From f9049cf66f4bb452cfecc3b1ebff1ce92c1d4a22 Mon Sep 17 00:00:00 2001 From: Alex Buynytskyy Date: Wed, 1 Feb 2023 15:53:32 -0800 Subject: Addressing API comments. Bug: 266719856 Fixes: 266719856 Test: atest SettingsTest Change-Id: Idbf60f3a653feede3d85895120deaeb5544acc16 --- .../com/android/internal/security/VerityUtils.java | 10 ++++ .../com_android_internal_security_VerityUtils.cpp | 21 +++++--- services/api/current.txt | 5 +- .../core/java/com/android/server/pm/Settings.java | 6 +-- .../com/android/server/security/FileIntegrity.java | 58 ++++++++++++++++++++++ .../server/security/FileIntegrityLocal.java | 44 ---------------- 6 files changed, 87 insertions(+), 57 deletions(-) create mode 100644 services/core/java/com/android/server/security/FileIntegrity.java delete mode 100644 services/core/java/com/android/server/security/FileIntegrityLocal.java diff --git a/core/java/com/android/internal/security/VerityUtils.java b/core/java/com/android/internal/security/VerityUtils.java index 786941f31814..74a9d16c890d 100644 --- a/core/java/com/android/internal/security/VerityUtils.java +++ b/core/java/com/android/internal/security/VerityUtils.java @@ -81,6 +81,15 @@ public abstract class VerityUtils { } } + /** Enables fs-verity for an open file without signature. */ + public static void setUpFsverity(int fd) throws IOException { + int errno = enableFsverityForFdNative(fd); + if (errno != 0) { + throw new IOException("Failed to enable fs-verity on FD(" + fd + "): " + + Os.strerror(errno)); + } + } + /** Returns whether the file has fs-verity enabled. */ public static boolean hasFsverity(@NonNull String filePath) { int retval = statxForFsverityNative(filePath); @@ -211,6 +220,7 @@ public abstract class VerityUtils { } private static native int enableFsverityNative(@NonNull String filePath); + private static native int enableFsverityForFdNative(int fd); private static native int measureFsverityNative(@NonNull String filePath, @NonNull byte[] digest); private static native int statxForFsverityNative(@NonNull String filePath); diff --git a/core/jni/com_android_internal_security_VerityUtils.cpp b/core/jni/com_android_internal_security_VerityUtils.cpp index 3e5689ba8cef..4a9e2d4a192d 100644 --- a/core/jni/com_android_internal_security_VerityUtils.cpp +++ b/core/jni/com_android_internal_security_VerityUtils.cpp @@ -38,13 +38,8 @@ namespace android { namespace { -int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath) { - ScopedUtfChars path(env, filePath); - if (path.c_str() == nullptr) { - return EINVAL; - } - ::android::base::unique_fd rfd(open(path.c_str(), O_RDONLY | O_CLOEXEC)); - if (rfd.get() < 0) { +int enableFsverityForFd(JNIEnv *env, jobject clazz, jint fd) { + if (fd < 0) { return errno; } @@ -55,12 +50,21 @@ int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath) { arg.salt_size = 0; arg.salt_ptr = reinterpret_cast(nullptr); - if (ioctl(rfd.get(), FS_IOC_ENABLE_VERITY, &arg) < 0) { + if (ioctl(fd, FS_IOC_ENABLE_VERITY, &arg) < 0) { return errno; } return 0; } +int enableFsverity(JNIEnv *env, jobject clazz, jstring filePath) { + ScopedUtfChars path(env, filePath); + if (path.c_str() == nullptr) { + return EINVAL; + } + ::android::base::unique_fd rfd(open(path.c_str(), O_RDONLY | O_CLOEXEC)); + return enableFsverityForFd(env, clazz, rfd.get()); +} + // Returns whether the file has fs-verity enabled. // 0 if it is not present, 1 if is present, and -errno if there was an error. int statxForFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath) { @@ -126,6 +130,7 @@ int measureFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArr } const JNINativeMethod sMethods[] = { {"enableFsverityNative", "(Ljava/lang/String;)I", (void *)enableFsverity}, + {"enableFsverityForFdNative", "(I)I", (void *)enableFsverityForFd}, {"statxForFsverityNative", "(Ljava/lang/String;)I", (void *)statxForFsverity}, {"measureFsverityNative", "(Ljava/lang/String;[B)I", (void *)measureFsverity}, }; diff --git a/services/api/current.txt b/services/api/current.txt index 70ee3b8592b4..a4deed3257a7 100644 --- a/services/api/current.txt +++ b/services/api/current.txt @@ -227,8 +227,9 @@ package com.android.server.role { package com.android.server.security { - public final class FileIntegrityLocal { - method public static void setUpFsVerity(@NonNull String) throws java.io.IOException; + public final class FileIntegrity { + method public static void setUpFsVerity(@NonNull java.io.File) throws java.io.IOException; + method public static void setUpFsVerity(@NonNull android.os.ParcelFileDescriptor) throws java.io.IOException; } } diff --git a/services/core/java/com/android/server/pm/Settings.java b/services/core/java/com/android/server/pm/Settings.java index 9c91879343a1..7e7205d84493 100644 --- a/services/core/java/com/android/server/pm/Settings.java +++ b/services/core/java/com/android/server/pm/Settings.java @@ -120,7 +120,7 @@ import com.android.server.pm.resolution.ComponentResolver; import com.android.server.pm.verify.domain.DomainVerificationLegacySettings; import com.android.server.pm.verify.domain.DomainVerificationManagerInternal; import com.android.server.pm.verify.domain.DomainVerificationPersistence; -import com.android.server.security.FileIntegrityLocal; +import com.android.server.security.FileIntegrity; import com.android.server.utils.Slogf; import com.android.server.utils.Snappable; import com.android.server.utils.SnapshotCache; @@ -2714,8 +2714,8 @@ public final class Settings implements Watchable, Snappable { } try { - FileIntegrityLocal.setUpFsVerity(mSettingsFilename.getAbsolutePath()); - FileIntegrityLocal.setUpFsVerity(mSettingsReserveCopyFilename.getAbsolutePath()); + FileIntegrity.setUpFsVerity(mSettingsFilename); + FileIntegrity.setUpFsVerity(mSettingsReserveCopyFilename); } catch (IOException e) { Slog.e(TAG, "Failed to verity-protect settings", e); } diff --git a/services/core/java/com/android/server/security/FileIntegrity.java b/services/core/java/com/android/server/security/FileIntegrity.java new file mode 100644 index 000000000000..7b87d997a04d --- /dev/null +++ b/services/core/java/com/android/server/security/FileIntegrity.java @@ -0,0 +1,58 @@ +/* + * Copyright (C) 2023 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.server.security; + +import android.annotation.NonNull; +import android.annotation.SystemApi; +import android.os.ParcelFileDescriptor; + +import com.android.internal.security.VerityUtils; + +import java.io.File; +import java.io.IOException; + + +/** + * In-process API for server side FileIntegrity related infrastructure. + * + * @hide + */ +@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) +public final class FileIntegrity { + private FileIntegrity() {} + + /** + * Enables fs-verity, if supported by the filesystem. + * @see + * @hide + */ + @SystemApi(client = SystemApi.Client.SYSTEM_SERVER) + public static void setUpFsVerity(@NonNull File file) throws IOException { + VerityUtils.setUpFsverity(file.getAbsolutePath()); + } + + /** + * Enables fs-verity, if supported by the filesystem. + * @see + * @hide + */ + @SystemApi(client = SystemApi.Client.SYSTEM_SERVER) + public static void setUpFsVerity(@NonNull ParcelFileDescriptor parcelFileDescriptor) + throws IOException { + VerityUtils.setUpFsverity(parcelFileDescriptor.getFd()); + } +} diff --git a/services/core/java/com/android/server/security/FileIntegrityLocal.java b/services/core/java/com/android/server/security/FileIntegrityLocal.java deleted file mode 100644 index 8c7219b0b03f..000000000000 --- a/services/core/java/com/android/server/security/FileIntegrityLocal.java +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (C) 2023 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.android.server.security; - -import android.annotation.NonNull; -import android.annotation.SystemApi; - -import com.android.internal.security.VerityUtils; - -import java.io.IOException; - -/** - * In-process API for server side FileIntegrity related infrastructure. - * - * @hide - */ -@SystemApi(client = SystemApi.Client.SYSTEM_SERVER) -public final class FileIntegrityLocal { - private FileIntegrityLocal() {} - - /** - * Enables fs-verity, if supported by the filesystem. - * @see - * @hide - */ - @SystemApi(client = SystemApi.Client.SYSTEM_SERVER) - public static void setUpFsVerity(@NonNull String filePath) throws IOException { - VerityUtils.setUpFsverity(filePath); - } -} -- cgit v1.2.3-59-g8ed1b