This commit allows users to create a link without soname filters between
two linker namespaces.
The motivation is to establish one-way shared library isolation. For
example, assume that there are two linker namespaces `default` and
`vndk`. We would like to limit the shared libraries that can be used by
the `default` namespace. In the meanwhile, we would like to allow the
`vndk` namespace to use shared libs from the `default` namespace if the
soname cannot be find in the search path or loaded sonames of the `vndk`
namespace.
shared_libs = %VNDK_CORE_LIBRARIES%
shared_libs += %VNDK_SAMEPROCESS_LIBRARIES%
vndk <-------------------------------------------- default
\_______________________________________________/^
allow_all_shared_libs = true
android_link_namespaces_all_libs() is added to libdl, but it is
versioned as LIBC_PRIVATE. android_link_namespaces_all_libs() is only
for unit tests.
Bug: 69824336
Test: adb shell /data/nativetest/linker-unit-tests/linker-unit-tests32
Test: adb shell /data/nativetest64/linker-unit-tests/linker-unit-tests64
Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests
Test: adb shell /data/nativetest64/bionic-unit-tests/bionic-unit-tests
Test: Update /system/etc/ld.config*.txt and check whether the vndk
linker namespace of the vendor process can access the shared libs from
the default linker namespace.
Change-Id: I2879f0c5f5af60c7e56f8f743ebd2872e552286b
We can mark a whole version "introduced=" rather than doing every line
separately.
Bug: N/A
Test: builds
Change-Id: I3219edc755a42ce5ff6258efb744fb5e05967a3a
__cfi_shadow_size returns the size of the CFI shadow mapping, or 0 if
CFI is not (yet) used in this process. This can be used to adjust
RLIMIT_AS setting.
Test: device bionic tests
Bug: 64293803
Change-Id: Icd7164f96aa7115b3585c21c0f68529cd2f07c11
When a vendor lib (or vendor-available platform lib) is built with
sanitizer on, __cfi_slowpath_diag is required. However, when building
for those libs, the llndk stub of libdl.so is provided for them and
__cfi_slowpath_diag is not exposed to the stub. In order to make the
sanitizing build successful, expose the symbol.
These symbols are also exposed to NDK clients since we may want to CFI
for unbundled apps.
Bug: 63053790
Bug: 63342219
Test: BOARD_VNDK_VERSION=current m -j libstagefright_foundation.vendor
Change-Id: I081deddb4f66354aaecec4b395d4e17e5566c578
Depending on how ld.config.txt is configured, there can be multiple
built-in namespaces created by the linker from the beginning of a
process. android_get_exported_namespace is a platform only API for
getting a handle (android_namespace_t*) to one of the built-in namespaces
with given name. The returned namespace can then be given to
android_dlopen_ext in order to explicitly specify the target namespace
where the library is searched and loaded from.
Note that this function only returns 'exported' namespaces created via
ld.config.txt file. In order to export a namespace, the visible property
should be set to true:
namespace.<name>.visible = true
Namespaces are hidden by default. Hidden namespaces and namespaces
that are created programmatically, notably 'classloader-namespace',
aren't returned by this function.
Bug: 36851137
Test: confirmed that namespaces created with ld.config.txt is retrieved.
Test: linker-unit-tests passes
Merged-in: I714b510fa24f77e42c3dfc4c827b3befa8bb2951
Change-Id: I0d05fa7e0e116009edf8ea362ab46774bc617cbf
(cherry picked from commit d7c4832e6a)
This commit updates interface of libdl.c.
1. android_init_namespaces is replaces with android_init_anonymous_namespace
2. added 2 arguments to android_create_namespace to specify linked namespace
and the list of shared libraries sonames.
3. symbol lookup does not get past boundary libraries (added check and test for it).
Bug: http://b/26833548
Bug: http://b/21879602
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I32921da487a02e5bd0d2fc528904d1228394bfb9
This change includes dlwarning implementation and
the compatibility greylist for apps targeting pre-N.
Change-Id: Ibf02a07cc58cbbb1a5aef4ac34558c5d43e4305f
Test: Run bionic-unit-tests --gtest_filter=dl*:Dl*
The anonymous namespace is introduced to
handle cases when linker can not find the
caller. This usually happens when caller
code was not loaded by dynamic linker;
for example mono-generated code.
Bug: http://b/25844435
Bug: http://b/22548808
Change-Id: I9e5b1d23c1c75bc78548d68e79216a6a943a33cf
