Android: Add chrome-specific dynamic linker.

base/android/java/src/org/chromium/base/Linker.java

+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package org.chromium.base;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Random;
+import java.util.Set;
+
+import android.content.Context;
+import android.os.Bundle;
+import android.os.Parcel;
+import android.os.Parcelable;
+import android.os.ParcelFileDescriptor;
+import android.util.Log;
+
+/**
+ * This is support code for the custom dynamic linker used in Android
+ * to reduce RAM by sharing the RELRO section between the browser and
+ * renderer processes.
+ *
+ * To make this feature work, native shared libraries must be loaded
+ * at exactly the same addresses in all processes. This works as follows:
+ *
+ * The first process will:
+ *
+ * - Call Linker.initRelroSharing() before anything else.
+ *
+ * - Use Linker.loadLibrary() to load libraries. It acts exactly like
+ *   System.loadLibrary(), but also creates shared RELRO sections for
+ *   each library it loads.
+ *
+ * - Calls Linker.getBaseLoadAddress() and send it to any other process
+ *   that want to use the shared RELRO sections.
+ *
+ * - When all libraries are loaded, call Linker.getRelroBundle() and
+ *   send it to other processes as well. Note that the Bundle contains
+ *   file descriptors, hence it cannot be saved to disk, or put into
+ *   an Intent.
+ *
+ * Meanwhile, each other process will:
+ *
+ * - Receive the load address retrieved in the first one through
+ *   Linker.getBaseLoadAddress() and call Linker.setBaseLoadAddress()
+ *   with its value, before loading any library.
+ *
+ * - Call Linker.loadLibrary() to load libraries.
+ *
+ * - Receive the Bundle object from the first process, and apply it
+ *   locally with Linker.applyRelroBundle(). This will check the state
+ *   of all libraries, and automatically reuse the RELRO sections
+ *   of those that were loaded at the correct address.
+ *
+ * Once this is completed, the RELRO sections will be shared, reducing
+ * overall RAM usage in each non-first process.
+ */
+public class Linker {

[bulach, 2013/09/10 14:21:39]

so given the options:
  liblinker.so
  libbase_linker.so
  libcontent_linker.so
  libchromium_linker.so
  libchrome_linker.so

my personal vote would be then to liblinker.. :)
the others seem tied to some other module, and may lead to confusion..
and speaking of which: understood that this can't depend on base/ or STL, thanks
for clarifying!
so how about moving this _out_ of base entirely? :)
it's too tempting to be in base and not depend on it (together with logging,
JNI, etc..).

+
+    // Log tag for this class.
+    private static final String TAG = "crazy_linker";
+
+    // Set to true to enable debug logs.
+    private static final boolean DEBUG = true;
+
+    // Becomes true after linker initialization.
+    private static boolean sInitialized = false;
+
+    // Set to true to when shared RELRO creation is enabled in this process.
+    private static boolean sRelroSharingEnabled = false;
+
+    // Current base load address.
+    private static long sBaseLoadAddress = 0;
+
+    // Current load address for the next library called by loadLibrary().
+    private static long sCurrentLoadAddress = 0;
+
+    private static Object sLock = new Object();
+
+    /**
+     * Call this method once to enable shared RELRO creation in the
+     * initial process. This ensures that all libraries loaded through
+     * loadLibrary() will have a shared RELRO created for them.
+     */
+    public static void initRelroSharing() {
+        synchronized (sLock) {
+            // If the base load address is not initialized, choose a random base address. This
+            // should only happen on the first process. Other processes should set the base load
+            // address to the same one as the first process before trying to load any library.
+            if (getBaseLoadAddress() == 0) {
+                if (DEBUG) Log.i(TAG, "Initializing Relro sharing.");
+                Linker.randomizeBaseLoadAddress();
+                Linker.enableRelroSharing();
+            }
+        }
+    }
+
+    /**
+     * Compute a random base load address under 0x4000_0000 that will be
+     * used to load libraries with shared RELROs.
+     */
+    private static void randomizeBaseLoadAddress() {
+
+        if (DEBUG)
+            Log.i(TAG, "Linker.randomizeBaseLoadAddress() called");
+
+        // Ensure offset is between 0 and 64 MB exclusive.
+        Random r = new Random();
+
+        // The kernel ASLR feature will place randomized mappings starting
+        // from this address. Never try to load anything above this
+        // explicitely to avoid random conflicts.
+        final long baseAddressLimit = 0x40000000;
+
+        // Start loading libraries from this base address.
+        final long baseAddress = 0x20000000;
+
+        // Maximum randomized base address value. Used to ensure a margin
+        // of 192 MB below baseAddressLimit.
+        final long baseAddressMax = baseAddressLimit - 192 * 1024 * 1024;
+
+        // There is no way to get this from Java APIs, and it's not
+        // possible to call JNI here since no shared library has been
+        // loaded yet. All current Android platforms have a 4 KB page
+        // size at the moment. Correct this in the future when this is
+        // no longer true.
+        final long pageSize = 4096;
+
+        // Get a proper random page-aligned offset.
+        final int offset = r.nextInt((int)((baseAddressMax - baseAddress) / pageSize));
+        setBaseLoadAddress(baseAddress + offset * pageSize);
+    }
+
+    /**
+     * Enable shared RELRO sections in this process. Any library loaded
+     * through loadLibrary() will have a shared RELRO created by the
+     * linker. This also applies to libraries loaded before this call.
+     */
+    private static void enableRelroSharing() {
+        if (DEBUG) Log.i(TAG, "Linker.enableRelroSharing() called");
+
+        synchronized (sLock) {
+            if (!sRelroSharingEnabled) {
+                if (sLoadedLibraries != null) {
+                    // If some libraries were already loaded, enable RELRO
+                    // sharing for them too.
+                    for (Map.Entry<String, LibInfo> entry : sLoadedLibraries.entrySet()) {
+                        String libName = entry.getKey();
+                        LibInfo libInfo = entry.getValue();
+                        if (!nativeEnableSharedRelro(libName, libInfo))
+                            Log.w(TAG, "Could not enable RELRO sharing for " + libName);
+                    }
+                }
+                sRelroSharingEnabled = true;
+            }
+        }
+    }
+
+    /**
+     * Retrieve the base library load address. If initRelroSharing() or
+     * or setBaseLoadAddress() was called, this retrieves the corresponding
+     * base load address. Otherwise, 0. Typically called in the initial
+     * process to pass it to the other ones.
+     * @return The current base load address.
+     */
+    public static long getBaseLoadAddress() {
+        if (DEBUG) Log.i(TAG, "Linker.getBaseLoadAddress() called => " + sBaseLoadAddress);
+
+        synchronized (sLock) {
+            return sBaseLoadAddress;
+        }
+    }
+
+    /**
+     * Set the base library load address. This is call to enforce a base
+     * load address, typically in non-initial processes. This must be called
+     * before loading any library with loadLibrary().
+     * @param baseLoadAddress The new base load address.
+     */
+    public static void setBaseLoadAddress(long baseLoadAddress) {
+        if (DEBUG) Log.i(TAG, "Linker.setBaseLoadAddress(" + baseLoadAddress + ") called");
+
+        synchronized (sLock) {
+            sBaseLoadAddress = baseLoadAddress;
+            sCurrentLoadAddress = baseLoadAddress;
+        }
+    }
+
+    /**
+     * Call this method to retrieve a Bundle containing RELRO sharing
+     * information about the libraries currently loaded in this process.
+     * Should be used in the initial process only.
+     *
+     * @return null if initRelroSharing() was not called, or no libraries
+     * were loaded. Otherwise a new Bundle that must be passed to any
+     * other process, which in turn should call applyRelroBundle() with
+     * it. Note that the Bundle contains file descriptors and thus cannot
+     * be written to disk or added to an Intent.
+     */
+    public static Bundle getRelroBundle() {
+        if (DEBUG) Log.i(TAG, "Linker.getRelroBundle() called");
+
+        synchronized (sLock) {
+
+            if (!sRelroSharingEnabled || sLoadedLibraries == null) {
+                if (DEBUG) Log.i(TAG, "Nothing to share!?");
+                return null;
+            }
+
+            Bundle bundle = sLoadedLibraries.toBundle();
+            if (DEBUG) Log.i(TAG, "Bundle has " + bundle.size() + " items.");
+            return bundle;
+        }
+    }
+
+    /**
+     * Apply a Bundle generated by getRelroBundle() to the libraries
+     * loaded in this process. Should be used in non-initial processes only.
+     * @param bundle A Bundle reference. Can be null.
+     */
+    public static void applyRelroBundle(Bundle bundle) {
+        if (DEBUG) Log.i(TAG, "Linker.applyRelroBundle() called");
+
+        synchronized (sLock) {
+            if (bundle == null) {
+                if (DEBUG) Log.i(TAG, "null Bundle!?");
+                return;
+            }
+
+            sRelroLibraries = new LibInfoMap(bundle);
+            if (DEBUG) {
+                Log.i(TAG, "Bundle has " + sRelroLibraries.size() + " items");
+                for (Map.Entry<String, LibInfo> entry : sRelroLibraries.entrySet()) {
+                    String libName = entry.getKey();
+                    LibInfo libInfo = entry.getValue();
+                    Log.i(TAG, "  library " + libName + ": " + libInfo.toString());
+                }
+            }
+
+            if (sLoadedLibraries != null) {
+              // Apply the RELRO section to all libraries that were already
+              // loaded, if any.
+              for (Map.Entry<String, LibInfo> entry : sRelroLibraries.entrySet()) {
+                  String libName = entry.getKey();
+                  LibInfo libInfo = entry.getValue();
+
+                  if (sLoadedLibraries.get(libName) != null) {
+                      sLoadedLibraries.put(libName, libInfo);
+                      if (!nativeUseSharedRelro(libName, libInfo))
+                          Log.w(TAG, "Could not use shared RELRO section for " + libName);
+                  }
+              }
+            }
+
+            if (DEBUG) Log.i(TAG, "Linker.applyRelroBundle() exiting");
+        }
+    }
+
+    /**
+     * Load a native shared library with the Chromium linker.
+     * If neither initSharedRelro() or readFromBundle() were called
+     * previously, this uses the standard linker (i.e. System.loadLibrary()).
+     *
+     * @param library The library's base name.
+     * @throws UnsatisfiedLinkError if the library does not exist.
+     */
+    public static void loadLibrary(String library) {
+        if (DEBUG) Log.i(TAG, "loadLibrary: " + library);
+
+        synchronized (sLock) {
+            // Don't self-load the linker. This is because the build system is
+            // not clever enough to understand that all the libraries packaged
+            // in the final .apk don't need to be explicitely loaded.
+            if (library.startsWith("crazy_linker")) {
+                if (DEBUG) Log.i(TAG, "ignoring self-linker load");
+                return;
+            }
+
+            if (!sInitialized) {
+                initRelroSharing();
+
+                if (DEBUG) Log.i(TAG, "Loading libcrazy_linker.so");
+                try {
+                    System.loadLibrary("crazy_linker");
+                } catch (UnsatisfiedLinkError  e) {
+                    // In a component build, the library name is crazy_linker.cr
+                    System.loadLibrary("crazy_linker.cr");
+                }
+                sInitialized = true;
+            }
+
+            String libName = System.mapLibraryName(library);
+
+            if (sLoadedLibraries == null)
+              sLoadedLibraries = new LibInfoMap();
+
+            if (sLoadedLibraries.containsKey(libName)) {
+                if (DEBUG) Log.i(TAG, "Not loading " + libName + " twice");
+                return;
+            }
+
+            LibInfo libInfo = new LibInfo();
+            LibInfo relroLibInfo = null;
+            long loadAddress = sCurrentLoadAddress;
+
+            if (sRelroLibraries != null) {
+                relroLibInfo = sRelroLibraries.get(libName);
+                if (relroLibInfo != null) {
+                    loadAddress = relroLibInfo.mLoadAddress;
+                    if (DEBUG) Log.i(TAG, "Loading library " + libName + " at " + loadAddress);
+                }
+            }
+
+            if (!nativeLoadLibrary(libName, loadAddress, libInfo)) {
+                Log.e(TAG, "Unable to load library: " + libName);
+                throw new UnsatisfiedLinkError("Unable to load library: " + libName);
+            }
+            // Ensure next library will be loaded at an appropriate address.
+            sCurrentLoadAddress = libInfo.mLoadAddress + libInfo.mLoadSize;
+
+            if (sRelroSharingEnabled) {
+                if (!nativeEnableSharedRelro(libName, libInfo))
+                    Log.w(TAG, "Could not enable RELRO sharing for " + libName);
+            } else if (relroLibInfo != null) {
+                if (!nativeUseSharedRelro(libName, relroLibInfo))
+                    Log.w(TAG, "Could not use RELRO sharing for " + libName);
+                else {
+                    // Replace libInfo with relroLibInfo since it contains
+                    // actual RELRO information.
+                    libInfo = relroLibInfo;
+                }
+            }
+
+            sLoadedLibraries.put(libName, libInfo);
+            if (DEBUG) Log.i(TAG, "Library details " + libInfo.toString());
+        }
+    }
+
+    /**
+     * Native method used to load a library.
+     * @param library Platform specific library name (e.g. libfoo.so)
+     * @param loadAddress Explicit load address, or 0 for randomized one.
+     * @param relro_info If not null, this LibInfo instance will be populated
+     * with the library's information.
+     */
+    private static native boolean nativeLoadLibrary(String library,
+                                                    long  loadAddress,
+                                                    LibInfo libInfo);
+
+    /**
+     * Native method used to enable RELRO section sharing. To be called
+     * in the browser process only.
+     * @param library Library name.
+     * @param libInfo LibInfo instance populated on success.
+     * @return true on success.
+     */
+    private static native boolean nativeEnableSharedRelro(String library,
+                                                          LibInfo libInfo);
+
+    /**
+     * Native method used to use RELRO section sharing. To be called
+     * in service processes only.
+     * @param library Library name.
+     * @param libInfo A LibInfo instance containing valid RELRO information
+     * @return true on success.
+     */
+    private static native boolean nativeUseSharedRelro(String library,
+                                                       LibInfo libInfo);
+
+    /**
+     * Record information for a given library.
+     * IMPORTANT: Native code knows anout this class's fields, so
+     * don't change them without modifying base/android/linker/crazy_linker.cpp too.
+     */
+    public static class LibInfo implements Parcelable {
+
+        public LibInfo() {
+            mLoadAddress = 0;
+            mLoadSize = 0;
+            mRelroStart = 0;
+            mRelroSize = 0;
+            mRelroFd = -1;
+        }
+
+        // from Parcelable
+        public LibInfo(Parcel in) {
+            mLoadAddress = in.readLong();
+            mLoadSize = in.readLong();
+            mRelroStart = in.readLong();
+            mRelroSize = in.readLong();
+            mRelroFd = in.readFileDescriptor().detachFd();
+        }
+
+        // from Parcelable
+        @Override
+        public void writeToParcel(Parcel out, int flags) {
+            if (mRelroFd >= 0) {
+                out.writeLong(mLoadAddress);
+                out.writeLong(mLoadSize);
+                out.writeLong(mRelroStart);
+                out.writeLong(mRelroSize);
+                ParcelFileDescriptor fd = ParcelFileDescriptor.adoptFd(mRelroFd);
+                fd.writeToParcel(out, 0);
+                fd.detachFd();
+            }
+        }
+
+        // from Parcelable
+        @Override
+        public int describeContents() {
+            return Parcelable.CONTENTS_FILE_DESCRIPTOR;
+        }
+
+        // from Parcelable
+        public static final Parcelable.Creator<LibInfo> CREATOR
+                = new Parcelable.Creator<LibInfo>() {
+            public LibInfo createFromParcel(Parcel in) {
+                return new LibInfo(in);
+            }
+
+            public LibInfo[] newArray(int size) {
+                return new LibInfo[size];
+            }
+        };
+
+        public String toString() {
+            return String.format("[load=%x-%x relro=%x-%x fd=%d]",
+                                 mLoadAddress,
+                                 mLoadAddress + mLoadSize,
+                                 mRelroStart,
+                                 mRelroStart + mRelroSize,
+                                 mRelroFd);
+        }
+
+        public long mLoadAddress; // page-aligned load address.

[bulach, 2013/09/10 14:21:39]

perhaps just to be safe, repeat the comment here:

// Don't change these fields without modifying
base/android/linker/crazy_linker.cpp too.

[digit1, 2013/09/10 16:40:28]

Done.

+        public long mLoadSize;    // page-aligned load size.
+        public long mRelroStart;  // page-aligned address in memory, or 0 if none.
+        public long mRelroSize;   // page-aligned size in memory, or 0.
+        public int  mRelroFd;     // ashmem file descriptor, or -1
+    }
+
+    /**
+     * A class that maps library names to LibInfo objects, with support
+     * for reading and writing from/to Bundles.
+     */
+    private static class LibInfoMap extends HashMap<String, LibInfo> {

[bulach, 2013/09/10 14:21:39]

given the limits on number of classes, could this be made as free-functions?

private static Bundle createBundleFromLibInfoMap(HashMap<String, LibInfo>
libInfoMap) {
  ...
}

private static HashMap<String, LibInfo> createLibInfoMapfromBundle(Bundle) {
  ...
}

[digit1, 2013/09/10 16:40:28]

I see, I've removed the LibInfoMap class.

+        public LibInfoMap() {
+            super();
+        }
+
+        // Serialize into a Bundle that can be passed to a different
+        // process through Binder. Note that this includes file descriptors,
+        // this it can't be serialized to disk or added to an Intent.
+        public Bundle toBundle() {
+            Bundle bundle = new Bundle(size());
+            for (Map.Entry<String, LibInfo> entry : entrySet())
+                bundle.putParcelable(entry.getKey(), entry.getValue());
+
+            return bundle;
+        }
+
+        // Initialized from a Bundle like the one generated from toBundle().
+        // @param bundle Input bundle.
+        public LibInfoMap(Bundle bundle) {
+            super();
+
+            // Ensure the bundle uses the application's class loader,
+            // not the framework one which doesn't know anything about
+            // LibInfo.
+            bundle.setClassLoader(getClass().getClassLoader());
+
+            for (String library : bundle.keySet()) {
+              LibInfo libInfo = bundle.getParcelable(library);
+              put(library, libInfo);
+            }
+        }
+    }
+
+    // The list of libraries that are currently loaded in this process.
+    private static LibInfoMap sLoadedLibraries = null;
+
+    // The list of libraries that can share their RELRO section.
+    private static LibInfoMap sRelroLibraries = null;
+}