From bf8e2576f3cf953217cd68ef616d244d250aaef7 Mon Sep 17 00:00:00 2001
From: Nikita Ioffe <ioffe@google.com>
Date: Tue, 30 Jul 2019 17:10:27 +0100
Subject: [PATCH] Unset INSTALL_DISABLE_VERIFICATION flag if install is not
 from system

Bug: 138650665
Test: pushed manual privapp that attempts an install
  with INSTALL_DISABLE_VERIFICATION flag.
  Checked that PackageVerifier was called.
Change-Id: I041d2e5f6d2609bfe9475f24eefb936f0c8e2a32
Merged-In: I041d2e5f6d2609bfe9475f24eefb936f0c8e2a32
---
 .../java/com/android/server/pm/PackageInstallerService.java  | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/services/core/java/com/android/server/pm/PackageInstallerService.java b/services/core/java/com/android/server/pm/PackageInstallerService.java
index 0032e9a8ea519..e75f545eafaa5 100644
--- a/services/core/java/com/android/server/pm/PackageInstallerService.java
+++ b/services/core/java/com/android/server/pm/PackageInstallerService.java
@@ -505,6 +505,11 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements
             params.installFlags &= ~PackageManager.INSTALL_REQUEST_DOWNGRADE;
         }
 
+        if (callingUid != Process.SYSTEM_UID) {
+            // Only system_server can use INSTALL_DISABLE_VERIFICATION.
+            params.installFlags &= ~PackageManager.INSTALL_DISABLE_VERIFICATION;
+        }
+
         boolean isApex = (params.installFlags & PackageManager.INSTALL_APEX) != 0;
         if (params.isStaged || isApex) {
             mContext.enforceCallingOrSelfPermission(Manifest.permission.INSTALL_PACKAGES, TAG);