am 67636eea: am 40e7ed58: Unhide rtld_db_dlactivity()
* commit '67636eea20f7789e6689ee8cf6017e7d48735ca1':
Unhide rtld_db_dlactivity()
diff --git a/libc/Android.mk b/libc/Android.mk
index 46641d5..06d36fe 100644
--- a/libc/Android.mk
+++ b/libc/Android.mk
@@ -140,6 +140,10 @@
stdio/vsscanf.c \
stdio/wbuf.c \
stdio/wsetup.c \
+ stdio/__snprintf_chk.c \
+ stdio/__sprintf_chk.c \
+ stdio/__vsnprintf_chk.c \
+ stdio/__vsprintf_chk.c \
stdlib/_rand48.c \
stdlib/assert.c \
stdlib/atexit.c \
@@ -205,6 +209,15 @@
string/strtok.c \
string/strtotimeval.c \
string/strxfrm.c \
+ string/__memcpy_chk.c \
+ string/__memmove_chk.c \
+ string/__memset_chk.c \
+ string/__strcat_chk.c \
+ string/__strcpy_chk.c \
+ string/__strlcat_chk.c \
+ string/__strlcpy_chk.c \
+ string/__strncat_chk.c \
+ string/__strncpy_chk.c \
wchar/wcpcpy.c \
wchar/wcpncpy.c \
wchar/wcscasecmp.c \
@@ -516,8 +529,8 @@
libc_common_cflags += -DANDROID_SMP=0
endif
-# Needed to access private/__dso_handle.S from
-# crtbegin_xxx.S and crtend_xxx.S
+# Needed to access private/__dso_handle.h from
+# crtbegin_xxx.c and crtend_xxx.c
#
libc_crt_target_cflags += -I$(LOCAL_PATH)/private
@@ -530,11 +543,11 @@
libc_common_c_includes := \
$(LOCAL_PATH)/stdlib \
$(LOCAL_PATH)/string \
- $(LOCAL_PATH)/stdio
+ $(LOCAL_PATH)/stdio \
+ external/safe-iop/include
-# Needed to access private/__dso_handle.S from
+# Needed to access private/__dso_handle.h from
# crtbegin_xxx.S and crtend_xxx.S
-# and machine/asm.h
#
libc_crt_target_cflags += -I$(LOCAL_PATH)/private -I$(LOCAL_PATH)/arch-$(TARGET_ARCH)/include
@@ -556,17 +569,21 @@
#
libc_crt_target_so_cflags := $(libc_crt_target_cflags)
+libc_crt_target_crtstart_file := $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtbegin.c
+libc_crt_target_crtstart_so_file := $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtbegin_so.c
ifeq ($(TARGET_ARCH),x86)
# This flag must be added for x86 targets, but not for ARM
libc_crt_target_so_cflags += -fPIC
+ libc_crt_target_crtstart_file := $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtbegin.S
+ libc_crt_target_crtstart_so_file := $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtbegin_so.S
endif
-GEN := $(TARGET_OUT_STATIC_LIBRARIES)/crtbegin_so.o
-$(GEN): $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtbegin_so.S
+GEN := $(TARGET_OUT_INTERMEDIATE_LIBRARIES)/crtbegin_so.o
+$(GEN): $(libc_crt_target_crtstart_so_file)
@mkdir -p $(dir $@)
$(TARGET_CC) $(libc_crt_target_so_cflags) -o $@ -c $<
ALL_GENERATED_SOURCES += $(GEN)
-GEN := $(TARGET_OUT_STATIC_LIBRARIES)/crtend_so.o
+GEN := $(TARGET_OUT_INTERMEDIATE_LIBRARIES)/crtend_so.o
$(GEN): $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtend_so.S
@mkdir -p $(dir $@)
$(TARGET_CC) $(libc_crt_target_so_cflags) -o $@ -c $<
@@ -574,14 +591,14 @@
endif # TARGET_ARCH == x86 || TARGET_ARCH == arm
-GEN := $(TARGET_OUT_STATIC_LIBRARIES)/crtbegin_static.o
-$(GEN): $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtbegin_static.S
+GEN := $(TARGET_OUT_INTERMEDIATE_LIBRARIES)/crtbegin_static.o
+$(GEN): $(libc_crt_target_crtstart_file)
@mkdir -p $(dir $@)
$(TARGET_CC) $(libc_crt_target_cflags) -o $@ -c $<
ALL_GENERATED_SOURCES += $(GEN)
-GEN := $(TARGET_OUT_STATIC_LIBRARIES)/crtbegin_dynamic.o
-$(GEN): $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtbegin_dynamic.S
+GEN := $(TARGET_OUT_INTERMEDIATE_LIBRARIES)/crtbegin_dynamic.o
+$(GEN): $(libc_crt_target_crtstart_file)
@mkdir -p $(dir $@)
$(TARGET_CC) $(libc_crt_target_cflags) -o $@ -c $<
ALL_GENERATED_SOURCES += $(GEN)
@@ -589,7 +606,7 @@
# We rename crtend.o to crtend_android.o to avoid a
# name clash between gcc and bionic.
-GEN := $(TARGET_OUT_STATIC_LIBRARIES)/crtend_android.o
+GEN := $(TARGET_OUT_INTERMEDIATE_LIBRARIES)/crtend_android.o
$(GEN): $(LOCAL_PATH)/arch-$(TARGET_ARCH)/bionic/crtend.S
@mkdir -p $(dir $@)
$(TARGET_CC) $(libc_crt_target_cflags) -o $@ -c $<
@@ -679,12 +696,6 @@
# see libc/bionic/pthread_debug.c for details
LOCAL_CFLAGS := $(libc_common_cflags) -DPTHREAD_DEBUG -DPTHREAD_DEBUG_ENABLED=0
-
-ifeq ($(TARGET_ARCH),arm)
-# TODO: At some point, we need to remove this custom linker script.
-LOCAL_LDFLAGS := -Wl,-T,$(BUILD_SYSTEM)/armelf.xsc
-endif
-
LOCAL_C_INCLUDES := $(libc_common_c_includes)
LOCAL_SRC_FILES := \
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/arch-arm/bionic/atexit.h
similarity index 61%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/arch-arm/bionic/atexit.h
index beea685..d567bfc 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/arch-arm/bionic/atexit.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,28 @@
* SUCH DAMAGE.
*/
+/* CRT_LEGACY_WORKAROUND should only be defined when building
+ * this file as part of the platform's C library.
+ *
+ * The C library already defines a function named 'atexit()'
+ * for backwards compatibility with older NDK-generated binaries.
+ *
+ * For newer ones, 'atexit' is actually embedded in the C
+ * runtime objects that are linked into the final ELF
+ * binary (shared library or executable), and will call
+ * __cxa_atexit() in order to un-register any atexit()
+ * handler when a library is unloaded.
+ *
+ * This function must be global *and* hidden. Only the
+ * code inside the same ELF binary should be able to access it.
+ */
+
#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
+extern void *__dso_handle;
+
+__attribute__ ((visibility ("hidden")))
+int atexit(void (*func)(void))
+{
+ return (__cxa_atexit((void (*)(void *))func, (void *)0, &__dso_handle));
+}
#endif
diff --git a/libc/arch-arm/bionic/crtbegin.c b/libc/arch-arm/bionic/crtbegin.c
new file mode 100644
index 0000000..9dcd254
--- /dev/null
+++ b/libc/arch-arm/bionic/crtbegin.c
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+typedef struct
+{
+ void (**preinit_array)(void);
+ void (**init_array)(void);
+ void (**fini_array)(void);
+ void (**ctors_array)(void);
+} structors_array_t;
+
+extern int main(int argc, char **argv, char **env);
+
+extern void __libc_init(
+ unsigned int *elfdata,
+ void (*onexit)(void),
+ int (*slingshot)(int, char**, char**),
+ structors_array_t const * const structors
+);
+
+__attribute__ ((section (".preinit_array")))
+void (*__PREINIT_ARRAY__)(void) = (void (*)(void)) -1;
+
+__attribute__ ((section (".init_array")))
+void (*__INIT_ARRAY__)(void) = (void (*)(void)) -1;
+
+__attribute__ ((section (".fini_array")))
+void (*__FINI_ARRAY__)(void) = (void (*)(void)) -1;
+
+__attribute__ ((section (".ctors")))
+void (*__CTOR_LIST__)(void) = (void (*)(void)) -1;
+
+__attribute__((visbility("hidden")))
+void _start() {
+ structors_array_t array;
+ void *elfdata;
+
+ array.preinit_array = &__PREINIT_ARRAY__;
+ array.init_array = &__INIT_ARRAY__;
+ array.fini_array = &__FINI_ARRAY__;
+ array.ctors_array = &__CTOR_LIST__;
+
+ elfdata = __builtin_frame_address(0) + sizeof(void *);
+ __libc_init(elfdata, (void *) 0, &main, &array);
+}
+
+#include "__dso_handle.h"
+#include "atexit.h"
diff --git a/libc/arch-arm/bionic/crtbegin_dynamic.S b/libc/arch-arm/bionic/crtbegin_dynamic.S
deleted file mode 100644
index ec6d482..0000000
--- a/libc/arch-arm/bionic/crtbegin_dynamic.S
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Copyright (C) 2008 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
- .text
- .align 4
- .type _start,#function
- .globl _start
-
-# this is the small startup code that is first run when
-# any executable that is dynamically-linked with Bionic
-# runs.
-#
-# it's purpose is to call __libc_init with appropriate
-# arguments, which are:
-#
-# - the address of the raw data block setup by the Linux
-# kernel ELF loader
-#
-# - address of an "onexit" function, not used on any
-# platform supported by Bionic
-#
-# - address of the "main" function of the program.
-#
-# - address of the constructor list
-#
-_start:
- mov r0, sp
- mov r1, #0
- ldr r2, =main
- adr r3, 1f
- ldr r4, =__libc_init
- blx r4
- mov r0, #0
- bx r0
-
-1: .long __PREINIT_ARRAY__
- .long __INIT_ARRAY__
- .long __FINI_ARRAY__
- .long __CTOR_LIST__
-
- .section .preinit_array, "aw"
- .globl __PREINIT_ARRAY__
-__PREINIT_ARRAY__:
- .long -1
-
- .section .init_array, "aw"
- .globl __INIT_ARRAY__
-__INIT_ARRAY__:
- .long -1
-
- .section .fini_array, "aw"
- .globl __FINI_ARRAY__
-__FINI_ARRAY__:
- .long -1
-
- .section .ctors, "aw"
- .globl __CTOR_LIST__
-__CTOR_LIST__:
- .long -1
-
-#include "__dso_handle.S"
-#include "atexit.S"
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/arch-arm/bionic/crtbegin_so.c
similarity index 69%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/arch-arm/bionic/crtbegin_so.c
index beea685..57d19bf 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/arch-arm/bionic/crtbegin_so.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,18 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
+extern void __cxa_finalize(void *);
+extern void *__dso_handle;
+
+__attribute__((visbility("hidden")))
+void __on_dlclose() {
+ __cxa_finalize(&__dso_handle);
+}
+
+#ifdef CRT_LEGACY_WORKAROUND
+#include "__dso_handle.h"
+#else
+#include "__dso_handle_so.h"
#endif
+
+#include "atexit.h"
diff --git a/libc/arch-arm/bionic/crtbegin_static.S b/libc/arch-arm/bionic/crtbegin_static.S
deleted file mode 100644
index 087ce36..0000000
--- a/libc/arch-arm/bionic/crtbegin_static.S
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright (C) 2008 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
- .text
- .align 4
- .type _start,#function
- .globl _start
-
-# this is the small startup code that is first run when
-# any executable that is statically-linked with Bionic
-# runs.
-#
-# it's purpose is to call __libc_init with appropriate
-# arguments, which are:
-#
-# - the address of the raw data block setup by the Linux
-# kernel ELF loader
-#
-# - address of an "onexit" function, not used on any
-# platform supported by Bionic
-#
-# - address of the "main" function of the program.
-#
-# - address of the constructor list
-#
-_start:
- mov r0, sp
- mov r1, #0
- ldr r2, =main
- adr r3, 1f
- ldr r4, =__libc_init
- blx r4
- mov r0, #0
- bx r0
-
-1: .long __PREINIT_ARRAY__
- .long __INIT_ARRAY__
- .long __FINI_ARRAY__
- .long __CTOR_LIST__
-
- .section .preinit_array, "aw"
- .globl __PREINIT_ARRAY__
-__PREINIT_ARRAY__:
- .long -1
-
- .section .init_array, "aw"
- .globl __INIT_ARRAY__
-__INIT_ARRAY__:
- .long -1
-
- .section .fini_array, "aw"
- .globl __FINI_ARRAY__
-__FINI_ARRAY__:
- .long -1
-
- .section .ctors, "aw"
- .globl __CTOR_LIST__
-__CTOR_LIST__:
- .long -1
-
-
-#include "__dso_handle.S"
-#include "atexit.S"
diff --git a/libc/private/__dso_handle.S b/libc/arch-x86/bionic/__dso_handle.S
similarity index 100%
rename from libc/private/__dso_handle.S
rename to libc/arch-x86/bionic/__dso_handle.S
diff --git a/libc/private/__dso_handle_so.S b/libc/arch-x86/bionic/__dso_handle_so.S
similarity index 100%
rename from libc/private/__dso_handle_so.S
rename to libc/arch-x86/bionic/__dso_handle_so.S
diff --git a/libc/arch-x86/bionic/crtbegin_dynamic.S b/libc/arch-x86/bionic/crtbegin.S
similarity index 97%
rename from libc/arch-x86/bionic/crtbegin_dynamic.S
rename to libc/arch-x86/bionic/crtbegin.S
index 177244b..39b6af0 100644
--- a/libc/arch-x86/bionic/crtbegin_dynamic.S
+++ b/libc/arch-x86/bionic/crtbegin.S
@@ -30,8 +30,7 @@
.globl _start
# this is the small startup code that is first run when
-# any executable that is dynamically-linked with Bionic
-# runs.
+# any executable that is linked with Bionic runs.
#
# it's purpose is to call __libc_init with appropriate
# arguments, which are:
diff --git a/libc/arch-x86/bionic/crtbegin_static.S b/libc/arch-x86/bionic/crtbegin_static.S
deleted file mode 100644
index 4fffecd..0000000
--- a/libc/arch-x86/bionic/crtbegin_static.S
+++ /dev/null
@@ -1,138 +0,0 @@
-# bionic/arch-x86/bionic/crtbegin_static.S
-#
-# Copyright 2006, The Android Open Source Project
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are met:
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-# * Neither the name of Google Inc. nor the names of its contributors may
-# be used to endorse or promote products derived from this software
-# without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY Google Inc. ``AS IS'' AND ANY EXPRESS OR
-# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
-# EVENT SHALL Google Inc. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
- .text
- .align 4
- .type _start, @function
- .globl _start
-
-# this is the small startup code that is first run when
-# any executable that is statically-linked with Bionic
-# runs.
-#
-# it's purpose is to call __libc_init with appropriate
-# arguments, which are:
-#
-# - the address of the raw data block setup by the Linux
-# kernel ELF loader
-#
-# - address of an "onexit" function, not used on any
-# platform supported by Bionic
-#
-# - address of the "main" function of the program. We
-# can't hard-code it in the adr pseudo instruction
-# so we use a tiny trampoline that will get relocated
-# by the dynamic linker before this code runs
-#
-# - address of the constructor list
-#
-_start:
- mov %esp, %eax
- # before push arguments, align the stack to a 16 byte boundary
- andl $~15, %esp
- mov $1f, %edx
- pushl %edx
- mov $0f, %edx
- pushl %edx
- mov $0, %edx
- pushl %edx
- pushl %eax
- call __libc_init
-
-0: jmp main
-
-1: .long __PREINIT_ARRAY__
- .long __INIT_ARRAY__
- .long __FINI_ARRAY__
-
- .section .preinit_array, "aw"
- .globl __PREINIT_ARRAY__
-__PREINIT_ARRAY__:
- .long -1
-
- .section .init_array, "aw"
- .globl __INIT_ARRAY__
-__INIT_ARRAY__:
- .long -1
- .long frame_dummy
-
- .section .fini_array, "aw"
- .globl __FINI_ARRAY__
-__FINI_ARRAY__:
- .long -1
- .long __do_global_dtors_aux
-
- .section .eh_frame,"a",@progbits
- .align 4
- .type __EH_FRAME_BEGIN__, @object
-__EH_FRAME_BEGIN__:
- .text
- .p2align 4,,15
- .type __do_global_dtors_aux, @function
-__do_global_dtors_aux:
- pushl %ebp
- movl %esp, %ebp
- subl $24, %esp
- cmpb $0, completed.4454
- jne .L4
- movl $__deregister_frame_info_bases, %eax
- testl %eax, %eax
- je .L3
- movl $__EH_FRAME_BEGIN__, (%esp)
- call __deregister_frame_info_bases
-.L3:
- movb $1, completed.4454
-.L4:
- leave
- ret
- .text
- .p2align 4,,15
- .type frame_dummy, @function
-frame_dummy:
- pushl %ebp
- movl $__register_frame_info_bases, %eax
- movl %esp, %ebp
- subl $24, %esp
- testl %eax, %eax
- je .L7
- movl %ebx, 12(%esp)
- movl $0, 8(%esp)
- movl $object.4466, 4(%esp)
- movl $__EH_FRAME_BEGIN__, (%esp)
- call __register_frame_info_bases
-.L7:
- leave
- ret
- .local completed.4454
- .comm completed.4454,1,1
- .local object.4466
- .comm object.4466,24,4
- .weak __register_frame_info_bases
- .weak __deregister_frame_info_bases
-
-#include "__dso_handle.S"
-#include "atexit.S"
-#include "__stack_chk_fail_local.S"
diff --git a/libc/bionic/logd_write.c b/libc/bionic/logd_write.c
index 2bc39fa..ac71689 100644
--- a/libc/bionic/logd_write.c
+++ b/libc/bionic/logd_write.c
@@ -64,6 +64,7 @@
LOG_ID_NONE = 0,
LOG_ID_MAIN,
LOG_ID_RADIO,
+ LOG_ID_EVENTS,
LOG_ID_MAX
} log_id_t;
@@ -84,7 +85,8 @@
static log_channel_t log_channels[LOG_ID_MAX] = {
{ __write_to_log_null, -1, NULL },
{ __write_to_log_init, -1, "/dev/"LOGGER_LOG_MAIN },
- { __write_to_log_init, -1, "/dev/"LOGGER_LOG_RADIO }
+ { __write_to_log_init, -1, "/dev/"LOGGER_LOG_RADIO },
+ { __write_to_log_init, -1, "/dev/"LOGGER_LOG_EVENTS }
};
/* Important: see technical note at start of source file */
@@ -207,3 +209,41 @@
return -1;
}
+
+/*
+ * Event logging.
+ */
+
+// must be kept in sync with frameworks/base/core/java/android/util/EventLog.java
+typedef enum {
+ EVENT_TYPE_INT = 0,
+ EVENT_TYPE_LONG = 1,
+ EVENT_TYPE_STRING = 2,
+ EVENT_TYPE_LIST = 3,
+} AndroidEventLogType;
+
+static int __libc_android_log_btwrite(int32_t tag, char type, const void *payload, size_t len)
+{
+ struct iovec vec[3];
+
+ vec[0].iov_base = &tag;
+ vec[0].iov_len = sizeof(tag);
+ vec[1].iov_base = &type;
+ vec[1].iov_len = sizeof(type);
+ vec[2].iov_base = (void*)payload;
+ vec[2].iov_len = len;
+
+ return log_channels[LOG_ID_EVENTS].logger(LOG_ID_EVENTS, vec);
+}
+
+__LIBC_HIDDEN__
+void __libc_android_log_event_int(int32_t tag, int value)
+{
+ __libc_android_log_btwrite(tag, EVENT_TYPE_INT, &value, sizeof(value));
+}
+
+__LIBC_HIDDEN__
+void __libc_android_log_event_uid(int32_t tag)
+{
+ __libc_android_log_event_int(tag, getuid());
+}
diff --git a/libc/include/fcntl.h b/libc/include/fcntl.h
index 7219dd7..47151f4 100644
--- a/libc/include/fcntl.h
+++ b/libc/include/fcntl.h
@@ -49,6 +49,46 @@
extern int fcntl(int fd, int command, ...);
extern int creat(const char* path, mode_t mode);
+#if defined(__BIONIC_FORTIFY_INLINE)
+
+# if !defined(__clang__)
+/*
+ * Clang doesn't have support for __builtin_va_arg_pack()
+ * and __builtin_va_arg_pack_len()
+ *
+ * http://clang.llvm.org/docs/UsersManual.html#c_unimpl_gcc
+ */
+
+extern void __open_creat_error()
+ __attribute__((__error__ ("open called with O_CREAT, but missing mode")));
+extern void __open_toomanyargs_error()
+ __attribute__((__error__ ("open called with too many arguments")));
+extern int __open_real(const char *pathname, int flags, ...)
+ __asm__(__USER_LABEL_PREFIX__ "open");
+extern int __open_2(const char *, int);
+
+__BIONIC_FORTIFY_INLINE
+int open(const char *pathname, int flags, ...) {
+ if (__builtin_constant_p(flags)) {
+ if ((flags & O_CREAT) && __builtin_va_arg_pack_len() == 0) {
+ __open_creat_error(); // compile time error
+ }
+ }
+
+ if (__builtin_va_arg_pack_len() > 1) {
+ __open_toomanyargs_error(); // compile time error
+ }
+
+ if (__builtin_va_arg_pack_len() == 0) {
+ return __open_2(pathname, flags);
+ }
+
+ return __open_real(pathname, flags, __builtin_va_arg_pack());
+}
+
+#endif /* !defined(__clang__) */
+#endif /* defined(__BIONIC_FORTIFY_INLINE) */
+
__END_DECLS
#endif /* _FCNTL_H */
diff --git a/libc/include/malloc.h b/libc/include/malloc.h
index a864286..bcea672 100644
--- a/libc/include/malloc.h
+++ b/libc/include/malloc.h
@@ -35,7 +35,7 @@
extern __mallocfunc void* malloc(size_t);
extern __mallocfunc void* calloc(size_t, size_t);
-extern __mallocfunc void* realloc(void *, size_t);
+extern void* realloc(void *, size_t);
extern void free(void *);
extern void* memalign(size_t alignment, size_t bytesize);
diff --git a/libc/include/stdio.h b/libc/include/stdio.h
index 8d3d5d7..18b19bf 100644
--- a/libc/include/stdio.h
+++ b/libc/include/stdio.h
@@ -231,12 +231,16 @@
int fgetpos(FILE *, fpos_t *);
char *fgets(char *, int, FILE *);
FILE *fopen(const char *, const char *);
-int fprintf(FILE *, const char *, ...);
+int fprintf(FILE *, const char *, ...)
+ __attribute__((__format__ (printf, 2, 3)))
+ __attribute__((__nonnull__ (2)));
int fputc(int, FILE *);
int fputs(const char *, FILE *);
size_t fread(void *, size_t, size_t, FILE *);
FILE *freopen(const char *, const char *, FILE *);
-int fscanf(FILE *, const char *, ...);
+int fscanf(FILE *, const char *, ...)
+ __attribute__ ((__format__ (scanf, 2, 3)))
+ __attribute__ ((__nonnull__ (2)));
int fseek(FILE *, long, int);
int fseeko(FILE *, off_t, int);
int fsetpos(FILE *, const fpos_t *);
@@ -253,24 +257,38 @@
extern char *sys_errlist[];
#endif
void perror(const char *);
-int printf(const char *, ...);
+int printf(const char *, ...)
+ __attribute__((__format__ (printf, 1, 2)))
+ __attribute__((__nonnull__ (1)));
int putc(int, FILE *);
int putchar(int);
int puts(const char *);
int remove(const char *);
int rename(const char *, const char *);
void rewind(FILE *);
-int scanf(const char *, ...);
+int scanf(const char *, ...)
+ __attribute__ ((__format__ (scanf, 1, 2)))
+ __attribute__ ((__nonnull__ (1)));
void setbuf(FILE *, char *);
int setvbuf(FILE *, char *, int, size_t);
-int sprintf(char *, const char *, ...);
-int sscanf(const char *, const char *, ...);
+int sprintf(char *, const char *, ...)
+ __attribute__((__format__ (printf, 2, 3)))
+ __attribute__((__nonnull__ (2)));
+int sscanf(const char *, const char *, ...)
+ __attribute__ ((__format__ (scanf, 2, 3)))
+ __attribute__ ((__nonnull__ (2)));
FILE *tmpfile(void);
char *tmpnam(char *);
int ungetc(int, FILE *);
-int vfprintf(FILE *, const char *, __va_list);
-int vprintf(const char *, __va_list);
-int vsprintf(char *, const char *, __va_list);
+int vfprintf(FILE *, const char *, __va_list)
+ __attribute__((__format__ (printf, 2, 0)))
+ __attribute__((__nonnull__ (2)));
+int vprintf(const char *, __va_list)
+ __attribute__((__format__ (printf, 1, 0)))
+ __attribute__((__nonnull__ (1)));
+int vsprintf(char *, const char *, __va_list)
+ __attribute__((__format__ (printf, 2, 0)))
+ __attribute__((__nonnull__ (2)));
#if __ISO_C_VISIBLE >= 1999 || __BSD_VISIBLE
int snprintf(char *, size_t, const char *, ...)
@@ -453,9 +471,62 @@
* #define fdprintf dprintf for compatibility
*/
__BEGIN_DECLS
-int fdprintf(int, const char*, ...);
-int vfdprintf(int, const char*, __va_list);
+int fdprintf(int, const char*, ...)
+ __attribute__((__format__ (printf, 2, 3)))
+ __attribute__((__nonnull__ (2)));
+int vfdprintf(int, const char*, __va_list)
+ __attribute__((__format__ (printf, 2, 0)))
+ __attribute__((__nonnull__ (2)));
__END_DECLS
#endif /* _GNU_SOURCE */
+#if defined(__BIONIC_FORTIFY_INLINE)
+
+__BIONIC_FORTIFY_INLINE
+__attribute__((__format__ (printf, 3, 0)))
+__attribute__((__nonnull__ (3)))
+int vsnprintf(char *dest, size_t size, const char *format, __va_list ap)
+{
+ return __builtin___vsnprintf_chk(dest, size, 0,
+ __builtin_object_size(dest, 0), format, ap);
+}
+
+__BIONIC_FORTIFY_INLINE
+__attribute__((__format__ (printf, 2, 0)))
+__attribute__((__nonnull__ (2)))
+int vsprintf(char *dest, const char *format, __va_list ap)
+{
+ return __builtin___vsprintf_chk(dest, 0,
+ __builtin_object_size(dest, 0), format, ap);
+}
+
+
+# if !defined(__clang__)
+/*
+ * Clang doesn't have support for __builtin_va_arg_pack()
+ * http://clang.llvm.org/docs/UsersManual.html#c_unimpl_gcc
+ */
+
+__BIONIC_FORTIFY_INLINE
+__attribute__((__format__ (printf, 3, 4)))
+__attribute__((__nonnull__ (3)))
+int snprintf(char *str, size_t size, const char *format, ...)
+{
+ return __builtin___snprintf_chk(str, size, 0,
+ __builtin_object_size(str, 0), format, __builtin_va_arg_pack());
+}
+
+__BIONIC_FORTIFY_INLINE
+__attribute__((__format__ (printf, 2, 3)))
+__attribute__((__nonnull__ (2)))
+int sprintf(char *dest, const char *format, ...)
+{
+ return __builtin___sprintf_chk(dest, 0,
+ __builtin_object_size(dest, 0), format, __builtin_va_arg_pack());
+}
+
+# endif /* !defined(__clang__) */
+
+#endif /* defined(__BIONIC_FORTIFY_INLINE) */
+
#endif /* _STDIO_H_ */
diff --git a/libc/include/stdlib.h b/libc/include/stdlib.h
index e5caadd..9c0e556 100644
--- a/libc/include/stdlib.h
+++ b/libc/include/stdlib.h
@@ -74,9 +74,9 @@
return (float)strtod(nptr, endptr);
}
-extern int atoi(const char *);
-extern long atol(const char *);
-extern long long atoll(const char *);
+extern int atoi(const char *) __purefunc;
+extern long atol(const char *) __purefunc;
+extern long long atoll(const char *) __purefunc;
static __inline__ double atof(const char *nptr)
{
diff --git a/libc/include/string.h b/libc/include/string.h
index 6e6c8e6..32fd25f 100644
--- a/libc/include/string.h
+++ b/libc/include/string.h
@@ -85,6 +85,107 @@
extern int strcoll(const char *, const char *) __purefunc;
extern size_t strxfrm(char *, const char *, size_t);
+#if defined(__BIONIC_FORTIFY_INLINE)
+
+__BIONIC_FORTIFY_INLINE
+void *memcpy (void *dest, const void *src, size_t len) {
+ return __builtin___memcpy_chk(dest, src, len, __builtin_object_size (dest, 0));
+}
+
+__BIONIC_FORTIFY_INLINE
+void *memmove (void *dest, const void *src, size_t len) {
+ return __builtin___memmove_chk(dest, src, len, __builtin_object_size (dest, 0));
+}
+
+__BIONIC_FORTIFY_INLINE
+char *strcpy(char *dest, const char *src) {
+ return __builtin___strcpy_chk(dest, src, __builtin_object_size (dest, 0));
+}
+
+__BIONIC_FORTIFY_INLINE
+char *strncpy(char *dest, const char *src, size_t n) {
+ return __builtin___strncpy_chk(dest, src, n, __builtin_object_size (dest, 0));
+}
+
+__BIONIC_FORTIFY_INLINE
+char *strcat(char *dest, const char *src) {
+ return __builtin___strcat_chk(dest, src, __builtin_object_size (dest, 0));
+}
+
+__BIONIC_FORTIFY_INLINE
+char *strncat(char *dest, const char *src, size_t n) {
+ return __builtin___strncat_chk(dest, src, n, __builtin_object_size (dest, 0));
+}
+
+__BIONIC_FORTIFY_INLINE
+void *memset (void *s, int c, size_t n) {
+ return __builtin___memset_chk(s, c, n, __builtin_object_size (s, 0));
+}
+
+extern size_t __strlcpy_real(char *, const char *, size_t)
+ __asm__(__USER_LABEL_PREFIX__ "strlcpy");
+extern void __strlcpy_error()
+ __attribute__((__error__("strlcpy called with size bigger than buffer")));
+extern size_t __strlcpy_chk(char *, const char *, size_t, size_t);
+
+__BIONIC_FORTIFY_INLINE
+size_t strlcpy(char *dest, const char *src, size_t size) {
+ size_t bos = __builtin_object_size(dest, 0);
+
+ // Compiler doesn't know destination size. Don't call __strlcpy_chk
+ if (bos == (size_t) -1) {
+ return __strlcpy_real(dest, src, size);
+ }
+
+ // Compiler can prove, at compile time, that the passed in size
+ // is always <= the actual object size. Don't call __strlcpy_chk
+ if (__builtin_constant_p(size) && (size <= bos)) {
+ return __strlcpy_real(dest, src, size);
+ }
+
+ // Compiler can prove, at compile time, that the passed in size
+ // is always > the actual object size. Force a compiler error.
+ if (__builtin_constant_p(size) && (size > bos)) {
+ __strlcpy_error();
+ }
+
+ return __strlcpy_chk(dest, src, size, bos);
+}
+
+extern size_t __strlcat_real(char *, const char *, size_t)
+ __asm__(__USER_LABEL_PREFIX__ "strlcat");
+extern void __strlcat_error()
+ __attribute__((__error__("strlcat called with size bigger than buffer")));
+extern size_t __strlcat_chk(char *, const char *, size_t, size_t);
+
+
+__BIONIC_FORTIFY_INLINE
+size_t strlcat(char *dest, const char *src, size_t size) {
+ size_t bos = __builtin_object_size(dest, 0);
+
+ // Compiler doesn't know destination size. Don't call __strlcat_chk
+ if (bos == (size_t) -1) {
+ return __strlcat_real(dest, src, size);
+ }
+
+ // Compiler can prove, at compile time, that the passed in size
+ // is always <= the actual object size. Don't call __strlcat_chk
+ if (__builtin_constant_p(size) && (size <= bos)) {
+ return __strlcat_real(dest, src, size);
+ }
+
+ // Compiler can prove, at compile time, that the passed in size
+ // is always > the actual object size. Force a compiler error.
+ if (__builtin_constant_p(size) && (size > bos)) {
+ __strlcat_error();
+ }
+
+ return __strlcat_chk(dest, src, size, bos);
+}
+
+
+#endif /* defined(__BIONIC_FORTIFY_INLINE) */
+
__END_DECLS
#endif /* _STRING_H_ */
diff --git a/libc/include/strings.h b/libc/include/strings.h
index fee7dc4..db2aa3a 100644
--- a/libc/include/strings.h
+++ b/libc/include/strings.h
@@ -51,6 +51,14 @@
char *rindex(const char *, int);
int strcasecmp(const char *, const char *);
int strncasecmp(const char *, const char *, size_t);
+
+#if defined(__BIONIC_FORTIFY_INLINE)
+__BIONIC_FORTIFY_INLINE
+void bzero (void *s, size_t n) {
+ __builtin___memset_chk(s, '\0', n, __builtin_object_size (s, 0));
+}
+#endif /* defined(__BIONIC_FORTIFY_INLINE) */
+
__END_DECLS
#endif /* !defined(_STRINGS_H_) */
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index 71b419c..1ba9100 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -501,4 +501,12 @@
#define __BIONIC__ 1
#include <android/api-level.h>
+#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && defined(__OPTIMIZE__) && __OPTIMIZE__ > 0
+#define __BIONIC_FORTIFY_INLINE \
+ extern inline \
+ __attribute__ ((always_inline)) \
+ __attribute__ ((gnu_inline)) \
+ __attribute__ ((artificial))
+#endif
+
#endif /* !_SYS_CDEFS_H_ */
diff --git a/libc/inet/inet_ntop.c b/libc/inet/inet_ntop.c
index 5748da3..c3448f1 100644
--- a/libc/inet/inet_ntop.c
+++ b/libc/inet/inet_ntop.c
@@ -75,8 +75,13 @@
char tmp[sizeof "255.255.255.255"];
int l;
+#if defined(ANDROID_CHANGES)
+ l = snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2], src[3]);
+ if (l <= 0 || (size_t)l >= size || (size_t)l >= sizeof(tmp)) {
+#else
l = snprintf(tmp, size, fmt, src[0], src[1], src[2], src[3]);
if (l <= 0 || (size_t)l >= size) {
+#endif
errno = ENOSPC;
return (NULL);
}
diff --git a/libc/kernel/common/linux/filter.h b/libc/kernel/common/linux/filter.h
index 613ee67..e5b2e95 100644
--- a/libc/kernel/common/linux/filter.h
+++ b/libc/kernel/common/linux/filter.h
@@ -23,94 +23,102 @@
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_MAJOR_VERSION 1
#define BPF_MINOR_VERSION 1
-struct sock_filter
-{
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+struct sock_filter {
__u16 code;
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
__u8 jt;
__u8 jf;
__u32 k;
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
};
-struct sock_fprog
-{
- unsigned short len;
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+struct sock_fprog {
+ unsigned short len;
struct sock_filter __user *filter;
};
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_CLASS(code) ((code) & 0x07)
#define BPF_LD 0x00
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_LDX 0x01
#define BPF_ST 0x02
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_STX 0x03
#define BPF_ALU 0x04
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_JMP 0x05
#define BPF_RET 0x06
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_MISC 0x07
#define BPF_SIZE(code) ((code) & 0x18)
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_W 0x00
#define BPF_H 0x08
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_B 0x10
#define BPF_MODE(code) ((code) & 0xe0)
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_IMM 0x00
#define BPF_ABS 0x20
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_IND 0x40
#define BPF_MEM 0x60
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_LEN 0x80
#define BPF_MSH 0xa0
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_OP(code) ((code) & 0xf0)
#define BPF_ADD 0x00
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_SUB 0x10
#define BPF_MUL 0x20
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_DIV 0x30
#define BPF_OR 0x40
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_AND 0x50
#define BPF_LSH 0x60
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_RSH 0x70
#define BPF_NEG 0x80
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_JA 0x00
#define BPF_JEQ 0x10
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_JGT 0x20
#define BPF_JGE 0x30
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_JSET 0x40
#define BPF_SRC(code) ((code) & 0x08)
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_K 0x00
#define BPF_X 0x08
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_RVAL(code) ((code) & 0x18)
#define BPF_A 0x10
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_MISCOP(code) ((code) & 0xf8)
#define BPF_TAX 0x00
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_TXA 0x80
#ifndef BPF_MAXINSNS
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_MAXINSNS 4096
#endif
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#ifndef BPF_STMT
#define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#endif
#ifndef BPF_JUMP
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_JUMP(code, k, jt, jf) { (unsigned short)(code), jt, jf, k }
#endif
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define BPF_MEMWORDS 16
#define SKF_AD_OFF (-0x1000)
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define SKF_AD_PROTOCOL 0
#define SKF_AD_PKTTYPE 4
-#define SKF_AD_IFINDEX 8
-#define SKF_AD_MAX 12
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define SKF_AD_IFINDEX 8
+#define SKF_AD_NLATTR 12
+#define SKF_AD_NLATTR_NEST 16
+#define SKF_AD_MARK 20
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define SKF_AD_QUEUE 24
+#define SKF_AD_HATYPE 28
+#define SKF_AD_RXHASH 32
+#define SKF_AD_CPU 36
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define SKF_AD_ALU_XOR_X 40
+#define SKF_AD_MAX 44
#define SKF_NET_OFF (-0x100000)
#define SKF_LL_OFF (-0x200000)
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#endif
diff --git a/libc/kernel/common/linux/ion.h b/libc/kernel/common/linux/ion.h
index b8715a3..0f872ec 100644
--- a/libc/kernel/common/linux/ion.h
+++ b/libc/kernel/common/linux/ion.h
@@ -33,34 +33,38 @@
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define ION_HEAP_SYSTEM_CONTIG_MASK (1 << ION_HEAP_TYPE_SYSTEM_CONTIG)
#define ION_HEAP_CARVEOUT_MASK (1 << ION_HEAP_TYPE_CARVEOUT)
+#define ION_FLAG_CACHED 1
struct ion_allocation_data {
- size_t len;
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+ size_t len;
size_t align;
+ unsigned int heap_mask;
unsigned int flags;
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
struct ion_handle *handle;
};
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
struct ion_fd_data {
struct ion_handle *handle;
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
int fd;
};
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
struct ion_handle_data {
struct ion_handle *handle;
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
};
struct ion_custom_data {
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
unsigned int cmd;
unsigned long arg;
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
};
#define ION_IOC_MAGIC 'I'
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define ION_IOC_ALLOC _IOWR(ION_IOC_MAGIC, 0, struct ion_allocation_data)
#define ION_IOC_FREE _IOWR(ION_IOC_MAGIC, 1, struct ion_handle_data)
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define ION_IOC_MAP _IOWR(ION_IOC_MAGIC, 2, struct ion_fd_data)
#define ION_IOC_SHARE _IOWR(ION_IOC_MAGIC, 4, struct ion_fd_data)
-/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define ION_IOC_IMPORT _IOWR(ION_IOC_MAGIC, 5, int)
#define ION_IOC_CUSTOM _IOWR(ION_IOC_MAGIC, 6, struct ion_custom_data)
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#endif
+
diff --git a/libc/kernel/common/linux/prctl.h b/libc/kernel/common/linux/prctl.h
index 8906639..5e79143 100644
--- a/libc/kernel/common/linux/prctl.h
+++ b/libc/kernel/common/linux/prctl.h
@@ -64,5 +64,57 @@
#define PR_ENDIAN_BIG 0
#define PR_ENDIAN_LITTLE 1
#define PR_ENDIAN_PPC_LITTLE 2
-#endif
+#define PR_GET_SECCOMP 21
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_SET_SECCOMP 22
+#define PR_CAPBSET_READ 23
+#define PR_CAPBSET_DROP 24
+#define PR_GET_TSC 25
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_SET_TSC 26
+#define PR_TSC_ENABLE 1
+#define PR_TSC_SIGSEGV 2
+#define PR_GET_SECUREBITS 27
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_SET_SECUREBITS 28
+#define PR_SET_TIMERSLACK 29
+#define PR_GET_TIMERSLACK 30
+#define PR_TASK_PERF_EVENTS_DISABLE 31
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_TASK_PERF_EVENTS_ENABLE 32
+#define PR_MCE_KILL 33
+#define PR_MCE_KILL_CLEAR 0
+#define PR_MCE_KILL_SET 1
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_MCE_KILL_LATE 0
+#define PR_MCE_KILL_EARLY 1
+#define PR_MCE_KILL_DEFAULT 2
+#define PR_MCE_KILL_GET 34
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_SET_MM 35
+#define PR_SET_MM_START_CODE 1
+#define PR_SET_MM_END_CODE 2
+#define PR_SET_MM_START_DATA 3
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_SET_MM_END_DATA 4
+#define PR_SET_MM_START_STACK 5
+#define PR_SET_MM_START_BRK 6
+#define PR_SET_MM_BRK 7
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_SET_MM_ARG_START 8
+#define PR_SET_MM_ARG_END 9
+#define PR_SET_MM_ENV_START 10
+#define PR_SET_MM_ENV_END 11
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_SET_MM_AUXV 12
+#define PR_SET_MM_EXE_FILE 13
+#define PR_SET_PTRACER 0x59616d61
+#define PR_SET_PTRACER_ANY ((unsigned long)-1)
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_SET_CHILD_SUBREAPER 36
+#define PR_GET_CHILD_SUBREAPER 37
+#define PR_SET_NO_NEW_PRIVS 38
+#define PR_GET_NO_NEW_PRIVS 39
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define PR_GET_TID_ADDRESS 40
+#endif
diff --git a/libc/kernel/common/linux/seccomp.h b/libc/kernel/common/linux/seccomp.h
new file mode 100644
index 0000000..82a6985
--- /dev/null
+++ b/libc/kernel/common/linux/seccomp.h
@@ -0,0 +1,44 @@
+/****************************************************************************
+ ****************************************************************************
+ ***
+ *** This header was automatically generated from a Linux kernel header
+ *** of the same name, to make information necessary for userspace to
+ *** call into the kernel available to libc. It contains only constants,
+ *** structures, and macros generated from the original header, and thus,
+ *** contains no copyrightable information.
+ ***
+ *** To edit the content of this header, modify the corresponding
+ *** source file (e.g. under external/kernel-headers/original/) then
+ *** run bionic/libc/kernel/tools/update_all.py
+ ***
+ *** Any manual change here will be lost the next time this script will
+ *** be run. You've been warned!
+ ***
+ ****************************************************************************
+ ****************************************************************************/
+#ifndef _LINUX_SECCOMP_H
+#define _LINUX_SECCOMP_H
+#include <linux/compiler.h>
+#include <linux/types.h>
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define SECCOMP_MODE_DISABLED 0
+#define SECCOMP_MODE_STRICT 1
+#define SECCOMP_MODE_FILTER 2
+#define SECCOMP_RET_KILL 0x00000000U
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define SECCOMP_RET_TRAP 0x00030000U
+#define SECCOMP_RET_ERRNO 0x00050000U
+#define SECCOMP_RET_TRACE 0x7ff00000U
+#define SECCOMP_RET_ALLOW 0x7fff0000U
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define SECCOMP_RET_ACTION 0x7fff0000U
+#define SECCOMP_RET_DATA 0x0000ffffU
+struct seccomp_data {
+ int nr;
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+ __u32 arch;
+ __u64 instruction_pointer;
+ __u64 args[6];
+};
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#endif
diff --git a/libc/kernel/common/linux/watchdog.h b/libc/kernel/common/linux/watchdog.h
new file mode 100644
index 0000000..4cbff4b
--- /dev/null
+++ b/libc/kernel/common/linux/watchdog.h
@@ -0,0 +1,65 @@
+/****************************************************************************
+ ****************************************************************************
+ ***
+ *** This header was automatically generated from a Linux kernel header
+ *** of the same name, to make information necessary for userspace to
+ *** call into the kernel available to libc. It contains only constants,
+ *** structures, and macros generated from the original header, and thus,
+ *** contains no copyrightable information.
+ ***
+ *** To edit the content of this header, modify the corresponding
+ *** source file (e.g. under external/kernel-headers/original/) then
+ *** run bionic/libc/kernel/tools/update_all.py
+ ***
+ *** Any manual change here will be lost the next time this script will
+ *** be run. You've been warned!
+ ***
+ ****************************************************************************
+ ****************************************************************************/
+#ifndef _LINUX_WATCHDOG_H
+#define _LINUX_WATCHDOG_H
+#include <linux/ioctl.h>
+#include <linux/types.h>
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define WATCHDOG_IOCTL_BASE 'W'
+struct watchdog_info {
+ __u32 options;
+ __u32 firmware_version;
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+ __u8 identity[32];
+};
+#define WDIOC_GETSUPPORT _IOR(WATCHDOG_IOCTL_BASE, 0, struct watchdog_info)
+#define WDIOC_GETSTATUS _IOR(WATCHDOG_IOCTL_BASE, 1, int)
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define WDIOC_GETBOOTSTATUS _IOR(WATCHDOG_IOCTL_BASE, 2, int)
+#define WDIOC_GETTEMP _IOR(WATCHDOG_IOCTL_BASE, 3, int)
+#define WDIOC_SETOPTIONS _IOR(WATCHDOG_IOCTL_BASE, 4, int)
+#define WDIOC_KEEPALIVE _IOR(WATCHDOG_IOCTL_BASE, 5, int)
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define WDIOC_SETTIMEOUT _IOWR(WATCHDOG_IOCTL_BASE, 6, int)
+#define WDIOC_GETTIMEOUT _IOR(WATCHDOG_IOCTL_BASE, 7, int)
+#define WDIOC_SETPRETIMEOUT _IOWR(WATCHDOG_IOCTL_BASE, 8, int)
+#define WDIOC_GETPRETIMEOUT _IOR(WATCHDOG_IOCTL_BASE, 9, int)
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define WDIOC_GETTIMELEFT _IOR(WATCHDOG_IOCTL_BASE, 10, int)
+#define WDIOF_UNKNOWN -1
+#define WDIOS_UNKNOWN -1
+#define WDIOF_OVERHEAT 0x0001
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define WDIOF_FANFAULT 0x0002
+#define WDIOF_EXTERN1 0x0004
+#define WDIOF_EXTERN2 0x0008
+#define WDIOF_POWERUNDER 0x0010
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define WDIOF_CARDRESET 0x0020
+#define WDIOF_POWEROVER 0x0040
+#define WDIOF_SETTIMEOUT 0x0080
+#define WDIOF_MAGICCLOSE 0x0100
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define WDIOF_PRETIMEOUT 0x0200
+#define WDIOF_KEEPALIVEPING 0x8000
+#define WDIOS_DISABLECARD 0x0001
+#define WDIOS_ENABLECARD 0x0002
+/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
+#define WDIOS_TEMPPANIC 0x0004
+#endif
diff --git a/libc/netbsd/resolv/res_send.c b/libc/netbsd/resolv/res_send.c
index 2f131f1..72a7ada 100644
--- a/libc/netbsd/resolv/res_send.c
+++ b/libc/netbsd/resolv/res_send.c
@@ -1147,6 +1147,9 @@
* XXX - potential security hazard could
* be detected here.
*/
+#ifdef ANDROID_CHANGES
+ __libc_android_log_event_uid(BIONIC_EVENT_RESOLVER_OLD_RESPONSE);
+#endif
DprintQ((statp->options & RES_DEBUG) ||
(statp->pfcode & RES_PRF_REPLY),
(stdout, ";; old answer:\n"),
@@ -1160,6 +1163,9 @@
* XXX - potential security hazard could
* be detected here.
*/
+#ifdef ANDROID_CHANGES
+ __libc_android_log_event_uid(BIONIC_EVENT_RESOLVER_WRONG_SERVER);
+#endif
DprintQ((statp->options & RES_DEBUG) ||
(statp->pfcode & RES_PRF_REPLY),
(stdout, ";; not our server:\n"),
@@ -1190,6 +1196,9 @@
* XXX - potential security hazard could
* be detected here.
*/
+#ifdef ANDROID_CHANGES
+ __libc_android_log_event_uid(BIONIC_EVENT_RESOLVER_WRONG_QUERY);
+#endif
DprintQ((statp->options & RES_DEBUG) ||
(statp->pfcode & RES_PRF_REPLY),
(stdout, ";; wrong query name:\n"),
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/private/__dso_handle.h
similarity index 70%
rename from libc/arch-arm/bionic/atexit.S
rename to libc/private/__dso_handle.h
index beea685..e67ce7c 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/private/__dso_handle.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,9 @@
* SUCH DAMAGE.
*/
+
#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
+__attribute__ ((visibility ("hidden")))
#endif
+__attribute__ ((section (".bss")))
+void *__dso_handle = (void *) 0;
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/private/__dso_handle_so.c
similarity index 68%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/private/__dso_handle_so.c
index beea685..198e64b 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/private/__dso_handle_so.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,7 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+
+__attribute__ ((visibility ("hidden")))
+__attribute__ ((section (".data")))
+void *__dso_handle;
diff --git a/libc/private/logd.h b/libc/private/logd.h
index 4a9b62e..8970daf 100644
--- a/libc/private/logd.h
+++ b/libc/private/logd.h
@@ -30,6 +30,21 @@
#include <stdarg.h>
+#define BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW 80100
+#define BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW 80105
+#define BIONIC_EVENT_MEMMOVE_BUFFER_OVERFLOW 80110
+#define BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW 80115
+#define BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW 80120
+#define BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW 80125
+#define BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW 80130
+
+#define BIONIC_EVENT_STRCAT_INTEGER_OVERFLOW 80200
+#define BIONIC_EVENT_STRNCAT_INTEGER_OVERFLOW 80205
+
+#define BIONIC_EVENT_RESOLVER_OLD_RESPONSE 80300
+#define BIONIC_EVENT_RESOLVER_WRONG_SERVER 80305
+#define BIONIC_EVENT_RESOLVER_WRONG_QUERY 80310
+
enum {
ANDROID_LOG_UNKNOWN = 0,
ANDROID_LOG_DEFAULT, /* only for SetMinPriority() */
@@ -48,4 +63,7 @@
int __libc_android_log_print(int prio, const char *tag, const char *fmt, ...);
int __libc_android_log_vprint(int prio, const char *tag, const char *fmt, va_list ap);
+void __libc_android_log_event_int(int32_t tag, int value);
+void __libc_android_log_event_uid(int32_t tag);
+
#endif /* _ANDROID_BIONIC_LOGD_H */
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/stdio/__snprintf_chk.c
similarity index 62%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/stdio/__snprintf_chk.c
index beea685..dbda3db 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/stdio/__snprintf_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,34 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <stdio.h>
+#include <stdarg.h>
+
+/*
+ * Runtime implementation of __builtin____snprintf_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This snprintf check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+int __snprintf_chk(
+ char *dest,
+ size_t supplied_size,
+ int flags,
+ size_t dest_len_from_compiler,
+ const char *format, ...)
+{
+ va_list va;
+ int retval;
+
+ va_start(va, format);
+ retval = __vsnprintf_chk(dest, supplied_size, flags,
+ dest_len_from_compiler, format, va);
+ va_end(va);
+
+ return retval;
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/stdio/__sprintf_chk.c
similarity index 64%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/stdio/__sprintf_chk.c
index beea685..67acbe1 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/stdio/__sprintf_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,33 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <stdio.h>
+#include <stdarg.h>
+
+/*
+ * Runtime implementation of __builtin____sprintf_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This sprintf check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+int __sprintf_chk(
+ char *dest,
+ int flags,
+ size_t dest_len_from_compiler,
+ const char *format, ...)
+{
+ va_list va;
+ int retval;
+
+ va_start(va, format);
+ retval = __vsprintf_chk(dest, flags,
+ dest_len_from_compiler, format, va);
+ va_end(va);
+
+ return retval;
+}
diff --git a/libc/arch-arm/bionic/crtbegin_so.S b/libc/stdio/__vsnprintf_chk.c
similarity index 60%
rename from libc/arch-arm/bionic/crtbegin_so.S
rename to libc/stdio/__vsnprintf_chk.c
index 104d214..a1a1039 100644
--- a/libc/arch-arm/bionic/crtbegin_so.S
+++ b/libc/stdio/__vsnprintf_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,39 +26,35 @@
* SUCH DAMAGE.
*/
-#include <machine/asm.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <private/logd.h>
-# Implement static C++ destructors when the shared
-# library is unloaded through dlclose().
-#
-# A call to this function must be the first entry
-# in the .fini_array. See 3.3.5.3.C of C++ ABI
-# standard.
-#
-ENTRY(__on_dlclose)
- adr r0, 0f
- ldr r0, [r0]
- b __cxa_finalize
-END(__on_dlclose)
+/*
+ * Runtime implementation of __builtin____vsnprintf_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This vsnprintf check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+int __vsnprintf_chk(
+ char *dest,
+ size_t supplied_size,
+ int flags,
+ size_t dest_len_from_compiler,
+ const char *format,
+ va_list va)
+{
+ if (supplied_size > dest_len_from_compiler) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** vsnprintf buffer overflow detected ***\n");
+ abort();
+ }
-0:
- .long __dso_handle
-
- .section .init_array, "aw"
- .globl __INIT_ARRAY__
-__INIT_ARRAY__:
- .long -1
-
- .section .fini_array, "aw"
- .globl __FINI_ARRAY__
-__FINI_ARRAY__:
- .long -1
- .long __on_dlclose
-
-#ifdef CRT_LEGACY_WORKAROUND
-#include "__dso_handle.S"
-#else
-#include "__dso_handle_so.S"
-#endif
-
-#include "atexit.S"
+ return vsnprintf(dest, supplied_size, format, va);
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/stdio/__vsprintf_chk.c
similarity index 60%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/stdio/__vsprintf_chk.c
index beea685..8a809fc 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/stdio/__vsprintf_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,36 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <private/logd.h>
+
+/*
+ * Runtime implementation of __builtin____vsprintf_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This vsprintf check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+int __vsprintf_chk(
+ char *dest,
+ int flags,
+ size_t dest_len_from_compiler,
+ const char *format,
+ va_list va)
+{
+ int ret = vsnprintf(dest, dest_len_from_compiler, format, va);
+
+ if ((size_t) ret >= dest_len_from_compiler) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** vsprintf buffer overflow detected ***\n");
+ abort();
+ }
+
+ return ret;
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/string/__memcpy_chk.c
similarity index 62%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/string/__memcpy_chk.c
index beea685..e79f6ac 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/string/__memcpy_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,30 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+
+/*
+ * Runtime implementation of __builtin____memcpy_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This memcpy check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+void *__memcpy_chk (void *dest, const void *src,
+ size_t len, size_t dest_len)
+{
+ if (len > dest_len) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** memcpy buffer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW);
+ abort();
+ }
+
+ return memcpy(dest, src, len);
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/string/__memmove_chk.c
similarity index 62%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/string/__memmove_chk.c
index beea685..529eb8f 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/string/__memmove_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,30 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+
+/*
+ * Runtime implementation of __builtin____memmove_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This memmove check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+void *__memmove_chk (void *dest, const void *src,
+ size_t len, size_t dest_len)
+{
+ if (len > dest_len) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** memmove buffer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_MEMMOVE_BUFFER_OVERFLOW);
+ abort();
+ }
+
+ return memmove(dest, src, len);
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/string/__memset_chk.c
similarity index 63%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/string/__memset_chk.c
index beea685..0904c03 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/string/__memset_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,29 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+
+/*
+ * Runtime implementation of __builtin____memset_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This memset check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+void *__memset_chk (void *dest, int c, size_t n, size_t dest_len)
+{
+ if (n > dest_len) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** memset buffer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW);
+ abort();
+ }
+
+ return memset(dest, c, n);
+}
diff --git a/libc/string/__strcat_chk.c b/libc/string/__strcat_chk.c
new file mode 100644
index 0000000..4665d66
--- /dev/null
+++ b/libc/string/__strcat_chk.c
@@ -0,0 +1,68 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+#include <safe_iop.h>
+
+/*
+ * Runtime implementation of __builtin____strcat_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This strcat check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+char *__strcat_chk (char *dest, const char *src, size_t dest_buf_size)
+{
+ // TODO: optimize so we don't scan src/dest twice.
+ size_t src_len = strlen(src);
+ size_t dest_len = strlen(dest);
+ size_t sum;
+
+ // sum = src_len + dest_len + 1 (with overflow protection)
+ if (!safe_add3(&sum, src_len, dest_len, 1U)) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strcat integer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_STRCAT_INTEGER_OVERFLOW);
+ abort();
+ }
+
+ if (sum > dest_buf_size) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strcat buffer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW);
+ abort();
+ }
+
+ return strcat(dest, src);
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/string/__strcpy_chk.c
similarity index 60%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/string/__strcpy_chk.c
index beea685..79486b4 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/string/__strcpy_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,31 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+
+/*
+ * Runtime implementation of __builtin____strcpy_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This strcpy check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+char *__strcpy_chk (char *dest, const char *src, size_t dest_len)
+{
+ // TODO: optimize so we don't scan src twice.
+ size_t src_len = strlen(src) + 1;
+ if (src_len > dest_len) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strcpy buffer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW);
+ abort();
+ }
+
+ return strcpy(dest, src);
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/string/__strlcat_chk.c
similarity index 61%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/string/__strlcat_chk.c
index beea685..b895fb8 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/string/__strlcat_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,30 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+
+/*
+ * __strlcat_chk. Called in place of strlcat() when we know the
+ * size of the buffer we're writing into.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This strlcat check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+size_t __strlcat_chk(char *dest, const char *src,
+ size_t supplied_size, size_t dest_len_from_compiler)
+{
+ if (supplied_size > dest_len_from_compiler) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strlcat buffer overflow detected ***\n");
+ abort();
+ }
+
+ return strlcat(dest, src, supplied_size);
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/string/__strlcpy_chk.c
similarity index 61%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/string/__strlcpy_chk.c
index beea685..752c86c 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/string/__strlcpy_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,30 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+
+/*
+ * __strlcpy_chk. Called in place of strlcpy() when we know the
+ * size of the buffer we're writing into.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This strlcpy check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+size_t __strlcpy_chk(char *dest, const char *src,
+ size_t supplied_size, size_t dest_len_from_compiler)
+{
+ if (supplied_size > dest_len_from_compiler) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strlcpy buffer overflow detected ***\n");
+ abort();
+ }
+
+ return strlcpy(dest, src, supplied_size);
+}
diff --git a/libc/string/__strncat_chk.c b/libc/string/__strncat_chk.c
new file mode 100644
index 0000000..2036c9f
--- /dev/null
+++ b/libc/string/__strncat_chk.c
@@ -0,0 +1,72 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+#include <safe_iop.h>
+
+/*
+ * Runtime implementation of __builtin____strncat_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This strncat check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+char *__strncat_chk (char *dest, const char *src,
+ size_t len, size_t dest_buf_size)
+{
+ // TODO: optimize so we don't scan src/dest twice.
+ size_t dest_len = strlen(dest);
+ size_t src_len = strlen(src);
+ if (src_len > len) {
+ src_len = len;
+ }
+
+ size_t sum;
+ // sum = src_len + dest_len + 1 (with overflow protection)
+ if (!safe_add3(&sum, src_len, dest_len, 1U)) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strncat integer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_INTEGER_OVERFLOW);
+ abort();
+ }
+
+ if (sum > dest_buf_size) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strncat buffer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW);
+ abort();
+ }
+
+ return strncat(dest, src, len);
+}
diff --git a/libc/arch-arm/bionic/atexit.S b/libc/string/__strncpy_chk.c
similarity index 62%
copy from libc/arch-arm/bionic/atexit.S
copy to libc/string/__strncpy_chk.c
index beea685..3f9e9fb 100644
--- a/libc/arch-arm/bionic/atexit.S
+++ b/libc/string/__strncpy_chk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 The Android Open Source Project
+ * Copyright (C) 2012 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,37 +26,30 @@
* SUCH DAMAGE.
*/
-#ifndef CRT_LEGACY_WORKAROUND
- .arch armv5te
- .fpu softvfp
- .eabi_attribute 20, 1
- .eabi_attribute 21, 1
- .eabi_attribute 23, 3
- .eabi_attribute 24, 1
- .eabi_attribute 25, 1
- .eabi_attribute 26, 2
- .eabi_attribute 30, 4
- .eabi_attribute 18, 4
- .hidden atexit
- .code 16
- .thumb_func
-ENTRY(atexit)
-.LFB0:
- .save {r4, lr}
- push {r4, lr}
-.LCFI0:
- ldr r3, .L3
- mov r1, #0
- @ sp needed for prologue
-.LPIC0:
- add r3, pc
- ldr r2, [r3]
- bl __cxa_atexit
- pop {r4, pc}
-.L4:
- .align 2
-.L3:
- .word __dso_handle-(.LPIC0+4)
-.LFE0:
-END(atexit)
-#endif
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+
+/*
+ * Runtime implementation of __builtin____strncpy_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This strncpy check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ */
+char *__strncpy_chk (char *dest, const char *src,
+ size_t len, size_t dest_len)
+{
+ if (len > dest_len) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strncpy buffer overflow detected ***\n");
+ __libc_android_log_event_uid(BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW);
+ abort();
+ }
+
+ return strncpy(dest, src, len);
+}
diff --git a/libc/unistd/open.c b/libc/unistd/open.c
index 03cba45..56602db 100644
--- a/libc/unistd/open.c
+++ b/libc/unistd/open.c
@@ -28,6 +28,8 @@
#include <unistd.h>
#include <fcntl.h>
#include <stdarg.h>
+#include <stdlib.h>
+#include <private/logd.h>
extern int __open(const char*, int, int);
@@ -49,3 +51,15 @@
return __open(pathname, flags, mode);
}
+int __open_2(const char *pathname, int flags) {
+ if (flags & O_CREAT) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** open(O_CREAT) called without specifying a mode ***\n");
+ abort();
+ }
+
+ flags |= O_LARGEFILE;
+
+ return __open(pathname, flags, 0);
+}
+
diff --git a/linker/Android.mk b/linker/Android.mk
index 2f39cbe..a739b4f 100644
--- a/linker/Android.mk
+++ b/linker/Android.mk
@@ -6,6 +6,7 @@
linker.c \
linker_environ.c \
linker_format.c \
+ linker_phdr.c \
rt.c \
dlfcn.c \
debugger.c
diff --git a/linker/dlfcn.c b/linker/dlfcn.c
index ac7e5d3..3d0384f 100644
--- a/linker/dlfcn.c
+++ b/linker/dlfcn.c
@@ -60,7 +60,7 @@
if (unlikely(ret == NULL)) {
set_dlerror(DL_ERR_CANNOT_LOAD_LIBRARY);
} else {
- call_constructors_recursive(ret);
+ soinfo_call_constructors(ret);
ret->refcount++;
}
pthread_mutex_unlock(&dl_lock);
@@ -103,7 +103,7 @@
}
} else {
found = (soinfo*)handle;
- sym = lookup_in_library(found, symbol);
+ sym = soinfo_lookup(found, symbol);
}
if(likely(sym != 0)) {
@@ -141,7 +141,7 @@
info->dli_fbase = (void*)si->base;
/* Determine if any symbol in the library contains the specified address */
- Elf32_Sym *sym = find_containing_symbol(addr, si);
+ Elf32_Sym *sym = soinfo_find_symbol(si, addr);
if(sym != NULL) {
info->dli_sname = si->strtab + sym->st_name;
@@ -159,7 +159,7 @@
int dlclose(void *handle)
{
pthread_mutex_lock(&dl_lock);
- (void)unload_library((soinfo*)handle);
+ (void)soinfo_unload((soinfo*)handle);
pthread_mutex_unlock(&dl_lock);
return 0;
}
diff --git a/linker/linker.c b/linker/linker.c
index df4a8b1..54fb22b 100644
--- a/linker/linker.c
+++ b/linker/linker.c
@@ -50,6 +50,7 @@
#include "linker_debug.h"
#include "linker_environ.h"
#include "linker_format.h"
+#include "linker_phdr.h"
#define ALLOW_SYMBOLS_FROM_MAIN 1
#define SO_MAX 128
@@ -82,7 +83,7 @@
*/
-static int link_image(soinfo *si, unsigned wr_offset);
+static int soinfo_link_image(soinfo *si, unsigned wr_offset);
static int socount = 0;
static soinfo sopool[SO_MAX];
@@ -125,10 +126,6 @@
unsigned bitmask[4096];
#endif
-#ifndef PT_ARM_EXIDX
-#define PT_ARM_EXIDX 0x70000001 /* .ARM.exidx segment */
-#endif
-
#define HOODLUM(name, ret, ...) \
ret name __VA_ARGS__ \
{ \
@@ -254,7 +251,7 @@
rtld_db_dlactivity();
}
-static soinfo *alloc_info(const char *name)
+static soinfo *soinfo_alloc(const char *name)
{
soinfo *si;
@@ -263,7 +260,7 @@
return NULL;
}
- /* The freelist is populated when we call free_info(), which in turn is
+ /* The freelist is populated when we call soinfo_free(), which in turn is
done only by dlclose(), which is not likely to be used.
*/
if (!freelist) {
@@ -290,7 +287,7 @@
return si;
}
-static void free_info(soinfo *si)
+static void soinfo_free(soinfo *si)
{
soinfo *prev = NULL, *trav;
@@ -347,7 +344,7 @@
for (si = solist; si != 0; si = si->next){
if ((addr >= si->base) && (addr < (si->base + si->size))) {
*pcount = si->ARM_exidx_count;
- return (_Unwind_Ptr)(si->base + (unsigned long)si->ARM_exidx);
+ return (_Unwind_Ptr)si->ARM_exidx;
}
}
*pcount = 0;
@@ -377,7 +374,7 @@
}
#endif
-static Elf32_Sym *_elf_lookup(soinfo *si, unsigned hash, const char *name)
+static Elf32_Sym *soinfo_elf_lookup(soinfo *si, unsigned hash, const char *name)
{
Elf32_Sym *s;
Elf32_Sym *symtab = si->symtab;
@@ -423,7 +420,7 @@
}
static Elf32_Sym *
-_do_lookup(soinfo *si, const char *name, unsigned *base)
+soinfo_do_lookup(soinfo *si, const char *name, Elf32_Addr *offset)
{
unsigned elf_hash = elfhash(name);
Elf32_Sym *s;
@@ -441,14 +438,14 @@
* and some the first non-weak definition. This is system dependent.
* Here we return the first definition found for simplicity. */
- s = _elf_lookup(si, elf_hash, name);
+ s = soinfo_elf_lookup(si, elf_hash, name);
if(s != NULL)
goto done;
/* Next, look for it in the preloads list */
for(i = 0; preloads[i] != NULL; i++) {
lsi = preloads[i];
- s = _elf_lookup(lsi, elf_hash, name);
+ s = soinfo_elf_lookup(lsi, elf_hash, name);
if(s != NULL)
goto done;
}
@@ -464,7 +461,7 @@
DEBUG("%5d %s: looking up %s in %s\n",
pid, si->name, name, lsi->name);
- s = _elf_lookup(lsi, elf_hash, name);
+ s = soinfo_elf_lookup(lsi, elf_hash, name);
if ((s != NULL) && (s->st_shndx != SHN_UNDEF))
goto done;
}
@@ -479,16 +476,17 @@
lsi = somain;
DEBUG("%5d %s: looking up %s in executable %s\n",
pid, si->name, name, lsi->name);
- s = _elf_lookup(lsi, elf_hash, name);
+ s = soinfo_elf_lookup(lsi, elf_hash, name);
}
#endif
done:
if(s != NULL) {
TRACE_TYPE(LOOKUP, "%5d si %s sym %s s->st_value = 0x%08x, "
- "found in %s, base = 0x%08x\n",
- pid, si->name, name, s->st_value, lsi->name, lsi->base);
- *base = lsi->base;
+ "found in %s, base = 0x%08x, load bias = 0x%08x\n",
+ pid, si->name, name, s->st_value,
+ lsi->name, lsi->base, lsi->load_bias);
+ *offset = lsi->load_bias;
return s;
}
@@ -498,9 +496,9 @@
/* This is used by dl_sym(). It performs symbol lookup only within the
specified soinfo object and not in any of its dependencies.
*/
-Elf32_Sym *lookup_in_library(soinfo *si, const char *name)
+Elf32_Sym *soinfo_lookup(soinfo *si, const char *name)
{
- return _elf_lookup(si, elfhash(name), name);
+ return soinfo_elf_lookup(si, elfhash(name), name);
}
/* This is used by dl_sym(). It performs a global symbol lookup.
@@ -519,7 +517,7 @@
{
if(si->flags & FLAG_ERROR)
continue;
- s = _elf_lookup(si, elf_hash, name);
+ s = soinfo_elf_lookup(si, elf_hash, name);
if (s != NULL) {
*found = si;
break;
@@ -549,7 +547,7 @@
return NULL;
}
-Elf32_Sym *find_containing_symbol(const void *addr, soinfo *si)
+Elf32_Sym *soinfo_find_symbol(soinfo* si, const void *addr)
{
unsigned int i;
unsigned soaddr = (unsigned)addr - si->base;
@@ -584,7 +582,7 @@
}
#endif
-static const char *sopaths[] = {
+static const char * const sopaths[] = {
"/vendor/lib",
"/system/lib",
0
@@ -596,7 +594,7 @@
struct stat filestat;
if ((stat(name, &filestat) >= 0) && S_ISREG(filestat.st_mode)) {
- if ((fd = open(name, O_RDONLY)) >= 0)
+ if ((fd = TEMP_FAILURE_RETRY(open(name, O_RDONLY))) >= 0)
return fd;
}
@@ -607,7 +605,7 @@
{
int fd;
char buf[512];
- const char **path;
+ const char * const*path;
int n;
TRACE("[ %5d opening %s ]\n", pid, name);
@@ -640,10 +638,6 @@
return -1;
}
-/* temporary space for holding the first page of the shared lib
- * which contains the elf header (with the pht). */
-static unsigned char __header[PAGE_SIZE];
-
typedef struct {
long mmap_addr;
char tag[4]; /* 'P', 'R', 'E', ' ' */
@@ -663,12 +657,12 @@
return 0;
}
- if (read(fd, &info, sizeof(info)) != sizeof(info)) {
+ if (TEMP_FAILURE_RETRY(read(fd, &info, sizeof(info)) != sizeof(info))) {
WARN("Could not read prelink_info_t structure for `%s`\n", name);
return 0;
}
- if (strncmp(info.tag, "PRE ", 4)) {
+ if (memcmp(info.tag, "PRE ", 4)) {
WARN("`%s` is not a prelinked library\n", name);
return 0;
}
@@ -676,8 +670,8 @@
return (unsigned long)info.mmap_addr;
}
-/* verify_elf_object
- * Verifies if the object @ base is a valid ELF object
+/* verify_elf_header
+ * Verifies the content of an ELF header.
*
* Args:
*
@@ -686,10 +680,8 @@
* -1 if no valid ELF object is found @ base.
*/
static int
-verify_elf_object(void *base, const char *name)
+verify_elf_header(const Elf32_Ehdr* hdr)
{
- Elf32_Ehdr *hdr = (Elf32_Ehdr *) base;
-
if (hdr->e_ident[EI_MAG0] != ELFMAG0) return -1;
if (hdr->e_ident[EI_MAG1] != ELFMAG1) return -1;
if (hdr->e_ident[EI_MAG2] != ELFMAG2) return -1;
@@ -705,412 +697,76 @@
}
-/* get_lib_extents
- * Retrieves the base (*base) address where the ELF object should be
- * mapped and its overall memory size (*total_sz).
- *
- * Args:
- * fd: Opened file descriptor for the library
- * name: The name of the library
- * _hdr: Pointer to the header page of the library
- * total_sz: Total size of the memory that should be allocated for
- * this library
- *
- * Returns:
- * -1 if there was an error while trying to get the lib extents.
- * The possible reasons are:
- * - Could not determine if the library was prelinked.
- * - The library provided is not a valid ELF object
- * 0 if the library did not request a specific base offset (normal
- * for non-prelinked libs)
- * > 0 if the library requests a specific address to be mapped to.
- * This indicates a pre-linked library.
- */
-static unsigned
-get_lib_extents(int fd, const char *name, void *__hdr, unsigned *total_sz)
+static soinfo *
+load_library(const char *name)
{
+ int fd = open_library(name);
+ int ret, cnt;
+ unsigned ext_sz;
unsigned req_base;
- unsigned min_vaddr = 0xffffffff;
- unsigned max_vaddr = 0;
- unsigned char *_hdr = (unsigned char *)__hdr;
- Elf32_Ehdr *ehdr = (Elf32_Ehdr *)_hdr;
- Elf32_Phdr *phdr;
- int cnt;
+ const char *bname;
+ struct stat sb;
+ soinfo *si = NULL;
+ Elf32_Ehdr header[1];
+ int phdr_count;
+ void* phdr_mmap = NULL;
+ Elf32_Addr phdr_size;
+ const Elf32_Phdr* phdr_table;
- TRACE("[ %5d Computing extents for '%s'. ]\n", pid, name);
- if (verify_elf_object(_hdr, name) < 0) {
- DL_ERR("%5d - %s is not a valid ELF object", pid, name);
- return (unsigned)-1;
+ void* load_start = NULL;
+ Elf32_Addr load_size = 0;
+ Elf32_Addr load_bias = 0;
+
+ if (fd == -1) {
+ DL_ERR("Library '%s' not found", name);
+ return NULL;
+ }
+
+ /* Read the ELF header first */
+ ret = TEMP_FAILURE_RETRY(read(fd, (void*)header, sizeof(header)));
+ if (ret < 0) {
+ DL_ERR("%5d can't read file %s: %s", pid, name, strerror(errno));
+ goto fail;
+ }
+ if (ret != (int)sizeof(header)) {
+ DL_ERR("%5d too small to be an ELF executable: %s", pid, name);
+ goto fail;
+ }
+ if (verify_elf_header(header) < 0) {
+ DL_ERR("%5d not a valid ELF executable: %s", pid, name);
+ goto fail;
+ }
+
+ /* Then read the program header table */
+ ret = phdr_table_load(fd, header->e_phoff, header->e_phnum,
+ &phdr_mmap, &phdr_size, &phdr_table);
+ if (ret < 0) {
+ DL_ERR("%5d can't load program header table: %s: %s", pid,
+ name, strerror(errno));
+ goto fail;
+ }
+ phdr_count = header->e_phnum;
+
+ /* Get the load extents and the prelinked load address, if any */
+ ext_sz = phdr_table_get_load_size(phdr_table, phdr_count);
+ if (ext_sz == 0) {
+ DL_ERR("%5d no loadable segments in file: %s", pid, name);
+ goto fail;
}
req_base = (unsigned) is_prelinked(fd, name);
- if (req_base == (unsigned)-1)
- return -1;
- else if (req_base != 0) {
+ if (req_base == (unsigned)-1) {
+ DL_ERR("%5d can't read end of library: %s: %s", pid, name,
+ strerror(errno));
+ goto fail;
+ }
+ if (req_base != 0) {
TRACE("[ %5d - Prelinked library '%s' requesting base @ 0x%08x ]\n",
pid, name, req_base);
} else {
TRACE("[ %5d - Non-prelinked library '%s' found. ]\n", pid, name);
}
- phdr = (Elf32_Phdr *)(_hdr + ehdr->e_phoff);
-
- /* find the min/max p_vaddrs from all the PT_LOAD segments so we can
- * get the range. */
- for (cnt = 0; cnt < ehdr->e_phnum; ++cnt, ++phdr) {
- if (phdr->p_type == PT_LOAD) {
- if ((phdr->p_vaddr + phdr->p_memsz) > max_vaddr)
- max_vaddr = phdr->p_vaddr + phdr->p_memsz;
- if (phdr->p_vaddr < min_vaddr)
- min_vaddr = phdr->p_vaddr;
- }
- }
-
- if ((min_vaddr == 0xffffffff) && (max_vaddr == 0)) {
- DL_ERR("%5d - No loadable segments found in %s.", pid, name);
- return (unsigned)-1;
- }
-
- /* truncate min_vaddr down to page boundary */
- min_vaddr &= ~PAGE_MASK;
-
- /* round max_vaddr up to the next page */
- max_vaddr = (max_vaddr + PAGE_SIZE - 1) & ~PAGE_MASK;
-
- *total_sz = (max_vaddr - min_vaddr);
- return (unsigned)req_base;
-}
-
-/* reserve_mem_region
- *
- * This function reserves a chunk of memory to be used for mapping in
- * a prelinked shared library. We reserve the entire memory region here, and
- * then the rest of the linker will relocate the individual loadable
- * segments into the correct locations within this memory range.
- *
- * Args:
- * si->base: The requested base of the allocation.
- * si->size: The size of the allocation.
- *
- * Returns:
- * -1 on failure, and 0 on success. On success, si->base will contain
- * the virtual address at which the library will be mapped.
- */
-
-static int reserve_mem_region(soinfo *si)
-{
- void *base = mmap((void *)si->base, si->size, PROT_NONE,
- MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
- if (base == MAP_FAILED) {
- DL_ERR("%5d can NOT map (%sprelinked) library '%s' at 0x%08x "
- "as requested, will try general pool: %d (%s)",
- pid, (si->base ? "" : "non-"), si->name, si->base,
- errno, strerror(errno));
- return -1;
- } else if (base != (void *)si->base) {
- DL_ERR("OOPS: %5d %sprelinked library '%s' mapped at 0x%08x, "
- "not at 0x%08x", pid, (si->base ? "" : "non-"),
- si->name, (unsigned)base, si->base);
- munmap(base, si->size);
- return -1;
- }
- return 0;
-}
-
-static int alloc_mem_region(soinfo *si)
-{
- if (si->base) {
- /* Attempt to mmap a prelinked library. */
- return reserve_mem_region(si);
- }
-
- /* This is not a prelinked library, so we use the kernel's default
- allocator.
- */
-
- void *base = mmap(NULL, si->size, PROT_NONE,
- MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
- if (base == MAP_FAILED) {
- DL_ERR("%5d mmap of library '%s' failed: %d (%s)\n",
- pid, si->name,
- errno, strerror(errno));
- goto err;
- }
- si->base = (unsigned) base;
- PRINT("%5d mapped library '%s' to %08x via kernel allocator.\n",
- pid, si->name, si->base);
- return 0;
-
-err:
- DL_ERR("OOPS: %5d cannot map library '%s'. no vspace available.",
- pid, si->name);
- return -1;
-}
-
-#define MAYBE_MAP_FLAG(x,from,to) (((x) & (from)) ? (to) : 0)
-#define PFLAGS_TO_PROT(x) (MAYBE_MAP_FLAG((x), PF_X, PROT_EXEC) | \
- MAYBE_MAP_FLAG((x), PF_R, PROT_READ) | \
- MAYBE_MAP_FLAG((x), PF_W, PROT_WRITE))
-/* load_segments
- *
- * This function loads all the loadable (PT_LOAD) segments into memory
- * at their appropriate memory offsets off the base address.
- *
- * Args:
- * fd: Open file descriptor to the library to load.
- * header: Pointer to a header page that contains the ELF header.
- * This is needed since we haven't mapped in the real file yet.
- * si: ptr to soinfo struct describing the shared object.
- *
- * Returns:
- * 0 on success, -1 on failure.
- */
-static int
-load_segments(int fd, void *header, soinfo *si)
-{
- Elf32_Ehdr *ehdr = (Elf32_Ehdr *)header;
- Elf32_Phdr *phdr = (Elf32_Phdr *)((unsigned char *)header + ehdr->e_phoff);
- Elf32_Addr base = (Elf32_Addr) si->base;
- int cnt;
- unsigned len;
- Elf32_Addr tmp;
- unsigned char *pbase;
- unsigned char *extra_base;
- unsigned extra_len;
- unsigned total_sz = 0;
-
- si->wrprotect_start = 0xffffffff;
- si->wrprotect_end = 0;
-
- TRACE("[ %5d - Begin loading segments for '%s' @ 0x%08x ]\n",
- pid, si->name, (unsigned)si->base);
- /* Now go through all the PT_LOAD segments and map them into memory
- * at the appropriate locations. */
- for (cnt = 0; cnt < ehdr->e_phnum; ++cnt, ++phdr) {
- if (phdr->p_type == PT_LOAD) {
- DEBUG_DUMP_PHDR(phdr, "PT_LOAD", pid);
- /* we want to map in the segment on a page boundary */
- tmp = base + (phdr->p_vaddr & (~PAGE_MASK));
- /* add the # of bytes we masked off above to the total length. */
- len = phdr->p_filesz + (phdr->p_vaddr & PAGE_MASK);
-
- TRACE("[ %d - Trying to load segment from '%s' @ 0x%08x "
- "(0x%08x). p_vaddr=0x%08x p_offset=0x%08x ]\n", pid, si->name,
- (unsigned)tmp, len, phdr->p_vaddr, phdr->p_offset);
- pbase = mmap((void *)tmp, len, PFLAGS_TO_PROT(phdr->p_flags),
- MAP_PRIVATE | MAP_FIXED, fd,
- phdr->p_offset & (~PAGE_MASK));
- if (pbase == MAP_FAILED) {
- DL_ERR("%d failed to map segment from '%s' @ 0x%08x (0x%08x). "
- "p_vaddr=0x%08x p_offset=0x%08x", pid, si->name,
- (unsigned)tmp, len, phdr->p_vaddr, phdr->p_offset);
- goto fail;
- }
-
- /* If 'len' didn't end on page boundary, and it's a writable
- * segment, zero-fill the rest. */
- if ((len & PAGE_MASK) && (phdr->p_flags & PF_W))
- memset((void *)(pbase + len), 0, PAGE_SIZE - (len & PAGE_MASK));
-
- /* Check to see if we need to extend the map for this segment to
- * cover the diff between filesz and memsz (i.e. for bss).
- *
- * base _+---------------------+ page boundary
- * . .
- * | |
- * . .
- * pbase _+---------------------+ page boundary
- * | |
- * . .
- * base + p_vaddr _| |
- * . \ \ .
- * . | filesz | .
- * pbase + len _| / | |
- * <0 pad> . . .
- * extra_base _+------------|--------+ page boundary
- * / . . .
- * | . . .
- * | +------------|--------+ page boundary
- * extra_len-> | | | |
- * | . | memsz .
- * | . | .
- * \ _| / |
- * . .
- * | |
- * _+---------------------+ page boundary
- */
- tmp = (Elf32_Addr)(((unsigned)pbase + len + PAGE_SIZE - 1) &
- (~PAGE_MASK));
- if (tmp < (base + phdr->p_vaddr + phdr->p_memsz)) {
- extra_len = base + phdr->p_vaddr + phdr->p_memsz - tmp;
- TRACE("[ %5d - Need to extend segment from '%s' @ 0x%08x "
- "(0x%08x) ]\n", pid, si->name, (unsigned)tmp, extra_len);
- /* map in the extra page(s) as anonymous into the range.
- * This is probably not necessary as we already mapped in
- * the entire region previously, but we just want to be
- * sure. This will also set the right flags on the region
- * (though we can probably accomplish the same thing with
- * mprotect).
- */
- extra_base = mmap((void *)tmp, extra_len,
- PFLAGS_TO_PROT(phdr->p_flags),
- MAP_PRIVATE | MAP_FIXED | MAP_ANONYMOUS,
- -1, 0);
- if (extra_base == MAP_FAILED) {
- DL_ERR("[ %5d - failed to extend segment from '%s' @ 0x%08x"
- " (0x%08x) ]", pid, si->name, (unsigned)tmp,
- extra_len);
- goto fail;
- }
- /* TODO: Check if we need to memset-0 this region.
- * Anonymous mappings are zero-filled copy-on-writes, so we
- * shouldn't need to. */
- TRACE("[ %5d - Segment from '%s' extended @ 0x%08x "
- "(0x%08x)\n", pid, si->name, (unsigned)extra_base,
- extra_len);
- }
- /* set the len here to show the full extent of the segment we
- * just loaded, mostly for debugging */
- len = (((unsigned)base + phdr->p_vaddr + phdr->p_memsz +
- PAGE_SIZE - 1) & (~PAGE_MASK)) - (unsigned)pbase;
- TRACE("[ %5d - Successfully loaded segment from '%s' @ 0x%08x "
- "(0x%08x). p_vaddr=0x%08x p_offset=0x%08x\n", pid, si->name,
- (unsigned)pbase, len, phdr->p_vaddr, phdr->p_offset);
- total_sz += len;
- /* Make the section writable just in case we'll have to write to
- * it during relocation (i.e. text segment). However, we will
- * remember what range of addresses should be write protected.
- *
- */
- if (!(phdr->p_flags & PF_W)) {
- if ((unsigned)pbase < si->wrprotect_start)
- si->wrprotect_start = (unsigned)pbase;
- if (((unsigned)pbase + len) > si->wrprotect_end)
- si->wrprotect_end = (unsigned)pbase + len;
- mprotect(pbase, len,
- PFLAGS_TO_PROT(phdr->p_flags) | PROT_WRITE);
- }
- } else if (phdr->p_type == PT_DYNAMIC) {
- DEBUG_DUMP_PHDR(phdr, "PT_DYNAMIC", pid);
- /* this segment contains the dynamic linking information */
- si->dynamic = (unsigned *)(base + phdr->p_vaddr);
- } else if (phdr->p_type == PT_GNU_RELRO) {
- if ((phdr->p_vaddr >= si->size)
- || ((phdr->p_vaddr + phdr->p_memsz) > si->size)
- || ((base + phdr->p_vaddr + phdr->p_memsz) < base)) {
- DL_ERR("%d invalid GNU_RELRO in '%s' "
- "p_vaddr=0x%08x p_memsz=0x%08x", pid, si->name,
- phdr->p_vaddr, phdr->p_memsz);
- goto fail;
- }
- si->gnu_relro_start = (Elf32_Addr) (base + phdr->p_vaddr);
- si->gnu_relro_len = (unsigned) phdr->p_memsz;
- } else {
-#ifdef ANDROID_ARM_LINKER
- if (phdr->p_type == PT_ARM_EXIDX) {
- DEBUG_DUMP_PHDR(phdr, "PT_ARM_EXIDX", pid);
- /* exidx entries (used for stack unwinding) are 8 bytes each.
- */
- si->ARM_exidx = (unsigned *)phdr->p_vaddr;
- si->ARM_exidx_count = phdr->p_memsz / 8;
- }
-#endif
- }
-
- }
-
- /* Sanity check */
- if (total_sz > si->size) {
- DL_ERR("%5d - Total length (0x%08x) of mapped segments from '%s' is "
- "greater than what was allocated (0x%08x). THIS IS BAD!",
- pid, total_sz, si->name, si->size);
- goto fail;
- }
-
- TRACE("[ %5d - Finish loading segments for '%s' @ 0x%08x. "
- "Total memory footprint: 0x%08x bytes ]\n", pid, si->name,
- (unsigned)si->base, si->size);
- return 0;
-
-fail:
- /* We can just blindly unmap the entire region even though some things
- * were mapped in originally with anonymous and others could have been
- * been mapped in from the file before we failed. The kernel will unmap
- * all the pages in the range, irrespective of how they got there.
- */
- munmap((void *)si->base, si->size);
- si->flags |= FLAG_ERROR;
- return -1;
-}
-
-/* TODO: Implement this to take care of the fact that Android ARM
- * ELF objects shove everything into a single loadable segment that has the
- * write bit set. wr_offset is then used to set non-(data|bss) pages to be
- * non-writable.
- */
-#if 0
-static unsigned
-get_wr_offset(int fd, const char *name, Elf32_Ehdr *ehdr)
-{
- Elf32_Shdr *shdr_start;
- Elf32_Shdr *shdr;
- int shdr_sz = ehdr->e_shnum * sizeof(Elf32_Shdr);
- int cnt;
- unsigned wr_offset = 0xffffffff;
-
- shdr_start = mmap(0, shdr_sz, PROT_READ, MAP_PRIVATE, fd,
- ehdr->e_shoff & (~PAGE_MASK));
- if (shdr_start == MAP_FAILED) {
- WARN("%5d - Could not read section header info from '%s'. Will not "
- "not be able to determine write-protect offset.\n", pid, name);
- return (unsigned)-1;
- }
-
- for(cnt = 0, shdr = shdr_start; cnt < ehdr->e_shnum; ++cnt, ++shdr) {
- if ((shdr->sh_type != SHT_NULL) && (shdr->sh_flags & SHF_WRITE) &&
- (shdr->sh_addr < wr_offset)) {
- wr_offset = shdr->sh_addr;
- }
- }
-
- munmap(shdr_start, shdr_sz);
- return wr_offset;
-}
-#endif
-
-static soinfo *
-load_library(const char *name)
-{
- int fd = open_library(name);
- int cnt;
- unsigned ext_sz;
- unsigned req_base;
- const char *bname;
- soinfo *si = NULL;
- Elf32_Ehdr *hdr;
-
- if(fd == -1) {
- DL_ERR("Library '%s' not found", name);
- return NULL;
- }
-
- /* We have to read the ELF header to figure out what to do with this image
- */
- if (lseek(fd, 0, SEEK_SET) < 0) {
- DL_ERR("lseek() failed!");
- goto fail;
- }
-
- if ((cnt = read(fd, &__header[0], PAGE_SIZE)) < 0) {
- DL_ERR("read() failed!");
- goto fail;
- }
-
- /* Parse the ELF header and get the size of the memory footprint for
- * the library */
- req_base = get_lib_extents(fd, name, &__header[0], &ext_sz);
- if (req_base == (unsigned)-1)
- goto fail;
TRACE("[ %5d - '%s' (%s) wants base=0x%08x sz=0x%08x ]\n", pid, name,
(req_base ? "prelinked" : "not pre-linked"), req_base, ext_sz);
@@ -1120,40 +776,76 @@
* soinfo struct here is a lot more convenient.
*/
bname = strrchr(name, '/');
- si = alloc_info(bname ? bname + 1 : name);
+ si = soinfo_alloc(bname ? bname + 1 : name);
if (si == NULL)
goto fail;
- /* Carve out a chunk of memory where we will map in the individual
- * segments */
- si->base = req_base;
- si->size = ext_sz;
- si->flags = 0;
- si->entry = 0;
- si->dynamic = (unsigned *)-1;
- if (alloc_mem_region(si) < 0)
- goto fail;
-
- TRACE("[ %5d allocated memory for %s @ %p (0x%08x) ]\n",
- pid, name, (void *)si->base, (unsigned) ext_sz);
-
- /* Now actually load the library's segments into right places in memory */
- if (load_segments(fd, &__header[0], si) < 0) {
+ /* Reserve address space for all loadable segments */
+ ret = phdr_table_reserve_memory(phdr_table,
+ phdr_count,
+ req_base,
+ &load_start,
+ &load_size,
+ &load_bias);
+ if (ret < 0) {
+ DL_ERR("%5d Can't reserve %d bytes from 0x%08x in address space for %s: %s",
+ pid, ext_sz, req_base, name, strerror(errno));
goto fail;
}
- /* this might not be right. Technically, we don't even need this info
- * once we go through 'load_segments'. */
- hdr = (Elf32_Ehdr *)si->base;
- si->phdr = (Elf32_Phdr *)((unsigned char *)si->base + hdr->e_phoff);
- si->phnum = hdr->e_phnum;
- /**/
+ TRACE("[ %5d allocated memory for %s @ %p (0x%08x) ]\n",
+ pid, name, load_start, load_size);
+ /* Map all the segments in our address space with default protections */
+ ret = phdr_table_load_segments(phdr_table,
+ phdr_count,
+ load_start,
+ load_size,
+ load_bias,
+ fd);
+ if (ret < 0) {
+ DL_ERR("%5d Can't map loadable segments for %s: %s",
+ pid, name, strerror(errno));
+ goto fail;
+ }
+
+ /* Unprotect the segments, i.e. make them writable, to allow
+ * relocations to work properly. We will later call
+ * phdr_table_protect_segments() after all of them are applied
+ * and all constructors are run.
+ */
+ ret = phdr_table_unprotect_segments(phdr_table,
+ phdr_count,
+ load_bias);
+ if (ret < 0) {
+ DL_ERR("%5d Can't unprotect loadable segments for %s: %s",
+ pid, name, strerror(errno));
+ goto fail;
+ }
+
+ si->base = (Elf32_Addr) load_start;
+ si->size = load_size;
+ si->load_bias = load_bias;
+ si->flags = 0;
+ si->entry = 0;
+ si->dynamic = (unsigned *)-1;
+ si->phnum = phdr_count;
+ si->phdr = phdr_table_get_loaded_phdr(phdr_table, phdr_count, load_bias);
+ if (si->phdr == NULL) {
+ DL_ERR("%5d Can't find loaded PHDR for %s",
+ pid, name);
+ goto fail;
+ }
+
+ phdr_table_unload(phdr_mmap, phdr_size);
close(fd);
return si;
fail:
- if (si) free_info(si);
+ if (si) soinfo_free(si);
+ if (phdr_mmap != NULL) {
+ phdr_table_unload(phdr_mmap, phdr_size);
+ }
close(fd);
return NULL;
}
@@ -1168,7 +860,7 @@
TRACE("[ %5d init_library base=0x%08x sz=0x%08x name='%s') ]\n",
pid, si->base, si->size, si->name);
- if(link_image(si, wr_offset)) {
+ if(soinfo_link_image(si, wr_offset)) {
/* We failed to link. However, we can only restore libbase
** if no additional libraries have moved it since we updated it.
*/
@@ -1219,7 +911,7 @@
* for non-prelinked libraries, find a way to decrement libbase
*/
static void call_destructors(soinfo *si);
-unsigned unload_library(soinfo *si)
+unsigned soinfo_unload(soinfo *si)
{
unsigned *d;
if (si->refcount == 1) {
@@ -1228,16 +920,13 @@
/*
* Make sure that we undo the PT_GNU_RELRO protections we added
- * in link_image. This is needed to undo the DT_NEEDED hack below.
+ * in soinfo_link_image. This is needed to undo the DT_NEEDED hack below.
*/
- if ((si->gnu_relro_start != 0) && (si->gnu_relro_len != 0)) {
- Elf32_Addr start = (si->gnu_relro_start & ~PAGE_MASK);
- unsigned len = (si->gnu_relro_start - start) + si->gnu_relro_len;
- if (mprotect((void *) start, len, PROT_READ | PROT_WRITE) < 0)
- DL_ERR("%5d %s: could not undo GNU_RELRO protections. "
- "Expect a crash soon. errno=%d (%s)",
- pid, si->name, errno, strerror(errno));
-
+ if (phdr_table_unprotect_gnu_relro(si->phdr, si->phnum,
+ si->load_bias) < 0) {
+ DL_ERR("%5d %s: could not undo GNU_RELRO protections. "
+ "Expect a crash soon. errno=%d (%s)",
+ pid, si->name, errno, strerror(errno));
}
for(d = si->dynamic; *d; d += 2) {
@@ -1246,13 +935,13 @@
// The next line will segfault if the we don't undo the
// PT_GNU_RELRO protections (see comments above and in
- // link_image().
+ // soinfo_link_image().
d[1] = 0;
if (validate_soinfo(lsi)) {
TRACE("%5d %s needs to unload %s\n", pid,
si->name, lsi->name);
- unload_library(lsi);
+ soinfo_unload(lsi);
}
else
DL_ERR("%5d %s: could not unload dependent library",
@@ -1262,7 +951,7 @@
munmap((char *)si->base, si->size);
notify_gdb_of_unload(si);
- free_info(si);
+ soinfo_free(si);
si->refcount = 0;
}
else {
@@ -1277,19 +966,20 @@
* ideal. They should probably be either uint32_t, Elf32_Addr, or unsigned
* long.
*/
-static int reloc_library(soinfo *si, Elf32_Rel *rel, unsigned count)
+static int soinfo_relocate(soinfo *si, Elf32_Rel *rel, unsigned count)
{
Elf32_Sym *symtab = si->symtab;
const char *strtab = si->strtab;
Elf32_Sym *s;
unsigned base;
+ Elf32_Addr offset;
Elf32_Rel *start = rel;
unsigned idx;
for (idx = 0; idx < count; ++idx) {
unsigned type = ELF32_R_TYPE(rel->r_info);
unsigned sym = ELF32_R_SYM(rel->r_info);
- unsigned reloc = (unsigned)(rel->r_offset + si->base);
+ unsigned reloc = (unsigned)(rel->r_offset + si->load_bias);
unsigned sym_addr = 0;
char *sym_name = NULL;
@@ -1297,7 +987,7 @@
si->name, idx);
if(sym != 0) {
sym_name = (char *)(strtab + symtab[sym].st_name);
- s = _do_lookup(si, sym_name, &base);
+ s = soinfo_do_lookup(si, sym_name, &offset);
if(s == NULL) {
/* We only allow an undefined symbol if this is a weak
reference.. */
@@ -1364,7 +1054,7 @@
return -1;
}
#endif
- sym_addr = (unsigned)(s->st_value + base);
+ sym_addr = (unsigned)(s->st_value + offset);
}
COUNT_RELOC(RELOC_SYMBOL);
} else {
@@ -1516,7 +1206,7 @@
}
}
-void call_constructors_recursive(soinfo *si)
+void soinfo_call_constructors(soinfo *si)
{
if (si->constructors_called)
return;
@@ -1527,9 +1217,9 @@
// libc_malloc_debug_leak.so:
// 1. The program depends on libc, so libc's constructor is called here.
// 2. The libc constructor calls dlopen() to load libc_malloc_debug_leak.so.
- // 3. dlopen() calls call_constructors_recursive() with the newly created
+ // 3. dlopen() calls soinfo_call_constructors() with the newly created
// soinfo for libc_malloc_debug_leak.so.
- // 4. The debug so depends on libc, so call_constructors_recursive() is
+ // 4. The debug so depends on libc, so soinfo_call_constructors() is
// called again with the libc soinfo. If it doesn't trigger the early-
// out above, the libc constructor will be called again (recursively!).
si->constructors_called = 1;
@@ -1557,7 +1247,7 @@
DL_ERR("%5d bad DT_NEEDED pointer in %s",
pid, si->name);
} else {
- call_constructors_recursive(lsi);
+ soinfo_call_constructors(lsi);
}
}
}
@@ -1603,7 +1293,7 @@
int dev_null, i, status;
int return_value = 0;
- dev_null = open("/dev/null", O_RDWR);
+ dev_null = TEMP_FAILURE_RETRY(open("/dev/null", O_RDWR));
if (dev_null < 0) {
DL_ERR("Cannot open /dev/null.");
return -1;
@@ -1666,120 +1356,69 @@
return return_value;
}
-static int link_image(soinfo *si, unsigned wr_offset)
+static int soinfo_link_image(soinfo *si, unsigned wr_offset)
{
unsigned *d;
- Elf32_Phdr *phdr = si->phdr;
+ /* "base" might wrap around UINT32_MAX. */
+ Elf32_Addr base = si->load_bias;
+ const Elf32_Phdr *phdr = si->phdr;
int phnum = si->phnum;
+ int relocating_linker = (si->flags & FLAG_LINKER) != 0;
- INFO("[ %5d linking %s ]\n", pid, si->name);
- DEBUG("%5d si->base = 0x%08x si->flags = 0x%08x\n", pid,
- si->base, si->flags);
+ /* We can't debug anything until the linker is relocated */
+ if (!relocating_linker) {
+ INFO("[ %5d linking %s ]\n", pid, si->name);
+ DEBUG("%5d si->base = 0x%08x si->flags = 0x%08x\n", pid,
+ si->base, si->flags);
+ }
- if (si->flags & (FLAG_EXE | FLAG_LINKER)) {
- /* Locate the needed program segments (DYNAMIC/ARM_EXIDX) for
- * linkage info if this is the executable or the linker itself.
- * If this was a dynamic lib, that would have been done at load time.
- *
- * TODO: It's unfortunate that small pieces of this are
- * repeated from the load_library routine. Refactor this just
- * slightly to reuse these bits.
- */
- si->size = 0;
- for(; phnum > 0; --phnum, ++phdr) {
-#ifdef ANDROID_ARM_LINKER
- if(phdr->p_type == PT_ARM_EXIDX) {
- /* exidx entries (used for stack unwinding) are 8 bytes each.
- */
- si->ARM_exidx = (unsigned *)phdr->p_vaddr;
- si->ARM_exidx_count = phdr->p_memsz / 8;
- }
-#endif
- if (phdr->p_type == PT_LOAD) {
- /* For the executable, we use the si->size field only in
- dl_unwind_find_exidx(), so the meaning of si->size
- is not the size of the executable; it is the distance
- between the load location of the executable and the last
- address of the loadable part of the executable.
- We use the range [si->base, si->base + si->size) to
- determine whether a PC value falls within the executable
- section. Of course, if a value is between si->base and
- (si->base + phdr->p_vaddr), it's not in the executable
- section, but a) we shouldn't be asking for such a value
- anyway, and b) if we have to provide an EXIDX for such a
- value, then the executable's EXIDX is probably the better
- choice.
- */
- DEBUG_DUMP_PHDR(phdr, "PT_LOAD", pid);
- if (phdr->p_vaddr + phdr->p_memsz > si->size)
- si->size = phdr->p_vaddr + phdr->p_memsz;
- /* try to remember what range of addresses should be write
- * protected */
- if (!(phdr->p_flags & PF_W)) {
- unsigned _end;
-
- if (si->base + phdr->p_vaddr < si->wrprotect_start)
- si->wrprotect_start = si->base + phdr->p_vaddr;
- _end = (((si->base + phdr->p_vaddr + phdr->p_memsz + PAGE_SIZE - 1) &
- (~PAGE_MASK)));
- if (_end > si->wrprotect_end)
- si->wrprotect_end = _end;
- /* Make the section writable just in case we'll have to
- * write to it during relocation (i.e. text segment).
- * However, we will remember what range of addresses
- * should be write protected.
- */
- mprotect((void *) (si->base + phdr->p_vaddr),
- phdr->p_memsz,
- PFLAGS_TO_PROT(phdr->p_flags) | PROT_WRITE);
- }
- } else if (phdr->p_type == PT_DYNAMIC) {
- if (si->dynamic != (unsigned *)-1) {
- DL_ERR("%5d multiple PT_DYNAMIC segments found in '%s'. "
- "Segment at 0x%08x, previously one found at 0x%08x",
- pid, si->name, si->base + phdr->p_vaddr,
- (unsigned)si->dynamic);
- goto fail;
- }
- DEBUG_DUMP_PHDR(phdr, "PT_DYNAMIC", pid);
- si->dynamic = (unsigned *) (si->base + phdr->p_vaddr);
- } else if (phdr->p_type == PT_GNU_RELRO) {
- if ((phdr->p_vaddr >= si->size)
- || ((phdr->p_vaddr + phdr->p_memsz) > si->size)
- || ((si->base + phdr->p_vaddr + phdr->p_memsz) < si->base)) {
- DL_ERR("%d invalid GNU_RELRO in '%s' "
- "p_vaddr=0x%08x p_memsz=0x%08x", pid, si->name,
- phdr->p_vaddr, phdr->p_memsz);
- goto fail;
- }
- si->gnu_relro_start = (Elf32_Addr) (si->base + phdr->p_vaddr);
- si->gnu_relro_len = (unsigned) phdr->p_memsz;
- }
+ /* Extract dynamic section */
+ si->dynamic = phdr_table_get_dynamic_section(phdr, phnum, base);
+ if (si->dynamic == NULL) {
+ if (!relocating_linker) {
+ DL_ERR("%5d missing PT_DYNAMIC?!", pid);
+ }
+ goto fail;
+ } else {
+ if (!relocating_linker) {
+ DEBUG("%5d dynamic = %p\n", pid, si->dynamic);
}
}
- if (si->dynamic == (unsigned *)-1) {
- DL_ERR("%5d missing PT_DYNAMIC?!", pid);
- goto fail;
- }
+#ifdef ANDROID_ARM_LINKER
+ (void) phdr_table_get_arm_exidx(phdr, phnum, base,
+ &si->ARM_exidx, &si->ARM_exidx_count);
+#endif
- DEBUG("%5d dynamic = %p\n", pid, si->dynamic);
+ if (si->flags & (FLAG_EXE | FLAG_LINKER)) {
+ if (phdr_table_unprotect_segments(si->phdr,
+ si->phnum,
+ si->load_bias) < 0) {
+ /* We can't call DL_ERR if the linker's relocations haven't
+ * been performed yet */
+ if (!relocating_linker) {
+ DL_ERR("%5d Can't unprotect segments for %s: %s",
+ pid, si->name, strerror(errno));
+ }
+ goto fail;
+ }
+ }
/* extract useful information from dynamic section */
for(d = si->dynamic; *d; d++){
DEBUG("%5d d = %p, d[0] = 0x%08x d[1] = 0x%08x\n", pid, d, d[0], d[1]);
switch(*d++){
case DT_HASH:
- si->nbucket = ((unsigned *) (si->base + *d))[0];
- si->nchain = ((unsigned *) (si->base + *d))[1];
- si->bucket = (unsigned *) (si->base + *d + 8);
- si->chain = (unsigned *) (si->base + *d + 8 + si->nbucket * 4);
+ si->nbucket = ((unsigned *) (base + *d))[0];
+ si->nchain = ((unsigned *) (base + *d))[1];
+ si->bucket = (unsigned *) (base + *d + 8);
+ si->chain = (unsigned *) (base + *d + 8 + si->nbucket * 4);
break;
case DT_STRTAB:
- si->strtab = (const char *) (si->base + *d);
+ si->strtab = (const char *) (base + *d);
break;
case DT_SYMTAB:
- si->symtab = (Elf32_Sym *) (si->base + *d);
+ si->symtab = (Elf32_Sym *) (base + *d);
break;
case DT_PLTREL:
if(*d != DT_REL) {
@@ -1788,20 +1427,20 @@
}
break;
case DT_JMPREL:
- si->plt_rel = (Elf32_Rel*) (si->base + *d);
+ si->plt_rel = (Elf32_Rel*) (base + *d);
break;
case DT_PLTRELSZ:
si->plt_rel_count = *d / 8;
break;
case DT_REL:
- si->rel = (Elf32_Rel*) (si->base + *d);
+ si->rel = (Elf32_Rel*) (base + *d);
break;
case DT_RELSZ:
si->rel_count = *d / 8;
break;
case DT_PLTGOT:
/* Save this in case we decide to do lazy binding. We don't yet. */
- si->plt_got = (unsigned *)(si->base + *d);
+ si->plt_got = (unsigned *)(base + *d);
break;
case DT_DEBUG:
// Set the DT_DEBUG entry to the addres of _r_debug for GDB
@@ -1811,17 +1450,17 @@
DL_ERR("%5d DT_RELA not supported", pid);
goto fail;
case DT_INIT:
- si->init_func = (void (*)(void))(si->base + *d);
+ si->init_func = (void (*)(void))(base + *d);
DEBUG("%5d %s constructors (init func) found at %p\n",
pid, si->name, si->init_func);
break;
case DT_FINI:
- si->fini_func = (void (*)(void))(si->base + *d);
+ si->fini_func = (void (*)(void))(base + *d);
DEBUG("%5d %s destructors (fini func) found at %p\n",
pid, si->name, si->fini_func);
break;
case DT_INIT_ARRAY:
- si->init_array = (unsigned *)(si->base + *d);
+ si->init_array = (unsigned *)(base + *d);
DEBUG("%5d %s constructors (init_array) found at %p\n",
pid, si->name, si->init_array);
break;
@@ -1829,7 +1468,7 @@
si->init_array_count = ((unsigned)*d) / sizeof(Elf32_Addr);
break;
case DT_FINI_ARRAY:
- si->fini_array = (unsigned *)(si->base + *d);
+ si->fini_array = (unsigned *)(base + *d);
DEBUG("%5d %s destructors (fini_array) found at %p\n",
pid, si->name, si->fini_array);
break;
@@ -1837,7 +1476,7 @@
si->fini_array_count = ((unsigned)*d) / sizeof(Elf32_Addr);
break;
case DT_PREINIT_ARRAY:
- si->preinit_array = (unsigned *)(si->base + *d);
+ si->preinit_array = (unsigned *)(base + *d);
DEBUG("%5d %s constructors (preinit_array) found at %p\n",
pid, si->name, si->preinit_array);
break;
@@ -1905,52 +1544,31 @@
if(si->plt_rel) {
DEBUG("[ %5d relocating %s plt ]\n", pid, si->name );
- if(reloc_library(si, si->plt_rel, si->plt_rel_count))
+ if(soinfo_relocate(si, si->plt_rel, si->plt_rel_count))
goto fail;
}
if(si->rel) {
DEBUG("[ %5d relocating %s ]\n", pid, si->name );
- if(reloc_library(si, si->rel, si->rel_count))
+ if(soinfo_relocate(si, si->rel, si->rel_count))
goto fail;
}
si->flags |= FLAG_LINKED;
DEBUG("[ %5d finished linking %s ]\n", pid, si->name);
-#if 0
- /* This is the way that the old dynamic linker did protection of
- * non-writable areas. It would scan section headers and find where
- * .text ended (rather where .data/.bss began) and assume that this is
- * the upper range of the non-writable area. This is too coarse,
- * and is kept here for reference until we fully move away from single
- * segment elf objects. See the code in get_wr_offset (also #if'd 0)
- * that made this possible.
- */
- if(wr_offset < 0xffffffff){
- mprotect((void*) si->base, wr_offset, PROT_READ | PROT_EXEC);
+ /* All relocations are done, we can protect our segments back to
+ * read-only. */
+ if (phdr_table_protect_segments(si->phdr, si->phnum, si->load_bias) < 0) {
+ DL_ERR("%5d Can't protect segments for %s: %s",
+ pid, si->name, strerror(errno));
+ goto fail;
}
-#else
- /* TODO: Verify that this does the right thing in all cases, as it
- * presently probably does not. It is possible that an ELF image will
- * come with multiple read-only segments. What we ought to do is scan
- * the program headers again and mprotect all the read-only segments.
- * To prevent re-scanning the program header, we would have to build a
- * list of loadable segments in si, and then scan that instead. */
- if (si->wrprotect_start != 0xffffffff && si->wrprotect_end != 0) {
- mprotect((void *)si->wrprotect_start,
- si->wrprotect_end - si->wrprotect_start,
- PROT_READ | PROT_EXEC);
- }
-#endif
- if (si->gnu_relro_start != 0 && si->gnu_relro_len != 0) {
- Elf32_Addr start = (si->gnu_relro_start & ~PAGE_MASK);
- unsigned len = (si->gnu_relro_start - start) + si->gnu_relro_len;
- if (mprotect((void *) start, len, PROT_READ) < 0) {
- DL_ERR("%5d GNU_RELRO mprotect of library '%s' failed: %d (%s)\n",
- pid, si->name, errno, strerror(errno));
- goto fail;
- }
+ /* We can also turn on GNU RELRO protection */
+ if (phdr_table_protect_gnu_relro(si->phdr, si->phnum, si->load_bias) < 0) {
+ DL_ERR("%5d Can't enable GNU RELRO protection for %s: %s",
+ pid, si->name, strerror(errno));
+ goto fail;
}
/* If this is a SET?ID program, dup /dev/null to opened stdin,
@@ -2095,7 +1713,7 @@
INFO("[ android linker & debugger ]\n");
DEBUG("%5d elfdata @ 0x%08x\n", pid, (unsigned)elfdata);
- si = alloc_info(argv[0]);
+ si = soinfo_alloc(argv[0]);
if(si == 0) {
exit(-1);
}
@@ -2115,7 +1733,7 @@
/* gdb expects the linker to be in the debug shared object list,
* and we need to make sure that the reported load address is zero.
* Without this, gdb gets the wrong idea of where rtld_db_dlactivity()
- * is. Don't use alloc_info(), because the linker shouldn't
+ * is. Don't use soinfo_alloc(), because the linker shouldn't
* be on the soinfo list.
*/
strlcpy((char*) linker_soinfo.name, "/system/bin/linker", sizeof linker_soinfo.name);
@@ -2145,18 +1763,17 @@
*/
int nn;
si->base = 0;
+ si->size = phdr_table_get_load_size(si->phdr, si->phnum);
+ si->load_bias = 0;
for ( nn = 0; nn < si->phnum; nn++ ) {
if (si->phdr[nn].p_type == PT_PHDR) {
- si->base = (Elf32_Addr) si->phdr - si->phdr[nn].p_vaddr;
+ si->load_bias = (Elf32_Addr)si->phdr - si->phdr[nn].p_vaddr;
+ si->base = (Elf32_Addr) si->phdr - si->phdr[nn].p_offset;
break;
}
}
si->dynamic = (unsigned *)-1;
- si->wrprotect_start = 0xffffffff;
- si->wrprotect_end = 0;
si->refcount = 1;
- si->gnu_relro_start = 0;
- si->gnu_relro_len = 0;
/* Use LD_LIBRARY_PATH if we aren't setuid/setgid */
if (ldpath_env)
@@ -2166,14 +1783,14 @@
parse_preloads(ldpreload_env, " :");
}
- if(link_image(si, 0)) {
+ if(soinfo_link_image(si, 0)) {
char errmsg[] = "CANNOT LINK EXECUTABLE\n";
write(2, __linker_dl_err_buf, strlen(__linker_dl_err_buf));
write(2, errmsg, sizeof(errmsg));
exit(-1);
}
- call_constructors_recursive(si);
+ soinfo_call_constructors(si);
#if ALLOW_SYMBOLS_FROM_MAIN
/* Set somain after we've loaded all the libraries in order to prevent
@@ -2249,6 +1866,32 @@
return 0; // should never happen
}
+/* Compute the load-bias of an existing executable. This shall only
+ * be used to compute the load bias of an executable or shared library
+ * that was loaded by the kernel itself.
+ *
+ * Input:
+ * elf -> address of ELF header, assumed to be at the start of the file.
+ * Return:
+ * load bias, i.e. add the value of any p_vaddr in the file to get
+ * the corresponding address in memory.
+ */
+static Elf32_Addr
+get_elf_exec_load_bias(const Elf32_Ehdr* elf)
+{
+ Elf32_Addr offset = elf->e_phoff;
+ const Elf32_Phdr* phdr_table = (const Elf32_Phdr*)((char*)elf + offset);
+ const Elf32_Phdr* phdr_end = phdr_table + elf->e_phnum;
+ const Elf32_Phdr* phdr;
+
+ for (phdr = phdr_table; phdr < phdr_end; phdr++) {
+ if (phdr->p_type == PT_LOAD) {
+ return (Elf32_Addr)elf + phdr->p_offset - phdr->p_vaddr;
+ }
+ }
+ return 0;
+}
+
/*
* This is the entry point for the linker, called from begin.S. This
* method is responsible for fixing the linker's own relocations, and
@@ -2268,16 +1911,14 @@
memset(&linker_so, 0, sizeof(soinfo));
linker_so.base = linker_addr;
+ linker_so.size = phdr_table_get_load_size(phdr, elf_hdr->e_phnum);
+ linker_so.load_bias = get_elf_exec_load_bias(elf_hdr);
linker_so.dynamic = (unsigned *) -1;
linker_so.phdr = phdr;
linker_so.phnum = elf_hdr->e_phnum;
linker_so.flags |= FLAG_LINKER;
- linker_so.wrprotect_start = 0xffffffff;
- linker_so.wrprotect_end = 0;
- linker_so.gnu_relro_start = 0;
- linker_so.gnu_relro_len = 0;
- if (link_image(&linker_so, 0)) {
+ if (soinfo_link_image(&linker_so, 0)) {
// It would be nice to print an error message, but if the linker
// can't link itself, there's no guarantee that we'll be able to
// call write() (because it involves a GOT reference).
diff --git a/linker/linker.h b/linker/linker.h
index 0c986cd..0956ac5 100644
--- a/linker/linker.h
+++ b/linker/linker.h
@@ -37,7 +37,23 @@
#undef PAGE_MASK
#undef PAGE_SIZE
#define PAGE_SIZE 4096
-#define PAGE_MASK 4095
+#define PAGE_MASK (PAGE_SIZE-1)
+
+/* Convenience macros to make page address/offset computations more explicit */
+
+/* Returns the address of the page starting at address 'x' */
+#define PAGE_START(x) ((x) & ~PAGE_MASK)
+
+/* Returns the offset of address 'x' in its memory page, i.e. this is the
+ * same than 'x' - PAGE_START(x) */
+#define PAGE_OFFSET(x) ((x) & PAGE_MASK)
+
+/* Returns the address of the next page after address 'x', unless 'x' is
+ * itself at the start of a page. Equivalent to:
+ *
+ * (x == PAGE_START(x)) ? x : PAGE_START(x)+PAGE_SIZE
+ */
+#define PAGE_END(x) PAGE_START((x) + (PAGE_SIZE-1))
void debugger_init();
const char *addr_to_name(unsigned addr);
@@ -91,7 +107,7 @@
struct soinfo
{
const char name[SOINFO_NAME_LEN];
- Elf32_Phdr *phdr;
+ const Elf32_Phdr *phdr;
int phnum;
unsigned entry;
unsigned base;
@@ -101,8 +117,8 @@
unsigned *dynamic;
- unsigned wrprotect_start;
- unsigned wrprotect_end;
+ unsigned unused2; // DO NOT USE, maintained for compatibility
+ unsigned unused3; // DO NOT USE, maintained for compatibility
soinfo *next;
unsigned flags;
@@ -145,9 +161,9 @@
int constructors_called;
- Elf32_Addr gnu_relro_start;
- unsigned gnu_relro_len;
-
+ /* When you read a virtual address from the ELF file, add this
+ * value to get the corresponding address in the process' address space */
+ Elf32_Addr load_bias;
};
@@ -202,13 +218,14 @@
#endif
soinfo *find_library(const char *name);
-unsigned unload_library(soinfo *si);
-Elf32_Sym *lookup_in_library(soinfo *si, const char *name);
Elf32_Sym *lookup(const char *name, soinfo **found, soinfo *start);
soinfo *find_containing_library(const void *addr);
-Elf32_Sym *find_containing_symbol(const void *addr, soinfo *si);
const char *linker_get_error(void);
-void call_constructors_recursive(soinfo *si);
+
+unsigned soinfo_unload(soinfo *si);
+Elf32_Sym *soinfo_find_symbol(soinfo* si, const void *addr);
+Elf32_Sym *soinfo_lookup(soinfo *si, const char *name);
+void soinfo_call_constructors(soinfo *si);
#ifdef ANDROID_ARM_LINKER
typedef long unsigned int *_Unwind_Ptr;
diff --git a/linker/linker_environ.c b/linker/linker_environ.c
index b71dd80..fadcb60 100644
--- a/linker/linker_environ.c
+++ b/linker/linker_environ.c
@@ -192,13 +192,11 @@
"TZDIR",
"LD_AOUT_LIBRARY_PATH",
"LD_AOUT_PRELOAD",
+ NULL
};
- const char* const* cp = unsec_vars;
- const char* const* endp = cp + sizeof(unsec_vars)/sizeof(unsec_vars[0]);
-
- while (cp < endp) {
- linker_env_unset(*cp);
- cp++;
+ int count;
+ for (count = 0; unsec_vars[count] != NULL; count++) {
+ linker_env_unset(unsec_vars[count]);
}
}
diff --git a/linker/linker_format.c b/linker/linker_format.c
index 0c68a0b..cded68a 100644
--- a/linker/linker_format.c
+++ b/linker/linker_format.c
@@ -172,6 +172,21 @@
return format_buffer(buff, bufsize, format, args);
}
+/* The pthread implementation uses snprintf(). If we define it here, we
+ * avoid pulling the stdio vfprintf() implementation into the linker
+ * saving about 19KB of machine code.
+ */
+int
+snprintf(char* buff, size_t bufsize, const char* format, ...)
+{
+ va_list args;
+ int ret;
+ va_start(args, format);
+ ret = vsnprintf(buff, bufsize, format, args);
+ va_end(args);
+ return ret;
+}
+
#if LINKER_DEBUG
#if !LINKER_DEBUG_TO_LOG
diff --git a/linker/linker_phdr.c b/linker/linker_phdr.c
new file mode 100644
index 0000000..c9f194b
--- /dev/null
+++ b/linker/linker_phdr.c
@@ -0,0 +1,665 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <errno.h>
+#include <sys/mman.h>
+
+#include "linker_phdr.h"
+
+/**
+ TECHNICAL NOTE ON ELF LOADING.
+
+ An ELF file's program header table contains one or more PT_LOAD
+ segments, which corresponds to portions of the file that need to
+ be mapped into the process' address space.
+
+ Each loadable segment has the following important properties:
+
+ p_offset -> segment file offset
+ p_filesz -> segment file size
+ p_memsz -> segment memory size (always >= p_filesz)
+ p_vaddr -> segment's virtual address
+ p_flags -> segment flags (e.g. readable, writable, executable)
+
+ We will ignore the p_paddr and p_align fields of Elf32_Phdr for now.
+
+ The loadable segments can be seen as a list of [p_vaddr ... p_vaddr+p_memsz)
+ ranges of virtual addresses. A few rules apply:
+
+ - the virtual address ranges should not overlap.
+
+ - if a segment's p_filesz is smaller than its p_memsz, the extra bytes
+ between them should always be initialized to 0.
+
+ - ranges do not necessarily start or end at page boundaries. Two distinct
+ segments can have their start and end on the same page. In this case, the
+ page inherits the mapping flags of the latter segment.
+
+ Finally, the real load addrs of each segment is not p_vaddr. Instead the
+ loader decides where to load the first segment, then will load all others
+ relative to the first one to respect the initial range layout.
+
+ For example, consider the following list:
+
+ [ offset:0, filesz:0x4000, memsz:0x4000, vaddr:0x30000 ],
+ [ offset:0x4000, filesz:0x2000, memsz:0x8000, vaddr:0x40000 ],
+
+ This corresponds to two segments that cover these virtual address ranges:
+
+ 0x30000...0x34000
+ 0x40000...0x48000
+
+ If the loader decides to load the first segment at address 0xa0000000
+ then the segments' load address ranges will be:
+
+ 0xa0030000...0xa0034000
+ 0xa0040000...0xa0048000
+
+ In other words, all segments must be loaded at an address that has the same
+ constant offset from their p_vaddr value. This offset is computed as the
+ difference between the first segment's load address, and its p_vaddr value.
+
+ However, in practice, segments do _not_ start at page boundaries. Since we
+ can only memory-map at page boundaries, this means that the bias is
+ computed as:
+
+ load_bias = phdr0_load_address - PAGE_START(phdr0->p_vaddr)
+
+ (NOTE: The value must be used as a 32-bit unsigned integer, to deal with
+ possible wrap around UINT32_MAX for possible large p_vaddr values).
+
+ And that the phdr0_load_address must start at a page boundary, with
+ the segment's real content starting at:
+
+ phdr0_load_address + PAGE_OFFSET(phdr0->p_vaddr)
+
+ Note that ELF requires the following condition to make the mmap()-ing work:
+
+ PAGE_OFFSET(phdr0->p_vaddr) == PAGE_OFFSET(phdr0->p_offset)
+
+ The load_bias must be added to any p_vaddr value read from the ELF file to
+ determine the corresponding memory address.
+
+ **/
+
+#define MAYBE_MAP_FLAG(x,from,to) (((x) & (from)) ? (to) : 0)
+#define PFLAGS_TO_PROT(x) (MAYBE_MAP_FLAG((x), PF_X, PROT_EXEC) | \
+ MAYBE_MAP_FLAG((x), PF_R, PROT_READ) | \
+ MAYBE_MAP_FLAG((x), PF_W, PROT_WRITE))
+
+/* Load the program header table from an ELF file into a read-only private
+ * anonymous mmap-ed block.
+ *
+ * Input:
+ * fd -> file descriptor
+ * phdr_offset -> file offset of phdr table
+ * phdr_num -> number of entries in the table.
+ *
+ * Output:
+ * phdr_mmap -> address of mmap block in memory.
+ * phdr_memsize -> size of mmap block in memory.
+ * phdr_table -> address of first entry in memory.
+ *
+ * Return:
+ * -1 on error, or 0 on success.
+ */
+int phdr_table_load(int fd,
+ Elf32_Addr phdr_offset,
+ Elf32_Half phdr_num,
+ void** phdr_mmap,
+ Elf32_Addr* phdr_size,
+ const Elf32_Phdr** phdr_table)
+{
+ Elf32_Addr page_min, page_max, page_offset;
+ void* mmap_result;
+
+ /* Just like the kernel, we only accept program header tables that
+ * are smaller than 64KB. */
+ if (phdr_num < 1 || phdr_num > 65536/sizeof(Elf32_Phdr)) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ page_min = PAGE_START(phdr_offset);
+ page_max = PAGE_END(phdr_offset + phdr_num*sizeof(Elf32_Phdr));
+ page_offset = PAGE_OFFSET(phdr_offset);
+
+ mmap_result = mmap(NULL,
+ page_max - page_min,
+ PROT_READ,
+ MAP_PRIVATE,
+ fd,
+ page_min);
+
+ if (mmap_result == MAP_FAILED) {
+ return -1;
+ }
+
+ *phdr_mmap = mmap_result;
+ *phdr_size = page_max - page_min;
+ *phdr_table = (Elf32_Phdr*)((char*)mmap_result + page_offset);
+
+ return 0;
+}
+
+void phdr_table_unload(void* phdr_mmap, Elf32_Addr phdr_memsize)
+{
+ munmap(phdr_mmap, phdr_memsize);
+}
+
+
+/* Compute the extent of all loadable segments in an ELF program header
+ * table. This corresponds to the page-aligned size in bytes that needs to be
+ * reserved in the process' address space
+ *
+ * This returns 0 if there are no loadable segments.
+ */
+Elf32_Addr phdr_table_get_load_size(const Elf32_Phdr* phdr_table,
+ int phdr_count)
+{
+ int nn;
+
+ Elf32_Addr min_vaddr = 0xFFFFFFFFU;
+ Elf32_Addr max_vaddr = 0x00000000U;
+
+ for (nn = 0; nn < phdr_count; nn++) {
+ const Elf32_Phdr* phdr = &phdr_table[nn];
+
+ if (phdr->p_type != PT_LOAD)
+ continue;
+
+ if (phdr->p_vaddr < min_vaddr)
+ min_vaddr = phdr->p_vaddr;
+
+ if (phdr->p_vaddr + phdr->p_memsz > max_vaddr)
+ max_vaddr = phdr->p_vaddr + phdr->p_memsz;
+ }
+
+ if (min_vaddr > max_vaddr) {
+ return 0;
+ }
+
+ min_vaddr = PAGE_START(min_vaddr);
+ max_vaddr = PAGE_END(max_vaddr);
+
+ return max_vaddr - min_vaddr;
+}
+
+/* Reserve a virtual address range big enough to hold all loadable
+ * segments of a program header table. This is done by creating a
+ * private anonymous mmap() with PROT_NONE.
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entries in the tables
+ * required_base -> for prelinked libraries, mandatory load address
+ * of the first loadable segment. 0 otherwise.
+ * Output:
+ * load_start -> first page of reserved address space range
+ * load_size -> size in bytes of reserved address space range
+ * load_bias -> load bias, as described in technical note above.
+ *
+ * Return:
+ * 0 on success, -1 otherwise. Error code in errno.
+ */
+int
+phdr_table_reserve_memory(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr required_base,
+ void** load_start,
+ Elf32_Addr* load_size,
+ Elf32_Addr* load_bias)
+{
+ Elf32_Addr size = phdr_table_get_load_size(phdr_table, phdr_count);
+ void* start;
+ int nn, mmap_flags;
+
+ if (size == 0) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ mmap_flags = MAP_PRIVATE | MAP_ANONYMOUS;
+ if (required_base != 0)
+ mmap_flags |= MAP_FIXED;
+
+ start = mmap((void*)required_base, size, PROT_NONE, mmap_flags, -1, 0);
+ if (start == MAP_FAILED) {
+ return -1;
+ }
+
+ *load_start = start;
+ *load_size = size;
+ *load_bias = 0;
+
+ for (nn = 0; nn < phdr_count; nn++) {
+ const Elf32_Phdr* phdr = &phdr_table[nn];
+ if (phdr->p_type == PT_LOAD) {
+ *load_bias = (Elf32_Addr)start - PAGE_START(phdr->p_vaddr);
+ break;
+ }
+ }
+ return 0;
+}
+
+/* Map all loadable segments in process' address space.
+ * This assumes you already called phdr_table_reserve_memory to
+ * reserve the address space range for the library.
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entries in the table
+ * load_start -> start address of reserved memory range.
+ * load_size -> size of reserved memory range.
+ * load_bias -> load offset.
+ * fd -> input file descriptor.
+ *
+ * Return:
+ * 0 on success, -1 otherwise. Error code in errno.
+ */
+int
+phdr_table_load_segments(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ void* load_start,
+ Elf32_Addr load_size,
+ Elf32_Addr load_bias,
+ int fd)
+{
+ int nn;
+
+ for (nn = 0; nn < phdr_count; nn++) {
+ const Elf32_Phdr* phdr = &phdr_table[nn];
+ void* seg_addr;
+
+ if (phdr->p_type != PT_LOAD)
+ continue;
+
+ /* Segment addresses in memory */
+ Elf32_Addr seg_start = phdr->p_vaddr + load_bias;
+ Elf32_Addr seg_end = seg_start + phdr->p_memsz;
+
+ Elf32_Addr seg_page_start = PAGE_START(seg_start);
+ Elf32_Addr seg_page_end = PAGE_END(seg_end);
+
+ Elf32_Addr seg_file_end = seg_start + phdr->p_filesz;
+
+ /* File offsets */
+ Elf32_Addr file_start = phdr->p_offset;
+ Elf32_Addr file_end = file_start + phdr->p_filesz;
+
+ Elf32_Addr file_page_start = PAGE_START(file_start);
+ Elf32_Addr file_page_end = PAGE_END(file_end);
+
+ seg_addr = mmap((void*)seg_page_start,
+ file_end - file_page_start,
+ PFLAGS_TO_PROT(phdr->p_flags),
+ MAP_FIXED|MAP_PRIVATE,
+ fd,
+ file_page_start);
+
+ if (seg_addr == MAP_FAILED) {
+ return -1;
+ }
+
+ /* if the segment is writable, and does not end on a page boundary,
+ * zero-fill it until the page limit. */
+ if ((phdr->p_flags & PF_W) != 0 && PAGE_OFFSET(seg_file_end) > 0) {
+ memset((void*)seg_file_end, 0, PAGE_SIZE - PAGE_OFFSET(seg_file_end));
+ }
+
+ seg_file_end = PAGE_END(seg_file_end);
+
+ /* seg_file_end is now the first page address after the file
+ * content. If seg_end is larger, we need to zero anything
+ * between them. This is done by using a private anonymous
+ * map for all extra pages.
+ */
+ if (seg_page_end > seg_file_end) {
+ void* zeromap = mmap((void*)seg_file_end,
+ seg_page_end - seg_file_end,
+ PFLAGS_TO_PROT(phdr->p_flags),
+ MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE,
+ -1,
+ 0);
+ if (zeromap == MAP_FAILED) {
+ return -1;
+ }
+ }
+ }
+ return 0;
+}
+
+/* Used internally. Used to set the protection bits of all loaded segmments
+ * with optional extra flags (i.e. really PROT_WRITE). Used by
+ * phdr_table_protect_segments and phdr_table_unprotect_segments.
+ */
+static int
+_phdr_table_set_load_prot(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias,
+ int extra_prot_flags)
+{
+ const Elf32_Phdr* phdr = phdr_table;
+ const Elf32_Phdr* phdr_limit = phdr + phdr_count;
+
+ for (; phdr < phdr_limit; phdr++) {
+ if (phdr->p_type != PT_LOAD || (phdr->p_flags & PF_W) != 0)
+ continue;
+
+ Elf32_Addr seg_page_start = PAGE_START(phdr->p_vaddr) + load_bias;
+ Elf32_Addr seg_page_end = PAGE_END(phdr->p_vaddr + phdr->p_memsz) + load_bias;
+
+ int ret = mprotect((void*)seg_page_start,
+ seg_page_end - seg_page_start,
+ PFLAGS_TO_PROT(phdr->p_flags) | extra_prot_flags);
+ if (ret < 0) {
+ return -1;
+ }
+ }
+ return 0;
+}
+
+/* Restore the original protection modes for all loadable segments.
+ * You should only call this after phdr_table_unprotect_segments and
+ * applying all relocations.
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entires in tables
+ * load_bias -> load bias
+ * Return:
+ * 0 on error, -1 on failure (error code in errno).
+ */
+int
+phdr_table_protect_segments(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias)
+{
+ return _phdr_table_set_load_prot(phdr_table, phdr_count,
+ load_bias, 0);
+}
+
+/* Change the protection of all loaded segments in memory to writable.
+ * This is useful before performing relocations. Once completed, you
+ * will have to call phdr_table_protect_segments to restore the original
+ * protection flags on all segments.
+ *
+ * Note that some writable segments can also have their content turned
+ * to read-only by calling phdr_table_protect_gnu_relro. This is no
+ * performed here.
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entires in tables
+ * load_bias -> load bias
+ * Return:
+ * 0 on error, -1 on failure (error code in errno).
+ */
+int
+phdr_table_unprotect_segments(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias)
+{
+ return _phdr_table_set_load_prot(phdr_table, phdr_count,
+ load_bias, PROT_WRITE);
+}
+
+/* Used internally by phdr_table_protect_gnu_relro and
+ * phdr_table_unprotect_gnu_relro.
+ */
+static int
+_phdr_table_set_gnu_relro_prot(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias,
+ int prot_flags)
+{
+ const Elf32_Phdr* phdr = phdr_table;
+ const Elf32_Phdr* phdr_limit = phdr + phdr_count;
+
+ for (phdr = phdr_table; phdr < phdr_limit; phdr++) {
+ if (phdr->p_type != PT_GNU_RELRO)
+ continue;
+
+ /* Tricky: what happens when the relro segment does not start
+ * or end at page boundaries?. We're going to be over-protective
+ * here and put every page touched by the segment as read-only.
+ *
+ * This seems to match Ian Lance Taylor's description of the
+ * feature at http://www.airs.com/blog/archives/189.
+ *
+ * Extract:
+ * Note that the current dynamic linker code will only work
+ * correctly if the PT_GNU_RELRO segment starts on a page
+ * boundary. This is because the dynamic linker rounds the
+ * p_vaddr field down to the previous page boundary. If
+ * there is anything on the page which should not be read-only,
+ * the program is likely to fail at runtime. So in effect the
+ * linker must only emit a PT_GNU_RELRO segment if it ensures
+ * that it starts on a page boundary.
+ */
+ Elf32_Addr seg_page_start = PAGE_START(phdr->p_vaddr) + load_bias;
+ Elf32_Addr seg_page_end = PAGE_END(phdr->p_vaddr + phdr->p_memsz) + load_bias;
+
+ int ret = mprotect((void*)seg_page_start,
+ seg_page_end - seg_page_start,
+ prot_flags);
+ if (ret < 0) {
+ return -1;
+ }
+ }
+ return 0;
+}
+
+/* Apply GNU relro protection if specified by the program header. This will
+ * turn some of the pages of a writable PT_LOAD segment to read-only, as
+ * specified by one or more PT_GNU_RELRO segments. This must be always
+ * performed after relocations.
+ *
+ * NOTE: One must call phdr_table_unprotect_gnu_relro() before calling
+ * the library's destructors, in order to ensure that the .dynamic
+ * section is writable (as well as the .data.relro section that
+ * might contain the content of static constant C++ objects that
+ * needs to be destroyed).
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entires in tables
+ * load_bias -> load bias
+ * Return:
+ * 0 on error, -1 on failure (error code in errno).
+ */
+int
+phdr_table_protect_gnu_relro(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias)
+{
+ return _phdr_table_set_gnu_relro_prot(phdr_table,
+ phdr_count,
+ load_bias,
+ PROT_READ);
+}
+
+/* Un-apply GNU relro protection if specified by the program header.
+ * See comment for phdr_table_protect_gnu_relro.
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entires in tables
+ * load_bias -> load bias
+ * Return:
+ * 0 on error, -1 on failure (error code in errno).
+ */
+int
+phdr_table_unprotect_gnu_relro(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias)
+{
+ return _phdr_table_set_gnu_relro_prot(phdr_table,
+ phdr_count,
+ load_bias,
+ PROT_READ|PROT_WRITE);
+}
+
+#ifdef ANDROID_ARM_LINKER
+
+# ifndef PT_ARM_EXIDX
+# define PT_ARM_EXIDX 0x70000001 /* .ARM.exidx segment */
+# endif
+
+/* Return the address and size of the .ARM.exidx section in memory,
+ * if present.
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entires in tables
+ * load_bias -> load bias
+ * Output:
+ * arm_exidx -> address of table in memory (NULL on failure).
+ * arm_exidx_count -> number of items in table (0 on failure).
+ * Return:
+ * 0 on error, -1 on failure (_no_ error code in errno)
+ */
+int
+phdr_table_get_arm_exidx(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias,
+ Elf32_Addr** arm_exidx,
+ unsigned* arm_exidx_count)
+{
+ const Elf32_Phdr* phdr = phdr_table;
+ const Elf32_Phdr* phdr_limit = phdr + phdr_count;
+
+ for (phdr = phdr_table; phdr < phdr_limit; phdr++) {
+ if (phdr->p_type != PT_ARM_EXIDX)
+ continue;
+
+ *arm_exidx = (Elf32_Addr*)(load_bias + phdr->p_vaddr);
+ *arm_exidx_count = (unsigned)(phdr->p_memsz / 8);
+ return 0;
+ }
+ *arm_exidx = NULL;
+ *arm_exidx_count = 0;
+ return -1;
+}
+#endif /* ANDROID_ARM_LINKER */
+
+/* Return the address of the ELF file's .dynamic section in memory,
+ * or NULL if missing.
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entires in tables
+ * load_bias -> load bias
+ * Return:
+ * 0 on error, -1 on failure (_no_ error code in errno)
+ */
+Elf32_Addr*
+phdr_table_get_dynamic_section(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias)
+{
+ const Elf32_Phdr* phdr = phdr_table;
+ const Elf32_Phdr* phdr_limit = phdr + phdr_count;
+
+ for (phdr = phdr_table; phdr < phdr_limit; phdr++) {
+ if (phdr->p_type == PT_DYNAMIC) {
+ return (Elf32_Addr*)(load_bias + phdr->p_vaddr);
+ }
+ }
+ return NULL;
+}
+
+/* Return the address of the program header table as it appears in the loaded
+ * segments in memory. This is in contrast with the input 'phdr_table' which
+ * is temporary and will be released before the library is relocated.
+ *
+ * Input:
+ * phdr_table -> program header table
+ * phdr_count -> number of entries in tables
+ * load_bias -> load bias
+ * Return:
+ * Address of loaded program header table on success (it has
+ * 'phdr_count' entries), or NULL on failure (no error code).
+ */
+const Elf32_Phdr*
+phdr_table_get_loaded_phdr(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias)
+{
+ const Elf32_Phdr* phdr = phdr_table;
+ const Elf32_Phdr* phdr_limit = phdr + phdr_count;
+ Elf32_Addr loaded = 0;
+ Elf32_Addr loaded_end;
+
+ /* If there is a PT_PHDR, use it directly */
+ for (phdr = phdr_table; phdr < phdr_limit; phdr++) {
+ if (phdr->p_type == PT_PHDR) {
+ loaded = load_bias + phdr->p_vaddr;
+ goto CHECK;
+ }
+ }
+
+ /* Otherwise, check the first loadable segment. If its file offset
+ * is 0, it starts with the ELF header, and we can trivially find the
+ * loaded program header from it. */
+ for (phdr = phdr_table; phdr < phdr_limit; phdr++) {
+ if (phdr->p_type == PT_LOAD) {
+ if (phdr->p_offset == 0) {
+ Elf32_Addr elf_addr = load_bias + phdr->p_vaddr;
+ const Elf32_Ehdr* ehdr = (const Elf32_Ehdr*)(void*)elf_addr;
+ Elf32_Addr offset = ehdr->e_phoff;
+ loaded = (Elf32_Addr)ehdr + offset;
+ goto CHECK;
+ }
+ break;
+ }
+ }
+
+ /* We didn't find it, let the client know. He may be able to
+ * keep a copy of the input phdr_table instead. */
+ return NULL;
+
+CHECK:
+ /* Ensure that our program header is actually within a loadable
+ * segment. This should help catch badly-formed ELF files that
+ * would cause the linker to crash later when trying to access it.
+ */
+ loaded_end = loaded + phdr_count*sizeof(Elf32_Phdr);
+
+ for (phdr = phdr_table; phdr < phdr_limit; phdr++) {
+ if (phdr->p_type != PT_LOAD)
+ continue;
+ Elf32_Addr seg_start = phdr->p_vaddr + load_bias;
+ Elf32_Addr seg_end = phdr->p_filesz + seg_start;
+
+ if (seg_start <= loaded && loaded_end <= seg_end) {
+ return (const Elf32_Phdr*)loaded;
+ }
+ }
+ return NULL;
+}
diff --git a/linker/linker_phdr.h b/linker/linker_phdr.h
new file mode 100644
index 0000000..d542e46
--- /dev/null
+++ b/linker/linker_phdr.h
@@ -0,0 +1,112 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+#ifndef LINKER_PHDR_H
+#define LINKER_PHDR_H
+
+/* Declarations related to the ELF program header table and segments.
+ *
+ * The design goal is to provide an API that is as close as possible
+ * to the ELF spec, and does not depend on linker-specific data
+ * structures (e.g. the exact layout of struct soinfo).
+ */
+
+#include "linker.h"
+
+/* See linker_phdr.c for all usage documentation */
+
+int
+phdr_table_load(int fd,
+ Elf32_Addr phdr_offset,
+ Elf32_Half phdr_num,
+ void** phdr_mmap,
+ Elf32_Addr* phdr_size,
+ const Elf32_Phdr** phdr_table);
+
+void
+phdr_table_unload(void* phdr_mmap, Elf32_Addr phdr_memsize);
+
+Elf32_Addr
+phdr_table_get_load_size(const Elf32_Phdr* phdr_table,
+ int phdr_count);
+
+int
+phdr_table_reserve_memory(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr required_base,
+ void** load_start,
+ Elf32_Addr* load_size,
+ Elf32_Addr* load_bias);
+
+int
+phdr_table_load_segments(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ void* load_start,
+ Elf32_Addr load_size,
+ Elf32_Addr load_bias,
+ int fd);
+
+int
+phdr_table_protect_segments(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias);
+
+int
+phdr_table_unprotect_segments(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias);
+
+int
+phdr_table_protect_gnu_relro(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias);
+
+int
+phdr_table_unprotect_gnu_relro(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias);
+
+const Elf32_Phdr*
+phdr_table_get_loaded_phdr(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias);
+
+#ifdef ANDROID_ARM_LINKER
+int
+phdr_table_get_arm_exidx(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias,
+ Elf32_Addr** arm_exidx,
+ unsigned* arm_exidix_count);
+#endif
+
+Elf32_Addr*
+phdr_table_get_dynamic_section(const Elf32_Phdr* phdr_table,
+ int phdr_count,
+ Elf32_Addr load_bias);
+
+#endif /* LINKER_PHDR_H */