android8-0-0源码分析-应用安装1

前言

apk安装分4种方式：

系统开机应用安装，安装的是系统应用。
adb安装
应用调用系统应用安装第三方apk包
静默安装

在代码里的实现其实就是如下两种：

PMS调用scanDirLI扫描安装
直接或间接调用installPackageAsUser安装，这个8.0下其实调用的是另一个函数

apk安装后主要体现在：
data/app:apk包-含优化后的oat与lib
data/data:数据目录

在本篇我们看下第一种系统启动时的安装流程。下一篇介绍第二种

分析

一张时序图：

介于大小问题图中执行长度不做对应。

dex的优化：
在SystemServer.java 中有mPackageManagerService.updatePackagesIfNeeded()
updatePackagesIfNeeded->performDexOptUpgrade->performDexOptTraced->performDexOptInternal->performDexOptInternalWithDependenciesLI->PackageDexOptimizer.performDexOpt->performDexOptLI->dexOptPath->Installer.dexopt->InstalldNativeService.dexopt->dexopt.dexopt

1.main

ZygoteInit fork启动SystemServer

frameworks\base\services\java\com\android\server\SystemServer.java

SystemServer.main


public static void main(String[] args) {
    new SystemServer().run();
}
public SystemServer() {
    // Check for factory test mode.
    mFactoryTestMode = FactoryTest.getMode();
    // Remember if it's runtime restart(when sys.boot_completed is already set) or reboot
    mRuntimeRestart = "1".equals(SystemProperties.get("sys.boot_completed"));
}

构建运行其run

2.run

SystemServer.run


  private void run() {
	
	
.......
 mSystemServiceManager = new SystemServiceManager(mSystemContext);
      // Start services.
      try {
          traceBeginAndSlog("StartServices");
          startBootstrapServices();
          startCoreServices();
          startOtherServices();
          SystemServerInitThreadPool.shutdown();
      } catch (Throwable ex) {
          Slog.e("System", "******************************************");
          Slog.e("System", "************ Failure starting system services", ex);
          throw ex;
      } finally {
          traceEnd();
      }
......
      // Loop forever.
      Looper.loop();
      throw new RuntimeException("Main thread loop unexpectedly exited");
  }

参数设置，启动各主要服务，启动循环处理服务。

3.startBootstrapServices

SystemServer.startBootstrapServices


  private void startBootstrapServices() {
 
// Wait for installd to finish starting up so that it has a chance to
      // create critical directories such as /data/user with the appropriate
      // permissions.  We need this to complete before we initialize other services.
      traceBeginAndSlog("StartInstaller");
      Installer installer = mSystemServiceManager.startService(Installer.class);
      traceEnd();
      ........启动ActivityManager Installer PowerManager等  Installer服务含有dex2oat优化！！！
      // Start the package manager.
      if (!mRuntimeRestart) {
          MetricsLogger.histogram(null, "boot_package_manager_init_start",
                  (int) SystemClock.elapsedRealtime());
      }
      traceBeginAndSlog("StartPackageManagerService");
      mPackageManagerService = PackageManagerService.main(mSystemContext, installer,
              mFactoryTestMode != FactoryTest.FACTORY_TEST_OFF, mOnlyCore);
      mFirstBoot = mPackageManagerService.isFirstBoot();
      mPackageManager = mSystemContext.getPackageManager();
      traceEnd();
      if (!mRuntimeRestart && !isFirstBootOrUpgrade()) {
          MetricsLogger.histogram(null, "boot_package_manager_init_ready",
                  (int) SystemClock.elapsedRealtime());
      }
      // Manages A/B OTA dexopting. This is a bootstrap service as we need it to rename
      // A/B artifacts after boot, before anything else might touch/need them.
      // Note: this isn't needed during decryption (we don't have /data anyways).
      if (!mOnlyCore) {
          boolean disableOtaDexopt = SystemProperties.getBoolean("config.disable_otadexopt",
                  false);
          if (!disableOtaDexopt) {
              traceBeginAndSlog("StartOtaDexOptService");
              try {
                  OtaDexoptService.main(mSystemContext, mPackageManagerService);
              } catch (Throwable e) {
                  reportWtf("starting OtaDexOptService", e);
              } finally {
                  traceEnd();
              }
          }
      }
.......
  }

启动了一系列服务。其中Installer用binder与installd原生服务通话。
其中一个服务：PackageManagerService.main

4.PackageManagerService.main

frameworks\base\services\core\java\com\android\server\pm\PackageManagerService.java

public static PackageManagerService main(Context context, Installer installer,
        boolean factoryTest, boolean onlyCore) {
    // Self-check for initial settings.
    PackageManagerServiceCompilerMapping.checkProperties();
    PackageManagerService m = new PackageManagerService(context, installer,
            factoryTest, onlyCore);
    m.enableSystemUserPackages();
    ServiceManager.addService("package", m);
    return m;
}

构建PackageManagerService对象。添加到ServiceManager中。

5.PackageManagerService

构建函数PackageManagerService：


  public PackageManagerService(Context context, Installer installer,
          boolean factoryTest, boolean onlyCore) {
.......
//保存了installer服务
mInstaller = installer;
      mPackageDexOptimizer = new PackageDexOptimizer(installer, mInstallLock, context,
              "*dexopt*");
      mDexManager = new DexManager(this, mPackageDexOptimizer, installer, mInstallLock);
      synchronized (mInstallLock) {
      // writer
      synchronized (mPackages) {
          mHandlerThread = new ServiceThread(TAG,
                  Process.THREAD_PRIORITY_BACKGROUND, true /*allowIo*/);
          mHandlerThread.start();
          mHandler = new PackageHandler(mHandlerThread.getLooper());
          mProcessLoggingHandler = new ProcessLoggingHandler();
          Watchdog.getInstance().addThread(mHandler, WATCHDOG_TIMEOUT);
          mDefaultPermissionPolicy = new DefaultPermissionGrantPolicy(this);
          mInstantAppRegistry = new InstantAppRegistry(this);
          File dataDir = Environment.getDataDirectory();
          mAppInstallDir = new File(dataDir, "app");
          mAppLib32InstallDir = new File(dataDir, "app-lib");
          mAsecInternalPath = new File(dataDir, "app-asec").getPath();
          mDrmAppPrivateInstallDir = new File(dataDir, "app-private");
          sUserManager = new UserManagerService(context, this,
                  new UserDataPreparer(mInstaller, mInstallLock, mContext, mOnlyCore), mPackages);
	
	......
	
          File frameworkDir = new File(Environment.getRootDirectory(), "framework");
          final VersionInfo ver = mSettings.getInternalVersion();
          mIsUpgrade = !Build.FINGERPRINT.equals(ver.fingerprint);
          if (mIsUpgrade) {
              logCriticalInfo(Log.INFO,
                      "Upgrading from " + ver.fingerprint + " to " + Build.FINGERPRINT);
          }
          // when upgrading from pre-M, promote system app permissions from install to runtime
          mPromoteSystemApps =
                  mIsUpgrade && ver.sdkVersion <= Build.VERSION_CODES.LOLLIPOP_MR1;
          // When upgrading from pre-N, we need to handle package extraction like first boot,
          // as there is no profiling data available.
          mIsPreNUpgrade = mIsUpgrade && ver.sdkVersion < Build.VERSION_CODES.N;
          mIsPreNMR1Upgrade = mIsUpgrade && ver.sdkVersion < Build.VERSION_CODES.N_MR1;
          // save off the names of pre-existing system packages prior to scanning; we don't
          // want to automatically grant runtime permissions for new system apps
          if (mPromoteSystemApps) {
              Iterator<PackageSetting> pkgSettingIter = mSettings.mPackages.values().iterator();
              while (pkgSettingIter.hasNext()) {
                  PackageSetting ps = pkgSettingIter.next();
                  if (isSystemApp(ps)) {
                      mExistingSystemPackages.add(ps.name);
                  }
              }
          }
          mCacheDir = preparePackageParserCache(mIsUpgrade);
          // Set flag to monitor and not change apk file paths when
          // scanning install directories.
          int scanFlags = SCAN_BOOTING | SCAN_INITIAL;
          if (mIsUpgrade || mFirstBoot) {
              scanFlags = scanFlags | SCAN_FIRST_BOOT_OR_UPGRADE;
          }
          // Collect vendor overlay packages. (Do this before scanning any apps.)
          // For security and version matching reason, only consider
          // overlay packages if they reside in the right directory.
          scanDirTracedLI(new File(VENDOR_OVERLAY_DIR), mDefParseFlags
                  | PackageParser.PARSE_IS_SYSTEM
                  | PackageParser.PARSE_IS_SYSTEM_DIR
                  | PackageParser.PARSE_TRUSTED_OVERLAY, scanFlags | SCAN_TRUSTED_OVERLAY, 0);
          mParallelPackageParserCallback.findStaticOverlayPackages();
          // Find base frameworks (resource packages without code).
          scanDirTracedLI(frameworkDir, mDefParseFlags
                  | PackageParser.PARSE_IS_SYSTEM
                  | PackageParser.PARSE_IS_SYSTEM_DIR
                  | PackageParser.PARSE_IS_PRIVILEGED,
                  scanFlags | SCAN_NO_DEX, 0);
          // Collected privileged system packages.
          final File privilegedAppDir = new File(Environment.getRootDirectory(), "priv-app");
          scanDirTracedLI(privilegedAppDir, mDefParseFlags
                  | PackageParser.PARSE_IS_SYSTEM
                  | PackageParser.PARSE_IS_SYSTEM_DIR
                  | PackageParser.PARSE_IS_PRIVILEGED, scanFlags, 0);
          // Collect ordinary system packages.
          final File systemAppDir = new File(Environment.getRootDirectory(), "app");
          scanDirTracedLI(systemAppDir, mDefParseFlags
                  | PackageParser.PARSE_IS_SYSTEM
                  | PackageParser.PARSE_IS_SYSTEM_DIR, scanFlags, 0);
          // Collect all vendor packages.
          File vendorAppDir = new File("/vendor/app");
          try {
              vendorAppDir = vendorAppDir.getCanonicalFile();
          } catch (IOException e) {
              // failed to look up canonical path, continue with original one
          }
          scanDirTracedLI(vendorAppDir, mDefParseFlags
                  | PackageParser.PARSE_IS_SYSTEM
                  | PackageParser.PARSE_IS_SYSTEM_DIR, scanFlags, 0);
          // Collect all OEM packages.
          final File oemAppDir = new File(Environment.getOemDirectory(), "app");
          scanDirTracedLI(oemAppDir, mDefParseFlags
                  | PackageParser.PARSE_IS_SYSTEM
                  | PackageParser.PARSE_IS_SYSTEM_DIR, scanFlags, 0);
	
	......
	
          ArrayList<PackageSetting> deletePkgsList = mSettings.getListOfIncompleteInstallPackagesLPr();
          for (int i = 0; i < deletePkgsList.size(); i++) {
              // Actual deletion of code and data will be handled by later
              // reconciliation step
              final String packageName = deletePkgsList.get(i).name;
              logCriticalInfo(Log.WARN, "Cleaning up incompletely installed app: " + packageName);
              synchronized (mPackages) {
                  mSettings.removePackageLPw(packageName);
              }
          }
          //delete tmp files
          deleteTempPackageFiles();
          // Remove any shared userIDs that have no associated packages
          mSettings.pruneSharedUsersLPw();
          if (!mOnlyCore) {
              EventLog.writeEvent(EventLogTags.BOOT_PROGRESS_PMS_DATA_SCAN_START,
                      SystemClock.uptimeMillis());
              scanDirTracedLI(mAppInstallDir, 0, scanFlags | SCAN_REQUIRE_KNOWN, 0);
              scanDirTracedLI(mDrmAppPrivateInstallDir, mDefParseFlags
                      | PackageParser.PARSE_FORWARD_LOCK,
                      scanFlags | SCAN_REQUIRE_KNOWN, 0);
	......
	
	
      } // synchronized (mPackages)
      } // synchronized (mInstallLock)
  }

用scanDirTracedLI扫描几个目录：

/system/framework
/system/app
/system/priv-app
/vendor/app
/data/app
/data/app-private

6.scanDirTracedLI

PackageManagerService.scanDirTracedLI:

  private void scanDirTracedLI(File dir, final int parseFlags, int scanFlags, long currentTime) {
      Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "scanDir [" + dir.getAbsolutePath() + "]");
      try {
          scanDirLI(dir, parseFlags, scanFlags, currentTime);
      } finally {
          Trace.traceEnd(TRACE_TAG_PACKAGE_MANAGER);
      }
  }
  private void scanDirLI(File dir, int parseFlags, int scanFlags, long currentTime) {
      final File[] files = dir.listFiles();
      if (ArrayUtils.isEmpty(files)) {
          Log.d(TAG, "No files in app dir " + dir);
          return;
      }
      if (DEBUG_PACKAGE_SCANNING) {
          Log.d(TAG, "Scanning app dir " + dir + " scanFlags=" + scanFlags
                  + " flags=0x" + Integer.toHexString(parseFlags));
      }
//平行解析器
      ParallelPackageParser parallelPackageParser = new ParallelPackageParser(
              mSeparateProcesses, mOnlyCore, mMetrics, mCacheDir,
              mParallelPackageParserCallback);
      // Submit files for parsing in parallel
      int fileCount = 0;
      for (File file : files) {
          final boolean isPackage = (isApkFile(file) || file.isDirectory())
                  && !PackageInstallerService.isStageName(file.getName());
          if (!isPackage) {
              // Ignore entries which are not packages
              continue;
          }
          parallelPackageParser.submit(file, parseFlags);  //解析为package入队列
          fileCount++;
      }
      // Process results one by one
      for (; fileCount > 0; fileCount--) {
          ParallelPackageParser.ParseResult parseResult = parallelPackageParser.take(); //从队列中取出
          Throwable throwable = parseResult.throwable;
          int errorCode = PackageManager.INSTALL_SUCCEEDED;
          if (throwable == null) {
              // Static shared libraries have synthetic package names
              if (parseResult.pkg.applicationInfo.isStaticSharedLibrary()) {
                  renameStaticSharedLibraryPackage(parseResult.pkg);
              }
              try {
                  if (errorCode == PackageManager.INSTALL_SUCCEEDED) {
				
				//解析安装，8.0下调用的是6个参数版的
                      scanPackageLI(parseResult.pkg, parseResult.scanFile, parseFlags, scanFlags,
                              currentTime, null);
						
						
                  }
              } catch (PackageManagerException e) {
                  errorCode = e.error;
                  Slog.w(TAG, "Failed to scan " + parseResult.scanFile + ": " + e.getMessage());
              }
          } else if (throwable instanceof PackageParser.PackageParserException) {
              PackageParser.PackageParserException e = (PackageParser.PackageParserException)
                      throwable;
              errorCode = e.error;
              Slog.w(TAG, "Failed to parse " + parseResult.scanFile + ": " + e.getMessage());
          } else {
              throw new IllegalStateException("Unexpected exception occurred while parsing "
                      + parseResult.scanFile, throwable);
          }
          // Delete invalid userdata apps
          if ((parseFlags & PackageParser.PARSE_IS_SYSTEM) == 0 &&
                  errorCode == PackageManager.INSTALL_FAILED_INVALID_APK) {
              logCriticalInfo(Log.WARN,
                      "Deleting invalid package at " + parseResult.scanFile);
              removeCodePathLI(parseResult.scanFile);
          }
      }
      parallelPackageParser.close();
  }

构建ParallelPackageParser对象，遍历目录文件，调用parallelPackageParser.submit解析，用scanPackageLI函数来对它进行更新解析和安装。

8.submit

parallelPackageParser.submit：

frameworks\base\services\core\java\com\android\server\pm\ParallelPackageParser.java

   public void submit(File scanFile, int parseFlags) {
       mService.submit(() -> {
           ParseResult pr = new ParseResult();
           Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "parallel parsePackage [" + scanFile + "]");
           try {
               PackageParser pp = new PackageParser();
               pp.setSeparateProcesses(mSeparateProcesses);
               pp.setOnlyCoreApps(mOnlyCore);
               pp.setDisplayMetrics(mMetrics);
               pp.setCacheDir(mCacheDir);
               pp.setCallback(mPackageParserCallback);
               pr.scanFile = scanFile;
               pr.pkg = parsePackage(pp, scanFile, parseFlags);
           } catch (Throwable e) {
               pr.throwable = e;
           } finally {
               Trace.traceEnd(TRACE_TAG_PACKAGE_MANAGER);
           }
           try {
               mQueue.put(pr);
           } catch (InterruptedException e) {
               Thread.currentThread().interrupt();
               // Propagate result to callers of take().
               // This is helpful to prevent main thread from getting stuck waiting on
               // ParallelPackageParser to finish in case of interruption
               mInterruptedInThread = Thread.currentThread().getName();
           }
       });
   }
@VisibleForTesting
   protected PackageParser.Package parsePackage(PackageParser packageParser, File scanFile,
           int parseFlags) throws PackageParser.PackageParserException {
       return packageParser.parsePackage(scanFile, parseFlags, true /* useCaches */);
   }

构建结果对象ParseResult pr = new ParseResult();
构建包解析器PackageParser pp = new PackageParser();的parsePackage方法对其解析，解析结果为PackageParser.Package存入pr.pkg将pr放入队列

12.parsePackage

PackageParser.parsePackage: 此后方法都是解析器的

frameworks\base\core\java\android\content\pm\PackageParser.java

   public Package parsePackage(File packageFile, int flags, boolean useCaches)
           throws PackageParserException {
       Package parsed = useCaches ? getCachedResult(packageFile, flags) : null;   //获取缓存结果
       if (parsed != null) {
           return parsed;
       }
       if (packageFile.isDirectory()) {
           parsed = parseClusterPackage(packageFile, flags);
       } else {
           parsed = parseMonolithicPackage(packageFile, flags);  //进一步分类解析apk
       }
       cacheResult(packageFile, flags, parsed);  //缓存结果
       return parsed;
	
   }
@Deprecated
   public Package parseMonolithicPackage(File apkFile, int flags) throws PackageParserException {
       final AssetManager assets = newConfiguredAssetManager();
       final PackageLite lite = parseMonolithicPackageLite(apkFile, flags);
       if (mOnlyCoreApps) {
           if (!lite.coreApp) {
               throw new PackageParserException(INSTALL_PARSE_FAILED_MANIFEST_MALFORMED,
                       "Not a coreApp: " + apkFile);
           }
       }
       try {
           final Package pkg = parseBaseApk(apkFile, assets, flags);   //加assets资源解析，但assets的路径是在？之前只是new但并没具体路径
           pkg.setCodePath(apkFile.getAbsolutePath());
           pkg.setUse32bitAbi(lite.use32bitAbi);
           return pkg;
       } finally {
           IoUtils.closeQuietly(assets);
       }
   }
private Package parseBaseApk(File apkFile, AssetManager assets, int flags)
           throws PackageParserException {
       final String apkPath = apkFile.getAbsolutePath();
       String volumeUuid = null;
       if (apkPath.startsWith(MNT_EXPAND)) {
           final int end = apkPath.indexOf('/', MNT_EXPAND.length());
           volumeUuid = apkPath.substring(MNT_EXPAND.length(), end);
       }
       mParseError = PackageManager.INSTALL_SUCCEEDED;
       mArchiveSourcePath = apkFile.getAbsolutePath();
       if (DEBUG_JAR) Slog.d(TAG, "Scanning base APK: " + apkPath);
       final int cookie = loadApkIntoAssetManager(assets, apkPath, flags);
       Resources res = null;
       XmlResourceParser parser = null;
       try {
           res = new Resources(assets, mMetrics, null);  //此时加入资源
           parser = assets.openXmlResourceParser(cookie, ANDROID_MANIFEST_FILENAME);
           final String[] outError = new String[1];
		
           final Package pkg = parseBaseApk(apkPath, res, parser, flags, outError);   //进一步调用parseBaseApk
      
           pkg.setVolumeUuid(volumeUuid);
           pkg.setApplicationVolumeUuid(volumeUuid);
           pkg.setBaseCodePath(apkPath);
           pkg.setSignatures(null);
           return pkg;
       } catch 
	......
   }

构建资源res = new Resources(assets, mMetrics, null); 构建xml解析器XmlResourceParser
进一步分类解析apk，调用到关键函数：
final Package pkg = parseBaseApk(apkPath, res, parser, flags, outError);解析AndroidMainifest.xml

16.parseBaseApk

PackageParser.parseBaseApk

private Package parseBaseApk(String apkPath, Resources res, XmlResourceParser parser, int flags,
            String[] outError) throws XmlPullParserException, IOException {
        final String splitName;
        final String pkgName;
		......
        final Package pkg = new Package(pkgName);
		
		
		//获取AndroidManifest的数组
        TypedArray sa = res.obtainAttributes(parser,
                com.android.internal.R.styleable.AndroidManifest);
		
		
		//读出版本等
        pkg.mVersionCode = pkg.applicationInfo.versionCode = sa.getInteger(
                com.android.internal.R.styleable.AndroidManifest_versionCode, 0);
        pkg.baseRevisionCode = sa.getInteger(
                com.android.internal.R.styleable.AndroidManifest_revisionCode, 0);
        pkg.mVersionName = sa.getNonConfigurationString(
                com.android.internal.R.styleable.AndroidManifest_versionName, 0);
        if (pkg.mVersionName != null) {
            pkg.mVersionName = pkg.mVersionName.intern();
        }
		
		
		//是否核心
        pkg.coreApp = parser.getAttributeBooleanValue(null, "coreApp", false);
		//回收
        sa.recycle();
        return parseBaseApkCommon(pkg, null, res, parser, flags, outError);
    }
	
	
	
    /**
     * This is the common parsing routing for handling parent and child
     * packages in a base APK. The difference between parent and child
     * parsing is that some tags are not supported by child packages as
     * well as some manifest attributes are ignored. The implementation
     * assumes the calling code has already handled the manifest tag if needed
     * (this applies to the parent only).
     *
     * @param pkg The package which to populate
     * @param acceptedTags Which tags to handle, null to handle all
     * @param res Resources against which to resolve values
     * @param parser Parser of the manifest
     * @param flags Flags about how to parse
     * @param outError Human readable error if parsing fails
     * @return The package if parsing succeeded or null.
     *
     * @throws XmlPullParserException
     * @throws IOException
     */
    private Package parseBaseApkCommon(Package pkg, Set<String> acceptedTags, Resources res,
            XmlResourceParser parser, int flags, String[] outError) throws XmlPullParserException,
            IOException {
        mParseInstrumentationArgs = null;
        mParseActivityArgs = null;
        mParseServiceArgs = null;
        mParseProviderArgs = null;
        int type;
        boolean foundApp = false;
		//AndroidManifest
        TypedArray sa = res.obtainAttributes(parser,
                com.android.internal.R.styleable.AndroidManifest);
				
        String str = sa.getNonConfigurationString(
                com.android.internal.R.styleable.AndroidManifest_sharedUserId, 0);
		......
        // Resource boolean are -1, so 1 means we don't know the value.
        int supportsSmallScreens = 1;
        int supportsNormalScreens = 1;
        int supportsLargeScreens = 1;
        int supportsXLargeScreens = 1;
        int resizeable = 1;
        int anyDensity = 1;
        int outerDepth = parser.getDepth();
		
		//解析AndroidMainifest的各个标签
        while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
                && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
            if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
                continue;
            }
            String tagName = parser.getName();
            if (acceptedTags != null && !acceptedTags.contains(tagName)) {
                Slog.w(TAG, "Skipping unsupported element under <manifest>: "
                        + tagName + " at " + mArchiveSourcePath + " "
                        + parser.getPositionDescription());
                XmlUtils.skipCurrentTag(parser);
                continue;
            }
			//application
            if (tagName.equals(TAG_APPLICATION)) {
                if (foundApp) {
                    if (RIGID_PARSER) {
                        outError[0] = "<manifest> has more than one <application>";
                        mParseError = PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED;
                        return null;
                    } else {
                        Slog.w(TAG, "<manifest> has more than one <application>");
                        XmlUtils.skipCurrentTag(parser);
                        continue;
                    }
                }
                foundApp = true;
                if (!parseBaseApplication(pkg, res, parser, flags, outError)) {
                    return null;
                }
            } else if (tagName.equals(TAG_OVERLAY)) {
				......
            } else if (tagName.equals(TAG_KEY_SETS)) {
                if (!parseKeySets(pkg, res, parser, outError)) {
                    return null;
                }
            } else if (tagName.equals(TAG_PERMISSION_GROUP)) {
                if (!parsePermissionGroup(pkg, flags, res, parser, outError)) {
                    return null;
                }
            } else if (tagName.equals(TAG_PERMISSION)) {
                if (!parsePermission(pkg, res, parser, outError)) {
                    return null;
                }
				
				......
				
			else {
                Slog.w(TAG, "Unknown element under <manifest>: " + parser.getName()
                        + " at " + mArchiveSourcePath + " "
                        + parser.getPositionDescription());
                XmlUtils.skipCurrentTag(parser);
                continue;
            }
        }
		......
		
        return pkg;
    }

解析AndroidMainifest的工作主要在这里

9.scanPackageLI

PackageManagerService.scanDirLI最后调用这个安装apk，之前是xml的解析

PackageManagerService.scanPackageLI
frameworks\base\services\core\java\com\android\server\pm\PackageManagerService.java


/**
 *  Scans a package and returns the newly parsed package.
 *  @throws PackageManagerException on a parse error.
 */
private PackageParser.Package scanPackageLI(PackageParser.Package pkg, File scanFile,
        final int policyFlags, int scanFlags, long currentTime, @Nullable UserHandle user)
        throws PackageManagerException {
    // If the package has children and this is the first dive in the function
    // we scan the package with the SCAN_CHECK_ONLY flag set to see whether all
    // packages (parent and children) would be successfully scanned before the
    // actual scan since scanning mutates internal state and we want to atomically
    // install the package and its children.
    if ((scanFlags & SCAN_CHECK_ONLY) == 0) {
        if (pkg.childPackages != null && pkg.childPackages.size() > 0) {
            scanFlags |= SCAN_CHECK_ONLY;
        }
    } else {
        scanFlags &= ~SCAN_CHECK_ONLY;
    }
    // Scan the parent
    PackageParser.Package scannedPkg = scanPackageInternalLI(pkg, scanFile, policyFlags,
            scanFlags, currentTime, user);
    // Scan the children
    final int childCount = (pkg.childPackages != null) ? pkg.childPackages.size() : 0;
    for (int i = 0; i < childCount; i++) {
        PackageParser.Package childPackage = pkg.childPackages.get(i);
        scanPackageInternalLI(childPackage, scanFile, policyFlags, scanFlags,
                currentTime, user);
    }
    if ((scanFlags & SCAN_CHECK_ONLY) != 0) {
        return scanPackageLI(pkg, scanFile, policyFlags, scanFlags, currentTime, user);
    }
    return scannedPkg;
}

调用scanPackageInternalLI更新解析包。
该函数扫描并返回新的解析过的包。

11.scanPackageInternalLI

PackageManagerService.scanPackageInternalLI


  /**
   *  Scans a package and returns the newly parsed package.
   *  @throws PackageManagerException on a parse error.
   */
  private PackageParser.Package scanPackageInternalLI(PackageParser.Package pkg, File scanFile,
          int policyFlags, int scanFlags, long currentTime, @Nullable UserHandle user)
          throws PackageManagerException {
......各种判断更新app包pkg的操作。
      // The apk is forward locked (not public) if its code and resources
      // are kept in different files. (except for app in either system or
      // vendor path).
      // TODO grab this value from PackageSettings
      if ((policyFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) {
          if (ps != null && !ps.codePath.equals(ps.resourcePath)) {
              policyFlags |= PackageParser.PARSE_FORWARD_LOCK;
          }
      }
      // TODO: extend to support forward-locked splits
      String resourcePath = null;
      String baseResourcePath = null;
      if ((policyFlags & PackageParser.PARSE_FORWARD_LOCK) != 0 && !updatedPkgBetter) {
          if (ps != null && ps.resourcePathString != null) {
              resourcePath = ps.resourcePathString;
              baseResourcePath = ps.resourcePathString;
          } else {
              // Should not happen at all. Just log an error.
              Slog.e(TAG, "Resource path not set for package " + pkg.packageName);
          }
      } else {
          resourcePath = pkg.codePath;
          baseResourcePath = pkg.baseCodePath;
      }
      // 明确app各路径
      pkg.setApplicationVolumeUuid(pkg.volumeUuid);
      pkg.setApplicationInfoCodePath(pkg.codePath);
      pkg.setApplicationInfoBaseCodePath(pkg.baseCodePath);
      pkg.setApplicationInfoSplitCodePaths(pkg.splitCodePaths);
      pkg.setApplicationInfoResourcePath(resourcePath);
      pkg.setApplicationInfoBaseResourcePath(baseResourcePath);
      pkg.setApplicationInfoSplitResourcePaths(pkg.splitCodePaths);
      final int userId = ((user == null) ? 0 : user.getIdentifier());
      if (ps != null && ps.getInstantApp(userId)) {
          scanFlags |= SCAN_AS_INSTANT_APP;
      }
      // Note that we invoke the following method only if we are about to unpack an application
//请注意，仅当我们要解压缩应用程序时，才会调用以下方法
      PackageParser.Package scannedPkg = scanPackageLI(pkg, policyFlags, scanFlags
              | SCAN_UPDATE_SIGNATURE, currentTime, user);
      /*
       * If the system app should be overridden by a previously installed
       * data, hide the system app now and let the /data/app scan pick it up
       * again.
       */
      if (shouldHideSystemApp) {
          synchronized (mPackages) {
              mSettings.disableSystemPackageLPw(pkg.packageName, true);
          }
      }
      return scannedPkg;
  }

scanPackageInternalLI方法是把扫描到的androidmainifest数据和之前在手机内扫描得到的数据做对比，然后进行pkg的进一步设置。返回新的包.
最后调用：

13.scanPackageLI

参数5且首为package的scanPackageLI


  private PackageParser.Package scanPackageLI(PackageParser.Package pkg, final int policyFlags,
          int scanFlags, long currentTime, @Nullable UserHandle user)
                  throws PackageManagerException {
      boolean success = false;
      try {
//安装核心函数
          final PackageParser.Package res = scanPackageDirtyLI(pkg, policyFlags, scanFlags,
                  currentTime, user);
          success = true;
          return res;
      } finally {
          if (!success && (scanFlags & SCAN_DELETE_DATA_ON_FAILURES) != 0) {
              // DELETE_DATA_ON_FAILURES is only used by frozen paths
              destroyAppDataLIF(pkg, UserHandle.USER_ALL,
                      StorageManager.FLAG_STORAGE_DE | StorageManager.FLAG_STORAGE_CE);
              destroyAppProfilesLIF(pkg, UserHandle.USER_ALL);
          }
      }
  }

调用scanPackageDirtyLI(pkg, policyFlags, scanFlags,currentTime, user);安装
参数为：解析好的pkg安装包信息。俩个Flags。当前时间

15.scanPackageDirtyLI

PackageManagerService.scanPackageDirtyLI：


private PackageParser.Package scanPackageDirtyLI(PackageParser.Package pkg,
        final int policyFlags, final int scanFlags, long currentTime, @Nullable UserHandle user)
                throws PackageManagerException {
    if (DEBUG_PACKAGE_SCANNING) {
        if ((policyFlags & PackageParser.PARSE_CHATTY) != 0)
            Log.d(TAG, "Scanning package " + pkg.packageName);
    }
    applyPolicy(pkg, policyFlags);
    assertPackageIsValid(pkg, policyFlags, scanFlags);
    // 初始化资源和包目录
    final File scanFile = new File(pkg.codePath);
    final File destCodeFile = new File(pkg.applicationInfo.getCodePath());
    final File destResourceFile = new File(pkg.applicationInfo.getResourcePath());
    SharedUserSetting suid = null;
    PackageSetting pkgSetting = null;
    // Getting the package setting may have a side-effect, so if we
    // are only checking if scan would succeed, stash a copy of the
    // old setting to restore at the end.
    PackageSetting nonMutatedPs = null;
    // We keep references to the derived CPU Abis from settings in oder to reuse
    // them in the case where we're not upgrading or booting for the first time.
    String primaryCpuAbiFromSettings = null;
    String secondaryCpuAbiFromSettings = null;
    // writer
    synchronized (mPackages) {
        if (pkg.mSharedUserId != null) {
            // SIDE EFFECTS; may potentially allocate a new shared user
            suid = mSettings.getSharedUserLPw(
                    pkg.mSharedUserId, 0 /*pkgFlags*/, 0 /*pkgPrivateFlags*/, true /*create*/);
            if (DEBUG_PACKAGE_SCANNING) {
                if ((policyFlags & PackageParser.PARSE_CHATTY) != 0)
                    Log.d(TAG, "Shared UserID " + pkg.mSharedUserId + " (uid=" + suid.userId
                            + "): packages=" + suid.packages);
            }
        }
        // Check if we are renaming from an original package name.
        PackageSetting origPackage = null;
        String realName = null;
        if (pkg.mOriginalPackages != null) {
            // This package may need to be renamed to a previously
            // installed name.  Let's check on that...
            final String renamed = mSettings.getRenamedPackageLPr(pkg.mRealPackage);
            if (pkg.mOriginalPackages.contains(renamed)) {
                // This package had originally been installed as the
                // original name, and we have already taken care of
                // transitioning to the new one.  Just update the new
                // one to continue using the old name.
                realName = pkg.mRealPackage;
                if (!pkg.packageName.equals(renamed)) {
                    // Callers into this function may have already taken
                    // care of renaming the package; only do it here if
                    // it is not already done.
                    pkg.setPackageName(renamed);
                }
            } else {
                for (int i=pkg.mOriginalPackages.size()-1; i>=0; i--) {
                    if ((origPackage = mSettings.getPackageLPr(
                            pkg.mOriginalPackages.get(i))) != null) {
                        // We do have the package already installed under its
                        // original name...  should we use it?
                        if (!verifyPackageUpdateLPr(origPackage, pkg)) {
                            // New package is not compatible with original.
                            origPackage = null;
                            continue;
                        } else if (origPackage.sharedUser != null) {
                            // Make sure uid is compatible between packages.
                            if (!origPackage.sharedUser.name.equals(pkg.mSharedUserId)) {
                                Slog.w(TAG, "Unable to migrate data from " + origPackage.name
                                        + " to " + pkg.packageName + ": old uid "
                                        + origPackage.sharedUser.name
                                        + " differs from " + pkg.mSharedUserId);
                                origPackage = null;
                                continue;
                            }
                            // TODO: Add case when shared user id is added [b/28144775]
                        } else {
                            if (DEBUG_UPGRADE) Log.v(TAG, "Renaming new package "
                                    + pkg.packageName + " to old name " + origPackage.name);
                        }
                        break;
                    }
                }
            }
        }
        if (mTransferedPackages.contains(pkg.packageName)) {
            Slog.w(TAG, "Package " + pkg.packageName
                    + " was transferred to another, but its .apk remains");
        }
        // See comments in nonMutatedPs declaration
        if ((scanFlags & SCAN_CHECK_ONLY) != 0) {
            PackageSetting foundPs = mSettings.getPackageLPr(pkg.packageName);
            if (foundPs != null) {
                nonMutatedPs = new PackageSetting(foundPs);
            }
        }
        if ((scanFlags & SCAN_FIRST_BOOT_OR_UPGRADE) == 0) {
            PackageSetting foundPs = mSettings.getPackageLPr(pkg.packageName);
            if (foundPs != null) {
                primaryCpuAbiFromSettings = foundPs.primaryCpuAbiString;
                secondaryCpuAbiFromSettings = foundPs.secondaryCpuAbiString;
            }
        }
        pkgSetting = mSettings.getPackageLPr(pkg.packageName);
        if (pkgSetting != null && pkgSetting.sharedUser != suid) {
            PackageManagerService.reportSettingsProblem(Log.WARN,
                    "Package " + pkg.packageName + " shared user changed from "
                            + (pkgSetting.sharedUser != null
                                    ? pkgSetting.sharedUser.name : "<nothing>")
                            + " to "
                            + (suid != null ? suid.name : "<nothing>")
                            + "; replacing with new");
            pkgSetting = null;
        }
        final PackageSetting oldPkgSetting =
                pkgSetting == null ? null : new PackageSetting(pkgSetting);
        final PackageSetting disabledPkgSetting =
                mSettings.getDisabledSystemPkgLPr(pkg.packageName);
        String[] usesStaticLibraries = null;
        if (pkg.usesStaticLibraries != null) {
            usesStaticLibraries = new String[pkg.usesStaticLibraries.size()];
            pkg.usesStaticLibraries.toArray(usesStaticLibraries);
        }
        if (pkgSetting == null) {
            final String parentPackageName = (pkg.parentPackage != null)
                    ? pkg.parentPackage.packageName : null;
            final boolean instantApp = (scanFlags & SCAN_AS_INSTANT_APP) != 0;
            // REMOVE SharedUserSetting from method; update in a separate call
            pkgSetting = Settings.createNewSetting(pkg.packageName, origPackage,
                    disabledPkgSetting, realName, suid, destCodeFile, destResourceFile,
                    pkg.applicationInfo.nativeLibraryRootDir, pkg.applicationInfo.primaryCpuAbi,
                    pkg.applicationInfo.secondaryCpuAbi, pkg.mVersionCode,
                    pkg.applicationInfo.flags, pkg.applicationInfo.privateFlags, user,
                    true /*allowInstall*/, instantApp, parentPackageName,
                    pkg.getChildPackageNames(), UserManagerService.getInstance(),
                    usesStaticLibraries, pkg.usesStaticLibrariesVersions);
            // SIDE EFFECTS; updates system state; move elsewhere
            if (origPackage != null) {
                mSettings.addRenamedPackageLPw(pkg.packageName, origPackage.name);
            }
            mSettings.addUserToSettingLPw(pkgSetting);
        } else {
            // REMOVE SharedUserSetting from method; update in a separate call.
            //
            // TODO(narayan): This update is bogus. nativeLibraryDir & primaryCpuAbi,
            // secondaryCpuAbi are not known at this point so we always update them
            // to null here, only to reset them at a later point.
            Settings.updatePackageSetting(pkgSetting, disabledPkgSetting, suid, destCodeFile,
                    pkg.applicationInfo.nativeLibraryDir, pkg.applicationInfo.primaryCpuAbi,
                    pkg.applicationInfo.secondaryCpuAbi, pkg.applicationInfo.flags,
                    pkg.applicationInfo.privateFlags, pkg.getChildPackageNames(),
                    UserManagerService.getInstance(), usesStaticLibraries,
                    pkg.usesStaticLibrariesVersions);
        }
        // SIDE EFFECTS; persists system state to files on disk; move elsewhere
        mSettings.writeUserRestrictionsLPw(pkgSetting, oldPkgSetting);
        // SIDE EFFECTS; modifies system state; move elsewhere
        if (pkgSetting.origPackage != null) {
            // If we are first transitioning from an original package,
            // fix up the new package's name now.  We need to do this after
            // looking up the package under its new name, so getPackageLP
            // can take care of fiddling things correctly.
            pkg.setPackageName(origPackage.name);
            // File a report about this.
            String msg = "New package " + pkgSetting.realName
                    + " renamed to replace old package " + pkgSetting.name;
            reportSettingsProblem(Log.WARN, msg);
            // Make a note of it.
            if ((scanFlags & SCAN_CHECK_ONLY) == 0) {
                mTransferedPackages.add(origPackage.name);
            }
            // No longer need to retain this.
            pkgSetting.origPackage = null;
        }
        // SIDE EFFECTS; modifies system state; move elsewhere
        if ((scanFlags & SCAN_CHECK_ONLY) == 0 && realName != null) {
            // Make a note of it.
            mTransferedPackages.add(pkg.packageName);
        }
        if (mSettings.isDisabledSystemPackageLPr(pkg.packageName)) {
            pkg.applicationInfo.flags |= ApplicationInfo.FLAG_UPDATED_SYSTEM_APP;
        }
        if ((scanFlags & SCAN_BOOTING) == 0
                && (policyFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) {
            // Check all shared libraries and map to their actual file path.
            // We only do this here for apps not on a system dir, because those
            // are the only ones that can fail an install due to this.  We
            // will take care of the system apps by updating all of their
            // library paths after the scan is done. Also during the initial
            // scan don't update any libs as we do this wholesale after all
            // apps are scanned to avoid dependency based scanning.
            updateSharedLibrariesLPr(pkg, null);
        }
        if (mFoundPolicyFile) {
            SELinuxMMAC.assignSeInfoValue(pkg);
        }
        pkg.applicationInfo.uid = pkgSetting.appId;
        pkg.mExtras = pkgSetting;
        // Static shared libs have same package with different versions where
        // we internally use a synthetic package name to allow multiple versions
        // of the same package, therefore we need to compare signatures against
        // the package setting for the latest library version.
        PackageSetting signatureCheckPs = pkgSetting;
        if (pkg.applicationInfo.isStaticSharedLibrary()) {
            SharedLibraryEntry libraryEntry = getLatestSharedLibraVersionLPr(pkg);
            if (libraryEntry != null) {
                signatureCheckPs = mSettings.getPackageLPr(libraryEntry.apk);
            }
        }
        if (shouldCheckUpgradeKeySetLP(signatureCheckPs, scanFlags)) {
            if (checkUpgradeKeySetLP(signatureCheckPs, pkg)) {
                // We just determined the app is signed correctly, so bring
                // over the latest parsed certs.
                pkgSetting.signatures.mSignatures = pkg.mSignatures;
            } else {
                if ((policyFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) {
                    throw new PackageManagerException(INSTALL_FAILED_UPDATE_INCOMPATIBLE,
                            "Package " + pkg.packageName + " upgrade keys do not match the "
                            + "previously installed version");
                } else {
                    pkgSetting.signatures.mSignatures = pkg.mSignatures;
                    String msg = "System package " + pkg.packageName
                            + " signature changed; retaining data.";
                    reportSettingsProblem(Log.WARN, msg);
                }
            }
        } else {
            try {
                // SIDE EFFECTS; compareSignaturesCompat() changes KeysetManagerService
                verifySignaturesLP(signatureCheckPs, pkg);
                // We just determined the app is signed correctly, so bring
                // over the latest parsed certs.
                pkgSetting.signatures.mSignatures = pkg.mSignatures;
            } catch (PackageManagerException e) {
                if ((policyFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) {
                    throw e;
                }
                // The signature has changed, but this package is in the system
                // image...  let's recover!
                pkgSetting.signatures.mSignatures = pkg.mSignatures;
                // However...  if this package is part of a shared user, but it
                // doesn't match the signature of the shared user, let's fail.
                // What this means is that you can't change the signatures
                // associated with an overall shared user, which doesn't seem all
                // that unreasonable.
                if (signatureCheckPs.sharedUser != null) {
                    if (compareSignatures(signatureCheckPs.sharedUser.signatures.mSignatures,
                            pkg.mSignatures) != PackageManager.SIGNATURE_MATCH) {
                        throw new PackageManagerException(
                                INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES,
                                "Signature mismatch for shared user: "
                                        + pkgSetting.sharedUser);
                    }
                }
                // File a report about this.
                String msg = "System package " + pkg.packageName
                        + " signature changed; retaining data.";
                reportSettingsProblem(Log.WARN, msg);
            }
        }
        if ((scanFlags & SCAN_CHECK_ONLY) == 0 && pkg.mAdoptPermissions != null) {
            // This package wants to adopt ownership of permissions from
            // another package.
            for (int i = pkg.mAdoptPermissions.size() - 1; i >= 0; i--) {
                final String origName = pkg.mAdoptPermissions.get(i);
                final PackageSetting orig = mSettings.getPackageLPr(origName);
                if (orig != null) {
                    if (verifyPackageUpdateLPr(orig, pkg)) {
                        Slog.i(TAG, "Adopting permissions from " + origName + " to "
                                + pkg.packageName);
                        // SIDE EFFECTS; updates permissions system state; move elsewhere
                        mSettings.transferPermissionsLPw(origName, pkg.packageName);
                    }
                }
            }
        }
    }
    pkg.applicationInfo.processName = fixProcessName(
            pkg.applicationInfo.packageName,
            pkg.applicationInfo.processName);
    if (pkg != mPlatformPackage) {
        // Get all of our default paths setup
        pkg.applicationInfo.initForUser(UserHandle.USER_SYSTEM);
    }
    final String cpuAbiOverride = deriveAbiOverride(pkg.cpuAbiOverride, pkgSetting);
    if ((scanFlags & SCAN_NEW_INSTALL) == 0) {
        if ((scanFlags & SCAN_FIRST_BOOT_OR_UPGRADE) != 0) {
            Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "derivePackageAbi");
            final boolean extractNativeLibs = !pkg.isLibrary();
            derivePackageAbi(pkg, scanFile, cpuAbiOverride, extractNativeLibs,
                    mAppLib32InstallDir);
            Trace.traceEnd(TRACE_TAG_PACKAGE_MANAGER);
            // Some system apps still use directory structure for native libraries
            // in which case we might end up not detecting abi solely based on apk
            // structure. Try to detect abi based on directory structure.
            if (isSystemApp(pkg) && !pkg.isUpdatedSystemApp() &&
                    pkg.applicationInfo.primaryCpuAbi == null) {
                setBundledAppAbisAndRoots(pkg, pkgSetting);
                setNativeLibraryPaths(pkg, mAppLib32InstallDir);
            }
        } else {
            // This is not a first boot or an upgrade, don't bother deriving the
            // ABI during the scan. Instead, trust the value that was stored in the
            // package setting.
            pkg.applicationInfo.primaryCpuAbi = primaryCpuAbiFromSettings;
            pkg.applicationInfo.secondaryCpuAbi = secondaryCpuAbiFromSettings;
            setNativeLibraryPaths(pkg, mAppLib32InstallDir);
            if (DEBUG_ABI_SELECTION) {
                Slog.i(TAG, "Using ABIS and native lib paths from settings : " +
                    pkg.packageName + " " + pkg.applicationInfo.primaryCpuAbi + ", " +
                    pkg.applicationInfo.secondaryCpuAbi);
            }
        }
    } else {
        if ((scanFlags & SCAN_MOVE) != 0) {
            // We haven't run dex-opt for this move (since we've moved the compiled output too)
            // but we already have this packages package info in the PackageSetting. We just
            // use that and derive the native library path based on the new codepath.
            pkg.applicationInfo.primaryCpuAbi = pkgSetting.primaryCpuAbiString;
            pkg.applicationInfo.secondaryCpuAbi = pkgSetting.secondaryCpuAbiString;
        }
        // Set native library paths again. For moves, the path will be updated based on the
        // ABIs we've determined above. For non-moves, the path will be updated based on the
        // ABIs we determined during compilation, but the path will depend on the final
        // package path (after the rename away from the stage path).
        setNativeLibraryPaths(pkg, mAppLib32InstallDir);
    }
    // This is a special case for the "system" package, where the ABI is
    // dictated by the zygote configuration (and init.rc). We should keep track
    // of this ABI so that we can deal with "normal" applications that run under
    // the same UID correctly.
    if (mPlatformPackage == pkg) {
        pkg.applicationInfo.primaryCpuAbi = VMRuntime.getRuntime().is64Bit() ?
                Build.SUPPORTED_64_BIT_ABIS[0] : Build.SUPPORTED_32_BIT_ABIS[0];
    }
    // If there's a mismatch between the abi-override in the package setting
    // and the abiOverride specified for the install. Warn about this because we
    // would've already compiled the app without taking the package setting into
    // account.
    if ((scanFlags & SCAN_NO_DEX) == 0 && (scanFlags & SCAN_NEW_INSTALL) != 0) {
        if (cpuAbiOverride == null && pkgSetting.cpuAbiOverrideString != null) {
            Slog.w(TAG, "Ignoring persisted ABI override " + cpuAbiOverride +
                    " for package " + pkg.packageName);
        }
    }
    pkgSetting.primaryCpuAbiString = pkg.applicationInfo.primaryCpuAbi;
    pkgSetting.secondaryCpuAbiString = pkg.applicationInfo.secondaryCpuAbi;
    pkgSetting.cpuAbiOverrideString = cpuAbiOverride;
    // Copy the derived override back to the parsed package, so that we can
    // update the package settings accordingly.
    pkg.cpuAbiOverride = cpuAbiOverride;
    if (DEBUG_ABI_SELECTION) {
        Slog.d(TAG, "Resolved nativeLibraryRoot for " + pkg.applicationInfo.packageName
                + " to root=" + pkg.applicationInfo.nativeLibraryRootDir + ", isa="
                + pkg.applicationInfo.nativeLibraryRootRequiresIsa);
    }
    // Push the derived path down into PackageSettings so we know what to
    // clean up at uninstall time.
    pkgSetting.legacyNativeLibraryPathString = pkg.applicationInfo.nativeLibraryRootDir;
    if (DEBUG_ABI_SELECTION) {
        Log.d(TAG, "Abis for package[" + pkg.packageName + "] are" +
                " primary=" + pkg.applicationInfo.primaryCpuAbi +
                " secondary=" + pkg.applicationInfo.secondaryCpuAbi);
    }
    // SIDE EFFECTS; removes DEX files from disk; move elsewhere
    if ((scanFlags & SCAN_BOOTING) == 0 && pkgSetting.sharedUser != null) {
        // We don't do this here during boot because we can do it all
        // at once after scanning all existing packages.
        //
        // We also do this *before* we perform dexopt on this package, so that
        // we can avoid redundant dexopts, and also to make sure we've got the
        // code and package path correct.
        adjustCpuAbisForSharedUserLPw(pkgSetting.sharedUser.packages, pkg);
    }
    if (mFactoryTest && pkg.requestedPermissions.contains(
            android.Manifest.permission.FACTORY_TEST)) {
        pkg.applicationInfo.flags |= ApplicationInfo.FLAG_FACTORY_TEST;
    }
    if (isSystemApp(pkg)) {
        pkgSetting.isOrphaned = true;
    }
    // Take care of first install / last update times.
    final long scanFileTime = getLastModifiedTime(pkg, scanFile);
    if (currentTime != 0) {
        if (pkgSetting.firstInstallTime == 0) {
            pkgSetting.firstInstallTime = pkgSetting.lastUpdateTime = currentTime;
        } else if ((scanFlags & SCAN_UPDATE_TIME) != 0) {
            pkgSetting.lastUpdateTime = currentTime;
        }
    } else if (pkgSetting.firstInstallTime == 0) {
        // We need *something*.  Take time time stamp of the file.
        pkgSetting.firstInstallTime = pkgSetting.lastUpdateTime = scanFileTime;
    } else if ((policyFlags & PackageParser.PARSE_IS_SYSTEM_DIR) != 0) {
        if (scanFileTime != pkgSetting.timeStamp) {
            // A package on the system image has changed; consider this
            // to be an update.
            pkgSetting.lastUpdateTime = scanFileTime;
        }
    }
    pkgSetting.setTimeStamp(scanFileTime);
    if ((scanFlags & SCAN_CHECK_ONLY) != 0) {
        if (nonMutatedPs != null) {
            synchronized (mPackages) {
                mSettings.mPackages.put(nonMutatedPs.name, nonMutatedPs);
            }
        }
    } else {
        final int userId = user == null ? 0 : user.getIdentifier();
        // Modify state for the given package setting
        commitPackageSettings(pkg, pkgSetting, user, scanFlags,
                (policyFlags & PackageParser.PARSE_CHATTY) != 0 /*chatty*/);
        if (pkgSetting.getInstantApp(userId)) {
            mInstantAppRegistry.addInstantAppLPw(userId, pkgSetting.appId);
        }
    }
    return pkg;
}

不论是开机扫描安装APK，还是通过adb命令安装APK，最终都会调用scanPackageDirtyLI函数进行APK安装。

初始化Package的数据目录和资源目录；
如果需要则更新已有的Package的共享代码库；
如果安装时传递了签名信息，则验证签名信息的合法性；
验证新安装的APK中的Provider是否与系统中现有的Provider有冲突，并进行相应的处理；
如果新安装APK需要使用其他Package的权限，则进行相应处理；
调用createDataDirsLI()安装APK；
设置本地lib路径；
安装成功之后将Package信息更新到PMS和Setting相应的数据结构中；
设置APK安装时间；
设置APK的Provider信息，将Provider添加到相应的数据结构中；
设置权限组和权限信息；
该函数的主要工作便是将安装的APK的信息添加到PMS中，比如讲Provider、Activity、Service、Receiver等组件信息添加到相应的数据结构中，以便其他函数能够查询到