There are cases where an app can ship overlays for itself,
but the "signature" policy as described would open up
a vulnerability by allowing the system actor to create
and sign any arbitrary overlay that will apply to the target.
To prevent this, redefine "signature" as target package only,
and introduce "actor" for checking against the actor signature.
Any app that wishes to use both can include both policies.
Bug: 130563563
Test: m aapt2_tests idmapt2_tests and run from host test output
Test: atest libandroidfw_tests
Change-Id: I1c583a5b37f4abbeb18fc6a35c502377d8977a41
To make it easier to add the actor policy in a follow up CL,
move most of the policy handling to a central location.
The strings and transformation between strings and flags is
now handled in libidmap2policies, with libandroidfw
containing the single source of policy flags.
This also extracts all the test resource IDs into an R.h
so they can be swapped without having to edit a dozen files
each time.
Bug: 130563563
Test: m aapt2_tests idmapt2_tests and run from host test output
Test: atest libandroidfw_tests
Change-Id: Ie533c9cebf938215df7586f00c38763ae467e606
When shared libraries are assigned package ids in a different order
than compile order, bag resources that use attributes from both
multiple libraries will not be sorted in ascending attribute id order.
This change detects when the attribute ids are not in order and sorts
the bag entries accordingly.
The change is designed to be less invasive. Deduping the GetBag logic
should probably be spun off in a separate bug.
Bug: 147674078
Test: libandroidfw_tests
Change-Id: Id8ce8e9c7ef294fcc312b77468136067d392dbd0
Overlays targeting shared libraries should be loaded into the
resources of every target that depends on the shared library.
Static shared libraries are currently not supported because overlays
should override all versions of static shared libraries and there is
not currently support for an overlay targeting multiple APKs.
Also created a test instrumentation and host test suite for testing
overlays and packages on the system image.
Bug: 140790224
Test: atest OverlayRemountedTest
Change-Id: I20a217b6368d6cf92b2b9f46908fd58012933f72
When a shared library package is loaded into an AssetManager, the
shared library will be assigned a unique package id. Subsequent
AssetManaagers that load a shared library of the same package name
as the original shared library will use previously assigned package
name. Shared libraries will have stable package ids throughout the
lifetime of application.
Bug: 140790224
Bug: 128496033
Test: libandroidfw_tests
Test: third-party app no longer crashes on open
Test: atest CtsHostsideWebViewTests
Change-Id: Idc0315be21ea00b74d1a918b7083ad655104c008
LocaleDataTables.cpp was regenerated running the following command
(should be run from frameworks/base):
$ ./tools/localedata/extract_icu_data.py $ANDROID_BUILD_TOP > libs/androidfw/LocaleDataTables.cpp
Test: m droid
Change-Id: If180ff22a74b485cc3cca34a3f9ba98c826a2210
Add a new variable length string to the idmap file format. This string will
hold debug information like fulfilled policies and any warnings triggered while
generating the file.
Bump the idmap version to 3.
Adjust the idmap header definition in ResourceType.h to take the new string
into account.
Example debug info:
$ idmap2 create \
--target-apk-path frameworks/base/cmds/idmap2/tests/data/target/target.apk \
--overlay-apk-path frameworks/base/cmds/idmap2/tests/data/overlay/overlay.apk \
--idmap-path /tmp/a.idmap \
--policy public \
--policy oem
$ idmap2 dump --idmap-path /tmp/a.idmap
target apk path : frameworks/base/cmds/idmap2/tests/data/target/target.apk
overlay apk path : frameworks/base/cmds/idmap2/tests/data/overlay/overlay.apk
I fulfilled_policies=oem|public enforce_overlayable=true
W failed to find resource "integer/not_in_target" in target resources
0x7f010000 -> 0x7f010000 integer/int1
0x7f02000c -> 0x7f020000 string/str1
[...]
$ idmap2 dump --idmap-path /tmp/a.idmap --verbose
00000000: 504d4449 magic
00000004: 00000003 version
00000008: 76a20829 target crc
0000000c: c054fb26 overlay crc
00000010: ........ target path: frameworks/base/cmds/idmap2/tests/data/target/target.apk
00000110: ........ overlay path: frameworks/base/cmds/idmap2/tests/data/overlay/overlay.apk
00000210: ........ debug info: ...
00000294: 7f target package id
00000295: 7f overlay package id
[...]
Also, tell cpplint to accept non-const references as function parameters:
they make more sense as out-parameters than pointers that are assumed to
be non-null.
Also, switch to regular expressions in the RawPrintVisitorTests: no more
manual fixups of the stream offsets! Tell cpplint that the <regex>
header is OK to use.
Bug: 140790707
Test: idmap2_tests
Change-Id: Ib94684a3b4001240321801e21af8e132fbcf6609
LocaleDataTables.cpp is outdated due to ICU update over the years
Test: ./tools/localedata/extract_icu_data.py $ANDROID_BUILD_TOP
Test: m droid
Change-Id: I21918cc0f50c7347e514dc7b015607e19cffb377
Add tests to ensure that findViewbyId retrieves the correct view when
an id is overlaid in a RRO.
Also fixes a bug that made strings hardcoded in the overlays.xml
file unable to be retrieved from the string pool.
Bug: 135943783
Test: atest OverlayDeviceTests
Change-Id: I2bf03f151cb696d28f6bb9018eb319af29ba48f4
DisplayEventDispatcher will live in libgui for now, as a shim over
DisplayEventReceiver. This is so that we can keep libgui out of the
UI-renderer module while we can work on stabilizing the interface with
libandroidfw for asset management required by graphics classes.
It also doesn't make much sense to have display-event functionality in a
separate grab-bag library, especially when there's two users, and
there is potentially an opportunity to somehow merge with
DisplayEventReceiver to simplify code a bit.
Change-Id: Ife0f9c8ad2053437087fdbf0618b892928ce6864
Bug: 142760698
Test: builds
Validates that the caller of an OverlayManager API that mutates state
is actually allowed to act on the target as defined in the target's
overlayable tag.
<overlayable name="MyResources" actor="namespace/name">
An actor is valid if any of the following is true:
- is root/system
- is the target overlay package
- has the CHANGE_OVERLAY_PACKAGES permission and an actor is not defined
- is the same package name as the sole resolved Activity for the actor specified
in the overlayable definition, with only pre-installed, namespaced actors
currently supported
Bug: 119442583
Bug: 135052950
Test: atest SystemConfigNamedActorTest
Test: atest com.android.server.om
Change-Id: If56b9e8366852eaef84f6bb25c3e6871eaa3f219
Now that RROs are loaded as shared libraries,
LoadedApk#makeApplication is attempting to find the onResourcesLoaded
method of the overlays. This is a performance hit and causes more
memory than necessary to be allocated during application start up.
Bug: 143314947
Test: com.android.performance.tests.HermeticMemoryTest
Change-Id: I3b8cd22dae83e0164d6678c80279f9fffceb34e6
This change allows RROs to reference their own internal resources as
expected.
Overlays are loaded as shared libraries so they can have their own
resource id space that does not conflict with the resource id space of
the target or other overlays.
References to overlay resources that override target resources now
appear as references to the target resources.
Overlay values that are inlined into the xml file specified using
android:overlayResources are now able to be used at runtime.
See go/rro-references for more information.
Bug: 135943783
Test: idmap2_tests
Test: libandroidfw_tests
Change-Id: Ie349c56d7fd3f7d94b7d595ed6d01dc6b59b6178
This change modifies the idmap file format to allow for target resources
to map to arbitrary type/value combinations and to allow overlay
resources to be mapped back to target resource ids so references to
overlay resources can appear as references to target resources at
runtime.
The mappings of target resources to overlay resources and vice-versa are
both encoded as sparse arrays. Instead of looking up a resource by
indexing into an array that maps to the overlay resource id, the runtime
will binary search over the sparse array to find the type and value that
overlays the target resource.
Bug: 135943783
Test: idmap2_tests
Change-Id: I5d5344cdb7fe35f4f2e8d6781016299dea5d1e20
ResourceLoaders allow inserting another .apk/.arsc into AssetManager's
resource resolution search. The effect is similar to overlays,
where a entry of >= config later in the path list will return that
ApkAsset's resource value instead.
Because loading from an .arsc is supported, which doesn't contain
any actual files, ResourceLoader exposes loadDrawable and
loadXmlResourceParser to allow an application load those files from
anywhere or create them in code.
The data being loaded is either pushed into an .apk or .arsc that
mocks itself as the package being "overlaid" and is passed in
through ResourcesProvider, an interface with static methods that
supports loading from a readable path on disk or a FileDescriptor.
The APIs are accessed through a Context's getResources(), which
has been changed to be unique per "Context-scope", which is usually
the lifetime of the Java object. The exception is that Activities
who get their Resources object persisted across recreations
maintain that logic for persisting ResourceLoaders.
Bug: 135270223
Test: atest FrameworksResourceLoaderTests
Change-Id: I6929f0828629ad39a21fa155e7fec73bd75eec7d
This change introduces idmap parsing of <overlay> tags.
The <overlay> tag allows one to explicitly map resources in the target
to either a resource in the overlay or an inline attribute value.
Use the android:resourcesMap atttribute on the <overlay> tag in the
android manifest to specify a file to provide the resource mapping.
Bug: 135943783
Bug: 135051420
Test: idmap2_tests
Change-Id: I1740dcdc01849c43b1f2cb8c6645d666dbb05dba
Allows retrieval of a string representation of overlayable resources
that can be compared during CTS testing to verify that the overlayable
resources on device match the expected overlayable API.
Bug: 135052616
Test: libandroidfw_tests
Test: atest OverlayHostTest
Change-Id: I613f28c202a0904a917577f932d072111c1aa7bd
When there is overlay package in system_ext, turn on POLICY_SYSTEM_PARTITION.
In other words, overlay pacakge in /system_ext is considered as system's one
Test: mv vendor/overlay/framework-res__auto_generated_rro.apk system_ext/overlay
and then check if it works properly.
Bug: 136715327
Change-Id: Ib225368eae41203a8630f4310d26e9cf1afa706a
Merged-In: Ib225368eae41203a8630f4310d26e9cf1afa706a
(cherry picked from commit cba9579158)
To check if a value falls in a range, it should be
a >= MIN && a <= MAX
instead of
a >= MIN || a <= MAX
Found by an experimental Clang warning change,
https://reviews.llvm.org/D66044.
Test: presubmit
Change-Id: I91e2a04687285d9311fd831197c73af38ec8379c
A crafted resources arsc could cause libandroidfw to read data out of
bounds of the resources arsc. This change updates the logic to calculate
whether the ref table chunk is large enough to hold the number of
entries specified in the header.
Bug: 129475100
Test: adb shell push ResTableTest data
Test: adb shell push poc.arsc data
Test: ./ResTableTest poc.arsc
Change-Id: Ifbaad87bdbcb7eecf554ef362e0118f53532a22a
When there is overlay package in system_ext, turn on POLICY_SYSTEM_PARTITION.
In other words, overlay pacakge in /system_ext is considered as system's one
Test: mv vendor/overlay/framework-res__auto_generated_rro.apk system_ext/overlay
and then check if it works properly.
Bug: 136715327
Change-Id: Ib225368eae41203a8630f4310d26e9cf1afa706a
The file permissions of the idmap2 binary are currently not set
correctly when the system forks and execs the idmap binary during
zygote. This chnages sets the uid and gid after forking to the same uid
and gid of the parent process.
Bug: 134897503
Test: device boots and generates idmap
Change-Id: Ic7fac49e5982f3c47713603b905c3a6be117a05b
Do not print warnings when an APK loaded into aapt2's symbol table has a
compressed resources.arsc. This log is helpful at runtime since
compressed arscs take longer uncompress.
Bug: 130617130
Test: manual
Change-Id: I52847663ad8f46ba00d3dd1ebb2292ab54737680
