Loading core/java/android/content/pm/PackageManager.java +18 −0 Original line number Diff line number Diff line Loading @@ -233,6 +233,24 @@ public abstract class PackageManager { public static final String PROPERTY_COMPAT_OVERRIDE_LANDSCAPE_TO_PORTRAIT = "android.camera.PROPERTY_COMPAT_OVERRIDE_LANDSCAPE_TO_PORTRAIT"; /** * Application level {@link android.content.pm.PackageManager.Property PackageManager * .Property} for a privileged system installer to define a list of up to 500 packages that * should not have their updates owned by any installer. The list must be provided via a default * XML resource with the following format: * * <pre> * <deny-ownership>PACKAGE_NAME</deny-ownership> * <deny-ownership>PACKAGE_NAME</deny-ownership> * </pre> * * <b>NOTE:</b> Installers that provide this property will not granted update ownership for any * packages that they request update ownership of. * @hide */ public static final String PROPERTY_LEGACY_UPDATE_OWNERSHIP_DENYLIST = "android.app.PROPERTY_LEGACY_UPDATE_OWNERSHIP_DENYLIST"; /** * A property value set within the manifest. * <p> Loading services/core/java/com/android/server/pm/InstallPackageHelper.java +26 −2 Original line number Diff line number Diff line Loading @@ -166,6 +166,7 @@ import com.android.internal.util.CollectionUtils; import com.android.internal.util.FrameworkStatsLog; import com.android.server.EventLogTags; import com.android.server.LocalManagerRegistry; import com.android.server.SystemConfig; import com.android.server.art.model.DexoptParams; import com.android.server.art.model.DexoptResult; import com.android.server.pm.Installer.LegacyDexoptDisabledException; Loading Loading @@ -230,6 +231,7 @@ final class InstallPackageHelper { private final ViewCompiler mViewCompiler; private final SharedLibrariesImpl mSharedLibraries; private final PackageManagerServiceInjector mInjector; private final UpdateOwnershipHelper mUpdateOwnershipHelper; // TODO(b/198166813): remove PMS dependency InstallPackageHelper(PackageManagerService pm, AppDataHelper appDataHelper) { Loading @@ -247,6 +249,7 @@ final class InstallPackageHelper { mPackageAbiHelper = pm.mInjector.getAbiHelper(); mViewCompiler = pm.mInjector.getViewCompiler(); mSharedLibraries = pm.mInjector.getSharedLibrariesImpl(); mUpdateOwnershipHelper = pm.mInjector.getUpdateOwnershipHelper(); } InstallPackageHelper(PackageManagerService pm) { Loading Loading @@ -332,6 +335,8 @@ final class InstallPackageHelper { final String updateOwnerFromSysconfig = isApex || !pkgSetting.isSystem() ? null : mPm.mInjector.getSystemConfig().getSystemAppUpdateOwnerPackageName( parsedPackage.getPackageName()); final boolean isUpdateOwnershipDenylisted = mUpdateOwnershipHelper.isUpdateOwnershipDenylisted(parsedPackage.getPackageName()); final boolean isUpdateOwnershipEnabled = oldUpdateOwner != null; // For standard install (install via session), the installSource isn't null. Loading Loading @@ -367,6 +372,9 @@ final class InstallPackageHelper { & PackageManager.INSTALL_REQUEST_UPDATE_OWNERSHIP) != 0; final boolean isSameUpdateOwner = TextUtils.equals(oldUpdateOwner, installSource.mInstallerPackageName); final boolean isInstallerUpdateOwnerDenylistProvider = mUpdateOwnershipHelper.isUpdateOwnershipDenyListProvider( installSource.mUpdateOwnerPackageName); // Here we handle the update owner for the package, and the rules are: // -. Only enabling update ownership enforcement on initial installation if the Loading @@ -374,13 +382,16 @@ final class InstallPackageHelper { // -. Once the installer changes and users agree to proceed, clear the update // owner (package state in other users are taken into account as well). if (!isUpdate) { if (!isRequestUpdateOwnership) { if (!isRequestUpdateOwnership || isUpdateOwnershipDenylisted || isInstallerUpdateOwnerDenylistProvider) { installSource = installSource.setUpdateOwnerPackageName(null); } else if ((!isUpdateOwnershipEnabled && pkgAlreadyExists) || (isUpdateOwnershipEnabled && !isSameUpdateOwner)) { installSource = installSource.setUpdateOwnerPackageName(null); } } else if (!isSameUpdateOwner || !isUpdateOwnershipEnabled) { } else if (!isSameUpdateOwner || !isUpdateOwnershipEnabled) { installSource = installSource.setUpdateOwnerPackageName(null); } } Loading Loading @@ -473,6 +484,19 @@ final class InstallPackageHelper { pkgSetting.setLoadingProgress(1f); } ArraySet<String> listItems = mUpdateOwnershipHelper.readUpdateOwnerDenyList(pkgSetting); if (listItems != null && !listItems.isEmpty()) { mUpdateOwnershipHelper.addToUpdateOwnerDenyList(pkgSetting.getPackageName(), listItems); for (String unownedPackage : listItems) { PackageSetting unownedSetting = mPm.mSettings.getPackageLPr(unownedPackage); SystemConfig config = SystemConfig.getInstance(); if (unownedSetting != null && config.getSystemAppUpdateOwnerPackageName(unownedPackage) == null) { unownedSetting.setUpdateOwnerPackage(null); } } } return pkg; } Loading services/core/java/com/android/server/pm/PackageManagerService.java +2 −1 Original line number Diff line number Diff line Loading @@ -1607,7 +1607,8 @@ public class PackageManagerService implements PackageSender, TestUtilityService (i, pm) -> new SharedLibrariesImpl(pm, i), (i, pm) -> new CrossProfileIntentFilterHelper(i.getSettings(), i.getUserManagerService(), i.getLock(), i.getUserManagerInternal(), context)); context), (i, pm) -> new UpdateOwnershipHelper()); if (Build.VERSION.SDK_INT <= 0) { Slog.w(TAG, "**** ro.build.version.sdk not set!"); Loading services/core/java/com/android/server/pm/PackageManagerServiceInjector.java +9 −1 Original line number Diff line number Diff line Loading @@ -144,6 +144,7 @@ public class PackageManagerServiceInjector { private final Singleton<IBackupManager> mIBackupManager; private final Singleton<SharedLibrariesImpl> mSharedLibrariesProducer; private final Singleton<CrossProfileIntentFilterHelper> mCrossProfileIntentFilterHelperProducer; private final Singleton<UpdateOwnershipHelper> mUpdateOwnershipHelperProducer; PackageManagerServiceInjector(Context context, PackageManagerTracedLock lock, Installer installer, Object installLock, PackageAbiHelper abiHelper, Loading Loading @@ -183,7 +184,8 @@ public class PackageManagerServiceInjector { Producer<BackgroundDexOptService> backgroundDexOptService, Producer<IBackupManager> iBackupManager, Producer<SharedLibrariesImpl> sharedLibrariesProducer, Producer<CrossProfileIntentFilterHelper> crossProfileIntentFilterHelperProducer) { Producer<CrossProfileIntentFilterHelper> crossProfileIntentFilterHelperProducer, Producer<UpdateOwnershipHelper> updateOwnershipHelperProducer) { mContext = context; mLock = lock; mInstaller = installer; Loading Loading @@ -238,6 +240,7 @@ public class PackageManagerServiceInjector { mSharedLibrariesProducer = new Singleton<>(sharedLibrariesProducer); mCrossProfileIntentFilterHelperProducer = new Singleton<>( crossProfileIntentFilterHelperProducer); mUpdateOwnershipHelperProducer = new Singleton<>(updateOwnershipHelperProducer); } /** Loading Loading @@ -423,6 +426,11 @@ public class PackageManagerServiceInjector { return mSharedLibrariesProducer.get(this, mPackageManager); } public UpdateOwnershipHelper getUpdateOwnershipHelper() { return mUpdateOwnershipHelperProducer.get(this, mPackageManager); } /** Provides an abstraction to static access to system state. */ public interface SystemWrapper { void disablePackageCaches(); Loading services/core/java/com/android/server/pm/RemovePackageHelper.java +1 −0 Original line number Diff line number Diff line Loading @@ -312,6 +312,7 @@ final class RemovePackageHelper { synchronized (mPm.mLock) { mPm.mDomainVerificationManager.clearPackage(deletedPs.getPackageName()); mPm.mSettings.getKeySetManagerService().removeAppKeySetDataLPw(packageName); mPm.mInjector.getUpdateOwnershipHelper().removeUpdateOwnerDenyList(packageName); final Computer snapshot = mPm.snapshotComputer(); mPm.mAppsFilter.removePackage(snapshot, snapshot.getPackageStateInternal(packageName)); Loading Loading
core/java/android/content/pm/PackageManager.java +18 −0 Original line number Diff line number Diff line Loading @@ -233,6 +233,24 @@ public abstract class PackageManager { public static final String PROPERTY_COMPAT_OVERRIDE_LANDSCAPE_TO_PORTRAIT = "android.camera.PROPERTY_COMPAT_OVERRIDE_LANDSCAPE_TO_PORTRAIT"; /** * Application level {@link android.content.pm.PackageManager.Property PackageManager * .Property} for a privileged system installer to define a list of up to 500 packages that * should not have their updates owned by any installer. The list must be provided via a default * XML resource with the following format: * * <pre> * <deny-ownership>PACKAGE_NAME</deny-ownership> * <deny-ownership>PACKAGE_NAME</deny-ownership> * </pre> * * <b>NOTE:</b> Installers that provide this property will not granted update ownership for any * packages that they request update ownership of. * @hide */ public static final String PROPERTY_LEGACY_UPDATE_OWNERSHIP_DENYLIST = "android.app.PROPERTY_LEGACY_UPDATE_OWNERSHIP_DENYLIST"; /** * A property value set within the manifest. * <p> Loading
services/core/java/com/android/server/pm/InstallPackageHelper.java +26 −2 Original line number Diff line number Diff line Loading @@ -166,6 +166,7 @@ import com.android.internal.util.CollectionUtils; import com.android.internal.util.FrameworkStatsLog; import com.android.server.EventLogTags; import com.android.server.LocalManagerRegistry; import com.android.server.SystemConfig; import com.android.server.art.model.DexoptParams; import com.android.server.art.model.DexoptResult; import com.android.server.pm.Installer.LegacyDexoptDisabledException; Loading Loading @@ -230,6 +231,7 @@ final class InstallPackageHelper { private final ViewCompiler mViewCompiler; private final SharedLibrariesImpl mSharedLibraries; private final PackageManagerServiceInjector mInjector; private final UpdateOwnershipHelper mUpdateOwnershipHelper; // TODO(b/198166813): remove PMS dependency InstallPackageHelper(PackageManagerService pm, AppDataHelper appDataHelper) { Loading @@ -247,6 +249,7 @@ final class InstallPackageHelper { mPackageAbiHelper = pm.mInjector.getAbiHelper(); mViewCompiler = pm.mInjector.getViewCompiler(); mSharedLibraries = pm.mInjector.getSharedLibrariesImpl(); mUpdateOwnershipHelper = pm.mInjector.getUpdateOwnershipHelper(); } InstallPackageHelper(PackageManagerService pm) { Loading Loading @@ -332,6 +335,8 @@ final class InstallPackageHelper { final String updateOwnerFromSysconfig = isApex || !pkgSetting.isSystem() ? null : mPm.mInjector.getSystemConfig().getSystemAppUpdateOwnerPackageName( parsedPackage.getPackageName()); final boolean isUpdateOwnershipDenylisted = mUpdateOwnershipHelper.isUpdateOwnershipDenylisted(parsedPackage.getPackageName()); final boolean isUpdateOwnershipEnabled = oldUpdateOwner != null; // For standard install (install via session), the installSource isn't null. Loading Loading @@ -367,6 +372,9 @@ final class InstallPackageHelper { & PackageManager.INSTALL_REQUEST_UPDATE_OWNERSHIP) != 0; final boolean isSameUpdateOwner = TextUtils.equals(oldUpdateOwner, installSource.mInstallerPackageName); final boolean isInstallerUpdateOwnerDenylistProvider = mUpdateOwnershipHelper.isUpdateOwnershipDenyListProvider( installSource.mUpdateOwnerPackageName); // Here we handle the update owner for the package, and the rules are: // -. Only enabling update ownership enforcement on initial installation if the Loading @@ -374,13 +382,16 @@ final class InstallPackageHelper { // -. Once the installer changes and users agree to proceed, clear the update // owner (package state in other users are taken into account as well). if (!isUpdate) { if (!isRequestUpdateOwnership) { if (!isRequestUpdateOwnership || isUpdateOwnershipDenylisted || isInstallerUpdateOwnerDenylistProvider) { installSource = installSource.setUpdateOwnerPackageName(null); } else if ((!isUpdateOwnershipEnabled && pkgAlreadyExists) || (isUpdateOwnershipEnabled && !isSameUpdateOwner)) { installSource = installSource.setUpdateOwnerPackageName(null); } } else if (!isSameUpdateOwner || !isUpdateOwnershipEnabled) { } else if (!isSameUpdateOwner || !isUpdateOwnershipEnabled) { installSource = installSource.setUpdateOwnerPackageName(null); } } Loading Loading @@ -473,6 +484,19 @@ final class InstallPackageHelper { pkgSetting.setLoadingProgress(1f); } ArraySet<String> listItems = mUpdateOwnershipHelper.readUpdateOwnerDenyList(pkgSetting); if (listItems != null && !listItems.isEmpty()) { mUpdateOwnershipHelper.addToUpdateOwnerDenyList(pkgSetting.getPackageName(), listItems); for (String unownedPackage : listItems) { PackageSetting unownedSetting = mPm.mSettings.getPackageLPr(unownedPackage); SystemConfig config = SystemConfig.getInstance(); if (unownedSetting != null && config.getSystemAppUpdateOwnerPackageName(unownedPackage) == null) { unownedSetting.setUpdateOwnerPackage(null); } } } return pkg; } Loading
services/core/java/com/android/server/pm/PackageManagerService.java +2 −1 Original line number Diff line number Diff line Loading @@ -1607,7 +1607,8 @@ public class PackageManagerService implements PackageSender, TestUtilityService (i, pm) -> new SharedLibrariesImpl(pm, i), (i, pm) -> new CrossProfileIntentFilterHelper(i.getSettings(), i.getUserManagerService(), i.getLock(), i.getUserManagerInternal(), context)); context), (i, pm) -> new UpdateOwnershipHelper()); if (Build.VERSION.SDK_INT <= 0) { Slog.w(TAG, "**** ro.build.version.sdk not set!"); Loading
services/core/java/com/android/server/pm/PackageManagerServiceInjector.java +9 −1 Original line number Diff line number Diff line Loading @@ -144,6 +144,7 @@ public class PackageManagerServiceInjector { private final Singleton<IBackupManager> mIBackupManager; private final Singleton<SharedLibrariesImpl> mSharedLibrariesProducer; private final Singleton<CrossProfileIntentFilterHelper> mCrossProfileIntentFilterHelperProducer; private final Singleton<UpdateOwnershipHelper> mUpdateOwnershipHelperProducer; PackageManagerServiceInjector(Context context, PackageManagerTracedLock lock, Installer installer, Object installLock, PackageAbiHelper abiHelper, Loading Loading @@ -183,7 +184,8 @@ public class PackageManagerServiceInjector { Producer<BackgroundDexOptService> backgroundDexOptService, Producer<IBackupManager> iBackupManager, Producer<SharedLibrariesImpl> sharedLibrariesProducer, Producer<CrossProfileIntentFilterHelper> crossProfileIntentFilterHelperProducer) { Producer<CrossProfileIntentFilterHelper> crossProfileIntentFilterHelperProducer, Producer<UpdateOwnershipHelper> updateOwnershipHelperProducer) { mContext = context; mLock = lock; mInstaller = installer; Loading Loading @@ -238,6 +240,7 @@ public class PackageManagerServiceInjector { mSharedLibrariesProducer = new Singleton<>(sharedLibrariesProducer); mCrossProfileIntentFilterHelperProducer = new Singleton<>( crossProfileIntentFilterHelperProducer); mUpdateOwnershipHelperProducer = new Singleton<>(updateOwnershipHelperProducer); } /** Loading Loading @@ -423,6 +426,11 @@ public class PackageManagerServiceInjector { return mSharedLibrariesProducer.get(this, mPackageManager); } public UpdateOwnershipHelper getUpdateOwnershipHelper() { return mUpdateOwnershipHelperProducer.get(this, mPackageManager); } /** Provides an abstraction to static access to system state. */ public interface SystemWrapper { void disablePackageCaches(); Loading
services/core/java/com/android/server/pm/RemovePackageHelper.java +1 −0 Original line number Diff line number Diff line Loading @@ -312,6 +312,7 @@ final class RemovePackageHelper { synchronized (mPm.mLock) { mPm.mDomainVerificationManager.clearPackage(deletedPs.getPackageName()); mPm.mSettings.getKeySetManagerService().removeAppKeySetDataLPw(packageName); mPm.mInjector.getUpdateOwnershipHelper().removeUpdateOwnerDenyList(packageName); final Computer snapshot = mPm.snapshotComputer(); mPm.mAppsFilter.removePackage(snapshot, snapshot.getPackageStateInternal(packageName)); Loading
