Commit Graph

390 Commits

Author SHA1 Message Date
Elliott Hughes
a0ee07829a Upgrade libm.
This brings us up to date with FreeBSD HEAD, fixes various bugs, unifies
the set of functions we support on ARM, MIPS, and x86, fixes "long double",
adds ISO C99 support, and adds basic unit tests.

It turns out that our "long double" functions have always been broken
for non-normal numbers. This patch fixes that by not using the upstream
implementations and just forwarding to the regular "double" implementation
instead (since "long double" on Android is just "double" anyway, which is
what BSD doesn't support).

All the tests pass on ARM, MIPS, and x86, plus glibc on x86-64.

Bug: 3169850
Bug: 8012787
Bug: https://code.google.com/p/android/issues/detail?id=6697
Change-Id: If0c343030959c24bfc50d4d21c9530052c581837
2013-02-01 14:51:19 -08:00
Elliott Hughes
6fe67c3cf2 Fix valgrind build.
Change-Id: Ie375d32565d10f4c0c56da5422f52b68cb069654
2013-01-29 17:49:12 -08:00
Elliott Hughes
a6a3ac5924 Use the NetBSD <sys/exec_elf.h>.
Replace a kernel header file dependency with files from NetBSD.
They're more complete, and ELF is ELF, whether you're on Linux or a BSD.

Bug: 7973611
Change-Id: I83ee719e7efdf432ec2ddbe8be271d05b2f558d7
2013-01-29 15:02:50 -08:00
Elliott Hughes
41b3179c9e Unit tests for formatting code, fix %%.
Also fix <signal.h> and <stdio.h> so they don't cause compiler warnings.

Change-Id: Ib1a746bf01de22d47dbd964de0e6af80a7c96303
2013-01-28 10:36:31 -08:00
Nick Kralevich
8e70b0d5c3 prctl.h: include sys/cdefs.h
prctl.h uses __BEGIN_DECLS but fails to include sys/cdefs.h
(where it's defined).  Code which includes prctl.h without
previously including sys/cdefs.h will fail to compile.

Fixed.

Change-Id: If4c9f3308f08b93596dcd00e351ae786807e9320
2013-01-23 16:49:47 -08:00
Nick Kralevich
32417fb376 libc: use more secure system properties if available
Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.

Modify system property handling so that we get the properties
from a root owned properties file, rather than using an
environment variable.  Fall back to the environment variable
if the file doesn't exist.

Bug: 8045561
Change-Id: I54f3efa98cf7d63d88788da5ce0d19e34fd7851a
2013-01-23 09:28:35 -08:00
Kito Cheng
f373b11f9f Add const for first argument of sigismember for fit POSIX spec
Change-Id: Icbc67375282f2a22dce02e4bacab15ddae846057
2013-01-20 00:15:23 +08:00
Nick Kralevich
a44e9afdd1 FORTIFY_SOURCE: optimize
Don't do the fortify_source checks if we can determine, at
compile time, that the provided operation is safe.

This avoids silliness like calling fortify source on things like:

  size_t len = strlen("asdf");
  printf("%d\n", len);

and allows the compiler to optimize this code to:

  printf("%d\n", 4);

Defer to gcc's builtin functions instead of pointing our code
to the libc implementation.

Change-Id: I5e1dcb61946461c4afaaaa983e39f07c7a0df0ae
2013-01-17 15:41:33 -08:00
Elliott Hughes
f193b9fc21 Fix signalfd for MIPS.
Also mark signalfd's sigset_t* argument as non-nullable.

Change-Id: I466e09cdf3fb92480744c496da92274a97f99dd1
2013-01-16 09:40:25 -08:00
Nick Kralevich
2c5153b043 libc: add getauxval()
Add support for getauxval().  This method allows a program an easy way
to retrieve information from the kernel auxiliary vector, and will
hopefully replace other clumsy ways of accessing this same information.

This particular function was also added to glibc in glibc 2.16.
See the following URLs for more details.

  * http://lwn.net/Articles/519085/
  * http://www.gnu.org/software/libc/manual/html_node/Auxiliary-Vector.html

This change is a prerequisite for bug 7959813.

Bug: http://code.google.com/p/android/issues/detail?id=38441
Change-Id: Iba19d899df334bddc6f4899077ece2fc87564ea8
2013-01-11 16:44:15 -08:00
Andrew Boie
07564f2d3a add factory property file definition
This property file is used for properties which are set at device
provisioning time or in the factory. They are never touched by
a software update or factory data reset and typically contain
data specific to the particular unit.

Change-Id: I2e7c2fe62cb684cb2449eea917c42b19462e89a5
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
2013-01-11 13:02:27 -08:00
Rom Lemarchand
a4b2dc016f Add signalfd call to bionic
Add signalfd() call to bionic.

Adding the signalfd call was done in 3 steps:
- add signalfd4 system call (function name and syscall
  number) to libc/SYSCALLS.TXT
- generate all necessary headers by calling
  libc/tools/gensyscalls.py. This patch is adding
  the generated files since the build system
  does not call gensyscalls.py.
- create the signalfd wrapper in signalfd.cpp and add
  the function prototype to sys/signalfd.h

(cherry-pick of 0c11611c11, modified to
work with older versions of GCC still in use on some branches.)

Change-Id: I4c6c3f12199559af8be63f93a5336851b7e63355
2013-01-10 13:14:46 -08:00
Elliott Hughes
fb5e5cbdd4 Fix an off-by-one error in the sigset_t function error handling.
Spotted while running the tests on MIPS, where sigset_t is
actually large enough. The bits in sigset_t are used such that
signal 1 is represented by bit 0, so the range of signals is
actually [1, 8*sizeof(sigset_t)]; it seems clearer to reword
the code in terms of valid bit offsets [0, 8*sizeof(sigset_t)),
which leads to the usual bounds checking idiom.

Change-Id: Id899c288e15ff71c85dd2fd33c47f8e97aa1956f
2013-01-07 13:58:49 -08:00
Elliott Hughes
d73c0b300e Add AF_CAN and PF_CAN (and other missing families).
Change-Id: I2c183a6f5f7a7e81e87dad85d8c9aff9c43ed33a
2013-01-03 16:25:47 -08:00
Elliott Hughes
a55f63083f Define _POSIX_MONOTONIC_CLOCK and implement sysconf(_SC_MONOTONIC_CLOCK).
Bug: http://code.google.com/p/android/issues/detail?id=39680
Change-Id: I11cf10a66f9d305868a725f04f581099fb88bbfc
2013-01-02 14:23:43 -08:00
Elliott Hughes
4fa35d8ae8 Fix <endian.h> and <sys/endian.h>.
Previously we'd been relying on getting the machine-specific <endian.h>
instead of the top-level <endian.h>, and <sys/endian.h> was basically broken.
Now, with this patch and the previous patch we should have <endian.h>
and <sys/endian.h> behaving the same. This is basically how NetBSD's endian.h
works, and was probably how ours was originally intended to work.

Bug: http://code.google.com/p/android/issues/detail?id=39824
Change-Id: I71de5a507e633de166013a658b5764df9e1aa09c
2012-12-11 16:17:33 -08:00
Nick Kralevich
5787475390 FORTIFY_SOURCE: remove memcpy overlap checks
These checks haven't been as useful as I hoped, and it's
causing a false positive finding.  Remove the overlap
compile time checks.

Change-Id: I5d45dde10ae4663d728230d41fa904adf20acaea
2012-12-07 09:57:01 -08:00
Nick Kralevich
9a4d305340 FORTIFY_SOURCE: fortify strrchr
This change compliments 049e58369c

Change-Id: I27d015d70a520713c7472558a3c427f546d36ee4
2012-12-03 10:39:16 -08:00
Elliott Hughes
46d64ed2e5 Merge "Add argument checking to sigemptyset(3) and friends." 2012-12-03 07:45:46 -08:00
Elliott Hughes
da73f655fc Add argument checking to sigemptyset(3) and friends.
You could argue that this is hurting people smart enough to have manually
allocated a large-enough sigset_t, but those people are smart enough to
implement their own sigset functions too.

I wonder whether our least unpleasant way out of our self-inflicted 32-bit
cesspool is to have equivalents of _FILE_OFFSET_BITS such as _SIGSET_T_BITS,
so calling code could opt in? You'd have to be careful passing sigset_t
arguments between code compiled with different options.

Bug: 5828899
Change-Id: I0ae60ee8544835b069a2b20568f38ec142e0737b
2012-11-30 16:40:55 -08:00
Nick Kralevich
049e58369c FORTIFY_SOURCE: fortify strchr
Detect when strchr reads off the end of a buffer.

Change-Id: I0e952eedcff5c36d646a9c3bc4e1337b959224f2
2012-11-30 15:19:15 -08:00
Elliott Hughes
4a9e837840 Reduce the exposure of the __set_errno implementation detail.
Change-Id: I395e1b46a9491e34fc53e71853e932ea90b3d1cc
2012-11-30 12:05:18 -08:00
Elliott Hughes
3975cec694 Remove (near-)duplicate definitions of size_t and ssize_t.
The near duplicates upset fussier compilers that insist that
typedefs be exactly the same, but the fix isn't to make all
copies identical...

Change-Id: Icfdace41726f36ec33c9ae919dbb5a54d3529cc9
2012-11-29 17:25:23 -08:00
Elliott Hughes
50e62e4051 Merge "Bug: __WINT_TYPE__ and wint_t reference to different types" 2012-11-29 15:51:57 -08:00
Elliott Hughes
99ea84b12d Merge "[MIPS] Fix the MIPS getsid system call" 2012-11-29 14:37:14 -08:00
Chris Dearman
58aaaa730b [MIPS] Fix the MIPS getsid system call
Change-Id: I30a27941125bccb35d73a572a729ecf7dd555389
Signed-off-by: Chris Dearman <chris@mips.com>
2012-11-29 12:05:25 -08:00
Hakan Kvist
f27b7fb056 Define DEFFILEMODE and friends
Define the macros ACCESSPERMS, ALLPERMS and DEFFILEMODE.
These macros originates from BSD but has been available in glibc
for quite some time.

Change-Id: I429cd30aa4e73f53b153ee7740070cebba166c57
2012-11-29 11:53:33 -08:00
Sergey Melnikov
a437bff914 Bug: __WINT_TYPE__ and wint_t reference to different types
__WINT_TYPE__ type provided by gcc. It references to unsigned int
type for android and linux. Patch corrects wint_t typedef to
__WINT_TYPE__.

Signed-off-by: Sergey Melnikov <sergey.melnikov@intel.com>
Change-Id: Iabeb9fcb0b7bb303a8b220043e339126f125dd68
2012-11-26 12:01:58 +04:00
David 'Digit' Turner
c30396f5f2 libc: Fix alphasort() signature (and implementation).
The declaration for alphasort() in <dirent.h> used the deprecated:

  int alphasort(const void*, const void*);

while both Posix and GLibc use instead:

  int alphasort(const struct dirent** a, const struct dirent** b);

See: http://pubs.opengroup.org/onlinepubs/9699919799/functions/alphasort.html

This patch does the following:

- Update the declaration to match Posix/GLibc
- Get rid of the upstream BSD code which isn't compatible with the new
  signature.
- Implement a new trivial alphasort() with the right signature, and
  ensure that it uses strcoll() instead of strcmp().
- Remove Bionic-specific #ifdef .. #else .. #endif block in
  dirent_test.cpp which uses alphasort().

Even through strcoll() currently uses strcmp(), this does the right
thing in the case where we decide to update strcoll() to properly
implement locale-specific ordered comparison.

Change-Id: I4fd45604d8a940aaf2eb0ecd7d73e2f11c9bca96
2012-10-29 07:44:27 -07:00
Elliott Hughes
063cfb2084 Clean up the implementation of the <dirent.h> functions.
Change-Id: I3c647cc9588525afc41fee90ee468d58cd13503a
2012-10-26 16:42:06 -07:00
Elliott Hughes
e8bcca3a2c Upgrade more functions to the current upstream NetBSD copy.
Change-Id: Ie0b3f8b3fccef28609eb210434413ebd51d6ef45
2012-10-23 12:29:53 -07:00
Elliott Hughes
ce45fea03d Add missing BEGIN_DECLS/END_DECLS for FORTIFY_SOURCE stdio prototypes.
Change-Id: I35ceb09fedf873c5e98e1e26efce5e4f00a17e74
2012-10-22 16:10:27 -07:00
David 'Digit' Turner
c1b44ecc53 Revert "libc: Provide ucontext_t/mcontext_t/<sys/ucontext.h>"
This creates build issues in the internal Android tree.
Will investigate later.

Original patch: https://android-review.googlesource.com/#/c/38875/

Change-Id: I12c5995ebf172890051af42a5d3b31014c9c5117
2012-10-17 19:10:11 +02:00
David 'Digit' Turner
c124baaf29 libc: Provide ucontext_t/mcontext_t/<sys/ucontext.h>
This patch updates the C library headers to provide ucontext_t
definitions for three architectures.

+ Fix <signal.h> to always define 'struct sigcontext'.

The new declarations are announced with new macros defined in
<sys/cdefs.h> in order to make it easier to adapt client code
that already defines its own, incompatible, versions of the
structures seen here.

http://code.google.com/p/android/issues/detail?id=34784

Change-Id: Ie78c48690a4ce61c50593f6c39639be7fead3596
2012-10-17 15:59:23 +02:00
David 'Digit' Turner
f8a2c51bf3 LONG_LONG_MIN/MAX: Move declarations to <limits.h>
LONG_LONG_MIN, LONG_LONG_MAX and ULONG_LONG_MAX are
GLibc-specific macros that are better defined in <limits.h>
instead of the current exotic location (<pthread.h>).

Note that GCC's <limits.h> only defines these macros
when __GNU_LIBRARY__ is also defined. This is only the
case when building against GLibc, so manually redefine
the macros here.

Note that using LLONG_MIN/LLONG_MAX/ULLONG_MAX is the
C99-compliant way to get these values, but it's easier
to define these compatibility macros for the sake of
porting existing code.

Change-Id: I8023918d73b4685238054932f94a4006c1ca7d03
2012-10-15 18:52:55 +02:00
Shuo Gao
4e75c4b2d7 Fix perf_event_open syscall for x86 and mips
perf_event_open syscall has a different syscall number for
the 3 supported architectures: arm, x86 and mips. Currenlty
only the arm syscall number is defined for all architectures.
Tracing tools like perf will not work on other architectures
than arm.

Add the different values for perf_event_open on x86 and mips
and run gensyscalls.py to update generated headers.

Change-Id: I2ed78bd42c0e5df8dbc51d784be49cccda5fab30
Author: Irina Tirdea <irina.tirdea@intel.com>
Signed-off-by: Irina Tirdea <irina.tirdea@intel.com>
Signed-off-by: Shuo Gao <shuo.gao@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
2012-10-11 10:24:51 -07:00
Elliott Hughes
7d56ccbfaa Always take GCC's definition of NULL.
There's a (bad) definition of NULL in <linux/stddef.h>, and this
definition of NULL, and the One True definition in the <stddef.h> provided
by the compiler. This change at least kills one of the bad duplicates.
Killing the <linux/stddef.h> one is harder, because it's in a generated
file.

Change-Id: Iea4ccb12d6758199f312ea9cd753b84322d5c471
2012-10-01 17:56:58 -07:00
Elliott Hughes
0cc0d250fd Remove useless #defines and incorrect claims from header files.
The various __need_* macros were write-only.

Change-Id: Id3cca34188e0801fdf93a038b22f2817226ad9c2
2012-10-01 15:12:40 -07:00
Elliott Hughes
422b6ef92c Define ssize_t if necessary.
Change-Id: I63801cc1f09be5e4ca20a6da7ec3366ba6441afd
2012-09-28 10:15:52 -07:00
Irina Tirdea
eac9eb462e Add getdelim(3) and getline(3) to bionic
Some userspace programs (e.g. perf) need getline.

Changes:
() add getdelim.c, getline.c from NetBSD (http://netbsd.org/) under the
NetBSD Foundation's (TNF) license ("2 clause" Berkeley-style license).
() add stub for reentrant.h header that is needed by getdelim.c
() add tests for getdelim(3) and getline(3).
() update NOTICE file.

Change-Id: I22ed82dd5904b9d7a3695535c04f502be3c27c5d
Signed-off-by: Irina Tirdea <irina.tirdea@intel.com>
2012-09-27 11:38:57 -07:00
Nick Kralevich
cd587701c8 FORTIFY_SOURCE: add umask check
Verify that the call to umask makes sense. While this wouldn't
have detected bug 7094213 (because the low order bits were all zero),
it might detect other similar bugs.

References: https://code.google.com/p/android-source-browsing/source/detail?r=acba45cc4b1f98f67fcdeda2f7c13ed57659b92a&repo=platform--libcore

Change-Id: I966a531d6b3cf8e1c5eacd69bd3cbec475b5fa58
2012-09-26 10:19:31 -07:00
Elliott Hughes
047a285d41 Merge "Fix <sys/klog.h> to correspond to the kernel operations." 2012-09-14 16:14:48 -07:00
Elliott Hughes
5151952197 Merge "Add tty defaults to bionic" 2012-09-14 15:45:46 -07:00
Elliott Hughes
e249b05963 Fix <sys/klog.h> to correspond to the kernel operations.
This makes the constants correspond to those in the Linux kernel's
include/linux/syslog.h, but keeping our old badly-named constants for
source compatibility.

Change-Id: Ia47d1299205754cbfffd29ed48b497b53d1edaae
2012-09-14 15:42:30 -07:00
Nick Kralevich
5e58ea07d4 libc: add ftw / nftw functions
Please see "man 3 ftw" for a description of the
ftw / nftw functions.

This code is taken directly from netbsd unmodified.

Change-Id: Ia4879ac57212b424adf5281b5e92858e216d0f14
2012-09-13 16:54:57 -07:00
Irina Tirdea
b5f053b5a7 Make strerror(3) and strsignal(3) thread-safe, and add psignal(3) and psiginfo(3).
Change-Id: I426109db25e907980d6cb3a7a695796e45783b78
2012-09-13 15:18:21 -07:00
Elliott Hughes
86ec05acc9 Update the kernel headers to match external/kernel-headers.
Note that the Linux kernel handed over responsibility for most of the
socket constants to glibc some time ago. Someone had updated our
external/kernel-headers file but not regenerated the bionic headers,
so this change copies the missing stuff from the old bionic <linux/socket.h>
into <sys/socket.h>. This is what glibc does.

I've hacked a few of the other files to #include <sys/socket.h> for
backward compatibility, but even so this requires numerous other
changes to switch people over from direct inclusion of <linux/...> headers.

Change-Id: I0e4af64e631d3cef911a31d90f2f806e058278a0
2012-09-12 12:30:22 -07:00
Elliott Hughes
0d207ba624 Backwards and forwards compatibility for an upcoming <sys/socket.h> change.
Change-Id: Iba58077a1f057a968eb2283ebba259975925ff4c
2012-09-12 10:51:05 -07:00
Irina Tirdea
e77e1afe24 Add tty defaults to bionic
Add ttydefaults.h bionic. Some userspace programs (e.g. perf) need the
definitions from this file. This header file is copied from NetBSD
(http://netbsd.org/) under the NetBSD Foundation's (TNF) license (“2 clause”
Berkeley-style license).

Change-Id: I9c862415b52b710f25adb1629a699627cd715775
Signed-off-by: Irina Tirdea <irina.tirdea@intel.com>
2012-09-11 22:47:31 +03:00
Elliott Hughes
1ad05db9ce Add mlockall and munlockall for Google TV.
Change-Id: I10e961d701e74aab07211ec7975f61167e387853
2012-09-06 11:24:45 -07:00
Elliott Hughes
be19a36717 Merge "termios: add tcdrain" 2012-09-04 17:52:40 -07:00
Vitaly Wool
954923858b termios: add tcdrain
Change-Id: I05c0007f7bcc6ef5295c32f86fafbf1ad31e07fa
2012-09-04 14:11:28 +02:00
Irina Tirdea
1ad10a566e Add getsid system call to bionic
Add getsid() system call to bionic for
all architectures. This is needed for various tools
(e.g. perf).

Adding the getsid system call was done in 3 steps:
() add getsid system call (function name and syscall
number) to libc/SYSCALLS.TXT
() generate all necessary headers by calling
libc/tools/gensyscalls.py. This patch is adding
the generated files since the build system
does not call gensyscalls.py.
() add the system call signature to libc/include/unistd.h

Change-Id: Id69a257e13ec02e1a44085a6b217a3f19ab025b1
Signed-off-by: Irina Tirdea <irina.tirdea@intel.com>
2012-09-03 01:38:34 +03:00
Nick Kralevich
829c089f83 disable _FORTIFY_SOURCE under clang
Clang and _FORTIFY_SOURCE are just plain incompatible with
each other.  First of all, clang doesn't understand the
__attribute__((gnu_inline)) header. Second of all,
Clang doesn't have support for __builtin_va_arg_pack()
and __builtin_va_arg_pack_len() (see
http://clang.llvm.org/docs/UsersManual.html#c_unimpl_gcc)

Until we can resolve these issues, don't even try using
_FORTIFY_SOURCE under clang.

Change-Id: I81c2b8073bb3276fa9a4a6b93c427b641038356a
2012-08-29 12:47:41 -07:00
Ian Rogers
999089181e Upgrade to dlmalloc 2.8.5.
Move dlmalloc code to upstream-dlmalloc to make pulling upstream changes
easier.
Declare pvalloc and malloc_usable_size routines present in malloc.h but with
missing implementations. Remove other functions from malloc.h that have
no implementation nor use in Android.

Change-Id: Ia6472ec6cbebc9ad1ef99f4669de9d33fcc2efb4
2012-08-20 14:12:20 -07:00
Elliott Hughes
6d6731adc0 Always define the 64-bit int types.
These preprocessor tricks have caused trouble for -std=gnu99 and -ansi, and
both netbsd's libc and glibc seem to unconditionally define these types.

Change-Id: Ib8dffa341a8ca88f80d275ba2b7f93a4c910ee32
2012-08-17 14:30:06 -07:00
Pavel Chupin
b7beb69075 Add link.h for all platforms with dl_phdr_info
This header is used on bionic build and should be propagated into
sysroot on toolchain rebuild. Discussion re. this header is here:
http://gcc.gnu.org/ml/gcc-patches/2012-08/msg00936.html

It is available already in mips NDK platforms:
development/ndk/platforms/android-9/arch-mips/include/link.h

Change-Id: I39ff467cdac9f448e31c11ee3e14a6200e82ab57
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
2012-08-17 12:44:23 -07:00
Jeff Sharkey
74c0464006 Update MS_ mount flags, define unshare() syscall.
(cherry-pick of 82393decdfc6b0383054fb5d2f54725bbee88b8c.)

Bug: 6925012
Change-Id: I4f962d8975ad62ff4b9983150f9e481796092b9d
2012-08-14 12:09:25 -07:00
Elliott Hughes
316ee626b7 Merge "MIPS support to sigsuspend and sigwait routines" 2012-08-10 15:05:36 -07:00
Elliott Hughes
a1822dced3 Merge "Add unshare() syscall." 2012-08-10 12:59:49 -07:00
Jeff Sharkey
e36c826f7a Add unshare() syscall.
(cherry-pick of 5467f25f82934d611c60f8bc57a05114f3c1bea0.)

Bug: 6925012
Change-Id: Ic5ea2fbd606311087de05d7a3594df2fa9b2fef9
2012-08-10 12:57:43 -07:00
Elliott Hughes
01030e6388 Fix typo in SIGTTOU description.
Change-Id: Ie0db3e7df3e1f17b43f5645d027a90603139be2f
2012-08-10 12:23:58 -07:00
Raghu Gandham
abd10011a7 MIPS support to sigsuspend and sigwait routines
Change-Id: I870e798ed7eac5a8c74e5784a670f3a4f24331a9
2012-08-09 18:51:19 -07:00
Elliott Hughes
d504eee9fa Merge "MIPS support to sys/ headers" 2012-08-08 16:32:55 -07:00
Shih-wei Liao
e2731d98c1 Merge "When compiling with clang, don't "fortify_source" the strlcpy and strlcat." 2012-08-06 11:02:19 -07:00
Shih-wei Liao
d600617645 When compiling with clang, don't "fortify_source" the strlcpy and
strlcat.

Change-Id: I91f58322f28e425ab9d22b51c23fcd6b772ede97
2012-08-06 10:57:37 -07:00
Shih-wei Liao
8173d76740 Merge "Revert "Fix the clang build: this compiler doesn't support the gnu_inline function attribute"" 2012-08-06 10:05:15 -07:00
Shih-wei Liao
9a3d53fad0 When compiling with clang, don't "fortify_source" the strlen.
At this point, FORTIFY_SOURCE and clang are just plain incompatible.
Need to solve the underlying incompatibility first.

Change-Id: I3366477d19461e1ec93b1c30e0c7e8145b391b9b
2012-08-06 09:50:56 -07:00
Shih-wei Liao
2b7f68c03d Revert "Fix the clang build: this compiler doesn't support the gnu_inline function attribute"
This reverts commit 4f1f149c37.
2012-08-03 17:44:08 -07:00
Shih-wei Liao
4f1f149c37 Fix the clang build: this compiler doesn't support the gnu_inline function attribute
Recent clang compiler doesn't have gnu_inline working. When frameworks/rs
is compiled with clang instead of gcc, it no longer works. Will be fixed
by this patch.

Change-Id: I8b281a1305151909e18958b73914ea27343cb4cd
2012-08-03 04:38:15 -07:00
Raghu Gandham
6437eac15a MIPS support to sys/ headers
Change-Id: I32207a1d918e4842da341f6b242ae39c69a83b03
2012-08-02 18:03:54 -07:00
Raghu Gandham
405b8029a6 MIPS support for libc.
Change-Id: I2864dea04b3faf2d919165dcaa600af5b16c41c8
Signed-off-by: Chris Dearman <chris@mips.com>
Signed-off-by: Raghu Gandham <raghu@mips.com>
2012-08-02 16:07:26 -07:00
Elliott Hughes
ecb53eab4b Fix a ENOTUP/ENOTSUP typo.
Change-Id: Ifa347a09a2aa1f505965ae7c1383fd0caf95793c
2012-08-02 15:45:04 -07:00
Chris Dearman
da2611084f Error numbers are target specific.
Use the system supplied error numbers when mapping error numbers to messages.

Change-Id: I520556fa3e2ff668fdc4eda36ad31491fbb48ea8
Signed-off-by: Chris Dearman <chris@mips.com>
Signed-off-by: Raghu Gandham <raghu@mips.com>
2012-08-01 17:53:07 -07:00
Chris Dearman
958dad705a Fix implementation of generic atomic operations
Change-Id: Ie1ea5aacc561e2d6d40125d2952ed0e9116b7b0d
2012-07-24 13:56:38 -07:00
Nick Pelly
0351955a68 Update time.h for CLOCK_BOOTTIME.
(cherry-pick of 8958a38329)

Change-Id: Ie8de6b32fa81566db53ad7e9fd4b197f4cede628
2012-07-19 17:10:14 -07:00
Elliott Hughes
fabddfe833 Merge "limits.h: Include page.h when relying on PAGE_SIZE" 2012-07-16 09:39:24 -07:00
Nick Kralevich
c37fc1ab6a FORTIFY_SOURCE: revert memcpy changes.
Performance regressions.  Hopefully this is a temporary
rollback.

Bug: 6821003
Change-Id: I84abbb89e1739d506b583f2f1668f31534127764
2012-07-13 17:58:37 -07:00
Nick Kralevich
9b6cc223a3 FORTIFY_SOURCE: introduce __BIONIC_FORTIFY_UNKNOWN_SIZE macro
Replace all occurances of "(size_t) -1" with a
__BIONIC_FORTIFY_UNKNOWN_SIZE macro.

Change-Id: I0b188f6cf31417d2dbef0e1bd759de3f9782873a
2012-07-13 14:49:33 -07:00
Nick Kralevich
260bf8cfe0 FORTIFY_SOURCE: strlen check.
This test is designed to detect code such as:

int main() {
  char buf[10];
  memcpy(buf, "1234567890", sizeof(buf));
  size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE
  printf("%d\n", len);
  return 0;
}

or anytime strlen reads beyond an object boundary. This should
help address memory leakage vulnerabilities and make other
unrelated vulnerabilities harder to exploit.

Change-Id: I354b425be7bef4713c85f6bab0e9738445e00182
2012-07-13 13:49:59 -07:00
Nick Kralevich
f3913b5b68 FORTIFY_SOURCE: enhanced memcpy protections.
Two changes:

1) Detect memory read overruns.

For example:

int main() {
  char buf[10];
  memcpy(buf, "abcde", sizeof(buf));
  sprintf("%s\n", buf);
}

because "abcde" is only 6 bytes, copying 10 bytes from it is a bug.
This particular bug will be detected at compile time.  Other similar
bugs may be detected at runtime.

2) Detect overlapping buffers on memcpy()

It is a bug to call memcpy() on buffers which overlap. For
example, the following code is buggy:

  char buf3[0x800];
  char *first_half  = &buf3[0x400];
  char *second_half = &buf3[1];
  memset(buf3, 0, sizeof(buf3));
  memcpy(first_half, second_half, 0x400);
  printf("1: %s\n", buf3);

We now detect this at compile and run time.

Change-Id: I092bd89f11f18e08e8a9dda0ca903aaea8e06d91
2012-07-12 15:38:15 -07:00
Arun Raghavan
6331db3fd2 limits.h: Include page.h when relying on PAGE_SIZE
limits.h relies on PAGE_SIZE being defined without actually including
page.h. Make sure this is included to avoid compilation failures.

Signed-off-by: Arun Raghavan <arun.raghavan@collabora.co.uk>
2012-07-10 10:36:37 +05:30
Nick Kralevich
8f08e1c902 Merge "FORTIFY_SOURCE: Add openat, fix bug" 2012-07-09 12:55:32 -07:00
Nick Kralevich
a3e230d1fa FORTIFY_SOURCE: Add openat, fix bug
Add fortify_source support for openat(). This change requires that
an argument be supplied when using O_CREAT.

Fix unnecessary call to __open_2. If, at compile time, we know that
"flags" is constant and DOESN'T contain O_CREAT, the call to __open_2
is useless.

Change-Id: Ifcd29c4fb25e25656961d7552d672e161f0cfdbd
2012-07-09 12:30:40 -07:00
Nick Kralevich
965dbc6405 FORTIFY_SOURCE: add fgets support.
Change-Id: I8c3410a90c71a3336c4ac8581618fa9330edf5e3
2012-07-09 09:57:18 -07:00
Nick Kralevich
bd73eede46 Merge "FORTIFY_SOURCE: add open() checks" 2012-06-27 12:56:52 -07:00
Nick Kralevich
cb228fb4a9 libc: cleanups
Prefix private functions with underscores, to prevent name
conflicts.

Use __error__ instead of error, since occasionally programs will
create their own "#define error ...".

Change-Id: I7bb171df58aec5627e61896032a140db547fd95d
2012-06-26 16:05:19 -07:00
Nick Kralevich
8118f62a7d FORTIFY_SOURCE: add open() checks
Add a FORTIFY_SOURCE check which requires that you pass a
"mode" argument when calling open(..., O_CREAT). If a mode isn't
passed, then the file is created with "undefined" permissions.

Change-Id: I4427be4f9ce170c69da01af5b00fb05b03613a28
2012-06-26 15:19:12 -07:00
Nick Kralevich
70f6901c3d libc: make atoi, atol, and atoll pure functions
Change-Id: Ib831c079c865929b6c91d42f35e117f2e974808f
2012-06-14 13:57:43 -07:00
Nick Kralevich
8df49ad246 FORTIFY_SOURCE: add strlcpy / strlcat support
Add strlcpy / strlcat support to FORTIFY_SOURCE. This allows
us to do consistency checks on to ensure we don't overflow buffers
when the compiler is able to tell us the size of the buffer we're
dealing with.

Unlike previous changes, this change DOES NOT use the compiler's
builtin support. Instead, we do everything the compiler would
normally do.

Change-Id: I47c099a911382452eafd711f8e9bfe7c2d0a0d22
2012-06-14 12:52:42 -07:00
Nick Kralevich
a5eaa02f62 Merge "Don't mark realloc with __attribute__((malloc))" 2012-06-13 16:13:32 -07:00
Nick Kralevich
b27631b9ae Don't mark realloc with __attribute__((malloc))
According to
http://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html

realloc should NOT be marked with __attribute__((malloc)). Quoting:

   realloc-like functions do not have this property as the memory
   pointed to does not have undefined content.

For reference, __mallocfunc is defined in sys/cdefs.h as:

    #define __mallocfunc  __attribute__((malloc))

Change-Id: I56083542ba92e4608dd7c55fb5596a138eb50cc9
2012-06-13 15:43:14 -07:00
Nick Kralevich
9b549c39c9 FORTIFY_SOURCE: add sprintf / vsprintf support
sprintf FORTIFY_SOURCE protections are not available
on clang.

Also add various __attribute__s to stdio functions.

Change-Id: I936d1f9e55fe53a68885c4524b7b59e68fed218d
2012-06-13 09:14:30 -07:00
Nick Kralevich
c2f1d215b1 Merge "FORTIFY_SOURCE: add snprintf, vsnprintf" 2012-06-12 08:50:57 -07:00
Elliott Hughes
20afd4e70c am e0961445: Merge "Remove the meaningless on Linux if_dl.h header."
* commit 'e0961445124b5ff39412da32578e14e0d1f6afd6':
  Remove the meaningless on Linux if_dl.h header.
2012-06-11 17:41:10 -07:00
Nick Kralevich
cffdf6693f FORTIFY_SOURCE: add snprintf, vsnprintf
Add _FORTIFY_SOURCE support for snprintf, vsnprintf

At this time, we opt out of these protections for clang, as clang
does not implement __builtin_va_arg_pack().

http://clang.llvm.org/docs/UsersManual.html#c_unimpl_gcc

Change-Id: I73ebe5ec8dad1dca8898a76d6afb693a25f75375
2012-06-11 16:46:16 -07:00
Elliott Hughes
c3d45b822c Remove the meaningless on Linux if_dl.h header.
This was misleading 'configure' into thinking we actually support AF_LINK,
but we're Linux, so we don't, and we never implemented the functions we
declared here either.

Reported to AOSP by Jun-ya Kato.

(cherry-pick of 5056f1fad1187cd67729bb04ba72397d78256f03.)

Change-Id: Ic67f674d2221497c8166994812bb5fc7f0831066
2012-06-11 15:13:37 -07:00
Elliott Hughes
5056f1fad1 Remove the meaningless on Linux if_dl.h header.
This was misleading 'configure' into thinking we actually support AF_LINK,
but we're Linux, so we don't, and we never implemented the functions we
declared here either.

Reported to AOSP by Jun-ya Kato.

Change-Id: I111f9887f3812469b411b9cf5124d9dd624f19f7
2012-06-11 15:01:10 -07:00
Nick Kralevich
71a18dd435 _FORTIFY_SOURCE: add memset / bzero support
Add _FORTIFY_SOURCE support for the following functions:

* memset
* bzero

Move the __BIONIC_FORTIFY_INLINE definition to cdefs.h so it
can be used from multiple header files.

Change-Id: Iead4d5e35de6ec97786d58ee12573f9b11135bb7
2012-06-07 14:19:52 -07:00
Nick Kralevich
0a2301598c libc: implement some FORTIFY_SOURCE functions
Add initial support for -D_FORTIFY_SOURCE to bionic for the
following functions:

* memcpy
* memmove
* strcpy
* strcat
* strncpy
* strncat

This change adds a new version of the above functions which passes
the size of the destination buffer to __builtin___*_chk.

If the compiler can determine, at compile time, that the destination
buffer is large enough, or the destination buffer can point to an object
of unknown size, then the check call is bypassed.

If the compiler can't make a compile time decision, then it calls
the __*_chk() function, which does a runtime buffer size check

These options are only enabled if the code is compiled with
-D_FORTIFY_SOURCE=1 or 2, and only when optimizations are enabled.

Please see
* http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
* http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html

for additional details on FORTIFY_SOURCE.

Testing: Compiled the entire Android tree with -D_FORTIFY_SOURCE=1,
and verified that everything appears to be working properly.
Also created a test buffer overflow, and verified that it was
caught by this change.

Change-Id: I4fddb445bafe92b16845b22458d72e6dedd24fbc
2012-06-05 15:44:31 -07:00