Java Code Examples for android.content.pm.ApplicationInfo#isPrivilegedApp()

The following examples show how to use android.content.pm.ApplicationInfo#isPrivilegedApp() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: PackageDexOptimizer.java    From android_9.0.0_r45 with Apache License 2.0 6 votes vote down vote up 
/**
 * Returns the compiler filter that should be used to optimize the package code.
 * The target filter will be updated if the package code is used by other apps
 * or if it has the safe mode flag set.
 */
private String getRealCompilerFilter(ApplicationInfo info, String targetCompilerFilter,
        boolean isUsedByOtherApps) {
    int flags = info.flags;
    boolean vmSafeMode = (flags & ApplicationInfo.FLAG_VM_SAFE_MODE) != 0;
    // When a priv app is configured to run out of box, only verify it.
    if (info.isPrivilegedApp() && DexManager.isPackageSelectedToRunOob(info.packageName)) {
        return "verify";
    }
    if (vmSafeMode) {
        return getSafeModeCompilerFilter(targetCompilerFilter);
    }

    if (isProfileGuidedCompilerFilter(targetCompilerFilter) && isUsedByOtherApps) {
        // If the dex files is used by other apps, apply the shared filter.
        return PackageManagerServiceCompilerMapping.getCompilerFilterForReason(
                PackageManagerService.REASON_SHARED);
    }

    return targetCompilerFilter;
}
Example 2
Source File: NetworkSecurityConfig.java    From android_9.0.0_r45 with Apache License 2.0 4 votes vote down vote up 
/**
 * Return a {@link Builder} for the default {@code NetworkSecurityConfig}.
 *
 * <p>
 * The default configuration has the following properties:
 * <ol>
 * <li>If the application targets API level 27 (Android O MR1) or lower then cleartext traffic
 * is allowed by default.</li>
 * <li>Cleartext traffic is not permitted for ephemeral apps.</li>
 * <li>HSTS is not enforced.</li>
 * <li>No certificate pinning is used.</li>
 * <li>The system certificate store is trusted for connections.</li>
 * <li>If the application targets API level 23 (Android M) or lower then the user certificate
 * store is trusted by default as well for non-privileged applications.</li>
 * <li>Privileged applications do not trust the user certificate store on Android P and higher.
 * </li>
 * </ol>
 *
 * @hide
 */
public static Builder getDefaultBuilder(ApplicationInfo info) {
    Builder builder = new Builder()
            .setHstsEnforced(DEFAULT_HSTS_ENFORCED)
            // System certificate store, does not bypass static pins.
            .addCertificatesEntryRef(
                    new CertificatesEntryRef(SystemCertificateSource.getInstance(), false));
    final boolean cleartextTrafficPermitted = info.targetSdkVersion < Build.VERSION_CODES.P
            && info.targetSandboxVersion < 2;
    builder.setCleartextTrafficPermitted(cleartextTrafficPermitted);
    // Applications targeting N and above must opt in into trusting the user added certificate
    // store.
    if (info.targetSdkVersion <= Build.VERSION_CODES.M && !info.isPrivilegedApp()) {
        // User certificate store, does not bypass static pins.
        builder.addCertificatesEntryRef(
                new CertificatesEntryRef(UserCertificateSource.getInstance(), false));
    }
    return builder;
}
Example 3
Source File: GraphicsEnvironment.java    From android_9.0.0_r45 with Apache License 2.0 4 votes vote down vote up 
/**
 * Choose whether the current process should use the builtin or an updated driver.
 */
private static void chooseDriver(Context context) {
    String driverPackageName = SystemProperties.get(PROPERTY_GFX_DRIVER);
    if (driverPackageName == null || driverPackageName.isEmpty()) {
        return;
    }
    // To minimize risk of driver updates crippling the device beyond user repair, never use an
    // updated driver for privileged or non-updated system apps. Presumably pre-installed apps
    // were tested thoroughly with the pre-installed driver.
    ApplicationInfo ai = context.getApplicationInfo();
    if (ai.isPrivilegedApp() || (ai.isSystemApp() && !ai.isUpdatedSystemApp())) {
        if (DEBUG) Log.v(TAG, "ignoring driver package for privileged/non-updated system app");
        return;
    }
    ApplicationInfo driverInfo;
    try {
        driverInfo = context.getPackageManager().getApplicationInfo(driverPackageName,
                PackageManager.MATCH_SYSTEM_ONLY);
    } catch (PackageManager.NameNotFoundException e) {
        Log.w(TAG, "driver package '" + driverPackageName + "' not installed");
        return;
    }
    String abi = chooseAbi(driverInfo);
    if (abi == null) {
        if (DEBUG) {
            // This is the normal case for the pre-installed empty driver package, don't spam
            if (driverInfo.isUpdatedSystemApp()) {
                Log.w(TAG, "updated driver package has no compatible native libraries");
            }
        }
        return;
    }
    if (driverInfo.targetSdkVersion < Build.VERSION_CODES.O) {
        // O drivers are restricted to the sphal linker namespace, so don't try to use
        // packages unless they declare they're compatible with that restriction.
        Log.w(TAG, "updated driver package is not known to be compatible with O");
        return;
    }

    StringBuilder sb = new StringBuilder();
    sb.append(driverInfo.nativeLibraryDir)
      .append(File.pathSeparator);
    sb.append(driverInfo.sourceDir)
      .append("!/lib/")
      .append(abi);
    String paths = sb.toString();

    if (DEBUG) Log.v(TAG, "gfx driver package libs: " + paths);
    setDriverPath(paths);
}