128 Commits

Author SHA1 Message Date
Elliott Hughes
41ef902379 Fix memchr overflow.
The overflow's actually in the generic C implementation of memchr.

While I'm here, let's switch our generic memrchr to the OpenBSD version too.

Bug: https://code.google.com/p/android/issues/detail?id=147048
Change-Id: I296ae06a1ee196d2c77c95a22f11ee4d658962da
2015-02-14 13:21:22 -08:00
Colin Cross
da2c0a708e Merge changes Ib87855e8,I4b46ae20,I66364a5c,Id3fcf680
* changes:
  Use LOCAL_LDFLAGS_64 instead of enumerating 64-bit architectures
  Fix typo in cpu variant makefile depenendency for arm64
  Remove libc_static_common_src_files
  Share LP32 makefile settings between arches
2015-02-05 01:57:28 +00:00
Colin Cross
a6b6ed5fe9 Fix typo in cpu variant makefile depenendency for arm64
cpu_variank_mk -> cpu_variant_mk

Change-Id: I4b46ae20de72ed2dc8820d62ac35ddc6b915a195
2015-02-04 17:38:27 -08:00
Nick Kralevich
00490ae3f3 Ensure raw fchmod/fchmodat syscalls are hidden.
In https://android-review.googlesource.com/#/c/127908/5/libc/SYSCALLS.TXT@116
Elliott said:

  for LP64 these will be hidden. for LP32 we were cowards and left
  them all public for compatibility (though i don't think we ever
  dremeled to see whether it was needed). we don't have an easy
  way to recognize additions, though, so we can't prevent adding
  new turds.

Add a mechanism to prevent the adding of new turds, and use that
mechanism on the fchmod/fchmodat system calls.

Bug: 19233951
Change-Id: I98f98345970b631a379f348df57858f9fc3d57c0
2015-02-03 12:10:30 -08:00
Nick Kralevich
3cbc6c627f Add fchmodat(AT_SYMLINK_NOFOLLOW) and fchmod O_PATH support
Many libc functions have an option to not follow symbolic
links. This is useful to avoid security sensitive code
from inadvertantly following attacker supplied symlinks
and taking inappropriate action on files it shouldn't.
For example, open() has O_NOFOLLOW, chown() has
lchown(), stat() has lstat(), etc.

There is no such equivalent function for chmod(), such as lchmod().
To address this, POSIX introduced fchmodat(AT_SYMLINK_NOFOLLOW),
which is intended to provide a way to perform a chmod operation
which doesn't follow symlinks.

Currently, the Linux kernel doesn't implement AT_SYMLINK_NOFOLLOW.
In GLIBC, attempting to use the AT_SYMLINK_NOFOLLOW flag causes
fchmodat to return ENOTSUP. Details are in "man fchmodat".

Bionic currently differs from GLIBC in that AT_SYMLINK_NOFOLLOW
is silently ignored and treated as if the flag wasn't present.

This patch provides a userspace implementation of
AT_SYMLINK_NOFOLLOW for bionic. Using open(O_PATH | O_NOFOLLOW),
we can provide a way to atomically change the permissions on
files without worrying about race conditions.

As part of this change, we add support for fchmod on O_PATH
file descriptors, because it's relatively straight forward
and could be useful in the future.

The basic idea behind this implementation comes from
https://sourceware.org/bugzilla/show_bug.cgi?id=14578 , specifically
comment #10.

Change-Id: I1eba0cdb2c509d9193ceecf28f13118188a3cfa7
2015-02-02 13:17:17 -08:00
Duane Sand
dbaab26021 [Arm64] Fix overlapping fp fields in jmp_buf
Change-Id: I9be9f118108f3f6e2bb02a5b01e0420fbfd15d85
2015-01-26 16:20:05 -08:00
Elliott Hughes
51f5d83237 Fix arm64 clone stack handling.
Make sure we adjust the stack pointer so a signal can't overwrite data.

Bug: 15195265
Change-Id: I5ab9469a82cb214c32f40a713268a1ab74a4c6fa
2014-12-10 11:08:47 -08:00
Yabin Cui
94926f8cfa Merge "support _POSIX_REALTIME_SIGNALS" 2014-12-09 20:10:19 +00:00
Yabin Cui
634816055f support _POSIX_REALTIME_SIGNALS
Bug: 18489947
Change-Id: I2e834d68bc10ca5fc7ebde047b517a3074179475
2014-12-08 21:52:43 -08:00
Elliott Hughes
56e017306e Simplify our endian.h implementation.
We can rely on the compiler's builtins. Tested on arm, arm64, mips, x86,
and x86-64.

Change-Id: I0f774ed7e85b3c791a3178d8ef17c6500e6a9ace
2014-12-08 20:35:08 -08:00
Elliott Hughes
9fa2cfbbdb Use 64-bit units in the aarch64 setjmp implementation.
The use of 32-bit units for 64-bit stores and loads was driving me crazy.

Bug: 16918359
Change-Id: Ifb73aad8f8985a2adfcf5913b783ad9424f23e06
2014-12-08 16:23:10 -08:00
Elliott Hughes
75096226c8 Switch arm and arm64 over to the x86 style of jmpbuf.
Specifically, use the argument to sigsetjmp as a flag in the buffer
to indicate whether or not the signal mask is valid.

Bug: 16918359
Change-Id: I5bb1f1220f14c105c6bc57e0c28c1dc366d1438f
2014-12-08 16:15:59 -08:00
Elliott Hughes
7b78e8187e Fix signal mask save/restore for arm64.
Bug: 16918359
Change-Id: Ieb15f7f1658f5accee05665b72ba17831a80ea9d
2014-12-06 11:18:00 -08:00
Elliott Hughes
9fb536de97 Clean up the arm64 setjmp.
Note that this doesn't address the fact that we don't save/restore the
real-time signals. But it does let us pass the tests we currently fail.

Bug: 16918359
Change-Id: I063a6926164289a71026a412da7f5dd2ca9a74b3
2014-12-05 15:05:45 -08:00
Elliott Hughes
1de2548c8e Switch aarch64 to __builtin_bswap16.
It generates the same code.

Bug: 18597513
Change-Id: I164296da8c676668983dd93697c6dfa05f10ec56
2014-12-02 19:55:38 -08:00
Elliott Hughes
b514026eb2 Kill <machine/exec.h>.
Bug: 18546535
Change-Id: I479e003deab21e31eb5caa5393067ed1dc558387
2014-12-02 16:16:29 -08:00
Elliott Hughes
ee369fb319 Bring our <machine/endian.h> files back in sync.
They'd drifted slightly which led to a compilation error in toybox,
which was assuming pid_t was defined. arm and arm64 were picking it
up via <endian.h> but x86 wasn't.

Change-Id: I58401e6c0066959dfc3b305b020876aaf7074bbf
2014-11-21 18:34:36 -08:00
Elliott Hughes
b86a4c7f65 Add sethostname(2).
Not very useful, but helps building stuff like toybox out of the box.

Change-Id: I110e39030452bd093a84278e019c5752d293718d
2014-11-07 16:48:27 -08:00
Haruki Hasegawa
1816025684 Add clock_settime and clock_nanosleep.
Add the missing prototypes, fix the existing prototypes to use clockid_t
rather than int, fix clock_nanosleep's failure behavior, and add simple
tests.

Bug: 17644443
Bug: https://code.google.com/p/android/issues/detail?id=77372
Change-Id: I03fba369939403918abcabae9551a7123953d780
Signed-off-by: Haruki Hasegawa <h6a.h4i.0@gmail.com>
2014-10-13 17:04:10 -07:00
Christopher Ferris
8cf61dab5f Add __memcpy_chk assembly for 64 bit.
Bug: 17623887
Change-Id: I443723bc941b40f84884b330d222baabee01f868
2014-09-26 12:47:04 -07:00
Christopher Ferris
2169e17482 Remove the unnecessary generic-neon code.
Change-Id: Ib75c33caafd76750ec1aca3a74dec5e4b881e965
2014-09-23 18:31:45 -07:00
Elliott Hughes
36a5aa057c Merge "Use the kernel's sa_restorer for aarch64." 2014-09-17 17:04:40 +00:00
Elliott Hughes
7c02d9428c Clean up the architecture-specific makefiles.
Group things appropriately and name each group.

Change-Id: I0da45eb0ccde19c31d5e984d0e6eb3dad26630dc
2014-09-16 19:06:31 -07:00
Elliott Hughes
1cff9a8964 Use the kernel's sa_restorer for aarch64.
gdb was happy with what we had, but libgcc and libunwind weren't.
libgcc is happy with the kernel's restorer (because of the extra nop),
though libunwind looks like it's going to need code changes regardless.

We could make our restorer more like the kernel's one, but why bother
when we can just let the kernel supply the canonical one?

Bug: 17436734
Change-Id: I330fa5e68f23b1cf8133aa552896657b0b873ed3
2014-09-16 15:49:50 -07:00
Elliott Hughes
36f451a6d9 Fix signal trampolines.
* LP32 should use sa_restorer too. gdb expects this, and future (>= 3.15) x86
  kernels will apparently stop supporting the case where SA_RESTORER isn't
  set.

* gdb and libunwind care about the exact instruction sequences, so we need to
  modify the code slightly in a few cases to match what they're looking for.

* gdb also cares about the exact function names (for some architectures),
  so we need to use __restore and __restore_rt rather than __sigreturn and
  __rt_sigreturn.

* It's possible that we don't have a VDSO; dl_iterate_phdr shouldn't assume
  that getauxval(AT_SYSINFO_EHDR) will return a non-null pointer.

This fixes unwinding through a signal handler in gdb for all architectures.
It doesn't fix libunwind for arm and arm64. I'll keep investigating that...

Bug: 17436734
Change-Id: Ic1ea1184db6655c5d96180dc07bcc09628e647cb
2014-09-15 15:04:14 -07:00
Dmitriy Ivanov
6487f0d834 Merge "Add IFUNC support for arm64 and IRELATIVE reloc" 2014-09-12 00:40:12 +00:00
Dmitriy Ivanov
9aea164457 Add IFUNC support for arm64 and IRELATIVE reloc
There are number of changes in the way IFUNC related relocations are done:
 1. IRELATIVE relocations are now supported for x86/x86_64 and arm64.
 2. IFUNC relocations are now relying on static linker to generate
    them in correct order - this removes necessety of additional
    relocation pass for ifuncs.
 3. Related to 2: rela?.dyn relocations are preformed before .plt ones.
 4. Ifunc are resolved on symbol lookup this approach allowed to avoid
    mprotect(PROT_WRITE) call on r-x program segments.

Bug: 17399706
Bug: 17177284
Change-Id: I414dd3e82bd47cc03442c5dfc7c279949aec51ed
2014-09-11 16:30:45 -07:00
Elliott Hughes
b587f339db Add posix_fadvise(3).
(cherry-pick of 00008263782e484020420c606f7d145fe7d0a4d8.)

Bug: 12449798
Change-Id: I07cbf3f670a0d1304b68148325a774f266b5c433
2014-09-11 08:45:46 -07:00
Elliott Hughes
011e111d29 Ensure __set_errno is still visible on LP32.
The use of the .hidden directive to avoid going via the PLT for
__set_errno had the side-effect of actually making __set_errno
hidden (which is odd because assembler directives don't usually
affect symbols defined in a different file --- you can't even
create a weak reference to a symbol that's defined in a different
file).

This change switches the system call stubs over to a new always-hidden
__set_errno_internal and has a visible __set_errno on LP32 just for
binary compatibility with old NDK apps.

(cherry-pick of 7efad83d430f4d824f2aaa75edea5106f6ff8aae.)

Bug: 17423135
Change-Id: I6b6d7a05dda85f923d22e5ffd169a91e23499b7b
2014-09-08 16:46:50 -07:00
Dmitriy Ivanov
f0d8970435 Revert "Fix arm64 build"
This reverts commit 5c1a7fdbd5a085024019b4c9307d2b2ace35df5e.

Change-Id: Ia5fea0d6a8f59700edce0742e2271b5f02a5d87c
2014-09-04 21:53:14 +00:00
Dmitriy Ivanov
5c1a7fdbd5 Fix arm64 build
Bug: 14611536
Change-Id: I4f7f4d1f5c0a37ef38fa0956778393f8d7668512
2014-09-03 16:33:08 -07:00
Elliott Hughes
57b7a6110e Fix pthread_getattr_np for the main thread.
On most architectures the kernel subtracts a random offset to the stack
pointer in create_elf_tables by calling arch_align_stack before writing
the auxval table and so on. On all but x86 this doesn't cause a problem
because the random offset is less than a page, but on x86 it's up to two
pages. This means that our old technique of rounding the stack pointer
doesn't work. (Our old implementation of that technique was wrong too.)

It's also incorrect to assume that the main thread's stack base and size
are constant. Likewise to assume that the main thread has a guard page.
The main thread is not like other threads.

This patch switches to reading /proc/self/maps (and checking RLIMIT_STACK)
whenever we're asked.

Bug: 17111575
Signed-off-by: Fengwei Yin <fengwei.yin@intel.com>
Change-Id: I1d4dbffe7bc7bda1d353c3a295dbf68d29f63158
2014-08-26 10:36:38 -07:00
Elliott Hughes
0e7f8a9e52 Simplify _ALIGN_TEXT.
Bug: 16872067
Change-Id: I2b622f252c21ce1b344c040f828ab3f4bf9b6c0a
2014-08-20 13:11:58 -07:00
Dan Albert
bc9f9f25bf Make __set_errno hidden in asm.
This fixes the build after the -Bsymbolic change.

Bug: 16853291
Change-Id: I989c9fec3c32e0289ea257a3bd2b7fd2709b6ce2
2014-08-08 15:35:47 -07:00
Elliott Hughes
651a0683ca Remove misleading arm/arm64 PIC_SYM.
Bug: 16823325
Change-Id: Ic8ff3a628bb4cd71361e3a1c2cfde4b3d39c50b1
2014-08-07 11:52:38 -07:00
Dan Albert
6a918870ba Revert "Replaces vfork() implementation with fork()"
We're getting cold feet on this one... let's put it back.

This reverts commit 210331d9762037afb9b5ed8413079c6f65872df9.

Change-Id: I6b0d3c2b1dbf7f1dc9566979a91b7504c2189269
2014-08-05 14:11:38 -07:00
Christopher Ferris
0f7ed163cf Merge "Fix memchr with a zero length." 2014-07-30 20:40:05 +00:00
Christopher Ferris
e03e1eac0b Fix memchr with a zero length.
The memchr implementation for 64 bit fails if these conditions occur:

- The buffer is 32 byte aligned.
- The buffer contains the character in the first byte.
- The count sent in is zero.

The function should return NULL, but it's not.

Bug: 16676625
Change-Id: Iab33cc7a8b79920350c72f054dff0e0a3cde69ce
2014-07-30 16:06:56 -07:00
Elliott Hughes
79310994d2 Implement <sys/fsuid.h>.
Change-Id: I1e5e50444a1b5a430ba5b5d9b8b1d91219af5e92
2014-07-30 15:19:29 -07:00
Elliott Hughes
625993dfbb Use VDSO for clock_gettime(2) and gettimeofday(2).
Bug: 15387103
Change-Id: Ifc3608ea65060c1dc38120b10b6e79874f182a36
2014-07-16 14:27:43 -07:00
Bernhard Rosenkränzer
8c20c13100 Add optimized memchr implementation from newlib
Add NEON optimized memchr adapted from newlib

Change-Id: I91b2fafa243e4ab35fa56bb6171d48433c947cfd
Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>
2014-07-11 00:17:07 +02:00
Elliott Hughes
1558138315 Regenerate the bionic NOTICE files.
Also fix a few formatting issues in copyright headers that were confusing
the script (though obviously it would be better if the script were smarter).

Change-Id: I7f561bef4f84fdcbd84f375ee226bd65db0e507b
2014-07-07 15:42:06 -07:00
Christopher Ferris
753eb7f07e Add optimized stpcpy.
Change-Id: Ifed38f92a54fef4488fd0ed26a1569059a054574
2014-06-30 12:48:13 -07:00
Christopher Ferris
2e249c2e7a Merge "Add optimized 64 bit strcpy." 2014-06-26 18:12:01 +00:00
Christopher Ferris
77561bfe0b Add optimized 64 bit strcpy.
Change-Id: I4ac12735a53c3ae9336b148ce694fe6c63613139
2014-06-26 17:51:56 -07:00
Bernhard Rosenkränzer
12c0274d9c Add optimized neon strchr implementation based on newlib
Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>
Change-Id: I276ff0f879e733a1115456247e1342b9c5a09015
2014-06-27 13:21:42 +02:00
Elliott Hughes
3f525d41c2 Add splice, tee, and vmsplice.
Change-Id: I5f43380b88d776a8bb607b47dbbc5db5a2fe6163
2014-06-24 19:03:31 -07:00
Elliott Hughes
7086ad6919 Cache getpid.
In practice, with this implementation we never need to make a system call.
We get the main thread's tid (which is the same as our pid) back from
the set_tid_address system call we have to make during initialization.
A new pthread will have the same pid as its parent, and a fork child's
main (and only) thread will have a pid equal to its tid, which we get for
free from the kernel before clone returns.

The only time we'd actually have to make a getpid system call now is if
we take a signal during fork and the signal handler calls getpid. (That,
or we call getpid in the dynamic linker while it's still dealing with its
own relocations and hasn't even set up the main thread yet.)

Bug: 15387103
Change-Id: I6d4718ed0a5c912fc75b5f738c49a023dbed5189
2014-06-20 09:06:57 -07:00
Christopher Ferris
5c8647665c Merge "add 64-bit bionic implementation for denver arch" 2014-06-17 21:42:00 +00:00
Shu Zhang
0ef7a8fd31 add 64-bit bionic implementation for denver arch
Add 64-bit bionic implementation for denver. memcpy/memset are
denver-specific optimized. Use generic version of other routines.

Change-Id: I44a830e07b82b2986001d73d1540b4080aaa839b
2014-06-12 15:08:27 +08:00