Inclusivity cleanup of the Zygote.

Changed "whitelist" to "allowlist" in many Zygote files.

BYPASS_INCLUSIVE_LANGUAGE_REASON="compatability with vendor files"

Test: cts
Change-Id: Ia0a8548f2e254fc36a9dce7e50af8284ed0caa47

3 files changed, 51 insertions, 50 deletions

diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp
index bcfb06b15ab8..613affc7bb8f 100644
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -1400,13 +1400,13 @@ static void insertPackagesToMergedList(JNIEnv* env,
 }
 
 static void isolateAppData(JNIEnv* env, jobjectArray pkg_data_info_list,
-    jobjectArray whitelisted_data_info_list, uid_t uid, const char* process_name,
+    jobjectArray allowlisted_data_info_list, uid_t uid, const char* process_name,
     jstring managed_nice_name, fail_fn_t fail_fn) {
 
   std::vector<std::string> merged_data_info_list;
   insertPackagesToMergedList(env, merged_data_info_list, pkg_data_info_list,
           process_name, managed_nice_name, fail_fn);
-  insertPackagesToMergedList(env, merged_data_info_list, whitelisted_data_info_list,
+  insertPackagesToMergedList(env, merged_data_info_list, allowlisted_data_info_list,
           process_name, managed_nice_name, fail_fn);
 
   isolateAppData(env, merged_data_info_list, uid, process_name, managed_nice_name, fail_fn);
@@ -1518,7 +1518,7 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids,
                              bool is_child_zygote, jstring managed_instruction_set,
                              jstring managed_app_data_dir, bool is_top_app,
                              jobjectArray pkg_data_info_list,
-                             jobjectArray whitelisted_data_info_list,
+                             jobjectArray allowlisted_data_info_list,
                              bool mount_data_dirs, bool mount_storage_dirs) {
   const char* process_name = is_system_server ? "system_server" : "zygote";
   auto fail_fn = std::bind(ZygoteFailure, env, process_name, managed_nice_name, _1);
@@ -1555,7 +1555,7 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids,
   // Sandbox data and jit profile directories by overlaying a tmpfs on those dirs and bind
   // mount all related packages separately.
   if (mount_data_dirs) {
-    isolateAppData(env, pkg_data_info_list, whitelisted_data_info_list,
+    isolateAppData(env, pkg_data_info_list, allowlisted_data_info_list,
             uid, process_name, managed_nice_name, fail_fn);
     isolateJitProfile(env, pkg_data_info_list, uid, process_name, managed_nice_name, fail_fn);
   }
@@ -2073,7 +2073,7 @@ static jint com_android_internal_os_Zygote_nativeForkAndSpecialize(
         jint mount_external, jstring se_info, jstring nice_name,
         jintArray managed_fds_to_close, jintArray managed_fds_to_ignore, jboolean is_child_zygote,
         jstring instruction_set, jstring app_data_dir, jboolean is_top_app,
-        jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list,
+        jobjectArray pkg_data_info_list, jobjectArray allowlisted_data_info_list,
         jboolean mount_data_dirs, jboolean mount_storage_dirs) {
     jlong capabilities = CalculateCapabilities(env, uid, gid, gids, is_child_zygote);
 
@@ -2113,7 +2113,7 @@ static jint com_android_internal_os_Zygote_nativeForkAndSpecialize(
                        mount_external, se_info, nice_name, false,
                        is_child_zygote == JNI_TRUE, instruction_set, app_data_dir,
                        is_top_app == JNI_TRUE, pkg_data_info_list,
-                       whitelisted_data_info_list,
+                       allowlisted_data_info_list,
                        mount_data_dirs == JNI_TRUE,
                        mount_storage_dirs == JNI_TRUE);
     }
@@ -2152,7 +2152,7 @@ static jint com_android_internal_os_Zygote_nativeForkSystemServer(
                        MOUNT_EXTERNAL_DEFAULT, nullptr, nullptr, true,
                        false, nullptr, nullptr, /* is_top_app= */ false,
                        /* pkg_data_info_list */ nullptr,
-                       /* whitelisted_data_info_list */ nullptr, false, false);
+                       /* allowlisted_data_info_list */ nullptr, false, false);
   } else if (pid > 0) {
       // The zygote process checks whether the child process has died or not.
       ALOGI("System server process %d has been created", pid);
@@ -2260,7 +2260,7 @@ static void com_android_internal_os_Zygote_nativeAllowFileAcrossFork(
     if (!path_cstr) {
         RuntimeAbort(env, __LINE__, "path_cstr == nullptr");
     }
-    FileDescriptorWhitelist::Get()->Allow(path_cstr);
+    FileDescriptorAllowlist::Get()->Allow(path_cstr);
 }
 
 static void com_android_internal_os_Zygote_nativeInstallSeccompUidGidFilter(
@@ -2299,7 +2299,7 @@ static void com_android_internal_os_Zygote_nativeSpecializeAppProcess(
     jint runtime_flags, jobjectArray rlimits,
     jint mount_external, jstring se_info, jstring nice_name,
     jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app,
-    jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list,
+    jobjectArray pkg_data_info_list, jobjectArray allowlisted_data_info_list,
     jboolean mount_data_dirs, jboolean mount_storage_dirs) {
   jlong capabilities = CalculateCapabilities(env, uid, gid, gids, is_child_zygote);
 
@@ -2307,7 +2307,7 @@ static void com_android_internal_os_Zygote_nativeSpecializeAppProcess(
                    capabilities, capabilities,
                    mount_external, se_info, nice_name, false,
                    is_child_zygote == JNI_TRUE, instruction_set, app_data_dir,
-                   is_top_app == JNI_TRUE, pkg_data_info_list, whitelisted_data_info_list,
+                   is_top_app == JNI_TRUE, pkg_data_info_list, allowlisted_data_info_list,
                    mount_data_dirs == JNI_TRUE, mount_storage_dirs == JNI_TRUE);
 }
 
diff --git a/core/jni/fd_utils.cpp b/core/jni/fd_utils.cpp
index c73aae58fe7f..a8f0e097cb2e 100644
--- a/core/jni/fd_utils.cpp
+++ b/core/jni/fd_utils.cpp
@@ -31,8 +31,8 @@
 #include <android-base/stringprintf.h>
 #include <android-base/strings.h>
 
-// Static whitelist of open paths that the zygote is allowed to keep open.
-static const char* kPathWhitelist[] = {
+// Static allowlist of open paths that the zygote is allowed to keep open.
+static const char* kPathAllowlist[] = {
         "/dev/null",
         "/dev/socket/zygote",
         "/dev/socket/zygote_secondary",
@@ -51,9 +51,9 @@ static const char* kPathWhitelist[] = {
 static const char kFdPath[] = "/proc/self/fd";
 
 // static
-FileDescriptorWhitelist* FileDescriptorWhitelist::Get() {
+FileDescriptorAllowlist* FileDescriptorAllowlist::Get() {
   if (instance_ == nullptr) {
-    instance_ = new FileDescriptorWhitelist();
+    instance_ = new FileDescriptorAllowlist();
   }
   return instance_;
 }
@@ -62,16 +62,16 @@ static bool IsArtMemfd(const std::string& path) {
   return android::base::StartsWith(path, "/memfd:/boot-image-methods.art");
 }
 
-bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
-  // Check the static whitelist path.
-  for (const auto& whitelist_path : kPathWhitelist) {
-    if (path == whitelist_path)
+bool FileDescriptorAllowlist::IsAllowed(const std::string& path) const {
+  // Check the static allowlist path.
+  for (const auto& allowlist_path : kPathAllowlist) {
+    if (path == allowlist_path)
       return true;
   }
 
-  // Check any paths added to the dynamic whitelist.
-  for (const auto& whitelist_path : whitelist_) {
-    if (path == whitelist_path)
+  // Check any paths added to the dynamic allowlist.
+  for (const auto& allowlist_path : allowlist_) {
+    if (path == allowlist_path)
       return true;
   }
 
@@ -103,7 +103,7 @@ bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
     return true;
   }
 
-  // Whitelist files needed for Runtime Resource Overlay, like these:
+  // Allowlist files needed for Runtime Resource Overlay, like these:
   // /system/vendor/overlay/framework-res.apk
   // /system/vendor/overlay-subdir/pg/framework-res.apk
   // /vendor/overlay/framework-res.apk
@@ -148,9 +148,10 @@ bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
     return true;
   }
 
-  // All regular files that are placed under this path are whitelisted automatically.
-  static const char* kZygoteWhitelistPath = "/vendor/zygote_whitelist/";
-  if (android::base::StartsWith(path, kZygoteWhitelistPath)
+  // All regular files that are placed under this path are allowlisted
+  // automatically.  The directory name is maintained for compatibility.
+  static const char* kZygoteAllowlistPath = "/vendor/zygote_whitelist/";
+  if (android::base::StartsWith(path, kZygoteAllowlistPath)
       && path.find("/../") == std::string::npos) {
     return true;
   }
@@ -158,11 +159,11 @@ bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
   return false;
 }
 
-FileDescriptorWhitelist::FileDescriptorWhitelist()
-    : whitelist_() {
+FileDescriptorAllowlist::FileDescriptorAllowlist()
+    : allowlist_() {
 }
 
-FileDescriptorWhitelist* FileDescriptorWhitelist::instance_ = nullptr;
+FileDescriptorAllowlist* FileDescriptorAllowlist::instance_ = nullptr;
 
 // Keeps track of all relevant information (flags, offset etc.) of an
 // open zygote file descriptor.
@@ -215,7 +216,7 @@ FileDescriptorInfo* FileDescriptorInfo::CreateFromFd(int fd, fail_fn_t fail_fn)
     fail_fn(android::base::StringPrintf("Unable to stat %d", fd));
   }
 
-  const FileDescriptorWhitelist* whitelist = FileDescriptorWhitelist::Get();
+  const FileDescriptorAllowlist* allowlist = FileDescriptorAllowlist::Get();
 
   if (S_ISSOCK(f_stat.st_mode)) {
     std::string socket_name;
@@ -223,8 +224,8 @@ FileDescriptorInfo* FileDescriptorInfo::CreateFromFd(int fd, fail_fn_t fail_fn)
       fail_fn("Unable to get socket name");
     }
 
-    if (!whitelist->IsAllowed(socket_name)) {
-      fail_fn(android::base::StringPrintf("Socket name not whitelisted : %s (fd=%d)",
+    if (!allowlist->IsAllowed(socket_name)) {
+      fail_fn(android::base::StringPrintf("Socket name not allowlisted : %s (fd=%d)",
                                           socket_name.c_str(),
                                           fd));
     }
@@ -232,7 +233,7 @@ FileDescriptorInfo* FileDescriptorInfo::CreateFromFd(int fd, fail_fn_t fail_fn)
     return new FileDescriptorInfo(fd);
   }
 
-  // We only handle whitelisted regular files and character devices. Whitelisted
+  // We only handle allowlisted regular files and character devices. Allowlisted
   // character devices must provide a guarantee of sensible behaviour when
   // reopened.
   //
@@ -266,8 +267,8 @@ FileDescriptorInfo* FileDescriptorInfo::CreateFromFd(int fd, fail_fn_t fail_fn)
                                         strerror(errno)));
   }
 
-  if (!whitelist->IsAllowed(file_path)) {
-    fail_fn(android::base::StringPrintf("Not whitelisted (%d): %s", fd, file_path.c_str()));
+  if (!allowlist->IsAllowed(file_path)) {
+    fail_fn(android::base::StringPrintf("Not allowlisted (%d): %s", fd, file_path.c_str()));
   }
 
   // File descriptor flags : currently on FD_CLOEXEC. We can set these
diff --git a/core/jni/fd_utils.h b/core/jni/fd_utils.h
index 2caf1575981a..dadb35233be1 100644
--- a/core/jni/fd_utils.h
+++ b/core/jni/fd_utils.h
@@ -33,42 +33,42 @@ class FileDescriptorInfo;
 // This type is duplicated in com_android_internal_os_Zygote.cpp
 typedef const std::function<void(std::string)>& fail_fn_t;
 
-// Whitelist of open paths that the zygote is allowed to keep open.
+// Allowlist of open paths that the zygote is allowed to keep open.
 //
-// In addition to the paths listed in kPathWhitelist in file_utils.cpp, and
+// In addition to the paths listed in kPathAllowlist in file_utils.cpp, and
 // paths dynamically added with Allow(), all files ending with ".jar"
-// under /system/framework" are whitelisted. See IsAllowed() for the canonical
+// under /system/framework" are allowlisted. See IsAllowed() for the canonical
 // definition.
 //
-// If the whitelisted path is associated with a regular file or a
+// If the allowlisted path is associated with a regular file or a
 // character device, the file is reopened after a fork with the same
-// offset and mode. If the whilelisted  path is associated with a
+// offset and mode. If the allowlisted path is associated with a
 // AF_UNIX socket, the socket will refer to /dev/null after each
 // fork, and all operations on it will fail.
-class FileDescriptorWhitelist {
+class FileDescriptorAllowlist {
  public:
-  // Lazily creates the global whitelist.
-  static FileDescriptorWhitelist* Get();
+  // Lazily creates the global allowlist.
+  static FileDescriptorAllowlist* Get();
 
-  // Adds a path to the whitelist.
+  // Adds a path to the allowlist.
   void Allow(const std::string& path) {
-    whitelist_.push_back(path);
+    allowlist_.push_back(path);
   }
 
-  // Returns true iff. a given path is whitelisted. A path is whitelisted
-  // if it belongs to the whitelist (see kPathWhitelist) or if it's a path
+  // Returns true iff. a given path is allowlisted. A path is allowlisted
+  // if it belongs to the allowlist (see kPathAllowlist) or if it's a path
   // under /system/framework that ends with ".jar" or if it is a system
   // framework overlay.
   bool IsAllowed(const std::string& path) const;
 
  private:
-  FileDescriptorWhitelist();
+  FileDescriptorAllowlist();
 
-  static FileDescriptorWhitelist* instance_;
+  static FileDescriptorAllowlist* instance_;
 
-  std::vector<std::string> whitelist_;
+  std::vector<std::string> allowlist_;
 
-  DISALLOW_COPY_AND_ASSIGN(FileDescriptorWhitelist);
+  DISALLOW_COPY_AND_ASSIGN(FileDescriptorAllowlist);
 };
 
 // A FileDescriptorTable is a collection of FileDescriptorInfo objects