| 16cb948fb9b4df4b169729dc6911c041884cb667 |
|
10-May-2018 |
Nicolas Geoffray <ngeoffray@google.com> |
Handle multidex in LocationIsOnSystemFramework.
bug: 79111915
Test: art_dex_file_loader_test.cc
(cherry picked from commit 0d0f3164160e50ddb78022f662c5438fc167f50d)
Change-Id: I1ee65e6a410f2a7610d0bf210eacd3cf3df13b18
|
| f2a300b80e0e7a5fee51b0f32203111a29969288 |
|
27-Mar-2018 |
David Brazdil <dbrazdil@google.com> |
Revert "Revert "Allow hidden API access from system libraries""
Libraries like RemoteDisplay provide an APK that an app loads into
its process and which accesses internal APIs on the app's behalf,
without exposing the internals to the app. These libraries are
considered part of the platform, but were not exempt from hidden API
checks because they are not loaded with the boot strap class loader.
This patch adds a new flag to DexFile class which the constructor
sets to true of the canonical location of the newly loaded dex file
starts with "${ANDROID_ROOT}/framework/". Hidden API enforcement
then checks this flag when determining whether the caller of
a hidden class member is allowed to access it or not.
This reverts commit 0127b71a2588efcd1a53c192c5c267157878b010.
Previous CL saw two issues:
- buildbots would set non-existent ANDROID_ROOT for host-side builds
- calling realpath on unquickened dex files would overflow the stack
Bug: 64382372
Bug: 76138670
Bug: 76165623
Bug: 76112393
Bug: 76452688
Bug: 76429651
Test: art/test.py --target -r -b -t 674-hiddenapi
Test: SystemUI APCT test
Merged-In: Ie07a088509002593353965d3d24bf7362b643f40
Change-Id: Ie07a088509002593353965d3d24bf7362b643f40
(cherry picked from commit 8e1a7cb303d7c8f763dfb99ae311b820996b1ab4)
|
| 229512a571c84aba8c5eee4792e87d64fbb3f194 |
|
22-Mar-2018 |
Mathieu Chartier <mathieuc@google.com> |
Verify dex files in zip and from files are not CompactDex
Since there is no CompactDex verifier, dex2oat may crash for invalid
CompactDex files in the APK or directly as files. Disallow opening
these to prevent crashes.
Bug: 75967391
Bug: 63756964
Test: test-art-host-gtest
(cherry picked from commit 14e7badae4f118ecd8481913c927316737fd21fa)
Merged-In: Ifc86f7bc2a478201473aad6481bf1e3435a910ae
Change-Id: Ic239377b0dc5a64ad5027c4bb31c7813f2103c4c
|
| 66ff8a8b82ff103d48d40e8dad01342c2d6f6d0d |
|
28-Feb-2018 |
Nicolas Geoffray <ngeoffray@google.com> |
Revert "Revert "Full-stack integrity: check vdex contents.""
bug: 30972906
Initial revert due to 'check' file of the test needing updating for target tests.
This reverts commit a19b7649faf8780737be7ce3ec48a12d81c6d69f.
Change-Id: I455780bd88cd89ff80c9084d399e2beeb819b95f
|
| a19b7649faf8780737be7ce3ec48a12d81c6d69f |
|
27-Feb-2018 |
Nicolas Geoffray <ngeoffray@google.com> |
Revert "Full-stack integrity: check vdex contents."
bug: 30972906
Test fails on device.
This reverts commit d6f914ea4bd09f2d60db2783f7a3fd93d3ec0afb.
Change-Id: I53902b0d6d4dbe8237f61bf01542acf538229c71
|
| d6f914ea4bd09f2d60db2783f7a3fd93d3ec0afb |
|
15-Feb-2018 |
Nicolas Geoffray <ngeoffray@google.com> |
Full-stack integrity: check vdex contents.
For priv-apps, if a vdex on /data has dex code, it must
be because the APK has compressed dex code.
Fall back to APK if not.
For test convenience, update --copy-dex-files to also
take a "always" variant.
bug: 30972906
Test: 677-fsi
Change-Id: I49f0eab46650145316a86de2971a3b9c140bcff7
|
| ccb0019c9c60617dcd420c6c92a931e1d82c4920 |
|
18-Feb-2018 |
George Burgess IV <gbiv@google.com> |
Fix a memory leak
dex_file is meant to take ownership of `container`. There's at least
one path (`error_msg = "Invalid or truncated dex file";`) where
`container` never gets passed along to a dex_file.
Caught by the static analyzer:
art/runtime/dex/dex_file_loader.cc:406:45: warning: Potential memory
leak
Bug: None
Test: Reran the analyzer. Memory leak complaints are gone.
Change-Id: Ib57008e444d32b366bb2beabec8e39b8e84fd9db
|
| 334b9d73482fba9c335d9b758041fc0865ef74d4 |
|
13-Feb-2018 |
David Sehr <sehr@google.com> |
Move libdexfile out of runtime
Move the files out of runtime, leaving unfortunate dependences still
there on runtime/base (for the moment). Also separates the build logic
into two Android.bp files.
Bug: 22322814
Test: make -j 50 test-art-host
Change-Id: Ib0a1cda833b29ecfa4c8c50f23fab89ba666f491
|
| c3a22aa19bbe35ff8447460b29e07d42937a39de |
|
20-Jan-2018 |
Mathieu Chartier <mathieuc@google.com> |
Add shared separate data section for compact dex
Added a shared dex data buffer for compact dex files, this buffer
is referenced by all compact dex files in a vdex file. Repurposed
the existing data_off / data_size fields in the header.
After the shared buffer is filled up, it is placed after the dex
files in the oat writer and the dex file headers are fixed up to have
the correct offsets / sizes to the shared buffer.
Motivation:
Make it easy to deduplicate data across dexes.
Bug: 63756964
Test: test-art-host
Change-Id: I17855a0c78b20be3d323d12dedb9c695962be3ed
|
| 2b9c35be35a759ba2032692648f5bbcb1e7e78c8 |
|
12-Jan-2018 |
David Brazdil <dbrazdil@google.com> |
Introduce new build tool: hiddenapi
New tool `hiddenapi` iterates over all class members inside given
DEX files and modifies their access flags if their signatures
appear on one of two lists - greylist and blacklist - provided as
text file inputs. These access flags denote to the runtime that
the marked methods/fields should be treated as internal APIs with
restricted access.
Two bits of information are encoded in the DEX access flags. These
are encoded as unsigned LEB128 values in DEX and so as to not
increase the size of the DEX, different modifiers were chosen to
carry the information under different circumstances.
First bit is encoded as the inversion of visibility access flags
(bits 2:0). At most one of these flags can be set at any given time.
Inverting these bits therefore produces a value where at least two
bits are set and there is never any loss of information.
Second bit is encoded differently for each given type of class
member as there is no single unused bit such that setting it would
not increase the size of the LEB128 encoding.
- Bit 5 for fields as it carries no other meaning
- Bit 5 for non-native methods, as `synchronized` can only be set
on native methods
- Bit 9 for native methods, as it carries no meaning and bit 8
(native) will make the LEB128 encoding at least two bytes long
This tool is meant to be applied on boot class path DEX files and
as such, this encoding is not part of the DEX specification and may
change in the future. Access flags returned by ClassDataItemIterator
are stripped of these hidden flags and thus fully transparent to the
runtime.
Test: m test-art-host
Bug: 64382372
Change-Id: Ifc237ff8a35a8b470b7fc682a9cb879370d1e6e9
|
| 013fd8073f3ece22b0bba1853d3f3430c8a9e4bd |
|
12-Jan-2018 |
David Sehr <sehr@google.com> |
Create an ART-independent DexFileLoader
Opening DEX files should not rely on instantiating a runtime or having a
large number of dependencies on runtime components. This CL makes
DexFileLoader a stub class that is independent of ART, and introduces a
subclass ArtDexFileLoader that contains the current implementations.
Bug: 22322814
Test: make -j 50 test-art-host
Change-Id: Ia6e92ae93c347057ea0c10455525239cbbe42c03
|