Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 739c0b5193345abfce0373502c795448cc94a3ab^! / . / core / java / com / android / internal / os / Zygote.java
commit739c0b5193345abfce0373502c795448cc94a3ab[log] [tgz]
authorJeff Vander Stoep <jeffv@google.com>Mon Mar 25 20:27:52 2019 -0700
committerJeff Vander Stoep <jeffv@google.com>Tue Mar 26 13:11:30 2019 -0700
tree79e14ba349fdd72c1319dd7f691030340383d09f
parent417059b13ef2d7c0bec2278fe1c58ce975bf99c5 [diff] [blame]
Disable XOM on libraries for apps with targetSdkVerison<Q

Apps may (and do) assume that libraries are readable. To avoid app
breakage, mark execute-only sections of as read+execute
for apps with targetSdkVersion<Q.

Bug: 128907672
Test: Check libc for app with targetSdk==current
cat /proc/25950/maps | grep libc.so
77c01e3000-77c028b000 --xp 00041000 07:20 106 /apex/com.android.runtime/lib64/bionic/libc.so
Test: Check libc for app with targetSdk<current
cat /proc/26355/maps | grep libc.so
77c01e3000-77c028b000 r-xp 00041000 07:20 106
/apex/com.android.runtime/lib64/bionic/libc.so

Change-Id: I90b5c91923c8008ae4b4818985842fe3e354a850

diff --git a/core/java/com/android/internal/os/Zygote.java b/core/java/com/android/internal/os/Zygote.java
index 992ddd8..0e21fab 100644
--- a/core/java/com/android/internal/os/Zygote.java
+++ b/core/java/com/android/internal/os/Zygote.java

@@ -24,6 +24,7 @@
 import android.net.Credentials;
 import android.net.LocalServerSocket;
 import android.net.LocalSocket;
+import android.os.Build;
 import android.os.FactoryTest;
 import android.os.IVold;
 import android.os.Process;
@@ -236,7 +237,7 @@
     public static int forkAndSpecialize(int uid, int gid, int[] gids, int runtimeFlags,
             int[][] rlimits, int mountExternal, String seInfo, String niceName, int[] fdsToClose,
             int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir,
-            String packageName, String[] packagesForUID, String sandboxId) {
+            String packageName, String[] packagesForUID, String sandboxId, int targetSdkVersion) {
         ZygoteHooks.preFork();
         // Resets nice priority for zygote process.
         resetNicePriority();
@@ -246,6 +247,7 @@
                 packagesForUID, sandboxId);
         // Enable tracing as soon as possible for the child process.
         if (pid == 0) {
+            Zygote.disableExecuteOnly(targetSdkVersion);
             Trace.setTracingEnabled(true, runtimeFlags);
 
             // Note that this event ends at the end of handleChildProc,
@@ -599,6 +601,8 @@
                            args.mInstructionSet, args.mAppDataDir, args.mPackageName,
                            args.mPackagesForUid, args.mSandboxId);
 
+        disableExecuteOnly(args.mTargetSdkVersion);
+
         if (args.mNiceName != null) {
             Process.setArgV0(args.mNiceName);
         }
@@ -650,6 +654,17 @@
     }
 
     /**
+     * Mark execute-only segments of libraries read+execute for apps with targetSdkVersion<Q.
+     */
+    protected static void disableExecuteOnly(int targetSdkVersion) {
+        if ((targetSdkVersion < Build.VERSION_CODES.Q) && !nativeDisableExecuteOnly()) {
+            Log.e("Zygote", "Failed to set libraries to read+execute.");
+        }
+    }
+
+    private static native boolean nativeDisableExecuteOnly();
+
+    /**
      * @return  Raw file descriptors for the read-end of USAP reporting pipes.
      */
     protected static int[] getUsapPipeFDs() {