Loading services/core/java/com/android/server/pm/KeySetManagerService.java +5 −0 Original line number Diff line number Diff line Loading @@ -277,6 +277,11 @@ public class KeySetManagerService { return mKeySets.get(keySetId); } /* Checks if an identifier refers to a known keyset */ public boolean isIdValidKeySetId(long id) { return mKeySets.get(id) != null; } /** * Fetches the {@link PublicKey public keys} which belong to the specified * KeySet id. Loading services/core/java/com/android/server/pm/PackageManagerService.java +62 −40 Original line number Diff line number Diff line Loading @@ -6157,7 +6157,24 @@ public class PackageManagerService extends IPackageManager.Stub { pkg.applicationInfo.uid = pkgSetting.appId; pkg.mExtras = pkgSetting; if (!pkgSetting.keySetData.isUsingUpgradeKeySets() || pkgSetting.sharedUser != null) { if (shouldCheckUpgradeKeySetLP(pkgSetting, scanFlags)) { if (checkUpgradeKeySetLP(pkgSetting, pkg)) { // We just determined the app is signed correctly, so bring // over the latest parsed certs. pkgSetting.signatures.mSignatures = pkg.mSignatures; } else { if ((parseFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) { throw new PackageManagerException(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package " + pkg.packageName + " upgrade keys do not match the " + "previously installed version"); } else { pkgSetting.signatures.mSignatures = pkg.mSignatures; String msg = "System package " + pkg.packageName + " signature changed; retaining data."; reportSettingsProblem(Log.WARN, msg); } } } else { try { verifySignaturesLP(pkgSetting, pkg); // We just determined the app is signed correctly, so bring Loading Loading @@ -6189,23 +6206,6 @@ public class PackageManagerService extends IPackageManager.Stub { + " signature changed; retaining data."; reportSettingsProblem(Log.WARN, msg); } } else { if (!checkUpgradeKeySetLP(pkgSetting, pkg)) { if ((parseFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) { throw new PackageManagerException(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package " + pkg.packageName + " upgrade keys do not match the " + "previously installed version"); } else { pkgSetting.signatures.mSignatures = pkg.mSignatures; String msg = "System package " + pkg.packageName + " signature changed; retaining data."; reportSettingsProblem(Log.WARN, msg); } } else { // We just determined the app is signed correctly, so bring // over the latest parsed certs. pkgSetting.signatures.mSignatures = pkg.mSignatures; } } // Verify that this new package doesn't have any content providers // that conflict with existing packages. Only do this if the Loading Loading @@ -11161,6 +11161,28 @@ public class PackageManagerService extends IPackageManager.Stub { } } private boolean shouldCheckUpgradeKeySetLP(PackageSetting oldPs, int scanFlags) { // Can't rotate keys during boot or if sharedUser. if (oldPs == null || (scanFlags&SCAN_BOOTING) != 0 || oldPs.sharedUser != null || !oldPs.keySetData.isUsingUpgradeKeySets()) { return false; } // app is using upgradeKeySets; make sure all are valid KeySetManagerService ksms = mSettings.mKeySetManagerService; long[] upgradeKeySets = oldPs.keySetData.getUpgradeKeySets(); for (int i = 0; i < upgradeKeySets.length; i++) { if (!ksms.isIdValidKeySetId(upgradeKeySets[i])) { Slog.wtf(TAG, "Package " + (oldPs.name != null ? oldPs.name : "<null>") + " contains upgrade-key-set reference to unknown key-set: " + upgradeKeySets[i] + " reverting to signatures check."); return false; } } return true; } private boolean checkUpgradeKeySetLP(PackageSetting oldPS, PackageParser.Package newPkg) { // Upgrade keysets are being used. Determine if new package has a superset of the // required keys. Loading Loading @@ -11189,19 +11211,19 @@ public class PackageManagerService extends IPackageManager.Stub { oldPackage = mPackages.get(pkgName); if (DEBUG_INSTALL) Slog.d(TAG, "replacePackageLI: new=" + pkg + ", old=" + oldPackage); final PackageSetting ps = mSettings.mPackages.get(pkgName); if (ps == null || !ps.keySetData.isUsingUpgradeKeySets() || ps.sharedUser != null) { // default to original signature matching if (compareSignatures(oldPackage.mSignatures, pkg.mSignatures) != PackageManager.SIGNATURE_MATCH) { if (shouldCheckUpgradeKeySetLP(ps, scanFlags)) { if(!checkUpgradeKeySetLP(ps, pkg)) { res.setError(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "New package has a different signature: " + pkgName); "New package not signed by keys specified by upgrade-keysets: " + pkgName); return; } } else { if(!checkUpgradeKeySetLP(ps, pkg)) { // default to original signature matching if (compareSignatures(oldPackage.mSignatures, pkg.mSignatures) != PackageManager.SIGNATURE_MATCH) { res.setError(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "New package not signed by keys specified by upgrade-keysets: " + pkgName); "New package has a different signature: " + pkgName); return; } } Loading Loading @@ -11633,20 +11655,20 @@ public class PackageManagerService extends IPackageManager.Stub { // Quick sanity check that we're signed correctly if updating; // we'll check this again later when scanning, but we want to // bail early here before tripping over redefined permissions. if (!ps.keySetData.isUsingUpgradeKeySets() || ps.sharedUser != null) { try { verifySignaturesLP(ps, pkg); } catch (PackageManagerException e) { res.setError(e.error, e.getMessage()); return; } } else { if (shouldCheckUpgradeKeySetLP(ps, scanFlags)) { if (!checkUpgradeKeySetLP(ps, pkg)) { res.setError(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package " + pkg.packageName + " upgrade keys do not match the " + "previously installed version"); return; } } else { try { verifySignaturesLP(ps, pkg); } catch (PackageManagerException e) { res.setError(e.error, e.getMessage()); return; } } oldCodePath = mSettings.mPackages.get(pkgName).codePathString; Loading @@ -11667,14 +11689,14 @@ public class PackageManagerService extends IPackageManager.Stub { // also includes the "updating the same package" case, of course. // "updating same package" could also involve key-rotation. final boolean sigsOk; if (!bp.sourcePackage.equals(pkg.packageName) || !(bp.packageSetting instanceof PackageSetting) || !bp.packageSetting.keySetData.isUsingUpgradeKeySets() || ((PackageSetting) bp.packageSetting).sharedUser != null) { if (bp.sourcePackage.equals(pkg.packageName) && (bp.packageSetting instanceof PackageSetting) && (shouldCheckUpgradeKeySetLP((PackageSetting) bp.packageSetting, scanFlags))) { sigsOk = checkUpgradeKeySetLP((PackageSetting) bp.packageSetting, pkg); } else { sigsOk = compareSignatures(bp.packageSetting.signatures.mSignatures, pkg.mSignatures) == PackageManager.SIGNATURE_MATCH; } else { sigsOk = checkUpgradeKeySetLP((PackageSetting) bp.packageSetting, pkg); } if (!sigsOk) { // If the owning package is the system itself, we log but allow Loading Loading
services/core/java/com/android/server/pm/KeySetManagerService.java +5 −0 Original line number Diff line number Diff line Loading @@ -277,6 +277,11 @@ public class KeySetManagerService { return mKeySets.get(keySetId); } /* Checks if an identifier refers to a known keyset */ public boolean isIdValidKeySetId(long id) { return mKeySets.get(id) != null; } /** * Fetches the {@link PublicKey public keys} which belong to the specified * KeySet id. Loading
services/core/java/com/android/server/pm/PackageManagerService.java +62 −40 Original line number Diff line number Diff line Loading @@ -6157,7 +6157,24 @@ public class PackageManagerService extends IPackageManager.Stub { pkg.applicationInfo.uid = pkgSetting.appId; pkg.mExtras = pkgSetting; if (!pkgSetting.keySetData.isUsingUpgradeKeySets() || pkgSetting.sharedUser != null) { if (shouldCheckUpgradeKeySetLP(pkgSetting, scanFlags)) { if (checkUpgradeKeySetLP(pkgSetting, pkg)) { // We just determined the app is signed correctly, so bring // over the latest parsed certs. pkgSetting.signatures.mSignatures = pkg.mSignatures; } else { if ((parseFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) { throw new PackageManagerException(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package " + pkg.packageName + " upgrade keys do not match the " + "previously installed version"); } else { pkgSetting.signatures.mSignatures = pkg.mSignatures; String msg = "System package " + pkg.packageName + " signature changed; retaining data."; reportSettingsProblem(Log.WARN, msg); } } } else { try { verifySignaturesLP(pkgSetting, pkg); // We just determined the app is signed correctly, so bring Loading Loading @@ -6189,23 +6206,6 @@ public class PackageManagerService extends IPackageManager.Stub { + " signature changed; retaining data."; reportSettingsProblem(Log.WARN, msg); } } else { if (!checkUpgradeKeySetLP(pkgSetting, pkg)) { if ((parseFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) { throw new PackageManagerException(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package " + pkg.packageName + " upgrade keys do not match the " + "previously installed version"); } else { pkgSetting.signatures.mSignatures = pkg.mSignatures; String msg = "System package " + pkg.packageName + " signature changed; retaining data."; reportSettingsProblem(Log.WARN, msg); } } else { // We just determined the app is signed correctly, so bring // over the latest parsed certs. pkgSetting.signatures.mSignatures = pkg.mSignatures; } } // Verify that this new package doesn't have any content providers // that conflict with existing packages. Only do this if the Loading Loading @@ -11161,6 +11161,28 @@ public class PackageManagerService extends IPackageManager.Stub { } } private boolean shouldCheckUpgradeKeySetLP(PackageSetting oldPs, int scanFlags) { // Can't rotate keys during boot or if sharedUser. if (oldPs == null || (scanFlags&SCAN_BOOTING) != 0 || oldPs.sharedUser != null || !oldPs.keySetData.isUsingUpgradeKeySets()) { return false; } // app is using upgradeKeySets; make sure all are valid KeySetManagerService ksms = mSettings.mKeySetManagerService; long[] upgradeKeySets = oldPs.keySetData.getUpgradeKeySets(); for (int i = 0; i < upgradeKeySets.length; i++) { if (!ksms.isIdValidKeySetId(upgradeKeySets[i])) { Slog.wtf(TAG, "Package " + (oldPs.name != null ? oldPs.name : "<null>") + " contains upgrade-key-set reference to unknown key-set: " + upgradeKeySets[i] + " reverting to signatures check."); return false; } } return true; } private boolean checkUpgradeKeySetLP(PackageSetting oldPS, PackageParser.Package newPkg) { // Upgrade keysets are being used. Determine if new package has a superset of the // required keys. Loading Loading @@ -11189,19 +11211,19 @@ public class PackageManagerService extends IPackageManager.Stub { oldPackage = mPackages.get(pkgName); if (DEBUG_INSTALL) Slog.d(TAG, "replacePackageLI: new=" + pkg + ", old=" + oldPackage); final PackageSetting ps = mSettings.mPackages.get(pkgName); if (ps == null || !ps.keySetData.isUsingUpgradeKeySets() || ps.sharedUser != null) { // default to original signature matching if (compareSignatures(oldPackage.mSignatures, pkg.mSignatures) != PackageManager.SIGNATURE_MATCH) { if (shouldCheckUpgradeKeySetLP(ps, scanFlags)) { if(!checkUpgradeKeySetLP(ps, pkg)) { res.setError(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "New package has a different signature: " + pkgName); "New package not signed by keys specified by upgrade-keysets: " + pkgName); return; } } else { if(!checkUpgradeKeySetLP(ps, pkg)) { // default to original signature matching if (compareSignatures(oldPackage.mSignatures, pkg.mSignatures) != PackageManager.SIGNATURE_MATCH) { res.setError(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "New package not signed by keys specified by upgrade-keysets: " + pkgName); "New package has a different signature: " + pkgName); return; } } Loading Loading @@ -11633,20 +11655,20 @@ public class PackageManagerService extends IPackageManager.Stub { // Quick sanity check that we're signed correctly if updating; // we'll check this again later when scanning, but we want to // bail early here before tripping over redefined permissions. if (!ps.keySetData.isUsingUpgradeKeySets() || ps.sharedUser != null) { try { verifySignaturesLP(ps, pkg); } catch (PackageManagerException e) { res.setError(e.error, e.getMessage()); return; } } else { if (shouldCheckUpgradeKeySetLP(ps, scanFlags)) { if (!checkUpgradeKeySetLP(ps, pkg)) { res.setError(INSTALL_FAILED_UPDATE_INCOMPATIBLE, "Package " + pkg.packageName + " upgrade keys do not match the " + "previously installed version"); return; } } else { try { verifySignaturesLP(ps, pkg); } catch (PackageManagerException e) { res.setError(e.error, e.getMessage()); return; } } oldCodePath = mSettings.mPackages.get(pkgName).codePathString; Loading @@ -11667,14 +11689,14 @@ public class PackageManagerService extends IPackageManager.Stub { // also includes the "updating the same package" case, of course. // "updating same package" could also involve key-rotation. final boolean sigsOk; if (!bp.sourcePackage.equals(pkg.packageName) || !(bp.packageSetting instanceof PackageSetting) || !bp.packageSetting.keySetData.isUsingUpgradeKeySets() || ((PackageSetting) bp.packageSetting).sharedUser != null) { if (bp.sourcePackage.equals(pkg.packageName) && (bp.packageSetting instanceof PackageSetting) && (shouldCheckUpgradeKeySetLP((PackageSetting) bp.packageSetting, scanFlags))) { sigsOk = checkUpgradeKeySetLP((PackageSetting) bp.packageSetting, pkg); } else { sigsOk = compareSignatures(bp.packageSetting.signatures.mSignatures, pkg.mSignatures) == PackageManager.SIGNATURE_MATCH; } else { sigsOk = checkUpgradeKeySetLP((PackageSetting) bp.packageSetting, pkg); } if (!sigsOk) { // If the owning package is the system itself, we log but allow Loading
