From 3a455c2de70dfa09ff8676e3065329ad75dee1a0 Mon Sep 17 00:00:00 2001
From: wangyaohui <wangyaohui17@huawei.com>
Date: Mon, 21 Jul 2025 17:28:41 +0800
Subject: [PATCH] Signed-off-by: wangyaohui <wangyaohui17@huawei.com>

	modified:   interfaces/inner_api/code_sign_attr_utils/src/ownerid_utils.cpp

	modified:   interfaces/inner_api/code_sign_attr_utils/src/ownerid_utils.cpp
---
 .../code_sign_attr_utils/src/ownerid_utils.cpp   | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/interfaces/inner_api/code_sign_attr_utils/src/ownerid_utils.cpp b/interfaces/inner_api/code_sign_attr_utils/src/ownerid_utils.cpp
index e0d0f82..6ae3314 100644
--- a/interfaces/inner_api/code_sign_attr_utils/src/ownerid_utils.cpp
+++ b/interfaces/inner_api/code_sign_attr_utils/src/ownerid_utils.cpp
@@ -22,6 +22,7 @@
 #include <unordered_set>
 
 #define SECURE_SHIELD_MODE_KEY "ohos.boot.advsecmode.state"
+#define LARGE_SCREEN_DEVICE_KEY "const.product.providedDeviceFeatures"
 #define VALUE_MAX_LEN 32
 
 // the list will be removed before 930
@@ -30,6 +31,11 @@ static const std::unordered_set<std::string> g_tempAllowList {
 #endif
 };
 
+static const std::unordered_set<std::string> g_largeScreenAllowList {
+#ifdef SUPPORT_APP_ALLOW_LIST
+#endif
+};
+
 static const std::unordered_set<std::string> g_secureShieldAllowList {
 #ifdef SUPPORT_APP_ALLOW_LIST
 #endif
@@ -42,6 +48,13 @@ static uint32_t IsSecureShieldModeOn()
     return (strcmp(secureShieldModeValue, "0") != 0);
 }
 
+static uint32_t IsLargeScreenDevice()
+{
+    char largeScreenDeviceValue[VALUE_MAX_LEN] = {0};
+    (void)GetParameter(LARGE_SCREEN_DEVICE_KEY, "0", largeScreenDeviceValue, VALUE_MAX_LEN - 1);
+    return (strcmp(largeScreenDeviceValue, "large_screen") == 0);
+}
+
 uint32_t ConvertIdType(int idType, const char *ownerId)
 {
     if (ownerId == nullptr) {
@@ -59,7 +72,8 @@ uint32_t ConvertIdType(int idType, const char *ownerId)
             return PROCESS_OWNERID_APP_TEMP_ALLOW;
         }
     } else {
-        if (g_tempAllowList.count(ownerIdStr) != 0) {
+        if ((g_tempAllowList.count(ownerIdStr) != 0) ||
+            (IsLargeScreenDevice() && g_largeScreenAllowList.count(ownerIdStr) != 0)) {
             LOG_INFO("Xpm: app in temporary allow list");
             return PROCESS_OWNERID_APP_TEMP_ALLOW;
         }
-- 
Gitee