Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / ce6174fee36aedbbab7e8064067447083e1eff84
commitce6174fee36aedbbab7e8064067447083e1eff84[log] [tgz]
authorVictor Hsieh <victorhsieh@google.com>Mon Oct 02 15:40:45 2023 -0700
committerVictor Hsieh <victorhsieh@google.com>Tue Oct 03 14:40:23 2023 -0700
treeef7bbfe1484238148a4e352e83e2a07c734155d2
parent016e056cc6982bc75affdd552973b234b91d91cc [diff]
Integrity test to recover allowlisted system app tampering

This change introduces two scenarios:

1. A system APK is updated to /data. At some point, the APK itself is
   tampered but V4 signature is not touched (thus invalid now).

2. A system APK is updated to /data. At some point, the APK itself is
   tampered with by an attacker and re-signed with a different key. The
   attacker also updates package manager's internal record for
   consistency.

The test requires root to run. The test involves injecting a testing app
as a system app. In the above scenarios, the test expects the victim
system app in /data is removed.

Bug: 277347456
Test: enable flag extend_vb_chain_to_updated_apk,
      `atest TamperedUpdatedSystemPackageTest` both passed
Test: disable flag extend_vb_chain_to_updated_apk,
      `atest TamperedUpdatedSystemPackageTest` both failed
Change-Id: I16b0ed853b9e6b706fddb6d50da2e8f082ee167a
3 files changed
tree: ef7bbfe1484238148a4e352e83e2a07c734155d2
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. boot/
  6. cmds/
  7. config/
  8. core/
  9. data/
  10. docs/
  11. drm/
  12. errorprone/
  13. graphics/
  14. identity/
  15. keystore/
  16. libs/
  17. location/
  18. media/
  19. mime/
  20. mms/
  21. native/
  22. nfc-extras/
  23. obex/
  24. omapi/
  25. opengl/
  26. packages/
  27. proto/
  28. rs/
  29. samples/
  30. sax/
  31. services/
  32. startop/
  33. telecomm/
  34. telephony/
  35. test-base/
  36. test-legacy/
  37. test-mock/
  38. test-runner/
  39. tests/
  40. tools/
  41. vendor/
  42. wifi/
  43. .clang-format
  44. .gitignore
  45. .mailmap
  46. AconfigFlags.bp
  47. ADPF_OWNERS
  48. Android.bp
  49. Android.mk
  50. BATTERY_STATS_OWNERS
  51. BROADCASTS_OWNERS
  52. CleanSpec.mk
  53. framework-jarjar-rules.txt
  54. GAME_MANAGER_OWNERS
  55. INPUT_OWNERS
  56. INTENT_OWNERS
  57. lint-baseline.xml
  58. METADATA
  59. MODULE_LICENSE_APACHE2
  60. MULTIUSER_OWNERS
  61. NOTICE
  62. OWNERS
  63. OWNERS.md
  64. PACKAGE_MANAGER_OWNERS
  65. pathmap.mk
  66. PERFORMANCE_OWNERS
  67. PREUPLOAD.cfg
  68. ProtoLibraries.bp
  69. SQLITE_OWNERS
  70. TEST_MAPPING
  71. TestProtoLibraries.bp
  72. TRACE_OWNERS
  73. WEAR_OWNERS
  74. ZYGOTE_OWNERS