Commit Graph

40845 Commits

Author SHA1 Message Date
Adhemerval Zanella
5e9696b265 string: Improve fortify with clang
It improve fortify checks for strcpy, stpcpy, strncpy, stpncpy, strcat,
strncat, strlcpy, and strlcat.  The runtime and compile checks have
similar coverage as with GCC.

Checked on aarch64, armhf, x86_64, and i686.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2024-02-27 10:52:58 -03:00
Adhemerval Zanella
29951991f5 libio: Improve fortify with clang
It improve fortify checks for sprintf, vsprintf, vsnsprintf, fprintf,
dprintf, asprintf, __asprintf, obstack_printf, gets, fgets,
fgets_unlocked, fread, and fread_unlocked.  The runtime checks have
similar support coverage as with GCC.

For function with variadic argument (sprintf, snprintf, fprintf, printf,
dprintf, asprintf, __asprintf, obstack_printf) the fortify wrapper calls
the va_arg version since clang does not support __va_arg_pack.

Checked on aarch64, armhf, x86_64, and i686.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2024-02-27 10:52:58 -03:00
Adhemerval Zanella
7a7093615c cdefs.h: Add clang fortify directives
For instance, the read wrapper is currently expanded as:

  extern __inline
  __attribute__((__always_inline__))
  __attribute__((__artificial__))
  __attribute__((__warn_unused_result__))
  ssize_t read (int __fd, void *__buf, size_t __nbytes)
  {
     return __glibc_safe_or_unknown_len (__nbytes,
                                         sizeof (char),
                                         __glibc_objsize0 (__buf))
            ? __read_alias (__fd, __buf, __nbytes)
            : __glibc_unsafe_len (__nbytes,
                                  sizeof (char),
                                  __glibc_objsize0 (__buf))
              ? __read_chk_warn (__fd,
                                 __buf,
                                 __nbytes,
                                 __builtin_object_size (__buf, 0))
              : __read_chk (__fd,
                            __buf,
                            __nbytes,
                            __builtin_object_size (__buf, 0));
  }

The wrapper relies on __builtin_object_size call lowers to a constant at
compile-time and many other operations in the wrapper depends on
having a single, known value for parameters.   Because this is
impossible to have for function parameters, the wrapper depends heavily
on inlining to work and While this is an entirely viable approach on
GCC, it is not fully reliable on clang.  This is because by the time llvm
gets to inlining and optimizing, there is a minimal reliable source and
type-level information available (more information on a more deep
explanation on how to fortify wrapper works on clang [1]).

To allow the wrapper to work reliably and with the same functionality as
with GCC, clang requires a different approach:

  * __attribute__((diagnose_if(c, “str”, “warning”))) which is a function
    level attribute; if the compiler can determine that 'c' is true at
    compile-time, it will emit a warning with the text 'str1'.  If it would
    be better to emit an error, the wrapper can use "error" instead of
    "warning".

  * __attribute__((overloadable)) which is also a function-level attribute;
    and it allows C++-style overloading to occur on C functions.

  * __attribute__((pass_object_size(n))) which is a parameter-level
    attribute; and it makes the compiler evaluate
    __builtin_object_size(param, n) at each call site of the function
    that has the parameter, and passes it in as a hidden parameter.

    This attribute has two side-effects that are key to how FORTIFY works:

    1. It can overload solely on pass_object_size (e.g. there are two
       overloads of foo in

         void foo(char * __attribute__((pass_object_size(0))) c);
         void foo(char *);

      (The one with pass_object_size attribute has precende over the
      default one).

    2. A function with at least one pass_object_size parameter can never
       have its address taken (and overload resolution respects this).

Thus the read wrapper can be implemented as follows, without
hindering any fortify coverage compile and runtime:

  extern __inline
  __attribute__((__always_inline__))
  __attribute__((__artificial__))
  __attribute__((__overloadable__))
  __attribute__((__warn_unused_result__))
  ssize_t read (int __fd,
                 void *const __attribute__((pass_object_size (0))) __buf,
                 size_t __nbytes)
     __attribute__((__diagnose_if__ ((((__builtin_object_size (__buf, 0)) != -1ULL
                                        && (__nbytes) > (__builtin_object_size (__buf, 0)) / (1))),
                                     "read called with bigger length than size of the destination buffer",
                                     "warning")))
  {
    return (__builtin_object_size (__buf, 0) == (size_t) -1)
      ? __read_alias (__fd,
                      __buf,
                      __nbytes)
      : __read_chk (__fd,
                    __buf,
                    __nbytes,
                    __builtin_object_size (__buf, 0));
  }

To avoid changing the current semantic for GCC, a set of macros is
defined to enable the clang required attributes, along with some changes
on internal macros to avoid the need to issue the symbol_chk symbols
(which are done through the __diagnose_if__ attribute for clang).
The read wrapper is simplified as:

  __fortify_function __attribute_overloadable__ __wur
  ssize_t read (int __fd,
                __fortify_clang_overload_arg0 (void *, ,__buf),
                size_t __nbytes)
       __fortify_clang_warning_only_if_bos0_lt (__nbytes, __buf,
                                                "read called with bigger length than "
                                                "size of the destination buffer")

  {
    return __glibc_fortify (read, __nbytes, sizeof (char),
                            __glibc_objsize0 (__buf),
                            __fd, __buf, __nbytes);
  }

There is no expected semantic or code change when using GCC.

Also, clang does not support __va_arg_pack, so variadic functions are
expanded to call va_arg implementations.  The error function must not
have bodies (address takes are expanded to nonfortified calls), and
with the __fortify_function compiler might still create a body with the
C++ mangling name (due to the overload attribute).  In this case, the
function is defined with __fortify_function_error_function macro
instead.

[1] https://docs.google.com/document/d/1DFfZDICTbL7RqS74wJVIJ-YnjQOj1SaoqfhbgddFYSM/edit

Checked on aarch64, armhf, x86_64, and i686.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2024-02-27 10:52:57 -03:00
Carlos O'Donell
db50990ddb Update SHARED-FILES and license for Unicode 15.1.0.
In 2018 the license changed to use Unicode-3.0 license.
The Unicode License is a permissive MIT type of license.
Automation is updated to fetch the correct license file to
keep it in sync with the data files.

The new license is OSI approved and has an SPDX identifer:
https://opensource.org/license/unicode-license-v3
https://spdx.org/licenses/Unicode-3.0.html

The FSF and the GNU Project have been contacted to update
the license list for this license:
https://www.gnu.org/licenses/license-list.html
2024-02-27 08:27:14 -05:00
Joe Ramsay
e302e10213 aarch64/fpu: Sync libmvec routines from 2.39 and before with AOR
This includes a fix for big-endian in AdvSIMD log, some cosmetic
changes, and numerous small optimisations mainly around inlining and
using indexed variants of MLA intrinsics.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-26 09:45:50 -03:00
Stefan Liebler
02782fd128 S390: Do not clobber r7 in clone [BZ #31402]
Starting with commit e57d8fc97b
"S390: Always use svc 0"
clone clobbers the call-saved register r7 in error case:
function or stack is NULL.

This patch restores the saved registers also in the error case.
Furthermore the existing test misc/tst-clone is extended to check
all error cases and that clone does not clobber registers in this
error case.
2024-02-26 13:37:46 +01:00
Sunil K Pandey
9f78a7c1d0 x86_64: Exclude SSE, AVX and FMA4 variants in libm multiarch
When glibc is built with ISA level 3 or higher by default, the resulting
glibc binaries won't run on SSE or FMA4 processors.  Exclude SSE, AVX and
FMA4 variants in libm multiarch when ISA level 3 or higher is enabled by
default.

When glibc is built with ISA level 2 enabled by default, only keep SSE4.1
variant.

Fixes BZ 31335.

NB: elf/tst-valgrind-smoke test fails with ISA level 4, because valgrind
doesn't support AVX512 instructions:

https://bugs.kde.org/show_bug.cgi?id=383010

Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-02-25 13:20:51 -08:00
Carlos O'Donell
f31d677fd6 hurd: Reformat Makefile.
Reflow and sort Makefile.

Code generation changes present due to link order changes.

No regressions on x86_64 and i686.

Tested with build-many-glibcs.py for x86_64-gnu.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
5420d211f0 htl/tests: Reformat Makefile.
Reflow and sort Makefile.

No code generation changes in non-test binary artifacts.

No regressions on x86_64 and i686.

Tested with build-many-glibcs.py for x86_64-gnu.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
d19d28853c htl: Reformat Makefile.
Reflow and sort Makefile.

Code generation changes present due to link order changes.

No regressions on x86_64 and i686.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
589c51a5a3 hesiod: Reformat Makefile.
Reflow and sort Makefile.

No code generation changes in non-test binary artifacts.

No regressions on x86_64 and i686.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
5273dd9812 gmon: Reformat Makefile.
Reflow and sort Makefile.

Code generation changes present due to link order changes.

No regressions on x86_64 and i686.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
c432e667fc dlfcn: Reformat Makefile.
Reflow and sort Makefile.

No code generation changes in non-test binary artifacts.

No regressions on x86_64 and i686.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
a4a12af5ab dirent: Reformat Makefile.
Reflow and sort Makefile.

Code generation changes present due to link order changes.

No regressions on x86_64 and i686.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
12956e0a33 ctype: Reformat Makefile.
Reflow and sort Makefile.

Code generation changes present due to link order changes.

No regressions on x86_64 and i686.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
d88fcccb1a csu: Reformat Makefile.
Reflow and sort Makefile.

Code generation changes present due to link order changes.

No regressions on x86_64 and i686.
2024-02-25 13:38:16 -05:00
Carlos O'Donell
06e51f4d6d conform: Reformat Makefile.
Reflow and sort Makefile.

No code changes in generated binary artifacts.

No regressions on x86_64 and i686.
2024-02-25 13:38:16 -05:00
H.J. Lu
c503c2603c Support compiling .S files with additional options
Add $(sysdep-ASFLAGS) $(ASFLAGS-$(<F)) $(ASFLAGS-$(@F)) to compile.S and
COMPILE.S to support compiling .S files with additional options.
2024-02-25 09:22:40 -08:00
H.J. Lu
dfb05f8e70 x86-64: Save APX registers in ld.so trampoline
Add APX registers to STATE_SAVE_MASK so that APX registers are saved in
ld.so trampoline.  This fixes BZ #31371.

Also update STATE_SAVE_OFFSET and STATE_SAVE_MASK for i386 which will
be used by i386 _dl_tlsdesc_dynamic.
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
2024-02-25 09:22:15 -08:00
Junxian Zhu
0a4d6c8254 benchtests: Add more benchtests for rounding functions.
This patch adds more benchtests for rounding functions.
The double inputs are copied from trunc-inputs, the float inputs are copied from truncf-inputs. and the rintf is copied from rint-inputs.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-23 08:50:00 -03:00
Simon Chopin
59e0441d4a tests: gracefully handle AppArmor userns containment
Recent AppArmor containment allows restricting unprivileged user
namespaces, which is enabled by default on recent Ubuntu systems.
When this happens, as is common with Linux Security Modules, the syscall
will fail with -EACCESS.

When that happens, the affected tests will now be considered unsupported
rather than simply failing.

Further information:

* https://gitlab.com/apparmor/apparmor/-/wikis/unprivileged_userns_restriction
* https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
* https://manpages.ubuntu.com/manpages/jammy/man5/apparmor.d.5.html (for
  the return code)

V2:
* Fix duplicated line in check_unshare_hints
* Also handle similar failure in tst-pidfd_getpid

V3:
* Comment formatting
* Aded some more documentation on syscall return value

Signed-off-by: Simon Chopin <simon.chopin@canonical.com>
2024-02-23 08:50:00 -03:00
Konstantin Kharlamov
fe00366b63 treewide: python-scripts: use is None for none-equality
Testing for `None`-ness with `==` operator is frowned upon and causes
warnings in at least "LGTM" python linter. Fix that.

Signed-off-by: Konstantin Kharlamov <Hi-Angel@yandex.ru>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-23 08:50:00 -03:00
Adhemerval Zanella
1e9a550ba4 powerpc: Remove power7 strstr optimization
The optimization is not faster than the generic algorithm,
using the bench-strstr the geometric mean running on a POWER10 machine
using gcc 13.1.1 is 482.47 while the default __strstr_ppc is 340.97
(which uses the generic implementation).

Also, there is no need to redirect the internal str*/mem* call
to optimized version, internal ifunc is supported and enabled
for internal calls (meaning that the generic implementation
will use any asm optimization if available).

Checked on powerpc64le-linux-gnu.
Reviewed-by: Peter Bergner <bergner@linux.ibm.com>
2024-02-23 08:50:00 -03:00
Adhemerval Zanella
f4c142bb9f arm: Use _dl_find_object on __gnu_Unwind_Find_exidx (BZ 31405)
Instead of __dl_iterate_phdr. On ARM dlfo_eh_frame/dlfo_eh_count
maps to PT_ARM_EXIDX vaddr start / length.

On a Neoverse N1 machine with 160 cores, the following program:

  $ cat test.c
  #include <stdlib.h>
  #include <pthread.h>
  #include <assert.h>

  enum {
    niter = 1024,
    ntimes = 128,
  };

  static void *
  tf (void *arg)
  {
    int a = (int) arg;

    for (int i = 0; i < niter; i++)
      {
        void *p[ntimes];
        for (int j = 0; j < ntimes; j++)
  	p[j] = malloc (a * 128);
        for (int j = 0; j < ntimes; j++)
  	free (p[j]);
      }

    return NULL;
  }

  int main (int argc, char *argv[])
  {
    enum { nthreads = 16 };
    pthread_t t[nthreads];

    for (int i = 0; i < nthreads; i ++)
      assert (pthread_create (&t[i], NULL, tf, (void *) i) == 0);

    for (int i = 0; i < nthreads; i++)
      {
        void *r;
        assert (pthread_join (t[i], &r) == 0);
        assert (r == NULL);
      }

    return 0;
  }
  $ arm-linux-gnueabihf-gcc -fsanitize=address test.c -o test

Improves from ~15s to 0.5s.

Checked on arm-linux-gnueabihf.
2024-02-23 08:50:00 -03:00
Xi Ruoyao
e2a65ecc4b
math: Update mips64 ulps
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-02-22 21:28:25 +01:00
Xi Ruoyao
b881f1efcd elf: Add new LoongArch reloc types (110 to 126) into elf.h
These reloc types have been added in LoongArch psABI v2.30.

Link: https://github.com/loongson/la-abi-specs/blob/v2.30/laelf.adoc#relocation-types
Signed-off-by: Xi Ruoyao <xry111@xry111.site>
2024-02-22 20:12:07 +08:00
Stefan Liebler
2938846acc build-many-glibcs.py: Add s390 --disable-multi-arch / multi-arch configurations.
This patch adds some --disable-multi-arch variants for s390x.

As the used IFUNC variants and __GI symbols depend on the used
gcc -march=cpu-level, there are multiple new configurations.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-21 08:52:36 +01:00
Daniel Cederman
aa4106db1d sparc: Treat the version field in the FPU control word as reserved
The FSR version field is read-only and might be non-zero.

This allows math/test-fpucw* to correctly pass when the version is
non-zero.

Signed-off-by: Daniel Cederman <cederman@gaisler.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-19 10:55:50 -03:00
Flavio Cruz
88b771ab5e Implement setcontext/getcontext/makecontext/swapcontext for Hurd x86_64
Tested with the tests provided by glibc plus some other toy examples.
Message-ID: <20240217202535.1860803-1-flaviocruz@gmail.com>
2024-02-17 21:45:35 +01:00
Flavio Cruz
e3da8f9bad Use proc_getchildren_rusage when available in getrusage and times.
Message-ID: <20240217164846.1837223-1-flaviocruz@gmail.com>
2024-02-17 21:14:39 +01:00
Florian Weimer
6a04404521 Linux: Switch back to assembly syscall wrapper for prctl (bug 29770)
Commit ff026950e2 ("Add a C wrapper for
prctl [BZ #25896]") replaced the assembler wrapper with a C function.
However, on powerpc64le-linux-gnu, the C variadic function
implementation requires extra work in the caller to set up the
parameter save area.  Calling a function that needs a parameter save
area without one (because the prototype used indicates the function is
not variadic) corrupts the caller's stack.   The Linux manual pages
project documents prctl as a non-variadic function.  This has resulted
in various projects over the years using non-variadic prototypes,
including the sanitizer libraries in LLVm and GCC (GCC PR 113728).

This commit switches back to the assembler implementation on most
targets and only keeps the C implementation for x86-64 x32.

Also add the __prctl_time64 alias from commit
b39ffab860 ("Linux: Add time64 alias for
prctl") to sysdeps/unix/sysv/linux/syscalls.list; it was not yet
present in commit ff026950e2.

This restores the old ABI on powerpc64le-linux-gnu, thus fixing
bug 29770.

Reviewed-By: Simon Chopin <simon.chopin@canonical.com>
2024-02-17 09:17:04 +01:00
Florian Weimer
0d9166c224 i386: Use generic memrchr in libc (bug 31316)
Before this change, we incorrectly used the SSE2 variant in the
implementation, without checking that the system actually supports
SSE2.

Tested-by: Sam James <sam@gentoo.org>
2024-02-16 07:41:04 +01:00
H.J. Lu
ef7f4b1fef Apply the Makefile sorting fix
Apply the Makefile sorting fix generated by sort-makefile-lines.py.
2024-02-15 11:19:56 -08:00
H.J. Lu
71d133c500 sysdeps/x86_64/Makefile (tests): Add the end marker 2024-02-15 11:12:13 -08:00
H.J. Lu
6a2512bf16 sort-makefile-lines.py: Allow '_' in name and "^# name"
'_' is used in Makefile variable names and many variables end with
"^# name".  Relax sort-makefile-lines.py to allow '_' in name and
"^# name" as variable end.  This fixes BZ #31385.
2024-02-15 04:28:27 -08:00
Askar Safin
dbae3a3940 trivial doc fix: remove weird phrase "syscall takes zero to five arguments"
"number of arguments, from zero to five" is wrong, because on Linux maximal number
of arguments is 6, not 5. Also, maximal number of arguments is kernel-dependent,
so let's not include it here at all.

Moreover, "Each kind of system call has a definite number of arguments" is questionable.
Think about SYS_open on Linux, which takes 2 or 3 arguments. Or SYS_clone on Linux x86_64, which
takes 2 to 5 arguments. So I propose to fully remove this sentence.

Signed-off-by: Askar Safin <safinaskar@zohomail.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-14 12:21:03 -03:00
Junxian Zhu
545480506f mips: Use builtins for ffs and ffsll
__builtin_ffs{,ll} basically on __builtin_ctz{,ll} in MIPS GCC compiler.
The hardware ctz instructions were available after MIPS{32,64} Release1. By using builtin ctz. It can also reduce code size of ffs/ffsll.

Checked on mips o32. mips64.

Signed-off-by: Junxian Zhu <zhujunxian@oss.cipunited.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org>
2024-02-14 12:20:49 -03:00
Adhemerval Zanella
491e55beab x86: Expand the comment on when REP STOSB is used on memset
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-02-13 08:49:43 -08:00
Adhemerval Zanella
272708884c x86: Do not prefer ERMS for memset on Zen3+
For AMD Zen3+ architecture, the performance of the vectorized loop is
slightly better than ERMS.

Checked on x86_64-linux-gnu on Zen3.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-02-13 08:49:13 -08:00
Adhemerval Zanella
0c0d39fe4a x86: Fix Zen3/Zen4 ERMS selection (BZ 30994)
The REP MOVSB usage on memcpy/memmove does not show much performance
improvement on Zen3/Zen4 cores compared to the vectorized loops.  Also,
as from BZ 30994, if the source is aligned and the destination is not
the performance can be 20x slower.

The performance difference is noticeable with small buffer sizes, closer
to the lower bounds limits when memcpy/memmove starts to use ERMS.  The
performance of REP MOVSB is similar to vectorized instruction on the
size limit (the L2 cache).  Also, there is no drawback to multiple cores
sharing the cache.

Checked on x86_64-linux-gnu on Zen3.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-02-13 08:49:12 -08:00
Michael Jeanson
155bb9d036 x86/cet: fix shadow stack test scripts
Some shadow stack test scripts use the '==' operator with the 'test'
command to validate exit codes resulting in the following error:

  sysdeps/x86_64/tst-shstk-legacy-1e.sh: 31: test: 139: unexpected operator

The '==' operator is invalid for the 'test' command, use '-eq' like the
previous call to 'test'.

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-02-12 06:49:57 -08:00
H.J. Lu
c676808a34 test_printers_common.py: Remove invalid escape sequence
Change "\(" and "\)" to "\\(" and "\\)" in test_printers_common.py.  This
fixes the test warning:

.../scripts/test_printers_common.py:101: SyntaxWarning: invalid escape sequence '\('
Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-02-12 06:25:29 -08:00
Florian Weimer
15de3d17e1 elf: Remove attempt at env handling in elf/tst-rtld-list-diagnostics.py
Instead, let the system shell parse the whole thing and invoke the env
command.
2024-02-09 16:16:33 +01:00
Joseph Myers
1bc61cf8e0 Add SOL_VSOCK from Linux 6.7 to bits/socket.h
Linux 6.7 adds a constant SOL_VSOCK (recall that various constants in
include/linux/socket.h are in fact part of the kernel-userspace API
despite that not being a uapi header).  Add it to glibc's
bits/socket.h.

Tested for x86_64.
2024-02-08 12:57:24 +00:00
Mike FABIAN
07fd072caf localedata: ssy_ER: Fix syntax error 2024-02-08 08:13:37 +01:00
Dragan Stanojević (Nevidljivi)
559010e471 localedata: hr_HR: change currency to EUR/€
Resolves: BZ # 29845
2024-02-08 08:13:37 +01:00
Mike FABIAN
30a61b1dd9 Change lv_LV collation to agree with the recent change in CLDR
Resolves: https://sourceware.org/bugzilla/show_bug.cgi?id=23774

See this change in CLDR committed on 2024-01-29:
635e2d3d05
2024-02-08 08:13:37 +01:00
Joseph Myers
284b928321 Add new AArch64 HWCAP2 definitions from Linux 6.7 to bits/hwcap.h
Linux 6.7 adds three new HWCAP2_* values for AArch64; add them to
bits/hwcap.h in glibc.
2024-02-08 01:39:09 +00:00
Stefan Liebler
fa3eb7d5e7 string: Add hidden builtin definition for __strcpy_chk.
Otherwise on at least x86_64 and s390x there is an unwanted PLT entry
in libc.so when configured with --enable-fortify-source=3 and build
with -Os.

This is observed in elf/check-localplt
Extra PLT reference: libc.so: __strcpy_chk

The call to PLT entry is in inet/ruserpass.c.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-06 09:17:04 +01:00
Adhemerval Zanella
1e25112dc0 arm: Remove wrong ldr from _dl_start_user (BZ 31339)
The commit 49d877a80b (arm: Remove
_dl_skip_args usage) removed the _SKIP_ARGS literal, which was
previously loader to r4 on loader _start.  However, the cleanup did not
remove the following 'ldr r4, [sl, r4]' on _dl_start_user, used to check
to skip the arguments after ld self-relocations.

In my testing, the kernel initially set r4 to 0, which makes the
ldr instruction just read the _GLOBAL_OFFSET_TABLE_.  However, since r4
is a callee-saved register; a different runtime might not zero
initialize it and thus trigger an invalid memory access.

Checked on arm-linux-gnu.

Reported-by: Adrian Ratiu <adrian.ratiu@collabora.com>
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2024-02-05 15:29:23 -03:00