diff options
| author | 2025-03-11 02:57:35 -0700 | |
|---|---|---|
| committer | 2025-03-11 04:38:16 -0700 | |
| commit | abeeacd902042cb2e4941ad66608f8bc526613d4 (patch) | |
| tree | c5332ee44d602d81449b756bb0c6cdfb51a10332 /libartservice | |
| parent | 63fa7b240929395bf2fa1ba0a1055758238448f6 (diff) | |
Fix SELinux denial on GMS Core's symlinks to secondary dex files.
Bug: 401662336
Bug: 391895923
Test: Presubmit
Flag: EXEMPT bugfix
Change-Id: Iaa9a716cfe262897e313b994db92855721e1dfcc
Diffstat (limited to 'libartservice')
| -rw-r--r-- | libartservice/service/java/com/android/server/art/DexUseManagerLocal.java | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/libartservice/service/java/com/android/server/art/DexUseManagerLocal.java b/libartservice/service/java/com/android/server/art/DexUseManagerLocal.java index 704dabe034..9c7f45de24 100644 --- a/libartservice/service/java/com/android/server/art/DexUseManagerLocal.java +++ b/libartservice/service/java/com/android/server/art/DexUseManagerLocal.java @@ -67,6 +67,8 @@ import java.io.OutputStream; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.nio.file.Files; +import java.nio.file.LinkOption; +import java.nio.file.Paths; import java.nio.file.StandardCopyOption; import java.util.ArrayList; import java.util.Collections; @@ -116,10 +118,8 @@ public class DexUseManagerLocal { // Impose a limit on the input accepted by notifyDexContainersLoaded per owning package. /** @hide */ @VisibleForTesting public static final int MAX_PATH_LENGTH = 4096; - /** @hide */ @VisibleForTesting public static final int MAX_CLASS_LOADER_CONTEXT_LENGTH = 10000; - /** @hide */ private static final int MAX_SECONDARY_DEX_FILES_PER_OWNER = 500; @@ -669,14 +669,18 @@ public class DexUseManagerLocal { @NonNull String classLoaderContext, @NonNull String abiName, long lastUsedAtMs) { DexLoader loader = DexLoader.create(loadingPackageName, isolatedProcess); // This is to avoid a loading package from using up the SecondaryDexUse entries for another - // package (up to the MAX_SECONDARY_DEX_FILES_PER_OWNER limit). We don't care about the - // loading package messing up its own SecondaryDexUse entries. + // package (up to the MAX_SECONDARY_DEX_FILES_PER_OWNER limit). // Note that we are using system_server's permission to check the existence. This is fine // with the assumption that the file must be world readable to be used by other apps. // We could use artd's permission to check the existence, and then there wouldn't be any // permission issue, but that requires bringing up the artd service, which may be too // expensive. // TODO(jiakaiz): Check if the assumption is true. + // This doesn't apply to secondary dex files that aren't used by other apps, but we + // don't care about the loading package messing up its own SecondaryDexUse + // entries. + // Also note that the check doesn't follow symlinks because GMSCore creates symlinks to + // its secondary dex files, while system_server doesn't have the permission to follow them. if (isLoaderOtherApp(loader, owningPackageName) && !mInjector.pathExists(dexPath)) { AsLog.w("Not recording non-existent secondary dex file '" + dexPath + "'"); return; @@ -1399,7 +1403,7 @@ public class DexUseManagerLocal { } public boolean pathExists(String path) { - return new File(path).exists(); + return Files.exists(Paths.get(path), LinkOption.NOFOLLOW_LINKS); } @NonNull |