Set core platform API policy from command line flag
So as to avoid any performance penalty from core platform API access
checks, disable them by default. AndroidRuntime.cpp now passes the value
of the "persist.debug.dalvik.vm.core_platform_api_policy" to the
runtime, allowing a user to enable core platform API checks on demand.
The workflow for a tester is:
- adb shell setprop <property> "just-warn"
- adb reboot
- adb logcat | grep "Core platform API"
Test: manual, observe warnings in logcat
Test: art/test/testrunner/run_build_test_target.py art-test
Bug: 125701194
Change-Id: Iae09a8f44918dc349bc10dbdd703043667f51268
diff --git a/runtime/dexopt_test.cc b/runtime/dexopt_test.cc
index ec41b54..dfb81e8 100644
--- a/runtime/dexopt_test.cc
+++ b/runtime/dexopt_test.cc
@@ -53,9 +53,9 @@
}
Runtime* runtime = Runtime::Current();
- if (runtime->GetHiddenApiEnforcementPolicy() != hiddenapi::EnforcementPolicy::kDisabled) {
+ if (runtime->GetHiddenApiEnforcementPolicy() == hiddenapi::EnforcementPolicy::kEnabled) {
argv.push_back("--runtime-arg");
- argv.push_back("-Xhidden-api-checks");
+ argv.push_back("-Xhidden-api-policy:enabled");
}
if (!kIsTargetBuild) {
diff --git a/runtime/parsed_options.cc b/runtime/parsed_options.cc
index 413355c..24fe634 100644
--- a/runtime/parsed_options.cc
+++ b/runtime/parsed_options.cc
@@ -57,6 +57,8 @@
}
using RuntimeParser = CmdlineParser<RuntimeArgumentMap, RuntimeArgumentMap::Key>;
+using HiddenapiPolicyValueMap =
+ std::initializer_list<std::pair<const char*, hiddenapi::EnforcementPolicy>>;
// Yes, the stack frame is huge. But we get called super early on (and just once)
// to pass the command line arguments, so we'll probably be ok.
@@ -70,6 +72,13 @@
std::unique_ptr<RuntimeParser::Builder> parser_builder =
std::make_unique<RuntimeParser::Builder>();
+ HiddenapiPolicyValueMap hiddenapi_policy_valuemap =
+ {{"disabled", hiddenapi::EnforcementPolicy::kDisabled},
+ {"just-warn", hiddenapi::EnforcementPolicy::kJustWarn},
+ {"enabled", hiddenapi::EnforcementPolicy::kEnabled}};
+ DCHECK_EQ(hiddenapi_policy_valuemap.size(),
+ static_cast<size_t>(hiddenapi::EnforcementPolicy::kMax) + 1);
+
parser_builder->
Define("-Xzygote")
.IntoKey(M::Zygote)
@@ -334,8 +343,14 @@
.Define("-Xtarget-sdk-version:_")
.WithType<unsigned int>()
.IntoKey(M::TargetSdkVersion)
- .Define("-Xhidden-api-checks")
- .IntoKey(M::HiddenApiChecks)
+ .Define("-Xhidden-api-policy:_")
+ .WithType<hiddenapi::EnforcementPolicy>()
+ .WithValueMap(hiddenapi_policy_valuemap)
+ .IntoKey(M::HiddenApiPolicy)
+ .Define("-Xcore-platform-api-policy:_")
+ .WithType<hiddenapi::EnforcementPolicy>()
+ .WithValueMap(hiddenapi_policy_valuemap)
+ .IntoKey(M::CorePlatformApiPolicy)
.Define("-Xuse-stderr-logger")
.IntoKey(M::UseStderrLogger)
.Define("-Xonly-use-system-oat-files")
diff --git a/runtime/runtime.cc b/runtime/runtime.cc
index ee7e264..68c4cb9 100644
--- a/runtime/runtime.cc
+++ b/runtime/runtime.cc
@@ -279,7 +279,7 @@
is_low_memory_mode_(false),
safe_mode_(false),
hidden_api_policy_(hiddenapi::EnforcementPolicy::kDisabled),
- core_platform_api_policy_(hiddenapi::EnforcementPolicy::kJustWarn),
+ core_platform_api_policy_(hiddenapi::EnforcementPolicy::kDisabled),
dedupe_hidden_api_warnings_(true),
hidden_api_access_event_log_rate_(0),
dump_native_stack_on_sig_quit_(true),
@@ -1232,18 +1232,21 @@
target_sdk_version_ = runtime_options.GetOrDefault(Opt::TargetSdkVersion);
- // Check whether to enforce hidden API access checks. The checks are disabled
- // by default and we only enable them if:
- // (a) runtime was started with a flag that enables the checks, or
+ // Set hidden API enforcement policy. The checks are disabled by default and
+ // we only enable them if:
+ // (a) runtime was started with a command line flag that enables the checks, or
// (b) Zygote forked a new process that is not exempt (see ZygoteHooks).
- bool do_hidden_api_checks = runtime_options.Exists(Opt::HiddenApiChecks);
- DCHECK(!is_zygote_ || !do_hidden_api_checks);
- // TODO pass the actual enforcement policy in, rather than just a single bit.
- // As is, we're encoding some logic here about which specific policy to use, which would be better
- // controlled by the framework.
- hidden_api_policy_ = do_hidden_api_checks
- ? hiddenapi::EnforcementPolicy::kEnabled
- : hiddenapi::EnforcementPolicy::kDisabled;
+ hidden_api_policy_ = runtime_options.GetOrDefault(Opt::HiddenApiPolicy);
+ DCHECK(!is_zygote_ || hidden_api_policy_ == hiddenapi::EnforcementPolicy::kDisabled);
+
+ // Set core platform API enforcement policy. The checks are disabled by default and
+ // can be enabled with a command line flag. AndroidRuntime will pass the flag if
+ // a system property is set.
+ core_platform_api_policy_ = runtime_options.GetOrDefault(Opt::CorePlatformApiPolicy);
+ if (core_platform_api_policy_ != hiddenapi::EnforcementPolicy::kDisabled) {
+ LOG(INFO) << "Core platform API reporting enabled, enforcing="
+ << (core_platform_api_policy_ == hiddenapi::EnforcementPolicy::kEnabled ? "true" : "false");
+ }
no_sig_chain_ = runtime_options.Exists(Opt::NoSigChain);
force_native_bridge_ = runtime_options.Exists(Opt::ForceNativeBridge);
diff --git a/runtime/runtime_options.def b/runtime/runtime_options.def
index 95a3f4c..0c332a2 100644
--- a/runtime/runtime_options.def
+++ b/runtime/runtime_options.def
@@ -120,7 +120,12 @@
Verify, verifier::VerifyMode::kEnable)
RUNTIME_OPTIONS_KEY (unsigned int, TargetSdkVersion, \
static_cast<unsigned int>(SdkVersion::kUnset))
-RUNTIME_OPTIONS_KEY (Unit, HiddenApiChecks)
+RUNTIME_OPTIONS_KEY (hiddenapi::EnforcementPolicy,
+ HiddenApiPolicy,
+ hiddenapi::EnforcementPolicy::kDisabled)
+RUNTIME_OPTIONS_KEY (hiddenapi::EnforcementPolicy,
+ CorePlatformApiPolicy,
+ hiddenapi::EnforcementPolicy::kDisabled)
RUNTIME_OPTIONS_KEY (std::string, NativeBridge)
RUNTIME_OPTIONS_KEY (unsigned int, ZygoteMaxFailedBoots, 10)
RUNTIME_OPTIONS_KEY (Unit, NoDexFileFallback)
diff --git a/runtime/runtime_options.h b/runtime/runtime_options.h
index 4f46d89..19ec75e 100644
--- a/runtime/runtime_options.h
+++ b/runtime/runtime_options.h
@@ -28,6 +28,7 @@
#include "gc/collector_type.h"
#include "gc/space/image_space_loading_order.h"
#include "gc/space/large_object_space.h"
+#include "hidden_api.h"
#include "jdwp/jdwp.h"
#include "jit/jit.h"
#include "jit/jit_code_cache.h"