| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
As seen on powerpc64le-linux-gnu with GCC 11 defaulting to POWER9
instructions.
|
|
into libc.
Message-ID: <20241231134909.1166440-9-gfleury@disroot.org>
|
|
pthread_mutexattr_{getrobust, getrobust_np} into libc.
Message-ID: <20241231134909.1166440-8-gfleury@disroot.org>
|
|
Message-ID: <20241231134909.1166440-7-gfleury@disroot.org>
|
|
Message-ID: <20241231134909.1166440-6-gfleury@disroot.org>
|
|
Message-ID: <20241231134909.1166440-5-gfleury@disroot.org>
|
|
Message-ID: <20241231134909.1166440-4-gfleury@disroot.org>
|
|
Message-ID: <20241231134909.1166440-3-gfleury@disroot.org>
|
|
Message-ID: <20241231134909.1166440-2-gfleury@disroot.org>
|
|
The old BSD 4.4 definition (not used by Linux) was not 64b-proof: the
cmsg_data field is supposed to CMSG_ALIGN'ed (as can be also seen in the
CMSG_LEN macro).
Suggested-by: Diego Nieto Cid <dnietoc@gmail.com>
|
|
* scripts/update-copyrights: Do not update copyright notices
in licenses imported from the Linux kernel.
This should prevent glitches such as those fixed in my
recent commit.
|
|
|
|
I've updated copyright dates in glibc for 2025. This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.
|
|
|
|
|
|
This is needed for the next patch which updates copyright dates.
* assert/test-assert-2.c: Remove trailing white space.
* elf/tst-startup-errno.c: Remove trailing empty lines.
|
|
Since https://gcc.gnu.org/r11-959, the compiler emits
-Wmaybe-uninitialized if a const pointer to an uninitialized buffer is
passed. Tell the compiler we don't dereference the pointer to remove
the false alarm.
Link: https://gcc.gnu.org/PR118194
Signed-off-by: Xi Ruoyao <xry111@xry111.site>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
The new tunable can be used to control whether executable stacks are
allowed from either the main program or dependencies. The default is
to allow executable stacks.
The executable stacks default permission is checked agains the one
provided by the PT_GNU_STACK from program headers (if present). The
tunable also disables the stack permission change if any dependency
requires an executable stack at loading time.
Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
Similar to tst-execstack-prog, check if executable stacks works for
statically linked programs.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
If some shared library loaded with dlopen/dlmopen requires an executable
stack, either implicitly because of a missing GNU_STACK ELF header
(where the ABI default flags implies in the executable bit) or explicitly
because of the executable bit from GNU_STACK; the loader will try to set
the both the main thread and all thread stacks (from the pthread cache)
as executable.
Besides the issue where any __nptl_change_stack_perm failure does not
undo the previous executable transition (meaning that if the library
fails to load, there can be thread stacks with executable stacks), this
behavior was used on a CVE [1] as a vector for RCE.
This patch changes that if a shared library requires an executable
stack, and the current stack is not executable, dlopen fails. The
change is done only for dynamically loaded modules, if the program
or any dependency requires an executable stack, the loader will still
change the main thread before program execution and any thread created
with default stack configuration.
[1] https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt
Checked on x86_64-linux-gnu and i686-linux-gnu.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
Tested with build-many-glibcs.py with
--exclude m68k-linux-gnu-coldfire-soft
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
|
|
Reviewed-by: Andreas K. Huettel <dilfridge@gentoo.org>
|
|
Move the x86-64 loader first, before the i386 and x32 loaders. In
most cases, it's the loader the script needs. This avoids an error
message if the i386 loader does not work.
The effect of this change to the generated ldd script looks like this:
-RTLDLIST="/lib/ld-linux.so.2 /lib64/ld-linux-x86-64.so.2 /libx32/ld-linux-x32.so.2"
+RTLDLIST="/lib64/ld-linux-x86-64.so.2 /lib/ld-linux.so.2 /libx32/ld-linux-x32.so.2"
Reviewed-by: Sam James <sam@gentoo.org>
|
|
The addition of the new thread_pointer.h header on HPPA resulted in
duplicated inline asm to get the current thread pointer from the cr27
register.
Include thread_pointer.h in tls.h and replace __get/set_cr27() with
__set_/thread_pointer() with the appropriate casts.
Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
|
|
This will be required by the rseq extensible ABI implementation on all
Linux architectures exposing the '__rseq_size' and '__rseq_offset'
symbols to set the initial value of the 'cpu_id' field which can be used
by applications to test if rseq is available and registered. As long as
the symbols are exposed it is valid for an application to perform this
test even if rseq is not yet implemented in libc for this architecture.
Compile tested with build-many-glibcs.py but I don't have access to any
hardware to run the tests.
Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
|
|
This was suggested most recently by Solar Designer, noting
that code replacing vsprintf with vasprintf in a security fix
was subtly wrong:
Re: GStreamer Security Advisory 2024-0003: Orc compiler
stack-based buffer overflow
<https://www.openwall.com/lists/oss-security/2024/07/26/2>
Previous libc-alpha discussions:
I: [PATCH] asprintf error handling fix
<https://inbox.sourceware.org/libc-alpha/20011205185828.GA8376@ldv.office.alt-linux.org/>
asprintf() issue
<https://inbox.sourceware.org/libc-alpha/CANSoFxt-cdc-+C4u-rTENMtY4X9RpRSuv+axDswSPxbDgag8_Q@mail.gmail.com/>
I don't think we need a compatibility symbol for this. As the
GStreamer example shows, this change is much more likely to fix bugs
than cause compatibility issues.
Suggested-by: Dmitry V. Levin <ldv@altlinux.org>
Suggested-by: Archie Cobbs <archie.cobbs@gmail.com>
Suggested-by: Solar Designer <solar@openwall.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
The previous use of padding within a union made it impossible to
re-use the padding for GLIBC_PRIVATE ABI preservation because
tcbhead_t could use up all of the padding (as was historically the
case on x86-64). Allocating padding unconditionally addresses this
issue.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
This was used to manage an IA-64 ABI divergence is no longere needed
after the IA-64 removal.
(It should be possible to encode all the required information in
one machine word, so the pointer indirection is really unnecessary.
Technically, none of this is part of the ABI, so perhaps it's
possible to do this retroactively. See bug 27404.)
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
They are not supposed to change flow control.
This fixes miscompilation with gcc 14.2.0 which then drops code, see
https://lists.gnu.org/archive/html/bug-hurd/2024-11/msg00145.html
|
|
m68k-linux-gnu-coldfire-soft GCC and glibc often won't build due to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103370
which results in build-many-glibcs.py failure. Add an option, --exclude,
to exclude some targets.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
Followup to 5a96da210c15e18c3c5298dc23a9e2e57691b6c6.
|
|
The issue that was the cause of hang was fixed in upstream.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
|
|
Also document C and C++ compilers used to test glibc should come from
the same set of compilers.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
This can be used to stop execution after a TEST_COMPARE_BLOB
failure, for example.
|
|
Since Linux 6.11 the kernel allows path to be NULL if flags &
AT_EMPTY_PATH. Let's allow users to take the advantage if they don't
care running on old kernels.
Signed-off-by: Miao Wang <shankerwangmiao@gmail.com>
Signed-off-by: Xi Ruoyao <xry111@xry111.site>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
Change configure output for C++ Compiler from
...
checking -finput-charset=ascii in testing... -finput-charset=ascii
checking -finput-charset=ascii in testing... -finput-charset=ascii
...
to
...
checking -finput-charset=ascii in testing... -finput-charset=ascii
checking g++ -finput-charset=ascii in testing... -finput-charset=ascii
...
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
Add valid_decimal_value to check valid decimal value in a string to
avoid uninitialized endp in add_prefixlist and gaiconf_init as reported
by Clang 19:
./getaddrinfo.c:1884:11: error: variable 'endp' is used uninitialized whenever '||' condition is true [-Werror,-Wsometimes-uninitialized]
1884 | && (cp == NULL
| ^~~~~~~~~~
./getaddrinfo.c:1887:11: note: uninitialized use occurs here
1887 | && *endp == '\0'
| ^~~~
./getaddrinfo.c:1884:11: note: remove the '||' if its condition is always false
1884 | && (cp == NULL
| ^~~~~~~~~~
1885 | || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX
| ~~
./getaddrinfo.c:1875:13: note: initialize the variable 'endp' to silence this warning
1875 | char *endp;
| ^
| = NULL
This fixes BZ #32465.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
into libc.
Message-ID: <20241219203727.669825-9-gfleury@disroot.org>
|
|
move out __getpid from pt-mutex.h
and in pt-mutex-* include <unistd.h> where
__getpid was called
Signed-off-by: gfleury <gfleury@disroot.org>
Message-ID: <20241219203727.669825-8-gfleury@disroot.org>
|
|
__pthread_block_intr into libc.
Signed-off-by: gfleury <gfleury@disroot.org>
Message-ID: <20241219203727.669825-7-gfleury@disroot.org>
|
|
Signed-off-by: gfleury <gfleury@disroot.org>
Message-ID: <20241219203727.669825-6-gfleury@disroot.org>
|
|
Signed-off-by: gfleury <gfleury@disroot.org>
Message-ID: <20241219203727.669825-5-gfleury@disroot.org>
|
|
Signed-off-by: gfleury <gfleury@disroot.org>
Message-ID: <20241219203727.669825-4-gfleury@disroot.org>
|
|
Signed-off-by: gfleury <gfleury@disroot.org>
Message-ID: <20241219203727.669825-3-gfleury@disroot.org>
|
|
Signed-off-by: gfleury <gfleury@disroot.org>
Message-ID: <20241219203727.669825-2-gfleury@disroot.org>
|
|
For _exit declaration.
|
|
Suppress Clang warnings on stdio-common/scanf13.c:
1. Before this commit:
scanf13.c:43:17: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
43 | "A%mS%10mls%4ml[bcd]%4mCB", &lsp1, &lsp2, &lsp3, &lsp4) != 4)
| ~~~~^
scanf13.c:43:22: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
43 | "A%mS%10mls%4ml[bcd]%4mCB", &lsp1, &lsp2, &lsp3, &lsp4) != 4)
| ~~~~^
scanf13.c:43:50: error: data argument not used by format string [-Werror,-Wformat-extra-args]
43 | "A%mS%10mls%4ml[bcd]%4mCB", &lsp1, &lsp2, &lsp3, &lsp4) != 4)
| ~~~~~~~~~~~~~~~~~~~~~~~~~~ ^
scanf13.c:145:27: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
145 | if (sscanf (buf, "%2048mls%mlc", &lsp3, &lsp4) != 2)
| ~~~~~~^
scanf13.c:145:31: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
145 | if (sscanf (buf, "%2048mls%mlc", &lsp3, &lsp4) != 2)
| ~~~^
scanf13.c:145:43: error: data argument not used by format string [-Werror,-Wformat-extra-args]
145 | if (sscanf (buf, "%2048mls%mlc", &lsp3, &lsp4) != 2)
| ~~~~~~~~~~~~~~ ^
scanf13.c:161:31: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
161 | if (sscanf (buf, "%4mC%1500ml[dr/]%548ml[abc/d]%3mlc",
| ~~~~~~^
scanf13.c:161:42: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
161 | if (sscanf (buf, "%4mC%1500ml[dr/]%548ml[abc/d]%3mlc",
| ~~~~~~~~~~^
scanf13.c:161:53: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
161 | if (sscanf (buf, "%4mC%1500ml[dr/]%548ml[abc/d]%3mlc",
| ~~~~~~~~~~^
scanf13.c:162:15: error: data argument not used by format string [-Werror,-Wformat-extra-args]
161 | if (sscanf (buf, "%4mC%1500ml[dr/]%548ml[abc/d]%3mlc",
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
162 | &lsp1, &lsp2, &lsp3, &lsp4) != 4)
| ^
10 errors generated.
2. With DIAG_IGNORE_NEEDS_COMMENT_CLANG changes in stdio-common/scanf13.c:
scanf13.c:28:40: error: 'sscanf' may overflow; destination buffer in argument 4 has size 8, but the corresponding specifier may require size 11 [-Werror,-Wfortify-source]
28 | "A%ms%10ms%4m[bcd]%4mcB", &sp1, &sp2, &sp3, &sp4) != 4)
| ^
scanf13.c:94:34: error: 'sscanf' may overflow; destination buffer in argument 3 has size 8, but the corresponding specifier may require size 2049 [-Werror,-Wfortify-source]
94 | if (sscanf (buf, "%2048ms%mc", &sp3, &sp4) != 2)
| ^
scanf13.c:110:61: error: 'sscanf' may overflow; destination buffer in argument 4 has size 8, but the corresponding specifier may require size 1501 [-Werror,-Wfortify-source]
110 | if (sscanf (buf, "%4mc%1500m[dr/]%548m[abc/d]%3mc", &sp1, &sp2, &sp3, &sp4)
| ^
scanf13.c:110:67: error: 'sscanf' may overflow; destination buffer in argument 5 has size 8, but the corresponding specifier may require size 549 [-Werror,-Wfortify-source]
110 | if (sscanf (buf, "%4mc%1500m[dr/]%548m[abc/d]%3mc", &sp1, &sp2, &sp3, &sp4)
| ^
4 errors generated.
Co-Authored-By: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
Add a configure check for -Wno-fortify-source to suppress Clang warnings
on string/tester.c, like:
tester.c:385:10: error: 'strncat' size argument is too large; destination buffer has size 50, but size argument is 99 [-Werror,-Wfortify-source]
385 | check (strncat (one, "lmn", 99) == one, 1); /* Returned value. */
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
