Commit graph

556 commits

Author SHA1 Message Date
Treehugger Robot
f81027468c Merge "librust_baremetal: No HAVE_ASSEMBLER___MEMCPY_CHK" 2023-02-14 00:57:52 +00:00
Pierre-Clément Tosi
467e58e9ea libc_fortify: Fix typo
Test: -
Change-Id: I7ad5def655d0dbfe6b0138d322ca0c25c32c4635
2023-02-09 12:14:17 +00:00
Mitch Phillips
3d577a836d Merge "Add the recoverable GWP-ASan feature." 2023-02-03 18:35:08 +00:00
Mitch Phillips
a493fe4153 Add the recoverable GWP-ASan feature.
GWP-ASan's recoverable mode was landed upstream in
https://reviews.llvm.org/D140173.

This mode allows for a use-after-free or a buffer-overflow bug to be
detected by GWP-ASan, a crash report dumped, but then GWP-ASan (through
the preCrashReport() and postCrashReportRecoverableOnly() hooks) will
patch up the memory so that the process can continue, in spite of the
memory safety bug.

This is desirable, as it allows us to consider migrating non-system apps
from opt-in GWP-ASan to opt-out GWP-ASan. The major concern was "if we
make it opt-out, then bad apps will start crashing". If we don't crash,
problem solved :). Obviously, we'll need to do this with an amount of
process sampling to mitigate against the 70KiB memory overhead.

The biggest problem is that the debuggerd signal handler isn't the first
signal handler for apps, it's the sigchain handler inside of libart.
Clearly, the sigchain handler needs to ask us whether the crash is
GWP-ASan's fault, and if so, please patch up the allocator. Because of
linker namespace restrictions, libart can't directly ask the linker
(which is where debuggerd lies), so we provide a proxy function in libc.

Test: Build the platform, run sanitizer-status and various test apps
with recoverable gwp-asan. Assert that it doesn't crash, and we get a
debuggerd report.
Bug: 247012630

Change-Id: I86d5e27a9ca5531c8942e62647fd377c3cd36dfd
2023-02-02 15:35:25 -08:00
Elliott Hughes
98c641b096 Merge "Sync strptime.c with upstream." 2023-01-23 22:04:29 +00:00
Treehugger Robot
6ffb6e89f9 Merge "librust_baremetal: Add strtol" 2023-01-23 10:59:25 +00:00
Treehugger Robot
716ed9b931 Merge "librust_baremetal: Add memcpy_chk" 2023-01-12 16:26:17 +00:00
Treehugger Robot
c22ef226a3 Merge "Merge librust_baremetal_defaults into its library" 2023-01-05 20:01:06 +00:00
Chih-Hung Hsieh
e343db3f54 Disable clang-tidy for upstream files.
Bug: 264302877
Test: presubmit tests; make tidy-bionic_subset
Change-Id: I278201c62e70898103bf20ce8823106418c8fb05
2023-01-03 15:08:22 -08:00
Pierre-Clément Tosi
eeb53ac80a librust_baremetal: No HAVE_ASSEMBLER___MEMCPY_CHK
Stop defining the unnecessary CPP macro.

Test: TH
Change-Id: Ided365bdd77854f3840ed865537ef43d7cdd00c3
2023-01-03 18:08:31 +00:00
Pierre-Clément Tosi
816176ccd6 librust_baremetal: Add strtol
Add strtol (required by libfdt), which only depends on libc functions
the library already provides or requires.

Bug: 232900974
Test: m pvmfw_bin # with aosp/2314779
Change-Id: I460571b64369c6bf45fef213252f305e978c694d
2023-01-03 18:07:26 +00:00
Pierre-Clément Tosi
199a62e39b librust_baremetal: Add memcpy_chk
Add __memcpy_chk (used by BoringSSL) and start documenting the
dependencies that the baremetal environment needs to provide to
successfully link the library.

Bug: 256148034
Bug: 256827715
Test: m pvmfw_bin && atest vmbase_example.integration_test
Change-Id: I0d61f4efc5cc26a95b74870be7cd7eebeeb0bd3a
2023-01-03 18:05:30 +00:00
Pierre-Clément Tosi
3af5799387 Merge librust_baremetal_defaults into its library
Test: m pvmfw_bin
Change-Id: I14e74019fc64865af615d033f508bfb0d71eef2f
2023-01-03 17:57:42 +00:00
Treehugger Robot
746ed77a29 Merge "Introduce minimal static libc for baremetal Rust" 2022-12-15 00:22:20 +00:00
Pierre-Clément Tosi
74a1458116 Introduce minimal static libc for baremetal Rust
LLVM/rustc compiling no_std code expects a few libc symbols to be
defined (memcpy, memset, memcmp). Previously, we used the arm64 library
directly; instead, make the dependency arch-agnostic by exporting it
from Bionic, making it easier to add more libc functions (that might not
be implemented by the optimized routines), as necessary.

Test: m pvmfw_bin && atest vmbase_example.integration_test
Change-Id: I1d2cc69a25bbb7eddc67357a028b7b79d4909e79
2022-12-13 14:17:50 +00:00
Elliott Hughes
d3627a444f Sync strptime.c with upstream.
We still have local differences, but this minimizes (and documents) them.

Bug: http://b/167569813
Test: treehugger
Change-Id: Ib90e6ccc5ec1224e7ee89224a51b87fc48c9931f
2022-12-12 20:56:12 +00:00
Elliott Hughes
8d9549e28a Move some cruft from the build system to the source.
It's more intention-revealing this way round anyway...

Test: treehugger
Change-Id: I561d8ac3003fa6b7f19fcf7110a6646c69bdd936
2022-12-09 19:58:00 +00:00
Elliott Hughes
023e4e7840 Move to arm-optimized-routines memset().
This one's a bit simpler, because there is only one upstream memset()
implementation.

Test: treehugger
Change-Id: I2536d0eb72adaacfa6a0e40d2bd29fc833988c16
2022-11-17 19:28:06 +00:00
Elliott Hughes
7daf4596b7 Switch to the arm-optimized-routines memcpy() and memmove().
Outsource this to them, and choose the best of the two options available
based on the hardware we're running on.

Test: treehugger
Change-Id: I2fa7555c971b64a6decca132210e901ffa248efa
2022-11-17 00:38:49 +00:00
Treehugger Robot
d26d3c0b5c Merge "Implement __memset_chk as a copy & paste of __memcpy_chk." 2022-11-16 23:33:14 +00:00
Elliott Hughes
3cc366d3a2 Implement __memset_chk as a copy & paste of __memcpy_chk.
These two will stay behind when we move memcpy()/memmove()/memset() over
to arm-optimized-routines (which leaves fortify to us).

Test: treehugger
Change-Id: Ie683f71a5a141263ce3f4e8811df9eaf667584f4
2022-11-16 21:07:56 +00:00
Elliott Hughes
0d4d276253 Remove assembler wmemmove().
The compiler turns our C wmemmove() into one shift instruction and a
branch, which is plenty for a function no-one uses anyway.

Why don't I just leave this alone, since we already have it? Because I'm
looking at finishing the project of "switch to arm-optimized-routines"
and getting rid of our assembler here, and Arm agrees that this isn't
worth having optimized assembler for in their optimized assembler
project, judging by its absence.

Test: treehugger
Change-Id: I985801241a8cbd7dbda51a447946affb1402effb
2022-11-16 18:44:56 +00:00
Colin Cross
0f917240bd Merge "Add a zip package containing the crt*.o objects" 2022-10-21 17:43:15 +00:00
Colin Cross
290c495c24 Add a zip package containing the crt*.o objects
The ndk sysroot does not include the crt*.o objects, package them
separately for use in the llvm toolchain build.

Test: lunch aosp_riscv64-userdebug && m bionic_sysroot_crt_objects
Change-Id: I0bda12b7979a026441bb67387709ee94b3249b6b
2022-10-20 20:17:07 -07:00
Treehugger Robot
579088b354 Merge "Add riscv64 kernel headers to the ndk sysroot" 2022-10-21 02:34:59 +00:00
Colin Cross
bd26e0fd89 Add riscv64 kernel headers to the ndk sysroot
Add riscv64 kernel headers to the ndk sysroot for use by the LLVM
toolchain build.  They will not be shipped in the real NDK.

Test: lunch aosp_riscv64-userdebug && m ndk_sysroot
Change-Id: I804e66b56919b84fa5dc03d432ae673ea4f31615
2022-10-20 15:15:26 -07:00
Yu Liu
938ec9b7e8 Refactor the bp file to avoid arch variant in cc_genrule.
The arch variant of genrule.out will be soon disallowed in soong.

Bug: 253645813
Test: Manually build.
Change-Id: I2d5daa67b4e10f4abddebc98775df18df485843f
2022-10-18 17:23:17 -07:00
Treehugger Robot
8333532f3b Merge "Revert "Refactor the bp file to avoid arch variant in cc_genrule."" 2022-10-18 04:48:28 +00:00
Treehugger Robot
b15a64f722 Merge "riscv64 setjmp." 2022-10-18 04:09:55 +00:00
Yu Liu
3a57969a6f Revert "Refactor the bp file to avoid arch variant in cc_genrule."
This reverts commit ed2654cfdc.

Reason for revert: breaks aosp-master

Change-Id: I8236e3e31e208e8719df52f6b1488af919b37d94
2022-10-18 03:02:32 +00:00
Yu Liu
86ef94783b Merge "Refactor the bp file to avoid arch variant in cc_genrule." 2022-10-18 02:19:03 +00:00
Yu Liu
ed2654cfdc Refactor the bp file to avoid arch variant in cc_genrule.
The arch variant of genrule.out will be soon disallowed in soong.

Bug: 253645813
Test: Manually build.
Change-Id: Ia07d45195de8c22f18487aef34795279d2962c4c
2022-10-17 16:36:30 -07:00
Elliott Hughes
e1905ed629 riscv64 setjmp.
Signed-off-by: Mao Han <han_mao@linux.alibaba.com>
Signed-off-by: Xia Lifang <lifang_xia@linux.alibaba.com>
Signed-off-by: Chen Guoyin <chenguoyin.cgy@linux.alibaba.com>
Signed-off-by: Wang Chen <wangchen20@iscas.ac.cn>
Signed-off-by: Lu Xufan <luxufan@iscas.ac.cn>
Test: m
Change-Id: I02cf117f67bda74516e4de8cd6f4c05efdb9a85b
2022-10-17 23:23:36 +00:00
Elliott Hughes
604ab0fe82 riscv64: enable the version scripts.
Test: treehugger
Change-Id: Idd7b3610bd3321d7e1a4e868cf5dbaf2980909ab
2022-10-17 21:06:10 +00:00
Elliott Hughes
ebc19a9ccb riscv64: add bionic assembler and string functions.
Pull the portable C string functions from FreeBSD, and do fairly literal
translations of our existing .S files for the bionic-specific stuff.

Test: treehugger
Change-Id: Id42e5b8a51ed73155be020d74edd7011a2103574
2022-10-14 23:25:36 +00:00
Elliott Hughes
704772bda0 riscv64 syscall stub and seccomp filter generation.
These are sufficiently intertwined that they need to be done together.
riscv64 is our first primary-only architecture, so that required some
changes. The .bp changes are to support this --- we need to only show
the python scripts the architectures they'll actually be using, rather
than showing them everything and ignoring some of the results.

riscv64 is also the first architecture that post-dates the kernel's
64-bit time work, so there's a bit of extra fiddling needed to handle
the __NR3264_ indirection in the uapi headers.

Signed-off-by: Mao Han <han_mao@linux.alibaba.com>
Signed-off-by: Xia Lifang <lifang_xia@linux.alibaba.com>
Signed-off-by: Chen Guoyin <chenguoyin.cgy@linux.alibaba.com>
Signed-off-by: Wang Chen <wangchen20@iscas.ac.cn>
Signed-off-by: Lu Xufan <luxufan@iscas.ac.cn>
Test: local builds for x86-64 and riscv64
Change-Id: I74044744e80b312088f805c44fbd667c9bfcdc69
2022-10-13 23:41:53 +00:00
Jingwen Chen
95ca177c58 Use allowlists.go for all bp2build config and remove Android.bp prop.
This was introduced when we didn't have allowlists.

Bug: 251197532
Test: presubmits
Change-Id: I83713dd9a0a059acda8e4565677d0c8c6b966749
2022-10-10 14:35:15 +00:00
Elliott Hughes
48e5333dd0 Pull in the riscv64 uapi headers for riscv64 builds.
Test: treehugger
Change-Id: I0c41a1a5b9805057609c68a49f67e6e24d4a0572
2022-10-07 20:39:25 +00:00
Florian Mayer
f8d7761525 Merge "Give init visibility into bionic headers." 2022-09-14 01:22:45 +00:00
Florian Mayer
f5d70cef37 Give init visibility into bionic headers.
Change-Id: Ia17a7382c6e3c51dab3694030e55796852d8b411
2022-09-13 13:59:26 -07:00
Spandan Das
6feb2ccfe9 Declare the headers of the ndk_library
This creates a dependency edge between the ndk_library and its headers,
which should be a no-op in regular Soong builds. This dependency edge
will be used in the Multi-tree project to export the relevant .h files into a well
known location

Test: m nothing
Bug: 239044713
Change-Id: I3f38edfbb8ce6b47dd4e73de4e1e0ad7a371799c
2022-09-08 23:44:35 +00:00
Treehugger Robot
2526b660fd Merge changes from topics "gwp-asan-headers", "native_handle_fdsan"
* changes:
  Open libasync_safe to any APEX
  Remove gwp_asan_headers from libc_defaults
2022-09-06 22:48:31 +00:00
Mitch Phillips
b09a3ca076 Remove gwp_asan_headers from libc_defaults
This turns out to over-export GWP-ASan headers to apexes. This is
unnecessary, GWP-ASan headers should only be referenced by libc
internally and debuggerd.

Test: m
Bug: N/A
Change-Id: I04bb8ceb094e681366a4931185906e67ce420c17
2022-09-02 11:52:20 -07:00
Treehugger Robot
d3c7700aa0 Merge "Exclude BUILD files from musl sysroot globs" 2022-08-12 21:14:52 +00:00
Colin Cross
1c0a7a09ff Exclude BUILD files from musl sysroot globs
Don't package the BUILD files into musl sysroots.

Test: build musl sysroot
Change-Id: I260a59a8c0cdd5b4249b657c8435c01fbb56eeb7
2022-08-12 11:49:24 -07:00
Elliott Hughes
f9fac36f15 Merge "Add C23's memset_explicit()." 2022-08-11 22:01:28 +00:00
Elliott Hughes
1f462dec34 Add %b and %B support to the scanf/wscanf and strto*/wcsto* families.
Coming to C23 via WG14 N2630.

This one is a little interesting, because it actually changes existing
behavior. Previously "0b101" would be parsed as "0", "b", "101" by these
functions. I'm led to believe that glibc plans to actually have separate
versions of these functions for C23 and pre-C23, so callers can have the
behavior they (implicitly) specify by virtue of which -std= they compile
with. Android has never really done anything like that, and I'm pretty
sure app developers have more than enough to worry about with API levels
without having to deal with the cartesian product of API level and C
standard.

Therefore, my plan A is "if you're running on Android >= U, you get C23
behavior". My plan B in the (I think unlikely) event that that actually
causes trouble for anyone is "if you're _targeting_ Android >= U, you
get C23 behavior". I don't think we'd actually want to have two versions
of each of these functions under any circumstances --- that seems by far
the most confusing option.

Test: treehugger
Change-Id: I0bbb30315d3fabd306905ad1484361f5d8745935
2022-08-11 00:25:08 +00:00
Elliott Hughes
0d64243407 Add C23's memset_explicit().
https://open-std.org/jtc1/sc22/wg14/www/docs/n2897.htm

Test: treehugger
Change-Id: Ia0cfc72bdf3c22eda6a4fc9adaa4c0ca0ff9a7c8
2022-08-10 23:36:16 +00:00
Elliott Hughes
ed777145e7 Tidy up the x86 atom/silvermont stuff similar to x86-64.
Get rid of the bad precedent of having the architecture variant in the
file name *and* directory name.

Test: treehugger
Change-Id: I78582c12b4390578c51d52d4dd86f57470129abf
2022-07-25 16:27:25 +00:00
ahs
919fb7f2e0 avx2 implementation for memset.
This patch includes handwritten avx2
assembly for memset 64-bit. Uses
non-temporal stores for very large sizes.
Also includes dynamic dispatch for APIs
having multiple implementations.

Convincing benchmark improvements for sizes above 512 bytes, and
although the slight regression for small sizes is unfortunate, it's
probably small enough to be okay?

Before:

  BM_string_memset/8/0            3.06 ns         3.04 ns    222703428 bytes_per_second=2.45261G/s
  BM_string_memset/16/0           3.50 ns         3.47 ns    202569932 bytes_per_second=4.29686G/s
  BM_string_memset/32/0           3.50 ns         3.48 ns    200064955 bytes_per_second=8.57386G/s
  BM_string_memset/64/0           3.49 ns         3.46 ns    201928186 bytes_per_second=17.2184G/s
  BM_string_memset/512/0          14.8 ns         14.7 ns     47776178 bytes_per_second=32.3887G/s
  BM_string_memset/1024/0         27.3 ns         27.1 ns     25884933 bytes_per_second=35.2515G/s
  BM_string_memset/8192/0          203 ns          201 ns      3476903 bytes_per_second=37.9311G/s
  BM_string_memset/16384/0         402 ns          399 ns      1750471 bytes_per_second=38.2725G/s
  BM_string_memset/32768/0         932 ns          925 ns       755750 bytes_per_second=33.0071G/s
  BM_string_memset/65536/0        2038 ns         2014 ns       347060 bytes_per_second=30.3057G/s
  BM_string_memset/131072/0       4012 ns         3980 ns       175186 bytes_per_second=30.6682G/s

After:

  BM_string_memset/8/0            3.32 ns         3.23 ns    208939089 bytes_per_second=2.3051G/s
  BM_string_memset/16/0           4.07 ns         3.98 ns    173479615 bytes_per_second=3.74822G/s
  BM_string_memset/32/0           4.07 ns         3.95 ns    177208119 bytes_per_second=7.54344G/s
  BM_string_memset/64/0           4.09 ns         4.00 ns    174729144 bytes_per_second=14.8878G/s
  BM_string_memset/512/0          10.7 ns         10.4 ns     65922763 bytes_per_second=45.6611G/s
  BM_string_memset/1024/0         18.0 ns         17.6 ns     40489136 bytes_per_second=54.3166G/s
  BM_string_memset/8192/0          109 ns          106 ns      6577711 bytes_per_second=71.7667G/s
  BM_string_memset/16384/0         221 ns          210 ns      3343800 bytes_per_second=72.684G/s
  BM_string_memset/32768/0         655 ns          623 ns      1153501 bytes_per_second=48.9781G/s
  BM_string_memset/65536/0        1547 ns         1495 ns       461702 bytes_per_second=40.8154G/s
  BM_string_memset/131072/0       2991 ns         2924 ns       240189 bytes_per_second=41.7438G/s

This patch drops the wmemset() code because we don't even have a
microbenchmark for it, we have as many implementations checked in as we
have non-test call sites (!), so at this point it seems like we've spent
more time maintaining wmemset() than running it!

Test: bionic/tests/run-on-host.sh 64
Signed-off-by: ahs <amrita.h.s@intel.com>
Change-Id: Ie5047df5300638c1e4c69f8285d33d034f79c83b
2022-07-22 21:48:50 +00:00