git.osdn.net Git - android-x86/frameworks-base.git/commit

author	Bryan Henry <bryanhenry@google.com>
	Sun, 6 May 2018 20:36:17 +0000 (13:36 -0700)
committer	Bryan Henry <bryanhenry@google.com>
	Sun, 6 May 2018 20:36:17 +0000 (13:36 -0700)
commit	ad8a0da6a7b92e244953460068aebd4b40a5614e
tree	ab6a82996762a992f0119a550bf165ffbf8d2cca	tree \| snapshot
parent	b37e1cd82fcaa7058e9fdf34749fcd19a7e2b2b4	commit \| diff

Allow changing signing cert for system apps that use shared users

This allows changing the signing certificate of system apps that use
shared users across an OTA, but still verifies that all signatures
within a given boot are consistent for a given shared user.

Bug: 72837107
Bug: 77973716
Bug: 74501739
Test: Flashed dev-keys build into slot b and (local) release-keys build
into slot a, booted into b, then successfully booted into a without
wiping userdata.
Test: Same as above, but treated com.android.mtp (uses android.media UID)
as PRESIGNED during release signing so it kept dev-keys. Verified it
wasn't scanned first and that only that package was rejected.
Test: Same as above, but treated com.android.providers.downloads (uses
android.media UID) as PRESIGNED during release signing so it kept
dev-keys. Verified it was scanned first (out of APKs using this UID) and
that only this package was accepted. Verified other APKs using
android.media UID that were scanned after were rejected.

Change-Id: I2076e8358cae22e45a24aa4c32a1b8dd446679ca

services/core/java/com/android/server/pm/PackageManagerService.java		diff \| blob \| history
services/core/java/com/android/server/pm/SharedUserSetting.java		diff \| blob \| history