diff options
| author | 2024-12-02 16:13:43 +0000 | |
|---|---|---|
| committer | 2024-12-02 16:13:43 +0000 | |
| commit | 8bbe3aff119508ec06b8d11f33eb6bebe72e16ca (patch) | |
| tree | 82df8aac9c447d8f24d513828204f7702cd0a850 | |
| parent | 27ea7e68028d269ab0d062e007b9a3161a985b1e (diff) | |
| parent | b568fb96dee6dc06d2f4d839f941192f729ed89a (diff) | |
Merge "Remove integrity verification from VerifyingSession" into main
8 files changed, 15 insertions, 573 deletions
diff --git a/services/core/java/android/content/pm/PackageManagerInternal.java b/services/core/java/android/content/pm/PackageManagerInternal.java index 43774bbc51ca..b0dae6a1f306 100644 --- a/services/core/java/android/content/pm/PackageManagerInternal.java +++ b/services/core/java/android/content/pm/PackageManagerInternal.java @@ -90,6 +90,7 @@ public abstract class PackageManagerInternal { */ public static final int RESOLVE_NON_RESOLVER_ONLY = 0x00000002; + @Deprecated @IntDef(value = { INTEGRITY_VERIFICATION_ALLOW, INTEGRITY_VERIFICATION_REJECT, @@ -97,18 +98,10 @@ public abstract class PackageManagerInternal { @Retention(RetentionPolicy.SOURCE) public @interface IntegrityVerificationResult {} - /** - * Used as the {@code verificationCode} argument for - * {@link PackageManagerInternal#setIntegrityVerificationResult(int, int)} to indicate that the - * integrity component allows the install to proceed. - */ + @Deprecated public static final int INTEGRITY_VERIFICATION_ALLOW = 1; - /** - * Used as the {@code verificationCode} argument for - * {@link PackageManagerInternal#setIntegrityVerificationResult(int, int)} to indicate that the - * integrity component does not allow install to proceed. - */ + @Deprecated public static final int INTEGRITY_VERIFICATION_REJECT = 0; /** @@ -1131,17 +1124,13 @@ public abstract class PackageManagerInternal { public abstract boolean isPermissionUpgradeNeeded(@UserIdInt int userId); /** - * Allows the integrity component to respond to the - * {@link Intent#ACTION_PACKAGE_NEEDS_INTEGRITY_VERIFICATION package verification - * broadcast} to respond to the package manager. The response must include - * the {@code verificationCode} which is one of - * {@link #INTEGRITY_VERIFICATION_ALLOW} and {@link #INTEGRITY_VERIFICATION_REJECT}. + * Used to allow the integrity component to respond to the + * ACTION_PACKAGE_NEEDS_INTEGRITY_VERIFICATION package verification + * broadcast to respond to the package manager. * - * @param verificationId pending package identifier as passed via the - * {@link PackageManager#EXTRA_VERIFICATION_ID} Intent extra. - * @param verificationResult either {@link #INTEGRITY_VERIFICATION_ALLOW} - * or {@link #INTEGRITY_VERIFICATION_REJECT}. + * Deprecated. */ + @Deprecated public abstract void setIntegrityVerificationResult(int verificationId, @IntegrityVerificationResult int verificationResult); diff --git a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java index a132876b72a3..0914b7e3eeb2 100644 --- a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java +++ b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java @@ -93,29 +93,6 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { mContext = context; mPackageManagerInternal = packageManagerInternal; mHandler = handler; - - IntentFilter integrityVerificationFilter = new IntentFilter(); - integrityVerificationFilter.addAction(ACTION_PACKAGE_NEEDS_INTEGRITY_VERIFICATION); - try { - integrityVerificationFilter.addDataType(PACKAGE_MIME_TYPE); - } catch (IntentFilter.MalformedMimeTypeException e) { - throw new RuntimeException("Mime type malformed: should never happen.", e); - } - - mContext.registerReceiver( - new BroadcastReceiver() { - @Override - public void onReceive(Context context, Intent intent) { - if (!ACTION_PACKAGE_NEEDS_INTEGRITY_VERIFICATION.equals( - intent.getAction())) { - return; - } - mHandler.post(() -> handleIntegrityVerification(intent)); - } - }, - integrityVerificationFilter, - /* broadcastPermission= */ null, - mHandler); } @Override @@ -157,10 +134,4 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { public List<String> getWhitelistedRuleProviders() { return Collections.emptyList(); } - - private void handleIntegrityVerification(Intent intent) { - int verificationId = intent.getIntExtra(EXTRA_VERIFICATION_ID, -1); - mPackageManagerInternal.setIntegrityVerificationResult( - verificationId, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - } } diff --git a/services/core/java/com/android/server/pm/PackageHandler.java b/services/core/java/com/android/server/pm/PackageHandler.java index 0a0882d80cc1..4ea405441030 100644 --- a/services/core/java/com/android/server/pm/PackageHandler.java +++ b/services/core/java/com/android/server/pm/PackageHandler.java @@ -18,7 +18,6 @@ package com.android.server.pm; import static android.os.Trace.TRACE_TAG_PACKAGE_MANAGER; -import static com.android.server.pm.PackageManagerService.CHECK_PENDING_INTEGRITY_VERIFICATION; import static com.android.server.pm.PackageManagerService.CHECK_PENDING_VERIFICATION; import static com.android.server.pm.PackageManagerService.DEBUG_INSTALL; import static com.android.server.pm.PackageManagerService.DEFAULT_UNUSED_STATIC_SHARED_LIB_MIN_CACHE_PERIOD; @@ -29,7 +28,6 @@ import static com.android.server.pm.PackageManagerService.DOMAIN_VERIFICATION; import static com.android.server.pm.PackageManagerService.ENABLE_ROLLBACK_STATUS; import static com.android.server.pm.PackageManagerService.ENABLE_ROLLBACK_TIMEOUT; import static com.android.server.pm.PackageManagerService.INSTANT_APP_RESOLUTION_PHASE_TWO; -import static com.android.server.pm.PackageManagerService.INTEGRITY_VERIFICATION_COMPLETE; import static com.android.server.pm.PackageManagerService.PACKAGE_VERIFIED; import static com.android.server.pm.PackageManagerService.POST_INSTALL; import static com.android.server.pm.PackageManagerService.PRUNE_UNUSED_STATIC_SHARED_LIBRARIES; @@ -149,42 +147,6 @@ final class PackageHandler extends Handler { break; } - case CHECK_PENDING_INTEGRITY_VERIFICATION: { - final int verificationId = msg.arg1; - final PackageVerificationState state = mPm.mPendingVerification.get(verificationId); - - if (state != null && !state.isIntegrityVerificationComplete()) { - final VerifyingSession verifyingSession = state.getVerifyingSession(); - final Uri originUri = Uri.fromFile(verifyingSession.mOriginInfo.mResolvedFile); - - String errorMsg = "Integrity verification timed out for " + originUri; - Slog.i(TAG, errorMsg); - - state.setIntegrityVerificationResult( - getDefaultIntegrityVerificationResponse()); - - if (getDefaultIntegrityVerificationResponse() - == PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW) { - Slog.i(TAG, "Integrity check times out, continuing with " + originUri); - } else { - verifyingSession.setReturnCode( - PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE, - errorMsg); - } - - if (state.areAllVerificationsComplete()) { - mPm.mPendingVerification.remove(verificationId); - } - - Trace.asyncTraceEnd( - TRACE_TAG_PACKAGE_MANAGER, - "integrity_verification", - verificationId); - - verifyingSession.handleIntegrityVerificationFinished(); - } - break; - } case PACKAGE_VERIFIED: { final int verificationId = msg.arg1; @@ -205,42 +167,6 @@ final class PackageHandler extends Handler { break; } - case INTEGRITY_VERIFICATION_COMPLETE: { - final int verificationId = msg.arg1; - - final PackageVerificationState state = mPm.mPendingVerification.get(verificationId); - if (state == null) { - Slog.w(TAG, "Integrity verification with id " + verificationId - + " not found. It may be invalid or overridden by verifier"); - break; - } - - final int response = (Integer) msg.obj; - final VerifyingSession verifyingSession = state.getVerifyingSession(); - final Uri originUri = Uri.fromFile(verifyingSession.mOriginInfo.mResolvedFile); - - state.setIntegrityVerificationResult(response); - - if (response == PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW) { - Slog.i(TAG, "Integrity check passed for " + originUri); - } else { - verifyingSession.setReturnCode( - PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE, - "Integrity check failed for " + originUri); - } - - if (state.areAllVerificationsComplete()) { - mPm.mPendingVerification.remove(verificationId); - } - - Trace.asyncTraceEnd( - TRACE_TAG_PACKAGE_MANAGER, - "integrity_verification", - verificationId); - - verifyingSession.handleIntegrityVerificationFinished(); - break; - } case INSTANT_APP_RESOLUTION_PHASE_TWO: { InstantAppResolver.doInstantAppResolutionPhaseTwo(mPm.mContext, mPm.snapshotComputer(), diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index f9c103762815..b22bc2b8c5be 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -922,8 +922,8 @@ public class PackageManagerService implements PackageSender, TestUtilityService static final int ENABLE_ROLLBACK_TIMEOUT = 22; static final int DEFERRED_NO_KILL_POST_DELETE = 23; static final int DEFERRED_NO_KILL_INSTALL_OBSERVER = 24; - static final int INTEGRITY_VERIFICATION_COMPLETE = 25; - static final int CHECK_PENDING_INTEGRITY_VERIFICATION = 26; + // static final int UNUSED = 25; + // static final int UNUSED = 26; static final int DOMAIN_VERIFICATION = 27; static final int PRUNE_UNUSED_STATIC_SHARED_LIBRARIES = 28; static final int DEFERRED_PENDING_KILL_INSTALL_OBSERVER = 29; @@ -7023,12 +7023,10 @@ public class PackageManagerService implements PackageSender, TestUtilityService return mSettings.isPermissionUpgradeNeeded(userId); } + @Deprecated @Override public void setIntegrityVerificationResult(int verificationId, int verificationResult) { - final Message msg = mHandler.obtainMessage(INTEGRITY_VERIFICATION_COMPLETE); - msg.arg1 = verificationId; - msg.obj = verificationResult; - mHandler.sendMessage(msg); + // Do nothing. } @Override diff --git a/services/core/java/com/android/server/pm/PackageVerificationState.java b/services/core/java/com/android/server/pm/PackageVerificationState.java index 0b6ccc41d956..63c2ee2e5454 100644 --- a/services/core/java/com/android/server/pm/PackageVerificationState.java +++ b/services/core/java/com/android/server/pm/PackageVerificationState.java @@ -43,8 +43,6 @@ class PackageVerificationState { private boolean mRequiredVerificationPassed; - private boolean mIntegrityVerificationComplete; - /** * Create a new package verification state where {@code requiredVerifierUid} is the user ID for * the package that must reply affirmative before things can continue. @@ -213,15 +211,7 @@ class PackageVerificationState { return mExtendedTimeoutUids.get(uid, false); } - void setIntegrityVerificationResult(int code) { - mIntegrityVerificationComplete = true; - } - - boolean isIntegrityVerificationComplete() { - return mIntegrityVerificationComplete; - } - boolean areAllVerificationsComplete() { - return mIntegrityVerificationComplete && isVerificationComplete(); + return isVerificationComplete(); } } diff --git a/services/core/java/com/android/server/pm/VerifyingSession.java b/services/core/java/com/android/server/pm/VerifyingSession.java index f7eb29fe3ee9..542ae8eb9207 100644 --- a/services/core/java/com/android/server/pm/VerifyingSession.java +++ b/services/core/java/com/android/server/pm/VerifyingSession.java @@ -28,7 +28,6 @@ import static android.os.PowerWhitelistManager.REASON_PACKAGE_VERIFIER; import static android.os.PowerWhitelistManager.TEMPORARY_ALLOWLIST_TYPE_FOREGROUND_SERVICE_ALLOWED; import static android.os.Trace.TRACE_TAG_PACKAGE_MANAGER; -import static com.android.server.pm.PackageManagerService.CHECK_PENDING_INTEGRITY_VERIFICATION; import static com.android.server.pm.PackageManagerService.CHECK_PENDING_VERIFICATION; import static com.android.server.pm.PackageManagerService.DEBUG_INSTALL; import static com.android.server.pm.PackageManagerService.DEBUG_VERIFY; @@ -87,11 +86,6 @@ final class VerifyingSession { * Whether verification is enabled by default. */ private static final boolean DEFAULT_VERIFY_ENABLE = true; - - /** - * Whether integrity verification is enabled by default. - */ - private static final boolean DEFAULT_INTEGRITY_VERIFY_ENABLE = true; /** * The default maximum time to wait for the integrity verification to return in * milliseconds. @@ -129,7 +123,6 @@ final class VerifyingSession { private final boolean mUserActionRequired; private final int mUserActionRequiredType; private boolean mWaitForVerificationToComplete; - private boolean mWaitForIntegrityVerificationToComplete; private boolean mWaitForEnableRollbackToComplete; private int mRet = PackageManager.INSTALL_SUCCEEDED; private String mErrorMessage = null; @@ -217,7 +210,6 @@ final class VerifyingSession { new PackageVerificationState(this); mPm.mPendingVerification.append(verificationId, verificationState); - sendIntegrityVerificationRequest(verificationId, pkgLite, verificationState); sendPackageVerificationRequest( verificationId, pkgLite, verificationState); @@ -270,89 +262,6 @@ final class VerifyingSession { mPm.mHandler.sendMessageDelayed(msg, rollbackTimeout); } - /** - * Send a request to check the integrity of the package. - */ - void sendIntegrityVerificationRequest( - int verificationId, - PackageInfoLite pkgLite, - PackageVerificationState verificationState) { - if (!isIntegrityVerificationEnabled()) { - // Consider the integrity check as passed. - verificationState.setIntegrityVerificationResult( - PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - return; - } - - final Intent integrityVerification = - new Intent(Intent.ACTION_PACKAGE_NEEDS_INTEGRITY_VERIFICATION); - - integrityVerification.setDataAndType(Uri.fromFile(new File(mOriginInfo.mResolvedPath)), - PACKAGE_MIME_TYPE); - - final int flags = Intent.FLAG_GRANT_READ_URI_PERMISSION - | Intent.FLAG_RECEIVER_REGISTERED_ONLY - | Intent.FLAG_RECEIVER_FOREGROUND; - integrityVerification.addFlags(flags); - - integrityVerification.putExtra(EXTRA_VERIFICATION_ID, verificationId); - integrityVerification.putExtra(EXTRA_PACKAGE_NAME, pkgLite.packageName); - integrityVerification.putExtra(EXTRA_VERSION_CODE, pkgLite.versionCode); - integrityVerification.putExtra(EXTRA_LONG_VERSION_CODE, pkgLite.getLongVersionCode()); - populateInstallerExtras(integrityVerification); - - // send to integrity component only. - integrityVerification.setPackage("android"); - - final BroadcastOptions options = BroadcastOptions.makeBasic(); - - mPm.mContext.sendOrderedBroadcastAsUser(integrityVerification, UserHandle.SYSTEM, - /* receiverPermission= */ null, - /* appOp= */ AppOpsManager.OP_NONE, - /* options= */ options.toBundle(), - new BroadcastReceiver() { - @Override - public void onReceive(Context context, Intent intent) { - final Message msg = - mPm.mHandler.obtainMessage(CHECK_PENDING_INTEGRITY_VERIFICATION); - msg.arg1 = verificationId; - mPm.mHandler.sendMessageDelayed(msg, getIntegrityVerificationTimeout()); - } - }, /* scheduler= */ null, - /* initialCode= */ 0, - /* initialData= */ null, - /* initialExtras= */ null); - - Trace.asyncTraceBegin( - TRACE_TAG_PACKAGE_MANAGER, "integrity_verification", verificationId); - - // stop the copy until verification succeeds. - mWaitForIntegrityVerificationToComplete = true; - } - - - /** - * Get the integrity verification timeout. - * - * @return verification timeout in milliseconds - */ - private long getIntegrityVerificationTimeout() { - long timeout = Settings.Global.getLong(mPm.mContext.getContentResolver(), - Settings.Global.APP_INTEGRITY_VERIFICATION_TIMEOUT, - DEFAULT_INTEGRITY_VERIFICATION_TIMEOUT); - // The setting can be used to increase the timeout but not decrease it, since that is - // equivalent to disabling the integrity component. - return Math.max(timeout, DEFAULT_INTEGRITY_VERIFICATION_TIMEOUT); - } - - /** - * Check whether or not integrity verification has been enabled. - */ - private boolean isIntegrityVerificationEnabled() { - // We are not exposing this as a user-configurable setting because we don't want to provide - // an easy way to get around the integrity check. - return DEFAULT_INTEGRITY_VERIFY_ENABLE; - } /** * Send a request to verifier(s) to verify the package if necessary. @@ -827,11 +736,6 @@ final class VerifyingSession { handleReturnCode(); } - void handleIntegrityVerificationFinished() { - mWaitForIntegrityVerificationToComplete = false; - handleReturnCode(); - } - void handleRollbackEnabled() { // TODO(b/112431924): Consider halting the install if we // couldn't enable rollback. @@ -840,7 +744,7 @@ final class VerifyingSession { } void handleReturnCode() { - if (mWaitForVerificationToComplete || mWaitForIntegrityVerificationToComplete + if (mWaitForVerificationToComplete || mWaitForEnableRollbackToComplete) { return; } diff --git a/services/tests/PackageManagerServiceTests/server/src/com/android/server/pm/PackageVerificationStateTest.java b/services/tests/PackageManagerServiceTests/server/src/com/android/server/pm/PackageVerificationStateTest.java index a93e8ad93756..97f1bd46678f 100644 --- a/services/tests/PackageManagerServiceTests/server/src/com/android/server/pm/PackageVerificationStateTest.java +++ b/services/tests/PackageManagerServiceTests/server/src/com/android/server/pm/PackageVerificationStateTest.java @@ -574,57 +574,16 @@ public class PackageVerificationStateTest extends AndroidTestCase { assertTrue(state.isInstallAllowed()); } - public void testAreAllVerificationsComplete_onlyVerificationPasses() { + public void testAreAllVerificationsComplete() { PackageVerificationState state = new PackageVerificationState(null); state.addRequiredVerifierUid(REQUIRED_UID_1); assertFalse(state.areAllVerificationsComplete()); state.setVerifierResponse(REQUIRED_UID_1, PackageManager.VERIFICATION_ALLOW); - assertFalse(state.areAllVerificationsComplete()); - } - - public void testAreAllVerificationsComplete_onlyIntegrityCheckPasses() { - PackageVerificationState state = new PackageVerificationState(null); - state.addRequiredVerifierUid(REQUIRED_UID_1); - assertFalse(state.areAllVerificationsComplete()); - - state.setIntegrityVerificationResult(PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - - assertFalse(state.areAllVerificationsComplete()); - } - - public void testAreAllVerificationsComplete_bothPasses() { - PackageVerificationState state = new PackageVerificationState(null); - state.addRequiredVerifierUid(REQUIRED_UID_1); - assertFalse(state.areAllVerificationsComplete()); - - state.setIntegrityVerificationResult(PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - state.setVerifierResponse(REQUIRED_UID_1, PackageManager.VERIFICATION_ALLOW); - assertTrue(state.areAllVerificationsComplete()); } - public void testAreAllVerificationsComplete_onlyVerificationFails() { - PackageVerificationState state = new PackageVerificationState(null); - state.addRequiredVerifierUid(REQUIRED_UID_1); - assertFalse(state.areAllVerificationsComplete()); - - state.setVerifierResponse(REQUIRED_UID_1, PackageManager.VERIFICATION_REJECT); - - assertFalse(state.areAllVerificationsComplete()); - } - - public void testAreAllVerificationsComplete_onlyIntegrityCheckFails() { - PackageVerificationState state = new PackageVerificationState(null); - state.addRequiredVerifierUid(REQUIRED_UID_1); - assertFalse(state.areAllVerificationsComplete()); - - state.setIntegrityVerificationResult(PackageManagerInternal.INTEGRITY_VERIFICATION_REJECT); - - assertFalse(state.areAllVerificationsComplete()); - } - private void processOnTimeout(PackageVerificationState state, int code, int uid) { // CHECK_PENDING_VERIFICATION handler. assertFalse("Verification should not be marked as complete yet", diff --git a/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java b/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java deleted file mode 100644 index fd221185bacf..000000000000 --- a/services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java +++ /dev/null @@ -1,295 +0,0 @@ -/* - * Copyright (C) 2019 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.android.server.integrity; - -import static android.content.integrity.AppIntegrityManager.EXTRA_STATUS; -import static android.content.integrity.AppIntegrityManager.STATUS_FAILURE; -import static android.content.integrity.AppIntegrityManager.STATUS_SUCCESS; -import static android.content.integrity.InstallerAllowedByManifestFormula.INSTALLER_CERTIFICATE_NOT_EVALUATED; -import static android.content.pm.PackageManager.EXTRA_VERIFICATION_ID; -import static android.content.pm.PackageManager.EXTRA_VERIFICATION_INSTALLER_PACKAGE; -import static android.content.pm.PackageManager.EXTRA_VERIFICATION_INSTALLER_UID; - -import static com.google.common.truth.Truth.assertThat; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.ArgumentMatchers.anyInt; -import static org.mockito.ArgumentMatchers.anyLong; -import static org.mockito.ArgumentMatchers.eq; -import static org.mockito.Mockito.atLeastOnce; -import static org.mockito.Mockito.doReturn; -import static org.mockito.Mockito.doThrow; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.spy; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; - -import static java.nio.file.StandardCopyOption.REPLACE_EXISTING; - -import android.content.BroadcastReceiver; -import android.content.Context; -import android.content.Intent; -import android.content.IntentFilter; -import android.content.IntentSender; -import android.content.integrity.AppInstallMetadata; -import android.content.integrity.AtomicFormula; -import android.content.integrity.IntegrityFormula; -import android.content.integrity.Rule; -import android.content.pm.ApplicationInfo; -import android.content.pm.PackageInfo; -import android.content.pm.PackageManager; -import android.content.pm.PackageManagerInternal; -import android.content.pm.ParceledListSlice; -import android.content.res.Resources; -import android.net.Uri; -import android.os.Handler; -import android.os.Message; -import android.provider.Settings; - -import androidx.test.InstrumentationRegistry; - -import com.android.internal.R; -import com.android.server.compat.PlatformCompat; -import com.android.server.testutils.TestUtils; - -import org.junit.After; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.junit.runners.JUnit4; -import org.mockito.ArgumentCaptor; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnit; -import org.mockito.junit.MockitoRule; - -import java.io.File; -import java.io.IOException; -import java.io.InputStream; -import java.nio.file.Files; -import java.util.Arrays; -import java.util.List; -import java.util.Map; -import java.util.function.Supplier; - -/** Unit test for {@link com.android.server.integrity.AppIntegrityManagerServiceImpl} */ -@RunWith(JUnit4.class) -public class AppIntegrityManagerServiceImplTest { - private static final String TEST_APP_PATH = - "AppIntegrityManagerServiceImplTest/AppIntegrityManagerServiceTestApp.apk"; - - private static final String TEST_APP_TWO_CERT_PATH = - "AppIntegrityManagerServiceImplTest/DummyAppTwoCerts.apk"; - - private static final String TEST_APP_SOURCE_STAMP_PATH = - "AppIntegrityManagerServiceImplTest/SourceStampTestApk.apk"; - - private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive"; - private static final String VERSION = "version"; - private static final String TEST_FRAMEWORK_PACKAGE = "com.android.frameworks.servicestests"; - - private static final String PACKAGE_NAME = "com.test.app"; - - private static final long VERSION_CODE = 100; - private static final String INSTALLER = "com.long.random.test.installer.name"; - - // These are obtained by running the test and checking logcat. - private static final String APP_CERT = - "F14CFECF5070874C05D3D2FA98E046BE20BDE02A0DC74BAF6B59C6A0E4C06850"; - // We use SHA256 for package names longer than 32 characters. - private static final String INSTALLER_SHA256 = - "30F41A7CBF96EE736A54DD6DF759B50ED3CC126ABCEF694E167C324F5976C227"; - private static final String SOURCE_STAMP_CERTIFICATE_HASH = - "C6E737809CEF2B08CC6694892215F82A5E8FBC3C2A0F6212770310B90622D2D9"; - - private static final String DUMMY_APP_TWO_CERTS_CERT_1 = - "C0369C2A1096632429DFA8433068AECEAD00BAC337CA92A175036D39CC9AFE94"; - private static final String DUMMY_APP_TWO_CERTS_CERT_2 = - "94366E0A80F3A3F0D8171A15760B88E228CD6E1101F0414C98878724FBE70147"; - - private static final String PLAY_STORE_PKG = "com.android.vending"; - private static final String ADB_INSTALLER = "adb"; - private static final String PLAY_STORE_CERT = "play_store_cert"; - - @org.junit.Rule public MockitoRule mMockitoRule = MockitoJUnit.rule(); - - @Mock PackageManagerInternal mPackageManagerInternal; - @Mock PlatformCompat mPlatformCompat; - @Mock Context mMockContext; - @Mock Resources mMockResources; - @Mock Handler mHandler; - - private final Context mRealContext = InstrumentationRegistry.getTargetContext(); - - private PackageManager mSpyPackageManager; - private File mTestApk; - private File mTestApkTwoCerts; - private File mTestApkSourceStamp; - - // under test - private AppIntegrityManagerServiceImpl mService; - - @Before - public void setup() throws Exception { - mTestApk = File.createTempFile("AppIntegrity", ".apk"); - try (InputStream inputStream = mRealContext.getAssets().open(TEST_APP_PATH)) { - Files.copy(inputStream, mTestApk.toPath(), REPLACE_EXISTING); - } - - mTestApkTwoCerts = File.createTempFile("AppIntegrityTwoCerts", ".apk"); - try (InputStream inputStream = mRealContext.getAssets().open(TEST_APP_TWO_CERT_PATH)) { - Files.copy(inputStream, mTestApkTwoCerts.toPath(), REPLACE_EXISTING); - } - - mTestApkSourceStamp = File.createTempFile("AppIntegritySourceStamp", ".apk"); - try (InputStream inputStream = mRealContext.getAssets().open(TEST_APP_SOURCE_STAMP_PATH)) { - Files.copy(inputStream, mTestApkSourceStamp.toPath(), REPLACE_EXISTING); - } - - mService = - new AppIntegrityManagerServiceImpl( - mMockContext, - mPackageManagerInternal, - mHandler); - - mSpyPackageManager = spy(mRealContext.getPackageManager()); - // setup mocks to prevent NPE - when(mMockContext.getPackageManager()).thenReturn(mSpyPackageManager); - when(mMockContext.getResources()).thenReturn(mMockResources); - when(mMockResources.getStringArray(anyInt())).thenReturn(new String[] {}); - // These are needed to override the Settings.Global.get result. - when(mMockContext.getContentResolver()).thenReturn(mRealContext.getContentResolver()); - setIntegrityCheckIncludesRuleProvider(true); - } - - @After - public void tearDown() throws Exception { - mTestApk.delete(); - mTestApkTwoCerts.delete(); - mTestApkSourceStamp.delete(); - } - - @Test - public void broadcastReceiverRegistration() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - ArgumentCaptor<IntentFilter> intentFilterCaptor = - ArgumentCaptor.forClass(IntentFilter.class); - - verify(mMockContext).registerReceiver(any(), intentFilterCaptor.capture(), any(), any()); - assertEquals(1, intentFilterCaptor.getValue().countActions()); - assertEquals( - Intent.ACTION_PACKAGE_NEEDS_INTEGRITY_VERIFICATION, - intentFilterCaptor.getValue().getAction(0)); - assertEquals(1, intentFilterCaptor.getValue().countDataTypes()); - assertEquals(PACKAGE_MIME_TYPE, intentFilterCaptor.getValue().getDataType(0)); - } - - @Test - public void handleBroadcast_allow() throws Exception { - allowlistUsAsRuleProvider(); - makeUsSystemApp(); - ArgumentCaptor<BroadcastReceiver> broadcastReceiverCaptor = - ArgumentCaptor.forClass(BroadcastReceiver.class); - verify(mMockContext) - .registerReceiver(broadcastReceiverCaptor.capture(), any(), any(), any()); - Intent intent = makeVerificationIntent(); - - broadcastReceiverCaptor.getValue().onReceive(mMockContext, intent); - runJobInHandler(); - - verify(mPackageManagerInternal) - .setIntegrityVerificationResult( - 1, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); - } - - private void allowlistUsAsRuleProvider() { - Resources mockResources = mock(Resources.class); - when(mockResources.getStringArray(R.array.config_integrityRuleProviderPackages)) - .thenReturn(new String[] {TEST_FRAMEWORK_PACKAGE}); - when(mMockContext.getResources()).thenReturn(mockResources); - } - - private void runJobInHandler() { - ArgumentCaptor<Message> messageCaptor = ArgumentCaptor.forClass(Message.class); - // sendMessageAtTime is the first non-final method in the call chain when "post" is invoked. - verify(mHandler).sendMessageAtTime(messageCaptor.capture(), anyLong()); - messageCaptor.getValue().getCallback().run(); - } - - private void makeUsSystemApp() throws Exception { - makeUsSystemApp(true); - } - - private void makeUsSystemApp(boolean isSystemApp) throws Exception { - PackageInfo packageInfo = - mRealContext.getPackageManager().getPackageInfo(TEST_FRAMEWORK_PACKAGE, 0); - if (isSystemApp) { - packageInfo.applicationInfo.flags |= ApplicationInfo.FLAG_SYSTEM; - } else { - packageInfo.applicationInfo.flags &= ~ApplicationInfo.FLAG_SYSTEM; - } - doReturn(packageInfo) - .when(mSpyPackageManager) - .getPackageInfo(eq(TEST_FRAMEWORK_PACKAGE), anyInt()); - when(mMockContext.getPackageManager()).thenReturn(mSpyPackageManager); - } - - private Intent makeVerificationIntent() throws Exception { - PackageInfo packageInfo = - mRealContext - .getPackageManager() - .getPackageInfo( - TEST_FRAMEWORK_PACKAGE, PackageManager.GET_SIGNING_CERTIFICATES); - doReturn(packageInfo).when(mSpyPackageManager).getPackageInfo(eq(INSTALLER), anyInt()); - doReturn(1).when(mSpyPackageManager).getPackageUid(eq(INSTALLER), anyInt()); - doReturn(new String[]{INSTALLER}).when(mSpyPackageManager).getPackagesForUid(anyInt()); - return makeVerificationIntent(INSTALLER); - } - - private Intent makeVerificationIntent(String installer) throws Exception { - Intent intent = new Intent(); - intent.setDataAndType(Uri.fromFile(mTestApk), PACKAGE_MIME_TYPE); - intent.setAction(Intent.ACTION_PACKAGE_NEEDS_INTEGRITY_VERIFICATION); - intent.putExtra(EXTRA_VERIFICATION_ID, 1); - intent.putExtra(Intent.EXTRA_PACKAGE_NAME, PACKAGE_NAME); - intent.putExtra(EXTRA_VERIFICATION_INSTALLER_PACKAGE, installer); - intent.putExtra( - EXTRA_VERIFICATION_INSTALLER_UID, - mMockContext.getPackageManager().getPackageUid(installer, /* flags= */ 0)); - intent.putExtra(Intent.EXTRA_LONG_VERSION_CODE, VERSION_CODE); - return intent; - } - - private void setIntegrityCheckIncludesRuleProvider(boolean shouldInclude) throws Exception { - int value = shouldInclude ? 1 : 0; - Settings.Global.putInt( - mRealContext.getContentResolver(), - Settings.Global.INTEGRITY_CHECK_INCLUDES_RULE_PROVIDER, - value); - assertThat( - Settings.Global.getInt( - mRealContext.getContentResolver(), - Settings.Global.INTEGRITY_CHECK_INCLUDES_RULE_PROVIDER, - -1) - == 1) - .isEqualTo(shouldInclude); - } -} |