Merge "Define permission for installer API v2" into rvc-dev am: fb590035e1 am: 1e83e7a905

Change-Id: I3ccf6619fa3ef225271b3503b5a69e646c3690d2
2020-03-26 22:12:07 +00:00
parent 2440e720d8 1e83e7a905
commit 523d6f4e27
6 changed files with 33 additions and 5 deletions
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -2030,10 +2030,10 @@ package android.content.pm {
  }

  public static class PackageInstaller.Session implements java.io.Closeable {
-    method public void addFile(int, @NonNull String, long, @NonNull byte[], @Nullable byte[]);
+    method @RequiresPermission("com.android.permission.USE_INSTALLER_V2") public void addFile(int, @NonNull String, long, @NonNull byte[], @Nullable byte[]);
    method @RequiresPermission(android.Manifest.permission.INSTALL_PACKAGES) public void commitTransferred(@NonNull android.content.IntentSender);
-    method @Nullable public android.content.pm.DataLoaderParams getDataLoaderParams();
-    method public void removeFile(int, @NonNull String);
+    method @Nullable @RequiresPermission("com.android.permission.USE_INSTALLER_V2") public android.content.pm.DataLoaderParams getDataLoaderParams();
+    method @RequiresPermission("com.android.permission.USE_INSTALLER_V2") public void removeFile(int, @NonNull String);
  }

  public static class PackageInstaller.SessionInfo implements android.os.Parcelable {
@@ -2054,7 +2054,7 @@ package android.content.pm {
  public static class PackageInstaller.SessionParams implements android.os.Parcelable {
    method @RequiresPermission(android.Manifest.permission.ALLOCATE_AGGRESSIVE) public void setAllocateAggressive(boolean);
    method @Deprecated public void setAllowDowngrade(boolean);
-    method @RequiresPermission(android.Manifest.permission.INSTALL_PACKAGES) public void setDataLoaderParams(@NonNull android.content.pm.DataLoaderParams);
+    method @RequiresPermission(allOf={android.Manifest.permission.INSTALL_PACKAGES, "com.android.permission.USE_INSTALLER_V2"}) public void setDataLoaderParams(@NonNull android.content.pm.DataLoaderParams);
    method public void setDontKillApp(boolean);
    method public void setEnableRollback(boolean);
    method public void setEnableRollback(boolean, int);
--- a/core/java/android/content/pm/PackageInstaller.java
+++ b/core/java/android/content/pm/PackageInstaller.java
@@ -1118,6 +1118,7 @@ public class PackageInstaller {
         * {@hide}
         */
        @SystemApi
+        @RequiresPermission(android.Manifest.permission.USE_INSTALLER_V2)
        public @Nullable DataLoaderParams getDataLoaderParams() {
            try {
                DataLoaderParamsParcel data = mSession.getDataLoaderParams();
@@ -1157,6 +1158,7 @@ public class PackageInstaller {
         * {@hide}
         */
        @SystemApi
+        @RequiresPermission(android.Manifest.permission.USE_INSTALLER_V2)
        public void addFile(@FileLocation int location, @NonNull String name, long lengthBytes,
                @NonNull byte[] metadata, @Nullable byte[] signature) {
            try {
@@ -1180,6 +1182,7 @@ public class PackageInstaller {
         * {@hide}
         */
        @SystemApi
+        @RequiresPermission(android.Manifest.permission.USE_INSTALLER_V2)
        public void removeFile(@FileLocation int location, @NonNull String name) {
            try {
                mSession.removeFile(location, name);
@@ -1927,7 +1930,9 @@ public class PackageInstaller {
         * {@hide}
         */
        @SystemApi
-        @RequiresPermission(Manifest.permission.INSTALL_PACKAGES)
+        @RequiresPermission(allOf = {
+                Manifest.permission.INSTALL_PACKAGES,
+                Manifest.permission.USE_INSTALLER_V2})
        public void setDataLoaderParams(@NonNull DataLoaderParams dataLoaderParams) {
            this.dataLoaderParams = dataLoaderParams;
        }
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -3654,6 +3654,16 @@
    <permission android:name="com.android.permission.INSTALL_EXISTING_PACKAGES"
        android:protectionLevel="signature|privileged" />

+    <!-- Allows an application to use the package installer v2 APIs.
+         <p>The package installer v2 APIs are still a work in progress and we're
+         currently validating they work in all scenarios.
+         <p>Not for use by third-party applications.
+         TODO(b/152310230): remove this permission once the APIs are confirmed to be sufficient.
+         @hide
+    -->
+    <permission android:name="com.android.permission.USE_INSTALLER_V2"
+        android:protectionLevel="signature|verifier" />
+
    <!-- @SystemApi @TestApi Allows an application to clear user data.
         <p>Not for use by third-party applications
         @hide
--- a/packages/Shell/AndroidManifest.xml
+++ b/packages/Shell/AndroidManifest.xml
@@ -81,6 +81,8 @@
    <uses-permission android:name="android.permission.READ_INPUT_STATE" />
    <uses-permission android:name="android.permission.SET_ORIENTATION" />
    <uses-permission android:name="android.permission.INSTALL_PACKAGES" />
+    <!--  TODO(b/152310230): remove once APIs are confirmed to be sufficient -->
+    <uses-permission android:name="com.android.permission.USE_INSTALLER_V2" />
    <uses-permission android:name="android.permission.MOVE_PACKAGE" />
    <uses-permission android:name="android.permission.CLEAR_APP_USER_DATA" />
    <uses-permission android:name="android.permission.CLEAR_APP_CACHE" />
--- a/services/core/java/com/android/server/pm/PackageInstallerService.java
+++ b/services/core/java/com/android/server/pm/PackageInstallerService.java
@@ -490,6 +490,14 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
            throw new SecurityException("User restriction prevents installing");
        }

+        if (params.dataLoaderParams != null
+                && mContext.checkCallingOrSelfPermission(Manifest.permission.USE_INSTALLER_V2)
+                        != PackageManager.PERMISSION_GRANTED) {
+            throw new SecurityException("You need the "
+                    + "com.android.permission.USE_INSTALLER_V2 permission "
+                    + "to use a data loader");
+        }
+
        String requestedInstallerPackageName = params.installerPackageName != null
                ? params.installerPackageName : installerPackageName;

--- a/services/core/java/com/android/server/pm/PackageInstallerSession.java
+++ b/services/core/java/com/android/server/pm/PackageInstallerSession.java
@@ -2479,12 +2479,14 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {

    @Override
    public DataLoaderParamsParcel getDataLoaderParams() {
+        mContext.enforceCallingOrSelfPermission(Manifest.permission.USE_INSTALLER_V2, null);
        return params.dataLoaderParams != null ? params.dataLoaderParams.getData() : null;
    }

    @Override
    public void addFile(int location, String name, long lengthBytes, byte[] metadata,
            byte[] signature) {
+        mContext.enforceCallingOrSelfPermission(Manifest.permission.USE_INSTALLER_V2, null);
        if (!isDataLoaderInstallation()) {
            throw new IllegalStateException(
                    "Cannot add files to non-data loader installation session.");
@@ -2517,6 +2519,7 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {

    @Override
    public void removeFile(int location, String name) {
+        mContext.enforceCallingOrSelfPermission(Manifest.permission.USE_INSTALLER_V2, null);
        if (!isDataLoaderInstallation()) {
            throw new IllegalStateException(
                    "Cannot add files to non-data loader installation session.");