)]}' { "log": [ { "commit": "a2d2bc2ed74e35c46b7c6aa5172c652f63679fa3", "tree": "4964fce11a9c49086b46aaf08be75f3262462b3d", "parents": [ "4ee4561f2153f3b0bc3be2e781488a97c73ca58e" ], "author": { "name": "Andrei Onea", "email": "andreionea@google.com", "time": "Fri Jan 25 16:18:53 2019 +0000" }, "committer": { "name": "Andrei-Valentin Onea", "email": "andreionea@google.com", "time": "Wed Jan 30 10:24:00 2019 +0000" }, "message": "Replace libmetricslogger logging with up-call to Java for hidden api\n\nUse VMRuntime.hiddenApiUsedWith{JNI,Reflection} instead of depending on\nlibmetricslogger\n\nTopic: hidden-api-reporting-upcall\nTest: m\nBug: 119217680\nChange-Id: Ifaf0b0e4ae271f6fcd37e8d7cf917a3b81d8ddae\nMerged-In: I3292f1d20cc8635391cddc3ba60d4a80b578fa82\n" }, { "commit": "e7681823f8259c8c04ce0c361746216606784e69", "tree": "8bd248fc6be126d7d4e55bb4072ed24b2851ebbd", "parents": [ "90faceb71e25748172ba6369209f8a2a66735394" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Fri Dec 14 16:25:33 2018 +0000" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Mon Jan 21 10:22:27 2019 +0000" }, "message": "hiddenapi: Print warnings for @CorePlatformApi violations\n\nWhen accessing a method/field at runtime, determine the context of both\nthe caller and the callee, and add new logic for the case\n\"platform -\u003e core-platform\" which used to be always allowed.\n\nIf the callee is marked with kAccCorePlatformApi, access is allowed.\nIf not, a warning is printed into logcat.\n\nBug: 119068555\nTest: 674-hiddenapi\nChange-Id: I64839596bf6eb06d7a169fd59b18fd82c140ce6e\n" }, { "commit": "90faceb71e25748172ba6369209f8a2a66735394", "tree": "64707bbd718b29de9a19c01b12b0cc872685bb13", "parents": [ "62a4bcf3fe11e6800f5d451b41003c135358ed6a" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Fri Dec 14 14:36:15 2018 +0000" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Mon Jan 21 09:48:59 2019 +0000" }, "message": "hiddenapi: Support \u0027core-platform-api\u0027 flag\n\nAdd support for parsing @CorePlatformApi stubs and encoding it in\nhiddenapi dex flags of the corresponding fields/methods.\n\n(1) The CL refactors hiddenapi::ApiList class to store a second value:\na bit vector of \"domain API\" flags. These are intended for encoding\nmembership in a set of API stubs only available to certain callers,\ne.g. @CorePlatformApi when platform code calls core platform or\n@TestApi for CTS tests.\n\n(2) Parse @CorePlatformApi stubs and set domain flags for its members.\n\n(3) Parse the flags at runtime and set kAccCorePlatformApi access flag\non the corresponding ArtField/ArtMethod objects.\n\nBug: 119068555\nTest: m appcompat\nTest: dexlayout -b \u003ccore-oj jar\u003e | grep \u0027CORE-PLATFORM-API\u0027\nChange-Id: Idbfa6d3af7459258a5a0b6da7c03c037a577eb75\n" }, { "commit": "c5a96e4a8ea9f78135c5cd3df7e1fc965104182e", "tree": "662506a68d056c382f6882b65bb28dd3f09366d7", "parents": [ "5d938ef154f504ada9c8fc9c9361fe69aabbe8b9" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Wed Jan 09 10:04:45 2019 +0000" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Wed Jan 09 10:04:45 2019 +0000" }, "message": "Do not enter hidden API slow path when policy\u003d\u003dDisabled\n\nAfter a recent refactor the hidden API access check logic would enter\nslow path when the enforcement policy is set to kDisabled. This did\nnot affect correctness but could have a performance impact. Moreover,\na debuggable process would see logcat warnings printed for every such\naccess despite it being granted. This caused occasional logcat buffer\noverflows in killswitch CTS tests and their resulting flakiness.\n\nThe patch exits from ShouldDenyAccessToMember early if policy is\nkDisabled and adds a DCHECK in ShouldDenyAccessToMemberImpl to assert\nslow path is not entered under the policy.\n\nTest: m test-art-host-gtest-hidden_api_test\nChange-Id: I217d9914d2645af11ce84c03a0ed778a82bc760f\n" }, { "commit": "3f1dcd39e134d994ac88dcc4f30ec8cabcd8decf", "tree": "365d20ad6b68ff1dbd4903764b63880324136e4d", "parents": [ "0f0a4e40667c87fbd4ae5480eddbfd701bfabfa2" ], "author": { "name": "Andreas Gampe", "email": "agampe@google.com", "time": "Fri Dec 28 09:39:56 2018 -0800" }, "committer": { "name": "Andreas Gampe", "email": "agampe@google.com", "time": "Wed Jan 02 10:32:25 2019 -0800" }, "message": "ART: Move dex structs into own header\n\nSeparating out the structs from DexFile allows them to be forward-\ndeclared, which reduces the need to include the dex_file header.\n\nBug: 119869270\nTest: m\nChange-Id: I32dde5a632884bca7435cd584b4a81883de2e7b4\n" }, { "commit": "1a6586327d9de6374f9e7ca98d071f2943b03c99", "tree": "1d118af8f32855ef0036080d5e8a560f14e5e482", "parents": [ "d378a567a435a80be9ab7eb8bfe0359c1240c0ff" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Sat Dec 01 17:54:26 2018 +0000" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Mon Dec 03 20:19:40 2018 +0000" }, "message": "Keep pointer to original DexFile during JVMTI redefine for hiddenapi\n\nJVMTI redefine overwrites the pointer to the class\u0027 DexFile which\nprevents access checks from reading the hiddenapi flags store. Store\nthe pointer in ClassExt together with the original ClassDef index\nto preserve the access to flags store. Because method/field indices\nare still lost, the corresponding dex member is found using string\ncomparison of member\u0027s name and type.\n\nBug: 119688837\nTest: 999-redefine-hiddenapi\nChange-Id: Ifdf35668e838869a971233bbaae61851014658b1\n" }, { "commit": "813a86307e1f3437ed9d17aeea2c5c6ffcda5c67", "tree": "6ab0118464a3f721dc967d52a9607a96ce6e4188", "parents": [ "7e09737125ddb8c6f243ac1882d2a23da3f109c4" ], "author": { "name": "Vladimir Marko", "email": "vmarko@google.com", "time": "Thu Nov 29 16:17:01 2018 +0000" }, "committer": { "name": "Vladimir Marko", "email": "vmarko@google.com", "time": "Thu Nov 29 17:54:54 2018 +0000" }, "message": "Use ArtMethod::GetDex{File,Cache}() more.\n\nDo not go through the declaring class when it can cause\na DexFile or DexCache mismatch for obsolete methods.\n\nAlso fix similar potential mismatch in hiddenapi.\n\nThis is a follow-up to\n https://android-review.googlesource.com/834082 ,\n https://android-review.googlesource.com/836008 .\n\nTest: m test-art-host-gtest\nTest: testrunner.py --host --optimizing\nBug: 119830111\nChange-Id: I3fdf1aa1bc7bab816d5d8034b107506a32438b77\n" }, { "commit": "dcfa89bfc06a6c211bbb64fa81313eaf6454ab67", "tree": "4aaf6da88861029e387525957bf68796cf95648c", "parents": [ "fd667d4165aefe51010e4fe3bd81b820ed9884ef" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Wed Oct 31 11:04:10 2018 +0000" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu Nov 22 12:49:26 2018 +0000" }, "message": "Rename and reorganize hiddenapi::ApiList\n\nChange values of ApiList flags to make them easier to extend in the\nfuture and unify naming across all components. Light greylist is now\njust \"Greylist\", dark greylist becomes \"GreylistMaxO\".\n\nNote that the version code in \"GreylistMaxO\" must also include any\nmaintenance releases, i.e. entries on \"GreylistMaxO\" are accessible\nto apps with targetSdkVersion\u003c\u003d27 (O MR1).\n\nTest: m, phone boots\nTest: m test-art\nChange-Id: I9622e0646eb265008a8bb2652270876ae95dac84\n" }, { "commit": "2bb2fbd2879d0a6d9ebf7acff817079dde89b417", "tree": "d607aa6bfb2ea55fbfd875237b37c79f3cfed5f6", "parents": [ "85865697ff9fabede3d64ff64cde72727c3fc4c1" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue Nov 13 18:24:26 2018 +0000" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Fri Nov 16 11:11:20 2018 +0000" }, "message": "Create SdkVersion enum, migrate users to it\n\nCreates a new SdkVersion enum with integer codes of known\nAndroid SDK versions, together with helper functions for common\npredicates. Also converts target_sdk_version_ in Runtime to\nuint32_t and cleans up its uses.\n\nTest: m test-art\nChange-Id: Idc6e518c8675068bf952d0256686c88bb0eb833e\n" }, { "commit": "85865697ff9fabede3d64ff64cde72727c3fc4c1", "tree": "0c67639c4c286149fa3f06f5f412683e39014790", "parents": [ "b321ac28f726a7ed41f277382d85702ffdfbe00f" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue Oct 30 17:26:20 2018 +0000" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Fri Nov 16 11:11:20 2018 +0000" }, "message": "Runtime flags only for fast/slow hiddenapi path\n\nWith more flags being supported in the dex file, stop copying all of\nthem into ArtField/ArtMethod access flags. Instead, store the\ninformation needed to figure out whether to enter the slow path and\nretrieve full access flags from dex or not.\n\nAt the moment, the only runtime flag is kAccPublicApi assigned to all\nclass members on the whitelist.\n\nThe CL also moves hardcoded API membership of intrinsics out of\nArtMethod and into hidden_api.h, and moves ArtMethod::SetIntrinsic\ninto the .cc file.\n\nTest: m test-art\nChange-Id: Ia1cc05060dbc22341768161dfd8697c6158e803a\n" }, { "commit": "f50ac103426588d9f7c014ef2d2b9c766f8dc25e", "tree": "bac6537c3cd63cc382e24d9b94f0eb64f18ab0a4", "parents": [ "b56e8353020acda1a8285daa11c69f57060cd015" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Wed Oct 17 18:00:06 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Wed Nov 14 16:49:40 2018 +0000" }, "message": "Simplify hidden_api.h logic\n\nRefactor GetMemberAction to return a boolean whether access to a class\nmember should be denied. This also moves StrictMode consumer\nnotification into hidden_api.cc and removes notifications for toasts.\nTests are changed accordingly.\n\nTest: phone boots\nTest: m test-art\nMerged-In: I02902143de0ff91d402ba79c83f28226b1822a6f\nChange-Id: I02902143de0ff91d402ba79c83f28226b1822a6f\n(cherry picked from commit 51995f90adaa0e5047dee56d22f15e4225e70517)\n" }, { "commit": "47cd272d15f41109b3dacb21cfa509d18a03e011", "tree": "f2693adde283631362b3acc2c573d7280632621f", "parents": [ "6e32b0059b4c3073c601018da3ca315ad568525a" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue Oct 23 12:50:02 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue Oct 30 11:04:29 2018 +0000" }, "message": "Remove HiddenApiAccessFlags, move content to hiddenapi::\n\nHiddenapi code in runtime/ has all code in the hiddenapi:: namespace\ninstead of using a class as a wrapper. Refactor HiddenApiAccessFlags\nfor consistency. Also turn ApiList into `enum class` for stricter\ntype checks.\n\nTest: m test-art\nChange-Id: Ifb3c443ea43860476abd4fd3d4934cd14e2cdcc1\n" }, { "commit": "c89b44876fbfeb1dc78cf743ded283e2728f58cb", "tree": "7197ce5329b9e1d9d8776abbd768d28587211d91", "parents": [ "98765da6b70d01b8c297e38b76a79502898ef4a6", "ccd3ba9b9038bf0d324310642c19d6d2c70a765d" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Fri May 18 01:40:06 2018 -0700" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Fri May 18 01:40:06 2018 -0700" }, "message": "Merge \"Hidden API: only log what we deny.\" into pi-dev\nam: ccd3ba9b90\n\nChange-Id: I0d1c10cc7f4e3df95a261f370c8951d40c35bfd4\n" }, { "commit": "015a7ec45bf874891ae57e972531aa5e72b489ae", "tree": "84e69c9f91cb83e348002ecdbca96ae6a7d1cfdf", "parents": [ "d527438aea93e17572e7da9c6e90b4ae3686cac1" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed May 16 11:18:10 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu May 17 13:28:07 2018 +0000" }, "message": "Hidden API: only log what we deny.\n\nOnly print a \"Accessing hidden ...\" warning in logcat when we deny access\nto any API, or if the app is debuggable. This reduces log spam.\n\nUpdate test expectations accordingly.\n\nBug: 79914966\nTest: $ art/test.py -b --host -t 674-hiddenapi\nChange-Id: Ic6dfa0dd519a8854e3a40ba19c9a001c0c2a378b\n" }, { "commit": "b2086eeea9ed01ee72324ad1b6de7417b397d4c2", "tree": "375765b565ae9f5bb5066ed1df524484f910a2e6", "parents": [ "02ff38b8e61ff0e77ce3199b23025a1246233310", "8c52b12b46b77b976603d75870017ae38b6ed8a4" ], "author": { "name": "Nicolas Geoffray", "email": "ngeoffray@google.com", "time": "Tue May 15 01:40:05 2018 -0700" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Tue May 15 01:40:05 2018 -0700" }, "message": "Merge \"Conditionalize LocAccessToEvent on Android target build.\" am: a128781f9e\nam: 8c52b12b46\n\nChange-Id: I6b668cce57230b483cf34b76d55389a7220fe2b7\n" }, { "commit": "8a22907f0c98fc82ec18ef233d3363db8404aab9", "tree": "b2c5f59b16e3bbe5d88800c116a32b94416c4294", "parents": [ "9076eb66ad173933d7fbd5ce328d31c7f97fd202" ], "author": { "name": "Nicolas Geoffray", "email": "ngeoffray@google.com", "time": "Thu May 10 16:34:14 2018 +0100" }, "committer": { "name": "Nicolas Geoffray", "email": "ngeoffray@google.com", "time": "Mon May 14 17:51:26 2018 +0100" }, "message": "Conditionalize LocAccessToEvent on Android target build.\n\nbug: 64382372\nbug: 79671158\nTest: m\nChange-Id: Ida6d672e1d88d9662718257439762cb916b9c7a0\n" }, { "commit": "e9c3bbb6a76c49c30562f886c2e480762408a7ed", "tree": "7dd23d32e5413db5a00f44eabd53a32a00b2ca1b", "parents": [ "51dda39549033b3c50a7fce5522ffc81325db54b" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu May 03 11:30:01 2018 +0100" }, "committer": { "name": "Nicolas Geoffray", "email": "ngeoffray@google.com", "time": "Mon May 14 16:10:09 2018 +0100" }, "message": "Do not log \"None\" type API accesses.\n\nThey do not imply any actual access, so logging them just pollutes the\nlogs.\n\nBug: 77517571\nTest: m\nTest: $ adb lolcat -b events | grep sysui_multi_action\n\n(cherry picked from commit f59ca619ebd1d546b86a50503d02fc4b3a1e7868)\n\nChange-Id: I837030862e24a86f65a004763e32d680de4d2feb\n" }, { "commit": "1f9d3c3a11cd106246d814ac02b6dafd881f40ad", "tree": "13e8e39c02df0b610e505901ed6731ee49334ed9", "parents": [ "bb0454a067389a7a1370d2150bf59efd5aac20a1" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Wed May 02 16:53:06 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:32:55 2018 +0100" }, "message": "Fix hiddenapi::MemberSignature for proxies\n\nProxy classes are classes generated at runtime which implement\na given interface. Because they do not inherit the associated\ndex file form the interface(s), names/signatures of methods cannot\nbe requested directly, but rather through the original interface\nmethod. Calling getName() on a proxy mirror::Class also triggers\na DCHECK.\n\nThis patch will refer to the interface method when printing the\nsignature instead of the proxy method.\n\nThis fixes the warning printed for the proxy method, printing\neven the class name of the interface instead of the name of the\nproxy class. This is meant to provide useful info to the devloper.\n\nProxies do not define fields except for the synthetic \u0027interfaces\u0027\nand \u0027throws\u0027 fields. Their signatures remain unchanged.\n\nThis patch also continues to check the access flags of the proxy\nmethod for performance reasons. De-proxying the method would\nintroduce two new memory accesses into the fast path. That means\ndeduplication of warnings remains independent between the original\nand proxy methods.\n\nBug: 78327881\nTest: make test-art-host-gtest-hidden_api_test\nMerged-In: I8f334e5e2b62ca38691c94524edaf198eb73574b\nChange-Id: I8f334e5e2b62ca38691c94524edaf198eb73574b\n(cherry picked from commit 73a64f6a2a475c2fe018c7ab1151e3f44d316533)\n" }, { "commit": "bb0454a067389a7a1370d2150bf59efd5aac20a1", "tree": "1f1c6e58290159dca8f0e946317d16295faf629e", "parents": [ "39512f5ac08fb8b567336d7c3874065fce062ce7" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu Apr 26 16:52:11 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:32:46 2018 +0100" }, "message": "Do not overwrite hidden access flags for intrinsics\n\nDeduplicating warnings works by overwriting the runtime access flags\nof a method/field to move it from a greylist to the whitelist. This\ntriggers a CHECK when attempted on an intrinsic as their ordinal bits\nclash with the hidden API access flags. Do not attempt to deduplicate\nfor those.\n\nBug: 78574586\nTest: (cd cts/tests/signature ; ./runSignatureTests.sh)\nMerged-In: I39e555a0f4cd5f662eea348baf4ef72a5827306d\nChange-Id: I39e555a0f4cd5f662eea348baf4ef72a5827306d\n(cherry picked from commit 8a6b2f3353d81d8ceb6826bd7b1dd1987c1a6fee)\n" }, { "commit": "39512f5ac08fb8b567336d7c3874065fce062ce7", "tree": "71a972a6091ec457a8e94c2b5ffac20bb25c1240", "parents": [ "166546c3579b7a9deb413f8e44ad94b8ed41335b" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Mon Apr 23 13:51:16 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:32:37 2018 +0100" }, "message": "Fix race in hidden_api.h\n\nThe hidden API decision logic can dedupe warnings by changing the\naccess flags of a previously warned about method to whitelist, thus\nexiting early on the next attempt to access it. This logic had a race\nin it, because it would decode the flags, make a decision and then\ndecode them again when printing a warning. If another thread changed\nthe flags in between, the warning would say \"whitelist\".\n\nChange the code so that the hidden API flags are decoded only once.\nThis may still result in multiple warnings about the same API, but at\nleast the messages will be consistent.\n\nBug: 78327881\nBug: 64382372\nTest: none\nMerged-In: I956dd56536bdfce492845e6a90fdcbe29c2676b5\nChange-Id: I956dd56536bdfce492845e6a90fdcbe29c2676b5\n(cherry picked from commit b8c6619f16348403c3933d9e425b4b8c80af5389)\n" }, { "commit": "1724520ec2788838413b20672f73afa5a00b0d4c", "tree": "bac735898ef8f9750fcc1fdf04c4538aa6abed22", "parents": [ "c9c87f63f7809568fbab751c8f07107e6151cced" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 12 13:56:37 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:32:05 2018 +0100" }, "message": "Use tron for logging hidden API accesses.\n\nExample output:\nsysui_multi_action: [757,1391,1392,1,1394,Ldalvik/system/VMRuntime;-\u003egetRuntime()Ldalvik/system/VMRuntime;]\nsysui_multi_action: [757,1391,1392,1,1393,1,1394,Ldalvik/system/VMRuntime;-\u003esetHiddenApiExemptions([Ljava/lang/String;)V]\n\nTest: m\nTest: $ adb shell settings put global \\\nTest: hidden_api_access_log_sampling_rate 65536\nTest: $ adb lolcat -b events | grep sysui_multi_action | grep 1390\nBug: 77517571\nMerged-In: I23548f902d2ff56ad00534421bf8afa902edaa75\nChange-Id: I23548f902d2ff56ad00534421bf8afa902edaa75\n(cherry picked from commit 2d4d62f2c4cb6f4a659333263a32f7d94c08fc11)\n" }, { "commit": "0a054d3e8d00ba4f9841883bf3f8452b8578cf6a", "tree": "01a4725fab2c772f7a6748f008432f373428ebb4", "parents": [ "523cd63ce4b705d07e3ebfe04807c24860f20346" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 12 15:43:11 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:31:46 2018 +0100" }, "message": "Add note about tests impacted by kLogAllAccesses flag.\n\nTest: m\nBug: 64382372\nMerged-In: Ief4d0596eeff7ed711556b2a23165871d6e06ac3\nChange-Id: Ief4d0596eeff7ed711556b2a23165871d6e06ac3\n(cherry picked from commit 6d6012ec03d20dd0a450715c41e15d710550f0ac)\n" }, { "commit": "85b5a57020dd1a61ae5148ff7c854d4323720afd", "tree": "d05a45fb998cd3364d29c524b86dde4172c156ec", "parents": [ "1fd97f29d646770c5e8ddee2e8fe468ffcc9ea2c" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Apr 11 16:08:21 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:31:30 2018 +0100" }, "message": "Log for light grey API accesses.\n\nFor the public Beta 1 build, it seems likely that 3P devs will want to\ncheck the logcat for hidden API accesses by their own apps. So enable\nthis logging for light grey API accesses.\n\nThe option can easily be diabled again later by setting the new flag to\nfalse (which should be done before public release).\n\nBug: 64382372\nTest: m\nTest: Verify logcat output\nMerged-In: Ie610ebcf712a0abc3f1c200510048e2c93b712f7\nChange-Id: Ie610ebcf712a0abc3f1c200510048e2c93b712f7\n(cherry picked from commit 27199e603fb9a80f35976eab63e5f400808598bc)\n" }, { "commit": "1fd97f29d646770c5e8ddee2e8fe468ffcc9ea2c", "tree": "be2fbd393abfe438c1e734055f1d3d084755e6a6", "parents": [ "9a13d423c71517bc9cb3cf40e97dd0f6f5d5c72c" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Tue Apr 03 15:32:32 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:31:20 2018 +0100" }, "message": "Log an event on hidden API accesses.\n\nThe new event consists of:\n- The type of access (reflection, JNI, etc.)\n- The action taken (warn or deny)\n- The type of member accessed (field or method)\n- Name of the class which defined the member accessed\n- The name of the member\n- The type signature of the member (type of field, or method signature)\n\nThe fully qualified member name is also not included to avoid the overhead\nof building the string. It can be build from the information included.\n\nSimilarly, the package name, version, etc. are not included as they can\nbe inferred from the context when analyzing the event log.\n\nThe event is sampled, according to a sampling rate that can be set by a\nconfiguration option, to reduce log spam.\n\nTest: $ m\nTest: $ adb shell settings put global hidden_api_access_log_sampling_rate 65536\nTest: $ adb lolcat -b events | grep art_hidden_api_access\n\nSample output:\n16796 16796 I art_hidden_api_access: [1,0,Ldalvik/system/VMRuntime;,getRuntime,()Ldalvik/system/VMRuntime;]\n16796 16796 I art_hidden_api_access: [1,2,Ldalvik/system/VMRuntime;,setHiddenApiExemptions,([Ljava/lang/String;)V]\n16796 16796 I art_hidden_api_access: [1,3,Landroid/app/Activity;,mDoReportFullyDrawn,Z]\n(Timestamps have been elided)\n\nBug: 64382372\nBug: 77517571\nMerged-In: I012b2c9fbffbd00ed3219918e7a736a4f7435ec8\nChange-Id: I012b2c9fbffbd00ed3219918e7a736a4f7435ec8\n(cherry picked from commit 73ddda4403c8088a730b8d456de46bb8e0307ed8)\n" }, { "commit": "9a13d423c71517bc9cb3cf40e97dd0f6f5d5c72c", "tree": "db25de5c310f8c3b14dbaad91bfe3b02a8a4c5b3", "parents": [ "9a81945ca49de3c5b3969cc85278ecbadf238c84" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Mon Apr 09 12:24:55 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:31:05 2018 +0100" }, "message": "Consider whitelist when listing class members.\n\nPreviously, only the enforcement policy was considered when getting\ndeclared fields or members, meaning whitelisted APIs would still not be\ndiscoverable. Fix this by calling hiddenapi::GetMemberAction from within\nIsDiscoverable.\n\nBug: 77787686\nBug: 64382372\nTest: cts/tests/signature/runSignatureTests.sh (with ag/3863796)\nTest: art/test.py --host -t 674-hiddenapi\nMerged-In: I234d274f47f377e3e105c81aae2d49072287992a\nChange-Id: I234d274f47f377e3e105c81aae2d49072287992a\n(cherry picked from commit 64ee8aeaeb70aa2d5d1c3ff57a682a5001869653)\n" }, { "commit": "9a81945ca49de3c5b3969cc85278ecbadf238c84", "tree": "c5d3e508727d1d2d58d7b29af22fd849c32c0544", "parents": [ "4525e0b62cc808a49b4cd2c826bb52a768779e72" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 05 13:58:55 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:30:55 2018 +0100" }, "message": "Treat hidden API exemptions as whitelist.\n\nThis was a request from android-api-council, effectively to treat\nexempted APIs as equivalent to public APIs. The reasoning for this is\nthat if the support library uses such APIs, we don\u0027t want to confuse\ndevelopers with a warning in the log.\n\nTo avoid examing the exemptions list on all light greylist API accesses,\nalso change the light greylist warn behavior to only print a warning in\nthe log if the app is debuggable. This means:\n- less log spam from light greylist usages\n- debuggable apps still get info about light greylist usage\n\nBug: 64382372\nTest: m\nTest: Boot device\nTest: $ adb shell settings put global hidden_api_blacklist_exemptions \\\nTest: \"\\\"Landroid/app/Activity;-\u003emWindow:,Landroid/app/Activity;-\u003emCalled:\\\"\"\nTest: Verified with test app \u0026 adb logcat\nMerged-In: Ibada61b591517f7e72c7101aea04ff0ad4beb0ee\nChange-Id: Ibada61b591517f7e72c7101aea04ff0ad4beb0ee\n(cherry picked from commit c8ce5f520d2ba84ff8f393f78ba953ae6d467ca8)\n" }, { "commit": "4525e0b62cc808a49b4cd2c826bb52a768779e72", "tree": "aba9be998bb3684dff53b4b56c0568fb7187502e", "parents": [ "a8503d9696f37ff66b23016f3374ecbe59774dc6" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu Apr 05 16:57:32 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:30:45 2018 +0100" }, "message": "Fix verifier/linker IncompatibleClassChangeError with hidden API\n\nThe verifier and class linker will attempt to find a method with\nthe wrong type if it could not be found with the original type,\ni.e an interface method on a regular class and vice versa.\n\nThis logic did not previously take hidden API restrictions into\naccount and would result in bogus error messages to the user or\ndebug crashes.\n\nBug: 64382372\nBug: 77464273\nTest: art/test.py -r -t 674-hiddenapi\nMerged-In: If8327a70dd73b90249da3d9e505f0c6f89838f8e\nChange-Id: If8327a70dd73b90249da3d9e505f0c6f89838f8e\n(cherry picked from commit 54a99cfcf3d3463404fdf4152523dcc69b8648d7)\n" }, { "commit": "a8503d9696f37ff66b23016f3374ecbe59774dc6", "tree": "ff05ba35980c063a046553885268fcffee04d535", "parents": [ "d94a00cdf0519ff92dff1ee59a5a42234a391ddd" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 05 16:10:25 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Tue May 08 10:30:33 2018 +0100" }, "message": "Replace kAllLists policy with kJustWarn.\n\nIt seems pretty unlikely that we\u0027d ever want to disallow access to the\nlight greylist in P, since doing do would break do many apps. We don\u0027t need\nthis policy here as an opt-in for apps now, since the StrictMode work will\nachieve the same thing.\n\nInstead, make a kJustWarn policy which allows access to all APIs, but\nleaves the detection and logging logic in place. This gives us the option\nof disabling enforcement, but still gathering logs to find out which apps\nuse which APIs.\n\nAdd some tests for GetActionFromAccessFlags since the logic is getting\nmore complex.\n\nBug: 77517571\nTest: make test-art-host-gtest-hidden_api_test\nTest: boot device\nMerged-In: I2e6824d7ef53532d0836a2b6b1930cbbed196d0c\nChange-Id: I2e6824d7ef53532d0836a2b6b1930cbbed196d0c\n(cherry picked from commit 68693699d62bc7a2192f51be191ae81defcf4388)\n" }, { "commit": "7996b873bf5d2a3fc0aa0bf5058d5c98b1a79b8c", "tree": "407f144f7306deeac72a8f3964a396723d90153c", "parents": [ "e6801b10046834285e6fdc3e63a259d0f1149168", "73a64f6a2a475c2fe018c7ab1151e3f44d316533" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Fri May 04 08:20:22 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Fri May 04 08:20:22 2018 +0000" }, "message": "Merge \"Fix hiddenapi::MemberSignature for proxies\" into pi-dev" }, { "commit": "73a64f6a2a475c2fe018c7ab1151e3f44d316533", "tree": "16ed4d02ec6685220ef2eb80316e5d8665b1bad0", "parents": [ "5bcef17fcee4f535c6d39177b1c55eefea81f854" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Wed May 02 16:53:06 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu May 03 16:07:58 2018 +0100" }, "message": "Fix hiddenapi::MemberSignature for proxies\n\nProxy classes are classes generated at runtime which implement\na given interface. Because they do not inherit the associated\ndex file form the interface(s), names/signatures of methods cannot\nbe requested directly, but rather through the original interface\nmethod. Calling getName() on a proxy mirror::Class also triggers\na DCHECK.\n\nThis patch will refer to the interface method when printing the\nsignature instead of the proxy method.\n\nThis fixes the warning printed for the proxy method, printing\neven the class name of the interface instead of the name of the\nproxy class. This is meant to provide useful info to the devloper.\n\nProxies do not define fields except for the synthetic \u0027interfaces\u0027\nand \u0027throws\u0027 fields. Their signatures remain unchanged.\n\nThis patch also continues to check the access flags of the proxy\nmethod for performance reasons. De-proxying the method would\nintroduce two new memory accesses into the fast path. That means\ndeduplication of warnings remains independent between the original\nand proxy methods.\n\nBug: 78327881\nTest: make test-art-host-gtest-hidden_api_test\nChange-Id: I8f334e5e2b62ca38691c94524edaf198eb73574b\n" }, { "commit": "f59ca619ebd1d546b86a50503d02fc4b3a1e7868", "tree": "9d2b262d27f34ccc301849c66b31055b5993bddd", "parents": [ "5bcef17fcee4f535c6d39177b1c55eefea81f854" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu May 03 11:30:01 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu May 03 11:30:01 2018 +0100" }, "message": "Do not log \"None\" type API accesses.\n\nThey do not imply any actual access, so logging them just pollutes the\nlogs.\n\nBug: 77517571\nTest: m\nTest: $ adb lolcat -b events | grep sysui_multi_action\nChange-Id: I66100f25a8f0b3cf7b1a04e5fdd046a1368596a1\n" }, { "commit": "5bcef17fcee4f535c6d39177b1c55eefea81f854", "tree": "e2f821e5f3f17b20a3c76f3d8956968496cb3bf0", "parents": [ "a5dea30f762266dc87e4160e8139101e9d01cde3" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Tue May 01 14:40:12 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Tue May 01 15:34:58 2018 +0100" }, "message": "Include package name in tron events.\n\nAdd this state to Runtime, together with a getter and setter to it can be\npassed at zygote fork time.\n\nThe package name needs to be included in the event itself, as the PID/UID\nalso present are not used to look up the package name later.\n\nBug: 77517571\nTest: m\nTest: $ adb lolcat -b events | grep sysui_multi_action\nChange-Id: I40ec89152b5ecc9a81555f2e74bc4f4b44b2bcac\n" }, { "commit": "8a6b2f3353d81d8ceb6826bd7b1dd1987c1a6fee", "tree": "35396b4b038613de8aa322b855a229733d5a0162", "parents": [ "354794b1c59894e549cf175e24a3b8c5d5ec2913" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu Apr 26 16:52:11 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu Apr 26 17:15:03 2018 +0100" }, "message": "Do not overwrite hidden access flags for intrinsics\n\nDeduplicating warnings works by overwriting the runtime access flags\nof a method/field to move it from a greylist to the whitelist. This\ntriggers a CHECK when attempted on an intrinsic as their ordinal bits\nclash with the hidden API access flags. Do not attempt to deduplicate\nfor those.\n\nBug: 78574586\nTest: (cd cts/tests/signature ; ./runSignatureTests.sh)\nChange-Id: I39e555a0f4cd5f662eea348baf4ef72a5827306d\n" }, { "commit": "b8c6619f16348403c3933d9e425b4b8c80af5389", "tree": "38642b8514fd9b036731c0a02112ec62e80b3e91", "parents": [ "14c212a44ac9a3ad12025ebf30836129669fa949" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Mon Apr 23 13:51:16 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Mon Apr 23 16:08:12 2018 +0100" }, "message": "Fix race in hidden_api.h\n\nThe hidden API decision logic can dedupe warnings by changing the\naccess flags of a previously warned about method to whitelist, thus\nexiting early on the next attempt to access it. This logic had a race\nin it, because it would decode the flags, make a decision and then\ndecode them again when printing a warning. If another thread changed\nthe flags in between, the warning would say \"whitelist\".\n\nChange the code so that the hidden API flags are decoded only once.\nThis may still result in multiple warnings about the same API, but at\nleast the messages will be consistent.\n\nBug: 78327881\nBug: 64382372\nTest: none\nChange-Id: I956dd56536bdfce492845e6a90fdcbe29c2676b5\n" }, { "commit": "178787050e4e0853b9762f86603616963705ffca", "tree": "129dbaa0878ed422ee0f742ce38f3c4f018403c3", "parents": [ "c5759ba651478d352d8e2b774a8a7fcb761c7803", "6d6012ec03d20dd0a450715c41e15d710550f0ac" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Fri Apr 20 13:38:22 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Fri Apr 20 13:38:22 2018 +0000" }, "message": "Merge \"Add note about tests impacted by kLogAllAccesses flag.\" into pi-dev" }, { "commit": "2d4d62f2c4cb6f4a659333263a32f7d94c08fc11", "tree": "718c25ef3dce38c0fd2fee22e2366fc7813f98f1", "parents": [ "9f3a0c3d5171f49111e11a62b6ff746a7838afe0" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 12 13:56:37 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 19 16:37:31 2018 +0100" }, "message": "Use tron for logging hidden API accesses.\n\nExample output:\nsysui_multi_action: [757,1391,1392,1,1394,Ldalvik/system/VMRuntime;-\u003egetRuntime()Ldalvik/system/VMRuntime;]\nsysui_multi_action: [757,1391,1392,1,1393,1,1394,Ldalvik/system/VMRuntime;-\u003esetHiddenApiExemptions([Ljava/lang/String;)V]\n\nTest: m\nTest: $ adb shell settings put global \\\nTest: hidden_api_access_log_sampling_rate 65536\nTest: $ adb lolcat -b events | grep sysui_multi_action | grep 1390\nBug: 77517571\nChange-Id: I23548f902d2ff56ad00534421bf8afa902edaa75\n" }, { "commit": "6d6012ec03d20dd0a450715c41e15d710550f0ac", "tree": "35c8afe691c56314a8454fddda4f47d356829ebf", "parents": [ "724e9c8cdb75cd606fe583fd2502783046d62796" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 12 15:43:11 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 12 15:43:38 2018 +0100" }, "message": "Add note about tests impacted by kLogAllAccesses flag.\n\nTest: m\nBug: 64382372\nChange-Id: Ief4d0596eeff7ed711556b2a23165871d6e06ac3\n" }, { "commit": "eba8b96ccba687421b44d417b3683b844e2dc1e1", "tree": "75c07b194d27d50902863efd7423ea5553c26d3a", "parents": [ "38a50121f8cc73cabec72eef17e320c557c164d9", "0dbc8bebd026a3a4d70fefd72bb0851a18f0a617" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Thu Apr 12 07:40:37 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Thu Apr 12 07:40:37 2018 +0000" }, "message": "Merge \"Revert \"Update hidden API membership of intrinsics\"\" into pi-dev" }, { "commit": "5933cdb50ce9b4f91321a068eda1b73dce2bc2ac", "tree": "39a227e83fd23ef4c2e5ce013780256b0e911e15", "parents": [ "47b6ace4d75e69b28deca89c285d6365d4c4afff", "27199e603fb9a80f35976eab63e5f400808598bc" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Thu Apr 12 03:29:14 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Thu Apr 12 03:29:14 2018 +0000" }, "message": "Merge \"Log for light grey API accesses.\" into pi-dev" }, { "commit": "0dbc8bebd026a3a4d70fefd72bb0851a18f0a617", "tree": "4c50c959e85cfffa4217fde74cb805c038d09c36", "parents": [ "e1954f30cbf70ed4430b9ca7b85b5d52fdc42251" ], "author": { "name": "Andreas Gampe", "email": "agampe@google.com", "time": "Wed Apr 11 20:45:16 2018 +0000" }, "committer": { "name": "Andreas Gampe", "email": "agampe@google.com", "time": "Wed Apr 11 20:45:16 2018 +0000" }, "message": "Revert \"Update hidden API membership of intrinsics\"\n\nThis reverts commit e1954f30cbf70ed4430b9ca7b85b5d52fdc42251.\n\nReason for revert: Breaks all internal tests.\n\nBug: 64382372\nBug: 77733081\nBug: 72430785\nChange-Id: If6138ee1a3d73059b20c582c0dfd388ff07507a2\n" }, { "commit": "27199e603fb9a80f35976eab63e5f400808598bc", "tree": "5f6e55c770b3e642a0cf714b12eabab1da7f549a", "parents": [ "75e46053d2083dcd197fee56abb86b4b5ec10449" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Apr 11 16:08:21 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Apr 11 18:12:54 2018 +0000" }, "message": "Log for light grey API accesses.\n\nFor the public Beta 1 build, it seems likely that 3P devs will want to\ncheck the logcat for hidden API accesses by their own apps. So enable\nthis logging for light grey API accesses.\n\nThe option can easily be diabled again later by setting the new flag to\nfalse (which should be done before public release).\n\nBug: 64382372\nTest: m\nTest: Verify logcat output\nChange-Id: Ie610ebcf712a0abc3f1c200510048e2c93b712f7\n" }, { "commit": "29d8d0b4c49c339bfc57d5b4ff74ee8a0657c640", "tree": "302c35c77dba7ee6a0b7705d67a81570e9428f95", "parents": [ "ba4f1a253e1eec424c79ae2ab99123b687856a21", "e1954f30cbf70ed4430b9ca7b85b5d52fdc42251" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Wed Apr 11 16:58:49 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Wed Apr 11 16:58:49 2018 +0000" }, "message": "Merge \"Update hidden API membership of intrinsics\" into pi-dev" }, { "commit": "ba4f1a253e1eec424c79ae2ab99123b687856a21", "tree": "a6d5461c26c89c83d1b1d9e3fab6ee90cdeb08e0", "parents": [ "75e46053d2083dcd197fee56abb86b4b5ec10449", "73ddda4403c8088a730b8d456de46bb8e0307ed8" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Apr 11 16:45:06 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Wed Apr 11 16:45:06 2018 +0000" }, "message": "Merge \"Log an event on hidden API accesses.\" into pi-dev" }, { "commit": "e1954f30cbf70ed4430b9ca7b85b5d52fdc42251", "tree": "b33c9cf9ee824751fb4df6dfcb0ea2bf1911ac9a", "parents": [ "75e46053d2083dcd197fee56abb86b4b5ec10449" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Fri Apr 06 14:02:59 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Wed Apr 11 14:22:51 2018 +0100" }, "message": "Update hidden API membership of intrinsics\n\nAn update to Doclava fixes incorrect signatures of methods with\nvarargs. This changes the blacklisting of some of the intrinsics.\nUpdate their list.\n\nBecause only target boot class path dex files have the hidden API\naccess flags, tests need to be special cased and intrinsics\nconsidered whitelisted under such conditions. This special case\nshould be removed as soon as hidden API access flags are also\napplied to tests running with core image / dex files.\n\nBug: 64382372\nBug: 77733081\nBug: 72430785\nTest: make test-art\nChange-Id: I321c9fba0cb649fcac973bf1d7b1cb24a5f2359e\n" }, { "commit": "73ddda4403c8088a730b8d456de46bb8e0307ed8", "tree": "f07d4b781f15f0750292523029e1dcf27a7324b3", "parents": [ "5665c97b421166f08df08cbd028d757a21000ff5" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Tue Apr 03 15:32:32 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Apr 11 13:14:50 2018 +0100" }, "message": "Log an event on hidden API accesses.\n\nThe new event consists of:\n- The type of access (reflection, JNI, etc.)\n- The action taken (warn or deny)\n- The type of member accessed (field or method)\n- Name of the class which defined the member accessed\n- The name of the member\n- The type signature of the member (type of field, or method signature)\n\nThe fully qualified member name is also not included to avoid the overhead\nof building the string. It can be build from the information included.\n\nSimilarly, the package name, version, etc. are not included as they can\nbe inferred from the context when analyzing the event log.\n\nThe event is sampled, according to a sampling rate that can be set by a\nconfiguration option, to reduce log spam.\n\nTest: $ m\nTest: $ adb shell settings put global hidden_api_access_log_sampling_rate 65536\nTest: $ adb lolcat -b events | grep art_hidden_api_access\n\nSample output:\n16796 16796 I art_hidden_api_access: [1,0,Ldalvik/system/VMRuntime;,getRuntime,()Ldalvik/system/VMRuntime;]\n16796 16796 I art_hidden_api_access: [1,2,Ldalvik/system/VMRuntime;,setHiddenApiExemptions,([Ljava/lang/String;)V]\n16796 16796 I art_hidden_api_access: [1,3,Landroid/app/Activity;,mDoReportFullyDrawn,Z]\n(Timestamps have been elided)\n\nBug: 64382372\nBug: 77517571\nChange-Id: I012b2c9fbffbd00ed3219918e7a736a4f7435ec8\n" }, { "commit": "64ee8aeaeb70aa2d5d1c3ff57a682a5001869653", "tree": "8fa21a4fd614fc1204d91ad6f04c051950ef4251", "parents": [ "709e67c8ae5d6d2e4d781ec6505c7502f2d7f5fd" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Mon Apr 09 12:24:55 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Tue Apr 10 14:14:41 2018 +0100" }, "message": "Consider whitelist when listing class members.\n\nPreviously, only the enforcement policy was considered when getting\ndeclared fields or members, meaning whitelisted APIs would still not be\ndiscoverable. Fix this by calling hiddenapi::GetMemberAction from within\nIsDiscoverable.\n\nBug: 77787686\nBug: 64382372\nTest: cts/tests/signature/runSignatureTests.sh (with ag/3863796)\nTest: art/test.py --host -t 674-hiddenapi\nChange-Id: I234d274f47f377e3e105c81aae2d49072287992a\n" }, { "commit": "f5f1f80aa6c1c10c61b6723bbc52d5aec2eba2b9", "tree": "6a83730a41748fcfd6e42be0f31ec7243d631495", "parents": [ "8c5de0f16444441c23a5ae807e4dd5cc0dd586a3" ], "author": { "name": "Narayan Kamath", "email": "narayan@google.com", "time": "Tue Apr 03 15:23:46 2018 +0100" }, "committer": { "name": "Mathieu Chartier", "email": "mathieuc@google.com", "time": "Fri Apr 06 10:08:56 2018 -0700" }, "message": "Revert^2 \"hidden_api: Call back into libcore on hidden api detection\"\"\n\nThis reverts commit bbe60d58496991c16e2943e174e26ab8a096b3d0.\n\nThis CL deviates from the approach of the original change. Instead of\ncalling back every time ShouldBlock.. was called, we explicitly call\nback in cases where it\u0027s safe to do so.\n\nNote that we only call back on reflective accesses for now, and not\nlink time accesses. Coverage for the latter will be added in a follow up\nchange.\n\nBug: 73896556\nTest: test-art-host\nTest: art/test.py --host -t test-art-host-run-test-debug-prebuild-\\\n interpreter-no-relocate-ntrace-gcstress-checkjni-picimage-pictest-\\\n ndebuggable-no-jvmti-cdex-fast-674-hiddenapi64\n\n(cherry picked from commit e453a8dd87731f4b37b86a1284f7655d86c2a809)\n\nMerged-In: Ie99ac268a083af167accbdf955639da068bea950\nChange-Id: I76860519d40b87032dbb8db38b04fcf79ef09723\n" }, { "commit": "8c5de0f16444441c23a5ae807e4dd5cc0dd586a3", "tree": "a0753accc18ccc000280e18327c57f7352e2ace5", "parents": [ "a9660f1dc13b4d595b3f89b06dd5b70eeee18c43" ], "author": { "name": "Orion Hodson", "email": "oth@google.com", "time": "Tue Apr 03 14:13:13 2018 +0000" }, "committer": { "name": "Mathieu Chartier", "email": "mathieuc@google.com", "time": "Fri Apr 06 10:08:21 2018 -0700" }, "message": "Revert \"hidden_api: Call back into libcore on hidden api detection\"\n\nThis reverts commit 757a9d0a2e97d43bafeb8a95cc3c51102be99586.\n\nReason for revert: Test failures with \"art/test.py --host -t test-art-host-run-test-debug-prebuild-interpreter-no-relocate-ntrace-gcstress-checkjni-picimage-pictest-ndebuggable-no-jvmti-cdex-fast-674-hiddenapi64\"\nBug: 73896556\nTest: art/test.py --host -t test-art-host-run-test-debug-prebuild-interpreter-no-relocate-ntrace-gcstress-checkjni-picimage-pictest-ndebuggable-no-jvmti-cdex-fast-674-hiddenapi64\n\n(cherry picked from commit 9e68ade384abdb15714054feaed06cb38eb5432f)\n\nMerged-In: Ib2ad89c16ad797c37f6212bc7e5c0b6b92ce56b5\nChange-Id: I11fa9b76da07162fde8773eb05cfc6a6514e0ca1\n" }, { "commit": "a9660f1dc13b4d595b3f89b06dd5b70eeee18c43", "tree": "fba8c4742d8f866b8342794542436ab3cd3f32a8", "parents": [ "9c85c79af0e5fe181df97dfc2801f4999aef77eb" ], "author": { "name": "Narayan Kamath", "email": "narayan@google.com", "time": "Thu Mar 29 10:21:47 2018 +0100" }, "committer": { "name": "Mathieu Chartier", "email": "mathieuc@google.com", "time": "Fri Apr 06 10:07:49 2018 -0700" }, "message": "hidden_api: Call back into libcore on hidden api detection\n\nThis change also removes some unnecessary RI specific logic for\nbuilding src-ex since it isn\u0027t required.\n\nBug: 73896556\nTest: run-test --host 674-hiddenapi\nTest: StrictModeTest\n\nCo-Authored-By: Andreas Gampe \u003cagampe@google.com\u003e\n\n(cherry picked from commit 757a9d0a2e97d43bafeb8a95cc3c51102be99586)\n\nMerged-In: Ib2b4dfad55c5d829630bfe2adb4a468124bea61c\nChange-Id: Ida0943990aa1b3bad0c674bc31ff46766ae493a6\n" }, { "commit": "cc4123914fbd6b458fb6af09efdb9a18da59412e", "tree": "5a910af78152ea590f39d938c7a508932c89103e", "parents": [ "a5dd33c399fe989f85fdc8541f4b0da582cbc0fc", "c8ce5f520d2ba84ff8f393f78ba953ae6d467ca8" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Fri Apr 06 13:45:32 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Fri Apr 06 13:45:32 2018 +0000" }, "message": "Merge \"Treat hidden API exemptions as whitelist.\" into pi-dev" }, { "commit": "a5dd33c399fe989f85fdc8541f4b0da582cbc0fc", "tree": "03232192fe75f9adaeddd3243495b484a8f8d730", "parents": [ "93b728f263ba271ab4029d8b19176efc32c17ee2", "68693699d62bc7a2192f51be191ae81defcf4388" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Fri Apr 06 12:29:06 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Fri Apr 06 12:29:06 2018 +0000" }, "message": "Merge \"Replace kAllLists policy with kJustWarn.\" into pi-dev" }, { "commit": "c8ce5f520d2ba84ff8f393f78ba953ae6d467ca8", "tree": "c5cf50991104288bd5771a227d52651fa11d039d", "parents": [ "93b728f263ba271ab4029d8b19176efc32c17ee2" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 05 13:58:55 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Fri Apr 06 12:12:53 2018 +0100" }, "message": "Treat hidden API exemptions as whitelist.\n\nThis was a request from android-api-council, effectively to treat\nexempted APIs as equivalent to public APIs. The reasoning for this is\nthat if the support library uses such APIs, we don\u0027t want to confuse\ndevelopers with a warning in the log.\n\nTo avoid examing the exemptions list on all light greylist API accesses,\nalso change the light greylist warn behavior to only print a warning in\nthe log if the app is debuggable. This means:\n- less log spam from light greylist usages\n- debuggable apps still get info about light greylist usage\n\nBug: 64382372\nTest: m\nTest: Boot device\nTest: $ adb shell settings put global hidden_api_blacklist_exemptions \\\nTest: \"\\\"Landroid/app/Activity;-\u003emWindow:,Landroid/app/Activity;-\u003emCalled:\\\"\"\nTest: Verified with test app \u0026 adb logcat\nChange-Id: Ibada61b591517f7e72c7101aea04ff0ad4beb0ee\n" }, { "commit": "54a99cfcf3d3463404fdf4152523dcc69b8648d7", "tree": "971f3e2070018e4fb14fc30d6aa3ee23927e032e", "parents": [ "b658cd77b69bd039795509356900eface235cc93" ], "author": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu Apr 05 16:57:32 2018 +0100" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu Apr 05 17:13:19 2018 +0100" }, "message": "Fix verifier/linker IncompatibleClassChangeError with hidden API\n\nThe verifier and class linker will attempt to find a method with\nthe wrong type if it could not be found with the original type,\ni.e an interface method on a regular class and vice versa.\n\nThis logic did not previously take hidden API restrictions into\naccount and would result in bogus error messages to the user or\ndebug crashes.\n\nBug: 64382372\nBug: 77464273\nTest: art/test.py -r -t 674-hiddenapi\nChange-Id: If8327a70dd73b90249da3d9e505f0c6f89838f8e\n" }, { "commit": "68693699d62bc7a2192f51be191ae81defcf4388", "tree": "de906601afb81606cb33d98e7eaba3ed10d08bcc", "parents": [ "b658cd77b69bd039795509356900eface235cc93" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 05 16:10:25 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Thu Apr 05 16:23:47 2018 +0100" }, "message": "Replace kAllLists policy with kJustWarn.\n\nIt seems pretty unlikely that we\u0027d ever want to disallow access to the\nlight greylist in P, since doing do would break do many apps. We don\u0027t need\nthis policy here as an opt-in for apps now, since the StrictMode work will\nachieve the same thing.\n\nInstead, make a kJustWarn policy which allows access to all APIs, but\nleaves the detection and logging logic in place. This gives us the option\nof disabling enforcement, but still gathering logs to find out which apps\nuse which APIs.\n\nAdd some tests for GetActionFromAccessFlags since the logic is getting\nmore complex.\n\nBug: 77517571\nTest: make test-art-host-gtest-hidden_api_test\nTest: boot device\nChange-Id: I2e6824d7ef53532d0836a2b6b1930cbbed196d0c\n" }, { "commit": "e453a8dd87731f4b37b86a1284f7655d86c2a809", "tree": "9320404a6fa9e381cd60e645e76b85a1f81035cc", "parents": [ "7efc4f2941d53901272f2c415e4e41e50f2c31d4" ], "author": { "name": "Narayan Kamath", "email": "narayan@google.com", "time": "Tue Apr 03 15:23:46 2018 +0100" }, "committer": { "name": "Narayan Kamath", "email": "narayan@google.com", "time": "Thu Apr 05 09:08:53 2018 +0100" }, "message": "Revert^2 \"hidden_api: Call back into libcore on hidden api detection\"\"\n\nThis reverts commit bbe60d58496991c16e2943e174e26ab8a096b3d0.\n\nThis CL deviates from the approach of the original change. Instead of\ncalling back every time ShouldBlock.. was called, we explicitly call\nback in cases where it\u0027s safe to do so.\n\nNote that we only call back on reflective accesses for now, and not\nlink time accesses. Coverage for the latter will be added in a follow up\nchange.\n\nBug: 73896556\nTest: test-art-host\nTest: art/test.py --host -t test-art-host-run-test-debug-prebuild-\\\n interpreter-no-relocate-ntrace-gcstress-checkjni-picimage-pictest-\\\n ndebuggable-no-jvmti-cdex-fast-674-hiddenapi64\n\nChange-Id: Ie99ac268a083af167accbdf955639da068bea950\n" }, { "commit": "9e68ade384abdb15714054feaed06cb38eb5432f", "tree": "5659aa522815a24915e77711dc1d9d19defadad8", "parents": [ "757a9d0a2e97d43bafeb8a95cc3c51102be99586" ], "author": { "name": "Orion Hodson", "email": "oth@google.com", "time": "Tue Apr 03 14:13:13 2018 +0000" }, "committer": { "name": "Narayan Kamath", "email": "narayan@google.com", "time": "Tue Apr 03 14:22:26 2018 +0000" }, "message": "Revert \"hidden_api: Call back into libcore on hidden api detection\"\n\nThis reverts commit 757a9d0a2e97d43bafeb8a95cc3c51102be99586.\n\nReason for revert: Test failures with \"art/test.py --host -t test-art-host-run-test-debug-prebuild-interpreter-no-relocate-ntrace-gcstress-checkjni-picimage-pictest-ndebuggable-no-jvmti-cdex-fast-674-hiddenapi64\"\nBug: 73896556 \nTest: art/test.py --host -t test-art-host-run-test-debug-prebuild-interpreter-no-relocate-ntrace-gcstress-checkjni-picimage-pictest-ndebuggable-no-jvmti-cdex-fast-674-hiddenapi64\n\nChange-Id: Ib2ad89c16ad797c37f6212bc7e5c0b6b92ce56b5\n" }, { "commit": "757a9d0a2e97d43bafeb8a95cc3c51102be99586", "tree": "e61b8f7cd80e6447427096bcfba3e3b523ef9c91", "parents": [ "80f5fe5fa4fd4044c409b39db0f6b1b77542ce6e" ], "author": { "name": "Narayan Kamath", "email": "narayan@google.com", "time": "Thu Mar 29 10:21:47 2018 +0100" }, "committer": { "name": "Narayan Kamath", "email": "narayan@google.com", "time": "Thu Mar 29 18:35:59 2018 +0100" }, "message": "hidden_api: Call back into libcore on hidden api detection\n\nThis change also removes some unnecessary RI specific logic for\nbuilding src-ex since it isn\u0027t required.\n\nBug: 73896556\nTest: run-test --host 674-hiddenapi\nTest: StrictModeTest\n\nCo-Authored-By: Andreas Gampe \u003cagampe@google.com\u003e\nChange-Id: Ib2b4dfad55c5d829630bfe2adb4a468124bea61c\n" }, { "commit": "80f5fe5fa4fd4044c409b39db0f6b1b77542ce6e", "tree": "5659aa522815a24915e77711dc1d9d19defadad8", "parents": [ "be4aa299da3c547c1854b934ba7f6b42c1e4130b" ], "author": { "name": "Andreas Gampe", "email": "agampe@google.com", "time": "Wed Mar 28 16:23:24 2018 -0700" }, "committer": { "name": "David Brazdil", "email": "dbrazdil@google.com", "time": "Thu Mar 29 08:38:02 2018 +0100" }, "message": "ART: Refactor hidden_api\n\nAdd hidden_api.cc, move handling of hidden fields there. Also\nremove an unnecessary include that meant hidden_api was imported\ninto too many compilation units, and fix transitive includes.\n\nBug: 73896556\nTest: mmma art\nTest: m test-art-host\nChange-Id: Ie47e11abcea68e326c410bab215ebbfbf049051b\n(cherry picked from commit aa12001baf69c124ab3901c13385aaa43fc76987)\n" }, { "commit": "aa12001baf69c124ab3901c13385aaa43fc76987", "tree": "9cedf9714284f6a25dc40e8746aae3a719e86de4", "parents": [ "3be56a02c6311d2a751f8a7410843199f9f4c9cc" ], "author": { "name": "Andreas Gampe", "email": "agampe@google.com", "time": "Wed Mar 28 16:23:24 2018 -0700" }, "committer": { "name": "Andreas Gampe", "email": "agampe@google.com", "time": "Wed Mar 28 17:32:16 2018 -0700" }, "message": "ART: Refactor hidden_api\n\nAdd hidden_api.cc, move handling of hidden fields there. Also\nremove an unnecessary include that meant hidden_api was imported\ninto too many compilation units, and fix transitive includes.\n\nBug: 73896556\nTest: mmma art\nTest: m test-art-host\nChange-Id: Ie47e11abcea68e326c410bab215ebbfbf049051b\n" } ] }