Autoformatter changes.

}

static void isolateAppData(JNIEnv* env, jobjectArray pkg_data_info_list,

    jobjectArray allowlisted_data_info_list, uid_t uid, const char* process_name,

    jstring managed_nice_name, fail_fn_t fail_fn) {

                           jobjectArray allowlisted_data_info_list, uid_t uid,

                           const char* process_name, jstring managed_nice_name, fail_fn_t fail_fn) {

    std::vector<std::string> merged_data_info_list;

  insertPackagesToMergedList(env, merged_data_info_list, pkg_data_info_list,

          process_name, managed_nice_name, fail_fn);

  insertPackagesToMergedList(env, merged_data_info_list, allowlisted_data_info_list,

          process_name, managed_nice_name, fail_fn);

    insertPackagesToMergedList(env, merged_data_info_list, pkg_data_info_list, process_name,

                               managed_nice_name, fail_fn);

    insertPackagesToMergedList(env, merged_data_info_list, allowlisted_data_info_list, process_name,

                               managed_nice_name, fail_fn);

    isolateAppData(env, merged_data_info_list, uid, process_name, managed_nice_name, fail_fn);

}

}

// Utility routine to specialize a zygote child process.

static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids,

                             jint runtime_flags, jobjectArray rlimits,

                             jlong permitted_capabilities, jlong effective_capabilities,

                             jint mount_external, jstring managed_se_info,

                             jstring managed_nice_name, bool is_system_server,

                             bool is_child_zygote, jstring managed_instruction_set,

                             jstring managed_app_data_dir, bool is_top_app,

                             jobjectArray pkg_data_info_list,

                             jobjectArray allowlisted_data_info_list,

                             bool mount_data_dirs, bool mount_storage_dirs) {

static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids, jint runtime_flags,

                             jobjectArray rlimits, jlong permitted_capabilities,

                             jlong effective_capabilities, jint mount_external,

                             jstring managed_se_info, jstring managed_nice_name,

                             bool is_system_server, bool is_child_zygote,

                             jstring managed_instruction_set, jstring managed_app_data_dir,

                             bool is_top_app, jobjectArray pkg_data_info_list,

                             jobjectArray allowlisted_data_info_list, bool mount_data_dirs,

                             bool mount_storage_dirs) {

    const char* process_name = is_system_server ? "system_server" : "zygote";

    auto fail_fn = std::bind(ZygoteFailure, env, process_name, managed_nice_name, _1);

    auto extract_fn = std::bind(ExtractJString, env, process_name, managed_nice_name, _1);

    DropCapabilitiesBoundingSet(fail_fn);

  bool need_pre_initialize_native_bridge =

      !is_system_server &&

      instruction_set.has_value() &&

    bool need_pre_initialize_native_bridge = !is_system_server && instruction_set.has_value() &&

            android::NativeBridgeAvailable() &&

            // Native bridge may be already initialized if this

            // is an app forked from app-zygote.

    // Sandbox data and jit profile directories by overlaying a tmpfs on those dirs and bind

    // mount all related packages separately.

    if (mount_data_dirs) {

    isolateAppData(env, pkg_data_info_list, allowlisted_data_info_list,

            uid, process_name, managed_nice_name, fail_fn);

        isolateAppData(env, pkg_data_info_list, allowlisted_data_info_list, uid, process_name,

                       managed_nice_name, fail_fn);

        isolateJitProfile(env, pkg_data_info_list, uid, process_name, managed_nice_name, fail_fn);

    }

    // MOUNT_EXTERNAL_INSTALLER, MOUNT_EXTERNAL_PASS_THROUGH, MOUNT_EXTERNAL_ANDROID_WRITABLE apps

    // will have mount_storage_dirs == false here (set by ProcessList.needsStorageDataIsolation()),

    // and hence they won't bind mount storage dirs.

    if (mount_storage_dirs) {

    BindMountStorageDirs(env, pkg_data_info_list, uid, process_name, managed_nice_name, fail_fn);

        BindMountStorageDirs(env, pkg_data_info_list, uid, process_name, managed_nice_name,

                             fail_fn);

    }

    // If this zygote isn't root, it won't be able to create a process group,

    if (need_pre_initialize_native_bridge) {

        // Due to the logic behind need_pre_initialize_native_bridge we know that

        // instruction_set contains a value.

    android::PreInitializeNativeBridge(

        app_data_dir.has_value() ? app_data_dir.value().c_str() : nullptr,

        android::PreInitializeNativeBridge(app_data_dir.has_value() ? app_data_dir.value().c_str()

                                                                    : nullptr,

                                           instruction_set.value().c_str());

    }

    }

    mallopt(M_BIONIC_SET_HEAP_TAGGING_LEVEL, heap_tagging_level);

  // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART runtime.

    // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART

    // runtime.

    runtime_flags &= ~RuntimeFlags::MEMORY_TAG_LEVEL_MASK;

    // Avoid heap zero initialization for applications without MTE. Zero init may

        mallopt(M_BIONIC_ZERO_INIT, 0);

    }

  // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART runtime.

    // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART

    // runtime.

    runtime_flags &= ~RuntimeFlags::NATIVE_HEAP_ZERO_INIT;

    bool forceEnableGwpAsan = false;

        case RuntimeFlags::GWP_ASAN_LEVEL_LOTTERY:

            android_mallopt(M_INITIALIZE_GWP_ASAN, &forceEnableGwpAsan, sizeof(forceEnableGwpAsan));

    }

  // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART runtime.

    // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART

    // runtime.

    runtime_flags &= ~RuntimeFlags::GWP_ASAN_LEVEL_MASK;

    if (NeedsNoRandomizeWorkaround()) {

        }

    }

  SetCapabilities(permitted_capabilities, effective_capabilities, permitted_capabilities, fail_fn);

    SetCapabilities(permitted_capabilities, effective_capabilities, permitted_capabilities,

                    fail_fn);

    __android_log_close();

    AStatsSocket_close();

    const char* nice_name_ptr = nice_name.has_value() ? nice_name.value().c_str() : nullptr;

    if (selinux_android_setcontext(uid, is_system_server, se_info_ptr, nice_name_ptr) == -1) {

    fail_fn(CREATE_ERROR("selinux_android_setcontext(%d, %d, \"%s\", \"%s\") failed",

                         uid, is_system_server, se_info_ptr, nice_name_ptr));

        fail_fn(CREATE_ERROR("selinux_android_setcontext(%d, %d, \"%s\", \"%s\") failed", uid,

                             is_system_server, se_info_ptr, nice_name_ptr));

    }

    // Make it easier to debug audit logs by setting the main thread's name to the

            fail_fn("Error calling post fork system server hooks.");

        }

    // TODO(oth): Remove hardcoded label here (b/117874058).

        // TODO(b/117874058): Remove hardcoded label here.

        static const char* kSystemServerLabel = "u:r:system_server:s0";

        if (selinux_android_setcon(kSystemServerLabel) != 0) {

            fail_fn(CREATE_ERROR("selinux_android_setcon(%s)", kSystemServerLabel));

NO_PAC_FUNC

static jint com_android_internal_os_Zygote_nativeForkAndSpecialize(

        JNIEnv* env, jclass, jint uid, jint gid, jintArray gids,

        jint runtime_flags, jobjectArray rlimits,

        jint mount_external, jstring se_info, jstring nice_name,

        JNIEnv* env, jclass, jint uid, jint gid, jintArray gids, jint runtime_flags,

        jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,

        jintArray managed_fds_to_close, jintArray managed_fds_to_ignore, jboolean is_child_zygote,

        jstring instruction_set, jstring app_data_dir, jboolean is_top_app,

        jobjectArray pkg_data_info_list, jobjectArray allowlisted_data_info_list,

    pid_t pid = zygote::ForkCommon(env, false, fds_to_close, fds_to_ignore, true);

    if (pid == 0) {

      SpecializeCommon(env, uid, gid, gids, runtime_flags, rlimits,

                       capabilities, capabilities,

                       mount_external, se_info, nice_name, false,

                       is_child_zygote == JNI_TRUE, instruction_set, app_data_dir,

                       is_top_app == JNI_TRUE, pkg_data_info_list,

                       allowlisted_data_info_list,

                       mount_data_dirs == JNI_TRUE,

        SpecializeCommon(env, uid, gid, gids, runtime_flags, rlimits, capabilities, capabilities,

                         mount_external, se_info, nice_name, false, is_child_zygote == JNI_TRUE,

                         instruction_set, app_data_dir, is_top_app == JNI_TRUE, pkg_data_info_list,

                         allowlisted_data_info_list, mount_data_dirs == JNI_TRUE,

                         mount_storage_dirs == JNI_TRUE);

    }

    return pid;

  if (pid == 0) {

      // System server prcoess does not need data isolation so no need to

      // know pkg_data_info_list.

      SpecializeCommon(env, uid, gid, gids, runtime_flags, rlimits,

                       permitted_capabilities, effective_capabilities,

                       MOUNT_EXTERNAL_DEFAULT, nullptr, nullptr, true,

      SpecializeCommon(env, uid, gid, gids, runtime_flags, rlimits, permitted_capabilities,

                       effective_capabilities, MOUNT_EXTERNAL_DEFAULT, nullptr, nullptr, true,

                       false, nullptr, nullptr, /* is_top_app= */ false,

                       /* pkg_data_info_list */ nullptr,

                       /* allowlisted_data_info_list */ nullptr, false, false);

 * @param is_top_app  If the process is for top (high priority) application

 */

static void com_android_internal_os_Zygote_nativeSpecializeAppProcess(

    JNIEnv* env, jclass, jint uid, jint gid, jintArray gids,

    jint runtime_flags, jobjectArray rlimits,

    jint mount_external, jstring se_info, jstring nice_name,

    jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app,

    jobjectArray pkg_data_info_list, jobjectArray allowlisted_data_info_list,

    jboolean mount_data_dirs, jboolean mount_storage_dirs) {

        JNIEnv* env, jclass, jint uid, jint gid, jintArray gids, jint runtime_flags,

        jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,

        jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir,

        jboolean is_top_app, jobjectArray pkg_data_info_list,

        jobjectArray allowlisted_data_info_list, jboolean mount_data_dirs,

        jboolean mount_storage_dirs) {

    jlong capabilities = CalculateCapabilities(env, uid, gid, gids, is_child_zygote);

  SpecializeCommon(env, uid, gid, gids, runtime_flags, rlimits,

                   capabilities, capabilities,

                   mount_external, se_info, nice_name, false,

                   is_child_zygote == JNI_TRUE, instruction_set, app_data_dir,

                   is_top_app == JNI_TRUE, pkg_data_info_list, allowlisted_data_info_list,

                   mount_data_dirs == JNI_TRUE, mount_storage_dirs == JNI_TRUE);

    SpecializeCommon(env, uid, gid, gids, runtime_flags, rlimits, capabilities, capabilities,

                     mount_external, se_info, nice_name, false, is_child_zygote == JNI_TRUE,

                     instruction_set, app_data_dir, is_top_app == JNI_TRUE, pkg_data_info_list,

                     allowlisted_data_info_list, mount_data_dirs == JNI_TRUE,

                     mount_storage_dirs == JNI_TRUE);

}

/**

bool FileDescriptorAllowlist::IsAllowed(const std::string& path) const {

    // Check the static allowlist path.

    for (const auto& allowlist_path : kPathAllowlist) {

    if (path == allowlist_path)

      return true;

        if (path == allowlist_path) return true;

    }

    // Check any paths added to the dynamic allowlist.

    for (const auto& allowlist_path : allowlist_) {

    if (path == allowlist_path)

      return true;

        if (path == allowlist_path) return true;

    }

    // Framework jars are allowed.

    static const char* kJarSuffix = ".jar";

    for (const auto& frameworks_prefix : kFrameworksPrefix) {

    if (android::base::StartsWith(path, frameworks_prefix)

        && android::base::EndsWith(path, kJarSuffix)) {

        if (android::base::StartsWith(path, frameworks_prefix) &&

            android::base::EndsWith(path, kJarSuffix)) {

            return true;

        }

    }

    static const char* kOemOverlayDir = "/oem/overlay";

    static const char* kApkSuffix = ".apk";

  if ((android::base::StartsWith(path, kOverlayDir)

       || android::base::StartsWith(path, kVendorOverlaySubdir)

       || android::base::StartsWith(path, kVendorOverlayDir)

       || android::base::StartsWith(path, kSystemProductOverlayDir)

       || android::base::StartsWith(path, kProductOverlayDir)

       || android::base::StartsWith(path, kSystemSystemExtOverlayDir)

       || android::base::StartsWith(path, kSystemExtOverlayDir)

       || android::base::StartsWith(path, kSystemOdmOverlayDir)

       || android::base::StartsWith(path, kOdmOverlayDir)

       || android::base::StartsWith(path, kSystemOemOverlayDir)

       || android::base::StartsWith(path, kOemOverlayDir))

      && android::base::EndsWith(path, kApkSuffix)

      && path.find("/../") == std::string::npos) {

    if ((android::base::StartsWith(path, kOverlayDir) ||

         android::base::StartsWith(path, kVendorOverlaySubdir) ||

         android::base::StartsWith(path, kVendorOverlayDir) ||

         android::base::StartsWith(path, kSystemProductOverlayDir) ||

         android::base::StartsWith(path, kProductOverlayDir) ||

         android::base::StartsWith(path, kSystemSystemExtOverlayDir) ||

         android::base::StartsWith(path, kSystemExtOverlayDir) ||

         android::base::StartsWith(path, kSystemOdmOverlayDir) ||

         android::base::StartsWith(path, kOdmOverlayDir) ||

         android::base::StartsWith(path, kSystemOemOverlayDir) ||

         android::base::StartsWith(path, kOemOverlayDir)) &&

        android::base::EndsWith(path, kApkSuffix) && path.find("/../") == std::string::npos) {

        return true;

    }

    static const char* kOverlayIdmapPrefix = "/data/resource-cache/";

    static const char* kOverlayIdmapSuffix = ".apk@idmap";

  if (android::base::StartsWith(path, kOverlayIdmapPrefix)

      && android::base::EndsWith(path, kOverlayIdmapSuffix)

      && path.find("/../") == std::string::npos) {

    if (android::base::StartsWith(path, kOverlayIdmapPrefix) &&

        android::base::EndsWith(path, kOverlayIdmapSuffix) &&

        path.find("/../") == std::string::npos) {

        return true;

    }

    // All regular files that are placed under this path are allowlisted

    // automatically.  The directory name is maintained for compatibility.

    static const char* kZygoteAllowlistPath = "/vendor/zygote_whitelist/";

  if (android::base::StartsWith(path, kZygoteAllowlistPath)

      && path.find("/../") == std::string::npos) {

    if (android::base::StartsWith(path, kZygoteAllowlistPath) &&

        path.find("/../") == std::string::npos) {

        return true;

    }

    return false;

}

FileDescriptorAllowlist::FileDescriptorAllowlist()

    : allowlist_() {

}

FileDescriptorAllowlist::FileDescriptorAllowlist() : allowlist_() {}

FileDescriptorAllowlist* FileDescriptorAllowlist::instance_ = nullptr;

    if (!allowlist->IsAllowed(socket_name)) {

        fail_fn(android::base::StringPrintf("Socket name not allowlisted : %s (fd=%d)",

                                          socket_name.c_str(),

                                          fd));

                                            socket_name.c_str(), fd));

    }

    return new FileDescriptorInfo(fd);

    static FileDescriptorAllowlist* Get();

    // Adds a path to the allowlist.

  void Allow(const std::string& path) {

    allowlist_.push_back(path);

  }

    void Allow(const std::string& path) { allowlist_.push_back(path); }

    // Returns true iff. a given path is allowlisted. A path is allowlisted

    // if it belongs to the allowlist (see kPathAllowlist) or if it's a path