The previous implementation wasn't wrong (it returned the "maximum
maximum"), but we can return the actual runtime value from the kernel.
Noticed while looking at initgroups().
Test: treehugger
Change-Id: I891fe4ff29bd82ee05d9e05ed8299d32c21abd7f
This reverts commit 79c9694c91.
Reason for revert: DroidMonitor: Potential culprit for Bug b/324348078 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.
Change-Id: I32f7bc824900e18a7d53b025ffe3aaef0ee71802
Factor out generic __get_elf_note() logic and rename __get_elf_note() to
__find_elf_note(). Expose __get_elf_note() in libc/private/bionic_note.h
This will be used in the subsequent patch to test the presence of
NT_ANDROID_TYPE_PAD_SEGMENT note when loading segments.
Test: atest -c linker-unit-tests [Later patch]
Test: m && launch_cvd
Bug: 316403210
Change-Id: Ia7cb2f40b10cfaef402182a675087c8422b37e4d
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
BYPASS_INCLUSIVE_LANGUAGE_REASON="man" refers to manual not person
Bug: 318749472
Test: atest pthread on MTE enabled device
Test: atest memtag_stack_dlopen_test on MTE enabled device
Test: manual with NDK r26b built app with fsanitize=memtag-stack
Change-Id: Iac191c31b87ccbdc6a52c63ddd22e7b440354202
In particular: 32-bit x86 doesn't need sa_restorer either.
I still don't fully understand why arm32 and x86-64 do, so I've left the
comments in those .S files alone. I haven't (knowingly) tested
compiler-rt since we switched from libgcc (which is what the comments
refer to), but I have tested libunwindstack since we switched from
libunwind, and that does fail existing bionic tests for unwinds through
signal frames --- I just don't know why, or whether there's a better fix.
Anyway, local testing suggests that the 32-bit x86 code is vestigial, so
let's get rid of it.
Test: treehugger
Change-Id: I3e2616f736d27a8463814356e5adb52fd76a90cc
std::atomic<T>'s default constructor is no longer trivial, because it
now does value-initialization. As a result, the class is no longer
trivial, so libc_globals is no longer trivial, so it is no longer POD.
(FWIW, the "POD" notion has been deprecated in favor of "trivial" and
"standard layout" concepts: POD == trivial + stdlayout.)
See https://cplusplus.github.io/LWG/issue2334 and wg21.link/p0883r2.
Mark __libc_globals as constinit, because that seems closer to
something we actually care about, AFAICT.
Bug: http://b/175635923
Test: m libc_malloc_debug
Change-Id: I338589bce03d06f20752bca342eeb86a42fc1ee7
The main change here is to remember that we arm64/x86-64 have flags, and
__builtin_<op>_overflow() lets us look at them. There's a clear saving
for arm64, and x86-64 is better too, though interestingly there the
unsigned case doesn't work out as well as the signed case because both
unsigned __builtin_mul_overflow and unsigned __builtin_add_overflow are
less efficient than the signed multiply and subtract on that
architecture, but the new code still beats the old code even so.
There's a very tiny microoptimization of the hex path that takes
advantage of the fact that conversion to lowercase is a single
instruction on all our architectures when we already know we're dealing
with a letter.
This also merges the signed and unsigned variants of the code. Not
entirely successfully, but the vast majority of the code benefits.
Before (arm64):
```
----------------------------------------------------------------
Benchmark Time CPU Iterations
----------------------------------------------------------------
BM_inttypes_strtoimax 44.6 ns 44.3 ns 15807654
BM_inttypes_strtoumax 43.1 ns 42.8 ns 16348848
BM_stdlib_strtol 44.6 ns 44.3 ns 15805384
BM_stdlib_strtol_hex 85.5 ns 85.0 ns 8235487
BM_stdlib_strtoll 44.5 ns 44.2 ns 15833137
BM_stdlib_strtoul 43.1 ns 42.8 ns 16353963
BM_stdlib_strtoul_hex 83.1 ns 82.6 ns 8477732
BM_stdlib_strtoull 43.1 ns 42.8 ns 16353015
```
After (arm64):
```
----------------------------------------------------------------
Benchmark Time CPU Iterations
----------------------------------------------------------------
BM_inttypes_strtoimax 37.9 ns 37.6 ns 17657577
BM_inttypes_strtoumax 35.9 ns 35.7 ns 19597727
BM_stdlib_strtol 36.9 ns 36.7 ns 19093037
BM_stdlib_strtol_hex 70.7 ns 70.3 ns 9961626
BM_stdlib_strtoll 36.9 ns 36.7 ns 19093032
BM_stdlib_strtoul 35.9 ns 35.7 ns 19617784
BM_stdlib_strtoul_hex 67.7 ns 67.3 ns 10113521
BM_stdlib_strtoull 35.9 ns 35.7 ns 19621828
```
Test: treehugger
Change-Id: Ibf53b29e34d63ac31520c6d27ef80ff281899d61
Actually reusing the hash table stuff from the linker would be a lot of
work (and the benefit unclear for so few symbols), but we can at least
break out of loops as soon as we have what we need.
Test: treehugger
Change-Id: I9cbe4636a3e3163bd302c3676eb674a4278dbf2e
I don't think we need this, and we're not doing it for the equivalent
code in riscv64. So either we do need it, and this will help us find out
quicker and make the corresponding riscv64 change, or we don't need it,
and this is a free cleanup.
Test: treehugger
Change-Id: Ie97492ea8bb4d1bc69f926980d9d4db798884285
This way, callees don't need to worry about whether or not their
reference to __riscv_hwprobe() has been resolved before their ifunc
resolver is called.
This matches the current glibc proposal from rivos.
Test: treehugger
Change-Id: I0d5244aa837d0d1f0e6bd7d22091dfedb8a55bdb
This is a no-op but will be used in upcoming scudo changes that allow to
change the depot size at process startup time, and as such we will no
longer be able to call __scudo_get_stack_depot_size in debuggerd.
We already did the equivalent change for the ring buffer size in
https://r.android.com/q/topic:%22scudo_ring_buffer_size%22
Bug: 309446692
Change-Id: Icdcf4cd0a3a486d1ea07a8c616cae776730e1047
This patch adds the necessary bionic code for the linker to protect
global data using MTE.
The implementation is described in the MemtagABI addendum to the
AArch64 ELF ABI:
https://github.com/ARM-software/abi-aa/blob/main/memtagabielf64/memtagabielf64.rst
In summary, this patch includes:
1. When MTE globals is requested, the linker maps writable SHF_ALLOC
sections as anonymous pages with PROT_MTE (copying the file contents
into the anonymous mapping), rather than using a file-backed private
mapping. This is required as file-based mappings are not necessarily
backed by the kernel with tag-capable memory. For sections already
mapped by the kernel when the linker is invoked via. PT_INTERP, we
unmap the contents, remap a PROT_MTE+anonymous mapping in its place,
and re-load the file contents from disk.
2. When MTE globals is requested, the linker tags areas of global memory
(as defined in SHT_AARCH64_MEMTAG_GLOBALS_DYNAMIC) with random tags,
but ensuring that adjacent globals are never tagged using the same
memory tag (to provide detemrinistic overflow detection).
3. Changes to RELATIVE, ABS64, and GLOB_DAT relocations to load and
store tags in the right places. This ensures that the address tags are
materialized into the GOT entries as well. These changes are a
functional no-op to existing binaries and/or non-MTE capable hardware.
Bug: N/A
Test: atest bionic-unit-tests CtsBionicTestCases --test-filter=*Memtag*
Change-Id: Id7b1a925339b14949d5a8f607dd86928624bda0e
