Merge "Remove unused classes in App Integrity Service" into main am: dfec215f55 am: aa44976afd
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/3343142
Change-Id: I31123b7cabfba9163106d18c6f02293e3dd01131
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java
index bb4ae96..a132876b 100644
--- a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java
+++ b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java
@@ -46,7 +46,6 @@
import com.android.internal.R;
import com.android.internal.annotations.VisibleForTesting;
import com.android.server.LocalServices;
-import com.android.server.integrity.model.RuleMetadata;
import java.io.File;
import java.nio.charset.StandardCharsets;
diff --git a/services/core/java/com/android/server/integrity/model/IntegrityCheckResult.java b/services/core/java/com/android/server/integrity/model/IntegrityCheckResult.java
deleted file mode 100644
index b0647fc..0000000
--- a/services/core/java/com/android/server/integrity/model/IntegrityCheckResult.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.server.integrity.model;
-
-import android.annotation.Nullable;
-import android.content.integrity.Rule;
-
-import java.util.Collections;
-import java.util.List;
-
-/**
- * A class encapsulating the result from the evaluation engine after evaluating rules against app
- * install metadata.
- *
- * <p>It contains the outcome effect (whether to allow or block the install), and the rule causing
- * that effect.
- */
-public final class IntegrityCheckResult {
-
- public enum Effect {
- ALLOW,
- DENY
- }
-
- private final Effect mEffect;
- private final List<Rule> mRuleList;
-
- private IntegrityCheckResult(Effect effect, @Nullable List<Rule> ruleList) {
- this.mEffect = effect;
- this.mRuleList = ruleList;
- }
-
- public Effect getEffect() {
- return mEffect;
- }
-
- public List<Rule> getMatchedRules() {
- return mRuleList;
- }
-
- /**
- * Create an ALLOW evaluation outcome.
- *
- * @return An evaluation outcome with ALLOW effect and no rule.
- */
- public static IntegrityCheckResult allow() {
- return new IntegrityCheckResult(Effect.ALLOW, Collections.emptyList());
- }
-
- /**
- * Create an ALLOW evaluation outcome.
- *
- * @return An evaluation outcome with ALLOW effect and rule causing that effect.
- */
- public static IntegrityCheckResult allow(List<Rule> ruleList) {
- return new IntegrityCheckResult(Effect.ALLOW, ruleList);
- }
-
- /**
- * Create a DENY evaluation outcome.
- *
- * @param ruleList All valid rules that cause the DENY effect.
- * @return An evaluation outcome with DENY effect and rule causing that effect.
- */
- public static IntegrityCheckResult deny(List<Rule> ruleList) {
- return new IntegrityCheckResult(Effect.DENY, ruleList);
- }
-
- /** Returns true when the {@code mEffect} is caused by an app certificate mismatch. */
- public boolean isCausedByAppCertRule() {
- return mRuleList.stream().anyMatch(rule -> rule.getFormula().isAppCertificateFormula());
- }
-
- /** Returns true when the {@code mEffect} is caused by an installer rule. */
- public boolean isCausedByInstallerRule() {
- return mRuleList.stream().anyMatch(rule -> rule.getFormula().isInstallerFormula());
- }
-
-}
diff --git a/services/core/java/com/android/server/integrity/model/RuleMetadata.java b/services/core/java/com/android/server/integrity/model/RuleMetadata.java
deleted file mode 100644
index 6b582ae..0000000
--- a/services/core/java/com/android/server/integrity/model/RuleMetadata.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.server.integrity.model;
-
-import android.annotation.Nullable;
-
-/** Data class containing relevant metadata associated with a rule set. */
-public class RuleMetadata {
-
- private final String mRuleProvider;
- private final String mVersion;
-
- public RuleMetadata(String ruleProvider, String version) {
- mRuleProvider = ruleProvider;
- mVersion = version;
- }
-
- @Nullable
- public String getRuleProvider() {
- return mRuleProvider;
- }
-
- @Nullable
- public String getVersion() {
- return mVersion;
- }
-}
diff --git a/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java b/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java
index 93aa10b..fd22118 100644
--- a/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java
+++ b/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java
@@ -68,7 +68,6 @@
import com.android.internal.R;
import com.android.server.compat.PlatformCompat;
-import com.android.server.integrity.model.IntegrityCheckResult;
import com.android.server.testutils.TestUtils;
import org.junit.After;
diff --git a/services/tests/servicestests/src/com/android/server/integrity/model/IntegrityCheckResultTest.java b/services/tests/servicestests/src/com/android/server/integrity/model/IntegrityCheckResultTest.java
deleted file mode 100644
index d31ed68..0000000
--- a/services/tests/servicestests/src/com/android/server/integrity/model/IntegrityCheckResultTest.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright (C) 2020 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.server.integrity.model;
-
-import static com.google.common.truth.Truth.assertThat;
-
-import android.content.integrity.AtomicFormula;
-import android.content.integrity.CompoundFormula;
-import android.content.integrity.Rule;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.JUnit4;
-
-import java.util.Arrays;
-import java.util.Collections;
-
-@RunWith(JUnit4.class)
-public class IntegrityCheckResultTest {
-
- @Test
- public void createAllowResult() {
- IntegrityCheckResult allowResult = IntegrityCheckResult.allow();
-
- assertThat(allowResult.getEffect()).isEqualTo(IntegrityCheckResult.Effect.ALLOW);
- assertThat(allowResult.getMatchedRules()).isEmpty();
- }
-
- @Test
- public void createAllowResultWithRule() {
- String packageName = "com.test.deny";
- Rule forceAllowRule =
- new Rule(
- new AtomicFormula.StringAtomicFormula(AtomicFormula.PACKAGE_NAME,
- packageName),
- Rule.FORCE_ALLOW);
-
- IntegrityCheckResult allowResult =
- IntegrityCheckResult.allow(Collections.singletonList(forceAllowRule));
-
- assertThat(allowResult.getEffect()).isEqualTo(IntegrityCheckResult.Effect.ALLOW);
- assertThat(allowResult.getMatchedRules()).containsExactly(forceAllowRule);
- }
-
- @Test
- public void createDenyResultWithRule() {
- String packageName = "com.test.deny";
- Rule failedRule =
- new Rule(
- new AtomicFormula.StringAtomicFormula(AtomicFormula.PACKAGE_NAME,
- packageName),
- Rule.DENY);
-
- IntegrityCheckResult denyResult =
- IntegrityCheckResult.deny(Collections.singletonList(failedRule));
-
- assertThat(denyResult.getEffect()).isEqualTo(IntegrityCheckResult.Effect.DENY);
- assertThat(denyResult.getMatchedRules()).containsExactly(failedRule);
- }
-
- @Test
- public void isDenyCausedByAppCertificate() {
- String packageName = "com.test.deny";
- String appCert = "app-cert";
- Rule failedRule =
- new Rule(
- new CompoundFormula(
- CompoundFormula.AND,
- Arrays.asList(
- new AtomicFormula.StringAtomicFormula(
- AtomicFormula.PACKAGE_NAME, packageName),
- new AtomicFormula.StringAtomicFormula(
- AtomicFormula.APP_CERTIFICATE, appCert))),
- Rule.DENY);
- Rule otherFailedRule =
- new Rule(
- new AtomicFormula.LongAtomicFormula(AtomicFormula.VERSION_CODE,
- AtomicFormula.EQ, 12),
- Rule.DENY);
-
- IntegrityCheckResult denyResult =
- IntegrityCheckResult.deny(Arrays.asList(failedRule, otherFailedRule));
-
- assertThat(denyResult.isCausedByAppCertRule()).isTrue();
- assertThat(denyResult.isCausedByInstallerRule()).isFalse();
- }
-
- @Test
- public void isDenyCausedByInstaller() {
- String packageName = "com.test.deny";
- String appCert = "app-cert";
- Rule failedRule =
- new Rule(
- new CompoundFormula(
- CompoundFormula.AND,
- Arrays.asList(
- new AtomicFormula.StringAtomicFormula(
- AtomicFormula.PACKAGE_NAME, packageName),
- new AtomicFormula.StringAtomicFormula(
- AtomicFormula.INSTALLER_CERTIFICATE, appCert))),
- Rule.DENY);
- Rule otherFailedRule =
- new Rule(
- new AtomicFormula.LongAtomicFormula(AtomicFormula.VERSION_CODE,
- AtomicFormula.EQ, 12),
- Rule.DENY);
-
- IntegrityCheckResult denyResult =
- IntegrityCheckResult.deny(Arrays.asList(failedRule, otherFailedRule));
-
- assertThat(denyResult.isCausedByAppCertRule()).isFalse();
- assertThat(denyResult.isCausedByInstallerRule()).isTrue();
- }
-}