1 /*
2 * Copyright (c) 2021-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "bundle_installer_host.h"
17
18 #ifdef ABILITY_RUNTIME_ENABLE
19 #include "ability_manager_client.h"
20 #endif
21 #ifdef BUNDLE_FRAMEWORK_APP_CONTROL
22 #include "app_control_manager.h"
23 #endif
24 #include "app_log_tag_wrapper.h"
25 #include "bundle_clone_installer.h"
26 #include "bundle_framework_core_ipc_interface_code.h"
27 #include "bundle_hitrace_chain.h"
28 #include "bundle_memory_guard.h"
29 #include "bundle_mgr_service.h"
30 #include "bundle_multiuser_installer.h"
31 #include "bundle_permission_mgr.h"
32 #include "ipc_skeleton.h"
33 #include "parameters.h"
34 #include "plugin_installer.h"
35
36 namespace OHOS {
37 namespace AppExecFwk {
38 namespace {
39 constexpr const char* GET_MANAGER_FAIL = "fail to get bundle installer manager";
40 constexpr const char* MODULE_UPDATE_DIR = "/module_update/";
41 constexpr const char* BMS_PARA_BUNDLE_NAME = "ohos.bms.param.bundleName";
42 constexpr const char* BMS_PARA_IS_KEEP_DATA = "ohos.bms.param.isKeepData";
43 constexpr const char* BMS_PARA_USER_ID = "ohos.bms.param.userId";
44 constexpr const char* BMS_PARA_APP_INDEX = "ohos.bms.param.appIndex";
45 constexpr bool IS_KEEP_DATA = false;
46 int32_t INVALID_APP_INDEX = 0;
47 int32_t LOWER_DLP_TYPE_BOUND = 0;
48 int32_t UPPER_DLP_TYPE_BOUND = 3;
49 } // namespace
50
BundleInstallerHost()51 BundleInstallerHost::BundleInstallerHost()
52 {
53 LOG_NOFUNC_I(BMS_TAG_INSTALLER, "create bundle installer host instance");
54 }
55
~BundleInstallerHost()56 BundleInstallerHost::~BundleInstallerHost()
57 {
58 LOG_NOFUNC_I(BMS_TAG_INSTALLER, "destroy bundle installer host instance");
59 }
60
Init()61 void BundleInstallerHost::Init()
62 {
63 LOG_D(BMS_TAG_INSTALLER, "begin to init");
64 manager_ = std::make_shared<BundleInstallerManager>();
65 LOG_D(BMS_TAG_INSTALLER, "init successfully");
66 }
67
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)68 int BundleInstallerHost::OnRemoteRequest(
69 uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option)
70 {
71 BundleMemoryGuard memoryGuard;
72 LOG_D(BMS_TAG_INSTALLER, "bundle installer host onReceived message, the message code is %{public}u", code);
73 std::u16string descripter = GetDescriptor();
74 std::u16string remoteDescripter = data.ReadInterfaceToken();
75 if (descripter != remoteDescripter) {
76 LOG_E(BMS_TAG_INSTALLER, "fail to write reply message in bundle mgr host due to the reply is nullptr");
77 return OBJECT_NULL;
78 }
79 switch (code) {
80 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL):
81 HandleInstallMessage(data);
82 break;
83 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_MULTIPLE_HAPS):
84 HandleInstallMultipleHapsMessage(data);
85 break;
86 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL):
87 HandleUninstallMessage(data);
88 break;
89 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_MODULE):
90 HandleUninstallModuleMessage(data);
91 break;
92 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_BY_UNINSTALL_PARAM):
93 HandleUninstallByUninstallParam(data);
94 break;
95 case static_cast<uint32_t>(BundleInstallerInterfaceCode::RECOVER):
96 HandleRecoverMessage(data);
97 break;
98 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_SANDBOX_APP):
99 HandleInstallSandboxApp(data, reply);
100 break;
101 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_SANDBOX_APP):
102 HandleUninstallSandboxApp(data, reply);
103 break;
104 case static_cast<uint32_t>(BundleInstallerInterfaceCode::CREATE_STREAM_INSTALLER):
105 HandleCreateStreamInstaller(data, reply);
106 break;
107 case static_cast<uint32_t>(BundleInstallerInterfaceCode::DESTORY_STREAM_INSTALLER):
108 HandleDestoryBundleStreamInstaller(data, reply);
109 break;
110 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_AND_RECOVER):
111 HandleUninstallAndRecoverMessage(data);
112 break;
113 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_CLONE_APP):
114 HandleInstallCloneApp(data, reply);
115 break;
116 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_CLONE_APP):
117 HandleUninstallCloneApp(data, reply);
118 break;
119 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_EXISTED):
120 HandleInstallExisted(data, reply);
121 break;
122 case static_cast<uint32_t>(BundleInstallerInterfaceCode::INSTALL_PLUGIN_APP):
123 HandleInstallPlugin(data, reply);
124 break;
125 case static_cast<uint32_t>(BundleInstallerInterfaceCode::UNINSTALL_PLUGIN_APP):
126 HandleUninstallPlugin(data, reply);
127 break;
128 default:
129 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
130 }
131 return NO_ERROR;
132 }
133
HandleInstallMessage(MessageParcel & data)134 void BundleInstallerHost::HandleInstallMessage(MessageParcel &data)
135 {
136 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("Install", HITRACE_FLAG_INCLUDE_ASYNC);
137 LOG_D(BMS_TAG_INSTALLER, "handle install message");
138 std::string bundlePath = Str16ToStr8(data.ReadString16());
139 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
140 if (installParam == nullptr) {
141 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
142 return;
143 }
144 sptr<IRemoteObject> object = data.ReadRemoteObject();
145 if (object == nullptr) {
146 LOG_E(BMS_TAG_INSTALLER, "read failed");
147 return;
148 }
149 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
150 installParam->withCopyHaps = true;
151 Install(bundlePath, *installParam, statusReceiver);
152 LOG_D(BMS_TAG_INSTALLER, "handle install message finished");
153 }
154
HandleRecoverMessage(MessageParcel & data)155 void BundleInstallerHost::HandleRecoverMessage(MessageParcel &data)
156 {
157 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("Recover", HITRACE_FLAG_INCLUDE_ASYNC);
158 LOG_D(BMS_TAG_INSTALLER, "handle install message by bundleName");
159 std::string bundleName = Str16ToStr8(data.ReadString16());
160 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
161 if (installParam == nullptr) {
162 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
163 return;
164 }
165 sptr<IRemoteObject> object = data.ReadRemoteObject();
166 if (object == nullptr) {
167 LOG_E(BMS_TAG_INSTALLER, "read failed");
168 return;
169 }
170 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
171
172 installParam->preinstallSourceFlag = ApplicationInfoFlag::FLAG_RECOVER_INSTALLED;
173 Recover(bundleName, *installParam, statusReceiver);
174 LOG_D(BMS_TAG_INSTALLER, "handle install message by bundleName finished");
175 }
176
HandleInstallMultipleHapsMessage(MessageParcel & data)177 void BundleInstallerHost::HandleInstallMultipleHapsMessage(MessageParcel &data)
178 {
179 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("Install", HITRACE_FLAG_INCLUDE_ASYNC);
180 LOG_D(BMS_TAG_INSTALLER, "handle install multiple haps message");
181 int32_t size = data.ReadInt32();
182 if (size > ServiceConstants::MAX_HAP_NUMBER) {
183 LOG_E(BMS_TAG_INSTALLER, "bundle path size is greater than the max hap number 128");
184 return;
185 }
186 std::vector<std::string> pathVec;
187 for (int i = 0; i < size; ++i) {
188 pathVec.emplace_back(Str16ToStr8(data.ReadString16()));
189 }
190 if (size == 0 || pathVec.empty()) {
191 LOG_E(BMS_TAG_INSTALLER, "inputted bundlepath vector is empty");
192 return;
193 }
194 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
195 if (installParam == nullptr) {
196 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
197 return;
198 }
199 sptr<IRemoteObject> object = data.ReadRemoteObject();
200 if (object == nullptr) {
201 LOG_E(BMS_TAG_INSTALLER, "read failed");
202 return;
203 }
204 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
205 installParam->withCopyHaps = true;
206 Install(pathVec, *installParam, statusReceiver);
207 LOG_D(BMS_TAG_INSTALLER, "handle install multiple haps finished");
208 }
209
HandleUninstallMessage(MessageParcel & data)210 void BundleInstallerHost::HandleUninstallMessage(MessageParcel &data)
211 {
212 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("Uninstall", HITRACE_FLAG_INCLUDE_ASYNC);
213 LOG_D(BMS_TAG_INSTALLER, "handle uninstall message");
214 std::string bundleName = Str16ToStr8(data.ReadString16());
215 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
216 if (installParam == nullptr) {
217 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
218 return;
219 }
220 sptr<IRemoteObject> object = data.ReadRemoteObject();
221 if (object == nullptr) {
222 LOG_E(BMS_TAG_INSTALLER, "read failed");
223 return;
224 }
225 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
226
227 Uninstall(bundleName, *installParam, statusReceiver);
228 LOG_D(BMS_TAG_INSTALLER, "handle uninstall message finished");
229 }
230
HandleUninstallModuleMessage(MessageParcel & data)231 void BundleInstallerHost::HandleUninstallModuleMessage(MessageParcel &data)
232 {
233 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("Uninstall", HITRACE_FLAG_INCLUDE_ASYNC);
234 LOG_D(BMS_TAG_INSTALLER, "handle uninstall module message");
235 std::string bundleName = Str16ToStr8(data.ReadString16());
236 std::string modulePackage = Str16ToStr8(data.ReadString16());
237 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
238 if (installParam == nullptr) {
239 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
240 return;
241 }
242 sptr<IRemoteObject> object = data.ReadRemoteObject();
243 if (object == nullptr) {
244 LOG_E(BMS_TAG_INSTALLER, "read failed");
245 return;
246 }
247 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
248 Uninstall(bundleName, modulePackage, *installParam, statusReceiver);
249 LOG_D(BMS_TAG_INSTALLER, "handle uninstall message finished");
250 }
251
HandleUninstallByUninstallParam(MessageParcel & data)252 void BundleInstallerHost::HandleUninstallByUninstallParam(MessageParcel &data)
253 {
254 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("Uninstall", HITRACE_FLAG_INCLUDE_ASYNC);
255 std::unique_ptr<UninstallParam> uninstallParam(data.ReadParcelable<UninstallParam>());
256 if (uninstallParam == nullptr) {
257 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<UninstallParam failed");
258 return;
259 }
260 sptr<IRemoteObject> object = data.ReadRemoteObject();
261 if (object == nullptr) {
262 LOG_E(BMS_TAG_INSTALLER, "read failed");
263 return;
264 }
265 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
266 Uninstall(*uninstallParam, statusReceiver);
267 }
268
HandleInstallSandboxApp(MessageParcel & data,MessageParcel & reply)269 void BundleInstallerHost::HandleInstallSandboxApp(MessageParcel &data, MessageParcel &reply)
270 {
271 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("InstallSandboxApp", HITRACE_FLAG_INCLUDE_ASYNC);
272 LOG_D(BMS_TAG_INSTALLER, "handle install sandbox app message");
273 std::string bundleName = Str16ToStr8(data.ReadString16());
274 int32_t dplType = data.ReadInt32();
275 int32_t userId = data.ReadInt32();
276 int32_t appIndex = Constants::INITIAL_SANDBOX_APP_INDEX;
277 auto ret = InstallSandboxApp(bundleName, dplType, userId, appIndex);
278 if (!reply.WriteInt32(ret)) {
279 LOG_E(BMS_TAG_INSTALLER, "write failed");
280 }
281 if (ret == ERR_OK && !reply.WriteInt32(appIndex)) {
282 LOG_E(BMS_TAG_INSTALLER, "write failed");
283 }
284 LOG_D(BMS_TAG_INSTALLER, "handle install sandbox app message finished");
285 }
286
HandleUninstallSandboxApp(MessageParcel & data,MessageParcel & reply)287 void BundleInstallerHost::HandleUninstallSandboxApp(MessageParcel &data, MessageParcel &reply)
288 {
289 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("UninstallSandbox", HITRACE_FLAG_INCLUDE_ASYNC);
290 LOG_D(BMS_TAG_INSTALLER, "handle install sandbox app message");
291 std::string bundleName = Str16ToStr8(data.ReadString16());
292 int32_t appIndex = data.ReadInt32();
293 int32_t userId = data.ReadInt32();
294 auto ret = UninstallSandboxApp(bundleName, appIndex, userId);
295 if (!reply.WriteInt32(ret)) {
296 LOG_E(BMS_TAG_INSTALLER, "write failed");
297 }
298 LOG_D(BMS_TAG_INSTALLER, "handle install sandbox app message finished");
299 }
300
HandleInstallPlugin(MessageParcel & data,MessageParcel & reply)301 void BundleInstallerHost::HandleInstallPlugin(MessageParcel &data, MessageParcel &reply)
302 {
303 LOG_D(BMS_TAG_INSTALLER, "handle install plugin application");
304 std::string hostBundleName = data.ReadString();
305 std::vector<std::string> pluginFilePaths;
306 if (!data.ReadStringVector(&pluginFilePaths)) {
307 reply.WriteInt32(ERR_APPEXECFWK_PLUGIN_INSTALL_READ_PARCEL_ERROR);
308 LOG_E(BMS_TAG_INSTALLER, "read pluginFilePaths failed");
309 return;
310 }
311 std::unique_ptr<InstallPluginParam> installPluginParam(data.ReadParcelable<InstallPluginParam>());
312 if (installPluginParam == nullptr) {
313 reply.WriteInt32(ERR_APPEXECFWK_PLUGIN_INSTALL_READ_PARCEL_ERROR);
314 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<installPluginParam> failed");
315 return;
316 }
317 auto ret = InstallPlugin(hostBundleName, pluginFilePaths, *installPluginParam);
318 if (!reply.WriteInt32(ret)) {
319 LOG_E(BMS_TAG_INSTALLER, "write failed");
320 }
321 LOG_D(BMS_TAG_INSTALLER, "handle install plugin application finished");
322 }
323
HandleUninstallPlugin(MessageParcel & data,MessageParcel & reply)324 void BundleInstallerHost::HandleUninstallPlugin(MessageParcel &data, MessageParcel &reply)
325 {
326 LOG_D(BMS_TAG_INSTALLER, "handle uninstall plugin application");
327 std::string hostBundleName = Str16ToStr8(data.ReadString16());
328 std::string pluginBundleName = Str16ToStr8(data.ReadString16());
329 std::unique_ptr<InstallPluginParam> installPluginParam(data.ReadParcelable<InstallPluginParam>());
330 if (installPluginParam == nullptr) {
331 reply.WriteInt32(ERR_APPEXECFWK_PLUGIN_INSTALL_READ_PARCEL_ERROR);
332 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<installPluginParam> failed");
333 return;
334 }
335 auto ret = UninstallPlugin(hostBundleName, pluginBundleName, *installPluginParam);
336 if (!reply.WriteInt32(ret)) {
337 LOG_E(BMS_TAG_INSTALLER, "write failed");
338 }
339 LOG_D(BMS_TAG_INSTALLER, "handle uninstall plugin application finished");
340 }
341
HandleCreateStreamInstaller(MessageParcel & data,MessageParcel & reply)342 void BundleInstallerHost::HandleCreateStreamInstaller(MessageParcel &data, MessageParcel &reply)
343 {
344 LOG_D(BMS_TAG_INSTALLER, "handle create stream installer message begin");
345 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
346 if (installParam == nullptr) {
347 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
348 return;
349 }
350 sptr<IRemoteObject> object = data.ReadRemoteObject();
351 if (object == nullptr) {
352 reply.WriteBool(false);
353 LOG_E(BMS_TAG_INSTALLER, "read receiver failed");
354 return;
355 }
356 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
357 if (statusReceiver == nullptr) {
358 reply.WriteBool(false);
359 LOG_E(BMS_TAG_INSTALLER, "cast remote object to status receiver error");
360 return;
361 }
362 std::vector<std::string> originHapPaths;
363 if (!data.ReadStringVector(&originHapPaths)) {
364 reply.WriteBool(false);
365 LOG_E(BMS_TAG_INSTALLER, "read originPaths failed");
366 return;
367 }
368
369 sptr<IBundleStreamInstaller> streamInstaller = CreateStreamInstaller(*installParam, statusReceiver, originHapPaths);
370 if (streamInstaller == nullptr) {
371 if (!reply.WriteBool(false)) {
372 LOG_E(BMS_TAG_INSTALLER, "write result failed");
373 }
374 return;
375 }
376 if (!reply.WriteBool(true)) {
377 LOG_E(BMS_TAG_INSTALLER, "write result failed");
378 return;
379 }
380 if (!reply.WriteUint32(streamInstaller->GetInstallerId())) {
381 LOG_E(BMS_TAG_INSTALLER, "write stream installe id failed");
382 return;
383 }
384 if (!reply.WriteRemoteObject(streamInstaller->AsObject())) {
385 LOG_E(BMS_TAG_INSTALLER, "write stream installer remote object failed");
386 return;
387 }
388
389 std::lock_guard<std::mutex> lock(streamInstallMutex_);
390 streamInstallers_.emplace_back(streamInstaller);
391 LOG_D(BMS_TAG_INSTALLER, "handle create stream installer message finish");
392 }
393
HandleDestoryBundleStreamInstaller(MessageParcel & data,MessageParcel & reply)394 void BundleInstallerHost::HandleDestoryBundleStreamInstaller(MessageParcel &data, MessageParcel &reply)
395 {
396 LOG_D(BMS_TAG_INSTALLER, "handle destory stream installer message begin");
397 uint32_t installeId = data.ReadUint32();
398 DestoryBundleStreamInstaller(installeId);
399 LOG_D(BMS_TAG_INSTALLER, "handle destoy stream installer message finish");
400 }
401
HandleUninstallAndRecoverMessage(MessageParcel & data)402 void BundleInstallerHost::HandleUninstallAndRecoverMessage(MessageParcel &data)
403 {
404 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("UninstallAndRecover", HITRACE_FLAG_INCLUDE_ASYNC);
405 LOG_D(BMS_TAG_INSTALLER, "handle UninstallAndRecover message");
406 std::string bundleName = Str16ToStr8(data.ReadString16());
407 std::unique_ptr<InstallParam> installParam(data.ReadParcelable<InstallParam>());
408 if (installParam == nullptr) {
409 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<InstallParam> failed");
410 return;
411 }
412 sptr<IRemoteObject> object = data.ReadRemoteObject();
413 if (object == nullptr) {
414 LOG_E(BMS_TAG_INSTALLER, "read failed");
415 return;
416 }
417 sptr<IStatusReceiver> statusReceiver = iface_cast<IStatusReceiver>(object);
418 installParam->preinstallSourceFlag = ApplicationInfoFlag::FLAG_RECOVER_INSTALLED;
419 UninstallAndRecover(bundleName, *installParam, statusReceiver);
420 LOG_D(BMS_TAG_INSTALLER, "handle UninstallAndRecover message finished");
421 }
422
Install(const std::string & bundleFilePath,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)423 bool BundleInstallerHost::Install(
424 const std::string &bundleFilePath, const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
425 {
426 if (!BundlePermissionMgr::CheckUserFromShell(installParam.userId)) {
427 LOG_E(BMS_TAG_INSTALLER, "check shell user fail");
428 statusReceiver->OnFinished(ERR_APPEXECFWK_USER_NOT_INSTALL_HAP, "can not specify user in shell");
429 return false;
430 }
431 if (!CheckBundleInstallerManager(statusReceiver)) {
432 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
433 return false;
434 }
435 if (!BundlePermissionMgr::IsSystemApp() &&
436 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
437 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
438 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
439 return false;
440 }
441 if (!BundlePermissionMgr::IsSelfCalling() &&
442 !BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
443 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) &&
444 !BundlePermissionMgr::VerifyCallingPermissionForAll(
445 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) &&
446 !BundlePermissionMgr::VerifyCallingPermissionForAll(
447 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) &&
448 !BundlePermissionMgr::VerifyCallingPermissionForAll(
449 ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE)) {
450 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
451 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
452 return false;
453 }
454
455 manager_->CreateInstallTask(bundleFilePath, installParam, statusReceiver);
456 return true;
457 }
458
Install(const std::vector<std::string> & bundleFilePaths,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)459 bool BundleInstallerHost::Install(const std::vector<std::string> &bundleFilePaths, const InstallParam &installParam,
460 const sptr<IStatusReceiver> &statusReceiver)
461 {
462 if (!BundlePermissionMgr::CheckUserFromShell(installParam.userId)) {
463 LOG_E(BMS_TAG_INSTALLER, "check shell user fail");
464 statusReceiver->OnFinished(ERR_APPEXECFWK_USER_NOT_INSTALL_HAP, "can not specify user in shell");
465 return false;
466 }
467 if (!CheckBundleInstallerManager(statusReceiver)) {
468 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
469 return false;
470 }
471 if (!BundlePermissionMgr::IsSystemApp() &&
472 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
473 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
474 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
475 return false;
476 }
477 if (!BundlePermissionMgr::IsSelfCalling() &&
478 !BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
479 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) &&
480 !BundlePermissionMgr::VerifyCallingPermissionForAll(
481 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) &&
482 !BundlePermissionMgr::VerifyCallingPermissionForAll(
483 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) &&
484 !BundlePermissionMgr::VerifyCallingPermissionForAll(
485 ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE)) {
486 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
487 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
488 return false;
489 }
490
491 manager_->CreateInstallTask(bundleFilePaths, installParam, statusReceiver);
492 return true;
493 }
494
Recover(const std::string & bundleName,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)495 bool BundleInstallerHost::Recover(
496 const std::string &bundleName, const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
497 {
498 if (!CheckBundleInstallerManager(statusReceiver)) {
499 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
500 return false;
501 }
502 if (!BundlePermissionMgr::IsSystemApp() &&
503 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
504 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
505 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
506 return false;
507 }
508 if (!BundlePermissionMgr::VerifyRecoverPermission()) {
509 LOG_E(BMS_TAG_INSTALLER, "Recover permission denied");
510 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
511 return false;
512 }
513 manager_->CreateRecoverTask(bundleName, CheckInstallParam(installParam), statusReceiver);
514 return true;
515 }
516
Uninstall(const std::string & bundleName,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)517 bool BundleInstallerHost::Uninstall(
518 const std::string &bundleName, const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
519 {
520 if (!BundlePermissionMgr::CheckUserFromShell(installParam.userId)) {
521 LOG_E(BMS_TAG_INSTALLER, "check shell user fail");
522 statusReceiver->OnFinished(ERR_APPEXECFWK_USER_NOT_INSTALL_HAP, "can not specify user in shell");
523 return false;
524 }
525 if (!CheckBundleInstallerManager(statusReceiver)) {
526 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
527 return false;
528 }
529 if (!BundlePermissionMgr::IsSystemApp() &&
530 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
531 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
532 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
533 return false;
534 }
535 if (!BundlePermissionMgr::VerifyUninstallPermission()) {
536 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
537 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_PERMISSION_DENIED, "");
538 return false;
539 }
540 if (installParam.IsForcedUninstall() && IPCSkeleton::GetCallingUid() != Constants::EDC_UID) {
541 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
542 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PREINSTALL_BUNDLE_ONLY_ALLOW_FORCE_UNINSTALLED_BY_EDC,
543 "Only edc can force uninstall");
544 return false;
545 }
546 if (installParam.IsVerifyUninstallRule() &&
547 CheckUninstallDisposedRule(bundleName, installParam.userId, Constants::MAIN_APP_INDEX,
548 installParam.isKeepData)) {
549 LOG_W(BMS_TAG_INSTALLER, "CheckUninstallDisposedRule failed");
550 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_DISPOSED_RULE_FAILED, "");
551 return false;
552 }
553 manager_->CreateUninstallTask(bundleName, CheckInstallParam(installParam), statusReceiver);
554 return true;
555 }
556
Uninstall(const std::string & bundleName,const std::string & modulePackage,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)557 bool BundleInstallerHost::Uninstall(const std::string &bundleName, const std::string &modulePackage,
558 const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
559 {
560 if (!BundlePermissionMgr::CheckUserFromShell(installParam.userId)) {
561 LOG_E(BMS_TAG_INSTALLER, "check shell user fail");
562 statusReceiver->OnFinished(ERR_APPEXECFWK_USER_NOT_INSTALL_HAP, "can not specify user in shell");
563 return false;
564 }
565 if (!CheckBundleInstallerManager(statusReceiver)) {
566 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
567 return false;
568 }
569 if (!BundlePermissionMgr::IsSystemApp() &&
570 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
571 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
572 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
573 return false;
574 }
575 if (!BundlePermissionMgr::VerifyUninstallPermission()) {
576 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
577 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_PERMISSION_DENIED, "");
578 return false;
579 }
580 if (installParam.IsVerifyUninstallRule() &&
581 CheckUninstallDisposedRule(
582 bundleName, installParam.userId, Constants::MAIN_APP_INDEX, installParam.isKeepData, modulePackage)) {
583 LOG_W(BMS_TAG_INSTALLER, "CheckUninstallDisposedRule failed");
584 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_DISPOSED_RULE_FAILED, "");
585 return false;
586 }
587 manager_->CreateUninstallTask(
588 bundleName, modulePackage, CheckInstallParam(installParam), statusReceiver);
589 return true;
590 }
591
Uninstall(const UninstallParam & uninstallParam,const sptr<IStatusReceiver> & statusReceiver)592 bool BundleInstallerHost::Uninstall(const UninstallParam &uninstallParam,
593 const sptr<IStatusReceiver> &statusReceiver)
594 {
595 if (!CheckBundleInstallerManager(statusReceiver)) {
596 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
597 return false;
598 }
599 if (!BundlePermissionMgr::IsSystemApp()) {
600 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
601 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
602 return false;
603 }
604 if (!BundlePermissionMgr::VerifyUninstallPermission()) {
605 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
606 statusReceiver->OnFinished(ERR_APPEXECFWK_UNINSTALL_PERMISSION_DENIED, "");
607 return false;
608 }
609 manager_->CreateUninstallTask(uninstallParam, statusReceiver);
610 return true;
611 }
612
InstallByBundleName(const std::string & bundleName,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)613 bool BundleInstallerHost::InstallByBundleName(const std::string &bundleName,
614 const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
615 {
616 if (!CheckBundleInstallerManager(statusReceiver)) {
617 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
618 return false;
619 }
620 if (!BundlePermissionMgr::IsSystemApp() &&
621 !BundlePermissionMgr::VerifyCallingBundleSdkVersion(ServiceConstants::API_VERSION_NINE)) {
622 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
623 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
624 return false;
625 }
626 if (!BundlePermissionMgr::IsSelfCalling() &&
627 !BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
628 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) &&
629 !BundlePermissionMgr::VerifyCallingPermissionForAll(
630 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) &&
631 !BundlePermissionMgr::VerifyCallingPermissionForAll(
632 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) &&
633 !BundlePermissionMgr::VerifyCallingPermissionForAll(
634 ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE)) {
635 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
636 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
637 return false;
638 }
639
640 manager_->CreateInstallByBundleNameTask(bundleName, CheckInstallParam(installParam), statusReceiver);
641 return true;
642 }
643
InstallSandboxApp(const std::string & bundleName,int32_t dplType,int32_t userId,int32_t & appIndex)644 ErrCode BundleInstallerHost::InstallSandboxApp(const std::string &bundleName, int32_t dplType, int32_t userId,
645 int32_t &appIndex)
646 {
647 if (bundleName.empty() || dplType <= LOWER_DLP_TYPE_BOUND || dplType >= UPPER_DLP_TYPE_BOUND) {
648 LOG_E(BMS_TAG_INSTALLER, "install sandbox failed due to error parameters");
649 return ERR_APPEXECFWK_SANDBOX_INSTALL_PARAM_ERROR;
650 }
651 if (!BundlePermissionMgr::IsSystemApp()) {
652 LOG_E(BMS_TAG_INSTALLER, "vnon-system app calling system api");
653 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
654 }
655 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
656 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_SANDBOX_BUNDLE)) {
657 LOG_E(BMS_TAG_INSTALLER, "InstallSandboxApp permission denied");
658 return ERR_APPEXECFWK_PERMISSION_DENIED;
659 }
660 auto helper = DelayedSingleton<BundleSandboxAppHelper>::GetInstance();
661 if (helper == nullptr) {
662 return ERR_APPEXECFWK_SANDBOX_INSTALL_INTERNAL_ERROR;
663 }
664 auto res = helper->InstallSandboxApp(bundleName, dplType, userId, appIndex);
665 if (res != ERR_OK) {
666 LOG_E(BMS_TAG_INSTALLER, "install sandbox failed due to error code : %{public}d", res);
667 }
668 return res;
669 }
670
UninstallSandboxApp(const std::string & bundleName,int32_t appIndex,int32_t userId)671 ErrCode BundleInstallerHost::UninstallSandboxApp(const std::string &bundleName, int32_t appIndex, int32_t userId)
672 {
673 // check bundle name
674 if (bundleName.empty()) {
675 LOG_E(BMS_TAG_INSTALLER, "uninstall sandbox failed due to empty bundleName");
676 return ERR_APPEXECFWK_SANDBOX_INSTALL_PARAM_ERROR;
677 }
678 // check appIndex
679 if (appIndex <= INVALID_APP_INDEX || appIndex > Constants::MAX_SANDBOX_APP_INDEX) {
680 LOG_E(BMS_TAG_INSTALLER, "the appIndex %{public}d is invalid", appIndex);
681 return ERR_APPEXECFWK_SANDBOX_INSTALL_PARAM_ERROR;
682 }
683 if (!BundlePermissionMgr::IsSystemApp()) {
684 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
685 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
686 }
687 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
688 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_UNINSTALL_SANDBOX_BUNDLE)) {
689 LOG_E(BMS_TAG_INSTALLER, "UninstallSandboxApp permission denied");
690 return ERR_APPEXECFWK_PERMISSION_DENIED;
691 }
692 auto helper = DelayedSingleton<BundleSandboxAppHelper>::GetInstance();
693 if (helper == nullptr) {
694 return ERR_APPEXECFWK_SANDBOX_INSTALL_INTERNAL_ERROR;
695 }
696 auto res = helper->UninstallSandboxApp(bundleName, appIndex, userId);
697 if (res != ERR_OK) {
698 LOG_E(BMS_TAG_INSTALLER, "uninstall sandbox failed due to error code : %{public}d", res);
699 }
700 return res;
701 }
702
InstallPlugin(const std::string & hostBundleName,const std::vector<std::string> & pluginFilePaths,const InstallPluginParam & installPluginParam)703 ErrCode BundleInstallerHost::InstallPlugin(const std::string &hostBundleName,
704 const std::vector<std::string> &pluginFilePaths, const InstallPluginParam &installPluginParam)
705 {
706 if (hostBundleName.empty()) {
707 LOG_E(BMS_TAG_INSTALLER, "install plugin failed due to empty hostBundleName");
708 return ERR_APPEXECFWK_HOST_APPLICATION_NOT_FOUND;
709 }
710 if (pluginFilePaths.empty()) {
711 LOG_E(BMS_TAG_INSTALLER, "install plugin failed due to empty pluginFilePaths");
712 return ERR_APPEXECFWK_PLUGIN_INSTALL_FILEPATH_INVALID;
713 }
714 if (!BundlePermissionMgr::IsSystemApp()) {
715 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
716 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
717 }
718 if (!OHOS::system::GetBoolParameter(ServiceConstants::IS_SUPPORT_PLUGIN, false)) {
719 LOG_E(BMS_TAG_INSTALLER, "current device not support plugin");
720 return ERR_APPEXECFWK_DEVICE_NOT_SUPPORT_PLUGIN;
721 }
722 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_PLUGIN)) {
723 LOG_E(BMS_TAG_INSTALLER, "InstallPlugin permission denied");
724 return ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED;
725 }
726 std::shared_ptr<PluginInstaller> pluginInstaller = std::make_shared<PluginInstaller>();
727 auto ret = pluginInstaller->InstallPlugin(hostBundleName, pluginFilePaths, installPluginParam);
728 if (ret != ERR_OK) {
729 LOG_E(BMS_TAG_INSTALLER, "install plugin failed due to error code : %{public}d", ret);
730 }
731 return ret;
732 }
733
UninstallPlugin(const std::string & hostBundleName,const std::string & pluginBundleName,const InstallPluginParam & installPluginParam)734 ErrCode BundleInstallerHost::UninstallPlugin(const std::string &hostBundleName, const std::string &pluginBundleName,
735 const InstallPluginParam &installPluginParam)
736 {
737 if (hostBundleName.empty()) {
738 LOG_E(BMS_TAG_INSTALLER, "uninstall plugin failed due to empty hostBundleName");
739 return ERR_APPEXECFWK_HOST_APPLICATION_NOT_FOUND;
740 }
741 if (pluginBundleName.empty()) {
742 LOG_E(BMS_TAG_INSTALLER, "uninstall plugin failed due to empty pluginBundleName");
743 return ERR_APPEXECFWK_PLUGIN_NOT_FOUND;
744 }
745 if (!BundlePermissionMgr::IsSystemApp()) {
746 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
747 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
748 }
749 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_UNINSTALL_PLUGIN)) {
750 LOG_E(BMS_TAG_INSTALLER, "UninstallPlugin permission denied");
751 return ERR_APPEXECFWK_UNINSTALL_PERMISSION_DENIED;
752 }
753 std::shared_ptr<PluginInstaller> pluginInstaller = std::make_shared<PluginInstaller>();
754 auto ret = pluginInstaller->UninstallPlugin(hostBundleName, pluginBundleName, installPluginParam);
755 if (ret != ERR_OK) {
756 LOG_E(BMS_TAG_INSTALLER, "uninstall plugin failed due to error code : %{public}d", ret);
757 }
758 return ret;
759 }
760
StreamInstall(const std::vector<std::string> & bundleFilePaths,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)761 ErrCode BundleInstallerHost::StreamInstall(const std::vector<std::string> &bundleFilePaths,
762 const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
763 {
764 return ERR_OK;
765 }
766
CreateStreamInstaller(const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver,const std::vector<std::string> & originHapPaths)767 sptr<IBundleStreamInstaller> BundleInstallerHost::CreateStreamInstaller(const InstallParam &installParam,
768 const sptr<IStatusReceiver> &statusReceiver, const std::vector<std::string> &originHapPaths)
769 {
770 if (!CheckBundleInstallerManager(statusReceiver)) {
771 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
772 return nullptr;
773 }
774 if (!BundlePermissionMgr::IsSystemApp()) {
775 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
776 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
777 return nullptr;
778 }
779 InstallParam verifiedInstallParam = installParam;
780 if (!IsPermissionVaild(installParam, verifiedInstallParam)) {
781 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
782 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
783 return nullptr;
784 }
785 auto uid = IPCSkeleton::GetCallingUid();
786 sptr<BundleStreamInstallerHostImpl> streamInstaller(new (std::nothrow) BundleStreamInstallerHostImpl(
787 ++streamInstallerIds_, uid));
788 if (streamInstaller == nullptr) {
789 LOG_E(BMS_TAG_INSTALLER, "streamInstaller is nullptr, uid : %{public}d", uid);
790 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_INTERNAL_ERROR, "");
791 return nullptr;
792 }
793 bool res = streamInstaller->Init(verifiedInstallParam, statusReceiver, originHapPaths);
794 if (!res) {
795 LOG_E(BMS_TAG_INSTALLER, "stream installer init failed");
796 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_INTERNAL_ERROR, "");
797 return nullptr;
798 }
799 return streamInstaller;
800 }
801
IsPermissionVaild(const InstallParam & installParam,InstallParam & verifiedInstallParam)802 bool BundleInstallerHost::IsPermissionVaild(const InstallParam &installParam, InstallParam &verifiedInstallParam)
803 {
804 verifiedInstallParam.isCallByShell = BundlePermissionMgr::IsShellTokenType();
805 verifiedInstallParam.installBundlePermissionStatus =
806 BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) ?
807 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
808 verifiedInstallParam.installEnterpriseBundlePermissionStatus =
809 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) ?
810 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
811 verifiedInstallParam.installEtpNormalBundlePermissionStatus =
812 BundlePermissionMgr::VerifyCallingPermissionForAll(
813 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) ?
814 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
815 verifiedInstallParam.installEtpMdmBundlePermissionStatus =
816 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) ?
817 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
818 verifiedInstallParam.installInternaltestingBundlePermissionStatus =
819 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE)
820 ? PermissionStatus::HAVE_PERMISSION_STATUS
821 : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
822 verifiedInstallParam.installUpdateSelfBundlePermissionStatus =
823 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_SELF_BUNDLE) ?
824 PermissionStatus::HAVE_PERMISSION_STATUS : PermissionStatus::NON_HAVE_PERMISSION_STATUS;
825 return (verifiedInstallParam.installBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
826 verifiedInstallParam.installEnterpriseBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
827 verifiedInstallParam.installEtpNormalBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
828 verifiedInstallParam.installEtpMdmBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
829 verifiedInstallParam.installUpdateSelfBundlePermissionStatus == PermissionStatus::HAVE_PERMISSION_STATUS ||
830 BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_QUICK_FIX_BUNDLE));
831 }
832
DestoryBundleStreamInstaller(uint32_t streamInstallerId)833 bool BundleInstallerHost::DestoryBundleStreamInstaller(uint32_t streamInstallerId)
834 {
835 if (!BundlePermissionMgr::IsSystemApp()) {
836 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
837 return false;
838 }
839 if (!BundlePermissionMgr::IsSelfCalling() &&
840 !BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE) &&
841 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_BUNDLE) &&
842 !BundlePermissionMgr::VerifyCallingPermissionForAll(
843 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_NORMAL_BUNDLE) &&
844 !BundlePermissionMgr::VerifyCallingPermissionForAll(
845 ServiceConstants::PERMISSION_INSTALL_ENTERPRISE_MDM_BUNDLE) &&
846 !BundlePermissionMgr::VerifyCallingPermissionForAll(
847 ServiceConstants::PERMISSION_INSTALL_INTERNALTESTING_BUNDLE) &&
848 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_QUICK_FIX_BUNDLE)) {
849 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
850 return false;
851 }
852 std::lock_guard<std::mutex> lock(streamInstallMutex_);
853 for (auto it = streamInstallers_.begin(); it != streamInstallers_.end();) {
854 if ((*it)->GetInstallerId() == streamInstallerId) {
855 (*it)->UnInit();
856 it = streamInstallers_.erase(it);
857 } else {
858 it++;
859 }
860 }
861 return true;
862 }
863
CheckBundleInstallerManager(const sptr<IStatusReceiver> & statusReceiver) const864 bool BundleInstallerHost::CheckBundleInstallerManager(const sptr<IStatusReceiver> &statusReceiver) const
865 {
866 if (statusReceiver == nullptr) {
867 LOG_E(BMS_TAG_INSTALLER, "the receiver is nullptr");
868 return false;
869 }
870 if (manager_ == nullptr) {
871 LOG_E(BMS_TAG_INSTALLER, "the bundle installer manager is nullptr");
872 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_INTERNAL_ERROR, GET_MANAGER_FAIL);
873 return false;
874 }
875 return true;
876 }
877
CheckInstallParam(const InstallParam & installParam)878 InstallParam BundleInstallerHost::CheckInstallParam(const InstallParam &installParam)
879 {
880 if (installParam.userId == Constants::UNSPECIFIED_USERID) {
881 LOG_I(BMS_TAG_INSTALLER, "installParam userId is unspecified and get calling userId by callingUid");
882 InstallParam callInstallParam = installParam;
883 callInstallParam.userId = BundleUtil::GetUserIdByCallingUid();
884 return callInstallParam;
885 }
886
887 return installParam;
888 }
889
UpdateBundleForSelf(const std::vector<std::string> & bundleFilePaths,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)890 bool BundleInstallerHost::UpdateBundleForSelf(const std::vector<std::string> &bundleFilePaths,
891 const InstallParam &installParam, const sptr<IStatusReceiver> &statusReceiver)
892 {
893 if (!CheckBundleInstallerManager(statusReceiver)) {
894 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
895 return false;
896 }
897 if (!BundlePermissionMgr::IsSystemApp()) {
898 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
899 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
900 return false;
901 }
902 if (!BundlePermissionMgr::IsSelfCalling() &&
903 !BundlePermissionMgr::VerifyCallingPermissionForAll(ServiceConstants::PERMISSION_INSTALL_SELF_BUNDLE)) {
904 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
905 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
906 return false;
907 }
908 manager_->CreateInstallTask(bundleFilePaths, installParam, statusReceiver);
909 return true;
910 }
911
UninstallAndRecover(const std::string & bundleName,const InstallParam & installParam,const sptr<IStatusReceiver> & statusReceiver)912 bool BundleInstallerHost::UninstallAndRecover(const std::string &bundleName, const InstallParam &installParam,
913 const sptr<IStatusReceiver> &statusReceiver)
914 {
915 if (!CheckBundleInstallerManager(statusReceiver)) {
916 LOG_E(BMS_TAG_INSTALLER, "statusReceiver invalid");
917 return false;
918 }
919 if (!BundlePermissionMgr::IsSystemApp()) {
920 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api");
921 statusReceiver->OnFinished(ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED, "");
922 return false;
923 }
924 if (!BundlePermissionMgr::IsSelfCalling() &&
925 !BundlePermissionMgr::VerifyCallingPermissionsForAll({Constants::PERMISSION_INSTALL_BUNDLE,
926 ServiceConstants::PERMISSION_UNINSTALL_BUNDLE})) {
927 LOG_E(BMS_TAG_INSTALLER, "install permission denied");
928 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PERMISSION_DENIED, "");
929 return false;
930 }
931 if (installParam.IsForcedUninstall() && IPCSkeleton::GetCallingUid() != Constants::EDC_UID) {
932 LOG_E(BMS_TAG_INSTALLER, "uninstall permission denied");
933 statusReceiver->OnFinished(ERR_APPEXECFWK_INSTALL_PREINSTALL_BUNDLE_ONLY_ALLOW_FORCE_UNINSTALLED_BY_EDC,
934 "Only edc can force uninstall");
935 return false;
936 }
937 manager_->CreateUninstallAndRecoverTask(bundleName, CheckInstallParam(installParam), statusReceiver);
938 return true;
939 }
940
AddTask(const ThreadPoolTask & task,const std::string & taskName)941 void BundleInstallerHost::AddTask(const ThreadPoolTask &task, const std::string &taskName)
942 {
943 manager_->AddTask(task, taskName);
944 }
945
GetThreadsNum()946 int32_t BundleInstallerHost::GetThreadsNum()
947 {
948 return manager_->GetThreadsNum();
949 }
950
GetCurTaskNum()951 size_t BundleInstallerHost::GetCurTaskNum()
952 {
953 return manager_->GetCurTaskNum();
954 }
955
InstallCloneApp(const std::string & bundleName,int32_t userId,int32_t & appIndex)956 ErrCode BundleInstallerHost::InstallCloneApp(const std::string &bundleName, int32_t userId, int32_t& appIndex)
957 {
958 if (OHOS::system::GetBoolParameter(ServiceConstants::IS_ENTERPRISE_DEVICE, false) &&
959 OHOS::system::GetBoolParameter(ServiceConstants::IS_APP_CLONE_DISABLE, false)) {
960 LOG_E(BMS_TAG_INSTALLER, "the enterprise device does not support the creation of an appClone instance.");
961 return ERR_APPEXECFWK_CLONE_INSTALL_APP_NOT_SUPPORTED_MULTI_TYPE;
962 }
963 LOG_D(BMS_TAG_INSTALLER, "params[bundleName: %{public}s, user_id: %{public}d, appIndex: %{public}d]",
964 bundleName.c_str(), userId, appIndex);
965 if (bundleName.empty()) {
966 LOG_E(BMS_TAG_INSTALLER, "install clone app failed due to error parameters");
967 return ERR_APPEXECFWK_CLONE_INSTALL_PARAM_ERROR;
968 }
969 if (!BundlePermissionMgr::IsSystemApp()) {
970 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api bundleName: %{public}s", bundleName.c_str());
971 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
972 }
973 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_CLONE_BUNDLE)) {
974 LOG_E(BMS_TAG_INSTALLER, "InstallCloneApp permission denied");
975 return ERR_APPEXECFWK_PERMISSION_DENIED;
976 }
977 std::shared_ptr<BundleCloneInstaller> installer = std::make_shared<BundleCloneInstaller>();
978 return installer->InstallCloneApp(bundleName, userId, appIndex);
979 }
980
HandleInstallCloneApp(MessageParcel & data,MessageParcel & reply)981 void BundleInstallerHost::HandleInstallCloneApp(MessageParcel &data, MessageParcel &reply)
982 {
983 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("Install", HITRACE_FLAG_INCLUDE_ASYNC);
984 LOG_D(BMS_TAG_INSTALLER, "handle install clone app message");
985 std::string bundleName = Str16ToStr8(data.ReadString16());
986 int32_t userId = data.ReadInt32();
987 int32_t appIndex = data.ReadInt32();
988
989 LOG_I(BMS_TAG_INSTALLER, "receive Install CLone App Request");
990
991 auto ret = InstallCloneApp(bundleName, userId, appIndex);
992 if (!reply.WriteInt32(ret)) {
993 LOG_E(BMS_TAG_INSTALLER, "write failed");
994 }
995
996 if (ret == ERR_OK && !reply.WriteInt32(appIndex)) {
997 LOG_E(BMS_TAG_INSTALLER, "write failed");
998 }
999 LOG_D(BMS_TAG_INSTALLER, "handle install clone app message finished");
1000 }
1001
UninstallCloneApp(const std::string & bundleName,int32_t userId,int32_t appIndex,const DestroyAppCloneParam & destroyAppCloneParam)1002 ErrCode BundleInstallerHost::UninstallCloneApp(const std::string &bundleName, int32_t userId, int32_t appIndex,
1003 const DestroyAppCloneParam &destroyAppCloneParam)
1004 {
1005 LOG_D(BMS_TAG_INSTALLER, "params[bundleName: %{public}s, user_id: %{public}d, appIndex: %{public}d]",
1006 bundleName.c_str(), userId, appIndex);
1007 if (bundleName.empty()) {
1008 LOG_E(BMS_TAG_INSTALLER, "install clone app failed due to empty bundleName");
1009 return ERR_APPEXECFWK_CLONE_UNINSTALL_INVALID_BUNDLE_NAME;
1010 }
1011 if (!BundlePermissionMgr::IsSystemApp()) {
1012 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api, bundleName: %{public}s", bundleName.c_str());
1013 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
1014 }
1015 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_UNINSTALL_CLONE_BUNDLE)) {
1016 LOG_E(BMS_TAG_INSTALLER, "UninstallCloneApp permission denied");
1017 return ERR_APPEXECFWK_PERMISSION_DENIED;
1018 }
1019 if (appIndex < ServiceConstants::CLONE_APP_INDEX_MIN || appIndex > ServiceConstants::CLONE_APP_INDEX_MAX) {
1020 APP_LOGE("Add Clone Bundle Fail, appIndex: %{public}d not in valid range", appIndex);
1021 return ERR_APPEXECFWK_CLONE_UNINSTALL_INVALID_APP_INDEX;
1022 }
1023 if (destroyAppCloneParam.IsVerifyUninstallRule() &&
1024 CheckUninstallDisposedRule(bundleName, userId, appIndex, IS_KEEP_DATA)) {
1025 LOG_W(BMS_TAG_INSTALLER, "CheckUninstallDisposedRule failed");
1026 return ERR_APPEXECFWK_UNINSTALL_DISPOSED_RULE_FAILED;
1027 }
1028 std::shared_ptr<BundleCloneInstaller> installer = std::make_shared<BundleCloneInstaller>();
1029 return installer->UninstallCloneApp(bundleName, userId, appIndex, false);
1030 }
1031
HandleUninstallCloneApp(MessageParcel & data,MessageParcel & reply)1032 void BundleInstallerHost::HandleUninstallCloneApp(MessageParcel &data, MessageParcel &reply)
1033 {
1034 BUNDLE_MANAGER_HITRACE_CHAIN_NAME("UninstallCloneApp", HITRACE_FLAG_INCLUDE_ASYNC);
1035 LOG_D(BMS_TAG_INSTALLER, "handle uninstall clone app message");
1036 std::string bundleName = Str16ToStr8(data.ReadString16());
1037 int32_t userId = data.ReadInt32();
1038 int32_t appIndex = data.ReadInt32();
1039 std::unique_ptr<DestroyAppCloneParam> destroyAppCloneParam(data.ReadParcelable<DestroyAppCloneParam>());
1040 if (destroyAppCloneParam == nullptr) {
1041 LOG_E(BMS_TAG_INSTALLER, "ReadParcelable<DestroyAppCloneParam> failed");
1042 return;
1043 }
1044
1045 LOG_I(BMS_TAG_INSTALLER, "receive Uninstall CLone App Request");
1046
1047 auto ret = UninstallCloneApp(bundleName, userId, appIndex, *destroyAppCloneParam);
1048 if (!reply.WriteInt32(ret)) {
1049 LOG_E(BMS_TAG_INSTALLER, "write failed");
1050 }
1051 LOG_D(BMS_TAG_INSTALLER, "handle uninstall clone app message finished");
1052 }
1053
InstallExisted(const std::string & bundleName,int32_t userId)1054 ErrCode BundleInstallerHost::InstallExisted(const std::string &bundleName, int32_t userId)
1055 {
1056 LOG_D(BMS_TAG_INSTALLER, "params[bundleName: %{public}s, user_id: %{public}d]",
1057 bundleName.c_str(), userId);
1058 if (bundleName.empty()) {
1059 LOG_E(BMS_TAG_INSTALLER, "install existed app failed due to error parameters");
1060 return ERR_BUNDLE_MANAGER_BUNDLE_NOT_EXIST;
1061 }
1062 if (!BundlePermissionMgr::IsSystemApp()) {
1063 LOG_E(BMS_TAG_INSTALLER, "non-system app calling system api bundleName: %{public}s", bundleName.c_str());
1064 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
1065 }
1066 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(Constants::PERMISSION_INSTALL_BUNDLE)) {
1067 LOG_E(BMS_TAG_INSTALLER, "InstallExisted permission denied");
1068 return ERR_APPEXECFWK_PERMISSION_DENIED;
1069 }
1070 std::shared_ptr<BundleMultiUserInstaller> installer = std::make_shared<BundleMultiUserInstaller>();
1071 return installer->InstallExistedApp(bundleName, userId);
1072 }
1073
HandleInstallExisted(MessageParcel & data,MessageParcel & reply)1074 void BundleInstallerHost::HandleInstallExisted(MessageParcel &data, MessageParcel &reply)
1075 {
1076 LOG_D(BMS_TAG_INSTALLER, "handle install existed app message");
1077 std::string bundleName = Str16ToStr8(data.ReadString16());
1078 int32_t userId = data.ReadInt32();
1079
1080 LOG_I(BMS_TAG_INSTALLER, "receive InstallExisted Request -n %{public}s -u %{public}d",
1081 bundleName.c_str(), userId);
1082
1083 auto ret = InstallExisted(bundleName, userId);
1084 if (!reply.WriteInt32(ret)) {
1085 LOG_E(BMS_TAG_INSTALLER, "write failed");
1086 }
1087 LOG_D(BMS_TAG_INSTALLER, "handle installExisted message finished");
1088 }
1089
CheckUninstallDisposedRule(const std::string & bundleName,int32_t userId,int32_t appIndex,bool isKeepData,const std::string & modulePackage)1090 bool BundleInstallerHost::CheckUninstallDisposedRule(
1091 const std::string &bundleName, int32_t userId, int32_t appIndex, bool isKeepData, const std::string &modulePackage)
1092 {
1093 #if defined (BUNDLE_FRAMEWORK_APP_CONTROL) && defined (ABILITY_RUNTIME_ENABLE)
1094 std::shared_ptr<BundleDataMgr> dataMgr = DelayedSingleton<BundleMgrService>::GetInstance()->GetDataMgr();
1095 if (dataMgr == nullptr) {
1096 LOG_E(BMS_TAG_INSTALLER, "null dataMgr");
1097 return false;
1098 }
1099
1100 InnerBundleInfo bundleInfo;
1101 bool isBundleExist = dataMgr->FetchInnerBundleInfo(bundleName, bundleInfo);
1102 if (!isBundleExist) {
1103 LOG_E(BMS_TAG_INSTALLER, "the bundle: %{public}s is not install", bundleName.c_str());
1104 return false;
1105 }
1106 if (!modulePackage.empty() && !bundleInfo.IsOnlyModule(modulePackage)) {
1107 return false;
1108 }
1109 std::string appId = bundleInfo.GetAppIdentifier();
1110 if (appId.empty()) {
1111 appId = bundleInfo.GetAppId();
1112 }
1113
1114 if (userId == Constants::UNSPECIFIED_USERID) {
1115 LOG_I(BMS_TAG_INSTALLER, "installParam userId is unspecified and get calling userId by callingUid");
1116 userId = BundleUtil::GetUserIdByCallingUid();
1117 }
1118
1119 UninstallDisposedRule rule;
1120 auto ret = DelayedSingleton<AppControlManager>::GetInstance()
1121 ->GetUninstallDisposedRule(appId, appIndex, userId, rule);
1122 if (ret != ERR_OK) {
1123 LOG_E(BMS_TAG_INSTALLER, "GetUninstallDisposedRule failed code:%{public}d", ret);
1124 return false;
1125 }
1126
1127 if (rule.want == nullptr) {
1128 LOG_E(BMS_TAG_INSTALLER, "null rule.want");
1129 return false;
1130 }
1131 rule.want->SetParam(BMS_PARA_BUNDLE_NAME, bundleName);
1132 rule.want->SetParam(BMS_PARA_USER_ID, userId);
1133 rule.want->SetParam(BMS_PARA_APP_INDEX, appIndex);
1134 rule.want->SetParam(BMS_PARA_IS_KEEP_DATA, isKeepData);
1135
1136 if (rule.uninstallComponentType == UninstallComponentType::EXTENSION) {
1137 std::string identity = IPCSkeleton::ResetCallingIdentity();
1138 ErrCode err = AAFwk::AbilityManagerClient::GetInstance()->StartExtensionAbility(
1139 *rule.want, nullptr, userId, AppExecFwk::ExtensionAbilityType::SERVICE);
1140 IPCSkeleton::SetCallingIdentity(identity);
1141 if (err != ERR_OK) {
1142 LOG_E(BMS_TAG_INSTALLER, "start extension ability failed code:%{public}d", err);
1143 }
1144 } else {
1145 LOG_E(BMS_TAG_INSTALLER, "uninstallComponentType wrong type:%{public}d", rule.uninstallComponentType);
1146 }
1147
1148 return true;
1149 #else
1150 LOG_I(BMS_TAG_INSTALLER, "BUNDLE_FRAMEWORK_APP_CONTROL or ABILITY_RUNTIME_ENABLE is false");
1151 return false;
1152 #endif
1153 }
1154 } // namespace AppExecFwk
1155 } // namespace OHOS