It has been reported in b2/19657449 and b2/19381040 that fchmodat
AT_SYMLINK_NOFOLLOW operation on symlink can succeed. It seems to be
controlled by kernel(version or configuration) or user configuration
whether chmod is allowed on symlinks. Unless we can disable chmod on
symlinks in bionic explicitly, we can not guarantee that the test can
pass. But it seems reasonable to allow chmod on symlink if kernel allows
to. So We prefer to loosen the test here, accepting both success and
failure when doing chmod operation on symlinks.
Bug: 19657449
Bug: 19381040
Change-Id: I780e84f0b50d0412fbac9f1c240d07e984892a28
Kindle app relies on soinfo's sysv hash
fields while linking native libraries.
This change allows to keep sysv hash fields
intact for the libraries linked with --hash-style=both.
Bug: 19059885
Change-Id: I12528652955638f1a6586bda99e111bb1c8aa7a3
When the kernel executes a program which is setuid, setgid, has
file capabilities, or causes an SELinux domain transition, the
AT_SECURE flag is set. This flag instructs the dynamic linker to
prune any dangerous environment variables passed across security
boundaries.
For SELinux in particular, whether this flag is set depends on the
the "noatsecure" process permission. If that permission does not
exist, then AT_SECURE=1 whenever a domain transition occurs.
In https://android-review.googlesource.com/129971 , Android stopped
using noatsecure when executing init services. In
https://android-review.googlesource.com/130610 , init was flipped
back into SELinux enforcing mode, making ag/129971 active. The
combination of those two changes ensured that AT_SECURE=1 was
set when executing init spawned services.
In particular, AT_SECURE=1 is set when init executes zygote. Due to
the forking nature of zygote, AT_SECURE remains untouched when
executing zygote's children.
This causes problems for the code added in
https://android-review.googlesource.com/48409 . Specifically, if
AT_SECURE=1, an attempt to call android_update_LD_LIBRARY_PATH()
is silently ignored. This causes problems when art tries to adjust
the LD_LIBRARY_PATH for Android apps. Ultimately, apps are unable
to find shared libraries they depend on.
As discussed in bug 7896159, there's no security reason for
preventing an application from updating it's own LD_LIBRARY_PATH.
We only need to prune LD_LIBRARY_PATH when transitioning across
security boundaries, but not when we're entirely within a security
boundary.
Remove the AT_SECURE check within do_android_update_LD_LIBRARY_PATH().
It's unneeded and prevents an application from modifying it's own
LD_LIBRARY_PATH. This allows an application to specify a location
where it's dlopen()ed shared libraries should be loaded from.
There is no change to AT_SECURE handling in
__sanitize_environment_variables(). We continue to honor it there
to prevent using security sensitive environment variables across
an exec boundary.
Bug: 19559835
Change-Id: If4af2ee8e84265aaa0c93de8b281208b20d7942a
Add hardware implementations for sqrt, ceil, floor and trunc for
x86 and x86_64. These routines, and in particular sqrt are much
faster than the BSD C language versions of these functions.
Fixed whitespace errors.
Revised x86 versions with respect to alignment.
Rebased for Android 5.0
Change-Id: I86bdb520ce5e589b0cf63778f353fbd3263c8f0e
Author: James Rose <james.rose@intel.com>
Signed-off-by: James Rose <james.rose@intel.com>
Make this change because I think it is more reasonable to check stack info
in pthread_getattr_np. I believe pthread_attr_t is not tied with any thread,
and can't have a flag saying who using it is the main thread.
This change also helps refactor of g_thread_list_lock.
Bug: 19636317
Change-Id: Iedbb85a391ac3e1849dd036d01445dac4bc63db9
1. One binary for all architectures
2. Generalize (and slightly improve) compression
2.1 works on all relocation types (rela?.dyn section only so far)
2.2 Uses same format to encode ElfW(Rel) as well as ElfW(Rela) tables
Bug: 18051137
Change-Id: I66c95d9076954ca115816fc577d0f5ef274e5e72
