Do not unmap reserved region on dlclose
dlclose used to unmap the part of the reserved region
for ANDROID_DLEXT_RESERVED_ADDRESS that was neccessary
to map PT_LOAD segments. With this change dlclose
replaces mapped PT_LOAD segments with a PROT_NONE,
MAP_ANONYMOUS | MAP_NORESERVE.
Previously caller was unmapping the reserved region after
the failed dlclose which led to race condition when someone
else reused the region freed by dlclose but before the unmap
by the chromium code.
Bug: http://code.google.com/p/chromium/issues/detail?id=568880
Change-Id: I0f5eaa2bf6641f83dde469b631c518482acc59a2
diff --git a/linker/linker.h b/linker/linker.h
index 5a06853..389c5b3 100644
--- a/linker/linker.h
+++ b/linker/linker.h
@@ -79,11 +79,13 @@
#define ELF64_R_TYPE(info) (((info) >> 56) & 0xff)
#endif
-#define FLAG_LINKED 0x00000001
-#define FLAG_EXE 0x00000004 // The main executable
-#define FLAG_LINKER 0x00000010 // The linker itself
-#define FLAG_GNU_HASH 0x00000040 // uses gnu hash
-#define FLAG_NEW_SOINFO 0x40000000 // new soinfo format
+#define FLAG_LINKED 0x00000001
+#define FLAG_EXE 0x00000004 // The main executable
+#define FLAG_LINKER 0x00000010 // The linker itself
+#define FLAG_GNU_HASH 0x00000040 // uses gnu hash
+#define FLAG_MAPPED_BY_CALLER 0x00000080 // the map is reserved by the caller
+ // and should not be unmapped
+#define FLAG_NEW_SOINFO 0x40000000 // new soinfo format
#define SUPPORTED_DT_FLAGS_1 (DF_1_NOW | DF_1_GLOBAL | DF_1_NODELETE)
@@ -337,6 +339,9 @@
const std::vector<std::string>& get_dt_runpath() const;
android_namespace_t* get_namespace();
+ void set_mapped_by_caller(bool reserved_map);
+ bool is_mapped_by_caller() const;
+
private:
bool elf_lookup(SymbolName& symbol_name, const version_info* vi, uint32_t* symbol_index) const;
ElfW(Sym)* elf_addr_lookup(const void* addr);