| Martin Stjernholm | 799ad14 | 2018-12-19 20:37:27 +0000 | [diff] [blame] | 1 | # Copyright (C) 2018 The Android Open Source Project |
| 2 | # |
| 3 | # Bionic loader config file for the Runtime APEX. |
| 4 | # |
| 5 | # There are no versioned APEX paths here - this APEX module does not support |
| 6 | # having several versions mounted. |
| 7 | |
| 8 | dir.runtime = /apex/com.android.runtime/bin/ |
| 9 | |
| 10 | [runtime] |
| Nicolas Geoffray | 584bebe | 2019-01-26 01:07:35 +0000 | [diff] [blame] | 11 | additional.namespaces = platform,conscrypt,runtime |
| Martin Stjernholm | 799ad14 | 2018-12-19 20:37:27 +0000 | [diff] [blame] | 12 | |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 13 | # Keep in sync with the runtime namespace in /system/etc/ld.config.txt. |
| Martin Stjernholm | 799ad14 | 2018-12-19 20:37:27 +0000 | [diff] [blame] | 14 | namespace.default.isolated = true |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 15 | # Visible because some libraries are dlopen'ed, e.g. libopenjdk is dlopen'ed by |
| 16 | # libart. |
| 17 | namespace.default.visible = true |
| 18 | namespace.default.search.paths = /apex/com.android.runtime/${LIB} |
| 19 | namespace.default.asan.search.paths = /apex/com.android.runtime/${LIB} |
| Martin Stjernholm | 799ad14 | 2018-12-19 20:37:27 +0000 | [diff] [blame] | 20 | # odex files are in /system/framework. dalvikvm has to be able to dlopen the |
| 21 | # files for CTS. |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 22 | namespace.default.permitted.paths = /system/framework |
| 23 | namespace.default.links = platform |
| Martin Stjernholm | a4469ef | 2019-02-27 21:04:24 +0000 | [diff] [blame] | 24 | # Need allow_all_shared_libs because libart.so can dlopen oat files in |
| 25 | # /system/framework and /data. |
| 26 | # TODO(b/130340935): Use a dynamically created linker namespace similar to |
| 27 | # classloader-namespace for oat files, and tighten this up. |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 28 | namespace.default.link.platform.allow_all_shared_libs = true |
| Martin Stjernholm | 799ad14 | 2018-12-19 20:37:27 +0000 | [diff] [blame] | 29 | |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 30 | # Keep in sync with the default namespace in /system/etc/ld.config.txt. |
| Martin Stjernholm | 799ad14 | 2018-12-19 20:37:27 +0000 | [diff] [blame] | 31 | namespace.platform.isolated = true |
| 32 | namespace.platform.search.paths = /system/${LIB} |
| Jiyong Park | f8d8eb9 | 2019-01-24 15:06:21 +0900 | [diff] [blame] | 33 | namespace.platform.asan.search.paths = /data/asan/system/${LIB} |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 34 | namespace.platform.links = default |
| Martin Stjernholm | 356864a | 2019-04-30 16:22:17 +0100 | [diff] [blame^] | 35 | namespace.platform.link.default.shared_libs = libandroidicu.so |
| 36 | namespace.platform.link.default.shared_libs += libdexfile_external.so |
| 37 | namespace.platform.link.default.shared_libs += libdexfiled_external.so |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 38 | namespace.platform.link.default.shared_libs += libnativebridge.so |
| 39 | namespace.platform.link.default.shared_libs += libnativehelper.so |
| 40 | namespace.platform.link.default.shared_libs += libnativeloader.so |
| Victor Chang | 2f0008a | 2019-01-15 14:10:34 +0000 | [diff] [blame] | 41 | |
| 42 | # TODO(b/122876336): Remove libpac.so once it's migrated to Webview |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 43 | namespace.platform.link.default.shared_libs += libpac.so |
| Victor Chang | 2f0008a | 2019-01-15 14:10:34 +0000 | [diff] [blame] | 44 | |
| Jiyong Park | 94b6c34 | 2019-03-07 14:58:34 +0900 | [diff] [blame] | 45 | # /system/lib/libc.so, etc are symlinks to |
| 46 | # /apex/com.android.runtime/lib/bionic/libc.so, etc. Add the path to the |
| 47 | # permitted paths because linker uses realpath(3) to check the accessibility |
| 48 | # of the lib. We could add this to search.paths instead but that makes the |
| 49 | # resolution of bionic libs be dependent on the order of /system/lib and |
| 50 | # /apex/.../lib/bionic in search.paths. If the latter is after the former, |
| 51 | # then the latter is never tried because libc.so is always found in |
| 52 | # /system/lib but fails to pass the accessibility test because of its realpath. |
| 53 | # It's better to not depend on the ordering if possible. |
| 54 | namespace.platform.permitted.paths = /apex/com.android.runtime/${LIB}/bionic |
| 55 | namespace.platform.asan.permitted.paths = /apex/com.android.runtime/${LIB}/bionic |
| Nicolas Geoffray | 37498de | 2019-01-22 08:46:34 +0000 | [diff] [blame] | 56 | |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 57 | # Note that we don't need to link the default namespace with conscrypt: |
| Nicolas Geoffray | 0299fad | 2019-01-22 14:50:29 +0000 | [diff] [blame] | 58 | # the runtime Java code and binaries do not explicitly load native libraries |
| 59 | # from it. |
| 60 | |
| Nicolas Geoffray | 37498de | 2019-01-22 08:46:34 +0000 | [diff] [blame] | 61 | ############################################################################### |
| 62 | # "conscrypt" APEX namespace |
| 63 | # |
| 64 | # This namespace is for libraries within the conscrypt APEX. |
| 65 | ############################################################################### |
| Nicolas Geoffray | 0299fad | 2019-01-22 14:50:29 +0000 | [diff] [blame] | 66 | |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 67 | # Keep in sync with conscrypt namespace in /system/etc/ld.config.txt. |
| Nicolas Geoffray | 37498de | 2019-01-22 08:46:34 +0000 | [diff] [blame] | 68 | namespace.conscrypt.isolated = true |
| 69 | namespace.conscrypt.visible = true |
| 70 | |
| 71 | namespace.conscrypt.search.paths = /apex/com.android.conscrypt/${LIB} |
| Jiyong Park | f8d8eb9 | 2019-01-24 15:06:21 +0900 | [diff] [blame] | 72 | namespace.conscrypt.asan.search.paths = /apex/com.android.conscrypt/${LIB} |
| Pete Bentley | dc3d587 | 2019-01-31 11:06:00 +0000 | [diff] [blame] | 73 | namespace.conscrypt.links = runtime,platform |
| Pete Bentley | 79f5662 | 2019-03-21 17:09:56 +0000 | [diff] [blame] | 74 | namespace.conscrypt.link.runtime.shared_libs = libandroidio.so |
| Nicolas Geoffray | 37498de | 2019-01-22 08:46:34 +0000 | [diff] [blame] | 75 | namespace.conscrypt.link.platform.shared_libs = libc.so |
| 76 | namespace.conscrypt.link.platform.shared_libs += libm.so |
| 77 | namespace.conscrypt.link.platform.shared_libs += libdl.so |
| Tom Cherry | 6686f3c | 2019-02-19 10:47:10 -0800 | [diff] [blame] | 78 | namespace.conscrypt.link.platform.shared_libs += liblog.so |
| Martin Stjernholm | 916b426 | 2019-04-29 20:57:27 +0000 | [diff] [blame] | 79 | |
| 80 | ############################################################################### |
| 81 | # "runtime" APEX namespace |
| 82 | # |
| 83 | # This namespace is an alias for the default namespace. |
| 84 | ############################################################################### |
| 85 | namespace.runtime.isolated = true |
| 86 | namespace.runtime.visible = true |
| 87 | namespace.runtime.links = default |
| 88 | namespace.runtime.link.default.allow_all_shared_libs = true |
| 89 | namespace.runtime.links += platform |
| 90 | # TODO(b/119867084): Restrict fallback to platform namespace to PALette library. |
| 91 | namespace.runtime.link.platform.allow_all_shared_libs = true |