diff options
| author | 2022-06-24 17:10:23 +0800 | |
|---|---|---|
| committer | 2022-06-24 17:10:23 +0800 | |
| commit | a8670dfd570a295f99d45ad45a175a48defbbc86 (patch) | |
| tree | bedf785aa00d35f897e7cf3dd3f8a3b803b5c2e0 | |
| parent | bdfb8336a59bc87abaf1f7ed2b48fa9ce8c724d3 (diff) | |
Only allow the system or shell to delete oat artifacts
This also fixes the side channel information disclosure
of the package existence caused by the `pm delete-dexopt`
command.
Bug: 232415364
Test: atest PackageManagerTest
Change-Id: Ifed5d73234276fcb47d79ecb22fb6e7101d6b077
| -rw-r--r-- | services/core/java/com/android/server/pm/PackageManagerService.java | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 109e7071469c..a909977583b4 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -6760,6 +6760,9 @@ public class PackageManagerService implements PackageSender, TestUtilityService } long deleteOatArtifactsOfPackage(@NonNull Computer snapshot, String packageName) { + PackageManagerServiceUtils.enforceSystemOrRootOrShell( + "Only the system or shell can delete oat artifacts"); + PackageStateInternal packageState = snapshot.getPackageStateInternal(packageName); if (packageState == null || packageState.getPkg() == null) { return -1; // error code of deleteOptimizedFiles |