Android Auto as user app on GrapheneOS 13

0001-Required-changes-to-run-AndroidAuto-as-user-app.patch

From cde5dfc952297da1b0cf6cc7779abb70024c2f52 Mon Sep 17 00:00:00 2001
From: sn00x <90611925+sn-00-x@users.noreply.github.com>
Date: Thu, 4 May 2023 14:06:31 +0200
Subject: [PATCH 1/2] Required changes to run AndroidAuto as user app

---
 core/res/res/values/config.xml                |  2 +-
 .../PermissionManagerServiceImpl.java         | 28 +++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
index 9cffd4be507b..3aba12e3ab0a 100644
--- a/core/res/res/values/config.xml
+++ b/core/res/res/values/config.xml
@@ -2169,7 +2169,7 @@
     <!-- The name of the package that will hold the system gallery role. -->
     <string name="config_systemGallery" translatable="false">com.android.gallery3d</string>
     <!-- The names of the packages that will hold the automotive projection role. -->
-    <string name="config_systemAutomotiveProjection" translatable="false"></string>
+    <string name="config_systemAutomotiveProjection" translatable="false">com.google.android.projection.gearhead</string>
     <!-- The name of the package that will hold the system cluster service role. -->
     <string name="config_systemAutomotiveCluster" translatable="false"></string>
     <!-- The name of the package that will hold the system shell role. -->
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index e92d49327cc8..752cc161d27b 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -177,6 +177,26 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
     private static final String SKIP_KILL_APP_REASON_NOTIFICATION_TEST = "skip permission revoke "
             + "app kill for notification test";
 
+    /** Define allowed permissions for Android Auto */
+    private ArrayList<String> androidAutoPerms = new ArrayList<String>(
+            Arrays.asList(
+                    "android.permission.ADD_ALWAYS_UNLOCKED_DISPLAY",
+                    "android.permission.CREATE_VIRTUAL_DEVICE",
+                    "android.permission.INTERNAL_SYSTEM_WINDOW",
+                    "android.permission.MANAGE_COMPANION_DEVICES",
+                    "android.permission.MANAGE_USB",
+                    "android.permission.MODIFY_AUDIO_ROUTING",
+                    "android.permission.READ_PRIVILEGED_PHONE_STATE",
+                    "android.permission.REQUEST_COMPANION_PROFILE_AUTOMOTIVE_PROJECTION",
+                    "android.permission.TOGGLE_AUTOMOTIVE_PROJECTION",
+                    "android.permission.BLUETOOTH_PRIVILEGED",
+                    "android.permission.LOCAL_MAC_ADDRESS"
+            )
+    );
+    private Set<String> androidAutoHashes = new ArraySet<>(
+            Arrays.asList(
+                    "FDB00C43DBDE8B51CB312AA81D3B5FA17713ADB94B28F598D77F8EB89DACEEDF", // CN=gearhead, OU=Android, O=Google Inc., L=Mountain View, ST=California, C=US
+                    "1975B2F17177BC89A5DFF31F9E64A6CAE281A53DC1D1D59B1D147FE1C82AFA00" // EMAILADDRESS=android@android.com, CN=Android, OU=Android, O=Android, L=Mountain View, ST=California, C=US
+            )
+    );
 
     private static final long BACKUP_TIMEOUT_MILLIS = SECONDS.toMillis(60);
 
@@ -964,6 +984,14 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
                 return PackageManager.PERMISSION_DENIED;
             }
 
+            if (pkg.getPackageName() == "com.google.android.projection.gearhead") {
+                if(pkg.getSigningDetails().hasAncestorOrSelfWithDigest(androidAutoHashes)) {
+                    if (androidAutoPerms.contains(permissionName)) {
+                        return PackageManager.PERMISSION_GRANTED;
+                    }
+                }
+            }
+
             if (checkSinglePermissionInternalLocked(uidState, permissionName, isInstantApp)) {
                 return PackageManager.PERMISSION_GRANTED;
             }
-- 
2.34.1

0002-Fake-InitiatingPackageName-to-show-3rd-party-apps-in.patch

From 4c08ef5696f846f117a72a706340f119551ea1a5 Mon Sep 17 00:00:00 2001
From: sn00x <90611925+sn-00-x@users.noreply.github.com>
Date: Thu, 4 May 2023 14:07:10 +0200
Subject: [PATCH 2/2] Fake InitiatingPackageName to show 3rd party apps in
 AndroidAuto

---
 core/java/android/content/pm/InstallSourceInfo.java | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/core/java/android/content/pm/InstallSourceInfo.java b/core/java/android/content/pm/InstallSourceInfo.java
index 88f1a16ec3ab..ee4324b012bd 100644
--- a/core/java/android/content/pm/InstallSourceInfo.java
+++ b/core/java/android/content/pm/InstallSourceInfo.java
@@ -21,6 +21,8 @@ import android.annotation.Nullable;
 import android.os.Parcel;
 import android.os.Parcelable;
 
+import android.app.compat.gms.GmsCompat;
+
 /**
  * Information about how an app was installed.
  * @see PackageManager#getInstallSourceInfo(String)
@@ -94,6 +96,12 @@ public final class InstallSourceInfo implements Parcelable {
      */
     @Nullable
     public String getInitiatingPackageName() {
+        try {
+            if (GmsCompat.appContext().getPackageName() == "com.google.android.projection.gearhead") {
+                return "com.android.vending";
+            }
+        } catch (Exception e) {}
+
         return mInitiatingPackageName;
     }
 
-- 
2.34.1