| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Test: Added a file like this locally and the upload hook didn't care
Bug: None
Change-Id: I4c33f2517a9a83c7797d3ea9074fffeedf85dcaa
|
|
Rather than "whatever people have installed as 'python' on their machine".
I've removed check-symbols.py because that's been broken for years and
we never even noticed, and I'm not sure it's worth fixing.
Test: treehugger, manual
Change-Id: Ieb996bbdf790a18d4b1fb46a409cc240ba2a2a49
|
|
Test: Fixes bp2build; bazel build //bionic/...
Change-Id: I6ab66e99935b962f1ff99e478c0f55188f31b495
|
|
Test: build/bazel/scripts/milestone-2/demo.sh full
Test: bazel query //bionic/...
Change-Id: I737574766be898279d8bf6f3f0adb43dcc40c220
|
|
Test: lunch aosp_flame && USE_BAZEL_ANALYSIS=1 m libc
Test: lunch aosp_flame && USE_BAZEL_ANALYSIS=1 m crtbegin_so1
Change-Id: I12380ef9294f8b7c3b00ea700d804c1abde7ad04
|
|
Added SPDX-license-identifier-Apache-2.0 to:
apex/Android.bp
libdl/Android.bp
tools/Android.bp
tools/versioner/Android.bp
tools/versioner/src/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
benchmarks/Android.bp
benchmarks/linker_relocation/gen/Android.bp
libc/malloc_debug/Android.bp
libc/system_properties/Android.bp
tests/Android.bp
tests/libs/Android.bp
tests/libs/Android.build.dlext_testzip.mk
tests/make_fortify_compile_test.mk
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
SPDX-license-identifier-ISC SPDX-license-identifier-MIT
legacy_notice legacy_unencumbered
to:
libc/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
SPDX-license-identifier-MIT legacy_unencumbered
to:
libm/Android.bp
Added SPDX-license-identifier-Apache-2.0 legacy_unencumbered
to:
libc/tools/Android.bp
Added SPDX-license-identifier-BSD
to:
benchmarks/linker_relocation/Android.bp
benchmarks/spawn/Android.bp
libc/async_safe/Android.bp
libc/malloc_hooks/Android.bp
libfdtrack/Android.bp
linker/Android.bp
tests/headers/Android.bp
tests/headers/posix/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: Ib05bcaa276b3aa71a7654ccbe8e67e1f16aec9f3
|
|
This reverts commit 48d43034d7b5a419ba56f052856696d53a7bd979.
Reason for revert: bionic is multiple projects, not just one.
Change-Id: Ib31e1bb8888cc85c6e7736c4e2a1d4652fd23935
|
|
Added SPDX-license-identifier-Apache-2.0 to:
libdl/Android.bp
tools/versioner/src/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
benchmarks/Android.bp
libc/malloc_debug/Android.bp
libc/system_properties/Android.bp
linker/Android.bp
tests/Android.bp
tests/libs/Android.bp
tests/libs/Android.build.dlext_testzip.mk
tests/make_fortify_compile_test.mk
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
SPDX-license-identifier-ISC SPDX-license-identifier-MIT
legacy_notice legacy_unencumbered
to:
Android.bp
libc/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
SPDX-license-identifier-ISC SPDX-license-identifier-MIT
legacy_unencumbered
to:
tools/Android.bp
tools/versioner/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
SPDX-license-identifier-MIT legacy_unencumbered
to:
libm/Android.bp
Added SPDX-license-identifier-Apache-2.0 legacy_unencumbered
to:
libc/tools/Android.bp
Added SPDX-license-identifier-BSD
to:
benchmarks/linker_relocation/Android.bp
benchmarks/spawn/Android.bp
libc/async_safe/Android.bp
libc/malloc_hooks/Android.bp
libfdtrack/Android.bp
tests/headers/Android.bp
tests/headers/posix/Android.bp
Added legacy_notice
to:
apex/Android.bp
benchmarks/linker_relocation/gen/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: I76cad00578b9b99180ee5dd1e04b4646d5c5fedf
|
|
Python module names should be lower case and not use hyphens (the
former is a convention, the latter is a requirement for importable
modules).
Also updates the shell script to always use Python 3 so we don't need
to maintain Python 2 compatibility.
Test: repo upload, in both a python 2 and python 3 virtualenv
Bug: None
Change-Id: I486e54a12686b4e528dc6c9c47af5c7a52a7b790
|
|
Test: treehugger
Test: pytest libc/tools
Bug: None
Change-Id: Idda7161bbd2e2f351e0750874dc4d766ef98cc2b
|
|
The genseccomp tests haven't been run since at least 2018. Deleted the
ones that are testing APIs that no longer exist or have been
refactored to take very different inputs.
Test: treehugger
Test: pytest tools
Bug: None
Change-Id: Iaf6b6b6a2e922b181a457a74eb4b5abe90425dfb
|
|
This is a manual refactoring to ensure that the modules respect package boundaries for input files.
Test: m gensseccomp genfunctosyscallnrs
Change-Id: I8ca6cbe85a50e41bfe874a899653c2309c59a822
|
|
Test: source build/envsetup.sh && lunch 16 && source
build/soong/bazel/bazelenv.sh && m, then verify ninja
file was based on intermediates from bazel-out
Change-Id: I89f320dd58083710012ea1f8e3902e723602ea37
|
|
The instruction "bti c" is added through ENTRY*() macro,
using __bionic_asm_custom_entry(f).
The .note.gnu.property section is added with the new macro
NOTE_GNU_PROPERTY(). BTI and PAuth features are automatically
selected based on the presence of __ARM_FEATURE_* macros.
Furthermore, gensyscalls.py got updated to append the new
macro to the generated syscalls-arm64.S.
Test: Tested on FVP with BTI enabled.
Change-Id: I40ffe294b8426421125fffd0a9758567d919a09d
|
|
Found manually with grep, since the script seems to miss stuff.
Test: treehugger
Change-Id: I5933cbade9792801d4a0bec1ccb077efa6ad8fbc
|
|
Considering none of the files in this directory are pylint clean I
don't think this is being used. They also seem to use a mix of styles
so we need to either unify or split things into subdirectories if we
want to use pylint here.
Test: None
Bug: http://b/161896447
Change-Id: I5bc298bd64d44cc10d3d28121666e7893222ea96
|
|
Also be quiet about public domain files unless asked to be verbose.
Test: ./libc/tools/generate-NOTICE.py
Change-Id: Ia7e4d42870b2ef4b0b77a11093eefa4f117bebaf
|
|
|
|
One turns out not to be used at all, and the pylintrc even uses the more
intention-revealing term in the machine readable part, just not the
comment!
Test: treehugger
Change-Id: I4db7f1cf4fa1aa8ee601857e4e4c400e2119887c
|
|
blacklist and whitelist are replaced with blocklist and allowlist
respectively.
Test: CtsSeccompHostTestCases
Change-Id: I39d9eda89038d1addbdaed59284a254a34cea1c6
|
|
Allow to provide a list of prioritized syscalls (e.g., syscalls that we
know occur often) which are checked before other syscalls in seccomp.
When constructing the bpf seccomp filter, traverse prioritized syscalls
in a linear list before checking all other syscalls in a binary tree.
Bug: 156732794
Test: make, inspect generated *_system_policy.cpp files
Test: simpleperf on futex/ioctl-heavy app seems to show 5-10% less time
spent in seccomp call
Change-Id: I509343bcd32ada90c0591785ab5cb12d2a38c31e
(cherry picked from commit ce84677733c18bc442f7f1b2f1840117c904db70)
|
|
Test: treehugger
Change-Id: Iceb1c22d82b4d402166c3712b5b8b48a30937c6d
|
|
These just cause confusion because they often have different
values/layouts, but they're never actually used.
Test: treehugger
Change-Id: I424034088e017c919f62fcefa7d6d3f903f31cfb
|
|
bionic/libc/Android.bp.
Test: Built and tested bionic.
Change-Id: Ibb25990b2b1b5c18edfdaaab4f1593fa8d95f338
|
|
Never used, and incompatible with having bionic in a mainline module.
Test: builds
Change-Id: If377f66cc105fd3a1ec4d9c92330fa6a2d2c145c
|
|
Plain __ for generated syscalls didn't mean it was a hidden symbol, it
just meant "please don't use this". We added ___ to signify that a
hidden symbol should be generated, but then we added the map files
anyway so you now have to explicitly export symbols. Given that, this
convention serves no particular purpose so we may as well just use the
nicer names have everything look the same.
Test: treehugger
Change-Id: If424e17a49c36f4be545f5d283c4561a6ea9c7ea
|
|
The libstdc++ directory has no copyright headers, so it was a no-op
anyway.
The interesting part will be switching libc and libm over to genrules...
Test: N/A
Change-Id: Iec92562af40c451fdcb4a7468984878ec5dba2ce
|
|
There's no need to check in generated code.
Test: builds & boots
Change-Id: Ife368bca4349d4adeb0666db590356196b4fbd63
|
|
...all the better to switch to a genrule rather than checking in
generated source.
This also removes all the code in the script to deal with git,
rather than fix it. We won't need that where we're going.
Test: boots
Change-Id: I468ce019d4232a7ef27e5cb5cfd89f4c2fe4ecbd
|
|
Test: update_all.py
Change-Id: Iaa92dce263197f5a0e7d2dce5e00a31372dcb3e9
|
|
Test: Builds and boots on taimen.
Change-Id: I13843bf1ab30ea89a50852adc88f2cba8401bded
|
|
Bionic maps typical C functions like setresuid() to a syscall,
depending on the architecture used. This tool generates a .h
file that maps all bionic functions in SYSCALLS.txt to the
syscall number used on a particular architecture. It can then
be used to generate correct seccomp policy at runtime.
Example output in func_to_syscall_nrs.h:
Bug: 111434506
Test: manually inspect func_to_syscall_nrs.h
Change-Id: I8bc5c1cb17a2e7b5c534b2e0496411f2d419ad86
|
|
We shouldn't be checking in these generated files...
Bug: N/A
Test: ran tests
Change-Id: Ib67c1ba839eacd7acebd713e1dcd4dd2c25d67f0
|
|
Bug: N/A
Test: updating the generated stubs is a no-op
Change-Id: I7f6f9bcfd8c054f0a2d7e5f488eacb88cefb8d15
|
|
This change avoids having to run the genseccomp.py script every time a
policy file is edited, and instead generates these files at
compile-time.
Bug: None
Test: m
Test: find out/soong/ -name x86_64_global_policy.cpp # Shows files
Test: generated policies are equivalent to original policies
Change-Id: I12461fe0c5fb02c008c1b2503fbb994b8aa2f56b
|
|
This change makes it possible to invoke this tool without having to
fiddle with the path.
Bug: None
Test: ./bionic/libc/tools/genseccomp.py # Succeeded
Change-Id: Ib24d70abc973fe774cda4209e46a5b66ae7617be
|
|
This reverts commit 253a8306316cedfd6fd3e3a169fbffe4cac04035 and moves
us forward to a revision that contains fixes for the problem with the
previous attempt.
This also makes sincos(3)/sincosf(3)/sincosl(3) available to `_BSD_SOURCE`
as well as `_GNU_SOURCE`.
The new FreeBSD libm code requires the FreeBSD `__CONCAT` macro, and all
our existing callers are FreeBSD too, so update that.
There's also an assumption that <complex.h> drags in <math.h> which isn't
true for us, so work around that with `-include` in the makefile. This
then causes clang to recognize a bug -- returning from a void function --
in our fake (LP32) sincosl(3), so fix that too.
Bug: http://b/111710419
Change-Id: I84703ad844f8afde6ec6b11604ab3c096ccb62c3
Test: ran tests
|
|
This reverts commit f86ee10278116d211cfb08679416444e0e714cb5.
Incorrect result for fmodf(3.0f, 0f) = 1.0f breaks ART tests.
Bug: 111710419
Test: art/test/testrunner/testrunner.py -b -t 436-rem-float --target
Change-Id: I7eae68fb92740db33415d16418447bcbbd98ecba
|
|
This includes an ld128 powl, plus the clog* and cpow* families.
Also teach the NOTICE generator to strip SPDX-License-Identifier lines.
Bug: N/A
Test: ran tests
Change-Id: Ic8289d1253666a19468a4088884cf7540f1ec66d
|
|
Test: build, run some app
Bug: 63944145
Change-Id: I13eb56f923732e110851dec02eaa11f6cb44535c
|
|
To pave the way to reducing app's kernel attack surface, this change
split the single filter into one for system and one for apps. Note that
there is current no change between them.
Zygote will apply these filters appropriately to system server and apps.
Keep set_seccomp_filter() for now until the caller has switched to the
new API, which I will do immediately after this before the two filters
diverse.
Also remove get_seccomp_filter() since it doesn't seem to be used
anyway.
Test: diff the generated code, no difference except the variable names
Test: cts -m CtsSecurityTestCases -t android.security.cts.SeccompTest
Bug: 63944145
Change-Id: Id8ba05a87332c92ec697926af77bc5742eb04b23
|
|
|
|
Bug: N/A
Test: N/A
Change-Id: Iacc741d18fedbca7c6e8da9d2c64f3d86f9d136b
|
|
I was unable to find a single use of this anywhere, and the networking
folks point out https://tools.ietf.org/html/rfc6093:
"""
5. Advice to New Applications Employing TCP
As a result of the issues discussed in Section 3.2 and Section 3.4,
new applications SHOULD NOT employ the TCP urgent mechanism.
"""
Applications that think they want to do these tricksy things should be
referred to section 3.4, wherein it's noted that these semantics are
effectively dead and it's middleboxes what killed 'em:
"""
3.4. Interaction of Middleboxes with TCP Urgent Indications
As a result of the publication of Network Intrusion Detection System
(NIDS) evasion techniques based on TCP urgent indications [phrack],
some middleboxes clear the urgent indications by clearing the URG
flag and setting the Urgent Pointer to zero. This causes the "urgent
data" to become "in line" (that is, accessible by the read(2) call or
the recv(2) call without the MSG_OOB flag) in the case of those TCP
implementations that interpret the TCP urgent mechanism as a facility
for delivering "out-of-band" data (as described in Section 3.1). An
example of such a middlebox is the Cisco PIX firewall [Cisco-PIX].
This should discourage applications from depending on urgent
indications for their correct operation, as urgent indications may
not be reliable in the current Internet.
"""
Bug: N/A
Test: N/A
Change-Id: I73280db1d803bb7bd93954c13c653fa0cd3daff9
|
|
They're POSIX, and they're implemented in iOS and glibc, but they're
not actually used in any codebase I have access to. They're *defined*
in several places, and some of those places have a handful of tests,
but I couldn't find a single genuine caller.
Bug: N/A
Test: N/A
Change-Id: Id3e2c36183fcff323aa5a2e3a3dabaa8378fae56
|
|
Fallout from the unified sysroot work.
Bug: N/A
Test: builds
Change-Id: If0595a241b9ce0d8c8c7137ddaf8fca932487b7c
|
|
They're marked obsolescent in POSIX, don't clearly mean anything, aren't
portable because the values don't mean anything, and are no-ops in other
C libraries that do "implement" them.
Bug: N/A
Test: N/A
Change-Id: I07342a0a6a5f6616a8432bfea24ed944c7971d27
|
|
We have no utmp, and we're ignoring getutxent/setutxent, and endutxent
belongs in the same group.
Bug: N/A
Test: N/A
Change-Id: Ide032960a0f95750f3bb8f2e62a25e5e7d25c7b6
|
|
<machine/asm.h> was internal use only.
<machine/fenv.h> is quite large, but can live in <bits/...>.
<machine/regdef.h> is trivially replaced by saying $x instead of x in
our assembler.
<machine/setjmp.h> is trivially inlined into <setjmp.h>.
<sgidefs.h> is unused.
Bug: N/A
Test: builds
Change-Id: Id05dbab43a2f9537486efb8f27a5ef167b055815
|
