Loading core/java/android/app/LoadedApk.java +4 −0 Original line number Diff line number Diff line Loading @@ -46,6 +46,7 @@ import android.os.StrictMode; import android.os.SystemProperties; import android.os.Trace; import android.os.UserHandle; import android.security.net.config.NetworkSecurityConfigProvider; import android.sysprop.VndkProperties; import android.text.TextUtils; import android.util.AndroidRuntimeException; Loading Loading @@ -1196,6 +1197,9 @@ public final class LoadedApk { } ContextImpl appContext = ContextImpl.createAppContext(mActivityThread, this); // The network security config needs to be aware of multiple // applications in the same process to handle discrepancies NetworkSecurityConfigProvider.handleNewApplication(appContext); app = mActivityThread.mInstrumentation.newApplication( cl, appClass, appContext); appContext.setOuterContext(app); Loading core/java/android/security/net/config/NetworkSecurityConfigProvider.java +30 −1 Original line number Diff line number Diff line Loading @@ -17,11 +17,14 @@ package android.security.net.config; import android.content.Context; import java.security.Security; import android.util.Log; import java.security.Provider; import java.security.Security; /** @hide */ public final class NetworkSecurityConfigProvider extends Provider { private static final String LOG_TAG = "nsconfig"; private static final String PREFIX = NetworkSecurityConfigProvider.class.getPackage().getName() + "."; Loading @@ -42,4 +45,30 @@ public final class NetworkSecurityConfigProvider extends Provider { } libcore.net.NetworkSecurityPolicy.setInstance(new ConfigNetworkSecurityPolicy(config)); } /** * For a shared process, resolves conflicting values of usesCleartextTraffic. * 1. Throws a RuntimeException if the shared process with conflicting * usesCleartextTraffic values have per domain rules. * 2. Sets the default instance to the least strict config. */ public static void handleNewApplication(Context context) { ApplicationConfig config = new ApplicationConfig(new ManifestConfigSource(context)); ApplicationConfig defaultConfig = ApplicationConfig.getDefaultInstance(); String mProcessName = context.getApplicationInfo().processName; if (defaultConfig != null) { if (defaultConfig.isCleartextTrafficPermitted() != config.isCleartextTrafficPermitted()) { Log.w(LOG_TAG, mProcessName + ": New config does not match the previously set config."); if (defaultConfig.hasPerDomainConfigs() || config.hasPerDomainConfigs()) { throw new RuntimeException("Found multiple conflicting per-domain rules"); } config = defaultConfig.isCleartextTrafficPermitted() ? defaultConfig : config; } } ApplicationConfig.setDefaultInstance(config); } } Loading
core/java/android/app/LoadedApk.java +4 −0 Original line number Diff line number Diff line Loading @@ -46,6 +46,7 @@ import android.os.StrictMode; import android.os.SystemProperties; import android.os.Trace; import android.os.UserHandle; import android.security.net.config.NetworkSecurityConfigProvider; import android.sysprop.VndkProperties; import android.text.TextUtils; import android.util.AndroidRuntimeException; Loading Loading @@ -1196,6 +1197,9 @@ public final class LoadedApk { } ContextImpl appContext = ContextImpl.createAppContext(mActivityThread, this); // The network security config needs to be aware of multiple // applications in the same process to handle discrepancies NetworkSecurityConfigProvider.handleNewApplication(appContext); app = mActivityThread.mInstrumentation.newApplication( cl, appClass, appContext); appContext.setOuterContext(app); Loading
core/java/android/security/net/config/NetworkSecurityConfigProvider.java +30 −1 Original line number Diff line number Diff line Loading @@ -17,11 +17,14 @@ package android.security.net.config; import android.content.Context; import java.security.Security; import android.util.Log; import java.security.Provider; import java.security.Security; /** @hide */ public final class NetworkSecurityConfigProvider extends Provider { private static final String LOG_TAG = "nsconfig"; private static final String PREFIX = NetworkSecurityConfigProvider.class.getPackage().getName() + "."; Loading @@ -42,4 +45,30 @@ public final class NetworkSecurityConfigProvider extends Provider { } libcore.net.NetworkSecurityPolicy.setInstance(new ConfigNetworkSecurityPolicy(config)); } /** * For a shared process, resolves conflicting values of usesCleartextTraffic. * 1. Throws a RuntimeException if the shared process with conflicting * usesCleartextTraffic values have per domain rules. * 2. Sets the default instance to the least strict config. */ public static void handleNewApplication(Context context) { ApplicationConfig config = new ApplicationConfig(new ManifestConfigSource(context)); ApplicationConfig defaultConfig = ApplicationConfig.getDefaultInstance(); String mProcessName = context.getApplicationInfo().processName; if (defaultConfig != null) { if (defaultConfig.isCleartextTrafficPermitted() != config.isCleartextTrafficPermitted()) { Log.w(LOG_TAG, mProcessName + ": New config does not match the previously set config."); if (defaultConfig.hasPerDomainConfigs() || config.hasPerDomainConfigs()) { throw new RuntimeException("Found multiple conflicting per-domain rules"); } config = defaultConfig.isCleartextTrafficPermitted() ? defaultConfig : config; } } ApplicationConfig.setDefaultInstance(config); } }
