Commit Graph

131 Commits

Author SHA1 Message Date
Ard Biesheuvel
404e28ff8c hardening: remove pointless ARM __get_pc() function
Useful if you're trying to defeat ASLR, otherwise not
so much ...

Change-Id: I17ebb50bb490a3967db9c3038f049adafe2b8ea7
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@gmail.com>
2012-08-22 20:38:54 +02:00
Pavel Chupin
b7beb69075 Add link.h for all platforms with dl_phdr_info
This header is used on bionic build and should be propagated into
sysroot on toolchain rebuild. Discussion re. this header is here:
http://gcc.gnu.org/ml/gcc-patches/2012-08/msg00936.html

It is available already in mips NDK platforms:
development/ndk/platforms/android-9/arch-mips/include/link.h

Change-Id: I39ff467cdac9f448e31c11ee3e14a6200e82ab57
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
2012-08-17 12:44:23 -07:00
Nick Kralevich
6eee1fc68f crtend*: Add GNU_STACK note
Add a GNU_STACK marker to crtend* files. This tells the linker
that these files do not require an executable stack.

When linking, a missing GNU_STACK marker in any .o file can prevent
the compiler from automatically marking the final executable as NX
safe (executable stack not required).  In Android, we normally work
around this by adding -Wa,--noexecstack / -Wl,-z,noexecstack.
For files like crtend.S / crtend_so.S, which are included in every
executable / shared library, it's better to add the GNU_STACK note
directly to the assembly file.  This allows the compiler to
automatically mark the final executable as NX safe without any
special command line options.

References: http://www.gentoo.org/proj/en/hardened/gnu-stack.xml

Change-Id: I07bd058f9f60ddd8b146e0fb36ba26ff84c0357d
2012-08-10 14:12:00 -07:00
Jeff Sharkey
e36c826f7a Add unshare() syscall.
(cherry-pick of 5467f25f82934d611c60f8bc57a05114f3c1bea0.)

Bug: 6925012
Change-Id: Ic5ea2fbd606311087de05d7a3594df2fa9b2fef9
2012-08-10 12:57:43 -07:00
Peter Enderborg
3460db9490 bionic: Stack pointer/signal race condition.
Move the stackpointer so a captured signal does not corrupt
stack variables needed for __thread_entry.

Change-Id: I3e1e7b94a6d7cd3a07081f849043262743aa8064
2012-07-27 15:11:01 +02:00
Nick Kralevich
9d40326830 arm: rewrite crtbegin* as C files.
Rewrite
 crtbegin.S     -> crtbegin.c
 crtbegin_so.S  -> crtbegin_so.c

This change allows us to generate PIC code without relying
on text relocations.

As a consequence of this rewrite, also rewrite
  __dso_handle.S    -> __dso_handle.c
  __dso_handle_so.S -> __dso_handle_so.c
  atexit.S          -> atexit.c

In crtbegin.c _start, place the __PREINIT_ARRAY__, __INIT_ARRAY__,
__FINI_ARRAY__, and __CTOR_LIST__ variables onto the stack, instead of
passing a pointer to the text section of the binary.

This change appears sorta wonky, as I attempted to preserve,
as much as possible, the structure of the original assembly.
As a result, you have C files including other C files, and other
programming uglyness.

Result: This change reduces the number of files with text-relocations
from 315 to 19 on my Android build.

Before:
  $ scanelf -aR $OUT/system | grep TEXTREL | wc -l
  315

After:
  $ scanelf -aR $OUT/system | grep TEXTREL | wc -l
  19

Change-Id: Ib9f98107c0eeabcb606e1ddc7ed7fc4eba01c9c4
2012-06-01 14:41:27 -07:00
Nick Kralevich
83a73d1afe crtbegin: eliminate duplicate code
crtbegin_dynamic and crtbegin_static are essentially identical,
minus a few trivial differences (comments and whitespace).

Eliminate duplicates.

Change-Id: Ic9fae6bc9695004974493b53bfc07cd3bb904480
2012-05-30 11:45:12 -07:00
Iliyan Malchev
8034415ddd resolved conflicts for merge of 08e72d01 to jb-dev-plus-aosp
Change-Id: If00e354a5953ed54b31963d4f8ea77e1603c321e
2012-05-10 09:19:59 -07:00
Prajakta Gudadhe
08e72d0161 bionic: add support for non-NEON memcpy() on NEON SoCs
Some SoCs that support NEON nevertheless perform better with a non-NEON than a
NEON memcpy().  This patch adds build variable ARCH_ARM_USE_NON_NEON_MEMCPY,
which can be set in BoardConfig.mk.  When ARCH_ARM_USE_NON_NEON_MEMCPY is
defined, we compile in the non-NEON optimized memcpy() even if the SoC supports
NEON.

Change-Id: Ia0e5bee6bad5880ffc5ff8f34a1382d567546cf9
2012-05-09 13:34:31 -07:00
Ben Cheng
da0d8534f1 am 08b51e2c: Implement the "abort" stub in assembly for ARM.
* commit '08b51e2c091d036c124259ae59eb7be6bbe346af':
  Implement the "abort" stub in assembly for ARM.
2012-05-09 01:48:40 -07:00
Ben Cheng
08b51e2c09 Implement the "abort" stub in assembly for ARM.
So that we can always get the full stack trace regardless of gcc's handling
of the "noreturn" attribute associated with abort().

[cherry-picked from master]

BUG:6455193
Change-Id: I0102355f5bf20e636d3feab9d1424495f38e39e2
2012-05-08 14:39:35 -07:00
Elliott Hughes
e636e1f2c1 am 8657eafc: Merge "Adjust memcpy for ARM Cortex A9 cache line size"
* commit '8657eafc3552f36c176667c1591beab255308da6':
  Adjust memcpy for ARM Cortex A9 cache line size
2012-05-07 13:59:58 -07:00
Henrik Smiding
fe6338da91 Adjust memcpy for ARM Cortex A9 cache line size
ARM Cortex A8 use 64 bytes and ARM Cortex A9 use 32 bytes cache line
size.

The following patch:
  Adds code to adjust memcpy cache line size to match A9 cache line
  size.
  Adds a flag to select between 32 bytes and 64 bytes cache line
  size.

  Copyright (C) ST-Ericsson SA 2010
    Modified neon implementation to fit Cortex A9 cache line size
    Author: Henrik Smiding henrik.smiding@stericsson.com for
            ST-Ericsson.

Change-Id: I8a55946bfb074e6ec0a14805ed65f73fcd0984a3
Signed-off-by: Christian Bejram <christian.bejram@stericsson.com>
2012-05-07 14:18:02 +02:00
Evgeniy Stepanov
4a9d6e50bb Fix segv when unwinding stack past __libc_init.
This change mirrors cd15bac for statically-linked binaries.

Change-Id: Id870832a50b37f0ef3e79e1ed03ed31390bfc9ef
2012-04-18 12:59:38 +04:00
Kenny Root
f0ec06ba60 Add faccessat to syscall list
Change-Id: I427a18811089cb280769ac8da3ed8adc00a65a10
2012-04-13 15:45:42 -07:00
Elliott Hughes
d5099016f7 Merge "Fix segv when unwinding stack past __libc_init." 2012-04-12 11:52:44 -07:00
Kenny Root
470835b215 Move end of __on_dlclose up
The END macro was put too far down which made the linker complain about
it. Move up to the end of the code.

Change-Id: Ica71a9c6083b437d2213c7cefe34b0083c78f16b
2012-04-11 14:24:28 -07:00
Kenny Root
03273f8fc0 __on_dlclose should be aligned
Marking segments read-only was pushing the alignment of __on_dlclose by
2 bytes making it unaligned. This change makes sure the ARM code is
aligned to the 4 byte boundary.

Bug: 6313309
Change-Id: Ic2bf475e120dd61225ec19e5d8a9a8b1d0b7f081
2012-04-10 17:53:11 -07:00
Evgeniy Stepanov
cd15bacf33 Fix segv when unwinding stack past __libc_init.
This change fixes a segmentation fault in the libc unwinder when it goes
past __libc_init.

Unwind instructions for __libc_init direct it to grab the return address from
the stack frame. Without this change, the unwinder gets a wild address and
looks up further unwind instructions for the routine at that address. If it's
unlucky enough to hit an existing function, it will try to unwind it. Bad
things happen then.

With this change, the return address always points to the _start function,
which does not have unwind instructions associated with it. This stop the
unwind process.

__libc_init never returns, so this does not affect program execution, other
than adding 4 bytes on the main thread stack.

Change-Id: Id58612172e8825c8729cccd081541a13bff96bd0
2012-04-10 16:45:54 +04:00
Ben Cheng
1a823691a2 Update kernel headers and add syscall "perf_event_open"
Change-Id: I43f12b727881df002a8524f2738586c043833bae
2012-03-13 12:28:40 -07:00
Kenny Root
be101bf39a Revert "Reference __dso_handle in PIC way"
This reverts commit 93cb308137
2012-03-05 10:45:31 -08:00
Kenny Root
93cb308137 Reference __dso_handle in PIC way
Use the same pattern in atexit.S to reference __dso_handle in a way that
doesn't require a TEXTREL flag to be set.

Change-Id: Id69d20863ee203d2b2f7ef0db230f9b548657741
2012-03-02 13:09:36 -08:00
Andrew Hsieh
4fc1273459 Merge "Trivial fix in comment" 2012-02-29 09:40:49 -08:00
Dima Zavin
f1a17e762b libc: Add __aeabi_llsl and __aeabi_llsr to libgcc_compat
Some platform libraries built for ICS do not work with master
because of some refactoring in frameworks/base.

Make sure that these libgcc symbols are always present in our libc

Change-Id: Ib8d345878be0ba711f051082a778f5cc1f1b3a19
Signed-off-by: Dima Zavin <dima@android.com>
2012-02-22 15:18:56 -08:00
Andrew Hsieh
58b2c1616b Trivial fix in comment
Very, very trivial fix for minor typo in comment about how it works

Change-Id: Ia08d332366837dec8f7e91b9728732c5edea223e
2012-02-21 15:09:32 -08:00
Jean-Baptiste Queru
d6b58b03b8 am 09049311: am cfff36df: am a60ff6c5: Merge "libc: Define new symbol visibility macros"
* commit '09049311a229c427f73e3e0ac873bf344b45aaf2':
  libc: Define new symbol visibility macros
2012-02-13 14:42:48 -08:00
Jean-Baptiste Queru
cfff36df2b am a60ff6c5: Merge "libc: Define new symbol visibility macros"
* commit 'a60ff6c5b2ca76181b387d8c10aee22a2cbcf840':
  libc: Define new symbol visibility macros
2012-02-13 14:25:53 -08:00
David 'Digit' Turner
5fbf2e0992 libc: Define new symbol visibility macros
This patch defines a few new macros that can be used to control the
visibility of symbols exported by the C library:

- ENTRY_PRIVATE() can be used in assembly sources to indicate
  that an assembler function should have "hidden" visibility, i.e.
  will never be exported by the C library's shared library.

  This is the equivalent of using __LIBC_HIDDEN__ for a C function,
  but ENTRY_PRIVATE() works like ENTRY(), and must be used with
  END() to tag the end of the function.

- __LIBC_ABI_PUBLIC__ can be used to tag a C functions as being
  part of the C library's public ABI. This is important for a
  few functions that must be exposed by the NDK to maintain
  binary compatibility.

  Once a symbol has been tagged with this macro, it shall
  *never* be removed from the library, even if it becomes
  directly unused due to implementation changes
  (e.g. __is_threaded).

- __LIBC_ABI_PRIVATE__ can be used for C functions that should
  always be exported by the C library because they are used by
  other libraries in the platform, but should not be exposed
  by the NDK. It is possible to remove such symbols from the
  implementation if all callers are also modified.

+ Add missing END() assembly macro for x86

Change-Id: Ia96236ea0dbec41d57bea634b39d246b30e5e234
2012-01-31 22:19:09 +01:00
Jean-Baptiste Queru
73fa5fdaf9 Merge 2f80f07d
Change-Id: Iff51b8530dbee01499ba4af0ecd6ab837c8c94fb
2012-01-20 16:47:01 -08:00
Jean-Baptiste Queru
2f80f07d81 am 23f56bbb: Merge "Add extended attribute (xattr) system call wrappers to bionic."
* commit '23f56bbb6ae053996dd821f29379aea0c7166055':
  Add extended attribute (xattr) system call wrappers to bionic.
2012-01-20 11:54:47 -08:00
Stephen Smalley
5eb686d105 Add extended attribute (xattr) system call wrappers to bionic.
The xattr system calls are required for the SE Android userspace in
order to get and set file security contexts.  In particular, libselinux
requires these calls.

Change-Id: I78f5eb3d8f3384aed0a5e7c6a6f001781d982017
2012-01-18 08:02:23 -05:00
Nick Kralevich
023e5409df am 06f51ba1: am f44de270: add personality() system call.
* commit '06f51ba1af2fafeec7fdfcba5d635bd001a31b3e':
  add personality() system call.
2012-01-17 13:09:53 -08:00
Nick Kralevich
06f51ba1af am f44de270: add personality() system call.
* commit 'f44de270bba32c9b1b5eff8a34be07b10ddff238':
  add personality() system call.
2012-01-17 11:45:25 -08:00
Nick Kralevich
f44de270bb add personality() system call.
Change-Id: Ie899def8ea1d705930ed83adae1343c1353e7c57
2012-01-13 15:50:40 -08:00
Bruce Beare
6519c8124e am e30e9093: sreadahead: adding readahead system call into bionic libc
* commit 'e30e909363c5c706f394050d9cd00ce222caadbf':
  sreadahead: adding readahead system call into bionic libc
2012-01-03 18:37:28 -08:00
Bruce Beare
e30e909363 sreadahead: adding readahead system call into bionic libc
Add bionic libc to support readahead system call.
This is needed to enable sreadahead to work.

Change-Id: I3856e1a3833db82e6cf42fd34af7631bd40cc723
Author: Winson Yung <winson.w.yung@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
2012-01-03 15:18:04 -08:00
David 'Digit' Turner
f1a39dce60 libc: Fix typo that broke NDK compatibility.
The function must be named __atomic_cmpxchg, not __android_cmpxchg.
This typo broke existing prebuilt binaries (they couldn't be loaded
at runtime anymore).

Change-Id: I25ca7d18329817f0056e616a0409113269ad7b1f
2011-11-23 14:38:36 +01:00
David 'Digit' Turner
de44d0b2bd Merge "libc: provide atomic operations will full barriers for NDK apps." 2011-11-22 02:10:06 -08:00
Jeff Brown
10c8ce59a4 Add tgkill syscall.
Use tgkill instead of tkill to implement pthread_kill.
This is safer in the event that the thread has already terminated
and its id has been reused by a different process.

Change-Id: Ied715e11d7eadeceead79f33db5e2b5722954ac9
2011-11-18 16:40:48 -08:00
David 'Digit' Turner
0fec6b9d88 libc: provide atomic operations will full barriers for NDK apps.
__atomic_cmpxchg and other related atomic operations did not
provide memory barriers, which can be a problem for non-platform
code that links against them when it runs on multi-core devices.

This patch does two things to fix this:

- It modifies the existing implementation of the functions
  that are exported by the C library to always provide
  full memory barriers. We need to keep them exported by
  the C library to prevent breaking existing application
  machine code.

- It also modifies <sys/atomics.h> to only export
  always-inlined versions of the functions, to ensure that
  any application code compiled against the new header will
  not rely on the platform version of the functions.

  This ensure that said machine code will run properly on
  all multi-core devices.

This is based on the GCC built-in sync primitives.

The end result should be only slightly slower than the
previous implementation.

Note that the platform code does not use these functions
at all. A previous patch completely removed their usage in
the pthread and libstdc++ code.

+ rename arch-arm/bionic/atomics_arm.S to futex_arm.S
+ rename arch-x86/bionic/atomics_x86.S to futex_x86.S
+ remove arch-x86/include/sys/atomics.h which already
  provided inlined functions to the x86 platform.

Change-Id: I752a594475090cf37fa926bb38209c2175dda539
2011-11-16 17:37:15 +01:00
Nick Kralevich
d9ad62343c Add linker support for PIE
Modify the dynamic linker so that executables can be loaded
at locations other than 0x00000000.

Modify crtbegin* so that non-PIC compilant "thumb interwork
veneers" are not created by the linker.

Bug: 5323301
Change-Id: Iece0272e2b708c79034f302c20160e1fe9029588
2011-10-22 13:19:23 -07:00
Evgeniy Stepanov
487b613e57 Use ENTRY and EXIT macros for strcmp, memcpy, atexit.
Without this change strcmp size is zero (not set), and it gets
ignored by Valgrind. Changes to memcpy and atexit don't affect the
generated binary in any way.

Change-Id: I05818cb5951f75901dc8c0eef02807a2e83a9231
2011-10-11 12:12:05 +04:00
David 'Digit' Turner
58246b7067 libc: Add __aeabi_f2uiz to libgcc_compat.c
This patch ensure that __aeabi_f2uiz is embedded in our C library.
This is needed to avoid breaking certain applications when they are
loaded in ICS. It is likely that the issue is due to mis-linked
binaries generated with the stand-alone toolchain (the problem
should not exist if you use ndk-build), but this fix is easier
than asking all app developers to fix their custom build system.

If you want more technical details, read the comments inside
libgcc_compat.c

Change-Id: I59ac1fc781ecb70b90b5573c5a3c67560ca8f270
2011-08-22 19:53:10 +02:00
David Turner
b489666086 am 1c0a0381: Merge "Enable functional DSO object destruction"
* commit '1c0a0381dfb3648ffadef9537ec9383d63d62473':
  Enable functional DSO object destruction
2011-06-23 05:28:13 -07:00
Bruce Beare
3964084282 Enable functional DSO object destruction
Unfortunately, legacy .so files for ARM don't have a correct crtbegin file.
Consequently, we have to grandfather the old __dso_handle behaviour.
Add some ifdefs for ARM to allow it to use the old code until we can work
out a transition.

Change-Id: I6a28f368267d792c94e1d985d8344023bc632f6f
Author: H.J. Lu <hongjiu.lu@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
2011-06-20 14:44:44 -07:00
David Turner
a9e409a035 am a7a9dddb: Merge "bionic: Add ARM optimized strcmp()"
* commit 'a7a9dddb5dfe783d65fec4d3b0dee9f734345a29':
  bionic: Add ARM optimized strcmp()
2011-05-17 04:47:09 -07:00
Jim Huang
f50e9be593 bionic: Add ARM optimized strcmp()
Reference results of the experiments on TI OMAP3430 at 600 MHz

$ bench_strcmp -N "strcmp_1k" -s 1k -I 200

[original C code]
             prc thr   usecs/call      samples   errors cnt/samp     size
strcmp_1k      1   1     10.38000          102        0    15000     1024

[ARM optimized code]
             prc thr   usecs/call      samples   errors cnt/samp     size
strcmp_1k      1   1      3.08840           88        0    15000     1024

The work was derived from ARM Ltd, contributed to newlib, and reworked
for Android by Linaro.

Change-Id: Ib0d5755e1eb9adb07d80ef0252f57a5c4c57a425
Signed-off-by: Jim Huang <jserv@0xlab.org>
2011-04-20 15:39:43 +08:00
Ken Sumrall
ae2d5ba314 Add support for the utimensat(2) syscall to bionic.
The kernel has supported this syscall for quite some time now,
but bionic did not.  Now that there is a need for it, let's
add it to bionic.

Change-Id: Ifcef3e46f1438d79435b600c4e6063857ab16903
2011-03-24 18:18:48 -07:00
David Turner
3224c08bd7 Merge changes I8c481c89,I791406f8,I5f09cef8
* changes:
  libc: ARM: update syscalls with new script
  libc: ARM: add size info to gensyscalls
  Add function marks and size indications
2011-02-18 15:22:27 -08:00
Kenny Root
fb723c8749 libc: ARM: update syscalls with new script
Used the new gensyscalls.py script to update the ARM syscalls with the
BEGIN(x) and END(x) macros to give size information for the code of the
syscall. Useful for valgrind.

Change-Id: I8c481c8928401ac110fd19b087f7d67e4db39326
2011-02-17 10:47:47 -08:00