Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6b369bee authored by Jiyong Park's avatar Jiyong Park
Browse files

Prevent vendors from accessing private VNDK libs 

Private VNDK libs are VNDK libs that are only accessible from other VNDK
libs but are inaccessible from vendor libraries. The private VNDK libs
are marked as vendor_available: false.

To enforce this at runtime, the private VNDK libs are excluded from the
list of lib names that links the namespaces.

Also, linker namespaces for vendor processes are modified so that the
VNDK-core and VNDK-SP libs are now loaded in the 'system' namespace and
not in the 'default' namespace.

Bug: 63878960
Test: wahoo devices boot, log does not show any new dlopen error.

Change-Id: Ibfc4f31a97aa6edd7f05cd6177daeb52c165bfeb
parent f8b9d77b

rootdir/Android.mk

+6 −3
Original line number Diff line number Diff line
@@ -207,11 +207,14 @@ LOCAL_MODULE_PATH := $(TARGET_OUT_ETC) 
LOCAL_MODULE_STEM := $(LOCAL_MODULE)

include $(BUILD_SYSTEM)/base_rules.mk



llndk_libraries := $(subst $(space),:,$(addsuffix .so,$(LLNDK_LIBRARIES)))

llndk_libraries := $(subst $(space),:,$(addsuffix .so,\

$(filter-out $(VNDK_PRIVATE_LIBRARIES),$(LLNDK_LIBRARIES))))



vndk_sameprocess_libraries := $(subst $(space),:,$(addsuffix .so,$(VNDK_SAMEPROCESS_LIBRARIES)))

vndk_sameprocess_libraries := $(subst $(space),:,$(addsuffix .so,\

$(filter-out $(VNDK_PRIVATE_LIBRARIES),$(VNDK_SAMEPROCESS_LIBRARIES))))



vndk_core_libraries := $(subst $(space),:,$(addsuffix .so,$(VNDK_CORE_LIBRARIES)))

vndk_core_libraries := $(subst $(space),:,$(addsuffix .so,\

$(filter-out $(VNDK_PRIVATE_LIBRARIES),$(VNDK_CORE_LIBRARIES))))



sanitizer_runtime_libraries := $(subst $(space),:,$(addsuffix .so,\

$(ADDRESS_SANITIZER_RUNTIME_LIBRARY) \

rootdir/etc/ld.config.txt.in

+14 −11
Original line number Diff line number Diff line
@@ -120,28 +120,31 @@ additional.namespaces = system 
###############################################################################

# "default" namespace

#

# Vendor-side code runs in this namespace.

# This is the default linker namespace for a vendor process (a process started

# from /vendor/bin/*). The main executable and the libs under /vendor/lib[64]

# are loaded directly into this namespace. However, other libs under the system

# partition (VNDK and LLNDK libraries) are not loaded here but from the

# separate namespace 'system'. The delegation to the system namespace is done

# via the 'namespace.default.link.system.shared_libs' property below.

###############################################################################

namespace.default.isolated = true

namespace.default.visible = true



namespace.default.search.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl:/vendor/${LIB}:/vendor/${LIB}/vndk${VNDK_VER}:/system/${LIB}/vndk${VNDK_VER}:/vendor/${LIB}/vndk-sp${VNDK_VER}:/system/${LIB}/vndk-sp${VNDK_VER}

namespace.default.permitted.paths = /vendor:/system/${LIB}/vndk${VNDK_VER}:/system/${LIB}/vndk-sp${VNDK_VER}

namespace.default.search.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl:/vendor/${LIB}:/vendor/${LIB}/vndk${VNDK_VER}:/vendor/${LIB}/vndk-sp${VNDK_VER}

namespace.default.permitted.paths = /vendor



namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk${VNDK_VER}:/vendor/${LIB}/vndk${VNDK_VER}:/data/asan/system/${LIB}/vndk${VNDK_VER}:/system/${LIB}/vndk${VNDK_VER}:/data/asan/vendor/${LIB}/vndk-sp${VNDK_VER}:/vendor/${LIB}/vndk-sp${VNDK_VER}:/data/asan/system/${LIB}/vndk-sp${VNDK_VER}:/system/${LIB}/vndk-sp${VNDK_VER}

namespace.default.asan.permitted.paths = /data/asan/vendor:/vendor:/data/asan/system/${LIB}/vndk${VNDK_VER}:/system/${LIB}/vndk${VNDK_VER}:/data/asan/system/${LIB}/vndk-sp${VNDK_VER}:/system/${LIB}/vndk-sp${VNDK_VER}

namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk${VNDK_VER}:/vendor/${LIB}/vndk${VNDK_VER}:/data/asan/vendor/${LIB}/vndk-sp${VNDK_VER}:/vendor/${LIB}/vndk-sp${VNDK_VER}:namespace.default.asan.permitted.paths = /data/asan/vendor:/vendor



namespace.default.links = system

namespace.default.link.system.shared_libs = %LLNDK_LIBRARIES%

namespace.default.link.system.shared_libs = %LLNDK_LIBRARIES%:%VNDK_SAMEPROCESS_LIBRARIES%:%VNDK_CORE_LIBRARIES%



###############################################################################

# "system" namespace

#

# This is for vendor process to use LL-NDK in system partition.

# This namespace is where system libs (VNDK and LLNDK libs) are loaded for

# a vendor process.

###############################################################################

namespace.system.isolated = false

namespace.system.search.paths = /system/${LIB}

namespace.system.permitted.paths = /system/${LIB}

namespace.system.search.paths = /system/${LIB}/vndk-sp${VNDK_VER}:/system/${LIB}/vndk${VNDK_VER}:/system/${LIB}



namespace.system.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB}

namespace.system.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB}
 
namespace.system.asan.search.paths = /data/asan/system/${LIB}/vndk-sp${VNDK_VER}:/system/${LIB}/vndk-sp${VNDK_VER}:/data/asan/system/${LIB}/vndk${VNDK_VER}:/system/${LIB}/vndk${VNDK_VER}:/data/asan/system/${LIB}:/system/${LIB}