Commit Graph

139 Commits

Author SHA1 Message Date
Nick Kralevich
00490ae3f3 Ensure raw fchmod/fchmodat syscalls are hidden.
In https://android-review.googlesource.com/#/c/127908/5/libc/SYSCALLS.TXT@116
Elliott said:

  for LP64 these will be hidden. for LP32 we were cowards and left
  them all public for compatibility (though i don't think we ever
  dremeled to see whether it was needed). we don't have an easy
  way to recognize additions, though, so we can't prevent adding
  new turds.

Add a mechanism to prevent the adding of new turds, and use that
mechanism on the fchmod/fchmodat system calls.

Bug: 19233951
Change-Id: I98f98345970b631a379f348df57858f9fc3d57c0
2015-02-03 12:10:30 -08:00
Nick Kralevich
3cbc6c627f Add fchmodat(AT_SYMLINK_NOFOLLOW) and fchmod O_PATH support
Many libc functions have an option to not follow symbolic
links. This is useful to avoid security sensitive code
from inadvertantly following attacker supplied symlinks
and taking inappropriate action on files it shouldn't.
For example, open() has O_NOFOLLOW, chown() has
lchown(), stat() has lstat(), etc.

There is no such equivalent function for chmod(), such as lchmod().
To address this, POSIX introduced fchmodat(AT_SYMLINK_NOFOLLOW),
which is intended to provide a way to perform a chmod operation
which doesn't follow symlinks.

Currently, the Linux kernel doesn't implement AT_SYMLINK_NOFOLLOW.
In GLIBC, attempting to use the AT_SYMLINK_NOFOLLOW flag causes
fchmodat to return ENOTSUP. Details are in "man fchmodat".

Bionic currently differs from GLIBC in that AT_SYMLINK_NOFOLLOW
is silently ignored and treated as if the flag wasn't present.

This patch provides a userspace implementation of
AT_SYMLINK_NOFOLLOW for bionic. Using open(O_PATH | O_NOFOLLOW),
we can provide a way to atomically change the permissions on
files without worrying about race conditions.

As part of this change, we add support for fchmod on O_PATH
file descriptors, because it's relatively straight forward
and could be useful in the future.

The basic idea behind this implementation comes from
https://sourceware.org/bugzilla/show_bug.cgi?id=14578 , specifically
comment #10.

Change-Id: I1eba0cdb2c509d9193ceecf28f13118188a3cfa7
2015-02-02 13:17:17 -08:00
Raghu Gandham
86d2feef9f Modify MIPS64 stat structure to match a generic one in AOSP.
The kernel version of the stat structure is used during the syscalls. After the syscall,
the kernel stat structure is converted to match the generic one. Eventually we would like
the generic stat structure and related syscalls be added to MIPS64 kernel, removing the
thunks added to AOSP.

Change-Id: I7764e80278c1cc8254754c3531ec2dda7544a8ec
2015-01-28 16:12:17 -08:00
Yabin Cui
94926f8cfa Merge "support _POSIX_REALTIME_SIGNALS" 2014-12-09 20:10:19 +00:00
Yabin Cui
634816055f support _POSIX_REALTIME_SIGNALS
Bug: 18489947
Change-Id: I2e834d68bc10ca5fc7ebde047b517a3074179475
2014-12-08 21:52:43 -08:00
Yabin Cui
efbb6fb3f7 change argument type in madvise
Make madvise prototype the same as linux man page.

Bug: 18539500
Change-Id: If3fd0e1d9539b9e10531ab9087bc4040e32b6e9b
2014-12-03 11:11:50 -08:00
Elliott Hughes
b86a4c7f65 Add sethostname(2).
Not very useful, but helps building stuff like toybox out of the box.

Change-Id: I110e39030452bd093a84278e019c5752d293718d
2014-11-07 16:48:27 -08:00
Haruki Hasegawa
1816025684 Add clock_settime and clock_nanosleep.
Add the missing prototypes, fix the existing prototypes to use clockid_t
rather than int, fix clock_nanosleep's failure behavior, and add simple
tests.

Bug: 17644443
Bug: https://code.google.com/p/android/issues/detail?id=77372
Change-Id: I03fba369939403918abcabae9551a7123953d780
Signed-off-by: Haruki Hasegawa <h6a.h4i.0@gmail.com>
2014-10-13 17:04:10 -07:00
Elliott Hughes
9990b3973b Fix mips __fadvise64.S build failure.
Bug: 12449798
Change-Id: I0663b741108ba2f1d286904d6414b3ff4d475551
2014-09-11 10:10:08 -07:00
Elliott Hughes
b587f339db Add posix_fadvise(3).
(cherry-pick of 00008263782e484020420c606f7d145fe7d0a4d8.)

Bug: 12449798
Change-Id: I07cbf3f670a0d1304b68148325a774f266b5c433
2014-09-11 08:45:46 -07:00
Dan Albert
47793d6a29 Remove _flush_cache(2) for mips64.
Also remove declaration.

The only user is compiler-rt, and they can replace that call with one to
syscall(2). compiler-rt doesn't currently build on mips64 anyway.

Bug: 11156955
Change-Id: Ieae0ba49c8e7aa50253401fc1d7c2d17bc867d39
2014-08-21 13:32:37 -07:00
Dan Albert
6a918870ba Revert "Replaces vfork() implementation with fork()"
We're getting cold feet on this one... let's put it back.

This reverts commit 210331d976.

Change-Id: I6b0d3c2b1dbf7f1dc9566979a91b7504c2189269
2014-08-05 14:11:38 -07:00
Elliott Hughes
79310994d2 Implement <sys/fsuid.h>.
Change-Id: I1e5e50444a1b5a430ba5b5d9b8b1d91219af5e92
2014-07-30 15:19:29 -07:00
Elliott Hughes
9c07aee83b Clean up some misinformation around prctl.
prctl shouldn't be in <unistd.h>.

Change-Id: I29609fc91c033e1ad143b75d9b4eb17aefbd63d6
2014-07-18 16:15:32 -07:00
Elliott Hughes
625993dfbb Use VDSO for clock_gettime(2) and gettimeofday(2).
Bug: 15387103
Change-Id: Ifc3608ea65060c1dc38120b10b6e79874f182a36
2014-07-16 14:27:43 -07:00
Elliott Hughes
3f525d41c2 Add splice, tee, and vmsplice.
Change-Id: I5f43380b88d776a8bb607b47dbbc5db5a2fe6163
2014-06-24 19:03:31 -07:00
Elliott Hughes
7086ad6919 Cache getpid.
In practice, with this implementation we never need to make a system call.
We get the main thread's tid (which is the same as our pid) back from
the set_tid_address system call we have to make during initialization.
A new pthread will have the same pid as its parent, and a fork child's
main (and only) thread will have a pid equal to its tid, which we get for
free from the kernel before clone returns.

The only time we'd actually have to make a getpid system call now is if
we take a signal during fork and the signal handler calls getpid. (That,
or we call getpid in the dynamic linker while it's still dealing with its
own relocations and hasn't even set up the main thread yet.)

Bug: 15387103
Change-Id: I6d4718ed0a5c912fc75b5f738c49a023dbed5189
2014-06-20 09:06:57 -07:00
Dan Albert
607341e226 Remove ioprio_get(2) and ioprio_set(2) from LP64.
Bug: 11156955
Change-Id: I07b596d85e4bd6347d488d1a92c8d0a00b5ef3b3
2014-06-12 18:10:13 -07:00
Dan Albert
440bd6bcc3 Merge "Replaces vfork() implementation with fork()" 2014-06-10 22:08:45 +00:00
Dan Albert
210331d976 Replaces vfork() implementation with fork()
vfork() was removed from POSIX 2008, so this replaces its implementation
with a call to fork().

Bug: 13935372
Change-Id: I6d99ac9e52a2efc5ee9bda1cab908774b830cedc
2014-06-10 21:38:52 -07:00
Elliott Hughes
3d5cb30d23 Remove getdents from bionic.
Bug: 11156955
Change-Id: I6c306989801be552d85fba8a50dcdc79282fb9d2
2014-06-06 15:05:58 -07:00
Elliott Hughes
5d9a7ba0dc Avoid a system call in 'gettid'.
System calls can be pretty slow. This is mako, which has one of our
lowest latencies:

                       iterations      ns/op
  BM_unistd_getpid       10000000        209
  BM_unistd_gettid      200000000          8

Bug: 15297299 (kernel panic from too many gettid calls)
Bug: 15315766 (excessive gettid overhead in liblogd)
Change-Id: I49656c0fc5b5d092390264a59e4f2c0d8a8b1aeb
2014-06-02 10:32:55 -07:00
Elliott Hughes
b30aff405a Revert "Revert "Lose the hand-written futex assembler.""
The problem with the original patch was that using syscall(3) means that
errno can be set, but pthread_create(3) was abusing the TLS errno slot as
a pthread_mutex_t for the thread startup handshake.

There was also a mistake in the check for syscall failures --- it should
have checked against -1 instead of 0 (not just because that's the default
idiom, but also here because futex(2) can legitimately return values > 0).

This patch stops abusing the TLS errno slot and adds a pthread_mutex_t to
pthread_internal_t instead. (Note that for LP64 sizeof(pthread_mutex_t) >
sizeof(uintptr_t), so we could potentially clobber other TLS slots too.)

I've also rewritten the LP32 compatibility stubs to directly reuse the
code from the .h file.

This reverts commit 75c55ff84e.

Bug: 15195455
Change-Id: I6ffb13e5cf6a35d8f59f692d94192aae9ab4593d
2014-05-28 18:31:15 -07:00
Narayan Kamath
75c55ff84e Revert "Lose the hand-written futex assembler."
This reverts commit ced906c849.

Causes issues on art / dalvik due to a broken return value
check and other undiagnosed issues.

bug: 15195455

Change-Id: I5d6bbb389ecefb0e33a5237421a9d56d32a9317c
2014-05-28 18:03:01 +00:00
Elliott Hughes
ced906c849 Lose the hand-written futex assembler.
Also stop exporting 'futex'.

Bug: 12250341
Change-Id: Icc4fa4296cd04dfe0d1061822c69e2eb40c3433a
2014-05-22 19:49:11 -07:00
Elliott Hughes
6e599a904b Remove the tkill(2) stub.
glibc doesn't have tkill or tgkill and says "use syscall(3) instead".
I've left tgkill since it's quite widely used, but there's no reason
to have tkill as well.

Bug: 11156955
Change-Id: Ifc0af750320086f829bc9914551c172b501f3b60
2014-05-22 13:41:36 -07:00
Elliott Hughes
46a55a4478 Remove __syslog; we have the public klogctl API.
Bug: 11156955
Change-Id: I5c2cc02f39f76dd32984135f5c12c10bf2853796
2014-05-20 21:01:00 -07:00
Elliott Hughes
4e631ba568 Remove perf_event_open.
This was accidentally added at a time when you couldn't add a constant
to <syscall.h> without generating an assembly stub! (You no longer need
to add the constants at all.)

Bug: 11156955
Change-Id: I053c17879138787976c744a5ecf7d30ee51dc48f
2014-05-20 16:24:55 -07:00
Sreeram Ramachandran
903b78873a Mark sockets on creation (socket()) and accept4().
Remove the separate syscall for accept() and implement it as accept4(..., 0).

Change-Id: Ib0b8f5d7c5013b91eae6bbc3847852eb355c7714
2014-05-19 15:19:16 -07:00
Elliott Hughes
7222b1b594 Hide __signalfd4, used to implement signalfd(3).
Bug: 11156955
Change-Id: I50842279cb5b32ec8bd45193435574e415cd806e
2014-05-16 15:47:29 -07:00
Sreeram Ramachandran
8f0cd8aa22 Mark sockets on accept().
(cherry picked from commit 58b1f3f6a30a660ad81637c2b50382c3d279243b)

Change-Id: I5d09be413cf720fbed905f96313b007997ada76c
2014-05-14 11:10:22 -07:00
Sreeram Ramachandran
ceb5bd787c Introduce netd_client, a dynamic library that talks to netd.
The library exists outside bionic. It is dynamically loaded, to replace selected
standard socket syscalls with versions that talk to netd.

Change connect() to use the library if available.

(cherry picked from commit 3a6b627a14df8111b03e452f2df4b5f4938e0e49)

Change-Id: Ib6198e19dbc306521a26fcecfdf6e8424d163fc9
2014-05-13 11:30:03 -07:00
Elliott Hughes
dcbef06ce6 Remove the useless indirection in mips' __set_tls.
Change-Id: I12e9d6716c42ccbccc9a186441aca0736bb22d05
2014-05-12 16:11:06 -07:00
Elliott Hughes
9f525644df Implement _Exit(3).
Change-Id: Ida6ac844cc87d38c9645b197dd8188bb73e27dbe
2014-04-08 17:16:13 -07:00
Andrei Emeltchenko
8f2a30a92a Add accept4() syscall
Add accept4() using SYSCALLS.TXT and gensyscall

Change-Id: I6f19f29144186d15d46423e10f2cc4b4223719c6
2014-03-26 15:50:01 +02:00
Elliott Hughes
4b558f50a4 Rewrite the POSIX timer functions.
This is a much simpler implementation that lets the kernel
do as much as possible.

Co-authored-by: Jörgen Strand <jorgen.strand@sonymobile.com>
Co-authored-by: Snild Dolkow <snild.dolkow@sonymobile.com>
Change-Id: Iad19f155de977667aea09410266d54e63e8a26bf
2014-03-07 16:49:46 -08:00
Guillaume Ranquet
6ff0c75c83 Add recvmmsg and sendmmsg syscalls.
Also add the corresponding constant, struct, and function declarations
to <sys/socket.h>, and perfunctory tests so we know that the symbols
actually exist.

Signed-off-by: Guillaume Ranquet <guillaumex.ranquet@intel.com>
Change-Id: Ib0d854239d3716be90ad70973c579aff4895a4f7
2014-02-27 14:29:01 -08:00
Elliott Hughes
db1ea34748 Implement some of the missing LFS64 support.
This gives us:

* <dirent.h>
  struct dirent64
  readdir64, readdir64_r, alphasort64, scandir64

* <fcntl.h>
  creat64, openat64, open64.

* <sys/stat.h>
  struct stat64
  fstat64, fstatat64, lstat64, stat64.

* <sys/statvfs.h>
  struct statvfs64
  statvfs64, fstatvfs64.

* <sys/vfs.h>
  struct statfs64
  statfs64, fstatfs64.

This also removes some of the incorrect #define hacks we've had in the
past (for stat64, for example, which we promised to clean up way back
in bug 8472078).

Bug: 11865851
Bug: 8472078
Change-Id: Ia46443521918519f2dfa64d4621027dfd13ac566
2014-02-18 15:39:24 -08:00
Chris Dearman
5043212b76 [MIPS64] Add syscall related files
Change-Id: I2f5d05df0e767538a6fe467ca0a2386325f8b71f
Signed-off-by: Chris Dearman <chris.dearman@imgtec.com>
Signed-off-by: Raghu Gandham <raghu.gandham@imgtec.com>
Signed-off-by: Duane Sand <duane.sand@imgtec.com>
2014-02-06 15:39:38 -08:00
Elliott Hughes
f64b8ea09d Add fallocate/fallocate64/posix_fallocate/posix_fallocate64.
Bug: 5287571
Bug: 12612860
Change-Id: I4501b9c6cdf9a830336ce0b3afc4ea716b6a0f6f
2014-02-03 16:20:46 -08:00
Colin Cross
d1973ca513 bionic: rename aarch64 target to arm64
Rename aarch64 build targets to arm64.  The gcc toolchain is still
aarch64.

Change-Id: Ia92d8a50824e5329cf00fd6f4f92eae112b7f3a3
2014-01-23 18:35:39 -08:00
Elliott Hughes
0f461e35f6 Fix <sys/resource.h>.
The situation here is a bit confusing. On 64-bit, rlimit and rlimit64 are
the same, and so getrlimit/getrlimit64, setrlimit/setrlimit64,
and prlimit/prlimit64 are all the same. On 32-bit, rlimit and rlimit64 are
different. 32-bit architectures other than MIPS go one step further by having
an even more limited getrlimit system call, so arm and x86 need to use
ugetrlimit instead of getrlimit. Worse, the 32-bit architectures don't have
64-bit getrlimit- and setrlimit-equivalent system calls, and you have to use
prlimit64 instead. There's no 32-bit prlimit system call, so there's no
easy implementation of that --- what should we do if the result of prlimit64
won't fit in a struct rlimit? Since 32-bit survived without prlimit/prlimit64
for this long, I'm not going to bother implementing prlimit for 32-bit.

We need the rlimit64 functions to be able to build strace 4.8 out of the box.

Change-Id: I1903d913b23016a2fc3b9f452885ac730d71e001
2014-01-09 11:00:04 -08:00
Elliott Hughes
887e1140fe Clean up <sched.h>.
This patch switches to using the uapi constants. It also adds the missing
setns system call, fixes sched_getcpu's error behavior, and fixes the
gensyscalls script now ARM is uapi-only too.

Change-Id: I8e16b1693d6d32cd9b8499e46b5d8b0a50bc4f1d
2014-01-02 12:05:50 -08:00
Serban Constantinescu
ed76a9361c AArch64: Fix mmap64() definition for AArch64, X86_64
For 64bit Architectures mmap() is equivalent to mmap64(). This patch
maps mmap64() to mmap() in a similar way to other syscalls that differ
based on the size of off_t and off64_t

Change-Id: If21b21ef71120bad23d9a608d02d4a7de5220a87
Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
2013-12-12 10:41:52 -08:00
Christopher Ferris
ed45970ac5 Add cfi directives to all arm assembly.
Since the ENTRY/END macros now have .cfi_startproc/.cfi_endproc, most of the
custom arm assembly has no unwind information. Adding the proper cfi directives
for these and removing the arm directives.

Update the gensyscalls.py script to add these cfi directives for the generated
assembly. Also fix the references to non-uapi headers to the proper uapi
header.

In addition, remove the kill.S, tkill.S, tgkill.S for arm since they are not
needed at all. The unwinder (libunwind) is able to properly unwind using the
normal abort.

After this change, I can unwind through the system calls again.

Bug: 11559337
Bug: 11825869
Bug: 11321283

Change-Id: I18b48089ef2d000a67913ce6febc6544bbe934a3
2013-12-02 19:13:12 -08:00
Elliott Hughes
36d6188f8c Clean up forking and cloning.
The kernel now maintains the pthread_internal_t::tid field for us,
and __clone was only used in one place so let's inline it so we don't
have to leave such a dangerous function lying around. Also rename
files to match their content and remove some useless #includes.

Change-Id: I24299fb4a940e394de75f864ee36fdabbd9438f9
2013-11-19 14:08:54 -08:00
Elliott Hughes
877ec6d904 Fix pthread_join.
Let the kernel keep pthread_internal_t::tid updated, including
across forks and for the main thread. This then lets us fix
pthread_join to only return after the thread has really exited.

Also fix the thread attributes of the main thread so we don't
unmap the main thread's stack (which is really owned by the
dynamic linker and contains things like environment variables),
which fixes crashes when joining with an exited main thread
and also fixes problems reported publicly with accessing environment
variables after the main thread exits (for which I've added a new
unit test).

In passing I also fixed a bug where if the clone(2) inside
pthread_create(3) fails, we'd unmap the child's stack and TLS (which
contains the mutex) and then try to unlock the mutex. Boom! It wasn't
until after I'd uploaded the fix for this that I came across a new
public bug reporting this exact failure.

Bug: 8206355
Bug: 11693195
Bug: https://code.google.com/p/android/issues/detail?id=57421
Bug: https://code.google.com/p/android/issues/detail?id=62392
Change-Id: I2af9cf6e8ae510a67256ad93cad891794ed0580b
2013-11-18 19:48:11 -08:00
Chris Dearman
effaa7824d [MIPS] Reimplement syscall to invoke the system call directly
Some MIPS kernels do not correctly restart interrupted system calls that
have been invoked using the indirect syscall (NR_syscall).

The simplest workaround is to handle the indirection in userland and then
call the required system call directly.

Change-Id: I8385399621529db9a52b463c96925f6decaaca30
2013-11-14 16:53:15 -08:00
Elliott Hughes
062092543f Clean up the 32-bit kernel support, fix LP64 fcntl declaration.
In practice, thanks to all the registers the stubs don't actually change,
but it's confusing to have an incorrect declaration.

I suspect that fcntl remains broken for aarch64; it happens to work for
x86_64 because the first vararg argument gets placed in the right register
anyway, but I have no reason to believe that's true for aarch64.

This patch adds a unit test, though, so we'll be able to tell when we get
as far as running the unit tests.

Change-Id: I58dd0054fe99d7d51d04c22781d8965dff1afbf3
2013-11-06 16:33:39 -08:00
Elliott Hughes
8fbf8deb34 Fix pread/pwrite for LP64.
Unlike on 32-bit systems where off_t is 32-bit, we don't want to
throw away the top 32 bits of an LP64 system's 64-bit off_t.

Change-Id: Ib2e0daeb4fc0b8ab3d1b983d0b371d8f81033b50
2013-11-06 13:10:37 -08:00