Assign non-runtime /apex/* dex files to platform domain
Until now only /system/framework and /apex/com.android.runtime were
known locations, assigning "platform" domain to the former and
"core-platform" domain to the latter. The media and conscrypt modules
were left in the "application" domain.
This patch adds a hardcoded path to the apex root and assigns all dex
files in subdirectories to the "platform" domain. This affects both
conscrypt and media modules.
Any other dex files on boot classpath are also assigned to "platform"
on first access. A warning is printed in such case and it is now deduped
to avoid logspam.
Bug: 125701194
Bug: 119068555
Test: compiles, boots, no conscrypt/media warnings about missing domain
Test: art/test.py -b -r -t 674
Change-Id: I33bef18459741095d3d99b541fc88b21cf547800
diff --git a/libartbase/base/file_utils.cc b/libartbase/base/file_utils.cc
index 2436e45..9e49d05 100644
--- a/libartbase/base/file_utils.cc
+++ b/libartbase/base/file_utils.cc
@@ -65,6 +65,9 @@
using android::base::StringPrintf;
static constexpr const char* kClassesDex = "classes.dex";
+static constexpr const char* kApexDefaultPath = "/apex/";
+static constexpr const char* kRuntimeApexEnvVar = "ANDROID_RUNTIME_ROOT";
+static constexpr const char* kRuntimeApexDefaultPath = "/apex/com.android.runtime";
bool ReadFileToString(const std::string& file_name, std::string* result) {
File file(file_name, O_RDONLY, false);
@@ -284,8 +287,8 @@
bool LocationIsOnRuntimeModule(const char* full_path) {
std::string error_msg;
- const char* runtime_path = GetAndroidDirSafe("ANDROID_RUNTIME_ROOT",
- "/apex/com.android.runtime",
+ const char* runtime_path = GetAndroidDirSafe(kRuntimeApexEnvVar,
+ kRuntimeApexDefaultPath,
&error_msg);
if (runtime_path == nullptr) {
return false;
@@ -293,6 +296,10 @@
return android::base::StartsWith(full_path, runtime_path);
}
+bool LocationIsOnApex(const char* full_path) {
+ return android::base::StartsWith(full_path, kApexDefaultPath);
+}
+
bool LocationIsOnSystem(const char* path) {
#ifdef _WIN32
UNUSED(path);
diff --git a/libartbase/base/file_utils.h b/libartbase/base/file_utils.h
index c8eca59..88dcbea 100644
--- a/libartbase/base/file_utils.h
+++ b/libartbase/base/file_utils.h
@@ -75,7 +75,7 @@
// ReplaceFileExtension("foo", "abc") == "foo.abc"
std::string ReplaceFileExtension(const std::string& filename, const std::string& new_extension);
-// Return whether the location is on apex/com.android.runtime
+// Return whether the location is on /apex/com.android.runtime
bool LocationIsOnRuntimeModule(const char* location);
// Return whether the location is on system (i.e. android root).
@@ -84,6 +84,9 @@
// Return whether the location is on system/framework (i.e. android_root/framework).
bool LocationIsOnSystemFramework(const char* location);
+// Return whether the location is on /apex/.
+bool LocationIsOnApex(const char* location);
+
// dup(2), except setting the O_CLOEXEC flag atomically, when possible.
int DupCloexec(int fd);
diff --git a/libdexfile/dex/art_dex_file_loader.cc b/libdexfile/dex/art_dex_file_loader.cc
index 7e93639..180ed7b 100644
--- a/libdexfile/dex/art_dex_file_loader.cc
+++ b/libdexfile/dex/art_dex_file_loader.cc
@@ -544,10 +544,12 @@
// Location can contain multidex suffix, so fetch its canonical version. Note
// that this will call `realpath`.
std::string path = DexFileLoader::GetDexCanonicalLocation(location.c_str());
- if (LocationIsOnSystemFramework(path.c_str())) {
- dex_file->SetHiddenapiDomain(hiddenapi::Domain::kPlatform);
- } else if (LocationIsOnRuntimeModule(path.c_str())) {
+ if (LocationIsOnRuntimeModule(path.c_str())) {
dex_file->SetHiddenapiDomain(hiddenapi::Domain::kCorePlatform);
+ } else if (LocationIsOnApex(path.c_str()) || LocationIsOnSystemFramework(path.c_str())) {
+ dex_file->SetHiddenapiDomain(hiddenapi::Domain::kPlatform);
+ } else {
+ dex_file->SetHiddenapiDomain(hiddenapi::Domain::kApplication);
}
}
return dex_file;
diff --git a/libdexfile/dex/dex_file.h b/libdexfile/dex/dex_file.h
index 4dae1c0..8a96123 100644
--- a/libdexfile/dex/dex_file.h
+++ b/libdexfile/dex/dex_file.h
@@ -756,7 +756,7 @@
ALWAYS_INLINE const CompactDexFile* AsCompactDexFile() const;
hiddenapi::Domain GetHiddenapiDomain() const { return hiddenapi_domain_; }
- void SetHiddenapiDomain(hiddenapi::Domain value) { hiddenapi_domain_ = value; }
+ void SetHiddenapiDomain(hiddenapi::Domain value) const { hiddenapi_domain_ = value; }
bool IsInMainSection(const void* addr) const {
return Begin() <= addr && addr < Begin() + Size();
@@ -870,7 +870,10 @@
// If the dex file is a compact dex file. If false then the dex file is a standard dex file.
const bool is_compact_dex_;
- hiddenapi::Domain hiddenapi_domain_;
+ // The domain this dex file belongs to for hidden API access checks.
+ // It is decleared `mutable` because the domain is assigned after the DexFile
+ // has been created and can be changed later by the runtime.
+ mutable hiddenapi::Domain hiddenapi_domain_;
friend class DexFileLoader;
friend class DexFileVerifierTest;
diff --git a/openjdkjvmti/fixed_up_dex_file.cc b/openjdkjvmti/fixed_up_dex_file.cc
index da7eef9..e8b3435 100644
--- a/openjdkjvmti/fixed_up_dex_file.cc
+++ b/openjdkjvmti/fixed_up_dex_file.cc
@@ -148,7 +148,7 @@
return nullptr;
}
- const_cast<art::DexFile*>(new_dex_file.get())->SetHiddenapiDomain(original.GetHiddenapiDomain());
+ new_dex_file->SetHiddenapiDomain(original.GetHiddenapiDomain());
DoDexUnquicken(*new_dex_file, original);
diff --git a/runtime/hidden_api.h b/runtime/hidden_api.h
index c4f7cbf..0a40341 100644
--- a/runtime/hidden_api.h
+++ b/runtime/hidden_api.h
@@ -106,8 +106,9 @@
Domain dex_domain = dex_file->GetHiddenapiDomain();
if (class_loader.IsNull() && dex_domain == Domain::kApplication) {
- // LOG(WARNING) << "DexFile " << dex_file->GetLocation() << " is in boot classpath "
- // << "but is assigned untrusted domain";
+ LOG(WARNING) << "DexFile " << dex_file->GetLocation()
+ << " is in boot classpath but is assigned the application domain";
+ dex_file->SetHiddenapiDomain(Domain::kPlatform);
dex_domain = Domain::kPlatform;
}
return dex_domain;