# Copyright (C) 2018 The Android Open Source Project # # Bionic loader config file for the ART APEX. # # There are no versioned APEX paths here - this APEX module does not support # having several versions mounted. dir.art = /apex/com.android.art/bin/ [art] additional.namespaces = system,conscrypt,art,neuralnetworks,adbd # The default namespace here only links to other namespaces, in particular "art" # where the real library loading takes place. Any outgoing links from "art" also # need to be present here. namespace.default.isolated = true namespace.default.links = art,system,adbd namespace.default.link.art.allow_all_shared_libs = true namespace.default.link.system.allow_all_shared_libs = true namespace.default.link.adbd.shared_libs = libadbconnection_client.so ############################################################################### # "art" APEX namespace # # This is the local namespace of this APEX, with the proper name "art" to make # links created e.g. through android_link_namespace work consistently with the # system linker config. ############################################################################### namespace.art.isolated = true # Visible to allow links to be created at runtime, e.g. through # android_link_namespaces in libnativeloader. namespace.art.visible = true # Keep in sync with the "art" namespace in system/core/rootdir/etc/ld.config*.txt. namespace.art.search.paths = /apex/com.android.art/${LIB} namespace.art.asan.search.paths = /apex/com.android.art/${LIB} # JVMTI libraries used in ART testing are located under /data; dalvikvm # has to be able to dlopen them. # TODO(b/129534335): Move this to the linker configuration of the Test # ART APEX when it is available. namespace.art.permitted.paths = /data namespace.art.asan.permitted.paths = /data # odex files are in /system/framework and /apex/com.android.art/javalib. # dalvikvm has to be able to dlopen the files for CTS. namespace.art.permitted.paths += /system/framework namespace.art.permitted.paths += /apex/com.android.art/javalib namespace.art.asan.permitted.paths += /system/framework namespace.art.asan.permitted.paths += /apex/com.android.art/javalib # TODO(b/144533348): to allow symlinks pointing the libs under /system/lib # Note that this however does not open all libs in the system partition to # the APEX namespaces, because searching of the libs are NOT done in # /system/lib, but in /apex//lib directory. namespace.art.permitted.paths += /system/${LIB} namespace.art.asan.permitted.paths += /system/${LIB} namespace.art.links = system,neuralnetworks,adbd # Need allow_all_shared_libs because libart.so can dlopen oat files in # /system/framework and /data. # TODO(b/130340935): Use a dynamically created linker namespace similar to # classloader-namespace for oat files, and tighten this up. namespace.art.link.system.allow_all_shared_libs = true namespace.art.link.neuralnetworks.shared_libs = libneuralnetworks.so namespace.art.link.adbd.shared_libs = libadbconnection_client.so ############################################################################### # "system" namespace # # Corresponds to the default namespace in /system/etc/ld.config.txt. Please keep # in sync with linker config files in system/core/rootdir/etc. ############################################################################### namespace.system.isolated = true # Visible to allow links to be created at runtime, e.g. through # android_link_namespaces in libnativeloader. namespace.system.visible = true namespace.system.search.paths = /system/${LIB} namespace.system.asan.search.paths = /data/asan/system/${LIB} namespace.system.links = art,adbd namespace.system.link.art.shared_libs = libandroidicu.so namespace.system.link.art.shared_libs += libdexfile_external.so namespace.system.link.art.shared_libs += libdexfiled_external.so # TODO(b/120786417 or b/134659294): libicuuc.so and libicui18n.so are kept for app compat. namespace.system.link.art.shared_libs += libicui18n.so namespace.system.link.art.shared_libs += libicuuc.so namespace.system.link.art.shared_libs += libnativebridge.so namespace.system.link.art.shared_libs += libnativehelper.so namespace.system.link.art.shared_libs += libnativeloader.so # TODO(b/122876336): Remove libpac.so once it's migrated to Webview namespace.system.link.art.shared_libs += libpac.so namespace.system.link.adbd.shared_libs = libadb_pairing_auth.so namespace.system.link.adbd.shared_libs += libadb_pairing_connection.so namespace.system.link.adbd.shared_libs += libadb_pairing_server.so # /system/lib/libc.so, etc are symlinks to # /apex/com.android.runtime/lib/bionic/libc.so, etc. Add the path to the # permitted paths because linker uses realpath(3) to check the accessibility # of the lib. We could add this to search.paths instead but that makes the # resolution of bionic libs be dependent on the order of /system/lib and # /apex/.../lib/bionic in search.paths. If the latter is after the former, # then the latter is never tried because libc.so is always found in # /system/lib but fails to pass the accessibility test because of its realpath. # It's better to not depend on the ordering if possible. namespace.system.permitted.paths = /apex/com.android.runtime/${LIB}/bionic namespace.system.asan.permitted.paths = /apex/com.android.runtime/${LIB}/bionic # Note that we don't need to link the art namespace with conscrypt: # the runtime Java code and binaries do not explicitly load native libraries # from it. ############################################################################### # "conscrypt" APEX namespace # # This namespace is for libraries within the conscrypt APEX. ############################################################################### # Keep in sync with the "conscrypt" namespace in system/core/rootdir/etc/ld.config*.txt. namespace.conscrypt.isolated = true namespace.conscrypt.visible = true namespace.conscrypt.search.paths = /apex/com.android.conscrypt/${LIB} namespace.conscrypt.asan.search.paths = /apex/com.android.conscrypt/${LIB} # TODO(b/144533348): to allow symlinks pointing the libs under /system/lib # Note that this however does not open all libs in the system partition to # the APEX namespaces, because searching of the libs are NOT done in # /system/lib, but in /apex//lib directory. namespace.conscrypt.permitted.paths = /system/${LIB} namespace.conscrypt.asan.permitted.paths = /system/${LIB} namespace.conscrypt.links = art,system namespace.conscrypt.link.art.shared_libs = libandroidio.so namespace.conscrypt.link.system.shared_libs = libc.so namespace.conscrypt.link.system.shared_libs += libm.so namespace.conscrypt.link.system.shared_libs += libdl.so namespace.conscrypt.link.system.shared_libs += liblog.so ############################################################################### # "neuralnetworks" APEX namespace # # This namespace is for libraries within the NNAPI APEX. ############################################################################### namespace.neuralnetworks.isolated = true namespace.neuralnetworks.visible = true namespace.neuralnetworks.search.paths = /apex/com.android.neuralnetworks/${LIB} namespace.neuralnetworks.asan.search.paths = /apex/com.android.neuralnetworks/${LIB} # TODO(b/144533348): to allow symlinks pointing the libs under /system/lib # Note that this however does not open all libs in the system partition to # the APEX namespaces, because searching of the libs are NOT done in # /system/lib, but in /apex//lib directory. namespace.neuralnetworks.permitted.paths = /system/${LIB} namespace.neuralnetworks.asan.permitted.paths = /system/${LIB} namespace.neuralnetworks.links = system namespace.neuralnetworks.link.system.shared_libs = libc.so namespace.neuralnetworks.link.system.shared_libs += libcgrouprc.so namespace.neuralnetworks.link.system.shared_libs += libdl.so namespace.neuralnetworks.link.system.shared_libs += liblog.so namespace.neuralnetworks.link.system.shared_libs += libm.so namespace.neuralnetworks.link.system.shared_libs += libnativewindow.so namespace.neuralnetworks.link.system.shared_libs += libneuralnetworks_packageinfo.so namespace.neuralnetworks.link.system.shared_libs += libsync.so namespace.neuralnetworks.link.system.shared_libs += libvndksupport.so ############################################################################### # "adbd" APEX namespace # # This namespace is for libraries within the adbd APEX. ############################################################################### namespace.adbd.isolated = true namespace.adbd.visible = true namespace.adbd.search.paths = /apex/com.android.adbd/${LIB} namespace.adbd.asan.search.paths = /apex/com.android.adbd/${LIB} namespace.adbd.links = system namespace.adbd.link.system.shared_libs = libc.so namespace.adbd.link.system.shared_libs += libm.so namespace.adbd.link.system.shared_libs += libdl.so namespace.adbd.link.system.shared_libs += liblog.so