diff options
| author | 2022-03-01 08:02:26 +0000 | |
|---|---|---|
| committer | 2022-03-01 08:02:26 +0000 | |
| commit | 3c95a136ea70768a38a617aa2082058592a9c21d (patch) | |
| tree | dec7926a7b3b38e16ea59b6f0d62cfcfe8aa8b32 | |
| parent | 33986bbf5100c4004a091e0529accfcf1e92e66d (diff) | |
| parent | 1b4193314705ccf6303156273009487f14111325 (diff) | |
Merge "Add knownSigner to permissions needed by trusted OEM apps" into tm-dev
| -rw-r--r-- | core/res/AndroidManifest.xml | 9 | ||||
| -rw-r--r-- | core/res/res/values/arrays.xml | 6 |
2 files changed, 12 insertions, 3 deletions
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 58a3bb4818df..73cdaba24789 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -1903,14 +1903,16 @@ to improve wifi performance. <p>Not for use by third-party applications. --> <permission android:name="android.permission.MANAGE_WIFI_AUTO_JOIN" - android:protectionLevel="signature|privileged" /> + android:protectionLevel="signature|privileged|knownSigner" + android:knownCerts="@array/wifi_known_signers" /> <!-- Allows applications to get notified when a Wi-Fi interface request cannot be satisfied without tearing down one or more other interfaces, and provide a decision whether to approve the request or reject it. <p>Not for use by third-party applications. --> <permission android:name="android.permission.MANAGE_WIFI_INTERFACES" - android:protectionLevel="signature|privileged" /> + android:protectionLevel="signature|privileged|knownSigner" + android:knownCerts="@array/wifi_known_signers" /> <!-- @SystemApi @hide Allows apps to create and manage IPsec tunnels. <p>Only granted to applications that are currently bound by the @@ -1948,7 +1950,8 @@ modifications. <p>Not for use by third-party applications. --> <permission android:name="android.permission.OVERRIDE_WIFI_CONFIG" - android:protectionLevel="signature|privileged" /> + android:protectionLevel="signature|privileged|knownSigner" + android:knownCerts="@array/wifi_known_signers" /> <!-- @deprecated Allows applications to act as network scorers. @hide @SystemApi--> <permission android:name="android.permission.SCORE_NETWORKS" diff --git a/core/res/res/values/arrays.xml b/core/res/res/values/arrays.xml index 8f2d6c3e02f4..dff7751b1287 100644 --- a/core/res/res/values/arrays.xml +++ b/core/res/res/values/arrays.xml @@ -185,6 +185,12 @@ <item>@string/app_info</item> </string-array> + <!-- Certificate digests for trusted apps that will be allowed to obtain the knownSigner Wi-Fi + permissions. The digest should be computed over the DER encoding of the trusted certificate + using the SHA-256 digest algorithm. --> + <string-array name="wifi_known_signers"> + </string-array> + <!-- Device-specific array of SIM slot indexes which are are embedded eUICCs. e.g. If a device has two physical slots with indexes 0, 1, and slot 1 is an eUICC, then the value of this array should be: |