__libc_sysinfo is hidden, so accessing it doesn't require a relocated GOT.
It is important not to have a relocatable initializer on __libc_sysinfo,
because if it did have one, and if we initialized it before relocating the
linker, then on 32-bit x86 (which uses REL rather than RELA), the
relocation step would calculate the wrong addend and overwrite
__libc_sysinfo with garbage.
Asides:
* It'd be simpler to keep the __libc_sysinfo initializer for static
executables, but the loader pulls in libc_init_static (even though it
uses almost none of the code in that file, like __libc_init).
* The loader has called __libc_init_sysinfo three times by the time it
has relocated itself. A static executable calls it twice, while libc.so
calls it only once.
Bug: none
Test: lunch aosp_x86-userdebug ; emulator
Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests
Test: adb shell /data/nativetest/bionic-unit-tests-static/bionic-unit-tests-static
Change-Id: I5944f57847db7191608f4f83dde22b49e279e6cb
- It is only needed for dynamic executables, so move the initialization
out of __libc_init_main_thread and just before the solib constructor
calls. For static executables, the slot was initialized, then never
used or cleared. Instead, leave it clear.
- For static executables, __libc_init_main_thread already initialized the
stack guard, so remove the redundant __init_thread_stack_guard call.
- Simplify the slot access/clearing a bit in __libc_preinit.
- Remove the "__libc_init_common() will change the TLS area so the old one
won't be accessible anyway." comment. AFAICT, it's incorrect -- the
main thread's TLS area in a dynamic executable is initialized to a
static pthread_internal_t object in the linker, then reused by libc.so.
Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests
Test: adb shell /data/nativetest/bionic-unit-tests-static/bionic-unit-tests-static
Change-Id: Ie2da6f5be3ad563fa65b38eaadf8ba6ecc6a64b6
The current code checks out the android kernel tree. Long ago, we moved
to using the linux kernel source code. Modify the script to actually
do this.
Bug: 6653610
Test: Ran the script using the --download_kernel option and without.
Change-Id: I769e769edea272f4f8c9c8d2e76bd336059c66e3
This adds a new option backtrace_full, when it is set, then it will use
libunwindstack.
Modify the dump to file data to dump the extra information from libunwindstack.
Along with the new dump file format, change the version to v1.1.
Updated document for new format of file data.
Add unit tests for the new functionality.
Bug: 74361929
Test: Ran unit tests.
Change-Id: I40fff795f5346bba7b9d7fde2e04f269ff4eb7f1
Global flag --pack-dyn-relocs=android is used with clang lld.
For b/24465209, we need to override that with --pack-dyn-relocs=none.
Bug: 80093890
Bug: 24465209
Test: build with USE_CLANG_LLD=true and run dlext.compat_elf_hash_and_relocation_tables
Change-Id: Ic3837446ff0deccf4e66425b39d3b062abcacc5e
See longer explanation in b/80093890.
Clang lld does not generate expected DT_REL and DT_RELA tags
with --hash-style=both and --pack-dyn-relocs=android.
I am not sure about the extent of b/24465209, so
I would rather not to use lld for these .so files for now.
Bug: 80093890
Bug: 24465209
Test: build with USE_CLANG_LLD=true and run dlext.compat_elf_hash_and_relocation_tables
Change-Id: I94e9fe8d687daeadb0182ae26596ca11d3f8bd9b
Require that users and groups found in /vendor/etc/{passwd,group}
start with vendor_. This is needed to compliance with Treble as
without this prefix, it is possible for a new system image to create a
user/group name that a vendor has already used, causing a collision.
Bug: 79528966
Test: new unit test
Change-Id: I07500641e165f41526a8101592d83fa174e7a711
Libraries that are direct or indirect dependencies of modules installed
to recovery partition (e.g. toybox) are marked as recovery_available:
true. This allows a recovery variant of the lib is created when it is
depended by other recovery or recovery_available modules.
Bug: 67916654
Bug: 64960723
Bug: 63673171
Bug: 29921292
Test: m -j
Change-Id: I59bf859a10a218af6591025a0fe7d1853e328405
Bug: 78133793
Bug: 78242072
Test: Builds and ran to verify best libc routines.
Change-Id: I2299b8f0f6379c9003072764978ea917b74aee4f
Merged-In: I2299b8f0f6379c9003072764978ea917b74aee4f
(cherry picked from commit 3162eb3b81)
POSIX says ftw/nftw "shall fail" in various cases where BSD's fts_open
doesn't. Since our ftw/nftw are written in terms of fts_open, add a back
door so we can hint to ourselves when we should have the POSIX semantics.
Also pull several O_CLOEXEC and don't-null-check-before-free cleanups
from upstream, and add a couple of tests.
Bug: http://b/31152735
Test: ran bionic tests and LTP "nftw01" test
Change-Id: Ib05facacc1da4c8b2ab48e9ecce88f11a5406630
Currently DNS lookups are all sent as UID 0. In N we added an
AID_DNS user, but we never used it. A separate UID allows us to
account for and route DNS traffic differently from other UID 0
traffic such as kernel-originated traffic.
Bug: 70673901
Test: DNS lookups continue to work
Test: netd_{unit,integration}_test pass
Change-Id: Ife3ca7df45de51b92437d2cfe627fb4703b672fb
The code (and comment) have been like this since the initial commit, but
there was never a test of this, and glibc seems to have been returning
EINVAL (as POSIX says it should) since long before Android existed.
Bug: http://b/31154352
Test: ran tests
Change-Id: Ica1ea836a4a5699ef0d956fe9c0f322e567de34d
This complements __libc_init_main_thread in setting up main thread
under native bridge.
Test: run_tests
Bug: 77877742
Change-Id: I53efab66f285a1b9f0ab36d44386fa1e2621e4ba
(cherry picked from commit 4c9504aa6c)
Apparently this didn't make it to all android-16 devices. As far as
we know it did make it for all android-17 devices.
Test: make checkbuild
Bug: https://github.com/android-ndk/ndk/issues/647
Change-Id: I2f07cfb1254e2a203c1c10b91b0be46bf37ea853
* Linker rules for lld do not work with libunwind_llvm yet.
Bug: 78118944
Test: make checkbuild and boot
Change-Id: I0eda2409d9f365029f70f4255edffbeae49cb6d2
When compiling on/for at least Lollipop, always use the fortified
versions of FD_X macros. This works around side-effect issues (which
are explicitly called out in the specification) and generally
increases robustness of code.
Bug: 77986327
Test: mmma bionic
Test: m
Test: bionic_unit_tests
Change-Id: I9096c6872770e46ba5ab64e7375ff83fc0518e07
This reverts commit 2e7145c048.
When src is at the end page, the sse2 strlcpy SSE2 optimized version
can issue a movdqu instruction that can cross the page boundary. If
the next page is not allocated to that process, it leads to
segmentation fault. This is a rare but has be caught multiple times
during robustness testing.
We isolated a way to reproduce that issue outside of an Android device
and we have been able to resolve this particular case. However, we
ran some additional compliance and robustness tests and found several
other similar page crossing issues with this implementation.
In conclusion, this optimization needs to be re-written from scratch
because its design is at cause. In the meantime, it is better to
remove it.
Change-Id: If90450de430ba9b7cd9282a422783beabd701f3d
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Changes
- Refactor the code so that only guards require creating a special header
for every pointer allocated.
- Store only a single copy of every backtrace. This saves memory so that
turning on the backtrace option doesn't result in 10X memory usage.
- Added new option track_allocs that only verifies pointers are valid for
free/malloc_usable_size/realloc.
- Remove suffix from test names.
- Add the TRACK_ALLOCS options to all guard options.
- Add new option verify_pointers that is a lightweight way to verify
pointers that are passed to allocation routines.
- Do auto-formatting of the code.
- Updated documentation for all of these changes.
Bug: 74361929
Test: Ran unit tests.
Test: Ran libmemunreachable unit tests.
Test: Ran an app with backtrace enabled.
Change-Id: I3246c48ae4f9811f64622d90d0a9b4d9d818702c
Behavior is compliant with
https://tools.ietf.org/html/draft-ietf-dprive-padding-policy-04
EDNS0 is only enabled when the netcontext requests it, i.e. in DNS-over-TLS
mode.
Bug: 69623036
Bug: 64133961
Test: Wireshark verified. Integration tests echo padding and pass.
Change-Id: I5ef600e02a572d281441e890cc981614f150629b
This reverts commit 040c28a023.
Reason for revert: reland since the actual problem has been fixed
Change-Id: Ifd8a85b0de2eb6f2a76a6458570fc03b020a90ab
Test: the apps in the bug no longer crashes.
Bug: 76461821
Several privileged syscalls are still needed before a zygote-fork hangs
over the execution to the apps.
Test: system starts, different apps run
Bug: 63944145
Bug: 76461821
Change-Id: I78da54dac509eb073bc2aa7b820a1f6b0c39a775
521b41 "Allow system processes to use vfork"
ed74ab "Move some syscalls in commmon whitelist to app"
An implementation bug actually assigns the system seccomp filter to all
processes after zygote forks.
Test: the apps in the bug no longer crashes.
Bug: 76461821
I've deliberately not bothered with the GCC implementation because we'll
have removed GCC from the NDK before anyone gets to use this.
Bug: http://b/72493232
Test: ran tests
Change-Id: Icfc2a3b214739ab53aa41bacacc11b5c67498fb4
As a follow up to Ibba98f5d88be1c306d14e9b9366302ecbef6d534, where we
added a work around to convert the CLOCK_REALTIME timeouts to
CLOCK_MONOTONIC for pthread and semaphore timed wait functions, we're
introducing a set of _monotonic_np versions of each of these functions
that wait on CLOCK_MONOTONIC directly.
The primary motivation here is that while the above work around helps
for 3rd party code, it creates a dilemma when implementing new code
that would use these functions: either one implements code with these
functions knowing there is a race condition possible or one avoids
these functions and reinvent their own waiting/signaling mechanisms.
Neither are satisfactory, so we create a third option to use these
Android specific _monotonic_np functions that completely remove the
race condition while keeping the rest of the interface.
Specifically this adds the below functions:
pthread_mutex_timedlock_monotonic_np()
pthread_cond_timedwait_monotonic_np()
pthread_rwlock_timedrdlock_monotonic_np()
pthread_rwlock_timedwrlock_monotonic_np()
sem_timedwait_monotonic_np()
Note that pthread_cond_timedwait_monotonic_np() previously existed and
was removed since it's possible to initialize a condition variable to
use CLOCK_MONOTONIC. It is added back for a mix of reasons,
1) Symmetry with the rest of the functions we're adding
2) libc++ cannot easily take advantage of the new initializer, but
will be able to use this function in order to wait on
std::steady_clock
3) Frankly, it's a better API to specify the clock in the waiter function
than to specify the clock when the condition variable is
initialized.
Bug: 73951740
Test: new unit tests
Change-Id: I23aa5c204e36a194237d41e064c5c8ccaa4204e3
This effectively enables these features only in TLS mode
Test: Integration tests pass
Bug:69623036
Change-Id: I153a259b0c07717f664ee268b43da867a9b42152
This also tweaks cdefs to make __overloadable usable outside of
FORTIFY. It had to be FORTIFY-only before we had unmarked overload
support in clang+Bionic.
Bug: https://github.com/android-ndk/ndk/issues/402
Test: Internal master builds + `mma`. `mma` in Bionic fails if the
change to ioctl is undone.
Change-Id: Ib386b1786e1dca625e6d5a18682005adc734d9c1
For apps built for Android < P, return EBUSY.
For apps built for Android >= P, abort.
This is to keep old apps work, and help debugging
apps built for >= P.
Bug: http://b/74632097
Test: run bionic-unit-tests.
Test: run bionic-benchmark.
Change-Id: I5271565a1a6ad12678f85d558a7f862a2b7aab4b
System libc talks to out-of-process daemon thus it's better to not
duplicate that functionality in native bridge.
Bug: 67993967
Test: make
Change-Id: Iabc887a94082806d048bc98bf8d3b21c7531d60d
It seems clearer to include FD_SETSIZE in the message. set_size
is sizeof(fd_set) so there's an extra mental hoop to jump if that's
in the error message.
Test: make
Change-Id: I5cdb62465b658ac0eaeccbfb826d135820cf613a
This is for passing additional instructions through stages of the
DNS resolution pipeling.
Test: as follows
- builds, flashes, boots
- system/netd/tests/runtests.sh passes
Bug: 34953048
Bug: 70694619
Bug: 72345192
Change-Id: I5a86cc5192e6cfa09c375ac9f5810102da3aba20
java.lang.ProcessBuilder is internally using vfork in the current
configuration (see UNIXProcess_md.c in libcore).
Test: On an x86 Chromebook, trigger dropbox error event (1. settings
put global logcat_for_system_app_anr 50; 2. kill -19 `pidof
com.android.settings'; touch Settings). Saw seccomp error in
logcat but only without this fix.
Test: fyi, not reproducible on walleye (arm64)
Bug: 74441404
Change-Id: I1f40ae0fe0607c5834ecbe040ed31c4c0e42131d
We've ignored %n for a long time, but that's dangerous too because it
makes it unclear whether the corresponding pointer argument should be
supplied or not.
Remove the ambiguity by just rejecting %n outright.
Bug: http://b/31832608
Test: ran tests
Change-Id: Ic046ad3436a30c6f8f580ea738bdcaeb01c858f8
Kernel expects a 64 bit offset, so if a
user's offset is 32 bit, the wrapper will
drop the sign. To fix, sign extend the
32 bit value before doing the syscall.
Bug: 31225071
Test: pwritev02 32 bit passes
Change-Id: Ie272601662c2c35b0e8d8fc3823c9063c2f73e64
We saw crashes from pthread_exit+debuggerd on LP32
(https://issuetracker.google.com/72291624), and it seems like the
equivalent problem should exist with system(3). I fixed posix_spawn(3)
as part of that bug, so the easiest fix is probably to reuse that.
Bug: http://b/72470344
Test: ran tests
Change-Id: I05f838706f2b4a14ac3ee21292833e6c8579b0d4
No reasonable response is larger than about 4K, and this should reduce the ability of misbehaving DNS servers to waste system resources.
Test: Integration tests pass
Change-Id: I43da94f57f9b376d08a1b176e0aedb6720148833
Otherwise clang inlines it into pthread_sigmask(3), which breaks libsigchain.
Bug: http://b/73344857
Test: ran tests, plus the app this broke
Change-Id: Ie4a1dc8f9c6ba58d1a2fa69aeff961c70b74767d
All code that needs to use the frozen version of ion.h header should
have a copy, so move to the version as parsed from the real headers.
Test: Compiled and boots.
Change-Id: If9feae9c163ca64c4862045e86611fd3cf1fc18e
With the goal of disallowing exit time destructors, SystemProperties's
non-trivial destructor needs to be removed. This means replacing the
union hack with yet another hack as we don't want to allocate anything
despite relying on some polymorphism.
Bug: 73485611
Test: boot bullhead
Change-Id: I64223714c9b26c9724bfb8f3e2b0168e47b56bc8
Having any destructor with a global variable in bionic is causing
some issues. Since we don't actually need to munmap in this case, we
remove the destructor to work around that issue.
A small class is used to still munmap during tests.
Bug: 73485611
Test: bionic unit tests
Change-Id: Ibcd45e9b1ab22d187ecfc2738bb87244250d81ea
If the mmap'ed file doesn't end in a new line, previously we'd leak
the mmap'ed region. This change now munmap's the region.
Test: unit tests
Change-Id: If28d3d9a6b1b9c54123beecb3bbbe8ed984ca81d
Trivial, obvious counterpart to the standard ferror(3) and clearerr(3),
and lets us build bison out of the box.
Bug: http://b/64273806
Test: ran tests
Change-Id: I20affabddb71210051165c41e86adfe5ae04f77f
Added to each ucontext_t for source compatibility between platforms where
sigset_t and sigset64_t differ (arm, x86) and where they're the same
(all the rest).
Bug: http://b/72493232
Test: ran tests
Change-Id: I65a37bfa177933701bbe6c2350448885fd0f9c43
We've been using #pragma once for new internal files, but let's be more bold.
Bug: N/A
Test: builds
Change-Id: I7e2ee2730043bd884f9571cdbd8b524043030c07
Use the malloc debug framework to implement the malloc debug hooks
since it can introduce a performance issue.
Also, modify the bionic/tests/utils.h slightly to dump an error message
when the exe failed.
Bug: 30561479
Test: Ran malloc hook unit tests.
Test: Ran malloc debug unit tests.
Test: Enabled malloc hooks and ran bionic unit tests and verified no
Test: unexpected failures.
Test: Enabled malloc debug and malloc hooks and verified malloc debug wins.
Test: Enabled malloc debug using env, property, and property with name
Test: still works.
Change-Id: Ib50046a0493c5c2050cf831befb812310bdcc249
(cherry picked from commit d6a1dc2379)
Caused problems for some Google source switching to unified headers
because the legacy headers just used #define instead.
Bug: http://b/73210428
Test: builds
Change-Id: If8a36f284031e57af419903610029a8c34a23d91
sigset_t is already large enough on mips so use the same principle
as on LP64 architectures: typedef sigset_t sigset64_t
Also prevent accessing sa_restorer field for architectures which
don't define SA_RESTORER in signal_test.
This allows compilation of signal_test.
Test: bionic-unit-tests in QEMU (MIPS32)
Change-Id: I965e202c9a7f7d109e4ec25ad87172dc7c1b8806
The (lowest) address of the argument area (aka ESP immediately prior to
the call instruction) must be aligned to 0 mod 16. Here, it is aligned to
12 mod 16.
From the SysV ABI doc (2.2.2 The Stack Frame)
"""The end of the input argument area shall be aligned on a 16 (32, if
__m256 is passed on stack) byte boundary. In other words, the value
(%esp + 4) is always a multiple of 16 (32) when control is transferred to
the function entry point."""
Test: extract code into a separate C file and verify stack alignment in a
"start_main" function
Test: use the upcoming NDK r17-beta1 (with new Bionic crtbegin*.o files)
with an M-23 x86 system image, check alignment in main (compiled with
Clang not GCC, compiled w/o -mstackrealign)
Bug: b/73140672
Change-Id: Ia8d93fe5668d0a514a9fd22c40bf8362805111e6
Add the capability to read /etc/passwd and /etc/group for getpw* and
getgr* functions.
Bug: 27999086
Test: pwd, grp, grp_pwd_file unit tests
Test: Read in custom users/groups from /etc/{passwd,group}
Change-Id: Idc1f054af8a7ca34743a90493495f0ccc775a0d8
This is a follow up to I47b0560a30aa33a9b1f1978dfb7f84d2e3d389b8.
This fixes MIPS32 build.
Test: successful build and boot aosp_mips-eng
Change-Id: Ia5b245f5536d8fd037f1798bbdf6215c5f059045
The math on the size calculation was wrong as the type of
__exidx_start/__exidx_end was unsigned rather than a char. Make a
struct that represents each item instead and remove the division.
Test: built artifacts and used them in the NDK
Bug: None
Change-Id: Ic2c0c123a369b9319e8645d806d659290eb2f69c
These three functions are the only reason we need libandroid_support
post-L. Add these so we can remove it entirely for LP64 or users
targeting L+.
Test: make checkbuild
Test: build/soong/scripts/build-ndk-prebuilts.sh
Test: Imported the prebuilts generated from the above to the NDK,
`./checkbuild.py && ./run_tests.py` with a handful of patches
to remove libandroid_support for L+.
Bug: None
Change-Id: I39f8ee686bd76ebdb2fc3745b013d56175ba8ff0
Now that we have a clang that supports transparent overloads, we can
kill all of this cruft, and restore our upstream sources to their
untouched glory. Woohoo!
Bug: 12231437
Test: Built aosp_marlin; no obvious patch-related aosp_mips issues.
Change-Id: I520a19d014f12137f80e43f973dccd6711c571cd
The error handling was a mess, resulting in an infinite loop
(and a test timeout) if you actually took the /dev/urandom
fallback. I'm also unconvinced that the getrandom(2) path was correct
because of the various reasons why we might get a short count back
(http://man7.org/linux/man-pages/man2/getrandom.2.html). In this version,
the two paths look very similar except for the getrandom(2) failure case,
where it's now much clearer that we just give up so that we can boot
(http://b/33059407).
Bug: http://b/33059407
Bug: http://b/67015565
Test: ran tests on hikey and a ICS Galaxy Nexus
Change-Id: Ie715d59b46f7a70bae66943c316168838787b40d
This change does not enable EDNS0, so it should not
result in any behavior change. However, enabling EDNS0
should now be possible with only a small additional change
to "flip the switch".
This change has also landed in NetBSD upstream
(http://gnats.netbsd.org/52578) so this change reduces
divergence from upstream.
Most of the code in this change is for caching of queries that contain
an additional section.
Bug: 15132200
Test: Added integration tests for fallback to the netd suite.
Change-Id: Ic64bed0754e1d529dc0c0ab6a5e2f1ea201ff0d5
Add fast path calling PIMutexTryLock() in pthread_mutex_lock.
Add trace for pi mutex waiting.
Bug: http://b/29177606
Test: run bionic-unit-tests.
Test: run bionic-benchmarks.
Change-Id: I30b6436692d5ea6b63ca9905df745edb843b5528
Our arm and x86 ABIs shipped with a 32-bit `sigset_t`, so we need to
use sigprocmask64 to save/restore the RT signals too. (This is important
because several are in use by the system, and the behavior of our 32-bit
`sigset_t` is to clear the RT signals.)
Bug: http://b/72493232
Test: ran tests
Change-Id: Idff91f8b2849276e5a3073d07eccd84e02a34410
This doesn't address `struct sigaction` and `sigaction`. That will
come later.
Bug: http://b/72493232
Test: ran tests
Change-Id: I4134346757ce3a4dac6feae413361cec16223386
No effect right now, because sigprocmask on LP32 also only touches
the non-RT signals, but this makes it easier to switch to __rt_sigprocmask.
Bug: http://b/72460436
Test: ran tests
Change-Id: I693f0ea36701e9ab5d10e6aefb26387ba45a6064
The main motivation here is that the sigprocmask in pthread_exit wasn't
actually blocking the real-time signals, and debuggerd (amongst other
things) is using them. I wasn't able to write a test that actually won
that race but I did write an equivalent one for posix_spawn.
This also fixes all the uses of sigset_t where the sigset_t isn't
exposed to the outside (which we can't easily fix because it would be
an ABI change).
Bug: https://issuetracker.google.com/72291624
Test: ran tests
Change-Id: Ib6eebebc5a7b0150079f1cb79593247917dcf750
This change modifies the encoding used in SHT_RELR sections to a simpler
version that gives better results. This encoding was suggested by Andrew
Grieve and is described in this post on generic-abi@googlegroups.com:
https://groups.google.com/d/msg/generic-abi/bX460iggiKg/Pi9aSwwABgAJ
Bug: None
Test: Built image for marlin, flashed on device, ran arm and
aarch64 binaries containing '.relr.dyn' sections using
the new encoding.
Change-Id: I266affe0fbad91dc375995985a221cb02499447b
Static variable initialization calls pthread_mutex_lock() and may lead to
deadlock if should_trace() is called in pthread_mutex_lock context.
Here is a stack of blocked init process:
__cxa_guard_acquire ->
should_trace ->
bionic_trace_begin ->
__pthread_mutex_lock_with_timeout ->
__cxa_guard_release ->
should_trace ->
bionic_trace_begin ->
__pthread_mutex_lock_with_timeout ->
mutex::lock ->
LogMessage::~LogMessage
......
So we need to move it out
Test: 1 Compiled and booted.
2 Reboot pressure test for more than 30000 times.
Change-Id: I8d97745161f1aa8942b63338208ea74830768ae1
Signed-off-by: Wei Li <sirius.liwei@huawei.com>
Signed-off-by: Jinguang Dong <dongjinguang@huawei.com>
The history has no motivation for <asm/termbits.h>, and other C libraries
don't seem to include any of the extra types and constants that gains us.
This caused problems building FFMPEG, which defines its own B0.
Bug: https://github.com/android-ndk/ndk/issues/630
Test: builds
Change-Id: If032b9fa7860777c13f7bd8e68fb78ff606dcd94
* Variadic functions usually cannot be inlined.
* Do not use misleading __always_inline attribute,
and also avoid early clang 7.0 compiler bug.
Bug: 72412382
Test: build and boot aosp*-eng in emulator
Change-Id: I7490976166581abc626f397ad408581ada0ed308
__exidx_start and __exidx_end are not actual values to be read, just
symbols placed before and after .ARM.exidx.
The default linker script for ARM static executables includes these
lines:
__exidx_start = .;
.ARM.exidx : { *(.ARM.exidx*) }
__exidx_end = .;
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0474c/BABEHEDA.html
Test: used __gnu_Unwind_Find_exidx in a static executable and showed
non-bogus values
Test: verified that this fixes#593 in the NDK
Bug: https://github.com/android-ndk/ndk/issues/593
Change-Id: Ib35a4b6c82920666ae8a45aa0a2d43e458699b51
These sources are going to be used for the NDK as well, and the NDK
still uses GCC.
This partially reverts commit
4af220cfef. That commit also removed
this symbol from the linker's crtbegin (it has its own). That is
still only built with Clang, so we don't need to revert that part.
Test: treehugger
Bug: None
Change-Id: Iba231baf298e228135bdf48dfed87f9089975eb1
We're going to start using the bionic sources for the NDK CRT
objects, so we need to avoid using symbols that weren't around in
early versions of Android. The NDK is currently building the CRT
objects with GCC as well (there were some segfaults that have yet to
be diagnosed), so move `__used` to the GCC compatible location.
Test: treehugger
Bug: None
Change-Id: I1f5c23eafadc2e3bc0b84bc3305f79a04d35c7d8
Bug: http://b/29177606
Test: run bionic-unit-tests on walleye.
Test: run bionic-unit-tests-glibc on host.
Change-Id: Iac349284aa73515f384e7509445f87434757f59e
This change adds experimental support for SHT_RELR sections, proposed
here: https://groups.google.com/forum/#!topic/generic-abi/bX460iggiKg
Definitions for the new ELF section type and dynamic array tags, as well
as the encoding used in the new section are all under discussion and are
subject to change. Use with caution!
Bug: None
Test: Built image for marlin, flashed on device, ran arm and
aarch64 binaries containing '.relr.dyn' sections.
Change-Id: I2953ae932d3c42ae394e71f8fa058013758a1778
Makes no difference to the benchmarks, but does make the code a bit
more readable.
Bug: http://b/68672236
Test: ran tests, benchmarks
Change-Id: I63fa5f78d077c86e4f4f194f2c76ab5510c29109
There were a bunch more unreasonable/incorrect ones, but these ones
seemed legit. Nothing very interesting, though.
Bug: N/A
Test: ran tests, benchmarks
Change-Id: If66971194d4a7b4bf6d0251bedb88e8cdc88a76f
This is a squash revert of a4a4854 and 1b0f2b4
Revert "Remove a test for backwards compatibility we no longer support."
This reverts commit a4a485454a.
# This is the commit message #2:
Revert "Remove obsolete workaround."
This reverts commit 1b0f2b49d5.
Bug: 72143978
Bug: 24465209
Test: Tested failing case on sailfish, reverted back all CL's since
Test: 3471433 for b/24465209 and apps open
The netd service and system server will use bpf syscalls to get network
stats information when kernel supported. And the syscall from system
server will need seccomp permission to run it.
Test: -m CtsNetTestCases -t android.net.cts.TrafficStatsTest
Bug: 30950746
Change-Id: I01c46f243dca0933a44cbfd3148f9e4748f9bc99
Lock the FreeTrackData mutex during fork and reset it in the child.
Ensures that the FreeTrackData is consistent when forking from a
multi-threaded process, and that the mutex is in a defined state
in the child.
Test: 89hours MTBF test
Change-Id: I5e5892832a733ea85727ec65abc7094d95a725ef
Setting PR_SET_NO_NEW_PRIVS actually breaks SELinux domain transition
(of debuggerd, for example). Do not set the bit when install the filter.
Instead, the caller must either have done it, or have CAP_SYS_ADMIN.
Test: build
Bug: 63944145
Bug: 71859146
Change-Id: I2af334fed61cac03fd0b3b5c8866e2e72b31cf17
This is also slightly faster for the no VDSO case (56ns vs 66ns).
Bug: N/A
Test: ran tests, benchmarks
Change-Id: I2b0edd06ee6942eb57c32678279278a53ca5ee9b
Introduce new flag to mark soinfo as TLS_NODELETE when
there are thread_local dtors associated with dso_handle
belonging to it.
Test: bionic-unit-tests --gtest_filter=dl*
Test: bionic-unit-tests-glibc --gtest_filter=dl*
Bug: https://github.com/android-ndk/ndk/issues/360
Change-Id: I724ef89fc899788f95c47e6372c38b3313f18fed
ld-android.so exports exact same set of symbols
as linker. Since it is not supposed to be loaded
every symbol points to fail() method.
Test: make
Test: bionic-unit-tests --gtest_filter=dl*
Change-Id: I23bec365b302ce4ddf5f08832e665ae2b181cf8a
The libc.map.txt file already defines these three functions as having
been introduced in API 19, but these header files had declared them as
21 and up.
See https://android-review.googlesource.com/c/platform/development/+/233407
imaxabs is already declared as 19 and up.
Test: build-ndk-prebuilts.sh && ./update_platform.py &&
checkbuild.py && run_tests.py
Test: manually build app against 18 and 19
Change-Id: Iaeed48d7e6c438d816635a0433a056e557e8ebc2
Toolbox is moving to Android.bp, and its genrule needs access to these
kernel headers.
Test: mmma system/core/toolbox
Change-Id: I213a36e1f4bb5d4e3e3e105ed7ab01ec945014a2
To pave the way to reducing app's kernel attack surface, this change
split the single filter into one for system and one for apps. Note that
there is current no change between them.
Zygote will apply these filters appropriately to system server and apps.
Keep set_seccomp_filter() for now until the caller has switched to the
new API, which I will do immediately after this before the two filters
diverse.
Also remove get_seccomp_filter() since it doesn't seem to be used
anyway.
Test: diff the generated code, no difference except the variable names
Test: cts -m CtsSecurityTestCases -t android.security.cts.SeccompTest
Bug: 63944145
Change-Id: Id8ba05a87332c92ec697926af77bc5742eb04b23
The examples on malloc options were erroneously
specifying to use 'guards' as an option to enable
both front and rear guards, whereas the correct
option name is 'guard.'
Change-Id: I7118a832b6b308a7c312787f276bb87c1244986e
Make the cost of strto<signed> closer to the cost of strto<unsigned>
by removing an `if` from the inner loop. Previously a signed conversion
cost 10ns more than an unsigned one.
After:
BM_inttypes_strtoimax 81 ns 81 ns 8603362
BM_inttypes_strtoumax 78 ns 78 ns 8967174
BM_stdlib_strtol 81 ns 81 ns 8685537
BM_stdlib_strtoll 81 ns 81 ns 8685481
BM_stdlib_strtoul 78 ns 78 ns 8962569
BM_stdlib_strtoull 78 ns 78 ns 8972023
Bug: N/A
Test: ran tests, benchmarks
Change-Id: I72dd5499427b6a940bd94c4d6f727f7efe134d7e
There are no meaningful changes here, just a minimal conversion to two
C++ templates to make further changes easier.
Bug: N/A
Test: ran tests, benchmarks
Change-Id: I958fbf17a85f19dd8f17bfb4bbb9314d220daa3b
Reinitializing system properties can result in crashes later in the
program, and is generally not recommended or even supported. This
change moves the actual logic for system properties into a class that
can be tested in isolation, without reinitializing the actual system
property area used in libc.
Bug: 62197783
Test: boot devices, ensure properties work
Test: system property unit tests and benchmarks
Change-Id: I9ae6e1b56c62f51a4d3fdb5b62b8926cef545649
This adds a new mechanism to say "replace struct S with #include <bits/S.h>".
Also switch epoll_event over to the new mechanism.
Also use the kernel's struct sockaddr_storage directly rather than behind
an unnecessary #define.
This patch also removes some dead code in the header scrubber. This code
still needs rewriting completely. I learned that a "block" isn't necessarily
a single struct definition, say; it might be a run of them. It seems like
a block is a run of preprocessor directives or a run of regular code.
Bug: https://issuetracker.google.com/36987220
Test: new test
Change-Id: Ic6a5c09559766a4babe3cd4c3ea538b885e07308
...and fix the bugs.
Also explain why we can't support separate input and output speeds
without an ABI change. Luckily no-one is likely to need that anyway,
and they can always work around it by using `struct termios2` directly
themselves.
Bug: http://b/69816452
Test: ran tests
Change-Id: Ie08499a198bb6a20d7e5e2f5ff74a60bd53e97e1
And fix one thing that this found: apparently <stdlib.h> should also
make the various *WAIT* macros available.
Bug: N/A
Test: builds
Change-Id: Id879bf3c1bddd1170261a809e7280150a74d6b3d
This needs more work before it can be enabled.
Bug: 36001741
Test: boot, check that we're using old style properties
Change-Id: I7032f4b4224758b187cf4e8a53fd8845466a5d4a
Merge CT_CCL and CT_STRING handling before we add %m.
Also fix an accidental scanf/wscanf difference.
Add currently-disabled tests for questionable behavior noticed during
code review that isn't a regression, but should be fixed later.
Bug: http://b/68672236
Bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202240
Test: ran tests
Change-Id: I3eec9b7dfce84f63c68426406224822c52551d64
This adds support for reading a serialized
/dev/__properties__/property_info file, which contains a
serialized trie that maps property names to the SELinux context to
which they belong.
Performance wise on walleye, this change reduces the start up cost in
libc from ~3000us to ~430us. On a benchmark that calls
__system_property_find() for each property set on the system, it
reduces the time per iteration from ~650us to ~292us.
Bug: 36001741
Test: Boot bullhead, walleye, run unit tests
Test: Benchmark initialization and lookup performance
Change-Id: I0887a3a7da88eb51b6d1bd494fa5bce593423599
Strictly, POSIX says "If a '-' is in the scanlist and is not the first
wide character, nor the second where the first wide character is a '^',
nor the last wide character, the behavior is implementation-defined",
but it seems unreasonable for swscanf to interpret `a-c` differently
from sscanf. Make ours behave the same as each other by making swscanf
work the same as sscanf.
Bug: http://b/68672236
Test: ran tests
Change-Id: Ia84805897628d7128e901b468e02504373730e61
Use .balign because what the argument means doesn't vary between
architectures.
Bug: http://b/70166421
Test: builds
Change-Id: I1d54f2f6942dd2893f3fda30bac08d07ea9cd346
change is need to be able to share services on the odm partition
Change-Id: I28cc37a9f049d0776fbcb7f92b05652385348b3e
Test: services can launch from odm partition.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sonymobile.com>
Previously, the functionality for mapping properties to contexts were
broken into a set of classes, each statically defined in
system_properties.cpp to prevent using new/malloc. This is a mistake
however, since system property initialization happens before static
initialization, so it is possible for the Constructors of these
classes to clobber the initialized data.
This change fixes that by placing them in a Union and having that
Union have a no-op constructor. The individual classes will be
initialized via placement new before they are used as is typically
done with classes in a union.
Test: boot bullhead
Change-Id: Ideb9d6ad8b6fc768811d8615d005cd4b8d134bce
Add a new stress test, and fix the code to pass it. We need to ensure that
we reset signal handlers for caught signals before unblocking signals in
the child, we need to ensure that this happens even if you haven't passed
a pthread_spawn_attr_t, and we need to ensure that this happens if you
pass in an empty sigdefault set.
Bug: http://b/68707996
Test: ran tests
Change-Id: I348e9b17b1bdf221591da42c0ada133d98471d66
We're still seeing lots of confusion. People do seem to look as far as
the headers, but stop there. So let's try a bit harder to point them in
the right direction.
Also explicitly state that removing _FILE_OFFSET_BITS=64 is the
behavior-preserving fix for compilation problems when upgrading to NDK
r15 or later.
Bug: N/A
Test: N/A
Change-Id: I2d5c65b2fb5cccb9977901e51fea1ad2ccc0fd95
Strictly not needed in the WNOHANG case, but it's probably best to have
every waitpid wrapped for future copy & pasters.
Bug: https://issuetracker.google.com/69525592
Test: ran tests
Change-Id: I013b0a52d2753e3d32638e9b84c79af7327fb405
When a vdso call falls back to making a regular system call, the inline
code for the system call doesn't know about errno and just leaves the
usual kernel result to be translated. Add the missing translation.
Also fix the defaults for non-vdso systems so we actually take the
fallback path (and so avoid unintentionally doing the errno translation
twice in those cases).
Bug: http://b/69626243
Test: ran new tests from http://b/63737556
Change-Id: If379632ea2e059e3d3bc3ff41bf3608dc05fb0a3
Remove the hiding of the kernel structure binder_fd_array_object. This
structure now matches the structure used in the binder code.
Load the libclang_android.so shared library directly for parsing.
This file changed name in a recent update to the prebuilts.
Test: Compiles arm/arm64/x86/x86_64.
Test: Boots on hikey and boots on a sailfish.
Test: Ran bionic unit tests on hikey and sailfish.
Change-Id: I141a4b93ac3511cd58f4d12bb3c0d4efaa4c2742
Currently, getpwnam, getpwent, etc return successfully for any uid
from AID_APP_START (10000) to AID_USER_OFFSET (100000) for each user.
This is not correct however, as only specific ranges above
AID_APP_START are reserved as valid ranges. This change corrects this.
This is particularly important as the newly added AID_OVERFLOWUID is
65534, which is above AID_APP_START but not in any reserved range,
collided with the faulty returned values.
Bug: 69119022
Bug: 69128408
Test: pwd/grp bionic unit tests
Change-Id: I3dae97a90597915fa30a88fe27cda88b107e9c35
I don't think there's any observable difference, but this is certainly
simpler.
Bug: http://b/68707996
Test: ran tests
Change-Id: Id9e1a7d40533c90d073ebf391a72bbdfe79627de
pa_size should be static to prop_area, so make it so.
__system_property_area__ was reused for various purposes, but
realistically is a deprecated symbol and this finally separates us
from it.
Bug: 36001741
Test: boot bullhead, system property unit tests
Change-Id: I39663cc3b613093fa4c728b21d8ba58754f8e105
system_properties.cpp is a little bit unmanageable in its current
form, and is overdue for a refactoring into more clearly defined
components.
Of particular interest, is creating of a Contexts interface that
handles mapping of system property name -> SEContext and its
associated prop_area, and creating two classes that implement the
current and legacy functionality. This is needed as there will likely
be a third even newer way to do this mapping.
Bug: 36001741
Test: boot bullhead, system property unit tests
Change-Id: Ie75ec6fea1a95f90813918f54669d533e51327c6
Just trivial use of macros.
The %s/%ls case in __find_arguments was backwards in the wide copy of
the code, but not problematically so because all pointers are the same
size anyway.
Bug: http://b/67371539
Test: ran tests
Change-Id: I8d34915d75ae5425c56c59510a16c328fc481d20
extern "C" and "C++" are parsed as a LinkageSpecDecl with the real Decl
as a child node. This leads to the preprocessor sticking its guard
between the extern specifier and the declaration.
Update the AST visitor to add a special-case for calculating the
SourceRange on a LinkageSpecDecl, and add a test.
Bug: https://github.com/android-ndk/ndk/issues/440
Test: python run_tests.py
Change-Id: I76445fe366cef46cfd2f16fb93d534d410c5edca
ARM stopped supporting enabling of FP exceptions years ago.
Bug: http://b/68832485
Test: ran tests
Change-Id: I8450baa78e04d994c352180975b0a1ecd5a9f662
