This mode instructs the linker to search for libraries in hwasan
subdirectories of all library search paths. This is set up to contain a
hwasan-enabled copy of libc, which is needed for HWASan programs to
operate. There are two ways this mode can be enabled:
* for native binaries, by using the linker_hwasan64 symlink as its
interpreter
* for apps: by setting the LD_HWASAN environment variable in wrap.sh
Bug: 276930343
Change-Id: I0f4117a50091616f26947fbe37a28ee573b97ad0
1. Cleanup for #inclusivefixit. (whitelisted -> allowed_libs)
2. Support the old term for backwards compatibility. (Also update test.)
3. Fix the formatting errors found by clang-format.
See https://source.android.com/setup/contribute/respectful-code
for reference.
Bug: 161896447
Test: atest linker-unit-tests linker-benchmarks
Change-Id: I19dbed27a6d874ac0049cb7b67d2cb0f75369c1b
.whitelisted is a list of sonames seperated by ":" just like
.shared_libs and .paths properties. It makes sense to make it appendable
using += as well ass .shared_libs and .paths.
Bug: n/a
Test: atest linker-unit-tests
Change-Id: If61cc553c8080e8a58de8a3a6051c1853f7bfe5f
The string is still "lib" or "lib64" with native bridge. It doesn't need
to be configured in the Android.bp file anymore, so move it to a header
file. This change will ensure that ${LIB} expands to the same thing in
both ld.config.txt and DT_RUN_PATH.
Bug: http://b/145197367
Test: manual
Change-Id: Iab87f3156f2984dd3a20e4ccda423892c8b58763
Merged-In: Iab87f3156f2984dd3a20e4ccda423892c8b58763
With VNDK APEX, the path for VNDK libs has been changed
from /system/lib/vndk-VER to /apex/com.android.vndk.vVER/lib
In most cases, vndk version can be substituted when generating
ld.config.txt by linkerconfig.
But, ld.config.txt files in APEX packages still rely on runtime substitution.
Specifically, com.android.media.swcodec is using VNDK_VER variable.
Moreover, it cannot migrate to a new location since it should run on
older version of system due to APEX requirements.
For backward compatibility, instead of changing the value of old
variable, a new variable is added.
- VNDK_VER : "-" prefixed vndk version, used for older path
(e.g. /system/lib/vndk-sp-29)
- VNDK_APEX_VER : "v" prefixed vndk versions.
(e.g. /apex/com.android.vndk.v29/lib)
Test: add a vendor binary to /apex/com.android.media.swcodec/bin
which opens /system/lib/vndk-sp{VNDK_VER}/hw/android.hidl.memory@1.0-impl.so
via android_load_sphal_library()
Bug: 142912195
Change-Id: I3dfb3c1068cff00d5b63e92d51da6c4af00d264e
With VNDK APEX, the path for VNDK libs has been changed
from /system/lib/vndk-VER to /apex/com.android.vndk.vVER/lib
Previously, VNDK_VER is replaced with prefix(e.g. "-29"). We could
still prepend prefix("v") to the vndk version, but this change uses a
raw vndk version as the value of VNKD_VER.
Bug: 141451661
Test: m && boot (tested with cuttlefish)
Change-Id: Ibf4cf5e29b7f28e733d4b3bc15171f4359e1d2f2
This reverts commit 39699ea095.
Reason for revert: This breaks swcodec apex. (It still uses VNDK_VER)
Bug: 140014331
Change-Id: I3a4c5b68fdd5e42fdf93c4c71f6c3be839ea8a28
When parsing ld.config.txt, paths in *.search.paths properties are
resolved using resolved_paths(). This is causing a number of newfstatat
system calls during a process start-up and is contributing about 3.6%
of the entire linker initialization time.
Optimize the overhead by not resolving already resolved paths; resolved
paths are cached.
Bug: 132348336
Test: strace -C -e newfstatat ls shows the number of the syscalls is
reduced from 131 to 99
Test: simpleperf record --call-graph fp -f 10000000 -o /data/perf.data ls
simpleperf report -g -i /data/perf.data
shows percentage of get_paths() from 2.9% to 2.5%
Change-Id: I79823255a89f6e2a63b80c74e6768850276ab536
Also update an rvalue reference to lvalue reference where it's
unnecessary to make it clearer.
Test: Build and boot cuttlefish.
Change-Id: Ib799666ab075523e6446f34c7da2b1eb311f98ab
In order to enable no-vendor-variant VNDK, we need a way to restrict a
namespace to only a list of whitelisted libraries. We add a new
"whitelisted" property for this. If the property is not set, all
libraries in the search paths are available in a namespace. If the
property is set, only the libraries named are available.
Bug: 119423884
Test: Boot with no-vendor-variant VNDK enabled using the new property.
Change-Id: Id808c1733c8e2c2c3462b04c72461f9698403571
- Show which executable is being linked, which linker config file is
being read, and which section in it is being used with, enabled on
$LD_DEBUG>=1.
- Show more info to follow the dlopen() process, enabled with "dlopen"
in the debug.ld.xxx property.
Test: Flash, boot, and look at logcat after "adb shell setprop debug.ld.all dlopen"
Bug: 120430775
Change-Id: I5441c8ced26ec0e2f04620c3d2a1ae860b792154
Make the num_free_blocks calculation clearer. There are
sizeof(page->bytes) bytes available for blocks, which is equal to
(kAllocateSize - 16). The previous calculation overestimates the amount
of space by 8 or 12 bytes, but that doesn't change the result because
both kAllocateSize and block_size_ are multiples of 16.
Bug: none
Test: boot device, bionic unit tests
Change-Id: Ia880cd5abc2a7bb4e9e6a8c0441d985f4df8fdc4
Suppress the SELinux denial log spam by not calling realpath(3) when the
path does not exist or is not accessible for read, and then not auditing
access(2) failure.
Bug: 120996057
Test: copy ping to /data/local/tmp, run it, verify no errors
Test: run bionic-unit-tests, the tests pass
Change-Id: Ie6058bfc9524a9b5c50fc7183fdddea6a8fb9200
When parsing a dir.${section} line in ld.config.txt, the linker uses
realpath() to resolve each directory path. If realpath() fails, the linker
uses the non-resolved path instead. Previously, it issued a warning to
stderr and logcat, but realpath() is expected to fail on /postinstall when
running a binary in /data/local/tmp, so downgrade the warning to an INFO()
notice.
Bug: http://b/120996057
Test: copy ping to /data/local/tmp, run it, verify no errors
Test: bionic unit tests
Change-Id: I2104084e12ea18840230997408559299bf3bddac
Some directories (e.g., /product/bin, etc.) in ld.config.txt may
not exist in some devices. Since many of them are optional directories,
don't emit warning when realpath() gives ENOENT for the paths.
Test: m -j
Change-Id: Ic4fa7db05bde53d3aa5df47291e83b4cdc09aa1f
Some devices place some of their partitions under /system. If the linker
resolves that paths, verboseness of ld.config.txt will be reduced as we
don't need to add both /system/{partition} and /{partition}.
Bug: http://b/80422611
Test: m -j, boot on taimen, atest
Change-Id: I6b712170bb89229b764026e2cc517c426e6e6063
Explicitly say "warning" for warnings, explicitly say what action
we're going to take (such as "(ignoring)"), always provide a link to
our documentation when there is one, explicitly say what API level the
behavior changes at, and explicitly say why we're allowing the misbehavior
for now.
Bug: http://b/71852862
Test: ran tests, looked at logcat
Change-Id: I1795a5af45deb904332b866d7d666690dae4340b
This commit allows users to create a link without soname filters between
two linker namespaces.
The motivation is to establish one-way shared library isolation. For
example, assume that there are two linker namespaces `default` and
`vndk`. We would like to limit the shared libraries that can be used by
the `default` namespace. In the meanwhile, we would like to allow the
`vndk` namespace to use shared libs from the `default` namespace if the
soname cannot be find in the search path or loaded sonames of the `vndk`
namespace.
shared_libs = %VNDK_CORE_LIBRARIES%
shared_libs += %VNDK_SAMEPROCESS_LIBRARIES%
vndk <-------------------------------------------- default
\_______________________________________________/^
allow_all_shared_libs = true
android_link_namespaces_all_libs() is added to libdl, but it is
versioned as LIBC_PRIVATE. android_link_namespaces_all_libs() is only
for unit tests.
Bug: 69824336
Test: adb shell /data/nativetest/linker-unit-tests/linker-unit-tests32
Test: adb shell /data/nativetest64/linker-unit-tests/linker-unit-tests64
Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests
Test: adb shell /data/nativetest64/bionic-unit-tests/bionic-unit-tests
Test: Update /system/etc/ld.config*.txt and check whether the vndk
linker namespace of the vendor process can access the shared libs from
the default linker namespace.
Change-Id: I2879f0c5f5af60c7e56f8f743ebd2872e552286b
When ro.vndk.version is set to a specific version, not "current",
use ld.config.$VER.txt as a linker namespace configuration file,
where $VER is the VNDK version set by ro.vndk.version.
Because ro.vndk.version is set by the vendor partition, the
configuration file will be automatically selected by the VNDK version
of vendor patition.
If ro.vndk.version is current or not set, ld.config.txt will be used
as before.
Bug: 69531793
Test: Build for a Pixel2 device.
In the out/target/product/<device> directory,
rename system/etc/ld.config.txt to system/etc/ld.config.27.1.0.txt
rename system/lib[64]/vndk to system/lib[64]/vndk-27.1.0
copy system/lib[64]/vndk-sp to system/lib[64]/vndk-sp-27.1.0
set ro.vndk.version to 27.1.0 in vendor/default.prop
Build system and vendor images with "make snod" and "make vnod".
Disble vbmeta using avbtool.
Flash a device and check boot.
Change-Id: Ic55bb0a741d434e5fa93e109be15df9d9de3f105
ld.config.txt currently does not support split line. As the file gets
larger, this limitation makes the file very unreadable. Now, long lines
can be avoided by breaking one line into multiple lines using +=
operator.
ex)
namespace.default.search.paths = /system/${LIB}
namespace.default.search.paths += /system/${LIB}
Delimitor (':' for *.paths and *.shared_libs, and ',' for *.links) is
automatically added.
Bug: 69888716
Test: linker-unit-tests passes
Change-Id: I4b94fd4e7f8a76d59db8d1096c86aa2118e46625
The permitted and search paths should be changed according to VNDK
version for VNDK snapshot. So, {VNDK_VER} value is added in ld.config.txt
file and this value is set through the linker.
If ro.vndk.version is not set, search paths are vndk and vndk-sp as
before.
Bug: 66074376
Test: build & run
Change-Id: I266b66fe1bc95d8925053ef497db11ac0a57c082
This reverts commit 81b175747d.
Reason: 02586a2a34 fixed the bug that
prevented us from using LD_PRELOAD with multiple namespaces.
Bug: 38114603
Test: 1. ./external/compiler-rt/lib/asan/scripts/asan_device_setup --lib
prebuilts/clang/host/linux-x86/clang-stable/lib64/clang/5.0/lib/linux
2. enable talkback shortcut
3. in the home screen, hold vol-up/down together
4. device does not reboots and talkback shortcut is toggled
Test: bionic-unit-tests and linker-unit-tests successful
(cherry picked from commit 6ab40bbf53)
Merged-In: I25a05927ffbb28b9fa72303652893f43918ccec6
Change-Id: If264f0ce5d7187816d3acc790b6e31d479b628ee
Linker resolves the paths in /system/etc/ld.config.txt to canonicalize
the paths and to ensure they exist. However, as permitted paths for the
default namespace contain directories such as /vendor/app, /mnt/expand,
and etc., the resolving causes selinux denial on some processes which do
not have access to some of the permitted paths.
In order to silence the bogus selinux denial, resolution is skipped for
permitted paths.
Note that the resolution is not strictly required especially for
Treble-ized devices where permitted paths are already canonicalized (i.e
/vendor isn't a symlink to /system/vendor).
Bug: 65843095
Test: no selinux denial on /vendor/app, /vendor/framework, etc. while
booting.
Merged-In: I1a9921e45f4c15b08cdf8f1caee64c4cb0761e1f
Change-Id: I1a9921e45f4c15b08cdf8f1caee64c4cb0761e1f
(cherry picked from commit 527757e16b)
Currently, multiple namespaces does not support ASAN mode where some
symbols should be intercepted via LD_PRELOAD; LD_PRELOADed libs are not
preloaded into the linked namespaces other than the default namespace.
Until we fix the problem, we temporarily disable ld.config.txt in ASAN
mode.
Bug: 38114603
Test: 1. ./external/compiler-rt/lib/asan/scripts/asan_device_setup --lib
prebuilts/clang/host/linux-x86/clang-stable/lib64/clang/3.8/lib/linux
2. enable talkback shortcut
3. in the home screen, hold vol-up/down together
4. device does not reboots and talkback shortcut is toggled
Test: bionic-unit-tests and linker-unit-tests successful
Change-Id: I091874dd36b36f56dff2ad899d76ff86931909ed
This library is used by a number of different libraries in the system.
Make it easy for platform libraries to use this library and create
an actual exported include file.
Change the names of the functions to reflect the new name of the library.
Run clang_format on the async_safe_log.cpp file since the formatting is
all over the place.
Bug: 31919199
Test: Compiled for angler/bullhead, and booted.
Test: Ran bionic unit tests.
Test: Ran the malloc debug tests.
Change-Id: I8071bf690c17b0ea3bc8dc5749cdd5b6ad58478a
Depending on how ld.config.txt is configured, there can be multiple
built-in namespaces created by the linker from the beginning of a
process. android_get_exported_namespace is a platform only API for
getting a handle (android_namespace_t*) to one of the built-in namespaces
with given name. The returned namespace can then be given to
android_dlopen_ext in order to explicitly specify the target namespace
where the library is searched and loaded from.
Note that this function only returns 'exported' namespaces created via
ld.config.txt file. In order to export a namespace, the visible property
should be set to true:
namespace.<name>.visible = true
Namespaces are hidden by default. Hidden namespaces and namespaces
that are created programmatically, notably 'classloader-namespace',
aren't returned by this function.
Bug: 36851137
Test: confirmed that namespaces created with ld.config.txt is retrieved.
Test: linker-unit-tests passes
Merged-in: I714b510fa24f77e42c3dfc4c827b3befa8bb2951
Change-Id: I0d05fa7e0e116009edf8ea362ab46774bc617cbf
(cherry picked from commit d7c4832e6a)
Depending on how ld.config.txt is configured, there can be multiple
built-in namespaces created by the linker from the beginning of a
process. android_get_exported_namespace is a platform only API for
getting a handle (android_namespace_t*) to one of the built-in namespaces
with given name. The returned namespace can then be given to
android_dlopen_ext in order to explicitly specify the target namespace
where the library is searched and loaded from.
Note that this function only returns 'exported' namespaces created via
ld.config.txt file. In order to export a namespace, the visible property
should be set to true:
namespace.<name>.visible = true
Namespaces are hidden by default. Hidden namespaces and namespaces
that are created programmatically, notably 'classloader-namespace',
aren't returned by this function.
Bug: 36851137
Test: confirmed that namespaces created with ld.config.txt is retrieved.
Test: linker-unit-tests passes
Change-Id: I0d05fa7e0e116009edf8ea362ab46774bc617cbf
This change allows customization of default namespace
configuration for different executables. It also enables
target_sdk_version setup for binaries (note that this
option should explicitly be enabled in ld.config.txt).
Bug: http://b/30706810
Bug: http://b/30435785
Test: run linker-unit-tests/bionic-unit-tests, boot angler
Change-Id: Ibbe87209acf1538fc9cec04944f3d22a190c38f1
