There are cases where an app can ship overlays for itself,
but the "signature" policy as described would open up
a vulnerability by allowing the system actor to create
and sign any arbitrary overlay that will apply to the target.
To prevent this, redefine "signature" as target package only,
and introduce "actor" for checking against the actor signature.
Any app that wishes to use both can include both policies.
Bug: 130563563
Test: m aapt2_tests idmapt2_tests and run from host test output
Test: atest libandroidfw_tests
Change-Id: I1c583a5b37f4abbeb18fc6a35c502377d8977a41
To make it easier to add the actor policy in a follow up CL,
move most of the policy handling to a central location.
The strings and transformation between strings and flags is
now handled in libidmap2policies, with libandroidfw
containing the single source of policy flags.
This also extracts all the test resource IDs into an R.h
so they can be swapped without having to edit a dozen files
each time.
Bug: 130563563
Test: m aapt2_tests idmapt2_tests and run from host test output
Test: atest libandroidfw_tests
Change-Id: Ie533c9cebf938215df7586f00c38763ae467e606
Add a new variable length string to the idmap file format. This string will
hold debug information like fulfilled policies and any warnings triggered while
generating the file.
Bump the idmap version to 3.
Adjust the idmap header definition in ResourceType.h to take the new string
into account.
Example debug info:
$ idmap2 create \
--target-apk-path frameworks/base/cmds/idmap2/tests/data/target/target.apk \
--overlay-apk-path frameworks/base/cmds/idmap2/tests/data/overlay/overlay.apk \
--idmap-path /tmp/a.idmap \
--policy public \
--policy oem
$ idmap2 dump --idmap-path /tmp/a.idmap
target apk path : frameworks/base/cmds/idmap2/tests/data/target/target.apk
overlay apk path : frameworks/base/cmds/idmap2/tests/data/overlay/overlay.apk
I fulfilled_policies=oem|public enforce_overlayable=true
W failed to find resource "integer/not_in_target" in target resources
0x7f010000 -> 0x7f010000 integer/int1
0x7f02000c -> 0x7f020000 string/str1
[...]
$ idmap2 dump --idmap-path /tmp/a.idmap --verbose
00000000: 504d4449 magic
00000004: 00000003 version
00000008: 76a20829 target crc
0000000c: c054fb26 overlay crc
00000010: ........ target path: frameworks/base/cmds/idmap2/tests/data/target/target.apk
00000110: ........ overlay path: frameworks/base/cmds/idmap2/tests/data/overlay/overlay.apk
00000210: ........ debug info: ...
00000294: 7f target package id
00000295: 7f overlay package id
[...]
Also, tell cpplint to accept non-const references as function parameters:
they make more sense as out-parameters than pointers that are assumed to
be non-null.
Also, switch to regular expressions in the RawPrintVisitorTests: no more
manual fixups of the stream offsets! Tell cpplint that the <regex>
header is OK to use.
Bug: 140790707
Test: idmap2_tests
Change-Id: Ib94684a3b4001240321801e21af8e132fbcf6609
This change modifies the idmap file format to allow for target resources
to map to arbitrary type/value combinations and to allow overlay
resources to be mapped back to target resource ids so references to
overlay resources can appear as references to target resources at
runtime.
The mappings of target resources to overlay resources and vice-versa are
both encoded as sparse arrays. Instead of looking up a resource by
indexing into an array that maps to the overlay resource id, the runtime
will binary search over the sparse array to find the type and value that
overlays the target resource.
Bug: 135943783
Test: idmap2_tests
Change-Id: I5d5344cdb7fe35f4f2e8d6781016299dea5d1e20
This change introduces idmap parsing of <overlay> tags.
The <overlay> tag allows one to explicitly map resources in the target
to either a resource in the overlay or an inline attribute value.
Use the android:resourcesMap atttribute on the <overlay> tag in the
android manifest to specify a file to provide the resource mapping.
Bug: 135943783
Bug: 135051420
Test: idmap2_tests
Change-Id: I1740dcdc01849c43b1f2cb8c6645d666dbb05dba
