Commit graph

33971 commits

Author SHA1 Message Date
Bram Bonné
ac5e61fe00 Merge "Revert "Soft-enable MAC address restrictions with allowlist."" 2020-12-14 14:40:47 +00:00
Bram Bonné
9e97280414 Revert "Soft-enable MAC address restrictions with allowlist."
Revert "Updates CTS tests for MAC address restrictions."

Revert submission 1518603-soft-restrict-mac

Reason for revert: Missing type check
Reverted Changes:
I0488932de:Soft-enable MAC address restrictions with allowlis...
Idb9d940e4:Updates CTS tests for MAC address restrictions.
I9461f287e:Return anonymized MAC for apps targeting SDK < 30

Change-Id: I7e8e593518088ff5c8f6083b34e6966852475b9b
2020-12-14 14:14:23 +01:00
Treehugger Robot
7dcea5e8e2 Merge "Remove unused 'err' assignment" 2020-12-11 19:33:09 +00:00
Tom Cherry
8956439709 Merge "Add tests for FNM_LEADING_DIR" 2020-12-11 15:01:07 +00:00
Greg Kaiser
5c8d48ae78 Remove unused 'err' assignment
This was a little confusing because a quick glance suggested that
'err' was getting the value of getsockopt(), when actually it was
getting the result of the '<' operation.  Since 'err' wasn't
being used, we clarify by just removing it altogether.

Test: TreeHugger
Change-Id: I1ff80812b460973e9d512a558623e0c44c2ecf09
2020-12-11 06:54:54 -08:00
Bram Bonné
0ed9f70122 Merge "Soft-enable MAC address restrictions with allowlist." 2020-12-11 11:01:40 +00:00
Yi Kong
a8eff56a8c Merge "linker: Enable PGO" 2020-12-11 06:41:20 +00:00
Tom Cherry
aa4fd1891d Add tests for FNM_LEADING_DIR
Test: these tests
Change-Id: Id884fd08bbee06764330cf54f203603fa2643316
2020-12-10 08:07:28 -08:00
Bram Bonné
0ba499896a Soft-enable MAC address restrictions with allowlist.
Soft-limits apps from calling bind() on NETLINK_ROUTE sockets, and
getting link info through getifaddrs(), while still allowing apps on the
allowlist to temporarily perform these actions.

This is different from existing behavior, where apps targeting an API
level < 30 were exempted from this restriction.

Actual enforcement will happen through SELinux (as is currently the
case for apps targeting API >= 30). This temporary change will then be
reverted.

If you arrived at this change due to an app showing unexpected behavior,
please file a bug at go/netlink-bug.

Bug: 170188668
Bug: 170214442
Test: Call bind() on NETLINK_ROUTE for an app on the allowlist.
Test: Call bind() on NETLINK_ROUTE for an app not on the allowlist.
Test: Call getifaddrs() for an app on the allowlist.
Test: Call getifaddrs() for an app not on the allowlist.
Change-Id: I0488932deea2a7211e55a24bc33bfa3cfb16fba2
2020-12-10 11:55:45 +01:00
Xin Li
a362cb8adf Merge "DO NOT MERGE - Merge Android R QPR1" 2020-12-10 02:18:29 +00:00
Xin Li
c93f359db2 DO NOT MERGE - Merge Android R QPR1
Bug: 172690556
Merged-In: I82b606f10035eae94aeb06f41070068ec1ec0ca3
Change-Id: Ibe54a05302d18a7ed00b7d823daa708a6abdd3f8
2020-12-09 17:44:01 -08:00
Peter Collingbourne
713c692f78 Merge changes from topics "Ic7ea0f075751f8f077612617802775d2d0a799dc", "Iec02ae89f4a3d2ffe298817240f404e54b109a52" am: 1f2e000c80
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1520659

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I82b606f10035eae94aeb06f41070068ec1ec0ca3
2020-12-09 20:22:58 +00:00
Peter Collingbourne
1f2e000c80 Merge changes from topics "Ic7ea0f075751f8f077612617802775d2d0a799dc", "Iec02ae89f4a3d2ffe298817240f404e54b109a52"
* changes:
  Add a bionic-benchmarks-static target.
  Make our definition of std::nothrow weak.
2020-12-09 19:21:56 +00:00
Yi Kong
6f6daaae9d linker: Enable PGO
linker-reloc-bench shows 1.2% improvement on flame.

                        PGO         No PGO
BM_linker_relocation/
real_time_mean          52215 us    52916 us

Test: linker-reloc-bench --benchmark_repetitions=25
Bug: 175205560
Change-Id: I6abbbd51912f86fcf8112c024d1cf2519056bea7
2020-12-09 19:03:53 +00:00
Elliott Hughes
8b9c51af06 Merge "Simplify and improve tempnam() and tmpnam()." am: 12afdf0fa7
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1518224

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ie3703a300f3378804a30616a7238ecc1cdc20502
2020-12-09 18:41:30 +00:00
Elliott Hughes
12afdf0fa7 Merge "Simplify and improve tempnam() and tmpnam()." 2020-12-09 18:05:43 +00:00
Elliott Hughes
439ebbd349 Simplify and improve tempnam() and tmpnam().
They're both obsolescent in POSIX.1-2008, and you really shouldn't be
using them, but since we can't actually delete them...

This change makes them both obey $TMPDIR if set, and fall back to
/data/local/tmp otherwise. That's as good as we've managed for anything
else such as tmpfile(3).

Also add some tests.

Bug: http://b/174682340
Test: treehugger
Change-Id: Ieef99dcc2062f84b2b7cbae046787fdfe975e772
2020-12-08 22:26:06 -08:00
Peter Collingbourne
2cefcb1b9c Add a bionic-benchmarks-static target.
This makes it easy to benchmark changes to bionic without needing
to reflash the device or mess with LD_LIBRARY_PATH.

Change-Id: Ic7ea0f075751f8f077612617802775d2d0a799dc
2020-12-08 14:47:58 -08:00
Peter Collingbourne
9397bdd13f Make our definition of std::nothrow weak.
We can sometimes fail to link a static executable because of
duplicate definitions of std::nothrow in bionic/libc/bionic/new.cpp
and external/libcxx/src/new.cpp. Fix it by making our definition
weak since it doesn't matter which one ends up being chosen.

Change-Id: Iec02ae89f4a3d2ffe298817240f404e54b109a52
2020-12-08 14:40:30 -08:00
Treehugger Robot
19d5e3d2e7 Merge "Add trivial tests for fnmatch(3)." am: a80b3079a3
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1507619

Change-Id: I668a023baaecd58ba01793bb6ce9f1d5aa020490
2020-12-07 14:04:28 +00:00
Treehugger Robot
a80b3079a3 Merge "Add trivial tests for fnmatch(3)." 2020-12-07 13:46:21 +00:00
Christopher Ferris
7d513540f4 Merge "Clean up header files from kernel directory." am: d911c669ae
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1517518

Change-Id: If261b2da448c79bd4efa14e8117e919ab94a5d59
2020-12-04 21:23:18 +00:00
Christopher Ferris
d911c669ae Merge "Clean up header files from kernel directory." 2020-12-04 20:48:35 +00:00
Christopher Ferris
ccf17f0ec7 Clean up header files from kernel directory.
Add a make distclean for each supported arch before generating headers
and at the end so these files are not left hanging around in the
kernel directory.

Bug: 174795055

Test: Verified all generated files are deleted after running.
Test: Verified this generates the exact same files as before this change.
Change-Id: I0f66f580af2ea50c190eb532032017e782d7cae6
2020-12-03 18:18:52 -08:00
Kiyoung Kim
af563b8c61 Merge "Move linkerconfig to Runtime APEX" am: d7a9e2514b
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1513649

Change-Id: Idec296ee37150e826da72cdac666eca17ab3cd39
2020-12-04 01:37:23 +00:00
Kiyoung Kim
d7a9e2514b Merge "Move linkerconfig to Runtime APEX" 2020-12-04 01:00:17 +00:00
Xin Li
522094471e Merge "Merge rvc-qpr-dev-plus-aosp-without-vendor@6881855" into stage-aosp-master 2020-12-03 03:19:01 +00:00
Elliott Hughes
6675ad3227 Add trivial tests for fnmatch(3).
These cover the parts of fnmatch() that I think I understand. Missing
FNM_LEADING_DIR because I still haven't understood that yet. All the
descriptions of its behavior that I've seen are slightly (or very)
inconsistent, and it seems like the implementations are genuinely
different too.

Test: treehugger
Change-Id: I1284c406639bef1bfe74db3cad45965c8ab29c2b
2020-12-02 14:36:13 -08:00
Mitch Phillips
3e4c0878a2 Merge "[Tagged Pointers] Allow probing the current TP level w/ locking." am: 925431a072
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1512032

Change-Id: I8990b46a054eccd3949d12f973fe0bca6eede4db
2020-12-01 19:51:49 +00:00
Mitch Phillips
925431a072 Merge "[Tagged Pointers] Allow probing the current TP level w/ locking." 2020-12-01 19:05:35 +00:00
Elliott Hughes
c1efa83115 Merge "Revert^3 "Soft-enables new MAC address restrictions."" am: 4984bda13e
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1513918

Change-Id: Iff4ead9309cee1d7b71981a4a0ebe577255d7e9a
2020-12-01 18:51:04 +00:00
Elliott Hughes
4984bda13e Merge "Revert^3 "Soft-enables new MAC address restrictions."" 2020-12-01 18:30:28 +00:00
Bram Bonné
d994cd7349 Revert^3 "Soft-enables new MAC address restrictions."
53211a98dc

Revert submission 1498525-revert-1499099-revert-1450615-mac-address-restrictions-MNRMVNXRJM-OSETMCLBXY

Reason for revert: b/173384499#comment21
Reverted Changes:
I320d3bcf8:Revert^2 "Enforce RTM_GETLINK restrictions on all ...
I51c83733c:Revert^2 "Return anonymized MAC for apps targeting...
I0e8280c74:Revert "Revert "Updates tests for untrusted app MA...
Ia9f61819f:Revert^2 "Soft-enables new MAC address restriction...

Change-Id: I03a78644105f561a3b704deaf7333be683ecb9f7
2020-12-01 10:04:02 +00:00
Kiyoung Kim
d1d534464d Move linkerconfig to Runtime APEX
Move linkerconfig to Runtime APEX for better updatability. linkerconfig
shared ld.config.txt format with linker, so it is better that linker and
linkerconfig to be updated together. This change moves linkerconfig into
Runtime APEX.

Bug: 165769179
Test: Cuttlefish boot succeeded
Change-Id: I81e2a547804ab9f796c00af382ae43e35c8459ef
2020-12-01 14:59:05 +09:00
Mitch Phillips
2210b8d542 [Tagged Pointers] Allow probing the current TP level w/ locking.
aosp/1484976 introduced a breaking change where
DisableMemoryMitigations() now indiscriminately turns tagged pointers
off. When android_mallopt(M_DISABLE_MEMORY_MITIGATIONS) is called, the
correct behaviour is:
 - In SYNC/ASYNC MTE mode -> disable all tagged pointers.
 - If all tagged pointers are already disabled -> nop.
 - If we're in TBI mode -> nop (keep the TBI mode as-is).

In order to do that we have to allow probing of the current heap tagging
mode. In order to prevent TOCTOU between GetHeapTaggingLevel() and
SetHeapTaggingLevel(), we expose a global mutex that should be held when
calling these functions.

Bug: 174263432
Test: atest CtsTaggingHostTestCases on Flame
Change-Id: Ia96f7269d542c9041270458806aee36766d2fbbb
2020-11-30 10:49:03 -08:00
Xin Li
218b4e5a0b Merge rvc-qpr-dev-plus-aosp-without-vendor@6881855
Bug: 172690556
Merged-In: I25ee3022fb26e744eae9e3f14595ce52e76b337e
Change-Id: I7359621eca1148d6c3f3287fcaecdab8c03fa7f6
2020-11-28 19:22:49 -08:00
Bram Bonné
403562cbe4 Merge "Revert^2 "Soft-enables new MAC address restrictions."" am: 1e32ae2da2
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1499362

Change-Id: If1ac8e2603685858e297cc1de9048e98bb2aac43
2020-11-25 10:20:58 +00:00
Bram Bonné
1e32ae2da2 Merge "Revert^2 "Soft-enables new MAC address restrictions."" 2020-11-25 09:59:25 +00:00
Treehugger Robot
d0ef99a94a Merge "[GWP-ASan] Remove include." am: 50a7621b3f
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1506876

Change-Id: Ic00ff84ba9f80ced052378b64fdfb9e300f1c77c
2020-11-20 04:50:15 +00:00
Treehugger Robot
50a7621b3f Merge "[GWP-ASan] Remove include." 2020-11-20 04:19:54 +00:00
Mitch Phillips
742a003db6 [GWP-ASan] Remove include.
Unnecessary include, and the file was deleted with upstream changes.

Bug: N/A
Test: cd external/gwp_asan && atest
Change-Id: Id8facff0c5e382aa639ce158b7b5862ce157aa25
2020-11-19 16:01:14 -08:00
Peter Collingbourne
47fc123b00 Merge "Change the android_mallopt(M_SET_HEAP_TAGGING_LEVEL) API." am: 097846e25b
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1484976

Change-Id: Ib4f69f7730efa4ad2eea56cc529c513fce6220fc
2020-11-18 21:39:12 +00:00
Peter Collingbourne
097846e25b Merge "Change the android_mallopt(M_SET_HEAP_TAGGING_LEVEL) API." 2020-11-18 20:57:36 +00:00
Peter Collingbourne
9eb85bf70c Change the android_mallopt(M_SET_HEAP_TAGGING_LEVEL) API.
- Make it apply to every thread, and thus remove the restriction
  that it must be called while the program is single threaded.
- Make it change TCF0 itself (on all threads), instead of requiring
  callers to do it themselves, which can be error prone.

And update all of the call sites.

Change the implementation of
android_mallopt(M_DISABLE_MEMORY_MITIGATIONS) to call
android_mallopt(M_SET_HEAP_TAGGING_LEVEL) internally. This avoids
crashes during startup that were observed when the two mallopts
updated TCF0 unaware of each other.

I wouldn't expect there to be any out-of-tree callers at this point,
but it's worth noting that the new interface is backwards compatible
with the old one because it strictly expands the set of situations in
which the API can be used (i.e. situations where there are multiple
threads running or where TCF0 hadn't been updated beforehand).

Bug: 135772972
Change-Id: I7746707898ff31ef2e0af01c4f55ba90b72bef51
2020-11-18 10:24:29 -08:00
Bram Bonné
53211a98dc Revert^2 "Soft-enables new MAC address restrictions."
259776d8ff

The original change was reverted due to InterfaceParamsTest failing.
This test has now been fixed in r.android.com/1498525.
The original change message is below.

Updates getifaddrs() to behave as if RTM_GETLINK requests are not
allowed for non-system apps. This is different from previous behavior,
where apps targeting an API level < 30 were exempted from this
restriction.

Actual enforcement happens in SELinux. This change:
- Soft-enables the behavior until SELinux changes are in place
- Prevents logspam from SELinux denials after they are in place

Bug: 170188668
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: Call getifaddrs() directly from within an app.
Test: Call NetworkInterface#getNetworkInterfaces() from within an app.

Change-Id: Ia9f61819f8fdf878c0e67e57de7e893fb3b1c233
2020-11-16 12:53:49 +00:00
Tej Singh
120de14891 Merge "Revert "Soft-enables new MAC address restrictions."" am: 92b8588f17
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1499099

Change-Id: I3256c2be2bb74ff8cf56eabf557dba1eeca6758d
2020-11-14 02:09:14 +00:00
Tej Singh
92b8588f17 Merge "Revert "Soft-enables new MAC address restrictions."" 2020-11-14 01:59:33 +00:00
Tej Singh
259776d8ff Revert "Soft-enables new MAC address restrictions."
Revert "Enforce RTM_GETLINK restrictions on all 3p apps"

Revert "Updates tests for untrusted app MAC address restrictions"

Revert submission 1450615-mac-address-restrictions

Reason for revert: DroidMonitor: Potential culprit for Bug 173243616 - verifying through Forrest before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted

Reverted Changes:
I08c709b2b:Enforce RTM_GETLINK restrictions on all 3p apps
I95d124ae8:Soft-enables new MAC address restrictions.
I5392f8339:Updates tests for untrusted app MAC address restri...
I9d214c5d0:Return anonymized MAC for apps targeting SDK < 30

Change-Id: If09920b24370077d647d60cfda7fc0a110b77851
2020-11-13 22:27:15 +00:00
Bram Bonné
342177a8ea Merge "Soft-enables new MAC address restrictions." am: 7433096f06
Original change: https://android-review.googlesource.com/c/platform/bionic/+/1450615

Change-Id: If1d487293d3f2c61be0496271339cb07fbea792d
2020-11-12 17:34:50 +00:00
Bram Bonné
7433096f06 Merge "Soft-enables new MAC address restrictions." 2020-11-12 17:07:11 +00:00