New receiver for signed config.
A new receiver is added when the system server is created. It receives
broadcasts and pulls out the config & signature, but doesn't yet do
anything with it.
go/serverless-config-design
Test: Manual
Bug: 110509075
Change-Id: Ie369e198de5e830253b17e964afb67c76735909c
diff --git a/services/core/java/com/android/server/signedconfig/SignedConfigApplicator.java b/services/core/java/com/android/server/signedconfig/SignedConfigApplicator.java
new file mode 100644
index 0000000..7ce071f
--- /dev/null
+++ b/services/core/java/com/android/server/signedconfig/SignedConfigApplicator.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2018 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.signedconfig;
+
+import android.content.Context;
+
+class SignedConfigApplicator {
+
+ static void applyConfig(Context context, String config, String signature) {
+ //TODO verify signature
+ //TODO parse & apply config
+ }
+
+}
diff --git a/services/core/java/com/android/server/signedconfig/SignedConfigService.java b/services/core/java/com/android/server/signedconfig/SignedConfigService.java
new file mode 100644
index 0000000..1485686
--- /dev/null
+++ b/services/core/java/com/android/server/signedconfig/SignedConfigService.java
@@ -0,0 +1,105 @@
+/*
+ * Copyright (C) 2018 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.signedconfig;
+
+import android.content.BroadcastReceiver;
+import android.content.Context;
+import android.content.Intent;
+import android.content.IntentFilter;
+import android.content.pm.PackageInfo;
+import android.content.pm.PackageManager;
+import android.content.pm.PackageManagerInternal;
+import android.net.Uri;
+import android.os.Bundle;
+import android.util.Slog;
+
+import com.android.server.LocalServices;
+
+/**
+ * Signed config service. This is not an Android Service, but just owns a broadcast receiver for
+ * receiving package install and update notifications from the package manager.
+ */
+public class SignedConfigService {
+
+ private static final boolean DBG = false;
+ private static final String TAG = "SignedConfig";
+
+ // TODO should these be elsewhere? In a public API?
+ private static final String KEY_CONFIG = "android.signedconfig";
+ private static final String KEY_CONFIG_SIGNATURE = "android.signedconfig.signature";
+
+ private static class UpdateReceiver extends BroadcastReceiver {
+ @Override
+ public void onReceive(Context context, Intent intent) {
+ new SignedConfigService(context).handlePackageBroadcast(intent);
+ }
+ }
+
+ private final Context mContext;
+ private final PackageManagerInternal mPacMan;
+
+ public SignedConfigService(Context context) {
+ mContext = context;
+ mPacMan = LocalServices.getService(PackageManagerInternal.class);
+ }
+
+ void handlePackageBroadcast(Intent intent) {
+ if (DBG) Slog.d(TAG, "handlePackageBroadcast " + intent);
+ Uri packageData = intent.getData();
+ String packageName = packageData == null ? null : packageData.getSchemeSpecificPart();
+ if (DBG) Slog.d(TAG, "handlePackageBroadcast package=" + packageName);
+ if (packageName == null) {
+ return;
+ }
+ int userId = mContext.getUser().getIdentifier();
+ PackageInfo pi = mPacMan.getPackageInfo(packageName, PackageManager.GET_META_DATA,
+ android.os.Process.SYSTEM_UID, userId);
+ if (pi == null) {
+ Slog.w(TAG, "Got null PackageInfo for " + packageName + "; user " + userId);
+ return;
+ }
+ Bundle metaData = pi.applicationInfo.metaData;
+ if (metaData == null) {
+ if (DBG) Slog.d(TAG, "handlePackageBroadcast: no metadata");
+ return;
+ }
+ if (metaData.containsKey(KEY_CONFIG)
+ && metaData.containsKey(KEY_CONFIG_SIGNATURE)) {
+ String config = metaData.getString(KEY_CONFIG);
+ String signature = metaData.getString(KEY_CONFIG_SIGNATURE);
+ if (DBG) {
+ Slog.d(TAG, "Got signed config: " + config);
+ Slog.d(TAG, "Got config signature: " + signature);
+ }
+ SignedConfigApplicator.applyConfig(mContext, config, signature);
+ } else {
+ if (DBG) Slog.d(TAG, "Package has no config/signature.");
+ }
+ }
+
+ /**
+ * Register to receive broadcasts from the package manager.
+ */
+ public static void registerUpdateReceiver(Context context) {
+ if (DBG) Slog.d(TAG, "Registering receiver");
+ IntentFilter filter = new IntentFilter();
+ filter.addAction(Intent.ACTION_PACKAGE_ADDED);
+ filter.addAction(Intent.ACTION_PACKAGE_REPLACED);
+ filter.addDataScheme("package");
+ context.registerReceiver(new UpdateReceiver(), filter);
+ }
+}
diff --git a/services/java/com/android/server/SystemServer.java b/services/java/com/android/server/SystemServer.java
index f8ac41f..c745d6f 100644
--- a/services/java/com/android/server/SystemServer.java
+++ b/services/java/com/android/server/SystemServer.java
@@ -121,6 +121,7 @@
import com.android.server.role.RoleManagerService;
import com.android.server.security.KeyAttestationApplicationIdProviderService;
import com.android.server.security.KeyChainSystemService;
+import com.android.server.signedconfig.SignedConfigService;
import com.android.server.soundtrigger.SoundTriggerService;
import com.android.server.stats.StatsCompanionService;
import com.android.server.statusbar.StatusBarManagerService;
@@ -1003,6 +1004,11 @@
traceBeginAndSlog("PinnerService");
mSystemServiceManager.startService(PinnerService.class);
traceEnd();
+
+ traceBeginAndSlog("SignedConfigService");
+ SignedConfigService.registerUpdateReceiver(mSystemContext);
+ traceEnd();
+
} catch (RuntimeException e) {
Slog.e("System", "******************************************");
Slog.e("System", "************ Failure starting core service", e);