[8/N] per-user global verification policy
+ global verification policy can be different per user
+ log initial verification policy per session for debugging
FLAG: android.content.pm.verification_service
BUG: 360129657
Test: atest CtsPackageManagerTestCases:VerifierServiceTest
Change-Id: I309a4858ad2b0a21a05a5e09d3598dad82f21f7c
diff --git a/core/java/android/content/pm/IPackageInstaller.aidl b/core/java/android/content/pm/IPackageInstaller.aidl
index ecea479..4fdbf1e9e 100644
--- a/core/java/android/content/pm/IPackageInstaller.aidl
+++ b/core/java/android/content/pm/IPackageInstaller.aidl
@@ -95,8 +95,8 @@
void reportUnarchivalStatus(int unarchiveId, int status, long requiredStorageBytes, in PendingIntent userActionIntent, in UserHandle userHandle);
@EnforcePermission("VERIFICATION_AGENT")
- int getVerificationPolicy();
+ int getVerificationPolicy(int userId);
@EnforcePermission("VERIFICATION_AGENT")
- boolean setVerificationPolicy(int policy);
+ boolean setVerificationPolicy(int policy, int userId);
}
diff --git a/core/java/android/content/pm/PackageInstaller.java b/core/java/android/content/pm/PackageInstaller.java
index 5da1444..54c5596 100644
--- a/core/java/android/content/pm/PackageInstaller.java
+++ b/core/java/android/content/pm/PackageInstaller.java
@@ -1613,7 +1613,7 @@
@RequiresPermission(android.Manifest.permission.VERIFICATION_AGENT)
public final @VerificationPolicy int getVerificationPolicy() {
try {
- return mInstaller.getVerificationPolicy();
+ return mInstaller.getVerificationPolicy(mUserId);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
@@ -1631,7 +1631,7 @@
@RequiresPermission(android.Manifest.permission.VERIFICATION_AGENT)
public final boolean setVerificationPolicy(@VerificationPolicy int policy) {
try {
- return mInstaller.setVerificationPolicy(policy);
+ return mInstaller.setVerificationPolicy(policy, mUserId);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
diff --git a/services/core/java/com/android/server/pm/PackageInstallerHistoricalSession.java b/services/core/java/com/android/server/pm/PackageInstallerHistoricalSession.java
index ea37d8e..99eac37 100644
--- a/services/core/java/com/android/server/pm/PackageInstallerHistoricalSession.java
+++ b/services/core/java/com/android/server/pm/PackageInstallerHistoricalSession.java
@@ -79,6 +79,8 @@
private final String mSessionErrorMessage;
private final String mPreVerifiedDomains;
private final String mPackageName;
+ private final int mInitialVerificationPolicy;
+ private final int mCurrentVerificationPolicy;
PackageInstallerHistoricalSession(int sessionId, int userId, int originalInstallerUid,
String originalInstallerPackageName, InstallSource installSource, int installerUid,
@@ -90,7 +92,8 @@
int[] childSessionIds, boolean sessionApplied, boolean sessionFailed,
boolean sessionReady, int sessionErrorCode, String sessionErrorMessage,
PreapprovalDetails preapprovalDetails, DomainSet preVerifiedDomains,
- String packageNameFromApk) {
+ String packageNameFromApk, int initialVerificationPolicy,
+ int currentVerificationPolicy) {
this.sessionId = sessionId;
this.userId = userId;
this.mOriginalInstallerUid = originalInstallerUid;
@@ -140,6 +143,8 @@
this.mPackageName = preapprovalDetails != null ? preapprovalDetails.getPackageName()
: packageNameFromApk != null ? packageNameFromApk : params.appPackageName;
+ this.mInitialVerificationPolicy = initialVerificationPolicy;
+ this.mCurrentVerificationPolicy = currentVerificationPolicy;
}
void dump(IndentingPrintWriter pw) {
@@ -184,6 +189,8 @@
pw.printPair("mPreapprovalDetails", mPreapprovalDetails);
pw.printPair("mPreVerifiedDomains", mPreVerifiedDomains);
pw.printPair("mAppPackageName", mPackageName);
+ pw.printPair("mInitialVerificationPolicy", mInitialVerificationPolicy);
+ pw.printPair("mCurrentVerificationPolicy", mCurrentVerificationPolicy);
pw.println();
pw.decreaseIndent();
diff --git a/services/core/java/com/android/server/pm/PackageInstallerService.java b/services/core/java/com/android/server/pm/PackageInstallerService.java
index a59f4bd..ef09976 100644
--- a/services/core/java/com/android/server/pm/PackageInstallerService.java
+++ b/services/core/java/com/android/server/pm/PackageInstallerService.java
@@ -30,6 +30,7 @@
import static android.content.pm.PackageManager.INSTALL_UNARCHIVE_DRAFT;
import static android.os.Process.INVALID_UID;
import static android.os.Process.SYSTEM_UID;
+import static android.os.UserHandle.USER_SYSTEM;
import static com.android.server.pm.PackageArchiver.isArchivingEnabled;
import static com.android.server.pm.PackageInstallerSession.isValidVerificationPolicy;
@@ -154,7 +155,6 @@
import java.util.TreeMap;
import java.util.TreeSet;
import java.util.concurrent.CompletableFuture;
-import java.util.concurrent.atomic.AtomicInteger;
import java.util.function.IntPredicate;
import java.util.function.Supplier;
@@ -281,11 +281,12 @@
};
/**
- * Default verification policy for incoming installation sessions.
- * TODO(b/360129657): update the default policy.
+ * Default verification policy for incoming installation sessions, mapped from userId to policy.
*/
- private final AtomicInteger mVerificationPolicy = new AtomicInteger(
- VERIFICATION_POLICY_BLOCK_FAIL_WARN);
+ @GuardedBy("mVerificationPolicyPerUser")
+ private final SparseIntArray mVerificationPolicyPerUser = new SparseIntArray(1);
+ // TODO(b/360129657): update the default policy.
+ private static final int DEFAULT_VERIFICATION_POLICY = VERIFICATION_POLICY_BLOCK_FAIL_WARN;
private static final class Lifecycle extends SystemService {
private final PackageInstallerService mPackageInstallerService;
@@ -342,6 +343,9 @@
context, mInstallThread.getLooper(), new AppStateHelper(context));
mPackageArchiver = new PackageArchiver(mContext, mPm);
mVerifierController = new VerifierController(mContext, mInstallHandler);
+ synchronized (mVerificationPolicyPerUser) {
+ mVerificationPolicyPerUser.put(USER_SYSTEM, DEFAULT_VERIFICATION_POLICY);
+ }
LocalServices.getService(SystemServiceManager.class).startService(
new Lifecycle(context, this));
@@ -1051,12 +1055,17 @@
InstallSource installSource = InstallSource.create(installerPackageName,
originatingPackageName, requestedInstallerPackageName, requestedInstallerPackageUid,
requestedInstallerPackageName, installerAttributionTag, params.packageSource);
+ final int verificationPolicy;
+ synchronized (mVerificationPolicyPerUser) {
+ verificationPolicy = mVerificationPolicyPerUser.get(
+ userId, DEFAULT_VERIFICATION_POLICY);
+ }
session = new PackageInstallerSession(mInternalCallback, mContext, mPm, this,
mSilentUpdatePolicy, mInstallThread.getLooper(), mStagingManager, sessionId,
userId, callingUid, installSource, params, createdMillis, 0L, stageDir, stageCid,
null, null, false, false, false, false, null, SessionInfo.INVALID_ID,
false, false, false, PackageManager.INSTALL_UNKNOWN, "", null,
- mVerifierController, mVerificationPolicy.get());
+ mVerifierController, verificationPolicy, verificationPolicy);
synchronized (mSessions) {
mSessions.put(sessionId, session);
@@ -1882,14 +1891,22 @@
@Override
@EnforcePermission(android.Manifest.permission.VERIFICATION_AGENT)
- public @PackageInstaller.VerificationPolicy int getVerificationPolicy() {
+ public @PackageInstaller.VerificationPolicy int getVerificationPolicy(int userId) {
getVerificationPolicy_enforcePermission();
- return mVerificationPolicy.get();
+ synchronized (mVerificationPolicyPerUser) {
+ if (mVerificationPolicyPerUser.indexOfKey(userId) < 0) {
+ throw new IllegalStateException(
+ "Verification policy for user " + userId + " does not exist."
+ + " Does the user exist?");
+ }
+ return mVerificationPolicyPerUser.get(userId);
+ }
}
@Override
@EnforcePermission(android.Manifest.permission.VERIFICATION_AGENT)
- public boolean setVerificationPolicy(@PackageInstaller.VerificationPolicy int policy) {
+ public boolean setVerificationPolicy(@PackageInstaller.VerificationPolicy int policy,
+ int userId) {
setVerificationPolicy_enforcePermission();
final int callingUid = getCallingUid();
// Only the verifier currently bound by the system can change the policy, except for Shell
@@ -1899,12 +1916,31 @@
if (!isValidVerificationPolicy(policy)) {
return false;
}
- if (policy != mVerificationPolicy.get()) {
- mVerificationPolicy.set(policy);
+ synchronized (mVerificationPolicyPerUser) {
+ if (mVerificationPolicyPerUser.indexOfKey(userId) < 0) {
+ throw new IllegalStateException(
+ "Verification policy for user " + userId + " does not exist."
+ + " Does the user exist?");
+ }
+ if (policy != mVerificationPolicyPerUser.get(userId)) {
+ mVerificationPolicyPerUser.put(userId, policy);
+ }
}
return true;
}
+ void onUserAdded(int userId) {
+ synchronized (mVerificationPolicyPerUser) {
+ mVerificationPolicyPerUser.put(userId, DEFAULT_VERIFICATION_POLICY);
+ }
+ }
+
+ void onUserRemoved(int userId) {
+ synchronized (mVerificationPolicyPerUser) {
+ mVerificationPolicyPerUser.delete(userId);
+ }
+ }
+
private static int getSessionCount(SparseArray<PackageInstallerSession> sessions,
int installerUid) {
int count = 0;
@@ -2301,6 +2337,9 @@
}
mSilentUpdatePolicy.dump(pw);
mGentleUpdateHelper.dump(pw);
+ synchronized (mVerificationPolicyPerUser) {
+ pw.printPair("VerificationPolicyPerUser", mVerificationPolicyPerUser.toString());
+ }
}
@VisibleForTesting(visibility = VisibleForTesting.Visibility.PACKAGE)
diff --git a/services/core/java/com/android/server/pm/PackageInstallerSession.java b/services/core/java/com/android/server/pm/PackageInstallerSession.java
index 512b195..c466f0a 100644
--- a/services/core/java/com/android/server/pm/PackageInstallerSession.java
+++ b/services/core/java/com/android/server/pm/PackageInstallerSession.java
@@ -320,7 +320,8 @@
private static final String ATTR_APPLICATION_ENABLED_SETTING_PERSISTENT =
"applicationEnabledSettingPersistent";
private static final String ATTR_DOMAIN = "domain";
- private static final String ATTR_VERIFICATION_POLICY = "verificationPolicy";
+ private static final String ATTR_INITIAL_VERIFICATION_POLICY = "initialVerificationPolicy";
+ private static final String ATTR_CURRENT_VERIFICATION_POLICY = "currentVerificationPolicy";
private static final String PROPERTY_NAME_INHERIT_NATIVE = "pi.inherit_native_on_dont_kill";
private static final int[] EMPTY_CHILD_SESSION_ARRAY = EmptyArray.INT;
@@ -418,10 +419,14 @@
private final PackageSessionProvider mSessionProvider;
private final SilentUpdatePolicy mSilentUpdatePolicy;
/**
- * The verification policy applied to this session, which might be different from the default
- * verification policy used by the system.
+ * The initial verification policy assigned to this session when it was first created.
*/
- private final AtomicInteger mVerificationPolicy;
+ private final int mInitialVerificationPolicy;
+ /**
+ * The active verification policy, which might be different from the initial verification policy
+ * assigned to this session or the default policy currently used by the system.
+ */
+ private final AtomicInteger mCurrentVerificationPolicy;
/**
* Note all calls must be done outside {@link #mLock} to prevent lock inversion.
*/
@@ -1182,7 +1187,8 @@
boolean isFailed, boolean isApplied, int sessionErrorCode,
String sessionErrorMessage, DomainSet preVerifiedDomains,
@NonNull VerifierController verifierController,
- @PackageInstaller.VerificationPolicy int verificationPolicy) {
+ @PackageInstaller.VerificationPolicy int initialVerificationPolicy,
+ @PackageInstaller.VerificationPolicy int currentVerificationPolicy) {
mCallback = callback;
mContext = context;
mPm = pm;
@@ -1192,7 +1198,8 @@
mHandler = new Handler(looper, mHandlerCallback);
mStagingManager = stagingManager;
mVerifierController = verifierController;
- mVerificationPolicy = new AtomicInteger(verificationPolicy);
+ mInitialVerificationPolicy = initialVerificationPolicy;
+ mCurrentVerificationPolicy = new AtomicInteger(currentVerificationPolicy);
this.sessionId = sessionId;
this.userId = userId;
@@ -1302,7 +1309,8 @@
mStageDirInUse, mDestroyed, mFds.size(), mBridges.size(), mFinalStatus,
mFinalMessage, params, mParentSessionId, getChildSessionIdsLocked(),
mSessionApplied, mSessionFailed, mSessionReady, mSessionErrorCode,
- mSessionErrorMessage, mPreapprovalDetails, mPreVerifiedDomains, mPackageName);
+ mSessionErrorMessage, mPreapprovalDetails, mPreVerifiedDomains, mPackageName,
+ mInitialVerificationPolicy, mCurrentVerificationPolicy.get());
}
}
@@ -2887,8 +2895,8 @@
final VerifierCallback verifierCallback = new VerifierCallback();
if (!mVerifierController.startVerificationSession(mPm::snapshotComputer, userId,
sessionId, getPackageName(), Uri.fromFile(stageDir), signingInfo,
- declaredLibraries, mVerificationPolicy.get(), /* extensionParams= */ null,
- verifierCallback, /* retry= */ false)) {
+ declaredLibraries, mCurrentVerificationPolicy.get(),
+ /* extensionParams= */ null, verifierCallback, /* retry= */ false)) {
// A verifier is installed but cannot be connected.
verifierCallback.onConnectionFailed();
}
@@ -2967,7 +2975,7 @@
* verification policy for this session.
*/
public @PackageInstaller.VerificationPolicy int getVerificationPolicy() {
- return mVerificationPolicy.get();
+ return mCurrentVerificationPolicy.get();
}
/**
* Called by the VerifierController when the verifier requests to change the verification
@@ -2977,7 +2985,7 @@
if (!isValidVerificationPolicy(policy)) {
return false;
}
- mVerificationPolicy.set(policy);
+ mCurrentVerificationPolicy.set(policy);
return true;
}
/**
@@ -3023,7 +3031,7 @@
// TODO: handle extension response
mHandler.post(() -> {
if (statusReceived.isVerified()
- || mVerificationPolicy.get() == VERIFICATION_POLICY_NONE) {
+ || mCurrentVerificationPolicy.get() == VERIFICATION_POLICY_NONE) {
// Continue with the rest of the verification and installation.
resumeVerify();
return;
@@ -3067,13 +3075,14 @@
}
private void handleNonPackageBlockedFailure(Runnable onFailWarning, Runnable onFailClosed) {
- final Runnable r = switch (mVerificationPolicy.get()) {
+ final Runnable r = switch (mCurrentVerificationPolicy.get()) {
case VERIFICATION_POLICY_NONE, VERIFICATION_POLICY_BLOCK_FAIL_OPEN ->
PackageInstallerSession.this::resumeVerify;
case VERIFICATION_POLICY_BLOCK_FAIL_WARN -> onFailWarning;
case VERIFICATION_POLICY_BLOCK_FAIL_CLOSED -> onFailClosed;
default -> {
- Log.wtf(TAG, "Unknown verification policy: " + mVerificationPolicy.get());
+ Log.wtf(TAG, "Unknown verification policy: "
+ + mCurrentVerificationPolicy.get());
yield onFailClosed;
}
};
@@ -5438,12 +5447,21 @@
}
/**
+ * @return the initial policy for the verification request assigned to the session when created.
+ */
+ @VisibleForTesting
+ public @PackageInstaller.VerificationPolicy int getInitialVerificationPolicy() {
+ assertCallerIsOwnerOrRoot();
+ return mInitialVerificationPolicy;
+ }
+
+ /**
* @return the current policy for the verification request associated with this session.
*/
@VisibleForTesting
- public @PackageInstaller.VerificationPolicy int getVerificationPolicy() {
+ public @PackageInstaller.VerificationPolicy int getCurrentVerificationPolicy() {
assertCallerIsOwnerOrRoot();
- return mVerificationPolicy.get();
+ return mCurrentVerificationPolicy.get();
}
void setSessionReady() {
@@ -5683,6 +5701,8 @@
if (mPreVerifiedDomains != null) {
pw.printPair("mPreVerifiedDomains", mPreVerifiedDomains);
}
+ pw.printPair("mInitialVerificationPolicy", mInitialVerificationPolicy);
+ pw.printPair("mCurrentVerificationPolicy", mCurrentVerificationPolicy.get());
pw.println();
pw.decreaseIndent();
@@ -5907,7 +5927,9 @@
out.attributeInt(null, ATTR_INSTALL_REASON, params.installReason);
writeBooleanAttribute(out, ATTR_APPLICATION_ENABLED_SETTING_PERSISTENT,
params.applicationEnabledSettingPersistent);
- out.attributeInt(null, ATTR_VERIFICATION_POLICY, mVerificationPolicy.get());
+ out.attributeInt(null, ATTR_INITIAL_VERIFICATION_POLICY, mInitialVerificationPolicy);
+ out.attributeInt(null, ATTR_CURRENT_VERIFICATION_POLICY,
+ mCurrentVerificationPolicy.get());
final boolean isDataLoader = params.dataLoaderParams != null;
writeBooleanAttribute(out, ATTR_IS_DATALOADER, isDataLoader);
@@ -6058,8 +6080,10 @@
final boolean sealed = in.getAttributeBoolean(null, ATTR_SEALED, false);
final int parentSessionId = in.getAttributeInt(null, ATTR_PARENT_SESSION_ID,
SessionInfo.INVALID_ID);
- final int verificationPolicy = in.getAttributeInt(null, ATTR_VERIFICATION_POLICY,
- VERIFICATION_POLICY_NONE);
+ final int initialVerificationPolicy = in.getAttributeInt(null,
+ ATTR_INITIAL_VERIFICATION_POLICY, VERIFICATION_POLICY_NONE);
+ final int currentVerificationPolicy = in.getAttributeInt(null,
+ ATTR_CURRENT_VERIFICATION_POLICY, VERIFICATION_POLICY_NONE);
final SessionParams params = new SessionParams(
SessionParams.MODE_INVALID);
@@ -6235,6 +6259,6 @@
stageCid, fileArray, checksumsMap, prepared, committed, destroyed, sealed,
childSessionIdsArray, parentSessionId, isReady, isFailed, isApplied,
sessionErrorCode, sessionErrorMessage, preVerifiedDomains, verifierController,
- verificationPolicy);
+ initialVerificationPolicy, currentVerificationPolicy);
}
}
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 4557769..43a90b1 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -4417,6 +4417,7 @@
mPendingBroadcasts.remove(userId);
mAppsFilter.onUserDeleted(snapshotComputer(), userId);
mPermissionManager.onUserRemoved(userId);
+ mInstallerService.onUserRemoved(userId);
}
mInstantAppRegistry.onUserRemoved(userId);
mPackageMonitorCallbackHelper.onUserRemoved(userId);
@@ -4467,6 +4468,7 @@
mLegacyPermissionManager.grantDefaultPermissions(userId);
mPermissionManager.setDefaultPermissionGrantFingerprint(Build.FINGERPRINT, userId);
mDomainVerificationManager.clearUser(userId);
+ mInstallerService.onUserAdded(userId);
}
}
diff --git a/services/core/java/com/android/server/pm/PackageManagerShellCommand.java b/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
index f8e56e1..7ef3582 100644
--- a/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
+++ b/services/core/java/com/android/server/pm/PackageManagerShellCommand.java
@@ -4676,7 +4676,7 @@
try {
final IPackageInstaller installer = mInterface.getPackageInstaller();
// TODO(b/360129657): global verification policy should be per user
- final int policy = installer.getVerificationPolicy();
+ final int policy = installer.getVerificationPolicy(translatedUserId);
pw.println(policy);
} catch (Exception e) {
pw.println("Failure [" + e.getMessage() + "]");
@@ -4717,7 +4717,8 @@
try {
final IPackageInstaller installer = mInterface.getPackageInstaller();
// TODO(b/360129657): global verification policy should be per user
- final boolean success = installer.setVerificationPolicy(Integer.parseInt(policyStr));
+ final boolean success = installer.setVerificationPolicy(Integer.parseInt(policyStr),
+ translatedUserId);
if (!success) {
pw.println("Failure setting verification policy.");
return 1;
diff --git a/services/tests/PackageManagerServiceTests/server/src/com/android/server/pm/PackageInstallerSessionTest.kt b/services/tests/PackageManagerServiceTests/server/src/com/android/server/pm/PackageInstallerSessionTest.kt
index 1e89359..09d0e4a 100644
--- a/services/tests/PackageManagerServiceTests/server/src/com/android/server/pm/PackageInstallerSessionTest.kt
+++ b/services/tests/PackageManagerServiceTests/server/src/com/android/server/pm/PackageInstallerSessionTest.kt
@@ -22,6 +22,7 @@
import android.content.pm.PackageInstaller.SessionParams.PERMISSION_STATE_DENIED
import android.content.pm.PackageInstaller.SessionParams.PERMISSION_STATE_GRANTED
import android.content.pm.PackageInstaller.VERIFICATION_POLICY_BLOCK_FAIL_CLOSED
+import android.content.pm.PackageInstaller.VERIFICATION_POLICY_BLOCK_FAIL_OPEN
import android.content.pm.PackageManager
import android.content.pm.verify.domain.DomainSet
import android.os.Parcel
@@ -199,7 +200,8 @@
/* stagedSessionErrorMessage */ "some error",
/* preVerifiedDomains */ DomainSet(setOf("com.foo", "com.bar")),
/* VerifierController */ mock(VerifierController::class.java),
- VERIFICATION_POLICY_BLOCK_FAIL_CLOSED
+ /* initialVerificationPolicy */ VERIFICATION_POLICY_BLOCK_FAIL_OPEN,
+ /* currentVerificationPolicy */ VERIFICATION_POLICY_BLOCK_FAIL_CLOSED
)
}
@@ -342,7 +344,8 @@
assertThat(expected.childSessionIds).asList()
.containsExactlyElementsIn(actual.childSessionIds.toList())
assertThat(expected.preVerifiedDomains).isEqualTo(actual.preVerifiedDomains)
- assertThat(expected.verificationPolicy).isEqualTo(actual.verificationPolicy)
+ assertThat(expected.initialVerificationPolicy).isEqualTo(actual.initialVerificationPolicy)
+ assertThat(expected.currentVerificationPolicy).isEqualTo(actual.currentVerificationPolicy)
}
private fun assertInstallSourcesEquivalent(expected: InstallSource, actual: InstallSource) {
diff --git a/services/tests/mockingservicestests/src/com/android/server/pm/StagingManagerTest.java b/services/tests/mockingservicestests/src/com/android/server/pm/StagingManagerTest.java
index 124c41e..591e8df 100644
--- a/services/tests/mockingservicestests/src/com/android/server/pm/StagingManagerTest.java
+++ b/services/tests/mockingservicestests/src/com/android/server/pm/StagingManagerTest.java
@@ -742,7 +742,10 @@
/* stagedSessionErrorMessage */ "no error",
/* preVerifiedDomains */ null,
/* verifierController */ null,
- /* verificationPolicy */ PackageInstaller.VERIFICATION_POLICY_BLOCK_FAIL_CLOSED);
+ /* initialVerificationPolicy */
+ PackageInstaller.VERIFICATION_POLICY_BLOCK_FAIL_CLOSED,
+ /* currentVerificationPolicy */
+ PackageInstaller.VERIFICATION_POLICY_BLOCK_FAIL_CLOSED);
StagingManager.StagedSession stagedSession = spy(session.mStagedSession);
doReturn(packageName).when(stagedSession).getPackageName();