From fca69e95a936d7f41deaba3025dd91308978d2e5 Mon Sep 17 00:00:00 2001
From: Nicolas Geoffray <ngeoffray@google.com>
Date: Tue, 22 Jan 2019 20:56:44 +0000
Subject: Add jar files from the runtime APEX in the whitelist.

Those files moved from /system to the APEX.

Test: m && boots
Change-Id: I68c4c8243dae3eab321da4b0923c1a422d300c10
---
 core/jni/fd_utils.cpp | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/core/jni/fd_utils.cpp b/core/jni/fd_utils.cpp
index 0ed8c0c97738..2aaf2f0a2bbe 100644
--- a/core/jni/fd_utils.cpp
+++ b/core/jni/fd_utils.cpp
@@ -71,6 +71,7 @@ bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
       return true;
   }
 
+  // Framework jars are allowed.
   static const char* kFrameworksPrefix = "/system/framework/";
   static const char* kJarSuffix = ".jar";
   if (android::base::StartsWith(path, kFrameworksPrefix)
@@ -78,6 +79,13 @@ bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
     return true;
   }
 
+  // Jars from the runtime apex are allowed.
+  static const char* kRuntimeApexPrefix = "/apex/com.android.runtime/javalib/";
+  if (android::base::StartsWith(path, kRuntimeApexPrefix)
+      && android::base::EndsWith(path, kJarSuffix)) {
+    return true;
+  }
+
   // Whitelist files needed for Runtime Resource Overlay, like these:
   // /system/vendor/overlay/framework-res.apk
   // /system/vendor/overlay-subdir/pg/framework-res.apk
-- 
cgit v1.2.3-59-g8ed1b