nehemiah-zb/lineage_patches_unified
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sync up to v300.i

Browse Source
This commit is contained in:
Andy CrossGate Yan
2020-12-13 01:56:05 +00:00
parent 1bc6933877
commit 4048bfed3a
11 changed files with 887 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
patches/platform_frameworks_base/0026-Re-implement-fnmatch-like-behaviour-for-RRO-java-sid.patch Normal file
View File

@@ -0,0 +1,37 @@
From cbe557557ea73ea8fef866f362c869daf4c3be51 Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Sun, 25 Oct 2020 23:57:26 +0100
Subject: [PATCH 26/26] Re-implement fnmatch-like behaviour for RRO java-side
Change-Id: Id38292a9a1453aa87b8401c1fdb390fa4e63c7d1
---
core/java/android/content/pm/PackageParser.java | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
index 70e4e6cbf62..a4d8941d1e5 100644
--- a/core/java/android/content/pm/PackageParser.java
+++ b/core/java/android/content/pm/PackageParser.java
@@ -2476,8 +2476,17 @@ public class PackageParser {
for (int i = 0; i < propNames.length; i++) {
// Check property value: make sure it is both set and equal to expected value
final String currValue = SystemProperties.get(propNames[i]);
- if (!TextUtils.equals(currValue, propValues[i])) {
- return false;
+ final String value = propValues[i];
+ if(value.startsWith("+")) {
+ final java.util.regex.Pattern regex = java.util.regex.Pattern.compile(value.substring(1, value.length()).replace("*", ".*"));
+ java.util.regex.Matcher matcher = regex.matcher(currValue);
+ if (!matcher.find()) {
+ return false;
+ }
+ } else {
+ if(!value.equals(currValue)) {
+ return false;
+ }
}
}
return true;
--
2.17.1

157
patches/platform_frameworks_base/0027-Add-support-for-app-signature-spoofing.patch Normal file
View File

@@ -0,0 +1,157 @@
From 772f3c12ec0676d9e22eea8a005ddf302ad09940 Mon Sep 17 00:00:00 2001
From: Danny Lin <danny@kdrag0n.dev>
Date: Mon, 5 Oct 2020 12:36:35 -0700
Subject: [PATCH 27/27] Add support for app signature spoofing
This is needed by microG GmsCore to pretend to be the official Google
Play Services package, because client apps check the package signature
to make sure it matches Google's official certificate.
This was forward-ported from the Android 10 patch by gudenau:
https://github.com/microg/android_packages_apps_GmsCore/pull/957
Changes made for Android 11:
- Updated PackageInfo calls
- Added new permission to public API surface, needed for
PermissionController which is now an updatable APEX on 11
- Added a dummy permission group to allow users to manage the
permission through the PermissionController UI
(by Vachounet <vachounet@live.fr>)
- Updated location provider comment for conciseness
Change made by PHH:
- Permission is exposed as "privileged" rather than "dangerous", so that
apps need to be in system;product's priv-app
Change-Id: Ied7d6ce0b83a2d2345c3abba0429998d86494a88
---
api/current.txt | 1 +
core/res/AndroidManifest.xml | 7 ++++++
core/res/res/values/config.xml | 2 ++
core/res/res/values/strings.xml | 12 ++++++++++
non-updatable-api/current.txt | 1 +
.../server/pm/PackageManagerService.java | 23 +++++++++++++++++--
6 files changed, 44 insertions(+), 2 deletions(-)
diff --git a/api/current.txt b/api/current.txt
index 952ccdad992..73fb59fedab 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -79,6 +79,7 @@ package android {
field public static final String DUMP = "android.permission.DUMP";
field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR";
field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST";
+ field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE";
field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE";
field public static final String GET_ACCOUNTS = "android.permission.GET_ACCOUNTS";
field public static final String GET_ACCOUNTS_PRIVILEGED = "android.permission.GET_ACCOUNTS_PRIVILEGED";
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 9945057f0e9..e1adee20ccf 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2829,6 +2829,13 @@
android:description="@string/permdesc_getPackageSize"
android:protectionLevel="normal" />
+ <!-- Allows an application to change the package signature as
+ seen by applications -->
+ <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
+ android:protectionLevel="signature|privileged"
+ android:label="@string/permlab_fakePackageSignature"
+ android:description="@string/permdesc_fakePackageSignature" />
+
<!-- @deprecated No longer useful, see
{@link android.content.pm.PackageManager#addPackageToPreferred}
for details. -->
diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
index d21930f31df..372319ed32b 100644
--- a/core/res/res/values/config.xml
+++ b/core/res/res/values/config.xml
@@ -1646,6 +1646,8 @@
<string-array name="config_locationProviderPackageNames" translatable="false">
<!-- The standard AOSP fused location provider -->
<item>com.android.location.fused</item>
+ <!-- Google Play Services or microG (free reimplementation) location provider -->
+ <item>com.google.android.gms</item>
</string-array>
<!-- This string array can be overriden to enable test location providers initially. -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 4f9911fbe38..32f2dbf33d3 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -847,6 +847,18 @@
<!-- Permissions -->
+ <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permlab_fakePackageSignature">Spoof package signature</string>
+ <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permdesc_fakePackageSignature">Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Legitimate uses include an emulator pretending to be what it emulates. Grant this permission with caution only!</string>
+ <!-- Title of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permgrouplab_fake_package_signature">Spoof package signature</string>
+ <!-- Description of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permgroupdesc_fake_package_signature">allow to spoof package signature</string>
+ <!-- Message shown to the user when the apps requests permission from this group. If ever possible this should stay below 80 characters (assuming the parameters takes 20 characters). Don't abbreviate until the message reaches 120 characters though. [CHAR LIMIT=120] -->
+ <string name="permgrouprequest_fake_package_signature">Allow
+ &lt;b><xliff:g id="app_name" example="Gmail">%1$s</xliff:g>&lt;/b> to spoof package signature?</string>
+
<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permlab_statusBar">disable or modify status bar</string>
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
diff --git a/non-updatable-api/current.txt b/non-updatable-api/current.txt
index 5f15216e840..c29feb9cd7b 100644
--- a/non-updatable-api/current.txt
+++ b/non-updatable-api/current.txt
@@ -79,6 +79,7 @@ package android {
field public static final String DUMP = "android.permission.DUMP";
field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR";
field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST";
+ field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE";
field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE";
field public static final String GET_ACCOUNTS = "android.permission.GET_ACCOUNTS";
field public static final String GET_ACCOUNTS_PRIVILEGED = "android.permission.GET_ACCOUNTS_PRIVILEGED";
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index c3c655d632e..f7faf418fb4 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -4395,8 +4395,9 @@ public class PackageManagerService extends IPackageManager.Stub
});
}
- PackageInfo packageInfo = PackageInfoUtils.generate(p, gids, flags,
- ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId, ps);
+ PackageInfo packageInfo = mayFakeSignature(p, PackageInfoUtils.generate(p, gids, flags,
+ ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId, ps),
+ permissions);
if (packageInfo == null) {
return null;
@@ -4432,6 +4433,24 @@ public class PackageManagerService extends IPackageManager.Stub
}
}
+ private PackageInfo mayFakeSignature(AndroidPackage p, PackageInfo pi,
+ Set<String> permissions) {
+ try {
+ if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE")
+ && p.getTargetSdkVersion() > Build.VERSION_CODES.LOLLIPOP_MR1
+ && p.getMetaData() != null) {
+ String sig = p.getMetaData().getString("fake-signature");
+ if (sig != null) {
+ pi.signatures = new Signature[] {new Signature(sig)};
+ }
+ }
+ } catch (Throwable t) {
+ // We should never die because of any failures, this is system code!
+ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t);
+ }
+ return pi;
+ }
+
@Override
public void checkPackageStartable(String packageName, int userId) {
final int callingUid = Binder.getCallingUid();
--
2.17.1