When the target package update, check if the idmap file must change.
If so, propagate the idmap changes to the targets overlay paths, and
invalidate cached overlay ApkAssets in ResourcesManager.
Bug: 147794117
Bug: 150877400
Test: OverlayRemountedTest
Test: libandroidfw_tests
Change-Id: I6115c30bae3672b188a5ff270720a0eea15b43b5
Updating new version package with changing resource id,
Overlay idmap still retain same resource id and target path of prebuilt package.
Consequentially overlay can not apply to new update resource id.
As is : VerifyIdmap only verify uptodate of idmap.
To be : Verify change of target path.
Bug: 147794117
Bug: 150877400
Test: idmap2_tests
Change-Id: I2ed6b5ba49aeb1b24625866daefea56c9766baef
To reduce the discrepance between old code which still uses
std::unique_ptr and new code using std::optional.
This might help to avoid merge-conflicts between branches.
Bug: 144773267
Test: m
Merged-In: Ie3196ee5cce17d77950eea9479d2cc1406e9e674
Merged-In: I33822bc76ef87637d5408849f64a0607e121792e
Change-Id: I33822bc76ef87637d5408849f64a0607e121792e
(cherry picked from commit ad62e8cbf5cf6083568f6f230ef7d73ad8776971)
Exempt-From-Owner-Approval: cherry-pick from master with owner's approval
To reduce the discrepance between old code which still uses
std::unique_ptr and new code using std::optional.
This might help to avoid merge-conflicts between branches.
Bug: 144773267
Test: m
(cherry picked from commit ad62e8cbf5cf6083568f6f230ef7d73ad8776971)
Change-Id: Ie3196ee5cce17d77950eea9479d2cc1406e9e674
Merged-In: I33822bc76ef87637d5408849f64a0607e121792e
Exempt-From-Owner-Approval: approved from master
Revert submission 10632869-nullable-compat-rvc-dev-plus-aosp
Reason for revert: incorrect merged-in line
Reverted Changes:
I33822bc76:Use aidl::nullable for nullable type in C++
I378dbf848:Add aidl::nullable type for nullable in AIDL
Change-Id: I98d4041770fe97b622aaaf8c829b97259bd82e2c
Exempt-From-Owner-Approval: revert wrong submission
To reduce the discrepance between old code which still uses
std::unique_ptr and new code using std::optional.
This might help to avoid merge-conflicts between branches.
Bug: 144773267
Test: m
Merged-In I33822bc76ef87637d5408849f64a0607e121792e
Change-Id: I33822bc76ef87637d5408849f64a0607e121792e
(cherry picked from commit ad62e8cbf5cf6083568f6f230ef7d73ad8776971)
Exempt-From-Owner-Approval: cherry-pick from master
There are cases where an app can ship overlays for itself,
but the "signature" policy as described would open up
a vulnerability by allowing the system actor to create
and sign any arbitrary overlay that will apply to the target.
To prevent this, redefine "signature" as target package only,
and introduce "actor" for checking against the actor signature.
Any app that wishes to use both can include both policies.
Bug: 130563563
Test: m aapt2_tests idmapt2_tests and run from host test output
Test: atest libandroidfw_tests
Change-Id: I1c583a5b37f4abbeb18fc6a35c502377d8977a41
To make it easier to add the actor policy in a follow up CL,
move most of the policy handling to a central location.
The strings and transformation between strings and flags is
now handled in libidmap2policies, with libandroidfw
containing the single source of policy flags.
This also extracts all the test resource IDs into an R.h
so they can be swapped without having to edit a dozen files
each time.
Bug: 130563563
Test: m aapt2_tests idmapt2_tests and run from host test output
Test: atest libandroidfw_tests
Change-Id: Ie533c9cebf938215df7586f00c38763ae467e606
AIDL generates optional<T> for nullable T types for C++, which is more
efficient and idomatic and easy to use.
Bug: 144773267
Test: build/flash/boot
Merged-In: I90cf2ce1193c479179687d71a5c1416f6cdf0b16
Change-Id: I90cf2ce1193c479179687d71a5c1416f6cdf0b16
(cherry picked from commit 53be7f4db497a05256407bd4c499a8fafc8e095d)
Exempt-From-Owner-Approval: CP from master
This change introduces idmap parsing of <overlay> tags.
The <overlay> tag allows one to explicitly map resources in the target
to either a resource in the overlay or an inline attribute value.
Use the android:resourcesMap atttribute on the <overlay> tag in the
android manifest to specify a file to provide the resource mapping.
Bug: 135943783
Bug: 135051420
Test: idmap2_tests
Change-Id: I1740dcdc01849c43b1f2cb8c6645d666dbb05dba
Sprinkle idmap2 with the override specifier to help the compiler catch
future errors.
Test: builds
Change-Id: I6932c5a80ac607f310e256620194e04acfd19ffd
This change adds parsing, encoding, and validating of odm and oem
overlayable policies to aapt2, libandroidfw, and idmap2.
Bug: 121033532
Test: aapt2_tests, idmap2_tests
Change-Id: Ifc0d4b6c9f9c37e06b2988abade69dbb277c50c2
Change the signatures of Idmap::FromApkAssets and
Idmap::FromBinaryStream from
std::unique_ptr<const Idmap> func(..., std::ostream& out_error);
to
Result<std::unique_ptr<const Idmap>> func(...);
The returned pointer is still a unique pointer to ensure the dynamically
allocated memory is automatically released when no longer used. This
means that using the returned value of either function requires one of
two patterns:
const auto idmap = func(...);
if (!idmap) {
return Error(...);
}
(*idmap)->accept(...);
or
auto result = func(...);
if (!result) {
return Error(...);
}
const auto idmap = std::move(*result);
idmap->accept(...);
Note that in the second example, result must be non-const or
the call to std::move(*result) will not compile.
With this change, the entire idmap2 project has been converted to use
Result.
Test: make idmap2_tests
Change-Id: I533f4e03b99645523d94dd5f446ad76fb435f661
Change the signature of the idmap2 commands (Create, Dump, ...) to
return Result<Unit> instead of bool. This removes the need to pass in an
ostream for error messages: instead, those messages are part of the
returned Result.
Consolidate error messages: texts in Error objects should not be
prefixed with "error:", that is the responsibility of the outer-most
caller (i.e. main()).
Test: make idmap2_tests
Change-Id: I074881b3d1982ea8f4be5752161ac74b14fcba95
Remove the old std::optional based Result class, replace uses with the
new std::variant based Result class.
Test: make idmap2_tests
Change-Id: I401cb36e5af06133a2872d835cf29bfb0b106597
Handles the new signature policy for overlayable resources.
Bug: 119402606
Test: idmap2_tests target
Change-Id: I7961e04a879c40c240ed9097bb510addb8b56680
Thanks to the ART team for art/libartbase/base/systrace.h which served
as inspiration for the SYSTRACE macro.
Bug: 119761810
Test: run idmap2_tests on device while capturing systrace
Change-Id: I81112ae8e58daf20ebed33ef8b0f5a0caa4dbc73
Deny write access to /data/resource-cache for UIDs other than root and
system. While this is already handled by SELinux rules, add an
additional layer of security to explicitly prevent malicious apps from
messing with the system's idmap files.
Test: make idmap2_tests
Change-Id: Id986633558d5d02452276f05f64337a8700f148a
Teaches idmap2 to recognize policy restrictions put on overlayable
resources. If overlayable enforcement is turned on for an overlay, then
any resources defined within the overlayable api of the target will have
policy restrictions imposed on them. All resources without overlayable
definitions will continue to be overlayable without policy restrictions.
Bug: 119390857
Test: atest idmap2 and booting
Co-authored-by: Ryan Mitchell <rtmitchell@google.com>
Change-Id: I7e435648eb6e4a87b0b90a7b2a0c3f33c1516ea6
For clarity, split IIdmap2::createIdmap into two separate functions:
- IIdmap2::verifyIdmap [check if an existing idmap file is OK to use]
- IIdmap2::createIdmap [unconditionally (re)create an idmap file]
Teach the IdmapManager to call verifyIdmap and to proceed with
createIdmap only if actually needed.
Test: atest OverlayDeviceTests OverlayHostTests
Change-Id: I9f6f1192011fcb094adffeca1eb3f709520bbd24
Switch from idmap to idmap2.
This CL is the safety pin for idmap2. If idmap2 causes issues during
dogfooding it is easy go back to idmap by reverting this CL.
Once idmap2 has proven itself during a suitable period of time, the
FEATURE_FLAG_IDMAP2 flag and the obsolete idmap code will be removed.
Also add an .rc file to tell init to launch idmap2d.
Bug: 78815803
Test: atest OverlayDeviceTests OverlayHostTests
Change-Id: I5ca1388ac2f8a9379fed0c257247d351a5c7a3c4
idmap2 is a reboot of the idmap project. The project aims to
- use modern C++
- greatly improve test and debug support
- interface towards AssetManager2 (instead of AssetManager)
- provide a solid foundation to add support for new features
To make it easier to verify correctness, this first version of idmap2 is
feature equivalent to idmap. Later versions will add support for new
features such as <overlayable>.
Bug: 78815803
Test: make idmap2_tests
Change-Id: I1d806dc875a493e730ab55d2fdb027618e586d16
