aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2021-07-08io: Add closefrom [BZ #10353]Adhemerval Zanella44-2/+380
The function closes all open file descriptors greater than or equal to input argument. Negative values are clamped to 0, i.e, it will close all file descriptors. As indicated by the bug report, this is a common symbol provided by different systems (Solaris, OpenBSD, NetBSD, FreeBSD) and, although its has inherent issues with not taking in consideration internal libc file descriptors (such as syslog), this is also a common feature used in multiple projects [1][2][3][4][5]. The Linux fallback implementation iterates over /proc and close all file descriptors sequentially. Although it was raised the questioning whether getdents on /proc/self/fd might return disjointed entries when file descriptor are closed; it does not seems the case on my testing on multiple kernel (v4.18, v5.4, v5.9) and the same strategy is used on different projects [1][2][3][5]. Also, the interface is set a fail-safe meaning that a failure in the fallback results in a process abort. Checked on x86_64-linux-gnu and i686-linux-gnu on kernel 5.11 and 4.15. [1] https://github.com/systemd/systemd/blob/5238e9575906297608ff802a27e2ff9effa3b338/src/basic/fd-util.c#L217 [2] https://github.com/lxc/lxc/blob/ddf4b77e11a4d08f09b7b9cd13e593f8c047edc5/src/lxc/start.c#L236 [3] https://github.com/python/cpython/blob/9e4f2f3a6b8ee995c365e86d976937c141d867f8/Modules/_posixsubprocess.c#L220 [4] https://github.com/rust-lang/rust/blob/5f47c0613ed4eb46fca3633c1297364c09e5e451/src/libstd/sys/unix/process2.rs#L303-L308 [5] https://github.com/openjdk/jdk/blob/master/src/java.base/unix/native/libjava/childproc.c#L82
2021-07-08linux: Add close_rangeAdhemerval Zanella40-1/+422
It was added on Linux 5.9 (278a5fbaed89) with CLOSE_RANGE_CLOEXEC added on 5.11 (582f1fb6b721f). Although FreeBSD has added the same syscall, this only adds the symbol on Linux ports. This syscall is required to provided a fail-safe way to implement the closefrom symbol (BZ #10353). Checked on x86_64-linux-gnu and i686-linux-gnu on kernel 5.11 and 4.15.
2021-07-08support: Add support_stack_allocAdhemerval Zanella4-38/+107
The code to allocate a stack from xsigstack is refactored so it can be more generic. The new support_stack_alloc() also set PROT_EXEC if DEFAULT_STACK_PERMS has PF_X. This is required on some architectures (hppa for instance) and trying to access the rtld global from testsuite will require more intrusive refactoring in the ldsodefs.h header. Checked on x86_64-linux-gnu and i686-linux-gnu. I also ran tst-xsigstack on both hppa and ia64.
2021-07-08_int_realloc is staticSiddhesh Poyarekar1-2/+2
_int_realloc is correctly declared at the top to be static, but incorrectly defined without the static keyword. Fix that. The generated binaries have identical code.
2021-07-08Move mcheck symbol from stdlib to mallocSiddhesh Poyarekar2-2/+2
It is defined in malloc, so it belongs there. Verified on x86_64 that the built libraries are identical despite this change.
2021-07-08nss: Do not install static linker input files for libnss_filesFlorian Weimer1-0/+8
2021-07-08elf/tests: Make thrlock and noload depend on libmSiddhesh Poyarekar1-0/+2
Both tests try to dlopen libm.so at runtime, so make them depend on it so that they're executed if libm.so has been updated. Reviewed-by: Florian Weimer <fweimer@redhat.com>
2021-07-08Harden tcache double-free checkSiddhesh Poyarekar2-4/+41
The tcache allocator layer uses the tcache pointer as a key to identify a block that may be freed twice. Since this is in the application data area, an attacker exploiting a use-after-free could potentially get access to the entire tcache structure through this key. A detailed write-up was provided by Awarau here: https://awaraucom.wordpress.com/2020/07/19/house-of-io-remastered/ Replace this static pointer use for key checking with one that is generated at malloc initialization. The first attempt is through getrandom with a fallback to random_bits(), which is a simple pseudo-random number generator based on the clock. The fallback ought to be sufficient since the goal of the randomness is only to make the key arbitrary enough that it is very unlikely to collide with user data. Co-authored-by: Eyal Itkin <eyalit@checkpoint.com>
2021-07-07nss: Access nss_files through direct referencesFlorian Weimer20-32/+114
This partially fixes static-only NSS support (bug 27959): The files module no longer needs dlopen. Support for the dns module remains to be added, and also support for disabling dlopen altogether. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nss_files: Move into libcFlorian Weimer11-64/+37
This is the first step towards fixing bug 27959. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nss_files: Add generic code for set*ent, end*ent and file openFlorian Weimer7-108/+259
This reduces RSS usage if nss_files is not actually used, and can be used later to make NSS data thread-specific. It also results in a small code size reduction. Before: text data bss dec hex filename 2288 0 72 2360 938 nss/files-alias.os 1807 0 72 1879 757 nss/files-ethers.os 1371 0 72 1443 5a3 nss/files-grp.os 6246 0 72 6318 18ae nss/files-hosts.os 869 0 0 869 365 nss/files-initgroups.os 666 0 0 666 29a nss/files-init.os 1934 0 0 1934 78e nss/files-netgrp.os 2353 0 72 2425 979 nss/files-network.os 2130 0 72 2202 89a nss/files-proto.os 1372 0 72 1444 5a4 nss/files-pwd.os 2124 0 72 2196 894 nss/files-rpc.os 2265 0 72 2337 921 nss/files-service.os 1125 0 72 1197 4ad nss/files-sgrp.os 1124 0 72 1196 4ac nss/files-spwd.os After: text data bss dec hex filename 2040 0 0 2040 7f8 nss/files-alias.os 1599 0 0 1599 63f nss/files-ethers.os 1155 0 0 1155 483 nss/files-grp.os 6010 0 0 6010 177a nss/files-hosts.os 869 0 0 869 365 nss/files-initgroups.os 666 0 0 666 29a nss/files-init.os 1934 0 0 1934 78e nss/files-netgrp.os 2129 0 0 2129 851 nss/files-network.os 1914 0 0 1914 77a nss/files-proto.os 1156 0 0 1156 484 nss/files-pwd.os 1908 0 0 1908 774 nss/files-rpc.os 2057 0 0 2057 809 nss/files-service.os 909 0 0 909 38d nss/files-sgrp.os 908 0 0 908 38c nss/files-spwd.os 1090 0 8 1098 44a nss/nss_files_data.os 27674 code bytes before, 26344 code bytes after, so it is an overall win despite the extra initialization code. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nss_files: Allocate nscd file registration data on the heapFlorian Weimer1-34/+20
This is only needed if nss_files is loaded by nscd. Before: text data bss dec hex filename 767 0 24952 25719 6477 nss/files-init.os After: text data bss dec hex filename 666 0 0 666 29a nss/files-init.os Using PATH_MAX bytes unconditionally for the directory name is wasteful, but fixing that would constitute another break of this semi-public ABI. (The other issue is that with symbolic links, an arbitrary set of parent directories may need watching, not just a single one.) Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07libio: Replace internal _IO_getdelim symbol with __getdelimFlorian Weimer6-8/+7
__getdelim is exported, _IO_getdelim is not. Add a hidden prototype for __getdelim. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07libio: Add hidden prototype for ungetcFlorian Weimer2-3/+4
And make ungetc the primary symbol, with _IO_ungetc as an alias. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07inet: Add hidden prototype for __inet_networkFlorian Weimer2-1/+5
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07Update MIPS libm-test-ulpsJoseph Myers2-76/+84
2021-07-07Update powerpc-nofpu libm-test-ulpsJoseph Myers1-41/+45
2021-07-07soft-fp: Add __extendhfsf2/__extendhfdf2, __truncsfhf2/__truncdfhf2, ↵liuhongt6-0/+253
__eqhf2/__nehf2 1. Add __extendhfdf2/__extendhfsf2 to return an IEEE half converted to IEEE double/single. 2. Add __truncdfhf2/__extendsfhf2 to truncate IEEE double/single into IEEE half. 3. Add __eqhf2/__nehf2 to return 0 if a == b and a,b are not NAN, otherwise return 1. These are needed by x86 _Float16: https://software.intel.com/content/www/us/en/develop/download/intel-avx512-fp16-architecture-specification.html support in GCC.
2021-07-07Update kernel version to 5.13 in tst-mman-consts.pyJoseph Myers1-1/+1
This patch updates the kernel version in the test tst-mman-consts.py to 5.13. (There are no new MAP_* constants covered by this test in 5.13 that need any other header changes.) Tested with build-many-glibcs.py.
2021-07-07tests-exclude-mcheck: Fix typoSiddhesh Poyarekar1-1/+1
It's tst-realloc, not tst-posix-realloc. Verified this time to ensure that the total number of tests reduced by 1. Reported-by: Stefan Liebler <stli@linux.ibm.com>
2021-07-07elf: Clean up GLIBC_PRIVATE exports of internal libdl symbolsFlorian Weimer11-260/+18
They are no longer needed after everything has been moved into libc. The _dl_vsym test has to be removed because the symbol cannot be used outside libc anymore. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nptl: Reduce the GLIBC_PRIVATE ABIFlorian Weimer6-52/+15
The remaining symbols are mostly used by libthread_db. __pthread_get_minstack has to remain exported even though unused. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nptl: Remove GLIBC_2.34 versions of __pthread_mutex_lock, __pthread_mutex_unlockFlorian Weimer35-70/+6
Now that there are no internal users anymore, these new symbol versions can be removed from the public ABI. The compatibility symbols remain. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nptl: Use internal low-level lock type for !IS_IN (libc)Florian Weimer1-46/+5
This avoids an ABI hazard (types changing between different modules of glibc) without introducing linknamespace issues. In particular, NSS modules now call __lll_lock_wait_private@@GLIBC_PRIVATE to wait on internal locks (the unlock path is inlined and performs a direct system call). Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07glibc.malloc.check: Fix nit in documentationSiddhesh Poyarekar2-6/+6
The tunable will not work with *any* non-zero tunable value since its list of allowed values is 0-3. Fix the documentation to reflect that. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-06Exclude tst-realloc from tests-mcheckSiddhesh Poyarekar1-1/+2
The realloc (NULL, 0) test in tst-realloc fails with gcc 7.x but passes with newer gcc. This is because a newer gcc transforms the realloc call to malloc (0), thus masking the bug in mcheck. Disable the test with mcheck for now. The malloc removal patchset will fix this and then remove this test from the exclusion list. Reported-by: Stefan Liebler <stli@linux.ibm.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-06linux: Fix setsockopt fallbackAdhemerval Zanella1-1/+3
The final 2 arguments for SO_TIMESTAMP/SO_TIMESTAMPNS are being set wrongly. Checked on x86_64-linux-gnu and i686-linux-gnu.
2021-07-06linux: Use the expected size for SO_TIMESTAMP{NS} convertionAdhemerval Zanella1-2/+5
Kernel returns 32-bit values for COMPAT_SO_TIMESTAMP{NS}_OLD, not 64-bit values. Checked on x86_64-linux-gnu and i686-linux-gnu.
2021-07-06linux: Consolidate Linux setsockopt implementationAdhemerval Zanella15-14/+5
This patch consolidates the setsockopt implementation on sysdeps/unix/sysv/linux/getsockopt.c. The changes are: 1. Remove it from auto-generation syscalls.list on all architectures. 2. Add __ASSUME_SETSOCKOPT_SYSCALL as default and undef if for specific kernel versions on some architectures. This also fix a potential issue where 32-bit time_t ABI should use the linux setsockopt which overrides the underlying SO_* constants used for socket timestamping for _TIME_BITS=64. Checked on x86_64-linux-gnu and i686-linux-gnu.
2021-07-06linux: Consolidate Linux getsockopt implementationAdhemerval Zanella15-14/+5
This patch consolidates the getsockopt Linux syscall implementation on sysdeps/unix/sysv/linux/getsockopt.c. The changes are: 1. Remove it from auto-generation syscalls.list on all architectures. 2. Add __ASSUME_GETSOCKOPT_SYSCALL as default and undef if for specific kernel versions on some architectures. This also fix a potential issue where 32-bit time_t ABI should use the linux getsockopt which overrides the underlying SO_* constants used for socket timestamping for _TIME_BITS=64. Checked on x86_64-linux-gnu and i686-linux-gnu.
2021-07-06manual: fix description for preadv()Armin Brauns1-1/+1
2021-07-06elf: Call free from base namespace on error in dl-libc.c [BZ #27646]Florian Weimer1-1/+1
In dlerror_run, free corresponds to the local malloc in the namespace, but GLRO (dl_catch_error) uses the malloc from the base namespace. elf/tst-dlmopen-gethostbyname triggers this mismatch, but it does not crash, presumably because of a fastbin deallocation. Fixes commit c2059edce20c124d1a99f1a94cc52e83b77a917a ("elf: Use _dl_catch_error from base namespace in dl-libc.c [BZ #27646]") and commit b2964eb1d9a6b8ab1250e8a881cf406182da5875 ("dlfcn: Failures after dlmopen should not terminate process [BZ #24772]").
2021-07-05linux: Check for null value msghdr struct before useKhem Raj2-2/+4
This avoids crashes in libc when cmsg is null and refrencing msg structure when it is null Signed-off-by: Khem Raj <raj.khem@gmail.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-04hooks.c: Remove incorrect commentSiddhesh Poyarekar1-4/+0
The comment about different values of glibc.malloc.check is no longer valid.
2021-07-02mtrace: Add attribute nocommon to mallwatchTulio Magno Quites Machado Filho1-1/+1
Avoid compilation errors GCC versions that do not default to -fno-common, e.g. GCC <= 9. Fixes commit 00d28960c5388a582a0485e07629b553c32dde49 ("mtrace: Deprecate mallwatch and tr_break"). Suggested-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Suggested-by: Florian Weimer <fweimer@redhat.com>
2021-07-03Move glibc.malloc.check implementation into its own fileSiddhesh Poyarekar2-370/+391
Separate the malloc check implementation from the malloc hooks. They still use the hooks but are now maintained in a separate file. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-03mtrace: Deprecate mallwatch and tr_breakSiddhesh Poyarekar2-37/+24
The variable and function pair appear to provide a way for users to set conditional breakpoints in mtrace when a specific address is returned by the allocator. This can be achieved by using conditional breakpoints in gdb so it is redundant. There is no documentation of this interface in the manual either, so it appears to have been a hack that got added to debug malloc. Deprecate these symbols and do not call tr_break anymore. Reviewed-by: DJ Delorie <dj@redhat.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-03Drop source dependencies on hooks.c and arena.cSiddhesh Poyarekar1-4/+0
Dependencies on hooks.c and arena.c get auto-computed when generating malloc.o{,s}.d so there is no need to add them manually. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Reviewed-by: Andreas Schwab <schwab@linux-m68k.org>
2021-07-02malloc: Initiate tcache shutdown even without allocations [BZ #28028]JeffyChen1-1/+2
After commit 1e26d35193efbb29239c710a4c46a64708643320 ("malloc: Fix tcache leak after thread destruction [BZ #22111]"), tcache_shutting_down is still not early enough. When we detach a thread with no tcache allocated, tcache_shutting_down would still be false. Reviewed-by: DJ Delorie <dj@redhat.com>
2021-07-02Add mcheck tests to mallocSiddhesh Poyarekar2-1/+49
Like malloc-check, add generic rules to run all tests in malloc by linking with libmcheck.a so as to provide coverage for mcheck(). Currently the following 12 tests fail: FAIL: malloc/tst-malloc-backtrace-mcheck FAIL: malloc/tst-malloc-fork-deadlock-mcheck FAIL: malloc/tst-malloc-stats-cancellation-mcheck FAIL: malloc/tst-malloc-tcache-leak-mcheck FAIL: malloc/tst-malloc-thread-exit-mcheck FAIL: malloc/tst-malloc-thread-fail-mcheck FAIL: malloc/tst-malloc-usable-static-mcheck FAIL: malloc/tst-malloc-usable-static-tunables-mcheck FAIL: malloc/tst-malloc-usable-tunables-mcheck FAIL: malloc/tst-malloc_info-mcheck FAIL: malloc/tst-memalign-mcheck FAIL: malloc/tst-posix_memalign-mcheck and they have been added to tests-exclude-mcheck for now to keep status quo. At least the last two can be attributed to bugs in mcheck() but I haven't fixed them here since they should be fixed by removing malloc hooks. Others need to be triaged to check if they're due to mcheck bugs or due to actual bugs. Reviewed-by: DJ Delorie <dj@redhat.com>
2021-07-02iconvconfig: Use the public feof_unlockedSiddhesh Poyarekar1-1/+2
Build of iconvconfig failed with CFLAGS=-Os since __feof_unlocked is not a public symbol. Replace with feof_unlocked (defined to __feof_unlocked when IS_IN (libc)) to fix this. Reported-by: Szabolcs Nagy <szabolcs.nagy@arm.com> Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2021-07-02resolv: Move libanl into libc (if libpthread is in libc)Florian Weimer78-206/+498
The symbols gai_cancel, gai_error, gai_suspend, getaddrinfo_a, __gai_suspend_time64 were moved using scripts/move-symbol-to-libc.py. For Hurd (which remains !PTHREAD_IN_LIBC), a few #define redirects had to be added because several pthread functions are not available under __. (Linux uses __ prefixes for most hidden aliases, and has to in some cases to avoid linknamespace issues.)
2021-07-01powerpc: optimize strcpy/stpcpy for POWER9/10Pedro Franco de Carvalho1-71/+89
This patch modifies the current POWER9 implementation of strcpy and stpcpy to optimize it for POWER9/10. Since no new POWER10 instructions are used, the original POWER9 strcpy is modified instead of creating a new implementation for POWER10. This implementation is based on both the original POWER9 implementation of strcpy and the preamble of the new POWER10 implementation of strlen. The changes also affect stpcpy, which uses the same implementation with some additional code before returning. On POWER9, averaging improvements across the benchmark inputs (length/source alignment/destination alignment), for an experiment that ran the benchmark five times, bench-strcpy showed an improvement of 5.23%, and bench-stpcpy showed an improvement of 6.59%. On POWER10, bench-strcpy showed 13.16%, and bench-stpcpy showed 13.59%. The changes are: 1. Removed the null string optimization. Although this results in a few extra cycles for the null string, in combination with the second change, this resulted in improvements for for other cases. 2. Adapted the preamble from strlen for POWER10. This is the part of the function that handles up to the first 16 bytes of the string. 3. Increased number of unrolled iterations in the main loop to 6. Reviewed-by: Matheus Castanho <msc@linux.ibm.com> Tested-by: Matheus Castanho <msc@linux.ibm.com>
2021-07-01soft-fp: Add __extendhfxf2 and __truncxfhf2H.J. Lu2-0/+105
1. Add __extendhfxf2 to return an IEEE half converted to IEEE extended. 2. Add __truncxfhf2 to truncate IEEE extended into IEEE half. These are needed by x86 _Float16: https://software.intel.com/content/www/us/en/develop/download/intel-avx512-fp16-architecture-specification.html support in GCC.
2021-07-01x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]H.J. Lu6-6/+14
From https://www.intel.com/content/www/us/en/support/articles/000059422/processors.html * Intel TSX will be disabled by default. * The processor will force abort all Restricted Transactional Memory (RTM) transactions by default. * A new CPUID bit CPUID.07H.0H.EDX[11](RTM_ALWAYS_ABORT) will be enumerated, which is set to indicate to updated software that the loaded microcode is forcing RTM abort. * On processors that enumerate support for RTM, the CPUID enumeration bits for Intel TSX (CPUID.07H.0H.EBX[11] and CPUID.07H.0H.EBX[4]) continue to be set by default after microcode update. * Workloads that were benefited from Intel TSX might experience a change in performance. * System software may use a new bit in Model-Specific Register (MSR) 0x10F TSX_FORCE_ABORT[TSX_CPUID_CLEAR] functionality to clear the Hardware Lock Elision (HLE) and RTM bits to indicate to software that Intel TSX is disabled. 1. Add RTM_ALWAYS_ABORT to CPUID features. 2. Set RTM usable only if RTM_ALWAYS_ABORT isn't set. This skips the string/tst-memchr-rtm etc. testcases on the affected processors, which always fail after a microcde update. 3. Check RTM feature, instead of usability, against /proc/cpuinfo. This fixes BZ #28033.
2021-07-01Update syscall lists for Linux 5.13Joseph Myers26-2/+80
Linux 5.13 has three new syscalls (landlock_create_ruleset, landlock_add_rule, landlock_restrict_self). Update syscall-names.list and regenerate the arch-syscall.h headers with build-many-glibcs.py update-syscalls. Tested with build-many-glibcs.py.
2021-07-01s390: Fix MEMCHR_Z900_G5 ifunc-variant if n>=0x80000000 [BZ #28024]Stefan Liebler1-0/+13
On s390 (31bit), the pointer to the first byte after s always wraps around with n >= 0x80000000 and can lead to stop searching before end of s. Thus this patch just use NULL as byte after s in this case and the srst instruction stops searching with "not found" when wrapping around from top address to zero. This is observable with testcase string/test-memchr starting with commit "String: Add overflow tests for strnlen, memchr, and strncat [BZ #27974]" https://sourceware.org/git/?p=glibc.git;a=commit;h=da5a6fba0febbfc90896ce1b2eb75c6d8a88a72d
2021-07-01Fix extra PLT reference in libc.so due to __glob64_time64 if build with gcc ↵Stefan Liebler3-0/+3
7.5 on 32bit. Starting with recent commit 84f7ce84474c1648ce96884f1c91ca7b97ca3fc2 "posix: Add glob64 with 64-bit time_t support", elf/check-localplt fails due to extra PLT reference __glob64_time64 in __glob64_time64 itself. This is observable with gcc 7.5 on x86_64 with -m32 or s390x with -m31. E.g. if build with gcc 10, gcc is generating a call to __glob64_time64.localalias. This patch is adding a hidden version of __glob64_time64 in the same way as for __globfree64_time64.
2021-07-01AArch64: Add hp-timing.hWilco Dijkstra1-0/+47
Add hp-timing.h using the cntvct_el0 counter. Return timing in nanoseconds so it is fully compatible with generic hp-timing. Don't set HP_TIMING_INLINE in the dynamic linker since it adds unnecessary overheads and some ancient kernels may not handle emulating cntcvt correctly. Currently cntvct_el0 is only used for timing in the benchtests. Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2021-07-01AArch64: Improve strnlen performanceWilco Dijkstra1-181/+89
Optimize strnlen by avoiding UMINV which is slow on most cores. On Neoverse N1 large strings are 1.8x faster than the current version, and bench-strnlen is 50% faster overall. This version is MTE compatible. Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>