13 +1668,15 @@ public class ComputerEngine implements Computer {
57+
final int[] gids = (flags & PackageManager.GET_GIDS) == 0 ? EMPTY_INT_ARRAY
58+
: mPermissionManager.getGidsForUid(UserHandle.getUid(userId, ps.getAppId()));
59+
// Compute granted permissions only if package has requested permissions
60+
- final Set<String> grantedPermissions = ((flags & PackageManager.GET_PERMISSIONS) == 0
61+
+ final Set<String> grantedPermissions = (((flags & PackageManager.GET_PERMISSIONS) == 0
62+
+ && !requestsFakeSignature(p))
63+
|| ArrayUtils.isEmpty(p.getRequestedPermissions())) ? Collections.emptySet()
64+
: mPermissionManager.getGrantedPermissions(ps.getPackageName(), userId);
65+
66+
- PackageInfo packageInfo = PackageInfoUtils.generate(p, gids, flags,
67+
+ PackageInfo packageInfo = mayFakeSignature(p, PackageInfoUtils.generate(p, gids, flags,
68+
state.getFirstInstallTimeMillis(), ps.getLastUpdateTime(), installedPermissions,
69+
- grantedPermissions, state, userId, ps);
70+
+ grantedPermissions, state, userId, ps),
71+
+ grantedPermissions);
72+
73+
if (packageInfo == null) {
74+
return null;
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
2+
project packages/modules/Permission/
3+
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/PermissionMapping.kt b/PermissionController/src/com/android/permissioncontroller/permission/utils/PermissionMapping.kt
4+
index 840a033c3..df012305c 100644
5+
--- a/PermissionController/src/com/android/permissioncontroller/permission/utils/PermissionMapping.kt
6+
+++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/PermissionMapping.kt
7+
@@ -176,6 +176,8 @@ object PermissionMapping {
8+
9+
PLATFORM_PERMISSIONS[Manifest.permission.BODY_SENSORS] = Manifest.permission_group.SENSORS
10+
11+
+ PLATFORM_PERMISSIONS[Manifest.permission.FAKE_PACKAGE_SIGNATURE] = Manifest.permission_group.FAKE_PACKAGE
12+
+
13+
if (SdkLevel.isAtLeastT()) {
14+
PLATFORM_PERMISSIONS[Manifest.permission.POST_NOTIFICATIONS] =
15+
Manifest.permission_group.NOTIFICATIONS
Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
2+
project frameworks/base/
3+
diff --git a/core/java/android/app/Activity.java b/core/java/android/app/Activity.java
4+
index 63cafdc6c855..3118c20182b4 100644
5+
--- a/core/java/android/app/Activity.java
6+
+++ b/core/java/android/app/Activity.java
7+
@@ -184,12 +184,13 @@ import java.lang.annotation.Retention;
8+
import java.lang.annotation.RetentionPolicy;
9+
import java.lang.ref.WeakReference;
10+
import java.util.ArrayList;
11+
+import java.util.Arrays;
12+
import java.util.Collections;
13+
import java.util.HashMap;
14+
import java.util.List;
15+
import java.util.concurrent.Executor;
16+
import java.util.function.Consumer;
17+
-
18+
+import android.provider.Settings.Secure; // extendrom: signature spoofing patch
19+
20+
/**
21+
* An activity is a single, focused thing that the user can do. Almost all
22+
@@ -5695,6 +5696,26 @@ public class Activity extends ContextThemeWrapper
23+
24+
PackageManager packageManager = getDeviceId() == deviceId ? getPackageManager()
25+
: createDeviceContext(deviceId).getPackageManager();
26+
+
27+
+ /*
28+
+ signature spoofing patch:
29+
+ Only when the requested permission asks for signature spoofing, check if that is allowed
30+
+ in developer options and skip the dialog if not
31+
+ */
32+
+ List<String> permlist = Arrays.asList(permissions);
33+
+ if (permlist.contains("android.permission.FAKE_PACKAGE_SIGNATURE")) {
34+
+ if (android.provider.Settings.Secure.getInt(getContentResolver(),
35+
+ android.provider.Settings.Secure.ALLOW_SIGNATURE_FAKE, 0) == 0) {
36+
+ Log.w(TAG, "Requested signature spoofing permission ("
37+
+ + Arrays.toString(permissions)
38+
+ + ") has been denied as it is not enabled in developer options");
39+
+ return;
40+
+ } else {
41+
+ Log.w(TAG, "The app's permission request for: "
42+
+ + Arrays.toString(permissions)
43+
+ + " will be processed as signature spoofing is enabled in developer options!");
44+
+ }
45+
+ }
46+
final Intent intent = packageManager.buildRequestPermissionsIntent(permissions);
47+
startActivityForResult(REQUEST_PERMISSIONS_WHO_PREFIX, intent, requestCode, null);
48+
mHasCurrentPermissionsRequest = true;
Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
2+
project frameworks/base/
3+
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
4+
index 2b4836861219..4c8674e0c482 100644
5+
--- a/core/java/android/provider/Settings.java
6+
+++ b/core/java/android/provider/Settings.java
7+
@@ -8084,6 +8084,15 @@ public final class Settings {
8+
@Readable
9+
public static final String INSTALL_NON_MARKET_APPS = "install_non_market_apps";
10+
11+
+ /**
12+
+ * extendrom: whether applications can fake a signature.
13+
+ *
14+
+ * <p>1 = permit apps to fake signature
15+
+ * <p>0 = disable this feature
16+
+ * @hide
17+
+ */
18+
+ public static final String ALLOW_SIGNATURE_FAKE = "allow_signature_fake";
19+
+
20+
/**
21+
* A flag to tell {@link com.android.server.devicepolicy.DevicePolicyManagerService} that
22+
* the default for {@link #INSTALL_NON_MARKET_APPS} is reversed for this user on OTA. So it

0 commit comments

Comments
 (0)