In the namespace with "isolated = false", "permitted.paths" is not
used.
Bug: 71727966
Test: walleye device boot
Change-Id: I6f624be3c4e2c4070bb784632d0757408ec12db0
We recently created a new GID that can be granted to critical system
processes, so that the system is usable enough for the user to free
up disk space used by abusive apps.
Test: builds, boots
Bug: 62024591
Change-Id: Ia5af7535cc05a214f8720ac08c594c6db888597a
The odm partition will eventually be required. Prepare for this by
creating its mount point.
Bug: 37322799
Test: run cts-dev -m CtsPermissionTestCases
Change-Id: Ibd031b68dd7328c853ded401bb2690dbd6675141
Shared libraries in the directory should be dlopened with full file
paths. That was a workaround for some legacy prebuilt binaries and they
are all now fixed. Thus removing.
Bug: 70551668
Test: walleye, aosp_walleye, taimen, aosp_taimen boot to the UI
Change-Id: Ifb123b09c13f873cbefa7784e76dfe5f35575a8d
This commit extracts /system/lib[64]/vndk and /system/lib[64]/vndk-sp
into another namespace in the vendor section. This commit is necessary
because LLNDK libraries (e.g. libc or libnativewindow) may otherwise
link to the shared libraries in /system/lib[64]/vndk-sp, which may be
older than the one LLNDK libraries built with.
Test: aosp_walleye boots
Bug: 70816018
Change-Id: I6fceb0da92c978ad940af91f5efe84e673c9247e
Paths for extended VNDK libs don't need version suffix, because there
always is the single version that the vendor(odm) modules are built
against.
Bug: 70601582
Test: walleye boots to the UI.
Test: No further test is possible since we don't have extended VNDK yet
in our source tree.
Change-Id: Idbf4bb820ddb136d00744f64ddf6ebe6442ad16e
Re-format the files by splitting lines using +=.
Also add /odm/${LIB} where needed.
A few directories that are no longer required are removed from the
search paths and permitted paths.
Test: walleye and sailfish boots to the UI, renderscript, camera,
camcodder, sound, etc. are working.
Change-Id: I3150f0c3d35130d6b1a665e3f0813d33b1b7f546
The interface lib has been in VNDK-SP because
android.hardware.graphics.mapper@1.0 was using it. However, since the
dependency has gone [1], there is no need keep it in VNDK-SP. The
VNDK-SP set should be kept as small as possible because libs in VNDK-SP
are subject to double-loading.
[1] 79d13ff0f5
Bug: 69480083
Test: /system/lib64/vndk-sp/android.hardware.graphics.allocator@2.0.so
disappears.
Test: sailfish boots
Change-Id: I0e6518f169dd620d6b1a9ada47754e371ef4a739
Merged-In: I0e6518f169dd620d6b1a9ada47754e371ef4a739
(cherry picked from commit 9d898f3678)
If PLATFORM_VNDK_VERSION is set to a version other than "current",
add the version to the file names of the namespace configuration
files.
Bug: 69883025
Test: device boot
Change-Id: I27377549581125b6c750c1422d0ee4a607dda5e8
This CL fixes an error with the asan permitted paths in
ld.config.txt.in.
Bug: 63927538
Test: lunch walleye_asan-userdebug && m -j40
Change-Id: Ica0504cb52ef6e6b3e4ce2deae3ce5984e38cc93
The interface lib has been in VNDK-SP because
android.hardware.graphics.mapper@1.0 was using it. However, since the
dependency has gone [1], there is no need keep it in VNDK-SP. The
VNDK-SP set should be kept as small as possible because libs in VNDK-SP
are subject to double-loading.
[1] 79d13ff0f5
Bug: 69480083
Test: /system/lib64/vndk-sp/android.hardware.graphics.allocator@2.0.so
disappears.
Test: sailfish boots
Change-Id: I0e6518f169dd620d6b1a9ada47754e371ef4a739
Remove list of services and support for asan.options. This has not
been used in a while, and there is contention about listing names
of device-specific services.
Bug: 70387666
Test: m
Change-Id: I766c6b3a0c44b6b992a3259a3c4215a688452907
All vndk/vndk-sp directories will have version suffix if
"ro.vndk.version" is set.
Bug: 69984421
Bug: 66074376
Test: Build with BOARD_VNDK_VERSION=current and
BOARD_VNDK_RUNTIME_DISABLE=true. Check boot.
Change-Id: I03849f9f96bc6c7880aa70c517e963aab4e033b8
We will have apps under /vendor/priv-app. Add the path to the permitted
paths so that the apks and so libs under the directory can be loaded.
Bug: 35301609
Test: None since we don't have priv vendor app yet.
Change-Id: Ida998adb2e180852b1922e9933f25b988517399e
W/T enforce restrictions on linker paths, which M/S do not.
Because of this, media.extractor was unable to load its extractors on W/T.
Bug: 67405932
Test: play sounds successfully
Merged-In: I8914da74780c909da815beaffcd4d76fbe2cc6b5
Change-Id: I8914da74780c909da815beaffcd4d76fbe2cc6b5
(cherry picked from commit 593b43910b)
This reverts commit 875fe42a81.
... and fixes a bug that private VNDK libs are not accessible even to
RenderScript framework libraries (such as libRS_internal.so). This is
fixed by exceptionally allowing the private libs only to 'rs'
namespace.
Bug: 70260989
Bug: 70279973
Bug: 63878960
Test: Build for walleye and tested Photos edit.
Test: other renderscript app (camerascript) works as well
Merged-In: I3978cbe2e869f6a1c214c755ded038349bde7b6b
Change-Id: I3978cbe2e869f6a1c214c755ded038349bde7b6b
(cherry picked from commit 781c47f4da)
The permitted and search paths should be changed according to VNDK version.
However these paths are fixed with vndk and vndk-sp. So I define the
directory name as below
- /system/${LIB}/vndk${VNDK_VERSION}
- /system/${LIB}/vndk-sp${VNDK_VERSION}
${VNDK_VERSION} will be set by the property "ro.vndk.version".
Bug: 66074376
Test: build & run
Merged-In: I7b8e12327af89d131c4c49cb9b459a393c7dacb8
Change-Id: I7b8e12327af89d131c4c49cb9b459a393c7dacb8
(cherry picked from commit 85c773f0a2)
