Google Git
Sign in
android / platform / frameworks / base / refs/heads/main / . / services / core / java / com / android / server / pm / Installer.java
blob: 34903d1ed47d5a321c072f098131c4a02bf5f630 [file] [log] [blame]
/*
* Copyright (C) 2008 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.server.pm;
import static com.android.server.pm.DexOptHelper.useArtService;
import android.annotation.AppIdInt;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.annotation.UserIdInt;
import android.content.Context;
import android.content.pm.PackageStats;
import android.os.Binder;
import android.os.Build;
import android.os.CreateAppDataArgs;
import android.os.CreateAppDataResult;
import android.os.IBinder;
import android.os.IInstalld;
import android.os.ParcelFileDescriptor;
import android.os.ReconcileSdkDataArgs;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.os.storage.CrateMetadata;
import android.text.format.DateUtils;
import android.util.EventLog;
import android.util.Slog;
import com.android.internal.os.BackgroundThread;
import com.android.server.EventLogTags;
import com.android.server.SystemService;
import dalvik.system.BlockGuard;
import dalvik.system.VMRuntime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
public class Installer extends SystemService {
private static final String TAG = "Installer";
/* ***************************************************************************
* IMPORTANT: These values are passed to native code. Keep them in sync with
* frameworks/native/cmds/installd/installd_constants.h
* **************************************************************************/
/** Application should be visible to everyone */
public static final int DEXOPT_PUBLIC = 1 << 1;
/** Application wants to allow debugging of its code */
public static final int DEXOPT_DEBUGGABLE = 1 << 2;
/** The system boot has finished */
public static final int DEXOPT_BOOTCOMPLETE = 1 << 3;
/** Hint that the dexopt type is profile-guided. */
public static final int DEXOPT_PROFILE_GUIDED = 1 << 4;
/** The compilation is for a secondary dex file. */
public static final int DEXOPT_SECONDARY_DEX = 1 << 5;
/** Ignore the result of dexoptNeeded and force compilation. */
public static final int DEXOPT_FORCE = 1 << 6;
/** Indicates that the dex file passed to dexopt in on CE storage. */
public static final int DEXOPT_STORAGE_CE = 1 << 7;
/** Indicates that the dex file passed to dexopt in on DE storage. */
public static final int DEXOPT_STORAGE_DE = 1 << 8;
/** Indicates that dexopt is invoked from the background service. */
public static final int DEXOPT_IDLE_BACKGROUND_JOB = 1 << 9;
/** Indicates that dexopt should restrict access to private APIs. */
public static final int DEXOPT_ENABLE_HIDDEN_API_CHECKS = 1 << 10;
/** Indicates that dexopt should convert to CompactDex. */
public static final int DEXOPT_GENERATE_COMPACT_DEX = 1 << 11;
/** Indicates that dexopt should generate an app image */
public static final int DEXOPT_GENERATE_APP_IMAGE = 1 << 12;
/** Indicates that dexopt may be run with different performance / priority tuned for restore */
public static final int DEXOPT_FOR_RESTORE = 1 << 13; // TODO(b/135202722): remove
/** The result of the profile analysis indicating that the app should be optimized. */
public static final int PROFILE_ANALYSIS_OPTIMIZE = 1;
/** The result of the profile analysis indicating that the app should not be optimized. */
public static final int PROFILE_ANALYSIS_DONT_OPTIMIZE_SMALL_DELTA = 2;
/**
* The result of the profile analysis indicating that the app should not be optimized because
* the profiles are empty.
*/
public static final int PROFILE_ANALYSIS_DONT_OPTIMIZE_EMPTY_PROFILES = 3;
/**
* The results of {@code getOdexVisibility}. See
* {@link #getOdexVisibility(String, String, String)} for details.
*/
public static final int ODEX_NOT_FOUND = 0;
public static final int ODEX_IS_PUBLIC = 1;
public static final int ODEX_IS_PRIVATE = 2;
public static final int FLAG_STORAGE_DE = IInstalld.FLAG_STORAGE_DE;
public static final int FLAG_STORAGE_CE = IInstalld.FLAG_STORAGE_CE;
public static final int FLAG_STORAGE_EXTERNAL = IInstalld.FLAG_STORAGE_EXTERNAL;
public static final int FLAG_STORAGE_SDK = IInstalld.FLAG_STORAGE_SDK;
public static final int FLAG_CLEAR_CACHE_ONLY = IInstalld.FLAG_CLEAR_CACHE_ONLY;
public static final int FLAG_CLEAR_CODE_CACHE_ONLY = IInstalld.FLAG_CLEAR_CODE_CACHE_ONLY;
public static final int FLAG_FREE_CACHE_V2 = IInstalld.FLAG_FREE_CACHE_V2;
public static final int FLAG_FREE_CACHE_V2_DEFY_QUOTA = IInstalld.FLAG_FREE_CACHE_V2_DEFY_QUOTA;
public static final int FLAG_FREE_CACHE_NOOP = IInstalld.FLAG_FREE_CACHE_NOOP;
public static final int FLAG_FREE_CACHE_DEFY_TARGET_FREE_BYTES =
IInstalld.FLAG_FREE_CACHE_DEFY_TARGET_FREE_BYTES;
public static final int FLAG_USE_QUOTA = IInstalld.FLAG_USE_QUOTA;
public static final int FLAG_FORCE = IInstalld.FLAG_FORCE;
public static final int FLAG_CLEAR_APP_DATA_KEEP_ART_PROFILES =
IInstalld.FLAG_CLEAR_APP_DATA_KEEP_ART_PROFILES;
private static final long CONNECT_RETRY_DELAY_MS = DateUtils.SECOND_IN_MILLIS;
private static final long CONNECT_WAIT_MS = 10 * DateUtils.SECOND_IN_MILLIS;
private final boolean mIsolated;
private volatile boolean mDeferSetFirstBoot;
private volatile IInstalld mInstalld = null;
private volatile CountDownLatch mInstalldLatch = new CountDownLatch(1);
private volatile Object mWarnIfHeld;
public Installer(Context context) {
this(context, false);
}
/**
* @param isolated Make the installer isolated. See {@link isIsolated}.
*/
public Installer(Context context, boolean isolated) {
super(context);
mIsolated = isolated;
}
/**
* Yell loudly if someone tries making future calls while holding a lock on
* the given object.
*/
public void setWarnIfHeld(Object warnIfHeld) {
mWarnIfHeld = warnIfHeld;
}
/**
* Returns true if the installer is isolated, i.e. if this object should <em>not</em> connect to
* the real {@code installd}. All remote calls will be ignored unless you extend this class and
* intercept them.
*/
public boolean isIsolated() {
return mIsolated;
}
@Override
public void onStart() {
if (mIsolated) {
mInstalld = null;
mInstalldLatch.countDown();
} else {
connect();
}
}
private void connect() {
IBinder binder = ServiceManager.getService("installd");
if (binder != null) {
try {
binder.linkToDeath(() -> {
Slog.w(TAG, "installd died; reconnecting");
mInstalldLatch = new CountDownLatch(1);
connect();
}, 0);
} catch (RemoteException e) {
binder = null;
}
}
if (binder != null) {
IInstalld installd = IInstalld.Stub.asInterface(binder);
mInstalld = installd;
mInstalldLatch.countDown();
try {
invalidateMounts();
executeDeferredActions();
} catch (InstallerException ignored) {
}
} else {
Slog.w(TAG, "installd not found; trying again");
BackgroundThread.getHandler().postDelayed(this::connect, CONNECT_RETRY_DELAY_MS);
}
}
/**
* Perform any deferred actions on mInstalld while the connection could not be made.
*/
private void executeDeferredActions() throws InstallerException {
if (mDeferSetFirstBoot) {
setFirstBoot();
}
}
/**
* Do several pre-flight checks before making a remote call.
*
* @return if the remote call should continue.
*/
private boolean checkBeforeRemote() throws InstallerException {
if (mWarnIfHeld != null && Thread.holdsLock(mWarnIfHeld)) {
Slog.wtf(TAG, "Calling thread " + Thread.currentThread().getName() + " is holding 0x"
+ Integer.toHexString(System.identityHashCode(mWarnIfHeld)), new Throwable());
}
if (mIsolated) {
Slog.i(TAG, "Ignoring request because this installer is isolated");
return false;
}
try {
if (!mInstalldLatch.await(CONNECT_WAIT_MS, TimeUnit.MILLISECONDS)) {
throw new InstallerException("time out waiting for the installer to be ready");
}
} catch (InterruptedException e) {
// Do nothing.
}
return true;
}
// We explicitly do NOT set previousAppId because the default value should always be 0.
// Manually override previousAppId after building CreateAppDataArgs for specific behaviors.
static CreateAppDataArgs buildCreateAppDataArgs(String uuid, String packageName,
int userId, int flags, int appId, String seInfo, int targetSdkVersion,
boolean usesSdk) {
final CreateAppDataArgs args = new CreateAppDataArgs();
args.uuid = uuid;
args.packageName = packageName;
args.userId = userId;
args.flags = flags;
if (usesSdk) {
args.flags |= FLAG_STORAGE_SDK;
}
args.appId = appId;
args.seInfo = seInfo;
args.targetSdkVersion = targetSdkVersion;
return args;
}
private static CreateAppDataResult buildPlaceholderCreateAppDataResult() {
final CreateAppDataResult result = new CreateAppDataResult();
result.ceDataInode = -1;
result.deDataInode = -1;
result.exceptionCode = 0;
result.exceptionMessage = null;
return result;
}
static ReconcileSdkDataArgs buildReconcileSdkDataArgs(String uuid, String packageName,
List<String> subDirNames, int userId, int appId,
String seInfo, int flags) {
final ReconcileSdkDataArgs args = new ReconcileSdkDataArgs();
args.uuid = uuid;
args.packageName = packageName;
args.subDirNames = subDirNames;
args.userId = userId;
args.appId = appId;
args.previousAppId = 0;
args.seInfo = seInfo;
args.flags = flags;
return args;
}
public @NonNull CreateAppDataResult createAppData(@NonNull CreateAppDataArgs args)
throws InstallerException {
if (!checkBeforeRemote()) {
return buildPlaceholderCreateAppDataResult();
}
// Hardcode previousAppId to 0 to disable any data migration (http://b/221088088)
args.previousAppId = 0;
try {
return mInstalld.createAppData(args);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public @NonNull CreateAppDataResult[] createAppDataBatched(@NonNull CreateAppDataArgs[] args)
throws InstallerException {
if (!checkBeforeRemote()) {
final CreateAppDataResult[] results = new CreateAppDataResult[args.length];
Arrays.fill(results, buildPlaceholderCreateAppDataResult());
return results;
}
// Hardcode previousAppId to 0 to disable any data migration (http://b/221088088)
for (final CreateAppDataArgs arg : args) {
arg.previousAppId = 0;
}
try {
return mInstalld.createAppDataBatched(args);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
void reconcileSdkData(@NonNull ReconcileSdkDataArgs args)
throws InstallerException {
if (!checkBeforeRemote()) {
return;
}
try {
mInstalld.reconcileSdkData(args);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Sets in Installd that it is first boot after data wipe
*/
public void setFirstBoot() throws InstallerException {
if (!checkBeforeRemote()) {
return;
}
try {
// mInstalld might be null if the connection could not be established.
if (mInstalld != null) {
mInstalld.setFirstBoot();
} else {
// if it is null while trying to set the first boot, set a flag to try and set the
// first boot when the connection is eventually established
mDeferSetFirstBoot = true;
}
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Class that collects multiple {@code installd} operations together in an
* attempt to more efficiently execute them in bulk.
* <p>
* Instead of returning results immediately, {@link CompletableFuture}
* instances are returned which can be used to chain follow-up work for each
* request.
* <p>
* The creator of this object <em>must</em> invoke {@link #execute()}
* exactly once to begin execution of all pending operations. Once execution
* has been kicked off, no additional events can be enqueued into this
* instance, but multiple instances can safely exist in parallel.
*/
public static class Batch {
private static final int CREATE_APP_DATA_BATCH_SIZE = 256;
private boolean mExecuted;
private final List<CreateAppDataArgs> mArgs = new ArrayList<>();
private final List<CompletableFuture<CreateAppDataResult>> mFutures = new ArrayList<>();
/**
* Enqueue the given {@code installd} operation to be executed in the
* future when {@link #execute(Installer)} is invoked.
* <p>
* Callers of this method are not required to hold a monitor lock on an
* {@link Installer} object.
*/
@NonNull
public synchronized CompletableFuture<CreateAppDataResult> createAppData(
CreateAppDataArgs args) {
if (mExecuted) {
throw new IllegalStateException();
}
final CompletableFuture<CreateAppDataResult> future = new CompletableFuture<>();
mArgs.add(args);
mFutures.add(future);
return future;
}
/**
* Execute all pending {@code installd} operations that have been
* collected by this batch in a blocking fashion.
* <p>
* Callers of this method <em>must</em> hold a monitor lock on the given
* {@link Installer} object.
*/
public synchronized void execute(@NonNull Installer installer) throws InstallerException {
if (mExecuted) throw new IllegalStateException();
mExecuted = true;
final int size = mArgs.size();
for (int i = 0; i < size; i += CREATE_APP_DATA_BATCH_SIZE) {
final CreateAppDataArgs[] args = new CreateAppDataArgs[Math.min(size - i,
CREATE_APP_DATA_BATCH_SIZE)];
for (int j = 0; j < args.length; j++) {
args[j] = mArgs.get(i + j);
}
final CreateAppDataResult[] results = installer.createAppDataBatched(args);
for (int j = 0; j < results.length; j++) {
final CreateAppDataResult result = results[j];
final CompletableFuture<CreateAppDataResult> future = mFutures.get(i + j);
if (result.exceptionCode == 0) {
future.complete(result);
} else {
future.completeExceptionally(
new InstallerException(result.exceptionMessage));
}
}
}
}
}
public void restoreconAppData(String uuid, String packageName, int userId, int flags, int appId,
String seInfo) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.restoreconAppData(uuid, packageName, userId, flags, appId, seInfo);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void migrateAppData(String uuid, String packageName, int userId, int flags)
throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.migrateAppData(uuid, packageName, userId, flags);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void clearAppData(String uuid, String packageName, int userId, int flags,
long ceDataInode) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.clearAppData(uuid, packageName, userId, flags, ceDataInode);
final StackTraceElement[] elements = Thread.currentThread().getStackTrace();
String className;
String methodName;
String fileName;
int lineNumber;
final int pid = Binder.getCallingPid();
final int uid = Binder.getCallingUid();
EventLog.writeEvent(EventLogTags.INSTALLER_CLEAR_APP_DATA_CALLER, pid, uid, packageName,
flags);
// Skip the first two elements since they are always the same, ie
// Thread#getStackTrace() and VMStack#getThreadStackTrace()
for (int i = 2; i < elements.length; i++) {
className = elements[i].getClassName();
methodName = elements[i].getMethodName();
fileName = elements[i].getFileName();
lineNumber = elements[i].getLineNumber();
EventLog.writeEvent(EventLogTags.INSTALLER_CLEAR_APP_DATA_CALL_STACK, methodName,
className, fileName, lineNumber);
}
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void destroyAppData(String uuid, String packageName, int userId, int flags,
long ceDataInode) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.destroyAppData(uuid, packageName, userId, flags, ceDataInode);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void fixupAppData(String uuid, int flags) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.fixupAppData(uuid, flags);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Remove all invalid dirs under app data folder.
* All dirs are supposed to be valid file and package names.
*/
public void cleanupInvalidPackageDirs(String uuid, int userId, int flags)
throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.cleanupInvalidPackageDirs(uuid, userId, flags);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void moveCompleteApp(String fromUuid, String toUuid, String packageName,
int appId, String seInfo, int targetSdkVersion,
String fromCodePath) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.moveCompleteApp(fromUuid, toUuid, packageName, appId, seInfo,
targetSdkVersion, fromCodePath);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void getAppSize(String uuid, String[] packageNames, int userId, int flags, int appId,
long[] ceDataInodes, String[] codePaths, PackageStats stats)
throws InstallerException {
if (!checkBeforeRemote()) return;
if (codePaths != null) {
for (String codePath : codePaths) {
BlockGuard.getVmPolicy().onPathAccess(codePath);
}
}
try {
final long[] res = mInstalld.getAppSize(uuid, packageNames, userId, flags,
appId, ceDataInodes, codePaths);
stats.codeSize += res[0];
stats.dataSize += res[1];
stats.cacheSize += res[2];
stats.externalCodeSize += res[3];
stats.externalDataSize += res[4];
stats.externalCacheSize += res[5];
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void getUserSize(String uuid, int userId, int flags, int[] appIds, PackageStats stats)
throws InstallerException {
if (!checkBeforeRemote()) return;
try {
final long[] res = mInstalld.getUserSize(uuid, userId, flags, appIds);
stats.codeSize += res[0];
stats.dataSize += res[1];
stats.cacheSize += res[2];
stats.externalCodeSize += res[3];
stats.externalDataSize += res[4];
stats.externalCacheSize += res[5];
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public long[] getExternalSize(String uuid, int userId, int flags, int[] appIds)
throws InstallerException {
if (!checkBeforeRemote()) return new long[6];
try {
return mInstalld.getExternalSize(uuid, userId, flags, appIds);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* To get all of the CrateMetadata of the crates for the specified user app by the installd.
*
* @param uuid the UUID
* @param packageNames the application package names
* @param userId the user id
* @return the array of CrateMetadata
*/
@Nullable
public CrateMetadata[] getAppCrates(@NonNull String uuid, @NonNull String[] packageNames,
@UserIdInt int userId) throws InstallerException {
if (!checkBeforeRemote()) return null;
try {
return mInstalld.getAppCrates(uuid, packageNames, userId);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* To retrieve all of the CrateMetadata of the crate for the specified user app by the installd.
*
* @param uuid the UUID
* @param userId the user id
* @return the array of CrateMetadata
*/
@Nullable
public CrateMetadata[] getUserCrates(String uuid, @UserIdInt int userId)
throws InstallerException {
if (!checkBeforeRemote()) return null;
try {
return mInstalld.getUserCrates(uuid, userId);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void setAppQuota(String uuid, int userId, int appId, long cacheQuota)
throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.setAppQuota(uuid, userId, appId, cacheQuota);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Runs dex optimization.
*
* @param apkPath Path of target APK
* @param uid UID of the package
* @param pkgName Name of the package
* @param instructionSet Target instruction set to run dex optimization.
* @param dexoptNeeded Necessary dex optimization for this request. Check
* {@link dalvik.system.DexFile#NO_DEXOPT_NEEDED},
* {@link dalvik.system.DexFile#DEX2OAT_FROM_SCRATCH},
* {@link dalvik.system.DexFile#DEX2OAT_FOR_BOOT_IMAGE}, and
* {@link dalvik.system.DexFile#DEX2OAT_FOR_FILTER}.
* @param outputPath Output path of generated dex optimization.
* @param dexFlags Check {@code DEXOPT_*} for allowed flags.
* @param compilerFilter Compiler filter like "verify", "speed-profile". Check
* {@code art/libartbase/base/compiler_filter.cc} for full list.
* @param volumeUuid UUID of the volume where the package data is stored. {@code null}
* represents internal storage.
* @param classLoaderContext This encodes the class loader chain (class loader type + class
* path) in a format compatible to dex2oat. Check
* {@code DexoptUtils.processContextForDexLoad} for further details.
* @param seInfo Selinux context to set for generated outputs.
* @param downgrade If set, allows downgrading {@code compilerFilter}. If downgrading is not
* allowed and requested {@code compilerFilter} is considered as downgrade,
* the request will be ignored.
* @param targetSdkVersion Target SDK version of the package.
* @param profileName Name of reference profile file.
* @param dexMetadataPath Specifies the location of dex metadata file.
* @param compilationReason Specifies the reason for the compilation like "install".
* @return {@code true} if {@code dexopt} is completed. {@code false} if it was cancelled.
*
* @throws InstallerException if {@code dexopt} fails.
*/
public boolean dexopt(String apkPath, int uid, String pkgName, String instructionSet,
int dexoptNeeded, @Nullable String outputPath, int dexFlags, String compilerFilter,
@Nullable String volumeUuid, @Nullable String classLoaderContext,
@Nullable String seInfo, boolean downgrade, int targetSdkVersion,
@Nullable String profileName, @Nullable String dexMetadataPath,
@Nullable String compilationReason)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
assertValidInstructionSet(instructionSet);
BlockGuard.getVmPolicy().onPathAccess(apkPath);
BlockGuard.getVmPolicy().onPathAccess(outputPath);
BlockGuard.getVmPolicy().onPathAccess(dexMetadataPath);
if (!checkBeforeRemote()) return false;
try {
return mInstalld.dexopt(apkPath, uid, pkgName, instructionSet, dexoptNeeded, outputPath,
dexFlags, compilerFilter, volumeUuid, classLoaderContext, seInfo, downgrade,
targetSdkVersion, profileName, dexMetadataPath, compilationReason);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Enables or disables dex optimization blocking.
*
* <p> Enabling blocking will also involve cancelling pending dexopt call and killing child
* processes forked from installd to run dexopt. The pending dexopt call will return false
* when it is cancelled.
*
* @param block set to true to enable blocking / false to disable blocking.
*/
public void controlDexOptBlocking(boolean block) throws LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
try {
mInstalld.controlDexOptBlocking(block);
} catch (Exception e) {
Slog.w(TAG, "blockDexOpt failed", e);
}
}
/**
* Analyzes the ART profiles of the given package, possibly merging the information
* into the reference profile. Returns whether or not we should optimize the package
* based on how much information is in the profile.
*
* @return one of {@link #PROFILE_ANALYSIS_OPTIMIZE},
* {@link #PROFILE_ANALYSIS_DONT_OPTIMIZE_SMALL_DELTA},
* {@link #PROFILE_ANALYSIS_DONT_OPTIMIZE_EMPTY_PROFILES}
*/
public int mergeProfiles(int uid, String packageName, String profileName)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return PROFILE_ANALYSIS_DONT_OPTIMIZE_SMALL_DELTA;
try {
return mInstalld.mergeProfiles(uid, packageName, profileName);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Dumps profiles associated with a package in a human readable format.
*/
public boolean dumpProfiles(int uid, String packageName, String profileName, String codePath,
boolean dumpClassesAndMethods)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return false;
BlockGuard.getVmPolicy().onPathAccess(codePath);
try {
return mInstalld.dumpProfiles(uid, packageName, profileName, codePath,
dumpClassesAndMethods);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public boolean copySystemProfile(String systemProfile, int uid, String packageName,
String profileName) throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return false;
try {
return mInstalld.copySystemProfile(systemProfile, uid, packageName, profileName);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void rmdex(String codePath, String instructionSet)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
assertValidInstructionSet(instructionSet);
if (!checkBeforeRemote()) return;
BlockGuard.getVmPolicy().onPathAccess(codePath);
try {
mInstalld.rmdex(codePath, instructionSet);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Remove a directory belonging to a package.
*/
public void rmPackageDir(String packageName, String packageDir) throws InstallerException {
if (!checkBeforeRemote()) return;
BlockGuard.getVmPolicy().onPathAccess(packageDir);
try {
mInstalld.rmPackageDir(packageName, packageDir);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void clearAppProfiles(String packageName, String profileName)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return;
try {
mInstalld.clearAppProfiles(packageName, profileName);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void destroyAppProfiles(String packageName)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return;
try {
mInstalld.destroyAppProfiles(packageName);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Deletes the reference profile with the given name of the given package.
* @throws InstallerException if the deletion fails.
*/
public void deleteReferenceProfile(String packageName, String profileName)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return;
try {
mInstalld.deleteReferenceProfile(packageName, profileName);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void createUserData(String uuid, int userId, int userSerial, int flags)
throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.createUserData(uuid, userId, userSerial, flags);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void destroyUserData(String uuid, int userId, int flags) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.destroyUserData(uuid, userId, flags);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Deletes cache from specified uuid until targetFreeBytes amount of space is free.
* flag denotes aggressive or non-aggresive mode where cache under quota is eligible or not
* respectively for clearing.
*/
public void freeCache(String uuid, long targetFreeBytes, int flags) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.freeCache(uuid, targetFreeBytes, flags);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Links the 32 bit native library directory in an application's data
* directory to the real location for backward compatibility. Note that no
* such symlink is created for 64 bit shared libraries.
*/
public void linkNativeLibraryDirectory(String uuid, String packageName, String nativeLibPath32,
int userId) throws InstallerException {
if (!checkBeforeRemote()) return;
BlockGuard.getVmPolicy().onPathAccess(nativeLibPath32);
try {
mInstalld.linkNativeLibraryDirectory(uuid, packageName, nativeLibPath32, userId);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Creates an oat dir for given package and instruction set.
*/
public void createOatDir(String packageName, String oatDir, String dexInstructionSet)
throws InstallerException {
// This method should be allowed even if ART Service is enabled, because it's used for
// creating oat dirs before creating hard links for partial installation.
// TODO(b/274658735): Add an ART Service API to support hard linking.
if (!checkBeforeRemote()) return;
try {
mInstalld.createOatDir(packageName, oatDir, dexInstructionSet);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Creates a hardlink for a path.
*/
public void linkFile(String packageName, String relativePath, String fromBase, String toBase)
throws InstallerException {
if (!checkBeforeRemote()) return;
BlockGuard.getVmPolicy().onPathAccess(fromBase);
BlockGuard.getVmPolicy().onPathAccess(toBase);
try {
mInstalld.linkFile(packageName, relativePath, fromBase, toBase);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Moves oat/vdex/art from "B" set defined by ro.boot.slot_suffix to the default set.
*/
public void moveAb(String packageName, String apkPath, String instructionSet, String outputPath)
throws InstallerException {
if (!checkBeforeRemote()) return;
BlockGuard.getVmPolicy().onPathAccess(apkPath);
BlockGuard.getVmPolicy().onPathAccess(outputPath);
try {
mInstalld.moveAb(packageName, apkPath, instructionSet, outputPath);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Deletes the optimized artifacts generated by ART and returns the number
* of freed bytes.
*/
public long deleteOdex(String packageName, String apkPath, String instructionSet,
String outputPath) throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return -1;
BlockGuard.getVmPolicy().onPathAccess(apkPath);
BlockGuard.getVmPolicy().onPathAccess(outputPath);
try {
return mInstalld.deleteOdex(packageName, apkPath, instructionSet, outputPath);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public boolean reconcileSecondaryDexFile(String apkPath, String packageName, int uid,
String[] isas, @Nullable String volumeUuid, int flags)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
for (int i = 0; i < isas.length; i++) {
assertValidInstructionSet(isas[i]);
}
if (!checkBeforeRemote()) return false;
BlockGuard.getVmPolicy().onPathAccess(apkPath);
try {
return mInstalld.reconcileSecondaryDexFile(apkPath, packageName, uid, isas,
volumeUuid, flags);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public byte[] hashSecondaryDexFile(String dexPath, String packageName, int uid,
@Nullable String volumeUuid, int flags) throws InstallerException {
if (!checkBeforeRemote()) return new byte[0];
BlockGuard.getVmPolicy().onPathAccess(dexPath);
try {
return mInstalld.hashSecondaryDexFile(dexPath, packageName, uid, volumeUuid, flags);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public boolean createProfileSnapshot(int appId, String packageName, String profileName,
String classpath) throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return false;
try {
return mInstalld.createProfileSnapshot(appId, packageName, profileName, classpath);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void destroyProfileSnapshot(String packageName, String profileName)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return;
try {
mInstalld.destroyProfileSnapshot(packageName, profileName);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public void invalidateMounts() throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.invalidateMounts();
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public boolean isQuotaSupported(String volumeUuid) throws InstallerException {
if (!checkBeforeRemote()) return false;
try {
return mInstalld.isQuotaSupported(volumeUuid);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Bind mount private volume CE and DE mirror storage.
*/
public void tryMountDataMirror(String volumeUuid) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.tryMountDataMirror(volumeUuid);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Unmount private volume CE and DE mirror storage.
*/
public void onPrivateVolumeRemoved(String volumeUuid) throws InstallerException {
if (!checkBeforeRemote()) return;
try {
mInstalld.onPrivateVolumeRemoved(volumeUuid);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Prepares the app profile for the package at the given path:
* <ul>
* <li>Creates the current profile for the given user ID, unless the user ID is
* {@code UserHandle.USER_NULL}.</li>
* <li>Merges the profile from the dex metadata file (if present) into the reference
* profile.</li>
* </ul>
*/
public boolean prepareAppProfile(String pkg, @UserIdInt int userId, @AppIdInt int appId,
String profileName, String codePath, String dexMetadataPath)
throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return false;
BlockGuard.getVmPolicy().onPathAccess(codePath);
BlockGuard.getVmPolicy().onPathAccess(dexMetadataPath);
try {
return mInstalld.prepareAppProfile(pkg, userId, appId, profileName, codePath,
dexMetadataPath);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Snapshots user data of the given package.
*
* @param pkg name of the package to snapshot user data for.
* @param userId id of the user whose data to snapshot.
* @param snapshotId id of this snapshot.
* @param storageFlags flags controlling which data (CE or DE) to snapshot.
*
* @return {@code true} if the snapshot was taken successfully, or {@code false} if a remote
* call shouldn't be continued. See {@link #checkBeforeRemote}.
*
* @throws InstallerException if failed to snapshot user data.
*/
public boolean snapshotAppData(String pkg, @UserIdInt int userId, int snapshotId,
int storageFlags) throws InstallerException {
if (!checkBeforeRemote()) return false;
try {
mInstalld.snapshotAppData(null, pkg, userId, snapshotId, storageFlags);
return true;
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Restores user data snapshot of the given package.
*
* @param pkg name of the package to restore user data for.
* @param appId id of the package to restore user data for.
* @param userId id of the user whose data to restore.
* @param snapshotId id of the snapshot to restore.
* @param storageFlags flags controlling which data (CE or DE) to restore.
*
* @return {@code true} if user data restore was successful, or {@code false} if a remote call
* shouldn't be continued. See {@link #checkBeforeRemote}.
*
* @throws InstallerException if failed to restore user data.
*/
public boolean restoreAppDataSnapshot(String pkg, @AppIdInt int appId, String seInfo,
@UserIdInt int userId, int snapshotId, int storageFlags) throws InstallerException {
if (!checkBeforeRemote()) return false;
try {
mInstalld.restoreAppDataSnapshot(null, pkg, appId, seInfo, userId, snapshotId,
storageFlags);
return true;
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Deletes user data snapshot of the given package.
*
* @param pkg name of the package to delete user data snapshot for.
* @param userId id of the user whose user data snapshot to delete.
* @param snapshotId id of the snapshot to delete.
* @param storageFlags flags controlling which user data snapshot (CE or DE) to delete.
*
* @return {@code true} if user data snapshot was successfully deleted, or {@code false} if a
* remote call shouldn't be continued. See {@link #checkBeforeRemote}.
*
* @throws InstallerException if failed to delete user data snapshot.
*/
public boolean destroyAppDataSnapshot(String pkg, @UserIdInt int userId,
int snapshotId, int storageFlags) throws InstallerException {
if (!checkBeforeRemote()) return false;
try {
mInstalld.destroyAppDataSnapshot(null, pkg, userId, 0, snapshotId, storageFlags);
return true;
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Deletes all snapshots of credential encrypted user data, where the snapshot id is not
* included in {@code retainSnapshotIds}.
*
* @param userId id of the user whose user data snapshots to delete.
* @param retainSnapshotIds ids of the snapshots that should not be deleted.
*
* @return {@code true} if the operation was successful, or {@code false} if a remote call
* shouldn't be continued. See {@link #checkBeforeRemote}.
*
* @throws InstallerException if failed to delete user data snapshot.
*/
public boolean destroyCeSnapshotsNotSpecified(@UserIdInt int userId,
int[] retainSnapshotIds) throws InstallerException {
if (!checkBeforeRemote()) return false;
try {
mInstalld.destroyCeSnapshotsNotSpecified(null, userId, retainSnapshotIds);
return true;
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Migrates obb data from its legacy location {@code /data/media/obb} to
* {@code /data/media/0/Android/obb}. This call is idempotent and a fast no-op if data has
* already been migrated.
*
* @throws InstallerException if an error occurs.
*/
public boolean migrateLegacyObbData() throws InstallerException {
if (!checkBeforeRemote()) return false;
try {
mInstalld.migrateLegacyObbData();
return true;
} catch (Exception e) {
throw InstallerException.from(e);
}
}
private static void assertValidInstructionSet(String instructionSet)
throws InstallerException {
for (String abi : Build.SUPPORTED_ABIS) {
if (VMRuntime.getInstructionSet(abi).equals(instructionSet)) {
return;
}
}
throw new InstallerException("Invalid instruction set: " + instructionSet);
}
/**
* Returns the visibility of the optimized artifacts.
*
* @param packageName name of the package.
* @param apkPath path to the APK.
* @param instructionSet instruction set of the optimized artifacts.
* @param outputPath path to the directory that contains the optimized artifacts (i.e., the
* directory that {@link #dexopt} outputs to).
*
* @return {@link #ODEX_NOT_FOUND} if the optimized artifacts are not found, or
* {@link #ODEX_IS_PUBLIC} if the optimized artifacts are accessible by all apps, or
* {@link #ODEX_IS_PRIVATE} if the optimized artifacts are only accessible by this app.
*
* @throws InstallerException if failed to get the visibility of the optimized artifacts.
*/
public int getOdexVisibility(String packageName, String apkPath, String instructionSet,
String outputPath) throws InstallerException, LegacyDexoptDisabledException {
checkLegacyDexoptDisabled();
if (!checkBeforeRemote()) return -1;
BlockGuard.getVmPolicy().onPathAccess(apkPath);
BlockGuard.getVmPolicy().onPathAccess(outputPath);
try {
return mInstalld.getOdexVisibility(packageName, apkPath, instructionSet, outputPath);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Returns an auth token for the provided writable FD.
*
* @param authFd a file descriptor to proof that the caller can write to the file.
* @param uid uid of the calling app.
*
* @return authToken, or null if a remote call shouldn't be continued. See {@link
* #checkBeforeRemote}.
*
* @throws InstallerException if the remote call failed.
*/
public IInstalld.IFsveritySetupAuthToken createFsveritySetupAuthToken(
ParcelFileDescriptor authFd, int uid) throws InstallerException {
if (!checkBeforeRemote()) {
return null;
}
try {
return mInstalld.createFsveritySetupAuthToken(authFd, uid);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
/**
* Enables fs-verity to the given app file.
*
* @param authToken a token previously returned from {@link #createFsveritySetupAuthToken}.
* @param filePath file path of the package to enable fs-verity.
* @param packageName name of the package.
*
* @return 0 if the operation was successful, otherwise {@code errno}.
*
* @throws InstallerException if the remote call failed (e.g. see {@link #checkBeforeRemote}).
*/
public int enableFsverity(IInstalld.IFsveritySetupAuthToken authToken, String filePath,
String packageName) throws InstallerException {
if (!checkBeforeRemote()) {
throw new InstallerException("fs-verity wasn't enabled with an isolated installer");
}
BlockGuard.getVmPolicy().onPathAccess(filePath);
try {
return mInstalld.enableFsverity(authToken, filePath, packageName);
} catch (Exception e) {
throw InstallerException.from(e);
}
}
public static class InstallerException extends Exception {
public InstallerException(String detailMessage) {
super(detailMessage);
}
public static InstallerException from(Exception e) throws InstallerException {
throw new InstallerException(e.toString());
}
}
/**
* A checked exception that is thrown in legacy dexopt code paths when ART Service should be
* used instead.
*/
public static class LegacyDexoptDisabledException extends Exception {
// TODO(b/260124949): Remove the legacy dexopt code paths, i.e. this exception and all code
// that may throw it.
public LegacyDexoptDisabledException() {
super("Invalid call to legacy dexopt method while ART Service is in use.");
}
}
/**
* Throws LegacyDexoptDisabledException if ART Service should be used instead of the
* {@link android.os.IInstalld} method that follows this method call.
*/
public static void checkLegacyDexoptDisabled() throws LegacyDexoptDisabledException {
if (useArtService()) {
throw new LegacyDexoptDisabledException();
}
}
}