Add install flag --bypass-low-target-sdk-block
Added a PM shell install flag to bypass the low target sdk block for
installing apps that are using low targetSdkVersion.
When set, this flag will bypass the install block and
allow the app to be installed.
Added some additional broad exclusions that will allow this
feature to be ramped up earlier.
The plan will be to follow this up with changes that remove
exceptions for skipping the install block when installed
via adb, or when the package name isn't set.
Will also follow up with a change that removes the bypass
flag if the caller isn't root or shell.
Bug: 237321649
Test: adb install app.apk
Test: adb install --bypass-low-target-sdk-block
Test: adb shell pm install app.apk
Test: Sideloaded apk using the Files app
Test: adb shell device_config put package_manager_service MinInstallableTargetSdk__install_block_enabled true
Test: adb shell device_config put package_manager_service MinInstallableTargetSdk__min_installable_target_sdk 23
Test: atest PackageManagerTests
Test: atest CtsPackageManagerParsingHostTestCases
Change-Id: I88261b25e6d7360251385e15eb3a352e1213fe76
diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java
index 4ad657e..7cc8af7 100644
--- a/core/java/android/content/pm/PackageManager.java
+++ b/core/java/android/content/pm/PackageManager.java
@@ -1545,6 +1545,14 @@
*/
public static final int INSTALL_DISABLE_ALLOWED_APEX_UPDATE_CHECK = 0x00800000;
+ /**
+ * Flag parameter for {@link #installPackage} to bypass the low targer sdk version block
+ * for this install.
+ *
+ * @hide
+ */
+ public static final int INSTALL_BYPASS_LOW_TARGET_SDK_BLOCK = 0x00800000;
+
/** @hide */
@IntDef(flag = true, value = {
DONT_KILL_APP,
diff --git a/services/core/java/com/android/server/pm/InstallPackageHelper.java b/services/core/java/com/android/server/pm/InstallPackageHelper.java
index 16bf0fe..0ee1bbf 100644
--- a/services/core/java/com/android/server/pm/InstallPackageHelper.java
+++ b/services/core/java/com/android/server/pm/InstallPackageHelper.java
@@ -1032,15 +1032,48 @@
DeviceConfig.getInt(DeviceConfig.NAMESPACE_PACKAGE_MANAGER_SERVICE,
"MinInstallableTargetSdk__min_installable_target_sdk",
0);
- if (parsedPackage.getTargetSdkVersion() < minInstallableTargetSdk) {
+
+ // Skip enforcement when the bypass flag is set
+ boolean bypassLowTargetSdkBlock =
+ ((installFlags & PackageManager.INSTALL_BYPASS_LOW_TARGET_SDK_BLOCK) != 0);
+
+ // Skip enforcement for tests that were installed from adb
+ if (!bypassLowTargetSdkBlock
+ && ((installFlags & PackageManager.INSTALL_FROM_ADB) != 0)) {
+ bypassLowTargetSdkBlock = true;
+ }
+
+ // Skip enforcement if the installer package name is not set
+ // (e.g. "pm install" from shell)
+ if (!bypassLowTargetSdkBlock) {
+ if (request.getInstallerPackageName() == null) {
+ bypassLowTargetSdkBlock = true;
+ } else {
+ // Also skip if the install is occurring from an app that was installed from adb
+ if (mContext
+ .getPackageManager()
+ .getInstallerPackageName(request.getInstallerPackageName()) == null) {
+ bypassLowTargetSdkBlock = true;
+ }
+ }
+ }
+
+ // Skip enforcement when the testOnly flag is set
+ if (!bypassLowTargetSdkBlock && parsedPackage.isTestOnly()) {
+ bypassLowTargetSdkBlock = true;
+ }
+
+ // Enforce the low target sdk install block except when
+ // the --bypass-low-target-sdk-block is set for the install
+ if (!bypassLowTargetSdkBlock
+ && parsedPackage.getTargetSdkVersion() < minInstallableTargetSdk) {
Slog.w(TAG, "App " + parsedPackage.getPackageName()
+ " targets deprecated sdk version");
throw new PrepareFailure(INSTALL_FAILED_DEPRECATED_SDK_VERSION,
- "App package must target at least version "
- + minInstallableTargetSdk);
+ "App package must target at least SDK version "
+ + minInstallableTargetSdk + ", but found "
+ + parsedPackage.getTargetSdkVersion());
}
- } else {
- Slog.i(TAG, "Minimum installable target sdk enforcement not enabled");
}
// Instant apps have several additional install-time checks.
diff --git a/services/core/java/com/android/server/pm/PackageManagerShellCommand.java b/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
index 2138c20..b53c75a 100644
--- a/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
+++ b/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
@@ -3243,6 +3243,10 @@
case "--skip-enable":
sessionParams.setKeepApplicationEnabledSetting();
break;
+ case "--bypass-low-target-sdk-block":
+ sessionParams.installFlags |=
+ PackageManager.INSTALL_BYPASS_LOW_TARGET_SDK_BLOCK;
+ break;
default:
throw new IllegalArgumentException("Unknown option " + opt);
}