Merge "FlattenableUtils::align memsets"
diff --git a/adb/client/auth.cpp b/adb/client/auth.cpp
index ed6a9a8..e8be784 100644
--- a/adb/client/auth.cpp
+++ b/adb/client/auth.cpp
@@ -173,7 +173,8 @@
RSA* key = RSA_new();
if (!PEM_read_RSAPrivateKey(fp.get(), &key, nullptr, nullptr)) {
- LOG(ERROR) << "Failed to read key";
+ LOG(ERROR) << "Failed to read key from '" << file << "'";
+ ERR_print_errors_fp(stderr);
RSA_free(key);
return nullptr;
}
@@ -249,7 +250,7 @@
return adb_get_android_dir_path() + OS_PATH_SEPARATOR + "adbkey";
}
-static bool generate_userkey() {
+static bool load_userkey() {
std::string path = get_user_key_path();
if (path.empty()) {
PLOG(ERROR) << "Error getting user key filename";
@@ -435,8 +436,8 @@
void adb_auth_init() {
LOG(INFO) << "adb_auth_init...";
- if (!generate_userkey()) {
- LOG(ERROR) << "Failed to generate user key";
+ if (!load_userkey()) {
+ LOG(ERROR) << "Failed to load (or generate) user key";
return;
}
diff --git a/fs_mgr/fs_mgr_fstab.cpp b/fs_mgr/fs_mgr_fstab.cpp
index e50f7c3..c1a8dae 100644
--- a/fs_mgr/fs_mgr_fstab.cpp
+++ b/fs_mgr/fs_mgr_fstab.cpp
@@ -112,13 +112,16 @@
};
void ParseFileEncryption(const std::string& arg, FstabEntry* entry) {
- // The fileencryption flag is followed by an = and the mode of contents encryption, then
- // optionally a and the mode of filenames encryption (defaults to aes-256-cts). Get it and
- // return it.
+ // The fileencryption flag is followed by an = and 1 to 3 colon-separated fields:
+ //
+ // 1. Contents encryption mode
+ // 2. Filenames encryption mode (defaults to "aes-256-cts" or "adiantum"
+ // depending on the contents encryption mode)
+ // 3. Encryption policy version (defaults to "v1". Use "v2" on new devices.)
entry->fs_mgr_flags.file_encryption = true;
auto parts = Split(arg, ":");
- if (parts.empty() || parts.size() > 2) {
+ if (parts.empty() || parts.size() > 3) {
LWARNING << "Warning: fileencryption= flag malformed: " << arg;
return;
}
@@ -137,7 +140,7 @@
entry->file_contents_mode = parts[0];
- if (parts.size() == 2) {
+ if (parts.size() >= 2) {
if (std::find(kFileNamesEncryptionMode.begin(), kFileNamesEncryptionMode.end(), parts[1]) ==
kFileNamesEncryptionMode.end()) {
LWARNING << "fileencryption= flag malformed, file names encryption mode not found: "
@@ -151,6 +154,16 @@
} else {
entry->file_names_mode = "aes-256-cts";
}
+
+ if (parts.size() >= 3) {
+ if (!android::base::StartsWith(parts[2], 'v') ||
+ !android::base::ParseInt(&parts[2][1], &entry->file_policy_version)) {
+ LWARNING << "fileencryption= flag malformed, unknown options: " << arg;
+ return;
+ }
+ } else {
+ entry->file_policy_version = 1;
+ }
}
bool SetMountFlag(const std::string& flag, FstabEntry* entry) {
@@ -288,6 +301,7 @@
entry->key_loc = arg;
entry->file_contents_mode = "aes-256-xts";
entry->file_names_mode = "aes-256-cts";
+ entry->file_policy_version = 1;
} else if (StartsWith(flag, "max_comp_streams=")) {
if (!ParseInt(arg, &entry->max_comp_streams)) {
LWARNING << "Warning: max_comp_streams= flag malformed: " << arg;
diff --git a/fs_mgr/include_fstab/fstab/fstab.h b/fs_mgr/include_fstab/fstab/fstab.h
index d999ae1..3c517dc 100644
--- a/fs_mgr/include_fstab/fstab/fstab.h
+++ b/fs_mgr/include_fstab/fstab/fstab.h
@@ -47,6 +47,7 @@
off64_t reserved_size = 0;
std::string file_contents_mode;
std::string file_names_mode;
+ int file_policy_version = 0;
off64_t erase_blk_size = 0;
off64_t logical_blk_size = 0;
std::string sysfs_path;
diff --git a/fs_mgr/tests/fs_mgr_test.cpp b/fs_mgr/tests/fs_mgr_test.cpp
index 6d87594..a7ea817 100644
--- a/fs_mgr/tests/fs_mgr_test.cpp
+++ b/fs_mgr/tests/fs_mgr_test.cpp
@@ -467,6 +467,7 @@
}
EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
EXPECT_EQ("", entry->key_loc);
}
@@ -682,6 +683,7 @@
EXPECT_EQ("/dir/key", entry->key_loc);
EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
}
TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_FileEncryption) {
@@ -698,14 +700,18 @@
source none7 swap defaults fileencryption=ice:aes-256-cts
source none8 swap defaults fileencryption=ice:aes-256-heh
source none9 swap defaults fileencryption=ice:adiantum
-source none10 swap defaults fileencryption=ice:adiantum:
+source none10 swap defaults fileencryption=aes-256-xts:aes-256-cts:v1
+source none11 swap defaults fileencryption=aes-256-xts:aes-256-cts:v2
+source none12 swap defaults fileencryption=aes-256-xts:aes-256-cts:v2:
+source none13 swap defaults fileencryption=aes-256-xts:aes-256-cts:blah
+source none14 swap defaults fileencryption=aes-256-xts:aes-256-cts:vblah
)fs";
ASSERT_TRUE(android::base::WriteStringToFile(fstab_contents, tf.path));
Fstab fstab;
EXPECT_TRUE(ReadFstabFromFile(tf.path, &fstab));
- ASSERT_EQ(11U, fstab.size());
+ ASSERT_EQ(15U, fstab.size());
FstabEntry::FsMgrFlags flags = {};
flags.file_encryption = true;
@@ -715,66 +721,105 @@
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("", entry->file_contents_mode);
EXPECT_EQ("", entry->file_names_mode);
+ EXPECT_EQ(0, entry->file_policy_version);
entry++;
EXPECT_EQ("none1", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
entry++;
EXPECT_EQ("none2", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
entry++;
EXPECT_EQ("none3", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("adiantum", entry->file_contents_mode);
EXPECT_EQ("adiantum", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
entry++;
EXPECT_EQ("none4", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("adiantum", entry->file_contents_mode);
EXPECT_EQ("aes-256-heh", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
entry++;
EXPECT_EQ("none5", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
entry++;
EXPECT_EQ("none6", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("", entry->file_names_mode);
+ EXPECT_EQ(0, entry->file_policy_version);
entry++;
EXPECT_EQ("none7", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
entry++;
EXPECT_EQ("none8", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("aes-256-heh", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
entry++;
EXPECT_EQ("none9", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("adiantum", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
entry++;
EXPECT_EQ("none10", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
+ EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
+ EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(1, entry->file_policy_version);
+
+ entry++;
+ EXPECT_EQ("none11", entry->mount_point);
+ EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
+ EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
+ EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(2, entry->file_policy_version);
+
+ entry++;
+ EXPECT_EQ("none12", entry->mount_point);
+ EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("", entry->file_contents_mode);
EXPECT_EQ("", entry->file_names_mode);
+ EXPECT_EQ(0, entry->file_policy_version);
+
+ entry++;
+ EXPECT_EQ("none13", entry->mount_point);
+ EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
+ EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
+ EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(0, entry->file_policy_version);
+
+ entry++;
+ EXPECT_EQ("none14", entry->mount_point);
+ EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
+ EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
+ EXPECT_EQ("aes-256-cts", entry->file_names_mode);
+ EXPECT_EQ(0, entry->file_policy_version);
}
TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_MaxCompStreams) {
diff --git a/init/Android.bp b/init/Android.bp
index b601075..9b2ddc0 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -76,7 +76,6 @@
"libbase",
"libbootloader_message",
"libcutils",
- "libcrypto",
"libdl",
"libext4_utils",
"libfs_mgr",
diff --git a/init/fscrypt_init_extensions.cpp b/init/fscrypt_init_extensions.cpp
index bd23e31..bbebbe8 100644
--- a/init/fscrypt_init_extensions.cpp
+++ b/init/fscrypt_init_extensions.cpp
@@ -28,6 +28,7 @@
#include <android-base/file.h>
#include <android-base/logging.h>
+#include <android-base/parseint.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
#include <cutils/properties.h>
@@ -163,33 +164,59 @@
return err;
}
+static int parse_encryption_options_string(const std::string& options_string,
+ std::string* contents_mode_ret,
+ std::string* filenames_mode_ret,
+ int* policy_version_ret) {
+ auto parts = android::base::Split(options_string, ":");
+
+ if (parts.size() != 3) {
+ return -1;
+ }
+
+ *contents_mode_ret = parts[0];
+ *filenames_mode_ret = parts[1];
+ if (!android::base::StartsWith(parts[2], 'v') ||
+ !android::base::ParseInt(&parts[2][1], policy_version_ret)) {
+ return -1;
+ }
+
+ return 0;
+}
+
+// Set an encryption policy on the given directory. The policy (key reference
+// and encryption options) to use is read from files that were written by vold.
static int set_policy_on(const std::string& ref_basename, const std::string& dir) {
std::string ref_filename = std::string("/data") + ref_basename;
- std::string policy;
- if (!android::base::ReadFileToString(ref_filename, &policy)) {
+ std::string key_ref;
+ if (!android::base::ReadFileToString(ref_filename, &key_ref)) {
LOG(ERROR) << "Unable to read system policy to set on " << dir;
return -1;
}
- auto type_filename = std::string("/data") + fscrypt_key_mode;
- std::string modestring;
- if (!android::base::ReadFileToString(type_filename, &modestring)) {
- LOG(ERROR) << "Cannot read mode";
+ auto options_filename = std::string("/data") + fscrypt_key_mode;
+ std::string options_string;
+ if (!android::base::ReadFileToString(options_filename, &options_string)) {
+ LOG(ERROR) << "Cannot read encryption options string";
+ return -1;
}
- std::vector<std::string> modes = android::base::Split(modestring, ":");
+ std::string contents_mode;
+ std::string filenames_mode;
+ int policy_version = 0;
- if (modes.size() < 1 || modes.size() > 2) {
- LOG(ERROR) << "Invalid encryption mode string: " << modestring;
+ if (parse_encryption_options_string(options_string, &contents_mode, &filenames_mode,
+ &policy_version)) {
+ LOG(ERROR) << "Invalid encryption options string: " << options_string;
return -1;
}
int result =
- fscrypt_policy_ensure(dir.c_str(), policy.c_str(), policy.length(), modes[0].c_str(),
- modes.size() >= 2 ? modes[1].c_str() : "aes-256-cts");
+ fscrypt_policy_ensure(dir.c_str(), key_ref.c_str(), key_ref.length(),
+ contents_mode.c_str(), filenames_mode.c_str(), policy_version);
if (result) {
LOG(ERROR) << android::base::StringPrintf("Setting %02x%02x%02x%02x policy on %s failed!",
- policy[0], policy[1], policy[2], policy[3],
+ key_ref[0], key_ref[1], key_ref[2], key_ref[3],
dir.c_str());
return -1;
}
diff --git a/init/host_init_stubs.h b/init/host_init_stubs.h
index e3068b2..71f78a5 100644
--- a/init/host_init_stubs.h
+++ b/init/host_init_stubs.h
@@ -55,7 +55,7 @@
// reboot_utils.h
inline void SetFatalRebootTarget() {}
-inline void __attribute__((noreturn)) InitFatalReboot() {
+inline void __attribute__((noreturn)) InitFatalReboot(int signal_number) {
abort();
}
diff --git a/init/init.cpp b/init/init.cpp
index ad31fa0..ab6dbcf 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -98,7 +98,6 @@
static std::unique_ptr<Timer> waiting_for_prop(nullptr);
static std::string wait_prop_name;
static std::string wait_prop_value;
-static bool shutting_down;
static std::string shutdown_command;
static bool do_shutdown = false;
static bool load_debug_prop = false;
@@ -624,7 +623,15 @@
auto init_message = InitMessage{};
init_message.set_stop_sending_messages(true);
if (auto result = SendMessage(property_fd, init_message); !result) {
- LOG(ERROR) << "Failed to send load persistent properties message: " << result.error();
+ LOG(ERROR) << "Failed to send 'stop sending messages' message: " << result.error();
+ }
+}
+
+void SendStartSendingMessagesMessage() {
+ auto init_message = InitMessage{};
+ init_message.set_start_sending_messages(true);
+ if (auto result = SendMessage(property_fd, init_message); !result) {
+ LOG(ERROR) << "Failed to send 'start sending messages' message: " << result.error();
}
}
@@ -811,18 +818,16 @@
// By default, sleep until something happens.
auto epoll_timeout = std::optional<std::chrono::milliseconds>{};
- if (do_shutdown && !shutting_down) {
+ if (do_shutdown && !IsShuttingDown()) {
do_shutdown = false;
- if (HandlePowerctlMessage(shutdown_command)) {
- shutting_down = true;
- }
+ HandlePowerctlMessage(shutdown_command);
}
if (!(waiting_for_prop || Service::is_exec_service_running())) {
am.ExecuteOneCommand();
}
if (!(waiting_for_prop || Service::is_exec_service_running())) {
- if (!shutting_down) {
+ if (!IsShuttingDown()) {
auto next_process_action_time = HandleProcessActions();
// If there's a process that needs restarting, wake up in time for that.
diff --git a/init/init.h b/init/init.h
index 61fb110..c7918e7 100644
--- a/init/init.h
+++ b/init/init.h
@@ -41,6 +41,7 @@
void SendLoadPersistentPropertiesMessage();
void SendStopSendingMessagesMessage();
+void SendStartSendingMessagesMessage();
int SecondStageMain(int argc, char** argv);
diff --git a/init/property_service.cpp b/init/property_service.cpp
index d7e4021..c6bbc14 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -93,6 +93,7 @@
static int property_set_fd = -1;
static int init_socket = -1;
+static bool accept_messages = false;
static PropertyInfoAreaFile property_info_area;
@@ -211,7 +212,7 @@
}
// If init hasn't started its main loop, then it won't be handling property changed messages
// anyway, so there's no need to try to send them.
- if (init_socket != -1) {
+ if (accept_messages) {
SendPropertyChanged(name, value);
}
return PROP_SUCCESS;
@@ -389,7 +390,7 @@
static uint32_t SendControlMessage(const std::string& msg, const std::string& name, pid_t pid,
SocketConnection* socket, std::string* error) {
- if (init_socket == -1) {
+ if (!accept_messages) {
*error = "Received control message after shutdown, ignoring";
return PROP_ERROR_HANDLE_CONTROL_MESSAGE;
}
@@ -1035,7 +1036,11 @@
break;
}
case InitMessage::kStopSendingMessages: {
- init_socket = -1;
+ accept_messages = false;
+ break;
+ }
+ case InitMessage::kStartSendingMessages: {
+ accept_messages = true;
break;
}
default:
@@ -1078,6 +1083,7 @@
}
*epoll_socket = sockets[0];
init_socket = sockets[1];
+ accept_messages = true;
if (auto result = CreateSocket(PROP_SERVICE_NAME, SOCK_STREAM | SOCK_CLOEXEC | SOCK_NONBLOCK,
false, 0666, 0, 0, {})) {
diff --git a/init/property_service.proto b/init/property_service.proto
index ea454d4..08268d9 100644
--- a/init/property_service.proto
+++ b/init/property_service.proto
@@ -40,5 +40,6 @@
oneof msg {
bool load_persistent_properties = 1;
bool stop_sending_messages = 2;
+ bool start_sending_messages = 3;
};
}
diff --git a/init/reboot.cpp b/init/reboot.cpp
index 30836d2..41965a1 100644
--- a/init/reboot.cpp
+++ b/init/reboot.cpp
@@ -50,7 +50,9 @@
#include <private/android_filesystem_config.h>
#include <selinux/selinux.h>
+#include "action.h"
#include "action_manager.h"
+#include "builtin_arguments.h"
#include "init.h"
#include "property_service.h"
#include "reboot_utils.h"
@@ -71,6 +73,8 @@
namespace android {
namespace init {
+static bool shutting_down = false;
+
// represents umount status during reboot / shutdown.
enum UmountStat {
/* umount succeeded. */
@@ -655,12 +659,58 @@
abort();
}
-bool HandlePowerctlMessage(const std::string& command) {
+static void EnterShutdown() {
+ shutting_down = true;
+ // Skip wait for prop if it is in progress
+ ResetWaitForProp();
+ // Clear EXEC flag if there is one pending
+ for (const auto& s : ServiceList::GetInstance()) {
+ s->UnSetExec();
+ }
+ // We no longer process messages about properties changing coming from property service, so we
+ // need to tell property service to stop sending us these messages, otherwise it'll fill the
+ // buffers and block indefinitely, causing future property sets, including those that init makes
+ // during shutdown in Service::NotifyStateChange() to also block indefinitely.
+ SendStopSendingMessagesMessage();
+}
+
+static void LeaveShutdown() {
+ shutting_down = false;
+ SendStartSendingMessagesMessage();
+}
+
+static void DoUserspaceReboot() {
+ // Triggering userspace-reboot-requested will result in a bunch of set_prop
+ // actions. We should make sure, that all of them are propagated before
+ // proceeding with userspace reboot.
+ // TODO(b/135984674): implement proper synchronization logic.
+ std::this_thread::sleep_for(500ms);
+ EnterShutdown();
+ // TODO(b/135984674): tear down post-data services
+ LeaveShutdown();
+ // TODO(b/135984674): remount userdata
+ ActionManager::GetInstance().QueueEventTrigger("userspace-reboot-resume");
+}
+
+static void HandleUserspaceReboot() {
+ LOG(INFO) << "Clearing queue and starting userspace-reboot-requested trigger";
+ auto& am = ActionManager::GetInstance();
+ am.ClearQueue();
+ am.QueueEventTrigger("userspace-reboot-requested");
+ auto handler = [](const BuiltinArguments&) {
+ DoUserspaceReboot();
+ return Result<void>{};
+ };
+ am.QueueBuiltinAction(handler, "userspace-reboot");
+}
+
+void HandlePowerctlMessage(const std::string& command) {
unsigned int cmd = 0;
std::vector<std::string> cmd_params = Split(command, ",");
std::string reboot_target = "";
bool run_fsck = false;
bool command_invalid = false;
+ bool userspace_reboot = false;
if (cmd_params[0] == "shutdown") {
cmd = ANDROID_RB_POWEROFF;
@@ -680,6 +730,10 @@
cmd = ANDROID_RB_RESTART2;
if (cmd_params.size() >= 2) {
reboot_target = cmd_params[1];
+ if (reboot_target == "userspace") {
+ LOG(INFO) << "Userspace reboot requested";
+ userspace_reboot = true;
+ }
// adb reboot fastboot should boot into bootloader for devices not
// supporting logical partitions.
if (reboot_target == "fastboot" &&
@@ -706,7 +760,7 @@
strlcpy(boot.command, "boot-recovery", sizeof(boot.command));
if (std::string err; !write_bootloader_message(boot, &err)) {
LOG(ERROR) << "Failed to set bootloader message: " << err;
- return false;
+ return;
}
}
} else if (reboot_target == "sideload" || reboot_target == "sideload-auto-reboot" ||
@@ -719,7 +773,7 @@
std::string err;
if (!write_bootloader_message(options, &err)) {
LOG(ERROR) << "Failed to set bootloader message: " << err;
- return false;
+ return;
}
reboot_target = "recovery";
}
@@ -734,7 +788,12 @@
}
if (command_invalid) {
LOG(ERROR) << "powerctl: unrecognized command '" << command << "'";
- return false;
+ return;
+ }
+
+ if (userspace_reboot) {
+ HandleUserspaceReboot();
+ return;
}
LOG(INFO) << "Clear action queue and start shutdown trigger";
@@ -748,21 +807,11 @@
};
ActionManager::GetInstance().QueueBuiltinAction(shutdown_handler, "shutdown_done");
- // Skip wait for prop if it is in progress
- ResetWaitForProp();
+ EnterShutdown();
+}
- // Clear EXEC flag if there is one pending
- for (const auto& s : ServiceList::GetInstance()) {
- s->UnSetExec();
- }
-
- // We no longer process messages about properties changing coming from property service, so we
- // need to tell property service to stop sending us these messages, otherwise it'll fill the
- // buffers and block indefinitely, causing future property sets, including those that init makes
- // during shutdown in Service::NotifyStateChange() to also block indefinitely.
- SendStopSendingMessagesMessage();
-
- return true;
+bool IsShuttingDown() {
+ return shutting_down;
}
} // namespace init
diff --git a/init/reboot.h b/init/reboot.h
index 07dcb6e..81c3edc 100644
--- a/init/reboot.h
+++ b/init/reboot.h
@@ -23,8 +23,9 @@
namespace init {
// Parses and handles a setprop sys.powerctl message.
-bool HandlePowerctlMessage(const std::string& command);
+void HandlePowerctlMessage(const std::string& command);
+bool IsShuttingDown();
} // namespace init
} // namespace android
diff --git a/init/reboot_utils.cpp b/init/reboot_utils.cpp
index de085cc..dac0cf4 100644
--- a/init/reboot_utils.cpp
+++ b/init/reboot_utils.cpp
@@ -109,7 +109,7 @@
abort();
}
-void __attribute__((noreturn)) InitFatalReboot() {
+void __attribute__((noreturn)) InitFatalReboot(int signal_number) {
auto pid = fork();
if (pid == -1) {
@@ -124,6 +124,7 @@
}
// In the parent, let's try to get a backtrace then shutdown.
+ LOG(ERROR) << __FUNCTION__ << ": signal " << signal_number;
std::unique_ptr<Backtrace> backtrace(
Backtrace::Create(BACKTRACE_CURRENT_PROCESS, BACKTRACE_CURRENT_THREAD));
if (!backtrace->Unwind(0)) {
@@ -154,7 +155,7 @@
// RebootSystem uses syscall() which isn't actually async-signal-safe, but our only option
// and probably good enough given this is already an error case and only enabled for
// development builds.
- InitFatalReboot();
+ InitFatalReboot(signal);
};
action.sa_flags = SA_RESTART;
sigaction(SIGABRT, &action, nullptr);
diff --git a/init/reboot_utils.h b/init/reboot_utils.h
index 3fd969e..878ad96 100644
--- a/init/reboot_utils.h
+++ b/init/reboot_utils.h
@@ -27,7 +27,7 @@
bool IsRebootCapable();
// This is a wrapper around the actual reboot calls.
void __attribute__((noreturn)) RebootSystem(unsigned int cmd, const std::string& reboot_target);
-void __attribute__((noreturn)) InitFatalReboot();
+void __attribute__((noreturn)) InitFatalReboot(int signal_number);
void InstallRebootSignalHandlers();
} // namespace init
diff --git a/init/service.cpp b/init/service.cpp
index 0b73dc5..a2db070 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -300,7 +300,7 @@
LOG(ERROR) << "updatable process '" << name_ << "' exited 4 times "
<< (boot_completed ? "in 4 minutes" : "before boot completed");
// Notifies update_verifier and apexd
- property_set("ro.init.updatable_crashing", "1");
+ property_set("sys.init.updatable_crashing", "1");
}
}
} else {
diff --git a/init/util.cpp b/init/util.cpp
index 0532375..40db838 100644
--- a/init/util.cpp
+++ b/init/util.cpp
@@ -20,6 +20,7 @@
#include <errno.h>
#include <fcntl.h>
#include <pwd.h>
+#include <signal.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
@@ -481,7 +482,7 @@
return;
}
- InitFatalReboot();
+ InitFatalReboot(SIGABRT);
}
// The kernel opens /dev/console and uses that fd for stdin/stdout/stderr if there is a serial
diff --git a/libcutils/fs_config.cpp b/libcutils/fs_config.cpp
index d0d83de..5fb11a5 100644
--- a/libcutils/fs_config.cpp
+++ b/libcutils/fs_config.cpp
@@ -161,7 +161,6 @@
{ 00755, AID_ROOT, AID_SHELL, 0, "system/bin/crash_dump32" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/bin/crash_dump64" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/bin/debuggerd" },
- { 00750, AID_ROOT, AID_ROOT, 0, "system/bin/install-recovery.sh" },
{ 00550, AID_LOGD, AID_LOGD, 0, "system/bin/logd" },
{ 00700, AID_ROOT, AID_ROOT, 0, "system/bin/secilc" },
{ 00750, AID_ROOT, AID_ROOT, 0, "system/bin/uncrypt" },
@@ -173,9 +172,10 @@
{ 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.ril" },
{ 00555, AID_ROOT, AID_ROOT, 0, "system/etc/ppp/*" },
{ 00555, AID_ROOT, AID_ROOT, 0, "system/etc/rc.*" },
- { 00440, AID_ROOT, AID_ROOT, 0, "system/etc/recovery.img" },
+ { 00750, AID_ROOT, AID_ROOT, 0, "vendor/bin/install-recovery.sh" },
{ 00600, AID_ROOT, AID_ROOT, 0, "vendor/build.prop" },
{ 00600, AID_ROOT, AID_ROOT, 0, "vendor/default.prop" },
+ { 00440, AID_ROOT, AID_ROOT, 0, "vendor/etc/recovery.img" },
{ 00444, AID_ROOT, AID_ROOT, 0, ven_conf_dir + 1 },
{ 00444, AID_ROOT, AID_ROOT, 0, ven_conf_file + 1 },
diff --git a/libion/include/ion/ion.h b/libion/include/ion/ion.h
index a60d24e..1480bd9 100644
--- a/libion/include/ion/ion.h
+++ b/libion/include/ion/ion.h
@@ -49,6 +49,7 @@
int ion_query_get_heaps(int fd, int cnt, void* buffers);
int ion_is_legacy(int fd);
+int ion_is_using_modular_heaps(int fd);
__END_DECLS
diff --git a/libion/ion.c b/libion/ion.c
index 1ecfc78..5141ea8 100644
--- a/libion/ion.c
+++ b/libion/ion.c
@@ -31,10 +31,12 @@
#include <unistd.h>
#include <ion/ion.h>
-#include "ion_4.12.h"
+#include "ion_4.19.h"
#include <log/log.h>
+#define ION_ABI_VERSION_MODULAR_HEAPS 2
+
enum ion_version { ION_VERSION_UNKNOWN, ION_VERSION_MODERN, ION_VERSION_LEGACY };
static atomic_int g_ion_version = ATOMIC_VAR_INIT(ION_VERSION_UNKNOWN);
@@ -75,6 +77,14 @@
return ret;
}
+int ion_is_using_modular_heaps(int fd) {
+ int ion_abi_version = 0;
+ int ret = 0;
+
+ ret = ion_ioctl(fd, ION_IOC_ABI_VERSION, &ion_abi_version);
+ return (ret == 0 && ion_abi_version >= ION_ABI_VERSION_MODULAR_HEAPS);
+}
+
int ion_alloc(int fd, size_t len, size_t align, unsigned int heap_mask, unsigned int flags,
ion_user_handle_t* handle) {
int ret = 0;
diff --git a/libion/ion_4.19.h b/libion/ion_4.19.h
new file mode 100644
index 0000000..f5b59f1
--- /dev/null
+++ b/libion/ion_4.19.h
@@ -0,0 +1,67 @@
+/****************************************************************************
+ ****************************************************************************
+ ***
+ *** This header was automatically generated from a Linux kernel header
+ *** of the same name, to make information necessary for userspace to
+ *** call into the kernel available to libc. It contains only constants,
+ *** structures, and macros generated from the original header, and thus,
+ *** contains no copyrightable information.
+ ***
+ *** To edit the content of this header, modify the corresponding
+ *** source file (e.g. under external/kernel-headers/original/) then
+ *** run bionic/libc/kernel/tools/update_all.py
+ ***
+ *** Any manual change here will be lost the next time this script will
+ *** be run. You've been warned!
+ ***
+ ****************************************************************************
+ ****************************************************************************/
+#ifndef _UAPI_LINUX_ION_NEW_H
+#define _UAPI_LINUX_ION_NEW_H
+#include <linux/ioctl.h>
+#include <linux/types.h>
+#define ION_NUM_HEAP_IDS (sizeof(unsigned int) * 8)
+enum ion_heap_type_ext {
+ ION_HEAP_TYPE_CUSTOM_EXT = 16,
+ ION_HEAP_TYPE_MAX = 31,
+};
+enum ion_heap_id {
+ ION_HEAP_SYSTEM = (1 << ION_HEAP_TYPE_SYSTEM),
+ ION_HEAP_SYSTEM_CONTIG = (ION_HEAP_SYSTEM << 1),
+ ION_HEAP_CARVEOUT_START = (ION_HEAP_SYSTEM_CONTIG << 1),
+ ION_HEAP_CARVEOUT_END = (ION_HEAP_CARVEOUT_START << 4),
+ ION_HEAP_CHUNK = (ION_HEAP_CARVEOUT_END << 1),
+ ION_HEAP_DMA_START = (ION_HEAP_CHUNK << 1),
+ ION_HEAP_DMA_END = (ION_HEAP_DMA_START << 7),
+ ION_HEAP_CUSTOM_START = (ION_HEAP_DMA_END << 1),
+ ION_HEAP_CUSTOM_END = (ION_HEAP_CUSTOM_START << 15),
+};
+#define ION_NUM_MAX_HEAPS (32)
+struct ion_new_allocation_data {
+ __u64 len;
+ __u32 heap_id_mask;
+ __u32 flags;
+ __u32 fd;
+ __u32 unused;
+};
+#define MAX_HEAP_NAME 32
+struct ion_heap_data {
+ char name[MAX_HEAP_NAME];
+ __u32 type;
+ __u32 heap_id;
+ __u32 reserved0;
+ __u32 reserved1;
+ __u32 reserved2;
+};
+struct ion_heap_query {
+ __u32 cnt;
+ __u32 reserved0;
+ __u64 heaps;
+ __u32 reserved1;
+ __u32 reserved2;
+};
+#define ION_IOC_MAGIC 'I'
+#define ION_IOC_NEW_ALLOC _IOWR(ION_IOC_MAGIC, 0, struct ion_new_allocation_data)
+#define ION_IOC_HEAP_QUERY _IOWR(ION_IOC_MAGIC, 8, struct ion_heap_query)
+#define ION_IOC_ABI_VERSION _IOR(ION_IOC_MAGIC, 9, __u32)
+#endif
diff --git a/libion/original-kernel-headers/linux/ion_4.19.h b/libion/original-kernel-headers/linux/ion_4.19.h
new file mode 100644
index 0000000..75fef39
--- /dev/null
+++ b/libion/original-kernel-headers/linux/ion_4.19.h
@@ -0,0 +1,170 @@
+/*
+ * Adapted from drivers/staging/android/uapi/ion.h
+ *
+ * Copyright (C) 2019 Google, Inc.
+ *
+ * This software is licensed under the terms of the GNU General Public
+ * License version 2, as published by the Free Software Foundation, and
+ * may be copied, distributed, and modified under those terms.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ */
+
+#ifndef _UAPI_LINUX_ION_NEW_H
+#define _UAPI_LINUX_ION_NEW_H
+
+#include <linux/ioctl.h>
+#include <linux/types.h>
+
+#define ION_NUM_HEAP_IDS (sizeof(unsigned int) * 8)
+
+enum ion_heap_type_ext {
+ ION_HEAP_TYPE_CUSTOM_EXT = 16,
+ ION_HEAP_TYPE_MAX = 31,
+};
+
+/**
+ * ion_heap_id - list of standard heap ids that Android can use
+ *
+ * @ION_HEAP_SYSTEM Id for the ION_HEAP_TYPE_SYSTEM
+ * @ION_HEAP_SYSTEM_CONTIG Id for the ION_HEAP_TYPE_SYSTEM_CONTIG
+ * @ION_HEAP_CHUNK Id for the ION_HEAP_TYPE_CHUNK
+ * @ION_HEAP_CARVEOUT_START Start of reserved id range for heaps of type
+ * ION_HEAP_TYPE_CARVEOUT
+ * @ION_HEAP_CARVEOUT_END End of reserved id range for heaps of type
+ * ION_HEAP_TYPE_CARVEOUT
+ * @ION_HEAP_DMA_START Start of reserved id range for heaps of type
+ * ION_HEAP_TYPE_DMA
+ * @ION_HEAP_DMA_END End of reserved id range for heaps of type
+ * ION_HEAP_TYPE_DMA
+ * @ION_HEAP_CUSTOM_START Start of reserved id range for heaps of custom
+ * type
+ * @ION_HEAP_CUSTOM_END End of reserved id range for heaps of custom
+ * type
+ */
+enum ion_heap_id {
+ ION_HEAP_SYSTEM = (1 << ION_HEAP_TYPE_SYSTEM),
+ ION_HEAP_SYSTEM_CONTIG = (ION_HEAP_SYSTEM << 1),
+ ION_HEAP_CARVEOUT_START = (ION_HEAP_SYSTEM_CONTIG << 1),
+ ION_HEAP_CARVEOUT_END = (ION_HEAP_CARVEOUT_START << 4),
+ ION_HEAP_CHUNK = (ION_HEAP_CARVEOUT_END << 1),
+ ION_HEAP_DMA_START = (ION_HEAP_CHUNK << 1),
+ ION_HEAP_DMA_END = (ION_HEAP_DMA_START << 7),
+ ION_HEAP_CUSTOM_START = (ION_HEAP_DMA_END << 1),
+ ION_HEAP_CUSTOM_END = (ION_HEAP_CUSTOM_START << 15),
+};
+
+#define ION_NUM_MAX_HEAPS (32)
+
+/**
+ * DOC: Ion Userspace API
+ *
+ * create a client by opening /dev/ion
+ * most operations handled via following ioctls
+ *
+ */
+
+/**
+ * struct ion_new_allocation_data - metadata passed from userspace for allocations
+ * @len: size of the allocation
+ * @heap_id_mask: mask of heap ids to allocate from
+ * @flags: flags passed to heap
+ * @handle: pointer that will be populated with a cookie to use to
+ * refer to this allocation
+ *
+ * Provided by userspace as an argument to the ioctl - added _new to denote
+ * this belongs to the new ION interface.
+ */
+struct ion_new_allocation_data {
+ __u64 len;
+ __u32 heap_id_mask;
+ __u32 flags;
+ __u32 fd;
+ __u32 unused;
+};
+
+#define MAX_HEAP_NAME 32
+
+/**
+ * struct ion_heap_data - data about a heap
+ * @name - first 32 characters of the heap name
+ * @type - heap type
+ * @heap_id - heap id for the heap
+ */
+struct ion_heap_data {
+ char name[MAX_HEAP_NAME];
+ __u32 type;
+ __u32 heap_id;
+ __u32 reserved0;
+ __u32 reserved1;
+ __u32 reserved2;
+};
+
+/**
+ * struct ion_heap_query - collection of data about all heaps
+ * @cnt - total number of heaps to be copied
+ * @heaps - buffer to copy heap data
+ */
+struct ion_heap_query {
+ __u32 cnt; /* Total number of heaps to be copied */
+ __u32 reserved0; /* align to 64bits */
+ __u64 heaps; /* buffer to be populated */
+ __u32 reserved1;
+ __u32 reserved2;
+};
+
+#define ION_IOC_MAGIC 'I'
+
+/**
+ * DOC: ION_IOC_NEW_ALLOC - allocate memory
+ *
+ * Takes an ion_allocation_data struct and returns it with the handle field
+ * populated with the opaque handle for the allocation.
+ * TODO: This IOCTL will clash by design; however, only one of
+ * ION_IOC_ALLOC or ION_IOC_NEW_ALLOC paths will be exercised,
+ * so this should not conflict.
+ */
+#define ION_IOC_NEW_ALLOC _IOWR(ION_IOC_MAGIC, 0, struct ion_new_allocation_data)
+
+/**
+ * DOC: ION_IOC_FREE - free memory
+ *
+ * Takes an ion_handle_data struct and frees the handle.
+ *
+ * #define ION_IOC_FREE _IOWR(ION_IOC_MAGIC, 1, struct ion_handle_data)
+ * This will come from the older kernels, so don't redefine here
+ */
+
+/**
+ * DOC: ION_IOC_SHARE - creates a file descriptor to use to share an allocation
+ *
+ * Takes an ion_fd_data struct with the handle field populated with a valid
+ * opaque handle. Returns the struct with the fd field set to a file
+ * descriptor open in the current address space. This file descriptor
+ * can then be passed to another process. The corresponding opaque handle can
+ * be retrieved via ION_IOC_IMPORT.
+ *
+ * #define ION_IOC_SHARE _IOWR(ION_IOC_MAGIC, 4, struct ion_fd_data)
+ * This will come from the older kernels, so don't redefine here
+ */
+
+/**
+ * DOC: ION_IOC_HEAP_QUERY - information about available heaps
+ *
+ * Takes an ion_heap_query structure and populates information about
+ * available Ion heaps.
+ */
+#define ION_IOC_HEAP_QUERY _IOWR(ION_IOC_MAGIC, 8, struct ion_heap_query)
+
+/**
+ * DOC: ION_IOC_HEAP_ABI_VERSION - return ABI version
+ *
+ * Returns ABI version for this driver
+ */
+#define ION_IOC_ABI_VERSION _IOR(ION_IOC_MAGIC, 9, __u32)
+
+#endif /* _UAPI_LINUX_ION_NEW_H */
diff --git a/libion/tests/Android.bp b/libion/tests/Android.bp
index 5600702..989e029 100644
--- a/libion/tests/Android.bp
+++ b/libion/tests/Android.bp
@@ -29,5 +29,6 @@
"invalid_values_test.cpp",
"ion_test_fixture.cpp",
"map_test.cpp",
+ "modular_heap_check.cpp",
],
}
diff --git a/libion/tests/modular_heap_check.cpp b/libion/tests/modular_heap_check.cpp
new file mode 100644
index 0000000..5505c5a
--- /dev/null
+++ b/libion/tests/modular_heap_check.cpp
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+
+#include <ion/ion.h>
+#include "ion_test_fixture.h"
+
+class ModularHeapCheck : public IonTest {};
+
+TEST_F(ModularHeapCheck, ModularHeapCheckSimple) {
+ if (ion_is_using_modular_heaps(ionfd)) {
+ std::cout << "Heaps are modular." << std::endl;
+ } else {
+ std::cout << "Heaps are built-in." << std::endl;
+ }
+}
diff --git a/liblog/logd_reader.cpp b/liblog/logd_reader.cpp
index 916a428..d7f2975 100644
--- a/liblog/logd_reader.cpp
+++ b/liblog/logd_reader.cpp
@@ -67,12 +67,12 @@
.name = "logd",
.available = logdAvailable,
.version = logdVersion,
+ .close = logdClose,
.read = logdRead,
.poll = logdPoll,
- .close = logdClose,
.clear = logdClear,
- .getSize = logdGetSize,
.setSize = logdSetSize,
+ .getSize = logdGetSize,
.getReadableSize = logdGetReadableSize,
.getPrune = logdGetPrune,
.setPrune = logdSetPrune,
diff --git a/liblog/pmsg_reader.cpp b/liblog/pmsg_reader.cpp
index 2db45a1..9c5bc95 100644
--- a/liblog/pmsg_reader.cpp
+++ b/liblog/pmsg_reader.cpp
@@ -40,9 +40,9 @@
.name = "pmsg",
.available = pmsgAvailable,
.version = pmsgVersion,
+ .close = pmsgClose,
.read = pmsgRead,
.poll = NULL,
- .close = pmsgClose,
.clear = pmsgClear,
.setSize = NULL,
.getSize = NULL,
diff --git a/liblog/tests/Android.bp b/liblog/tests/Android.bp
index 45f09f2..394fa93 100644
--- a/liblog/tests/Android.bp
+++ b/liblog/tests/Android.bp
@@ -68,6 +68,7 @@
"libbase",
],
static_libs: ["liblog"],
+ isolated: true,
}
// Build tests for the device (with .so). Run with:
diff --git a/liblog/tests/liblog_test.cpp b/liblog/tests/liblog_test.cpp
index d8b0ced..9780b28 100644
--- a/liblog/tests/liblog_test.cpp
+++ b/liblog/tests/liblog_test.cpp
@@ -42,6 +42,8 @@
#include <private/android_filesystem_config.h>
#include <private/android_logger.h>
+// #define ENABLE_FLAKY_TESTS
+
// enhanced version of LOG_FAILURE_RETRY to add support for EAGAIN and
// non-syscall libs. Since we are only using this in the emergency of
// a signal to stuff a terminating code into the logs, we will spin rather
@@ -70,6 +72,7 @@
usleep(1000);
}
+#ifdef ENABLE_FLAKY_TESTS
#if defined(__ANDROID__)
static std::string popenToString(const std::string& command) {
std::string ret;
@@ -138,6 +141,7 @@
static bool tested__android_log_close;
#endif
+#endif // ENABLE_FLAKY_TESTS
TEST(liblog, __android_log_btwrite__android_logger_list_read) {
#ifdef __ANDROID__
@@ -152,6 +156,7 @@
log_time ts(CLOCK_MONOTONIC);
EXPECT_LT(0, __android_log_btwrite(0, EVENT_TYPE_LONG, &ts, sizeof(ts)));
+#ifdef ENABLE_FLAKY_TESTS
// Check that we can close and reopen the logger
bool logdwActiveAfter__android_log_btwrite;
if (getuid() == AID_ROOT) {
@@ -174,9 +179,11 @@
bool logdwActiveAfter__android_log_close = isLogdwActive();
EXPECT_FALSE(logdwActiveAfter__android_log_close);
}
+#endif // ENABLE_FLAKY_TESTS
log_time ts1(CLOCK_MONOTONIC);
EXPECT_LT(0, __android_log_btwrite(0, EVENT_TYPE_LONG, &ts1, sizeof(ts1)));
+#ifdef ENABLE_FLAKY_TESTS
if (getuid() == AID_ROOT) {
#ifndef NO_PSTORE
bool pmsgActiveAfter__android_log_btwrite = isPmsgActive();
@@ -185,6 +192,7 @@
logdwActiveAfter__android_log_btwrite = isLogdwActive();
EXPECT_TRUE(logdwActiveAfter__android_log_btwrite);
}
+#endif // ENABLE_FLAKY_TESTS
usleep(1000000);
int count = 0;
@@ -440,6 +448,7 @@
buf_write_test("\n Hello World \n");
}
+#ifdef ENABLE_FLAKY_TESTS
#ifdef __ANDROID__
static unsigned signaled;
static log_time signal_time;
@@ -749,12 +758,8 @@
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
}
+#endif // ENABLE_FLAKY_TESTS
-#ifdef __ANDROID__
-static const char max_payload_tag[] = "TEST_max_payload_and_longish_tag_XXXX";
-#define SIZEOF_MAX_PAYLOAD_BUF \
- (LOGGER_ENTRY_MAX_PAYLOAD - sizeof(max_payload_tag) - 1)
-#endif
static const char max_payload_buf[] =
"LEONATO\n\
I learn in this letter that Don Peter of Arragon\n\
@@ -887,8 +892,12 @@
when you depart from me, sorrow abides and happiness\n\
takes his leave.";
+#ifdef ENABLE_FLAKY_TESTS
TEST(liblog, max_payload) {
#ifdef __ANDROID__
+ static const char max_payload_tag[] = "TEST_max_payload_and_longish_tag_XXXX";
+#define SIZEOF_MAX_PAYLOAD_BUF (LOGGER_ENTRY_MAX_PAYLOAD - sizeof(max_payload_tag) - 1)
+
pid_t pid = getpid();
char tag[sizeof(max_payload_tag)];
memcpy(tag, max_payload_tag, sizeof(tag));
@@ -950,6 +959,7 @@
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
}
+#endif // ENABLE_FLAKY_TESTS
TEST(liblog, __android_log_buf_print__maxtag) {
#ifdef __ANDROID__
@@ -1081,6 +1091,7 @@
#endif
}
+#ifdef ENABLE_FLAKY_TESTS
TEST(liblog, dual_reader) {
#ifdef __ANDROID__
@@ -1143,7 +1154,9 @@
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
}
+#endif // ENABLE_FLAKY_TESTS
+#ifdef ENABLE_FLAKY_TESTS
static bool checkPriForTag(AndroidLogFormat* p_format, const char* tag,
android_LogPriority pri) {
return android_log_shouldPrintLine(p_format, tag, pri) &&
@@ -1219,7 +1232,9 @@
android_log_format_free(p_format);
}
+#endif // ENABLE_FLAKY_TESTS
+#ifdef ENABLE_FLAKY_TESTS
TEST(liblog, is_loggable) {
#ifdef __ANDROID__
static const char tag[] = "is_loggable";
@@ -1507,7 +1522,9 @@
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
}
+#endif // ENABLE_FLAKY_TESTS
+#ifdef ENABLE_FLAKY_TESTS
// Following tests the specific issues surrounding error handling wrt logd.
// Kills logd and toss all collected data, equivalent to logcat -b all -c,
// except we also return errors to the logging callers.
@@ -1604,9 +1621,11 @@
#endif
}
#endif // __ANDROID__
+#endif // ENABLE_FLAKY_TESTS
// Below this point we run risks of setuid(AID_SYSTEM) which may affect others.
+#ifdef ENABLE_FLAKY_TESTS
// Do not retest properties, and cannot log into LOG_ID_SECURITY
TEST(liblog, __security) {
#ifdef __ANDROID__
@@ -1864,6 +1883,7 @@
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
}
+#endif // ENABLE_FLAKY_TESTS
#ifdef __ANDROID__
static void android_errorWriteWithInfoLog_helper(int TAG, const char* SUBTAG,
@@ -2753,6 +2773,7 @@
#endif
}
+#ifdef ENABLE_FLAKY_TESTS
TEST(liblog, create_android_logger_overflow) {
android_log_context ctx;
@@ -2779,7 +2800,9 @@
EXPECT_LE(0, android_log_destroy(&ctx));
ASSERT_TRUE(NULL == ctx);
}
+#endif // ENABLE_FLAKY_TESTS
+#ifdef ENABLE_FLAKY_TESTS
#ifdef __ANDROID__
#ifndef NO_PSTORE
static const char __pmsg_file[] =
@@ -2916,7 +2939,9 @@
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
}
+#endif // ENABLE_FLAKY_TESTS
+#ifdef ENABLE_FLAKY_TESTS
TEST(liblog, android_lookupEventTagNum) {
#ifdef __ANDROID__
EventTagMap* map = android_openEventTagMap(NULL);
@@ -2933,3 +2958,4 @@
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
}
+#endif // ENABLE_FLAKY_TESTS
diff --git a/libnativeloader/library_namespaces.cpp b/libnativeloader/library_namespaces.cpp
index 9a33b55..7246b97 100644
--- a/libnativeloader/library_namespaces.cpp
+++ b/libnativeloader/library_namespaces.cpp
@@ -44,7 +44,7 @@
// vendor and system namespaces.
constexpr const char* kVendorNamespaceName = "sphal";
constexpr const char* kVndkNamespaceName = "vndk";
-constexpr const char* kRuntimeNamespaceName = "runtime";
+constexpr const char* kArtNamespaceName = "art";
constexpr const char* kNeuralNetworksNamespaceName = "neuralnetworks";
// classloader-namespace is a linker namespace that is created for the loaded
@@ -237,10 +237,10 @@
return linked.error();
}
- auto runtime_ns = NativeLoaderNamespace::GetExportedNamespace(kRuntimeNamespaceName, is_bridged);
- // Runtime apex does not exist in host, and under certain build conditions.
- if (runtime_ns) {
- linked = app_ns->Link(*runtime_ns, runtime_public_libraries());
+ auto art_ns = NativeLoaderNamespace::GetExportedNamespace(kArtNamespaceName, is_bridged);
+ // ART APEX does not exist on host, and under certain build conditions.
+ if (art_ns) {
+ linked = app_ns->Link(*art_ns, art_public_libraries());
if (!linked) {
return linked.error();
}
diff --git a/libnativeloader/native_loader.cpp b/libnativeloader/native_loader.cpp
index 60d462f..6d3c057 100644
--- a/libnativeloader/native_loader.cpp
+++ b/libnativeloader/native_loader.cpp
@@ -63,10 +63,6 @@
LOG_ALWAYS_FATAL_IF((dot_index == std::string::npos),
"Error finding namespace of apex: no dot in apex name %s", caller_location);
std::string name = location.substr(dot_index + 1, slash_index - dot_index - 1);
- // TODO(b/139408016): Rename the runtime namespace to "art".
- if (name == "art") {
- name = "runtime";
- }
android_namespace_t* boot_namespace = android_get_exported_namespace(name.c_str());
LOG_ALWAYS_FATAL_IF((boot_namespace == nullptr),
"Error finding namespace of apex: no namespace called %s", name.c_str());
diff --git a/libnativeloader/native_loader_test.cpp b/libnativeloader/native_loader_test.cpp
index 75255b6..8bd7386 100644
--- a/libnativeloader/native_loader_test.cpp
+++ b/libnativeloader/native_loader_test.cpp
@@ -83,7 +83,7 @@
static std::unordered_map<std::string, Platform::mock_namespace_handle> namespaces = {
{"platform", TO_MOCK_NAMESPACE(TO_ANDROID_NAMESPACE("platform"))},
{"default", TO_MOCK_NAMESPACE(TO_ANDROID_NAMESPACE("default"))},
- {"runtime", TO_MOCK_NAMESPACE(TO_ANDROID_NAMESPACE("runtime"))},
+ {"art", TO_MOCK_NAMESPACE(TO_ANDROID_NAMESPACE("art"))},
{"sphal", TO_MOCK_NAMESPACE(TO_ANDROID_NAMESPACE("sphal"))},
{"vndk", TO_MOCK_NAMESPACE(TO_ANDROID_NAMESPACE("vndk"))},
{"neuralnetworks", TO_MOCK_NAMESPACE(TO_ANDROID_NAMESPACE("neuralnetworks"))},
@@ -92,7 +92,7 @@
// The actual gmock object
class MockPlatform : public Platform {
public:
- MockPlatform(bool is_bridged) : is_bridged_(is_bridged) {
+ explicit MockPlatform(bool is_bridged) : is_bridged_(is_bridged) {
ON_CALL(*this, NativeBridgeIsSupported(_)).WillByDefault(Return(is_bridged_));
ON_CALL(*this, NativeBridgeIsPathSupported(_)).WillByDefault(Return(is_bridged_));
ON_CALL(*this, mock_get_exported_namespace(_, _))
@@ -338,13 +338,13 @@
std::string expected_permitted_path = std::string("/data:/mnt/expand:") + permitted_path;
std::string expected_parent_namespace = "platform";
bool expected_link_with_platform_ns = true;
- bool expected_link_with_runtime_ns = true;
+ bool expected_link_with_art_ns = true;
bool expected_link_with_sphal_ns = !vendor_public_libraries().empty();
bool expected_link_with_vndk_ns = false;
bool expected_link_with_default_ns = false;
bool expected_link_with_neuralnetworks_ns = true;
std::string expected_shared_libs_to_platform_ns = default_public_libraries();
- std::string expected_shared_libs_to_runtime_ns = runtime_public_libraries();
+ std::string expected_shared_libs_to_art_ns = art_public_libraries();
std::string expected_shared_libs_to_sphal_ns = vendor_public_libraries();
std::string expected_shared_libs_to_vndk_ns = vndksp_libraries();
std::string expected_shared_libs_to_default_ns = default_public_libraries();
@@ -368,9 +368,9 @@
StrEq(expected_shared_libs_to_platform_ns)))
.WillOnce(Return(true));
}
- if (expected_link_with_runtime_ns) {
- EXPECT_CALL(*mock, mock_link_namespaces(Eq(IsBridged()), _, NsEq("runtime"),
- StrEq(expected_shared_libs_to_runtime_ns)))
+ if (expected_link_with_art_ns) {
+ EXPECT_CALL(*mock, mock_link_namespaces(Eq(IsBridged()), _, NsEq("art"),
+ StrEq(expected_shared_libs_to_art_ns)))
.WillOnce(Return(true));
}
if (expected_link_with_sphal_ns) {
diff --git a/libnativeloader/public_libraries.cpp b/libnativeloader/public_libraries.cpp
index 010e8cc..11c3070 100644
--- a/libnativeloader/public_libraries.cpp
+++ b/libnativeloader/public_libraries.cpp
@@ -181,10 +181,10 @@
return android::base::Join(*sonames, ':');
}
- // Remove the public libs in the runtime namespace.
+ // Remove the public libs in the art namespace.
// These libs are listed in public.android.txt, but we don't want the rest of android
// in default namespace to dlopen the libs.
- // For example, libicuuc.so is exposed to classloader namespace from runtime namespace.
+ // For example, libicuuc.so is exposed to classloader namespace from art namespace.
// Unfortunately, it does not have stable C symbols, and default namespace should only use
// stable symbols in libandroidicu.so. http://b/120786417
for (const std::string& lib_name : kArtApexPublicLibraries) {
@@ -281,7 +281,7 @@
return list;
}
-const std::string& runtime_public_libraries() {
+const std::string& art_public_libraries() {
static std::string list = InitArtPublicLibraries();
return list;
}
diff --git a/libnativeloader/public_libraries.h b/libnativeloader/public_libraries.h
index 2de4172..b892e6f 100644
--- a/libnativeloader/public_libraries.h
+++ b/libnativeloader/public_libraries.h
@@ -29,7 +29,7 @@
// e.g., if it is a vendor app or not, different set of libraries are made available.
const std::string& preloadable_public_libraries();
const std::string& default_public_libraries();
-const std::string& runtime_public_libraries();
+const std::string& art_public_libraries();
const std::string& vendor_public_libraries();
const std::string& extended_public_libraries();
const std::string& neuralnetworks_public_libraries();
diff --git a/libutils/include/utils/Flattenable.h b/libutils/include/utils/Flattenable.h
index 2c4b807..17c5e10 100644
--- a/libutils/include/utils/Flattenable.h
+++ b/libutils/include/utils/Flattenable.h
@@ -17,6 +17,9 @@
#ifndef ANDROID_UTILS_FLATTENABLE_H
#define ANDROID_UTILS_FLATTENABLE_H
+// DO NOT USE: please use parcelable instead
+// This code is deprecated and will not be supported via AIDL code gen. For data
+// to be sent over binder, please use parcelables.
#include <stdint.h>
#include <string.h>
@@ -28,7 +31,9 @@
namespace android {
-
+// DO NOT USE: please use parcelable instead
+// This code is deprecated and will not be supported via AIDL code gen. For data
+// to be sent over binder, please use parcelables.
class FlattenableUtils {
public:
template<size_t N>
@@ -84,7 +89,9 @@
}
};
-
+// DO NOT USE: please use parcelable instead
+// This code is deprecated and will not be supported via AIDL code gen. For data
+// to be sent over binder, please use parcelables.
/*
* The Flattenable protocol allows an object to serialize itself out
* to a byte-buffer and an array of file descriptors.
@@ -136,6 +143,9 @@
return static_cast<T*>(this)->T::unflatten(buffer, size, fds, count);
}
+// DO NOT USE: please use parcelable instead
+// This code is deprecated and will not be supported via AIDL code gen. For data
+// to be sent over binder, please use parcelables.
/*
* LightFlattenable is a protocol allowing object to serialize themselves out
* to a byte-buffer. Because it doesn't handle file-descriptors,
@@ -176,6 +186,9 @@
return static_cast<T*>(this)->T::unflatten(buffer, size);
}
+// DO NOT USE: please use parcelable instead
+// This code is deprecated and will not be supported via AIDL code gen. For data
+// to be sent over binder, please use parcelables.
/*
* LightFlattenablePod is an implementation of the LightFlattenable protocol
* for POD (plain-old-data) objects.
diff --git a/lmkd/lmkd.c b/lmkd/lmkd.c
index 372e10f..18cd9f5 100644
--- a/lmkd/lmkd.c
+++ b/lmkd/lmkd.c
@@ -782,15 +782,15 @@
close(fd);
return -1;
}
+ line[ret] = '\0';
sscanf(line, "%d %d ", &total, &rss);
close(fd);
return rss;
}
-static char *proc_get_name(int pid) {
+static char *proc_get_name(int pid, char *buf, size_t buf_size) {
char path[PATH_MAX];
- static char line[LINE_MAX];
int fd;
char *cp;
ssize_t ret;
@@ -801,25 +801,24 @@
if (fd == -1) {
return NULL;
}
- ret = read_all(fd, line, sizeof(line) - 1);
+ ret = read_all(fd, buf, buf_size - 1);
close(fd);
if (ret < 0) {
return NULL;
}
+ buf[ret] = '\0';
- cp = strchr(line, ' ');
+ cp = strchr(buf, ' ');
if (cp) {
*cp = '\0';
- } else {
- line[ret] = '\0';
}
- return line;
+ return buf;
}
static void cmd_procprio(LMKD_CTRL_PACKET packet) {
struct proc *procp;
- char path[80];
+ char path[LINE_MAX];
char val[20];
int soft_limit_mult;
struct lmk_procprio params;
@@ -856,7 +855,8 @@
}
if (use_inkernel_interface) {
- stats_store_taskname(params.pid, proc_get_name(params.pid), kpoll_info.poll_fd);
+ stats_store_taskname(params.pid, proc_get_name(params.pid, path, sizeof(path)),
+ kpoll_info.poll_fd);
return;
}
@@ -1660,6 +1660,7 @@
int r;
int result = -1;
struct memory_stat *mem_st;
+ char buf[LINE_MAX];
tgid = proc_get_tgid(pid);
if (tgid >= 0 && tgid != pid) {
@@ -1667,7 +1668,7 @@
goto out;
}
- taskname = proc_get_name(pid);
+ taskname = proc_get_name(pid, buf, sizeof(buf));
if (!taskname) {
goto out;
}
diff --git a/logcat/Android.bp b/logcat/Android.bp
index f1b18b2..e6b0c7d 100644
--- a/logcat/Android.bp
+++ b/logcat/Android.bp
@@ -50,16 +50,13 @@
],
}
-cc_prebuilt_binary {
+sh_binary {
name: "logpersist.start",
- srcs: ["logpersist"],
+ src: "logpersist",
init_rc: ["logcatd.rc"],
required: ["logcatd"],
symlinks: [
"logpersist.stop",
"logpersist.cat",
],
- strip: {
- none: true,
- },
}
diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 665bd38..d9cc0db 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@@ -143,10 +143,6 @@
void LogAudit::auditParse(const std::string& string, uid_t uid,
std::string* bug_num) {
- if (!__android_log_is_debuggable()) {
- bug_num->assign("");
- return;
- }
static std::map<std::string, std::string> denial_to_bug =
populateDenialMap();
std::string scontext = denialParse(string, ':', "scontext=u:object_r:");
diff --git a/rootdir/Android.mk b/rootdir/Android.mk
index c8f0a8b..e1bb02f 100644
--- a/rootdir/Android.mk
+++ b/rootdir/Android.mk
@@ -236,12 +236,10 @@
ifeq ($(_enforce_vndk_at_runtime),true)
# for VNDK enforced devices
-LOCAL_MODULE_STEM := $(call append_vndk_version,$(LOCAL_MODULE))
-include $(BUILD_SYSTEM)/base_rules.mk
-ld_config_template := $(LOCAL_PATH)/etc/ld.config.txt
-check_backward_compatibility := true
-vndk_version := $(PLATFORM_VNDK_VERSION)
-include $(LOCAL_PATH)/update_and_install_ld_config.mk
+# This file will be replaced with dynamically generated one from system/linkerconfig
+LOCAL_MODULE_STEM := $(LOCAL_MODULE)
+LOCAL_SRC_FILES := etc/ld.config.txt
+include $(BUILD_PREBUILT)
else ifeq ($(_enforce_vndk_lite_at_runtime),true)
@@ -262,36 +260,6 @@
endif # ifeq ($(_enforce_vndk_at_runtime),true)
-# ld.config.txt for VNDK versions older than PLATFORM_VNDK_VERSION
-# are built with the VNDK libraries lists under /prebuilts/vndk.
-#
-# ld.config.$(VER).txt is built and installed for all VNDK versions
-# listed in PRODUCT_EXTRA_VNDK_VERSIONS.
-#
-# $(1): VNDK version
-define build_versioned_ld_config
-include $(CLEAR_VARS)
-LOCAL_MODULE := ld.config.$(1).txt
-LOCAL_MODULE_CLASS := ETC
-LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
-LOCAL_MODULE_STEM := $$(LOCAL_MODULE)
-include $(BUILD_SYSTEM)/base_rules.mk
-ld_config_template := $(LOCAL_PATH)/etc/ld.config.txt
-check_backward_compatibility := true
-vndk_version := $(1)
-lib_list_from_prebuilts := true
-include $(LOCAL_PATH)/update_and_install_ld_config.mk
-endef
-
-vndk_snapshots := $(wildcard prebuilts/vndk/*)
-supported_vndk_snapshot_versions := \
- $(strip $(patsubst prebuilts/vndk/v%,%,$(vndk_snapshots)))
-$(foreach ver,$(supported_vndk_snapshot_versions),\
- $(eval $(call build_versioned_ld_config,$(ver))))
-
-vndk_snapshots :=
-supported_vndk_snapshot_versions :=
-
#######################################
# ld.config.vndk_lite.txt
#
diff --git a/rootdir/etc/ld.config.legacy.txt b/rootdir/etc/ld.config.legacy.txt
index bb8d4d0..b7b0b2a 100644
--- a/rootdir/etc/ld.config.legacy.txt
+++ b/rootdir/etc/ld.config.legacy.txt
@@ -42,29 +42,29 @@
# APEX related namespaces.
###############################################################################
-additional.namespaces = runtime,conscrypt,media,neuralnetworks,resolv
+additional.namespaces = art,conscrypt,media,neuralnetworks,resolv
# Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
# If a shared library or an executable requests a shared library that
# cannot be loaded into the default namespace, the dynamic linker tries
-# to load the shared library from the runtime namespace. And then, if the
-# shared library cannot be loaded from the runtime namespace either, the
+# to load the shared library from the art namespace. And then, if the
+# shared library cannot be loaded from the art namespace either, the
# dynamic linker tries to load the shared library from the resolv namespace.
# Finally, if all attempts fail, the dynamic linker returns an error.
-namespace.default.links = runtime,resolv,neuralnetworks
-namespace.default.asan.links = runtime,resolv,neuralnetworks
-namespace.default.link.runtime.shared_libs = libandroidicu.so
-namespace.default.link.runtime.shared_libs += libdexfile_external.so
-namespace.default.link.runtime.shared_libs += libdexfiled_external.so
+namespace.default.links = art,resolv,neuralnetworks
+namespace.default.asan.links = art,resolv,neuralnetworks
+namespace.default.link.art.shared_libs = libandroidicu.so
+namespace.default.link.art.shared_libs += libdexfile_external.so
+namespace.default.link.art.shared_libs += libdexfiled_external.so
# TODO(b/120786417 or b/134659294): libicuuc.so and libicui18n.so are kept for app compat.
-namespace.default.link.runtime.shared_libs += libicui18n.so
-namespace.default.link.runtime.shared_libs += libicuuc.so
-namespace.default.link.runtime.shared_libs += libnativebridge.so
-namespace.default.link.runtime.shared_libs += libnativehelper.so
-namespace.default.link.runtime.shared_libs += libnativeloader.so
+namespace.default.link.art.shared_libs += libicui18n.so
+namespace.default.link.art.shared_libs += libicuuc.so
+namespace.default.link.art.shared_libs += libnativebridge.so
+namespace.default.link.art.shared_libs += libnativehelper.so
+namespace.default.link.art.shared_libs += libnativeloader.so
# TODO(b/122876336): Remove libpac.so once it's migrated to Webview
-namespace.default.link.runtime.shared_libs += libpac.so
+namespace.default.link.art.shared_libs += libpac.so
# When libnetd_resolv.so can't be found in the default namespace, search for it
# in the resolv namespace. Don't allow any other libraries from the resolv namespace
@@ -75,25 +75,24 @@
namespace.default.link.neuralnetworks.shared_libs = libneuralnetworks.so
###############################################################################
-# "runtime" APEX namespace
+# "art" APEX namespace
#
-# This namespace exposes externally accessible libraries from the Runtime APEX.
-# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
+# This namespace exposes externally accessible libraries from the ART APEX.
+# Keep in sync with the "art" namespace in art/build/apex/ld.config.txt.
###############################################################################
-# TODO(b/139408016): Rename this namespace to "art".
-namespace.runtime.isolated = true
+namespace.art.isolated = true
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
-namespace.runtime.visible = true
+namespace.art.visible = true
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.links = default
+namespace.art.search.paths = /apex/com.android.art/${LIB}
+namespace.art.asan.search.paths = /apex/com.android.art/${LIB}
+namespace.art.links = default
# Need allow_all_shared_libs because libart.so can dlopen oat files in
# /system/framework and /data.
# TODO(b/130340935): Use a dynamically created linker namespace similar to
# classloader-namespace for oat files, and tighten this up.
-namespace.runtime.link.default.allow_all_shared_libs = true
+namespace.art.link.default.allow_all_shared_libs = true
###############################################################################
# "media" APEX namespace
@@ -136,8 +135,8 @@
namespace.conscrypt.search.paths = /apex/com.android.conscrypt/${LIB}
namespace.conscrypt.asan.search.paths = /apex/com.android.conscrypt/${LIB}
-namespace.conscrypt.links = runtime,default
-namespace.conscrypt.link.runtime.shared_libs = libandroidio.so
+namespace.conscrypt.links = art,default
+namespace.conscrypt.link.art.shared_libs = libandroidio.so
namespace.conscrypt.link.default.shared_libs = libc.so
namespace.conscrypt.link.default.shared_libs += libm.so
namespace.conscrypt.link.default.shared_libs += libdl.so
diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt
index 60035aa..5c87843 100644
--- a/rootdir/etc/ld.config.txt
+++ b/rootdir/etc/ld.config.txt
@@ -1,803 +1,3 @@
-# Copyright (C) 2017 The Android Open Source Project
-#
-# Bionic loader config file.
-#
-
-# Don't change the order here. The first pattern that matches with the
-# absolute path of an executable is selected.
-dir.system = /system/bin/
-dir.system = /system/xbin/
-dir.system = /%SYSTEM_EXT%/bin/
-dir.system = /%PRODUCT%/bin/
-
-dir.vendor = /odm/bin/
-dir.vendor = /vendor/bin/
-dir.vendor = /data/nativetest/odm
-dir.vendor = /data/nativetest64/odm
-dir.vendor = /data/benchmarktest/odm
-dir.vendor = /data/benchmarktest64/odm
-dir.vendor = /data/nativetest/vendor
-dir.vendor = /data/nativetest64/vendor
-dir.vendor = /data/benchmarktest/vendor
-dir.vendor = /data/benchmarktest64/vendor
-
-dir.unrestricted = /data/nativetest/unrestricted
-dir.unrestricted = /data/nativetest64/unrestricted
-
-# TODO(b/123864775): Ensure tests are run from /data/nativetest{,64} or (if
-# necessary) the unrestricted subdirs above. Then clean this up.
-dir.unrestricted = /data/local/tmp
-
-dir.postinstall = /postinstall
-
-# Fallback entry to provide APEX namespace lookups for binaries anywhere else.
-# This must be last.
-dir.system = /data
-
-[system]
-additional.namespaces = runtime,conscrypt,media,neuralnetworks,resolv,sphal,vndk,rs
-
-###############################################################################
-# "default" namespace
-#
-# Framework-side code runs in this namespace. Libs from /vendor partition
-# can't be loaded in this namespace.
-###############################################################################
-namespace.default.isolated = true
-# Visible to allow links to be created at runtime, e.g. through
-# android_link_namespaces in libnativeloader.
-namespace.default.visible = true
-
-namespace.default.search.paths = /system/${LIB}
-namespace.default.search.paths += /%SYSTEM_EXT%/${LIB}
-namespace.default.search.paths += /%PRODUCT%/${LIB}
-
-# We can't have entire /system/${LIB} as permitted paths because doing so
-# makes it possible to load libs in /system/${LIB}/vndk* directories by
-# their absolute paths (e.g. dlopen("/system/lib/vndk/libbase.so");).
-# VNDK libs are built with previous versions of Android and thus must not be
-# loaded into this namespace where libs built with the current version of
-# Android are loaded. Mixing the two types of libs in the same namespace can
-# cause unexpected problem.
-namespace.default.permitted.paths = /system/${LIB}/drm
-namespace.default.permitted.paths += /system/${LIB}/extractors
-namespace.default.permitted.paths += /system/${LIB}/hw
-namespace.default.permitted.paths += /%SYSTEM_EXT%/${LIB}
-namespace.default.permitted.paths += /%PRODUCT%/${LIB}
-# These are where odex files are located. libart has to be able to dlopen the files
-namespace.default.permitted.paths += /system/framework
-namespace.default.permitted.paths += /system/app
-namespace.default.permitted.paths += /system/priv-app
-namespace.default.permitted.paths += /%SYSTEM_EXT%/framework
-namespace.default.permitted.paths += /%SYSTEM_EXT%/app
-namespace.default.permitted.paths += /%SYSTEM_EXT%/priv-app
-namespace.default.permitted.paths += /vendor/framework
-namespace.default.permitted.paths += /vendor/app
-namespace.default.permitted.paths += /vendor/priv-app
-namespace.default.permitted.paths += /system/vendor/framework
-namespace.default.permitted.paths += /system/vendor/app
-namespace.default.permitted.paths += /system/vendor/priv-app
-namespace.default.permitted.paths += /odm/framework
-namespace.default.permitted.paths += /odm/app
-namespace.default.permitted.paths += /odm/priv-app
-namespace.default.permitted.paths += /oem/app
-namespace.default.permitted.paths += /%PRODUCT%/framework
-namespace.default.permitted.paths += /%PRODUCT%/app
-namespace.default.permitted.paths += /%PRODUCT%/priv-app
-namespace.default.permitted.paths += /data
-namespace.default.permitted.paths += /mnt/expand
-namespace.default.permitted.paths += /apex/com.android.runtime/${LIB}/bionic
-namespace.default.permitted.paths += /system/${LIB}/bootstrap
-
-namespace.default.asan.search.paths = /data/asan/system/${LIB}
-namespace.default.asan.search.paths += /system/${LIB}
-namespace.default.asan.search.paths += /data/asan/%SYSTEM_EXT%/${LIB}
-namespace.default.asan.search.paths += /%SYSTEM_EXT%/${LIB}
-namespace.default.asan.search.paths += /data/asan/%PRODUCT%/${LIB}
-namespace.default.asan.search.paths += /%PRODUCT%/${LIB}
-
-namespace.default.asan.permitted.paths = /data
-namespace.default.asan.permitted.paths += /system/${LIB}/drm
-namespace.default.asan.permitted.paths += /system/${LIB}/extractors
-namespace.default.asan.permitted.paths += /system/${LIB}/hw
-namespace.default.asan.permitted.paths += /system/framework
-namespace.default.asan.permitted.paths += /system/app
-namespace.default.asan.permitted.paths += /system/priv-app
-namespace.default.asan.permitted.paths += /%SYSTEM_EXT%/${LIB}
-namespace.default.asan.permitted.paths += /%SYSTEM_EXT%/framework
-namespace.default.asan.permitted.paths += /%SYSTEM_EXT%/app
-namespace.default.asan.permitted.paths += /%SYSTEM_EXT%/priv-app
-namespace.default.asan.permitted.paths += /vendor/framework
-namespace.default.asan.permitted.paths += /vendor/app
-namespace.default.asan.permitted.paths += /vendor/priv-app
-namespace.default.asan.permitted.paths += /system/vendor/framework
-namespace.default.asan.permitted.paths += /system/vendor/app
-namespace.default.asan.permitted.paths += /system/vendor/priv-app
-namespace.default.asan.permitted.paths += /odm/framework
-namespace.default.asan.permitted.paths += /odm/app
-namespace.default.asan.permitted.paths += /odm/priv-app
-namespace.default.asan.permitted.paths += /oem/app
-namespace.default.asan.permitted.paths += /%PRODUCT%/${LIB}
-namespace.default.asan.permitted.paths += /%PRODUCT%/framework
-namespace.default.asan.permitted.paths += /%PRODUCT%/app
-namespace.default.asan.permitted.paths += /%PRODUCT%/priv-app
-namespace.default.asan.permitted.paths += /mnt/expand
-namespace.default.asan.permitted.paths += /apex/com.android.runtime/${LIB}/bionic
-namespace.default.asan.permitted.paths += /system/${LIB}/bootstrap
-
-# Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
-# If a shared library or an executable requests a shared library that
-# cannot be loaded into the default namespace, the dynamic linker tries
-# to load the shared library from the runtime namespace. And then, if the
-# shared library cannot be loaded from the runtime namespace either, the
-# dynamic linker tries to load the shared library from the resolv namespace.
-# Finally, if all attempts fail, the dynamic linker returns an error.
-namespace.default.links = runtime,resolv,neuralnetworks
-namespace.default.link.runtime.shared_libs = libandroidicu.so
-namespace.default.link.runtime.shared_libs += libdexfile_external.so
-namespace.default.link.runtime.shared_libs += libdexfiled_external.so
-# TODO(b/120786417 or b/134659294): libicuuc.so and libicui18n.so are kept for app compat.
-namespace.default.link.runtime.shared_libs += libicui18n.so
-namespace.default.link.runtime.shared_libs += libicuuc.so
-namespace.default.link.runtime.shared_libs += libnativebridge.so
-namespace.default.link.runtime.shared_libs += libnativehelper.so
-namespace.default.link.runtime.shared_libs += libnativeloader.so
-
-# TODO(b/122876336): Remove libpac.so once it's migrated to Webview
-namespace.default.link.runtime.shared_libs += libpac.so
-namespace.default.link.runtime.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-# When libnetd_resolv.so can't be found in the default namespace, search for it
-# in the resolv namespace. Don't allow any other libraries from the resolv namespace
-# to be loaded in the default namespace.
-namespace.default.link.resolv.shared_libs = libnetd_resolv.so
-
-# LLNDK library moved into apex
-namespace.default.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-###############################################################################
-# "runtime" APEX namespace
-#
-# This namespace exposes externally accessible libraries from the Runtime APEX.
-# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
-###############################################################################
-# TODO(b/139408016): Rename this namespace to "art".
-namespace.runtime.isolated = true
-# Visible to allow links to be created at runtime, e.g. through
-# android_link_namespaces in libnativeloader.
-namespace.runtime.visible = true
-
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.links = default
-# Need allow_all_shared_libs because libart.so can dlopen oat files in
-# /system/framework and /data.
-# TODO(b/130340935): Use a dynamically created linker namespace similar to
-# classloader-namespace for oat files, and tighten this up.
-namespace.runtime.link.default.allow_all_shared_libs = true
-
-###############################################################################
-# "media" APEX namespace
-#
-# This namespace is for libraries within the media APEX.
-###############################################################################
-namespace.media.isolated = true
-namespace.media.visible = true
-
-namespace.media.search.paths = /apex/com.android.media/${LIB}
-namespace.media.asan.search.paths = /apex/com.android.media/${LIB}
-
-namespace.media.permitted.paths = /apex/com.android.media/${LIB}/extractors
-namespace.media.asan.permitted.paths = /apex/com.android.media/${LIB}/extractors
-
-namespace.media.links = default,neuralnetworks
-namespace.media.link.default.shared_libs = %LLNDK_LIBRARIES%
-namespace.media.link.default.shared_libs += libbinder_ndk.so
-namespace.media.link.default.shared_libs += libcgrouprc.so
-namespace.media.link.default.shared_libs += libmediametrics.so
-namespace.media.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-# LLNDK library moved into apex
-namespace.media.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-###############################################################################
-# "conscrypt" APEX namespace
-#
-# This namespace is for libraries within the conscrypt APEX.
-# Keep in sync with the "conscrypt" namespace in art/build/apex/ld.config.txt.
-###############################################################################
-namespace.conscrypt.isolated = true
-namespace.conscrypt.visible = true
-
-namespace.conscrypt.search.paths = /apex/com.android.conscrypt/${LIB}
-namespace.conscrypt.asan.search.paths = /apex/com.android.conscrypt/${LIB}
-namespace.conscrypt.links = runtime,default
-namespace.conscrypt.link.runtime.shared_libs = libandroidio.so
-namespace.conscrypt.link.default.shared_libs = libc.so
-namespace.conscrypt.link.default.shared_libs += libm.so
-namespace.conscrypt.link.default.shared_libs += libdl.so
-namespace.conscrypt.link.default.shared_libs += liblog.so
-
-###############################################################################
-# "resolv" APEX namespace
-#
-# This namespace is for libraries within the resolv APEX.
-###############################################################################
-namespace.resolv.isolated = true
-namespace.resolv.visible = true
-
-namespace.resolv.search.paths = /apex/com.android.resolv/${LIB}
-namespace.resolv.asan.search.paths = /apex/com.android.resolv/${LIB}
-namespace.resolv.links = default
-namespace.resolv.link.default.shared_libs = libc.so
-namespace.resolv.link.default.shared_libs += libcgrouprc.so
-namespace.resolv.link.default.shared_libs += libm.so
-namespace.resolv.link.default.shared_libs += libdl.so
-namespace.resolv.link.default.shared_libs += libbinder_ndk.so
-namespace.resolv.link.default.shared_libs += liblog.so
-namespace.resolv.link.default.shared_libs += libvndksupport.so
-
-###############################################################################
-# "sphal" namespace
-#
-# SP-HAL(Sameprocess-HAL)s are the only vendor libraries that are allowed to be
-# loaded inside system processes. libEGL_<chipset>.so, libGLESv2_<chipset>.so,
-# android.hardware.graphics.mapper@2.0-impl.so, etc are SP-HALs.
-#
-# This namespace is exclusivly for SP-HALs. When the framework tries to dynami-
-# cally load SP-HALs, android_dlopen_ext() is used to explicitly specifying
-# that they should be searched and loaded from this namespace.
-#
-# Note that there is no link from the default namespace to this namespace.
-###############################################################################
-namespace.sphal.isolated = true
-# Visible to allow links to be created at runtime, e.g. through
-# android_link_namespaces in libnativeloader.
-namespace.sphal.visible = true
-
-namespace.sphal.search.paths = /odm/${LIB}
-namespace.sphal.search.paths += /vendor/${LIB}
-namespace.sphal.search.paths += /vendor/${LIB}/hw
-
-namespace.sphal.permitted.paths = /odm/${LIB}
-namespace.sphal.permitted.paths += /vendor/${LIB}
-namespace.sphal.permitted.paths += /system/vendor/${LIB}
-
-namespace.sphal.asan.search.paths = /data/asan/odm/${LIB}
-namespace.sphal.asan.search.paths += /odm/${LIB}
-namespace.sphal.asan.search.paths += /data/asan/vendor/${LIB}
-namespace.sphal.asan.search.paths += /vendor/${LIB}
-
-namespace.sphal.asan.permitted.paths = /data/asan/odm/${LIB}
-namespace.sphal.asan.permitted.paths += /odm/${LIB}
-namespace.sphal.asan.permitted.paths += /data/asan/vendor/${LIB}
-namespace.sphal.asan.permitted.paths += /vendor/${LIB}
-
-# Once in this namespace, access to libraries in /system/lib is restricted. Only
-# libs listed here can be used. Order is important here as the namespaces are
-# tried in this order. rs should be before vndk because both are capable
-# of loading libRS_internal.so
-namespace.sphal.links = rs,default,vndk,neuralnetworks
-
-# Renderscript gets separate namespace
-namespace.sphal.link.rs.shared_libs = libRS_internal.so
-
-namespace.sphal.link.default.shared_libs = %LLNDK_LIBRARIES%
-namespace.sphal.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-namespace.sphal.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES%
-
-# LLNDK library moved into apex
-namespace.sphal.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-
-###############################################################################
-# "rs" namespace
-#
-# This namespace is exclusively for Renderscript internal libraries.
-# This namespace has slightly looser restriction than the vndk namespace because
-# of the genuine characteristics of Renderscript; /data is in the permitted path
-# to load the compiled *.so file and libmediandk.so can be used here.
-###############################################################################
-namespace.rs.isolated = true
-namespace.rs.visible = true
-
-namespace.rs.search.paths = /odm/${LIB}/vndk-sp
-namespace.rs.search.paths += /vendor/${LIB}/vndk-sp
-namespace.rs.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
-namespace.rs.search.paths += /odm/${LIB}
-namespace.rs.search.paths += /vendor/${LIB}
-
-namespace.rs.permitted.paths = /odm/${LIB}
-namespace.rs.permitted.paths += /vendor/${LIB}
-namespace.rs.permitted.paths += /system/vendor/${LIB}
-namespace.rs.permitted.paths += /data
-
-namespace.rs.asan.search.paths = /data/asan/odm/${LIB}/vndk-sp
-namespace.rs.asan.search.paths += /odm/${LIB}/vndk-sp
-namespace.rs.asan.search.paths += /data/asan/vendor/${LIB}/vndk-sp
-namespace.rs.asan.search.paths += /vendor/${LIB}/vndk-sp
-namespace.rs.asan.search.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%
-namespace.rs.asan.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
-namespace.rs.asan.search.paths += /data/asan/odm/${LIB}
-namespace.rs.asan.search.paths += /odm/${LIB}
-namespace.rs.asan.search.paths += /data/asan/vendor/${LIB}
-namespace.rs.asan.search.paths += /vendor/${LIB}
-
-namespace.rs.asan.permitted.paths = /data/asan/odm/${LIB}
-namespace.rs.asan.permitted.paths += /odm/${LIB}
-namespace.rs.asan.permitted.paths += /data/asan/vendor/${LIB}
-namespace.rs.asan.permitted.paths += /vendor/${LIB}
-namespace.rs.asan.permitted.paths += /data
-
-namespace.rs.links = default,neuralnetworks
-
-namespace.rs.link.default.shared_libs = %LLNDK_LIBRARIES%
-namespace.rs.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-# Private LLNDK libs (e.g. libft2.so) are exceptionally allowed to this
-# namespace because RS framework libs are using them.
-namespace.rs.link.default.shared_libs += %PRIVATE_LLNDK_LIBRARIES%
-
-# LLNDK library moved into apex
-namespace.rs.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-
-###############################################################################
-# "vndk" namespace
-#
-# This namespace is exclusively for vndk-sp libs.
-###############################################################################
-namespace.vndk.isolated = true
-# Visible to allow links to be created at runtime, e.g. through
-# android_link_namespaces in libnativeloader.
-namespace.vndk.visible = true
-
-namespace.vndk.search.paths = /odm/${LIB}/vndk-sp
-namespace.vndk.search.paths += /vendor/${LIB}/vndk-sp
-namespace.vndk.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
-
-namespace.vndk.permitted.paths = /odm/${LIB}/hw
-namespace.vndk.permitted.paths += /odm/${LIB}/egl
-namespace.vndk.permitted.paths += /vendor/${LIB}/hw
-namespace.vndk.permitted.paths += /vendor/${LIB}/egl
-namespace.vndk.permitted.paths += /system/vendor/${LIB}/hw
-namespace.vndk.permitted.paths += /system/vendor/${LIB}/egl
-# This is exceptionally required since android.hidl.memory@1.0-impl.so is here
-namespace.vndk.permitted.paths += /system/${LIB}/vndk-sp%VNDK_VER%/hw
-
-namespace.vndk.asan.search.paths = /data/asan/odm/${LIB}/vndk-sp
-namespace.vndk.asan.search.paths += /odm/${LIB}/vndk-sp
-namespace.vndk.asan.search.paths += /data/asan/vendor/${LIB}/vndk-sp
-namespace.vndk.asan.search.paths += /vendor/${LIB}/vndk-sp
-namespace.vndk.asan.search.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%
-namespace.vndk.asan.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
-
-namespace.vndk.asan.permitted.paths = /data/asan/odm/${LIB}/hw
-namespace.vndk.asan.permitted.paths += /odm/${LIB}/hw
-namespace.vndk.asan.permitted.paths += /data/asan/odm/${LIB}/egl
-namespace.vndk.asan.permitted.paths += /odm/${LIB}/egl
-namespace.vndk.asan.permitted.paths += /data/asan/vendor/${LIB}/hw
-namespace.vndk.asan.permitted.paths += /vendor/${LIB}/hw
-namespace.vndk.asan.permitted.paths += /data/asan/vendor/${LIB}/egl
-namespace.vndk.asan.permitted.paths += /vendor/${LIB}/egl
-
-namespace.vndk.asan.permitted.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%/hw
-namespace.vndk.asan.permitted.paths += /system/${LIB}/vndk-sp%VNDK_VER%/hw
-
-# The "vndk" namespace links to "default" namespace for LLNDK libs and links to
-# "sphal" namespace for vendor libs. The ordering matters. The "default"
-# namespace has higher priority than the "sphal" namespace.
-namespace.vndk.links = default,sphal,runtime,neuralnetworks
-
-# When these NDK libs are required inside this namespace, then it is redirected
-# to the default namespace. This is possible since their ABI is stable across
-# Android releases.
-namespace.vndk.link.default.shared_libs = %LLNDK_LIBRARIES%
-namespace.vndk.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-namespace.vndk.link.runtime.shared_libs = %SANITIZER_RUNTIME_LIBRARIES%
-
-# Allow VNDK-SP extensions to use vendor libraries
-namespace.vndk.link.sphal.allow_all_shared_libs = true
-
-# LLNDK library moved into apex
-namespace.vndk.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-###############################################################################
-# "neuralnetworks" APEX namespace
-#
-# This namespace is for libraries within the NNAPI APEX.
-###############################################################################
-namespace.neuralnetworks.isolated = true
-namespace.neuralnetworks.visible = true
-
-namespace.neuralnetworks.search.paths = /apex/com.android.neuralnetworks/${LIB}
-namespace.neuralnetworks.asan.search.paths = /apex/com.android.neuralnetworks/${LIB}
-namespace.neuralnetworks.links = default
-namespace.neuralnetworks.link.default.shared_libs = libc.so
-namespace.neuralnetworks.link.default.shared_libs += libcgrouprc.so
-namespace.neuralnetworks.link.default.shared_libs += libdl.so
-namespace.neuralnetworks.link.default.shared_libs += liblog.so
-namespace.neuralnetworks.link.default.shared_libs += libm.so
-namespace.neuralnetworks.link.default.shared_libs += libnativewindow.so
-namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
-namespace.neuralnetworks.link.default.shared_libs += libsync.so
-namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
-
-###############################################################################
-# Namespace config for vendor processes. In O, no restriction is enforced for
-# them. However, in O-MR1, access to /system/${LIB} will not be allowed to
-# the default namespace. 'system' namespace will be added to give limited
-# (LL-NDK only) access.
-###############################################################################
-[vendor]
-additional.namespaces = runtime,system,neuralnetworks,vndk%VNDK_IN_SYSTEM_NS%
-
-###############################################################################
-# "default" namespace
-#
-# This is the default linker namespace for a vendor process (a process started
-# from /vendor/bin/*). The main executable and the libs under /vendor/lib[64]
-# are loaded directly into this namespace. However, other libs under the system
-# partition (VNDK and LLNDK libraries) are not loaded here but from the
-# separate namespace 'system'. The delegation to the system namespace is done
-# via the 'namespace.default.link.system.shared_libs' property below.
-#
-# '#VNDK27#' TAG is only for building ld.config.27.txt for backward
-# compatibility. (TODO:b/123390078) Move them to a separate file.
-###############################################################################
-namespace.default.isolated = true
-namespace.default.visible = true
-
-namespace.default.search.paths = /odm/${LIB}
-namespace.default.search.paths += /vendor/${LIB}
-
-namespace.default.permitted.paths = /odm
-namespace.default.permitted.paths += /vendor
-namespace.default.permitted.paths += /system/vendor
-#VNDK27#namespace.default.search.paths += /vendor/${LIB}/hw
-#VNDK27#namespace.default.search.paths += /vendor/${LIB}/egl
-
-namespace.default.asan.search.paths = /data/asan/odm/${LIB}
-namespace.default.asan.search.paths += /odm/${LIB}
-namespace.default.asan.search.paths += /data/asan/vendor/${LIB}
-namespace.default.asan.search.paths += /vendor/${LIB}
-#VNDK27#namespace.default.asan.search.paths += /data/asan/vendor/${LIB}/hw
-#VNDK27#namespace.default.asan.search.paths += /vendor/${LIB}/hw
-#VNDK27#namespace.default.asan.search.paths += /data/asan/vendor/${LIB}/egl
-#VNDK27#namespace.default.asan.search.paths += /vendor/${LIB}/egl
-
-namespace.default.asan.permitted.paths = /data/asan/odm
-namespace.default.asan.permitted.paths += /odm
-namespace.default.asan.permitted.paths += /data/asan/vendor
-namespace.default.asan.permitted.paths += /vendor
-
-namespace.default.links = system,vndk%VNDK_IN_SYSTEM_NS%,runtime,neuralnetworks
-namespace.default.link.runtime.shared_libs = %SANITIZER_RUNTIME_LIBRARIES%
-namespace.default.link.system.shared_libs = %LLNDK_LIBRARIES%
-namespace.default.link.system.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-namespace.default.link.vndk_in_system.shared_libs = %VNDK_USING_CORE_VARIANT_LIBRARIES%
-namespace.default.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES%
-namespace.default.link.vndk.shared_libs += %VNDK_CORE_LIBRARIES%
-
-# LLNDK library moved into apex
-namespace.default.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-###############################################################################
-# "runtime" APEX namespace
-#
-# This namespace exposes externally accessible libraries from the Runtime APEX.
-# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
-###############################################################################
-# TODO(b/139408016): Rename this namespace to "art".
-namespace.runtime.isolated = true
-
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.links = system
-# TODO(b/130340935): Use a dynamically created linker namespace similar to
-# classloader-namespace for oat files, and tighten this up.
-namespace.runtime.link.system.allow_all_shared_libs = true
-
-
-###############################################################################
-# "vndk" namespace
-#
-# This namespace is where VNDK and VNDK-SP libraries are loaded for
-# a vendor process.
-###############################################################################
-namespace.vndk.isolated = false
-
-namespace.vndk.search.paths = /odm/${LIB}/vndk
-namespace.vndk.search.paths += /odm/${LIB}/vndk-sp
-namespace.vndk.search.paths += /vendor/${LIB}/vndk
-namespace.vndk.search.paths += /vendor/${LIB}/vndk-sp
-namespace.vndk.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
-namespace.vndk.search.paths += /system/${LIB}/vndk%VNDK_VER%
-
-namespace.vndk.asan.search.paths = /data/asan/odm/${LIB}/vndk
-namespace.vndk.asan.search.paths += /odm/${LIB}/vndk
-namespace.vndk.asan.search.paths += /data/asan/odm/${LIB}/vndk-sp
-namespace.vndk.asan.search.paths += /odm/${LIB}/vndk-sp
-namespace.vndk.asan.search.paths += /data/asan/vendor/${LIB}/vndk
-namespace.vndk.asan.search.paths += /vendor/${LIB}/vndk
-namespace.vndk.asan.search.paths += /data/asan/vendor/${LIB}/vndk-sp
-namespace.vndk.asan.search.paths += /vendor/${LIB}/vndk-sp
-namespace.vndk.asan.search.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%
-namespace.vndk.asan.search.paths += /system/${LIB}/vndk-sp%VNDK_VER%
-namespace.vndk.asan.search.paths += /data/asan/system/${LIB}/vndk%VNDK_VER%
-namespace.vndk.asan.search.paths += /system/${LIB}/vndk%VNDK_VER%
-
-# When these NDK libs are required inside this namespace, then it is redirected
-# to the system namespace. This is possible since their ABI is stable across
-# Android releases. The links here should be identical to that of the
-# 'vndk_in_system' namespace, except for the link between 'vndk' and
-# 'vndk_in_system'.
-namespace.vndk.links = system,default%VNDK_IN_SYSTEM_NS%,runtime,neuralnetworks
-
-namespace.vndk.link.system.shared_libs = %LLNDK_LIBRARIES%
-namespace.vndk.link.system.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-namespace.vndk.link.default.allow_all_shared_libs = true
-
-namespace.vndk.link.runtime.shared_libs = %SANITIZER_RUNTIME_LIBRARIES%
-
-namespace.vndk.link.vndk_in_system.shared_libs = %VNDK_USING_CORE_VARIANT_LIBRARIES%
-
-# LLNDK library moved into apex
-namespace.vndk.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-###############################################################################
-# "system" namespace
-#
-# This namespace is where system libs (VNDK and LLNDK libs) are loaded for
-# a vendor process.
-###############################################################################
-namespace.system.isolated = false
-
-namespace.system.search.paths = /system/${LIB}
-namespace.system.search.paths += /%SYSTEM_EXT%/${LIB}
-namespace.system.search.paths += /%PRODUCT%/${LIB}
-
-namespace.system.asan.search.paths = /data/asan/system/${LIB}
-namespace.system.asan.search.paths += /system/${LIB}
-namespace.system.asan.search.paths += /data/asan/%SYSTEM_EXT%/${LIB}
-namespace.system.asan.search.paths += /%SYSTEM_EXT%/${LIB}
-namespace.system.asan.search.paths += /data/asan/%PRODUCT%/${LIB}
-namespace.system.asan.search.paths += /%PRODUCT%/${LIB}
-
-namespace.system.links = runtime
-namespace.system.link.runtime.shared_libs = libdexfile_external.so
-namespace.system.link.runtime.shared_libs += libdexfiled_external.so
-# TODO(b/120786417 or b/134659294): libicuuc.so and libicui18n.so are kept for app compat.
-namespace.system.link.runtime.shared_libs += libicui18n.so
-namespace.system.link.runtime.shared_libs += libicuuc.so
-namespace.system.link.runtime.shared_libs += libnativebridge.so
-namespace.system.link.runtime.shared_libs += libnativehelper.so
-namespace.system.link.runtime.shared_libs += libnativeloader.so
-# Workaround for b/124772622
-namespace.system.link.runtime.shared_libs += libandroidicu.so
-namespace.system.link.runtime.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-###############################################################################
-# "vndk_in_system" namespace
-#
-# This namespace is where no-vendor-variant VNDK libraries are loaded for a
-# vendor process. Note that we do not simply export these libraries from
-# "system" namespace, because in some case both the core variant and the
-# vendor variant of a VNDK library may be loaded. In such case, we do not
-# want to eliminate double-loading because doing so means the global states
-# of the library would be shared.
-#
-# Only the no-vendor-variant VNDK libraries are whitelisted in this namespace.
-# This is to ensure that we do not load libraries needed by no-vendor-variant
-# VNDK libraries into vndk_in_system namespace.
-###############################################################################
-namespace.vndk_in_system.isolated = true
-namespace.vndk_in_system.visible = true
-
-# The search paths here should be kept the same as that of the 'system'
-# namespace.
-namespace.vndk_in_system.search.paths = /system/${LIB}
-namespace.vndk_in_system.search.paths += /%SYSTEM_EXT%/${LIB}
-namespace.vndk_in_system.search.paths += /%PRODUCT%/${LIB}
-
-namespace.vndk_in_system.asan.search.paths = /data/asan/system/${LIB}
-namespace.vndk_in_system.asan.search.paths += /system/${LIB}
-namespace.vndk_in_system.asan.search.paths += /data/asan/%SYSTEM_EXT%/${LIB}
-namespace.vndk_in_system.asan.search.paths += /%SYSTEM_EXT%/${LIB}
-namespace.vndk_in_system.asan.search.paths += /data/asan/%PRODUCT%/${LIB}
-namespace.vndk_in_system.asan.search.paths += /%PRODUCT%/${LIB}
-
-namespace.vndk_in_system.whitelisted = %VNDK_USING_CORE_VARIANT_LIBRARIES%
-
-# The links here should be identical to that of the 'vndk' namespace, with the
-# following exception:
-# 1. 'vndk_in_system' needs to be freely linked back to 'vndk'.
-# 2. 'vndk_in_system' does not need to link to 'default', as any library that
-# requires anything vendor would not be a vndk_in_system library.
-namespace.vndk_in_system.links = vndk,system,runtime,neuralnetworks
-namespace.vndk_in_system.link.runtime.shared_libs = %SANITIZER_RUNTIME_LIBRARIES%
-
-namespace.vndk_in_system.link.system.shared_libs = %LLNDK_LIBRARIES%
-namespace.vndk_in_system.link.system.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-namespace.vndk_in_system.link.vndk.allow_all_shared_libs = true
-namespace.vndk_in_system.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-###############################################################################
-# "neuralnetworks" APEX namespace
-#
-# This namespace is for libraries within the NNAPI APEX.
-###############################################################################
-namespace.neuralnetworks.isolated = true
-namespace.neuralnetworks.visible = true
-
-namespace.neuralnetworks.search.paths = /apex/com.android.neuralnetworks/${LIB}
-namespace.neuralnetworks.asan.search.paths = /apex/com.android.neuralnetworks/${LIB}
-namespace.neuralnetworks.links = system
-namespace.neuralnetworks.link.system.shared_libs = libc.so
-namespace.neuralnetworks.link.system.shared_libs += libcgrouprc.so
-namespace.neuralnetworks.link.system.shared_libs += libdl.so
-namespace.neuralnetworks.link.system.shared_libs += liblog.so
-namespace.neuralnetworks.link.system.shared_libs += libm.so
-namespace.neuralnetworks.link.system.shared_libs += libnativewindow.so
-namespace.neuralnetworks.link.system.shared_libs += libneuralnetworks_packageinfo.so
-namespace.neuralnetworks.link.system.shared_libs += libsync.so
-namespace.neuralnetworks.link.system.shared_libs += libvndksupport.so
-
-###############################################################################
-# Namespace config for native tests that need access to both system and vendor
-# libraries. This replicates the default linker config (done by
-# init_default_namespace_no_config in bionic/linker/linker.cpp), except that it
-# includes the requisite namespace setup for APEXes.
-###############################################################################
-[unrestricted]
-additional.namespaces = runtime,media,conscrypt,resolv,neuralnetworks
-
-# Visible to allow links to be created at runtime, e.g. through
-# android_link_namespaces in libnativeloader.
-namespace.default.visible = true
-
-namespace.default.search.paths = /system/${LIB}
-namespace.default.search.paths += /odm/${LIB}
-namespace.default.search.paths += /vendor/${LIB}
-
-namespace.default.asan.search.paths = /data/asan/system/${LIB}
-namespace.default.asan.search.paths += /system/${LIB}
-namespace.default.asan.search.paths += /data/asan/odm/${LIB}
-namespace.default.asan.search.paths += /odm/${LIB}
-namespace.default.asan.search.paths += /data/asan/vendor/${LIB}
-namespace.default.asan.search.paths += /vendor/${LIB}
-
-# Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
-namespace.default.links = runtime,resolv,neuralnetworks
-namespace.default.link.runtime.shared_libs = libandroidicu.so
-namespace.default.link.runtime.shared_libs += libdexfile_external.so
-namespace.default.link.runtime.shared_libs += libdexfiled_external.so
-# TODO(b/120786417 or b/134659294): libicuuc.so and libicui18n.so are kept for app compat.
-namespace.default.link.runtime.shared_libs += libicui18n.so
-namespace.default.link.runtime.shared_libs += libicuuc.so
-namespace.default.link.runtime.shared_libs += libnativebridge.so
-namespace.default.link.runtime.shared_libs += libnativehelper.so
-namespace.default.link.runtime.shared_libs += libnativeloader.so
-
-# TODO(b/122876336): Remove libpac.so once it's migrated to Webview
-namespace.default.link.runtime.shared_libs += libpac.so
-namespace.default.link.runtime.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-namespace.default.link.resolv.shared_libs = libnetd_resolv.so
-namespace.default.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-###############################################################################
-# "runtime" APEX namespace
-#
-# This namespace exposes externally accessible libraries from the Runtime APEX.
-# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
-###############################################################################
-# TODO(b/139408016): Rename this namespace to "art".
-namespace.runtime.isolated = true
-# Visible to allow links to be created at runtime, e.g. through
-# android_link_namespaces in libnativeloader.
-namespace.runtime.visible = true
-
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.links = default
-# TODO(b/130340935): Use a dynamically created linker namespace similar to
-# classloader-namespace for oat files, and tighten this up.
-namespace.runtime.link.default.allow_all_shared_libs = true
-
-###############################################################################
-# "media" APEX namespace
-#
-# This namespace is for libraries within the media APEX.
-###############################################################################
-namespace.media.isolated = true
-namespace.media.visible = true
-
-namespace.media.search.paths = /apex/com.android.media/${LIB}
-namespace.media.asan.search.paths = /apex/com.android.media/${LIB}
-
-namespace.media.permitted.paths = /apex/com.android.media/${LIB}/extractors
-namespace.media.asan.permitted.paths = /apex/com.android.media/${LIB}/extractors
-
-namespace.media.links = default,neuralnetworks
-namespace.media.link.default.shared_libs = %LLNDK_LIBRARIES%
-namespace.media.link.default.shared_libs += libbinder_ndk.so
-namespace.media.link.default.shared_libs += libmediametrics.so
-namespace.media.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
-
-# LLNDK library moved into apex
-namespace.media.link.neuralnetworks.shared_libs = libneuralnetworks.so
-
-
-###############################################################################
-# "conscrypt" APEX namespace
-#
-# This namespace is for libraries within the conscrypt APEX.
-# Keep in sync with the "conscrypt" namespace in art/build/apex/ld.config.txt.
-###############################################################################
-namespace.conscrypt.isolated = true
-namespace.conscrypt.visible = true
-
-namespace.conscrypt.search.paths = /apex/com.android.conscrypt/${LIB}
-namespace.conscrypt.asan.search.paths = /apex/com.android.conscrypt/${LIB}
-namespace.conscrypt.links = runtime,default
-namespace.conscrypt.link.runtime.shared_libs = libandroidio.so
-namespace.conscrypt.link.default.shared_libs = libc.so
-namespace.conscrypt.link.default.shared_libs += libm.so
-namespace.conscrypt.link.default.shared_libs += libdl.so
-namespace.conscrypt.link.default.shared_libs += liblog.so
-
-###############################################################################
-# "resolv" APEX namespace
-#
-# This namespace is for libraries within the resolv APEX.
-###############################################################################
-namespace.resolv.isolated = true
-namespace.resolv.visible = true
-
-namespace.resolv.search.paths = /apex/com.android.resolv/${LIB}
-namespace.resolv.asan.search.paths = /apex/com.android.resolv/${LIB}
-namespace.resolv.links = default
-namespace.resolv.link.default.shared_libs = libc.so
-namespace.resolv.link.default.shared_libs += libm.so
-namespace.resolv.link.default.shared_libs += libdl.so
-namespace.resolv.link.default.shared_libs += libbinder_ndk.so
-namespace.resolv.link.default.shared_libs += liblog.so
-
-###############################################################################
-# "neuralnetworks" APEX namespace
-#
-# This namespace is for libraries within the NNAPI APEX.
-###############################################################################
-namespace.neuralnetworks.isolated = true
-namespace.neuralnetworks.visible = true
-
-namespace.neuralnetworks.search.paths = /apex/com.android.neuralnetworks/${LIB}
-namespace.neuralnetworks.asan.search.paths = /apex/com.android.neuralnetworks/${LIB}
-namespace.neuralnetworks.links = default
-namespace.neuralnetworks.link.default.shared_libs = libc.so
-namespace.neuralnetworks.link.default.shared_libs += libcgrouprc.so
-namespace.neuralnetworks.link.default.shared_libs += libdl.so
-namespace.neuralnetworks.link.default.shared_libs += liblog.so
-namespace.neuralnetworks.link.default.shared_libs += libm.so
-namespace.neuralnetworks.link.default.shared_libs += libnativewindow.so
-namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
-namespace.neuralnetworks.link.default.shared_libs += libsync.so
-namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
-
-###############################################################################
-# Namespace config for binaries under /postinstall.
-# Only default namespace is defined and default has no directories
-# other than /system/lib in the search paths. This is because linker calls
-# realpath on the search paths and this causes selinux denial if the paths
-# (/vendor, /odm) are not allowed to the postinstall binaries. There is no
-# reason to allow the binaries to access the paths.
-###############################################################################
-[postinstall]
-namespace.default.isolated = false
-namespace.default.search.paths = /system/${LIB}
-namespace.default.search.paths += /%SYSTEM_EXT%/${LIB}
-namespace.default.search.paths += /%PRODUCT%/${LIB}
+# This file is no longer in use.
+# Please update linker configuration generator instead.
+# You can find the code from /system/linkerconfig
\ No newline at end of file
diff --git a/rootdir/etc/ld.config.vndk_lite.txt b/rootdir/etc/ld.config.vndk_lite.txt
index b9b95a6..9c9f4a9 100644
--- a/rootdir/etc/ld.config.vndk_lite.txt
+++ b/rootdir/etc/ld.config.vndk_lite.txt
@@ -35,7 +35,7 @@
dir.system = /data
[system]
-additional.namespaces = runtime,conscrypt,media,neuralnetworks,resolv,sphal,vndk,rs
+additional.namespaces = art,conscrypt,media,neuralnetworks,resolv,sphal,vndk,rs
###############################################################################
# "default" namespace
@@ -68,23 +68,23 @@
# Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
# If a shared library or an executable requests a shared library that
# cannot be loaded into the default namespace, the dynamic linker tries
-# to load the shared library from the runtime namespace. And then, if the
-# shared library cannot be loaded from the runtime namespace either, the
+# to load the shared library from the art namespace. And then, if the
+# shared library cannot be loaded from the art namespace either, the
# dynamic linker tries to load the shared library from the resolv namespace.
# Finally, if all attempts fail, the dynamic linker returns an error.
-namespace.default.links = runtime,resolv,neuralnetworks
-namespace.default.link.runtime.shared_libs = libandroidicu.so
-namespace.default.link.runtime.shared_libs += libdexfile_external.so
-namespace.default.link.runtime.shared_libs += libdexfiled_external.so
+namespace.default.links = art,resolv,neuralnetworks
+namespace.default.link.art.shared_libs = libandroidicu.so
+namespace.default.link.art.shared_libs += libdexfile_external.so
+namespace.default.link.art.shared_libs += libdexfiled_external.so
# TODO(b/120786417 or b/134659294): libicuuc.so and libicui18n.so are kept for app compat.
-namespace.default.link.runtime.shared_libs += libicui18n.so
-namespace.default.link.runtime.shared_libs += libicuuc.so
-namespace.default.link.runtime.shared_libs += libnativebridge.so
-namespace.default.link.runtime.shared_libs += libnativehelper.so
-namespace.default.link.runtime.shared_libs += libnativeloader.so
+namespace.default.link.art.shared_libs += libicui18n.so
+namespace.default.link.art.shared_libs += libicuuc.so
+namespace.default.link.art.shared_libs += libnativebridge.so
+namespace.default.link.art.shared_libs += libnativehelper.so
+namespace.default.link.art.shared_libs += libnativeloader.so
# TODO(b/122876336): Remove libpac.so once it's migrated to Webview
-namespace.default.link.runtime.shared_libs += libpac.so
+namespace.default.link.art.shared_libs += libpac.so
# When libnetd_resolv.so can't be found in the default namespace, search for it
# in the resolv namespace. Don't allow any other libraries from the resolv namespace
@@ -95,25 +95,25 @@
namespace.default.link.neuralnetworks.shared_libs = libneuralnetworks.so
###############################################################################
-# "runtime" APEX namespace
+# "art" APEX namespace
#
-# This namespace pulls in externally accessible libs from the Runtime APEX.
-# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
+# This namespace pulls in externally accessible libs from the ART APEX.
+# Keep in sync with the "art" namespace in art/build/apex/ld.config.txt.
###############################################################################
-# TODO(b/139408016): Rename this namespace to "art".
-namespace.runtime.isolated = true
+namespace.art.isolated = true
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
-namespace.runtime.visible = true
+namespace.art.visible = true
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.links = default
+namespace.art.search.paths = /apex/com.android.art/${LIB}
+namespace.art.asan.search.paths = /apex/com.android.art/${LIB}
+namespace.art.links = default,neuralnetworks
# Need allow_all_shared_libs because libart.so can dlopen oat files in
# /system/framework and /data.
# TODO(b/130340935): Use a dynamically created linker namespace similar to
# classloader-namespace for oat files, and tighten this up.
-namespace.runtime.link.default.allow_all_shared_libs = true
+namespace.art.link.default.allow_all_shared_libs = true
+namespace.art.link.neuralnetworks.shared_libs = libneuralnetworks.so
###############################################################################
# "media" APEX namespace
@@ -148,12 +148,13 @@
namespace.conscrypt.search.paths = /apex/com.android.conscrypt/${LIB}
namespace.conscrypt.asan.search.paths = /apex/com.android.conscrypt/${LIB}
-namespace.conscrypt.links = runtime,default
-namespace.conscrypt.link.runtime.shared_libs = libandroidio.so
+namespace.conscrypt.links = art,default
+namespace.conscrypt.link.art.shared_libs = libandroidio.so
namespace.conscrypt.link.default.shared_libs = libc.so
namespace.conscrypt.link.default.shared_libs += libm.so
namespace.conscrypt.link.default.shared_libs += libdl.so
namespace.conscrypt.link.default.shared_libs += liblog.so
+namespace.conscrypt.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
###############################################################################
# "resolv" APEX namespace
@@ -173,6 +174,7 @@
namespace.resolv.link.default.shared_libs += libbinder_ndk.so
namespace.resolv.link.default.shared_libs += liblog.so
namespace.resolv.link.default.shared_libs += libvndksupport.so
+namespace.resolv.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
###############################################################################
# "sphal" namespace
@@ -347,7 +349,7 @@
namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
-
+namespace.neuralnetworks.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
###############################################################################
# Namespace config for vendor processes. In O, no restriction is enforced for
@@ -356,7 +358,7 @@
# (LL-NDK only) access.
###############################################################################
[vendor]
-additional.namespaces = runtime,neuralnetworks
+additional.namespaces = art,neuralnetworks
namespace.default.isolated = false
@@ -398,36 +400,35 @@
namespace.default.asan.search.paths += /data/asan/system/${LIB}/vndk%VNDK_VER%
namespace.default.asan.search.paths += /system/${LIB}/vndk%VNDK_VER%
-namespace.default.links = runtime,neuralnetworks
-namespace.default.link.runtime.shared_libs = libdexfile_external.so
-namespace.default.link.runtime.shared_libs += libdexfiled_external.so
+namespace.default.links = art,neuralnetworks
+namespace.default.link.art.shared_libs = libdexfile_external.so
+namespace.default.link.art.shared_libs += libdexfiled_external.so
# TODO(b/120786417 or b/134659294): libicuuc.so and libicui18n.so are kept for app compat.
-namespace.default.link.runtime.shared_libs += libicui18n.so
-namespace.default.link.runtime.shared_libs += libicuuc.so
-namespace.default.link.runtime.shared_libs += libnativebridge.so
-namespace.default.link.runtime.shared_libs += libnativehelper.so
-namespace.default.link.runtime.shared_libs += libnativeloader.so
+namespace.default.link.art.shared_libs += libicui18n.so
+namespace.default.link.art.shared_libs += libicuuc.so
+namespace.default.link.art.shared_libs += libnativebridge.so
+namespace.default.link.art.shared_libs += libnativehelper.so
+namespace.default.link.art.shared_libs += libnativeloader.so
# Workaround for b/124772622
-namespace.default.link.runtime.shared_libs += libandroidicu.so
+namespace.default.link.art.shared_libs += libandroidicu.so
# LLNDK library moved into apex
namespace.default.link.neuralnetworks.shared_libs = libneuralnetworks.so
###############################################################################
-# "runtime" APEX namespace
+# "art" APEX namespace
#
-# This namespace exposes externally accessible libraries from the Runtime APEX.
-# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
+# This namespace exposes externally accessible libraries from the ART APEX.
+# Keep in sync with the "art" namespace in art/build/apex/ld.config.txt.
###############################################################################
-# TODO(b/139408016): Rename this namespace to "art".
-namespace.runtime.isolated = true
+namespace.art.isolated = true
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.links = default
+namespace.art.search.paths = /apex/com.android.art/${LIB}
+namespace.art.asan.search.paths = /apex/com.android.art/${LIB}
+namespace.art.links = default
# TODO(b/130340935): Use a dynamically created linker namespace similar to
# classloader-namespace for oat files, and tighten this up.
-namespace.runtime.link.default.allow_all_shared_libs = true
+namespace.art.link.default.allow_all_shared_libs = true
###############################################################################
# "neuralnetworks" APEX namespace
@@ -449,7 +450,7 @@
namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
-
+namespace.neuralnetworks.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
###############################################################################
# Namespace config for native tests that need access to both system and vendor
@@ -458,7 +459,7 @@
# includes the requisite namespace setup for APEXes.
###############################################################################
[unrestricted]
-additional.namespaces = runtime,media,conscrypt,resolv,neuralnetworks
+additional.namespaces = art,media,conscrypt,resolv,neuralnetworks
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
@@ -476,20 +477,19 @@
namespace.default.asan.search.paths += /vendor/${LIB}
# Keep in sync with the "platform" namespace in art/build/apex/ld.config.txt.
-namespace.default.links = runtime,resolv,neuralnetworks
-namespace.default.link.runtime.shared_libs = libandroidicu.so
-namespace.default.link.runtime.shared_libs += libdexfile_external.so
-namespace.default.link.runtime.shared_libs += libdexfiled_external.so
+namespace.default.links = art,resolv,neuralnetworks
+namespace.default.link.art.shared_libs = libandroidicu.so
+namespace.default.link.art.shared_libs += libdexfile_external.so
+namespace.default.link.art.shared_libs += libdexfiled_external.so
# TODO(b/120786417 or b/134659294): libicuuc.so and libicui18n.so are kept for app compat.
-namespace.default.link.runtime.shared_libs += libicui18n.so
-namespace.default.link.runtime.shared_libs += libicuuc.so
-namespace.default.link.runtime.shared_libs += libnativebridge.so
-namespace.default.link.runtime.shared_libs += libnativehelper.so
-namespace.default.link.runtime.shared_libs += libnativeloader.so
+namespace.default.link.art.shared_libs += libicui18n.so
+namespace.default.link.art.shared_libs += libicuuc.so
+namespace.default.link.art.shared_libs += libnativebridge.so
+namespace.default.link.art.shared_libs += libnativehelper.so
+namespace.default.link.art.shared_libs += libnativeloader.so
# TODO(b/122876336): Remove libpac.so once it's migrated to Webview
-namespace.default.link.runtime.shared_libs += libpac.so
-namespace.default.link.runtime.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
+namespace.default.link.art.shared_libs += libpac.so
namespace.default.link.resolv.shared_libs = libnetd_resolv.so
@@ -497,22 +497,22 @@
namespace.default.link.neuralnetworks.shared_libs = libneuralnetworks.so
###############################################################################
-# "runtime" APEX namespace
+# "art" APEX namespace
#
-# This namespace exposes externally accessible libraries from the Runtime APEX.
-# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
+# This namespace exposes externally accessible libraries from the ART APEX.
+# Keep in sync with the "art" namespace in art/build/apex/ld.config.txt.
###############################################################################
-# TODO(b/139408016): Rename this namespace to "art".
-namespace.runtime.isolated = true
+namespace.art.isolated = true
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
-namespace.runtime.visible = true
+namespace.art.visible = true
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.links = default
+namespace.art.search.paths = /apex/com.android.art/${LIB}
+namespace.art.asan.search.paths = /apex/com.android.art/${LIB}
+namespace.art.links = default
# TODO(b/130340935): Use a dynamically created linker namespace similar to
# classloader-namespace for oat files, and tighten this up.
+namespace.runtime.link.default.allow_all_shared_libs = true
###############################################################################
# "media" APEX namespace
@@ -547,11 +547,12 @@
namespace.conscrypt.search.paths = /apex/com.android.conscrypt/${LIB}
namespace.conscrypt.asan.search.paths = /apex/com.android.conscrypt/${LIB}
-namespace.conscrypt.links = runtime,default
-namespace.conscrypt.link.runtime.shared_libs = libandroidio.so
+namespace.conscrypt.links = art,default
+namespace.conscrypt.link.art.shared_libs = libandroidio.so
namespace.conscrypt.link.default.shared_libs = libc.so
namespace.conscrypt.link.default.shared_libs += libm.so
namespace.conscrypt.link.default.shared_libs += libdl.so
+namespace.conscrypt.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
###############################################################################
# "resolv" APEX namespace
@@ -569,6 +570,7 @@
namespace.resolv.link.default.shared_libs += libm.so
namespace.resolv.link.default.shared_libs += libdl.so
namespace.resolv.link.default.shared_libs += libbinder_ndk.so
+namespace.resolv.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
###############################################################################
# "neuralnetworks" APEX namespace
@@ -590,7 +592,7 @@
namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
-
+namespace.neuralnetworks.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
###############################################################################
# Namespace config for binaries under /postinstall.
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 6b000c6..107ad95 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -919,6 +919,14 @@
on init && property:ro.debuggable=1
start console
-service flash_recovery /system/bin/install-recovery.sh
- class main
- oneshot
+on userspace-reboot:
+ # TODO(b/135984674): reset all necessary properties here.
+ setprop sys.init.userspace_reboot_in_progress 1
+
+on userspace-reboot-resume:
+ # TODO(b/135984674): remount userdata and reset checkpointing
+ trigger nonencrypted
+ trigger post-fs-data
+ trigger zygote-start
+ trigger early-boot
+ trigger boot
diff --git a/rootdir/update_and_install_ld_config.mk b/rootdir/update_and_install_ld_config.mk
index c4b8e4e..44f7b65 100644
--- a/rootdir/update_and_install_ld_config.mk
+++ b/rootdir/update_and_install_ld_config.mk
@@ -38,8 +38,8 @@
llndk_libraries_file := $(library_lists_dir)/llndk.libraries.$(vndk_version).txt
vndksp_libraries_file := $(library_lists_dir)/vndksp.libraries.$(vndk_version).txt
-vndkcore_libraries_file := $(library_lists_dir)/vndkcore.libraries.txt
-vndkprivate_libraries_file := $(library_lists_dir)/vndkprivate.libraries.txt
+vndkcore_libraries_file := $(library_lists_dir)/vndkcore.libraries.$(vndk_version).txt
+vndkprivate_libraries_file := $(library_lists_dir)/vndkprivate.libraries.$(vndk_version).txt
llndk_moved_to_apex_libraries_file := $(library_lists_dir)/llndkinapex.libraries.txt
ifeq ($(my_vndk_use_core_variant),true)
vndk_using_core_variant_libraries_file := $(library_lists_dir)/vndk_using_core_variant.libraries.$(vndk_version).txt