Set Zygote.DISABLE_HIDDEN_API_CHECKS for system apps
When forking a process for a system app, pass a flag to ART that
will disable enforcement of hidden API access checks.
Test: manual
Bug: 64382372
Change-Id: I5ba81d84a44c9467613f060428b11e1d9d725bd3
diff --git a/core/java/com/android/internal/os/Zygote.java b/core/java/com/android/internal/os/Zygote.java
index 9167076..d0f5ba7 100644
--- a/core/java/com/android/internal/os/Zygote.java
+++ b/core/java/com/android/internal/os/Zygote.java
@@ -55,6 +55,8 @@
public static final int DISABLE_VERIFIER = 1 << 9;
/** Only use oat files located in /system. Otherwise use dex/jar/apk . */
public static final int ONLY_USE_SYSTEM_OAT_FILES = 1 << 10;
+ /** Do not enfore hidden API access restrictions. */
+ public static final int DISABLE_HIDDEN_API_CHECKS = 1 << 11;
/** No external storage should be mounted. */
public static final int MOUNT_EXTERNAL_NONE = 0;
@@ -158,6 +160,9 @@
*/
public static int forkSystemServer(int uid, int gid, int[] gids, int runtimeFlags,
int[][] rlimits, long permittedCapabilities, long effectiveCapabilities) {
+ // SystemServer is always allowed to use hidden APIs.
+ runtimeFlags |= DISABLE_HIDDEN_API_CHECKS;
+
VM_HOOKS.preFork();
// Resets nice priority for zygote process.
resetNicePriority();
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 002381a..d3fb087 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -3877,6 +3877,12 @@
runtimeFlags |= Zygote.ONLY_USE_SYSTEM_OAT_FILES;
}
+ if (app.info.isAllowedToUseHiddenApi()) {
+ // This app is allowed to use undocumented and private APIs. Set
+ // up its runtime with the appropriate flag.
+ runtimeFlags |= Zygote.DISABLE_HIDDEN_API_CHECKS;
+ }
+
String invokeWith = null;
if ((app.info.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0) {
// Debuggable apps may include a wrapper script with their library directory.