Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f340974e authored by Janis Danisevskis's avatar Janis Danisevskis
Browse files

Change permissions of apps' home dir to 0700 for SDK > 23 

This patchset changes the installd such that apps' home
directory has permissions set to 0700 if build for a
target SDK version. In consequence the commands

create_app_data and move_complete_app

get one more parameter, the target SDK version.
Apps built for a lower SDK version will still have
home directories with permissions set to 0751.

Bug: 7208882
Change-Id: I651da956dd57d882772b23a433421e9130ea4c0b
parent e5480cc5

services/core/java/com/android/server/pm/Installer.java

+6 −4
Original line number Diff line number Diff line
@@ -86,8 +86,9 @@ public final class Installer extends SystemService { 
    }



    public void createAppData(String uuid, String pkgname, int userid, int flags, int appid,

            String seinfo) throws InstallerException {

        mInstaller.execute("create_app_data", uuid, pkgname, userid, flags, appid, seinfo);

            String seinfo, int targetSdkVersion) throws InstallerException {

        mInstaller.execute("create_app_data", uuid, pkgname, userid, flags, appid, seinfo,

            targetSdkVersion);

    }



    public void restoreconAppData(String uuid, String pkgname, int userid, int flags, int appid,
@@ -107,9 +108,10 @@ public final class Installer extends SystemService { 
    }



    public void moveCompleteApp(String from_uuid, String to_uuid, String package_name,

            String data_app_name, int appid, String seinfo) throws InstallerException {

            String data_app_name, int appid, String seinfo, int targetSdkVersion)

            throws InstallerException {

        mInstaller.execute("move_complete_app", from_uuid, to_uuid, package_name,

                data_app_name, appid, seinfo);

                data_app_name, appid, seinfo, targetSdkVersion);

    }



    public void getAppSize(String uuid, String pkgname, int userid, int flags, String apkPath,

services/core/java/com/android/server/pm/PackageManagerService.java

+9 −5
Original line number Diff line number Diff line
@@ -10902,9 +10902,10 @@ public class PackageManagerService extends IPackageManager.Stub { 
        final String dataAppName;

        final int appId;

        final String seinfo;

        final int targetSdkVersion;















        public MoveInfo(int moveId, String fromUuid, String toUuid, String packageName,













                String dataAppName, int appId, String seinfo) {













                String dataAppName, int appId, String seinfo, int targetSdkVersion) {















            this.moveId = moveId;















            this.fromUuid = fromUuid;















            this.toUuid = toUuid;









@@ -10912,6 +10913,7 @@ public class PackageManagerService extends IPackageManager.Stub {













            this.dataAppName = dataAppName;















            this.appId = appId;















            this.seinfo = seinfo;













            this.targetSdkVersion = targetSdkVersion;















        }















    }
























@@ -12034,7 +12036,7 @@ public class PackageManagerService extends IPackageManager.Stub {













            synchronized (mInstaller) {















                try {















                    mInstaller.moveCompleteApp(move.fromUuid, move.toUuid, move.packageName,













                            move.dataAppName, move.appId, move.seinfo);













                            move.dataAppName, move.appId, move.seinfo, move.targetSdkVersion);















                } catch (InstallerException e) {















                    Slog.w(TAG, "Failed to move app", e);















                    return PackageManager.INSTALL_FAILED_INTERNAL_ERROR;










@@ -16991,7 +16993,7 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













        synchronized (mInstallLock) {















            try {















                mInstaller.createAppData(volumeUuid, packageName, userId, flags,













                        appId, app.seinfo);













                        appId, app.seinfo, app.targetSdkVersion);















            } catch (InstallerException e) {















                if (app.isSystemApp()) {















                    logCriticalInfo(Log.ERROR, "Failed to create app data for " + packageName









@@ -16999,7 +17001,7 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













                    destroyAppDataLI(volumeUuid, packageName, userId, flags);















                    try {















                        mInstaller.createAppData(volumeUuid, packageName, userId, flags,













                                appId, app.seinfo);













                                appId, app.seinfo, app.targetSdkVersion);















                        logCriticalInfo(Log.DEBUG, "Recovery succeeded!");















                    } catch (InstallerException e2) {















                        logCriticalInfo(Log.DEBUG, "Recovery failed!");










@@ -17073,6 +17075,7 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













        final int appId;















        final String seinfo;















        final String label;













        final int targetSdkVersion;





























        // reader















        synchronized (mPackages) {










@@ -17122,6 +17125,7 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());













            appId = UserHandle.getAppId(pkg.applicationInfo.uid);















            seinfo = pkg.applicationInfo.seinfo;















            label = String.valueOf(pm.getApplicationLabel(pkg.applicationInfo));













            targetSdkVersion = pkg.applicationInfo.targetSdkVersion;















        }





























        // Now that we're guarded by frozen state, kill app during move










@@ -17254,7 +17258,7 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());



























            final String dataAppName = codeFile.getName();















            move = new MoveInfo(moveId, currentVolumeUuid, volumeUuid, packageName,













                    dataAppName, appId, seinfo);













                    dataAppName, appId, seinfo, targetSdkVersion);















        } else {















            move = null;















        }

























services/core/java/com/android/server/pm/Settings.java



+4
−1




























Original line number
Diff line number
Diff line








@@ -3754,6 +3754,7 @@ final class Settings {













        String[] names;















        int[] appIds;















        String[] seinfos;













        int[] targetSdkVersions;















        int packagesCount;















        synchronized (mPackages) {















            Collection<PackageSetting> packages = mPackages.values();









@@ -3762,6 +3763,7 @@ final class Settings {













            names = new String[packagesCount];















            appIds = new int[packagesCount];















            seinfos = new String[packagesCount];













            targetSdkVersions = new int[packagesCount];















            Iterator<PackageSetting> packagesIterator = packages.iterator();















            for (int i = 0; i < packagesCount; i++) {















                PackageSetting ps = packagesIterator.next();









@@ -3776,6 +3778,7 @@ final class Settings {













                names[i] = ps.name;















                appIds[i] = ps.appId;















                seinfos[i] = ps.pkg.applicationInfo.seinfo;













                targetSdkVersions[i] = ps.pkg.applicationInfo.targetSdkVersion;















            }















        }















        for (int i = 0; i < packagesCount; i++) {









@@ -3786,7 +3789,7 @@ final class Settings {













            final int flags = Installer.FLAG_CE_STORAGE | Installer.FLAG_DE_STORAGE;















            try {















                installer.createAppData(volumeUuids[i], names[i], userHandle, flags, appIds[i],













                        seinfos[i]);













                        seinfos[i], targetSdkVersions[i]);















            } catch (InstallerException e) {















                Slog.w(TAG, "Failed to prepare app data", e);















            }