diff options
| author | Treehugger Robot <treehugger-gerrit@google.com> | 2020-08-02 14:48:01 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2020-08-02 14:48:01 +0000 |
| commit | 0f4bdb04fb4b803bbf19850c86cc9270d64a06b9 (patch) | |
| tree | 7b49e6acf916ebd6d20d7136baf1e804c3366eeb /linker | |
| parent | 89f907cfe444cc0f78de683549ec1350da36e39e (diff) | |
| parent | 30f2f053f27731e091923a162b91439ee667944f (diff) | |
Merge "linker: Cleanup for Android's inclusive language guidance"
Diffstat (limited to 'linker')
| -rw-r--r-- | linker/ld.config.format.md | 4 | ||||
| -rw-r--r-- | linker/linker.cpp | 2 | ||||
| -rw-r--r-- | linker/linker_config.cpp | 14 | ||||
| -rw-r--r-- | linker/linker_config.h | 11 | ||||
| -rw-r--r-- | linker/linker_config_test.cpp | 8 | ||||
| -rw-r--r-- | linker/linker_namespaces.cpp | 5 | ||||
| -rw-r--r-- | linker/linker_namespaces.h | 14 |
7 files changed, 32 insertions, 26 deletions
diff --git a/linker/ld.config.format.md b/linker/ld.config.format.md index f9fbcde3f..a16efa4cc 100644 --- a/linker/ld.config.format.md +++ b/linker/ld.config.format.md @@ -80,7 +80,9 @@ namespace.ns1.asan.permitted.paths = /data/vendor/${LIB} namespace.ns.links = default namespace.ns.link.default.shared_libs = libc.so:libdl.so:libm.so:libstdc++.so -# This defines what libraries are allowed to be loaded from ns1 +# [Deprecated] This defines what libraries are allowed to be loaded from ns1 namespace.ns1.whitelisted = libsomething.so +# This defines what libraries are allowed to be loaded from ns1 +namespace.ns1.allowed_libs = libsomething2.so ``` diff --git a/linker/linker.cpp b/linker/linker.cpp index 6da315e7d..9e0584e00 100644 --- a/linker/linker.cpp +++ b/linker/linker.cpp @@ -3500,7 +3500,7 @@ std::vector<android_namespace_t*> init_default_namespaces(const char* executable ns->set_isolated(ns_config->isolated()); ns->set_default_library_paths(ns_config->search_paths()); ns->set_permitted_paths(ns_config->permitted_paths()); - ns->set_whitelisted_libs(ns_config->whitelisted_libs()); + ns->set_allowed_libs(ns_config->allowed_libs()); namespaces[ns_config->name()] = ns; if (ns_config->visible()) { diff --git a/linker/linker_config.cpp b/linker/linker_config.cpp index aaa3a0314..1771e8706 100644 --- a/linker/linker_config.cpp +++ b/linker/linker_config.cpp @@ -326,7 +326,8 @@ static bool parse_config_file(const char* ld_config_file_path, (*properties)[name].append_value(std::move(value)); } else if (android::base::EndsWith(name, ".paths") || android::base::EndsWith(name, ".shared_libs") || - android::base::EndsWith(name, ".whitelisted")) { + android::base::EndsWith(name, ".whitelisted") || + android::base::EndsWith(name, ".allowed_libs")) { value = ":" + value; (*properties)[name].append_value(std::move(value)); } else { @@ -564,10 +565,15 @@ bool Config::read_binary_config(const char* ld_config_file_path, ns_config->set_isolated(properties.get_bool(property_name_prefix + ".isolated")); ns_config->set_visible(properties.get_bool(property_name_prefix + ".visible")); - std::string whitelisted = + std::string allowed_libs = properties.get_string(property_name_prefix + ".whitelisted", &lineno); - if (!whitelisted.empty()) { - ns_config->set_whitelisted_libs(android::base::Split(whitelisted, ":")); + const std::string libs = properties.get_string(property_name_prefix + ".allowed_libs", &lineno); + if (!allowed_libs.empty() && !libs.empty()) { + allowed_libs += ":"; + } + allowed_libs += libs; + if (!allowed_libs.empty()) { + ns_config->set_allowed_libs(android::base::Split(allowed_libs, ":")); } // these are affected by is_asan flag diff --git a/linker/linker_config.h b/linker/linker_config.h index 673314870..fe23ec169 100644 --- a/linker/linker_config.h +++ b/linker/linker_config.h @@ -98,9 +98,7 @@ class NamespaceConfig { return permitted_paths_; } - const std::vector<std::string>& whitelisted_libs() const { - return whitelisted_libs_; - } + const std::vector<std::string>& allowed_libs() const { return allowed_libs_; } const std::vector<NamespaceLinkConfig>& links() const { return namespace_links_; @@ -127,16 +125,17 @@ class NamespaceConfig { permitted_paths_ = std::move(permitted_paths); } - void set_whitelisted_libs(std::vector<std::string>&& whitelisted_libs) { - whitelisted_libs_ = std::move(whitelisted_libs); + void set_allowed_libs(std::vector<std::string>&& allowed_libs) { + allowed_libs_ = std::move(allowed_libs); } + private: const std::string name_; bool isolated_; bool visible_; std::vector<std::string> search_paths_; std::vector<std::string> permitted_paths_; - std::vector<std::string> whitelisted_libs_; + std::vector<std::string> allowed_libs_; std::vector<NamespaceLinkConfig> namespace_links_; DISALLOW_IMPLICIT_CONSTRUCTORS(NamespaceConfig); diff --git a/linker/linker_config_test.cpp b/linker/linker_config_test.cpp index 3caa4d47f..acdf64173 100644 --- a/linker/linker_config_test.cpp +++ b/linker/linker_config_test.cpp @@ -91,6 +91,8 @@ static const char* config_str = "namespace.vndk_in_system.permitted.paths = /system/${LIB}\n" "namespace.vndk_in_system.whitelisted = libz.so:libyuv.so\n" "namespace.vndk_in_system.whitelisted += libtinyxml2.so\n" + "namespace.vndk_in_system.allowed_libs = libfoo.so:libbar.so\n" + "namespace.vndk_in_system.allowed_libs += libtinyxml3.so\n" "\n"; // clang-format on @@ -215,9 +217,9 @@ static void run_linker_config_smoke_test(bool is_asan) { ASSERT_TRUE(ns_vndk_links[0].allow_all_shared_libs()); ASSERT_TRUE(ns_vndk_in_system != nullptr) << "vndk_in_system namespace was not found"; - ASSERT_EQ( - std::vector<std::string>({"libz.so", "libyuv.so", "libtinyxml2.so"}), - ns_vndk_in_system->whitelisted_libs()); + ASSERT_EQ(std::vector<std::string>({"libz.so", "libyuv.so", "libtinyxml2.so", "libfoo.so", + "libbar.so", "libtinyxml3.so"}), + ns_vndk_in_system->allowed_libs()); } TEST(linker_config, smoke) { diff --git a/linker/linker_namespaces.cpp b/linker/linker_namespaces.cpp index b9936891d..518212971 100644 --- a/linker/linker_namespaces.cpp +++ b/linker/linker_namespaces.cpp @@ -39,10 +39,9 @@ bool android_namespace_t::is_accessible(const std::string& file) { return true; } - if (!whitelisted_libs_.empty()) { + if (!allowed_libs_.empty()) { const char *lib_name = basename(file.c_str()); - if (std::find(whitelisted_libs_.begin(), whitelisted_libs_.end(), - lib_name) == whitelisted_libs_.end()) { + if (std::find(allowed_libs_.begin(), allowed_libs_.end(), lib_name) == allowed_libs_.end()) { return false; } } diff --git a/linker/linker_namespaces.h b/linker/linker_namespaces.h index 6843ebc89..3c2dc20c8 100644 --- a/linker/linker_namespaces.h +++ b/linker/linker_namespaces.h @@ -118,14 +118,12 @@ struct android_namespace_t { permitted_paths_ = permitted_paths; } - const std::vector<std::string>& get_whitelisted_libs() const { - return whitelisted_libs_; + const std::vector<std::string>& get_allowed_libs() const { return allowed_libs_; } + void set_allowed_libs(std::vector<std::string>&& allowed_libs) { + allowed_libs_ = std::move(allowed_libs); } - void set_whitelisted_libs(std::vector<std::string>&& whitelisted_libs) { - whitelisted_libs_ = std::move(whitelisted_libs); - } - void set_whitelisted_libs(const std::vector<std::string>& whitelisted_libs) { - whitelisted_libs_ = whitelisted_libs; + void set_allowed_libs(const std::vector<std::string>& allowed_libs) { + allowed_libs_ = allowed_libs; } const std::vector<android_namespace_link_t>& linked_namespaces() const { @@ -176,7 +174,7 @@ struct android_namespace_t { std::vector<std::string> ld_library_paths_; std::vector<std::string> default_library_paths_; std::vector<std::string> permitted_paths_; - std::vector<std::string> whitelisted_libs_; + std::vector<std::string> allowed_libs_; // Loader looks into linked namespace if it was not able // to find a library in this namespace. Note that library // lookup in linked namespaces are limited by the list of |