Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_core / 4fa763290e2052ff1f0409d98a92004faa300128 / . / rootdir / etc / ld.config.txt
blob: 6e46295d5851fc9d80fe89138662583e2e9261e6 [file] [log] [blame]
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]1# Copyright (C) 2017 The Android Open Source Project
2#
3# Bionic loader config file.
4#
5
6# Don't change the order here. The first pattern that matches with the
Steven Morelandab338c12017-11-28 12:41:56 -0800[diff] [blame]7# absolute path of an executable is selected.
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]8dir.system = /system/bin/
9dir.system = /system/xbin/
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]10
11dir.vendor = /odm/bin/
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]12dir.vendor = /vendor/bin/
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]13dir.vendor = /data/nativetest/odm
14dir.vendor = /data/nativetest64/odm
15dir.vendor = /data/benchmarktest/odm
16dir.vendor = /data/benchmarktest64/odm
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]17dir.vendor = /data/nativetest/vendor
18dir.vendor = /data/nativetest64/vendor
19dir.vendor = /data/benchmarktest/vendor
20dir.vendor = /data/benchmarktest64/vendor
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]21
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]22dir.system = /data/nativetest
23dir.system = /data/nativetest64
24dir.system = /data/benchmarktest
25dir.system = /data/benchmarktest64
26
27[system]
28additional.namespaces = sphal,vndk,rs
29
30###############################################################################
31# "default" namespace
32#
Jiyong Park55f05d72017-08-28 14:42:49 +0900[diff] [blame]33# Framework-side code runs in this namespace. Libs from /vendor partition
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]34# can't be loaded in this namespace.
35###############################################################################
Jiyong Park55f05d72017-08-28 14:42:49 +0900[diff] [blame]36namespace.default.isolated = true
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]37
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]38namespace.default.search.paths = /system/${LIB}
39
40# We can't have entire /system/${LIB} as permitted paths because doing so
41# makes it possible to load libs in /system/${LIB}/vndk* directories by
42# their absolute paths (e.g. dlopen("/system/lib/vndk/libbase.so");).
43# VNDK libs are built with previous versions of Android and thus must not be
44# loaded into this namespace where libs built with the current version of
45# Android are loaded. Mixing the two types of libs in the same namespace can
46# cause unexpected problem.
47namespace.default.permitted.paths = /system/${LIB}/drm
48namespace.default.permitted.paths += /system/${LIB}/extractors
49namespace.default.permitted.paths += /system/${LIB}/hw
50# These are where odex files are located. libart has to be able to dlopen the files
51namespace.default.permitted.paths += /system/framework
52namespace.default.permitted.paths += /system/app
53namespace.default.permitted.paths += /system/priv-app
54namespace.default.permitted.paths += /vendor/framework
55namespace.default.permitted.paths += /vendor/app
56namespace.default.permitted.paths += /vendor/priv-app
Bowgo Tsai39476ff2018-03-14 16:19:03 +0800[diff] [blame]57namespace.default.permitted.paths += /odm/framework
58namespace.default.permitted.paths += /odm/app
59namespace.default.permitted.paths += /odm/priv-app
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]60namespace.default.permitted.paths += /oem/app
Jaekyun Seokdff165d2017-11-28 12:10:10 +0900[diff] [blame]61namespace.default.permitted.paths += /product/framework
62namespace.default.permitted.paths += /product/app
63namespace.default.permitted.paths += /product/priv-app
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]64namespace.default.permitted.paths += /data
65namespace.default.permitted.paths += /mnt/expand
66
67namespace.default.asan.search.paths = /data/asan/system/${LIB}
68namespace.default.asan.search.paths += /system/${LIB}
69
70namespace.default.asan.permitted.paths = /data
71namespace.default.asan.permitted.paths += /system/${LIB}/drm
72namespace.default.asan.permitted.paths += /system/${LIB}/extractors
73namespace.default.asan.permitted.paths += /system/${LIB}/hw
74namespace.default.asan.permitted.paths += /system/framework
75namespace.default.asan.permitted.paths += /system/app
76namespace.default.asan.permitted.paths += /system/priv-app
77namespace.default.asan.permitted.paths += /vendor/framework
78namespace.default.asan.permitted.paths += /vendor/app
79namespace.default.asan.permitted.paths += /vendor/priv-app
Bowgo Tsai39476ff2018-03-14 16:19:03 +0800[diff] [blame]80namespace.default.asan.permitted.paths += /odm/framework
81namespace.default.asan.permitted.paths += /odm/app
82namespace.default.asan.permitted.paths += /odm/priv-app
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]83namespace.default.asan.permitted.paths += /oem/app
Jaekyun Seokdff165d2017-11-28 12:10:10 +0900[diff] [blame]84namespace.default.asan.permitted.paths += /product/framework
85namespace.default.asan.permitted.paths += /product/app
86namespace.default.asan.permitted.paths += /product/priv-app
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]87namespace.default.asan.permitted.paths += /mnt/expand
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]88
89###############################################################################
90# "sphal" namespace
91#
92# SP-HAL(Sameprocess-HAL)s are the only vendor libraries that are allowed to be
93# loaded inside system processes. libEGL_<chipset>.so, libGLESv2_<chipset>.so,
94# android.hardware.graphics.mapper@2.0-impl.so, etc are SP-HALs.
95#
96# This namespace is exclusivly for SP-HALs. When the framework tries to dynami-
97# cally load SP-HALs, android_dlopen_ext() is used to explicitly specifying
98# that they should be searched and loaded from this namespace.
99#
100# Note that there is no link from the default namespace to this namespace.
101###############################################################################
102namespace.sphal.isolated = true
103namespace.sphal.visible = true
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]104
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]105namespace.sphal.search.paths = /odm/${LIB}
106namespace.sphal.search.paths += /vendor/${LIB}
107
108namespace.sphal.permitted.paths = /odm/${LIB}
109namespace.sphal.permitted.paths += /vendor/${LIB}
110
111namespace.sphal.asan.search.paths = /data/asan/odm/${LIB}
112namespace.sphal.asan.search.paths += /odm/${LIB}
113namespace.sphal.asan.search.paths += /data/asan/vendor/${LIB}
114namespace.sphal.asan.search.paths += /vendor/${LIB}
115
116namespace.sphal.asan.permitted.paths = /data/asan/odm/${LIB}
117namespace.sphal.asan.permitted.paths += /odm/${LIB}
118namespace.sphal.asan.permitted.paths += /data/asan/vendor/${LIB}
119namespace.sphal.asan.permitted.paths += /vendor/${LIB}
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]120
121# Once in this namespace, access to libraries in /system/lib is restricted. Only
122# libs listed here can be used.
123namespace.sphal.links = default,vndk,rs
124
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]125namespace.sphal.link.default.shared_libs = %LLNDK_LIBRARIES%
126namespace.sphal.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]127
Jiyong Park36798462017-08-04 19:08:06 +0900[diff] [blame]128namespace.sphal.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES%
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]129
130# Renderscript gets separate namespace
131namespace.sphal.link.rs.shared_libs = libRS_internal.so
132
133###############################################################################
134# "rs" namespace
135#
136# This namespace is exclusively for Renderscript internal libraries.
137# This namespace has slightly looser restriction than the vndk namespace because
138# of the genuine characteristics of Renderscript; /data is in the permitted path
139# to load the compiled *.so file and libmediandk.so can be used here.
140###############################################################################
141namespace.rs.isolated = true
142namespace.rs.visible = true
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]143
Jiyong Park60a29662017-12-13 16:59:21 +0900[diff] [blame]144namespace.rs.search.paths = /odm/${LIB}/vndk-sp
145namespace.rs.search.paths += /vendor/${LIB}/vndk-sp
Justin Yuncbbf1952018-01-16 11:46:21 +0900[diff] [blame]146namespace.rs.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]147namespace.rs.search.paths += /odm/${LIB}
148namespace.rs.search.paths += /vendor/${LIB}
149
150namespace.rs.permitted.paths = /odm/${LIB}
151namespace.rs.permitted.paths += /vendor/${LIB}
152namespace.rs.permitted.paths += /data
153
Jiyong Park60a29662017-12-13 16:59:21 +0900[diff] [blame]154namespace.rs.asan.search.paths = /data/asan/odm/${LIB}/vndk-sp
155namespace.rs.asan.search.paths += /odm/${LIB}/vndk-sp
156namespace.rs.asan.search.paths += /data/asan/vendor/${LIB}/vndk-sp
157namespace.rs.asan.search.paths += /vendor/${LIB}/vndk-sp
Justin Yuncbbf1952018-01-16 11:46:21 +0900[diff] [blame]158namespace.rs.asan.search.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%
159namespace.rs.asan.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]160namespace.rs.asan.search.paths += /data/asan/odm/${LIB}
161namespace.rs.asan.search.paths += /odm/${LIB}
162namespace.rs.asan.search.paths += /data/asan/vendor/${LIB}
163namespace.rs.asan.search.paths += /vendor/${LIB}
164
165namespace.rs.asan.permitted.paths = /data/asan/odm/${LIB}
166namespace.rs.asan.permitted.paths += /odm/${LIB}
167namespace.rs.asan.permitted.paths += /data/asan/vendor/${LIB}
168namespace.rs.asan.permitted.paths += /vendor/${LIB}
169namespace.rs.asan.permitted.paths += /data
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]170
171namespace.rs.links = default,vndk
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]172
173namespace.rs.link.default.shared_libs = %LLNDK_LIBRARIES%
174namespace.rs.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
Jiyong Parkad7ddd52017-12-07 09:59:48 +0900[diff] [blame]175# Private LLNDK libs (e.g. libft2.so) are exceptionally allowed to this
176# namespace because RS framework libs are using them.
177namespace.rs.link.default.shared_libs += %PRIVATE_LLNDK_LIBRARIES%
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]178
Jiyong Park36798462017-08-04 19:08:06 +0900[diff] [blame]179namespace.rs.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES%
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]180
181###############################################################################
182# "vndk" namespace
183#
184# This namespace is exclusively for vndk-sp libs.
185###############################################################################
186namespace.vndk.isolated = true
Jiyong Parka07f3052017-08-22 10:26:10 +0900[diff] [blame]187namespace.vndk.visible = true
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]188
Jiyong Park60a29662017-12-13 16:59:21 +0900[diff] [blame]189namespace.vndk.search.paths = /odm/${LIB}/vndk-sp
190namespace.vndk.search.paths += /vendor/${LIB}/vndk-sp
Justin Yuncbbf1952018-01-16 11:46:21 +0900[diff] [blame]191namespace.vndk.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]192
193namespace.vndk.permitted.paths = /odm/${LIB}/hw
194namespace.vndk.permitted.paths += /odm/${LIB}/egl
195namespace.vndk.permitted.paths += /vendor/${LIB}/hw
196namespace.vndk.permitted.paths += /vendor/${LIB}/egl
197# This is exceptionally required since android.hidl.memory@1.0-impl.so is here
Justin Yuncbbf1952018-01-16 11:46:21 +0900[diff] [blame]198namespace.vndk.permitted.paths += /system/${LIB}/vndk-sp%VNDK_VER%/hw
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]199
Jiyong Park60a29662017-12-13 16:59:21 +0900[diff] [blame]200namespace.vndk.asan.search.paths = /data/asan/odm/${LIB}/vndk-sp
201namespace.vndk.asan.search.paths += /odm/${LIB}/vndk-sp
202namespace.vndk.asan.search.paths += /data/asan/vendor/${LIB}/vndk-sp
203namespace.vndk.asan.search.paths += /vendor/${LIB}/vndk-sp
Justin Yuncbbf1952018-01-16 11:46:21 +0900[diff] [blame]204namespace.vndk.asan.search.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%
205namespace.vndk.asan.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]206
207namespace.vndk.asan.permitted.paths = /data/asan/odm/${LIB}/hw
208namespace.vndk.asan.permitted.paths += /odm/${LIB}/hw
209namespace.vndk.asan.permitted.paths += /data/asan/odm/${LIB}/egl
210namespace.vndk.asan.permitted.paths += /odm/${LIB}/egl
211namespace.vndk.asan.permitted.paths += /data/asan/vendor/${LIB}/hw
212namespace.vndk.asan.permitted.paths += /vendor/${LIB}/hw
213namespace.vndk.asan.permitted.paths += /data/asan/vendor/${LIB}/egl
214namespace.vndk.asan.permitted.paths += /vendor/${LIB}/egl
215
Justin Yuncbbf1952018-01-16 11:46:21 +0900[diff] [blame]216namespace.vndk.asan.permitted.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%/hw
217namespace.vndk.asan.permitted.paths += /system/${LIB}/vndk-sp%VNDK_VER%/hw
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]218
219# When these NDK libs are required inside this namespace, then it is redirected
220# to the default namespace. This is possible since their ABI is stable across
221# Android releases.
222namespace.vndk.links = default
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]223namespace.vndk.link.default.shared_libs = %LLNDK_LIBRARIES%
224namespace.vndk.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]225
226###############################################################################
227# Namespace config for vendor processes. In O, no restriction is enforced for
228# them. However, in O-MR1, access to /system/${LIB} will not be allowed to
229# the default namespace. 'system' namespace will be added to give limited
230# (LL-NDK only) access.
231###############################################################################
232[vendor]
Logan Chien225b71d2017-12-15 22:19:57 +0800[diff] [blame]233additional.namespaces = system,vndk
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]234
235###############################################################################
236# "default" namespace
237#
Jiyong Parkad7ddd52017-12-07 09:59:48 +0900[diff] [blame]238# This is the default linker namespace for a vendor process (a process started
239# from /vendor/bin/*). The main executable and the libs under /vendor/lib[64]
240# are loaded directly into this namespace. However, other libs under the system
241# partition (VNDK and LLNDK libraries) are not loaded here but from the
242# separate namespace 'system'. The delegation to the system namespace is done
243# via the 'namespace.default.link.system.shared_libs' property below.
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]244###############################################################################
245namespace.default.isolated = true
246namespace.default.visible = true
247
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]248namespace.default.search.paths = /odm/${LIB}
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]249namespace.default.search.paths += /vendor/${LIB}
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]250
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]251namespace.default.permitted.paths = /odm
252namespace.default.permitted.paths += /vendor
253
254namespace.default.asan.search.paths = /data/asan/odm/${LIB}
255namespace.default.asan.search.paths += /odm/${LIB}
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]256namespace.default.asan.search.paths += /data/asan/vendor/${LIB}
257namespace.default.asan.search.paths += /vendor/${LIB}
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]258
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]259namespace.default.asan.permitted.paths = /data/asan/odm
260namespace.default.asan.permitted.paths += /odm
261namespace.default.asan.permitted.paths += /data/asan/vendor
262namespace.default.asan.permitted.paths += /vendor
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]263
Logan Chien225b71d2017-12-15 22:19:57 +0800[diff] [blame]264namespace.default.links = system,vndk
265namespace.default.link.system.shared_libs = %LLNDK_LIBRARIES%
266namespace.default.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES%
267namespace.default.link.vndk.shared_libs += %VNDK_CORE_LIBRARIES%
268
269###############################################################################
270# "vndk" namespace
271#
272# This namespace is where VNDK and VNDK-SP libraries are loaded for
273# a vendor process.
274###############################################################################
275namespace.vndk.isolated = false
276
Logan Chien91b3fb42018-01-11 20:00:37 +0800[diff] [blame]277namespace.vndk.search.paths = /odm/${LIB}/vndk
278namespace.vndk.search.paths += /odm/${LIB}/vndk-sp
279namespace.vndk.search.paths += /vendor/${LIB}/vndk
280namespace.vndk.search.paths += /vendor/${LIB}/vndk-sp
281namespace.vndk.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
Justin Yuncbbf1952018-01-16 11:46:21 +0900[diff] [blame]282namespace.vndk.search.paths += /system/${LIB}/vndk%VNDK_VER%
Logan Chien225b71d2017-12-15 22:19:57 +0800[diff] [blame]283
Logan Chien91b3fb42018-01-11 20:00:37 +0800[diff] [blame]284namespace.vndk.asan.search.paths = /data/asan/odm/${LIB}/vndk
285namespace.vndk.asan.search.paths += /odm/${LIB}/vndk
286namespace.vndk.asan.search.paths += /data/asan/odm/${LIB}/vndk-sp
287namespace.vndk.asan.search.paths += /odm/${LIB}/vndk-sp
288namespace.vndk.asan.search.paths += /data/asan/vendor/${LIB}/vndk
289namespace.vndk.asan.search.paths += /vendor/${LIB}/vndk
290namespace.vndk.asan.search.paths += /data/asan/vendor/${LIB}/vndk-sp
291namespace.vndk.asan.search.paths += /vendor/${LIB}/vndk-sp
292namespace.vndk.asan.search.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%
Justin Yuncbbf1952018-01-16 11:46:21 +0900[diff] [blame]293namespace.vndk.asan.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
294namespace.vndk.asan.search.paths += /data/asan/system/${LIB}/vndk%VNDK_VER%
295namespace.vndk.asan.search.paths += /system/${LIB}/vndk%VNDK_VER%
Logan Chien225b71d2017-12-15 22:19:57 +0800[diff] [blame]296
297# When these NDK libs are required inside this namespace, then it is redirected
298# to the system namespace. This is possible since their ABI is stable across
299# Android releases.
Logan Chienea4a2bd2018-01-18 12:06:14 +0800[diff] [blame]300namespace.vndk.links = system,default
Logan Chien225b71d2017-12-15 22:19:57 +0800[diff] [blame]301namespace.vndk.link.system.shared_libs = %LLNDK_LIBRARIES%
302namespace.vndk.link.system.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]303
Logan Chienea4a2bd2018-01-18 12:06:14 +0800[diff] [blame]304namespace.vndk.link.default.allow_all_shared_libs = true
305
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]306###############################################################################
307# "system" namespace
308#
Jiyong Parkad7ddd52017-12-07 09:59:48 +0900[diff] [blame]309# This namespace is where system libs (VNDK and LLNDK libs) are loaded for
310# a vendor process.
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]311###############################################################################
312namespace.system.isolated = false
Justin Yun24c29f12017-06-16 18:11:35 +0900[diff] [blame]313
Logan Chien225b71d2017-12-15 22:19:57 +0800[diff] [blame]314namespace.system.search.paths = /system/${LIB}
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]315
Logan Chien225b71d2017-12-15 22:19:57 +0800[diff] [blame]316namespace.system.asan.search.paths = /data/asan/system/${LIB}
Jiyong Park2498e1b2017-12-12 22:11:47 +0900[diff] [blame]317namespace.system.asan.search.paths += /system/${LIB}