This initalization should only happen once for the main thread's TCB.
At present, auditors can achieve this by not linking against
libpthread. If libpthread becomes part of libc, doing this
initialization in libc would happen for every audit namespace,
or too late (if it happens from the main libc only). That's why
moving this code into ld.so seems the right thing to do, right after
the TCB initialization.
For !__ASSUME_SET_ROBUST_LIST ports, this also moves the symbol
__set_robust_list_avail into ld.so, as __nptl_set_robust_list_avail.
It also turned into a proper boolean flag.
Inline the __pthread_initialize_pids function because it seems no
longer useful as a separate function.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
No new symbol version is required because there was a forwarder.
The symbol has been moved using scripts/move-symbol-to-libc.py.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
No new symbol version is required because there was a forwarder.
The symbol has been moved using scripts/move-symbol-to-libc.py.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
The pthread_exit symbol was moved using
scripts/move-symbol-to-libc.py. No new symbol version is needed
because there was a forwarder.
The new tests nptl/tst-pthread_exit-nothreads and
nptl/tst-pthread_exit-nothreads-static exercise the scenario
that pthread_exit is called without libpthread having been linked in.
This is not possible for the generic code, so these tests do not
live in sysdeps/pthread for now.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
It's necessary to stub out __libc_disable_asynccancel and
__libc_enable_asynccancel via rtld-stubbed-symbols because the new
direct references to the unwinder result in symbol conflicts when the
rtld exception handling from libc is linked in during the construction
of librtld.map.
unwind-forcedunwind.c is merged into unwind-resume.c. libc now needs
the functions that were previously only used in libpthread.
The GLIBC_PRIVATE exports of __libc_longjmp and __libc_siglongjmp are
no longer needed, so switch them to hidden symbols.
The symbol __pthread_unwind_next has been moved using
scripts/move-symbol-to-libc.py.
Reviewed-by: Adhemerva Zanella <adhemerval.zanella@linaro.org>
And also the fork generation counter, __fork_generation. This
eliminates the need for __fork_generation_pointer.
call_once remains in libpthread and calls the exported __pthread_once
symbol.
pthread_once and __pthread_once have been moved using
scripts/move-symbol-to-libc.py.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This internal symbol is used as part of the longjmp implementation.
Rename the file from nptl/pt-cleanup.c to nptl/pthread_cleanup_upto.c
so that the pt-* files remain restricted to libpthread.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
The definitions in libc are sufficient, the forwarders are no longer
needed.
The symbols have been moved using scripts/move-symbol-to-libc.py.
s390-linux-gnu and s390x-linux-gnu need a new version placeholder
to keep the GLIBC_2.19 symbol version in libpthread.
Tested on i386-linux-gnu, powerpc64le-linux-gnu, s390x-linux-gnu,
x86_64-linux-gnu. Built with build-many-glibcs.py.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This affects _pthread_cleanup_pop, _pthread_cleanup_pop_restore,
_pthread_cleanup_push, _pthread_cleanup_push_defer. The symbols
have been moved using scripts/move-symbol-to-libc.py.
No new symbol versions are added because the symbols are turned into
compatibility symbols at the same time.
__pthread_cleanup_pop and __pthread_cleanup_push are added as
GLIBC_PRIVATE symbols because they are also used internally, for
glibc's own cancellation handling.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Some registers that can be clobbered by the kernel during a syscall are not
listed on the clobbers list in sysdeps/unix/sysv/linux/powerpc/sysdep.h.
For syscalls using sc:
- XER is zeroed by the kernel on exit
For syscalls using scv:
- XER is zeroed by the kernel on exit
- Different from the sc case, most CR fields can be clobbered (according to
the ELF ABI and the Linux kernel's syscall ABI for powerpc
(linux/Documentation/powerpc/syscall64-abi.rst)
The same should apply to vsyscalls, which effectively execute a function call
but are not currently adding these registers as clobbers either.
These are likely not causing issues today, but they should be added to the
clobbers list just in case things change on the kernel side in the future.
Reported-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: Raphael M Zinsly <rzinsly@linux.ibm.com>
MSG_NOSIGNAL was added on POSIX 2008 and Hurd seems to support it.
The SIGPIPE handling also makes the implementation not thread-safe
(due the sigaction usage).
Checked on x86_64-linux-gnu.
Now that libsupport abstract Linux possible missing support (either
due FS limitation that can't handle 64 bit timestamp or architectures
that do not handle values larger than unsigned 32 bit values) the
tests can be turned generic.
Checked on x86_64-linux-gnu and i686-linux-gnu. I also built the
tests for i686-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
The value of PR_TAGGED_ADDR_ENABLE was incorrect in the installed
headers and the prctl command macros were missing that are needed
for it to be useful (PR_SET_TAGGED_ADDR_CTRL). Linux headers have
the definitions since 5.4 so it's widely available, we don't need
to repeat these definitions. The remaining definitions are from
Linux 5.10.
To build glibc with --enable-memory-tagging, Linux 5.4 headers and
binutils 2.33.1 or newer is needed.
Reviewed-by: DJ Delorie <dj@redhat.com>
Since Linux 4.13, kernel limits the maximum command line arguments
length to 6 MiB [1]. Normally the limit is still quarter of the maximum
stack size but if that limit exceeds 6 MiB it's clamped down.
glibc's __sysconf implementation for Linux platform is not aware of
this limitation and for stack sizes of over 24 MiB it returns higher
ARG_MAX than Linux will actually accept. This can be verified by
executing the following application on Linux 4.13 or newer:
#include <stdio.h>
#include <string.h>
#include <sys/resource.h>
#include <sys/time.h>
#include <unistd.h>
int main(void) {
const struct rlimit rlim = { 40 * 1024 * 1024,
40 * 1024 * 1024 };
if (setrlimit(RLIMIT_STACK, &rlim) < 0) {
perror("setrlimit: RLIMIT_STACK");
return 1;
}
printf("ARG_MAX : %8ld\n", sysconf(_SC_ARG_MAX));
printf("63 * 100 KiB: %8ld\n", 63L * 100 * 1024);
printf("6 MiB : %8ld\n", 6L * 1024 * 1024);
char str[100 * 1024], *argv[64], *envp[1];
memset(&str, 'A', sizeof str);
str[sizeof str - 1] = '\0';
for (size_t i = 0; i < sizeof argv / sizeof *argv - 1; ++i) {
argv[i] = str;
}
argv[sizeof argv / sizeof *argv - 1] = envp[0] = 0;
execve("/bin/true", argv, envp);
perror("execve");
return 1;
}
On affected systems the program will report ARG_MAX as 10 MiB but
despite that executing /bin/true with a bit over 6 MiB of command line
arguments will fail with E2BIG error. Expected result is that ARG_MAX
is reported as 6 MiB.
Update the __sysconf function to clamp ARG_MAX value to 6 MiB if it
would otherwise exceed it. This resolves bug #25305 which was market
WONTFIX as suggested solution was to cap ARG_MAX at 128 KiB.
As an aside and point of comparison, bionic (a libc implementation for
Android systems) decided to resolve this issue by always returning 128
KiB ignoring any potential xargs regressions [2].
On older kernels this results in returning overly conservative value
but that's a safer option than being aggressive and returning invalid
value on recent systems. It's also worth noting that at this point
all supported Linux releases have the 6 MiB barrier so only someone
running an unsupported kernel version would get incorrectly truncated
result.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
[1] See https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=da029c11e6b12f321f36dac8771e833b65cec962
[2] See baed51ee3a
The commit 2433d39b69, which added time64 support to select, changed
the function to use __NR_pselect6 (or __NR_pelect6_time64) on all
architectures. However, on architectures where the symbol was
implemented with __NR_select the kernel normalizes the passed timeout
instead of return EINVAL. For instance, the input timeval
{ 0, 5000000 } is interpreted as { 5, 0 }.
And as indicated by BZ #27651, this semantic seems to be expected
and changing it results in some performance issues (most likely
the program does not check the return code and keeps issuing
select with unormalized tv_usec argument).
To avoid a different semantic depending whether which syscall the
architecture used to issue, select now always normalize the timeout
input. This is a slight change for some ABIs (for instance aarch64).
Checked on x86_64-linux-gnu and i686-linux-gnu.
An incorrect check in __longjmp_chk could fail on valid code causing
FAIL: debug/tst-longjmp_chk2
The original check was
altstack_sp + altstack_size - setjmp_sp > altstack_size
i.e. sp at setjmp was outside of the altstack range. Here we know that
longjmp is called from a signal handler on the altstack (SS_ONSTACK),
and that it jumps in the wrong direction (sp decreases), so the check
wants to ensure the jump goes to another stack.
The check is wrong when altstack_sp == setjmp_sp which can happen
when the altstack is a local buffer in the function that calls setjmp,
so the patch allows == too. This fixes bug 27709.
Note that the generic __longjmp_chk check seems to be different.
(it checks if longjmp was on the altstack but does not check setjmp,
so it would not catch incorrect longjmp use within the signal handler).
If building on s390 / i686 with -Os, various conformance
tests are failing with e.g.
conform/ISO/assert.h/linknamespace.out:
[initial] __assert_fail -> [libc.a(assert.o)] __dcgettext -> [libc.a(dcgettext.o)] __dcigettext -> [libc.a(dcigettext.o)] __getcwd -> [libc.a(getcwd.o)] __fstatat64 -> [libc.a(fstatat64.o)] gnu_dev_makedev
The usage of gnu_dev_makedev was recently introduced by
usage of the makedev makro in commit:
5b980d4809
linux: Use statx for MIPSn64
This patch is now linking against __gnu_dev_makedev as
also done in commit:
8b4a118222
Fix -Os gnu_dev_* linknamespace, localplt issues (bug 15105, bug 19463).
All of the isnan functions are in libc.so due to printf_fp, so move
__isnanf128 there too for consistency.
Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@ascii.art.br>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
The tests are refactored to use a common skeleton that handles whether
the underlying filesystem supports 64 bit time, skips 64 bit time
tests when the TU only supports 32 bit, and also skip 64 bit time
tests larger than 32 unsigned int (y2106) if the system does not
support it (MIPSn64 on kernels without statx support).
Checked on x86_64-linux-gnu and i686-linux-gnu. I also checked
on a mips64el-linux-gnu with 4.1.4 and 5.10.0-4-5kc-malta kernel
to verify if the y2106 are indeed skipped.
MIPSn64 kernel ABI for legacy stat uses unsigned 32 bit for second
timestamp, which limits the maximum value to y2106. This patch
make mips64 use statx as for 32-bit architectures.
Thie __cp_stat64_t64_statx is open coded, its usage is solely on
fstatat64 and it avoid the need to redefine the name for mips64
(which will call __cp_stat64_statx since its does not use
__stat64_t64 internally).
If the minimum kernel supports statx there is no need to call the
fallback stat legacy syscalls.
The statx is also called on compat xstat syscall, but different
than the fstatat it calls no fallback and it is assumed to be
always present.
Checked on powerpc-linux-gnu (with and without --enable-kernel=4.11)
and on powerpc64-linux-gnu.
It makes fstatat use __NR_statx, which fix the s390 issue with
missing nanoxsecond support on compat stat syscalls (at least
on recent kernels) and limits the statx call to only one function
(which simplifies the __ASSUME_STATX support).
Checked on i686-linux-gnu and on powerpc-linux-gnu.
The Linux version already target the current thread by using tgkill
along with getpid and gettid.
For arm, libpthread does not do a intra PLT since it will call the
raise from libc.
Checked on x86_64-linux-gnu.
The libc version is identical and built with same flags. The libc
version is set as the default version.
The libpthread compat symbol requires to mask it when building the
loader object otherwise ld might complain about a missing
versioned symbol (as for alpha).
Checked on x86_64-linux-gnu.
The libc version is identical and built with same flags. Both aarch64
and nios2 also requires to export __send and tt was done previously with
the HAVE_INTERNAL_SEND_SYMBOL (which forced the symbol creation).
All __send callers are internal to libc and the original issue that
required the symbol export was due a missing libc_hidden_def. So
a compat symbol is added for __send and the libc_hidden_def is
defined regardless.
Checked on x86_64-linux-gnu and i686-linux-gnu.
This change adds new test to assess sigtimedwait's timeout related
functionality - the sigset_t is configured for SIGUSR1, which will
not be triggered, so sigtimedwait just waits for timeout.
To be more specific - two use cases are checked:
- if sigtimedwait times out immediately when passed struct timespec has
zero values of tv_nsec and tv_sec.
- if sigtimedwait times out after timeout specified in passed argument
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This code provides test to check if time on target machine is properly
read via ntp_gettime syscall.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
After this patch applied the ntp_gettimex function is always declared
in the sys/timex.h header. Currently it is not when __REDIRECT_NTH is
defined (i.e. in ARM 32 bit port).
The generic implementation basically handle the system agnostic logic
(filtering out the invalid signals) while the __libc_sigaction is
the function with implements the system and architecture bits.
Checked on x86_64-linux-gnu and i686-linux-gnu.