diff options
| author | 2021-11-10 21:57:46 +0900 | |
|---|---|---|
| committer | 2021-11-18 23:09:27 +0900 | |
| commit | 24c57c33ea720de04c5e374c34480c751b43d9fc (patch) | |
| tree | d072262eb0b32c4bb23e3891d65a1d853856a9fe | |
| parent | 04f421649624724d3366c41d5f8966714e8f9232 (diff) | |
Framework and system_server classes can access public vendor libraries
This CL fixes a regression caused by [1] which introduced
<uses-native-library> tag [2]. With the change, public vendor libraries
[3] became accessible only when they are listed in the caller's
AndroidManifest.xml using the new tag. However, this caused a problem to
the places where AndroidManifest.xml doesn't exist: framework and
system_server classes. For those cases, [1] incorrectly used a null list
as the requested native libraries, and as a result, no public vendor
libraries were accessible.
This CL fixes the issue by not doing the filtering for the class loaders
created for non-app contexts like zygote or system_server. Specifically,
it uses the magic keyword "ALL" which let libnativeloader.so
accept all public vendor libraries.
[1] https://android.googlesource.com/platform/frameworks/base/+/6a5b8b1f6db172b5aaadcec0c3868e54e214b675
[2] https://developer.android.com/guide/topics/manifest/uses-native-library-element
[3] https://source.android.com/devices/tech/config/namespaces_libraries#adding-additional-native-libraries
Bug: 205164833
Test: libcuttlefish_fs.so is loaded when built with the other CLs in the
same topic
Change-Id: Id92c59642773851d70d05a05f43eb5873e9de86b
| -rw-r--r-- | core/java/com/android/internal/os/ClassLoaderFactory.java | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/core/java/com/android/internal/os/ClassLoaderFactory.java b/core/java/com/android/internal/os/ClassLoaderFactory.java index 8b0411de5477..8f5e97d40530 100644 --- a/core/java/com/android/internal/os/ClassLoaderFactory.java +++ b/core/java/com/android/internal/os/ClassLoaderFactory.java @@ -24,6 +24,7 @@ import dalvik.system.DelegateLastClassLoader; import dalvik.system.DexClassLoader; import dalvik.system.PathClassLoader; +import java.util.ArrayList; import java.util.List; /** @@ -100,14 +101,25 @@ public class ClassLoaderFactory { } /** - * Same as {@code createClassLoader} below, but passes a null list of shared - * libraries. + * Same as {@code createClassLoader} below, but passes a null list of shared libraries. This + * method is used only to load platform classes (i.e. those in framework.jar or services.jar), + * and MUST NOT be used for loading untrusted classes, especially the app classes. For the + * latter case, use the below method which accepts list of shared libraries so that the classes + * don't have unlimited access to all shared libraries. */ public static ClassLoader createClassLoader(String dexPath, String librarySearchPath, String libraryPermittedPath, ClassLoader parent, int targetSdkVersion, boolean isNamespaceShared, String classLoaderName) { + // b/205164833: allow framework classes to have access to all public vendor libraries. + // This is because those classes are part of the platform and don't have an app manifest + // where required libraries can be specified using the <uses-native-library> tag. + // Note that this still does not give access to "private" vendor libraries. + List<String> nativeSharedLibraries = new ArrayList<>(); + nativeSharedLibraries.add("ALL"); + return createClassLoader(dexPath, librarySearchPath, libraryPermittedPath, - parent, targetSdkVersion, isNamespaceShared, classLoaderName, null, null, null); + parent, targetSdkVersion, isNamespaceShared, classLoaderName, null, + nativeSharedLibraries, null); } /** |