diff options
| author | 2022-12-27 21:38:37 -0800 | |
|---|---|---|
| committer | 2023-02-21 22:33:42 +0000 | |
| commit | 9ff16e054124c2dd01fee8883502eac45a10f84f (patch) | |
| tree | 149ae51401d8eeb1b80ffc832f1f493b519713f4 | |
| parent | 61072004306bb218058409a68529d78bb26e94b9 (diff) | |
Add fs-verity file integrity check for permissions and roles.
Bug: 253568736
Bug: 196909329
Test: atest RuntimePermissionsPersistenceTest RolesPersistenceTest
Change-Id: Ie6abe62126c7efbc485068b6721da3168c8f916c
4 files changed, 62 insertions, 2 deletions
diff --git a/service/java/com/android/permission/persistence/RuntimePermissionsPersistenceImpl.java b/service/java/com/android/permission/persistence/RuntimePermissionsPersistenceImpl.java index c1f9299c2..f3ba5aaef 100644 --- a/service/java/com/android/permission/persistence/RuntimePermissionsPersistenceImpl.java +++ b/service/java/com/android/permission/persistence/RuntimePermissionsPersistenceImpl.java @@ -28,6 +28,8 @@ import android.util.Log; import android.util.Xml; import com.android.internal.annotations.VisibleForTesting; +import com.android.modules.utils.build.SdkLevel; +import com.android.server.security.FileIntegrity; import org.xmlpull.v1.XmlPullParser; import org.xmlpull.v1.XmlPullParserException; @@ -70,6 +72,27 @@ public class RuntimePermissionsPersistenceImpl implements RuntimePermissionsPers private static final String ATTRIBUTE_NAME = "name"; private static final String ATTRIBUTE_VERSION = "version"; + @VisibleForTesting + interface Injector { + void enableFsVerity(@NonNull File file) throws IOException; + } + + @NonNull + private final Injector mInjector; + + RuntimePermissionsPersistenceImpl() { + this(file -> { + if (SdkLevel.isAtLeastU()) { + FileIntegrity.setUpFsVerity(file); + } + }); + } + + @VisibleForTesting + RuntimePermissionsPersistenceImpl(@NonNull Injector injector) { + mInjector = injector; + } + @Nullable @Override public RuntimePermissionsState readForUser(@NonNull UserHandle user) { @@ -224,6 +247,13 @@ public class RuntimePermissionsPersistenceImpl implements RuntimePermissionsPers } catch (Exception e) { Log.e(LOG_TAG, "Failed to write reserve copy: " + reserveFile, e); } + + try { + mInjector.enableFsVerity(file); + mInjector.enableFsVerity(reserveFile); + } catch (Exception e) { + Log.e(LOG_TAG, "Failed to verity-protect runtime-permissions", e); + } } private static void serializeRuntimePermissions(@NonNull XmlSerializer serializer, diff --git a/service/java/com/android/role/persistence/RolesPersistenceImpl.java b/service/java/com/android/role/persistence/RolesPersistenceImpl.java index 944036aeb..76cf8f81f 100644 --- a/service/java/com/android/role/persistence/RolesPersistenceImpl.java +++ b/service/java/com/android/role/persistence/RolesPersistenceImpl.java @@ -28,7 +28,9 @@ import android.util.Log; import android.util.Xml; import com.android.internal.annotations.VisibleForTesting; +import com.android.modules.utils.build.SdkLevel; import com.android.permission.persistence.IoUtils; +import com.android.server.security.FileIntegrity; import org.xmlpull.v1.XmlPullParser; import org.xmlpull.v1.XmlPullParserException; @@ -66,6 +68,27 @@ public class RolesPersistenceImpl implements RolesPersistence { private static final String ATTRIBUTE_NAME = "name"; private static final String ATTRIBUTE_PACKAGES_HASH = "packagesHash"; + @VisibleForTesting + interface Injector { + void enableFsVerity(@NonNull File file) throws IOException; + } + + @NonNull + private final Injector mInjector; + + RolesPersistenceImpl() { + this(file -> { + if (SdkLevel.isAtLeastU()) { + FileIntegrity.setUpFsVerity(file); + } + }); + } + + @VisibleForTesting + RolesPersistenceImpl(@NonNull Injector injector) { + mInjector = injector; + } + @Nullable @Override public RolesState readForUser(@NonNull UserHandle user) { @@ -195,6 +218,13 @@ public class RolesPersistenceImpl implements RolesPersistence { } catch (Exception e) { Log.e(LOG_TAG, "Failed to write reserve copy: " + reserveFile, e); } + + try { + mInjector.enableFsVerity(file); + mInjector.enableFsVerity(reserveFile); + } catch (Exception e) { + Log.e(LOG_TAG, "Failed to verity-protect roles", e); + } } private static void serializeRoles(@NonNull XmlSerializer serializer, diff --git a/tests/apex/java/com/android/permission/persistence/RuntimePermissionsPersistenceTest.kt b/tests/apex/java/com/android/permission/persistence/RuntimePermissionsPersistenceTest.kt index a3502a01a..59bf6a381 100644 --- a/tests/apex/java/com/android/permission/persistence/RuntimePermissionsPersistenceTest.kt +++ b/tests/apex/java/com/android/permission/persistence/RuntimePermissionsPersistenceTest.kt @@ -46,7 +46,7 @@ class RuntimePermissionsPersistenceTest { private lateinit var mockitoSession: MockitoSession @Mock lateinit var apexEnvironment: ApexEnvironment - private val persistence = RuntimePermissionsPersistence.createInstance() + private val persistence = RuntimePermissionsPersistenceImpl {} private val permissionState = RuntimePermissionsState.PermissionState("permission", true, 3) private val state = RuntimePermissionsState( diff --git a/tests/apex/java/com/android/role/persistence/RolesPersistenceTest.kt b/tests/apex/java/com/android/role/persistence/RolesPersistenceTest.kt index 814826b98..1806f8e13 100644 --- a/tests/apex/java/com/android/role/persistence/RolesPersistenceTest.kt +++ b/tests/apex/java/com/android/role/persistence/RolesPersistenceTest.kt @@ -46,7 +46,7 @@ class RolesPersistenceTest { private lateinit var mockitoSession: MockitoSession @Mock lateinit var apexEnvironment: ApexEnvironment - private val persistence = RolesPersistence.createInstance() + private val persistence = RolesPersistenceImpl {} private val state = RolesState(1, "packagesHash", mapOf("role" to setOf("holder1", "holder2"))) private val user = Process.myUserHandle() |