Commit Graph

36700 Commits

Author SHA1 Message Date
Szabolcs Nagy
47618209d0 Use hidden visibility for early static PIE code
Extern symbol access in position independent code usually involves GOT
indirection which needs RELATIVE reloc in a static linked PIE. (On
some targets this is avoided e.g. because the linker can relax a GOT
access to a pc-relative access, but this is not generally true.) Code
that runs before static PIE self relocation must avoid relying on
dynamic relocations which can be ensured by using hidden visibility.
However we cannot just make all symbols hidden:

On i386, all calls to IFUNC functions must go through PLT and calls to
hidden functions CANNOT go through PLT in PIE since EBX used in PIE PLT
may not be set up for local calls to hidden IFUNC functions.

This patch aims to make symbol references hidden in code that is used
before and by _dl_relocate_static_pie when building a static PIE libc.
Note: for an object that is used in the startup code, its references
and definition may not have consistent visibility: it is only forced
hidden in the startup code.

This is needed for fixing bug 27072.

Co-authored-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-21 15:55:01 +00:00
Szabolcs Nagy
04af1eb313 csu: Avoid weak ref for __ehdr_start in static PIE
All linkers support __ehdr_start that support static PIE linking,
so there is no need to check for its presence via a weak reference.

This avoids a RELATIVE relocation in static PIE startup code on some
targets.

With non-PIE static linking the weak ref check is kept in case the
linker does not support __ehdr_start.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-21 15:54:55 +00:00
Szabolcs Nagy
374cef32ac configure: Check for static PIE support
Add SUPPORT_STATIC_PIE that targets can define if they support
static PIE. This requires PI_STATIC_AND_HIDDEN support and various
linker features as described in

  commit 9d7a3741c9
  Add --enable-static-pie configure option to build static PIE [BZ #19574]

Currently defined on x86_64, i386 and aarch64 where static PIE is
known to work.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-21 15:54:50 +00:00
Szabolcs Nagy
bfe04789a8 elf: Avoid RELATIVE relocs in __tunables_init
With static pie linking pointers in the tunables list need
RELATIVE relocs since the absolute address is not known at link
time. We want to avoid relocations so the static pie self
relocation can be done after tunables are initialized.

This is a simple fix that embeds the tunable strings into the
tunable list instead of using pointers.  It is possible to have
a more compact representation of tunables with some additional
complexity in the generator and tunable parser logic.  Such
optimization will be useful if the list of tunables grows.

There is still an issue that tunables_strdup allocates and the
failure handling code path is sufficiently complex that it can
easily have RELATIVE relocations.  It is possible to avoid the
early allocation and only change environment variables in a
setuid exe after relocations are processed.  But that is a
bigger change and early failure is fatal anyway so it is not
as critical to fix right away. This is bug 27181.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-21 14:05:15 +00:00
Szabolcs Nagy
058308066c elf: Make the tunable struct definition internal only
The representation of the tunables including type information and
the tunable list structure are only used in the implementation not
in the tunables api that is exposed to usage within glibc.

This patch moves the representation related definitions into the
existing dl-tunable-types.h and uses that only for implementation.

The tunable callback and related types are moved to dl-tunables.h
because they are part of the tunables api.

This reduces the details exposed in the tunables api so the internals
are easier to change.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-21 14:05:15 +00:00
H.J. Lu
ff6d62e9ed <sys/platform/x86.h>: Remove the C preprocessor magic
In <sys/platform/x86.h>, define CPU features as enum instead of using
the C preprocessor magic to make it easier to wrap this functionality
in other languages.  Move the C preprocessor magic to internal header
for better GCC codegen when more than one features are checked in a
single expression as in x86-64 dl-hwcaps-subdirs.c.

1. Rename COMMON_CPUID_INDEX_XXX to CPUID_INDEX_XXX.
2. Move CPUID_INDEX_MAX to sysdeps/x86/include/cpu-features.h.
3. Remove struct cpu_features and __x86_get_cpu_features from
<sys/platform/x86.h>.
4. Add __x86_get_cpuid_feature_leaf to <sys/platform/x86.h> and put it
in libc.
5. Make __get_cpu_features() private to glibc.
6. Replace __x86_get_cpu_features(N) with __get_cpu_features().
7. Add _dl_x86_get_cpu_features to GLIBC_PRIVATE.
8. Use a single enum index for each CPU feature detection.
9. Pass the CPUID feature leaf to __x86_get_cpuid_feature_leaf.
10. Return zero struct cpuid_feature for the older glibc binary with a
smaller CPUID_INDEX_MAX [BZ #27104].
11. Inside glibc, use the C preprocessor magic so that cpu_features data
can be loaded just once leading to more compact code for glibc.

256 bits are used for each CPUID leaf.  Some leaves only contain a few
features.  We can add exceptions to such leaves.  But it will increase
code sizes and it is harder to provide backward/forward compatibilities
when new features are added to such leaves in the future.

When new leaves are added, _rtld_global_ro offsets will change which
leads to race condition during in-place updates. We may avoid in-place
updates by

1. Rename the old glibc.
2. Install the new glibc.
3. Remove the old glibc.

NB: A function, __x86_get_cpuid_feature_leaf , is used to avoid the copy
relocation issue with IFUNC resolver as shown in IFUNC resolver tests.
2021-01-21 05:58:17 -08:00
Adhemerval Zanella
d7ee6bd8c2 posix: Fix fnmatch.c on bootstrap
Only define FALLTHROUGH for _LIBC and do not check __clang_major__
value.

It partially syncs with gnulib 5c52f00c69f39fe.

Checked with build-many-glibcs.py for aarch64-linux-gnu.
2021-01-20 13:23:33 -03:00
Adhemerval Zanella
961d7cff51 stdlib: Add testcase for BZ #26241
Old implementation of realpath allocates a PATH_MAX using alloca for
each symlink in the path, leading to MAXSYMLINKS times PATH_MAX
maximum stack usage.

The test create a symlink with __eloop_threshold() loops and creates
a thread with minimum stack size (obtained through
support_small_stack_thread_attribute).  The thread issues a stack
allocations that fill the thread allocated stack minus some slack
plus and the realpath usage (which assumes a bounded stack usage).
If realpath uses more than about 2 * PATH_MAX plus some slack it
triggers a stackoverflow.

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: DJ Delorie <dj@redhat.com>
2021-01-20 11:13:53 -03:00
Adhemerval Zanella
1006250ea2 posix: Fix regex_internal.h on bootstrap
Only define FALLTHROUGH for _LIBC and do not check __clang_major__
value.

It partially syncs with gnulib 5c52f00c69f39fe.

Checked with build-many-glibcs.py for aarch64-linux-gnu,
x86_64-linux-gnu, and s390x-linux-gnu.
2021-01-20 09:59:34 -03:00
H.J. Lu
22b79ed7f4 Use <startup.h> in __libc_init_secure
Since __libc_init_secure is called before ARCH_SETUP_TLS, it must use
"int $0x80" for system calls in i386 static PIE.  Add startup_getuid,
startup_geteuid, startup_getgid and startup_getegid to <startup.h>.
Update __libc_init_secure to use them.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-19 09:55:47 -08:00
H.J. Lu
cabc8a2916 elf: Avoid RELATIVE relocation for _dl_sysinfo
Set the default _dl_sysinfo in _dl_aux_init to avoid RELATIVE relocation
in static PIE.

This is needed for fixing bug 27072 on x86.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-19 06:38:28 -08:00
H.J. Lu
0ec583d926 libmvec: Add extra-test-objs to test-extras
Add extra-test-objs to test-extras so that they are compiled with
-DMODULE_NAME=testsuite instead of -DMODULE_NAME=libc.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-19 06:20:46 -08:00
H.J. Lu
0887fff0b0 Hurd: Add rtld-strncpy-c.c
All IFUNC functions which are used in ld.so must have a rtld version if
the IFUNC version isn't safe to use in ld.so.
2021-01-19 04:32:44 -08:00
Joseph Myers
202586f73e Update MIPS libm-test-ulps. 2021-01-18 21:36:00 +00:00
Joseph Myers
07169fcac7 Update arm libm-test-ulps. 2021-01-18 20:22:51 +00:00
Joseph Myers
a031b3abad Update powerpc-nofpu libm-test-ulps. 2021-01-18 20:21:07 +00:00
John David Anglin
f678099de9 Update hppa libm-test-ulps 2021-01-18 14:23:10 +00:00
Vineet Gupta
96f17e6e63 ARC: nofpu: Regenerate ulps 2021-01-17 16:39:45 -08:00
H.J. Lu
86f65dffc2 ld.so: Add --list-tunables to print tunable values
Pass --list-tunables to ld.so to print tunables with min and max values.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-15 05:59:10 -08:00
Stafford Horne
cc528f9a7e math/test-tgmath2: Fix fabs failure when no long double
I have been testing with GCC trunk and GLIBC master while working on the
OpenRISC port.  This test has been failing with fabs not being called,
This is caused as my architecture is configure with no long double
meaning the two calls are the same:

  TEST (fabs (Vdouble1), double, fabs);
  TEST (fabs (Vldouble1), ldouble, fabs);

Instead of the tgmath calls resolving to fabs and fabsl both calls are
fabs.  Next, do to compiler optimiations the second call is eliminated.
Fix this by invoking the failing TEST with Vldouble2.

Note, I also updated the FAIL message to more clearly show where the
failure happened, so I see:

  FAIL: math/test-tgmath2
  original exit status 1
  wrong function called, fabs (ldouble) failure on line 174

Cc: Joseph Myers <joseph@codesourcery.com>
2021-01-15 11:24:04 +09:00
H.J. Lu
2d651eb926 x86: Move x86 processor cache info to cpu_features
1. Move x86 processor cache info to _dl_x86_cpu_features in ld.so.
2. Update tunable bounds with TUNABLE_SET_WITH_BOUNDS.
3. Move x86 cache info initialization to dl-cacheinfo.h and initialize
x86 cache info in init_cpu_features ().
4. Put x86 cache info for libc in cacheinfo.h, which is included in
libc-start.c in libc.a and is included in cacheinfo.c in libc.so.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-14 11:38:45 -08:00
Adhemerval Zanella
d18f59bf92 Fix x86 build with --enable-tunable=no
Checked on x86_64-linux-gnu.
2021-01-14 16:04:05 -03:00
H.J. Lu
7137d682eb ifuncmain6pie: Remove the circular IFUNC dependency [BZ #20019]
On x86, ifuncmain6pie failed with:

[hjl@gnu-cfl-2 build-i686-linux]$ ./elf/ifuncmain6pie --direct
./elf/ifuncmain6pie: IFUNC symbol 'foo' referenced in '/export/build/gnu/tools-build/glibc-32bit/build-i686-linux/elf/ifuncmod6.so' is defined in the executable and creates an unsatisfiable circular dependency.
[hjl@gnu-cfl-2 build-i686-linux]$ readelf -rW elf/ifuncmod6.so | grep foo
00003ff4  00000706 R_386_GLOB_DAT         0000400c   foo_ptr
00003ff8  00000406 R_386_GLOB_DAT         00000000   foo
0000400c  00000401 R_386_32               00000000   foo
[hjl@gnu-cfl-2 build-i686-linux]$

Remove non-JUMP_SLOT relocations against foo in ifuncmod6.so, which
trigger the circular IFUNC dependency, and build ifuncmain6pie with
-Wl,-z,lazy.
2021-01-13 11:50:08 -08:00
Siddhesh Poyarekar
cf12900645 Use the right argument code in unnormal tests
Use the right argument code (j) in the unnormal tests and cast inputs
from the ieee_long_double_shape_type struct to Float64x to properly
test it.
2021-01-13 23:14:49 +05:30
H.J. Lu
efbbd9c33a ldconfig/x86: Store ISA level in cache and aux cache
Store ISA level in the portion of the unused upper 32 bits of the hwcaps
field in cache and the unused pad field in aux cache.  ISA level is stored
and checked only for shared objects in glibc-hwcaps subdirectories.  The
shared objects in the default directories aren't checked since there are
no fallbacks for these shared objects.

Tested on x86-64-v2, x86-64-v3 and x86-64-v4 machines with
--disable-hardcoded-path-in-tests and --enable-hardcoded-path-in-tests.
2021-01-13 05:51:17 -08:00
Szabolcs Nagy
86a4d3fa7d elf: work around a gcc bug in elf_get_dynamic_info
Since commit 2f056e8a5d
"aarch64: define PI_STATIC_AND_HIDDEN",
building glibc with gcc-8 on aarch64 fails with

/BLD/elf/librtld.os: in function `elf_get_dynamic_info':
/SRC/elf/get-dynamic-info.h:70:(.text+0xad8): relocation truncated to
 fit: R_AARCH64_ADR_PREL_PG_HI21 against symbol `_rtld_local' defined
 in .data section in /BLD/elf/librtld.os

This is a gcc bug:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98618
The bug is fixed on gcc-10 and not yet backported. gcc-9 is affected,
but the issue happens to not trigger in glibc, gcc-8 and older seems
to miscompile rtld.os.

Rewriting the affected code in elf_get_dynamic_info seems to make the
issue go away on <= gcc-9.

The change makes the logic a bit clearer too (by separating the index
computation and array update) and drops an older gcc workaround (since
gcc 4.6 is no longer supported).

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-13 13:35:00 +00:00
H.J. Lu
2ef23b5205 x86: Set header.feature_1 in TCB for always-on CET [BZ #27177]
Update dl_cet_check() to set header.feature_1 in TCB when both IBT and
SHSTK are always on.
2021-01-13 05:03:34 -08:00
Adhemerval Zanella
f430293d84 posix: consume less entropy on tempname
The first getrandom is used only for __GT_NOCREATE, which is inherently
insecure and can use the entropy as a small improvement.  On the
second and later attempts it might help against DoS attacks.

It sync with gnulib commit 854fbb81d91f7a0f2b463e7ace2499dee2f380f2.

Checked on x86_64-linux-gnu.
2021-01-12 09:50:54 -03:00
Florian Weimer
0400f92833 Makerules: Do not require startup files for format.lds probe object
During statically linked bootstrap, the compiler does not have
the required startup files, so do a smaller dummy link to obtain
the output format information.

Fixes commit 87d583c6e8 ("install:
Replace scripts/output-format.sed with objdump -f [BZ #26559]").
2021-01-12 12:22:47 +01:00
Fangrui Song
87d583c6e8 install: Replace scripts/output-format.sed with objdump -f [BZ #26559]
GNU ld and gold have supported --print-output-format since 2011. glibc
requires binutils>=2.25 (2015), so if LD is GNU ld or gold, we can
assume the option is supported.

lld is by default a cross linker supporting multiple targets. It auto
detects the file format and does not need OUTPUT_FORMAT. It does not
support --print-output-format.

By parsing objdump -f, we can support all the three linkers.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-11 12:03:36 -08:00
Adhemerval Zanella
bf7db6d369 math: Add BZ#18980 fix back on dbl-64 cosh
It is regression from 9e97f239ea (Remove dbl-64/wordsize-64
(part 2)) where is missed to add the BZ#18980 fix (9e97f239ea).

Checked on i686-linux-gnu.
2021-01-11 16:56:33 -03:00
Adhemerval Zanella
4dddd7e9cb posix: Sync tempname with gnulib [BZ #26648]
It syncs with gnulib commit b1268f22f443e8e4b9e.  The try_tempname_len
now uses getrandom on each iteration to get entropy and only uses the
clock plus ASLR as source of entropy if getrandom fails.

Checked on x86_64-linux-gnu and i686-linux-gnu.
2021-01-11 16:29:05 -03:00
Adhemerval Zanella
42dda89dcb posix: Fix return value of system if shell can not be executed [BZ #27053]
POSIX states that system returned code for failure to execute the shell
shall be as if the shell had terminated using _exit(127).  This
behaviour was removed with 5fb7fc9635.

Checked on x86_64-linux-gnu.
2021-01-11 12:26:58 -03:00
Adhemerval Zanella
7b9c3260bc support: Add xchmod wrapper
Checked on x86_64-linux-gnu.
2021-01-11 12:26:58 -03:00
Joseph Myers
1c426b1d59 Update STATX_ATTR_DAX value from Linux 5.10.
This patch updates the value of STATX_ATTR_DAX in bits/statx-generic.h
for a change made in Linux 5.10.  (As with previous such changes, this
only does anything if glibc is being used with old kernel headers.)

Tested for x86_64.
2021-01-11 14:57:08 +00:00
Vincent Chen
313bfd505e riscv: Initialize $gp before resolving the IRELATIVE relocation
The $gp register may be used to access the global variable in
the PDE program, so the $gp register should be initialized before
executing the IFUNC resolver of PDE program to avoid unexpected
error occurs.
2021-01-10 21:25:16 -05:00
Vincent Chen
c31b1f5231 riscv: support GNU indirect function
Enable riscv glibc to support GNU indirect function
2021-01-10 21:25:13 -05:00
Martin Sebor
2cd361b511 posix: Correct attribute access mode on readlinkat [BZ #27024]. 2021-01-10 13:45:39 -07:00
Alexandra Hájková
7a72265436 Add xfchmod to libsupport 2021-01-10 18:55:47 +01:00
Alexandra Hájková
a7e9dbb774 Add xchdir to libsupport. 2021-01-09 17:47:50 +01:00
Marc Aurèle La France
c6e2ca2c3f POSIX locale: Fix typo in comment 2021-01-09 12:14:44 +01:00
Vineet Gupta
1b5c9dfeb2 ARC: Regenerate ulps
Reinstate pass for

FAIL: math/test-double-cosh
FAIL: math/test-double-sinh
FAIL: math/test-float32x-cosh
FAIL: math/test-float32x-sinh
FAIL: math/test-float64-cosh
FAIL: math/test-float64-sinh
FAIL: math/test-ldouble-cosh
FAIL: math/test-ldouble-sinh
2021-01-08 09:48:24 -08:00
Siddhesh Poyarekar
eeaa19f75e mntent: Use __putc_unlocked instead of fputc_unlocked
__putc_unlocked is guaranteed to be inlined all the time as opposed to
fputc_unlocked, which does not get inlined when glibc is built with
-Os.

Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2021-01-08 21:02:12 +05:30
Szabolcs Nagy
2f056e8a5d aarch64: define PI_STATIC_AND_HIDDEN
AArch64 always uses pc relative access to static and hidden object
symbols, but the config setting was previously missing.

This affects ld.so start up code.
2021-01-08 11:14:02 +00:00
Siddhesh Poyarekar
18b640c570 Update NEWS for CVE-2019-25013. 2021-01-08 09:20:29 +05:30
H.J. Lu
ecce11aa07 x86: Support GNU_PROPERTY_X86_ISA_1_V[234] marker [BZ #26717]
GCC 11 supports -march=x86-64-v[234] to enable x86 micro-architecture ISA
levels:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97250

and -mneeded to emit GNU_PROPERTY_X86_ISA_1_NEEDED property with
GNU_PROPERTY_X86_ISA_1_V[234] marker:

https://gitlab.com/x86-psABIs/x86-64-ABI/-/merge_requests/13

Binutils support for GNU_PROPERTY_X86_ISA_1_V[234] marker were added by

commit b0ab06937385e0ae25cebf1991787d64f439bf12
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Fri Oct 30 06:49:57 2020 -0700

    x86: Support GNU_PROPERTY_X86_ISA_1_BASELINE marker

and

commit 32930e4edbc06bc6f10c435dbcc63131715df678
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Fri Oct 9 05:05:57 2020 -0700

    x86: Support GNU_PROPERTY_X86_ISA_1_V[234] marker

GNU_PROPERTY_X86_ISA_1_NEEDED property in x86 ELF binaries indicate the
micro-architecture ISA level required to execute the binary.  The marker
must be added by programmers explicitly in one of 3 ways:

1. Pass -mneeded to GCC.
2. Add the marker in the linker inputs as this patch does.
3. Pass -z x86-64-v[234] to the linker.

Add GNU_PROPERTY_X86_ISA_1_BASELINE and GNU_PROPERTY_X86_ISA_1_V[234]
marker support to ld.so if binutils 2.32 or newer is used to build glibc:

1. Add GNU_PROPERTY_X86_ISA_1_BASELINE and GNU_PROPERTY_X86_ISA_1_V[234]
markers to elf.h.
2. Add GNU_PROPERTY_X86_ISA_1_BASELINE and GNU_PROPERTY_X86_ISA_1_V[234]
marker to abi-note.o based on the ISA level used to compile abi-note.o,
assuming that the same ISA level is used to compile the whole glibc.
3. Add isa_1 to cpu_features to record the supported x86 ISA level.
4. Rename _dl_process_cet_property_note to _dl_process_property_note and
add GNU_PROPERTY_X86_ISA_1_V[234] marker detection.
5. Update _rtld_main_check and _dl_open_check to check loaded objects
with the incompatible ISA level.
6. Add a testcase to verify that dlopen an x86-64-v4 shared object fails
on lesser platforms.
7. Use <get-isa-level.h> in dl-hwcaps-subdirs.c and tst-glibc-hwcaps.c.

Tested under i686, x32 and x86-64 modes on x86-64-v2, x86-64-v3 and
x86-64-v4 machines.

Marked elf/tst-isa-level-1 with x86-64-v4, ran it on x86-64-v3 machine
and got:

[hjl@gnu-cfl-2 build-x86_64-linux]$ ./elf/tst-isa-level-1
./elf/tst-isa-level-1: CPU ISA level is lower than required
[hjl@gnu-cfl-2 build-x86_64-linux]$
2021-01-07 13:10:13 -08:00
Wilco Dijkstra
9e97f239ea Remove dbl-64/wordsize-64 (part 2)
Remove the wordsize-64 implementations by merging them into the main dbl-64
directory.  The second patch just moves all wordsize-64 files and removes a
few wordsize-64 uses in comments and Implies files.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-07 15:26:26 +00:00
Wilco Dijkstra
caa884dda7 Remove dbl-64/wordsize-64
Remove the wordsize-64 implementations by merging them into the main dbl-64
directory.  The first patch adds special cases needed for 32-bit targets
(FIX_INT_FP_CONVERT_ZERO and FIX_DBL_LONG_CONVERT_OVERFLOW) to the
wordsize-64 versions.  This has no effect on 64-bit targets since they don't
define these macros.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-07 15:02:51 +00:00
Joseph Myers
3016596a81 Add SEGV_MTEAERR and SEGV_MTESERR from Linux 5.10.
Linux 5.10 adds constants SEGV_MTEAERR and SEGV_MTESERR to
asm-generic/siginfo.h.  Add these to glibc's bits/siginfo-consts.h.

Tested for x86_64.
2021-01-06 18:23:00 +00:00
Adhemerval Zanella
ecdb06cdf2 support: Add support_small_thread_stack_size
It returns the minimum stack size large enough to cover most internal
glibc stack usage.
2021-01-05 11:33:16 -03:00