Loading core/java/com/android/internal/security/VerityUtils.java +4 −29 Original line number Diff line number Diff line Loading @@ -17,7 +17,6 @@ package com.android.internal.security; import android.annotation.NonNull; import android.annotation.Nullable; import android.os.Build; import android.os.SystemProperties; import android.system.Os; Loading @@ -41,9 +40,6 @@ import java.io.InputStream; import java.nio.ByteBuffer; import java.nio.ByteOrder; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; Loading @@ -58,9 +54,6 @@ public abstract class VerityUtils { */ public static final String FSVERITY_SIGNATURE_FILE_EXTENSION = ".fsv_sig"; /** The maximum size of signature file. This is just to avoid potential abuse. */ private static final int MAX_SIGNATURE_FILE_SIZE_BYTES = 8192; /** SHA256 hash size. */ private static final int HASH_SIZE_BYTES = 32; Loading @@ -79,26 +72,9 @@ public abstract class VerityUtils { return filePath + FSVERITY_SIGNATURE_FILE_EXTENSION; } /** Enables fs-verity for the file with an optional PKCS#7 detached signature file. */ public static void setUpFsverity(@NonNull String filePath, @Nullable String signaturePath) throws IOException { byte[] rawSignature = null; if (signaturePath != null) { Path path = Paths.get(signaturePath); if (Files.size(path) > MAX_SIGNATURE_FILE_SIZE_BYTES) { throw new SecurityException("Signature file is unexpectedly large: " + signaturePath); } rawSignature = Files.readAllBytes(path); } setUpFsverity(filePath, rawSignature); } /** Enables fs-verity for the file with an optional PKCS#7 detached signature bytes. */ public static void setUpFsverity(@NonNull String filePath, @Nullable byte[] pkcs7Signature) throws IOException { // This will fail if the public key is not already in .fs-verity kernel keyring. int errno = enableFsverityNative(filePath, pkcs7Signature); /** Enables fs-verity for the file without signature. */ public static void setUpFsverity(@NonNull String filePath) throws IOException { int errno = enableFsverityNative(filePath); if (errno != 0) { throw new IOException("Failed to enable fs-verity on " + filePath + ": " + Os.strerror(errno)); Loading Loading @@ -234,8 +210,7 @@ public abstract class VerityUtils { return buffer.array(); } private static native int enableFsverityNative(@NonNull String filePath, @Nullable byte[] pkcs7Signature); private static native int enableFsverityNative(@NonNull String filePath); private static native int measureFsverityNative(@NonNull String filePath, @NonNull byte[] digest); private static native int statxForFsverityNative(@NonNull String filePath); Loading core/jni/com_android_internal_security_VerityUtils.cpp +2 −15 Original line number Diff line number Diff line Loading @@ -23,7 +23,6 @@ #include <linux/fsverity.h> #include <linux/stat.h> #include <nativehelper/JNIHelp.h> #include <nativehelper/ScopedPrimitiveArray.h> #include <nativehelper/ScopedUtfChars.h> #include <string.h> #include <sys/ioctl.h> Loading @@ -39,7 +38,7 @@ namespace android { namespace { int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArray signature) { int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath) { ScopedUtfChars path(env, filePath); if (path.c_str() == nullptr) { return EINVAL; Loading @@ -56,18 +55,6 @@ int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArra arg.salt_size = 0; arg.salt_ptr = reinterpret_cast<uintptr_t>(nullptr); if (signature != nullptr) { ScopedByteArrayRO signature_bytes(env, signature); if (signature_bytes.get() == nullptr) { return EINVAL; } arg.sig_size = signature_bytes.size(); arg.sig_ptr = reinterpret_cast<uintptr_t>(signature_bytes.get()); } else { arg.sig_size = 0; arg.sig_ptr = reinterpret_cast<uintptr_t>(nullptr); } if (ioctl(rfd.get(), FS_IOC_ENABLE_VERITY, &arg) < 0) { return errno; } Loading Loading @@ -138,7 +125,7 @@ int measureFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArr return 0; } const JNINativeMethod sMethods[] = { {"enableFsverityNative", "(Ljava/lang/String;[B)I", (void *)enableFsverity}, {"enableFsverityNative", "(Ljava/lang/String;)I", (void *)enableFsverity}, {"statxForFsverityNative", "(Ljava/lang/String;)I", (void *)statxForFsverity}, {"measureFsverityNative", "(Ljava/lang/String;[B)I", (void *)measureFsverity}, }; Loading services/core/java/com/android/server/graphics/fonts/FontManagerService.java +1 −1 Original line number Diff line number Diff line Loading @@ -188,7 +188,7 @@ public final class FontManagerService extends IFontManager.Stub { @Override public void setUpFsverity(String filePath) throws IOException { VerityUtils.setUpFsverity(filePath, /* signature */ (byte[]) null); VerityUtils.setUpFsverity(filePath); } @Override Loading services/core/java/com/android/server/pm/InstallPackageHelper.java +2 −2 Original line number Diff line number Diff line Loading @@ -1872,7 +1872,7 @@ final class InstallPackageHelper { if (new File(signaturePath).exists()) { // If signature is provided, enable fs-verity first so that the file can be // measured for signature check below. VerityUtils.setUpFsverity(filePath, (byte[]) null); VerityUtils.setUpFsverity(filePath); if (!fis.verifyPkcs7DetachedSignature(signaturePath, filePath)) { throw new PrepareFailure(PackageManager.INSTALL_FAILED_BAD_SIGNATURE, Loading Loading @@ -2385,7 +2385,7 @@ final class InstallPackageHelper { for (String path : apkPaths) { if (!VerityUtils.hasFsverity(path)) { try { VerityUtils.setUpFsverity(path, (byte[]) null); VerityUtils.setUpFsverity(path); } catch (IOException e) { // There's nothing we can do if the setup failed. Since fs-verity is // optional, just ignore the error for now. Loading Loading
core/java/com/android/internal/security/VerityUtils.java +4 −29 Original line number Diff line number Diff line Loading @@ -17,7 +17,6 @@ package com.android.internal.security; import android.annotation.NonNull; import android.annotation.Nullable; import android.os.Build; import android.os.SystemProperties; import android.system.Os; Loading @@ -41,9 +40,6 @@ import java.io.InputStream; import java.nio.ByteBuffer; import java.nio.ByteOrder; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; Loading @@ -58,9 +54,6 @@ public abstract class VerityUtils { */ public static final String FSVERITY_SIGNATURE_FILE_EXTENSION = ".fsv_sig"; /** The maximum size of signature file. This is just to avoid potential abuse. */ private static final int MAX_SIGNATURE_FILE_SIZE_BYTES = 8192; /** SHA256 hash size. */ private static final int HASH_SIZE_BYTES = 32; Loading @@ -79,26 +72,9 @@ public abstract class VerityUtils { return filePath + FSVERITY_SIGNATURE_FILE_EXTENSION; } /** Enables fs-verity for the file with an optional PKCS#7 detached signature file. */ public static void setUpFsverity(@NonNull String filePath, @Nullable String signaturePath) throws IOException { byte[] rawSignature = null; if (signaturePath != null) { Path path = Paths.get(signaturePath); if (Files.size(path) > MAX_SIGNATURE_FILE_SIZE_BYTES) { throw new SecurityException("Signature file is unexpectedly large: " + signaturePath); } rawSignature = Files.readAllBytes(path); } setUpFsverity(filePath, rawSignature); } /** Enables fs-verity for the file with an optional PKCS#7 detached signature bytes. */ public static void setUpFsverity(@NonNull String filePath, @Nullable byte[] pkcs7Signature) throws IOException { // This will fail if the public key is not already in .fs-verity kernel keyring. int errno = enableFsverityNative(filePath, pkcs7Signature); /** Enables fs-verity for the file without signature. */ public static void setUpFsverity(@NonNull String filePath) throws IOException { int errno = enableFsverityNative(filePath); if (errno != 0) { throw new IOException("Failed to enable fs-verity on " + filePath + ": " + Os.strerror(errno)); Loading Loading @@ -234,8 +210,7 @@ public abstract class VerityUtils { return buffer.array(); } private static native int enableFsverityNative(@NonNull String filePath, @Nullable byte[] pkcs7Signature); private static native int enableFsverityNative(@NonNull String filePath); private static native int measureFsverityNative(@NonNull String filePath, @NonNull byte[] digest); private static native int statxForFsverityNative(@NonNull String filePath); Loading
core/jni/com_android_internal_security_VerityUtils.cpp +2 −15 Original line number Diff line number Diff line Loading @@ -23,7 +23,6 @@ #include <linux/fsverity.h> #include <linux/stat.h> #include <nativehelper/JNIHelp.h> #include <nativehelper/ScopedPrimitiveArray.h> #include <nativehelper/ScopedUtfChars.h> #include <string.h> #include <sys/ioctl.h> Loading @@ -39,7 +38,7 @@ namespace android { namespace { int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArray signature) { int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath) { ScopedUtfChars path(env, filePath); if (path.c_str() == nullptr) { return EINVAL; Loading @@ -56,18 +55,6 @@ int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArra arg.salt_size = 0; arg.salt_ptr = reinterpret_cast<uintptr_t>(nullptr); if (signature != nullptr) { ScopedByteArrayRO signature_bytes(env, signature); if (signature_bytes.get() == nullptr) { return EINVAL; } arg.sig_size = signature_bytes.size(); arg.sig_ptr = reinterpret_cast<uintptr_t>(signature_bytes.get()); } else { arg.sig_size = 0; arg.sig_ptr = reinterpret_cast<uintptr_t>(nullptr); } if (ioctl(rfd.get(), FS_IOC_ENABLE_VERITY, &arg) < 0) { return errno; } Loading Loading @@ -138,7 +125,7 @@ int measureFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArr return 0; } const JNINativeMethod sMethods[] = { {"enableFsverityNative", "(Ljava/lang/String;[B)I", (void *)enableFsverity}, {"enableFsverityNative", "(Ljava/lang/String;)I", (void *)enableFsverity}, {"statxForFsverityNative", "(Ljava/lang/String;)I", (void *)statxForFsverity}, {"measureFsverityNative", "(Ljava/lang/String;[B)I", (void *)measureFsverity}, }; Loading
services/core/java/com/android/server/graphics/fonts/FontManagerService.java +1 −1 Original line number Diff line number Diff line Loading @@ -188,7 +188,7 @@ public final class FontManagerService extends IFontManager.Stub { @Override public void setUpFsverity(String filePath) throws IOException { VerityUtils.setUpFsverity(filePath, /* signature */ (byte[]) null); VerityUtils.setUpFsverity(filePath); } @Override Loading
services/core/java/com/android/server/pm/InstallPackageHelper.java +2 −2 Original line number Diff line number Diff line Loading @@ -1872,7 +1872,7 @@ final class InstallPackageHelper { if (new File(signaturePath).exists()) { // If signature is provided, enable fs-verity first so that the file can be // measured for signature check below. VerityUtils.setUpFsverity(filePath, (byte[]) null); VerityUtils.setUpFsverity(filePath); if (!fis.verifyPkcs7DetachedSignature(signaturePath, filePath)) { throw new PrepareFailure(PackageManager.INSTALL_FAILED_BAD_SIGNATURE, Loading Loading @@ -2385,7 +2385,7 @@ final class InstallPackageHelper { for (String path : apkPaths) { if (!VerityUtils.hasFsverity(path)) { try { VerityUtils.setUpFsverity(path, (byte[]) null); VerityUtils.setUpFsverity(path); } catch (IOException e) { // There's nothing we can do if the setup failed. Since fs-verity is // optional, just ignore the error for now. Loading
