Commit Graph

2263 Commits

Author SHA1 Message Date
H.J. Lu
03feacb562 x86: Rename glibc.tune.ifunc to glibc.tune.hwcaps
Rename glibc.tune.ifunc to glibc.tune.hwcaps and move it to
sysdeps/x86/dl-tunables.list since it is x86 specicifc.  Also
change type of data_cache_size, data_cache_size and
non_temporal_threshold to unsigned long int to match size_t.
Remove usage DEFAULT_STRLEN from cpu-tunables.c.

	* elf/dl-tunables.list (glibc.tune.ifunc): Removed.
	* sysdeps/x86/dl-tunables.list (glibc.tune.hwcaps): New.
	Remove security_level on all fields.
	* manual/tunables.texi: Replace ifunc with hwcaps.
	* sysdeps/x86/cpu-features.c (TUNABLE_CALLBACK (set_ifunc)):
	Renamed to ..
	(TUNABLE_CALLBACK (set_hwcaps)): This.
	(init_cpu_features): Updated.
	* sysdeps/x86/cpu-features.h (cpu_features): Change type of
	data_cache_size, data_cache_size and non_temporal_threshold to
	unsigned long int.
	* sysdeps/x86/cpu-tunables.c (DEFAULT_STRLEN): Removed.
	(TUNABLE_CALLBACK (set_ifunc)): Renamed to ...
	(TUNABLE_CALLBACK (set_hwcaps)): This.  Update comments.  Don't
	use DEFAULT_STRLEN.
2017-06-21 10:21:37 -07:00
H.J. Lu
da69a35566 Move x86 specific tunables to x86/dl-tunables.list
* elf/dl-tunables.list: Move x86 specific tunables to ...
	* sysdeps/x86/dl-tunables.list: Here.  New file.
2017-06-20 14:03:31 -07:00
H.J. Lu
905947c304 tunables: Add IFUNC selection and cache sizes
The current IFUNC selection is based on microbenchmarks in glibc.  It
should give the best performance for most workloads.  But other choices
may have better performance for a particular workload or on the hardware
which wasn't available at the selection was made.  The environment
variable, GLIBC_TUNABLES=glibc.tune.ifunc=-xxx,yyy,-zzz...., can be used
to enable CPU/ARCH feature yyy, disable CPU/ARCH feature yyy and zzz,
where the feature name is case-sensitive and has to match the ones in
cpu-features.h.  It can be used by glibc developers to override the
IFUNC selection to tune for a new processor or improve performance for
a particular workload.  It isn't intended for normal end users.

NOTE: the IFUNC selection may change over time.  Please check all
multiarch implementations when experimenting.

Also, GLIBC_TUNABLES=glibc.tune.x86_non_temporal_threshold=NUMBER is
provided to set threshold to use non temporal store to NUMBER,
GLIBC_TUNABLES=glibc.tune.x86_data_cache_size=NUMBER to set data cache
size, GLIBC_TUNABLES=glibc.tune.x86_shared_cache_size=NUMBER to set
shared cache size.

	* elf/dl-tunables.list (tune): Add ifunc,
	x86_non_temporal_threshold,
	x86_data_cache_size and x86_shared_cache_size.
	* manual/tunables.texi: Document glibc.tune.ifunc,
	glibc.tune.x86_data_cache_size, glibc.tune.x86_shared_cache_size
	and glibc.tune.x86_non_temporal_threshold.
	* sysdeps/unix/sysv/linux/x86/dl-sysdep.c: New file.
	* sysdeps/x86/cpu-tunables.c: Likewise.
	* sysdeps/x86/cacheinfo.c
	(init_cacheinfo): Check and get data cache size, shared cache
	size and non temporal threshold from cpu_features.
	* sysdeps/x86/cpu-features.c [HAVE_TUNABLES] (TUNABLE_NAMESPACE):
	New.
	[HAVE_TUNABLES] Include <unistd.h>.
	[HAVE_TUNABLES] Include <elf/dl-tunables.h>.
	[HAVE_TUNABLES] (TUNABLE_CALLBACK (set_ifunc)): Likewise.
	[HAVE_TUNABLES] (init_cpu_features): Use TUNABLE_GET to set
	IFUNC selection, data cache size, shared cache size and non
	temporal threshold.
	* sysdeps/x86/cpu-features.h (cpu_features): Add data_cache_size,
	shared_cache_size and non_temporal_threshold.
2017-06-20 08:37:28 -07:00
Florian Weimer
81b82fb966 ld.so: Reject overly long LD_AUDIT path elements
Also only process the last LD_AUDIT entry.
2017-06-19 22:32:12 +02:00
Florian Weimer
6d0ba62289 ld.so: Reject overly long LD_PRELOAD path elements 2017-06-19 22:31:04 +02:00
Florian Weimer
f6110a8fee CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1 programs [BZ #21624]
LD_LIBRARY_PATH can only be used to reorder system search paths, which
is not useful functionality.

This makes an exploitable unbounded alloca in _dl_init_paths unreachable
for AT_SECURE=1 programs.
2017-06-19 18:27:30 +02:00
H.J. Lu
52243b520e Remove _dl_out_of_memory from elf/Versions
Since _dl_out_of_memory is static in elf/dl-error-skeleton.c:

static const char _dl_out_of_memory[] = "out of memory";

remove _dl_out_of_memory from elf/Versions.

	* elf/Versions (ld): Remove _dl_out_of_memory.
2017-06-16 09:22:48 -07:00
Alan Modra
0572433b5b PowerPC64 ELFv2 PPC64_OPT_LOCALENTRY
ELFv2 functions with localentry:0 are those with a single entry point,
ie. global entry == local entry, that have no requirement on r2 or
r12 and guarantee r2 is unchanged on return.  Such an external
function can be called via the PLT without saving r2 or restoring it
on return, avoiding a common load-hit-store for small functions.

This patch implements the ld.so changes necessary for this
optimization.  ld.so needs to check that an optimized plt call
sequence is in fact calling a function implemented with localentry:0,
end emit a fatal error otherwise.

The elf/testobj6.c change is to stop "error while loading shared
libraries: expected localentry:0 `preload'" when running
elf/preloadtest, which we'd get otherwise.

	* elf/elf.h (PPC64_OPT_LOCALENTRY): Define.
	* sysdeps/alpha/dl-machine.h (elf_machine_fixup_plt): Add
	refsym and sym parameters.  Adjust callers.
	* sysdeps/aarch64/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/arm/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/generic/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/hppa/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/i386/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/ia64/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/m68k/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/microblaze/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/mips/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/nios2/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/powerpc/powerpc32/dl-machine.h (elf_machine_fixup_plt):
	Likewise.
	* sysdeps/s390/s390-32/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/s390/s390-64/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/sh/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/sparc/sparc32/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/sparc/sparc64/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/tile/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/x86_64/dl-machine.h (elf_machine_fixup_plt): Likewise.
	* sysdeps/powerpc/powerpc64/dl-machine.c (_dl_error_localentry): New.
	(_dl_reloc_overflow): Increase buffser size.  Formatting.
	* sysdeps/powerpc/powerpc64/dl-machine.h (ppc64_local_entry_offset):
	Delete reloc param, add refsym and sym.  Check optimized plt
	call stubs for localentry:0 functions.  Adjust callers.
	(elf_machine_fixup_plt, elf_machine_plt_conflict): Add refsym
	and sym parameters.  Adjust callers.
	(_dl_reloc_overflow): Move attribute.
	(_dl_error_localentry): Declare.
	* elf/dl-runtime.c (_dl_fixup): Save original sym.  Pass
	refsym and sym to elf_machine_fixup_plt.
	* elf/testobj6.c (preload): Call printf.
2017-06-14 10:47:25 +09:30
H.J. Lu
37b66c0b1a ld.so: Consolidate 2 strtouls into _dl_strtoul [BZ #21528]
There are 2 minimal strtoul implementations in ld.so:

1. __strtoul_internal in elf/dl-minimal.c.
2. tunables_strtoul in elf/dl-tunables.c.

This patch adds _dl_strtoul to replace them.  Tested builds with and
without --enable-tunables.

	[BZ #21528]
	* elf/dl-minimal.c (__strtoul_internal): Removed.
	(strtoul): Likewise.
	* elf/dl-misc.c (_dl_strtoul): New function.
	* elf/dl-tunables.c (tunables_strtoul): Removed.
	(tunable_initialize): Replace tunables_strtoul with _dl_strtoul.
	* elf/rtld.c (process_envvars): Likewise.
	* sysdeps/unix/sysv/linux/dl-librecon.h (_dl_osversion_init):
	Likewise.
	* sysdeps/generic/ldsodefs.h (_dl_strtoul): New prototype.
2017-06-08 12:52:42 -07:00
Siddhesh Poyarekar
511c5a1087 Make LD_HWCAP_MASK usable for static binaries
The LD_HWCAP_MASK environment variable was ignored in static binaries,
which is inconsistent with the behaviour of dynamically linked
binaries.  This seems to have been because of the inability of
ld_hwcap_mask being read early enough to influence anything but now
that it is in tunables, the mask is usable in static binaries as well.

This feature is important for aarch64, which relies on HWCAP_CPUID
being masked out to disable multiarch.  A sanity test on x86_64 shows
that there are no failures.  Likewise for aarch64.

	* elf/dl-hwcaps.h [HAVE_TUNABLES]: Always read hwcap_mask.
	* sysdeps/sparc/sparc32/dl-machine.h [HAVE_TUNABLES]:
	Likewise.
	* sysdeps/x86/cpu-features.c (init_cpu_features): Always set
	up hwcap and hwcap_mask.
2017-06-07 11:11:40 +05:30
Siddhesh Poyarekar
ff08fc59e3 tunables: Use glibc.tune.hwcap_mask tunable instead of _dl_hwcap_mask
Drop _dl_hwcap_mask when building with tunables.  This completes the
transition of hwcap_mask reading from _dl_hwcap_mask to tunables.

	* elf/dl-hwcaps.h: New file.
	* elf/dl-hwcaps.c: Include it.
	(_dl_important_hwcaps)[HAVE_TUNABLES]: Read and update
	glibc.tune.hwcap_mask.
	* elf/dl-cache.c: Include dl-hwcaps.h.
	(_dl_load_cache_lookup)[HAVE_TUNABLES]: Read
	glibc.tune.hwcap_mask.
	* sysdeps/sparc/sparc32/dl-machine.h: Likewise.
	* elf/dl-support.c (_dl_hwcap2)[HAVE_TUNABLES]: Drop
	_dl_hwcap_mask.
	* elf/rtld.c (rtld_global_ro)[HAVE_TUNABLES]: Drop
	_dl_hwcap_mask.
	(process_envvars)[HAVE_TUNABLES]: Likewise.
	* sysdeps/generic/ldsodefs.h (rtld_global_ro)[HAVE_TUNABLES]:
	Likewise.
	* sysdeps/x86/cpu-features.c (init_cpu_features): Don't
	initialize dl_hwcap_mask when tunables are enabled.
2017-06-07 11:11:38 +05:30
Siddhesh Poyarekar
ea9b0ecbf0 tunables: Add LD_HWCAP_MASK to tunables
Add LD_HWCAP_MASK to tunables in preparation of it being removed from
rtld.c.  This allows us to read LD_HWCAP_MASK much earlier so that it
can influence IFUNC resolution in aarch64.

This patch does not actually do anything other than read the
LD_HWCAP_MASK variable and add the tunables way to set the
LD_HWCAP_MASK, i.e. via the glibc.tune.hwcap_mask tunable.  In a
follow-up patch, the _dl_hwcap_mask will be replaced with
glibc.tune.hwcap_mask to complete the transition.

	* elf/dl-tunables.list: Add glibc.tune.hwcap_mask.
	* scripts/gen-tunables.awk: Include dl-procinfo.h.
	* manual/tunables.texi: Document glibc.tune.hwcap_mask.
2017-06-07 11:11:37 +05:30
Siddhesh Poyarekar
44330b6d32 tunables: Clean up hooks to get and set tunables
The TUNABLE_SET_VALUE and family of macros (and my later attempt to
add a TUNABLE_GET) never quite went together very well because the
overall interface was not clearly defined.  This patch is an attempt
to do just that.

This patch consolidates the API to two simple sets of macros,
TUNABLE_GET* and TUNABLE_SET*.  If TUNABLE_NAMESPACE is defined,
TUNABLE_GET takes just the tunable name, type and a (optionally NULL)
callback function to get the value of the tunable.  The callback
function, if non-NULL, is called if the tunable was externally set
(i.e. via GLIBC_TUNABLES or any future mechanism).  For example:

    val = TUNABLE_GET (check, int32_t, check_callback)

returns the value of the glibc.malloc.check tunable (assuming
TUNABLE_NAMESPACE is set to malloc) as an int32_t into VAL after
calling check_callback.

Likewise, TUNABLE_SET can be used to set the value of the tunable,
although this is currently possible only in the dynamic linker before
it relocates itself.  For example:

  TUNABLE_SET (check, int32_t, 2)

will set glibc.malloc.check to 2.  Of course, this is not possible
since we set (or read) glibc.malloc.check long after it is relocated.

To access or set a tunable outside of TUNABLE_NAMESPACE, use the
TUNABLE_GET_FULL and TUNABLE_SET_FULL macros, which have the following
prototype:

  TUNABLE_GET_FULL (glibc, tune, hwcap_mask, uint64_t, NULL)
  TUNABLE_SET_FULL (glibc, tune, hwcap_mask, uint64_t, 0xffff)

In future the tunable list may get split into mutable and immutable
tunables where mutable tunables can be modified by the library and
userspace after relocation as well and TUNABLE_SET will be more useful
than it currently is.  However whenever we actually do that split, we
will have to ensure that the mutable tunables are protected with
locks.

	* elf/Versions (__tunable_set_val): Rename to __tunable_get_val.
	* elf/dl-tunables.c: Likewise.
	(do_tunable_update_val): New function.
	(__tunable_set_val): New function.
	(__tunable_get_val): Call CB only if the tunable was externally
	initialized.
	(tunables_strtoul): Replace strval with initialized.
	* elf/dl-tunables.h (strval): Replace with a bool initialized.
	(TUNABLE_ENUM_NAME, TUNABLE_ENUM_NAME1): Adjust names to
	prevent collision.
	(__tunable_set_val): New function.
	(TUNABLE_GET, TUNABLE_GET_FULL): New macros.
	(TUNABLE_SET, TUNABLE_SET_FULL): Likewise.
	(TUNABLE_SET_VAL): Remove.
	(TUNABLE_SET_VAL_WITH_CALLBACK): Likewise.
	* README.tunables: Document the new macros.
	* malloc/arena.c (ptmalloc_init): Adjust.
2017-06-07 11:11:36 +05:30
H.J. Lu
81efada528 Make __tunables_init hidden and avoid PLT
Since __tunables_init is internal to ld.so, we should mark it hidden
to avoid PLT.  We should also avoid PLT when calling __tunable_set_val
within ld.so.

2017-05-25   Siddhesh Poyarekar  <siddhesh@sourceware.org>
	     H.J. Lu  <hongjiu.lu@intel.com>

	* elf/dl-tunables.c (__tunable_set_val): Make a hidden alias.
	* elf/dl-tunables.h (__tunables_init): Mark it hidden in rtld.
	(__tunable_set_val): Likewise.
2017-05-25 06:55:58 -07:00
Siddhesh Poyarekar
ce79740bdb Reduce value of LD_HWCAP_MASK for tst-env-setuid test case
It was discovered that the dynamic linker allocates a massive amount
of memory that increases with the value of LD_HWCAP_MASK.  Due to
this, setting its value to 0xffffffff in the environment of
tst-env-setuid would cause it to fail in some environments where
overcommit was disabled or severely constrained because malloc would
fail.

Since this test is only concerned with the value of LD_HWCAP_MASK
envvar being conserved (or not, for setxid binaries), lower its value
to avoid spurious failures.

The allocation bug is reported as #21502.
2017-05-19 01:42:01 +05:30
Siddhesh Poyarekar
ad2f35cb39 tunables: Add support for tunables of uint64_t type
Recognize the uint64_t type in addition to the current int32_t and
size_t.  This allows addition of tunables of uint64_t types.  In
addition to adding the uint64_t type, this patch also consolidates
validation and reading of integer types in tunables.

One notable change is that of overflow computation in
tunables_strtoul.  The function was lifted from __internal_strtoul,
but it does not need the boundary condition check (i.e. result ==
ULONG_MAX) since it does not need to set errno.  As a result the check
can be simplified, which I have now done.

	* elf/dl-tunable-types.h (tunable_type_code_t): New type
	TUNABLE_TYPE_UINT_64.
	* elf/dl-tunables.c (tunables_strtoul): Return uint64_t.
	Simplify computation of overflow.
	(tunable_set_val_if_valid_range_signed,
	tunable_set_val_if_valid_range_unsigned): Remove and replace
	with this...
	(TUNABLE_SET_VAL_IF_VALID_RANGE): ... New macro.
	(tunable_initialize): Adjust.  Add uint64_t support.
	(__tunable_set_val): Add uint64_t support.
	* README.tunables: Document it.
2017-05-17 13:11:55 +05:30
Zack Weinberg
7c3018f9e4 Suppress internal declarations for most of the testsuite.
This patch adds a new build module called 'testsuite'.
IS_IN (testsuite) implies _ISOMAC, as do IS_IN_build and __cplusplus
(which means several ad-hoc tests for __cplusplus can go away).
libc-symbols.h now suppresses almost all of *itself* when _ISOMAC is
defined; in particular, _ISOMAC mode does not get config.h
automatically anymore.

There are still quite a few tests that need to see internal gunk of
one variety or another.  For them, we now have 'tests-internal' and
'test-internal-extras'; files in this category will still be compiled
with MODULE_NAME=nonlib, and everything proceeds as it always has.
The bulk of this patch is moving tests from 'tests' to
'tests-internal'.  There is also 'tests-static-internal', which has
the same effect on files in 'tests-static', and 'modules-names-tests',
which has the *inverse* effect on files in 'modules-names' (it's
inverted because most of the things in modules-names are *not* tests).
For both of these, the file must appear in *both* the new variable and
the old one.

There is also now a special case for when libc-symbols.h is included
without MODULE_NAME being defined at all.  (This happens during the
creation of libc-modules.h, and also when preprocessing Versions
files.)  When this happens, IS_IN is set to be always false and
_ISOMAC is *not* defined, which was the status quo, but now it's
explicit.

The remaining changes to C source files in this patch seemed likely to
cause problems in the absence of the main change.  They should be
relatively self-explanatory.  In a few cases I duplicated a definition
from an internal header rather than move the test to tests-internal;
this was a judgement call each time and I'm happy to change those
however reviewers feel is more appropriate.

	* Makerules: New subdir configuration variables 'tests-internal'
	and 'test-internal-extras'.  Test files in these categories will
	still be compiled with MODULE_NAME=nonlib.  Test files in the
	existing categories (tests, xtests, test-srcs, test-extras) are
	now compiled with MODULE_NAME=testsuite.
	New subdir configuration variable 'modules-names-tests'.  Files
	which are in both 'modules-names' and 'modules-names-tests' will
	be compiled with MODULE_NAME=testsuite instead of
	MODULE_NAME=extramodules.
	(gen-as-const-headers): Move to tests-internal.
	(do-tests-clean, common-mostlyclean): Support tests-internal.
	* Makeconfig (built-modules): Add testsuite.
	* Makefile: Change libof-check-installed-headers-c and
	libof-check-installed-headers-cxx to 'testsuite'.
	* Rules: Likewise.  Support tests-internal.
	* benchtests/strcoll-inputs/filelist#en_US.UTF-8:
	Remove extra-modules.mk.

	* config.h.in: Don't check for __OPTIMIZE__ or __FAST_MATH__ here.
	* include/libc-symbols.h: Move definitions of _GNU_SOURCE,
	PASTE_NAME, PASTE_NAME1, IN_MODULE, IS_IN, and IS_IN_LIB to the
	very top of the file and rationalize their order.
	If MODULE_NAME is not defined at all, define IS_IN to always be
	false, and don't define _ISOMAC.
	If any of IS_IN (testsuite), IS_IN_build, or __cplusplus are
	true, define _ISOMAC and suppress everything else in this file,
	starting with the inclusion of config.h.
	Do check for inappropriate definitions of __OPTIMIZE__ and
	__FAST_MATH__ here, but only if _ISOMAC is not defined.
        Correct some out-of-date commentary.

	* include/math.h: If _ISOMAC is defined, undefine NO_LONG_DOUBLE
	and _Mlong_double_ before including math.h.
	* include/string.h: If _ISOMAC is defined, don't expose
	_STRING_ARCH_unaligned. Move a comment to a more appropriate
	location.

	* include/errno.h, include/stdio.h, include/stdlib.h, include/string.h
	* include/time.h, include/unistd.h, include/wchar.h: No need to
	check __cplusplus nor use __BEGIN_DECLS/__END_DECLS.

	* misc/sys/cdefs.h (__NTHNL): New macro.
	* sysdeps/m68k/m680x0/fpu/bits/mathinline.h
	(__m81_defun): Use __NTHNL to avoid errors with GCC 6.

	* elf/tst-env-setuid-tunables.c: Include config.h with _LIBC
	defined, for HAVE_TUNABLES.
	* inet/tst-checks-posix.c: No need to define _ISOMAC.
	* intl/tst-gettext2.c: Provide own definition of N_.
	* math/test-signgam-finite-c99.c: No need to define _ISOMAC.
	* math/test-signgam-main.c: No need to define _ISOMAC.
	* stdlib/tst-strtod.c: Convert to test-driver. Split locale_test to...
	* stdlib/tst-strtod1i.c: ...this new file.
	* stdlib/tst-strtod5.c: Convert to test-driver and add copyright notice.
        Split tests of __strtod_internal to...
	* stdlib/tst-strtod5i.c: ...this new file.
	* string/test-string.h: Include stdint.h. Duplicate definition of
	inhibit_loop_to_libcall here (from libc-symbols.h).
	* string/test-strstr.c: Provide dummy definition of
	libc_hidden_builtin_def when including strstr.c.
	* sysdeps/ia64/fpu/libm-symbols.h: Suppress entire file in _ISOMAC
	mode; no need to test __STRICT_ANSI__ nor __cplusplus as well.
	* sysdeps/x86_64/fpu/math-tests-arch.h: Include cpu-features.h.
	Don't include init-arch.h.
	* sysdeps/x86_64/multiarch/test-multiarch.h: Include cpu-features.h.
	Don't include init-arch.h.

	* elf/Makefile: Move tst-ptrguard1-static, tst-stackguard1-static,
	tst-tls1-static, tst-tls2-static, tst-tls3-static, loadtest,
	unload, unload2, circleload1, neededtest, neededtest2,
	neededtest3, neededtest4, tst-tls1, tst-tls2, tst-tls3,
	tst-tls6, tst-tls7, tst-tls8, tst-dlmopen2, tst-ptrguard1,
	tst-stackguard1, tst-_dl_addr_inside_object, and all of the
	ifunc tests to tests-internal.
	Don't add $(modules-names) to test-extras.
	* inet/Makefile: Move tst-inet6_scopeid_pton to tests-internal.
	Add tst-deadline to tests-static-internal.
	* malloc/Makefile: Move tst-mallocstate and tst-scratch_buffer to
	tests-internal.
	* misc/Makefile: Move tst-atomic and tst-atomic-long to tests-internal.
	* nptl/Makefile: Move tst-typesizes, tst-rwlock19, tst-sem11,
	tst-sem12, tst-sem13, tst-barrier5, tst-signal7, tst-tls3,
	tst-tls3-malloc, tst-tls5, tst-stackguard1, tst-sem11-static,
	tst-sem12-static, and tst-stackguard1-static to tests-internal.
        Link tests-internal with libpthread also.
	Don't add $(modules-names) to test-extras.
	* nss/Makefile: Move tst-field to tests-internal.
	* posix/Makefile: Move bug-regex5, bug-regex20, bug-regex33,
	tst-rfc3484, tst-rfc3484-2, and tst-rfc3484-3 to tests-internal.
	* stdlib/Makefile: Move tst-strtod1i, tst-strtod3, tst-strtod4,
	tst-strtod5i, tst-tls-atexit, and tst-tls-atexit-nodelete to
	tests-internal.
        * sunrpc/Makefile: Move tst-svc_register to tests-internal.
	* sysdeps/powerpc/Makefile: Move test-get_hwcap and
	test-get_hwcap-static to tests-internal.
	* sysdeps/unix/sysv/linux/Makefile: Move tst-setgetname to
	tests-internal.
	* sysdeps/x86_64/fpu/Makefile: Add all libmvec test modules to
	modules-names-tests.
2017-05-11 19:27:59 -04:00
Zack Weinberg
2bfdaeddaa Rename cppflags-iterator.mk to libof-iterator.mk, remove extra-modules.mk.
cppflags-iterator.mk no longer has anything to do with CPPFLAGS; all
it does is set libof-$(foo) for a list of files.  extra-modules.mk
does the same thing, but with a different input variable, and doesn't
let the caller control the module.  Therefore, this patch gives
cppflags-iterator.mk a better name, removes extra-modules.mk, and
updates all uses of both.

	* extra-modules.mk: Delete file.
	* cppflags-iterator.mk: Rename to ...
	* libof-iterator.mk: ...this.  Adjust comments.

	* Makerules, extra-lib.mk, benchtests/Makefile, elf/Makefile
	* elf/rtld-Rules, iconv/Makefile, locale/Makefile, malloc/Makefile
	* nscd/Makefile, sunrpc/Makefile, sysdeps/s390/Makefile:
	Use libof-iterator.mk instead of cppflags-iterator.mk or
	extra-modules.mk.

	* benchtests/strcoll-inputs/filelist#en_US.UTF-8: Remove
	extra-modules.mk and cppflags-iterator.mk, add libof-iterator.mk.
2017-05-09 07:06:29 -04:00
Florian Weimer
cef9b65376 Assume that O_CLOEXEC is always defined and works 2017-04-18 14:56:51 +02:00
Florian Weimer
a12ae89f86 Assume that O_NOFOLLOW is always defined 2017-04-13 21:28:18 +02:00
Paul Clarke
d031600dd2 Support auxilliary vector components for cache geometries.
Add support to getauxval() for new types to get L1, L2, L3 cache sizes,
cache line sizes, and cache associativities.  The new types for
getauxval() were added in the stream for Linux kernel v4.11 in commit
98a5f361b8625c6f4841d6ba013bbf0e80d08147.

	* elf/elf.h (AT_L1I_CACHESIZE, AT_L1I_CACHEGEOMETRY, AT_L1D_CACHESIZE,
	AT_L1D_CACHEGEOMETRY, AT_L2_CACHESIZE, AT_L2_CACHEGEOMETRY,
	AT_L3_CACHESIZE, AT_L3_CACHEGEOMETRY): New.  Add auxvec
	identifiers from kernel arch/powerpc/include/uapi/asm/auxvec.h.
2017-04-11 14:05:54 -03:00
Dmitry V. Levin
9ace4692b2 Check for __mprotect failure in _dl_map_segments [BZ #20831]
* elf/dl-map-segments.h (_dl_map_segments): Check for failure
of __mprotect to change protection on the excess portion
to disallow all access.
2017-04-09 23:34:33 +00:00
H.J. Lu
12fb180108 Define TEST_FUNCTION_ARGV in elf/tst-dlopen-aout.c
* elf/tst-dlopen-aout.c (TEST_FUNCTION): Removed.
	(TEST_FUNCTION_ARGV): New.
2017-04-05 14:09:38 -07:00
Wainer dos Santos Moschetta
36fe25fd0e Update elf tests to use the support test driver.
Replaced test-skeleton.c with support/test-driver.c and
adjusted the tests accordinly.

Checked on x86_64.

	* elf/next.c: Import support/test-driver.c instead of
	test-skeleton.c and delete TEST_FUNCTION macro definition.
	* elf/nodelete.c: Likewise.
	* elf/order2.c: Likewise.
	* elf/tst-_dl_addr_inside_object.c: Likewise.
	* elf/tst-addr1.c: Likewise.
	* elf/tst-align.c: Likewise.
	* elf/tst-align2.c: Likewise.
	* elf/tst-audit11.c: Likewise.
	* elf/tst-audit12.c: Likewise.
	* elf/tst-audit2.c: Likewise.
	* elf/tst-audit9.c: Likewise.
	* elf/tst-auxv.c: Likewise and define
	TEST_FUNCTION_ARGV macro.
	* elf/tst-deep1.c: Likewise.
	* elf/tst-dl-iter-static.c: Likewise.
	* elf/tst-dlmodcount.c: Likewise.
	* elf/tst-dlmopen1.c: Likewise.
	* elf/tst-dlmopen2.c: Likewise.
	* elf/tst-dlmopen3.c: Likewise.
	* elf/tst-dlopen-aout.c: Likewise.
	* elf/tst-dlopenrpath.c: Likewise.
	* elf/tst-dlsym-error.c: Likewise.
	* elf/tst-execstack-needed.c: Likewise.
	* elf/tst-execstack-prog.c: Likewise.
	* elf/tst-execstack.c: Likewise.
	* elf/tst-global1.c: Likewise.
	* elf/tst-gnu2-tls1.c: Likewise.
	* elf/tst-latepthread.c: Likewise.
	* elf/tst-leaks1.c: Likewise.
	* elf/tst-linkall-static.c: Likewise.
	(do_test): New function.
	* elf/tst-nodelete-opened.c: Likewise.
	* elf/tst-nodelete.cc: Likewise.
	* elf/tst-nodelete2.c: Likewise.
	* elf/tst-noload.c: Likewise.
	* elf/tst-null-argv.c: Likewise and define
	TEST_FUNCTION_ARGV marcro.
	* elf/tst-order-main.c: Likewise.
	* elf/tst-pathopt.c: Likewise.
	* elf/tst-pie2.c: Likewise.
	* elf/tst-piemod1.c: Likewise.
	* elf/tst-prelink.c: Likewise.
	* elf/tst-protected1a.c: Likewise.
	* elf/tst-protected1b.c: Likewise.
	* elf/tst-ptrguard1.c: Likewise, import getopt.h,
	and define _GNU_SOURCE macro.
	(cmdline_process_function): New function.
	* elf/tst-relsort1.c: Likewise.
	* elf/tst-stackguard1.c: Likewise, import getopt.h,
	and define _GNU_SOURCE macro.
	(cmdline_process_function): New function.
	* elf/tst-thrlock.c: Likewise.
	* elf/tst-tls-dlinfo.c: Likewise.
	* elf/tst-tls-manydynamic.c: Likewise and import
	support/xthread.h.
	* elf/tst-tls1.c: Likewise.
	* elf/tst-tls10.c: Likewise.
	* elf/tst-tls11.c: Likewise.
	* elf/tst-tls12.c: Likewise.
	* elf/tst-tls13.c: Likewise.
	* elf/tst-tls14.c: Likewise.
	* elf/tst-tls15.c: Likewise.
	* elf/tst-tls16.c: Likewise.
	* elf/tst-tls17.c: Likewise.
	* elf/tst-tls18.c: Likewise.
	* elf/tst-tls19.c: Likewise.
	* elf/tst-tls2.c: Likewise.
	* elf/tst-tls3.c: Likewise.
	* elf/tst-tls4.c: Likewise.
	* elf/tst-tls5.c: Likewise.
	* elf/tst-tls6.c: Likewise.
	* elf/tst-tls7.c: Likewise.
	* elf/tst-tls8.c: Likewise.
	* elf/tst-tls9.c: Likewise.
	* elf/tst-tlsalign-extern.c: Likewise.
	* elf/tst-tlsalign.c: Likewise.
	* elf/tst-unique1.c: Likewise.
	* elf/tst-unique2.c: Likewise.
	* elf/vismain.c: Likewise.
2017-04-05 10:34:58 -03:00
Sunyeop Lee
65eff7fbdb Update old tunables framework document/script.
Since commit 8b9e9c3c0b, security_level replaces
is_secure. There were some old files need to be updated.

2017-03-23  Sunyeop Lee  <sunyeop97@gmail.com>

	* README.tunables: Updated descriptions.
	* elf/dl-tunables.list: Fixed typo: SXID_NONE -> NONE.
	* scripts/gen-tunables.awk: Updated the code related to the commit.
2017-03-24 11:08:28 +05:30
Wilco Dijkstra
ae65d4f3c3 Remove the str(n)dup inlines from string/bits/string2.h. Although inlining
calls with constant strings shows a small (~10%) performance gain, strdup is
typically used in error reporting code, so not performance critical.
Remove the now unused __need_malloc_and_calloc related defines from stdlib.h.

Rename existing uses of str(n)dup to __str(n)dup so it no longer needs to be
redirected to a builtin.  Also building GLIBC with -Os now no longer shows
localplt or linkname space failures (partial fix for BZ #15105 and BZ #19463).

        [BZ #15105]
        [BZ #19463]
        * elf/dl-cache.c (_dl_load_cache_lookup): Use __strdup.
        * inet/rcmd.c (rcmd_af): Likewise.
        * inet/rexec.c   (rexec_af): Likewise.
        * intl/dcigettext.c (_LIBC): Likewise.
        * intl/finddomain.c (_nl_find_domain): Use strdup expansion.
        * locale/loadarchive.c (_nl_load_locale_from_archive): Use __strdup.
        * locale/setlocale.c (setlocale): Likewise.
        * posix/spawn_faction_addopen.c
        (posix_spawn_file_actions_addopen): Likewise.
        * stdlib/putenv.c (putenv): Use __strndup.
        * sunrpc/svc_simple.c (__registerrpc): Use __strdup.
        * sysdeps/posix/getaddrinfo.c (gaih_inet): Use __strdup/__strndup.
        * include/stdlib.h (__need_malloc_and_calloc): Remove uses.
        (__Need_M_And_C) Remove define/undef.
        * stdlib/stdlib.h (__need_malloc_and_calloc): Remove uses.
        (__malloc_and_calloc_defined): Remove define.
        * string/bits/string2.h (__strdup): Remove define.
        (strdup): Likewise.
        (__strndup): Likewise.
        (strndup): Likewise.
2017-03-13 18:45:42 +00:00
Siddhesh Poyarekar
1c1243b6fc Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (bug #21209)
The LD_HWCAP_MASK environment variable may alter the selection of
function variants for some architectures.  For AT_SECURE process it
means that if an outdated routine has a bug that would otherwise not
affect newer platforms by default, LD_HWCAP_MASK will allow that bug
to be exploited.

To be on the safe side, ignore and disable LD_HWCAP_MASK for setuid
binaries.

	[BZ #21209]
	* elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for
	AT_SECURE processes.
	* sysdeps/generic/unsecvars.h: Add LD_HWCAP_MASK.
	* elf/tst-env-setuid.c (test_parent): Test LD_HWCAP_MASK.
	(test_child): Likewise.
	* elf/Makefile (tst-env-setuid-ENV): Add LD_HWCAP_MASK.
2017-03-07 20:52:04 +05:30
Florian Weimer
a10e9c4e53 Remove header file inclusion guard from elf/get-dynamic-info.h
This file is included multiple times, so the guard is harmful.
Fixes commit 9090848d06.
2017-03-02 17:28:41 +01:00
Zack Weinberg
9090848d06 Narrowing the visibility of libc-internal.h even further.
posix/wordexp-test.c used libc-internal.h for PTR_ALIGN_DOWN; similar
to what was done with libc-diag.h, I have split the definitions of
cast_to_integer, ALIGN_UP, ALIGN_DOWN, PTR_ALIGN_UP, and PTR_ALIGN_DOWN
to a new header, libc-pointer-arith.h.

It then occurred to me that the remaining declarations in libc-internal.h
are mostly to do with early initialization, and probably most of the
files including it, even in the core code, don't need it anymore.  Indeed,
only 19 files actually need what remains of libc-internal.h.  23 others
need libc-diag.h instead, and 12 need libc-pointer-arith.h instead.
No file needs more than one of them, and 16 don't need any of them!

So, with this patch, libc-internal.h stops including libc-diag.h as
well as losing the pointer arithmetic macros, and all including files
are adjusted.

        * include/libc-pointer-arith.h: New file.  Define
	cast_to_integer, ALIGN_UP, ALIGN_DOWN, PTR_ALIGN_UP, and
        PTR_ALIGN_DOWN here.
        * include/libc-internal.h: Definitions of above macros
	moved from here.  Don't include libc-diag.h anymore either.
	* posix/wordexp-test.c: Include stdint.h and libc-pointer-arith.h.
        Don't include libc-internal.h.

	* debug/pcprofile.c, elf/dl-tunables.c, elf/soinit.c, io/openat.c
	* io/openat64.c, misc/ptrace.c, nptl/pthread_clock_gettime.c
	* nptl/pthread_clock_settime.c, nptl/pthread_cond_common.c
	* string/strcoll_l.c, sysdeps/nacl/brk.c
	* sysdeps/unix/clock_settime.c
	* sysdeps/unix/sysv/linux/i386/get_clockfreq.c
	* sysdeps/unix/sysv/linux/ia64/get_clockfreq.c
	* sysdeps/unix/sysv/linux/powerpc/get_clockfreq.c
	* sysdeps/unix/sysv/linux/sparc/sparc64/get_clockfreq.c:
	Don't include libc-internal.h.

	* elf/get-dynamic-info.h, iconv/loop.c
	* iconvdata/iso-2022-cn-ext.c, locale/weight.h, locale/weightwc.h
	* misc/reboot.c, nis/nis_table.c, nptl_db/thread_dbP.h
	* nscd/connections.c, resolv/res_send.c, soft-fp/fmadf4.c
	* soft-fp/fmasf4.c, soft-fp/fmatf4.c, stdio-common/vfscanf.c
	* sysdeps/ieee754/dbl-64/e_lgamma_r.c
	* sysdeps/ieee754/dbl-64/k_rem_pio2.c
	* sysdeps/ieee754/flt-32/e_lgammaf_r.c
	* sysdeps/ieee754/flt-32/k_rem_pio2f.c
	* sysdeps/ieee754/ldbl-128/k_tanl.c
	* sysdeps/ieee754/ldbl-128ibm/k_tanl.c
	* sysdeps/ieee754/ldbl-96/e_lgammal_r.c
	* sysdeps/ieee754/ldbl-96/k_tanl.c, sysdeps/nptl/futex-internal.h:
	Include libc-diag.h instead of libc-internal.h.

        * elf/dl-load.c, elf/dl-reloc.c, locale/programs/locarchive.c
        * nptl/nptl-init.c, string/strcspn.c, string/strspn.c
	* malloc/malloc.c, sysdeps/i386/nptl/tls.h
	* sysdeps/nacl/dl-map-segments.h, sysdeps/x86_64/atomic-machine.h
	* sysdeps/unix/sysv/linux/spawni.c
        * sysdeps/x86_64/nptl/tls.h:
        Include libc-pointer-arith.h instead of libc-internal.h.

	* elf/get-dynamic-info.h, sysdeps/nacl/dl-map-segments.h
	* sysdeps/x86_64/atomic-machine.h:
        Add multiple include guard.
2017-03-01 20:33:46 -05:00
Zack Weinberg
ceaa98897c Add missing header files throughout the testsuite.
* crypt/md5.h: Test _LIBC with #if defined, not #if.
	* dirent/opendir-tst1.c: Include sys/stat.h.
	* dirent/tst-fdopendir.c: Include sys/stat.h.
	* dirent/tst-fdopendir2.c: Include stdlib.h.
	* dirent/tst-scandir.c: Include stdbool.h.
	* elf/tst-auditmod1.c: Include link.h and stddef.h.
	* elf/tst-tls15.c: Include stdlib.h.
	* elf/tst-tls16.c: Include stdlib.h.
	* elf/tst-tls17.c: Include stdlib.h.
	* elf/tst-tls18.c: Include stdlib.h.
	* iconv/tst-iconv6.c: Include endian.h.
	* iconvdata/bug-iconv11.c: Include limits.h.
	* io/test-utime.c: Include stdint.h.
	* io/tst-faccessat.c: Include sys/stat.h.
	* io/tst-fchmodat.c: Include sys/stat.h.
	* io/tst-fchownat.c: Include sys/stat.h.
	* io/tst-fstatat.c: Include sys/stat.h.
	* io/tst-futimesat.c: Include sys/stat.h.
	* io/tst-linkat.c: Include sys/stat.h.
	* io/tst-mkdirat.c: Include sys/stat.h and stdbool.h.
	* io/tst-mkfifoat.c: Include sys/stat.h and stdbool.h.
	* io/tst-mknodat.c: Include sys/stat.h and stdbool.h.
	* io/tst-openat.c: Include stdbool.h.
	* io/tst-readlinkat.c: Include sys/stat.h.
	* io/tst-renameat.c: Include sys/stat.h.
	* io/tst-symlinkat.c: Include sys/stat.h.
	* io/tst-unlinkat.c: Include stdbool.h.
	* libio/bug-memstream1.c: Include stdlib.h.
	* libio/bug-wmemstream1.c: Include stdlib.h.
	* libio/tst-fwrite-error.c: Include stdlib.h.
	* libio/tst-memstream1.c: Include stdlib.h.
	* libio/tst-memstream2.c: Include stdlib.h.
	* libio/tst-memstream3.c: Include stdlib.h.
	* malloc/tst-interpose-aux.c: Include stdint.h.
	* misc/tst-preadvwritev-common.c: Include sys/stat.h.
	* nptl/tst-basic7.c: Include limits.h.
	* nptl/tst-cancel25.c: Include pthread.h, not pthreadP.h.
	* nptl/tst-cancel4.c: Include stddef.h, limits.h, and sys/stat.h.
	* nptl/tst-cancel4_1.c: Include stddef.h.
	* nptl/tst-cancel4_2.c: Include stddef.h.
	* nptl/tst-cond16.c: Include limits.h.
	Use sysconf(_SC_PAGESIZE) instead of __getpagesize.
	* nptl/tst-cond18.c: Include limits.h.
	Use sysconf(_SC_PAGESIZE) instead of __getpagesize.
	* nptl/tst-cond4.c: Include stdint.h.
	* nptl/tst-cond6.c: Include stdint.h.
	* nptl/tst-stack2.c: Include limits.h.
	* nptl/tst-stackguard1.c: Include stddef.h.
	* nptl/tst-tls4.c: Include stdint.h. Don't include tls.h.
	* nptl/tst-tls4moda.c: Include stddef.h.
	Don't include stdio.h, unistd.h, or tls.h.
	* nptl/tst-tls4modb.c: Include stddef.h.
	Don't include stdio.h, unistd.h, or tls.h.
	* nptl/tst-tls5.h: Include stddef.h. Don't include stdlib.h or tls.h.
	* posix/tst-getaddrinfo2.c: Include stdio.h.
	* posix/tst-getaddrinfo5.c: Include stdio.h.
	* posix/tst-pathconf.c: Include sys/stat.h.
	* posix/tst-posix_fadvise-common.c: Include stdint.h.
	* posix/tst-preadwrite-common.c: Include sys/stat.h.
	* posix/tst-regex.c: Include stdint.h.
	Don't include spawn.h or spawn_int.h.
	* posix/tst-regexloc.c: Don't include spawn.h or spawn_int.h.
	* posix/tst-vfork3.c: Include sys/stat.h.
	* resolv/tst-bug18665-tcp.c: Include stdlib.h.
	* resolv/tst-res_hconf_reorder.c: Include stdlib.h.
	* resolv/tst-resolv-search.c: Include stdlib.h.
	* stdio-common/tst-fmemopen2.c: Include stdint.h.
	* stdio-common/tst-vfprintf-width-prec.c: Include stdlib.h.
	* stdlib/test-canon.c: Include sys/stat.h.
	* stdlib/tst-tls-atexit.c: Include stdbool.h.
	* string/test-memchr.c: Include stdint.h.
	* string/tst-cmp.c: Include stdint.h.
	* sysdeps/pthread/tst-timer.c: Include stdint.h.
	* sysdeps/unix/sysv/linux/tst-sync_file_range.c: Include stdint.h.
	* sysdeps/wordsize-64/tst-writev.c: Include limits.h and stdint.h.
	* sysdeps/x86_64/fpu/math-tests-arch.h: Include cpu-features.h.
	Don't include init-arch.h.
	* sysdeps/x86_64/multiarch/test-multiarch.h: Include cpu-features.h.
	Don't include init-arch.h.
	* sysdeps/x86_64/tst-auditmod10b.c: Include link.h and stddef.h.
	* sysdeps/x86_64/tst-auditmod3b.c: Include link.h and stddef.h.
	* sysdeps/x86_64/tst-auditmod4b.c: Include link.h and stddef.h.
	* sysdeps/x86_64/tst-auditmod5b.c: Include link.h and stddef.h.
	* sysdeps/x86_64/tst-auditmod6b.c: Include link.h and stddef.h.
	* sysdeps/x86_64/tst-auditmod6c.c: Include link.h and stddef.h.
	* sysdeps/x86_64/tst-auditmod7b.c: Include link.h and stddef.h.
	* time/clocktest.c: Include stdint.h.
	* time/tst-posixtz.c: Include stdint.h.
	* timezone/tst-timezone.c: Include stdint.h.
2017-02-16 17:33:18 -05:00
Siddhesh Poyarekar
8cbc826c37 Fix getting tunable values on big-endian (BZ #21109)
The code to set value passed a tunable_val_t, which when cast to
int32_t on big-endian gives the wrong value.  Instead, use
tunable_val_t.numval instead, which can then be safely cast into
int32_t.
2017-02-08 14:17:17 +05:30
Siddhesh Poyarekar
53aa04a86c tunables: Fail tests correctly when setgid does not work
The child process of the tst-env-setuid process was failing correctly
with EXIT_UNSUPPORTED but the parent did not carry that status forward
and failed instead.  This patch fixes this so that tests on nosuid
/tmp fails gracefully with UNSUPPORTED.  Tested by making my tmpfs
nosuid.

	* elf/tst-env-setuid.c (do_execve): Return EXIT_UNSUPPORTED in
	parent if child exited in that manner.  Print WEXITSTATUS
	instead of the raw status.
	(do_test_prep): Rename to do_test.
	(do_test): Return the result of run_executable_sgid.
	(TEST_FUNCTION_ARGV): Adjust.
2017-02-04 12:02:37 +05:30
Alexandre Oliva
d675eaf7d9 Bug 20915: Do not initialize DTV of other threads.
In _dl_nothread_init_static_tls() and init_one_static_tls() we must not
touch the DTV of other threads since we do not have ownership of them.
The DTV need not be initialized at this point anyway since only LD/GD
accesses will use them. If LD/GD accesses occur they will take care to
initialize their own thread's DTV.

Concurrency comments were removed from the patch since they need to be
reworked along with a full description of DTV ownership and when it is
or is not safe to modify these structures.

Alexandre Oliva's original patch and discussion:
https://sourceware.org/ml/libc-alpha/2016-09/msg00512.html
2017-02-03 21:34:14 -05:00
Siddhesh Poyarekar
ed8d5ffd0a Drop GLIBC_TUNABLES for setxid programs when tunables is disabled (bz #21073)
A setxid program that uses a glibc with tunables disabled may pass on
GLIBC_TUNABLES as is to its child processes.  If the child process
ends up using a different glibc that has tunables enabled, it will end
up getting access to unsafe tunables.  To fix this, remove
GLIBC_TUNABLES from the environment for setxid process.

	* sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES.
	* elf/tst-env-setuid-tunables.c
	(test_child_tunables)[!HAVE_TUNABLES]: Verify that
	GLIBC_TUNABLES is removed in a setgid process.
2017-02-02 15:50:24 +05:30
Siddhesh Poyarekar
8b9e9c3c0b tunables: Fix environment variable processing for setuid binaries (bz #21073)
Florian Weimer pointed out that we have three different kinds of
environment variables (and hence tunables):

1. Variables that are removed for setxid processes
2. Variables that are ignored in setxid processes but is passed on to
   child processes
3. Variables that are passed on to child processes all the time

Tunables currently only does (2) and (3) when it should be doing (1)
for MALLOC_CHECK_.  This patch enhances the is_secure flag in tunables
to an enum value that can specify which of the above three categories
the tunable (and its envvar alias) belongs to.

The default is for tunables to be in (1).  Hence, all of the malloc
tunables barring MALLOC_CHECK_ are explicitly specified to belong to
category (2).  There were discussions around abolishing category (2)
completely but we can do that as a separate exercise in 2.26.

Tested on x86_64 to verify that there are no regressions.

	[BZ #21073]
	* elf/dl-tunable-types.h (tunable_seclevel_t): New enum.
	* elf/dl-tunables.c (tunables_strdup): Remove.
	(get_next_env): Also return the previous envp.
	(parse_tunables): Erase tunables of category
	TUNABLES_SECLEVEL_SXID_ERASE.
	(maybe_enable_malloc_check): Make MALLOC_CHECK_
	TUNABLE_SECLEVEL_NONE if /etc/setuid-debug is accessible.
	(__tunables_init)[TUNABLES_FRONTEND ==
	TUNABLES_FRONTEND_valstring]: Update GLIBC_TUNABLES envvar
	after parsing.
	[TUNABLES_FRONTEND != TUNABLES_FRONTEND_valstring]: Erase
	tunable envvars of category TUNABLES_SECLEVEL_SXID_ERASE.
	* elf/dl-tunables.h (struct _tunable): Change member is_secure
	to security_level.
	* elf/dl-tunables.list: Add security_level annotations for all
	tunables.
	* scripts/gen-tunables.awk: Recognize and generate enum values
	for security_level.
	* elf/tst-env-setuid.c: New test case.
	* elf/tst-env-setuid-tunables: new test case.
	* elf/Makefile (tests-static): Add them.
2017-02-02 15:50:16 +05:30
DJ Delorie
f3bef6a748 * elf/dl-tunables.c (tunable_set_val_if_valid_range): Split into ...
(tunable_set_val_if_valid_range_signed) ... this, and ...
(tunable_set_val_if_valid_range_unsigned) ... this.
(tunable_initialize): Call the correct one of the above based on type.
2017-01-20 19:55:53 -05:00
Siddhesh Poyarekar
41389c4049 Fix environment traversal when an envvar value is empty
The condition when the value of an envvar is empty (not just '\0'),
the loop in tunables_init gets stuck infinitely because envp is not
incremented.  Fix that by always incrementing envp in the loop.

Added test case (tst-empty-env.c) verifies the fix when the source is
configured with --enable-hardcoded-path-in-tests, thanks Josh Stone for
providing the test case.  Verified on x86_64.

	* elf/dl-tunables (get_next_env): Always advance envp.
	* stdlib/tst-empty-env.c: New test case.
	* stdlib/Makefile (tests): Use it.
2017-01-20 00:45:09 +05:30
Joseph Myers
38d01bd6df Fix elf/sotruss-lib format-truncation error.
Building 64-bit glibc with GCC mainline fails with:

../elf/sotruss-lib.c: In function 'la_version':
../elf/sotruss-lib.c:91:28: error: '%lu' directive output may be truncated writing between 1 and 20 bytes into a region of size 11 [-Werror=format-truncation=]
      snprintf (endp, 12, ".%lu", (unsigned long int) pid);
                            ^~~
../elf/sotruss-lib.c:91:26: note: using the range [1, 18446744073709551615] for directive argument
      snprintf (endp, 12, ".%lu", (unsigned long int) pid);
                          ^~~~~~
../elf/sotruss-lib.c:91:6: note: format output between 3 and 22 bytes into a destination of size 12
      snprintf (endp, 12, ".%lu", (unsigned long int) pid);
      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pids from getpid cannot actually be negative, but the compiler doesn't
know this.  Other places in this file use (signed) long int for
printing, so this patch makes this place do so as well.  Then it
increases the buffer size by one byte to allow for the minus sign that
can't actually occur.  It doesn't seem worth using diagnostic pragmas
to save one byte; other place in this file just use a cruder 3 *
sizeof (pid_t) calculation for number of digits.

Tested with GCC mainline with compilation for aarch64 with
build-many-glibcs.py, and with glibc testsuite for x86_64 (built with
GCC 6).

	* elf/sotruss-lib.c (init): Increase space allocated for pid by
	one byte.  Print it with %ld, cast to long int.
2017-01-11 13:57:59 +00:00
Siddhesh Poyarekar
d054a81ab3 tunables: Avoid getenv calls and disable glibc.malloc.check by default
Builds with --enable-tunables failed on i686 because a call to getenv
got snuck into tunables, which pulled in strncmp.  This patch fixes
this build failure by making the glibc.malloc.check check even
simpler.  The previous approach was convoluted where the tunable was
disabled using an unsetenv and overwriting the tunable value with
colons.  The easier way is to simply mark the tunable as insecure by
default (i.e. won't be read for AT_SECURE programs) and then enabled
only when the /etc/suid-debug file is found.

This also ends up removing a bunch of functions that were specially
reimplemented (strlen, unsetenv) to avoid calling into string
routines.

Tested on x86_64 and i686.

	* elf/dl-tunables.c (tunables_unsetenv): Remove function.
	(min_strlen): Likewise.
	(disable_tunable): Likewise.
	(maybe_disable_malloc_check): Rename to
	maybe_enable_malloc_check.
	(maybe_enable_malloc_check): Enable glibc.malloc.check tunable
	if /etc/suid-debug file exists.
	(__tunables_init): Update caller.
	* elf/dl-tunables.list (glibc.malloc.check): Don't mark as
	secure.
2017-01-10 16:35:58 +05:30
Joseph Myers
983a9637f7 Increase some test timeouts.
This patch increases timeouts on some tests I've observed timing out.

elf/tst-tls13 and iconvdata/tst-loading both dynamically load many
objects and so are slow when testing over NFS.  They had timeouts set
from before the default changed from 2 to 20 seconds; this patch
removes those old settings, so effectively increasing the timeout to
20 seconds (from 3 and 10 seconds respectively).

malloc/tst-malloc-thread-fail.c and malloc/tst-mallocfork2.c are slow
on slow systems and so I set a fairly arbitrary 100 second timeout,
which seems to suffice on the system where I saw them timing out.

nss/tst-cancel-getpwuid_r.c and nss/tst-nss-getpwent.c are slow on
systems with a large passwd file; I set timeouts that empirically
worked for me.  (It seems tst-cancel-getpwuid_r.c is hitting the
100000 getpwuid_r call limit in my testing, with each call taking a
bit over 0.007 seconds, so 700 seconds for the test.)

	* elf/tst-tls13.c (TIMEOUT): Remove.
	* iconvdata/tst-loading.c (TIMEOUT): Likewise.
	* malloc/tst-malloc-thread-fail.c (TIMEOUT): Increase to 100.
	* malloc/tst-mallocfork2.c (TIMEOUT): Define to 100.
	* nss/tst-cancel-getpwuid_r.c (TIMEOUT): Define to 900.
	* nss/tst-nss-getpwent.c (TIMEOUT): Define to 300.
2017-01-05 17:39:38 +00:00
Joseph Myers
d4d629e618 Fix elf/tst-ldconfig-X for cross testing.
elf/Makefile passes arguments to tst-ldconfig-X.sh that are different
from what it expects, so resulting in the test failing in cross
testing.  This patch corrects the arguments passed (the script itself
has correct logic for cross testing, it's just the Makefile that's
wrong).

Tested for powerpc (cross testing) and for x86_64 (native testing).

	* elf/Makefile ($(objpfx)tst-ldconfig-X.out): Correct arguments
	passed to tst-ldconfig-X.sh.
2017-01-03 15:11:17 +00:00
Joseph Myers
58b587c1f8 Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2017.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.

Please remember to include 2017 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).

	* NEWS: Update copyright dates.
	* catgets/gencat.c (print_version): Likewise.
	* csu/version.c (banner): Likewise.
	* debug/catchsegv.sh: Likewise.
	* debug/pcprofiledump.c (print_version): Likewise.
	* debug/xtrace.sh (do_version): Likewise.
	* elf/ldconfig.c (print_version): Likewise.
	* elf/ldd.bash.in: Likewise.
	* elf/pldd.c (print_version): Likewise.
	* elf/sotruss.sh: Likewise.
	* elf/sprof.c (print_version): Likewise.
	* iconv/iconv_prog.c (print_version): Likewise.
	* iconv/iconvconfig.c (print_version): Likewise.
	* locale/programs/locale.c (print_version): Likewise.
	* locale/programs/localedef.c (print_version): Likewise.
	* login/programs/pt_chown.c (print_version): Likewise.
	* malloc/memusage.sh (do_version): Likewise.
	* malloc/memusagestat.c (print_version): Likewise.
	* malloc/mtrace.pl: Likewise.
	* manual/libc.texinfo: Likewise.
	* nptl/version.c (banner): Likewise.
	* nscd/nscd.c (print_version): Likewise.
	* nss/getent.c (print_version): Likewise.
	* nss/makedb.c (print_version): Likewise.
	* posix/getconf.c (main): Likewise.
	* scripts/test-installation.pl: Likewise.
	* sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2017-01-01 00:26:24 +00:00
Joseph Myers
bfff8b1bec Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
Florian Weimer
3c589b1a8a tunables: Use correct unused attribute 2016-12-31 20:27:36 +01:00
Siddhesh Poyarekar
6765d5d34d Enhance --enable-tunables to select tunables frontend at build time
At the GNU Tools Cauldron 2016, the state of the current tunables
patchset was considered OK with the addition of a way to select the
frontend to be used for the tunables.  That is, to avoid being locked
in to one type of frontend initially, it should be possible to build
tunables with a different frontend with something as simple as a
configure switch.

To that effect, this patch enhances the --enable-tunables option to
accept more values than just 'yes' or 'no'.  The current frontend (and
default when enable-tunables is 'yes') is called 'valstring', to
select the frontend where a single environment variable is set to a
colon-separated value string.  More such frontends can be added in
future.

	* Makeconfig (have-tunables): Check for non-negative instead
	of positive.
	* configure.ac: Add 'valstring' as a valid value for
	--enable-tunables.
	* configure: Regenerate.
	* elf/Makefile (have-tunables): Check for non-negative instead
	of positive.
	(CPPFLAGS-dl-tunables.c): Define TUNABLES_FRONTEND for
	dl-tunables.c.
	* elf/dl-tunables.c (GLIBC_TUNABLES): Define only when
	TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring.
	(tunables_strdup): Likewise.
	(disable_tunables): Likewise.
	(parse_tunables): Likewise.
	(__tunables_init): Process GLIBC_TUNABLES envvar only when.
	TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring.
	* elf/dl-tunables.h (TUNABLES_FRONTEND_valstring): New macro.
	(TUNABLES_FRONTEND_yes): New macro, define as
	TUNABLES_FRONTEND_valstring by default.
	* manual/install.texi: Document new acceptable values for
	--enable-tunables.
	* INSTALL: Regenerate.
2016-12-31 23:49:24 +05:30
Siddhesh Poyarekar
9dd409a5f4 Initialize tunable list with the GLIBC_TUNABLES environment variable
Read tunables values from the users using the GLIBC_TUNABLES
environment variable.  The value of this variable is a colon-separated
list of name=value pairs.  So a typical string would look like this:

GLIBC_TUNABLES=glibc.malloc.mmap_threshold=2048:glibc.malloc.trim_threshold=1024

	* config.make.in (have-loop-to-function): Define.
	* elf/Makefile (CFLAGS-dl-tunables.c): Add
	-fno-tree-loop-distribute-patterns.
	* elf/dl-tunables.c: Include libc-internals.h.
	(GLIBC_TUNABLES): New macro.
	(tunables_strdup): New function.
	(parse_tunables): New function.
	(min_strlen): New function.
	(__tunables_init): Use the new functions and macro.
	(disable_tunable): Disable tunable from GLIBC_TUNABLES.
	* malloc/tst-malloc-usable-tunables.c: New test case.
	* malloc/tst-malloc-usable-static-tunables.c: New test case.
	* malloc/Makefile (tests, tests-static): Add tests.
2016-12-31 23:49:24 +05:30
Siddhesh Poyarekar
67e58f3941 Add framework for tunables
The tunables framework allows us to uniformly manage and expose global
variables inside glibc as switches to users.  tunables/README has
instructions for glibc developers to add new tunables.

Tunables support can be enabled by passing the --enable-tunables
configure flag to the configure script.  This patch only adds a
framework and does not pose any limitations on how tunable values are
read from the user.  It also adds environment variables used in malloc
behaviour tweaking to the tunables framework as a PoC of the
compatibility interface.

	* manual/install.texi: Add --enable-tunables option.
	* INSTALL: Regenerate.
	* README.tunables: New file.
	* Makeconfig (CPPFLAGS): Define TOP_NAMESPACE.
	(before-compile): Generate dl-tunable-list.h early.
	* config.h.in: Add HAVE_TUNABLES.
	* config.make.in: Add have-tunables.
	* configure.ac: Add --enable-tunables option.
	* configure: Regenerate.
	* csu/init-first.c (__libc_init_first): Move
	__libc_init_secure earlier...
	* csu/init-first.c (LIBC_START_MAIN):... to here.
	Include dl-tunables.h, libc-internal.h.
	(LIBC_START_MAIN) [!SHARED]: Initialize tunables for static
	binaries.
	* elf/Makefile (dl-routines): Add dl-tunables.
	* elf/Versions (ld): Add __tunable_set_val to GLIBC_PRIVATE
	namespace.
	* elf/dl-support (_dl_nondynamic_init): Unset MALLOC_CHECK_
	only when !HAVE_TUNABLES.
	* elf/rtld.c (process_envvars): Likewise.
	* elf/dl-sysdep.c [HAVE_TUNABLES]: Include dl-tunables.h
	(_dl_sysdep_start): Call __tunables_init.
	* elf/dl-tunable-types.h: New file.
	* elf/dl-tunables.c: New file.
	* elf/dl-tunables.h: New file.
	* elf/dl-tunables.list: New file.
	* malloc/tst-malloc-usable-static.c: New test case.
	* malloc/Makefile (tests-static): Add it.
	* malloc/arena.c [HAVE_TUNABLES]: Include dl-tunables.h.
	Define TUNABLE_NAMESPACE.
	(DL_TUNABLE_CALLBACK (set_mallopt_check)): New function.
	(DL_TUNABLE_CALLBACK_FNDECL): New macro.  Use it to define
	callback functions.
	(ptmalloc_init): Set tunable values.
	* scripts/gen-tunables.awk: New file.
	* sysdeps/mach/hurd/dl-sysdep.c: Include dl-tunables.h.
	(_dl_sysdep_start): Call __tunables_init.
2016-12-31 23:49:24 +05:30
Nick Alcock
7cbb738d21 Link a non-libc-using test with -fno-stack-protector [BZ #7065]
This test cannot reference __stack_chk_fail because it is not linked
with libc at all.
2016-12-26 10:11:05 +01:00
Nick Alcock
bc174f20b8 Ignore __stack_chk_fail* in the rtld mapfile computation [BZ #7065]
The previous commit prevented rtld itself from being built with
-fstack-protector, but this is not quite enough.  We identify which
objects belong in rtld via a test link and analysis of the resulting
mapfile.  That link is necessarily done against objects that are
stack-protected, so drags in __stack_chk_fail_local, __stack_chk_fail,
and all the libc and libio code they use.

To stop this happening, use --defsym in the test librtld.map-production
link to force the linker to predefine these two symbols (to 0, but it
could be to anything).  (In a real link, this would of course be
catastrophic, but these object files are never used for anything else.)
2016-12-26 10:08:51 +01:00
Nick Alcock
995635f95b Compile the dynamic linker without stack protection [BZ #7065]
Also compile corresponding routines in the static libc.a with the same
flag.
2016-12-26 10:08:48 +01:00