Merge "Consider target path when verifyIdmap." into rvc-dev

2020-03-30 15:45:47 +00:00
parent ad5a070a87 a3a68132b5
commit fa0f02a91c
6 changed files with 21 additions and 10 deletions
--- a/cmds/idmap2/idmap2/CreateMultiple.cpp
+++ b/cmds/idmap2/idmap2/CreateMultiple.cpp
@@ -22,6 +22,7 @@
 #include <ostream>
 #include <vector>

+#include "Commands.h"
 #include "android-base/stringprintf.h"
 #include "idmap2/BinaryStreamVisitor.h"
 #include "idmap2/CommandLineOptions.h"
@@ -30,7 +31,6 @@
 #include "idmap2/Policies.h"
 #include "idmap2/PolicyUtils.h"
 #include "idmap2/SysTrace.h"
-#include "Commands.h"

 using android::ApkAssets;
 using android::base::StringPrintf;
--- a/cmds/idmap2/idmap2d/Idmap2Service.cpp
+++ b/cmds/idmap2/idmap2d/Idmap2Service.cpp
@@ -93,7 +93,8 @@ Status Idmap2Service::removeIdmap(const std::string& overlay_apk_path,
  return ok();
 }

-Status Idmap2Service::verifyIdmap(const std::string& overlay_apk_path,
+Status Idmap2Service::verifyIdmap(const std::string& target_apk_path,
+                                  const std::string& overlay_apk_path,
                                  int32_t fulfilled_policies ATTRIBUTE_UNUSED,
                                  bool enforce_overlayable ATTRIBUTE_UNUSED,
                                  int32_t user_id ATTRIBUTE_UNUSED, bool* _aidl_return) {
@@ -103,10 +104,15 @@ Status Idmap2Service::verifyIdmap(const std::string& overlay_apk_path,
  std::ifstream fin(idmap_path);
  const std::unique_ptr<const IdmapHeader> header = IdmapHeader::FromBinaryStream(fin);
  fin.close();
-  *_aidl_return = header && header->IsUpToDate();
+  if (!header) {
+    *_aidl_return = false;
+    return error("failed to parse idmap header");
+  }
+
+  *_aidl_return =
+      strcmp(header->GetTargetPath().data(), target_apk_path.data()) == 0 && header->IsUpToDate();

  // TODO(b/119328308): Check that the set of fulfilled policies of the overlay has not changed
-
  return ok();
 }

--- a/cmds/idmap2/idmap2d/Idmap2Service.h
+++ b/cmds/idmap2/idmap2d/Idmap2Service.h
@@ -37,7 +37,8 @@ class Idmap2Service : public BinderService<Idmap2Service>, public BnIdmap2 {
  binder::Status removeIdmap(const std::string& overlay_apk_path, int32_t user_id,
                             bool* _aidl_return) override;

-  binder::Status verifyIdmap(const std::string& overlay_apk_path, int32_t fulfilled_policies,
+  binder::Status verifyIdmap(const std::string& target_apk_path,
+                             const std::string& overlay_apk_path, int32_t fulfilled_policies,
                             bool enforce_overlayable, int32_t user_id,
                             bool* _aidl_return) override;

--- a/cmds/idmap2/idmap2d/aidl/android/os/IIdmap2.aidl
+++ b/cmds/idmap2/idmap2d/aidl/android/os/IIdmap2.aidl
@@ -22,8 +22,11 @@ package android.os;
 interface IIdmap2 {
  @utf8InCpp String getIdmapPath(@utf8InCpp String overlayApkPath, int userId);
  boolean removeIdmap(@utf8InCpp String overlayApkPath, int userId);
-  boolean verifyIdmap(@utf8InCpp String overlayApkPath, int fulfilledPolicies,
-                      boolean enforceOverlayable, int userId);
+  boolean verifyIdmap(@utf8InCpp String targetApkPath,
+					  @utf8InCpp String overlayApkPath,
+                      int fulfilledPolicies,
+                      boolean enforceOverlayable,
+                      int userId);
  @nullable @utf8InCpp String createIdmap(@utf8InCpp String targetApkPath,
                                          @utf8InCpp String overlayApkPath,
                                          int fulfilledPolicies,
--- a/services/core/java/com/android/server/om/IdmapDaemon.java
+++ b/services/core/java/com/android/server/om/IdmapDaemon.java
@@ -116,10 +116,11 @@ class IdmapDaemon {
        }
    }

-    boolean verifyIdmap(String overlayPath, int policies, boolean enforce, int userId)
+    boolean verifyIdmap(String targetPath, String overlayPath, int policies, boolean enforce,
+             int userId)
            throws Exception {
        try (Connection connection = connect()) {
-            return mService.verifyIdmap(overlayPath, policies, enforce, userId);
+            return mService.verifyIdmap(targetPath, overlayPath, policies, enforce, userId);
        }
    }

--- a/services/core/java/com/android/server/om/IdmapManager.java
+++ b/services/core/java/com/android/server/om/IdmapManager.java
@@ -75,7 +75,7 @@ class IdmapManager {
        try {
            int policies = calculateFulfilledPolicies(targetPackage, overlayPackage, userId);
            boolean enforce = enforceOverlayable(overlayPackage);
-            if (mIdmapDaemon.verifyIdmap(overlayPath, policies, enforce, userId)) {
+            if (mIdmapDaemon.verifyIdmap(targetPath, overlayPath, policies, enforce, userId)) {
                return true;
            }
            return mIdmapDaemon.createIdmap(targetPath, overlayPath, policies,