diff options
| author | Orion Hodson <oth@google.com> | 2021-06-30 21:17:53 +0100 |
|---|---|---|
| committer | Orion Hodson <oth@google.com> | 2021-07-02 12:09:41 +0100 |
| commit | 50f3251a165e2a72df60dcedfd2b1c520b3a240c (patch) | |
| tree | 055fce6a08ee3c6cbe2e54c122c6801770b01714 /libartbase | |
| parent | 22f8d34e9983994f78aaf0fd30831ea647282130 (diff) | |
runtime: add -Xdeny-art-apex-data-files
This option prevents the runtime from loading AOT artifacts installed
in /data/misc/apexdata/com.android.art.
(cherry picked from commit 971068dcaf5955634679dbfaf7b562ed52aff772)
Bug: 192049377
Test: manually adding option and running odsign_e2e_tests
Test: adding option and looking at proc/maps for system_server and zygote
Merged-In: I56c7ce55b64de72faf39a06238089fe4b6b84b88
Change-Id: Iacce98009c51b936149435cfb70a3f744a122031
Diffstat (limited to 'libartbase')
| -rw-r--r-- | libartbase/base/file_utils.cc | 16 | ||||
| -rw-r--r-- | libartbase/base/file_utils.h | 5 |
2 files changed, 13 insertions, 8 deletions
diff --git a/libartbase/base/file_utils.cc b/libartbase/base/file_utils.cc index 45c3e3ee10..cb0023e635 100644 --- a/libartbase/base/file_utils.cc +++ b/libartbase/base/file_utils.cc @@ -313,7 +313,8 @@ static std::string GetFirstBootClasspathExtensionJar(const std::string& android_ return kDefaultBcpExtensionJar; } -std::string GetDefaultBootImageLocation(const std::string& android_root) { +std::string GetDefaultBootImageLocation(const std::string& android_root, + bool deny_art_apex_data_files) { constexpr static const char* kJavalibBootArt = "javalib/boot.art"; constexpr static const char* kEtcBootImageProf = "etc/boot-image.prof"; @@ -321,9 +322,9 @@ std::string GetDefaultBootImageLocation(const std::string& android_root) { // - the primary boot image in the ART APEX (contains the Core Libraries) // - the boot image extensions (contains framework libraries) on the system partition, or // in the ART APEX data directory, if an update for the ART module has been been installed. - if (kIsTargetBuild) { + if (kIsTargetBuild && !deny_art_apex_data_files) { // If the ART APEX has been updated, the compiled boot image extension will be in the ART APEX - // data directory (assuming there is space). Otherwise, for a factory installed ART APEX it is + // data directory (assuming there is space and we trust the artifacts there). Otherwise, for a factory installed ART APEX it is // under $ANDROID_ROOT/framework/. const std::string first_extension_jar{GetFirstBootClasspathExtensionJar(android_root)}; const std::string boot_extension_image = GetApexDataBootImage(first_extension_jar); @@ -354,7 +355,7 @@ std::string GetDefaultBootImageLocation(std::string* error_msg) { if (android_root.empty()) { return ""; } - return GetDefaultBootImageLocation(android_root); + return GetDefaultBootImageLocation(android_root, /*deny_art_apex_data_files=*/false); } static std::string GetDalvikCacheDirectory(std::string_view root_directory, @@ -624,8 +625,11 @@ bool LocationIsOnSystem(const std::string& location) { #endif } -bool LocationIsTrusted(const std::string& location) { - return LocationIsOnSystem(location) || LocationIsOnArtApexData(location); +bool LocationIsTrusted(const std::string& location, bool trust_art_apex_data_files) { + if (LocationIsOnSystem(location)) { + return true; + } + return LocationIsOnArtApexData(location) & trust_art_apex_data_files; } bool ArtModuleRootDistinctFromAndroidRoot() { diff --git a/libartbase/base/file_utils.h b/libartbase/base/file_utils.h index 6af82ef55d..c1b00959da 100644 --- a/libartbase/base/file_utils.h +++ b/libartbase/base/file_utils.h @@ -74,7 +74,8 @@ std::string GetArtApexData(); std::string GetDefaultBootImageLocation(std::string* error_msg); // Returns the default boot image location, based on the passed `android_root`. -std::string GetDefaultBootImageLocation(const std::string& android_root); +std::string GetDefaultBootImageLocation(const std::string& android_root, + bool deny_art_apex_data_files); // Return true if we found the dalvik cache and stored it in the dalvik_cache argument. // `have_android_data` will be set to true if we have an ANDROID_DATA that exists, @@ -152,7 +153,7 @@ bool LocationIsOnApex(std::string_view location); // Returns whether the location is trusted for loading oat files. Trusted locations are protected // by dm-verity or fs-verity. The recognized locations are on /system or // /data/misc/apexdata/com.android.art. -bool LocationIsTrusted(const std::string& location); +bool LocationIsTrusted(const std::string& location, bool trust_art_apex_data_files); // Compare the ART module root against android root. Returns true if they are // both known and distinct. This is meant to be a proxy for 'running with apex'. |