1 /*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <gtest/gtest.h>
18
19 #include <dlfcn.h>
20 #include <elf.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <inttypes.h>
24 #include <stdio.h>
25 #include <string.h>
26 #include <unistd.h>
27
28 #include <android/dlext.h>
29 #include <android-base/file.h>
30 #include <android-base/strings.h>
31 #include <android-base/test_utils.h>
32
33 #include <sys/mman.h>
34 #include <sys/types.h>
35 #include <sys/vfs.h>
36 #include <sys/wait.h>
37
38 #include <meminfo/procmeminfo.h>
39 #include <procinfo/process_map.h>
40 #include <ziparchive/zip_archive.h>
41
42 #include "core_shared_libs.h"
43 #include "gtest_globals.h"
44 #include "utils.h"
45 #include "dlext_private.h"
46 #include "dlfcn_symlink_support.h"
47
48 #define ASSERT_DL_NOTNULL(ptr) \
49 ASSERT_TRUE((ptr) != nullptr) << "dlerror: " << dlerror()
50
51 #define ASSERT_DL_ZERO(i) \
52 ASSERT_EQ(0, i) << "dlerror: " << dlerror()
53
54 #define ASSERT_NOERROR(i) \
55 ASSERT_NE(-1, i) << "errno: " << strerror(errno)
56
57 #define ASSERT_SUBSTR(needle, haystack) \
58 ASSERT_PRED_FORMAT2(::testing::IsSubstring, needle, haystack)
59
60
61 typedef int (*fn)(void);
62 constexpr const char* kLibName = "libdlext_test.so";
63 constexpr const char* kLibNameRecursive = "libdlext_test_recursive.so";
64 constexpr const char* kLibNameNoRelro = "libdlext_test_norelro.so";
65 constexpr const char* kLibZipSimpleZip = "libdir/libatest_simple_zip.so";
66 constexpr auto kLibSize = 1024 * 1024; // how much address space to reserve for it
67
68 class DlExtTest : public ::testing::Test {
69 protected:
SetUp()70 void SetUp() override {
71 handle_ = nullptr;
72 // verify that we don't have the library loaded already
73 void* h = dlopen(kLibName, RTLD_NOW | RTLD_NOLOAD);
74 ASSERT_TRUE(h == nullptr);
75 h = dlopen(kLibNameNoRelro, RTLD_NOW | RTLD_NOLOAD);
76 ASSERT_TRUE(h == nullptr);
77 // call dlerror() to swallow the error, and check it was the one we wanted
78 ASSERT_EQ(std::string("dlopen failed: library \"") + kLibNameNoRelro + "\" wasn't loaded and RTLD_NOLOAD prevented it", dlerror());
79 }
80
TearDown()81 void TearDown() override {
82 if (handle_ != nullptr) {
83 ASSERT_DL_ZERO(dlclose(handle_));
84 }
85 }
86
87 void* handle_;
88 };
89
TEST_F(DlExtTest,ExtInfoNull)90 TEST_F(DlExtTest, ExtInfoNull) {
91 handle_ = android_dlopen_ext(kLibName, RTLD_NOW, nullptr);
92 ASSERT_DL_NOTNULL(handle_);
93 fn f = reinterpret_cast<fn>(dlsym(handle_, "getRandomNumber"));
94 ASSERT_DL_NOTNULL(f);
95 EXPECT_EQ(4, f());
96 }
97
TEST_F(DlExtTest,ExtInfoNoFlags)98 TEST_F(DlExtTest, ExtInfoNoFlags) {
99 android_dlextinfo extinfo;
100 extinfo.flags = 0;
101 handle_ = android_dlopen_ext(kLibName, RTLD_NOW, &extinfo);
102 ASSERT_DL_NOTNULL(handle_);
103 fn f = reinterpret_cast<fn>(dlsym(handle_, "getRandomNumber"));
104 ASSERT_DL_NOTNULL(f);
105 EXPECT_EQ(4, f());
106 }
107
TEST_F(DlExtTest,ExtInfoUseFd)108 TEST_F(DlExtTest, ExtInfoUseFd) {
109 const std::string lib_path = GetTestlibRoot() + "/libdlext_test_fd/libdlext_test_fd.so";
110
111 android_dlextinfo extinfo;
112 extinfo.flags = ANDROID_DLEXT_USE_LIBRARY_FD;
113 extinfo.library_fd = TEMP_FAILURE_RETRY(open(lib_path.c_str(), O_RDONLY | O_CLOEXEC));
114 ASSERT_TRUE(extinfo.library_fd != -1);
115 handle_ = android_dlopen_ext(lib_path.c_str(), RTLD_NOW, &extinfo);
116 ASSERT_DL_NOTNULL(handle_);
117 fn f = reinterpret_cast<fn>(dlsym(handle_, "getRandomNumber"));
118 ASSERT_DL_NOTNULL(f);
119 EXPECT_EQ(4, f());
120
121 uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle_, "dlopen_testlib_taxicab_number"));
122 ASSERT_DL_NOTNULL(taxicab_number);
123 EXPECT_EQ(1729U, *taxicab_number);
124 }
125
TEST_F(DlExtTest,ExtInfoUseFdWithOffset)126 TEST_F(DlExtTest, ExtInfoUseFdWithOffset) {
127 const std::string lib_path = GetTestlibRoot() + "/libdlext_test_zip/libdlext_test_zip_zipaligned.zip";
128
129 android_dlextinfo extinfo;
130 extinfo.flags = ANDROID_DLEXT_USE_LIBRARY_FD | ANDROID_DLEXT_USE_LIBRARY_FD_OFFSET;
131 extinfo.library_fd = TEMP_FAILURE_RETRY(open(lib_path.c_str(), O_RDONLY | O_CLOEXEC));
132
133 // Find the offset of the shared library in the zip.
134 ZipArchiveHandle handle;
135 ASSERT_EQ(0, OpenArchive(lib_path.c_str(), &handle));
136 ZipEntry zip_entry;
137 ASSERT_EQ(0, FindEntry(handle, kLibZipSimpleZip, &zip_entry));
138 extinfo.library_fd_offset = zip_entry.offset;
139 CloseArchive(handle);
140
141 handle_ = android_dlopen_ext(lib_path.c_str(), RTLD_NOW, &extinfo);
142 ASSERT_DL_NOTNULL(handle_);
143
144 uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle_, "dlopen_testlib_taxicab_number"));
145 ASSERT_DL_NOTNULL(taxicab_number);
146 EXPECT_EQ(1729U, *taxicab_number);
147 }
148
TEST_F(DlExtTest,ExtInfoUseFdWithInvalidOffset)149 TEST_F(DlExtTest, ExtInfoUseFdWithInvalidOffset) {
150 const std::string lib_path = GetTestlibRoot() + "/libdlext_test_zip/libdlext_test_zip_zipaligned.zip";
151
152 android_dlextinfo extinfo;
153 extinfo.flags = ANDROID_DLEXT_USE_LIBRARY_FD | ANDROID_DLEXT_USE_LIBRARY_FD_OFFSET;
154 extinfo.library_fd = TEMP_FAILURE_RETRY(open(lib_path.c_str(), O_RDONLY | O_CLOEXEC));
155 extinfo.library_fd_offset = 17;
156
157 handle_ = android_dlopen_ext("libname_placeholder", RTLD_NOW, &extinfo);
158 ASSERT_TRUE(handle_ == nullptr);
159 ASSERT_STREQ("dlopen failed: file offset for the library \"libname_placeholder\" is not page-aligned: 17", dlerror());
160
161 // Test an address above 2^44, for http://b/18178121 .
162 extinfo.library_fd_offset = (5LL<<48) + PAGE_SIZE;
163 handle_ = android_dlopen_ext("libname_placeholder", RTLD_NOW, &extinfo);
164 ASSERT_TRUE(handle_ == nullptr);
165 ASSERT_SUBSTR("dlopen failed: file offset for the library \"libname_placeholder\" >= file size", dlerror());
166
167 extinfo.library_fd_offset = 0LL - PAGE_SIZE;
168 handle_ = android_dlopen_ext("libname_placeholder", RTLD_NOW, &extinfo);
169 ASSERT_TRUE(handle_ == nullptr);
170 ASSERT_SUBSTR("dlopen failed: file offset for the library \"libname_placeholder\" is negative", dlerror());
171
172 extinfo.library_fd_offset = 0;
173 handle_ = android_dlopen_ext("libname_ignored", RTLD_NOW, &extinfo);
174 ASSERT_TRUE(handle_ == nullptr);
175 ASSERT_EQ("dlopen failed: \"" + lib_path + "\" has bad ELF magic: 504b0304", dlerror());
176
177 // Check if dlsym works after unsuccessful dlopen().
178 // Supply non-exiting one to make linker visit every soinfo.
179 void* sym = dlsym(RTLD_DEFAULT, "this_symbol_does_not_exist___");
180 ASSERT_TRUE(sym == nullptr);
181
182 close(extinfo.library_fd);
183 }
184
TEST_F(DlExtTest,ExtInfoUseOffsetWithoutFd)185 TEST_F(DlExtTest, ExtInfoUseOffsetWithoutFd) {
186 android_dlextinfo extinfo;
187 extinfo.flags = ANDROID_DLEXT_USE_LIBRARY_FD_OFFSET;
188 // This offset will not be used, so it doesn't matter.
189 extinfo.library_fd_offset = 0;
190
191 handle_ = android_dlopen_ext("/some/lib/that/does_not_exist", RTLD_NOW, &extinfo);
192 ASSERT_TRUE(handle_ == nullptr);
193 ASSERT_STREQ("dlopen failed: invalid extended flag combination (ANDROID_DLEXT_USE_LIBRARY_FD_OFFSET without ANDROID_DLEXT_USE_LIBRARY_FD): 0x20", dlerror());
194 }
195
TEST(dlext,android_dlopen_ext_force_load_smoke)196 TEST(dlext, android_dlopen_ext_force_load_smoke) {
197 DlfcnSymlink symlink("android_dlopen_ext_force_load_smoke");
198 const std::string symlink_name = basename(symlink.get_symlink_path().c_str());
199 // 1. Open actual file
200 void* handle = dlopen("libdlext_test.so", RTLD_NOW);
201 ASSERT_DL_NOTNULL(handle);
202 // 2. Open link with force_load flag set
203 android_dlextinfo extinfo;
204 extinfo.flags = ANDROID_DLEXT_FORCE_LOAD;
205 void* handle2 = android_dlopen_ext(symlink_name.c_str(), RTLD_NOW, &extinfo);
206 ASSERT_DL_NOTNULL(handle2);
207 ASSERT_TRUE(handle != handle2);
208
209 dlclose(handle2);
210 dlclose(handle);
211 }
212
TEST(dlext,android_dlopen_ext_force_load_soname_exception)213 TEST(dlext, android_dlopen_ext_force_load_soname_exception) {
214 DlfcnSymlink symlink("android_dlopen_ext_force_load_soname_exception");
215 const std::string symlink_name = basename(symlink.get_symlink_path().c_str());
216 // Check if soname lookup still returns already loaded library
217 // when ANDROID_DLEXT_FORCE_LOAD flag is specified.
218 void* handle = dlopen(symlink_name.c_str(), RTLD_NOW);
219 ASSERT_DL_NOTNULL(handle);
220
221 android_dlextinfo extinfo;
222 extinfo.flags = ANDROID_DLEXT_FORCE_LOAD;
223
224 // Note that 'libdlext_test.so' is dt_soname for the symlink_name
225 void* handle2 = android_dlopen_ext("libdlext_test.so", RTLD_NOW, &extinfo);
226
227 ASSERT_DL_NOTNULL(handle2);
228 ASSERT_TRUE(handle == handle2);
229
230 dlclose(handle2);
231 dlclose(handle);
232 }
233
TEST(dlfcn,dlopen_from_nullptr_android_api_level_28)234 TEST(dlfcn, dlopen_from_nullptr_android_api_level_28) {
235 // Regression test for http://b/123972211. Testing dlopen(nullptr) when target sdk is P
236 android_set_application_target_sdk_version(28);
237 ASSERT_TRUE(dlopen(nullptr, RTLD_NOW) != nullptr);
238 }
239
240 // Test system path translation for backward compatibility. http://b/130219528
TEST(dlfcn,dlopen_system_libicuuc_android_api_level_28)241 TEST(dlfcn, dlopen_system_libicuuc_android_api_level_28) {
242 android_set_application_target_sdk_version(28);
243 ASSERT_TRUE(dlopen(PATH_TO_SYSTEM_LIB "libicuuc.so", RTLD_NOW) != nullptr);
244 ASSERT_TRUE(dlopen(PATH_TO_SYSTEM_LIB "libicui18n.so", RTLD_NOW) != nullptr);
245 }
246
TEST(dlfcn,dlopen_system_libicuuc_android_api_level_29)247 TEST(dlfcn, dlopen_system_libicuuc_android_api_level_29) {
248 android_set_application_target_sdk_version(29);
249 ASSERT_TRUE(dlopen(PATH_TO_SYSTEM_LIB "libicuuc.so", RTLD_NOW) == nullptr);
250 ASSERT_TRUE(dlopen(PATH_TO_SYSTEM_LIB "libicui18n.so", RTLD_NOW) == nullptr);
251 }
252
TEST(dlfcn,dlopen_system_libicuuc_android_api_level_current)253 TEST(dlfcn, dlopen_system_libicuuc_android_api_level_current) {
254 ASSERT_TRUE(dlopen(PATH_TO_SYSTEM_LIB "libicuuc.so", RTLD_NOW) == nullptr);
255 ASSERT_TRUE(dlopen(PATH_TO_SYSTEM_LIB "libicui18n.so", RTLD_NOW) == nullptr);
256 }
257
TEST(dlfcn,dlopen_from_zip_absolute_path)258 TEST(dlfcn, dlopen_from_zip_absolute_path) {
259 const std::string lib_zip_path = "/libdlext_test_zip/libdlext_test_zip_zipaligned.zip";
260 const std::string lib_path = GetTestlibRoot() + lib_zip_path;
261
262 void* handle = dlopen((lib_path + "!/libdir/libatest_simple_zip.so").c_str(), RTLD_NOW);
263 ASSERT_TRUE(handle != nullptr) << dlerror();
264
265 uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle, "dlopen_testlib_taxicab_number"));
266 ASSERT_DL_NOTNULL(taxicab_number);
267 EXPECT_EQ(1729U, *taxicab_number);
268
269 dlclose(handle);
270 }
271
TEST(dlfcn,dlopen_from_zip_with_dt_runpath)272 TEST(dlfcn, dlopen_from_zip_with_dt_runpath) {
273 const std::string lib_zip_path = "/libdlext_test_runpath_zip/libdlext_test_runpath_zip_zipaligned.zip";
274 const std::string lib_path = GetTestlibRoot() + lib_zip_path;
275
276 void* handle = dlopen((lib_path + "!/libdir/libtest_dt_runpath_d_zip.so").c_str(), RTLD_NOW);
277
278 ASSERT_TRUE(handle != nullptr) << dlerror();
279
280 typedef void *(* dlopen_b_fn)();
281 dlopen_b_fn fn = (dlopen_b_fn)dlsym(handle, "dlopen_b");
282 ASSERT_TRUE(fn != nullptr) << dlerror();
283
284 void *p = fn();
285 ASSERT_TRUE(p != nullptr) << dlerror();
286
287 dlclose(p);
288 dlclose(handle);
289 }
290
TEST(dlfcn,dlopen_from_zip_ld_library_path)291 TEST(dlfcn, dlopen_from_zip_ld_library_path) {
292 const std::string lib_zip_path = "/libdlext_test_zip/libdlext_test_zip_zipaligned.zip";
293 const std::string lib_path = GetTestlibRoot() + lib_zip_path + "!/libdir";
294
295 typedef void (*fn_t)(const char*);
296 fn_t android_update_LD_LIBRARY_PATH =
297 reinterpret_cast<fn_t>(dlsym(RTLD_DEFAULT, "android_update_LD_LIBRARY_PATH"));
298
299 ASSERT_TRUE(android_update_LD_LIBRARY_PATH != nullptr) << dlerror();
300
301 void* handle = dlopen("libdlext_test_zip.so", RTLD_NOW);
302 ASSERT_TRUE(handle == nullptr);
303
304 android_update_LD_LIBRARY_PATH(lib_path.c_str());
305
306 handle = dlopen("libdlext_test_zip.so", RTLD_NOW);
307 ASSERT_TRUE(handle != nullptr) << dlerror();
308
309 int (*fn)(void);
310 fn = reinterpret_cast<int (*)(void)>(dlsym(handle, "getRandomNumber"));
311 ASSERT_TRUE(fn != nullptr);
312 EXPECT_EQ(4, fn());
313
314 uint32_t* taxicab_number =
315 reinterpret_cast<uint32_t*>(dlsym(handle, "dlopen_testlib_taxicab_number"));
316 ASSERT_DL_NOTNULL(taxicab_number);
317 EXPECT_EQ(1729U, *taxicab_number);
318
319 dlclose(handle);
320 }
321
322
TEST_F(DlExtTest,Reserved)323 TEST_F(DlExtTest, Reserved) {
324 void* start = mmap(nullptr, kLibSize, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
325 ASSERT_TRUE(start != MAP_FAILED);
326 android_dlextinfo extinfo;
327 extinfo.flags = ANDROID_DLEXT_RESERVED_ADDRESS;
328 extinfo.reserved_addr = start;
329 extinfo.reserved_size = kLibSize;
330 handle_ = android_dlopen_ext(kLibName, RTLD_NOW, &extinfo);
331 ASSERT_DL_NOTNULL(handle_);
332 fn f = reinterpret_cast<fn>(dlsym(handle_, "getRandomNumber"));
333 ASSERT_DL_NOTNULL(f);
334 EXPECT_GE(reinterpret_cast<void*>(f), start);
335 EXPECT_LT(reinterpret_cast<void*>(f),
336 reinterpret_cast<char*>(start) + kLibSize);
337 EXPECT_EQ(4, f());
338
339 // Check that after dlclose reserved address space is unmapped (and can be reused)
340 dlclose(handle_);
341 handle_ = nullptr;
342
343 void* new_start = mmap(start, PAGE_SIZE, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
344 ASSERT_NE(start, new_start) << "dlclose unmapped reserved space";
345 }
346
TEST_F(DlExtTest,ReservedTooSmall)347 TEST_F(DlExtTest, ReservedTooSmall) {
348 void* start = mmap(nullptr, PAGE_SIZE, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
349 ASSERT_TRUE(start != MAP_FAILED);
350 android_dlextinfo extinfo;
351 extinfo.flags = ANDROID_DLEXT_RESERVED_ADDRESS;
352 extinfo.reserved_addr = start;
353 extinfo.reserved_size = PAGE_SIZE;
354 handle_ = android_dlopen_ext(kLibName, RTLD_NOW, &extinfo);
355 EXPECT_EQ(nullptr, handle_);
356 }
357
TEST_F(DlExtTest,ReservedRecursive)358 TEST_F(DlExtTest, ReservedRecursive) {
359 void* start = mmap(nullptr, kLibSize, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
360 ASSERT_TRUE(start != MAP_FAILED);
361 android_dlextinfo extinfo;
362 extinfo.flags = ANDROID_DLEXT_RESERVED_ADDRESS | ANDROID_DLEXT_RESERVED_ADDRESS_RECURSIVE;
363 extinfo.reserved_addr = start;
364 extinfo.reserved_size = kLibSize;
365 handle_ = android_dlopen_ext(kLibNameRecursive, RTLD_NOW, &extinfo);
366 ASSERT_DL_NOTNULL(handle_);
367
368 fn f = reinterpret_cast<fn>(dlsym(handle_, "getRandomNumber"));
369 ASSERT_DL_NOTNULL(f);
370 EXPECT_GE(reinterpret_cast<void*>(f), start);
371 EXPECT_LT(reinterpret_cast<void*>(f),
372 reinterpret_cast<char*>(start) + kLibSize);
373 EXPECT_EQ(4, f());
374
375 f = reinterpret_cast<fn>(dlsym(handle_, "getBiggerRandomNumber"));
376 ASSERT_DL_NOTNULL(f);
377 EXPECT_GE(reinterpret_cast<void*>(f), start);
378 EXPECT_LT(reinterpret_cast<void*>(f),
379 reinterpret_cast<char*>(start) + kLibSize);
380 EXPECT_EQ(8, f());
381
382 uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle_, "dlopen_testlib_taxicab_number"));
383 ASSERT_DL_NOTNULL(taxicab_number);
384 // Untag the pointer so that it can be compared with start, which will be untagged.
385 void* addr = reinterpret_cast<void*>(untag_address(taxicab_number));
386 EXPECT_GE(addr, start);
387 EXPECT_LT(addr, reinterpret_cast<char*>(start) + kLibSize);
388 EXPECT_EQ(1729U, *taxicab_number);
389 }
390
TEST_F(DlExtTest,ReservedRecursiveTooSmall)391 TEST_F(DlExtTest, ReservedRecursiveTooSmall) {
392 void* start = mmap(nullptr, PAGE_SIZE, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
393 ASSERT_TRUE(start != MAP_FAILED);
394 android_dlextinfo extinfo;
395 extinfo.flags = ANDROID_DLEXT_RESERVED_ADDRESS | ANDROID_DLEXT_RESERVED_ADDRESS_RECURSIVE;
396 extinfo.reserved_addr = start;
397 extinfo.reserved_size = PAGE_SIZE;
398 handle_ = android_dlopen_ext(kLibNameRecursive, RTLD_NOW, &extinfo);
399 EXPECT_EQ(nullptr, handle_);
400 }
401
TEST_F(DlExtTest,ReservedHint)402 TEST_F(DlExtTest, ReservedHint) {
403 void* start = mmap(nullptr, kLibSize, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
404 ASSERT_TRUE(start != MAP_FAILED);
405 android_dlextinfo extinfo;
406 extinfo.flags = ANDROID_DLEXT_RESERVED_ADDRESS_HINT;
407 extinfo.reserved_addr = start;
408 extinfo.reserved_size = kLibSize;
409 handle_ = android_dlopen_ext(kLibName, RTLD_NOW, &extinfo);
410 ASSERT_DL_NOTNULL(handle_);
411 fn f = reinterpret_cast<fn>(dlsym(handle_, "getRandomNumber"));
412 ASSERT_DL_NOTNULL(f);
413 EXPECT_GE(reinterpret_cast<void*>(f), start);
414 EXPECT_LT(reinterpret_cast<void*>(f),
415 reinterpret_cast<char*>(start) + kLibSize);
416 EXPECT_EQ(4, f());
417 }
418
TEST_F(DlExtTest,ReservedHintTooSmall)419 TEST_F(DlExtTest, ReservedHintTooSmall) {
420 void* start = mmap(nullptr, PAGE_SIZE, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
421 ASSERT_TRUE(start != MAP_FAILED);
422 android_dlextinfo extinfo;
423 extinfo.flags = ANDROID_DLEXT_RESERVED_ADDRESS_HINT;
424 extinfo.reserved_addr = start;
425 extinfo.reserved_size = PAGE_SIZE;
426 handle_ = android_dlopen_ext(kLibName, RTLD_NOW, &extinfo);
427 ASSERT_DL_NOTNULL(handle_);
428 fn f = reinterpret_cast<fn>(dlsym(handle_, "getRandomNumber"));
429 ASSERT_DL_NOTNULL(f);
430 EXPECT_TRUE(reinterpret_cast<void*>(f) < start ||
431 (reinterpret_cast<void*>(f) >=
432 reinterpret_cast<char*>(start) + PAGE_SIZE));
433 EXPECT_EQ(4, f());
434 }
435
436 class DlExtRelroSharingTest : public DlExtTest {
437 protected:
SetUp()438 void SetUp() override {
439 DlExtTest::SetUp();
440 void* start = mmap(nullptr, kLibSize, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
441 ASSERT_TRUE(start != MAP_FAILED);
442 extinfo_.flags = ANDROID_DLEXT_RESERVED_ADDRESS;
443 extinfo_.reserved_addr = start;
444 extinfo_.reserved_size = kLibSize;
445 extinfo_.relro_fd = -1;
446 }
447
TearDown()448 void TearDown() override {
449 DlExtTest::TearDown();
450 }
451
CreateRelroFile(const char * lib,const char * relro_file,bool recursive)452 void CreateRelroFile(const char* lib, const char* relro_file, bool recursive) {
453 int relro_fd = open(relro_file, O_RDWR | O_TRUNC | O_CLOEXEC);
454 ASSERT_NOERROR(relro_fd);
455
456 if (recursive) {
457 extinfo_.flags |= ANDROID_DLEXT_RESERVED_ADDRESS_RECURSIVE;
458 }
459
460 pid_t pid = fork();
461 if (pid == 0) {
462 // child process
463 extinfo_.flags |= ANDROID_DLEXT_WRITE_RELRO;
464 extinfo_.relro_fd = relro_fd;
465 void* handle = android_dlopen_ext(lib, RTLD_NOW, &extinfo_);
466 if (handle == nullptr) {
467 fprintf(stderr, "in child: %s\n", dlerror());
468 exit(1);
469 }
470 fn f = reinterpret_cast<fn>(dlsym(handle, "getRandomNumber"));
471 ASSERT_DL_NOTNULL(f);
472 EXPECT_EQ(4, f());
473
474 if (recursive) {
475 fn f = reinterpret_cast<fn>(dlsym(handle, "getBiggerRandomNumber"));
476 ASSERT_DL_NOTNULL(f);
477 EXPECT_EQ(8, f());
478 }
479
480 uint32_t* taxicab_number =
481 reinterpret_cast<uint32_t*>(dlsym(handle, "dlopen_testlib_taxicab_number"));
482 ASSERT_DL_NOTNULL(taxicab_number);
483 EXPECT_EQ(1729U, *taxicab_number);
484 exit(testing::Test::HasFailure());
485 }
486
487 // continuing in parent
488 ASSERT_NOERROR(close(relro_fd));
489 ASSERT_NOERROR(pid);
490 AssertChildExited(pid, 0);
491
492 // reopen file for reading so it can be used
493 relro_fd = open(relro_file, O_RDONLY | O_CLOEXEC);
494 ASSERT_NOERROR(relro_fd);
495 extinfo_.flags |= ANDROID_DLEXT_USE_RELRO;
496 extinfo_.relro_fd = relro_fd;
497 }
498
TryUsingRelro(const char * lib,bool recursive)499 void TryUsingRelro(const char* lib, bool recursive) {
500 handle_ = android_dlopen_ext(lib, RTLD_NOW, &extinfo_);
501 ASSERT_DL_NOTNULL(handle_);
502 fn f = reinterpret_cast<fn>(dlsym(handle_, "getRandomNumber"));
503 ASSERT_DL_NOTNULL(f);
504 EXPECT_EQ(4, f());
505
506 if (recursive) {
507 fn f = reinterpret_cast<fn>(dlsym(handle_, "getBiggerRandomNumber"));
508 ASSERT_DL_NOTNULL(f);
509 EXPECT_EQ(8, f());
510 }
511
512 uint32_t* taxicab_number =
513 reinterpret_cast<uint32_t*>(dlsym(handle_, "dlopen_testlib_taxicab_number"));
514 ASSERT_DL_NOTNULL(taxicab_number);
515 EXPECT_EQ(1729U, *taxicab_number);
516 }
517
518 void SpawnChildrenAndMeasurePss(const char* lib, const char* relro_file, bool share_relro,
519 size_t* pss_out);
520
521 std::string FindMappingName(void* ptr);
522
523 android_dlextinfo extinfo_;
524 };
525
TEST_F(DlExtRelroSharingTest,ChildWritesGoodData)526 TEST_F(DlExtRelroSharingTest, ChildWritesGoodData) {
527 TemporaryFile tf; // Use tf to get an unique filename.
528 ASSERT_NOERROR(close(tf.fd));
529
530 ASSERT_NO_FATAL_FAILURE(CreateRelroFile(kLibName, tf.path, false));
531 ASSERT_NO_FATAL_FAILURE(TryUsingRelro(kLibName, false));
532 void* relro_data = dlsym(handle_, "lots_of_relro");
533 ASSERT_DL_NOTNULL(relro_data);
534 EXPECT_EQ(tf.path, FindMappingName(relro_data));
535
536 // Use destructor of tf to close and unlink the file.
537 tf.fd = extinfo_.relro_fd;
538 }
539
TEST_F(DlExtRelroSharingTest,ChildWritesGoodDataRecursive)540 TEST_F(DlExtRelroSharingTest, ChildWritesGoodDataRecursive) {
541 TemporaryFile tf; // Use tf to get an unique filename.
542 ASSERT_NOERROR(close(tf.fd));
543
544 ASSERT_NO_FATAL_FAILURE(CreateRelroFile(kLibNameRecursive, tf.path, true));
545 ASSERT_NO_FATAL_FAILURE(TryUsingRelro(kLibNameRecursive, true));
546 void* relro_data = dlsym(handle_, "lots_of_relro");
547 ASSERT_DL_NOTNULL(relro_data);
548 EXPECT_EQ(tf.path, FindMappingName(relro_data));
549 void* recursive_relro_data = dlsym(handle_, "lots_more_relro");
550 ASSERT_DL_NOTNULL(recursive_relro_data);
551 EXPECT_EQ(tf.path, FindMappingName(recursive_relro_data));
552
553
554 // Use destructor of tf to close and unlink the file.
555 tf.fd = extinfo_.relro_fd;
556 }
557
TEST_F(DlExtRelroSharingTest,CheckRelroSizes)558 TEST_F(DlExtRelroSharingTest, CheckRelroSizes) {
559 TemporaryFile tf1, tf2;
560 ASSERT_NOERROR(close(tf1.fd));
561 ASSERT_NOERROR(close(tf2.fd));
562
563 ASSERT_NO_FATAL_FAILURE(CreateRelroFile(kLibNameRecursive, tf1.path, false));
564 struct stat no_recursive;
565 ASSERT_NOERROR(fstat(extinfo_.relro_fd, &no_recursive));
566 tf1.fd = extinfo_.relro_fd;
567
568 ASSERT_NO_FATAL_FAILURE(CreateRelroFile(kLibNameRecursive, tf2.path, true));
569 struct stat with_recursive;
570 ASSERT_NOERROR(fstat(extinfo_.relro_fd, &with_recursive));
571 tf2.fd = extinfo_.relro_fd;
572
573 // RELRO file should end up bigger when we use the recursive flag, since it
574 // includes data for more than one library.
575 ASSERT_GT(with_recursive.st_size, no_recursive.st_size);
576 }
577
TEST_F(DlExtRelroSharingTest,ChildWritesNoRelro)578 TEST_F(DlExtRelroSharingTest, ChildWritesNoRelro) {
579 TemporaryFile tf; // // Use tf to get an unique filename.
580 ASSERT_NOERROR(close(tf.fd));
581
582 ASSERT_NO_FATAL_FAILURE(CreateRelroFile(kLibNameNoRelro, tf.path, false));
583 ASSERT_NO_FATAL_FAILURE(TryUsingRelro(kLibNameNoRelro, false));
584
585 // Use destructor of tf to close and unlink the file.
586 tf.fd = extinfo_.relro_fd;
587 }
588
TEST_F(DlExtRelroSharingTest,RelroFileEmpty)589 TEST_F(DlExtRelroSharingTest, RelroFileEmpty) {
590 ASSERT_NO_FATAL_FAILURE(TryUsingRelro(kLibName, false));
591 }
592
TEST_F(DlExtRelroSharingTest,VerifyMemorySaving)593 TEST_F(DlExtRelroSharingTest, VerifyMemorySaving) {
594 if (geteuid() != 0) GTEST_SKIP() << "This test must be run as root";
595
596 TemporaryFile tf; // Use tf to get an unique filename.
597 ASSERT_NOERROR(close(tf.fd));
598
599 ASSERT_NO_FATAL_FAILURE(CreateRelroFile(kLibName, tf.path, false));
600
601 int pipefd[2];
602 ASSERT_NOERROR(pipe(pipefd));
603
604 size_t without_sharing, with_sharing;
605 ASSERT_NO_FATAL_FAILURE(SpawnChildrenAndMeasurePss(kLibName, tf.path, false, &without_sharing));
606 ASSERT_NO_FATAL_FAILURE(SpawnChildrenAndMeasurePss(kLibName, tf.path, true, &with_sharing));
607 ASSERT_LT(with_sharing, without_sharing);
608
609 // We expect the sharing to save at least 50% of the library's total PSS.
610 // In practice it saves 80%+ for this library in the test.
611 size_t pss_saved = without_sharing - with_sharing;
612 size_t expected_min_saved = without_sharing / 2;
613
614 EXPECT_LT(expected_min_saved, pss_saved);
615
616 // Use destructor of tf to close and unlink the file.
617 tf.fd = extinfo_.relro_fd;
618 }
619
GetPss(bool shared_relro,const char * lib,const char * relro_file,pid_t pid,size_t * total_pss)620 void GetPss(bool shared_relro, const char* lib, const char* relro_file, pid_t pid,
621 size_t* total_pss) {
622 android::meminfo::ProcMemInfo proc_mem(pid);
623 const std::vector<android::meminfo::Vma>& maps = proc_mem.MapsWithoutUsageStats();
624 ASSERT_GT(maps.size(), 0UL);
625
626 // Calculate total PSS of the library.
627 *total_pss = 0;
628 bool saw_relro_file = false;
629 for (auto& vma : maps) {
630 if (android::base::EndsWith(vma.name, lib) || (vma.name == relro_file)) {
631 if (vma.name == relro_file) {
632 saw_relro_file = true;
633 }
634
635 android::meminfo::Vma update_vma(vma);
636 ASSERT_TRUE(proc_mem.FillInVmaStats(update_vma));
637 *total_pss += update_vma.usage.pss;
638 }
639 }
640
641 if (shared_relro) ASSERT_TRUE(saw_relro_file);
642 }
643
SpawnChildrenAndMeasurePss(const char * lib,const char * relro_file,bool share_relro,size_t * pss_out)644 void DlExtRelroSharingTest::SpawnChildrenAndMeasurePss(const char* lib, const char* relro_file,
645 bool share_relro, size_t* pss_out) {
646 const int CHILDREN = 20;
647
648 // Create children
649 pid_t child_pids[CHILDREN];
650 int childpipe[CHILDREN];
651 for (int i=0; i<CHILDREN; ++i) {
652 char read_buf;
653 int child_done_pipe[2], parent_done_pipe[2];
654 ASSERT_NOERROR(pipe(child_done_pipe));
655 ASSERT_NOERROR(pipe(parent_done_pipe));
656
657 pid_t child = fork();
658 if (child == 0) {
659 // close the 'wrong' ends of the pipes in the child
660 close(child_done_pipe[0]);
661 close(parent_done_pipe[1]);
662
663 // open the library
664 void* handle;
665 if (share_relro) {
666 handle = android_dlopen_ext(lib, RTLD_NOW, &extinfo_);
667 } else {
668 handle = dlopen(lib, RTLD_NOW);
669 }
670 if (handle == nullptr) {
671 fprintf(stderr, "in child: %s\n", dlerror());
672 exit(1);
673 }
674
675 // close write end of child_done_pipe to signal the parent that we're done.
676 close(child_done_pipe[1]);
677
678 // wait for the parent to close parent_done_pipe, then exit
679 read(parent_done_pipe[0], &read_buf, 1);
680 exit(0);
681 }
682
683 ASSERT_NOERROR(child);
684
685 // close the 'wrong' ends of the pipes in the parent
686 close(child_done_pipe[1]);
687 close(parent_done_pipe[0]);
688
689 // wait for the child to be done
690 read(child_done_pipe[0], &read_buf, 1);
691 close(child_done_pipe[0]);
692
693 // save the child's pid and the parent_done_pipe
694 child_pids[i] = child;
695 childpipe[i] = parent_done_pipe[1];
696 }
697
698 // Sum the PSS of tested library of all the children
699 size_t total_pss = 0;
700 for (int i=0; i<CHILDREN; ++i) {
701 size_t child_pss;
702 ASSERT_NO_FATAL_FAILURE(GetPss(share_relro, lib, relro_file, child_pids[i], &child_pss));
703 total_pss += child_pss;
704 }
705 *pss_out = total_pss;
706
707 // Close pipes and wait for children to exit
708 for (int i=0; i<CHILDREN; ++i) {
709 ASSERT_NOERROR(close(childpipe[i]));
710 }
711 for (int i = 0; i < CHILDREN; ++i) {
712 AssertChildExited(child_pids[i], 0);
713 }
714 }
715
FindMappingName(void * ptr)716 std::string DlExtRelroSharingTest::FindMappingName(void* ptr) {
717 uint64_t addr = reinterpret_cast<uint64_t>(ptr);
718 std::string found_name = "<not found>";
719
720 EXPECT_TRUE(android::procinfo::ReadMapFile("/proc/self/maps",
721 [&](const android::procinfo::MapInfo& mapinfo) {
722 if (addr >= mapinfo.start && addr < mapinfo.end) {
723 found_name = mapinfo.name;
724 }
725 }));
726
727 return found_name;
728 }
729
730 // Testing namespaces
731 static const char* g_public_lib = "libnstest_public.so";
732
733 // These are libs shared with default namespace
734 static const std::string g_core_shared_libs = kCoreSharedLibs;
735
TEST(dlext,ns_smoke)736 TEST(dlext, ns_smoke) {
737 static const char* root_lib = "libnstest_root.so";
738 std::string shared_libs = g_core_shared_libs + ":" + g_public_lib;
739
740 ASSERT_FALSE(android_init_anonymous_namespace("", nullptr));
741 ASSERT_STREQ("android_init_anonymous_namespace failed: error linking namespaces"
742 " \"(anonymous)\"->\"(default)\": the list of shared libraries is empty.",
743 dlerror());
744
745 const std::string lib_public_path = GetTestlibRoot() + "/public_namespace_libs/" + g_public_lib;
746 void* handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW);
747 ASSERT_TRUE(handle_public != nullptr) << dlerror();
748
749 ASSERT_TRUE(android_init_anonymous_namespace(shared_libs.c_str(), nullptr)) << dlerror();
750
751 // Check that libraries added to public namespace are not NODELETE
752 dlclose(handle_public);
753 handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW | RTLD_NOLOAD);
754 ASSERT_TRUE(handle_public == nullptr);
755 ASSERT_EQ(std::string("dlopen failed: library \"") + lib_public_path +
756 "\" wasn't loaded and RTLD_NOLOAD prevented it", dlerror());
757
758 handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW);
759
760 // create "public namespace", share limited set of public libraries with
761
762 android_namespace_t* ns1 =
763 android_create_namespace("private",
764 nullptr,
765 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
766 ANDROID_NAMESPACE_TYPE_REGULAR,
767 nullptr,
768 nullptr);
769 ASSERT_TRUE(ns1 != nullptr) << dlerror();
770 ASSERT_TRUE(android_link_namespaces(ns1, nullptr, shared_libs.c_str())) << dlerror();
771
772 android_namespace_t* ns2 =
773 android_create_namespace("private_isolated",
774 nullptr,
775 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
776 ANDROID_NAMESPACE_TYPE_ISOLATED,
777 nullptr,
778 nullptr);
779 ASSERT_TRUE(ns2 != nullptr) << dlerror();
780 ASSERT_TRUE(android_link_namespaces(ns2, nullptr, shared_libs.c_str())) << dlerror();
781
782 // This should not have affect search path for default namespace:
783 ASSERT_TRUE(dlopen(root_lib, RTLD_NOW) == nullptr);
784 void* handle = dlopen(g_public_lib, RTLD_NOW);
785 ASSERT_TRUE(handle != nullptr) << dlerror();
786 dlclose(handle);
787
788 // dlopen for a public library using an absolute path should work
789 // 1. For isolated namespaces
790 android_dlextinfo extinfo;
791 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
792 extinfo.library_namespace = ns2;
793 handle = android_dlopen_ext(lib_public_path.c_str(), RTLD_NOW, &extinfo);
794 ASSERT_TRUE(handle != nullptr) << dlerror();
795 ASSERT_TRUE(handle == handle_public);
796
797 dlclose(handle);
798
799 // 1.1 even if it wasn't loaded before
800 dlclose(handle_public);
801
802 handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW | RTLD_NOLOAD);
803 ASSERT_TRUE(handle_public == nullptr);
804 ASSERT_EQ(std::string("dlopen failed: library \"") + lib_public_path +
805 "\" wasn't loaded and RTLD_NOLOAD prevented it", dlerror());
806
807 handle = android_dlopen_ext(lib_public_path.c_str(), RTLD_NOW, &extinfo);
808 ASSERT_TRUE(handle != nullptr) << dlerror();
809
810 handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW);
811 ASSERT_TRUE(handle == handle_public);
812
813 dlclose(handle);
814
815 // 2. And for regular namespaces (make sure it does not load second copy of the library)
816 extinfo.library_namespace = ns1;
817 handle = android_dlopen_ext(lib_public_path.c_str(), RTLD_NOW, &extinfo);
818 ASSERT_TRUE(handle != nullptr) << dlerror();
819 ASSERT_TRUE(handle == handle_public);
820
821 dlclose(handle);
822
823 // 2.1 Unless it was not loaded before - in which case it will load a duplicate.
824 // TODO(dimitry): This is broken. Maybe we need to deprecate non-isolated namespaces?
825 dlclose(handle_public);
826
827 handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW | RTLD_NOLOAD);
828 ASSERT_TRUE(handle_public == nullptr);
829 ASSERT_EQ(std::string("dlopen failed: library \"") + lib_public_path +
830 "\" wasn't loaded and RTLD_NOLOAD prevented it", dlerror());
831
832 handle = android_dlopen_ext(lib_public_path.c_str(), RTLD_NOW, &extinfo);
833 ASSERT_TRUE(handle != nullptr) << dlerror();
834
835 handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW);
836
837 ASSERT_TRUE(handle != handle_public);
838
839 dlclose(handle);
840
841 extinfo.library_namespace = ns1;
842
843 void* handle1 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
844 ASSERT_TRUE(handle1 != nullptr) << dlerror();
845
846 extinfo.library_namespace = ns2;
847 void* handle2 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
848 ASSERT_TRUE(handle2 != nullptr) << dlerror();
849
850 ASSERT_TRUE(handle1 != handle2);
851
852 typedef const char* (*fn_t)();
853
854 fn_t ns_get_local_string1 = reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_local_string"));
855 ASSERT_TRUE(ns_get_local_string1 != nullptr) << dlerror();
856 fn_t ns_get_local_string2 = reinterpret_cast<fn_t>(dlsym(handle2, "ns_get_local_string"));
857 ASSERT_TRUE(ns_get_local_string2 != nullptr) << dlerror();
858
859 EXPECT_STREQ("This string is local to root library", ns_get_local_string1());
860 EXPECT_STREQ("This string is local to root library", ns_get_local_string2());
861
862 ASSERT_TRUE(ns_get_local_string1() != ns_get_local_string2());
863
864 fn_t ns_get_private_extern_string1 =
865 reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_private_extern_string"));
866 ASSERT_TRUE(ns_get_private_extern_string1 != nullptr) << dlerror();
867 fn_t ns_get_private_extern_string2 =
868 reinterpret_cast<fn_t>(dlsym(handle2, "ns_get_private_extern_string"));
869 ASSERT_TRUE(ns_get_private_extern_string2 != nullptr) << dlerror();
870
871 EXPECT_STREQ("This string is from private namespace", ns_get_private_extern_string1());
872 EXPECT_STREQ("This string is from private namespace", ns_get_private_extern_string2());
873
874 ASSERT_TRUE(ns_get_private_extern_string1() != ns_get_private_extern_string2());
875
876 fn_t ns_get_public_extern_string1 =
877 reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_public_extern_string"));
878 ASSERT_TRUE(ns_get_public_extern_string1 != nullptr) << dlerror();
879 fn_t ns_get_public_extern_string2 =
880 reinterpret_cast<fn_t>(dlsym(handle2, "ns_get_public_extern_string"));
881 ASSERT_TRUE(ns_get_public_extern_string2 != nullptr) << dlerror();
882
883 EXPECT_STREQ("This string is from public namespace", ns_get_public_extern_string1());
884 ASSERT_TRUE(ns_get_public_extern_string1() == ns_get_public_extern_string2());
885
886 // and now check that dlopen() does the right thing in terms of preserving namespace
887 fn_t ns_get_dlopened_string1 = reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_dlopened_string"));
888 ASSERT_TRUE(ns_get_dlopened_string1 != nullptr) << dlerror();
889 fn_t ns_get_dlopened_string2 = reinterpret_cast<fn_t>(dlsym(handle2, "ns_get_dlopened_string"));
890 ASSERT_TRUE(ns_get_dlopened_string2 != nullptr) << dlerror();
891
892 EXPECT_STREQ("This string is from private namespace (dlopened library)", ns_get_dlopened_string1());
893 EXPECT_STREQ("This string is from private namespace (dlopened library)", ns_get_dlopened_string2());
894
895 ASSERT_TRUE(ns_get_dlopened_string1() != ns_get_dlopened_string2());
896
897 // Check that symbols from non-shared libraries a shared library depends on are not visible
898 // from original namespace.
899
900 fn_t ns_get_internal_extern_string =
901 reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_internal_extern_string"));
902 ASSERT_TRUE(ns_get_internal_extern_string != nullptr) << dlerror();
903 ASSERT_TRUE(ns_get_internal_extern_string() == nullptr) <<
904 "ns_get_internal_extern_string() expected to return null but returns \"" <<
905 ns_get_internal_extern_string() << "\"";
906
907 dlclose(handle1);
908
909 // Check if handle2 is still alive (and well)
910 ASSERT_STREQ("This string is local to root library", ns_get_local_string2());
911 ASSERT_STREQ("This string is from private namespace", ns_get_private_extern_string2());
912 ASSERT_STREQ("This string is from public namespace", ns_get_public_extern_string2());
913 ASSERT_STREQ("This string is from private namespace (dlopened library)", ns_get_dlopened_string2());
914
915 dlclose(handle2);
916 }
917
TEST(dlext,dlopen_ext_use_o_tmpfile_fd)918 TEST(dlext, dlopen_ext_use_o_tmpfile_fd) {
919 const std::string lib_path = GetTestlibRoot() + "/libtest_simple.so";
920
921 int tmpfd = TEMP_FAILURE_RETRY(
922 open(GetTestlibRoot().c_str(), O_TMPFILE | O_CLOEXEC | O_RDWR | O_EXCL, 0));
923
924 // Ignore kernels without O_TMPFILE flag support
925 if (tmpfd == -1 && (errno == EISDIR || errno == EINVAL || errno == EOPNOTSUPP)) {
926 return;
927 }
928
929 ASSERT_TRUE(tmpfd != -1) << strerror(errno);
930
931 android_namespace_t* ns =
932 android_create_namespace("testing-o_tmpfile",
933 nullptr,
934 GetTestlibRoot().c_str(),
935 ANDROID_NAMESPACE_TYPE_ISOLATED,
936 nullptr,
937 nullptr);
938
939 ASSERT_DL_NOTNULL(ns);
940
941 ASSERT_TRUE(android_link_namespaces(ns, nullptr, g_core_shared_libs.c_str())) << dlerror();
942
943 std::string content;
944 ASSERT_TRUE(android::base::ReadFileToString(lib_path, &content)) << strerror(errno);
945 ASSERT_TRUE(android::base::WriteStringToFd(content, tmpfd)) << strerror(errno);
946
947 android_dlextinfo extinfo;
948 extinfo.flags = ANDROID_DLEXT_USE_LIBRARY_FD | ANDROID_DLEXT_USE_NAMESPACE;
949 extinfo.library_fd = tmpfd;
950 extinfo.library_namespace = ns;
951
952 void* handle = android_dlopen_ext("foobar", RTLD_NOW, &extinfo);
953
954 ASSERT_DL_NOTNULL(handle);
955
956 uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle, "dlopen_testlib_taxicab_number"));
957 ASSERT_DL_NOTNULL(taxicab_number);
958 EXPECT_EQ(1729U, *taxicab_number);
959 dlclose(handle);
960 }
961
TEST(dlext,dlopen_ext_use_memfd)962 TEST(dlext, dlopen_ext_use_memfd) {
963 const std::string lib_path = GetTestlibRoot() + "/libtest_simple.so";
964
965 // create memfd
966 int memfd = memfd_create("foobar", MFD_CLOEXEC);
967 if (memfd == -1 && errno == ENOSYS) {
968 return;
969 }
970
971 ASSERT_TRUE(memfd != -1) << strerror(errno);
972
973 // Check st.f_type is TMPFS_MAGIC for memfd
974 struct statfs st;
975 ASSERT_TRUE(TEMP_FAILURE_RETRY(fstatfs(memfd, &st)) == 0) << strerror(errno);
976 ASSERT_EQ(static_cast<decltype(st.f_type)>(TMPFS_MAGIC), st.f_type);
977
978 android_namespace_t* ns =
979 android_create_namespace("testing-memfd",
980 nullptr,
981 GetTestlibRoot().c_str(),
982 ANDROID_NAMESPACE_TYPE_ISOLATED,
983 nullptr,
984 nullptr);
985
986 ASSERT_DL_NOTNULL(ns);
987
988 ASSERT_TRUE(android_link_namespaces(ns, nullptr, g_core_shared_libs.c_str())) << dlerror();
989
990 // read file into memfd backed one.
991 std::string content;
992 ASSERT_TRUE(android::base::ReadFileToString(lib_path, &content)) << strerror(errno);
993 ASSERT_TRUE(android::base::WriteStringToFd(content, memfd)) << strerror(errno);
994
995 android_dlextinfo extinfo;
996 extinfo.flags = ANDROID_DLEXT_USE_LIBRARY_FD | ANDROID_DLEXT_USE_NAMESPACE;
997 extinfo.library_fd = memfd;
998 extinfo.library_namespace = ns;
999
1000 void* handle = android_dlopen_ext("foobar", RTLD_NOW, &extinfo);
1001
1002 ASSERT_DL_NOTNULL(handle);
1003
1004 uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle, "dlopen_testlib_taxicab_number"));
1005 ASSERT_DL_NOTNULL(taxicab_number);
1006 EXPECT_EQ(1729U, *taxicab_number);
1007 dlclose(handle);
1008 }
1009
TEST(dlext,ns_symbol_visibilty_one_namespace)1010 TEST(dlext, ns_symbol_visibilty_one_namespace) {
1011 static const char* root_lib = "libnstest_root.so";
1012 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1013
1014 const std::string ns_search_path = GetTestlibRoot() + "/public_namespace_libs:" +
1015 GetTestlibRoot() + "/private_namespace_libs";
1016
1017 android_namespace_t* ns =
1018 android_create_namespace("one",
1019 nullptr,
1020 ns_search_path.c_str(),
1021 ANDROID_NAMESPACE_TYPE_ISOLATED,
1022 nullptr,
1023 nullptr);
1024
1025 ASSERT_TRUE(android_link_namespaces(ns, nullptr, g_core_shared_libs.c_str())) << dlerror();
1026
1027 android_dlextinfo extinfo;
1028 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1029 extinfo.library_namespace = ns;
1030
1031 void* handle = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1032 ASSERT_TRUE(handle != nullptr) << dlerror();
1033
1034 typedef const char* (*fn_t)();
1035
1036 // Check that relocation worked correctly
1037 fn_t ns_get_internal_extern_string =
1038 reinterpret_cast<fn_t>(dlsym(handle, "ns_get_internal_extern_string"));
1039 ASSERT_TRUE(ns_get_internal_extern_string != nullptr) << dlerror();
1040 ASSERT_STREQ("This string is from a library a shared library depends on", ns_get_internal_extern_string());
1041
1042 fn_t internal_extern_string_fn =
1043 reinterpret_cast<fn_t>(dlsym(handle, "internal_extern_string"));
1044 ASSERT_TRUE(internal_extern_string_fn != nullptr) << dlerror();
1045 ASSERT_STREQ("This string is from a library a shared library depends on", internal_extern_string_fn());
1046 }
1047
TEST(dlext,ns_symbol_visibilty_between_namespaces)1048 TEST(dlext, ns_symbol_visibilty_between_namespaces) {
1049 static const char* root_lib = "libnstest_root.so";
1050 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1051
1052 const std::string public_ns_search_path = GetTestlibRoot() + "/public_namespace_libs";
1053 const std::string private_ns_search_path = GetTestlibRoot() + "/private_namespace_libs";
1054
1055 android_namespace_t* ns_public =
1056 android_create_namespace("public",
1057 nullptr,
1058 public_ns_search_path.c_str(),
1059 ANDROID_NAMESPACE_TYPE_ISOLATED,
1060 nullptr,
1061 nullptr);
1062
1063 ASSERT_TRUE(android_link_namespaces(ns_public, nullptr, g_core_shared_libs.c_str())) << dlerror();
1064
1065 android_namespace_t* ns_private =
1066 android_create_namespace("private",
1067 nullptr,
1068 private_ns_search_path.c_str(),
1069 ANDROID_NAMESPACE_TYPE_ISOLATED,
1070 nullptr,
1071 nullptr);
1072
1073 ASSERT_TRUE(android_link_namespaces(ns_private, ns_public, g_public_lib)) << dlerror();
1074 ASSERT_TRUE(android_link_namespaces(ns_private, nullptr, g_core_shared_libs.c_str())) << dlerror();
1075
1076 android_dlextinfo extinfo;
1077 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1078 extinfo.library_namespace = ns_private;
1079
1080 void* handle = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1081 ASSERT_TRUE(handle != nullptr) << dlerror();
1082
1083 typedef const char* (*fn_t)();
1084
1085 // Check that relocation worked correctly
1086 fn_t ns_get_internal_extern_string =
1087 reinterpret_cast<fn_t>(dlsym(handle, "ns_get_internal_extern_string"));
1088 ASSERT_TRUE(ns_get_internal_extern_string != nullptr) << dlerror();
1089 ASSERT_TRUE(ns_get_internal_extern_string() == nullptr) <<
1090 "ns_get_internal_extern_string() expected to return null but returns \"" <<
1091 ns_get_internal_extern_string() << "\"";
1092
1093 fn_t internal_extern_string_fn =
1094 reinterpret_cast<fn_t>(dlsym(handle, "internal_extern_string"));
1095 ASSERT_TRUE(internal_extern_string_fn == nullptr);
1096 ASSERT_STREQ("undefined symbol: internal_extern_string", dlerror());
1097 }
1098
TEST(dlext,ns_unload_between_namespaces)1099 TEST(dlext, ns_unload_between_namespaces) {
1100 static const char* root_lib = "libnstest_root.so";
1101 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1102
1103 const std::string public_ns_search_path = GetTestlibRoot() + "/public_namespace_libs";
1104 const std::string private_ns_search_path = GetTestlibRoot() + "/private_namespace_libs";
1105
1106 android_namespace_t* ns_public =
1107 android_create_namespace("public",
1108 nullptr,
1109 public_ns_search_path.c_str(),
1110 ANDROID_NAMESPACE_TYPE_ISOLATED,
1111 nullptr,
1112 nullptr);
1113
1114 ASSERT_TRUE(android_link_namespaces(ns_public, nullptr, g_core_shared_libs.c_str())) << dlerror();
1115
1116 android_namespace_t* ns_private =
1117 android_create_namespace("private",
1118 nullptr,
1119 private_ns_search_path.c_str(),
1120 ANDROID_NAMESPACE_TYPE_ISOLATED,
1121 nullptr,
1122 nullptr);
1123
1124 ASSERT_TRUE(android_link_namespaces(ns_private, ns_public, g_public_lib)) << dlerror();
1125 ASSERT_TRUE(android_link_namespaces(ns_private, nullptr, g_core_shared_libs.c_str())) << dlerror();
1126
1127 android_dlextinfo extinfo;
1128 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1129 extinfo.library_namespace = ns_private;
1130
1131 void* handle = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1132 ASSERT_TRUE(handle != nullptr) << dlerror();
1133
1134 dlclose(handle);
1135 // Check that root_lib was unloaded
1136 handle = android_dlopen_ext(root_lib, RTLD_NOW | RTLD_NOLOAD, &extinfo);
1137 ASSERT_TRUE(handle == nullptr);
1138 ASSERT_EQ(std::string("dlopen failed: library \"") + root_lib +
1139 "\" wasn't loaded and RTLD_NOLOAD prevented it", dlerror());
1140
1141 // Check that shared library was unloaded in public ns
1142 extinfo.library_namespace = ns_public;
1143 handle = android_dlopen_ext(g_public_lib, RTLD_NOW | RTLD_NOLOAD, &extinfo);
1144 ASSERT_TRUE(handle == nullptr);
1145 ASSERT_EQ(std::string("dlopen failed: library \"") + g_public_lib +
1146 "\" wasn't loaded and RTLD_NOLOAD prevented it", dlerror());
1147 }
1148
TEST(dlext,ns_unload_between_namespaces_missing_symbol_direct)1149 TEST(dlext, ns_unload_between_namespaces_missing_symbol_direct) {
1150 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1151
1152 const std::string public_ns_search_path = GetTestlibRoot() + "/public_namespace_libs";
1153 const std::string private_ns_search_path = GetTestlibRoot() + "/private_namespace_libs";
1154
1155 android_namespace_t* ns_public =
1156 android_create_namespace("public",
1157 nullptr,
1158 public_ns_search_path.c_str(),
1159 ANDROID_NAMESPACE_TYPE_ISOLATED,
1160 nullptr,
1161 nullptr);
1162
1163 ASSERT_TRUE(android_link_namespaces(ns_public, nullptr, g_core_shared_libs.c_str())) << dlerror();
1164
1165 android_namespace_t* ns_private =
1166 android_create_namespace("private",
1167 nullptr,
1168 private_ns_search_path.c_str(),
1169 ANDROID_NAMESPACE_TYPE_ISOLATED,
1170 nullptr,
1171 nullptr);
1172
1173 ASSERT_TRUE(android_link_namespaces(ns_private, ns_public, "libtest_missing_symbol.so")) << dlerror();
1174 ASSERT_TRUE(android_link_namespaces(ns_private, nullptr, g_core_shared_libs.c_str())) << dlerror();
1175
1176 android_dlextinfo extinfo;
1177 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1178 extinfo.library_namespace = ns_private;
1179
1180 void* handle = android_dlopen_ext((public_ns_search_path + "/libtest_missing_symbol.so").c_str(),
1181 RTLD_NOW,
1182 &extinfo);
1183 ASSERT_TRUE(handle == nullptr);
1184 ASSERT_EQ(std::string("dlopen failed: cannot locate symbol \"dlopen_testlib_missing_symbol\" referenced by \"") +
1185 public_ns_search_path + "/libtest_missing_symbol.so\"...",
1186 dlerror());
1187 }
1188
TEST(dlext,ns_unload_between_namespaces_missing_symbol_indirect)1189 TEST(dlext, ns_unload_between_namespaces_missing_symbol_indirect) {
1190 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1191
1192 const std::string public_ns_search_path = GetTestlibRoot() + "/public_namespace_libs";
1193 const std::string private_ns_search_path = GetTestlibRoot() + "/private_namespace_libs";
1194
1195 android_namespace_t* ns_public =
1196 android_create_namespace("public",
1197 nullptr,
1198 public_ns_search_path.c_str(),
1199 ANDROID_NAMESPACE_TYPE_ISOLATED,
1200 nullptr,
1201 nullptr);
1202
1203 ASSERT_TRUE(android_link_namespaces(ns_public, nullptr, g_core_shared_libs.c_str())) << dlerror();
1204
1205 android_namespace_t* ns_private =
1206 android_create_namespace("private",
1207 nullptr,
1208 private_ns_search_path.c_str(),
1209 ANDROID_NAMESPACE_TYPE_ISOLATED,
1210 nullptr,
1211 nullptr);
1212
1213 ASSERT_TRUE(android_link_namespaces(ns_private,
1214 ns_public,
1215 "libnstest_public.so:libtest_missing_symbol_child_public.so")
1216 ) << dlerror();
1217 ASSERT_TRUE(android_link_namespaces(ns_private, nullptr, g_core_shared_libs.c_str())) << dlerror();
1218
1219 android_dlextinfo extinfo;
1220 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1221 extinfo.library_namespace = ns_private;
1222
1223 void* handle = android_dlopen_ext("libtest_missing_symbol_root.so", RTLD_NOW, &extinfo);
1224 ASSERT_TRUE(handle == nullptr);
1225 ASSERT_EQ(std::string("dlopen failed: cannot locate symbol \"dlopen_testlib_missing_symbol\" referenced by \"") +
1226 private_ns_search_path + "/libtest_missing_symbol_root.so\"...",
1227 dlerror());
1228 }
1229
TEST(dlext,ns_exempt_list_enabled)1230 TEST(dlext, ns_exempt_list_enabled) {
1231 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1232
1233 const std::string ns_search_path = GetTestlibRoot() + "/private_namespace_libs";
1234
1235 android_namespace_t* ns =
1236 android_create_namespace("namespace",
1237 nullptr,
1238 ns_search_path.c_str(),
1239 ANDROID_NAMESPACE_TYPE_ISOLATED | ANDROID_NAMESPACE_TYPE_EXEMPT_LIST_ENABLED,
1240 nullptr,
1241 nullptr);
1242
1243 ASSERT_TRUE(android_link_namespaces(ns, nullptr, g_core_shared_libs.c_str())) << dlerror();
1244
1245 android_dlextinfo extinfo;
1246 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1247 extinfo.library_namespace = ns;
1248
1249 // An app targeting M can open libnativehelper.so because it's on the exempt-list.
1250 android_set_application_target_sdk_version(23);
1251 void* handle = android_dlopen_ext("libnativehelper.so", RTLD_NOW, &extinfo);
1252 ASSERT_TRUE(handle != nullptr) << dlerror();
1253
1254 // Check that loader did not load another copy of libdl.so while loading exempted library.
1255 void* dlsym_ptr = dlsym(handle, "dlsym");
1256 ASSERT_TRUE(dlsym_ptr != nullptr) << dlerror();
1257 ASSERT_EQ(&dlsym, dlsym_ptr);
1258
1259 dlclose(handle);
1260
1261 // An app targeting N no longer has the exempt-list.
1262 android_set_application_target_sdk_version(24);
1263 handle = android_dlopen_ext("libnativehelper.so", RTLD_NOW, &extinfo);
1264 ASSERT_TRUE(handle == nullptr);
1265 ASSERT_STREQ("dlopen failed: library \"libnativehelper.so\" not found", dlerror());
1266 }
1267
TEST(dlext,ns_exempt_list_disabled_by_default)1268 TEST(dlext, ns_exempt_list_disabled_by_default) {
1269 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1270
1271 const std::string ns_search_path = GetTestlibRoot() + "/private_namespace_libs";
1272
1273 android_namespace_t* ns =
1274 android_create_namespace("namespace",
1275 nullptr,
1276 ns_search_path.c_str(),
1277 ANDROID_NAMESPACE_TYPE_ISOLATED,
1278 nullptr,
1279 nullptr);
1280
1281 ASSERT_TRUE(android_link_namespaces(ns, nullptr, g_core_shared_libs.c_str())) << dlerror();
1282
1283 android_dlextinfo extinfo;
1284 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1285 extinfo.library_namespace = ns;
1286
1287 android_set_application_target_sdk_version(23);
1288 void* handle = android_dlopen_ext("libnativehelper.so", RTLD_NOW, &extinfo);
1289 ASSERT_TRUE(handle == nullptr);
1290 ASSERT_STREQ("dlopen failed: library \"libnativehelper.so\" not found", dlerror());
1291 }
1292
TEST(dlext,ns_cyclic_namespaces)1293 TEST(dlext, ns_cyclic_namespaces) {
1294 // Test that ns1->ns2->ns1 link does not break the loader
1295 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1296 std::string shared_libs = g_core_shared_libs + ":libthatdoesnotexist.so";
1297
1298 const std::string ns_search_path = GetTestlibRoot() + "/public_namespace_libs";
1299
1300 android_namespace_t* ns1 =
1301 android_create_namespace("ns1",
1302 nullptr,
1303 ns_search_path.c_str(),
1304 ANDROID_NAMESPACE_TYPE_ISOLATED,
1305 nullptr,
1306 nullptr);
1307
1308 ASSERT_TRUE(android_link_namespaces(ns1, nullptr, g_core_shared_libs.c_str())) << dlerror();
1309
1310 android_namespace_t* ns2 =
1311 android_create_namespace("ns1",
1312 nullptr,
1313 ns_search_path.c_str(),
1314 ANDROID_NAMESPACE_TYPE_ISOLATED,
1315 nullptr,
1316 nullptr);
1317
1318 ASSERT_TRUE(android_link_namespaces(ns2, nullptr, g_core_shared_libs.c_str())) << dlerror();
1319
1320 ASSERT_TRUE(android_link_namespaces(ns2, ns1, shared_libs.c_str())) << dlerror();
1321 ASSERT_TRUE(android_link_namespaces(ns1, ns2, shared_libs.c_str())) << dlerror();
1322
1323 android_dlextinfo extinfo;
1324 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1325 extinfo.library_namespace = ns1;
1326
1327 void* handle = android_dlopen_ext("libthatdoesnotexist.so", RTLD_NOW, &extinfo);
1328 ASSERT_TRUE(handle == nullptr);
1329 ASSERT_STREQ("dlopen failed: library \"libthatdoesnotexist.so\" not found", dlerror());
1330 }
1331
TEST(dlext,ns_isolated)1332 TEST(dlext, ns_isolated) {
1333 static const char* root_lib = "libnstest_root_not_isolated.so";
1334 std::string shared_libs = g_core_shared_libs + ":" + g_public_lib;
1335
1336 const std::string lib_public_path = GetTestlibRoot() + "/public_namespace_libs/" + g_public_lib;
1337 void* handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW);
1338 ASSERT_TRUE(handle_public != nullptr) << dlerror();
1339
1340 android_set_application_target_sdk_version(42U); // something > 23
1341
1342 ASSERT_TRUE(android_init_anonymous_namespace(shared_libs.c_str(), nullptr)) << dlerror();
1343
1344 android_namespace_t* ns_not_isolated =
1345 android_create_namespace("private",
1346 nullptr,
1347 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1348 ANDROID_NAMESPACE_TYPE_REGULAR,
1349 nullptr,
1350 nullptr);
1351 ASSERT_TRUE(ns_not_isolated != nullptr) << dlerror();
1352 ASSERT_TRUE(android_link_namespaces(ns_not_isolated, nullptr, shared_libs.c_str())) << dlerror();
1353
1354 android_namespace_t* ns_isolated =
1355 android_create_namespace("private_isolated1",
1356 nullptr,
1357 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1358 ANDROID_NAMESPACE_TYPE_ISOLATED,
1359 nullptr,
1360 nullptr);
1361 ASSERT_TRUE(ns_isolated != nullptr) << dlerror();
1362 ASSERT_TRUE(android_link_namespaces(ns_isolated, nullptr, shared_libs.c_str())) << dlerror();
1363
1364 android_namespace_t* ns_isolated2 =
1365 android_create_namespace("private_isolated2",
1366 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1367 nullptr,
1368 ANDROID_NAMESPACE_TYPE_ISOLATED,
1369 GetTestlibRoot().c_str(),
1370 nullptr);
1371 ASSERT_TRUE(ns_isolated2 != nullptr) << dlerror();
1372 ASSERT_TRUE(android_link_namespaces(ns_isolated2, nullptr, shared_libs.c_str())) << dlerror();
1373
1374 ASSERT_TRUE(dlopen(root_lib, RTLD_NOW) == nullptr);
1375 ASSERT_STREQ("dlopen failed: library \"libnstest_root_not_isolated.so\" not found", dlerror());
1376
1377 std::string lib_private_external_path =
1378 GetTestlibRoot() + "/private_namespace_libs_external/libnstest_private_external.so";
1379
1380 // Load lib_private_external_path to default namespace
1381 // (it should remain invisible for the isolated namespaces after this)
1382 void* handle = dlopen(lib_private_external_path.c_str(), RTLD_NOW);
1383 ASSERT_TRUE(handle != nullptr) << dlerror();
1384
1385 android_dlextinfo extinfo;
1386 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1387 extinfo.library_namespace = ns_not_isolated;
1388
1389 void* handle1 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1390 ASSERT_TRUE(handle1 != nullptr) << dlerror();
1391
1392 extinfo.library_namespace = ns_isolated;
1393
1394 void* handle2 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1395 ASSERT_TRUE(handle2 == nullptr);
1396 const char* error = dlerror();
1397 ASSERT_MATCH(error,
1398 R"(dlopen failed: library "libnstest_private_external.so" not found: needed by )"
1399 R"(\S+libnstest_root_not_isolated.so in namespace private_isolated1)");
1400
1401 // Check dlopen by absolute path
1402 handle2 = android_dlopen_ext(lib_private_external_path.c_str(), RTLD_NOW, &extinfo);
1403 ASSERT_TRUE(handle2 == nullptr);
1404 ASSERT_EQ("dlopen failed: library \"" + lib_private_external_path + "\" needed"
1405 " or dlopened by \"" + android::base::GetExecutablePath() + "\" is not accessible"
1406 " for the namespace \"private_isolated1\"", dlerror());
1407
1408 extinfo.library_namespace = ns_isolated2;
1409
1410 // this should work because isolation_path for private_isolated2 includes GetTestlibRoot()
1411 handle2 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1412 ASSERT_TRUE(handle2 != nullptr) << dlerror();
1413 dlclose(handle2);
1414
1415 // Check dlopen by absolute path
1416 handle2 = android_dlopen_ext(lib_private_external_path.c_str(), RTLD_NOW, &extinfo);
1417 ASSERT_TRUE(handle2 != nullptr) << dlerror();
1418 dlclose(handle2);
1419
1420 typedef const char* (*fn_t)();
1421 fn_t ns_get_local_string = reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_local_string"));
1422 ASSERT_TRUE(ns_get_local_string != nullptr) << dlerror();
1423
1424 ASSERT_STREQ("This string is local to root library", ns_get_local_string());
1425
1426 fn_t ns_get_private_extern_string =
1427 reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_private_extern_string"));
1428 ASSERT_TRUE(ns_get_private_extern_string != nullptr) << dlerror();
1429
1430 ASSERT_STREQ("This string is from private namespace", ns_get_private_extern_string());
1431
1432 fn_t ns_get_public_extern_string =
1433 reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_public_extern_string"));
1434 ASSERT_TRUE(ns_get_public_extern_string != nullptr) << dlerror();
1435
1436 ASSERT_STREQ("This string is from public namespace", ns_get_public_extern_string());
1437
1438 fn_t ns_get_dlopened_string = reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_dlopened_string"));
1439 ASSERT_TRUE(ns_get_dlopened_string != nullptr) << dlerror();
1440
1441 ASSERT_STREQ("This string is from private namespace (dlopened library)", ns_get_dlopened_string());
1442
1443 dlclose(handle1);
1444 }
1445
TEST(dlext,ns_shared)1446 TEST(dlext, ns_shared) {
1447 static const char* root_lib = "libnstest_root_not_isolated.so";
1448 static const char* root_lib_isolated = "libnstest_root.so";
1449
1450 std::string shared_libs = g_core_shared_libs + ":" + g_public_lib;
1451
1452 // create a parent namespace to use instead of the default namespace. This is
1453 // to make this test be independent from the configuration of the default
1454 // namespace.
1455 android_namespace_t* ns_parent =
1456 android_create_namespace("parent",
1457 nullptr,
1458 nullptr,
1459 ANDROID_NAMESPACE_TYPE_REGULAR,
1460 nullptr,
1461 nullptr);
1462 ASSERT_TRUE(ns_parent != nullptr) << dlerror();
1463 ASSERT_TRUE(android_link_namespaces(ns_parent, nullptr, g_core_shared_libs.c_str())) << dlerror();
1464
1465 android_dlextinfo extinfo;
1466 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1467 extinfo.library_namespace = ns_parent;
1468
1469 const std::string lib_public_path = GetTestlibRoot() + "/public_namespace_libs/" + g_public_lib;
1470 void* handle_public = android_dlopen_ext(lib_public_path.c_str(), RTLD_NOW, &extinfo);
1471 ASSERT_TRUE(handle_public != nullptr) << dlerror();
1472
1473 android_set_application_target_sdk_version(42U); // something > 23
1474
1475 ASSERT_TRUE(android_init_anonymous_namespace(shared_libs.c_str(), nullptr)) << dlerror();
1476
1477 // preload this library to the parent namespace to check if it
1478 // is shared later on.
1479 void* handle_dlopened =
1480 android_dlopen_ext((GetTestlibRoot() + "/private_namespace_libs/libnstest_dlopened.so").c_str(), RTLD_NOW, &extinfo);
1481 ASSERT_TRUE(handle_dlopened != nullptr) << dlerror();
1482
1483 // create two child namespaces of 'ns_parent'. One with regular, the other
1484 // with isolated & shared.
1485 android_namespace_t* ns_not_isolated =
1486 android_create_namespace("private",
1487 nullptr,
1488 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1489 ANDROID_NAMESPACE_TYPE_REGULAR,
1490 nullptr,
1491 ns_parent);
1492 ASSERT_TRUE(ns_not_isolated != nullptr) << dlerror();
1493 ASSERT_TRUE(android_link_namespaces(ns_not_isolated, ns_parent, g_public_lib)) << dlerror();
1494 ASSERT_TRUE(android_link_namespaces(ns_not_isolated, nullptr, g_core_shared_libs.c_str())) << dlerror();
1495
1496 android_namespace_t* ns_isolated_shared =
1497 android_create_namespace("private_isolated_shared",
1498 nullptr,
1499 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1500 ANDROID_NAMESPACE_TYPE_ISOLATED | ANDROID_NAMESPACE_TYPE_SHARED,
1501 nullptr,
1502 ns_parent);
1503 ASSERT_TRUE(ns_isolated_shared != nullptr) << dlerror();
1504 ASSERT_TRUE(android_link_namespaces(ns_isolated_shared, ns_parent, g_public_lib)) << dlerror();
1505 ASSERT_TRUE(android_link_namespaces(ns_isolated_shared, nullptr, g_core_shared_libs.c_str())) << dlerror();
1506
1507 ASSERT_TRUE(android_dlopen_ext(root_lib, RTLD_NOW, &extinfo) == nullptr);
1508 ASSERT_STREQ("dlopen failed: library \"libnstest_root_not_isolated.so\" not found", dlerror());
1509
1510 std::string lib_private_external_path =
1511 GetTestlibRoot() + "/private_namespace_libs_external/libnstest_private_external.so";
1512
1513 // Load lib_private_external_path to the parent namespace
1514 // (it should remain invisible for the isolated namespaces after this)
1515 void* handle = android_dlopen_ext(lib_private_external_path.c_str(), RTLD_NOW, &extinfo);
1516 ASSERT_TRUE(handle != nullptr) << dlerror();
1517
1518 extinfo.library_namespace = ns_not_isolated;
1519
1520 void* handle1 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1521 ASSERT_TRUE(handle1 != nullptr) << dlerror();
1522
1523 extinfo.library_namespace = ns_isolated_shared;
1524
1525 void* handle2 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1526 ASSERT_TRUE(handle2 == nullptr);
1527 ASSERT_MATCH(dlerror(),
1528 R"(dlopen failed: library "libnstest_private_external.so" not found: needed by )"
1529 R"(\S+libnstest_root_not_isolated.so in namespace private_isolated_shared)");
1530
1531 // Check dlopen by absolute path
1532 handle2 = android_dlopen_ext(lib_private_external_path.c_str(), RTLD_NOW, &extinfo);
1533 ASSERT_TRUE(handle2 == nullptr);
1534 ASSERT_EQ("dlopen failed: library \"" + lib_private_external_path + "\" needed"
1535 " or dlopened by \"" + android::base::GetExecutablePath() + "\" is not accessible"
1536 " for the namespace \"private_isolated_shared\"", dlerror());
1537
1538 // load libnstest_root.so to shared namespace in order to check that everything is different
1539 // except shared libnstest_dlopened.so
1540
1541 handle2 = android_dlopen_ext(root_lib_isolated, RTLD_NOW, &extinfo);
1542
1543 typedef const char* (*fn_t)();
1544 fn_t ns_get_local_string = reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_local_string"));
1545 ASSERT_TRUE(ns_get_local_string != nullptr) << dlerror();
1546 fn_t ns_get_local_string_shared = reinterpret_cast<fn_t>(dlsym(handle2, "ns_get_local_string"));
1547 ASSERT_TRUE(ns_get_local_string_shared != nullptr) << dlerror();
1548
1549 ASSERT_STREQ("This string is local to root library", ns_get_local_string());
1550 ASSERT_STREQ("This string is local to root library", ns_get_local_string_shared());
1551 ASSERT_TRUE(ns_get_local_string() != ns_get_local_string_shared());
1552
1553 fn_t ns_get_private_extern_string =
1554 reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_private_extern_string"));
1555 ASSERT_TRUE(ns_get_private_extern_string != nullptr) << dlerror();
1556 fn_t ns_get_private_extern_string_shared =
1557 reinterpret_cast<fn_t>(dlsym(handle2, "ns_get_private_extern_string"));
1558 ASSERT_TRUE(ns_get_private_extern_string_shared() != nullptr) << dlerror();
1559
1560 ASSERT_STREQ("This string is from private namespace", ns_get_private_extern_string());
1561 ASSERT_STREQ("This string is from private namespace", ns_get_private_extern_string_shared());
1562 ASSERT_TRUE(ns_get_private_extern_string() != ns_get_private_extern_string_shared());
1563
1564 fn_t ns_get_public_extern_string =
1565 reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_public_extern_string"));
1566 ASSERT_TRUE(ns_get_public_extern_string != nullptr) << dlerror();
1567 fn_t ns_get_public_extern_string_shared =
1568 reinterpret_cast<fn_t>(dlsym(handle2, "ns_get_public_extern_string"));
1569 ASSERT_TRUE(ns_get_public_extern_string_shared != nullptr) << dlerror();
1570
1571 ASSERT_STREQ("This string is from public namespace", ns_get_public_extern_string());
1572 ASSERT_STREQ("This string is from public namespace", ns_get_public_extern_string_shared());
1573 ASSERT_TRUE(ns_get_public_extern_string() == ns_get_public_extern_string_shared());
1574
1575 fn_t ns_get_dlopened_string = reinterpret_cast<fn_t>(dlsym(handle1, "ns_get_dlopened_string"));
1576 ASSERT_TRUE(ns_get_dlopened_string != nullptr) << dlerror();
1577 fn_t ns_get_dlopened_string_shared = reinterpret_cast<fn_t>(dlsym(handle2, "ns_get_dlopened_string"));
1578 ASSERT_TRUE(ns_get_dlopened_string_shared != nullptr) << dlerror();
1579 const char** ns_dlopened_string = static_cast<const char**>(dlsym(handle_dlopened, "g_private_dlopened_string"));
1580 ASSERT_TRUE(ns_dlopened_string != nullptr) << dlerror();
1581
1582 ASSERT_STREQ("This string is from private namespace (dlopened library)", ns_get_dlopened_string());
1583 ASSERT_STREQ("This string is from private namespace (dlopened library)", *ns_dlopened_string);
1584 ASSERT_STREQ("This string is from private namespace (dlopened library)", ns_get_dlopened_string_shared());
1585 ASSERT_TRUE(ns_get_dlopened_string() != ns_get_dlopened_string_shared());
1586 ASSERT_TRUE(*ns_dlopened_string == ns_get_dlopened_string_shared());
1587
1588 dlclose(handle1);
1589 dlclose(handle2);
1590 }
1591
TEST(dlext,ns_shared_links_and_paths)1592 TEST(dlext, ns_shared_links_and_paths) {
1593 // Create parent namespace (isolated, not shared)
1594 android_namespace_t* ns_isolated =
1595 android_create_namespace("private_isolated",
1596 nullptr,
1597 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1598 ANDROID_NAMESPACE_TYPE_ISOLATED,
1599 (GetTestlibRoot() + "/public_namespace_libs").c_str(),
1600 nullptr);
1601 ASSERT_TRUE(ns_isolated != nullptr) << dlerror();
1602 ASSERT_TRUE(android_link_namespaces(ns_isolated, nullptr, g_core_shared_libs.c_str())) << dlerror();
1603
1604 // Create shared namespace with ns_isolated parent
1605 android_namespace_t* ns_shared =
1606 android_create_namespace("private_shared",
1607 nullptr,
1608 nullptr,
1609 ANDROID_NAMESPACE_TYPE_SHARED | ANDROID_NAMESPACE_TYPE_ISOLATED,
1610 nullptr,
1611 ns_isolated);
1612 ASSERT_TRUE(ns_shared != nullptr) << dlerror();
1613
1614 // 1. Load a library in ns_shared to check that it has inherited
1615 // search path and the link to the default namespace.
1616 android_dlextinfo extinfo;
1617 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1618 extinfo.library_namespace = ns_shared;
1619
1620 {
1621 void* handle = android_dlopen_ext("libnstest_private.so", RTLD_NOW, &extinfo);
1622 ASSERT_TRUE(handle != nullptr) << dlerror();
1623 const char** ns_private_extern_string = static_cast<const char**>(dlsym(handle, "g_private_extern_string"));
1624 ASSERT_TRUE(ns_private_extern_string != nullptr) << dlerror();
1625 ASSERT_STREQ("This string is from private namespace", *ns_private_extern_string);
1626
1627 dlclose(handle);
1628 }
1629 // 2. Load another test library by absolute path to check that
1630 // it has inherited permitted_when_isolated_path
1631 {
1632 void* handle = android_dlopen_ext(
1633 (GetTestlibRoot() + "/public_namespace_libs/libnstest_public.so").c_str(),
1634 RTLD_NOW,
1635 &extinfo);
1636
1637 ASSERT_TRUE(handle != nullptr) << dlerror();
1638 const char** ns_public_extern_string = static_cast<const char**>(dlsym(handle, "g_public_extern_string"));
1639 ASSERT_TRUE(ns_public_extern_string != nullptr) << dlerror();
1640 ASSERT_STREQ("This string is from public namespace", *ns_public_extern_string);
1641
1642 dlclose(handle);
1643 }
1644
1645 // 3. Check that it is still isolated.
1646 {
1647 void* handle = android_dlopen_ext(
1648 (GetTestlibRoot() + "/libtest_empty.so").c_str(),
1649 RTLD_NOW,
1650 &extinfo);
1651
1652 ASSERT_TRUE(handle == nullptr);
1653 }
1654 }
1655
TEST(dlext,ns_shared_dlclose)1656 TEST(dlext, ns_shared_dlclose) {
1657 android_set_application_target_sdk_version(42U); // something > 23
1658
1659 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr)) << dlerror();
1660
1661 // preload this library to the default namespace to check if it
1662 // is shared later on.
1663 void* handle_dlopened =
1664 dlopen((GetTestlibRoot() + "/private_namespace_libs/libnstest_dlopened.so").c_str(), RTLD_NOW);
1665 ASSERT_TRUE(handle_dlopened != nullptr) << dlerror();
1666
1667 android_namespace_t* ns_isolated_shared =
1668 android_create_namespace("private_isolated_shared",
1669 nullptr,
1670 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1671 ANDROID_NAMESPACE_TYPE_ISOLATED | ANDROID_NAMESPACE_TYPE_SHARED,
1672 nullptr,
1673 nullptr);
1674 ASSERT_TRUE(ns_isolated_shared != nullptr) << dlerror();
1675 ASSERT_TRUE(android_link_namespaces(ns_isolated_shared, nullptr, g_core_shared_libs.c_str())) << dlerror();
1676
1677 // Check if "libnstest_dlopened.so" is loaded (and the same)
1678 android_dlextinfo extinfo;
1679 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1680 extinfo.library_namespace = ns_isolated_shared;
1681
1682 void* handle = android_dlopen_ext("libnstest_dlopened.so", RTLD_NOW | RTLD_NOLOAD, &extinfo);
1683 ASSERT_TRUE(handle != nullptr) << dlerror();
1684 ASSERT_TRUE(handle == handle_dlopened);
1685 dlclose(handle);
1686 dlclose(handle_dlopened);
1687
1688 // And now check that the library cannot be found by soname (and is no longer loaded)
1689 handle = android_dlopen_ext("libnstest_dlopened.so", RTLD_NOW | RTLD_NOLOAD, &extinfo);
1690 ASSERT_TRUE(handle == nullptr)
1691 << "Error: libnstest_dlopened.so is still accessible in shared namespace";
1692
1693 handle = android_dlopen_ext((GetTestlibRoot() + "/private_namespace_libs/libnstest_dlopened.so").c_str(),
1694 RTLD_NOW | RTLD_NOLOAD, &extinfo);
1695 ASSERT_TRUE(handle == nullptr)
1696 << "Error: libnstest_dlopened.so is still accessible in shared namespace";
1697
1698 handle = dlopen("libnstest_dlopened.so", RTLD_NOW | RTLD_NOLOAD);
1699 ASSERT_TRUE(handle == nullptr)
1700 << "Error: libnstest_dlopened.so is still accessible in default namespace";
1701
1702 handle = dlopen((GetTestlibRoot() + "/private_namespace_libs/libnstest_dlopened.so").c_str(),
1703 RTLD_NOW | RTLD_NOLOAD);
1704 ASSERT_TRUE(handle == nullptr)
1705 << "Error: libnstest_dlopened.so is still accessible in default namespace";
1706
1707 // Now lets see if the soinfo area gets reused in the wrong way:
1708 // load a library to default namespace.
1709 const std::string lib_public_path = GetTestlibRoot() + "/public_namespace_libs/" + g_public_lib;
1710 void* handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW);
1711 ASSERT_TRUE(handle_public != nullptr) << dlerror();
1712
1713 // try to find it in shared namespace
1714 handle = android_dlopen_ext(g_public_lib, RTLD_NOW | RTLD_NOLOAD, &extinfo);
1715 ASSERT_TRUE(handle == nullptr)
1716 << "Error: " << g_public_lib << " is accessible in shared namespace";
1717 }
1718
TEST(dlext,ns_isolated_rtld_global)1719 TEST(dlext, ns_isolated_rtld_global) {
1720 static const char* root_lib = "libnstest_root.so";
1721 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1722
1723 const std::string lib_public_path = GetTestlibRoot() + "/public_namespace_libs";
1724
1725 android_namespace_t* ns1 =
1726 android_create_namespace("isolated1",
1727 nullptr,
1728 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1729 ANDROID_NAMESPACE_TYPE_ISOLATED,
1730 lib_public_path.c_str(),
1731 nullptr);
1732 ASSERT_TRUE(ns1 != nullptr) << dlerror();
1733 ASSERT_TRUE(android_link_namespaces(ns1, nullptr, g_core_shared_libs.c_str())) << dlerror();
1734
1735 android_namespace_t* ns2 =
1736 android_create_namespace("isolated2",
1737 nullptr,
1738 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1739 ANDROID_NAMESPACE_TYPE_ISOLATED,
1740 lib_public_path.c_str(),
1741 nullptr);
1742 ASSERT_TRUE(ns2 != nullptr) << dlerror();
1743 ASSERT_TRUE(android_link_namespaces(ns2, nullptr, g_core_shared_libs.c_str())) << dlerror();
1744
1745 android_dlextinfo extinfo;
1746 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1747 extinfo.library_namespace = ns1;
1748
1749 void* handle_global = android_dlopen_ext((lib_public_path + "/" + g_public_lib).c_str(),
1750 RTLD_GLOBAL,
1751 &extinfo);
1752
1753 ASSERT_TRUE(handle_global != nullptr) << dlerror();
1754
1755 android_namespace_t* ns1_child =
1756 android_create_namespace("isolated1_child",
1757 nullptr,
1758 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1759 ANDROID_NAMESPACE_TYPE_ISOLATED,
1760 nullptr,
1761 ns1);
1762
1763 ASSERT_TRUE(ns1_child != nullptr) << dlerror();
1764 ASSERT_TRUE(android_link_namespaces(ns1_child, nullptr, g_core_shared_libs.c_str())) << dlerror();
1765
1766 // Now - only ns1 and ns1 child should be able to dlopen root_lib
1767 // attempt to use ns2 should result in dlerror()
1768
1769 // Check ns1_child first.
1770 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1771 extinfo.library_namespace = ns1_child;
1772
1773 void* handle1 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1774 ASSERT_TRUE(handle1 != nullptr) << dlerror();
1775
1776 // now ns1
1777 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1778 extinfo.library_namespace = ns1;
1779
1780 handle1 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1781 ASSERT_TRUE(handle1 != nullptr) << dlerror();
1782
1783 // and ns2 should fail
1784 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1785 extinfo.library_namespace = ns2;
1786
1787 handle1 = android_dlopen_ext(root_lib, RTLD_NOW, &extinfo);
1788 ASSERT_TRUE(handle1 == nullptr);
1789 ASSERT_MATCH(
1790 dlerror(),
1791 R"(dlopen failed: library "libnstest_public.so" not found: needed by \S+libnstest_root.so)"
1792 R"( in namespace isolated2)");
1793 }
1794
TEST(dlext,ns_inaccessible_error_message)1795 TEST(dlext, ns_inaccessible_error_message) {
1796 // We set up 2 namespaces (a and b) and link a->b with a shared library
1797 // libtestshared.so. Then try to dlopen different library with the same
1798 // name from in namespace a. Note that library should not be accessible
1799 // in either namespace but since it's soname is in the list of shared libs
1800 // the linker will attempt to find it in linked namespace.
1801 //
1802 // Check the error message and make sure it mentions correct namespace name.
1803 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1804
1805 android_namespace_t* ns_a =
1806 android_create_namespace("ns_a",
1807 nullptr,
1808 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1809 ANDROID_NAMESPACE_TYPE_ISOLATED,
1810 nullptr,
1811 nullptr);
1812 ASSERT_TRUE(ns_a != nullptr) << dlerror();
1813 ASSERT_TRUE(android_link_namespaces(ns_a, nullptr, g_core_shared_libs.c_str())) << dlerror();
1814
1815 android_namespace_t* ns_b =
1816 android_create_namespace("ns_b",
1817 nullptr,
1818 GetTestlibRoot().c_str(),
1819 ANDROID_NAMESPACE_TYPE_ISOLATED,
1820 nullptr,
1821 nullptr);
1822 ASSERT_TRUE(ns_b != nullptr) << dlerror();
1823 ASSERT_TRUE(android_link_namespaces(ns_b, nullptr, g_core_shared_libs.c_str())) << dlerror();
1824
1825 ASSERT_TRUE(android_link_namespaces(ns_a, ns_b, "libtestshared.so")) << dlerror();
1826
1827 android_dlextinfo extinfo;
1828 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1829 extinfo.library_namespace = ns_a;
1830
1831 std::string library_path = GetTestlibRoot() + "/inaccessible_libs/libtestshared.so";
1832
1833 void* handle = android_dlopen_ext(library_path.c_str(), RTLD_NOW, &extinfo);
1834 ASSERT_TRUE(handle == nullptr);
1835 std::string expected_dlerror =
1836 android::base::StringPrintf("dlopen failed: library \"%s\" needed or dlopened by \"%s\""
1837 " is not accessible for the namespace \"ns_a\"",
1838 library_path.c_str(),
1839 android::base::GetExecutablePath().c_str());
1840 ASSERT_EQ(expected_dlerror, dlerror());
1841 }
1842
1843 extern "C" bool __loader_android_link_namespaces_all_libs(android_namespace_t* namespace_from,
1844 android_namespace_t* namespace_to);
1845
TEST(dlext,ns_link_namespaces_invalid_arguments)1846 TEST(dlext, ns_link_namespaces_invalid_arguments) {
1847 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1848
1849 android_namespace_t* ns =
1850 android_create_namespace("private",
1851 nullptr,
1852 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1853 ANDROID_NAMESPACE_TYPE_REGULAR,
1854 nullptr,
1855 nullptr);
1856 ASSERT_TRUE(ns != nullptr) << dlerror();
1857
1858 // Test android_link_namespaces()
1859 ASSERT_FALSE(android_link_namespaces(nullptr, nullptr, "libc.so"));
1860 ASSERT_STREQ("android_link_namespaces failed: error linking namespaces: namespace_from is null.",
1861 dlerror());
1862
1863 ASSERT_FALSE(android_link_namespaces(ns, nullptr, nullptr));
1864 ASSERT_STREQ("android_link_namespaces failed: "
1865 "error linking namespaces \"private\"->\"(default)\": "
1866 "the list of shared libraries is empty.", dlerror());
1867
1868 ASSERT_FALSE(android_link_namespaces(ns, nullptr, ""));
1869 ASSERT_STREQ("android_link_namespaces failed: "
1870 "error linking namespaces \"private\"->\"(default)\": "
1871 "the list of shared libraries is empty.", dlerror());
1872
1873 // Test __loader_android_link_namespaces_all_libs()
1874 ASSERT_FALSE(__loader_android_link_namespaces_all_libs(nullptr, nullptr));
1875 ASSERT_STREQ("android_link_namespaces_all_libs failed: "
1876 "error linking namespaces: namespace_from is null.", dlerror());
1877
1878 ASSERT_FALSE(__loader_android_link_namespaces_all_libs(nullptr, ns));
1879 ASSERT_STREQ("android_link_namespaces_all_libs failed: "
1880 "error linking namespaces: namespace_from is null.", dlerror());
1881
1882 ASSERT_FALSE(__loader_android_link_namespaces_all_libs(ns, nullptr));
1883 ASSERT_STREQ("android_link_namespaces_all_libs failed: "
1884 "error linking namespaces: namespace_to is null.", dlerror());
1885 }
1886
TEST(dlext,ns_allow_all_shared_libs)1887 TEST(dlext, ns_allow_all_shared_libs) {
1888 ASSERT_TRUE(android_init_anonymous_namespace(g_core_shared_libs.c_str(), nullptr));
1889
1890 android_namespace_t* ns_a =
1891 android_create_namespace("ns_a",
1892 nullptr,
1893 (GetTestlibRoot() + "/ns_a").c_str(),
1894 ANDROID_NAMESPACE_TYPE_ISOLATED,
1895 nullptr,
1896 nullptr);
1897 ASSERT_TRUE(ns_a != nullptr) << dlerror();
1898 ASSERT_TRUE(android_link_namespaces(ns_a, nullptr, g_core_shared_libs.c_str())) << dlerror();
1899
1900 android_namespace_t* ns_b =
1901 android_create_namespace("ns_b",
1902 nullptr,
1903 (GetTestlibRoot() + "/ns_b").c_str(),
1904 ANDROID_NAMESPACE_TYPE_ISOLATED,
1905 nullptr,
1906 nullptr);
1907 ASSERT_TRUE(ns_b != nullptr) << dlerror();
1908 ASSERT_TRUE(android_link_namespaces(ns_b, nullptr, g_core_shared_libs.c_str())) << dlerror();
1909
1910 ASSERT_TRUE(android_link_namespaces(ns_b, ns_a, "libnstest_ns_a_public1.so")) << dlerror();
1911 ASSERT_TRUE(__loader_android_link_namespaces_all_libs(ns_a, ns_b)) << dlerror();
1912
1913 // Load libs with android_dlopen_ext() from namespace b
1914 android_dlextinfo extinfo;
1915 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1916 extinfo.library_namespace = ns_b;
1917
1918 void* ns_b_handle1 = android_dlopen_ext("libnstest_ns_a_public1.so", RTLD_NOW, &extinfo);
1919 ASSERT_TRUE(ns_b_handle1 != nullptr) << dlerror();
1920
1921 void* ns_b_handle1_internal =
1922 android_dlopen_ext("libnstest_ns_a_public1_internal.so", RTLD_NOW, &extinfo);
1923 ASSERT_TRUE(ns_b_handle1_internal == nullptr);
1924
1925 void* ns_b_handle2 = android_dlopen_ext("libnstest_ns_b_public2.so", RTLD_NOW, &extinfo);
1926 ASSERT_TRUE(ns_b_handle2 != nullptr) << dlerror();
1927
1928 void* ns_b_handle3 = android_dlopen_ext("libnstest_ns_b_public3.so", RTLD_NOW, &extinfo);
1929 ASSERT_TRUE(ns_b_handle3 != nullptr) << dlerror();
1930
1931 // Load libs with android_dlopen_ext() from namespace a
1932 extinfo.library_namespace = ns_a;
1933
1934 void* ns_a_handle1 = android_dlopen_ext("libnstest_ns_a_public1.so", RTLD_NOW, &extinfo);
1935 ASSERT_TRUE(ns_a_handle1 != nullptr) << dlerror();
1936
1937 void* ns_a_handle1_internal =
1938 android_dlopen_ext("libnstest_ns_a_public1_internal.so", RTLD_NOW, &extinfo);
1939 ASSERT_TRUE(ns_a_handle1_internal != nullptr) << dlerror();
1940
1941 void* ns_a_handle2 = android_dlopen_ext("libnstest_ns_b_public2.so", RTLD_NOW, &extinfo);
1942 ASSERT_TRUE(ns_a_handle2 != nullptr) << dlerror();
1943
1944 void* ns_a_handle3 = android_dlopen_ext("libnstest_ns_b_public3.so", RTLD_NOW, &extinfo);
1945 ASSERT_TRUE(ns_a_handle3 != nullptr) << dlerror();
1946
1947 // Compare the dlopen handle
1948 ASSERT_EQ(ns_b_handle1, ns_a_handle1);
1949 ASSERT_EQ(ns_b_handle2, ns_a_handle2);
1950 ASSERT_EQ(ns_b_handle3, ns_a_handle3);
1951
1952 // Close libs
1953 dlclose(ns_b_handle1);
1954 dlclose(ns_b_handle2);
1955 dlclose(ns_b_handle3);
1956
1957 dlclose(ns_a_handle1);
1958 dlclose(ns_a_handle1_internal);
1959 dlclose(ns_a_handle2);
1960 dlclose(ns_a_handle3);
1961 }
1962
TEST(dlext,ns_anonymous)1963 TEST(dlext, ns_anonymous) {
1964 static const char* root_lib = "libnstest_root.so";
1965 std::string shared_libs = g_core_shared_libs + ":" + g_public_lib;
1966
1967 const std::string lib_public_path = GetTestlibRoot() + "/public_namespace_libs/" + g_public_lib;
1968 void* handle_public = dlopen(lib_public_path.c_str(), RTLD_NOW);
1969
1970 ASSERT_TRUE(handle_public != nullptr) << dlerror();
1971
1972 ASSERT_TRUE(
1973 android_init_anonymous_namespace(shared_libs.c_str(),
1974 (GetTestlibRoot() + "/private_namespace_libs").c_str())
1975 ) << dlerror();
1976
1977 android_namespace_t* ns =
1978 android_create_namespace("private",
1979 nullptr,
1980 (GetTestlibRoot() + "/private_namespace_libs").c_str(),
1981 ANDROID_NAMESPACE_TYPE_REGULAR,
1982 nullptr,
1983 nullptr);
1984
1985 ASSERT_TRUE(ns != nullptr) << dlerror();
1986 ASSERT_TRUE(android_link_namespaces(ns, nullptr, shared_libs.c_str())) << dlerror();
1987
1988 std::string private_library_absolute_path = GetTestlibRoot() + "/private_namespace_libs/" + root_lib;
1989
1990 android_dlextinfo extinfo;
1991 extinfo.flags = ANDROID_DLEXT_USE_NAMESPACE;
1992 extinfo.library_namespace = ns;
1993
1994 // we are going to copy this library to anonymous mmap and call the copy of ns_get_dlopened_string
1995 void* handle = android_dlopen_ext(private_library_absolute_path.c_str(), RTLD_NOW, &extinfo);
1996 ASSERT_TRUE(handle != nullptr) << dlerror();
1997
1998 uintptr_t ns_get_dlopened_string_addr =
1999 reinterpret_cast<uintptr_t>(dlsym(handle, "ns_get_dlopened_string"));
2000 ASSERT_TRUE(ns_get_dlopened_string_addr != 0) << dlerror();
2001 typedef const char* (*fn_t)();
2002 fn_t ns_get_dlopened_string_private = reinterpret_cast<fn_t>(ns_get_dlopened_string_addr);
2003
2004 std::vector<map_record> maps;
2005 Maps::parse_maps(&maps);
2006
2007 uintptr_t addr_start = 0;
2008 uintptr_t addr_end = 0;
2009 bool has_executable_segment = false;
2010 std::vector<map_record> maps_to_copy;
2011
2012 for (const auto& rec : maps) {
2013 if (rec.pathname == private_library_absolute_path) {
2014 if (addr_start == 0) {
2015 addr_start = rec.addr_start;
2016 }
2017 addr_end = rec.addr_end;
2018 has_executable_segment = has_executable_segment || (rec.perms & PROT_EXEC) != 0;
2019
2020 maps_to_copy.push_back(rec);
2021 }
2022 }
2023
2024 // Some validity checks.
2025 ASSERT_TRUE(addr_start > 0);
2026 ASSERT_TRUE(addr_end > 0);
2027 ASSERT_TRUE(maps_to_copy.size() > 0);
2028 ASSERT_TRUE(ns_get_dlopened_string_addr > addr_start);
2029 ASSERT_TRUE(ns_get_dlopened_string_addr < addr_end);
2030
2031 if (!has_executable_segment) {
2032 // For some natively bridged environments this code might be missing
2033 // the executable flag. This is because the guest code is not supposed
2034 // to be executed directly and making it non-executable is more secure.
2035 // In this case we assume the segment with the function is executable.
2036 for (auto& rec : maps_to_copy) {
2037 if (ns_get_dlopened_string_addr >= rec.addr_start &&
2038 ns_get_dlopened_string_addr < rec.addr_end) {
2039 ASSERT_TRUE((rec.perms & PROT_WRITE) == 0);
2040 rec.perms |= PROT_EXEC;
2041 break;
2042 }
2043 }
2044 }
2045
2046 // copy
2047 uintptr_t reserved_addr = reinterpret_cast<uintptr_t>(mmap(nullptr, addr_end - addr_start,
2048 PROT_NONE, MAP_ANON | MAP_PRIVATE,
2049 -1, 0));
2050 ASSERT_TRUE(reinterpret_cast<void*>(reserved_addr) != MAP_FAILED);
2051
2052 for (const auto& rec : maps_to_copy) {
2053 uintptr_t offset = rec.addr_start - addr_start;
2054 size_t size = rec.addr_end - rec.addr_start;
2055 void* addr = reinterpret_cast<void*>(reserved_addr + offset);
2056 void* map = mmap(addr, size, PROT_READ | PROT_WRITE,
2057 MAP_ANON | MAP_PRIVATE | MAP_FIXED, -1, 0);
2058 ASSERT_TRUE(map != MAP_FAILED);
2059 memcpy(map, reinterpret_cast<void*>(rec.addr_start), size);
2060 mprotect(map, size, rec.perms);
2061 }
2062
2063 // call the function copy
2064 uintptr_t ns_get_dlopened_string_offset = ns_get_dlopened_string_addr - addr_start;
2065 fn_t ns_get_dlopened_string_anon = reinterpret_cast<fn_t>(reserved_addr + ns_get_dlopened_string_offset);
2066 ASSERT_STREQ("This string is from private namespace (dlopened library)",
2067 ns_get_dlopened_string_anon());
2068
2069 // They should belong to different namespaces (private and anonymous)
2070 ASSERT_STREQ("This string is from private namespace (dlopened library)",
2071 ns_get_dlopened_string_private());
2072
2073 ASSERT_TRUE(ns_get_dlopened_string_anon() != ns_get_dlopened_string_private());
2074 }
2075
TEST(dlext,ns_hidden_child)2076 TEST(dlext, ns_hidden_child) {
2077 ExecTestHelper eth;
2078
2079 std::string helper = GetTestlibRoot() + "/ns_hidden_child_helper/ns_hidden_child_helper";
2080 chmod(helper.c_str(), 0755); // TODO: "x" lost in CTS, b/34945607
2081 std::string app_ns_dir = GetTestlibRoot() + "/ns_hidden_child_app";
2082 eth.SetArgs({ helper.c_str(), app_ns_dir.c_str(), nullptr });
2083
2084 // Add the main libns_hidden_child_*.so libraries to the search path of the default namespace.
2085 std::string env = "LD_LIBRARY_PATH=" + GetTestlibRoot();
2086 eth.SetEnv({ env.c_str(), nullptr });
2087
2088 eth.Run([&]() { execve(helper.c_str(), eth.GetArgs(), eth.GetEnv()); }, 0,
2089 "public_function is non-null\n"
2090 "internal_function is null\n");
2091 }
2092
TEST(dlext,dlopen_handle_value_platform)2093 TEST(dlext, dlopen_handle_value_platform) {
2094 void* handle = dlopen("libtest_dlsym_from_this.so", RTLD_NOW | RTLD_LOCAL);
2095 ASSERT_TRUE((reinterpret_cast<uintptr_t>(handle) & 1) != 0)
2096 << "dlopen should return odd value for the handle";
2097 dlclose(handle);
2098 }
2099
TEST(dlext,dlopen_handle_value_app_compat)2100 TEST(dlext, dlopen_handle_value_app_compat) {
2101 android_set_application_target_sdk_version(23);
2102 void* handle = dlopen("libtest_dlsym_from_this.so", RTLD_NOW | RTLD_LOCAL);
2103 ASSERT_TRUE(reinterpret_cast<uintptr_t>(handle) % sizeof(uintptr_t) == 0)
2104 << "dlopen should return valid pointer";
2105 dlclose(handle);
2106 }
2107