For security reasons, when a binary is executed which causes a security
transition (eg, a setuid binary, setgid binary, filesystem capabilities,
or SELinux domain transition), the AT_SECURE flag is set. This causes
certain blacklisted environment variables to be stripped before the
process is executed. The list of blacklisted environment variables is
stored in UNSAFE_VARIABLE_NAMES. Generally speaking, most environment
variables used internally by libc show up in this list.
Add ANDROID_DNS_MODE to the list of unsafe variables.
Similar to RESOLV_HOST_CONF and RES_OPTIONS (which are already
blacklisted), this variable controls how name resolution requests are
handled. Allowing ANDROID_DNS_MODE to be set across a security
boundary could induce resolution failures or otherwise impact
name resolution.
Remove BIONIC_DNSCACHE. This does not appear to be used, and setting
this variable across a security boundary could cause name resolution
problems.
Test: Android compiles and runs with no obvious problems.
Change-Id: I835a7b42d6afbc9c67866594c7951cfd9b355d81
It's faster and safer to skip them on the device, where we know where
everything is anyway.
(cherrypick of cf6365690cc68bdd7e16648fb7881ba0b5cae93d.)
Bug: http://b/36807787
Test: ran tests
Change-Id: I0bb7879cc46f194152c67ddaf072cbebb424f789
While this change is correct, GNU libstdc++ 4.9 isn't able to handle a
standard compliant C library. Its <cmath> will `#undef isnan` from
math.h and only adds the function overloads to the std namespace,
making it impossible to use both <cmath> (which gets included by a
lot of other standard headers) and ::isnan.
We're going to have to revert this until we can start turning down
support for gnustl.
This reverts commit e76ee993ff.
Bug: https://code.google.com/p/android/issues/detail?id=271629
Test: make checkbuild
Change-Id: I394f50271430e78ab801d85c3ee4e87019eda6af
Used by CFI, so broke cfi_test#early_init@x86, but I've added a specific
test for this (and a similar test for getauxval from preinit, which this
patch does not fix).
Bug: http://b/35885875
Test: ran tests
Change-Id: I43885bedfb88c0a26b4474bd3c27a87dec7bbc97
The check that we are not below the lowest permitted syscall was
off by one, so we always allowed them, rather than always denying
them
Test: Check arm64 boots, chrome and maps work
mips and mips64 emulators boot
Note that arm, x86 and x86_64 already allow syscall 0 so there
will be no functional change there
Change-Id: I85873f1d04124e634e648bd47c027f280f1d6dbd
IANA changes:
Briefly: Haiti has resumed DST.
Changes to past and future time stamps
Haiti resumed observance of DST in 2017. (Thanks to Steffen Thorsen.)
Changes to past time stamps
Liberia changed from -004430 to +00 on 1972-01-07, not 1972-05-01.
Use "MMT" to abbreviate Liberia's time zone before 1972, as "-004430"
is one byte over the POSIX limit. (Problem reported by Derick Rethans.)
Bug: 36470257
Test: CtsLibcoreTestCases / CtsBionicTestCases
Change-Id: I5a8ffb60232410d88ffa67c7702dd234ff05f61d
Without this, setting `__USE_FILE_OFFSET64` and targeting pre-L made
mmap entirely unavailable.
Test: make checkbuild
Bug: https://github.com/android-ndk/ndk/issues/332
Change-Id: I9f61c44f8d9ab5c7cae845c9f89a7d889c6df365
Without this, setting __FILE_OFFSET_BITS to 64 and targeting pre-L
made these functions entirely unavailable.
Bug: https://github.com/android-ndk/ndk/issues/333
Test: builds
Change-Id: Id17ae3c070f8b2650a9bc9aa2aa2e92c5fcdf4ad
Without this, setting __FILE_OFFSET_BITS to 64 and targeting pre-L
made sendfile entirely unavailable.
Bug: https://github.com/android-ndk/ndk/issues/333
Test: builds
Change-Id: I82d326ff244473dd5443632ff6c19d726d5e29ee
Test: Used bionic tests available under bionic/tests folder.
Tested for mips32r1/mips32r2/mips64r6 on emulators.
Change-Id: I589415ddc496df3f6067ae34cb33ca58b3a1f276
Signed-off-by: Prashant Patil <prashant.patil@imgtec.com>
Test: Make sure arm, x86, x86_64, mips, mips64 emulators boot
Make sure sailfish still boots
Ran CTS test from
https://android-review.googlesource.com/#/c/348671/3 and it passed
The instructions for how to run mips emulators above worked, but
the CTS tests did not seem to actually run.
Change-Id: Iddee5acdb19ed32c7bd4657573313ca439cf6a49
When I rewrote malloc debug, I accidentally thought that each
value returned in the info buffer contained the number of backtrace
frames in the backtrace. This was incorrect, it should have been
the total number of allocations with the same backtrace.
This is a temporary fix that sets that value to 1. The better fix is
to de-dupe backtraces and then return all allocations of the same size
with the same backtrace.
I updated the documents to describe this.
Bug: 31854476
Test: Unit tests pass.
Change-Id: Idf9efaa3d363923b5d7543d90dc7c65a0ed553d9
snprintf to a buffer of length PATH_MAX consumes about 7kB of stack.
Bug: http://b/35858739
Test: bionic-unit-tests --gtest_filter="*big_enough*"
Change-Id: I34a7f42c1fd2582ca0d0a9b7e7a5290bc1cc19b1
This changes system_properties' initialize_properties to prefer
loading property_contexts from /system/etc/selinux &
/vendor/etc/selinux, while falling back to the pre-existing behavior
of loading from /.
Test: Device with *_property_contexts in / boots up fine, no denials
to do with properties, getprop -Z lists correct labels.
Test: Device with *_property_contexts in /system & /vendor, but not
in /, boots up fine, no denials to do with properties,
getprop -Z lists correct labels.
Test: Device with *_property_contexts in /system & vendor and with
empty *_property_contexts in / boots up fine, no denials to do
with properties, getprop -Z lists correct labels.
Bug: 36002573
Change-Id: I15174acdf89ee8f5a96acf1e38a54d4214df51ef
__pthread_internal_free doesn't happen on threads that are detached,
causing the bionic TLS allocation (and guard pages) to be leaked.
Fix the leak, and name the allocations to make things apparent if this
ever happens again.
Bug: http://b/36045112
Test: manually ran a program that detached empty threads
Change-Id: Id1c7852b7384474244f7bf5a0f7da54ff962e0a1
IANA changes:
Briefly: Southern Chile moves from -04/-03 to -03, and Mongolia
discontinues DST.
Changes to future time stamps
Mongolia no longer observes DST. (Thanks to Ganbold Tsagaankhuu.)
Chile's Region of Magallanes moves from -04/-03 to -03 year-round.
Its clocks diverge from America/Santiago starting 2017-05-13 at
23:00, hiving off a new zone America/Punta_Arenas. Although the
Chilean government says this change expires in May 2019, for now
assume it's permanent. (Thanks to Juan Correa and Deborah
Goldsmith.) This also affects Antarctica/Palmer.
Changes to past time stamps
Fix many entries for historical time stamps for Europe/Madrid
before 1979, to agree with tables compiled by Pere Planesas of the
National Astronomical Observatory of Spain. As a side effect,
this changes some time stamps for Africa/Ceuta before 1929, which
are probably guesswork anyway. (Thanks to Steve Allen and
Pierpaolo Bernardi for the heads-ups, and to Michael Deckers for
correcting the 1901 transition.)
Ecuador observed DST from 1992-11-28 to 1993-02-05.
(Thanks to Alois Treindl.)
Asia/Atyrau and Asia/Oral were at +03 (not +04) before 1930-06-21.
(Thanks to Stepan Golosunov.)
Changes to past and future time zone abbreviations
Switch to numeric time zone abbreviations for South America, as
part of the ongoing project of removing invented abbreviations.
This avoids the need to invent an abbreviation for the new Chilean
new zone. Similarly, switch from invented to numeric time zone
abbreviations for Afghanistan, American Samoa, the Azores,
Bangladesh, Bhutan, the British Indian Ocean Territory, Brunei,
Cape Verde, Chatham Is, Christmas I, Cocos (Keeling) Is, Cook Is,
Dubai, East Timor, Eucla, Fiji, French Polynesia, Greenland,
Indochina, Iran, Iraq, Kiribati, Lord Howe, Macquarie, Malaysia,
the Maldives, Marshall Is, Mauritius, Micronesia, Mongolia,
Myanmar, Nauru, Nepal, New Caledonia, Niue, Norfolk I, Palau,
Papua New Guinea, the Philippines, Pitcairn, Qatar, Réunion, St
Pierre & Miquelon, Samoa, Saudi Arabia, Seychelles, Singapore,
Solomon Is, Tokelau, Tuvalu, Wake, Vanuatu, Wallis & Futuna, and
Xinjiang; for 20-minute daylight saving time in Ghana before 1943;
for half-hour daylight saving time in Belize before 1944 and in
the Dominican Republic before 1975; and for Canary Islands before
1946, for Guinea-Bissau before 1975, for Iceland before 1969, for
Indian Summer Time before 1942, for Indonesia before around 1964,
for Kenya before 1960, for Liberia before 1973, for Madeira before
1967, for Namibia before 1943, for the Netherlands in 1937-9, for
Pakistan before 1971, for Western Sahara before 1977, and for
Zaporozhye in 1880-1924.
For Alaska time from 1900 through 1967, instead of "CAT" use the
abbreviation "AST", the abbreviation commonly used at the time
(Atlantic Standard Time had not been standardized yet). Use "AWT"
and "APT" instead of the invented abbreviations "CAWT" and "CAPT".
Use "CST" and "CDT" instead of invented abbreviations for Macau
before 1999 and Taiwan before 1938, and use "JST" instead of the
invented abbreviation "JCST" for Japan and Korea before 1938.
Bug: 35861784
Test: CtsLibcoreTestCases / CtsBionicTestCases
Change-Id: I5e6bbdb93cb57f1b465913ba1b99572140400ef8
