1. 24 Jun, 2022 3 commits
    • Ruben's avatar
      Remove rootcap.h include from bionic_allocator.cpp · d02b2f0f
      Ruben authored
      The rootcap isn't actually used in the module.
      The include should have been removed earlier.
      Change-Id: Idf01562d9fb2983c802d36d72de746cecf531dba
    • Ruben's avatar
      CFI is currently not supported in Pure-cap · 527c0779
      Ruben authored
      Update cfi_check_addr to reflect this and mark the CFI tests correspondingly.
      This also removes last use of rootcap in Bionic.
      Change-Id: I23c235827d45c7ea1d4fe877e014d707280ddd50
    • Ruben's avatar
      Update link.r_debug: don't use rootcap. · 92762503
      Ruben authored
      Use dl_iterate_phdr to find base pointer of the DSO containing _r_debug
      and to use it to derive capability for reading the structure. This is
      needed because the Elf64_Dyn::d_un::d_ptr/d_val are 64-bit values which
      can't hold a capability. However, this is only affecting the test and
      doesn't make a difference for a debugger looking for the structure
      since the debugger would operate in another address space.
      Change-Id: Ic15fa47b0d3425d2fe92e386bd09937415f1ab48
  2. 20 Jun, 2022 6 commits
    • Ruben's avatar
      Update dlext.ns_anonymous: don't use rootcap. · 57a449c4
      Ruben authored
      Use dl_iterate_phdr to find base pointer of the library and to derive
      the correct capability per maps record combining this pointer and the
      address/size from the records.
      Change-Id: Ia0c2b61b20184cce02227577ba0a5524fe2dbec9
    • Ruben's avatar
      pthread_getattr_np: don't use rootcap. · 02f2372f
      Ruben authored
      Use saved stack capability to derive the
      pthread_attr_t::stack_base in pthread_getattr_np
      for the main thread.
      Change-Id: Iaece9cca6832a67f6630d2b9268158a00d17bcad
    • Ruben's avatar
      Update apply_gnu_relro: don't use rootcap · 41bbb430
      Ruben authored
      Use capability derived from AT_CHERI_EXEC_RX_CAP instead.
      Change-Id: Idd6907f111bbc2ded8c4e5a7043a123dea7ba891
    • Ruben's avatar
      Update __bionic_get_tls_segment: don't use rootcap · 292244b8
      Ruben authored
      Use capability derived from AT_CHERI_EXEC_RX_CAP instead.
      Change-Id: I788d9d7c07680b1fc6f671cd3b296c1673e37191
    • Ruben's avatar
      Fix dlfcn.segment_gap in Pure-cap · fbc83204
      Ruben authored
      The test assumes that a DSO can request android_dlopen_ext with
      reserved address pointing into a gap between its segments.
      However, with the new Linux kernel-user ABI the request is
      refused since the DSO can't provide a valid capability for the
      range corresponding to the gap between its segments.
      Support this case via checking if the reserved address pointer
      is not a valid capability and at the same time points into within
      the DSO that invoked android_dlopen_ext, and deriving capability from the
      DSO's base in that case. Otherwise, make sure capability metadata is
      Change-Id: I4ab7d96bbc276994231f9f64ddf630530ce75af8
    • Ruben's avatar
      Change dlpi_addr/l_addr: ElfW(Addr) -> uintptr_t · 49a5ce5e
      Ruben authored
      Change-Id: I87d6fb4a9bda5b9f1989268b5da974f018468d1b
  3. 14 Jun, 2022 1 commit
  4. 26 May, 2022 2 commits
    • Oliver Swede's avatar
      Remove dynamic dispatch for arm64 · c546c63a
      Oliver Swede authored
      Use alternative versions of the functions from
      This has no effect given definitions in external/arm-optimized-routines
      as the ifuncs would just be ignored, however we can still remove the
      dynamic dispatch for simplicity.
      Change-Id: Icb702424661ed1c2eb33008ff4d52e04b6fcc49c
    • Oliver Swede's avatar
      Remove static dispatch for arm64 · 67d47eff
      Oliver Swede authored
      Use alternative versions of the functions from
      Change-Id: Ie6f57618afc165e2e8fcc40903623d80468f4c68
  5. 25 May, 2022 1 commit
    • Oliver Swede's avatar
      Import optimized string routines · 242beadc
      Oliver Swede authored
      This imports the optimized versions of memcpy, memmove and memset for
      Hybrid-cap and Pure-cap, and memcmp for Hybrid-cap.
      These optimized functions are included from
      The corresponding unoptimized functions defined in string_cap.cpp are
      excluded by this patch.
      Morello support is already available in the fallthrough functions at
      Change-Id: I6a304e923b2d2ec982f503523b2309aff5e68580
  6. 16 May, 2022 2 commits
  7. 09 May, 2022 1 commit
    • Ruben's avatar
      Remove ioctl.cpp · bbc4f105
      Ruben authored
      Change-Id: I3d725be52e743876c54b5bbd8a946d6314f85c91
  8. 20 Apr, 2022 2 commits
    • Ruben's avatar
      Backport 'Reland "Use the dynamic table instead of __rela?_iplt_* to find the... · fb4c1085
      Ruben authored
      Backport 'Reland "Use the dynamic table instead of __rela?_iplt_* to find the linker's IRELATIVE relocs." with a fix.'
      Original commit message:
          Reland "Use the dynamic table instead of __rela?_iplt_* to find the linker's IRELATIVE relocs." with a fix.
          A recent change to lld [1] made it so that the __rela?_iplt_*
          symbols are no longer defined for PIEs and shared libraries. Since
          the linker is a PIE, this prevents it from being able to look up
          its own relocations via these symbols. We don't need these symbols
          to find the relocations however, as their location is available via
          the dynamic table. Therefore, start using the dynamic table to find
          the relocations instead of using the symbols.
          Previously landed in r.android.com/1801427 and reverted in
          r.android.com/1804876 due to linux-bionic breakage. This time,
          search .rela.dyn as well as .rela.plt, since the linker may put the
          relocations in either location (see [2]).
          [1] https://github.com/llvm/llvm-project/commit/f8cb78e99aae9aa3f89f7bfe667db2c5b767f21f
          [2] https://reviews.llvm.org/D65651
          Bug: 197420743
          Change-Id: I5bef157472e9893822e3ca507ef41a15beefc6f1
      Author of the original commit: Peter Collingbourne <pcc@google.com>
      Change-Id: Ic1ba1cec29e64d9021dfee2c2b24299a66857335
    • Ruben's avatar
      Add missing stdint.h include at bits/elf_morello.h · fc1dd41a
      Ruben authored
      Change-Id: I46169da110a76ef1d9e9a1e3cfccac6371e2c607
  9. 31 Jan, 2022 6 commits
  10. 19 Jan, 2022 2 commits
  11. 10 Jan, 2022 1 commit
    • Branislav Rankov's avatar
      linker: Do not use --exclude-libs=ALL · 0aa6a9d2
      Branislav Rankov authored
      The latest lld ignores the version script when --exclude-libs is
      used. We need to keep symbols of libshim global, so we exclude all
      other libs by name.
      Change-Id: Ide0763b39d077f83104d2ba6cce12555d0f02f3d
  12. 16 Dec, 2021 1 commit
  13. 15 Dec, 2021 1 commit
  14. 10 Dec, 2021 1 commit
  15. 09 Dec, 2021 5 commits
    • Ruben's avatar
      Adjust fragment information for executable symbols · c9f2e902
      Ruben authored
      The linker fragment for RELATIVE/IRELATIVE relocations
      should be specifying the bounds which are to be used in
      combination with the addend to figure out the bounds and
      Until the linker change which is implementing this approach
      is merged, the base in the fragment specifies the target address
      rather than base.
      Once the linker change is merged, this patch should be reverted.
      Change-Id: I37ded9145ba17c2fd1b143cbfe8ab205fe520688
    • Ruben's avatar
      Refine deriving ifunc resolver in static build · eb08b0ab
      Ruben authored
      Derive the ifunc resolver capability from AT_CHERI_EXEC_RX_CAP based on
      the information in the Morello linker fragment and the addend value.
      Change-Id: Ib7062903a5c5da8649a0c23c3670307b33617a35
    • Ruben's avatar
      Move Morello fragment definitions to elf_morello.h · c2abf9d6
      Ruben authored
      The Morello linker fragment format is also to be used in conjunction
      with the IRELATIVE .rela.iplt entries. Therefore moving these
      definitions to bits/elf_morello.h.
      Change-Id: I737ac780c1bf63cc3b752fbfaf0a766fc9b7d9da
    • Ruben's avatar
      Add definitions for AT_CHERI auxv members · 192ea678
      Ruben authored
      The experimental AT_CHERI auxv members were added in libshim.
      The numbers are currently matching the libshim definition, however
      might be changed in future.
      Change-Id: I75c3c4026b2a1c38fbcd5ecbf383a78d3da2a1ae
    • Ruben's avatar
      linker: refine Pure-cap relocations handling · abde3101
      Ruben authored
      - for the relative relocations:
        -- the address field in the fragments for Morello relocations should
           be interpreted as the base of the region to be referred to by
           capability described by the relocation;
        -- the base summed with addend determines the address value of the
           described capability.
      - independently, for any relocations related to a symbol, the
        base and length information in the fragment should be ignored.
        The base and length values for the capability are to be figured out
        based on the symbol information.
      - simplify apply_morello_reloc -> construct_morello_reloc call chain:
        construct_morello_reloc is replaced by cap_for_reloc and application
        of the relocation is performed within soinfo::relocate (i.e. in the
        same way as for the AArch64 relocations)
      Change-Id: I47d70c947b4d137f5de834ec19989399ed278314
  16. 07 Dec, 2021 2 commits
    • Ruben's avatar
      linker: remove soinfo::build_cap_with_* · 131db74e
      Ruben authored
      The dynamic linker now derives the capabilities from the mmap-returned
      value instead of rootcap or DDC.
      Remove unnecessary references to rootcap.h from the linker.
      Change-Id: I48506d5277f9c68960eef2623f6ea6dffeeee55c
    • Ruben's avatar
      linker: don't use build_cap* for ifunc resolver · ed2bf357
      Ruben authored
      During the dynamic linkage, derive the ifunc resolver capability
      from the capability provided by mmap.
      Change-Id: I912ad8ba581e5c527e9064bdf4b3b0c5ddb19c9c
  17. 13 Oct, 2021 1 commit
  18. 29 Sep, 2021 1 commit
    • Ruben's avatar
      Morello: export seccomp filters in seccomp_bpfs.h · 50bcf9ab
      Ruben authored
      This adds a missing part of the
      Ida3898e8853163f11e38dd0b78c41ea9b65d3f0c which only added libseccomp
      targets for Morello but didn't allow building those.
      Change-Id: I44dd308f6257018354802f680b0c04ddc69596f9
  19. 24 Aug, 2021 1 commit