diff options
8 files changed, 41 insertions, 38 deletions
diff --git a/core/java/android/os/ZygoteProcess.java b/core/java/android/os/ZygoteProcess.java index 39038f555044..ffede09f99d6 100644 --- a/core/java/android/os/ZygoteProcess.java +++ b/core/java/android/os/ZygoteProcess.java @@ -251,11 +251,11 @@ public class ZygoteProcess { private final Object mLock = new Object(); /** - * List of exemptions to the API blacklist. These are prefix matches on the runtime format + * List of exemptions to the API deny list. These are prefix matches on the runtime format * symbol signature. Any matching symbol is treated by the runtime as being on the light grey * list. */ - private List<String> mApiBlacklistExemptions = Collections.emptyList(); + private List<String> mApiDenylistExemptions = Collections.emptyList(); /** * Proportion of hidden API accesses that should be logged to the event log; 0 - 0x10000. @@ -562,7 +562,7 @@ public class ZygoteProcess { "--preload-package", "--preload-app", "--start-child-zygote", - "--set-api-blacklist-exemptions", + "--set-api-denylist-exemptions", "--hidden-api-log-sampling-rate", "--hidden-api-statslog-sampling-rate", "--invoke-with" @@ -922,20 +922,20 @@ public class ZygoteProcess { } /** - * Push hidden API blacklisting exemptions into the zygote process(es). + * Push hidden API deny-listing exemptions into the zygote process(es). * * <p>The list of exemptions will take affect for all new processes forked from the zygote after * this call. * * @param exemptions List of hidden API exemption prefixes. Any matching members are treated as - * whitelisted/public APIs (i.e. allowed, no logging of usage). + * allowed/public APIs (i.e. allowed, no logging of usage). */ - public boolean setApiBlacklistExemptions(List<String> exemptions) { + public boolean setApiDenylistExemptions(List<String> exemptions) { synchronized (mLock) { - mApiBlacklistExemptions = exemptions; - boolean ok = maybeSetApiBlacklistExemptions(primaryZygoteState, true); + mApiDenylistExemptions = exemptions; + boolean ok = maybeSetApiDenylistExemptions(primaryZygoteState, true); if (ok) { - ok = maybeSetApiBlacklistExemptions(secondaryZygoteState, true); + ok = maybeSetApiDenylistExemptions(secondaryZygoteState, true); } return ok; } @@ -972,32 +972,32 @@ public class ZygoteProcess { } @GuardedBy("mLock") - private boolean maybeSetApiBlacklistExemptions(ZygoteState state, boolean sendIfEmpty) { + private boolean maybeSetApiDenylistExemptions(ZygoteState state, boolean sendIfEmpty) { if (state == null || state.isClosed()) { - Slog.e(LOG_TAG, "Can't set API blacklist exemptions: no zygote connection"); + Slog.e(LOG_TAG, "Can't set API denylist exemptions: no zygote connection"); return false; - } else if (!sendIfEmpty && mApiBlacklistExemptions.isEmpty()) { + } else if (!sendIfEmpty && mApiDenylistExemptions.isEmpty()) { return true; } try { - state.mZygoteOutputWriter.write(Integer.toString(mApiBlacklistExemptions.size() + 1)); + state.mZygoteOutputWriter.write(Integer.toString(mApiDenylistExemptions.size() + 1)); state.mZygoteOutputWriter.newLine(); - state.mZygoteOutputWriter.write("--set-api-blacklist-exemptions"); + state.mZygoteOutputWriter.write("--set-api-denylist-exemptions"); state.mZygoteOutputWriter.newLine(); - for (int i = 0; i < mApiBlacklistExemptions.size(); ++i) { - state.mZygoteOutputWriter.write(mApiBlacklistExemptions.get(i)); + for (int i = 0; i < mApiDenylistExemptions.size(); ++i) { + state.mZygoteOutputWriter.write(mApiDenylistExemptions.get(i)); state.mZygoteOutputWriter.newLine(); } state.mZygoteOutputWriter.flush(); int status = state.mZygoteInputStream.readInt(); if (status != 0) { - Slog.e(LOG_TAG, "Failed to set API blacklist exemptions; status " + status); + Slog.e(LOG_TAG, "Failed to set API denylist exemptions; status " + status); } return true; } catch (IOException ioe) { - Slog.e(LOG_TAG, "Failed to set API blacklist exemptions", ioe); - mApiBlacklistExemptions = Collections.emptyList(); + Slog.e(LOG_TAG, "Failed to set API denylist exemptions", ioe); + mApiDenylistExemptions = Collections.emptyList(); return false; } } @@ -1054,7 +1054,7 @@ public class ZygoteProcess { primaryZygoteState = ZygoteState.connect(mZygoteSocketAddress, mUsapPoolSocketAddress); - maybeSetApiBlacklistExemptions(primaryZygoteState, false); + maybeSetApiDenylistExemptions(primaryZygoteState, false); maybeSetHiddenApiAccessLogSampleRate(primaryZygoteState); } } @@ -1069,7 +1069,7 @@ public class ZygoteProcess { ZygoteState.connect(mZygoteSecondarySocketAddress, mUsapPoolSecondarySocketAddress); - maybeSetApiBlacklistExemptions(secondaryZygoteState, false); + maybeSetApiDenylistExemptions(secondaryZygoteState, false); maybeSetHiddenApiAccessLogSampleRate(secondaryZygoteState); } } diff --git a/core/java/com/android/internal/os/ChildZygoteInit.java b/core/java/com/android/internal/os/ChildZygoteInit.java index 1f816c18f886..749ff84358d9 100644 --- a/core/java/com/android/internal/os/ChildZygoteInit.java +++ b/core/java/com/android/internal/os/ChildZygoteInit.java @@ -116,7 +116,7 @@ public class ChildZygoteInit { try { server.registerServerSocketAtAbstractName(socketName); - // Add the abstract socket to the FD whitelist so that the native zygote code + // Add the abstract socket to the FD allow list so that the native zygote code // can properly detach it after forking. Zygote.nativeAllowFileAcrossFork("ABSTRACT/" + socketName); diff --git a/core/java/com/android/internal/os/Zygote.java b/core/java/com/android/internal/os/Zygote.java index 2c653bbb0f63..069d19f6138f 100644 --- a/core/java/com/android/internal/os/Zygote.java +++ b/core/java/com/android/internal/os/Zygote.java @@ -816,9 +816,9 @@ public final class Zygote { throw new IllegalArgumentException(USAP_ERROR_PREFIX + "--preload-app"); } else if (args.mStartChildZygote) { throw new IllegalArgumentException(USAP_ERROR_PREFIX + "--start-child-zygote"); - } else if (args.mApiBlacklistExemptions != null) { + } else if (args.mApiDenylistExemptions != null) { throw new IllegalArgumentException( - USAP_ERROR_PREFIX + "--set-api-blacklist-exemptions"); + USAP_ERROR_PREFIX + "--set-api-denylist-exemptions"); } else if (args.mHiddenApiAccessLogSampleRate != -1) { throw new IllegalArgumentException( USAP_ERROR_PREFIX + "--hidden-api-log-sampling-rate="); diff --git a/core/java/com/android/internal/os/ZygoteArguments.java b/core/java/com/android/internal/os/ZygoteArguments.java index 94c1f71a26db..22082d02d9f6 100644 --- a/core/java/com/android/internal/os/ZygoteArguments.java +++ b/core/java/com/android/internal/os/ZygoteArguments.java @@ -192,10 +192,10 @@ class ZygoteArguments { boolean mBootCompleted; /** - * Exemptions from API blacklisting. These are sent to the pre-forked zygote at boot time, or - * when they change, via --set-api-blacklist-exemptions. + * Exemptions from API deny-listing. These are sent to the pre-forked zygote at boot time, or + * when they change, via --set-api-denylist-exemptions. */ - String[] mApiBlacklistExemptions; + String[] mApiDenylistExemptions; /** * Sampling rate for logging hidden API accesses to the event log. This is sent to the @@ -416,10 +416,10 @@ class ZygoteArguments { expectRuntimeArgs = false; } else if (arg.equals("--start-child-zygote")) { mStartChildZygote = true; - } else if (arg.equals("--set-api-blacklist-exemptions")) { + } else if (arg.equals("--set-api-denylist-exemptions")) { // consume all remaining args; this is a stand-alone command, never included // with the regular fork command. - mApiBlacklistExemptions = Arrays.copyOfRange(args, curArg + 1, args.length); + mApiDenylistExemptions = Arrays.copyOfRange(args, curArg + 1, args.length); curArg = args.length; expectRuntimeArgs = false; } else if (arg.startsWith("--hidden-api-log-sampling-rate=")) { diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java index e6a3029c5b2b..6573e4217a7f 100644 --- a/core/java/com/android/internal/os/ZygoteConnection.java +++ b/core/java/com/android/internal/os/ZygoteConnection.java @@ -185,8 +185,8 @@ class ZygoteConnection { return null; } - if (parsedArgs.mApiBlacklistExemptions != null) { - return handleApiBlacklistExemptions(zygoteServer, parsedArgs.mApiBlacklistExemptions); + if (parsedArgs.mApiDenylistExemptions != null) { + return handleApiDenylistExemptions(zygoteServer, parsedArgs.mApiDenylistExemptions); } if (parsedArgs.mHiddenApiAccessLogSampleRate != -1 @@ -367,11 +367,11 @@ class ZygoteConnection { } /** - * Makes the necessary changes to implement a new API blacklist exemption policy, and then + * Makes the necessary changes to implement a new API deny list exemption policy, and then * responds to the system server, letting it know that the task has been completed. * * This necessitates a change to the internal state of the Zygote. As such, if the USAP - * pool is enabled all existing USAPs have an incorrect API blacklist exemption list. To + * pool is enabled all existing USAPs have an incorrect API deny list exemption list. To * properly handle this request the pool must be emptied and refilled. This process can return * a Runnable object that must be returned to ZygoteServer.runSelectLoop to be invoked. * @@ -380,9 +380,9 @@ class ZygoteConnection { * @return A Runnable object representing a new app in any USAPs spawned from here; the * zygote process will always receive a null value from this function. */ - private Runnable handleApiBlacklistExemptions(ZygoteServer zygoteServer, String[] exemptions) { + private Runnable handleApiDenylistExemptions(ZygoteServer zygoteServer, String[] exemptions) { return stateChangeWithUsapPoolReset(zygoteServer, - () -> ZygoteInit.setApiBlacklistExemptions(exemptions)); + () -> ZygoteInit.setApiDenylistExemptions(exemptions)); } private Runnable handleUsapPoolStatusChange(ZygoteServer zygoteServer, boolean newStatus) { diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java index a70955ce5d4c..f4789f5eb5b2 100644 --- a/core/java/com/android/internal/os/ZygoteInit.java +++ b/core/java/com/android/internal/os/ZygoteInit.java @@ -589,7 +589,10 @@ public class ZygoteInit { VMRuntime.registerAppInfo(profilePath, codePaths); } - public static void setApiBlacklistExemptions(String[] exemptions) { + /** + * Sets the list of classes/methods for the hidden API + */ + public static void setApiDenylistExemptions(String[] exemptions) { VMRuntime.getRuntime().setHiddenApiExemptions(exemptions); } diff --git a/core/java/com/android/internal/os/ZygoteServer.java b/core/java/com/android/internal/os/ZygoteServer.java index 8d281b7ce9a0..8c81984064d0 100644 --- a/core/java/com/android/internal/os/ZygoteServer.java +++ b/core/java/com/android/internal/os/ZygoteServer.java @@ -451,7 +451,7 @@ class ZygoteServer { * For reasons of correctness the USAP pool pipe and event FDs * must be processed before the session and server sockets. This * is to ensure that the USAP pool accounting information is - * accurate when handling other requests like API blacklist + * accurate when handling other requests like API deny list * exemptions. */ diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java index 82abb988cb2c..354b29c367ec 100644 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -2480,7 +2480,7 @@ public class ActivityManagerService extends IActivityManager.Stub ? Collections.emptyList() : Arrays.asList(exemptions.split(",")); } - if (!ZYGOTE_PROCESS.setApiBlacklistExemptions(mExemptions)) { + if (!ZYGOTE_PROCESS.setApiDenylistExemptions(mExemptions)) { Slog.e(TAG, "Failed to set API blacklist exemptions!"); // leave mExemptionsStr as is, so we don't try to send the same list again. mExemptions = Collections.emptyList(); |