Setting PARSE_IS_SYSTEM to the parse flags happens long after the
APK is actually parsed. So, we fail to pick up the boot aware and
protected storage attributes. Instead, always pull them from the
manifest, but, remove the flags if the package is not actually a
system package.
Also, we were incorrectly skipping certificate verification if
the flag PARSE_IS_SYSTEM was set. However, this flag is used for
_any_ system package -- whether it's physically on /system or if
it's an unbundled update. Instead, we should only skip this step
if the flag PARSE_IS_SYSTEM_DIR. We can implicitly trust any
APK actually stored in /system.
On a different note ... At some point, we will break apart the
parse flags into actual parse flags [i.e. those that change
physically parsing an APK] and policy flags [i.e. those that
change the interpretation of the APK contents].
Bug: 28116074
Bug: 28088617
Change-Id: I85246b0cb18fb5647df3618107910e288137fbc7
The view should be showing a combined list of "downloaded"
+ "visible in launcher" apps. However, if FBE and work callenge are
enabled, after a reboot the direct boot unaware apps are filtered.
Reason is that PackageUserState#isMatch assumes at least one of the flags
are specified and expects system to derive the aware/unaware flags
according to the user's lock state if neither of them is specified.
Bug: 28004355
Change-Id: Ia05edb0530023597fd219eb5e59cd71752efd279
Added an api to delete application cache files for a specific user. This
allows settings to clear cache files for work profile apps as well.
Bug: b/25338468
Change-Id: I52d4944a7a03b6d63ad44dd6bb868aec62815eab
In N and above when using an Android Network Security Config the
cleartext configuration from that is used and
android:usesCleartextTraffic in the manifest is ignored.
Bug:27596429
Change-Id: I50ec765cead6cfd6bbaec585723f99d72e0fd945
- "delete" -> "remove"
- add/deleteDynamicShortcut() now takes a list.
- Throttling default settings is now 2 calls / hour.
- Add categories to ShortcutInfo.
- getIconResourceId() is now public
Bug 27923857
Bug 27548047
Change-Id: I8457b30e4b2f7c63ab2988648b37178fd16ea45b
This makes the behavior of resolveActivity similar to isActivityEnabled.
Not that starting this activity may still fail due to other reasons.
Bug: 27549770
Change-Id: I924d7aa2305c64fd319ca1e38058f9f956c0c256
Certain operations, such as clearing/destroying app data, or just
counting on-disk size, require us to know the CE storage directory
of a particular app. To facilitate these operations, offer a method
to get the inode of a CE directory, and accept that inode number
for later operations. Collect and store the inode number in
PackageUserState for future use when that user's CE storage is
still locked. This design means it's safe to clear/destroy app
data in both CE/DE storage at the same time.
Move most installd-related methods to a uniform calling convention
that accepts a single parent PackageParser.Package, and internally
fans out to handle all "leaf" packages under that parent.
In previous releases, we started installing apps using a new
directory-based layout, where all app code, unpacked native libraries,
and optimized code is bundled together. So now we only have a single
path to measure for code size. This fixes several outstanding bugs
that were causing sizes to be miscounted for apps supporting multiple
architectures.
Fix a subtle bug in PackageSettings that would cause "notLaunched"
to be parsed incorrectly.
Bug: 27828915, 27197819
Change-Id: Ia582cf3550553292bde4bb4313367111332913ec
Let apps invoking the system chooser specify components to filter out
such as themselves; this will prevent duplicate nonsensical UX where
it doesn't make sense for an app to share to itself.
Similarly, let apps provide their own Direct Share targets for when
they do want to let users share via their own internal services in the
same UI. These options can be used together.
Also fix a bug where a lingering binder reference from a remote
ChooserTargetService that hasn't been GC'd in the remote process could
keep an active reference to a ChooserActivity instance.
Bug 28073484
Change-Id: Ib613b1153b49dfedf79574b1af7c45379eceec24
During package installation, we were parsing the APK twice; once
in the context of the PackageInstaller and once in the context
of the PackageManager. Instead, the installer should just pass
the certificates to be used further in the process.
If the PackageManager doesn't receive certificates [or, if there's
an error using them], it will fallback to re-parsing the APK.
Bug: 27502465
Change-Id: I94ce551af54eaa9916228e933134debe50867d21
This clarifies the usage of setPriority() for receiver filters.
Should also adjust the XML description of android:priority to
better describe the new behaviour for activity filters
Bug: 26417683
Change-Id: I96b2d90d71640041e232c401cf6e6838dbdbfeab
Tracing for cert collection in PackageManagerService was only
catching one of a couple usages. Move tracing lower in the
call stack to ensure tracing exists for all calls.
Also added a new tag to differentiate between verifying v1 & v2
signatures.
Bug: 27502465
Change-Id: Ie29f326e44f32cdbea1572714689c82f07ca12ba
...for monitoring content providers
- Improve media provider change reporting so that observers can
avoid spurious reports of the top-level content directory changing.
- Fix a bug where collected content changes while a job was running
were not being properly propagated to the next job.
Change-Id: I29e3c2960e6fec75b16ee3ee6588d47342bf8c75
The real solution is to use ContextCompat, but we can't reference support
library from framework. C'est la vie.
Bug: 27727320
Change-Id: Ib9bcd5f2bdce1996f02fd44877df9ba202b26edc
There are now three rules that guard intent filter priorities:
1) Only privileged applications will be granted a >0 priority
filter [previously, _all_ system applications could do this]
2) There are certain actions that are considered protected [eg
ACTION_VIEW, ACTION_SEND, ...] and even privileged applications
will NOT be granted a >0 priority filter. There is one, and
only one, exception for the SetupWizard.
3) Updates will NOT be granted a priority greater than the priority
defined on the system image.
Bug: 27450489
Change-Id: Ifcec4d7a59e684331399abc41eea1bd6876155a4
Adds PROTECTION_LEVEL_SETUP, a privileged permission for use only by
the setup wizard.
Bug: 20016740
Change-Id: Ib95e349c54d5d12465bf43162975dfb628ef2434
Generally we return info for the latest installed package; which could
either be a built-in [i.e. on the /system partition] package or a user
updated package. In certain circumstances, we want to be able to get
the version on the /system partition regardless of whether or not the
user has updated it. We do this by passing MATCH_FACTORY_ONLY to
getPackageInfo().
Bug: 27469181
Change-Id: I8dd1d110e2d72e5c6f024812d0b5d15d8b217347
Remove some Context methods that leaked through. Add lint rule to
recommend using List<? extends Parcelable> instead of Parcelable[].
Bug: 27932224, 27930145, 27932911
Change-Id: Ia302de46cdb0c5101fa175a09316df91aeefcf0d
This patch moves the updating of packages before performing fstrim,
which runs asynchronously anyway, and stops showing the UI dialog.
Bug: 27350503
Change-Id: I6fceda10d7696f9badb97978fb9dc7927d698a4b
