Commit graph

34 commits

Author SHA1 Message Date
Florian Mayer
c10d064b5c Introduce hwasan mode for linker
This mode instructs the linker to search for libraries in hwasan
subdirectories of all library search paths. This is set up to contain a
hwasan-enabled copy of libc, which is needed for HWASan programs to
operate. There are two ways this mode can be enabled:

* for native binaries, by using the linker_hwasan64 symlink as its
  interpreter
* for apps: by setting the LD_HWASAN environment variable in wrap.sh

Bug: 276930343
Change-Id: I0f4117a50091616f26947fbe37a28ee573b97ad0
2023-04-14 01:33:30 -07:00
Luke Huang
30f2f053f2 linker: Cleanup for Android's inclusive language guidance
1. Cleanup for #inclusivefixit. (whitelisted -> allowed_libs)
2. Support the old term for backwards compatibility. (Also update test.)
3. Fix the formatting errors found by clang-format.

See https://source.android.com/setup/contribute/respectful-code
for reference.

Bug: 161896447
Test: atest linker-unit-tests linker-benchmarks
Change-Id: I19dbed27a6d874ac0049cb7b67d2cb0f75369c1b
2020-07-31 11:37:28 +08:00
Jooyung Han
61a9a4016c Make .whitelisted property "append"-able
.whitelisted is a list of sonames seperated by ":" just like
.shared_libs and .paths properties. It makes sense to make it appendable
using += as well ass .shared_libs and .paths.

Bug: n/a
Test: atest linker-unit-tests
Change-Id: If61cc553c8080e8a58de8a3a6051c1853f7bfe5f
2020-06-02 16:05:01 +09:00
Ryan Prichard
4d4087dc95 Replace LIB_PATH macro with kLibPath
The string is still "lib" or "lib64" with native bridge. It doesn't need
to be configured in the Android.bp file anymore, so move it to a header
file. This change will ensure that ${LIB} expands to the same thing in
both ld.config.txt and DT_RUN_PATH.

Bug: http://b/145197367
Test: manual
Change-Id: Iab87f3156f2984dd3a20e4ccda423892c8b58763
Merged-In: Iab87f3156f2984dd3a20e4ccda423892c8b58763
2019-12-04 13:31:56 -08:00
Jooyung Han
09283992ca Add linker config variable: VNDK_APEX_VER
With VNDK APEX, the path for VNDK libs has been changed
from /system/lib/vndk-VER to /apex/com.android.vndk.vVER/lib

In most cases, vndk version can be substituted when generating
ld.config.txt by linkerconfig.

But, ld.config.txt files in APEX packages still rely on runtime substitution.
Specifically, com.android.media.swcodec is using VNDK_VER variable.
Moreover, it cannot migrate to a new location since it should run on
older version of system due to APEX requirements.

For backward compatibility, instead of changing the value of old
variable, a new variable is added.

- VNDK_VER : "-" prefixed vndk version, used for older path
            (e.g. /system/lib/vndk-sp-29)
- VNDK_APEX_VER : "v" prefixed vndk versions.
            (e.g. /apex/com.android.vndk.v29/lib)

Test: add a vendor binary to /apex/com.android.media.swcodec/bin
      which opens /system/lib/vndk-sp{VNDK_VER}/hw/android.hidl.memory@1.0-impl.so
      via android_load_sphal_library()
Bug: 142912195

Change-Id: I3dfb3c1068cff00d5b63e92d51da6c4af00d264e
2019-10-29 05:47:03 +09:00
Jooyung Han
a365ac10a2 Revert "Change linker config variable: VNDK_VER"
This reverts commit e30a7f5d1f.

Reason for revert: some targets are broken

Bug: 142773030
Change-Id: I651ef00a9d1aaac6f0119d31712fb588d8aa68f0
2019-10-16 23:42:56 +00:00
Jooyung Han
e30a7f5d1f Change linker config variable: VNDK_VER
With VNDK APEX, the path for VNDK libs has been changed
from /system/lib/vndk-VER to /apex/com.android.vndk.vVER/lib

Previously, VNDK_VER is replaced with prefix(e.g. "-29"). We could
still prepend prefix("v") to the vndk version, but this change uses a
raw vndk version as the value of VNKD_VER.

Bug: 141451661
Test: m && boot (tested with cuttlefish)
Change-Id: Ibf4cf5e29b7f28e733d4b3bc15171f4359e1d2f2
2019-10-11 10:09:16 +09:00
Jooyung Han
5d1d907ba5 Revert "linker: cleanup (removing unused VNDK_VER)"
This reverts commit 39699ea095.

Reason for revert: This breaks swcodec apex. (It still uses VNDK_VER)
Bug: 140014331
Change-Id: I3a4c5b68fdd5e42fdf93c4c71f6c3be839ea8a28
2019-08-26 23:09:07 +00:00
Jooyung Han
39699ea095 linker: cleanup (removing unused VNDK_VER)
VNDK_VER runtime variable in the linker config file is not used any
more.

Test: m
Change-Id: Id08add6d0259a420ff4819f33093ce388bb3cbe9
2019-08-21 15:04:58 +09:00
Jiyong Park
341b61e694 Don't resolve already resolved paths when parsing ld.config.txt
When parsing ld.config.txt, paths in *.search.paths properties are
resolved using resolved_paths(). This is causing a number of newfstatat
system calls during a process start-up and is contributing about 3.6%
of the entire linker initialization time.

Optimize the overhead by not resolving already resolved paths; resolved
paths are cached.

Bug: 132348336
Test: strace -C -e newfstatat ls shows the number of the syscalls is
reduced from 131 to 99
Test: simpleperf record --call-graph fp -f 10000000 -o /data/perf.data ls
simpleperf report -g -i /data/perf.data
shows percentage of get_paths() from 2.9% to 2.5%

Change-Id: I79823255a89f6e2a63b80c74e6768850276ab536
2019-05-17 10:09:13 +09:00
Vic Yang
976d4b4634 Use std::move() for rvalue-reference setters and ctors
Also update an rvalue reference to lvalue reference where it's
unnecessary to make it clearer.

Test: Build and boot cuttlefish.
Change-Id: Ib799666ab075523e6446f34c7da2b1eb311f98ab
2019-03-20 10:20:49 -07:00
Vic Yang
2d020e43fb linker: Add support for "whitelisted" property in linker config files
In order to enable no-vendor-variant VNDK, we need a way to restrict a
namespace to only a list of whitelisted libraries.  We add a new
"whitelisted" property for this.  If the property is not set, all
libraries in the search paths are available in a namespace.  If the
property is set, only the libraries named are available.

Bug: 119423884
Test: Boot with no-vendor-variant VNDK enabled using the new property.
Change-Id: Id808c1733c8e2c2c3462b04c72461f9698403571
2019-03-20 10:20:49 -07:00
Martin Stjernholm
95252eedf3 Add more linker debug.
- Show which executable is being linked, which linker config file is
  being read, and which section in it is being used with, enabled on
  $LD_DEBUG>=1.

- Show more info to follow the dlopen() process, enabled with "dlopen"
  in the debug.ld.xxx property.

Test: Flash, boot, and look at logcat after "adb shell setprop debug.ld.all dlopen"
Bug: 120430775
Change-Id: I5441c8ced26ec0e2f04620c3d2a1ae860b792154
2019-03-19 14:03:18 +00:00
Ryan Prichard
92b3e1b37b Cosmetic changes to linker allocator and config
Make the num_free_blocks calculation clearer. There are
sizeof(page->bytes) bytes available for blocks, which is equal to
(kAllocateSize - 16). The previous calculation overestimates the amount
of space by 8 or 12 bytes, but that doesn't change the result because
both kAllocateSize and block_size_ are multiples of 16.

Bug: none
Test: boot device, bionic unit tests
Change-Id: Ia880cd5abc2a7bb4e9e6a8c0441d985f4df8fdc4
2019-03-12 01:11:24 +00:00
Jiyong Park
42e81985b1 Call realpath(3) only when the path is accessible for read
Suppress the SELinux denial log spam by not calling realpath(3) when the
path does not exist or is not accessible for read, and then not auditing
access(2) failure.

Bug: 120996057
Test: copy ping to /data/local/tmp, run it, verify no errors
Test: run bionic-unit-tests, the tests pass
Change-Id: Ie6058bfc9524a9b5c50fc7183fdddea6a8fb9200
2019-01-25 20:48:12 +09:00
Ryan Prichard
6b55cc36d3 dir.${section}: downgrade "can't resolve" diag
When parsing a dir.${section} line in ld.config.txt, the linker uses
realpath() to resolve each directory path. If realpath() fails, the linker
uses the non-resolved path instead. Previously, it issued a warning to
stderr and logcat, but realpath() is expected to fail on /postinstall when
running a binary in /data/local/tmp, so downgrade the warning to an INFO()
notice.

Bug: http://b/120996057
Test: copy ping to /data/local/tmp, run it, verify no errors
Test: bionic unit tests
Change-Id: I2104084e12ea18840230997408559299bf3bddac
2019-01-04 15:05:44 -08:00
Chih-Hung Hsieh
0218e92329 Fix performance-for-range-copy warnings
Bug: 30413223
Test: make with WITH_TIDY=1 DEFAULT_GLOBAL_TIDY_CHECKS=-*,performance*
Change-Id: I41cc70d161468c5586ca8be3185578e65681a9c5
2018-12-11 10:22:11 -08:00
Jiyong Park
d3c08f28a3 Don't emit warning on missing directories
Some directories (e.g., /product/bin, etc.) in ld.config.txt may
not exist in some devices. Since many of them are optional directories,
don't emit warning when realpath() gives ENOENT for the paths.

Test: m -j
Change-Id: Ic4fa7db05bde53d3aa5df47291e83b4cdc09aa1f
2018-06-22 00:59:23 +09:00
Inseob Kim
216323bd84 Resolve paths of dir.${section} if possible
Some devices place some of their partitions under /system. If the linker
resolves that paths, verboseness of ld.config.txt will be reduced as we
don't need to add both /system/{partition} and /{partition}.

Bug: http://b/80422611
Test: m -j, boot on taimen, atest
Change-Id: I6b712170bb89229b764026e2cc517c426e6e6063
2018-06-18 19:16:34 +09:00
Elliott Hughes
9076b0c4e7 Be clearer about linker warnings.
Explicitly say "warning" for warnings, explicitly say what action
we're going to take (such as "(ignoring)"), always provide a link to
our documentation when there is one, explicitly say what API level the
behavior changes at, and explicitly say why we're allowing the misbehavior
for now.

Bug: http://b/71852862
Test: ran tests, looked at logcat
Change-Id: I1795a5af45deb904332b866d7d666690dae4340b
2018-02-28 12:37:28 -08:00
Logan Chien
9ee4591cb4 linker: Allow link namespaces without name filters
This commit allows users to create a link without soname filters between
two linker namespaces.

The motivation is to establish one-way shared library isolation.  For
example, assume that there are two linker namespaces `default` and
`vndk`.  We would like to limit the shared libraries that can be used by
the `default` namespace.  In the meanwhile, we would like to allow the
`vndk` namespace to use shared libs from the `default` namespace if the
soname cannot be find in the search path or loaded sonames of the `vndk`
namespace.

          shared_libs  = %VNDK_CORE_LIBRARIES%
          shared_libs += %VNDK_SAMEPROCESS_LIBRARIES%
    vndk <-------------------------------------------- default
       \_______________________________________________/^
                allow_all_shared_libs = true

android_link_namespaces_all_libs() is added to libdl, but it is
versioned as LIBC_PRIVATE.  android_link_namespaces_all_libs() is only
for unit tests.

Bug: 69824336

Test: adb shell /data/nativetest/linker-unit-tests/linker-unit-tests32
Test: adb shell /data/nativetest64/linker-unit-tests/linker-unit-tests64

Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests
Test: adb shell /data/nativetest64/bionic-unit-tests/bionic-unit-tests

Test: Update /system/etc/ld.config*.txt and check whether the vndk
linker namespace of the vendor process can access the shared libs from
the default linker namespace.

Change-Id: I2879f0c5f5af60c7e56f8f743ebd2872e552286b
2018-01-25 14:45:29 +08:00
Treehugger Robot
bfd06f63e5 Merge "Allow property += value in ld.config.txt" 2017-12-04 01:43:27 +00:00
Justin Yun
53ce74288c Use ld.config.$VER.txt when current VNDK version is $VER
When ro.vndk.version is set to a specific version, not "current",
use ld.config.$VER.txt as a linker namespace configuration file,
where $VER is the VNDK version set by ro.vndk.version.

Because ro.vndk.version is set by the vendor partition, the
configuration file will be automatically selected by the VNDK version
of vendor patition.

If ro.vndk.version is current or not set, ld.config.txt will be used
as before.

Bug: 69531793
Test: Build for a Pixel2 device.
  In the out/target/product/<device> directory,
    rename system/etc/ld.config.txt to system/etc/ld.config.27.1.0.txt
    rename system/lib[64]/vndk to system/lib[64]/vndk-27.1.0
    copy system/lib[64]/vndk-sp to system/lib[64]/vndk-sp-27.1.0
    set ro.vndk.version to 27.1.0 in vendor/default.prop
  Build system and vendor images with "make snod" and "make vnod".
  Disble vbmeta using avbtool.
  Flash a device and check boot.

Change-Id: Ic55bb0a741d434e5fa93e109be15df9d9de3f105
2017-12-03 23:26:53 +09:00
Jiyong Park
8b02951135 Allow property += value in ld.config.txt
ld.config.txt currently does not support split line. As the file gets
larger, this limitation makes the file very unreadable. Now, long lines
can be avoided by breaking one line into multiple lines using +=
operator.

ex)

namespace.default.search.paths = /system/${LIB}
namespace.default.search.paths += /system/${LIB}

Delimitor (':' for *.paths and *.shared_libs, and ',' for *.links) is
automatically added.

Bug: 69888716
Test: linker-unit-tests passes

Change-Id: I4b94fd4e7f8a76d59db8d1096c86aa2118e46625
2017-12-01 10:58:10 +09:00
Sundong Ahn
8fc5032ed2 Set search path to ro.vndk.version property
The permitted and search paths should be changed according to VNDK
version for VNDK snapshot. So, {VNDK_VER} value is added in ld.config.txt
file and this value is set through the linker.
If ro.vndk.version is not set, search paths are vndk and vndk-sp as
before.

Bug: 66074376
Test: build & run
Change-Id: I266b66fe1bc95d8925053ef497db11ac0a57c082
2017-10-20 13:41:14 +09:00
Jiyong Park
1a524d6248 Revert "linker: disable ld.config.txt in ASAN mode"
This reverts commit 81b175747d.

Reason: 02586a2a34 fixed the bug that
prevented us from using LD_PRELOAD with multiple namespaces.

Bug: 38114603
Test: 1. ./external/compiler-rt/lib/asan/scripts/asan_device_setup --lib
prebuilts/clang/host/linux-x86/clang-stable/lib64/clang/5.0/lib/linux
2. enable talkback shortcut
3. in the home screen, hold vol-up/down together
4. device does not reboots and talkback shortcut is toggled
Test: bionic-unit-tests and linker-unit-tests successful

(cherry picked from commit 6ab40bbf53)

Merged-In: I25a05927ffbb28b9fa72303652893f43918ccec6
Change-Id: If264f0ce5d7187816d3acc790b6e31d479b628ee
2017-10-04 07:32:28 +09:00
Jiyong Park
0f33f23a76 Don't resolve permitted.paths
Linker resolves the paths in /system/etc/ld.config.txt to canonicalize
the paths and to ensure they exist. However, as permitted paths for the
default namespace contain directories such as /vendor/app, /mnt/expand,
and etc., the resolving causes selinux denial on some processes which do
not have access to some of the permitted paths.

In order to silence the bogus selinux denial, resolution is skipped for
permitted paths.

Note that the resolution is not strictly required especially for
Treble-ized devices where permitted paths are already canonicalized (i.e
/vendor isn't a symlink to /system/vendor).

Bug: 65843095
Test: no selinux denial on /vendor/app, /vendor/framework, etc. while
booting.

Merged-In: I1a9921e45f4c15b08cdf8f1caee64c4cb0761e1f
Change-Id: I1a9921e45f4c15b08cdf8f1caee64c4cb0761e1f
(cherry picked from commit 527757e16b)
2017-09-22 11:34:43 +09:00
Jiyong Park
08d3f97e7f Merge "linker: disable ld.config.txt in ASAN mode" into oc-dev
am: 41e0ceb5c9

Change-Id: I6e9faedbb26d94aab7064c2c8620362c776143be
2017-05-27 01:50:49 +00:00
Jiyong Park
81b175747d linker: disable ld.config.txt in ASAN mode
Currently, multiple namespaces does not support ASAN mode where some
symbols should be intercepted via LD_PRELOAD; LD_PRELOADed libs are not
preloaded into the linked namespaces other than the default namespace.
Until we fix the problem, we temporarily disable ld.config.txt in ASAN
mode.

Bug: 38114603
Test: 1. ./external/compiler-rt/lib/asan/scripts/asan_device_setup --lib
prebuilts/clang/host/linux-x86/clang-stable/lib64/clang/3.8/lib/linux
2. enable talkback shortcut
3. in the home screen, hold vol-up/down together
4. device does not reboots and talkback shortcut is toggled
Test: bionic-unit-tests and linker-unit-tests successful

Change-Id: I091874dd36b36f56dff2ad899d76ff86931909ed
2017-05-27 08:40:12 +09:00
Christopher Ferris
7a3681e5b6 Move libc_log code into libasync_safe.
This library is used by a number of different libraries in the system.
Make it easy for platform libraries to use this library and create
an actual exported include file.

Change the names of the functions to reflect the new name of the library.

Run clang_format on the async_safe_log.cpp file since the formatting is
all over the place.

Bug: 31919199

Test: Compiled for angler/bullhead, and booted.
Test: Ran bionic unit tests.
Test: Ran the malloc debug tests.
Change-Id: I8071bf690c17b0ea3bc8dc5749cdd5b6ad58478a
2017-05-03 08:50:43 -07:00
Jiyong Park
01de74e76d linker: add android_get_exported_namespace
Depending on how ld.config.txt is configured, there can be multiple
built-in namespaces created by the linker from the beginning of a
process. android_get_exported_namespace is a platform only API for
getting a handle (android_namespace_t*) to one of the built-in namespaces
with given name. The returned namespace can then be given to
android_dlopen_ext in order to explicitly specify the target namespace
where the library is searched and loaded from.

Note that this function only returns 'exported' namespaces created via
ld.config.txt file. In order to export a namespace, the visible property
should be set to true:

namespace.<name>.visible = true

Namespaces are hidden by default. Hidden namespaces and namespaces
that are created programmatically, notably 'classloader-namespace',
aren't returned by this function.

Bug: 36851137
Test: confirmed that namespaces created with ld.config.txt is retrieved.
Test: linker-unit-tests passes
Merged-in: I714b510fa24f77e42c3dfc4c827b3befa8bb2951
Change-Id: I0d05fa7e0e116009edf8ea362ab46774bc617cbf
(cherry picked from commit d7c4832e6a)
2017-04-28 10:14:28 +09:00
Jiyong Park
d7c4832e6a linker: add android_get_exported_namespace
Depending on how ld.config.txt is configured, there can be multiple
built-in namespaces created by the linker from the beginning of a
process. android_get_exported_namespace is a platform only API for
getting a handle (android_namespace_t*) to one of the built-in namespaces
with given name. The returned namespace can then be given to
android_dlopen_ext in order to explicitly specify the target namespace
where the library is searched and loaded from.

Note that this function only returns 'exported' namespaces created via
ld.config.txt file. In order to export a namespace, the visible property
should be set to true:

namespace.<name>.visible = true

Namespaces are hidden by default. Hidden namespaces and namespaces
that are created programmatically, notably 'classloader-namespace',
aren't returned by this function.

Bug: 36851137
Test: confirmed that namespaces created with ld.config.txt is retrieved.
Test: linker-unit-tests passes
Change-Id: I0d05fa7e0e116009edf8ea362ab46774bc617cbf
2017-04-06 15:20:04 -07:00
Tom Cherry
b8ab61804c Move scopeguard into android::base
Test: boot bullhead, bionic unit tests
Change-Id: I223249684867655ecb53713b10da41d3014f96ae
2017-04-05 16:37:07 -07:00
Dimitry Ivanov
4cabfaad34 Load namespace configuration from ld.config.txt
This change allows customization of default namespace
configuration for different executables. It also enables
target_sdk_version setup for binaries (note that this
option should explicitly be enabled in ld.config.txt).

Bug: http://b/30706810
Bug: http://b/30435785
Test: run linker-unit-tests/bionic-unit-tests, boot angler
Change-Id: Ibbe87209acf1538fc9cec04944f3d22a190c38f1
2017-03-24 15:50:45 -07:00