As discussed during development for glibc 2.29, when we increased the
required minimum GCC version for building glibc to GCC 5, working
purely based on the times at which such requirements have been
increased in the past it would be appropriate for glibc 2.30 to
require GCC 6 (matching GCC 4.9 having been required for glibc 2.26).
Naming 6.2 specifically as the minimum version then means a separate
version requirement no longer needs to be specified for powerpc64le.
Thus, this patch increases the minimum to 6.2, removing the
documentation of the separate requirement for powerpc64le. It does
not remove the powerpc64le configure test, or any __GNUC_PREREQ that
could be removed as not being in installed headers or files shared
with gnulib; I think such cleanups are best done separately.
Tested for x86_64.
* configure.ac (libc_cv_compiler_ok): Require GCC 6.2 or later.
* configure: Regenerated.
* manual/install.texi (Tools for Compilation): Update minimum GCC
version.
* INSTALL: Regenerated.
We know that building glibc with GCC 4.9 is broken on various
platforms (bug 23993). As it's more than a year since we last
increased the minimum GCC version to build glibc, this patch changes
the requirement to be GCC 5 or later (indeed, based on 4.9 having been
required for building 2.26, it would be consistent in terms of timing
to require GCC 6 or later from the 2.30 release onwards). It
deliberately just updates the configure test and corresponding
documentation, leaving removal of no-longer-needed __GNUC_PREREQ tests
for a separate patch.
In the NEWS entry, the requirement for a newer GCC version for
powerpc64le is reiterated (as in the entry for the 4.9 requirement in
2.26) to avoid suggesting the version requirement there has gone down.
(If that version goes up further as part of support for binary128 long
double, of course the wording would change at that time.)
Tested for x86_64.
[BZ #23993]
* configure.ac (libc_cv_compiler_ok): Require GCC 5 or later.
* configure: Regenerated.
* manual/install.texi (Tools for Compilation): Update minimum GCC
version.
* INSTALL: Regenerated.
This patch makes Python 3.4 or later a required tool for building
glibc, so allowing changes of awk, perl etc. code used in the build
and test to Python code without any such changes needing makefile
conditionals or to handle older Python versions.
This patch makes the configure test for Python check the version and
give an error if Python is missing or too old, and removes makefile
conditionals that are no longer needed. It does not itself convert
any code from another language to Python, and does not remove any
compatibility with older Python versions from existing scripts.
Tested for x86_64.
* configure.ac (PYTHON_PROG): Use AC_CHECK_PROG_VER. Set
critic_missing for versions before 3.4.
* configure: Regenerated.
* manual/install.texi (Tools for Compilation): Document
requirement for Python to build glibc.
* INSTALL: Regenerated.
* Rules [PYTHON]: Make code unconditional.
* benchtests/Makefile [PYTHON]: Likewise.
* conform/Makefile [PYTHON]: Likewise.
* manual/Makefile [PYTHON]: Likewise.
* math/Makefile [PYTHON]: Likewise.
Currently, DT_TEXTREL is incompatible with IFUNC. When DT_TEXTREL or
DF_TEXTREL is seen, the dynamic linker calls __mprotect on the segments
with PROT_READ|PROT_WRITE before applying dynamic relocations. It leads
to segfault when performing IFUNC resolution (which requires PROT_EXEC
as well for the IFUNC resolver).
This patch makes it call __mprotect with extra PROT_WRITE bit, which
will keep the PROT_EXEC bit if exists, and thus fixes the segfault.
FreeBSD rtld libexec/rtld-elf/rtld.c (reloc_textrel_prot) does the same.
Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu,
sparc64-linux-gnu, sparcv9-linux-gnu, and armv8-linux-gnueabihf.
Adam J. Richte <adam_richter2004@yahoo.com>
Adhemerval Zanella <adhemerval.zanella@linaro.org>
Fangrui Song <maskray@google.com>
[BZ #20480]
* config.h.in (CAN_TEXTREL_IFUNC): New define.
* configure.ac: Add check if linker supports textrel relocation with
ifunc.
* elf/dl-reloc.c (_dl_relocate_object): Use all required flags on
DT_TEXTREL segments, not only PROT_READ and PROT_WRITE.
* elf/Makefile (ifunc-pie-tests): Add tst-ifunc-textrel.
(CFLAGS-tst-ifunc-textrel.c): New rule.
* elf/tst-ifunc-textrel.c: New file.
Intel Control-flow Enforcement Technology (CET) instructions:
https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-en
forcement-technology-preview.pdf
includes Indirect Branch Tracking (IBT) and Shadow Stack (SHSTK).
GNU_PROPERTY_X86_FEATURE_1_IBT is added to GNU program property to
indicate that all executable sections are compatible with IBT when
ENDBR instruction starts each valid target where an indirect branch
instruction can land. Linker sets GNU_PROPERTY_X86_FEATURE_1_IBT on
output only if it is set on all relocatable inputs.
On an IBT capable processor, the following steps should be taken:
1. When loading an executable without an interpreter, enable IBT and
lock IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the executable.
2. When loading an executable with an interpreter, enable IBT if
GNU_PROPERTY_X86_FEATURE_1_IBT is set on the interpreter.
a. If GNU_PROPERTY_X86_FEATURE_1_IBT isn't set on the executable,
disable IBT.
b. Lock IBT.
3. If IBT is enabled, when loading a shared object without
GNU_PROPERTY_X86_FEATURE_1_IBT:
a. If legacy interwork is allowed, then mark all pages in executable
PT_LOAD segments in legacy code page bitmap. Failure of legacy code
page bitmap allocation causes an error.
b. If legacy interwork isn't allowed, it causes an error.
GNU_PROPERTY_X86_FEATURE_1_SHSTK is added to GNU program property to
indicate that all executable sections are compatible with SHSTK where
return address popped from shadow stack always matches return address
popped from normal stack. Linker sets GNU_PROPERTY_X86_FEATURE_1_SHSTK
on output only if it is set on all relocatable inputs.
On a SHSTK capable processor, the following steps should be taken:
1. When loading an executable without an interpreter, enable SHSTK if
GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on the executable.
2. When loading an executable with an interpreter, enable SHSTK if
GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on interpreter.
a. If GNU_PROPERTY_X86_FEATURE_1_SHSTK isn't set on the executable
or any shared objects loaded via the DT_NEEDED tag, disable SHSTK.
b. Otherwise lock SHSTK.
3. After SHSTK is enabled, it is an error to load a shared object
without GNU_PROPERTY_X86_FEATURE_1_SHSTK.
To enable CET support in glibc, --enable-cet is required to configure
glibc. When CET is enabled, both compiler and assembler must support
CET. Otherwise, it is a configure-time error.
To support CET run-time control,
1. _dl_x86_feature_1 is added to the writable ld.so namespace to indicate
if IBT or SHSTK are enabled at run-time. It should be initialized by
init_cpu_features.
2. For dynamic executables:
a. A l_cet field is added to struct link_map to indicate if IBT or
SHSTK is enabled in an ELF module. _dl_process_pt_note or
_rtld_process_pt_note is called to process PT_NOTE segment for
GNU program property and set l_cet.
b. _dl_open_check is added to check IBT and SHSTK compatibilty when
dlopening a shared object.
3. Replace i386 _dl_runtime_resolve and _dl_runtime_profile with
_dl_runtime_resolve_shstk and _dl_runtime_profile_shstk, respectively if
SHSTK is enabled.
CET run-time control can be changed via GLIBC_TUNABLES with
$ export GLIBC_TUNABLES=glibc.tune.x86_shstk=[permissive|on|off]
$ export GLIBC_TUNABLES=glibc.tune.x86_ibt=[permissive|on|off]
1. permissive: SHSTK is disabled when dlopening a legacy ELF module.
2. on: IBT or SHSTK are always enabled, regardless if there are IBT or
SHSTK bits in GNU program property.
3. off: IBT or SHSTK are always disabled, regardless if there are IBT or
SHSTK bits in GNU program property.
<cet.h> from CET-enabled GCC is automatically included by assembly codes
to add GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK
to GNU program property. _CET_ENDBR is added at the entrance of all
assembly functions whose address may be taken. _CET_NOTRACK is used to
insert NOTRACK prefix with indirect jump table to support IBT. It is
defined as notrack when _CET_NOTRACK is defined in <cet.h>.
[BZ #21598]
* configure.ac: Add --enable-cet.
* configure: Regenerated.
* elf/Makefille (all-built-dso): Add a comment.
* elf/dl-load.c (filebuf): Moved before "dynamic-link.h".
Include <dl-prop.h>.
(_dl_map_object_from_fd): Call _dl_process_pt_note on PT_NOTE
segment.
* elf/dl-open.c: Include <dl-prop.h>.
(dl_open_worker): Call _dl_open_check.
* elf/rtld.c: Include <dl-prop.h>.
(dl_main): Call _rtld_process_pt_note on PT_NOTE segment. Call
_rtld_main_check.
* sysdeps/generic/dl-prop.h: New file.
* sysdeps/i386/dl-cet.c: Likewise.
* sysdeps/unix/sysv/linux/x86/cpu-features.c: Likewise.
* sysdeps/unix/sysv/linux/x86/dl-cet.h: Likewise.
* sysdeps/x86/cet-tunables.h: Likewise.
* sysdeps/x86/check-cet.awk: Likewise.
* sysdeps/x86/configure: Likewise.
* sysdeps/x86/configure.ac: Likewise.
* sysdeps/x86/dl-cet.c: Likewise.
* sysdeps/x86/dl-procruntime.c: Likewise.
* sysdeps/x86/dl-prop.h: Likewise.
* sysdeps/x86/libc-start.h: Likewise.
* sysdeps/x86/link_map.h: Likewise.
* sysdeps/i386/dl-trampoline.S (_dl_runtime_resolve): Add
_CET_ENDBR.
(_dl_runtime_profile): Likewise.
(_dl_runtime_resolve_shstk): New.
(_dl_runtime_profile_shstk): Likewise.
* sysdeps/linux/x86/Makefile (sysdep-dl-routines): Add dl-cet
if CET is enabled.
(CFLAGS-.o): Add -fcf-protection if CET is enabled.
(CFLAGS-.os): Likewise.
(CFLAGS-.op): Likewise.
(CFLAGS-.oS): Likewise.
(asm-CPPFLAGS): Add -fcf-protection -include cet.h if CET
is enabled.
(tests-special): Add $(objpfx)check-cet.out.
(cet-built-dso): New.
(+$(cet-built-dso:=.note)): Likewise.
(common-generated): Add $(cet-built-dso:$(common-objpfx)%=%.note).
($(objpfx)check-cet.out): New.
(generated): Add check-cet.out.
* sysdeps/x86/cpu-features.c: Include <dl-cet.h> and
<cet-tunables.h>.
(TUNABLE_CALLBACK (set_x86_ibt)): New prototype.
(TUNABLE_CALLBACK (set_x86_shstk)): Likewise.
(init_cpu_features): Call get_cet_status to check CET status
and update dl_x86_feature_1 with CET status. Call
TUNABLE_CALLBACK (set_x86_ibt) and TUNABLE_CALLBACK
(set_x86_shstk). Disable and lock CET in libc.a.
* sysdeps/x86/cpu-tunables.c: Include <cet-tunables.h>.
(TUNABLE_CALLBACK (set_x86_ibt)): New function.
(TUNABLE_CALLBACK (set_x86_shstk)): Likewise.
* sysdeps/x86/sysdep.h (_CET_NOTRACK): New.
(_CET_ENDBR): Define if not defined.
(ENTRY): Add _CET_ENDBR.
* sysdeps/x86/dl-tunables.list (glibc.tune): Add x86_ibt and
x86_shstk.
* sysdeps/x86_64/dl-trampoline.h (_dl_runtime_resolve): Add
_CET_ENDBR.
(_dl_runtime_profile): Likewise.
$(file …) appears to be the only convenient way to create files
with newlines and make substitution variables. This needs make 4.0
(released in 2013), so update the requirement to match.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Some Linux distributions are experimenting with a new, separately
maintained and hopefully more agile implementation of the crypt
API. To facilitate this, add a configure option which disables
glibc's embedded libcrypt. When this option is given, libcrypt.*
and crypt.h will not be built nor installed.
After --enable-static-pie is added to configure, libc_cv_pie_default is
set to yes when either --enable-static-pie is used to configure glibc
or GCC defaults to PIE. We should set no-pie-ldflag to -no-pie, which
is supported on GCC 6 and later, only if GCC defaults to PIE, not when
--enable-static-pie is used to configure glibc.
Tested on x32 with --enable-static-pie using GCC 5 and without
--enable-static-pie using GCC 7.
[BZ #22614]
* Makeconfig (no-pie-ldflag): Set to -no-pie only if
$(cc-pie-default) == yes.
* config.make.in (cc-pie-default): New.
* configure.ac (libc_cv_pie_default): Renamed to ...
(libc_cv_cc_pie_default): This.
(libc_cv_pie_default): Set to $libc_cv_cc_pie_default.
* configure: Regenerated.
Static PIE extends address space layout randomization to static
executables. It provides additional security hardening benefits at
the cost of some memory and performance.
Dynamic linker, ld.so, is a standalone program which can be loaded at
any address. This patch adds a configure option, --enable-static-pie,
to embed the part of ld.so in static executable to create static position
independent executable (static PIE). A static PIE is similar to static
executable, but can be loaded at any address without help from a dynamic
linker. When --enable-static-pie is used to configure glibc, libc.a is
built as PIE and all static executables, including tests, are built as
static PIE. The resulting libc.a can be used together with GCC 8 or
above to build static PIE with the compiler option, -static-pie. But
GCC 8 isn't required to build glibc with --enable-static-pie. Only GCC
with PIE support is needed. When an older GCC is used to build glibc
with --enable-static-pie, proper input files are passed to linker to
create static executables as static PIE, together with "-z text" to
prevent dynamic relocations in read-only segments, which are not allowed
in static PIE.
The following changes are made for static PIE:
1. Add a new function, _dl_relocate_static_pie, to:
a. Get the run-time load address.
b. Read the dynamic section.
c. Perform dynamic relocations.
Dynamic linker also performs these steps. But static PIE doesn't load
any shared objects.
2. Call _dl_relocate_static_pie at entrance of LIBC_START_MAIN in
libc.a. crt1.o, which is used to create dynamic and non-PIE static
executables, is updated to include a dummy _dl_relocate_static_pie.
rcrt1.o is added to create static PIE, which will link in the real
_dl_relocate_static_pie. grcrt1.o is also added to create static PIE
with -pg. GCC 8 has been updated to support rcrt1.o and grcrt1.o for
static PIE.
Static PIE can work on all architectures which support PIE, provided:
1. Target must support accessing of local functions without dynamic
relocations, which is needed in start.S to call __libc_start_main with
function addresses of __libc_csu_init, __libc_csu_fini and main. All
functions in static PIE are local functions. If PIE start.S can't reach
main () defined in a shared object, the code sequence:
pass address of local_main to __libc_start_main
...
local_main:
tail call to main via PLT
can be used.
2. start.S is updated to check PIC instead SHARED for PIC code path and
avoid dynamic relocation, when PIC is defined and SHARED isn't defined,
to support static PIE.
3. All assembly codes are updated check PIC instead SHARED for PIC code
path to avoid dynamic relocations in read-only sections.
4. All assembly codes are updated check SHARED instead PIC for static
symbol name.
5. elf_machine_load_address in dl-machine.h are updated to support static
PIE.
6. __brk works without TLS nor dynamic relocations in read-only section
so that it can be used by __libc_setup_tls to initializes TLS in static
PIE.
NB: When glibc is built with GCC defaulted to PIE, libc.a is compiled
with -fPIE, regardless if --enable-static-pie is used to configure glibc.
When glibc is configured with --enable-static-pie, libc.a is compiled
with -fPIE, regardless whether GCC defaults to PIE or not. The same
libc.a can be used to build both static executable and static PIE.
There is no need for separate PIE copy of libc.a.
On x86-64, the normal static sln:
text data bss dec hex filename
625425 8284 5456 639165 9c0bd elf/sln
the static PIE sln:
text data bss dec hex filename
657626 20636 5392 683654 a6e86 elf/sln
The code size is increased by 5% and the binary size is increased by 7%.
Linker requirements to build glibc with --enable-static-pie:
1. Linker supports --no-dynamic-linker to remove PT_INTERP segment from
static PIE.
2. Linker can create working static PIE. The x86-64 linker needs the
fix for
https://sourceware.org/bugzilla/show_bug.cgi?id=21782
The i386 linker needs to be able to convert "movl main@GOT(%ebx), %eax"
to "leal main@GOTOFF(%ebx), %eax" if main is defined locally.
Binutils 2.29 or above are OK for i686 and x86-64. But linker status for
other targets need to be verified.
3. Linker should resolve undefined weak symbols to 0 in static PIE:
https://sourceware.org/bugzilla/show_bug.cgi?id=22269
4. Many ELF backend linkers incorrectly check bfd_link_pic for TLS
relocations, which should check bfd_link_executable instead:
https://sourceware.org/bugzilla/show_bug.cgi?id=22263
Tested on aarch64, i686 and x86-64.
Using GCC 7 and binutils master branch, build-many-glibcs.py with
--enable-static-pie with all patches for static PIE applied have the
following build successes:
PASS: glibcs-aarch64_be-linux-gnu build
PASS: glibcs-aarch64-linux-gnu build
PASS: glibcs-armeb-linux-gnueabi-be8 build
PASS: glibcs-armeb-linux-gnueabi build
PASS: glibcs-armeb-linux-gnueabihf-be8 build
PASS: glibcs-armeb-linux-gnueabihf build
PASS: glibcs-arm-linux-gnueabi build
PASS: glibcs-arm-linux-gnueabihf build
PASS: glibcs-arm-linux-gnueabihf-v7a build
PASS: glibcs-arm-linux-gnueabihf-v7a-disable-multi-arch build
PASS: glibcs-m68k-linux-gnu build
PASS: glibcs-microblazeel-linux-gnu build
PASS: glibcs-microblaze-linux-gnu build
PASS: glibcs-mips64el-linux-gnu-n32 build
PASS: glibcs-mips64el-linux-gnu-n32-nan2008 build
PASS: glibcs-mips64el-linux-gnu-n32-nan2008-soft build
PASS: glibcs-mips64el-linux-gnu-n32-soft build
PASS: glibcs-mips64el-linux-gnu-n64 build
PASS: glibcs-mips64el-linux-gnu-n64-nan2008 build
PASS: glibcs-mips64el-linux-gnu-n64-nan2008-soft build
PASS: glibcs-mips64el-linux-gnu-n64-soft build
PASS: glibcs-mips64-linux-gnu-n32 build
PASS: glibcs-mips64-linux-gnu-n32-nan2008 build
PASS: glibcs-mips64-linux-gnu-n32-nan2008-soft build
PASS: glibcs-mips64-linux-gnu-n32-soft build
PASS: glibcs-mips64-linux-gnu-n64 build
PASS: glibcs-mips64-linux-gnu-n64-nan2008 build
PASS: glibcs-mips64-linux-gnu-n64-nan2008-soft build
PASS: glibcs-mips64-linux-gnu-n64-soft build
PASS: glibcs-mipsel-linux-gnu build
PASS: glibcs-mipsel-linux-gnu-nan2008 build
PASS: glibcs-mipsel-linux-gnu-nan2008-soft build
PASS: glibcs-mipsel-linux-gnu-soft build
PASS: glibcs-mips-linux-gnu build
PASS: glibcs-mips-linux-gnu-nan2008 build
PASS: glibcs-mips-linux-gnu-nan2008-soft build
PASS: glibcs-mips-linux-gnu-soft build
PASS: glibcs-nios2-linux-gnu build
PASS: glibcs-powerpc64le-linux-gnu build
PASS: glibcs-powerpc64-linux-gnu build
PASS: glibcs-tilegxbe-linux-gnu-32 build
PASS: glibcs-tilegxbe-linux-gnu build
PASS: glibcs-tilegx-linux-gnu-32 build
PASS: glibcs-tilegx-linux-gnu build
PASS: glibcs-tilepro-linux-gnu build
and the following build failures:
FAIL: glibcs-alpha-linux-gnu build
elf/sln is failed to link due to:
assertion fail bfd/elf64-alpha.c:4125
This is caused by linker bug and/or non-PIC code in PIE libc.a.
FAIL: glibcs-hppa-linux-gnu build
elf/sln is failed to link due to:
collect2: fatal error: ld terminated with signal 11 [Segmentation fault]
https://sourceware.org/bugzilla/show_bug.cgi?id=22537
FAIL: glibcs-ia64-linux-gnu build
elf/sln is failed to link due to:
collect2: fatal error: ld terminated with signal 11 [Segmentation fault]
FAIL: glibcs-powerpc-linux-gnu build
FAIL: glibcs-powerpc-linux-gnu-soft build
FAIL: glibcs-powerpc-linux-gnuspe build
FAIL: glibcs-powerpc-linux-gnuspe-e500v1 build
elf/sln is failed to link due to:
ld: read-only segment has dynamic relocations.
This is caused by linker bug and/or non-PIC code in PIE libc.a. See:
https://sourceware.org/bugzilla/show_bug.cgi?id=22264
FAIL: glibcs-powerpc-linux-gnu-power4 build
elf/sln is failed to link due to:
findlocale.c:96:(.text+0x22c): @local call to ifunc memchr
This is caused by linker bug and/or non-PIC code in PIE libc.a.
FAIL: glibcs-s390-linux-gnu build
elf/sln is failed to link due to:
collect2: fatal error: ld terminated with signal 11 [Segmentation fault], core dumped
assertion fail bfd/elflink.c:14299
This is caused by linker bug and/or non-PIC code in PIE libc.a.
FAIL: glibcs-sh3eb-linux-gnu build
FAIL: glibcs-sh3-linux-gnu build
FAIL: glibcs-sh4eb-linux-gnu build
FAIL: glibcs-sh4eb-linux-gnu-soft build
FAIL: glibcs-sh4-linux-gnu build
FAIL: glibcs-sh4-linux-gnu-soft build
elf/sln is failed to link due to:
ld: read-only segment has dynamic relocations.
This is caused by linker bug and/or non-PIC code in PIE libc.a. See:
https://sourceware.org/bugzilla/show_bug.cgi?id=22263
Also TLS code sequence in SH assembly syscalls in glibc doesn't match TLS
code sequence expected by ld:
https://sourceware.org/bugzilla/show_bug.cgi?id=22270
FAIL: glibcs-sparc64-linux-gnu build
FAIL: glibcs-sparcv9-linux-gnu build
FAIL: glibcs-tilegxbe-linux-gnu build
FAIL: glibcs-tilegxbe-linux-gnu-32 build
FAIL: glibcs-tilegx-linux-gnu build
FAIL: glibcs-tilegx-linux-gnu-32 build
FAIL: glibcs-tilepro-linux-gnu build
elf/sln is failed to link due to:
ld: read-only segment has dynamic relocations.
This is caused by linker bug and/or non-PIC code in PIE libc.a. See:
https://sourceware.org/bugzilla/show_bug.cgi?id=22263
[BZ #19574]
* INSTALL: Regenerated.
* Makeconfig (real-static-start-installed-name): New.
(pic-default): Updated for --enable-static-pie.
(pie-default): New for --enable-static-pie.
(default-pie-ldflag): Likewise.
(+link-static-before-libc): Replace $(DEFAULT-LDFLAGS-$(@F))
with $(if $($(@F)-no-pie),$(no-pie-ldflag),$(default-pie-ldflag)).
Replace $(static-start-installed-name) with
$(real-static-start-installed-name).
(+prectorT): Updated for --enable-static-pie.
(+postctorT): Likewise.
(CFLAGS-.o): Add $(pie-default).
(CFLAGS-.op): Likewise.
* NEWS: Mention --enable-static-pie.
* config.h.in (ENABLE_STATIC_PIE): New.
* configure.ac (--enable-static-pie): New configure option.
(have-no-dynamic-linker): New LIBC_CONFIG_VAR.
(have-static-pie): Likewise.
Enable static PIE if linker supports --no-dynamic-linker.
(ENABLE_STATIC_PIE): New AC_DEFINE.
(enable-static-pie): New LIBC_CONFIG_VAR.
* configure: Regenerated.
* csu/Makefile (omit-deps): Add r$(start-installed-name) and
gr$(start-installed-name) for --enable-static-pie.
(extra-objs): Likewise.
(install-lib): Likewise.
(extra-objs): Add static-reloc.o and static-reloc.os
($(objpfx)$(start-installed-name)): Also depend on
$(objpfx)static-reloc.o.
($(objpfx)r$(start-installed-name)): New.
($(objpfx)g$(start-installed-name)): Also depend on
$(objpfx)static-reloc.os.
($(objpfx)gr$(start-installed-name)): New.
* csu/libc-start.c (LIBC_START_MAIN): Call _dl_relocate_static_pie
in libc.a.
* csu/libc-tls.c (__libc_setup_tls): Add main_map->l_addr to
initimage.
* csu/static-reloc.c: New file.
* elf/Makefile (routines): Add dl-reloc-static-pie.
(elide-routines.os): Likewise.
(DEFAULT-LDFLAGS-tst-tls1-static-non-pie): Removed.
(tst-tls1-static-non-pie-no-pie): New.
* elf/dl-reloc-static-pie.c: New file.
* elf/dl-support.c (_dl_get_dl_main_map): New function.
* elf/dynamic-link.h (ELF_DURING_STARTUP): Also check
STATIC_PIE_BOOTSTRAP.
* elf/get-dynamic-info.h (elf_get_dynamic_info): Likewise.
* gmon/Makefile (tests): Add tst-gmon-static-pie.
(tests-static): Likewise.
(DEFAULT-LDFLAGS-tst-gmon-static): Removed.
(tst-gmon-static-no-pie): New.
(CFLAGS-tst-gmon-static-pie.c): Likewise.
(CRT-tst-gmon-static-pie): Likewise.
(tst-gmon-static-pie-ENV): Likewise.
(tests-special): Likewise.
($(objpfx)tst-gmon-static-pie.out): Likewise.
(clean-tst-gmon-static-pie-data): Likewise.
($(objpfx)tst-gmon-static-pie-gprof.out): Likewise.
* gmon/tst-gmon-static-pie.c: New file.
* manual/install.texi: Document --enable-static-pie.
* sysdeps/generic/ldsodefs.h (_dl_relocate_static_pie): New.
(_dl_get_dl_main_map): Likewise.
* sysdeps/i386/configure.ac: Check if linker supports static PIE.
* sysdeps/x86_64/configure.ac: Likewise.
* sysdeps/i386/configure: Regenerated.
* sysdeps/x86_64/configure: Likewise.
* sysdeps/mips/Makefile (ASFLAGS-.o): Add $(pie-default).
(ASFLAGS-.op): Likewise.
There is a configure option --without-fp that specifies that nofpu
sysdeps directories should be used instead of fpu directories.
For most glibc configurations, this option is of no use: either there
is no valid nofpu variant of that configuration, or there are no fpu
or nofpu sysdeps directories for that processor and so the option does
nothing. For a few configurations, if you are using a soft-float
compiler this option is required, and failing to use it generally
results in compilation errors from inline asm using unavailable
floating-point instructions.
We're moving away from --with-cpu to configuring glibc based on how
the compiler generates code, and it is natural to do so for
--without-fp as well; in most cases the soft-float and hard-float ABIs
are incompatible so you have no hope of building a working glibc with
an inappropriately configured compiler or libgcc.
This patch eliminates --without-fp, replacing it entirely by automatic
configuration based on the compiler. Configurations for which this is
relevant (coldfire / mips / powerpc32 / sh) define a variable
with_fp_cond in their preconfigure fragments (under the same
conditions under which those fragments do anything); this is a
preprocessor conditional which the toplevel configure script then uses
in a test to determine which sysdeps directories to use.
The config.make with-fp variable remains. It's used only by powerpc
(sysdeps/powerpc/powerpc32/Makefile) to add -mhard-float to various
flags variables. For powerpc, -mcpu= options can imply use of
soft-float. That could be an issue if you want to build for
e.g. 476fp, but are using --with-cpu=476 because there isn't a 476fp
sysdeps directory. If in future we eliminate --with-cpu and replace
it entirely by testing the compiler, it would be natural at that point
to eliminate that code as well (as the user should then just use a
compiler defaulting to 476fp and the 476 sysdeps directory would be
used automatically).
Tested for x86_64, and tested with build-many-glibcs.py that installed
shared libraries are unchanged by this patch.
* configure.ac (--with-fp): Remove configure option.
(with_fp_cond): New variable.
(libc_cv_with_fp): New configure test. Use this variable instead
of with_fp.
* configure: Regenerated.
* config.make.in (with-fp): Use @libc_cv_with_fp@.
* manual/install.texi (Configuring and compiling): Remove
--without-fp.
* INSTALL: Regenerated.
* sysdeps/m68k/preconfigure (with_fp_cond): Define for ColdFire.
* sysdeps/mips/preconfigure (with_fp_cond): Define.
* sysdeps/powerpc/preconfigure (with_fp_cond): Define for 32-bit.
* sysdeps/sh/preconfigure (with_fp_cond): Define.
* scripts/build-many-glibcs.py (Context.add_all_configs): Do not
use --without-fp to configure glibc.
This patch adds several new tunables to control the behavior of
elision on supported platforms[1]. Since elision now depends
on tunables, we should always *compile* with elision enabled,
and leave the code disabled, but available for runtime
selection. This gives us *much* better compile-time testing of
the existing code to avoid bit-rot[2].
Tested on ppc, ppc64, ppc64le, s390x and x86_64.
[1] This part of the patch was initially proposed by
Paul Murphy but was "staled" because the framework have changed
since the patch was originally proposed:
https://patchwork.sourceware.org/patch/10342/
[2] This part of the patch was inititally proposed as a RFC by
Carlos O'Donnell. Make sense to me integrate this on the patch:
https://sourceware.org/ml/libc-alpha/2017-05/msg00335.html
* elf/dl-tunables.list: Add elision parameters.
* manual/tunables.texi: Add entries about elision tunable.
* sysdeps/unix/sysv/linux/powerpc/elision-conf.c:
Add callback functions to dynamically enable/disable elision.
Add multiple callbacks functions to set elision parameters.
Deleted __libc_enable_secure check.
* sysdeps/unix/sysv/linux/s390/elision-conf.c: Likewise.
* sysdeps/unix/sysv/linux/x86/elision-conf.c: Likewise.
* configure: Regenerated.
* configure.ac: Option enable_lock_elision was deleted.
* config.h.in: ENABLE_LOCK_ELISION flag was deleted.
* config.make.in: Remove references to enable_lock_elision.
* manual/install.texi: Elision configure option was removed.
* INSTALL: Regenerated to remove enable_lock_elision.
* nptl/Makefile:
Disable elision so it can verify error case for destroying a mutex.
* sysdeps/powerpc/nptl/elide.h:
Cleanup ENABLE_LOCK_ELISION check.
Deleted macros for the case when ENABLE_LOCK_ELISION was not defined.
* sysdeps/s390/configure: Regenerated.
* sysdeps/s390/configure.ac: Remove references to enable_lock_elision..
* nptl/tst-mutex8.c:
Deleted all #ifndef ENABLE_LOCK_ELISION from the test.
* sysdeps/powerpc/powerpc32/sysdep.h:
Deleted all ENABLE_LOCK_ELISION checks.
* sysdeps/powerpc/powerpc64/sysdep.h: Likewise.
* sysdeps/powerpc/sysdep.h: Likewise.
* sysdeps/s390/nptl/bits/pthreadtypes-arch.h: Likewise.
* sysdeps/unix/sysv/linux/powerpc/force-elision.h: Likewise.
* sysdeps/unix/sysv/linux/s390/elision-conf.h: Likewise.
* sysdeps/unix/sysv/linux/s390/force-elision.h: Likewise.
* sysdeps/unix/sysv/linux/s390/lowlevellock.h: Likewise.
* sysdeps/unix/sysv/linux/s390/Makefile: Remove references to
enable-lock-elision.
Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
There is a subtle non-determinism when building glibc.
This depends on whether the glibc is built using the distibuted
file intl/plural.c or built using the generated file intl/plural.c.
These two files (intl/plural.c generated vs. distributed) are slightly
different, hence we may end up with slightly different libraries.
Originally, having "bison" installed was optional. So if "bison" was
not present, we always built libraries with the distributed plural.c.
If bison was installed, we *** may have *** replaced the distributed
file plural.c with a new plural.c generated from plural.y. if the
timestamps triggered this rule:
plural.c plural.y
$(BISON) $(BISONFLAGS) $@ $^
Given that timestamps are not preserved in GIT repositories, the above
rule is not reliable without explicitly touching plural.c or plural.y.
In other words, the rule may or may not have fired.
In summary: there are two distinct sources of non-determinism:
1. Having "bison" installed or not
2. Having "bison" installed but timestamps poorly defined.
This patch fixes this by requiring "bison" being installed
and by always generating intl/plural.c from intl/plural.y.
(This is achieved by simply removing checked-in intl/plural.c)
[BZ #22432]
* configure.ac (BISON): Require to be present.
* configure: Regenerated.
* intl/Makefile (generated): Add plural.c.
[$(BISON) != no]: Make code unconditional.
(plural.c): Change rule to $(objpfx)plural.c.
($(objpfx)plural.o): Depend on $(objpfx)plural.c.
* intl/plural.c: Remove.
* manual/install.texi (Tools for Compilation): Document bison as
required.
* INSTALL: Regenerated.
Update all sourceware links to https. The website redirects
everything to https anyway so let the web server do a bit less work.
The only reference that remains unchanged is the one in the old
ChangeLog, since it didn't seem worth changing it.
* NEWS: Update sourceware link to https.
* configure.ac: Likewise.
* crypt/md5test-giant.c: Likewise.
* dlfcn/bug-atexit1.c: Likewise.
* dlfcn/bug-atexit2.c: Likewise.
* localedata/README: Likewise.
* malloc/tst-mallocfork.c: Likewise.
* manual/install.texi: Likewise.
* nptl/tst-pthread-getattr.c: Likewise.
* stdio-common/tst-fgets.c: Likewise.
* stdio-common/tst-fwrite.c: Likewise.
* sunrpc/Makefile: Likewise.
* sysdeps/arm/armv7/multiarch/memcpy_impl.S: Likewise.
* wcsmbs/tst-mbrtowc2.c: Likewise.
* configure: Regenerate.
* INSTALL: Regenerate.
When multi-lib GCC is used to build glibc, the search order of GCC driver
for crt*.o is -B*/`gcc -print-multi-directory`, the installed diretory,
-B*/. This patch adds multi-lib support to csu/Makefile so that
-B/glibc-build-directory/csu/ will pick up the newly built crt*.o.
Tested on x86-64 for i686 and x32.
[BZ #22362]
* Makerules (make-link-multidir): New.
* config.make.in (multidir): New.
* configure.ac (libc_cv_multidir): New. AC_SUBST.
* configure: Regenerated.
* csu/Makefile [$(multidir) != .](multilib-extra-objs): New.
[$(multidir) != .](extra-objs): Add $(multilib-extra-objs).
[$(multidir) != .]($(addprefix $(objpfx)$(multidir)/, $(install-lib))):
New target.
GCC 8 emits an warning for alias for functions with incompatible types
and it is used extensivelly for ifunc resolvers implementations in C
(for instance on weak_alias with the internal symbol name to the
external one or with the libc_hidden_def to set ifunc for internal
usage).
This breaks the build when the ifunc resolver is not defined using
gcc attribute extensions (HAVE_GCC_IFUNC being 0). Although for
all currently architectures that have multiarch support this compiler
options is enabled for default, there is still the option where the
user might try build glibc with a compiler without support for such
extension. In this case this patch just disable the multiarch folder
in sysdeps selections.
GCC 7 and before still builds IFUNCs regardless of compiler support
(although for the lack of attribute support debug information would
be optimal).
Checked with a build on multiarch support architectures (aarch64,
arm, sparc, s390, powerpc, x86_64, i386) with multiarch enable
and disable and with GCC 7 and GCC 8.
* configure.ac (libc_cv_gcc_incompatbile_alias): New define:
indicates whether compiler emits an warning for alias for
functions with incompatible types.
glibc has an add-ons mechanism to allow additional software to be
integrated into the glibc build. Such add-ons may be within the glibc
source tree, or outside it at a path passed to the --enable-add-ons
configure option.
localedata and crypt were once add-ons, distributed in separate
release tarballs, but long since stopped using that mechanism.
Linuxthreads was always an add-on. Ports spent some time as an add-on
with separate release tarballs, then was first moved into the glibc
source tree, then had its sysdeps files moved into the main sysdeps
hierarchy so the add-ons mechanism was no longer used. NPTL spent
some time as an add-on in the main glibc tree before stopping using
the add-on mechanism. libidn used to have separate release tarballs
but no longer does so, but still uses the add-ons mechanism within the
glibc source tree. Various other software has supported building with
the add-ons mechanism at times in the past, but I don't think any is
still widely used.
Add-ons involve significant, little-used complexity in the glibc build
system, and make it hard to understand what the space of possible
glibc configurations is. This patch removes the add-ons mechanism.
libidn is now built via the Subdirs mechanism to cause any
configuration using sysdeps/unix/inet to build libidn; HAVE_LIBIDN
(which effectively means shared libraries are available) is now
defined via sysdeps/unix/inet/configure. Various references to
add-ons around the source tree are removed (in the case of maint.texi,
the example list of sysdeps directories is still very out of date).
Externally maintained ports should now put their files in the normal
sysdeps directory structure rather than being arranged as add-ons;
they probably need to change e.g. elf.h anyway, rather than actually
being able to work just as a drop-in subtree. Hurd libpthread should
be arranged similarly to NPTL, so some files might go in a
hurd-pthreads (or similar) top-level directory in glibc, while sysdeps
files should go in the normal sysdeps directory structure (possibly in
hurd or hurd-pthreads subdirectories, just as there are nptl
subdirectories in the sysdeps tree).
Tested for x86_64, and with build-many-glibcs.py.
* configure.ac (--enable-add-ons): Remove option.
(machine): Do not mention add-ons in comment.
(LIBC_PRECONFIGURE): Likewise.
(add_ons): Remove variable and sanity checks and logic to locate
add-ons.
(add_ons_automatic): Remove variable.
(configured_add_ons): Likewise.
(add_ons_sfx): Likewise.
(add_ons_pfx): Likewise.
(add_on_subdirs): Likewise.
(sysnames_add_ons): Likewise. Remove loop over add-ons and
consideration of add-ons in Implies handling.
(sysdeps_add_ons): Likewise.
* configure: Regenerated.
* libidn/configure.ac: Remove.
* libidn/configure: Likewise.
* sysdeps/unix/inet/configure.ac: New file.
* sysdeps/unix/inet/configure: New generated file.
* sysdeps/unix/inet/Subdirs: Add libidn.
* Makeconfig (sysdeps-srcdirs): Remove variable.
(+sysdep_dirs): Do not include $(sysdeps-srcdirs).
($(common-objpfx)config.status): Do not depend on add-on files.
($(common-objpfx)shlib-versions.v.i): Do not mention add-ons in
comment.
(all-subdirs): Do not include $(add-on-subdirs).
* Makefile (dist-prepare): Do not use $(sysdeps-add-ons).
* config.make.in (add-ons): Remove variable.
(add-on-subdirs): Likewise.
(sysdeps-add-ons): Likewise.
* manual/Makefile (add-chapters): Remove.
($(objpfx)texis): Do not depend on $(add-chapters).
(nonexamples): Do not handle $(add-chapters).
(examples): Do not handle $(add-ons).
(chapters.% top-menu.%): Do not pass '$(add-chapters)' to
libc-texinfo.sh.
* manual/install.texi (Installation): Do not mention add-ons.
(--enable-add-ons): Do not document configure option.
* INSTALL: Regenerated.
* manual/libc-texinfo.sh: Do not handle $2 add-ons argument.
* manual/maint.texi (Hierarchy Conventions): Do not mention
add-ons.
* scripts/build-many-glibcs.py (Glibc.build_glibc): Do not use
--enable-add-ons.
* scripts/gen-sorted.awk: Do not handle Subdirs files from
add-ons.
* scripts/test-installation.pl: Do not handle glibc-compat add-on.
* sysdeps/nptl/Makeconfig: Do not mention add-ons in comment.
When configuring and building GNU libc using the Mozilla NSS library
for cryptography (--enable-nss-crypt option), also include the
NSPR header files along with the Mozilla NSS library header files.
Finally, when running the check-local-headers test, ignore the
Mozilla NSPR library header files (used by the Mozilla NSS library).
Commit 073e8fa773 requires binutils 2.25
or later to build glibc:
* configure.ac (AS): Require binutils 2.25 or later.
(LD): Likewise.
But it only updated LD version check in configure.ac. This patch adds
the missing AS version check.
* configure.ac (AS): Require binutils 2.25 or later.
* configure: Regenerated.
Since gold doesn't support INSERT in linker script:
https://sourceware.org/bugzilla/show_bug.cgi?id=21676
tst-split-dynreloc fails to link with gold. Check if linker supports
INSERT in linker script before using it.
* config.make.in (have-insert): New.
* configure.ac (libc_cv_insert): New. Set to yes if linker
supports INSERT in linker script.
(AC_SUBST(libc_cv_insert): New.
* configure: Regenerated.
* sysdeps/x86_64/Makefile (tests): Add tst-split-dynreloc only
if $(have-insert) == yes.
This patch implements a requirement of binutils >= 2.25 (up from 2.22)
to build glibc. Tests for 2.24 or later on x86_64 and s390 are
removed. It was already the case, as indicated by buildbot results,
that 2.24 was too old for building tests for 32-bit x86 (produced
internal linker errors linking elf/tst-gnu2-tls1mod.so). I don't know
if any configure tests for binutils features are obsolete given the
increased version requirement.
Tested for x86_64.
* configure.ac (AS): Require binutils 2.25 or later.
(LD): Likewise.
* configure: Regenerated.
* sysdeps/s390/configure.ac (AS): Remove version check.
* sysdeps/s390/configure: Regenerated.
* sysdeps/x86_64/configure.ac (AS): Remove version check.
* sysdeps/x86_64/configure: Regenerated.
* manual/install.texi (Tools for Compilation): Document
requirement for binutils 2.25 or later.
* INSTALL: Regenerated.
This patch makes configure require GCC 4.9 or later for building
glibc, and documents that requirement. Requiring GCC 4.9 or later
allows use of _Generic (as in tzcode). It would allow <stdatomic.h>
and _Atomic to be used as well if desired, although we need to avoid
any libatomic dependencies on any platforms. This patch is explicitly
the minimum to implement a new version requirement, with any
consequent cleanups of conditional code (not in installed headers or
files shared with gnulib etc.) to be done separately.
Tested for x86_64.
* configure.ac (libc_cv_compiler_ok): Require GCC 4.9 or later.
* configure: Regenerated.
* manual/install.texi (Tools for Compilation): Document
requirement for GCC 4.9 or later.
* INSTALL: Regenerated.
All of the major architectures are adopting tunables as a way to add
tuning to the library, from hwcap_mask for aarch64 to HLE for s390 and
ifunc and cache geometry for x86. Given this adoption and the fact
that we don't want additional tuning knobs to be added outside of
tunables, it makes sense to enable tunables by default using this
trivial patch.
Smoke tested on x86 to ensure that tunables code was built without
specifying it as a configure flag. I have kept it as --enabled and
not changed it to --disable since we want to still keep the option of
different kinds of front-ends for tunables.
* configure.ac(--enable-tunables): Enable by default.
* configure: Regenerate.
* NEWS: Mention change.
* manual/install.texi (enable-tunables): Adjust documentation.
* INSTALL: Regenerate.
<bits/std_abs.h> from GCC 7 will include /usr/include/stdlib.h from
"#include_next" (instead of stdlib/stdlib.h in the glibc source
directory), and this turns up as a make dependency. Also make a copy
of <bits/std_abs.h> to prevent it from including /usr/include/stdlib.h.
[BZ #21573]
* Makerules [$(c++-bits-std_abs-h) != ""] (before-compile): Add
$(common-objpfx)bits/std_abs.h.
[$(c++-bits-std_abs-h) != ""] ($(common-objpfx)bits/std_abs.h):
New target.
* config.make.in (c++-bits-std_abs-h): New.
* configure.ac (find_cxx_header): Use "\,$1," with sed.
(CXX_BITS_STD_ABS_H): New.
(AC_SUBST(CXX_BITS_STD_ABS_H)): Likewise.
* configure: Regenerated.
The test for "-z combreloc" fails when cross-compiling on a machine
that uses BSD grep (e.g. on macos). grep complains about empty
subexpression and exits with non-zero status, which is interpreted
by configure as "not found". As a result, support for "-z combreloc"
(HAVE_Z_COMBRELOC) is not detected, leading to link failure on SPARC.
While there, replace fgrep with 'grep -F', as fgrep is non-POSIX.
* configure.ac: Avoid empty subexpression in grep.
Signed-off-by: Alexey Neyman <stilor@att.net>
At the GNU Tools Cauldron 2016, the state of the current tunables
patchset was considered OK with the addition of a way to select the
frontend to be used for the tunables. That is, to avoid being locked
in to one type of frontend initially, it should be possible to build
tunables with a different frontend with something as simple as a
configure switch.
To that effect, this patch enhances the --enable-tunables option to
accept more values than just 'yes' or 'no'. The current frontend (and
default when enable-tunables is 'yes') is called 'valstring', to
select the frontend where a single environment variable is set to a
colon-separated value string. More such frontends can be added in
future.
* Makeconfig (have-tunables): Check for non-negative instead
of positive.
* configure.ac: Add 'valstring' as a valid value for
--enable-tunables.
* configure: Regenerate.
* elf/Makefile (have-tunables): Check for non-negative instead
of positive.
(CPPFLAGS-dl-tunables.c): Define TUNABLES_FRONTEND for
dl-tunables.c.
* elf/dl-tunables.c (GLIBC_TUNABLES): Define only when
TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring.
(tunables_strdup): Likewise.
(disable_tunables): Likewise.
(parse_tunables): Likewise.
(__tunables_init): Process GLIBC_TUNABLES envvar only when.
TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring.
* elf/dl-tunables.h (TUNABLES_FRONTEND_valstring): New macro.
(TUNABLES_FRONTEND_yes): New macro, define as
TUNABLES_FRONTEND_valstring by default.
* manual/install.texi: Document new acceptable values for
--enable-tunables.
* INSTALL: Regenerate.
The tunables framework allows us to uniformly manage and expose global
variables inside glibc as switches to users. tunables/README has
instructions for glibc developers to add new tunables.
Tunables support can be enabled by passing the --enable-tunables
configure flag to the configure script. This patch only adds a
framework and does not pose any limitations on how tunable values are
read from the user. It also adds environment variables used in malloc
behaviour tweaking to the tunables framework as a PoC of the
compatibility interface.
* manual/install.texi: Add --enable-tunables option.
* INSTALL: Regenerate.
* README.tunables: New file.
* Makeconfig (CPPFLAGS): Define TOP_NAMESPACE.
(before-compile): Generate dl-tunable-list.h early.
* config.h.in: Add HAVE_TUNABLES.
* config.make.in: Add have-tunables.
* configure.ac: Add --enable-tunables option.
* configure: Regenerate.
* csu/init-first.c (__libc_init_first): Move
__libc_init_secure earlier...
* csu/init-first.c (LIBC_START_MAIN):... to here.
Include dl-tunables.h, libc-internal.h.
(LIBC_START_MAIN) [!SHARED]: Initialize tunables for static
binaries.
* elf/Makefile (dl-routines): Add dl-tunables.
* elf/Versions (ld): Add __tunable_set_val to GLIBC_PRIVATE
namespace.
* elf/dl-support (_dl_nondynamic_init): Unset MALLOC_CHECK_
only when !HAVE_TUNABLES.
* elf/rtld.c (process_envvars): Likewise.
* elf/dl-sysdep.c [HAVE_TUNABLES]: Include dl-tunables.h
(_dl_sysdep_start): Call __tunables_init.
* elf/dl-tunable-types.h: New file.
* elf/dl-tunables.c: New file.
* elf/dl-tunables.h: New file.
* elf/dl-tunables.list: New file.
* malloc/tst-malloc-usable-static.c: New test case.
* malloc/Makefile (tests-static): Add it.
* malloc/arena.c [HAVE_TUNABLES]: Include dl-tunables.h.
Define TUNABLE_NAMESPACE.
(DL_TUNABLE_CALLBACK (set_mallopt_check)): New function.
(DL_TUNABLE_CALLBACK_FNDECL): New macro. Use it to define
callback functions.
(ptmalloc_init): Set tunable values.
* scripts/gen-tunables.awk: New file.
* sysdeps/mach/hurd/dl-sysdep.c: Include dl-tunables.h.
(_dl_sysdep_start): Call __tunables_init.
With all the machinery we just added, we can easily arrange to work even
when the compiler passes in -fstack-protector automatically: all the
necessary bits of glibc are always compiled with -fno-stack-protector
now.
So tear out the check in configure, and add appropriate calls to
-fno-stack-protector in tests that need them (largely those that use
-nostdlib), since we don't yet have a __stack_chk_fail that those
tests can rely upon. (GCC often provides one, but we cannot rely on
this, especially not when bootstrapping.)
When stack protection is disabled, explicitly pass -fno-stack-protector
to everything, to stop a compiler hacked to enable it from inserting
calls to __stack_chk_fail via the PLT in every object file.
When dynamically linking, ifunc resolvers are called before TLS is
initialized, so they cannot be safely stack-protected.
We avoid disabling stack-protection on large numbers of files by
using __attribute__ ((__optimize__ ("-fno-stack-protector")))
to turn it off just for the resolvers themselves. (We provide
the attribute even when statically linking, because we will later
use it elsewhere too.)
This adds =all and =strong, with obvious semantics, defaulting to off.
We don't validate the value of the option yet: that's in a later patch.
Nor do we use it for anything at this stage.
We differentiate between 'the compiler understands -fstack-protector'
and 'the user wanted -fstack-protector' so that we can pass
-fno-stack-protector in appropriate places even if the user didn't want
to turn on -fstack-protector for other parts. (This helps us overcome
another existing limitation, that glibc doesn't work with GCCs hacked
to pass in -fstack-protector by default.)
We also arrange to set the STACK_PROTECTOR_LEVEL #define to a value
appropriate for the stack-protection level in use for each file in
particular.
Add a configure check that looks for python3 and python in that order
since we had agreed in the past to prefer python3 over python in all
our code. The patch also adjusts invocations through the various
Makefiles to use the set variable.
* configure.ac: Check for python3 or python.
* configure: Regenerated.
* config.make.in (PYTHON): New variable.
* benchtests/Makefile: Don't define PYTHON.
(bench): Define target only if PYTHON was defined.
* Rules: Don't define PYTHON.
Define pretty printer targets only if PYTHON was defined.
(tests-printers): Add to tests-unsupported if PYTHON is not
found.
(python-flags, python-invoke): Remove.
(tests-printers-out): Use PYTHON instead of python-invoke.
Some configurations may use NSS cryptographic routines but have no
static library for those routines. The following changes allow glibc to
be built and tested with --enable-nss-crypt, but without having a static
NSS library. At a high level the change does two things:
(1) Detect at configure time if static NSS crypto libraries are
available. Assumes libfreebl3.a (instead of the existing Fedora
libfreebl.a which is incomplete) which matches libfreebl3.so.
(2) If static NSS crypto libraries are _not_ available then adjust the
way in which we build tst-linkall-static. This includes excluding a
reference to crypt and not linking against libcrypt.a, all of which
will fail otherwise.
Testing assumptions:
* Static library is named libfreebl3.a (not libfreebl.a as is currently
provided in Fedora), matching libfreebl3.so shared link name.
Tested on x86_64 on Fedora with:
(a) --enable-nss-crypt, with no static NSS library support: PASS
(previous FAIL)
(b) --enable-nss-crypt, with faked static NSS library support: PASS
(unsupported)
* Requires changing elf/Makefile to include a stub
/lib64/libfreebl3.a for testing purposes.
(c) --disable-nss-crypt: PASS
(default)
No regressions on x86_64.
For details see:
https://www.sourceware.org/ml/libc-alpha/2016-11/msg00647.html
When glibc is compiled with gcc 6.2 that has been configured with
--enable-default-pie and --enable-default-ssp, the configure script
fails to detect that the compiler has ssp turned on by default when
being built for i686-linux-gnu.
This is because gcc is emitting __stack_chk_fail_local but the
script is only looking for __stack_chk_fail. Support both.
Example output:
checking whether x86_64-pc-linux-gnu-gcc -m32 -Wl,-O1 -Wl,--as-needed
implicitly enables -fstack-protector... no
This patch adds a configure check to test if gcc supports attribute ifunc.
The support can either be enabled in <gcc-src>/gcc/config.gcc for one
architecture in general by setting default_gnu_indirect_function variable to yes
or by configuring gcc with --enable-gnu-indirect-function.
The next patch rewrites libc_ifunc macro to use gcc attribute ifunc instead
of inline assembly to generate the IFUNC symbols due to false debuginfo.
If gcc does not support attribute ifunc, the old approach for generating
ifunc'ed symbols is used. Then the debug-information is false. Thus it is
recommended to use a gcc with indirect function support (See notes in INSTALL).
After this patch-series these inline assemblies for ifunc-handling are not
scattered in multiple files but are used only indirect via ifunc-macros
and can simply removed in libc-symbols.h in future.
If glibc is configured with --enable-multi-arch and gcc does not support
attribute ifunc, a configure warning is dumped!
ChangeLog:
* config.h.in (HAVE_GCC_IFUNC): New undef.
* configure.ac: Add check if gcc supports attribute ifunc feature.
* configure: Regenerated.
* manual/install.texi: Add recommendation for gcc with
indirect-function support.
* INSTALL: Regenerated.
Since _dl_tlsdesc_dynamic is called via PLT, we need to add 8 bytes for
push in the PLT entry to align the stack.
[BZ #20309]
* configure.ac (have-mtls-dialect-gnu2): Set to yes if
-mtls-dialect=gnu2 works.
* configure: Regenerated.
* elf/Makefile [have-mtls-dialect-gnu2 = yes]
(tests): Add tst-gnu2-tls1.
(modules-names): Add tst-gnu2-tls1mod.
($(objpfx)tst-gnu2-tls1): New.
(tst-gnu2-tls1mod.so-no-z-defs): Likewise.
(CFLAGS-tst-gnu2-tls1mod.c): Likewise.
* elf/tst-gnu2-tls1.c: New file.
* elf/tst-gnu2-tls1mod.c: Likewise.
* sysdeps/x86_64/dl-tlsdesc.S (_dl_tlsdesc_dynamic): Add 8
bytes for push in the PLT entry to align the stack.
When --enable-bind-now is used to configure glibc build, we can avoid
an extra branch to the PLT entry by using indirect branch via the GOT
slot instead, which is similar to the first instructuon in the PLT
entry. Changes in the shared library sizes in text sections:
Shared library Before (bytes) After (bytes)
libm.so 1060813 1060797
libmvec.so 160881 160805
libpthread.so 94992 94984
librt.so 25064 25048
* config.h.in (BIND_NOW): New.
* configure.ac (BIND_NOW): New. Defined for --enable-bind-now.
* configure: Regenerated.
* sysdeps/x86_64/sysdep.h (JUMPTARGET)[BIND_NOW]: Defined to
indirect branch via the GOT slot.
In preparation to fix the --localedir configure argument we must
move the existing conflicting definition of localedir to a more
appropriate name. Given that all current internal uses of localedir
relate to the compiled locales we rename to complocaledir.
There are configure tests for the linker -z nodelete, -z nodlopen and
-z initfirst options. These options were added in binutils 2.11, so
the tests are obsolete; this patch removes them.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_z_nodelete): Remove configure test.
(libc_cv_z_nodlopen): Likewise.
(libc_cv_z_initfirst): Likewise.
* configure: Regenerated.
There is a configure test for the --no-whole-archive linker option.
This option was added in binutils 2.7, so the test is obsolete; this
patch removes it.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_ld_no_whole_archive): Remove configure
test.
* configure: Regenerated.
There is a configure test "for .preinit_array/.init_array/.fini_array
support". Support for this feature was added in binutils 2.13, so the
configure test is obsolete; this patch removes it.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_initfini_array): Remove configure test.
* configure: Regenerated.