Gitiles
Code Review Sign In
LeafOS / LeafOS-Project / android_art / 6dfdfef85b210dc104a7cd221c6717e1a2123a13^! / . / runtime / runtime.cc
commit6dfdfef85b210dc104a7cd221c6717e1a2123a13[log] [tgz]
authorDavid Brazdil <dbrazdil@google.com>Thu Apr 11 17:39:11 2019 +0100
committerDavid Brazdil <dbrazdil@google.com>Fri Apr 12 15:43:15 2019 +0000
treec8748f991a42bf15c77a388375c1af266f2bfdaf
parenta4469ef9e81bddf83d2b5b525d317de2070fbfd7 [diff] [blame]
Set core platform API policy from command line flag

So as to avoid any performance penalty from core platform API access
checks, disable them by default. AndroidRuntime.cpp now passes the value
of the "persist.debug.dalvik.vm.core_platform_api_policy" to the
runtime, allowing a user to enable core platform API checks on demand.
The workflow for a tester is:
- adb shell setprop <property> "just-warn"
- adb reboot
- adb logcat | grep "Core platform API"

Test: manual, observe warnings in logcat
Test: art/test/testrunner/run_build_test_target.py art-test
Bug: 125701194
Change-Id: Iae09a8f44918dc349bc10dbdd703043667f51268

diff --git a/runtime/runtime.cc b/runtime/runtime.cc
index ee7e264..68c4cb9 100644
--- a/runtime/runtime.cc
+++ b/runtime/runtime.cc

@@ -279,7 +279,7 @@
       is_low_memory_mode_(false),
       safe_mode_(false),
       hidden_api_policy_(hiddenapi::EnforcementPolicy::kDisabled),
-      core_platform_api_policy_(hiddenapi::EnforcementPolicy::kJustWarn),
+      core_platform_api_policy_(hiddenapi::EnforcementPolicy::kDisabled),
       dedupe_hidden_api_warnings_(true),
       hidden_api_access_event_log_rate_(0),
       dump_native_stack_on_sig_quit_(true),
@@ -1232,18 +1232,21 @@
 
   target_sdk_version_ = runtime_options.GetOrDefault(Opt::TargetSdkVersion);
 
-  // Check whether to enforce hidden API access checks. The checks are disabled
-  // by default and we only enable them if:
-  // (a) runtime was started with a flag that enables the checks, or
+  // Set hidden API enforcement policy. The checks are disabled by default and
+  // we only enable them if:
+  // (a) runtime was started with a command line flag that enables the checks, or
   // (b) Zygote forked a new process that is not exempt (see ZygoteHooks).
-  bool do_hidden_api_checks = runtime_options.Exists(Opt::HiddenApiChecks);
-  DCHECK(!is_zygote_ || !do_hidden_api_checks);
-  // TODO pass the actual enforcement policy in, rather than just a single bit.
-  // As is, we're encoding some logic here about which specific policy to use, which would be better
-  // controlled by the framework.
-  hidden_api_policy_ = do_hidden_api_checks
-      ? hiddenapi::EnforcementPolicy::kEnabled
-      : hiddenapi::EnforcementPolicy::kDisabled;
+  hidden_api_policy_ = runtime_options.GetOrDefault(Opt::HiddenApiPolicy);
+  DCHECK(!is_zygote_ || hidden_api_policy_ == hiddenapi::EnforcementPolicy::kDisabled);
+
+  // Set core platform API enforcement policy. The checks are disabled by default and
+  // can be enabled with a command line flag. AndroidRuntime will pass the flag if
+  // a system property is set.
+  core_platform_api_policy_ = runtime_options.GetOrDefault(Opt::CorePlatformApiPolicy);
+  if (core_platform_api_policy_ != hiddenapi::EnforcementPolicy::kDisabled) {
+    LOG(INFO) << "Core platform API reporting enabled, enforcing="
+        << (core_platform_api_policy_ == hiddenapi::EnforcementPolicy::kEnabled ? "true" : "false");
+  }
 
   no_sig_chain_ = runtime_options.Exists(Opt::NoSigChain);
   force_native_bridge_ = runtime_options.Exists(Opt::ForceNativeBridge);