diff options
| -rw-r--r-- | core/java/android/security/flags.aconfig | 7 | ||||
| -rw-r--r-- | services/core/java/com/android/server/BinaryTransparencyService.java | 29 |
2 files changed, 13 insertions, 23 deletions
diff --git a/core/java/android/security/flags.aconfig b/core/java/android/security/flags.aconfig index 09137c3a7b65..edfb78e59fe3 100644 --- a/core/java/android/security/flags.aconfig +++ b/core/java/android/security/flags.aconfig @@ -52,13 +52,6 @@ flag { } flag { - name: "binary_transparency_sepolicy_hash" - namespace: "hardware_backed_security" - description: "Collect sepolicy hash from sysfs" - bug: "308471499" -} - -flag { name: "frp_enforcement" is_exported: true namespace: "hardware_backed_security" diff --git a/services/core/java/com/android/server/BinaryTransparencyService.java b/services/core/java/com/android/server/BinaryTransparencyService.java index 1d914c89c570..6ac2180176ce 100644 --- a/services/core/java/com/android/server/BinaryTransparencyService.java +++ b/services/core/java/com/android/server/BinaryTransparencyService.java @@ -85,6 +85,8 @@ import com.android.internal.os.IBinaryTransparencyService; import com.android.internal.util.FrameworkStatsLog; import com.android.modules.expresslog.Histogram; import com.android.server.pm.ApexManager; +import com.android.server.pm.BackgroundInstallControlCallbackHelper; +import com.android.server.pm.BackgroundInstallControlService; import com.android.server.pm.pkg.AndroidPackage; import com.android.server.pm.pkg.AndroidPackageSplit; import com.android.server.pm.pkg.PackageState; @@ -101,9 +103,6 @@ import java.util.Map; import java.util.concurrent.Executors; import java.util.stream.Collectors; -import com.android.server.pm.BackgroundInstallControlService; -import com.android.server.pm.BackgroundInstallControlCallbackHelper; - /** * @hide */ @@ -1577,19 +1576,17 @@ public class BinaryTransparencyService extends SystemService { Slog.d(TAG, String.format("VBMeta Digest: %s", mVbmetaDigest)); FrameworkStatsLog.write(FrameworkStatsLog.VBMETA_DIGEST_REPORTED, mVbmetaDigest); - if (android.security.Flags.binaryTransparencySepolicyHash()) { - IoThread.getExecutor().execute(() -> { - byte[] sepolicyHash = PackageUtils.computeSha256DigestForLargeFileAsBytes( - "/sys/fs/selinux/policy", PackageUtils.createLargeFileBuffer()); - String sepolicyHashEncoded = null; - if (sepolicyHash != null) { - sepolicyHashEncoded = HexEncoding.encodeToString(sepolicyHash, false); - Slog.d(TAG, "sepolicy hash: " + sepolicyHashEncoded); - } - FrameworkStatsLog.write(FrameworkStatsLog.BOOT_INTEGRITY_INFO_REPORTED, - sepolicyHashEncoded, mVbmetaDigest); - }); - } + IoThread.getExecutor().execute(() -> { + byte[] sepolicyHash = PackageUtils.computeSha256DigestForLargeFileAsBytes( + "/sys/fs/selinux/policy", PackageUtils.createLargeFileBuffer()); + String sepolicyHashEncoded = null; + if (sepolicyHash != null) { + sepolicyHashEncoded = HexEncoding.encodeToString(sepolicyHash, false); + Slog.d(TAG, "sepolicy hash: " + sepolicyHashEncoded); + } + FrameworkStatsLog.write(FrameworkStatsLog.BOOT_INTEGRITY_INFO_REPORTED, + sepolicyHashEncoded, mVbmetaDigest); + }); } /** |