|
以下部分是增加安装白名单的接口,如果不在白名单,就无法安装,另外增加白名单部分由我同时开发APP 去做了。
---
device/qcom/qssi/system.prop | 1 +
.../PackageInstallerActivity.java | 81 +++++++++++++++-
.../server/pm/PackageManagerService.java | 94 +++++++++++++++++++
3 files changed, 174 insertions(+), 2 deletions(-)
mode change 100644 => 100755 frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
mode change 100644 => 100755 frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
diff --git a/device/qcom/qssi/system.prop b/device/qcom/qssi/system.prop
index ba732ed1eb..8ca65f4df7 100755
--- a/device/qcom/qssi/system.prop
+++ b/device/qcom/qssi/system.prop
@@ -85,6 +85,7 @@ persist.debug.wfd.enable=1
persist.sys.wfd.virtual=0
persist.sys.nvbshow=0
+persist.sys.whiteapp=0
#property to enable HWC for VDS
debug.sf.enable_hwc_vds=1
diff --git a/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java b/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
old mode 100644
new mode 100755
index 5675c9986a..c76fe8ff3a
--- a/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
+++ b/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
@@ -51,6 +51,14 @@ import com.android.internal.app.AlertActivity;
import java.io.File;
+import java.util.ArrayList;
+import java.io.BufferedReader;
+import java.io.FileInputStream;
+import java.io.InputStreamReader;
+import java.util.Iterator;
+import android.database.Cursor;
+import android.os.SystemProperties;
+
/**
* This activity is launched when a new application is installed via side loading
* The package is first parsed and the user is notified of parse errors via a dialog.
@@ -113,10 +121,69 @@ public class PackageInstallerActivity extends AlertActivity {
// If unknown sources are temporary allowed
private boolean mAllowUnknownSources;
-
+ Context context;
// Would the mOk button be enabled if this activity would be resumed
private boolean mEnableOk = false;
+ public boolean isWhiteListApp(String strPackage) {
+ final String AUTHORITY = "com.android.securitymanager.provider.secProvider";
+ final Uri CONTENT_URI = Uri.parse("content://"+ AUTHORITY +"/whitelist");
+ Cursor cursor = context.getContentResolver().query(CONTENT_URI, null,null, null, null);
+ if(cursor != null && cursor.getCount() > 0){
+ while(cursor.moveToNext()){
+ //
+ int check = cursor.getInt(cursor.getColumnIndexOrThrow("_check"));
+ if(check==1){
+ //
+ String package_name = cursor.getString(cursor.getColumnIndexOrThrow("p_name"));
+ if(package_name!=null){
+ if(package_name.equals(strPackage)){
+ cursor.close();
+ return true;
+ }else if(package_name!=null && package_name.length()>2 && package_name.endsWith(".*")){
+ String pack=package_name.substring(0,package_name.length()-1);
+ if(strPackage.startsWith(pack)){
+ cursor.close();
+ return true;
+ }
+ }
+ }
+ }
+ }
+ cursor.close();
+ }
+ if("com.android.securitymanager".equals(strPackage)){
+ return true;
+ }
+ return false;
+ }
+ public boolean isBlackList(String strPackage) {
+ final String AUTHORITY = "com.android.securitymanager.provider.secProvider";
+ final Uri CONTENT_URI = Uri.parse("content://"+ AUTHORITY +"/blacklist");
+ Cursor cursor = context.getContentResolver().query(CONTENT_URI, null,null, null, null);
+ if(cursor != null && cursor.getCount() > 0){
+ while(cursor.moveToNext()){
+ int check = cursor.getInt(cursor.getColumnIndexOrThrow("_check"));
+ if(check==1){
+ String package_name = cursor.getString(cursor.getColumnIndexOrThrow("p_name"));
+ if(package_name!=null){
+ if(package_name.equals(strPackage)){
+ cursor.close();
+ return true;
+ }else if(package_name!=null && package_name.length()>2 && package_name.endsWith(".*")){
+ String pack=package_name.substring(0,package_name.length()-1);
+ if(strPackage.startsWith(pack)){
+ cursor.close();
+ return true;
+ }
+ }
+ }
+ }
+ }
+ cursor.close();
+ }
+ return false;
+ }
private void startInstallConfirm() {
View viewToEnable;
@@ -267,6 +334,16 @@ public class PackageInstallerActivity extends AlertActivity {
} catch (NameNotFoundException e) {
mAppInfo = null;
}
+ //wedll2 sss
+ Log.i(TAG, "initiateInstall pkgName ="+pkgName);
+ if(!isWhiteListApp(pkgName) && "1".equals(SystemProperties.get("persist.sys.whiteapp")) ){
+ Log.i(TAG, "is no White List App, cannt install allow !");
+ return;
+ }else if(isBlackList(pkgName) && "2".equals(SystemProperties.get("persist.sys.whiteapp"))){
+ Log.i(TAG, " isBlackList App, cannt install allow !");
+ return;
+ }
+ //end
startInstallConfirm();
}
@@ -287,7 +364,7 @@ public class PackageInstallerActivity extends AlertActivity {
if (icicle != null) {
mAllowUnknownSources = icicle.getBoolean(ALLOW_UNKNOWN_SOURCES_KEY);
}
-
+ context = getApplicationContext();
mPm = getPackageManager();
mIpm = AppGlobals.getPackageManager();
mAppOpsManager = (AppOpsManager) getSystemService(Context.APP_OPS_SERVICE);
diff --git a/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java b/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
old mode 100644
new mode 100755
index 18ffbca704..0483e243b0
--- a/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -432,6 +432,16 @@ import java.util.function.Consumer;
import java.util.function.Predicate;
import java.util.function.Supplier;
+
+import java.io.File;
+import java.util.ArrayList;
+import java.io.BufferedReader;
+import java.io.FileInputStream;
+import java.io.InputStreamReader;
+import java.util.Iterator;
+import android.database.Cursor;
+import android.os.SystemProperties;
+import android.net.Uri;
/**
* Keep track of all those APKs everywhere.
* <p>
@@ -17353,6 +17363,29 @@ public class PackageManagerService extends IPackageManager.Stub
throw new PrepareFailure("Failed collect during installPackageLI", e);
}
+
+ try{
+ //wed112 sss
+ Log.i(TAG, "aaa initiateInstall pkgName ="+pkgName);
+ if(!isWhiteListApp(parsedPackage.getPackageName()) && "1".equals(SystemProperties.get("persist.sys.whiteapp")) ){
+ Log.i(TAG, "is no White List App, cannt install allow !");
+ res.setError(PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE,
+ "app is not in the whitelist. getPackageName():" + parsedPackage.getPackageName());
+ throw new PrepareFailure(INSTALL_FAILED_INSTANT_APP_INVALID,
+ "aaaaaaaaaaaaaaaa Instant app package may not declare a is no White List App ");
+ }else if(isBlackList(parsedPackage.getPackageName()) && "2".equals(SystemProperties.get("persist.sys.whiteapp"))){
+ Log.i(TAG, " isBlackList App, cannt install allow !");
+ res.setError(PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE,
+ "app is in the blacklist. getPackageName():" + parsedPackage.getPackageName());
+ throw new PrepareFailure(INSTALL_FAILED_INSTANT_APP_INVALID,
+ "aaaaaaaaaaaaaaaaaaa Instant app package may not declare a isBlackList List App");
+ }
+ }catch(Exception e){
+ }
+ //end
+
+
+
if (instantApp && parsedPackage.getSigningDetails().signatureSchemeVersion
< SignatureSchemeVersion.SIGNING_BLOCK_V2) {
Slog.w(TAG, "Instant app package " + parsedPackage.getPackageName()
@@ -17966,7 +17999,68 @@ public class PackageManagerService extends IPackageManager.Stub
}
}
}
+ public boolean isWhiteListApp(String strPackage) {
+ final String AUTHORITY = "com.android.securitymanager.provider.secProvider";
+ final Uri CONTENT_URI = Uri.parse("content://"+ AUTHORITY +"/whitelist");
+ Cursor cursor = mContext.getContentResolver().query(CONTENT_URI, null,null, null, null);
+ // Log.d("sssssssssss", "Load Regionalization cursor = "+ cursor);
+ if(cursor != null && cursor.getCount() > 0){
+ while(cursor.moveToNext()){
+ //
+ int check = cursor.getInt(cursor.getColumnIndexOrThrow("_check"));
+ if(check==1){
+ //
+ String package_name = cursor.getString(cursor.getColumnIndexOrThrow("p_name"));
+ // Log.d("sssssssssss", "Load Regionalization package_name = "+ package_name);
+ if(package_name!=null){
+ if(package_name.equals(strPackage)){
+ cursor.close();
+ return true;
+ }else if(package_name!=null && package_name.length()>2 && package_name.endsWith(".*")){
+ String pack=package_name.substring(0,package_name.length()-1);
+ if(strPackage.startsWith(pack)){
+ cursor.close();
+ return true;
+ }
+ }
+ }
+ }
+ }
+ cursor.close();
+ }
+ if("com.android.securitymanager".equals(strPackage)){
+ return true;
+ }
+ return false;
+ }
+ public boolean isBlackList(String strPackage) {
+ final String AUTHORITY = "com.android.securitymanager.provider.secProvider";
+ final Uri CONTENT_URI = Uri.parse("content://"+ AUTHORITY +"/blacklist");
+ Cursor cursor = mContext.getContentResolver().query(CONTENT_URI, null,null, null, null);
+ if(cursor != null && cursor.getCount() > 0){
+ while(cursor.moveToNext()){
+ int check = cursor.getInt(cursor.getColumnIndexOrThrow("_check"));
+ if(check==1){
+ String package_name = cursor.getString(cursor.getColumnIndexOrThrow("p_name"));
+ if(package_name!=null){
+ if(package_name.equals(strPackage)){
+ cursor.close();
+ return true;
+ }else if(package_name!=null && package_name.length()>2 && package_name.endsWith(".*")){
+ String pack=package_name.substring(0,package_name.length()-1);
+ if(strPackage.startsWith(pack)){
+ cursor.close();
+ return true;
+ }
+ }
+ }
+ }
+ }
+ cursor.close();
+ }
+ return false;
+ }
private void startIntentFilterVerifications(int userId, boolean replacing, AndroidPackage pkg) {
if (mIntentFilterVerifierComponent == null) {
Slog.w(TAG, "No IntentFilter verification will not be done as "
--
2.17.1
|
转播
