Allow changing signing cert for system apps that use shared users
This allows changing the signing certificate of system apps that use shared users across an OTA, but still verifies that all signatures within a given boot are consistent for a given shared user. Bug: 72837107 Bug: 77973716 Bug: 74501739 Test: Flashed dev-keys build into slot b and (local) release-keys build into slot a, booted into b, then successfully booted into a without wiping userdata. Test: Same as above, but treated com.android.mtp (uses android.media UID) as PRESIGNED during release signing so it kept dev-keys. Verified it wasn't scanned first and that only that package was rejected. Test: Same as above, but treated com.android.providers.downloads (uses android.media UID) as PRESIGNED during release signing so it kept dev-keys. Verified it was scanned first (out of APKs using this UID) and that only this package was accepted. Verified other APKs using android.media UID that were scanned after were rejected. Change-Id: I2076e8358cae22e45a24aa4c32a1b8dd446679ca
Loading
Please register or sign in to comment