Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 619ffc29 authored by Pavel Grafov's avatar Pavel Grafov Committed by Android Build Coastguard Worker
Browse files

Allow uninstalling DMRH when not used for management 

Bug: 360807442
Test: btest a.d.c.DevicePolicyManagementRoleHolderTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:da522df80568c158fe30896f9a571d05556ee51a)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:085f90a604ac24e45f44301257ae8a12da0054c1)
Merged-In: I023f78cef11fb7e8e9a92e2896cf94c9fcd1113b
Change-Id: I023f78cef11fb7e8e9a92e2896cf94c9fcd1113b
parent 08866038

services/core/java/com/android/server/pm/PackageManagerService.java

+24 −7
Original line number Diff line number Diff line
@@ -60,6 +60,7 @@ import android.app.ApplicationExitInfo; 
import android.app.ApplicationPackageManager;

import android.app.BroadcastOptions;

import android.app.IActivityManager;

import android.app.admin.DevicePolicyManagerInternal;

import android.app.admin.IDevicePolicyManager;

import android.app.admin.SecurityLog;

import android.app.backup.IBackupManager;
@@ -3371,8 +3372,10 @@ public class PackageManagerService implements PackageSender, TestUtilityService 
    // TODO(b/261957226): centralise this logic in DPM

    boolean isPackageDeviceAdmin(String packageName, int userId) {

        final IDevicePolicyManager dpm = getDevicePolicyManager();

        final DevicePolicyManagerInternal dpmi =

                mInjector.getLocalService(DevicePolicyManagerInternal.class);

        try {

            if (dpm != null) {

            if (dpm != null && dpmi != null) {

                final ComponentName deviceOwnerComponentName = dpm.getDeviceOwnerComponent(

                        /* callingUserOnly =*/ false);

                final String deviceOwnerPackageName = deviceOwnerComponentName == null ? null
@@ -3385,17 +3388,31 @@ public class PackageManagerService implements PackageSender, TestUtilityService 
                    return true;

                }

                // Does it contain a device admin for any user?

                int[] users;

                int[] allUsers = mUserManager.getUserIds();

                int[] targetUsers;

                if (userId == UserHandle.USER_ALL) {

                    users = mUserManager.getUserIds();

                    targetUsers = allUsers;

                } else {

                    users = new int[]{userId};

                    targetUsers = new int[]{userId};

                }

                for (int i = 0; i < users.length; ++i) {

                    if (dpm.packageHasActiveAdmins(packageName, users[i])) {



                for (int i = 0; i < targetUsers.length; ++i) {

                    if (dpm.packageHasActiveAdmins(packageName, targetUsers[i])) {

                        return true;

                    }

                    if (isDeviceManagementRoleHolder(packageName, users[i])) {

                }



                // If a package is DMRH on a managed user, it should also be treated as an admin on

                // that user. If that package is also a system package, it should also be protected

                // on other users otherwise "uninstall updates" on an unmanaged user may break

                // management on other users because apk version is shared between all users.

                var packageState = snapshotComputer().getPackageStateInternal(packageName);

                if (packageState == null) {

                    return false;

                }

                for (int user : packageState.isSystem() ? allUsers : targetUsers) {

                    if (isDeviceManagementRoleHolder(packageName, user)

                            && dpmi.isUserOrganizationManaged(user)) {

                        return true;

                    }

                }