diff options
14 files changed, 28 insertions, 19 deletions
diff --git a/core/java/com/android/internal/security/OWNERS b/core/java/com/android/internal/security/OWNERS new file mode 100644 index 000000000000..41d1d6687c42 --- /dev/null +++ b/core/java/com/android/internal/security/OWNERS @@ -0,0 +1,3 @@ +# Bug component: 36824 + +per-file VerityUtils.java = victorhsieh@google.com diff --git a/services/core/java/com/android/server/security/TEST_MAPPING b/core/java/com/android/internal/security/TEST_MAPPING index 9a5e90e8681f..9a5e90e8681f 100644 --- a/services/core/java/com/android/server/security/TEST_MAPPING +++ b/core/java/com/android/internal/security/TEST_MAPPING diff --git a/services/core/java/com/android/server/security/VerityUtils.java b/core/java/com/android/internal/security/VerityUtils.java index 48a60387fee7..ef703a996001 100644 --- a/services/core/java/com/android/server/security/VerityUtils.java +++ b/core/java/com/android/internal/security/VerityUtils.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package com.android.server.security; +package com.android.internal.security; import android.annotation.NonNull; import android.os.Build; @@ -42,7 +42,7 @@ import java.security.NoSuchAlgorithmException; import java.util.Arrays; /** Provides fsverity related operations. */ -abstract public class VerityUtils { +public abstract class VerityUtils { private static final String TAG = "VerityUtils"; /** @@ -156,8 +156,8 @@ abstract public class VerityUtils { return SetupResult.failed(); } return SetupResult.ok(Os.dup(rfd), contentSize); - } catch (IOException | SecurityException | DigestException | NoSuchAlgorithmException | - SignatureNotFoundException | ErrnoException e) { + } catch (IOException | SecurityException | DigestException | NoSuchAlgorithmException + | SignatureNotFoundException | ErrnoException e) { Slog.e(TAG, "Failed to set up apk verity: ", e); return SetupResult.failed(); } finally { @@ -243,14 +243,20 @@ abstract public class VerityUtils { private final FileDescriptor mFileDescriptor; private final int mContentSize; + /** @deprecated */ + @Deprecated public static SetupResult ok(@NonNull FileDescriptor fileDescriptor, int contentSize) { return new SetupResult(RESULT_OK, fileDescriptor, contentSize); } + /** @deprecated */ + @Deprecated public static SetupResult skipped() { return new SetupResult(RESULT_SKIPPED, null, -1); } + /** @deprecated */ + @Deprecated public static SetupResult failed() { return new SetupResult(RESULT_FAILED, null, -1); } diff --git a/core/jni/Android.bp b/core/jni/Android.bp index d6d33873adaa..cea8b44a40ec 100644 --- a/core/jni/Android.bp +++ b/core/jni/Android.bp @@ -214,6 +214,7 @@ cc_library_shared { "com_android_internal_os_Zygote.cpp", "com_android_internal_os_ZygoteCommandBuffer.cpp", "com_android_internal_os_ZygoteInit.cpp", + "com_android_internal_security_VerityUtils.cpp", "hwbinder/EphemeralStorage.cpp", "fd_utils.cpp", "android_hardware_input_InputWindowHandle.cpp", diff --git a/core/jni/AndroidRuntime.cpp b/core/jni/AndroidRuntime.cpp index ddd861380fab..7ad1b49d3469 100644 --- a/core/jni/AndroidRuntime.cpp +++ b/core/jni/AndroidRuntime.cpp @@ -200,6 +200,7 @@ extern int register_com_android_internal_os_KernelSingleUidTimeReader(JNIEnv *en extern int register_com_android_internal_os_Zygote(JNIEnv *env); extern int register_com_android_internal_os_ZygoteCommandBuffer(JNIEnv *env); extern int register_com_android_internal_os_ZygoteInit(JNIEnv *env); +extern int register_com_android_internal_security_VerityUtils(JNIEnv* env); extern int register_com_android_internal_util_VirtualRefBasePtr(JNIEnv *env); // Namespace for Android Runtime flags applied during boot time. @@ -1534,6 +1535,7 @@ static const RegJNIRec gRegJNI[] = { REG_JNI(register_com_android_internal_os_Zygote), REG_JNI(register_com_android_internal_os_ZygoteCommandBuffer), REG_JNI(register_com_android_internal_os_ZygoteInit), + REG_JNI(register_com_android_internal_security_VerityUtils), REG_JNI(register_com_android_internal_util_VirtualRefBasePtr), REG_JNI(register_android_hardware_Camera), REG_JNI(register_android_hardware_camera2_CameraMetadata), diff --git a/services/core/jni/com_android_server_security_VerityUtils.cpp b/core/jni/com_android_internal_security_VerityUtils.cpp index dda44fb72cfc..411a392a075c 100644 --- a/services/core/jni/com_android_server_security_VerityUtils.cpp +++ b/core/jni/com_android_internal_security_VerityUtils.cpp @@ -19,8 +19,8 @@ #include <nativehelper/JNIHelp.h> #include <nativehelper/ScopedPrimitiveArray.h> #include <nativehelper/ScopedUtfChars.h> -#include "jni.h" #include <utils/Log.h> +#include "jni.h" #include <errno.h> #include <fcntl.h> @@ -39,7 +39,7 @@ namespace android { namespace { -int enableFsverity(JNIEnv* env, jobject /* clazz */, jstring filePath, jbyteArray signature) { +int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArray signature) { ScopedUtfChars path(env, filePath); if (path.c_str() == nullptr) { return EINVAL; @@ -124,11 +124,11 @@ const JNINativeMethod sMethods[] = { {"measureFsverityNative", "(Ljava/lang/String;[B)I", (void *)measureFsverity}, }; -} // namespace +} // namespace -int register_android_server_security_VerityUtils(JNIEnv* env) { - return jniRegisterNativeMethods(env, - "com/android/server/security/VerityUtils", sMethods, NELEM(sMethods)); +int register_com_android_internal_security_VerityUtils(JNIEnv *env) { + return jniRegisterNativeMethods(env, "com/android/internal/security/VerityUtils", sMethods, + NELEM(sMethods)); } -} // namespace android +} // namespace android diff --git a/services/core/java/com/android/server/graphics/fonts/FontManagerService.java b/services/core/java/com/android/server/graphics/fonts/FontManagerService.java index 900ec905609f..06adce81d8a1 100644 --- a/services/core/java/com/android/server/graphics/fonts/FontManagerService.java +++ b/services/core/java/com/android/server/graphics/fonts/FontManagerService.java @@ -37,11 +37,11 @@ import android.util.Slog; import com.android.internal.annotations.GuardedBy; import com.android.internal.graphics.fonts.IFontManager; +import com.android.internal.security.VerityUtils; import com.android.internal.util.DumpUtils; import com.android.internal.util.Preconditions; import com.android.server.LocalServices; import com.android.server.SystemService; -import com.android.server.security.VerityUtils; import java.io.File; import java.io.FileDescriptor; diff --git a/services/core/java/com/android/server/pm/ApkChecksums.java b/services/core/java/com/android/server/pm/ApkChecksums.java index 66ea55401cef..afce23fe7647 100644 --- a/services/core/java/com/android/server/pm/ApkChecksums.java +++ b/services/core/java/com/android/server/pm/ApkChecksums.java @@ -59,8 +59,8 @@ import android.util.apk.SignatureNotFoundException; import android.util.apk.VerityBuilder; import com.android.internal.annotations.VisibleForTesting; +import com.android.internal.security.VerityUtils; import com.android.server.pm.parsing.pkg.AndroidPackage; -import com.android.server.security.VerityUtils; import java.io.BufferedInputStream; import java.io.ByteArrayOutputStream; diff --git a/services/core/java/com/android/server/pm/PackageInstallerSession.java b/services/core/java/com/android/server/pm/PackageInstallerSession.java index 903652ab76a5..58e2aa2b7602 100644 --- a/services/core/java/com/android/server/pm/PackageInstallerSession.java +++ b/services/core/java/com/android/server/pm/PackageInstallerSession.java @@ -138,6 +138,7 @@ import com.android.internal.content.NativeLibraryHelper; import com.android.internal.content.PackageHelper; import com.android.internal.messages.nano.SystemMessageProto; import com.android.internal.os.SomeArgs; +import com.android.internal.security.VerityUtils; import com.android.internal.util.ArrayUtils; import com.android.internal.util.FrameworkStatsLog; import com.android.internal.util.IndentingPrintWriter; @@ -146,7 +147,6 @@ import com.android.server.LocalServices; import com.android.server.pm.Installer.InstallerException; import com.android.server.pm.dex.DexManager; import com.android.server.pm.parsing.pkg.AndroidPackage; -import com.android.server.security.VerityUtils; import libcore.io.IoUtils; import libcore.util.EmptyArray; diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index a1da241c6642..50dfac88c411 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -349,6 +349,7 @@ import com.android.internal.content.om.OverlayConfig; import com.android.internal.logging.MetricsLogger; import com.android.internal.os.SomeArgs; import com.android.internal.policy.AttributeCache; +import com.android.internal.security.VerityUtils; import com.android.internal.telephony.CarrierAppUtils; import com.android.internal.util.ArrayUtils; import com.android.internal.util.CollectionUtils; @@ -401,7 +402,6 @@ import com.android.server.pm.verify.domain.proxy.DomainVerificationProxy; import com.android.server.pm.verify.domain.proxy.DomainVerificationProxyV1; import com.android.server.pm.verify.domain.proxy.DomainVerificationProxyV2; import com.android.server.rollback.RollbackManagerInternal; -import com.android.server.security.VerityUtils; import com.android.server.storage.DeviceStorageMonitorInternal; import com.android.server.uri.UriGrantsManagerInternal; import com.android.server.utils.TimingsTraceAndSlog; diff --git a/services/core/java/com/android/server/security/FileIntegrityService.java b/services/core/java/com/android/server/security/FileIntegrityService.java index 74bb99351a6d..466ac74a8322 100644 --- a/services/core/java/com/android/server/security/FileIntegrityService.java +++ b/services/core/java/com/android/server/security/FileIntegrityService.java @@ -29,6 +29,7 @@ import android.os.UserHandle; import android.security.IFileIntegrityService; import android.util.Slog; +import com.android.internal.security.VerityUtils; import com.android.server.LocalServices; import com.android.server.SystemService; diff --git a/services/core/java/com/android/server/security/OWNERS b/services/core/java/com/android/server/security/OWNERS index 91b240bcb189..e6f5826557b5 100644 --- a/services/core/java/com/android/server/security/OWNERS +++ b/services/core/java/com/android/server/security/OWNERS @@ -1,4 +1,3 @@ # Bug component: 36824 per-file FileIntegrityService.java = victorhsieh@google.com -per-file VerityUtils.java = victorhsieh@google.com diff --git a/services/core/jni/Android.bp b/services/core/jni/Android.bp index 29bce792fe30..0a02a86e71a6 100644 --- a/services/core/jni/Android.bp +++ b/services/core/jni/Android.bp @@ -49,7 +49,6 @@ cc_library_static { "com_android_server_net_NetworkStatsService.cpp", "com_android_server_power_PowerManagerService.cpp", "com_android_server_powerstats_PowerStatsService.cpp", - "com_android_server_security_VerityUtils.cpp", "com_android_server_SerialService.cpp", "com_android_server_soundtrigger_middleware_AudioSessionProviderImpl.cpp", "com_android_server_soundtrigger_middleware_ExternalCaptureStateTracker.cpp", diff --git a/services/core/jni/onload.cpp b/services/core/jni/onload.cpp index 1815f0cd44c9..03a01523b8e2 100644 --- a/services/core/jni/onload.cpp +++ b/services/core/jni/onload.cpp @@ -52,7 +52,6 @@ int register_android_server_SyntheticPasswordManager(JNIEnv* env); int register_android_hardware_display_DisplayViewport(JNIEnv* env); int register_android_server_net_NetworkStatsFactory(JNIEnv* env); int register_android_server_net_NetworkStatsService(JNIEnv* env); -int register_android_server_security_VerityUtils(JNIEnv* env); int register_android_server_am_CachedAppOptimizer(JNIEnv* env); int register_android_server_am_LowMemDetector(JNIEnv* env); int register_com_android_server_soundtrigger_middleware_AudioSessionProviderImpl(JNIEnv* env); @@ -106,7 +105,6 @@ extern "C" jint JNI_OnLoad(JavaVM* vm, void* /* reserved */) register_android_hardware_display_DisplayViewport(env); register_android_server_net_NetworkStatsFactory(env); register_android_server_net_NetworkStatsService(env); - register_android_server_security_VerityUtils(env); register_android_server_am_CachedAppOptimizer(env); register_android_server_am_LowMemDetector(env); register_com_android_server_soundtrigger_middleware_AudioSessionProviderImpl(env); |