cutils/log.h includes log/log.h. Therefore, libcutils_headers needs to
export the liblog_headers so that the clients of libcutils don't have to
explicitly include liblog (or liblog_headers).
Bug: 37342627
Test: build sdk_gphone_x86 userdebug with BOARD_VNDK_VERSION=current
Change-Id: I8875855222b4d073fac4a22bff488c9d082d39df
init: support loading odm sepolicy
Currently init merges two sepolicy cil files:
- /system/etc/selinux/plat_sepolicy.cil
- /vendor/etc/selinux/nonplat_sepolicy.cil
This change replaces nonplat_sepolicy.cil with the following two files:
- /vendor/etc/selinux/declaration/nonplat_declaration.cil
- /vendor/etc/selinux/vender_sepolicy.cil
And support merging another default (but optional):
- /odm/etc/selinux/odm_sepolicy.cil.
Bug: 64240127
Test: boot sailfish normally without odm.cil
Test: boot another device having odm.cil
Change-Id: I0b7f8c656c73ddb0fd46f2af3c625d7c81566f2f
As a VNDK-SP module, Android.bp must have 'vndk' tag as well as
'vendor_available: true'.
The 'vndk' tag for VNDK-SP module is formated as below:
vndk: {
enabled: true,
support_system_process: true,
},
VNDK-SP modules will be installed both in system/lib(64) as normal and
in system/lib(64)/vndk-sp as a vendor variant.
Bug: 64395154
Bug: 63866913
Test: build with BOARD_VNDK_VERSION=current
Merged-In: Idb4757988d1799ffcd3341343fcc4dac34bf7ef3
Change-Id: Idb4757988d1799ffcd3341343fcc4dac34bf7ef3
(cherry picked from commit 14d540a156)
Fix the bug that caused boot failure on ASAN builds with VNDK
restriciton. The major cause is because incorrect (old) ld.config.txt
was used when the build is sanitized, which prevented the dynamic linker
to find some VNDK libs that only exist in /system/lib/vndk; the old
ld.config.txt does not have the directory in its search paths. So, this
CL fixes the problem by having the same ld.config.txt for both sanitized
and non-sanitizied builds.
Furthermore, ld.config.txt is modified so that dependency to
libclang_rt* libs are redirected to those in /system/lib directory. This
ensures that the sanitizer runtime libs are not dual loaded but are
provided for both platform and vendors.
Bug: 65217017
Test: SANITIZE_TARGET=integer_overflow SANITIZE_TARGET_DIAG=integer_overflow m
on 2017 pixel devices. The build is successful and the device boots to
the UI.
Change-Id: I0e21e20d9aca340b984968e07d4ce542ae10fd31
Lists of libraries in between the linker namespaces are no longer
hard-coded in ld.config.txt, but instead come from Soong.
Bug: 37139976
Test: build 2017 pixel device with BOARD_VNDK_VERSION=current m -j
Test: the device is bootable, basic functionalities (camera, camcorder,
wifi, bt, gps, etc.) work.
Change-Id: I8170e6c3f6ee04b16359791d64cc46bd2714a073
For 2016 pixel devices, where VNDK is not fully enforced, move libz back
to LLNDK so that we can pass the CTS without requiring the default
namespace to be isolated.
If we have libz in vndk-sp directory, test_linker_namespaces fails
because /system/lib/vndk-sp/libz.so becomes accessible. In order to make
the lib inaccessible, we have to make the default namespace isolated,
but this can't be done for 2016 pixel devices where VNDK is not fully
enforced. So, we choose to remove /system/lib/vndk-sp/libz.so and keep
the single copy at /system/lib.
Bug: 65018779
Test: android.jni.cts.JniStaticTest#test_linker_namespaces successful on
2016 pixel devices
Change-Id: Ib6b6560b02be69d2015c0afb86acf07c02b30c2f
This reverts commit f1d3dbc32f.
With the following changes to move /sbin/adbd to /system/bin/adbd,
we don't need this workaround anymore.
https://android-review.googlesource.com/#/q/topic:move-adbd-to-system+(status:open+OR+status:merged)
Bug: 63313955
Bug: 63381692
Bug: 64822208
Test: 'adb root' works in VTS for a non-A/B device (userdebug GSI + user boot.img)
Change-Id: Ic1249d6abd7d6e6e7380a661df16d25447853a48
Merged-In: Ic1249d6abd7d6e6e7380a661df16d25447853a48
(cherry picked from commit 0603ec4294)
The default namespace for system process now becomes isolated, which
means it can load only the libs that are in search.paths and under
permitted.paths.
/system/framework, /system/app, /system/priv-app, /vendor/app, /data,
etc are added to the permitted paths since libart should be able to
dlopen odex files under the locations.
Following directories become unavailable:
/system/lib/vndk
/system/lib/vndk-sp
Bug: 37013858
Bug: 64888291
Bug: 64950640
Test: 2017 pixel devices builds and boots
Test: android.jni.cts.JniStaticTest#test_linker_namespaces passes
Change-Id: I2bbe9cc19940c3633c2fb901f9bf8ab813e38c13
- Add a method to get the max size of an elf file by reading the
section header offset + size. This will properly map an elf
file embedded into an apk, instead of just mapping in what is done
by the dynamic linker. It does assume that the section headers are
at the end of the elf file.
- Add new tests for the above functionality.
- Update the unwind_symbols tool to take an address for finding a
function instead of dumping the entire symbol table.
Bug: 23762183
Test: Unit tests pass, unwind through the camera process and verify
Test: the GoogleCamera.apk shows some function names.
Change-Id: I00c021680fe1d43b60d652bf91bbf6667d9617be
