Commit graph

219 commits

Author SHA1 Message Date
Elliott Hughes
1c1dfb82f4 Failures to parse SYSCALLS.TXT-like files should be errors.
Previously we'd output a diagnostic but just blindly carry on.

Test: ran locally without my previous fix
Change-Id: I99a2411eae5bd72d97b6a4335c699d1e44d7b55a
2022-11-08 17:13:59 +00:00
Elliott Hughes
704772bda0 riscv64 syscall stub and seccomp filter generation.
These are sufficiently intertwined that they need to be done together.
riscv64 is our first primary-only architecture, so that required some
changes. The .bp changes are to support this --- we need to only show
the python scripts the architectures they'll actually be using, rather
than showing them everything and ignoring some of the results.

riscv64 is also the first architecture that post-dates the kernel's
64-bit time work, so there's a bit of extra fiddling needed to handle
the __NR3264_ indirection in the uapi headers.

Signed-off-by: Mao Han <han_mao@linux.alibaba.com>
Signed-off-by: Xia Lifang <lifang_xia@linux.alibaba.com>
Signed-off-by: Chen Guoyin <chenguoyin.cgy@linux.alibaba.com>
Signed-off-by: Wang Chen <wangchen20@iscas.ac.cn>
Signed-off-by: Lu Xufan <luxufan@iscas.ac.cn>
Test: local builds for x86-64 and riscv64
Change-Id: I74044744e80b312088f805c44fbd667c9bfcdc69
2022-10-13 23:41:53 +00:00
Elliott Hughes
291f98a66d Switch to the more common idiom for scripts in genrules.
Bug: http://b/198619163
Test: treehugger
Change-Id: I8a6e9e179aef45e1b0622a2e15f80f92041f9736
2022-06-30 23:35:11 +00:00
Treehugger Robot
8d36be9bb9 Merge "Ignore backup files left by emacs." 2021-04-20 01:24:49 +00:00
Dan Albert
77d976cd65 Ignore backup files left by emacs.
Test: Added a file like this locally and the upload hook didn't care
Bug: None
Change-Id: I4c33f2517a9a83c7797d3ea9074fffeedf85dcaa
2021-04-19 14:05:59 -07:00
Elliott Hughes
6b586e7709 Force everything to use python3 for consistency.
Rather than "whatever people have installed as 'python' on their machine".

I've removed check-symbols.py because that's been broken for years and
we never even noticed, and I'm not sure it's worth fixing.

Test: treehugger, manual
Change-Id: Ieb996bbdf790a18d4b1fb46a409cc240ba2a2a49
2021-04-15 13:39:08 -07:00
Rupert Shuttleworth
e99df59d1e Make gensyscalls.py compatible with Python 3.
Test: Fixes bp2build; bazel build //bionic/...
Change-Id: I6ab66e99935b962f1ff99e478c0f55188f31b495
2021-04-15 06:14:48 -04:00
Jingwen Chen
c57947860d bp2build: remove some bp2build_available props, use package_allowlist instead.
Test: build/bazel/scripts/milestone-2/demo.sh full

Test: bazel query //bionic/...
Change-Id: I737574766be898279d8bf6f3f0adb43dcc40c220
2021-03-19 02:06:27 -04:00
Chris Parsons
98b92e00c8 Make libc genrules and its tool dep bp2build_available
Test: lunch aosp_flame && USE_BAZEL_ANALYSIS=1 m libc
Test: lunch aosp_flame && USE_BAZEL_ANALYSIS=1 m crtbegin_so1
Change-Id: I12380ef9294f8b7c3b00ea700d804c1abde7ad04
2021-02-24 14:32:16 -05:00
Bob Badour
aa7d835fdd Add LOCAL_LICENSE_KINDS to bionic
Added SPDX-license-identifier-Apache-2.0 to:
  apex/Android.bp
  libdl/Android.bp
  tools/Android.bp
  tools/versioner/Android.bp
  tools/versioner/src/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  benchmarks/Android.bp
  benchmarks/linker_relocation/gen/Android.bp
  libc/malloc_debug/Android.bp
  libc/system_properties/Android.bp
  tests/Android.bp
  tests/libs/Android.bp
  tests/libs/Android.build.dlext_testzip.mk
  tests/make_fortify_compile_test.mk

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-ISC SPDX-license-identifier-MIT
    legacy_notice legacy_unencumbered
to:
  libc/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT legacy_unencumbered
to:
  libm/Android.bp

Added SPDX-license-identifier-Apache-2.0 legacy_unencumbered
to:
  libc/tools/Android.bp

Added SPDX-license-identifier-BSD
to:
  benchmarks/linker_relocation/Android.bp
  benchmarks/spawn/Android.bp
  libc/async_safe/Android.bp
  libc/malloc_hooks/Android.bp
  libfdtrack/Android.bp
  linker/Android.bp
  tests/headers/Android.bp
  tests/headers/posix/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: Ib05bcaa276b3aa71a7654ccbe8e67e1f16aec9f3
2021-02-19 23:38:28 +00:00
Elliott Hughes
5e44c22ebf Revert "[LSC] Add LOCAL_LICENSE_KINDS to bionic"
This reverts commit 48d43034d7.

Reason for revert: bionic is multiple projects, not just one.

Change-Id: Ib31e1bb8888cc85c6e7736c4e2a1d4652fd23935
2021-02-16 20:02:47 +00:00
Bob Badour
48d43034d7 [LSC] Add LOCAL_LICENSE_KINDS to bionic
Added SPDX-license-identifier-Apache-2.0 to:
  libdl/Android.bp
  tools/versioner/src/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  benchmarks/Android.bp
  libc/malloc_debug/Android.bp
  libc/system_properties/Android.bp
  linker/Android.bp
  tests/Android.bp
  tests/libs/Android.bp
  tests/libs/Android.build.dlext_testzip.mk
  tests/make_fortify_compile_test.mk

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-ISC SPDX-license-identifier-MIT
    legacy_notice legacy_unencumbered
to:
  Android.bp
  libc/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-ISC SPDX-license-identifier-MIT
    legacy_unencumbered
to:
  tools/Android.bp
  tools/versioner/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT legacy_unencumbered
to:
  libm/Android.bp

Added SPDX-license-identifier-Apache-2.0 legacy_unencumbered
to:
  libc/tools/Android.bp

Added SPDX-license-identifier-BSD
to:
  benchmarks/linker_relocation/Android.bp
  benchmarks/spawn/Android.bp
  libc/async_safe/Android.bp
  libc/malloc_hooks/Android.bp
  libfdtrack/Android.bp
  tests/headers/Android.bp
  tests/headers/posix/Android.bp

Added legacy_notice
to:
  apex/Android.bp
  benchmarks/linker_relocation/gen/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: I76cad00578b9b99180ee5dd1e04b4646d5c5fedf
2021-02-12 17:51:24 -08:00
Dan Albert
ffa5cbeb86 Convert generate-NOTICE.py to Python 3, fix name.
Python module names should be lower case and not use hyphens (the
former is a convention, the latter is a requirement for importable
modules).

Also updates the shell script to always use Python 3 so we don't need
to maintain Python 2 compatibility.

Test: repo upload, in both a python 2 and python 3 virtualenv
Bug: None
Change-Id: I486e54a12686b4e528dc6c9c47af5c7a52a7b790
2021-02-03 17:26:59 -08:00
Dan Albert
1dffb86205 Convert genfunctosyscallnrs to Python 3.
Test: treehugger
Test: pytest libc/tools
Bug: None
Change-Id: Idda7161bbd2e2f351e0750874dc4d766ef98cc2b
2021-02-03 16:32:10 -08:00
Elliott Hughes
bc6999f1c4 Convert gensecomp.py to Python 3.
The genseccomp tests haven't been run since at least 2018. Deleted the
ones that are testing APIs that no longer exist or have been
refactored to take very different inputs.

Test: treehugger
Test: pytest tools
Bug: None
Change-Id: Iaf6b6b6a2e922b181a457a74eb4b5abe90425dfb
2021-02-03 16:15:17 -08:00
Jingwen Chen
ca36633eba Move gensseccomp and genfunctosyscallnrs next to their sources.
This is a manual refactoring to ensure that the modules respect package boundaries for input files.

Test: m gensseccomp genfunctosyscallnrs
Change-Id: I8ca6cbe85a50e41bfe874a899653c2309c59a822
2021-02-02 07:24:24 -05:00
Chris Parsons
8b768d3f1a Changes to bionic/libc to demonstrate mixed builds.
Test: source build/envsetup.sh && lunch 16 && source
build/soong/bazel/bazelenv.sh && m, then verify ninja
file was based on intermediates from bazel-out

Change-Id: I89f320dd58083710012ea1f8e3902e723602ea37
2020-12-17 11:05:01 -05:00
Tamas Petz
19d66e6f2d libc: Prepare support for Armv8.3-A PAuth and Armv8.5-A BTI in *.S
The instruction "bti c" is added through ENTRY*() macro,
using __bionic_asm_custom_entry(f).

The .note.gnu.property section is added with the new macro
NOTE_GNU_PROPERTY(). BTI and PAuth features are automatically
selected based on the presence of __ARM_FEATURE_* macros.

Furthermore, gensyscalls.py got updated to append the new
macro to the generated syscalls-arm64.S.

Test: Tested on FVP with BTI enabled.

Change-Id: I40ffe294b8426421125fffd0a9758567d919a09d
2020-09-04 11:28:43 +02:00
Elliott Hughes
cf346532fc More cleanup for #inclusivefixit.
Found manually with grep, since the script seems to miss stuff.

Test: treehugger
Change-Id: I5933cbade9792801d4a0bec1ccb077efa6ad8fbc
2020-07-31 10:35:03 -07:00
Dan Albert
9dd11412a6 Remove pylintrc.
Considering none of the files in this directory are pylint clean I
don't think this is being used. They also seem to use a mix of styles
so we need to either unify or split things into subdirectories if we
want to use pylint here.

Test: None
Bug: http://b/161896447
Change-Id: I5bc298bd64d44cc10d3d28121666e7893222ea96
2020-07-27 13:40:28 -07:00
Elliott Hughes
c5db38a4bb Don't look for licenses in .md files and pylintrc files.
Also be quiet about public domain files unless asked to be verbose.

Test: ./libc/tools/generate-NOTICE.py
Change-Id: Ia7e4d42870b2ef4b0b77a11093eefa4f117bebaf
2020-06-15 17:26:58 -07:00
Treehugger Robot
31e3ec3e10 Merge "Use more inclusive language." 2020-06-15 20:17:28 +00:00
Elliott Hughes
8c936b4e6c Use more inclusive language.
One turns out not to be used at all, and the pylintrc even uses the more
intention-revealing term in the machine readable part, just not the
comment!

Test: treehugger
Change-Id: I4db7f1cf4fa1aa8ee601857e4e4c400e2119887c
2020-06-15 11:18:43 -07:00
Victor Hsieh
dbb8670dfd Use more inclusive language for seccomp filter
blacklist and whitelist are replaced with blocklist and allowlist
respectively.

Test: CtsSeccompHostTestCases
Change-Id: I39d9eda89038d1addbdaed59284a254a34cea1c6
2020-06-15 10:12:17 -07:00
Bram Bonné
acadd09c66 Speed up seccomp with priority list.
Allow to provide a list of prioritized syscalls (e.g., syscalls that we
know occur often) which are checked before other syscalls in seccomp.

When constructing the bpf seccomp filter, traverse prioritized syscalls
in a linear list before checking all other syscalls in a binary tree.

Bug: 156732794
Test: make, inspect generated *_system_policy.cpp files
Test: simpleperf on futex/ioctl-heavy app seems to show 5-10% less time
spent in seccomp call

Change-Id: I509343bcd32ada90c0591785ab5cb12d2a38c31e
(cherry picked from commit ce84677733)
2020-05-18 11:20:30 +02:00
Elliott Hughes
2b499046f1 Clean up syscall stub/seccomp filter generation.
Test: treehugger
Change-Id: Iceb1c22d82b4d402166c3712b5b8b48a30937c6d
2020-02-13 14:21:55 -08:00
Elliott Hughes
c2faf235c0 Stop generating unused headers.
These just cause confusion because they often have different
values/layouts, but they're never actually used.

Test: treehugger
Change-Id: I424034088e017c919f62fcefa7d6d3f903f31cfb
2020-02-03 17:56:06 -08:00
John Cater
e86e505b85 Fix gensyscalls.py to actually use the input argument provided in
bionic/libc/Android.bp.

Test: Built and tested bionic.
Change-Id: Ibb25990b2b1b5c18edfdaaab4f1593fa8d95f338
2019-09-26 15:02:04 -04:00
Elliott Hughes
ae03b12925 Remove global seccomp list.
Never used, and incompatible with having bionic in a mainline module.

Test: builds
Change-Id: If377f66cc105fd3a1ec4d9c92330fa6a2d2c145c
2019-09-17 16:37:05 -07:00
Elliott Hughes
50080a29f7 Remove the ___ hack.
Plain __ for generated syscalls didn't mean it was a hidden symbol, it
just meant "please don't use this". We added ___ to signify that a
hidden symbol should be generated, but then we added the map files
anyway so you now have to explicitly export symbols. Given that, this
convention serves no particular purpose so we may as well just use the
nicer names have everything look the same.

Test: treehugger
Change-Id: If424e17a49c36f4be545f5d283c4561a6ea9c7ea
2019-06-19 15:38:42 -07:00
Elliott Hughes
584bc626b6 Move libdl and linker to static NOTICE files.
The libstdc++ directory has no copyright headers, so it was a no-op
anyway.

The interesting part will be switching libc and libm over to genrules...

Test: N/A
Change-Id: Iec92562af40c451fdcb4a7468984878ec5dba2ce
2019-04-19 14:18:07 -07:00
Elliott Hughes
782c485880 Generate assembler system call stubs via genrule.
There's no need to check in generated code.

Test: builds & boots
Change-Id: Ife368bca4349d4adeb0666db590356196b4fbd63
2019-04-16 12:31:00 -07:00
Elliott Hughes
d67b03734d libc: generate syscall stubs in one big file...
...all the better to switch to a genrule rather than checking in
generated source.

This also removes all the code in the script to deal with git,
rather than fix it. We won't need that where we're going.

Test: boots
Change-Id: I468ce019d4232a7ef27e5cb5cfd89f4c2fe4ecbd
2019-04-16 00:54:11 +00:00
Elliott Hughes
c4c2e24d5f <bits/glibc-syscalls.h>: only regenerate when we have new uapi headers.
Test: update_all.py
Change-Id: Iaa92dce263197f5a0e7d2dce5e00a31372dcb3e9
2019-04-11 14:19:17 -07:00
Christopher Ferris
d842e43e1d Update to v5.0 kernel headers.
Test: Builds and boots on taimen.
Change-Id: I13843bf1ab30ea89a50852adc88f2cba8401bded
2019-03-07 11:19:22 -08:00
Martijn Coenen
0c6de75a45 genfunctosyscallnrs: maps bionic functions to syscall numbers.
Bionic maps typical C functions like setresuid() to a syscall,
depending on the architecture used. This tool generates a .h
file that maps all bionic functions in SYSCALLS.txt to the
syscall number used on a particular architecture. It can then
be used to generate correct seccomp policy at runtime.

Example output in func_to_syscall_nrs.h:

Bug: 111434506
Test: manually inspect func_to_syscall_nrs.h
Change-Id: I8bc5c1cb17a2e7b5c534b2e0496411f2d419ad86
2019-01-19 09:09:30 +01:00
Elliott Hughes
d19b3c5274 Generate the per-arch .map files at build time.
We shouldn't be checking in these generated files...

Bug: N/A
Test: ran tests
Change-Id: Ib67c1ba839eacd7acebd713e1dcd4dd2c25d67f0
2018-12-17 12:26:42 -08:00
Elliott Hughes
8251d4419f Add lp32 and lp64 shorthands to SYSCALLS.TXT.
Bug: N/A
Test: updating the generated stubs is a no-op
Change-Id: I7f6f9bcfd8c054f0a2d7e5f488eacb88cefb8d15
2018-11-09 13:57:34 -08:00
Luis Hector Chavez
fa09b3c754 seccomp: Generate the policy files at compile time
This change avoids having to run the genseccomp.py script every time a
policy file is edited, and instead generates these files at
compile-time.

Bug: None
Test: m
Test: find out/soong/ -name x86_64_global_policy.cpp  # Shows files
Test: generated policies are equivalent to original policies
Change-Id: I12461fe0c5fb02c008c1b2503fbb994b8aa2f56b
2018-08-06 11:10:25 -07:00
Luis Hector Chavez
fd3f6d7126 genseccomp.py: Add a way to better find the clang prebuilt
This change makes it possible to invoke this tool without having to
fiddle with the path.

Bug: None
Test: ./bionic/libc/tools/genseccomp.py  # Succeeded
Change-Id: Ib24d70abc973fe774cda4209e46a5b66ae7617be
2018-08-03 12:57:21 -07:00
Elliott Hughes
ab52807685 Update to FreeBSD libm r336665.
This reverts commit 253a830631 and moves
us forward to a revision that contains fixes for the problem with the
previous attempt.

This also makes sincos(3)/sincosf(3)/sincosl(3) available to `_BSD_SOURCE`
as well as `_GNU_SOURCE`.

The new FreeBSD libm code requires the FreeBSD `__CONCAT` macro, and all
our existing callers are FreeBSD too, so update that.

There's also an assumption that <complex.h> drags in <math.h> which isn't
true for us, so work around that with `-include` in the makefile. This
then causes clang to recognize a bug -- returning from a void function --
in our fake (LP32) sincosl(3), so fix that too.

Bug: http://b/111710419
Change-Id: I84703ad844f8afde6ec6b11604ab3c096ccb62c3
Test: ran tests
2018-07-24 10:36:00 -07:00
Andreas Gampe
253a830631 Revert "Update to FreeBSD libm r336523."
This reverts commit f86ee10278.

Incorrect result for fmodf(3.0f, 0f) = 1.0f breaks ART tests.

Bug: 111710419
Test: art/test/testrunner/testrunner.py -b -t 436-rem-float --target
Change-Id: I7eae68fb92740db33415d16418447bcbbd98ecba
2018-07-21 12:23:03 -07:00
Elliott Hughes
f86ee10278 Update to FreeBSD libm r336523.
This includes an ld128 powl, plus the clog* and cpow* families.

Also teach the NOTICE generator to strip SPDX-License-Identifier lines.

Bug: N/A
Test: ran tests
Change-Id: Ic8289d1253666a19468a4088884cf7540f1ec66d
2018-07-19 16:17:06 -07:00
Victor Hsieh
2f23ceda44 Block bunch of privileged syscalls to apps
Test: build, run some app
Bug: 63944145
Change-Id: I13eb56f923732e110851dec02eaa11f6cb44535c
2018-01-22 22:30:17 -08:00
Victor Hsieh
4f02dd5755 Split zygote's seccomp filter into two
To pave the way to reducing app's kernel attack surface, this change
split the single filter into one for system and one for apps.  Note that
there is current no change between them.

Zygote will apply these filters appropriately to system server and apps.

Keep set_seccomp_filter() for now until the caller has switched to the
new API, which I will do immediately after this before the two filters
diverse.

Also remove get_seccomp_filter() since it doesn't seem to be used
anyway.

Test: diff the generated code, no difference except the variable names
Test: cts -m CtsSecurityTestCases -t android.security.cts.SeccompTest
Bug: 63944145

Change-Id: Id8ba05a87332c92ec697926af77bc5742eb04b23
2018-01-04 12:28:40 -08:00
Elliott Hughes
4075e21ba8 Merge "Be more specific about POSIX obsolescence." 2017-10-20 16:50:28 +00:00
Elliott Hughes
90e3f44293 Be more specific about POSIX obsolescence.
Bug: N/A
Test: N/A
Change-Id: Iacc741d18fedbca7c6e8da9d2c64f3d86f9d136b
2017-10-19 21:52:51 -07:00
Elliott Hughes
61c9c80275 Ignore sockatmark.
I was unable to find a single use of this anywhere, and the networking
folks point out https://tools.ietf.org/html/rfc6093:

    """
    5.  Advice to New Applications Employing TCP

      As a result of the issues discussed in Section 3.2 and Section 3.4,
      new applications SHOULD NOT employ the TCP urgent mechanism.
    """

Applications that think they want to do these tricksy things should be
referred to section 3.4, wherein it's noted that these semantics are
effectively dead and it's middleboxes what killed 'em:

    """
    3.4.  Interaction of Middleboxes with TCP Urgent Indications

      As a result of the publication of Network Intrusion Detection System
      (NIDS) evasion techniques based on TCP urgent indications [phrack],
      some middleboxes clear the urgent indications by clearing the URG
      flag and setting the Urgent Pointer to zero.  This causes the "urgent
      data" to become "in line" (that is, accessible by the read(2) call or
      the recv(2) call without the MSG_OOB flag) in the case of those TCP
      implementations that interpret the TCP urgent mechanism as a facility
      for delivering "out-of-band" data (as described in Section 3.1).  An
      example of such a middlebox is the Cisco PIX firewall [Cisco-PIX].
      This should discourage applications from depending on urgent
      indications for their correct operation, as urgent indications may
      not be reliable in the current Internet.
    """

Bug: N/A
Test: N/A
Change-Id: I73280db1d803bb7bd93954c13c653fa0cd3daff9
2017-10-19 15:37:54 -07:00
Elliott Hughes
01a57d1eb6 Call fmtmsg/getdate/getdate_err useless.
They're POSIX, and they're implemented in iOS and glibc, but they're
not actually used in any codebase I have access to. They're *defined*
in several places, and some of those places have a handful of tests,
but I couldn't find a single genuine caller.

Bug: N/A
Test: N/A
Change-Id: Id3e2c36183fcff323aa5a2e3a3dabaa8378fae56
2017-10-19 15:45:04 +00:00
Elliott Hughes
ab413c535c Fix mip64 build.
Fallout from the unified sysroot work.

Bug: N/A
Test: builds
Change-Id: If0595a241b9ce0d8c8c7137ddaf8fca932487b7c
2017-10-13 13:22:24 -07:00