1 /*
2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "bundle_installer_host.h"
17
18 #ifdef ABILITY_RUNTIME_ENABLE
19 #include "ability_manager_client.h"
20 #endif
21 #ifdef BUNDLE_FRAMEWORK_APP_CONTROL
22 #include "app_control_manager.h"
23 #endif
24 #include "app_log_tag_wrapper.h"
25 #include "bundle_clone_installer.h"
26 #include "bundle_framework_core_ipc_interface_code.h"
27 #include "bundle_memory_guard.h"
28 #include "bundle_mgr_service.h"
29 #include "bundle_multiuser_installer.h"
30 #include "bundle_permission_mgr.h"
31 #include "ipc_skeleton.h"
32 #include "parameters.h"
33 #include "plugin_installer.h"
34
35 namespace OHOS {
36 namespace AppExecFwk {
37 namespace {
38 constexpr const char* GET_MANAGER_FAIL = "fail to get bundle installer manager";
39 constexpr const char* MODULE_UPDATE_DIR = "/module_update/";
40 constexpr const char* BMS_PARA_BUNDLE_NAME = "ohos.bms.param.bundleName";
41 constexpr const char* BMS_PARA_IS_KEEP_DATA = "ohos.bms.param.isKeepData";
42 constexpr const char* BMS_PARA_USER_ID = "ohos.bms.param.userId";
43 constexpr const char* BMS_PARA_APP_INDEX = "ohos.bms.param.appIndex";
44 constexpr bool IS_KEEP_DATA = false;
45 int32_t INVALID_APP_INDEX = 0;
46 int32_t LOWER_DLP_TYPE_BOUND = 0;
47 int32_t UPPER_DLP_TYPE_BOUND = 3;
48 } // namespace
49
BundleInstallerHost()50 BundleInstallerHost::BundleInstallerHost()
51 {
52 LOG_NOFUNC_I(BMS_TAG_INSTALLER, "create bundle installer host instance");
53 }
54
~BundleInstallerHost()55 BundleInstallerHost::~BundleInstallerHost()
56 {
57 LOG_NOFUNC_I(BMS_TAG_INSTALLER, "destroy bundle installer host instance");
58 }
59
Init()60 void BundleInstallerHost::Init()
61 {
62 LOG_D(BMS_TAG_INSTALLER, "begin to init");
63 manager_ = std::make_shared<BundleInstallerManager>();
64 LOG_D(BMS_TAG_INSTALLER, "init successfully");
65 }
66
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)67 int BundleInstallerHost::OnRemoteRequest(
68 uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option)
69 {
70 BundleMemoryGuard memoryGuard;
71 LOG_D(BMS_TAG_INSTALLER, "bundle installer host onReceived message, the message code is %{public}u", code);
72 std::u16string descripter = GetDescriptor();
73 std::u16string remoteDescripter = data.ReadInterfaceToken();
74 if (descripter != remoteDescripter) {
75 LOG_E(BMS_TAG_INSTALLER, "fail to write reply message in bundle mgr host due to the reply is nullptr");
76 return OBJECT_NULL;
77 }
78 switch (code) {
79 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL):
80 HandleInstallMessage(data);
81 break;
82 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_MULTIPLE_HAPS):
83 HandleInstallMultipleHapsMessage(data);
84 break;
85 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL):
86 HandleUninstallMessage(data);
87 break;
88 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_MODULE):
89 HandleUninstallModuleMessage(data);
90 break;
91 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_BY_UNINSTALL_PARAM):
92 HandleUninstallByUninstallParam(data);
93 break;
94 case static_cast<uint32_t>(BundleInstallerInterfaceCode::RECOVER):
95 HandleRecoverMessage(data);
96 break;
97 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_SANDBOX_APP):
98 HandleInstallSandboxApp(data, reply);
99 break;
100 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_SANDBOX_APP):
101 HandleUninstallSandboxApp(data, reply);
102 break;
103 case static_cast<uint32_t>(BundleInstallerInterfaceCode::CREATE_STREAM_INSTALLER):
104 HandleCreateStreamInstaller(data, reply);
105 break;
106 case static_cast<uint32_t>(BundleInstallerInterfaceCode::DESTORY_STREAM_INSTALLER):
107 HandleDestoryBundleStreamInstaller(data, reply);
108 break;
109 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_AND_RECOVER):
110 HandleUninstallAndRecoverMessage(data);
111 break;
112 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_CLONE_APP):
113 HandleInstallCloneApp(data, reply);
114 break;
115 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_CLONE_APP):
116 HandleUninstallCloneApp(data, reply);
117 break;
118 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_EXISTED):
119 HandleInstallExisted(data, reply);
120 break;
121 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_PLUGIN_APP):
122 HandleInstallPlugin(data, reply);
123 break;
124 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_PLUGIN_APP):
125 HandleUninstallPlugin(data, reply);
126 break;
127 default:
128 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
129 }
130 return NO_ERROR;
131 }
132
HandleInstallMessage(MessageParcel & data)133 void BundleInstallerHost::HandleInstallMessage(MessageParcel &data)
134 {
135 LOG_D(BMS_TAG_INSTALLER, "handle install message");
136 std::string bundlePath = Str16ToStr8(data.ReadString16());
137 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
138 if (installParam == nullptr) {
139 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
140 return;
141 }
142 sptr<IRemoteObject> object = data.ReadRemoteObject();
143 if (object == nullptr) {
144 LOG_E(BMS_TAG_INSTALLER, "read failed");
145 return;
146 }
147 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
148 installParam->withCopyHaps = true;
149 Install(bundlePath, *installParam, statusReceiver);
150 LOG_D(BMS_TAG_INSTALLER, "handle install message finished");
151 }
152
HandleRecoverMessage(MessageParcel & data)153 void BundleInstallerHost::HandleRecoverMessage(MessageParcel &data)
154 {
155 LOG_D(BMS_TAG_INSTALLER, "handle install message by bundleName");
156 std::string bundleName = Str16ToStr8(data.ReadString16());
157 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
158 if (installParam == nullptr) {
159 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
160 return;
161 }
162 sptr<IRemoteObject> object = data.ReadRemoteObject();
163 if (object == nullptr) {
164 LOG_E(BMS_TAG_INSTALLER, "read failed");
165 return;
166 }
167 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
168
169 installParam->preinstallSourceFlag = ApplicationInfoFlag::FLAG_RECOVER_INSTALLED;
170 Recover(bundleName, *installParam, statusReceiver);
171 LOG_D(BMS_TAG_INSTALLER, "handle install message by bundleName finished");
172 }
173
HandleInstallMultipleHapsMessage(MessageParcel & data)174 void BundleInstallerHost::HandleInstallMultipleHapsMessage(MessageParcel &data)
175 {
176 LOG_D(BMS_TAG_INSTALLER, "handle install multiple haps message");
177 int32_t size = data.ReadInt32();
178 if (size > ServiceConstants::MAX_HAP_NUMBER) {
179 LOG_E(BMS_TAG_INSTALLER, "bundle path size is greater than the max hap number 128");
180 return;
181 }
182 std::vector<std::string> pathVec;
183 for (int i = 0; i < size; ++i) {
184 pathVec.emplace_back(Str16ToStr8(data.ReadString16()));
185 }
186 if (size == 0 || pathVec.empty()) {
187 LOG_E(BMS_TAG_INSTALLER, "inputted bundlepath vector is empty");
188 return;
189 }
190 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
191 if (installParam == nullptr) {
192 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
193 return;
194 }
195 sptr<IRemoteObject> object = data.ReadRemoteObject();
196 if (object == nullptr) {
197 LOG_E(BMS_TAG_INSTALLER, "read failed");
198 return;
199 }
200 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
201 installParam->withCopyHaps = true;
202 Install(pathVec, *installParam, statusReceiver);
203 LOG_D(BMS_TAG_INSTALLER, "handle install multiple haps finished");
204 }
205
HandleUninstallMessage(MessageParcel & data)206 void BundleInstallerHost::HandleUninstallMessage(MessageParcel &data)
207 {
208 LOG_D(BMS_TAG_INSTALLER, "handle uninstall message");
209 std::string bundleName = Str16ToStr8(data.ReadString16());
210 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
211 if (installParam == nullptr) {
212 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
213 return;
214 }
215 sptr<IRemoteObject> object = data.ReadRemoteObject();
216 if (object == nullptr) {
217 LOG_E(BMS_TAG_INSTALLER, "read failed");
218 return;
219 }
220 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
221
222 Uninstall(bundleName, *installParam, statusReceiver);
223 LOG_D(BMS_TAG_INSTALLER, "handle uninstall message finished");
224 }
225
HandleUninstallModuleMessage(MessageParcel & data)226 void BundleInstallerHost::HandleUninstallModuleMessage(MessageParcel &data)
227 {
228 LOG_D(BMS_TAG_INSTALLER, "handle uninstall module message");
229 std::string bundleName = Str16ToStr8(data.ReadString16());
230 std::string modulePackage = Str16ToStr8(data.ReadString16());
231 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
232 if (installParam == nullptr) {
233 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
234 return;
235 }
236 sptr<IRemoteObject> object = data.ReadRemoteObject();
237 if (object == nullptr) {
238 LOG_E(BMS_TAG_INSTALLER, "read failed");
239 return;
240 }
241 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
242 Uninstall(bundleName, modulePackage, *installParam, statusReceiver);
243 LOG_D(BMS_TAG_INSTALLER, "handle uninstall message finished");
244 }
245
HandleUninstallByUninstallParam(MessageParcel & data)246 void BundleInstallerHost::HandleUninstallByUninstallParam(MessageParcel &data)
247 {
248 std::unique_ptr<UninstallParam> uninstallParam(data.ReadParcelable<UninstallParam>());
249 if (uninstallParam == nullptr) {
250 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<UninstallParam failed");
251 return;
252 }
253 sptr<IRemoteObject> object = data.ReadRemoteObject();
254 if (object == nullptr) {
255 LOG_E(BMS_TAG_INSTALLER, "read failed");
256 return;
257 }
258 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
259 Uninstall(*uninstallParam, statusReceiver);
260 }
261
HandleInstallSandboxApp(MessageParcel & data,MessageParcel & reply)262 void BundleInstallerHost::HandleInstallSandboxApp(MessageParcel &data, MessageParcel &reply)
263 {
264 LOG_D(BMS_TAG_INSTALLER, "handle install sandbox app message");
265 std::string bundleName = Str16ToStr8(data.ReadString16());
266 int32_t dplType = data.ReadInt32();
267 int32_t userId = data.ReadInt32();
268 int32_t appIndex = Constants::INITIAL_SANDBOX_APP_INDEX;
269 auto ret = InstallSandboxApp(bundleName, dplType, userId, appIndex);
270 if (!reply.WriteInt32(ret)) {
271 LOG_E(BMS_TAG_INSTALLER, "write failed");
272 }
273 if (ret == ERR_OK && !reply.WriteInt32(appIndex)) {
274 LOG_E(BMS_TAG_INSTALLER, "write failed");
275 }
276 LOG_D(BMS_TAG_INSTALLER, "handle install sandbox app message finished");
277 }
278
HandleUninstallSandboxApp(MessageParcel & data,MessageParcel & reply)279 void BundleInstallerHost::HandleUninstallSandboxApp(MessageParcel &data, MessageParcel &reply)
280 {
281 LOG_D(BMS_TAG_INSTALLER, "handle install sandbox app message");
282 std::string bundleName = Str16ToStr8(data.ReadString16());
283 int32_t appIndex = data.ReadInt32();
284 int32_t userId = data.ReadInt32();
285 auto ret = UninstallSandboxApp(bundleName, appIndex, userId);
286 if (!reply.WriteInt32(ret)) {
287 LOG_E(BMS_TAG_INSTALLER, "write failed");
288 }
289 LOG_D(BMS_TAG_INSTALLER, "handle install sandbox app message finished");
290 }
291
HandleInstallPlugin(MessageParcel & data,MessageParcel & reply)292 void BundleInstallerHost::HandleInstallPlugin(MessageParcel &data, MessageParcel &reply)
293 {
294 LOG_D(BMS_TAG_INSTALLER, "handle install plugin application");
295 std::string hostBundleName = Str16ToStr8(data.ReadString16());
296 std::vector<std::string> pluginFilePaths;
297 if (!data.ReadStringVector(&pluginFilePaths)) {
298 reply.WriteInt32(ERR_APPEXECFWK_PLUGIN_INSTALL_READ_PARCEL_ERROR);
299 LOG_E(BMS_TAG_INSTALLER, "read pluginFilePaths failed");
300 return;
301 }
302 std::unique_ptr<InstallPluginParam> installPluginParam(data.ReadParcelable<InstallPluginParam>());
303 if (installPluginParam == nullptr) {
304 reply.WriteInt32(ERR_APPEXECFWK_PLUGIN_INSTALL_READ_PARCEL_ERROR);
305 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<installPluginParam> failed");
306 return;
307 }
308 auto ret = InstallPlugin(hostBundleName, pluginFilePaths, *installPluginParam);
309 if (!reply.WriteInt32(ret)) {
310 LOG_E(BMS_TAG_INSTALLER, "write failed");
311 }
312 LOG_D(BMS_TAG_INSTALLER, "handle install plugin application finished");
313 }
314
HandleUninstallPlugin(MessageParcel & data,MessageParcel & reply)315 void BundleInstallerHost::HandleUninstallPlugin(MessageParcel &data, MessageParcel &reply)
316 {
317 LOG_D(BMS_TAG_INSTALLER, "handle uninstall plugin application");
318 std::string hostBundleName = Str16ToStr8(data.ReadString16());
319 std::string pluginBundleName = Str16ToStr8(data.ReadString16());
320 std::unique_ptr<InstallPluginParam> installPluginParam(data.ReadParcelable<InstallPluginParam>());
321 if (installPluginParam == nullptr) {
322 reply.WriteInt32(ERR_APPEXECFWK_PLUGIN_INSTALL_READ_PARCEL_ERROR);
323 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<installPluginParam> failed");
324 return;
325 }
326 auto ret = UninstallPlugin(hostBundleName, pluginBundleName, *installPluginParam);
327 if (!reply.WriteInt32(ret)) {
328 LOG_E(BMS_TAG_INSTALLER, "write failed");
329 }
330 LOG_D(BMS_TAG_INSTALLER, "handle uninstall plugin application finished");
331 }
332
HandleCreateStreamInstaller(MessageParcel & data,MessageParcel & reply)333 void BundleInstallerHost::HandleCreateStreamInstaller(MessageParcel &data, MessageParcel &reply)
334 {
335 LOG_D(BMS_TAG_INSTALLER, "handle create stream installer message begin");
336 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
337 if (installParam == nullptr) {
338 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
339 return;
340 }
341 sptr<IRemoteObject> object = data.ReadRemoteObject();
342 if (object == nullptr) {
343 reply.WriteBool(false);
344 LOG_E(BMS_TAG_INSTALLER, "read receiver failed");
345 return;
346 }
347 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
348 if (statusReceiver == nullptr) {
349 reply.WriteBool(false);
350 LOG_E(BMS_TAG_INSTALLER, "cast remote object to status receiver error");
351 return;
352 }
353 std::vector<std::string> originHapPaths;
354 if (!data.ReadStringVector(&originHapPaths)) {
355 reply.WriteBool(false);
356 LOG_E(BMS_TAG_INSTALLER, "read originPaths failed");
357 return;
358 }
359
360 sptr<IBundleStreamInstaller> streamInstaller = CreateStreamInstaller(*installParam, statusReceiver, originHapPaths);
361 if (streamInstaller == nullptr) {
362 if (!reply.WriteBool(false)) {
363 LOG_E(BMS_TAG_INSTALLER, "write result failed");
364 }
365 return;
366 }
367 if (!reply.WriteBool(true)) {
368 LOG_E(BMS_TAG_INSTALLER, "write result failed");
369 return;
370 }
371 if (!reply.WriteUint32(streamInstaller->GetInstallerId())) {
372 LOG_E(BMS_TAG_INSTALLER, "write stream installe id failed");
373 return;
374 }
375 if (!reply.WriteRemoteObject(streamInstaller->AsObject())) {
376 LOG_E(BMS_TAG_INSTALLER, "write stream installer remote object failed");
377 return;
378 }
379
380 std::lock_guard<std::mutex> lock(streamInstallMutex_);
381 streamInstallers_.emplace_back(streamInstaller);
382 LOG_D(BMS_TAG_INSTALLER, "handle create stream installer message finish");
383 }
384
HandleDestoryBundleStreamInstaller(MessageParcel & data,MessageParcel & reply)385 void BundleInstallerHost::HandleDestoryBundleStreamInstaller(MessageParcel &data, MessageParcel &reply)
386 {
387 LOG_D(BMS_TAG_INSTALLER, "handle destory stream installer message begin");
388 uint32_t installeId = data.ReadUint32();
389 DestoryBundleStreamInstaller(installeId);
390 LOG_D(BMS_TAG_INSTALLER, "handle destoy stream installer message finish");
391 }
392
HandleUninstallAndRecoverMessage(MessageParcel & data)393 void BundleInstallerHost::HandleUninstallAndRecoverMessage(MessageParcel &data)
394 {
395 LOG_D(BMS_TAG_INSTALLER, "handle UninstallAndRecover message");
396 std::string bundleName = Str16ToStr8(data.ReadString16());
397 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
398 if (installParam == nullptr) {
399 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
400 return;
401 }
402 sptr<IRemoteObject> object = data.ReadRemoteObject();
403 if (object == nullptr) {
404 LOG_E(BMS_TAG_INSTALLER, "read failed");
405 return;
406 }
407 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
408 installParam->preinstallSourceFlag = ApplicationInfoFlag::FLAG_RECOVER_INSTALLED;
409 UninstallAndRecover(bundleName, *installParam, statusReceiver);
410 LOG_D(BMS_TAG_INSTALLER, "handle UninstallAndRecover message finished");
411 }
412
Install(const std::string & bundleFilePath,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)413 bool BundleInstallerHost::Install(
414 const std::string &bundleFilePath, const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
415 {
416 if (!CheckBundleInstallerManager(statusReceiver)) {
417 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
418 return false;
419 }
420 if (!BundlePermissionMgr::IsSystemApp() &&
421 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
422 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
423 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
424 return false;
425 }
426 if (!BundlePermissionMgr::IsSelfCalling() &&
427 !BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
428 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) &&
429 !BundlePermissionMgr::VerifyCallingPermissionForAll(
430 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) &&
431 !BundlePermissionMgr::VerifyCallingPermissionForAll(
432 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) &&
433 !BundlePermissionMgr::VerifyCallingPermissionForAll(
434 ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE)) {
435 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
436 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
437 return false;
438 }
439
440 manager_->CreateInstallTask(bundleFilePath, installParam, statusReceiver);
441 return true;
442 }
443
Install(const std::vector<std::string> & bundleFilePaths,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)444 bool BundleInstallerHost::Install(const std::vector<std::string> &bundleFilePaths, const InstallParam &installParam,
445 const sptr<IStatusReceiver> &statusReceiver)
446 {
447 if (!CheckBundleInstallerManager(statusReceiver)) {
448 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
449 return false;
450 }
451 if (!BundlePermissionMgr::IsSystemApp() &&
452 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
453 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
454 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
455 return false;
456 }
457 if (!BundlePermissionMgr::IsSelfCalling() &&
458 !BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
459 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) &&
460 !BundlePermissionMgr::VerifyCallingPermissionForAll(
461 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) &&
462 !BundlePermissionMgr::VerifyCallingPermissionForAll(
463 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) &&
464 !BundlePermissionMgr::VerifyCallingPermissionForAll(
465 ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE)) {
466 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
467 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
468 return false;
469 }
470
471 manager_->CreateInstallTask(bundleFilePaths, installParam, statusReceiver);
472 return true;
473 }
474
Recover(const std::string & bundleName,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)475 bool BundleInstallerHost::Recover(
476 const std::string &bundleName, const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
477 {
478 if (!CheckBundleInstallerManager(statusReceiver)) {
479 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
480 return false;
481 }
482 if (!BundlePermissionMgr::IsSystemApp() &&
483 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
484 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
485 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
486 return false;
487 }
488 if (!BundlePermissionMgr::VerifyRecoverPermission()) {
489 LOG_E(BMS_TAG_INSTALLER, "Recover permission denied");
490 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
491 return false;
492 }
493 manager_->CreateRecoverTask(bundleName, CheckInstallParam(installParam), statusReceiver);
494 return true;
495 }
496
Uninstall(const std::string & bundleName,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)497 bool BundleInstallerHost::Uninstall(
498 const std::string &bundleName, const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
499 {
500 if (!CheckBundleInstallerManager(statusReceiver)) {
501 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
502 return false;
503 }
504 if (!BundlePermissionMgr::IsSystemApp() &&
505 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
506 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
507 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
508 return false;
509 }
510 if (!BundlePermissionMgr::VerifyUninstallPermission()) {
511 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
512 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_PERMISSION_DENIED, "");
513 return false;
514 }
515 if (installParam.IsForcedUninstall() && IPCSkeleton::GetCallingUid() != Constants::EDC_UID) {
516 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
517 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PREINSTALL_BUNDLE_ONLY_ALLOW_FORCE_UNINSTALLED_BY_EDC,
518 "Only edc can force uninstall");
519 return false;
520 }
521 if (installParam.IsVerifyUninstallRule() &&
522 CheckUninstallDisposedRule(bundleName, installParam.userId, Constants::MAIN_APP_INDEX,
523 installParam.isKeepData)) {
524 LOG_W(BMS_TAG_INSTALLER, "CheckUninstallDisposedRule failed");
525 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_DISPOSED_RULE_FAILED, "");
526 return false;
527 }
528 manager_->CreateUninstallTask(bundleName, CheckInstallParam(installParam), statusReceiver);
529 return true;
530 }
531
Uninstall(const std::string & bundleName,const std::string & modulePackage,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)532 bool BundleInstallerHost::Uninstall(const std::string &bundleName, const std::string &modulePackage,
533 const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
534 {
535 if (!CheckBundleInstallerManager(statusReceiver)) {
536 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
537 return false;
538 }
539 if (!BundlePermissionMgr::IsSystemApp() &&
540 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
541 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
542 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
543 return false;
544 }
545 if (!BundlePermissionMgr::VerifyUninstallPermission()) {
546 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
547 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_PERMISSION_DENIED, "");
548 return false;
549 }
550 if (installParam.IsVerifyUninstallRule() &&
551 CheckUninstallDisposedRule(
552 bundleName, installParam.userId, Constants::MAIN_APP_INDEX, installParam.isKeepData, modulePackage)) {
553 LOG_W(BMS_TAG_INSTALLER, "CheckUninstallDisposedRule failed");
554 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_DISPOSED_RULE_FAILED, "");
555 return false;
556 }
557 manager_->CreateUninstallTask(
558 bundleName, modulePackage, CheckInstallParam(installParam), statusReceiver);
559 return true;
560 }
561
Uninstall(const UninstallParam & uninstallParam,const sptr<IStatusReceiver> & statusReceiver)562 bool BundleInstallerHost::Uninstall(const UninstallParam &uninstallParam,
563 const sptr<IStatusReceiver> &statusReceiver)
564 {
565 if (!CheckBundleInstallerManager(statusReceiver)) {
566 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
567 return false;
568 }
569 if (!BundlePermissionMgr::IsSystemApp()) {
570 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
571 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
572 return false;
573 }
574 if (!BundlePermissionMgr::VerifyUninstallPermission()) {
575 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
576 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_PERMISSION_DENIED, "");
577 return false;
578 }
579 manager_->CreateUninstallTask(uninstallParam, statusReceiver);
580 return true;
581 }
582
InstallByBundleName(const std::string & bundleName,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)583 bool BundleInstallerHost::InstallByBundleName(const std::string &bundleName,
584 const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
585 {
586 if (!CheckBundleInstallerManager(statusReceiver)) {
587 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
588 return false;
589 }
590 if (!BundlePermissionMgr::IsSystemApp() &&
591 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
592 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
593 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
594 return false;
595 }
596 if (!BundlePermissionMgr::IsSelfCalling() &&
597 !BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
598 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) &&
599 !BundlePermissionMgr::VerifyCallingPermissionForAll(
600 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) &&
601 !BundlePermissionMgr::VerifyCallingPermissionForAll(
602 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) &&
603 !BundlePermissionMgr::VerifyCallingPermissionForAll(
604 ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE)) {
605 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
606 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
607 return false;
608 }
609
610 manager_->CreateInstallByBundleNameTask(bundleName, CheckInstallParam(installParam), statusReceiver);
611 return true;
612 }
613
InstallSandboxApp(const std::string & bundleName,int32_t dplType,int32_t userId,int32_t & appIndex)614 ErrCode BundleInstallerHost::InstallSandboxApp(const std::string &bundleName, int32_t dplType, int32_t userId,
615 int32_t &appIndex)
616 {
617 if (bundleName.empty() || dplType <= LOWER_DLP_TYPE_BOUND || dplType >= UPPER_DLP_TYPE_BOUND) {
618 LOG_E(BMS_TAG_INSTALLER, "install sandbox failed due to error parameters");
619 return ERR_APPEXECFWK_SANDBOX_INSTALL_PARAM_ERROR;
620 }
621 if (!BundlePermissionMgr::IsSystemApp()) {
622 LOG_E(BMS_TAG_INSTALLER, "vnon-system app calling system api");
623 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
624 }
625 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
626 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_SANDBOX_BUNDLE)) {
627 LOG_E(BMS_TAG_INSTALLER, "InstallSandboxApp permission denied");
628 return ERR_APPEXECFWK_PERMISSION_DENIED;
629 }
630 auto helper = DelayedSingleton<BundleSandboxAppHelper>::GetInstance();
631 if (helper == nullptr) {
632 return ERR_APPEXECFWK_SANDBOX_INSTALL_INTERNAL_ERROR;
633 }
634 auto res = helper->InstallSandboxApp(bundleName, dplType, userId, appIndex);
635 if (res != ERR_OK) {
636 LOG_E(BMS_TAG_INSTALLER, "install sandbox failed due to error code : %{public}d", res);
637 }
638 return res;
639 }
640
UninstallSandboxApp(const std::string & bundleName,int32_t appIndex,int32_t userId)641 ErrCode BundleInstallerHost::UninstallSandboxApp(const std::string &bundleName, int32_t appIndex, int32_t userId)
642 {
643 // check bundle name
644 if (bundleName.empty()) {
645 LOG_E(BMS_TAG_INSTALLER, "uninstall sandbox failed due to empty bundleName");
646 return ERR_APPEXECFWK_SANDBOX_INSTALL_PARAM_ERROR;
647 }
648 // check appIndex
649 if (appIndex <= INVALID_APP_INDEX || appIndex > Constants::MAX_SANDBOX_APP_INDEX) {
650 LOG_E(BMS_TAG_INSTALLER, "the appIndex %{public}d is invalid", appIndex);
651 return ERR_APPEXECFWK_SANDBOX_INSTALL_PARAM_ERROR;
652 }
653 if (!BundlePermissionMgr::IsSystemApp()) {
654 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
655 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
656 }
657 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
658 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_UNINSTALL_SANDBOX_BUNDLE)) {
659 LOG_E(BMS_TAG_INSTALLER, "UninstallSandboxApp permission denied");
660 return ERR_APPEXECFWK_PERMISSION_DENIED;
661 }
662 auto helper = DelayedSingleton<BundleSandboxAppHelper>::GetInstance();
663 if (helper == nullptr) {
664 return ERR_APPEXECFWK_SANDBOX_INSTALL_INTERNAL_ERROR;
665 }
666 auto res = helper->UninstallSandboxApp(bundleName, appIndex, userId);
667 if (res != ERR_OK) {
668 LOG_E(BMS_TAG_INSTALLER, "uninstall sandbox failed due to error code : %{public}d", res);
669 }
670 return res;
671 }
672
InstallPlugin(const std::string & hostBundleName,const std::vector<std::string> & pluginFilePaths,const InstallPluginParam & installPluginParam)673 ErrCode BundleInstallerHost::InstallPlugin(const std::string &hostBundleName,
674 const std::vector<std::string> &pluginFilePaths, const InstallPluginParam &installPluginParam)
675 {
676 if (hostBundleName.empty() || pluginFilePaths.empty()) {
677 LOG_E(BMS_TAG_INSTALLER, "install plugin failed due to empty hostBundleName");
678 return ERR_APPEXECFWK_PLUGIN_INSTALL_PARAM_ERROR;
679 }
680 if (!BundlePermissionMgr::IsSystemApp()) {
681 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
682 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
683 }
684 if (!OHOS::system::GetBoolParameter(ServiceConstants::IS_SUPPORT_PLUGIN, false)) {
685 LOG_E(BMS_TAG_INSTALLER, "current device not support plugin");
686 return ERR_APPEXECFWK_DEVICE_NOT_SUPPORT_PLUGIN;
687 }
688 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_PLUGIN)) {
689 LOG_E(BMS_TAG_INSTALLER, "InstallPlugin permission denied");
690 return ERR_APPEXECFWK_PERMISSION_DENIED;
691 }
692 std::shared_ptr<PluginInstaller> pluginInstaller = std::make_shared<PluginInstaller>();
693 auto ret = pluginInstaller->InstallPlugin(hostBundleName, pluginFilePaths, installPluginParam);
694 if (ret != ERR_OK) {
695 LOG_E(BMS_TAG_INSTALLER, "install plugin failed due to error code : %{public}d", ret);
696 }
697 return ret;
698 }
699
UninstallPlugin(const std::string & hostBundleName,const std::string & pluginBundleName,const InstallPluginParam & installPluginParam)700 ErrCode BundleInstallerHost::UninstallPlugin(const std::string &hostBundleName, const std::string &pluginBundleName,
701 const InstallPluginParam &installPluginParam)
702 {
703 if (hostBundleName.empty() || pluginBundleName.empty()) {
704 LOG_E(BMS_TAG_INSTALLER, "uninstall plugin failed due to empty BundleName");
705 return ERR_APPEXECFWK_PLUGIN_INSTALL_PARAM_ERROR;
706 }
707 if (!BundlePermissionMgr::IsSystemApp()) {
708 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
709 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
710 }
711 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_UNINSTALL_PLUGIN)) {
712 LOG_E(BMS_TAG_INSTALLER, "UninstallPlugin permission denied");
713 return ERR_APPEXECFWK_PERMISSION_DENIED;
714 }
715 std::shared_ptr<PluginInstaller> pluginInstaller = std::make_shared<PluginInstaller>();
716 auto ret = pluginInstaller->UninstallPlugin(hostBundleName, pluginBundleName, installPluginParam);
717 if (ret != ERR_OK) {
718 LOG_E(BMS_TAG_INSTALLER, "uninstall plugin failed due to error code : %{public}d", ret);
719 }
720 return ret;
721 }
722
StreamInstall(const std::vector<std::string> & bundleFilePaths,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)723 ErrCode BundleInstallerHost::StreamInstall(const std::vector<std::string> &bundleFilePaths,
724 const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
725 {
726 return ERR_OK;
727 }
728
CreateStreamInstaller(const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver,const std::vector<std::string> & originHapPaths)729 sptr<IBundleStreamInstaller> BundleInstallerHost::CreateStreamInstaller(const InstallParam &installParam,
730 const sptr<IStatusReceiver> &statusReceiver, const std::vector<std::string> &originHapPaths)
731 {
732 if (!CheckBundleInstallerManager(statusReceiver)) {
733 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
734 return nullptr;
735 }
736 if (!BundlePermissionMgr::IsSystemApp()) {
737 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
738 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
739 return nullptr;
740 }
741 InstallParam verifiedInstallParam = installParam;
742 if (!IsPermissionVaild(installParam, verifiedInstallParam)) {
743 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
744 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
745 return nullptr;
746 }
747 auto uid = IPCSkeleton::GetCallingUid();
748 sptr<BundleStreamInstallerHostImpl> streamInstaller(new (std::nothrow) BundleStreamInstallerHostImpl(
749 ++streamInstallerIds_, uid));
750 if (streamInstaller == nullptr) {
751 LOG_E(BMS_TAG_INSTALLER, "streamInstaller is nullptr, uid : %{public}d", uid);
752 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_INTERNAL_ERROR, "");
753 return nullptr;
754 }
755 bool res = streamInstaller->Init(verifiedInstallParam, statusReceiver, originHapPaths);
756 if (!res) {
757 LOG_E(BMS_TAG_INSTALLER, "stream installer init failed");
758 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_INTERNAL_ERROR, "");
759 return nullptr;
760 }
761 return streamInstaller;
762 }
763
IsPermissionVaild(const InstallParam & installParam,InstallParam & verifiedInstallParam)764 bool BundleInstallerHost::IsPermissionVaild(const InstallParam &installParam, InstallParam &verifiedInstallParam)
765 {
766 verifiedInstallParam.isCallByShell = BundlePermissionMgr::IsShellTokenType();
767 verifiedInstallParam.installBundlePermissionStatus =
768 BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) ?
769 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
770 verifiedInstallParam.installEnterpriseBundlePermissionStatus =
771 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) ?
772 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
773 verifiedInstallParam.installEtpNormalBundlePermissionStatus =
774 BundlePermissionMgr::VerifyCallingPermissionForAll(
775 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) ?
776 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
777 verifiedInstallParam.installEtpMdmBundlePermissionStatus =
778 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) ?
779 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
780 verifiedInstallParam.installInternaltestingBundlePermissionStatus =
781 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE)
782 ? PermissionStatus::HAVE_PERMISSION_STATUS
783 : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
784 verifiedInstallParam.installUpdateSelfBundlePermissionStatus =
785 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_SELF_BUNDLE) ?
786 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
787 return (verifiedInstallParam.installBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
788 verifiedInstallParam.installEnterpriseBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
789 verifiedInstallParam.installEtpNormalBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
790 verifiedInstallParam.installEtpMdmBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
791 verifiedInstallParam.installUpdateSelfBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
792 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_QUICK_FIX_BUNDLE));
793 }
794
DestoryBundleStreamInstaller(uint32_t streamInstallerId)795 bool BundleInstallerHost::DestoryBundleStreamInstaller(uint32_t streamInstallerId)
796 {
797 if (!BundlePermissionMgr::IsSystemApp()) {
798 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
799 return false;
800 }
801 if (!BundlePermissionMgr::IsSelfCalling() &&
802 !BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
803 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) &&
804 !BundlePermissionMgr::VerifyCallingPermissionForAll(
805 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) &&
806 !BundlePermissionMgr::VerifyCallingPermissionForAll(
807 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) &&
808 !BundlePermissionMgr::VerifyCallingPermissionForAll(
809 ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE) &&
810 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_QUICK_FIX_BUNDLE)) {
811 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
812 return false;
813 }
814 std::lock_guard<std::mutex> lock(streamInstallMutex_);
815 for (auto it = streamInstallers_.begin(); it != streamInstallers_.end();) {
816 if ((*it)->GetInstallerId() == streamInstallerId) {
817 (*it)->UnInit();
818 it = streamInstallers_.erase(it);
819 } else {
820 it++;
821 }
822 }
823 return true;
824 }
825
CheckBundleInstallerManager(const sptr<IStatusReceiver> & statusReceiver) const826 bool BundleInstallerHost::CheckBundleInstallerManager(const sptr<IStatusReceiver> &statusReceiver) const
827 {
828 if (statusReceiver == nullptr) {
829 LOG_E(BMS_TAG_INSTALLER, "the receiver is nullptr");
830 return false;
831 }
832 if (manager_ == nullptr) {
833 LOG_E(BMS_TAG_INSTALLER, "the bundle installer manager is nullptr");
834 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_INTERNAL_ERROR, GET_MANAGER_FAIL);
835 return false;
836 }
837 return true;
838 }
839
CheckInstallParam(const InstallParam & installParam)840 InstallParam BundleInstallerHost::CheckInstallParam(const InstallParam &installParam)
841 {
842 if (installParam.userId == Constants::UNSPECIFIED_USERID) {
843 LOG_I(BMS_TAG_INSTALLER, "installParam userId is unspecified and get calling userId by callingUid");
844 InstallParam callInstallParam = installParam;
845 callInstallParam.userId = BundleUtil::GetUserIdByCallingUid();
846 return callInstallParam;
847 }
848
849 return installParam;
850 }
851
UpdateBundleForSelf(const std::vector<std::string> & bundleFilePaths,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)852 bool BundleInstallerHost::UpdateBundleForSelf(const std::vector<std::string> &bundleFilePaths,
853 const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
854 {
855 if (!CheckBundleInstallerManager(statusReceiver)) {
856 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
857 return false;
858 }
859 if (!BundlePermissionMgr::IsSystemApp()) {
860 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
861 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
862 return false;
863 }
864 if (!BundlePermissionMgr::IsSelfCalling() &&
865 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_SELF_BUNDLE)) {
866 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
867 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
868 return false;
869 }
870 manager_->CreateInstallTask(bundleFilePaths, installParam, statusReceiver);
871 return true;
872 }
873
UninstallAndRecover(const std::string & bundleName,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)874 bool BundleInstallerHost::UninstallAndRecover(const std::string &bundleName, const InstallParam &installParam,
875 const sptr<IStatusReceiver> &statusReceiver)
876 {
877 if (!CheckBundleInstallerManager(statusReceiver)) {
878 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
879 return false;
880 }
881 if (!BundlePermissionMgr::IsSystemApp()) {
882 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
883 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
884 return false;
885 }
886 if (!BundlePermissionMgr::IsSelfCalling() &&
887 !BundlePermissionMgr::VerifyCallingPermissionsForAll({Constants::PERMISSION_INSTALL_BUNDLE,
888 ServiceConstants::PERMISSION_UNINSTALL_BUNDLE})) {
889 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
890 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
891 return false;
892 }
893 if (installParam.IsForcedUninstall() && IPCSkeleton::GetCallingUid() != Constants::EDC_UID) {
894 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
895 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PREINSTALL_BUNDLE_ONLY_ALLOW_FORCE_UNINSTALLED_BY_EDC,
896 "Only edc can force uninstall");
897 return false;
898 }
899 manager_->CreateUninstallAndRecoverTask(bundleName, CheckInstallParam(installParam), statusReceiver);
900 return true;
901 }
902
AddTask(const ThreadPoolTask & task,const std::string & taskName)903 void BundleInstallerHost::AddTask(const ThreadPoolTask &task, const std::string &taskName)
904 {
905 manager_->AddTask(task, taskName);
906 }
907
GetThreadsNum()908 int32_t BundleInstallerHost::GetThreadsNum()
909 {
910 return manager_->GetThreadsNum();
911 }
912
GetCurTaskNum()913 size_t BundleInstallerHost::GetCurTaskNum()
914 {
915 return manager_->GetCurTaskNum();
916 }
917
InstallCloneApp(const std::string & bundleName,int32_t userId,int32_t & appIndex)918 ErrCode BundleInstallerHost::InstallCloneApp(const std::string &bundleName, int32_t userId, int32_t& appIndex)
919 {
920 LOG_D(BMS_TAG_INSTALLER, "params[bundleName: %{public}s, user_id: %{public}d, appIndex: %{public}d]",
921 bundleName.c_str(), userId, appIndex);
922 if (bundleName.empty()) {
923 LOG_E(BMS_TAG_INSTALLER, "install clone app failed due to error parameters");
924 return ERR_APPEXECFWK_CLONE_INSTALL_PARAM_ERROR;
925 }
926 if (!BundlePermissionMgr::IsSystemApp()) {
927 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api bundleName: %{public}s", bundleName.c_str());
928 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
929 }
930 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_CLONE_BUNDLE)) {
931 LOG_E(BMS_TAG_INSTALLER, "InstallCloneApp permission denied");
932 return ERR_APPEXECFWK_PERMISSION_DENIED;
933 }
934 std::shared_ptr<BundleCloneInstaller> installer = std::make_shared<BundleCloneInstaller>();
935 return installer->InstallCloneApp(bundleName, userId, appIndex);
936 }
937
HandleInstallCloneApp(MessageParcel & data,MessageParcel & reply)938 void BundleInstallerHost::HandleInstallCloneApp(MessageParcel &data, MessageParcel &reply)
939 {
940 LOG_D(BMS_TAG_INSTALLER, "handle install clone app message");
941 std::string bundleName = Str16ToStr8(data.ReadString16());
942 int32_t userId = data.ReadInt32();
943 int32_t appIndex = data.ReadInt32();
944
945 LOG_I(BMS_TAG_INSTALLER, "receive Install CLone App Request");
946
947 auto ret = InstallCloneApp(bundleName, userId, appIndex);
948 if (!reply.WriteInt32(ret)) {
949 LOG_E(BMS_TAG_INSTALLER, "write failed");
950 }
951
952 if (ret == ERR_OK && !reply.WriteInt32(appIndex)) {
953 LOG_E(BMS_TAG_INSTALLER, "write failed");
954 }
955 LOG_D(BMS_TAG_INSTALLER, "handle install clone app message finished");
956 }
957
UninstallCloneApp(const std::string & bundleName,int32_t userId,int32_t appIndex,const DestroyAppCloneParam & destroyAppCloneParam)958 ErrCode BundleInstallerHost::UninstallCloneApp(const std::string &bundleName, int32_t userId, int32_t appIndex,
959 const DestroyAppCloneParam &destroyAppCloneParam)
960 {
961 LOG_D(BMS_TAG_INSTALLER, "params[bundleName: %{public}s, user_id: %{public}d, appIndex: %{public}d]",
962 bundleName.c_str(), userId, appIndex);
963 if (bundleName.empty()) {
964 LOG_E(BMS_TAG_INSTALLER, "install clone app failed due to empty bundleName");
965 return ERR_APPEXECFWK_CLONE_UNINSTALL_INVALID_BUNDLE_NAME;
966 }
967 if (!BundlePermissionMgr::IsSystemApp()) {
968 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api, bundleName: %{public}s", bundleName.c_str());
969 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
970 }
971 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_UNINSTALL_CLONE_BUNDLE)) {
972 LOG_E(BMS_TAG_INSTALLER, "UninstallCloneApp permission denied");
973 return ERR_APPEXECFWK_PERMISSION_DENIED;
974 }
975 if (appIndex < ServiceConstants::CLONE_APP_INDEX_MIN || appIndex > ServiceConstants::CLONE_APP_INDEX_MAX) {
976 APP_LOGE("Add Clone Bundle Fail, appIndex: %{public}d not in valid range", appIndex);
977 return ERR_APPEXECFWK_CLONE_UNINSTALL_INVALID_APP_INDEX;
978 }
979 if (destroyAppCloneParam.IsVerifyUninstallRule() &&
980 CheckUninstallDisposedRule(bundleName, userId, appIndex, IS_KEEP_DATA)) {
981 LOG_W(BMS_TAG_INSTALLER, "CheckUninstallDisposedRule failed");
982 return ERR_APPEXECFWK_UNINSTALL_DISPOSED_RULE_FAILED;
983 }
984 std::shared_ptr<BundleCloneInstaller> installer = std::make_shared<BundleCloneInstaller>();
985 return installer->UninstallCloneApp(bundleName, userId, appIndex, false);
986 }
987
HandleUninstallCloneApp(MessageParcel & data,MessageParcel & reply)988 void BundleInstallerHost::HandleUninstallCloneApp(MessageParcel &data, MessageParcel &reply)
989 {
990 LOG_D(BMS_TAG_INSTALLER, "handle uninstall clone app message");
991 std::string bundleName = Str16ToStr8(data.ReadString16());
992 int32_t userId = data.ReadInt32();
993 int32_t appIndex = data.ReadInt32();
994 std::unique_ptr<DestroyAppCloneParam> destroyAppCloneParam(data.ReadParcelable<DestroyAppCloneParam>());
995 if (destroyAppCloneParam == nullptr) {
996 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<DestroyAppCloneParam> failed");
997 return;
998 }
999
1000 LOG_I(BMS_TAG_INSTALLER, "receive Uninstall CLone App Request");
1001
1002 auto ret = UninstallCloneApp(bundleName, userId, appIndex, *destroyAppCloneParam);
1003 if (!reply.WriteInt32(ret)) {
1004 LOG_E(BMS_TAG_INSTALLER, "write failed");
1005 }
1006 LOG_D(BMS_TAG_INSTALLER, "handle uninstall clone app message finished");
1007 }
1008
InstallExisted(const std::string & bundleName,int32_t userId)1009 ErrCode BundleInstallerHost::InstallExisted(const std::string &bundleName, int32_t userId)
1010 {
1011 LOG_D(BMS_TAG_INSTALLER, "params[bundleName: %{public}s, user_id: %{public}d]",
1012 bundleName.c_str(), userId);
1013 if (bundleName.empty()) {
1014 LOG_E(BMS_TAG_INSTALLER, "install existed app failed due to error parameters");
1015 return ERR_BUNDLE_MANAGER_BUNDLE_NOT_EXIST;
1016 }
1017 if (!BundlePermissionMgr::IsSystemApp()) {
1018 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api bundleName: %{public}s", bundleName.c_str());
1019 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
1020 }
1021 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE)) {
1022 LOG_E(BMS_TAG_INSTALLER, "InstallExisted permission denied");
1023 return ERR_APPEXECFWK_PERMISSION_DENIED;
1024 }
1025 std::shared_ptr<BundleMultiUserInstaller> installer = std::make_shared<BundleMultiUserInstaller>();
1026 return installer->InstallExistedApp(bundleName, userId);
1027 }
1028
HandleInstallExisted(MessageParcel & data,MessageParcel & reply)1029 void BundleInstallerHost::HandleInstallExisted(MessageParcel &data, MessageParcel &reply)
1030 {
1031 LOG_D(BMS_TAG_INSTALLER, "handle install existed app message");
1032 std::string bundleName = Str16ToStr8(data.ReadString16());
1033 int32_t userId = data.ReadInt32();
1034
1035 LOG_I(BMS_TAG_INSTALLER, "receive InstallExisted Request -n %{public}s -u %{public}d",
1036 bundleName.c_str(), userId);
1037
1038 auto ret = InstallExisted(bundleName, userId);
1039 if (!reply.WriteInt32(ret)) {
1040 LOG_E(BMS_TAG_INSTALLER, "write failed");
1041 }
1042 LOG_D(BMS_TAG_INSTALLER, "handle installExisted message finished");
1043 }
1044
CheckUninstallDisposedRule(const std::string & bundleName,int32_t userId,int32_t appIndex,bool isKeepData,const std::string & modulePackage)1045 bool BundleInstallerHost::CheckUninstallDisposedRule(
1046 const std::string &bundleName, int32_t userId, int32_t appIndex, bool isKeepData, const std::string &modulePackage)
1047 {
1048 #if defined (BUNDLE_FRAMEWORK_APP_CONTROL) && defined (ABILITY_RUNTIME_ENABLE)
1049 std::shared_ptr<BundleDataMgr> dataMgr = DelayedSingleton<BundleMgrService>::GetInstance()->GetDataMgr();
1050 if (dataMgr == nullptr) {
1051 LOG_E(BMS_TAG_INSTALLER, "null dataMgr");
1052 return false;
1053 }
1054
1055 InnerBundleInfo bundleInfo;
1056 bool isBundleExist = dataMgr->FetchInnerBundleInfo(bundleName, bundleInfo);
1057 if (!isBundleExist) {
1058 LOG_E(BMS_TAG_INSTALLER, "the bundle: %{public}s is not install", bundleName.c_str());
1059 return false;
1060 }
1061 if (!modulePackage.empty() && !bundleInfo.IsOnlyModule(modulePackage)) {
1062 return false;
1063 }
1064 std::string appId = bundleInfo.GetAppIdentifier();
1065 if (appId.empty()) {
1066 appId = bundleInfo.GetAppId();
1067 }
1068
1069 if (userId == Constants::UNSPECIFIED_USERID) {
1070 LOG_I(BMS_TAG_INSTALLER, "installParam userId is unspecified and get calling userId by callingUid");
1071 userId = BundleUtil::GetUserIdByCallingUid();
1072 }
1073
1074 UninstallDisposedRule rule;
1075 auto ret = DelayedSingleton<AppControlManager>::GetInstance()
1076 ->GetUninstallDisposedRule(appId, appIndex, userId, rule);
1077 if (ret != ERR_OK) {
1078 LOG_E(BMS_TAG_INSTALLER, "GetUninstallDisposedRule failed code:%{public}d", ret);
1079 return false;
1080 }
1081
1082 if (rule.want == nullptr) {
1083 LOG_E(BMS_TAG_INSTALLER, "null rule.want");
1084 return false;
1085 }
1086 rule.want->SetParam(BMS_PARA_BUNDLE_NAME, bundleName);
1087 rule.want->SetParam(BMS_PARA_USER_ID, userId);
1088 rule.want->SetParam(BMS_PARA_APP_INDEX, appIndex);
1089 rule.want->SetParam(BMS_PARA_IS_KEEP_DATA, isKeepData);
1090
1091 if (rule.uninstallComponentType == UninstallComponentType::EXTENSION) {
1092 std::string identity = IPCSkeleton::ResetCallingIdentity();
1093 ErrCode err = AAFwk::AbilityManagerClient::GetInstance()->StartExtensionAbility(
1094 *rule.want, nullptr, userId, AppExecFwk::ExtensionAbilityType::SERVICE);
1095 IPCSkeleton::SetCallingIdentity(identity);
1096 if (err != ERR_OK) {
1097 LOG_E(BMS_TAG_INSTALLER, "start extension ability failed code:%{public}d", err);
1098 }
1099 } else {
1100 LOG_E(BMS_TAG_INSTALLER, "uninstallComponentType wrong type:%{public}d", rule.uninstallComponentType);
1101 }
1102
1103 return true;
1104 #else
1105 LOG_I(BMS_TAG_INSTALLER, "BUNDLE_FRAMEWORK_APP_CONTROL or ABILITY_RUNTIME_ENABLE is false");
1106 return false;
1107 #endif
1108 }
1109 } // namespace AppExecFwk
1110 } // namespace OHOS