Commit 9185e04f72 changed the ifdef around
old_name_ from __arm__ to __work_around_b_###__, but missed one place in
dlfcn.cpp. So if you do a build w/out that workaround for arm, you end
up with a build failure:
bionic/linker/dlfcn.cpp:275:27: error: no member named 'old_name_' in 'soinfo'
strlcpy(__libdl_info->old_name_, __libdl_info->soname_, sizeof(__libdl_info->old_name_));
~~~~~~~~~~~~ ^
bionic/linker/dlfcn.cpp:275:82: error: no member named 'old_name_' in 'soinfo'
strlcpy(__libdl_info->old_name_, __libdl_info->soname_, sizeof(__libdl_info->old_name_));
~~~~~~~~~~~~ ^
Bug: 24425865
Change-Id: Idbe1cc1c28083afeee6d90203c221f30f661c69c
/proc/self/fd is not available when PR_DUMPABLE is set to 0
which is default for the user builds. It leads to permission
denials on readlink.
This change fixes the problem by setting PR_DUMPABLE flag to 1
for readlink and restoring it's previous value after the call.
Bug: http://b/24912743
Change-Id: I3fd179c5c6b56af96d6a15ee597024ccb15e1a13
(cherry picked from commit cf92738fa5)
Some apps will fail to load native libraries with
text relocations when switching target sdk version to M.
It could be hard to diagnose because some of them
suppress dlerror and/or UnsatisfiedLinkError.
This change unconditionally logs the error message making
the cause of the failure more visible to developers.
Bug: http://b/24876001
Change-Id: I0477a0d1307d0879000f3a3a43b974b4cf34bdb2
(cherry picked from commit f32b689d3d)
x86_64 gcc exports malloc/free and co functions because they
are defined with visibility "default" somewhere in gcc builtins;
and vector d-tors for some reason. Switching to clang fixes
this problem.
Bug: http://b/24785482
Change-Id: I741503b4b446523e7ff3fb16de13ed99991fd0c0
This patch also fixes realpath for libraries opened directly
from apks.
Bug: http://b/21960914
Bug: http://b/21961857
Change-Id: I35ade661c87f1d448191f385811f6e9fd3cacf11
This change makes dynamic linker reuse ZipArchiveHandles in
ld_library_path on dlopen to optimize the lookup of dt_needed
libraries.
Bug: http://b/21960534
Change-Id: I65f897910d46dd2ffabdcb0b7842db2f127eee30
Don't pass the parent load's dlextinfo to dependent loads, since this
causes the linker to try to load the dependencies using the same
addresses/relro/fds/etc as the main library, which is never going to
work. This was how it worked before ae69a95 which broke this.
Bug: http://b/23742664
Bug: http://b/20948231
Bug: http://b/20841817
Change-Id: I340ebae1127666d5c6c6f9c6521b89fb93f15bdd
With this change, we only define the rules to create the symlinks in
this Android.mk but without attaching the symlinks to the module linker.
Instead the core build system will set up the dependency whenever a
module needs these symlinks.
Bug: 22850550
Change-Id: I36c58fd411f1c27f3f638b229699d7dc1d66abb2
This corrects an issue with mips32 Art on mips64r6 Android, where
Java ran slowly due to unintended use of kernel-trap emulation of
single-precision floating point registers. This also regressed all
Art tests due to an extra logcat line
WARNING: linker: Using FRE=1 mode to run "..."
When targeting mips32r6, Art generates modeless or FR=1 floating point
code, same as Android's own native mips32r6 modules. So the trapping was
unneeded. Linker was confusing Art-generated modules with those from
old NDK compilers, which do need that trapping mode.
This linker filename check may become unnecessary, if Art learns how to
generate .MIPS.abiflags segments in its generated elf-like codefiles.
Change-Id: I18069d1234960c680c5df739514da09015a7fdb6
SIGPIPE is a pretty normal way for command-line apps to die, but because
we catch it and report it via debuggerd, we get a lot of bogus bugs. We
could catch SIGPIPE in our tools, but that's not really legit and slightly
misleading.
"But", you say, "catching SIGPIPE is useful for app bugs!". Except a trawl
through buganizer suggests it's misleading there too. Not least because
it's usually an innocent victim that dies --- the problem is usually on the
other end of the pipe (which you learn nothing about because that process
already died, which is what closed the pipe).
We also don't catch SIGALRM, which is another signal that will terminate
your process if you don't catch it, but that one actually represents a
logic error in the crashing process, so there's a stronger argument for
catching that. (Except it too is not a real source of bugs.)
Bug: http://b/20659371
Change-Id: I79820b36573ddaa9a7bad0561a52f23e7a8d15ac
I'm removing the TODO on the assumption that being compatible with glibc
is more useful than BSD. The new internal "bionic_page.h" header factors
out some duplication between libc and the linker.
Bug: http://b/22735893
Change-Id: I4aec4dcba5886fb6f6b9290a8f85660643261321
IFUNC relocations require executable flag for the load
segment containing .text. When dso has text relocs linker
removes exec which causes crash during ifunc relocations.
This patch fixes this problem by restoring segments protection
for ifunc relocs.
Bug: http://b/22611399
Change-Id: Icbf3be0fec0e42bf805bcad7533e2032a2e11b9c
(cherry picked from commit de0fb393ae)
Sorry, I undertested my previous change and these guys somehow sneaked in.
This only affects SANITIZE_TARGET builds.
Change-Id: Id6986d89fa3d4965339f7b6fe973e9db73b380da
Setup a /system/bin/linker_asan as a symlink to "linker".
Read the linker name from PT_INTERP, and if it is linker_asan,
switch default library lookup paths to the ASan set, which
starts with the path to the instrumented libraries
(/data/lib), followed by /system/lib as a fallback.
This ensures that ASan binaries prefer ASan libraries, when
available. This approach is way better then RPATH/RUNPATH and even
better than LD_LIBRARY_PATH:
- RUNPATH is per-DSO, while default paths are global.
- LD_LIBRARY_PATH is overwritten by android_update_LD_LIBRARY_PATH.
- neither RUNPATH nor LD_LIBRARY_PATH appear in
android_get_LD_LIBRARY_PATH which is used to build java.lang.path.
Having ASan libraries in java.lang.path is a good thing.
Bug: 22355945
Change-Id: I1d2791fbf5740618f18f71a3ae3d873714669d3f
When dlopen-ing a library, add the caller's DT_RUNPATH to the directory search
list. This fixes dlfcn.dt_runpath in bionic-unit-tests-glibc(32|64).
Bug: 21899363
Change-Id: Ife6a7e192939292cf4dc291b7e6b95945761cde3
1. Personality parameter should be unsigned int (not long)
2. Do not reset bits outside of PER_MASK when setting
personality value.
3. Set personality for static executables.
Bug: http://b/21900686
Change-Id: I4c7e34079cbd59b818ce221eed325c05b9bb2303
(cherry picked from commit f643eb38c3)
There is possibility of someone dlclosing a library
while dl_iterate_phdr in progress which can lead to
dl_iterate_phdr calling callback with invalid address
if it was unmapped by dlclose.
Bug: http://b/22047255
Change-Id: I3fc0d9fd2c51fb36fd34cb035f37271fa893a7be
(cherry picked from commit f7d5bf334d)
Enables running of older MIPS NDK-built apps on mips64r6.
Works with kernel supporting FRE emulation, and old kernels.
Change-Id: If5e392ed89e9910cd1ccd30e0fd5c4a5acea2c7d
Remove support of text-relocations for apps targeting sdk version > 22
Bug: http://b/20013628
Change-Id: I2127739544480c747315e32df15dfbd1b79de4f5
(cherry picked from commit 3e6f780754)
Enables running of older MIPS NDK-built apps on mips64r6.
Works with kernel supporting FRE emulation, and old kernels.
Change-Id: I13923fe62cd83ad1d337f13a50f2eda2dfdd906f
Do not skip RTLD_LOCAL libraries in dlsym(RTLD_DEFAULT, ...)
if the library is opened by application with target api level <= 22
Bug: http://b/21565766
Bug: http://b/17512583
Change-Id: Ic45ed1e4f53e84cba9d74cab6b0049c0c7aa8423
(cherry picked from commit 04f7e3e955)
Applies only for apps targeting sdk version <= 22
Bug: http://b/21565766
Change-Id: If0bf2229dc1341e9ca09f9a05d0890515273d5a2
(cherry picked from commit 38c37d6705)
GDB does not yet have support for compact branches, and is not able
to set a breakpoint on rtld_db_dlactivity(), which is compiled into
one JIC instruction. Unfortunately, We cannot turn off generation of
JIC compact branch. Instead, add unoptimized FP handling code, so GDB
will have something to land on.
Change-Id: Iddcf40ec018972398179018d049b8323fcd258b7
Linker used to skip RTLD_NEXT within local_group when
caller->next is nullptr (which represents load order
but not the order within local_group dependency tree)
Bug: http://b/21380474
Change-Id: I178fc4657b19bceb871635b177c1df67855b1708
According to the comments in Posix_close(), TEMP_FAILURE_RETRY() should
not be used with close():
462bdac45c%5E%21/#F12
Kill ScopedFd by simplifying the single caller.
Change-Id: I248c40b8c2fc95f1938a6edfc245c81847fc44af
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
Answers the question: what if dependent library
was preloaded with RTLD_LOCAL flag.
Also add test for RTLD_NEXT within local_group.
Bug: http://b/17512583
Change-Id: I79e081e68b3a8c0ed8980d4275a06515fea94ec9
There's no reason to have multiple years in our own copyright headers,
and given the stupidity of our NOTICE file generation, it just creates
more junk.
Change-Id: I065a3811c2e2584e3b649a18ad9460286bc72b92
We did not set DF_1_GLOBAL flag for LD_PRELOADed
libraries which led to the situation when ld_preloads
where ignored during on dlopen()
Change-Id: I696b3b2506a8ed4c0984ad2c803210a7a4f8e686
This change adds realpath to soinfo and
extends limit on filenames from 128 to PATH_MAX.
It also removes soinfo::name field, linker uses
dt_soname instead.
Bug: http://b/19818481
Bug: https://code.google.com/p/android/issues/detail?id=80336
Change-Id: I9cff4cb5bda3ee2bc74e1bbded9594ea7fbe2a08
This flag allows to force loading of the library
in the case when for some reason multiple ELF files
share the same filename (because the already-loaded
library has been removed and overwritten, for example).
Change-Id: I798d44409ee13d63eaa75d685e99c4d028d2b0c1
When the Android dynamic linker handles a text relocation,
it first relaxes the permissions on the segment being modified,
performs the modifications, and then restores the page permissions.
The relaxation worked by adding PROT_WRITE to whatever protection
bits were set in the section. In effect, the pages were getting set
to PROT_READ|PROT_WRITE|PROT_EXEC, modified, then restored to
PROT_READ|PROT_EXEC
The SELinux kernel code differentiates between 4 different kinds
of executable memory:
* Executable stack (execstack)
* Executable heap (execheap)
* File-based executable code which has been modified (execmod)
* All other executable memory (execmem)
The execmod capability is only triggered by the kernel when a
dirty but non-executable mmap()ed page becomes executable. When that
occurs, an SELinux policy check is done to see if the execmod capability
is provided by policy.
However, if the page is already executable, and PROT_WRITE is added
to the page, it's considered an execmem permission check, not an execmod
permission check.
There are certain circumstances where we may want to distinguish between
execmod and execmem. This change adjusts the dynamic linker to avoid
using RWX pages, so that an RX -> RW -> RX transition will properly
be detected as an execmod permission check instead of an execmem permission
check.
Bug: 20013628
Change-Id: I14d7be29170b156942f9809023f3b2fc1f37846c
Add code to support loading shared libraries directly from within
APK files.
Extends the linker's handling of LD_LIBRARY_PATH, DT_RUNPATH, etc
to allow elements to be either directories as normal, or ZIP
format files. For ZIP, the ZIP subdirectory string is separated
from the path to file by '!'.
For example, if DT_NEEDED is libchrome.so and Chrome.apk is the
Android ARM APK then the path element
/system/app/Chrome.apk!lib/armeabi-v7a
would cause the linker to load lib/armeabi-v7a/libchrome.so
directly from inside Chrome.apk. For loading to succeed,
libchrome.so must be 'stored' and not compressed in Chrome.apk,
and must be page aligned within the file.
Motivation:
Chromium tracking issue:
https://code.google.com/p/chromium/issues/detail?id=390618
Bug: 8076853
Change-Id: Ic49046600b1417eae3ee8f37ee98c8ac1ecc19e7
Add basic general purpose memory allocator to
linker in order to enable usage of other libraries
like libziparchive.
Change-Id: I4a680ebb36ed5ba67c61249f81dba9f567808434
Kindle app relies on soinfo's sysv hash
fields while linking native libraries.
This change allows to keep sysv hash fields
intact for the libraries linked with --hash-style=both.
Bug: 19059885
Change-Id: I12528652955638f1a6586bda99e111bb1c8aa7a3
When the kernel executes a program which is setuid, setgid, has
file capabilities, or causes an SELinux domain transition, the
AT_SECURE flag is set. This flag instructs the dynamic linker to
prune any dangerous environment variables passed across security
boundaries.
For SELinux in particular, whether this flag is set depends on the
the "noatsecure" process permission. If that permission does not
exist, then AT_SECURE=1 whenever a domain transition occurs.
In https://android-review.googlesource.com/129971 , Android stopped
using noatsecure when executing init services. In
https://android-review.googlesource.com/130610 , init was flipped
back into SELinux enforcing mode, making ag/129971 active. The
combination of those two changes ensured that AT_SECURE=1 was
set when executing init spawned services.
In particular, AT_SECURE=1 is set when init executes zygote. Due to
the forking nature of zygote, AT_SECURE remains untouched when
executing zygote's children.
This causes problems for the code added in
https://android-review.googlesource.com/48409 . Specifically, if
AT_SECURE=1, an attempt to call android_update_LD_LIBRARY_PATH()
is silently ignored. This causes problems when art tries to adjust
the LD_LIBRARY_PATH for Android apps. Ultimately, apps are unable
to find shared libraries they depend on.
As discussed in bug 7896159, there's no security reason for
preventing an application from updating it's own LD_LIBRARY_PATH.
We only need to prune LD_LIBRARY_PATH when transitioning across
security boundaries, but not when we're entirely within a security
boundary.
Remove the AT_SECURE check within do_android_update_LD_LIBRARY_PATH().
It's unneeded and prevents an application from modifying it's own
LD_LIBRARY_PATH. This allows an application to specify a location
where it's dlopen()ed shared libraries should be loaded from.
There is no change to AT_SECURE handling in
__sanitize_environment_variables(). We continue to honor it there
to prevent using security sensitive environment variables across
an exec boundary.
Bug: 19559835
Change-Id: If4af2ee8e84265aaa0c93de8b281208b20d7942a
load_bias is the delta between a symbols address in memory and the value
contained in the symbol table.
Change-Id: I35c87b69025b64f7e4a1418ca766618f4533fb3e
If two or more threads crash at the same time, only let one talk to
debuggerd. It's possible for a race to occur that two threads send
data to debuggerd, the second one will cause errors in debuggerd since
the process will die once debuggerd lets the crashing pid start again.
Bug: 19183955
Change-Id: I17dfce46102117ab4a870f7381bd526488d37fb5
Implement refcounter based data protection guard
to avoid unnecessary calls to mprotect when dlopen/dlclose
is called from a constructor.
Bug: 19124318
Big: 7941716
Change-Id: Id221b84ce75443094f99756dc9950b0a1dc87222
Handy when looking at strace output for seeing "where does my code start?",
though you'll need to set LD_DEBUG=1 (or greater) and constructors will
already have run (but you can set LD_DEBUG to a higher value to track that).
Change-Id: I82d53a7123b39febf5b2a956de83c8a30f229651
Must build this linker as a shared object.
A statically linked module does not load during init.
BUG: 18008984
Change-Id: I5f0411129024edcb9381c473ea4e741a075e9184
Make the request structure match the new structure found in debuggerd
code.
On 64 bit systems, make sure that the 32 bit compiled linker is contacted.
Bug: https://code.google.com/p/android/issues/detail?id=97024
Change-Id: I675b8ff222fcf836b05de4e9b5976ff91ca929bf
Position Independent Executables cannot communicate with GDB using DT_MIPS_RLD_TAG.
Hence a new tag DT_MIPS_RLD_MAP2 got introduced to fix the issue.
Change-Id: I77ce3faf1ef2e121003b804ecd291abb25cfbb56
Signed-off-by: Nikola Veljkovic<Nikola.Veljkovic@imgtec.com>
1. Take into consideration that the local_group_root_
is not set for all of not linked libraries.
2. We need to check visited list earlier to avoid double
soinfo_free.
Change-Id: Iabc0a06a97c63f7e6bd4641731f50bb1466fed4f
