commit ab2bc07e5fcf2797c165890109016af0ee314e46
author TreeHugger Robot <treehugger-gerrit@google.com> Wed Mar 22 21:14:00 2017 +0000
committer Android (Google) Code Review <android-gerrit@google.com> Wed Mar 22 21:14:05 2017 +0000
tree 288f25612a8df505ee466f93109de650e7ac1333
parent 707af7c57b1616109e8eda2f78647b82a5511c16
parent 34573b289f03d29aa4da114a33c5584856da412d

Merge "Prevent downgrade of targetSandboxVersion"

api/system-current.txt

diff --git a/api/system-current.txt b/api/system-current.txt
index 60d7f2f..9328420 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -11393,6 +11393,7 @@
     field public static final int INSTALL_FAILED_PACKAGE_CHANGED = -23; // 0xffffffe9
     field public static final int INSTALL_FAILED_PERMISSION_MODEL_DOWNGRADE = -26; // 0xffffffe6
     field public static final int INSTALL_FAILED_REPLACE_COULDNT_DELETE = -10; // 0xfffffff6
+    field public static final int INSTALL_FAILED_SANDBOX_VERSION_DOWNGRADE = -27; // 0xffffffe5
     field public static final int INSTALL_FAILED_SHARED_USER_INCOMPATIBLE = -8; // 0xfffffff8
     field public static final int INSTALL_FAILED_TEST_ONLY = -15; // 0xfffffff1
     field public static final int INSTALL_FAILED_UPDATE_INCOMPATIBLE = -7; // 0xfffffff9

core/java/android/content/pm/PackageManager.java

diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java
index bb35928..71db5d3 100644
--- a/core/java/android/content/pm/PackageManager.java
+++ b/core/java/android/content/pm/PackageManager.java
@@ -1069,6 +1069,16 @@
     public static final int INSTALL_FAILED_PERMISSION_MODEL_DOWNGRADE = -26;
 
     /**
+     * Installation return code: this is passed to the
+     * {@link IPackageInstallObserver} if the new package attempts to downgrade the
+     * target sandbox version of the app.
+     *
+     * @hide
+     */
+    @SystemApi
+    public static final int INSTALL_FAILED_SANDBOX_VERSION_DOWNGRADE = -27;
+
+    /**
      * Installation parse return code: this is passed to the
      * {@link IPackageInstallObserver} if the parser was given a path that is
      * not a file, or does not end with the expected '.apk' extension.

services/core/java/com/android/server/pm/PackageManagerService.java

diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 96e2626..25f9c30 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -16692,6 +16692,16 @@
                                         + " target SDK " + oldTargetSdk + " does.");
                         return;
                     }
+                    // Prevent apps from downgrading their targetSandbox.
+                    final int oldTargetSandbox = oldPackage.applicationInfo.targetSandboxVersion;
+                    final int newTargetSandbox = pkg.applicationInfo.targetSandboxVersion;
+                    if (oldTargetSandbox == 2 && newTargetSandbox != 2) {
+                        res.setError(PackageManager.INSTALL_FAILED_SANDBOX_VERSION_DOWNGRADE,
+                                "Package " + pkg.packageName + " new target sandbox "
+                                + newTargetSandbox + " is incompatible with the previous value of"
+                                + oldTargetSandbox + ".");
+                        return;
+                    }
 
                     // Prevent installing of child packages
                     if (oldPackage.parentPackage != null) {