The first getrandom is used only for __GT_NOCREATE, which is inherently
insecure and can use the entropy as a small improvement. On the
second and later attempts it might help against DoS attacks.
It sync with gnulib commit 854fbb81d91f7a0f2b463e7ace2499dee2f380f2.
Checked on x86_64-linux-gnu.
It syncs with gnulib commit b1268f22f443e8e4b9e. The try_tempname_len
now uses getrandom on each iteration to get entropy and only uses the
clock plus ASLR as source of entropy if getrandom fails.
Checked on x86_64-linux-gnu and i686-linux-gnu.
POSIX states that system returned code for failure to execute the shell
shall be as if the shell had terminated using _exit(127). This
behaviour was removed with 5fb7fc9635.
Checked on x86_64-linux-gnu.
I used these shell commands:
../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")
and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
This generic implementation already expects a getdents API which
is Linux specific. It also allows simplify it by assuming
_DIRENT_HAVE_D_RECLEN and _DIRENT_HAVE_D_OFF support.
The readdir are also expanded on each required implementation,
futher fixes and improvements will make parametrize the
implementation more complex.
Checked on x86_64-linux-gnu, i686-linux-gnu, and with a build
for all affected ABIs.
This patch removes the mknod and mknodat static wrapper and add the
symbols on the libc with the expected names.
Both the prototypes of the internal symbol linked by the static
wrappers and the inline redirectors are also removed from the installed
sys/stat.h header file. The wrapper implementation license LGPL
exception is also removed since it is no longer statically linked to
binaries.
Internally the _STAT_VER* definitions are moved to the arch-specific
xstatver.h file.
Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.
Reviewed-by: Lukasz Majewski <lukma@denx.de>
This patch removes the stat, stat64, lstat, lstat64, fstat, fstat64,
fstatat, and fstatat64 static wrapper and add the symbol on the libc
with the expected names.
Both the prototypes of the internal symbol linked by the static
wrappers and the inline redirectors are also removed from the installed
sys/stat.h header file. The wrapper implementation license LGPL
exception is also removed since it is no longer statically linked to
binaries.
Internally the _STAT_VER* definitions are moved to a arch-specific
xstatver.h file. The internal defines that redirects internals
{f}stat{at} to their {f}xstat{at} counterparts are removed for Linux
(!NO_RTLD_HIDDEN). Hurd still requires them since {f}stat{at} pulls
extra objects that makes the loader build fail otherwise (I haven't
dig into why exactly).
Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.
Reviewed-by: Lukasz Majewski <lukma@denx.de>
It replaces the internal usage of __{f,l}xstat{at}{64} with the
__{f,l}stat{at}{64}. It should not change the generate code since
sys/stat.h explicit defines redirections to internal calls back to
xstat* symbols.
Checked with a build for all affected ABIs. I also check on
x86_64-linux-gnu and i686-linux-gnu.
Reviewed-by: Lukasz Majewski <lukma@denx.de>
This is the first of a series of patches to sync with Gnulib commit
615b43e1f9. This patch adopts most of the changes of Gnulib, except it
retains GETCWD_RETURN_TYPE and does not always use a 64-bit internal
API. These remaining discrepancies will be addressed in later patches
in this series.
Checked on x86_64-linux-gnu and i686-linux-gnu.
* sysdeps/mach/hurd/Makefile [subdir=misc] (sysdep_routines): Add
writev_nocancel writev_nocancel_nostatus.
* sysdeps/mach/hurd/not-cancel.h (__writev_nocancel_nostatus): Replace
macro with function declaration (with hidden prototype in libc).
(__writev_nocancel): New function declaration (with hidden prototype in libc).
* sysdeps/mach/hurd/writev_nocancel_nostatus.c: New file.
* sysdeps/posix/writev_nocancel.c: New file, includes writev.c to make a
nocancel variant that calls __write_nocancel.
* sysdeps/posix/writev.c (writev): Do not define alias if __writev is
renamed.
The POSIX waitid implementation is problematic in some ways:
- It emulates using waitpid, which default implementation calls
wait4 and wait4 returns ENOSYS as default.
- Also by using waitpid it does not allod support the WNOWAIT,
WEXITED, WSTOPPED, or WCONTINUED flag. With current POSIX
specification the flags are no longer marked as optional.
Also due BZ#23091 Hurd still uses the implementation, so it is moved
to as a Hurd arch-specific folder (with some minor cleanups).
Checked against a i686-gnu (run-built-tests=no)
Filip Ochnik spotted that one of the error jumps in gethosts fails to
call __resolv_context_put to release the resolver context.
Fixes commit 352f4ff9a2 ("resolv:
Introduce struct resolv_context [BZ #21668]") and commit
964263bb8d ("getaddrinfo: Release
resolver context on error in gethosts [BZ #21885]").
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
The POSIX implementation is used as default and both BSD and Linux
version are removed. It simplifies the implementation for
architectures that do not provide either __NR_waitpid or
__NR_wait4.
Checked on x86_64-linux-gnu and powerpc64le-linux-gnu.
It enables and disables cancellation with pthread_setcancelstate
before calling the waitpid. It simplifies the waitpid implementation
for architectures that do not provide either __NR_waitpid or
__NR_wait4.
Checked on x86_64-linux-gnu.
ld.so symbols to be overriden by libc need to be extern to really get
overriden. __getcwd happens to have never been exposed, putting it to
GLIBC_PRIVATE.
Consolidate generic gettimeofday implementation to use clock_gettime.
Linux ports that still provide gettimeofday through vDSO are not
changed.
Remove sysdeps/unix/clock_gettime.c, which implemented clock_gettime
using gettimeofday; new OS ports must provide a real implementation of
clock_gettime.
Rename sysdeps/mach/gettimeofday.c to sysdeps/mach/clock_gettime.c and
convert into an implementation of clock_gettime. It only supports
CLOCK_REALTIME; Mach does not appear to have any support for monotonic
clocks. It uses __host_get_time, which provides at best microsecond
resolution. Hurd is currently using sysdeps/posix/clock_getres.c for
clock_getres; its output for CLOCK_REALTIME is based on
sysconf (_SC_CLK_TCK), and I do not know whether that gives the
correct result.
Unlike settimeofday, there are no known uses of gettimeofday's
vestigial "get time zone" feature that are not bugs. (The per-process
timezone support in localtime and friends is unrelated, and the
programs that set the kernel's offset between the hardware clock and
UTC do not need to read it back.) Therefore, this feature is dummied
out. Henceforth, if gettimeofday's "struct timezone" argument is not
NULL, it will write zeroes to both fields. Any program that is
actually looking at this data will thus think it is running in UTC,
which is probably more correct than whatever it was doing before.
[__]gettimeofday no longer has any internal callers, so we can now
remove its internal prototype and PLT bypass aliases. The
__gettimeofday@GLIBC_2.0 export remains, in case it is used by any
third-party code.
It also allows to simplify the arch-specific implementation on x86 and
powerpc to remove the hack to disable the internal route to non iFUNC
variant for internal symbol.
This patch also fixes a missing optimization on aarch64, powerpc, and
x86 where the code used on static build do not use the vDSO.
Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
powerpc64-linux-gnu, powerpc-linux-gnu, and aarch64-linux-gnu.
Co-authored-by: Zack Weinberg <zackw@panix.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
timespec_get is the same function as clock_gettime, with an obnoxious
coating of NIH painted on it by the ISO C committee. In addition to
the rename, it takes its arguments in a different order, it returns 0
on *failure* or a positive number on *success*, and it requires that
all of its TIME_* constants be positive. This last means we cannot
directly reuse the existing CLOCK_* constants for it, because
those have been allocated starting with CLOCK_REALTIME = 0 on all
existing platforms.
This patch simply promotes the sysdeps/posix implementation to
universal, and removes the Linux-specific implementation, whose
apparent reason for existing was to cut out one function call's worth
of overhead.
Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
powerpc64-linux-gnu, powerpc-linux-gnu, and aarch64-linux-gnu.
Reviewed-by: Lukasz Majewski <lukma@denx.de>
Change the default implementation of time to call clock_gettime,
to align with new Linux ports that are expected to only implement
__NR_clock_gettime. Arch-specific implementation that either call
the time vDSO or route to gettimeofday vDSO are not removed.
Also for Linux, CLOCK_REALTIME_COARSE is used instead of generic
CLOCK_REALTIME clockid. This takes less CPU time and its behavior
better matches what the current glibc does.
Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
powerpc64-linux-gnu, powerpc-linux-gnu, and aarch64-linux-gnu.
Co-authored-by: Zack Weinberg <zackw@panix.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
Since gettimeofday will shortly be implemented in terms of
clock_gettime on all platforms, internal code should use clock_gettime
directly; in addition to removing a layer of indirection, this will
allow us to remove the PLT-bypass gunk for gettimeofday. (We can't
quite do that yet, but it'll be coming later in this patch series.)
In many cases, the changed code does fewer conversions.
The changed code always assumes __clock_gettime (CLOCK_REALTIME)
cannot fail. Most of the call sites were assuming gettimeofday could
not fail, but a few places were checking for errors. POSIX says
clock_gettime can only fail if the clock constant is invalid or
unsupported, and CLOCK_REALTIME is the one and only clock constant
that's required to be supported. For consistency I grepped the entire
source tree for any other places that checked for errors from
__clock_gettime (CLOCK_REALTIME), found one, and changed it too.
(For the record, POSIX also says gettimeofday can never fail.)
(It would be nice if we could declare that GNU systems will always
support CLOCK_MONOTONIC as well as CLOCK_REALTIME; there are several
places where we are using CLOCK_REALTIME where _MONOTONIC would be
more appropriate, and/or trying to use _MONOTONIC and then falling
back to _REALTIME. But the Hurd doesn't support CLOCK_MONOTONIC yet,
and it looks like adding it would involve substantial changes to
gnumach's internals and API. Oh well.)
A few Hurd-specific files were changed to use __host_get_time instead
of __clock_gettime, as this seemed tidier. We also assume this cannot
fail. Skimming the code in gnumach leads me to believe the only way
it could fail is if __mach_host_self also failed, and our
Hurd-specific code consistently assumes that can't happen, so I'm
going with that.
With the exception of support/support_test_main.c, test cases are not
modified, mainly because I didn't want to have to figure out which
test cases were testing gettimeofday specifically.
The definition of GETTIME in sysdeps/generic/memusage.h had a typo and
was not reading tv_sec at all. I fixed this. It appears nobody has been
generating malloc traces on a machine that doesn't have a superseding
definition.
There are a whole bunch of places where the code could be simplified
by factoring out timespec subtraction and/or comparison logic, but I
want to keep this patch as mechanical as possible.
Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
powerpc64-linux-gnu, powerpc-linux-gnu, and aarch64-linux-gnu.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
In glibc 2.17, the functions clock_getcpuclockid, clock_getres,
clock_gettime, clock_nanosleep, and clock_settime were moved from
librt.so to libc.so, leaving compatibility stubs behind. Now that the
dynamic linker no longer insists on finding versioned symbols in the
same library that originally defined them, we do not need the stubs
anymore, and this means we don't need GLIBC_PRIVATE __-prefix aliases
for most of the functions anymore either. (clock_gettime still needs
one.) For ports added before 2.17, libc.so needs to provide two
symbol versions for each, the default at GLIBC_2.17 plus a compat
version matching what librt had.
While I'm at it, move the clock_*.c files and their tests from rt/ to
time/.
This patch refactor sigcontextinfo.h header to use SA_SIGINFO as default
for both gmon and debug implementations. This allows simplify
profil-counter.h on Linux to use a single implementation and remove the
requirements for newer ports to redefine __sigaction/sigaction to use
SA_SIGINFO.
The GET_PC macro is also replaced with a function sigcontext_get_pc that
returns an uintptr_t instead of a void pointer. It allows easier convertion
to integer on ILP32 architecture, such as x32, without the need to suppress
compiler warnings.
The patch also requires some refactor of register-dump.h file for some
architectures (to reflect it is now called from a sa_sigaction instead of
sa_handler signal context).
- Alpha, i386, and s390 are straighfoward to take in consideration the
new argument type.
- ia64 takes in consideration the kernel pass a struct sigcontextt
as third argument for sa_sigaction.
- sparc take in consideration the kernel pass a pt_regs struct
as third argument for sa_sigaction.
- m68k dummy function is removed and the FP state is dumped on
register_dump itself.
- For SH the register-dump.h file is consolidate on a common implementation
and the floating-point state is checked based on ownedfp field.
The register_dump does not change its output format in any affected
architecture.
I checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu,
arm-linux-gnueabihf, sparcv9-linux-gnu, sparc64-linux-gnu, powerpc-linux-gnu,
powerpc64-linux-gnu, and powerpc64le-linux-gnu.
I also checked the libSegFault.so through catchsegv on alpha-linux-gnu,
m68k-linux-gnu and sh4-linux-gnu to confirm the output has not changed.
Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer <fweimer@redhat.com>
* debug/segfault.c (install_handler): Use SA_SIGINFO if defined.
* sysdeps/generic/profil-counter.h (__profil_counter): Cast to
uintptr_t.
* sysdeps/generic/sigcontextinfo.h (GET_PC): Rename to
sigcontext_get_pc and return aligned cast to uintptr_t.
* sysdeps/mach/hurd/i386/sigcontextinfo.h (GET_PC): Likewise.
* sysdeps/posix/profil.c (profil_count): Change PC argument to
uintptr_t.
(__profil): Use SA_SIGINFO.
* sysdeps/posix/sprofil.c (profil_count): Change PCP argument to
uintptr_t.
(__sprofil): Use SA_SIGINFO.
* sysdeps/unix/sysv/linux/profil-counter.h: New file.
* sysdeps/unix/sysv/linux/aarch64/profil-counter.h: Remove file.
* sysdeps/unix/sysv/linux/csky/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/hppa/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/i386/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/ia64/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/microblaze/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/mips/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/nios2/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/powerpc/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/x86_64/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/riscv/profil-counter.h: Likewise.
* sysdeps/sysv/linux/s390/s390-32/profil-counter.h: Likewise.
* sysdeps/sysv/linux/s390/s390-64/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/sh/profil-counter.h: Likewise.
* sysdeps/unix/sysv/linux/arm/profil-counter.h (__profil_counter):
Assume SA_SIGINFO and use sigcontext_get_pc instead of GET_PC.
* sysdeps/unix/sysv/linux/sparc/profil-counter.h: New file.
* sysdeps/unix/sysv/linux/sparc/sparc64/profil-counter.h: Remove file.
* sysdeps/unix/sysv/linux/sparc/sparc32/profil-counter.h: Likewise.
* sysdpes/unix/sysv/linux/aarch64/sigcontextinfo.h (SIGCONTEXT,
GET_PC, __sigaction, sigaction): Remove defines.
(sigcontext_get_pc): New function.
* sysdeps/unix/sysv/linux/alpha/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/arm/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/csky/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/hppa/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/i386/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/m68k/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/mips/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/nios2/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/s390/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/microblaze/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/powerpc/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/riscv/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/sh/sigcontextinfo.h: Likewise.
* sysdeps/sysv/linux/sparc/sparc32/sigcontextinfo.h: Likewise.
* sysdeps/sysv/linux/sparc/sparc64/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/x86_64/sigcontextinfo.h: Likewise.
* sysdeps/unix/sysv/linux/alpha/register-dump.h (register_dump):
Handle CTX argument as ucontext_t.
* sysdeps/unix/sysv/linux/i386/register-dump.h: Likewise.
Likewise.
* sysdeps/unix/sysv/linux/m68k/register-dump.h: Likewise.
* sysdeps/sysv/linux/s390/s390-32/register-dump.h: Likewise.
* sysdeps/sysv/linux/s390/s390-64/register-dump.h: Likewise.
* sysdeps/unix/sysv/linux/sh/register-dump.h: New file.
* sysdeps/unix/sysv/linux/sh/sh4/register-dump.h: Remove File.
* sysdeps/unix/sysv/linux/sh/sh3/register-dump.h: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc32/register-dump.h: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/register-dump.h: Likewise.
* sysdeps/unix/sysv/linux/Makefile (tests-internal): Add
tst-sigcontextinfo-get_pc.
* sysdeps/unix/sysv/linux/tst-sigcontextinfo-get_pc.c: New file.
(CFLAGS-tst-sigcontextinfo-get_pc.c): New rule.
If the process is in a bad state, we used to print backtraces in
many cases. This is problematic because doing so could involve
a lot of work, like loading libgcc_s using the dynamic linker,
and this could itself be targeted by exploit writers. For example,
if the crashing process was forked from a long-lived process, the
addresses in the error message could be used to bypass ASLR.
Commit ed421fca42 ("Avoid backtrace from
__stack_chk_fail [BZ #12189]"), backtraces where no longer printed
because backtrace_and_maps was always called with do_abort == 1.
Rather than fixing this logic error, this change removes the backtrace
functionality from the sources. With the prevalence of external crash
handlers, it does not appear to be particularly useful. The crash
handler may also destroy useful information for debugging.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
This is missing bit for fully fix BZ#15813 (the other two were fixed
by 359653aaac).
Checked on x86_64-linux-gnu.
[BZ #15813]
sysdeps/posix/tempname.c (__gen_tempname): get entrypy on each
attempt.
The function uses the internal service_user type, so it is not
really usable from the outside of glibc. Rename the function
to __nss_database_lookup2 for internal use, and change
__nss_database_lookup to always indicate failure to the caller.
__nss_next already was a compatibility symbol. The new
implementation always fails and no longer calls __nss_next2.
unscd, the alternative nscd implementation, does not use
__nss_database_lookup, so it is not affected by this change.
This functionality was deprecated in glibc 2.25.
This commit only includes the core changes to remove the
functionality. It does not remove the RES_USE_INET6 handling in the
individual NSS service modules and the res_use_inet6 function.
These changes will happen in future commits.
This patch removes the HP_TIMING_BITS usage for fast random bits and replace
with clock_gettime (CLOCK_MONOTONIC). It has unspecified starting time and
nano-second accuracy, so its randomness is significantly better than
gettimeofday.
Althoug it should incur in more overhead (specially for architecture that
support hp-timing), the symbol is also common implemented as a vDSO.
Checked on aarch64-linux-gnu, x86_64-linux-gnu, and i686-linux-gnu. I also
checked on a i686-gnu build.
* include/random-bits.h: New file.
* resolv/res_mkquery.c [HP_TIMING_AVAIL] (RANDOM_BITS,
(__res_context_mkquery): Remove usage hp-timing usage and replace with
random_bits.
* resolv/res_send.c [HP_TIMING_AVAIL] (nameserver_offset): Likewise.
* sysdeps/posix/tempname.c [HP_TIMING_AVAIL] (__gen_tempname):
Likewise.
This patch removes CLOCK_THREAD_CPUTIME_ID and CLOCK_PROCESS_CPUTIME_ID support
from clock_gettime and clock_settime generic implementation. For Linux, kernel
already provides supports through the syscall and Hurd HTL lacks
__pthread_clock_gettime and __pthread_clock_settime internal implementation.
As described in clock_gettime man-page [1] on 'Historical note for SMP
system', implementing CLOCK_{THREAD,PROCESS}_CPUTIME_ID with timer registers
is error-prone and susceptible to timing and accurary issues that the libc
can not deal without kernel support.
This allows removes unused code which, however, still incur in some runtime
overhead in thread creation (the struct pthread cpuclock_offset
initialization).
If hurd eventually wants to support them it should either either implement as
a kernel facility (or something related due its architecture) or in system
specific implementation.
Checked on aarch64-linux-gnu, x86_64-linux-gnu, and i686-linux-gnu. I also
checked on a i686-gnu build.
* nptl/Makefile (libpthread-routines): Remove pthread_clock_gettime and
pthread_clock_settime.
* nptl/pthreadP.h (__find_thread_by_id): Remove prototype.
* elf/dl-support.c [!HP_TIMING_NOAVAIL] (_dl_cpuclock_offset): Remove.
(_dl_non_dynamic_init): Remove _dl_cpuclock_offset setting.
* elf/rtld.c (_dl_start_final): Likewise.
* nptl/allocatestack.c (__find_thread_by_id): Remove function.
* sysdeps/generic/ldsodefs.h [!HP_TIMING_NOAVAIL] (_dl_cpuclock_offset):
Remove.
* sysdeps/mach/hurd/dl-sysdep.c [!HP_TIMING_NOAVAIL]
(_dl_cpuclock_offset): Remove.
* nptl/descr.h (struct pthread): Rename cpuclock_offset to
cpuclock_offset_ununsed.
* nptl/nptl-init.c (__pthread_initialize_minimal_internal): Remove
cpuclock_offset set.
* nptl/pthread_create.c (START_THREAD_DEFN): Likewise.
* sysdeps/nptl/fork.c (__libc_fork): Likewise.
* nptl/pthread_clock_gettime.c: Remove file.
* nptl/pthread_clock_settime.c: Likewise.
* sysdeps/unix/clock_gettime.c (hp_timing_gettime): Remove function.
[HP_TIMING_AVAIL] (realtime_gettime): Remove CLOCK_THREAD_CPUTIME_ID
and CLOCK_PROCESS_CPUTIME_ID support.
* sysdeps/unix/clock_settime.c (hp_timing_gettime): Likewise.
[HP_TIMING_AVAIL] (realtime_gettime): Likewise.
* sysdeps/posix/clock_getres.c (hp_timing_getres): Likewise.
[HP_TIMING_AVAIL] (__clock_getres): Likewise.
* sysdeps/unix/clock_nanosleep.c (CPUCLOCK_P, INVALID_CLOCK_P):
Likewise.
(__clock_nanosleep): Remove CPUCLOCK_P and INVALID_CLOCK_P usage.
[1] http://man7.org/linux/man-pages/man2/clock_gettime.2.html
The stub implementations are turned into compat symbols.
Linux actually has two reserved system call numbers (for getpmsg
and putpmsg), but these system calls have never been implemented,
and there are no plans to implement them, so this patch replaces
the wrappers with the generic stubs.
According to <https://bugzilla.redhat.com/show_bug.cgi?id=436349>,
the presence of the XSI STREAMS declarations is a minor portability
hazard because they are not actually implemented.
This commit does not change the TIRPC support code in
sunrpc/rpc_svcout.c. It uses additional XTI functionality and
therefore never worked with glibc.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Clock_gettime, settime and getres implementations are unncessarily
complex due to using defines and C file inclusion. Simplify the
code by replacing the redundant defines and removing the inclusion,
making it much easier to understand. No functional changes.
* sysdeps/posix/clock_getres.c (__clock_getres): Cleanup.
* sysdeps/unix/clock_gettime.c (__clock_gettime): Cleanup.
* sysdeps/unix/clock_settime.c (__clock_settime): Cleanup.
* sysdeps/unix/sysv/linux/clock_getres.c (__clock_getres): Cleanup.
* sysdeps/unix/sysv/linux/clock_gettime.c (__clock_gettime): Cleanup.
* sysdeps/unix/sysv/linux/clock_settime.c (__clock_settime): Cleanup.
The IPv4 address parser in the getaddrinfo function is changed so that
it does not ignore trailing whitespace and all characters after it.
For backwards compatibility, the getaddrinfo function still recognizes
legacy name syntax, such as 192.000.002.010 interpreted as 192.0.2.8
(octal).
This commit does not change the behavior of inet_addr and inet_aton.
gethostbyname already had additional sanity checks (but is switched
over to the new __inet_aton_exact function for completeness as well).
To avoid sending the problematic query names over DNS, commit
6ca53a2453 ("resolv: Do not send queries
for non-host-names in nss_dns [BZ #24112]") is needed.
This patch wraps all uses of *_{enable,disable}_asynccancel and
and *_CANCEL_{ASYNC,RESET} in either already provided macros
(lll_futex_timed_wait_cancel) or creates new ones if the
functionality is not provided (SYSCALL_CANCEL_NCS, lll_futex_wait_cancel,
and lll_futex_timed_wait_cancel).
Also for some generic implementations, the direct call of the macros
are removed since the underlying symbols are suppose to provide
cancellation support.
This is a priliminary patch intended to simplify the work required
for BZ#12683 fix. It is a refactor change, no semantic changes are
expected.
Checked on x86_64-linux-gnu and i686-linux-gnu.
* nptl/pthread_join_common.c (__pthread_timedjoin_ex): Use
lll_wait_tid with timeout.
* nptl/sem_wait.c (__old_sem_wait): Use lll_futex_wait_cancel.
* sysdeps/nptl/aio_misc.h (AIO_MISC_WAIT): Use
futex_reltimed_wait_cancelable for cancelabla mode.
* sysdeps/nptl/gai_misc.h (GAI_MISC_WAIT): Likewise.
* sysdeps/posix/open64.c (__libc_open64): Do not call cancelation
macros.
* sysdeps/posix/sigwait.c (__sigwait): Likewise.
* sysdeps/posix/waitid.c (__sigwait): Likewise.
* sysdeps/unix/sysdep.h (__SYSCALL_CANCEL_CALL,
SYSCALL_CANCEL_NCS): New macro.
* sysdeps/nptl/lowlevellock.h (lll_wait_tid): Add timeout argument.
(lll_timedwait_tid): Remove macro.
* sysdeps/unix/sysv/linux/i386/lowlevellock.h (lll_wait_tid):
Likewise.
(lll_timedwait_tid): Likewise.
* sysdeps/unix/sysv/linux/sparc/lowlevellock.h (lll_wait_tid):
Likewise.
(lll_timedwait_tid): Likewise.
* sysdeps/unix/sysv/linux/x86_64/lowlevellock.h (lll_wait_tid):
Likewise.
(lll_timedwait_tid): Likewise.
* sysdeps/unix/sysv/linux/clock_nanosleep.c (__clock_nanosleep):
Use INTERNAL_SYSCALL_CANCEL.
* sysdeps/unix/sysv/linux/futex-internal.h
(futex_reltimed_wait_cancelable): Use LIBC_CANCEL_{ASYNC,RESET}
instead of __pthread_{enable,disable}_asynccancel.
* sysdeps/unix/sysv/linux/lowlevellock-futex.h
(lll_futex_wait_cancel): New macro.
Austin Group issue #411 [1] proposes that posix_spawn file action
posix_spawn_file_actions_adddup2 resets the close-on-exec when
source and destination refer to same file descriptor.
It solves the issue on multi-thread applications which uses
close-on-exec as default, and want to hand-chose specifically
file descriptor to purposefully inherited into a child process.
Current approach to achieve this scenario is to use two adddup2 file
actions and a temporary file description which do not conflict with
any other, coupled with a close file action to avoid leaking the
temporary file descriptor. This approach, besides being complex,
may fail with EMFILE/ENFILE file descriptor exaustion.
This can be more easily accomplished with an in-place removal of
FD_CLOEXEC. Although the resulting adddup2 semantic is slight
different than dup2 (equal file descriptors should be handled as
no-op), the proposed possible solution are either more complex
(fcntl action which a limited set of operations) or results in
unrequired operations (dup3 which also returns EINVAL for same
file descriptor).
Checked on aarch64-linux-gnu.
[BZ #23640]
* posix/tst-spawn.c (do_prepare, handle_restart, do_test): Add
posix_spawn_file_actions_adddup2 test to check O_CLOCEXEC reset.
* sysdeps/unix/sysv/linux/spawni.c (__spawni_child): Add
close-on-exec reset for adddup2 file action.
* sysdeps/posix/spawni.c (__spawni_child): Likewise.
[1] http://austingroupbugs.net/view.php?id=411
The “any later version” clause was missing. This change was approved
in principle by the FSF in RT ticket #1316403.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Along with posix_spawn_file_actions_addchdir,
posix_spawn_file_actions_addfchdir is the subject of a change proposal
for POSIX: <http://austingroupbugs.net/view.php?id=1208>
This patch is essentially 28669f86f6 adjusted for the generic
implementation.
Checked on x86_64-linux-gnu with Linux spawni.c removed. The only
failure is posix/tst-spawn3, which is expected.
[BZ #23913]
* sysdeps/posix/spawni.c (maybe_script_execute):
Increment size of new_argv by one.
This patch uses posix_spawn on system implementation. On Linux this has
the advantage of much lower memory consumption (usually 32 Kb minimum for
the mmap stack area).
Although POSIX does not require, glibc system implementation aims to be
thread and cancellation safe. The cancellation code is moved to generic
implementation and enabled iff SIGCANCEL is defined (similar on how the
cancellation handler is enabled on nptl-init.c).
Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu,
arm-linux-gnueabihf, and powerpc64le-linux-gnu.
* sysdeps/unix/sysv/linux/spawni.c (__spawni_child): Use
__sigismember instead of sigismember.
* sysdeps/posix/system.c [SIGCANCEL] (cancel_handler_args,
cancel_handler): New definitions.
(CLEANUP_HANDLER, CLEANUP_RESET): Likewise.
(DO_LOCK, DO_UNLOCK, INIT_LOCK, ADD_REF, SUB_REF): Remove.
(do_system): Use posix_spawn instead of fork and execl and remove
reentracy code.
* sysdeps/generic/not-errno.h (__kill_noerrno): New prototype.
* sysdeps/unix/sysv/linux/not-errno.h (__kill_noerrno): Likewise.
* sysdeps/unix/sysv/linux/ia64/system.c: Remove file.
* sysdeps/unix/sysv/linux/s390/system.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/system.c: Likewise.
* sysdeps/unix/sysv/linux/system.c: Likewise.
This patch fixes the OFD ("file private") locks for architectures that
support non-LFS flock definition (__USE_FILE_OFFSET64 not defined). The
issue in this case is both F_OFD_{GETLK,SETLK,SETLKW} and
F_{SET,GET}L{W}K64 expects a flock64 argument and when using old
F_OFD_* flags with a non LFS flock argument the kernel might interpret
the underlying data wrongly. Kernel idea originally was to avoid using
such flags in non-LFS syscall, but since GLIBC uses fcntl with LFS
semantic as default it is possible to provide the functionality and
avoid the bogus struct kernel passing by adjusting the struct manually
for the required flags.
The idea follows other LFS interfaces that provide two symbols:
1. A new LFS fcntl64 is added on default ABI with the usual macros to
select it for FILE_OFFSET_BITS=64.
2. The Linux non-LFS fcntl use a stack allocated struct flock64 for
F_OFD_{GETLK,SETLK,SETLKW} copy the results on the user provided
struct.
3. Keep a compat symbol with old broken semantic for architectures
that do not define __OFF_T_MATCHES_OFF64_T.
So for architectures which defines __USE_FILE_OFFSET64, fcntl64 will
aliased to fcntl and no adjustment would be required. So to actually
use F_OFD_* with LFS support the source must be built with LFS support
(_FILE_OFFSET_BITS=64).
Also F_OFD_SETLKW command is handled a cancellation point, as for
F_SETLKW{64}.
Checked on x86_64-linux-gnu and i686-linux-gnu.
[BZ #20251]
* NEWS: Mention fcntl64 addition.
* csu/check_fds.c: Replace __fcntl_nocancel by __fcntl64_nocancel.
* login/utmp_file.c: Likewise.
* sysdeps/posix/fdopendir.c: Likewise.
* sysdeps/posix/opendir.c: Likewise.
* sysdeps/unix/pt-fcntl.c: Likewise.
* include/fcntl.h (__libc_fcntl64, __fcntl64,
__fcntl64_nocancel_adjusted): New prototype.
(__fcntl_nocancel_adjusted): Remove prototype.
* io/Makefile (routines): Add fcntl64.
(CFLAGS-fcntl64.c): New rule.
* io/Versions [GLIBC_2.28] (fcntl64): New symbol.
[GLIBC_PRIVATE] (__libc_fcntl): Rename to __libc_fcntl64.
* io/fcntl.h (fcntl64): Add prototype and redirect if
__USE_FILE_OFFSET64 is defined.
* io/fcntl64.c: New file.
* manual/llio.text: Add a note for which commands fcntl acts a
cancellation point.
* nptl/Makefile (CFLAGS-fcntl64.c): New rule.
* sysdeps/mach/hurd/fcntl.c: Alias fcntl to fcntl64 symbols.
* sysdeps/mach/hurd/i386/libc.abilist [GLIBC_2.28] (fcntl, fcntl64):
New symbols.
* sysdeps/unix/sysv/linux/fcntl.c (__libc_fcntl): Fix F_GETLK64,
F_OFD_GETLK, F_SETLK64, F_SETLKW64, F_OFD_SETLK, and F_OFD_SETLKW for
non-LFS case.
* sysdeps/unix/sysv/linux/fcntl64.c: New file.
* sysdeps/unix/sysv/linux/fcntl_nocancel.c (__fcntl_nocancel): Rename
to __fcntl64_nocancel.
(__fcntl_nocancel_adjusted): Rename to __fcntl64_nocancel_adjusted.
* sysdeps/unix/sysv/linux/not-cancel.h (__fcntl_nocancel): Rename
to __fcntl64_nocancel.
* sysdeps/unix/sysv/linux/tst-ofdlocks.c: New file.
* sysdeps/unix/sysv/linux/tst-ofdlocks-compat.c: Likewise.
* sysdeps/unix/sysv/linux/Makefile (tests): Add tst-ofdlocks.
(tests-internal): Add tst-ofdlocks-compat.
* sysdeps/unix/sysv/linux/aarch64/libc.abilist [GLIBC_2.28]
(fcntl64): New symbol.
* sysdeps/unix/sysv/linux/alpha/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/ia64/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/powerpc/powerpc64/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/powerpc/powerpc64/libc-le.abilist: Likewise.
* sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/x86_64/64/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/arm/libc.abilist [GLIBC_2.28] (fcntl,
fcntl64): Likewise.
* sysdeps/unix/sysv/linux/hppa/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/i386/libc.abilis: Likewise.
* sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/microblaze/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/nios2/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist:
Likewise.
* sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist:
Likewise.
* sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/sh/libc.abilist: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist: Likewise.
Neither the <dlfcn.h> entry points, nor lazy symbol resolution, nor
initial shared library load-up, are cancellation points, so ld.so
should exclusively use I/O primitives that are not cancellable. We
currently achieve this by having the cancellation hooks compile as
no-ops when IS_IN(rtld); this patch changes to using exclusively
_nocancel primitives in the source code instead, which makes the
intent clearer and significantly reduces the amount of code compiled
under IS_IN(rtld) as well as IS_IN(libc) -- in particular,
elf/Makefile no longer thinks we require a copy of unwind.c in
rtld-libc.a. (The older mechanism is preserved as a backstop.)
The bulk of the change is splitting up the files that define the
_nocancel I/O functions, so they don't also define the variants that
*are* cancellation points; after which, the existing logic for picking
out the bits of libc that need to be recompiled as part of ld.so Just
Works. I did this for all of the _nocancel functions, not just the
ones used by ld.so, for consistency.
fcntl was a little tricky because it's only a cancellation point for
certain opcodes (F_SETLKW(64), which can block), and the existing
__fcntl_nocancel wasn't applying the FCNTL_ADJUST_CMD hook, which
strikes me as asking for trouble, especially as the only nontrivial
definition of FCNTL_ADJUST_CMD (for powerpc64) changes F_*LK* opcodes.
To fix this, fcntl_common moves to fcntl_nocancel.c along with
__fcntl_nocancel, and changes its name to the extern (but hidden)
symbol __fcntl_nocancel_adjusted, so that regular fcntl can continue
calling it. __fcntl_nocancel now applies FCNTL_ADJUST_CMD; so that
both both fcntl.c and fcntl_nocancel.c can see it, the only nontrivial
definition moves from sysdeps/u/s/l/powerpc/powerpc64/fcntl.c to
.../powerpc64/sysdep.h and becomes entirely a macro, instead of a macro
that calls an inline function.
The nptl version of libpthread also changes a little, because its
"compat-routines" formerly included files that defined all the
_nocancel functions it uses; instead of continuing to duplicate them,
I exported the relevant ones from libc.so as GLIBC_PRIVATE. Since the
Linux fcntl.c calls a function defined by fcntl_nocancel.c, it can no
longer be used from libpthread.so; instead, introduce a custom
forwarder, pt-fcntl.c, and export __libc_fcntl from libc.so as
GLIBC_PRIVATE. The nios2-linux ABI doesn't include a copy of vfork()
in libpthread, and it was handling that by manipulating
libpthread-routines in .../linux/nios2/Makefile; it is cleaner to do
what other such ports do, and have a pt-vfork.S that defines no symbols.
Right now, it appears that Hurd does not implement _nocancel I/O, so
sysdeps/generic/not-cancel.h will forward everything back to the
regular functions. This changed the names of some of the functions
that sysdeps/mach/hurd/dl-sysdep.c needs to interpose.
* elf/dl-load.c, elf/dl-misc.c, elf/dl-profile.c, elf/rtld.c
* sysdeps/unix/sysv/linux/dl-sysdep.c
Include not-cancel.h. Use __close_nocancel instead of __close,
__open64_nocancel instead of __open, __read_nocancel instead of
__libc_read, and __write_nocancel instead of __libc_write.
* csu/check_fds.c (check_one_fd)
* sysdeps/posix/fdopendir.c (__fdopendir)
* sysdeps/posix/opendir.c (__alloc_dir): Use __fcntl_nocancel
instead of __fcntl and/or __libc_fcntl.
* sysdeps/unix/sysv/linux/pthread_setname.c (pthread_setname_np)
* sysdeps/unix/sysv/linux/pthread_getname.c (pthread_getname_np)
* sysdeps/unix/sysv/linux/i386/smp.h (is_smp_system):
Use __open64_nocancel instead of __open_nocancel.
* sysdeps/unix/sysv/linux/not-cancel.h: Move all of the
hidden_proto declarations to the end and issue them if either
IS_IN(libc) or IS_IN(rtld).
* sysdeps/unix/sysv/linux/Makefile [subdir=io] (sysdep_routines):
Add close_nocancel, fcntl_nocancel, nanosleep_nocancel,
open_nocancel, open64_nocancel, openat_nocancel, pause_nocancel,
read_nocancel, waitpid_nocancel, write_nocancel.
* io/Versions [GLIBC_PRIVATE]: Add __libc_fcntl,
__fcntl_nocancel, __open64_nocancel, __write_nocancel.
* posix/Versions: Add __nanosleep_nocancel, __pause_nocancel.
* nptl/pt-fcntl.c: New file.
* nptl/Makefile (pthread-compat-wrappers): Remove fcntl.
(libpthread-routines): Add pt-fcntl.
* include/fcntl.h (__fcntl_nocancel_adjusted): New function.
(__libc_fcntl): Remove attribute_hidden.
* sysdeps/unix/sysv/linux/fcntl.c (__libc_fcntl): Call
__fcntl_nocancel_adjusted, not fcntl_common.
(__fcntl_nocancel): Move to new file fcntl_nocancel.c.
(fcntl_common): Rename to __fcntl_nocancel_adjusted; also move
to fcntl_nocancel.c.
* sysdeps/unix/sysv/linux/fcntl_nocancel.c: New file.
* sysdeps/unix/sysv/linux/powerpc/powerpc64/fcntl.c: Remove file.
* sysdeps/unix/sysv/linux/powerpc/powerpc64/sysdep.h:
Define FCNTL_ADJUST_CMD here, as a self-contained macro.
* sysdeps/unix/sysv/linux/close.c: Move __close_nocancel to...
* sysdeps/unix/sysv/linux/close_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/nanosleep.c: Move __nanosleep_nocancel to...
* sysdeps/unix/sysv/linux/nanosleep_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/open.c: Move __open_nocancel to...
* sysdeps/unix/sysv/linux/open_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/open64.c: Move __open64_nocancel to...
* sysdeps/unix/sysv/linux/open64_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/openat.c: Move __openat_nocancel to...
* sysdeps/unix/sysv/linux/openat_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/openat64.c: Move __openat64_nocancel to...
* sysdeps/unix/sysv/linux/openat64_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/pause.c: Move __pause_nocancel to...
* sysdeps/unix/sysv/linux/pause_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/read.c: Move __read_nocancel to...
* sysdeps/unix/sysv/linux/read_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/waitpid.c: Move __waitpid_nocancel to...
* sysdeps/unix/sysv/linux/waitpid_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/write.c: Move __write_nocancel to...
* sysdeps/unix/sysv/linux/write_nocancel.c: ...this new file.
* sysdeps/unix/sysv/linux/nios2/Makefile: Don't override
libpthread-routines.
* sysdeps/unix/sysv/linux/nios2/pt-vfork.S: New file which
defines nothing.
* sysdeps/mach/hurd/dl-sysdep.c: Define __read instead of
__libc_read, and __write instead of __libc_write. Define
__open64 in addition to __open.
Current posix_spawnp implementation wrongly tries to execute invalid
binaries (for instance script without shebang) as a shell script in
non compat mode. It was a regression introduced by
9ff72da471 when __spawni started to use
__execvpe instead of __execve (glibc __execvpe try to execute ENOEXEC
as shell script regardless).
This patch fixes it by using an internal symbol (__execvpex) with the
faulty semantic (since compat mode is handled by spawni.c itself).
It was reported by Daniel Drake on libc-help [1].
Checked on x86_64-linux-gnu and i686-linux-gnu.
[BZ #23264]
* include/unistd.h (__execvpex): New prototype.
* posix/Makefile (tests): Add tst-spawn4.
(tests-internal): Add tst-spawn4-compat.
* posix/execvpe.c (__execvpe_common, __execvpex): New functions.
* posix/tst-spawn4-compat.c: New file.
* posix/tst-spawn4.c: Likewise.
* sysdeps/unix/sysv/linux/spawni.c (__spawni): Do not interpret invalid
binaries as shell scripts.
* sysdeps/posix/spawni.c (__spawni): Likewise.
[1] https://sourceware.org/ml/libc-help/2018-06/msg00012.html
This patch consolidates Linux readdir{64}{_r} implementation on just
the default sysdeps/unix/sysv/linux/readdir{64}{_r}.c ones. The
default implementation handle the Linux requirements:
* readdir{_r} is only built for _DIRENT_MATCHES_DIRENT64 being 0.
* readdir64{_r} is always built and aliased to readdir{_r} for
ABI that define _DIRENT_MATCHES_DIRENT64.
* A compat symbol is added for readdir64{_r} for ABI that used to
export the old non-LFS version.
Checked on aarch64-linux-gnu, x86_64-linux-gnu, i686-linux-gnu,
sparcv9-linux-gnu, sparc64-linux-gnu, powerpc-linux-gnu, and
powerpc64le-linux-gnu.
* sysdeps/posix/readdir.c (__READDIR, __GETDENTS, DIRENTY_TYPE,
__READDIR_ALIAS): Undefine after usage.
* sysdeps/posix/readdir_r.c (__READDIR_R, __GETDENTS, DIRENT_TYPE,
__READDIR_R_ALIAS): Likewise.
* sysdeps/unix/sysv/linux/arm/readdir64.c: Remove file.
* sysdeps/unix/sysv/linux/arm/readdir64_r.c: Likewise.
* sysdeps/unix/sysv/linux/m68k/readdir64.c: Likewise.
* sysdeps/unix/sysv/linux/m68k/readdir64_r.c: Likewise.
* sysdeps/unix/sysv/linux/powerpc/readdir64.c: Likewise.
* sysdeps/unix/sysv/linux/powerpc/readdir64_r.c: Likewise.
* sysdeps/unix/sysv/linux/i386/readdir64.c: Likewise.
* sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise.
* sysdeps/unix/sysv/linux/s390/s390-32/readdir64.c: Likewise.
* sysdeps/unix/sysv/linux/s390/s390-32/readdir64_r.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc32/readdir64.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc32/readdir64_r.c: Likewise.
* sysdeps/unix/sysv/linux/wordsize-64/readdir.c: Likewise.
* sysdeps/unix/sysv/linux/wordsize-64/readdir64.c: Likewise.
* sysdeps/unix/sysv/linux/wordsize-64/readdir64_r.c: Likewise.
* sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Likewise.
* sysdeps/unix/sysv/linux/readdir.c: New file.
* sysdeps/unix/sysv/linux/readdir_r.c: Likewise.
* sysdeps/unix/sysv/linux/readdir64.c: Add compat symbol if required.
* sysdeps/unix/sysv/linux/readdir64_r.c: Likewise.
This patch filters out the internal NPTL signals (SIGCANCEL/SIGTIMER and
SIGSETXID) from signal functions. GLIBC on Linux requires both signals to
proper implement pthread cancellation, posix timers, and set*id posix
thread synchronization.
And not filtering out the internal signal is troublesome:
- A conformant program on a architecture that does not filter out the
signals might inadvertently disable pthread asynchronous cancellation,
set*id synchronization or posix timers.
- It might also to security issues if SIGSETXID is masked and set*id
functions are called (some threads might have effective user or group
id different from the rest).
The changes are basically:
- Change __is_internal_signal to bool and used on all signal function
that has a signal number as input. Also for signal function which accepts
signals sets (sigset_t) it assumes that canonical function were used to
add/remove signals which lead to some input simplification.
- Fix tst-sigset.c to avoid check for SIGCANCEL/SIGTIMER and SIGSETXID.
It is rewritten to check each signal indidually and to check realtime
signals using canonical macros.
- Add generic __clear_internal_signals and __is_internal_signal
version since both symbols are used on generic implementations.
- Remove superflous sysdeps/nptl/sigfillset.c.
- Remove superflous SIGTIMER handling on Linux __is_internal_signal
since it is the same of SIGCANCEL.
- Remove dangling define and obvious comment on nptl/sigaction.c.
Checked on x86_64-linux-gnu.
[BZ #22391]
* nptl/sigaction.c (__sigaction): Use __is_internal_signal to
check for internal nptl signals.
* nptl/sigaction.c (__sigaction): Likewise.
* signal/sigaddset.c (sigaddset): Likewise.
* signal/sigdelset.c (sigdelset): Likewise.
* sysdeps/posix/signal.c (__bsd_signal): Likewise.
* sysdeps/posix/sigset.c (sigset): Call and check sigaddset return
value.
* signal/sigfillset.c (sigfillset): User __clear_internal_signals
to filter out internal nptl signals.
* signal/tst-sigset.c (do_test): Check ech signal indidually and
also check realtime signals using standard macros.
* sysdeps/generic/internal-signals.h (__clear_internal_signals,
__is_internal_signal, __libc_signal_block_all,
__libc_signal_block_app, __libc_signal_restore_set): New functions.
* sysdeps/nptl/sigfillset.c: Remove file.
* sysdeps/unix/sysv/linux/internal-signals.h (__is_internal_signal):
Change return to bool.
(__clear_internal_signals): Remove SIGTIMER clean since it is
equal to SIGCANEL on Linux.
* sysdeps/unix/sysv/linux/sigtimedwait.c (__sigtimedwait): Assume
signal set was constructed using standard functions.
Reported-by: Yury Norov <ynorov@caviumnetworks.com>
This patch assumes O_DIRECTORY works as defined by POSIX on opendir
implementation (aligning with other glibc code, for instance pwd). This
allows remove both the fallback code to handle system with missing or
broken O_DIRECTORY along with the Linux specific opendir.c which just
advertise the working flag.
Checked on aarch64-linux-gnu, x86_64-linux-gnu, i686-linux-gnu,
sparcv9-linux-gnu, sparc64-linux-gnu, powerpc-linux-gnu, and
powerpc64le-linux-gnu.
* sysdeps/posix/opendir.c (o_directory_works, tryopen_o_directory):
Remove definitions.
(opendir_oflags): Use O_DIRECTORY regardless.
(__opendir, __opendirat): Remove need_isdir_precheck usage.
* sysdeps/unix/sysv/linux/opendir.c: Remove file.
Continuing the fixes for linknamespace and localplt test failures with
-Os that arise from functions not being inlined in that case, this
patch fixes such failures for feof_unlocked.
The usual approach is followed of adding __feof_unlocked (inlined when
feof_unlocked is), making calls use it when required for namespace
reasons, and using libc_hidden_proto / libc_hidden_weak for the
feof_unlocked weak alias when only localplt but not namespace issues
are involved. In the case of getaddrinfo.c, use of __feof_unlocked
needs to be conditional since that code is also used in nscd (where
__feof_unlocked is not available).
Tested for x86_64 (both without -Os to make sure that case continues
to work, and with -Os to make sure all the relevant linknamespace and
localplt test failures are resolved). Because of other such failures
that remain after this patch, neither of the bugs can yet be closed.
[BZ #15105]
[BZ #19463]
* libio/feof_u.c (feof_unlocked): Rename to __feof_unlocked and
define as weak alias of __feof_unlocked. Use libc_hidden_weak.
* include/stdio.h (feof_unlocked): Use libc_hidden_proto.
(__feof_unlocked): New declaration, and inline function if
[__USE_EXTERN_INLINES].
* iconv/gconv_conf.c (read_conf_file): Call __feof_unlocked
instead of feof_unlocked.
* intl/localealias.c [_LIBC] (FEOF): Likewise.
* nss/nsswitch.c (nss_parse_file): Likewise.
* sysdeps/unix/sysv/linux/readonly-area.c (__readonly_area):
Likewise.
* time/getdate.c (__getdate_r): Likewise.
* sysdeps/posix/getaddrinfo.c [IS_IN (libc)] (feof_unlocked):
Define as macro to call __feof_unlocked.
This follows c45d78aac ('posix: Fix generic p{read,write}v buffer allocation
(BZ#22457)'), which made pwritev to use __mmap instead of __posix_memalign,
but didn't pass PROT_READ to it, while the pwrite() call does need to
read the data we have just copied over.
* sysdeps/posix/pwritev_common.c: Add PROT_READ to __mmap prot.
As described in BZ#22457 an interpose malloc can free an invalid
pointer for fallback preadv implementation. Fortunately this is
just and issue on microblaze-linux-gnu running kernels older than
3.15. This patch fixes it by calling mmap/unmap instead of
posix_memalign/ free.
Checked on microblaze-linux-gnu check with run-built-tests=no and
by using the sysdeps/posix implementation on x86_64-linux-gnu (just
for sanity test where it shown no regression).
[BZ #22457]
* sysdeps/posix/preadv_common.c (PREADV): Use mmap/munmap instead of
posix_memalign/free.
* sysdeps/posix/pwritev_common.c (PWRITEV): Likewise.
This patch simplify sigpause by remobing the single thread optimization
since it will be handled already by the __sigsuspend call.
Checked on x86_64-linux-gnu.
* sysdeps/posix/sigpause.c (do_sigpause): Remove.
(__sigpause): Rely on __sigsuspend to implement single thread
optimization. Add LIBC_CANCEL_HANDLED for cancellation marking.
Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Zack Weinberg <zackw@panix.com>
After commit 37f802f864 (Remove
__need_IOV_MAX and __need_FOPEN_MAX), UIO_MAXIOV is no longer supplied
(indirectly) through <bits/stdio_lim.h>, so sysdeps/posix/sysconf.c no
longer sees the definition.
Hide internal idna functions to allow direct access within libc.so and
libc.a without using GOT nor PLT.
[BZ #18822]
* include/idna.h: New file.
* inet/getnameinfo.c: Include <idna.h> instead of
<libidn/idna.h>.
(__idna_to_unicode_lzlz): Removed.
* sysdeps/posix/getaddrinfo.c: Include <idna.h> instead of
<libidn/idna.h>.
(__idna_to_ascii_lz): Removed.
(__idna_to_unicode_lzlz): Likewise.
dirfd is XOPEN2K8 only, it should not be exposed along ftw which is earlier.
* include/dirent.h (__dirfd): New declaration.
* dirent/dirfd.c (dirfd): Rename to __dirfd, and redefine as weak
alias.
* sysdeps/posix/dirfd/dirfd.c (dirfd): Likewise.
* sysdeps/mach/hurd/dirfd.c (dirfd): Likewise.
* io/ftw.c (open_dir_stream, ftw_dir): Use __dirfd instead of dirfd.
* misc/preadv2.c: Include <errno.h>.
* misc/preadv64v2.c: Include <errno.h>.
* misc/pwritev2.c: Include <errno.h>.
* misc/pwritev64v2.c: Include <errno.h>.
* sysdeps/posix/preadv2.c: Include <errno.h>.
* sysdeps/posix/preadv64v2.c: Include <errno.h>.
Fix <unistd.h> inclusion.
* sysdeps/posix/pwritev2.c: Include <errno.h>.
* sysdeps/posix/pwritev64v2.c: Include <errno.h>.
* sysdeps/posix/preadv2.c: Use off_t instead of OFF_T.
* sysdeps/posix/preadv64v2.c: Use off_t instead of OFF_T.
* sysdeps/posix/pwritev2.c: Use off_t instead of OFF_T.
* sysdeps/posix/pwritev64v2.c: Use off_t instead of OFF_T.
The old code uses errno as the primary indicator for success or
failure. This is wrong because errno is only set for specific
combinations of the status return value and the h_errno variable.
This simplifies the code because it is not necessary to propagate the
temporary h_errno value to the thread-local variable. It also increases
compatibility with NSS modules which update only one of the two places.
This patch consolidates all the non cancellable pause calls to use
the __pause_nocancel identifier. For non cancellable targets it will
be just a macro to call the default respective symbol while on Linux
will be a internal one.
Checked on x86_64-linux-gnu, x86_64-linux-gnu-x32, and i686-linux-gnu.
* nptl/pthread_mutex_lock.c (__pthread_mutex_lock_full): Replace
pause_not_cancel with __pause_nocancel.
* sysdeps/generic/not-cancel.h (pause_not_cancel): Remove macro.
(__pause_nocancel): New macro.
* sysdeps/unix/sysv/linux/not-cancel.h (pause_not_cancel): Remove
macro.
(__pause_nocancel): New prototype.
* sysdeps/unix/sysv/linux/pause.c (__pause_nocancel): New function.
Mark internal nss symbols with attribute_hidden to allow direct access
within libc.so and libc.a without using GOT nor PLT.
Tested on x86-64 with and without --disable-nscd.
[BZ #18822]
* grp/initgroups.c (__nss_group_database): Removed.
(__nss_initgroups_database): Likewise.
* nscd/gai.c (__nss_hosts_database): Likewise.
* nss/XXX-lookup.c (DATABASE_NAME_SYMBOL): Likewise.
* posix/tst-rfc3484-2.c (__nss_hosts_database): Likewise.
* posix/tst-rfc3484-3.c (__nss_hosts_database): Likewise.
* posix/tst-rfc3484.c (__nss_hosts_database): Likewise.
* sysdeps/posix/getaddrinfo.c (__nss_hosts_database): Likewise.
* nss/getXXent.c (INTERNAL (REENTRANT_GETNAME)): Add
attribute_hidden.
* nss/nsswitch.c (__nss_database_custom): Define only if
USE_NSCD is defined.
(__nss_configure_lookup): Use __nss_database_custom only if
USE_NSCD is defined.
* nss/nsswitch.h (__nss_database_custom): Declare only if
USE_NSCD is defined. Add attribute_hidden.
(__nss_setent): Add attribute_hidden.
(__nss_endent): Likewise.
(__nss_getent_r): Likewise.
(__nss_getent): Likewise.
(DEFINE_DATABASE): Declare __nss_##arg##_database.
This patch consolidates all the non cancellable openat{64} calls to use
the __openat{64}_nocancel identifier. For non cancellable targets it will
be just a macro to call the default respective symbol while on Linux
will be a internal one.
Checked on x86_64-linux-gnu, x86_64-linux-gnu-x32, and i686-linux-gnu.
* sysdeps/generic/not-cancel.h (openat_not_cancel): Remove macro.
(openat_not_cancel_3): Likewise.
(openat64_not_cancel_3): Likewise).
(openat_not_cancel_3): Likewise).
* sysdeps/unix/sysv/linux/not-cancel.h (openat_not_cancel): Remove
macro.
(openat_not_cancel_3): Likewise.
(openat64_not_cancel): Likewise.
(openat64_not_cancel_3): Likewise.
* sysdeps/unix/sysv/linux/openat.c (__openat_nocancel): New function.
* sysdeps/unix/sysv/linux/openat64.c (__openat64_nocancel): Likewise.
* io/ftw.c (open_dir_stream): Replace openat{64}_not_cancel{_3} with
__open{64}_nocancel.
* sysdeps/mach/hurd/opendir.c (__opendirat): Likewise.
* sysdeps/posix/getcwd.c (__getcwd): Likewise.
* sysdeps/posix/opendir.c (__opendirat): Likewise.
This patch consolidates all the non cancellable write calls to use
the __write_nocancel identifier. For non cancellable targets it will
be just a macro to call the default respective symbol while on Linux
will be a internal one.
Checked on x86_64-linux-gnu, x86_64-linux-gnu-x32, and i686-linux-gnu.
* sysdeps/generic/not-cancel.h (write_not_cancel): Remove macro.
(__write_nocancel): New macro.
* sysdeps/unix/sysv/linux/not-cancel.h (__write_nocancel):
Rewrite as a function prototype.
(write_not_cancel): Remove macro.
* sysdeps/unix/sysv/linux/write.c (__write_nocancel): New function.
* gmon/gmon.c (ERR): Replace write_not_cancel with __write_nocancel.
(write_gmon): Likewise.
* libio/fileops.c (_IO_new_file_write): Likewise.
* login/utmp_file.c (pututline_file): Likewise.
(updwtmp_file): Likewise.
* stdio-common/psiginfo.c (psiginfo): Likewise.
* sysdeps/posix/spawni.c (__spawni_child): Likewise.
* sysdeps/unix/sysv/linux/gethostid.c (sethostid): Likewise.
* sysdeps/unix/sysv/linux/libc_fatal.c (backtrace_and_maps):
Likewise.
* sysdeps/unix/sysv/linux/pthread_setname.c (pthread_setname_np):
Likewise.
Different than other architectures hppa-linux-gnu define different values
for ENOTSUP and EOPNOTSUPP, where the later is a Linux specific one.
This leads to tst-preadwritev{64}v2 tests failures:
$ ./testrun.sh misc/tst-preadvwritev2
error: tst-preadvwritev2-common.c:35: preadv2 failure did not set errno to ENOTSUP (223)
error: 1 test failures
The straightforward fix is to return the POSIX defined ENOTSUP on all
p{read,write}v{64}v2 implementations instead of Linux specific one.
Checked on x86_64-linux-gnu and the tst-preadwritev{64}v2 on
hppa-linux-gnu (although due the installed kernel on my testing system
the pwritev{64}v2 with an invalid flag still fails due a known kernel
issue [1]).
[BZ #21780]
* sysdeps/posix/preadv2.c (preadv2): Use ENOTSUP instead of
EOPNOTSUPP.
* sysdeps/posix/preadv64v2.c (preadv64v2): Likewise.
* sysdeps/posix/pwritev2.c (pwritev2): Likewise.
* sysdeps/posix/pwritev64v2.c (pwritev64v2): Likewise.
* sysdeps/unix/sysv/linux/preadv2.c (preadv2): Likewise.
* sysdeps/unix/sysv/linux/preadv64v2.c (preadv64v2): Likewise.
* sysdeps/unix/sysv/linux/pwritev2.c (pwritev2): Likewise.
* sysdeps/unix/sysv/linux/pwritev64v2.c (pwritev64v2): Likewise.
[1] https://sourceware.org/ml/libc-alpha/2017-06/msg00726.html
__libc_argv[0] points to address on stack and __libc_secure_getenv
accesses environment variables which are on stack. We should avoid
accessing stack when stack is corrupted.
This patch also renames function argument in __fortify_fail_abort
from do_backtrace to need_backtrace to avoid confusion with do_backtrace
from enum __libc_message_action.
[BZ #21752]
* debug/fortify_fail.c (__fortify_fail_abort): Don't pass down
__libc_argv[0] if we aren't doing backtrace. Rename do_backtrace
to need_backtrace.
* sysdeps/posix/libc_fatal.c (__libc_message): Don't call
__libc_secure_getenv if we aren't doing backtrace.
__stack_chk_fail is called on corrupted stack. Stack backtrace is very
unreliable against corrupted stack. __libc_message is changed to accept
enum __libc_message_action and call BEFORE_ABORT only if action includes
do_backtrace. __fortify_fail_abort is added to avoid backtrace from
__stack_chk_fail.
[BZ #12189]
* debug/Makefile (CFLAGS-tst-ssp-1.c): New.
(tests): Add tst-ssp-1 if -fstack-protector works.
* debug/fortify_fail.c: Include <stdbool.h>.
(_fortify_fail_abort): New function.
(__fortify_fail): Call _fortify_fail_abort.
(__fortify_fail_abort): Add a hidden definition.
* debug/stack_chk_fail.c: Include <stdbool.h>.
(__stack_chk_fail): Call __fortify_fail_abort, instead of
__fortify_fail.
* debug/tst-ssp-1.c: New file.
* include/stdio.h (__libc_message_action): New enum.
(__libc_message): Replace int with enum __libc_message_action.
(__fortify_fail_abort): New hidden prototype.
* malloc/malloc.c (malloc_printerr): Update __libc_message calls.
* sysdeps/posix/libc_fatal.c (__libc_message): Replace int
with enum __libc_message_action. Call BEFORE_ABORT only if
action includes do_backtrace.
(__libc_fatal): Update __libc_message call.
This patch fix the return value for error conditions for default
posix_spawn (where the errno is expected). It also avoid clobber
errno on fork call.
Checked on x86_64 (with Linux implementation removed).
[BZ# 21697]
* sysdeps/posix/spawni.c (__spawni_child): Fix return value.
(__spawnix): Do not clober errno.