152 Commits

Author SHA1 Message Date
Nick Kralevich
a44e9afdd1 FORTIFY_SOURCE: optimize
Don't do the fortify_source checks if we can determine, at
compile time, that the provided operation is safe.

This avoids silliness like calling fortify source on things like:

  size_t len = strlen("asdf");
  printf("%d\n", len);

and allows the compiler to optimize this code to:

  printf("%d\n", 4);

Defer to gcc's builtin functions instead of pointing our code
to the libc implementation.

Change-Id: I5e1dcb61946461c4afaaaa983e39f07c7a0df0ae
2013-01-17 15:41:33 -08:00
Nick Kralevich
36bd371e26 Revert "stack protector: use AT_RANDOM"
The AT_RANDOM changes broke setuid / setgid executables
such as "ping". When the linker executes a setuid program,
it cleans the environment, removing any invalid environment
entries, and adding "NULL"s to the end of the environment
array for each removed variable. Later on, we try to determine
the location of the aux environment variable, and get tripped
up by these extra NULLs.

Reverting this patch will get setuid executables working again,
but getauxval() is still broken for setuid programs because of
this bug.

This reverts commit e3a49a8661125f24aec8a1453e54b3b78005e21e.

Change-Id: I05c58a896b1fe32cfb5d95d43b096045cda0aa4a
2013-01-16 13:16:42 -08:00
Nick Kralevich
e3a49a8661 stack protector: use AT_RANDOM
Populate the stack canaries from the kernel supplied
AT_RANDOM value, which doesn't involve any system calls.
This is slightly faster (6 fewer syscalls) and avoids
unnecessarily reading /dev/urandom, which depletes entropy.

Bug: 7959813

Change-Id: If2b43100a2a9929666df3de56b6139fed969e0f1
2013-01-16 10:09:52 -08:00
Nick Kralevich
606058933c fix strerror_r test
e6e60065ff093ff8c859ab146cf543531cb1967c modified strerror_r to
treat errno as signed. However, the change to the test code
modified the "strerror" test, not the "strerror_r" test.

Make the same change for the strerror_r code.

Change-Id: Ia236a53df5745935e229a4446a74da8bed0cfd7b
2013-01-15 10:35:09 -08:00
Nick Kralevich
2c5153b043 libc: add getauxval()
Add support for getauxval().  This method allows a program an easy way
to retrieve information from the kernel auxiliary vector, and will
hopefully replace other clumsy ways of accessing this same information.

This particular function was also added to glibc in glibc 2.16.
See the following URLs for more details.

  * http://lwn.net/Articles/519085/
  * http://www.gnu.org/software/libc/manual/html_node/Auxiliary-Vector.html

This change is a prerequisite for bug 7959813.

Bug: http://code.google.com/p/android/issues/detail?id=38441
Change-Id: Iba19d899df334bddc6f4899077ece2fc87564ea8
2013-01-11 16:44:15 -08:00
Nick Kralevich
dcab1b2c76 Add stack canaries / strcpy tests.
Add a test to ensure that stack canaries are working
correctly. Since stack canaries aren't normally generated
on non-string functions, we have to enable stack-protector-all.

Add a test to ensure that an out of bounds strcpy generates
a runtime failure.

Change-Id: Id0d3e59fc4b9602da019e4d35c5c653e1a57fae4
2013-01-11 10:52:36 -08:00
Elliott Hughes
e6e60065ff glibc 2.15 treats errno as signed in strerror(3).
And the only reason I hadn't done that in bionic is because I wanted to behave
the same as glibc.

Change-Id: I2cf1bf0aac82a748cd6305a2cabbac0790058570
2013-01-10 16:01:59 -08:00
Elliott Hughes
c5d028fc91 Only have one copy of the kernel_sigset_t hack, and add more tests.
Change-Id: I377522fcba6fb4b5fd2754ab15b091014bd7c16f
2013-01-10 14:42:14 -08:00
Elliott Hughes
a43e906221 Don't test GNU-style ELF hashes on MIPS.
The MIPS toolchain can't generate them because they're incompatible
with the MIPS ABI (which requires .dynsym match the GOT, while GNU-style
requires .dynsym to be sorted by hash code), so there's nothing to test.

Change-Id: I2220f452fe6fe595ec1312544cc741dd390a36a5
2013-01-07 14:44:36 -08:00
Elliott Hughes
fb5e5cbdd4 Fix an off-by-one error in the sigset_t function error handling.
Spotted while running the tests on MIPS, where sigset_t is
actually large enough. The bits in sigset_t are used such that
signal 1 is represented by bit 0, so the range of signals is
actually [1, 8*sizeof(sigset_t)]; it seems clearer to reword
the code in terms of valid bit offsets [0, 8*sizeof(sigset_t)),
which leads to the usual bounds checking idiom.

Change-Id: Id899c288e15ff71c85dd2fd33c47f8e97aa1956f
2013-01-07 13:58:49 -08:00
Elliott Hughes
a55f63083f Define _POSIX_MONOTONIC_CLOCK and implement sysconf(_SC_MONOTONIC_CLOCK).
Bug: http://code.google.com/p/android/issues/detail?id=39680
Change-Id: I11cf10a66f9d305868a725f04f581099fb88bbfc
2013-01-02 14:23:43 -08:00
Elliott Hughes
e66190d2a9 Check for unknown flags passed to dlopen(3).
Change-Id: I56f4aab0e5a1487bc32d2c4d231e8bd15c4ac8da
2012-12-18 15:57:55 -08:00
Chris Dearman
d8a5a6f513 Use pthread_kill() in raise()
raise() should use pthread_kill() in a pthreads environment.
For bionic this means it should always be used.

Change-Id: Ic679272b664d2b8a7068b628fb83a9f7395c441f
2012-12-10 11:20:57 -08:00
Elliott Hughes
da73f655fc Add argument checking to sigemptyset(3) and friends.
You could argue that this is hurting people smart enough to have manually
allocated a large-enough sigset_t, but those people are smart enough to
implement their own sigset functions too.

I wonder whether our least unpleasant way out of our self-inflicted 32-bit
cesspool is to have equivalents of _FILE_OFFSET_BITS such as _SIGSET_T_BITS,
so calling code could opt in? You'd have to be careful passing sigset_t
arguments between code compiled with different options.

Bug: 5828899
Change-Id: I0ae60ee8544835b069a2b20568f38ec142e0737b
2012-11-30 16:40:55 -08:00
Elliott Hughes
fbe44ec043 Add a memmove(3) benchmark.
Change-Id: I9c0ffae0b5aae29521b7e68e5ce2318b5a401cba
2012-11-09 14:59:21 -08:00
Elliott Hughes
7be369d4c6 Simple google3-compatible benchmarking.
Based on our open-source RE2 benchmarking code.

Includes benchmarks for a handful of <string.h> functions.

Change-Id: I30eb70d25dbf4ad5f2ca44976a8ce3b1ff7dad01
2012-11-08 15:37:43 -08:00
Elliott Hughes
d460f3f1af Merge "Tests for string routines." 2012-11-08 09:15:22 -08:00
Elliott Hughes
6e33b0296d Fix dlopen_library_with_only_gnu_hash_Test.
Change-Id: Id3395f155587cfa74061f97a2cb4c6a6e59c13dc
2012-11-07 18:16:02 -08:00
Anna Tikhonova
036154b0c2 Tests for string routines.
Change-Id: I24068a228f59df1c3b758c5b2026a09720490616
Signed-off-by: Anna Tikhonova <anna.tikhonova@intel.com>
2012-11-07 18:14:29 -08:00
Elliott Hughes
90e10d41c4 Rewrite <fenv.h> for ARM.
The old code was one big no-op.

Bug: http://code.google.com/p/android/issues/detail?id=38196
Change-Id: I201a6ffa477385b2629f45e8c948bdfbd47b5bf1
2012-11-05 08:50:19 -08:00
Elliott Hughes
4f251bee5d Don't corrupt the thread list if the main thread exits.
...and don't pass a non-heap pointer to free(3), either.

This patch replaces the "node** prev" with the clearer "node* prev"
style and fixes the null pointer dereference in the old code. That's
not sufficient to fix the reporter's bug, though. The pthread_internal_t*
for the main thread isn't heap-allocated --- __libc_init_tls causes a
pointer to a statically-allocated pthread_internal_t to be added to
the thread list.

Bug: http://code.google.com/p/android/issues/detail?id=37410
Change-Id: I112b7f22782fc789d58f9c783f7b323bda8fb8b7
2012-11-01 17:27:07 -07:00
Elliott Hughes
1a6961650c Stop defining our own PAGE_SIZE and PAGE_MASK, and test dlclose(3) too.
Also remove an unnecessary #include and a now-obsolete TODO.

Change-Id: I36d923721e349a286934b9534090a67ce0786e7b
2012-11-01 13:53:26 -07:00
Elliott Hughes
124fae9eab Reject .so files with no sysv hash table.
Also ensure that dlopen(3) errors always include the name of the library we
failed to open.

Also fix a bug where we'd fall back to searching LD_LIBRARY_PATH and the
built-in paths for names that include slashes.

Bug: http://code.google.com/p/android/issues/detail?id=38479
Change-Id: Ib2c009ed083344a7a012749d58f8679db2f26c78
2012-10-31 14:30:50 -07:00
Elliott Hughes
06b596104a Merge "Fix bug in pthread_join, pthread_exit, pthread_detach" 2012-10-30 12:57:58 -07:00
Elliott Hughes
58b575485c Clean up the <libgen.h> implementation a little, bring in tests.
Most of these tests were in system/extras, but I've added more to cover other
cases explicitly mentioned by POSIX.

Change-Id: I5e8d77e4179028d77306935cceadbb505515dcde
2012-10-29 14:27:10 -07:00
Sergey Melnikov
10ce96944e Fix bug in pthread_join, pthread_exit, pthread_detach
pthread_no_op_detach_after_join test from bionic-unit-tests hangs
on x86 emulator. There is a race in the pthread_join, pthread_exit,
pthread_detach functions:
- pthread_join waits for the non-detached thread
- pthread_detach sets the detached flag on that thread
- the thread executes pthread_exit which just kills the now-detached
thread, without sending the join notification.

This patch improves the test so it fails on ARM too, and modifies
pthread_detach to behave more like glibc, not setting the detach state if
called on a thread that's already being joined (but not returning an error).

Change-Id: I87dc688221ce979ef5178753dd63d01ac0b108e6
Signed-off-by: Sergey Melnikov <sergey.melnikov@intel.com>
2012-10-29 11:31:26 -07:00
Elliott Hughes
14f19592ae Fix the pthread_join on self error case.
We should return EDEADLK, not deadlock the calling thread.

Change-Id: I1243483f709c11b2a60e41142725c54c7dbfcbc9
2012-10-29 10:19:44 -07:00
David 'Digit' Turner
c30396f5f2 libc: Fix alphasort() signature (and implementation).
The declaration for alphasort() in <dirent.h> used the deprecated:

  int alphasort(const void*, const void*);

while both Posix and GLibc use instead:

  int alphasort(const struct dirent** a, const struct dirent** b);

See: http://pubs.opengroup.org/onlinepubs/9699919799/functions/alphasort.html

This patch does the following:

- Update the declaration to match Posix/GLibc
- Get rid of the upstream BSD code which isn't compatible with the new
  signature.
- Implement a new trivial alphasort() with the right signature, and
  ensure that it uses strcoll() instead of strcmp().
- Remove Bionic-specific #ifdef .. #else .. #endif block in
  dirent_test.cpp which uses alphasort().

Even through strcoll() currently uses strcmp(), this does the right
thing in the case where we decide to update strcoll() to properly
implement locale-specific ordered comparison.

Change-Id: I4fd45604d8a940aaf2eb0ecd7d73e2f11c9bca96
2012-10-29 07:44:27 -07:00
Elliott Hughes
063cfb2084 Clean up the implementation of the <dirent.h> functions.
Change-Id: I3c647cc9588525afc41fee90ee468d58cd13503a
2012-10-26 16:42:06 -07:00
Elliott Hughes
ad88a08631 Per-thread -fstack-protector guards for x86.
Based on a pair of patches from Intel:

  https://android-review.googlesource.com/#/c/43909/
  https://android-review.googlesource.com/#/c/44903/

For x86, this patch supports _both_ the global that ARM/MIPS use
and the per-thread TLS entry (%gs:20) that GCC uses by default. This
lets us support binaries built with any x86 toolchain (right now,
the NDK is emitting x86 code that uses the global).

I've also extended the original tests to cover ARM/MIPS too, and
be a little more thorough for x86.

Change-Id: I02f279a80c6b626aecad449771dec91df235ad01
2012-10-25 12:04:03 -07:00
Elliott Hughes
5419b94747 Make dlerror(3) thread-safe.
I gave up trying to use the usual thread-local buffer idiom; calls to
calloc(3) and free(3) from any of the "dl" functions -- which live in
the dynamic linker -- end up resolving to the dynamic linker's stubs.
I tried to work around that, but was just making things more complicated.
This alternative costs us a well-known TLS slot (instead of the
dynamically-allocated TLS slot we'd have used otherwise, so no difference
there), plus an extra buffer inside every pthread_internal_t.

Bug: 5404023
Change-Id: Ie9614edd05b6d1eeaf7bf9172792d616c6361767
2012-10-16 17:58:17 -07:00
Elliott Hughes
3b297c4079 Fix dlerror(3).
Add unit tests for dlerror(3) in various situations. I think We're at least
as good as glibc now.

Also factor out the ScopedPthreadMutexLock and use it here too.

Bug: http://code.google.com/p/android/issues/detail?id=38398
Change-Id: I040938b4366ab836e3df46d1d8055b92f4ea6ed8
2012-10-11 16:08:51 -07:00
Elliott Hughes
156da96621 Fix a getcwd(3) bug and make our tests run correctly under valgrind.
The getcwd(3) bug was found by valgrind.

Bug: 7291287
Change-Id: I59f3bff1c1392a408b905934eebcd5d894d37492
2012-10-09 17:17:24 -07:00
Elliott Hughes
774c7f54ff Upgrade to the current NetBSD rand implementation.
Also add basic unit tests.

Change-Id: I7fc7ef61d47c1e8fdf8b8eff67a635220c3afd56
2012-10-01 13:53:41 -07:00
Irina Tirdea
eac9eb462e Add getdelim(3) and getline(3) to bionic
Some userspace programs (e.g. perf) need getline.

Changes:
() add getdelim.c, getline.c from NetBSD (http://netbsd.org/) under the
NetBSD Foundation's (TNF) license ("2 clause" Berkeley-style license).
() add stub for reentrant.h header that is needed by getdelim.c
() add tests for getdelim(3) and getline(3).
() update NOTICE file.

Change-Id: I22ed82dd5904b9d7a3695535c04f502be3c27c5d
Signed-off-by: Irina Tirdea <irina.tirdea@intel.com>
2012-09-27 11:38:57 -07:00
Elliott Hughes
ac184b2142 Fix several compiler warnings.
Change-Id: I55caa50a5937442734f4fcbdb4edf1c70f335bf8
2012-09-26 14:20:22 -07:00
Elliott Hughes
8e630dacf6 Merge "Simple tests for dladdr(3)." 2012-09-26 12:10:56 -07:00
Elliott Hughes
91875dcd6e Fix tmpfile(3).
This could be better, but at least now it works.

Change-Id: I88b7cf3f7ce8e5fa0b3fe678b7d1679a68ffffc9
2012-09-26 12:02:17 -07:00
Elliott Hughes
8e15b08ae2 Simple tests for dladdr(3).
Change-Id: I22160b7fc9b950ea19adb6da42af2f893f4fe5d5
2012-09-26 11:44:01 -07:00
Kenny Root
8a05a01de7 Print out shared app gids correctly
For applications that share resources across users such as
forward-locked applications, print out their group name correctly.

Change-Id: I06ee0b67e4325cfa415ffd7a03e301700399a66d
2012-09-13 15:25:09 -07:00
Kenny Root
2a54e5ecd0 Add tests for Android-specific stubs
Also fix problem with multi-user IDs that the home directory was
returned as "/data" instead of "/" unlike all the other uids.

Change-Id: I914d22052e5a86552989f8969b85aadbc748c65d
2012-09-13 15:25:09 -07:00
Elliott Hughes
fa36875df4 Merge "Make strerror(3) and strsignal(3) thread-safe, and add psignal(3) and psiginfo(3)." 2012-09-13 15:19:37 -07:00
Irina Tirdea
b5f053b5a7 Make strerror(3) and strsignal(3) thread-safe, and add psignal(3) and psiginfo(3).
Change-Id: I426109db25e907980d6cb3a7a695796e45783b78
2012-09-13 15:18:21 -07:00
Elliott Hughes
38bfa21695 Fix Mac build.
Change-Id: Id625806fab0f2f7f90f9508c5fce649afe970414
2012-09-13 11:01:46 -07:00
jeffhao
acf5aa76a5 Added new test for dlopen which is failing for MIPS.
Change-Id: I2240faefb387a11647f49b1a15699907a40f98c1
2012-09-12 19:19:13 -07:00
Elliott Hughes
4d014e15b4 Add more pthreads tests.
Someone reported a bug if pthread_detach is called while a pthread_join is
already in progress, but I'm unable to reproduce it. Keep the tests I wrote,
though.

Change-Id: I3d71450bbbb5345f2cb213dc56310ec020d528cc
2012-09-07 16:47:54 -07:00
Elliott Hughes
bfeab1bbe7 Don't corrupt the thread list in static executables.
Several previous changes conspired to make a mess of the thread list
in static binaries. This was most obvious when trying to call
pthread_key_delete(3) on the main thread.

Bug: http://code.google.com/p/android/issues/detail?id=36893
Change-Id: I2a2f553114d8fb40533c481252b410c10656da2e
2012-09-05 17:47:37 -07:00
Elliott Hughes
2e8f4345df Add missing dependencies.
Change-Id: I53c1cfb59ac7a89952a8d6b906b2b9e16a66624f
2012-09-05 14:27:17 -07:00
Benoit Goby
5ac9eee1d3 bionic: Fix TINY_ANDROID build
(cherry-pick of 545d5dbbcb0dc9e44323c4f2e687a3aace75a483.)

Change-Id: Ifc91e84ffed5a3a287accabd7f08b02752688db6
2012-09-04 13:36:54 -07:00
Joe Onorato
7b841f3b4a Don't over-generalize makefiles. Host modules always build. This isn't needed on eng builds.
Change-Id: I5821ced7a8a9042fd2094204e07470d8002263ca
2012-08-16 22:36:36 -07:00