From e031994f2f7adfe8f3358bfdc3073c47fb61fa69 Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Mon, 15 Jan 2018 21:14:53 +0900 Subject: [PATCH] Don't shared oem-defined libs to vendor apks OEM-defined libs in /system/etc/public.libraries-.txt files are not available to apks in the vendor partition, otherwise we are allowing vendor -> system dependency, which is a Treble violation. Bug: 71561542 Test: mm -j under system/core/libnativeloader/test and runtest.sh the four libs (lib[foo|bar].[oem1|oem2].so are all loaded in android.app.test.system app but not in android.app.test.vendor app Change-Id: Ie5d9160ae4dc2a64beb6507602ee5a1db6518875 --- libnativeloader/native_loader.cpp | 61 ++++++++++--------- libnativeloader/test/Android.mk | 20 ++++++ libnativeloader/test/runtest.sh | 11 ++++ .../src/android/test/app/TestActivity.java | 42 +++++++++++++ .../test/system/AndroidManifest.xml | 31 ++++++++++ .../test/vendor/AndroidManifest.xml | 31 ++++++++++ 6 files changed, 168 insertions(+), 28 deletions(-) create mode 100755 libnativeloader/test/runtest.sh create mode 100644 libnativeloader/test/src/android/test/app/TestActivity.java create mode 100644 libnativeloader/test/system/AndroidManifest.xml create mode 100644 libnativeloader/test/vendor/AndroidManifest.xml diff --git a/libnativeloader/native_loader.cpp b/libnativeloader/native_loader.cpp index 6ddec4d8a..0ebb22647 100644 --- a/libnativeloader/native_loader.cpp +++ b/libnativeloader/native_loader.cpp @@ -236,6 +236,10 @@ class LibraryNamespaces { // Different name is useful for debugging namespace_name = kVendorClassloaderNamespaceName; ALOGD("classloader namespace configured for unbundled vendor apk. library_path=%s", library_path.c_str()); + } else if (!oem_public_libraries_.empty()) { + // oem_public_libraries are NOT available to vendor apks, otherwise it + // would be system->vendor violation. + system_exposed_libraries = system_exposed_libraries + ":" + oem_public_libraries_.c_str(); } NativeLoaderNamespace native_loader_ns; @@ -353,9 +357,36 @@ class LibraryNamespaces { "Error reading public native library list from \"%s\": %s", public_native_libraries_system_config.c_str(), error_msg.c_str()); + // For debuggable platform builds use ANDROID_ADDITIONAL_PUBLIC_LIBRARIES environment + // variable to add libraries to the list. This is intended for platform tests only. + if (is_debuggable()) { + const char* additional_libs = getenv("ANDROID_ADDITIONAL_PUBLIC_LIBRARIES"); + if (additional_libs != nullptr && additional_libs[0] != '\0') { + std::vector additional_libs_vector = base::Split(additional_libs, ":"); + std::copy(additional_libs_vector.begin(), additional_libs_vector.end(), + std::back_inserter(sonames)); + } + } + + // android_init_namespaces() expects all the public libraries + // to be loaded so that they can be found by soname alone. + // + // TODO(dimitry): this is a bit misleading since we do not know + // if the vendor public library is going to be opened from /vendor/lib + // we might as well end up loading them from /system/lib + // For now we rely on CTS test to catch things like this but + // it should probably be addressed in the future. + for (const auto& soname : sonames) { + LOG_ALWAYS_FATAL_IF(dlopen(soname.c_str(), RTLD_NOW | RTLD_NODELETE) == nullptr, + "Error preloading public library %s: %s", soname.c_str(), dlerror()); + } + + system_public_libraries_ = base::Join(sonames, ':'); + // read /system/etc/public.libraries-.txt which contain partner defined // system libs that are exposed to apps. The libs in the txt files must be // named as lib..so. + sonames.clear(); std::string dirname = base::Dirname(public_native_libraries_system_config); std::unique_ptr dir(opendir(dirname.c_str()), closedir); if (dir != nullptr) { @@ -396,39 +427,12 @@ class LibraryNamespaces { } } } + oem_public_libraries_ = base::Join(sonames, ':'); // Insert VNDK version to llndk and vndksp config file names. insert_vndk_version_str(&llndk_native_libraries_system_config); insert_vndk_version_str(&vndksp_native_libraries_system_config); - // For debuggable platform builds use ANDROID_ADDITIONAL_PUBLIC_LIBRARIES environment - // variable to add libraries to the list. This is intended for platform tests only. - if (is_debuggable()) { - const char* additional_libs = getenv("ANDROID_ADDITIONAL_PUBLIC_LIBRARIES"); - if (additional_libs != nullptr && additional_libs[0] != '\0') { - std::vector additional_libs_vector = base::Split(additional_libs, ":"); - std::copy(additional_libs_vector.begin(), - additional_libs_vector.end(), - std::back_inserter(sonames)); - } - } - - // android_init_namespaces() expects all the public libraries - // to be loaded so that they can be found by soname alone. - // - // TODO(dimitry): this is a bit misleading since we do not know - // if the vendor public library is going to be opened from /vendor/lib - // we might as well end up loading them from /system/lib - // For now we rely on CTS test to catch things like this but - // it should probably be addressed in the future. - for (const auto& soname : sonames) { - LOG_ALWAYS_FATAL_IF(dlopen(soname.c_str(), RTLD_NOW | RTLD_NODELETE) == nullptr, - "Error preloading public library %s: %s", - soname.c_str(), dlerror()); - } - - system_public_libraries_ = base::Join(sonames, ':'); - sonames.clear(); ReadConfig(llndk_native_libraries_system_config, &sonames, always_true); system_llndk_libraries_ = base::Join(sonames, ':'); @@ -554,6 +558,7 @@ class LibraryNamespaces { std::vector> namespaces_; std::string system_public_libraries_; std::string vendor_public_libraries_; + std::string oem_public_libraries_; std::string system_llndk_libraries_; std::string system_vndksp_libraries_; diff --git a/libnativeloader/test/Android.mk b/libnativeloader/test/Android.mk index 4c3da4ac5..e62545465 100644 --- a/libnativeloader/test/Android.mk +++ b/libnativeloader/test/Android.mk @@ -28,3 +28,23 @@ LOCAL_SRC_FILES:= $(LOCAL_MODULE) LOCAL_MODULE_CLASS := ETC LOCAL_MODULE_PATH := $(TARGET_OUT_ETC) include $(BUILD_PREBUILT) + +include $(CLEAR_VARS) +LOCAL_PACKAGE_NAME := oemlibrarytest-system +LOCAL_MODULE_TAGS := tests +LOCAL_MANIFEST_FILE := system/AndroidManifest.xml +LOCAL_SRC_FILES := $(call all-java-files-under, src) +LOCAL_SDK_VERSION := current +LOCAL_PROGUARD_ENABLED := disabled +LOCAL_MODULE_PATH := $(TARGET_OUT_APPS) +include $(BUILD_PACKAGE) + +include $(CLEAR_VARS) +LOCAL_PACKAGE_NAME := oemlibrarytest-vendor +LOCAL_MODULE_TAGS := tests +LOCAL_MANIFEST_FILE := vendor/AndroidManifest.xml +LOCAL_SRC_FILES := $(call all-java-files-under, src) +LOCAL_SDK_VERSION := current +LOCAL_PROGUARD_ENABLED := disabled +LOCAL_MODULE_PATH := $(TARGET_OUT_VENDOR_APPS) +include $(BUILD_PACKAGE) diff --git a/libnativeloader/test/runtest.sh b/libnativeloader/test/runtest.sh new file mode 100755 index 000000000..40beb5b4d --- /dev/null +++ b/libnativeloader/test/runtest.sh @@ -0,0 +1,11 @@ +#!/bin/bash +adb root +adb remount +adb sync +adb shell stop +adb shell start +sleep 5 # wait until device reboots +adb logcat -c; +adb shell am start -n android.test.app.system/android.test.app.TestActivity +adb shell am start -n android.test.app.vendor/android.test.app.TestActivity +adb logcat | grep android.test.app diff --git a/libnativeloader/test/src/android/test/app/TestActivity.java b/libnativeloader/test/src/android/test/app/TestActivity.java new file mode 100644 index 000000000..214892df2 --- /dev/null +++ b/libnativeloader/test/src/android/test/app/TestActivity.java @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2018 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.test.app; + +import android.app.Activity; +import android.os.Bundle; +import android.util.Log; + +public class TestActivity extends Activity { + + @Override + public void onCreate(Bundle icicle) { + super.onCreate(icicle); + tryLoadingLib("foo.oem1"); + tryLoadingLib("bar.oem1"); + tryLoadingLib("foo.oem2"); + tryLoadingLib("bar.oem2"); + } + + private void tryLoadingLib(String name) { + try { + System.loadLibrary(name); + Log.d(getPackageName(), "library " + name + " is successfully loaded"); + } catch (UnsatisfiedLinkError e) { + Log.d(getPackageName(), "failed to load libarary " + name, e); + } + } +} diff --git a/libnativeloader/test/system/AndroidManifest.xml b/libnativeloader/test/system/AndroidManifest.xml new file mode 100644 index 000000000..c3048891a --- /dev/null +++ b/libnativeloader/test/system/AndroidManifest.xml @@ -0,0 +1,31 @@ + + + + + + + + + + + + + + + + diff --git a/libnativeloader/test/vendor/AndroidManifest.xml b/libnativeloader/test/vendor/AndroidManifest.xml new file mode 100644 index 000000000..c4c1a9c21 --- /dev/null +++ b/libnativeloader/test/vendor/AndroidManifest.xml @@ -0,0 +1,31 @@ + + + + + + + + + + + + + + + +