summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--services/core/jni/com_android_server_security_VerityUtils.cpp9
1 files changed, 7 insertions, 2 deletions
diff --git a/services/core/jni/com_android_server_security_VerityUtils.cpp b/services/core/jni/com_android_server_security_VerityUtils.cpp
index 9ceb7706628a..3f165af007ba 100644
--- a/services/core/jni/com_android_server_security_VerityUtils.cpp
+++ b/services/core/jni/com_android_server_security_VerityUtils.cpp
@@ -17,6 +17,7 @@
#define LOG_TAG "VerityUtils"
#include <nativehelper/JNIHelp.h>
+#include <nativehelper/ScopedPrimitiveArray.h>
#include "jni.h"
#include <utils/Log.h>
@@ -78,6 +79,10 @@ int enableFsverity(JNIEnv* env, jobject /* clazz */, jstring filePath, jbyteArra
if (rfd.get() < 0) {
return errno;
}
+ ScopedByteArrayRO signature_bytes(env, signature);
+ if (signature_bytes.get() == nullptr) {
+ return EINVAL;
+ }
fsverity_enable_arg arg = {};
arg.version = 1;
@@ -85,8 +90,8 @@ int enableFsverity(JNIEnv* env, jobject /* clazz */, jstring filePath, jbyteArra
arg.block_size = 4096;
arg.salt_size = 0;
arg.salt_ptr = reinterpret_cast<uintptr_t>(nullptr);
- arg.sig_size = env->GetArrayLength(signature);
- arg.sig_ptr = reinterpret_cast<uintptr_t>(signature);
+ arg.sig_size = signature_bytes.size();
+ arg.sig_ptr = reinterpret_cast<uintptr_t>(signature_bytes.get());
if (ioctl(rfd.get(), FS_IOC_ENABLE_VERITY, &arg) < 0) {
return errno;
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-06 22:26:18 +0000