Merge changes from topic "clang-r365631-switch-over"
* changes:
Fix segment gap test
stdatomic_test: always use bits/stdatomic.h
Adapt tests due to the new Clang fortify-source warning
diff --git a/android-changes-for-ndk-developers.md b/android-changes-for-ndk-developers.md
index 4bd97a0..84456f9 100644
--- a/android-changes-for-ndk-developers.md
+++ b/android-changes-for-ndk-developers.md
@@ -1,8 +1,11 @@
-# Android changes for NDK developers
+# Android linker changes for NDK developers
This document details important changes related to native code
loading in various Android releases.
+See also [bionic status](docs/status.md) for general libc/libm/libdl
+behavior changes.
+
Required tools: the NDK has an _arch_-linux-android-readelf binary
(e.g. arm-linux-androideabi-readelf or i686-linux-android-readelf)
for each architecture (under toolchains/), but you can use readelf for
@@ -46,6 +49,10 @@
[ReLinker](https://github.com/KeepSafe/ReLinker) which claims to solve
these problems automatically.
+Alternatively, if you don't have too many dependencies, it can be easiest to
+simply link all of your code into one big library and sidestep the details of
+library and symbol lookup changes on all past (and future) Android versions.
+
## Changes to library search order
We have made various fixes to library search order when resolving symbols.
diff --git a/docs/native_allocator.md b/docs/native_allocator.md
index 97c3648..82a98fe 100644
--- a/docs/native_allocator.md
+++ b/docs/native_allocator.md
@@ -10,7 +10,7 @@
It is important to note that there are two modes for a native allocator
to run in on Android. The first is the normal allocator, the second is
called the svelte config, which is designed to run on memory constrained
-systems and be a bit slower, but take less PSS. To enable the svelte config,
+systems and be a bit slower, but take less RSS. To enable the svelte config,
add this line to the `BoardConfig.mk` for the given target:
MALLOC_SVELTE := true
@@ -55,7 +55,7 @@
When set to zero, `mallopt(M_DECAY_TIME, 0)`, it is expected that an
allocator will attempt to purge and release any unused memory back to the
kernel on free calls. This is important in Android to avoid consuming extra
-PSS.
+RSS.
When set to non-zero, `mallopt(M_DECAY_TIME, 1)`, an allocator can delay the
purge and release action. The amount of delay is up to the allocator
@@ -65,13 +65,13 @@
The drawback to this option is that most allocators do not have a separate
thread to handle the purge, so the decay is only handled when an
allocation operation occurs. For server processes, this can mean that
-PSS is slightly higher when the server is waiting for the next connection
+RSS is slightly higher when the server is waiting for the next connection
and no other allocation calls are made. The `M_PURGE` option is used to
force a purge in this case.
For all applications on Android, the call `mallopt(M_DECAY_TIME, 1)` is
made by default. The idea is that it allows application frees to run a
-bit faster, while only increasing PSS a bit.
+bit faster, while only increasing RSS a bit.
#### M\_PURGE
When called, `mallopt(M_PURGE, 0)`, an allocator should purge and release
@@ -115,7 +115,7 @@
## Performance
There are multiple different ways to evaluate the performance of a native
allocator on Android. One is allocation speed in various different scenarios,
-anoher is total PSS taken by the allocator.
+another is total RSS taken by the allocator.
The last is virtual address space consumed in 32 bit applications. There is
a limited amount of address space available in 32 bit apps, and there have
@@ -129,7 +129,7 @@
mmma -j bionic/benchmarks
These benchmarks are only used to verify the speed of the allocator and
-ignore anything related to PSS and virtual address space consumed.
+ignore anything related to RSS and virtual address space consumed.
#### Allocate/Free Benchmarks
These are the benchmarks to verify the allocation speed of a loop doing a
@@ -228,7 +228,7 @@
These numbers should be as performant as the current allocator.
### Memory Trace Benchmarks
-These benchmarks measure all three axes of a native allocator, PSS, virtual
+These benchmarks measure all three axes of a native allocator, RSS, virtual
address space consumed, speed of allocation. They are designed to
run on a trace of the allocations from a real world application or system
process.
@@ -248,7 +248,7 @@
/data/benchmarktest/trace_benchmark/trace_benchmark
#### Memory Replay Benchmarks
-These benchmarks display PSS, virtual memory consumed (VA space), and do a
+These benchmarks display RSS, virtual memory consumed (VA space), and do a
bit of performance testing on actual traces taken from running applications.
The trace data includes what thread does each operation, so the replay
@@ -266,21 +266,21 @@
To run these benchmarks, first copy the trace files to the target and
unzip them using these commands:
- adb shell push system/extras/dumps /data/local/tmp
- adb shell 'cd /data/local/tmp/dumps && for name in *.zip; do unzip $name; done'
+ adb shell push system/extras/traces /data/local/tmp
+ adb shell 'cd /data/local/tmp/traces && for name in *.zip; do unzip $name; done'
Since all of the traces come from applications, the `memory_replay` program
will always call `mallopt(M_DECAY_TIME, 1)' before running the trace.
Run the benchmark thusly:
- adb shell memory_replay64 /data/local/tmp/dumps/XXX.txt
- adb shell memory_replay32 /data/local/tmp/dumps/XXX.txt
+ adb shell memory_replay64 /data/local/tmp/traces/XXX.txt
+ adb shell memory_replay32 /data/local/tmp/traces/XXX.txt
Where XXX.txt is the name of a trace file.
-Every 100000 allocation operations, a dump of the PSS and VA space will be
-performed. At the end, a final PSS and VA space number will be printed.
+Every 100000 allocation operations, a dump of the RSS and VA space will be
+performed. At the end, a final RSS and VA space number will be printed.
For the most part, the intermediate data can be ignored, but it is always
a good idea to look over the data to verify that no strange spikes are
occurring.
@@ -304,6 +304,14 @@
executable, the virtual address space consumed is not much larger than the
current allocator. A small increase (on the order of a few MBs) would be okay.
+There is no specific benchmark for memory fragmentation, instead, the RSS
+when running the memory traces acts as a proxy for this. An allocator that
+is fragmenting badly will show an increase in RSS. The best trace for
+tracking fragmentation is system\_server.txt which is an extremely long
+trace (~13 million operations). The total number of live allocations goes
+up and down a bit, but stays mostly the same so an allocator that fragments
+badly would likely show an abnormal increase in RSS on this trace.
+
NOTE: When a native allocator calls mmap, it is expected that the allocator
will name the map using the call:
diff --git a/docs/status.md b/docs/status.md
index 2f356f3..6968a18 100644
--- a/docs/status.md
+++ b/docs/status.md
@@ -1,5 +1,11 @@
# Android bionic status
+This document details libc/libm/libdl additions and behavior changes.
+
+See also
+[Android linker changes for NDK developers](../android-changes-for-ndk-developers.md)
+for changes related to native code loading in various Android releases.
+
## Bionic function availability
### POSIX
@@ -39,7 +45,9 @@
New libc functions in R (API level 30):
* Full C11 `<threads.h>` (available as inlines for older API levels).
+ * `memfd_create` and `mlock2` (GNU extensions).
* `renameat2` (GNU extension).
+ * `pthread_cond_clockwait`/`pthread_mutex_clocklock`/`pthread_rwlock_clockrdlock`/`pthread_rwlock_clockwrlock`/`sem_clockwait`
New libc functions in Q (API level 29):
* `timespec_get` (C11 `<time.h>` addition)
diff --git a/libc/SECCOMP_WHITELIST_COMMON.TXT b/libc/SECCOMP_WHITELIST_COMMON.TXT
index 1b67a19..07f84a8 100644
--- a/libc/SECCOMP_WHITELIST_COMMON.TXT
+++ b/libc/SECCOMP_WHITELIST_COMMON.TXT
@@ -64,31 +64,36 @@
int stat64:stat64(const char*, struct stat64*) arm,x86
ssize_t readlink:readlink(const char*, char*, size_t) arm,x86,x86_64
-# Probed for and conditionally used by ART.
-int membarrier(int cmd, int flags) all
-
+#
# Useful new syscalls which we don't yet use in bionic.
-int sched_getattr(pid_t pid, struct sched_attr* attr, unsigned int flags) all
-int sched_setattr(pid_t pid, struct sched_attr* attr, unsigned int size, unsigned int flags) all
-int memfd_create(const char* name, unsigned int flags) all
-int renameat2(int olddirfd, const char* oldpath, int newdirfd, const char* newpath, unsigned int flags) all
-int execveat(int dirfd, const char* pathname, char* const* argv, char* const* envp, int flags) all
-ssize_t copy_file_range(int fd_in, loff_t* off_in, int fd_out, loff_t* off_out, size_t len, unsigned int flags) all
-int mlock2(const void* addr, size_t len, int flags) all
-ssize_t preadv2(int fd, const struct iovec* iov, int iovcnt, off_t offset, int flags) all
-ssize_t pwritev2(int fd, const struct iovec* iov, int iovcnt, off_t offset, int flags) all
+#
+
+# Since Linux 2.5, not in glibc.
int io_setup(unsigned nr, aio_context_t *ctxp) all
int io_destroy(aio_context_t ctx) all
int io_submit(aio_context_t ctx, long nr, struct iocb **iocbpp) all
int io_getevents(aio_context_t ctx, long min_nr, long max_nr, struct io_event *events, struct timespec *timeout) all
int io_cancel(aio_context_t ctx, struct iocb *, struct io_event *result) all
+# Since Linux 3.14, not in glibc.
+int sched_getattr(pid_t pid, struct sched_attr* attr, unsigned int flags) all
+int sched_setattr(pid_t pid, struct sched_attr* attr, unsigned int size, unsigned int flags) all
+# Since Linux 3.19, not in glibc (and not really needed to implement fexecve).
+int execveat(int dirfd, const char* pathname, char* const* argv, char* const* envp, int flags) all
+# Since Linux 4.3, not in glibc. Probed for and conditionally used by ART.
+int membarrier(int cmd, int flags) all
+# Since Linux 4.5, glibc 2.27.
+ssize_t copy_file_range(int fd_in, loff_t* off_in, int fd_out, loff_t* off_out, size_t len, unsigned int flags) all
+# Since Linux 4.6, glibc 2.26.
+ssize_t preadv2(int fd, const struct iovec* iov, int iovcnt, off_t offset, int flags) all
+ssize_t pwritev2(int fd, const struct iovec* iov, int iovcnt, off_t offset, int flags) all
+# Since Linux 4.11, glibc 2.30.
int statx(int, const char*, int, unsigned int, statx*) all
+# Since Linux 5.1, not in glibc.
int clock_gettime64(clockid_t, timespec64*) lp32
int clock_settime64(clockid_t, const timespec64*) lp32
int clock_adjtime64(clockid_t, timex64*) lp32
int clock_getres_time64(clockid_t, timespec64*) lp32
int clock_nanosleep_time64(clockid_t, int, const timespec64*, timespec*) lp32
-# TODO: afaict, __kernel_timer_t and itimerspec are both already fine?
int timer_gettime64(__kernel_timer_t, itimerspec64*) lp32
int timer_settime64(__kernel_timer_t, int, const itimerspec64*, itimerspec64*) lp32
int timerfd_gettime64(int, itimerspec64*) lp32
diff --git a/libc/SYSCALLS.TXT b/libc/SYSCALLS.TXT
index 62d698f..21ebdbd 100644
--- a/libc/SYSCALLS.TXT
+++ b/libc/SYSCALLS.TXT
@@ -107,12 +107,14 @@
int __close:close(int) all
pid_t __getpid:getpid() all
+int memfd_create(const char*, unsigned) all
int munmap(void*, size_t) all
void* __mremap:mremap(void*, size_t, size_t, int, void*) all
int msync(const void*, size_t, int) all
int mprotect(const void*, size_t, int) all
int madvise(void*, size_t, int) all
-int mlock(const void* addr, size_t len) all
+int mlock(const void* addr, size_t len) all
+int mlock2(const void* addr, size_t len, int flags) all
int munlock(const void* addr, size_t len) all
int mlockall(int flags) all
int munlockall() all
diff --git a/libc/bionic/__cxa_guard.cpp b/libc/bionic/__cxa_guard.cpp
index 30b5f41..e2e7477 100644
--- a/libc/bionic/__cxa_guard.cpp
+++ b/libc/bionic/__cxa_guard.cpp
@@ -16,9 +16,7 @@
#include <endian.h>
#include <limits.h>
-#undef _USING_LIBCXX // Prevent using of <atomic>.
#include <stdatomic.h>
-
#include <stddef.h>
#include "private/bionic_futex.h"
diff --git a/libc/bionic/fdsan.cpp b/libc/bionic/fdsan.cpp
index dd3a96e..4ebc796 100644
--- a/libc/bionic/fdsan.cpp
+++ b/libc/bionic/fdsan.cpp
@@ -106,30 +106,8 @@
}
void __libc_init_fdsan() {
- constexpr auto default_level = ANDROID_FDSAN_ERROR_LEVEL_WARN_ONCE;
- const prop_info* pi = __system_property_find(kFdsanPropertyName);
- if (!pi) {
- android_fdsan_set_error_level(default_level);
- return;
- }
- __system_property_read_callback(
- pi,
- [](void*, const char*, const char* value, uint32_t) {
- if (strcasecmp(value, "1") == 0 || strcasecmp(value, "fatal") == 0) {
- android_fdsan_set_error_level(ANDROID_FDSAN_ERROR_LEVEL_FATAL);
- } else if (strcasecmp(value, "warn") == 0) {
- android_fdsan_set_error_level(ANDROID_FDSAN_ERROR_LEVEL_WARN_ALWAYS);
- } else if (strcasecmp(value, "warn_once") == 0) {
- android_fdsan_set_error_level(ANDROID_FDSAN_ERROR_LEVEL_WARN_ONCE);
- } else {
- if (strlen(value) != 0 && strcasecmp(value, "0") != 0) {
- async_safe_format_log(ANDROID_LOG_ERROR, "libc",
- "debug.fdsan set to unknown value '%s', disabling", value);
- }
- android_fdsan_set_error_level(default_level);
- }
- },
- nullptr);
+ constexpr auto default_level = ANDROID_FDSAN_ERROR_LEVEL_FATAL;
+ android_fdsan_set_error_level_from_property(default_level);
}
static FdTable& GetFdTable() {
@@ -355,6 +333,45 @@
return atomic_exchange(&GetFdTable().error_level, new_level);
}
+android_fdsan_error_level android_fdsan_set_error_level_from_property(
+ android_fdsan_error_level default_level) {
+ const prop_info* pi = __system_property_find(kFdsanPropertyName);
+ if (!pi) {
+ return android_fdsan_set_error_level(default_level);
+ }
+
+ struct callback_data {
+ android_fdsan_error_level default_value;
+ android_fdsan_error_level result;
+ };
+
+ callback_data data;
+ data.default_value = default_level;
+
+ __system_property_read_callback(
+ pi,
+ [](void* arg, const char*, const char* value, uint32_t) {
+ callback_data* data = static_cast<callback_data*>(arg);
+
+ if (strcasecmp(value, "1") == 0 || strcasecmp(value, "fatal") == 0) {
+ data->result = android_fdsan_set_error_level(ANDROID_FDSAN_ERROR_LEVEL_FATAL);
+ } else if (strcasecmp(value, "warn") == 0) {
+ data->result = android_fdsan_set_error_level(ANDROID_FDSAN_ERROR_LEVEL_WARN_ALWAYS);
+ } else if (strcasecmp(value, "warn_once") == 0) {
+ data->result = android_fdsan_set_error_level(ANDROID_FDSAN_ERROR_LEVEL_WARN_ONCE);
+ } else {
+ if (strlen(value) != 0 && strcasecmp(value, "0") != 0) {
+ async_safe_format_log(ANDROID_LOG_ERROR, "libc",
+ "debug.fdsan set to unknown value '%s', disabling", value);
+ }
+ data->result = android_fdsan_set_error_level(data->default_value);
+ }
+ },
+ &data);
+
+ return data.result;
+}
+
int close(int fd) {
int rc = android_fdsan_close_with_tag(fd, 0);
if (rc == -1 && errno == EINTR) {
diff --git a/libc/bionic/fortify.cpp b/libc/bionic/fortify.cpp
index cf37666..3b804b0 100644
--- a/libc/bionic/fortify.cpp
+++ b/libc/bionic/fortify.cpp
@@ -249,7 +249,7 @@
// This is a variant of __stpncpy_chk, but it also checks to make
// sure we don't read beyond the end of "src". The code for this is
// based on the original version of stpncpy, but modified to check
-// how much we read from "src" at the end of the copy operation.
+// how much we read from "src" during the copy operation.
char* __stpncpy_chk2(char* dst, const char* src, size_t n, size_t dst_len, size_t src_len) {
__check_buffer_access("stpncpy", "write into", n, dst_len);
if (n != 0) {
@@ -257,6 +257,11 @@
const char* s = src;
do {
+ size_t s_copy_len = static_cast<size_t>(s - src);
+ if (__predict_false(s_copy_len >= src_len)) {
+ __fortify_fatal("stpncpy: detected read past end of %zu-byte buffer", src_len);
+ }
+
if ((*d++ = *s++) == 0) {
// NUL pad the remaining n-1 bytes.
while (--n != 0) {
@@ -265,11 +270,6 @@
break;
}
} while (--n != 0);
-
- size_t s_copy_len = static_cast<size_t>(s - src);
- if (__predict_false(s_copy_len > src_len)) {
- __fortify_fatal("stpncpy: detected read past end of %zu-byte buffer", src_len);
- }
}
return dst;
@@ -360,7 +360,7 @@
// This is a variant of __strncpy_chk, but it also checks to make
// sure we don't read beyond the end of "src". The code for this is
// based on the original version of strncpy, but modified to check
-// how much we read from "src" at the end of the copy operation.
+// how much we read from "src" during the copy operation.
char* __strncpy_chk2(char* dst, const char* src, size_t n, size_t dst_len, size_t src_len) {
__check_buffer_access("strncpy", "write into", n, dst_len);
if (n != 0) {
@@ -368,6 +368,11 @@
const char* s = src;
do {
+ size_t s_copy_len = static_cast<size_t>(s - src);
+ if (__predict_false(s_copy_len >= src_len)) {
+ __fortify_fatal("strncpy: detected read past end of %zu-byte buffer", src_len);
+ }
+
if ((*d++ = *s++) == 0) {
// NUL pad the remaining n-1 bytes.
while (--n != 0) {
@@ -376,11 +381,6 @@
break;
}
} while (--n != 0);
-
- size_t s_copy_len = static_cast<size_t>(s - src);
- if (__predict_false(s_copy_len > src_len)) {
- __fortify_fatal("strncpy: detected read past end of %zu-byte buffer", src_len);
- }
}
return dst;
diff --git a/libc/bionic/libc_init_dynamic.cpp b/libc/bionic/libc_init_dynamic.cpp
index 4f3b4f7..d6d5552 100644
--- a/libc/bionic/libc_init_dynamic.cpp
+++ b/libc/bionic/libc_init_dynamic.cpp
@@ -69,6 +69,13 @@
__LIBC_HIDDEN__ void* __libc_sysinfo = reinterpret_cast<void*>(__libc_int0x80);
#endif
+extern "C" __attribute__((weak)) void __hwasan_library_loaded(ElfW(Addr) base,
+ const ElfW(Phdr)* phdr,
+ ElfW(Half) phnum);
+extern "C" __attribute__((weak)) void __hwasan_library_unloaded(ElfW(Addr) base,
+ const ElfW(Phdr)* phdr,
+ ElfW(Half) phnum);
+
// We need a helper function for __libc_preinit because compiling with LTO may
// inline functions requiring a stack protector check, but __stack_chk_guard is
// not initialized at the start of __libc_preinit. __libc_preinit_impl will run
@@ -91,6 +98,14 @@
// Hooks for various libraries to let them know that we're starting up.
__libc_globals.mutate(__libc_init_malloc);
+
+#if __has_feature(hwaddress_sanitizer)
+ // Notify the HWASan runtime library whenever a library is loaded or unloaded
+ // so that it can update its shadow memory.
+ __libc_shared_globals()->load_hook = __hwasan_library_loaded;
+ __libc_shared_globals()->unload_hook = __hwasan_library_unloaded;
+#endif
+
netdClientInit();
}
diff --git a/libc/include/android/fdsan.h b/libc/include/android/fdsan.h
index 1169ed0..83b9318 100644
--- a/libc/include/android/fdsan.h
+++ b/libc/include/android/fdsan.h
@@ -197,4 +197,8 @@
*/
enum android_fdsan_error_level android_fdsan_set_error_level(enum android_fdsan_error_level new_level) __INTRODUCED_IN(29) __attribute__((__weak__));
+/*
+ * Set the error level to the global setting if available, or a default value.
+ */
+enum android_fdsan_error_level android_fdsan_set_error_level_from_property(enum android_fdsan_error_level default_level) __INTRODUCED_IN(30) __attribute__((__weak__));
__END_DECLS
diff --git a/libc/include/bits/timespec.h b/libc/include/bits/timespec.h
index 0497cfe..daad03f 100644
--- a/libc/include/bits/timespec.h
+++ b/libc/include/bits/timespec.h
@@ -46,7 +46,7 @@
struct timespec {
/** Number of seconds. */
time_t tv_sec;
- /** Number of nanoseconds. Must be less than 1,000,000. */
+ /** Number of nanoseconds. Must be less than 1,000,000,000. */
long tv_nsec;
};
#endif
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index dceb116..689b650 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -361,3 +361,6 @@
#include <android/versioning.h>
#include <android/api-level.h>
+#if __has_include(<android/ndk-version.h>)
+#include <android/ndk-version.h>
+#endif
diff --git a/libc/include/sys/mman.h b/libc/include/sys/mman.h
index 89d6d07..3b83229 100644
--- a/libc/include/sys/mman.h
+++ b/libc/include/sys/mman.h
@@ -26,34 +26,27 @@
* SUCH DAMAGE.
*/
-#ifndef _SYS_MMAN_H_
-#define _SYS_MMAN_H_
+#pragma once
#include <sys/cdefs.h>
#include <sys/types.h>
+#include <linux/memfd.h>
#include <linux/mman.h>
__BEGIN_DECLS
-#ifndef MAP_ANON
-#define MAP_ANON MAP_ANONYMOUS
-#endif
+/** Alternative spelling of the `MAP_ANONYMOUS` flag for mmap(). */
+#define MAP_ANON MAP_ANONYMOUS
+/** Return value for mmap(). */
#define MAP_FAILED __BIONIC_CAST(reinterpret_cast, void*, -1)
-#define MREMAP_MAYMOVE 1
-#define MREMAP_FIXED 2
-
-/*
- * See https://android.googlesource.com/platform/bionic/+/master/docs/32-bit-abi.md
+/**
+ * [mmap(2)](http://man7.org/linux/man-pages/man2/mmap.2.html)
+ * creates a memory mapping for the given range.
*
- * mmap64 wasn't really around until L, but we added an inline for it since it
- * allows a lot more code to compile with _FILE_OFFSET_BITS=64.
- *
- * GCC removes the static inline unless it is explicitly used. We can get around
- * this with __attribute__((used)), but that needlessly adds a definition of
- * mmap64 to every translation unit that includes this header. Instead, just
- * preserve the old behavior for GCC and emit a useful diagnostic.
+ * Returns the address of the mapping on success,
+ * and returns `MAP_FAILED` and sets `errno` on failure.
*/
#if defined(__USE_FILE_OFFSET64)
void* mmap(void* __addr, size_t __size, int __prot, int __flags, int __fd, off_t __offset) __RENAME(mmap64);
@@ -62,25 +55,126 @@
#endif
#if __ANDROID_API__ >= __ANDROID_API_L__
+/**
+ * mmap64() is a variant of mmap() that takes a 64-bit offset even on LP32.
+ *
+ * See https://android.googlesource.com/platform/bionic/+/master/docs/32-bit-abi.md
+ *
+ * mmap64 wasn't really around until L, but we added an inline for it since it
+ * allows a lot more code to compile with _FILE_OFFSET_BITS=64.
+ */
void* mmap64(void* __addr, size_t __size, int __prot, int __flags, int __fd, off64_t __offset) __INTRODUCED_IN(21);
#endif
+/**
+ * [munmap(2)](http://man7.org/linux/man-pages/man2/munmap.2.html)
+ * deletes a memory mapping for the given range.
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int munmap(void* __addr, size_t __size);
+
+/**
+ * [msync(2)](http://man7.org/linux/man-pages/man2/msync.2.html)
+ * flushes changes to a memory-mapped file to disk.
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int msync(void* __addr, size_t __size, int __flags);
+
+/**
+ * [mprotect(2)](http://man7.org/linux/man-pages/man2/mprotect.2.html)
+ * sets the protection on a memory region.
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int mprotect(void* __addr, size_t __size, int __prot);
+
+/** Flag for mremap(). */
+#define MREMAP_MAYMOVE 1
+
+/** Flag for mremap(). */
+#define MREMAP_FIXED 2
+
+/**
+ * [mremap(2)](http://man7.org/linux/man-pages/man2/mremap.2.html)
+ * expands or shrinks an existing memory mapping.
+ *
+ * Returns the address of the mapping on success,
+ * and returns `MAP_FAILED` and sets `errno` on failure.
+ */
void* mremap(void* __old_addr, size_t __old_size, size_t __new_size, int __flags, ...);
+/**
+ * [mlockall(2)](http://man7.org/linux/man-pages/man2/mlockall.2.html)
+ * locks pages (preventing swapping).
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int mlockall(int __flags) __INTRODUCED_IN(17);
+
+/**
+ * [munlockall(2)](http://man7.org/linux/man-pages/man2/munlockall.2.html)
+ * unlocks pages (allowing swapping).
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int munlockall(void) __INTRODUCED_IN(17);
+/**
+ * [mlock(2)](http://man7.org/linux/man-pages/man2/mlock.2.html)
+ * locks pages (preventing swapping).
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int mlock(const void* __addr, size_t __size);
+
+/**
+ * [mlock2(2)](http://man7.org/linux/man-pages/man2/mlock.2.html)
+ * locks pages (preventing swapping), with optional flags.
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
+int mlock2(const void* __addr, size_t __size, int __flags) __INTRODUCED_IN(30);
+
+/**
+ * [munlock(2)](http://man7.org/linux/man-pages/man2/munlock.2.html)
+ * unlocks pages (allowing swapping).
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int munlock(const void* __addr, size_t __size);
+/**
+ * [mincore(2)](http://man7.org/linux/man-pages/man2/mincore.2.html)
+ * tests whether pages are resident in memory.
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int mincore(void* __addr, size_t __size, unsigned char* __vector);
+/**
+ * [madvise(2)](http://man7.org/linux/man-pages/man2/madvise.2.html)
+ * gives the kernel advice about future usage patterns.
+ *
+ * Returns 0 on success, and returns -1 and sets `errno` on failure.
+ */
int madvise(void* __addr, size_t __size, int __advice);
+#if defined(__USE_GNU)
+
+/**
+ * [memfd_create(2)](http://man7.org/linux/man-pages/man2/memfd_create.2.html)
+ * creates an anonymous file.
+ *
+ * Returns an fd on success, and returns -1 and sets `errno` on failure.
+ */
+int memfd_create(const char* __name, unsigned __flags) __INTRODUCED_IN(30);
+
+#endif
+
#if __ANDROID_API__ >= __ANDROID_API_M__
+
/*
* Some third-party code uses the existence of POSIX_MADV_NORMAL to detect the
* availability of posix_madvise. This is not correct, since having up-to-date
@@ -89,16 +183,30 @@
*
* https://github.com/android-ndk/ndk/issues/395
*/
+
+/** Flag for posix_madvise(). */
#define POSIX_MADV_NORMAL MADV_NORMAL
+/** Flag for posix_madvise(). */
#define POSIX_MADV_RANDOM MADV_RANDOM
+/** Flag for posix_madvise(). */
#define POSIX_MADV_SEQUENTIAL MADV_SEQUENTIAL
+/** Flag for posix_madvise(). */
#define POSIX_MADV_WILLNEED MADV_WILLNEED
+/** Flag for posix_madvise(). */
#define POSIX_MADV_DONTNEED MADV_DONTNEED
+
#endif
+
+/**
+ * [posix_madvise(3)](http://man7.org/linux/man-pages/man3/posix_madvise.3.html)
+ * gives the kernel advice about future usage patterns.
+ *
+ * Returns 0 on success, and returns a positive error number on failure.
+ *
+ * See also madvise() which has been available much longer.
+ */
int posix_madvise(void* __addr, size_t __size, int __advice) __INTRODUCED_IN(23);
__END_DECLS
#include <android/legacy_sys_mman_inlines.h>
-
-#endif
diff --git a/libc/kernel/tools/update_all.py b/libc/kernel/tools/update_all.py
index 9d5b02d..cef24dd 100755
--- a/libc/kernel/tools/update_all.py
+++ b/libc/kernel/tools/update_all.py
@@ -110,7 +110,9 @@
content += ' #define SYS_%s %s\n' % (syscall, nr_name)
content += '#endif\n'
- updater.editFile('%s/include/bits/glibc-syscalls.h' % libc_root, content)
+ syscall_file = os.path.join(libc_root, 'include/bits/glibc-syscalls.h')
+ updater.readFile(syscall_file)
+ updater.editFile(syscall_file, content)
try:
diff --git a/libc/kernel/uapi/asm-x86/asm/vmx.h b/libc/kernel/uapi/asm-x86/asm/vmx.h
index 0f7ede3..83365f8 100644
--- a/libc/kernel/uapi/asm-x86/asm/vmx.h
+++ b/libc/kernel/uapi/asm-x86/asm/vmx.h
@@ -78,6 +78,5 @@
#define VMX_EXIT_REASONS { EXIT_REASON_EXCEPTION_NMI, "EXCEPTION_NMI" }, { EXIT_REASON_EXTERNAL_INTERRUPT, "EXTERNAL_INTERRUPT" }, { EXIT_REASON_TRIPLE_FAULT, "TRIPLE_FAULT" }, { EXIT_REASON_PENDING_INTERRUPT, "PENDING_INTERRUPT" }, { EXIT_REASON_NMI_WINDOW, "NMI_WINDOW" }, { EXIT_REASON_TASK_SWITCH, "TASK_SWITCH" }, { EXIT_REASON_CPUID, "CPUID" }, { EXIT_REASON_HLT, "HLT" }, { EXIT_REASON_INVD, "INVD" }, { EXIT_REASON_INVLPG, "INVLPG" }, { EXIT_REASON_RDPMC, "RDPMC" }, { EXIT_REASON_RDTSC, "RDTSC" }, { EXIT_REASON_VMCALL, "VMCALL" }, { EXIT_REASON_VMCLEAR, "VMCLEAR" }, { EXIT_REASON_VMLAUNCH, "VMLAUNCH" }, { EXIT_REASON_VMPTRLD, "VMPTRLD" }, { EXIT_REASON_VMPTRST, "VMPTRST" }, { EXIT_REASON_VMREAD, "VMREAD" }, { EXIT_REASON_VMRESUME, "VMRESUME" }, { EXIT_REASON_VMWRITE, "VMWRITE" }, { EXIT_REASON_VMOFF, "VMOFF" }, { EXIT_REASON_VMON, "VMON" }, { EXIT_REASON_CR_ACCESS, "CR_ACCESS" }, { EXIT_REASON_DR_ACCESS, "DR_ACCESS" }, { EXIT_REASON_IO_INSTRUCTION, "IO_INSTRUCTION" }, { EXIT_REASON_MSR_READ, "MSR_READ" }, { EXIT_REASON_MSR_WRITE, "MSR_WRITE" }, { EXIT_REASON_INVALID_STATE, "INVALID_STATE" }, { EXIT_REASON_MSR_LOAD_FAIL, "MSR_LOAD_FAIL" }, { EXIT_REASON_MWAIT_INSTRUCTION, "MWAIT_INSTRUCTION" }, { EXIT_REASON_MONITOR_TRAP_FLAG, "MONITOR_TRAP_FLAG" }, { EXIT_REASON_MONITOR_INSTRUCTION, "MONITOR_INSTRUCTION" }, { EXIT_REASON_PAUSE_INSTRUCTION, "PAUSE_INSTRUCTION" }, { EXIT_REASON_MCE_DURING_VMENTRY, "MCE_DURING_VMENTRY" }, { EXIT_REASON_TPR_BELOW_THRESHOLD, "TPR_BELOW_THRESHOLD" }, { EXIT_REASON_APIC_ACCESS, "APIC_ACCESS" }, { EXIT_REASON_EOI_INDUCED, "EOI_INDUCED" }, { EXIT_REASON_GDTR_IDTR, "GDTR_IDTR" }, { EXIT_REASON_LDTR_TR, "LDTR_TR" }, { EXIT_REASON_EPT_VIOLATION, "EPT_VIOLATION" }, { EXIT_REASON_EPT_MISCONFIG, "EPT_MISCONFIG" }, { EXIT_REASON_INVEPT, "INVEPT" }, { EXIT_REASON_RDTSCP, "RDTSCP" }, { EXIT_REASON_PREEMPTION_TIMER, "PREEMPTION_TIMER" }, { EXIT_REASON_INVVPID, "INVVPID" }, { EXIT_REASON_WBINVD, "WBINVD" }, { EXIT_REASON_XSETBV, "XSETBV" }, { EXIT_REASON_APIC_WRITE, "APIC_WRITE" }, { EXIT_REASON_RDRAND, "RDRAND" }, { EXIT_REASON_INVPCID, "INVPCID" }, { EXIT_REASON_VMFUNC, "VMFUNC" }, { EXIT_REASON_ENCLS, "ENCLS" }, { EXIT_REASON_RDSEED, "RDSEED" }, { EXIT_REASON_PML_FULL, "PML_FULL" }, { EXIT_REASON_XSAVES, "XSAVES" }, { EXIT_REASON_XRSTORS, "XRSTORS" }
#define VMX_ABORT_SAVE_GUEST_MSR_FAIL 1
#define VMX_ABORT_LOAD_HOST_PDPTE_FAIL 2
-#define VMX_ABORT_VMCS_CORRUPTED 3
#define VMX_ABORT_LOAD_HOST_MSR_FAIL 4
#endif
diff --git a/libc/kernel/uapi/linux/bpf.h b/libc/kernel/uapi/linux/bpf.h
index 11df994..3f09421 100644
--- a/libc/kernel/uapi/linux/bpf.h
+++ b/libc/kernel/uapi/linux/bpf.h
@@ -548,6 +548,7 @@
char name[BPF_OBJ_NAME_LEN];
__u32 ifindex;
__u32 gpl_compatible : 1;
+ __u32 : 31;
__u64 netns_dev;
__u64 netns_ino;
__u32 nr_jited_ksyms;
diff --git a/libc/kernel/uapi/linux/nilfs2_ondisk.h b/libc/kernel/uapi/linux/nilfs2_ondisk.h
index e9995a1..a05e7b7 100644
--- a/libc/kernel/uapi/linux/nilfs2_ondisk.h
+++ b/libc/kernel/uapi/linux/nilfs2_ondisk.h
@@ -20,6 +20,7 @@
#define _LINUX_NILFS2_ONDISK_H
#include <linux/types.h>
#include <linux/magic.h>
+#include <asm/byteorder.h>
#define NILFS_INODE_BMAP_SIZE 7
struct nilfs_inode {
__le64 i_blocks;
@@ -248,11 +249,11 @@
NILFS_CHECKPOINT_MINOR,
};
#define NILFS_CHECKPOINT_FNS(flag,name) static inline void nilfs_checkpoint_set_ ##name(struct nilfs_checkpoint * cp) \
-{ cp->cp_flags = cpu_to_le32(le32_to_cpu(cp->cp_flags) | (1UL << NILFS_CHECKPOINT_ ##flag)); \
+{ cp->cp_flags = __cpu_to_le32(__le32_to_cpu(cp->cp_flags) | (1UL << NILFS_CHECKPOINT_ ##flag)); \
} static inline void nilfs_checkpoint_clear_ ##name(struct nilfs_checkpoint * cp) \
-{ cp->cp_flags = cpu_to_le32(le32_to_cpu(cp->cp_flags) & ~(1UL << NILFS_CHECKPOINT_ ##flag)); \
+{ cp->cp_flags = __cpu_to_le32(__le32_to_cpu(cp->cp_flags) & ~(1UL << NILFS_CHECKPOINT_ ##flag)); \
} static inline int nilfs_checkpoint_ ##name(const struct nilfs_checkpoint * cp) \
-{ return ! ! (le32_to_cpu(cp->cp_flags) & (1UL << NILFS_CHECKPOINT_ ##flag)); \
+{ return ! ! (__le32_to_cpu(cp->cp_flags) & (1UL << NILFS_CHECKPOINT_ ##flag)); \
}
struct nilfs_cpfile_header {
__le64 ch_ncheckpoints;
@@ -272,11 +273,11 @@
NILFS_SEGMENT_USAGE_ERROR,
};
#define NILFS_SEGMENT_USAGE_FNS(flag,name) static inline void nilfs_segment_usage_set_ ##name(struct nilfs_segment_usage * su) \
-{ su->su_flags = cpu_to_le32(le32_to_cpu(su->su_flags) | (1UL << NILFS_SEGMENT_USAGE_ ##flag)); \
+{ su->su_flags = __cpu_to_le32(__le32_to_cpu(su->su_flags) | (1UL << NILFS_SEGMENT_USAGE_ ##flag)); \
} static inline void nilfs_segment_usage_clear_ ##name(struct nilfs_segment_usage * su) \
-{ su->su_flags = cpu_to_le32(le32_to_cpu(su->su_flags) & ~(1UL << NILFS_SEGMENT_USAGE_ ##flag)); \
+{ su->su_flags = __cpu_to_le32(__le32_to_cpu(su->su_flags) & ~(1UL << NILFS_SEGMENT_USAGE_ ##flag)); \
} static inline int nilfs_segment_usage_ ##name(const struct nilfs_segment_usage * su) \
-{ return ! ! (le32_to_cpu(su->su_flags) & (1UL << NILFS_SEGMENT_USAGE_ ##flag)); \
+{ return ! ! (__le32_to_cpu(su->su_flags) & (1UL << NILFS_SEGMENT_USAGE_ ##flag)); \
}
struct nilfs_sufile_header {
__le64 sh_ncleansegs;
diff --git a/libc/kernel/uapi/linux/version.h b/libc/kernel/uapi/linux/version.h
index 815f53d..94bf4ba 100644
--- a/libc/kernel/uapi/linux/version.h
+++ b/libc/kernel/uapi/linux/version.h
@@ -16,5 +16,5 @@
***
****************************************************************************
****************************************************************************/
-#define LINUX_VERSION_CODE 328192
+#define LINUX_VERSION_CODE 328198
#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))
diff --git a/libc/kernel/uapi/linux/videodev2.h b/libc/kernel/uapi/linux/videodev2.h
index e6df45c..f77c6bd 100644
--- a/libc/kernel/uapi/linux/videodev2.h
+++ b/libc/kernel/uapi/linux/videodev2.h
@@ -210,7 +210,7 @@
#define V4L2_PIX_FMT_RGBX444 v4l2_fourcc('R', 'X', '1', '2')
#define V4L2_PIX_FMT_ABGR444 v4l2_fourcc('A', 'B', '1', '2')
#define V4L2_PIX_FMT_XBGR444 v4l2_fourcc('X', 'B', '1', '2')
-#define V4L2_PIX_FMT_BGRA444 v4l2_fourcc('B', 'A', '1', '2')
+#define V4L2_PIX_FMT_BGRA444 v4l2_fourcc('G', 'A', '1', '2')
#define V4L2_PIX_FMT_BGRX444 v4l2_fourcc('B', 'X', '1', '2')
#define V4L2_PIX_FMT_RGB555 v4l2_fourcc('R', 'G', 'B', 'O')
#define V4L2_PIX_FMT_ARGB555 v4l2_fourcc('A', 'R', '1', '5')
diff --git a/libc/libc.map.txt b/libc/libc.map.txt
index c3b9e2c..9b39bb8 100644
--- a/libc/libc.map.txt
+++ b/libc/libc.map.txt
@@ -1493,6 +1493,8 @@
cnd_signal;
cnd_timedwait;
cnd_wait;
+ memfd_create;
+ mlock2;
mtx_destroy;
mtx_init;
mtx_lock;
diff --git a/libc/malloc_debug/Android.bp b/libc/malloc_debug/Android.bp
index d6b8531..2bff260 100644
--- a/libc/malloc_debug/Android.bp
+++ b/libc/malloc_debug/Android.bp
@@ -27,6 +27,12 @@
},
native_coverage: false,
+ target: {
+ android: {
+ static_libs: ["libc++demangle"],
+ },
+ },
+
// -Wno-error=format-zero-length needed for gcc to compile.
cflags: [
"-Wall",
diff --git a/libc/private/WriteProtected.h b/libc/private/WriteProtected.h
index d240e14..26c239c 100644
--- a/libc/private/WriteProtected.h
+++ b/libc/private/WriteProtected.h
@@ -47,11 +47,11 @@
WriteProtectedContents<T> contents;
int set_protection(int prot) {
- auto addr = reinterpret_cast<uintptr_t>(&contents);
+ auto addr = &contents;
#if __has_feature(hwaddress_sanitizer)
// The mprotect system call does not currently untag pointers, so do it
// ourselves.
- addr &= (1ULL << 56) - 1;
+ addr = untag_address(addr);
#endif
return mprotect(reinterpret_cast<void*>(addr), PAGE_SIZE, prot);
}
diff --git a/libc/private/bionic_globals.h b/libc/private/bionic_globals.h
index d73079e..ef735ba 100644
--- a/libc/private/bionic_globals.h
+++ b/libc/private/bionic_globals.h
@@ -88,6 +88,10 @@
TlsModules tls_modules;
BionicAllocator tls_allocator;
+ // Values passed from the HWASan runtime (via libc.so) to the loader.
+ void (*load_hook)(ElfW(Addr) base, const ElfW(Phdr)* phdr, ElfW(Half) phnum) = nullptr;
+ void (*unload_hook)(ElfW(Addr) base, const ElfW(Phdr)* phdr, ElfW(Half) phnum) = nullptr;
+
// Values passed from the linker to libc.so.
const char* init_progname = nullptr;
char** init_environ = nullptr;
diff --git a/libc/private/bionic_macros.h b/libc/private/bionic_macros.h
index 4800e3a..13934e5 100644
--- a/libc/private/bionic_macros.h
+++ b/libc/private/bionic_macros.h
@@ -87,3 +87,12 @@
#else
#define __BIONIC_FALLTHROUGH
#endif
+
+template <typename T>
+static inline T* untag_address(T* p) {
+#if defined(__aarch64__)
+ return reinterpret_cast<T*>(reinterpret_cast<uintptr_t>(p) & ((1ULL << 56) - 1));
+#else
+ return p;
+#endif
+}
diff --git a/libdl/libdl_cfi.cpp b/libdl/libdl_cfi.cpp
index 1446143..3b68fc7 100644
--- a/libdl/libdl_cfi.cpp
+++ b/libdl/libdl_cfi.cpp
@@ -44,11 +44,8 @@
}
static uint16_t shadow_load(void* p) {
- uintptr_t addr = reinterpret_cast<uintptr_t>(p);
-#ifdef __aarch64__
// Untag the pointer to move it into the address space covered by the shadow.
- addr &= (1ULL << 56) - 1;
-#endif
+ uintptr_t addr = reinterpret_cast<uintptr_t>(untag_address(p));
uintptr_t ofs = CFIShadow::MemToShadowOffset(addr);
if (ofs > CFIShadow::kShadowSize) return CFIShadow::kInvalidShadow;
return *reinterpret_cast<uint16_t*>(shadow_base_storage.v + ofs);
diff --git a/linker/Android.bp b/linker/Android.bp
index 5e7a921..e2cdd14 100644
--- a/linker/Android.bp
+++ b/linker/Android.bp
@@ -177,11 +177,6 @@
"-Wextra",
"-Wunused",
"-Werror",
-
- // Define _USING_LIBCXX so <stdatomic.h> defers to the <atomic> header. When a Soong module
- // uses the platform libc++, Soong automatically passes this macro, but the dynamic linker
- // links against libc++ manually.
- "-D_USING_LIBCXX",
],
// TODO: split out the asflags.
@@ -300,7 +295,10 @@
target: {
android: {
- static_libs: ["libdebuggerd_handler_fallback"],
+ static_libs: [
+ "libc++demangle",
+ "libdebuggerd_handler_fallback",
+ ],
},
},
compile_multilib: "both",
diff --git a/linker/ld.config.format.md b/linker/ld.config.format.md
index faf5cc8..f9fbcde 100644
--- a/linker/ld.config.format.md
+++ b/linker/ld.config.format.md
@@ -25,7 +25,7 @@
## Example
```
-# The following line maps section to a dir. Binraies ran from this location will use namespaces
+# The following line maps section to a dir. Binaries ran from this location will use namespaces
# configuration specified in [example_section] below
dir.example_section=/system/bin/example
@@ -38,7 +38,7 @@
# default value is false
enable.target.sdk.version = true
-# This property can be used to declare additional namespaces.Note that there is always the default
+# This property can be used to declare additional namespaces. Note that there is always the default
# namespace. The default namespace is the namespace for the main executable. This list is
# comma-separated.
additional.namespaces = ns1
@@ -65,7 +65,7 @@
# This declares linked namespaces - comma separated list.
namespace.default.links = ns1
-# For every link define list of shared libraries. This is list of the libraries accessilbe from
+# For every link define list of shared libraries. This is list of the libraries accessible from
# default namespace but loaded in the linked namespace.
namespace.default.link.ns1.shared_libs = libexternal.so:libother.so
diff --git a/linker/linker.cpp b/linker/linker.cpp
index df7dd40..d581dd8 100644
--- a/linker/linker.cpp
+++ b/linker/linker.cpp
@@ -76,6 +76,7 @@
static std::unordered_map<void*, size_t> g_dso_handle_counters;
+static bool g_anonymous_namespace_set = false;
static android_namespace_t* g_anonymous_namespace = &g_default_namespace;
static std::unordered_map<std::string, android_namespace_t*> g_exported_namespaces;
@@ -90,6 +91,8 @@
static const char* const kLdConfigFilePath = "/system/etc/ld.config.txt";
static const char* const kLdConfigVndkLiteFilePath = "/system/etc/ld.config.vndk_lite.txt";
+static const char* const kLdGeneratedConfigFilePath = "/dev/linkerconfig/ld.config.txt";
+
#if defined(__LP64__)
static const char* const kSystemLibDir = "/system/lib64";
static const char* const kOdmLibDir = "/odm/lib64";
@@ -270,8 +273,6 @@
static std::vector<std::string> g_ld_preload_names;
-static bool g_anonymous_namespace_initialized;
-
#if STATS
struct linker_stats_t {
int count[kRelocMax];
@@ -951,7 +952,9 @@
}
soinfo* find_containing_library(const void* p) {
- ElfW(Addr) address = reinterpret_cast<ElfW(Addr)>(p);
+ // Addresses within a library may be tagged if they point to globals. Untag
+ // them so that the bounds check succeeds.
+ ElfW(Addr) address = reinterpret_cast<ElfW(Addr)>(untag_address(p));
for (soinfo* si = solist_get_head(); si != nullptr; si = si->next) {
if (address < si->base || address - si->base >= si->size) {
continue;
@@ -1901,6 +1904,9 @@
// flag is set.
link_extinfo = extinfo;
}
+ if (__libc_shared_globals()->load_hook) {
+ __libc_shared_globals()->load_hook(si->load_bias, si->phdr, si->phnum);
+ }
if (!si->link_image(global_group, local_group, link_extinfo, &relro_fd_offset) ||
!get_cfi_shadow()->AfterLoad(si, solist_get_head())) {
return false;
@@ -2039,6 +2045,9 @@
si);
notify_gdb_of_unload(si);
unregister_soinfo_tls(si);
+ if (__libc_shared_globals()->unload_hook) {
+ __libc_shared_globals()->unload_hook(si->load_bias, si->phdr, si->phnum);
+ }
get_cfi_shadow()->BeforeUnload(si);
soinfo_free(si);
}
@@ -2471,14 +2480,29 @@
return 0;
}
-bool init_anonymous_namespace(const char* shared_lib_sonames, const char* library_search_path) {
- if (g_anonymous_namespace_initialized) {
- DL_ERR("anonymous namespace has already been initialized.");
- return false;
+// Make ns as the anonymous namespace that is a namespace used when
+// we fail to determine the caller address (e.g., call from mono-jited code)
+// Since there can be multiple anonymous namespace in a process, subsequent
+// call to this function causes an error.
+static bool set_anonymous_namespace(android_namespace_t* ns) {
+ if (!g_anonymous_namespace_set && ns != nullptr) {
+ CHECK(ns->is_also_used_as_anonymous());
+ g_anonymous_namespace = ns;
+ g_anonymous_namespace_set = true;
+ return true;
}
+ return false;
+}
+// TODO(b/130388701) remove this. Currently, this is used only for testing
+// where we don't have classloader namespace.
+bool init_anonymous_namespace(const char* shared_lib_sonames, const char* library_search_path) {
ProtectedDataGuard guard;
+ // Test-only feature: we need to change the anonymous namespace multiple times
+ // while the test is running.
+ g_anonymous_namespace_set = false;
+
// create anonymous namespace
// When the caller is nullptr - create_namespace will take global group
// from the anonymous namespace, which is fine because anonymous namespace
@@ -2488,21 +2512,18 @@
"(anonymous)",
nullptr,
library_search_path,
- ANDROID_NAMESPACE_TYPE_ISOLATED,
+ ANDROID_NAMESPACE_TYPE_ISOLATED |
+ ANDROID_NAMESPACE_TYPE_ALSO_USED_AS_ANONYMOUS,
nullptr,
&g_default_namespace);
- if (anon_ns == nullptr) {
- return false;
- }
+ CHECK(anon_ns != nullptr);
if (!link_namespaces(anon_ns, &g_default_namespace, shared_lib_sonames)) {
+ // TODO: delete anon_ns
return false;
}
- g_anonymous_namespace = anon_ns;
- g_anonymous_namespace_initialized = true;
-
return true;
}
@@ -2542,6 +2563,7 @@
ns->set_name(name);
ns->set_isolated((type & ANDROID_NAMESPACE_TYPE_ISOLATED) != 0);
ns->set_greylist_enabled((type & ANDROID_NAMESPACE_TYPE_GREYLIST_ENABLED) != 0);
+ ns->set_also_used_as_anonymous((type & ANDROID_NAMESPACE_TYPE_ALSO_USED_AS_ANONYMOUS) != 0);
if ((type & ANDROID_NAMESPACE_TYPE_SHARED) != 0) {
// append parent namespace paths.
@@ -2573,6 +2595,16 @@
ns->set_default_library_paths(std::move(default_library_paths));
ns->set_permitted_paths(std::move(permitted_paths));
+ if (ns->is_also_used_as_anonymous() && !set_anonymous_namespace(ns)) {
+ DL_ERR("failed to set namespace: [name=\"%s\", ld_library_path=\"%s\", default_library_paths=\"%s\""
+ " permitted_paths=\"%s\"] as the anonymous namespace",
+ ns->get_name(),
+ android::base::Join(ns->get_ld_library_paths(), ':').c_str(),
+ android::base::Join(ns->get_default_library_paths(), ':').c_str(),
+ android::base::Join(ns->get_permitted_paths(), ':').c_str());
+ return nullptr;
+ }
+
return ns;
}
@@ -4142,6 +4174,13 @@
}
#endif
+ // Use generated linker config if flag is set
+ // TODO(b/138920271) Do not check property once it is confirmed as stable
+ if (android::base::GetBoolProperty("sys.linker.use_generated_config", false) &&
+ file_exists(kLdGeneratedConfigFilePath)) {
+ return kLdGeneratedConfigFilePath;
+ }
+
std::string path = get_ld_config_file_apex_path(executable_path);
if (!path.empty()) {
if (file_exists(path.c_str())) {
diff --git a/linker/linker.h b/linker/linker.h
index 782da1c..89390b3 100644
--- a/linker/linker.h
+++ b/linker/linker.h
@@ -165,6 +165,13 @@
*/
ANDROID_NAMESPACE_TYPE_GREYLIST_ENABLED = 0x08000000,
+ /* This flag instructs linker to use this namespace as the anonymous
+ * namespace. There can be only one anonymous namespace in a process. If there
+ * already an anonymous namespace in the process, using this flag when
+ * creating a new namespace causes an error
+ */
+ ANDROID_NAMESPACE_TYPE_ALSO_USED_AS_ANONYMOUS = 0x10000000,
+
ANDROID_NAMESPACE_TYPE_SHARED_ISOLATED = ANDROID_NAMESPACE_TYPE_SHARED |
ANDROID_NAMESPACE_TYPE_ISOLATED,
};
diff --git a/linker/linker_main.cpp b/linker/linker_main.cpp
index 11d3d29..fd1592d 100644
--- a/linker/linker_main.cpp
+++ b/linker/linker_main.cpp
@@ -63,6 +63,8 @@
static void get_elf_base_from_phdr(const ElfW(Phdr)* phdr_table, size_t phdr_count,
ElfW(Addr)* base, ElfW(Addr)* load_bias);
+static void set_bss_vma_name(soinfo* si);
+
// These should be preserved static to avoid emitting
// RELATIVE relocations for the part of the code running
// before linker links itself.
@@ -366,6 +368,8 @@
si->set_main_executable();
init_link_map_head(*si);
+ set_bss_vma_name(si);
+
// Use the executable's PT_INTERP string as the solinker filename in the
// dynamic linker's module list. gdb reads both PT_INTERP and the module list,
// and if the paths for the linker are different, gdb will report that the
@@ -570,6 +574,31 @@
async_safe_fatal("Could not find a PHDR: broken executable?");
}
+/*
+ * Set anonymous VMA name for .bss section. For DSOs loaded by the linker, this
+ * is done by ElfReader. This function is here for DSOs loaded by the kernel,
+ * namely the linker itself and the main executable.
+ */
+static void set_bss_vma_name(soinfo* si) {
+ for (size_t i = 0; i < si->phnum; ++i) {
+ auto phdr = &si->phdr[i];
+
+ if (phdr->p_type != PT_LOAD) {
+ continue;
+ }
+
+ ElfW(Addr) seg_start = phdr->p_vaddr + si->load_bias;
+ ElfW(Addr) seg_page_end = PAGE_END(seg_start + phdr->p_memsz);
+ ElfW(Addr) seg_file_end = PAGE_END(seg_start + phdr->p_filesz);
+
+ if (seg_page_end > seg_file_end) {
+ prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME,
+ reinterpret_cast<void*>(seg_file_end), seg_page_end - seg_file_end,
+ ".bss");
+ }
+ }
+}
+
// Detect an attempt to run the linker on itself. e.g.:
// /system/bin/linker64 /system/bin/linker64
// Use priority-1 to run this constructor before other constructors.
@@ -660,6 +689,9 @@
// couldn't make system calls on x86 at that point, but we can now...
if (!tmp_linker_so.protect_relro()) __linker_cannot_link(args.argv[0]);
+ // And we can set VMA name for the bss section now
+ set_bss_vma_name(&tmp_linker_so);
+
// Initialize the linker's static libc's globals
__libc_init_globals();
diff --git a/linker/linker_namespaces.h b/linker/linker_namespaces.h
index 215ad05..9561bb4 100644
--- a/linker/linker_namespaces.h
+++ b/linker/linker_namespaces.h
@@ -72,7 +72,10 @@
struct android_namespace_t {
public:
- android_namespace_t() : is_isolated_(false), is_greylist_enabled_(false) {}
+ android_namespace_t() :
+ is_isolated_(false),
+ is_greylist_enabled_(false),
+ is_also_used_as_anonymous_(false) {}
const char* get_name() const { return name_.c_str(); }
void set_name(const char* name) { name_ = name; }
@@ -83,6 +86,9 @@
bool is_greylist_enabled() const { return is_greylist_enabled_; }
void set_greylist_enabled(bool enabled) { is_greylist_enabled_ = enabled; }
+ bool is_also_used_as_anonymous() const { return is_also_used_as_anonymous_; }
+ void set_also_used_as_anonymous(bool yes) { is_also_used_as_anonymous_ = yes; }
+
const std::vector<std::string>& get_ld_library_paths() const {
return ld_library_paths_;
}
@@ -164,6 +170,7 @@
std::string name_;
bool is_isolated_;
bool is_greylist_enabled_;
+ bool is_also_used_as_anonymous_;
std::vector<std::string> ld_library_paths_;
std::vector<std::string> default_library_paths_;
std::vector<std::string> permitted_paths_;
diff --git a/linker/linker_sdk_versions.cpp b/linker/linker_sdk_versions.cpp
index b06f3e6..29c0f4a 100644
--- a/linker/linker_sdk_versions.cpp
+++ b/linker/linker_sdk_versions.cpp
@@ -26,10 +26,13 @@
* SUCH DAMAGE.
*/
-#include "linker.h"
-#include <android/api-level.h>
#include <atomic>
+#include <android/api-level.h>
+#include <android/fdsan.h>
+
+#include "linker.h"
+
static std::atomic<int> g_target_sdk_version(__ANDROID_API__);
void set_application_target_sdk_version(int target) {
@@ -38,6 +41,10 @@
target = __ANDROID_API__;
}
g_target_sdk_version = target;
+
+ if (target < 30) {
+ android_fdsan_set_error_level_from_property(ANDROID_FDSAN_ERROR_LEVEL_WARN_ONCE);
+ }
}
int get_application_target_sdk_version() {
diff --git a/tests/dlext_test.cpp b/tests/dlext_test.cpp
index 67ebf37..e7274f7 100644
--- a/tests/dlext_test.cpp
+++ b/tests/dlext_test.cpp
@@ -29,9 +29,7 @@
#include <android-base/file.h>
#include <android-base/strings.h>
-#include <linux/memfd.h>
#include <sys/mman.h>
-#include <sys/syscall.h>
#include <sys/types.h>
#include <sys/vfs.h>
#include <sys/wait.h>
@@ -363,8 +361,10 @@
uint32_t* taxicab_number = reinterpret_cast<uint32_t*>(dlsym(handle_, "dlopen_testlib_taxicab_number"));
ASSERT_DL_NOTNULL(taxicab_number);
- EXPECT_GE(reinterpret_cast<void*>(taxicab_number), start);
- EXPECT_LT(reinterpret_cast<void*>(taxicab_number), reinterpret_cast<char*>(start) + kLibSize);
+ // Untag the pointer so that it can be compared with start, which will be untagged.
+ void* addr = reinterpret_cast<void*>(untag_address(taxicab_number));
+ EXPECT_GE(addr, start);
+ EXPECT_LT(addr, reinterpret_cast<char*>(start) + kLibSize);
EXPECT_EQ(1729U, *taxicab_number);
}
@@ -942,7 +942,7 @@
const std::string lib_path = GetTestlibRoot() + "/libtest_simple.so";
// create memfd
- int memfd = syscall(__NR_memfd_create, "foobar", MFD_CLOEXEC);
+ int memfd = memfd_create("foobar", MFD_CLOEXEC);
if (memfd == -1 && errno == ENOSYS) {
return;
}
diff --git a/tests/leak_test.cpp b/tests/leak_test.cpp
index 6005209..3cc1a0a 100644
--- a/tests/leak_test.cpp
+++ b/tests/leak_test.cpp
@@ -17,6 +17,7 @@
#include <err.h>
#include <inttypes.h>
#include <pthread.h>
+#include <sched.h>
#include <stdio.h>
#include <string.h>
#include <sys/mman.h>
@@ -30,26 +31,28 @@
#include <vector>
#include <android-base/macros.h>
+#include <android-base/threads.h>
#include "utils.h"
using namespace std::chrono_literals;
-static void WaitUntilAllExited(pid_t* pids, size_t pid_count) {
+static void WaitUntilAllThreadsExited(pid_t* tids, size_t tid_count) {
// Wait until all children have exited.
bool alive = true;
while (alive) {
alive = false;
- for (size_t i = 0; i < pid_count; ++i) {
- if (pids[i] != 0) {
- if (kill(pids[i], 0) == 0) {
+ for (size_t i = 0; i < tid_count; ++i) {
+ if (tids[i] != 0) {
+ if (tgkill(getpid(), tids[i], 0) == 0) {
alive = true;
} else {
EXPECT_EQ(errno, ESRCH);
- pids[i] = 0; // Skip in next loop.
+ tids[i] = 0; // Skip in next loop.
}
}
}
+ sched_yield();
}
}
@@ -155,7 +158,7 @@
pthread_barrier_wait(&barrier);
ASSERT_EQ(pthread_barrier_destroy(&barrier), 0);
- WaitUntilAllExited(tids, arraysize(tids));
+ WaitUntilAllThreadsExited(tids, threads_count);
// A native bridge implementation might need a warm up pass to reach a steady state.
// http://b/37920774.
diff --git a/tests/libs/segment_gap_outer.lds b/tests/libs/segment_gap_outer.lds
index b4e5aaa..0f175af 100644
--- a/tests/libs/segment_gap_outer.lds
+++ b/tests/libs/segment_gap_outer.lds
@@ -21,6 +21,6 @@
# Place end_of_gap at the end of the gap.
. = 0x1000000;
.bss.end_of_gap : {
- *(.bss.end_of_gap);
+ *(.bss.*end_of_gap*);
}
}
diff --git a/tests/sys_mman_test.cpp b/tests/sys_mman_test.cpp
index 0b98198..e403ea5 100644
--- a/tests/sys_mman_test.cpp
+++ b/tests/sys_mman_test.cpp
@@ -230,7 +230,10 @@
TEST(sys_mman, mremap_PTRDIFF_MAX) {
void* map = mmap(nullptr, PAGE_SIZE, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
ASSERT_NE(MAP_FAILED, map);
+
ASSERT_EQ(MAP_FAILED, mremap(map, PAGE_SIZE, kHuge, MREMAP_MAYMOVE));
+
+ ASSERT_EQ(0, munmap(map, PAGE_SIZE));
}
TEST(sys_mman, mmap_bug_27265969) {
@@ -239,3 +242,61 @@
// Some kernels had bugs that would cause segfaults here...
__builtin___clear_cache(base, base + (PAGE_SIZE * 2));
}
+
+TEST(sys_mman, mlock) {
+ void* map = mmap(nullptr, PAGE_SIZE, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+ ASSERT_NE(MAP_FAILED, map);
+
+ // Not really anything we can assert about this.
+ mlock(map, PAGE_SIZE);
+
+ ASSERT_EQ(0, munmap(map, PAGE_SIZE));
+}
+
+TEST(sys_mman, mlock2) {
+#if defined(__GLIBC__)
+ GTEST_SKIP() << "needs glibc 2.27";
+#else
+ void* map = mmap(nullptr, PAGE_SIZE, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+ ASSERT_NE(MAP_FAILED, map);
+
+ // Not really anything we can assert about this.
+ mlock2(map, PAGE_SIZE, MLOCK_ONFAULT);
+
+ ASSERT_EQ(0, munmap(map, PAGE_SIZE));
+#endif
+}
+
+TEST(sys_mman, memfd_create) {
+#if defined(__GLIBC__)
+ GTEST_SKIP() << "needs glibc 2.27";
+#else
+ // Is the MFD_CLOEXEC flag obeyed?
+ errno = 0;
+ int fd = memfd_create("doesn't matter", 0);
+ if (fd == -1) {
+ ASSERT_EQ(ENOSYS, errno);
+ GTEST_SKIP() << "no memfd_create available";
+ }
+ int f = fcntl(fd, F_GETFD);
+ ASSERT_NE(-1, f);
+ ASSERT_FALSE(f & FD_CLOEXEC);
+ close(fd);
+
+ errno = 0;
+ fd = memfd_create("doesn't matter", MFD_CLOEXEC);
+ f = fcntl(fd, F_GETFD);
+ ASSERT_NE(-1, f);
+ ASSERT_TRUE(f & FD_CLOEXEC);
+
+ // Can we read and write?
+ std::string expected("hello, world!");
+ ASSERT_TRUE(android::base::WriteStringToFd(expected, fd));
+ ASSERT_EQ(0, lseek(fd, 0, SEEK_SET));
+ std::string actual;
+ ASSERT_TRUE(android::base::ReadFdToString(fd, &actual));
+ ASSERT_EQ(expected, actual);
+
+ close(fd);
+#endif
+}