1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef ART_RUNTIME_SDK_CHECKER_H_ 18 #define ART_RUNTIME_SDK_CHECKER_H_ 19 20 #include "art_field.h" 21 #include "art_method.h" 22 #include "base/locks.h" 23 #include "dex/dex_file.h" 24 25 namespace art { 26 27 /** 28 * The SdkChecker verifies if a given symbol is present in a given classpath. 29 * 30 * For convenience and future extensibility the classpath is given as set of 31 * dex files, simillar to a regular classpath the APKs use. 32 * 33 * The symbol (method, field, class) is checked based on its descriptor and not 34 * according the any access check semantic. 35 * 36 * This class is intended to be used during off-device AOT verification when 37 * only some predefined symbols should be resolved (e.g. belonging to some public 38 * API classpath). 39 */ 40 class SdkChecker { 41 public: 42 // Constructs and SDK Checker from the given public sdk paths. The public_sdk 43 // format is the same as the classpath format (e.g. `dex1:dex2:dex3`). The 44 // method will attempt to open the dex files and if there are errors it will 45 // return a nullptr and set the error_msg appropriately. 46 static SdkChecker* Create(const std::string& public_sdk, std::string* error_msg); 47 48 // Verify if it should deny access to the given methods. 49 // The decision is based on whether or not any of the API dex files declares a method 50 // with the same signature. 51 // 52 // NOTE: This is an expensive check as it searches the dex files for the necessary type 53 // and string ids. This is OK because the functionality here is indended to be used 54 // only in AOT verification. 55 bool ShouldDenyAccess(ArtMethod* art_method) const REQUIRES_SHARED(Locks::mutator_lock_); 56 57 // Similar to ShouldDenyAccess(ArtMethod* art_method). 58 bool ShouldDenyAccess(ArtField* art_field) const REQUIRES_SHARED(Locks::mutator_lock_); 59 60 // Similar to ShouldDenyAccess(ArtMethod* art_method). 61 bool ShouldDenyAccess(const char* type_descriptor) const; 62 63 // Enabled/Disable the checks. SetEnabled(bool enabled)64 void SetEnabled(bool enabled) { enabled_ = enabled; } 65 66 private: 67 SdkChecker(); 68 69 std::vector<std::unique_ptr<const DexFile>> sdk_dex_files_; 70 71 bool enabled_; 72 }; 73 74 } // namespace art 75 76 #endif // ART_RUNTIME_SDK_CHECKER_H_ 77