Send more information to verifiers

Send package name, version code and the uid of the application requesting the
install to package verifiers.

Bug: 7164155
Change-Id: I2464dc5d4551f60b4f38f7982495a8920c83e1cd

Author: rich cannings

core/java/android/content/pm/PackageManager.java

@@ -1150,6 +1150,22 @@ public NameNotFoundException(String name) {
     public static final String EXTRA_VERIFICATION_INSTALL_FLAGS
             = "android.content.pm.extra.VERIFICATION_INSTALL_FLAGS";
 
+    /**
+     * Extra field name for the uid of who is requesting to install
+     * the package.
+     *
+     * @hide
+     */
+    public static final String EXTRA_VERIFICATION_INSTALLER_UID
+            = "android.content.pm.extra.VERIFICATION_INSTALLER_UID";
+
+    /**
+     * Extra field name for the package name of a package pending verification.
+     *
+     * @hide
+     */
+    public static final String EXTRA_VERIFICATION_PACKAGE_NAME
+            = "android.content.pm.extra.VERIFICATION_PACKAGE_NAME";
     /**
      * Extra field name for the result of a verification, either
      * {@link #VERIFICATION_ALLOW}, or {@link #VERIFICATION_REJECT}.
@@ -1158,6 +1174,14 @@ public NameNotFoundException(String name) {
     public static final String EXTRA_VERIFICATION_RESULT
             = "android.content.pm.extra.VERIFICATION_RESULT";
 
+    /**
+     * Extra field name for the version code of a package pending verification.
+     *
+     * @hide
+     */
+    public static final String EXTRA_VERIFICATION_VERSION_CODE
+            = "android.content.pm.extra.VERIFICATION_VERSION_CODE";
+
     /**
      * Retrieve overall information about an application package that is
      * installed on the system.

core/java/android/content/pm/VerificationParams.java

@@ -39,6 +39,9 @@ public class VerificationParams implements Parcelable {
     /** HTTP referrer URI associated with the originatingURI. */
     private final Uri mReferrer;
 
+    /** UID of application requesting the install */
+    private int mInstallerUid;
+
     /**
      * An object that holds the digest of the package which can be used to
      * verify ownership.
@@ -63,6 +66,7 @@ public VerificationParams(Uri verificationURI, Uri originatingURI, Uri referrer,
         mOriginatingURI = originatingURI;
         mReferrer = referrer;
         mManifestDigest = manifestDigest;
+        mInstallerUid = -1;
     }
 
     public Uri getVerificationURI() {
@@ -81,6 +85,15 @@ public ManifestDigest getManifestDigest() {
         return mManifestDigest;
     }
 
+    /** @return -1 when not set */
+    public int getInstallerUid() {
+        return mInstallerUid;
+    }
+
+    public void setInstallerUid(int uid) {
+        mInstallerUid = uid;
+    }
+
     @Override
     public int describeContents() {
         return 0;
@@ -126,6 +139,10 @@ public boolean equals(Object o) {
             return false;
         }
 
+        if (mInstallerUid != other.mInstallerUid) {
+            return false;
+        }
+
         return true;
     }
 
@@ -137,6 +154,7 @@ public int hashCode() {
         hash += 7 * (mOriginatingURI==null?1:mOriginatingURI.hashCode());
         hash += 11 * (mReferrer==null?1:mReferrer.hashCode());
         hash += 13 * (mManifestDigest==null?1:mManifestDigest.hashCode());
+        hash += 17 * mInstallerUid;
 
         return hash;
     }
@@ -153,6 +171,8 @@ public String toString() {
         sb.append(mReferrer.toString());
         sb.append(",mManifestDigest=");
         sb.append(mManifestDigest.toString());
+        sb.append(",mInstallerUid=");
+        sb.append(mInstallerUid);
         sb.append('}');
 
         return sb.toString();
@@ -164,6 +184,7 @@ public void writeToParcel(Parcel dest, int flags) {
         dest.writeParcelable(mOriginatingURI, 0);
         dest.writeParcelable(mReferrer, 0);
         dest.writeParcelable(mManifestDigest, 0);
+        dest.writeInt(mInstallerUid);
     }
 
 
@@ -172,6 +193,7 @@ private VerificationParams(Parcel source) {
         mOriginatingURI = source.readParcelable(Uri.class.getClassLoader());
         mReferrer = source.readParcelable(Uri.class.getClassLoader());
         mManifestDigest = source.readParcelable(ManifestDigest.class.getClassLoader());
+        mInstallerUid = source.readInt();
     }
 
     public static final Parcelable.Creator<VerificationParams> CREATOR =

core/tests/coretests/src/android/content/pm/VerificationParamsTest.java

@@ -34,6 +34,7 @@ public class VerificationParamsTest extends AndroidTestCase {
     private final static String ORIGINATING_URI_STRING = "http://originating.uri/path";
     private final static String REFERRER_STRING = "http://referrer.uri/path";
     private final static byte[] DIGEST_BYTES = "fake digest".getBytes();
+    private final static int INSTALLER_UID = 42;
 
     private final static Uri VERIFICATION_URI = Uri.parse(VERIFICATION_URI_STRING);
     private final static Uri ORIGINATING_URI = Uri.parse(ORIGINATING_URI_STRING);
@@ -115,6 +116,18 @@ public void testEquals_ManifestDigest_Failure() throws Exception {
         assertFalse(params1.equals(params2));
     }
 
+    public void testEquals_InstallerUid_Failure() throws Exception {
+        VerificationParams params1 = new VerificationParams(VERIFICATION_URI, ORIGINATING_URI,
+                REFERRER, MANIFEST_DIGEST);
+
+        VerificationParams params2 = new VerificationParams(
+                Uri.parse(VERIFICATION_URI_STRING), Uri.parse(ORIGINATING_URI_STRING),
+                Uri.parse(REFERRER_STRING), new ManifestDigest(DIGEST_BYTES));
+        params2.setInstallerUid(INSTALLER_UID);
+
+        assertFalse(params1.equals(params2));
+    }
+
     public void testHashCode_Success() throws Exception {
         VerificationParams params1 = new VerificationParams(VERIFICATION_URI, ORIGINATING_URI,
                 REFERRER, MANIFEST_DIGEST);
@@ -168,4 +181,16 @@ public void testHashCode_ManifestDigest_Failure() throws Exception {
 
         assertFalse(params1.hashCode() == params2.hashCode());
     }
+
+    public void testHashCode_InstallerUid_Failure() throws Exception {
+        VerificationParams params1 = new VerificationParams(VERIFICATION_URI, ORIGINATING_URI,
+                REFERRER, MANIFEST_DIGEST);
+
+        VerificationParams params2 = new VerificationParams(
+                Uri.parse(VERIFICATION_URI_STRING), Uri.parse(ORIGINATING_URI_STRING),
+                Uri.parse(REFERRER_STRING), new ManifestDigest("a different digest".getBytes()));
+        params2.setInstallerUid(INSTALLER_UID);
+
+        assertFalse(params1.hashCode() == params2.hashCode());
+    }
 }

services/java/com/android/server/pm/PackageManagerService.java

@@ -5664,6 +5664,8 @@ public void installPackageWithVerificationAndEncryption(Uri packageURI,
             filteredFlags = flags & ~PackageManager.INSTALL_FROM_ADB;
         }
 
+        verificationParams.setInstallerUid(uid);
+
         final Message msg = mHandler.obtainMessage(INIT_COPY);
         msg.obj = new InstallParams(packageURI, observer, filteredFlags, installerPackageName,
                 verificationParams, encryptionParams, user);
@@ -6428,6 +6430,12 @@ public void handleStartCopy() throws RemoteException {
 
                     verification.putExtra(PackageManager.EXTRA_VERIFICATION_INSTALL_FLAGS, flags);
 
+                    verification.putExtra(PackageManager.EXTRA_VERIFICATION_PACKAGE_NAME,
+                            pkgLite.packageName);
+
+                    verification.putExtra(PackageManager.EXTRA_VERIFICATION_VERSION_CODE,
+                            pkgLite.versionCode);
+
                     if (verificationParams != null) {
                         if (verificationParams.getVerificationURI() != null) {
                            verification.putExtra(PackageManager.EXTRA_VERIFICATION_URI,
@@ -6441,6 +6449,10 @@ public void handleStartCopy() throws RemoteException {
                             verification.putExtra(Intent.EXTRA_REFERRER,
                                   verificationParams.getReferrer());
                         }
+                        if (verificationParams.getInstallerUid() >= 0) {
+                            verification.putExtra(PackageManager.EXTRA_VERIFICATION_INSTALLER_UID,
+                                  verificationParams.getInstallerUid());
+                        }
                     }
 
                     final PackageVerificationState verificationState = new PackageVerificationState(