需求:在白名单内的应用允许安装,不在白名单的应用禁止安装。
在PMS里面做判断,不在白名单内的应用直接return。
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
/**
* Keep track of all those APKs everywhere.
* <p>
@@ -17346,6 +17350,27 @@ public class PackageManagerService extends IPackageManager.Stub
return;
}
+ if(!isWhiteListApp(pkg.packageName)){
+ Log.d("TAG","--isWhiteListApp--");
+ res.setError(PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE,
+ "app is not in the whitelist. packageName:" + pkg.packageName);
+ return;
+ }
if (instantApp && pkg.mSigningDetails.signatureSchemeVersion
< SignatureSchemeVersion.SIGNING_BLOCK_V2) {
Slog.w(TAG, "Instant app package " + pkg.packageName
@@ -24913,6 +24938,65 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
return mProtectedPackages.isPackageStateProtected(userId, packageName);
}
+ private boolean isWhiteListApp(String packagename){
+ ArrayList<String> whiteListApp = new ArrayList<String>();
+ try{
+ BufferedReader br = new BufferedReader(new InputStreamReader(
+ new FileInputStream("/system/etc/WhiteListApp.conf")));
+ String line ="";
+ while ((line = br.readLine()) != null){
+ whiteListApp.add(line);
+ }
+ br.close();
+ }catch(java.io.FileNotFoundException ex){
+ return false;
+ }catch(java.io.IOException ex){
+ return false;
+ }
+ Iterator<String> it = whiteListApp.iterator();
+ while (it.hasNext()) {
+ String whitelistItem = it.next();
+ if (whitelistItem.equals(packagename)) {
+ return true;
+ }
+ }
+ return false;
+ }
创建WhiteListApp.conf。在device/项目/xxx/目录下的device.mk文件中将WhiteListApp.conf,copy到ystem/etc
PRODUCT_COPY_FILES += vendor/xxx/WhiteListApp.conf:system/etc/WhiteListApp.conf
WhiteListApp.conf内容如下:
com.xxx.xxx
com.xxx.xxx