Merge changes If24a29e6,I59c0a7ed,I2e82f0ba,Ie238338a (3d68a330) · Commits · e / os / android_frameworks_base

apct-tests/perftests/packagemanager/src/android/os/PackageParsingPerfTest.kt

+8 −7

Original line number	Diff line number	Diff line
		@@ -26,7 +26,7 @@ import android.perftests.utils.BenchmarkState
		import android.perftests.utils.PerfStatusReporter
		import androidx.test.filters.LargeTest
		import com.android.internal.util.ConcurrentUtils
		import com.android.server.pm.pkg.parsing.ParsingPackageImpl
		import com.android.server.pm.parsing.pkg.PackageImpl
		import com.android.server.pm.pkg.parsing.ParsingPackageUtils
		import libcore.io.IoUtils
		import org.junit.Rule
		@@ -190,7 +190,7 @@ public class PackageParsingPerfTest {
		}

		class ParallelParser2(cacher: PackageCacher2? = null)
		: ParallelParser<ParsingPackageImpl>(cacher) {
		: ParallelParser<PackageImpl>(cacher) {
		val input = ThreadLocal.withInitial {
		// For testing, just disable enforcement to avoid hooking up to compat framework
		ParseTypeImpl(ParseInput.Callback { _, _, _ -> false })
		@@ -208,17 +208,18 @@ public class PackageParsingPerfTest {
		path: String,
		manifestArray: TypedArray,
		isCoreApp: Boolean
		) = ParsingPackageImpl(
		) = PackageImpl(
		packageName,
		baseApkPath,
		path,
		manifestArray
		manifestArray,
		isCoreApp,
		)
		})

		override fun parseImpl(file: File) =
		parser.parsePackage(input.get()!!.reset(), file, 0, null).result
		as ParsingPackageImpl
		as PackageImpl
		}

		abstract class PackageCacher<PackageType : Parcelable>(private val cacheDir: File) {
		@@ -274,8 +275,8 @@ public class PackageParsingPerfTest {
		/**
		* Re-implementation of the server side PackageCacher, as it's inaccessible here.
		*/
		class PackageCacher2(cacheDir: File) : PackageCacher<ParsingPackageImpl>(cacheDir) {
		class PackageCacher2(cacheDir: File) : PackageCacher<PackageImpl>(cacheDir) {
		override fun fromParcel(parcel: Parcel) =
		ParsingPackageImpl(parcel)
		PackageImpl(parcel)
		}
		}

services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java

+40 −56

Original line number	Diff line number	Diff line
		@@ -44,7 +44,6 @@ import android.content.pm.PackageManagerInternal;
		import android.content.pm.ParceledListSlice;
		import android.content.pm.Signature;
		import android.content.pm.SigningDetails;
		import android.content.pm.SigningInfo;
		import android.content.pm.parsing.result.ParseResult;
		import android.content.pm.parsing.result.ParseTypeImpl;
		import android.net.Uri;
		@@ -52,23 +51,21 @@ import android.os.Binder;
		import android.os.Bundle;
		import android.os.Handler;
		import android.os.HandlerThread;
		import android.os.UserHandle;
		import android.provider.Settings;
		import android.util.Pair;
		import android.util.Slog;
		import android.util.apk.SourceStampVerificationResult;
		import android.util.apk.SourceStampVerifier;

		import com.android.internal.R;
		import com.android.internal.annotations.VisibleForTesting;
		import com.android.internal.util.ArrayUtils;
		import com.android.internal.util.FrameworkStatsLog;
		import com.android.server.LocalServices;
		import com.android.server.integrity.engine.RuleEvaluationEngine;
		import com.android.server.integrity.model.IntegrityCheckResult;
		import com.android.server.integrity.model.RuleMetadata;
		import com.android.server.pm.parsing.PackageInfoUtils;
		import com.android.server.pm.parsing.PackageParser2;
		import com.android.server.pm.parsing.pkg.ParsedPackage;
		import com.android.server.pm.pkg.PackageUserStateInternal;
		import com.android.server.pm.pkg.parsing.ParsingPackageUtils;

		import java.io.ByteArrayInputStream;
		@@ -297,8 +294,9 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub {

		String packageName = intent.getStringExtra(EXTRA_PACKAGE_NAME);

		PackageInfo packageInfo = getPackageArchiveInfo(intent.getData());
		if (packageInfo == null) {
		Pair<SigningDetails, Bundle> packageSigningAndMetadata =
		getPackageSigningAndMetadata(intent.getData());
		if (packageSigningAndMetadata == null) {
		Slog.w(TAG, "Cannot parse package " + packageName);
		// We can't parse the package.
		mPackageManagerInternal.setIntegrityVerificationResult(
		@@ -306,8 +304,9 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub {
		return;
		}

		List<String> appCertificates = getCertificateFingerprint(packageInfo);
		List<String> appCertificateLineage = getCertificateLineage(packageInfo);
		var signingDetails = packageSigningAndMetadata.first;
		List<String> appCertificates = getCertificateFingerprint(packageName, signingDetails);
		List<String> appCertificateLineage = getCertificateLineage(packageName, signingDetails);
		List<String> installerCertificates =
		getInstallerCertificateFingerprint(installerPackageName);

		@@ -320,7 +319,10 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub {
		builder.setInstallerName(getPackageNameNormalized(installerPackageName));
		builder.setInstallerCertificates(installerCertificates);
		builder.setIsPreInstalled(isSystemApp(packageName));
		builder.setAllowedInstallersAndCert(getAllowedInstallers(packageInfo));

		Map<String, String> allowedInstallers =
		getAllowedInstallers(packageSigningAndMetadata.second);
		builder.setAllowedInstallersAndCert(allowedInstallers);
		extractSourceStamp(intent.getData(), builder);

		AppInstallMetadata appInstallMetadata = builder.build();
		@@ -331,7 +333,7 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub {
		"To be verified: "
		+ appInstallMetadata
		+ " installers "
		+ getAllowedInstallers(packageInfo));
		+ allowedInstallers);
		}
		IntegrityCheckResult result = mEvaluationEngine.evaluate(appInstallMetadata);
		if (!result.getMatchedRules().isEmpty() \|\| DEBUG_INTEGRITY_COMPONENT) {
		@@ -443,38 +445,37 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub {
		if (installer.equals(ADB_INSTALLER) \|\| installer.equals(UNKNOWN_INSTALLER)) {
		return Collections.emptyList();
		}
		try {
		PackageInfo installerInfo =
		mContext.getPackageManager()
		.getPackageInfo(installer, PackageManager.GET_SIGNING_CERTIFICATES);
		return getCertificateFingerprint(installerInfo);
		} catch (PackageManager.NameNotFoundException e) {
		var installerPkg = mPackageManagerInternal.getPackage(installer);
		if (installerPkg == null) {
		Slog.w(TAG, "Installer package " + installer + " not found.");
		return Collections.emptyList();
		}
		return getCertificateFingerprint(installerPkg.getPackageName(),
		installerPkg.getSigningDetails());
		}

		private List<String> getCertificateFingerprint(@NonNull PackageInfo packageInfo) {
		private List<String> getCertificateFingerprint(@NonNull String packageName,
		@NonNull SigningDetails signingDetails) {
		ArrayList<String> certificateFingerprints = new ArrayList();
		for (Signature signature : getSignatures(packageInfo)) {
		for (Signature signature : getSignatures(packageName, signingDetails)) {
		certificateFingerprints.add(getFingerprint(signature));
		}
		return certificateFingerprints;
		}

		private List<String> getCertificateLineage(@NonNull PackageInfo packageInfo) {
		private List<String> getCertificateLineage(@NonNull String packageName,
		@NonNull SigningDetails signingDetails) {
		ArrayList<String> certificateLineage = new ArrayList();
		for (Signature signature : getSignatureLineage(packageInfo)) {
		for (Signature signature : getSignatureLineage(packageName, signingDetails)) {
		certificateLineage.add(getFingerprint(signature));
		}
		return certificateLineage;
		}

		/** Get the allowed installers and their associated certificate hashes from <meta-data> tag. */
		private Map<String, String> getAllowedInstallers(@NonNull PackageInfo packageInfo) {
		private Map<String, String> getAllowedInstallers(@Nullable Bundle metaData) {
		Map<String, String> packageCertMap = new HashMap<>();
		if (packageInfo.applicationInfo != null && packageInfo.applicationInfo.metaData != null) {
		Bundle metaData = packageInfo.applicationInfo.metaData;
		if (metaData != null) {
		String allowedInstallers = metaData.getString(ALLOWED_INSTALLERS_METADATA_NAME);
		if (allowedInstallers != null) {
		// parse the metadata for certs.
		@@ -540,32 +541,25 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub {
		}
		}

		private static Signature[] getSignatures(@NonNull PackageInfo packageInfo) {
		SigningInfo signingInfo = packageInfo.signingInfo;

		if (signingInfo == null \|\| signingInfo.getApkContentsSigners().length < 1) {
		throw new IllegalArgumentException("Package signature not found in " + packageInfo);
		private static Signature[] getSignatures(@NonNull String packageName,
		@NonNull SigningDetails signingDetails) {
		Signature[] signatures = signingDetails.getSignatures();
		if (signatures == null \|\| signatures.length < 1) {
		throw new IllegalArgumentException("Package signature not found in " + packageName);
		}

		// We are only interested in evaluating the active signatures.
		return signingInfo.getApkContentsSigners();
		}

		private static Signature[] getSignatureLineage(@NonNull PackageInfo packageInfo) {
		// Obtain the signing info of the package.
		SigningInfo signingInfo = packageInfo.signingInfo;
		if (signingInfo == null) {
		throw new IllegalArgumentException(
		"Package signature not found in " + packageInfo);
		return signatures;
		}

		private static Signature[] getSignatureLineage(@NonNull String packageName,
		@NonNull SigningDetails signingDetails) {
		// Obtain the active signatures of the package.
		Signature[] signatureLineage = getSignatures(packageInfo);
		Signature[] signatureLineage = getSignatures(packageName, signingDetails);

		var pastSignatures = signingDetails.getPastSigningCertificates();
		// Obtain the past signatures of the package.
		if (!signingInfo.hasMultipleSigners() && signingInfo.hasPastSigningCertificates()) {
		Signature[] pastSignatures = signingInfo.getSigningCertificateHistory();

		if (signatureLineage.length == 1 && !ArrayUtils.isEmpty(pastSignatures)) {
		// Merge the signatures and return.
		Signature[] allSignatures =
		new Signature[signatureLineage.length + pastSignatures.length];
		@@ -614,15 +608,15 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub {
		}
		}

		private PackageInfo getPackageArchiveInfo(Uri dataUri) {
		@Nullable
		private Pair<SigningDetails, Bundle> getPackageSigningAndMetadata(Uri dataUri) {
		File installationPath = getInstallationPath(dataUri);
		if (installationPath == null) {
		throw new IllegalArgumentException("Installation path is null, package not found");
		}

		try (PackageParser2 parser = mParserSupplier.get()) {
		ParsedPackage pkg = parser.parsePackage(installationPath, 0, false);
		int flags = PackageManager.GET_SIGNING_CERTIFICATES \| PackageManager.GET_META_DATA;
		var pkg = parser.parsePackage(installationPath, 0, false);
		// APK signatures is already verified elsewhere in PackageManager. We do not need to
		// verify it again since it could cause a timeout for large APKs.
		final ParseTypeImpl input = ParseTypeImpl.forDefaultParsing();
		@@ -632,17 +626,7 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub {
		Slog.w(TAG, result.getErrorMessage(), result.getException());
		return null;
		}
		pkg.setSigningDetails(result.getResult());
		return PackageInfoUtils.generate(
		pkg,
		null,
		flags,
		0,
		0,
		null,
		PackageUserStateInternal.DEFAULT,
		UserHandle.getCallingUserId(),
		null);
		return Pair.create(result.getResult(), pkg.getMetaData());
		} catch (Exception e) {
		Slog.w(TAG, "Exception reading " + dataUri, e);
		return null;

services/core/java/com/android/server/pm/ComputerEngine.java

+5 −7

Original line number	Diff line number	Diff line
		@@ -143,7 +143,6 @@ import com.android.server.pm.pkg.component.ParsedIntentInfo;
		import com.android.server.pm.pkg.component.ParsedMainComponent;
		import com.android.server.pm.pkg.component.ParsedProvider;
		import com.android.server.pm.pkg.component.ParsedService;
		import com.android.server.pm.pkg.parsing.PackageInfoWithoutStateUtils;
		import com.android.server.pm.resolution.ComponentResolverApi;
		import com.android.server.pm.verify.domain.DomainVerificationManagerInternal;
		import com.android.server.pm.verify.domain.DomainVerificationUtils;
		@@ -905,7 +904,7 @@ public class ComputerEngine implements Computer {
		a, flags, ps.getUserStateOrDefault(userId), userId, ps);
		}
		if (resolveComponentName().equals(component)) {
		return PackageInfoWithoutStateUtils.generateDelegateActivityInfo(mResolveActivity,
		return PackageInfoUtils.generateDelegateActivityInfo(mResolveActivity,
		flags, PackageUserStateInternal.DEFAULT, userId);
		}
		return null;
		@@ -1591,8 +1590,7 @@ public class ComputerEngine implements Computer {
		return result;
		}
		final ResolveInfo ephemeralInstaller = new ResolveInfo(mInstantAppInstallerInfo);
		ephemeralInstaller.activityInfo =
		PackageInfoWithoutStateUtils.generateDelegateActivityInfo(
		ephemeralInstaller.activityInfo = PackageInfoUtils.generateDelegateActivityInfo(
		instantAppInstallerActivity(), 0 /flags/,
		ps.getUserStateOrDefault(userId), userId);
		ephemeralInstaller.match = IntentFilter.MATCH_CATEGORY_SCHEME_SPECIFIC_PART
		@@ -1681,7 +1679,7 @@ public class ComputerEngine implements Computer {
		ai.setVersionCode(ps.getVersionCode());
		ai.flags = ps.getFlags();
		ai.privateFlags = ps.getPrivateFlags();
		pi.applicationInfo = PackageInfoWithoutStateUtils.generateDelegateApplicationInfo(
		pi.applicationInfo = PackageInfoUtils.generateDelegateApplicationInfo(
		ai, flags, state, userId);

		if (DEBUG_PACKAGE_INFO) {

services/core/java/com/android/server/pm/Settings.java

+3 −4

Original line number	Diff line number	Diff line
		@@ -116,7 +116,6 @@ import com.android.server.pm.pkg.component.ParsedComponent;
		import com.android.server.pm.pkg.component.ParsedIntentInfo;
		import com.android.server.pm.pkg.component.ParsedPermission;
		import com.android.server.pm.pkg.component.ParsedProcess;
		import com.android.server.pm.pkg.parsing.PackageInfoWithoutStateUtils;
		import com.android.server.pm.resolution.ComponentResolver;
		import com.android.server.pm.verify.domain.DomainVerificationLegacySettings;
		import com.android.server.pm.verify.domain.DomainVerificationManagerInternal;
		@@ -2687,8 +2686,8 @@ public final class Settings implements Watchable, Snappable {
		for (final PackageSetting pkg : mPackages.values()) {
		// TODO(b/135203078): This doesn't handle multiple users
		final String dataPath = pkg.getPkg() == null ? null :
		PackageInfoWithoutStateUtils.getDataDir(pkg.getPkg(),
		UserHandle.USER_SYSTEM).getAbsolutePath();
		PackageInfoUtils.getDataDir(pkg.getPkg(), UserHandle.USER_SYSTEM)
		.getAbsolutePath();

		if (pkg.getPkg() == null \|\| dataPath == null) {
		if (!"android".equals(pkg.getPackageName())) {
		@@ -4619,7 +4618,7 @@ public final class Settings implements Watchable, Snappable {
		pw.append(prefix).append(" queriesIntents=")
		.println(ps.getPkg().getQueriesIntents());
		}
		File dataDir = PackageInfoWithoutStateUtils.getDataDir(pkg, UserHandle.myUserId());
		File dataDir = PackageInfoUtils.getDataDir(pkg, UserHandle.myUserId());
		pw.print(prefix); pw.print(" dataDir="); pw.println(dataDir.getAbsolutePath());
		pw.print(prefix); pw.print(" supportsScreens=[");
		boolean first = true;

services/core/java/com/android/server/pm/dex/ArtManagerService.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -53,8 +53,8 @@ import com.android.server.LocalServices;
		import com.android.server.pm.Installer;
		import com.android.server.pm.Installer.InstallerException;
		import com.android.server.pm.PackageManagerServiceCompilerMapping;
		import com.android.server.pm.parsing.PackageInfoUtils;
		import com.android.server.pm.parsing.pkg.AndroidPackage;
		import com.android.server.pm.pkg.parsing.PackageInfoWithoutStateUtils;

		import dalvik.system.DexFile;
		import dalvik.system.VMRuntime;
		@@ -488,7 +488,7 @@ public class ArtManagerService extends android.content.pm.dex.IArtManager.Stub {
		final String packageName = pkg.getPackageName();
		final String apkPath = pkg.getBaseApkPath();
		// TODO(b/143971007): Use a cross-user directory
		File dataDir = PackageInfoWithoutStateUtils.getDataDir(pkg, UserHandle.myUserId());
		File dataDir = PackageInfoUtils.getDataDir(pkg, UserHandle.myUserId());
		final String outDexFile = dataDir.getAbsolutePath() + "/code_cache/compiled_view.dex";
		if (pkg.isPrivileged() \|\| pkg.isUseEmbeddedDex()
		\|\| pkg.isDefaultToDeviceProtectedStorage()) {