Commit Graph

5737 Commits

Author SHA1 Message Date
Alistair Francis
600f00b747 linux: Use long time_t for wait4/getrusage
The Linux kernel expects rusage to use a 32-bit time_t, even on archs
with a 64-bit time_t (like RV32). To address this let's convert
rusage to/from 32-bit and 64-bit to ensure the kernel always gets
a 32-bit time_t.

While we are converting these functions let's also convert them to be
the y2038 safe versions. This means there is a *64 function that is
called by a backwards compatible wrapper.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-02 09:21:06 -07:00
Alistair Francis
a51e035889 linux: Use long time_t __getitimer/__setitimer
The Linux kernel expects itimerval to use a 32-bit time_t, even on archs
with a 64-bit time_t (like RV32). To address this let's convert
itimerval to/from 32-bit and 64-bit to ensure the kernel always gets
a 32-bit time_t.

While we are converting these functions let's also convert them to be
the y2038 safe versions. This means there is a *64 function that is
called by a backwards compatible wrapper.

Tested-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-02 09:21:06 -07:00
Alistair Francis
1c634e677f sysv: Define __KERNEL_OLD_TIMEVAL_MATCHES_TIMEVAL64
On y2038 safe 32-bit systems the Linux kernel expects itimerval
and rusage to use a 32-bit time_t, even though the other time_t's
are 64-bit. There are currently no plans to make 64-bit time_t versions
of these structs.

There are also other occurrences where the time passed to the kernel via
timeval doesn't match the wordsize.

To handle these cases let's define a new macro
__KERNEL_OLD_TIMEVAL_MATCHES_TIMEVAL64. This macro specifies if the
kernel's old_timeval matches the new timeval64. This should be 1 for
64-bit architectures except for Alpha's osf syscalls. The define should
be 0 for 32-bit architectures and Alpha's osf syscalls.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-02 09:21:05 -07:00
John David Anglin
1a044511a3 Fix data race in setting function descriptors during lazy binding on hppa.
This addresses an issue that is present mainly on SMP machines running
threaded code.  In a typical indirect call or PLT import stub, the
target address is loaded first.  Then the global pointer is loaded into
the PIC register in the delay slot of a branch to the target address.
During lazy binding, the target address is a trampoline which transfers
to _dl_runtime_resolve().

_dl_runtime_resolve() uses the relocation offset stored in the global
pointer and the linkage map stored in the trampoline to find the
relocation.  Then, the function descriptor is updated.

In a multi-threaded application, it is possible for the global pointer
to be updated between the load of the target address and the global
pointer.  When this happens, the relocation offset has been replaced
by the new global pointer.  The function pointer has probably been
updated as well but there is no way to find the address of the function
descriptor and to transfer to the target.  So, _dl_runtime_resolve()
typically crashes.

HP-UX addressed this problem by adding an extra pc-relative branch to
the trampoline.  The descriptor is initially setup to point to the
branch.  The branch then transfers to the trampoline.  This allowed
the trampoline code to figure out which descriptor was being used
without any modification to user code.  I didn't use this approach
as it is more complex and changes function pointer canonicalization.

The order of loading the target address and global pointer in
indirect calls was not consistent with the order used in import stubs.
In particular, $$dyncall and some inline versions of it loaded the
global pointer first.  This was inconsistent with the global pointer
being updated first in dl-machine.h.  Assuming the accesses are
ordered, we want elf_machine_fixup_plt() to store the global pointer
first and calls to load it last.  Then, the global pointer will be
correct when the target function is entered.

However, just to make things more fun, HP added support for
out-of-order execution of accesses in PA 2.0.  The accesses used by
calls are weakly ordered. So, it's possibly under some circumstances
that a function might be entered with the wrong global pointer.
However, HP uses weakly ordered accesses in 64-bit HP-UX, so I assume
that loading the global pointer in the delay slot of the branch must
work consistently.

The basic fix for the race is a combination of modifying user code to
preserve the address of the function descriptor in register %r22 and
setting the least-significant bit in the relocation offset.  The
latter was suggested by Carlos as a way to distinguish relocation
offsets from global pointer values.  Conventionally, %r22 is used
as the address of the function descriptor in calls to $$dyncall.
So, it wasn't hard to preserve the address in %r22.

I have updated gcc trunk and gcc-9 branch to not clobber %r22 in
$$dyncall and inline indirect calls.  I have also modified the import
stubs in binutils trunk and the 2.33 branch to preserve %r22.  This
required making the stubs one instruction longer but we save one
relocation.  I also modified binutils to align the .plt section on
a 8-byte boundary.  This allows descriptors to be updated atomically
with a floting-point store.

With these changes, _dl_runtime_resolve() can fallback to an alternate
mechanism to find the relocation offset when it has been clobbered.
There's just one additional instruction in the fast path. I tested
the fallback function, _dl_fix_reloc_arg(), by changing the branch to
always use the fallback.  Old code still runs as it did before.

Fixes bug 23296.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-03-30 20:36:49 +00:00
Alistair Francis
4da2597af5 sysv/linux: Rename alpha functions to be alpha specific
These functions are alpha specifc, rename them to be clear.

Let's also rename the header file from tv32-compat.h to
alpha-tv32-compat.h. This is to avoid conflicts with the one we will
introduce later.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-03-27 11:23:15 -07:00
Lukasz Majewski
0334369949 y2038: fix: Add missing libc_hidden_def attribute for some syscall wrappers
During the conversion to support 64 bit time on some architectures with
__WORDSIZE == 32 && __TIMESIZE != 64 the libc_hidden_def attribute for
eligible functions was by mistake omitted.

This patch fixes this issue and exports (and allows using) those
functions when Y2038 support is enabled in glibc.
2020-03-23 21:21:28 +01:00
H.J. Lu
1fabdb9908 x86: Remove ARCH_CET_LEGACY_BITMAP [BZ #25397]
Since legacy bitmap doesn't cover jitted code generated by legacy JIT
engine, it isn't very useful.  This patch removes ARCH_CET_LEGACY_BITMAP
and treats indirect branch tracking similar to shadow stack by removing
legacy bitmap support.

Tested on CET Linux/x86-64 and non-CET Linux/x86-64.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-03-18 04:35:54 -07:00
Adhemerval Zanella
d8faf2955a mips: Fix wrong INTERNAL_SYSCALL_ERROR_P check from bc2eb9321e
Checked on mips64-linux-gnu.
2020-03-10 17:24:14 -03:00
Lukasz Majewski
8b8f39376b y2038: linux: Provide __futimesat64 implementation
This conversion patch for supporting 64 bit time for futimesat only differs
from the work performed for futimes (when providing __futimes64) with passing
also the file name (and path) to utimensat.

All the design and conversion decisions are exactly the same as for futimens
conversion.
2020-03-09 10:26:46 +01:00
Lukasz Majewski
1a5e12826c y2038: linux: Provide __lutimes64 implementation
This conversion patch for supporting 64 bit time for lutimes mostly differs from
the work performed for futimes (when providing __futimes64) with adding the
AT_SYMLINK_NOFOLLOW flag to utimensat.
It also supports passing file name instead of file descriptor number, but this
is not relevant for utimensat used to implement it.

All the design and conversion decisions are exactly the same as for futimens
conversion.
2020-03-09 10:26:46 +01:00
Lukasz Majewski
f072671cf5 y2038: linux: Provide __futimes64 implementation
This patch provides new __futimes64 explicit 64 bit function for setting file's
64 bit attributes for access and modification time (by specifying file
descriptor number).

Internally, the __utimensat64_helper function is used. This patch is necessary
for having architectures with __WORDSIZE == 32 Y2038 safe.

Moreover, a 32 bit version - __futimes has been refactored to internally use
__futimes64.

The __futimes is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion of struct timeval
to 64 bit struct __timeval64.

The check if struct timevals' usec fields are in the range between 0 and 1000000
has been removed as Linux kernel performs it internally in the implementation
of utimensat (the conversion between struct __timeval64 and __timespec64 is not
relevant for this particular check).

Last but not least, checks for tvp{64} not being NULL have been preserved from
the original code as some legacy user space programs may rely on it.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as without to
test the proper usage of both __futimes64 and __futimes.
2020-03-09 10:26:46 +01:00
Lukasz Majewski
7975f9a48a y2038: fix: Add missing libc_hidden_def for __futimens64
The libc_hidden_def () declaration for __futimens64 function was missing,
so it is added in this patch.
2020-03-07 12:45:27 +01:00
Adhemerval Zanella
b33e946fbb sparc: Move sigreturn stub to assembly
It seems that some gcc versions might generates a stack frame for the
sigreturn stub requires on sparc signal handling.  For instance:

  $ cat test.c
  #define _GNU_SOURCE
  #include <sys/syscall.h>

  __attribute__ ((__optimize__ ("-fno-stack-protector")))
  void
  __sigreturn_stub (void)
  {
    __asm__ ("mov %0, %%g1\n\t"
            "ta  0x10\n\t"
            : /* no outputs */
            : "i" (SYS_rt_sigreturn));
  }
  $ gcc -v
  [...]
  gcc version 9.2.1 20200224 (Debian 9.2.1-30)
  $ gcc -O2 -m64 test.c -S -o -
  [...]
    __sigreturn_stub:
          save    %sp, -176, %sp
  #APP
  ! 9 "t.c" 1
          mov 101, %g1
          ta  0x10

  ! 0 "" 2
  #NO_APP
          .size   __sigreturn_stub, .-__sigreturn_stub

As indicated by kernel developers [1], the sigreturn stub can not change
the register window or the stack pointer since the kernel has setup the
restore frame at a precise location relative to the stack pointer when
the stub is invoked.

I tried to play with some compiler flags and even with _Noreturn and
__builtin_unreachable after the asm does not help (and Sparc does not
support naked functions).

To avoid similar issues, as the stack-protector support also have
stumbled, this patch moves the implementation of the sigreturn stubs to
assembly.

Checked on sparcv9-linux-gnu and sparc64-linux-gnu with gcc 9.2.1
and gcc 7.5.0.

[1] https://lkml.org/lkml/2016/5/27/465
2020-03-06 13:17:20 -03:00
Adhemerval Zanella
60f071f47a linux/sysipc: Include linux/posix_types.h for __kernel_mode_t
The posix_types.h (where __kernel_mode_t is defined) is included
implicitly, which might not happen on older kernels.
2020-03-06 09:53:23 -03:00
Adhemerval Zanella
24fdebe75f linux: Clear mode_t padding bits (BZ#25623)
The kernel might not clear the padding value for the ipc_perm mode
fields in compat mode (32 bit running on a 64 bit kernel).  It was
fixed on v4.14 when the ipc compat code was refactored to move
(commits 553f770ef71b, 469391684626, c0ebccb6fa1e).

Although it is most likely a kernel issue, it was shown only due
BZ#18231 fix which made all the SysVIPC mode_t 32-bit regardless of
the kABI.

This patch fixes it by explicitly zeroing the upper bits for such
cases.  The __ASSUME_SYSVIPC_BROKEN_MODE_T case already handles
it with the shift.

(The aarch64 ipc_priv.h is superflous since
__ASSUME_SYSVIPC_DEFAULT_IPC_64 is now defined as default).

Checked on i686-linux-gnu on 3.10 and on 4.15 kernel.
2020-03-05 14:40:28 -03:00
Adhemerval Zanella
d5e492ba4c linux: Remove aarch64 ipc_priv.h
The aarch64 ipc_priv.h is superflous since
__ASSUME_SYSVIPC_DEFAULT_IPC_64 is now defined as default.
2020-03-05 14:40:22 -03:00
Florian Weimer
e5244cd88a Linux: Use __fstatat64 in fchmodat implementation
fstatat64 depends on inlining to produce the desired __fxstatat64
call, which does not happen with -Os, leading to a link failure
with an undefined reference to fstatat64.  __fxstatat64 has a macro
definition in include/sys/stat.h and thus avoids the problem.
2020-03-05 16:10:26 +01:00
Florian Weimer
c10826a327 Linux: Use AT_FDCWD in utime, utimes when calling utimensat
0 is a valid descriptor without any special meaning.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-03-05 16:09:52 +01:00
Lukasz Majewski
66449d9339 y2038: linux: Provide __utime64 implementation
This patch replaces auto generated wrapper (as described in
sysdeps/unix/sysv/linux/syscalls.list) for utime with one which adds extra
support for setting file's access and modification 64 bit time on machines
with __TIMESIZE != 64.

Internally, the __utimensat_time64 helper function is used. This patch is
necessary for having architectures with __WORDSIZE == 32 && __TIMESIZE != 64
Y2038 safe.

Moreover, a 32 bit version - __utime has been refactored to internally use
__utime64.
The __utime is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion between struct
utimbuf and struct __utimbuf64.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as
without to test proper usage of both __utime64 and __utime.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 14:28:08 +01:00
Lukasz Majewski
d962a5d68a y2038: linux: Provide __utimes64 implementation
This patch provides new __utimes64 explicit 64 bit function for setting file's
64 bit attributes for access and modification time.

Internally, the __utimensat64_helper function is used. This patch is necessary
for having architectures with __WORDSIZE == 32 Y2038 safe.

Moreover, a 32 bit version - __utimes has been refactored to internally use
__utimes64.

The __utimes is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion of struct
timeval to 64 bit struct __timeval64.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as without
to test proper usage of both __utimes64 and __utimes.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 14:28:08 +01:00
Florian Weimer
24caa35c57 microblaze: vfork is always available
Due to the built-in tables, __NR_vfork is always defined, so the
fork-based fallback code is never used.

(It appears that the vfork system call was wired up when the port was
contributed to the kernel.)

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:53:11 +01:00
Florian Weimer
bf956afeaa m68k: getpagesize syscall number is always available
Due to the built-in tables, __NR_getpagesize is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:52:47 +01:00
Florian Weimer
e76d4fb014 Linux: epoll_pwait syscall number is always available
Due to the built-in tables, __NR_epoll_pwait is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:51:14 +01:00
Florian Weimer
63e9b4bd9c x86_64: Do not define __NR_semtimedop in <sysdep.h>
The definition is always available from the built-in system call table.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:50:56 +01:00
Florian Weimer
2982d0c18f ia64: Do not define __NR_semtimedop in <sysdep.h>
The definition is always available from the built-in system call table.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:50:35 +01:00
Florian Weimer
ed9ce57e3c Linux: open_by_handle_at syscall number is always available
Due to the built-in tables, __NR_open_by_handle_at is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:50:07 +01:00
Florian Weimer
75376039be Linux: pciconfig_iobase syscall number is always available on alpha
Due to the built-in tables, __NR_pciconfig_iobase is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:20:59 +01:00
Florian Weimer
4fe5d3867a Linux: getdents64 syscall number is always available on MIPS
Due to the built-in tables, __NR_getdents64 is always defined,
although it may not be supported at run time.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:20:31 +01:00
Florian Weimer
b5350b487c Linux: Clean up preadv2, pwritev2 system call names
With the built-in tables __NR_preadv2 and __NR_pwritev2 are always
defined.

The kernel has never defined __NR_preadv64v2 and __NR_pwritev64v2
and is unlikely to do so, given that the preadv2 and pwritev2 system
calls themselves are 64-bit.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:18:22 +01:00
Florian Weimer
11ae9a185b Linux: exit_group syscall number is always available
Due to the built-in tables, __NR_exit_group is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:17:24 +01:00
Florian Weimer
aa350443c5 Linux: set_tid_address syscall number is always available
Due to the built-in tables, __NR_set_tid_address is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:16:55 +01:00
Florian Weimer
5d9f1add86 Linux: pkey_mprotect syscall number is always available
Due to the built-in tables, __NR_pkey_mprotect is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:16:35 +01:00
Florian Weimer
c99517a738 Linux: rt_sigqueueinfo syscall number is always available
Due to the built-in tables, __NR_rt_sigqueueinfo is always defined.

sysdeps/pthread/time_routines.c is not updated because it is shared with
Hurd.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:16:15 +01:00
Florian Weimer
658b5848a8 Linux: getrandom syscall number is always available
Due to the built-in tables, __NR_getrandom is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:15:38 +01:00
Florian Weimer
d241dee4dd Linux: Clean up preadv, pwritev system call names
The names __NR_preadv64, __NR_pwritev64 appear to be a glibc invention.
With the built-in tables, __NR_preadv and __NR_pwritev are always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:15:06 +01:00
Florian Weimer
71691aae92 Linux: Clean up pread64/pwrite64 system call names
Linux removed the last definitions of __NR_pread and __NR_pwrite
in commit 4ba66a9760722ccbb691b8f7116cad2f791cca7b, the removal
of the blackfin port.  All architectures now define __NR_pread64 and
__NR_pwrite64 only.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:14:40 +01:00
Florian Weimer
1a5f1153a7 Linux: sigaltstack syscall number is always available
Due to the built-in tables, __NR_sigaltstack is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:13:29 +01:00
Florian Weimer
822a391076 Linux: sched_getaffinity syscall number is always available
Due to the built-in tables, __NR_sched_getaffinity is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:13:07 +01:00
Florian Weimer
78e132b319 Linux: sched_setaffinity syscall number is always available
Due to the built-in tables, __NR_sched_setaffinity is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:12:42 +01:00
Florian Weimer
7255ccbec9 Linux: statx syscall number is always available
Due to the built-in tables, __NR_statx is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:12:11 +01:00
Florian Weimer
276e6080c8 Linux: mq_* syscall numbers are always available
Due to the built-in tables, __NR_mq_getsetattr, __NR_mq_notify,
__NR_mq_open, __NR_mq_timedreceive, __NR_mq_timedsend, __NR_mq_unlink
are always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:11:49 +01:00
Florian Weimer
8d25a67650 Linux: mlock2 syscall number is always available
Due to the built-in tables, __NR_mlock2 is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:11:26 +01:00
Florian Weimer
a72ae22d5d Linux: copy_file_range syscall number is always available
Due to the built-in tables, __NR_copy_file_range is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:11:01 +01:00
Florian Weimer
f122f356c5 Linux: renameat2 syscall number is always available
Due to the built-in tables, __NR_renameat2 is always defined.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 12:06:39 +01:00
Andreas Schwab
808cd69267 Add missing libc_hidden_def for __utimensat64 2020-03-02 17:04:32 +01:00
Florian Weimer
0499a353a6 elf: Add elf/check-wx-segment, a test for the presence of WX segments
Writable, executable segments defeat security hardening.  The
existing check for DT_TEXTREL does not catch this.

hppa and SPARC currently keep the PLT in an RWX load segment.
2020-03-02 14:25:20 +01:00
Adhemerval Zanella
b790c8c2ed nios2: Fix Linux kABI for syscall return
From the type introduced at 861be5fd66.
2020-02-20 10:11:33 -03:00
Florian Weimer
f2323817dd nptl: Move pthread_setschedparam implementation into libc
This is part of the libpthread removal project:

  <https://sourceware.org/ml/libc-alpha/2019-10/msg00080.html>

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-20 08:57:01 +01:00
Florian Weimer
d5074b30fe nptl: Move pthread_getschedparam implementation into libc
This is part of the libpthread removal project:

  <https://sourceware.org/ml/libc-alpha/2019-10/msg00080.html>

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-20 08:57:01 +01:00
Florian Weimer
ad96df2cd9 nptl: Move pthread_cond_init implementation into libc
It is necessary to export __pthread_cond_init from libc because
the C11 condition variable needs it and is still left in libpthread.

This is part of the libpthread removal project:

  <https://sourceware.org/ml/libc-alpha/2019-10/msg00080.html>

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-20 08:57:01 +01:00