summaryrefslogtreecommitdiff
path: root/src/com/android/se/security/AccessControlEnforcer.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/com/android/se/security/AccessControlEnforcer.java')
-rwxr-xr-xsrc/com/android/se/security/AccessControlEnforcer.java29
1 files changed, 29 insertions, 0 deletions
diff --git a/src/com/android/se/security/AccessControlEnforcer.java b/src/com/android/se/security/AccessControlEnforcer.java
index a4ceb70..bcf3a9a 100755
--- a/src/com/android/se/security/AccessControlEnforcer.java
+++ b/src/com/android/se/security/AccessControlEnforcer.java
@@ -451,6 +451,35 @@ public class AccessControlEnforcer {
}
}
+ /** Returns true if the given package has Carrier Privileges */
+ public synchronized boolean checkCarrierPrivilege(PackageInfo pInfo, boolean checkRefreshTag) {
+ if (!mUseAra && !mUseArf) {
+ return false;
+ }
+ if (checkRefreshTag) {
+ try {
+ updateAccessRuleIfNeed();
+ } catch (IOException | MissingResourceException e) {
+ throw new AccessControlException("Access-Control not found in "
+ + mTerminal.getName());
+ }
+ }
+ if (mRulesRead) {
+ return false;
+ }
+ try {
+ List<byte[]> appCertHashes = getAppCertHashes(pInfo.packageName);
+ if (appCertHashes == null || appCertHashes.size() == 0) {
+ return false;
+ }
+
+ return mAccessRuleCache.checkCarrierPrivilege(pInfo.packageName, appCertHashes);
+ } catch (Exception e) {
+ Log.w(mTag, " checkCarrierPrivilege: " + e.getLocalizedMessage());
+ }
+ return false;
+ }
+
/** Debug information to be used by dumpsys */
public void dump(PrintWriter writer) {
writer.println(mTag + ":");
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 08:21:15 +0000