| Age | Commit message (Collapse) | Author |
|---|
|
This CL changes the linker to point to the newly refactored location
of ASAN-ified libraries on disk.
This supports changes made by the following CLs -
https://android-review.googlesource.com/#/c/359087/
https://android-review.googlesource.com/#/c/359389/
Which refactor the on-disk location as follows:
/data/lib* --> /data/asan/system/lib*
/data/vendor/* --> /data/asan/vendor/*
There are a couple of advantages to this, including better isolation
from other components, and more transparent linker renaming and
SELinux policies.
Bug: 36574794
Bug: 36674745
Test: m -j40 && SANITIZE_TARGET="address" m -j40 and the device
boots. All sanitized libraries are correctly located in /data/asan/*.
Change-Id: Iad8b298a66c38eb0f6327f6b51027f0728aa7a40
|
|
When looking for already loaded libraries include
linked namespaces to the search, but check if
the library is accessible from the main namespace.
Bug: http://b/36008422
Bug: http://b/35417197
Bug: http://b/34052337
Bug: http://b/36660652
Bug: https://issuetracker.google.com/36636090
Test: run bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: Ic7c1d48114da3ca5dc6512ef03f595dd17b6ed17
|
|
|
|
This addresses outstanding todo for anonymous namespace
and fixes an app compatibility bug.
Bug: http://b/36008422
Test: start app from http://b/36008422 and make sure it runs
Change-Id: Ie148418b944379ee1000e7274f2f6c1eca511d6c
|
|
|
|
|
|
This change allows customization of default namespace
configuration for different executables. It also enables
target_sdk_version setup for binaries (note that this
option should explicitly be enabled in ld.config.txt).
Bug: http://b/30706810
Bug: http://b/30435785
Test: run linker-unit-tests/bionic-unit-tests, boot angler
Change-Id: Ibbe87209acf1538fc9cec04944f3d22a190c38f1
|
|
Bug: http://b/27195126
Test: manual: adb shell atrace -t 5 bionic
and run bionic-unit-tests --gtest_filter=dl*
Change-Id: I9e93a069dd440bb643890d9952913938442ac375
|
|
Bug: http://b/27195126
Test: manual: adb shell atrace -t 5 bionic
and run bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: Ib2bad794e571b89bd1f52c9e0de642c2092e5c21
|
|
This reverts commit 1daa18e73714150e26c4380840c793e406c11095.
To be replaced with customized linker-namespaces for different kind of binaries.
Bug: http://b/34407260
Change-Id: Ib4e480669bbdf44ee4f59bf05f07d3e082c348c9
Test: m
|
|
|
|
Specifically, this change would translate /system/lib/hw/foo.so to /data/lib/hw/foo.so.
Bug: 30320104
Test: in SANITIZE_TARGET=address build, /proc/$PID/maps for
system_server show libraries from /data/lib64/hw and not from
/system/lib64/hw.
Change-Id: Ia1fa22fa1ca088fe76e41308762efe037541fc74
|
|
Due to b/33681361, libraries are now installed to different paths than
before. In order for linker to load libraries from the new paths, the
default lib paths are updated.
However, this patch is temporary; different paths must be used depending
on whether the process is executing vendor executable or framework
executable. For example, vendor executable should not be able to access
/system/lib/, which is for framework-internal libs. Similarly,
framework executables should not be able to access /vendor/lib.
We have several solutions (linker namespace and DT_RUNPATH) to support
the scenario, but haven't concluded which is better. Furthermore, if we
restrict the search path right now, it will break many parts of Android
that are not yet prepared for the restriction. So, until then, we
temporarily use the single search path for both framework/vendor
executables.
Test: build & run
Change-Id: I806e9b4379bce96653b1dd3354b9f4801abb0411
|
|
Anonymous namesapce is zygote-specific workaround and
is not really required for other binaries.
This change allows creating namespaces without initializing
anonymous namespace.
Test: bionic-unit-tests
Change-Id: I62adc39ad69ce56b3760d36f45e3c0487c438598
|
|
Test: boot, run bionic-unit-tests
Change-Id: Id05d53475cbea6d62bd5fa1ab5e457ac82bab523
|
|
Do not load second copy of libraries that are supposed to
be provided by linked namespaces. Also do not print
error in the log if caller tries to open shared library
using absolute path for apps targeting N+.
Bug: http://b/35454141
Bug: http://b/26833548
Bug: http://b/35338922
Test: run bionic-unit-tests --gtest_filter=dl*
Change-Id: Icf3aeedff18d287d2ba0b3df3808b100f3ef5f7a
|
|
|
|
In the case when there are multiple dependencies on
the same library in the local_group the unload may
in some situations (covered now by tests) result
calling d-tors for some libraries prematurely.
In order to have correct call order loader checks if this
is last dependency in local group before adding it to BFS
queue.
Bug: http://b/35201832
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Test: bionic-unit-tests-glibc --gtest_filter=dl*
Change-Id: I4c6955b9032acc7147a51d9f09b61d9e0818700c
|
|
This commit updates interface of libdl.c.
1. android_init_namespaces is replaces with android_init_anonymous_namespace
2. added 2 arguments to android_create_namespace to specify linked namespace
and the list of shared libraries sonames.
3. symbol lookup does not get past boundary libraries (added check and test for it).
Bug: http://b/26833548
Bug: http://b/21879602
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I32921da487a02e5bd0d2fc528904d1228394bfb9
|
|
Replace public library list with shared lib sonames
which are property of a link between namespaces
This change does not touch any external interfaces
so from outside it behaves almost as it was before
One significant difference is that there is no longer
need to preload public libraries.
Bug: http://b/26833548
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I57e44e18a9b4f07dcd6556436346be52f52b79d7
|
|
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: Id3b17a79732155b4e469c43c764afef1dfc59057
|
|
This workaround was introduced in M in order to make sure
that linker loads libraries provided in apk in case a library
with the same name was loaded by the system.
This is no longer a problem starting with Android N because
app is using different namespace and therefore does not see
libraries loaded by the system.
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I9995258c0f361e8df35420682b84e85a0cb924b4
|
|
Control Flow Integrity support in bionic.
General design:
http://clang.llvm.org/docs/ControlFlowIntegrityDesign.html#shared-library-support
This CL implements subsections "CFI Shadow" and "CFI_SlowPath" in the above document.
Bug: 22033465
Test: bionic device tests
Change-Id: I14dfea630de468eb5620e7f55f92b1397ba06217
|
|
Add dlsym option to debug.ld.all and debug.ld.app.<appname> which
enables logging of dlsym calls.
Bug: http://b/29458203
Test: flash, set debug.ld.all to dlsym and check
if there are messages in logcat
Change-Id: I9cb815a38b5b98aac9ebe3ac1540bcdedd2e8db0
|
|
Do not hijack libdl.so methods but make libdl proxy calls to
loader instead. This will be replaces by calls to libc.so
once loader functionality is migrated.
Also add a lock to dl_unwind_find_exidx function call.
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Bug: http://b/27106625
Change-Id: Ic33a7109a86f4262798d63a35f4c61d15b0068bb
|
|
Bionic Loader now resolves real path for a library before running
asan path-translation. This fixes situations for bundled loading
libraries which are effectively symlinks to system library;
for example:
$ adb shell ls -l /system/app/NfcNci/lib/arm64/libnfc_nci_jni.so
/system/app/NfcNci/lib/arm64/libnfc_nci_jni.so -> /system/lib64/libnfc_nci_jni.so
Bug: http://b/33278445
Test: make and boot
Change-Id: If14a12087c92f8ca628504556332ba0cb67c9118
|
|
Log call to constructors when dlopen logging is enabled.
Bug: http://b/29458203
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
Change-Id: I0cd591bf147f8f910ae9def1ac4089ef44099aff
|
|
|
|
Test: bionic tests still pass
Change-Id: If1b619cfc9db1d3f5d91f14f2ace71058dca0c4a
|
|
Test: mm
Change-Id: I4b88602b7d0a18664cbeddfa9854e589c2886e1a
|
|
Make sure android fails to load them.
Bug: http://b/30795430
Test: bionic-unit-tests --gtest_filter=dlfcn.dlopen_invalid*
Test: cts-tradefed run singleCommand cts --skip-preconditions -m CtsBionicTestCases
Change-Id: Id0ebdf336b2f297007479ceb1bbccf778a7ca3f2
|
|
Android N restrict which libraries C/C++ code
can link against at runtime.
If device has a vendor partition
then /system/vendor symlink to /vendor.
Otherwise /vendor symlink to /system/vendor.
But is_system_library() is only checking /vendor/lib.
It will return false for /system/vendor/lib path.
It is need to add a real path to default library path.
Similarily, default ld library path is already checking.
parse_LD_LIBRARY_PATH()->parse_path()->resolve_paths()
Test: build bionic and run bionic-unit-tests
Bug: http://b/31919547
Change-Id: Ie6777e2b02729948ce77a94de32343d40358bf2c
Signed-off-by: Hyangseok Chae <neo.chae@lge.com>
(cherry picked from commit 2589f9de6473a2030594e2c5e95541f00eb2dc7a)
|
|
Android N restrict which libraries C/C++ code
can link against at runtime.
If device has a vendor partition
then /system/vendor symlink to /vendor.
Otherwise /vendor symlink to /system/vendor.
But is_system_library() is only checking /vendor/lib.
It will return false for /system/vendor/lib path.
It is need to add a real path to default library path.
Similarily, default ld library path is already checking.
parse_LD_LIBRARY_PATH()->parse_path()->resolve_paths()
Test: build bionic and run bionic-unit-tests
Bug: http://b/31919547
Change-Id: Ie6777e2b02729948ce77a94de32343d40358bf2c
Signed-off-by: Hyangseok Chae <neo.chae@lge.com>
|
|
Extract linker executable specific code to linker_main.cpp;
this part of code does not have a place in libdl.a/so.
Bug: http://b/14998480
Bug: http://b/30706810
Test: mm && run bionic-unit-tests
Change-Id: I90f7475e93a919b0f9525da22928089ad35b8f6c
|
|
The absolute path to an executable may no longer be valid for
example when the file is unlinked immediately after exec.
Using /proc/self/exe instead of absolute path solves this problem.
Bug: http://b/31084669
Test: Run the app from http://b/31084669 make sure executable starts
Test: by checking ps and /proc/<pid>/exe
Change-Id: I5c819f39ef0fc4fc71b05de71e8af9ede611f04c
(cherry picked from commit 7da4bbbe87a7eca742c6c45a76aaf191aa70d948)
|
|
The absolute path to an executable may no longer be valid for
example when the file is unlinked immediately after exec.
Using /proc/self/exe instead of absolute path solves this problem.
Bug: http://b/31084669
Test: Run the app from http://b/31084669 make sure executable starts
Test: by checking ps and /proc/<pid>/exe
Change-Id: I5c819f39ef0fc4fc71b05de71e8af9ede611f04c
(cherry picked from commit 7da4bbbe87a7eca742c6c45a76aaf191aa70d948)
|
|
The absolute path to an executable may no longer be valid for
example when the file is unlinked immediately after exec.
Using /proc/self/exe instead of absolute path solves this problem.
Bug: http://b/31084669
Test: Run the app from http://b/31084669 make sure executable starts
Test: by checking ps and /proc/<pid>/exe
Change-Id: I5c819f39ef0fc4fc71b05de71e8af9ede611f04c
|
|
open(2) can be used to open directories; use stat to
check that the file exists and is a regular file.
Addresses review comments for 5aa67675f853af9588ac9274ecf86d7858695ce2
Bug: http://b/30320104
Change-Id: Ia944db2f2f779a87ea01dd41dcd171e59c9bef01
|
|
This patch enables absolute path translation to instrumented library
when linker_asan is in use.
Test: adb shell cat /proc/<rlid pid>/maps | grep libril-qc-qmi-1.so
check that it is mapped from /data/vendor/lib64 and not /vendor/lib64
Bug: http://b/30320104
Change-Id: I3bc24754b192afc0a72d6f3801f7b42141ce715b
(cherry picked from commit 5aa67675f853af9588ac9274ecf86d7858695ce2)
|
|
This patch enables absolute path translation to instrumented library
when linker_asan is in use.
Test: adb shell cat /proc/<rlid pid>/maps | grep libril-qc-qmi-1.so
check that it is mapped from /data/vendor/lib64 and not /vendor/lib64
Bug: http://b/30320104
Change-Id: I3bc24754b192afc0a72d6f3801f7b42141ce715b
|
|
Change-Id: I88c5ba7f33825ae9b36992b32d30579ec4a66915
Test: lunch aosp_mips-eng && mm
|
|
Move soinfo and globals out of linker.cpp to
separate files.
Breaking up huge linker.cpp into smaller peaces
in order to make it easier to extract part of the
code that belongs to libdl.so and remove parts of
the code that do not belong to linker
(refactoring part 2 of many)
Change-Id: I868417f4b8d2b84d0e8265e354bc7977161497e2
|
|
Breaking up huge linker.cpp into smaller peaces
in order to make it easier to extract part of the
code that belongs to libdl.so and remove parts of
the code that do not belong to linker
(refactoring part 1 of many)
Change-Id: I57ac36677a815800dc127c8c45c3ea806c37e247
Test: bionic-unit-tests --gtest_filter=dl*:Dl*
|
|
This change includes dlwarning implementation and
the compatibility greylist for apps targeting pre-N.
Change-Id: Ibf02a07cc58cbbb1a5aef4ac34558c5d43e4305f
Test: Run bionic-unit-tests --gtest_filter=dl*:Dl*
|
|
The glibc implementation of the loader passes argc/argv/envp
to all elf constructors. This change makes bionic linker
behave in the same way.
Bug: http://b/30145768
Change-Id: I1c65c42aa5305a5b133c64b5748205bbde869e0e
Test: run bionic-unit-tests --gtest_filter=dl*:Dl*
|
|
This patch lets developers tune logging of dlopen/dlerror with
setting system property.
Note that for security purposes this option is disabled on user build
for non-debuggable apps.
For starters there are 3 debug options:
dlerror - enables logging of all dlerrors
dlopen - traces dlopen calls
To enable system-wide logging (works only for userdebug/eng builds)
use debug.ld.all property.
To enable logging for particular app use debug.ld.app.<appname> property.
Example: Running "adb shell setprop debug.ld.all dlerror,dlopen" will log all
dlerror message as well as trace all calls to dlopen.
Bug: http://b/29458203
Change-Id: I2392c80a795509e16fe5689d0500d18b99772a64
|
|
|
|
If a public library is missing, make it clear that there is no
library with that soname that is missing. This can help diagnose
problems if a library exists, but the library doesn't have the right
soname.
Bug: 29400363
(cherry picked from commit 9a84d90c753dd934c3086322f6ba6b7a1f580c8c)
Change-Id: Ie2306a2e28aff779d07441dc8af078256b184f8a
|
|
If a public library is missing, make it clear that there is no
library with that soname that is missing. This can help diagnose
problems if a library exists, but the library doesn't have the right
soname.
Bug: 29400363
Change-Id: I6e782c76ef892fb18385d720b531e5177598a2b0
|
|
Bug: http://b/24414818
Change-Id: I524714e081a27df4d2046f0c8eb853a1b20592e6
|
