xref: /aosp_15_r20/art/libnativeloader/native_loader_namespace.cpp (revision 795d594fd825385562da6b089ea9b2033f3abf5a) 
1*795d594fSAndroid Build Coastguard Worker /*
2*795d594fSAndroid Build Coastguard Worker  * Copyright (C) 2019 The Android Open Source Project
3*795d594fSAndroid Build Coastguard Worker  *
4*795d594fSAndroid Build Coastguard Worker  * Licensed under the Apache License, Version 2.0 (the "License");
5*795d594fSAndroid Build Coastguard Worker  * you may not use this file except in compliance with the License.
6*795d594fSAndroid Build Coastguard Worker  * You may obtain a copy of the License at
7*795d594fSAndroid Build Coastguard Worker  *
8*795d594fSAndroid Build Coastguard Worker  *      http://www.apache.org/licenses/LICENSE-2.0
9*795d594fSAndroid Build Coastguard Worker  *
10*795d594fSAndroid Build Coastguard Worker  * Unless required by applicable law or agreed to in writing, software
11*795d594fSAndroid Build Coastguard Worker  * distributed under the License is distributed on an "AS IS" BASIS,
12*795d594fSAndroid Build Coastguard Worker  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13*795d594fSAndroid Build Coastguard Worker  * See the License for the specific language governing permissions and
14*795d594fSAndroid Build Coastguard Worker  * limitations under the License.
15*795d594fSAndroid Build Coastguard Worker  */
16*795d594fSAndroid Build Coastguard Worker 
17*795d594fSAndroid Build Coastguard Worker #if defined(ART_TARGET_ANDROID)
18*795d594fSAndroid Build Coastguard Worker 
19*795d594fSAndroid Build Coastguard Worker #define LOG_TAG "nativeloader"
20*795d594fSAndroid Build Coastguard Worker 
21*795d594fSAndroid Build Coastguard Worker #include "native_loader_namespace.h"
22*795d594fSAndroid Build Coastguard Worker 
23*795d594fSAndroid Build Coastguard Worker #include <dlfcn.h>
24*795d594fSAndroid Build Coastguard Worker 
25*795d594fSAndroid Build Coastguard Worker #include <functional>
26*795d594fSAndroid Build Coastguard Worker 
27*795d594fSAndroid Build Coastguard Worker #include <android-base/strings.h>
28*795d594fSAndroid Build Coastguard Worker #include <log/log.h>
29*795d594fSAndroid Build Coastguard Worker #include <nativebridge/native_bridge.h>
30*795d594fSAndroid Build Coastguard Worker 
31*795d594fSAndroid Build Coastguard Worker #include "nativeloader/dlext_namespaces.h"
32*795d594fSAndroid Build Coastguard Worker 
33*795d594fSAndroid Build Coastguard Worker using android::base::Error;
34*795d594fSAndroid Build Coastguard Worker 
35*795d594fSAndroid Build Coastguard Worker namespace android {
36*795d594fSAndroid Build Coastguard Worker 
37*795d594fSAndroid Build Coastguard Worker namespace {
38*795d594fSAndroid Build Coastguard Worker 
39*795d594fSAndroid Build Coastguard Worker constexpr const char* kDefaultNamespaceName = "default";
40*795d594fSAndroid Build Coastguard Worker constexpr const char* kSystemNamespaceName = "system";
41*795d594fSAndroid Build Coastguard Worker 
GetLinkerError(bool is_bridged)42*795d594fSAndroid Build Coastguard Worker std::string GetLinkerError(bool is_bridged) {
43*795d594fSAndroid Build Coastguard Worker   const char* msg = is_bridged ? NativeBridgeGetError() : dlerror();
44*795d594fSAndroid Build Coastguard Worker   if (msg == nullptr) {
45*795d594fSAndroid Build Coastguard Worker     return "no error";
46*795d594fSAndroid Build Coastguard Worker   }
47*795d594fSAndroid Build Coastguard Worker   return std::string(msg);
48*795d594fSAndroid Build Coastguard Worker }
49*795d594fSAndroid Build Coastguard Worker 
50*795d594fSAndroid Build Coastguard Worker }  // namespace
51*795d594fSAndroid Build Coastguard Worker 
GetExportedNamespace(const std::string & name,bool is_bridged)52*795d594fSAndroid Build Coastguard Worker Result<NativeLoaderNamespace> NativeLoaderNamespace::GetExportedNamespace(const std::string& name,
53*795d594fSAndroid Build Coastguard Worker                                                                           bool is_bridged) {
54*795d594fSAndroid Build Coastguard Worker   if (!is_bridged) {
55*795d594fSAndroid Build Coastguard Worker     android_namespace_t* raw = android_get_exported_namespace(name.c_str());
56*795d594fSAndroid Build Coastguard Worker     if (raw != nullptr) {
57*795d594fSAndroid Build Coastguard Worker       return NativeLoaderNamespace(name, raw);
58*795d594fSAndroid Build Coastguard Worker     }
59*795d594fSAndroid Build Coastguard Worker   } else {
60*795d594fSAndroid Build Coastguard Worker     native_bridge_namespace_t* raw = NativeBridgeGetExportedNamespace(name.c_str());
61*795d594fSAndroid Build Coastguard Worker     if (raw != nullptr) {
62*795d594fSAndroid Build Coastguard Worker       return NativeLoaderNamespace(name, raw);
63*795d594fSAndroid Build Coastguard Worker     }
64*795d594fSAndroid Build Coastguard Worker   }
65*795d594fSAndroid Build Coastguard Worker   return Errorf("namespace {} does not exist or exported", name);
66*795d594fSAndroid Build Coastguard Worker }
67*795d594fSAndroid Build Coastguard Worker 
68*795d594fSAndroid Build Coastguard Worker // The system namespace is called "default" for binaries in /system and
69*795d594fSAndroid Build Coastguard Worker // "system" for those in the Runtime APEX. Try "system" first since
70*795d594fSAndroid Build Coastguard Worker // "default" always exists.
GetSystemNamespace(bool is_bridged)71*795d594fSAndroid Build Coastguard Worker Result<NativeLoaderNamespace> NativeLoaderNamespace::GetSystemNamespace(bool is_bridged) {
72*795d594fSAndroid Build Coastguard Worker   if (Result<NativeLoaderNamespace> ns = GetExportedNamespace(kSystemNamespaceName, is_bridged);
73*795d594fSAndroid Build Coastguard Worker       ns.ok()) {
74*795d594fSAndroid Build Coastguard Worker     return ns;
75*795d594fSAndroid Build Coastguard Worker   }
76*795d594fSAndroid Build Coastguard Worker   if (Result<NativeLoaderNamespace> ns = GetExportedNamespace(kDefaultNamespaceName, is_bridged);
77*795d594fSAndroid Build Coastguard Worker       ns.ok()) {
78*795d594fSAndroid Build Coastguard Worker     return ns;
79*795d594fSAndroid Build Coastguard Worker   }
80*795d594fSAndroid Build Coastguard Worker 
81*795d594fSAndroid Build Coastguard Worker   // If nothing is found, return NativeLoaderNamespace constructed from nullptr.
82*795d594fSAndroid Build Coastguard Worker   // nullptr also means default namespace to the linker.
83*795d594fSAndroid Build Coastguard Worker   if (!is_bridged) {
84*795d594fSAndroid Build Coastguard Worker     return NativeLoaderNamespace(kDefaultNamespaceName, static_cast<android_namespace_t*>(nullptr));
85*795d594fSAndroid Build Coastguard Worker   } else {
86*795d594fSAndroid Build Coastguard Worker     return NativeLoaderNamespace(kDefaultNamespaceName,
87*795d594fSAndroid Build Coastguard Worker                                  static_cast<native_bridge_namespace_t*>(nullptr));
88*795d594fSAndroid Build Coastguard Worker   }
89*795d594fSAndroid Build Coastguard Worker }
90*795d594fSAndroid Build Coastguard Worker 
Create(const std::string & name,const std::string & search_paths,const std::string & permitted_paths,const NativeLoaderNamespace * parent,bool is_shared,bool is_exempt_list_enabled,bool also_used_as_anonymous)91*795d594fSAndroid Build Coastguard Worker Result<NativeLoaderNamespace> NativeLoaderNamespace::Create(
92*795d594fSAndroid Build Coastguard Worker     const std::string& name, const std::string& search_paths, const std::string& permitted_paths,
93*795d594fSAndroid Build Coastguard Worker     const NativeLoaderNamespace* parent, bool is_shared, bool is_exempt_list_enabled,
94*795d594fSAndroid Build Coastguard Worker     bool also_used_as_anonymous) {
95*795d594fSAndroid Build Coastguard Worker   bool is_bridged = false;
96*795d594fSAndroid Build Coastguard Worker   if (parent != nullptr) {
97*795d594fSAndroid Build Coastguard Worker     is_bridged = parent->IsBridged();
98*795d594fSAndroid Build Coastguard Worker   } else if (!search_paths.empty()) {
99*795d594fSAndroid Build Coastguard Worker     is_bridged = NativeBridgeIsPathSupported(search_paths.c_str());
100*795d594fSAndroid Build Coastguard Worker   }
101*795d594fSAndroid Build Coastguard Worker 
102*795d594fSAndroid Build Coastguard Worker   // Fall back to the system namespace if no parent is set.
103*795d594fSAndroid Build Coastguard Worker   Result<NativeLoaderNamespace> system_ns = GetSystemNamespace(is_bridged);
104*795d594fSAndroid Build Coastguard Worker   if (!system_ns.ok()) {
105*795d594fSAndroid Build Coastguard Worker     return system_ns.error();
106*795d594fSAndroid Build Coastguard Worker   }
107*795d594fSAndroid Build Coastguard Worker   const NativeLoaderNamespace& effective_parent = parent != nullptr ? *parent : *system_ns;
108*795d594fSAndroid Build Coastguard Worker 
109*795d594fSAndroid Build Coastguard Worker   // All namespaces for apps are isolated
110*795d594fSAndroid Build Coastguard Worker   uint64_t type = ANDROID_NAMESPACE_TYPE_ISOLATED;
111*795d594fSAndroid Build Coastguard Worker 
112*795d594fSAndroid Build Coastguard Worker   // The namespace is also used as the anonymous namespace
113*795d594fSAndroid Build Coastguard Worker   // which is used when the linker fails to determine the caller address
114*795d594fSAndroid Build Coastguard Worker   if (also_used_as_anonymous) {
115*795d594fSAndroid Build Coastguard Worker     type |= ANDROID_NAMESPACE_TYPE_ALSO_USED_AS_ANONYMOUS;
116*795d594fSAndroid Build Coastguard Worker   }
117*795d594fSAndroid Build Coastguard Worker 
118*795d594fSAndroid Build Coastguard Worker   // Bundled apps have access to all system libraries that are currently loaded
119*795d594fSAndroid Build Coastguard Worker   // in the default namespace
120*795d594fSAndroid Build Coastguard Worker   if (is_shared) {
121*795d594fSAndroid Build Coastguard Worker     type |= ANDROID_NAMESPACE_TYPE_SHARED;
122*795d594fSAndroid Build Coastguard Worker   }
123*795d594fSAndroid Build Coastguard Worker   if (is_exempt_list_enabled) {
124*795d594fSAndroid Build Coastguard Worker     type |= ANDROID_NAMESPACE_TYPE_EXEMPT_LIST_ENABLED;
125*795d594fSAndroid Build Coastguard Worker   }
126*795d594fSAndroid Build Coastguard Worker 
127*795d594fSAndroid Build Coastguard Worker   if (!is_bridged) {
128*795d594fSAndroid Build Coastguard Worker     android_namespace_t* raw =
129*795d594fSAndroid Build Coastguard Worker         android_create_namespace(name.c_str(), nullptr, search_paths.c_str(), type,
130*795d594fSAndroid Build Coastguard Worker                                  permitted_paths.c_str(), effective_parent.ToRawAndroidNamespace());
131*795d594fSAndroid Build Coastguard Worker     if (raw != nullptr) {
132*795d594fSAndroid Build Coastguard Worker       return NativeLoaderNamespace(name, raw);
133*795d594fSAndroid Build Coastguard Worker     }
134*795d594fSAndroid Build Coastguard Worker   } else {
135*795d594fSAndroid Build Coastguard Worker     native_bridge_namespace_t* raw = NativeBridgeCreateNamespace(
136*795d594fSAndroid Build Coastguard Worker         name.c_str(), nullptr, search_paths.c_str(), type, permitted_paths.c_str(),
137*795d594fSAndroid Build Coastguard Worker         effective_parent.ToRawNativeBridgeNamespace());
138*795d594fSAndroid Build Coastguard Worker     if (raw != nullptr) {
139*795d594fSAndroid Build Coastguard Worker       return NativeLoaderNamespace(name, raw);
140*795d594fSAndroid Build Coastguard Worker     }
141*795d594fSAndroid Build Coastguard Worker   }
142*795d594fSAndroid Build Coastguard Worker   return Errorf("failed to create {} namespace name:{}, search_paths:{}, permitted_paths:{}",
143*795d594fSAndroid Build Coastguard Worker                 is_bridged ? "bridged" : "native", name, search_paths, permitted_paths);
144*795d594fSAndroid Build Coastguard Worker }
145*795d594fSAndroid Build Coastguard Worker 
Link(const NativeLoaderNamespace * target,const std::string & shared_libs) const146*795d594fSAndroid Build Coastguard Worker Result<void> NativeLoaderNamespace::Link(const NativeLoaderNamespace* target,
147*795d594fSAndroid Build Coastguard Worker                                          const std::string& shared_libs) const {
148*795d594fSAndroid Build Coastguard Worker   LOG_ALWAYS_FATAL_IF(shared_libs.empty(), "empty share lib when linking %s to %s",
149*795d594fSAndroid Build Coastguard Worker                       this->name().c_str(), target == nullptr ? "default" : target->name().c_str());
150*795d594fSAndroid Build Coastguard Worker   if (!IsBridged()) {
151*795d594fSAndroid Build Coastguard Worker     if (android_link_namespaces(this->ToRawAndroidNamespace(),
152*795d594fSAndroid Build Coastguard Worker                                 target == nullptr ? nullptr : target->ToRawAndroidNamespace(),
153*795d594fSAndroid Build Coastguard Worker                                 shared_libs.c_str())) {
154*795d594fSAndroid Build Coastguard Worker       return {};
155*795d594fSAndroid Build Coastguard Worker     }
156*795d594fSAndroid Build Coastguard Worker   } else {
157*795d594fSAndroid Build Coastguard Worker     if (NativeBridgeLinkNamespaces(this->ToRawNativeBridgeNamespace(),
158*795d594fSAndroid Build Coastguard Worker                                    target == nullptr ? nullptr : target->ToRawNativeBridgeNamespace(),
159*795d594fSAndroid Build Coastguard Worker                                    shared_libs.c_str())) {
160*795d594fSAndroid Build Coastguard Worker       return {};
161*795d594fSAndroid Build Coastguard Worker     }
162*795d594fSAndroid Build Coastguard Worker   }
163*795d594fSAndroid Build Coastguard Worker   return Error() << GetLinkerError(IsBridged());
164*795d594fSAndroid Build Coastguard Worker }
165*795d594fSAndroid Build Coastguard Worker 
Load(const char * lib_name) const166*795d594fSAndroid Build Coastguard Worker Result<void*> NativeLoaderNamespace::Load(const char* lib_name) const {
167*795d594fSAndroid Build Coastguard Worker   if (!IsBridged()) {
168*795d594fSAndroid Build Coastguard Worker     android_dlextinfo extinfo;
169*795d594fSAndroid Build Coastguard Worker     extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
170*795d594fSAndroid Build Coastguard Worker     extinfo.library_namespace = this->ToRawAndroidNamespace();
171*795d594fSAndroid Build Coastguard Worker     void* handle = android_dlopen_ext(lib_name, RTLD_NOW, &extinfo);
172*795d594fSAndroid Build Coastguard Worker     if (handle != nullptr) {
173*795d594fSAndroid Build Coastguard Worker       return handle;
174*795d594fSAndroid Build Coastguard Worker     }
175*795d594fSAndroid Build Coastguard Worker   } else {
176*795d594fSAndroid Build Coastguard Worker     void* handle =
177*795d594fSAndroid Build Coastguard Worker         NativeBridgeLoadLibraryExt(lib_name, RTLD_NOW, this->ToRawNativeBridgeNamespace());
178*795d594fSAndroid Build Coastguard Worker     if (handle != nullptr) {
179*795d594fSAndroid Build Coastguard Worker       return handle;
180*795d594fSAndroid Build Coastguard Worker     }
181*795d594fSAndroid Build Coastguard Worker   }
182*795d594fSAndroid Build Coastguard Worker   return Error() << GetLinkerError(IsBridged());
183*795d594fSAndroid Build Coastguard Worker }
184*795d594fSAndroid Build Coastguard Worker 
185*795d594fSAndroid Build Coastguard Worker }  // namespace android
186*795d594fSAndroid Build Coastguard Worker 
187*795d594fSAndroid Build Coastguard Worker #endif  // defined(ART_TARGET_ANDROID)
188