- 1【Pygame系列一】吃豆人、魂斗罗等多款老游戏,80、90后的你玩过几个?(附素材源码)_pygame做的著名游戏
- 2align与valign区别_valign和align区别
- 3大数据技术SpringBoot框架---实现前后端分离(MVC)对数据进行可视化_springboot框架是大数据框架吗
- 4ElementUI Form:Cascader 级联选择器
- 5Office365—>Microsoft365,4.22正式更名,新增功能有哪些?_microsoft365我的权益
- 6关于Android启动页全屏的解决方案_android 开机启动页 覆盖整个屏幕
- 7【Python爬虫】项目案例讲解,一步步教你爬取淘宝商品数据!_淘宝爬虫
- 8碳中和丨InVEST模型高级进阶及在生态系统服务供需、碳中和等领域中的具体应用_invest做固碳释氧数据输入
- 9Node.JS后端开发基础_nodejs后端开发
- 10050-Java中DataInputStream和DataOutputStream使用详解_java datainputstream
Android PackageManagerService总结(四) APK安装流程_android 系统应用安装过程
赞
踩
一. 概述
PackageManagerService(简称PKMS),是Android系统中核心服务之一,管理着所有与package相关的工作,常见的比如安装、卸载应用, 信息查询等工作, 主要完成以下核心功能
1. 解析AndroidManifest.xml清单文件,解析清单文件中的所有节点信息
2. 扫描本地文件,主要针对apk,主要是系统应用、本地安装应用等。
3. 管理本地apk,主要包括安装、删除等等
4. 管理设备上安装的所有应用程序,并在系统启动时加载应用程序
5. 根据请求的Intent匹配到对应的Activity、Provider、Service,提供包含包名和Component的信息对象
6. 调用需要权限的系统函数时,检查程序是否具备相应权限从而保证系统安全
7. 提供应用程序的安装、卸载的接口
本篇文章重点介绍一下apk安装流程
二. 安装apk的方式
Android应用安装有如下四种方式:
1. 系统应用和预制应用安装――开机时完成,没有安装界面,在PKMS的构造函数中完成安装;
2. 网络下载应用安装――通过应用商店应用完成,调用PackageManager.installPackages(),有安装界面;
3. ADB工具安装――没有安装界面,它通过启动pm脚本的形式,然后调用com.android.commands.pm.Pm类,之后调用到PKMS.installStage()完成安装;
4. 第三方应用安装――通过SD卡里的APK文件安装,有安装界面,由packageinstaller.apk应用处理安装及卸载过程的界面。
上述几种方式均通过PackageInstallObserver来监听安装是否成功
三. apk文件结构
生成的APK文件本质还是一个zip文件,只不过被Google强行修改了一下后缀名称而已。所以我们将APK的后缀修改成.zip就可以查看其包含的内容了.
1)主要有7部分组成 (下图来源于其他作者博客: Android apk结构分析 )
2)META-INF目录下3个重要文件
3)res目录下的文件说明
细节说明:
META-INF:关于签名的信息存放,应用安装验证签名的时候会验证该文件里面的信息, 里面的资源文件,是被编译过的。raw和图片是保持原样的,但是其他的文件会被编译成二进制文件。
res: 这里面的资源是不经过编译原样打包进来的
AndroidManifest.xml:程序全局配置文件。该文件是每个应用程序都必须定义和包含的文件,它描述了应用程序的名字、版本、权限、引用的库文件等等信息。
classes.dex:Dalvik字节码文件,Android会将所有的class文件全部放到这一个文件里。
resources.arsc:编译后的二进制资源文件,保存资源文件的索引,由aapt生成
lib: 如果存在的话,存放的是ndk编出来的so库
四. apk安装过程
这里我们主要来讲解下载APK后,点击进行安装的过程, 整体上来说,大致分为4个步骤:
1. 将APK的信息通过IO流的形式写入到PackageInstaller.Session中;
2. 调用PackageInstaller.Session的commit方法,将APK的信息交由PKMS处理;
3. 拷贝APK;
4. 安装apk.
整个过程涉及到3个跨进程通信的Binder
| 客户端 | 跨进程通信AIDL文件 | 服务端 |
| PackageManager(抽象类) 它的实现类:ApplicationPackageManager | IPackageManager.aidl | PKMS |
| PackageInstaller | IPackageInstaller.aidl | PackageInstallerService |
| PackageInstaller.Session | IPackageInstallerSession.aidl | PackageInstallerSession |
APK从应用市场下载后点击安装, 则会跳转到(com.android.packageinstaller) PackageInstaller.apk 的安装界面上,供用户选择安装或取消, 笔者之前也分析过前半段的流程,是怎么跳转到PackageInstaller.apk 的安装界面中, 请查阅:
Android PackageManagerService 总结(一)应用市场下载安装apk流程
4.1 点击安装后到完成APK的拷贝流程
先画下本小结的时序图:
点击一个未安装的apk后,会弹出安装界面,点击确定按钮后,会进入PackageInstallerActivity.java的bindUI()中的mAlert点击事件,点击apk后,弹出的安装界面底部显示的是一个Dialog,主要由bindUI构成,上面有取消和安装两个按钮,点击安装之后调用startInstall()进行安装。bindUI方法的代码如下:
/frameworks/base/packages/apps/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
- private void bindUi() {
- mAlert.setIcon(mAppSnippet.icon);
- mAlert.setTitle(mAppSnippet.label);
- mAlert.setView(R.layout.install_content_view);
- mAlert.setButton(DialogInterface.BUTTON_POSITIVE, getString(R.string.install),
- (ignored, ignored2) -> {
- if (mOk.isEnabled()) {
- if (mSessionId != -1) {
- mInstaller.setPermissionsResult(mSessionId, true);
- finish();
- } else {
- // 进行APK的安装, 重要关键代码
- startInstall();
- }
- }
- }, null);
- mAlert.setButton(DialogInterface.BUTTON_NEGATIVE, getString(R.string.cancel),
- (ignored, ignored2) -> {
- // Cancel and finish
- setResult(RESULT_CANCELED);
- if (mSessionId != -1) {
- // 如果mSessionId存在,执行setPermissionResult()完成取消安装
- mInstaller.setPermissionsResult(mSessionId, false);
- }
- finish();
- }, null);
- setupAlert();
-
- mOk = mAlert.getButton(DialogInterface.BUTTON_POSITIVE);
- mOk.setEnabled(false);
-
- if (!mOk.isInTouchMode()) {
- mAlert.getButton(DialogInterface.BUTTON_NEGATIVE).requestFocus();
- }
- }
接下来看看 startInstall()方法, 封装了一个Intent 跳转到 InstallInstalling.java文件中
/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/InstallInstalling.java
- private void startInstall() {
- Intent newIntent = new Intent();
- ...
- newIntent.setClass(this, InstallInstalling.class);
- ...
- startActivity(newIntent);
- }
InstallInstalling 的Activity启动后,进入onCreate方法
- protected void onCreate(@Nullable Bundle savedInstanceState) {
-
- ....
- if ("package".equals(mPackageURI.getScheme())) {
- try {
- getPackageManager().installExistingPackage(appInfo.packageName);
- launchSuccess();
- } catch (PackageManager.NameNotFoundException e) {
- launchFailure(PackageManager.INSTALL_FAILED_INTERNAL_ERROR, null);
- }
- } else {
- //根据mPackageURI创建一个对应的File
- final File sourceFile = new File(mPackageURI.getPath());
-
- // 1. 如果savedInstanceState不为null,获取此前保存的mSessionId和mInstallId,
- // 其中mSessionId是安装包的会话Id,mInstallId是等待安装的事件Id
- if (savedInstanceState != null) {
- mSessionId = savedInstanceState.getInt(SESSION_ID);
- mInstallId = savedInstanceState.getInt(INSTALL_ID);
-
- // Reregister for result; might instantly call back if result was delivered while
- // activity was destroyed
- try {
- // 2. 根据mInstallId向InstallEventReceiver注册一个观察者,
- // launchFinishBasedOnResult会接收到安装事件的回调,无论安装成功还是失败
- // 都会关闭当前的Activity(InstallInstalling)。如果savedInstanceState为null,代码的逻辑也是类似的
- InstallEventReceiver.addObserver(this, mInstallId,
- this::launchFinishBasedOnResult);
- } catch (EventResultPersister.OutOfIdsException e) {
- // Does not happen
- }
- ....
- } else {
- //3. 创建SessionParams,它用来代表安装会话的参数,组装params
- PackageInstaller.SessionParams params = new PackageInstaller.SessionParams(
- PackageInstaller.SessionParams.MODE_FULL_INSTALL);
- params.setInstallAsInstantApp(false);
- params.setReferrerUri(getIntent().getParcelableExtra(Intent.EXTRA_REFERRER));
- params.setOriginatingUri(getIntent()
- .getParcelableExtra(Intent.EXTRA_ORIGINATING_URI));
- params.setOriginatingUid(getIntent().getIntExtra(Intent.EXTRA_ORIGINATING_UID,
- UID_UNKNOWN));
- params.setInstallerPackageName(getIntent().getStringExtra(
- Intent.EXTRA_INSTALLER_PACKAGE_NAME));
- params.setInstallReason(PackageManager.INSTALL_REASON_USER);
- // 4. 根据mPackageUri对包进行轻量级的解析,并将解析的参数赋值给SessionParams
- File file = new File(mPackageURI.getPath());
- try {
- PackageParser.PackageLite pkg = PackageParser.parsePackageLite(file, 0);
- params.setAppPackageName(pkg.packageName);
- //设置apk的安装路径
- params.setInstallLocation(pkg.installLocation);
- //设置apk的大小
- params.setSize(
- PackageHelper.calculateInstalledSize(pkg, false, params.abiOverride));
-
-
- ....
- //5. 向InstallEventReceiver注册一个观察者返回一个新的mInstallId,
- // 其中InstallEventReceiver继承自BroadcastReceiver,用于接收安装事件
- // 并回调给EventResultPersister
- try {
- mInstallId = InstallEventReceiver
- .addObserver(this, EventResultPersister.GENERATE_NEW_ID,
- this::launchFinishBasedOnResult);
- } catch (EventResultPersister.OutOfIdsException e) {
- launchFailure(PackageManager.INSTALL_FAILED_INTERNAL_ERROR, null);
- }
-
- ....
- try {
- // 6. PackageInstaller的createSession方法内部会通过IPackageInstaller与
- // PackageInstallerService进行进程间通信,最终调用的是
- // PackageInstallerService的createSession方法阿里创建并返回mSessionId
- mSessionId = getPackageManager().getPackageInstaller().createSession(params);
- } catch (IOException e) {
- launchFailure(PackageManager.INSTALL_FAILED_INTERNAL_ERROR, null);
- }
- .....
- }
再来总结一下上面onCreate方法中所做的工作:
主要分为6步:
1. 如果savedInstanceState不为null,获取此前保存的mSessionId和mInstallId,其中mSessionId是安装包的会话Id,mInstallId是等待的安装事件Id
2. 根据mInstallId向InstallEventReceiver注册一个观察者,launchFinishBasedOnResult会接收到安装事件的回调,无论安装成功或者是安装失败都会关闭当前的Activity(InstallInstalling)。如果saveInstanceState为null,代码的逻辑也是类似的。
3. 创建SessionParams,它用来代表安装会话的参数,组装Params
4. 根据mPackageUri对包(APK)进行轻量级的解析,并将解析的参数赋值SessionParams
5. 向InstallEventReceiver注册一个观察者返回一个新的mInstallId
6. PackageInstaller的createSession方法内部会通过IPackageInstallerService进行进程间通信,最终调用的是PackageInstallerService的createSession方法来创建并返回mSessionId
接下来继续分析 InstallInstalling.java 的onResume()方法
- @Override
- protected void onResume() {
- super.onResume();
- ...
- if (sessionInfo != null && !sessionInfo.isActive()) {
- // 创建内部类InstallingAsyncTask的对象,调用execute(),最终进入onPostExecute()方法
- mInstallingTask = new InstallingAsyncTask();
- mInstallingTask.execute();
- } else {
- // we will receive a broadcast when the install is finished
- mCancelButton.setEnabled(false);
- setFinishOnTouchOutside(false);
- }
- ...
- }
InstallingAsyncTask 的DoInBackground()会根据包(APK)的Uri,将APK的信息通过IO流的形式写入到PackageInstaller.Session中, 最后在onPostExecute()中调用PackageInstaller.Session的commit方法,进行安装。只贴出关键代码
- private final class InstallingAsyncTask extends AsyncTask<Void, Void,
- PackageInstaller.Session> {
-
- PackageInstaller.Session session;
- try {
- session = getPackageManager().getPackageInstaller().openSession(mSessionId);
- } catch (IOException e) {
- return null;
- }
-
- session.setStagingProgress(0);
-
- try (InputStream in = new FileInputStream(file)) {
- long sizeBytes = file.length();
- try (OutputStream out = session
- .openWrite("PackageInstaller", 0, sizeBytes)) {
- byte[] buffer = new byte[1024 * 1024];
- while (true) {
- int numRead = in.read(buffer);
-
- if (numRead == -1) {
- session.fsync(out);
- break;
- }
-
- if (isCancelled()) {
- session.close();
- break;
- }
- // 将APK的信息通过IO流的形式写入到PackageInstaller.Session中
- out.write(buffer, 0, numRead);
- if (sizeBytes > 0) {
- float fraction = ((float) numRead / (float) sizeBytes);
- session.addProgress(fraction);
- }
- }
- }
- }
-
-
- @Override
- protected void onPostExecute(PackageInstaller.Session session) {
- ..... // 调用PackageInstaller.Session的commit方法,进行安装
- session.commit(pendingIntent.getIntentSender());
- }
- ....
- }
接着看一下PackageInstaller.Session的commit方法, 通过IPackageInstallerSession.aidl 跨进程通信,调用 PackageInstallerSession.java 中的commit方法
/frameworks/base/services/core/java/com/android/server/pm/PackageInstallerSession.java
- public void commit(@NonNull IntentSender statusReceiver, boolean forTransfer) {
- ...
- //调用markAsCommitted()
- if (!markAsCommitted(statusReceiver, forTransfer)) {
- return;
- }
-
-
- mHandler.obtainMessage(MSG_COMMIT).sendToTarget();
- ...
- }
markAsCommitted方法中会将包的信息封装为PackageInstallObserverAdapter ,它在PKMS中被定义,然后返回到commit()中,向Handler发送一个类型为MSG_COMMIT的消息
我们接着看消息处理的方法
- private final Handler.Callback mHandlerCallback = new Handler.Callback() {
- @Override
- public boolean handleMessage(Message msg) {
- switch (msg.what) {
- case MSG_COMMIT:
- handleCommit();
- break;
- ....
- }
接下来看handleCommit 方法
- private void handleCommit() {
- .....
- synchronized (mLock) {
- commitNonStagedLocked(childSessions);
- }
- ....
- }
commitNonStagedLocked()中首先 调用了PackageInstallObserver的 onPackageInstalled方法,将Complete 方法出现的PackageManagerException的异常信息回调给PackageInstallObserverAdapter.
- @GuardedBy("mLock")
- private void commitNonStagedLocked(List<PackageInstallerSession> childSessions)
- throws PackageManagerException {
- ....
- if (!success) {
- try {
- mRemoteObserver.onPackageInstalled(
- null, failure.error, failure.getLocalizedMessage(), null);
- } catch (RemoteException ignored) {
- }
- return;
- }
- //最终调用这个方法
- mPm.installStage(activeChildSessions);
- ....
- }
最终调用installStage(),进入PKMS中
frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
- void installStage(List<ActiveInstallSession> children)
- throws PackageManagerException {
- final Message msg = mHandler.obtainMessage(INIT_COPY);
- .....
- mHandler.sendMessage(msg);
- .....
- }
看消息处理的地方
- void doHandleMessage(Message msg) {
- switch (msg.what) {
- case INIT_COPY: {
- HandlerParams params = (HandlerParams) msg.obj;
- if (params != null) {
- if (DEBUG_INSTALL) Slog.i(TAG, "init_copy: " + params);
- Trace.asyncTraceEnd(TRACE_TAG_PACKAGE_MANAGER, "queueInstall",
- System.identityHashCode(params));
- Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "startCopy");
- //执行APK拷贝动作
- params.startCopy();
- Trace.traceEnd(TRACE_TAG_PACKAGE_MANAGER);
- }
- break;
- }
- ......
- }
在Handler中对INIT_COPY消息的处理中,调用了HandlerParams.startCopy方法。
- final void startCopy() {
- if (DEBUG_INSTALL) Slog.i(TAG, "startCopy " + mUser + ": " + this);
- handleStartCopy();
- handleReturnCode();
- }
handleStartCopy()需要执行下面几步:
1. 首先检查文件和cid是否已经生成,如果生成则设置installFlags
2. 检查空间大小,如果空间不够就会释放无用的控件
3. 覆盖原有安装位置的文件,并根据返回结果来确定函数的返回值,并设置installFlags
4. 确定是否有任何已安装的包安装器,如果有,则延迟检测。主要分三步:
1)首先新建一个验证Intent,然后设置相关的信息,
2)之后获取验证器列表
3)最后向每个验证器发送验证Intent。
- public void handleStartCopy() {
- int ret = PackageManager.INSTALL_SUCCEEDED;
-
- // 1. 首先检查文件和cid是否已经生成,如生成则设置installFlags
- if (origin.staged) {
- if (origin.file != null) {
- installFlags |= PackageManager.INSTALL_INTERNAL;
- } else {
- throw new IllegalStateException("Invalid stage location");
- }
- }
- .....
-
- // 2. 检查空间大小,如果空间不够则释放无用空间
- if (!origin.staged && pkgLite.recommendedInstallLocation
- == PackageHelper.RECOMMEND_FAILED_INSUFFICIENT_STORAGE) {
- // TODO: focus freeing disk space on the target device
- final StorageManager storage = StorageManager.from(mContext);
- final long lowThreshold = storage.getStorageLowBytes(
- Environment.getDataDirectory());
-
- final long sizeBytes = PackageManagerServiceUtils.calculateInstalledSize(
- origin.resolvedPath, packageAbiOverride);
- if (sizeBytes >= 0) {
- try {
- mInstaller.freeCache(null, sizeBytes + lowThreshold, 0, 0);
- pkgLite = PackageManagerServiceUtils.getMinimalPackageInfo(mContext,
- origin.resolvedPath, installFlags, packageAbiOverride);
- } catch (InstallerException e) {
- Slog.w(TAG, "Failed to free cache", e);
- }
- }
-
- if (pkgLite.recommendedInstallLocation
- == PackageHelper.RECOMMEND_FAILED_INVALID_URI) {
- pkgLite.recommendedInstallLocation
- = PackageHelper.RECOMMEND_FAILED_INSUFFICIENT_STORAGE;
- }
- }
-
-
- if (ret == PackageManager.INSTALL_SUCCEEDED) {
- .....
-
- {
- // 3. 覆盖原有安装位置的文件,并根据范湖结果来确定函数的返回值,
- // 并设置installFlags
- loc = installLocationPolicy(pkgLite);
- if (loc == PackageHelper.RECOMMEND_FAILED_VERSION_DOWNGRADE) {
- ret = PackageManager.INSTALL_FAILED_VERSION_DOWNGRADE;
- } else if (loc == PackageHelper.RECOMMEND_FAILED_WRONG_INSTALLED_VERSION) {
- ret = PackageManager.INSTALL_FAILED_WRONG_INSTALLED_VERSION;
- } else if (!onInt) {
- // Override install location with flags
- if (loc == PackageHelper.RECOMMEND_INSTALL_EXTERNAL) {
- // Set the flag to install on external media.
- installFlags &= ~PackageManager.INSTALL_INTERNAL;
- } else if (loc == PackageHelper.RECOMMEND_INSTALL_EPHEMERAL) {
- if (DEBUG_INSTANT) {
- Slog.v(TAG, "...setting INSTALL_EPHEMERAL install flag");
- }
- installFlags |= PackageManager.INSTALL_INSTANT_APP;
- installFlags &= ~PackageManager.INSTALL_INTERNAL;
- } else {
- // Make sure the flag for installing on external
- // media is unset
- installFlags |= PackageManager.INSTALL_INTERNAL;
- }
- }
- }
- }
-
- final InstallArgs args = createInstallArgs(this);
- mVerificationCompleted = true;
- mIntegrityVerificationCompleted = true;
- mEnableRollbackCompleted = true;
- mArgs = args;
-
- if (ret == PackageManager.INSTALL_SUCCEEDED) {
- final int verificationId = mPendingVerificationToken++;
-
- // Perform package verification (unless we are simply moving the package).
- if (!origin.existing) {
- PackageVerificationState verificationState =
- new PackageVerificationState(this);
- mPendingVerification.append(verificationId, verificationState);
- // 发送一个请求来检查包的完整性
- sendIntegrityVerificationRequest(verificationId, pkgLite, verificationState);
- // 向验证者发送验证包的请求
- ret = sendPackageVerificationRequest(
- verificationId, pkgLite, verificationState);
- }
- ...
-
- mRet = ret;
- }
在Android 11.0 中是通过sendPackageVerificationRequest来验证包的:
- int sendPackageVerificationRequest(
- int verificationId,
- PackageInfoLite pkgLite,
- PackageVerificationState verificationState) {
- int ret = INSTALL_SUCCEEDED;
-
- .....
-
- if (!origin.existing
- && isVerificationEnabled
- && (!isIncrementalInstall || !isV4Signed)) {
- // 4. 确定是否有任何已安装的包验证器,如有,则延迟检测。主要分三步:
- // 首先新建一个验证Intent,然后设置相关的信息,之后获取验证器列表
- // 最后向每个验证器发送验证Intent
- // 4.1 构造验证Intent
- final Intent verification = new Intent(
- Intent.ACTION_PACKAGE_NEEDS_VERIFICATION);
- verification.addFlags(Intent.FLAG_RECEIVER_FOREGROUND);
- verification.setDataAndType(Uri.fromFile(new File(origin.resolvedPath)),
- PACKAGE_MIME_TYPE);
- verification.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
-
- ....
-
- populateInstallerExtras(verification);
-
- // 4.2 获取验证器列表
- final List<ComponentName> sufficientVerifiers = matchVerifiers(pkgLite,
- receivers, verificationState);
-
- DeviceIdleInternal idleController =
- mInjector.getLocalDeviceIdleController();
- final long idleDuration = getVerificationTimeout();
- final BroadcastOptions options = BroadcastOptions.makeBasic();
- options.setTemporaryAppWhitelistDuration(idleDuration);
-
- /*
- * If any sufficient verifiers were listed in the package
- * manifest, attempt to ask them.
- */
- if (sufficientVerifiers != null) {
- final int n = sufficientVerifiers.size();
- if (n == 0) {
- Slog.i(TAG, "Additional verifiers required, but none installed.");
- ret = PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE;
- } else {
- for (int i = 0; i < n; i++) {
- final ComponentName verifierComponent = sufficientVerifiers.get(i);
- idleController.addPowerSaveTempWhitelistApp(Process.myUid(),
- verifierComponent.getPackageName(), idleDuration,
- verifierUser.getIdentifier(), false, "package verifier");
-
- // 4.3 向每个验证器发送验证Intent
- // 向验证器客户端发送Intent,只有当验证成功之后才开启copy工作
- // 如果没有任何验证器则直接拷贝
- final Intent sufficientIntent = new Intent(verification);
- sufficientIntent.setComponent(verifierComponent);
- mContext.sendBroadcastAsUser(sufficientIntent, verifierUser,
- /* receiverPermission= */ null,
- options.toBundle());
- }
- }
- }
-
- .....
-
- return ret;
- }
向验证器客户端发送Intent,只有当验证成功之后才会开启copy工作。如果没有任何验证器则直接拷贝。在handleReturnCode中调用copyApk()进行APK的拷贝工作。
- void handleReturnCode() {
- if (mVerificationCompleted
- && mIntegrityVerificationCompleted && mEnableRollbackCompleted) {
- if ((installFlags & PackageManager.INSTALL_DRY_RUN) != 0) {
- String packageName = "";
- ParseResult<PackageLite> result = ApkLiteParseUtils.parsePackageLite(
- new ParseTypeImpl(
- (changeId, packageName1, targetSdkVersion) -> {
- ApplicationInfo appInfo = new ApplicationInfo();
- appInfo.packageName = packageName1;
- appInfo.targetSdkVersion = targetSdkVersion;
- return mPackageParserCallback.isChangeEnabled(changeId,
- appInfo);
- }).reset(),
- origin.file, 0);
- if (result.isError()) {
- Slog.e(TAG, "Can't parse package at " + origin.file.getAbsolutePath(),
- result.getException());
- } else {
- packageName = result.getResult().packageName;
- }
- try {
- observer.onPackageInstalled(packageName, mRet, "Dry run", new Bundle());
- } catch (RemoteException e) {
- Slog.i(TAG, "Observer no longer exists.");
- }
- return;
- }
- if (mRet == PackageManager.INSTALL_SUCCEEDED) {
- // 调用copyApk方法
- mRet = mArgs.copyApk();
- }
- processPendingInstall(mArgs, mRet);
- }
- }
调用了InstallArgs.copyApk方法,最终会调用到FileInstallArgs.copyApk方法。
- int copyApk() {
- Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "copyApk");
- try {
- // 调用doCopyApk方法
- return doCopyApk();
- } finally {
- Trace.traceEnd(TRACE_TAG_PACKAGE_MANAGER);
- }
- }
-
- private int doCopyApk() {
-
- .....
-
- // 调用PackageManagerServiceUtils.copyPackage方法
- int ret = PackageManagerServiceUtils.copyPackage(
- origin.file.getAbsolutePath(), codeFile);
- if (ret != PackageManager.INSTALL_SUCCEEDED) {
- Slog.e(TAG, "Failed to copy package");
- return ret;
- }
-
- .....
-
- return ret;
- }
在doCopyApk方法中调用了PackageManagerServiceUtils.copyPackage方法,其代码如下:
frameworks/base/services/core/java/com/android/server/pm/PackageManagerServiceUtils.java
- public static int copyPackage(String packagePath, File targetDir) {
- if (packagePath == null) {
- return PackageManager.INSTALL_FAILED_INVALID_URI;
- }
-
- try {
- final File packageFile = new File(packagePath);
- final PackageParser.PackageLite pkg = PackageParser.parsePackageLite(packageFile, 0);
- copyFile(pkg.baseCodePath, targetDir, "base.apk");
- if (!ArrayUtils.isEmpty(pkg.splitNames)) {
- for (int i = 0; i < pkg.splitNames.length; i++) {
- // 调用了copyFile方法
- copyFile(pkg.splitCodePaths[i], targetDir,
- "split_" + pkg.splitNames[i] + ".apk");
- }
- }
- return PackageManager.INSTALL_SUCCEEDED;
- } catch (PackageParserException | IOException | ErrnoException e) {
- Slog.w(TAG, "Failed to copy package at " + packagePath + ": " + e);
- return PackageManager.INSTALL_FAILED_INSUFFICIENT_STORAGE;
- }
- }
在copyFile方法中,通过文件流的操作,把APK拷贝到/data/app等目录
- private static void copyFile(String sourcePath, File targetDir, String targetName)
- throws ErrnoException, IOException {
- if (!FileUtils.isValidExtFilename(targetName)) {
- throw new IllegalArgumentException("Invalid filename: " + targetName);
- }
- Slog.d(TAG, "Copying " + sourcePath + " to " + targetName);
-
- final File targetFile = new File(targetDir, targetName);
- final FileDescriptor targetFd = Os.open(targetFile.getAbsolutePath(),
- O_RDWR | O_CREAT, 0644);
- Os.chmod(targetFile.getAbsolutePath(), 0644);
- FileInputStream source = null;
- try {
- source = new FileInputStream(sourcePath);
- FileUtils.copy(source.getFD(), targetFd);
- } finally {
- IoUtils.closeQuietly(source);
- }
- }
4.2 安装apk流程
APK拷贝完成后,进入真正的安装,时序图如下:
在上述handleReturnCode方法中,执行了copyApk方法后,最后又执行了processPendingInstall方法。
- private void processPendingInstall(final InstallArgs args, final int currentStatus) {
- if (args.mMultiPackageInstallParams != null) {
- args.mMultiPackageInstallParams.tryProcessInstallRequest(args, currentStatus);
- } else {
- // 1. 设置安装参数
- PackageInstalledInfo res = createPackageInstalledInfo(currentStatus);
- // 2. 创建一个新线程,处理安装参数,进行安装
- processInstallRequestsAsync(
- res.returnCode == PackageManager.INSTALL_SUCCEEDED,
- Collections.singletonList(new InstallRequest(args, res)));
- }
- }
-
- private void processInstallRequestsAsync(boolean success,
- List<InstallRequest> installRequests) {
- mHandler.post(() -> {
- if (success) {
- for (InstallRequest request : installRequests) {
- // 1. 如果之前安装失败,清除无用信息
- request.args.doPreInstall(request.installResult.returnCode);
- }
- synchronized (mInstallLock) {
- // 2. installPackagesTracedLI是安装过程的核心方法
- // 然后调用installPackagesLI进行安装
- installPackagesTracedLI(installRequests);
- }
- for (InstallRequest request : installRequests) {
- // 3. 如果之前安装失败,清除无用信息
- request.args.doPostInstall(
- request.installResult.returnCode, request.installResult.uid);
- }
- }
- for (InstallRequest request : installRequests) {
- restoreAndPostInstall(request.args.user.getIdentifier(), request.installResult,
- new PostInstallData(request.args, request.installResult, null));
- }
- });
- }
-
- int doPreInstall(int status) {
- if (status != PackageManager.INSTALL_SUCCEEDED) {
- // 清除无用信息
- cleanUp();
- }
- return status;
- }
-
- int doPostInstall(int status, int uid) {
- if (status != PackageManager.INSTALL_SUCCEEDED) {
- // 调用cleanUp清除无用信息
- cleanUp();
- }
- return status;
- }
在installPackagesLI方法中,以原子的方式安装一个或多个包。此操作分为四个阶段:
1)Prepare准备:分析任何当前安装状态,分析包并对其进行初始验证。
2)Scan 扫描:扫描分析准备阶段拿到的包
3) Reconcile 协调:包的扫描结果,用于协调可能向系统中添加的一个或多个包
4) Commit 提交:提交所有扫描的包并更新系统状态,这是安装流程中唯一可以修改系统状态的地方放,必须在此阶段之前确定所有的可预测的错误
5)完成APK的安装
- private void installPackagesLI(List<InstallRequest> requests) {
-
- .....
-
- // 1. Prepare 准备:分析任何当前安装状态,分析包并对其进行初始验证
- prepareResult = preparePackageLI(request.args, request.installResult);
-
- .....
-
- // 2. Scan 扫描:扫描分析准备阶段拿到的包
- final ScanResult result = scanPackageTracedLI(
- prepareResult.packageToScan, prepareResult.parseFlags,
- prepareResult.scanFlags, System.currentTimeMillis(),
- request.args.user, request.args.abiOverride);
- ....
-
- // 3. Reconcile 协调:包的扫描结果,用于协调可能向系统中添加的一个或多个包
- ReconcileRequest reconcileRequest = new ReconcileRequest(preparedScans, installArgs,
- installResults,
- prepareResults,
- mSharedLibraries,
- Collections.unmodifiableMap(mPackages), versionInfos,
- lastStaticSharedLibSettings);
-
- ......
-
- // 4. Commit 提交:提交所有扫描的包并更新系统状态。这是安装流程中唯一可以修改系统状态的地方,
- // 必须在此阶段之前确定所有的可预测的错误
- commitPackagesLocked(commitRequest);
-
- .....
-
- // 5. 完成APK的安装
- executePostCommitSteps(commitRequest);
-
- }
executePostCommitSteps 安装APK,并为新的代码路径准备应用程序配置文件,并在此检查是否需要dex优化。
如果是直接安装新包,会为新的代码路径准备应用程序配置文件;如果是替换安装,其主要过程为更新设置,清除原有的某些APP数据,重新生成相关的app数据目录等步骤,同时要区分系统应用替换和非系统应用替换。而安装新包,则直接更新设置,生成APP数据即可。
- [PackageManagerService.java] executePostCommitSteps()
-
- private void executePostCommitSteps(CommitRequest commitRequest) {
-
- for (ReconciledPackage reconciledPkg : commitRequest.reconciledPackages.values()) {
-
- ......
-
- 1) 进行安装
- prepareAppDataAfterInstallLIF(pkg);
- 2) 如果需要替换安装,则需要清除原有的App数据
- if (reconciledPkg.prepareResult.clearCodeCache) {
- clearAppDataLIF(pkg, UserHandle.USER_ALL, FLAG_STORAGE_DE | FLAG_STORAGE_CE
- | FLAG_STORAGE_EXTERNAL | Installer.FLAG_CLEAR_CODE_CACHE_ONLY);
- }
-
- ...
-
- 3) 为新的代码路径准备应用程序配置文件。这需要在调用dexopt之前完成,
- 以便任何安装时配置文件都可以用于优化
- mArtManagerService.prepareAppProfiles(
- pkg,
- resolveUserIds(reconciledPkg.installArgs.user.getIdentifier()),
- /* updateReferenceProfileContent= */ true);
-
- 4) 检查是否需要优化dex文件
- final boolean performDexopt =
- (!instantApp || Global.getInt(mContext.getContentResolver(),
- Global.INSTANT_APP_DEXOPT_ENABLED, 0) != 0)
- && !pkg.isDebuggable()
- && (!onIncremental);
-
- if (performDexopt) {
-
-
- 5) 执行dex优化
- mPackageDexOptimizer.performDexOpt(pkg, realPkgSetting,
- null /* instructionSets */,
- getOrCreateCompilerPackageStats(pkg),
- mDexManager.getPackageUseInfoOrDefault(packageName),
- dexoptOptions);
-
- }
-
-
- BackgroundDexOptService.notifyPackageChanged(packageName);
-
- notifyPackageChangeObserversOnUpdate(reconciledPkg);
- }
- }
PackageManagerService.prepareAppDataAfterInstallLIF()
通过一系列的调用,最终会调用到Installer.java的createAppData()方法进行安装,交给installed进程进行APK的安装。
调用过程如下:
prepareAppDataAfterInstallLIF()
|
prepareAppDataLIF()
|
prepareAppDataLeafLIF()
|
[Installer.java]
createAppData()
- private void prepareAppDataAfterInstallLIF(AndroidPackage pkg) {
-
- .....
-
- for (UserInfo user : mUserManager.getUsers(false /*excludeDying*/)) {
-
- ......
-
- if (ps.getInstalled(user.id)) {
- // TODO: when user data is locked, mark that we're still dirty
- prepareAppDataLIF(pkg, user.id, flags);
-
- }
- }
- }
-
-
- private void prepareAppDataLIF(AndroidPackage pkg, int userId, int flags) {
- if (pkg == null) {
- Slog.wtf(TAG, "Package was null!", new Throwable());
- return;
- }
- // 调用prepareAppDataLeafLIF方法
- prepareAppDataLeafLIF(pkg, userId, flags);
- }
-
-
- private void prepareAppDataLeafLIF(AndroidPackage pkg, int userId, int flags) {
-
- ......
-
- try {
- // 调用Install守护进程的入口
- ceDataInode = mInstaller.createAppData(volumeUuid, packageName, userId, flags,
- appId, seInfo, pkg.getTargetSdkVersion());
- } catch (InstallerException e) {
- if (pkg.isSystem()) {
- destroyAppDataLeafLIF(pkg, userId, flags);
- try {
- ceDataInode = mInstaller.createAppData(volumeUuid, packageName, userId,
- flags,appId, seInfo, pkg.getTargetSdkVersion());
-
- } catch (InstallerException e2) {
- ......
- }
- }
- }
- }
跳转到frameworks/base/services/core/java/com/android/server/pm/Installer.java中
-
-
- public long createAppData(String uuid, String packageName, int userId, int flags, int
- appId,String seInfo, int targetSdkVersion) throws InstallerException {
- if (!checkBeforeRemote()) return -1;
- try {
- // mInstalld为IInstall的对象,即通过Binder调用到进程installd,
- // 最终调用installd的createAppData()
- return mInstalld.createAppData(uuid, packageName, userId, flags, appId, seInfo,
- targetSdkVersion);
- } catch (Exception e) {
- throw InstallerException.from(e);
- }
- }
总结:
APK的安装主要分为以下四步:
1)将APK的信息通过IO流的形式写入到 PackageInstaller.Session中
2)调用PackageInstaller.Session的commit方法,将APK的信息交由PKMS处理。
3)拷贝APK
4)最后进行安装
最终是交给IInstalld守护进程进行真正的安装操作。
五. 参考文章
Android 10.0 PackageManagerService(四)APK安装流程-[Android取经之路]_writepackage.apk_IngresGe的博客-CSDN博客
Android 11.0 PackageManagerService(三)APK的安装过程_小小幸运儿的博客-CSDN博客
六. 待更新
Android10和Android11的apk安装流程大致是相同的, 可以根据时序图找到关键的代码,然后在定位分析解决bug的时候, 着重去看某个方法的细节. 供大家参考,谢谢
