OP_REQUEST_INSTALL_PACKAGES denied by default

Some system apps may download unknown content and the user should
be explicitly asked whether they trust these files. System apps should
explicitly use the extra NOT_UNKNOWN_SOURCE to bypass this check.

Test: Builds, boots, existing tests pass:
atest CtsPackageInstallTestCases

Locally verified they pass if CtsPackageInstallTestCases.apk was signed by
the platform cert.

Bug: 123700348
Change-Id: I3028bf8ff3f79a41521deeee43fba3c32bb1b2ca
Merged-In: I2578251906f6656b83464d1c4fc4db99165841c9
(cherry picked from commit 43e682abef2a1c65585bef510c390480f0c4a2fd)

diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 132f304..0a50914 100644 (file)
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -25853,11 +25853,9 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
         }
         if (mExternalSourcesPolicy != null) {
             int isTrusted = mExternalSourcesPolicy.getPackageTrustedToInstallApps(packageName, uid);
-            if (isTrusted != PackageManagerInternal.ExternalSourcesPolicy.USER_DEFAULT) {
-                return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED;
-            }
+            return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED;
         }
-        return checkUidPermission(appOpPermission, uid) == PERMISSION_GRANTED;
+        return false;
     }
 
     @Override