@Override
public void checkPackageStartable(String packageName, int userId) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
throw new SecurityException("Instant applications don't have access to this method");
}
final boolean userKeyUnlocked = StorageManager.isUserKeyUnlocked(userId);
synchronized (mPackages) {
final PackageSetting ps = mSettings.mPackages.get(packageName);
- if (ps == null) {
+ if (ps == null || filterAppAccessLPr(ps, callingUid, userId)) {
throw new SecurityException("Package " + packageName + " was not found!");
}
@Override
public String[] currentToCanonicalPackageNames(String[] names) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
return names;
}
- String[] out = new String[names.length];
+ final String[] out = new String[names.length];
// reader
synchronized (mPackages) {
+ final int callingUserId = UserHandle.getUserId(callingUid);
+ final boolean canViewInstantApps = canViewInstantApps(callingUid, callingUserId);
for (int i=names.length-1; i>=0; i--) {
- PackageSetting ps = mSettings.mPackages.get(names[i]);
- out[i] = ps != null && ps.realName != null ? ps.realName : names[i];
+ final PackageSetting ps = mSettings.mPackages.get(names[i]);
+ boolean translateName = false;
+ if (ps != null && ps.realName != null) {
+ final boolean targetIsInstantApp = ps.getInstantApp(callingUserId);
+ translateName = !targetIsInstantApp
+ || canViewInstantApps
+ || mInstantAppRegistry.isInstantAccessGranted(callingUserId,
+ UserHandle.getAppId(callingUid), ps.appId);
+ }
+ out[i] = translateName ? ps.realName : names[i];
}
}
return out;
@Override
public String[] canonicalToCurrentPackageNames(String[] names) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
return names;
}
- String[] out = new String[names.length];
+ final String[] out = new String[names.length];
// reader
synchronized (mPackages) {
+ final int callingUserId = UserHandle.getUserId(callingUid);
+ final boolean canViewInstantApps = canViewInstantApps(callingUid, callingUserId);
for (int i=names.length-1; i>=0; i--) {
- String cur = mSettings.getRenamedPackageLPr(names[i]);
- out[i] = cur != null ? cur : names[i];
+ final String cur = mSettings.getRenamedPackageLPr(names[i]);
+ boolean translateName = false;
+ if (cur != null) {
+ final PackageSetting ps = mSettings.mPackages.get(names[i]);
+ final boolean targetIsInstantApp =
+ ps != null && ps.getInstantApp(callingUserId);
+ translateName = !targetIsInstantApp
+ || canViewInstantApps
+ || mInstantAppRegistry.isInstantAccessGranted(callingUserId,
+ UserHandle.getAppId(callingUid), ps.appId);
+ }
+ out[i] = translateName ? cur : names[i];
}
}
return out;
Log.e(TAG, "No such user:" + userId);
return;
}
+ final int callingUid = Binder.getCallingUid();
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS,
"grantRuntimePermission");
- enforceCrossUserPermission(Binder.getCallingUid(), userId,
+ enforceCrossUserPermission(callingUid, userId,
true /* requireFullPermission */, true /* checkShell */,
"grantRuntimePermission");
if (pkg == null) {
throw new IllegalArgumentException("Unknown package: " + packageName);
}
-
final BasePermission bp = mSettings.mPermissions.get(name);
if (bp == null) {
throw new IllegalArgumentException("Unknown permission: " + name);
}
+ sb = (SettingBase) pkg.mExtras;
+ if (sb == null) {
+ throw new IllegalArgumentException("Unknown package: " + packageName);
+ }
+ if (sb instanceof PackageSetting
+ && filterAppAccessLPr((PackageSetting) sb, callingUid, userId)) {
+ throw new IllegalArgumentException("Unknown package: " + packageName);
+ }
enforceDeclaredAsUsedAndRuntimeOrDevelopmentPermission(pkg, bp);
}
uid = UserHandle.getUid(userId, pkg.applicationInfo.uid);
- sb = (SettingBase) pkg.mExtras;
- if (sb == null) {
- throw new IllegalArgumentException("Unknown package: " + packageName);
- }
final PermissionsState permissionsState = sb.getPermissionsState();
enforceGrantRevokeRuntimePermissionPermissions("getPermissionFlags");
- enforceCrossUserPermission(Binder.getCallingUid(), userId,
+ final int callingUid = Binder.getCallingUid();
+ enforceCrossUserPermission(callingUid, userId,
true /* requireFullPermission */, false /* checkShell */,
"getPermissionFlags");
if (pkg == null) {
return 0;
}
-
final BasePermission bp = mSettings.mPermissions.get(name);
if (bp == null) {
return 0;
}
-
- SettingBase sb = (SettingBase) pkg.mExtras;
+ final SettingBase sb = (SettingBase) pkg.mExtras;
if (sb == null) {
return 0;
}
-
+ if (sb instanceof PackageSetting
+ && filterAppAccessLPr((PackageSetting) sb, callingUid, userId)) {
+ return 0;
+ }
PermissionsState permissionsState = sb.getPermissionsState();
return permissionsState.getPermissionFlags(name, userId);
}
@Override
public int getFlagsForUid(int uid) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
return 0;
}
synchronized (mPackages) {
return sus.pkgFlags;
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
+ if (filterAppAccessLPr(ps, callingUid, UserHandle.getUserId(callingUid))) {
+ return 0;
+ }
return ps.pkgFlags;
}
}
@Override
public int getPrivateFlagsForUid(int uid) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
return 0;
}
synchronized (mPackages) {
return sus.pkgPrivateFlags;
} else if (obj instanceof PackageSetting) {
final PackageSetting ps = (PackageSetting) obj;
+ if (filterAppAccessLPr(ps, callingUid, UserHandle.getUserId(callingUid))) {
+ return 0;
+ }
return ps.pkgPrivateFlags;
}
}
@Override
public ParceledListSlice<PackageInfo> getInstalledPackages(int flags, int userId) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
return ParceledListSlice.emptyList();
}
if (!sUserManager.exists(userId)) return ParceledListSlice.emptyList();
flags = updateFlagsForPackage(flags, userId, null);
final boolean listUninstalled = (flags & MATCH_KNOWN_PACKAGES) != 0;
- enforceCrossUserPermission(Binder.getCallingUid(), userId,
+ enforceCrossUserPermission(callingUid, userId,
true /* requireFullPermission */, false /* checkShell */,
"get installed packages");
if (listUninstalled) {
list = new ArrayList<>(mSettings.mPackages.size());
for (PackageSetting ps : mSettings.mPackages.values()) {
- if (filterSharedLibPackageLPr(ps, Binder.getCallingUid(), userId, flags)) {
+ if (filterSharedLibPackageLPr(ps, callingUid, userId, flags)) {
continue;
}
+ if (filterAppAccessLPr(ps, callingUid, userId)) {
+ return null;
+ }
final PackageInfo pi = generatePackageInfo(ps, flags, userId);
if (pi != null) {
list.add(pi);
} else {
list = new ArrayList<>(mPackages.size());
for (PackageParser.Package p : mPackages.values()) {
- if (filterSharedLibPackageLPr((PackageSetting) p.mExtras,
- Binder.getCallingUid(), userId, flags)) {
+ final PackageSetting ps = (PackageSetting) p.mExtras;
+ if (filterSharedLibPackageLPr(ps, callingUid, userId, flags)) {
continue;
}
+ if (filterAppAccessLPr(ps, callingUid, userId)) {
+ return null;
+ }
final PackageInfo pi = generatePackageInfo((PackageSetting)
p.mExtras, flags, userId);
if (pi != null) {
@Override
public ParceledListSlice<ApplicationInfo> getInstalledApplications(int flags, int userId) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
return ParceledListSlice.emptyList();
}
if (!sUserManager.exists(userId)) return ParceledListSlice.emptyList();
effectiveFlags |= PackageManager.MATCH_ANY_USER;
}
if (ps.pkg != null) {
- if (filterSharedLibPackageLPr(ps, Binder.getCallingUid(), userId, flags)) {
+ if (filterSharedLibPackageLPr(ps, callingUid, userId, flags)) {
continue;
}
+ if (filterAppAccessLPr(ps, callingUid, userId)) {
+ return null;
+ }
ai = PackageParser.generateApplicationInfo(ps.pkg, effectiveFlags,
ps.readUserState(userId), userId);
if (ai != null) {
// Shared lib filtering done in generateApplicationInfoFromSettingsLPw
// and already converts to externally visible package name
ai = generateApplicationInfoFromSettingsLPw(ps.name,
- Binder.getCallingUid(), effectiveFlags, userId);
+ callingUid, effectiveFlags, userId);
}
if (ai != null) {
list.add(ai);
if (filterSharedLibPackageLPr(ps, Binder.getCallingUid(), userId, flags)) {
continue;
}
+ if (filterAppAccessLPr(ps, callingUid, userId)) {
+ return null;
+ }
ApplicationInfo ai = PackageParser.generateApplicationInfo(p, flags,
ps.readUserState(userId), userId);
if (ai != null) {
@Override
public boolean performDexOpt(String packageName,
boolean checkProfiles, int compileReason, boolean force) {
+ if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ return false;
+ } else if (isInstantApp(packageName, UserHandle.getCallingUserId())) {
+ return false;
+ }
return performDexOptWithStatus(packageName, checkProfiles, compileReason, force) !=
PackageDexOptimizer.DEX_OPT_FAILED;
}
boolean checkProfiles, String targetCompilerFilter, boolean force) {
if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
return false;
+ } else if (isInstantApp(packageName, UserHandle.getCallingUserId())) {
+ return false;
}
int dexOptStatus = performDexOptTraced(packageName, checkProfiles,
targetCompilerFilter, force);
boolean force) {
if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
return false;
+ } else if (isInstantApp(packageName, UserHandle.getCallingUserId())) {
+ return false;
}
mDexManager.reconcileSecondaryDexFiles(packageName);
return mDexManager.dexoptSecondaryDex(packageName, compilerFilter, force);
@Override
public boolean getApplicationHiddenSettingAsUser(String packageName, int userId) {
mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_USERS, null);
- enforceCrossUserPermission(Binder.getCallingUid(), userId,
+ final int callingUid = Binder.getCallingUid();
+ enforceCrossUserPermission(callingUid, userId,
true /* requireFullPermission */, false /* checkShell */,
"getApplicationHidden for user " + userId);
- PackageSetting pkgSetting;
+ PackageSetting ps;
long callingId = Binder.clearCallingIdentity();
try {
// writer
synchronized (mPackages) {
- pkgSetting = mSettings.mPackages.get(packageName);
- if (pkgSetting == null) {
+ ps = mSettings.mPackages.get(packageName);
+ if (ps == null) {
return true;
}
- return pkgSetting.getHidden(userId);
+ if (filterAppAccessLPr(ps, callingUid, userId)) {
+ return true;
+ }
+ return ps.getHidden(userId);
}
} finally {
Binder.restoreCallingIdentity(callingId);
mContext.enforceCallingOrSelfPermission(android.Manifest.permission.INSTALL_PACKAGES,
null);
PackageSetting pkgSetting;
- final int uid = Binder.getCallingUid();
- enforceCrossUserPermission(uid, userId,
+ final int callingUid = Binder.getCallingUid();
+ enforceCrossUserPermission(callingUid, userId,
true /* requireFullPermission */, true /* checkShell */,
"installExistingPackage for user " + userId);
if (isUserRestricted(userId, UserManager.DISALLOW_INSTALL_APPS)) {
@Override
public int getIntentVerificationStatus(String packageName, int userId) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
return INTENT_FILTER_DOMAIN_VERIFICATION_STATUS_UNDEFINED;
}
synchronized (mPackages) {
+ final PackageSetting ps = mSettings.mPackages.get(packageName);
+ if (ps == null
+ || filterAppAccessLPr(ps, callingUid, UserHandle.getUserId(callingUid))) {
+ return INTENT_FILTER_DOMAIN_VERIFICATION_STATUS_UNDEFINED;
+ }
return mSettings.getIntentFilterVerificationStatusLPr(packageName, userId);
}
}
@Override
public @NonNull ParceledListSlice<IntentFilterVerificationInfo> getIntentFilterVerifications(
String packageName) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ final int callingUid = Binder.getCallingUid();
+ if (getInstantAppPackageName(callingUid) != null) {
return ParceledListSlice.emptyList();
}
synchronized (mPackages) {
+ final PackageSetting ps = mSettings.mPackages.get(packageName);
+ if (filterAppAccessLPr(ps, callingUid, UserHandle.getUserId(callingUid))) {
+ return ParceledListSlice.emptyList();
+ }
return new ParceledListSlice<>(mSettings.getIntentFilterVerificationsLPr(packageName));
}
}
@Override
public List<String> getPreviousCodePaths(String packageName) {
+ final int callingUid = Binder.getCallingUid();
final List<String> result = new ArrayList<>();
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
+ if (getInstantAppPackageName(callingUid) != null) {
return result;
}
final PackageSetting ps = mSettings.mPackages.get(packageName);
- if (ps != null && ps.oldCodePaths != null) {
+ if (ps != null
+ && ps.oldCodePaths != null
+ && !filterAppAccessLPr(ps, callingUid, UserHandle.getUserId(callingUid))) {
result.addAll(ps.oldCodePaths);
}
return result;
@Override
public void deletePackageVersioned(VersionedPackage versionedPackage,
final IPackageDeleteObserver2 observer, final int userId, final int deleteFlags) {
+ final int callingUid = Binder.getCallingUid();
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.DELETE_PACKAGES, null);
+ final int hasAccessInstantApps = mContext.checkCallingOrSelfPermission(
+ android.Manifest.permission.ACCESS_INSTANT_APPS);
Preconditions.checkNotNull(versionedPackage);
Preconditions.checkNotNull(observer);
Preconditions.checkArgumentInRange(versionedPackage.getVersionCode(),
public void run() {
mHandler.removeCallbacks(this);
int returnCode;
- if (!deleteAllUsers) {
- returnCode = deletePackageX(internalPackageName, versionCode,
- userId, deleteFlags);
- } else {
- int[] blockUninstallUserIds = getBlockUninstallForUsers(
- internalPackageName, users);
- // If nobody is blocking uninstall, proceed with delete for all users
- if (ArrayUtils.isEmpty(blockUninstallUserIds)) {
+ final PackageSetting ps = mSettings.mPackages.get(internalPackageName);
+ boolean doDeletePackage = true;
+ if (ps != null) {
+ final boolean targetIsInstantApp =
+ ps.getInstantApp(UserHandle.getUserId(callingUid));
+ doDeletePackage = !targetIsInstantApp
+ || hasAccessInstantApps == PackageManager.PERMISSION_GRANTED;
+ }
+ if (doDeletePackage) {
+ if (!deleteAllUsers) {
returnCode = deletePackageX(internalPackageName, versionCode,
userId, deleteFlags);
} else {
- // Otherwise uninstall individually for users with blockUninstalls=false
- final int userFlags = deleteFlags & ~PackageManager.DELETE_ALL_USERS;
- for (int userId : users) {
- if (!ArrayUtils.contains(blockUninstallUserIds, userId)) {
- returnCode = deletePackageX(internalPackageName, versionCode,
- userId, userFlags);
- if (returnCode != PackageManager.DELETE_SUCCEEDED) {
- Slog.w(TAG, "Package delete failed for user " + userId
- + ", returnCode " + returnCode);
+ int[] blockUninstallUserIds = getBlockUninstallForUsers(
+ internalPackageName, users);
+ // If nobody is blocking uninstall, proceed with delete for all users
+ if (ArrayUtils.isEmpty(blockUninstallUserIds)) {
+ returnCode = deletePackageX(internalPackageName, versionCode,
+ userId, deleteFlags);
+ } else {
+ // Otherwise uninstall individually for users with blockUninstalls=false
+ final int userFlags = deleteFlags & ~PackageManager.DELETE_ALL_USERS;
+ for (int userId : users) {
+ if (!ArrayUtils.contains(blockUninstallUserIds, userId)) {
+ returnCode = deletePackageX(internalPackageName, versionCode,
+ userId, userFlags);
+ if (returnCode != PackageManager.DELETE_SUCCEEDED) {
+ Slog.w(TAG, "Package delete failed for user " + userId
+ + ", returnCode " + returnCode);
+ }
}
}
+ // The app has only been marked uninstalled for certain users.
+ // We still need to report that delete was blocked
+ returnCode = PackageManager.DELETE_FAILED_OWNER_BLOCKED;
}
- // The app has only been marked uninstalled for certain users.
- // We still need to report that delete was blocked
- returnCode = PackageManager.DELETE_FAILED_OWNER_BLOCKED;
}
+ } else {
+ returnCode = PackageManager.DELETE_FAILED_INTERNAL_ERROR;
}
try {
observer.onPackageDeleted(packageName, returnCode, null);
@Override
public boolean getBlockUninstallForUser(String packageName, int userId) {
synchronized (mPackages) {
+ final PackageSetting ps = mSettings.mPackages.get(packageName);
+ if (ps == null || filterAppAccessLPr(ps, Binder.getCallingUid(), userId)) {
+ return true;
+ }
return mSettings.getBlockUninstallLPr(userId, packageName);
}
}
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.CLEAR_APP_USER_DATA, null);
- enforceCrossUserPermission(Binder.getCallingUid(), userId,
+ final int callingUid = Binder.getCallingUid();
+ enforceCrossUserPermission(callingUid, userId,
true /* requireFullPermission */, false /* checkShell */, "clear application data");
+ final PackageSetting ps = mSettings.getPackageLPr(packageName);
+ if (ps != null && filterAppAccessLPr(ps, callingUid, userId)) {
+ return;
+ }
if (mProtectedPackages.isPackageDataProtected(userId, packageName)) {
throw new SecurityException("Cannot clear data for a protected package: "
+ packageName);
@Override
public void deleteApplicationCacheFilesAsUser(final String packageName, final int userId,
final IPackageDataObserver observer) {
+ final int callingUid = Binder.getCallingUid();
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.DELETE_CACHE_FILES, null);
- enforceCrossUserPermission(Binder.getCallingUid(), userId,
+ enforceCrossUserPermission(callingUid, userId,
/* requireFullPermission= */ true, /* checkShell= */ false,
"delete application cache files");
+ final int hasAccessInstantApps = mContext.checkCallingOrSelfPermission(
+ android.Manifest.permission.ACCESS_INSTANT_APPS);
final PackageParser.Package pkg;
synchronized (mPackages) {
// Queue up an async operation since the package deletion may take a little while.
mHandler.post(new Runnable() {
public void run() {
- synchronized (mInstallLock) {
- final int flags = StorageManager.FLAG_STORAGE_DE
- | StorageManager.FLAG_STORAGE_CE;
- // We're only clearing cache files, so we don't care if the
- // app is unfrozen and still able to run
- clearAppDataLIF(pkg, userId, flags | Installer.FLAG_CLEAR_CACHE_ONLY);
- clearAppDataLIF(pkg, userId, flags | Installer.FLAG_CLEAR_CODE_CACHE_ONLY);
- }
- clearExternalStorageDataSync(packageName, userId, false);
+ final PackageSetting ps = (PackageSetting) pkg.mExtras;
+ boolean doClearData = true;
+ if (ps != null) {
+ final boolean targetIsInstantApp =
+ ps.getInstantApp(UserHandle.getUserId(callingUid));
+ doClearData = !targetIsInstantApp
+ || hasAccessInstantApps == PackageManager.PERMISSION_GRANTED;
+ }
+ if (doClearData) {
+ synchronized (mInstallLock) {
+ final int flags = StorageManager.FLAG_STORAGE_DE
+ | StorageManager.FLAG_STORAGE_CE;
+ // We're only clearing cache files, so we don't care if the
+ // app is unfrozen and still able to run
+ clearAppDataLIF(pkg, userId, flags | Installer.FLAG_CLEAR_CACHE_ONLY);
+ clearAppDataLIF(pkg, userId, flags | Installer.FLAG_CLEAR_CODE_CACHE_ONLY);
+ }
+ clearExternalStorageDataSync(packageName, userId, false);
+ }
if (observer != null) {
try {
observer.onRemoveCompleted(packageName, true);
android.Manifest.permission.SET_PREFERRED_APPLICATIONS, null);
}
}
-
+ final PackageSetting ps = mSettings.getPackageLPr(packageName);
+ if (ps != null
+ && filterAppAccessLPr(ps, callingUid, UserHandle.getUserId(callingUid))) {
+ return;
+ }
int user = UserHandle.getCallingUserId();
if (clearPackagePreferredActivitiesLPw(packageName, user)) {
scheduleWritePackageRestrictionsLocked(user);
public void clearCrossProfileIntentFilters(int sourceUserId, String ownerPackage) {
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, null);
- int callingUid = Binder.getCallingUid();
+ final int callingUid = Binder.getCallingUid();
enforceOwnerRights(ownerPackage, callingUid);
enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, callingUid, sourceUserId);
synchronized (mPackages) {
if (UserHandle.getAppId(callingUid) == Process.SYSTEM_UID) {
return;
}
- int callingUserId = UserHandle.getUserId(callingUid);
+ final int callingUserId = UserHandle.getUserId(callingUid);
PackageInfo pi = getPackageInfo(pkg, 0, callingUserId);
if (pi == null) {
throw new IllegalArgumentException("Unknown package " + pkg + " on user "
public int movePackage(final String packageName, final String volumeUuid) {
mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MOVE_PACKAGE, null);
- final UserHandle user = new UserHandle(UserHandle.getCallingUserId());
+ final int callingUid = Binder.getCallingUid();
+ final UserHandle user = new UserHandle(UserHandle.getUserId(callingUid));
final int moveId = mNextMoveId.getAndIncrement();
mHandler.post(new Runnable() {
@Override
public void run() {
try {
- movePackageInternal(packageName, volumeUuid, moveId, user);
+ movePackageInternal(packageName, volumeUuid, moveId, callingUid, user);
} catch (PackageManagerException e) {
Slog.w(TAG, "Failed to move " + packageName, e);
mMoveCallbacks.notifyStatusChanged(moveId,
}
private void movePackageInternal(final String packageName, final String volumeUuid,
- final int moveId, UserHandle user) throws PackageManagerException {
+ final int moveId, final int callingUid, UserHandle user)
+ throws PackageManagerException {
final StorageManager storage = mContext.getSystemService(StorageManager.class);
final PackageManager pm = mContext.getPackageManager();
synchronized (mPackages) {
final PackageParser.Package pkg = mPackages.get(packageName);
final PackageSetting ps = mSettings.mPackages.get(packageName);
- if (pkg == null || ps == null) {
+ if (pkg == null
+ || ps == null
+ || filterAppAccessLPr(ps, callingUid, user.getIdentifier())) {
throw new PackageManagerException(MOVE_FAILED_DOESNT_EXIST, "Missing package");
}
-
if (pkg.applicationInfo.isSystemApp()) {
throw new PackageManagerException(MOVE_FAILED_SYSTEM_PACKAGE,
"Cannot move system application");
Slog.w(TAG, "KeySet requested for unknown package: " + packageName);
throw new IllegalArgumentException("Unknown package: " + packageName);
}
+ final PackageSetting ps = (PackageSetting) pkg.mExtras;
+ if (filterAppAccessLPr(ps, Binder.getCallingUid(), UserHandle.getCallingUserId())) {
+ Slog.w(TAG, "KeySet requested for filtered package: " + packageName);
+ throw new IllegalArgumentException("Unknown package: " + packageName);
+ }
KeySetManagerService ksms = mSettings.mKeySetManagerService;
return new KeySet(ksms.getKeySetByAliasAndPackageNameLPr(packageName, alias));
}
@Override
public boolean canRequestPackageInstalls(String packageName, int userId) {
- if (getInstantAppPackageName(Binder.getCallingUid()) != null) {
- return false;
- }
return canRequestPackageInstallsInternal(packageName, 0, userId,
true /* throwIfPermNotDeclared*/);
}
OSDN Git Service
