mPkgMap;
// Use the PolicyBuilder pattern to instantiate
private Policy(PolicyBuilder builder) {
mSeinfo = builder.mSeinfo;
- mDefaultStanza = builder.mDefaultStanza;
mCerts = Collections.unmodifiableSet(builder.mCerts);
mPkgMap = Collections.unmodifiableMap(builder.mPkgMap);
}
@@ -544,15 +481,6 @@ final class Policy {
return mCerts;
}
- /**
- * Return whether this policy object represents a default stanza.
- *
- * @return A boolean indicating if this object represents a default policy stanza.
- */
- public boolean isDefaultStanza() {
- return mDefaultStanza;
- }
-
/**
* Return whether this policy object contains package name mapping refinements.
*
@@ -584,10 +512,6 @@ final class Policy {
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
- if (mDefaultStanza) {
- sb.append("defaultStanza=true ");
- }
-
for (Signature cert : mCerts) {
sb.append("cert=" + cert.toCharsString().substring(0, 11) + "... ");
}
@@ -609,22 +533,15 @@ final class Policy {
* is determined using the following steps:
*
*
- * - If this Policy instance is defined as a default stanza:
- *
- Return the global seinfo value
+ * - All certs used to sign the apk and all certs stored with this policy
+ * instance are tested for set equality. If this fails then null is returned.
*
- * - If this Policy instance is defined as a signer stanza:
- *
- * - All certs used to sign the apk and all certs stored with this policy
- * instance are tested for set equality. If this fails then null is returned.
- *
- * - If all certs match then an appropriate inner package stanza is
- * searched based on package name alone. If matched, the stored seinfo
- * value for that mapping is returned.
- *
- * - If all certs matched and no inner package stanza matches then return
- * the global seinfo value. The returned value can be null in this case.
- *
- *
+ * - If all certs match then an appropriate inner package stanza is
+ * searched based on package name alone. If matched, the stored seinfo
+ * value for that mapping is returned.
+ *
+ * - If all certs matched and no inner package stanza matches then return
+ * the global seinfo value. The returned value can be null in this case.
*
*
*
@@ -636,37 +553,34 @@ final class Policy {
* A value of null can also be returned if no match occured.
*/
public String getMatchedSeinfo(PackageParser.Package pkg) {
- if (!mDefaultStanza) {
- // Check for exact signature matches across all certs.
- Signature[] certs = mCerts.toArray(new Signature[0]);
- if (!Signature.areExactMatch(certs, pkg.mSignatures)) {
- return null;
- }
-
- // Check for inner package name matches given that the
- // signature checks already passed.
- String seinfoValue = mPkgMap.get(pkg.packageName);
- if (seinfoValue != null) {
- return seinfoValue;
- }
+ // Check for exact signature matches across all certs.
+ Signature[] certs = mCerts.toArray(new Signature[0]);
+ if (!Signature.areExactMatch(certs, pkg.mSignatures)) {
+ return null;
}
- // Return the global seinfo value (even if it's null).
+ // Check for inner package name matches given that the
+ // signature checks already passed.
+ String seinfoValue = mPkgMap.get(pkg.packageName);
+ if (seinfoValue != null) {
+ return seinfoValue;
+ }
+
+ // Return the global seinfo value.
return mSeinfo;
}
/**
* A nested builder class to create {@link Policy} instances. A {@link Policy}
* class instance represents one valid policy stanza found in a mac_permissions.xml
- * file. A valid policy stanza is defined to be either a signer or default stanza
- * which obeys the rules outlined in external/sepolicy/mac_permissions.xml. The
- * {@link #build} method ensures a set of invariants are upheld enforcing the correct
- * stanza structure before returning a valid Policy object.
+ * file. A valid policy stanza is defined to be a signer stanza which obeys the rules
+ * outlined in external/sepolicy/mac_permissions.xml. The {@link #build} method
+ * ensures a set of invariants are upheld enforcing the correct stanza structure
+ * before returning a valid Policy object.
*/
public static final class PolicyBuilder {
private String mSeinfo;
- private boolean mDefaultStanza;
private final Set mCerts;
private final Map mPkgMap;
@@ -675,19 +589,6 @@ final class Policy {
mPkgMap = new HashMap(2);
}
- /**
- * Sets this stanza as a default stanza. All policy stanzas are assumed to
- * be signer stanzas unless this method is explicitly called. Default stanzas
- * are treated differently with respect to allowable child tags, ordering and
- * when and how policy decisions are enforced.
- *
- * @return The reference to this PolicyBuilder.
- */
- public PolicyBuilder setAsDefaultPolicy() {
- mDefaultStanza = true;
- return this;
- }
-
/**
* Adds a signature to the set of certs used for validation checks. The purpose
* being that all contained certs will need to be matched against all certs
@@ -710,11 +611,8 @@ final class Policy {
/**
* Set the global seinfo tag for this policy stanza. The global seinfo tag
- * represents the seinfo element that is used in one of two ways depending on
- * its context. When attached to a signer tag the global seinfo represents an
- * assignment when there isn't a further inner package refinement in policy.
- * When used with a default tag, it represents the only allowable assignment
- * value.
+ * when attached to a signer tag represents the assignment when there isn't a
+ * further inner package refinement in policy.
*
* @param seinfo the seinfo value given as a String.
* @return The reference to this PolicyBuilder.
@@ -740,9 +638,7 @@ final class Policy {
/**
* Create a package name to seinfo value mapping. Each mapping represents
* the seinfo value that will be assigned to the described package name.
- * These localized mappings allow the global seinfo to be overriden. This
- * mapping provides no value when used in conjunction with a default stanza;
- * enforced through the {@link #build} method.
+ * These localized mappings allow the global seinfo to be overriden.
*
* @param pkgName the android package name given to the app
* @param seinfo the seinfo value that will be assigned to the passed pkgName
@@ -799,51 +695,25 @@ final class Policy {
* about the expected structure of a policy stanza.
* Those invariants are:
*
- *
- * - If a default stanza
- *
- * - an attached global seinfo tag must be present
- * - no signatures and no package names can be present
- *
- *
- * - If a signer stanza
- *
- * - at least one cert must be found
- * - either a global seinfo value is present OR at least one
- * inner package mapping must be present BUT not both.
- *
- *
- *
- *
+ *
+ * - at least one cert must be found
+ * - either a global seinfo value is present OR at least one
+ * inner package mapping must be present BUT not both.
+ *
* @return an instance of {@link Policy} with the options set from this builder
* @throws IllegalStateException if an invariant is violated.
*/
public Policy build() {
Policy p = new Policy(this);
- if (p.mDefaultStanza) {
- if (p.mSeinfo == null) {
- String err = "Missing global seinfo tag with default stanza.";
- throw new IllegalStateException(err);
- }
- if (p.mCerts.size() != 0) {
- String err = "Certs not allowed with default stanza.";
- throw new IllegalStateException(err);
- }
- if (!p.mPkgMap.isEmpty()) {
- String err = "Inner package mappings not allowed with default stanza.";
- throw new IllegalStateException(err);
- }
- } else {
- if (p.mCerts.size() == 0) {
- String err = "Missing certs with signer tag. Expecting at least one.";
- throw new IllegalStateException(err);
- }
- if (!(p.mSeinfo == null ^ p.mPkgMap.isEmpty())) {
- String err = "Only seinfo tag XOR package tags are allowed within " +
- "a signer stanza.";
- throw new IllegalStateException(err);
- }
+ if (p.mCerts.isEmpty()) {
+ String err = "Missing certs with signer tag. Expecting at least one.";
+ throw new IllegalStateException(err);
+ }
+ if (!(p.mSeinfo == null ^ p.mPkgMap.isEmpty())) {
+ String err = "Only seinfo tag XOR package tags are allowed within " +
+ "a signer stanza.";
+ throw new IllegalStateException(err);
}
return p;
@@ -858,7 +728,6 @@ final class Policy {
*
* - signer stanzas with inner package mappings
* - signer stanzas with global seinfo tags
- * - default stanza
*
* This comparison also checks for duplicate entries on the input selectors. Any
* found duplicates will be flagged and can be checked with {@link #foundDuplicate}.
@@ -875,11 +744,6 @@ final class PolicyComparator implements Comparator {
@Override
public int compare(Policy p1, Policy p2) {
- // Give precedence to signature stanzas over default stanzas
- if (p1.isDefaultStanza() != p2.isDefaultStanza()) {
- return p1.isDefaultStanza() ? 1 : -1;
- }
-
// Give precedence to stanzas with inner package mappings
if (p1.hasInnerPackages() != p2.hasInnerPackages()) {
return p1.hasInnerPackages() ? -1 : 1;
@@ -887,7 +751,7 @@ final class PolicyComparator implements Comparator {
// Check for duplicate entries
if (p1.getSignatures().equals(p2.getSignatures())) {
- // Checks if default stanza or a signer w/o inner package names
+ // Checks if signer w/o inner package names
if (p1.hasGlobalSeinfo()) {
duplicateFound = true;
Slog.e(SELinuxMMAC.TAG, "Duplicate policy entry: " + p1.toString());