Merge "Verify apex files on staged sessions."

2019-01-10 18:31:04 +00:00
parent 736cbcd83d 276cd0757b
commit 56464cf533
1 changed files with 45 additions and 17 deletions
--- a/services/core/java/com/android/server/pm/StagingManager.java
+++ b/services/core/java/com/android/server/pm/StagingManager.java
@@ -18,6 +18,7 @@ package com.android.server.pm;

 import android.annotation.NonNull;
 import android.apex.ApexInfo;
+import android.apex.ApexInfoList;
 import android.apex.IApexService;
 import android.content.pm.PackageInstaller;
 import android.content.pm.PackageInstaller.SessionInfo;
@@ -127,28 +128,55 @@ public class StagingManager {
        return false;
    }

-    void commitSession(@NonNull PackageInstallerSession sessionInfo) {
-        updateStoredSession(sessionInfo);
+    private static boolean submitSessionToApexService(int sessionId, ApexInfoList apexInfoList) {
+        final IApexService apex = IApexService.Stub.asInterface(
+                ServiceManager.getService("apexservice"));
+        boolean success;
+        try {
+            success = apex.submitStagedSession(sessionId, apexInfoList);
+        } catch (RemoteException re) {
+            Slog.e(TAG, "Unable to contact apexservice", re);
+            return false;
+        }
+        return success;
+    }

-        mBgHandler.post(() -> {
-            sessionInfo.setStagedSessionReady();
+    void preRebootVerification(@NonNull PackageInstallerSession session) {
+        boolean success = true;
+        if ((session.params.installFlags & PackageManager.INSTALL_APEX) != 0) {

-            SessionInfo session = sessionInfo.generateInfo(false);
-            // For APEXes, we validate the signature here before we write the package to the
-            // staging directory. For APKs, the signature verification will be done by the package
-            // manager at the point at which it applies the staged install.
-            //
-            // TODO: Decide whether we want to fail fast by detecting signature mismatches right
-            // away.
-            if ((sessionInfo.params.installFlags & PackageManager.INSTALL_APEX) != 0) {
-                if (!validateApexSignatureLocked(session.resolvedBaseCodePath,
-                        session.appPackageName)) {
-                    sessionInfo.setStagedSessionFailed(SessionInfo.VERIFICATION_FAILED);
+            final ApexInfoList apexInfoList = new ApexInfoList();
+
+            if (!submitSessionToApexService(session.sessionId, apexInfoList)) {
+                success = false;
+            } else {
+                // For APEXes, we validate the signature here before we mark the session as ready,
+                // so we fail the session early if there is a signature mismatch. For APKs, the
+                // signature verification will be done by the package manager at the point at which
+                // it applies the staged install.
+                //
+                // TODO: Decide whether we want to fail fast by detecting signature mismatches right
+                // away.
+                for (ApexInfo apexPackage : apexInfoList.apexInfos) {
+                    if (!validateApexSignatureLocked(apexPackage.packagePath,
+                            apexPackage.packageName)) {
+                        success = false;
+                        break;
+                    }
                }
            }
+        }
+        if (success) {
+            session.setStagedSessionReady();
+        } else {
+            session.setStagedSessionFailed(SessionInfo.VERIFICATION_FAILED);
+        }
+        mPm.sendSessionUpdatedBroadcast(session.generateInfo(false), session.userId);
+    }

-            mPm.sendSessionUpdatedBroadcast(sessionInfo.generateInfo(false), sessionInfo.userId);
-        });
+    void commitSession(@NonNull PackageInstallerSession session) {
+        updateStoredSession(session);
+        mBgHandler.post(() -> preRebootVerification(session));
    }

    void createSession(@NonNull PackageInstallerSession sessionInfo) {