1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 // This is the default linker namespace for a vendor process (a process started
18 // from /vendor/bin/*).
19 
20 #include "linkerconfig/namespacebuilder.h"
21 
22 #include "linkerconfig/common.h"
23 #include "linkerconfig/environment.h"
24 
25 using android::linkerconfig::modules::AsanPath;
26 using android::linkerconfig::modules::GetVendorVndkVersion;
27 using android::linkerconfig::modules::Namespace;
28 
29 namespace {
30 
31 // Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
32 const std::vector<std::string> kVndkLiteVendorRequires = {
33     // Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
34     "libdexfile_external.so",
35     "libdexfiled_external.so",
36     "libnativebridge.so",
37     "libnativehelper.so",
38     "libnativeloader.so",
39     "libandroidicu.so",
40     // TODO(b/122876336): Remove libpac.so once it's migrated to Webview
41     "libpac.so",
42     // TODO(b/120786417 or b/134659294): libicuuc.so
43     // and libicui18n.so are kept for app compat.
44     "libicui18n.so",
45     "libicuuc.so",
46     // resolv
47     "libnetd_resolv.so",
48     // nn
49     "libneuralnetworks.so",
50     // statsd
51     "libstatspull.so",
52     "libstatssocket.so",
53     // adbd
54     "libadb_pairing_auth.so",
55     "libadb_pairing_connection.so",
56     "libadb_pairing_server.so",
57 };
58 
59 }  // namespace
60 
61 namespace android {
62 namespace linkerconfig {
63 namespace contents {
64 Namespace BuildVendorDefaultNamespace([[maybe_unused]] const Context& ctx) {
65   bool is_vndklite = ctx.IsVndkliteConfig();
66 
67   Namespace ns(
68       "default", /*is_isolated=*/!is_vndklite, /*is_visible=*/!is_vndklite);
69 
70   ns.AddSearchPath("/odm/${LIB}", AsanPath::WITH_DATA_ASAN);
71   // Allow loosen restriction between vndk and private platform libraries
72   if (is_vndklite) {
73     ns.AddSearchPath("/odm/${LIB}/vndk", AsanPath::WITH_DATA_ASAN);
74     ns.AddSearchPath("/odm/${LIB}/vndk-sp", AsanPath::WITH_DATA_ASAN);
75   }
76 
77   ns.AddSearchPath("/vendor/${LIB}", AsanPath::WITH_DATA_ASAN);
78   // Allow loosen restriction between vndk and private platform libraries
79   if (is_vndklite) {
80     ns.AddSearchPath("/vendor/${LIB}/vndk", AsanPath::WITH_DATA_ASAN);
81     ns.AddSearchPath("/vendor/${LIB}/vndk-sp", AsanPath::WITH_DATA_ASAN);
82   }
83 
84   // VNDK-Lite devices require broader access from vendor to system/product partition
85   if (is_vndklite) {
86     ns.AddSearchPath("/system/${LIB}", AsanPath::WITH_DATA_ASAN);
87     ns.AddSearchPath(Var("SYSTEM_EXT") + "/${LIB}", AsanPath::WITH_DATA_ASAN);
88     ns.AddSearchPath(Var("PRODUCT") + "/${LIB}", AsanPath::WITH_DATA_ASAN);
89     // Put system vndk at the last search order in vndk_lite for GSI
90     ns.AddSearchPath(
91         "/apex/com.android.vndk.v" + Var("VENDOR_VNDK_VERSION") + "/${LIB}",
92         AsanPath::SAME_PATH);
93   }
94 
95   if (ctx.IsDefaultConfig() && GetVendorVndkVersion() == "27") {
96     ns.AddSearchPath("/vendor/${LIB}/hw", AsanPath::WITH_DATA_ASAN);
97     ns.AddSearchPath("/vendor/${LIB}/egl", AsanPath::WITH_DATA_ASAN);
98   }
99 
100   ns.AddPermittedPath("/odm", AsanPath::WITH_DATA_ASAN);
101   ns.AddPermittedPath("/vendor", AsanPath::WITH_DATA_ASAN);
102   ns.AddPermittedPath("/system/vendor", AsanPath::NONE);
103 
104   if (is_vndklite) {
105     // Because vendor-default NS works like system-default NS for VNDK-lite
106     // devices the requires/provides are added just like system-default.
107     ns.AddRequires(kVndkLiteVendorRequires);
108     ns.AddProvides(GetSystemStubLibraries());
109   } else {
110     ns.GetLink(ctx.GetSystemNamespaceName())
111         .AddSharedLib(
112             {Var("LLNDK_LIBRARIES_VENDOR"), Var("SANITIZER_DEFAULT_VENDOR")});
113     ns.GetLink("vndk").AddSharedLib({Var("VNDK_SAMEPROCESS_LIBRARIES_VENDOR"),
114                                      Var("VNDK_CORE_LIBRARIES_VENDOR")});
115     if (android::linkerconfig::modules::IsVndkInSystemNamespace()) {
116       ns.GetLink("vndk_in_system")
117           .AddSharedLib(Var("VNDK_USING_CORE_VARIANT_LIBRARIES"));
118     }
119   }
120   ns.AddRequires(std::vector{"libneuralnetworks.so"});
121   return ns;
122 }
123 }  // namespace contents
124 }  // namespace linkerconfig
125 }  // namespace android
126