Merge "use prebuilt for the shim" into nyc-dev

packages/CtsShim/Android.mk

@@ -20,23 +20,19 @@ LOCAL_PATH := $(call my-dir)
 # Variant: Privileged app
 
 include $(CLEAR_VARS)
+
+LOCAL_MODULE := CtsShimPrivPrebuilt
+LOCAL_MODULE_TAGS := optional
 # this needs to be a privileged application
 LOCAL_PRIVILEGED_MODULE := true
+LOCAL_MODULE_CLASS := APPS
+LOCAL_BUILT_MODULE_STEM := package.apk
+# Make sure the build system doesn't try to resign the APK
+LOCAL_CERTIFICATE := PRESIGNED
 
-LOCAL_MODULE_TAGS := optional
-LOCAL_SDK_VERSION := current
-LOCAL_PROGUARD_ENABLED := disabled
-LOCAL_DEX_PREOPT := false
-
-LOCAL_PACKAGE_NAME := CtsShimPriv
-
-#TODO need to find the correct certificate
-#Change in conjunction with cts/hostsidetests/appsecurity/test-apps/IntentFilterApp
-LOCAL_CERTIFICATE := platform
-LOCAL_MANIFEST_FILE := priv_shim/AndroidManifest.xml
-
-include $(BUILD_PACKAGE)
+LOCAL_SRC_FILES := CtsShimPriv.apk
 
+include $(BUILD_PREBUILT)
 
 
 ###########################################################
@@ -44,18 +40,14 @@ include $(BUILD_PACKAGE)
 
 include $(CLEAR_VARS)
 
+LOCAL_MODULE := CtsShimPrebuilt
 LOCAL_MODULE_TAGS := optional
-LOCAL_SDK_VERSION := current
-LOCAL_PROGUARD_ENABLED := disabled
-LOCAL_DEX_PREOPT := false
+LOCAL_MODULE_CLASS := APPS
+LOCAL_BUILT_MODULE_STEM := package.apk
+# Make sure the build system doesn't try to resign the APK
+LOCAL_CERTIFICATE := PRESIGNED
 
-LOCAL_PACKAGE_NAME := CtsShim
-
-#TODO need to find the correct certificate
-#Change in conjunction with cts/hostsidetests/appsecurity/test-apps/IntentFilterApp
-LOCAL_CERTIFICATE := platform
-LOCAL_MANIFEST_FILE := shim/AndroidManifest.xml
-
-include $(BUILD_PACKAGE)
+LOCAL_SRC_FILES := CtsShim.apk
 
+include $(BUILD_PREBUILT)
 

packages/CtsShim/build/.gitignore

@@ -0,0 +1,3 @@
+*.pk8
+*.pem
+

packages/CtsShim/build/Android.mk

@@ -0,0 +1,72 @@
+#
+# Copyright (C) 2016 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+LOCAL_PATH := $(my-dir)
+
+###########################################################
+# Variant: Privileged app
+
+include $(CLEAR_VARS)
+# this needs to be a privileged application
+LOCAL_PRIVILEGED_MODULE := true
+
+LOCAL_MODULE_TAGS := optional
+LOCAL_SDK_VERSION := current
+LOCAL_PROGUARD_ENABLED := disabled
+LOCAL_DEX_PREOPT := false
+
+LOCAL_PACKAGE_NAME := CtsShimPriv
+
+LOCAL_MANIFEST_FILE := shim_priv/AndroidManifest.xml
+
+include $(BUILD_PACKAGE)
+
+
+###########################################################
+# Variant: Privileged app upgrade
+
+include $(CLEAR_VARS)
+# this needs to be a privileged application
+LOCAL_PRIVILEGED_MODULE := true
+
+LOCAL_MODULE_TAGS := optional
+LOCAL_SDK_VERSION := current
+LOCAL_PROGUARD_ENABLED := disabled
+LOCAL_DEX_PREOPT := false
+
+LOCAL_PACKAGE_NAME := CtsShimPrivUpgrade
+
+LOCAL_MANIFEST_FILE := shim_priv_upgrade/AndroidManifest.xml
+
+include $(BUILD_PACKAGE)
+
+
+###########################################################
+# Variant: System app
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE_TAGS := optional
+LOCAL_SDK_VERSION := current
+LOCAL_PROGUARD_ENABLED := disabled
+LOCAL_DEX_PREOPT := false
+
+LOCAL_PACKAGE_NAME := CtsShim
+
+LOCAL_MANIFEST_FILE := shim/AndroidManifest.xml
+
+include $(BUILD_PACKAGE)
+

packages/CtsShim/build/README

@@ -0,0 +1,33 @@
+
+The CTS shim is a package that resides on a device's /system partition in order
+to verify certain upgrade scenarios. Not only must it not contain code, but, it
+must specify the singular APK that can be used to upgrade it.
+
+NOTE: The need to include a binary on the system image may be deprecated if a
+solution involving a temporarily writable /system partition is implemented.
+
+MAKING THE PREBUILTS
+In order to generate the upgrade key, the shim directory needs to be built multiple
+times. First to generate the upgrade APK [so its hash can be obtained] and again
+once the hash has been included as part of the pre-installed APK.
+
+build:
+    $ mmm frameworks/base/packages/CtsShim/build
+
+update the manifest:
+    $ sed -i -e "s/__HASH__/`sha512sum out/target/product/shamu/system/priv-app/CtsShimPrivUpgrade/CtsShimPrivUpgrade.apk | cut -d' ' -f1`/" \
+        frameworks/base/packages/CtsShim/build/shim_priv/AndroidManifest.xml
+
+build:
+    $ mmm frameworks/base/packages/CtsShim/build
+
+update prebuilts:
+    $ cp out/target/product/shamu/system/priv-app/CtsShimPrivUpgrade/CtsShimPrivUpgrade.apk \
+        cts/hostsidetests/appsecurity/test-apps/IntentFilterApp
+    $ cp out/target/product/shamu/system/priv-app/CtsShimPriv/CtsShimPriv.apk \
+        frameworks/base/packages/CtsShim
+
+revert manifest:
+    $ pushd frameworks/base && git checkout -- packages/CtsShim/build/shim_priv/AndroidManifest.xml && popd
+
+Finally, upload and submit both the cts/ and frameworks/base/ repos.

packages/CtsShim/build/shim/AndroidManifest.xml

@@ -16,8 +16,13 @@
 
 <!-- Manifest for the system CTS shim -->
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
-        package="com.android.cts.system.ctsshim">
-    <application android:label="CtsShim">
+    xmlns:tools="http://schemas.android.com/tools"
+    package="com.android.cts.ctsshim"
+    tools:ignore="MissingVersion" >
+
+    <application
+        android:hasCode="false"
+        tools:ignore="AllowBackup,MissingApplicationIcon" >
 
         <!-- These activities don't actually exist; define them just to test the filters !-->
 

packages/CtsShim/build/shim_priv/AndroidManifest.xml

@@ -16,8 +16,16 @@
 
 <!-- Manifest for the privileged CTS shim -->
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
-        package="com.android.cts.priv.ctsshim">
-    <application android:label="CtsShim">
+    xmlns:tools="http://schemas.android.com/tools"
+    package="com.android.cts.priv.ctsshim"
+    tools:ignore="MissingVersion" >
+
+    <restrict-upgrade
+        android:hash="__HASH__" />
+
+    <application
+        android:hasCode="false"
+        tools:ignore="AllowBackup,MissingApplicationIcon" >
 
         <!-- These activities don't actually exist; define them just to test the filters !-->
 

packages/CtsShim/build/shim_priv_upgrade/AndroidManifest.xml

@@ -0,0 +1,161 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2016 The Android Open Source Project
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+
+<!-- Manifest for the privileged CTS shim upgrade -->
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools"
+    package="com.android.cts.priv.ctsshim"
+    tools:ignore="MissingVersion" >
+
+    <application
+        android:hasCode="false"
+        tools:ignore="AllowBackup,MissingApplicationIcon" >
+
+        <!-- These activities don't actually exist; define them just to test the filters !-->
+
+        <!-- install test; [some] high priority filters granted -->
+        <activity android:name=".InstallPriority">
+            <!-- normal actions; priority will be granted -->
+            <intent-filter android:priority="100">
+                <action android:name="android.intent.action.SEARCH" />
+                <category android:name="android.intent.category.INFO" />
+            </intent-filter>
+
+            <!-- protected actions; priority will be denied -->
+            <intent-filter android:priority="100">
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.BROWSABLE" />
+            </intent-filter>
+            <intent-filter android:priority="100">
+                <action android:name="android.intent.action.SEND" />
+            </intent-filter>
+            <intent-filter android:priority="100">
+                <action android:name="android.intent.action.SEND_MULTIPLE" />
+            </intent-filter>
+            <intent-filter android:priority="100">
+                <action android:name="android.intent.action.SENDTO" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; single, equivalent filter -->
+        <activity android:name=".UpgradeMatch">
+            <intent-filter android:priority="500">
+                <action android:name="com.android.cts.action.MATCH" />
+                <category android:name="android.intent.category.INFO" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; multiple, equivalent filters -->
+        <activity android:name=".UpgradeMatchMultiple">
+            <intent-filter android:priority="500">
+                <action android:name="com.android.cts.action.MATCH_MULTIPLE" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; lower priority is okay -->
+        <activity android:name=".UpgradeLowerPriority">
+            <intent-filter android:priority="75">
+                <action android:name="com.android.cts.action.LOWER_PRIORITY" />
+                <category android:name="android.intent.category.INFO" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; action subset is "equivalent" -->
+        <activity android:name=".UpgradeActionSubset">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.ACTION_SUB_2" />
+                <category android:name="android.intent.category.DEFAULT" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; category subset is "equivalent" -->
+        <activity android:name=".UpgradeCategorySubset">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.CATEGORY_SUB" />
+                <category android:name="android.intent.category.INFO" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; scheme subset is "equivalent" -->
+        <activity android:name=".UpgradeSchemeSubset">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.SCHEME_SUB" />
+                <data android:scheme="flubber" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; authority subset is "equivalent" -->
+        <activity android:name=".UpgradeAuthoritySubset">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.AUTHORITY_SUB" />
+                <data android:host="goo.gl" android:port="443" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; new activity cannot get >0 priority -->
+        <activity android:name=".UpgradeNewActivity">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.NEW_ACTIVITY" />
+                <category android:name="android.intent.category.INFO" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; new action cannot get >0 priority -->
+        <activity android:name=".UpgradeNewAction">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.NEW_ACTION" />
+                <action android:name="com.android.cts.action.NEW_ACTION_2" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; new category cannot get >0 priority -->
+        <activity android:name=".UpgradeNewCategory">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.NEW_CATEGORY" />
+                <category android:name="android.intent.category.INFO" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.DOODLE" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; new scheme cannot get >0 priority -->
+        <activity android:name=".UpgradeNewScheme">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.NEW_SCHEME" />
+                <data android:scheme="content" />
+                <data android:scheme="flubber" />
+                <data android:scheme="zoodle" />
+                <data android:scheme="zowie" />
+            </intent-filter>
+        </activity>
+
+        <!-- upgrade test; new authority cannot get >0 priority -->
+        <activity android:name=".UpgradeNewAuthority">
+            <intent-filter android:priority="100">
+                <action android:name="com.android.cts.action.NEW_AUTHORITY" />
+                <data android:host="www.google.com" android:port="80" />
+                <data android:host="www.google.com" android:port="8080" />
+                <data android:host="mail.google.com" android:port="80" />
+                <data android:host="goo.gl" android:port="443" />
+                <data android:host="www.google.com" android:port="443" />
+            </intent-filter>
+        </activity>
+
+        <uses-library android:name="android.test.runner" />
+    </application>
+
+</manifest>
+