1 /*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "oat_file_assistant.h"
18
19 #include <sstream>
20
21 #include <sys/stat.h>
22 #include "zlib.h"
23
24 #include "android-base/file.h"
25 #include "android-base/stringprintf.h"
26 #include "android-base/strings.h"
27
28 #include "base/compiler_filter.h"
29 #include "base/file_utils.h"
30 #include "base/logging.h" // For VLOG.
31 #include "base/macros.h"
32 #include "base/os.h"
33 #include "base/stl_util.h"
34 #include "base/string_view_cpp20.h"
35 #include "base/systrace.h"
36 #include "base/utils.h"
37 #include "class_linker.h"
38 #include "class_loader_context.h"
39 #include "dex/art_dex_file_loader.h"
40 #include "dex/dex_file_loader.h"
41 #include "exec_utils.h"
42 #include "gc/heap.h"
43 #include "gc/space/image_space.h"
44 #include "image.h"
45 #include "oat.h"
46 #include "runtime.h"
47 #include "scoped_thread_state_change-inl.h"
48 #include "vdex_file.h"
49
50 namespace art {
51
52 using android::base::StringPrintf;
53
54 static constexpr const char* kAnonymousDexPrefix = "Anonymous-DexFile@";
55 static constexpr const char* kVdexExtension = ".vdex";
56
operator <<(std::ostream & stream,const OatFileAssistant::OatStatus status)57 std::ostream& operator << (std::ostream& stream, const OatFileAssistant::OatStatus status) {
58 switch (status) {
59 case OatFileAssistant::kOatCannotOpen:
60 stream << "kOatCannotOpen";
61 break;
62 case OatFileAssistant::kOatDexOutOfDate:
63 stream << "kOatDexOutOfDate";
64 break;
65 case OatFileAssistant::kOatBootImageOutOfDate:
66 stream << "kOatBootImageOutOfDate";
67 break;
68 case OatFileAssistant::kOatUpToDate:
69 stream << "kOatUpToDate";
70 break;
71 case OatFileAssistant::kOatContextOutOfDate:
72 stream << "kOaContextOutOfDate";
73 break;
74 }
75
76 return stream;
77 }
78
OatFileAssistant(const char * dex_location,const InstructionSet isa,ClassLoaderContext * context,bool load_executable,bool only_load_trusted_executable)79 OatFileAssistant::OatFileAssistant(const char* dex_location,
80 const InstructionSet isa,
81 ClassLoaderContext* context,
82 bool load_executable,
83 bool only_load_trusted_executable)
84 : OatFileAssistant(dex_location,
85 isa,
86 context,
87 load_executable,
88 only_load_trusted_executable,
89 /*vdex_fd=*/ -1,
90 /*oat_fd=*/ -1,
91 /*zip_fd=*/ -1) {}
92
93
OatFileAssistant(const char * dex_location,const InstructionSet isa,ClassLoaderContext * context,bool load_executable,bool only_load_trusted_executable,int vdex_fd,int oat_fd,int zip_fd)94 OatFileAssistant::OatFileAssistant(const char* dex_location,
95 const InstructionSet isa,
96 ClassLoaderContext* context,
97 bool load_executable,
98 bool only_load_trusted_executable,
99 int vdex_fd,
100 int oat_fd,
101 int zip_fd)
102 : context_(context),
103 isa_(isa),
104 load_executable_(load_executable),
105 only_load_trusted_executable_(only_load_trusted_executable),
106 odex_(this, /*is_oat_location=*/ false),
107 oat_(this, /*is_oat_location=*/ true),
108 vdex_for_odex_(this, /*is_oat_location=*/ false),
109 vdex_for_oat_(this, /*is_oat_location=*/ true),
110 zip_fd_(zip_fd) {
111 CHECK(dex_location != nullptr) << "OatFileAssistant: null dex location";
112 CHECK(!load_executable || context != nullptr) << "Loading executable without a context";
113
114 if (zip_fd < 0) {
115 CHECK_LE(oat_fd, 0) << "zip_fd must be provided with valid oat_fd. zip_fd=" << zip_fd
116 << " oat_fd=" << oat_fd;
117 CHECK_LE(vdex_fd, 0) << "zip_fd must be provided with valid vdex_fd. zip_fd=" << zip_fd
118 << " vdex_fd=" << vdex_fd;;
119 CHECK(!UseFdToReadFiles());
120 } else {
121 CHECK(UseFdToReadFiles());
122 }
123
124 dex_location_.assign(dex_location);
125
126 if (load_executable_ && isa != kRuntimeISA) {
127 LOG(WARNING) << "OatFileAssistant: Load executable specified, "
128 << "but isa is not kRuntimeISA. Will not attempt to load executable.";
129 load_executable_ = false;
130 }
131
132 // Get the odex filename.
133 std::string error_msg;
134 std::string odex_file_name;
135 if (DexLocationToOdexFilename(dex_location_, isa_, &odex_file_name, &error_msg)) {
136 odex_.Reset(odex_file_name, UseFdToReadFiles(), zip_fd, vdex_fd, oat_fd);
137 std::string vdex_file_name = GetVdexFilename(odex_file_name);
138 // We dup FDs as the odex_ will claim ownership.
139 vdex_for_odex_.Reset(vdex_file_name,
140 UseFdToReadFiles(),
141 DupCloexec(zip_fd),
142 DupCloexec(vdex_fd),
143 DupCloexec(oat_fd));
144 } else {
145 LOG(WARNING) << "Failed to determine odex file name: " << error_msg;
146 }
147
148 if (!UseFdToReadFiles()) {
149 // Get the oat filename.
150 std::string oat_file_name;
151 if (DexLocationToOatFilename(dex_location_, isa_, &oat_file_name, &error_msg)) {
152 oat_.Reset(oat_file_name, /*use_fd=*/ false);
153 std::string vdex_file_name = GetVdexFilename(oat_file_name);
154 vdex_for_oat_.Reset(vdex_file_name, UseFdToReadFiles(), zip_fd, vdex_fd, oat_fd);
155 } else {
156 LOG(WARNING) << "Failed to determine oat file name for dex location "
157 << dex_location_ << ": " << error_msg;
158 }
159 }
160
161 // Check if the dex directory is writable.
162 // This will be needed in most uses of OatFileAssistant and so it's OK to
163 // compute it eagerly. (the only use which will not make use of it is
164 // OatFileAssistant::GetStatusDump())
165 size_t pos = dex_location_.rfind('/');
166 if (pos == std::string::npos) {
167 LOG(WARNING) << "Failed to determine dex file parent directory: " << dex_location_;
168 } else if (!UseFdToReadFiles()) {
169 // We cannot test for parent access when using file descriptors. That's ok
170 // because in this case we will always pick the odex file anyway.
171 std::string parent = dex_location_.substr(0, pos);
172 if (access(parent.c_str(), W_OK) == 0) {
173 dex_parent_writable_ = true;
174 } else {
175 VLOG(oat) << "Dex parent of " << dex_location_ << " is not writable: " << strerror(errno);
176 }
177 }
178 }
179
UseFdToReadFiles()180 bool OatFileAssistant::UseFdToReadFiles() {
181 return zip_fd_ >= 0;
182 }
183
IsInBootClassPath()184 bool OatFileAssistant::IsInBootClassPath() {
185 // Note: We check the current boot class path, regardless of the ISA
186 // specified by the user. This is okay, because the boot class path should
187 // be the same for all ISAs.
188 // TODO: Can we verify the boot class path is the same for all ISAs?
189 Runtime* runtime = Runtime::Current();
190 ClassLinker* class_linker = runtime->GetClassLinker();
191 const auto& boot_class_path = class_linker->GetBootClassPath();
192 for (size_t i = 0; i < boot_class_path.size(); i++) {
193 if (boot_class_path[i]->GetLocation() == dex_location_) {
194 VLOG(oat) << "Dex location " << dex_location_ << " is in boot class path";
195 return true;
196 }
197 }
198 return false;
199 }
200
GetDexOptNeeded(CompilerFilter::Filter target,bool profile_changed,bool downgrade)201 int OatFileAssistant::GetDexOptNeeded(CompilerFilter::Filter target,
202 bool profile_changed,
203 bool downgrade) {
204 OatFileInfo& info = GetBestInfo();
205 DexOptNeeded dexopt_needed = info.GetDexOptNeeded(target,
206 profile_changed,
207 downgrade);
208 if (info.IsOatLocation() || dexopt_needed == kDex2OatFromScratch) {
209 return dexopt_needed;
210 }
211 return -dexopt_needed;
212 }
213
IsUpToDate()214 bool OatFileAssistant::IsUpToDate() {
215 return GetBestInfo().Status() == kOatUpToDate;
216 }
217
GetBestOatFile()218 std::unique_ptr<OatFile> OatFileAssistant::GetBestOatFile() {
219 return GetBestInfo().ReleaseFileForUse();
220 }
221
GetStatusDump()222 std::string OatFileAssistant::GetStatusDump() {
223 std::ostringstream status;
224 bool oat_file_exists = false;
225 bool odex_file_exists = false;
226 if (oat_.Status() != kOatCannotOpen) {
227 // If we can open the file, Filename should not return null.
228 CHECK(oat_.Filename() != nullptr);
229
230 oat_file_exists = true;
231 status << *oat_.Filename() << "[status=" << oat_.Status() << ", ";
232 const OatFile* file = oat_.GetFile();
233 if (file == nullptr) {
234 // If the file is null even though the status is not kOatCannotOpen, it
235 // means we must have a vdex file with no corresponding oat file. In
236 // this case we cannot determine the compilation filter. Indicate that
237 // we have only the vdex file instead.
238 status << "vdex-only";
239 } else {
240 status << "compilation_filter=" << CompilerFilter::NameOfFilter(file->GetCompilerFilter());
241 }
242 }
243
244 if (odex_.Status() != kOatCannotOpen) {
245 // If we can open the file, Filename should not return null.
246 CHECK(odex_.Filename() != nullptr);
247
248 odex_file_exists = true;
249 if (oat_file_exists) {
250 status << "] ";
251 }
252 status << *odex_.Filename() << "[status=" << odex_.Status() << ", ";
253 const OatFile* file = odex_.GetFile();
254 if (file == nullptr) {
255 status << "vdex-only";
256 } else {
257 status << "compilation_filter=" << CompilerFilter::NameOfFilter(file->GetCompilerFilter());
258 }
259 }
260
261 if (!oat_file_exists && !odex_file_exists) {
262 status << "invalid[";
263 }
264
265 status << "]";
266 return status.str();
267 }
268
LoadDexFiles(const OatFile & oat_file,const char * dex_location)269 std::vector<std::unique_ptr<const DexFile>> OatFileAssistant::LoadDexFiles(
270 const OatFile &oat_file, const char *dex_location) {
271 std::vector<std::unique_ptr<const DexFile>> dex_files;
272 if (LoadDexFiles(oat_file, dex_location, &dex_files)) {
273 return dex_files;
274 } else {
275 return std::vector<std::unique_ptr<const DexFile>>();
276 }
277 }
278
LoadDexFiles(const OatFile & oat_file,const std::string & dex_location,std::vector<std::unique_ptr<const DexFile>> * out_dex_files)279 bool OatFileAssistant::LoadDexFiles(
280 const OatFile &oat_file,
281 const std::string& dex_location,
282 std::vector<std::unique_ptr<const DexFile>>* out_dex_files) {
283 // Load the main dex file.
284 std::string error_msg;
285 const OatDexFile* oat_dex_file = oat_file.GetOatDexFile(
286 dex_location.c_str(), nullptr, &error_msg);
287 if (oat_dex_file == nullptr) {
288 LOG(WARNING) << error_msg;
289 return false;
290 }
291
292 std::unique_ptr<const DexFile> dex_file = oat_dex_file->OpenDexFile(&error_msg);
293 if (dex_file.get() == nullptr) {
294 LOG(WARNING) << "Failed to open dex file from oat dex file: " << error_msg;
295 return false;
296 }
297 out_dex_files->push_back(std::move(dex_file));
298
299 // Load the rest of the multidex entries
300 for (size_t i = 1;; i++) {
301 std::string multidex_dex_location = DexFileLoader::GetMultiDexLocation(i, dex_location.c_str());
302 oat_dex_file = oat_file.GetOatDexFile(multidex_dex_location.c_str(), nullptr);
303 if (oat_dex_file == nullptr) {
304 // There are no more multidex entries to load.
305 break;
306 }
307
308 dex_file = oat_dex_file->OpenDexFile(&error_msg);
309 if (dex_file.get() == nullptr) {
310 LOG(WARNING) << "Failed to open dex file from oat dex file: " << error_msg;
311 return false;
312 }
313 out_dex_files->push_back(std::move(dex_file));
314 }
315 return true;
316 }
317
HasDexFiles()318 bool OatFileAssistant::HasDexFiles() {
319 ScopedTrace trace("HasDexFiles");
320 // Ensure GetRequiredDexChecksums has been run so that
321 // has_original_dex_files_ is initialized. We don't care about the result of
322 // GetRequiredDexChecksums.
323 GetRequiredDexChecksums();
324 return has_original_dex_files_;
325 }
326
OdexFileStatus()327 OatFileAssistant::OatStatus OatFileAssistant::OdexFileStatus() {
328 return odex_.Status();
329 }
330
OatFileStatus()331 OatFileAssistant::OatStatus OatFileAssistant::OatFileStatus() {
332 return oat_.Status();
333 }
334
DexChecksumUpToDate(const VdexFile & file,std::string * error_msg)335 bool OatFileAssistant::DexChecksumUpToDate(const VdexFile& file, std::string* error_msg) {
336 ScopedTrace trace("DexChecksumUpToDate(vdex)");
337 const std::vector<uint32_t>* required_dex_checksums = GetRequiredDexChecksums();
338 if (required_dex_checksums == nullptr) {
339 LOG(WARNING) << "Required dex checksums not found. Assuming dex checksums are up to date.";
340 return true;
341 }
342
343 uint32_t number_of_dex_files = file.GetNumberOfDexFiles();
344 if (required_dex_checksums->size() != number_of_dex_files) {
345 *error_msg = StringPrintf("expected %zu dex files but found %u",
346 required_dex_checksums->size(),
347 number_of_dex_files);
348 return false;
349 }
350
351 for (uint32_t i = 0; i < number_of_dex_files; i++) {
352 uint32_t expected_checksum = (*required_dex_checksums)[i];
353 uint32_t actual_checksum = file.GetLocationChecksum(i);
354 if (expected_checksum != actual_checksum) {
355 std::string dex = DexFileLoader::GetMultiDexLocation(i, dex_location_.c_str());
356 *error_msg = StringPrintf("Dex checksum does not match for dex: %s."
357 "Expected: %u, actual: %u",
358 dex.c_str(),
359 expected_checksum,
360 actual_checksum);
361 return false;
362 }
363 }
364
365 return true;
366 }
367
DexChecksumUpToDate(const OatFile & file,std::string * error_msg)368 bool OatFileAssistant::DexChecksumUpToDate(const OatFile& file, std::string* error_msg) {
369 ScopedTrace trace("DexChecksumUpToDate(oat)");
370 const std::vector<uint32_t>* required_dex_checksums = GetRequiredDexChecksums();
371 if (required_dex_checksums == nullptr) {
372 LOG(WARNING) << "Required dex checksums not found. Assuming dex checksums are up to date.";
373 return true;
374 }
375
376 uint32_t number_of_dex_files = file.GetOatHeader().GetDexFileCount();
377 if (required_dex_checksums->size() != number_of_dex_files) {
378 *error_msg = StringPrintf("expected %zu dex files but found %u",
379 required_dex_checksums->size(),
380 number_of_dex_files);
381 return false;
382 }
383
384 for (uint32_t i = 0; i < number_of_dex_files; i++) {
385 std::string dex = DexFileLoader::GetMultiDexLocation(i, dex_location_.c_str());
386 uint32_t expected_checksum = (*required_dex_checksums)[i];
387 const OatDexFile* oat_dex_file = file.GetOatDexFile(dex.c_str(), nullptr);
388 if (oat_dex_file == nullptr) {
389 *error_msg = StringPrintf("failed to find %s in %s", dex.c_str(), file.GetLocation().c_str());
390 return false;
391 }
392 uint32_t actual_checksum = oat_dex_file->GetDexFileLocationChecksum();
393 if (expected_checksum != actual_checksum) {
394 VLOG(oat) << "Dex checksum does not match for dex: " << dex
395 << ". Expected: " << expected_checksum
396 << ", Actual: " << actual_checksum;
397 return false;
398 }
399 }
400 return true;
401 }
402
ValidateApexVersions(const OatFile & oat_file)403 static bool ValidateApexVersions(const OatFile& oat_file) {
404 const char* oat_apex_versions =
405 oat_file.GetOatHeader().GetStoreValueByKey(OatHeader::kApexVersionsKey);
406 if (oat_apex_versions == nullptr) {
407 return false;
408 }
409 // Some dex files get compiled with a subset of the boot classpath (for
410 // example currently system server is compiled with DEX2OAT_BOOTCLASSPATH).
411 // For such cases, the oat apex versions will be a prefix of the runtime apex
412 // versions.
413 return android::base::StartsWith(Runtime::Current()->GetApexVersions(), oat_apex_versions);
414 }
415
GivenOatFileStatus(const OatFile & file)416 OatFileAssistant::OatStatus OatFileAssistant::GivenOatFileStatus(const OatFile& file) {
417 // Verify the ART_USE_READ_BARRIER state.
418 // TODO: Don't fully reject files due to read barrier state. If they contain
419 // compiled code and are otherwise okay, we should return something like
420 // kOatRelocationOutOfDate. If they don't contain compiled code, the read
421 // barrier state doesn't matter.
422 const bool is_cc = file.GetOatHeader().IsConcurrentCopying();
423 constexpr bool kRuntimeIsCC = kUseReadBarrier;
424 if (is_cc != kRuntimeIsCC) {
425 return kOatCannotOpen;
426 }
427
428 // Verify the dex checksum.
429 std::string error_msg;
430 VdexFile* vdex = file.GetVdexFile();
431 if (!DexChecksumUpToDate(*vdex, &error_msg)) {
432 LOG(ERROR) << error_msg;
433 return kOatDexOutOfDate;
434 }
435
436 CompilerFilter::Filter current_compiler_filter = file.GetCompilerFilter();
437
438 // Verify the image checksum
439 if (file.IsBackedByVdexOnly()) {
440 VLOG(oat) << "Image checksum test skipped for vdex file " << file.GetLocation();
441 } else if (CompilerFilter::DependsOnImageChecksum(current_compiler_filter)) {
442 if (!ValidateBootClassPathChecksums(file)) {
443 VLOG(oat) << "Oat image checksum does not match image checksum.";
444 return kOatBootImageOutOfDate;
445 }
446 if (!ValidateApexVersions(file)) {
447 VLOG(oat) << "Apex versions do not match.";
448 return kOatBootImageOutOfDate;
449 }
450 } else {
451 VLOG(oat) << "Image checksum test skipped for compiler filter " << current_compiler_filter;
452 }
453
454 // zip_file_only_contains_uncompressed_dex_ is only set during fetching the dex checksums.
455 DCHECK(required_dex_checksums_attempted_);
456 if (only_load_trusted_executable_ &&
457 !LocationIsTrusted(file.GetLocation(), !Runtime::Current()->DenyArtApexDataFiles()) &&
458 file.ContainsDexCode() &&
459 zip_file_only_contains_uncompressed_dex_) {
460 LOG(ERROR) << "Not loading "
461 << dex_location_
462 << ": oat file has dex code, but APK has uncompressed dex code";
463 return kOatDexOutOfDate;
464 }
465
466 if (!ClassLoaderContextIsOkay(file)) {
467 return kOatContextOutOfDate;
468 }
469
470 return kOatUpToDate;
471 }
472
AnonymousDexVdexLocation(const std::vector<const DexFile::Header * > & headers,InstructionSet isa,std::string * dex_location,std::string * vdex_filename)473 bool OatFileAssistant::AnonymousDexVdexLocation(const std::vector<const DexFile::Header*>& headers,
474 InstructionSet isa,
475 /* out */ std::string* dex_location,
476 /* out */ std::string* vdex_filename) {
477 uint32_t checksum = adler32(0L, Z_NULL, 0);
478 for (const DexFile::Header* header : headers) {
479 checksum = adler32_combine(checksum,
480 header->checksum_,
481 header->file_size_ - DexFile::kNumNonChecksumBytes);
482 }
483
484 const std::string& data_dir = Runtime::Current()->GetProcessDataDirectory();
485 if (data_dir.empty() || Runtime::Current()->IsZygote()) {
486 *dex_location = StringPrintf("%s%u", kAnonymousDexPrefix, checksum);
487 return false;
488 }
489 *dex_location = StringPrintf("%s/%s%u.jar", data_dir.c_str(), kAnonymousDexPrefix, checksum);
490
491 std::string odex_filename;
492 std::string error_msg;
493 if (!DexLocationToOdexFilename(*dex_location, isa, &odex_filename, &error_msg)) {
494 LOG(WARNING) << "Could not get odex filename for " << *dex_location << ": " << error_msg;
495 return false;
496 }
497
498 *vdex_filename = GetVdexFilename(odex_filename);
499 return true;
500 }
501
IsAnonymousVdexBasename(const std::string & basename)502 bool OatFileAssistant::IsAnonymousVdexBasename(const std::string& basename) {
503 DCHECK(basename.find('/') == std::string::npos);
504 // `basename` must have format: <kAnonymousDexPrefix><checksum><kVdexExtension>
505 if (basename.size() < strlen(kAnonymousDexPrefix) + strlen(kVdexExtension) + 1 ||
506 !android::base::StartsWith(basename.c_str(), kAnonymousDexPrefix) ||
507 !android::base::EndsWith(basename, kVdexExtension)) {
508 return false;
509 }
510 // Check that all characters between the prefix and extension are decimal digits.
511 for (size_t i = strlen(kAnonymousDexPrefix); i < basename.size() - strlen(kVdexExtension); ++i) {
512 if (!std::isdigit(basename[i])) {
513 return false;
514 }
515 }
516 return true;
517 }
518
DexLocationToOdexFilename(const std::string & location,InstructionSet isa,std::string * odex_filename,std::string * error_msg)519 bool OatFileAssistant::DexLocationToOdexFilename(const std::string& location,
520 InstructionSet isa,
521 std::string* odex_filename,
522 std::string* error_msg) {
523 CHECK(odex_filename != nullptr);
524 CHECK(error_msg != nullptr);
525
526 // The odex file name is formed by replacing the dex_location extension with
527 // .odex and inserting an oat/<isa> directory. For example:
528 // location = /foo/bar/baz.jar
529 // odex_location = /foo/bar/oat/<isa>/baz.odex
530
531 // Find the directory portion of the dex location and add the oat/<isa>
532 // directory.
533 size_t pos = location.rfind('/');
534 if (pos == std::string::npos) {
535 *error_msg = "Dex location " + location + " has no directory.";
536 return false;
537 }
538 std::string dir = location.substr(0, pos+1);
539 // Add the oat directory.
540 dir += "oat";
541
542 // Add the isa directory
543 dir += "/" + std::string(GetInstructionSetString(isa));
544
545 // Get the base part of the file without the extension.
546 std::string file = location.substr(pos+1);
547 pos = file.rfind('.');
548 if (pos == std::string::npos) {
549 *error_msg = "Dex location " + location + " has no extension.";
550 return false;
551 }
552 std::string base = file.substr(0, pos);
553
554 *odex_filename = dir + "/" + base + ".odex";
555 return true;
556 }
557
DexLocationToOatFilename(const std::string & location,InstructionSet isa,std::string * oat_filename,std::string * error_msg)558 bool OatFileAssistant::DexLocationToOatFilename(const std::string& location,
559 InstructionSet isa,
560 std::string* oat_filename,
561 std::string* error_msg) {
562 CHECK(oat_filename != nullptr);
563 CHECK(error_msg != nullptr);
564
565 // Check if `location` could have an oat file in the ART APEX data directory. If so, and the
566 // file exists, use it.
567 const std::string apex_data_file = GetApexDataOdexFilename(location, isa);
568 if (!apex_data_file.empty() && !Runtime::Current()->DenyArtApexDataFiles()) {
569 if (OS::FileExists(apex_data_file.c_str(), /*check_file_type=*/true)) {
570 *oat_filename = apex_data_file;
571 return true;
572 } else if (errno != ENOENT) {
573 PLOG(ERROR) << "Could not check odex file " << apex_data_file;
574 }
575 }
576
577 // If ANDROID_DATA is not set, return false instead of aborting.
578 // This can occur for preopt when using a class loader context.
579 if (GetAndroidDataSafe(error_msg).empty()) {
580 *error_msg = "GetAndroidDataSafe failed: " + *error_msg;
581 return false;
582 }
583
584 std::string dalvik_cache;
585 bool have_android_data = false;
586 bool dalvik_cache_exists = false;
587 bool is_global_cache = false;
588 GetDalvikCache(GetInstructionSetString(isa),
589 /*create_if_absent=*/ true,
590 &dalvik_cache,
591 &have_android_data,
592 &dalvik_cache_exists,
593 &is_global_cache);
594 if (!dalvik_cache_exists) {
595 *error_msg = "Dalvik cache directory does not exist";
596 return false;
597 }
598
599 // TODO: The oat file assistant should be the definitive place for
600 // determining the oat file name from the dex location, not
601 // GetDalvikCacheFilename.
602 return GetDalvikCacheFilename(location.c_str(), dalvik_cache.c_str(), oat_filename, error_msg);
603 }
604
GetRequiredDexChecksums()605 const std::vector<uint32_t>* OatFileAssistant::GetRequiredDexChecksums() {
606 if (!required_dex_checksums_attempted_) {
607 required_dex_checksums_attempted_ = true;
608 required_dex_checksums_found_ = false;
609 cached_required_dex_checksums_.clear();
610 std::string error_msg;
611 const ArtDexFileLoader dex_file_loader;
612 std::vector<std::string> dex_locations_ignored;
613 if (dex_file_loader.GetMultiDexChecksums(dex_location_.c_str(),
614 &cached_required_dex_checksums_,
615 &dex_locations_ignored,
616 &error_msg,
617 zip_fd_,
618 &zip_file_only_contains_uncompressed_dex_)) {
619 required_dex_checksums_found_ = true;
620 has_original_dex_files_ = true;
621 } else {
622 // The only valid case here is for APKs without dex files.
623 required_dex_checksums_found_ = false;
624 has_original_dex_files_ = false;
625 VLOG(oat) << "Could not get required checksum: " << error_msg;
626 }
627 }
628 return required_dex_checksums_found_ ? &cached_required_dex_checksums_ : nullptr;
629 }
630
ValidateBootClassPathChecksums(const OatFile & oat_file)631 bool OatFileAssistant::ValidateBootClassPathChecksums(const OatFile& oat_file) {
632 // Get the checksums and the BCP from the oat file.
633 const char* oat_boot_class_path_checksums =
634 oat_file.GetOatHeader().GetStoreValueByKey(OatHeader::kBootClassPathChecksumsKey);
635 const char* oat_boot_class_path =
636 oat_file.GetOatHeader().GetStoreValueByKey(OatHeader::kBootClassPathKey);
637 if (oat_boot_class_path_checksums == nullptr || oat_boot_class_path == nullptr) {
638 return false;
639 }
640 std::string_view oat_boot_class_path_checksums_view(oat_boot_class_path_checksums);
641 std::string_view oat_boot_class_path_view(oat_boot_class_path);
642 if (oat_boot_class_path_view == cached_boot_class_path_ &&
643 oat_boot_class_path_checksums_view == cached_boot_class_path_checksums_) {
644 return true;
645 }
646
647 Runtime* runtime = Runtime::Current();
648 std::string error_msg;
649 bool result = false;
650 // Fast path when the runtime boot classpath cheksums and boot classpath
651 // locations directly match.
652 if (oat_boot_class_path_checksums_view == runtime->GetBootClassPathChecksums() &&
653 isa_ == kRuntimeISA &&
654 oat_boot_class_path_view == android::base::Join(runtime->GetBootClassPathLocations(), ":")) {
655 result = true;
656 } else {
657 result = gc::space::ImageSpace::VerifyBootClassPathChecksums(
658 oat_boot_class_path_checksums_view,
659 oat_boot_class_path_view,
660 runtime->GetImageLocation(),
661 ArrayRef<const std::string>(runtime->GetBootClassPathLocations()),
662 ArrayRef<const std::string>(runtime->GetBootClassPath()),
663 isa_,
664 &error_msg);
665 }
666 if (!result) {
667 VLOG(oat) << "Failed to verify checksums of oat file " << oat_file.GetLocation()
668 << " error: " << error_msg;
669 return false;
670 }
671
672 // This checksum has been validated, so save it.
673 cached_boot_class_path_ = oat_boot_class_path_view;
674 cached_boot_class_path_checksums_ = oat_boot_class_path_checksums_view;
675 return true;
676 }
677
GetBestInfo()678 OatFileAssistant::OatFileInfo& OatFileAssistant::GetBestInfo() {
679 ScopedTrace trace("GetBestInfo");
680 // TODO(calin): Document the side effects of class loading when
681 // running dalvikvm command line.
682 if (dex_parent_writable_ || UseFdToReadFiles()) {
683 // If the parent of the dex file is writable it means that we can
684 // create the odex file. In this case we unconditionally pick the odex
685 // as the best oat file. This corresponds to the regular use case when
686 // apps gets installed or when they load private, secondary dex file.
687 // For apps on the system partition the odex location will not be
688 // writable and thus the oat location might be more up to date.
689
690 // If the odex is not useable, and we have a useable vdex, return the vdex
691 // instead.
692 if (!odex_.IsUseable() && vdex_for_odex_.IsUseable()) {
693 return vdex_for_odex_;
694 }
695 return odex_;
696 }
697
698 // We cannot write to the odex location. This must be a system app.
699
700 // If the oat location is useable take it.
701 if (oat_.IsUseable()) {
702 return oat_;
703 }
704
705 // The oat file is not useable but the odex file might be up to date.
706 // This is an indication that we are dealing with an up to date prebuilt
707 // (that doesn't need relocation).
708 if (odex_.IsUseable()) {
709 return odex_;
710 }
711
712 // Look for a useable vdex file.
713 if (vdex_for_oat_.IsUseable()) {
714 return vdex_for_oat_;
715 }
716 if (vdex_for_odex_.IsUseable()) {
717 return vdex_for_odex_;
718 }
719
720 // We got into the worst situation here:
721 // - the oat location is not useable
722 // - the prebuild odex location is not up to date
723 // - the vdex-only file is not useable
724 // - and we don't have the original dex file anymore (stripped).
725 // Pick the odex if it exists, or the oat if not.
726 return (odex_.Status() == kOatCannotOpen) ? oat_ : odex_;
727 }
728
OpenImageSpace(const OatFile * oat_file)729 std::unique_ptr<gc::space::ImageSpace> OatFileAssistant::OpenImageSpace(const OatFile* oat_file) {
730 DCHECK(oat_file != nullptr);
731 std::string art_file = ReplaceFileExtension(oat_file->GetLocation(), "art");
732 if (art_file.empty()) {
733 return nullptr;
734 }
735 std::string error_msg;
736 ScopedObjectAccess soa(Thread::Current());
737 std::unique_ptr<gc::space::ImageSpace> ret =
738 gc::space::ImageSpace::CreateFromAppImage(art_file.c_str(), oat_file, &error_msg);
739 if (ret == nullptr && (VLOG_IS_ON(image) || OS::FileExists(art_file.c_str()))) {
740 LOG(INFO) << "Failed to open app image " << art_file.c_str() << " " << error_msg;
741 }
742 return ret;
743 }
744
OatFileInfo(OatFileAssistant * oat_file_assistant,bool is_oat_location)745 OatFileAssistant::OatFileInfo::OatFileInfo(OatFileAssistant* oat_file_assistant,
746 bool is_oat_location)
747 : oat_file_assistant_(oat_file_assistant), is_oat_location_(is_oat_location)
748 {}
749
IsOatLocation()750 bool OatFileAssistant::OatFileInfo::IsOatLocation() {
751 return is_oat_location_;
752 }
753
Filename()754 const std::string* OatFileAssistant::OatFileInfo::Filename() {
755 return filename_provided_ ? &filename_ : nullptr;
756 }
757
IsUseable()758 bool OatFileAssistant::OatFileInfo::IsUseable() {
759 ScopedTrace trace("IsUseable");
760 switch (Status()) {
761 case kOatCannotOpen:
762 case kOatDexOutOfDate:
763 case kOatContextOutOfDate:
764 case kOatBootImageOutOfDate: return false;
765
766 case kOatUpToDate: return true;
767 }
768 UNREACHABLE();
769 }
770
Status()771 OatFileAssistant::OatStatus OatFileAssistant::OatFileInfo::Status() {
772 ScopedTrace trace("Status");
773 if (!status_attempted_) {
774 status_attempted_ = true;
775 const OatFile* file = GetFile();
776 if (file == nullptr) {
777 status_ = kOatCannotOpen;
778 } else {
779 status_ = oat_file_assistant_->GivenOatFileStatus(*file);
780 VLOG(oat) << file->GetLocation() << " is " << status_
781 << " with filter " << file->GetCompilerFilter();
782 }
783 }
784 return status_;
785 }
786
GetDexOptNeeded(CompilerFilter::Filter target,bool profile_changed,bool downgrade)787 OatFileAssistant::DexOptNeeded OatFileAssistant::OatFileInfo::GetDexOptNeeded(
788 CompilerFilter::Filter target,
789 bool profile_changed,
790 bool downgrade) {
791
792 if (IsUseable()) {
793 return CompilerFilterIsOkay(target, profile_changed, downgrade)
794 ? kNoDexOptNeeded
795 : kDex2OatForFilter;
796 }
797
798 if (Status() == kOatBootImageOutOfDate) {
799 return kDex2OatForBootImage;
800 }
801
802 if (oat_file_assistant_->HasDexFiles()) {
803 return kDex2OatFromScratch;
804 } else {
805 // No dex file, there is nothing we need to do.
806 return kNoDexOptNeeded;
807 }
808 }
809
GetFile()810 const OatFile* OatFileAssistant::OatFileInfo::GetFile() {
811 CHECK(!file_released_) << "GetFile called after oat file released.";
812 if (load_attempted_) {
813 return file_.get();
814 }
815 load_attempted_ = true;
816 if (!filename_provided_) {
817 return nullptr;
818 }
819
820 if (LocationIsOnArtApexData(filename_) && Runtime::Current()->DenyArtApexDataFiles()) {
821 LOG(WARNING) << "OatFileAssistant rejected file " << filename_
822 << ": ART apexdata is untrusted.";
823 return nullptr;
824 }
825
826 std::string error_msg;
827 bool executable = oat_file_assistant_->load_executable_;
828 if (android::base::EndsWith(filename_, kVdexExtension)) {
829 executable = false;
830 // Check to see if there is a vdex file we can make use of.
831 std::unique_ptr<VdexFile> vdex;
832 if (use_fd_) {
833 if (vdex_fd_ >= 0) {
834 struct stat s;
835 int rc = TEMP_FAILURE_RETRY(fstat(vdex_fd_, &s));
836 if (rc == -1) {
837 error_msg = StringPrintf("Failed getting length of the vdex file %s.", strerror(errno));
838 } else {
839 vdex = VdexFile::Open(vdex_fd_,
840 s.st_size,
841 filename_,
842 /*writable=*/ false,
843 /*low_4gb=*/ false,
844 /*unquicken=*/ false,
845 &error_msg);
846 }
847 }
848 } else {
849 vdex = VdexFile::Open(filename_,
850 /*writable=*/ false,
851 /*low_4gb=*/ false,
852 /*unquicken=*/ false,
853 &error_msg);
854 }
855 if (vdex == nullptr) {
856 VLOG(oat) << "unable to open vdex file " << filename_ << ": " << error_msg;
857 } else {
858 file_.reset(OatFile::OpenFromVdex(zip_fd_,
859 std::move(vdex),
860 oat_file_assistant_->dex_location_,
861 &error_msg));
862 }
863 } else {
864 if (executable && oat_file_assistant_->only_load_trusted_executable_) {
865 executable = LocationIsTrusted(filename_, /*trust_art_apex_data_files=*/ true);
866 }
867 VLOG(oat) << "Loading " << filename_ << " with executable: " << executable;
868 if (use_fd_) {
869 if (oat_fd_ >= 0 && vdex_fd_ >= 0) {
870 ArrayRef<const std::string> dex_locations(&oat_file_assistant_->dex_location_,
871 /*size=*/ 1u);
872 file_.reset(OatFile::Open(zip_fd_,
873 vdex_fd_,
874 oat_fd_,
875 filename_.c_str(),
876 executable,
877 /*low_4gb=*/ false,
878 dex_locations,
879 /*reservation=*/ nullptr,
880 &error_msg));
881 }
882 } else {
883 file_.reset(OatFile::Open(/*zip_fd=*/ -1,
884 filename_.c_str(),
885 filename_.c_str(),
886 executable,
887 /*low_4gb=*/ false,
888 oat_file_assistant_->dex_location_,
889 &error_msg));
890 }
891 }
892 if (file_.get() == nullptr) {
893 VLOG(oat) << "OatFileAssistant test for existing oat file "
894 << filename_
895 << ": " << error_msg;
896 } else {
897 VLOG(oat) << "Successfully loaded " << filename_ << " with executable: " << executable;
898 }
899 return file_.get();
900 }
901
CompilerFilterIsOkay(CompilerFilter::Filter target,bool profile_changed,bool downgrade)902 bool OatFileAssistant::OatFileInfo::CompilerFilterIsOkay(
903 CompilerFilter::Filter target, bool profile_changed, bool downgrade) {
904 const OatFile* file = GetFile();
905 if (file == nullptr) {
906 return false;
907 }
908
909 CompilerFilter::Filter current = file->GetCompilerFilter();
910 if (profile_changed && CompilerFilter::DependsOnProfile(current)) {
911 VLOG(oat) << "Compiler filter not okay because Profile changed";
912 return false;
913 }
914 return downgrade ? !CompilerFilter::IsBetter(current, target) :
915 CompilerFilter::IsAsGoodAs(current, target);
916 }
917
ClassLoaderContextIsOkay(const OatFile & oat_file) const918 bool OatFileAssistant::ClassLoaderContextIsOkay(const OatFile& oat_file) const {
919 if (oat_file.IsBackedByVdexOnly()) {
920 // Only a vdex file, we don't depend on the class loader context.
921 return true;
922 }
923
924 if (!CompilerFilter::IsVerificationEnabled(oat_file.GetCompilerFilter())) {
925 // If verification is not enabled we don't need to verify the class loader context and we
926 // assume it's ok.
927 return true;
928 }
929
930 if (context_ == nullptr) {
931 // When no class loader context is provided (which happens for deprecated
932 // DexFile APIs), just assume it is OK.
933 return true;
934 }
935
936 ClassLoaderContext::VerificationResult matches = context_->VerifyClassLoaderContextMatch(
937 oat_file.GetClassLoaderContext(),
938 /*verify_names=*/ true,
939 /*verify_checksums=*/ true);
940 if (matches == ClassLoaderContext::VerificationResult::kMismatch) {
941 VLOG(oat) << "ClassLoaderContext check failed. Context was "
942 << oat_file.GetClassLoaderContext()
943 << ". The expected context is "
944 << context_->EncodeContextForOatFile(android::base::Dirname(dex_location_));
945 return false;
946 }
947 return true;
948 }
949
IsExecutable()950 bool OatFileAssistant::OatFileInfo::IsExecutable() {
951 const OatFile* file = GetFile();
952 return (file != nullptr && file->IsExecutable());
953 }
954
Reset()955 void OatFileAssistant::OatFileInfo::Reset() {
956 load_attempted_ = false;
957 file_.reset();
958 status_attempted_ = false;
959 }
960
Reset(const std::string & filename,bool use_fd,int zip_fd,int vdex_fd,int oat_fd)961 void OatFileAssistant::OatFileInfo::Reset(const std::string& filename,
962 bool use_fd,
963 int zip_fd,
964 int vdex_fd,
965 int oat_fd) {
966 filename_provided_ = true;
967 filename_ = filename;
968 use_fd_ = use_fd;
969 zip_fd_ = zip_fd;
970 vdex_fd_ = vdex_fd;
971 oat_fd_ = oat_fd;
972 Reset();
973 }
974
ReleaseFile()975 std::unique_ptr<OatFile> OatFileAssistant::OatFileInfo::ReleaseFile() {
976 file_released_ = true;
977 return std::move(file_);
978 }
979
ReleaseFileForUse()980 std::unique_ptr<OatFile> OatFileAssistant::OatFileInfo::ReleaseFileForUse() {
981 ScopedTrace trace("ReleaseFileForUse");
982 if (Status() == kOatUpToDate) {
983 return ReleaseFile();
984 }
985
986 return std::unique_ptr<OatFile>();
987 }
988
989 // TODO(calin): we could provide a more refined status here
990 // (e.g. run from uncompressed apk, run with vdex but not oat etc). It will allow us to
991 // track more experiments but adds extra complexity.
GetOptimizationStatus(const std::string & filename,InstructionSet isa,std::string * out_compilation_filter,std::string * out_compilation_reason)992 void OatFileAssistant::GetOptimizationStatus(
993 const std::string& filename,
994 InstructionSet isa,
995 std::string* out_compilation_filter,
996 std::string* out_compilation_reason) {
997 // It may not be possible to load an oat file executable (e.g., selinux restrictions). Load
998 // non-executable and check the status manually.
999 OatFileAssistant oat_file_assistant(filename.c_str(),
1000 isa,
1001 /* context= */ nullptr,
1002 /*load_executable=*/ false);
1003 std::string out_odex_location; // unused
1004 std::string out_odex_status; // unused
1005 oat_file_assistant.GetOptimizationStatus(
1006 &out_odex_location,
1007 out_compilation_filter,
1008 out_compilation_reason,
1009 &out_odex_status);
1010 }
1011
GetOptimizationStatus(std::string * out_odex_location,std::string * out_compilation_filter,std::string * out_compilation_reason,std::string * out_odex_status)1012 void OatFileAssistant::GetOptimizationStatus(
1013 std::string* out_odex_location,
1014 std::string* out_compilation_filter,
1015 std::string* out_compilation_reason,
1016 std::string* out_odex_status) {
1017 OatFileInfo& oat_file_info = GetBestInfo();
1018 const OatFile* oat_file = GetBestInfo().GetFile();
1019
1020 if (oat_file == nullptr) {
1021 *out_odex_location = "error";
1022 *out_compilation_filter = "run-from-apk";
1023 *out_compilation_reason = "unknown";
1024 // This mostly happens when we cannot open the oat file.
1025 // Note that it's different than kOatCannotOpen.
1026 // TODO: The design of getting the BestInfo is not ideal,
1027 // as it's not very clear what's the difference between
1028 // a nullptr and kOatcannotOpen. The logic should be revised
1029 // and improved.
1030 *out_odex_status = "io-error-no-oat";
1031 return;
1032 }
1033
1034 *out_odex_location = oat_file->GetLocation();
1035 OatStatus status = oat_file_info.Status();
1036 const char* reason = oat_file->GetCompilationReason();
1037 *out_compilation_reason = reason == nullptr ? "unknown" : reason;
1038 switch (status) {
1039 case kOatUpToDate:
1040 *out_compilation_filter = CompilerFilter::NameOfFilter(oat_file->GetCompilerFilter());
1041 *out_odex_status = "up-to-date";
1042 return;
1043
1044 case kOatCannotOpen: // This should never happen, but be robust.
1045 *out_compilation_filter = "error";
1046 *out_compilation_reason = "error";
1047 // This mostly happens when we cannot open the vdex file,
1048 // or the file is corrupt.
1049 *out_odex_status = "io-error-or-corruption";
1050 return;
1051
1052 case kOatBootImageOutOfDate:
1053 *out_compilation_filter = "run-from-apk-fallback";
1054 *out_odex_status = "boot-image-more-recent";
1055 return;
1056
1057 case kOatContextOutOfDate:
1058 *out_compilation_filter = "run-from-apk-fallback";
1059 *out_odex_status = "context-mismatch";
1060 return;
1061
1062 case kOatDexOutOfDate:
1063 *out_compilation_filter = "run-from-apk-fallback";
1064 *out_odex_status = "apk-more-recent";
1065 return;
1066 }
1067 LOG(FATAL) << "Unreachable";
1068 UNREACHABLE();
1069 }
1070
1071 } // namespace art
1072