From 433fe3a8a2acc9cb76cec84d114dd6fbc0693791 Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Fri, 14 Jul 2017 17:58:43 +0900 Subject: [PATCH 01/10] /data/nativetest[64] processes are running with the new ns config Native tests under /data/nativetest[64] directory is now running with the same linker namespace configuration as /system/bin/* processes. This allows us to stop mimicing the linker namespace configuration of the /system/bin/* processes using LD_LIBRARY_PATH. Bug: 63597267 Test: run bionic-unit-tests Test: run linker-unit-tests Merged-In: If8e2ed0b8016e4e07bf6829735b8e02f952042d0 Change-Id: If8e2ed0b8016e4e07bf6829735b8e02f952042d0 (cherry picked from commit 9d1e50b809c091c01d92b9f7039ec83d94f3f05a) --- rootdir/etc/ld.config.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt index 436589ec5..fa200b3d4 100644 --- a/rootdir/etc/ld.config.txt +++ b/rootdir/etc/ld.config.txt @@ -7,6 +7,8 @@ dir.system = /system/bin/ dir.system = /system/xbin/ dir.vendor = /vendor/bin/ +dir.system = /data/nativetest/ +dir.system = /data/nativetest64/ [system] additional.namespaces = sphal,vndk,rs From c8ae86afdd150059e1ec0650886da60b19f79f8b Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Thu, 20 Jul 2017 15:17:35 +0900 Subject: [PATCH 02/10] Add [test] section for /data/[nativetest|benchmarktest] We have both system and vendor tests in the same directory /data/nativetest. Since we can't distinguish system and vendor tests at runtime, we choose to run all of them with the legacy namespace configuration where /system/lib and /vendor/lib are both accessible without any restriction. Furthermore, /system/lib/vndk-sp is added to the list of accessible directories for tests since some libs (such as libion.so) exist only in the directory but not in /system/lib. This will change in the future when we install system and vendor tests into different directories (vendor tests goes into ./vendor subdir). Then, we will run the tests with [system] or [vendor] configurations depending on their paths. Bug: 63597267 Test: run bionic-unit-tests Test: run linker-unit-tests Merged-In: I810003b2da0b30335200c130f484ea7b041f9f80 Change-Id: I810003b2da0b30335200c130f484ea7b041f9f80 (cherry picked from commit c034a43d44d87a6bb85bbdec9876b41b46ab5625) --- rootdir/etc/ld.config.txt | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt index fa200b3d4..a0fd58140 100644 --- a/rootdir/etc/ld.config.txt +++ b/rootdir/etc/ld.config.txt @@ -7,8 +7,10 @@ dir.system = /system/bin/ dir.system = /system/xbin/ dir.vendor = /vendor/bin/ -dir.system = /data/nativetest/ -dir.system = /data/nativetest64/ +dir.test = /data/nativetest/ +dir.test = /data/nativetest64/ +dir.test = /data/benchmarktest/ +dir.test = /data/benchmarktest64/ [system] additional.namespaces = sphal,vndk,rs @@ -107,9 +109,23 @@ namespace.vndk.asan.permitted.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB} namespace.vndk.links = default namespace.vndk.link.default.shared_libs = android.hidl.memory@1.0-impl.so:libc.so:libz.so:libm.so:libdl.so:libstdc++.so:liblog.so:libnativewindow.so:libEGL.so:libsync.so:libvndksupport.so - +############################################################################### +# Namespace config for vendor processes. In O, no restriction is enforced for +# them. However, in O-MR1, access to /system/${LIB} will not be allowed to +# the default namespace. 'system' namespace will be added to give limited +# (LL-NDK only) access. +############################################################################### [vendor] namespace.default.isolated = false namespace.default.search.paths = /vendor/${LIB}:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/system/${LIB} namespace.default.asan.search.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB} + +############################################################################### +# Namespace config for tests. No VNDK restriction is enforced for these tests. +############################################################################### +[test] +namespace.default.isolated = false +namespace.default.search.paths = /vendor/${LIB}:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/system/${LIB} + +namespace.default.asan.search.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB} From e373672afd23f9cdbed9481816a9f95dc4ff0491 Mon Sep 17 00:00:00 2001 From: Justin Yun Date: Tue, 25 Jul 2017 14:13:51 +0900 Subject: [PATCH 03/10] Add system/${LIB}/vndk to default namespace for vendor. With BOARD_VNDK_VERSION=current, vndk libs will be installed in system/${LIB}/vndk. To make them available for vendor, it must be added to default namespace. Bug: 63866913 Test: build and boot with BOARD_VNDK_VERSION=current Merged-In: I9e467a6125fc89513754b56a2420975559144f98 Change-Id: I9e467a6125fc89513754b56a2420975559144f98 (cherry picked from commit 90a2487776d464e867c7bad1dc8d993ed50df09e) --- rootdir/etc/ld.config.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt index a0fd58140..1077bb646 100644 --- a/rootdir/etc/ld.config.txt +++ b/rootdir/etc/ld.config.txt @@ -117,9 +117,9 @@ namespace.vndk.link.default.shared_libs = android.hidl.memory@1.0-impl.so:libc.s ############################################################################### [vendor] namespace.default.isolated = false -namespace.default.search.paths = /vendor/${LIB}:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/system/${LIB} +namespace.default.search.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl:/vendor/${LIB}:/system/${LIB}/vndk:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/system/${LIB} -namespace.default.asan.search.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB} +namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB} ############################################################################### # Namespace config for tests. No VNDK restriction is enforced for these tests. From b5c0fc3ceb027247c4e488e695d6eaac196355c8 Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Fri, 4 Aug 2017 16:18:03 +0900 Subject: [PATCH 04/10] Permit /system/lib/vndk-sp/hw/ for 'sphal' namespace android.hidl.memory@1.0-impl.so is a SP-HAL located in /system/lib/vndk-sp/hw. This can't be moved to /vendor/lib since it is a framework HAL. Bug: 62930720 Test: 2017 pixel builds and boots with BOARD_VNDK_VERSION on Merged-In: I9c456983ef68120c5e8c629efc6dd66a26220ecb Change-Id: I9c456983ef68120c5e8c629efc6dd66a26220ecb (cherry picked from commit 7d4cf3fd3364a86c895371337a849ab40c99b232) --- rootdir/etc/ld.config.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt index 1077bb646..ce354f24b 100644 --- a/rootdir/etc/ld.config.txt +++ b/rootdir/etc/ld.config.txt @@ -54,7 +54,7 @@ namespace.default.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB} namespace.sphal.isolated = true namespace.sphal.visible = true namespace.sphal.search.paths = /vendor/${LIB}/egl:/vendor/${LIB}/hw:/vendor/${LIB} -namespace.sphal.permitted.paths = /vendor/${LIB} +namespace.sphal.permitted.paths = /vendor/${LIB}:/system/${LIB}/vndk-sp/hw namespace.sphal.asan.search.paths = /data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}:/vendor/${LIB} namespace.sphal.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB} From 614c5521a370978f4431abcc13f666c3f46992b2 Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Tue, 11 Jul 2017 14:06:16 +0900 Subject: [PATCH 05/10] Use the legacy linker namespace configs when target is sanitized The new linker namespace config causes problem when the target is sanitized: vendor libs which are loaded in the sphal namespace can't link against to libclang_rt* libs which are in /system/lib directory because the directory is not allowed for sphal namsapce. Long-term solution would be installing libclang_rt* to both /system/lib and /vendor/lib so that vendor libs can link against to the one in /vendor/lib. Until the work is done, let's just disable the new linker namespace config when the target is to be sanitized. Bug: 63535130 Test: make SANITIZE_TARGET=integer_overflow SANITIZE_TARGET_DIAG=integer_overflow builds and boots to the UI Merged-In: I6afb69885aaa3d25e554b9ca699a572248bfc50a Change-Id: I6afb69885aaa3d25e554b9ca699a572248bfc50a (cherry picked from commit fff6f75fc1de2963254271d7d254e53ae187cada) --- rootdir/Android.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootdir/Android.mk b/rootdir/Android.mk index e199ed406..cebcb7faf 100644 --- a/rootdir/Android.mk +++ b/rootdir/Android.mk @@ -179,7 +179,7 @@ bcp_dep := include $(CLEAR_VARS) LOCAL_MODULE := ld.config.txt -ifeq ($(PRODUCT_FULL_TREBLE),true) +ifeq ($(PRODUCT_FULL_TREBLE)|$(SANITIZE_TARGET),true|) LOCAL_SRC_FILES := etc/ld.config.txt else LOCAL_SRC_FILES := etc/ld.config.legacy.txt From 333845c710822e16fc8a6d7d32f931416beb8dbb Mon Sep 17 00:00:00 2001 From: Justin Yun Date: Fri, 16 Jun 2017 18:11:35 +0900 Subject: [PATCH 06/10] Implement system namespace for vendor process For vendor process default namespace searches as following order: 1. /vendor/lib/(hw|egl), /vendor/lib: Vendor libs + VNDK-vnd-ext 2. /system/lib/vndk-$(ver): VNDK libs 3. /vendor/lib/vndk-sp-$(ver): VNDK-SP-vnd-ext 4. /system/lib/vndk-sp-$(ver): VNDK-SP and searches system namespace (/system/lib) only for LL-NDK libs. This configuarion is used only with BOARD_VNDK_VERSION is defined. Bug: 37192038 Test: build with 'BOARD_VNDK_VERSION=current' and boot Merged-In: If9778b9266a084846ba8fe73e6bff25828359d33 Change-Id: If9778b9266a084846ba8fe73e6bff25828359d33 (cherry picked from commit 24c29f1be49f47a6d8a098a10591d9c3f0d4e8ee) --- rootdir/Android.mk | 8 ++ rootdir/etc/ld.config.vndk.txt | 158 +++++++++++++++++++++++++++++++++ 2 files changed, 166 insertions(+) create mode 100644 rootdir/etc/ld.config.vndk.txt diff --git a/rootdir/Android.mk b/rootdir/Android.mk index cebcb7faf..ae75ae299 100644 --- a/rootdir/Android.mk +++ b/rootdir/Android.mk @@ -180,7 +180,15 @@ include $(CLEAR_VARS) LOCAL_MODULE := ld.config.txt ifeq ($(PRODUCT_FULL_TREBLE)|$(SANITIZE_TARGET),true|) +ifdef BOARD_VNDK_VERSION + ifeq ($(BOARD_VNDK_RUNTIME_DISABLE),true) + LOCAL_SRC_FILES := etc/ld.config.txt + else + LOCAL_SRC_FILES := etc/ld.config.vndk.txt + endif +else LOCAL_SRC_FILES := etc/ld.config.txt +endif else LOCAL_SRC_FILES := etc/ld.config.legacy.txt endif diff --git a/rootdir/etc/ld.config.vndk.txt b/rootdir/etc/ld.config.vndk.txt new file mode 100644 index 000000000..c7e257344 --- /dev/null +++ b/rootdir/etc/ld.config.vndk.txt @@ -0,0 +1,158 @@ +# Copyright (C) 2017 The Android Open Source Project +# +# Bionic loader config file. +# + +# Don't change the order here. The first pattern that matches with the +# absolution path of an executable is selected. +dir.system = /system/bin/ +dir.system = /system/xbin/ +dir.vendor = /vendor/bin/ +dir.vendor = /data/nativetest/vendor +dir.vendor = /data/nativetest64/vendor +dir.vendor = /data/benchmarktest/vendor +dir.vendor = /data/benchmarktest64/vendor +dir.system = /data/nativetest +dir.system = /data/nativetest64 +dir.system = /data/benchmarktest +dir.system = /data/benchmarktest64 + +[system] +additional.namespaces = sphal,vndk,rs + +############################################################################### +# "default" namespace +# +# Framework-side code runs in this namespace. Anything from /vendor partition +# can't be loaded in this namespace. +############################################################################### +namespace.default.isolated = false +namespace.default.search.paths = /system/${LIB}:/vendor/${LIB} +namespace.default.permitted.paths = /system/${LIB}:/vendor/${LIB} + +namespace.default.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB}:/data/asan/vendor/${LIB}:/vendor/${LIB} +namespace.default.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB}:/data/asan/vendor/${LIB}:/vendor/${LIB} + +# TODO(b/37013858): remove all dependencies to /vendor/lib from system processes +# When this is done, comment out following three lines and remove the three +# lines above +#namespace.default.isolated = true +#namespace.default.search.paths = /system/${LIB} +#namespace.default.permitted.paths = /system/${LIB} +# +#namespace.default.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB} +#namespace.default.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB} + +############################################################################### +# "sphal" namespace +# +# SP-HAL(Sameprocess-HAL)s are the only vendor libraries that are allowed to be +# loaded inside system processes. libEGL_.so, libGLESv2_.so, +# android.hardware.graphics.mapper@2.0-impl.so, etc are SP-HALs. +# +# This namespace is exclusivly for SP-HALs. When the framework tries to dynami- +# cally load SP-HALs, android_dlopen_ext() is used to explicitly specifying +# that they should be searched and loaded from this namespace. +# +# Note that there is no link from the default namespace to this namespace. +############################################################################### +namespace.sphal.isolated = true +namespace.sphal.visible = true +namespace.sphal.search.paths = /vendor/${LIB}/egl:/vendor/${LIB}/hw:/vendor/${LIB} +namespace.sphal.permitted.paths = /vendor/${LIB}:/system/${LIB}/vndk-sp/hw + +namespace.sphal.asan.search.paths = /data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}:/vendor/${LIB} +namespace.sphal.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB} + +# Once in this namespace, access to libraries in /system/lib is restricted. Only +# libs listed here can be used. +namespace.sphal.links = default,vndk,rs + +# WARNING: only NDK libs can be listed here. +namespace.sphal.link.default.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so + +# WARNING: only VNDK-SP libs can be listed here. DO NOT EDIT this line. +namespace.sphal.link.vndk.shared_libs = libhardware.so:libc++.so:libhidlbase.so:libhwbinder.so:libhidltransport.so:libbase.so:libhidlmemory.so:libRS.so:libRSDriver.so:libcutils.so:libion.so:libRSCpuRef.so:android.hardware.graphics.common@1.0.so:android.hardware.graphics.mapper@2.0.so:android.hidl.memory@1.0.so:libbcinfo.so:android.hardware.graphics.allocator@2.0.so:android.hardware.renderscript@1.0.so:libutils.so:libz.so + +# Renderscript gets separate namespace +namespace.sphal.link.rs.shared_libs = libRS_internal.so + +############################################################################### +# "rs" namespace +# +# This namespace is exclusively for Renderscript internal libraries. +# This namespace has slightly looser restriction than the vndk namespace because +# of the genuine characteristics of Renderscript; /data is in the permitted path +# to load the compiled *.so file and libmediandk.so can be used here. +############################################################################### +namespace.rs.isolated = true +namespace.rs.visible = true +namespace.rs.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/vendor/${LIB} +namespace.rs.permitted.paths = /vendor/${LIB}:/data + +namespace.rs.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/vendor/${LIB}:/vendor/${LIB} +namespace.rs.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data + +namespace.rs.links = default,vndk +namespace.rs.link.default.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so:libmediandk.so:libft2.so +namespace.rs.link.vndk.shared_libs = libhardware.so:libc++.so:libhidlbase.so:libhwbinder.so:libhidltransport.so:libbase.so:libhidlmemory.so:libRS.so:libRSDriver.so:libcutils.so:libion.so:libRSCpuRef.so:android.hardware.graphics.common@1.0.so:android.hardware.graphics.mapper@2.0.so:android.hidl.memory@1.0.so:libbcinfo.so:android.hardware.graphics.allocator@2.0.so:android.hardware.renderscript@1.0.so:libutils.so:libz.so + +############################################################################### +# "vndk" namespace +# +# This namespace is exclusively for vndk-sp libs. +############################################################################### +namespace.vndk.isolated = true +namespace.vndk.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp +namespace.vndk.permitted.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl + +namespace.vndk.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp +namespace.vndk.asan.permitted.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl + +# When these NDK libs are required inside this namespace, then it is redirected +# to the default namespace. This is possible since their ABI is stable across +# Android releases. +namespace.vndk.links = default +namespace.vndk.link.default.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so + +############################################################################### +# Namespace config for vendor processes. In O, no restriction is enforced for +# them. However, in O-MR1, access to /system/${LIB} will not be allowed to +# the default namespace. 'system' namespace will be added to give limited +# (LL-NDK only) access. +############################################################################### +[vendor] +additional.namespaces = system + +############################################################################### +# "default" namespace +# +# Vendor-side code runs in this namespace. +############################################################################### +namespace.default.isolated = true +namespace.default.visible = true + +namespace.default.search.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl:/vendor/${LIB}:/system/${LIB}/vndk:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp +namespace.default.permitted.paths = /vendor:/system/${LIB}/vndk:/system/${LIB}/vndk-sp + +namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp +namespace.default.asan.permitted.paths = /data/asan/vendor:/vendor:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp + +namespace.default.links = system +namespace.default.link.system.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so:libpowermanager.so:libmedia.so:libandroid_runtime.so +# libpowermanager.so must be removed after we have fix for libsdm-color.so (b/64732165) +# libmedia.so must be removed after we have fix for lib-dplmedia.so (b/64427765) +# libandroid_runtime.so must be removed after we have a fix for qseeproxydaemon (b/64820887) + +############################################################################### +# "system" namespace +# +# This is for vendor process to use LL-NDK in system partition. +############################################################################### +namespace.system.isolated = false +namespace.system.search.paths = /system/${LIB} +namespace.system.permitted.paths = /system/${LIB} + +namespace.system.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB} +namespace.system.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB} + From b5ddc5ae6b16cb58e4cb49c923ae7cdcec4f9ab6 Mon Sep 17 00:00:00 2001 From: Justin Yun Date: Fri, 25 Aug 2017 12:30:44 +0900 Subject: [PATCH 07/10] vndk: add vendor/lib(64)/vndk for vendor namespace When the vndk is extended by vendor, the libs in vendor/lib(64)/vndk will override system/lib(64)/vndk libs. Vendor binaries will search vndk libs in vendor/lib(64)/vndk prior to system/lib(64)/vndk. Also, remove a workaround for libsdm-color.so Bug: 65032513 Test: build and boot check for libsdm-color.so will be loaded on boot Test: currently no libs exist on vendor/lib(64)/vndk. No test for it Merged-In: I99ed37eb1a9e92c83533e2d92c9c06db11f01e97 Change-Id: I99ed37eb1a9e92c83533e2d92c9c06db11f01e97 (cherry picked from commit 3094de968443c60345f63318f14a5d919df762d5) --- rootdir/etc/ld.config.vndk.txt | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/rootdir/etc/ld.config.vndk.txt b/rootdir/etc/ld.config.vndk.txt index c7e257344..063aab923 100644 --- a/rootdir/etc/ld.config.vndk.txt +++ b/rootdir/etc/ld.config.vndk.txt @@ -132,15 +132,14 @@ additional.namespaces = system namespace.default.isolated = true namespace.default.visible = true -namespace.default.search.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl:/vendor/${LIB}:/system/${LIB}/vndk:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp +namespace.default.search.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl:/vendor/${LIB}:/vendor/${LIB}/vndk:/system/${LIB}/vndk:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp namespace.default.permitted.paths = /vendor:/system/${LIB}/vndk:/system/${LIB}/vndk-sp -namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp +namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk:/vendor/${LIB}/vndk:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp namespace.default.asan.permitted.paths = /data/asan/vendor:/vendor:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp namespace.default.links = system -namespace.default.link.system.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so:libpowermanager.so:libmedia.so:libandroid_runtime.so -# libpowermanager.so must be removed after we have fix for libsdm-color.so (b/64732165) +namespace.default.link.system.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so:libmedia.so:libandroid_runtime.so # libmedia.so must be removed after we have fix for lib-dplmedia.so (b/64427765) # libandroid_runtime.so must be removed after we have a fix for qseeproxydaemon (b/64820887) From 246338f90ef660e3078f4643f35df92f7c31bece Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Mon, 28 Aug 2017 14:42:49 +0900 Subject: [PATCH 08/10] Make default namespace for system processes isolated The default namespace for system process now becomes isolated, which means it can load only the libs that are in search.paths and under permitted.paths. /system/framework, /system/app, /system/priv-app, /vendor/app, /data, etc are added to the permitted paths since libart should be able to dlopen odex files under the locations. Following directories become unavailable: /system/lib/vndk /system/lib/vndk-sp Bug: 37013858 Bug: 64888291 Bug: 64950640 Test: 2017 pixel devices builds and boots Test: android.jni.cts.JniStaticTest#test_linker_namespaces passes Merged-In: I2bbe9cc19940c3633c2fb901f9bf8ab813e38c13 Change-Id: I2bbe9cc19940c3633c2fb901f9bf8ab813e38c13 (cherry picked from commit 55f05d79f9e83757acb72d3d300262f5954a00af) --- rootdir/etc/ld.config.vndk.txt | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/rootdir/etc/ld.config.vndk.txt b/rootdir/etc/ld.config.vndk.txt index 063aab923..adffd92e1 100644 --- a/rootdir/etc/ld.config.vndk.txt +++ b/rootdir/etc/ld.config.vndk.txt @@ -23,25 +23,21 @@ additional.namespaces = sphal,vndk,rs ############################################################################### # "default" namespace # -# Framework-side code runs in this namespace. Anything from /vendor partition +# Framework-side code runs in this namespace. Libs from /vendor partition # can't be loaded in this namespace. ############################################################################### -namespace.default.isolated = false +namespace.default.isolated = true +# TODO(b/63553457): remove /vendor/lib from the search path. For now, this is +# required since the classloader namespace for vendor apks should have access +# vendor libraries in the directory. These search paths are copied to the search +# paths of the classloader namespace. namespace.default.search.paths = /system/${LIB}:/vendor/${LIB} -namespace.default.permitted.paths = /system/${LIB}:/vendor/${LIB} +# /vendor/app, /vendor/framework were added since libart should be able to dlopen +# the odex files from the directory. +namespace.default.permitted.paths = /system/${LIB}/drm:/system/${LIB}/hw:/system/framework:/system/app:/system/priv-app:/vendor/app:/vendor/framework:/oem/app:/data:/mnt/expand namespace.default.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB}:/data/asan/vendor/${LIB}:/vendor/${LIB} -namespace.default.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB}:/data/asan/vendor/${LIB}:/vendor/${LIB} - -# TODO(b/37013858): remove all dependencies to /vendor/lib from system processes -# When this is done, comment out following three lines and remove the three -# lines above -#namespace.default.isolated = true -#namespace.default.search.paths = /system/${LIB} -#namespace.default.permitted.paths = /system/${LIB} -# -#namespace.default.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB} -#namespace.default.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB} +namespace.default.asan.permitted.paths = /data:/system/${LIB}/drm:/system/${LIB}/hw:/system/framework:/system/app:/system/priv-app:/vendor/app:/vendor/framework:/oem/app:/mnt/expand ############################################################################### # "sphal" namespace From ecc703c792651c1406592eed9f730c8e97ebc3cf Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Fri, 4 Aug 2017 19:08:06 +0900 Subject: [PATCH 09/10] templatize ld.config.txt Lists of libraries in between the linker namespaces are no longer hard-coded in ld.config.txt, but instead come from Soong. Bug: 37139976 Test: build 2017 pixel device with BOARD_VNDK_VERSION=current m -j Test: the device is bootable, basic functionalities (camera, camcorder, wifi, bt, gps, etc.) work. Merged-In: I8170e6c3f6ee04b16359791d64cc46bd2714a073 Change-Id: I8170e6c3f6ee04b16359791d64cc46bd2714a073 (cherry picked from commit 367984602abab743630d1fba8e4940f0a69e678b) --- rootdir/Android.mk | 52 ++++++++++++++++--- .../{ld.config.vndk.txt => ld.config.txt.in} | 13 +++-- 2 files changed, 50 insertions(+), 15 deletions(-) rename rootdir/etc/{ld.config.vndk.txt => ld.config.txt.in} (81%) diff --git a/rootdir/Android.mk b/rootdir/Android.mk index ae75ae299..f747a96ca 100644 --- a/rootdir/Android.mk +++ b/rootdir/Android.mk @@ -178,17 +178,52 @@ bcp_dep := # ld.config.txt include $(CLEAR_VARS) +_enforce_vndk_at_runtime := false + +ifdef BOARD_VNDK_VERSION +ifneq ($(BOARD_VNDK_RUNTIME_DISABLE),true) + _enforce_vndk_at_runtime := true +endif +endif + +ifeq ($(_enforce_vndk_at_runtime),true) +LOCAL_MODULE := ld.config.txt +LOCAL_MODULE_CLASS := ETC +LOCAL_MODULE_PATH := $(TARGET_OUT_ETC) +LOCAL_MODULE_STEM := $(LOCAL_MODULE) +include $(BUILD_SYSTEM)/base_rules.mk +vndk_lib_md5 := $(word 1, $(shell echo $(LLNDK_LIBRARIES) $(VNDK_SAMEPROCESS_LIBRARIES) | $(MD5SUM))) +vndk_lib_dep := $(intermediates)/$(vndk_lib_md5).dep +$(vndk_lib_dep): + $(hide) mkdir -p $(dir $@) && rm -rf $(dir $@)*.dep && touch $@ + +llndk_libraries := $(subst $(space),:,$(addsuffix .so,$(LLNDK_LIBRARIES))) + +vndk_sameprocess_libraries := $(subst $(space),:,$(addsuffix .so,$(VNDK_SAMEPROCESS_LIBRARIES))) + +vndk_core_libraries := $(subst $(space),:,$(addsuffix .so,$(VNDK_CORE_LIBRARIES))) + +$(LOCAL_BUILT_MODULE): PRIVATE_LLNDK_LIBRARIES := $(llndk_libraries) +$(LOCAL_BUILT_MODULE): PRIVATE_VNDK_SAMEPROCESS_LIBRARIES := $(vndk_sameprocess_libraries) +$(LOCAL_BUILT_MODULE): PRIVATE_LLNDK_PRIVATE_LIBRARIES := $(llndk_private_libraries) +$(LOCAL_BUILT_MODULE): PRIVATE_VNDK_CORE_LIBRARIES := $(vndk_core_libraries) +$(LOCAL_BUILT_MODULE): $(LOCAL_PATH)/etc/ld.config.txt.in $(vndk_lib_dep) + @echo "Generate: $< -> $@" + @mkdir -p $(dir $@) + $(hide) sed -e 's?%LLNDK_LIBRARIES%?$(PRIVATE_LLNDK_LIBRARIES)?g' $< >$@ + $(hide) sed -i -e 's?%VNDK_SAMEPROCESS_LIBRARIES%?$(PRIVATE_VNDK_SAMEPROCESS_LIBRARIES)?g' $@ + $(hide) sed -i -e 's?%VNDK_CORE_LIBRARIES%?$(PRIVATE_VNDK_CORE_LIBRARIES)?g' $@ + +vndk_lib_md5 := +vndk_lib_dep := +llndk_libraries := +vndk_sameprocess_libraries := +vndk_core_libraries := +else # if _enforce_vndk_at_runtime is not true + LOCAL_MODULE := ld.config.txt ifeq ($(PRODUCT_FULL_TREBLE)|$(SANITIZE_TARGET),true|) -ifdef BOARD_VNDK_VERSION - ifeq ($(BOARD_VNDK_RUNTIME_DISABLE),true) - LOCAL_SRC_FILES := etc/ld.config.txt - else - LOCAL_SRC_FILES := etc/ld.config.vndk.txt - endif -else LOCAL_SRC_FILES := etc/ld.config.txt -endif else LOCAL_SRC_FILES := etc/ld.config.legacy.txt endif @@ -196,3 +231,4 @@ LOCAL_MODULE_CLASS := ETC LOCAL_MODULE_PATH := $(TARGET_OUT_ETC) LOCAL_MODULE_STEM := $(LOCAL_MODULE) include $(BUILD_PREBUILT) +endif diff --git a/rootdir/etc/ld.config.vndk.txt b/rootdir/etc/ld.config.txt.in similarity index 81% rename from rootdir/etc/ld.config.vndk.txt rename to rootdir/etc/ld.config.txt.in index adffd92e1..401b0341b 100644 --- a/rootdir/etc/ld.config.vndk.txt +++ b/rootdir/etc/ld.config.txt.in @@ -65,10 +65,10 @@ namespace.sphal.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB} namespace.sphal.links = default,vndk,rs # WARNING: only NDK libs can be listed here. -namespace.sphal.link.default.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so +namespace.sphal.link.default.shared_libs = %LLNDK_LIBRARIES% # WARNING: only VNDK-SP libs can be listed here. DO NOT EDIT this line. -namespace.sphal.link.vndk.shared_libs = libhardware.so:libc++.so:libhidlbase.so:libhwbinder.so:libhidltransport.so:libbase.so:libhidlmemory.so:libRS.so:libRSDriver.so:libcutils.so:libion.so:libRSCpuRef.so:android.hardware.graphics.common@1.0.so:android.hardware.graphics.mapper@2.0.so:android.hidl.memory@1.0.so:libbcinfo.so:android.hardware.graphics.allocator@2.0.so:android.hardware.renderscript@1.0.so:libutils.so:libz.so +namespace.sphal.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES% # Renderscript gets separate namespace namespace.sphal.link.rs.shared_libs = libRS_internal.so @@ -90,8 +90,8 @@ namespace.rs.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB} namespace.rs.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data namespace.rs.links = default,vndk -namespace.rs.link.default.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so:libmediandk.so:libft2.so -namespace.rs.link.vndk.shared_libs = libhardware.so:libc++.so:libhidlbase.so:libhwbinder.so:libhidltransport.so:libbase.so:libhidlmemory.so:libRS.so:libRSDriver.so:libcutils.so:libion.so:libRSCpuRef.so:android.hardware.graphics.common@1.0.so:android.hardware.graphics.mapper@2.0.so:android.hidl.memory@1.0.so:libbcinfo.so:android.hardware.graphics.allocator@2.0.so:android.hardware.renderscript@1.0.so:libutils.so:libz.so +namespace.rs.link.default.shared_libs = %LLNDK_LIBRARIES% +namespace.rs.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES% ############################################################################### # "vndk" namespace @@ -109,7 +109,7 @@ namespace.vndk.asan.permitted.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB} # to the default namespace. This is possible since their ABI is stable across # Android releases. namespace.vndk.links = default -namespace.vndk.link.default.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so +namespace.vndk.link.default.shared_libs = %LLNDK_LIBRARIES% ############################################################################### # Namespace config for vendor processes. In O, no restriction is enforced for @@ -135,7 +135,7 @@ namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB} namespace.default.asan.permitted.paths = /data/asan/vendor:/vendor:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp namespace.default.links = system -namespace.default.link.system.shared_libs = libEGL.so:libm.so:libandroid_net.so:libvndksupport.so:libc.so:libGLESv1_CM.so:liblog.so:libsync.so:libnativewindow.so:libGLESv3.so:libdl.so:libGLESv2.so:libmedia.so:libandroid_runtime.so +namespace.default.link.system.shared_libs = %LLNDK_LIBRARIES%:libmedia.so:libandroid_runtime.so # libmedia.so must be removed after we have fix for lib-dplmedia.so (b/64427765) # libandroid_runtime.so must be removed after we have a fix for qseeproxydaemon (b/64820887) @@ -150,4 +150,3 @@ namespace.system.permitted.paths = /system/${LIB} namespace.system.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB} namespace.system.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB} - From 257de3def5092797a9ab29551c94bcc57e07eaa0 Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Thu, 31 Aug 2017 16:42:23 +0900 Subject: [PATCH 10/10] fix: boot fails on ASAN builds with VNDK restriction Fix the bug that caused boot failure on ASAN builds with VNDK restriciton. The major cause is because incorrect (old) ld.config.txt was used when the build is sanitized, which prevented the dynamic linker to find some VNDK libs that only exist in /system/lib/vndk; the old ld.config.txt does not have the directory in its search paths. So, this CL fixes the problem by having the same ld.config.txt for both sanitized and non-sanitizied builds. Furthermore, ld.config.txt is modified so that dependency to libclang_rt* libs are redirected to those in /system/lib directory. This ensures that the sanitizer runtime libs are not dual loaded but are provided for both platform and vendors. Bug: 65217017 Test: SANITIZE_TARGET=integer_overflow SANITIZE_TARGET_DIAG=integer_overflow m on 2017 pixel devices. The build is successful and the device boots to the UI. Merged-In: I0e21e20d9aca340b984968e07d4ce542ae10fd31 Change-Id: I0e21e20d9aca340b984968e07d4ce542ae10fd31 (cherry picked from commit faefa6bd3682a0e8f5de2184cca5960a82a00020) --- rootdir/Android.mk | 11 +++++++++++ rootdir/etc/ld.config.txt.in | 6 +++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/rootdir/Android.mk b/rootdir/Android.mk index f747a96ca..fd4625172 100644 --- a/rootdir/Android.mk +++ b/rootdir/Android.mk @@ -203,22 +203,33 @@ vndk_sameprocess_libraries := $(subst $(space),:,$(addsuffix .so,$(VNDK_SAMEPROC vndk_core_libraries := $(subst $(space),:,$(addsuffix .so,$(VNDK_CORE_LIBRARIES))) +sanitizer_runtime_libraries := $(subst $(space),:,$(addsuffix .so,\ +$(ADDRESS_SANITIZER_RUNTIME_LIBRARY) \ +$(UBSAN_RUNTIME_LIBRARY) \ +$(TSAN_RUNTIME_LIBRARY) \ +$(2ND_ADDRESS_SANITIZER_RUNTIME_LIBRARY) \ +$(2ND_UBSAN_RUNTIME_LIBRARY) \ +$(2ND_TSAN_RUNTIME_LIBRARY))) + $(LOCAL_BUILT_MODULE): PRIVATE_LLNDK_LIBRARIES := $(llndk_libraries) $(LOCAL_BUILT_MODULE): PRIVATE_VNDK_SAMEPROCESS_LIBRARIES := $(vndk_sameprocess_libraries) $(LOCAL_BUILT_MODULE): PRIVATE_LLNDK_PRIVATE_LIBRARIES := $(llndk_private_libraries) $(LOCAL_BUILT_MODULE): PRIVATE_VNDK_CORE_LIBRARIES := $(vndk_core_libraries) +$(LOCAL_BUILT_MODULE): PRIVATE_SANITIZER_RUNTIME_LIBRARIES := $(sanitizer_runtime_libraries) $(LOCAL_BUILT_MODULE): $(LOCAL_PATH)/etc/ld.config.txt.in $(vndk_lib_dep) @echo "Generate: $< -> $@" @mkdir -p $(dir $@) $(hide) sed -e 's?%LLNDK_LIBRARIES%?$(PRIVATE_LLNDK_LIBRARIES)?g' $< >$@ $(hide) sed -i -e 's?%VNDK_SAMEPROCESS_LIBRARIES%?$(PRIVATE_VNDK_SAMEPROCESS_LIBRARIES)?g' $@ $(hide) sed -i -e 's?%VNDK_CORE_LIBRARIES%?$(PRIVATE_VNDK_CORE_LIBRARIES)?g' $@ + $(hide) sed -i -e 's?%SANITIZER_RUNTIME_LIBRARIES%?$(PRIVATE_SANITIZER_RUNTIME_LIBRARIES)?g' $@ vndk_lib_md5 := vndk_lib_dep := llndk_libraries := vndk_sameprocess_libraries := vndk_core_libraries := +sanitizer_runtime_libraries := else # if _enforce_vndk_at_runtime is not true LOCAL_MODULE := ld.config.txt diff --git a/rootdir/etc/ld.config.txt.in b/rootdir/etc/ld.config.txt.in index 401b0341b..e741a34da 100644 --- a/rootdir/etc/ld.config.txt.in +++ b/rootdir/etc/ld.config.txt.in @@ -65,7 +65,7 @@ namespace.sphal.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB} namespace.sphal.links = default,vndk,rs # WARNING: only NDK libs can be listed here. -namespace.sphal.link.default.shared_libs = %LLNDK_LIBRARIES% +namespace.sphal.link.default.shared_libs = %LLNDK_LIBRARIES%:%SANITIZER_RUNTIME_LIBRARIES% # WARNING: only VNDK-SP libs can be listed here. DO NOT EDIT this line. namespace.sphal.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES% @@ -90,7 +90,7 @@ namespace.rs.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB} namespace.rs.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data namespace.rs.links = default,vndk -namespace.rs.link.default.shared_libs = %LLNDK_LIBRARIES% +namespace.rs.link.default.shared_libs = %LLNDK_LIBRARIES%:%SANITIZER_RUNTIME_LIBRARIES% namespace.rs.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES% ############################################################################### @@ -109,7 +109,7 @@ namespace.vndk.asan.permitted.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB} # to the default namespace. This is possible since their ABI is stable across # Android releases. namespace.vndk.links = default -namespace.vndk.link.default.shared_libs = %LLNDK_LIBRARIES% +namespace.vndk.link.default.shared_libs = %LLNDK_LIBRARIES%:%SANITIZER_RUNTIME_LIBRARIES% ############################################################################### # Namespace config for vendor processes. In O, no restriction is enforced for