Login/Register
How to whitelist a vendor-specific API in AOSP for Android 10
Asked Answered
apisdkandroid-sourcevendor
T

1

6

I'm trying to add a vendor-specific API to my AOSP code base. I was able to get this working on Android 5 through 9, but cannot figure this out on Android 10.

I read the documentation on the AOSP docs for Implementing Java SDK Library

I have the following blueprint file:

java_sdk_library {
  name: "com.mycompany.sdk.myclass",
  srcs: ["java/**/*.java"],
  api_packages: ["com.mycompany.sdk.myclass"],
}

I generated the api subdirectory using:

build/soong/scripts/gen-java-current-api-files.sh "vendor/mycompany/sdk/myclass" && m update-api

This put all my public method signatures into the current.txt file.

I added this as a boot jar to my top level board.mk file with:

PRODUCT_BOOT_JARS += com.mycompany.sdk.myclass

Building this creates the corresponding com.mycompany.sdk.myclass.xml permissions file:

<?xml version="1.0" encoding="utf-8"?>
<permissions>
    <library name="com.mycompany.sdk.myclass"
    file="/system/framework/com.mycompany.sdk.myclass.jar"/>
</permissions>

Everything builds and installs fine. I verified the permissions file is in /system/etc/permissions/ and points to the correct jar filename. But I get "Accessing hidden method (blacklist, linking, denied)" exceptions when I run a test app built against my private SDK:

W/test_app: Accessing hidden method Lcom/mycompany/sdk/myclass;->myMethod(Landroid/content/Context;Z)V (blacklist, linking, denied)

I can eliminate this blacklist error by issuing the command:

adb shell settings put global hidden_api_policy  1

So I know my jar is being built and installed correctly. But is just blacklisted for 3rd parties.

I eventually added my package name to frameworks/base/config/hiddenapi-greylist-packages.txt, and suddenly my test app runs, and properly finds the private API. Unfortunately, the blacklist errors are replaced by greylist warnings on every method call. I don't want the log cluttered with these warnings, so it must be whitelisted, not greylisted.

I tried adding it to /build/make/core/tasks/check_boot_jars/package_whitelist.txt, but this made no difference.

How do I whitelist my private API instead of greylist?

Trine answered 25/11, 2021 at 21:7 Comment(4)
Did you ever figure out how to whitelist custom APIs added to PRODUCT_BOOT_JARS?Septavalent
No @Septavalent I did not find a mechanism. We have been ignoring the greylist warnings for the last 2 years.Trine
I see, thanks for the response @brent-k . I'm currently working on Android 12 and I can't even get any APIs in PRODUCT_BOOT_JARS even greylisted, they all just get blocked when accessed by 3rd party apps.Septavalent
@Septavalent We solved this for Android 12. The file moved from frameworks/base/config/hiddenapi-greylist-packages.txt to frameworks/base/boot/hiddenapi/hiddenapi-unsupported-packages.txtTrine
R
0

There is no white list. The white list (allow list) is the methods listed in Android SDK.

Private API are not in Android SDK.

Rosamariarosamond answered 31/8, 2022 at 8:37 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.