Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e1d6549d authored by Jackal Guo's avatar Jackal Guo
Browse files

Prevent arbitrary installers installing apps as instant 

To this end, we enforce that only system installer could create the
install session when the install as instant flag is set.

Bug: 74401586
Test: atest SessionTest#confirmInstantInstallationFails
Test: atest InstallSessionTransferTest
Test: atest CtsSignedConfigHostTestCases
Test: Play could install instant apps
Test: adb install --instant works
Change-Id: Icb8088a5773a7b47ebfe47b7630e7b89f01a9563
parent 13b0184e

api/test-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -988,6 +988,7 @@ package android.content.pm { 
    method public void setEnableRollback(boolean, int);

    method @RequiresPermission("android.permission.INSTALL_GRANT_RUNTIME_PERMISSIONS") public void setGrantedRuntimePermissions(String[]);

    method @RequiresPermission(android.Manifest.permission.INSTALL_PACKAGES) public void setInstallAsApex();

    method public void setInstallAsInstantApp(boolean);

    method public void setInstallerPackageName(@Nullable String);

    method public void setRequestDowngrade(boolean);

    method @RequiresPermission(android.Manifest.permission.INSTALL_PACKAGES) public void setStaged();

core/java/android/content/pm/PackageInstaller.java

+1 −0
Original line number Diff line number Diff line
@@ -1850,6 +1850,7 @@ public class PackageInstaller { 


        /** {@hide} */

        @SystemApi

        @TestApi

        public void setInstallAsInstantApp(boolean isInstantApp) {

            if (isInstantApp) {

                installFlags |= PackageManager.INSTALL_INSTANT_APP;

services/core/java/com/android/server/pm/PackageInstallerService.java

+7 −0
Original line number Diff line number Diff line
@@ -618,6 +618,13 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements 
            }

        }



        if ((params.installFlags & PackageManager.INSTALL_INSTANT_APP) != 0

                && !isCalledBySystemOrShell(callingUid)

                && (mPm.getFlagsForUid(callingUid) & ApplicationInfo.FLAG_SYSTEM) == 0) {

            throw new SecurityException(

                    "Only system apps could use the PackageManager.INSTALL_INSTANT_APP flag.");

        }



        if (params.isStaged && !isCalledBySystemOrShell(callingUid)) {

            if (mBypassNextStagedInstallerCheck) {

                mBypassNextStagedInstallerCheck = false;