In _FORTIFY_SOURCE=3, the size expression may be non-constant,
resulting in branches in the inline functions remaining intact and
causing a tiny overhead. Clang (and in future, gcc) make sure that
the -1 case is always safe, i.e. any comparison of the generated
expression with (size_t)-1 is always false so that bit is taken care
of. The rest is avoidable since we want the _chk variant whenever we
have a size expression and it's not -1.
Rework the conditionals in a uniform way to clearly indicate two
conditions at compile time:
- Either the size is unknown (-1) or we know at compile time that the
operation length is less than the object size. We can call the
original function in this case. It could be that either the length,
object size or both are non-constant, but the compiler, through
range analysis, is able to fold the *comparison* to a constant.
- The size and length are known and the compiler can see at compile
time that operation length > object size. This is valid grounds for
a warning at compile time, followed by emitting the _chk variant.
For everything else, emit the _chk variant.
This simplifies most of the fortified function implementations and at
the same time, ensures that only one call from _chk or the regular
function is emitted.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
AF_NETLINK support is not quite optional on modern Linux systems
anymore, so it is likely that the first attempt will always succeed.
Consequently, there is no need to cache the result. Keep AF_UNIX
and the Internet address families as a fallback, for the rare case
that AF_NETLINK is missing. The other address families previously
probed are totally obsolete be now, so remove them.
Use this simplified version as the generic implementation, disabling
Netlink support as needed.
A new build flag, _TIME_BITS, enables the usage of the newer 64-bit
time symbols for legacy ABI (where 32-bit time_t is default). The 64
bit time support is only enabled if LFS (_FILE_OFFSET_BITS=64) is
also used.
Different than LFS support, the y2038 symbols are added only for the
required ABIs (armhf, csky, hppa, i386, m68k, microblaze, mips32,
mips64-n32, nios2, powerpc32, sparc32, s390-32, and sh). The ABIs with
64-bit time support are unchanged, both for symbol and types
redirection.
On Linux the full 64-bit time support requires a minimum of kernel
version v5.1. Otherwise, the 32-bit fallbacks are used and might
results in error with overflow return code (EOVERFLOW).
The i686-gnu does not yet support 64-bit time.
This patch exports following rediretions to support 64-bit time:
* libc:
adjtime
adjtimex
clock_adjtime
clock_getres
clock_gettime
clock_nanosleep
clock_settime
cnd_timedwait
ctime
ctime_r
difftime
fstat
fstatat
futimens
futimes
futimesat
getitimer
getrusage
gettimeofday
gmtime
gmtime_r
localtime
localtime_r
lstat_time
lutimes
mktime
msgctl
mtx_timedlock
nanosleep
nanosleep
ntp_gettime
ntp_gettimex
ppoll
pselec
pselect
pthread_clockjoin_np
pthread_cond_clockwait
pthread_cond_timedwait
pthread_mutex_clocklock
pthread_mutex_timedlock
pthread_rwlock_clockrdlock
pthread_rwlock_clockwrlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_timedjoin_np
recvmmsg
sched_rr_get_interval
select
sem_clockwait
semctl
semtimedop
sem_timedwait
setitimer
settimeofday
shmctl
sigtimedwait
stat
thrd_sleep
time
timegm
timerfd_gettime
timerfd_settime
timespec_get
utime
utimensat
utimes
utimes
wait3
wait4
* librt:
aio_suspend
mq_timedreceive
mq_timedsend
timer_gettime
timer_settime
* libanl:
gai_suspend
Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
The c59f716993 (accept) and 3ddf9bc185 (connect) added on io/Makefile
instead of socket/Makefile.
Checked on arm-linux-gnueabihf (where without the flags both the
tst-cancelx4 and tst-cancelx5 fails).
The libc version is identical and built with same flags. Both aarch64
and nios2 also requires to export __send and tt was done previously with
the HAVE_INTERNAL_SEND_SYMBOL (which forced the symbol creation).
All __send callers are internal to libc and the original issue that
required the symbol export was due a missing libc_hidden_def. So
a compat symbol is added for __send and the libc_hidden_def is
defined regardless.
Checked on x86_64-linux-gnu and i686-linux-gnu.
I used these shell commands:
../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")
and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
The types affected are __sig_atomic_t, sig_atomic_t, __sigset_t,
sigset_t, sigval_t, sigevent_t, and siginfo_t. __sig_atomic_t is a
scalar, so it's now directly available from bits/types.h. The others
get bits/types/ headers.
Side effects include: There have been small changes to which
non-signal headers expose which subset of the signal-related types.
A couple of architectures' nested siginfo_t fields had to be renamed
to prevent undesired macro expansion. Internal code that wants to
manipulate signal masks must now include <sigsetops.h> (which is not
installed) and should be aware that __sigaddset, __sigandset,
__sigdelset, __sigemptyset, and __sigorset no longer return a value
(unlike the public API). Relatedly, the public signal.h no longer
declares any of those functions. The obsolete sigmask() macro no
longer has a system-specific definition -- in the cases where it
matters, it didn't work anyway.
New Linux architectures should create bits/siginfo-arch.h and/or
bits/siginfo-consts-arch.h to customize their siginfo_t, rather than
duplicating everything in bits/siginfo.h (which no longer exists).
Add new __SI_* macros if necessary. Ports to other operating systems
are strongly encouraged to generalize this scheme further.
* bits/sigevent-consts.h
* bits/siginfo-consts.h
* bits/types/__sigset_t.h
* bits/types/sigevent_t.h
* bits/types/siginfo_t.h
* sysdeps/unix/sysv/linux/bits/sigevent-consts.h
* sysdeps/unix/sysv/linux/bits/siginfo-consts.h
* sysdeps/unix/sysv/linux/bits/types/__sigset_t.h
* sysdeps/unix/sysv/linux/bits/types/sigevent_t.h
* sysdeps/unix/sysv/linux/bits/types/siginfo_t.h:
New system-dependent bits headers.
* sysdeps/unix/sysv/linux/bits/siginfo-arch.h
* sysdeps/unix/sysv/linux/bits/siginfo-consts-arch.h
* sysdeps/unix/sysv/linux/ia64/bits/siginfo-arch.h
* sysdeps/unix/sysv/linux/ia64/bits/siginfo-consts-arch.h
* sysdeps/unix/sysv/linux/mips/bits/siginfo-arch.h
* sysdeps/unix/sysv/linux/sparc/bits/siginfo-arch.h
* sysdeps/unix/sysv/linux/tile/bits/siginfo-arch.h
* sysdeps/unix/sysv/linux/tile/bits/siginfo-consts-arch.h
* sysdeps/unix/sysv/linux/x86/bits/siginfo-arch.h:
New Linux-only system-dependent bits headers.
* signal/bits/types/sig_atomic_t.h
* signal/bits/types/sigset_t.h
* signal/bits/types/sigval_t.h:
New non-system-dependent bits headers.
* sysdeps/generic/sigsetops.h
* sysdeps/unix/sysv/linux/sigsetops.h:
New internal headers.
* include/bits/types/sig_atomic_t.h
* include/bits/types/sigset_t.h
* include/bits/types/sigval_t.h:
New wrappers.
* signal/sigsetops.h
* bits/siginfo.h
* bits/sigset.h
* sysdeps/unix/sysv/linux/bits/siginfo.h
* sysdeps/unix/sysv/linux/bits/sigset.h
* sysdeps/unix/sysv/linux/ia64/bits/siginfo.h
* sysdeps/unix/sysv/linux/mips/bits/siginfo.h
* sysdeps/unix/sysv/linux/s390/bits/siginfo.h
* sysdeps/unix/sysv/linux/sparc/bits/siginfo.h
* sysdeps/unix/sysv/linux/tile/bits/siginfo.h
* sysdeps/unix/sysv/linux/x86/bits/siginfo.h:
Deleted.
* signal/Makefile, sysdeps/unix/sysv/linux/Makefile:
Update lists of installed headers.
* posix/bits/types.h: Define __sig_atomic_t here.
* signal/signal.h: Use the new bits headers; no need to handle
__need_sig_atomic_t nor __need_sigset_t. Don't use __sigmask
to define sigmask.
* include/signal.h: No need to handle __need_sig_atomic_t
nor __need_sigset_t. Don't define __sigemptyset.
* io/sys/poll.h, setjmp/setjmp.h
* sysdeps/arm/sys/ucontext.h, sysdeps/generic/sys/ucontext.h
* sysdeps/i386/sys/ucontext.h, sysdeps/m68k/sys/ucontext.h
* sysdeps/mach/hurd/i386/bits/sigcontext.h
* sysdeps/mips/sys/ucontext.h, sysdeps/powerpc/novmxsetjmp.h
* sysdeps/pthread/bits/sigthread.h
* sysdeps/unix/sysv/linux/hppa/sys/ucontext.h
* sysdeps/unix/sysv/linux/m68k/sys/ucontext.h
* sysdeps/unix/sysv/linux/mips/sys/ucontext.h
* sysdeps/unix/sysv/linux/nios2/sys/ucontext.h
* sysdeps/unix/sysv/linux/powerpc/sys/ucontext.h
* sysdeps/unix/sysv/linux/s390/sys/ucontext.h
* sysdeps/unix/sysv/linux/sh/sys/ucontext.h
* sysdeps/unix/sysv/linux/sparc/sys/ucontext.h
* sysdeps/unix/sysv/linux/tile/sys/ucontext.h
* sysdeps/unix/sysv/linux/x86/sys/ucontext.h:
Use bits/types/__sigset_t.h.
* misc/sys/select.h, posix/spawn.h
* sysdeps/unix/sysv/linux/powerpc/sys/ucontext.h
* sysdeps/unix/sysv/linux/sys/epoll.h
* sysdeps/unix/sysv/linux/sys/signalfd.h:
Use bits/types/sigset_t.h.
* resolv/netdb.h, rt/mqueue.h: Use bits/types/sigevent_t.h.
* rt/aio.h: Use bits/types/sigevent_t.h and bits/sigevent-consts.h.
* socket/sys/socket.h: Don't include bits/sigset.h.
* login/utmp_file.c, shadow/lckpwdf.c, signal/sigandset.c
* signal/sigisempty.c, stdlib/abort.c, sysdeps/posix/profil.c
* sysdeps/posix/sigignore.c, sysdeps/posix/sigintr.c
* sysdeps/posix/signal.c, sysdeps/posix/sigset.c
* sysdeps/posix/sprofil.c, sysdeps/posix/sysv_signal.c
* sysdeps/unix/sysv/linux/nptl-signals.h:
Include sigsetops.h.
* signal/sigaddset.c, signal/sigandset.c, signal/sigdelset.c
* signal/sigorset.c, stdlib/abort.c, sysdeps/posix/sigignore.c
* sysdeps/posix/signal.c, sysdeps/posix/sigset.c:
__sigaddset, __sigandset, __sigdelset, __sigemptyset, __sigorset
now return no value.
* signal/sigaddset.c, signal/sigdelset.c, signal/sigismem.c
Include <errno.h>, <signal.h>, and <sigsetops.h> instead of
"sigsetops.h".
* signal/sigsetops.c: Explicitly define __sigismember,
__sigaddset, and __sigdelset as compatibility symbols.
* signal/Versions: Correct commentary on __sigpause,
__sigaddset, __sigdelset, __sigismember.
* inet/rcmd.c: Include sigsetops.h. Convert old code using
__sigblock/__sigsetmask to use __sigprocmask and friends.
sys/socket.h includes sys/uio.h to get the definition of the iovec
structure.
POSIX allows sys/socket.h to make all sys/uio.h symbols visible.
However, all of sys/uio.h is XSI-shaded, so for non-XSI POSIX this
results in conformtest failures (for sys/socket.h and other headers
that include it):
Namespace violation: "UIO_MAXIOV"
Namespace violation: "readv"
Namespace violation: "writev"
Now, there is some ambiguity in POSIX about what namespace
reservations apply in this case - see
http://austingroupbugs.net/view.php?id=1127 - but glibc convention
would still avoid declaring readv and writev, for example, for feature
test macros that don't include them (if only headers from the relevant
standard are included), even if such declarations are permitted, so
there is a bug here according to glibc conventions.
This patch moves the struct iovec definition to a new
bits/types/struct_iovec.h header and includes that from sys/socket.h
instead of including the whole of sys/uio.h. This fixes the namespace
issue; however, three files in glibc that were relying on the implicit
inclusion needed to be updated to include sys/uio.h explicitly. So
there is a question of whether sys/socket.h should continue to include
sys/uio.h under some conditions, such as __USE_XOPEN or __USE_MISC or
__USE_XOPEN || __USE_MISC, for greater compatibility with code that
(wrongly) expects this optional inclusion to be present there. (I
think the three affected files in glibc should still have explicit
sys/uio.h inclusions added in any case, however.)
Tested for x86_64.
[BZ #21426]
* misc/bits/types/struct_iovec.h: New file.
* misc/Makefile (headers): Add bits/types/struct_iovec.h.
* include/bits/types/struct_iovec.h: New file.
* bits/uio.h (struct iovec): Replace by inclusion of
<bits/types/struct_iovec.h>.
* sysdeps/unix/sysv/linux/bits/uio.h (struct iovec): Likewise.
* socket/sys/socket.h: Include <bits/types/struct_iovec.h> instead
of <sys/uio.h>.
* nptl/tst-cancel4.c: Include <sys/uio.h>
* posix/test-errno.c: Likewise.
* support/resolv_test.c: Likewise.
* conform/Makefile (test-xfail-POSIX2008/arpa/inet.h/conform):
Remove.
(test-xfail-POSIX2008/netdb.h/conform): Likewise.
(test-xfail-POSIX2008/netinet/in.h/conform): Likewise.
(test-xfail-POSIX2008/sys/socket.h/conform): Likewise.
Simplify the Linux accept4 implementation based on the assumption
that it is available in some way. __ASSUME_ACCEPT4_SOCKETCALL was
previously unused, so remove it.
For ia64, the accept4 system call (and socket call) were backported
in kernel version 3.2.18. Reflect this in the installation
instructions.
Several network-related structures are defined conditionally under
__USE_MISC, but unconditionally used by other headers. The path of
least resistance is usually to condition the uses on __USE_MISC as
well.
* sysdeps/mach/hurd/net/if_ppp.h
* sysdeps/unix/sysv/linux/net/if_ppp.h:
Only define struct ifpppstatsreq and struct ifpppcstatsreq
if __USE_MISC is defined, to ensure struct ifreq is declared.
* inet/netinet/ether.h: Condition all function prototypes
on __USE_MISC, to ensure struct ether_addr is declared.
sys/socket.h defines struct osockaddr only under __USE_MISC, whereas
protocols/talkd.h requires it unconditionally. Here it doesn't make
sense to condition the entire body of protocols/talkd.h on __USE_MISC.
Rather than complicate sys/socket.h with a __need macro or duplicate
the definition, I am introducing a new concept: tiny headers named
bits/types/TYPE.h that define TYPE and nothing else. This can, I hope,
ultimately replace *all* the __need macros. The guard macro for such
headers will be __TYPE_defined, just in case application or third-party
library code is looking at them.
* socket/bits/types/struct_osockaddr.h: New header.
* include/bits/types/struct_osockaddr.h: New wrapper.
* socket/Makefile: Install the new header.
* socket/sys/socket.h, inet/protocols/talkd.h:
Refer to bits/types/struct_osockaddr.h for the definition of
struct osockaddr.
mq_notify (in the 1996 edition of POSIX) brings in references to recv
and socket (not in POSIX until the 2001 edition). This patch fixes
this by using __recv and __socket, exporting them from libc at version
GLIBC_PRIVATE.
Tested for x86_64 and x86 (testsuite and comparison of installed
stripped shared libraries; PLT / dynamic symbol table changes render
the comparison not particularly useful for libc).
[BZ #18546]
* socket/recv.c (__recv): Use libc_hidden_def.
* socket/socket.c (__socket): Likewise.
* sysdeps/mach/hurd/recv.c (__recv): Likewise.
* sysdeps/mach/hurd/socket.c (__socket): Likewise.
* sysdeps/unix/sysv/linux/generic/recv.c (__recv): Likewise.
* sysdeps/unix/sysv/linux/recv.c (__recv): Use libc_hidden_weak.
* sysdeps/unix/sysv/linux/socket.c (__socket): Use
libc_hidden_def.
* sysdeps/unix/sysv/linux/x86_64/recv.c (__recv): Use
libc_hidden_weak.
* include/sys/socket.h (__socket): Do not use attribute_hidden.
Use libc_hidden_proto.
(__recv): Likewise.
* socket/Versions (libc): Export __recv and __socket at version
GLIBC_PRIVATE.
* sysdeps/unix/sysv/linux/mq_notify.c (helper_thread): Call __recv
instead of recv.
(init_mq_netlink): Call __socket instead of socket.
* conform/Makefile (test-xfail-POSIX/mqueue.h/linknamespace):
Remove variable.
In <https://sourceware.org/ml/libc-alpha/2014-01/msg00196.html> I
noted it was necessary to add includes of Makeconfig early in various
subdirectory makefiles for the tests-special variable settings added
by that patch to be conditional on configuration information. No-one
commented on the general question there of whether Makeconfig should
always be included immediately after the definition of subdir.
This patch implements that early inclusion of Makeconfig in each
directory (which is a lot easier than consistent placement of includes
of Rules). Includes are added if needed, or moved up if already
present. Subdirectory "all:" targets are removed, since Makeconfig
provides one.
There is potential for further cleanups I haven't done. Rules and
Makerules have code such as
ifneq "$(findstring env,$(origin headers))" ""
headers :=
endif
to override to empty any value of various variables that came from the
environment. I think there is a case for Makeconfig setting all the
subdirectory variables (other than subdir) to empty to ensure no
outside value is going to take effect if a subdirectory fails to
define a variable. (A list of such variables, possibly out of date
and incomplete, is in manual/maint.texi.) Rules and Makerules would
give errors if Makeconfig hadn't already been included, instead of
including it themselves. The special code to override values coming
from the environment would then be obsolete and could be removed.
Tested x86_64, including that installed binaries are identical before
and after the patch.
* argp/Makefile: Include Makeconfig immediately after defining
subdir.
* assert/Makefile: Likewise.
* benchtests/Makefile: Likewise.
* catgets/Makefile: Likewise.
* conform/Makefile: Likewise.
* crypt/Makefile: Likewise.
* csu/Makefile: Likewise.
(all): Remove target.
* ctype/Makefile: Include Makeconfig immediately after defining
subdir.
* debug/Makefile: Likewise.
* dirent/Makefile: Likewise.
* dlfcn/Makefile: Likewise.
* gmon/Makefile: Likewise.
* gnulib/Makefile: Likewise.
* grp/Makefile: Likewise.
* gshadow/Makefile: Likewise.
* hesiod/Makefile: Likewise.
* hurd/Makefile: Likewise.
(all): Remove target.
* iconvdata/Makefile: Include Makeconfig immediately after
defining subdir.
* inet/Makefile: Likewise.
* intl/Makefile: Likewise.
* io/Makefile: Likewise.
* libio/Makefile: Likewise.
(all): Remove target.
* locale/Makefile: Include Makeconfig immediately after defining
subdir.
* login/Makefile: Likewise.
* mach/Makefile: Likewise.
(all): Remove target.
* malloc/Makefile: Include Makeconfig immediately after defining
subdir.
(all): Remove target.
* manual/Makefile: Include Makeconfig immediately after defining
subdir.
* math/Makefile: Likewise.
* misc/Makefile: Likewise.
* nis/Makefile: Likewise.
* nss/Makefile: Likewise.
* po/Makefile: Likewise.
(all): Remove target.
* posix/Makefile: Include Makeconfig immediately after defining
subdir.
* pwd/Makefile: Likewise.
* resolv/Makefile: Likewise.
* resource/Makefile: Likewise.
* rt/Makefile: Likewise.
* setjmp/Makefile: Likewise.
* shadow/Makefile: Likewise.
* signal/Makefile: Likewise.
* socket/Makefile: Likewise.
* soft-fp/Makefile: Likewise.
* stdio-common/Makefile: Likewise.
* stdlib/Makefile: Likewise.
* streams/Makefile: Likewise.
* string/Makefile: Likewise.
* sunrpc/Makefile: Likewise.
(all): Remove target.
* sysvipc/Makefile: Include Makeconfig immediately after defining
subdir.
* termios/Makefile: Likewise.
* time/Makefile: Likewise.
* timezone/Makefile: Likewise.
(all): Remove target.
* wcsmbs/Makefile: Include Makeconfig immediately after defining
subdir.
* wctype/Makefile: Likewise.
libidn/ChangeLog:
* Makefile: Include Makeconfig immediately after defining subdir.
localedata/ChangeLog:
* Makefile: Include Makeconfig immediately after defining subdir.
(all): Remove target.
nptl/ChangeLog:
* Makefile: Include Makeconfig immediately after defining subdir.
nptl_db/ChangeLog:
* Makefile: Include Makeconfig immediately after defining subdir.
We can't assume sock_cloexec and pipe2 are bound together as the former
defines are found in glibc only while the latter are a combo of kernel
headers and glibc. So if we do a runtime detection of SOCK_CLOEXEC, but
pipe2() is a stub inside of glibc, we hit a problem. For example:
main()
{
getgrnam("portage");
if (!popen("ls", "r"))
perror("popen()");
}
getgrnam() will detect that the kernel supports SOCK_CLOEXEC and then set
both __have_sock_cloexec and __have_pipe2 to true. But if glibc was built
against older kernel headers where __NR_pipe2 does not exist, glibc will
have a ENOSYS stub for it. So popen() will always fail as glibc assumes
pipe2() works.
While this isn't too much of an issue for some arches as they added the
functionality to the kernel at the same time, not all arches are that
lucky.
Since the code already has dedicated names for each feature, delete the
defines wiring these three features together and make each one a proper
dedicated knob.
We've been carrying this in Gentoo since glibc-2.9.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>