Limit the systemconfig tags allowed to vendors

Vendors are allowed to customize these systemconfig tags only. <library> <feature> <privapp-permissions> This is because the systemconfig tags are essentially the part of system <-> vendor interface and thus need to be stable (or evolve in a backward compatible manner) across several Android releases and we would like to keep the interface as small as as possible. However, since vendors were allowed to use more tags (like <permission>, <app-link>, <default-enabled-vr-app>) in Oreo and Oreo-MR1, this limitation is applied only for newly launching devices whose first API level is equal to or greater than P. Bug: 70821981 Test: wahoo is bootable (launched with Oreo) Test: crosshatch is bootable (launched with P) Test: adb logcat -s SystemConfig does not show that a tag is not supported Change-Id: I371b93a80f3d9728ea6d35022081776a8658d9f3
2018-03-12 10:39:07 +09:00
parent 7557234316
commit fad9944e7e
1 changed files with 9 additions and 3 deletions
--- a/core/java/com/android/server/SystemConfig.java
+++ b/core/java/com/android/server/SystemConfig.java
@@ -22,6 +22,7 @@ import android.app.ActivityManager;
 import android.content.ComponentName;
 import android.content.pm.FeatureInfo;
 import android.content.pm.PackageManager;
+import android.os.Build;
 import android.os.Environment;
 import android.os.Process;
 import android.os.storage.StorageManager;
@@ -276,9 +277,12 @@ public class SystemConfig {
        readPermissions(Environment.buildPath(
                Environment.getRootDirectory(), "etc", "permissions"), ALLOW_ALL);

-        // Allow Vendor to customize system configs around libs, features, permissions and apps
-        int vendorPermissionFlag = ALLOW_LIBS | ALLOW_FEATURES | ALLOW_PERMISSIONS |
-                ALLOW_APP_CONFIGS | ALLOW_PRIVAPP_PERMISSIONS;
+        // Vendors are only allowed to customze libs, features and privapp permissions
+        int vendorPermissionFlag = ALLOW_LIBS | ALLOW_FEATURES | ALLOW_PRIVAPP_PERMISSIONS;
+        if (Build.VERSION.FIRST_SDK_INT <= Build.VERSION_CODES.O_MR1) {
+            // For backward compatibility
+            vendorPermissionFlag |= (ALLOW_PERMISSIONS | ALLOW_APP_CONFIGS);
+        }
        readPermissions(Environment.buildPath(
                Environment.getVendorDirectory(), "etc", "sysconfig"), vendorPermissionFlag);
        readPermissions(Environment.buildPath(
@@ -656,6 +660,8 @@ public class SystemConfig {
                    }
                    XmlUtils.skipCurrentTag(parser);
                } else {
+                    Slog.w(TAG, "Tag " + name + " is unknown or not allowed in "
+                            + permFile.getParent());
                    XmlUtils.skipCurrentTag(parser);
                    continue;
                }