Check DPC package validity during package updates (fdae2255) · Commits · e / os / android_frameworks_base

core/java/android/app/admin/DeviceAdminInfo.java

+2 −0

Original line number	Diff line number	Diff line
		@@ -345,6 +345,8 @@ public final class DeviceAdminInfo implements Parcelable {
		} catch (NameNotFoundException e) {
		throw new XmlPullParserException(
		"Unable to create context for: " + mActivityInfo.packageName);
		} catch (OutOfMemoryError e) {
		throw new XmlPullParserException("Out of memory when parsing", null, e);
		} finally {
		if (parser != null) parser.close();
		}

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+33 −6

Original line number	Diff line number	Diff line
		@@ -131,6 +131,7 @@ import static android.app.admin.ProvisioningException.ERROR_SETTING_PROFILE_OWNE
		import static android.app.admin.ProvisioningException.ERROR_SET_DEVICE_OWNER_FAILED;
		import static android.app.admin.ProvisioningException.ERROR_STARTING_PROFILE_FAILED;
		import static android.content.Intent.FLAG_ACTIVITY_NEW_TASK;
		import static android.content.pm.PackageManager.GET_META_DATA;
		import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_AWARE;
		import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_UNAWARE;
		import static android.content.pm.PackageManager.MATCH_UNINSTALLED_PACKAGES;
		@@ -1151,6 +1152,33 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		}
		}

		/**
		* Check if the package hosting the given ActiveAdmin is still installed and well-formed.
		*/
		@GuardedBy("getLockObject()")
		private boolean isActiveAdminPackageValid(ActiveAdmin admin) throws RemoteException {
		final String adminPackage = admin.info.getPackageName();
		int userHandle = admin.getUserHandle().getIdentifier();
		if (mIPackageManager.getPackageInfo(adminPackage, 0, userHandle) == null) {
		Slogf.e(LOG_TAG, adminPackage + " no longer installed");
		return false;
		}
		ActivityInfo ai = mIPackageManager.getReceiverInfo(admin.info.getComponent(),
		GET_META_DATA \| MATCH_DIRECT_BOOT_AWARE \| MATCH_DIRECT_BOOT_UNAWARE,
		userHandle);
		if (ai == null) {
		Slogf.e(LOG_TAG, adminPackage + " no longer has the receiver");
		return false;
		}
		try {
		new DeviceAdminInfo(mContext, ai);
		} catch (Exception e) {
		Slogf.e(LOG_TAG, adminPackage + " contains malformed metadata", e);
		return false;
		}
		return true;
		}

		private void handlePackagesChanged(@Nullable String packageName, int userHandle) {
		boolean removedAdmin = false;
		if (VERBOSE_LOG) {
		@@ -1163,14 +1191,13 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		ActiveAdmin aa = policy.mAdminList.get(i);
		try {
		// If we're checking all packages or if the specific one we're checking matches,
		// then check if the package and receiver still exist.
		// then check if the package is still valid.
		final String adminPackage = aa.info.getPackageName();
		if (packageName == null \|\| packageName.equals(adminPackage)) {
		if (mIPackageManager.getPackageInfo(adminPackage, 0, userHandle) == null
		\|\| mIPackageManager.getReceiverInfo(aa.info.getComponent(),
		PackageManager.MATCH_DIRECT_BOOT_AWARE
		\| PackageManager.MATCH_DIRECT_BOOT_UNAWARE,
		userHandle) == null) {
		if (!isActiveAdminPackageValid(aa)) {
		Slogf.e(LOG_TAG, "Admin package %s not found or invalid for user %d,"
		+ " removing active admin",
		packageName, userHandle);
		removedAdmin = true;
		policy.mAdminList.remove(i);
		policy.mAdminMap.remove(aa.info.getComponent());