From bdf04e88c7e9db4c1ca8c9976d519a87b39dd9d6 Mon Sep 17 00:00:00 2001 From: SzuWei Lin Date: Fri, 19 Jul 2019 13:14:48 +0800 Subject: [PATCH] Postpone the shared user checking after Q The shared user checking becomes strict. If there is an APK in vendor partition shared UID with a APK in system partition, the signatures of these 2 APKs must be equal. Otherwise, framework will throw an exception and cannot boot. Postpone the checking from first_api_level 28 to 29. Bug: 137524152 Test: test on a device with first_api_level=29 and pass the checking Change-Id: I76d87a6dab35d4d39113cdd16a20706ce2c45093 --- .../com/android/server/pm/PackageManagerService.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 9f5fc9269a7cd..7fce4453b7681 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -16590,13 +16590,13 @@ public class PackageManagerService extends IPackageManager.Stub && compareSignatures(sharedUserSignatures, pkg.mSigningDetails.signatures) != PackageManager.SIGNATURE_MATCH) { - if (SystemProperties.getInt("ro.product.first_api_level", 0) <= 28) { + if (SystemProperties.getInt("ro.product.first_api_level", 0) <= 29) { // Mismatched signatures is an error and silently skipping system // packages will likely break the device in unforeseen ways. - // However, - // we allow the device to boot anyway because, prior to P, - // vendors were - // not expecting the platform to crash in this situation. + // However, we allow the device to boot anyway because, prior to Q, + // vendors were not expecting the platform to crash in this + // situation. + // This WILL be a hard failure on any new API levels after Q. throw new ReconcileFailure( INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES, "Signature mismatch for shared user: "