aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2021-07-15resolv: Move ns_name_unpack to its own file and into libcFlorian Weimer69-115/+187
Reformat to GNU style. Avoid out-of-bounds buffer arithmetic. Eliminate the labellen function. The symbol was moved using scripts/move-symbol-to-libc.py. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-15resolv: Remove unnecessary res_isourserver_p call from send_dgFlorian Weimer1-6/+0
As the comment indicates, the check is unnecessary due to the way the UDP socket is set up. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-15resolv: Move ns_name_ntop to its own file and into libcFlorian Weimer69-161/+221
Reformat to GNU style. Avoid out-of-bounds pointer arithmetic (e.g., use eom - dn < 2 instead of dn + 1 >= eom). Inline the labellen function and fold the compression pointer check into the length check (l >= 64). Assume ASCII encoding. The symbol was moved using scripts/move-symbol-to-libc.py. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-15nss_dns: Do not use deprecated packet parsing functionsFlorian Weimer2-21/+20
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-15resolv: Sort Makefile routines and Versions lexicographicallyFlorian Weimer2-73/+182
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-15socket: Add hidden prototype for setsockoptFlorian Weimer3-4/+6
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-14elf: Fix DTV gap reuse logic (BZ #27135)Adhemerval Zanella8-33/+349
This is updated version of the 572bd547d57a (reverted by 40ebfd016ad2) that fixes the _dl_next_tls_modid issues. This issue with 572bd547d57a patch is the DTV entry will be only update on dl_open_worker() with the update_tls_slotinfo() call after all dependencies are being processed by _dl_map_object_deps(). However _dl_map_object_deps() itself might call _dl_next_tls_modid(), and since the _dl_tls_dtv_slotinfo_list::map is not yet set the entry will be wrongly reused. This patch fixes by renaming the _dl_next_tls_modid() function to _dl_assign_tls_modid() and by passing the link_map so it can set the slotinfo value so a subsequente _dl_next_tls_modid() call will see the entry as allocated. The intermediary value is cleared up on remove_slotinfo() for the case a library fails to load with RTLD_NOW. This patch fixes BZ #27135. Checked on x86_64-linux-gnu. Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2021-07-14Fix linknamespace errors and local-plt-usages in nss_files.Stefan Liebler4-8/+8
After commit f9c8b11ed7726b858cd7b7cea0d3d7c5233d78cf "nss: Access nss_files through direct references", when building with -Os, multiple conform/.../linknamespace tests and elf/check-localplt are failing: Extra PLT reference: libc.so: fgetc_unlocked Extra PLT reference: libc.so: getline Or e.g.: [initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endaliasent -> [libc.a(files-alias.o)] feof_unlocked [initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endaliasent -> [libc.a(files-alias.o)] fgetc_unlocked [initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endnetgrent -> [libc.a(files-netgrp.o)] getline This patch is using the hidden symbols where possible. Instead of fputc_unlocked, __putc_unlocked is used. (Compare to commit eeaa19f75e52d2d48074ae0c423f2311d67c42c6 "mntent: Use __putc_unlocked instead of fputc_unlocked")
2021-07-14Add static tests for __clone_internalH.J. Lu6-0/+509
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-14x86-64: Add the clone3 wrapperH.J. Lu2-0/+94
extern int clone3 (struct clone_args *__cl_args, size_t __size, int (*__func) (void *__arg), void *__arg); Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-14Add an internal wrapper for clone, clone2 and clone3H.J. Lu8-88/+213
The clone3 system call (since Linux 5.3) provides a superset of the functionality of clone and clone2. It also provides a number of API improvements, including the ability to specify the size of the child's stack area which can be used by kernel to compute the shadow stack size when allocating the shadow stack. Add: extern int __clone_internal (struct clone_args *__cl_args, int (*__func) (void *__arg), void *__arg); to provide an abstract interface for clone, clone2 and clone3. 1. Simplify stack management for thread creation by passing both stack base and size to create_thread. 2. Consolidate clone vs clone2 differences into a single file. 3. Call __clone3 if HAVE_CLONE3_WAPPER is defined. If __clone3 returns -1 with ENOSYS, fall back to clone or clone2. 4. Use only __clone_internal to clone a thread. Since the stack size argument for create_thread is now unconditional, always pass stack size to create_thread. 5. Enable the public clone3 wrapper in the future after it has been added to all targets. NB: Sandbox will return ENOSYS on clone3 in both Chromium: The following revision refers to this bug: https://chromium.googlesource.com/chromium/src/+/218438259dd795456f0a48f67cbe5b4e520db88b commit 218438259dd795456f0a48f67cbe5b4e520db88b Author: Matthew Denton <mpdenton@chromium.org> Date: Thu Jun 03 20:06:13 2021 Linux sandbox: return ENOSYS for clone3 Because clone3 uses a pointer argument rather than a flags argument, we cannot examine the contents with seccomp, which is essential to preventing sandboxed processes from starting other processes. So, we won't be able to support clone3 in Chromium. This CL modifies the BPF policy to return ENOSYS for clone3 so glibc always uses the fallback to clone. Bug: 1213452 Change-Id: I7c7c585a319e0264eac5b1ebee1a45be2d782303 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2936184 Reviewed-by: Robert Sesek <rsesek@chromium.org> Commit-Queue: Matthew Denton <mpdenton@chromium.org> Cr-Commit-Position: refs/heads/master@{#888980} [modify] https://crrev.com/218438259dd795456f0a48f67cbe5b4e520db88b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc and Firefox: https://hg.mozilla.org/integration/autoland/rev/ecb4011a0c76 Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-14nss: Fix build error with --disable-nscdCooper Qu1-2/+4
The error is as follows: nss_module.c: In function 'module_load_nss_files': nss_module.c:117:7: error: 'is_nscd' undeclared (first use in this function) 117 | if (is_nscd) | ^~~~~~~ nss_module.c:117:7: note: each undeclared identifier is reported only once for each function it appears in nss_module.c:119:51: error: 'nscd_init_cb' undeclared (first use in this function); did you mean 'nscd_init'? 119 | void (*cb) (size_t, struct traced_file *) = nscd_init_cb; | ^~~~~~~~~~~~ | nscd_init
2021-07-13htl: Fix linking static examples against libpthreadSamuel Thibault1-1/+1
libpthread.a uses some mach and hurd RPCs so we need to link them in.
2021-07-13htl: Let libc call __pthread_mutex_{,try,un}lockSamuel Thibault5-0/+7
Now that NPTL was moved to libc, libc makes internal __pthread calls, so htl has to expose them internally.
2021-07-13posix: Ignore non opened files on tst-spawn5Adhemerval Zanella1-19/+34
The make program might open a pipe for its job server, which triggers an invalid check on the spawned process. This patch now passes the lowest file descriptor as ithe first argument, so only the range that was actually opened is checked. Checked on x86_64-linux-gnu and i686-linux-gnu and centos7 (which triggers the issue).
2021-07-12mcheck: Align struct hdr to MALLOC_ALIGNMENT bytes [BZ #28068]H.J. Lu4-10/+5
1. Align struct hdr to MALLOC_ALIGNMENT bytes so that malloc hooks in libmcheck align memory to MALLOC_ALIGNMENT bytes. 2. Remove tst-mallocalign1 from tests-exclude-mcheck for i386 and x32. 3. Add tst-pvalloc-fortify and tst-reallocarray to tests-exclude-mcheck since they use malloc_usable_size (see BZ #22057). This fixed BZ #28068. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-07-12Linux: Use 32-bit vDSO for clock_gettime, gettimeofday, time (BZ# 28071)Adhemerval Zanella5-12/+175
The previous approach defeats the vDSO optimization on older kernels because a failing clock_gettime64 system call is performed on every function call. It also results in a clobbered errno value, exposing an OpenJDK bug (JDK-8270244). This patch fixes by open-code INLINE_VSYSCALL macro and replace all INLINE_SYSCALL_CALL with INTERNAL_SYSCALL_CALLS. Now for __clock_gettime64x, the 64-bit vDSO is used and the 32-bit vDSO is tried before falling back to 64-bit syscalls. The previous code preferred 64-bit syscall for the case where the kernel provides 64-bit time_t syscalls *and* also a 32-bit vDSO (in this case the *64-bit* syscall should be preferable over the vDSO). All architectures that provides 32-bit vDSO (i386, mips, powerpc, s390) modulo sparc; but I am not sure if some kernels versions do provide only 32-bit vDSO while still providing 64-bit time_t syscall. Regardless, for such cases the 64-bit time_t syscall is used if the vDSO returns overflowed 32-bit time_t. Tested on i686-linux-gnu (with a time64 and non-time64 kernel), x86_64-linux-gnu. Built with build-many-glibcs.py. Co-authored-by: Florian Weimer <fweimer@redhat.com>
2021-07-12Reduce <limits.h> pollution due to dynamic PTHREAD_STACK_MINFlorian Weimer7-17/+47
<limits.h> used to be a header file with no declarations. GCC's libgomp includes it in a #pragma GCC visibility hidden block. Including <unistd.h> from <limits.h> (indirectly) declares everything in <unistd.h> with hidden visibility, resulting in linker failures. This commit avoids C declarations in assembler mode and only declares __sysconf in <limits.h> (and not the entire contents of <unistd.h>). The __sysconf symbol is already part of the ABI. PTHREAD_STACK_MIN is no longer defined for __USE_DYNAMIC_STACK_SIZE && __ASSEMBLER__ because there is no possible definition. Additionally, PTHREAD_STACK_MIN is now defined by <pthread.h> for __USE_MISC because this is what developers expect based on the macro name. It also helps to avoid libgomp linker failures in GCC because libgomp includes <pthread.h> before its visibility hacks. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-12Fix failing nss/tst-nss-files-hosts-long.Stefan Liebler1-0/+0
Sometimes the test nss/tst-nss-files-hosts-long is failing as getent fails with exit-code 2. This happens if tst-reload1 was run just before this test: make t=nss/tst-reload1 test make t=nss/tst-nss-files-hosts-long test Then the test fails as /etc/nsswitch.conf contains "hosts: test2" and the hosts are not searched in /etc/hosts at all. Thus this patch just requests a post cleanup after nss/tst-reload1 has run.
2021-07-12nis: nis_local_group may read from __nisgroup[-1] (bug 28075)Florian Weimer1-0/+1
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-11hurd _Fork: Drop duplicate malloc_fork_lock callsSamuel Thibault1-3/+0
This was put in __libc_fork by c32c868ab8b2 ("posix: Add _Fork [BZ #4737]") so we need to avoid locking them again in _Fork called by __libc_lock, otherwise we deadlock.
2021-07-11support: Replace _SC_MINSIGSTKSZ with _SC_SIGSTKSZH.J. Lu1-2/+2
Replace _SC_MINSIGSTKSZ with _SC_SIGSTKSZ since sysconf (_SC_MINSIGSTKSZ) returns the minimum number of bytes of free stack space required in order to guarantee successful, non-nested handling of a single signal whose handler is an empty function while sysconf (_SC_SIGSTKSZ) returns the suggested minimum number of bytes of stack space required for a signal stack. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-09support: Replace MINSIGSTKSZ with sysconf (_SC_MINSIGSTKSZ)H.J. Lu1-4/+5
Replace MINSIGSTKSZ with sysconf (_SC_MINSIGSTKSZ) since the constant MINSIGSTKSZ used in glibc build may be too small. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-09Define PTHREAD_STACK_MIN to sysconf(_SC_THREAD_STACK_MIN)H.J. Lu26-626/+266
The constant PTHREAD_STACK_MIN may be too small for some processors. Rename _SC_SIGSTKSZ_SOURCE to _DYNAMIC_STACK_SIZE_SOURCE. When _DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined, define PTHREAD_STACK_MIN to sysconf(_SC_THREAD_STACK_MIN) which is changed to MIN (PTHREAD_STACK_MIN, sysconf(_SC_MINSIGSTKSZ)). Consolidate <bits/local_lim.h> with <bits/pthread_stack_min.h> to provide a constant target specific PTHREAD_STACK_MIN value. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-09Force building with -fno-commonFlorian Weimer21-54/+43
As a result, is not necessary to specify __attribute__ ((nocommon)) on individual definitions. GCC 10 defaults to -fno-common on all architectures except ARC, but this change is compatible with older GCC versions and ARC, too. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-09Add a generic malloc test for MALLOC_ALIGNMENTH.J. Lu8-61/+89
1. Add sysdeps/generic/malloc-size.h to define size related macros for malloc. 2. Move x86_64/tst-mallocalign1.c to malloc and replace ALIGN_MASK with MALLOC_ALIGN_MASK. 3. Add tst-mallocalign1 to tests-exclude-mcheck for i386 and x32 since mcheck doesn't honor MALLOC_ALIGNMENT.
2021-07-09Properly run tst-spawn5 directly [BZ #28067]H.J. Lu1-11/+21
Change tst-spawn5.c to handle tst-spawn5 without optional path to ld.so, --library-path nor the library path when glibc is configured with --enable-hardcoded-path-in-tests. This fixes BZ #28067. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-09build-many-glibcs.py: Add glibcs-arm-linux-gnueabihf-thumbFlorian Weimer1-0/+3
Previously, there was no thumb variant, despite that building glibc in Thumb-2 mode is supported.
2021-07-09nptl: Use out-of-line wake function in __libc_lock_unlock slow pathFlorian Weimer3-8/+33
This slightly reduces code size, as can be seen below. __libc_lock_unlock is usually used along with __libc_lock_lock in the same function. __libc_lock_lock already has an out-of-line slow path, so this change should not introduce many additional non-leaf functions. This change also fixes a link failure in 32-bit Arm thumb mode because commit 1f9c804fbd699104adefbce9e56d2c8aa711b6b9 ("nptl: Use internal low-level lock type for !IS_IN (libc)") introduced __libc_do_syscall calls outside of libc. Before x86-64: text data bss dec hex filename 1937748 20456 54896 2013100 1eb7ac libc.so.6 25601 856 12768 39225 9939 nss/libnss_db.so.2 40310 952 25144 66406 10366 nss/libnss_files.so.2 After x86-64: text data bss dec hex filename 1935312 20456 54896 2010664 1eae28 libc.so.6 25559 864 12768 39191 9917 nss/libnss_db.so.2 39764 960 25144 65868 1014c nss/libnss_files.so.2 Before i686: 2110961 11272 39144 2161377 20fae1 libc.so.6 27243 428 12652 40323 9d83 nss/libnss_db.so.2 43062 476 25028 68566 10bd6 nss/libnss_files.so.2 After i686: 2107347 11272 39144 2157763 20ecc3 libc.so.6 26929 432 12652 40013 9c4d nss/libnss_db.so.2 43132 480 25028 68640 10c20 nss/libnss_files.so.2 Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-08powerpc64le: Fix typo in configureAnton Blanchard2-2/+2
The configure script checks for -mlong-double-128 but mentions -mlongdouble when it fails. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-08powerpc64: Remove strcspn ifunc from the loaderTulio Magno Quites Machado Filho1-0/+18
5 years ago, commit 8f1b841e452dbb083112fd036033b7f4af506ba0 unintentionally added an ifunc to the loader. That modification has not caused any harm so far, but it doesn't add any value either, because the hwcap information is available later during libc initialization. Suggested-by: Anton Blanchard <anton@ozlabs.org>
2021-07-08x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list [BZ #28064]Noah Goldstein1-2/+2
The following commit commit 6f573a27b6c8b4236445810a44660612323f5a73 Author: Noah Goldstein <goldstein.w.n@gmail.com> Date: Wed Jun 23 01:19:34 2021 -0400 x86-64: Add wcslen optimize for sse4.1 Added wcsnlen-sse4.1 to the wcslen ifunc implementation list and did not add wcslen-sse4.1 to wcslen ifunc implementation list. This commit fixes that by removing wcsnlen-sse4.1 from the wcslen ifunc implementation list and adding wcslen-sse4.1 to the ifunc implementation list. Testing: test-wcslen.c, test-rsi-wcslen.c, and test-rsi-strlen.c are passing as well as all other tests in wcsmbs and string. Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com> Reviewed-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2021-07-08x86-64: Test strlen and wcslen with 0 in the RSI register [BZ #28064]H.J. Lu3-0/+108
commit 6f573a27b6c8b4236445810a44660612323f5a73 Author: Noah Goldstein <goldstein.w.n@gmail.com> Date: Wed Jun 23 01:19:34 2021 -0400 x86-64: Add wcslen optimize for sse4.1 added wcsnlen-sse4.1 to the wcslen ifunc implementation list. Since the random value in the the RSI register is larger than the wide-character string length in the existing wcslen test, it didn't trigger the wcslen test failure. Add a test to force 0 into the RSI register before calling wcslen.
2021-07-08x86_64: Remove unneeded static PIE check for undefined weak diagnosticFangrui Song2-58/+0
https://sourceware.org/bugzilla/show_bug.cgi?id=21782 dropped an ld diagnostic for R_X86_64_PC32 referencing an undefined weak symbol in -pie links. Arguably keeping the diagnostic like other ports is more correct, since statically resolving movl foo(%rip), %eax to the link-time zero address produces a corrupted output. It turns out that --enable-static-pie builds do not depend on the ld behavior. GCC generates GOT indirection for weak declarations for -fPIE/-fPIC, so what ld does with the PC-relative relocation doesn't really matter. Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2021-07-08Add NT_ARM_PAC_ENABLED_KEYS to elf.hJoseph Myers1-0/+2
This patch adds the new NT_ARM_PAC_ENABLED_KEYS constant from Linux 5.13 to glibc's elf.h. Tested for x86_64.
2021-07-08posix: Add posix_spawn_file_actions_addclosefrom_npAdhemerval Zanella49-21/+482
This patch adds a way to close a range of file descriptors on posix_spawn as a new file action. The API is similar to the one provided by Solaris 11 [1], where the file action causes the all open file descriptors greater than or equal to input on to be closed when the new process is spawned. The function posix_spawn_file_actions_addclosefrom_np is safe to be implemented by iterating over /proc/self/fd, since the Linux spawni.c helper process does not use CLONE_FILES, so its has own file descriptor table and any failure (in /proc operation) aborts the process creation and returns an error to the caller. I am aware that this file action might be redundant to the current approach of POSIX in promoting O_CLOEXEC in more interfaces. However O_CLOEXEC is still not the default and for some specific usages, the caller needs to close all possible file descriptors to avoid them leaking. Some examples are CPython (discussed in BZ#10353) and OpenJDK jspawnhelper [2] (where OpenJDK spawns a helper process to exactly closes all file descriptors). Most likely any environment which calls functions that might open file descriptor under the hood and aim to use posix_spawn might face the same requirement. Checked on x86_64-linux-gnu and i686-linux-gnu on kernel 5.11 and 4.15. [1] https://docs.oracle.com/cd/E36784_01/html/E36874/posix-spawn-file-actions-addclosefrom-np-3c.html [2] https://github.com/openjdk/jdk/blob/master/src/java.base/unix/native/libjava/childproc.c#L82
2021-07-08io: Add closefrom [BZ #10353]Adhemerval Zanella44-2/+380
The function closes all open file descriptors greater than or equal to input argument. Negative values are clamped to 0, i.e, it will close all file descriptors. As indicated by the bug report, this is a common symbol provided by different systems (Solaris, OpenBSD, NetBSD, FreeBSD) and, although its has inherent issues with not taking in consideration internal libc file descriptors (such as syslog), this is also a common feature used in multiple projects [1][2][3][4][5]. The Linux fallback implementation iterates over /proc and close all file descriptors sequentially. Although it was raised the questioning whether getdents on /proc/self/fd might return disjointed entries when file descriptor are closed; it does not seems the case on my testing on multiple kernel (v4.18, v5.4, v5.9) and the same strategy is used on different projects [1][2][3][5]. Also, the interface is set a fail-safe meaning that a failure in the fallback results in a process abort. Checked on x86_64-linux-gnu and i686-linux-gnu on kernel 5.11 and 4.15. [1] https://github.com/systemd/systemd/blob/5238e9575906297608ff802a27e2ff9effa3b338/src/basic/fd-util.c#L217 [2] https://github.com/lxc/lxc/blob/ddf4b77e11a4d08f09b7b9cd13e593f8c047edc5/src/lxc/start.c#L236 [3] https://github.com/python/cpython/blob/9e4f2f3a6b8ee995c365e86d976937c141d867f8/Modules/_posixsubprocess.c#L220 [4] https://github.com/rust-lang/rust/blob/5f47c0613ed4eb46fca3633c1297364c09e5e451/src/libstd/sys/unix/process2.rs#L303-L308 [5] https://github.com/openjdk/jdk/blob/master/src/java.base/unix/native/libjava/childproc.c#L82
2021-07-08linux: Add close_rangeAdhemerval Zanella40-1/+422
It was added on Linux 5.9 (278a5fbaed89) with CLOSE_RANGE_CLOEXEC added on 5.11 (582f1fb6b721f). Although FreeBSD has added the same syscall, this only adds the symbol on Linux ports. This syscall is required to provided a fail-safe way to implement the closefrom symbol (BZ #10353). Checked on x86_64-linux-gnu and i686-linux-gnu on kernel 5.11 and 4.15.
2021-07-08support: Add support_stack_allocAdhemerval Zanella4-38/+107
The code to allocate a stack from xsigstack is refactored so it can be more generic. The new support_stack_alloc() also set PROT_EXEC if DEFAULT_STACK_PERMS has PF_X. This is required on some architectures (hppa for instance) and trying to access the rtld global from testsuite will require more intrusive refactoring in the ldsodefs.h header. Checked on x86_64-linux-gnu and i686-linux-gnu. I also ran tst-xsigstack on both hppa and ia64.
2021-07-08_int_realloc is staticSiddhesh Poyarekar1-2/+2
_int_realloc is correctly declared at the top to be static, but incorrectly defined without the static keyword. Fix that. The generated binaries have identical code.
2021-07-08Move mcheck symbol from stdlib to mallocSiddhesh Poyarekar2-2/+2
It is defined in malloc, so it belongs there. Verified on x86_64 that the built libraries are identical despite this change.
2021-07-08nss: Do not install static linker input files for libnss_filesFlorian Weimer1-0/+8
2021-07-08elf/tests: Make thrlock and noload depend on libmSiddhesh Poyarekar1-0/+2
Both tests try to dlopen libm.so at runtime, so make them depend on it so that they're executed if libm.so has been updated. Reviewed-by: Florian Weimer <fweimer@redhat.com>
2021-07-08Harden tcache double-free checkSiddhesh Poyarekar2-4/+41
The tcache allocator layer uses the tcache pointer as a key to identify a block that may be freed twice. Since this is in the application data area, an attacker exploiting a use-after-free could potentially get access to the entire tcache structure through this key. A detailed write-up was provided by Awarau here: https://awaraucom.wordpress.com/2020/07/19/house-of-io-remastered/ Replace this static pointer use for key checking with one that is generated at malloc initialization. The first attempt is through getrandom with a fallback to random_bits(), which is a simple pseudo-random number generator based on the clock. The fallback ought to be sufficient since the goal of the randomness is only to make the key arbitrary enough that it is very unlikely to collide with user data. Co-authored-by: Eyal Itkin <eyalit@checkpoint.com>
2021-07-07nss: Access nss_files through direct referencesFlorian Weimer20-32/+114
This partially fixes static-only NSS support (bug 27959): The files module no longer needs dlopen. Support for the dns module remains to be added, and also support for disabling dlopen altogether. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nss_files: Move into libcFlorian Weimer11-64/+37
This is the first step towards fixing bug 27959. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nss_files: Add generic code for set*ent, end*ent and file openFlorian Weimer7-108/+259
This reduces RSS usage if nss_files is not actually used, and can be used later to make NSS data thread-specific. It also results in a small code size reduction. Before: text data bss dec hex filename 2288 0 72 2360 938 nss/files-alias.os 1807 0 72 1879 757 nss/files-ethers.os 1371 0 72 1443 5a3 nss/files-grp.os 6246 0 72 6318 18ae nss/files-hosts.os 869 0 0 869 365 nss/files-initgroups.os 666 0 0 666 29a nss/files-init.os 1934 0 0 1934 78e nss/files-netgrp.os 2353 0 72 2425 979 nss/files-network.os 2130 0 72 2202 89a nss/files-proto.os 1372 0 72 1444 5a4 nss/files-pwd.os 2124 0 72 2196 894 nss/files-rpc.os 2265 0 72 2337 921 nss/files-service.os 1125 0 72 1197 4ad nss/files-sgrp.os 1124 0 72 1196 4ac nss/files-spwd.os After: text data bss dec hex filename 2040 0 0 2040 7f8 nss/files-alias.os 1599 0 0 1599 63f nss/files-ethers.os 1155 0 0 1155 483 nss/files-grp.os 6010 0 0 6010 177a nss/files-hosts.os 869 0 0 869 365 nss/files-initgroups.os 666 0 0 666 29a nss/files-init.os 1934 0 0 1934 78e nss/files-netgrp.os 2129 0 0 2129 851 nss/files-network.os 1914 0 0 1914 77a nss/files-proto.os 1156 0 0 1156 484 nss/files-pwd.os 1908 0 0 1908 774 nss/files-rpc.os 2057 0 0 2057 809 nss/files-service.os 909 0 0 909 38d nss/files-sgrp.os 908 0 0 908 38c nss/files-spwd.os 1090 0 8 1098 44a nss/nss_files_data.os 27674 code bytes before, 26344 code bytes after, so it is an overall win despite the extra initialization code. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07nss_files: Allocate nscd file registration data on the heapFlorian Weimer1-34/+20
This is only needed if nss_files is loaded by nscd. Before: text data bss dec hex filename 767 0 24952 25719 6477 nss/files-init.os After: text data bss dec hex filename 666 0 0 666 29a nss/files-init.os Using PATH_MAX bytes unconditionally for the directory name is wasteful, but fixing that would constitute another break of this semi-public ABI. (The other issue is that with symbolic links, an arbitrary set of parent directories may need watching, not just a single one.) Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07libio: Replace internal _IO_getdelim symbol with __getdelimFlorian Weimer6-8/+7
__getdelim is exported, _IO_getdelim is not. Add a hidden prototype for __getdelim. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-07libio: Add hidden prototype for ungetcFlorian Weimer2-3/+4
And make ungetc the primary symbol, with _IO_ungetc as an alias. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>