From 8c7142a6587f21ba5101622afc4b3c879d8b9fd7 Mon Sep 17 00:00:00 2001 From: Mohammad Samiul Islam Date: Tue, 5 Nov 2019 18:18:28 +0000 Subject: [PATCH] Prevent staging multiple sessions on devices not supporting checkpoint Bug: 141843321 Test: atest StagedInstallTest#testFailStagingMultipleSessionsIfNoCheckPoint Change-Id: I118ae628649e9bef82641ef18841205091e98a6a Merged-In: I118ae628649e9bef82641ef18841205091e98a6a (cherry picked from commit cc4c7d8cc69a90762e88d307fed3331322385cc6) --- api/current.txt | 1 + .../android/os/storage/StorageManager.java | 13 +++++++++++ .../android/server/StorageManagerService.java | 7 ------ .../com/android/server/pm/StagingManager.java | 22 ++++++++++++++++++- 4 files changed, 35 insertions(+), 8 deletions(-) diff --git a/api/current.txt b/api/current.txt index 00a6c24f2c28f..9e50a5afaaefb 100644 --- a/api/current.txt +++ b/api/current.txt @@ -36025,6 +36025,7 @@ package android.os.storage { method public boolean isAllocationSupported(@NonNull java.io.FileDescriptor); method public boolean isCacheBehaviorGroup(java.io.File) throws java.io.IOException; method public boolean isCacheBehaviorTombstone(java.io.File) throws java.io.IOException; + method public boolean isCheckpointSupported(); method public boolean isEncrypted(java.io.File); method public boolean isObbMounted(String); method public boolean mountObb(String, String, android.os.storage.OnObbStateChangeListener); diff --git a/core/java/android/os/storage/StorageManager.java b/core/java/android/os/storage/StorageManager.java index c7709b988e49f..c31017bce3db6 100644 --- a/core/java/android/os/storage/StorageManager.java +++ b/core/java/android/os/storage/StorageManager.java @@ -2304,6 +2304,19 @@ public class StorageManager { } } + /** + * Check whether the device supports filesystem checkpoint. + * + * @return true if the device supports filesystem checkpoint, false otherwise. + */ + public boolean isCheckpointSupported() { + try { + return mStorageManager.supportsCheckpoint(); + } catch (RemoteException e) { + throw e.rethrowFromSystemServer(); + } + } + private final Object mFuseAppLoopLock = new Object(); @GuardedBy("mFuseAppLoopLock") diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java index 39ad3546e452d..515ffc71e874b 100644 --- a/services/core/java/com/android/server/StorageManagerService.java +++ b/services/core/java/com/android/server/StorageManagerService.java @@ -2648,13 +2648,6 @@ class StorageManagerService extends IStorageManager.Stub */ @Override public boolean supportsCheckpoint() throws RemoteException { - // Only the root, system_server and shell processes are permitted to start checkpoints - final int callingUid = Binder.getCallingUid(); - if (callingUid != Process.SYSTEM_UID && callingUid != Process.ROOT_UID - && callingUid != Process.SHELL_UID) { - throw new SecurityException("no permission to start filesystem checkpoint"); - } - return mVold.supportsCheckpoint(); } diff --git a/services/core/java/com/android/server/pm/StagingManager.java b/services/core/java/com/android/server/pm/StagingManager.java index 9f76d0d7a1d82..cb9a090b37e99 100644 --- a/services/core/java/com/android/server/pm/StagingManager.java +++ b/services/core/java/com/android/server/pm/StagingManager.java @@ -46,6 +46,7 @@ import android.os.ParcelableException; import android.os.PowerManager; import android.os.RemoteException; import android.os.ServiceManager; +import android.os.storage.StorageManager; import android.util.IntArray; import android.util.Slog; import android.util.SparseArray; @@ -76,6 +77,7 @@ public class StagingManager { private final PackageInstallerService mPi; private final ApexManager mApexManager; private final PowerManager mPowerManager; + private final Context mContext; private final PreRebootVerificationHandler mPreRebootVerificationHandler; @GuardedBy("mStagedSessions") @@ -84,6 +86,7 @@ public class StagingManager { StagingManager(PackageInstallerService pi, ApexManager am, Context context) { mPi = pi; mApexManager = am; + mContext = context; mPowerManager = (PowerManager) context.getSystemService(Context.POWER_SERVICE); mPreRebootVerificationHandler = new PreRebootVerificationHandler( BackgroundThread.get().getLooper()); @@ -539,6 +542,10 @@ public class StagingManager { mPreRebootVerificationHandler.startPreRebootVerification(session.sessionId); } + private int parentOrOwnSessionId(PackageInstallerSession session) { + return session.hasParentSessionId() ? session.getParentSessionId() : session.sessionId; + } + /** *

Check if the session provided is non-overlapping with the active staged sessions. * @@ -561,6 +568,9 @@ public class StagingManager { "Cannot stage session " + session.sessionId + " with package name null"); } + boolean supportsCheckpoint = ((StorageManager) mContext.getSystemService( + Context.STORAGE_SERVICE)).isCheckpointSupported(); + synchronized (mStagedSessions) { for (int i = 0; i < mStagedSessions.size(); i++) { final PackageInstallerSession stagedSession = mStagedSessions.valueAt(i); @@ -601,7 +611,17 @@ public class StagingManager { + stagedSession.sessionId, null); } - // TODO(b/141843321): Add support for staging multiple sessions in apexd + // Staging multiple root sessions is not allowed if device doesn't support + // checkpoint. If session and stagedSession do not have common ancestor, they are + // from two different root sessions. + if (!supportsCheckpoint + && parentOrOwnSessionId(session) != parentOrOwnSessionId(stagedSession)) { + throw new PackageManagerException( + PackageManager.INSTALL_FAILED_OTHER_STAGED_SESSION_IN_PROGRESS, + "Cannot stage multiple sessions without checkpoint support", null); + } + + // TODO:b/141843321 Add support for staging multiple sessions in apexd // Since apexd doesn't support multiple staged sessions yet, we have to careful how // we handle apex sessions. We want to allow a set of apex sessions under the same // parent to be staged when there is no previously staged apex sessions.