blob: 1c67aab6e32667e426eef45a900e3e0006b9472b [file] [log] [blame]
/*
* Copyright (C) 2021 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#define LOG_TAG "apex_shared_libraries_test"
#include <android-base/logging.h>
#include <android-base/properties.h>
#include <android-base/scopeguard.h>
#include <android-base/strings.h>
#include <android/dlext.h>
#include <dlfcn.h>
#include <fstab/fstab.h>
#include <gtest/gtest.h>
#include <link.h>
#include <filesystem>
#include <fstream>
#include <regex>
#include <sstream>
#include <string>
using android::base::GetBoolProperty;
using android::base::Split;
using android::base::StartsWith;
using android::fs_mgr::Fstab;
using android::fs_mgr::ReadFstabFromFile;
namespace fs = std::filesystem;
// No header available for these symbols
extern "C" struct android_namespace_t* android_get_exported_namespace(
const char* name);
extern "C" struct android_namespace_t* android_create_namespace(
const char* name, const char* ld_library_path,
const char* default_library_path, uint64_t type,
const char* permitted_when_isolated_path,
struct android_namespace_t* parent);
#if !defined(__LP64__)
static constexpr const char LIB[] = "lib";
#else // !__LP64__
static constexpr const char LIB[] = "lib64";
#endif // !__LP64_
static constexpr const char kApexSharedLibsRoot[] = "/apex/sharedlibs";
// Before running the test, make sure that certain libraries are not pre-loaded
// in the test process.
void check_preloaded_libraries() {
static constexpr const char* unwanted[] = {
"libbase.so",
"libcrypto.so",
};
std::ifstream f("/proc/self/maps");
std::string line;
while (std::getline(f, line)) {
for (const char* lib : unwanted) {
EXPECT_TRUE(line.find(lib) == std::string::npos)
<< "Library " << lib << " seems preloaded in the test process. "
<< "This is a potential error. Please remove direct or transitive "
<< "dependency to this library. You may debug this by running this "
<< "test with `export LD_DEBUG=1` and "
<< "`setprop debug.ld.all dlopen,dlerror`.";
}
}
}
TEST(apex_shared_libraries, symlink_libraries_loadable) {
check_preloaded_libraries();
Fstab fstab;
ASSERT_TRUE(ReadFstabFromFile("/proc/mounts", &fstab));
// Regex to use when checking if a mount is for an active APEX or not. Note
// that non-active APEX mounts don't have the @<number> marker.
std::regex active_apex_pattern(R"(/apex/(.*)@\d+)");
// Traverse mount points to identify apexs.
for (auto& entry : fstab) {
std::cmatch m;
if (!std::regex_match(entry.mount_point.c_str(), m, active_apex_pattern)) {
continue;
}
// Linker namespace name of the apex com.android.foo is com_android_foo.
std::string apex_namespace_name = m[1];
std::replace(apex_namespace_name.begin(), apex_namespace_name.end(), '.',
'_');
// Filter out any mount irrelevant (e.g. tmpfs)
std::string dev_file = fs::path(entry.blk_device).filename();
if (!StartsWith(dev_file, "loop") && !StartsWith(dev_file, "dm-")) {
continue;
}
auto lib = fs::path(entry.mount_point) / LIB;
if (!fs::is_directory(lib)) {
continue;
}
for (auto& p : fs::directory_iterator(lib)) {
std::error_code ec;
if (!fs::is_symlink(p, ec)) {
continue;
}
// We are only checking libraries pointing at a location inside
// /apex/sharedlibs.
auto target = fs::read_symlink(p.path(), ec);
if (ec || !StartsWith(target.string(), kApexSharedLibsRoot)) {
continue;
}
LOG(INFO) << "Checking " << p.path();
// Symlink validity check.
auto dest = fs::canonical(p.path(), ec);
EXPECT_FALSE(ec) << "Failed to resolve " << p.path() << " (symlink to "
<< target << "): " << ec;
if (ec) {
continue;
}
// Library loading validity check.
dlerror(); // Clear any pending errors.
android_namespace_t* ns =
android_get_exported_namespace(apex_namespace_name.c_str());
if (ns == nullptr) {
LOG(INFO) << "Creating linker namespace " << apex_namespace_name;
// In case the apex namespace doesn't exist (actually not accessible),
// create a new one that can search libraries from the apex directory
// and can load (but not search) from the shared lib APEX.
std::string search_paths = lib;
search_paths.push_back(':');
// Adding "/system/lib[64]" is not ideal; we need to link to the
// namespace that is capable of loading libs from the directory.
// However, since the namespace (the `system` namespace) is not
// exported, we can't make a link. Instead, we allow this new namespace
// to search/load libraries from the directory.
search_paths.append(std::string("/system/") + LIB);
std::string permitted_paths = "/apex";
ns = android_create_namespace(
apex_namespace_name.c_str(),
/* ld_library_path=*/nullptr,
/* default_library_path=*/search_paths.c_str(),
/* type=*/3, // ISOLATED and SHARED
/* permitted_when_isolated_path=*/permitted_paths.c_str(),
/* parent=*/nullptr);
}
EXPECT_TRUE(ns != nullptr)
<< "Cannot find or create namespace " << apex_namespace_name;
const android_dlextinfo dlextinfo = {
.flags = ANDROID_DLEXT_USE_NAMESPACE,
.library_namespace = ns,
};
void* handle = android_dlopen_ext(p.path().c_str(), RTLD_NOW, &dlextinfo);
EXPECT_TRUE(handle != nullptr)
<< "Failed to load " << p.path() << " which is a symlink to "
<< target << ".\n"
<< "Reason: " << dlerror() << "\n"
<< "Make sure that the library is accessible.";
if (handle == nullptr) {
continue;
}
auto guard = android::base::make_scope_guard([&]() { dlclose(handle); });
// Check that library is loaded and pointing to the realpath of the
// library.
auto dl_callback = [](dl_phdr_info* info, size_t /* size */, void* data) {
auto dest = *static_cast<fs::path*>(data);
if (info->dlpi_name == nullptr) {
// This is linker imposing as libdl.so - skip it
return 0;
}
int j;
for (j = 0; j < info->dlpi_phnum; j++) {
void* addr = (void*)(info->dlpi_addr + info->dlpi_phdr[j].p_vaddr);
Dl_info dl_info;
int rc = dladdr(addr, &dl_info);
if (rc == 0) {
continue;
}
if (dl_info.dli_fname) {
auto libpath = fs::path(dl_info.dli_fname);
if (libpath == dest) {
// Library found!
return 1;
}
}
}
return 0;
};
bool found = (dl_iterate_phdr(dl_callback, &dest) == 1);
EXPECT_TRUE(found) << "Error verifying library symlink " << p.path()
<< " which points to " << target
<< " which resolves to file " << dest;
if (found) {
LOG(INFO) << "Verified that " << p.path()
<< " correctly loads as library " << dest;
}
}
}
}