The point of this patch is to deal with the following case:
- A system application exists in the system partition. As such its
native code lies under /system/lib
- An upgrade for it is installed through Market and overrides the
version on the system partition. This places its native libraries
under /data/data/<pkgname>/lib/
- Finally, the system is upgraded through an OTA, with an even more
recent of the system application. We thus must remove the Market
package as well as the native libraries that are in <dataDir>/lib
since the new versions in /system/lib will be more recent.
The patch itself removes the files in <dataDir>/lib when such a
situation is detected. Note that this directory is created by the
PackageManager service and owned by the 'system' userID. The application
cannot create files there so simply erasing the content of the directory
is enough (and avoids reparsing the market package file to list
the installed binaries).
The patch also fixes a different issue which can be reproduced with:
- have system app installed on /system partition
- install an update (e.g. adb install -r Term.apk)
- uninstall the update (e.g. adb uninstall com.android.term)
the logcat shows that the PackageManager will unpack the native libraries
from the original /system/app/Term.apk into <dataDir>/lib, while they
already are in /system/lib. The patch fixes that too.
Change-Id: I5dfe27b91b6b31972e9cd4c196d15c3692732127
Couple of cosmetic fixes as well.
This reverts commit 0c1285fa979e8b8c170f31d0ef1b4e5d9ddcf6b1.
Conflicts:
services/java/com/android/server/PackageManagerService.java
Change-Id: Ife0f9f80525f4a41b1f8c12ffc2de62e061e7d5b
when the install location is set to internal only. Similary if install
location is set to external only(via adb), dont fall back to installing on
internal storage if sdcard is filled up.
If nothing is specified ie install location is set to let system decide,
we just check on internal storage.
Fix tests
Change-Id: I7400ccc131782d9c45284bd9ebd0dee43a3b412b
...ordered broadcast for ACTION_EXTERNAL_APPLICATIONS_UNAVAILABLE
Turns out this was because the broadcast receiver for ContextImpl was
not correctly being created, so when it received an ordered broadcast
it would not tell the activity manager when it was done.
This is now fixed, along with a ton of superficial changes to debug
output to help track this down and a little cleanup of dealing with
error cases in dispatching broadcasts. Also a fix for a NPE when
dumping the broadcast state.
Finally, a little fiddling with package manager to get rid of a lot
of the noise when removing and re-adding packages on the SD card.
Change-Id: I961c14836dc613d3ea8122b6e910ef866e7fcb25
in status bar.
When unmounting sdcard, all the secure containers have to be unmounted first
before invoking the MountService call back. We send a broadcast
about disabled packages. Force a gc to clean up any stale asset references
and then unmount the containers before invoking the MountService call back.
Change-Id: I831da1ae54aeec89de3601b94a4a2fae5dc7e495
The package manager contains an optimization which reuses cached
signatures instead of reloading them on startup if the package
appears to be unchanged. This commit adds an extra check to ensure
that the PackageSettings object actually has valid signatures since
it has happened that they have gone missing. Unfortunately it does
not address the root cause of the problem but it should alleviate the
symptoms after a reboot.
Bug: b/2547993
Change-Id: I41900c6a752711eb3a901360e3bb29aec946d0be
...in status bar is installed on sdcard and device is powered down.
Don't do the GC until everyone has had a chance to take care of external
storage going away.
This is more correct, but doesn't completely fix the problem that
appears when shutting down.
Change-Id: I24b19337ba6262cfd8d010645dbf67e76ea03058
Move install location values to secure settings.
Diable attribute for UI. Set default value to auto.
Add command line interface to set install location via pm.
Change-Id: I80e97b3d24845adad7102f40dcbe238f00efa406
This is a quick and dirty solution to re-assign permissions after booting
from a platform update. It is not great, because it means that an app
can have permissions that the user didn't get to see when they originally
installed it. Unfortunately it's not clear what else to do here, nor is
there time to do anything significant.
Change-Id: I82faba141b5883c87212afa7febecf9860a413e3
Also fix another crash I just saw in the package manager, when a
permission got left around from a previous install but as no
longer defined.
Change-Id: I33b87420f0c59e24b8b77fab8b0316461d99e048
The certificates of the package and its shared user certificates
are initialized only when installing the package.
When scanning the packages, the certificates are collected from the apk
if the time stamp changes. If not the one's from
PackageSetting(read from packages.xml) are reused.
Removed mergeSignatures and updateSignatures since we don't support
this any more.
Also fix some bugs related to reinstalling failed upgrades.
Some unit tests.
Change-Id: Ibdeff170bd386d723f774136b18e0ad59d9cdabb
This fixes the package manager to ensure we can't get in this bad state of
an update to a system app being installed as a separate app.
Change-Id: I2a3f601bbc06b74f31ca09192993614bc6885ff7
This change include a minor refactoring of PackageItemInfo and related
classes to eliminate code duplication and to avoid redundant work
searching for an ApplicationInfo instance we already have.
Bug: b/2537578
Change-Id: Id0794c3f055ea58b943028f7a84abc7dec9d0aac
Addresses:
Issue #2550648: PackageManagerService setComponentEnabledSetting unconditionally
writes Settings xml
Issue #2549084: Make PackageManager.addPermission have async version
Also make the writing of settings when changing the preferred activities to use
the same async mechanism, and fiddle with thread priorities in the background
thread to go up to foreground priority when holding the lock to write settings
and a few other places. (At some point we should really clean this up to never
acquire the main lock while in the background.)
Change-Id: Ib2b7632543f6fb3f92a225518579f3b2d15e1413
Need to be sure to compute gids when SD card is mounted, since we
need the package info for that. Note that this is not re-granting
permissions (and in the future we could optimize this to just pass
through the mounted apps).
Change-Id: I51e1c23d17a6429642132902ef75c65a307fc33a
This is needed when restoring applications installed on sdcard
via Market after a data wipe. The stale containers need to be cleaned up before
reinstalling again.
Add a test case for installing when a stale container exists.
Change-Id: I20c30b3003e85fb31531dd3cf9cb59962fe8fe5f
Use new method in UsbStorageActivity.
Fix moving dex files.
moveDex should be suffixed with LI since it uses Installer
Change-Id: Id5ef0254578e84b9aae2c2ac44f722eb5a0fda1c
It turns out the whole loadedPermissions thing was pointless at this
point, and causing the problem: we would write out the granted
permissions, then at boot load them into loaded permissions, and
never actually put them in granted.
Just remove loadedPermissions. The grantedPermissions (that is
the permissions the user has approved be granted to the app) are
all we care about.
Change-Id: I54d9dc418d6277ae0b35b8c1fc4b9c11f34f86f0
PackageManager invokes this call back when its done handling
the media status update.
Add new uid check for updateExternalMediaStatus
Change killPids method in ActivityManager.
Remove mountsd command in Pm.java We cannot arbitrarily enable/disable
packages in PackageManager now.
Change-Id: I28dcba4afd2b4486f68abdaa1628a31b66544c91
No steps to repro, but makes the code more robust by using the standard
JournaledFile class and doing sanity checks on the input it reads.
This required moving the JournaledFile class in to the framework (and
we really should get rid of either it or AtomicFile, but they have
different recovery semantics so that is tough). Also went through and
cleaned up the file management in various places.
Change-Id: Ieb7268d8435e77dff66b6e67bb63b62e5dea572e
Apps on the system partition are now allowed to change their certs, as
long as they are not using a shared user id.
Change-Id: I02ff7ac874dc649b7f8cbb705ae8d7ed31e1d125
Add a new install location unspecified for backward compatibility.
There is not much difference between policies auto and unspecified.
But we dont have to make any code changes in PackageParser based
on our preference for install location.
Add tests
Change-Id: I563238133261d911d08fbc66344687b7dfc870b1
This allows us to keep the assigned permissions when apps are temporarily
removed due to the SD card being unmounted, and also if you use the
facility to uninstall an app but keep its data.
Also fixes issue #2515189: Potential permission spoofing attack in
Android (external bug 7166)
Change-Id: I2a120ec938552028c989f9e0e890c32773957738
Add new remote method to check for insufficient error conditions.
Some fixes in MountService when updating media status on PackageManagerService
Fix size calculation condition in installd.
Add new error code if media is unavailable.
New tests for testing error codes.
Some additional debugging statements in MountService.
Change-Id: Ibfe90d5ed6c71d57f9c1c67806f38b5ae9ecdfbf
Fixes issue #2507124:
cts.PackageManagerRequiringPermissionsTest:testClearPackagePreferredActivities
is failing with NPE
Also introduce some compatibility code to simple ignore calls to set
preferred packages from old applications, and changes some package manager
logs to Slog.
Change-Id: Id3f98ac8e106da526ba4c12879a9ddaabf28f462
I can't believe I let this slip through. And in the SDK no less. :(
The APIs for setting preferred activities will now throw a security
exception when used. This may break some apps, we'll see how it
goes. If it is too bad we can just make these log and not throw
anything, but I would much prefer they throw an exception.
Change-Id: I3aed434750eef8b202aa9d5bd774a0121be521c6
to internal flash only even before we copy.
Return error codes when install flag options mismatch.
Some conditions for existings apps
- install flags override existing location
- explicity manifest option install location overrides previous location
- if upgraded package's install location is unspecified or auto, fall
back to recommended install policy which considers user setting as well.
Check for sdcard status before finding available size on sdcard
Add light weight parsing for manifest attributes including package name and
install location only
Change-Id: I5143dda87c88c595f564b317326c926d0ec3ceb8
Clean up stale containers when enabling/disabling packages on sdcard.
Check the path of packages which are being enabled.
Make sure gc's are done prior to destroying containers when moving applicati
as well as enabling/disabling packages for sdcard mount status changes.
Some miscellaneous issues
Remove hack to avoid renaming containers.
Fix test with forward locked apps
Remove adding container id to asec list when renaming
Some cosmetic changes to DefaultContainerService
Also add ability for admins to hide themselves when not in use,
a facility for admins to not allow other admins to reset
their password, and debug dumping.
Dont invoke getInstallLocation for forward locked apps.
If INSTALL_ON_SDCARD is selected as default, forward locked
apps are not being installed because of conflicting flags.
This is the framework part, moving classes around so the framework
no longer needs to link to android-common. Makes some APIs public,
others that didn't need to be public are private in the framework,
some small things are copied.
