Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2018 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.server.pm; |
| 18 | |
| 19 | import android.annotation.NonNull; |
Nikita Ioffe | da998cf | 2019-03-04 22:54:30 +0000 | [diff] [blame] | 20 | import android.annotation.Nullable; |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 21 | import android.apex.ApexInfo; |
Dario Freni | 276cd07 | 2019-01-09 11:13:44 +0000 | [diff] [blame] | 22 | import android.apex.ApexInfoList; |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 23 | import android.apex.ApexSessionInfo; |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 24 | import android.apex.ApexSessionParams; |
Rhed Jao | b793c21 | 2019-10-30 20:54:37 +0800 | [diff] [blame] | 25 | import android.content.BroadcastReceiver; |
Narayan Kamath | fcd4a04 | 2019-02-01 14:16:37 +0000 | [diff] [blame] | 26 | import android.content.Context; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 27 | import android.content.IIntentReceiver; |
| 28 | import android.content.IIntentSender; |
| 29 | import android.content.Intent; |
Rhed Jao | b793c21 | 2019-10-30 20:54:37 +0800 | [diff] [blame] | 30 | import android.content.IntentFilter; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 31 | import android.content.IntentSender; |
Winson | f00c755 | 2020-01-28 12:52:01 -0800 | [diff] [blame] | 32 | import android.content.pm.ApplicationInfo; |
Dario Freni | 2e8dffc | 2019-02-06 14:55:16 +0000 | [diff] [blame] | 33 | import android.content.pm.PackageInfo; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 34 | import android.content.pm.PackageInstaller; |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 35 | import android.content.pm.PackageInstaller.SessionInfo; |
| 36 | import android.content.pm.PackageManager; |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 37 | import android.content.pm.PackageManagerInternal; |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 38 | import android.content.pm.PackageParser; |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 39 | import android.content.pm.PackageParser.PackageParserException; |
| 40 | import android.content.pm.PackageParser.SigningDetails; |
| 41 | import android.content.pm.PackageParser.SigningDetails.SignatureSchemeVersion; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 42 | import android.content.pm.ParceledListSlice; |
Narayan Kamath | fcd4a04 | 2019-02-01 14:16:37 +0000 | [diff] [blame] | 43 | import android.content.rollback.IRollbackManager; |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 44 | import android.content.rollback.RollbackInfo; |
| 45 | import android.content.rollback.RollbackManager; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 46 | import android.os.Bundle; |
Narayan Kamath | 94c93ab | 2019-01-04 10:47:00 +0000 | [diff] [blame] | 47 | import android.os.Handler; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 48 | import android.os.IBinder; |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 49 | import android.os.Looper; |
| 50 | import android.os.Message; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 51 | import android.os.ParcelFileDescriptor; |
Mohammad Samiul Islam | 8ce32fe | 2020-01-14 18:33:39 +0000 | [diff] [blame] | 52 | import android.os.ParcelableException; |
Nikita Ioffe | 39a6a5b | 2019-02-26 15:36:39 +0000 | [diff] [blame] | 53 | import android.os.PowerManager; |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 54 | import android.os.RemoteException; |
| 55 | import android.os.ServiceManager; |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 56 | import android.os.UserHandle; |
| 57 | import android.os.UserManagerInternal; |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 58 | import android.os.storage.IStorageManager; |
Mohammad Samiul Islam | cc4c7d8 | 2019-11-05 18:18:28 +0000 | [diff] [blame] | 59 | import android.os.storage.StorageManager; |
Gavin Corkery | 333136c | 2020-02-03 19:03:43 +0000 | [diff] [blame] | 60 | import android.text.TextUtils; |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 61 | import android.util.IntArray; |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 62 | import android.util.Slog; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 63 | import android.util.SparseArray; |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 64 | import android.util.SparseIntArray; |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 65 | import android.util.apk.ApkSignatureVerifier; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 66 | |
| 67 | import com.android.internal.annotations.GuardedBy; |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 68 | import com.android.internal.content.PackageHelper; |
Narayan Kamath | 94c93ab | 2019-01-04 10:47:00 +0000 | [diff] [blame] | 69 | import com.android.internal.os.BackgroundThread; |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 70 | import com.android.server.LocalServices; |
Winson | 5e0a1d5 | 2020-01-24 12:00:33 -0800 | [diff] [blame] | 71 | import com.android.server.pm.parsing.pkg.AndroidPackage; |
Winson | e075629 | 2020-01-31 12:21:54 -0800 | [diff] [blame] | 72 | import com.android.server.pm.parsing.pkg.AndroidPackageUtils; |
Gavin Corkery | 333136c | 2020-02-03 19:03:43 +0000 | [diff] [blame] | 73 | import com.android.server.rollback.WatchdogRollbackLogger; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 74 | |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 75 | import java.io.File; |
| 76 | import java.io.IOException; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 77 | import java.util.ArrayList; |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 78 | import java.util.Arrays; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 79 | import java.util.List; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 80 | import java.util.concurrent.LinkedBlockingQueue; |
| 81 | import java.util.concurrent.TimeUnit; |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 82 | import java.util.function.Consumer; |
Dario Freni | f141aab | 2019-02-04 14:48:30 +0000 | [diff] [blame] | 83 | import java.util.function.Predicate; |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 84 | import java.util.stream.Collectors; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 85 | |
| 86 | /** |
| 87 | * This class handles staged install sessions, i.e. install sessions that require packages to |
| 88 | * be installed only after a reboot. |
| 89 | */ |
| 90 | public class StagingManager { |
| 91 | |
| 92 | private static final String TAG = "StagingManager"; |
| 93 | |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 94 | private final PackageInstallerService mPi; |
Dario Freni | 2e8dffc | 2019-02-06 14:55:16 +0000 | [diff] [blame] | 95 | private final ApexManager mApexManager; |
Nikita Ioffe | 39a6a5b | 2019-02-26 15:36:39 +0000 | [diff] [blame] | 96 | private final PowerManager mPowerManager; |
Mohammad Samiul Islam | cc4c7d8 | 2019-11-05 18:18:28 +0000 | [diff] [blame] | 97 | private final Context mContext; |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 98 | private final PreRebootVerificationHandler mPreRebootVerificationHandler; |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 99 | |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 100 | @GuardedBy("mStagedSessions") |
| 101 | private final SparseArray<PackageInstallerSession> mStagedSessions = new SparseArray<>(); |
| 102 | |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 103 | @GuardedBy("mStagedSessions") |
| 104 | private final SparseIntArray mSessionRollbackIds = new SparseIntArray(); |
| 105 | |
Gavin Corkery | 333136c | 2020-02-03 19:03:43 +0000 | [diff] [blame] | 106 | @GuardedBy("mFailedPackageNames") |
| 107 | private final List<String> mFailedPackageNames = new ArrayList<>(); |
| 108 | private String mNativeFailureReason; |
| 109 | |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 110 | StagingManager(PackageInstallerService pi, Context context) { |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 111 | mPi = pi; |
Mohammad Samiul Islam | cc4c7d8 | 2019-11-05 18:18:28 +0000 | [diff] [blame] | 112 | mContext = context; |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 113 | |
| 114 | mApexManager = ApexManager.getInstance(); |
Nikita Ioffe | 39a6a5b | 2019-02-26 15:36:39 +0000 | [diff] [blame] | 115 | mPowerManager = (PowerManager) context.getSystemService(Context.POWER_SERVICE); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 116 | mPreRebootVerificationHandler = new PreRebootVerificationHandler( |
| 117 | BackgroundThread.get().getLooper()); |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 118 | } |
| 119 | |
| 120 | private void updateStoredSession(@NonNull PackageInstallerSession sessionInfo) { |
| 121 | synchronized (mStagedSessions) { |
| 122 | PackageInstallerSession storedSession = mStagedSessions.get(sessionInfo.sessionId); |
Narayan Kamath | 94c93ab | 2019-01-04 10:47:00 +0000 | [diff] [blame] | 123 | // storedSession might be null if a call to abortSession was made before the session |
| 124 | // is updated. |
| 125 | if (storedSession != null) { |
| 126 | mStagedSessions.put(sessionInfo.sessionId, sessionInfo); |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 127 | } |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 128 | } |
| 129 | } |
| 130 | |
Patrick Baumann | 6bc126b | 2020-03-06 10:34:17 -0800 | [diff] [blame] | 131 | ParceledListSlice<PackageInstaller.SessionInfo> getSessions(int callingUid) { |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 132 | final List<PackageInstaller.SessionInfo> result = new ArrayList<>(); |
| 133 | synchronized (mStagedSessions) { |
| 134 | for (int i = 0; i < mStagedSessions.size(); i++) { |
Patrick Baumann | 6bc126b | 2020-03-06 10:34:17 -0800 | [diff] [blame] | 135 | final PackageInstallerSession stagedSession = mStagedSessions.valueAt(i); |
| 136 | result.add(stagedSession.generateInfoForCaller(false /*icon*/, callingUid)); |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 137 | } |
| 138 | } |
| 139 | return new ParceledListSlice<>(result); |
| 140 | } |
| 141 | |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 142 | /** |
| 143 | * Validates the signature used to sign the container of the new apex package |
| 144 | * |
| 145 | * @param newApexPkg The new apex package that is being installed |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 146 | * @throws PackageManagerException |
| 147 | */ |
Mohammad Samiul Islam | d7472d0 | 2019-11-11 17:53:47 +0000 | [diff] [blame] | 148 | private void validateApexSignature(PackageInfo newApexPkg) |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 149 | throws PackageManagerException { |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 150 | // Get signing details of the new package |
| 151 | final String apexPath = newApexPkg.applicationInfo.sourceDir; |
| 152 | final String packageName = newApexPkg.packageName; |
Michael Groover | 33df7c4 | 2020-01-24 19:00:01 -0800 | [diff] [blame] | 153 | int minSignatureScheme = ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk( |
| 154 | newApexPkg.applicationInfo.targetSdkVersion); |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 155 | |
Mohammad Samiul Islam | d7472d0 | 2019-11-11 17:53:47 +0000 | [diff] [blame] | 156 | final SigningDetails newSigningDetails; |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 157 | try { |
Michael Groover | 33df7c4 | 2020-01-24 19:00:01 -0800 | [diff] [blame] | 158 | newSigningDetails = ApkSignatureVerifier.verify(apexPath, minSignatureScheme); |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 159 | } catch (PackageParserException e) { |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 160 | throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED, |
| 161 | "Failed to parse APEX package " + apexPath, e); |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 162 | } |
| 163 | |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 164 | // Get signing details of the existing package |
| 165 | final PackageInfo existingApexPkg = mApexManager.getPackageInfo(packageName, |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 166 | ApexManager.MATCH_ACTIVE_PACKAGE); |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 167 | if (existingApexPkg == null) { |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 168 | // This should never happen, because submitSessionToApexService ensures that no new |
| 169 | // apexes were installed. |
| 170 | throw new IllegalStateException("Unknown apex package " + packageName); |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 171 | } |
| 172 | |
| 173 | final SigningDetails existingSigningDetails; |
| 174 | try { |
| 175 | existingSigningDetails = ApkSignatureVerifier.verify( |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 176 | existingApexPkg.applicationInfo.sourceDir, SignatureSchemeVersion.JAR); |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 177 | } catch (PackageParserException e) { |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 178 | throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED, |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 179 | "Failed to parse APEX package " + existingApexPkg.applicationInfo.sourceDir, e); |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 180 | } |
| 181 | |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 182 | // Verify signing details for upgrade |
Mohammad Samiul Islam | d7472d0 | 2019-11-11 17:53:47 +0000 | [diff] [blame] | 183 | if (newSigningDetails.checkCapability(existingSigningDetails, |
| 184 | SigningDetails.CertCapabilities.INSTALLED_DATA) |
| 185 | || existingSigningDetails.checkCapability(newSigningDetails, |
| 186 | SigningDetails.CertCapabilities.ROLLBACK)) { |
Mohammad Samiul Islam | 8e35db1 | 2019-08-22 15:43:55 +0100 | [diff] [blame] | 187 | return; |
| 188 | } |
| 189 | |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 190 | throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED, |
Mohammad Samiul Islam | b884124 | 2019-07-29 14:38:38 +0100 | [diff] [blame] | 191 | "APK-container signature of APEX package " + packageName + " with version " |
| 192 | + newApexPkg.versionCodeMajor + " and path " + apexPath + " is not" |
| 193 | + " compatible with the one currently installed on device"); |
Narayan Kamath | 9dfa674 | 2019-01-04 14:22:50 +0000 | [diff] [blame] | 194 | } |
| 195 | |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 196 | private List<PackageInfo> submitSessionToApexService( |
| 197 | @NonNull PackageInstallerSession session) throws PackageManagerException { |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 198 | final IntArray childSessionIds = new IntArray(); |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 199 | if (session.isMultiPackage()) { |
| 200 | for (int id : session.getChildSessionIds()) { |
| 201 | if (isApexSession(mStagedSessions.get(id))) { |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 202 | childSessionIds.add(id); |
| 203 | } |
| 204 | } |
| 205 | } |
| 206 | ApexSessionParams apexSessionParams = new ApexSessionParams(); |
| 207 | apexSessionParams.sessionId = session.sessionId; |
| 208 | apexSessionParams.childSessionIds = childSessionIds.toArray(); |
| 209 | if (session.params.installReason == PackageManager.INSTALL_REASON_ROLLBACK) { |
| 210 | apexSessionParams.isRollback = true; |
| 211 | apexSessionParams.rollbackId = retrieveRollbackIdForCommitSession(session.sessionId); |
| 212 | } else { |
| 213 | synchronized (mStagedSessions) { |
| 214 | int rollbackId = mSessionRollbackIds.get(session.sessionId, -1); |
| 215 | if (rollbackId != -1) { |
| 216 | apexSessionParams.hasRollbackEnabled = true; |
| 217 | apexSessionParams.rollbackId = rollbackId; |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 218 | } |
Nikita Ioffe | 8bbb815 | 2019-02-21 15:54:54 +0000 | [diff] [blame] | 219 | } |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 220 | } |
Nikita Ioffe | 4e7d24a | 2019-07-05 15:49:45 +0100 | [diff] [blame] | 221 | // submitStagedSession will throw a PackageManagerException if apexd verification fails, |
| 222 | // which will be propagated to populate stagedSessionErrorMessage of this session. |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 223 | final ApexInfoList apexInfoList = mApexManager.submitStagedSession(apexSessionParams); |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 224 | final List<PackageInfo> result = new ArrayList<>(); |
Oli Lan | c2c7a22 | 2019-07-31 15:27:22 +0100 | [diff] [blame] | 225 | for (ApexInfo apexInfo : apexInfoList.apexInfos) { |
| 226 | final PackageInfo packageInfo; |
| 227 | int flags = PackageManager.GET_META_DATA; |
| 228 | PackageParser.Package pkg; |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 229 | try { |
Oli Lan | c2c7a22 | 2019-07-31 15:27:22 +0100 | [diff] [blame] | 230 | File apexFile = new File(apexInfo.modulePath); |
| 231 | PackageParser pp = new PackageParser(); |
| 232 | pkg = pp.parsePackage(apexFile, flags, false); |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 233 | } catch (PackageParserException e) { |
| 234 | throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED, |
Oli Lan | c2c7a22 | 2019-07-31 15:27:22 +0100 | [diff] [blame] | 235 | "Failed to parse APEX package " + apexInfo.modulePath, e); |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 236 | } |
Oli Lan | c2c7a22 | 2019-07-31 15:27:22 +0100 | [diff] [blame] | 237 | packageInfo = PackageParser.generatePackageInfo(pkg, apexInfo, flags); |
| 238 | final PackageInfo activePackage = mApexManager.getPackageInfo(packageInfo.packageName, |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 239 | ApexManager.MATCH_ACTIVE_PACKAGE); |
| 240 | if (activePackage == null) { |
Oli Lan | c2c7a22 | 2019-07-31 15:27:22 +0100 | [diff] [blame] | 241 | Slog.w(TAG, "Attempting to install new APEX package " + packageInfo.packageName); |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 242 | throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED, |
| 243 | "It is forbidden to install new APEX packages."); |
| 244 | } |
| 245 | checkRequiredVersionCode(session, activePackage); |
Oli Lan | c2c7a22 | 2019-07-31 15:27:22 +0100 | [diff] [blame] | 246 | checkDowngrade(session, activePackage, packageInfo); |
| 247 | result.add(packageInfo); |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 248 | } |
Nikita Ioffe | f2c2e01 | 2019-07-23 17:48:38 +0100 | [diff] [blame] | 249 | Slog.d(TAG, "Session " + session.sessionId + " has following APEX packages: [" |
| 250 | + result.stream().map(p -> p.packageName).collect(Collectors.joining(",")) + "]"); |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 251 | return result; |
| 252 | } |
| 253 | |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 254 | private int retrieveRollbackIdForCommitSession(int sessionId) throws PackageManagerException { |
| 255 | RollbackManager rm = mContext.getSystemService(RollbackManager.class); |
| 256 | |
| 257 | List<RollbackInfo> rollbacks = rm.getRecentlyCommittedRollbacks(); |
| 258 | for (RollbackInfo rollback : rollbacks) { |
| 259 | if (rollback.getCommittedSessionId() == sessionId) { |
| 260 | return rollback.getRollbackId(); |
| 261 | } |
| 262 | } |
| 263 | throw new PackageManagerException( |
| 264 | "Could not find rollback id for commit session: " + sessionId); |
| 265 | } |
| 266 | |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 267 | private void checkRequiredVersionCode(final PackageInstallerSession session, |
| 268 | final PackageInfo activePackage) throws PackageManagerException { |
| 269 | if (session.params.requiredInstalledVersionCode == PackageManager.VERSION_CODE_HIGHEST) { |
| 270 | return; |
| 271 | } |
| 272 | final long activeVersion = activePackage.applicationInfo.longVersionCode; |
| 273 | if (activeVersion != session.params.requiredInstalledVersionCode) { |
Mohammad Samiul Islam | 44ad95b | 2019-11-20 15:14:36 +0000 | [diff] [blame] | 274 | if (!mApexManager.abortStagedSession(session.sessionId)) { |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 275 | Slog.e(TAG, "Failed to abort apex session " + session.sessionId); |
| 276 | } |
| 277 | throw new PackageManagerException( |
| 278 | SessionInfo.STAGED_SESSION_VERIFICATION_FAILED, |
| 279 | "Installed version of APEX package " + activePackage.packageName |
Richard Uhler | 2124d4b | 2019-04-25 13:01:39 +0100 | [diff] [blame] | 280 | + " does not match required. Active version: " + activeVersion |
| 281 | + " required: " + session.params.requiredInstalledVersionCode); |
Nikita Ioffe | 8bbb815 | 2019-02-21 15:54:54 +0000 | [diff] [blame] | 282 | } |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 283 | } |
| 284 | |
| 285 | private void checkDowngrade(final PackageInstallerSession session, |
| 286 | final PackageInfo activePackage, final PackageInfo newPackage) |
| 287 | throws PackageManagerException { |
| 288 | final long activeVersion = activePackage.applicationInfo.longVersionCode; |
| 289 | final long newVersionCode = newPackage.applicationInfo.longVersionCode; |
Winson | f00c755 | 2020-01-28 12:52:01 -0800 | [diff] [blame] | 290 | boolean isAppDebuggable = (activePackage.applicationInfo.flags |
| 291 | & ApplicationInfo.FLAG_DEBUGGABLE) != 0; |
Nikita Ioffe | f2c2e01 | 2019-07-23 17:48:38 +0100 | [diff] [blame] | 292 | final boolean allowsDowngrade = PackageManagerServiceUtils.isDowngradePermitted( |
Winson | f00c755 | 2020-01-28 12:52:01 -0800 | [diff] [blame] | 293 | session.params.installFlags, isAppDebuggable); |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 294 | if (activeVersion > newVersionCode && !allowsDowngrade) { |
Mohammad Samiul Islam | 44ad95b | 2019-11-20 15:14:36 +0000 | [diff] [blame] | 295 | if (!mApexManager.abortStagedSession(session.sessionId)) { |
Nikita Ioffe | e0dbc98 | 2019-05-09 19:33:35 +0100 | [diff] [blame] | 296 | Slog.e(TAG, "Failed to abort apex session " + session.sessionId); |
| 297 | } |
| 298 | throw new PackageManagerException( |
| 299 | SessionInfo.STAGED_SESSION_VERIFICATION_FAILED, |
| 300 | "Downgrade of APEX package " + newPackage.packageName |
| 301 | + " is not allowed. Active version: " + activeVersion |
| 302 | + " attempted: " + newVersionCode); |
| 303 | } |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 304 | } |
| 305 | |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 306 | private static boolean isApexSession(@NonNull PackageInstallerSession session) { |
| 307 | return (session.params.installFlags & PackageManager.INSTALL_APEX) != 0; |
| 308 | } |
| 309 | |
Dario Freni | f141aab | 2019-02-04 14:48:30 +0000 | [diff] [blame] | 310 | private boolean sessionContains(@NonNull PackageInstallerSession session, |
| 311 | Predicate<PackageInstallerSession> filter) { |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 312 | if (!session.isMultiPackage()) { |
Dario Freni | f141aab | 2019-02-04 14:48:30 +0000 | [diff] [blame] | 313 | return filter.test(session); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 314 | } |
| 315 | synchronized (mStagedSessions) { |
| 316 | return !(Arrays.stream(session.getChildSessionIds()) |
| 317 | // Retrieve cached sessions matching ids. |
| 318 | .mapToObj(i -> mStagedSessions.get(i)) |
| 319 | // Filter only the ones containing APEX. |
Dario Freni | f141aab | 2019-02-04 14:48:30 +0000 | [diff] [blame] | 320 | .filter(childSession -> filter.test(childSession)) |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 321 | .collect(Collectors.toList()) |
| 322 | .isEmpty()); |
| 323 | } |
| 324 | } |
| 325 | |
Dario Freni | f141aab | 2019-02-04 14:48:30 +0000 | [diff] [blame] | 326 | private boolean sessionContainsApex(@NonNull PackageInstallerSession session) { |
| 327 | return sessionContains(session, (s) -> isApexSession(s)); |
| 328 | } |
| 329 | |
| 330 | private boolean sessionContainsApk(@NonNull PackageInstallerSession session) { |
| 331 | return sessionContains(session, (s) -> !isApexSession(s)); |
| 332 | } |
| 333 | |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 334 | // Reverts apex sessions and user data (if checkpoint is supported). Also reboots the device. |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 335 | private void abortCheckpoint(String errorMsg) { |
| 336 | Slog.e(TAG, "Aborting checkpoint: " + errorMsg); |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 337 | try { |
| 338 | if (supportsCheckpoint() && needsCheckpoint()) { |
| 339 | mApexManager.revertActiveSessions(); |
| 340 | PackageHelper.getStorageManager().abortChanges( |
| 341 | "StagingManager initiated", false /*retry*/); |
| 342 | } |
| 343 | } catch (Exception e) { |
| 344 | Slog.wtf(TAG, "Failed to abort checkpoint", e); |
| 345 | mApexManager.revertActiveSessions(); |
| 346 | mPowerManager.reboot(null); |
| 347 | } |
| 348 | } |
| 349 | |
| 350 | private boolean supportsCheckpoint() throws RemoteException { |
| 351 | return PackageHelper.getStorageManager().supportsCheckpoint(); |
| 352 | } |
| 353 | |
| 354 | private boolean needsCheckpoint() throws RemoteException { |
| 355 | return PackageHelper.getStorageManager().needsCheckpoint(); |
| 356 | } |
| 357 | |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 358 | /** |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 359 | * Perform snapshot and restore as required both for APEXes themselves and for apks in APEX. |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 360 | * Apks inside apex are not installed using apk-install flow. They are scanned from the system |
| 361 | * directory directly by PackageManager, as such, RollbackManager need to handle their data |
| 362 | * separately here. |
| 363 | */ |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 364 | private void snapshotAndRestoreForApexSession(PackageInstallerSession session) { |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 365 | if (!sessionContainsApex(session)) { |
| 366 | return; |
| 367 | } |
| 368 | |
| 369 | boolean doSnapshotOrRestore = |
| 370 | (session.params.installFlags & PackageManager.INSTALL_ENABLE_ROLLBACK) != 0 |
| 371 | || session.params.installReason == PackageManager.INSTALL_REASON_ROLLBACK; |
| 372 | if (!doSnapshotOrRestore) { |
| 373 | return; |
| 374 | } |
| 375 | |
| 376 | // Find all the apex sessions that needs processing |
| 377 | List<PackageInstallerSession> apexSessions = new ArrayList<>(); |
| 378 | if (session.isMultiPackage()) { |
| 379 | List<PackageInstallerSession> childrenSessions = new ArrayList<>(); |
| 380 | synchronized (mStagedSessions) { |
| 381 | for (int childSessionId : session.getChildSessionIds()) { |
| 382 | PackageInstallerSession childSession = mStagedSessions.get(childSessionId); |
| 383 | if (childSession != null) { |
| 384 | childrenSessions.add(childSession); |
| 385 | } |
| 386 | } |
| 387 | } |
| 388 | for (PackageInstallerSession childSession : childrenSessions) { |
| 389 | if (sessionContainsApex(childSession)) { |
| 390 | apexSessions.add(childSession); |
| 391 | } |
| 392 | } |
| 393 | } else { |
| 394 | apexSessions.add(session); |
| 395 | } |
| 396 | |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 397 | final UserManagerInternal um = LocalServices.getService(UserManagerInternal.class); |
| 398 | final int[] allUsers = um.getUserIds(); |
| 399 | IRollbackManager rm = IRollbackManager.Stub.asInterface( |
| 400 | ServiceManager.getService(Context.ROLLBACK_SERVICE)); |
| 401 | |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 402 | for (PackageInstallerSession apexSession : apexSessions) { |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 403 | String packageName = apexSession.getPackageName(); |
| 404 | // Perform any snapshots or restores for the APEX itself |
| 405 | snapshotAndRestoreApexUserData(packageName, allUsers, rm); |
| 406 | |
| 407 | // Process the apks inside the APEX |
| 408 | List<String> apksInApex = mApexManager.getApksInApex(packageName); |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 409 | for (String apk: apksInApex) { |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 410 | snapshotAndRestoreApkInApexUserData(apk, allUsers, rm); |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 411 | } |
| 412 | } |
| 413 | } |
| 414 | |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 415 | private void snapshotAndRestoreApexUserData( |
| 416 | String packageName, int[] allUsers, IRollbackManager rm) { |
| 417 | try { |
| 418 | // appId, ceDataInode, and seInfo are not needed for APEXes |
| 419 | rm.snapshotAndRestoreUserData(packageName, allUsers, 0, 0, |
| 420 | null, 0 /*token*/); |
| 421 | } catch (RemoteException re) { |
| 422 | Slog.e(TAG, "Error snapshotting/restoring user data: " + re); |
| 423 | } |
| 424 | } |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 425 | |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 426 | private void snapshotAndRestoreApkInApexUserData( |
| 427 | String packageName, int[] allUsers, IRollbackManager rm) { |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 428 | PackageManagerInternal mPmi = LocalServices.getService(PackageManagerInternal.class); |
| 429 | AndroidPackage pkg = mPmi.getPackage(packageName); |
| 430 | if (pkg == null) { |
| 431 | Slog.e(TAG, "Could not find package: " + packageName |
| 432 | + "for snapshotting/restoring user data."); |
| 433 | return; |
| 434 | } |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 435 | |
| 436 | int appId = -1; |
| 437 | long ceDataInode = -1; |
Winson | e075629 | 2020-01-31 12:21:54 -0800 | [diff] [blame] | 438 | final PackageSetting ps = mPmi.getPackageSetting(packageName); |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 439 | if (ps != null) { |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 440 | appId = ps.appId; |
| 441 | ceDataInode = ps.getCeDataInode(UserHandle.USER_SYSTEM); |
| 442 | // NOTE: We ignore the user specified in the InstallParam because we know this is |
| 443 | // an update, and hence need to restore data for all installed users. |
| 444 | final int[] installedUsers = ps.queryInstalledUsers(allUsers, true); |
| 445 | |
Winson | e075629 | 2020-01-31 12:21:54 -0800 | [diff] [blame] | 446 | final String seInfo = AndroidPackageUtils.getSeInfo(pkg, ps); |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 447 | try { |
| 448 | rm.snapshotAndRestoreUserData(packageName, installedUsers, appId, ceDataInode, |
| 449 | seInfo, 0 /*token*/); |
| 450 | } catch (RemoteException re) { |
| 451 | Slog.e(TAG, "Error snapshotting/restoring user data: " + re); |
| 452 | } |
| 453 | } |
| 454 | } |
| 455 | |
Gavin Corkery | 333136c | 2020-02-03 19:03:43 +0000 | [diff] [blame] | 456 | /** |
| 457 | * Prepares for the logging of apexd reverts by storing the native failure reason if necessary, |
| 458 | * and adding the package name of the session which apexd reverted to the list of reverted |
| 459 | * session package names. |
| 460 | * Logging needs to wait until the ACTION_BOOT_COMPLETED broadcast is sent. |
| 461 | */ |
| 462 | private void prepareForLoggingApexdRevert(@NonNull PackageInstallerSession session, |
| 463 | @NonNull String nativeFailureReason) { |
| 464 | synchronized (mFailedPackageNames) { |
| 465 | mNativeFailureReason = nativeFailureReason; |
| 466 | if (session.getPackageName() != null) { |
| 467 | mFailedPackageNames.add(session.getPackageName()); |
| 468 | } |
| 469 | } |
| 470 | } |
| 471 | |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 472 | private void resumeSession(@NonNull PackageInstallerSession session) { |
Nikita Ioffe | f2c2e01 | 2019-07-23 17:48:38 +0100 | [diff] [blame] | 473 | Slog.d(TAG, "Resuming session " + session.sessionId); |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 474 | |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 475 | final boolean hasApex = sessionContainsApex(session); |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 476 | ApexSessionInfo apexSessionInfo = null; |
Nikita Ioffe | a820bd9 | 2019-02-15 14:22:44 +0000 | [diff] [blame] | 477 | if (hasApex) { |
Dario Freni | 2e8dffc | 2019-02-06 14:55:16 +0000 | [diff] [blame] | 478 | // Check with apexservice whether the apex packages have been activated. |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 479 | apexSessionInfo = mApexManager.getStagedSessionInfo(session.sessionId); |
| 480 | |
Gavin Corkery | 333136c | 2020-02-03 19:03:43 +0000 | [diff] [blame] | 481 | // Prepare for logging a native crash during boot, if one occurred. |
| 482 | if (apexSessionInfo != null && !TextUtils.isEmpty( |
| 483 | apexSessionInfo.crashingNativeProcess)) { |
| 484 | prepareForLoggingApexdRevert(session, apexSessionInfo.crashingNativeProcess); |
| 485 | } |
| 486 | |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 487 | if (apexSessionInfo != null && apexSessionInfo.isVerified) { |
| 488 | // Session has been previously submitted to apexd, but didn't complete all the |
| 489 | // pre-reboot verification, perhaps because the device rebooted in the meantime. |
| 490 | // Greedily re-trigger the pre-reboot verification. We want to avoid marking it as |
| 491 | // failed when not in checkpoint mode, hence it is being processed separately. |
| 492 | Slog.d(TAG, "Found pending staged session " + session.sessionId + " still to " |
| 493 | + "be verified, resuming pre-reboot verification"); |
| 494 | mPreRebootVerificationHandler.startPreRebootVerification(session.sessionId); |
| 495 | return; |
| 496 | } |
| 497 | } |
| 498 | |
| 499 | // Before we resume session, we check if revert is needed or not. Typically, we enter file- |
| 500 | // system checkpoint mode when we reboot first time in order to install staged sessions. We |
| 501 | // want to install staged sessions in this mode as rebooting now will revert user data. If |
| 502 | // something goes wrong, then we reboot again to enter fs-rollback mode. Rebooting now will |
| 503 | // have no effect on user data, so mark the sessions as failed instead. |
| 504 | try { |
| 505 | // If checkpoint is supported, then we only resume sessions if we are in checkpointing |
| 506 | // mode. If not, we fail all sessions. |
| 507 | if (supportsCheckpoint() && !needsCheckpoint()) { |
| 508 | // TODO(b/146343545): Persist failure reason across checkpoint reboot |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 509 | Slog.d(TAG, "Reverting back to safe state. Marking " + session.sessionId |
| 510 | + " as failed."); |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 511 | session.setStagedSessionFailed(SessionInfo.STAGED_SESSION_UNKNOWN, |
| 512 | "Reverting back to safe state"); |
| 513 | return; |
| 514 | } |
| 515 | } catch (RemoteException e) { |
| 516 | // Cannot continue staged install without knowing if fs-checkpoint is supported |
| 517 | Slog.e(TAG, "Checkpoint support unknown. Aborting staged install for session " |
| 518 | + session.sessionId, e); |
| 519 | // TODO: Mark all staged sessions together and reboot only once |
| 520 | session.setStagedSessionFailed(SessionInfo.STAGED_SESSION_UNKNOWN, |
| 521 | "Checkpoint support unknown. Aborting staged install."); |
| 522 | if (hasApex) { |
| 523 | mApexManager.revertActiveSessions(); |
| 524 | } |
| 525 | mPowerManager.reboot("Checkpoint support unknown"); |
| 526 | return; |
| 527 | } |
| 528 | |
| 529 | if (hasApex) { |
Dario Freni | 2e8dffc | 2019-02-06 14:55:16 +0000 | [diff] [blame] | 530 | if (apexSessionInfo == null) { |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 531 | String errorMsg = "apexd did not know anything about a staged session supposed to" |
| 532 | + " be activated"; |
Dario Freni | 2e8dffc | 2019-02-06 14:55:16 +0000 | [diff] [blame] | 533 | session.setStagedSessionFailed(SessionInfo.STAGED_SESSION_ACTIVATION_FAILED, |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 534 | errorMsg); |
| 535 | abortCheckpoint(errorMsg); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 536 | return; |
| 537 | } |
Nikita Ioffe | 8274222 | 2019-02-26 12:14:04 +0000 | [diff] [blame] | 538 | if (isApexSessionFailed(apexSessionInfo)) { |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 539 | String errorMsg = "APEX activation failed. Check logcat messages from apexd for " |
| 540 | + "more information."; |
Dario Freni | b6d2896 | 2019-01-31 15:52:24 +0000 | [diff] [blame] | 541 | session.setStagedSessionFailed(SessionInfo.STAGED_SESSION_ACTIVATION_FAILED, |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 542 | errorMsg); |
| 543 | abortCheckpoint(errorMsg); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 544 | return; |
| 545 | } |
Nikita Ioffe | a820bd9 | 2019-02-15 14:22:44 +0000 | [diff] [blame] | 546 | if (!apexSessionInfo.isActivated && !apexSessionInfo.isSuccess) { |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 547 | // Apexd did not apply the session for some unknown reason. There is no guarantee |
| 548 | // that apexd will install it next time. Safer to proactively mark as failed. |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 549 | String errorMsg = "Staged session " + session.sessionId + "at boot didn't " |
| 550 | + "activate nor fail. Marking it as failed anyway."; |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 551 | session.setStagedSessionFailed(SessionInfo.STAGED_SESSION_ACTIVATION_FAILED, |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 552 | errorMsg); |
| 553 | abortCheckpoint(errorMsg); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 554 | return; |
| 555 | } |
Oli Lan | 7bbd8b4 | 2020-01-14 10:11:42 +0000 | [diff] [blame] | 556 | snapshotAndRestoreForApexSession(session); |
Nikita Ioffe | f2c2e01 | 2019-07-23 17:48:38 +0100 | [diff] [blame] | 557 | Slog.i(TAG, "APEX packages in session " + session.sessionId |
| 558 | + " were successfully activated. Proceeding with APK packages, if any"); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 559 | } |
| 560 | // The APEX part of the session is activated, proceed with the installation of APKs. |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 561 | try { |
Nikita Ioffe | f2c2e01 | 2019-07-23 17:48:38 +0100 | [diff] [blame] | 562 | Slog.d(TAG, "Installing APK packages in session " + session.sessionId); |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 563 | installApksInSession(session); |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 564 | } catch (PackageManagerException e) { |
| 565 | session.setStagedSessionFailed(e.error, e.getMessage()); |
Mohammad Samiul Islam | 166243f | 2020-03-06 16:19:22 +0000 | [diff] [blame] | 566 | abortCheckpoint(e.getMessage()); |
Nikita Ioffe | 39a6a5b | 2019-02-26 15:36:39 +0000 | [diff] [blame] | 567 | |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 568 | // If checkpoint is not supported, we have to handle failure for one staged session. |
Nikita Ioffe | 39a6a5b | 2019-02-26 15:36:39 +0000 | [diff] [blame] | 569 | if (!hasApex) { |
| 570 | return; |
| 571 | } |
| 572 | |
Mohammad Samiul Islam | 1a96eb6 | 2019-11-21 10:38:06 +0000 | [diff] [blame] | 573 | if (!mApexManager.revertActiveSessions()) { |
Nikita Ioffe | 39a6a5b | 2019-02-26 15:36:39 +0000 | [diff] [blame] | 574 | Slog.e(TAG, "Failed to abort APEXd session"); |
| 575 | } else { |
| 576 | Slog.e(TAG, |
| 577 | "Successfully aborted apexd session. Rebooting device in order to revert " |
| 578 | + "to the previous state of APEXd."); |
| 579 | mPowerManager.reboot(null); |
| 580 | } |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 581 | return; |
| 582 | } |
Nikita Ioffe | a820bd9 | 2019-02-15 14:22:44 +0000 | [diff] [blame] | 583 | |
Nikita Ioffe | f2c2e01 | 2019-07-23 17:48:38 +0100 | [diff] [blame] | 584 | Slog.d(TAG, "Marking session " + session.sessionId + " as applied"); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 585 | session.setStagedSessionApplied(); |
Nikita Ioffe | a820bd9 | 2019-02-15 14:22:44 +0000 | [diff] [blame] | 586 | if (hasApex) { |
| 587 | mApexManager.markStagedSessionSuccessful(session.sessionId); |
| 588 | } |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 589 | } |
| 590 | |
Dario Freni | 815bd21 | 2019-02-20 14:09:36 +0000 | [diff] [blame] | 591 | private List<String> findAPKsInDir(File stageDir) { |
| 592 | List<String> ret = new ArrayList<>(); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 593 | if (stageDir != null && stageDir.exists()) { |
| 594 | for (File file : stageDir.listFiles()) { |
| 595 | if (file.getAbsolutePath().toLowerCase().endsWith(".apk")) { |
Dario Freni | 815bd21 | 2019-02-20 14:09:36 +0000 | [diff] [blame] | 596 | ret.add(file.getAbsolutePath()); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 597 | } |
| 598 | } |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 599 | } |
Dario Freni | 815bd21 | 2019-02-20 14:09:36 +0000 | [diff] [blame] | 600 | return ret; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 601 | } |
| 602 | |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 603 | @NonNull |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 604 | private PackageInstallerSession createAndWriteApkSession( |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 605 | @NonNull PackageInstallerSession originalSession, boolean preReboot) |
| 606 | throws PackageManagerException { |
| 607 | final int errorCode = preReboot ? SessionInfo.STAGED_SESSION_VERIFICATION_FAILED |
| 608 | : SessionInfo.STAGED_SESSION_ACTIVATION_FAILED; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 609 | if (originalSession.stageDir == null) { |
| 610 | Slog.wtf(TAG, "Attempting to install a staged APK session with no staging dir"); |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 611 | throw new PackageManagerException(errorCode, |
| 612 | "Attempting to install a staged APK session with no staging dir"); |
Dario Freni | 1473bcb | 2019-01-25 14:27:13 +0000 | [diff] [blame] | 613 | } |
Dario Freni | 815bd21 | 2019-02-20 14:09:36 +0000 | [diff] [blame] | 614 | List<String> apkFilePaths = findAPKsInDir(originalSession.stageDir); |
| 615 | if (apkFilePaths.isEmpty()) { |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 616 | Slog.w(TAG, "Can't find staged APK in " + originalSession.stageDir.getAbsolutePath()); |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 617 | throw new PackageManagerException(errorCode, |
| 618 | "Can't find staged APK in " + originalSession.stageDir.getAbsolutePath()); |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 619 | } |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 620 | |
| 621 | PackageInstaller.SessionParams params = originalSession.params.copy(); |
| 622 | params.isStaged = false; |
Dario Freni | a2afebf | 2019-05-01 16:03:17 +0100 | [diff] [blame] | 623 | params.installFlags |= PackageManager.INSTALL_STAGED; |
Dario Freni | c3e68ea | 2019-04-02 11:45:13 +0100 | [diff] [blame] | 624 | // TODO(b/129744602): use the userid from the original session. |
Dario Freni | f141aab | 2019-02-04 14:48:30 +0000 | [diff] [blame] | 625 | if (preReboot) { |
| 626 | params.installFlags &= ~PackageManager.INSTALL_ENABLE_ROLLBACK; |
| 627 | params.installFlags |= PackageManager.INSTALL_DRY_RUN; |
| 628 | } else { |
| 629 | params.installFlags |= PackageManager.INSTALL_DISABLE_VERIFICATION; |
| 630 | } |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 631 | try { |
Mohammad Samiul Islam | 8ce32fe | 2020-01-14 18:33:39 +0000 | [diff] [blame] | 632 | int apkSessionId = mPi.createSession( |
| 633 | params, originalSession.getInstallerPackageName(), |
| 634 | 0 /* UserHandle.SYSTEM */); |
| 635 | PackageInstallerSession apkSession = mPi.getSession(apkSessionId); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 636 | apkSession.open(); |
Dario Freni | 815bd21 | 2019-02-20 14:09:36 +0000 | [diff] [blame] | 637 | for (String apkFilePath : apkFilePaths) { |
| 638 | File apkFile = new File(apkFilePath); |
| 639 | ParcelFileDescriptor pfd = ParcelFileDescriptor.open(apkFile, |
| 640 | ParcelFileDescriptor.MODE_READ_ONLY); |
Mohammad Samiul Islam | 8ce32fe | 2020-01-14 18:33:39 +0000 | [diff] [blame] | 641 | long sizeBytes = (pfd == null) ? -1 : pfd.getStatSize(); |
Dario Freni | 815bd21 | 2019-02-20 14:09:36 +0000 | [diff] [blame] | 642 | if (sizeBytes < 0) { |
| 643 | Slog.e(TAG, "Unable to get size of: " + apkFilePath); |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 644 | throw new PackageManagerException(errorCode, |
| 645 | "Unable to get size of: " + apkFilePath); |
Dario Freni | 815bd21 | 2019-02-20 14:09:36 +0000 | [diff] [blame] | 646 | } |
| 647 | apkSession.write(apkFile.getName(), 0, sizeBytes, pfd); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 648 | } |
Mohammad Samiul Islam | 8ce32fe | 2020-01-14 18:33:39 +0000 | [diff] [blame] | 649 | return apkSession; |
| 650 | } catch (IOException | ParcelableException e) { |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 651 | Slog.e(TAG, "Failure to install APK staged session " + originalSession.sessionId, e); |
Mohammad Samiul Islam | 8ce32fe | 2020-01-14 18:33:39 +0000 | [diff] [blame] | 652 | throw new PackageManagerException(errorCode, "Failed to create/write APK session", e); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 653 | } |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 654 | } |
| 655 | |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 656 | /** |
| 657 | * Extract apks in the given session into a new session. Returns {@code null} if there is no |
| 658 | * apks in the given session. Only parent session is returned for multi-package session. |
| 659 | */ |
| 660 | @Nullable |
| 661 | private PackageInstallerSession extractApksInSession(PackageInstallerSession session, |
| 662 | boolean preReboot) throws PackageManagerException { |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 663 | final int errorCode = preReboot ? SessionInfo.STAGED_SESSION_VERIFICATION_FAILED |
| 664 | : SessionInfo.STAGED_SESSION_ACTIVATION_FAILED; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 665 | if (!session.isMultiPackage() && !isApexSession(session)) { |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 666 | return createAndWriteApkSession(session, preReboot); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 667 | } else if (session.isMultiPackage()) { |
| 668 | // For multi-package staged sessions containing APKs, we identify which child sessions |
| 669 | // contain an APK, and with those then create a new multi-package group of sessions, |
| 670 | // carrying over all the session parameters and unmarking them as staged. On commit the |
| 671 | // sessions will be installed atomically. |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 672 | final List<PackageInstallerSession> childSessions; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 673 | synchronized (mStagedSessions) { |
| 674 | childSessions = |
| 675 | Arrays.stream(session.getChildSessionIds()) |
| 676 | // Retrieve cached sessions matching ids. |
| 677 | .mapToObj(i -> mStagedSessions.get(i)) |
Mohammad Samiul Islam | 3fcecfc | 2019-12-20 17:46:01 +0000 | [diff] [blame] | 678 | // Filter only the ones containing APKs. |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 679 | .filter(childSession -> !isApexSession(childSession)) |
| 680 | .collect(Collectors.toList()); |
| 681 | } |
| 682 | if (childSessions.isEmpty()) { |
| 683 | // APEX-only multi-package staged session, nothing to do. |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 684 | return null; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 685 | } |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 686 | final PackageInstaller.SessionParams params = session.params.copy(); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 687 | params.isStaged = false; |
Dario Freni | f141aab | 2019-02-04 14:48:30 +0000 | [diff] [blame] | 688 | if (preReboot) { |
| 689 | params.installFlags &= ~PackageManager.INSTALL_ENABLE_ROLLBACK; |
| 690 | } |
Dario Freni | c3e68ea | 2019-04-02 11:45:13 +0100 | [diff] [blame] | 691 | // TODO(b/129744602): use the userid from the original session. |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 692 | final int apkParentSessionId = mPi.createSession( |
Dario Freni | c3e68ea | 2019-04-02 11:45:13 +0100 | [diff] [blame] | 693 | params, session.getInstallerPackageName(), |
| 694 | 0 /* UserHandle.SYSTEM */); |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 695 | final PackageInstallerSession apkParentSession = mPi.getSession(apkParentSessionId); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 696 | try { |
| 697 | apkParentSession.open(); |
| 698 | } catch (IOException e) { |
| 699 | Slog.e(TAG, "Unable to prepare multi-package session for staged session " |
| 700 | + session.sessionId); |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 701 | throw new PackageManagerException(errorCode, |
| 702 | "Unable to prepare multi-package session for staged session"); |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 703 | } |
| 704 | |
| 705 | for (PackageInstallerSession sessionToClone : childSessions) { |
Dario Freni | f141aab | 2019-02-04 14:48:30 +0000 | [diff] [blame] | 706 | PackageInstallerSession apkChildSession = |
| 707 | createAndWriteApkSession(sessionToClone, preReboot); |
Dario Freni | 0966047 | 2019-02-18 16:44:23 +0000 | [diff] [blame] | 708 | try { |
| 709 | apkParentSession.addChildSessionId(apkChildSession.sessionId); |
Patrick Baumann | 00321b7 | 2019-04-09 15:07:25 -0700 | [diff] [blame] | 710 | } catch (IllegalStateException e) { |
Dario Freni | 0966047 | 2019-02-18 16:44:23 +0000 | [diff] [blame] | 711 | Slog.e(TAG, "Failed to add a child session for installing the APK files", e); |
Nikita Ioffe | c2b87a9 | 2019-07-15 13:28:11 +0100 | [diff] [blame] | 712 | throw new PackageManagerException(errorCode, |
| 713 | "Failed to add a child session " + apkChildSession.sessionId); |
Dario Freni | 0966047 | 2019-02-18 16:44:23 +0000 | [diff] [blame] | 714 | } |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 715 | } |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 716 | return apkParentSession; |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 717 | } |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 718 | return null; |
| 719 | } |
| 720 | |
| 721 | private void verifyApksInSession(PackageInstallerSession session) |
| 722 | throws PackageManagerException { |
| 723 | |
| 724 | final PackageInstallerSession apksToVerify = extractApksInSession( |
| 725 | session, /* preReboot */ true); |
| 726 | if (apksToVerify == null) { |
| 727 | return; |
| 728 | } |
| 729 | |
| 730 | final LocalIntentReceiverAsync receiver = new LocalIntentReceiverAsync( |
| 731 | (Intent result) -> { |
| 732 | int status = result.getIntExtra(PackageInstaller.EXTRA_STATUS, |
| 733 | PackageInstaller.STATUS_FAILURE); |
| 734 | if (status != PackageInstaller.STATUS_SUCCESS) { |
| 735 | final String errorMessage = result.getStringExtra( |
| 736 | PackageInstaller.EXTRA_STATUS_MESSAGE); |
| 737 | Slog.e(TAG, "Failure to verify APK staged session " |
| 738 | + session.sessionId + " [" + errorMessage + "]"); |
| 739 | session.setStagedSessionFailed( |
| 740 | SessionInfo.STAGED_SESSION_VERIFICATION_FAILED, errorMessage); |
| 741 | return; |
| 742 | } |
| 743 | mPreRebootVerificationHandler.notifyPreRebootVerification_Apk_Complete( |
| 744 | session.sessionId); |
| 745 | }); |
| 746 | |
| 747 | apksToVerify.commit(receiver.getIntentSender(), false); |
| 748 | } |
| 749 | |
| 750 | private void installApksInSession(@NonNull PackageInstallerSession session) |
| 751 | throws PackageManagerException { |
| 752 | |
| 753 | final PackageInstallerSession apksToInstall = extractApksInSession( |
| 754 | session, /* preReboot */ false); |
| 755 | if (apksToInstall == null) { |
| 756 | return; |
| 757 | } |
| 758 | |
| 759 | if ((apksToInstall.params.installFlags & PackageManager.INSTALL_ENABLE_ROLLBACK) != 0) { |
| 760 | // If rollback is available for this session, notify the rollback |
| 761 | // manager of the apk session so it can properly enable rollback. |
| 762 | final IRollbackManager rm = IRollbackManager.Stub.asInterface( |
| 763 | ServiceManager.getService(Context.ROLLBACK_SERVICE)); |
| 764 | try { |
| 765 | rm.notifyStagedApkSession(session.sessionId, apksToInstall.sessionId); |
| 766 | } catch (RemoteException re) { |
| 767 | Slog.e(TAG, "Failed to notifyStagedApkSession for session: " |
| 768 | + session.sessionId, re); |
| 769 | } |
| 770 | } |
| 771 | |
| 772 | final LocalIntentReceiverSync receiver = new LocalIntentReceiverSync(); |
| 773 | apksToInstall.commit(receiver.getIntentSender(), false); |
| 774 | final Intent result = receiver.getResult(); |
| 775 | final int status = result.getIntExtra(PackageInstaller.EXTRA_STATUS, |
| 776 | PackageInstaller.STATUS_FAILURE); |
| 777 | if (status != PackageInstaller.STATUS_SUCCESS) { |
| 778 | final String errorMessage = result.getStringExtra( |
| 779 | PackageInstaller.EXTRA_STATUS_MESSAGE); |
| 780 | Slog.e(TAG, "Failure to install APK staged session " |
| 781 | + session.sessionId + " [" + errorMessage + "]"); |
| 782 | throw new PackageManagerException( |
| 783 | SessionInfo.STAGED_SESSION_ACTIVATION_FAILED, errorMessage); |
| 784 | } |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 785 | } |
| 786 | |
Nikita Ioffe | 8e5b703c | 2019-03-14 18:40:17 +0000 | [diff] [blame] | 787 | void commitSession(@NonNull PackageInstallerSession session) { |
Dario Freni | 276cd07 | 2019-01-09 11:13:44 +0000 | [diff] [blame] | 788 | updateStoredSession(session); |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 789 | mPreRebootVerificationHandler.startPreRebootVerification(session.sessionId); |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 790 | } |
| 791 | |
Mohammad Samiul Islam | cc4c7d8 | 2019-11-05 18:18:28 +0000 | [diff] [blame] | 792 | private int parentOrOwnSessionId(PackageInstallerSession session) { |
| 793 | return session.hasParentSessionId() ? session.getParentSessionId() : session.sessionId; |
| 794 | } |
| 795 | |
Mohammad Samiul Islam | da00497 | 2019-10-09 11:29:26 +0100 | [diff] [blame] | 796 | /** |
| 797 | * <p> Check if the session provided is non-overlapping with the active staged sessions. |
| 798 | * |
| 799 | * <p> A session is non-overlapping if it meets one of the following conditions: </p> |
| 800 | * <ul> |
| 801 | * <li>It is a parent session</li> |
| 802 | * <li>It is already one of the active sessions</li> |
| 803 | * <li>Its package name is not same as any of the active sessions</li> |
| 804 | * </ul> |
| 805 | * @throws PackageManagerException if session fails the check |
| 806 | */ |
| 807 | void checkNonOverlappingWithStagedSessions(@NonNull PackageInstallerSession session) |
| 808 | throws PackageManagerException { |
| 809 | if (session.isMultiPackage()) { |
| 810 | // We cannot say a parent session overlaps until we process its children |
| 811 | return; |
| 812 | } |
| 813 | if (session.getPackageName() == null) { |
| 814 | throw new PackageManagerException(PackageManager.INSTALL_FAILED_INVALID_APK, |
| 815 | "Cannot stage session " + session.sessionId + " with package name null"); |
| 816 | } |
| 817 | |
Mohammad Samiul Islam | cc4c7d8 | 2019-11-05 18:18:28 +0000 | [diff] [blame] | 818 | boolean supportsCheckpoint = ((StorageManager) mContext.getSystemService( |
| 819 | Context.STORAGE_SERVICE)).isCheckpointSupported(); |
| 820 | |
Nikita Ioffe | da998cf | 2019-03-04 22:54:30 +0000 | [diff] [blame] | 821 | synchronized (mStagedSessions) { |
| 822 | for (int i = 0; i < mStagedSessions.size(); i++) { |
Mohammad Samiul Islam | da00497 | 2019-10-09 11:29:26 +0100 | [diff] [blame] | 823 | final PackageInstallerSession stagedSession = mStagedSessions.valueAt(i); |
| 824 | if (!stagedSession.isCommitted() || stagedSession.isStagedAndInTerminalState()) { |
Nikita Ioffe | da998cf | 2019-03-04 22:54:30 +0000 | [diff] [blame] | 825 | continue; |
| 826 | } |
Mohammad Samiul Islam | da00497 | 2019-10-09 11:29:26 +0100 | [diff] [blame] | 827 | if (stagedSession.isMultiPackage()) { |
| 828 | // This active parent staged session is useless as it doesn't have a package |
| 829 | // name and the session we are checking is not a parent session either. |
Nikita Ioffe | da998cf | 2019-03-04 22:54:30 +0000 | [diff] [blame] | 830 | continue; |
| 831 | } |
Mohammad Samiul Islam | da00497 | 2019-10-09 11:29:26 +0100 | [diff] [blame] | 832 | |
| 833 | // From here on, stagedSession is a non-parent active staged session |
| 834 | |
| 835 | // Check if stagedSession has an active parent session or not |
| 836 | if (stagedSession.hasParentSessionId()) { |
| 837 | int parentId = stagedSession.getParentSessionId(); |
| 838 | PackageInstallerSession parentSession = mStagedSessions.get(parentId); |
| 839 | if (parentSession == null || parentSession.isStagedAndInTerminalState()) { |
| 840 | // Parent session has been abandoned or terminated already |
| 841 | continue; |
| 842 | } |
| 843 | } |
| 844 | |
| 845 | // Check if session is one of the active sessions |
| 846 | if (session.sessionId == stagedSession.sessionId) { |
| 847 | Slog.w(TAG, "Session " + session.sessionId + " is already staged"); |
| 848 | continue; |
| 849 | } |
| 850 | |
| 851 | // If session is not among the active sessions, then it cannot have same package |
| 852 | // name as any of the active sessions. |
| 853 | if (session.getPackageName().equals(stagedSession.getPackageName())) { |
| 854 | throw new PackageManagerException( |
| 855 | PackageManager.INSTALL_FAILED_OTHER_STAGED_SESSION_IN_PROGRESS, |
| 856 | "Package: " + session.getPackageName() + " in session: " |
| 857 | + session.sessionId + " has been staged already by session: " |
| 858 | + stagedSession.sessionId, null); |
| 859 | } |
| 860 | |
Mohammad Samiul Islam | cc4c7d8 | 2019-11-05 18:18:28 +0000 | [diff] [blame] | 861 | // Staging multiple root sessions is not allowed if device doesn't support |
| 862 | // checkpoint. If session and stagedSession do not have common ancestor, they are |
| 863 | // from two different root sessions. |
| 864 | if (!supportsCheckpoint |
| 865 | && parentOrOwnSessionId(session) != parentOrOwnSessionId(stagedSession)) { |
| 866 | throw new PackageManagerException( |
| 867 | PackageManager.INSTALL_FAILED_OTHER_STAGED_SESSION_IN_PROGRESS, |
| 868 | "Cannot stage multiple sessions without checkpoint support", null); |
| 869 | } |
Nikita Ioffe | da998cf | 2019-03-04 22:54:30 +0000 | [diff] [blame] | 870 | } |
| 871 | } |
Nikita Ioffe | da998cf | 2019-03-04 22:54:30 +0000 | [diff] [blame] | 872 | } |
| 873 | |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 874 | void createSession(@NonNull PackageInstallerSession sessionInfo) { |
| 875 | synchronized (mStagedSessions) { |
| 876 | mStagedSessions.append(sessionInfo.sessionId, sessionInfo); |
| 877 | } |
| 878 | } |
| 879 | |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 880 | void abortSession(@NonNull PackageInstallerSession session) { |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 881 | synchronized (mStagedSessions) { |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 882 | mStagedSessions.remove(session.sessionId); |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 883 | mSessionRollbackIds.delete(session.sessionId); |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 884 | } |
| 885 | } |
Dario Freni | 8e7d0ec | 2019-01-10 15:21:40 +0000 | [diff] [blame] | 886 | |
shafik | 07205e3 | 2019-02-07 20:12:33 +0000 | [diff] [blame] | 887 | void abortCommittedSession(@NonNull PackageInstallerSession session) { |
Nikita Ioffe | 1e523b5 | 2019-03-13 16:07:48 +0000 | [diff] [blame] | 888 | if (session.isStagedSessionApplied()) { |
| 889 | Slog.w(TAG, "Cannot abort applied session : " + session.sessionId); |
shafik | 07205e3 | 2019-02-07 20:12:33 +0000 | [diff] [blame] | 890 | return; |
| 891 | } |
shafik | 07205e3 | 2019-02-07 20:12:33 +0000 | [diff] [blame] | 892 | abortSession(session); |
Nikita Ioffe | e2d52f5 | 2019-03-11 14:29:23 +0000 | [diff] [blame] | 893 | |
| 894 | boolean hasApex = sessionContainsApex(session); |
| 895 | if (hasApex) { |
| 896 | ApexSessionInfo apexSession = mApexManager.getStagedSessionInfo(session.sessionId); |
| 897 | if (apexSession == null || isApexSessionFinalized(apexSession)) { |
| 898 | Slog.w(TAG, |
Mohammad Samiul Islam | da00497 | 2019-10-09 11:29:26 +0100 | [diff] [blame] | 899 | "Cannot abort session " + session.sessionId |
| 900 | + " because it is not active or APEXD is not reachable"); |
Nikita Ioffe | e2d52f5 | 2019-03-11 14:29:23 +0000 | [diff] [blame] | 901 | return; |
| 902 | } |
Mohammad Samiul Islam | 44ad95b | 2019-11-20 15:14:36 +0000 | [diff] [blame] | 903 | try { |
| 904 | mApexManager.abortStagedSession(session.sessionId); |
| 905 | } catch (Exception ignore) { |
| 906 | } |
Nikita Ioffe | e2d52f5 | 2019-03-11 14:29:23 +0000 | [diff] [blame] | 907 | } |
shafik | 07205e3 | 2019-02-07 20:12:33 +0000 | [diff] [blame] | 908 | } |
| 909 | |
Nikita Ioffe | e2d52f5 | 2019-03-11 14:29:23 +0000 | [diff] [blame] | 910 | private boolean isApexSessionFinalized(ApexSessionInfo session) { |
shafik | 07205e3 | 2019-02-07 20:12:33 +0000 | [diff] [blame] | 911 | /* checking if the session is in a final state, i.e., not active anymore */ |
Nikita Ioffe | 8274222 | 2019-02-26 12:14:04 +0000 | [diff] [blame] | 912 | return session.isUnknown || session.isActivationFailed || session.isSuccess |
Mohammad Samiul Islam | 2dfc86a | 2019-11-20 13:53:07 +0000 | [diff] [blame] | 913 | || session.isReverted; |
Nikita Ioffe | 8274222 | 2019-02-26 12:14:04 +0000 | [diff] [blame] | 914 | } |
| 915 | |
| 916 | private static boolean isApexSessionFailed(ApexSessionInfo apexSessionInfo) { |
Mohammad Samiul Islam | 2dfc86a | 2019-11-20 13:53:07 +0000 | [diff] [blame] | 917 | // isRevertInProgress is included to cover the scenario, when a device is rebooted |
| 918 | // during the revert, and apexd fails to resume the revert after reboot. |
Nikita Ioffe | 8274222 | 2019-02-26 12:14:04 +0000 | [diff] [blame] | 919 | return apexSessionInfo.isActivationFailed || apexSessionInfo.isUnknown |
Mohammad Samiul Islam | 2dfc86a | 2019-11-20 13:53:07 +0000 | [diff] [blame] | 920 | || apexSessionInfo.isReverted || apexSessionInfo.isRevertInProgress |
| 921 | || apexSessionInfo.isRevertFailed; |
shafik | 07205e3 | 2019-02-07 20:12:33 +0000 | [diff] [blame] | 922 | } |
| 923 | |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 924 | @GuardedBy("mStagedSessions") |
| 925 | private boolean isMultiPackageSessionComplete(@NonNull PackageInstallerSession session) { |
| 926 | // This method assumes that the argument is either a parent session of a multi-package |
| 927 | // i.e. isMultiPackage() returns true, or that it is a child session, i.e. |
| 928 | // hasParentSessionId() returns true. |
| 929 | if (session.isMultiPackage()) { |
| 930 | // Parent session of a multi-package group. Check that we restored all the children. |
| 931 | for (int childSession : session.getChildSessionIds()) { |
| 932 | if (mStagedSessions.get(childSession) == null) { |
| 933 | return false; |
| 934 | } |
| 935 | } |
| 936 | return true; |
| 937 | } |
| 938 | if (session.hasParentSessionId()) { |
| 939 | PackageInstallerSession parent = mStagedSessions.get(session.getParentSessionId()); |
| 940 | if (parent == null) { |
| 941 | return false; |
| 942 | } |
| 943 | return isMultiPackageSessionComplete(parent); |
| 944 | } |
| 945 | Slog.wtf(TAG, "Attempting to restore an invalid multi-package session."); |
| 946 | return false; |
| 947 | } |
| 948 | |
Rhed Jao | 1fc8b36 | 2020-01-16 18:38:17 +0800 | [diff] [blame] | 949 | void restoreSession(@NonNull PackageInstallerSession session, boolean isDeviceUpgrading) { |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 950 | PackageInstallerSession sessionToResume = session; |
| 951 | synchronized (mStagedSessions) { |
| 952 | mStagedSessions.append(session.sessionId, session); |
| 953 | // For multi-package sessions, we don't know in which order they will be restored. We |
| 954 | // need to wait until we have restored all the session in a group before restoring them. |
| 955 | if (session.isMultiPackage() || session.hasParentSessionId()) { |
| 956 | if (!isMultiPackageSessionComplete(session)) { |
| 957 | // Still haven't recovered all sessions of the group, return. |
| 958 | return; |
| 959 | } |
| 960 | // Group recovered, find the parent if necessary and resume the installation. |
| 961 | if (session.hasParentSessionId()) { |
| 962 | sessionToResume = mStagedSessions.get(session.getParentSessionId()); |
| 963 | } |
| 964 | } |
| 965 | } |
Rhed Jao | 1fc8b36 | 2020-01-16 18:38:17 +0800 | [diff] [blame] | 966 | // The preconditions used during pre-reboot verification might have changed when device |
| 967 | // is upgrading. Updated staged sessions to activation failed before we resume the session. |
| 968 | if (isDeviceUpgrading && !sessionToResume.isStagedAndInTerminalState()) { |
| 969 | sessionToResume.setStagedSessionFailed(SessionInfo.STAGED_SESSION_ACTIVATION_FAILED, |
| 970 | "Build fingerprint has changed"); |
| 971 | return; |
| 972 | } |
Dario Freni | 015f935 | 2019-01-14 21:56:17 +0000 | [diff] [blame] | 973 | checkStateAndResume(sessionToResume); |
| 974 | } |
| 975 | |
| 976 | private void checkStateAndResume(@NonNull PackageInstallerSession session) { |
Dario Freni | 47799f4 | 2019-03-13 18:06:24 +0000 | [diff] [blame] | 977 | if (!session.isCommitted()) { |
| 978 | // Session hasn't been committed yet, ignore. |
| 979 | return; |
| 980 | } |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 981 | // Check the state of the session and decide what to do next. |
| 982 | if (session.isStagedSessionFailed() || session.isStagedSessionApplied()) { |
| 983 | // Final states, nothing to do. |
| 984 | return; |
| 985 | } |
| 986 | if (!session.isStagedSessionReady()) { |
| 987 | // The framework got restarted before the pre-reboot verification could complete, |
| 988 | // restart the verification. |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 989 | mPreRebootVerificationHandler.startPreRebootVerification(session.sessionId); |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 990 | } else { |
| 991 | // Session had already being marked ready. Start the checks to verify if there is any |
| 992 | // follow-up work. |
Dario Freni | 4df010e | 2019-01-31 19:34:46 +0000 | [diff] [blame] | 993 | resumeSession(session); |
Dario Freni | 61b3e25 | 2019-01-11 23:05:39 +0000 | [diff] [blame] | 994 | } |
Dario Freni | 8e7d0ec | 2019-01-10 15:21:40 +0000 | [diff] [blame] | 995 | } |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 996 | |
Gavin Corkery | 333136c | 2020-02-03 19:03:43 +0000 | [diff] [blame] | 997 | private void logFailedApexSessionsIfNecessary() { |
| 998 | synchronized (mFailedPackageNames) { |
| 999 | if (!mFailedPackageNames.isEmpty()) { |
| 1000 | WatchdogRollbackLogger.logApexdRevert(mContext, |
| 1001 | mFailedPackageNames, mNativeFailureReason); |
| 1002 | } |
| 1003 | } |
| 1004 | } |
| 1005 | |
Rhed Jao | b793c21 | 2019-10-30 20:54:37 +0800 | [diff] [blame] | 1006 | void systemReady() { |
| 1007 | // Register the receiver of boot completed intent for staging manager. |
| 1008 | mContext.registerReceiver(new BroadcastReceiver() { |
| 1009 | @Override |
| 1010 | public void onReceive(Context ctx, Intent intent) { |
| 1011 | mPreRebootVerificationHandler.readyToStart(); |
Gavin Corkery | 333136c | 2020-02-03 19:03:43 +0000 | [diff] [blame] | 1012 | BackgroundThread.getExecutor().execute( |
| 1013 | () -> logFailedApexSessionsIfNecessary()); |
Rhed Jao | b793c21 | 2019-10-30 20:54:37 +0800 | [diff] [blame] | 1014 | ctx.unregisterReceiver(this); |
| 1015 | } |
| 1016 | }, new IntentFilter(Intent.ACTION_BOOT_COMPLETED)); |
| 1017 | } |
| 1018 | |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1019 | private static class LocalIntentReceiverAsync { |
| 1020 | final Consumer<Intent> mConsumer; |
| 1021 | |
| 1022 | LocalIntentReceiverAsync(Consumer<Intent> consumer) { |
| 1023 | mConsumer = consumer; |
| 1024 | } |
| 1025 | |
| 1026 | private IIntentSender.Stub mLocalSender = new IIntentSender.Stub() { |
| 1027 | @Override |
| 1028 | public void send(int code, Intent intent, String resolvedType, IBinder whitelistToken, |
| 1029 | IIntentReceiver finishedReceiver, String requiredPermission, Bundle options) { |
| 1030 | mConsumer.accept(intent); |
| 1031 | } |
| 1032 | }; |
| 1033 | |
| 1034 | public IntentSender getIntentSender() { |
| 1035 | return new IntentSender((IIntentSender) mLocalSender); |
| 1036 | } |
| 1037 | } |
| 1038 | |
| 1039 | private static class LocalIntentReceiverSync { |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 1040 | private final LinkedBlockingQueue<Intent> mResult = new LinkedBlockingQueue<>(); |
| 1041 | |
| 1042 | private IIntentSender.Stub mLocalSender = new IIntentSender.Stub() { |
| 1043 | @Override |
| 1044 | public void send(int code, Intent intent, String resolvedType, IBinder whitelistToken, |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1045 | IIntentReceiver finishedReceiver, String requiredPermission, |
| 1046 | Bundle options) { |
Dario Freni | 4b572c0 | 2019-01-29 09:40:31 +0000 | [diff] [blame] | 1047 | try { |
| 1048 | mResult.offer(intent, 5, TimeUnit.SECONDS); |
| 1049 | } catch (InterruptedException e) { |
| 1050 | throw new RuntimeException(e); |
| 1051 | } |
| 1052 | } |
| 1053 | }; |
| 1054 | |
| 1055 | public IntentSender getIntentSender() { |
| 1056 | return new IntentSender((IIntentSender) mLocalSender); |
| 1057 | } |
| 1058 | |
| 1059 | public Intent getResult() { |
| 1060 | try { |
| 1061 | return mResult.take(); |
| 1062 | } catch (InterruptedException e) { |
| 1063 | throw new RuntimeException(e); |
| 1064 | } |
| 1065 | } |
| 1066 | } |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1067 | |
| 1068 | private final class PreRebootVerificationHandler extends Handler { |
Rhed Jao | b793c21 | 2019-10-30 20:54:37 +0800 | [diff] [blame] | 1069 | // Hold session ids before handler gets ready to do the verification. |
| 1070 | private IntArray mPendingSessionIds; |
| 1071 | private boolean mIsReady; |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1072 | |
| 1073 | PreRebootVerificationHandler(Looper looper) { |
| 1074 | super(looper); |
| 1075 | } |
| 1076 | |
| 1077 | /** |
| 1078 | * Handler for states of pre reboot verification. The states are arranged linearly (shown |
| 1079 | * below) with each state either calling the next state, or calling some other method that |
| 1080 | * eventually calls the next state. |
| 1081 | * |
| 1082 | * <p><ul> |
| 1083 | * <li>MSG_PRE_REBOOT_VERIFICATION_START</li> |
| 1084 | * <li>MSG_PRE_REBOOT_VERIFICATION_APEX</li> |
| 1085 | * <li>MSG_PRE_REBOOT_VERIFICATION_APK</li> |
| 1086 | * <li>MSG_PRE_REBOOT_VERIFICATION_END</li> |
| 1087 | * </ul></p> |
| 1088 | * |
| 1089 | * Details about each of state can be found in corresponding handler of node. |
| 1090 | */ |
| 1091 | private static final int MSG_PRE_REBOOT_VERIFICATION_START = 1; |
| 1092 | private static final int MSG_PRE_REBOOT_VERIFICATION_APEX = 2; |
| 1093 | private static final int MSG_PRE_REBOOT_VERIFICATION_APK = 3; |
| 1094 | private static final int MSG_PRE_REBOOT_VERIFICATION_END = 4; |
| 1095 | |
| 1096 | @Override |
| 1097 | public void handleMessage(Message msg) { |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 1098 | final int sessionId = msg.arg1; |
| 1099 | final PackageInstallerSession session; |
| 1100 | synchronized (mStagedSessions) { |
| 1101 | session = mStagedSessions.get(sessionId); |
| 1102 | } |
| 1103 | // Maybe session was aborted before pre-reboot verification was complete |
| 1104 | if (session == null) { |
| 1105 | Slog.d(TAG, "Stopping pre-reboot verification for sessionId: " + sessionId); |
| 1106 | return; |
| 1107 | } |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1108 | switch (msg.what) { |
| 1109 | case MSG_PRE_REBOOT_VERIFICATION_START: |
| 1110 | handlePreRebootVerification_Start(session); |
| 1111 | break; |
| 1112 | case MSG_PRE_REBOOT_VERIFICATION_APEX: |
| 1113 | handlePreRebootVerification_Apex(session); |
| 1114 | break; |
| 1115 | case MSG_PRE_REBOOT_VERIFICATION_APK: |
| 1116 | handlePreRebootVerification_Apk(session); |
| 1117 | break; |
| 1118 | case MSG_PRE_REBOOT_VERIFICATION_END: |
| 1119 | handlePreRebootVerification_End(session); |
| 1120 | break; |
| 1121 | } |
| 1122 | } |
| 1123 | |
Rhed Jao | b793c21 | 2019-10-30 20:54:37 +0800 | [diff] [blame] | 1124 | // Notify the handler that system is ready, and reschedule the pre-reboot verifications. |
| 1125 | private synchronized void readyToStart() { |
| 1126 | mIsReady = true; |
| 1127 | if (mPendingSessionIds != null) { |
| 1128 | for (int i = 0; i < mPendingSessionIds.size(); i++) { |
| 1129 | startPreRebootVerification(mPendingSessionIds.get(i)); |
| 1130 | } |
| 1131 | mPendingSessionIds = null; |
| 1132 | } |
| 1133 | } |
| 1134 | |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1135 | // Method for starting the pre-reboot verification |
Rhed Jao | b793c21 | 2019-10-30 20:54:37 +0800 | [diff] [blame] | 1136 | private synchronized void startPreRebootVerification(int sessionId) { |
| 1137 | if (!mIsReady) { |
| 1138 | if (mPendingSessionIds == null) { |
| 1139 | mPendingSessionIds = new IntArray(); |
| 1140 | } |
| 1141 | mPendingSessionIds.add(sessionId); |
| 1142 | return; |
| 1143 | } |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 1144 | obtainMessage(MSG_PRE_REBOOT_VERIFICATION_START, sessionId, 0).sendToTarget(); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1145 | } |
| 1146 | |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 1147 | private void notifyPreRebootVerification_Start_Complete(int sessionId) { |
| 1148 | obtainMessage(MSG_PRE_REBOOT_VERIFICATION_APEX, sessionId, 0).sendToTarget(); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1149 | } |
| 1150 | |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 1151 | private void notifyPreRebootVerification_Apex_Complete(int sessionId) { |
| 1152 | obtainMessage(MSG_PRE_REBOOT_VERIFICATION_APK, sessionId, 0).sendToTarget(); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1153 | } |
| 1154 | |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 1155 | private void notifyPreRebootVerification_Apk_Complete(int sessionId) { |
| 1156 | obtainMessage(MSG_PRE_REBOOT_VERIFICATION_END, sessionId, 0).sendToTarget(); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1157 | } |
| 1158 | |
| 1159 | /** |
| 1160 | * A dummy state for starting the pre reboot verification. |
| 1161 | * |
| 1162 | * See {@link PreRebootVerificationHandler} to see all nodes of pre reboot verification |
| 1163 | */ |
| 1164 | private void handlePreRebootVerification_Start(@NonNull PackageInstallerSession session) { |
| 1165 | Slog.d(TAG, "Starting preRebootVerification for session " + session.sessionId); |
Oli Lan | c72b0bb | 2019-12-02 14:03:55 +0000 | [diff] [blame] | 1166 | |
| 1167 | if ((session.params.installFlags & PackageManager.INSTALL_ENABLE_ROLLBACK) != 0) { |
| 1168 | // If rollback is enabled for this session, we call through to the RollbackManager |
| 1169 | // with the list of sessions it must enable rollback for. Note that |
| 1170 | // notifyStagedSession is a synchronous operation. |
| 1171 | final IRollbackManager rm = IRollbackManager.Stub.asInterface( |
| 1172 | ServiceManager.getService(Context.ROLLBACK_SERVICE)); |
| 1173 | try { |
| 1174 | // NOTE: To stay consistent with the non-staged install flow, we don't fail the |
| 1175 | // entire install if rollbacks can't be enabled. |
| 1176 | int rollbackId = rm.notifyStagedSession(session.sessionId); |
| 1177 | if (rollbackId != -1) { |
| 1178 | synchronized (mStagedSessions) { |
| 1179 | mSessionRollbackIds.put(session.sessionId, rollbackId); |
| 1180 | } |
| 1181 | } |
| 1182 | } catch (RemoteException re) { |
| 1183 | Slog.e(TAG, "Failed to notifyStagedSession for session: " |
| 1184 | + session.sessionId, re); |
| 1185 | } |
| 1186 | } |
| 1187 | |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 1188 | notifyPreRebootVerification_Start_Complete(session.sessionId); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1189 | } |
| 1190 | |
| 1191 | /** |
| 1192 | * Pre-reboot verification state for apex files: |
| 1193 | * |
| 1194 | * <p><ul> |
| 1195 | * <li>submits session to apex service</li> |
| 1196 | * <li>validates signatures of apex files</li> |
| 1197 | * </ul></p> |
| 1198 | */ |
| 1199 | private void handlePreRebootVerification_Apex(@NonNull PackageInstallerSession session) { |
| 1200 | final boolean hasApex = sessionContainsApex(session); |
| 1201 | |
| 1202 | // APEX checks. For single-package sessions, check if they contain an APEX. For |
| 1203 | // multi-package sessions, find all the child sessions that contain an APEX. |
| 1204 | if (hasApex) { |
| 1205 | try { |
| 1206 | final List<PackageInfo> apexPackages = |
| 1207 | submitSessionToApexService(session); |
| 1208 | for (PackageInfo apexPackage : apexPackages) { |
Mohammad Samiul Islam | d7472d0 | 2019-11-11 17:53:47 +0000 | [diff] [blame] | 1209 | validateApexSignature(apexPackage); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1210 | } |
| 1211 | } catch (PackageManagerException e) { |
| 1212 | session.setStagedSessionFailed(e.error, e.getMessage()); |
| 1213 | return; |
| 1214 | } |
| 1215 | } |
| 1216 | |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 1217 | notifyPreRebootVerification_Apex_Complete(session.sessionId); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1218 | } |
| 1219 | |
| 1220 | /** |
| 1221 | * Pre-reboot verification state for apk files: |
| 1222 | * <p><ul> |
| 1223 | * <li>performs a dry-run install of apk</li> |
| 1224 | * </ul></p> |
| 1225 | */ |
| 1226 | private void handlePreRebootVerification_Apk(@NonNull PackageInstallerSession session) { |
| 1227 | if (!sessionContainsApk(session)) { |
Mohammad Samiul Islam | 6dc9889 | 2019-09-13 11:10:12 +0100 | [diff] [blame] | 1228 | notifyPreRebootVerification_Apk_Complete(session.sessionId); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1229 | return; |
| 1230 | } |
| 1231 | |
| 1232 | try { |
| 1233 | Slog.d(TAG, "Running a pre-reboot verification for APKs in session " |
| 1234 | + session.sessionId + " by performing a dry-run install"); |
| 1235 | |
Mohammad Samiul Islam | 8c041df | 2019-09-10 16:26:26 +0100 | [diff] [blame] | 1236 | // verifyApksInSession will notify the handler when APK verification is complete |
| 1237 | verifyApksInSession(session); |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1238 | // TODO(b/118865310): abort the session on apexd. |
| 1239 | } catch (PackageManagerException e) { |
| 1240 | session.setStagedSessionFailed(e.error, e.getMessage()); |
| 1241 | } |
| 1242 | } |
| 1243 | |
| 1244 | /** |
| 1245 | * Pre-reboot verification state for wrapping up: |
| 1246 | * <p><ul> |
| 1247 | * <li>enables rollback if required</li> |
| 1248 | * <li>marks session as ready</li> |
| 1249 | * </ul></p> |
| 1250 | */ |
| 1251 | private void handlePreRebootVerification_End(@NonNull PackageInstallerSession session) { |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 1252 | // Before marking the session as ready, start checkpoint service if available |
| 1253 | try { |
| 1254 | IStorageManager storageManager = PackageHelper.getStorageManager(); |
| 1255 | if (storageManager.supportsCheckpoint()) { |
Gavin Corkery | ab2544c | 2020-02-04 08:50:53 +0000 | [diff] [blame] | 1256 | storageManager.startCheckpoint(2); |
Mohammad Samiul Islam | 7e9fdb0 | 2019-11-28 18:14:40 +0000 | [diff] [blame] | 1257 | } |
| 1258 | } catch (Exception e) { |
| 1259 | // Failed to get hold of StorageManager |
| 1260 | Slog.e(TAG, "Failed to get hold of StorageManager", e); |
| 1261 | session.setStagedSessionFailed(SessionInfo.STAGED_SESSION_UNKNOWN, |
| 1262 | "Failed to get hold of StorageManager"); |
| 1263 | return; |
| 1264 | } |
| 1265 | |
Mohammad Samiul Islam | ef40027 | 2019-08-15 16:44:57 +0100 | [diff] [blame] | 1266 | // Proactively mark session as ready before calling apexd. Although this call order |
| 1267 | // looks counter-intuitive, this is the easiest way to ensure that session won't end up |
| 1268 | // in the inconsistent state: |
| 1269 | // - If device gets rebooted right before call to apexd, then apexd will never activate |
| 1270 | // apex files of this staged session. This will result in StagingManager failing |
| 1271 | // the session. |
| 1272 | // On the other hand, if the order of the calls was inverted (first call apexd, then |
| 1273 | // mark session as ready), then if a device gets rebooted right after the call to apexd, |
| 1274 | // only apex part of the train will be applied, leaving device in an inconsistent state. |
| 1275 | Slog.d(TAG, "Marking session " + session.sessionId + " as ready"); |
| 1276 | session.setStagedSessionReady(); |
| 1277 | final boolean hasApex = sessionContainsApex(session); |
| 1278 | if (!hasApex) { |
| 1279 | // Session doesn't contain apex, nothing to do. |
| 1280 | return; |
| 1281 | } |
| 1282 | try { |
| 1283 | mApexManager.markStagedSessionReady(session.sessionId); |
| 1284 | } catch (PackageManagerException e) { |
| 1285 | session.setStagedSessionFailed(e.error, e.getMessage()); |
| 1286 | } |
| 1287 | } |
| 1288 | } |
Dario Freni | be98c3f | 2018-12-22 15:25:27 +0000 | [diff] [blame] | 1289 | } |