summaryrefslogtreecommitdiffstats
path: root/libnativeloader/native_loader.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'libnativeloader/native_loader.cpp')
-rw-r--r--libnativeloader/native_loader.cpp78
1 files changed, 72 insertions, 6 deletions
diff --git a/libnativeloader/native_loader.cpp b/libnativeloader/native_loader.cpp
index 7ccd7db95..5d160eee7 100644
--- a/libnativeloader/native_loader.cpp
+++ b/libnativeloader/native_loader.cpp
@@ -82,6 +82,11 @@ static constexpr const char* kPublicNativeLibrariesSystemConfigPathFromRoot =
82 "/etc/public.libraries.txt"; 82 "/etc/public.libraries.txt";
83static constexpr const char* kPublicNativeLibrariesVendorConfig = 83static constexpr const char* kPublicNativeLibrariesVendorConfig =
84 "/vendor/etc/public.libraries.txt"; 84 "/vendor/etc/public.libraries.txt";
85static constexpr const char* kLlndkNativeLibrariesSystemConfigPathFromRoot =
86 "/etc/llndk.libraries.txt";
87static constexpr const char* kVndkspNativeLibrariesSystemConfigPathFromRoot =
88 "/etc/vndksp.libraries.txt";
89
85 90
86// The device may be configured to have the vendor libraries loaded to a separate namespace. 91// The device may be configured to have the vendor libraries loaded to a separate namespace.
87// For historical reasons this namespace was named sphal but effectively it is intended 92// For historical reasons this namespace was named sphal but effectively it is intended
@@ -89,6 +94,11 @@ static constexpr const char* kPublicNativeLibrariesVendorConfig =
89// vendor and system namespaces. 94// vendor and system namespaces.
90static constexpr const char* kVendorNamespaceName = "sphal"; 95static constexpr const char* kVendorNamespaceName = "sphal";
91 96
97static constexpr const char* kVndkNamespaceName = "vndk";
98
99static constexpr const char* kClassloaderNamespaceName = "classloader-namespace";
100static constexpr const char* kVendorClassloaderNamespaceName = "vendor-classloader-namespace";
101
92// (http://b/27588281) This is a workaround for apps using custom classloaders and calling 102// (http://b/27588281) This is a workaround for apps using custom classloaders and calling
93// System.load() with an absolute path which is outside of the classloader library search path. 103// System.load() with an absolute path which is outside of the classloader library search path.
94// This list includes all directories app is allowed to access this way. 104// This list includes all directories app is allowed to access this way.
@@ -108,6 +118,7 @@ class LibraryNamespaces {
108 uint32_t target_sdk_version, 118 uint32_t target_sdk_version,
109 jobject class_loader, 119 jobject class_loader,
110 bool is_shared, 120 bool is_shared,
121 bool is_for_vendor,
111 jstring java_library_path, 122 jstring java_library_path,
112 jstring java_permitted_path, 123 jstring java_permitted_path,
113 NativeLoaderNamespace* ns, 124 NativeLoaderNamespace* ns,
@@ -163,9 +174,39 @@ class LibraryNamespaces {
163 is_native_bridge = NativeBridgeIsPathSupported(library_path.c_str()); 174 is_native_bridge = NativeBridgeIsPathSupported(library_path.c_str());
164 } 175 }
165 176
177 std::string system_exposed_libraries = system_public_libraries_;
178 const char* namespace_name = kClassloaderNamespaceName;
179 android_namespace_t* vndk_ns = nullptr;
180 if (is_for_vendor && !is_shared) {
181 LOG_FATAL_IF(is_native_bridge, "Unbundled vendor apk must not use translated architecture");
182
183 // For vendor apks, give access to the vendor lib even though
184 // they are treated as unbundled; the libs and apks are still bundled
185 // together in the vendor partition.
186#if defined(__LP64__)
187 std::string vendor_lib_path = "/vendor/lib64";
188#else
189 std::string vendor_lib_path = "/vendor/lib";
190#endif
191 library_path = library_path + ":" + vendor_lib_path.c_str();
192 permitted_path = permitted_path + ":" + vendor_lib_path.c_str();
193
194 // Also give access to LLNDK libraries since they are available to vendors
195 system_exposed_libraries = system_exposed_libraries + ":" + system_llndk_libraries_.c_str();
196
197 // Give access to VNDK-SP libraries from the 'vndk' namespace.
198 vndk_ns = android_get_exported_namespace(kVndkNamespaceName);
199 LOG_ALWAYS_FATAL_IF(vndk_ns == nullptr,
200 "Cannot find \"%s\" namespace for vendor apks", kVndkNamespaceName);
201
202 // Different name is useful for debugging
203 namespace_name = kVendorClassloaderNamespaceName;
204 ALOGD("classloader namespace configured for unbundled vendor apk. library_path=%s", library_path.c_str());
205 }
206
166 NativeLoaderNamespace native_loader_ns; 207 NativeLoaderNamespace native_loader_ns;
167 if (!is_native_bridge) { 208 if (!is_native_bridge) {
168 android_namespace_t* ns = android_create_namespace("classloader-namespace", 209 android_namespace_t* ns = android_create_namespace(namespace_name,
169 nullptr, 210 nullptr,
170 library_path.c_str(), 211 library_path.c_str(),
171 namespace_type, 212 namespace_type,
@@ -181,11 +222,19 @@ class LibraryNamespaces {
181 // which is expected behavior in this case. 222 // which is expected behavior in this case.
182 android_namespace_t* vendor_ns = android_get_exported_namespace(kVendorNamespaceName); 223 android_namespace_t* vendor_ns = android_get_exported_namespace(kVendorNamespaceName);
183 224
184 if (!android_link_namespaces(ns, nullptr, system_public_libraries_.c_str())) { 225 if (!android_link_namespaces(ns, nullptr, system_exposed_libraries.c_str())) {
185 *error_msg = dlerror(); 226 *error_msg = dlerror();
186 return false; 227 return false;
187 } 228 }
188 229
230 if (vndk_ns != nullptr && !system_vndksp_libraries_.empty()) {
231 // vendor apks are allowed to use VNDK-SP libraries.
232 if (!android_link_namespaces(ns, vndk_ns, system_vndksp_libraries_.c_str())) {
233 *error_msg = dlerror();
234 return false;
235 }
236 }
237
189 if (!vendor_public_libraries_.empty()) { 238 if (!vendor_public_libraries_.empty()) {
190 if (!android_link_namespaces(ns, vendor_ns, vendor_public_libraries_.c_str())) { 239 if (!android_link_namespaces(ns, vendor_ns, vendor_public_libraries_.c_str())) {
191 *error_msg = dlerror(); 240 *error_msg = dlerror();
@@ -195,7 +244,7 @@ class LibraryNamespaces {
195 244
196 native_loader_ns = NativeLoaderNamespace(ns); 245 native_loader_ns = NativeLoaderNamespace(ns);
197 } else { 246 } else {
198 native_bridge_namespace_t* ns = NativeBridgeCreateNamespace("classloader-namespace", 247 native_bridge_namespace_t* ns = NativeBridgeCreateNamespace(namespace_name,
199 nullptr, 248 nullptr,
200 library_path.c_str(), 249 library_path.c_str(),
201 namespace_type, 250 namespace_type,
@@ -209,7 +258,7 @@ class LibraryNamespaces {
209 258
210 native_bridge_namespace_t* vendor_ns = NativeBridgeGetVendorNamespace(); 259 native_bridge_namespace_t* vendor_ns = NativeBridgeGetVendorNamespace();
211 260
212 if (!NativeBridgeLinkNamespaces(ns, nullptr, system_public_libraries_.c_str())) { 261 if (!NativeBridgeLinkNamespaces(ns, nullptr, system_exposed_libraries.c_str())) {
213 *error_msg = NativeBridgeGetError(); 262 *error_msg = NativeBridgeGetError();
214 return false; 263 return false;
215 } 264 }
@@ -259,6 +308,10 @@ class LibraryNamespaces {
259 std::string root_dir = android_root_env != nullptr ? android_root_env : "/system"; 308 std::string root_dir = android_root_env != nullptr ? android_root_env : "/system";
260 std::string public_native_libraries_system_config = 309 std::string public_native_libraries_system_config =
261 root_dir + kPublicNativeLibrariesSystemConfigPathFromRoot; 310 root_dir + kPublicNativeLibrariesSystemConfigPathFromRoot;
311 std::string llndk_native_libraries_system_config =
312 root_dir + kLlndkNativeLibrariesSystemConfigPathFromRoot;
313 std::string vndksp_native_libraries_system_config =
314 root_dir + kVndkspNativeLibrariesSystemConfigPathFromRoot;
262 315
263 std::string error_msg; 316 std::string error_msg;
264 LOG_ALWAYS_FATAL_IF(!ReadConfig(public_native_libraries_system_config, &sonames, &error_msg), 317 LOG_ALWAYS_FATAL_IF(!ReadConfig(public_native_libraries_system_config, &sonames, &error_msg),
@@ -294,6 +347,14 @@ class LibraryNamespaces {
294 system_public_libraries_ = base::Join(sonames, ':'); 347 system_public_libraries_ = base::Join(sonames, ':');
295 348
296 sonames.clear(); 349 sonames.clear();
350 ReadConfig(kLlndkNativeLibrariesSystemConfigPathFromRoot, &sonames);
351 system_llndk_libraries_ = base::Join(sonames, ':');
352
353 sonames.clear();
354 ReadConfig(kVndkspNativeLibrariesSystemConfigPathFromRoot, &sonames);
355 system_vndksp_libraries_ = base::Join(sonames, ':');
356
357 sonames.clear();
297 // This file is optional, quietly ignore if the file does not exist. 358 // This file is optional, quietly ignore if the file does not exist.
298 ReadConfig(kPublicNativeLibrariesVendorConfig, &sonames); 359 ReadConfig(kPublicNativeLibrariesVendorConfig, &sonames);
299 360
@@ -404,6 +465,8 @@ class LibraryNamespaces {
404 std::vector<std::pair<jweak, NativeLoaderNamespace>> namespaces_; 465 std::vector<std::pair<jweak, NativeLoaderNamespace>> namespaces_;
405 std::string system_public_libraries_; 466 std::string system_public_libraries_;
406 std::string vendor_public_libraries_; 467 std::string vendor_public_libraries_;
468 std::string system_llndk_libraries_;
469 std::string system_vndksp_libraries_;
407 470
408 DISALLOW_COPY_AND_ASSIGN(LibraryNamespaces); 471 DISALLOW_COPY_AND_ASSIGN(LibraryNamespaces);
409}; 472};
@@ -430,6 +493,7 @@ jstring CreateClassLoaderNamespace(JNIEnv* env,
430 int32_t target_sdk_version, 493 int32_t target_sdk_version,
431 jobject class_loader, 494 jobject class_loader,
432 bool is_shared, 495 bool is_shared,
496 bool is_for_vendor,
433 jstring library_path, 497 jstring library_path,
434 jstring permitted_path) { 498 jstring permitted_path) {
435#if defined(__ANDROID__) 499#if defined(__ANDROID__)
@@ -441,6 +505,7 @@ jstring CreateClassLoaderNamespace(JNIEnv* env,
441 target_sdk_version, 505 target_sdk_version,
442 class_loader, 506 class_loader,
443 is_shared, 507 is_shared,
508 is_for_vendor,
444 library_path, 509 library_path,
445 permitted_path, 510 permitted_path,
446 &ns, 511 &ns,
@@ -449,7 +514,7 @@ jstring CreateClassLoaderNamespace(JNIEnv* env,
449 return env->NewStringUTF(error_msg.c_str()); 514 return env->NewStringUTF(error_msg.c_str());
450 } 515 }
451#else 516#else
452 UNUSED(env, target_sdk_version, class_loader, is_shared, 517 UNUSED(env, target_sdk_version, class_loader, is_shared, is_for_vendor,
453 library_path, permitted_path); 518 library_path, permitted_path);
454#endif 519#endif
455 return nullptr; 520 return nullptr;
@@ -478,7 +543,8 @@ void* OpenNativeLibrary(JNIEnv* env,
478 if (!g_namespaces->Create(env, 543 if (!g_namespaces->Create(env,
479 target_sdk_version, 544 target_sdk_version,
480 class_loader, 545 class_loader,
481 false, 546 false /* is_shared */,
547 false /* is_for_vendor */,
482 library_path, 548 library_path,
483 nullptr, 549 nullptr,
484 &ns, 550 &ns,
generated by cgit v1.2.3 (git 2.39.2)