3392 Commits

Author SHA1 Message Date
Nick Kralevich
36bd371e26 Revert "stack protector: use AT_RANDOM"
The AT_RANDOM changes broke setuid / setgid executables
such as "ping". When the linker executes a setuid program,
it cleans the environment, removing any invalid environment
entries, and adding "NULL"s to the end of the environment
array for each removed variable. Later on, we try to determine
the location of the aux environment variable, and get tripped
up by these extra NULLs.

Reverting this patch will get setuid executables working again,
but getauxval() is still broken for setuid programs because of
this bug.

This reverts commit e3a49a8661125f24aec8a1453e54b3b78005e21e.

Change-Id: I05c58a896b1fe32cfb5d95d43b096045cda0aa4a
2013-01-16 13:16:42 -08:00
Nick Kralevich
ba117e4172 Merge "stack protector: use AT_RANDOM" 2013-01-16 11:23:26 -08:00
Nick Kralevich
1b34228bb2 Merge "Filter ANDROID_PROPERTY_WORKSPACE" 2013-01-16 11:11:17 -08:00
Nick Kralevich
e3a49a8661 stack protector: use AT_RANDOM
Populate the stack canaries from the kernel supplied
AT_RANDOM value, which doesn't involve any system calls.
This is slightly faster (6 fewer syscalls) and avoids
unnecessarily reading /dev/urandom, which depletes entropy.

Bug: 7959813

Change-Id: If2b43100a2a9929666df3de56b6139fed969e0f1
2013-01-16 10:09:52 -08:00
Elliott Hughes
14e1975e13 Merge "Fix signalfd for MIPS." 2013-01-16 09:42:51 -08:00
Elliott Hughes
f193b9fc21 Fix signalfd for MIPS.
Also mark signalfd's sigset_t* argument as non-nullable.

Change-Id: I466e09cdf3fb92480744c496da92274a97f99dd1
2013-01-16 09:40:25 -08:00
Matthieu Castet
faa0fdb119 arm syscall : for eabi call_default don't use stack
In the default case, we don't need to use the stack, we can save r7 with
ip register (that what does eglibc).

This allow to fix vfork data corruption
(see 3884bfe9661955543ce203c60f9225bbdf33f6bb), because vfork now don't
use the stack.
2013-01-16 14:53:37 +01:00
Nick Kralevich
a0f64756a4 Filter ANDROID_PROPERTY_WORKSPACE
When executing a setuid executable, filter out ANDROID_PROPERTY_WORKSPACE
from the environment. Some applications implicitly trust the property
space and don't realize that it's passed by an environment variable
which can be modified by the caller.

Change-Id: I3e3a98941f0a1f249a2ff983ecbcfe1278aa9159
2013-01-15 16:02:03 -08:00
Elliott Hughes
791e26d959 Merge "Revert "DO NOT MERGE Revert "Add the libcutils localtime_tz and mktime_t extensions to bionic.""" 2013-01-15 13:21:52 -08:00
Elliott Hughes
acb907fb0d Revert "DO NOT MERGE Revert "Add the libcutils localtime_tz and mktime_t extensions to bionic.""
This reverts commit f4b34b6c3942be273ad7298a40be0d312b183aab.

The revert was only meant to apply to the jb-mr1 branch, but accidentally
leaked out into AOSP. This revert-revert gets AOSP master and internal
master back in sync.
2013-01-15 11:12:18 -08:00
Nick Kralevich
b59e358bb9 Merge "fix strerror_r test" 2013-01-15 10:56:07 -08:00
Nick Kralevich
606058933c fix strerror_r test
e6e60065ff093ff8c859ab146cf543531cb1967c modified strerror_r to
treat errno as signed. However, the change to the test code
modified the "strerror" test, not the "strerror_r" test.

Make the same change for the strerror_r code.

Change-Id: Ia236a53df5745935e229a4446a74da8bed0cfd7b
2013-01-15 10:35:09 -08:00
Ben Cheng
b09d7d8600 Merge "Add __aeabi_idiv to the dummy reference list." 2013-01-14 15:35:04 -08:00
Ben Cheng
35f5385aa5 Add __aeabi_idiv to the dummy reference list.
If the platform code is compiled with -mcpu=cortex-a15, then without this
change prebuilt libraries built against -march=armv7 cannot resolve the
dependency on __aeabi_idiv (provided by libgcc.a).

Bug: 7961327

cherry-picked from internal master.

Change-Id: I8fe59a98eb53d641518b882523c1d6a724fb7e55
2013-01-14 15:33:40 -08:00
Nick Kralevich
29fe857ec8 Merge "headers: update auxvec.h from Linux kernel" 2013-01-14 14:14:49 -08:00
Nick Kralevich
a67e4de662 headers: update auxvec.h from Linux kernel
Pull a new version of auxvec.h from the upstream Linux
kernel at commit b719f43059903820c31edb30f4663a2818836e7f

These files were generated using the following commands:

cd bionic/libc/kernel
./tools/clean_header.py -u ../../../external/kernel-headers/original/uapi/linux/auxvec.h
./tools/clean_header.py -u ../../../external/kernel-headers/original/linux/auxvec.h
./tools/clean_header.py -u ../../../external/kernel-headers/original/asm-x86/auxvec.h

This change is needed to get AT_RANDOM defined.

Change-Id: Ib064649684b17af6ff4b1a31d501a05f78bb81d0
2013-01-14 11:49:59 -08:00
Ian Rogers
68fa57f000 Merge "Name anonymous mmap mallocs." 2013-01-14 10:54:44 -08:00
Nick Kralevich
bb897fa9f7 Merge "libc_init_static: apply relro earlier." 2013-01-14 10:21:23 -08:00
Elliott Hughes
09d13c393e Merge "Fix my git mistake." 2013-01-14 09:57:45 -08:00
Elliott Hughes
99c32055cb Fix my git mistake.
This was the formatting change that was supposed to be in
cf23905a4bcc7bfdd109be5b6d69ad06877aa217.

Change-Id: Ib79fa031b68f6f541f532507eb589afeaedb831f
2013-01-14 09:56:21 -08:00
Elliott Hughes
48c632a381 Merge "[MIPS] Set DT_DEBUG dyntab entry if it is writable" 2013-01-14 09:31:04 -08:00
Chris Dearman
cf23905a4b [MIPS] Set DT_DEBUG dyntab entry if it is writable
This is primarily for MIPS exutables that do not have a
DT_MIPS_RLD_MAP entry.

Change-Id: I4c221d92debcfed961eeee2515123f3fb21ec8e6
Signed-off-by: Chris Dearman <chris@mips.com>
2013-01-14 09:30:25 -08:00
Nick Kralevich
9fb48ac257 libc_init_static: apply relro earlier.
The dynamic linker applies relro before the preinit and init
arrays are executed, so we should be consistent for statically
linked executables.

Change-Id: Ia0a49d0e981a6e8791f74eed00280edf576ba139
2013-01-11 18:38:26 -08:00
Ian Rogers
8921060253 Name anonymous mmap mallocs.
Change-Id: Icc53ba1eecb8445210623826d8e99a611d686f7f
2013-01-11 17:42:17 -08:00
Nick Kralevich
2c5153b043 libc: add getauxval()
Add support for getauxval().  This method allows a program an easy way
to retrieve information from the kernel auxiliary vector, and will
hopefully replace other clumsy ways of accessing this same information.

This particular function was also added to glibc in glibc 2.16.
See the following URLs for more details.

  * http://lwn.net/Articles/519085/
  * http://www.gnu.org/software/libc/manual/html_node/Auxiliary-Vector.html

This change is a prerequisite for bug 7959813.

Bug: http://code.google.com/p/android/issues/detail?id=38441
Change-Id: Iba19d899df334bddc6f4899077ece2fc87564ea8
2013-01-11 16:44:15 -08:00
Nick Kralevich
69c89942db Merge "Add stack canaries / strcpy tests." 2013-01-11 11:03:40 -08:00
Nick Kralevich
dcab1b2c76 Add stack canaries / strcpy tests.
Add a test to ensure that stack canaries are working
correctly. Since stack canaries aren't normally generated
on non-string functions, we have to enable stack-protector-all.

Add a test to ensure that an out of bounds strcpy generates
a runtime failure.

Change-Id: Id0d3e59fc4b9602da019e4d35c5c653e1a57fae4
2013-01-11 10:52:36 -08:00
Wink Saville
a12c54454f Fix unused warnings in pthread.c
Change-Id: I0287aadb825fd8cda29dc976bce55d75a1279fc5
2013-01-10 16:30:22 -08:00
Elliott Hughes
bfde0b6fd9 Merge "glibc 2.15 treats errno as signed in strerror(3)." 2013-01-10 16:24:36 -08:00
Elliott Hughes
e6e60065ff glibc 2.15 treats errno as signed in strerror(3).
And the only reason I hadn't done that in bionic is because I wanted to behave
the same as glibc.

Change-Id: I2cf1bf0aac82a748cd6305a2cabbac0790058570
2013-01-10 16:01:59 -08:00
Elliott Hughes
0d3700d957 Merge "Only have one copy of the kernel_sigset_t hack, and add more tests." 2013-01-10 15:12:46 -08:00
Elliott Hughes
c5d028fc91 Only have one copy of the kernel_sigset_t hack, and add more tests.
Change-Id: I377522fcba6fb4b5fd2754ab15b091014bd7c16f
2013-01-10 14:42:14 -08:00
Elliott Hughes
2bbb8fac61 Merge "Add signalfd call to bionic" 2013-01-10 13:17:27 -08:00
Rom Lemarchand
a4b2dc016f Add signalfd call to bionic
Add signalfd() call to bionic.

Adding the signalfd call was done in 3 steps:
- add signalfd4 system call (function name and syscall
  number) to libc/SYSCALLS.TXT
- generate all necessary headers by calling
  libc/tools/gensyscalls.py. This patch is adding
  the generated files since the build system
  does not call gensyscalls.py.
- create the signalfd wrapper in signalfd.cpp and add
  the function prototype to sys/signalfd.h

(cherry-pick of 0c11611c11f4dc1b6d43587b72c3ccbe8c51a51c, modified to
work with older versions of GCC still in use on some branches.)

Change-Id: I4c6c3f12199559af8be63f93a5336851b7e63355
2013-01-10 13:14:46 -08:00
Elliott Hughes
364d9ee62f Merge "Don't test GNU-style ELF hashes on MIPS." 2013-01-07 14:46:13 -08:00
Elliott Hughes
a43e906221 Don't test GNU-style ELF hashes on MIPS.
The MIPS toolchain can't generate them because they're incompatible
with the MIPS ABI (which requires .dynsym match the GOT, while GNU-style
requires .dynsym to be sorted by hash code), so there's nothing to test.

Change-Id: I2220f452fe6fe595ec1312544cc741dd390a36a5
2013-01-07 14:44:36 -08:00
Elliott Hughes
7e22db037e Merge "Fix an off-by-one error in the sigset_t function error handling." 2013-01-07 14:11:43 -08:00
Elliott Hughes
fb5e5cbdd4 Fix an off-by-one error in the sigset_t function error handling.
Spotted while running the tests on MIPS, where sigset_t is
actually large enough. The bits in sigset_t are used such that
signal 1 is represented by bit 0, so the range of signals is
actually [1, 8*sizeof(sigset_t)]; it seems clearer to reword
the code in terms of valid bit offsets [0, 8*sizeof(sigset_t)),
which leads to the usual bounds checking idiom.

Change-Id: Id899c288e15ff71c85dd2fd33c47f8e97aa1956f
2013-01-07 13:58:49 -08:00
Elliott Hughes
26c5b2d460 Merge "[MIPS] Rewrite fenv.h for Android" 2013-01-07 13:30:58 -08:00
Raghu Gandham
d199017101 [MIPS] Rewrite fenv.h for Android
Change-Id: I4d1e2f0b37b587426ccc9f26c525ec0d36637c7d
2013-01-04 16:32:54 -08:00
Elliott Hughes
63dc592789 Merge "Add AF_CAN and PF_CAN (and other missing families)." 2013-01-03 16:55:30 -08:00
Elliott Hughes
d73c0b300e Add AF_CAN and PF_CAN (and other missing families).
Change-Id: I2c183a6f5f7a7e81e87dad85d8c9aff9c43ed33a
2013-01-03 16:25:47 -08:00
Elliott Hughes
f0036944a1 Merge "Fix debug malloc." 2013-01-03 16:20:01 -08:00
Elliott Hughes
db492b3ca7 Fix debug malloc.
...which has been broken since the linker data structures went read-only.

Bug: 7941716
Change-Id: If28f6bac0fcb13e371e4d85b064544f561c8d692
2013-01-03 15:44:03 -08:00
Elliott Hughes
b1b5317799 Merge "sysconf.c was renamed to sysconf.cpp (and modified)..." 2013-01-03 11:54:57 -08:00
Elliott Hughes
7cbff41ba3 sysconf.c was renamed to sysconf.cpp (and modified)...
...but sysconf.c still lingers on due to some git/repo accident. Kill it.

Change-Id: Iae354ecb21abf03a3f718cc45cfdddb7a9347778
2013-01-03 11:53:35 -08:00
Elliott Hughes
fb62558bb4 Merge "Define _POSIX_MONOTONIC_CLOCK and implement sysconf(_SC_MONOTONIC_CLOCK)." 2013-01-02 15:51:15 -08:00
Elliott Hughes
a55f63083f Define _POSIX_MONOTONIC_CLOCK and implement sysconf(_SC_MONOTONIC_CLOCK).
Bug: http://code.google.com/p/android/issues/detail?id=39680
Change-Id: I11cf10a66f9d305868a725f04f581099fb88bbfc
2013-01-02 14:23:43 -08:00
Elliott Hughes
918d776f7e Merge "Support System.loadLibrary for libraries with transitive dependencies." 2012-12-21 17:46:22 -08:00
Elliott Hughes
f6524f8bda Merge "Fix format_number." 2012-12-20 19:08:17 -08:00