Loading core/java/android/content/pm/PackageInstaller.java +39 −0 Original line number Diff line number Diff line Loading @@ -107,6 +107,7 @@ import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Objects; Loading Loading @@ -2815,6 +2816,11 @@ public class PackageInstaller { private final ArrayMap<String, Integer> mPermissionStates; /** {@hide} */ public static final int MAX_URI_LENGTH = 2048; /** {@hide} */ public static final int MAX_PERMISSION_STATES_SIZE = 16384; /** * Construct parameters for a new package install session. * Loading Loading @@ -2988,6 +2994,11 @@ public class PackageInstaller { * @see Intent#EXTRA_ORIGINATING_URI */ public void setOriginatingUri(@Nullable Uri originatingUri) { if (originatingUri != null && originatingUri.toString().length() > MAX_URI_LENGTH) { throw new IllegalArgumentException( "Originating URI exceeds " + MAX_URI_LENGTH + " length"); } this.originatingUri = originatingUri; } Loading @@ -3006,6 +3017,10 @@ public class PackageInstaller { * @see Intent#EXTRA_REFERRER */ public void setReferrerUri(@Nullable Uri referrerUri) { if (referrerUri != null && referrerUri.toString().length() > MAX_URI_LENGTH) { throw new IllegalArgumentException( "Referrer URI exceeds " + MAX_URI_LENGTH + " length"); } this.referrerUri = referrerUri; } Loading Loading @@ -3072,6 +3087,12 @@ public class PackageInstaller { throw new IllegalArgumentException("Provided permissionName cannot be " + (permissionName == null ? "null" : "empty")); } if (state != PERMISSION_STATE_DEFAULT && !validatePermissionStates(Set.of(permissionName))) { throw new IllegalArgumentException( "Permissions states exceeds size limits total size limit of " + MAX_PERMISSION_STATES_SIZE + " in length"); } switch (state) { case PERMISSION_STATE_DEFAULT: Loading @@ -3088,9 +3109,27 @@ public class PackageInstaller { return this; } private boolean validatePermissionStates(Collection<String> permissionNames) { int totalLength = 0; for (String permission : mPermissionStates.keySet()) { totalLength += permission.length(); } for (String permission : permissionNames) { totalLength += permission.length(); } return totalLength <= MAX_PERMISSION_STATES_SIZE; } /** @hide */ public void setPermissionStates(Collection<String> grantPermissions, Collection<String> denyPermissions) { Set<String> newPermissions = new HashSet<>(grantPermissions); newPermissions.addAll(denyPermissions); if (!validatePermissionStates(newPermissions)) { throw new IllegalArgumentException( "Permissions states exceeds size limits total size limit of " + MAX_PERMISSION_STATES_SIZE + " in length"); } for (String grantPermission : grantPermissions) { mPermissionStates.put(grantPermission, PERMISSION_STATE_GRANTED); } Loading services/core/java/com/android/server/pm/PackageInstallerService.java +32 −0 Original line number Diff line number Diff line Loading @@ -17,6 +17,8 @@ package com.android.server.pm; import static android.app.admin.DevicePolicyResources.Strings.Core.PACKAGE_DELETED_BY_DO; import static android.content.pm.PackageInstaller.SessionParams.MAX_PERMISSION_STATES_SIZE; import static android.content.pm.PackageInstaller.SessionParams.MAX_URI_LENGTH; import static android.content.pm.PackageInstaller.LOCATION_DATA_APP; import static android.content.pm.PackageInstaller.UNARCHIVAL_ERROR_INSTALLER_DISABLED; import static android.content.pm.PackageInstaller.UNARCHIVAL_ERROR_INSTALLER_UNINSTALLED; Loading Loading @@ -976,6 +978,28 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements } } if (params.originatingUri != null && params.originatingUri.toString().length() > MAX_URI_LENGTH) { throw new IllegalArgumentException( "Originating URI exceeds " + MAX_URI_LENGTH + " length limit"); } if (params.referrerUri != null && params.referrerUri.toString().length() > MAX_URI_LENGTH) { throw new IllegalArgumentException( "Referrer URI exceeds " + MAX_URI_LENGTH + " length limit"); } if (params.whitelistedRestrictedPermissions != null) { params.whitelistedRestrictedPermissions.retainAll( mPm.getAllPlatformRestrictedPermissions()); } if (!validatePermissionStates(params.getPermissionStates())) { throw new IllegalArgumentException( "Permissions states exceeds total size limit " + MAX_PERMISSION_STATES_SIZE + " in length"); } int requestedInstallerPackageUid = INVALID_UID; if (requestedInstallerPackageName != null) { requestedInstallerPackageUid = snapshot.getPackageUid(requestedInstallerPackageName, Loading Loading @@ -1066,6 +1090,14 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements return sessionId; } private boolean validatePermissionStates(Map<String, Integer> permissionStates) { int totalLength = 0; for (String permission : permissionStates.keySet()) { totalLength += permission.length(); } return totalLength <= MAX_PERMISSION_STATES_SIZE; } int getExistingDraftSessionId(int installerUid, @NonNull SessionParams sessionParams, int userId) { synchronized (mSessions) { Loading services/core/java/com/android/server/pm/PackageManagerService.java +23 −0 Original line number Diff line number Diff line Loading @@ -24,6 +24,7 @@ import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_UNTIL_USED; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED; import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_AWARE; import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_UNAWARE; import static android.content.pm.PackageManager.MATCH_DISABLED_COMPONENTS; Loading Loading @@ -284,6 +285,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Map; Loading Loading @@ -1014,6 +1016,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService private final StorageEventHelper mStorageEventHelper; private final FreeStorageHelper mFreeStorageHelper; private static Set<String> sRestrictedPermissions; private static final boolean ENABLE_BOOST = false; Loading Loading @@ -8318,4 +8321,24 @@ public class PackageManagerService implements PackageSender, TestUtilityService return UserHandle.isSameApp(uid, Process.SYSTEM_UID) || UserHandle.isSameApp(uid, Process.PHONE_UID); } /** * @hide */ @NonNull public Set<String> getAllPlatformRestrictedPermissions() { if (sRestrictedPermissions == null) { sRestrictedPermissions = new HashSet<>(); PackageInfo pi = snapshotComputer().getPackageInfo( PLATFORM_PACKAGE_NAME, GET_PERMISSIONS, UserHandle.USER_SYSTEM); if (pi.permissions != null) { for (int i = 0; i < pi.permissions.length; i++) { if (pi.permissions[i].isRestricted()) { sRestrictedPermissions.add(pi.permissions[i].name); } } } } return sRestrictedPermissions; } } Loading
core/java/android/content/pm/PackageInstaller.java +39 −0 Original line number Diff line number Diff line Loading @@ -107,6 +107,7 @@ import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Objects; Loading Loading @@ -2815,6 +2816,11 @@ public class PackageInstaller { private final ArrayMap<String, Integer> mPermissionStates; /** {@hide} */ public static final int MAX_URI_LENGTH = 2048; /** {@hide} */ public static final int MAX_PERMISSION_STATES_SIZE = 16384; /** * Construct parameters for a new package install session. * Loading Loading @@ -2988,6 +2994,11 @@ public class PackageInstaller { * @see Intent#EXTRA_ORIGINATING_URI */ public void setOriginatingUri(@Nullable Uri originatingUri) { if (originatingUri != null && originatingUri.toString().length() > MAX_URI_LENGTH) { throw new IllegalArgumentException( "Originating URI exceeds " + MAX_URI_LENGTH + " length"); } this.originatingUri = originatingUri; } Loading @@ -3006,6 +3017,10 @@ public class PackageInstaller { * @see Intent#EXTRA_REFERRER */ public void setReferrerUri(@Nullable Uri referrerUri) { if (referrerUri != null && referrerUri.toString().length() > MAX_URI_LENGTH) { throw new IllegalArgumentException( "Referrer URI exceeds " + MAX_URI_LENGTH + " length"); } this.referrerUri = referrerUri; } Loading Loading @@ -3072,6 +3087,12 @@ public class PackageInstaller { throw new IllegalArgumentException("Provided permissionName cannot be " + (permissionName == null ? "null" : "empty")); } if (state != PERMISSION_STATE_DEFAULT && !validatePermissionStates(Set.of(permissionName))) { throw new IllegalArgumentException( "Permissions states exceeds size limits total size limit of " + MAX_PERMISSION_STATES_SIZE + " in length"); } switch (state) { case PERMISSION_STATE_DEFAULT: Loading @@ -3088,9 +3109,27 @@ public class PackageInstaller { return this; } private boolean validatePermissionStates(Collection<String> permissionNames) { int totalLength = 0; for (String permission : mPermissionStates.keySet()) { totalLength += permission.length(); } for (String permission : permissionNames) { totalLength += permission.length(); } return totalLength <= MAX_PERMISSION_STATES_SIZE; } /** @hide */ public void setPermissionStates(Collection<String> grantPermissions, Collection<String> denyPermissions) { Set<String> newPermissions = new HashSet<>(grantPermissions); newPermissions.addAll(denyPermissions); if (!validatePermissionStates(newPermissions)) { throw new IllegalArgumentException( "Permissions states exceeds size limits total size limit of " + MAX_PERMISSION_STATES_SIZE + " in length"); } for (String grantPermission : grantPermissions) { mPermissionStates.put(grantPermission, PERMISSION_STATE_GRANTED); } Loading
services/core/java/com/android/server/pm/PackageInstallerService.java +32 −0 Original line number Diff line number Diff line Loading @@ -17,6 +17,8 @@ package com.android.server.pm; import static android.app.admin.DevicePolicyResources.Strings.Core.PACKAGE_DELETED_BY_DO; import static android.content.pm.PackageInstaller.SessionParams.MAX_PERMISSION_STATES_SIZE; import static android.content.pm.PackageInstaller.SessionParams.MAX_URI_LENGTH; import static android.content.pm.PackageInstaller.LOCATION_DATA_APP; import static android.content.pm.PackageInstaller.UNARCHIVAL_ERROR_INSTALLER_DISABLED; import static android.content.pm.PackageInstaller.UNARCHIVAL_ERROR_INSTALLER_UNINSTALLED; Loading Loading @@ -976,6 +978,28 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements } } if (params.originatingUri != null && params.originatingUri.toString().length() > MAX_URI_LENGTH) { throw new IllegalArgumentException( "Originating URI exceeds " + MAX_URI_LENGTH + " length limit"); } if (params.referrerUri != null && params.referrerUri.toString().length() > MAX_URI_LENGTH) { throw new IllegalArgumentException( "Referrer URI exceeds " + MAX_URI_LENGTH + " length limit"); } if (params.whitelistedRestrictedPermissions != null) { params.whitelistedRestrictedPermissions.retainAll( mPm.getAllPlatformRestrictedPermissions()); } if (!validatePermissionStates(params.getPermissionStates())) { throw new IllegalArgumentException( "Permissions states exceeds total size limit " + MAX_PERMISSION_STATES_SIZE + " in length"); } int requestedInstallerPackageUid = INVALID_UID; if (requestedInstallerPackageName != null) { requestedInstallerPackageUid = snapshot.getPackageUid(requestedInstallerPackageName, Loading Loading @@ -1066,6 +1090,14 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements return sessionId; } private boolean validatePermissionStates(Map<String, Integer> permissionStates) { int totalLength = 0; for (String permission : permissionStates.keySet()) { totalLength += permission.length(); } return totalLength <= MAX_PERMISSION_STATES_SIZE; } int getExistingDraftSessionId(int installerUid, @NonNull SessionParams sessionParams, int userId) { synchronized (mSessions) { Loading
services/core/java/com/android/server/pm/PackageManagerService.java +23 −0 Original line number Diff line number Diff line Loading @@ -24,6 +24,7 @@ import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_UNTIL_USED; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED; import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_AWARE; import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_UNAWARE; import static android.content.pm.PackageManager.MATCH_DISABLED_COMPONENTS; Loading Loading @@ -284,6 +285,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Map; Loading Loading @@ -1014,6 +1016,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService private final StorageEventHelper mStorageEventHelper; private final FreeStorageHelper mFreeStorageHelper; private static Set<String> sRestrictedPermissions; private static final boolean ENABLE_BOOST = false; Loading Loading @@ -8318,4 +8321,24 @@ public class PackageManagerService implements PackageSender, TestUtilityService return UserHandle.isSameApp(uid, Process.SYSTEM_UID) || UserHandle.isSameApp(uid, Process.PHONE_UID); } /** * @hide */ @NonNull public Set<String> getAllPlatformRestrictedPermissions() { if (sRestrictedPermissions == null) { sRestrictedPermissions = new HashSet<>(); PackageInfo pi = snapshotComputer().getPackageInfo( PLATFORM_PACKAGE_NAME, GET_PERMISSIONS, UserHandle.USER_SYSTEM); if (pi.permissions != null) { for (int i = 0; i < pi.permissions.length; i++) { if (pi.permissions[i].isRestricted()) { sRestrictedPermissions.add(pi.permissions[i].name); } } } } return sRestrictedPermissions; } }
