From 456cd05c7e547bf32ae0e327c1118f2b3d016653 Mon Sep 17 00:00:00 2001 From: Yi-Yo Chiang Date: Tue, 22 Aug 2023 18:04:10 +0800 Subject: locksettings: Don't use AIDL V1 weaver V1 and V2 reports IWeaver.read() errors differently. V1 throws ServiceSpecificException wrapping an error code. V2 returns the error code in the output parcel. The current client code expects the weaver HAL to be V2 or newer, however it doesn't check if the actual service version is V2 or not. If the service is V1, then IWeaver.read() errors would become unhandled exception, crashing the system_server. Since Weaver AIDL V1 is broken and should never be used, don't use Weaver AIDL V1 services. This fixes a regression in Android 14 where AIDL V1 started being used when available. Bug: 296984182 Bug: 296512452 Test: Boot on old (tm) vendor Merged-In: I32306fb8473c655e68d89d63a1e4f00c8bb5d61f Change-Id: I32306fb8473c655e68d89d63a1e4f00c8bb5d61f (cherry picked from commit 048aaf42d7073d2c45377154badbe3732103047b) --- .../locksettings/SyntheticPasswordManager.java | 53 ++++++++++++++++------ 1 file changed, 39 insertions(+), 14 deletions(-) diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java index a95b968b0bcf..11c0f5183e21 100644 --- a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java +++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java @@ -72,7 +72,6 @@ import java.util.NoSuchElementException; import java.util.Objects; import java.util.Set; - /** * A class that manages a user's synthetic password (SP) ({@link #SyntheticPassword}), along with a * set of SP protectors that are independent ways that the SP is protected. @@ -547,22 +546,48 @@ class SyntheticPasswordManager { } } - private @Nullable IWeaver getWeaverServiceInternal() { - // Try to get the AIDL service first + private @Nullable IWeaver getWeaverAidlService() { + final IWeaver aidlWeaver; try { - IWeaver aidlWeaver = IWeaver.Stub.asInterface( - ServiceManager.waitForDeclaredService(IWeaver.DESCRIPTOR + "/default")); - if (aidlWeaver != null) { - Slog.i(TAG, "Using AIDL weaver service"); - try { - aidlWeaver.asBinder().linkToDeath(new WeaverDiedRecipient(), 0); - } catch (RemoteException e) { - Slog.w(TAG, "Unable to register Weaver death recipient", e); - } - return aidlWeaver; - } + aidlWeaver = + IWeaver.Stub.asInterface( + ServiceManager.waitForDeclaredService(IWeaver.DESCRIPTOR + "/default")); } catch (SecurityException e) { Slog.w(TAG, "Does not have permissions to get AIDL weaver service"); + return null; + } + if (aidlWeaver == null) { + return null; + } + final int aidlVersion; + try { + aidlVersion = aidlWeaver.getInterfaceVersion(); + } catch (RemoteException e) { + Slog.e(TAG, "Cannot get AIDL weaver service version", e); + return null; + } + if (aidlVersion < 2) { + Slog.w(TAG, + "Ignoring AIDL weaver service v" + + aidlVersion + + " because only v2 and later are supported"); + return null; + } + Slog.i(TAG, "Found AIDL weaver service v" + aidlVersion); + return aidlWeaver; + } + + private @Nullable IWeaver getWeaverServiceInternal() { + // Try to get the AIDL service first + IWeaver aidlWeaver = getWeaverAidlService(); + if (aidlWeaver != null) { + Slog.i(TAG, "Using AIDL weaver service"); + try { + aidlWeaver.asBinder().linkToDeath(new WeaverDiedRecipient(), 0); + } catch (RemoteException e) { + Slog.w(TAG, "Unable to register Weaver death recipient", e); + } + return aidlWeaver; } // If the AIDL service can't be found, look for the HIDL service -- cgit v1.2.3-59-g8ed1b