Loading services/core/java/com/android/server/pm/PackageManagerService.java +17 −2 Original line number Diff line number Diff line Loading @@ -12134,8 +12134,23 @@ public class PackageManagerService extends IPackageManager.Stub { // predecessor. As a security measure, this is permited only if this is not a // version downgrade or if the predecessor package is marked as debuggable and // a downgrade is explicitly requested. if (((dataOwnerPkg.applicationInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) == 0) || ((installFlags & PackageManager.INSTALL_ALLOW_DOWNGRADE) == 0)) { // // On debuggable platform builds, downgrades are permitted even for // non-debuggable packages to make testing easier. Debuggable platform builds do // not offer security guarantees and thus it's OK to disable some security // mechanisms to make debugging/testing easier on those builds. However, even on // debuggable builds downgrades of packages are permitted only if requested via // installFlags. This is because we aim to keep the behavior of debuggable // platform builds as close as possible to the behavior of non-debuggable // platform builds. final boolean downgradeRequested = (installFlags & PackageManager.INSTALL_ALLOW_DOWNGRADE) != 0; final boolean packageDebuggable = (dataOwnerPkg.applicationInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0; final boolean downgradePermitted = (downgradeRequested) && ((Build.IS_DEBUGGABLE) || (packageDebuggable)); if (!downgradePermitted) { try { checkDowngrade(dataOwnerPkg, pkgLite); } catch (PackageManagerException e) { Loading
services/core/java/com/android/server/pm/PackageManagerService.java +17 −2 Original line number Diff line number Diff line Loading @@ -12134,8 +12134,23 @@ public class PackageManagerService extends IPackageManager.Stub { // predecessor. As a security measure, this is permited only if this is not a // version downgrade or if the predecessor package is marked as debuggable and // a downgrade is explicitly requested. if (((dataOwnerPkg.applicationInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) == 0) || ((installFlags & PackageManager.INSTALL_ALLOW_DOWNGRADE) == 0)) { // // On debuggable platform builds, downgrades are permitted even for // non-debuggable packages to make testing easier. Debuggable platform builds do // not offer security guarantees and thus it's OK to disable some security // mechanisms to make debugging/testing easier on those builds. However, even on // debuggable builds downgrades of packages are permitted only if requested via // installFlags. This is because we aim to keep the behavior of debuggable // platform builds as close as possible to the behavior of non-debuggable // platform builds. final boolean downgradeRequested = (installFlags & PackageManager.INSTALL_ALLOW_DOWNGRADE) != 0; final boolean packageDebuggable = (dataOwnerPkg.applicationInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0; final boolean downgradePermitted = (downgradeRequested) && ((Build.IS_DEBUGGABLE) || (packageDebuggable)); if (!downgradePermitted) { try { checkDowngrade(dataOwnerPkg, pkgLite); } catch (PackageManagerException e) {
