Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a37dfe71 authored by Ivan Chiang's avatar Ivan Chiang Committed by Android Build Coastguard Worker
Browse files

[PM] Check unknown sources for intent installation 

Bypass the unknown source check for the device policy and the AppOps
permission when either of the following two conditions is met:

1. An installer with the INSTALL_PACKAGES permission initiated the
   installation via the PackageInstaller APIs and not via an
   ACTION_VIEW or ACTION_INSTALL_PACKAGE intent.
2. An installer is a privileged app and it has set the
   EXTRA_NOT_UNKNOWN_SOURCE flag to be true in the intent.

Flag: EXEMPT BUGFIX
Bug: 461467954
Test: atest CtsDevicePolicyManagerTestCases:MixedProfileOwnerTest#testPackageInstallUserRestrictions
Test: atest CtsDevicePolicyManagerTestCases:MixedManagedProfileOwnerTest#testPackageInstallUserRestrictions
Test: atest CtsPackageInstallTestCases:IntentTest
Test: atest CtsPackageInstallSessionTestCases:SessionTest
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:3a8cafbc916bb16f08093cd138a4f3d4dc71b5a0
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:9aec06e22b59a74f7bc90d285eee3a52963c6a91
Merged-In: I66e863cf06566ddc08ad78a61dd82a548cde5e4c
Change-Id: I66e863cf06566ddc08ad78a61dd82a548cde5e4c
parent 4dc009cd

packages/PackageInstaller/src/com/android/packageinstaller/InstallStart.java

+16 −18
Original line number Diff line number Diff line
@@ -138,7 +138,18 @@ public class InstallStart extends Activity { 
            checkPermission(Manifest.permission.INSTALL_PACKAGES, /* pid= */ -1, callingUid)

                    == PackageManager.PERMISSION_GRANTED;



        boolean isTrustedSource = isPrivilegedAndKnown || isInstallPkgPermissionGranted;

        // Bypass the unknown source user restrictions check when either of the following

        // two conditions is met:

        // 1. An installer with the INSTALL_PACKAGES permission initiated the

        // installation via the PackageInstaller APIs and not via an

        // ACTION_VIEW or ACTION_INSTALL_PACKAGE intent.

        // 2. An installer is a privileged app and it has set the

        // EXTRA_NOT_UNKNOWN_SOURCE flag to be true in the intent.

        final boolean isIntentInstall =

                Intent.ACTION_VIEW.equals(intentAction)

                        || Intent.ACTION_INSTALL_PACKAGE.equals(intentAction);

        final boolean isTrustedSource =

                (!isIntentInstall && isInstallPkgPermissionGranted) || isPrivilegedAndKnown;



        if (!isTrustedSource && !isSystemDownloadsProvider && !isDocumentsManager

                && callingUid != Process.INVALID_UID) {
@@ -161,20 +172,7 @@ public class InstallStart extends Activity { 
            mAbortInstall = true;

        }



        // Bypass the unknown source user restrictions check when either of the following

        // two conditions is met:

        // 1. An installer with the INSTALL_PACKAGES permission initiated the

        // installation via the PackageInstaller APIs and not via an

        // ACTION_VIEW or ACTION_INSTALL_PACKAGE intent.

        // 2. An installer is a privileged app and initiated the installer via

        // the ACTION_INSTALL_PACKAGE or ACTION_VIEW intent, but it has set the

        // EXTRA_NOT_UNKNOWN_SOURCE flag to be true in the intent.

        final boolean isIntentInstall =

                Intent.ACTION_VIEW.equals(intentAction)

                        || Intent.ACTION_INSTALL_PACKAGE.equals(intentAction);

        final boolean bypassUnknownSourceRestrictions =

                (!isIntentInstall && isInstallPkgPermissionGranted) || isPrivilegedAndKnown;

        checkDevicePolicyRestrictions(bypassUnknownSourceRestrictions);

        checkDevicePolicyRestrictions(isTrustedSource);



        final String installerPackageNameFromIntent = getIntent().getStringExtra(

                Intent.EXTRA_INSTALLER_PACKAGE_NAME);
@@ -336,9 +334,9 @@ public class InstallStart extends Activity { 
        return callingUid == installerUid;

    }



    private void checkDevicePolicyRestrictions(boolean bypassUnknownSourceRestrictions) {

    private void checkDevicePolicyRestrictions(boolean isTrustedSource) {

        String[] restrictions;

        if (bypassUnknownSourceRestrictions) {

        if (isTrustedSource) {

            restrictions = new String[] { UserManager.DISALLOW_INSTALL_APPS };

        } else {

            restrictions =  new String[] {

packages/PackageInstaller/src/com/android/packageinstaller/v2/model/InstallRepository.kt

+12 −13
Original line number Diff line number Diff line
@@ -206,27 +206,26 @@ class InstallRepository(private val context: Context) { 
        val isInstallPkgPermissionGranted = callingUid != Process.INVALID_UID &&

                isPermissionGranted(context, Manifest.permission.INSTALL_PACKAGES, callingUid)



        isTrustedSource = isPrivilegedAndKnown || isInstallPkgPermissionGranted



        if (callingUid != Process.INVALID_UID

            && !isInstallPermissionGrantedOrRequested(context, callingUid, isTrustedSource)) {

            return InstallAborted(ABORT_REASON_INTERNAL_ERROR)

        }



        // Bypass the unknown source user restrictions check when either of the following

        // two conditions is met:

        // 1. An installer with the INSTALL_PACKAGES permission initiated the

        // installation via the PackageInstaller APIs and not via an

        // ACTION_VIEW or ACTION_INSTALL_PACKAGE intent.

        // 2. An installer is a privileged app and initiated the installer via

        // the ACTION_INSTALL_PACKAGE or ACTION_VIEW intent, but it has set the

        // 2. An installer is a privileged app and it has set the

        // EXTRA_NOT_UNKNOWN_SOURCE flag to be true in the intent.

        val isIntentInstall =

            Intent.ACTION_VIEW == intent.action

                    || Intent.ACTION_INSTALL_PACKAGE == intent.action

        val bypassUnknownSourceRestrictions =



        isTrustedSource =

            (!isIntentInstall && isInstallPkgPermissionGranted) || isPrivilegedAndKnown

        val restriction = getDevicePolicyRestrictions(bypassUnknownSourceRestrictions)



        if (callingUid != Process.INVALID_UID

            && !isInstallPermissionGrantedOrRequested(context, callingUid, isTrustedSource)) {

            return InstallAborted(ABORT_REASON_INTERNAL_ERROR)

        }



        val restriction = getDevicePolicyRestrictions(isTrustedSource)

        if (restriction != null) {

            val adminSupportDetailsIntent =

                devicePolicyManager!!.createAdminSupportIntent(restriction)
@@ -252,8 +251,8 @@ class InstallRepository(private val context: Context) { 
        }

    }



    private fun getDevicePolicyRestrictions(bypassUnknownSourceRestrictions: Boolean): String? {

        val restrictions: Array<String> = if (bypassUnknownSourceRestrictions) {

    private fun getDevicePolicyRestrictions(isTrustedSource: Boolean): String? {

        val restrictions: Array<String> = if (isTrustedSource) {

            arrayOf(UserManager.DISALLOW_INSTALL_APPS)

        } else {

            arrayOf(