最近移植一些代码到Android U平台上,发现大量的aidl文件出现以下编译错误:
ERROR: xxx is not annotated for permissions. Declare which permissions are required using @EnforcePermission. If permissions are manually verified within the implementation, use @PermissionManuallyEnforced. If no permissions are required, use @RequiresNoPermission. This can be done for the whole interface or for each method. [-Wmissing-permission-annotation]
看提示,检查权限有问题,需要对整个接口或每个方法来添加@EnforcePermission、@PermissionManuallyEnforced、@RequiresNoPermission注解,可是有几十个aidl文件报错,一个一个添加太麻烦,能不能添加一个类似白名单的东西,把这个模块下的所有aidl都免除检查。
先看下添加-Wmissing-permission-annotation这个错误类型的地方:
build/soong/java/base.go
func (j *Module) individualAidlFlags(ctx android.ModuleContext, aidlFile android.Path) string {
var flags string
if Bool(j.deviceProperties.Aidl.Enforce_permissions) {
if !android.InList(aidlFile.String(), j.ignoredAidlPermissionList.Strings()) {
flags = "-Wmissing-permission-annotation -Werror"
}
}
return flags
}
先检查Enforce_permissions是否为true,如果为true,再检查aidl文件是否在ignoredAidlPermissionList列表里,如果不在列表里,那么添加"-Wmissing-permission-annotation -Werror" flag,后续检查的时候,如果不满足权限要求,就会报错。所以ignoredAidlPermissionList里的aidl文件就是被豁免的aidl文件。那把出错的aidl文件添加到ignoredAidlPermissionList里就行了。
看下ignoredAidlPermissionList在哪里赋值的:
build/soong/java/base.go
if Bool(j.deviceProperties.Aidl.Enforce_permissions) {
exceptions := j.deviceProperties.Aidl.Enforce_permissions_exceptions
j.ignoredAidlPermissionList = android.PathsForModuleSrcExcludes(ctx, exceptions, nil)
}
ignoredAidlPermissionList根据Enforce_permissions_exceptions赋值的,在代码里全局搜索Enforce_permissions_exceptions,可以看出,这个标签是在frameworks/base/Android.bp里赋值的:
frameworks/base/Android.bp
java_defaults {
name: "framework-minus-apex-defaults",
defaults: [
"framework-aidl-export-defaults",
"latest_android_hardware_soundtrigger3_java_static",
],
srcs: [
":framework-non-updatable-sources",
"core/java/**/*.logtags",
":apex-info-list",
],
aidl: {
generate_get_transaction_name: true,
enforce_permissions: true,
enforce_permissions_exceptions: [
// Do not add entries to this list.
":framework.core-sources-mitv-stubs",
":framework-annotations",
":framework-blobstore-sources",
":framework-core-sources",
":framework-drm-sources",
":framework-graphics-nonupdatable-sources",
.....
里面添加了很多原生framework的aidl文件豁免白名单,把我们自己的aidl文件添加进去就可以了。