OP_REQUEST_INSTALL_PACKAGES denied by default

Some system apps may download unknown content and the user should
be explicitly asked whether they trust these files. System apps should
explicitly use the extra NOT_UNKNOWN_SOURCE to bypass this check.

Test: Builds, boots, existing tests pass:
atest CtsPackageInstallTestCases

Locally verified they pass if CtsPackageInstallTestCases.apk was signed by
the platform cert.

Bug: 123700348
Change-Id: I3028bf8ff3f79a41521deeee43fba3c32bb1b2ca
Merged-In: I2578251906f6656b83464d1c4fc4db99165841c9

diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index fe7c873..ab6c956 100644 (file)
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -25010,11 +25010,9 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
         }
         if (mExternalSourcesPolicy != null) {
             int isTrusted = mExternalSourcesPolicy.getPackageTrustedToInstallApps(packageName, uid);
-            if (isTrusted != PackageManagerInternal.ExternalSourcesPolicy.USER_DEFAULT) {
-                return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED;
-            }
+            return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED;
         }
-        return checkUidPermission(appOpPermission, uid) == PERMISSION_GRANTED;
+        return false;
     }
 
     @Override