__libc_preinit sets up the stack protector global cookie value, and thus
cannot intialize a stack protector cookie for itself in the function
prologue. LTO compilation can inline functions requiring a stack
protector into __libc_preinit. This patch disables stack protection for
__libc_preinit and forces all potentially inlined functions into a
helper that can have a stack protector.
Test: run bionic-unit-tests
Change-Id: I45911611190f216c91eb6feff722967214c5f99f
Callers are supposed to #include <scsi/sg.h> but if we tell soong to add
bionic/libc/kernel/android/ to the include path, the uapi headers in there
would be (unintentionally) accessible as either <linux/name.h> or
<uapi/linux/name.h>.
Bug: N/A (hit while upgrading strace to 4.17)
Test: builds
Change-Id: I8d47dd51da688c38f747a255d401dfb2c209c805
Using __builtin_frame_address was clever, but didn't work for arm64 (for
reasons which were never investigated) and the ChromeOS folks claim it
causes trouble for x86 with ARC++ (though without a reproduceable test case).
Naked functions turn out to be quite unevenly supported: some architectures
do the right thing, others don't; some architectures warn, others don't (and
the warnings don't always match the platforms that _actually_ have problems).
Inline assembler also removes the guessing games: everyone knows what the
couple of instructions _ought_ to be, and now we don't have to reason about
what the compiler will actually do (yet still keep the majority of the code
in C).
Bug: N/A
Test: builds, boots
Change-Id: I14207ef50ca46b6eca273c3cb7509c311146a3ca
Bug: 37647380
Test: Built target with cortex-a73 for both 32 bit/64 bit.
Test: Built target with cortex-a53.cortex-a57 for both 32 bit/64 bit.
Test: Ran bionic unit tests, ran art target tests.
(cherry picked from commit 6fca047b53)
Change-Id: I2c48e1bc7f4a3c4548d1c66f87eab19c8618a0b8
This library is used by a number of different libraries in the system.
Make it easy for platform libraries to use this library and create
an actual exported include file.
Change the names of the functions to reflect the new name of the library.
Run clang_format on the async_safe_log.cpp file since the formatting is
all over the place.
Bug: 31919199
Test: Compiled for angler/bullhead, and booted.
Test: Ran bionic unit tests.
Test: Ran the malloc debug tests.
Change-Id: I8071bf690c17b0ea3bc8dc5749cdd5b6ad58478a
We have some non-upstream (but Android common kernel) scsi headers to include
in the NDK.
Bug: N/A
Test: checked out/soong/ndk/sysroot
Change-Id: If7611e1e554ada63f266ec99d95dfedb99562ae9
This will build separate copies of the CRT for vendor vs system when
BOARD_VNDK_VERSION is set. We'll be able to change crtbrand / etc as
needed with #ifdef __ANDROID_VNDK__ and similar.
Bug: 36426473
Bug: 36079834
Test: Put #ifdef __ANDROID_VNDK__ into crtbrand.S, see changes
Change-Id: I7db0cccfe94d144f072e7cef23832884f3c066f0
Since localtime.c is C, this entails pulling our code out into its own
C++ file, which we should probably have done years ago anyway.
Bug: N/A
Test: ran tests, and manually tested via Settings
Change-Id: Ifc787a553e8f739a87641a2d35321aca40a47286
Soong handles these automatically now.
Bug: 33241851
Test: Android-aosp_arm.mk is the same before/after
Test: build.ninja is the same before/after
Test: build-aosp_arm.ninja is the same before/after
Merged-In: Ibfe4cf5db732d9007b1cc12dbc523c427de1b23d
Change-Id: Ibfe4cf5db732d9007b1cc12dbc523c427de1b23d
The stub libraries are the same as the (equivalent version) NDK, but
they also contain symbols tagged with 'vndk'. Except there are none of
those in Bionic currently.
For headers, the LLNDK/VNDK isn't using a sysroot like the NDK. Nor is
it hardcoding an explicit source path list like the platform. Instead it
runs the bionic/libc/include directory through versioner like the NDK,
then exports those generated headers and the kernel headers from the
stub library like any other exported header. Except it uses -isystem
instead of -I due to export_headers_as_system.
Test: aosp_arm; m -j
Test: Enable BOARD_VNDK_VERSION on aosp_arm; m -j
Test: Inspect out/soong/build.ninja before/after (w/o vndk)
Change-Id: Ief58a73907a83053b408b1d4b62999cba470d61c
libc_logging is getting statically linked into the crash handler
library, resulting in two copies of the abort message code existing in
processes, one in the linker, and one in the crash handler.
Move android_set_abort_message to its own file to solve this.
Bug: http://b/36862204
Test: /data/nativetest/debuggerd_test/debuggerd_test32
Change-Id: Ie198c5a3bb07645aa43296915c9a6752693f14a9
Currently, using kryo is the same as using krait, but there are specialized
routines that are pending that will be used after this commit.
Bug: 36728278
Test: Built and booted a sailfish using kryo.
Change-Id: Id7510640673c31f7536367041212db6d96a564f0
Test: Used bionic tests available under bionic/tests folder.
Tested for mips32r1/mips32r2/mips64r6 on emulators.
Change-Id: I589415ddc496df3f6067ae34cb33ca58b3a1f276
Signed-off-by: Prashant Patil <prashant.patil@imgtec.com>
This is a way to avoid loading multiple libc.so
when non-default namespace search path includes
/system/lib. This is used by some art tests.
Bug: http://b/26833548
Test: m -j32 test-art-target-run-test-004-JniTest
Change-Id: I919d3a0560bd3c9ac19df21a235641a667f0f017
This change removes the kuser_helper note from building automatically
with any binary but leaves the note.
Also fixes a typo in the note.
Original patch adding the note:
Ib8366e2a0810092b71381d57dee4bdaa56369a24
Bug: 34815073
Test: Manual - Note is no longer added to binaries
Change-Id: Ieb81f9d9127d1f8a522434a31c696d743238e2a5
No-one is directly upgrading from pre-K to O...
Also move more implementation details out of the header file.
Bug: http://b/33926793
Test: boots
Change-Id: I7a0936acbb1cea8a3b2cd6797ec53ba7e4a050f3
A kernel change is going in for 64bit arm to disable kuser_helper vector
pages for 32bit processes. This change adds a special elf note to
all arm32 binaries built with bionic. This note tells the kernel to
load the kuser_helper vector page for the process.
Bug: 33689037
Test: Manual - Phone boots, 32bit binaries have the notes, 64bit
binaries do not.
Change-Id: Ib8366e2a0810092b71381d57dee4bdaa56369a24
android_filesystem_config.h comes from a directory outside bionic/libc
so it can't be referenced directly, add it as a source file through
a filegroup module.
Bug: 34283327
Test: builds
Test: libc rebuilds after touch system/core/include/private/android_filesystem_config.h
Change-Id: I90f6b7b25b70842b8619d558074449f13e6e6b03
Another release, another attempt to fix this bug.
This change affects pthread_detach, pthread_getcpuclockid,
pthread_getschedparam/pthread_setschedparam, pthread_join, and pthread_kill:
instead of returning ESRCH when passed an invalid pthread_t, they'll now SEGV.
Note that this doesn't change behavior as much as you might think: the old
lookup only held the global thread list lock for the duration of the lookup,
so there was still a race between that and the dereference in the caller,
given that callers actually need the tid to pass to some syscall or other,
and sometimes update fields in the pthread_internal_t struct too.
We can't check thread->tid against 0 to see whether a pthread_t is still
valid because a dead thread gets its thread struct unmapped along with its
stack, so the dereference isn't safe.
Taking the affected functions one by one:
* pthread_getcpuclockid and pthread_getschedparam/pthread_setschedparam
should be fine. Unsafe calls to those seem highly unlikely.
* Unsafe pthread_detach callers probably want to switch to
pthread_attr_setdetachstate instead, or using pthread_detach(pthread_self())
from the new thread's start routine rather than doing the detach in the
parent.
* pthread_join calls should be safe anyway, because a joinable thread won't
actually exit and unmap until it's joined. If you're joining an
unjoinable thread, the fix is to stop marking it detached. If you're
joining an already-joined thread, you need to rethink your design.
* Unsafe pthread_kill calls aren't portably fixable. (And are obviously
inherently non-portable as-is.) The best alternative on Android is to
use pthread_gettid_np at some point that you know the thread to be alive,
and then call kill/tgkill directly. That's still not completely safe
because if you're too late, the tid may have been reused, but then your
code is inherently unsafe anyway.
If we find too much code is still broken, we can come back and disable
the global thread list lookups for anything targeting >= O and then have
another go at really removing this in P...
Bug: http://b/19636317
Test: N6P boots, bionic tests pass
Change-Id: Ia92641212f509344b99ee2a9bfab5383147fcba6
This is to prevent situations when libgcc.a calls into incorrect
implementation of dl_iterate_phdr.
Bug: http://b/27106625
Test: build && run bionic-unit-tests --getst_filter=dl*:Dl*
Change-Id: I4cba8c4a156f91f17ba3d95c39cb80f9b70c9d8f
Generate the android_ids array and include into the
build.
Test: The bionic is built and that core AIDs work as
expected with commands like chown, mkdir and init services
and builtins.
Bug: 27999086
Change-Id: Ib575bf85326c91801c5674db475dcb9cf44c00dc
Signed-off-by: William Roberts <william.c.roberts@intel.com>
Some PoS internal system can't cope with more than 4 stack frames,
so the fact that our abort(3) implementation takes 4 frames by itself
makes it useless.
Re-reading POSIX, it only says "behaves as if", so the previous
implementation chain wasn't mandatory and we can just go straight to
calling tgkill...
Before:
#00 pc 0000000000069be4 /system/lib64/libc.so (tgkill+8)
#01 pc 0000000000066d50 /system/lib64/libc.so (pthread_kill+64)
#02 pc 0000000000028110 /system/lib64/libc.so (raise+24)
#03 pc 000000000001d4ec /system/lib64/libc.so (abort+52)
After:
#00 pc 0000000000069bc8 /system/lib64/libc.so (tgkill+8)
#01 pc 000000000001d4c8 /system/lib64/libc.so (abort+80)
#02 pc 0000000000001494 /system/xbin/crasher64 (_ZL9do_actionPKc+872)
#03 pc 00000000000010e0 /system/xbin/crasher64 (main+88)
This is less useful on 32-bit ARM because there there's an extra trampoline
from an assembler abort(3) implementation, so you'll still only get one
meaningful stack frame. But every other architecture will now get two!
But wait!
It turns out that the assembler hack isn't needed any more. Here we are
unwinding just fine all the way through the 32-bit ARM crasher:
Before (with direct call to tgkill but still using the assembler):
#00 pc 00049e7c /system/lib/libc.so (tgkill+12)
#01 pc 00019c6f /system/lib/libc.so (__libc_android_abort+50)
#02 pc 000181f8 /system/lib/libc.so (abort+4)
#03 pc 00001025 /system/xbin/crasher (_ZL9do_actionPKc+656)
#04 pc 00017721 /system/lib/libc.so (__libc_init+48)
#05 pc 00000b38 /system/xbin/crasher (_start+96)
After:
#00 pc 00049e6c /system/lib/libc.so (tgkill+12)
#01 pc 00019c5f /system/lib/libc.so (abort+50)
#02 pc 00001025 /system/xbin/crasher (_ZL9do_actionPKc+656)
#03 pc 00017721 /system/lib/libc.so (__libc_init+48)
#04 pc 00000b38 /system/xbin/crasher (_start+96)
(As you can see, the fact that we see __libc_init rather than main was true
with the assembler stub too, so that's not a regression even if it does seem
odd...)
Bug: N/A
Test: ran crasher64
Change-Id: I9dd5b214c495604c8b502c7ec0de3631080d8c29
Disables debuggerd integration unless building for android.
Bug: 31559095
Test: Diff out/soong/build.ninja before/after, only change is moving
linker's libdebuggerd_client static lib to the beginning of the
list.
Test: lunch aosp_arm64-eng; mmma -j bionic
Change-Id: I62e725f7a9b98b7fe31637d0a835fd5846b0aff0
Pretty useless, because the POSIX APIs are useless for actually
internationalization, but it lets us put this to bed for good.
Bug: http://b/18492914
Test: bionic tests
Change-Id: I4dd0aff66c44b5547039be3ffea806c865b9014a