From bb8b22a087db32773f1a9cd3473061f3ad714afc Mon Sep 17 00:00:00 2001
From: Dimitry Ivanov <dimitry@google.com>
Date: Fri, 21 Apr 2017 13:12:05 -0700
Subject: [PATCH] loader: enable loading libraries from tmpfs

This change adds two tests for dlopen from temporary files.
1. One Uses memfd_create() can be used to load libraries directly
from memory. This requires relaxing namespace accessibility check
in order to make this work in isolated namespaces.
2. Another checks that open with O_TMPFILE works.

Bug: http://b/37245203
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I3be1d7198ca17e7f1ba022a0d86c64d59a493506
---
 linker/linker.cpp    | 11 +++++-
 tests/dlext_test.cpp | 96 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 106 insertions(+), 1 deletion(-)

diff --git a/linker/linker.cpp b/linker/linker.cpp
index 66bec58af..53f0608b5 100644
--- a/linker/linker.cpp
+++ b/linker/linker.cpp
@@ -36,6 +36,7 @@
 #include <string.h>
 #include <sys/mman.h>
 #include <sys/param.h>
+#include <sys/vfs.h>
 #include <unistd.h>
 
 #include <new>
@@ -1191,7 +1192,15 @@ static bool load_library(android_namespace_t* ns,
     return false;
   }
 
-  if (!ns->is_accessible(realpath)) {
+  struct statfs fs_stat;
+  if (TEMP_FAILURE_RETRY(fstatfs(task->get_fd(), &fs_stat)) != 0) {
+    DL_ERR("unable to fstatfs file for the library \"%s\": %s", name, strerror(errno));
+    return false;
+  }
+
+  // do not check accessibility using realpath if fd is located on tmpfs
+  // this enables use of memfd_create() for apps
+  if ((fs_stat.f_type != TMPFS_MAGIC) && (!ns->is_accessible(realpath))) {
     // TODO(dimitry): workaround for http://b/26394120 - the grey-list
 
     // TODO(dimitry) before O release: add a namespace attribute to have this enabled
diff --git a/tests/dlext_test.cpp b/tests/dlext_test.cpp
index a0226a6f6..35dff2a31 100644
--- a/tests/dlext_test.cpp
+++ b/tests/dlext_test.cpp
@@ -24,9 +24,13 @@
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
+
 #include <android/dlext.h>
+
+#include <linux/memfd.h>
 #include <sys/mman.h>
 #include <sys/types.h>
+#include <sys/vfs.h>
 #include <sys/wait.h>
 
 #include <pagemap/pagemap.h>
@@ -802,6 +806,98 @@ TEST(dlext, ns_smoke) {
   dlclose(handle2);
 }
 
+TEST(dlext, dlopen_ext_use_o_tmpfile_fd) {
+  const std::string lib_path = get_testlib_root() + "/libtest_simple.so";
+
+  int tmpfd = TEMP_FAILURE_RETRY(
+        open(get_testlib_root().c_str(), O_TMPFILE | O_CLOEXEC | O_RDWR | O_EXCL));
+
+  // Ignore kernels without O_TMPFILE flag support
+  if (tmpfd == -1 && (errno == EISDIR || errno == EINVAL || errno == EOPNOTSUPP)) {
+    return;
+  }
+
+  ASSERT_TRUE(tmpfd != -1) << strerror(errno);
+
+  android_namespace_t* ns =
+          android_create_namespace("testing-o_tmpfile",
+                                   nullptr,
+                                   get_testlib_root().c_str(),
+                                   ANDROID_NAMESPACE_TYPE_ISOLATED,
+                                   nullptr,
+                                   nullptr);
+
+  ASSERT_DL_NOTNULL(ns);
+
+  ASSERT_TRUE(android_link_namespaces(ns, nullptr, g_core_shared_libs.c_str())) << dlerror();
+
+  std::string content;
+  ASSERT_TRUE(android::base::ReadFileToString(lib_path, &content)) << strerror(errno);
+  ASSERT_TRUE(android::base::WriteStringToFd(content, tmpfd)) << strerror(errno);
+
+  android_dlextinfo extinfo;
+  extinfo.flags = ANDROID_DLEXT_USE_LIBRARY_FD | ANDROID_DLEXT_USE_NAMESPACE;
+  extinfo.library_fd = tmpfd;
+  extinfo.library_namespace = ns;
+
+  void* handle = android_dlopen_ext("foobar", RTLD_NOW, &extinfo);
+
+  ASSERT_DL_NOTNULL(handle);
+
+  uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle, "dlopen_testlib_taxicab_number"));
+  ASSERT_DL_NOTNULL(taxicab_number);
+  EXPECT_EQ(1729U, *taxicab_number);
+  dlclose(handle);
+}
+
+TEST(dlext, dlopen_ext_use_memfd) {
+  const std::string lib_path = get_testlib_root() + "/libtest_simple.so";
+
+  // create memfd
+  int memfd = syscall(__NR_memfd_create, "foobar", MFD_CLOEXEC);
+  if (memfd == -1 && errno == ENOSYS) {
+    return;
+  }
+
+  ASSERT_TRUE(memfd != -1) << strerror(errno);
+
+  // Check st.f_type is TMPFS_MAGIC for memfd
+  struct statfs st;
+  ASSERT_TRUE(TEMP_FAILURE_RETRY(fstatfs(memfd, &st)) == 0) << strerror(errno);
+  ASSERT_EQ(static_cast<decltype(st.f_type)>(TMPFS_MAGIC), st.f_type);
+
+  android_namespace_t* ns =
+          android_create_namespace("testing-memfd",
+                                   nullptr,
+                                   get_testlib_root().c_str(),
+                                   ANDROID_NAMESPACE_TYPE_ISOLATED,
+                                   nullptr,
+                                   nullptr);
+
+  ASSERT_DL_NOTNULL(ns);
+
+  ASSERT_TRUE(android_link_namespaces(ns, nullptr, g_core_shared_libs.c_str())) << dlerror();
+
+  // read file into memfd backed one.
+  std::string content;
+  ASSERT_TRUE(android::base::ReadFileToString(lib_path, &content)) << strerror(errno);
+  ASSERT_TRUE(android::base::WriteStringToFd(content, memfd)) << strerror(errno);
+
+  android_dlextinfo extinfo;
+  extinfo.flags = ANDROID_DLEXT_USE_LIBRARY_FD | ANDROID_DLEXT_USE_NAMESPACE;
+  extinfo.library_fd = memfd;
+  extinfo.library_namespace = ns;
+
+  void* handle = android_dlopen_ext("foobar", RTLD_NOW, &extinfo);
+
+  ASSERT_DL_NOTNULL(handle);
+
+  uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle, "dlopen_testlib_taxicab_number"));
+  ASSERT_DL_NOTNULL(taxicab_number);
+  EXPECT_EQ(1729U, *taxicab_number);
+  dlclose(handle);
+}
+
 TEST(dlext, ns_symbol_visibilty_one_namespace) {
   static const char* root_lib = "libnstest_root.so";
   ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
-- 
2.11.0