04bf7d2d8a ("chk: Add and fix hidden builtin definitions for *_chk")
added an #undef for longjmp and siglongjmp to compensate for the
definition in include/setjmp.h, but missed doing so for the powerpc
version too.
Fixes: 04bf7d2d8a ("chk: Add and fix hidden builtin definitions for
*_chk")
Otherwise on gnu-i686 there are unwanted PLT entries in libc.so when
fortification is enabled.
Tested for i686-gnu, x86_64-gnu, i686-linux-gnu and x86_64-linux-gnu
Posix says that d_name is of unspecified size, and sizeof(d_name)
should not be used. It is indeed only 1-byte long in bits/dirent.h. We
can instead explictly provide the actual allocated size to
__strcpy_chk.
This fixes a hurd/check-installed-headers-c failure with
-std=c89 #define _FORTIFY_SOURCE 1:
In file included from ../hurd/hurd.h:354,
from ../sysdeps/hurd/include/hurd.h:2,
from /tmp/cih_test_9IaUwa.c:10:
/home/bmg/install/compilers/i686-gnu/lib/gcc/i686-glibc-gnu/13.2.1/include/stdarg.h:54:34: error: "__STDC_VERSION__" is not defined, evaluates to 0 [-Werror=undef]
54 | #if !defined(__STRICT_ANSI__) || __STDC_VERSION__ + 0 >= 199900L \
| ^~~~~~~~~~~~~~~~
/home/bmg/install/compilers/i686-gnu/lib/gcc/i686-glibc-gnu/13.2.1/include/stdarg.h:55:8: error: "__cplusplus" is not defined, evaluates to 0 [-Werror=undef]
55 | || __cplusplus + 0 >= 201103L
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Commit 91927b7c76 ("Rewrite iconv option parsing [BZ #19519]") changed the
iconv program to call __gconv_open directly instead of the iconv_open
wrapper, but the former does not set errno. Update the caller to
interpret the return codes like iconv_open does.
The option is not activelly tested and has bitrotten, to fix it
would require a lot of work and multiple fixes. A better option
would to evaluate each option and enable the warning if it makes
sense.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
This patch updates the kernel version in the tests tst-mman-consts.py,
tst-mount-consts.py and tst-pidfd-consts.py to 6.4. (There are no new
constants covered by these tests in 6.4 that need any other header
changes.)
Tested with build-many-glibcs.py.
This patch enables the option to influence hwcaps used by PowerPC.
The environment variable, GLIBC_TUNABLES=glibc.cpu.hwcaps=-xxx,yyy,-zzz....,
can be used to enable CPU/ARCH feature yyy, disable CPU/ARCH feature xxx
and zzz, where the feature name is case-sensitive and has to match the ones
mentioned in the file{sysdeps/powerpc/dl-procinfo.c}.
Note that the hwcap tunables only used in the IFUNC selection.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Avoid potential stack overflow from unbounded alloca. Use the existing
scratch_buffer instead.
Add testcases to exercise the code as suggested by Adhemerval Zanella Netto.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
On GCC before 11, IPA can make the fortified realpath aware that the
buffer size is not large enough (8 bytes instead of PATH_MAX bytes).
Fix this by using a buffer that is large enough.
When building with fortify enabled, GCC 6 issues an warning the fortify
wrapper might overflow the destination buffer. However, GCC does not
provide a specific flag to disable the warning (the failure is tied to
-Werror). So to avoid disable all errors, only enable the check for
GCC 7 or newer.
Checked on i686-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
On __convert_scm_timestamps GCC 6 issues an warning that tvts[0]/tvts[1]
maybe be used uninitialized, however it would be used if type is set to a
value different than 0 (done by either COMPAT_SO_TIMESTAMP_OLD or
COMPAT_SO_TIMESTAMPNS_OLD) which will fallthrough to 'common' label.
It does not show with gcc 7 or more recent versions.
Checked on i686-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Similar to memcpy, mempcpy, and memmove there is no need for an
specific memset_chk-nonshared.S. It can be provided by
memset-ia32.S itself for static library.
Checked on i686-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
The i386 string routines provide multiple internal definitions
for memcpy, memmove, and mempcpy chk routines:
$ objdump -t libc.a | grep __memcpy_chk
00000000 g F .text 0000000e __memcpy_chk
00000000 g F .text 00000013 __memcpy_chk
$ objdump -t libc.a | grep __mempcpy_chk
00000000 g F .text 0000000e __mempcpy_chk
00000000 g F .text 00000013 __mempcpy_chk
$ objdump -t libc.a | grep __memmove_chk
00000000 g F .text 0000000e __memmove_chk
00000000 g F .text 00000013 __memmove_chk
Although is not an issue for normal static builds, with fortify=3
glibc itself might use the fortify chk functions and thus static
build might fail with multiple definitions. For instance:
x86_64-glibc-linux-gnu-gcc -m32 -march=i686 -o [...]math/test-signgam-uchar-static -nostdlib -nostartfiles -static -static-pie [...]
x86_64-glibc-linux-gnu/bin/ld: [...]/libc.a(mempcpy-ia32.o):
in function `__mempcpy_chk': [...]/glibc-git/string/../sysdeps/i386/i686/mempcpy.S:32: multiple definition of `__mempcpy_chk';
[...]/libc.a(mempcpy_chk-nonshared.o):[...]/debug/../sysdeps/i386/mempcpy_chk.S:28: first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [../Rules:298:
There is no need for mem*-nonshared.S, the __mem*_chk routines
are already provided by the assembly routines.
Checked on i686-linux-gnu with gcc 13 built with fortify=1,2,3 and
without fortify.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
With gcc 11.3.1, building with -D_FORTIFY_SOURCE=2 shows:
In function ‘getgroups’,
inlined from ‘do_test’ at test-errno.c:129:12:
../misc/sys/cdefs.h:195:6: error: argument 1 value -1 is negative
[-Werror=stringop-overflow=]
195 | ? __ ## f ## _alias (__VA_ARGS__)
\
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../posix/bits/unistd.h:115:10: note: in expansion of macro
‘__glibc_fortify’
115 | return __glibc_fortify (getgroups, __size, sizeof (__gid_t),
| ^~~~~~~~~~~~~~~
../posix/bits/unistd.h: In function ‘do_test’:
../posix/bits/unistd-decl.h:135:28: note: in a call to function
‘__getgroups_alias’ declared with attribute ‘access (write_only, 2, 1)’
135 | extern int __REDIRECT_NTH (__getgroups_alias, (int __size,
__gid_t __list[]),
| ^~~~~~~~~~~~~~~~~
../misc/sys/cdefs.h:264:6: note: in definition of macro ‘__REDIRECT_NTH’
264 | name proto __asm__ (__ASMNAME (#alias)) __THROW
It builds fine with gcc 12 and gcc 13.
Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
The compiler might not see that internal definition is an alias
due the libc_ifunc macro, which redefines __strchrnul. With
gcc 6 it fails with:
In file included from <command-line>:0:0:
./../include/libc-symbols.h:472:33: error: ‘__EI___strchrnul’ aliased to
undefined symbol ‘__GI___strchrnul’
extern thread __typeof (name) __EI_##name \
^
./../include/libc-symbols.h:468:3: note: in expansion of macro
‘__hidden_ver2’
__hidden_ver2 (, local, internal, name)
^~~~~~~~~~~~~
./../include/libc-symbols.h:476:29: note: in expansion of macro
‘__hidden_ver1’
# define hidden_def(name) __hidden_ver1(__GI_##name, name, name);
^~~~~~~~~~~~~
./../include/libc-symbols.h:557:32: note: in expansion of macro
‘hidden_def’
# define libc_hidden_def(name) hidden_def (name)
^~~~~~~~~~
../sysdeps/powerpc/powerpc64/multiarch/strchrnul.c:38:1: note: in
expansion of macro ‘libc_hidden_def’
libc_hidden_def (__strchrnul)
^~~~~~~~~~~~~~~
Use libc_ifunc_hidden as stpcpy. Checked on powerpc64 with
gcc 6 and gcc 13.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Old GCC might trigger the the comparison will always evaluate as ‘true’
warnig for static build:
set-freeres.c:87:14: error: the comparison will always evaluate as
‘true’ for the address of ‘__libc_getgrgid_freemem_ptr’ will never be
NULL [-Werror=address]
if (&__ptr != NULL) \
So add pragma weak for all affected usages.
Checked on x86_64 and i686 with gcc 6 and 13.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Generated on a Cavium Octeon III 2 board running Linux version 4.19.249
and GCC 13.1.0.
Needed due to commit cf7ffdd8a5 ("added pair of inputs for hypotf in
binary32").
This was added in 233399bce2 just for warn_if_unused
warnings rather than anything substantial.
Now that we have a proper configure argument for F_S (--enable-fortify-source),
just drop this entirely, to avoid conflicting with e.g. detected --enable-fortify-source
finding F_S=3, then nscd's Makefile setting F_S=2, resulting in a build-failure
because of the redefinition.
Signed-off-by: Sam James <sam@gentoo.org>
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
Reviewed-by: Andreas K. Hüttel <dilfridge@gentoo.org>
Starting with commit 2c6b4b272e
"nptl: Unconditionally use a 32-byte rseq area", the testcase
misc/tst-rseq-disable is UNSUPPORTED as RSEQ_SIG is not defined.
The mentioned commit removes inclusion of sys/rseq.h in nptl/descr.h.
Thus just include sys/rseq.h in the tst-rseq-disable.c as also done
in tst-rseq.c and tst-rseq-nptl.c.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
If fortify is enabled, the truncated output warning is issued by
the wrapper itself:
In function ‘strncpy’,
inlined from ‘test_strncpy’ at tester.c:505:10:
../string/bits/string_fortified.h:95:10: error: ‘__builtin_strncpy’
destination unchanged after copying no bytes from a string of length 3
[-Werror=stringop-truncation]
95 | return __builtin___strncpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
96 | __glibc_objsize (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../include/bits/string_fortified.h:1,
from ../string/string.h:548,
from ../include/string.h:60,
from tester.c:33,
from inl-tester.c:6:
In function ‘strncpy’,
inlined from ‘test_strncpy’ at tester.c:505:10:
Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
If fortify is enabled, the truncated output warning is issued by
the wrapper itself:
bug-strncat1.c: In function ‘main’:
bug-strncat1.c:14:3: error: ‘__builtin___strncat_chk’ output truncated
copying 1 byte from a string of length 2 [-Werror=stringop-truncation]
14 | strncat (d, "\5\6", 1);
| ^
Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
The errno variable is potentially clobbered by the preceding
send call. It is not related to the to-be-cached information.
The parallel code in hstcache.c and servicescache.c already uses
errval.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Leads to build failures (preprocessor redefinitions), and there is not
enough time to address this properly. Deferred until after 2.38 release.
This reverts commit 59dc07637f.
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
Generated on a VisionFive 2 board running Linux version 6.4.2 and
GCC 13.1.0.
Needed due to commit cf7ffdd8a5 ("added pair of inputs for hypotf in
binary32").
Add new definitions for the MIPS target, specifically: relocation
types, machine flags, section type names, and object attribute tags
and values. On MIPS64, up to three relocations may be specified
within r_info, by the r_type, r_type2, and r_type3 fields, so add new
macros to get the respective reloc types for MIPS64.
If the kernel headers provide a larger struct rseq, we used that
size as the argument to the rseq system call. As a result,
rseq registration would fail on older kernels which only accept
size 32.
On GNU/Hurd, O_RDWR actually is O_WRONLY|O_RDONLY, so checking through
bitness really is wrong. O_ACCMODE is there for this.
Fixes: 5324d25842 ("fileops: Don't process ,ccs= as individual mode flags (BZ#18906)")
