[RESTRICT AUTOMERGE] Fix bypass BG-FGS and BAL via package manager APIs
Opt-in for BAL of PendingIntent for following APIs: * PackageInstaller.uninstall() * PackageInstaller.installExistingPackage() * PackageInstaller.uninstallExistingPackage() * PackageInstaller.Session.commit() * PackageInstaller.Session.commitTransferred() * PackageManager.freeStorage() Bug: 230492955 Bug: 243377226 Test: atest android.security.cts.PackageInstallerTest Test: atest CtsStagedInstallHostTestCases Change-Id: I9b6f801d69ea6d2244a38dbe689e81afa4e798bf
This commit is contained in:
Rhed Jao
@@ -16,7 +16,9 @@
|
||||
|
||||
package android.content;
|
||||
|
||||
import android.annotation.Nullable;
|
||||
import android.app.ActivityManager;
|
||||
import android.app.ActivityOptions;
|
||||
import android.compat.annotation.UnsupportedAppUsage;
|
||||
import android.os.Bundle;
|
||||
import android.os.Handler;
|
||||
@@ -154,7 +156,7 @@ public class IntentSender implements Parcelable {
|
||||
*/
|
||||
public void sendIntent(Context context, int code, Intent intent,
|
||||
OnFinished onFinished, Handler handler) throws SendIntentException {
|
||||
sendIntent(context, code, intent, onFinished, handler, null);
|
||||
sendIntent(context, code, intent, onFinished, handler, null, null /* options */);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -186,6 +188,42 @@ public class IntentSender implements Parcelable {
|
||||
public void sendIntent(Context context, int code, Intent intent,
|
||||
OnFinished onFinished, Handler handler, String requiredPermission)
|
||||
throws SendIntentException {
|
||||
sendIntent(context, code, intent, onFinished, handler, requiredPermission,
|
||||
null /* options */);
|
||||
}
|
||||
|
||||
/**
|
||||
* Perform the operation associated with this IntentSender, allowing the
|
||||
* caller to specify information about the Intent to use and be notified
|
||||
* when the send has completed.
|
||||
*
|
||||
* @param context The Context of the caller. This may be null if
|
||||
* <var>intent</var> is also null.
|
||||
* @param code Result code to supply back to the IntentSender's target.
|
||||
* @param intent Additional Intent data. See {@link Intent#fillIn
|
||||
* Intent.fillIn()} for information on how this is applied to the
|
||||
* original Intent. Use null to not modify the original Intent.
|
||||
* @param onFinished The object to call back on when the send has
|
||||
* completed, or null for no callback.
|
||||
* @param handler Handler identifying the thread on which the callback
|
||||
* should happen. If null, the callback will happen from the thread
|
||||
* pool of the process.
|
||||
* @param requiredPermission Name of permission that a recipient of the PendingIntent
|
||||
* is required to hold. This is only valid for broadcast intents, and
|
||||
* corresponds to the permission argument in
|
||||
* {@link Context#sendBroadcast(Intent, String) Context.sendOrderedBroadcast(Intent, String)}.
|
||||
* If null, no permission is required.
|
||||
* @param options Additional options the caller would like to provide to modify the sending
|
||||
* behavior. May be built from an {@link ActivityOptions} to apply to an activity start.
|
||||
*
|
||||
* @throws SendIntentException Throws CanceledIntentException if the IntentSender
|
||||
* is no longer allowing more intents to be sent through it.
|
||||
* @hide
|
||||
*/
|
||||
public void sendIntent(Context context, int code, Intent intent,
|
||||
OnFinished onFinished, Handler handler, String requiredPermission,
|
||||
@Nullable Bundle options)
|
||||
throws SendIntentException {
|
||||
try {
|
||||
String resolvedType = intent != null ?
|
||||
intent.resolveTypeIfNeeded(context.getContentResolver())
|
||||
@@ -195,7 +233,7 @@ public class IntentSender implements Parcelable {
|
||||
onFinished != null
|
||||
? new FinishedDispatcher(this, onFinished, handler)
|
||||
: null,
|
||||
requiredPermission, null);
|
||||
requiredPermission, options);
|
||||
if (res < 0) {
|
||||
throw new SendIntentException();
|
||||
}
|
||||
|
||||
@@ -23,6 +23,7 @@ import android.Manifest;
|
||||
import android.app.ActivityManager;
|
||||
import android.app.AppGlobals;
|
||||
import android.app.AppOpsManager;
|
||||
import android.app.BroadcastOptions;
|
||||
import android.app.Notification;
|
||||
import android.app.NotificationManager;
|
||||
import android.app.PackageDeleteObserver;
|
||||
@@ -1140,7 +1141,10 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
|
||||
PackageInstaller.STATUS_PENDING_USER_ACTION);
|
||||
fillIn.putExtra(Intent.EXTRA_INTENT, intent);
|
||||
try {
|
||||
mTarget.sendIntent(mContext, 0, fillIn, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
mTarget.sendIntent(mContext, 0, fillIn, null /* onFinished*/,
|
||||
null /* handler */, null /* requiredPermission */, options.toBundle());
|
||||
} catch (SendIntentException ignored) {
|
||||
}
|
||||
}
|
||||
@@ -1165,7 +1169,10 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
|
||||
PackageManager.deleteStatusToString(returnCode, msg));
|
||||
fillIn.putExtra(PackageInstaller.EXTRA_LEGACY_STATUS, returnCode);
|
||||
try {
|
||||
mTarget.sendIntent(mContext, 0, fillIn, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
mTarget.sendIntent(mContext, 0, fillIn, null /* onFinished*/,
|
||||
null /* handler */, null /* requiredPermission */, options.toBundle());
|
||||
} catch (SendIntentException ignored) {
|
||||
}
|
||||
}
|
||||
|
||||
@@ -51,6 +51,7 @@ import static com.android.server.pm.PackageInstallerService.prepareStageDir;
|
||||
import android.Manifest;
|
||||
import android.annotation.NonNull;
|
||||
import android.annotation.Nullable;
|
||||
import android.app.BroadcastOptions;
|
||||
import android.app.Notification;
|
||||
import android.app.NotificationManager;
|
||||
import android.app.admin.DevicePolicyEventLogger;
|
||||
@@ -1280,13 +1281,21 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
|
||||
try {
|
||||
intent.putExtra(PackageInstaller.EXTRA_SESSION_ID,
|
||||
PackageInstallerSession.this.sessionId);
|
||||
mStatusReceiver.sendIntent(mContext, 0, intent, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
mStatusReceiver.sendIntent(mContext, 0, intent,
|
||||
null /* onFinished*/, null /* handler */,
|
||||
null /* requiredPermission */, options.toBundle());
|
||||
} catch (IntentSender.SendIntentException ignore) {
|
||||
}
|
||||
}
|
||||
} else if (PackageInstaller.STATUS_PENDING_USER_ACTION == status) {
|
||||
try {
|
||||
mStatusReceiver.sendIntent(mContext, 0, intent, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
mStatusReceiver.sendIntent(mContext, 0, intent,
|
||||
null /* onFinished*/, null /* handler */,
|
||||
null /* requiredPermission */, options.toBundle());
|
||||
} catch (IntentSender.SendIntentException ignore) {
|
||||
}
|
||||
} else { // failure, let's forward and clean up this session.
|
||||
@@ -1294,7 +1303,11 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
|
||||
PackageInstallerSession.this.sessionId);
|
||||
mChildSessionsRemaining.clear(); // we're done. Don't send any more.
|
||||
try {
|
||||
mStatusReceiver.sendIntent(mContext, 0, intent, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
mStatusReceiver.sendIntent(mContext, 0, intent,
|
||||
null /* onFinished*/, null /* handler */,
|
||||
null /* requiredPermission */, options.toBundle());
|
||||
} catch (IntentSender.SendIntentException ignore) {
|
||||
}
|
||||
}
|
||||
@@ -3231,7 +3244,10 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
|
||||
fillIn.putExtra(PackageInstaller.EXTRA_STATUS, PackageInstaller.STATUS_PENDING_USER_ACTION);
|
||||
fillIn.putExtra(Intent.EXTRA_INTENT, intent);
|
||||
try {
|
||||
target.sendIntent(context, 0, fillIn, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
target.sendIntent(context, 0, fillIn, null /* onFinished */,
|
||||
null /* handler */, null /* requiredPermission */, options.toBundle());
|
||||
} catch (IntentSender.SendIntentException ignored) {
|
||||
}
|
||||
}
|
||||
@@ -3271,7 +3287,10 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
|
||||
}
|
||||
}
|
||||
try {
|
||||
target.sendIntent(context, 0, fillIn, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
target.sendIntent(context, 0, fillIn, null /* onFinished */,
|
||||
null /* handler */, null /* requiredPermission */, options.toBundle());
|
||||
} catch (IntentSender.SendIntentException ignored) {
|
||||
}
|
||||
}
|
||||
@@ -3297,7 +3316,10 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
|
||||
intent.putExtra(PackageInstaller.EXTRA_STATUS_MESSAGE, "Staging Image Not Ready");
|
||||
}
|
||||
try {
|
||||
statusReceiver.sendIntent(mContext, 0, intent, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
statusReceiver.sendIntent(mContext, 0, intent, null /* onFinished*/,
|
||||
null /* handler */, null /* requiredPermission */, options.toBundle());
|
||||
} catch (IntentSender.SendIntentException ignored) {
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5050,7 +5050,10 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
}
|
||||
if (pi != null) {
|
||||
try {
|
||||
pi.sendIntent(null, success ? 1 : 0, null, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
pi.sendIntent(null, success ? 1 : 0, null /* intent */, null /* onFinished*/,
|
||||
null /* handler */, null /* requiredPermission */, options.toBundle());
|
||||
} catch (SendIntentException e) {
|
||||
Slog.w(TAG, e);
|
||||
}
|
||||
@@ -13309,7 +13312,10 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
fillIn.putExtra(PackageInstaller.EXTRA_STATUS,
|
||||
PackageManager.installStatusToPublicStatus(returnCode));
|
||||
try {
|
||||
target.sendIntent(context, 0, fillIn, null, null);
|
||||
final BroadcastOptions options = BroadcastOptions.makeBasic();
|
||||
options.setPendingIntentBackgroundActivityLaunchAllowed(false);
|
||||
target.sendIntent(context, 0, fillIn, null /* onFinished*/,
|
||||
null /* handler */, null /* requiredPermission */, options.toBundle());
|
||||
} catch (SendIntentException ignored) {
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user