c10d064b5c
This mode instructs the linker to search for libraries in hwasan subdirectories of all library search paths. This is set up to contain a hwasan-enabled copy of libc, which is needed for HWASan programs to operate. There are two ways this mode can be enabled: * for native binaries, by using the linker_hwasan64 symlink as its interpreter * for apps: by setting the LD_HWASAN environment variable in wrap.sh Bug: 276930343 Change-Id: I0f4117a50091616f26947fbe37a28ee573b97ad0
354 lines
14 KiB
C++
354 lines
14 KiB
C++
/*
|
|
* Copyright (C) 2017 The Android Open Source Project
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* * Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in
|
|
* the documentation and/or other materials provided with the
|
|
* distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
|
|
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
|
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
|
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <sys/mman.h>
|
|
|
|
#include <gtest/gtest.h>
|
|
|
|
#include "linker_config.h"
|
|
#include "linker_utils.h"
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <android-base/file.h>
|
|
#include <android-base/scopeguard.h>
|
|
#include <android-base/stringprintf.h>
|
|
#include <vector>
|
|
|
|
#if defined(__LP64__)
|
|
#define ARCH_SUFFIX "64"
|
|
#else
|
|
#define ARCH_SUFFIX ""
|
|
#endif
|
|
|
|
// clang-format off
|
|
static const char* config_str =
|
|
"# comment \n"
|
|
"dir.test = /data/local/tmp\n"
|
|
"\n"
|
|
"[test]\n"
|
|
"\n"
|
|
"enable.target.sdk.version = true\n"
|
|
"additional.namespaces=system\n"
|
|
"additional.namespaces+=vndk\n"
|
|
"additional.namespaces+=vndk_in_system\n"
|
|
"namespace.default.isolated = true\n"
|
|
"namespace.default.search.paths = /vendor/${LIB}\n"
|
|
"namespace.default.permitted.paths = /vendor/${LIB}\n"
|
|
"namespace.default.asan.search.paths = /data\n"
|
|
"namespace.default.asan.search.paths += /vendor/${LIB}\n"
|
|
"namespace.default.asan.permitted.paths = /data:/vendor\n"
|
|
"namespace.default.hwasan.search.paths = /vendor/${LIB}/hwasan\n"
|
|
"namespace.default.hwasan.search.paths += /vendor/${LIB}\n"
|
|
"namespace.default.hwasan.permitted.paths = /vendor/${LIB}/hwasan\n"
|
|
"namespace.default.hwasan.permitted.paths += /vendor/${LIB}\n"
|
|
"namespace.default.links = system\n"
|
|
"namespace.default.links += vndk\n"
|
|
// irregular whitespaces are added intentionally for testing purpose
|
|
"namespace.default.link.system.shared_libs= libc.so\n"
|
|
"namespace.default.link.system.shared_libs += libm.so:libdl.so\n"
|
|
"namespace.default.link.system.shared_libs +=libstdc++.so\n"
|
|
"namespace.default.link.vndk.shared_libs = libcutils.so:libbase.so\n"
|
|
"namespace.system.isolated = true\n"
|
|
"namespace.system.visible = true\n"
|
|
"namespace.system.search.paths = /system/${LIB}\n"
|
|
"namespace.system.permitted.paths = /system/${LIB}\n"
|
|
"namespace.system.asan.search.paths = /data:/system/${LIB}\n"
|
|
"namespace.system.asan.permitted.paths = /data:/system\n"
|
|
"namespace.system.hwasan.search.paths = /system/${LIB}/hwasan\n"
|
|
"namespace.system.hwasan.search.paths += /system/${LIB}\n"
|
|
"namespace.system.hwasan.permitted.paths = /system/${LIB}/hwasan\n"
|
|
"namespace.system.hwasan.permitted.paths += /system/${LIB}\n"
|
|
"namespace.vndk.isolated = tr\n"
|
|
"namespace.vndk.isolated += ue\n" // should be ignored and return as 'false'.
|
|
"namespace.vndk.search.paths = /system/${LIB}/vndk\n"
|
|
"namespace.vndk.asan.search.paths = /data\n"
|
|
"namespace.vndk.asan.search.paths += /system/${LIB}/vndk\n"
|
|
"namespace.vndk.hwasan.search.paths = /system/${LIB}/vndk/hwasan\n"
|
|
"namespace.vndk.hwasan.search.paths += /system/${LIB}/vndk\n"
|
|
"namespace.vndk.links = default\n"
|
|
"namespace.vndk.link.default.allow_all_shared_libs = true\n"
|
|
"namespace.vndk.link.vndk_in_system.allow_all_shared_libs = true\n"
|
|
"namespace.vndk_in_system.isolated = true\n"
|
|
"namespace.vndk_in_system.visible = true\n"
|
|
"namespace.vndk_in_system.search.paths = /system/${LIB}\n"
|
|
"namespace.vndk_in_system.permitted.paths = /system/${LIB}\n"
|
|
"namespace.vndk_in_system.whitelisted = libz.so:libyuv.so\n"
|
|
"namespace.vndk_in_system.whitelisted += libtinyxml2.so\n"
|
|
"namespace.vndk_in_system.allowed_libs = libfoo.so:libbar.so\n"
|
|
"namespace.vndk_in_system.allowed_libs += libtinyxml3.so\n"
|
|
"\n";
|
|
// clang-format on
|
|
|
|
static bool write_version(const std::string& path, uint32_t version) {
|
|
std::string content = android::base::StringPrintf("%d", version);
|
|
return android::base::WriteStringToFile(content, path);
|
|
}
|
|
|
|
static std::vector<std::string> resolve_paths(std::vector<std::string> paths) {
|
|
std::vector<std::string> resolved_paths;
|
|
resolve_paths(paths, &resolved_paths);
|
|
return resolved_paths;
|
|
}
|
|
|
|
enum class SmokeTestType {
|
|
None,
|
|
Asan,
|
|
Hwasan,
|
|
};
|
|
|
|
static void run_linker_config_smoke_test(SmokeTestType type) {
|
|
std::vector<std::string> expected_default_search_path;
|
|
std::vector<std::string> expected_default_permitted_path;
|
|
std::vector<std::string> expected_system_search_path;
|
|
std::vector<std::string> expected_system_permitted_path;
|
|
std::vector<std::string> expected_vndk_search_path;
|
|
|
|
switch (type) {
|
|
case SmokeTestType::None:
|
|
expected_default_search_path = { "/vendor/lib" ARCH_SUFFIX };
|
|
expected_default_permitted_path = { "/vendor/lib" ARCH_SUFFIX };
|
|
expected_system_search_path = { "/system/lib" ARCH_SUFFIX };
|
|
expected_system_permitted_path = { "/system/lib" ARCH_SUFFIX };
|
|
expected_vndk_search_path = { "/system/lib" ARCH_SUFFIX "/vndk" };
|
|
break;
|
|
case SmokeTestType::Asan:
|
|
expected_default_search_path = { "/data", "/vendor/lib" ARCH_SUFFIX };
|
|
expected_default_permitted_path = { "/data", "/vendor" };
|
|
expected_system_search_path = { "/data", "/system/lib" ARCH_SUFFIX };
|
|
expected_system_permitted_path = { "/data", "/system" };
|
|
expected_vndk_search_path = { "/data", "/system/lib" ARCH_SUFFIX "/vndk" };
|
|
break;
|
|
case SmokeTestType::Hwasan:
|
|
expected_default_search_path = { "/vendor/lib" ARCH_SUFFIX "/hwasan", "/vendor/lib" ARCH_SUFFIX };
|
|
expected_default_permitted_path = { "/vendor/lib" ARCH_SUFFIX "/hwasan", "/vendor/lib" ARCH_SUFFIX };
|
|
expected_system_search_path = { "/system/lib" ARCH_SUFFIX "/hwasan" , "/system/lib" ARCH_SUFFIX };
|
|
expected_system_permitted_path = { "/system/lib" ARCH_SUFFIX "/hwasan", "/system/lib" ARCH_SUFFIX };
|
|
expected_vndk_search_path = { "/system/lib" ARCH_SUFFIX "/vndk/hwasan", "/system/lib" ARCH_SUFFIX "/vndk" };
|
|
break;
|
|
}
|
|
|
|
expected_default_search_path = resolve_paths(expected_default_search_path);
|
|
// expected_default_permitted_path is skipped on purpose, permitted paths
|
|
// do not get resolved in linker_config.cpp
|
|
expected_system_search_path = resolve_paths(expected_system_search_path);
|
|
// expected_system_permitted_path is skipped on purpose, permitted paths
|
|
// do not get resolved in linker_config.cpp
|
|
expected_vndk_search_path = resolve_paths(expected_vndk_search_path);
|
|
|
|
TemporaryFile tmp_file;
|
|
close(tmp_file.fd);
|
|
tmp_file.fd = -1;
|
|
|
|
android::base::WriteStringToFile(config_str, tmp_file.path);
|
|
|
|
TemporaryDir tmp_dir;
|
|
|
|
std::string executable_path = std::string(tmp_dir.path) + "/some-binary";
|
|
std::string version_file = std::string(tmp_dir.path) + "/.version";
|
|
|
|
auto file_guard =
|
|
android::base::make_scope_guard([&version_file] { unlink(version_file.c_str()); });
|
|
|
|
ASSERT_TRUE(write_version(version_file, 113U)) << strerror(errno);
|
|
|
|
// read config
|
|
const Config* config = nullptr;
|
|
std::string error_msg;
|
|
ASSERT_TRUE(Config::read_binary_config(tmp_file.path,
|
|
executable_path.c_str(),
|
|
type == SmokeTestType::Asan,
|
|
type == SmokeTestType::Hwasan,
|
|
&config,
|
|
&error_msg)) << error_msg;
|
|
ASSERT_TRUE(config != nullptr);
|
|
ASSERT_TRUE(error_msg.empty());
|
|
|
|
ASSERT_EQ(113, config->target_sdk_version());
|
|
|
|
const NamespaceConfig* default_ns_config = config->default_namespace_config();
|
|
ASSERT_TRUE(default_ns_config != nullptr);
|
|
|
|
ASSERT_TRUE(default_ns_config->isolated());
|
|
ASSERT_FALSE(default_ns_config->visible());
|
|
ASSERT_EQ(expected_default_search_path, default_ns_config->search_paths());
|
|
ASSERT_EQ(expected_default_permitted_path, default_ns_config->permitted_paths());
|
|
|
|
const auto& default_ns_links = default_ns_config->links();
|
|
ASSERT_EQ(2U, default_ns_links.size());
|
|
|
|
ASSERT_EQ("system", default_ns_links[0].ns_name());
|
|
ASSERT_EQ("libc.so:libm.so:libdl.so:libstdc++.so", default_ns_links[0].shared_libs());
|
|
ASSERT_FALSE(default_ns_links[0].allow_all_shared_libs());
|
|
|
|
ASSERT_EQ("vndk", default_ns_links[1].ns_name());
|
|
ASSERT_EQ("libcutils.so:libbase.so", default_ns_links[1].shared_libs());
|
|
ASSERT_FALSE(default_ns_links[1].allow_all_shared_libs());
|
|
|
|
auto& ns_configs = config->namespace_configs();
|
|
ASSERT_EQ(4U, ns_configs.size());
|
|
|
|
// find second namespace
|
|
const NamespaceConfig* ns_system = nullptr;
|
|
const NamespaceConfig* ns_vndk = nullptr;
|
|
const NamespaceConfig* ns_vndk_in_system = nullptr;
|
|
for (auto& ns : ns_configs) {
|
|
std::string ns_name = ns->name();
|
|
ASSERT_TRUE(ns_name == "system" || ns_name == "default" ||
|
|
ns_name == "vndk" || ns_name == "vndk_in_system")
|
|
<< "unexpected ns name: " << ns->name();
|
|
|
|
if (ns_name == "system") {
|
|
ns_system = ns.get();
|
|
} else if (ns_name == "vndk") {
|
|
ns_vndk = ns.get();
|
|
} else if (ns_name == "vndk_in_system") {
|
|
ns_vndk_in_system = ns.get();
|
|
}
|
|
}
|
|
|
|
ASSERT_TRUE(ns_system != nullptr) << "system namespace was not found";
|
|
|
|
ASSERT_TRUE(ns_system->isolated());
|
|
ASSERT_TRUE(ns_system->visible());
|
|
ASSERT_EQ(expected_system_search_path, ns_system->search_paths());
|
|
ASSERT_EQ(expected_system_permitted_path, ns_system->permitted_paths());
|
|
|
|
ASSERT_TRUE(ns_vndk != nullptr) << "vndk namespace was not found";
|
|
|
|
ASSERT_FALSE(ns_vndk->isolated()); // malformed bool property
|
|
ASSERT_FALSE(ns_vndk->visible()); // undefined bool property
|
|
ASSERT_EQ(expected_vndk_search_path, ns_vndk->search_paths());
|
|
|
|
const auto& ns_vndk_links = ns_vndk->links();
|
|
ASSERT_EQ(1U, ns_vndk_links.size());
|
|
ASSERT_EQ("default", ns_vndk_links[0].ns_name());
|
|
ASSERT_TRUE(ns_vndk_links[0].allow_all_shared_libs());
|
|
|
|
ASSERT_TRUE(ns_vndk_in_system != nullptr) << "vndk_in_system namespace was not found";
|
|
ASSERT_EQ(std::vector<std::string>({"libz.so", "libyuv.so", "libtinyxml2.so", "libfoo.so",
|
|
"libbar.so", "libtinyxml3.so"}),
|
|
ns_vndk_in_system->allowed_libs());
|
|
}
|
|
|
|
TEST(linker_config, smoke) {
|
|
run_linker_config_smoke_test(SmokeTestType::None);
|
|
}
|
|
|
|
TEST(linker_config, asan_smoke) {
|
|
run_linker_config_smoke_test(SmokeTestType::Asan);
|
|
}
|
|
|
|
TEST(linker_config, hwasan_smoke) {
|
|
run_linker_config_smoke_test(SmokeTestType::Hwasan);
|
|
}
|
|
|
|
TEST(linker_config, ns_link_shared_libs_invalid_settings) {
|
|
// This unit test ensures an error is emitted when a namespace link in ld.config.txt specifies
|
|
// both shared_libs and allow_all_shared_libs.
|
|
|
|
static const char config_str[] =
|
|
"dir.test = /data/local/tmp\n"
|
|
"\n"
|
|
"[test]\n"
|
|
"additional.namespaces = system\n"
|
|
"namespace.default.links = system\n"
|
|
"namespace.default.link.system.shared_libs = libc.so:libm.so\n"
|
|
"namespace.default.link.system.allow_all_shared_libs = true\n"
|
|
"\n";
|
|
|
|
TemporaryFile tmp_file;
|
|
close(tmp_file.fd);
|
|
tmp_file.fd = -1;
|
|
|
|
android::base::WriteStringToFile(config_str, tmp_file.path);
|
|
|
|
TemporaryDir tmp_dir;
|
|
|
|
std::string executable_path = std::string(tmp_dir.path) + "/some-binary";
|
|
|
|
const Config* config = nullptr;
|
|
std::string error_msg;
|
|
ASSERT_FALSE(Config::read_binary_config(tmp_file.path,
|
|
executable_path.c_str(),
|
|
false,
|
|
false,
|
|
&config,
|
|
&error_msg));
|
|
ASSERT_TRUE(config == nullptr);
|
|
ASSERT_EQ(std::string(tmp_file.path) + ":6: "
|
|
"error: both shared_libs and allow_all_shared_libs are set for default->system link.",
|
|
error_msg);
|
|
}
|
|
|
|
TEST(linker_config, dir_path_resolve) {
|
|
// This unit test ensures the linker resolves paths of dir.${section}
|
|
// properties to real path.
|
|
|
|
TemporaryDir tmp_dir;
|
|
|
|
std::string sub_dir = std::string(tmp_dir.path) + "/subdir";
|
|
mkdir(sub_dir.c_str(), 0755);
|
|
|
|
auto subdir_guard =
|
|
android::base::make_scope_guard([&sub_dir] { rmdir(sub_dir.c_str()); });
|
|
|
|
std::string symlink_path = std::string(tmp_dir.path) + "/symlink";
|
|
symlink(sub_dir.c_str(), symlink_path.c_str());
|
|
|
|
auto symlink_guard =
|
|
android::base::make_scope_guard([&symlink_path] { unlink(symlink_path.c_str()); });
|
|
|
|
std::string config_str =
|
|
"dir.test = " + symlink_path + "\n"
|
|
"\n"
|
|
"[test]\n";
|
|
|
|
TemporaryFile tmp_file;
|
|
close(tmp_file.fd);
|
|
tmp_file.fd = -1;
|
|
|
|
android::base::WriteStringToFile(config_str, tmp_file.path);
|
|
|
|
std::string executable_path = sub_dir + "/some-binary";
|
|
|
|
const Config* config = nullptr;
|
|
std::string error_msg;
|
|
|
|
ASSERT_TRUE(Config::read_binary_config(tmp_file.path,
|
|
executable_path.c_str(),
|
|
false,
|
|
false,
|
|
&config,
|
|
&error_msg)) << error_msg;
|
|
|
|
ASSERT_TRUE(config != nullptr) << error_msg;
|
|
ASSERT_TRUE(error_msg.empty()) << error_msg;
|
|
}
|