Merge "Disable AVB check in runtime vintf"

2017-12-07 08:15:35 +00:00
parent 0e8440632a 78934c9b8b
commit 86c9951383
3 changed files with 36 additions and 12 deletions
--- a/core/java/android/os/Build.java
+++ b/core/java/android/os/Build.java
@@ -847,7 +847,9 @@ public class Build {
        if (IS_ENG) return true;

        if (IS_TREBLE_ENABLED) {
-            int result = VintfObject.verify(new String[0]);
+            // If we can run this code, the device should already pass AVB.
+            // So, we don't need to check AVB here.
+            int result = VintfObject.verifyWithoutAvb();

            if (result != 0) {
                Slog.e(TAG, "Vendor interface is incompatible, error="
--- a/core/java/android/os/VintfObject.java
+++ b/core/java/android/os/VintfObject.java
@@ -18,7 +18,6 @@ package android.os;

 import java.util.Map;

-import android.util.Log;

 /**
 * Java API for libvintf.
@@ -40,7 +39,7 @@ public class VintfObject {
     * Verify that the given metadata for an OTA package is compatible with
     * this device.
     *
-     * @param packageInfo a list of serialized form of HalMaanifest's /
+     * @param packageInfo a list of serialized form of HalManifest's /
     * CompatibilityMatri'ces (XML).
     * @return = 0 if success (compatible)
     *         > 0 if incompatible
@@ -48,6 +47,17 @@ public class VintfObject {
     */
    public static native int verify(String[] packageInfo);

+    /**
+     * Verify Vintf compatibility on the device without checking AVB
+     * (Android Verified Boot). It is useful to verify a running system
+     * image where AVB check is irrelevant.
+     *
+     * @return = 0 if success (compatible)
+     *         > 0 if incompatible
+     *         < 0 if any error (mount partition fails, illformed XML, etc.)
+     */
+    public static native int verifyWithoutAvb();
+
    /// ---------- CTS Device Info

    /**
--- a/core/jni/android_os_VintfObject.cpp
+++ b/core/jni/android_os_VintfObject.cpp
@@ -93,22 +93,33 @@ static jobjectArray android_os_VintfObject_report(JNIEnv* env, jclass)
    return toJavaStringArray(env, cStrings);
 }

-static jint android_os_VintfObject_verify(JNIEnv* env, jclass, jobjectArray packageInfo) {
-    size_t count = env->GetArrayLength(packageInfo);
-    std::vector<std::string> cPackageInfo{count};
-    for (size_t i = 0; i < count; ++i) {
-        jstring element = (jstring)env->GetObjectArrayElement(packageInfo, i);
-        const char *cString = env->GetStringUTFChars(element, NULL /* isCopy */);
-        cPackageInfo[i] = cString;
-        env->ReleaseStringUTFChars(element, cString);
+static jint verify(JNIEnv* env, jobjectArray packageInfo, android::vintf::DisabledChecks checks) {
+    std::vector<std::string> cPackageInfo;
+    if (packageInfo) {
+        size_t count = env->GetArrayLength(packageInfo);
+        cPackageInfo.resize(count);
+        for (size_t i = 0; i < count; ++i) {
+            jstring element = (jstring)env->GetObjectArrayElement(packageInfo, i);
+            const char *cString = env->GetStringUTFChars(element, NULL /* isCopy */);
+            cPackageInfo[i] = cString;
+            env->ReleaseStringUTFChars(element, cString);
+        }
    }
    std::string error;
-    int32_t status = VintfObject::CheckCompatibility(cPackageInfo, &error);
+    int32_t status = VintfObject::CheckCompatibility(cPackageInfo, &error, checks);
    if (status)
        LOG(WARNING) << "VintfObject.verify() returns " << status << ": " << error;
    return status;
 }

+static jint android_os_VintfObject_verify(JNIEnv* env, jclass, jobjectArray packageInfo) {
+    return verify(env, packageInfo, ::android::vintf::ENABLE_ALL_CHECKS);
+}
+
+static jint android_os_VintfObject_verifyWithoutAvb(JNIEnv* env, jclass) {
+    return verify(env, nullptr, ::android::vintf::DISABLE_AVB_CHECK);
+}
+
 static jobjectArray android_os_VintfObject_getHalNamesAndVersions(JNIEnv* env, jclass) {
    std::set<std::string> halNames;
    tryAddHalNamesAndVersions(VintfObject::GetDeviceHalManifest(),
@@ -148,6 +159,7 @@ static jobject android_os_VintfObject_getVndkSnapshots(JNIEnv* env, jclass) {
 static const JNINativeMethod gVintfObjectMethods[] = {
    {"report", "()[Ljava/lang/String;", (void*)android_os_VintfObject_report},
    {"verify", "([Ljava/lang/String;)I", (void*)android_os_VintfObject_verify},
+    {"verifyWithoutAvb", "()I", (void*)android_os_VintfObject_verifyWithoutAvb},
    {"getHalNamesAndVersions", "()[Ljava/lang/String;", (void*)android_os_VintfObject_getHalNamesAndVersions},
    {"getSepolicyVersion", "()Ljava/lang/String;", (void*)android_os_VintfObject_getSepolicyVersion},
    {"getVndkSnapshots", "()Ljava/util/Map;", (void*)android_os_VintfObject_getVndkSnapshots},