1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #define LOG_TAG "VerityUtils"
18 
19 #include <nativehelper/JNIHelp.h>
20 #include <nativehelper/ScopedPrimitiveArray.h>
21 #include <nativehelper/ScopedUtfChars.h>
22 #include <utils/Log.h>
23 #include "jni.h"
24 
25 #include <errno.h>
26 #include <fcntl.h>
27 #include <linux/fsverity.h>
28 #include <linux/stat.h>
29 #include <string.h>
30 #include <sys/ioctl.h>
31 #include <sys/stat.h>
32 #include <sys/types.h>
33 
34 #include <android-base/unique_fd.h>
35 
36 #include <type_traits>
37 
38 namespace android {
39 
40 namespace {
41 
enableFsverity(JNIEnv * env,jobject,jstring filePath,jbyteArray signature)42 int enableFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArray signature) {
43     ScopedUtfChars path(env, filePath);
44     if (path.c_str() == nullptr) {
45         return EINVAL;
46     }
47     ::android::base::unique_fd rfd(open(path.c_str(), O_RDONLY | O_CLOEXEC));
48     if (rfd.get() < 0) {
49         return errno;
50     }
51     ScopedByteArrayRO signature_bytes(env, signature);
52     if (signature_bytes.get() == nullptr) {
53         return EINVAL;
54     }
55 
56     fsverity_enable_arg arg = {};
57     arg.version = 1;
58     arg.hash_algorithm = FS_VERITY_HASH_ALG_SHA256; // hardcoded in measureFsverity below
59     arg.block_size = 4096;
60     arg.salt_size = 0;
61     arg.salt_ptr = reinterpret_cast<uintptr_t>(nullptr);
62     arg.sig_size = signature_bytes.size();
63     arg.sig_ptr = reinterpret_cast<uintptr_t>(signature_bytes.get());
64 
65     if (ioctl(rfd.get(), FS_IOC_ENABLE_VERITY, &arg) < 0) {
66         return errno;
67     }
68     return 0;
69 }
70 
71 // Returns whether the file has fs-verity enabled.
72 // 0 if it is not present, 1 if is present, and -errno if there was an error.
statxForFsverity(JNIEnv * env,jobject,jstring filePath)73 int statxForFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath) {
74     ScopedUtfChars path(env, filePath);
75 
76     struct statx out = {};
77     if (statx(AT_FDCWD, path.c_str(), 0 /* flags */, STATX_ALL, &out) != 0) {
78         return -errno;
79     }
80 
81     // Validity check.
82     if ((out.stx_attributes_mask & STATX_ATTR_VERITY) == 0) {
83         ALOGE("Unexpected, STATX_ATTR_VERITY not supported by kernel");
84         return -ENOSYS;
85     }
86 
87     return (out.stx_attributes & STATX_ATTR_VERITY) != 0;
88 }
89 
measureFsverity(JNIEnv * env,jobject,jstring filePath,jbyteArray digest)90 int measureFsverity(JNIEnv *env, jobject /* clazz */, jstring filePath, jbyteArray digest) {
91     static constexpr auto kDigestSha256 = 32;
92     using Storage = std::aligned_storage_t<sizeof(fsverity_digest) + kDigestSha256>;
93 
94     Storage bytes;
95     fsverity_digest *data = reinterpret_cast<fsverity_digest *>(&bytes);
96     data->digest_size = kDigestSha256; // the only input/output parameter
97 
98     ScopedUtfChars path(env, filePath);
99     ::android::base::unique_fd rfd(open(path.c_str(), O_RDONLY | O_CLOEXEC));
100     if (rfd.get() < 0) {
101         return rfd.get();
102     }
103     if (auto err = ioctl(rfd.get(), FS_IOC_MEASURE_VERITY, data); err < 0) {
104         return err;
105     }
106 
107     if (data->digest_algorithm != FS_VERITY_HASH_ALG_SHA256) {
108         return -EINVAL;
109     }
110 
111     if (digest != nullptr && data->digest_size > 0) {
112         auto digestSize = env->GetArrayLength(digest);
113         if (data->digest_size > digestSize) {
114             return -E2BIG;
115         }
116         env->SetByteArrayRegion(digest, 0, data->digest_size, (const jbyte *)data->digest);
117     }
118 
119     return 0;
120 }
121 const JNINativeMethod sMethods[] = {
122         {"enableFsverityNative", "(Ljava/lang/String;[B)I", (void *)enableFsverity},
123         {"statxForFsverityNative", "(Ljava/lang/String;)I", (void *)statxForFsverity},
124         {"measureFsverityNative", "(Ljava/lang/String;[B)I", (void *)measureFsverity},
125 };
126 
127 } // namespace
128 
register_com_android_internal_security_VerityUtils(JNIEnv * env)129 int register_com_android_internal_security_VerityUtils(JNIEnv *env) {
130     return jniRegisterNativeMethods(env, "com/android/internal/security/VerityUtils", sMethods,
131                                     NELEM(sMethods));
132 }
133 
134 } // namespace android
135