diff options
| author | 2022-03-16 17:15:57 -0700 | |
|---|---|---|
| committer | 2022-03-25 10:21:40 -0700 | |
| commit | 4d8825e4dae9823ee29fd29b7bf4b49abbe795eb (patch) | |
| tree | 97b5988033aefb15afbfcd25c9583954e263f4b8 | |
| parent | 0cee085fbe92728f7664d532869e17fcbce88769 (diff) | |
DO NOT MERGE Add new privileged permission for unique id attestation
This permission will eventually replace the sepolicy that we have now,
making it possible to test unique id attestation, which is no longer
possible due to the deprecation of shared uids.
Skipping automerger because the framework manifest has diverged too
much across aosp and tm-dev to allow for clean auto merges, and
presubmits block.
Test: KeyAttestationTest
Bug: 216778747
Change-Id: Iecde35b9a79456b293118d8089dd2a3b0905f5f3
| -rw-r--r-- | core/api/test-current.txt | 1 | ||||
| -rw-r--r-- | core/res/AndroidManifest.xml | 6 | ||||
| -rw-r--r-- | packages/Shell/AndroidManifest.xml | 3 |
3 files changed, 10 insertions, 0 deletions
diff --git a/core/api/test-current.txt b/core/api/test-current.txt index a67d002cdddf..6dd578a3abf7 100644 --- a/core/api/test-current.txt +++ b/core/api/test-current.txt @@ -36,6 +36,7 @@ package android { field public static final String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE"; field public static final String RECORD_BACKGROUND_AUDIO = "android.permission.RECORD_BACKGROUND_AUDIO"; field public static final String REMOVE_TASKS = "android.permission.REMOVE_TASKS"; + field public static final String REQUEST_UNIQUE_ID_ATTESTATION = "android.permission.REQUEST_UNIQUE_ID_ATTESTATION"; field public static final String RESET_APP_ERRORS = "android.permission.RESET_APP_ERRORS"; field public static final String REVOKE_POST_NOTIFICATIONS_WITHOUT_KILL = "android.permission.REVOKE_POST_NOTIFICATIONS_WITHOUT_KILL"; field public static final String SET_AND_VERIFY_LOCKSCREEN_CREDENTIALS = "android.permission.SET_AND_VERIFY_LOCKSCREEN_CREDENTIALS"; diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 45b6c786670d..1ed759c91c40 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -3666,6 +3666,12 @@ <permission android:name="android.permission.BIND_ATTESTATION_VERIFICATION_SERVICE" android:protectionLevel="signature" /> + <!-- Allows the caller to generate keymint keys with the INCLUDE_UNIQUE_ID tag, which + uniquely identifies the device via the attestation certificate. + @hide @TestApi --> + <permission android:name="android.permission.REQUEST_UNIQUE_ID_ATTESTATION" + android:protectionLevel="signature" /> + <!-- ========================================= --> <!-- Permissions for special development tools --> <!-- ========================================= --> diff --git a/packages/Shell/AndroidManifest.xml b/packages/Shell/AndroidManifest.xml index 955aee940513..81fe4578bfdb 100644 --- a/packages/Shell/AndroidManifest.xml +++ b/packages/Shell/AndroidManifest.xml @@ -674,6 +674,9 @@ <!-- Permission required for CTS test - CtsAppEnumerationTestCases --> <uses-permission android:name="android.permission.MAKE_UID_VISIBLE" /> + <!-- Permission required for CTS test - CtsKeystoreTestCases --> + <uses-permission android:name="android.permission.REQUEST_UNIQUE_ID_ATTESTATION" /> + <application android:label="@string/app_label" android:theme="@android:style/Theme.DeviceDefault.DayNight" android:defaultToDeviceProtectedStorage="true" |