diff options
| author | 2019-03-20 14:22:51 +0000 | |
|---|---|---|
| committer | 2019-03-25 10:27:28 +0000 | |
| commit | b9c29f625bc27968d80f9eafa988dc14af0a1c28 (patch) | |
| tree | 10276cd3fa756646b41cb50cf396476f2f8df1d3 | |
| parent | bcd99bed472d228a1a0a65adc606346d7daf6b93 (diff) | |
Hide conscrypt package classes for app AOT compilation.
Since app AOT compilation is usually done without conscrypt
on the boot class path, classes defined by app class loader
in conscrypt packages could be resolved differently, i.e.
from conscrypt, at runtime. Reject such definitions during
AOT compilation to ensure correct runtime behavior.
Add a test that when compiling the conscrypt module as an
app, we cannot resolve any class defined in its dex files.
Test: module_exclusion_test
Bug: 122937705
Change-Id: I1fcb4c21937f59772206ee50b688a75053231bc0
| -rw-r--r-- | compiler/Android.bp | 1 | ||||
| -rw-r--r-- | libartbase/base/common_art_test.cc | 26 | ||||
| -rw-r--r-- | libartbase/base/common_art_test.h | 13 | ||||
| -rw-r--r-- | runtime/Android.bp | 1 | ||||
| -rw-r--r-- | runtime/class_linker.cc | 20 | ||||
| -rw-r--r-- | runtime/common_runtime_test.h | 4 | ||||
| -rw-r--r-- | runtime/dexopt_test.h | 2 | ||||
| -rw-r--r-- | runtime/module_exclusion_test.cc | 130 | ||||
| -rw-r--r-- | runtime/oat_file_assistant_test.cc | 12 | ||||
| -rw-r--r-- | runtime/parsed_options_test.cc | 8 |
10 files changed, 198 insertions, 19 deletions
diff --git a/compiler/Android.bp b/compiler/Android.bp index 4ad59e121c..52bd89fb7d 100644 --- a/compiler/Android.bp +++ b/compiler/Android.bp @@ -337,6 +337,7 @@ art_cc_library { shared_libs: [ "libartd-compiler", "libartd-disassembler", + "libartbase-art-gtest", "libart-runtime-gtest", "libbase", ], diff --git a/libartbase/base/common_art_test.cc b/libartbase/base/common_art_test.cc index 8e3e73f097..242db428d5 100644 --- a/libartbase/base/common_art_test.cc +++ b/libartbase/base/common_art_test.cc @@ -338,11 +338,11 @@ static std::string GetDexFileName(const std::string& jar_prefix, bool host) { return StringPrintf("%s/framework/%s%s.jar", path.c_str(), jar_prefix.c_str(), suffix.c_str()); } -std::vector<std::string> CommonArtTestImpl::GetLibCoreDexFileNames() { +std::vector<std::string> CommonArtTestImpl::GetLibCoreModuleNames() const { // Note: This must start with the CORE_IMG_JARS in Android.common_path.mk // because that's what we use for compiling the core.art image. // It may contain additional modules from TEST_CORE_JARS. - static const char* const kLibcoreModules[] = { + return { // CORE_IMG_JARS modules. "core-oj", "core-libart", @@ -352,17 +352,26 @@ std::vector<std::string> CommonArtTestImpl::GetLibCoreDexFileNames() { // Additional modules. "conscrypt", }; +} +std::vector<std::string> CommonArtTestImpl::GetLibCoreDexFileNames( + const std::vector<std::string>& modules) const { std::vector<std::string> result; - result.reserve(arraysize(kLibcoreModules)); - for (const char* module : kLibcoreModules) { + result.reserve(modules.size()); + for (const std::string& module : modules) { result.push_back(GetDexFileName(module, IsHost())); } return result; } -std::vector<std::string> CommonArtTestImpl::GetLibCoreDexLocations() { - std::vector<std::string> result = GetLibCoreDexFileNames(); +std::vector<std::string> CommonArtTestImpl::GetLibCoreDexFileNames() const { + std::vector<std::string> modules = GetLibCoreModuleNames(); + return GetLibCoreDexFileNames(modules); +} + +std::vector<std::string> CommonArtTestImpl::GetLibCoreDexLocations( + const std::vector<std::string>& modules) const { + std::vector<std::string> result = GetLibCoreDexFileNames(modules); if (IsHost()) { // Strip the ANDROID_BUILD_TOP directory including the directory separator '/'. const char* host_dir = getenv("ANDROID_BUILD_TOP"); @@ -381,6 +390,11 @@ std::vector<std::string> CommonArtTestImpl::GetLibCoreDexLocations() { return result; } +std::vector<std::string> CommonArtTestImpl::GetLibCoreDexLocations() const { + std::vector<std::string> modules = GetLibCoreModuleNames(); + return GetLibCoreDexLocations(modules); +} + std::string CommonArtTestImpl::GetClassPathOption(const char* option, const std::vector<std::string>& class_path) { return option + android::base::Join(class_path, ':'); diff --git a/libartbase/base/common_art_test.h b/libartbase/base/common_art_test.h index 1748a9bb0b..dfe6eb86c4 100644 --- a/libartbase/base/common_art_test.h +++ b/libartbase/base/common_art_test.h @@ -96,11 +96,20 @@ class CommonArtTestImpl { static void TearDownAndroidDataDir(const std::string& android_data, bool fail_on_error); + // Get the names of the libcore modules. + virtual std::vector<std::string> GetLibCoreModuleNames() const; + + // Gets the paths of the libcore dex files for given modules. + std::vector<std::string> GetLibCoreDexFileNames(const std::vector<std::string>& modules) const; + // Gets the paths of the libcore dex files. - static std::vector<std::string> GetLibCoreDexFileNames(); + std::vector<std::string> GetLibCoreDexFileNames() const; + + // Gets the locations of the libcore dex files for given modules. + std::vector<std::string> GetLibCoreDexLocations(const std::vector<std::string>& modules) const; // Gets the locations of the libcore dex files. - static std::vector<std::string> GetLibCoreDexLocations(); + std::vector<std::string> GetLibCoreDexLocations() const; static std::string GetClassPathOption(const char* option, const std::vector<std::string>& class_path); diff --git a/runtime/Android.bp b/runtime/Android.bp index 595c7afc23..937885a0d1 100644 --- a/runtime/Android.bp +++ b/runtime/Android.bp @@ -662,6 +662,7 @@ art_cc_test { ], srcs: [ "reflection_test.cc", + "module_exclusion_test.cc", ], shared_libs: [ "libartd-compiler", diff --git a/runtime/class_linker.cc b/runtime/class_linker.cc index a27b28e435..97c3b184a7 100644 --- a/runtime/class_linker.cc +++ b/runtime/class_linker.cc @@ -44,6 +44,7 @@ #include "base/scoped_arena_containers.h" #include "base/scoped_flock.h" #include "base/stl_util.h" +#include "base/string_view_cpp20.h" #include "base/systrace.h" #include "base/time_utils.h" #include "base/unix_file/fd_file.h" @@ -3007,6 +3008,13 @@ ObjPtr<mirror::Class> ClassLinker::FindClass(Thread* self, return result_ptr; } +static bool IsReservedBootClassPathDescriptor(const char* descriptor) { + std::string_view descriptor_sv(descriptor); + // Reserved conscrypt packages (includes sub-packages under these paths). + return StartsWith(descriptor_sv, "Landroid/net/ssl/") || + StartsWith(descriptor_sv, "Lcom/android/org/conscrypt/"); +} + ObjPtr<mirror::Class> ClassLinker::DefineClass(Thread* self, const char* descriptor, size_t hash, @@ -3034,6 +3042,18 @@ ObjPtr<mirror::Class> ClassLinker::DefineClass(Thread* self, } } + // For AOT-compilation of an app, we may use a shortened boot class path that excludes + // some runtime modules. Prevent definition of classes in app class loader that could clash + // with these modules as these classes could be resolved differently during execution. + if (class_loader != nullptr && + Runtime::Current()->IsAotCompiler() && + IsReservedBootClassPathDescriptor(descriptor)) { + ObjPtr<mirror::Throwable> pre_allocated = + Runtime::Current()->GetPreAllocatedNoClassDefFoundError(); + self->SetException(pre_allocated); + return nullptr; + } + // This is to prevent the calls to ClassLoad and ClassPrepare which can cause java/user-supplied // code to be executed. We put it up here so we can avoid all the allocations associated with // creating the class. This can happen with (eg) jit threads. diff --git a/runtime/common_runtime_test.h b/runtime/common_runtime_test.h index 9b1e6532de..b3d7883930 100644 --- a/runtime/common_runtime_test.h +++ b/runtime/common_runtime_test.h @@ -100,8 +100,8 @@ class CommonRuntimeTestImpl : public CommonArtTestImpl { void MakeInterpreted(ObjPtr<mirror::Class> klass) REQUIRES_SHARED(Locks::mutator_lock_); - static bool StartDex2OatCommandLine(/*out*/std::vector<std::string>* argv, - /*out*/std::string* error_msg); + bool StartDex2OatCommandLine(/*out*/std::vector<std::string>* argv, + /*out*/std::string* error_msg); protected: // Allow subclases such as CommonCompilerTest to add extra options. diff --git a/runtime/dexopt_test.h b/runtime/dexopt_test.h index 026fe55131..70f35c857a 100644 --- a/runtime/dexopt_test.h +++ b/runtime/dexopt_test.h @@ -61,7 +61,7 @@ class DexoptTest : public Dex2oatEnvironmentTest { // Generate a standard oat file in the oat location. void GenerateOatForTest(const char* dex_location, CompilerFilter::Filter filter); - static bool Dex2Oat(const std::vector<std::string>& args, std::string* error_msg); + bool Dex2Oat(const std::vector<std::string>& args, std::string* error_msg); private: // Reserve memory around where the image will be loaded so other memory diff --git a/runtime/module_exclusion_test.cc b/runtime/module_exclusion_test.cc new file mode 100644 index 0000000000..14942edea6 --- /dev/null +++ b/runtime/module_exclusion_test.cc @@ -0,0 +1,130 @@ +/* + * Copyright (C) 2019 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common_compiler_test.h" + +#include "class_linker-inl.h" +#include "handle.h" +#include "handle_scope-inl.h" +#include "mirror/class_loader.h" +#include "mirror/dex_cache.h" +#include "mirror/object-inl.h" +#include "runtime.h" +#include "scoped_thread_state_change-inl.h" +#include "thread-current-inl.h" +#include "well_known_classes.h" + +namespace art { + +class ModuleExclusionTest : public CommonCompilerTest { + public: + explicit ModuleExclusionTest(const std::string& module) + : CommonCompilerTest(), + module_(module) {} + + std::vector<std::string> GetLibCoreModuleNames() const override { + std::vector<std::string> modules = CommonCompilerTest::GetLibCoreModuleNames(); + // Exclude `module_` from boot class path. + auto it = std::find(modules.begin(), modules.end(), module_); + if (it != modules.end()) { + modules.erase(it); + } + return modules; + } + + void DoTest() { + Thread* self = Thread::Current(); + ScopedObjectAccess soa(self); + StackHandleScope<2u> hs(self); + Runtime* runtime = Runtime::Current(); + ASSERT_TRUE(runtime->IsAotCompiler()); + ClassLinker* class_linker = runtime->GetClassLinker(); + CHECK(loaded_dex_files_.empty()); + Handle<mirror::ClassLoader> class_loader = hs.NewHandle(LoadModule(soa, class_linker)); + MutableHandle<mirror::DexCache> dex_cache = hs.NewHandle<mirror::DexCache>(nullptr); + CHECK(!loaded_dex_files_.empty()); + + // Verify that classes defined in the loaded dex files cannot be resolved. + for (const std::unique_ptr<const DexFile>& dex_file : loaded_dex_files_) { + dex_cache.Assign(class_linker->RegisterDexFile(*dex_file, class_loader.Get())); + for (size_t i = 0u, size = dex_file->NumClassDefs(); i != size; ++i) { + const dex::ClassDef& class_def = dex_file->GetClassDef(i); + ObjPtr<mirror::Class> resolved_type = + class_linker->ResolveType(class_def.class_idx_, dex_cache, class_loader); + ASSERT_TRUE(resolved_type == nullptr) << resolved_type->PrettyDescriptor(); + ASSERT_TRUE(self->IsExceptionPending()); + self->ClearException(); + } + } + } + + private: + std::string GetModuleFileName() const { + std::vector<std::string> filename = GetLibCoreDexFileNames({ module_ }); + CHECK_EQ(filename.size(), 1u); + return filename[0]; + } + + // Load the module as an app, i.e. in a class loader other than the boot class loader. + ObjPtr<mirror::ClassLoader> LoadModule(ScopedObjectAccess& soa, ClassLinker* class_linker) + REQUIRES_SHARED(Locks::mutator_lock_) { + std::string filename = GetModuleFileName(); + std::vector<std::unique_ptr<const DexFile>> dex_files = OpenDexFiles(filename.c_str()); + + std::vector<const DexFile*> class_path; + CHECK_NE(0U, dex_files.size()); + for (auto& dex_file : dex_files) { + class_path.push_back(dex_file.get()); + loaded_dex_files_.push_back(std::move(dex_file)); + } + + StackHandleScope<1u> hs(soa.Self()); + Handle<mirror::Class> loader_class(hs.NewHandle( + soa.Decode<mirror::Class>(WellKnownClasses::dalvik_system_PathClassLoader))); + ScopedNullHandle<mirror::ClassLoader> parent_loader; + ScopedNullHandle<mirror::ObjectArray<mirror::ClassLoader>> shared_libraries; + + ObjPtr<mirror::ClassLoader> result = class_linker->CreateWellKnownClassLoader( + soa.Self(), + class_path, + loader_class, + parent_loader, + shared_libraries); + + // Verify that the result has the correct class. + CHECK_EQ(loader_class.Get(), result->GetClass()); + // Verify that the parent is not null. The boot class loader will be set up as a + // proper BootClassLoader object. + ObjPtr<mirror::ClassLoader> actual_parent(result->GetParent()); + CHECK(actual_parent != nullptr); + CHECK(class_linker->IsBootClassLoader(soa, actual_parent)); + + return result; + } + + const std::string module_; +}; + +class ConscryptExclusionTest : public ModuleExclusionTest { + public: + ConscryptExclusionTest() : ModuleExclusionTest("conscrypt") {} +}; + +TEST_F(ConscryptExclusionTest, Test) { + DoTest(); +} + +} // namespace art diff --git a/runtime/oat_file_assistant_test.cc b/runtime/oat_file_assistant_test.cc index 92b61e0784..9a5409f46d 100644 --- a/runtime/oat_file_assistant_test.cc +++ b/runtime/oat_file_assistant_test.cc @@ -1179,10 +1179,12 @@ TEST_F(OatFileAssistantTest, LongDexExtension) { // A task to generate a dex location. Used by the RaceToGenerate test. class RaceGenerateTask : public Task { public: - RaceGenerateTask(const std::string& dex_location, + RaceGenerateTask(OatFileAssistantTest& test, + const std::string& dex_location, const std::string& oat_location, Mutex* lock) - : dex_location_(dex_location), + : test_(test), + dex_location_(dex_location), oat_location_(oat_location), lock_(lock), loaded_oat_file_(nullptr) @@ -1201,7 +1203,7 @@ class RaceGenerateTask : public Task { args.push_back("--dex-file=" + dex_location_); args.push_back("--oat-file=" + oat_location_); std::string error_msg; - ASSERT_TRUE(DexoptTest::Dex2Oat(args, &error_msg)) << error_msg; + ASSERT_TRUE(test_.Dex2Oat(args, &error_msg)) << error_msg; } dex_files = Runtime::Current()->GetOatFileManager().OpenDexFilesFromOat( @@ -1222,6 +1224,7 @@ class RaceGenerateTask : public Task { } private: + OatFileAssistantTest& test_; std::string dex_location_; std::string oat_location_; Mutex* lock_; @@ -1248,7 +1251,8 @@ TEST_F(OatFileAssistantTest, RaceToGenerate) { std::vector<std::unique_ptr<RaceGenerateTask>> tasks; Mutex lock("RaceToGenerate"); for (size_t i = 0; i < kNumThreads; i++) { - std::unique_ptr<RaceGenerateTask> task(new RaceGenerateTask(dex_location, oat_location, &lock)); + std::unique_ptr<RaceGenerateTask> task( + new RaceGenerateTask(*this, dex_location, oat_location, &lock)); thread_pool.AddTask(self, task.get()); tasks.push_back(std::move(task)); } diff --git a/runtime/parsed_options_test.cc b/runtime/parsed_options_test.cc index 77d2316502..ca2a4ea32e 100644 --- a/runtime/parsed_options_test.cc +++ b/runtime/parsed_options_test.cc @@ -19,14 +19,14 @@ #include <memory> #include "arch/instruction_set.h" -#include "common_runtime_test.h" +#include "base/common_art_test.h" namespace art { -class ParsedOptionsTest : public ::testing::Test { +class ParsedOptionsTest : public CommonArtTest { public: static void SetUpTestCase() { - CommonRuntimeTest::SetUpAndroidRootEnvVars(); + CommonArtTest::SetUpAndroidRootEnvVars(); } }; @@ -40,7 +40,7 @@ TEST_F(ParsedOptionsTest, ParsedOptions) { boot_class_path += "-Xbootclasspath:"; bool first_dex_file = true; - for (const std::string &dex_file_name : CommonRuntimeTest::GetLibCoreDexFileNames()) { + for (const std::string& dex_file_name : GetLibCoreDexFileNames()) { if (!first_dex_file) { class_path += ":"; } else { |