1 /*
2 * Copyright (C) 2017 The Android Open Source Project
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in
12 * the documentation and/or other materials provided with the
13 * distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <stdlib.h>
30 #include <string.h>
31 #include <sys/mman.h>
32
33 #include <gtest/gtest.h>
34
35 #include "linker_config.h"
36 #include "linker_utils.h"
37
38 #include <unistd.h>
39
40 #include <android-base/file.h>
41 #include <android-base/scopeguard.h>
42 #include <android-base/stringprintf.h>
43 #include <vector>
44
45 #if defined(__LP64__)
46 #define ARCH_SUFFIX "64"
47 #else
48 #define ARCH_SUFFIX ""
49 #endif
50
51 // clang-format off
52 static const char* config_str =
53 "# comment \n"
54 "dir.test = /data/local/tmp\n"
55 "\n"
56 "[test]\n"
57 "\n"
58 "enable.target.sdk.version = true\n"
59 "additional.namespaces=system\n"
60 "additional.namespaces+=vndk\n"
61 "additional.namespaces+=vndk_in_system\n"
62 "namespace.default.isolated = true\n"
63 "namespace.default.search.paths = /vendor/${LIB}\n"
64 "namespace.default.permitted.paths = /vendor/${LIB}\n"
65 "namespace.default.asan.search.paths = /data\n"
66 "namespace.default.asan.search.paths += /vendor/${LIB}\n"
67 "namespace.default.asan.permitted.paths = /data:/vendor\n"
68 "namespace.default.hwasan.search.paths = /vendor/${LIB}/hwasan\n"
69 "namespace.default.hwasan.search.paths += /vendor/${LIB}\n"
70 "namespace.default.hwasan.permitted.paths = /vendor/${LIB}/hwasan\n"
71 "namespace.default.hwasan.permitted.paths += /vendor/${LIB}\n"
72 "namespace.default.links = system\n"
73 "namespace.default.links += vndk\n"
74 // irregular whitespaces are added intentionally for testing purpose
75 "namespace.default.link.system.shared_libs= libc.so\n"
76 "namespace.default.link.system.shared_libs += libm.so:libdl.so\n"
77 "namespace.default.link.system.shared_libs +=libstdc++.so\n"
78 "namespace.default.link.vndk.shared_libs = libcutils.so:libbase.so\n"
79 "namespace.system.isolated = true\n"
80 "namespace.system.visible = true\n"
81 "namespace.system.search.paths = /system/${LIB}\n"
82 "namespace.system.permitted.paths = /system/${LIB}\n"
83 "namespace.system.asan.search.paths = /data:/system/${LIB}\n"
84 "namespace.system.asan.permitted.paths = /data:/system\n"
85 "namespace.system.hwasan.search.paths = /system/${LIB}/hwasan\n"
86 "namespace.system.hwasan.search.paths += /system/${LIB}\n"
87 "namespace.system.hwasan.permitted.paths = /system/${LIB}/hwasan\n"
88 "namespace.system.hwasan.permitted.paths += /system/${LIB}\n"
89 "namespace.vndk.isolated = tr\n"
90 "namespace.vndk.isolated += ue\n" // should be ignored and return as 'false'.
91 "namespace.vndk.search.paths = /system/${LIB}/vndk\n"
92 "namespace.vndk.asan.search.paths = /data\n"
93 "namespace.vndk.asan.search.paths += /system/${LIB}/vndk\n"
94 "namespace.vndk.hwasan.search.paths = /system/${LIB}/vndk/hwasan\n"
95 "namespace.vndk.hwasan.search.paths += /system/${LIB}/vndk\n"
96 "namespace.vndk.links = default\n"
97 "namespace.vndk.link.default.allow_all_shared_libs = true\n"
98 "namespace.vndk.link.vndk_in_system.allow_all_shared_libs = true\n"
99 "namespace.vndk_in_system.isolated = true\n"
100 "namespace.vndk_in_system.visible = true\n"
101 "namespace.vndk_in_system.search.paths = /system/${LIB}\n"
102 "namespace.vndk_in_system.permitted.paths = /system/${LIB}\n"
103 "namespace.vndk_in_system.whitelisted = libz.so:libyuv.so\n"
104 "namespace.vndk_in_system.whitelisted += libtinyxml2.so\n"
105 "namespace.vndk_in_system.allowed_libs = libfoo.so:libbar.so\n"
106 "namespace.vndk_in_system.allowed_libs += libtinyxml3.so\n"
107 "\n";
108 // clang-format on
109
write_version(const std::string & path,uint32_t version)110 static bool write_version(const std::string& path, uint32_t version) {
111 std::string content = android::base::StringPrintf("%d", version);
112 return android::base::WriteStringToFile(content, path);
113 }
114
resolve_paths(std::vector<std::string> paths)115 static std::vector<std::string> resolve_paths(std::vector<std::string> paths) {
116 std::vector<std::string> resolved_paths;
117 resolve_paths(paths, &resolved_paths);
118 return resolved_paths;
119 }
120
121 enum class SmokeTestType {
122 None,
123 Asan,
124 Hwasan,
125 };
126
run_linker_config_smoke_test(SmokeTestType type)127 static void run_linker_config_smoke_test(SmokeTestType type) {
128 std::vector<std::string> expected_default_search_path;
129 std::vector<std::string> expected_default_permitted_path;
130 std::vector<std::string> expected_system_search_path;
131 std::vector<std::string> expected_system_permitted_path;
132 std::vector<std::string> expected_vndk_search_path;
133
134 switch (type) {
135 case SmokeTestType::None:
136 expected_default_search_path = { "/vendor/lib" ARCH_SUFFIX };
137 expected_default_permitted_path = { "/vendor/lib" ARCH_SUFFIX };
138 expected_system_search_path = { "/system/lib" ARCH_SUFFIX };
139 expected_system_permitted_path = { "/system/lib" ARCH_SUFFIX };
140 expected_vndk_search_path = { "/system/lib" ARCH_SUFFIX "/vndk" };
141 break;
142 case SmokeTestType::Asan:
143 expected_default_search_path = { "/data", "/vendor/lib" ARCH_SUFFIX };
144 expected_default_permitted_path = { "/data", "/vendor" };
145 expected_system_search_path = { "/data", "/system/lib" ARCH_SUFFIX };
146 expected_system_permitted_path = { "/data", "/system" };
147 expected_vndk_search_path = { "/data", "/system/lib" ARCH_SUFFIX "/vndk" };
148 break;
149 case SmokeTestType::Hwasan:
150 expected_default_search_path = { "/vendor/lib" ARCH_SUFFIX "/hwasan", "/vendor/lib" ARCH_SUFFIX };
151 expected_default_permitted_path = { "/vendor/lib" ARCH_SUFFIX "/hwasan", "/vendor/lib" ARCH_SUFFIX };
152 expected_system_search_path = { "/system/lib" ARCH_SUFFIX "/hwasan" , "/system/lib" ARCH_SUFFIX };
153 expected_system_permitted_path = { "/system/lib" ARCH_SUFFIX "/hwasan", "/system/lib" ARCH_SUFFIX };
154 expected_vndk_search_path = { "/system/lib" ARCH_SUFFIX "/vndk/hwasan", "/system/lib" ARCH_SUFFIX "/vndk" };
155 break;
156 }
157
158 expected_default_search_path = resolve_paths(expected_default_search_path);
159 // expected_default_permitted_path is skipped on purpose, permitted paths
160 // do not get resolved in linker_config.cpp
161 expected_system_search_path = resolve_paths(expected_system_search_path);
162 // expected_system_permitted_path is skipped on purpose, permitted paths
163 // do not get resolved in linker_config.cpp
164 expected_vndk_search_path = resolve_paths(expected_vndk_search_path);
165
166 TemporaryFile tmp_file;
167 close(tmp_file.fd);
168 tmp_file.fd = -1;
169
170 android::base::WriteStringToFile(config_str, tmp_file.path);
171
172 TemporaryDir tmp_dir;
173
174 std::string executable_path = std::string(tmp_dir.path) + "/some-binary";
175 std::string version_file = std::string(tmp_dir.path) + "/.version";
176
177 auto file_guard =
178 android::base::make_scope_guard([&version_file] { unlink(version_file.c_str()); });
179
180 ASSERT_TRUE(write_version(version_file, 113U)) << strerror(errno);
181
182 // read config
183 const Config* config = nullptr;
184 std::string error_msg;
185 ASSERT_TRUE(Config::read_binary_config(tmp_file.path,
186 executable_path.c_str(),
187 type == SmokeTestType::Asan,
188 type == SmokeTestType::Hwasan,
189 &config,
190 &error_msg)) << error_msg;
191 ASSERT_TRUE(config != nullptr);
192 ASSERT_TRUE(error_msg.empty());
193
194 ASSERT_EQ(113, config->target_sdk_version());
195
196 const NamespaceConfig* default_ns_config = config->default_namespace_config();
197 ASSERT_TRUE(default_ns_config != nullptr);
198
199 ASSERT_TRUE(default_ns_config->isolated());
200 ASSERT_FALSE(default_ns_config->visible());
201 ASSERT_EQ(expected_default_search_path, default_ns_config->search_paths());
202 ASSERT_EQ(expected_default_permitted_path, default_ns_config->permitted_paths());
203
204 const auto& default_ns_links = default_ns_config->links();
205 ASSERT_EQ(2U, default_ns_links.size());
206
207 ASSERT_EQ("system", default_ns_links[0].ns_name());
208 ASSERT_EQ("libc.so:libm.so:libdl.so:libstdc++.so", default_ns_links[0].shared_libs());
209 ASSERT_FALSE(default_ns_links[0].allow_all_shared_libs());
210
211 ASSERT_EQ("vndk", default_ns_links[1].ns_name());
212 ASSERT_EQ("libcutils.so:libbase.so", default_ns_links[1].shared_libs());
213 ASSERT_FALSE(default_ns_links[1].allow_all_shared_libs());
214
215 auto& ns_configs = config->namespace_configs();
216 ASSERT_EQ(4U, ns_configs.size());
217
218 // find second namespace
219 const NamespaceConfig* ns_system = nullptr;
220 const NamespaceConfig* ns_vndk = nullptr;
221 const NamespaceConfig* ns_vndk_in_system = nullptr;
222 for (auto& ns : ns_configs) {
223 std::string ns_name = ns->name();
224 ASSERT_TRUE(ns_name == "system" || ns_name == "default" ||
225 ns_name == "vndk" || ns_name == "vndk_in_system")
226 << "unexpected ns name: " << ns->name();
227
228 if (ns_name == "system") {
229 ns_system = ns.get();
230 } else if (ns_name == "vndk") {
231 ns_vndk = ns.get();
232 } else if (ns_name == "vndk_in_system") {
233 ns_vndk_in_system = ns.get();
234 }
235 }
236
237 ASSERT_TRUE(ns_system != nullptr) << "system namespace was not found";
238
239 ASSERT_TRUE(ns_system->isolated());
240 ASSERT_TRUE(ns_system->visible());
241 ASSERT_EQ(expected_system_search_path, ns_system->search_paths());
242 ASSERT_EQ(expected_system_permitted_path, ns_system->permitted_paths());
243
244 ASSERT_TRUE(ns_vndk != nullptr) << "vndk namespace was not found";
245
246 ASSERT_FALSE(ns_vndk->isolated()); // malformed bool property
247 ASSERT_FALSE(ns_vndk->visible()); // undefined bool property
248 ASSERT_EQ(expected_vndk_search_path, ns_vndk->search_paths());
249
250 const auto& ns_vndk_links = ns_vndk->links();
251 ASSERT_EQ(1U, ns_vndk_links.size());
252 ASSERT_EQ("default", ns_vndk_links[0].ns_name());
253 ASSERT_TRUE(ns_vndk_links[0].allow_all_shared_libs());
254
255 ASSERT_TRUE(ns_vndk_in_system != nullptr) << "vndk_in_system namespace was not found";
256 ASSERT_EQ(std::vector<std::string>({"libz.so", "libyuv.so", "libtinyxml2.so", "libfoo.so",
257 "libbar.so", "libtinyxml3.so"}),
258 ns_vndk_in_system->allowed_libs());
259 }
260
TEST(linker_config,smoke)261 TEST(linker_config, smoke) {
262 run_linker_config_smoke_test(SmokeTestType::None);
263 }
264
TEST(linker_config,asan_smoke)265 TEST(linker_config, asan_smoke) {
266 run_linker_config_smoke_test(SmokeTestType::Asan);
267 }
268
TEST(linker_config,hwasan_smoke)269 TEST(linker_config, hwasan_smoke) {
270 run_linker_config_smoke_test(SmokeTestType::Hwasan);
271 }
272
TEST(linker_config,ns_link_shared_libs_invalid_settings)273 TEST(linker_config, ns_link_shared_libs_invalid_settings) {
274 // This unit test ensures an error is emitted when a namespace link in ld.config.txt specifies
275 // both shared_libs and allow_all_shared_libs.
276
277 static const char config_str[] =
278 "dir.test = /data/local/tmp\n"
279 "\n"
280 "[test]\n"
281 "additional.namespaces = system\n"
282 "namespace.default.links = system\n"
283 "namespace.default.link.system.shared_libs = libc.so:libm.so\n"
284 "namespace.default.link.system.allow_all_shared_libs = true\n"
285 "\n";
286
287 TemporaryFile tmp_file;
288 close(tmp_file.fd);
289 tmp_file.fd = -1;
290
291 android::base::WriteStringToFile(config_str, tmp_file.path);
292
293 TemporaryDir tmp_dir;
294
295 std::string executable_path = std::string(tmp_dir.path) + "/some-binary";
296
297 const Config* config = nullptr;
298 std::string error_msg;
299 ASSERT_FALSE(Config::read_binary_config(tmp_file.path,
300 executable_path.c_str(),
301 false,
302 false,
303 &config,
304 &error_msg));
305 ASSERT_TRUE(config == nullptr);
306 ASSERT_EQ(std::string(tmp_file.path) + ":6: "
307 "error: both shared_libs and allow_all_shared_libs are set for default->system link.",
308 error_msg);
309 }
310
TEST(linker_config,dir_path_resolve)311 TEST(linker_config, dir_path_resolve) {
312 // This unit test ensures the linker resolves paths of dir.${section}
313 // properties to real path.
314
315 TemporaryDir tmp_dir;
316
317 std::string sub_dir = std::string(tmp_dir.path) + "/subdir";
318 mkdir(sub_dir.c_str(), 0755);
319
320 auto subdir_guard =
321 android::base::make_scope_guard([&sub_dir] { rmdir(sub_dir.c_str()); });
322
323 std::string symlink_path = std::string(tmp_dir.path) + "/symlink";
324 symlink(sub_dir.c_str(), symlink_path.c_str());
325
326 auto symlink_guard =
327 android::base::make_scope_guard([&symlink_path] { unlink(symlink_path.c_str()); });
328
329 std::string config_str =
330 "dir.test = " + symlink_path + "\n"
331 "\n"
332 "[test]\n";
333
334 TemporaryFile tmp_file;
335 close(tmp_file.fd);
336 tmp_file.fd = -1;
337
338 android::base::WriteStringToFile(config_str, tmp_file.path);
339
340 std::string executable_path = sub_dir + "/some-binary";
341
342 const Config* config = nullptr;
343 std::string error_msg;
344
345 ASSERT_TRUE(Config::read_binary_config(tmp_file.path,
346 executable_path.c_str(),
347 false,
348 false,
349 &config,
350 &error_msg)) << error_msg;
351
352 ASSERT_TRUE(config != nullptr) << error_msg;
353 ASSERT_TRUE(error_msg.empty()) << error_msg;
354 }
355