Merge changes from topic "revert_verification_service_main" into main

    field public static final String BIND_TRANSLATION_SERVICE = "android.permission.BIND_TRANSLATION_SERVICE";

    field public static final String BIND_TRUST_AGENT = "android.permission.BIND_TRUST_AGENT";

    field public static final String BIND_TV_REMOTE_SERVICE = "android.permission.BIND_TV_REMOTE_SERVICE";

    field @FlaggedApi("android.content.pm.verification_service") public static final String BIND_VERIFICATION_AGENT = "android.permission.BIND_VERIFICATION_AGENT";

    field public static final String BIND_VISUAL_QUERY_DETECTION_SERVICE = "android.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE";

    field public static final String BIND_WALLPAPER_EFFECTS_GENERATION_SERVICE = "android.permission.BIND_WALLPAPER_EFFECTS_GENERATION_SERVICE";

    field public static final String BIND_WEARABLE_SENSING_SERVICE = "android.permission.BIND_WEARABLE_SENSING_SERVICE";

    field @FlaggedApi("android.app.ondeviceintelligence.flags.enable_on_device_intelligence") public static final String USE_ON_DEVICE_INTELLIGENCE = "android.permission.USE_ON_DEVICE_INTELLIGENCE";

    field public static final String USE_RESERVED_DISK = "android.permission.USE_RESERVED_DISK";

    field public static final String UWB_PRIVILEGED = "android.permission.UWB_PRIVILEGED";

    field @FlaggedApi("android.content.pm.verification_service") public static final String VERIFICATION_AGENT = "android.permission.VERIFICATION_AGENT";

    field @FlaggedApi("android.os.vibrator.vendor_vibration_effects") public static final String VIBRATE_VENDOR_EFFECTS = "android.permission.VIBRATE_VENDOR_EFFECTS";

    field public static final String WHITELIST_AUTO_REVOKE_PERMISSIONS = "android.permission.WHITELIST_AUTO_REVOKE_PERMISSIONS";

    field public static final String WHITELIST_RESTRICTED_PERMISSIONS = "android.permission.WHITELIST_RESTRICTED_PERMISSIONS";

  }

  public class PackageInstaller {

    method @FlaggedApi("android.content.pm.verification_service") @RequiresPermission(android.Manifest.permission.VERIFICATION_AGENT) public final int getVerificationPolicy();

    method @NonNull public android.content.pm.PackageInstaller.InstallInfo readInstallInfo(@NonNull java.io.File, int) throws android.content.pm.PackageInstaller.PackageParsingException;

    method @FlaggedApi("android.content.pm.read_install_info") @NonNull public android.content.pm.PackageInstaller.InstallInfo readInstallInfo(@NonNull android.os.ParcelFileDescriptor, @Nullable String, int) throws android.content.pm.PackageInstaller.PackageParsingException;

    method @RequiresPermission(android.Manifest.permission.INSTALL_PACKAGES) public void setPermissionsResult(int, boolean);

    method @FlaggedApi("android.content.pm.verification_service") @RequiresPermission(android.Manifest.permission.VERIFICATION_AGENT) public final boolean setVerificationPolicy(int);

    field public static final String ACTION_CONFIRM_INSTALL = "android.content.pm.action.CONFIRM_INSTALL";

    field public static final String ACTION_CONFIRM_PRE_APPROVAL = "android.content.pm.action.CONFIRM_PRE_APPROVAL";

    field public static final int DATA_LOADER_TYPE_INCREMENTAL = 2; // 0x2

    field @FlaggedApi("android.content.pm.archiving") public static final String EXTRA_DELETE_FLAGS = "android.content.pm.extra.DELETE_FLAGS";

    field public static final String EXTRA_LEGACY_STATUS = "android.content.pm.extra.LEGACY_STATUS";

    field @Deprecated public static final String EXTRA_RESOLVED_BASE_PATH = "android.content.pm.extra.RESOLVED_BASE_PATH";

    field @FlaggedApi("android.content.pm.verification_service") public static final String EXTRA_VERIFICATION_FAILURE_REASON = "android.content.pm.extra.VERIFICATION_FAILURE_REASON";

    field public static final int LOCATION_DATA_APP = 0; // 0x0

    field public static final int LOCATION_MEDIA_DATA = 2; // 0x2

    field public static final int LOCATION_MEDIA_OBB = 1; // 0x1

    field public static final int REASON_CONFIRM_PACKAGE_CHANGE = 0; // 0x0

    field public static final int REASON_OWNERSHIP_CHANGED = 1; // 0x1

    field public static final int REASON_REMIND_OWNERSHIP = 2; // 0x2

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_NETWORK_UNAVAILABLE = 1; // 0x1

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_PACKAGE_BLOCKED = 2; // 0x2

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_UNKNOWN = 0; // 0x0

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_POLICY_BLOCK_FAIL_CLOSED = 3; // 0x3

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_POLICY_BLOCK_FAIL_OPEN = 1; // 0x1

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_POLICY_BLOCK_FAIL_WARN = 2; // 0x2

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_POLICY_NONE = 0; // 0x0

  }

  public static class PackageInstaller.InstallInfo {

    method @Deprecated @RequiresPermission(android.Manifest.permission.INTENT_FILTER_VERIFICATION_AGENT) public abstract void verifyIntentFilter(int, int, @NonNull java.util.List<java.lang.String>);

    field public static final String ACTION_REQUEST_PERMISSIONS = "android.content.pm.action.REQUEST_PERMISSIONS";

    field public static final String ACTION_REQUEST_PERMISSIONS_FOR_OTHER = "android.content.pm.action.REQUEST_PERMISSIONS_FOR_OTHER";

    field @FlaggedApi("android.content.pm.verification_service") public static final String ACTION_VERIFY_PACKAGE = "android.content.pm.action.VERIFY_PACKAGE";

    field @FlaggedApi("android.content.pm.asl_in_apk_app_metadata_source") public static final int APP_METADATA_SOURCE_APK = 1; // 0x1

    field @FlaggedApi("android.content.pm.asl_in_apk_app_metadata_source") public static final int APP_METADATA_SOURCE_INSTALLER = 2; // 0x2

    field @FlaggedApi("android.content.pm.asl_in_apk_app_metadata_source") public static final int APP_METADATA_SOURCE_SYSTEM_IMAGE = 3; // 0x3

}

package android.content.pm.verify.pkg {

  @FlaggedApi("android.content.pm.verification_service") public final class VerificationSession implements android.os.Parcelable {

    method public int describeContents();

    method public long extendTimeRemaining(long);

    method @NonNull public java.util.List<android.content.pm.SharedLibraryInfo> getDeclaredLibraries();

    method @NonNull public android.os.PersistableBundle getExtensionParams();

    method public int getId();

    method public int getInstallSessionId();

    method @NonNull public String getPackageName();

    method @NonNull public android.content.pm.SigningInfo getSigningInfo();

    method @NonNull public android.net.Uri getStagedPackageUri();

    method public long getTimeoutTime();

    method public int getVerificationPolicy();

    method public void reportVerificationComplete(@NonNull android.content.pm.verify.pkg.VerificationStatus);

    method public void reportVerificationComplete(@NonNull android.content.pm.verify.pkg.VerificationStatus, @NonNull android.os.PersistableBundle);

    method public void reportVerificationIncomplete(int);

    method public boolean setVerificationPolicy(int);

    method public void writeToParcel(@NonNull android.os.Parcel, int);

    field @NonNull public static final android.os.Parcelable.Creator<android.content.pm.verify.pkg.VerificationSession> CREATOR;

    field public static final int VERIFICATION_INCOMPLETE_NETWORK_UNAVAILABLE = 1; // 0x1

    field public static final int VERIFICATION_INCOMPLETE_UNKNOWN = 0; // 0x0

  }

  @FlaggedApi("android.content.pm.verification_service") public final class VerificationStatus implements android.os.Parcelable {

    method public int describeContents();

    method public int getAslStatus();

    method @NonNull public String getFailureMessage();

    method public boolean isVerified();

    method public void writeToParcel(@NonNull android.os.Parcel, int);

    field @NonNull public static final android.os.Parcelable.Creator<android.content.pm.verify.pkg.VerificationStatus> CREATOR;

    field public static final int VERIFIER_STATUS_ASL_BAD = 2; // 0x2

    field public static final int VERIFIER_STATUS_ASL_GOOD = 1; // 0x1

    field public static final int VERIFIER_STATUS_ASL_UNDEFINED = 0; // 0x0

  }

  public static final class VerificationStatus.Builder {

    ctor public VerificationStatus.Builder();

    method @NonNull public android.content.pm.verify.pkg.VerificationStatus build();

    method @NonNull public android.content.pm.verify.pkg.VerificationStatus.Builder setAslStatus(int);

    method @NonNull public android.content.pm.verify.pkg.VerificationStatus.Builder setFailureMessage(@NonNull String);

    method @NonNull public android.content.pm.verify.pkg.VerificationStatus.Builder setVerified(boolean);

  }

  @FlaggedApi("android.content.pm.verification_service") public abstract class VerifierService extends android.app.Service {

    ctor public VerifierService();

    method @Nullable public android.os.IBinder onBind(@Nullable android.content.Intent);

    method public abstract void onPackageNameAvailable(@NonNull String);

    method public abstract void onVerificationCancelled(@NonNull String);

    method public abstract void onVerificationRequired(@NonNull android.content.pm.verify.pkg.VerificationSession);

    method public abstract void onVerificationRetry(@NonNull android.content.pm.verify.pkg.VerificationSession);

    method public abstract void onVerificationTimeout(int);

  }

}

package android.content.rollback {

  public final class PackageRollbackInfo implements android.os.Parcelable {

    @JavaPassthrough(annotation="@android.annotation.RequiresPermission(anyOf={android.Manifest.permission.INSTALL_PACKAGES,android.Manifest.permission.REQUEST_INSTALL_PACKAGES})")

    void reportUnarchivalStatus(int unarchiveId, int status, long requiredStorageBytes, in PendingIntent userActionIntent, in UserHandle userHandle);

    @EnforcePermission("VERIFICATION_AGENT")

    int getVerificationPolicy(int userId);

    @EnforcePermission("VERIFICATION_AGENT")

    boolean setVerificationPolicy(int policy, int userId);

}

import android.content.pm.parsing.result.ParseResult;

import android.content.pm.parsing.result.ParseTypeImpl;

import android.content.pm.verify.domain.DomainSet;

import android.content.pm.verify.pkg.VerificationSession;

import android.content.pm.verify.pkg.VerificationStatus;

import android.graphics.Bitmap;

import android.icu.util.ULocale;

import android.net.Uri;

     */

    public static final String EXTRA_WARNINGS = "android.content.pm.extra.WARNINGS";

    /**

     * When verification is blocked as part of the installation, additional reason for the block

     * will be provided to the installer with a {@link VerificationFailedReason} as part of the

     * installation result returned via the {@link IntentSender} in

     * {@link Session#commit(IntentSender)}. This extra is provided only when the installation has

     * failed. Installers can use this extra to check if the installation failure was caused by a

     * verification failure.

     *

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final String EXTRA_VERIFICATION_FAILURE_REASON =

            "android.content.pm.extra.VERIFICATION_FAILURE_REASON";

    /**

     * Streaming installation pending.

     * Caller should make sure DataLoader is able to prepare image and reinitiate the operation.

    @Retention(RetentionPolicy.SOURCE)

    public @interface UnarchivalStatus {}

    /**

     * Verification failed because of unknown reasons, such as when the verifier times out or cannot

     * be connected. It can also corresponds to the status of

     * {@link VerificationSession#VERIFICATION_INCOMPLETE_UNKNOWN} reported by the verifier via

     * {@link VerificationSession#reportVerificationIncomplete(int)}.

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_FAILED_REASON_UNKNOWN = 0;

    /**

     * Verification failed because the network is unavailable. This corresponds to the status of

     * {@link VerificationSession#VERIFICATION_INCOMPLETE_NETWORK_UNAVAILABLE} reported by the

     * verifier via {@link VerificationSession#reportVerificationIncomplete(int)}.

     *

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_FAILED_REASON_NETWORK_UNAVAILABLE = 1;

    /**

     * Verification failed because the package is blocked, as reported by the verifier via

     * {@link VerificationSession#reportVerificationComplete(VerificationStatus)} or

     * {@link VerificationSession#reportVerificationComplete(VerificationStatus, PersistableBundle)}

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_FAILED_REASON_PACKAGE_BLOCKED = 2;

    /**

     * @hide

     */

    @IntDef(value = {

            VERIFICATION_FAILED_REASON_UNKNOWN,

            VERIFICATION_FAILED_REASON_NETWORK_UNAVAILABLE,

            VERIFICATION_FAILED_REASON_PACKAGE_BLOCKED,

    })

    public @interface VerificationFailedReason {

    }

    /**

     * Do not block installs, regardless of verification status.

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_POLICY_NONE = 0; // platform default

    /**

     * Only block installations on {@link #VERIFICATION_FAILED_REASON_PACKAGE_BLOCKED}.

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_POLICY_BLOCK_FAIL_OPEN = 1;

    /**

     * Only block installations on {@link #VERIFICATION_FAILED_REASON_PACKAGE_BLOCKED} and ask the

     * user if they'd like to install anyway when the verification is blocked for other reason.

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_POLICY_BLOCK_FAIL_WARN = 2;

    /**

     * Block installations whose verification status is blocked for any reason.

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_POLICY_BLOCK_FAIL_CLOSED = 3;

    /**

     * @hide

     */

    @IntDef(value = {

            VERIFICATION_POLICY_NONE,

            VERIFICATION_POLICY_BLOCK_FAIL_OPEN,

            VERIFICATION_POLICY_BLOCK_FAIL_WARN,

            VERIFICATION_POLICY_BLOCK_FAIL_CLOSED,

    })

    @Retention(RetentionPolicy.SOURCE)

    public @interface VerificationPolicy {

    }

    /** Default set of checksums - includes all available checksums.

     * @see Session#requestChecksums  */

        }

    }

    /**

     * Return the current verification enforcement policy. This may only be called by the

     * package currently set by the system as the verifier agent.

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    @RequiresPermission(android.Manifest.permission.VERIFICATION_AGENT)

    public final @VerificationPolicy int getVerificationPolicy() {

        try {

            return mInstaller.getVerificationPolicy(mUserId);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }

    /**

     * Set the current verification enforcement policy which will be applied to all the future

     * installation sessions. This may only be called by the package currently set by the system as

     * the verifier agent.

     * @hide

     * @return whether the new policy was successfully set.

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    @RequiresPermission(android.Manifest.permission.VERIFICATION_AGENT)

    public final boolean setVerificationPolicy(@VerificationPolicy int policy) {

        try {

            return mInstaller.setVerificationPolicy(policy, mUserId);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }

    /**

     * An installation that is being actively staged. For an install to succeed,

     * all existing and new packages must have identical package names, version

        /** {@hide} */

        public @Nullable String dexoptCompilerFilter = null;

        /** {@hide} */

        public boolean forceVerification;

        /** {@hide} */

        public boolean isAutoInstallDependenciesEnabled = true;

        private final ArrayMap<String, Integer> mPermissionStates;

            developmentInstallFlags = source.readInt();

            unarchiveId = source.readInt();

            dexoptCompilerFilter = source.readString();

            forceVerification = source.readBoolean();

            isAutoInstallDependenciesEnabled = source.readBoolean();

        }

            ret.developmentInstallFlags = developmentInstallFlags;

            ret.unarchiveId = unarchiveId;

            ret.dexoptCompilerFilter = dexoptCompilerFilter;

            ret.forceVerification = forceVerification;

            ret.isAutoInstallDependenciesEnabled = isAutoInstallDependenciesEnabled;

            return ret;

        }

            return grantedPermissions.toArray(ArrayUtils.emptyArray(String.class));

        }

        /**

         * Used by adb installations to force enable the verification for this install.

         * {@hide}

         */

        public void setForceVerification() {

            this.forceVerification = true;

        }

        /**

         * Optionally indicate whether missing SDK or static shared library dependencies should be

         * automatically fetched and installed when installing an app that wants to use these

            pw.printHexPair("developmentInstallFlags", developmentInstallFlags);

            pw.printPair("unarchiveId", unarchiveId);

            pw.printPair("dexoptCompilerFilter", dexoptCompilerFilter);

            pw.printPair("forceVerification", forceVerification);

            pw.printPair("isAutoInstallDependenciesEnabled", isAutoInstallDependenciesEnabled);

            pw.println();

        }

            dest.writeInt(developmentInstallFlags);

            dest.writeInt(unarchiveId);

            dest.writeString(dexoptCompilerFilter);

            dest.writeBoolean(forceVerification);

            dest.writeBoolean(isAutoInstallDependenciesEnabled);

        }

    public static final String ACTION_REQUEST_PERMISSIONS_FOR_OTHER =

            "android.content.pm.action.REQUEST_PERMISSIONS_FOR_OTHER";

    /**

     * Used by the system to query a {@link android.content.pm.verify.pkg.VerifierService} provider,

     * which registers itself via an intent-filter handling this action.

     *

     * <p class="note">Only the system can bind to such a verifier service. This is protected by the

     * {@link android.Manifest.permission#BIND_VERIFICATION_AGENT} permission. The verifier service

     * app should protect the service by adding this permission in the service declaration in its

     * manifest.

     * <p>

     * A verifier service must be a privileged app and hold the

     * {@link android.Manifest.permission#VERIFICATION_AGENT} permission.

     *

     * @hide

     */

    @SystemApi

    @FlaggedApi(android.content.pm.Flags.FLAG_VERIFICATION_SERVICE)

    @SdkConstant(SdkConstantType.SERVICE_ACTION)

    public static final String ACTION_VERIFY_PACKAGE = "android.content.pm.action.VERIFY_PACKAGE";

    /**

     * The names of the requested permissions.

     * <p>

    bug: "361776825"

}

flag {

    name: "verification_service"

    namespace: "package_manager_service"

    description: "Feature flag to enable the new verification service."

    bug: "360129103"

    is_fixed_read_only: true

}

flag {

    name: "sdk_dependency_installer"

    is_exported: true