diff options
| -rw-r--r-- | services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java | 9 | ||||
| -rw-r--r-- | services/core/java/com/android/server/integrity/IntegrityFileManager.java | 15 |
2 files changed, 20 insertions, 4 deletions
diff --git a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java index f3d60f5701fa..33e12c6d4fec 100644 --- a/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java +++ b/services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java @@ -196,6 +196,15 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { private void handleIntegrityVerification(Intent intent) { int verificationId = intent.getIntExtra(EXTRA_VERIFICATION_ID, -1); + + // Fail early if we don't have any rules at all. + if (!mIntegrityFileManager.initialized()) { + Slog.i(TAG, "Rules not initialized. Skipping integrity check."); + mPackageManagerInternal.setIntegrityVerificationResult( + verificationId, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); + return; + } + try { Slog.i(TAG, "Received integrity verification intent " + intent.toString()); Slog.i(TAG, "Extras " + intent.getExtras()); diff --git a/services/core/java/com/android/server/integrity/IntegrityFileManager.java b/services/core/java/com/android/server/integrity/IntegrityFileManager.java index e2247241d527..3fdaf6ccd5ab 100644 --- a/services/core/java/com/android/server/integrity/IntegrityFileManager.java +++ b/services/core/java/com/android/server/integrity/IntegrityFileManager.java @@ -74,10 +74,7 @@ public class IntegrityFileManager { } private IntegrityFileManager() { - this( - new RuleXmlParser(), - new RuleXmlSerializer(), - Environment.getDataSystemDirectory()); + this(new RuleXmlParser(), new RuleXmlSerializer(), Environment.getDataSystemDirectory()); } @VisibleForTesting @@ -103,6 +100,16 @@ public class IntegrityFileManager { } } + /** + * Returns if the rules have been initialized. + * + * <p>Used to fail early if there are no rules (so we don't need to parse the apk at all). + */ + public boolean initialized() { + return new File(mRulesDir, RULES_FILE).exists() + && new File(mRulesDir, METADATA_FILE).exists(); + } + /** Write rules to persistent storage. */ public void writeRules(String version, String ruleProvider, List<Rule> rules) throws IOException, RuleSerializeException { |