Disable incremental hardening on own resources (c0416698) · Commits · e / os / android_frameworks_base

cmds/idmap2/libidmap2/ResourceContainer.cpp

+1 −1

Original line number	Diff line number	Diff line
		@@ -323,7 +323,7 @@ ApkResourceContainer::ApkResourceContainer(std::unique_ptr<ZipAssetsProvider> zi

		Result<std::unique_ptr<ApkResourceContainer>> ApkResourceContainer::FromPath(
		const std::string& path) {
		auto zip_assets = ZipAssetsProvider::Create(path);
		auto zip_assets = ZipAssetsProvider::Create(path, 0 /* flags */);
		if (zip_assets == nullptr) {
		return Error("failed to load zip assets");
		}

cmds/idmap2/tests/XmlParserTests.cpp

+1 −1

Original line number	Diff line number	Diff line
		@@ -26,7 +26,7 @@
		namespace android::idmap2 {

		Result<XmlParser> CreateTestParser(const std::string& test_file) {
		auto zip = ZipAssetsProvider::Create(GetTestDataPath() + "/target/target.apk");
		auto zip = ZipAssetsProvider::Create(GetTestDataPath() + "/target/target.apk", 0 /* flags */);
		if (zip == nullptr) {
		return Error("Failed to open zip file");
		}

core/java/android/app/LoadedApk.java

+4 −0

Original line number	Diff line number	Diff line
		@@ -1289,6 +1289,10 @@ public final class LoadedApk {
		throw new AssertionError("null split not found");
		}

		if (Process.myUid() == mApplicationInfo.uid) {
		ResourcesManager.getInstance().initializeApplicationPaths(mResDir, splitPaths);
		}

		mResources = ResourcesManager.getInstance().getResources(null, mResDir,
		splitPaths, mLegacyOverlayDirs, mOverlayPaths,
		mApplicationInfo.sharedLibraryFiles, null, null, getCompatibilityInfo(),

core/java/android/app/ResourcesManager.java

+46 −5

Original line number	Diff line number	Diff line
		@@ -39,6 +39,7 @@ import android.os.IBinder;
		import android.os.Process;
		import android.os.Trace;
		import android.util.ArrayMap;
		import android.util.ArraySet;
		import android.util.DisplayMetrics;
		import android.util.Log;
		import android.util.Pair;
		@@ -260,6 +261,12 @@ public class ResourcesManager {
		*/
		private final UpdateHandler mUpdateCallbacks = new UpdateHandler();

		/**
		* The set of APK paths belonging to this process. This is used to disable incremental
		* installation crash protections on these APKs so the app either behaves as expects or crashes.
		*/
		private final ArraySet<String> mApplicationOwnedApks = new ArraySet<>();

		@UnsupportedAppUsage
		public ResourcesManager() {
		}
		@@ -424,6 +431,32 @@ public class ResourcesManager {
		}
		}

		/**
		* Initializes the set of APKs owned by the application running in this process.
		*/
		public void initializeApplicationPaths(@NonNull String sourceDir,
		@Nullable String[] splitDirs) {
		synchronized (mLock) {
		if (mApplicationOwnedApks.isEmpty()) {
		addApplicationPathsLocked(sourceDir, splitDirs);
		}
		}
		}

		/**
		* Updates the set of APKs owned by the application running in this process.
		*
		* This method only appends to the set of APKs owned by this process because the previous APKs
		* paths still belong to the application running in this process.
		*/
		private void addApplicationPathsLocked(@NonNull String sourceDir,
		@Nullable String[] splitDirs) {
		mApplicationOwnedApks.add(sourceDir);
		if (splitDirs != null) {
		mApplicationOwnedApks.addAll(Arrays.asList(splitDirs));
		}
		}

		private static String overlayPathToIdmapPath(String path) {
		return "/data/resource-cache/" + path.substring(1).replace('/', '@') + "@idmap";
		}
		@@ -445,13 +478,17 @@ public class ResourcesManager {
		}
		}

		// We must load this from disk.
		int flags = 0;
		if (key.sharedLib) {
		flags \|= ApkAssets.PROPERTY_DYNAMIC;
		}
		if (mApplicationOwnedApks.contains(key.path)) {
		flags \|= ApkAssets.PROPERTY_DISABLE_INCREMENTAL_HARDENING;
		}
		if (key.overlay) {
		apkAssets = ApkAssets.loadOverlayFromPath(overlayPathToIdmapPath(key.path),
		0 /flags/);
		apkAssets = ApkAssets.loadOverlayFromPath(overlayPathToIdmapPath(key.path), flags);
		} else {
		apkAssets = ApkAssets.loadFromPath(key.path,
		key.sharedLib ? ApkAssets.PROPERTY_DYNAMIC : 0);
		apkAssets = ApkAssets.loadFromPath(key.path, flags);
		}

		synchronized (mLock) {
		@@ -1437,6 +1474,10 @@ public class ResourcesManager {
		String[] copiedResourceDirs = combinedOverlayPaths(appInfo.resourceDirs,
		appInfo.overlayPaths);

		if (appInfo.uid == myUid) {
		addApplicationPathsLocked(baseCodePath, copiedSplitDirs);
		}

		final ArrayMap<ResourcesImpl, ResourcesKey> updatedResourceKeys = new ArrayMap<>();
		final int implCount = mResourceImpls.size();
		for (int i = 0; i < implCount; i++) {

core/java/android/content/res/ApkAssets.java

+6 −0

Original line number	Diff line number	Diff line
		@@ -69,6 +69,12 @@ public final class ApkAssets {
		*/
		private static final int PROPERTY_OVERLAY = 1 << 3;

		/**
		* The apk assets is owned by the application running in this process and incremental crash
		* protections for this APK must be disabled.
		*/
		public static final int PROPERTY_DISABLE_INCREMENTAL_HARDENING = 1 << 4;

		/** Flags that change the behavior of loaded apk assets. */
		@IntDef(prefix = { "PROPERTY_" }, value = {
		PROPERTY_SYSTEM,