Commit graph

9656 commits

Author SHA1 Message Date
Josh Gao
592b5f52fd Merge "fdsan: make fatal by default." 2019-08-07 19:53:40 +00:00
Josh Gao
66b5e3ca19 fdsan: make fatal by default.
Make fdsan fatal by default on native processes, and Java processes that
target R or later.

Bug: http://b/137788030
Test: manual
Change-Id: I5900efc606fc0d47b69223574ad7dca89afe4eda
2019-08-07 19:53:14 +00:00
Elliott Hughes
da32ff104b Merge "Add memfd_create(2) and mlock2(2)." 2019-08-06 17:08:13 +00:00
Christopher Ferris
5d3ba4ed9d Merge "Update to kernel headers v5.2.6." 2019-08-06 04:30:52 +00:00
Peter Collingbourne
6533208aaa linker: Add library load and unload hooks for HWASan.
These hooks notify the HWASan runtime library whenever a library is loaded
or unloaded so that it can update its shadow memory.

Bug: 138159093
Test: walleye_hwasan-userdebug boots with+without https://reviews.llvm.org/D65770
Change-Id: I6caf2a6540ed2c0d94db444e806a3c7ba504cabb
2019-08-05 16:51:01 -07:00
Elliott Hughes
3d24d2b088 Add memfd_create(2) and mlock2(2).
These are old enough now that the latest devices will have kernels that
support them.

Also add basic doc comments to <sys/mman.h>.

Test: treehugger
Change-Id: I1b5ff5db0b6270f5c374287cac1d6a751a0259f5
2019-08-05 16:31:08 -07:00
Christopher Ferris
fa59a10bcd Update to kernel headers v5.2.6.
Also, fix a bug in update_all.py when the syscalls file does not change.

Test: Builds and boots on a taimen.
Change-Id: If85b00daef2c176f804a0861894f5bbca9c6d5df
2019-08-05 12:59:58 -07:00
Elliott Hughes
9a5bdd6d45 Update seccomp whitelist.
renameat2 is now exposed, my comment about timerfd was nonsense, and
it's worth documenting when and where the various syscalls appeared.

Bug: http://b/127675384
Test: treehugger
Change-Id: I84662398d39678df3ee7ce39add670337ff8abea
2019-08-05 08:56:40 -07:00
Elliott Hughes
fd56f55419 Merge "Add renameat2." 2019-08-02 21:53:18 +00:00
Elliott Hughes
05b675e8bf Add renameat2.
Bug: http://b/127675384
Test: new tests
Change-Id: Ia2e3d5679180391ca98e62fa429fa11cbf167507
2019-08-02 09:09:59 -07:00
Elliott Hughes
ee7bc3002d seccomp: add the "64-bit time for 32-bit processes" system calls.
The cuttlefish folks are hitting this because the VDSO clock_gettime
falls back to the clock_gettime64 system call when given an invalid
clock.

Bug: http://b/138781460
Test: examined the generated .cpp files.
Change-Id: I98b311cd8652716eb6d45fb99308fdf952e79ba3
2019-08-01 15:16:58 +00:00
Ryan Prichard
c2a722f5d7 Merge changes I99d2faae,Ie98b7624
* changes:
  Enable traditional TLS accesses on arm64
  Renumber arm64 TLS to match GNU values
2019-07-31 20:50:58 +00:00
Ryan Prichard
30feb645f9 Enable traditional TLS accesses on arm64
Handle generic DTPMOD/DTPREL relocations on arm64. Expose __tls_get_addr.

Bug: http://b/123385182
Test: manual -- compile code using arm64 gcc -mtls-dialect=trad
Change-Id: I99d2faae35d1ebffc1be8de50b4a1f5e21b14348
2019-07-30 20:55:54 -07:00
Ryan Prichard
6d601458de Renumber arm64 TLS to match GNU values
The AArch64 ELF specification originally specified these relocations:

  R_AARCH64_TLS_DTPREL64          1028
  R_AARCH64_TLS_DTPMOD64          1029

However, the GNU toolchain implemented them as:

  R_AARCH64_TLS_DTPMOD64          1028
  R_AARCH64_TLS_DTPREL64          1029

The AArch64 ELF specification has been updated to replace the relocations
with R_AARCH64_TLS_IMPDEF1 and with R_AARCH64_TLS_IMPDEF2, where each
implementation can choose which interpretation it implements, but with a
suggestion to follow the GNU behavior.

Also: remove the 64 suffixes from the TLS relocations. The newest version
of the AArch64 ELF specification (version f) also omits the suffixes, as
do the glibc headers.

Bug: http://b/123385182
Bug: https://bugs.llvm.org/show_bug.cgi?id=40507
Test: build device, it boots
Change-Id: Ie98b7624752982973f0ac969d646454a86784cab
2019-07-30 16:30:46 -07:00
Pirama Arumuga Nainar
876c6f03f9 Merge "Fix clang header dependency for versioner" 2019-07-30 05:08:18 +00:00
Pirama Arumuga Nainar
49c733cc49 Fix clang header dependency for versioner
Versioner is now a prebuilt in prebuilts/clang-tools and that project
has the Clang headers packaged with it.  Use that dependency instead of
external/clang/lib/Headers.  Use the linux-x86 path for both Linux and
Darwin since they are both the same.

Test: presubmit
Change-Id: I01ad4c05fe3301a2fdad3662377f78694af6cd81
2019-07-29 15:44:46 -07:00
Vic Yang
03ff4365ec Use the new sort_bss_symbols_by_size option for libc
Instead of maintaining a symbol ordering file, using the new
sort_bss_symbols_by_size property allows for symbol sorting at build
time.

Bug: 135754984
Test: Build and check the resulting libc.so has its bss symbols sorted.
Change-Id: I4a1cd6774dfe61b73f454bdf95b535db1f9fb1ac
2019-07-29 13:26:33 -07:00
Ryan Prichard
d5c0a508bc Merge "Name stack+tls VMAs with PR_SET_VMA_ANON_NAME" 2019-07-24 20:46:32 +00:00
Treehugger Robot
4f40d47a02 Merge "Add missing nothrow attribute" 2019-07-24 01:10:58 +00:00
Yi Kong
7b50f7d51e Add missing nothrow attribute
The upcoming compiler update emits warning about the missing nothrow
attribute:

  bionic/libc/bionic/jemalloc.h:33:5: error: 'je_mallctl' is missing exception specification '__attribute__((nothrow))' [-Werror,-Wmissing-exception-spec]
  int je_mallctl(const char *name, void *oldp, size_t *oldlenp, void *newp, size_t newlen);
      ^
                                                                                           __attribute__((nothrow))
  external/jemalloc_new/include/jemalloc/jemalloc.h:230:38: note: previous declaration is here
  JEMALLOC_EXPORT int JEMALLOC_NOTHROW    je_mallctl(const char *name,
                                          ^
  external/jemalloc_new/include/jemalloc/jemalloc_rename.h:12:22: note: expanded from macro 'je_mallctl'
  #  define je_mallctl je_mallctl

Test: build with clang r365631
Bug: 131328001
Change-Id: Ia8b6f47d38e5a003b6282f10724b65b1f971ba84
2019-07-23 15:03:16 -07:00
Florian Mayer
6883b0807b Reserve signal for java heap dumps.
We will put instrumentation in ART to write out Java heap memory
information on receipt of this signal.

Bug: 136210868
Test: Flash blueline-userdebug and boot

Change-Id: I63173a4051c46b8569faaf3064e1db1dbd0ea3fe
2019-07-23 16:38:00 +01:00
Ryan Prichard
03cef383ba Name stack+tls VMAs with PR_SET_VMA_ANON_NAME
Bionic creates a single thread mapping to hold a thread's stack and static
TLS memory. Use PR_SET_VMA_ANON_NAME to name this region
"stack_and_tls:tid". dumpsys meminfo can report this region as "Stack"
memory.

The main thread's memory is instead named stack_and_tls:main, and the VMA
is renamed to stack_and_tls:main in a post-fork child.

For the main thread, and threads using pthread_attr_setstack, Bionic still
creates the stack_and_tls mapping, but it only has TLS memory in it.

Bug: http://b/134795155
Test: run "dumpsys meminfo" and verify that this CL increases the reported
  stack memory usage from about 4MB to 21MB.
Change-Id: Id1f39ff083329e83426130b4ef94222ffacb90ae
Merged-In: Id1f39ff083329e83426130b4ef94222ffacb90ae
2019-07-23 02:06:51 +00:00
Tom Cherry
6b2532e19a Merge "Change stdatomic.h check from defined(_USING_LIBCXX) to __has_include(<atomic>)" 2019-07-19 18:01:06 +00:00
Tom Cherry
5a8482ef8f Merge "Load /etc/{passwd,group} from all partitions" 2019-07-19 18:00:41 +00:00
Paul Duffin
91b0430a08 Merge "Add bionic_libc_private_headers for use by art" 2019-07-19 09:18:47 +00:00
Christopher Ferris
9782b87074 Move to the libc++ demangler.
Bug: 136138882

Test: Ran malloc debug tests.
Test: Ran an app with backtrace_full and verified demangling working in
Test: log file.
Test: Enabled leak checking and verified that the logs include properly
Test: demangled.
Change-Id: Ic4fd9f1522451e867048ac1bea59d8c5ed0d3577
2019-07-18 21:11:22 +00:00
Tom Cherry
76e2b15ad4 Change stdatomic.h check from defined(_USING_LIBCXX) to __has_include(<atomic>)
The previous check was causing some problems with platform builds
using the NDK.  The new check is more accurate.

Move the C definitions from stdatomic.h to bits/stdatomic.h since
with the new check, we no longer can use the #undef trick to test
them.

Test: build platform NDK with stdatomic.h in pthread.h header
Test: stdatomic bionic-unit-tests
Change-Id: Ia0bc3cc8344f2ba4e6e55a52248fb6efee799d1d
2019-07-18 13:57:39 -07:00
Paul Duffin
6b5cb034e3 Add bionic_libc_private_headers for use by art
This avoids art having a direct reference to bionic directories which
would prevent the bionic module from being unbundled from the runtime
module.

Bug: 134379140
Test: m droid
Change-Id: I9545767b76341fd01166b675bdd156f620d4f262
2019-07-18 14:48:44 +01:00
Tom Cherry
9cf76012aa Merge "Update notice" 2019-07-17 21:11:15 +00:00
Tom Cherry
40f69aefb2 Update notice
4ed2f475d8 added new items for NOTICE,
but didn't update the NOTICE file.

Test: none
Change-Id: I558271dc4520d9685dd164ba9f0b6db13d125014
2019-07-17 10:56:16 -07:00
Tom Cherry
800c1a9707 Fix pthread_cond_clockwait() when cond is initialized with CLOCK_MONOTONIC
A bit of over-reliance on implementing pthread_cond_clockwait() in
terms of existing functions ended up with a bug that if the condition
variable was initialized to use CLOCK_MONOTONIC, then
pthread_cond_clockwait() would do the wrong thing.

This change corrects that and adds a test for this case.

Test: new and existing tests pthread_cond unit tests
Change-Id: I708d5dfbef95a67678db56dceda011f2f8fd1c5c
2019-07-17 10:46:47 -07:00
Treehugger Robot
59cc0b3142 Merge "Clear pointer tags as required for HWASAN for globals." 2019-07-17 01:03:48 +00:00
Elliott Hughes
3975431aba Merge "Add avx2 version of wmemset in binoic" 2019-07-16 23:00:24 +00:00
Peter Collingbourne
45f0a3b642 Clear pointer tags as required for HWASAN for globals.
A future version of HWASAN will set pointer tags when taking the address of
a global. This means that we need to untag pointers in a couple of cases
where potential global pointers are passed to an interface that expects
untagged pointers:

- The WriteProtected class, whose only instances are globals, passes its
  own address to mprotect. However, our device kernels do not currently
  untag pointers passed to mprotect (the proposed upstream kernel patches
  do, however, untag these pointers), so once HWASAN starts tagging global
  pointers, this will start failing.
- The shadow_load function loads from a shadow that corresponds to the
  address space bounds of loaded binaries. Since these address space
  bounds are untagged, the pointer needs to be untagged to match.

Test: boots
Change-Id: I3f11ce6eb7261752e5ff6d039d04dd45516b236f
2019-07-16 13:38:38 -07:00
Shalini Salomi Bodapati
4ed2f475d8 Add avx2 version of wmemset in binoic
Test: ./tests/run-on-host.sh 64
Change-Id: Id2f696cc60a10c01846ca3fe0d3a5d513020afe3
Signed-off-by: Shalini Salomi Bodapati <shalini.salomi.bodapati@intel.com>
2019-07-16 18:06:57 +05:30
Tom Cherry
69010802d0 Implement new clock wait functions
pthread_cond_clockwait
pthread_mutex_clocklock
pthread_rwlock_clockrdlock
pthread_rwlock_clockwrlock
sem_clockwait

Bug: 35756266
Test: new unit tests
Change-Id: I71bd25eeec6476134b368d5bdf2f729d0bba595e
2019-07-15 09:06:19 -07:00
Elliott Hughes
c80af7f146 Merge "Explicitly add open/stat64 to the seccomp common whitelist." 2019-07-12 16:25:17 +00:00
Treehugger Robot
34d11e52af Merge "Avoid calling snprintf in bionic_trace_begin." 2019-07-11 23:39:38 +00:00
Elliott Hughes
33e079900d Explicitly add open/stat64 to the seccomp common whitelist.
They're used by 32-bit sanitizers. We used to get these for free (as the
comment says), but the place we got them from changed. Just be explicit.

Longer-term we should fix how we build the sanitizers to only use the
canonical system calls, like they already do for arm64.

Bug: https://issuetracker.google.com/136777266
Test: builds
Change-Id: If80a8d47aa345aaaa8bed32b44f020e06e504d49
2019-07-11 14:59:12 -07:00
Josh Gao
e1d121bef6 Avoid calling snprintf in bionic_trace_begin.
snprintf always calls free (on a null pointer) in its epilogue, which
results in infinite recursion if free calls a function that calls
bionic_trace_begin (e.g. when perfetto attempts to lock a mutex in
RecordFree).

Bug: http://b/137284735
Test: treehugger
Change-Id: I51c5b32e8f4e394be4602e06c7b94797df73c37b
2019-07-11 13:00:26 -07:00
Tom Cherry
777b34dcc3 Load /etc/{passwd,group} from all partitions
Note that unlike the oem_ range that is used for the vendor
partitions, we do not create oem_<n> entries for these new reserved
ranges; they will only appear in getpwent()/getgrent() if there is an
entry in the corresponding passwd/group file.

Bug: 73062966
Test: can load AIDs from partitions other than vendor
Test: bionic-unit-tests
Change-Id: Ifcbbf202894adff948eaaba2a59e25c993611140
2019-07-11 10:31:02 -07:00
Christopher Ferris
78977053a7 Merge "Update to kernel headers v5.2." 2019-07-09 17:16:53 +00:00
Christopher Ferris
3d0bafb945 Do not check tcache clear when doing a purge.
On systems where the tcache is disabled, the tcache clear option will
fail, and not really do a purge.

Bug: 137037462
Bug: 136236080

Test: Built taimen as malloc svelte and verified the M_PURGE mallopt
Test: call failed before this fix and passes afterwards.
Change-Id: Ib30e5f3e083a9c6d046adff30f2aa7eacaf6df10
2019-07-08 15:15:01 -07:00
Christopher Ferris
aeddbcfb2c Update to kernel headers v5.2.
Test: Booted a taimen, ran unit bionic unit tests.
Change-Id: I3522c59793bbcef98ea515996a481d92f14b8816
2019-07-08 13:54:11 -07:00
Elliott Hughes
b2bd7c575e Merge "libnetd_client: support hooking sendto/sendmsg/sendmmsg too." 2019-06-24 15:04:25 +00:00
George Burgess IV
36bc922772 Merge changes I33957ad4,I02f8f87d,Iba04e486
* changes:
  fortify: replace bzero/bcmp defines
  fortify: add __mempcpy_chk
  fortify: fix overflow checks in unistd
2019-06-21 00:18:44 +00:00
George Burgess IV
261b7f4867 fortify: replace bzero/bcmp defines
__builtin_*_chk will emit warnings when things are trivially broken.
Emitting errors instead is probably better (and we can be a bit smarter
about how we emit code for trivially safe cases.)

Bug: 131861088
Test: checkbuild + bionic-unit-tests on blueline
Change-Id: I33957ad419922d0760304758ecb9bc8ad33e0b64
2019-06-20 13:05:23 -07:00
George Burgess IV
3bdeae781f Merge changes I557309b3,If5f47e0e
* changes:
  fortify: add even more warnings
  fortify: fix up a few diagnostics; add __wur to realpath
2019-06-20 17:20:52 +00:00
Elliott Hughes
5c6a3f9fbc libnetd_client: support hooking sendto/sendmsg/sendmmsg too.
Samsung has asked for this for KNOX.

Test: treehugger
Change-Id: Iffaace9f8cb265ce8c911472989c9829cbf91a42
2019-06-20 08:32:24 -07:00
Elliott Hughes
50080a29f7 Remove the ___ hack.
Plain __ for generated syscalls didn't mean it was a hidden symbol, it
just meant "please don't use this". We added ___ to signify that a
hidden symbol should be generated, but then we added the map files
anyway so you now have to explicitly export symbols. Given that, this
convention serves no particular purpose so we may as well just use the
nicer names have everything look the same.

Test: treehugger
Change-Id: If424e17a49c36f4be545f5d283c4561a6ea9c7ea
2019-06-19 15:38:42 -07:00