Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a6f8803c authored by Chris Wailes's avatar Chris Wailes
Browse files

Inclusivity cleanup of the Zygote. 

Changed "whitelist" to "allowlist" in many Zygote files.

BYPASS_INCLUSIVE_LANGUAGE_REASON="compatability with vendor files"

Test: cts
Change-Id: Ia0a8548f2e254fc36a9dce7e50af8284ed0caa47
parent d8066390

core/java/android/os/ZygoteProcess.java

+9 −9
Original line number Diff line number Diff line
@@ -333,7 +333,7 @@ public class ZygoteProcess { 
     *                             started.

     * @param pkgDataInfoMap Map from related package names to private data directory

     *                       volume UUID and inode number.

     * @param whitelistedDataInfoMap Map from allowlisted package names to private data directory

     * @param allowlistedDataInfoList Map from allowlisted package names to private data directory

     *                       volume UUID and inode number.

     * @param bindMountAppsData whether zygote needs to mount CE and DE data.

     * @param bindMountAppStorageDirs whether zygote needs to mount Android/obb and Android/data.
@@ -359,7 +359,7 @@ public class ZygoteProcess { 
                                                  @Nullable Map<String, Pair<String, Long>>

                                                          pkgDataInfoMap,

                                                  @Nullable Map<String, Pair<String, Long>>

                                                          whitelistedDataInfoMap,

                                                          allowlistedDataInfoList,

                                                  boolean bindMountAppsData,

                                                  boolean bindMountAppStorageDirs,

                                                  @Nullable String[] zygoteArgs) {
@@ -373,7 +373,7 @@ public class ZygoteProcess { 
                    runtimeFlags, mountExternal, targetSdkVersion, seInfo,

                    abi, instructionSet, appDataDir, invokeWith, /*startChildZygote=*/ false,

                    packageName, zygotePolicyFlags, isTopApp, disabledCompatChanges,

                    pkgDataInfoMap, whitelistedDataInfoMap, bindMountAppsData,

                    pkgDataInfoMap, allowlistedDataInfoList, bindMountAppsData,

                    bindMountAppStorageDirs, zygoteArgs);

        } catch (ZygoteStartFailedEx ex) {

            Log.e(LOG_TAG,
@@ -615,7 +615,7 @@ public class ZygoteProcess { 
     * @param disabledCompatChanges a list of disabled compat changes for the process being started.

     * @param pkgDataInfoMap Map from related package names to private data directory volume UUID

     *                       and inode number.

     * @param whitelistedDataInfoMap Map from allowlisted package names to private data directory

     * @param allowlistedDataInfoList Map from allowlisted package names to private data directory

     *                       volume UUID and inode number.

     * @param bindMountAppsData whether zygote needs to mount CE and DE data.

     * @param bindMountAppStorageDirs whether zygote needs to mount Android/obb and Android/data.
@@ -642,7 +642,7 @@ public class ZygoteProcess { 
                                                      @Nullable Map<String, Pair<String, Long>>

                                                              pkgDataInfoMap,

                                                      @Nullable Map<String, Pair<String, Long>>

                                                              whitelistedDataInfoMap,

                                                              allowlistedDataInfoList,

                                                      boolean bindMountAppsData,

                                                      boolean bindMountAppStorageDirs,

                                                      @Nullable String[] extraArgs)
@@ -733,12 +733,12 @@ public class ZygoteProcess { 
            }

            argsForZygote.add(sb.toString());

        }

        if (whitelistedDataInfoMap != null && whitelistedDataInfoMap.size() > 0) {

        if (allowlistedDataInfoList != null && allowlistedDataInfoList.size() > 0) {

            StringBuilder sb = new StringBuilder();

            sb.append(Zygote.WHITELISTED_DATA_INFO_MAP);

            sb.append(Zygote.ALLOWLISTED_DATA_INFO_MAP);

            sb.append("=");

            boolean started = false;

            for (Map.Entry<String, Pair<String, Long>> entry : whitelistedDataInfoMap.entrySet()) {

            for (Map.Entry<String, Pair<String, Long>> entry : allowlistedDataInfoList.entrySet()) {

                if (started) {

                    sb.append(',');

                }
@@ -1318,7 +1318,7 @@ public class ZygoteProcess { 
                    true /* startChildZygote */, null /* packageName */,

                    ZYGOTE_POLICY_FLAG_SYSTEM_PROCESS /* zygotePolicyFlags */, false /* isTopApp */,

                    null /* disabledCompatChanges */, null /* pkgDataInfoMap */,

                    null /* whitelistedDataInfoMap */, true /* bindMountAppsData*/,

                    null /* allowlistedDataInfoList */, true /* bindMountAppsData*/,

                    /* bindMountAppStorageDirs */ false, extraArgs);



        } catch (ZygoteStartFailedEx ex) {

core/java/com/android/internal/os/Zygote.java

+10 −10
Original line number Diff line number Diff line
@@ -202,7 +202,7 @@ public final class Zygote { 
    public static final String PKG_DATA_INFO_MAP = "--pkg-data-info-map";



    /** List of allowlisted packages and its app data info: volume uuid and inode. */

    public static final String WHITELISTED_DATA_INFO_MAP = "--whitelisted-data-info-map";

    public static final String ALLOWLISTED_DATA_INFO_MAP = "--allowlisted-data-info-map";



    /** Bind mount app storage dirs to lower fs not via fuse */

    public static final String BIND_MOUNT_APP_STORAGE_DIRS = "--bind-mount-storage-dirs";
@@ -324,7 +324,7 @@ public final class Zygote { 
     * @param isTopApp true if the process is for top (high priority) application.

     * @param pkgDataInfoList A list that stores related packages and its app data

     * info: volume uuid and inode.

     * @param whitelistedDataInfoList Like pkgDataInfoList, but it's for allowlisted apps.

     * @param allowlistedDataInfoList Like pkgDataInfoList, but it's for allowlisted apps.

     * @param bindMountAppDataDirs  True if the zygote needs to mount data dirs.

     * @param bindMountAppStorageDirs  True if the zygote needs to mount storage dirs.

     *
@@ -334,14 +334,14 @@ public final class Zygote { 
    static int forkAndSpecialize(int uid, int gid, int[] gids, int runtimeFlags,

            int[][] rlimits, int mountExternal, String seInfo, String niceName, int[] fdsToClose,

            int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir,

            boolean isTopApp, String[] pkgDataInfoList, String[] whitelistedDataInfoList,

            boolean isTopApp, String[] pkgDataInfoList, String[] allowlistedDataInfoList,

            boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs) {

        ZygoteHooks.preFork();



        int pid = nativeForkAndSpecialize(

                uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, fdsToClose,

                fdsToIgnore, startChildZygote, instructionSet, appDataDir, isTopApp,

                pkgDataInfoList, whitelistedDataInfoList, bindMountAppDataDirs,

                pkgDataInfoList, allowlistedDataInfoList, bindMountAppDataDirs,

                bindMountAppStorageDirs);

        if (pid == 0) {

            // Note that this event ends at the end of handleChildProc,
@@ -364,7 +364,7 @@ public final class Zygote { 
            int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,

            int[] fdsToClose, int[] fdsToIgnore, boolean startChildZygote, String instructionSet,

            String appDataDir, boolean isTopApp, String[] pkgDataInfoList,

            String[] whitelistedDataInfoList, boolean bindMountAppDataDirs,

            String[] allowlistedDataInfoList, boolean bindMountAppDataDirs,

            boolean bindMountAppStorageDirs);



    /**
@@ -392,18 +392,18 @@ public final class Zygote { 
     * volume uuid and CE dir inode. For example, pkgDataInfoList = [app_a_pkg_name,

     * app_a_data_volume_uuid, app_a_ce_inode, app_b_pkg_name, app_b_data_volume_uuid,

     * app_b_ce_inode, ...];

     * @param whitelistedDataInfoList Like pkgDataInfoList, but it's for allowlisted apps.

     * @param allowlistedDataInfoList Like pkgDataInfoList, but it's for allowlisted apps.

     * @param bindMountAppDataDirs  True if the zygote needs to mount data dirs.

     * @param bindMountAppStorageDirs  True if the zygote needs to mount storage dirs.

     */

    private static void specializeAppProcess(int uid, int gid, int[] gids, int runtimeFlags,

            int[][] rlimits, int mountExternal, String seInfo, String niceName,

            boolean startChildZygote, String instructionSet, String appDataDir, boolean isTopApp,

            String[] pkgDataInfoList, String[] whitelistedDataInfoList,

            String[] pkgDataInfoList, String[] allowlistedDataInfoList,

            boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs) {

        nativeSpecializeAppProcess(uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo,

                niceName, startChildZygote, instructionSet, appDataDir, isTopApp,

                pkgDataInfoList, whitelistedDataInfoList,

                pkgDataInfoList, allowlistedDataInfoList,

                bindMountAppDataDirs, bindMountAppStorageDirs);



        // Note that this event ends at the end of handleChildProc.
@@ -428,7 +428,7 @@ public final class Zygote { 
    private static native void nativeSpecializeAppProcess(int uid, int gid, int[] gids,

            int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,

            boolean startChildZygote, String instructionSet, String appDataDir, boolean isTopApp,

            String[] pkgDataInfoList, String[] whitelistedDataInfoList,

            String[] pkgDataInfoList, String[] allowlistedDataInfoList,

            boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs);



    /**
@@ -807,7 +807,7 @@ public final class Zygote { 
                                 args.mRuntimeFlags, rlimits, args.mMountExternal,

                                 args.mSeInfo, args.mNiceName, args.mStartChildZygote,

                                 args.mInstructionSet, args.mAppDataDir, args.mIsTopApp,

                                 args.mPkgDataInfoList, args.mWhitelistedDataInfoList,

                                 args.mPkgDataInfoList, args.mAllowlistedDataInfoList,

                                 args.mBindMountAppDataDirs, args.mBindMountAppStorageDirs);



            Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER);

core/java/com/android/internal/os/ZygoteArguments.java

+3 −3
Original line number Diff line number Diff line
@@ -230,7 +230,7 @@ class ZygoteArguments { 
     * A list that stores all allowlisted app data info: volume uuid and inode.

     * Null if it does need to do app data isolation.

     */

    String[] mWhitelistedDataInfoList;

    String[] mAllowlistedDataInfoList;



    /**

     * @see Zygote#BIND_MOUNT_APP_STORAGE_DIRS
@@ -475,8 +475,8 @@ class ZygoteArguments { 
                }

            } else if (arg.startsWith(Zygote.PKG_DATA_INFO_MAP)) {

                mPkgDataInfoList = getAssignmentList(arg);

            } else if (arg.startsWith(Zygote.WHITELISTED_DATA_INFO_MAP)) {

                mWhitelistedDataInfoList = getAssignmentList(arg);

            } else if (arg.startsWith(Zygote.ALLOWLISTED_DATA_INFO_MAP)) {

                mAllowlistedDataInfoList = getAssignmentList(arg);

            } else if (arg.equals(Zygote.BIND_MOUNT_APP_STORAGE_DIRS)) {

                mBindMountAppStorageDirs = true;

            } else if (arg.equals(Zygote.BIND_MOUNT_APP_DATA_DIRS)) {

core/java/com/android/internal/os/ZygoteConnection.java

+1 −1
Original line number Diff line number Diff line
@@ -265,7 +265,7 @@ class ZygoteConnection { 
                            fdsToClose, fdsToIgnore, parsedArgs.mStartChildZygote,

                            parsedArgs.mInstructionSet, parsedArgs.mAppDataDir,

                            parsedArgs.mIsTopApp, parsedArgs.mPkgDataInfoList,

                            parsedArgs.mWhitelistedDataInfoList, parsedArgs.mBindMountAppDataDirs,

                            parsedArgs.mAllowlistedDataInfoList, parsedArgs.mBindMountAppDataDirs,

                            parsedArgs.mBindMountAppStorageDirs);



                    try {

core/jni/com_android_internal_os_Zygote.cpp

+10 −10
Original line number Diff line number Diff line
@@ -1400,13 +1400,13 @@ static void insertPackagesToMergedList(JNIEnv* env, 
}



static void isolateAppData(JNIEnv* env, jobjectArray pkg_data_info_list,

    jobjectArray whitelisted_data_info_list, uid_t uid, const char* process_name,

    jobjectArray allowlisted_data_info_list, uid_t uid, const char* process_name,

    jstring managed_nice_name, fail_fn_t fail_fn) {



  std::vector<std::string> merged_data_info_list;

  insertPackagesToMergedList(env, merged_data_info_list, pkg_data_info_list,

          process_name, managed_nice_name, fail_fn);

  insertPackagesToMergedList(env, merged_data_info_list, whitelisted_data_info_list,

  insertPackagesToMergedList(env, merged_data_info_list, allowlisted_data_info_list,

          process_name, managed_nice_name, fail_fn);



  isolateAppData(env, merged_data_info_list, uid, process_name, managed_nice_name, fail_fn);
@@ -1518,7 +1518,7 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids, 
                             bool is_child_zygote, jstring managed_instruction_set,

                             jstring managed_app_data_dir, bool is_top_app,

                             jobjectArray pkg_data_info_list,

                             jobjectArray whitelisted_data_info_list,

                             jobjectArray allowlisted_data_info_list,

                             bool mount_data_dirs, bool mount_storage_dirs) {

  const char* process_name = is_system_server ? "system_server" : "zygote";

  auto fail_fn = std::bind(ZygoteFailure, env, process_name, managed_nice_name, _1);
@@ -1555,7 +1555,7 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids, 
  // Sandbox data and jit profile directories by overlaying a tmpfs on those dirs and bind

  // mount all related packages separately.

  if (mount_data_dirs) {

    isolateAppData(env, pkg_data_info_list, whitelisted_data_info_list,

    isolateAppData(env, pkg_data_info_list, allowlisted_data_info_list,

            uid, process_name, managed_nice_name, fail_fn);

    isolateJitProfile(env, pkg_data_info_list, uid, process_name, managed_nice_name, fail_fn);

  }
@@ -2073,7 +2073,7 @@ static jint com_android_internal_os_Zygote_nativeForkAndSpecialize( 
        jint mount_external, jstring se_info, jstring nice_name,

        jintArray managed_fds_to_close, jintArray managed_fds_to_ignore, jboolean is_child_zygote,

        jstring instruction_set, jstring app_data_dir, jboolean is_top_app,

        jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list,

        jobjectArray pkg_data_info_list, jobjectArray allowlisted_data_info_list,

        jboolean mount_data_dirs, jboolean mount_storage_dirs) {

    jlong capabilities = CalculateCapabilities(env, uid, gid, gids, is_child_zygote);
@@ -2113,7 +2113,7 @@ static jint com_android_internal_os_Zygote_nativeForkAndSpecialize( 
                       mount_external, se_info, nice_name, false,

                       is_child_zygote == JNI_TRUE, instruction_set, app_data_dir,

                       is_top_app == JNI_TRUE, pkg_data_info_list,

                       whitelisted_data_info_list,

                       allowlisted_data_info_list,

                       mount_data_dirs == JNI_TRUE,

                       mount_storage_dirs == JNI_TRUE);

    }
@@ -2152,7 +2152,7 @@ static jint com_android_internal_os_Zygote_nativeForkSystemServer( 
                       MOUNT_EXTERNAL_DEFAULT, nullptr, nullptr, true,

                       false, nullptr, nullptr, /* is_top_app= */ false,

                       /* pkg_data_info_list */ nullptr,

                       /* whitelisted_data_info_list */ nullptr, false, false);

                       /* allowlisted_data_info_list */ nullptr, false, false);

  } else if (pid > 0) {

      // The zygote process checks whether the child process has died or not.

      ALOGI("System server process %d has been created", pid);
@@ -2260,7 +2260,7 @@ static void com_android_internal_os_Zygote_nativeAllowFileAcrossFork( 
    if (!path_cstr) {

        RuntimeAbort(env, __LINE__, "path_cstr == nullptr");

    }

    FileDescriptorWhitelist::Get()->Allow(path_cstr);

    FileDescriptorAllowlist::Get()->Allow(path_cstr);

}



static void com_android_internal_os_Zygote_nativeInstallSeccompUidGidFilter(
@@ -2299,7 +2299,7 @@ static void com_android_internal_os_Zygote_nativeSpecializeAppProcess( 
    jint runtime_flags, jobjectArray rlimits,

    jint mount_external, jstring se_info, jstring nice_name,

    jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app,

    jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list,

    jobjectArray pkg_data_info_list, jobjectArray allowlisted_data_info_list,

    jboolean mount_data_dirs, jboolean mount_storage_dirs) {

  jlong capabilities = CalculateCapabilities(env, uid, gid, gids, is_child_zygote);
@@ -2307,7 +2307,7 @@ static void com_android_internal_os_Zygote_nativeSpecializeAppProcess( 
                   capabilities, capabilities,

                   mount_external, se_info, nice_name, false,

                   is_child_zygote == JNI_TRUE, instruction_set, app_data_dir,

                   is_top_app == JNI_TRUE, pkg_data_info_list, whitelisted_data_info_list,

                   is_top_app == JNI_TRUE, pkg_data_info_list, allowlisted_data_info_list,

                   mount_data_dirs == JNI_TRUE, mount_storage_dirs == JNI_TRUE);

}