Add jar files from the runtime APEX in the whitelist.

Those files moved from /system to the APEX. Test: m && boots Change-Id: I68c4c8243dae3eab321da4b0923c1a422d300c10
author: Nicolas Geoffray <ngeoffray@google.com> 2019-01-22 20:56:44 +0000
committer: Nicolas Geoffray <ngeoffray@google.com> 2019-01-24 09:41:32 +0000
commit: fca69e95a936d7f41deaba3025dd91308978d2e5 (patch)
tree: 0142f4e68105fd78f89a05ebbe01be8a75756052 /core/jni/fd_utils.cpp
parent: 0d4002db35fc6dd5976176b468597e8a65d8d895 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/core/jni/fd_utils.cpp b/core/jni/fd_utils.cpp
index 0ed8c0c97738..2aaf2f0a2bbe 100644
--- a/core/jni/fd_utils.cpp
+++ b/core/jni/fd_utils.cpp
@@ -71,6 +71,7 @@ bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
       return true;
   }
 
+  // Framework jars are allowed.
   static const char* kFrameworksPrefix = "/system/framework/";
   static const char* kJarSuffix = ".jar";
   if (android::base::StartsWith(path, kFrameworksPrefix)
@@ -78,6 +79,13 @@ bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
     return true;
   }
 
+  // Jars from the runtime apex are allowed.
+  static const char* kRuntimeApexPrefix = "/apex/com.android.runtime/javalib/";
+  if (android::base::StartsWith(path, kRuntimeApexPrefix)
+      && android::base::EndsWith(path, kJarSuffix)) {
+    return true;
+  }
+
   // Whitelist files needed for Runtime Resource Overlay, like these:
   // /system/vendor/overlay/framework-res.apk
   // /system/vendor/overlay-subdir/pg/framework-res.apk
author	Nicolas Geoffray <ngeoffray@google.com>	2019-01-22 20:56:44 +0000
committer	Nicolas Geoffray <ngeoffray@google.com>	2019-01-24 09:41:32 +0000
commit	fca69e95a936d7f41deaba3025dd91308978d2e5 (patch)
tree	0142f4e68105fd78f89a05ebbe01be8a75756052 /core/jni/fd_utils.cpp
parent	0d4002db35fc6dd5976176b468597e8a65d8d895 (diff)