Separate package managers view of installer and permissions controller. (6182ceab) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/PackageInstallerSession.java

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -950,7 +950,7 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
	// User needs to confirm installation; give installer an intent they can use to involve		// User needs to confirm installation; give installer an intent they can use to involve
	// user.		// user.
	final Intent intent = new Intent(PackageInstaller.ACTION_CONFIRM_INSTALL);		final Intent intent = new Intent(PackageInstaller.ACTION_CONFIRM_INSTALL);
	intent.setPackage(mContext.getPackageManager().getPermissionControllerPackageName());		intent.setPackage(mPm.getPackageInstallerPackageName());
	intent.putExtra(PackageInstaller.EXTRA_SESSION_ID, sessionId);		intent.putExtra(PackageInstaller.EXTRA_SESSION_ID, sessionId);
	try {		try {
	mRemoteObserver.onUserActionRequired(intent);		mRemoteObserver.onUserActionRequired(intent);

services/core/java/com/android/server/pm/PackageManagerService.java

+34 −0

Original line number	Original line	Diff line number	Diff line
	@@ -1388,6 +1388,7 @@ public class PackageManagerService extends IPackageManager.Stub
	final @Nullable String mRequiredVerifierPackage;		final @Nullable String mRequiredVerifierPackage;
	final @NonNull String mRequiredInstallerPackage;		final @NonNull String mRequiredInstallerPackage;
	final @NonNull String mRequiredUninstallerPackage;		final @NonNull String mRequiredUninstallerPackage;
			final String mRequiredPermissionControllerPackage;
	final @Nullable String mSetupWizardPackage;		final @Nullable String mSetupWizardPackage;
	final @Nullable String mStorageManagerPackage;		final @Nullable String mStorageManagerPackage;
	final @Nullable String mSystemTextClassifierPackage;		final @Nullable String mSystemTextClassifierPackage;
	@@ -3240,6 +3241,7 @@ public class PackageManagerService extends IPackageManager.Stub
	mSharedSystemSharedLibraryPackageName = getRequiredSharedLibraryLPr(		mSharedSystemSharedLibraryPackageName = getRequiredSharedLibraryLPr(
	PackageManager.SYSTEM_SHARED_LIBRARY_SHARED,		PackageManager.SYSTEM_SHARED_LIBRARY_SHARED,
	SharedLibraryInfo.VERSION_UNDEFINED);		SharedLibraryInfo.VERSION_UNDEFINED);
			mRequiredPermissionControllerPackage = getRequiredPermissionsControllerLPr();
	} else {		} else {
	mRequiredVerifierPackage = null;		mRequiredVerifierPackage = null;
	mRequiredInstallerPackage = null;		mRequiredInstallerPackage = null;
	@@ -3248,6 +3250,7 @@ public class PackageManagerService extends IPackageManager.Stub
	mIntentFilterVerifier = null;		mIntentFilterVerifier = null;
	mServicesSystemSharedLibraryPackageName = null;		mServicesSystemSharedLibraryPackageName = null;
	mSharedSystemSharedLibraryPackageName = null;		mSharedSystemSharedLibraryPackageName = null;
			mRequiredPermissionControllerPackage = null;
	}		}

	mInstallerService = new PackageInstallerService(context, this);		mInstallerService = new PackageInstallerService(context, this);
	@@ -3595,6 +3598,25 @@ public class PackageManagerService extends IPackageManager.Stub
	return resolveInfo.getComponentInfo().packageName;		return resolveInfo.getComponentInfo().packageName;
	}		}

			private @NonNull String getRequiredPermissionsControllerLPr() {
			final Intent intent = new Intent(Intent.ACTION_MANAGE_PERMISSIONS);
			intent.addCategory(Intent.CATEGORY_DEFAULT);

			final List<ResolveInfo> matches = queryIntentActivitiesInternal(intent, null,
			MATCH_SYSTEM_ONLY \| MATCH_DIRECT_BOOT_AWARE \| MATCH_DIRECT_BOOT_UNAWARE,
			UserHandle.USER_SYSTEM);
			if (matches.size() == 1) {
			ResolveInfo resolveInfo = matches.get(0);
			if (!resolveInfo.activityInfo.applicationInfo.isPrivilegedApp()) {
			throw new RuntimeException("The permissions manager must be a privileged app");
			}
			return matches.get(0).getComponentInfo().packageName;
			} else {
			throw new RuntimeException("There must be exactly one permissions manager; found "
			+ matches);
			}
			}

	private @NonNull ComponentName getIntentFilterVerifierComponentNameLPr() {		private @NonNull ComponentName getIntentFilterVerifierComponentNameLPr() {
	final Intent intent = new Intent(Intent.ACTION_INTENT_FILTER_NEEDS_VERIFICATION);		final Intent intent = new Intent(Intent.ACTION_INTENT_FILTER_NEEDS_VERIFICATION);

	@@ -5400,6 +5422,12 @@ public class PackageManagerService extends IPackageManager.Stub

	@Override		@Override
	public String getPermissionControllerPackageName() {		public String getPermissionControllerPackageName() {
			synchronized (mPackages) {
			return mRequiredPermissionControllerPackage;
			}
			}

			String getPackageInstallerPackageName() {
	synchronized (mPackages) {		synchronized (mPackages) {
	return mRequiredInstallerPackage;		return mRequiredInstallerPackage;
	}		}
	@@ -14513,6 +14541,12 @@ public class PackageManagerService extends IPackageManager.Stub
	return false;		return false;
	}		}

			if (packageName.equals(mRequiredPermissionControllerPackage)) {
			Slog.w(TAG, "Cannot suspend package \"" + packageName
			+ "\": required for permissions management");
			return false;
			}

	if (mProtectedPackages.isPackageStateProtected(userId, packageName)) {		if (mProtectedPackages.isPackageStateProtected(userId, packageName)) {
	Slog.w(TAG, "Cannot suspend package \"" + packageName		Slog.w(TAG, "Cannot suspend package \"" + packageName
	+ "\": protected package");		+ "\": protected package");