Merge changes I8b25accf,I59013f0c,I6c881e5d,I66826f31,I552692ae, ... into rvc-dev
* changes:
fdtrack: add wrapper for socketpair.
fdtrack: add wrapper for eventfd.
fdtrack: add wrappers for epoll_create, epoll_create1.
fdtrack: add wrappers for pipe, pipe2.
fdtrack: add tests for individual wrappers.
fdtrack: don't destroy traces.
diff --git a/libc/Android.bp b/libc/Android.bp
index 9086de2..85e2ff0 100644
--- a/libc/Android.bp
+++ b/libc/Android.bp
@@ -1698,6 +1698,7 @@
symbol_file: "libc.map.txt",
versions: [
"29",
+ "R",
"10000",
],
},
@@ -1779,6 +1780,18 @@
ramdisk_available: true,
recovery_available: true,
native_bridge_supported: true,
+ apex_available: [
+ "//apex_available:platform",
+ "//apex_available:anyapex",
+ ],
+ visibility: [
+ ":__subpackages__", // visible to bionic
+ // ... and only to these places (b/152668052)
+ "//external/gwp_asan",
+ "//external/libunwind_llvm",
+ "//system/core/property_service/libpropertyinfoparser",
+ "//system/extras/toolchain-extras",
+ ],
no_libcrt: true,
stl: "none",
@@ -1910,6 +1923,10 @@
ramdisk_available: true,
recovery_available: true,
native_bridge_supported: true,
+ apex_available: [
+ "//apex_available:platform",
+ "//apex_available:anyapex",
+ ],
cflags: [
"-Wno-gcc-compat",
diff --git a/libc/async_safe/Android.bp b/libc/async_safe/Android.bp
index 7df6ab9..98da2cc 100644
--- a/libc/async_safe/Android.bp
+++ b/libc/async_safe/Android.bp
@@ -18,6 +18,15 @@
export_include_dirs: ["include"],
export_header_lib_headers: ["liblog_headers"],
stl: "none",
+
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.runtime",
+ "com.android.art.debug",
+ "com.android.art.release",
+ "com.android.media",
+ "com.android.media.swcodec",
+ ],
}
cc_library_headers {
@@ -31,4 +40,9 @@
system_shared_libs: [],
stl: "none",
+
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.runtime",
+ ],
}
diff --git a/libc/bionic/malloc_tagged_pointers.h b/libc/bionic/malloc_tagged_pointers.h
index 212459b..de3cc2e 100644
--- a/libc/bionic/malloc_tagged_pointers.h
+++ b/libc/bionic/malloc_tagged_pointers.h
@@ -43,10 +43,11 @@
// is also deliberately different from the standard pattern-init tag (0xAA), as
// to be distinguishable from an uninitialized-pointer access. The first and
// second nibbles are also deliberately designed to be the bitset-mirror of each
-// other (0b1100, 0b0011) in order to reduce incidental matches. Users must not
-// rely on the implementation-defined value of this pointer tag, as it may
-// change.
-static constexpr uintptr_t POINTER_TAG = 0x3C;
+// other (0b1011, 0b0100) in order to reduce incidental matches. We also ensure
+// that the top bit is set, as this catches incorrect code that assumes that a
+// "negative" pointer indicates error. Users must not rely on the
+// implementation-defined value of this pointer tag, as it may change.
+static constexpr uintptr_t POINTER_TAG = 0xB4;
static constexpr unsigned UNTAG_SHIFT = 40;
static constexpr unsigned CHECK_SHIFT = 48;
static constexpr unsigned TAG_SHIFT = 56;
diff --git a/libc/include/netinet/icmp6.h b/libc/include/netinet/icmp6.h
index 43ec521..2b237a8 100644
--- a/libc/include/netinet/icmp6.h
+++ b/libc/include/netinet/icmp6.h
@@ -280,6 +280,8 @@
#define ND_OPT_ROUTE_INFO 24 /* RFC 4191 */
#define ND_OPT_RDNSS 25 /* RFC 6016 */
#define ND_OPT_DNSSL 31 /* RFC 6016 */
+#define ND_OPT_CAPTIVE_PORTAL 37 /* RFC 7710 */
+#define ND_OPT_PREF64 38 /* RFC-ietf-6man-ra-pref64-09 */
struct nd_opt_route_info { /* route info */
u_int8_t nd_opt_rti_type;
@@ -335,6 +337,19 @@
/* followed by list of IP prefixes */
} __packed;
+struct nd_opt_captive_portal { /* CAPTIVE PORTAL option RFC 7710 */
+ u_int8_t nd_opt_captive_portal_type; // ND_OPT_CAPTIVE_PORTAL
+ u_int8_t nd_opt_captive_portal_len; // in 8 byte units
+ u_int8_t nd_opt_captive_portal_uri[]; // 6 + n*8 bytes
+} __packed;
+
+struct nd_opt_pref64 { /* PREF64 option RFC-ietf-6man-ra-pref64-09 */
+ u_int8_t nd_opt_pref64_type; // ND_OPT_PREF64
+ u_int8_t nd_opt_pref64_len; // 8 byte units, thus '2'
+ u_int16_t nd_opt_pref64_lifetime_plc; // net endian, 13 + 3 bits
+ u_int8_t nd_opt_pref64_prefix[12]; // top 96 bits
+} __packed;
+
/*
* icmp6 namelookup
*/
diff --git a/libc/private/ScopedSignalBlocker.h b/libc/private/ScopedSignalBlocker.h
index ce0ae64..f6ba9ed 100644
--- a/libc/private/ScopedSignalBlocker.h
+++ b/libc/private/ScopedSignalBlocker.h
@@ -20,20 +20,26 @@
#include "platform/bionic/macros.h"
+// This code needs to really block all the signals, not just the user-visible
+// ones. We call __rt_sigprocmask(2) directly so we don't mask out our own
+// signals (https://issuetracker.google.com/153624226 was a pthread_exit(3)
+// crash because a request to dump the thread's stack came in as it was exiting).
+extern "C" int __rt_sigprocmask(int, const sigset64_t*, sigset64_t*, size_t);
+
class ScopedSignalBlocker {
public:
// Block all signals.
explicit ScopedSignalBlocker() {
sigset64_t set;
sigfillset64(&set);
- sigprocmask64(SIG_BLOCK, &set, &old_set_);
+ __rt_sigprocmask(SIG_BLOCK, &set, &old_set_, sizeof(sigset64_t));
}
// Block just the specified signal.
explicit ScopedSignalBlocker(int signal) {
sigset64_t set = {};
sigaddset64(&set, signal);
- sigprocmask64(SIG_BLOCK, &set, &old_set_);
+ __rt_sigprocmask(SIG_BLOCK, &set, &old_set_, sizeof(sigset64_t));
}
~ScopedSignalBlocker() {
@@ -41,7 +47,7 @@
}
void reset() {
- sigprocmask64(SIG_SETMASK, &old_set_, nullptr);
+ __rt_sigprocmask(SIG_SETMASK, &old_set_, nullptr, sizeof(sigset64_t));
}
sigset64_t old_set_;
diff --git a/linker/dlfcn.cpp b/linker/dlfcn.cpp
index 228e30a..ec6850a 100644
--- a/linker/dlfcn.cpp
+++ b/linker/dlfcn.cpp
@@ -279,10 +279,12 @@
}
android_namespace_t* __loader_android_get_exported_namespace(const char* name) {
+ ScopedPthreadMutexLocker locker(&g_dl_mutex);
return get_exported_namespace(name);
}
void __loader_cfi_fail(uint64_t CallSiteTypeId, void* Ptr, void *DiagData, void *CallerPc) {
+ ScopedPthreadMutexLocker locker(&g_dl_mutex);
CFIShadowWriter::CfiFail(CallSiteTypeId, Ptr, DiagData, CallerPc);
}
diff --git a/tests/cfi_test.cpp b/tests/cfi_test.cpp
index e155e1a..792f917 100644
--- a/tests/cfi_test.cpp
+++ b/tests/cfi_test.cpp
@@ -18,6 +18,8 @@
#include <gtest/gtest.h>
#include <sys/stat.h>
+#include <vector>
+
#include "BionicDeathTest.h"
#include "gtest_globals.h"
#include "utils.h"
@@ -35,6 +37,14 @@
static void f() {}
+static void test_cfi_slowpath_with_alloc() {
+ std::vector<void*> allocs;
+ for (size_t i = 0; i < 1000; i++) {
+ allocs.push_back(malloc(4096));
+ __cfi_slowpath(46, allocs.back());
+ }
+}
+
TEST(cfi_test, basic) {
#if defined(__BIONIC__)
void* handle;
@@ -88,10 +98,11 @@
// CFI check for a stack address. This is always invalid and gets the process killed.
EXPECT_DEATH(__cfi_slowpath(45, reinterpret_cast<void*>(&c)), "");
- // CFI check for a heap address. This is always invalid and gets the process killed.
- void* p = malloc(4096);
- EXPECT_DEATH(__cfi_slowpath(46, p), "");
- free(p);
+ // CFI check for a heap address.
+ // It's possible that this allocation could wind up in the same CFI granule as
+ // an unchecked library, which means the below might not crash. To force a
+ // crash keep allocating up to a max until there is a crash.
+ EXPECT_DEATH(test_cfi_slowpath_with_alloc(), "");
// Check all the addresses.
const size_t bss_size = 1024 * 1024;