Merge changes from topic "apex_migration" (8eacf37e) · Commits · e / os / android_frameworks_base

core/java/android/content/pm/PackageParser.java

+57 −73

Original line number	Diff line number	Diff line
		@@ -617,21 +617,6 @@ public class PackageParser {
		return path.endsWith(APK_FILE_EXTENSION);
		}

		/**
		* Generate and return the {@link PackageInfo} for a parsed package.
		*
		* @param p the parsed package.
		* @param flags indicating which optional information is included.
		*/
		@UnsupportedAppUsage
		public static PackageInfo generatePackageInfo(PackageParser.Package p,
		int gids[], int flags, long firstInstallTime, long lastUpdateTime,
		Set<String> grantedPermissions, PackageUserState state) {

		return generatePackageInfo(p, gids, flags, firstInstallTime, lastUpdateTime,
		grantedPermissions, state, UserHandle.getCallingUserId());
		}

		/**
		* Returns true if the package is installed and not hidden, or if the caller
		* explicitly wanted all uninstalled and hidden packages as well.
		@@ -658,8 +643,45 @@ public class PackageParser {
		return checkUseInstalledOrHidden(0, state, null);
		}

		/**
		* Generate and return the {@link PackageInfo} for a parsed package.
		*
		* @param p the parsed package.
		* @param flags indicating which optional information is included.
		*/
		@UnsupportedAppUsage
		public static PackageInfo generatePackageInfo(PackageParser.Package p,
		int[] gids, int flags, long firstInstallTime, long lastUpdateTime,
		Set<String> grantedPermissions, PackageUserState state) {

		return generatePackageInfo(p, gids, flags, firstInstallTime, lastUpdateTime,
		grantedPermissions, state, UserHandle.getCallingUserId());
		}

		@UnsupportedAppUsage
		public static PackageInfo generatePackageInfo(PackageParser.Package p,
		int[] gids, int flags, long firstInstallTime, long lastUpdateTime,
		Set<String> grantedPermissions, PackageUserState state, int userId) {

		return generatePackageInfo(p, null, gids, flags, firstInstallTime, lastUpdateTime,
		grantedPermissions, state, userId);
		}

		/**
		* PackageInfo generator specifically for apex files.
		*
		* @param pkg Package to generate info from. Should be derived from an apex.
		* @param apexInfo Apex info relating to the package.
		* @return PackageInfo
		* @throws PackageParserException
		*/
		public static PackageInfo generatePackageInfo(
		PackageParser.Package pkg, ApexInfo apexInfo, int flags) {
		return generatePackageInfo(pkg, apexInfo, EmptyArray.INT, flags, 0, 0,
		Collections.emptySet(), new PackageUserState(), UserHandle.getCallingUserId());
		}

		private static PackageInfo generatePackageInfo(PackageParser.Package p, ApexInfo apexInfo,
		int gids[], int flags, long firstInstallTime, long lastUpdateTime,
		Set<String> grantedPermissions, PackageUserState state, int userId) {
		if (!checkUseInstalledOrHidden(flags, state, p.applicationInfo) \|\| !p.isMatch(flags)) {
		@@ -806,6 +828,25 @@ public class PackageParser {
		}
		}
		}

		if (apexInfo != null) {
		File apexFile = new File(apexInfo.modulePath);

		pi.applicationInfo.sourceDir = apexFile.getPath();
		pi.applicationInfo.publicSourceDir = apexFile.getPath();
		if (apexInfo.isFactory) {
		pi.applicationInfo.flags \|= ApplicationInfo.FLAG_SYSTEM;
		} else {
		pi.applicationInfo.flags &= ~ApplicationInfo.FLAG_SYSTEM;
		}
		if (apexInfo.isActive) {
		pi.applicationInfo.flags \|= ApplicationInfo.FLAG_INSTALLED;
		} else {
		pi.applicationInfo.flags &= ~ApplicationInfo.FLAG_INSTALLED;
		}
		pi.isApex = true;
		}

		// deprecated method of getting signing certificates
		if ((flags & PackageManager.GET_SIGNATURES) != 0) {
		if (p.mSigningDetails.hasPastSigningCertificates()) {
		@@ -8379,61 +8420,4 @@ public class PackageParser {
		}
		}

		// TODO(b/129261524): Clean up API
		/**
		* PackageInfo parser specifically for apex files.
		* NOTE: It will collect certificates
		*
		* @param apexInfo
		* @return PackageInfo
		* @throws PackageParserException
		*/
		public static PackageInfo generatePackageInfoFromApex(ApexInfo apexInfo, int flags)
		throws PackageParserException {
		PackageParser pp = new PackageParser();
		File apexFile = new File(apexInfo.modulePath);
		final Package p = pp.parsePackage(apexFile, flags, false);
		PackageUserState state = new PackageUserState();
		PackageInfo pi = generatePackageInfo(p, EmptyArray.INT, flags, 0, 0,
		Collections.emptySet(), state);
		pi.applicationInfo.sourceDir = apexFile.getPath();
		pi.applicationInfo.publicSourceDir = apexFile.getPath();
		if (apexInfo.isFactory) {
		pi.applicationInfo.flags \|= ApplicationInfo.FLAG_SYSTEM;
		} else {
		pi.applicationInfo.flags &= ~ApplicationInfo.FLAG_SYSTEM;
		}
		if (apexInfo.isActive) {
		pi.applicationInfo.flags \|= ApplicationInfo.FLAG_INSTALLED;
		} else {
		pi.applicationInfo.flags &= ~ApplicationInfo.FLAG_INSTALLED;
		}
		pi.isApex = true;

		// Collect certificates
		if ((flags & PackageManager.GET_SIGNING_CERTIFICATES) != 0) {
		collectCertificates(p, apexFile, false);
		// Keep legacy mechanism for handling signatures. While this is deprecated, it's
		// still part of the public API and needs to be maintained
		if (p.mSigningDetails.hasPastSigningCertificates()) {
		// Package has included signing certificate rotation information. Return
		// the oldest cert so that programmatic checks keep working even if unaware
		// of key rotation.
		pi.signatures = new Signature[1];
		pi.signatures[0] = p.mSigningDetails.pastSigningCertificates[0];
		} else if (p.mSigningDetails.hasSignatures()) {
		// otherwise keep old behavior
		int numberOfSigs = p.mSigningDetails.signatures.length;
		pi.signatures = new Signature[numberOfSigs];
		System.arraycopy(p.mSigningDetails.signatures, 0, pi.signatures, 0, numberOfSigs);
		}
		if (p.mSigningDetails != SigningDetails.UNKNOWN) {
		// only return a valid SigningInfo if there is signing information to report
		pi.signingInfo = new SigningInfo(p.mSigningDetails);
		} else {
		pi.signingInfo = null;
		}
		}
		return pi;
		}
		}

core/tests/coretests/src/android/content/pm/PackageParserTest.java

+6 −1

Original line number	Diff line number	Diff line
		@@ -508,7 +508,12 @@ public class PackageParserTest {
		apexInfo.modulePath = apexFile.getPath();
		apexInfo.versionCode = 191000070;
		int flags = PackageManager.GET_META_DATA \| PackageManager.GET_SIGNING_CERTIFICATES;
		PackageInfo pi = PackageParser.generatePackageInfoFromApex(apexInfo, flags);

		PackageParser pp = new PackageParser();
		Package p = pp.parsePackage(apexFile, flags, false);
		PackageParser.collectCertificates(p, false);
		PackageInfo pi = PackageParser.generatePackageInfo(p, apexInfo, flags);

		assertEquals("com.google.android.tzdata", pi.applicationInfo.packageName);
		assertTrue(pi.applicationInfo.enabled);
		assertEquals(28, pi.applicationInfo.targetSdkVersion);

services/core/java/com/android/server/pm/ApexManager.java

+437 −334

File changed.

Preview size limit exceeded, changes collapsed.

services/core/java/com/android/server/pm/PackageManagerService.java

+2 −1

Original line number	Diff line number	Diff line
		@@ -2474,7 +2474,8 @@ public class PackageManagerService extends IPackageManager.Stub

		mProtectedPackages = new ProtectedPackages(mContext);

		mApexManager = new ApexManager(context);
		mApexManager = ApexManager.create(context);
		// CHECKSTYLE:OFF IndentationCheck
		synchronized (mInstallLock) {
		// writer
		synchronized (mPackages) {

services/core/java/com/android/server/pm/StagingManager.java

+118 −107

Original line number	Diff line number	Diff line
		@@ -30,6 +30,7 @@ import android.content.pm.PackageInfo;
		import android.content.pm.PackageInstaller;
		import android.content.pm.PackageInstaller.SessionInfo;
		import android.content.pm.PackageManager;
		import android.content.pm.PackageParser;
		import android.content.pm.PackageParser.PackageParserException;
		import android.content.pm.PackageParser.SigningDetails;
		import android.content.pm.PackageParser.SigningDetails.SignatureSchemeVersion;
		@@ -43,6 +44,7 @@ import android.os.ParcelFileDescriptor;
		import android.os.PowerManager;
		import android.os.RemoteException;
		import android.os.ServiceManager;
		import android.util.IntArray;
		import android.util.Slog;
		import android.util.SparseArray;
		import android.util.apk.ApkSignatureVerifier;
		@@ -104,21 +106,22 @@ public class StagingManager {
		return new ParceledListSlice<>(result);
		}

		private boolean validateApexSignature(String apexPath, String apexModuleName) {
		private void validateApexSignature(String apexPath, String packageName)
		throws PackageManagerException {
		final SigningDetails signingDetails;
		try {
		signingDetails = ApkSignatureVerifier.verify(apexPath, SignatureSchemeVersion.JAR);
		} catch (PackageParserException e) {
		Slog.e(TAG, "Unable to parse APEX package: " + apexPath, e);
		return false;
		throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"Failed to parse APEX package " + apexPath, e);
		}

		final PackageInfo packageInfo = mApexManager.getPackageInfoForApexName(apexModuleName);

		final PackageInfo packageInfo = mApexManager.getPackageInfo(packageName,
		ApexManager.MATCH_ACTIVE_PACKAGE);
		if (packageInfo == null) {
		// Don't allow installation of new APEX.
		Slog.e(TAG, "Attempted to install a new apex " + apexModuleName + ". Rejecting");
		return false;
		// This should never happen, because submitSessionToApexService ensures that no new
		// apexes were installed.
		throw new IllegalStateException("Unknown apex package " + packageName);
		}

		final SigningDetails existingSigningDetails;
		@@ -126,73 +129,99 @@ public class StagingManager {
		existingSigningDetails = ApkSignatureVerifier.verify(
		packageInfo.applicationInfo.sourceDir, SignatureSchemeVersion.JAR);
		} catch (PackageParserException e) {
		Slog.e(TAG, "Unable to parse APEX package: "
		+ packageInfo.applicationInfo.sourceDir, e);
		return false;
		throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"Failed to parse APEX package " + packageInfo.applicationInfo.sourceDir, e);
		}

		// Now that we have both sets of signatures, demand that they're an exact match.
		if (Signature.areExactMatch(existingSigningDetails.signatures, signingDetails.signatures)) {
		return true;
		return;
		}

		return false;
		throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"APK-container signature verification failed for package "
		+ packageName + ". Signature of file "
		+ apexPath + " does not match the signature of "
		+ " the package already installed.");
		}

		private boolean submitSessionToApexService(@NonNull PackageInstallerSession session,
		List<PackageInstallerSession> childSessions,
		ApexInfoList apexInfoList) {
		boolean submittedToApexd = mApexManager.submitStagedSession(
		session.sessionId,
		childSessions != null
		? childSessions.stream().mapToInt(s -> s.sessionId).toArray() :
		new int[]{},
		apexInfoList);
		if (!submittedToApexd) {
		session.setStagedSessionFailed(
		SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"APEX staging failed, check logcat messages from apexd for more details.");
		return false;
		private List<PackageInfo> submitSessionToApexService(
		@NonNull PackageInstallerSession session) throws PackageManagerException {
		final IntArray childSessionsIds = new IntArray();
		if (session.isMultiPackage()) {
		for (int id : session.getChildSessionIds()) {
		if (isApexSession(mStagedSessions.get(id))) {
		childSessionsIds.add(id);
		}
		}
		}
		// submitStagedSession will throw a PackageManagerException if apexd verification fails,
		// which will be propagated to populate stagedSessionErrorMessage of this session.
		final ApexInfoList apexInfoList = mApexManager.submitStagedSession(session.sessionId,
		childSessionsIds.toArray());
		final List<PackageInfo> result = new ArrayList<>();
		for (ApexInfo apexInfo : apexInfoList.apexInfos) {
		final PackageInfo packageInfo;
		int flags = PackageManager.GET_META_DATA;
		PackageParser.Package pkg;
		try {
		File apexFile = new File(apexInfo.modulePath);
		PackageParser pp = new PackageParser();
		pkg = pp.parsePackage(apexFile, flags, false);
		} catch (PackageParserException e) {
		throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"Failed to parse APEX package " + apexInfo.modulePath, e);
		}
		for (ApexInfo newModule : apexInfoList.apexInfos) {
		PackageInfo activePackage = mApexManager.getPackageInfoForApexName(
		newModule.moduleName);
		packageInfo = PackageParser.generatePackageInfo(pkg, apexInfo, flags);
		final PackageInfo activePackage = mApexManager.getPackageInfo(packageInfo.packageName,
		ApexManager.MATCH_ACTIVE_PACKAGE);
		if (activePackage == null) {
		continue;
		Slog.w(TAG, "Attempting to install new APEX package " + packageInfo.packageName);
		throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"It is forbidden to install new APEX packages.");
		}
		checkRequiredVersionCode(session, activePackage);
		checkDowngrade(session, activePackage, packageInfo);
		result.add(packageInfo);
		}
		return result;
		}

		private void checkRequiredVersionCode(final PackageInstallerSession session,
		final PackageInfo activePackage) throws PackageManagerException {
		if (session.params.requiredInstalledVersionCode == PackageManager.VERSION_CODE_HIGHEST) {
		return;
		}
		long activeVersion = activePackage.applicationInfo.longVersionCode;
		if (session.params.requiredInstalledVersionCode
		!= PackageManager.VERSION_CODE_HIGHEST) {
		final long activeVersion = activePackage.applicationInfo.longVersionCode;
		if (activeVersion != session.params.requiredInstalledVersionCode) {
		session.setStagedSessionFailed(
		if (!mApexManager.abortActiveSession()) {
		Slog.e(TAG, "Failed to abort apex session " + session.sessionId);
		}
		throw new PackageManagerException(
		SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"Installed version of APEX package " + activePackage.packageName
		+ " does not match required. Active version: " + activeVersion
		+ " required: " + session.params.requiredInstalledVersionCode);

		if (!mApexManager.abortActiveSession()) {
		Slog.e(TAG, "Failed to abort apex session " + session.sessionId);
		}
		return false;
		}
		}

		private void checkDowngrade(final PackageInstallerSession session,
		final PackageInfo activePackage, final PackageInfo newPackage)
		throws PackageManagerException {
		final long activeVersion = activePackage.applicationInfo.longVersionCode;
		final long newVersionCode = newPackage.applicationInfo.longVersionCode;
		boolean allowsDowngrade = PackageManagerServiceUtils.isDowngradePermitted(
		session.params.installFlags, activePackage.applicationInfo.flags);
		if (activeVersion > newModule.versionCode && !allowsDowngrade) {
		session.setStagedSessionFailed(
		SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"Downgrade of APEX package " + activePackage.packageName
		+ " is not allowed. Active version: " + activeVersion
		+ " attempted: " + newModule.versionCode);

		if (activeVersion > newVersionCode && !allowsDowngrade) {
		if (!mApexManager.abortActiveSession()) {
		Slog.e(TAG, "Failed to abort apex session " + session.sessionId);
		}
		return false;
		}
		throw new PackageManagerException(
		SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"Downgrade of APEX package " + newPackage.packageName
		+ " is not allowed. Active version: " + activeVersion
		+ " attempted: " + newVersionCode);
		}
		return true;
		}

		private static boolean isApexSession(@NonNull PackageInstallerSession session) {
		@@ -200,32 +229,21 @@ public class StagingManager {
		}

		private void preRebootVerification(@NonNull PackageInstallerSession session) {
		boolean success = true;

		final ApexInfoList apexInfoList = new ApexInfoList();
		final boolean hasApex = sessionContainsApex(session);
		// APEX checks. For single-package sessions, check if they contain an APEX. For
		// multi-package sessions, find all the child sessions that contain an APEX.
		if (!session.isMultiPackage()
		&& isApexSession(session)) {
		success = submitSessionToApexService(session, null, apexInfoList);

		} else if (session.isMultiPackage()) {
		List<PackageInstallerSession> childSessions =
		Arrays.stream(session.getChildSessionIds())
		// Retrieve cached sessions matching ids.
		.mapToObj(i -> mStagedSessions.get(i))
		// Filter only the ones containing APEX.
		.filter(childSession -> isApexSession(childSession))
		.collect(Collectors.toList());
		if (!childSessions.isEmpty()) {
		success = submitSessionToApexService(session, childSessions, apexInfoList);
		} // else this is a staged multi-package session with no APEX files.
		if (hasApex) {
		try {
		final List<PackageInfo> apexPackages = submitSessionToApexService(session);
		for (PackageInfo apexPackage : apexPackages) {
		validateApexSignature(apexPackage.applicationInfo.sourceDir,
		apexPackage.packageName);
		}

		if (!success) {
		// submitSessionToApexService will populate error.
		} catch (PackageManagerException e) {
		session.setStagedSessionFailed(e.error, e.getMessage());
		return;
		}
		}

		if (sessionContainsApk(session)) {
		if (!installApksInSession(session, /* preReboot */ true)) {
		@@ -237,25 +255,6 @@ public class StagingManager {
		}
		}

		if (apexInfoList.apexInfos != null && apexInfoList.apexInfos.length > 0) {
		// For APEXes, we validate the signature here before we mark the session as ready,
		// so we fail the session early if there is a signature mismatch. For APKs, the
		// signature verification will be done by the package manager at the point at which
		// it applies the staged install.
		for (ApexInfo apexModule : apexInfoList.apexInfos) {
		if (!validateApexSignature(apexModule.modulePath,
		apexModule.moduleName)) {
		session.setStagedSessionFailed(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"APK-container signature verification failed for package "
		+ apexModule.moduleName + ". Signature of file "
		+ apexModule.modulePath + " does not match the signature of "
		+ " the package already installed.");
		// TODO(b/118865310): abort the session on apexd.
		return;
		}
		}
		}

		if ((session.params.installFlags & PackageManager.INSTALL_ENABLE_ROLLBACK) != 0) {
		// If rollback is enabled for this session, we call through to the RollbackManager
		// with the list of sessions it must enable rollback for. Note that notifyStagedSession
		@@ -273,12 +272,24 @@ public class StagingManager {
		}
		}

		// Proactively mark session as ready before calling apexd. Although this call order looks
		// counter-intuitive, this is the easiest way to ensure that session won't end up in the
		// inconsistent state:
		// - If device gets rebooted right before call to apexd, then apexd will never activate
		// apex files of this staged session. This will result in StagingManager failing the
		// session.
		// On the other hand, if the order of the calls was inverted (first call apexd, then mark
		// session as ready), then if a device gets rebooted right after the call to apexd, only
		// apex part of the train will be applied, leaving device in an inconsistent state.
		session.setStagedSessionReady();
		if (sessionContainsApex(session)
		&& !mApexManager.markStagedSessionReady(session.sessionId)) {
		session.setStagedSessionFailed(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,
		"APEX staging failed, check logcat messages from apexd for more "
		+ "details.");
		if (!hasApex) {
		// Session doesn't contain apex, nothing to do.
		return;
		}
		try {
		mApexManager.markStagedSessionReady(session.sessionId);
		} catch (PackageManagerException e) {
		session.setStagedSessionFailed(e.error, e.getMessage());
		}
		}