Loading core/java/android/content/pm/PackageParser.java +0 −18 Original line number Diff line number Diff line Loading @@ -35,7 +35,6 @@ import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_PACKAGE import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NOT_APK; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NO_CERTIFICATES; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION; import static android.os.Build.VERSION_CODES.O; import static android.os.Trace.TRACE_TAG_PACKAGE_MANAGER; Loading Loading @@ -819,9 +818,6 @@ public class PackageParser { public static final int PARSE_COLLECT_CERTIFICATES = 1 << 5; public static final int PARSE_ENFORCE_CODE = 1 << 6; public static final int PARSE_FORCE_SDK = 1 << 7; /** @deprecated remove when fixing b/68860689 */ @Deprecated public static final int PARSE_IS_EPHEMERAL = 1 << 8; public static final int PARSE_CHATTY = 1 << 31; @IntDef(flag = true, prefix = { "PARSE_" }, value = { Loading @@ -832,7 +828,6 @@ public class PackageParser { PARSE_FORCE_SDK, PARSE_FORWARD_LOCK, PARSE_IGNORE_PROCESSES, PARSE_IS_EPHEMERAL, PARSE_IS_SYSTEM_DIR, PARSE_MUST_BE_APK, }) Loading Loading @@ -1524,14 +1519,6 @@ public class PackageParser { } else { verified = ApkSignatureVerifier.verify(apkPath, minSignatureScheme); } if (verified.signatureSchemeVersion < SigningDetails.SignatureSchemeVersion.SIGNING_BLOCK_V2) { // TODO (b/68860689): move this logic to packagemanagerserivce if ((parseFlags & PARSE_IS_EPHEMERAL) != 0) { throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES, "No APK Signature Scheme v2 signature in ephemeral package " + apkPath); } } // Verify that entries are signed consistently with the first pkg // we encountered. Note that for splits, certificates may have Loading Loading @@ -1982,11 +1969,6 @@ public class PackageParser { String str = sa.getNonConfigurationString( com.android.internal.R.styleable.AndroidManifest_sharedUserId, 0); if (str != null && str.length() > 0) { if ((flags & PARSE_IS_EPHEMERAL) != 0) { outError[0] = "sharedUserId not allowed in ephemeral application"; mParseError = PackageManager.INSTALL_PARSE_FAILED_BAD_SHARED_USER_ID; return null; } String nameError = validateName(str, true, false); if (nameError != null && !"android".equals(pkg.packageName)) { outError[0] = "<manifest> specifies bad sharedUserId name \"" Loading services/core/java/com/android/server/pm/PackageInstallerSession.java +2 −5 Original line number Diff line number Diff line Loading @@ -988,11 +988,8 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub { for (File addedFile : addedFiles) { final ApkLite apk; try { int flags = PackageParser.PARSE_COLLECT_CERTIFICATES; if ((params.installFlags & PackageManager.INSTALL_INSTANT_APP) != 0) { flags |= PackageParser.PARSE_IS_EPHEMERAL; } apk = PackageParser.parseApkLite(addedFile, flags); apk = PackageParser.parseApkLite( addedFile, PackageParser.PARSE_COLLECT_CERTIFICATES); } catch (PackageParserException e) { throw PackageManagerException.from(e); } Loading services/core/java/com/android/server/pm/PackageManagerService.java +32 −14 Original line number Diff line number Diff line Loading @@ -16450,7 +16450,6 @@ Slog.e("TODD", | PackageParser.PARSE_ENFORCE_CODE | (forwardLocked ? PackageParser.PARSE_FORWARD_LOCK : 0) | (onExternal ? PackageParser.PARSE_EXTERNAL_STORAGE : 0) | (instantApp ? PackageParser.PARSE_IS_EPHEMERAL : 0) | (forceSdk ? PackageParser.PARSE_FORCE_SDK : 0); PackageParser pp = new PackageParser(); pp.setSeparateProcesses(mSeparateProcesses); Loading Loading @@ -16478,20 +16477,30 @@ Slog.e("TODD", return; } // Instant apps must have target SDK >= O and have targetSanboxVersion >= 2 if (instantApp && pkg.applicationInfo.targetSdkVersion <= Build.VERSION_CODES.N_MR1) { Slog.w(TAG, "Instant app package " + pkg.packageName + " does not target O"); res.setError(INSTALL_FAILED_SANDBOX_VERSION_DOWNGRADE, "Instant app package must target O"); // Instant apps have several additional install-time checks. if (instantApp) { if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.O) { Slog.w(TAG, "Instant app package " + pkg.packageName + " does not target at least O"); res.setError(INSTALL_FAILED_INSTANT_APP_INVALID, "Instant app package must target at least O"); return; } if (instantApp && pkg.applicationInfo.targetSandboxVersion != 2) { if (pkg.applicationInfo.targetSandboxVersion != 2) { Slog.w(TAG, "Instant app package " + pkg.packageName + " does not target targetSandboxVersion 2"); res.setError(INSTALL_FAILED_SANDBOX_VERSION_DOWNGRADE, "Instant app package must use targetSanboxVersion 2"); res.setError(INSTALL_FAILED_INSTANT_APP_INVALID, "Instant app package must use targetSandboxVersion 2"); return; } if (pkg.mSharedUserId != null) { Slog.w(TAG, "Instant app package " + pkg.packageName + " may not declare sharedUserId."); res.setError(INSTALL_FAILED_INSTANT_APP_INVALID, "Instant app package may not declare a sharedUserId"); return; } } if (pkg.applicationInfo.isStaticSharedLibrary()) { // Static shared libraries have synthetic package names Loading Loading @@ -16560,6 +16569,15 @@ Slog.e("TODD", return; } if (instantApp && pkg.mSigningDetails.signatureSchemeVersion < SignatureSchemeVersion.SIGNING_BLOCK_V2) { Slog.w(TAG, "Instant app package " + pkg.packageName + " is not signed with at least APK Signature Scheme v2"); res.setError(INSTALL_FAILED_INSTANT_APP_INVALID, "Instant app package must be signed with APK Signature Scheme v2 or greater"); return; } // Get rid of all references to package scan path via parser. pp = null; String oldCodePath = null; Loading
core/java/android/content/pm/PackageParser.java +0 −18 Original line number Diff line number Diff line Loading @@ -35,7 +35,6 @@ import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_PACKAGE import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NOT_APK; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NO_CERTIFICATES; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION; import static android.os.Build.VERSION_CODES.O; import static android.os.Trace.TRACE_TAG_PACKAGE_MANAGER; Loading Loading @@ -819,9 +818,6 @@ public class PackageParser { public static final int PARSE_COLLECT_CERTIFICATES = 1 << 5; public static final int PARSE_ENFORCE_CODE = 1 << 6; public static final int PARSE_FORCE_SDK = 1 << 7; /** @deprecated remove when fixing b/68860689 */ @Deprecated public static final int PARSE_IS_EPHEMERAL = 1 << 8; public static final int PARSE_CHATTY = 1 << 31; @IntDef(flag = true, prefix = { "PARSE_" }, value = { Loading @@ -832,7 +828,6 @@ public class PackageParser { PARSE_FORCE_SDK, PARSE_FORWARD_LOCK, PARSE_IGNORE_PROCESSES, PARSE_IS_EPHEMERAL, PARSE_IS_SYSTEM_DIR, PARSE_MUST_BE_APK, }) Loading Loading @@ -1524,14 +1519,6 @@ public class PackageParser { } else { verified = ApkSignatureVerifier.verify(apkPath, minSignatureScheme); } if (verified.signatureSchemeVersion < SigningDetails.SignatureSchemeVersion.SIGNING_BLOCK_V2) { // TODO (b/68860689): move this logic to packagemanagerserivce if ((parseFlags & PARSE_IS_EPHEMERAL) != 0) { throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES, "No APK Signature Scheme v2 signature in ephemeral package " + apkPath); } } // Verify that entries are signed consistently with the first pkg // we encountered. Note that for splits, certificates may have Loading Loading @@ -1982,11 +1969,6 @@ public class PackageParser { String str = sa.getNonConfigurationString( com.android.internal.R.styleable.AndroidManifest_sharedUserId, 0); if (str != null && str.length() > 0) { if ((flags & PARSE_IS_EPHEMERAL) != 0) { outError[0] = "sharedUserId not allowed in ephemeral application"; mParseError = PackageManager.INSTALL_PARSE_FAILED_BAD_SHARED_USER_ID; return null; } String nameError = validateName(str, true, false); if (nameError != null && !"android".equals(pkg.packageName)) { outError[0] = "<manifest> specifies bad sharedUserId name \"" Loading
services/core/java/com/android/server/pm/PackageInstallerSession.java +2 −5 Original line number Diff line number Diff line Loading @@ -988,11 +988,8 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub { for (File addedFile : addedFiles) { final ApkLite apk; try { int flags = PackageParser.PARSE_COLLECT_CERTIFICATES; if ((params.installFlags & PackageManager.INSTALL_INSTANT_APP) != 0) { flags |= PackageParser.PARSE_IS_EPHEMERAL; } apk = PackageParser.parseApkLite(addedFile, flags); apk = PackageParser.parseApkLite( addedFile, PackageParser.PARSE_COLLECT_CERTIFICATES); } catch (PackageParserException e) { throw PackageManagerException.from(e); } Loading
services/core/java/com/android/server/pm/PackageManagerService.java +32 −14 Original line number Diff line number Diff line Loading @@ -16450,7 +16450,6 @@ Slog.e("TODD", | PackageParser.PARSE_ENFORCE_CODE | (forwardLocked ? PackageParser.PARSE_FORWARD_LOCK : 0) | (onExternal ? PackageParser.PARSE_EXTERNAL_STORAGE : 0) | (instantApp ? PackageParser.PARSE_IS_EPHEMERAL : 0) | (forceSdk ? PackageParser.PARSE_FORCE_SDK : 0); PackageParser pp = new PackageParser(); pp.setSeparateProcesses(mSeparateProcesses); Loading Loading @@ -16478,20 +16477,30 @@ Slog.e("TODD", return; } // Instant apps must have target SDK >= O and have targetSanboxVersion >= 2 if (instantApp && pkg.applicationInfo.targetSdkVersion <= Build.VERSION_CODES.N_MR1) { Slog.w(TAG, "Instant app package " + pkg.packageName + " does not target O"); res.setError(INSTALL_FAILED_SANDBOX_VERSION_DOWNGRADE, "Instant app package must target O"); // Instant apps have several additional install-time checks. if (instantApp) { if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.O) { Slog.w(TAG, "Instant app package " + pkg.packageName + " does not target at least O"); res.setError(INSTALL_FAILED_INSTANT_APP_INVALID, "Instant app package must target at least O"); return; } if (instantApp && pkg.applicationInfo.targetSandboxVersion != 2) { if (pkg.applicationInfo.targetSandboxVersion != 2) { Slog.w(TAG, "Instant app package " + pkg.packageName + " does not target targetSandboxVersion 2"); res.setError(INSTALL_FAILED_SANDBOX_VERSION_DOWNGRADE, "Instant app package must use targetSanboxVersion 2"); res.setError(INSTALL_FAILED_INSTANT_APP_INVALID, "Instant app package must use targetSandboxVersion 2"); return; } if (pkg.mSharedUserId != null) { Slog.w(TAG, "Instant app package " + pkg.packageName + " may not declare sharedUserId."); res.setError(INSTALL_FAILED_INSTANT_APP_INVALID, "Instant app package may not declare a sharedUserId"); return; } } if (pkg.applicationInfo.isStaticSharedLibrary()) { // Static shared libraries have synthetic package names Loading Loading @@ -16560,6 +16569,15 @@ Slog.e("TODD", return; } if (instantApp && pkg.mSigningDetails.signatureSchemeVersion < SignatureSchemeVersion.SIGNING_BLOCK_V2) { Slog.w(TAG, "Instant app package " + pkg.packageName + " is not signed with at least APK Signature Scheme v2"); res.setError(INSTALL_FAILED_INSTANT_APP_INVALID, "Instant app package must be signed with APK Signature Scheme v2 or greater"); return; } // Get rid of all references to package scan path via parser. pp = null; String oldCodePath = null;
