vdso should be available in all namespaces when present. This
bug went undetected because the way libc currently uses vdso (it
does all the lookups itself). This makes it available for the
programs that want to take advantage by dlopening it.
Bug: http://b/73105445
Bug: http://b/79561555
Test: adb shell /data/nativetest/arm/bionic-unit-tests/bionic-unit-tests --gtest_filter=dl.exec_with_ld_config_file
Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests --gtest_filter=dl*
Change-Id: I8eae0c9848f256190d1c9ec85d10dc6ce383a8bc
(cherry picked from commit 69c68c46ac)
Explicitly say "warning" for warnings, explicitly say what action
we're going to take (such as "(ignoring)"), always provide a link to
our documentation when there is one, explicitly say what API level the
behavior changes at, and explicitly say why we're allowing the misbehavior
for now.
Bug: http://b/71852862
Test: ran tests, looked at logcat
Change-Id: I1795a5af45deb904332b866d7d666690dae4340b
RTLD_NEXT/DEFAULT lookup should not skip handle lookup
in the case when the load group is RTLD_GLOBAL.
Note that there is a difference between load group is local group.
The local group includes externally referenced libraries where
the load group does not. The external reference in this context is a
DT_NEEDED library that belongs to a previously loaded group.
Bug: http://b/72237367
Test: bionic-unit-tests --gtest_filter=dl*
Change-Id: I8997cc961c13a5396f1756161798b45ed1cab16c
This change modifies the encoding used in SHT_RELR sections to a simpler
version that gives better results. This encoding was suggested by Andrew
Grieve and is described in this post on generic-abi@googlegroups.com:
https://groups.google.com/d/msg/generic-abi/bX460iggiKg/Pi9aSwwABgAJ
Bug: None
Test: Built image for marlin, flashed on device, ran arm and
aarch64 binaries containing '.relr.dyn' sections using
the new encoding.
Change-Id: I266affe0fbad91dc375995985a221cb02499447b
This commit allows users to create a link without soname filters between
two linker namespaces.
The motivation is to establish one-way shared library isolation. For
example, assume that there are two linker namespaces `default` and
`vndk`. We would like to limit the shared libraries that can be used by
the `default` namespace. In the meanwhile, we would like to allow the
`vndk` namespace to use shared libs from the `default` namespace if the
soname cannot be find in the search path or loaded sonames of the `vndk`
namespace.
shared_libs = %VNDK_CORE_LIBRARIES%
shared_libs += %VNDK_SAMEPROCESS_LIBRARIES%
vndk <-------------------------------------------- default
\_______________________________________________/^
allow_all_shared_libs = true
android_link_namespaces_all_libs() is added to libdl, but it is
versioned as LIBC_PRIVATE. android_link_namespaces_all_libs() is only
for unit tests.
Bug: 69824336
Test: adb shell /data/nativetest/linker-unit-tests/linker-unit-tests32
Test: adb shell /data/nativetest64/linker-unit-tests/linker-unit-tests64
Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests
Test: adb shell /data/nativetest64/bionic-unit-tests/bionic-unit-tests
Test: Update /system/etc/ld.config*.txt and check whether the vndk
linker namespace of the vendor process can access the shared libs from
the default linker namespace.
Change-Id: I2879f0c5f5af60c7e56f8f743ebd2872e552286b
This change adds experimental support for SHT_RELR sections, proposed
here: https://groups.google.com/forum/#!topic/generic-abi/bX460iggiKg
Definitions for the new ELF section type and dynamic array tags, as well
as the encoding used in the new section are all under discussion and are
subject to change. Use with caution!
Bug: None
Test: Built image for marlin, flashed on device, ran arm and
aarch64 binaries containing '.relr.dyn' sections.
Change-Id: I2953ae932d3c42ae394e71f8fa058013758a1778
There were a bunch more unreasonable/incorrect ones, but these ones
seemed legit. Nothing very interesting, though.
Bug: N/A
Test: ran tests, benchmarks
Change-Id: If66971194d4a7b4bf6d0251bedb88e8cdc88a76f
Introduce new flag to mark soinfo as TLS_NODELETE when
there are thread_local dtors associated with dso_handle
belonging to it.
Test: bionic-unit-tests --gtest_filter=dl*
Test: bionic-unit-tests-glibc --gtest_filter=dl*
Bug: https://github.com/android-ndk/ndk/issues/360
Change-Id: I724ef89fc899788f95c47e6372c38b3313f18fed
This change addresses multiple problems introduced by
02586a2a34
1. In the case of unsuccessful dlopen the failure guard is triggered
for two namespaces which leads to double unload.
2. In the case where load_tasks includes libraries from 3 and more
namespaces it results in incorrect linking of libraries shared between
second and third/forth and so on namespaces.
The root cause of these problems was recursive call to find_libraries.
It does not do what it is expected to do. It does not form new load_tasks
list and immediately jumps to linking local_group. Not only this skips
reference counting it also will include unlinked but accessible library
from third (and fourth and fifth) namespaces in invalid local group. The
best case scenario here is that for 3 or more namesapces this will
fail to link. The worse case scenario it will link the library
incorrectly with will lead to very hard to catch bugs.
This change removes recursive call and replaces it with explicit list of
local_groups which should be linked. It also revisits the way we do
reference counting - with this change the reference counts are updated after
after libraries are successfully loaded.
Also update soinfo_free to abort in case when linker tries to free same
soinfo for the second time - this makes linker behavior less undefined.
Test: bionic-unit-tests
Bug: http://b/69787209
Change-Id: Iea25ced181a98c6503cce6e2b832c91d697342d5
When ro.vndk.version is set to a specific version, not "current",
use ld.config.$VER.txt as a linker namespace configuration file,
where $VER is the VNDK version set by ro.vndk.version.
Because ro.vndk.version is set by the vendor partition, the
configuration file will be automatically selected by the VNDK version
of vendor patition.
If ro.vndk.version is current or not set, ld.config.txt will be used
as before.
Bug: 69531793
Test: Build for a Pixel2 device.
In the out/target/product/<device> directory,
rename system/etc/ld.config.txt to system/etc/ld.config.27.1.0.txt
rename system/lib[64]/vndk to system/lib[64]/vndk-27.1.0
copy system/lib[64]/vndk-sp to system/lib[64]/vndk-sp-27.1.0
set ro.vndk.version to 27.1.0 in vendor/default.prop
Build system and vendor images with "make snod" and "make vnod".
Disble vbmeta using avbtool.
Flash a device and check boot.
Change-Id: Ic55bb0a741d434e5fa93e109be15df9d9de3f105
If libraries are on the odm partition they will fail to load
This patch adds the odm path as a search path for linker.
Test: libraries load from the odm partition
Change-Id: Ia7786e047cc565d74d25c025dacf9266b3763650
Signed-off-by: Alin Jerpelea <alin.jerpelea@son.com>
This reverts commit 58554ccb8a.
causes /vendor/bin/qseecomd to hit the new abort:
[ 8.983301] c5 603 DEBUG: Abort message: 'soinfo=0x7147894cd0 is not in soinfo_list (double unload?)'
Bug: http://b/69909887
Bug: http://b/69787209
Change-Id: Ied38f797e0a071a1acc5ed41adf1b45e855143c7
In the case of unsuccessful dlopen the failure guard is triggered
for two namespaces which leads to double unload.
Also update soinfo_free to abort in case when linker tries to free same
soinfo for the second time - this makes linker behavior less undefined.
Test: bionic-unit-tests
Bug: http://b/69787209
Change-Id: I886787ee021b050667f967bce7aa2708390886ea
Bug: http://b/29458203
Bug: http://b/68262627
Test: make && run bionic-unit-tests
Test: set debug.ld.all to dlopen and check the logs
Change-Id: I9a5495843a4145f267cc3a4714294d05b1e1fe90
Added a test to make sure linker produces correct error message
when user attempts to load a library in a linked namespace and fails.
Bug: http://b/67866190
Bug: http://b/64950640
Bug: http://b/64888291
Test: bionic-unit-test --gtest_filter=dlext*
Change-Id: I5b5c2070d1388eff123118350b2b5c8fc7571a29
The linux kernel requires that the ELF interpreter (runtime linker)
that's referenced by PT_INTERP be either an absolute path, or a relative
path from the current working directory. We'd prefer a relative path
from the binary, similarly to how we handle looking up shared libraries,
but that's not supported.
Instead, extract the LOAD segments from the runtime linker ELF binary
and embed them into each host bionic binary, omitting the PT_INTERP
declaration. The kernel will treat it as a static binary, and we'll use
a special entry point (linker_wrapper) to fix up the arguments passed by
the kernel before jumping to the embedded linker. From the linker's
point of view, it looks like the kernel loaded the linker like normal.
Bug: 31559095
Test: Enable host bionic, build and run libdemangle_test
Change-Id: I1753401ef91eecbf0ae3376faca31eec1c53842b
(Where errno is relevant.)
Also consistently use -1 as the fd for anonymous mmaps. (It doesn't matter,
but it's more common, and potentially more intention-revealing.)
Bug: http://b/65608572
Test: ran tests
Change-Id: Ie9a207632d8242f42086ba3ca862519014c3c102
The specific case of finding a DT_RPATH entry is a pretty common harmless
warning. An alternative to this change would be to just add a case to the
switch for DT_RPATH to just silently ignore it, since it's never been
supported and is deprecated anyway.
Bug: N/A
Test: builds
Change-Id: I01986da8f1f8d411fc2ea32d492c53b9f4488c72
Prefer architecture specific ld.config.<arch>.txt if it exists;
fall back to default ld.config.txt files if arch-specific one is
not present.
Bug: http://b/64061157
Test: bionic-unit-tests && linker-unit-tests
Change-Id: I83a298a932f2e4af7acb2049a7641fb86908736c
'visible' flag was interpreted only the namespaces other than 'default'.
The flag has to be handled without exception once it is set.
Bug: 63411330
Test: Build and boot without errors.
Test: Add `namespace.default.visible = true` to [vendor] process in
'ld.config.txt' and reboot the device.
Change-Id: Ia363dfadf0200317b875e26bb4b2fae849af1384
With ld.config.txt, we now have multiple built-in namespaces other than
the default namespace. Libs (and their dependents) listed in LD_PRELOAD
must be visible to those additional namespaces as well.
This also adds a debugging only feature: path to the linker config file
can be customized via LD_CONFIG_FILE environment variable. This works
only for debuggable builds.
Bug: 38114603
Bug: 62815515
Test: 1. ./external/compiler-rt/lib/asan/scripts/asan_device_setup --lib
prebuilts/clang/host/linux-x86/clang-stable/lib64/clang/5.0/lib/linux
2. enable talkback shortcut
3. in the home screen, hold vol-up/down together
4. device does not reboots and talkback shortcut is toggled
Test: bionic-unit-tests and linker-unit-tests successful
Change-Id: I9a03591053f4a9caea82f0dcb23e7a3d324bb9bd
An ASan binary may load a non-ASan library from /system if /data is not mounted yet.
A dlopen() call for the same library later, when /data/ is available, will translate the path and attempt to load
an ASan copy of the library from /data/asan/system. This way we may end up loading both ASan and non-ASan copies of
the library in the same process, which is a very bad thing.
This change adds a check for a loaded library with the non-translated real path before applying path translation.
Bug: 63622872
Test: hide/rename a library in /data/asan; dlopen; restore the library; dlopen; check that the library from /data/asan is NOT loaded.
Change-Id: I17060837f08dc3c665cab803dd89979d88f0a019
This reverts commit b37d10cc80.
Was merged from nyc-dev to master and oc-dev by mistake.
Bug: http://b/38384727
Test: bionic-unit-tests
Change-Id: I7cd352baceb3180342abb6ffec1dfa96a217961f
When unloading library make sure the soinfo_link to parent
from linked external libraries is removed as well.
Bug: 36104177
Bug: http://b/37433850
Test: manual
Change-Id: I601b54144acecac54744805b38313c46045c54cb
(cherry picked from commit ee398f820700de30941fd82e38bd917e1513cbc6)
greylist is needed only for application namepaces. Since we started using
linker-namesapces for vendors and other platform apps linker should not
enable greylist workaround by default.
Bug: http://b/37731053
Bug: https://issuetracker.google.com/38146125
Test: sailfish builds and boots
Test: bionic-unit-tests and linker-unit-tests pass
Change-Id: Iee83db6fb1ae754f5ade18491321d9bca3b5ead4
(cherry picked from commit e8ffe56a9c)
greylist is needed only for application namepaces. Since we started using
linker-namesapces for vendors and other platform apps linker should not
enable greylist workaround by default.
Bug: http://b/37731053
Bug: https://issuetracker.google.com/38146125
Test: sailfish builds and boots
Test: bionic-unit-tests and linker-unit-tests pass
Change-Id: Iee83db6fb1ae754f5ade18491321d9bca3b5ead4
This library is used by a number of different libraries in the system.
Make it easy for platform libraries to use this library and create
an actual exported include file.
Change the names of the functions to reflect the new name of the library.
Run clang_format on the async_safe_log.cpp file since the formatting is
all over the place.
Bug: 31919199
Test: Compiled for angler/bullhead, and booted.
Test: Ran bionic unit tests.
Test: Ran the malloc debug tests.
Change-Id: I8071bf690c17b0ea3bc8dc5749cdd5b6ad58478a
Make shared namespace inherit namespace links and
search/permitted paths from the parent namespace.
Bug: http://b/37854032
Test: bionic_unit_tests --gtest_filter=dl*:Dl*
Change-Id: I174661d4a1dd0cbe4a378179073719aa955f3592
(cherry picked from commit ec43dd6c36)
Make shared namespace inherit namespace links and
search/permitted paths from the parent namespace.
Bug: http://b/37854032
Test: bionic_unit_tests --gtest_filter=dl*:Dl*
Change-Id: I174661d4a1dd0cbe4a378179073719aa955f3592
Depending on how ld.config.txt is configured, there can be multiple
built-in namespaces created by the linker from the beginning of a
process. android_get_exported_namespace is a platform only API for
getting a handle (android_namespace_t*) to one of the built-in namespaces
with given name. The returned namespace can then be given to
android_dlopen_ext in order to explicitly specify the target namespace
where the library is searched and loaded from.
Note that this function only returns 'exported' namespaces created via
ld.config.txt file. In order to export a namespace, the visible property
should be set to true:
namespace.<name>.visible = true
Namespaces are hidden by default. Hidden namespaces and namespaces
that are created programmatically, notably 'classloader-namespace',
aren't returned by this function.
Bug: 36851137
Test: confirmed that namespaces created with ld.config.txt is retrieved.
Test: linker-unit-tests passes
Merged-in: I714b510fa24f77e42c3dfc4c827b3befa8bb2951
Change-Id: I0d05fa7e0e116009edf8ea362ab46774bc617cbf
(cherry picked from commit d7c4832e6a)
This reverts commit 6d59318d78.
Bug: http://b/37245203
Bug: http://b/37590327
Test: bionic-unit-tests on angler and marlin
Test: boot an angler and make sure mediacodec does not crash
This change adds two tests for dlopen from temporary files.
1. One Uses memfd_create() can be used to load libraries directly
from memory. This requires relaxing namespace accessibility check
in order to make this work in isolated namespaces.
2. Another checks that open with O_TMPFILE works.
Bug: http://b/37245203
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I3be1d7198ca17e7f1ba022a0d86c64d59a493506
(cherry picked from commit bb8b22a087)
This change adds two tests for dlopen from temporary files.
1. One Uses memfd_create() can be used to load libraries directly
from memory. This requires relaxing namespace accessibility check
in order to make this work in isolated namespaces.
2. Another checks that open with O_TMPFILE works.
Bug: http://b/37245203
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I3be1d7198ca17e7f1ba022a0d86c64d59a493506
It's been years since we allowed text relocations, but I had a developer
ask me how to fix them at last week's O Developer Day. They'd never seen
our docs, so let's try to fix that for anyone else who's still confused...
Bug: N/A
Test: builds
Change-Id: I9202a7b0a3f024041b646c43c87585f4fab22d09
Depending on how ld.config.txt is configured, there can be multiple
built-in namespaces created by the linker from the beginning of a
process. android_get_exported_namespace is a platform only API for
getting a handle (android_namespace_t*) to one of the built-in namespaces
with given name. The returned namespace can then be given to
android_dlopen_ext in order to explicitly specify the target namespace
where the library is searched and loaded from.
Note that this function only returns 'exported' namespaces created via
ld.config.txt file. In order to export a namespace, the visible property
should be set to true:
namespace.<name>.visible = true
Namespaces are hidden by default. Hidden namespaces and namespaces
that are created programmatically, notably 'classloader-namespace',
aren't returned by this function.
Bug: 36851137
Test: confirmed that namespaces created with ld.config.txt is retrieved.
Test: linker-unit-tests passes
Change-Id: I0d05fa7e0e116009edf8ea362ab46774bc617cbf
Useful for testing whether apps have actually stopped using greylisted
libraries even if they still have references to them in their apk to support
old Android releases but also haven't bumped their targetSdkVersion yet.
Since we already have two expensive __system_property_get calls and this
would add a third, optimize two (but leave the third since it's not
obviously amenable to optimization). None of this matters for user builds,
but I don't want userdebug/eng to have distractingly different performance.
(cherrypick of 7933bec2872aa1c3430149c7649726333c0ac9d8.)
Bug: http://b/36106661
Test: ran "can you escape 5" with and without this property
Change-Id: Id9a804695c1dca9b4be2ebd0e72f01817bb13cba
Useful for testing whether apps have actually stopped using greylisted
libraries even if they still have references to them in their apk to support
old Android releases but also haven't bumped their targetSdkVersion yet.
Since we already have two expensive __system_property_get calls and this
would add a third, optimize two (but leave the third since it's not
obviously amenable to optimization). None of this matters for user builds,
but I don't want userdebug/eng to have distractingly different performance.
Bug: http://b/36106661
Test: ran "can you escape 5" with and without this property
Change-Id: Id9a804695c1dca9b4be2ebd0e72f01817bb13cba
This CL changes the linker to point to the newly refactored location
of ASAN-ified libraries on disk.
This supports changes made by the following CLs -
https://android-review.googlesource.com/#/c/359087/https://android-review.googlesource.com/#/c/359389/
Which refactor the on-disk location as follows:
/data/lib* --> /data/asan/system/lib*
/data/vendor/* --> /data/asan/vendor/*
There are a couple of advantages to this, including better isolation
from other components, and more transparent linker renaming and
SELinux policies.
(cherry picked from commit 4113def4fa)
Bug: 36574794
Bug: 36674745
Test: m -j40 && SANITIZE_TARGET="address" m -j40 and the device
boots. All sanitized libraries are correctly located in /data/asan/*.
Change-Id: Iad8b298a66c38eb0f6327f6b51027f0728aa7a40
This CL changes the linker to point to the newly refactored location
of ASAN-ified libraries on disk.
This supports changes made by the following CLs -
https://android-review.googlesource.com/#/c/359087/https://android-review.googlesource.com/#/c/359389/
Which refactor the on-disk location as follows:
/data/lib* --> /data/asan/system/lib*
/data/vendor/* --> /data/asan/vendor/*
There are a couple of advantages to this, including better isolation
from other components, and more transparent linker renaming and
SELinux policies.
Bug: 36574794
Bug: 36674745
Test: m -j40 && SANITIZE_TARGET="address" m -j40 and the device
boots. All sanitized libraries are correctly located in /data/asan/*.
Change-Id: Iad8b298a66c38eb0f6327f6b51027f0728aa7a40
This addresses outstanding todo for anonymous namespace
and fixes an app compatibility bug.
Bug: http://b/36008422
Test: start app from http://b/36008422 and make sure it runs
Change-Id: Ie148418b944379ee1000e7274f2f6c1eca511d6c
This change allows customization of default namespace
configuration for different executables. It also enables
target_sdk_version setup for binaries (note that this
option should explicitly be enabled in ld.config.txt).
Bug: http://b/30706810
Bug: http://b/30435785
Test: run linker-unit-tests/bionic-unit-tests, boot angler
Change-Id: Ibbe87209acf1538fc9cec04944f3d22a190c38f1
This reverts commit 1daa18e737.
To be replaced with customized linker-namespaces for different kind of binaries.
Bug: http://b/34407260
Change-Id: Ib4e480669bbdf44ee4f59bf05f07d3e082c348c9
Test: m
Specifically, this change would translate /system/lib/hw/foo.so to /data/lib/hw/foo.so.
Bug: 30320104
Test: in SANITIZE_TARGET=address build, /proc/$PID/maps for
system_server show libraries from /data/lib64/hw and not from
/system/lib64/hw.
Change-Id: Ia1fa22fa1ca088fe76e41308762efe037541fc74
Due to b/33681361, libraries are now installed to different paths than
before. In order for linker to load libraries from the new paths, the
default lib paths are updated.
However, this patch is temporary; different paths must be used depending
on whether the process is executing vendor executable or framework
executable. For example, vendor executable should not be able to access
/system/lib/, which is for framework-internal libs. Similarly,
framework executables should not be able to access /vendor/lib.
We have several solutions (linker namespace and DT_RUNPATH) to support
the scenario, but haven't concluded which is better. Furthermore, if we
restrict the search path right now, it will break many parts of Android
that are not yet prepared for the restriction. So, until then, we
temporarily use the single search path for both framework/vendor
executables.
Test: build & run
Change-Id: I806e9b4379bce96653b1dd3354b9f4801abb0411
Anonymous namesapce is zygote-specific workaround and
is not really required for other binaries.
This change allows creating namespaces without initializing
anonymous namespace.
Test: bionic-unit-tests
Change-Id: I62adc39ad69ce56b3760d36f45e3c0487c438598
Do not load second copy of libraries that are supposed to
be provided by linked namespaces. Also do not print
error in the log if caller tries to open shared library
using absolute path for apps targeting N+.
Bug: http://b/35454141
Bug: http://b/26833548
Bug: http://b/35338922
Test: run bionic-unit-tests --gtest_filter=dl*
Change-Id: Icf3aeedff18d287d2ba0b3df3808b100f3ef5f7a
In the case when there are multiple dependencies on
the same library in the local_group the unload may
in some situations (covered now by tests) result
calling d-tors for some libraries prematurely.
In order to have correct call order loader checks if this
is last dependency in local group before adding it to BFS
queue.
Bug: http://b/35201832
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Test: bionic-unit-tests-glibc --gtest_filter=dl*
Change-Id: I4c6955b9032acc7147a51d9f09b61d9e0818700c
This commit updates interface of libdl.c.
1. android_init_namespaces is replaces with android_init_anonymous_namespace
2. added 2 arguments to android_create_namespace to specify linked namespace
and the list of shared libraries sonames.
3. symbol lookup does not get past boundary libraries (added check and test for it).
Bug: http://b/26833548
Bug: http://b/21879602
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I32921da487a02e5bd0d2fc528904d1228394bfb9
Replace public library list with shared lib sonames
which are property of a link between namespaces
This change does not touch any external interfaces
so from outside it behaves almost as it was before
One significant difference is that there is no longer
need to preload public libraries.
Bug: http://b/26833548
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I57e44e18a9b4f07dcd6556436346be52f52b79d7
This workaround was introduced in M in order to make sure
that linker loads libraries provided in apk in case a library
with the same name was loaded by the system.
This is no longer a problem starting with Android N because
app is using different namespace and therefore does not see
libraries loaded by the system.
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I9995258c0f361e8df35420682b84e85a0cb924b4
Add dlsym option to debug.ld.all and debug.ld.app.<appname> which
enables logging of dlsym calls.
Bug: http://b/29458203
Test: flash, set debug.ld.all to dlsym and check
if there are messages in logcat
Change-Id: I9cb815a38b5b98aac9ebe3ac1540bcdedd2e8db0
Do not hijack libdl.so methods but make libdl proxy calls to
loader instead. This will be replaces by calls to libc.so
once loader functionality is migrated.
Also add a lock to dl_unwind_find_exidx function call.
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Bug: http://b/27106625
Change-Id: Ic33a7109a86f4262798d63a35f4c61d15b0068bb
Bionic Loader now resolves real path for a library before running
asan path-translation. This fixes situations for bundled loading
libraries which are effectively symlinks to system library;
for example:
$ adb shell ls -l /system/app/NfcNci/lib/arm64/libnfc_nci_jni.so
/system/app/NfcNci/lib/arm64/libnfc_nci_jni.so -> /system/lib64/libnfc_nci_jni.so
Bug: http://b/33278445
Test: make and boot
Change-Id: If14a12087c92f8ca628504556332ba0cb67c9118
