mirror of
https://github.com/lineageos4microg/docker-lineage-cicd
synced 2024-05-19 15:36:06 +02:00
Add android Q sig spoofing patch
This commit is contained in:
parent
4a18e077b3
commit
1cc6a653cd
|
@ -103,6 +103,11 @@ for branch in ${BRANCH_NAME//,/ }; do
|
|||
android_version="9"
|
||||
patch_name="android_frameworks_base-P.patch"
|
||||
;;
|
||||
lineage-17.1*)
|
||||
themuppets_branch="lineage-17.1"
|
||||
android_version="10"
|
||||
patch_name="android_frameworks_base-Q.patch"
|
||||
;;
|
||||
*)
|
||||
echo ">> [$(date)] Building branch $branch is not (yet) suppported"
|
||||
exit 1
|
||||
|
|
|
@ -0,0 +1,88 @@
|
|||
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
|
||||
index d79a23d5..6cf49ecd 100644
|
||||
--- a/core/res/AndroidManifest.xml
|
||||
+++ b/core/res/AndroidManifest.xml
|
||||
@@ -2637,6 +2637,13 @@
|
||||
android:description="@string/permdesc_getPackageSize"
|
||||
android:protectionLevel="normal" />
|
||||
|
||||
+ <!-- @hide Allows an application to change the package signature as
|
||||
+ seen by applications -->
|
||||
+ <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
|
||||
+ android:protectionLevel="dangerous"
|
||||
+ android:label="@string/permlab_fakePackageSignature"
|
||||
+ android:description="@string/permdesc_fakePackageSignature" />
|
||||
+
|
||||
<!-- @deprecated No longer useful, see
|
||||
{@link android.content.pm.PackageManager#addPackageToPreferred}
|
||||
for details. -->
|
||||
diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
|
||||
index 0db2e140..4a42e50d 100644
|
||||
--- a/core/res/res/values/config.xml
|
||||
+++ b/core/res/res/values/config.xml
|
||||
@@ -1856,6 +1856,8 @@
|
||||
<string-array name="config_locationProviderPackageNames" translatable="false">
|
||||
<!-- The standard AOSP fused location provider -->
|
||||
<item>com.android.location.fused</item>
|
||||
+ <!-- The (faked) microg fused location provider (a free reimplementation) -->
|
||||
+ <item>com.google.android.gms</item>
|
||||
</string-array>
|
||||
|
||||
<!-- This string array can be overriden to enable test location providers initially. -->
|
||||
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
|
||||
index 152b131a..f8d87a37 100644
|
||||
--- a/core/res/res/values/strings.xml
|
||||
+++ b/core/res/res/values/strings.xml
|
||||
@@ -827,6 +827,11 @@
|
||||
|
||||
<!-- Permissions -->
|
||||
|
||||
+ <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
+ <string name="permlab_fakePackageSignature">Spoof package signature</string>
|
||||
+ <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
+ <string name="permdesc_fakePackageSignature">Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Legitimate uses include an emulator pretending to be what it emulates. Grant this permission with caution only!</string>
|
||||
+
|
||||
<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
<string name="permlab_statusBar">disable or modify status bar</string>
|
||||
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
index 1b5a03b0..0f4f97ab 100644
|
||||
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
@@ -4105,8 +4105,9 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
final Set<String> permissions = ArrayUtils.isEmpty(p.requestedPermissions)
|
||||
? Collections.emptySet() : permissionsState.getPermissions(userId);
|
||||
|
||||
- PackageInfo packageInfo = PackageParser.generatePackageInfo(p, gids, flags,
|
||||
- ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId);
|
||||
+ PackageInfo packageInfo = mayFakeSignature(p, PackageParser.generatePackageInfo(p, gids, flags,
|
||||
+ ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId),
|
||||
+ permissions);
|
||||
|
||||
if (packageInfo == null) {
|
||||
return null;
|
||||
@@ -4142,6 +4143,24 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
}
|
||||
}
|
||||
|
||||
+ private PackageInfo mayFakeSignature(PackageParser.Package p, PackageInfo pi,
|
||||
+ Set<String> permissions) {
|
||||
+ try {
|
||||
+ if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE")
|
||||
+ && p.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1
|
||||
+ && p.mAppMetaData != null) {
|
||||
+ String sig = p.mAppMetaData.getString("fake-signature");
|
||||
+ if (sig != null) {
|
||||
+ pi.signatures = new Signature[] {new Signature(sig)};
|
||||
+ }
|
||||
+ }
|
||||
+ } catch (Throwable t) {
|
||||
+ // We should never die because of any failures, this is system code!
|
||||
+ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t);
|
||||
+ }
|
||||
+ return pi;
|
||||
+ }
|
||||
+
|
||||
@Override
|
||||
public void checkPackageStartable(String packageName, int userId) {
|
||||
final int callingUid = Binder.getCallingUid();
|
Loading…
Reference in New Issue