1/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 *  Licensed under the Apache License, Version 2.0 (the "License");
5 *  you may not use this file except in compliance with the License.
6 *  You may obtain a copy of the License at
7 *
8 *       http://www.apache.org/licenses/LICENSE-2.0
9 *
10 *  Unless required by applicable law or agreed to in writing, software
11 *  distributed under the License is distributed on an "AS IS" BASIS,
12 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 *  See the License for the specific language governing permissions and
14 *  limitations under the License.
15 */
16
17package com.android.packageinstaller;
18
19import static com.android.packageinstaller.PackageUtil.getMaxTargetSdkVersionForUid;
20
21import android.Manifest;
22import android.app.Activity;
23import android.app.ActivityManager;
24import android.app.AppGlobals;
25import android.app.IActivityManager;
26import android.content.ContentResolver;
27import android.content.Intent;
28import android.content.pm.ApplicationInfo;
29import android.content.pm.IPackageManager;
30import android.content.pm.PackageInstaller;
31import android.content.pm.PackageManager;
32import android.content.pm.ProviderInfo;
33import android.net.Uri;
34import android.os.Build;
35import android.os.Bundle;
36import android.os.RemoteException;
37import android.support.annotation.Nullable;
38import android.util.Log;
39
40import com.android.internal.annotations.VisibleForTesting;
41
42/**
43 * Select which activity is the first visible activity of the installation and forward the intent to
44 * it.
45 */
46public class InstallStart extends Activity {
47    private static final String LOG_TAG = InstallStart.class.getSimpleName();
48
49    private static final String DOWNLOADS_AUTHORITY = "downloads";
50    private IActivityManager mIActivityManager;
51    private IPackageManager mIPackageManager;
52    private boolean mAbortInstall = false;
53
54    @Override
55    protected void onCreate(@Nullable Bundle savedInstanceState) {
56        super.onCreate(savedInstanceState);
57        mIPackageManager = AppGlobals.getPackageManager();
58        Intent intent = getIntent();
59        String callingPackage = getCallingPackage();
60
61        // If the activity was started via a PackageInstaller session, we retrieve the calling
62        // package from that session
63        int sessionId = intent.getIntExtra(PackageInstaller.EXTRA_SESSION_ID, -1);
64        if (callingPackage == null && sessionId != -1) {
65            PackageInstaller packageInstaller = getPackageManager().getPackageInstaller();
66            PackageInstaller.SessionInfo sessionInfo = packageInstaller.getSessionInfo(sessionId);
67            callingPackage = (sessionInfo != null) ? sessionInfo.getInstallerPackageName() : null;
68        }
69
70        final ApplicationInfo sourceInfo = getSourceInfo(callingPackage);
71        final int originatingUid = getOriginatingUid(sourceInfo);
72        boolean isTrustedSource = false;
73        if (sourceInfo != null
74                && (sourceInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0) {
75            isTrustedSource = intent.getBooleanExtra(Intent.EXTRA_NOT_UNKNOWN_SOURCE, false);
76        }
77
78        if (!isTrustedSource && originatingUid != PackageInstaller.SessionParams.UID_UNKNOWN) {
79            final int targetSdkVersion = getMaxTargetSdkVersionForUid(this, originatingUid);
80            if (targetSdkVersion < 0) {
81                Log.w(LOG_TAG, "Cannot get target sdk version for uid " + originatingUid);
82                // Invalid originating uid supplied. Abort install.
83                mAbortInstall = true;
84            } else if (targetSdkVersion >= Build.VERSION_CODES.O && !declaresAppOpPermission(
85                    originatingUid, Manifest.permission.REQUEST_INSTALL_PACKAGES)) {
86                Log.e(LOG_TAG, "Requesting uid " + originatingUid + " needs to declare permission "
87                        + Manifest.permission.REQUEST_INSTALL_PACKAGES);
88                mAbortInstall = true;
89            }
90        }
91        if (mAbortInstall) {
92            setResult(RESULT_CANCELED);
93            finish();
94            return;
95        }
96
97        Intent nextActivity = new Intent(intent);
98        nextActivity.setFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT);
99
100        // The the installation source as the nextActivity thinks this activity is the source, hence
101        // set the originating UID and sourceInfo explicitly
102        nextActivity.putExtra(PackageInstallerActivity.EXTRA_CALLING_PACKAGE, callingPackage);
103        nextActivity.putExtra(PackageInstallerActivity.EXTRA_ORIGINAL_SOURCE_INFO, sourceInfo);
104        nextActivity.putExtra(Intent.EXTRA_ORIGINATING_UID, originatingUid);
105
106        if (PackageInstaller.ACTION_CONFIRM_PERMISSIONS.equals(intent.getAction())) {
107            nextActivity.setClass(this, PackageInstallerActivity.class);
108        } else {
109            Uri packageUri = intent.getData();
110
111            if (packageUri != null && (packageUri.getScheme().equals(ContentResolver.SCHEME_FILE)
112                    || packageUri.getScheme().equals(ContentResolver.SCHEME_CONTENT))) {
113                // Copy file to prevent it from being changed underneath this process
114                nextActivity.setClass(this, InstallStaging.class);
115            } else if (packageUri != null && packageUri.getScheme().equals(
116                    PackageInstallerActivity.SCHEME_PACKAGE)) {
117                nextActivity.setClass(this, PackageInstallerActivity.class);
118            } else {
119                Intent result = new Intent();
120                result.putExtra(Intent.EXTRA_INSTALL_RESULT,
121                        PackageManager.INSTALL_FAILED_INVALID_URI);
122                setResult(RESULT_FIRST_USER, result);
123
124                nextActivity = null;
125            }
126        }
127
128        if (nextActivity != null) {
129            startActivity(nextActivity);
130        }
131        finish();
132    }
133
134    private boolean declaresAppOpPermission(int uid, String permission) {
135        try {
136            final String[] packages = mIPackageManager.getAppOpPermissionPackages(permission);
137            if (packages == null) {
138                return false;
139            }
140            for (String packageName : packages) {
141                try {
142                    if (uid == getPackageManager().getPackageUid(packageName, 0)) {
143                        return true;
144                    }
145                } catch (PackageManager.NameNotFoundException e) {
146                    // Ignore and try the next package
147                }
148            }
149        } catch (RemoteException rexc) {
150            // If remote package manager cannot be reached, install will likely fail anyway.
151        }
152        return false;
153    }
154
155    /**
156     * @return the ApplicationInfo for the installation source (the calling package), if available
157     */
158    private ApplicationInfo getSourceInfo(@Nullable String callingPackage) {
159        if (callingPackage != null) {
160            try {
161                return getPackageManager().getApplicationInfo(callingPackage, 0);
162            } catch (PackageManager.NameNotFoundException ex) {
163                // ignore
164            }
165        }
166        return null;
167    }
168
169    /**
170     * Get the originating uid if possible, or
171     * {@link android.content.pm.PackageInstaller.SessionParams#UID_UNKNOWN} if not available
172     *
173     * @param sourceInfo The source of this installation
174     * @return The UID of the installation source or UID_UNKNOWN
175     */
176    private int getOriginatingUid(@Nullable ApplicationInfo sourceInfo) {
177        // The originating uid from the intent. We only trust/use this if it comes from either
178        // the document manager app or the downloads provider
179        final int uidFromIntent = getIntent().getIntExtra(Intent.EXTRA_ORIGINATING_UID,
180                PackageInstaller.SessionParams.UID_UNKNOWN);
181
182        final int callingUid;
183        if (sourceInfo != null) {
184            callingUid = sourceInfo.uid;
185        } else {
186            try {
187                callingUid = getIActivityManager()
188                        .getLaunchedFromUid(getActivityToken());
189            } catch (RemoteException ex) {
190                // Cannot reach ActivityManager. Aborting install.
191                Log.e(LOG_TAG, "Could not determine the launching uid.");
192                mAbortInstall = true;
193                return PackageInstaller.SessionParams.UID_UNKNOWN;
194            }
195        }
196        try {
197            if (mIPackageManager.checkUidPermission(Manifest.permission.MANAGE_DOCUMENTS,
198                    callingUid) == PackageManager.PERMISSION_GRANTED) {
199                return uidFromIntent;
200            }
201        } catch (RemoteException rexc) {
202            // Ignore. Should not happen.
203        }
204        if (isSystemDownloadsProvider(callingUid)) {
205            return uidFromIntent;
206        }
207        // We don't trust uid from the intent. Use the calling uid instead.
208        return callingUid;
209    }
210
211    private boolean isSystemDownloadsProvider(int uid) {
212        final ProviderInfo downloadProviderPackage = getPackageManager().resolveContentProvider(
213                DOWNLOADS_AUTHORITY, 0);
214        if (downloadProviderPackage == null) {
215            // There seems to be no currently enabled downloads provider on the system.
216            return false;
217        }
218        final ApplicationInfo appInfo = downloadProviderPackage.applicationInfo;
219        return (appInfo.isSystemApp() && uid == appInfo.uid);
220    }
221
222    private IActivityManager getIActivityManager() {
223        if (mIActivityManager == null) {
224            return ActivityManager.getService();
225        }
226        return mIActivityManager;
227    }
228
229    @VisibleForTesting
230    void injectIActivityManager(IActivityManager iActivityManager) {
231        mIActivityManager = iActivityManager;
232    }
233}
234