1 /*
2 * Copyright (C) 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "sdk_checker.h"
18
19 #include "art_method-inl.h"
20 #include "base/utils.h"
21 #include "dex/art_dex_file_loader.h"
22 #include "mirror/class-inl.h"
23
24 namespace art {
25
SdkChecker()26 SdkChecker::SdkChecker() : enabled_(true) {}
27
Create(const std::string & public_sdk,std::string * error_msg)28 SdkChecker* SdkChecker::Create(
29 const std::string& public_sdk, std::string* error_msg) {
30 std::vector<std::string> dex_file_paths;
31 Split(public_sdk, ':', &dex_file_paths);
32
33 ArtDexFileLoader dex_loader;
34
35 std::unique_ptr<SdkChecker> sdk_checker(new SdkChecker());
36 for (const std::string& path : dex_file_paths) {
37 if (!dex_loader.Open(path.c_str(),
38 path,
39 /*verify=*/ true,
40 /*verify_checksum*/ false,
41 error_msg,
42 &sdk_checker->sdk_dex_files_)) {
43 return nullptr;
44 }
45 }
46 return sdk_checker.release();
47 }
48
ShouldDenyAccess(ArtMethod * art_method) const49 bool SdkChecker::ShouldDenyAccess(ArtMethod* art_method) const {
50 if (!enabled_) {
51 return false;
52 }
53
54 bool found = false;
55 for (const std::unique_ptr<const DexFile>& dex_file : sdk_dex_files_) {
56 const dex::TypeId* declaring_type_id =
57 dex_file->FindTypeId(art_method->GetDeclaringClassDescriptor());
58 if (declaring_type_id == nullptr) {
59 continue;
60 }
61 const dex::StringId* name_id = dex_file->FindStringId(art_method->GetName());
62 if (name_id == nullptr) {
63 continue;
64 }
65
66 dex::TypeIndex return_type_idx;
67 std::vector<dex::TypeIndex> param_type_idxs;
68 if (!dex_file->CreateTypeList(
69 art_method->GetSignature().ToString().c_str(),
70 &return_type_idx,
71 ¶m_type_idxs)) {
72 continue;
73 }
74 const dex::ProtoId* proto_id = dex_file->FindProtoId(return_type_idx, param_type_idxs);
75 if (proto_id == nullptr) {
76 continue;
77 }
78
79 const dex::MethodId* method_id =
80 dex_file->FindMethodId(*declaring_type_id, *name_id, *proto_id);
81 if (method_id != nullptr) {
82 found = true;
83 break;
84 }
85 }
86
87 if (!found) {
88 VLOG(verifier) << "Deny for " << art_method->PrettyMethod(true);
89 }
90
91 // Deny access if we didn't find the descriptor in the public api dex files.
92 return !found;
93 }
94
ShouldDenyAccess(ArtField * art_field) const95 bool SdkChecker::ShouldDenyAccess(ArtField* art_field) const {
96 if (!enabled_) {
97 return false;
98 }
99
100 bool found = false;
101 for (const std::unique_ptr<const DexFile>& dex_file : sdk_dex_files_) {
102 std::string declaring_class;
103
104 const dex::TypeId* declaring_type_id = dex_file->FindTypeId(
105 art_field->GetDeclaringClass()->GetDescriptor(&declaring_class));
106 if (declaring_type_id == nullptr) {
107 continue;
108 }
109 const dex::StringId* name_id = dex_file->FindStringId(art_field->GetName());
110 if (name_id == nullptr) {
111 continue;
112 }
113 const dex::TypeId* type_id = dex_file->FindTypeId(art_field->GetTypeDescriptor());
114 if (type_id == nullptr) {
115 continue;
116 }
117
118 const dex::FieldId* field_id = dex_file->FindFieldId(*declaring_type_id, *name_id, *type_id);
119 if (field_id != nullptr) {
120 found = true;
121 break;
122 }
123 }
124
125 if (!found) {
126 VLOG(verifier) << "Deny for " << ArtField::PrettyField(art_field, true);
127 }
128
129 // Deny access if we didn't find the descriptor in the public api dex files.
130 return !found;
131 }
132
ShouldDenyAccess(const char * descriptor) const133 bool SdkChecker::ShouldDenyAccess(const char* descriptor) const {
134 if (!enabled_) {
135 return false;
136 }
137
138 bool found = false;
139 for (const std::unique_ptr<const DexFile>& dex_file : sdk_dex_files_) {
140 const dex::TypeId* type_id = dex_file->FindTypeId(descriptor);
141 if (type_id != nullptr) {
142 dex::TypeIndex type_idx = dex_file->GetIndexForTypeId(*type_id);
143 if (dex_file->FindClassDef(type_idx) != nullptr) {
144 found = true;
145 break;
146 }
147 }
148 }
149
150 if (!found) {
151 VLOG(verifier) << "Deny for " << descriptor;
152 }
153
154 // Deny access if we didn't find the descriptor in the public api dex files.
155 return !found;
156 }
157
158 } // namespace art
159