Commit Graph

37099 Commits

Author SHA1 Message Date
Noah Goldstein
4ba6558684 x86: Optimize strlen-evex.S
No bug. This commit optimizes strlen-evex.S. The
optimizations are mostly small things but they add up to roughly
10-30% performance improvement for strlen. The results for strnlen are
bit more ambiguous. test-strlen, test-strnlen, test-wcslen, and
test-wcsnlen are all passing.

Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
2021-04-19 18:03:49 -07:00
H.J. Lu
b1e5572837 Reindent string/test-memmove.c 2021-04-19 17:46:05 -07:00
Noah Goldstein
81f6dd2135 x86: Expand test-memset.c and bench-memset.c
No bug. This commit adds tests cases and benchmarks for page cross and
for memset to the end of the page without crossing. As well in
test-memset.c this commit adds sentinel on start/end of tstbuf to test
for overwrites

Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
2021-04-19 15:08:04 -07:00
Noah Goldstein
f53790272c x86: Optimize less_vec evex and avx512 memset-vec-unaligned-erms.S
No bug. This commit adds optimized cased for less_vec memset case that
uses the avx512vl/avx512bw mask store avoiding the excessive
branches. test-memset and test-wmemset are passing.

Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
2021-04-19 15:08:04 -07:00
H.J. Lu
83c5b36822 x86-64: Require BMI2 for strchr-avx2.S
Since strchr-avx2.S updated by

commit 1f745ecc21
Author: noah <goldstein.w.n@gmail.com>
Date:   Wed Feb 3 00:38:59 2021 -0500

    x86-64: Refactor and improve performance of strchr-avx2.S

uses sarx:

c4 e2 72 f7 c0       	sarx   %ecx,%eax,%eax

for strchr-avx2 family functions, require BMI2 in ifunc-impl-list.c and
ifunc-avx2.h.
2021-04-19 11:01:45 -07:00
H.J. Lu
55bf411b45 x86-64: Require BMI2 for __strlen_evex and __strnlen_evex
Since __strlen_evex and __strnlen_evex added by

commit 1fd8c163a8
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Fri Mar 5 06:24:52 2021 -0800

    x86-64: Add ifunc-avx2.h functions with 256-bit EVEX

use sarx:

c4 e2 6a f7 c0       	sarx   %edx,%eax,%eax

require BMI2 for __strlen_evex and __strnlen_evex in ifunc-impl-list.c.
ifunc-avx2.h already requires BMI2 for EVEX implementation.
2021-04-19 07:51:33 -07:00
Siddhesh Poyarekar
5660ab19f4 benchtests: Fix name of exp10f benchmark variant
Variant names don't accept brackets.
2021-04-18 12:56:33 +05:30
Siddhesh Poyarekar
a373aa25c7 benchtests: Fix pthread-locks test to produce valid json
The benchtests json allows {function {variant}} categorization of
results whereas the pthread-locks tests had {function {variant
{subvariant}}}, which broke validation.  Fix that by serializing the
subvariants as variant-subvariant.  Also update the schema to
recognize the new benchmark attributes after fixing the naming
conventions.
2021-04-18 12:56:29 +05:30
noah
81cbc3bcae x86: Expanding test-memmove.c, test-memcpy.c, bench-memcpy-large.c
No Bug. This commit expanding the range of tests / benchmarks for
memmove and memcpy. The test expansion is mostly in the vein of
increasing the maximum size, increasing the number of unique
alignments tested, and testing both source < destination and vice
versa. The benchmark expansaion is just to increase the number of
unique alignments. test-memcpy, test-memccpy, test-mempcpy,
test-memmove, and tst-memmove-overflow all pass.

Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
2021-04-16 12:09:56 -07:00
Fangrui Song
cd6ae7ea54 Set the retain attribute on _elf_set_element if CC supports [BZ #27492]
So that text_set_element/data_set_element/bss_set_element defined
variables will be retained by the linker.

Note: 'used' and 'retain' are orthogonal: 'used' makes sure the variable
will not be optimized out; 'retain' prevents section garbage collection
if the linker support SHF_GNU_RETAIN.

GNU ld 2.37 and LLD 13 will support -z start-stop-gc which allow C
identifier name sections to be GCed even if there are live
__start_/__stop_ references.

Without the change, there are some static linking problems, e.g.
_IO_cleanup (libio/genops.c) may be discarded by ld --gc-sections, so
stdout is not flushed on exit.

Note: GCC may warning 'retain' attribute ignored while __has_attribute(retain)
is 1 (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99587).

Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2021-04-16 11:26:39 -07:00
noah
1a8605b6cd x86: Update large memcpy case in memmove-vec-unaligned-erms.S
No Bug. This commit updates the large memcpy case (no overlap). The
update is to perform memcpy on either 2 or 4 contiguous pages at
once. This 1) helps to alleviate the affects of false memory aliasing
when destination and source have a close 4k alignment and 2) In most
cases and for most DRAM units is a modestly more efficient access
pattern. These changes are a clear performance improvement for
VEC_SIZE =16/32, though more ambiguous for VEC_SIZE=64. test-memcpy,
test-memccpy, test-mempcpy, test-memmove, and tst-memmove-overflow all
pass.

Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
2021-04-16 10:06:56 -07:00
Matheus Castanho
5d61fc2021 powerpc: Add missing registers to clobbers list for syscalls [BZ #27623]
Some registers that can be clobbered by the kernel during a syscall are not
listed on the clobbers list in sysdeps/unix/sysv/linux/powerpc/sysdep.h.

For syscalls using sc:
    - XER is zeroed by the kernel on exit

For syscalls using scv:
    - XER is zeroed by the kernel on exit
    - Different from the sc case, most CR fields can be clobbered (according to
      the ELF ABI and the Linux kernel's syscall ABI for powerpc
      (linux/Documentation/powerpc/syscall64-abi.rst)

The same should apply to vsyscalls, which effectively execute a function call
but are not currently adding these registers as clobbers either.

These are likely not causing issues today, but they should be added to the
clobbers list just in case things change on the kernel side in the future.

Reported-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: Raphael M Zinsly <rzinsly@linux.ibm.com>
2021-04-16 08:40:37 -03:00
Adhemerval Zanella
5ad1a81c8e misc: syslog: Use static const for AF_UNIX address
Checked on x86_64-linux-gnu.
2021-04-15 11:32:40 -03:00
Adhemerval Zanella
7f3ab33f20 misc: syslog: Use CLOC_EXEC with _PATH_CONSOLE (BZ #17145)
The syslog open the '/dev/console' for LOG_CONS without O_CLOEXEC,
which might leak in multithread programs that call fork.

Checked on x86_64-linux-gnu.
2021-04-15 11:32:40 -03:00
Adhemerval Zanella
ded3cef361 misc: syslog: Assume MSG_NOSIGNAL support (BZ #17144)
MSG_NOSIGNAL was added on POSIX 2008 and Hurd seems to support it.
The SIGPIPE handling also makes the implementation not thread-safe
(due the sigaction usage).

Checked on x86_64-linux-gnu.
2021-04-15 11:32:40 -03:00
Adhemerval Zanella
7cb10381a4 misc: syslog: Use bool for connected
Checked on x86_64-linux-gnu.
2021-04-15 11:32:40 -03:00
Adhemerval Zanella
48ec055ddc posix: Add wait3 tests
The tst-wait4 is moved to common file and used for wait3
tests.

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 11:32:40 -03:00
Adhemerval Zanella
ef8239f13a time: Add 64 bit tests for getdate / getdate_r
The test is also converted to use libsupport.

Checked on i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 11:32:40 -03:00
Adhemerval Zanella
9f2d9c2bc1 time: Add basic timespec_get tests
Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 11:32:40 -03:00
Adhemerval Zanella
63ceeb856a time: Add timegm/timelocal basic tests
Checked i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 11:32:39 -03:00
Adhemerval Zanella
96f98cefe0 time: Add gmtime/gmtime_r tests
Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 11:32:38 -03:00
Adhemerval Zanella
27561951d6 time: Add getitimer and setitimer basic tests
Checked on i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 11:27:35 -03:00
Adhemerval Zanella
d87214a104 io: Use temporary directory and file for ftwtest-sh
It allows run it in parallel.

Checked on x86_64-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 09:39:53 -03:00
Adhemerval Zanella
ac43e25195 io: Add basic tests for utimensat
Checked on x86_64-linux-gnu and i686-linux-gnu

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 09:39:51 -03:00
Adhemerval Zanella
272e71dc36 linux: Add lutimes test
It uses stat to compare against the values set by lutimes.

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 09:39:49 -03:00
Adhemerval Zanella
cc1b4029fa linux: Add futimes test
It uses stat to compare against the values set by futimes.

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 09:39:46 -03:00
Adhemerval Zanella
243339d055 io: Move file timestamps tests out of Linux
Now that libsupport abstract Linux possible missing support (either
due FS limitation that can't handle 64 bit timestamp or architectures
that do not handle values larger than unsigned 32 bit values) the
tests can be turned generic.

Checked on x86_64-linux-gnu and i686-linux-gnu.  I also built the
tests for i686-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2021-04-15 09:39:43 -03:00
Szabolcs Nagy
52290d8c04 elf: Fix missing include in test case [BZ #27136]
Broken test was introduced in

  commit 8f85075a2e
  elf: Add a DTV setup test [BZ #27136]
2021-04-15 10:17:04 +01:00
Stefan Liebler
07c245a76b s390: Update ulps
Required after 9acda61d94 "Fix the inaccuracy of j0f/j1f/y0f/y1f
[BZ #14469, #14470, #14471, #14472]".
2021-04-15 11:05:43 +02:00
Szabolcs Nagy
a75a02a696 i386: Remove lazy tlsdesc relocation related code
Like in commit e75711ebfa976d5468ec292282566a18b07e4d67 for x86_64,
remove unused lazy tlsdesc relocation processing code:

  _dl_tlsdesc_resolve_abs_plus_addend
  _dl_tlsdesc_resolve_rel
  _dl_tlsdesc_resolve_rela
  _dl_tlsdesc_resolve_hold
2021-04-15 09:47:59 +01:00
Szabolcs Nagy
55c9f32380 x86_64: Remove lazy tlsdesc relocation related code
_dl_tlsdesc_resolve_rela and _dl_tlsdesc_resolve_hold are only used for
lazy tlsdesc relocation processing which is no longer supported.
2021-04-15 09:47:47 +01:00
Szabolcs Nagy
ddcacd91cc i386: Avoid lazy relocation of tlsdesc [BZ #27137]
Lazy tlsdesc relocation is racy because the static tls optimization and
tlsdesc management operations are done without holding the dlopen lock.

This similar to the commit b7cf203b5c
for aarch64, but it fixes a different race: bug 27137.

On i386 the code is a bit more complicated than on x86_64 because both
rel and rela relocs are supported.
2021-04-15 09:47:43 +01:00
Szabolcs Nagy
8f7e09f4db x86_64: Avoid lazy relocation of tlsdesc [BZ #27137]
Lazy tlsdesc relocation is racy because the static tls optimization and
tlsdesc management operations are done without holding the dlopen lock.

This similar to the commit b7cf203b5c
for aarch64, but it fixes a different race: bug 27137.

Another issue is that ld auditing ignores DT_BIND_NOW and thus tries to
relocate tlsdesc lazily, but that does not work in a BIND_NOW module
due to missing DT_TLSDESC_PLT. Unconditionally relocating tlsdesc at
load time fixes this bug 27721 too.
2021-04-15 09:47:37 +01:00
Szabolcs Nagy
c0669ae1a6 elf: Refactor _dl_update_slotinfo to avoid use after free
map is not valid to access here because it can be freed by a concurrent
dlclose: during tls access (via __tls_get_addr) _dl_update_slotinfo is
called without holding dlopen locks. So don't check the modid of map.

The map == 0 and map != 0 code paths can be shared (avoiding the dtv
resize in case of map == 0 is just an optimization: larger dtv than
necessary would be fine too).

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-04-15 09:30:43 +01:00
Szabolcs Nagy
c489c35054 elf: Fix comments and logic in _dl_add_to_slotinfo
Since

  commit a509eb117f
  Avoid late dlopen failure due to scope, TLS slotinfo updates [BZ #25112]

the generation counter update is not needed in the failure path.
That commit ensures allocation in _dl_add_to_slotinfo happens before
the demarcation point in dlopen (it is called twice, first time is for
allocation only where dlopen can still be reverted on failure, then
second time actual dtv updates are done which then cannot fail).

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-04-15 09:30:43 +01:00
Szabolcs Nagy
8f85075a2e elf: Add a DTV setup test [BZ #27136]
The test dlopens a large number of modules with TLS, they are reused
from an existing test.

The test relies on the reuse of slotinfo entries after dlclose, without
bug 27135 fixed this needs a failing dlopen. With a slotinfo list that
has non-monotone increasing generation counters, bug 27136 can trigger.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-04-15 09:30:43 +01:00
Szabolcs Nagy
d2b997c717 elf: Fix a DTV setup issue [BZ #27136]
The max modid is a valid index in the dtv, it should not be skipped.

The bug is observable if the last module has modid == 64 and its
generation is same or less than the max generation of the previous
modules.  Then dtv[0].counter implies dtv[64] is initialized but
it isn't. Fixes bug 27136.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-04-15 09:30:43 +01:00
Vineet Gupta
aecbe50c9d ARC: Update ulps
Needed after 43576de04a

Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2021-04-14 09:24:45 -07:00
Szabolcs Nagy
f4596d9540 Remove PR_TAGGED_ADDR_ENABLE from sys/prctl.h
The value of PR_TAGGED_ADDR_ENABLE was incorrect in the installed
headers and the prctl command macros were missing that are needed
for it to be useful (PR_SET_TAGGED_ADDR_CTRL).  Linux headers have
the definitions since 5.4 so it's widely available, we don't need
to repeat these definitions.  The remaining definitions are from
Linux 5.10.

To build glibc with --enable-memory-tagging, Linux 5.4 headers and
binutils 2.33.1 or newer is needed.

Reviewed-by: DJ Delorie <dj@redhat.com>
2021-04-14 08:45:21 +01:00
Adhemerval Zanella
bdc12a77b7 linux: sysconf: Use a more explicit maximum_ARG_MAX 2021-04-13 17:45:14 -03:00
Michal Nazarewicz
a9880586ee linux: sysconf: limit _SC_MAX_ARG to 6 MiB (BZ #25305)
Since Linux 4.13, kernel limits the maximum command line arguments
length to 6 MiB [1].  Normally the limit is still quarter of the maximum
stack size but if that limit exceeds 6 MiB it's clamped down.

glibc's __sysconf implementation for Linux platform is not aware of
this limitation and for stack sizes of over 24 MiB it returns higher
ARG_MAX than Linux will actually accept.  This can be verified by
executing the following application on Linux 4.13 or newer:

    #include <stdio.h>
    #include <string.h>
    #include <sys/resource.h>
    #include <sys/time.h>
    #include <unistd.h>

    int main(void) {
            const struct rlimit rlim = { 40 * 1024 * 1024,
                                         40 * 1024 * 1024 };
            if (setrlimit(RLIMIT_STACK, &rlim) < 0) {
                    perror("setrlimit: RLIMIT_STACK");
                    return 1;
            }

            printf("ARG_MAX     : %8ld\n", sysconf(_SC_ARG_MAX));
            printf("63 * 100 KiB: %8ld\n", 63L * 100 * 1024);
            printf("6 MiB       : %8ld\n", 6L * 1024 * 1024);

            char str[100 * 1024], *argv[64], *envp[1];
            memset(&str, 'A', sizeof str);
            str[sizeof str - 1] = '\0';
            for (size_t i = 0; i < sizeof argv / sizeof *argv - 1; ++i) {
                    argv[i] = str;
            }
            argv[sizeof argv / sizeof *argv - 1] = envp[0] = 0;

            execve("/bin/true", argv, envp);
            perror("execve");
            return 1;
    }

On affected systems the program will report ARG_MAX as 10 MiB but
despite that executing /bin/true with a bit over 6 MiB of command line
arguments will fail with E2BIG error.  Expected result is that ARG_MAX
is reported as 6 MiB.

Update the __sysconf function to clamp ARG_MAX value to 6 MiB if it
would otherwise exceed it.  This resolves bug #25305 which was market
WONTFIX as suggested solution was to cap ARG_MAX at 128 KiB.

As an aside and point of comparison, bionic (a libc implementation for
Android systems) decided to resolve this issue by always returning 128
KiB ignoring any potential xargs regressions [2].

On older kernels this results in returning overly conservative value
but that's a safer option than being aggressive and returning invalid
value on recent systems.  It's also worth noting that at this point
all supported Linux releases have the 6 MiB barrier so only someone
running an unsupported kernel version would get incorrectly truncated
result.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

[1] See https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=da029c11e6b12f321f36dac8771e833b65cec962
[2] See baed51ee3a
2021-04-13 17:10:02 -03:00
Dan Raymond
f2913118cd misc: syslog: Fix calls to openlog() with LOG_KERN facility (BZ #3604)
POSIX states for syslog [1]:

  "Values of the priority argument are formed by OR'ing together a
  severity-level value and an optional facility value. If no
  facility value is specified, the current default facility value is
  used."

So the patch fixes an existing violation of the openlog interface contract
where it is ignoring the facility argument when the value is zero

It allows the use LOG_KERN by calling openlog prior syslog usage.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

[1] https://pubs.opengroup.org/onlinepubs/9699919799/functions/syslog.html
2021-04-13 16:33:27 -03:00
Adhemerval Zanella
58137d00ba s390: Update ulps
Required after 43576de04a "Improve the accuracy of tgamma
(BZ #26983)"
2021-04-13 16:33:27 -03:00
Adhemerval Zanella
30c2a0e41b i386: Update ulps
Required after 43576de04a "Improve the accuracy of tgamma
(BZ #26983)"
2021-04-13 16:33:27 -03:00
Paul Eggert
bdc674d97b Improve documentation for malloc etc. (BZ#27719)
Cover key corner cases (e.g., whether errno is set) that are well
settled in glibc, fix some examples to avoid integer overflow, and
update some other dated examples (code needed for K&R C, e.g.).
* manual/charset.texi (Non-reentrant String Conversion):
* manual/filesys.texi (Symbolic Links):
* manual/memory.texi (Allocating Cleared Space):
* manual/socket.texi (Host Names):
* manual/string.texi (Concatenating Strings):
* manual/users.texi (Setting Groups):
Use reallocarray instead of realloc, to avoid integer overflow issues.
* manual/filesys.texi (Scanning Directory Content):
* manual/memory.texi (The GNU Allocator, Hooks for Malloc):
* manual/tunables.texi:
Use code font for 'malloc' instead of roman font.
(Symbolic Links): Don't assume readlink return value fits in 'int'.
* manual/memory.texi (Memory Allocation and C, Basic Allocation)
(Malloc Examples, Alloca Example):
* manual/stdio.texi (Formatted Output Functions):
* manual/string.texi (Concatenating Strings, Collation Functions):
Omit pointer casts that are needed only in ancient K&R C.
* manual/memory.texi (Basic Allocation):
Say that malloc sets errno on failure.
Say "convert" rather than "cast", since casts are no longer needed.
* manual/memory.texi (Basic Allocation):
* manual/string.texi (Concatenating Strings):
In examples, use C99 declarations after statements for brevity.
* manual/memory.texi (Malloc Examples): Add portability notes for
malloc (0), errno setting, and PTRDIFF_MAX.
(Changing Block Size): Say that realloc (p, 0) acts like
(p ? (free (p), NULL) : malloc (0)).
Add xreallocarray example, since other examples can use it.
Add portability notes for realloc (0, 0), realloc (p, 0),
PTRDIFF_MAX, and improve notes for reallocating to the same size.
(Allocating Cleared Space): Reword now-confusing discussion
about replacement, and xref "Replacing malloc".
* manual/stdio.texi (Formatted Output Functions):
Don't assume message size fits in 'int'.
* manual/string.texi (Concatenating Strings):
Fix undefined behavior involving arithmetic on a freed pointer.
2021-04-13 12:17:56 -07:00
Adhemerval Zanella
cedbf6d5f3 linux: always update select timeout (BZ #27706)
The timeout should be updated even on failure for time64 support.

Checked on i686-linux-gnu.
2021-04-12 18:38:37 -03:00
Adhemerval Zanella
9d7c5cc38e linux: Normalize and return timeout on select (BZ #27651)
The commit 2433d39b69, which added time64 support to select, changed
the function to use __NR_pselect6 (or __NR_pelect6_time64) on all
architectures.  However, on architectures where the symbol was
implemented with __NR_select the kernel normalizes the passed timeout
instead of return EINVAL.  For instance, the input timeval
{ 0, 5000000 } is interpreted as { 5, 0 }.

And as indicated by BZ #27651, this semantic seems to be expected
and changing it results in some performance issues (most likely
the program does not check the return code and keeps issuing
select with unormalized tv_usec argument).

To avoid a different semantic depending whether which syscall the
architecture used to issue, select now always normalize the timeout
input.  This is a slight change for some ABIs (for instance aarch64).

Checked on x86_64-linux-gnu and i686-linux-gnu.
2021-04-12 18:38:37 -03:00
Adhemerval Zanella
49a40ba18e libsupport: Add support_select_normalizes_timeout
It will be used on a select() test.
2021-04-12 18:38:37 -03:00
Adhemerval Zanella
5628f103f5 libsupport: Add support_select_modifies_timeout
It will be used on a select() test.
2021-04-12 18:38:37 -03:00
Siddhesh Poyarekar
2ed18c5b53 Fix SXID_ERASE behavior in setuid programs (BZ #27471)
When parse_tunables tries to erase a tunable marked as SXID_ERASE for
setuid programs, it ends up setting the envvar string iterator
incorrectly, because of which it may parse the next tunable
incorrectly.  Given that currently the implementation allows malformed
and unrecognized tunables pass through, it may even allow SXID_ERASE
tunables to go through.

This change revamps the SXID_ERASE implementation so that:

- Only valid tunables are written back to the tunestr string, because
  of which children of SXID programs will only inherit a clean list of
  identified tunables that are not SXID_ERASE.

- Unrecognized tunables get scrubbed off from the environment and
  subsequently from the child environment.

- This has the side-effect that a tunable that is not identified by
  the setxid binary, will not be passed on to a non-setxid child even
  if the child could have identified that tunable.  This may break
  applications that expect this behaviour but expecting such tunables
  to cross the SXID boundary is wrong.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-04-12 19:03:19 +05:30