Cross Reference: /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java

History log of /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
785d618b1a4c66d885cafec34ed1981daee6736d	19-Apr-2018	Victor Hsieh <victorhsieh@google.com>	Allow only selected priv apps to run OOB - Add pm.dexopt.priv-apps-oob-list to allow selecting specific packages to run OOB, in a comma-separated string of package names. When set to "ALL" (default), all priv apps will run in OOB. - Add a global config priv_app_oob_list to persist the state for experiment. - Also make background dexopt to respect the config. Test: 0. Reset previous OOB settings. 1. settings put global priv_app_oob_list \ com.google.android.gms,com.android.vending 2. cmd package compile -m speed -f com.google.android.gms (then com.android.vending, com.google.android.googlequicksearchbox) 3. dumpsys package dexopt # .vending and .gms are "verify", .googlequicksearchbox is # "speed". Test: settings put global priv_app_oob_list 'ALL' # see the same result Test: settings delete global priv_app_oob_list # see the same result Test: atest SettingsBackupTest Bug: 30972906 Bug: 63920015 Change-Id: Iba47b4763a026cdc94939db0a743822278917269 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
629a5f9705368990515ca4754f58f2d4ffb78a1e	31-Mar-2018	Daniel Cashman <dcashman@google.com>	Add ROLLBACK past signing cert capability. Add a new capability that may be granted to past signing certificates after changing to a new signing certificate that will allow applications to go back to a previous signing certificate. This capability is intended to not be granted, but may be added later in the event that a signing certificate change caused undesirable behavior. Bug: 73927694 Test: PkgInstallSignatureVerificationTest Change-Id: I7453a2da00e740a55de45e7b144f308a9bc33772 (cherry picked from commit a1d0cf74f93bc6cdef054e73c9f09f44cc44d501) /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
b5a564a05645cd95ba9833b0fa804cd98f192c6b	27-Mar-2018	Victor Hsieh <victorhsieh@google.com>	Downgrade OOB warning of priv app to warning We can't enforce priv apps to uncompress .dex and .so just yet until all priv apps from Play have done so. Also fix the wrong default value. Test: build Bug: 76440172 Bug: 63920015 Change-Id: I98ab7272702c1693752f8e4ecb53e1b1eb5e1f35 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
850f29a169e771acd889bf78f0a9514aaaf3d309	01-Feb-2018	Jeff Sharkey <jsharkey@google.com>	Merge changes Iac97c342,I52518d52 * changes: Enable sendfile() and splice() optimizations. Use sendfile() and splice() to speed up copying.
b18f899241231991e314c40990eb8e9f703732d4	01-Feb-2018	Jeff Sharkey <jsharkey@android.com>	Use sendfile() and splice() to speed up copying. There are several places across the OS where Java code is simply copying data between two points, which requires bringing that data out into userspace before going back into the kernel. (That's pretty lame.) The patches for the recent Meltdown/Spectre security issues have made this overhead even worse, so it's finally time to move this copying directly into the kernel. This change adds a couple new FileUtils.copy() methods which inspect the given streams/FDs, and attempt to do as much optimization as possible before falling back to a slower userspace-based copy. Benchmarks are showing typical improvements of 44% for 32KB files, 50% for 32MB files, and 35% for 32MB pipes. Plenty of tests are included, and there's a simple kill-switch that can be used to enable/disable the feature if it starts causing any trouble. (A future CL will enable the optimizations.) Test: bit FrameworksCoreTests:android.os.FileUtilsTest Test: vogar --mode app_process --benchmark frameworks/base/core/tests/benchmarks/src/android/os/FileUtilsBenchmark.java Bug: 71932978 Change-Id: I52518d529da5d961610998b9f61399064d8025cd /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
1dbe6d02849cb4af87bbd26b7537e11badead3b1	23-Jan-2018	Dan Cashman <dcashman@google.com>	Add key rotation. Change certificate checks to also consider the possibility of signing certificate rotation by checking the SigningDetails#pastSigningCertificates field. In particular, add a SigningDetails#checkCapability method which reports whether or not the older SigningDetails is an ancestor of the current one, and queries whether or not the old one has been granted capabilities, such as being a sharedUser. Bug: 64686581 Test: Builds, boots, browser and camera work, all with v3 signing. Change-Id: I4199ff3f2d9ae959325b117b28e666ae31889800 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
5f76124551aa6582bb82034f8423b9d84f633d70	20-Jan-2018	Victor Hsieh <victorhsieh@google.com>	Skip priv app full apk verification if has verify When ro.apk_verity.mode is on, full apk verification is only skipped if the apk already has verity enabled in the file system, and if the apk contains the Merkle tree root hash we need. Since the configuration in the file system is duplicated from the apk (including the offset and size of Signing Block and the Merkle tree), in order to prevent offline attacker from changing it, we need to measure the observed configuration and make sure it matches the kernel's view. Test: observed package manager's requeset to installd (only) for updated priv apps. Bug: 30972906 Change-Id: I33531a3f6148232b777ea8bfd02f13700649e317 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
55f1499592ba632a0166b415a4aa7bf1d33a9c96	13-Jan-2018	Victor Hsieh <victorhsieh@google.com>	Enable verity to updated priv app if root hash exists With the flag ro.apk_verity.mode set to non-zero, on install time, package manager now tries to enable verity for priv apps if the root hash is included in the APK's Signing Block. Test: Install a priv app with verity root hash in the Signing Block. Saw the tree is built, passed to installd. Failed on ioctl at the moment since kernel is not ready. (need the final installd patch) Bug: 30972906 Change-Id: I17b6589b44485fb377d5618da55fb2a4572d4ae8 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
5cdda3425ccf3c62e400a1646615f4479a8266af	19-Jan-2018	Daniel Cashman <dcashman@google.com>	Add API to expose signing certificate proof-of-rotation. With the addition of APK Signature Scheme v3, the platform now can support key rotation by using the proof-of-rotation provided by the new scheme. Create a new API which allows checking of the entire provided history of an APK's signing certificates, not just the current signer. This should allow for changes of APK signing certificates without fear of losing access to resources that would have been provided under the old signing certificate. Change getPackageInfo(GET_SIGNATURES) to return the oldest signing certificate in the chain so that apps which do programmatic checks, but are not updated to use the new API, still get the same information they would have gotten had there been no rotation. Bug: 64686581 Test: Builds, boots. Change-Id: I8982fd4cce60f5d85a6180d157a6e2a661b1a6d7 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
77029c5b16351775cb2333369ef9a4bc1d9acf58	19-Jan-2018	Daniel Cashman <dcashman@google.com>	Add proof-of-rotation information to PackageParser.SigningDetails APK Signature Scheme v3 enables APK signing key rotation by allowing an APK to embed a proof-of-rotation structure linking past signing certificates to the current one. This information needs to be exposed to the system before it can be used to make authorization decisions. Bug: 64686581 Test: Builds and boots. Change-Id: I49961f92fcec141d73b36197147d5d8fa64c149e /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
0c8f2e01064d6c901fcf75fe59c949cd10b0c47f	06-Oct-2017	Victor Hsieh <victorhsieh@google.com>	Force verifying updated priv apps on boot if enabled If ro.apk_verity.mode is non-zero (default 0), package manager will force verifying updated priv apps in /data, and make sure the certificate matches the original one in /system, which we trust. Test: logcat shows force collecting cert only if enabled Bug: 30972906 Change-Id: I33f98930aaaaf76dbe2c0bc664e841f7892eb00e /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
420d58a9d867a3ce96fb4ea98bd30ee4d44eab4d	19-Dec-2017	Patrick Baumann <patb@google.com>	Move signing data into SigningDetails container This change replaces fields from Package that relate to signing with a single SigningDetails container. It does the same with InstallArgs and InstallParams. This simplifies much of the code that would have otherwise relied on synchronizing many fields and will enable PackageManagerService to make install-time descisions based on package data instead of forcing it to be part of package parsing. This is a retake of ag/3382280 Test: android.appsecurity.cts.PkgInstallSignatureVerificationTest passes. Test: atest google/perf/boottime/boottime-test to ensure no startup regression. Bug: 68860689 Change-Id: I0df45ce537df5552a7e60e4d727a4dcef23c2252 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
3e654843d55a292b337eb661389fb44e05a6e7a7	29-Nov-2017	Todd Kennedy <toddke@google.com>	Fix if clauses During a refactor, we introduced updated the method used to verify signatures. The "&& additionalTest" clauses were added to the wrong if statement [off-by-one]. So, we were performing a compat signature check when we shouldn't and not throwing an exception when we should. Change-Id: Ie479be5b254b9b13451ab07a07d20a68c7b828ad Fixes: 69053002 Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AppSecurityTests#testSharedUidDifferentCerts /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
96cb94bab4d366fa3f9c90b162482d750debbe37	29-Nov-2017	Todd Kennedy <toddke@google.com>	Update error text Text was updated to be slightly more readable, but, wound up breaking the tests. Reverting the word change. Change-Id: I299245fc05f15ff6f7979c4c0365fe885b3c2e15 Fixes: 69056838 Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.PkgInstallSignatureVerificationTest#testCorrectCertUsedFromPkcs7SignedDataCertsSet Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.PkgInstallSignatureVerificationTest#testV1SchemeSignatureCertNotReencoded Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.PkgInstallSignatureVerificationTest#testV2SchemeSignatureCertNotReencoded /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
ddaaf4cf483d392e78a31885a410dc9dcaf646c4	07-Nov-2017	Todd Kennedy <toddke@google.com>	Remove scanFile argument In several locations we were passing both a parsed Package object and a scanFile File object. But, the Package object was parsed from the scanFile! Instead, just pass the singular Package object and pull the scanned file from it. Bug: 63539144 Test: bit FrameworksServicesTests:com.android.server.pm. Change-Id: Ibd200fb567e005869de61d9c123f211fa9a38f0a /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
7c4c55dcb6d386fb3843069a02c177df66df09c7	02-Nov-2017	Todd Kennedy <toddke@google.com>	Move code No functional changes. Moving code from PackageManagerService to other classes where it makes more sense. Make some methods static when they could easily be made so. Bug: 63539144 Test: bit FrameworksServicesTests:com.android.server.pm. Change-Id: If515315d27d9bf3d19cde0062deade5d05924b6d /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
96aac9b3754b9f85b3db87435d890c43092be20d	17-Oct-2017	Tobias Thierer <tobiast@google.com>	Framework: Prefer android.system.Os over libcore.io.Libcore.os This is a pure refactoring with no a behavior change other than that these calls now go through android.system.Os, which immediately delegates to Libcore.os. This is a first step towards separating framework (via android.system.Os) vs. libcore (via Libcore.os) clients of these low level APIs. Separating these is a prerequisite towards moving the API parts of android.system into framework, and moving the rest into a different package in libcore. Test: Treehugger Bug: 67901714 Change-Id: Ifd8349ec5416e5693f40dba48fdf2bef651b7d81 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
0eb9738d1708d9aa7846782046e6828ffc9fe901	04-Oct-2017	Todd Kennedy <toddke@google.com>	Move mPermissions from package settings Create a settings class only for use with permissions. It's subservient [and should only be accessed directly by] package settings or the permission manager. The rest of the permission related data needs to be moved to permission settings. At which point we can start pulling the permission methods out of the package manager service and into the permission manager. We still have a somewhat tight relationship between package manager and the permission manager. It's unclear how far we need to separate them and if relying entirely on an internal interface is sufficient. Bug: 63539144 Test: Manual. Builds and runs Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.PermissionsHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsPermissionTestCases Test: cts-tradefed run commandAndExit cts-dev -m CtsPermission2TestCases Test: bit FrameworksServicesTests:com.android.server.pm.PackageManagerSettingsTests Change-Id: I616184fa2135a11687e4ce615884f861466fdebe /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
61dc6ffcbd917f4b39821a0dcc9266d349343a6a	26-Sep-2017	Nicolas Geoffray <ngeoffray@google.com>	Merge "Special handling of priv-apps in PMS." am: 107899c599 am: 15b0493360 am: 35455f2553 Change-Id: I8bfe46aad8166d4d4b7346fe10f3e148a34ccf0b
20a894ed549a66786c3ca999f1a0083970b7e59c	08-Sep-2017	Nicolas Geoffray <ngeoffray@google.com>	Special handling of priv-apps in PMS. If pm.dexopt.priv-apps is set to false, don't do any dexopt on it, and check the APKs have uncompressed and aligned code. bug: 30972906 bug: 63920015 Test: works as expected when pm.dexopt.priv-apps is true or false Change-Id: I72a322defb459549617028e030f1aec997223af5 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
52a452cf685c56dc6872dbb19e822736484f672f	04-Aug-2017	Calin Juravle <calin@google.com>	Record usage information per split Increase the granularity of usage information to store data on each split separately. Now, splits get their own useByOtherApps flag and can be compiled speed-profile when only the primary apk is loaded by other apps. Bug: 64124380 Test: runtest -x services/tests/servicestests/src/com/android/server/pm/dex/* Change-Id: Ibf9e7b9e67db9c6f0f45dc695bce8fbeb7be20ae /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
3b74c41776da66562a68b12a0fed8d20b6952868	04-Aug-2017	Calin Juravle <calin@google.com>	Use PackageUseInfo in DexOptimizer Pass the PackageUseInfo directly to DexOptimizer and use it to detect if a package is used by other apps. Move the usage checks closer to dexopt so that they can be easily adapted when we add usage info for each of the app's code paths separately. This is a refactoring CLs to reduce the size and complexity of the upcoming CLs which record the usage info for each of the application splits. Bug: 64124380 Test: runtest -x services/tests/servicestests/src/com/android/server/pm/dex/* Change-Id: I8031590cdaff81ab1792ca19baddb6cb36dc021d /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
2e565e6d6ec1a8be52f9d2b5a67597cf4791434d	19-Jul-2017	Shubham Ajmera <shubhamajmera@google.com>	Fix: handle null value for packageUsageInfo while deciding unused apps Bug: 36598475 Test: Verified for AOSP calculator Change-Id: I86633a729ae34c621f9026fcf0486f2c0a5c7e4c /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
246dccf9327631597767afe418ce43ae6d07d102	25-May-2017	Shubham Ajmera <shubhamajmera@google.com>	Reduce app size by downgrading inactive apps This will trigger when the device will have low space. Active apps here refer to the apps which were either active in foregrond or in background and also used by other packages. Apps which are inactive for X days downgraded to verify. X is determined by sysprop pm.dexopt.unopt_after_inactive_days If the system properties are not set, no effect will take place. The above operations will take place in background dexopt service. If user uses the app again, it will again be speed-compiled when background dexopt service starts next time. Bug: 36598475 Test: manual * Remove the check in the code that allows downgrade only when the space is low on the device. * adb root * Set pm.dexopt_unopt_after_inactive_days to 600 * Make sure the current time of the device is correctly set * Install 2 non system apps - B, C * Downgrade B to extract * Upgrade a system apps to speed-profile - E * Downgrade a system app to quicken - G * adb shell cmd package bg-dexopt-job Expected Results: * Extract - B * Verify - C * There should not be any entries for apps E an G in dalvik_cache Change-Id: I68f9f617d6722a7ba8b00aa2181cb38a165cfc51 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
07b6eabe79261267ecd7114790e96e1f6828672a	02-Mar-2017	Calin Juravle <calin@google.com>	Use DexManager logic to decide if a package is used by other apps Stop relying on the file marker recorded by the runtime. We have the same data available from the DexManager. The clean up CL to remove the handling of the file markers will follow. Test: verify that "shared packages" (e.g. gmscore) are not compiled with speed-profile. Bug: 32871170 Change-Id: I6cc5834ac88489e69896cd5fba9ed9968aa7f5a2 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
0318162abcbd07a0472989df43e00e353fac731b	01-Dec-2016	Calin Juravle <calin@google.com>	Add logic for recording dex files use on disk Add PackageDexUsage to handle the I/O operations of dex usage data. It is responsible to encode, save and load dex Test: runtest -x .../PackageDexUsageTests.java Bug: 32871170 Change-Id: I2acc5430080a7e937c798513d8959ab631decfd9 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
dab38e000436bf8234955b0333eaecf389e65b6f	10-Sep-2016	Andreas Gampe <agampe@google.com>	OtaDexopt: Downgrade apps when low on space When running low on space, attempt to "downgrade" apps to lower states in the optimization flow to free up space before starting the OTA. Bug: 31347757 Change-Id: I3a44b106b83d86d7290f4c557267b319f28de12a /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
d3e07d46d41e8411def67c2150a0bae064e900dc	07-Sep-2016	Andreas Gampe <agampe@google.com>	Package Manager: Sort list of packages to dexopt Sort the list by last-use-time, if available. Interleave the dependencies with the packages. Clean up the code a bit for better code reuse and ease of writing filters. This should help with prioritization under space constraints. Bug: 31347757 Change-Id: Ia0ec62faf013a379dc4c80b18fd6b2bfbfa470c4 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
fa78b219b7dc006a2863fc0a6d2ff68324797f8f	26-May-2016	Nicolas Geoffray <ngeoffray@google.com>	Look at last used app when filtering. In order to cover cases where a device hasn't been used for a while. bug:28969280 Change-Id: I897e833ed83912b848f25a7a81fe59f0ee655be1 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
6d99f796711882ba60977c211d0f92252fe7ad4a	16-May-2016	Narayan Kamath <narayan@google.com>	PackageManager: Fix reference profile canonicalization. Foreign dex markers are named in the runtime by calling realpath(3) on the input dexfile path and replacing "/" with "@". On the Java side, we're using File.getCanonicalPath, which is similar but isn't quite the same. It tries to call realpath() directly, but if that fails, it resorts to a series of increasingly desperate measures to calculate a "canonical path". We just use realpath instead. Also, don't attempt to delete a profile if canonicalization fails. bug: 28740848 Change-Id: Ie5d5af590187e793db633342a42b923865e5c005 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
90e269917e1d8f9fadb12c3528b8c360b2271e82	18-Apr-2016	David Brazdil <dbrazdil@google.com>	Change app selection policy for post-OTA verification Changes the policy for selecting packages which will be pre-verified during post-OTA boot animation. For Nx to Ny, an app is pre-verified if used in the foreground in the last 7 days, or if its APK was loaded by other apps. For M to N (or early N builds without detailed stats), an app is pre-verified if it has any recorded use in the last 7 days. Bug: 27902702 Bug: 27350503 Change-Id: I2b38daf017ecd0e5aa5ed596ed9351cffa03dbcb /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
ca82e616d3131570bf2ee29778f4796f343720d5	20-Apr-2016	Brian Carlstrom <bdc@google.com>	Add reasons to notifyPackageUse calls This is so we can record more specific times in PackageUsage. If file with only one timestamp per package is found, the value is copied to all usage slots. Bug: 27902702 Change-Id: I8affe43c735e54620a9204433aad367cfddfded7 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
d5896630f6a2f21da107031cab216dc93bdcd851	05-Mar-2016	Jeff Sharkey <jsharkey@android.com>	Move more PM calls to ParceledListSlice. Since the data returned by these calls can grow unbounded based on various GET flags, we need to switch 'em over. Bug: 27391893 Change-Id: Ie849ca30dbaaa91158da4c83675657715629a0ee /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
b62d690e7e931a07a9503ccbd7cc107b1af3fc64	11-Feb-2016	David Brazdil <dbrazdil@google.com>	Address minor comments after go/ag/858723 Change-Id: I549bd3290ae47d46b2ef10553466db2c29296ee9 /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
6b4736d604fd91aaedc6f3fe9be5a1e757aab86c	04-Feb-2016	David Brazdil <dbrazdil@google.com>	Apply 'used in last 7 days' filter to OTA package extraction Bug: 26813999 Change-Id: I5f1eddb1d5e9f0bbaab62d86e6ccf3cc097c4edb (cherry picked from commit e292175fbd495a63b48560439d2a84b239f91e18) /frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java