Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / art / 597d7f650b0656fcb3985b01f53284717b41e5cc^! / . / runtime / runtime.cc
commit597d7f650b0656fcb3985b01f53284717b41e5cc[log] [tgz]
authorMathew Inwood <mathewi@google.com>Thu Mar 22 11:36:47 2018 +0000
committerMathew Inwood <mathewi@google.com>Fri Mar 23 11:43:35 2018 +0000
tree59ba9853104427b19f2449ce547301764d22756b
parent753ce1bcf458ad6c6fbb41689901943d44e7738e [diff] [blame]
More flexible API enforcement policy support.

This CL adds the ability to configure which banned API lists to enforce,
defined by new enum hiddenapi::ApiEnforcementPolicy. Currently, the policy
can be set at zygote fork time, but not at dex optimization time where
blacklist enforcement is still assumed. As such, making the policy more
strict will not work as expected yet. This will be improved in a follow up
CL.

Test: art tests pass
Test: Device boots

BUG: 73337509

(cherry-picked from commit 159f596eec01adbb5a1c9654402c137cdb943131)

Change-Id: I6c319bb8a3000cb1d3c4693b4fb196e749c36d96
Merged-In: I33f9afce628a86727e400052f4d5979d3536da8c

diff --git a/runtime/runtime.cc b/runtime/runtime.cc
index 7d9d342..53982ae 100644
--- a/runtime/runtime.cc
+++ b/runtime/runtime.cc

@@ -267,7 +267,7 @@
       oat_file_manager_(nullptr),
       is_low_memory_mode_(false),
       safe_mode_(false),
-      do_hidden_api_checks_(false),
+      hidden_api_policy_(hiddenapi::EnforcementPolicy::kNoChecks),
       pending_hidden_api_warning_(false),
       dedupe_hidden_api_warnings_(true),
       always_set_hidden_api_warning_flag_(false),
@@ -1196,9 +1196,14 @@
   // by default and we only enable them if:
   // (a) runtime was started with a flag that enables the checks, or
   // (b) Zygote forked a new process that is not exempt (see ZygoteHooks).
-  do_hidden_api_checks_ = runtime_options.Exists(Opt::HiddenApiChecks);
-  DCHECK(!is_zygote_ || !do_hidden_api_checks_)
-      << "Zygote should not be started with hidden API checks";
+  bool do_hidden_api_checks = runtime_options.Exists(Opt::HiddenApiChecks);
+  DCHECK(!is_zygote_ || !do_hidden_api_checks);
+  // TODO pass the actual enforcement policy in, rather than just a single bit.
+  // As is, we're encoding some logic here about which specific policy to use, which would be better
+  // controlled by the framework.
+  hidden_api_policy_ = do_hidden_api_checks
+      ? hiddenapi::EnforcementPolicy::kBlacklistOnly
+      : hiddenapi::EnforcementPolicy::kNoChecks;
 
   no_sig_chain_ = runtime_options.Exists(Opt::NoSigChain);
   force_native_bridge_ = runtime_options.Exists(Opt::ForceNativeBridge);