Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9330d5e3 authored by Ashwini Oruganti's avatar Ashwini Oruganti
Browse files

Resolve conflicting values of usesCleartextTraffic for shared processes 

Bug: 148240416
Test: Manually tested by installing two apps running in a shared process
and starting their shared process activities in various orders. The
value of usesCleartextTraffic gets set as expected.
Change-Id: Ib350c09c42d5524734fb259a2ab787790f2d8e30
parent eac54148

core/java/android/app/LoadedApk.java

+4 −0
Original line number Diff line number Diff line
@@ -46,6 +46,7 @@ import android.os.StrictMode; 
import android.os.SystemProperties;

import android.os.Trace;

import android.os.UserHandle;

import android.security.net.config.NetworkSecurityConfigProvider;

import android.sysprop.VndkProperties;

import android.text.TextUtils;

import android.util.AndroidRuntimeException;
@@ -1202,6 +1203,9 @@ public final class LoadedApk { 
            }



            ContextImpl appContext = ContextImpl.createAppContext(mActivityThread, this);

            // The network security config needs to be aware of multiple

            // applications in the same process to handle discrepancies

            NetworkSecurityConfigProvider.handleNewApplication(appContext);

            app = mActivityThread.mInstrumentation.newApplication(

                    cl, appClass, appContext);

            appContext.setOuterContext(app);

core/java/android/security/net/config/NetworkSecurityConfigProvider.java

+30 −1
Original line number Diff line number Diff line
@@ -17,11 +17,14 @@ 
package android.security.net.config;



import android.content.Context;

import java.security.Security;

import android.util.Log;



import java.security.Provider;

import java.security.Security;



/** @hide */

public final class NetworkSecurityConfigProvider extends Provider {

    private static final String LOG_TAG = "nsconfig";

    private static final String PREFIX =

            NetworkSecurityConfigProvider.class.getPackage().getName() + ".";
@@ -42,4 +45,30 @@ public final class NetworkSecurityConfigProvider extends Provider { 
        }

        libcore.net.NetworkSecurityPolicy.setInstance(new ConfigNetworkSecurityPolicy(config));

    }



    /**

     * For a shared process, resolves conflicting values of usesCleartextTraffic.

     * 1. Throws a RuntimeException if the shared process with conflicting

     * usesCleartextTraffic values have per domain rules.

     * 2. Sets the default instance to the least strict config.

     */

    public static void handleNewApplication(Context context) {

        ApplicationConfig config = new ApplicationConfig(new ManifestConfigSource(context));

        ApplicationConfig defaultConfig = ApplicationConfig.getDefaultInstance();

        String mProcessName = context.getApplicationInfo().processName;

        if (defaultConfig != null) {

            if (defaultConfig.isCleartextTrafficPermitted()

                    != config.isCleartextTrafficPermitted()) {

                Log.w(LOG_TAG, mProcessName

                        + ": New config does not match the previously set config.");



                if (defaultConfig.hasPerDomainConfigs()

                        || config.hasPerDomainConfigs()) {

                    throw new RuntimeException("Found multiple conflicting per-domain rules");

                }

                config = defaultConfig.isCleartextTrafficPermitted() ? defaultConfig : config;

            }

        }

        ApplicationConfig.setDefaultInstance(config);

    }

}