Rename linker greylist to exempt-list

Update a comment in android-changes-for-ndk-developers.md about the removed debug.ld.greylist_disabled system property. Update language to comply with Android's inclusive language guidance #inclusivefixit See https://source.android.com/setup/contribute/respectful-code for reference Bug: http://b/162536543 Test: bionic-unit-tests Change-Id: I760ee14bce14d9d799926c43d2c14fd8ffbc6968
2020-08-03 15:29:12 -07:00 · 2020-08-03 15:29:12 -07:00 · aff9a34bd8
commit aff9a34bd8
parent 95dbcfaf04
6 changed files with 35 additions and 37 deletions
--- a/android-changes-for-ndk-developers.md
+++ b/android-changes-for-ndk-developers.md
@ -175,11 +175,9 @@ and libssl.so). In order to give you more time to transition, we will
 temporarily support these libraries; so if you see a warning that means
 your code will not work in a future release -- please fix it now!

-In O and later, the system property `debug.ld.greylist_disabled` can be
-used to deny access to the greylist even to an app that would normally
-be allowed it. This allows you to test compatibility without bumping the
-app's `targetSdkVersion`. Use `setprop debug.ld.greylist_disabled true`
-to turn this on (any other value leaves the greylist enabled).
+Between O and R, this compatibility mode could be disabled by setting a
+system property (`debug.ld.greylist_disabled`). This property is ignored
+in S and later.

 ```
 $ readelf --dynamic libBroken.so | grep NEEDED
--- a/linker/linker.cpp
+++ b/linker/linker.cpp
@ -186,10 +186,10 @@ static bool maybe_accessible_via_namespace_links(android_namespace_t* ns, const
  return false;
 }

-// TODO(dimitry): The grey-list is a workaround for http://b/26394120 ---
+// TODO(dimitry): The exempt-list is a workaround for http://b/26394120 ---
 // gradually remove libraries from this list until it is gone.
-static bool is_greylisted(android_namespace_t* ns, const char* name, const soinfo* needed_by) {
-  static const char* const kLibraryGreyList[] = {
+static bool is_exempt_lib(android_namespace_t* ns, const char* name, const soinfo* needed_by) {
+  static const char* const kLibraryExemptList[] = {
    "libandroid_runtime.so",
    "libbinder.so",
    "libcrypto.so",
@ -206,13 +206,13 @@ static bool is_greylisted(android_namespace_t* ns, const char* name, const soinf
    nullptr
  };

-  // If you're targeting N, you don't get the greylist.
+  // If you're targeting N, you don't get the exempt-list.
  if (get_application_target_sdk_version() >= 24) {
    return false;
  }

  // if the library needed by a system library - implicitly assume it
-  // is greylisted unless it is in the list of shared libraries for one or
+  // is exempt unless it is in the list of shared libraries for one or
  // more linked namespaces
  if (needed_by != nullptr && is_system_library(needed_by->get_realpath())) {
    return !maybe_accessible_via_namespace_links(ns, name);
@ -224,8 +224,8 @@ static bool is_greylisted(android_namespace_t* ns, const char* name, const soinf
    name = basename(name);
  }

-  for (size_t i = 0; kLibraryGreyList[i] != nullptr; ++i) {
-    if (strcmp(name, kLibraryGreyList[i]) == 0) {
+  for (size_t i = 0; kLibraryExemptList[i] != nullptr; ++i) {
+    if (strcmp(name, kLibraryExemptList[i]) == 0) {
      return true;
    }
  }
@ -632,7 +632,7 @@ class LoadTask {
  bool close_fd_;
  off64_t file_offset_;
  std::unordered_map<const soinfo*, ElfReader>* elf_readers_map_;
-  // TODO(dimitry): needed by workaround for http://b/26394120 (the grey-list)
+  // TODO(dimitry): needed by workaround for http://b/26394120 (the exempt-list)
  bool is_dt_needed_;
  // END OF WORKAROUND
  const android_namespace_t* const start_from_;
@ -1187,12 +1187,12 @@ static bool load_library(android_namespace_t* ns,
  // do not check accessibility using realpath if fd is located on tmpfs
  // this enables use of memfd_create() for apps
  if ((fs_stat.f_type != TMPFS_MAGIC) && (!ns->is_accessible(realpath))) {
-    // TODO(dimitry): workaround for http://b/26394120 - the grey-list
+    // TODO(dimitry): workaround for http://b/26394120 - the exempt-list

    // TODO(dimitry) before O release: add a namespace attribute to have this enabled
    // only for classloader-namespaces
    const soinfo* needed_by = task->is_dt_needed() ? task->get_needed_by() : nullptr;
-    if (is_greylisted(ns, name, needed_by)) {
+    if (is_exempt_lib(ns, name, needed_by)) {
      // print warning only if needed by non-system library
      if (needed_by == nullptr || !is_system_library(needed_by->get_realpath())) {
        const soinfo* needed_or_dlopened_by = task->get_needed_by();
@ -1446,14 +1446,14 @@ static bool find_library_internal(android_namespace_t* ns,
    return true;
  }

-  // TODO(dimitry): workaround for http://b/26394120 (the grey-list)
-  if (ns->is_greylist_enabled() && is_greylisted(ns, task->get_name(), task->get_needed_by())) {
-    // For the libs in the greylist, switch to the default namespace and then
+  // TODO(dimitry): workaround for http://b/26394120 (the exempt-list)
+  if (ns->is_exempt_list_enabled() && is_exempt_lib(ns, task->get_name(), task->get_needed_by())) {
+    // For the libs in the exempt-list, switch to the default namespace and then
    // try the load again from there. The library could be loaded from the
    // default namespace or from another namespace (e.g. runtime) that is linked
    // from the default namespace.
    LD_LOG(kLogDlopen,
-           "find_library_internal(ns=%s, task=%s): Greylisted library - trying namespace %s",
+           "find_library_internal(ns=%s, task=%s): Exempt system library - trying namespace %s",
           ns->get_name(), task->get_name(), g_default_namespace.get_name());
    ns = &g_default_namespace;
    if (load_library(ns, task, zip_archive_cache, load_tasks, rtld_flags,
@ -1473,9 +1473,9 @@ static bool find_library_internal(android_namespace_t* ns,
      // Library is already loaded.
      if (task->get_soinfo() != nullptr) {
        // n.b. This code path runs when find_library_in_linked_namespace found an already-loaded
-        // library by soname. That should only be possible with a greylist lookup, where we switch
-        // the namespace, because otherwise, find_library_in_linked_namespace is duplicating the
-        // soname scan done in this function's first call to find_loaded_library_by_soname.
+        // library by soname. That should only be possible with a exempt-list lookup, where we
+        // switch the namespace, because otherwise, find_library_in_linked_namespace is duplicating
+        // the soname scan done in this function's first call to find_loaded_library_by_soname.
        return true;
      }

@ -2426,7 +2426,7 @@ android_namespace_t* create_namespace(const void* caller_addr,
  android_namespace_t* ns = new (g_namespace_allocator.alloc()) android_namespace_t();
  ns->set_name(name);
  ns->set_isolated((type & ANDROID_NAMESPACE_TYPE_ISOLATED) != 0);
-  ns->set_greylist_enabled((type & ANDROID_NAMESPACE_TYPE_GREYLIST_ENABLED) != 0);
+  ns->set_exempt_list_enabled((type & ANDROID_NAMESPACE_TYPE_EXEMPT_LIST_ENABLED) != 0);
  ns->set_also_used_as_anonymous((type & ANDROID_NAMESPACE_TYPE_ALSO_USED_AS_ANONYMOUS) != 0);

  if ((type & ANDROID_NAMESPACE_TYPE_SHARED) != 0) {
--- a/linker/linker.h
+++ b/linker/linker.h
@ -133,10 +133,10 @@ enum {
   */
  ANDROID_NAMESPACE_TYPE_SHARED = 2,

-  /* This flag instructs linker to enable grey-list workaround for the namespace.
+  /* This flag instructs linker to enable exempt-list workaround for the namespace.
   * See http://b/26394120 for details.
   */
-  ANDROID_NAMESPACE_TYPE_GREYLIST_ENABLED = 0x08000000,
+  ANDROID_NAMESPACE_TYPE_EXEMPT_LIST_ENABLED = 0x08000000,

  /* This flag instructs linker to use this namespace as the anonymous
   * namespace. There can be only one anonymous namespace in a process. If there
--- a/linker/linker_namespaces.h
+++ b/linker/linker_namespaces.h
@ -76,7 +76,7 @@ struct android_namespace_t {
 public:
  android_namespace_t() :
    is_isolated_(false),
-    is_greylist_enabled_(false),
+    is_exempt_list_enabled_(false),
    is_also_used_as_anonymous_(false) {}

  const char* get_name() const { return name_.c_str(); }
@ -85,8 +85,8 @@ struct android_namespace_t {
  bool is_isolated() const { return is_isolated_; }
  void set_isolated(bool isolated) { is_isolated_ = isolated; }

-  bool is_greylist_enabled() const { return is_greylist_enabled_; }
-  void set_greylist_enabled(bool enabled) { is_greylist_enabled_ = enabled; }
+  bool is_exempt_list_enabled() const { return is_exempt_list_enabled_; }
+  void set_exempt_list_enabled(bool enabled) { is_exempt_list_enabled_ = enabled; }

  bool is_also_used_as_anonymous() const { return is_also_used_as_anonymous_; }
  void set_also_used_as_anonymous(bool yes) { is_also_used_as_anonymous_ = yes; }
@ -169,7 +169,7 @@ struct android_namespace_t {
 private:
  std::string name_;
  bool is_isolated_;
-  bool is_greylist_enabled_;
+  bool is_exempt_list_enabled_;
  bool is_also_used_as_anonymous_;
  std::vector<std::string> ld_library_paths_;
  std::vector<std::string> default_library_paths_;
--- a/tests/dlext_private.h
+++ b/tests/dlext_private.h
@ -56,10 +56,10 @@ enum {
   */
  ANDROID_NAMESPACE_TYPE_SHARED = 2,

-  /* This flag instructs linker to enable grey-list workaround for the namespace.
+  /* This flag instructs linker to enable exempt-list workaround for the namespace.
   * See http://b/26394120 for details.
   */
-  ANDROID_NAMESPACE_TYPE_GREYLIST_ENABLED = 0x08000000,
+  ANDROID_NAMESPACE_TYPE_EXEMPT_LIST_ENABLED = 0x08000000,

  ANDROID_NAMESPACE_TYPE_SHARED_ISOLATED = ANDROID_NAMESPACE_TYPE_SHARED |
                                           ANDROID_NAMESPACE_TYPE_ISOLATED,
--- a/tests/dlext_test.cpp
+++ b/tests/dlext_test.cpp
@ -1228,7 +1228,7 @@ TEST(dlext, ns_unload_between_namespaces_missing_symbol_indirect) {
            dlerror());
 }

-TEST(dlext, ns_greylist_enabled) {
+TEST(dlext, ns_exempt_list_enabled) {
  ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));

  const std::string ns_search_path = GetTestlibRoot() + "/private_namespace_libs";
@ -1237,7 +1237,7 @@ TEST(dlext, ns_greylist_enabled) {
          android_create_namespace("namespace",
                                   nullptr,
                                   ns_search_path.c_str(),
-                                   ANDROID_NAMESPACE_TYPE_ISOLATED | ANDROID_NAMESPACE_TYPE_GREYLIST_ENABLED,
+                                   ANDROID_NAMESPACE_TYPE_ISOLATED | ANDROID_NAMESPACE_TYPE_EXEMPT_LIST_ENABLED,
                                   nullptr,
                                   nullptr);

@ -1247,26 +1247,26 @@ TEST(dlext, ns_greylist_enabled) {
  extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
  extinfo.library_namespace = ns;

-  // An app targeting M can open libnativehelper.so because it's on the greylist.
+  // An app targeting M can open libnativehelper.so because it's on the exempt-list.
  android_set_application_target_sdk_version(23);
  void* handle = android_dlopen_ext("libnativehelper.so", RTLD_NOW, &extinfo);
  ASSERT_TRUE(handle != nullptr) << dlerror();

-  // Check that loader did not load another copy of libdl.so while loading greylisted library.
+  // Check that loader did not load another copy of libdl.so while loading exempted library.
  void* dlsym_ptr = dlsym(handle, "dlsym");
  ASSERT_TRUE(dlsym_ptr != nullptr) << dlerror();
  ASSERT_EQ(&dlsym, dlsym_ptr);

  dlclose(handle);

-  // An app targeting N no longer has the greylist.
+  // An app targeting N no longer has the exempt-list.
  android_set_application_target_sdk_version(24);
  handle = android_dlopen_ext("libnativehelper.so", RTLD_NOW, &extinfo);
  ASSERT_TRUE(handle == nullptr);
  ASSERT_STREQ("dlopen failed: library \"libnativehelper.so\" not found", dlerror());
 }

-TEST(dlext, ns_greylist_disabled_by_default) {
+TEST(dlext, ns_exempt_list_disabled_by_default) {
  ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));

  const std::string ns_search_path = GetTestlibRoot() + "/private_namespace_libs";