aboutsummaryrefslogtreecommitdiff
path: root/elf
AgeCommit message (Collapse)AuthorFilesLines
2017-04-13Assume that O_NOFOLLOW is always definedFlorian Weimer2-10/+1
2017-04-11Support auxilliary vector components for cache geometries.Paul Clarke1-0/+12
Add support to getauxval() for new types to get L1, L2, L3 cache sizes, cache line sizes, and cache associativities. The new types for getauxval() were added in the stream for Linux kernel v4.11 in commit 98a5f361b8625c6f4841d6ba013bbf0e80d08147. * elf/elf.h (AT_L1I_CACHESIZE, AT_L1I_CACHEGEOMETRY, AT_L1D_CACHESIZE, AT_L1D_CACHEGEOMETRY, AT_L2_CACHESIZE, AT_L2_CACHEGEOMETRY, AT_L3_CACHESIZE, AT_L3_CACHEGEOMETRY): New. Add auxvec identifiers from kernel arch/powerpc/include/uapi/asm/auxvec.h.
2017-04-09Check for __mprotect failure in _dl_map_segments [BZ #20831]Dmitry V. Levin1-8/+12
* elf/dl-map-segments.h (_dl_map_segments): Check for failure of __mprotect to change protection on the excess portion to disallow all access.
2017-04-05Define TEST_FUNCTION_ARGV in elf/tst-dlopen-aout.cH.J. Lu1-1/+1
* elf/tst-dlopen-aout.c (TEST_FUNCTION): Removed. (TEST_FUNCTION_ARGV): New.
2017-04-05Update elf tests to use the support test driver.Wainer dos Santos Moschetta71-159/+122
Replaced test-skeleton.c with support/test-driver.c and adjusted the tests accordinly. Checked on x86_64. * elf/next.c: Import support/test-driver.c instead of test-skeleton.c and delete TEST_FUNCTION macro definition. * elf/nodelete.c: Likewise. * elf/order2.c: Likewise. * elf/tst-_dl_addr_inside_object.c: Likewise. * elf/tst-addr1.c: Likewise. * elf/tst-align.c: Likewise. * elf/tst-align2.c: Likewise. * elf/tst-audit11.c: Likewise. * elf/tst-audit12.c: Likewise. * elf/tst-audit2.c: Likewise. * elf/tst-audit9.c: Likewise. * elf/tst-auxv.c: Likewise and define TEST_FUNCTION_ARGV macro. * elf/tst-deep1.c: Likewise. * elf/tst-dl-iter-static.c: Likewise. * elf/tst-dlmodcount.c: Likewise. * elf/tst-dlmopen1.c: Likewise. * elf/tst-dlmopen2.c: Likewise. * elf/tst-dlmopen3.c: Likewise. * elf/tst-dlopen-aout.c: Likewise. * elf/tst-dlopenrpath.c: Likewise. * elf/tst-dlsym-error.c: Likewise. * elf/tst-execstack-needed.c: Likewise. * elf/tst-execstack-prog.c: Likewise. * elf/tst-execstack.c: Likewise. * elf/tst-global1.c: Likewise. * elf/tst-gnu2-tls1.c: Likewise. * elf/tst-latepthread.c: Likewise. * elf/tst-leaks1.c: Likewise. * elf/tst-linkall-static.c: Likewise. (do_test): New function. * elf/tst-nodelete-opened.c: Likewise. * elf/tst-nodelete.cc: Likewise. * elf/tst-nodelete2.c: Likewise. * elf/tst-noload.c: Likewise. * elf/tst-null-argv.c: Likewise and define TEST_FUNCTION_ARGV marcro. * elf/tst-order-main.c: Likewise. * elf/tst-pathopt.c: Likewise. * elf/tst-pie2.c: Likewise. * elf/tst-piemod1.c: Likewise. * elf/tst-prelink.c: Likewise. * elf/tst-protected1a.c: Likewise. * elf/tst-protected1b.c: Likewise. * elf/tst-ptrguard1.c: Likewise, import getopt.h, and define _GNU_SOURCE macro. (cmdline_process_function): New function. * elf/tst-relsort1.c: Likewise. * elf/tst-stackguard1.c: Likewise, import getopt.h, and define _GNU_SOURCE macro. (cmdline_process_function): New function. * elf/tst-thrlock.c: Likewise. * elf/tst-tls-dlinfo.c: Likewise. * elf/tst-tls-manydynamic.c: Likewise and import support/xthread.h. * elf/tst-tls1.c: Likewise. * elf/tst-tls10.c: Likewise. * elf/tst-tls11.c: Likewise. * elf/tst-tls12.c: Likewise. * elf/tst-tls13.c: Likewise. * elf/tst-tls14.c: Likewise. * elf/tst-tls15.c: Likewise. * elf/tst-tls16.c: Likewise. * elf/tst-tls17.c: Likewise. * elf/tst-tls18.c: Likewise. * elf/tst-tls19.c: Likewise. * elf/tst-tls2.c: Likewise. * elf/tst-tls3.c: Likewise. * elf/tst-tls4.c: Likewise. * elf/tst-tls5.c: Likewise. * elf/tst-tls6.c: Likewise. * elf/tst-tls7.c: Likewise. * elf/tst-tls8.c: Likewise. * elf/tst-tls9.c: Likewise. * elf/tst-tlsalign-extern.c: Likewise. * elf/tst-tlsalign.c: Likewise. * elf/tst-unique1.c: Likewise. * elf/tst-unique2.c: Likewise. * elf/vismain.c: Likewise.
2017-03-24Update old tunables framework document/script.Sunyeop Lee1-1/+1
Since commit 8b9e9c3c0bae497ad5e2d0ae2f333f62feddcc12, security_level replaces is_secure. There were some old files need to be updated. 2017-03-23 Sunyeop Lee <sunyeop97@gmail.com> * README.tunables: Updated descriptions. * elf/dl-tunables.list: Fixed typo: SXID_NONE -> NONE. * scripts/gen-tunables.awk: Updated the code related to the commit.
2017-03-13 Remove the str(n)dup inlines from string/bits/string2.h. Although inliningWilco Dijkstra1-1/+1
calls with constant strings shows a small (~10%) performance gain, strdup is typically used in error reporting code, so not performance critical. Remove the now unused __need_malloc_and_calloc related defines from stdlib.h. Rename existing uses of str(n)dup to __str(n)dup so it no longer needs to be redirected to a builtin. Also building GLIBC with -Os now no longer shows localplt or linkname space failures (partial fix for BZ #15105 and BZ #19463). [BZ #15105] [BZ #19463] * elf/dl-cache.c (_dl_load_cache_lookup): Use __strdup. * inet/rcmd.c (rcmd_af): Likewise. * inet/rexec.c (rexec_af): Likewise. * intl/dcigettext.c (_LIBC): Likewise. * intl/finddomain.c (_nl_find_domain): Use strdup expansion. * locale/loadarchive.c (_nl_load_locale_from_archive): Use __strdup. * locale/setlocale.c (setlocale): Likewise. * posix/spawn_faction_addopen.c (posix_spawn_file_actions_addopen): Likewise. * stdlib/putenv.c (putenv): Use __strndup. * sunrpc/svc_simple.c (__registerrpc): Use __strdup. * sysdeps/posix/getaddrinfo.c (gaih_inet): Use __strdup/__strndup. * include/stdlib.h (__need_malloc_and_calloc): Remove uses. (__Need_M_And_C) Remove define/undef. * stdlib/stdlib.h (__need_malloc_and_calloc): Remove uses. (__malloc_and_calloc_defined): Remove define. * string/bits/string2.h (__strdup): Remove define. (strdup): Likewise. (__strndup): Likewise. (strndup): Likewise.
2017-03-07Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (bug #21209)Siddhesh Poyarekar3-2/+16
The LD_HWCAP_MASK environment variable may alter the selection of function variants for some architectures. For AT_SECURE process it means that if an outdated routine has a bug that would otherwise not affect newer platforms by default, LD_HWCAP_MASK will allow that bug to be exploited. To be on the safe side, ignore and disable LD_HWCAP_MASK for setuid binaries. [BZ #21209] * elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for AT_SECURE processes. * sysdeps/generic/unsecvars.h: Add LD_HWCAP_MASK. * elf/tst-env-setuid.c (test_parent): Test LD_HWCAP_MASK. (test_child): Likewise. * elf/Makefile (tst-env-setuid-ENV): Add LD_HWCAP_MASK.
2017-03-02Remove header file inclusion guard from elf/get-dynamic-info.hFlorian Weimer1-4/+2
This file is included multiple times, so the guard is harmful. Fixes commit 9090848d0607e93fb08a1d68d9f263846ee33f02.
2017-03-01Narrowing the visibility of libc-internal.h even further.Zack Weinberg5-5/+8
posix/wordexp-test.c used libc-internal.h for PTR_ALIGN_DOWN; similar to what was done with libc-diag.h, I have split the definitions of cast_to_integer, ALIGN_UP, ALIGN_DOWN, PTR_ALIGN_UP, and PTR_ALIGN_DOWN to a new header, libc-pointer-arith.h. It then occurred to me that the remaining declarations in libc-internal.h are mostly to do with early initialization, and probably most of the files including it, even in the core code, don't need it anymore. Indeed, only 19 files actually need what remains of libc-internal.h. 23 others need libc-diag.h instead, and 12 need libc-pointer-arith.h instead. No file needs more than one of them, and 16 don't need any of them! So, with this patch, libc-internal.h stops including libc-diag.h as well as losing the pointer arithmetic macros, and all including files are adjusted. * include/libc-pointer-arith.h: New file. Define cast_to_integer, ALIGN_UP, ALIGN_DOWN, PTR_ALIGN_UP, and PTR_ALIGN_DOWN here. * include/libc-internal.h: Definitions of above macros moved from here. Don't include libc-diag.h anymore either. * posix/wordexp-test.c: Include stdint.h and libc-pointer-arith.h. Don't include libc-internal.h. * debug/pcprofile.c, elf/dl-tunables.c, elf/soinit.c, io/openat.c * io/openat64.c, misc/ptrace.c, nptl/pthread_clock_gettime.c * nptl/pthread_clock_settime.c, nptl/pthread_cond_common.c * string/strcoll_l.c, sysdeps/nacl/brk.c * sysdeps/unix/clock_settime.c * sysdeps/unix/sysv/linux/i386/get_clockfreq.c * sysdeps/unix/sysv/linux/ia64/get_clockfreq.c * sysdeps/unix/sysv/linux/powerpc/get_clockfreq.c * sysdeps/unix/sysv/linux/sparc/sparc64/get_clockfreq.c: Don't include libc-internal.h. * elf/get-dynamic-info.h, iconv/loop.c * iconvdata/iso-2022-cn-ext.c, locale/weight.h, locale/weightwc.h * misc/reboot.c, nis/nis_table.c, nptl_db/thread_dbP.h * nscd/connections.c, resolv/res_send.c, soft-fp/fmadf4.c * soft-fp/fmasf4.c, soft-fp/fmatf4.c, stdio-common/vfscanf.c * sysdeps/ieee754/dbl-64/e_lgamma_r.c * sysdeps/ieee754/dbl-64/k_rem_pio2.c * sysdeps/ieee754/flt-32/e_lgammaf_r.c * sysdeps/ieee754/flt-32/k_rem_pio2f.c * sysdeps/ieee754/ldbl-128/k_tanl.c * sysdeps/ieee754/ldbl-128ibm/k_tanl.c * sysdeps/ieee754/ldbl-96/e_lgammal_r.c * sysdeps/ieee754/ldbl-96/k_tanl.c, sysdeps/nptl/futex-internal.h: Include libc-diag.h instead of libc-internal.h. * elf/dl-load.c, elf/dl-reloc.c, locale/programs/locarchive.c * nptl/nptl-init.c, string/strcspn.c, string/strspn.c * malloc/malloc.c, sysdeps/i386/nptl/tls.h * sysdeps/nacl/dl-map-segments.h, sysdeps/x86_64/atomic-machine.h * sysdeps/unix/sysv/linux/spawni.c * sysdeps/x86_64/nptl/tls.h: Include libc-pointer-arith.h instead of libc-internal.h. * elf/get-dynamic-info.h, sysdeps/nacl/dl-map-segments.h * sysdeps/x86_64/atomic-machine.h: Add multiple include guard.
2017-02-16Add missing header files throughout the testsuite.Zack Weinberg5-0/+6
* crypt/md5.h: Test _LIBC with #if defined, not #if. * dirent/opendir-tst1.c: Include sys/stat.h. * dirent/tst-fdopendir.c: Include sys/stat.h. * dirent/tst-fdopendir2.c: Include stdlib.h. * dirent/tst-scandir.c: Include stdbool.h. * elf/tst-auditmod1.c: Include link.h and stddef.h. * elf/tst-tls15.c: Include stdlib.h. * elf/tst-tls16.c: Include stdlib.h. * elf/tst-tls17.c: Include stdlib.h. * elf/tst-tls18.c: Include stdlib.h. * iconv/tst-iconv6.c: Include endian.h. * iconvdata/bug-iconv11.c: Include limits.h. * io/test-utime.c: Include stdint.h. * io/tst-faccessat.c: Include sys/stat.h. * io/tst-fchmodat.c: Include sys/stat.h. * io/tst-fchownat.c: Include sys/stat.h. * io/tst-fstatat.c: Include sys/stat.h. * io/tst-futimesat.c: Include sys/stat.h. * io/tst-linkat.c: Include sys/stat.h. * io/tst-mkdirat.c: Include sys/stat.h and stdbool.h. * io/tst-mkfifoat.c: Include sys/stat.h and stdbool.h. * io/tst-mknodat.c: Include sys/stat.h and stdbool.h. * io/tst-openat.c: Include stdbool.h. * io/tst-readlinkat.c: Include sys/stat.h. * io/tst-renameat.c: Include sys/stat.h. * io/tst-symlinkat.c: Include sys/stat.h. * io/tst-unlinkat.c: Include stdbool.h. * libio/bug-memstream1.c: Include stdlib.h. * libio/bug-wmemstream1.c: Include stdlib.h. * libio/tst-fwrite-error.c: Include stdlib.h. * libio/tst-memstream1.c: Include stdlib.h. * libio/tst-memstream2.c: Include stdlib.h. * libio/tst-memstream3.c: Include stdlib.h. * malloc/tst-interpose-aux.c: Include stdint.h. * misc/tst-preadvwritev-common.c: Include sys/stat.h. * nptl/tst-basic7.c: Include limits.h. * nptl/tst-cancel25.c: Include pthread.h, not pthreadP.h. * nptl/tst-cancel4.c: Include stddef.h, limits.h, and sys/stat.h. * nptl/tst-cancel4_1.c: Include stddef.h. * nptl/tst-cancel4_2.c: Include stddef.h. * nptl/tst-cond16.c: Include limits.h. Use sysconf(_SC_PAGESIZE) instead of __getpagesize. * nptl/tst-cond18.c: Include limits.h. Use sysconf(_SC_PAGESIZE) instead of __getpagesize. * nptl/tst-cond4.c: Include stdint.h. * nptl/tst-cond6.c: Include stdint.h. * nptl/tst-stack2.c: Include limits.h. * nptl/tst-stackguard1.c: Include stddef.h. * nptl/tst-tls4.c: Include stdint.h. Don't include tls.h. * nptl/tst-tls4moda.c: Include stddef.h. Don't include stdio.h, unistd.h, or tls.h. * nptl/tst-tls4modb.c: Include stddef.h. Don't include stdio.h, unistd.h, or tls.h. * nptl/tst-tls5.h: Include stddef.h. Don't include stdlib.h or tls.h. * posix/tst-getaddrinfo2.c: Include stdio.h. * posix/tst-getaddrinfo5.c: Include stdio.h. * posix/tst-pathconf.c: Include sys/stat.h. * posix/tst-posix_fadvise-common.c: Include stdint.h. * posix/tst-preadwrite-common.c: Include sys/stat.h. * posix/tst-regex.c: Include stdint.h. Don't include spawn.h or spawn_int.h. * posix/tst-regexloc.c: Don't include spawn.h or spawn_int.h. * posix/tst-vfork3.c: Include sys/stat.h. * resolv/tst-bug18665-tcp.c: Include stdlib.h. * resolv/tst-res_hconf_reorder.c: Include stdlib.h. * resolv/tst-resolv-search.c: Include stdlib.h. * stdio-common/tst-fmemopen2.c: Include stdint.h. * stdio-common/tst-vfprintf-width-prec.c: Include stdlib.h. * stdlib/test-canon.c: Include sys/stat.h. * stdlib/tst-tls-atexit.c: Include stdbool.h. * string/test-memchr.c: Include stdint.h. * string/tst-cmp.c: Include stdint.h. * sysdeps/pthread/tst-timer.c: Include stdint.h. * sysdeps/unix/sysv/linux/tst-sync_file_range.c: Include stdint.h. * sysdeps/wordsize-64/tst-writev.c: Include limits.h and stdint.h. * sysdeps/x86_64/fpu/math-tests-arch.h: Include cpu-features.h. Don't include init-arch.h. * sysdeps/x86_64/multiarch/test-multiarch.h: Include cpu-features.h. Don't include init-arch.h. * sysdeps/x86_64/tst-auditmod10b.c: Include link.h and stddef.h. * sysdeps/x86_64/tst-auditmod3b.c: Include link.h and stddef.h. * sysdeps/x86_64/tst-auditmod4b.c: Include link.h and stddef.h. * sysdeps/x86_64/tst-auditmod5b.c: Include link.h and stddef.h. * sysdeps/x86_64/tst-auditmod6b.c: Include link.h and stddef.h. * sysdeps/x86_64/tst-auditmod6c.c: Include link.h and stddef.h. * sysdeps/x86_64/tst-auditmod7b.c: Include link.h and stddef.h. * time/clocktest.c: Include stdint.h. * time/tst-posixtz.c: Include stdint.h. * timezone/tst-timezone.c: Include stdint.h.
2017-02-08Fix getting tunable values on big-endian (BZ #21109)Siddhesh Poyarekar2-2/+4
The code to set value passed a tunable_val_t, which when cast to int32_t on big-endian gives the wrong value. Instead, use tunable_val_t.numval instead, which can then be safely cast into int32_t.
2017-02-04tunables: Fail tests correctly when setgid does not workSiddhesh Poyarekar1-5/+7
The child process of the tst-env-setuid process was failing correctly with EXIT_UNSUPPORTED but the parent did not carry that status forward and failed instead. This patch fixes this so that tests on nosuid /tmp fails gracefully with UNSUPPORTED. Tested by making my tmpfs nosuid. * elf/tst-env-setuid.c (do_execve): Return EXIT_UNSUPPORTED in parent if child exited in that manner. Print WEXITSTATUS instead of the raw status. (do_test_prep): Rename to do_test. (do_test): Return the result of run_executable_sgid. (TEST_FUNCTION_ARGV): Adjust.
2017-02-03Bug 20915: Do not initialize DTV of other threads.Alexandre Oliva1-6/+0
In _dl_nothread_init_static_tls() and init_one_static_tls() we must not touch the DTV of other threads since we do not have ownership of them. The DTV need not be initialized at this point anyway since only LD/GD accesses will use them. If LD/GD accesses occur they will take care to initialize their own thread's DTV. Concurrency comments were removed from the patch since they need to be reworked along with a full description of DTV ownership and when it is or is not safe to modify these structures. Alexandre Oliva's original patch and discussion: https://sourceware.org/ml/libc-alpha/2016-09/msg00512.html
2017-02-02Drop GLIBC_TUNABLES for setxid programs when tunables is disabled (bz #21073)Siddhesh Poyarekar1-0/+9
A setxid program that uses a glibc with tunables disabled may pass on GLIBC_TUNABLES as is to its child processes. If the child process ends up using a different glibc that has tunables enabled, it will end up getting access to unsafe tunables. To fix this, remove GLIBC_TUNABLES from the environment for setxid process. * sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES. * elf/tst-env-setuid-tunables.c (test_child_tunables)[!HAVE_TUNABLES]: Verify that GLIBC_TUNABLES is removed in a setgid process.
2017-02-02tunables: Fix environment variable processing for setuid binaries (bz #21073)Siddhesh Poyarekar7-31/+482
Florian Weimer pointed out that we have three different kinds of environment variables (and hence tunables): 1. Variables that are removed for setxid processes 2. Variables that are ignored in setxid processes but is passed on to child processes 3. Variables that are passed on to child processes all the time Tunables currently only does (2) and (3) when it should be doing (1) for MALLOC_CHECK_. This patch enhances the is_secure flag in tunables to an enum value that can specify which of the above three categories the tunable (and its envvar alias) belongs to. The default is for tunables to be in (1). Hence, all of the malloc tunables barring MALLOC_CHECK_ are explicitly specified to belong to category (2). There were discussions around abolishing category (2) completely but we can do that as a separate exercise in 2.26. Tested on x86_64 to verify that there are no regressions. [BZ #21073] * elf/dl-tunable-types.h (tunable_seclevel_t): New enum. * elf/dl-tunables.c (tunables_strdup): Remove. (get_next_env): Also return the previous envp. (parse_tunables): Erase tunables of category TUNABLES_SECLEVEL_SXID_ERASE. (maybe_enable_malloc_check): Make MALLOC_CHECK_ TUNABLE_SECLEVEL_NONE if /etc/setuid-debug is accessible. (__tunables_init)[TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring]: Update GLIBC_TUNABLES envvar after parsing. [TUNABLES_FRONTEND != TUNABLES_FRONTEND_valstring]: Erase tunable envvars of category TUNABLES_SECLEVEL_SXID_ERASE. * elf/dl-tunables.h (struct _tunable): Change member is_secure to security_level. * elf/dl-tunables.list: Add security_level annotations for all tunables. * scripts/gen-tunables.awk: Recognize and generate enum values for security_level. * elf/tst-env-setuid.c: New test case. * elf/tst-env-setuid-tunables: new test case. * elf/Makefile (tests-static): Add them.
2017-01-20* elf/dl-tunables.c (tunable_set_val_if_valid_range): Split into ...DJ Delorie1-4/+26
(tunable_set_val_if_valid_range_signed) ... this, and ... (tunable_set_val_if_valid_range_unsigned) ... this. (tunable_initialize): Call the correct one of the above based on type.
2017-01-20Fix environment traversal when an envvar value is emptySiddhesh Poyarekar1-2/+2
The condition when the value of an envvar is empty (not just '\0'), the loop in tunables_init gets stuck infinitely because envp is not incremented. Fix that by always incrementing envp in the loop. Added test case (tst-empty-env.c) verifies the fix when the source is configured with --enable-hardcoded-path-in-tests, thanks Josh Stone for providing the test case. Verified on x86_64. * elf/dl-tunables (get_next_env): Always advance envp. * stdlib/tst-empty-env.c: New test case. * stdlib/Makefile (tests): Use it.
2017-01-11Fix elf/sotruss-lib format-truncation error.Joseph Myers1-2/+2
Building 64-bit glibc with GCC mainline fails with: ../elf/sotruss-lib.c: In function 'la_version': ../elf/sotruss-lib.c:91:28: error: '%lu' directive output may be truncated writing between 1 and 20 bytes into a region of size 11 [-Werror=format-truncation=] snprintf (endp, 12, ".%lu", (unsigned long int) pid); ^~~ ../elf/sotruss-lib.c:91:26: note: using the range [1, 18446744073709551615] for directive argument snprintf (endp, 12, ".%lu", (unsigned long int) pid); ^~~~~~ ../elf/sotruss-lib.c:91:6: note: format output between 3 and 22 bytes into a destination of size 12 snprintf (endp, 12, ".%lu", (unsigned long int) pid); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Pids from getpid cannot actually be negative, but the compiler doesn't know this. Other places in this file use (signed) long int for printing, so this patch makes this place do so as well. Then it increases the buffer size by one byte to allow for the minus sign that can't actually occur. It doesn't seem worth using diagnostic pragmas to save one byte; other place in this file just use a cruder 3 * sizeof (pid_t) calculation for number of digits. Tested with GCC mainline with compilation for aarch64 with build-many-glibcs.py, and with glibc testsuite for x86_64 (built with GCC 6). * elf/sotruss-lib.c (init): Increase space allocated for pid by one byte. Print it with %ld, cast to long int.
2017-01-10tunables: Avoid getenv calls and disable glibc.malloc.check by defaultSiddhesh Poyarekar2-78/+10
Builds with --enable-tunables failed on i686 because a call to getenv got snuck into tunables, which pulled in strncmp. This patch fixes this build failure by making the glibc.malloc.check check even simpler. The previous approach was convoluted where the tunable was disabled using an unsetenv and overwriting the tunable value with colons. The easier way is to simply mark the tunable as insecure by default (i.e. won't be read for AT_SECURE programs) and then enabled only when the /etc/suid-debug file is found. This also ends up removing a bunch of functions that were specially reimplemented (strlen, unsetenv) to avoid calling into string routines. Tested on x86_64 and i686. * elf/dl-tunables.c (tunables_unsetenv): Remove function. (min_strlen): Likewise. (disable_tunable): Likewise. (maybe_disable_malloc_check): Rename to maybe_enable_malloc_check. (maybe_enable_malloc_check): Enable glibc.malloc.check tunable if /etc/suid-debug file exists. (__tunables_init): Update caller. * elf/dl-tunables.list (glibc.malloc.check): Don't mark as secure.
2017-01-05Increase some test timeouts.Joseph Myers1-1/+0
This patch increases timeouts on some tests I've observed timing out. elf/tst-tls13 and iconvdata/tst-loading both dynamically load many objects and so are slow when testing over NFS. They had timeouts set from before the default changed from 2 to 20 seconds; this patch removes those old settings, so effectively increasing the timeout to 20 seconds (from 3 and 10 seconds respectively). malloc/tst-malloc-thread-fail.c and malloc/tst-mallocfork2.c are slow on slow systems and so I set a fairly arbitrary 100 second timeout, which seems to suffice on the system where I saw them timing out. nss/tst-cancel-getpwuid_r.c and nss/tst-nss-getpwent.c are slow on systems with a large passwd file; I set timeouts that empirically worked for me. (It seems tst-cancel-getpwuid_r.c is hitting the 100000 getpwuid_r call limit in my testing, with each call taking a bit over 0.007 seconds, so 700 seconds for the test.) * elf/tst-tls13.c (TIMEOUT): Remove. * iconvdata/tst-loading.c (TIMEOUT): Likewise. * malloc/tst-malloc-thread-fail.c (TIMEOUT): Increase to 100. * malloc/tst-mallocfork2.c (TIMEOUT): Define to 100. * nss/tst-cancel-getpwuid_r.c (TIMEOUT): Define to 900. * nss/tst-nss-getpwent.c (TIMEOUT): Define to 300.
2017-01-03Fix elf/tst-ldconfig-X for cross testing.Joseph Myers1-1/+2
elf/Makefile passes arguments to tst-ldconfig-X.sh that are different from what it expects, so resulting in the test failing in cross testing. This patch corrects the arguments passed (the script itself has correct logic for cross testing, it's just the Makefile that's wrong). Tested for powerpc (cross testing) and for x86_64 (native testing). * elf/Makefile ($(objpfx)tst-ldconfig-X.out): Correct arguments passed to tst-ldconfig-X.sh.
2017-01-01Update copyright dates not handled by scripts/update-copyrights.Joseph Myers5-5/+5
I've updated copyright dates in glibc for 2017. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. Please remember to include 2017 in the dates for any new files added in future (which means updating any existing uncommitted patches you have that add new files to use the new copyright dates in them). * NEWS: Update copyright dates. * catgets/gencat.c (print_version): Likewise. * csu/version.c (banner): Likewise. * debug/catchsegv.sh: Likewise. * debug/pcprofiledump.c (print_version): Likewise. * debug/xtrace.sh (do_version): Likewise. * elf/ldconfig.c (print_version): Likewise. * elf/ldd.bash.in: Likewise. * elf/pldd.c (print_version): Likewise. * elf/sotruss.sh: Likewise. * elf/sprof.c (print_version): Likewise. * iconv/iconv_prog.c (print_version): Likewise. * iconv/iconvconfig.c (print_version): Likewise. * locale/programs/locale.c (print_version): Likewise. * locale/programs/localedef.c (print_version): Likewise. * login/programs/pt_chown.c (print_version): Likewise. * malloc/memusage.sh (do_version): Likewise. * malloc/memusagestat.c (print_version): Likewise. * malloc/mtrace.pl: Likewise. * manual/libc.texinfo: Likewise. * nptl/version.c (banner): Likewise. * nscd/nscd.c (print_version): Likewise. * nss/getent.c (print_version): Likewise. * nss/makedb.c (print_version): Likewise. * posix/getconf.c (main): Likewise. * scripts/test-installation.pl: Likewise. * sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2017-01-01Update copyright dates with scripts/update-copyrights.Joseph Myers130-130/+130
2016-12-31tunables: Use correct unused attributeFlorian Weimer1-1/+1
2016-12-31Enhance --enable-tunables to select tunables frontend at build timeSiddhesh Poyarekar3-2/+18
At the GNU Tools Cauldron 2016, the state of the current tunables patchset was considered OK with the addition of a way to select the frontend to be used for the tunables. That is, to avoid being locked in to one type of frontend initially, it should be possible to build tunables with a different frontend with something as simple as a configure switch. To that effect, this patch enhances the --enable-tunables option to accept more values than just 'yes' or 'no'. The current frontend (and default when enable-tunables is 'yes') is called 'valstring', to select the frontend where a single environment variable is set to a colon-separated value string. More such frontends can be added in future. * Makeconfig (have-tunables): Check for non-negative instead of positive. * configure.ac: Add 'valstring' as a valid value for --enable-tunables. * configure: Regenerate. * elf/Makefile (have-tunables): Check for non-negative instead of positive. (CPPFLAGS-dl-tunables.c): Define TUNABLES_FRONTEND for dl-tunables.c. * elf/dl-tunables.c (GLIBC_TUNABLES): Define only when TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring. (tunables_strdup): Likewise. (disable_tunables): Likewise. (parse_tunables): Likewise. (__tunables_init): Process GLIBC_TUNABLES envvar only when. TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring. * elf/dl-tunables.h (TUNABLES_FRONTEND_valstring): New macro. (TUNABLES_FRONTEND_yes): New macro, define as TUNABLES_FRONTEND_valstring by default. * manual/install.texi: Document new acceptable values for --enable-tunables. * INSTALL: Regenerate.
2016-12-31Initialize tunable list with the GLIBC_TUNABLES environment variableSiddhesh Poyarekar2-1/+134
Read tunables values from the users using the GLIBC_TUNABLES environment variable. The value of this variable is a colon-separated list of name=value pairs. So a typical string would look like this: GLIBC_TUNABLES=glibc.malloc.mmap_threshold=2048:glibc.malloc.trim_threshold=1024 * config.make.in (have-loop-to-function): Define. * elf/Makefile (CFLAGS-dl-tunables.c): Add -fno-tree-loop-distribute-patterns. * elf/dl-tunables.c: Include libc-internals.h. (GLIBC_TUNABLES): New macro. (tunables_strdup): New function. (parse_tunables): New function. (min_strlen): New function. (__tunables_init): Use the new functions and macro. (disable_tunable): Disable tunable from GLIBC_TUNABLES. * malloc/tst-malloc-usable-tunables.c: New test case. * malloc/tst-malloc-usable-static-tunables.c: New test case. * malloc/Makefile (tests, tests-static): Add tests.
2016-12-31Add framework for tunablesSiddhesh Poyarekar9-0/+539
The tunables framework allows us to uniformly manage and expose global variables inside glibc as switches to users. tunables/README has instructions for glibc developers to add new tunables. Tunables support can be enabled by passing the --enable-tunables configure flag to the configure script. This patch only adds a framework and does not pose any limitations on how tunable values are read from the user. It also adds environment variables used in malloc behaviour tweaking to the tunables framework as a PoC of the compatibility interface. * manual/install.texi: Add --enable-tunables option. * INSTALL: Regenerate. * README.tunables: New file. * Makeconfig (CPPFLAGS): Define TOP_NAMESPACE. (before-compile): Generate dl-tunable-list.h early. * config.h.in: Add HAVE_TUNABLES. * config.make.in: Add have-tunables. * configure.ac: Add --enable-tunables option. * configure: Regenerate. * csu/init-first.c (__libc_init_first): Move __libc_init_secure earlier... * csu/init-first.c (LIBC_START_MAIN):... to here. Include dl-tunables.h, libc-internal.h. (LIBC_START_MAIN) [!SHARED]: Initialize tunables for static binaries. * elf/Makefile (dl-routines): Add dl-tunables. * elf/Versions (ld): Add __tunable_set_val to GLIBC_PRIVATE namespace. * elf/dl-support (_dl_nondynamic_init): Unset MALLOC_CHECK_ only when !HAVE_TUNABLES. * elf/rtld.c (process_envvars): Likewise. * elf/dl-sysdep.c [HAVE_TUNABLES]: Include dl-tunables.h (_dl_sysdep_start): Call __tunables_init. * elf/dl-tunable-types.h: New file. * elf/dl-tunables.c: New file. * elf/dl-tunables.h: New file. * elf/dl-tunables.list: New file. * malloc/tst-malloc-usable-static.c: New test case. * malloc/Makefile (tests-static): Add it. * malloc/arena.c [HAVE_TUNABLES]: Include dl-tunables.h. Define TUNABLE_NAMESPACE. (DL_TUNABLE_CALLBACK (set_mallopt_check)): New function. (DL_TUNABLE_CALLBACK_FNDECL): New macro. Use it to define callback functions. (ptmalloc_init): Set tunable values. * scripts/gen-tunables.awk: New file. * sysdeps/mach/hurd/dl-sysdep.c: Include dl-tunables.h. (_dl_sysdep_start): Call __tunables_init.
2016-12-26Link a non-libc-using test with -fno-stack-protector [BZ #7065]Nick Alcock1-0/+3
This test cannot reference __stack_chk_fail because it is not linked with libc at all.
2016-12-26Ignore __stack_chk_fail* in the rtld mapfile computation [BZ #7065]Nick Alcock1-1/+14
The previous commit prevented rtld itself from being built with -fstack-protector, but this is not quite enough. We identify which objects belong in rtld via a test link and analysis of the resulting mapfile. That link is necessarily done against objects that are stack-protected, so drags in __stack_chk_fail_local, __stack_chk_fail, and all the libc and libio code they use. To stop this happening, use --defsym in the test librtld.map-production link to force the linker to predefine these two symbols (to 0, but it could be to anything). (In a real link, this would of course be catastrophic, but these object files are never used for anything else.)
2016-12-26Compile the dynamic linker without stack protection [BZ #7065]Nick Alcock2-0/+14
Also compile corresponding routines in the static libc.a with the same flag.
2016-12-26Do not stack-protect ifunc resolvers [BZ #7065]Nick Alcock5-0/+11
When dynamically linking, ifunc resolvers are called before TLS is initialized, so they cannot be safely stack-protected. We avoid disabling stack-protection on large numbers of files by using __attribute__ ((__optimize__ ("-fno-stack-protector"))) to turn it off just for the resolvers themselves. (We provide the attribute even when statically linking, because we will later use it elsewhere too.)
2016-12-23Bug 11941: ld.so: Improper assert map->l_init_called in dlcloseCarlos O'Donell5-8/+201
There is at least one use case where during exit a library destructor might call dlclose() on a valid handle and have it fail with an assertion. We must allow this case, it is a valid handle, and dlclose() should not fail with an assert. In the future we might be able to return an error that the dlclose() could not be completed because the opened library has already been unloaded and destructors have run as part of exit processing. For more details see: https://www.sourceware.org/ml/libc-alpha/2016-12/msg00859.html
2016-12-21Remove unused function _dl_tls_setupFlorian Weimer2-34/+2
Commit 7a5e3d9d633c828d84a9535f26b202a6179978e7 (elf: Assume TLS is initialized in _dl_map_object_from_fd) removed the last call of _dl_tls_setup, but did not remove the function itself.
2016-12-09support: Introduce new subdirectory for test infrastructureFlorian Weimer1-0/+1
The new test driver in <support/test-driver.c> has feature parity with the old one. The main difference is that its hooking mechanism is based on functions and function pointers instead of macros. This commit also implements a new environment variable, TEST_COREDUMPS, which disables the code which disables coredumps (that is, it enables them if the invocation environment has not disabled them). <test-skeleton.c> defines wrapper functions so that it is possible to use existing macros with the new-style hook functionality. This commit changes only a few test cases to the new test driver, to make sure that it works as expected.
2016-12-02Bug 20918 - Building with --enable-nss-crypt fails tst-linkall-staticCarlos O'Donell2-2/+32
Some configurations may use NSS cryptographic routines but have no static library for those routines. The following changes allow glibc to be built and tested with --enable-nss-crypt, but without having a static NSS library. At a high level the change does two things: (1) Detect at configure time if static NSS crypto libraries are available. Assumes libfreebl3.a (instead of the existing Fedora libfreebl.a which is incomplete) which matches libfreebl3.so. (2) If static NSS crypto libraries are _not_ available then adjust the way in which we build tst-linkall-static. This includes excluding a reference to crypt and not linking against libcrypt.a, all of which will fail otherwise. Testing assumptions: * Static library is named libfreebl3.a (not libfreebl.a as is currently provided in Fedora), matching libfreebl3.so shared link name. Tested on x86_64 on Fedora with: (a) --enable-nss-crypt, with no static NSS library support: PASS (previous FAIL) (b) --enable-nss-crypt, with faked static NSS library support: PASS (unsupported) * Requires changing elf/Makefile to include a stub /lib64/libfreebl3.a for testing purposes. (c) --disable-nss-crypt: PASS (default) No regressions on x86_64. For details see: https://www.sourceware.org/ml/libc-alpha/2016-11/msg00647.html
2016-12-02elf/tst-tls-manydynamic: New testFlorian Weimer4-2/+245
This test adds coverage for creating many dynamic TLS variables which exhaust the static TLS allocation.
2016-12-02Fix new testcase elf/tst-latepthread on s390x.Stefan Liebler1-0/+3
The first dlopen ("tst-latepthreadmod.so", RTLD_LOCAL | RTLD_LAZY) call in elf/tst-latepthread.c fails on s390x with "error: dlopen failed: .../build-s390x/elf/tst-latepthreadmod.so: undefined symbol: this_function_is_not_defined". In elf/tst-latepthreadmod.c, this_function_is_not_defined is a sibling call which leads to a R_390_GLOB_DAT relocation in .rela.dyn instead of a R_390_JMP_SLOT in .rela.plt. As RTLD_LAZY skips the JMP_SLOT relocations, but not GLOB_DAT ones, the dlopen call fails. If elf/tst-latepthreadmod.c is build with -fno-optimize-sibling-calls, a JMP_SLOT relocation is generated for this_function_is_not_defined and the test passes. ChangeLog: * elf/Makefile (CFLAGS-tst-latepthreadmod.c): Add -fno-optimize-sibling-calls.
2016-11-30ld.so: Remove __libc_memalignFlorian Weimer2-13/+9
It is no longer needed since commit 6c444ad6e953dbdf9c7be065308a0a777 (elf: Do not use memalign for TCB/TLS blocks allocation [BZ #17730]). Applications do not link against ld.so and will use the definition in libc.so, so there is no ABI impact.
2016-11-30Implement _dl_catch_error, _dl_signal_error in libc.so [BZ #16628]Florian Weimer12-286/+428
This change moves the main implementation of _dl_catch_error, _dl_signal_error to libc.so, where TLS variables can be used directly. This removes a writable function pointer from the rtld_global variable. For use during initial relocation, minimal implementations of these functions are provided in ld.so. These are eventually interposed by the libc.so implementations. This is implemented by compiling elf/dl-error-skeleton.c twice, via elf/dl-error.c and elf/dl-error-minimal.c. As a side effect of this change, the static version of dl-error.c no longer includes support for the _dl_signal_cerror/_dl_receive_error mechanism because it is only used in ld.so.
2016-11-23elf: Assume TLS is initialized in _dl_map_object_from_fdFlorian Weimer1-47/+7
libc.so uses TLS data, so when dlopen is called later, the TLS data structures have already been initialized.
2016-10-28Add include/crypt.h.Carlos O'Donell1-1/+0
To support tests that include crypt.h we add a wrapper.
2016-10-28Fix building tst-linkall-static.Carlos O'Donell1-0/+1
The crypt/ directory is not added as part of the sysdep directories. Add it when building tst-linkall-static to include crypt.h.
2016-10-28Add test for linking against most static librariesFlorian Weimer2-1/+57
2016-09-30Bug 20292 - Simplify and test _dl_addr_inside_objectCarlos O'Donell5-35/+309
The function _dl_addr_inside_object is simplified by removing the conditional 'reladdr - l->l_phdr[n].p_vaddr >= 0' which is always true. The function is refactored into it's own object file and a unit test added to verify the correct behaviour of the function.
2016-09-21[PR19826] fix non-LE TLS in static programsAlexandre Oliva2-0/+10
An earlier fix for TLS dropped early initialization of DTV entries for modules using static TLS, leaving it for __tls_get_addr to set them up. That worked on platforms that require the GD access model to be relaxed to LE in the main executable, but it caused a regression on platforms that allow GD in the main executable, particularly in statically-linked programs: they use a custom __tls_get_addr that does not update the DTV, which fails when the DTV early initialization is not performed. In static programs, __libc_setup_tls performs the DTV initialization for the main thread, but the DTV of other threads is set up in _dl_allocate_tls_init, so that's the fix that matters. Restoring the initialization in the remaining functions modified by this patch was just for uniformity. It's not clear that it is ever needed: even on platforms that allow GD in the main executable, the dynamically-linked version of __tls_get_addr would set up the DTV entries, even for static TLS modules, while updating the DTV counter. for ChangeLog [BZ #19826] * elf/dl-tls.c (_dl_allocate_tls_init): Restore DTV early initialization of static TLS entries. * elf/dl-reloc.c (_dl_nothread_init_static_tls): Likewise. * nptl/allocatestack.c (init_one_static_tls): Likewise.
2016-09-21sln: Preprocessor cleanupsFlorian Weimer1-15/+0
2016-09-03Set NODELETE flag after checking for NULL pointerAurelien Jarno3-7/+81
The commit b632bdd3 moved the setting of the DF_1_NODELETE flag earlier in the dl_open_worker function. However when calling dlopen with both RTLD_NODELETE and RTLD_NOLOAD, the pointer returned by _dl_map_object is NULL. This condition is checked just after setting the flag, while it should be done before. Fix that. Changelog: [BZ #19810] * elf/dl-open.c (dl_open_worker): Set DF_1_NODELETE flag later. * elf/tst-noload.c: New test case. * elf/Makefile (tests): Add tst-noload.
2016-08-03elf: Do not use memalign for TCB/TLS blocks allocation [BZ #17730]Florian Weimer1-36/+53
Instead, call malloc and explicitly align the pointer. There is no external location to store the original (unaligned) pointer, and this commit increases the allocation size to store the pointer at a fixed location relative to the TCB pointer. The manual alignment means that some space goes unused which was previously made available for subsequent allocations. However, in the TLS_DTV_AT_TP case, the manual alignment code avoids aligning the pre-TCB to the TLS block alignment. (Even while using memalign, the allocation had some unused padding in front.) This concludes the removal of memalign calls from the TLS code, and the new tst-tls3-malloc test verifies that only core malloc routines are used.
2016-08-03elf: Avoid using memalign for TLS allocations [BZ #17730]Florian Weimer1-29/+46
Instead of a flag which indicates the pointer can be freed, dtv_t now includes the pointer which should be freed. Due to padding, the size of dtv_t does not increase. To avoid using memalign, the new allocate_dtv_entry function allocates a sufficiently large buffer so that a sub-buffer can be found in it which starts with an aligned pointer. Both the aligned and original pointers are kept, the latter for calling free later.