105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root/* 205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Copyright (C) 2011 The Android Open Source Project 305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * 405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Licensed under the Apache License, Version 2.0 (the "License"); 505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * you may not use this file except in compliance with the License. 605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * You may obtain a copy of the License at 705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * 805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * http://www.apache.org/licenses/LICENSE-2.0 905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * 1005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Unless required by applicable law or agreed to in writing, software 1105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * distributed under the License is distributed on an "AS IS" BASIS, 1205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * See the License for the specific language governing permissions and 1405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * limitations under the License. 1505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root */ 1605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 1705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Rootpackage com.android.server.pm; 1805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 1905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Rootimport com.android.server.pm.PackageManagerService.InstallArgs; 2005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 2105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Rootimport android.content.pm.PackageManager; 2205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Rootimport android.util.SparseBooleanArray; 2305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 2405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root/** 2505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Tracks the package verification state for a particular package. Each package 2605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * verification has a required verifier and zero or more sufficient verifiers. 2705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Only one of the sufficient verifier list must return affirmative to allow the 2805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * package to be considered verified. If there are zero sufficient verifiers, 2905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * then package verification is considered complete. 3005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root */ 3105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Rootclass PackageVerificationState { 3205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root private final InstallArgs mArgs; 3305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 3405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root private final SparseBooleanArray mSufficientVerifierUids; 3505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 3605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root private final int mRequiredVerifierUid; 3705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 3805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root private boolean mSufficientVerificationComplete; 3905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 4005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root private boolean mSufficientVerificationPassed; 4105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 4205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root private boolean mRequiredVerificationComplete; 4305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 4405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root private boolean mRequiredVerificationPassed; 4505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 4605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root /** 4705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Create a new package verification state where {@code requiredVerifierUid} 4805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * is the user ID for the package that must reply affirmative before things 4905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * can continue. 5005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * 5105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * @param requiredVerifierUid user ID of required package verifier 5205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * @param args 5305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root */ 5405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root public PackageVerificationState(int requiredVerifierUid, InstallArgs args) { 5505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mRequiredVerifierUid = requiredVerifierUid; 5605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mArgs = args; 5705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mSufficientVerifierUids = new SparseBooleanArray(); 5805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 5905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 6005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root public InstallArgs getInstallArgs() { 6105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return mArgs; 6205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 6305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 6405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root /** 6505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Add a verifier which is added to our sufficient list. 6605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * 6705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * @param uid user ID of sufficient verifier 6805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root */ 6905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root public void addSufficientVerifier(int uid) { 7005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mSufficientVerifierUids.put(uid, true); 7105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 7205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 7305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root /** 7405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Should be called when a verification is received from an agent so the 7505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * state of the package verification can be tracked. 7605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * 7705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * @param uid user ID of the verifying agent 7805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * @return {@code true} if the verifying agent actually exists in our list 7905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root */ 8005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root public boolean setVerifierResponse(int uid, int code) { 8105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root if (uid == mRequiredVerifierUid) { 8205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mRequiredVerificationComplete = true; 8305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root switch (code) { 8405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root case PackageManager.VERIFICATION_ALLOW_WITHOUT_SUFFICIENT: 8505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mSufficientVerifierUids.clear(); 8605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root // fall through 8705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root case PackageManager.VERIFICATION_ALLOW: 8805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mRequiredVerificationPassed = true; 8905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root break; 9005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root default: 9105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mRequiredVerificationPassed = false; 9205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 9305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return true; 9405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } else { 9505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root if (mSufficientVerifierUids.get(uid)) { 9605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root if (code == PackageManager.VERIFICATION_ALLOW) { 9705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mSufficientVerificationComplete = true; 9805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mSufficientVerificationPassed = true; 9905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 10005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 10105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mSufficientVerifierUids.delete(uid); 10205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root if (mSufficientVerifierUids.size() == 0) { 10305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root mSufficientVerificationComplete = true; 10405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 10505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 10605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return true; 10705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 10805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 10905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 11005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return false; 11105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 11205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 11305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root /** 11405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Returns whether verification is considered complete. This means that the 11505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * required verifier and at least one of the sufficient verifiers has 11605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * returned a positive verification. 11705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * 11805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * @return {@code true} when verification is considered complete 11905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root */ 12005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root public boolean isVerificationComplete() { 12105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root if (!mRequiredVerificationComplete) { 12205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return false; 12305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 12405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 12505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root if (mSufficientVerifierUids.size() == 0) { 12605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return true; 12705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 12805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 12905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return mSufficientVerificationComplete; 13005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 13105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 13205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root /** 13305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * Returns whether installation should be allowed. This should only be 13405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * called after {@link #isVerificationComplete()} returns {@code true}. 13505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * 13605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root * @return {@code true} if installation should be allowed 13705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root */ 13805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root public boolean isInstallAllowed() { 13905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root if (!mRequiredVerificationPassed) { 14005ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return false; 14105ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 14205ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 14305ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root if (mSufficientVerificationComplete) { 14405ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return mSufficientVerificationPassed; 14505ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 14605ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root 14705ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root return true; 14805ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root } 14905ca4c90644921df9193d92b2abdc81ef77e4a62Kenny Root} 150