ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Extend white-listed directories to include /mnt/expand

Browse source 
am: f334cbf0e1

* commit 'f334cbf0e1425633bef96a21b0ce9e30f4c6ffa9':
  Extend white-listed directories to include /mnt/expand

Change-Id: I378ed0ea80684585ca7daa833b91336a8d38c98c
This commit is contained in:
Dimitry Ivanov 2016-05-10 19:26:45 +00:00 committed by android-build-merger
commit ff38020da1
1 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
libnativeloader/native_loader.cpp
View file

@ -40,6 +40,11 @@ namespace android {
static constexpr const char* kPublicNativeLibrariesSystemConfigPathFromRoot = "/etc/public.libraries.txt"; static constexpr const char* kPublicNativeLibrariesSystemConfigPathFromRoot = "/etc/public.libraries.txt";
static constexpr const char* kPublicNativeLibrariesVendorConfig = "/vendor/etc/public.libraries.txt"; static constexpr const char* kPublicNativeLibrariesVendorConfig = "/vendor/etc/public.libraries.txt";
// (http://b/27588281) This is a workaround for apps using custom classloaders and calling
// System.load() with an absolute path which is outside of the classloader library search path.
// This list includes all directories app is allowed to access this way.
static constexpr const char* kWhitelistedDirectories = "/data:/mnt/expand";
static bool is_debuggable() { static bool is_debuggable() {
char debuggable[PROP_VALUE_MAX]; char debuggable[PROP_VALUE_MAX];
property_get("ro.debuggable", debuggable, "0"); property_get("ro.debuggable", debuggable, "0");
@ -63,18 +68,17 @@ class LibraryNamespaces {
library_path = library_path_utf_chars.c_str(); library_path = library_path_utf_chars.c_str();
} }
std::string permitted_path; // (http://b/27588281) This is a workaround for apps using custom
// classloaders and calling System.load() with an absolute path which
// is outside of the classloader library search path.
//
// This part effectively allows such a classloader to access anything
// under /data and /mnt/expand
std::string permitted_path = kWhitelistedDirectories;
if (java_permitted_path != nullptr) { if (java_permitted_path != nullptr) {
ScopedUtfChars path(env, java_permitted_path); ScopedUtfChars path(env, java_permitted_path);
permitted_path = path.c_str(); permitted_path = permitted_path + ":" + path.c_str();
} else {
// (http://b/27588281) This is a workaround for apps using custom
// classloaders and calling System.load() with an absolute path which
// is outside of the classloader library search path.
//
// This part effectively allows such a classloader to access anything
// under /data
permitted_path = "/data";
} }
if (!initialized_ && !InitPublicNamespace(library_path.c_str(), target_sdk_version)) { if (!initialized_ && !InitPublicNamespace(library_path.c_str(), target_sdk_version)) {