1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #if defined(ART_TARGET_ANDROID)
18 
19 #define LOG_TAG "nativeloader"
20 
21 #include "native_loader_namespace.h"
22 
23 #include <dlfcn.h>
24 
25 #include <functional>
26 
27 #include <android-base/strings.h>
28 #include <log/log.h>
29 #include <nativebridge/native_bridge.h>
30 
31 #include "nativeloader/dlext_namespaces.h"
32 
33 using android::base::Error;
34 
35 namespace android {
36 
37 namespace {
38 
39 constexpr const char* kDefaultNamespaceName = "default";
40 constexpr const char* kSystemNamespaceName = "system";
41 
GetLinkerError(bool is_bridged)42 std::string GetLinkerError(bool is_bridged) {
43   const char* msg = is_bridged ? NativeBridgeGetError() : dlerror();
44   if (msg == nullptr) {
45     return "no error";
46   }
47   return std::string(msg);
48 }
49 
50 }  // namespace
51 
GetExportedNamespace(const std::string & name,bool is_bridged)52 Result<NativeLoaderNamespace> NativeLoaderNamespace::GetExportedNamespace(const std::string& name,
53                                                                           bool is_bridged) {
54   if (!is_bridged) {
55     android_namespace_t* raw = android_get_exported_namespace(name.c_str());
56     if (raw != nullptr) {
57       return NativeLoaderNamespace(name, raw);
58     }
59   } else {
60     native_bridge_namespace_t* raw = NativeBridgeGetExportedNamespace(name.c_str());
61     if (raw != nullptr) {
62       return NativeLoaderNamespace(name, raw);
63     }
64   }
65   return Errorf("namespace {} does not exist or exported", name);
66 }
67 
68 // The system namespace is called "default" for binaries in /system and
69 // "system" for those in the Runtime APEX. Try "system" first since
70 // "default" always exists.
GetSystemNamespace(bool is_bridged)71 Result<NativeLoaderNamespace> NativeLoaderNamespace::GetSystemNamespace(bool is_bridged) {
72   Result<NativeLoaderNamespace> ns = GetExportedNamespace(kSystemNamespaceName, is_bridged);
73   if (ns.ok()) return ns;
74   ns = GetExportedNamespace(kDefaultNamespaceName, is_bridged);
75   if (ns.ok()) return ns;
76 
77   // If nothing is found, return NativeLoaderNamespace constructed from nullptr.
78   // nullptr also means default namespace to the linker.
79   if (!is_bridged) {
80     return NativeLoaderNamespace(kDefaultNamespaceName, static_cast<android_namespace_t*>(nullptr));
81   } else {
82     return NativeLoaderNamespace(kDefaultNamespaceName,
83                                  static_cast<native_bridge_namespace_t*>(nullptr));
84   }
85 }
86 
Create(const std::string & name,const std::string & search_paths,const std::string & permitted_paths,const NativeLoaderNamespace * parent,bool is_shared,bool is_exempt_list_enabled,bool also_used_as_anonymous)87 Result<NativeLoaderNamespace> NativeLoaderNamespace::Create(
88     const std::string& name, const std::string& search_paths, const std::string& permitted_paths,
89     const NativeLoaderNamespace* parent, bool is_shared, bool is_exempt_list_enabled,
90     bool also_used_as_anonymous) {
91   bool is_bridged = false;
92   if (parent != nullptr) {
93     is_bridged = parent->IsBridged();
94   } else if (!search_paths.empty()) {
95     is_bridged = NativeBridgeIsPathSupported(search_paths.c_str());
96   }
97 
98   // Fall back to the system namespace if no parent is set.
99   Result<NativeLoaderNamespace> system_ns = GetSystemNamespace(is_bridged);
100   if (!system_ns.ok()) {
101     return system_ns.error();
102   }
103   const NativeLoaderNamespace& effective_parent = parent != nullptr ? *parent : *system_ns;
104 
105   // All namespaces for apps are isolated
106   uint64_t type = ANDROID_NAMESPACE_TYPE_ISOLATED;
107 
108   // The namespace is also used as the anonymous namespace
109   // which is used when the linker fails to determine the caller address
110   if (also_used_as_anonymous) {
111     type |= ANDROID_NAMESPACE_TYPE_ALSO_USED_AS_ANONYMOUS;
112   }
113 
114   // Bundled apps have access to all system libraries that are currently loaded
115   // in the default namespace
116   if (is_shared) {
117     type |= ANDROID_NAMESPACE_TYPE_SHARED;
118   }
119   if (is_exempt_list_enabled) {
120     type |= ANDROID_NAMESPACE_TYPE_EXEMPT_LIST_ENABLED;
121   }
122 
123   if (!is_bridged) {
124     android_namespace_t* raw =
125         android_create_namespace(name.c_str(), nullptr, search_paths.c_str(), type,
126                                  permitted_paths.c_str(), effective_parent.ToRawAndroidNamespace());
127     if (raw != nullptr) {
128       return NativeLoaderNamespace(name, raw);
129     }
130   } else {
131     native_bridge_namespace_t* raw = NativeBridgeCreateNamespace(
132         name.c_str(), nullptr, search_paths.c_str(), type, permitted_paths.c_str(),
133         effective_parent.ToRawNativeBridgeNamespace());
134     if (raw != nullptr) {
135       return NativeLoaderNamespace(name, raw);
136     }
137   }
138   return Errorf("failed to create {} namespace name:{}, search_paths:{}, permitted_paths:{}",
139                 is_bridged ? "bridged" : "native", name, search_paths, permitted_paths);
140 }
141 
Link(const NativeLoaderNamespace * target,const std::string & shared_libs) const142 Result<void> NativeLoaderNamespace::Link(const NativeLoaderNamespace* target,
143                                          const std::string& shared_libs) const {
144   LOG_ALWAYS_FATAL_IF(shared_libs.empty(), "empty share lib when linking %s to %s",
145                       this->name().c_str(), target == nullptr ? "default" : target->name().c_str());
146   if (!IsBridged()) {
147     if (android_link_namespaces(this->ToRawAndroidNamespace(),
148                                 target == nullptr ? nullptr : target->ToRawAndroidNamespace(),
149                                 shared_libs.c_str())) {
150       return {};
151     }
152   } else {
153     if (NativeBridgeLinkNamespaces(this->ToRawNativeBridgeNamespace(),
154                                    target == nullptr ? nullptr : target->ToRawNativeBridgeNamespace(),
155                                    shared_libs.c_str())) {
156       return {};
157     }
158   }
159   return Error() << GetLinkerError(IsBridged());
160 }
161 
Load(const char * lib_name) const162 Result<void*> NativeLoaderNamespace::Load(const char* lib_name) const {
163   if (!IsBridged()) {
164     android_dlextinfo extinfo;
165     extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
166     extinfo.library_namespace = this->ToRawAndroidNamespace();
167     void* handle = android_dlopen_ext(lib_name, RTLD_NOW, &extinfo);
168     if (handle != nullptr) {
169       return handle;
170     }
171   } else {
172     void* handle =
173         NativeBridgeLoadLibraryExt(lib_name, RTLD_NOW, this->ToRawNativeBridgeNamespace());
174     if (handle != nullptr) {
175       return handle;
176     }
177   }
178   return Error() << GetLinkerError(IsBridged());
179 }
180 
181 }  // namespace android
182 
183 #endif  // defined(ART_TARGET_ANDROID)
184