openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Don't shared oem-defined libs to vendor apks 

OEM-defined libs in /system/etc/public.libraries-<companyname>.txt files
are not available to apks in the vendor partition, otherwise we are
allowing vendor -> system dependency, which is a Treble violation.

Bug: 71561542
Test: mm -j under system/core/libnativeloader/test and runtest.sh
the four libs (lib[foo|bar].[oem1|oem2].so are all loaded in
android.app.test.system app but not in android.app.test.vendor app

Change-Id: Ie5d9160ae4dc2a64beb6507602ee5a1db6518875
This commit is contained in:
Jiyong Park 2018-01-15 21:14:53 +09:00
parent 854eb6cf78
commit e031994f2f
6 changed files with 168 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
libnativeloader/native_loader.cpp
View File

@ -236,6 +236,10 @@ class LibraryNamespaces {
// Different name is useful for debugging
namespace_name = kVendorClassloaderNamespaceName;
ALOGD("classloader namespace configured for unbundled vendor apk. library_path=%s", library_path.c_str());
} else if (!oem_public_libraries_.empty()) {
// oem_public_libraries are NOT available to vendor apks, otherwise it
// would be system->vendor violation.
system_exposed_libraries = system_exposed_libraries + ":" + oem_public_libraries_.c_str();
}
NativeLoaderNamespace native_loader_ns;
@ -353,9 +357,36 @@ class LibraryNamespaces {
"Error reading public native library list from \"%s\": %s",
public_native_libraries_system_config.c_str(), error_msg.c_str());
// For debuggable platform builds use ANDROID_ADDITIONAL_PUBLIC_LIBRARIES environment
// variable to add libraries to the list. This is intended for platform tests only.
if (is_debuggable()) {
const char* additional_libs = getenv("ANDROID_ADDITIONAL_PUBLIC_LIBRARIES");
if (additional_libs != nullptr && additional_libs[0] != '\0') {
std::vector<std::string> additional_libs_vector = base::Split(additional_libs, ":");
std::copy(additional_libs_vector.begin(), additional_libs_vector.end(),
std::back_inserter(sonames));
}
}
// android_init_namespaces() expects all the public libraries
// to be loaded so that they can be found by soname alone.
//
// TODO(dimitry): this is a bit misleading since we do not know
// if the vendor public library is going to be opened from /vendor/lib
// we might as well end up loading them from /system/lib
// For now we rely on CTS test to catch things like this but
// it should probably be addressed in the future.
for (const auto& soname : sonames) {
LOG_ALWAYS_FATAL_IF(dlopen(soname.c_str(), RTLD_NOW | RTLD_NODELETE) == nullptr,
"Error preloading public library %s: %s", soname.c_str(), dlerror());
}
system_public_libraries_ = base::Join(sonames, ':');
// read /system/etc/public.libraries-<companyname>.txt which contain partner defined
// system libs that are exposed to apps. The libs in the txt files must be
// named as lib<name>.<companyname>.so.
sonames.clear();
std::string dirname = base::Dirname(public_native_libraries_system_config);
std::unique_ptr<DIR, decltype(&closedir)> dir(opendir(dirname.c_str()), closedir);
if (dir != nullptr) {
@ -396,39 +427,12 @@ class LibraryNamespaces {
}
}
}
oem_public_libraries_ = base::Join(sonames, ':');
// Insert VNDK version to llndk and vndksp config file names.
insert_vndk_version_str(&llndk_native_libraries_system_config);
insert_vndk_version_str(&vndksp_native_libraries_system_config);
// For debuggable platform builds use ANDROID_ADDITIONAL_PUBLIC_LIBRARIES environment
// variable to add libraries to the list. This is intended for platform tests only.
if (is_debuggable()) {
const char* additional_libs = getenv("ANDROID_ADDITIONAL_PUBLIC_LIBRARIES");
if (additional_libs != nullptr && additional_libs[0] != '\0') {
std::vector<std::string> additional_libs_vector = base::Split(additional_libs, ":");
std::copy(additional_libs_vector.begin(),
additional_libs_vector.end(),
std::back_inserter(sonames));
}
}
// android_init_namespaces() expects all the public libraries
// to be loaded so that they can be found by soname alone.
//
// TODO(dimitry): this is a bit misleading since we do not know
// if the vendor public library is going to be opened from /vendor/lib
// we might as well end up loading them from /system/lib
// For now we rely on CTS test to catch things like this but
// it should probably be addressed in the future.
for (const auto& soname : sonames) {
LOG_ALWAYS_FATAL_IF(dlopen(soname.c_str(), RTLD_NOW | RTLD_NODELETE) == nullptr,
"Error preloading public library %s: %s",
soname.c_str(), dlerror());
}
system_public_libraries_ = base::Join(sonames, ':');
sonames.clear();
ReadConfig(llndk_native_libraries_system_config, &sonames, always_true);
system_llndk_libraries_ = base::Join(sonames, ':');
@ -554,6 +558,7 @@ class LibraryNamespaces {
std::vector<std::pair<jweak, NativeLoaderNamespace>> namespaces_;
std::string system_public_libraries_;
std::string vendor_public_libraries_;
std::string oem_public_libraries_;
std::string system_llndk_libraries_;
std::string system_vndksp_libraries_;

20
libnativeloader/test/Android.mk
View File

@ -28,3 +28,23 @@ LOCAL_SRC_FILES:= $(LOCAL_MODULE)
LOCAL_MODULE_CLASS := ETC
LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
include $(BUILD_PREBUILT)
include $(CLEAR_VARS)
LOCAL_PACKAGE_NAME := oemlibrarytest-system
LOCAL_MODULE_TAGS := tests
LOCAL_MANIFEST_FILE := system/AndroidManifest.xml
LOCAL_SRC_FILES := $(call all-java-files-under, src)
LOCAL_SDK_VERSION := current
LOCAL_PROGUARD_ENABLED := disabled
LOCAL_MODULE_PATH := $(TARGET_OUT_APPS)
include $(BUILD_PACKAGE)
include $(CLEAR_VARS)
LOCAL_PACKAGE_NAME := oemlibrarytest-vendor
LOCAL_MODULE_TAGS := tests
LOCAL_MANIFEST_FILE := vendor/AndroidManifest.xml
LOCAL_SRC_FILES := $(call all-java-files-under, src)
LOCAL_SDK_VERSION := current
LOCAL_PROGUARD_ENABLED := disabled
LOCAL_MODULE_PATH := $(TARGET_OUT_VENDOR_APPS)
include $(BUILD_PACKAGE)

11
libnativeloader/test/runtest.sh Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash
adb root
adb remount
adb sync
adb shell stop
adb shell start
sleep 5 # wait until device reboots
adb logcat -c;
adb shell am start -n android.test.app.system/android.test.app.TestActivity
adb shell am start -n android.test.app.vendor/android.test.app.TestActivity
adb logcat | grep android.test.app

42
libnativeloader/test/src/android/test/app/TestActivity.java Normal file
View File

@ -0,0 +1,42 @@
/*
* Copyright (C) 2018 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.test.app;
import android.app.Activity;
import android.os.Bundle;
import android.util.Log;
public class TestActivity extends Activity {
@Override
public void onCreate(Bundle icicle) {
super.onCreate(icicle);
tryLoadingLib("foo.oem1");
tryLoadingLib("bar.oem1");
tryLoadingLib("foo.oem2");
tryLoadingLib("bar.oem2");
}
private void tryLoadingLib(String name) {
try {
System.loadLibrary(name);
Log.d(getPackageName(), "library " + name + " is successfully loaded");
} catch (UnsatisfiedLinkError e) {
Log.d(getPackageName(), "failed to load libarary " + name, e);
}
}
}

31
libnativeloader/test/system/AndroidManifest.xml Normal file
View File

@ -0,0 +1,31 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
* Copyright (C) 2018 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
-->
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="android.test.app.system">
<application>
<activity android:name="android.test.app.TestActivity" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
</manifest>

31
libnativeloader/test/vendor/AndroidManifest.xml vendored Normal file
View File

@ -0,0 +1,31 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
* Copyright (C) 2018 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
-->
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="android.test.app.vendor">
<application>
<activity android:name="android.test.app.TestActivity" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
</manifest>