diff options
| author | 2023-03-03 19:35:48 +0000 | |
|---|---|---|
| committer | 2023-03-03 19:35:48 +0000 | |
| commit | 1e06f503465e3db9e9e1ef28f5addf66b7c4975a (patch) | |
| tree | 33e9761fe5108f5f5d209c1e1dd19e2a4a3740b8 | |
| parent | 43e9083b63cb5e5a2609569a40990ed6b0748dd6 (diff) | |
| parent | 09d51b4ddd483a28dd90c5cc4060258d17e12598 (diff) | |
Merge "Don't allow opening reference profiles for writing when ART Service is enabled." am: d9f38a04f2 am: 64fead09a5 am: 09d51b4ddd
Original change: https://android-review.googlesource.com/c/platform/frameworks/native/+/2465214
Change-Id: I36a27dfbac295c91bf979709f546902717223dcc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
| -rw-r--r-- | cmds/installd/dexopt.cpp | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/cmds/installd/dexopt.cpp b/cmds/installd/dexopt.cpp index 34ea7597b4..ce3d669a63 100644 --- a/cmds/installd/dexopt.cpp +++ b/cmds/installd/dexopt.cpp @@ -442,6 +442,16 @@ static unique_fd open_current_profile(uid_t uid, userid_t user, const std::strin static unique_fd open_reference_profile(uid_t uid, const std::string& package_name, const std::string& location, bool read_write, bool is_secondary_dex) { std::string profile = create_reference_profile_path(package_name, location, is_secondary_dex); + if (read_write && GetBoolProperty("dalvik.vm.useartservice", false)) { + // ART Service doesn't use flock and instead assumes profile files are + // immutable, so ensure we don't open a file for writing when it's + // active. + // TODO(b/251921228): Normally installd isn't called at all in that + // case, but OTA is still an exception that uses the legacy code. + LOG(ERROR) << "Opening ref profile " << profile + << " for writing is unsafe when ART Service is enabled."; + return invalid_unique_fd(); + } return open_profile( uid, profile, @@ -450,14 +460,13 @@ static unique_fd open_reference_profile(uid_t uid, const std::string& package_na } static UniqueFile open_reference_profile_as_unique_file(uid_t uid, const std::string& package_name, - const std::string& location, bool read_write, bool is_secondary_dex) { + const std::string& location, + bool is_secondary_dex) { std::string profile_path = create_reference_profile_path(package_name, location, is_secondary_dex); - unique_fd ufd = open_profile( - uid, - profile_path, - read_write ? (O_CREAT | O_RDWR) : O_RDONLY, - S_IRUSR | S_IWUSR | S_IRGRP); // so that ART can also read it when apps run. + unique_fd ufd = open_profile(uid, profile_path, O_RDONLY, + S_IRUSR | S_IWUSR | + S_IRGRP); // so that ART can also read it when apps run. return UniqueFile(ufd.release(), profile_path, [](const std::string& path) { clear_profile(path); @@ -1104,8 +1113,7 @@ UniqueFile maybe_open_reference_profile(const std::string& pkgname, location = profile_name; } } - return open_reference_profile_as_unique_file(uid, pkgname, location, /*read_write*/false, - is_secondary_dex); + return open_reference_profile_as_unique_file(uid, pkgname, location, is_secondary_dex); } // Opens the vdex files and assigns the input fd to in_vdex_wrapper and the output fd to |