1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef ART_LIBARTBASE_BASE_HIDDENAPI_FLAGS_H_ 18 #define ART_LIBARTBASE_BASE_HIDDENAPI_FLAGS_H_ 19 20 #include "sdk_version.h" 21 22 #include <vector> 23 24 #include "android-base/logging.h" 25 #include "base/bit_utils.h" 26 #include "base/dumpable.h" 27 #include "base/macros.h" 28 #include "base/hiddenapi_stubs.h" 29 30 namespace art { 31 namespace hiddenapi { 32 33 // Helper methods used inside ApiList. These were moved outside of the ApiList 34 // class so that they can be used in static_asserts. If they were inside, they 35 // would be part of an unfinished type. 36 namespace helper { 37 // Casts enum value to uint32_t. 38 template<typename T> ToUint(T val)39 constexpr uint32_t ToUint(T val) { return static_cast<uint32_t>(val); } 40 41 // Returns uint32_t with one bit set at an index given by an enum value. 42 template<typename T> ToBit(T val)43 constexpr uint32_t ToBit(T val) { return 1u << ToUint(val); } 44 45 // Returns a bit mask with `size` least significant bits set. BitMask(uint32_t size)46 constexpr uint32_t BitMask(uint32_t size) { return (1u << size) - 1; } 47 48 // Returns a bit mask formed from an enum defining kMin and kMax. The values 49 // are assumed to be indices of min/max bits and the resulting bitmask has 50 // bits [kMin, kMax] set. 51 template<typename T> BitMask()52 constexpr uint32_t BitMask() { 53 return BitMask(ToUint(T::kMax) + 1) & (~BitMask(ToUint(T::kMin))); 54 } 55 56 // Returns true if `val` is a bitwise subset of `mask`. MatchesBitMask(uint32_t val,uint32_t mask)57 constexpr bool MatchesBitMask(uint32_t val, uint32_t mask) { return (val & mask) == val; } 58 59 // Returns true if the uint32_t value of `val` is a bitwise subset of `mask`. 60 template<typename T> MatchesBitMask(T val,uint32_t mask)61 constexpr bool MatchesBitMask(T val, uint32_t mask) { return MatchesBitMask(ToUint(val), mask); } 62 63 // Returns the number of values defined in an enum, assuming the enum defines 64 // kMin and kMax and no integer values are skipped between them. 65 template<typename T> NumValues()66 constexpr uint32_t NumValues() { return ToUint(T::kMax) - ToUint(T::kMin) + 1; } 67 68 // Returns enum value at position i from enum list. 69 template <typename T> GetEnumAt(uint32_t i)70 constexpr T GetEnumAt(uint32_t i) { 71 return static_cast<T>(ToUint(T::kMin) + i); 72 } 73 74 } // namespace helper 75 76 /* 77 * This class represents the information whether a field/method is in 78 * public API (whitelist) or if it isn't, apps targeting which SDK 79 * versions are allowed to access it. 80 */ 81 class ApiList { 82 private: 83 // Number of bits reserved for Value in dex flags, and the corresponding bit mask. 84 static constexpr uint32_t kValueBitSize = 4; 85 static constexpr uint32_t kValueBitMask = helper::BitMask(kValueBitSize); 86 87 enum class Value : uint32_t { 88 // Values independent of target SDK version of app 89 kSdk = 0, 90 kUnsupported = 1, 91 kBlocked = 2, 92 93 // Values dependent on target SDK version of app. Put these last as 94 // their list will be extended in future releases. 95 // The max release code implicitly includes all maintenance releases, 96 // e.g. MaxTargetO is accessible to targetSdkVersion <= 27 (O_MR1). 97 kMaxTargetO = 3, 98 kMaxTargetP = 4, 99 kMaxTargetQ = 5, 100 kMaxTargetR = 6, 101 102 // Special values 103 kInvalid = (static_cast<uint32_t>(-1) & kValueBitMask), 104 kMin = kSdk, 105 kMax = kMaxTargetR, 106 }; 107 108 // Additional bit flags after the first kValueBitSize bits in dex flags. 109 // These are used for domain-specific API. 110 enum class DomainApi : uint32_t { 111 kCorePlatformApi = kValueBitSize, 112 kTestApi = kValueBitSize + 1, 113 114 // Special values 115 kMin = kCorePlatformApi, 116 kMax = kTestApi, 117 }; 118 119 // Bit mask of all domain API flags. 120 static constexpr uint32_t kDomainApiBitMask = helper::BitMask<DomainApi>(); 121 122 // Check that Values fit in the designated number of bits. 123 static_assert(kValueBitSize >= MinimumBitsToStore(helper::ToUint(Value::kMax)), 124 "Not enough bits to store all ApiList values"); 125 126 // Checks that all Values are covered by kValueBitMask. 127 static_assert(helper::MatchesBitMask(Value::kMin, kValueBitMask)); 128 static_assert(helper::MatchesBitMask(Value::kMax, kValueBitMask)); 129 130 // Assert that Value::kInvalid is larger than the maximum Value. 131 static_assert(helper::ToUint(Value::kMax) < helper::ToUint(Value::kInvalid)); 132 133 // Names corresponding to Values. 134 static constexpr const char* kValueNames[] = { 135 "sdk", 136 "unsupported", 137 "blocked", 138 "max-target-o", 139 "max-target-p", 140 "max-target-q", 141 "max-target-r", 142 }; 143 144 // A magic marker used by tests to mimic a hiddenapi list which doesn't exist 145 // yet. 146 static constexpr const char* kFutureValueName = "max-target-future"; 147 148 // Names corresponding to DomainApis. 149 static constexpr const char* kDomainApiNames[] { 150 "core-platform-api", 151 "test-api", 152 }; 153 154 // Maximum SDK versions allowed to access ApiList of given Value. 155 static constexpr SdkVersion kMaxSdkVersions[] { 156 /* sdk */ SdkVersion::kMax, 157 /* unsupported */ SdkVersion::kMax, 158 /* blocklist */ SdkVersion::kMin, 159 /* max-target-o */ SdkVersion::kO_MR1, 160 /* max-target-p */ SdkVersion::kP, 161 /* max-target-q */ SdkVersion::kQ, 162 /* max-target-r */ SdkVersion::kR, 163 }; 164 165 explicit ApiList(Value val, uint32_t domain_apis = 0u) 166 : dex_flags_(helper::ToUint(val) | domain_apis) { 167 DCHECK(GetValue() == val); 168 DCHECK_EQ(GetDomainApis(), domain_apis); 169 } 170 ApiList(DomainApi val)171 explicit ApiList(DomainApi val) : ApiList(Value::kInvalid, helper::ToBit(val)) {} 172 GetValue()173 Value GetValue() const { 174 uint32_t value = (dex_flags_ & kValueBitMask); 175 176 // Treat all ones as invalid value 177 if (value == helper::ToUint(Value::kInvalid)) { 178 return Value::kInvalid; 179 } else if (value > helper::ToUint(Value::kMax)) { 180 // For future unknown flag values, return unsupported. 181 return Value::kUnsupported; 182 } else { 183 DCHECK_GE(value, helper::ToUint(Value::kMin)); 184 return static_cast<Value>(value); 185 } 186 } 187 GetDomainApis()188 uint32_t GetDomainApis() const { return (dex_flags_ & kDomainApiBitMask); } 189 190 uint32_t dex_flags_; 191 192 public: ApiList()193 ApiList() : ApiList(Value::kInvalid) {} 194 ApiList(uint32_t dex_flags)195 explicit ApiList(uint32_t dex_flags) : dex_flags_(dex_flags) { 196 DCHECK_EQ(dex_flags_, (dex_flags_ & kValueBitMask) | (dex_flags_ & kDomainApiBitMask)); 197 } 198 199 // Helpers for conveniently constructing ApiList instances. Sdk()200 static ApiList Sdk() { return ApiList(Value::kSdk); } Unsupported()201 static ApiList Unsupported() { return ApiList(Value::kUnsupported); } Blocked()202 static ApiList Blocked() { return ApiList(Value::kBlocked); } MaxTargetO()203 static ApiList MaxTargetO() { return ApiList(Value::kMaxTargetO); } MaxTargetP()204 static ApiList MaxTargetP() { return ApiList(Value::kMaxTargetP); } MaxTargetQ()205 static ApiList MaxTargetQ() { return ApiList(Value::kMaxTargetQ); } MaxTargetR()206 static ApiList MaxTargetR() { return ApiList(Value::kMaxTargetR); } CorePlatformApi()207 static ApiList CorePlatformApi() { return ApiList(DomainApi::kCorePlatformApi); } TestApi()208 static ApiList TestApi() { return ApiList(DomainApi::kTestApi); } 209 GetDexFlags()210 uint32_t GetDexFlags() const { return dex_flags_; } GetIntValue()211 uint32_t GetIntValue() const { return helper::ToUint(GetValue()) - helper::ToUint(Value::kMin); } 212 213 // Returns the ApiList with a flag of a given name, or an empty ApiList if not matched. FromName(const std::string & str)214 static ApiList FromName(const std::string& str) { 215 for (uint32_t i = 0; i < kValueCount; ++i) { 216 if (str == kValueNames[i]) { 217 return ApiList(helper::GetEnumAt<Value>(i)); 218 } 219 } 220 for (uint32_t i = 0; i < kDomainApiCount; ++i) { 221 if (str == kDomainApiNames[i]) { 222 return ApiList(helper::GetEnumAt<DomainApi>(i)); 223 } 224 } 225 if (str == kFutureValueName) { 226 static_assert(helper::ToUint(Value::kMax) + 1 < helper::ToUint(Value::kInvalid)); 227 return ApiList(helper::ToUint(Value::kMax) + 1); 228 } 229 return ApiList(); 230 } 231 232 // Parses a vector of flag names into a single ApiList value. If successful, 233 // returns true and assigns the new ApiList to `out_api_list`. FromNames(std::vector<std::string>::iterator begin,std::vector<std::string>::iterator end,ApiList * out_api_list)234 static bool FromNames(std::vector<std::string>::iterator begin, 235 std::vector<std::string>::iterator end, 236 /* out */ ApiList* out_api_list) { 237 ApiList api_list; 238 for (std::vector<std::string>::iterator it = begin; it != end; it++) { 239 ApiList current = FromName(*it); 240 if (current.IsEmpty() || !api_list.CanCombineWith(current)) { 241 if (ApiStubs::IsStubsFlag(*it)) { 242 // Ignore flags which correspond to the stubs from where the api 243 // originates (i.e. system-api, test-api, public-api), as they are not 244 // relevant at runtime 245 continue; 246 } 247 return false; 248 } 249 api_list |= current; 250 } 251 if (out_api_list != nullptr) { 252 *out_api_list = api_list; 253 } 254 return true; 255 } 256 257 // Clamp a max-target-* up to the given maxSdk; if the given api list is higher than 258 // maxSdk, return unsupported instead. CoerceAtMost(const std::string & name,const std::string & maxSdk)259 static std::string CoerceAtMost(const std::string& name, const std::string& maxSdk) { 260 const auto apiListToClamp = FromName(name); 261 // If the api list is a domain instead, return it unmodified. 262 if (!apiListToClamp.IsValid()) { 263 return name; 264 } 265 const auto maxApiList = FromName(maxSdk); 266 CHECK(maxApiList.IsValid()) << "invalid api list name " << maxSdk; 267 if (apiListToClamp > maxApiList) { 268 return kValueNames[Unsupported().GetIntValue()]; 269 } 270 return name; 271 } 272 273 bool operator==(const ApiList& other) const { return dex_flags_ == other.dex_flags_; } 274 bool operator!=(const ApiList& other) const { return !(*this == other); } 275 bool operator<(const ApiList& other) const { return dex_flags_ < other.dex_flags_; } 276 bool operator>(const ApiList& other) const { return dex_flags_ > other.dex_flags_; } 277 278 // Returns true if combining this ApiList with `other` will succeed. CanCombineWith(const ApiList & other)279 bool CanCombineWith(const ApiList& other) const { 280 const Value val1 = GetValue(); 281 const Value val2 = other.GetValue(); 282 return (val1 == val2) || (val1 == Value::kInvalid) || (val2 == Value::kInvalid); 283 } 284 285 // Combine two ApiList instances. 286 ApiList operator|(const ApiList& other) { 287 // DomainApis are not mutually exclusive. Simply OR them. 288 const uint32_t domain_apis = GetDomainApis() | other.GetDomainApis(); 289 290 // Values are mutually exclusive. Check if `this` and `other` have the same Value 291 // or if at most one is set. 292 const Value val1 = GetValue(); 293 const Value val2 = other.GetValue(); 294 if (val1 == val2) { 295 return ApiList(val1, domain_apis); 296 } else if (val1 == Value::kInvalid) { 297 return ApiList(val2, domain_apis); 298 } else if (val2 == Value::kInvalid) { 299 return ApiList(val1, domain_apis); 300 } else { 301 LOG(FATAL) << "Invalid combination of values " << Dumpable(ApiList(val1)) 302 << " and " << Dumpable(ApiList(val2)); 303 UNREACHABLE(); 304 } 305 } 306 307 const ApiList& operator|=(const ApiList& other) { 308 (*this) = (*this) | other; 309 return *this; 310 } 311 312 // Returns true if all flags set in `other` are also set in `this`. Contains(const ApiList & other)313 bool Contains(const ApiList& other) const { 314 return ((other.GetValue() == Value::kInvalid) || (GetValue() == other.GetValue())) && 315 helper::MatchesBitMask(other.GetDomainApis(), GetDomainApis()); 316 } 317 318 // Returns true whether the configuration is valid for runtime use. IsValid()319 bool IsValid() const { return GetValue() != Value::kInvalid; } 320 321 // Returns true when no ApiList is specified and no domain_api flags either. IsEmpty()322 bool IsEmpty() const { return (GetValue() == Value::kInvalid) && (GetDomainApis() == 0); } 323 324 // Returns true if the ApiList is on blocklist. IsBlocked()325 bool IsBlocked() const { 326 return GetValue() == Value::kBlocked; 327 } 328 329 // Returns true if the ApiList is a test API. IsTestApi()330 bool IsTestApi() const { 331 return helper::MatchesBitMask(helper::ToBit(DomainApi::kTestApi), dex_flags_); 332 } 333 334 // Returns the maximum target SDK version allowed to access this ApiList. GetMaxAllowedSdkVersion()335 SdkVersion GetMaxAllowedSdkVersion() const { return kMaxSdkVersions[GetIntValue()]; } 336 Dump(std::ostream & os)337 void Dump(std::ostream& os) const { 338 bool is_first = true; 339 340 if (IsEmpty()) { 341 os << "invalid"; 342 return; 343 } 344 345 if (GetValue() != Value::kInvalid) { 346 os << kValueNames[GetIntValue()]; 347 is_first = false; 348 } 349 350 const uint32_t domain_apis = GetDomainApis(); 351 for (uint32_t i = 0; i < kDomainApiCount; i++) { 352 if (helper::MatchesBitMask(helper::ToBit(helper::GetEnumAt<DomainApi>(i)), domain_apis)) { 353 if (is_first) { 354 is_first = false; 355 } else { 356 os << ","; 357 } 358 os << kDomainApiNames[i]; 359 } 360 } 361 362 DCHECK_EQ(IsEmpty(), is_first); 363 } 364 365 // Number of valid enum values in Value. 366 static constexpr uint32_t kValueCount = helper::NumValues<Value>(); 367 // Number of valid enum values in DomainApi. 368 static constexpr uint32_t kDomainApiCount = helper::NumValues<DomainApi>(); 369 // Total number of possible enum values, including invalid, in Value. 370 static constexpr uint32_t kValueSize = (1u << kValueBitSize) + 1; 371 372 // Check min and max values are calculated correctly. 373 static_assert(Value::kMin == helper::GetEnumAt<Value>(0)); 374 static_assert(Value::kMax == helper::GetEnumAt<Value>(kValueCount - 1)); 375 376 static_assert(DomainApi::kMin == helper::GetEnumAt<DomainApi>(0)); 377 static_assert(DomainApi::kMax == helper::GetEnumAt<DomainApi>(kDomainApiCount - 1)); 378 }; 379 380 inline std::ostream& operator<<(std::ostream& os, ApiList value) { 381 value.Dump(os); 382 return os; 383 } 384 385 } // namespace hiddenapi 386 } // namespace art 387 388 389 #endif // ART_LIBARTBASE_BASE_HIDDENAPI_FLAGS_H_ 390