diff options
author | Sijie Chen <sijiec@google.com> | 2024-04-16 18:02:20 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2024-04-16 18:02:20 +0000 |
commit | 08cece849b58efa1cd6f96d68427f6e0117c3f0b (patch) | |
tree | 257d27bf828564619a9afe7fade3ae9dd569d74e | |
parent | e32ddc9ed10d2e42d1c8b3b0eb630467dd014d3a (diff) | |
parent | 0ca0d9faabfeb3d64d4690c3c6d6f052a25c5c00 (diff) | |
download | native_bridge_support-08cece849b58efa1cd6f96d68427f6e0117c3f0b.tar.gz |
Merge "[Berberis][CrashReporting] Improving accessor library" into main
-rw-r--r-- | guest_state_accessor/Android.bp | 8 | ||||
-rw-r--r-- | guest_state_accessor/accessor_proxy.cc | 32 | ||||
-rw-r--r-- | guest_state_accessor/include/native_bridge_support/guest_state_accessor/dlext_namespaces.h | 115 |
3 files changed, 153 insertions, 2 deletions
diff --git a/guest_state_accessor/Android.bp b/guest_state_accessor/Android.bp index 6a39485..ba895c9 100644 --- a/guest_state_accessor/Android.bp +++ b/guest_state_accessor/Android.bp @@ -23,6 +23,10 @@ cc_library_headers { defaults: ["native_bridge_support_defaults"], host_supported: true, export_include_dirs: ["include"], + apex_available: [ + "com.android.runtime", + "//apex_available:platform", + ], } cc_library_static { @@ -37,6 +41,10 @@ cc_library_static { "libbase", "liblog", ], + apex_available: [ + "com.android.runtime", + "//apex_available:platform", + ], } cc_test_host { diff --git a/guest_state_accessor/accessor_proxy.cc b/guest_state_accessor/accessor_proxy.cc index 61c975a..31e9261 100644 --- a/guest_state_accessor/accessor_proxy.cc +++ b/guest_state_accessor/accessor_proxy.cc @@ -22,6 +22,34 @@ #include "native_bridge_support/guest_state_accessor/accessor.h" +#if defined(__ANDROID__) +#include "native_bridge_support/guest_state_accessor/dlext_namespaces.h" +#endif + +void* OpenSystemLibrary(const char* path, int flags) { +#if defined(__ANDROID__) + // The system namespace is called "default" for binaries in /system and + // "system" for those in the Runtime APEX. Try "system" first since + // "default" always exists. + // TODO(b/185587109): Get rid of this error prone logic. + android_namespace_t* system_ns = android_get_exported_namespace("system"); + if (system_ns == nullptr) { + system_ns = android_get_exported_namespace("default"); + if (system_ns == nullptr) { + ALOGE("Failed to get system namespace for loading %s", path); + } + } + const android_dlextinfo dlextinfo = { + .flags = ANDROID_DLEXT_USE_NAMESPACE, + .library_namespace = system_ns, + }; + + return android_dlopen_ext(path, flags, &dlextinfo); +#else + return dlopen(path, flags); +#endif +} + int LoadGuestStateRegisters(const void* guest_state_data, size_t guest_state_data_size, NativeBridgeGuestRegs* guest_regs) { @@ -31,7 +59,7 @@ int LoadGuestStateRegisters(const void* guest_state_data, return NATIVE_BRIDGE_GUEST_STATE_ACCESSOR_ERROR_INVALID_STATE; } - void *proxy = dlopen(library_name.c_str(), RTLD_NOW | RTLD_LOCAL); + void *proxy = OpenSystemLibrary(library_name.c_str(), RTLD_NOW | RTLD_LOCAL); if (!proxy) { ALOGE("dlopen failed: %s: %s", library_name.c_str(), dlerror()); return NATIVE_BRIDGE_GUEST_STATE_ACCESSOR_ERROR_INVALID_STATE; @@ -43,7 +71,7 @@ int LoadGuestStateRegisters(const void* guest_state_data, reinterpret_cast<LoadGuestStateRegistersFunc>( dlsym(proxy, "LoadGuestStateRegisters")); if (!LoadGuestStateRegistersImpl) { - ALOGE("failed to initialize proxy library LoadGuestStateRegisters"); + ALOGE("failed to initialize proxy library LoadGuestStateRegisters: %s", dlerror()); return NATIVE_BRIDGE_GUEST_STATE_ACCESSOR_ERROR_INVALID_STATE; } diff --git a/guest_state_accessor/include/native_bridge_support/guest_state_accessor/dlext_namespaces.h b/guest_state_accessor/include/native_bridge_support/guest_state_accessor/dlext_namespaces.h new file mode 100644 index 0000000..42ab1cb --- /dev/null +++ b/guest_state_accessor/include/native_bridge_support/guest_state_accessor/dlext_namespaces.h @@ -0,0 +1,115 @@ +/* + * Copyright (C) 2024 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef NATIVE_BRIDGE_SUPPORT_GUEST_STATE_DLEXT_NAMESPACES_H_ +#define NATIVE_BRIDGE_SUPPORT_GUEST_STATE_DLEXT_NAMESPACES_H_ + +#include <android/dlext.h> +#include <stdbool.h> +#include <sys/cdefs.h> + +__BEGIN_DECLS + +enum { + /* A regular namespace is the namespace with a custom search path that does + * not impose any restrictions on the location of native libraries. + */ + ANDROID_NAMESPACE_TYPE_REGULAR = 0, + + /* An isolated namespace requires all the libraries to be on the search path + * or under permitted_when_isolated_path. The search path is the union of + * ld_library_path and default_library_path. + */ + ANDROID_NAMESPACE_TYPE_ISOLATED = 1, + + /* The shared namespace clones the list of libraries of the caller namespace upon creation + * which means that they are shared between namespaces - the caller namespace and the new one + * will use the same copy of a library if it was loaded prior to android_create_namespace call. + * + * Note that libraries loaded after the namespace is created will not be shared. + * + * Shared namespaces can be isolated or regular. Note that they do not inherit the search path nor + * permitted_path from the caller's namespace. + */ + ANDROID_NAMESPACE_TYPE_SHARED = 2, + + /* This flag instructs linker to enable exempt-list workaround for the namespace. + * See http://b/26394120 for details. + */ + ANDROID_NAMESPACE_TYPE_EXEMPT_LIST_ENABLED = 0x08000000, + + /* This flag instructs linker to use this namespace as the anonymous + * namespace. The anonymous namespace is used in the case when linker cannot + * identify the caller of dlopen/dlsym. This happens for the code not loaded + * by dynamic linker; for example calls from the mono-compiled code. There can + * be only one anonymous namespace in a process. If there already is an + * anonymous namespace in the process, using this flag when creating a new + * namespace causes an error. + */ + ANDROID_NAMESPACE_TYPE_ALSO_USED_AS_ANONYMOUS = 0x10000000, + + ANDROID_NAMESPACE_TYPE_SHARED_ISOLATED = + ANDROID_NAMESPACE_TYPE_SHARED | ANDROID_NAMESPACE_TYPE_ISOLATED, +}; + +/* + * Creates new linker namespace. + * ld_library_path and default_library_path represent the search path + * for the libraries in the namespace. + * + * The libraries in the namespace are searched by following order: + * 1. ld_library_path (Think of this as namespace-local LD_LIBRARY_PATH) + * 2. In directories specified by DT_RUNPATH of the "needed by" binary. + * 3. default_library_path (This of this as namespace-local default library path) + * + * When type is ANDROID_NAMESPACE_TYPE_ISOLATED the resulting namespace requires all of + * the libraries to be on the search path or under the permitted_when_isolated_path; + * the search_path is ld_library_path:default_library_path. Note that the + * permitted_when_isolated_path path is not part of the search_path and + * does not affect the search order. It is a way to allow loading libraries from specific + * locations when using absolute path. + * If a library or any of its dependencies are outside of the permitted_when_isolated_path + * and search_path, and it is not part of the public namespace dlopen will fail. + */ +extern struct android_namespace_t* android_create_namespace( + const char* name, const char* ld_library_path, const char* default_library_path, uint64_t type, + const char* permitted_when_isolated_path, struct android_namespace_t* parent); + +/* + * Creates a link between namespaces. Every link has list of sonames of + * shared libraries. These are the libraries which are accessible from + * namespace 'from' but loaded within namespace 'to' context. + * When to namespace is nullptr this function establishes a link between + * 'from' namespace and the default namespace. + * + * The lookup order of the libraries in namespaces with links is following: + * 1. Look inside current namespace using 'this' namespace search path. + * 2. Look in linked namespaces + * 2.1. Perform soname check - if library soname is not in the list of shared + * libraries sonames skip this link, otherwise + * 2.2. Search library using linked namespace search path. Note that this + * step will not go deeper into linked namespaces for this library but + * will do so for DT_NEEDED libraries. + */ +extern bool android_link_namespaces(struct android_namespace_t* from, + struct android_namespace_t* to, + const char* shared_libs_sonames); + +extern struct android_namespace_t* android_get_exported_namespace(const char* name); + +__END_DECLS + +#endif // NATIVE_BRIDGE_SUPPORT_GUEST_STATE_DLEXT_NAMESPACES_H_
\ No newline at end of file |