Loading services/core/java/com/android/server/pm/InstallPackageHelper.java +2 −2 Original line number Diff line number Diff line Loading @@ -994,7 +994,7 @@ final class InstallPackageHelper { reconciledPackages = ReconcilePackageUtils.reconcilePackages( requests, Collections.unmodifiableMap(mPm.mPackages), versionInfos, mSharedLibraries, mPm.mSettings.getKeySetManagerService(), mPm.mSettings, mContext); mPm.mSettings); } catch (ReconcileFailure e) { for (InstallRequest request : requests) { request.setError("Reconciliation failed...", e); Loading Loading @@ -3930,7 +3930,7 @@ final class InstallPackageHelper { mPm.mPackages, Collections.singletonMap(pkgName, mPm.getSettingsVersionForPackage(parsedPackage)), mSharedLibraries, mPm.mSettings.getKeySetManagerService(), mPm.mSettings, mContext); mPm.mSettings); if ((scanFlags & SCAN_AS_APEX) == 0) { appIdCreated = optimisticallyRegisterAppId(installRequest); } else { Loading services/core/java/com/android/server/pm/ReconcilePackageUtils.java +10 −47 Original line number Diff line number Diff line Loading @@ -16,7 +16,6 @@ package com.android.server.pm; import static android.content.pm.PackageManager.INSTALL_FAILED_INVALID_APK; import static android.content.pm.PackageManager.INSTALL_FAILED_UPDATE_INCOMPATIBLE; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES; import static android.content.pm.SigningDetails.CapabilityMergeRule.MERGE_RESTRICTED_CAPABILITY; Loading @@ -24,24 +23,19 @@ import static android.content.pm.SigningDetails.CapabilityMergeRule.MERGE_RESTRI import static com.android.server.pm.PackageManagerService.SCAN_BOOTING; import static com.android.server.pm.PackageManagerService.SCAN_DONT_KILL_APP; import android.content.Context; import android.content.pm.PackageManager; import android.content.pm.PermissionInfo; import android.content.pm.SharedLibraryInfo; import android.content.pm.SigningDetails; import android.os.SystemProperties; import android.permission.PermissionManager; import android.util.ArrayMap; import android.util.Log; import com.android.server.pm.parsing.pkg.ParsedPackage; import com.android.server.pm.pkg.AndroidPackage; import com.android.server.pm.pkg.component.ParsedUsesPermission; import com.android.server.pm.pkg.parsing.ParsingPackageUtils; import com.android.server.utils.WatchedLongSparseArray; import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.Map; Loading @@ -60,7 +54,7 @@ final class ReconcilePackageUtils { Map<String, AndroidPackage> allPackages, Map<String, Settings.VersionInfo> versionInfos, SharedLibrariesImpl sharedLibraries, KeySetManagerService ksms, Settings settings, Context context) KeySetManagerService ksms, Settings settings) throws ReconcileFailure { final List<ReconciledPackage> result = new ArrayList<>(installRequests.size()); Loading Loading @@ -149,11 +143,11 @@ final class ReconcilePackageUtils { } else { if ((parseFlags & ParsingPackageUtils.PARSE_IS_SYSTEM_DIR) == 0) { throw new ReconcileFailure(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package " + installPackageName "Package " + parsedPackage.getPackageName() + " upgrade keys do not match the previously installed" + " version"); } else { String msg = "System package " + installPackageName String msg = "System package " + parsedPackage.getPackageName() + " signature changed; retaining data."; PackageManagerService.reportSettingsProblem(Log.WARN, msg); } Loading @@ -174,42 +168,11 @@ final class ReconcilePackageUtils { removeAppKeySetData = true; } // if this is a sharedUser, check to see if the new package is signed by a // newer signing certificate than the existing one, and if so, copy over the new // if this is is a sharedUser, check to see if the new package is signed by a // newer // signing certificate than the existing one, and if so, copy over the new // details if (sharedUserSetting != null) { if (!parsedPackage.isTestOnly() && sharedUserSetting.isPrivileged() && !signatureCheckPs.isSystem()) { final List<ParsedUsesPermission> usesPermissions = parsedPackage.getUsesPermissions(); final List<String> usesPrivilegedPermissions = new ArrayList<>(); final PermissionManager permissionManager = context.getSystemService( PermissionManager.class); // Check if the app requests any privileged permissions because that // violates the privapp-permissions allowlist check during boot. if (permissionManager != null) { for (int i = 0; i < usesPermissions.size(); i++) { final String permissionName = usesPermissions.get(i).getName(); final PermissionInfo permissionInfo = permissionManager.getPermissionInfo(permissionName, 0); if (permissionInfo != null && (permissionInfo.getProtectionFlags() & PermissionInfo.PROTECTION_FLAG_PRIVILEGED) != 0) { usesPrivilegedPermissions.add(permissionName); } } } if (!usesPrivilegedPermissions.isEmpty()) { throw new ReconcileFailure(INSTALL_FAILED_INVALID_APK, "Non-system package: " + installPackageName + " shares signature and sharedUserId with" + " a privileged package but requests" + " privileged permissions that are not" + " allowed: " + Arrays.toString( usesPrivilegedPermissions.toArray())); } } // Attempt to merge the existing lineage for the shared SigningDetails with // the lineage of the new package; if the shared SigningDetails are not // returned this indicates the new package added new signers to the lineage Loading @@ -226,7 +189,7 @@ final class ReconcilePackageUtils { for (AndroidPackage androidPackage : sharedUserSetting.getPackages()) { if (androidPackage.getPackageName() != null && !androidPackage.getPackageName().equals( installPackageName)) { parsedPackage.getPackageName())) { mergedDetails = mergedDetails.mergeLineageWith( androidPackage.getSigningDetails(), MERGE_RESTRICTED_CAPABILITY); Loading Loading @@ -256,7 +219,7 @@ final class ReconcilePackageUtils { if (sharedUserSetting != null) { if (sharedUserSetting.signaturesChanged != null && !PackageManagerServiceUtils.canJoinSharedUserId( installPackageName, parsedPackage.getSigningDetails(), parsedPackage.getPackageName(), parsedPackage.getSigningDetails(), sharedUserSetting, PackageManagerServiceUtils.SHARED_USER_ID_JOIN_TYPE_SYSTEM)) { if (SystemProperties.getInt("ro.product.first_api_level", 0) <= 29) { Loading @@ -277,7 +240,7 @@ final class ReconcilePackageUtils { // whichever package happened to be scanned later. throw new IllegalStateException( "Signature mismatch on system package " + installPackageName + parsedPackage.getPackageName() + " for shared user " + sharedUserSetting); } Loading @@ -289,7 +252,7 @@ final class ReconcilePackageUtils { sharedUserSetting.signaturesChanged = Boolean.TRUE; } // File a report about this. String msg = "System package " + installPackageName String msg = "System package " + parsedPackage.getPackageName() + " signature changed; retaining data."; PackageManagerService.reportSettingsProblem(Log.WARN, msg); } catch (IllegalArgumentException e) { Loading tests/testables/tests/AndroidManifest.xml +1 −1 Original line number Diff line number Diff line Loading @@ -21,7 +21,7 @@ <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" /> <uses-permission android:name="android.permission.MANAGE_USERS" /> <application android:debuggable="true" android:testOnly="true"> <application android:debuggable="true"> <uses-library android:name="android.test.runner" /> </application> Loading tests/testables/tests/AndroidTest.xmldeleted 100644 → 0 +0 −27 Original line number Diff line number Diff line <?xml version="1.0" encoding="utf-8"?> <!-- ~ Copyright (C) 2022 The Android Open Source Project ~ ~ Licensed under the Apache License, Version 2.0 (the "License"); ~ you may not use this file except in compliance with the License. ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, software ~ distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for the specific language governing permissions and ~ limitations under the License. --> <configuration description="Runs Testable Tests."> <option name="test-tag" value="TestablesTests" /> <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller"> <option name="cleanup-apks" value="true" /> <option name="install-arg" value="-t" /> <option name="test-file-name" value="TestablesTests.apk" /> </target_preparer> <test class="com.android.tradefed.testtype.AndroidJUnitTest"> <option name="package" value="com.android.testables"/> </test> </configuration> Loading
services/core/java/com/android/server/pm/InstallPackageHelper.java +2 −2 Original line number Diff line number Diff line Loading @@ -994,7 +994,7 @@ final class InstallPackageHelper { reconciledPackages = ReconcilePackageUtils.reconcilePackages( requests, Collections.unmodifiableMap(mPm.mPackages), versionInfos, mSharedLibraries, mPm.mSettings.getKeySetManagerService(), mPm.mSettings, mContext); mPm.mSettings); } catch (ReconcileFailure e) { for (InstallRequest request : requests) { request.setError("Reconciliation failed...", e); Loading Loading @@ -3930,7 +3930,7 @@ final class InstallPackageHelper { mPm.mPackages, Collections.singletonMap(pkgName, mPm.getSettingsVersionForPackage(parsedPackage)), mSharedLibraries, mPm.mSettings.getKeySetManagerService(), mPm.mSettings, mContext); mPm.mSettings); if ((scanFlags & SCAN_AS_APEX) == 0) { appIdCreated = optimisticallyRegisterAppId(installRequest); } else { Loading
services/core/java/com/android/server/pm/ReconcilePackageUtils.java +10 −47 Original line number Diff line number Diff line Loading @@ -16,7 +16,6 @@ package com.android.server.pm; import static android.content.pm.PackageManager.INSTALL_FAILED_INVALID_APK; import static android.content.pm.PackageManager.INSTALL_FAILED_UPDATE_INCOMPATIBLE; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES; import static android.content.pm.SigningDetails.CapabilityMergeRule.MERGE_RESTRICTED_CAPABILITY; Loading @@ -24,24 +23,19 @@ import static android.content.pm.SigningDetails.CapabilityMergeRule.MERGE_RESTRI import static com.android.server.pm.PackageManagerService.SCAN_BOOTING; import static com.android.server.pm.PackageManagerService.SCAN_DONT_KILL_APP; import android.content.Context; import android.content.pm.PackageManager; import android.content.pm.PermissionInfo; import android.content.pm.SharedLibraryInfo; import android.content.pm.SigningDetails; import android.os.SystemProperties; import android.permission.PermissionManager; import android.util.ArrayMap; import android.util.Log; import com.android.server.pm.parsing.pkg.ParsedPackage; import com.android.server.pm.pkg.AndroidPackage; import com.android.server.pm.pkg.component.ParsedUsesPermission; import com.android.server.pm.pkg.parsing.ParsingPackageUtils; import com.android.server.utils.WatchedLongSparseArray; import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.Map; Loading @@ -60,7 +54,7 @@ final class ReconcilePackageUtils { Map<String, AndroidPackage> allPackages, Map<String, Settings.VersionInfo> versionInfos, SharedLibrariesImpl sharedLibraries, KeySetManagerService ksms, Settings settings, Context context) KeySetManagerService ksms, Settings settings) throws ReconcileFailure { final List<ReconciledPackage> result = new ArrayList<>(installRequests.size()); Loading Loading @@ -149,11 +143,11 @@ final class ReconcilePackageUtils { } else { if ((parseFlags & ParsingPackageUtils.PARSE_IS_SYSTEM_DIR) == 0) { throw new ReconcileFailure(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package " + installPackageName "Package " + parsedPackage.getPackageName() + " upgrade keys do not match the previously installed" + " version"); } else { String msg = "System package " + installPackageName String msg = "System package " + parsedPackage.getPackageName() + " signature changed; retaining data."; PackageManagerService.reportSettingsProblem(Log.WARN, msg); } Loading @@ -174,42 +168,11 @@ final class ReconcilePackageUtils { removeAppKeySetData = true; } // if this is a sharedUser, check to see if the new package is signed by a // newer signing certificate than the existing one, and if so, copy over the new // if this is is a sharedUser, check to see if the new package is signed by a // newer // signing certificate than the existing one, and if so, copy over the new // details if (sharedUserSetting != null) { if (!parsedPackage.isTestOnly() && sharedUserSetting.isPrivileged() && !signatureCheckPs.isSystem()) { final List<ParsedUsesPermission> usesPermissions = parsedPackage.getUsesPermissions(); final List<String> usesPrivilegedPermissions = new ArrayList<>(); final PermissionManager permissionManager = context.getSystemService( PermissionManager.class); // Check if the app requests any privileged permissions because that // violates the privapp-permissions allowlist check during boot. if (permissionManager != null) { for (int i = 0; i < usesPermissions.size(); i++) { final String permissionName = usesPermissions.get(i).getName(); final PermissionInfo permissionInfo = permissionManager.getPermissionInfo(permissionName, 0); if (permissionInfo != null && (permissionInfo.getProtectionFlags() & PermissionInfo.PROTECTION_FLAG_PRIVILEGED) != 0) { usesPrivilegedPermissions.add(permissionName); } } } if (!usesPrivilegedPermissions.isEmpty()) { throw new ReconcileFailure(INSTALL_FAILED_INVALID_APK, "Non-system package: " + installPackageName + " shares signature and sharedUserId with" + " a privileged package but requests" + " privileged permissions that are not" + " allowed: " + Arrays.toString( usesPrivilegedPermissions.toArray())); } } // Attempt to merge the existing lineage for the shared SigningDetails with // the lineage of the new package; if the shared SigningDetails are not // returned this indicates the new package added new signers to the lineage Loading @@ -226,7 +189,7 @@ final class ReconcilePackageUtils { for (AndroidPackage androidPackage : sharedUserSetting.getPackages()) { if (androidPackage.getPackageName() != null && !androidPackage.getPackageName().equals( installPackageName)) { parsedPackage.getPackageName())) { mergedDetails = mergedDetails.mergeLineageWith( androidPackage.getSigningDetails(), MERGE_RESTRICTED_CAPABILITY); Loading Loading @@ -256,7 +219,7 @@ final class ReconcilePackageUtils { if (sharedUserSetting != null) { if (sharedUserSetting.signaturesChanged != null && !PackageManagerServiceUtils.canJoinSharedUserId( installPackageName, parsedPackage.getSigningDetails(), parsedPackage.getPackageName(), parsedPackage.getSigningDetails(), sharedUserSetting, PackageManagerServiceUtils.SHARED_USER_ID_JOIN_TYPE_SYSTEM)) { if (SystemProperties.getInt("ro.product.first_api_level", 0) <= 29) { Loading @@ -277,7 +240,7 @@ final class ReconcilePackageUtils { // whichever package happened to be scanned later. throw new IllegalStateException( "Signature mismatch on system package " + installPackageName + parsedPackage.getPackageName() + " for shared user " + sharedUserSetting); } Loading @@ -289,7 +252,7 @@ final class ReconcilePackageUtils { sharedUserSetting.signaturesChanged = Boolean.TRUE; } // File a report about this. String msg = "System package " + installPackageName String msg = "System package " + parsedPackage.getPackageName() + " signature changed; retaining data."; PackageManagerService.reportSettingsProblem(Log.WARN, msg); } catch (IllegalArgumentException e) { Loading
tests/testables/tests/AndroidManifest.xml +1 −1 Original line number Diff line number Diff line Loading @@ -21,7 +21,7 @@ <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" /> <uses-permission android:name="android.permission.MANAGE_USERS" /> <application android:debuggable="true" android:testOnly="true"> <application android:debuggable="true"> <uses-library android:name="android.test.runner" /> </application> Loading
tests/testables/tests/AndroidTest.xmldeleted 100644 → 0 +0 −27 Original line number Diff line number Diff line <?xml version="1.0" encoding="utf-8"?> <!-- ~ Copyright (C) 2022 The Android Open Source Project ~ ~ Licensed under the Apache License, Version 2.0 (the "License"); ~ you may not use this file except in compliance with the License. ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, software ~ distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for the specific language governing permissions and ~ limitations under the License. --> <configuration description="Runs Testable Tests."> <option name="test-tag" value="TestablesTests" /> <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller"> <option name="cleanup-apks" value="true" /> <option name="install-arg" value="-t" /> <option name="test-file-name" value="TestablesTests.apk" /> </target_preparer> <test class="com.android.tradefed.testtype.AndroidJUnitTest"> <option name="package" value="com.android.testables"/> </test> </configuration>
