build/apex/ld.config.txt

# Copyright (C) 2018 The Android Open Source Project
#
# Bionic loader config file for the Runtime APEX.
#
# There are no versioned APEX paths here - this APEX module does not support
# having several versions mounted.

dir.runtime = /apex/com.android.runtime/bin/

[runtime]
additional.namespaces = platform,conscrypt,runtime

# Keep in sync with the runtime namespace in /system/etc/ld.config.txt.
namespace.default.isolated = true
# Visible because some libraries are dlopen'ed, e.g. libopenjdk is dlopen'ed by
# libart.
namespace.default.visible = true
namespace.default.search.paths = /apex/com.android.runtime/${LIB}
namespace.default.asan.search.paths = /apex/com.android.runtime/${LIB}
# odex files are in /system/framework. dalvikvm has to be able to dlopen the
# files for CTS.
namespace.default.permitted.paths = /system/framework
namespace.default.links = platform
# TODO(b/119867084): Restrict fallback to platform namespace to PALette library.
namespace.default.link.platform.allow_all_shared_libs = true

# Keep in sync with the default namespace in /system/etc/ld.config.txt.
namespace.platform.isolated = true
namespace.platform.search.paths = /system/${LIB}
namespace.platform.asan.search.paths = /data/asan/system/${LIB}
namespace.platform.links = default
namespace.platform.link.default.shared_libs  = libart.so:libartd.so
namespace.platform.link.default.shared_libs += libdexfile_external.so
namespace.platform.link.default.shared_libs += libnativebridge.so
namespace.platform.link.default.shared_libs += libnativehelper.so
namespace.platform.link.default.shared_libs += libnativeloader.so
# /system/lib/libc.so, etc are symlinks to /bionic/lib/libc.so, etc.
# Add /bionic/lib to the permitted paths because linker uses realpath(3)
# to check the accessibility of the lib. We could add this to search.paths
# instead but that makes the resolution of bionic libs be dependent on
# the order of /system/lib and /bionic/lib in search.paths. If /bionic/lib
# is after /system/lib, then /bionic/lib is never tried because libc.so
# is always found in /system/lib but fails to pass the accessibility test
# because of its realpath.  It's better to not depend on the ordering if
# possible.
namespace.platform.permitted.paths = /bionic/${LIB}
namespace.platform.asan.permitted.paths = /bionic/${LIB}

# Note that we don't need to link the default namespace with conscrypt:
# the runtime Java code and binaries do not explicitly load native libraries
# from it.

###############################################################################
# "conscrypt" APEX namespace
#
# This namespace is for libraries within the conscrypt APEX.
###############################################################################

# Keep in sync with conscrypt namespace in /system/etc/ld.config.txt.
namespace.conscrypt.isolated = true
namespace.conscrypt.visible = true

namespace.conscrypt.search.paths = /apex/com.android.conscrypt/${LIB}
namespace.conscrypt.asan.search.paths = /apex/com.android.conscrypt/${LIB}
namespace.conscrypt.links = runtime,platform
namespace.conscrypt.link.runtime.shared_libs   = libjavacore.so
namespace.conscrypt.link.platform.shared_libs  = libc.so
namespace.conscrypt.link.platform.shared_libs += libm.so
namespace.conscrypt.link.platform.shared_libs += libdl.so

###############################################################################
# "runtime" APEX namespace
#
# This namespace is an alias for the default namespace.
###############################################################################
namespace.runtime.isolated = true
namespace.runtime.visible = true
namespace.runtime.links = default
namespace.runtime.link.default.allow_all_shared_libs = true
namespace.runtime.links += platform
# TODO(b/119867084): Restrict fallback to platform namespace to PALette library.
namespace.runtime.link.platform.allow_all_shared_libs = true