Merge "Check for emergency installer attribute and permission to trigger an emergency uninstall" into main
diff --git a/services/core/java/com/android/server/pm/PackageInstallerService.java b/services/core/java/com/android/server/pm/PackageInstallerService.java
index a5cd821..050d44e 100644
--- a/services/core/java/com/android/server/pm/PackageInstallerService.java
+++ b/services/core/java/com/android/server/pm/PackageInstallerService.java
@@ -1445,6 +1445,15 @@
.createEvent(DevicePolicyEnums.UNINSTALL_PACKAGE)
.setAdmin(callerPackageName)
.write();
+ } else if (PackageInstallerSession.isEmergencyInstallerEnabled(callerPackageName, snapshot,
+ userId, callingUid)) {
+ // Need to clear the calling identity to get DELETE_PACKAGES permission
+ final long ident = Binder.clearCallingIdentity();
+ try {
+ mPm.deletePackageVersioned(versionedPackage, adapter.getBinder(), userId, flags);
+ } finally {
+ Binder.restoreCallingIdentity(ident);
+ }
} else {
ApplicationInfo appInfo = snapshot.getApplicationInfo(callerPackageName, 0, userId);
if (appInfo.targetSdkVersion >= Build.VERSION_CODES.P) {
diff --git a/services/core/java/com/android/server/pm/PackageInstallerSession.java b/services/core/java/com/android/server/pm/PackageInstallerSession.java
index a904738..e99e264 100644
--- a/services/core/java/com/android/server/pm/PackageInstallerSession.java
+++ b/services/core/java/com/android/server/pm/PackageInstallerSession.java
@@ -966,7 +966,8 @@
getInstallSource().mInstallerPackageName, mInstallerUid);
}
- private boolean isEmergencyInstallerEnabled(String packageName, Computer snapshot) {
+ static boolean isEmergencyInstallerEnabled(String packageName, Computer snapshot, int userId,
+ int installerUid) {
final PackageStateInternal ps = snapshot.getPackageStateInternal(packageName);
if (ps == null || ps.getPkg() == null || !ps.isSystem()) {
return false;
@@ -974,7 +975,7 @@
int uid = UserHandle.getUid(userId, ps.getAppId());
String emergencyInstaller = ps.getPkg().getEmergencyInstaller();
if (emergencyInstaller == null || !ArrayUtils.contains(
- snapshot.getPackagesForUid(mInstallerUid), emergencyInstaller)) {
+ snapshot.getPackagesForUid(installerUid), emergencyInstaller)) {
return false;
}
// Only system installers can have an emergency installer
@@ -987,7 +988,7 @@
return false;
}
return (snapshot.checkUidPermission(Manifest.permission.EMERGENCY_INSTALL_PACKAGES,
- mInstallerUid) == PackageManager.PERMISSION_GRANTED);
+ installerUid) == PackageManager.PERMISSION_GRANTED);
}
private static final int USER_ACTION_NOT_NEEDED = 0;
@@ -1075,7 +1076,7 @@
getInstallerPackageName());
final boolean isSelfUpdate = targetPackageUid == mInstallerUid;
final boolean isEmergencyInstall =
- isEmergencyInstallerEnabled(packageName, snapshot);
+ isEmergencyInstallerEnabled(packageName, snapshot, userId, mInstallerUid);
final boolean isPermissionGranted = isInstallPermissionGranted
|| (isUpdatePermissionGranted && isUpdate)
|| (isSelfUpdatePermissionGranted && isSelfUpdate)