Shared namespaces inherit parent ns properties
Make shared namespace inherit namespace links and
search/permitted paths from the parent namespace.
Bug: http://b/37854032
Test: bionic_unit_tests --gtest_filter=dl*:Dl*
Change-Id: I174661d4a1dd0cbe4a378179073719aa955f3592
(cherry picked from commit ec43dd6c36d75014c4e4dc592dd67ab20033a76a)
diff --git a/linker/linker.cpp b/linker/linker.cpp
index afd990a..7c26073 100644
--- a/linker/linker.cpp
+++ b/linker/linker.cpp
@@ -2182,18 +2182,36 @@
android_namespace_t* ns = new (g_namespace_allocator.alloc()) android_namespace_t();
ns->set_name(name);
ns->set_isolated((type & ANDROID_NAMESPACE_TYPE_ISOLATED) != 0);
- ns->set_ld_library_paths(std::move(ld_library_paths));
- ns->set_default_library_paths(std::move(default_library_paths));
- ns->set_permitted_paths(std::move(permitted_paths));
if ((type & ANDROID_NAMESPACE_TYPE_SHARED) != 0) {
+ // append parent namespace paths.
+ std::copy(parent_namespace->get_ld_library_paths().begin(),
+ parent_namespace->get_ld_library_paths().end(),
+ back_inserter(ld_library_paths));
+
+ std::copy(parent_namespace->get_default_library_paths().begin(),
+ parent_namespace->get_default_library_paths().end(),
+ back_inserter(default_library_paths));
+
+ std::copy(parent_namespace->get_permitted_paths().begin(),
+ parent_namespace->get_permitted_paths().end(),
+ back_inserter(permitted_paths));
+
// If shared - clone the parent namespace
add_soinfos_to_namespace(parent_namespace->soinfo_list(), ns);
+ // and copy parent namespace links
+ for (auto& link : parent_namespace->linked_namespaces()) {
+ ns->add_linked_namespace(link.linked_namespace(), link.shared_lib_sonames());
+ }
} else {
// If not shared - copy only the shared group
add_soinfos_to_namespace(get_shared_group(parent_namespace), ns);
}
+ ns->set_ld_library_paths(std::move(ld_library_paths));
+ ns->set_default_library_paths(std::move(default_library_paths));
+ ns->set_permitted_paths(std::move(permitted_paths));
+
return ns;
}
diff --git a/linker/linker_namespaces.h b/linker/linker_namespaces.h
index e7d9b2e..c3260fd 100644
--- a/linker/linker_namespaces.h
+++ b/linker/linker_namespaces.h
@@ -48,6 +48,10 @@
return linked_namespace_;
}
+ const std::unordered_set<std::string>& shared_lib_sonames() const {
+ return shared_lib_sonames_;
+ }
+
bool is_accessible(const char* soname) const {
return shared_lib_sonames_.find(soname) != shared_lib_sonames_.end();
}
diff --git a/tests/dlext_test.cpp b/tests/dlext_test.cpp
index 45a8b8b..cf642cd 100644
--- a/tests/dlext_test.cpp
+++ b/tests/dlext_test.cpp
@@ -1363,6 +1363,70 @@
dlclose(handle2);
}
+TEST(dlext, ns_shared_links_and_paths) {
+ // Create parent namespace (isolated, not shared)
+ android_namespace_t* ns_isolated =
+ android_create_namespace("private_isolated",
+ nullptr,
+ (get_testlib_root() + "/private_namespace_libs").c_str(),
+ ANDROID_NAMESPACE_TYPE_ISOLATED,
+ (get_testlib_root() + "/public_namespace_libs").c_str(),
+ nullptr);
+ ASSERT_TRUE(ns_isolated != nullptr) << dlerror();
+ ASSERT_TRUE(android_link_namespaces(ns_isolated, nullptr, g_core_shared_libs.c_str())) << dlerror();
+
+ // Create shared namespace with ns_isolated parent
+ android_namespace_t* ns_shared =
+ android_create_namespace("private_shared",
+ nullptr,
+ nullptr,
+ ANDROID_NAMESPACE_TYPE_SHARED | ANDROID_NAMESPACE_TYPE_ISOLATED,
+ nullptr,
+ ns_isolated);
+ ASSERT_TRUE(ns_shared != nullptr) << dlerror();
+
+ // 1. Load a library in ns_shared to check that it has inherited
+ // search path and the link to the default namespace.
+ android_dlextinfo extinfo;
+ extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
+ extinfo.library_namespace = ns_shared;
+
+ {
+ void* handle = android_dlopen_ext("libnstest_private.so", RTLD_NOW, &extinfo);
+ ASSERT_TRUE(handle != nullptr) << dlerror();
+ const char** ns_private_extern_string = static_cast<const char**>(dlsym(handle, "g_private_extern_string"));
+ ASSERT_TRUE(ns_private_extern_string != nullptr) << dlerror();
+ ASSERT_STREQ("This string is from private namespace", *ns_private_extern_string);
+
+ dlclose(handle);
+ }
+ // 2. Load another test library by absolute path to check that
+ // it has inherited permitted_when_isolated_path
+ {
+ void* handle = android_dlopen_ext(
+ (get_testlib_root() + "/public_namespace_libs/libnstest_public.so").c_str(),
+ RTLD_NOW,
+ &extinfo);
+
+ ASSERT_TRUE(handle != nullptr) << dlerror();
+ const char** ns_public_extern_string = static_cast<const char**>(dlsym(handle, "g_public_extern_string"));
+ ASSERT_TRUE(ns_public_extern_string != nullptr) << dlerror();
+ ASSERT_STREQ("This string is from public namespace", *ns_public_extern_string);
+
+ dlclose(handle);
+ }
+
+ // 3. Check that it is still isolated.
+ {
+ void* handle = android_dlopen_ext(
+ (get_testlib_root() + "/libtest_empty.so").c_str(),
+ RTLD_NOW,
+ &extinfo);
+
+ ASSERT_TRUE(handle == nullptr);
+ }
+}
+
TEST(dlext, ns_shared_dlclose) {
android_set_application_target_sdk_version(42U); // something > 23