Bionic libs are located at /system/lib
Bionic libs, regardless of whether they are bootstrap ones or from the
runtime APEX, are available via /system/lib. Since /system/lib is in the
search paths of the default(platform) namespace, there is no need to
list the bionic libs to the namespace link to the runtime namespace.
Bug: 120266448
Test: m; device boots
Test: atest CtsJniTestCases CtsCompilationTestCases CtsBionicTestCases
all passing except for following tests that are also failing at ToT
dl#exec_linker
dl#exec_linker_load_from_zip
dl#exec_linker_load_self
dl#exec_linker_load_file
Change-Id: Ib67acd4f384b2f0e70b5fe8ec6b45a5506367223
diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt
index 5601e53..2dda648 100644
--- a/rootdir/etc/ld.config.txt
+++ b/rootdir/etc/ld.config.txt
@@ -109,8 +109,7 @@
# Keep in sync with ld.config.txt in the com.android.runtime APEX.
namespace.default.links = runtime
-namespace.default.link.runtime.shared_libs = libc.so:libdl.so:libm.so
-namespace.default.link.runtime.shared_libs += libart.so:libartd.so
+namespace.default.link.runtime.shared_libs = libart.so:libartd.so
namespace.default.link.runtime.shared_libs += libnativebridge.so
namespace.default.link.runtime.shared_libs += libnativehelper.so
namespace.default.link.runtime.shared_libs += libnativeloader.so
@@ -163,12 +162,8 @@
# Once in this namespace, access to libraries in /system/lib is restricted. Only
# libs listed here can be used.
-namespace.sphal.links = runtime,default,vndk,rs
+namespace.sphal.links = default,vndk,rs
-namespace.sphal.link.runtime.shared_libs = libc.so:libdl.so:libm.so
-
-# LLNDK_LIBRARIES includes the runtime libs above, but the order here ensures
-# that they are loaded from the runtime namespace.
namespace.sphal.link.default.shared_libs = %LLNDK_LIBRARIES%
namespace.sphal.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
@@ -215,9 +210,7 @@
namespace.rs.asan.permitted.paths += /vendor/${LIB}
namespace.rs.asan.permitted.paths += /data
-namespace.rs.links = runtime,default,vndk
-
-namespace.rs.link.runtime.shared_libs = libc.so:libdl.so:libm.so
+namespace.rs.links = default,vndk
namespace.rs.link.default.shared_libs = %LLNDK_LIBRARIES%
namespace.rs.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
@@ -265,13 +258,10 @@
namespace.vndk.asan.permitted.paths += /data/asan/system/${LIB}/vndk-sp%VNDK_VER%/hw
namespace.vndk.asan.permitted.paths += /system/${LIB}/vndk-sp%VNDK_VER%/hw
-# The "vndk" namespace links to "runtime" for Bionic libs, "default" namespace
-# for LLNDK libs, and links to "sphal" namespace for vendor libs. The ordering
-# matters. The "default" namespace has higher priority than the "sphal"
-# namespace.
-namespace.vndk.links = runtime,default,sphal
-
-namespace.vndk.link.runtime.shared_libs = libc.so:libdl.so:libm.so
+# The "vndk" namespace links to "default" namespace for LLNDK libs and links to
+# "sphal" namespace for vendor libs. The ordering matters. The "default"
+# namespace has higher priority than the "sphal" namespace.
+namespace.vndk.links = default,sphal
# When these NDK libs are required inside this namespace, then it is redirected
# to the default namespace. This is possible since their ABI is stable across
@@ -290,7 +280,7 @@
# (LL-NDK only) access.
###############################################################################
[vendor]
-additional.namespaces = runtime,system,vndk
+additional.namespaces = system,vndk
###############################################################################
# "default" namespace
@@ -321,24 +311,12 @@
namespace.default.asan.permitted.paths += /data/asan/vendor
namespace.default.asan.permitted.paths += /vendor
-namespace.default.links = runtime,system,vndk
-namespace.default.link.runtime.shared_libs = libc.so:libdl.so:libm.so
+namespace.default.links = system,vndk
namespace.default.link.system.shared_libs = %LLNDK_LIBRARIES%
namespace.default.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES%
namespace.default.link.vndk.shared_libs += %VNDK_CORE_LIBRARIES%
###############################################################################
-# "runtime" APEX namespace
-#
-# This namespace pulls in externally accessible libs from the Runtime APEX.
-###############################################################################
-namespace.runtime.isolated = true
-namespace.runtime.search.paths = /apex/com.android.runtime/${LIB}
-namespace.runtime.links = system
-# TODO(b/119867084): Restrict to Bionic dlopen dependencies.
-namespace.runtime.link.system.allow_all_shared_libs = true
-
-###############################################################################
# "vndk" namespace
#
# This namespace is where VNDK and VNDK-SP libraries are loaded for
@@ -369,9 +347,7 @@
# When these NDK libs are required inside this namespace, then it is redirected
# to the system namespace. This is possible since their ABI is stable across
# Android releases.
-namespace.vndk.links = runtime,system,default
-
-namespace.vndk.link.runtime.shared_libs = libc.so:libdl.so:libm.so
+namespace.vndk.links = system,default
namespace.vndk.link.system.shared_libs = %LLNDK_LIBRARIES%
namespace.vndk.link.system.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
@@ -397,36 +373,16 @@
namespace.system.asan.search.paths += /data/asan/product_services/${LIB}
namespace.system.asan.search.paths += /%PRODUCT_SERVICES%/${LIB}
-namespace.system.links = runtime
-namespace.system.link.runtime.shared_libs = libc.so:libdl.so:libm.so
-
-
###############################################################################
# Namespace config for binaries under /postinstall.
-# Only default and runtime namespaces are defined and default has no directories
+# Only default namespace is defined and default has no directories
# other than /system/lib in the search paths. This is because linker calls
# realpath on the search paths and this causes selinux denial if the paths
# (/vendor, /odm) are not allowed to the postinstall binaries. There is no
# reason to allow the binaries to access the paths.
###############################################################################
[postinstall]
-additional.namespaces = runtime
-
namespace.default.isolated = false
namespace.default.search.paths = /system/${LIB}
namespace.default.search.paths += /%PRODUCT%/${LIB}
namespace.default.search.paths += /%PRODUCT_SERVICES%/${LIB}
-
-namespace.default.links = runtime
-namespace.default.link.runtime.shared_libs = libc.so:libdl.so:libm.so
-
-###############################################################################
-# "runtime" APEX namespace
-#
-# This namespace pulls in externally accessible libs from the Runtime APEX.
-###############################################################################
-namespace.runtime.isolated = true
-namespace.runtime.search.paths = /apex/com.android.runtime/${LIB}
-namespace.runtime.links = default
-# TODO(b/119867084): Restrict to Bionic dlopen dependencies.
-namespace.runtime.link.default.allow_all_shared_libs = true
diff --git a/rootdir/etc/ld.config.vndk_lite.txt b/rootdir/etc/ld.config.vndk_lite.txt
index 7ca45ff..33b4698 100644
--- a/rootdir/etc/ld.config.vndk_lite.txt
+++ b/rootdir/etc/ld.config.vndk_lite.txt
@@ -57,8 +57,7 @@
# Keep in sync with ld.config.txt in the com.android.runtime APEX.
namespace.default.links = runtime
-namespace.default.link.runtime.shared_libs = libc.so:libdl.so:libm.so
-namespace.default.link.runtime.shared_libs += libart.so:libartd.so
+namespace.default.link.runtime.shared_libs = libart.so:libartd.so
namespace.default.link.runtime.shared_libs += libnativehelper.so
namespace.default.link.runtime.shared_libs += libnativeloader.so
@@ -110,12 +109,8 @@
# Once in this namespace, access to libraries in /system/lib is restricted. Only
# libs listed here can be used.
-namespace.sphal.links = runtime,default,vndk,rs
+namespace.sphal.links = default,vndk,rs
-namespace.sphal.link.runtime.shared_libs = libc.so:libdl.so:libm.so
-
-# LLNDK_LIBRARIES includes the runtime libs above, but the order here ensures
-# that they are loaded from the runtime namespace.
namespace.sphal.link.default.shared_libs = %LLNDK_LIBRARIES%
namespace.sphal.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
@@ -162,9 +157,7 @@
namespace.rs.asan.permitted.paths += /vendor/${LIB}
namespace.rs.asan.permitted.paths += /data
-namespace.rs.links = runtime,default,vndk
-
-namespace.rs.link.runtime.shared_libs = libc.so:libdl.so:libm.so
+namespace.rs.links = default,vndk
namespace.rs.link.default.shared_libs = %LLNDK_LIBRARIES%
namespace.rs.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
@@ -215,9 +208,7 @@
# When these NDK libs are required inside this namespace, then it is redirected
# to the default namespace. This is possible since their ABI is stable across
# Android releases.
-namespace.vndk.links = runtime,default
-
-namespace.vndk.link.runtime.shared_libs = libc.so:libdl.so:libm.so
+namespace.vndk.links = default
namespace.vndk.link.default.shared_libs = %LLNDK_LIBRARIES%
namespace.vndk.link.default.shared_libs += %SANITIZER_RUNTIME_LIBRARIES%
@@ -230,7 +221,6 @@
# (LL-NDK only) access.
###############################################################################
[vendor]
-additional.namespaces = runtime
namespace.default.isolated = false
namespace.default.search.paths = /odm/${LIB}
@@ -270,47 +260,16 @@
namespace.default.asan.search.paths += /data/asan/product_services/${LIB}
namespace.default.asan.search.paths += /%PRODUCT_SERVICES%/${LIB}
-namespace.default.links = runtime
-namespace.default.link.runtime.shared_libs = libc.so:libdl.so:libm.so
-
-###############################################################################
-# "runtime" APEX namespace
-#
-# This namespace pulls in externally accessible libs from the Runtime APEX.
-###############################################################################
-namespace.runtime.isolated = true
-namespace.runtime.search.paths = /apex/com.android.runtime/${LIB}
-namespace.runtime.links = default
-# TODO(b/119867084): Restrict to Bionic dlopen dependencies.
-namespace.runtime.link.default.allow_all_shared_libs = true
-
-
###############################################################################
# Namespace config for binaries under /postinstall.
-# Only default and runtime namespaces are defined and default has no directories
+# Only default namespace is defined and default has no directories
# other than /system/lib in the search paths. This is because linker calls
# realpath on the search paths and this causes selinux denial if the paths
# (/vendor, /odm) are not allowed to the postinstall binaries. There is no
# reason to allow the binaries to access the paths.
###############################################################################
[postinstall]
-additional.namespaces = runtime
-
namespace.default.isolated = false
namespace.default.search.paths = /system/${LIB}
namespace.default.search.paths += /%PRODUCT%/${LIB}
namespace.default.search.paths += /%PRODUCT_SERVICES%/${LIB}
-
-namespace.default.links = runtime
-namespace.default.link.runtime.shared_libs = libc.so:libdl.so:libm.so
-
-###############################################################################
-# "runtime" APEX namespace
-#
-# This namespace pulls in externally accessible libs from the Runtime APEX.
-###############################################################################
-namespace.runtime.isolated = true
-namespace.runtime.search.paths = /apex/com.android.runtime/${LIB}
-namespace.runtime.links = default
-# TODO(b/119867084): Restrict to Bionic dlopen dependencies.
-namespace.runtime.link.default.allow_all_shared_libs = true