Commit Graph

157 Commits

Author SHA1 Message Date
Paul Eggert
581c785bf3 Update copyright dates with scripts/update-copyrights
I used these shell commands:

../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")

and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 7061 files FOO.

I then removed trailing white space from math/tgmath.h,
support/tst-support-open-dev-null-range.c, and
sysdeps/x86_64/multiarch/strlen-vec.S, to work around the following
obscure pre-commit check failure diagnostics from Savannah.  I don't
know why I run into these diagnostics whereas others evidently do not.

remote: *** 912-#endif
remote: *** 913:
remote: *** 914-
remote: *** error: lines with trailing whitespace found
...
remote: *** error: sysdeps/unix/sysv/linux/statx_cp.c: trailing lines
2022-01-01 11:40:24 -08:00
Florian Weimer
a41c8e9235 nptl: rseq failure after registration on main thread is fatal
This simplifies the application programming model.

Browser sandboxes have already been fixed:

  Sandbox is incompatible with rseq registration
  <https://bugzilla.mozilla.org/show_bug.cgi?id=1651701>

  Allow rseq in the Linux sandboxes. r=gcp
  <https://hg.mozilla.org/mozilla-central/rev/042425712eb1>

  Sandbox needs to support rseq system call
  <https://bugs.chromium.org/p/chromium/issues/detail?id=1104160>

  Linux sandbox: Allow rseq(2)
  <https://chromium.googlesource.com/chromium/src.git/+/230675d9ac8f1>

Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2021-12-09 09:49:32 +01:00
Florian Weimer
e3e589829d nptl: Add glibc.pthread.rseq tunable to control rseq registration
This tunable allows applications to register the rseq area instead
of glibc.

Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-12-09 09:49:32 +01:00
Florian Weimer
95e114a091 nptl: Add rseq registration
The rseq area is placed directly into struct pthread.  rseq
registration failure is not treated as an error, so it is possible
that threads run with inconsistent registration status.

<sys/rseq.h> is not yet installed as a public header.

Co-Authored-By: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-12-09 09:49:32 +01:00
Florian Weimer
e186fc5a31 nptl: Do not set signal mask on second setjmp return [BZ #28607]
__libc_signal_restore_set was in the wrong place: It also ran
when setjmp returned the second time (after pthread_exit or
pthread_cancel).  This is observable with blocked pending
signals during thread exit.

Fixes commit b3cae39dcb
("nptl: Start new threads with all signals blocked [BZ #25098]").

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-11-24 08:59:54 +01:00
Florian Weimer
2849e2f533 nptl: Avoid setxid deadlock with blocked signals in thread exit [BZ #28361]
As part of the fix for bug 12889, signals are blocked during
thread exit, so that application code cannot run on the thread that
is about to exit.  This would cause problems if the application
expected signals to be delivered after the signal handler revealed
the thread to still exist, despite pthread_kill can no longer be used
to send signals to it.  However, glibc internally uses the SIGSETXID
signal in a way that is incompatible with signal blocking, due to the
way the setxid handshake delays thread exit until the setxid operation
has completed.  With a blocked SIGSETXID, the handshake can never
complete, causing a deadlock.

As a band-aid, restore the previous handshake protocol by not blocking
SIGSETXID during thread exit.

The new test sysdeps/pthread/tst-pthread-setuid-loop.c is based on
a downstream test by Martin Osvald.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-09-23 09:56:07 +02:00
Florian Weimer
526c3cf11e nptl: Fix race between pthread_kill and thread exit (bug 12889)
A new thread exit lock and flag are introduced.  They are used to
detect that the thread is about to exit or has exited in
__pthread_kill_internal, and the signal is not sent in this case.

The test sysdeps/pthread/tst-pthread_cancel-select-loop.c is derived
from a downstream test originally written by Marek Polacek.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-09-13 11:06:08 +02:00
Siddhesh Poyarekar
30891f35fa Remove "Contributed by" lines
We stopped adding "Contributed by" or similar lines in sources in 2012
in favour of git logs and keeping the Contributors section of the
glibc manual up to date.  Removing these lines makes the license
header a bit more consistent across files and also removes the
possibility of error in attribution when license blocks or files are
copied across since the contributed-by lines don't actually reflect
reality in those cases.

Move all "Contributed by" and similar lines (Written by, Test by,
etc.) into a new file CONTRIBUTED-BY to retain record of these
contributions.  These contributors are also mentioned in
manual/contrib.texi, so we just maintain this additional record as a
courtesy to the earlier developers.

The following scripts were used to filter a list of files to edit in
place and to clean up the CONTRIBUTED-BY file respectively.  These
were not added to the glibc sources because they're not expected to be
of any use in future given that this is a one time task:

https://gist.github.com/siddhesh/b5ecac94eabfd72ed2916d6d8157e7dc
https://gist.github.com/siddhesh/15ea1f5e435ace9774f485030695ee02

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-09-03 22:06:44 +05:30
H.J. Lu
d8ea0d0168 Add an internal wrapper for clone, clone2 and clone3
The clone3 system call (since Linux 5.3) provides a superset of the
functionality of clone and clone2.  It also provides a number of API
improvements, including the ability to specify the size of the child's
stack area which can be used by kernel to compute the shadow stack size
when allocating the shadow stack.  Add:

extern int __clone_internal (struct clone_args *__cl_args,
			     int (*__func) (void *__arg), void *__arg);

to provide an abstract interface for clone, clone2 and clone3.

1. Simplify stack management for thread creation by passing both stack
base and size to create_thread.
2. Consolidate clone vs clone2 differences into a single file.
3. Call __clone3 if HAVE_CLONE3_WAPPER is defined.  If __clone3 returns
-1 with ENOSYS, fall back to clone or clone2.
4. Use only __clone_internal to clone a thread.  Since the stack size
argument for create_thread is now unconditional, always pass stack size
to create_thread.
5. Enable the public clone3 wrapper in the future after it has been
added to all targets.

NB: Sandbox will return ENOSYS on clone3 in both Chromium:

The following revision refers to this bug:
  218438259d

commit 218438259dd795456f0a48f67cbe5b4e520db88b
Author: Matthew Denton <mpdenton@chromium.org>
Date: Thu Jun 03 20:06:13 2021

Linux sandbox: return ENOSYS for clone3

Because clone3 uses a pointer argument rather than a flags argument, we
cannot examine the contents with seccomp, which is essential to
preventing sandboxed processes from starting other processes. So, we
won't be able to support clone3 in Chromium. This CL modifies the
BPF policy to return ENOSYS for clone3 so glibc always uses the fallback
to clone.

Bug: 1213452
Change-Id: I7c7c585a319e0264eac5b1ebee1a45be2d782303
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2936184
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#888980}

[modify] https://crrev.com/218438259dd795456f0a48f67cbe5b4e520db88b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc

and Firefox:

https://hg.mozilla.org/integration/autoland/rev/ecb4011a0c76

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-14 06:33:58 -07:00
Florian Weimer
7c241325d6 Force building with -fno-common
As a result, is not necessary to specify __attribute__ ((nocommon))
on individual definitions.

GCC 10 defaults to -fno-common on all architectures except ARC,
but this change is compatible with older GCC versions and ARC, too.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-09 20:09:14 +02:00
Florian Weimer
fef400a2f9 nptl: Export libthread_db-used symbols under GLIBC_PRIVATE
This allows distributions to strip debugging information from
libc.so.6 without impacting the debugging experience.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-06-28 15:05:42 +02:00
Adhemerval Zanella
8fe503f74e nptl: Avoid async cancellation to wrongly update __nptl_nthreads (BZ #19366)
The testcase provided on BZ#19366 may update __nptl_nthreads in a wrong
order, triggering an early process exit because the thread decrement
the value twice.

The issue is once the thread exits without acting on cancellation,
it decreaments '__nptl_nthreads' and then atomically set
 'cancelhandling' with EXITING_BIT (thus preventing further cancellation
handler to act).  The issue happens if a SIGCANCEL is received between
checking '__ntpl_nthreads' and setting EXITING_BIT.  To avoid it, the
'__nptl_nthreads' decrement is moved after EXITING_BIT.

It does fully follow the POSIX XSH 2.9.5 Thread Cancellation under
the heading Thread Cancellation Cleanup Handlers that states that
when a cancellation request is acted upon, or when a thread calls
pthread_exit(), the thread first disables cancellation by setting its
cancelability state to PTHREAD_CANCEL_DISABLE and its cancelability type
to PTHREAD_CANCEL_DEFERRED.  The issue is '__pthread_enable_asynccancel'
explicit enabled assynchrnous cancellation, so an interrupted syscall
within the cancellation cleanup handlers might see an invalid cancelling
type (a possible fix might be possible with my proposed solution to
BZ#12683).

Trying to come up with a test is quite hard since it requires to
mimic the timing issue described below, however I see that the
bug report reproducer does not early exit anymore.

Checked on x86_64-linux-gnu.
2021-06-09 15:16:45 -03:00
Adhemerval Zanella
41c7295617 nptl: Install cancellation handler on pthread_cancel
Now that cancellation is not used anymore to handle thread setup
creation failure, the sighandle can be installed only when
pthread_cancel is actually used.

Checked on x86_64-linux-gnu and aarch64-linux-gnu.
2021-06-09 15:16:45 -03:00
Adhemerval Zanella
02189e8fb0 nptl: Deallocate the thread stack on setup failure (BZ #19511)
To setup either the thread scheduling parameters or affinity,
pthread_create enforce synchronization on created thread to wait until
its parent either release PD ownership or send a cancellation signal if
a failure occurs.

However, cancelling the thread does not deallocate the newly created
stack since cancellation expects that a pthread_join to deallocate any
allocated thread resouces (threads stack or TLS).

This patch changes on how the thread resource is deallocate in case of
failure to be synchronous, where the creating thread will signal the
created thread to exit early so it could be joined.  The creating thread
will be reponsible for the resource cleanup before returning to the
caller.

To signal the creating thread that a failure has occured, an unused
'struct pthread' member, parent_cancelhandling_unsed, now indicates
whether the setup has failed so creating thread can proper exit.

This strategy also simplifies by not using thread cancellation and
thus not running libgcc_so load in the signal handler (which is
avoided in thread cancellation since 'pthread_cancel' is the one
responsible to dlopen libgcc_s).  Another advantage is since the
early exit is move to first step at thread creation, the signal
mask is not already set and thus it can not act on change ID setxid
handler.

Checked on x86_64-linux-gnu and aarch64-linux-gnu.
2021-06-09 15:16:45 -03:00
Adhemerval Zanella
eaa53d0f77 nptl: Remove exit-thread.h
No function change.  The code is used only for Linux, besides
being included in generic code.
2021-06-04 09:52:28 -03:00
Adhemerval Zanella
42813c675d nptl: Move createthread to pthread_create
The 'create_thread' function is moved to pthread_create.c.  It removes
the START_THREAD_DEFN and START_THREAD_SELF macros and make the
lock usage more clear (no need to cross-reference multiple files).

No functional change.
2021-05-27 13:11:41 -03:00
Florian Weimer
76b0c59e33 nptl: Install SIGSETXID handler with SA_ONSTACK [BZ #27914]
The signal is sent to all threads, some of which may have switched
to very small stacks.  If they have also installed an alternate
signal stack, SA_ONSTACK makes this work.  The Go runtime needs this:

  runtime: C.setuid/C.setgid smashes Go stack
  <https://github.com/golang/go/issues/9400>

Doing this for SIGCANCEL is less obviously beneficial and needs further
testing.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-05-27 15:37:35 +02:00
Florian Weimer
f47f1d91af nptl: Move pthread_create, thrd_create into libc
The symbols were moved using scripts/move-symbol-to-libc.py.

The libpthread placeholder symbols need some changes because some
symbol versions have gone away completely.  But
__errno_location@@GLIBC_2.0 still exists, so the GLIBC_2.0 version
is still there.

The internal __pthread_create symbol now points to the correct
function, so the sysdeps/nptl/thrd_create.c override is no longer
necessary.

There was an issue how the hidden alias of pthread_getattr_default_np
was defined, so this commit cleans up that aspects and removes the
GLIBC_PRIVATE export altogether.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-21 22:35:00 +02:00
Florian Weimer
b8cdc3bba7 nptl: Move semi-public __pthread_get_minstack symbol into libc
No abilist updates here because it is a GLIBC_PRIVATE symbol.

It's also necessary to move nptl_version into pthread_create, so
that it still ends up in static binaries.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-21 22:35:00 +02:00
Florian Weimer
2f69522d46 nptl: Perform signal initialization upon pthread_create
Install signal handlers and unblock signals before pthread_create
creates the first thread.

create_thread in sysdeps/unix/sysv/linux/createthread.c can send
SIGCANCEL to the current thread, so the SIGCANCEL handler is currently
needed even if pthread_cancel is never called.  (The way timer_create
uses SIGCANCEL does not need a signal handler; both SIG_DFL and SIG_IGN
dispositions should work.)

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-21 22:35:00 +02:00
Florian Weimer
8fbb33b3f7 nptl: Move __free_tcb into libc
Under the name __nptl_free_tcb.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-11 11:24:36 +02:00
Florian Weimer
c79a31fb36 nptl: Move stack cache management, __libpthread_freeres into libc
This replaces the FREE_P macro with the __nptl_stack_in_use inline
function.  stack_list_del is renamed to __nptl_stack_list_del,
stack_list_add to __nptl_stack_list_add, __deallocate_stack to
__nptl_deallocate_stack, free_stacks to __nptl_free_stacks.

It is convenient to move __libpthread_freeres into libc at the
same time.  This removes the temporary __default_pthread_attr_freeres
export and restores full freeres coverage for __default_pthread_attr.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-11 11:22:33 +02:00
Florian Weimer
d2af73a348 nptl: Remove always-disabled debugging support
This removes the DEBUGGING_P macro and the __pthread_debug variable.
The __find_in_stack_list function is now unused and deleted as well.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-11 11:09:42 +02:00
Florian Weimer
ce0b7961ae nptl: Consolidate async cancel enable/disable implementation in libc
Previously, the source file nptl/cancellation.c was compiled multiple
times, for libc, libpthread, librt.  This commit switches to a single
implementation, with new __pthread_enable_asynccancel@@GLIBC_PRIVATE,
__pthread_disable_asynccancel@@GLIBC_PRIVATE exports.

The almost-unused CANCEL_ASYNC and CANCEL_RESET macros are replaced
by LIBC_CANCEL_ASYNC and LIBC_CANCEL_ASYNC macros.  They call the
__pthread_* functions unconditionally now.  The macros are still
needed because shared code uses them; Hurd has different definitions.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-05 17:19:32 +02:00
Florian Weimer
442e8a40da nptl: Move part of TCB initialization from libpthread to __tls_init_tp
This initalization should only happen once for the main thread's TCB.
At present, auditors can achieve this by not linking against
libpthread.  If libpthread becomes part of libc, doing this
initialization in libc would happen for every audit namespace,
or too late (if it happens from the main libc only).  That's why
moving this code into ld.so seems the right thing to do, right after
the TCB initialization.

For !__ASSUME_SET_ROBUST_LIST ports, this also moves the symbol
__set_robust_list_avail into ld.so, as __nptl_set_robust_list_avail.
It also turned into a proper boolean flag.

Inline the __pthread_initialize_pids function because it seems no
longer useful as a separate function.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-04-21 19:49:51 +02:00
Florian Weimer
2cfef0b042 nptl: Move __nptl_deallocate_tsd into libc
This prepares moving pthread_exit, and later the pthread_key_create
infrastructure.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-04-21 19:49:50 +02:00
Florian Weimer
43fe356d18 nptl: Move internal __nptl_nthreads variable into libc
Reviewed-by: Adhemerval Zanella   <adhemerval.zanella@linaro.org>
2021-04-21 19:49:50 +02:00
Florian Weimer
a64afc2252 nptl_db: Support different libpthread/ld.so load orders (bug 27744)
libthread_db is loaded once GDB encounters libpthread, and at this
point, ld.so may not have been processed by GDB yet. As a result,
_rtld_global cannot be accessed by regular means from libthread_db.
To make this work until GDB can be fixed, acess _rtld_global through
a pointer stored in libpthread.

The new test does not reproduce bug 27744 with
--disable-hardcoded-path-in-tests, but is still a valid smoke test.
With --enable-hardcoded-path-in-tests, it is necessary to avoid
add-symbol-file because this can tickle a GDB bug.

Fixes commit 1daccf403b ("nptl: Move
stack list variables into _rtld_global").

Tested-by: Emil Velikov <emil.velikov@collabora.com>
2021-04-21 11:50:43 +02:00
Paul Eggert
2b778ceb40 Update copyright dates with scripts/update-copyrights
I used these shell commands:

../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")

and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
2021-01-02 12:17:34 -08:00
Florian Weimer
1daccf403b nptl: Move stack list variables into _rtld_global
Now __thread_gscope_wait (the function behind THREAD_GSCOPE_WAIT,
formerly __wait_lookup_done) can be implemented directly in ld.so,
eliminating the unprotected GL (dl_wait_lookup_done) function
pointer.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-11-16 19:33:30 +01:00
Joseph Myers
2098d4034d Disable spurious -Wstringop-overflow for setjmp/longjmp (bug 26647)
Building glibc with GCC 11 fails with (among other warnings) spurious
-Wstringop-overflow warnings from calls to setjmp and longjmp with a
pointer to a pthread_unwind_buf that is smaller than jmp_buf.  As
discussed in bug 26647, the warning in libc-start.c is a false
positive, because setjmp and longjmp do not access anything (the
signal mask) beyond the common prefix of the two structures, so this
patch disables the warning for that call to setjmp, as well as for two
calls in NPTL code that produce the same warning and look like false
positives for the same reason.

Tested with build-many-glibcs.py for arm-linux-gnueabi, where this
allows the build to get further.

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-10-30 21:38:31 +00:00
Florian Weimer
efedd1ed3d Linux: Remove rseq support
The kernel ABI is not finalized, and there are now various proposals
to change the size of struct rseq, which would make the glibc ABI
dependent on the version of the kernels used for building glibc.
This is of course not acceptable.

This reverts commit 48699da1c4 ("elf:
Support at least 32-byte alignment in static dlopen"), commit
8f4632deb3 ("Linux: rseq registration
tests"), commit 6e29cb3f61 ("Linux: Use
rseq in sched_getcpu if available"), and commit
0c76fc3c2b ("Linux: Perform rseq
registration at C startup and thread creation"), resolving the conflicts
introduced by the ARC port and the TLS static surplus changes.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-16 17:55:35 +02:00
Florian Weimer
706ad1e7af Add the __libc_single_threaded variable
The variable is placed in libc.so, and it can be true only in
an outer libc, not libcs loaded via dlmopen or static dlopen.
Since thread creation from inner namespaces does not work,
pthread_create can update __libc_single_threaded directly.

Using __libc_early_init and its initial flag, implementation of this
variable is very straightforward.  A future version may reset the flag
during fork (but not in an inner namespace), or after joining all
threads except one.

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-07-06 11:15:58 +02:00
Mathieu Desnoyers
0c76fc3c2b Linux: Perform rseq registration at C startup and thread creation
Register rseq TLS for each thread (including main), and unregister for
each thread (excluding main).  "rseq" stands for Restartable Sequences.

See the rseq(2) man page proposed here:
  https://lkml.org/lkml/2018/9/19/647

Those are based on glibc master branch commit 3ee1e0ec5c.
The rseq system call was merged into Linux 4.18.

The TLS_STATIC_SURPLUS define is increased to leave additional room for
dlopen'd initial-exec TLS, which keeps elf/tst-auditmany working.

The increase (76 bytes) is larger than 32 bytes because it has not been
increased in quite a while.  The cost in terms of additional TLS storage
is quite significant, but it will also obscure some initial-exec-related
dlopen failures.
2020-07-06 10:21:16 +02:00
Szabolcs Nagy
087942251f nptl: Don't madvise user provided stack
User provided stack should not be released nor madvised at
thread exit because it's owned by the user.

If the memory is shared or file based then MADV_DONTNEED
can have unwanted effects. With memory tagging on aarch64
linux the tags are dropped and thus it may invalidate
pointers.

Tested on aarch64-linux-gnu with MTE, it fixes

FAIL: nptl/tst-stack3
FAIL: nptl/tst-stack3-mem
2020-06-25 14:19:16 +01:00
Florian Weimer
ec41af45a6 nptl: Add pthread_attr_setsigmask_np, pthread_attr_getsigmask_np
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2020-06-02 11:59:18 +02:00
Florian Weimer
7538d46113 nptl: Make pthread_attr_t dynamically extensible
This introduces the function __pthread_attr_extension to allocate the
extension space, which is freed by pthread_attr_destroy.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-06-02 11:54:58 +02:00
Florian Weimer
c2322a561f nptl: Change type of __default_pthread_attr
union pthread_attr_transparent has always the correct size, even if
pthread_attr_t has padding that is not present in struct pthread_attr.

This should not result in an observable behavioral change.  The
existing code appears to have been correct, but it was brittle because
it was not clear which functions were allowed to write to an entire
pthread_attr_t argument (e.g., by copying it).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-06-02 10:32:37 +02:00
Florian Weimer
8111c457b8 nptl: Use __pthread_getattr_default_np in pthread_create
This removes another instance of custom attribute copying code.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-06-02 10:32:23 +02:00
Andreas Schwab
4cab20fa49 nptl: wait for pending setxid request also in detached thread (bug 25942)
There is a race between __nptl_setxid and exiting detached thread, which
causes a deadlock on stack_cache_lock.  The deadlock happens in this
state:

T1: setgroups -> __nptl_setxid (holding stack_cache_lock, waiting on cmdp->cntr == 0)
T2 (detached, exiting): start_thread -> __deallocate_stack (waiting on stack_cache_lock)
more threads waiting on stack_cache_lock in pthread_create

For non-detached threads, start_thread waits for its own setxid handler to
finish before exiting.  Do this for detached threads as well.
2020-05-12 17:17:49 +02:00
Florian Weimer
b3cae39dcb nptl: Start new threads with all signals blocked [BZ #25098]
New threads inherit the signal mask from the current thread.  This
means that signal handlers can run on the newly created thread
immediately after the kernel has created the userspace thread, even
before glibc has initialized the TCB.  Consequently, new threads can
observe uninitialized ctype data, among other things.

To address this, block all signals before starting the thread, and
pass the original signal mask to the start routine wrapper.  On the
new thread, first perform all thread initialization, and then unblock
signals.

The cost of doing this is two rt_sigprocmask system calls on the old
thread, and one rt_sigprocmask system call on the new thread.  (If
there was a way to clone a new thread with a signals disabled, this
could be brought down to one system call each.)  The thread descriptor
increases in size, too, and sigset_t is fairly large.  This increase
could be brought down by reusing space the in the descriptor which is
not needed before running user code, or by switching to an internal
sigset_t definition which only covers the signals supported by the
kernel definition.  (Part of the thread descriptor size increase is
already offset by reduced stack usage in the thread start wrapper
routine after this commit.)

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-04-27 10:04:24 +02:00
Florian Weimer
b03604b1b8 Linux: set_robust_list syscall number is always available
Due to the built-in tables, __NR_set_robust_list is always defined
(although it may not be available at run time).

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:49:44 +01:00
Adhemerval Zanella
bc2eb9321e linux: Remove INTERNAL_SYSCALL_DECL
With all Linux ABIs using the expected Linux kABI to indicate
syscalls errors, the INTERNAL_SYSCALL_DECL is an empty declaration
on all ports.

This patch removes the 'err' argument on INTERNAL_SYSCALL* macro
and remove the INTERNAL_SYSCALL_DECL usage.

Checked with a build against all affected ABIs.
2020-02-14 21:12:45 -03:00
Joseph Myers
d614a75396 Update copyright dates with scripts/update-copyrights. 2020-01-01 00:14:33 +00:00
Florian Weimer
e4b3707cea nptl: SIGCANCEL, SIGTIMER, SIGSETXID are always defined
All nptl targets have these signal definitions nowadays.  This
changes also replaces the nptl-generic version of pthread_sigmask
with the Linux version.

Tested on x86_64-linux-gnu and i686-linux-gnu.  Built with
build-many-glibcs.py.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-10-18 14:29:04 +02:00
Paul Eggert
5a82c74822 Prefer https to http for gnu.org and fsf.org URLs
Also, change sources.redhat.com to sourceware.org.
This patch was automatically generated by running the following shell
script, which uses GNU sed, and which avoids modifying files imported
from upstream:

sed -ri '
  s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g
  s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g
' \
  $(find $(git ls-files) -prune -type f \
      ! -name '*.po' \
      ! -name 'ChangeLog*' \
      ! -path COPYING ! -path COPYING.LIB \
      ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \
      ! -path manual/texinfo.tex ! -path scripts/config.guess \
      ! -path scripts/config.sub ! -path scripts/install-sh \
      ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \
      ! -path INSTALL ! -path  locale/programs/charmap-kw.h \
      ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \
      ! '(' -name configure \
            -execdir test -f configure.ac -o -f configure.in ';' ')' \
      ! '(' -name preconfigure \
            -execdir test -f preconfigure.ac ';' ')' \
      -print)

and then by running 'make dist-prepare' to regenerate files built
from the altered files, and then executing the following to cleanup:

  chmod a+x sysdeps/unix/sysv/linux/riscv/configure
  # Omit irrelevant whitespace and comment-only changes,
  # perhaps from a slightly-different Autoconf version.
  git checkout -f \
    sysdeps/csky/configure \
    sysdeps/hppa/configure \
    sysdeps/riscv/configure \
    sysdeps/unix/sysv/linux/csky/configure
  # Omit changes that caused a pre-commit check to fail like this:
  # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines
  git checkout -f \
    sysdeps/powerpc/powerpc64/ppc-mcount.S \
    sysdeps/unix/sysv/linux/s390/s390-64/syscall.S
  # Omit change that caused a pre-commit check to fail like this:
  # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline
  git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
2019-09-07 02:43:31 -07:00
Adhemerval Zanella
38cc11daa4 nptl: Remove pthread_clock_gettime pthread_clock_settime
This patch removes CLOCK_THREAD_CPUTIME_ID and CLOCK_PROCESS_CPUTIME_ID support
from clock_gettime and clock_settime generic implementation.  For Linux, kernel
already provides supports through the syscall and Hurd HTL lacks
__pthread_clock_gettime and __pthread_clock_settime internal implementation.

As described in clock_gettime man-page [1] on 'Historical note for SMP
system', implementing CLOCK_{THREAD,PROCESS}_CPUTIME_ID with timer registers
is error-prone and susceptible to timing and accurary issues that the libc
can not deal without kernel support.

This allows removes unused code which, however, still incur in some runtime
overhead in thread creation (the struct pthread cpuclock_offset
initialization).

If hurd eventually wants to support them it should either either implement as
a kernel facility (or something related due its architecture) or in system
specific implementation.

Checked on aarch64-linux-gnu, x86_64-linux-gnu, and i686-linux-gnu. I also
checked on a i686-gnu build.

	* nptl/Makefile (libpthread-routines): Remove pthread_clock_gettime and
	pthread_clock_settime.
	* nptl/pthreadP.h (__find_thread_by_id): Remove prototype.
	* elf/dl-support.c [!HP_TIMING_NOAVAIL] (_dl_cpuclock_offset): Remove.
	(_dl_non_dynamic_init): Remove _dl_cpuclock_offset setting.
	* elf/rtld.c (_dl_start_final): Likewise.
	* nptl/allocatestack.c (__find_thread_by_id): Remove function.
	* sysdeps/generic/ldsodefs.h [!HP_TIMING_NOAVAIL] (_dl_cpuclock_offset):
	Remove.
	* sysdeps/mach/hurd/dl-sysdep.c [!HP_TIMING_NOAVAIL]
	(_dl_cpuclock_offset): Remove.
	* nptl/descr.h (struct pthread): Rename cpuclock_offset to
	cpuclock_offset_ununsed.
	* nptl/nptl-init.c (__pthread_initialize_minimal_internal): Remove
	cpuclock_offset set.
	* nptl/pthread_create.c (START_THREAD_DEFN): Likewise.
	* sysdeps/nptl/fork.c (__libc_fork): Likewise.
	* nptl/pthread_clock_gettime.c: Remove file.
	* nptl/pthread_clock_settime.c: Likewise.
	* sysdeps/unix/clock_gettime.c (hp_timing_gettime): Remove function.
	[HP_TIMING_AVAIL] (realtime_gettime): Remove CLOCK_THREAD_CPUTIME_ID
	and CLOCK_PROCESS_CPUTIME_ID support.
	* sysdeps/unix/clock_settime.c (hp_timing_gettime): Likewise.
	[HP_TIMING_AVAIL] (realtime_gettime): Likewise.
	* sysdeps/posix/clock_getres.c (hp_timing_getres): Likewise.
	[HP_TIMING_AVAIL] (__clock_getres): Likewise.
	* sysdeps/unix/clock_nanosleep.c (CPUCLOCK_P, INVALID_CLOCK_P):
	Likewise.
	(__clock_nanosleep): Remove CPUCLOCK_P and INVALID_CLOCK_P usage.

[1] http://man7.org/linux/man-pages/man2/clock_gettime.2.html
2019-03-22 15:37:43 -03:00
Joseph Myers
04277e02d7 Update copyright dates with scripts/update-copyrights.
* All files with FSF copyright notices: Update copyright dates
	using scripts/update-copyrights.
	* locale/programs/charmap-kw.h: Regenerated.
	* locale/programs/locfile-kw.h: Likewise.
2019-01-01 00:11:28 +00:00
Adhemerval Zanella
ce7528f637 nptl: Add C11 threads thrd_* functions
This patch adds the thrd_* definitions from C11 threads (ISO/IEC 9899:2011),
more specifically thrd_create, thrd_curent, rhd_detach, thrd_equal,
thrd_exit, thrd_join, thrd_sleep, thrd_yield, and required types.

Mostly of the definitions are composed based on POSIX conterparts, such as
thrd_t (using pthread_t).  For thrd_* function internally direct
POSIX pthread call are used with the exceptions:

  1. thrd_start uses pthread_create internal implementation, but changes
     how to actually calls the start routine.  This is due the difference
     in signature between POSIX and C11, where former return a 'void *'
     and latter 'int'.
     To avoid calling convention issues due 'void *' to int cast, routines
     from C11 threads are started slight different than default pthread one.
     Explicit cast to expected return are used internally on pthread_create
     and the result is stored back to void also with an explicit cast.

  2. thrd_sleep uses nanosleep internal direct syscall to avoid clobbering
     errno and to handle expected standard return codes.  It is a
     cancellation entrypoint to be consistent with both thrd_join and
     cnd_{timed}wait.

  3. thrd_yield also uses internal direct syscall to avoid errno clobbering.

Checked with a build for all major ABI (aarch64-linux-gnu, alpha-linux-gnu,
arm-linux-gnueabi, i386-linux-gnu, ia64-linux-gnu, m68k-linux-gnu,
microblaze-linux-gnu [1], mips{64}-linux-gnu, nios2-linux-gnu,
powerpc{64le}-linux-gnu, s390{x}-linux-gnu, sparc{64}-linux-gnu,
and x86_64-linux-gnu).

Also ran a full check on aarch64-linux-gnu, x86_64-linux-gnu, i686-linux-gnu,
arm-linux-gnueabhf, and powerpc64le-linux-gnu.

	[BZ #14092]
	* conform/Makefile (conformtest-headers-ISO11): Add threads.h.
	(linknamespace-libs-ISO11): Add libpthread.a.
	* conform/data/threads.h-data: New file: add C11 thrd_* types and
	functions.
	* include/stdc-predef.h (__STDC_NO_THREADS__): Remove definition.
	* nptl/Makefile (headers): Add threads.h.
	(libpthread-routines): Add new C11 thread thrd_create, thrd_current,
	thrd_detach, thrd_equal, thrd_exit, thrd_join, thrd_sleep, and
	thrd_yield.
	* nptl/Versions (libpthread) [GLIBC_2.28]): Add new C11 thread
	thrd_create, thrd_current, thrd_detach, thrd_equal, thrd_exit,
	thrd_join, thrd_sleep, and thrd_yield symbols.
	* nptl/descr.h (struct pthread): Add c11 field.
	* nptl/pthreadP.h (ATTR_C11_THREAD): New define.
	* nptl/pthread_create.c (START_THREAD_DEFN): Call C11 thread start
	routine with expected function prototype.
	(__pthread_create_2_1): Add C11 threads check based on attribute
	value.
	* sysdeps/unix/sysdep.h (INTERNAL_SYSCALL_CANCEL): New macro.
	* nptl/thrd_create.c: New file.
	* nptl/thrd_current.c: Likewise.
	* nptl/thrd_detach.c: Likewise.
	* nptl/thrd_equal.c: Likewise.
	* nptl/thrd_exit.c: Likewise.
	* nptl/thrd_join.c: Likewise.
	* nptl/thrd_priv.h: Likewise.
	* nptl/thrd_sleep.c: Likewise.
	* nptl/thrd_yield.c: Likewise.
	* include/threads.h: Likewise.
2018-07-24 14:06:45 -03:00
H.J. Lu
ebff9c5cfa x86: Rename __glibc_reserved1 to feature_1 in tcbhead_t [BZ #22563]
feature_1 has X86_FEATURE_1_IBT and X86_FEATURE_1_SHSTK bits for CET
run-time control.

CET_ENABLED, IBT_ENABLED and SHSTK_ENABLED are defined to 1 or 0 to
indicate that if CET, IBT and SHSTK are enabled.

<tls-setup.h> is added to set up thread-local data.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

	[BZ #22563]
	* nptl/pthread_create.c: Include <tls-setup.h>.
	(__pthread_create_2_1): Call tls_setup_tcbhead.
	* sysdeps/generic/tls-setup.h: New file.
	* sysdeps/x86/nptl/tls-setup.h: Likewise.
	* sysdeps/i386/nptl/tcb-offsets.sym (FEATURE_1_OFFSET): New.
	* sysdeps/x86_64/nptl/tcb-offsets.sym (FEATURE_1_OFFSET):
	Likewise.
	* sysdeps/i386/nptl/tls.h (tcbhead_t): Rename __glibc_reserved1
	to feature_1.
	* sysdeps/x86_64/nptl/tls.h (tcbhead_t): Likewise.
	* sysdeps/x86/sysdep.h (X86_FEATURE_1_IBT): New.
	(X86_FEATURE_1_SHSTK): Likewise.
	(CET_ENABLED): Likewise.
	(IBT_ENABLED): Likewise.
	(SHSTK_ENABLED): Likewise.
2018-07-14 05:56:46 -07:00