android_frameworks_base

drgreen/android_frameworks_base

Fork 0

Commit Graph

Author	SHA1	Message	Date
Mathew Inwood	eaf13c7efc	Greylist 3P packages in the bootclasspath. These packages contain code that was whitelisted in P (accidentally), and was blacklisted in Q (until now). They also contain open source code that apps could reasonably include in their APK. Blacklisting the code is problematic, as this results in apps being able to resolve the class itself, but without any visibility of any members within it. This is a measure to reduce the risk of Q, pending a proper solution for these classes in future. Remove the equivalent methods from the greylist as they are now redundant. This was done via: $ cat hiddenapi-greylist.txt \ \| grep -v '^Lgov/nist/' \ \| grep -v '^Lorg/apache/harmony/' \ \| grep -v '^Lorg/apache/xalan/' \ \| grep -v '^Lorg/apache/xml/' \ \| grep -v '^Lorg/apache/xpath/' Bug: 129387816 Test: m Change-Id: I48d4ca3b8069894e91785f1dd69d81878078208c	2019-05-28 14:27:08 +01:00
Andrei Onea	a6e09b4273	Automatically greylist code in 3P packages generate_hidden_api_lists now receives a file containing package names which need to be greylisted (although it could be made to work with any api list required). Also took the opportunity to clean up the tests to reflect the more strict code. Bug: 129387816 Test: m appcompat Test: frameworks/base/tools/hiddenapi/generate_hiddenapi_lists_test.py Change-Id: I619f8581d166aa48eda572bc0053d8739d6420eb	2019-04-01 15:32:36 +01:00

Author

SHA1

Message

Date

Mathew Inwood

eaf13c7efc

Greylist 3P packages in the bootclasspath.

These packages contain code that was whitelisted in P (accidentally),
and was blacklisted in Q (until now). They also contain open source code
that apps could reasonably include in their APK. Blacklisting the code
is problematic, as this results in apps being able to resolve the class
itself, but without any visibility of any members within it.

This is a measure to reduce the risk of Q, pending a proper solution for
these classes in future.

Remove the equivalent methods from the greylist as they are now
redundant. This was done via:
$ cat hiddenapi-greylist.txt \
    | grep -v '^Lgov/nist/' \
    | grep -v '^Lorg/apache/harmony/' \
    | grep -v '^Lorg/apache/xalan/' \
    | grep -v '^Lorg/apache/xml/' \
    | grep -v '^Lorg/apache/xpath/'

Bug: 129387816
Test: m
Change-Id: I48d4ca3b8069894e91785f1dd69d81878078208c

2019-05-28 14:27:08 +01:00

Andrei Onea

a6e09b4273

Automatically greylist code in 3P packages

generate_hidden_api_lists now receives a file containing package names
which need to be greylisted (although it could be made to work with any
api list required).
Also took the opportunity to clean up the tests to reflect the more
strict code.

Bug: 129387816
Test: m appcompat
Test: frameworks/base/tools/hiddenapi/generate_hiddenapi_lists_test.py
Change-Id: I619f8581d166aa48eda572bc0053d8739d6420eb

2019-04-01 15:32:36 +01:00

2 Commits