Commit graph

189 commits

Author SHA1 Message Date
Haibo Huang
8a0f0ed5e7 Make memcpy memmove
Bug: http://b/63992911
Test: Change BoardConfig.mk and compile for each variant
Change-Id: Ia0cc68d8e90e3316ddb2e9ff1555a009b6a0c5be
2018-06-11 18:12:45 +00:00
Jeremy Compostella
611ad621c6 Revert "Add 64-bit slm optimized strlcpy and srlcat."
This reverts commit 2e7145c048.

When src is at the end page, the sse2 strlcpy SSE2 optimized version
can issue a movdqu instruction that can cross the page boundary.  If
the next page is not allocated to that process, it leads to
segmentation fault.  This is a rare but has be caught multiple times
during robustness testing.

We isolated a way to reproduce that issue outside of an Android device
and we have been able to resolve this particular case.  However, we
ran some additional compliance and robustness tests and found several
other similar page crossing issues with this implementation.

In conclusion, this optimization needs to be re-written from scratch
because its design is at cause.  In the meantime, it is better to
remove it.

Change-Id:  If90450de430ba9b7cd9282a422783beabd701f3d
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
2018-04-12 14:00:43 -07:00
Mark Salyzyn
79249b0897 bionic: add vdso clock_getres
clock_getres() should not be a hot call, nevertheless it is
~6-7 times faster for supported clock ids if it uses
__vdso_clock_getres if available.  There is a 3% performance
penalty for unsupported clock ids via __vdso_clock_getres with
respect to a direct syscall.

[TL;DR]

w/vdso32 kernel patches, locked cores to MAX, little cores only.

BEFORE:

hikey960 vdso (aarch64):

----------------------------------------------------------------------
Benchmark                               Time           CPU Iterations
----------------------------------------------------------------------
BM_time_clock_getres                  126 ns        126 ns    5577874
BM_time_clock_getres_syscall          127 ns        127 ns    5505016
BM_time_clock_getres_REALTIME         126 ns        126 ns    5574682
BM_time_clock_getres_BOOTTIME         126 ns        126 ns    5575237
BM_time_clock_getres_TAI              126 ns        126 ns    5576810
BM_time_clock_getres_unsupported      128 ns        128 ns    5480189

hikey960 vdso32 (aarch32):

----------------------------------------------------------------------
Benchmark                               Time           CPU Iterations
----------------------------------------------------------------------
BM_time_clock_getres                  199 ns        199 ns    3508708
BM_time_clock_getres_syscall          220 ns        220 ns    3184676
BM_time_clock_getres_REALTIME         199 ns        199 ns    3509697
BM_time_clock_getres_BOOTTIME         199 ns        199 ns    3513551
BM_time_clock_getres_TAI              200 ns        199 ns    3512412
BM_time_clock_getres_unsupported      196 ns        196 ns    3575609

x86_64 (glibc):

---------------------------------------------------------------------
Benchmark                              Time           CPU Iterations
---------------------------------------------------------------------
BM_time_clock_getres                 252 ns        252 ns    2370263
BM_time_clock_getres_syscall         215 ns        215 ns    3287497
BM_time_clock_getres_REALTIME        214 ns        214 ns    3294228
BM_time_clock_getres_BOOTTIME        213 ns        213 ns    3277519
BM_time_clock_getres_TAI             213 ns        213 ns    3294991
BM_time_clock_getres_unsupported     206 ns        206 ns    3450654

imx7d_pico IOT nyc (w/arm,cpu-registers-not-fw-configured) (armv7a):
(Virtual Timers)

Benchmark                           Time(ns)    CPU(ns) Iterations
------------------------------------------------------------------
BM_time_clock_getres                      16        345    2000000
BM_time_clock_getres_syscall              16        339    2121212
BM_time_clock_getres_REALTIME             17        350    2058824
BM_time_clock_getres_BOOTTIME             17        345    2000000
BM_time_clock_getres_TAI                  16        350    2000000
BM_time_clock_getres_unsupported          13        284    2500000

AFTER:

hikey960 vdso (aarch64):

---------------------------------------------------------------------
Benchmark                              Time           CPU Iterations
---------------------------------------------------------------------
BM_time_clock_getres                  18 ns         18 ns   37880389
BM_time_clock_getres_syscall         127 ns        127 ns    5520029
BM_time_clock_getres_REALTIME         18 ns         18 ns   37879962
BM_time_clock_getres_BOOTTIME         19 ns         18 ns   37878361
BM_time_clock_getres_TAI             131 ns        131 ns    5368484
BM_time_clock_getres_unsupported      97 ns         97 ns    7182864

hikey960 vdso32 (aarch32):

---------------------------------------------------------------------
Benchmark                              Time           CPU Iterations
---------------------------------------------------------------------
BM_time_clock_getres                  36 ns         36 ns   19205240
BM_time_clock_getres_syscall         212 ns        212 ns    3297100
BM_time_clock_getres_REALTIME         36 ns         36 ns   19219109
BM_time_clock_getres_BOOTTIME         36 ns         36 ns   19222490
BM_time_clock_getres_TAI             206 ns        206 ns    3402868
BM_time_clock_getres_unsupported     159 ns        159 ns    4409492

imx7d_pico IOT nyc (wo/arm,cpu-registers-not-fw-configured) (armv7a):
(Physical Timers)

Benchmark                           Time(ns)    CPU(ns) Iterations
------------------------------------------------------------------
BM_time_clock_getres                       2         48   14000000
BM_time_clock_getres_syscall              14        335    2058824
BM_time_clock_getres_REALTIME              2         49   14583333
BM_time_clock_getres_BOOTTIME              2         48   14000000
BM_time_clock_getres_TAI                  14        350    2058824
BM_time_clock_getres_unsupported           8        203    3500000

Test: taskset F \
        /data/benchmarktest{64}/bionic-benchmarks/bionic-benchmarks \
        --bionic_xml=vdso.xml --benchmark_filter=BM_time_clock_getres*
Bug: 63737556
Change-Id: I80c0a5106625d76720287f715fcf145d2aad1705
2017-12-07 09:41:48 -08:00
dimitry
fa432524a6 Mark __BIONIC_WEAK_FOR_NATIVE_BRIDGE symbols
To make it easier for Native Bridge implementations
to override these symbols.

Bug: http://b/67993967
Test: make
Change-Id: I4c53e53af494bca365dd2b3305ab0ccc2b23ba44
2017-10-27 10:01:46 +02:00
Elliott Hughes
d4ca231ae2 Unified sysroot: kill arch-specific include dirs.
<machine/asm.h> was internal use only.

<machine/fenv.h> is quite large, but can live in <bits/...>.

<machine/regdef.h> is trivially replaced by saying $x instead of x in
our assembler.

<machine/setjmp.h> is trivially inlined into <setjmp.h>.

<sgidefs.h> is unused.

Bug: N/A
Test: builds
Change-Id: Id05dbab43a2f9537486efb8f27a5ef167b055815
2017-10-12 13:19:51 -07:00
Elliott Hughes
8465e968a8 Add <sys/random.h>.
iOS 10 has <sys/random.h> with getentropy, glibc >= 2.25 has
<sys/random.h> with getentropy and getrandom. (glibc also pollutes
<unistd.h>, but that seems like a bad idea.)

Also, all supported devices now have kernels with the getrandom system
call.

We've had these available internally for a while, but it seems like the
time is ripe to expose them.

Bug: http://b/67014255
Test: ran tests
Change-Id: I76dde1e3a2d0bc82777eea437ac193f96964f138
2017-09-29 05:31:35 +00:00
Elliott Hughes
896362eb0e Add syncfs(2).
GMM calls this system call directly at the moment. That's silly.

Bug: http://b/36405699
Test: ran tests
Change-Id: I1e14c0e5ce0bc2aa888d884845ac30dc20f13cd5
2017-08-24 16:31:49 -07:00
Elliott Hughes
5109bb463d Make all the ELF relocation constants available.
BSD thinks you should only get the relocation constants for your target
architecture, but it's often useful to have them all available at once.
Rearrange the headers to enable that.

Also update the (modified) NetBSD files to CVS HEAD.

Also remove the unused BSDism R_TYPE.

Bug: N/A
Test: builds
Change-Id: Iad5ef29192a732696e2b36af35144a9ca116aa46
2017-04-19 13:28:32 -07:00
Elliott Hughes
901601b48e Remove unused elf_machdep.h cruft.
Also add a few missing include guards.

Bug: N/A
Test: builds
Change-Id: I9557303c81a4b11d430112528def038ecb5562a9
2017-04-17 16:25:09 -07:00
Elliott Hughes
beb8796624 Use ENTRY_PRIVATE in __bionic_clone assembler.
Bug: N/A
Test: bionic tests
Change-Id: Ic651d628be009487a36d0b2e5bcf900b981b1ef9
2016-10-26 17:01:58 -07:00
Colin Cross
7510c33b61 Remove deprecated Android.mk files
These directories all have Android.bp files that are always used now,
delete the Android.mk files.

Change-Id: Ib0ba2d28bff88483b505426ba61606da314e03ab
2016-05-26 16:41:57 -07:00
Elliott Hughes
eafad49bd6 Add <sys/quota.h>.
It turns out that at least the Nexus 9 kernel is built without CONFIG_QUOTA.
If we decide we're going to mandate quota functionality, I'm happy for us to
be a part of CTS that ensures that happens, but I don't want to be first, so
there's not much to test here other than "will it compile?". The strace
output looks right though.

Bug: http://b/27948821
Bug: http://b/27952303
Change-Id: If667195eee849ed17c8fa9110f6b02907fc8fc04
2016-04-06 11:06:09 -07:00
Elliott Hughes
7f72ad4d6c Add sync_file_range to <fcntl.h>.
Bug: http://b/27952303
Change-Id: Idadfacd657ed415abc11684b9471e4e24c2fbf05
2016-04-05 12:17:22 -07:00
Elliott Hughes
afe835d540 Move math headers in with the other headers.
Keeping them separate is a pain for the NDK, and doesn't help the platform.

Change-Id: I96b8beef307d4a956e9c0a899ad9315adc502582
2016-04-02 08:36:33 -07:00
Josh Gao
686e5f6f69 Add a checksum to jmp_buf on x86_64.
Bug: http://b/27856501
Bug: http://b/27417786
Change-Id: I541f5a7ce4972ef56b3f69e73927ca7df362609a
2016-03-29 17:28:32 -07:00
Josh Gao
c244fcb8a3 Delete lies from x86_64 setjmp implementation.
Previously, the implementation of setjmp on x86_64 claimed that
sigprocmask would write to two longs' worth of bytes.

Bug: http://b/27856501
Change-Id: I9f32b40ac773a0cd91a976aace5bfba6e67fb0f8
2016-03-29 17:28:32 -07:00
Greg Hackmann
e2faf07d65 Add {get,set}domainname(2)
{get,set}domainname aren't in POSIX but are widely-implemented
extensions.

The Linux kernel provides a setdomainname syscall but not a symmetric
getdomainname syscall, since it expects userspace to get the domain name
from uname(2).

Change-Id: I96726c242f4bb646c130b361688328b0b97269a0
Signed-off-by: Greg Hackmann <ghackmann@google.com>
2016-03-25 14:16:58 -07:00
Elliott Hughes
a80ddc8a34 Fix x86-64 __memset_chk.
I can only assume I was testing the 32-bit implementation when I claimed
this worked. While improving the 32-bit code I realized that I'd used
signed comparisons instead of unsigned, and came back to find that the
64-bit code didn't work.

By way of apology, make x86-64 the first architecture where __memset_chk
falls through to memset.

Change-Id: I54d9eee5349b6a2abb2ce81e161fdcde09556561
2016-03-03 16:46:25 -08:00
Elliott Hughes
ff9bda7201 Merge "Mandate optimized assembler for x86-64 __memset_chk." 2016-03-03 22:18:46 +00:00
Elliott Hughes
01d5b946ac Remove optimized code for bzero, which was removed from POSIX in 2008.
I'll come back for the last bcopy remnant...

Bug: http://b/26407170
Change-Id: Iabfeb95fc8a4b4b3992e3cc209ec5221040e7c26
2016-03-02 17:21:07 -08:00
Elliott Hughes
61c95fe52d Mandate optimized assembler for x86-64 __memset_chk.
Change-Id: I4d6b452f3cf850d405e8f5d7da01d432603e606b
2016-03-02 16:39:29 -08:00
Elliott Hughes
5f26c6bc91 Really add adjtimex(2), and add clock_adjtime(2) too.
Change-Id: I81fde2ec9fdf787bb19a784ad13df92d33a4f852
2016-02-03 13:19:10 -08:00
Greg Hackmann
3f3f6c526b Add adjtimex
Change-Id: Ia92d35b1851e73c9f157a749dba1e98f68309a8d
Signed-off-by: Greg Hackmann <ghackmann@google.com>
2016-01-28 13:41:22 -08:00
Elliott Hughes
42d949ff9d Defend against -fstack-protector in libc startup.
Exactly which functions get a stack protector is up to the compiler, so
let's separate the code that sets up the environment stack protection
requires and explicitly build it with -fno-stack-protector.

Bug: http://b/26276517
Change-Id: I8719e23ead1f1e81715c32c1335da868f68369b5
2016-01-06 20:06:08 -08:00
Daniel Micay
4200e260d2 fix the mremap signature
The mremap definition was incorrect (unsigned long instead of int) and
it was missing the optional new_address parameter.

Change-Id: Ib9d0675aaa098c21617cedc9b2b8cf267be3aec4
2015-11-06 13:14:43 -08:00
Dan Willemsen
268a673bd1 Switch to LOCAL_SRC_FILES_EXCLUDE
This moves the generic arm/arm64/x86 settings into the main makefiles
and makes the rest of them derivatives. This better aligns with how
soong handles arch/cpu variants.

Also updates the Android.bp to make it consistent with the make
versions.

Change-Id: I5a0275d992bc657459eb6fe1697ad2336731d122
2015-10-20 11:58:28 -07:00
Josh Gao
8dbf02d76a Add missing register preserve in x86/x86_64 longjmp.
Change-Id: I3fc442f819229640e9c0ec4f9c865d9bf0e70881
2015-10-07 14:01:45 -07:00
Josh Gao
2342e643d4 Implement setjmp cookies on x86_64.
Bug: http://b/23942752
Change-Id: Iea8d03de1dd9ca5a128c072c94b10de3a8056348
2015-09-17 14:51:44 -07:00
Elliott Hughes
6f4594d5dc Add preadv/pwritev.
Bug: http://b/12612572
Change-Id: I38ff2684d69bd0fe3f21b1d371b88fa60d5421cb
2015-08-26 14:48:55 -07:00
Jake Weinstein
2926f9a31e libc: remove bcopy from memmove on 64-bit architectures
* bcopy is deprecated on LP64 by the following commit:

  ce9ce28e5d

Change-Id: I6849916f0ec4a2d0db9a360999ad1dc8edda952b
2015-08-17 22:06:12 +00:00
Elliott Hughes
5891abdc66 Invalidate cached pid in vfork.
Bug: http://b/23008979
Change-Id: I1dd900ac988cdbe10aad3abc53240c5d352891d5
2015-08-07 19:44:12 -07:00
Elliott Hughes
b1304935b6 Hide accidentally-exposed __clock_nanosleep.
Bug: http://b/21858067
Change-Id: Iaa83a5e17cfff796aed4f641d0d14427614d9399
2015-06-15 19:39:04 -07:00
Elliott Hughes
be57a40d29 Add process_vm_readv and process_vm_writev.
Bug: http://b/21761353
Change-Id: Ic8ef3f241d62d2a4271fbc783c8af50257bac498
2015-06-10 17:24:20 -07:00
Nick Kralevich
e1d0810cd7 Add O_PATH support for flistxattr()
A continuation of commit 2825f10b7f.

Add O_PATH compatibility support for flistxattr(). This allows
a process to list out all the extended attributes associated with
O_PATH file descriptors.

Change-Id: Ie2285ac7ad2e4eac427ddba6c2d182d41b130f75
2015-06-06 11:25:41 -07:00
Nick Kralevich
2825f10b7f libc: Add O_PATH support for fgetxattr / fsetxattr
Support O_PATH file descriptors when handling fgetxattr and fsetxattr.
This avoids requiring file read access to pull extended attributes.

This is needed to support O_PATH file descriptors when calling
SELinux's fgetfilecon() call. In particular, this allows the querying
and setting of SELinux file context by using something like the following
code:

  int dirfd = open("/path/to/dir", O_DIRECTORY);
  int fd = openat(dirfd, "file", O_PATH | O_NOFOLLOW);
  char *context;
  fgetfilecon(fd, &context);

This change was motivated by a comment in
https://android-review.googlesource.com/#/c/152680/1/toys/posix/ls.c

Change-Id: Ic0cdf9f9dd0e35a63b44a4c4a08400020041eddf
2015-06-01 15:51:56 -07:00
Yabin Cui
40a8f214a5 Hide rt_sigqueueinfo.
Bug: 19358804
Change-Id: I38a53ad64c81d0eefdd1d24599e769fd8a477a56
2015-05-18 11:29:20 -07:00
Chih-Hung Hsieh
59bce688c7 Merge "Fix opcode to compile with both gcc and llvm." 2015-04-27 17:17:45 +00:00
Chih-Hung Hsieh
0a93df369c Fix opcode to compile with both gcc and llvm.
BUG: 17302991

Change-Id: I31febd9ad24312388068803ce247b295bd73b607
2015-04-23 21:40:31 +00:00
Elliott Hughes
3391a9ff13 Simplify close(2) EINTR handling.
This doesn't affect code like Chrome that correctly ignores EINTR on
close, makes code that tries TEMP_FAILURE_RETRY work (where before it might
have closed a different fd and appeared to succeed, or had a bogus EBADF),
and makes "goto fail" code work (instead of mistakenly assuming that EINTR
means that the close failed).

Who loses? Anyone actively trying to detect that they caught a signal while
in close(2). I don't think those people exist, and I think they have better
alternatives available.

Bug: https://code.google.com/p/chromium/issues/detail?id=269623
Bug: http://b/20501816
Change-Id: I11e2f66532fe5d1b0082b2433212e24bdda8219b
2015-04-23 08:41:45 -07:00
Christopher Ferris
24958514b9 Use ALIAS_SYMBOL for assembler aliasing.
Change-Id: I8d04d2da0a1ac440cc9044fc819c9a8eda5ff17d
2015-03-25 09:12:00 -07:00
Christopher Ferris
fa5faa0ce6 Make gensyscalls.py use the ALIAS_SYMBOL macro.
Change-Id: Ib94c0abb6fc85126ecc5ed3f1962b2b8b90b9952
2015-03-24 21:08:26 -07:00
Elliott Hughes
fa495d51b0 Hide statfs/fstatfs' ST_VALID flag from userspace.
Spotted while debugging the strace 4.10 upgrade.

Change-Id: I1af1be9c9440151f55f74a835e1df71529b0e4fe
2015-03-18 15:46:48 -07:00
Nick Kralevich
35778253a5 Fix "faccessat ignores flags"
The kernel system call faccessat() does not have any flags arguments,
so passing flags to the kernel is currently ignored.

Fix the kernel system call so that no flags argument is passed in.

Ensure that we don't support AT_SYMLINK_NOFOLLOW. This non-POSIX
(http://pubs.opengroup.org/onlinepubs/9699919799/functions/access.html)
flag is a glibc extension, and has non-intuitive, error prone behavior.

For example, consider the following code:

  symlink("foo.is.dangling", "foo");
  if (faccessat(AT_FDCWD, "foo", R_OK, AT_SYMLINK_NOFOLLOW) == 0) {
    int fd = openat(AT_FDCWD, "foo", O_RDONLY | O_NOFOLLOW);
  }

The faccessat() call in glibc will return true, but an attempt to
open the dangling symlink will end up failing. GLIBC documents this
as returning the access mode of the symlink itself, which will
always return true for any symlink on Linux.

Some further discussions of this are at:

  * http://lists.landley.net/pipermail/toybox-landley.net/2014-September/003617.html
  * http://permalink.gmane.org/gmane.linux.lib.musl.general/6952

AT_SYMLINK_NOFOLLOW seems broken by design. I suspect this is why this
function was never added to POSIX. (note that "access" is pretty much
broken by design too, since it introduces a race condition between
check and action). We shouldn't support this until it's clearly
documented by POSIX or we can have it produce intuitive results.

Don't support AT_EACCESS for now. Implementing it is complicated, and
pretty much useless on Android, since we don't have setuid binaries.
See http://git.musl-libc.org/cgit/musl/commit/?id=0a05eace163cee9b08571d2ff9d90f5e82d9c228
for how an implementation might look.

Bug: 18867827
Change-Id: I25b86c5020f3152ffa3ac3047f6c4152908d0e04
2015-02-24 13:40:43 -08:00
Elliott Hughes
41ef902379 Fix memchr overflow.
The overflow's actually in the generic C implementation of memchr.

While I'm here, let's switch our generic memrchr to the OpenBSD version too.

Bug: https://code.google.com/p/android/issues/detail?id=147048
Change-Id: I296ae06a1ee196d2c77c95a22f11ee4d658962da
2015-02-14 13:21:22 -08:00
Nick Kralevich
00490ae3f3 Ensure raw fchmod/fchmodat syscalls are hidden.
In https://android-review.googlesource.com/#/c/127908/5/libc/SYSCALLS.TXT@116
Elliott said:

  for LP64 these will be hidden. for LP32 we were cowards and left
  them all public for compatibility (though i don't think we ever
  dremeled to see whether it was needed). we don't have an easy
  way to recognize additions, though, so we can't prevent adding
  new turds.

Add a mechanism to prevent the adding of new turds, and use that
mechanism on the fchmod/fchmodat system calls.

Bug: 19233951
Change-Id: I98f98345970b631a379f348df57858f9fc3d57c0
2015-02-03 12:10:30 -08:00
Nick Kralevich
3cbc6c627f Add fchmodat(AT_SYMLINK_NOFOLLOW) and fchmod O_PATH support
Many libc functions have an option to not follow symbolic
links. This is useful to avoid security sensitive code
from inadvertantly following attacker supplied symlinks
and taking inappropriate action on files it shouldn't.
For example, open() has O_NOFOLLOW, chown() has
lchown(), stat() has lstat(), etc.

There is no such equivalent function for chmod(), such as lchmod().
To address this, POSIX introduced fchmodat(AT_SYMLINK_NOFOLLOW),
which is intended to provide a way to perform a chmod operation
which doesn't follow symlinks.

Currently, the Linux kernel doesn't implement AT_SYMLINK_NOFOLLOW.
In GLIBC, attempting to use the AT_SYMLINK_NOFOLLOW flag causes
fchmodat to return ENOTSUP. Details are in "man fchmodat".

Bionic currently differs from GLIBC in that AT_SYMLINK_NOFOLLOW
is silently ignored and treated as if the flag wasn't present.

This patch provides a userspace implementation of
AT_SYMLINK_NOFOLLOW for bionic. Using open(O_PATH | O_NOFOLLOW),
we can provide a way to atomically change the permissions on
files without worrying about race conditions.

As part of this change, we add support for fchmod on O_PATH
file descriptors, because it's relatively straight forward
and could be useful in the future.

The basic idea behind this implementation comes from
https://sourceware.org/bugzilla/show_bug.cgi?id=14578 , specifically
comment #10.

Change-Id: I1eba0cdb2c509d9193ceecf28f13118188a3cfa7
2015-02-02 13:17:17 -08:00
Yabin Cui
94926f8cfa Merge "support _POSIX_REALTIME_SIGNALS" 2014-12-09 20:10:19 +00:00
Yabin Cui
634816055f support _POSIX_REALTIME_SIGNALS
Bug: 18489947
Change-Id: I2e834d68bc10ca5fc7ebde047b517a3074179475
2014-12-08 21:52:43 -08:00
Elliott Hughes
56e017306e Simplify our endian.h implementation.
We can rely on the compiler's builtins. Tested on arm, arm64, mips, x86,
and x86-64.

Change-Id: I0f774ed7e85b3c791a3178d8ef17c6500e6a9ace
2014-12-08 20:35:08 -08:00
Elliott Hughes
1c0c0ede57 Fix signal mask save/restore for x86-64.
Bug: 16918359
Change-Id: I30bf61e7d5f1c21daa3a1a21d361e98d77220bf3
2014-12-08 12:46:15 -08:00