Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a8670dfd authored by Rhed Jao's avatar Rhed Jao
Browse files

Only allow the system or shell to delete oat artifacts 

This also fixes the side channel information disclosure
of the package existence caused by the `pm delete-dexopt`
command.

Bug: 232415364
Test: atest PackageManagerTest
Change-Id: Ifed5d73234276fcb47d79ecb22fb6e7101d6b077
parent bdfb8336

services/core/java/com/android/server/pm/PackageManagerService.java

+3 −0
Original line number Original line Diff line number Diff line
@@ -6760,6 +6760,9 @@ public class PackageManagerService implements PackageSender, TestUtilityService 
    }

    }





    long deleteOatArtifactsOfPackage(@NonNull Computer snapshot, String packageName) {

    long deleteOatArtifactsOfPackage(@NonNull Computer snapshot, String packageName) {

        PackageManagerServiceUtils.enforceSystemOrRootOrShell(

                "Only the system or shell can delete oat artifacts");



        PackageStateInternal packageState = snapshot.getPackageStateInternal(packageName);

        PackageStateInternal packageState = snapshot.getPackageStateInternal(packageName);

        if (packageState == null || packageState.getPkg() == null) {

        if (packageState == null || packageState.getPkg() == null) {

            return -1; // error code of deleteOptimizedFiles

            return -1; // error code of deleteOptimizedFiles