Retain relevant comments from system/core/rootdir/etc/ld.config.txt.
This CL carries over the comments from the old text config that was deleted
in https://r.android.com/1128832.
Test: N/A - comment changes only
Bug: 138920271
Change-Id: I4309599228cace3d19bba7bc992e80fe2eb66c69
diff --git a/contents/configuration/baseconfig.cc b/contents/configuration/baseconfig.cc
index eca4d31..838a40c 100644
--- a/contents/configuration/baseconfig.cc
+++ b/contents/configuration/baseconfig.cc
@@ -22,6 +22,9 @@
using android::linkerconfig::modules::Section;
namespace {
+
+// Don't change the order here. The first pattern that matches with the
+// absolute path of an executable is selected.
const std::vector<DirToSection> kDirToSection = {
{"/system/bin/", "system"},
{"/system/xbin/", "system"},
@@ -51,6 +54,7 @@
// else. This must be last.
{"/data", "system"},
};
+
} // namespace
namespace android {
@@ -74,4 +78,4 @@
}
} // namespace contents
} // namespace linkerconfig
-} // namespace android
\ No newline at end of file
+} // namespace android
diff --git a/contents/namespace/art.cc b/contents/namespace/art.cc
index 559ac0c..c3a0eff 100644
--- a/contents/namespace/art.cc
+++ b/contents/namespace/art.cc
@@ -14,6 +14,9 @@
* limitations under the License.
*/
+// This namespace exposes externally accessible libraries from the ART APEX.
+// Keep in sync with the "art" namespace in art/build/apex/ld.config.txt.
+
#include "linkerconfig/namespacebuilder.h"
using android::linkerconfig::modules::AsanPath;
diff --git a/contents/namespace/conscrypt.cc b/contents/namespace/conscrypt.cc
index 2bb765d..eb8aa32 100644
--- a/contents/namespace/conscrypt.cc
+++ b/contents/namespace/conscrypt.cc
@@ -14,6 +14,9 @@
* limitations under the License.
*/
+// This namespace is for libraries within the conscrypt APEX.
+// Keep in sync with the "conscrypt" namespace in art/build/apex/ld.config.txt.
+
#include "linkerconfig/namespacebuilder.h"
#include <string>
diff --git a/contents/namespace/media.cc b/contents/namespace/media.cc
index 0208963..2b41d37 100644
--- a/contents/namespace/media.cc
+++ b/contents/namespace/media.cc
@@ -14,6 +14,8 @@
* limitations under the License.
*/
+// This namespace is for libraries within the media APEX.
+
#include "linkerconfig/namespacebuilder.h"
#include <string>
diff --git a/contents/namespace/neuralnetworks.cc b/contents/namespace/neuralnetworks.cc
index 49add82..873f84a 100644
--- a/contents/namespace/neuralnetworks.cc
+++ b/contents/namespace/neuralnetworks.cc
@@ -13,6 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+
+// This namespace is for libraries within the NNAPI APEX.
+
#include "linkerconfig/namespacebuilder.h"
#include "linkerconfig/environment.h"
diff --git a/contents/namespace/resolv.cc b/contents/namespace/resolv.cc
index 3156fa3..0fae623 100644
--- a/contents/namespace/resolv.cc
+++ b/contents/namespace/resolv.cc
@@ -14,6 +14,8 @@
* limitations under the License.
*/
+// This namespace is for libraries within the resolv APEX.
+
#include "linkerconfig/namespacebuilder.h"
#include <string>
diff --git a/contents/namespace/rs.cc b/contents/namespace/rs.cc
index df6e988..c0e3d89 100644
--- a/contents/namespace/rs.cc
+++ b/contents/namespace/rs.cc
@@ -14,6 +14,11 @@
* limitations under the License.
*/
+// This namespace is exclusively for Renderscript internal libraries. This
+// namespace has slightly looser restriction than the vndk namespace because of
+// the genuine characteristics of Renderscript; /data is in the permitted path
+// to load the compiled *.so file and libmediandk.so can be used here.
+
#include "linkerconfig/namespacebuilder.h"
using android::linkerconfig::modules::AsanPath;
@@ -37,8 +42,11 @@
ns.AddPermittedPath("/system/vendor/${LIB}", AsanPath::NONE);
ns.AddPermittedPath("/data", AsanPath::SAME_PATH);
+ // Private LLNDK libs (e.g. libft2.so) are exceptionally allowed to this
+ // namespace because RS framework libs are using them.
ns.GetLink(ctx.GetSystemNamespaceName())
.AddSharedLib({"@{LLNDK_LIBRARIES}", "@{PRIVATE_LLNDK_LIBRARIES:}"});
+
ns.GetLink("neuralnetworks").AddSharedLib("libneuralnetworks.so");
return ns;
diff --git a/contents/namespace/runtime.cc b/contents/namespace/runtime.cc
index 564cb17..225f5b1 100644
--- a/contents/namespace/runtime.cc
+++ b/contents/namespace/runtime.cc
@@ -14,6 +14,10 @@
* limitations under the License.
*/
+// Currently, the runtime namespace is only to isolate
+// libc_malloc_hooks/debug.so in the Runtime APEX. libc/l/d are loaded in the
+// default namespace.
+
#include "linkerconfig/namespacebuilder.h"
using android::linkerconfig::modules::AsanPath;
@@ -24,8 +28,6 @@
namespace contents {
Namespace BuildRuntimeNamespace([[maybe_unused]] const Context& ctx) {
- // Currently, the runtime namespace is only to isolate
- // libc_malloc_hooks/debug.so. libc/l/d are loaded in the default namespace.
Namespace ns("runtime",
/*is_isolated=*/true,
/*is_visible=*/true);
diff --git a/contents/namespace/sphal.cc b/contents/namespace/sphal.cc
index 7a605f9..afc2a1d 100644
--- a/contents/namespace/sphal.cc
+++ b/contents/namespace/sphal.cc
@@ -14,6 +14,16 @@
* limitations under the License.
*/
+// SP-HAL(Sameprocess-HAL)s are the only vendor libraries that are allowed to be
+// loaded inside system processes. libEGL_<chipset>.so, libGLESv2_<chipset>.so,
+// android.hardware.graphics.mapper@2.0-impl.so, etc are SP-HALs.
+//
+// This namespace is exclusivly for SP-HALs. When the framework tries to
+// dynamically load SP-HALs, android_dlopen_ext() is used to explicitly specify
+// that they should be searched and loaded from this namespace.
+//
+// Note that there is no link from the default namespace to this namespace.
+
#include "linkerconfig/namespacebuilder.h"
using android::linkerconfig::modules::AsanPath;
@@ -23,6 +33,8 @@
namespace linkerconfig {
namespace contents {
Namespace BuildSphalNamespace([[maybe_unused]] const Context& ctx) {
+ // Visible to allow use with android_dlopen_ext, and with
+ // android_link_namespaces in libnativeloader.
Namespace ns("sphal", /*is_isolated=*/true, /*is_visible=*/true);
ns.AddSearchPath("/odm/${LIB}", AsanPath::WITH_DATA_ASAN);
ns.AddSearchPath("/vendor/${LIB}", AsanPath::WITH_DATA_ASAN);
@@ -32,6 +44,10 @@
ns.AddPermittedPath("/vendor/${LIB}", AsanPath::WITH_DATA_ASAN);
ns.AddPermittedPath("/system/vendor/${LIB}", AsanPath::NONE);
+ // Once in this namespace, access to libraries in /system/lib is restricted.
+ // Only libs listed here can be used. Order is important here as the
+ // namespaces are tried in this order. rs should be before vndk because both
+ // are capable of loading libRS_internal.so
ns.GetLink("rs").AddSharedLib("libRS_internal.so");
ns.GetLink(ctx.GetSystemNamespaceName()).AddSharedLib("@{LLNDK_LIBRARIES:}");
ns.GetLink("vndk").AddSharedLib("@{VNDK_SAMEPROCESS_LIBRARIES:}");
diff --git a/contents/namespace/system.cc b/contents/namespace/system.cc
index 841abbb..262a162 100644
--- a/contents/namespace/system.cc
+++ b/contents/namespace/system.cc
@@ -14,6 +14,9 @@
* limitations under the License.
*/
+// This namespace is where system libs (VNDK and LLNDK libs) are loaded for a
+// vendor process.
+
#include "linkerconfig/namespacebuilder.h"
using android::linkerconfig::modules::AsanPath;
diff --git a/contents/namespace/systemdefault.cc b/contents/namespace/systemdefault.cc
index 03bee7c..1d7563b 100644
--- a/contents/namespace/systemdefault.cc
+++ b/contents/namespace/systemdefault.cc
@@ -14,6 +14,9 @@
* limitations under the License.
*/
+// Framework-side code runs in this namespace. Libs from /vendor partition can't
+// be loaded in this namespace.
+
#include "linkerconfig/environment.h"
#include "linkerconfig/namespace.h"
#include "linkerconfig/namespacebuilder.h"
@@ -22,6 +25,8 @@
using android::linkerconfig::modules::Namespace;
namespace {
+
+// Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
const std::vector<std::string> kLibsFromArt = {
"libdexfile_external.so",
"libdexfiled_external.so",
@@ -29,6 +34,7 @@
"libnativehelper.so",
"libnativeloader.so",
"libandroidicu.so",
+ // TODO(b/122876336): Remove libpac.so once it's migrated to Webview
"libpac.so",
// TODO(b/120786417 or b/134659294): libicuuc.so
// and libicui18n.so are kept for app compat.
@@ -36,15 +42,24 @@
"libicuuc.so",
};
+// We can't have entire /system/${LIB} as permitted paths because doing so makes
+// it possible to load libs in /system/${LIB}/vndk* directories by their
+// absolute paths, e.g. dlopen("/system/lib/vndk/libbase.so"). VNDK libs are
+// built with previous versions of Android and thus must not be loaded into this
+// namespace where libs built with the current version of Android are loaded.
+// Mixing the two types of libs in the same namespace can cause unexpected
+// problems.
const std::vector<std::string> kPermittedPaths = {
"/system/${LIB}/drm",
"/system/${LIB}/extractors",
"/system/${LIB}/hw",
"/@{SYSTEM_EXT:system_ext}/${LIB}",
"/@{PRODUCT:product}/${LIB}",
+
// These are where odex files are located. libart has to be able to
// dlopen the files
"/system/framework",
+
"/system/app",
"/system/priv-app",
"/@{SYSTEM_EXT:system_ext}/framework",
@@ -80,6 +95,8 @@
namespace contents {
Namespace BuildSystemDefaultNamespace([[maybe_unused]] const Context& ctx) {
bool is_fully_treblelized = ctx.IsDefaultConfig();
+ // Visible to allow links to be created at runtime, e.g. through
+ // android_link_namespaces in libnativeloader.
Namespace ns("default",
/*is_isolated=*/is_fully_treblelized,
/*is_visible=*/true);
diff --git a/contents/namespace/unrestricteddefault.cc b/contents/namespace/unrestricteddefault.cc
index 11408a4..24c1474 100644
--- a/contents/namespace/unrestricteddefault.cc
+++ b/contents/namespace/unrestricteddefault.cc
@@ -23,6 +23,8 @@
using android::linkerconfig::modules::Namespace;
namespace {
+
+// Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
const std::vector<std::string> kLibsFromArt = {
"libdexfile_external.so",
"libdexfiled_external.so",
@@ -35,6 +37,7 @@
// for app compat.
"libicui18n.so",
"libicuuc.so"};
+
} // namespace
namespace android {
diff --git a/contents/namespace/vendordefault.cc b/contents/namespace/vendordefault.cc
index efbfc03..3361a15 100644
--- a/contents/namespace/vendordefault.cc
+++ b/contents/namespace/vendordefault.cc
@@ -14,6 +14,9 @@
* limitations under the License.
*/
+// This is the default linker namespace for a vendor process (a process started
+// from /vendor/bin/*).
+
#include "linkerconfig/environment.h"
#include "linkerconfig/namespacebuilder.h"
@@ -22,6 +25,8 @@
using android::linkerconfig::modules::Namespace;
namespace {
+
+// Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
const std::vector<std::string> kVndkLiteArtLibs = {
"libdexfile_external.so",
"libdexfiled_external.so",
@@ -33,6 +38,7 @@
"libicui18n.so",
"libicuuc.so",
};
+
} // namespace
namespace android {
diff --git a/contents/namespace/vndk.cc b/contents/namespace/vndk.cc
index 2ffeef7..8b24c28 100644
--- a/contents/namespace/vndk.cc
+++ b/contents/namespace/vndk.cc
@@ -14,6 +14,8 @@
* limitations under the License.
*/
+// This namespace is exclusively for vndk-sp libs.
+
#include "linkerconfig/namespacebuilder.h"
#include "linkerconfig/environment.h"
@@ -27,6 +29,9 @@
Namespace BuildVndkNamespace([[maybe_unused]] const Context& ctx) {
bool is_system_section = ctx.IsSystemSection();
bool is_vndklite = ctx.IsVndkliteConfig();
+ // Isolated but visible when used in the [system] section to allow links to be
+ // created at runtime, e.g. through android_link_namespaces in
+ // libnativeloader. Otherwise it isn't isolated, so visibility doesn't matter.
Namespace ns("vndk",
/*is_isolated=*/is_system_section,
/*is_visible=*/is_system_section);
@@ -52,16 +57,25 @@
ns.AddPermittedPath("/system/vendor/${LIB}/hw", AsanPath::NONE);
}
ns.AddPermittedPath("/system/vendor/${LIB}/egl", AsanPath::NONE);
+
+ // This is exceptionally required since android.hidl.memory@1.0-impl.so is here
ns.AddPermittedPath("/apex/com.android.vndk.v@{VNDK_VER}/${LIB}/hw",
AsanPath::SAME_PATH);
}
+ // For the [vendor] section, the links should be identical to that of the
+ // 'vndk_in_system' namespace, except the links to 'default' and 'vndk_in_system'.
+
ns.GetLink(ctx.GetSystemNamespaceName()).AddSharedLib({"@{LLNDK_LIBRARIES}"});
if (!is_vndklite) {
if (is_system_section) {
+ // The "vndk" namespace links to the system namespace for LLNDK libs above
+ // and links to "sphal" namespace for vendor libs. The ordering matters;
+ // the system namespace has higher priority than the "sphal" namespace.
ns.GetLink("sphal").AllowAllSharedLibs();
} else {
+ // [vendor] section
ns.GetLink("default").AllowAllSharedLibs();
if (android::linkerconfig::modules::IsVndkInSystemNamespace()) {
diff --git a/contents/namespace/vndkinsystem.cc b/contents/namespace/vndkinsystem.cc
index 87beb8b..0bee29b 100644
--- a/contents/namespace/vndkinsystem.cc
+++ b/contents/namespace/vndkinsystem.cc
@@ -14,6 +14,17 @@
* limitations under the License.
*/
+// This namespace is where no-vendor-variant VNDK libraries are loaded for a
+// vendor process. Note that we do not simply export these libraries from the
+// "system" namespace, because in some cases both the core variant and the
+// vendor variant of a VNDK library may be loaded. In such cases, we do not
+// want to eliminate double-loading because doing so means the global states
+// of the library would be shared.
+//
+// Only the no-vendor-variant VNDK libraries are whitelisted in this namespace.
+// This is to ensure that we do not load libraries needed by no-vendor-variant
+// VNDK libraries into vndk_in_system namespace.
+
#include "linkerconfig/namespacebuilder.h"
#include "linkerconfig/environment.h"
@@ -28,6 +39,7 @@
Namespace ns("vndk_in_system", /*is_isolated=*/true,
/*is_visible=*/true);
+ // The search paths here should be kept the same as that of the 'system' namespace.
ns.AddSearchPath("/system/${LIB}", AsanPath::WITH_DATA_ASAN);
ns.AddSearchPath("/@{SYSTEM_EXT:system_ext}/${LIB}", AsanPath::WITH_DATA_ASAN);
ns.AddSearchPath("/@{PRODUCT:product}/${LIB}", AsanPath::WITH_DATA_ASAN);
@@ -36,6 +48,11 @@
ns.AddWhitelisted("@{VNDK_USING_CORE_VARIANT_LIBRARIES}");
}
+ // The links here should be identical to that of the 'vndk' namespace for the
+ // [vendor] section, with the following exceptions:
+ // 1. 'vndk_in_system' needs to be freely linked back to 'vndk'.
+ // 2. 'vndk_in_system' does not need to link to 'default', as any library that
+ // requires anything vendor would not be a vndk_in_system library.
ns.GetLink(ctx.GetSystemNamespaceName()).AddSharedLib("@{LLNDK_LIBRARIES}");
ns.GetLink("vndk").AllowAllSharedLibs();
ns.GetLink("neuralnetworks").AddSharedLib("libneuralnetworks.so");
diff --git a/contents/section/postinstall.cc b/contents/section/postinstall.cc
index 0f54c45..4091e4f 100644
--- a/contents/section/postinstall.cc
+++ b/contents/section/postinstall.cc
@@ -14,6 +14,13 @@
* limitations under the License.
*/
+// Namespace config for binaries under /postinstall.
+// Only default namespace is defined and default has no directories
+// other than /system/lib in the search paths. This is because linker calls
+// realpath on the search paths and this causes selinux denial if the paths
+// (/vendor, /odm) are not allowed to the postinstall binaries. There is no
+// reason to allow the binaries to access the paths.
+
#include "linkerconfig/sectionbuilder.h"
#include "linkerconfig/namespacebuilder.h"
@@ -35,4 +42,4 @@
}
} // namespace contents
} // namespace linkerconfig
-} // namespace android
\ No newline at end of file
+} // namespace android
diff --git a/contents/section/unrestricted.cc b/contents/section/unrestricted.cc
index ae57426..de94b55 100644
--- a/contents/section/unrestricted.cc
+++ b/contents/section/unrestricted.cc
@@ -14,6 +14,11 @@
* limitations under the License.
*/
+// Linker config for native tests that need access to both system and vendor
+// libraries. This replicates the default linker config (done by
+// init_default_namespace_no_config in bionic/linker/linker.cpp), except that it
+// includes the requisite namespace setup for APEXes.
+
#include "linkerconfig/sectionbuilder.h"
#include "linkerconfig/common.h"
diff --git a/contents/section/vendor.cc b/contents/section/vendor.cc
index f872be3..9aab0db 100644
--- a/contents/section/vendor.cc
+++ b/contents/section/vendor.cc
@@ -14,6 +14,8 @@
* limitations under the License.
*/
+// Namespace config for vendor processes.
+
#include "linkerconfig/sectionbuilder.h"
#include "linkerconfig/common.h"