Merge "Rename preferCodeIntegrity to useEmbeddedDex"

    public static final int PRIVATE_FLAG_HAS_FRAGILE_USER_DATA = 1 << 24;

    /**

     * Indicate whether this application prefers code integrity, that is, run only code that is

     * signed. This requires android:extractNativeLibs to be "false", as well as .dex and .so (if

     * any) stored uncompressed inside the APK, which is signed. At run time, the implications

     * include:

     *

     * <ul>

     * <li>ART will JIT the dex code directly from the APK. There may be performance characteristic

     * changes depend on the actual workload.

     * </ul>

     * Indicates whether this application wants to use the embedded dex in the APK, rather than

     * extracted or locally compiled variants. This keeps the dex code protected by the APK

     * signature. Such apps will always run in JIT mode (same when they are first installed), and

     * the system will never generate ahead-of-time compiled code for them. Depending on the app's

     * workload, there may be some run time performance change, noteably the cold start time.

     *

     * @hide

     */

    public static final int PRIVATE_FLAG_PREFER_CODE_INTEGRITY = 1 << 25;

    public static final int PRIVATE_FLAG_USE_EMBEDDED_DEX = 1 << 25;

    /** @hide */

    @IntDef(flag = true, prefix = { "PRIVATE_FLAG_" }, value = {

            PRIVATE_FLAG_ISOLATED_SPLIT_LOADING,

            PRIVATE_FLAG_OEM,

            PRIVATE_FLAG_PARTIALLY_DIRECT_BOOT_AWARE,

            PRIVATE_FLAG_PREFER_CODE_INTEGRITY,

            PRIVATE_FLAG_USE_EMBEDDED_DEX,

            PRIVATE_FLAG_PRIVILEGED,

            PRIVATE_FLAG_PRODUCT,

            PRIVATE_FLAG_PRODUCT_SERVICES,

    }

    /** @hide */

    public boolean isCodeIntegrityPreferred() {

        return (privateFlags & PRIVATE_FLAG_PREFER_CODE_INTEGRITY) != 0;

    public boolean isEmbeddedDexUsed() {

        return (privateFlags & PRIVATE_FLAG_USE_EMBEDDED_DEX) != 0;

    }

    /**

        public final boolean extractNativeLibs;

        public final boolean isolatedSplits;

        public final boolean isSplitRequired;

        public final boolean preferCodeIntegrity;

        public final boolean useEmbeddedDex;

        public ApkLite(String codePath, String packageName, String splitName,

                boolean isFeatureSplit,

                int revisionCode, int installLocation, List<VerifierInfo> verifiers,

                SigningDetails signingDetails, boolean coreApp,

                boolean debuggable, boolean multiArch, boolean use32bitAbi,

                boolean preferCodeIntegrity, boolean extractNativeLibs, boolean isolatedSplits) {

                boolean useEmbeddedDex, boolean extractNativeLibs, boolean isolatedSplits) {

            this.codePath = codePath;

            this.packageName = packageName;

            this.splitName = splitName;

            this.debuggable = debuggable;

            this.multiArch = multiArch;

            this.use32bitAbi = use32bitAbi;

            this.preferCodeIntegrity = preferCodeIntegrity;

            this.useEmbeddedDex = useEmbeddedDex;

            this.extractNativeLibs = extractNativeLibs;

            this.isolatedSplits = isolatedSplits;

            this.isSplitRequired = isSplitRequired;

        boolean isolatedSplits = false;

        boolean isFeatureSplit = false;

        boolean isSplitRequired = false;

        boolean preferCodeIntegrity = false;

        boolean useEmbeddedDex = false;

        String configForSplit = null;

        String usesSplitName = null;

                        extractNativeLibsProvided = Boolean.valueOf(

                                attrs.getAttributeBooleanValue(i, true));

                    }

                    if ("preferCodeIntegrity".equals(attr)) {

                        preferCodeIntegrity = attrs.getAttributeBooleanValue(i, false);

                    if ("useEmbeddedDex".equals(attr)) {

                        useEmbeddedDex = attrs.getAttributeBooleanValue(i, false);

                    }

                }

            } else if (TAG_USES_SPLIT.equals(parser.getName())) {

        final boolean extractNativeLibs = (extractNativeLibsProvided != null)

                ? extractNativeLibsProvided : extractNativeLibsDefault;

        if (preferCodeIntegrity && extractNativeLibs) {

            throw new PackageParserException(

                    PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED,

                    "Can't request both preferCodeIntegrity and extractNativeLibs");

        }

        return new ApkLite(codePath, packageSplit.first, packageSplit.second, isFeatureSplit,

                configForSplit, usesSplitName, isSplitRequired, versionCode, versionCodeMajor,

                revisionCode, installLocation, verifiers, signingDetails, coreApp, debuggable,

                multiArch, use32bitAbi, preferCodeIntegrity, extractNativeLibs, isolatedSplits);

                multiArch, use32bitAbi, useEmbeddedDex, extractNativeLibs, isolatedSplits);

    }

    /**

        }

        if (sa.getBoolean(

                R.styleable.AndroidManifestApplication_preferCodeIntegrity,

                R.styleable.AndroidManifestApplication_useEmbeddedDex,

                false)) {

            ai.privateFlags |= ApplicationInfo.PRIVATE_FLAG_PREFER_CODE_INTEGRITY;

            ai.privateFlags |= ApplicationInfo.PRIVATE_FLAG_USE_EMBEDDED_DEX;

        }

        if (sa.getBoolean(

        // Make sure the application allows code generation

        ApplicationInfo appInfo = mContext.getApplicationInfo();

        if ((appInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PREFER_CODE_INTEGRITY) != 0

            || appInfo.isPrivilegedApp()) {

        if (appInfo.isEmbeddedDexUsed() || appInfo.isPrivilegedApp()) {

            mUseCompiledView = false;

            return;

        }

         resource] to be present in order to function. Default value is false. -->

    <attr name="isSplitRequired" format="boolean" />

    <!-- Flag to specify if this app prioritizes code integrity. The system may choose

         to run with better integrity guarantee in various components if possible based on the app's

         <code>targetSdkVersion</code>. -->

    <attr name="preferCodeIntegrity" format="boolean" />

    <!-- Flag to specify if this app wants to run the dex within its APK but not extracted or

         locally compiled variants. This keeps the dex code protected by the APK signature. Such

         apps will always run in JIT mode (same when they are first installed), and the system will

         never generate ahead-of-time compiled code for them. Depending on the app's workload,

         there may be some run time performance change, noteably the cold start time. -->

    <attr name="useEmbeddedDex" format="boolean" />

    <!-- Extra options for an activity's UI. Applies to either the {@code <activity>} or

         {@code <application>} tag. If specified on the {@code <application>}

             to honor this flag as well. -->

        <attr name="usesCleartextTraffic" />

        <attr name="multiArch" />

        <attr name="preferCodeIntegrity" />

        <attr name="useEmbeddedDex" />

        <attr name="extractNativeLibs" />

        <attr name="defaultToDeviceProtectedStorage" format="boolean" />

        <attr name="directBootAware" />

                mService.mNativeDebuggingApp = null;

            }

            if (app.info.isCodeIntegrityPreferred()

            if (app.info.isEmbeddedDexUsed()

                    || (app.info.isPrivilegedApp()

                        && DexManager.isPackageSelectedToRunOob(app.pkgList.mPkgList.keySet()))) {

                runtimeFlags |= Zygote.ONLY_USE_SYSTEM_OAT_FILES;