This patch removes the stat, stat64, lstat, lstat64, fstat, fstat64,
fstatat, and fstatat64 static wrapper and add the symbol on the libc
with the expected names.
Both the prototypes of the internal symbol linked by the static
wrappers and the inline redirectors are also removed from the installed
sys/stat.h header file. The wrapper implementation license LGPL
exception is also removed since it is no longer statically linked to
binaries.
Internally the _STAT_VER* definitions are moved to a arch-specific
xstatver.h file. The internal defines that redirects internals
{f}stat{at} to their {f}xstat{at} counterparts are removed for Linux
(!NO_RTLD_HIDDEN). Hurd still requires them since {f}stat{at} pulls
extra objects that makes the loader build fail otherwise (I haven't
dig into why exactly).
Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.
Reviewed-by: Lukasz Majewski <lukma@denx.de>
Building Glibc with the latest GCC 11 shows a number of instances
of the new -Warray-parameter warning designed to encourage
consistency in the forms of array arguments in redeclarations of
the same function (and, ultimately, to enable the detection of out
of bounds accesses via such arguments).
To avoid the subset of these warnings for the RPC APIs, this patch
changes the declarations of these functions to match both their
definitions and the Oracle RPC documentation.
Besides avoiding the -Warray-parameter warnings the effect of this
change is for GCC to issue warnings when either the functions are
passed an array with fewer than MAXNETNAMELEN + 1 elements, or when
the functions themselves access elements outside the array bounds.
Building Glibc with the latest GCC 11 also shows a couple of instances
of the new -Warray-parameter warning in the thread db APIs.
To avoid these, this patch changes the deefinitions of the two functions
to match their definitions.
They have been renamed from env_path_list and rtld_search_dirs to
avoid linknamespace issues.
This change will allow future use these variables in diagnostics.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This requires defining a macro for the full path, matching the
-Wl,--dynamic-link= arguments used for linking glibc programs,
and ldd script.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This prints out version information for the dynamic loader and
exits immediately, without further command line processing
(which seems to match what some GNU tools do).
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
--help processing is deferred to the point where the executable has
been loaded, so that it is possible to eventually include information
from the main executable in the help output.
As suggested in the GNU command-line interface guidelines, the help
message is printed to standard output, and the exit status is
successful.
Handle usage errors closer to the GNU command-line interface
guidelines.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Also add a comment to elf/Makefile, explaining why we cannot use
config.status for autoconf template processing.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Introduce struct dl_main_state and move it to <dl-main.h>. Rename
enum mode to enum rtld_mode and add the rtld_mode_ prefix to the enum
constants.
This avoids the need for putting state that is only needed during
startup into the ld.so data segment.
In some cases, it is difficult to determine the kind of malloc
based on the execution context, so a function to determine that
is helpful.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
As noted in <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97264>, the cast
in the call to the read_int function is an aliasing violation. Change the
type of local variable f to a pointer to unsigned, which allows to
eliminate most casts while only adding three new ones.
It fixes the tst-cancelx{4,5} and tst-cancel24-{static} regression on
some platforms (arm and sparc32).
Checked on arm-linux-gnueabihf and sparcv9-linux-gnu.
The generic version is parallel to _dl_writev. It cannot use
_dl_writev directly because the errno value needs to be obtained
under a lock.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This functionality does not seem to be useful since static dlopen
is mostly used for iconv/character set conversion and NSS support.
gconv modules are loaded with full paths anyway, so that the
HWCAP subdirectory logic does not apply.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Current systems do not have BSD terminals, so the fallback code in
posix_openpt/getpt does not do anything. Also remove the file system
check for /dev/pts. Current systems always have a devpts file system
mounted there if /dev/ptmx exists.
grantpt is now essentially a no-op. It only verifies that the
argument is a ptmx-descriptor. Therefore, this change indirectly
addresses bug 24941.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
The EINVAL error code is mandated by POSIX and documented in the
manual. Also clean up the unlockpt implementation a bit, assuming
that TIOCSPTLCK is always defined.
Enhance login/tst-grantpt to cover unlockpt corner cases.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
The test now requires working /dev/pts pseudo-terminals.
A new subtest (test_not_ptmx) attempts to call grantpt on a
pseudo-terminal that is not a ptmx device. POSIX requires an EINVAL
error in this case.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
GCC 11 -Warray-bounds triggers invalid warnings when building
Linux timer_create.c:
../sysdeps/unix/sysv/linux/timer_create.c: In function '__timer_create_new':
../sysdeps/unix/sysv/linux/timer_create.c:83:17: warning: array subscript 'struct timer[0]' is partly outside array bounds of 'unsigned char[8]' [-Warray-bounds]
83 | newp->sigev_notify = (evp != NULL
| ^~
../sysdeps/unix/sysv/linux/timer_create.c:59:47: note: referencing an object of size 8 allocated by 'malloc'
59 | struct timer *newp = (struct timer *) malloc (offsetof (struct timer,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
60 | thrfunc));
| ~~~~~~~~~
The struct allocated for !SIGEV_THREAD timers only requires two 'int'
fields (sigev_notify and ktimerid) and the offsetof trick tries minimize
the memory usage by only allocation the required size. However,
although the resulting size is suffice for !SIGEV_THREAD time, accessing
the partially allocated object is error-prone and UB.
This patch fixes both issues by embedding the information whether
the timer if a SIGEV_THREAD in the returned 'timer_t'. For
!SIGEV_THREAD, the resulting 'timer_t' is the returned kernel timer
identifer (kernel_timer_t), while for SIGEV_THREAD it uses the fact
malloc returns at least _Alignof (max_align_t) pointers plus that
valid kernel_timer_t are always positive to set MSB bit of the returned
'timer_t' to indicate the timer handles a SIGEV_THREAD.
It allows to remove the memory allocation for !SIGEV_THREAD and also
remove the 'sigev_notify' field from 'struct timer'.
Checked on x86_64-linux-gnu and i686-linux-gnu.
The inner loop is called thousands of times per "make check" even
if there's otherwise nothing to do. Avoid calling /bin/head all
those times when a builtin will do.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
This patch fixes part of bug 26647 (-Werror=array-parameter error
building with GCC 11 because of __sigsetjmp being declared using an
array parameter in one header and a pointer parameter in another).
The fix is to split the struct __jmp_buf_tag definition out to a
separate bits/types/ header so it can be included in pthread.h, so
that pthread.h can declare __sigsetjmp with the type contents visible,
so can use an array (as in setjmp.h) rather than a pointer in the
declaration.
Note that several other build failures with GCC 11 remain. This does
not fix the jmp_buf-related -Wstringop-overflow errors (also discussed
in bug 26647), or -Warray-parameter errors for other functions (bug
26686), or -Warray-bounds errors (bug 26687).
Tested, with older compilers, natively for x86_64 and with
build-many-glibc.py for aarch64-linux-gnu. Tested with
build-many-glibcs.py with GCC mainline for aarch64-linux-gnu that this
gets past the -Warray-parameter issue for __sigsetjmp (with the next
build failure being the other one discussed in bug 26647).
The pthread_rwlock_clockrdlock, pthread_rwlock_clockwrlock,
pthread_rwlock_timedrdlock and pthread_rwlock_timedwrlock have been converted
to support 64 bit time.
This change uses new futex_abstimed_wait64 function in
./sysdeps/nptl/futex-helpers.c, which uses futex_time64 where possible.
The pthread_rwlock_{clock|timed}{rd|wr}lock only accepts absolute time.
Moreover, there is no need to check for NULL passed as *abstime pointer to the
syscalls as those calls have exported symbols marked with __nonull attribute
for abstime.
For systems with __TIMESIZE != 64 && __WORDSIZE == 32:
- Conversions between 64 bit time to 32 bit are necessary
- Redirection to pthread_rwlock_{clock|timed}{rd|wr}lock will provide support
for 64 bit time
Build tests:
./src/scripts/build-many-glibcs.py glibcs
Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
https://github.com/lmajewski/meta-y2038 and run tests:
https://github.com/lmajewski/y2038-tests/commits/master
Above tests were performed with Y2038 redirection applied as well as without
to test the proper usage of both __pthread_rwlock_{clock|timed}{rd|wr}lock64
and __pthread_rwlock_{clock|timed}{rd|wr}lock.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
This is the helper function, which uses struct __timespec64
to provide 64 bit absolute time to futex syscalls.
The aim of this function is to move convoluted pre-processor
macro code from sysdeps/nptl/lowlevellock-futex.h to C
function in futex-internal.c
The futex_abstimed_wait64 function has been put into a separate
file on the purpose - to avoid issues apparent on the m68k
architecture related to small number of available registers (there
is not enough registers to put all necessary arguments in them if
the above function would be added to futex-internal.h with
__always_inline attribute).
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
It avoids regressions on possible future commands that might require
additional libc support. The downside is new commands added by newer
kernels will need further glibc support.
Checked on x86_64-linux-gnu and i686-linux-gnu (Linux v4.15 and v5.4).
Both commands are Linux extensions where the third argument is a
'struct msginfo' instead of 'struct msqid_ds' and its information
does not contain any time related fields (so there is no need to
extra conversion for __IPC_TIME64.
The regression testcase checks for Linux specifix SysV ipc message
control extension. For IPC_INFO/MSG_INFO it tries to match the values
against the tunable /proc values and for MSG_STAT/MSG_STAT_ANY it
check if the create message queue is within the global list returned
by the kernel.
Checked on x86_64-linux-gnu and on i686-linux-gnu (Linux v5.4 and on
Linux v4.15).
It avoids regressions on possible future commands that might require
additional libc support. The downside is new commands added by newer
kernels will need further glibc support.
Checked on x86_64-linux-gnu and i686-linux-gnu (Linux v4.15 and v5.4).
Handle SEM_STAT_ANY the same way as SEM_STAT so that the buffer argument
of SEM_STAT_ANY is properly passed to the kernel and back.
The regression testcase checks for Linux specifix SysV ipc message
control extension. For IPC_INFO/SEM_INFO it tries to match the values
against the tunable /proc values and for SEM_STAT/SEM_STAT_ANY it
check if the create message queue is within the global list returned
by the kernel.
Checked on x86_64-linux-gnu and on i686-linux-gnu (Linux v5.4 and on
Linux v4.15).
Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
There are several compiler implementations that allow large stack
allocations to jump over the guard page at the end of the stack and
corrupt memory beyond that. See CVE-2017-1000364.
Compilers can emit code to probe the stack such that the guard page
cannot be skipped, but on aarch64 the probe interval is 64K by default
instead of the minimum supported page size (4K).
This patch enforces at least 64K guard on aarch64 unless the guard
is disabled by setting its size to 0. For backward compatibility
reasons the increased guard is not reported, so it is only observable
by exhausting the address space or parsing /proc/self/maps on linux.
On other targets the patch has no effect. If the stack probe interval
is larger than a page size on a target then ARCH_MIN_GUARD_SIZE can
be defined to get large enough stack guard on libc allocated stacks.
The patch does not affect threads with user allocated stacks.
Fixes bug 26691.
Both powerpc64 and s390x provides semtimedop through __NR_ipc for
pre v5.1 kernel. Neither the y2038 support (7c437d3778) nor the
attempt to fix an issue for !__ASSUME_DIRECT_SYSVIPC_SYSCALLS
(aaa12e9ff0) took this in consideration.
This patch fixes it by issuing __NR_semtimedop_time64 iff it is
defined, otherwise __NR_semtimeop is issued if both
__ASSUME_DIRECT_SYSVIPC_SYSCALLS it set and __NR_semtimedop is
define, other __NR_ipc is used instead. To summarize:
1. For 32-bit architetures __NR_semtimedop_time64 is always
issued. The fallback is used only for !__ASSUME_TIME64_SYSCALLS
and it issues either __NR_ipc or __NR_semtimedop.
2. For 64-bit architecture with wire-up SysV syscall
(__ASSUME_DIRECT_SYSVIPC_SYSCALLS and __NR_semtimeop defined)
__NR_semtimeop is issued.
3. Otherwise __NR_ipc is used instead.
Checked on x86_64-linux-gnu, i686-linux-gnu (kernel 4.15 and 5.4),
powerpc64le (kernel 4.18), and s390x (kernel 4.12).
Reviewed-by: Matheus Castanho <msc@linux.ibm.com>
This alias macro shall be moved to the beginning of the futex-internal.h
to be easily reused by other functions, which would support 64 bit time.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
It returns the string of the error constant, not its description (as
strerrordesc_np). To handle the Hurd error mapping, the ERR_MAP was
removed from errlist.h to errlist.c.
Also, the testcase test-strerr (added on 325081b9eb) was not added
on the check build neither it builds correctly. This patch also
changed it to decouple from errlist.h, the expected return values
are added explicitly for both both strerrorname_np and strerrordesc_np
directly.
Checked on x86_64-linux-gnu and i686-linux-gnu. I also run a make
check for i686-gnu.
Some tunable values and their minimum/maximum values must be determinted
at run-time. Add TUNABLE_SET_WITH_BOUNDS and TUNABLE_SET_WITH_BOUNDS_FULL
to update tunable value together with minimum and maximum values.
__tunable_set_val is updated to set tunable value as well as min/max
values.