Revert "Revert "Enforce a default policy on packages without <overlayable>""
This reverts commit 6ce5b00f2ac8307ab8cce1deb79e1e39d8b1b8b7.
Bug: 127835630
Test: manual and idmap2_tests
diff --git a/cmds/idmap2/libidmap2/Idmap.cpp b/cmds/idmap2/libidmap2/Idmap.cpp
index a1341fb..f4c3e9c 100644
--- a/cmds/idmap2/libidmap2/Idmap.cpp
+++ b/cmds/idmap2/libidmap2/Idmap.cpp
@@ -287,11 +287,20 @@
bool CheckOverlayable(const LoadedPackage& target_package,
const utils::OverlayManifestInfo& overlay_info,
const PolicyBitmask& fulfilled_policies, const ResourceId& resid) {
+ static constexpr const PolicyBitmask sDefaultPolicies =
+ PolicyFlags::POLICY_SYSTEM_PARTITION | PolicyFlags::POLICY_VENDOR_PARTITION |
+ PolicyFlags::POLICY_PRODUCT_PARTITION | PolicyFlags::POLICY_SIGNATURE;
+
+ // If the resource does not have an overlayable definition, allow the resource to be overlaid if
+ // the overlay is preinstalled or signed with the same signature as the target.
+ if (!target_package.DefinesOverlayable()) {
+ return (sDefaultPolicies & fulfilled_policies) != 0;
+ }
+
const OverlayableInfo* overlayable_info = target_package.GetOverlayableInfo(resid);
if (overlayable_info == nullptr) {
- // If the resource does not have an overlayable definition, allow the resource to be overlaid.
- // Once overlayable enforcement is turned on, this check will return false.
- return !target_package.DefinesOverlayable();
+ // Do not allow non-overlayable resources to be overlaid.
+ return false;
}
if (overlay_info.target_name != overlayable_info->name) {
@@ -427,6 +436,12 @@
matching_resources.Add(target_resid, overlay_resid);
}
+ if (matching_resources.Map().empty()) {
+ out_error << "overlay \"" << overlay_apk_path << "\" does not successfully overlay any resource"
+ << std::endl;
+ return nullptr;
+ }
+
// encode idmap data
std::unique_ptr<IdmapData> data(new IdmapData());
const auto types_end = matching_resources.Map().cend();