commit 094b1cfc9fa9e1c02238a2352c190be1746f5622
author Orion Hodson <oth@google.com> Tue Jun 08 09:28:28 2021 +0100
committer Treehugger Robot <treehugger-gerrit@google.com> Wed Jun 09 11:34:22 2021 +0000
tree 2ce218587228aafd5cdaf3bd17ee2cecde484957
parent 4f6bb446f8fbaa192f4e5b69734414c66d5e1bae

odrefresh: enable loading of system_server image files

Fix check in ValidateBootImageChecksum() to account for image files
with multiple components which exists for boot-framework when
compiling on device.

Update logic for only_load_system_executable to be
only_load_trusted_executable and treat /system and the ART APEX data
directory as trusted.

Add test to check .art,.odex,.vdex files derived from the
system_server classpath are mapped when the ART module updates.

Add test to check .art,.oat,.vdex files for the boot class path
extensions are present in the zygote processes.

Bug: 180949581
Test: atest com.android.tests.odsign.OnDeviceSigningHostTest#verifyGeneratedArtifactsLoaded
Change-Id: I3114fc6393402d8da2eb16ba756ab5fab713dc20

runtime/oat_file_assistant.cc

diff --git a/runtime/oat_file_assistant.cc b/runtime/oat_file_assistant.cc
index a5ccb69..d176eb6 100644
--- a/runtime/oat_file_assistant.cc
+++ b/runtime/oat_file_assistant.cc
@@ -80,12 +80,12 @@
                                    const InstructionSet isa,
                                    ClassLoaderContext* context,
                                    bool load_executable,
-                                   bool only_load_system_executable)
+                                   bool only_load_trusted_executable)
     : OatFileAssistant(dex_location,
                        isa,
                        context,
                        load_executable,
-                       only_load_system_executable,
+                       only_load_trusted_executable,
                        /*vdex_fd=*/ -1,
                        /*oat_fd=*/ -1,
                        /*zip_fd=*/ -1) {}
@@ -95,14 +95,14 @@
                                    const InstructionSet isa,
                                    ClassLoaderContext* context,
                                    bool load_executable,
-                                   bool only_load_system_executable,
+                                   bool only_load_trusted_executable,
                                    int vdex_fd,
                                    int oat_fd,
                                    int zip_fd)
     : context_(context),
       isa_(isa),
       load_executable_(load_executable),
-      only_load_system_executable_(only_load_system_executable),
+      only_load_trusted_executable_(only_load_trusted_executable),
       odex_(this, /*is_oat_location=*/ false),
       oat_(this, /*is_oat_location=*/ true),
       vdex_for_odex_(this, /*is_oat_location=*/ false),
@@ -453,8 +453,8 @@
 
   // zip_file_only_contains_uncompressed_dex_ is only set during fetching the dex checksums.
   DCHECK(required_dex_checksums_attempted_);
-  if (only_load_system_executable_ &&
-      !LocationIsOnSystem(file.GetLocation().c_str()) &&
+  if (only_load_trusted_executable_ &&
+      !LocationIsTrusted(file.GetLocation()) &&
       file.ContainsDexCode() &&
       zip_file_only_contains_uncompressed_dex_) {
     LOG(ERROR) << "Not loading "
@@ -846,8 +846,8 @@
                                         &error_msg));
     }
   } else {
-    if (executable && oat_file_assistant_->only_load_system_executable_) {
-      executable = LocationIsOnSystem(filename_.c_str());
+    if (executable && oat_file_assistant_->only_load_trusted_executable_) {
+      executable = LocationIsTrusted(filename_);
     }
     VLOG(oat) << "Loading " << filename_ << " with executable: " << executable;
     if (use_fd_) {