* Verifiers can be specified in the AndroidManifest.xml
* Those verifiers can respond to the new Intent action
* PackageManager API for those verifiers: verifyPendingInstall
Change-Id: I4892bce2e6984871e6e93c60a1ca0dae145f5df5
A core app is one that has coreApp="true" in its manifest tag.
The system can successfully boot (though a little painfully) with
only framework-res.apk, SettingsProvider.apk, SystemUI.apk,
DefaultContainerService.apk, and Launcher2.apk set as core apps.
Currently this boot mode is always turned off.
Change-Id: Ieaa4a8031c2c391a12996aa8d8b1d65fc2b09d6b
Unfortunately fixed internal size calculations for HC, but never the
external size calculations.
Bug: 5113898
Change-Id: Idfe8af0ba74a20aa767eb9abac431ee1c74dcf8e
Copy resource would fail without a good error code when the file
couldn't be found during copy.
Also destroy the target container ID during move operations since it
might exist. If the copy failed due to it existing, it would get
destroyed anyway. This way the user has a chance to have a good outcome
the first time.
Bug: 3375299
Bug: 5113898
Change-Id: I00559833f0801bc50e7cc031b462495e37a6b4ab
Make sure that files that don't exist aren't returning bogus 'out of
space' error codes.
Add some Javadoc so I can remember what each thing does in an IDE.
Add copyright header to NativeLibraryHelper
Bug: 3375299
Change-Id: Iac46019160921daca65b21d38897e5165063316e
If the user has supplied a backup password in Settings, that password
is validated during the full backup process and is used as an encryption
key for encoding the backed-up data itself. This is the fundamental
mechanism whereby users can secure their data even against malicious
parties getting physical unlocked access to their device.
Technically the user-supplied password is not used as the encryption
key for the backed-up data itself. What is actually done is that a
random key is generated to use as the raw encryption key. THAT key,
in turn, is encrypted with the user-supplied password (after random
salting and key expansion with PBKDF2). The encrypted master key
and a checksum are stored in the backup header. At restore time,
the user supplies their password, which allows the system to decrypt
the master key, which in turn allows the decryption of the backup
data itself.
The checksum is part of the archive in order to permit validation
of the user-supplied password. The checksum is the result of running
the user-supplied password through PBKDF2 with a randomly selected
salt. At restore time, the proposed password is run through PBKDF2
with the salt described by the archive header. If the result does
not match the archive's stated checksum, then the user has supplied
the wrong decryption password.
Also, suppress backup consideration for a few packages whose
data is either nonexistent or inapplicable across devices or
factory reset operations.
Bug 4901637
Change-Id: Id0cc9d0fdfc046602b129f273d48e23b7a14df36
The built-in ZipFile class was quite a long time to find an unpack
libraries. Move everything to using the libutils ZipFileRO class that
goes quite a bit faster. Initial measurements are 6 times faster than
the Java code.
Also, read files off the disk and compare their CRC against the APK's
CRC to see if we need to write the new file to disk. This also cuts down
the bootup time by up to a second per APK that has native files.
Change-Id: Ic464a7969a17368fb6a6b81d026888c4136c7603
OBB files on USB storage or SD card should be removed when an
application is removed.
Bug: 3356804
Change-Id: Ifbbf043368b125fcd47fd74e5cd2e5167a8deb00
When measuring a package's usage, put the external size in the
PackageStats as well. This will allow programs using a lot of space on
the external card to be held accountable.
Bug: 3308791
Change-Id: If2df07bdbf6ffb31577074fad8f4a87ca4e89086
Change from LOCAL_JNI_SHARED_LIBRARIES to LOCAL_REQUIRED_MODULES to make
sure the JNI library is built and included when DefaultContainerService
is built.
Change-Id: I322c72415237c2b70bff345d50e2a9e4f2e6d988
System applications that don't have "media_rw" access need some way to
measure the size of directories on the SD card and other internal media.
Add this API to DefaultContainerService so they can simply bind to the
service and make an RPC.
Bug: 3203974
Change-Id: I4e1bcd7a1b702b156c011ecc04f6915022cb258a
Be compatible with the old DownloadProvider behavior of being able to
operate on content URIs returned from .insert()
Bug: 3242328
Change-Id: I7dad15ac0fefa867c3c8a33a579fc9899ac80262
When the storage is emulated, we don't want to install ASEC containers
to it. This adds the API to check when the external storage is emulated
and uses it to check whether or not to install packages to the external
storage in an ASEC container.
Bug: 3024387
Change-Id: Ia0318aca9e4938a4897deaada5603a4c7c1d0f48
Using a plaintext password doesn't work unless it's a certain length, so
just hash the plaintext password with MD5 to make it the right length
for the twofish encryption.
Tracking the IInterface doesn't make much sense since it's different
each time, so track the IBinder instead. That way we can unlinkToDeath
the binder when the last thing it's holding onto goes away.
Change-Id: Id828d25b4d74f27e9d8b4bfb3909c964469cc473
Add a callback for users of the StorageManager API to be able to receive
notifications when the requested operation completes for mountObb and
unmountObb.
Add NDK API to get to ObbInfo like the Java API has.
Also update the docs for the API and remove the "STOPSHIP" comments.
Change-Id: I23a4409c7f8b74d3169614beba920b4d667990a4
This change moves the native library handling earlier in the package
installation process so that it may be inserted into ASEC containers
before they are finalized in the DefaultContainerService.
Note that native libraries on SD card requires that vold mount ASEC
containers without the "noexec" flag on the mount point.
Change-Id: Ib34b1886bf6f94b99bb7b3781db6e9b5a58807ba
The system_server shouldn't touch files on the SD card. This change
moves the things that touch the SD card out to the
DefaultContainerService so that it will get killed if the SD card goes
away instead of the system_server.
Change-Id: I0aefa085be4b194768527195532ee6dddc801cfc
The return of parsePackageLite wasn't checked until after it was
deferenced. Move the deference below the null check and remove redundant
set.
Bug: 2852726
Change-Id: I3eaaea5050948145eed44b64507dc846993d98eb
when the install location is set to internal only. Similary if install
location is set to external only(via adb), dont fall back to installing on
internal storage if sdcard is filled up.
If nothing is specified ie install location is set to let system decide,
we just check on internal storage.
Fix tests
Change-Id: I7400ccc131782d9c45284bd9ebd0dee43a3b412b
Move install location values to secure settings.
Diable attribute for UI. Set default value to auto.
Add command line interface to set install location via pm.
Change-Id: I80e97b3d24845adad7102f40dcbe238f00efa406
Add new remote method to check for insufficient error conditions.
Some fixes in MountService when updating media status on PackageManagerService
Fix size calculation condition in installd.
Add new error code if media is unavailable.
New tests for testing error codes.
Some additional debugging statements in MountService.
Change-Id: Ibfe90d5ed6c71d57f9c1c67806f38b5ae9ecdfbf
