cdd685c07504223e37e7831ce592446ec4ac6f6a |
|
22-Aug-2017 |
Svetoslav Ganov <svetoslavganov@google.com> |
Use all certs for computing package signing sha256 In several places we compute the sha256 of the app's signing certificate (instant cookie storage, backup account permission grants, static shared lib matching). It is possible that an app is singed with multiple certs which unfortunately can appear in a random order. We were using only the first certificate to compute the hash which may be problematic for apps signed with multiple certs which are later reordered. If an app update's certs are reordered for cookie storage the app would not be able to access the cookie, for account grants the app would not get the grant, and for shared libs the app would fail to install due to a missing lib. Test: all cookie CTS tests pass all static shared lib CTS tests pass added test that cookie data not lost on sha256 computation change added test that lib install works when specifying multiple certs bug:64270295 Change-Id: Ib6b55f25da735ff5c2762faf6e9b5888e749041d
/frameworks/base/services/core/java/com/android/server/accounts/AccountManagerBackupHelper.java
|
8cd927d8ea08cba89ac02dfd50ed42b486bd7f53 |
|
28-Mar-2017 |
Fyodor Kupolov <fkupolov@google.com> |
Introduced additional lock - dbLock Right now it is always used with cacheLock. In the future, we will be adding optimizations to reduce cacheLock contention by only holding it when updating the cache. This change is non-functional and doesn't change the current locking contract Test: Manual + AccountManagerServiceTest Bug: 36485175 Change-Id: Iebc437463958d33b32fc1273a84680c22ac60825
/frameworks/base/services/core/java/com/android/server/accounts/AccountManagerBackupHelper.java
|
00de49e20ddb0d8ab5ab2d65e47bf98a040bc97b |
|
23-Sep-2016 |
Fyodor Kupolov <fkupolov@google.com> |
Introduced AccountDb API replacing helpers Refactored AccountsDb to provide unified interface for interacting with CE/DE database. Benefits of the new API: - Better encapsulation - only relevant methods are exposed. Implementation details are hidden in private helper classes. - Clients can now treat CE tables as if they were in DE database, but only available when the user is unlocked. - Opening database is now implicit - no more getReadableDatabase /getWritableDatabase calls. Clients only need to define transaction boundaries, when necessary. Test: Refactoring Bug: 30639520 Change-Id: I08b1fc95b7a633b036e05e8ef7e8ebd239187aa1
/frameworks/base/services/core/java/com/android/server/accounts/AccountManagerBackupHelper.java
|
1ce0161e30de2585f67e9c42ad98b33ab0333f46 |
|
26-Aug-2016 |
Fyodor Kupolov <fkupolov@google.com> |
Extracted persistence layer into a separate class Introduced AccountsDb class and moved all DB-accessing methods there. The methods are organized by the database: - DeDatabaseHelper - provides access to accounts_de data - CeDatabaseHelper - access to accounts_ce - PreNDatabaseHelper - migration logic from a pre-N single database to two databases in N - DebugDbHelper - debug table + helper methods Notable improvements: - logRecord methods no longer opens SQLiteDatabase (it was actually unused down in the call chain) - Clean separation between business and persistence logic - no more sql statements concatenation in the AMS code. Test: Refactoring CL. Bug: 30639520 Change-Id: I41bd1abe47a23efbc735344413f32cbb68a5c8af
/frameworks/base/services/core/java/com/android/server/accounts/AccountManagerBackupHelper.java
|
5d09c998a03eea53218c3b3c40e20db1b7693c9c |
|
07-Sep-2016 |
Svet Ganov <svetoslavganov@google.com> |
Backup account access grants Sync adapters without an account access cannot run until the user approves the account access (for the case the account access is not allowed by other policy such as being singed with the same cert as the authenticator). If the sync adapter does not have permission to access the account we ask the user to grant access and take a note. This CL adds backup for the explicit user grants. bug:31162498 Change-Id: I31e3f3d010475352c7c54255ac2d3a2fed4d0c72
/frameworks/base/services/core/java/com/android/server/accounts/AccountManagerBackupHelper.java
|