1. 24 Jun, 2022 3 commits
    • Ruben's avatar
      Remove rootcap.h include from bionic_allocator.cpp · d02b2f0f
      Ruben authored
      The rootcap isn't actually used in the module.
      The include should have been removed earlier.
      
      Change-Id: Idf01562d9fb2983c802d36d72de746cecf531dba
      d02b2f0f
    • Ruben's avatar
      CFI is currently not supported in Pure-cap · 527c0779
      Ruben authored
      Update cfi_check_addr to reflect this and mark the CFI tests correspondingly.
      This also removes last use of rootcap in Bionic.
      
      Change-Id: I23c235827d45c7ea1d4fe877e014d707280ddd50
      527c0779
    • Ruben's avatar
      Update link.r_debug: don't use rootcap. · 92762503
      Ruben authored
      Use dl_iterate_phdr to find base pointer of the DSO containing _r_debug
      and to use it to derive capability for reading the structure. This is
      needed because the Elf64_Dyn::d_un::d_ptr/d_val are 64-bit values which
      can't hold a capability. However, this is only affecting the test and
      doesn't make a difference for a debugger looking for the structure
      since the debugger would operate in another address space.
      
      Change-Id: Ic15fa47b0d3425d2fe92e386bd09937415f1ab48
      92762503
  2. 20 Jun, 2022 6 commits
    • Ruben's avatar
      Update dlext.ns_anonymous: don't use rootcap. · 57a449c4
      Ruben authored
      Use dl_iterate_phdr to find base pointer of the library and to derive
      the correct capability per maps record combining this pointer and the
      address/size from the records.
      
      Change-Id: Ia0c2b61b20184cce02227577ba0a5524fe2dbec9
      57a449c4
    • Ruben's avatar
      pthread_getattr_np: don't use rootcap. · 02f2372f
      Ruben authored
      Use saved stack capability to derive the
      pthread_attr_t::stack_base in pthread_getattr_np
      for the main thread.
      
      Change-Id: Iaece9cca6832a67f6630d2b9268158a00d17bcad
      02f2372f
    • Ruben's avatar
      Update apply_gnu_relro: don't use rootcap · 41bbb430
      Ruben authored
      Use capability derived from AT_CHERI_EXEC_RX_CAP instead.
      
      Change-Id: Idd6907f111bbc2ded8c4e5a7043a123dea7ba891
      41bbb430
    • Ruben's avatar
      Update __bionic_get_tls_segment: don't use rootcap · 292244b8
      Ruben authored
      Use capability derived from AT_CHERI_EXEC_RX_CAP instead.
      
      Change-Id: I788d9d7c07680b1fc6f671cd3b296c1673e37191
      292244b8
    • Ruben's avatar
      Fix dlfcn.segment_gap in Pure-cap · fbc83204
      Ruben authored
      The test assumes that a DSO can request android_dlopen_ext with
      reserved address pointing into a gap between its segments.
      However, with the new Linux kernel-user ABI the request is
      refused since the DSO can't provide a valid capability for the
      range corresponding to the gap between its segments.
      
      Support this case via checking if the reserved address pointer
      is not a valid capability and at the same time points into within
      the DSO that invoked android_dlopen_ext, and deriving capability from the
      DSO's base in that case. Otherwise, make sure capability metadata is
      cleared.
      
      Change-Id: I4ab7d96bbc276994231f9f64ddf630530ce75af8
      fbc83204
    • Ruben's avatar
      Change dlpi_addr/l_addr: ElfW(Addr) -> uintptr_t · 49a5ce5e
      Ruben authored
      Change-Id: I87d6fb4a9bda5b9f1989268b5da974f018468d1b
      49a5ce5e
  3. 14 Jun, 2022 1 commit
  4. 26 May, 2022 2 commits
    • Oliver Swede's avatar
      Remove dynamic dispatch for arm64 · c546c63a
      Oliver Swede authored
      Use alternative versions of the functions from
      external/arm-optimized-routines.
      
      This has no effect given definitions in external/arm-optimized-routines
      as the ifuncs would just be ignored, however we can still remove the
      dynamic dispatch for simplicity.
      
      Change-Id: Icb702424661ed1c2eb33008ff4d52e04b6fcc49c
      c546c63a
    • Oliver Swede's avatar
      Remove static dispatch for arm64 · 67d47eff
      Oliver Swede authored
      Use alternative versions of the functions from
      external/arm-optimized-routines.
      
      Change-Id: Ie6f57618afc165e2e8fcc40903623d80468f4c68
      67d47eff
  5. 25 May, 2022 1 commit
    • Oliver Swede's avatar
      Import optimized string routines · 242beadc
      Oliver Swede authored
      This imports the optimized versions of memcpy, memmove and memset for
      Hybrid-cap and Pure-cap, and memcmp for Hybrid-cap.
      
      These optimized functions are included from
      external/arm-optimized-routines.
      
      The corresponding unoptimized functions defined in string_cap.cpp are
      excluded by this patch.
      
      Morello support is already available in the fallthrough functions at
      arch-arm64/generic/bionic/__mem{set,cpy}_chk.S.
      
      Change-Id: I6a304e923b2d2ec982f503523b2309aff5e68580
      242beadc
  6. 16 May, 2022 2 commits
  7. 09 May, 2022 1 commit
    • Ruben's avatar
      Remove ioctl.cpp · bbc4f105
      Ruben authored
      Change-Id: I3d725be52e743876c54b5bbd8a946d6314f85c91
      bbc4f105
  8. 20 Apr, 2022 2 commits
    • Ruben's avatar
      Backport 'Reland "Use the dynamic table instead of __rela?_iplt_* to find the... · fb4c1085
      Ruben authored
      Backport 'Reland "Use the dynamic table instead of __rela?_iplt_* to find the linker's IRELATIVE relocs." with a fix.'
      
      Original commit message:
          Reland "Use the dynamic table instead of __rela?_iplt_* to find the linker's IRELATIVE relocs." with a fix.
      
          A recent change to lld [1] made it so that the __rela?_iplt_*
          symbols are no longer defined for PIEs and shared libraries. Since
          the linker is a PIE, this prevents it from being able to look up
          its own relocations via these symbols. We don't need these symbols
          to find the relocations however, as their location is available via
          the dynamic table. Therefore, start using the dynamic table to find
          the relocations instead of using the symbols.
      
          Previously landed in r.android.com/1801427 and reverted in
          r.android.com/1804876 due to linux-bionic breakage. This time,
          search .rela.dyn as well as .rela.plt, since the linker may put the
          relocations in either location (see [2]).
      
          [1] https://github.com/llvm/llvm-project/commit/f8cb78e99aae9aa3f89f7bfe667db2c5b767f21f
          [2] https://reviews.llvm.org/D65651
      
          Bug: 197420743
          Change-Id: I5bef157472e9893822e3ca507ef41a15beefc6f1
      Author of the original commit: Peter Collingbourne <pcc@google.com>
      
      Change-Id: Ic1ba1cec29e64d9021dfee2c2b24299a66857335
      fb4c1085
    • Ruben's avatar
      Add missing stdint.h include at bits/elf_morello.h · fc1dd41a
      Ruben authored
      Change-Id: I46169da110a76ef1d9e9a1e3cfccac6371e2c607
      fc1dd41a
  9. 31 Jan, 2022 6 commits
  10. 19 Jan, 2022 2 commits
  11. 10 Jan, 2022 1 commit
    • Branislav Rankov's avatar
      linker: Do not use --exclude-libs=ALL · 0aa6a9d2
      Branislav Rankov authored
      The latest lld ignores the version script when --exclude-libs is
      used. We need to keep symbols of libshim global, so we exclude all
      other libs by name.
      
      Change-Id: Ide0763b39d077f83104d2ba6cce12555d0f02f3d
      0aa6a9d2
  12. 16 Dec, 2021 1 commit
  13. 15 Dec, 2021 1 commit
  14. 10 Dec, 2021 1 commit
  15. 09 Dec, 2021 5 commits
    • Ruben's avatar
      Adjust fragment information for executable symbols · c9f2e902
      Ruben authored
      The linker fragment for RELATIVE/IRELATIVE relocations
      should be specifying the bounds which are to be used in
      combination with the addend to figure out the bounds and
      address.
      
      Until the linker change which is implementing this approach
      is merged, the base in the fragment specifies the target address
      rather than base.
      
      Once the linker change is merged, this patch should be reverted.
      
      Change-Id: I37ded9145ba17c2fd1b143cbfe8ab205fe520688
      c9f2e902
    • Ruben's avatar
      Refine deriving ifunc resolver in static build · eb08b0ab
      Ruben authored
      Derive the ifunc resolver capability from AT_CHERI_EXEC_RX_CAP based on
      the information in the Morello linker fragment and the addend value.
      
      Change-Id: Ib7062903a5c5da8649a0c23c3670307b33617a35
      eb08b0ab
    • Ruben's avatar
      Move Morello fragment definitions to elf_morello.h · c2abf9d6
      Ruben authored
      The Morello linker fragment format is also to be used in conjunction
      with the IRELATIVE .rela.iplt entries. Therefore moving these
      definitions to bits/elf_morello.h.
      
      Change-Id: I737ac780c1bf63cc3b752fbfaf0a766fc9b7d9da
      c2abf9d6
    • Ruben's avatar
      Add definitions for AT_CHERI auxv members · 192ea678
      Ruben authored
      The experimental AT_CHERI auxv members were added in libshim.
      The numbers are currently matching the libshim definition, however
      might be changed in future.
      
      Change-Id: I75c3c4026b2a1c38fbcd5ecbf383a78d3da2a1ae
      192ea678
    • Ruben's avatar
      linker: refine Pure-cap relocations handling · abde3101
      Ruben authored
      - for the relative relocations:
        -- the address field in the fragments for Morello relocations should
           be interpreted as the base of the region to be referred to by
           capability described by the relocation;
        -- the base summed with addend determines the address value of the
           described capability.
      
      - independently, for any relocations related to a symbol, the
        base and length information in the fragment should be ignored.
        The base and length values for the capability are to be figured out
        based on the symbol information.
      
      - simplify apply_morello_reloc -> construct_morello_reloc call chain:
        construct_morello_reloc is replaced by cap_for_reloc and application
        of the relocation is performed within soinfo::relocate (i.e. in the
        same way as for the AArch64 relocations)
      
      Change-Id: I47d70c947b4d137f5de834ec19989399ed278314
      abde3101
  16. 07 Dec, 2021 2 commits
    • Ruben's avatar
      linker: remove soinfo::build_cap_with_* · 131db74e
      Ruben authored
      The dynamic linker now derives the capabilities from the mmap-returned
      value instead of rootcap or DDC.
      
      Remove unnecessary references to rootcap.h from the linker.
      
      Change-Id: I48506d5277f9c68960eef2623f6ea6dffeeee55c
      131db74e
    • Ruben's avatar
      linker: don't use build_cap* for ifunc resolver · ed2bf357
      Ruben authored
      During the dynamic linkage, derive the ifunc resolver capability
      from the capability provided by mmap.
      
      Change-Id: I912ad8ba581e5c527e9064bdf4b3b0c5ddb19c9c
      ed2bf357
  17. 13 Oct, 2021 1 commit
  18. 29 Sep, 2021 1 commit
    • Ruben's avatar
      Morello: export seccomp filters in seccomp_bpfs.h · 50bcf9ab
      Ruben authored
      This adds a missing part of the
      Ida3898e8853163f11e38dd0b78c41ea9b65d3f0c which only added libseccomp
      targets for Morello but didn't allow building those.
      
      Change-Id: I44dd308f6257018354802f680b0c04ddc69596f9
      50bcf9ab
  19. 24 Aug, 2021 1 commit