android 系统中将一个apk应用打入死牢==》禁止在android系统中安装某一个apk应用

已于 2022-02-06 14:40:35 修改
阅读量1k 收藏 1
点赞数
分类专栏: Android 系统 文章标签: pms android 系统
于 2019-08-10 16:02:40 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xct841990555/article/details/99081423
版权
需求

有时候我们在维护开发一个android 系统的时候,不想要我们这个系统去安装某一个公司的apk,只要是已安装,就会安装失败。我们可以这样做:

在PMS中:

frameworks / base/services/core/java/com/android/server/pm/PackageManagerService.java

 /*
         * Invoke remote method to get package information and install
         * location values. Override install location based on default
         * policy if needed and then create install arguments based
         * on the install location.
         */
        public void handleStartCopy() throws RemoteException {
            int ret = PackageManager.INSTALL_SUCCEEDED;

            // If we're already staged, we've firmly committed to an install location
            if (origin.staged) {
                if (origin.file != null) {
                    installFlags |= PackageManager.INSTALL_INTERNAL;
                    installFlags &= ~PackageManager.INSTALL_EXTERNAL;
                } else {
                    throw new IllegalStateException("Invalid stage location");
                }
            }

            final boolean onSd = (installFlags & PackageManager.INSTALL_EXTERNAL) != 0;
            final boolean onInt = (installFlags & PackageManager.INSTALL_INTERNAL) != 0;
            final boolean ephemeral = (installFlags & PackageManager.INSTALL_INSTANT_APP) != 0;
            PackageInfoLite pkgLite = null;

            if (onInt && onSd) {
                // Check if both bits are set.
                Slog.w(TAG, "Conflicting flags specified for installing on both internal and external");
                ret = PackageManager.INSTALL_FAILED_INVALID_INSTALL_LOCATION;
            } else if (onSd && ephemeral) {
                Slog.w(TAG,  "Conflicting flags specified for installing ephemeral on external");
                ret = PackageManager.INSTALL_FAILED_INVALID_INSTALL_LOCATION;
            } else {
                pkgLite = mContainerService.getMinimalPackageInfo(origin.resolvedPath, installFlags,
                        packageAbiOverride);

                if (DEBUG_INSTANT && ephemeral) {
                    Slog.v(TAG, "pkgLite for install: " + pkgLite);
                }

                /*
                 * If we have too little free space, try to free cache
                 * before giving up.
                 */
                if (!origin.staged && pkgLite.recommendedInstallLocation
                        == PackageHelper.RECOMMEND_FAILED_INSUFFICIENT_STORAGE) {
                    // TODO: focus freeing disk space on the target device
                    final StorageManager storage = StorageManager.from(mContext);
                    final long lowThreshold = storage.getStorageLowBytes(
                            Environment.getDataDirectory());

                    final long sizeBytes = mContainerService.calculateInstalledSize(
                            origin.resolvedPath, packageAbiOverride);

                    try {
                        mInstaller.freeCache(null, sizeBytes + lowThreshold, 0, 0);
                        pkgLite = mContainerService.getMinimalPackageInfo(origin.resolvedPath,
                                installFlags, packageAbiOverride);
                    } catch (InstallerException e) {
                        Slog.w(TAG, "Failed to free cache", e);
                    }

                    /*
                     * The cache free must have deleted the file we
                     * downloaded to install.
                     *
                     * TODO: fix the "freeCache" call to not delete
                     *       the file we care about.
                     */
                    if (pkgLite.recommendedInstallLocation
                            == PackageHelper.RECOMMEND_FAILED_INVALID_URI) {
                        pkgLite.recommendedInstallLocation
                            = PackageHelper.RECOMMEND_FAILED_INSUFFICIENT_STORAGE;
                    }
                }
            }
			if(条件成立){
		ret =PackageManager.INSTALL_FAILED_INVALID_INSTALL_LOCATION;    //1
	}
            if (ret == PackageManager.INSTALL_SUCCEEDED) {
                int loc = pkgLite.recommendedInstallLocation;
                if (loc == PackageHelper.RECOMMEND_FAILED_INVALID_LOCATION) {
                    ret = PackageManager.INSTALL_FAILED_INVALID_INSTALL_LOCATION;
                } else if (loc == PackageHelper.RECOMMEND_FAILED_ALREADY_EXISTS) {
                    ret = PackageManager.INSTALL_FAILED_ALREADY_EXISTS;
                } else if (loc == PackageHelper.RECOMMEND_FAILED_INSUFFICIENT_STORAGE) {
                    ret = PackageManager.INSTALL_FAILED_INSUFFICIENT_STORAGE;
                } else if (loc == PackageHelper.RECOMMEND_FAILED_INVALID_APK) {
                    ret = PackageManager.INSTALL_FAILED_INVALID_APK;
                } else if (loc == PackageHelper.RECOMMEND_FAILED_INVALID_URI) {
                    ret = PackageManager.INSTALL_FAILED_INVALID_URI;
                } else if (loc == PackageHelper.RECOMMEND_MEDIA_UNAVAILABLE) {
                    ret = PackageManager.INSTALL_FAILED_MEDIA_UNAVAILABLE;
                } else {
                    // Override with defaults if needed.
                    loc = installLocationPolicy(pkgLite);
                    if (loc == PackageHelper.RECOMMEND_FAILED_VERSION_DOWNGRADE) {
                        ret = PackageManager.INSTALL_FAILED_VERSION_DOWNGRADE;
                    } else if (!onSd && !onInt) {
                        // Override install location with flags
                        if (loc == PackageHelper.RECOMMEND_INSTALL_EXTERNAL) {
                            // Set the flag to install on external media.
                            installFlags |= PackageManager.INSTALL_EXTERNAL;
                            installFlags &= ~PackageManager.INSTALL_INTERNAL;
                        } else if (loc == PackageHelper.RECOMMEND_INSTALL_EPHEMERAL) {
                            if (DEBUG_INSTANT) {
                                Slog.v(TAG, "...setting INSTALL_EPHEMERAL install flag");
                            }
                            installFlags |= PackageManager.INSTALL_INSTANT_APP;
                            installFlags &= ~(PackageManager.INSTALL_EXTERNAL
                                    |PackageManager.INSTALL_INTERNAL);
                        } else {
                            // Make sure the flag for installing on external
                            // media is unset
                            installFlags |= PackageManager.INSTALL_INTERNAL;
                            installFlags &= ~PackageManager.INSTALL_EXTERNAL;
                        }
                    }
                }
            }

            final InstallArgs args = createInstallArgs(this);
            mArgs = args;

            if (ret == PackageManager.INSTALL_SUCCEEDED) {
                // TODO: http://b/22976637
                // Apps installed for "all" users use the device owner to verify the app
                UserHandle verifierUser = getUser();
                if (verifierUser == UserHandle.ALL) {
                    verifierUser = UserHandle.SYSTEM;
                }

                /*
                 * Determine if we have any installed package verifiers. If we
                 * do, then we'll defer to them to verify the packages.
                 */
                final int requiredUid = mRequiredVerifierPackage == null ? -1
                        : getPackageUid(mRequiredVerifierPackage, MATCH_DEBUG_TRIAGED_MISSING,
                                verifierUser.getIdentifier());
                final int installerUid =
                        verificationInfo == null ? -1 : verificationInfo.installerUid;
                if (!origin.existing && requiredUid != -1
                        && isVerificationEnabled(
                                verifierUser.getIdentifier(), installFlags, installerUid)) {
                    final Intent verification = new Intent(
                            Intent.ACTION_PACKAGE_NEEDS_VERIFICATION);
                    verification.addFlags(Intent.FLAG_RECEIVER_FOREGROUND);
                    verification.setDataAndType(Uri.fromFile(new File(origin.resolvedPath)),
                            PACKAGE_MIME_TYPE);
                    verification.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);

                    // Query all live verifiers based on current user state
                    final List<ResolveInfo> receivers = queryIntentReceiversInternal(verification,
                            PACKAGE_MIME_TYPE, 0, verifierUser.getIdentifier(),
                            false /*allowDynamicSplits*/);

                    if (DEBUG_VERIFY) {
                        Slog.d(TAG, "Found " + receivers.size() + " verifiers for intent "
                                + verification.toString() + " with " + pkgLite.verifiers.length
                                + " optional verifiers");
                    }

                    final int verificationId = mPendingVerificationToken++;

                    verification.putExtra(PackageManager.EXTRA_VERIFICATION_ID, verificationId);

                    verification.putExtra(PackageManager.EXTRA_VERIFICATION_INSTALLER_PACKAGE,
                            installerPackageName);

                    verification.putExtra(PackageManager.EXTRA_VERIFICATION_INSTALL_FLAGS,
                            installFlags);

                    verification.putExtra(PackageManager.EXTRA_VERIFICATION_PACKAGE_NAME,
                            pkgLite.packageName);

                    verification.putExtra(PackageManager.EXTRA_VERIFICATION_VERSION_CODE,
                            pkgLite.versionCode);

                    verification.putExtra(PackageManager.EXTRA_VERIFICATION_LONG_VERSION_CODE,
                            pkgLite.getLongVersionCode());

                    if (verificationInfo != null) {
                        if (verificationInfo.originatingUri != null) {
                            verification.putExtra(Intent.EXTRA_ORIGINATING_URI,
                                    verificationInfo.originatingUri);
                        }
                        if (verificationInfo.referrer != null) {
                            verification.putExtra(Intent.EXTRA_REFERRER,
                                    verificationInfo.referrer);
                        }
                        if (verificationInfo.originatingUid >= 0) {
                            verification.putExtra(Intent.EXTRA_ORIGINATING_UID,
                                    verificationInfo.originatingUid);
                        }
                        if (verificationInfo.installerUid >= 0) {
                            verification.putExtra(PackageManager.EXTRA_VERIFICATION_INSTALLER_UID,
                                    verificationInfo.installerUid);
                        }
                    }

                    final PackageVerificationState verificationState = new PackageVerificationState(
                            requiredUid, args);

                    mPendingVerification.append(verificationId, verificationState);

                    final List<ComponentName> sufficientVerifiers = matchVerifiers(pkgLite,
                            receivers, verificationState);

                    DeviceIdleController.LocalService idleController = getDeviceIdleController();
                    final long idleDuration = getVerificationTimeout();

                    /*
                     * If any sufficient verifiers were listed in the package
                     * manifest, attempt to ask them.
                     */
                    if (sufficientVerifiers != null) {
                        final int N = sufficientVerifiers.size();
                        if (N == 0) {
                            Slog.i(TAG, "Additional verifiers required, but none installed.");
                            ret = PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE;
                        } else {
                            for (int i = 0; i < N; i++) {
                                final ComponentName verifierComponent = sufficientVerifiers.get(i);
                                idleController.addPowerSaveTempWhitelistApp(Process.myUid(),
                                        verifierComponent.getPackageName(), idleDuration,
                                        verifierUser.getIdentifier(), false, "package verifier");

                                final Intent sufficientIntent = new Intent(verification);
                                sufficientIntent.setComponent(verifierComponent);
                                mContext.sendBroadcastAsUser(sufficientIntent, verifierUser);
                            }
                        }
                    }

                    final ComponentName requiredVerifierComponent = matchComponentForVerifier(
                            mRequiredVerifierPackage, receivers);
                    if (ret == PackageManager.INSTALL_SUCCEEDED
                            && mRequiredVerifierPackage != null) {
                        Trace.asyncTraceBegin(
                                TRACE_TAG_PACKAGE_MANAGER, "verification", verificationId);
                        /*
                         * Send the intent to the required verification agent,
                         * but only start the verification timeout after the
                         * target BroadcastReceivers have run.
                         */
                        verification.setComponent(requiredVerifierComponent);
                        idleController.addPowerSaveTempWhitelistApp(Process.myUid(),
                                mRequiredVerifierPackage, idleDuration,
                                verifierUser.getIdentifier(), false, "package verifier");
                        mContext.sendOrderedBroadcastAsUser(verification, verifierUser,
                                android.Manifest.permission.PACKAGE_VERIFICATION_AGENT,
                                new BroadcastReceiver() {
                                    @Override
                                    public void onReceive(Context context, Intent intent) {
                                        final Message msg = mHandler
                                                .obtainMessage(CHECK_PENDING_VERIFICATION);
                                        msg.arg1 = verificationId;
                                        mHandler.sendMessageDelayed(msg, getVerificationTimeout());
                                    }
                                }, null, 0, null, null);

                        /*
                         * We don't want the copy to proceed until verification
                         * succeeds, so null out this field.
                         */
                        mArgs = null;
                    }
                } else {
                    /*
                     * No package verification is enabled, so immediately start
                     * the remote call to initiate copy using temporary file.
                     */
                    ret = args.copyApk(mContainerService, true);
                }
            }

            mRet = ret;
        }

在1处,可以直接根据条件将安装结果置为fail。这样就不会安装成功了。

假装多好123
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
LAMP环境搭建-Centos6
艾泽拉斯队友克星
10-13 249
LAMP环境搭建-Centos6 前言 本文重点在于后面的LAMP环境源码搭建步骤,前面会简单的介绍LAMP环境的构成和大致原理,如有偏差处,欢迎大家指正,谢谢。 基本理论说明 LAMP构成 LAMP 是Linux Apache MySQL PHP的简写,其实就是把Apache, MySQL以及PHP安装在Linux系统上,组成一个环境来运行php的脚本语言。 部署方式 yum安装 优点:安装部署便捷。 缺点:软件版本固定,且版本较低。 源码安装 优点:版本自选,可自定义性强。 缺点:难度较大,维护
利用PackageManager做一个禁用某个系统应用的功能
忘冻鱼的博客
08-15 2756
不积跬步无以至千里 一、需求 如果我们想要禁用掉一个系统应用,不想再让他本身被打开,并且不想让它被别的应用调起来(情景:例如浏览器,本身点图标,你不想打开此应用,而且你在qq里打开一个网址,会调用到浏览器,你也不想让他打开浏览器)。这时候就是我们要做的功能。我们这次以浏览器锁定为例,如图: 二、代码 可以看出我们是一个CheckBox,因此需要存值我们用到了Setting的provide
Android9 系统编译 禁止安装非指定的APK
adzcsx2的博客
01-20 2527
参考连接 android 添加安装权限白名单 我在这里仅仅是禁止 手机/平板 安装APK,没有禁止adb命令。 参照上面文章 2、packageInstaller的修改 最开始以为是framework/base/service里面的packageInstaller。 改了之后发现没有成功,后面才反应过来是packages/apps/PackageInstaller这个apk 因为android9点击安装包后,在右下角有安装、取消按钮,所以定位到安装按钮就行了 代码: packages/apps/Pac
Android 8.1移植:针对某个APK做到wifi和gprs分别做到允许和禁止两种策略
stay_foolish_one的专栏
05-11 260
https://blog.csdn.net/zengrunxiu/article/details/81027275
安卓使用root权限执行pm命令无法安装apk的解决办法
醉猫
01-19 4582
这个办法以前在一个大神的博客里面看见过,但是现在也找不到地址了,这类问题也很少发生,所以网上很难找到。今天做这类软件时找不到原来的demo,也找不到那个大神的帖子。所幸还遗留了一个当时的安装包,反编译得到源码。。 关键之处是执行pm命令时在命令pm前面加上LD_LIBRARY_PATH=/vendor/lib:/system/lib ,然后安装就不会失败了 在此做个笔记,方便以后用的时候直接查
APK安装过程及原理详解
热门推荐
Android 开发
09-01 5万+
应用程序包的安装android的特点 APKAndroidPackage的缩写 Android应用安装有如下四种方式: 1.系统应用安装――开机时完成,没有安装界面 2.网络下载应用安装――通过market应用完成,没有安装界面 3.ADB工具安装――没有安装界面。
Android11.0禁止安装apk功能
wzh048503的博客
12-03 2877
Android11.0禁止安装apk功能
浅谈安卓apk安装过程的设计模式
superjaingchao的专栏
03-12 264
最近一直在读安卓安装过程的源代码,也在博客分析了整个安装流程,但是只是一步步流水账的形式,对代码整体设计架构没涉及,但是看下来安卓framework的设计运用了大量设计模式思想,这种设计模式利于代码架构整体管理以及拓展,但是对于阅读学习分析的人尤其是没有设计模式基础的人来阅读带来了难度,今天针对其运用的一些设计模式做个简单分析,其不对之处还望大神指出,本文只是个人理解。 今天刚好看到在进行...
APK安装失败:[INSTALL_FAILED_VERIFICATION_FAILURE]
yzwfeng的专栏
05-27 1万+
APK安装失败:[INSTALL_FAILED_VERIFICATION_FAILURE]
Android 框架实现分析 - 应用 - 细节
luansxx的专栏
10-28 859
关键目录 应用信息存放结构: /etc/ permissions/ *.xml(系统权限信息) /data/(android_data_dir,ENV:ANDROID_DATA) app/(android_app_dir,APP_SUBDIR) app-private/(android_app_private_dir,PRIVATE_APP_SUBDIR) app-lib/(android_app_lib_dir,APP_LIB_SUBDIR) c...
android 4.4 授信安装
haozhenghui10的专栏
08-31 1275
android4.4 授信安装,只能安装指定证书的应用 如果打开设置–>安全–>验证应用 后,系统安装apk时默认会检查系统是否存在符合条件的广播接受者,然后发送apk信息。这个广播接受者可以完成验证安装。 我们的思路是在系统新建一个ContentResolver 用于存储系统支持的应用证书信息。apk安装的时候会查询并校验apk。确定是否同意安装。 packageManagerSer
PackageManagerService(Android5.1)深入分析(四)安装应用
kc58236582的博客
01-15 6995
一、安装的Activity 在Android,通过发送Intent可以启动应用安装过程,如下所示: Uri uri = Uri.fromFile(new File(filename)); Intent inent = new Intent(Intent.ACTION_VIEW); intent.SetDataAndType(uri, application/vnd.android.packa
android系统广播有哪些
海纳百川Android的博客
09-08 4263
android系统广播有哪些呢,本文做一个整理。 Intent类里面有系统广播的名称的定义,系统广播都会有下面这样的注释 * This is a protected intent that can only be sent by the system. 有这样注释的广播的定义一共有52个,如下面所示: public static final String ACTION_INSTALL_E...
Android 完整的系统广播列表
最新发布
zhangyiminsunshine的博客
02-07 5371
完整的文件路径在 Android SDK/platforms//data/broadcast_actions.txtandroid.accounts.LOGIN_ACCOUNTS_CHANGED android.accounts.action.ACCOUNT_REMOVED android.app.action.ACTION_PASSWORD_CHANGED android.app.action.ACTION_PASSWORD_EXPIRING android.app.ac
Google pay默认支付(payment)应用之二 -TpHceService默认被disable原因
u013398960的博客
04-07 1672
PackageManager setComponentEnabledSetting. Google Pay默认无法设置默认支付应用. Google Pay服务被disable. TpHceService默认被disable原因.
Android SDK-关键文件-activity_actions.txt
深度安全实验室
02-12 975
activity_actions.txt
android 6.0 权限
LX. 的专栏
07-22 2469
android 6.0开发随记在开发过程,如果在 AndroidManifest.xml 文件里面配置了android:targetSdkVersion=”23” ,或者Gradle 配置了targetSdkVersion 23 ,没有对这些危险权限进行妥善处理,app将会crash,那么在此提供了一个 eclipse版本和android studio 版的 Demo各一个。 eclipse版本
Android 10.0 PackageManagerService(四)APK安装流程-[Android取经之路]
纸上得来终觉浅,绝知此事要躬行
06-10 1750
[Android取经之路] 的源码都基于Android-Q(10.0) 进行分析 [Android取经之路] 系列文章: 《系统启动篇》 Android系统架构 Android是怎么启动的 Android 10.0系统启动之init进程 Android10.0系统启动之Zygote进程 Android 10.0 系统启动之SystemServer进程 Android 10.0 系统服务之ActivityMnagerService Android10.0系统启动之Launcher(桌面)启动流程 And
Android静态安全检测 -> PendingIntent误用风险
4lwin博客
07-19 6032
PendingIntent误用风险 - android.app.PendingIntent 1. API 继承关系 java.lang.Object android.app.PendingIntent 主要方法 getActivity(Context context, int requestCode, Intent in
Android PKMS拦截adb安装应用
kc58236582的博客
01-22 3053
我们再PKMS汇总拦截adb 安装应用,在分析PKMS的时候我们也知道,在installPackageAsUser有如下代码,代表是adb安装的。 if ((callingUid == Process.SHELL_UID) || (callingUid == Process.ROOT_UID)) { installFlags |= PackageMan...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

假装多好123

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值