单独刷system.img踩坑记录

单独刷system.img踩坑记录

集成管理出的daily版本使用的签名和本地编译的签名不一致。

基于daily fastboot单刷system.img, 发现报如下权限问题。

01-01 01:31:16.993  3444  3444 D AndroidRuntime: Shutting down VM
01-01 01:31:16.994  3444  3444 E AndroidRuntime: *** FATAL EXCEPTION IN SYSTEM PROCESS: main
01-01 01:31:16.994  3444  3444 E AndroidRuntime: java.lang.IllegalStateException: Signature|privileged permissions not in privapp-permissions whitelist: {com.android.nfc (/system_ext/app/Nfc_st): android.permission.STOP_APP_SWITCHES, com.android.nfc (/system_ext/app/Nfc_st): android.permission.USER_ACTIVITY, com.android.nfc (/system_ext/app/Nfc_st): android.permission.REAL_GET_TASKS, com.android.nfc (/system_ext/app/Nfc_st): android.permission.MASTER_CLEAR, com.android.nfc (/system_ext/app/Nfc_st): android.permission.LOCAL_MAC_ADDRESS, com.android.nfc (/system_ext/app/Nfc_st): android.permission.MANAGE_USERS, com.android.nfc (/system_ext/app/Nfc_st): android.permission.STATUS_BAR, com.android.nfc (/system_ext/app/Nfc_st): android.permission.WRITE_SECURE_SETTINGS, com.android.nfc (/system_ext/app/Nfc_st): android.permission.BLUETOOTH_PRIVILEGED, com.android.nfc (/system_ext/app/Nfc_st): android.permission.START_ACTIVITIES_FROM_BACKGROUND, com.android.nfc (/system_ext/app/Nfc_st): android.permission.DISPATCH_NFC_MESSAGE, com.android.nfc (/system_ext/app/Nfc_st): android.permission.CONNECTIVITY_INTERNAL, com.android.nfc (/system_ext/app/Nfc_st): android.permission.PACKAGE_USAGE_STATS, com.android.nfc (/system_ext/app/Nfc_st): android.permission.OVERRIDE_WIFI_CONFIG, com.android.nfc (/system_ext/app/Nfc_st): android.permission.NFC_HANDOVER_STATUS}
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.server.pm.permission.PermissionManagerService.systemReady(PermissionManagerService.java:4720)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.server.pm.permission.PermissionManagerService.access$500(PermissionManagerService.java:182)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.server.pm.permission.PermissionManagerService$PermissionManagerServiceInternalImpl.systemReady(PermissionManagerService.java:4803)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.server.pm.PackageManagerService.systemReady(PackageManagerService.java:22150)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.server.SystemServer.startOtherServices(SystemServer.java:2322)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.server.SystemServer.run(SystemServer.java:614)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.server.SystemServer.main(SystemServer.java:427)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at java.lang.reflect.Method.invoke(Native Method)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:602)
01-01 01:31:16.994  3444  3444 E AndroidRuntime: 	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:930)
01-01 01:31:17.681  3706  3706 D AndroidRuntime: >>>>>> START com.android.internal.os.ZygoteInit uid 0 <<<<<<
01-01 01:31:17.683  3705  3705 D AndroidRuntime: >>>>>> START com.android.internal.os.ZygoteInit uid 0 <<<<<<
01-01 01:31:17.686  3706  3706 I AndroidRuntime: Using default boot image
01-01 01:31:17.686  3706  3706 I AndroidRuntime: Leaving lock profiling enabled
01-01 01:31:17.688  3705  3705 I AndroidRuntime: Using default boot image
01-01 01:31:17.688  3705  3705 I AndroidRuntime: Leaving lock profiling enabled

根据提示,是需要添加系统应用默认授权白名单。

例如:

generic_arm64:/system/etc/permissions $ 
generic_arm64:/system/etc/permissions $ ls -l | grep permiss                                                                                                              
-rw-r--r-- 1 root root 34748 2021-05-10 00:47 privapp-permissions-platform.xml
generic_arm64:/system/etc/permissions $ 

// 添加类似权限
    
        
        
    

根据报错,权限白名单需求,

    
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
    

但是看app是安装在system_ext/app下,并非priv-app目录。

generic_arm64:/ # pm list packages -f | grep -i nfc
package:/system_ext/app/Nfc_st/Nfc_st.apk=com.android.nfc
package:/system/app/GooglePay/GooglePay.apk=com.google.android.apps.walletnfcrel
generic_arm64:/ # 

而事实上,AOSP原生APP也并未作如此申请? 这是为什么??? 且全刷版本OK。

根据AOSP代码,排查结果认为是system_ext分区的signature和本地编译的system分区app签名不统一。

同步刷system_ext.img分区和product.img分区即可解决。

 

你可能感兴趣的:(Android)