Commit Graph

4853 Commits

Author SHA1 Message Date
Colin Cross
1d36ee1a6e bionic: prevent root processes from calling __system_property_add
If a root process other than init calls __system_property_add, which
it should never do, it will break the design assumption that there is
only one mutator.

Pass O_EXCL to open() in map_prop_region_rw to ensure that only one
process ever has the property pages open for write.

(cherry picked from commit fb9b7b436f)

Change-Id: I6df3afedbfb5d07891b095aa24b78278381a5aaf
2013-06-24 16:35:41 -07:00
Greg Hackmann
1540f601be bionic: revert to a single (larger) property area
d329697 is too complicated.  Change the multiple property pages back to
a single 128K property area that's mapped in entirely at initialization
(the memory will not get allocated until the pages are touched).

d329697 has other changes useful for testing (moving property area
initialization inside bionic and adding __system_property_set_filename)
so undo the change manually rather than with git revert.

Signed-off-by: Greg Hackmann <ghackmann@google.com>

(cherry picked from commit 5f05348c18)

Change-Id: I690704552afc07a4dd410277893ca9c40bc13e5f
2013-06-24 16:35:37 -07:00
Greg Hackmann
996cdc4b1a bionic: reimplement property area as hybrid trie/binary tree
See the comments for an explanation of how properties are stored.

The trie structure is designed to scale better than the previous
array-based implementation.  Searching an array with n properties
required average O(n) string compares of the entire key; searching the
trie requires average O(log n) string compares of each token (substrings
between '.' characters).

Signed-off-by: Greg Hackmann <ghackmann@google.com>

(cherry picked from commit 6ac8e6a46d)

Change-Id: Icbe31908572f33b4d9b85d5b62ac837cbd0f85e0
2013-06-24 16:35:32 -07:00
Greg Hackmann
f7511e3bc9 bionic: add missing memory barriers to system properties
1) Reading the value must finish before checking whether it's intact

2) Setting the serial's dirty bit must visible before modifying the
value

3) The modified value must be visible before clearing the serial's dirty
bit

4) New properties and their TOC entries must be visible before updating
the property count

Signed-off-by: Greg Hackmann <ghackmann@google.com>

(cherry picked from commit 5bfa3ee8b3)

Change-Id: Id3fa45261fc2df2ae493ab5194bc2b6bff04e966
2013-06-24 16:35:27 -07:00
Greg Hackmann
cb215a7e9e bionic: make property area expandable
The property area is initially one 4K region, automatically expanding as
needed up to 64 regions.

To avoid duplicating code, __system_property_area_init() now allocates
and initializes the first region (previously it was allocated in init's
init_property_area() and initialized in bionic).  For testing purposes,
__system_property_set_filename() may be used to override the file used
to map in regions.

Signed-off-by: Greg Hackmann <ghackmann@google.com>

(cherry picked from commit d32969701b)

Change-Id: I038d451fe8849b0c4863663eec6f57f6521bf4a7
2013-06-24 16:35:15 -07:00
Nick Kralevich
954480393f am 0ea1d5c0: Merge "libc: enable sprintf FORTIFY_SOURCE under clang"
* commit '0ea1d5c0ae94ee581c72451b20813c028f51090c':
  libc: enable sprintf FORTIFY_SOURCE under clang
2013-06-24 15:20:39 -07:00
Nick Kralevich
0ea1d5c0ae Merge "libc: enable sprintf FORTIFY_SOURCE under clang" 2013-06-24 22:15:12 +00:00
Nick Kralevich
c6eb985454 libc: enable sprintf FORTIFY_SOURCE under clang
clang doesn't support __builtin_va_arg_pack(), so we have
to use #define instead.

Change-Id: I2ee75e6267d60cdf997fee6b9b0547bf68f062a1
2013-06-24 14:10:29 -07:00
Nick Kralevich
100d678438 am 53ddcc90: Merge "linker: Emit a warning on text relocations"
* commit '53ddcc90701d86c7d809a84cf4710c651066e3c7':
  linker: Emit a warning on text relocations
2013-06-21 15:39:21 -07:00
Nick Kralevich
53ddcc9070 Merge "linker: Emit a warning on text relocations" 2013-06-21 22:36:50 +00:00
Nick Kralevich
c9084427aa linker: Emit a warning on text relocations
Text relocations unnecessarily mark pages as dirty, preventing them
from being swapped out, wasting memory. Also, text relocations
prevent the code from running on certain hardened systems.

Print a message in logcat and stderr when we see a text relocation,
to encourage developers to fix their code.

Change-Id: I6051a7463911e090ae5727a355397d539669d5b9
2013-06-21 15:33:15 -07:00
Nick Kralevich
cb25359a2e am 68197731: Merge "libc_logging: don\'t keep file descriptors open forever"
* commit '6819773103495a6fd81f024dc6711771320ae4ec':
  libc_logging: don't keep file descriptors open forever
2013-06-21 14:33:48 -07:00
Nick Kralevich
6819773103 Merge "libc_logging: don't keep file descriptors open forever" 2013-06-21 21:26:09 +00:00
Nick Kralevich
17fc25d20f libc_logging: don't keep file descriptors open forever
Avoid keeping unnecessary file descriptors around when they're not
needed. Libc doesn't log so much that opening / closing overhead
matters.

Change-Id: I590ec5c27562db9bac025f781c48ec9a7724ce77
2013-06-21 13:28:42 -07:00
Nick Kralevich
5fed0eeabd am 0ce28d20: Merge "libc: enable FORTIFY_SOURCE clang strlcpy"
* commit '0ce28d20ea5fde250576f355004dbcd741b0b884':
  libc: enable FORTIFY_SOURCE clang strlcpy
2013-06-20 12:29:38 -07:00
Nick Kralevich
0ce28d20ea Merge "libc: enable FORTIFY_SOURCE clang strlcpy" 2013-06-20 19:27:48 +00:00
Nick Kralevich
8bafa7452e libc: enable FORTIFY_SOURCE clang strlcpy
Change-Id: Idcfe08f5afc3dde592416df9eba83f64e130c7c2
2013-06-20 12:17:44 -07:00
Elliott Hughes
33df38a04c am 4eed6509: Merge "stdint.h header is not fully compatible with C99(ISO9899:1999)"
* commit '4eed65090b1f0d0d087f26bd7367da90a0cca92d':
  stdint.h header is not fully compatible with C99(ISO9899:1999)
2013-06-19 12:46:40 -07:00
Elliott Hughes
4eed65090b Merge "stdint.h header is not fully compatible with C99(ISO9899:1999)" 2013-06-19 19:45:09 +00:00
Nick Kralevich
1d174a9c17 am 02ca0e31: Merge "Fix FORTIFY_SOURCE unittests."
* commit '02ca0e314219a4c7205a180a414c509651043f13':
  Fix FORTIFY_SOURCE unittests.
2013-06-19 10:36:55 -07:00
Nick Kralevich
02ca0e3142 Merge "Fix FORTIFY_SOURCE unittests." 2013-06-19 17:33:57 +00:00
Colin Cross
f4250508d5 am 3225f498: Merge "bionic: add __system_property_foreach"
* commit '3225f4984837c4d9e6e9495d2154f2d9987cf457':
  bionic: add __system_property_foreach
2013-06-19 10:27:23 -07:00
Colin Cross
3225f49848 Merge "bionic: add __system_property_foreach" 2013-06-19 17:26:17 +00:00
Nick Kralevich
3cd4cac2ce Fix FORTIFY_SOURCE unittests.
The compiler is too damn smart.

Change-Id: Ibef3ef41ec99f8cd9c06f1dbca535819f9a08197
2013-06-19 10:25:44 -07:00
Sergey Melnikov
dc5d3426d8 stdint.h header is not fully compatible with C99(ISO9899:1999)
stdint.h provides macros with incorrect type:
  * UINT8_C
  * UINT16_C
  * UINT8_MAX
  * UINT16_MAX

Signed-off-by: Sergey Melnikov <sergey.melnikov@intel.com>
Change-Id: I2d130c782d4485bf6c9e9f068de0bdaa4ba7303f
2013-06-19 12:33:31 +04:00
Greg Hackmann
c6ff844d75 bionic: add __system_property_foreach
find_nth() will be inefficient on a trie.  Since find_nth() is only used
internally and only for enumerating properties, we can add a foreach()
function to do this directly.

Signed-off-by: Greg Hackmann <ghackmann@google.com>

(cherry picked from commit 577418403d)

Change-Id: Iaca97d1182ce2c28863ba85241cbb5cf6185eb2f
2013-06-18 19:24:29 -07:00
Elliott Hughes
13e23302c9 am c656d732: Merge "Always use v1 for MIPS TLS access."
* commit 'c656d732c7712b0f73d9c560ccf3cb5ae47d219d':
  Always use v1 for MIPS TLS access.
2013-06-18 13:57:57 -07:00
Elliott Hughes
c656d732c7 Merge "Always use v1 for MIPS TLS access." 2013-06-18 20:56:25 +00:00
Nick Kralevich
d98d35c538 am 0846109c: Merge "libc: Rename fortify error functions."
* commit '0846109c96d54a28e413893b0cd4b4acb3aa87fc':
  libc: Rename fortify error functions.
2013-06-18 13:27:18 -07:00
Nick Kralevich
3bf6279034 am dd0880fe: Merge "libc: add limited FORTIFY_SOURCE support for clang"
* commit 'dd0880fec3bb8c998680e78aff9e2ddc2bcf6d7a':
  libc: add limited FORTIFY_SOURCE support for clang
2013-06-18 13:27:17 -07:00
Elliott Hughes
45ef218bde am 6807af77: Merge "Make LD_PRELOAD failures just warnings."
* commit '6807af773f862750efb6860e00402580a5f463f3':
  Make LD_PRELOAD failures just warnings.
2013-06-18 13:27:16 -07:00
Elliott Hughes
a33dc57c7c Always use v1 for MIPS TLS access.
Change-Id: Ic2850b90185cfbc5b0eff804c8b74a1c553c0852
2013-06-18 13:26:22 -07:00
Nick Kralevich
0846109c96 Merge "libc: Rename fortify error functions." 2013-06-18 20:24:04 +00:00
Colin Cross
e421bd71c3 am 02002443: Merge "bionic: fix deleting property arrays in property benchmark"
* commit '02002443d4b17de78418d51fc303b4c976ad071a':
  bionic: fix deleting property arrays in property benchmark
2013-06-18 13:23:51 -07:00
Nick Kralevich
dd0880fec3 Merge "libc: add limited FORTIFY_SOURCE support for clang" 2013-06-18 20:23:49 +00:00
Elliott Hughes
6807af773f Merge "Make LD_PRELOAD failures just warnings." 2013-06-18 20:23:07 +00:00
Colin Cross
02002443d4 Merge "bionic: fix deleting property arrays in property benchmark" 2013-06-18 20:22:25 +00:00
Nick Kralevich
ba6c021a53 am e2fb05b4: Merge "libc: Introduce __errordecl()"
* commit 'e2fb05b45b9af7b9af8df0ea15bfec63d331d882':
  libc: Introduce __errordecl()
2013-06-18 13:17:35 -07:00
Nick Kralevich
e2fb05b45b Merge "libc: Introduce __errordecl()" 2013-06-18 20:15:33 +00:00
Elliott Hughes
7e5a8cc523 Make LD_PRELOAD failures just warnings.
This matches glibc and makes life easier for developers who want to
sometimes preload a library from init (which has no conditionals); they
can simply move/remove the library to disable.

Change-Id: I579b8633f958235af6e46bb53b378b9e363afb1f
2013-06-18 13:15:00 -07:00
Colin Cross
7d06813d93 bionic: fix deleting property arrays in property benchmark
Use delete[] to delete arrays allocated with new []

Change-Id: Icc2a6b23df09049c008f7f1f50ed93a277174308
2013-06-18 13:08:28 -07:00
Nick Kralevich
a641c18f0c libc: Rename fortify error functions.
__umask_error -> __umask_invalid_mode
__creat_error -> __creat_missing_mode
__too_many_args_error -> __creat_too_many_args

Change-Id: I4036f344a3a93628e70f2e948ad73cfed3a967ea
2013-06-18 13:07:18 -07:00
Colin Cross
1a38e06383 am 0005b354: Merge "bionic: change properties benchmarks to read a single property"
* commit '0005b3544be345e697592b4dc199ebaa37048559':
  bionic: change properties benchmarks to read a single property
2013-06-18 13:04:10 -07:00
Colin Cross
0005b3544b Merge "bionic: change properties benchmarks to read a single property" 2013-06-18 20:01:05 +00:00
Colin Cross
7d90cfa6b5 bionic: change properties benchmarks to read a single property
The properties benchmarks were reading n properties from a property
area with n properties in it, which was making it hard to compare
the time between runs of different sizes.  Change the benchmark
to read a random property per iteration so the numbers between
runs are comparable.

Change-Id: Ib1648ce0948d9038fce76d209608427376cfb8da
2013-06-18 12:55:52 -07:00
Nick Kralevich
16d1af167f libc: add limited FORTIFY_SOURCE support for clang
In 829c089f83, we disabled all
FORTIFY_SOURCE support when compiling under clang. At the time,
we didn't have proper test cases, and couldn't easily create targeted
clang tests.

This change re-enables FORTIFY_SOURCE support under clang for a
limited set of functions, where we have explicit unittests available.
The functions are:

* memcpy
* memmove
* strcpy
* strncpy
* strcat
* strncat
* memset
* strlen (with modifications)
* strchr (with modifications)
* strrchr (with modifications)

It may be possible, in the future, to enable other functions. However,
I need to write unittests first.

For strlen, strchr, and strrchr, clang unconditionally calls the
fortified version of the relevant function. If it doesn't know the
size of the buffer it's dealing with, it passes in ((size_t) -1),
which is the largest possible size_t.

I added two new clang specific unittest files, primarily copied
from fortify?_test.cpp.

I've also rebuild the entire system with these changes, and didn't
observe any obvious problems.

Change-Id: If12a15089bb0ffe93824b485290d05b14355fcaa
2013-06-18 12:14:20 -07:00
Nick Kralevich
b24c0637d0 libc: Introduce __errordecl()
Define __errordecl and replace __attribute__((__error__("foo")))
with __errordecl. Make sure __errordecl is a no-op on clang, as it
generates a compile time warning.

Change-Id: Ifa1a2d3afd6881de9d479fc2adac6737871a2949
2013-06-18 12:13:52 -07:00
Colin Cross
f6e6e5e727 am 977a3313: Merge changes Iac00ce10,I192d3825
* commit '977a33137d2be0093f474055f839cf665b82b588':
  bionic: add tests for properties
  bionic: move system property writing from init to bionic
2013-06-17 18:21:37 -07:00
Colin Cross
977a33137d Merge changes Iac00ce10,I192d3825
* changes:
  bionic: add tests for properties
  bionic: move system property writing from init to bionic
2013-06-18 01:11:58 +00:00
Colin Cross
b27e200ad6 bionic: add tests for properties
(cherry picked from commit 37d9f75dde)

Change-Id: Iac00ce10a4272032a1cbdbc4204277d6876e3365
2013-06-17 16:58:47 -07:00