diff options
author | Cody Northrop <cnorthrop@google.com> | 2022-11-01 13:54:57 -0600 |
---|---|---|
committer | Alessandra Loro <aloro@google.com> | 2022-12-02 15:22:24 +0000 |
commit | 383832ff5b2390f3dcd44592db071d504268787d (patch) | |
tree | 7f23d864663b8fe297f28ca8569df867b036020b | |
parent | 1e2b1b5c06d2409a17fd4df4fa31434fb58b8ea1 (diff) | |
download | native-383832ff5b2390f3dcd44592db071d504268787d.tar.gz |
GraphicsEnv: Fix isDebuggable
Update the logic used in GraphicsEnv to decide whether shared objects
can be inserted into the process. This is used by Vulkan layers,
GLES layers, and ANGLE when deciding whether libraries from outside
packages can be used.
The new logic doesn't just use PR_GET_DUMPABLE which is no longer set
by default in platform debug builds. It also incorporates
ANDROID_DEBUGGABLE, which is defined when `debuggable` is true in
Android.bp. This happens for eng or userdebug builds of the platform.
The use of `debuggable` is the replacement for reading ro.debuggable
which can no longer be read at runtime (see b/193912100).
Tested with:
export APP_PACKAGE=<app from Play Store>
adb shell settings put global angle_debug_package org.chromium.angle
adb shell settings put global angle_gl_driver_selection_pkgs $APP_PACKAGE
adb shell settings put global angle_gl_driver_selection_values angle
Test: Released app able to load from angle_debug_package on userdebug
Test: Released app cannot use angle_debug_package on user build
Bug: b/193912100
Bug: b/253678459
Change-Id: I3dda4258e23871ee2fab2cf5ba367612e00de0e2
(cherry picked from commit 5d32e628450494b72473c039c7d6f6ce57540bb1)
-rw-r--r-- | libs/graphicsenv/Android.bp | 16 | ||||
-rw-r--r-- | libs/graphicsenv/GraphicsEnv.cpp | 15 | ||||
-rw-r--r-- | libs/graphicsenv/include/graphicsenv/GraphicsEnv.h | 2 |
3 files changed, 29 insertions, 4 deletions
diff --git a/libs/graphicsenv/Android.bp b/libs/graphicsenv/Android.bp index a96a07a9b8..af50a2980c 100644 --- a/libs/graphicsenv/Android.bp +++ b/libs/graphicsenv/Android.bp @@ -27,10 +27,13 @@ cc_library_shared { srcs: [ "GpuStatsInfo.cpp", "GraphicsEnv.cpp", - "IGpuService.cpp" + "IGpuService.cpp", ], - cflags: ["-Wall", "-Werror"], + cflags: [ + "-Wall", + "-Werror", + ], shared_libs: [ "libbase", @@ -46,4 +49,13 @@ cc_library_shared { ], export_include_dirs: ["include"], + + product_variables: { + // `debuggable` is set for eng and userdebug builds + debuggable: { + cflags: [ + "-DANDROID_DEBUGGABLE", + ], + }, + }, } diff --git a/libs/graphicsenv/GraphicsEnv.cpp b/libs/graphicsenv/GraphicsEnv.cpp index 7f0cac5d4f..e86881a880 100644 --- a/libs/graphicsenv/GraphicsEnv.cpp +++ b/libs/graphicsenv/GraphicsEnv.cpp @@ -126,7 +126,20 @@ static const std::string getSystemNativeLibraries(NativeLibrary type) { } bool GraphicsEnv::isDebuggable() { - return prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) > 0; + // This flag determines if the application is marked debuggable + bool appDebuggable = prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) > 0; + + // This flag is set only in `debuggable` builds of the platform +#if defined(ANDROID_DEBUGGABLE) + bool platformDebuggable = true; +#else + bool platformDebuggable = false; +#endif + + ALOGV("GraphicsEnv::isDebuggable returning appDebuggable=%s || platformDebuggable=%s", + appDebuggable ? "true" : "false", platformDebuggable ? "true" : "false"); + + return appDebuggable || platformDebuggable; } void GraphicsEnv::setDriverPathAndSphalLibraries(const std::string path, diff --git a/libs/graphicsenv/include/graphicsenv/GraphicsEnv.h b/libs/graphicsenv/include/graphicsenv/GraphicsEnv.h index 56d1139f57..098e4a6507 100644 --- a/libs/graphicsenv/include/graphicsenv/GraphicsEnv.h +++ b/libs/graphicsenv/include/graphicsenv/GraphicsEnv.h @@ -35,7 +35,7 @@ public: // Check if the process is debuggable. It returns false except in any of the // following circumstances: - // 1. ro.debuggable=1 (global debuggable enabled). + // 1. ANDROID_DEBUGGABLE is defined (global debuggable enabled). // 2. android:debuggable="true" in the manifest for an individual app. // 3. An app which explicitly calls prctl(PR_SET_DUMPABLE, 1). // 4. GraphicsEnv calls prctl(PR_SET_DUMPABLE, 1) in the presence of |