1 /* 2 * Copyright (C) 2022 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.pm; 18 19 import android.annotation.IntDef; 20 import android.annotation.NonNull; 21 import android.annotation.Nullable; 22 import android.annotation.SystemApi; 23 import android.annotation.TestApi; 24 import android.content.pm.SigningDetails; 25 import android.os.Binder; 26 import android.os.UserHandle; 27 28 import com.android.server.pm.pkg.PackageState; 29 import com.android.server.pm.pkg.SharedUserApi; 30 31 import java.io.IOException; 32 import java.lang.annotation.Retention; 33 import java.lang.annotation.RetentionPolicy; 34 import java.util.List; 35 import java.util.Map; 36 37 /** 38 * In-process API for server side PackageManager related infrastructure. 39 * 40 * For now, avoiding adding methods that rely on package data until we solve the snapshot 41 * consistency problem. 42 * 43 * @hide 44 */ 45 @SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 46 public interface PackageManagerLocal { 47 48 /** 49 * Indicates if operation should include device encrypted storage. 50 */ 51 int FLAG_STORAGE_DE = Installer.FLAG_STORAGE_DE; 52 /** 53 * Indicates if operation should include credential encrypted storage. 54 */ 55 int FLAG_STORAGE_CE = Installer.FLAG_STORAGE_CE; 56 57 /** 58 * Constants for use with {@link #reconcileSdkData} to specify which storage areas should be 59 * included for operation. 60 * 61 * @hide 62 */ 63 @IntDef(prefix = "FLAG_STORAGE_", value = { 64 FLAG_STORAGE_DE, 65 FLAG_STORAGE_CE, 66 }) 67 @Retention(RetentionPolicy.SOURCE) 68 @interface StorageFlags {} 69 70 /** 71 * Reconcile sdk data sub-directories for the given {@code packageName}. 72 * 73 * Sub directories are created if they do not exist already. If there is an existing per- 74 * sdk directory that is missing from {@code subDirNames}, then it is removed. 75 * 76 * Sdk package path is created if it doesn't exist before creating per-sdk directories. 77 * 78 * @param volumeUuid the volume in which the sdk data should be prepared. 79 * @param packageName package name of the app for which sdk data directory will be prepared. 80 * @param subDirNames names of sub directories that should be reconciled against. 81 * @param userId id of the user to whom the package belongs to. 82 * @param appId id of the package. 83 * @param previousAppId previous id of the package if package is being updated. 84 * @param flags flags from StorageManager to indicate which storage areas should be included. 85 * @param seInfo seInfo tag to be used for selinux policy. 86 * @throws IOException If any error occurs during the operation. 87 */ reconcileSdkData(@ullable String volumeUuid, @NonNull String packageName, @NonNull List<String> subDirNames, int userId, int appId, int previousAppId, @NonNull String seInfo, @StorageFlags int flags)88 void reconcileSdkData(@Nullable String volumeUuid, @NonNull String packageName, 89 @NonNull List<String> subDirNames, int userId, int appId, int previousAppId, 90 @NonNull String seInfo, @StorageFlags int flags) throws IOException; 91 92 /** 93 * Provides a snapshot scoped class to access snapshot-aware APIs. Should be short-term use and 94 * closed as soon as possible. 95 * <p/> 96 * All reachable types in the snapshot are read-only. 97 * <p/> 98 * The snapshot assumes the caller is acting on behalf of the system and will not filter any 99 * results. 100 */ 101 @NonNull withUnfilteredSnapshot()102 UnfilteredSnapshot withUnfilteredSnapshot(); 103 104 /** 105 * {@link #withFilteredSnapshot(int, UserHandle)} that infers the UID and user from the 106 * caller through {@link Binder#getCallingUid()} and {@link Binder#getCallingUserHandle()}. 107 * 108 * @see #withFilteredSnapshot(int, UserHandle) 109 */ 110 @NonNull withFilteredSnapshot()111 FilteredSnapshot withFilteredSnapshot(); 112 113 /** 114 * Provides a snapshot scoped class to access snapshot-aware APIs. Should be short-term use and 115 * closed as soon as possible. 116 * <p/> 117 * All reachable types in the snapshot are read-only. 118 * 119 * @param callingUid The caller UID to filter results based on. This includes package visibility 120 * and permissions, including cross-user enforcement. 121 * @param user The user to query as, should usually be the user that the caller was 122 * invoked from. 123 */ 124 @SuppressWarnings("UserHandleName") // Ignore naming convention, not invoking action as user 125 @NonNull withFilteredSnapshot(int callingUid, @NonNull UserHandle user)126 FilteredSnapshot withFilteredSnapshot(int callingUid, @NonNull UserHandle user); 127 128 /** 129 * Add a pair of signing details so that packages signed with {@code oldSigningDetails} will 130 * behave as if they are signed by the {@code newSigningDetails}. 131 * <p> 132 * This is only available on {@link android.os.Build#isDebuggable debuggable} builds. 133 * 134 * @param oldSigningDetails the original signing detail of the package 135 * @param newSigningDetails the new signing detail that will replace the original one 136 * @throws SecurityException if the build is not debuggable 137 * 138 * @hide 139 */ 140 @TestApi addOverrideSigningDetails(@onNull SigningDetails oldSigningDetails, @NonNull SigningDetails newSigningDetails)141 void addOverrideSigningDetails(@NonNull SigningDetails oldSigningDetails, 142 @NonNull SigningDetails newSigningDetails); 143 144 /** 145 * Remove a pair of signing details previously added via {@link #addOverrideSigningDetails} by 146 * the old signing details. 147 * <p> 148 * This is only available on {@link android.os.Build#isDebuggable debuggable} builds. 149 * 150 * @param oldSigningDetails the original signing detail of the package 151 * @throws SecurityException if the build is not debuggable 152 * 153 * @hide 154 */ 155 @TestApi removeOverrideSigningDetails(@onNull SigningDetails oldSigningDetails)156 void removeOverrideSigningDetails(@NonNull SigningDetails oldSigningDetails); 157 158 /** 159 * Clear all pairs of signing details previously added via {@link #addOverrideSigningDetails}. 160 * <p> 161 * This is only available on {@link android.os.Build#isDebuggable debuggable} builds. 162 * 163 * @throws SecurityException if the build is not debuggable 164 * 165 * @hide 166 */ 167 @TestApi clearOverrideSigningDetails()168 void clearOverrideSigningDetails(); 169 170 /** 171 * @hide 172 */ 173 @SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 174 interface UnfilteredSnapshot extends AutoCloseable { 175 176 /** 177 * Allows re-use of this snapshot, but in a filtered context. This allows a caller to invoke 178 * itself as multiple other actual callers without having to re-take a snapshot. 179 * <p/> 180 * Note that closing the parent snapshot closes any filtered children generated from it. 181 * 182 * @return An isolated instance of {@link FilteredSnapshot} which can be closed without 183 * affecting this parent snapshot or any sibling snapshots. 184 */ 185 @SuppressWarnings("UserHandleName") // Ignore naming convention, not invoking action as user 186 @NonNull filtered(int callingUid, @NonNull UserHandle user)187 FilteredSnapshot filtered(int callingUid, @NonNull UserHandle user); 188 189 /** 190 * Returns a map of all {@link PackageState PackageStates} on the device. 191 * 192 * @return Mapping of package name to {@link PackageState}. 193 */ 194 @NonNull getPackageStates()195 Map<String, PackageState> getPackageStates(); 196 197 /** 198 * Returns a map of all {@link SharedUserApi SharedUsers} on the device. 199 * 200 * @return Mapping of shared user name to {@link SharedUserApi}. 201 * 202 * @hide Pending API 203 */ 204 @NonNull getSharedUsers()205 Map<String, SharedUserApi> getSharedUsers(); 206 207 /** 208 * Returns a map of all disabled system {@link PackageState PackageStates} on the device. 209 * 210 * @return Mapping of package name to disabled system {@link PackageState}. 211 * 212 * @hide Pending API 213 */ 214 @NonNull getDisabledSystemPackageStates()215 Map<String, PackageState> getDisabledSystemPackageStates(); 216 217 @Override close()218 void close(); 219 } 220 221 /** 222 * @hide 223 */ 224 @SystemApi(client = SystemApi.Client.SYSTEM_SERVER) 225 interface FilteredSnapshot extends AutoCloseable { 226 227 /** 228 * @return {@link PackageState} for the {@code packageName}, filtered if applicable. 229 */ 230 @Nullable getPackageState(@onNull String packageName)231 PackageState getPackageState(@NonNull String packageName); 232 233 /** 234 * Returns a map of all {@link PackageState PackageStates} on the device. 235 * <p> 236 * This will cause app visibility filtering to be invoked on each state on the device, 237 * which can be expensive. Prefer {@link #getPackageState(String)} if possible. 238 * 239 * @return Mapping of package name to {@link PackageState}. 240 */ 241 @NonNull getPackageStates()242 Map<String, PackageState> getPackageStates(); 243 244 @Override close()245 void close(); 246 } 247 } 248