diff options
| -rw-r--r-- | cmds/installd/InstalldNativeService.cpp | 35 | ||||
| -rw-r--r-- | cmds/installd/InstalldNativeService.h | 5 | ||||
| -rw-r--r-- | cmds/installd/binder/android/os/IInstalld.aidl | 3 | ||||
| -rw-r--r-- | cmds/installd/tests/installd_service_test.cpp | 3 |
4 files changed, 21 insertions, 25 deletions
diff --git a/cmds/installd/InstalldNativeService.cpp b/cmds/installd/InstalldNativeService.cpp index cad77874fd..71a87403d5 100644 --- a/cmds/installd/InstalldNativeService.cpp +++ b/cmds/installd/InstalldNativeService.cpp @@ -234,12 +234,12 @@ binder::Status checkArgumentFileName(const std::string& path) { return ok(); } -binder::Status checkUidInAppRange(int32_t appUid) { - if (FIRST_APPLICATION_UID <= appUid && appUid <= LAST_APPLICATION_UID) { +binder::Status checkArgumentAppId(int32_t appId) { + if (FIRST_APPLICATION_UID <= appId && appId <= LAST_APPLICATION_UID) { return ok(); } return exception(binder::Status::EX_ILLEGAL_ARGUMENT, - StringPrintf("UID %d is outside of the range", appUid)); + StringPrintf("appId %d is outside of the range", appId)); } #define ENFORCE_UID(uid) { \ @@ -302,12 +302,12 @@ binder::Status checkUidInAppRange(int32_t appUid) { } \ } -#define CHECK_ARGUMENT_UID_IN_APP_RANGE(uid) \ - { \ - binder::Status status = checkUidInAppRange((uid)); \ - if (!status.isOk()) { \ - return status; \ - } \ +#define CHECK_ARGUMENT_APP_ID(appId) \ + { \ + binder::Status status = checkArgumentAppId((appId)); \ + if (!status.isOk()) { \ + return status; \ + } \ } #ifdef GRANULAR_LOCKS @@ -411,7 +411,7 @@ using PackageLockGuard = std::lock_guard<PackageLock>; } // namespace binder::Status InstalldNativeService::FsveritySetupAuthToken::authenticate( - const ParcelFileDescriptor& authFd, int32_t appUid, int32_t userId) { + const ParcelFileDescriptor& authFd, int32_t uid) { int open_flags = fcntl(authFd.get(), F_GETFL); if (open_flags < 0) { return exception(binder::Status::EX_SERVICE_SPECIFIC, "fcntl failed"); @@ -426,9 +426,8 @@ binder::Status InstalldNativeService::FsveritySetupAuthToken::authenticate( return exception(binder::Status::EX_SECURITY, "Not a regular file"); } // Don't accept a file owned by a different app. - uid_t uid = multiuser_get_uid(userId, appUid); - if (this->mStatFromAuthFd.st_uid != uid) { - return exception(binder::Status::EX_SERVICE_SPECIFIC, "File not owned by appUid"); + if (this->mStatFromAuthFd.st_uid != (uid_t)uid) { + return exception(binder::Status::EX_SERVICE_SPECIFIC, "File not owned by uid"); } return ok(); } @@ -3986,7 +3985,7 @@ binder::Status InstalldNativeService::getOdexVisibility( // attacker-in-the-middle cannot enable fs-verity on arbitrary app files. If the FD is not writable, // return null. // -// appUid and userId are passed for additional ownership check, such that one app can not be +// app process uid is passed for additional ownership check, such that one app can not be // authenticated for another app's file. These parameters are assumed trusted for this purpose of // consistency check. // @@ -3994,13 +3993,13 @@ binder::Status InstalldNativeService::getOdexVisibility( // Since enabling fs-verity to a file requires no outstanding writable FD, passing the authFd to the // server allows the server to hold the only reference (as long as the client app doesn't). binder::Status InstalldNativeService::createFsveritySetupAuthToken( - const ParcelFileDescriptor& authFd, int32_t appUid, int32_t userId, + const ParcelFileDescriptor& authFd, int32_t uid, sp<IFsveritySetupAuthToken>* _aidl_return) { - CHECK_ARGUMENT_UID_IN_APP_RANGE(appUid); - ENFORCE_VALID_USER(userId); + CHECK_ARGUMENT_APP_ID(multiuser_get_app_id(uid)); + ENFORCE_VALID_USER(multiuser_get_user_id(uid)); auto token = sp<FsveritySetupAuthToken>::make(); - binder::Status status = token->authenticate(authFd, appUid, userId); + binder::Status status = token->authenticate(authFd, uid); if (!status.isOk()) { return status; } diff --git a/cmds/installd/InstalldNativeService.h b/cmds/installd/InstalldNativeService.h index 1ec092d8b5..88caba7713 100644 --- a/cmds/installd/InstalldNativeService.h +++ b/cmds/installd/InstalldNativeService.h @@ -44,8 +44,7 @@ public: public: FsveritySetupAuthToken() : mStatFromAuthFd() {} - binder::Status authenticate(const android::os::ParcelFileDescriptor& authFd, int32_t appUid, - int32_t userId); + binder::Status authenticate(const android::os::ParcelFileDescriptor& authFd, int32_t uid); bool isSameStat(const struct stat& st) const; private: @@ -213,7 +212,7 @@ public: int32_t* _aidl_return); binder::Status createFsveritySetupAuthToken(const android::os::ParcelFileDescriptor& authFd, - int32_t appUid, int32_t userId, + int32_t uid, android::sp<IFsveritySetupAuthToken>* _aidl_return); binder::Status enableFsverity(const android::sp<IFsveritySetupAuthToken>& authToken, const std::string& filePath, const std::string& packageName, diff --git a/cmds/installd/binder/android/os/IInstalld.aidl b/cmds/installd/binder/android/os/IInstalld.aidl index 8893e38c03..120d61dbae 100644 --- a/cmds/installd/binder/android/os/IInstalld.aidl +++ b/cmds/installd/binder/android/os/IInstalld.aidl @@ -145,8 +145,7 @@ interface IInstalld { // // We don't necessarily need a method here, so it's left blank intentionally. } - IFsveritySetupAuthToken createFsveritySetupAuthToken(in ParcelFileDescriptor authFd, int appUid, - int userId); + IFsveritySetupAuthToken createFsveritySetupAuthToken(in ParcelFileDescriptor authFd, int uid); int enableFsverity(in IFsveritySetupAuthToken authToken, @utf8InCpp String filePath, @utf8InCpp String packageName); diff --git a/cmds/installd/tests/installd_service_test.cpp b/cmds/installd/tests/installd_service_test.cpp index 4bc92afa18..f2b578a8d2 100644 --- a/cmds/installd/tests/installd_service_test.cpp +++ b/cmds/installd/tests/installd_service_test.cpp @@ -548,8 +548,7 @@ protected: unique_fd ufd(open(path.c_str(), open_mode)); EXPECT_GE(ufd.get(), 0) << "open failed: " << strerror(errno); ParcelFileDescriptor rfd(std::move(ufd)); - return service->createFsveritySetupAuthToken(std::move(rfd), kTestAppId, kTestUserId, - _aidl_return); + return service->createFsveritySetupAuthToken(std::move(rfd), kTestAppId, _aidl_return); } }; |