diff options
7 files changed, 32 insertions, 318 deletions
diff --git a/core/java/android/appwidget/OWNERS b/core/java/android/appwidget/OWNERS index 191083303769..0e85d5bd7a27 100644 --- a/core/java/android/appwidget/OWNERS +++ b/core/java/android/appwidget/OWNERS @@ -3,3 +3,5 @@ sihua@google.com pinyaoting@google.com suprabh@google.com sunnygoyal@google.com +zakcohen@google.com +shamalip@google.com diff --git a/core/java/com/android/internal/widget/floatingtoolbar/OWNERS b/core/java/com/android/internal/widget/floatingtoolbar/OWNERS index ed9425cc26c9..999ea0e62a0a 100644 --- a/core/java/com/android/internal/widget/floatingtoolbar/OWNERS +++ b/core/java/com/android/internal/widget/floatingtoolbar/OWNERS @@ -1 +1 @@ -include /core/java/android/view/selectiontoolbar/OWNERS +include /core/java/android/permission/OWNERS diff --git a/core/res/res/xml/sms_short_codes.xml b/core/res/res/xml/sms_short_codes.xml index 581dee571a69..bb5380e1312d 100644 --- a/core/res/res/xml/sms_short_codes.xml +++ b/core/res/res/xml/sms_short_codes.xml @@ -34,7 +34,7 @@ http://smscoin.net/software/engine/WordPress/Paid+SMS-registration/ --> <!-- Arab Emirates --> - <shortcode country="ae" pattern="\\d{1,5}" free="1017|1355|3214|6253" /> + <shortcode country="ae" pattern="\\d{1,5}" free="1017|1355|3214|6253|6568" /> <!-- Albania: 5 digits, known short codes listed --> <shortcode country="al" pattern="\\d{5}" premium="15191|55[56]00" /> @@ -70,7 +70,7 @@ <shortcode country="bh" pattern="\\d{1,5}" free="81181|85999" /> <!-- Brazil: 1-5 digits (standard system default, not country specific) --> - <shortcode country="br" pattern="\\d{1,5}" free="6000[012]\\d|876|5500|9963|4141|8000|2652" /> + <shortcode country="br" pattern="\\d{1,5}" free="6000[012]\\d|876|5500|9963|4141|8000|2652|26808" /> <!-- Botswana: 1-5 digits (standard system default, not country specific) --> <shortcode country="bw" pattern="\\d{1,5}" free="16641" /> @@ -79,7 +79,7 @@ <shortcode country="by" pattern="\\d{4}" premium="3336|4161|444[4689]|501[34]|7781" /> <!-- Canada: 5-6 digits --> - <shortcode country="ca" pattern="\\d{5,6}" premium="60999|88188|43030" standard="244444" free="455677" /> + <shortcode country="ca" pattern="\\d{5,6}" premium="60999|88188|43030" standard="244444" free="455677|24470" /> <!-- Switzerland: 3-5 digits: http://www.swisscom.ch/fxres/kmu/thirdpartybusiness_code_of_conduct_en.pdf --> <shortcode country="ch" pattern="[2-9]\\d{2,4}" premium="543|83111|30118" free="98765|30075|30047" /> @@ -123,8 +123,8 @@ http://www.tja.ee/public/documents/Elektrooniline_side/Oigusaktid/ENG/Estonian_Numbering_Plan_annex_06_09_2010.mht --> <shortcode country="ee" pattern="1\\d{2,4}" premium="90\\d{5}|15330|1701[0-3]" free="116\\d{3}|95034" /> - <!-- Egypt: 4 digits, known codes listed --> - <shortcode country="eg" pattern="\\d{4}" free="1499" /> + <!-- Egypt: 4-5 digits, known codes listed --> + <shortcode country="eg" pattern="\\d{4,5}" free="1499|10020" /> <!-- Spain: 5-6 digits: 25xxx, 27xxx, 280xx, 35xxx, 37xxx, 795xxx, 797xxx, 995xxx, 997xxx, plus EU. http://www.legallink.es/?q=en/content/which-current-regulatory-status-premium-rate-services-spain --> @@ -147,7 +147,7 @@ <shortcode country="ge" pattern="\\d{1,5}" premium="801[234]|888[239]" free="95201|95202|95203" /> <!-- Ghana: 4 digits, known premium codes listed --> - <shortcode country="gh" pattern="\\d{4}" free="5041|3777|2333" /> + <shortcode country="gh" pattern="\\d{4}" free="5041|3777|2333|6061" /> <!-- Greece: 5 digits (54xxx, 19yxx, x=0-9, y=0-5): http://www.cmtelecom.com/premium-sms/greece --> <shortcode country="gr" pattern="\\d{5}" premium="54\\d{3}|19[0-5]\\d{2}" free="116\\d{3}|12115" /> @@ -169,7 +169,7 @@ <shortcode country="in" pattern="\\d{1,5}" free="59336|53969" /> <!-- Indonesia: 1-5 digits (standard system default, not country specific) --> - <shortcode country="id" pattern="\\d{1,5}" free="99477|6006|46645|363|93457|99265" /> + <shortcode country="id" pattern="\\d{1,5}" free="99477|6006|46645|363|93457|99265|77413" /> <!-- Ireland: 5 digits, 5xxxx (50xxx=free, 5[12]xxx=standard), plus EU: http://www.comreg.ie/_fileupload/publications/ComReg1117.pdf --> @@ -226,13 +226,13 @@ <shortcode country="mn" pattern="\\d{1,6}" free="44444|45678|445566" /> <!-- Malawi: 1-5 digits (standard system default, not country specific) --> - <shortcode country="mw" pattern="\\d{1,5}" free="4276" /> + <shortcode country="mw" pattern="\\d{1,5}" free="4276|4305" /> <!-- Mozambique: 1-5 digits (standard system default, not country specific) --> <shortcode country="mz" pattern="\\d{1,5}" free="1714" /> <!-- Mexico: 4-7 digits (not confirmed), known premium codes listed --> - <shortcode country="mx" pattern="\\d{4,7}" premium="53035|7766" free="26259|46645|50025|50052|5050|76551|88778|9963|91101|45453|550346|3030303|81811" /> + <shortcode country="mx" pattern="\\d{4,7}" premium="53035|7766" free="26259|46645|50025|50052|5050|76551|88778|9963|91101|45453|550346|3030303|81811|81818" /> <!-- Malaysia: 5 digits: http://www.skmm.gov.my/attachment/Consumer_Regulation/Mobile_Content_Services_FAQs.pdf --> <shortcode country="my" pattern="\\d{5}" premium="32298|33776" free="22099|28288|66668|66966" /> @@ -324,7 +324,7 @@ <shortcode country="tj" pattern="\\d{4}" premium="11[3-7]1|4161|4333|444[689]" /> <!-- Tanzania: 1-5 digits (standard system default, not country specific) --> - <shortcode country="tz" pattern="\\d{1,5}" free="15046|15234|15324" /> + <shortcode country="tz" pattern="\\d{1,5}" free="15046|15234|15324|15610" /> <!-- Tunisia: 5 digits, known premium codes listed --> <shortcode country="tn" pattern="\\d{5}" free="85799" /> @@ -336,11 +336,11 @@ <shortcode country="ua" pattern="\\d{4}" premium="444[3-9]|70[579]4|7540" /> <!-- Uganda(UG): 4 digits (standard system default, not country specific) --> - <shortcode country="ug" pattern="\\d{4}" free="8000" /> + <shortcode country="ug" pattern="\\d{4}" free="8000|8009" /> <!-- USA: 5-6 digits (premium codes from https://www.premiumsmsrefunds.com/ShortCodes.htm), visual voicemail code for T-Mobile: 122 --> - <shortcode country="us" pattern="\\d{5,6}" premium="20433|21(?:344|472)|22715|23(?:333|847)|24(?:15|28)0|25209|27(?:449|606|663)|28498|305(?:00|83)|32(?:340|941)|33(?:166|786|849)|34746|35(?:182|564)|37975|38(?:135|146|254)|41(?:366|463)|42335|43(?:355|500)|44(?:578|711|811)|45814|46(?:157|173|327)|46666|47553|48(?:221|277|669)|50(?:844|920)|51(?:062|368)|52944|54(?:723|892)|55928|56483|57370|59(?:182|187|252|342)|60339|61(?:266|982)|62478|64(?:219|898)|65(?:108|500)|69(?:208|388)|70877|71851|72(?:078|087|465)|73(?:288|588|882|909|997)|74(?:034|332|815)|76426|79213|81946|83177|84(?:103|685)|85797|86(?:234|236|666)|89616|90(?:715|842|938)|91(?:362|958)|94719|95297|96(?:040|666|835|969)|97(?:142|294|688)|99(?:689|796|807)" standard="44567|244444" free="122|87902|21696|24614|28003|30356|33669|40196|41064|41270|43753|44034|46645|52413|56139|57969|61785|66975|75136|76227|81398|83952|85140|86566|86799|95737|96684|99245|611611|96831" /> + <shortcode country="us" pattern="\\d{5,6}" premium="20433|21(?:344|472)|22715|23(?:333|847)|24(?:15|28)0|25209|27(?:449|606|663)|28498|305(?:00|83)|32(?:340|941)|33(?:166|786|849)|34746|35(?:182|564)|37975|38(?:135|146|254)|41(?:366|463)|42335|43(?:355|500)|44(?:578|711|811)|45814|46(?:157|173|327)|46666|47553|48(?:221|277|669)|50(?:844|920)|51(?:062|368)|52944|54(?:723|892)|55928|56483|57370|59(?:182|187|252|342)|60339|61(?:266|982)|62478|64(?:219|898)|65(?:108|500)|69(?:208|388)|70877|71851|72(?:078|087|465)|73(?:288|588|882|909|997)|74(?:034|332|815)|76426|79213|81946|83177|84(?:103|685)|85797|86(?:234|236|666)|89616|90(?:715|842|938)|91(?:362|958)|94719|95297|96(?:040|666|835|969)|97(?:142|294|688)|99(?:689|796|807)" standard="44567|244444" free="122|87902|21696|24614|28003|30356|33669|40196|41064|41270|43753|44034|46645|52413|56139|57969|61785|66975|75136|76227|81398|83952|85140|86566|86799|95737|96684|99245|611611|96831|10907" /> <!--Uruguay : 1-6 digits (standard system default, not country specific) --> <shortcode country="uy" pattern="\\d{1,6}" free="55002|191289" /> diff --git a/omapi/aidl/vts/functional/AccessControlApp/Android.bp b/omapi/aidl/vts/functional/AccessControlApp/Android.bp index f03c3f6eb647..57d75f596485 100644 --- a/omapi/aidl/vts/functional/AccessControlApp/Android.bp +++ b/omapi/aidl/vts/functional/AccessControlApp/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_fwk_nfc", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/omapi/aidl/vts/functional/omapi/Android.bp b/omapi/aidl/vts/functional/omapi/Android.bp index c41479f9e9cf..8ee55ff56bb6 100644 --- a/omapi/aidl/vts/functional/omapi/Android.bp +++ b/omapi/aidl/vts/functional/omapi/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_fwk_nfc", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java index d1576c5cca4f..bb4ae96da53b 100644 --- a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java +++ b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java @@ -74,7 +74,6 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { private final Context mContext; private final Handler mHandler; private final PackageManagerInternal mPackageManagerInternal; - private final IntegrityFileManager mIntegrityFileManager; /** Create an instance of {@link AppIntegrityManagerServiceImpl}. */ public static AppIntegrityManagerServiceImpl create(Context context) { @@ -84,7 +83,6 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { return new AppIntegrityManagerServiceImpl( context, LocalServices.getService(PackageManagerInternal.class), - IntegrityFileManager.getInstance(), handlerThread.getThreadHandler()); } @@ -92,11 +90,9 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { AppIntegrityManagerServiceImpl( Context context, PackageManagerInternal packageManagerInternal, - IntegrityFileManager integrityFileManager, Handler handler) { mContext = context; mPackageManagerInternal = packageManagerInternal; - mIntegrityFileManager = integrityFileManager; mHandler = handler; IntentFilter integrityVerificationFilter = new IntentFilter(); @@ -127,80 +123,40 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { @BinderThread public void updateRuleSet( String version, ParceledListSlice<Rule> rules, IntentSender statusReceiver) { - String ruleProvider = getCallerPackageNameOrThrow(Binder.getCallingUid()); - if (DEBUG_INTEGRITY_COMPONENT) { - Slog.i(TAG, String.format("Calling rule provider name is: %s.", ruleProvider)); + Intent intent = new Intent(); + intent.putExtra(EXTRA_STATUS, STATUS_SUCCESS); + try { + statusReceiver.sendIntent( + mContext, + /* code= */ 0, + intent, + /* onFinished= */ null, + /* handler= */ null); + } catch (Exception e) { + Slog.e(TAG, "Error sending status feedback.", e); } - - mHandler.post( - () -> { - boolean success = true; - try { - mIntegrityFileManager.writeRules(version, ruleProvider, rules.getList()); - } catch (Exception e) { - Slog.e(TAG, "Error writing rules.", e); - success = false; - } - - if (DEBUG_INTEGRITY_COMPONENT) { - Slog.i( - TAG, - String.format( - "Successfully pushed rule set to version '%s' from '%s'", - version, ruleProvider)); - } - - Intent intent = new Intent(); - intent.putExtra(EXTRA_STATUS, success ? STATUS_SUCCESS : STATUS_FAILURE); - try { - statusReceiver.sendIntent( - mContext, - /* code= */ 0, - intent, - /* onFinished= */ null, - /* handler= */ null); - } catch (Exception e) { - Slog.e(TAG, "Error sending status feedback.", e); - } - }); } @Override @BinderThread public String getCurrentRuleSetVersion() { - getCallerPackageNameOrThrow(Binder.getCallingUid()); - - RuleMetadata ruleMetadata = mIntegrityFileManager.readMetadata(); - return (ruleMetadata != null && ruleMetadata.getVersion() != null) - ? ruleMetadata.getVersion() - : ""; + return ""; } @Override @BinderThread public String getCurrentRuleSetProvider() { - getCallerPackageNameOrThrow(Binder.getCallingUid()); - - RuleMetadata ruleMetadata = mIntegrityFileManager.readMetadata(); - return (ruleMetadata != null && ruleMetadata.getRuleProvider() != null) - ? ruleMetadata.getRuleProvider() - : ""; + return ""; } @Override public ParceledListSlice<Rule> getCurrentRules() { - List<Rule> rules = Collections.emptyList(); - try { - rules = mIntegrityFileManager.readRules(/* appInstallMetadata= */ null); - } catch (Exception e) { - Slog.e(TAG, "Error getting current rules", e); - } - return new ParceledListSlice<>(rules); + return new ParceledListSlice<>(Collections.emptyList()); } @Override public List<String> getWhitelistedRuleProviders() { - return getAllowedRuleProviderSystemApps(); + return Collections.emptyList(); } private void handleIntegrityVerification(Intent intent) { @@ -208,90 +164,4 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { mPackageManagerInternal.setIntegrityVerificationResult( verificationId, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); } - - /** We will use the SHA256 digest of a package name if it is more than 32 bytes long. */ - private String getPackageNameNormalized(String packageName) { - if (packageName.length() <= 32) { - return packageName; - } - - try { - MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); - byte[] hashBytes = messageDigest.digest(packageName.getBytes(StandardCharsets.UTF_8)); - return getHexDigest(hashBytes); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException("SHA-256 algorithm not found", e); - } - } - - private String getCallerPackageNameOrThrow(int callingUid) { - String callerPackageName = getCallingRulePusherPackageName(callingUid); - if (callerPackageName == null) { - throw new SecurityException( - "Only system packages specified in config_integrityRuleProviderPackages are " - + "allowed to call this method."); - } - return callerPackageName; - } - - private String getCallingRulePusherPackageName(int callingUid) { - // Obtain the system apps that are allowlisted in config_integrityRuleProviderPackages. - List<String> allowedRuleProviders = getAllowedRuleProviderSystemApps(); - if (DEBUG_INTEGRITY_COMPONENT) { - Slog.i( - TAG, - String.format( - "Rule provider system app list contains: %s", allowedRuleProviders)); - } - - // Identify the package names in the caller list. - List<String> callingPackageNames = getPackageListForUid(callingUid); - - // Find the intersection between the allowed and calling packages. Ideally, we will have - // at most one package name here. But if we have more, it is fine. - List<String> allowedCallingPackages = new ArrayList<>(); - for (String packageName : callingPackageNames) { - if (allowedRuleProviders.contains(packageName)) { - allowedCallingPackages.add(packageName); - } - } - - return allowedCallingPackages.isEmpty() ? null : allowedCallingPackages.get(0); - } - - private List<String> getAllowedRuleProviderSystemApps() { - List<String> integrityRuleProviders = - Arrays.asList( - mContext.getResources() - .getStringArray(R.array.config_integrityRuleProviderPackages)); - - // Filter out the rule provider packages that are not system apps. - List<String> systemAppRuleProviders = new ArrayList<>(); - for (String ruleProvider : integrityRuleProviders) { - if (isSystemApp(ruleProvider)) { - systemAppRuleProviders.add(ruleProvider); - } - } - return systemAppRuleProviders; - } - - private boolean isSystemApp(String packageName) { - try { - PackageInfo existingPackageInfo = - mContext.getPackageManager().getPackageInfo(packageName, /* flags= */ 0); - return existingPackageInfo.applicationInfo != null - && existingPackageInfo.applicationInfo.isSystemApp(); - } catch (PackageManager.NameNotFoundException e) { - return false; - } - } - - private List<String> getPackageListForUid(int uid) { - try { - return Arrays.asList(mContext.getPackageManager().getPackagesForUid(uid)); - } catch (NullPointerException e) { - Slog.w(TAG, String.format("No packages were found for uid: %d", uid)); - return List.of(); - } - } } diff --git a/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java b/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java index 9c6412b81b34..93aa10b9112f 100644 --- a/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java +++ b/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java @@ -135,7 +135,6 @@ public class AppIntegrityManagerServiceImplTest { @Mock PlatformCompat mPlatformCompat; @Mock Context mMockContext; @Mock Resources mMockResources; - @Mock IntegrityFileManager mIntegrityFileManager; @Mock Handler mHandler; private final Context mRealContext = InstrumentationRegistry.getTargetContext(); @@ -169,7 +168,6 @@ public class AppIntegrityManagerServiceImplTest { new AppIntegrityManagerServiceImpl( mMockContext, mPackageManagerInternal, - mIntegrityFileManager, mHandler); mSpyPackageManager = spy(mRealContext.getPackageManager()); @@ -177,7 +175,6 @@ public class AppIntegrityManagerServiceImplTest { when(mMockContext.getPackageManager()).thenReturn(mSpyPackageManager); when(mMockContext.getResources()).thenReturn(mMockResources); when(mMockResources.getStringArray(anyInt())).thenReturn(new String[] {}); - when(mIntegrityFileManager.initialized()).thenReturn(true); // These are needed to override the Settings.Global.get result. when(mMockContext.getContentResolver()).thenReturn(mRealContext.getContentResolver()); setIntegrityCheckIncludesRuleProvider(true); @@ -191,98 +188,6 @@ public class AppIntegrityManagerServiceImplTest { } @Test - public void updateRuleSet_notAuthorized() throws Exception { - makeUsSystemApp(); - Rule rule = - new Rule( - new AtomicFormula.BooleanAtomicFormula(AtomicFormula.PRE_INSTALLED, true), - Rule.DENY); - TestUtils.assertExpectException( - SecurityException.class, - "Only system packages specified in config_integrityRuleProviderPackages are" - + " allowed to call this method.", - () -> - mService.updateRuleSet( - VERSION, - new ParceledListSlice<>(Arrays.asList(rule)), - /* statusReceiver= */ null)); - } - - @Test - public void updateRuleSet_notSystemApp() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(false); - Rule rule = - new Rule( - new AtomicFormula.BooleanAtomicFormula(AtomicFormula.PRE_INSTALLED, true), - Rule.DENY); - TestUtils.assertExpectException( - SecurityException.class, - "Only system packages specified in config_integrityRuleProviderPackages are" - + " allowed to call this method.", - () -> - mService.updateRuleSet( - VERSION, - new ParceledListSlice<>(Arrays.asList(rule)), - /* statusReceiver= */ null)); - } - - @Test - public void updateRuleSet_authorized() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - Rule rule = - new Rule( - new AtomicFormula.BooleanAtomicFormula(AtomicFormula.PRE_INSTALLED, true), - Rule.DENY); - - // no SecurityException - mService.updateRuleSet( - VERSION, new ParceledListSlice<>(Arrays.asList(rule)), mock(IntentSender.class)); - } - - @Test - public void updateRuleSet_correctMethodCall() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - IntentSender mockReceiver = mock(IntentSender.class); - List<Rule> rules = - Arrays.asList( - new Rule( - IntegrityFormula.Application.packageNameEquals(PACKAGE_NAME), - Rule.DENY)); - - mService.updateRuleSet(VERSION, new ParceledListSlice<>(rules), mockReceiver); - runJobInHandler(); - - verify(mIntegrityFileManager).writeRules(VERSION, TEST_FRAMEWORK_PACKAGE, rules); - ArgumentCaptor<Intent> intentCaptor = ArgumentCaptor.forClass(Intent.class); - verify(mockReceiver).sendIntent(any(), anyInt(), intentCaptor.capture(), any(), any()); - assertEquals(STATUS_SUCCESS, intentCaptor.getValue().getIntExtra(EXTRA_STATUS, -1)); - } - - @Test - public void updateRuleSet_fail() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - doThrow(new IOException()).when(mIntegrityFileManager).writeRules(any(), any(), any()); - IntentSender mockReceiver = mock(IntentSender.class); - List<Rule> rules = - Arrays.asList( - new Rule( - IntegrityFormula.Application.packageNameEquals(PACKAGE_NAME), - Rule.DENY)); - - mService.updateRuleSet(VERSION, new ParceledListSlice<>(rules), mockReceiver); - runJobInHandler(); - - verify(mIntegrityFileManager).writeRules(VERSION, TEST_FRAMEWORK_PACKAGE, rules); - ArgumentCaptor<Intent> intentCaptor = ArgumentCaptor.forClass(Intent.class); - verify(mockReceiver).sendIntent(any(), anyInt(), intentCaptor.capture(), any(), any()); - assertEquals(STATUS_FAILURE, intentCaptor.getValue().getIntExtra(EXTRA_STATUS, -1)); - } - - @Test public void broadcastReceiverRegistration() throws Exception { allowlistUsAsRuleProvider(); makeUsSystemApp(); @@ -316,71 +221,6 @@ public class AppIntegrityManagerServiceImplTest { 1, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); } - @Test - public void handleBroadcast_notInitialized() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - when(mIntegrityFileManager.initialized()).thenReturn(false); - ArgumentCaptor<BroadcastReceiver> broadcastReceiverCaptor = - ArgumentCaptor.forClass(BroadcastReceiver.class); - verify(mMockContext) - .registerReceiver(broadcastReceiverCaptor.capture(), any(), any(), any()); - Intent intent = makeVerificationIntent(); - - broadcastReceiverCaptor.getValue().onReceive(mMockContext, intent); - runJobInHandler(); - - // The evaluation will still run since we still evaluate manifest based rules. - verify(mPackageManagerInternal) - .setIntegrityVerificationResult( - 1, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - } - - @Test - public void verifierAsInstaller_skipIntegrityVerification() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - setIntegrityCheckIncludesRuleProvider(false); - ArgumentCaptor<BroadcastReceiver> broadcastReceiverCaptor = - ArgumentCaptor.forClass(BroadcastReceiver.class); - verify(mMockContext, atLeastOnce()) - .registerReceiver(broadcastReceiverCaptor.capture(), any(), any(), any()); - Intent intent = makeVerificationIntent(TEST_FRAMEWORK_PACKAGE); - - broadcastReceiverCaptor.getValue().onReceive(mMockContext, intent); - runJobInHandler(); - - verify(mPackageManagerInternal) - .setIntegrityVerificationResult( - 1, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - } - - @Test - public void getCurrentRules() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - Rule rule = new Rule(IntegrityFormula.Application.packageNameEquals("package"), Rule.DENY); - when(mIntegrityFileManager.readRules(any())).thenReturn(Arrays.asList(rule)); - - assertThat(mService.getCurrentRules().getList()).containsExactly(rule); - } - - @Test - public void getWhitelistedRuleProviders_returnsEmptyForNonSystemApps() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(false); - - assertThat(mService.getWhitelistedRuleProviders()).isEmpty(); - } - - @Test - public void getWhitelistedRuleProviders() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - - assertThat(mService.getWhitelistedRuleProviders()).containsExactly(TEST_FRAMEWORK_PACKAGE); - } - private void allowlistUsAsRuleProvider() { Resources mockResources = mock(Resources.class); when(mockResources.getStringArray(R.array.config_integrityRuleProviderPackages)) |