宏隔离app_allow_list

Signed-off-by: luyifan<842825214@qq.com>

bundle.json

@@ -19,7 +19,8 @@
     "features": [
       "code_signature_support_oh_code_sign",
       "code_signature_enable_xpm_mode",
-      "code_signature_support_oh_release_app"
+      "code_signature_support_oh_release_app",
+      "code_signature_support_app_allow_list"
     ],
     "adapted_system_type": [ "standard" ],
     "rom": "1024KB",

code_signature.gni

@@ -24,6 +24,7 @@ declare_args() {
   code_signature_support_oh_code_sign = false
   code_signature_enable_xpm_mode = 0
   code_signature_support_oh_release_app = false
+  code_signature_support_app_allow_list = false
   code_signature_screenlock_mgr_enable = false
   if (defined(global_parts_info) &&
       defined(global_parts_info.theme_screenlock_mgr)) {

interfaces/innerkits/code_sign_attr_utils/BUILD.gn

@@ -19,6 +19,11 @@ config("public_attr_utils_configs") {
 }
 
 ohos_static_library("libcode_sign_attr_utils") {
+  defines = []
+  if (code_signature_support_app_allow_list) {
+    defines += [ "SUPPORT_APP_ALLOW_LIST" ]
+  }
+
   sources = [
     "src/code_sign_attr_utils.c",
     "src/ownerid_utils.cpp",

interfaces/innerkits/code_sign_attr_utils/src/ownerid_utils.cpp

@@ -25,9 +25,15 @@
 #define VALUE_MAX_LEN 32
 
 // the list will be removed before 930
-static const std::unordered_set<std::string> g_tempAllowList;
+static const std::unordered_set<std::string> g_tempAllowList {
+#ifdef SUPPORT_APP_ALLOW_LIST
+#endif
+};
 
-static const std::unordered_set<std::string> g_secureShieldAllowList;
+static const std::unordered_set<std::string> g_secureShieldAllowList {
+#ifdef SUPPORT_APP_ALLOW_LIST
+#endif
+};
 
 static uint32_t IsSecureShieldModeOn()
 {
@@ -59,4 +65,4 @@ uint32_t ConvertIdType(int idType, const char *ownerId)
         }
     }
     return idType;
-}
+}