This reverts commit b00eb64591.
Reason for revert: Boot issues after OTA
Bug: 76228188
Fixes: 77888575
Change-Id: I5ca2605cb6befea46ce50198bc72bdd4b6e84f1a
Clarified the package extras bundle returned from
getSuspendedPackageAppExtras.
Moved the bundle arg to the last in LauncherApps.onPackagesSuspended and
clarified the contents of the Bundle.
isPackageSuspended(String) now throws a NameNotFoundException if the
package is not found.
Also, removed a permission check from isPackageSuspendedForUser.
Test: builds, boots, existing tests:
atest com.android.server.pm.SuspendPackagesTest
Bug: 77518983, 77517955, 77507744, 77801528
Change-Id: I06b5f69f8f8a079c206863cb6122e90be58366cd
Attempt to simplify the exposure of package signing information via
PackageInfo by creating a new class and corresponding methods for
querying a package's signing information.
Bug: 74831530
Test: PkgInstallSignatureVerificationTest
Change-Id: Idbc008b41a921f89cefb224b26f910da4d238dea
Consider an app targeting the final API 28, but running on an older
build where "P" is still API 10000. Those apps need to be treated as
legacy apps.
In general, the logical pattern that should be used when enforcing
target SDK behaviors is below.
For applying behavior to legacy apps:
// BROKEN
if (targetSdkVersion <= Build.VERSION_CODES.N_MR1) {
// CORRECT
if (targetSdkVersion < Build.VERSION_CODES.O) {
For applying behavior to new apps:
// BROKEN
if (targetSdkVersion > Build.VERSION_CODES.N_MR1) {
// CORRECT
if (targetSdkVersion >= Build.VERSION_CODES.O) {
Bug: 77865751
Test: builds, boots
Change-Id: Ia83bd446a940751d51a6542c7a5b9cca174c5296
Also make these configurable so we have the flexibility to change it if
necessary.
Setting the policy inside ActivityManagerService is not ideal, as that
means that AMS is the only place where the policy in ApplicationInfo is
correct. It should really be set inside PackageManagerService. However,
if it's set there, it would get out of date when the settings change, and
we'd have to update inside AMS anyway. So putting it only here seems ok
for now.
Test: $ adb shell settings put global hidden_api_policy_pre_p_apps 2
Test: $ adb shell settings put global hidden_api_policy_p_apps 2
Bug: 64382372
Change-Id: Ic4cbbb1e6464623e90c17ae08c0b6cbbe0dfa125
Earlier setPackagesSuspended ignored the rest of the paramters when
suspend state did not change. This was a problem because then there was
no good way to update the other parameters without unsuspending the app,
which is not desirable.
Removed setSuspendedPackageAppExtras as now they can be update with this
api.
Also sending broadcasts when packages get unsuspended due to suspending
package removed.
Test: Existing tests pass:
atest com.android.server.pm.PackageUserStateTest
atest com.android.server.pm.SuspendPackagesTest
atest com.android.server.pm.PackageManagerSettingsTests
Bug: 77522553
Change-Id: I72a3c228d3d65c430e242da97b2bc6997ec6a135
Prior to this change there was a chance that an updating app would not
exist in mPackages and cause a permission check for that app to fail.
This change moves all permission checks to use mSettings and the cached
package it contains to do the checks.
Change-Id: I0717bddbb08b1d0dbab3ea79fa0d2067aa858753
Fixes: 76228188
Test: Manual - system starts, permission checks work before / after update
Address API review by describing relationship between the
PackageManager.hasSigningCertificate() methods and the PackageInfo
GET_SIGNING_CERTIFICATES method, as well as differentiating the
UID documentation from the package-name based one.
Bug: 74831566
Test: None, doc change.
Change-Id: I11c556325f9b2efbc2e5e1cf896b9c58db092ae8
Use the common rethrowFromSystemServer() pattern. Carefully only
throws for calls going to system_server; leaves existing behavior
intact when calling a ContentProvider.
Bug: 77671218
Test: builds, boots
Change-Id: Ie5e0763fb5e62b832f2b6a03c8f9d72dab3bf89a
It seems pretty unlikely that we'd ever want to disallow access to the
light greylist in P, since doing do would break do many apps. We don't need
this policy here as an opt-in for apps now, since the StrictMode work will
achieve the same thing.
Instead, make a "just warn" policy which allows access to all APIs, but
leaves the detection and logging logic in place. This gives us the option
of disabling enforcement, but still gathering logs to find out which apps
use which APIs.
Bug: 77517571
Test: Boot device
Test: Hardcode policy of HIDDEN_API_ENFORCEMENT_JUST_WARN and verify log
Change-Id: I588f347716a79ac5887b74763c8afc16b3be699b
Added an AlertActivity to intercept the start for an activity belonging
to a suspended app. More details will be shown if the suspending app
also defines an activity to handle the API action
SHOW_SUSPENDED_APP_DETAILS.
Test: Added tests to existing classes. Can be run via:
atest com.android.server.pm.SuspendPackagesTest
atest com.android.server.pm.PackageManagerSettingsTests
atest com.android.server.pm.PackageUserStateTest
Bug: 75332201
Change-Id: I85dc4e9efd15eedba306ed5b856f651e3abd3e99
