From 7e36aeaa61b7546b49fba3bb4de3b7f935339893 Mon Sep 17 00:00:00 2001 From: Martin Stjernholm Date: Mon, 11 Nov 2019 15:51:25 +0000 Subject: [PATCH] Retain relevant comments from system/core/rootdir/etc/ld.config.txt. This CL carries over the comments from the old text config that was deleted in https://r.android.com/1128832. Test: N/A - comment changes only Bug: 138920271 Change-Id: I4309599228cace3d19bba7bc992e80fe2eb66c69 --- contents/configuration/baseconfig.cc | 6 +++++- contents/namespace/art.cc | 3 +++ contents/namespace/conscrypt.cc | 3 +++ contents/namespace/media.cc | 2 ++ contents/namespace/neuralnetworks.cc | 3 +++ contents/namespace/resolv.cc | 2 ++ contents/namespace/rs.cc | 8 ++++++++ contents/namespace/runtime.cc | 6 ++++-- contents/namespace/sphal.cc | 16 ++++++++++++++++ contents/namespace/system.cc | 3 +++ contents/namespace/systemdefault.cc | 17 +++++++++++++++++ contents/namespace/unrestricteddefault.cc | 3 +++ contents/namespace/vendordefault.cc | 6 ++++++ contents/namespace/vndk.cc | 14 ++++++++++++++ contents/namespace/vndkinsystem.cc | 17 +++++++++++++++++ contents/section/postinstall.cc | 9 ++++++++- contents/section/unrestricted.cc | 5 +++++ contents/section/vendor.cc | 2 ++ 18 files changed, 121 insertions(+), 4 deletions(-) diff --git a/contents/configuration/baseconfig.cc b/contents/configuration/baseconfig.cc index eca4d31..838a40c 100644 --- a/contents/configuration/baseconfig.cc +++ b/contents/configuration/baseconfig.cc @@ -22,6 +22,9 @@ using android::linkerconfig::modules::DirToSection; using android::linkerconfig::modules::Section; namespace { + +// Don't change the order here. The first pattern that matches with the +// absolute path of an executable is selected. const std::vector kDirToSection = { {"/system/bin/", "system"}, {"/system/xbin/", "system"}, @@ -51,6 +54,7 @@ const std::vector kDirToSection = { // else. This must be last. {"/data", "system"}, }; + } // namespace namespace android { @@ -74,4 +78,4 @@ android::linkerconfig::modules::Configuration CreateBaseConfiguration() { } } // namespace contents } // namespace linkerconfig -} // namespace android \ No newline at end of file +} // namespace android diff --git a/contents/namespace/art.cc b/contents/namespace/art.cc index 559ac0c..c3a0eff 100644 --- a/contents/namespace/art.cc +++ b/contents/namespace/art.cc @@ -14,6 +14,9 @@ * limitations under the License. */ +// This namespace exposes externally accessible libraries from the ART APEX. +// Keep in sync with the "art" namespace in art/build/apex/ld.config.txt. + #include "linkerconfig/namespacebuilder.h" using android::linkerconfig::modules::AsanPath; diff --git a/contents/namespace/conscrypt.cc b/contents/namespace/conscrypt.cc index 2bb765d..eb8aa32 100644 --- a/contents/namespace/conscrypt.cc +++ b/contents/namespace/conscrypt.cc @@ -14,6 +14,9 @@ * limitations under the License. */ +// This namespace is for libraries within the conscrypt APEX. +// Keep in sync with the "conscrypt" namespace in art/build/apex/ld.config.txt. + #include "linkerconfig/namespacebuilder.h" #include diff --git a/contents/namespace/media.cc b/contents/namespace/media.cc index 0208963..2b41d37 100644 --- a/contents/namespace/media.cc +++ b/contents/namespace/media.cc @@ -14,6 +14,8 @@ * limitations under the License. */ +// This namespace is for libraries within the media APEX. + #include "linkerconfig/namespacebuilder.h" #include diff --git a/contents/namespace/neuralnetworks.cc b/contents/namespace/neuralnetworks.cc index 49add82..873f84a 100644 --- a/contents/namespace/neuralnetworks.cc +++ b/contents/namespace/neuralnetworks.cc @@ -13,6 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. */ + +// This namespace is for libraries within the NNAPI APEX. + #include "linkerconfig/namespacebuilder.h" #include "linkerconfig/environment.h" diff --git a/contents/namespace/resolv.cc b/contents/namespace/resolv.cc index 3156fa3..0fae623 100644 --- a/contents/namespace/resolv.cc +++ b/contents/namespace/resolv.cc @@ -14,6 +14,8 @@ * limitations under the License. */ +// This namespace is for libraries within the resolv APEX. + #include "linkerconfig/namespacebuilder.h" #include diff --git a/contents/namespace/rs.cc b/contents/namespace/rs.cc index df6e988..c0e3d89 100644 --- a/contents/namespace/rs.cc +++ b/contents/namespace/rs.cc @@ -14,6 +14,11 @@ * limitations under the License. */ +// This namespace is exclusively for Renderscript internal libraries. This +// namespace has slightly looser restriction than the vndk namespace because of +// the genuine characteristics of Renderscript; /data is in the permitted path +// to load the compiled *.so file and libmediandk.so can be used here. + #include "linkerconfig/namespacebuilder.h" using android::linkerconfig::modules::AsanPath; @@ -37,8 +42,11 @@ Namespace BuildRsNamespace([[maybe_unused]] const Context& ctx) { ns.AddPermittedPath("/system/vendor/${LIB}", AsanPath::NONE); ns.AddPermittedPath("/data", AsanPath::SAME_PATH); + // Private LLNDK libs (e.g. libft2.so) are exceptionally allowed to this + // namespace because RS framework libs are using them. ns.GetLink(ctx.GetSystemNamespaceName()) .AddSharedLib({"@{LLNDK_LIBRARIES}", "@{PRIVATE_LLNDK_LIBRARIES:}"}); + ns.GetLink("neuralnetworks").AddSharedLib("libneuralnetworks.so"); return ns; diff --git a/contents/namespace/runtime.cc b/contents/namespace/runtime.cc index 564cb17..225f5b1 100644 --- a/contents/namespace/runtime.cc +++ b/contents/namespace/runtime.cc @@ -14,6 +14,10 @@ * limitations under the License. */ +// Currently, the runtime namespace is only to isolate +// libc_malloc_hooks/debug.so in the Runtime APEX. libc/l/d are loaded in the +// default namespace. + #include "linkerconfig/namespacebuilder.h" using android::linkerconfig::modules::AsanPath; @@ -24,8 +28,6 @@ namespace linkerconfig { namespace contents { Namespace BuildRuntimeNamespace([[maybe_unused]] const Context& ctx) { - // Currently, the runtime namespace is only to isolate - // libc_malloc_hooks/debug.so. libc/l/d are loaded in the default namespace. Namespace ns("runtime", /*is_isolated=*/true, /*is_visible=*/true); diff --git a/contents/namespace/sphal.cc b/contents/namespace/sphal.cc index 7a605f9..afc2a1d 100644 --- a/contents/namespace/sphal.cc +++ b/contents/namespace/sphal.cc @@ -14,6 +14,16 @@ * limitations under the License. */ +// SP-HAL(Sameprocess-HAL)s are the only vendor libraries that are allowed to be +// loaded inside system processes. libEGL_.so, libGLESv2_.so, +// android.hardware.graphics.mapper@2.0-impl.so, etc are SP-HALs. +// +// This namespace is exclusivly for SP-HALs. When the framework tries to +// dynamically load SP-HALs, android_dlopen_ext() is used to explicitly specify +// that they should be searched and loaded from this namespace. +// +// Note that there is no link from the default namespace to this namespace. + #include "linkerconfig/namespacebuilder.h" using android::linkerconfig::modules::AsanPath; @@ -23,6 +33,8 @@ namespace android { namespace linkerconfig { namespace contents { Namespace BuildSphalNamespace([[maybe_unused]] const Context& ctx) { + // Visible to allow use with android_dlopen_ext, and with + // android_link_namespaces in libnativeloader. Namespace ns("sphal", /*is_isolated=*/true, /*is_visible=*/true); ns.AddSearchPath("/odm/${LIB}", AsanPath::WITH_DATA_ASAN); ns.AddSearchPath("/vendor/${LIB}", AsanPath::WITH_DATA_ASAN); @@ -32,6 +44,10 @@ Namespace BuildSphalNamespace([[maybe_unused]] const Context& ctx) { ns.AddPermittedPath("/vendor/${LIB}", AsanPath::WITH_DATA_ASAN); ns.AddPermittedPath("/system/vendor/${LIB}", AsanPath::NONE); + // Once in this namespace, access to libraries in /system/lib is restricted. + // Only libs listed here can be used. Order is important here as the + // namespaces are tried in this order. rs should be before vndk because both + // are capable of loading libRS_internal.so ns.GetLink("rs").AddSharedLib("libRS_internal.so"); ns.GetLink(ctx.GetSystemNamespaceName()).AddSharedLib("@{LLNDK_LIBRARIES:}"); ns.GetLink("vndk").AddSharedLib("@{VNDK_SAMEPROCESS_LIBRARIES:}"); diff --git a/contents/namespace/system.cc b/contents/namespace/system.cc index 841abbb..262a162 100644 --- a/contents/namespace/system.cc +++ b/contents/namespace/system.cc @@ -14,6 +14,9 @@ * limitations under the License. */ +// This namespace is where system libs (VNDK and LLNDK libs) are loaded for a +// vendor process. + #include "linkerconfig/namespacebuilder.h" using android::linkerconfig::modules::AsanPath; diff --git a/contents/namespace/systemdefault.cc b/contents/namespace/systemdefault.cc index 03bee7c..1d7563b 100644 --- a/contents/namespace/systemdefault.cc +++ b/contents/namespace/systemdefault.cc @@ -14,6 +14,9 @@ * limitations under the License. */ +// Framework-side code runs in this namespace. Libs from /vendor partition can't +// be loaded in this namespace. + #include "linkerconfig/environment.h" #include "linkerconfig/namespace.h" #include "linkerconfig/namespacebuilder.h" @@ -22,6 +25,8 @@ using android::linkerconfig::modules::AsanPath; using android::linkerconfig::modules::Namespace; namespace { + +// Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt. const std::vector kLibsFromArt = { "libdexfile_external.so", "libdexfiled_external.so", @@ -29,6 +34,7 @@ const std::vector kLibsFromArt = { "libnativehelper.so", "libnativeloader.so", "libandroidicu.so", + // TODO(b/122876336): Remove libpac.so once it's migrated to Webview "libpac.so", // TODO(b/120786417 or b/134659294): libicuuc.so // and libicui18n.so are kept for app compat. @@ -36,15 +42,24 @@ const std::vector kLibsFromArt = { "libicuuc.so", }; +// We can't have entire /system/${LIB} as permitted paths because doing so makes +// it possible to load libs in /system/${LIB}/vndk* directories by their +// absolute paths, e.g. dlopen("/system/lib/vndk/libbase.so"). VNDK libs are +// built with previous versions of Android and thus must not be loaded into this +// namespace where libs built with the current version of Android are loaded. +// Mixing the two types of libs in the same namespace can cause unexpected +// problems. const std::vector kPermittedPaths = { "/system/${LIB}/drm", "/system/${LIB}/extractors", "/system/${LIB}/hw", "/@{SYSTEM_EXT:system_ext}/${LIB}", "/@{PRODUCT:product}/${LIB}", + // These are where odex files are located. libart has to be able to // dlopen the files "/system/framework", + "/system/app", "/system/priv-app", "/@{SYSTEM_EXT:system_ext}/framework", @@ -80,6 +95,8 @@ namespace linkerconfig { namespace contents { Namespace BuildSystemDefaultNamespace([[maybe_unused]] const Context& ctx) { bool is_fully_treblelized = ctx.IsDefaultConfig(); + // Visible to allow links to be created at runtime, e.g. through + // android_link_namespaces in libnativeloader. Namespace ns("default", /*is_isolated=*/is_fully_treblelized, /*is_visible=*/true); diff --git a/contents/namespace/unrestricteddefault.cc b/contents/namespace/unrestricteddefault.cc index 11408a4..24c1474 100644 --- a/contents/namespace/unrestricteddefault.cc +++ b/contents/namespace/unrestricteddefault.cc @@ -23,6 +23,8 @@ using android::linkerconfig::modules::AsanPath; using android::linkerconfig::modules::Namespace; namespace { + +// Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt. const std::vector kLibsFromArt = { "libdexfile_external.so", "libdexfiled_external.so", @@ -35,6 +37,7 @@ const std::vector kLibsFromArt = { // for app compat. "libicui18n.so", "libicuuc.so"}; + } // namespace namespace android { diff --git a/contents/namespace/vendordefault.cc b/contents/namespace/vendordefault.cc index efbfc03..3361a15 100644 --- a/contents/namespace/vendordefault.cc +++ b/contents/namespace/vendordefault.cc @@ -14,6 +14,9 @@ * limitations under the License. */ +// This is the default linker namespace for a vendor process (a process started +// from /vendor/bin/*). + #include "linkerconfig/environment.h" #include "linkerconfig/namespacebuilder.h" @@ -22,6 +25,8 @@ using android::linkerconfig::modules::GetVendorVndkVersion; using android::linkerconfig::modules::Namespace; namespace { + +// Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt. const std::vector kVndkLiteArtLibs = { "libdexfile_external.so", "libdexfiled_external.so", @@ -33,6 +38,7 @@ const std::vector kVndkLiteArtLibs = { "libicui18n.so", "libicuuc.so", }; + } // namespace namespace android { diff --git a/contents/namespace/vndk.cc b/contents/namespace/vndk.cc index 2ffeef7..8b24c28 100644 --- a/contents/namespace/vndk.cc +++ b/contents/namespace/vndk.cc @@ -14,6 +14,8 @@ * limitations under the License. */ +// This namespace is exclusively for vndk-sp libs. + #include "linkerconfig/namespacebuilder.h" #include "linkerconfig/environment.h" @@ -27,6 +29,9 @@ namespace contents { Namespace BuildVndkNamespace([[maybe_unused]] const Context& ctx) { bool is_system_section = ctx.IsSystemSection(); bool is_vndklite = ctx.IsVndkliteConfig(); + // Isolated but visible when used in the [system] section to allow links to be + // created at runtime, e.g. through android_link_namespaces in + // libnativeloader. Otherwise it isn't isolated, so visibility doesn't matter. Namespace ns("vndk", /*is_isolated=*/is_system_section, /*is_visible=*/is_system_section); @@ -52,16 +57,25 @@ Namespace BuildVndkNamespace([[maybe_unused]] const Context& ctx) { ns.AddPermittedPath("/system/vendor/${LIB}/hw", AsanPath::NONE); } ns.AddPermittedPath("/system/vendor/${LIB}/egl", AsanPath::NONE); + + // This is exceptionally required since android.hidl.memory@1.0-impl.so is here ns.AddPermittedPath("/apex/com.android.vndk.v@{VNDK_VER}/${LIB}/hw", AsanPath::SAME_PATH); } + // For the [vendor] section, the links should be identical to that of the + // 'vndk_in_system' namespace, except the links to 'default' and 'vndk_in_system'. + ns.GetLink(ctx.GetSystemNamespaceName()).AddSharedLib({"@{LLNDK_LIBRARIES}"}); if (!is_vndklite) { if (is_system_section) { + // The "vndk" namespace links to the system namespace for LLNDK libs above + // and links to "sphal" namespace for vendor libs. The ordering matters; + // the system namespace has higher priority than the "sphal" namespace. ns.GetLink("sphal").AllowAllSharedLibs(); } else { + // [vendor] section ns.GetLink("default").AllowAllSharedLibs(); if (android::linkerconfig::modules::IsVndkInSystemNamespace()) { diff --git a/contents/namespace/vndkinsystem.cc b/contents/namespace/vndkinsystem.cc index 87beb8b..0bee29b 100644 --- a/contents/namespace/vndkinsystem.cc +++ b/contents/namespace/vndkinsystem.cc @@ -14,6 +14,17 @@ * limitations under the License. */ +// This namespace is where no-vendor-variant VNDK libraries are loaded for a +// vendor process. Note that we do not simply export these libraries from the +// "system" namespace, because in some cases both the core variant and the +// vendor variant of a VNDK library may be loaded. In such cases, we do not +// want to eliminate double-loading because doing so means the global states +// of the library would be shared. +// +// Only the no-vendor-variant VNDK libraries are whitelisted in this namespace. +// This is to ensure that we do not load libraries needed by no-vendor-variant +// VNDK libraries into vndk_in_system namespace. + #include "linkerconfig/namespacebuilder.h" #include "linkerconfig/environment.h" @@ -28,6 +39,7 @@ Namespace BuildVndkInSystemNamespace([[maybe_unused]] const Context& ctx) { Namespace ns("vndk_in_system", /*is_isolated=*/true, /*is_visible=*/true); + // The search paths here should be kept the same as that of the 'system' namespace. ns.AddSearchPath("/system/${LIB}", AsanPath::WITH_DATA_ASAN); ns.AddSearchPath("/@{SYSTEM_EXT:system_ext}/${LIB}", AsanPath::WITH_DATA_ASAN); ns.AddSearchPath("/@{PRODUCT:product}/${LIB}", AsanPath::WITH_DATA_ASAN); @@ -36,6 +48,11 @@ Namespace BuildVndkInSystemNamespace([[maybe_unused]] const Context& ctx) { ns.AddWhitelisted("@{VNDK_USING_CORE_VARIANT_LIBRARIES}"); } + // The links here should be identical to that of the 'vndk' namespace for the + // [vendor] section, with the following exceptions: + // 1. 'vndk_in_system' needs to be freely linked back to 'vndk'. + // 2. 'vndk_in_system' does not need to link to 'default', as any library that + // requires anything vendor would not be a vndk_in_system library. ns.GetLink(ctx.GetSystemNamespaceName()).AddSharedLib("@{LLNDK_LIBRARIES}"); ns.GetLink("vndk").AllowAllSharedLibs(); ns.GetLink("neuralnetworks").AddSharedLib("libneuralnetworks.so"); diff --git a/contents/section/postinstall.cc b/contents/section/postinstall.cc index 0f54c45..4091e4f 100644 --- a/contents/section/postinstall.cc +++ b/contents/section/postinstall.cc @@ -14,6 +14,13 @@ * limitations under the License. */ +// Namespace config for binaries under /postinstall. +// Only default namespace is defined and default has no directories +// other than /system/lib in the search paths. This is because linker calls +// realpath on the search paths and this causes selinux denial if the paths +// (/vendor, /odm) are not allowed to the postinstall binaries. There is no +// reason to allow the binaries to access the paths. + #include "linkerconfig/sectionbuilder.h" #include "linkerconfig/namespacebuilder.h" @@ -35,4 +42,4 @@ Section BuildPostInstallSection(Context& ctx) { } } // namespace contents } // namespace linkerconfig -} // namespace android \ No newline at end of file +} // namespace android diff --git a/contents/section/unrestricted.cc b/contents/section/unrestricted.cc index ae57426..de94b55 100644 --- a/contents/section/unrestricted.cc +++ b/contents/section/unrestricted.cc @@ -14,6 +14,11 @@ * limitations under the License. */ +// Linker config for native tests that need access to both system and vendor +// libraries. This replicates the default linker config (done by +// init_default_namespace_no_config in bionic/linker/linker.cpp), except that it +// includes the requisite namespace setup for APEXes. + #include "linkerconfig/sectionbuilder.h" #include "linkerconfig/common.h" diff --git a/contents/section/vendor.cc b/contents/section/vendor.cc index f872be3..9aab0db 100644 --- a/contents/section/vendor.cc +++ b/contents/section/vendor.cc @@ -14,6 +14,8 @@ * limitations under the License. */ +// Namespace config for vendor processes. + #include "linkerconfig/sectionbuilder.h" #include "linkerconfig/common.h" -- 2.11.0