Restrict exported symbols from libnative{loader,bridge} lazy libs.

The shims in the lazy libs bypass the stubs and hence the vetted
exported APIs in the .map.txt files. To avoid inadvertently giving
external access to internal APIs that way, let's apply the .map.txt
files as version scripts to the lazy libs instead, so that any
functions added there just don't become available to external code
unless the .map.txt files get updated.

This hack doesn't work if the lazy libs are linked statically, so
restrict them to be shared libs (although ideally they should be static
instead to avoid the shared lib overheads).

Also drop the shims for the two functions added in
https://r.android.com/2689969 and https://r.android.com/3022103,
because they're only used internally in ART and don't go through the
shims.

Test: atest libnativebridge-tests art_libnativebridge_cts_tests \
            libnativebridge-lazy-tests libnativeloader_test \
            art_libnativeloader_cts_test libnativeloader_lazy_test
Bug: 124250621
Change-Id: I1e1eba3f656830f51b792ce672276f37b3f0d865

6 files changed, 18 insertions, 26 deletions

diff --git a/libnativebridge/Android.bp b/libnativebridge/Android.bp
index 6a66b45ab2..fc83a4e00b 100644
--- a/libnativebridge/Android.bp
+++ b/libnativebridge/Android.bp
@@ -76,7 +76,7 @@ art_cc_library {
 }
 
 // TODO(b/124250621): eliminate the need for this library
-cc_library {
+cc_library_shared {
     name: "libnativebridge_lazy",
     defaults: ["libnativebridge-defaults"],
     visibility: [
@@ -95,6 +95,11 @@ cc_library {
     srcs: ["native_bridge_lazy.cc"],
     runtime_libs: ["libnativebridge"],
     shared_libs: ["liblog"],
+
+    // Apply the libnativebridge stub symbol file to the exported symbols from
+    // this shim library, to ensure that any symbols exposed here are also
+    // available as an exported API.
+    version_script: "libnativebridge.map.txt",
 }
 
 subdirs = ["tests"]
diff --git a/libnativebridge/libnativebridge.map.txt b/libnativebridge/libnativebridge.map.txt
index 52d06eb60a..1c82d50f84 100644
--- a/libnativebridge/libnativebridge.map.txt
+++ b/libnativebridge/libnativebridge.map.txt
@@ -15,9 +15,7 @@
 #
 
 # Platform dependencies go through libnativebridge_lazy, which accesses
-# libnativebridge symbols through dlopen/dlsym. That means this list doesn't
-# have much effect, rather it's the function wrappers in native_bridge_lazy.cpp
-# that defines the exported interface. Please keep in sync with this list.
+# libnativebridge symbols through dlopen/dlsym and hence bypasses the stub.
 LIBNATIVEBRIDGE_1 {
   global:
     NativeBridgeGetError; # apex
diff --git a/libnativebridge/native_bridge_lazy.cc b/libnativebridge/native_bridge_lazy.cc
index 09eac02fd9..dd8a8068b4 100644
--- a/libnativebridge/native_bridge_lazy.cc
+++ b/libnativebridge/native_bridge_lazy.cc
@@ -69,20 +69,6 @@ void* NativeBridgeGetTrampoline(void* handle, const char* name, const char* shor
   return f(handle, name, shorty, len);
 }
 
-void* NativeBridgeGetTrampoline2(
-    void* handle, const char* name, const char* shorty, uint32_t len, JNICallType jni_call_type) {
-  static auto f = GET_FUNC_PTR(NativeBridgeGetTrampoline2);
-  return f(handle, name, shorty, len, jni_call_type);
-}
-
-void* NativeBridgeGetTrampolineForFunctionPointer(const void* method,
-                                                  const char* shorty,
-                                                  uint32_t len,
-                                                  JNICallType jni_call_type) {
-  static auto f = GET_FUNC_PTR(NativeBridgeGetTrampolineForFunctionPointer);
-  return f(method, shorty, len, jni_call_type);
-}
-
 const char* NativeBridgeGetError() {
   static auto f = GET_FUNC_PTR(NativeBridgeGetError);
   return f();
diff --git a/libnativebridge/tests/Android.bp b/libnativebridge/tests/Android.bp
index 8990cb59f9..100e79545a 100644
--- a/libnativebridge/tests/Android.bp
+++ b/libnativebridge/tests/Android.bp
@@ -197,8 +197,9 @@ cc_test {
     defaults: ["art_standalone_test_defaults"],
     static_libs: [
         "libbase",
-        "libnativebridge_lazy",
     ],
+    shared_libs: ["libnativebridge_lazy"],
+    data_libs: ["libnativebridge_lazy"],
     srcs: ["libnativebridge_api_test.cpp"],
     test_suites: [
         "general-tests",
diff --git a/libnativeloader/Android.bp b/libnativeloader/Android.bp
index ccd0ed2b9a..3718f1e3ed 100644
--- a/libnativeloader/Android.bp
+++ b/libnativeloader/Android.bp
@@ -93,7 +93,7 @@ art_cc_library {
 // inversion in places like in early boot where libnativeloader and/or
 // libnativebridge aren't available.
 // TODO(b/124250621) eliminate the need for this library
-cc_library {
+cc_library_shared {
     name: "libnativeloader_lazy",
     defaults: ["art_defaults"],
     visibility: [
@@ -112,6 +112,11 @@ cc_library {
     shared_libs: ["liblog"],
     header_libs: ["libnativeloader-headers"],
     export_header_lib_headers: ["libnativeloader-headers"],
+
+    // Apply the libnativeloader stub symbol file to the exported symbols from
+    // this shim library, to ensure that any symbols exposed here are also
+    // available as an exported API.
+    version_script: "libnativeloader.map.txt",
 }
 
 // native_loader_test.cpp mocks functions from libdl_android and
@@ -195,9 +200,8 @@ art_cc_test {
 art_cc_test {
     name: "libnativeloader_lazy_test",
     defaults: ["libnativeloader_api_test_defaults"],
-    static_libs: [
-        "libnativeloader_lazy",
-    ],
+    shared_libs: ["libnativeloader_lazy"],
+    data_libs: ["libnativeloader_lazy"],
     test_suites: [
         "general-tests",
         "mts-art",
diff --git a/libnativeloader/libnativeloader.map.txt b/libnativeloader/libnativeloader.map.txt
index 8c0fbddb4e..e88211541a 100644
--- a/libnativeloader/libnativeloader.map.txt
+++ b/libnativeloader/libnativeloader.map.txt
@@ -15,9 +15,7 @@
 #
 
 # Platform dependencies go through libnativeloader_lazy, which accesses
-# libnativeloader symbols through dlopen/dlsym. That means this list doesn't
-# have much effect, rather it's the function wrappers in native_loader_lazy.cpp
-# that defines the exported interface. Please keep in sync with this list.
+# libnativeloader symbols through dlopen/dlsym and hence bypasses the stub.
 LIBNATIVELOADER_1 {
   global:
     OpenNativeLibrary; # apex