Merge "Remove dead code in package manager that handles .fsv_sig" into main (5b68df99) · Commits · e / os / android_frameworks_base

core/java/com/android/internal/security/VerityUtils.java

+0 −17

Original line number	Diff line number	Diff line
		@@ -36,7 +36,6 @@ import com.android.internal.org.bouncycastle.cms.SignerInformationVerifier;
		import com.android.internal.org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
		import com.android.internal.org.bouncycastle.operator.OperatorCreationException;

		import java.io.File;
		import java.io.IOException;
		import java.io.InputStream;
		import java.nio.ByteBuffer;
		@@ -53,12 +52,6 @@ import java.security.cert.X509Certificate;
		public abstract class VerityUtils {
		private static final String TAG = "VerityUtils";

		/**
		* File extension of the signature file. For example, foo.apk.fsv_sig is the signature file of
		* foo.apk.
		*/
		public static final String FSVERITY_SIGNATURE_FILE_EXTENSION = ".fsv_sig";

		/** SHA256 hash size. */
		private static final int HASH_SIZE_BYTES = 32;

		@@ -67,16 +60,6 @@ public abstract class VerityUtils {
		\|\| SystemProperties.getInt("ro.apk_verity.mode", 0) == 2;
		}

		/** Returns true if the given file looks like containing an fs-verity signature. */
		public static boolean isFsveritySignatureFile(File file) {
		return file.getName().endsWith(FSVERITY_SIGNATURE_FILE_EXTENSION);
		}

		/** Returns the fs-verity signature file path of the given file. */
		public static String getFsveritySignatureFilePath(String filePath) {
		return filePath + FSVERITY_SIGNATURE_FILE_EXTENSION;
		}

		/** Enables fs-verity for the file without signature. */
		public static void setUpFsverity(@NonNull String filePath) throws IOException {
		int errno = enableFsverityNative(filePath);

services/core/java/com/android/server/pm/InstallPackageHelper.java

+2 −71

Original line number	Diff line number	Diff line
		@@ -125,7 +125,6 @@ import android.content.pm.SharedLibraryInfo;
		import android.content.pm.Signature;
		import android.content.pm.SigningDetails;
		import android.content.pm.VerifierInfo;
		import android.content.pm.dex.DexMetadataHelper;
		import android.content.pm.parsing.result.ParseResult;
		import android.content.pm.parsing.result.ParseTypeImpl;
		import android.net.Uri;
		@@ -171,7 +170,6 @@ import com.android.internal.pm.pkg.component.ParsedIntentInfo;
		import com.android.internal.pm.pkg.component.ParsedPermission;
		import com.android.internal.pm.pkg.component.ParsedPermissionGroup;
		import com.android.internal.pm.pkg.parsing.ParsingPackageUtils;
		import com.android.internal.security.VerityUtils;
		import com.android.internal.util.ArrayUtils;
		import com.android.internal.util.CollectionUtils;
		import com.android.server.EventLogTags;
		@@ -186,7 +184,6 @@ import com.android.server.pm.pkg.AndroidPackage;
		import com.android.server.pm.pkg.PackageStateInternal;
		import com.android.server.pm.pkg.SharedLibraryWrapper;
		import com.android.server.rollback.RollbackManagerInternal;
		import com.android.server.security.FileIntegrityService;
		import com.android.server.utils.WatchedArrayMap;
		import com.android.server.utils.WatchedLongSparseArray;

		@@ -195,7 +192,6 @@ import dalvik.system.VMRuntime;
		import java.io.File;
		import java.io.FileInputStream;
		import java.io.IOException;
		import java.security.DigestException;
		import java.security.DigestInputStream;
		import java.security.MessageDigest;
		import java.security.NoSuchAlgorithmException;
		@@ -1165,11 +1161,8 @@ final class InstallPackageHelper {
		}
		try {
		doRenameLI(request, parsedPackage);
		setUpFsVerity(parsedPackage);
		} catch (Installer.InstallerException \| IOException \| DigestException
		\| NoSuchAlgorithmException \| PrepareFailure e) {
		request.setError(PackageManagerException.INTERNAL_ERROR_VERITY_SETUP,
		"Failed to set up verity: " + e);
		} catch (PrepareFailure e) {
		request.setError(e);
		return false;
		}

		@@ -2322,68 +2315,6 @@ final class InstallPackageHelper {
		}
		}

		/**
		* Set up fs-verity for the given package. For older devices that do not support fs-verity,
		* this is a no-op.
		*/
		private void setUpFsVerity(AndroidPackage pkg) throws Installer.InstallerException,
		PrepareFailure, IOException, DigestException, NoSuchAlgorithmException {
		if (!PackageManagerServiceUtils.isApkVerityEnabled()) {
		return;
		}

		if (isIncrementalPath(pkg.getPath()) && IncrementalManager.getVersion()
		< IncrementalManager.MIN_VERSION_TO_SUPPORT_FSVERITY) {
		return;
		}

		// Collect files we care for fs-verity setup.
		ArrayMap<String, String> fsverityCandidates = new ArrayMap<>();
		fsverityCandidates.put(pkg.getBaseApkPath(),
		VerityUtils.getFsveritySignatureFilePath(pkg.getBaseApkPath()));

		final String dmPath = DexMetadataHelper.buildDexMetadataPathForApk(
		pkg.getBaseApkPath());
		if (new File(dmPath).exists()) {
		fsverityCandidates.put(dmPath, VerityUtils.getFsveritySignatureFilePath(dmPath));
		}

		for (String path : pkg.getSplitCodePaths()) {
		fsverityCandidates.put(path, VerityUtils.getFsveritySignatureFilePath(path));

		final String splitDmPath = DexMetadataHelper.buildDexMetadataPathForApk(path);
		if (new File(splitDmPath).exists()) {
		fsverityCandidates.put(splitDmPath,
		VerityUtils.getFsveritySignatureFilePath(splitDmPath));
		}
		}

		var fis = FileIntegrityService.getService();
		for (Map.Entry<String, String> entry : fsverityCandidates.entrySet()) {
		try {
		final String filePath = entry.getKey();
		if (VerityUtils.hasFsverity(filePath)) {
		continue;
		}

		final String signaturePath = entry.getValue();
		if (new File(signaturePath).exists()) {
		// If signature is provided, enable fs-verity first so that the file can be
		// measured for signature check below.
		VerityUtils.setUpFsverity(filePath);

		if (!fis.verifyPkcs7DetachedSignature(signaturePath, filePath)) {
		throw new PrepareFailure(PackageManager.INSTALL_FAILED_BAD_SIGNATURE,
		"fs-verity signature does not verify against a known key");
		}
		}
		} catch (IOException e) {
		throw new PrepareFailure(PackageManager.INSTALL_FAILED_BAD_SIGNATURE,
		"Failed to enable fs-verity: " + e);
		}
		}
		}

		private PackageFreezer freezePackageForInstall(String packageName, int userId, int installFlags,
		String killReason, int exitInfoReason, InstallRequest request) {
		if ((installFlags & PackageManager.INSTALL_DONT_KILL_APP) != 0) {

services/core/java/com/android/server/pm/PackageInstallerSession.java

+0 −81

Original line number	Diff line number	Diff line
		@@ -26,7 +26,6 @@ import static android.content.pm.PackageInstaller.UNARCHIVAL_OK;
		import static android.content.pm.PackageInstaller.UNARCHIVAL_STATUS_UNSET;
		import static android.content.pm.PackageItemInfo.MAX_SAFE_LABEL_LENGTH;
		import static android.content.pm.PackageManager.INSTALL_FAILED_ABORTED;
		import static android.content.pm.PackageManager.INSTALL_FAILED_BAD_SIGNATURE;
		import static android.content.pm.PackageManager.INSTALL_FAILED_INSUFFICIENT_STORAGE;
		import static android.content.pm.PackageManager.INSTALL_FAILED_INTERNAL_ERROR;
		import static android.content.pm.PackageManager.INSTALL_FAILED_INVALID_APK;
		@@ -824,8 +823,6 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {

		@GuardedBy("mLock")
		private File mInheritedFilesBase;
		@GuardedBy("mLock")
		private boolean mVerityFoundForApks;

		/**
		* Both flags should be guarded with mLock whenever changes need to be in lockstep.
		@@ -864,7 +861,6 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
		} else {
		if (DexMetadataHelper.isDexMetadataFile(file)) return false;
		}
		if (VerityUtils.isFsveritySignatureFile(file)) return false;
		if (ApkChecksums.isDigestOrDigestSignatureFile(file)) return false;
		return true;
		}
		@@ -3565,13 +3561,6 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
		"Missing existing base package");
		}

		// Default to require only if existing base apk has fs-verity signature.
		mVerityFoundForApks = PackageManagerServiceUtils.isApkVerityEnabled()
		&& params.mode == SessionParams.MODE_INHERIT_EXISTING
		&& VerityUtils.hasFsverity(pkgInfo.applicationInfo.getBaseCodePath())
		&& (new File(VerityUtils.getFsveritySignatureFilePath(
		pkgInfo.applicationInfo.getBaseCodePath()))).exists();

		final List<File> removedFiles = getRemovedFilesLocked();
		final List<String> removeSplitList = new ArrayList<>();
		if (!removedFiles.isEmpty()) {
		@@ -3971,24 +3960,6 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
		maybeRenameFile(origFile, targetFile);
		}

		@GuardedBy("mLock")
		private void maybeStageFsveritySignatureLocked(File origFile, File targetFile,
		boolean fsVerityRequired) throws PackageManagerException {
		if (android.security.Flags.deprecateFsvSig()) {
		return;
		}
		final File originalSignature = new File(
		VerityUtils.getFsveritySignatureFilePath(origFile.getPath()));
		if (originalSignature.exists()) {
		final File stagedSignature = new File(
		VerityUtils.getFsveritySignatureFilePath(targetFile.getPath()));
		stageFileLocked(originalSignature, stagedSignature);
		} else if (fsVerityRequired) {
		throw new PackageManagerException(INSTALL_FAILED_BAD_SIGNATURE,
		"Missing corresponding fs-verity signature to " + origFile);
		}
		}

		@GuardedBy("mLock")
		private void maybeStageV4SignatureLocked(File origFile, File targetFile)
		throws PackageManagerException {
		@@ -4015,11 +3986,6 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
		DexMetadataHelper.buildDexMetadataPathForApk(targetFile.getName()));

		stageFileLocked(dexMetadataFile, targetDexMetadataFile);

		// Also stage .dm.fsv_sig. .dm may be required to install with fs-verity signature on
		// supported on older devices.
		maybeStageFsveritySignatureLocked(dexMetadataFile, targetDexMetadataFile,
		DexMetadataHelper.isFsVerityRequired());
		}

		@FlaggedApi(com.android.art.flags.Flags.FLAG_ART_SERVICE_V3)
		@@ -4104,45 +4070,11 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
		}
		}

		@GuardedBy("mLock")
		private boolean isFsVerityRequiredForApk(File origFile, File targetFile)
		throws PackageManagerException {
		if (mVerityFoundForApks) {
		return true;
		}

		// We haven't seen .fsv_sig for any APKs. Treat it as not required until we see one.
		final File originalSignature = new File(
		VerityUtils.getFsveritySignatureFilePath(origFile.getPath()));
		if (!originalSignature.exists()) {
		return false;
		}
		mVerityFoundForApks = true;

		// When a signature is found, also check any previous staged APKs since they also need to
		// have fs-verity signature consistently.
		for (File file : mResolvedStagedFiles) {
		if (!file.getName().endsWith(".apk")) {
		continue;
		}
		// Ignore the current targeting file.
		if (targetFile.getName().equals(file.getName())) {
		continue;
		}
		throw new PackageManagerException(INSTALL_FAILED_BAD_SIGNATURE,
		"Previously staged apk is missing fs-verity signature");
		}
		return true;
		}

		@GuardedBy("mLock")
		private void resolveAndStageFileLocked(File origFile, File targetFile, String splitName,
		List<String> artManagedFilePaths) throws PackageManagerException {
		stageFileLocked(origFile, targetFile);

		// Stage APK's fs-verity signature if present.
		maybeStageFsveritySignatureLocked(origFile, targetFile,
		isFsVerityRequiredForApk(origFile, targetFile));
		// Stage APK's v4 signature if present, and fs-verity is supported.
		if (android.security.Flags.extendVbChainToUpdatedApk()
		&& VerityUtils.isFsVeritySupported()) {
		@@ -4159,16 +4091,6 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
		maybeStageDigestsLocked(origFile, targetFile, splitName);
		}

		@GuardedBy("mLock")
		private void maybeInheritFsveritySignatureLocked(File origFile) {
		// Inherit the fsverity signature file if present.
		final File fsveritySignatureFile = new File(
		VerityUtils.getFsveritySignatureFilePath(origFile.getPath()));
		if (fsveritySignatureFile.exists()) {
		mResolvedInheritedFiles.add(fsveritySignatureFile);
		}
		}

		@GuardedBy("mLock")
		private void maybeInheritV4SignatureLocked(File origFile) {
		// Inherit the v4 signature file if present.
		@@ -4182,7 +4104,6 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
		private void inheritFileLocked(File origFile, List<String> artManagedFilePaths) {
		mResolvedInheritedFiles.add(origFile);

		maybeInheritFsveritySignatureLocked(origFile);
		if (android.security.Flags.extendVbChainToUpdatedApk()) {
		maybeInheritV4SignatureLocked(origFile);
		}
		@@ -4193,13 +4114,11 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
		artManagedFilePaths, origFile.getPath())) {
		File artManagedFile = new File(path);
		mResolvedInheritedFiles.add(artManagedFile);
		maybeInheritFsveritySignatureLocked(artManagedFile);
		}
		} else {
		final File dexMetadataFile = DexMetadataHelper.findDexMetadataForFile(origFile);
		if (dexMetadataFile != null) {
		mResolvedInheritedFiles.add(dexMetadataFile);
		maybeInheritFsveritySignatureLocked(dexMetadataFile);
		}
		}
		// Inherit the digests if present.

services/core/java/com/android/server/pm/PackageManagerServiceUtils.java

+0 −16

Original line number	Diff line number	Diff line
		@@ -520,22 +520,6 @@ public class PackageManagerServiceUtils {
		}
		}

		/** Default is to not use fs-verity since it depends on kernel support. */
		private static final int FSVERITY_DISABLED = 0;

		/** Standard fs-verity. */
		private static final int FSVERITY_ENABLED = 2;

		/** Returns true if standard APK Verity is enabled. */
		static boolean isApkVerityEnabled() {
		if (android.security.Flags.deprecateFsvSig()) {
		return false;
		}
		return Build.VERSION.DEVICE_INITIAL_SDK_INT >= Build.VERSION_CODES.R
		\|\| SystemProperties.getInt("ro.apk_verity.mode", FSVERITY_DISABLED)
		== FSVERITY_ENABLED;
		}

		/**
		* Verifies that signatures match.
		* @returns {@code true} if the compat signatures were matched; otherwise, {@code false}.