1 // Copyright 2023-2024, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 //! This library provides implementation for a few libc functions for building third party C
16 //! libraries.
17
18 #![cfg_attr(not(test), no_std)]
19
20 extern crate alloc;
21
22 use alloc::alloc::{alloc, dealloc};
23 use core::{
24 alloc::Layout,
25 ffi::{c_char, c_int, c_ulong, c_void},
26 mem::size_of_val,
27 ptr::{null_mut, NonNull},
28 };
29 use safemath::SafeNum;
30
31 pub use strcmp::{strcmp, strncmp};
32
33 pub mod strchr;
34 pub mod strcmp;
35 pub mod strtoul;
36
37 // Linking compiler built-in intrinsics to expose libc compatible implementations
38 // https://cs.android.com/android/platform/superproject/main/+/2e15fc2eadcb7db07bf6656086c50153bbafe7b6:prebuilts/rust/linux-x86/1.78.0/lib/rustlib/src/rust/vendor/compiler_builtins/src/mem/mod.rs;l=22
39 extern "C" {
40 /// int memcmp(const void *src1, const void *src2, size_t n)
memcmp(src1: *const c_void, src2: *const c_void, n: usize) -> c_int41 pub fn memcmp(src1: *const c_void, src2: *const c_void, n: usize) -> c_int;
42 /// void *memset(void *dest, int c, size_t n)
memset(dest: *mut c_void, c: c_int, n: usize) -> *mut c_void43 pub fn memset(dest: *mut c_void, c: c_int, n: usize) -> *mut c_void;
44 /// void *memcpy(void *dest, const void *src, size_t n)
memcpy(dest: *mut c_void, src: *const c_void, n: usize) -> *mut c_void45 pub fn memcpy(dest: *mut c_void, src: *const c_void, n: usize) -> *mut c_void;
46 /// size_t strlen(const char *s)
strlen(s: *const c_char) -> usize47 pub fn strlen(s: *const c_char) -> usize;
48 }
49
50 /// Extended version of void *malloc(size_t size) with ptr alignment configuration support.
51 /// Libraries may have a different alignment requirements.
52 ///
53 /// # Safety
54 ///
55 /// * Returns a valid pointer to a memory block of `size` bytes, aligned to `alignment`, or null
56 /// on failure.
57 #[no_mangle]
gbl_malloc(request_size: usize, alignment: usize) -> *mut c_void58 pub unsafe extern "C" fn gbl_malloc(request_size: usize, alignment: usize) -> *mut c_void {
59 (|| {
60 // Prefix data:
61 let mut size = 0usize;
62 let mut offset = 0usize;
63
64 // Determine prefix size necessary to store data required for [gbl_free]: size, offset
65 let prefix_size: usize = size_of_val(&size) + size_of_val(&offset);
66
67 // Determine padding necessary to guarantee alignment. Padding includes prefix data.
68 let pad: usize = (SafeNum::from(alignment) + prefix_size).try_into().ok()?;
69
70 // Actual size to allocate. It includes padding to guarantee alignment.
71 size = (SafeNum::from(request_size) + pad).try_into().ok()?;
72
73 // SAFETY:
74 // * On success, `alloc` guarantees to allocate enough memory.
75 let ptr = unsafe {
76 // Due to manual aligning, there is no need for specific layout alignment.
77 NonNull::new(alloc(Layout::from_size_align(size, 1).ok()?))?.as_ptr()
78 };
79
80 // Calculate the aligned address to return the caller.
81 let ret_address = (SafeNum::from(ptr as usize) + prefix_size).round_up(alignment);
82
83 // Calculate the offsets from the allocation start.
84 let ret_offset = ret_address - (ptr as usize);
85 let align_offset: usize = (ret_offset - size_of_val(&size)).try_into().ok()?;
86 let size_offset: usize = (align_offset - size_of_val(&offset)).try_into().ok()?;
87 offset = usize::try_from(ret_offset).ok()?;
88
89 // SAFETY:
90 // 'ptr' is guarantied to be valid:
91 // - not NULL; Checked with `NonNull`
92 // - it points to single block of memory big enough to hold size+offset (allocated this
93 // way)
94 // - memory is 1-byte aligned for [u8] slice
95 // - ptr+offset is guarantied to point to the buffer of size 'size' as per allocation that
96 // takes into account padding and prefix.
97 unsafe {
98 // Write metadata and return the caller's pointer.
99 core::slice::from_raw_parts_mut(ptr.add(size_offset), size_of_val(&size))
100 .copy_from_slice(&size.to_ne_bytes());
101 core::slice::from_raw_parts_mut(ptr.add(align_offset), size_of_val(&offset))
102 .copy_from_slice(&offset.to_ne_bytes());
103
104 Some(ptr.add(offset))
105 }
106 })()
107 .unwrap_or(null_mut()) as _
108 }
109
110 /// Extended version of void free(void *ptr) with ptr alignment configuration support.
111 ///
112 /// # Safety
113 ///
114 /// * `ptr` must be allocated by `gbl_malloc` and guarantee enough memory for a preceding
115 /// `usize` value and payload or null.
116 /// * `gbl_free` must be called with the same `alignment` as the corresponding `gbl_malloc` call.
117 #[no_mangle]
gbl_free(ptr: *mut c_void, alignment: usize)118 pub unsafe extern "C" fn gbl_free(ptr: *mut c_void, alignment: usize) {
119 if ptr.is_null() {
120 // follow libc free behavior
121 return;
122 }
123 let mut ptr = ptr as *mut u8;
124
125 let mut offset = 0usize;
126 let mut size = 0usize;
127
128 // Calculate offsets for size of align data
129 let align_offset: usize = size_of_val(&size);
130 let size_offset: usize = align_offset + size_of_val(&size);
131
132 // Read size used in allocation from prefix data.
133 offset = usize::from_ne_bytes(
134 // SAFETY:
135 // * `ptr` is allocated by `gbl_malloc` and has enough padding before `ptr` to hold
136 // prefix data. Which consists of align and size values.
137 // * Alignment is 1 for &[u8]
138 unsafe { core::slice::from_raw_parts(ptr.sub(align_offset), size_of_val(&offset)) }
139 .try_into()
140 .unwrap(),
141 );
142
143 // Read offset for unaligned pointer from prefix data.
144 size = usize::from_ne_bytes(
145 // SAFETY:
146 // * `ptr` is allocated by `gbl_malloc` and has enough padding before `ptr` to hold
147 // prefix data. Which consists of align and size values.
148 // * Alignment is 1 for &[u8]
149 unsafe { core::slice::from_raw_parts(ptr.sub(size_offset), size_of_val(&size)) }
150 .try_into()
151 .unwrap(),
152 );
153
154 // SAFETY:
155 // * `ptr` is allocated by `gbl_malloc` and has enough padding before `ptr` to hold
156 // prefix data. ptr - offset must point to unaligned pointer to buffer, which was returned by
157 // `alloc`, and must be passed to `dealloc`
158 unsafe {
159 // Calculate unaligned pointer returned by [alloc], which must be used in [dealloc]
160 ptr = ptr.sub(offset);
161
162 // Call to global allocator.
163 dealloc(ptr, Layout::from_size_align(size, alignment).unwrap());
164 };
165 }
166
167 /// void *memchr(const void *ptr, int ch, size_t count);
168 ///
169 /// # Safety
170 ///
171 /// * `ptr` needs to be a buffer with at least `count` bytes.
172 /// * Returns the pointer within `ptr` buffer, or null if not found.
173 #[no_mangle]
memchr(ptr: *const c_void, ch: c_int, count: c_ulong) -> *mut c_void174 pub unsafe extern "C" fn memchr(ptr: *const c_void, ch: c_int, count: c_ulong) -> *mut c_void {
175 assert!(!ptr.is_null());
176 let start = ptr as *const u8;
177 let target = (ch & 0xff) as u8;
178 for i in 0..count {
179 // SAFETY: `ptr` buffer is assumed valid and bounded by count.
180 let curr = unsafe { start.add(i.try_into().unwrap()) };
181 // SAFETY: `ptr` buffer is assumed valid and bounded by count.
182 if *unsafe { curr.as_ref().unwrap() } == target {
183 return curr as *mut _;
184 }
185 }
186 null_mut()
187 }
188
189 /// size_t strnlen(const char *s, size_t maxlen);
190 ///
191 /// # Safety
192 ///
193 /// * `s` must be a valid pointer to a null terminated C string.
194 #[no_mangle]
strnlen(s: *const c_char, maxlen: usize) -> usize195 pub unsafe extern "C" fn strnlen(s: *const c_char, maxlen: usize) -> usize {
196 // SAFETY: `s` is a valid pointer to a null terminated string.
197 match unsafe { memchr(s as *const _, 0, maxlen.try_into().unwrap()) } {
198 p if p.is_null() => maxlen,
199 p => (p as usize) - (s as usize),
200 }
201 }
202