Moved LRResolverRankerService to ExtServices, and added a permission to
ensure that ResolverRankerServices are from trust sources.
Test: manually shared images in Camera, and in PTP to confirm it works
as expected.
Change-Id: I3549292d424fec949e9115faea7a0c5bdec06e87
(cherry picked from commit 61cf4d145e)
This commit is contained in:
Kang Li
@@ -174,6 +174,7 @@ package android {
|
||||
field public static final java.lang.String PERFORM_SIM_ACTIVATION = "android.permission.PERFORM_SIM_ACTIVATION";
|
||||
field public static final deprecated java.lang.String PERSISTENT_ACTIVITY = "android.permission.PERSISTENT_ACTIVITY";
|
||||
field public static final java.lang.String PROCESS_OUTGOING_CALLS = "android.permission.PROCESS_OUTGOING_CALLS";
|
||||
field public static final java.lang.String PROVIDE_RESOLVER_RANKER_SERVICE = "android.permission.PROVIDE_RESOLVER_RANKER_SERVICE";
|
||||
field public static final java.lang.String PROVIDE_TRUST_AGENT = "android.permission.PROVIDE_TRUST_AGENT";
|
||||
field public static final java.lang.String READ_CALENDAR = "android.permission.READ_CALENDAR";
|
||||
field public static final java.lang.String READ_CALL_LOG = "android.permission.READ_CALL_LOG";
|
||||
@@ -40767,6 +40768,7 @@ package android.service.resolver {
|
||||
method public void onPredictSharingProbabilities(java.util.List<android.service.resolver.ResolverTarget>);
|
||||
method public void onTrainRankingModel(java.util.List<android.service.resolver.ResolverTarget>, int);
|
||||
field public static final java.lang.String BIND_PERMISSION = "android.permission.BIND_RESOLVER_RANKER_SERVICE";
|
||||
field public static final java.lang.String HOLD_PERMISSION = "android.permission.PROVIDE_RESOLVER_RANKER_SERVICE";
|
||||
field public static final java.lang.String SERVICE_INTERFACE = "android.service.resolver.ResolverRankerService";
|
||||
}
|
||||
|
||||
|
||||
@@ -64,6 +64,12 @@ public abstract class ResolverRankerService extends Service {
|
||||
@SdkConstant(SdkConstant.SdkConstantType.SERVICE_ACTION)
|
||||
public static final String SERVICE_INTERFACE = "android.service.resolver.ResolverRankerService";
|
||||
|
||||
/**
|
||||
* The permission that a service must hold. If the service does not hold the permission, the
|
||||
* system will skip that service.
|
||||
*/
|
||||
public static final String HOLD_PERMISSION = "android.permission.PROVIDE_RESOLVER_RANKER_SERVICE";
|
||||
|
||||
/**
|
||||
* The permission that a service must require to ensure that only Android system can bind to it.
|
||||
* If this permission is not enforced in the AndroidManifest of the service, the system will
|
||||
|
||||
@@ -438,6 +438,14 @@ class ResolverComparator implements Comparator<ResolvedComponentInfo> {
|
||||
+ " in the manifest.");
|
||||
continue;
|
||||
}
|
||||
if (PackageManager.PERMISSION_GRANTED != mPm.checkPermission(
|
||||
ResolverRankerService.HOLD_PERMISSION,
|
||||
resolveInfo.serviceInfo.packageName)) {
|
||||
Log.w(TAG, "ResolverRankerService " + componentName + " does not hold"
|
||||
+ " permission " + ResolverRankerService.HOLD_PERMISSION
|
||||
+ " - this service will not be queried for ResolverComparator.");
|
||||
continue;
|
||||
}
|
||||
} catch (NameNotFoundException e) {
|
||||
Log.e(TAG, "Could not look up service " + componentName
|
||||
+ "; component name not found");
|
||||
|
||||
@@ -3160,6 +3160,14 @@
|
||||
<permission android:name="android.permission.BIND_CHOOSER_TARGET_SERVICE"
|
||||
android:protectionLevel="signature" />
|
||||
|
||||
<!-- @SystemApi Must be held by services that extend
|
||||
{@link android.service.resolver.ResolverRankerService}.
|
||||
<p>Protection level: signature|privileged
|
||||
@hide
|
||||
-->
|
||||
<permission android:name="android.permission.PROVIDE_RESOLVER_RANKER_SERVICE"
|
||||
android:protectionLevel="signature|privileged" />
|
||||
|
||||
<!-- @SystemApi Must be required by services that extend
|
||||
{@link android.service.resolver.ResolverRankerService}, to ensure that only the system can
|
||||
bind to them.
|
||||
@@ -3701,14 +3709,6 @@
|
||||
<service android:name="com.android.server.PreloadsFileCacheExpirationJobService"
|
||||
android:permission="android.permission.BIND_JOB_SERVICE" >
|
||||
</service>
|
||||
|
||||
<service android:name="com.android.internal.app.LRResolverRankerService"
|
||||
android:permission="android.permission.BIND_RESOLVER_RANKER_SERVICE"
|
||||
android:priority="-1" >
|
||||
<intent-filter>
|
||||
<action android:name="android.service.resolver.ResolverRankerService" />
|
||||
</intent-filter>
|
||||
</service>
|
||||
</application>
|
||||
|
||||
</manifest>
|
||||
|
||||
@@ -356,4 +356,8 @@ applications that come with the platform
|
||||
<permission name="android.permission.CONTROL_VPN"/>
|
||||
</privapp-permissions>
|
||||
|
||||
<privapp-permissions package="com.google.android.ext.services">
|
||||
<permission name="android.permission.PROVIDE_RESOLVER_RANKER_SERVICE" />
|
||||
</privapp-permissions>
|
||||
|
||||
</permissions>
|
||||
|
||||
@@ -21,6 +21,8 @@
|
||||
android:versionName="1"
|
||||
coreApp="true">
|
||||
|
||||
<uses-permission android:name="android.permission.PROVIDE_RESOLVER_RANKER_SERVICE" />
|
||||
|
||||
<application android:label="@string/app_name"
|
||||
android:defaultToDeviceProtectedStorage="true"
|
||||
android:directBootAware="true">
|
||||
@@ -32,6 +34,14 @@
|
||||
</intent-filter>
|
||||
</service>
|
||||
|
||||
<service android:name=".resolver.LRResolverRankerService"
|
||||
android:permission="android.permission.BIND_RESOLVER_RANKER_SERVICE"
|
||||
android:priority="-1" >
|
||||
<intent-filter>
|
||||
<action android:name="android.service.resolver.ResolverRankerService" />
|
||||
</intent-filter>
|
||||
</service>
|
||||
|
||||
<library android:name="android.ext.services"/>
|
||||
</application>
|
||||
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.android.internal.app;
|
||||
package android.ext.services.resolver;
|
||||
|
||||
import android.content.Context;
|
||||
import android.content.Intent;
|
||||
Reference in New Issue
Block a user