Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b5f554a2 authored by Hui Shu's avatar Hui Shu
Browse files

WebView downgrade prevention logic 

Prevent *any* WebView provider packages to be downgraded lower than MonoChrome
Stable on the system image.

Assuming that all (and future) WebView provider packages follow the same
versionCode scheme, we can compare the subsection of Chromium versionCode that
contains branch number, which is done by ignoring the least significant 5
digits.

Note this CL is a follow-up to go/ag/895502.

BUG: 27469181
Change-Id: Iffe3c4b7f912d48c034f107079e065e54130713f
parent 3053c3f2

core/java/android/webkit/WebViewFactory.java

+1 −1
Original line number Diff line number Diff line
@@ -216,7 +216,7 @@ public final class WebViewFactory { 
        }

        if (chosen.versionCode > toUse.versionCode) {

            throw new MissingWebViewPackageException("Failed to verify WebView provider, "

                    + "version code mismatch, expected: " + chosen.versionCode

                    + "version code is lower than expected: " + chosen.versionCode

                    + " actual: " + toUse.versionCode);

        }

        if (getWebViewLibrary(toUse.applicationInfo) == null) {

services/core/java/com/android/server/webkit/WebViewUpdateServiceImpl.java

+26 −5
Original line number Diff line number Diff line
@@ -535,17 +535,38 @@ public class WebViewUpdateServiceImpl { 
            }

        }



        /**

         * Both versionCodes should be from a WebView provider package implemented by Chromium.

         * VersionCodes from other kinds of packages won't make any sense in this method.

         *

         * An introduction to Chromium versionCode scheme:

         * "BBBBPPPAX"

         * BBBB: 4 digit branch number. It monotonically increases over time.

         * PPP: patch number in the branch. It is padded with zeroes to the left. These three digits may

         * change their meaning in the future.

         * A: architecture digit.

         * X: A digit to differentiate APKs for other reasons.

         *

         * This method takes the "BBBB" of versionCodes and compare them.

         *

         * @return true if versionCode1 is higher than or equal to versionCode2.

         */

        private static boolean versionCodeGE(int versionCode1, int versionCode2) {

            int v1 = versionCode1 / 100000;

            int v2 = versionCode2 / 100000;



            return v1 >= v2;

        }



        /**

         * Returns whether this provider is valid for use as a WebView provider.

         */

        public boolean isValidProvider(WebViewProviderInfo configInfo,

                PackageInfo packageInfo) {

            if ((packageInfo.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) == 0

                    && packageInfo.versionCode < getMinimumVersionCode()

            if (!versionCodeGE(packageInfo.versionCode, getMinimumVersionCode())

                    && !mSystemInterface.systemIsDebuggable()) {

                // Non-system package webview providers may be downgraded arbitrarily low, prevent

                // that by enforcing minimum version code. This check is only enforced for user

                // builds.

                // Webview providers may be downgraded arbitrarily low, prevent that by enforcing

                // minimum version code. This check is only enforced for user builds.

                return false;

            }

            if (providerHasValidSignature(configInfo, packageInfo, mSystemInterface) &&