Commit graph

21084 commits

Author SHA1 Message Date
Treehugger Robot
afb59c3e42 Merge "Enable FORTIFY unit tests for clang" 2017-04-06 22:30:21 +00:00
Treehugger Robot
2d389ffee9 Merge "Add support for disabling the greylist." 2017-04-06 20:29:42 +00:00
George Burgess IV
5f8a673a7f Enable FORTIFY unit tests for clang
And add a thing to remind us to enable the malloc FORTIFY test when we
pull a new clang in.

Bug: 34747525
Test: vts -m BionicUnitTests on bullhead
Change-Id: If341a27756d608a0fa77ba6518e9bcc725f7632c
2017-04-06 11:27:41 -07:00
Elliott Hughes
9e27e58faa Add support for disabling the greylist.
Useful for testing whether apps have actually stopped using greylisted
libraries even if they still have references to them in their apk to support
old Android releases but also haven't bumped their targetSdkVersion yet.

Since we already have two expensive __system_property_get calls and this
would add a third, optimize two (but leave the third since it's not
obviously amenable to optimization). None of this matters for user builds,
but I don't want userdebug/eng to have distractingly different performance.

(cherrypick of 7933bec2872aa1c3430149c7649726333c0ac9d8.)

Bug: http://b/36106661
Test: ran "can you escape 5" with and without this property
Change-Id: Id9a804695c1dca9b4be2ebd0e72f01817bb13cba
2017-04-06 10:59:24 -07:00
Hans Boehm
e06c69d073 Merge "Fix compare_exchange_weak tests to allow spurious failure" 2017-04-06 01:02:28 +00:00
Treehugger Robot
278d31d36e Merge "libc: add const-correct string.h overloads" 2017-04-05 23:57:13 +00:00
Hans Boehm
590a410d29 Fix compare_exchange_weak tests to allow spurious failure
Test: Ran bionic unit tests on angler.

Bug: 36869788
Change-Id: Ic1e0e4e409ac719d5b426391a771b4858a6149ee
2017-04-05 16:12:09 -07:00
Treehugger Robot
1261f29631 Merge "libc: remove newlines in prototypes in string.h" 2017-04-05 22:29:01 +00:00
George Burgess IV
19710f761b libc: remove newlines in prototypes in string.h
This gives more useful diagnostics if clang needs to mention these
functions (or a parameter of them).

Bug: 36984245
Test: m on bullhead completes successfully.
Change-Id: I17c2b624d08bc9dd3f08185b30029ed0c49ebb08
2017-04-05 13:30:52 -07:00
George Burgess IV
bd3d2088d9 libc: add const-correct string.h overloads
libcxx provides const-correct overloads for a few string.h functions.
These overloads use clang's enable_if attribute, so they're preferred
over our FORTIFY'ed equivalents.

This weakens _FORTIFY_SOURCE=2 when used with some of these functions,
since clang needs to see __pass_object_size in order to pass an accurate
result for __builtin_object_size(s, 1) at a callsite. Since those
functions don't have __pass_object_size on their params, clang can't do
that. This makes LLVM lower the __builtin_object_size calls, which means
we get the same result as __builtin_object_size(s, 0).

We have to provide all of the overloads in Bionic, since enable_if is
only used to disambiguate overloads with (otherwise) the same type. In
other words:

// overload 1
char *strchr(const char *, int s) __attribute__((enable_if(1, "")));
// overload 2
char *strchr(char *, int s);

void foo() {
  char cs[1] = {};
  strchr(static_cast<const char *>(cs), '\0'); // calls overload #1.
  strchr(cs, '\0'); // calls overload #2.
}

Bug: 34747525
Test: m checkbuild on bullhead internal master + AOSP. vts -m
BionicUnitTests passes on both. Surprisingly, the only code that this
seems to break is contained in Bionic.

Change-Id: Ie406f42fb3d1c5bf940dc857889876fc39b57c90
2017-04-05 13:17:07 -07:00
Neil Fuller
0a40cb3872 Merge "Add (duplicate) license from new XML file" 2017-04-05 14:11:14 +00:00
Neil Fuller
7336db761c Add (duplicate) license from new XML file
This change was forgotten when I uploaded tzlookup.xml for
review. I meant to check this with enh@. Apologies. This fixes
the the NOTICE file so others can upload.

Test: repo upload
Change-Id: I9e722952f9ae8c8d971b1c2d23d53079d85f4ae7
2017-04-05 15:07:55 +01:00
Neil Fuller
d90713b335 Merge "Addition of a new system file for time zone data" 2017-04-05 13:33:34 +00:00
Treehugger Robot
b209e14d36 Merge "Remove obsolete Android.mk comments" 2017-04-05 02:12:00 +00:00
Dan Willemsen
a3ed901ef8 Remove obsolete Android.mk comments
Test: none
Change-Id: I0419800d44a7918a4415baf840c7d30bf30a18ed
2017-04-04 15:52:13 -07:00
Christopher Ferris
07807a10a2 Merge "Add kryo support." 2017-04-04 21:10:55 +00:00
Treehugger Robot
defecea27b Merge "libc: use __bos instead of __bos0 for strchr." 2017-04-04 20:01:38 +00:00
George Burgess IV
bce9a7d518 libc: use __bos instead of __bos0 for strchr.
I dunno why I used __bos0 in the first place; clang's strrchr (and
GCC's strchr+strrchr) both use __bos.

Bug: 34747525
Test: m. Device still boots. cts -m BionicUnitTests shows no new
failures.
Change-Id: Ifec0e05a6a1144fa3e3ac70562af3ec57c09c194
2017-04-04 11:12:18 -07:00
Josh Gao
12021ce9cf Merge "Break android_set_abort_message out of libc_logging."
am: 1c864b630f

Change-Id: I7d8ab343a09a0e2166d0462a3b378257cb837f67
2017-04-04 00:49:24 +00:00
Josh Gao
1c864b630f Merge "Break android_set_abort_message out of libc_logging." 2017-04-04 00:40:40 +00:00
Josh Gao
5ac8755ffe Merge changes I70edafb7,I96cba65e,I5142a335
am: 1400acc159

Change-Id: I8a336aac72ba8fa173ef2ea3364a55d7d84fc4f5
2017-04-03 23:26:49 +00:00
Treehugger Robot
1400acc159 Merge changes I70edafb7,I96cba65e,I5142a335
* changes:
  versioner: remove useless log message.
  versioner: fix indentation in usage.
  versioner: guard preprocessing messages with -v.
2017-04-03 23:17:59 +00:00
Josh Gao
10ec9286ae Break android_set_abort_message out of libc_logging.
libc_logging is getting statically linked into the crash handler
library, resulting in two copies of the abort message code existing in
processes, one in the linker, and one in the crash handler.

Move android_set_abort_message to its own file to solve this.

Bug: http://b/36862204
Test: /data/nativetest/debuggerd_test/debuggerd_test32
Change-Id: Ie198c5a3bb07645aa43296915c9a6752693f14a9
2017-04-03 16:00:10 -07:00
Josh Gao
d89b0f130c Merge changes I826756d9,I00e2edb2
am: 6367f5ee55

Change-Id: I0585784475e8288fc06e5ca1089ff227f87001bd
2017-04-03 20:41:38 +00:00
Josh Gao
6367f5ee55 Merge changes I826756d9,I00e2edb2
* changes:
  libc_logging: mention that they're async signal safe.
  linker: update dependencies.
2017-04-03 20:33:18 +00:00
Josh Gao
acc7921580 versioner: remove useless log message.
Test: tools/versioner/run_tests.py
Change-Id: I70edafb7ad6a6274e7daa508903520dbb4b399c8
2017-04-03 12:41:35 -07:00
Josh Gao
d744a9bcd5 versioner: fix indentation in usage.
Test: versioner -h
Change-Id: I96cba65e53c564c8f47714c74d300e8f3dee7e82
2017-04-03 12:41:35 -07:00
Josh Gao
3fcf747f1d versioner: guard preprocessing messages with -v.
Bug: http://b/36751878
Test: tools/versioner/run_tests.py
Change-Id: I5142a33519b101548ccaec8a3bc498e446a648a7
2017-04-03 12:41:35 -07:00
Christopher Ferris
950a95836d Add kryo support.
Currently, using kryo is the same as using krait, but there are specialized
routines that are pending that will be used after this commit.

Bug: 36728278

Test: Built and booted a sailfish using kryo.
Change-Id: Id7510640673c31f7536367041212db6d96a564f0
2017-04-03 10:30:55 -07:00
Nick Kralevich
1df65daf9a Merge "Cleanup ANDROID_DNS_MODE and BIONIC_DNSCACHE"
am: 4df5ca1e02

Change-Id: I899ca838e59469348cd9bd25296ab9ac8e298291
2017-04-03 17:26:26 +00:00
Treehugger Robot
4df5ca1e02 Merge "Cleanup ANDROID_DNS_MODE and BIONIC_DNSCACHE" 2017-04-03 17:21:54 +00:00
Nick Kralevich
62c03a4ff4 Cleanup ANDROID_DNS_MODE and BIONIC_DNSCACHE
For security reasons, when a binary is executed which causes a security
transition (eg, a setuid binary, setgid binary, filesystem capabilities,
or SELinux domain transition), the AT_SECURE flag is set. This causes
certain blacklisted environment variables to be stripped before the
process is executed. The list of blacklisted environment variables is
stored in UNSAFE_VARIABLE_NAMES. Generally speaking, most environment
variables used internally by libc show up in this list.

Add ANDROID_DNS_MODE to the list of unsafe variables.
Similar to RESOLV_HOST_CONF and RES_OPTIONS (which are already
blacklisted), this variable controls how name resolution requests are
handled. Allowing ANDROID_DNS_MODE to be set across a security
boundary could induce resolution failures or otherwise impact
name resolution.

Remove BIONIC_DNSCACHE. This does not appear to be used, and setting
this variable across a security boundary could cause name resolution
problems.

Test: Android compiles and runs with no obvious problems.
Change-Id: I835a7b42d6afbc9c67866594c7951cfd9b355d81
2017-04-03 08:44:38 -07:00
Dimitry Ivanov
e3f66625e3 Merge "Fix lookup logic for linked namespaces"
am: 6a2c7f5a68

Change-Id: I6af8cccc6ca6a18ced2f4843621563319fdc29f5
2017-04-02 02:20:13 +00:00
Treehugger Robot
6a2c7f5a68 Merge "Fix lookup logic for linked namespaces" 2017-04-02 02:14:47 +00:00
Elliott Hughes
134912df4b Merge "Only use environment variables on the host."
am: 5d8b8310aa

Change-Id: I4439714a733487a76221e789805b50ce958829f4
2017-04-01 07:41:13 +00:00
Treehugger Robot
5d8b8310aa Merge "Only use environment variables on the host." 2017-04-01 07:35:15 +00:00
Elliott Hughes
14eb5abc20 Only use environment variables on the host.
It's faster and safer to skip them on the device, where we know where
everything is anyway.

(cherrypick of cf6365690cc68bdd7e16648fb7881ba0b5cae93d.)

Bug: http://b/36807787
Test: ran tests
Change-Id: I0bb7879cc46f194152c67ddaf072cbebb424f789
2017-03-31 23:23:29 -07:00
Paul Lawrence
5d20373be9 Merge "Expand whitelist"
am: 7cf467bd23

Change-Id: Id4baef4988302e5178d5e7bf850f3e9a028b3162
2017-04-01 00:15:45 +00:00
Treehugger Robot
7cf467bd23 Merge "Expand whitelist" 2017-04-01 00:07:12 +00:00
Vishwath Mohan
ec3cc94eb3 Merge "Refactor sanitized library on-disk layout - bionic."
am: 2a41bf4190

Change-Id: I4f62c79e7f5e93c42e3f168609557e9f48a83a5b
2017-03-31 16:41:24 +00:00
Treehugger Robot
2a41bf4190 Merge "Refactor sanitized library on-disk layout - bionic." 2017-03-31 16:35:53 +00:00
Paul Lawrence
8b7a3559c1 Expand whitelist
Bug: 36726183
Test: Builds, call 90 added to policy

(cherry picked from commit 3ba8223b9a)

Change-Id: Ib8db1b764ce22aadf8050031d40040dd6c0e669e
2017-03-31 16:01:32 +00:00
Neil Fuller
108279e9e5 Addition of a new system file for time zone data
This file is to replace the time_zones_by_country.xml
file from frameworks/base/core/res/res/xml/

This new file is intended to be updated outside of
an OTA, unlike time_zones_by_country.xml.

The tzlookup.xml file is read by code in libcore, not
frameworks/base.

The format of the file is slightly different from
time_zones_by_country.xml but the information is the
same as the current version. It was generated using
a sed transform and manual coallescing of the
<country> elements / comments:

sed 's/<timezones>$/<timezones>\n  <countryzones>/' frameworks/base/core/res/res/xml/time_zones_by_country.xml \
    | sed 's/<\/timezones>/  <\/countryzones>\n<\/timezones>/' \
    | sed 's/<timezone\( code=\"..\">\)/<country\1\n      <id>/g' \
    | sed 's/<\/timezone>/<\/id>\n    <\/country>/g'

The time_zones_by_country.xml file will be deleted
in a follow up change when the new code is wired into
the code that uses this data.

Test: See associated libcore change that will ensure the file
      is kept in sync with tzdata when applying IANA rules
      changes.
Bug: 25338903
Change-Id: I8912307bf6a41750ac06ffce9143e8055ea4e7c5
2017-03-31 15:35:14 +01:00
Vishwath Mohan
4113def4fa Refactor sanitized library on-disk layout - bionic.
This CL changes the linker to point to the newly refactored location
of ASAN-ified libraries on disk.

This supports changes made by the following CLs -
https://android-review.googlesource.com/#/c/359087/
https://android-review.googlesource.com/#/c/359389/

Which refactor the on-disk location as follows:
/data/lib* --> /data/asan/system/lib*
/data/vendor/* --> /data/asan/vendor/*

There are a couple of advantages to this, including better isolation
from other components, and more transparent linker renaming and
SELinux policies.

Bug: 36574794
Bug: 36674745
Test: m -j40 && SANITIZE_TARGET="address" m -j40 and the device
boots. All sanitized libraries are correctly located in /data/asan/*.

Change-Id: Iad8b298a66c38eb0f6327f6b51027f0728aa7a40
2017-03-30 20:07:50 -07:00
Dan Albert
f1cbcfe9aa Merge "Revert "isnan and isinf aren't functions.""
am: 6d225bdf7c

Change-Id: I57dedc84133b553f84a3eea4cd654a3ebe45aba4
2017-03-31 02:32:27 +00:00
Treehugger Robot
6d225bdf7c Merge "Revert "isnan and isinf aren't functions."" 2017-03-31 02:27:14 +00:00
Dan Albert
284c8f1baf Revert "isnan and isinf aren't functions."
While this change is correct, GNU libstdc++ 4.9 isn't able to handle a
standard compliant C library. Its <cmath> will `#undef isnan` from
math.h and only adds the function overloads to the std namespace,
making it impossible to use both <cmath> (which gets included by a
lot of other standard headers) and ::isnan.

We're going to have to revert this until we can start turning down
support for gnustl.

This reverts commit e76ee993ff.

Bug: https://code.google.com/p/android/issues/detail?id=271629
Test: make checkbuild
Change-Id: I394f50271430e78ab801d85c3ee4e87019eda6af
2017-03-30 17:18:31 -07:00
Josh Gao
bcf3b3d868 Merge "Add more ptrace process resumption tests."
am: ccec0f4c11

Change-Id: Ia951508d38a146fb879e3a7aa34e3b1bc4d6169f
2017-03-30 01:40:54 +00:00
Josh Gao
ccec0f4c11 Merge "Add more ptrace process resumption tests." 2017-03-30 01:33:58 +00:00
Elliott Hughes
5b35e2b9c2 Merge "Fix x86 system calls made from ELF preinit."
am: 12a07044db

Change-Id: I6377f5bcc5edfc725c923b596490aa74e55ea224
2017-03-29 23:14:56 +00:00