1 /*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "oat_file_manager.h"
18
19 #include <memory>
20 #include <queue>
21 #include <vector>
22 #include <sys/stat.h>
23
24 #include "android-base/stringprintf.h"
25 #include "android-base/strings.h"
26
27 #include "art_field-inl.h"
28 #include "base/bit_vector-inl.h"
29 #include "base/file_utils.h"
30 #include "base/logging.h" // For VLOG.
31 #include "base/mutex-inl.h"
32 #include "base/sdk_version.h"
33 #include "base/stl_util.h"
34 #include "base/systrace.h"
35 #include "class_linker.h"
36 #include "class_loader_context.h"
37 #include "dex/art_dex_file_loader.h"
38 #include "dex/dex_file-inl.h"
39 #include "dex/dex_file_loader.h"
40 #include "dex/dex_file_tracking_registrar.h"
41 #include "gc/scoped_gc_critical_section.h"
42 #include "gc/space/image_space.h"
43 #include "handle_scope-inl.h"
44 #include "jit/jit.h"
45 #include "jni/java_vm_ext.h"
46 #include "jni/jni_internal.h"
47 #include "mirror/class_loader.h"
48 #include "mirror/object-inl.h"
49 #include "oat_file.h"
50 #include "oat_file_assistant.h"
51 #include "obj_ptr-inl.h"
52 #include "scoped_thread_state_change-inl.h"
53 #include "thread-current-inl.h"
54 #include "thread_list.h"
55 #include "thread_pool.h"
56 #include "vdex_file.h"
57 #include "verifier/verifier_deps.h"
58 #include "well_known_classes.h"
59
60 namespace art {
61
62 using android::base::StringPrintf;
63
64 // If true, we attempt to load the application image if it exists.
65 static constexpr bool kEnableAppImage = true;
66
RegisterOatFile(std::unique_ptr<const OatFile> oat_file)67 const OatFile* OatFileManager::RegisterOatFile(std::unique_ptr<const OatFile> oat_file) {
68 WriterMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
69 CHECK(!only_use_system_oat_files_ ||
70 LocationIsOnSystem(oat_file->GetLocation().c_str()) ||
71 !oat_file->IsExecutable())
72 << "Registering a non /system oat file: " << oat_file->GetLocation();
73 DCHECK(oat_file != nullptr);
74 if (kIsDebugBuild) {
75 CHECK(oat_files_.find(oat_file) == oat_files_.end());
76 for (const std::unique_ptr<const OatFile>& existing : oat_files_) {
77 CHECK_NE(oat_file.get(), existing.get()) << oat_file->GetLocation();
78 // Check that we don't have an oat file with the same address. Copies of the same oat file
79 // should be loaded at different addresses.
80 CHECK_NE(oat_file->Begin(), existing->Begin()) << "Oat file already mapped at that location";
81 }
82 }
83 const OatFile* ret = oat_file.get();
84 oat_files_.insert(std::move(oat_file));
85 return ret;
86 }
87
UnRegisterAndDeleteOatFile(const OatFile * oat_file)88 void OatFileManager::UnRegisterAndDeleteOatFile(const OatFile* oat_file) {
89 WriterMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
90 DCHECK(oat_file != nullptr);
91 std::unique_ptr<const OatFile> compare(oat_file);
92 auto it = oat_files_.find(compare);
93 CHECK(it != oat_files_.end());
94 oat_files_.erase(it);
95 compare.release(); // NOLINT b/117926937
96 }
97
FindOpenedOatFileFromDexLocation(const std::string & dex_base_location) const98 const OatFile* OatFileManager::FindOpenedOatFileFromDexLocation(
99 const std::string& dex_base_location) const {
100 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
101 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
102 const std::vector<const OatDexFile*>& oat_dex_files = oat_file->GetOatDexFiles();
103 for (const OatDexFile* oat_dex_file : oat_dex_files) {
104 if (DexFileLoader::GetBaseLocation(oat_dex_file->GetDexFileLocation()) == dex_base_location) {
105 return oat_file.get();
106 }
107 }
108 }
109 return nullptr;
110 }
111
FindOpenedOatFileFromOatLocation(const std::string & oat_location) const112 const OatFile* OatFileManager::FindOpenedOatFileFromOatLocation(const std::string& oat_location)
113 const {
114 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
115 return FindOpenedOatFileFromOatLocationLocked(oat_location);
116 }
117
FindOpenedOatFileFromOatLocationLocked(const std::string & oat_location) const118 const OatFile* OatFileManager::FindOpenedOatFileFromOatLocationLocked(
119 const std::string& oat_location) const {
120 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
121 if (oat_file->GetLocation() == oat_location) {
122 return oat_file.get();
123 }
124 }
125 return nullptr;
126 }
127
GetBootOatFiles() const128 std::vector<const OatFile*> OatFileManager::GetBootOatFiles() const {
129 std::vector<gc::space::ImageSpace*> image_spaces =
130 Runtime::Current()->GetHeap()->GetBootImageSpaces();
131 std::vector<const OatFile*> oat_files;
132 oat_files.reserve(image_spaces.size());
133 for (gc::space::ImageSpace* image_space : image_spaces) {
134 oat_files.push_back(image_space->GetOatFile());
135 }
136 return oat_files;
137 }
138
GetPrimaryOatFile() const139 const OatFile* OatFileManager::GetPrimaryOatFile() const {
140 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
141 std::vector<const OatFile*> boot_oat_files = GetBootOatFiles();
142 if (!boot_oat_files.empty()) {
143 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
144 if (std::find(boot_oat_files.begin(), boot_oat_files.end(), oat_file.get()) ==
145 boot_oat_files.end()) {
146 return oat_file.get();
147 }
148 }
149 }
150 return nullptr;
151 }
152
OatFileManager()153 OatFileManager::OatFileManager()
154 : only_use_system_oat_files_(false) {}
155
~OatFileManager()156 OatFileManager::~OatFileManager() {
157 // Explicitly clear oat_files_ since the OatFile destructor calls back into OatFileManager for
158 // UnRegisterOatFileLocation.
159 oat_files_.clear();
160 }
161
RegisterImageOatFiles(const std::vector<gc::space::ImageSpace * > & spaces)162 std::vector<const OatFile*> OatFileManager::RegisterImageOatFiles(
163 const std::vector<gc::space::ImageSpace*>& spaces) {
164 std::vector<const OatFile*> oat_files;
165 oat_files.reserve(spaces.size());
166 for (gc::space::ImageSpace* space : spaces) {
167 oat_files.push_back(RegisterOatFile(space->ReleaseOatFile()));
168 }
169 return oat_files;
170 }
171
172 class TypeIndexInfo {
173 public:
TypeIndexInfo(const DexFile * dex_file)174 explicit TypeIndexInfo(const DexFile* dex_file)
175 : type_indexes_(GenerateTypeIndexes(dex_file)),
176 iter_(type_indexes_.Indexes().begin()),
177 end_(type_indexes_.Indexes().end()) { }
178
GetTypeIndexes()179 BitVector& GetTypeIndexes() {
180 return type_indexes_;
181 }
GetIterator()182 BitVector::IndexIterator& GetIterator() {
183 return iter_;
184 }
GetIteratorEnd()185 BitVector::IndexIterator& GetIteratorEnd() {
186 return end_;
187 }
AdvanceIterator()188 void AdvanceIterator() {
189 iter_++;
190 }
191
192 private:
GenerateTypeIndexes(const DexFile * dex_file)193 static BitVector GenerateTypeIndexes(const DexFile* dex_file) {
194 BitVector type_indexes(/*start_bits=*/0, /*expandable=*/true, Allocator::GetMallocAllocator());
195 for (uint16_t i = 0; i < dex_file->NumClassDefs(); ++i) {
196 const dex::ClassDef& class_def = dex_file->GetClassDef(i);
197 uint16_t type_idx = class_def.class_idx_.index_;
198 type_indexes.SetBit(type_idx);
199 }
200 return type_indexes;
201 }
202
203 // BitVector with bits set for the type indexes of all classes in the input dex file.
204 BitVector type_indexes_;
205 BitVector::IndexIterator iter_;
206 BitVector::IndexIterator end_;
207 };
208
209 class DexFileAndClassPair : ValueObject {
210 public:
DexFileAndClassPair(const DexFile * dex_file,TypeIndexInfo * type_info,bool from_loaded_oat)211 DexFileAndClassPair(const DexFile* dex_file, TypeIndexInfo* type_info, bool from_loaded_oat)
212 : type_info_(type_info),
213 dex_file_(dex_file),
214 cached_descriptor_(dex_file_->StringByTypeIdx(dex::TypeIndex(*type_info->GetIterator()))),
215 from_loaded_oat_(from_loaded_oat) {
216 type_info_->AdvanceIterator();
217 }
218
219 DexFileAndClassPair(const DexFileAndClassPair& rhs) = default;
220
221 DexFileAndClassPair& operator=(const DexFileAndClassPair& rhs) = default;
222
GetCachedDescriptor() const223 const char* GetCachedDescriptor() const {
224 return cached_descriptor_;
225 }
226
operator <(const DexFileAndClassPair & rhs) const227 bool operator<(const DexFileAndClassPair& rhs) const {
228 const int cmp = strcmp(cached_descriptor_, rhs.cached_descriptor_);
229 if (cmp != 0) {
230 // Note that the order must be reversed. We want to iterate over the classes in dex files.
231 // They are sorted lexicographically. Thus, the priority-queue must be a min-queue.
232 return cmp > 0;
233 }
234 return dex_file_ < rhs.dex_file_;
235 }
236
DexFileHasMoreClasses() const237 bool DexFileHasMoreClasses() const {
238 return type_info_->GetIterator() != type_info_->GetIteratorEnd();
239 }
240
Next()241 void Next() {
242 cached_descriptor_ = dex_file_->StringByTypeIdx(dex::TypeIndex(*type_info_->GetIterator()));
243 type_info_->AdvanceIterator();
244 }
245
FromLoadedOat() const246 bool FromLoadedOat() const {
247 return from_loaded_oat_;
248 }
249
GetDexFile() const250 const DexFile* GetDexFile() const {
251 return dex_file_;
252 }
253
254 private:
255 TypeIndexInfo* type_info_;
256 const DexFile* dex_file_;
257 const char* cached_descriptor_;
258 bool from_loaded_oat_; // We only need to compare mismatches between what we load now
259 // and what was loaded before. Any old duplicates must have been
260 // OK, and any new "internal" duplicates are as well (they must
261 // be from multidex, which resolves correctly).
262 };
263
AddDexFilesFromOat(const OatFile * oat_file,std::vector<const DexFile * > * dex_files,std::vector<std::unique_ptr<const DexFile>> * opened_dex_files)264 static void AddDexFilesFromOat(
265 const OatFile* oat_file,
266 /*out*/std::vector<const DexFile*>* dex_files,
267 std::vector<std::unique_ptr<const DexFile>>* opened_dex_files) {
268 for (const OatDexFile* oat_dex_file : oat_file->GetOatDexFiles()) {
269 std::string error;
270 std::unique_ptr<const DexFile> dex_file = oat_dex_file->OpenDexFile(&error);
271 if (dex_file == nullptr) {
272 LOG(WARNING) << "Could not create dex file from oat file: " << error;
273 } else if (dex_file->NumClassDefs() > 0U) {
274 dex_files->push_back(dex_file.get());
275 opened_dex_files->push_back(std::move(dex_file));
276 }
277 }
278 }
279
AddNext(DexFileAndClassPair & original,std::priority_queue<DexFileAndClassPair> & heap)280 static void AddNext(/*inout*/DexFileAndClassPair& original,
281 /*inout*/std::priority_queue<DexFileAndClassPair>& heap) {
282 if (original.DexFileHasMoreClasses()) {
283 original.Next();
284 heap.push(std::move(original));
285 }
286 }
287
CheckClassCollision(const OatFile * oat_file,const ClassLoaderContext * context,std::string * error_msg)288 static bool CheckClassCollision(const OatFile* oat_file,
289 const ClassLoaderContext* context,
290 std::string* error_msg /*out*/) {
291 std::vector<const DexFile*> dex_files_loaded = context->FlattenOpenedDexFiles();
292
293 // Vector that holds the newly opened dex files live, this is done to prevent leaks.
294 std::vector<std::unique_ptr<const DexFile>> opened_dex_files;
295
296 ScopedTrace st("Collision check");
297 // Add dex files from the oat file to check.
298 std::vector<const DexFile*> dex_files_unloaded;
299 AddDexFilesFromOat(oat_file, &dex_files_unloaded, &opened_dex_files);
300
301 // Generate type index information for each dex file.
302 std::vector<TypeIndexInfo> loaded_types;
303 loaded_types.reserve(dex_files_loaded.size());
304 for (const DexFile* dex_file : dex_files_loaded) {
305 loaded_types.push_back(TypeIndexInfo(dex_file));
306 }
307 std::vector<TypeIndexInfo> unloaded_types;
308 unloaded_types.reserve(dex_files_unloaded.size());
309 for (const DexFile* dex_file : dex_files_unloaded) {
310 unloaded_types.push_back(TypeIndexInfo(dex_file));
311 }
312
313 // Populate the queue of dex file and class pairs with the loaded and unloaded dex files.
314 std::priority_queue<DexFileAndClassPair> queue;
315 for (size_t i = 0; i < dex_files_loaded.size(); ++i) {
316 if (loaded_types[i].GetIterator() != loaded_types[i].GetIteratorEnd()) {
317 queue.emplace(dex_files_loaded[i], &loaded_types[i], /*from_loaded_oat=*/true);
318 }
319 }
320 for (size_t i = 0; i < dex_files_unloaded.size(); ++i) {
321 if (unloaded_types[i].GetIterator() != unloaded_types[i].GetIteratorEnd()) {
322 queue.emplace(dex_files_unloaded[i], &unloaded_types[i], /*from_loaded_oat=*/false);
323 }
324 }
325
326 // Now drain the queue.
327 bool has_duplicates = false;
328 error_msg->clear();
329 while (!queue.empty()) {
330 // Modifying the top element is only safe if we pop right after.
331 DexFileAndClassPair compare_pop(queue.top());
332 queue.pop();
333
334 // Compare against the following elements.
335 while (!queue.empty()) {
336 DexFileAndClassPair top(queue.top());
337 if (strcmp(compare_pop.GetCachedDescriptor(), top.GetCachedDescriptor()) == 0) {
338 // Same descriptor. Check whether it's crossing old-oat-files to new-oat-files.
339 if (compare_pop.FromLoadedOat() != top.FromLoadedOat()) {
340 error_msg->append(
341 StringPrintf("Found duplicated class when checking oat files: '%s' in %s and %s\n",
342 compare_pop.GetCachedDescriptor(),
343 compare_pop.GetDexFile()->GetLocation().c_str(),
344 top.GetDexFile()->GetLocation().c_str()));
345 if (!VLOG_IS_ON(oat)) {
346 return true;
347 }
348 has_duplicates = true;
349 }
350 queue.pop();
351 AddNext(top, queue);
352 } else {
353 // Something else. Done here.
354 break;
355 }
356 }
357 AddNext(compare_pop, queue);
358 }
359
360 return has_duplicates;
361 }
362
363 // Check for class-def collisions in dex files.
364 //
365 // This first walks the class loader chain present in the given context, getting all the dex files
366 // from the class loader.
367 //
368 // If the context is null (which means the initial class loader was null or unsupported)
369 // this returns false. b/37777332.
370 //
371 // This first checks whether all class loaders in the context have the same type and
372 // classpath. If so, we exit early. Otherwise, we do the collision check.
373 //
374 // The collision check works by maintaining a heap with one class from each dex file, sorted by the
375 // class descriptor. Then a dex-file/class pair is continually removed from the heap and compared
376 // against the following top element. If the descriptor is the same, it is now checked whether
377 // the two elements agree on whether their dex file was from an already-loaded oat-file or the
378 // new oat file. Any disagreement indicates a collision.
CheckCollision(const OatFile * oat_file,const ClassLoaderContext * context,std::string * error_msg) const379 OatFileManager::CheckCollisionResult OatFileManager::CheckCollision(
380 const OatFile* oat_file,
381 const ClassLoaderContext* context,
382 /*out*/ std::string* error_msg) const {
383 DCHECK(oat_file != nullptr);
384 DCHECK(error_msg != nullptr);
385
386 // The context might be null if there are unrecognized class loaders in the chain or they
387 // don't meet sensible sanity conditions. In this case we assume that the app knows what it's
388 // doing and accept the oat file.
389 // Note that this has correctness implications as we cannot guarantee that the class resolution
390 // used during compilation is OK (b/37777332).
391 if (context == nullptr) {
392 LOG(WARNING) << "Skipping duplicate class check due to unsupported classloader";
393 return CheckCollisionResult::kSkippedUnsupportedClassLoader;
394 }
395
396 // If the oat file loading context matches the context used during compilation then we accept
397 // the oat file without addition checks
398 ClassLoaderContext::VerificationResult result = context->VerifyClassLoaderContextMatch(
399 oat_file->GetClassLoaderContext(),
400 /*verify_names=*/ true,
401 /*verify_checksums=*/ true);
402 switch (result) {
403 case ClassLoaderContext::VerificationResult::kForcedToSkipChecks:
404 return CheckCollisionResult::kSkippedClassLoaderContextSharedLibrary;
405 case ClassLoaderContext::VerificationResult::kMismatch:
406 // Mismatched context, do the actual collision check.
407 break;
408 case ClassLoaderContext::VerificationResult::kVerifies:
409 return CheckCollisionResult::kNoCollisions;
410 }
411
412 // The class loader context does not match. Perform a full duplicate classes check.
413 return CheckClassCollision(oat_file, context, error_msg)
414 ? CheckCollisionResult::kPerformedHasCollisions : CheckCollisionResult::kNoCollisions;
415 }
416
AcceptOatFile(CheckCollisionResult result) const417 bool OatFileManager::AcceptOatFile(CheckCollisionResult result) const {
418 // Take the file only if it has no collisions, or we must take it because of preopting.
419 // Also accept oat files for shared libraries and unsupported class loaders.
420 return result != CheckCollisionResult::kPerformedHasCollisions;
421 }
422
ShouldLoadAppImage(CheckCollisionResult check_collision_result,const OatFile * source_oat_file,ClassLoaderContext * context,std::string * error_msg)423 bool OatFileManager::ShouldLoadAppImage(CheckCollisionResult check_collision_result,
424 const OatFile* source_oat_file,
425 ClassLoaderContext* context,
426 std::string* error_msg) {
427 Runtime* const runtime = Runtime::Current();
428 if (kEnableAppImage && (!runtime->IsJavaDebuggable() || source_oat_file->IsDebuggable())) {
429 // If we verified the class loader context (skipping due to the special marker doesn't
430 // count), then also avoid the collision check.
431 bool load_image = check_collision_result == CheckCollisionResult::kNoCollisions;
432 // If we skipped the collision check, we need to reverify to be sure its OK to load the
433 // image.
434 if (!load_image &&
435 check_collision_result ==
436 CheckCollisionResult::kSkippedClassLoaderContextSharedLibrary) {
437 // We can load the app image only if there are no collisions. If we know the
438 // class loader but didn't do the full collision check in HasCollisions(),
439 // do it now. b/77342775
440 load_image = !CheckClassCollision(source_oat_file, context, error_msg);
441 }
442 return load_image;
443 }
444 return false;
445 }
446
OpenDexFilesFromOat(const char * dex_location,jobject class_loader,jobjectArray dex_elements,const OatFile ** out_oat_file,std::vector<std::string> * error_msgs)447 std::vector<std::unique_ptr<const DexFile>> OatFileManager::OpenDexFilesFromOat(
448 const char* dex_location,
449 jobject class_loader,
450 jobjectArray dex_elements,
451 const OatFile** out_oat_file,
452 std::vector<std::string>* error_msgs) {
453 ScopedTrace trace(__FUNCTION__);
454 CHECK(dex_location != nullptr);
455 CHECK(error_msgs != nullptr);
456
457 // Verify we aren't holding the mutator lock, which could starve GC if we
458 // have to generate or relocate an oat file.
459 Thread* const self = Thread::Current();
460 Locks::mutator_lock_->AssertNotHeld(self);
461 Runtime* const runtime = Runtime::Current();
462
463 std::unique_ptr<ClassLoaderContext> context;
464 // If the class_loader is null there's not much we can do. This happens if a dex files is loaded
465 // directly with DexFile APIs instead of using class loaders.
466 if (class_loader == nullptr) {
467 LOG(WARNING) << "Opening an oat file without a class loader. "
468 << "Are you using the deprecated DexFile APIs?";
469 context = nullptr;
470 } else {
471 context = ClassLoaderContext::CreateContextForClassLoader(class_loader, dex_elements);
472 }
473
474 OatFileAssistant oat_file_assistant(dex_location,
475 kRuntimeISA,
476 !runtime->IsAotCompiler(),
477 only_use_system_oat_files_);
478
479 // Get the oat file on disk.
480 std::unique_ptr<const OatFile> oat_file(oat_file_assistant.GetBestOatFile().release());
481 VLOG(oat) << "OatFileAssistant(" << dex_location << ").GetBestOatFile()="
482 << reinterpret_cast<uintptr_t>(oat_file.get())
483 << " (executable=" << (oat_file != nullptr ? oat_file->IsExecutable() : false) << ")";
484
485 const OatFile* source_oat_file = nullptr;
486 CheckCollisionResult check_collision_result = CheckCollisionResult::kPerformedHasCollisions;
487 std::string error_msg;
488 if ((class_loader != nullptr || dex_elements != nullptr) && oat_file != nullptr) {
489 // Prevent oat files from being loaded if no class_loader or dex_elements are provided.
490 // This can happen when the deprecated DexFile.<init>(String) is called directly, and it
491 // could load oat files without checking the classpath, which would be incorrect.
492 // Take the file only if it has no collisions, or we must take it because of preopting.
493 check_collision_result = CheckCollision(oat_file.get(), context.get(), /*out*/ &error_msg);
494 bool accept_oat_file = AcceptOatFile(check_collision_result);
495 if (!accept_oat_file) {
496 // Failed the collision check. Print warning.
497 if (runtime->IsDexFileFallbackEnabled()) {
498 if (!oat_file_assistant.HasOriginalDexFiles()) {
499 // We need to fallback but don't have original dex files. We have to
500 // fallback to opening the existing oat file. This is potentially
501 // unsafe so we warn about it.
502 accept_oat_file = true;
503
504 LOG(WARNING) << "Dex location " << dex_location << " does not seem to include dex file. "
505 << "Allow oat file use. This is potentially dangerous.";
506 } else {
507 // We have to fallback and found original dex files - extract them from an APK.
508 // Also warn about this operation because it's potentially wasteful.
509 LOG(WARNING) << "Found duplicate classes, falling back to extracting from APK : "
510 << dex_location;
511 LOG(WARNING) << "NOTE: This wastes RAM and hurts startup performance.";
512 }
513 } else {
514 // TODO: We should remove this. The fact that we're here implies -Xno-dex-file-fallback
515 // was set, which means that we should never fallback. If we don't have original dex
516 // files, we should just fail resolution as the flag intended.
517 if (!oat_file_assistant.HasOriginalDexFiles()) {
518 accept_oat_file = true;
519 }
520
521 LOG(WARNING) << "Found duplicate classes, dex-file-fallback disabled, will be failing to "
522 " load classes for " << dex_location;
523 }
524
525 LOG(WARNING) << error_msg;
526 }
527
528 if (accept_oat_file) {
529 VLOG(class_linker) << "Registering " << oat_file->GetLocation();
530 source_oat_file = RegisterOatFile(std::move(oat_file));
531 *out_oat_file = source_oat_file;
532 }
533 }
534
535 std::vector<std::unique_ptr<const DexFile>> dex_files;
536
537 // Load the dex files from the oat file.
538 if (source_oat_file != nullptr) {
539 bool added_image_space = false;
540 if (source_oat_file->IsExecutable()) {
541 ScopedTrace app_image_timing("AppImage:Loading");
542
543 // We need to throw away the image space if we are debuggable but the oat-file source of the
544 // image is not otherwise we might get classes with inlined methods or other such things.
545 std::unique_ptr<gc::space::ImageSpace> image_space;
546 if (ShouldLoadAppImage(check_collision_result,
547 source_oat_file,
548 context.get(),
549 &error_msg)) {
550 image_space = oat_file_assistant.OpenImageSpace(source_oat_file);
551 }
552 if (image_space != nullptr) {
553 ScopedObjectAccess soa(self);
554 StackHandleScope<1> hs(self);
555 Handle<mirror::ClassLoader> h_loader(
556 hs.NewHandle(soa.Decode<mirror::ClassLoader>(class_loader)));
557 // Can not load app image without class loader.
558 if (h_loader != nullptr) {
559 std::string temp_error_msg;
560 // Add image space has a race condition since other threads could be reading from the
561 // spaces array.
562 {
563 ScopedThreadSuspension sts(self, kSuspended);
564 gc::ScopedGCCriticalSection gcs(self,
565 gc::kGcCauseAddRemoveAppImageSpace,
566 gc::kCollectorTypeAddRemoveAppImageSpace);
567 ScopedSuspendAll ssa("Add image space");
568 runtime->GetHeap()->AddSpace(image_space.get());
569 }
570 {
571 ScopedTrace trace2(StringPrintf("Adding image space for location %s", dex_location));
572 added_image_space = runtime->GetClassLinker()->AddImageSpace(image_space.get(),
573 h_loader,
574 dex_elements,
575 dex_location,
576 /*out*/&dex_files,
577 /*out*/&temp_error_msg);
578 }
579 if (added_image_space) {
580 // Successfully added image space to heap, release the map so that it does not get
581 // freed.
582 image_space.release(); // NOLINT b/117926937
583
584 // Register for tracking.
585 for (const auto& dex_file : dex_files) {
586 dex::tracking::RegisterDexFile(dex_file.get());
587 }
588 } else {
589 LOG(INFO) << "Failed to add image file " << temp_error_msg;
590 dex_files.clear();
591 {
592 ScopedThreadSuspension sts(self, kSuspended);
593 gc::ScopedGCCriticalSection gcs(self,
594 gc::kGcCauseAddRemoveAppImageSpace,
595 gc::kCollectorTypeAddRemoveAppImageSpace);
596 ScopedSuspendAll ssa("Remove image space");
597 runtime->GetHeap()->RemoveSpace(image_space.get());
598 }
599 // Non-fatal, don't update error_msg.
600 }
601 }
602 }
603 }
604 if (!added_image_space) {
605 DCHECK(dex_files.empty());
606 dex_files = oat_file_assistant.LoadDexFiles(*source_oat_file, dex_location);
607
608 // Register for tracking.
609 for (const auto& dex_file : dex_files) {
610 dex::tracking::RegisterDexFile(dex_file.get());
611 }
612 }
613 if (dex_files.empty()) {
614 error_msgs->push_back("Failed to open dex files from " + source_oat_file->GetLocation());
615 } else {
616 // Opened dex files from an oat file, madvise them to their loaded state.
617 for (const std::unique_ptr<const DexFile>& dex_file : dex_files) {
618 OatDexFile::MadviseDexFile(*dex_file, MadviseState::kMadviseStateAtLoad);
619 }
620 }
621 }
622
623 // Fall back to running out of the original dex file if we couldn't load any
624 // dex_files from the oat file.
625 if (dex_files.empty()) {
626 if (oat_file_assistant.HasOriginalDexFiles()) {
627 if (Runtime::Current()->IsDexFileFallbackEnabled()) {
628 static constexpr bool kVerifyChecksum = true;
629 const ArtDexFileLoader dex_file_loader;
630 if (!dex_file_loader.Open(dex_location,
631 dex_location,
632 Runtime::Current()->IsVerificationEnabled(),
633 kVerifyChecksum,
634 /*out*/ &error_msg,
635 &dex_files)) {
636 LOG(WARNING) << error_msg;
637 error_msgs->push_back("Failed to open dex files from " + std::string(dex_location)
638 + " because: " + error_msg);
639 }
640 } else {
641 error_msgs->push_back("Fallback mode disabled, skipping dex files.");
642 }
643 } else {
644 error_msgs->push_back("No original dex files found for dex location "
645 + std::string(dex_location));
646 }
647 }
648
649 if (Runtime::Current()->GetJit() != nullptr) {
650 ScopedObjectAccess soa(self);
651 Runtime::Current()->GetJit()->RegisterDexFiles(
652 dex_files, soa.Decode<mirror::ClassLoader>(class_loader));
653 }
654
655 return dex_files;
656 }
657
GetDexFileHeaders(const std::vector<MemMap> & maps)658 static std::vector<const DexFile::Header*> GetDexFileHeaders(const std::vector<MemMap>& maps) {
659 std::vector<const DexFile::Header*> headers;
660 headers.reserve(maps.size());
661 for (const MemMap& map : maps) {
662 DCHECK(map.IsValid());
663 headers.push_back(reinterpret_cast<const DexFile::Header*>(map.Begin()));
664 }
665 return headers;
666 }
667
GetDexFileHeaders(const std::vector<const DexFile * > & dex_files)668 static std::vector<const DexFile::Header*> GetDexFileHeaders(
669 const std::vector<const DexFile*>& dex_files) {
670 std::vector<const DexFile::Header*> headers;
671 headers.reserve(dex_files.size());
672 for (const DexFile* dex_file : dex_files) {
673 headers.push_back(&dex_file->GetHeader());
674 }
675 return headers;
676 }
677
OpenDexFilesFromOat(std::vector<MemMap> && dex_mem_maps,jobject class_loader,jobjectArray dex_elements,const OatFile ** out_oat_file,std::vector<std::string> * error_msgs)678 std::vector<std::unique_ptr<const DexFile>> OatFileManager::OpenDexFilesFromOat(
679 std::vector<MemMap>&& dex_mem_maps,
680 jobject class_loader,
681 jobjectArray dex_elements,
682 const OatFile** out_oat_file,
683 std::vector<std::string>* error_msgs) {
684 std::vector<std::unique_ptr<const DexFile>> dex_files = OpenDexFilesFromOat_Impl(
685 std::move(dex_mem_maps),
686 class_loader,
687 dex_elements,
688 out_oat_file,
689 error_msgs);
690
691 if (error_msgs->empty()) {
692 // Remove write permission from DexFile pages. We do this at the end because
693 // OatFile assigns OatDexFile pointer in the DexFile objects.
694 for (std::unique_ptr<const DexFile>& dex_file : dex_files) {
695 if (!dex_file->DisableWrite()) {
696 error_msgs->push_back("Failed to make dex file " + dex_file->GetLocation() + " read-only");
697 }
698 }
699 }
700
701 if (!error_msgs->empty()) {
702 return std::vector<std::unique_ptr<const DexFile>>();
703 }
704
705 return dex_files;
706 }
707
OpenDexFilesFromOat_Impl(std::vector<MemMap> && dex_mem_maps,jobject class_loader,jobjectArray dex_elements,const OatFile ** out_oat_file,std::vector<std::string> * error_msgs)708 std::vector<std::unique_ptr<const DexFile>> OatFileManager::OpenDexFilesFromOat_Impl(
709 std::vector<MemMap>&& dex_mem_maps,
710 jobject class_loader,
711 jobjectArray dex_elements,
712 const OatFile** out_oat_file,
713 std::vector<std::string>* error_msgs) {
714 ScopedTrace trace(__FUNCTION__);
715 std::string error_msg;
716 DCHECK(error_msgs != nullptr);
717
718 // Extract dex file headers from `dex_mem_maps`.
719 const std::vector<const DexFile::Header*> dex_headers = GetDexFileHeaders(dex_mem_maps);
720
721 // Determine dex/vdex locations and the combined location checksum.
722 uint32_t location_checksum;
723 std::string dex_location;
724 std::string vdex_path;
725 bool has_vdex = OatFileAssistant::AnonymousDexVdexLocation(dex_headers,
726 kRuntimeISA,
727 &location_checksum,
728 &dex_location,
729 &vdex_path);
730
731 // Attempt to open an existing vdex and check dex file checksums match.
732 std::unique_ptr<VdexFile> vdex_file = nullptr;
733 if (has_vdex && OS::FileExists(vdex_path.c_str())) {
734 vdex_file = VdexFile::Open(vdex_path,
735 /* writable= */ false,
736 /* low_4gb= */ false,
737 /* unquicken= */ false,
738 &error_msg);
739 if (vdex_file == nullptr) {
740 LOG(WARNING) << "Failed to open vdex " << vdex_path << ": " << error_msg;
741 } else if (!vdex_file->MatchesDexFileChecksums(dex_headers)) {
742 LOG(WARNING) << "Failed to open vdex " << vdex_path << ": dex file checksum mismatch";
743 vdex_file.reset(nullptr);
744 }
745 }
746
747 // Load dex files. Skip structural dex file verification if vdex was found
748 // and dex checksums matched.
749 std::vector<std::unique_ptr<const DexFile>> dex_files;
750 for (size_t i = 0; i < dex_mem_maps.size(); ++i) {
751 static constexpr bool kVerifyChecksum = true;
752 const ArtDexFileLoader dex_file_loader;
753 std::unique_ptr<const DexFile> dex_file(dex_file_loader.Open(
754 DexFileLoader::GetMultiDexLocation(i, dex_location.c_str()),
755 location_checksum,
756 std::move(dex_mem_maps[i]),
757 /* verify= */ (vdex_file == nullptr) && Runtime::Current()->IsVerificationEnabled(),
758 kVerifyChecksum,
759 &error_msg));
760 if (dex_file != nullptr) {
761 dex::tracking::RegisterDexFile(dex_file.get()); // Register for tracking.
762 dex_files.push_back(std::move(dex_file));
763 } else {
764 error_msgs->push_back("Failed to open dex files from memory: " + error_msg);
765 }
766 }
767
768 // Check if we should proceed to creating an OatFile instance backed by the vdex.
769 // We need: (a) an existing vdex, (b) class loader (can be null if invoked via reflection),
770 // and (c) no errors during dex file loading.
771 if (vdex_file == nullptr || class_loader == nullptr || !error_msgs->empty()) {
772 return dex_files;
773 }
774
775 // Attempt to create a class loader context, check OpenDexFiles succeeds (prerequisite
776 // for using the context later).
777 std::unique_ptr<ClassLoaderContext> context = ClassLoaderContext::CreateContextForClassLoader(
778 class_loader,
779 dex_elements);
780 if (context == nullptr) {
781 LOG(ERROR) << "Could not create class loader context for " << vdex_path;
782 return dex_files;
783 }
784 DCHECK(context->OpenDexFiles(kRuntimeISA, ""))
785 << "Context created from already opened dex files should not attempt to open again";
786
787 // Check that we can use the vdex against this boot class path and in this class loader context.
788 // Note 1: We do not need a class loader collision check because there is no compiled code.
789 // Note 2: If these checks fail, we cannot fast-verify because the vdex does not contain
790 // full VerifierDeps.
791 if (!vdex_file->MatchesBootClassPathChecksums() ||
792 !vdex_file->MatchesClassLoaderContext(*context.get())) {
793 return dex_files;
794 }
795
796 // Initialize an OatFile instance backed by the loaded vdex.
797 std::unique_ptr<OatFile> oat_file(OatFile::OpenFromVdex(MakeNonOwningPointerVector(dex_files),
798 std::move(vdex_file),
799 dex_location));
800 DCHECK(oat_file != nullptr);
801 VLOG(class_linker) << "Registering " << oat_file->GetLocation();
802 *out_oat_file = RegisterOatFile(std::move(oat_file));
803 return dex_files;
804 }
805
806 // Check how many vdex files exist in the same directory as the vdex file we are about
807 // to write. If more than or equal to kAnonymousVdexCacheSize, unlink the least
808 // recently used one(s) (according to stat-reported atime).
UnlinkLeastRecentlyUsedVdexIfNeeded(const std::string & vdex_path_to_add,std::string * error_msg)809 static bool UnlinkLeastRecentlyUsedVdexIfNeeded(const std::string& vdex_path_to_add,
810 std::string* error_msg) {
811 if (OS::FileExists(vdex_path_to_add.c_str())) {
812 // File already exists and will be overwritten.
813 // This will not change the number of entries in the cache.
814 return true;
815 }
816
817 auto last_slash = vdex_path_to_add.rfind('/');
818 CHECK(last_slash != std::string::npos);
819 std::string vdex_dir = vdex_path_to_add.substr(0, last_slash + 1);
820
821 if (!OS::DirectoryExists(vdex_dir.c_str())) {
822 // Folder does not exist yet. Cache has zero entries.
823 return true;
824 }
825
826 std::vector<std::pair<time_t, std::string>> cache;
827
828 DIR* c_dir = opendir(vdex_dir.c_str());
829 if (c_dir == nullptr) {
830 *error_msg = "Unable to open " + vdex_dir + " to delete unused vdex files";
831 return false;
832 }
833 for (struct dirent* de = readdir(c_dir); de != nullptr; de = readdir(c_dir)) {
834 if (de->d_type != DT_REG) {
835 continue;
836 }
837 std::string basename = de->d_name;
838 if (!OatFileAssistant::IsAnonymousVdexBasename(basename)) {
839 continue;
840 }
841 std::string fullname = vdex_dir + basename;
842
843 struct stat s;
844 int rc = TEMP_FAILURE_RETRY(stat(fullname.c_str(), &s));
845 if (rc == -1) {
846 *error_msg = "Failed to stat() anonymous vdex file " + fullname;
847 return false;
848 }
849
850 cache.push_back(std::make_pair(s.st_atime, fullname));
851 }
852 CHECK_EQ(0, closedir(c_dir)) << "Unable to close directory.";
853
854 if (cache.size() < OatFileManager::kAnonymousVdexCacheSize) {
855 return true;
856 }
857
858 std::sort(cache.begin(),
859 cache.end(),
860 [](const auto& a, const auto& b) { return a.first < b.first; });
861 for (size_t i = OatFileManager::kAnonymousVdexCacheSize - 1; i < cache.size(); ++i) {
862 if (unlink(cache[i].second.c_str()) != 0) {
863 *error_msg = "Could not unlink anonymous vdex file " + cache[i].second;
864 return false;
865 }
866 }
867
868 return true;
869 }
870
871 class BackgroundVerificationTask final : public Task {
872 public:
BackgroundVerificationTask(const std::vector<const DexFile * > & dex_files,jobject class_loader,const char * class_loader_context,const std::string & vdex_path)873 BackgroundVerificationTask(const std::vector<const DexFile*>& dex_files,
874 jobject class_loader,
875 const char* class_loader_context,
876 const std::string& vdex_path)
877 : dex_files_(dex_files),
878 class_loader_context_(class_loader_context),
879 vdex_path_(vdex_path) {
880 Thread* const self = Thread::Current();
881 ScopedObjectAccess soa(self);
882 // Create a global ref for `class_loader` because it will be accessed from a different thread.
883 class_loader_ = soa.Vm()->AddGlobalRef(self, soa.Decode<mirror::ClassLoader>(class_loader));
884 CHECK(class_loader_ != nullptr);
885 }
886
~BackgroundVerificationTask()887 ~BackgroundVerificationTask() {
888 Thread* const self = Thread::Current();
889 ScopedObjectAccess soa(self);
890 soa.Vm()->DeleteGlobalRef(self, class_loader_);
891 }
892
Run(Thread * self)893 void Run(Thread* self) override {
894 std::string error_msg;
895 ClassLinker* const class_linker = Runtime::Current()->GetClassLinker();
896 verifier::VerifierDeps verifier_deps(dex_files_);
897
898 // Iterate over all classes and verify them.
899 for (const DexFile* dex_file : dex_files_) {
900 for (uint32_t cdef_idx = 0; cdef_idx < dex_file->NumClassDefs(); cdef_idx++) {
901 const dex::ClassDef& class_def = dex_file->GetClassDef(cdef_idx);
902
903 // Take handles inside the loop. The background verification is low priority
904 // and we want to minimize the risk of blocking anyone else.
905 ScopedObjectAccess soa(self);
906 StackHandleScope<2> hs(self);
907 Handle<mirror::ClassLoader> h_loader(hs.NewHandle(
908 soa.Decode<mirror::ClassLoader>(class_loader_)));
909 Handle<mirror::Class> h_class(hs.NewHandle<mirror::Class>(class_linker->FindClass(
910 self,
911 dex_file->GetClassDescriptor(class_def),
912 h_loader)));
913
914 if (h_class == nullptr) {
915 CHECK(self->IsExceptionPending());
916 self->ClearException();
917 continue;
918 }
919
920 if (&h_class->GetDexFile() != dex_file) {
921 // There is a different class in the class path or a parent class loader
922 // with the same descriptor. This `h_class` is not resolvable, skip it.
923 continue;
924 }
925
926 CHECK(h_class->IsResolved()) << h_class->PrettyDescriptor();
927 class_linker->VerifyClass(self, h_class);
928 if (h_class->IsErroneous()) {
929 // ClassLinker::VerifyClass throws, which isn't useful here.
930 CHECK(soa.Self()->IsExceptionPending());
931 soa.Self()->ClearException();
932 }
933
934 CHECK(h_class->IsVerified() || h_class->IsErroneous())
935 << h_class->PrettyDescriptor() << ": state=" << h_class->GetStatus();
936
937 if (h_class->IsVerified()) {
938 verifier_deps.RecordClassVerified(*dex_file, class_def);
939 }
940 }
941 }
942
943 // Delete old vdex files if there are too many in the folder.
944 if (!UnlinkLeastRecentlyUsedVdexIfNeeded(vdex_path_, &error_msg)) {
945 LOG(ERROR) << "Could not unlink old vdex files " << vdex_path_ << ": " << error_msg;
946 return;
947 }
948
949 // Construct a vdex file and write `verifier_deps` into it.
950 if (!VdexFile::WriteToDisk(vdex_path_,
951 dex_files_,
952 verifier_deps,
953 class_loader_context_,
954 &error_msg)) {
955 LOG(ERROR) << "Could not write anonymous vdex " << vdex_path_ << ": " << error_msg;
956 return;
957 }
958 }
959
Finalize()960 void Finalize() override {
961 delete this;
962 }
963
964 private:
965 const std::vector<const DexFile*> dex_files_;
966 jobject class_loader_;
967 const std::string class_loader_context_;
968 const std::string vdex_path_;
969
970 DISALLOW_COPY_AND_ASSIGN(BackgroundVerificationTask);
971 };
972
RunBackgroundVerification(const std::vector<const DexFile * > & dex_files,jobject class_loader,const char * class_loader_context)973 void OatFileManager::RunBackgroundVerification(const std::vector<const DexFile*>& dex_files,
974 jobject class_loader,
975 const char* class_loader_context) {
976 Runtime* const runtime = Runtime::Current();
977 Thread* const self = Thread::Current();
978
979 if (runtime->IsJavaDebuggable()) {
980 // Threads created by ThreadPool ("runtime threads") are not allowed to load
981 // classes when debuggable to match class-initialization semantics
982 // expectations. Do not verify in the background.
983 return;
984 }
985
986 if (!IsSdkVersionSetAndAtLeast(runtime->GetTargetSdkVersion(), SdkVersion::kQ)) {
987 // Do not run for legacy apps as they may depend on the previous class loader behaviour.
988 return;
989 }
990
991 if (runtime->IsShuttingDown(self)) {
992 // Not allowed to create new threads during runtime shutdown.
993 return;
994 }
995
996 uint32_t location_checksum;
997 std::string dex_location;
998 std::string vdex_path;
999 if (OatFileAssistant::AnonymousDexVdexLocation(GetDexFileHeaders(dex_files),
1000 kRuntimeISA,
1001 &location_checksum,
1002 &dex_location,
1003 &vdex_path)) {
1004 if (verification_thread_pool_ == nullptr) {
1005 verification_thread_pool_.reset(
1006 new ThreadPool("Verification thread pool", /* num_threads= */ 1));
1007 verification_thread_pool_->StartWorkers(self);
1008 }
1009 verification_thread_pool_->AddTask(self, new BackgroundVerificationTask(
1010 dex_files,
1011 class_loader,
1012 class_loader_context,
1013 vdex_path));
1014 }
1015 }
1016
WaitForWorkersToBeCreated()1017 void OatFileManager::WaitForWorkersToBeCreated() {
1018 DCHECK(!Runtime::Current()->IsShuttingDown(Thread::Current()))
1019 << "Cannot create new threads during runtime shutdown";
1020 if (verification_thread_pool_ != nullptr) {
1021 verification_thread_pool_->WaitForWorkersToBeCreated();
1022 }
1023 }
1024
DeleteThreadPool()1025 void OatFileManager::DeleteThreadPool() {
1026 verification_thread_pool_.reset(nullptr);
1027 }
1028
WaitForBackgroundVerificationTasks()1029 void OatFileManager::WaitForBackgroundVerificationTasks() {
1030 if (verification_thread_pool_ != nullptr) {
1031 Thread* const self = Thread::Current();
1032 verification_thread_pool_->WaitForWorkersToBeCreated();
1033 verification_thread_pool_->Wait(self, /* do_work= */ true, /* may_hold_locks= */ false);
1034 }
1035 }
1036
SetOnlyUseSystemOatFiles(bool enforce,bool assert_no_files_loaded)1037 void OatFileManager::SetOnlyUseSystemOatFiles(bool enforce, bool assert_no_files_loaded) {
1038 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
1039 if (!only_use_system_oat_files_ && enforce && assert_no_files_loaded) {
1040 // Make sure all files that were loaded up to this point are on /system. Skip the image
1041 // files.
1042 std::vector<const OatFile*> boot_vector = GetBootOatFiles();
1043 std::unordered_set<const OatFile*> boot_set(boot_vector.begin(), boot_vector.end());
1044
1045 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
1046 if (boot_set.find(oat_file.get()) == boot_set.end()) {
1047 CHECK(LocationIsOnSystem(oat_file->GetLocation().c_str())) << oat_file->GetLocation();
1048 }
1049 }
1050 }
1051 only_use_system_oat_files_ = enforce;
1052 }
1053
DumpForSigQuit(std::ostream & os)1054 void OatFileManager::DumpForSigQuit(std::ostream& os) {
1055 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
1056 std::vector<const OatFile*> boot_oat_files = GetBootOatFiles();
1057 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
1058 if (ContainsElement(boot_oat_files, oat_file.get())) {
1059 continue;
1060 }
1061 os << oat_file->GetLocation() << ": " << oat_file->GetCompilerFilter() << "\n";
1062 }
1063 }
1064
1065 } // namespace art
1066