Commit Graph

2338 Commits

Author SHA1 Message Date
Paul Pluzhnikov
0065aaaaae Fix BZ 20419. A PT_NOTE in a binary could be arbitratily large, so using
alloca for it may cause stack overflow.  If the note is larger than
__MAX_ALLOCA_CUTOFF, use dynamically allocated memory to read it in.

2018-05-05  Paul Pluzhnikov  <ppluzhnikov@google.com>

	[BZ #20419]
	* elf/dl-load.c (open_verify): Fix stack overflow.
	* elf/Makefile (tst-big-note): New test.
	* elf/tst-big-note-lib.S: New.
	* elf/tst-big-note.c: New.
2018-05-05 18:08:27 -07:00
Joseph Myers
da5e0361d9 Add NT_PPC_PKEY from Linux 4.16 to elf.h.
This patch adds the NT_PPC_PKEY macro from Linux 4.16 to elf.h.

Tested for x86_64.

	* elf/elf.h (NT_PPC_PKEY): New macro.
2018-04-23 19:41:09 +00:00
Maciej W. Rozycki
e7feec374c elf: Correct absolute (SHN_ABS) symbol run-time calculation [BZ #19818]
Do not relocate absolute symbols by the base address.  Such symbols have
SHN_ABS as the section index and their value is not supposed to be
affected by relocation as per the ELF gABI[1]:

"SHN_ABS
    The symbol has an absolute value that will not change because of
    relocation."

The reason for our non-conformance here seems to be an old SysV linker
bug causing symbols like _DYNAMIC to be incorrectly emitted as absolute
symbols[2].  However in a previous discussion it was pointed that this
is seriously flawed by preventing the lone purpose of the existence of
absolute symbols from being used[3]:

"On the contrary, the only interpretation that makes sense to me is that
it will not change because of relocation at link time or at load time.
Absolute symbols, from the days of the earliest linking loaders, have
been used to represent addresses that are outside the address space of
the module (e.g., memory-mapped addresses or kernel gateway pages).
They've even been used to represent true symbolic constants (e.g.,
system entry point numbers, sizes, version numbers).  There's no other
way to represent a true absolute symbol, while the meaning you seek is
easily represented by giving the symbol a non-negative st_shndx value."

and we ought to stop supporting our current broken interpretation.

Update processing for dladdr(3) and dladdr1(3) so that SHN_ABS symbols
are ignored, because under the corrected interpretation they do not
represent addresses within a mapped file and therefore are not supposed
to be considered.

References:

[1] "System V Application Binary Interface - DRAFT - 19 October 2010",
    The SCO Group, Section "Symbol Table",
    <http://www.sco.com/developers/gabi/2012-12-31/ch4.symtab.html>

[2] Alan Modra, "Absolute symbols"
    <https://sourceware.org/ml/binutils/2012-05/msg00019.html>

[3] Cary Coutant, "Re: Absolute symbols"
    <https://sourceware.org/ml/binutils/2012-05/msg00020.html>

	[BZ #19818]
	* sysdeps/generic/ldsodefs.h (SYMBOL_ADDRESS): Handle SHN_ABS
	symbols.
	* elf/dl-addr.c (determine_info): Ignore SHN_ABS symbols.
	* elf/tst-absolute-sym.c: New file.
	* elf/tst-absolute-sym-lib.c: New file.
	* elf/tst-absolute-sym-lib.lds: New file.
	* elf/Makefile (tests): Add `tst-absolute-sym'.
	(modules-names): Add `tst-absolute-sym-lib'.
	(LDLIBS-tst-absolute-sym-lib.so): New variable.
	($(objpfx)tst-absolute-sym-lib.so): New dependency.
	($(objpfx)tst-absolute-sym): New dependency.
2018-04-04 23:09:37 +01:00
Maciej W. Rozycki
10a446ddcc elf: Unify symbol address run-time calculation [BZ #19818]
Wrap symbol address run-time calculation into a macro and use it
throughout, replacing inline calculations.

There are a couple of variants, most of them different in a functionally
insignificant way.  Most calculations are right following RESOLVE_MAP,
at which point either the map or the symbol returned can be checked for
validity as the macro sets either both or neither.  In some places both
the symbol and the map has to be checked however.

My initial implementation therefore always checked both, however that
resulted in code larger by as much as 0.3%, as many places know from
elsewhere that no check is needed.  I have decided the size growth was
unacceptable.

Having looked closer I realized that it's the map that is the culprit.
Therefore I have modified LOOKUP_VALUE_ADDRESS to accept an additional
boolean argument telling it to access the map without checking it for
validity.  This in turn has brought quite nice results, with new code
actually being smaller for i686, and MIPS o32, n32 and little-endian n64
targets, unchanged in size for x86-64 and, unusually, marginally larger
for big-endian MIPS n64, as follows:

i686:
   text    data     bss     dec     hex filename
 152255    4052     192  156499   26353 ld-2.27.9000-base.so
 152159    4052     192  156403   262f3 ld-2.27.9000-elf-symbol-value.so
MIPS/o32/el:
   text    data     bss     dec     hex filename
 142906    4396     260  147562   2406a ld-2.27.9000-base.so
 142890    4396     260  147546   2405a ld-2.27.9000-elf-symbol-value.so
MIPS/n32/el:
   text    data     bss     dec     hex filename
 142267    4404     260  146931   23df3 ld-2.27.9000-base.so
 142171    4404     260  146835   23d93 ld-2.27.9000-elf-symbol-value.so
MIPS/n64/el:
   text    data     bss     dec     hex filename
 149835    7376     408  157619   267b3 ld-2.27.9000-base.so
 149787    7376     408  157571   26783 ld-2.27.9000-elf-symbol-value.so
MIPS/o32/eb:
   text    data     bss     dec     hex filename
 142870    4396     260  147526   24046 ld-2.27.9000-base.so
 142854    4396     260  147510   24036 ld-2.27.9000-elf-symbol-value.so
MIPS/n32/eb:
   text    data     bss     dec     hex filename
 142019    4404     260  146683   23cfb ld-2.27.9000-base.so
 141923    4404     260  146587   23c9b ld-2.27.9000-elf-symbol-value.so
MIPS/n64/eb:
   text    data     bss     dec     hex filename
 149763    7376     408  157547   2676b ld-2.27.9000-base.so
 149779    7376     408  157563   2677b ld-2.27.9000-elf-symbol-value.so
x86-64:
   text    data     bss     dec     hex filename
 148462    6452     400  155314   25eb2 ld-2.27.9000-base.so
 148462    6452     400  155314   25eb2 ld-2.27.9000-elf-symbol-value.so

	[BZ #19818]
	* sysdeps/generic/ldsodefs.h (LOOKUP_VALUE_ADDRESS): Add `set'
	parameter.
	(SYMBOL_ADDRESS): New macro.
	[!ELF_FUNCTION_PTR_IS_SPECIAL] (DL_SYMBOL_ADDRESS): Use
	SYMBOL_ADDRESS for symbol address calculation.
	* elf/dl-runtime.c (_dl_fixup): Likewise.
	(_dl_profile_fixup): Likewise.
	* elf/dl-symaddr.c (_dl_symbol_address): Likewise.
	* elf/rtld.c (dl_main): Likewise.
	* sysdeps/aarch64/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/alpha/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/arm/dl-machine.h (elf_machine_rel): Likewise.
	(elf_machine_rela): Likewise.
	* sysdeps/hppa/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/hppa/dl-symaddr.c (_dl_symbol_address): Likewise.
	* sysdeps/i386/dl-machine.h (elf_machine_rel): Likewise.
	(elf_machine_rela): Likewise.
	* sysdeps/ia64/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/m68k/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/microblaze/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/mips/dl-machine.h (ELF_MACHINE_BEFORE_RTLD_RELOC):
	Likewise.
	(elf_machine_reloc): Likewise.
	(elf_machine_got_rel): Likewise.
	* sysdeps/mips/dl-trampoline.c (__dl_runtime_resolve): Likewise.
	* sysdeps/nios2/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/powerpc/powerpc32/dl-machine.h (elf_machine_rela):
	Likewise.
	* sysdeps/powerpc/powerpc64/dl-machine.h (elf_machine_rela):
	Likewise.
	* sysdeps/riscv/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/s390/s390-32/dl-machine.h (elf_machine_rela):
	Likewise.
	* sysdeps/s390/s390-64/dl-machine.h (elf_machine_rela):
	Likewise.
	* sysdeps/sh/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/sparc/sparc32/dl-machine.h (elf_machine_rela):
	Likewise.
	* sysdeps/sparc/sparc64/dl-machine.h (elf_machine_rela):
	Likewise.
	* sysdeps/tile/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/x86_64/dl-machine.h (elf_machine_rela): Likewise.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2018-04-04 23:09:37 +01:00
Andreas Schwab
3dfd23eb4b RISC-V: add remaining relocations 2018-03-26 12:08:21 +02:00
H.J. Lu
b8114edd3c Add $(tests-execstack-$(have-z-execstack)) after defined [BZ #22998]
When $(tests-execstack-$(have-z-execstack)) is added to tests before
it is defined, it is empty.  This patch adds it to tests after it is
defined.

	[BZ #22998]
	* elf/Makefile (tests): Add $(tests-execstack-$(have-z-execstack))
	after it is defined.
2018-03-24 08:25:55 -07:00
Joseph Myers
d473f01520 Add SHT_X86_64_UNWIND to elf.h (bug 20079).
As requested in bug 20079, this patch adds SHT_X86_64_UNWIND (a
standard value from the x86_64 ABI) to elf.h.

Tested for x86_64.

	[BZ #20079]
	* elf/elf.h (SHT_X86_64_UNWIND): New macro.
2018-03-19 18:08:48 +00:00
Samuel Thibault
a5df0318ef hurd: add gscope support
* elf/dl-support.c [!THREAD_GSCOPE_IN_TCB] (_dl_thread_gscope_count):
Define variable.
* sysdeps/generic/ldsodefs.h [!THREAD_GSCOPE_IN_TCB] (struct
rtld_global): Add _dl_thread_gscope_count member.
* sysdeps/mach/hurd/tls.h: Include <atomic.h>.
[!defined __ASSEMBLER__] (THREAD_GSCOPE_GLOBAL, THREAD_GSCOPE_SET_FLAG,
THREAD_GSCOPE_RESET_FLAG, THREAD_GSCOPE_WAIT): Define macros.
* sysdeps/generic/tls.h: Document THREAD_GSCOPE_IN_TCB.
* sysdeps/aarch64/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/alpha/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/arm/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/hppa/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/i386/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/ia64/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/m68k/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/microblaze/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/mips/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/nios2/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/powerpc/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/riscv/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/s390/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/sh/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/sparc/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/tile/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
* sysdeps/x86_64/nptl/tls.h: Define THREAD_GSCOPE_IN_TCB to 1.
2018-03-11 13:06:33 +01:00
Florian Weimer
999a6dab3e ldconfig: Sync temporary files to disk before renaming them [BZ #20890]
If the system crashes before the file data has been written to disk, the
file system recovery upon the next mount may restore a partially
rewritten temporary file under the non-temporary (final) name (after the
rename operation).
2018-02-21 10:42:48 +01:00
Florian Weimer
52a01100ad elf: Remove ad-hoc restrictions on dlopen callers [BZ #22787]
This looks like a post-exploitation hardening measure: If an attacker is
able to redirect execution flow, they could use that to load a DSO which
contains additional code (or perhaps make the stack executable).

However, the checks are not in the correct place to be effective: If
they are performed before the critical operation, an attacker with
sufficient control over execution flow could simply jump directly to
the code which performs the operation, bypassing the check.  The check
would have to be executed unconditionally after the operation and
terminate the process in case a caller violation was detected.

Furthermore, in _dl_check_caller, there was a fallback reading global
writable data (GL(dl_rtld_map).l_map_start and
GL(dl_rtld_map).l_text_end), which could conceivably be targeted by an
attacker to disable the check, too.

Other critical functions (such as system) remain completely
unprotected, so the value of these additional checks does not appear
that large.  Therefore this commit removes this functionality.
2018-02-21 10:37:22 +01:00
Joseph Myers
d28bf64897 Add elf.h NT_* macros from Linux 4.15 (bug 14890).
Linux 4.15 adds NT_S390_RI_CB to linux/elf.h (and NT_ARM_SVE, which we
already have in glibc).  This shows up that various other ELF note
values from linux/elf.h are missing from glibc's elf.h.

This patch adds the missing values that are relevant to glibc
architectures.  As elf.h is a general description of the ELF format,
not necessarily limited to glibc configurations, there's an argument
for having the remaining NT_* values that Linux uses for non-glibc
architectures in glibc's elf.h as well, but this patch does not add
them.

Adding the NT_PRFPREG name is bug 14890.  That bug also requests
making the NT_FPREGSET name obsolete.  Given that elf.h is not just
for Linux but can describe ELF for other operating systems, I don't
think that a change of name in the Linux kernel is sufficient
justification for declaring the other name obsolete; there can be
multiple names for the same note value, even with incompatible
semantics, if those reflect variants of the ELF format in actual use.
For example, FreeBSD appears still to have the name NT_FPREGSET
<https://github.com/freebsd/freebsd/blob/master/sys/sys/elf_common.h>
(note: I haven't checked whether the FreeBSD kernel actually generates
such notes or whether this is actually an other-OS definition present
in FreeBSD's header).

	[BZ #14890]
	* elf/elf.h (NT_PRFPREG): New macro.
	(NT_S390_VXRS_LOW): Likewise.
	(NT_S390_VXRS_HIGH): Likewise.
	(NT_S390_GS_CB): Likewise.
	(NT_S390_GS_BC): Likewise.
	(NT_S390_RI_CB): Likewise.
2018-02-06 00:37:17 +00:00
H.J. Lu
6a5cac49b6 Use ADDRIDX with DT_GNU_HASH
The only differences in ld.so are line numbers for asserts.

Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>

	* elf/dl-addr.c (determine_info): Use ADDRIDX with DT_GNU_HASH.
	* elf/dl-lookup.c (_dl_setup_hash): Likewise.
	* elf/get-dynamic-info.h (elf_get_dynamic_info): Likewise.
2018-02-05 14:58:57 -08:00
H.J. Lu
b44e0dfbac Add DT_SYMTAB_SHNDX from gABI
* elf/elf.h (DT_SYMTAB_SHNDX): New.  Set to 34.
	(DT_NUM): Updated to 35.
2018-02-05 06:30:17 -08:00
Palmer Dabbelt
fb58aac5fe
Add support for the RISC-V-specific ELF flags
The RISC-V port defines ELF flags that enforce compatibility between
various objects.  This adds the shared support necessary for these
flags.

2018-01-25  Palmer Dabbelt  <palmer@sifive.com>

        * elf/cache.c (print_entry): Add FLAG_RISCV_FLOAT_ABI_SOFT and
        FLAG_RISCV_FLOAT_ABI_DOUBLE.
        * elf/elf.h (EF_RISCV_RVC): New define.
        (EF_RISCV_FLOAT_ABI): Likewise.
        (EF_RISCV_FLOAT_ABI_SOFT): Likewise.
        (EF_RISCV_FLOAT_ABI_SINGLE): Likewise.
        (EF_RISCV_FLOAT_ABI_DOUBLE): Likewise.
        (EF_RISCV_FLOAT_ABI_QUAD): Likewise.
        * sysdeps/generic/ldconfig.h (FLAG_RISCV_FLOAT_ABI_SOFT): New
        define.
        (FLAG_RISCV_FLOAT_ABI_DOUBLE): Likewise.
2018-01-25 10:06:19 -08:00
Alan Hayward
c9e613a728 Add NT_ARM_SVE to elf.h
This definition is for AArch64 SVE registers in elf core dumps.

	* elf/elf.h (NT_ARM_SVE): Define.
2018-01-15 15:24:11 +00:00
Carlos O'Donell
505d391004 Synchronize DF_1_* flags with binutils (Bug 22707)
This patch synchronizes DF_1_* flags with binutils
and ensures that all DF_1_* flags defined in binutil's
include/elf/common.h are also defined glibc's elf/elf.h.
This is a user visible change since elf/elf.h is installed
by default as /usr/include/elf.h.

Signed-off-by: Carlos O'Donell <carlos@redhat.com>
2018-01-13 20:23:05 -08:00
Palmer Dabbelt
31a98837be Add RISC-V dynamic relocations to elf.h
These relocations can appear in shared objects on RISC-V ELF systems.

2018-01-06  Palmer Dabbelt  <palmer@sifive.com>

       * elf/elf.h (R_RISCV_NONE): New define.
       (R_RISCV_32): Likewise.
       (R_RISCV_64): Likewise.
       (R_RISCV_RELATIVE): Likewise.
       (R_RISCV_COPY): Likewise.
       (R_RISCV_JUMP_SLOT): Likewise.
       (R_RISCV_TLS_DTPMOD32): Likewise.
       (R_RISCV_TLS_DTPMOD64): Likewise.
       (R_RISCV_TLS_DTPREL32): Likewise.
       (R_RISCV_TLS_DTPREL64): Likewise.
       (R_RISCV_TLS_TPREL32): Likewise.
       (R_RISCV_TLS_TPREL64): Likewise.
2018-01-06 23:31:32 -08:00
Florian Weimer
82eef55f8f elf: Support dlvsym within libc.so
This commit adds a new _dl_open_hook entry for dlvsym and implements the
function using the existing dl_lookup_symbol_x function supplied by the
dynamic loader.

A new hook variable, _dl_open_hook2, is introduced, which should make
this change suitable for backporting: For old statically linked
binaries, __libc_dlvsym will always return NULL.
2018-01-04 18:46:24 +01:00
Dmitry V. Levin
dbba87d531 elf: check for rpath emptiness before making a copy of it
* elf/dl-load.c (decompose_rpath): Check for rpath emptiness before
making a copy of it.
2018-01-01 20:37:32 +00:00
Joseph Myers
09533208fe Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2018.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.

Please remember to include 2018 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).

	* NEWS: Update copyright dates.
	* catgets/gencat.c (print_version): Likewise.
	* csu/version.c (banner): Likewise.
	* debug/catchsegv.sh: Likewise.
	* debug/pcprofiledump.c (print_version): Likewise.
	* debug/xtrace.sh (do_version): Likewise.
	* elf/ldconfig.c (print_version): Likewise.
	* elf/ldd.bash.in: Likewise.
	* elf/pldd.c (print_version): Likewise.
	* elf/sotruss.sh: Likewise.
	* elf/sprof.c (print_version): Likewise.
	* iconv/iconv_prog.c (print_version): Likewise.
	* iconv/iconvconfig.c (print_version): Likewise.
	* locale/programs/locale.c (print_version): Likewise.
	* locale/programs/localedef.c (print_version): Likewise.
	* login/programs/pt_chown.c (print_version): Likewise.
	* malloc/memusage.sh (do_version): Likewise.
	* malloc/memusagestat.c (print_version): Likewise.
	* malloc/mtrace.pl: Likewise.
	* manual/libc.texinfo: Likewise.
	* nptl/version.c (banner): Likewise.
	* nscd/nscd.c (print_version): Likewise.
	* nss/getent.c (print_version): Likewise.
	* nss/makedb.c (print_version): Likewise.
	* posix/getconf.c (main): Likewise.
	* scripts/test-installation.pl: Likewise.
	* sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2018-01-01 00:41:16 +00:00
Joseph Myers
688903eb3e Update copyright dates with scripts/update-copyrights.
* All files with FSF copyright notices: Update copyright dates
	using scripts/update-copyrights.
	* locale/programs/charmap-kw.h: Regenerated.
	* locale/programs/locfile-kw.h: Likewise.
2018-01-01 00:32:25 +00:00
Aurelien Jarno
3e3c904dae elf: Check for empty tokens before dynamic string token expansion [BZ #22625]
The fillin_rpath function in elf/dl-load.c loops over each RPATH or
RUNPATH tokens and interprets empty tokens as the current directory
("./"). In practice the check for empty token is done *after* the
dynamic string token expansion. The expansion process can return an
empty string for the $ORIGIN token if __libc_enable_secure is set
or if the path of the binary can not be determined (/proc not mounted).

Fix that by moving the check for empty tokens before the dynamic string
token expansion. In addition, check for NULL pointer or empty strings
return by expand_dynamic_string_token.

The above changes highlighted a bug in decompose_rpath, an empty array
is represented by the first element being NULL at the fillin_rpath
level, but by using a -1 pointer in decompose_rpath and other functions.

Changelog:
	[BZ #22625]
	* elf/dl-load.c (fillin_rpath): Check for empty tokens before dynamic
	string token expansion. Check for NULL pointer or empty string possibly
	returned by expand_dynamic_string_token.
	(decompose_rpath): Check for empty path after dynamic string
	token expansion.
2017-12-30 22:01:32 +01:00
Dmitry V. Levin
2bd86632b7 elf: remove redundant is_path argument
is_path argument is no longer used and could be safely removed.

* elf/dl-dst.h (DL_DST_COUNT): Remove is_path argument, all callers
updated.
* elf/dl-load.c (is_dst, _dl_dst_count, _dl_dst_substitute,
expand_dynamic_string_token): Likewise.
* sysdeps/generic/ldsodefs.h (_dl_dst_count, _dl_dst_substitute): Remove
is_path argument.
2017-12-27 22:12:51 +00:00
Dmitry V. Levin
1c36e1e6a5 elf: remove redundant code from is_dst
is_dst is called either by _dl_dst_count or by _dl_dst_substitute.
_dl_dst_count is called by DL_DST_COUNT only.
DL_DST_COUNT is called either by expand_dst with is_path == 0
or by expand_dynamic_string_token.
_dl_dst_substitute is called either from expand_dst with is_path == 0
or from expand_dynamic_string_token.
The latter function is called either from _dl_map_object with is_path == 0
or from fillin_rpath with is_path == 1 and name containing no ':'.

In any case (is_path && name[i] == ':') is always false and all code
depending on it can be safely removed.

* elf/dl-load.c (is_dst): Remove checks that is_path is set and name
contains ':', and all code depending on these checks.
2017-12-27 22:12:51 +00:00
Dmitry V. Levin
97f13188c9 elf: remove redundant code from _dl_dst_substitute
There are just two users of _dl_dst_substitute: one is expand_dst that
sets is_path argument to 0, another one is expand_dynamic_string_token.
The latter function also has just two users: one is _dl_map_object that
sets is_path argument to 0, another one is fillin_rpath that sets
is_path argument to 1 and name argument contains no ':'.

In any case (is_path && name[i] == ':') is always false and all code
depending on it can be safely removed.

* elf/dl-load.c (_dl_dst_substitute): Remove checks that is_path
is set and name contains ':', and all code depending on these checks.
2017-12-27 22:12:51 +00:00
Dmitry V. Levin
10e93d9687 elf: remove redundant __libc_enable_secure check from fillin_rpath
There are just two users of fillin_rpath: one is decompose_rpath that
sets check_trusted argument to 0, another one is _dl_init_paths that
sets check_trusted argument to __libc_enable_secure and invokes
fillin_rpath only when LD_LIBRARY_PATH is non-empty.

Starting with commit
glibc-2.25.90-512-gf6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d,
LD_LIBRARY_PATH is ignored for __libc_enable_secure executables,
so check_trusted argument of fillin_rpath is always zero.

* elf/dl-load.c (is_trusted_path): Remove.
(fillin_rpath): Remove check_trusted argument and its use,
all callers changed.
2017-12-19 21:53:11 +00:00
H.J. Lu
ce16eb52c0 Replece LDFLAGS-* = $(no-pie-ldflag) with tst-*-no-pie = yes [BZ #22630]
After

commit 9d7a3741c9
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Fri Dec 15 16:59:33 2017 -0800

    Add --enable-static-pie configure option to build static PIE [BZ #19574]

and

commit 00c714df39
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Mon Dec 18 12:24:26 2017 -0800

    Pass -no-pie to GCC only if GCC defaults to PIE [BZ #22614]

$(no-pie-ldflag) is no longer effective since no-pie-ldflag is defined
to -no-pie only if GCC defaults to PIE.  When --enable-static-pie is
used to configure glibc build and GCC doesn't default to PIE. no-pie-ldflag
is undefined and these tests:

elf/Makefile:LDFLAGS-tst-dlopen-aout = $(no-pie-ldflag)
elf/Makefile:LDFLAGS-tst-prelink = $(no-pie-ldflag)
elf/Makefile:LDFLAGS-tst-main1 = $(no-pie-ldflag)
gmon/Makefile:LDFLAGS-tst-gmon := $(no-pie-ldflag)

may fail to link.  This patch replaces "-pie" with

$(if $($(@F)-no-pie),$(no-pie-ldflag),-pie)

and repleces

LDFLAGS-* = $(no-pie-ldflag)

with

tst-*-no-pie = yes

so that tst-dlopen-aout, tst-prelink, tst-main1 and tst-gmon are always
built as non-PIE, with and without --enable-static-pie, regardless if
GCC defaults to PIE or non-PIE.

Tested with build-many-glibcs.py without --enable-static-pie as well as
with --enable-static-pie for x86_64, x32 and i686.

	[BZ #22630]
	* Makeconfig (link-pie-before-libc): Replace -pie with
	$(if $($(@F)-no-pie),$(no-pie-ldflag),-pie).
	* elf/Makefile (LDFLAGS-tst-dlopen-aout): Removed.
	(tst-dlopen-aout-no-pie): New.
	(LDFLAGS-tst-prelink): Removed.
	(tst-prelink-no-pie): New.
	(LDFLAGS-tst-main1): Removed.
	(tst-main1-no-pie): New.
	* gmon/Makefile (LDFLAGS-tst-gmon): Removed.
	(tst-gmon-no-pie): New.
2017-12-19 13:53:11 -08:00
Florian Weimer
8e1472d2c1 ld.so: Examine GLRO to detect inactive loader [BZ #20204]
GLRO (_rtld_global_ro) is read-only after initialization and can
therefore not be patched at run time, unlike the hook table addresses
and their contents, so this is a desirable hardening feature.

The hooks are only needed if ld.so has not been initialized, and this
happens only after static dlopen (dlmopen uses a single ld.so object
across all namespaces).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2017-12-18 20:04:13 +01:00
Dmitry V. Levin
bb195224ac elf: do not substitute dst in $LD_LIBRARY_PATH twice [BZ #22627]
Starting with commit
glibc-2.18.90-470-g2a939a7e6d81f109d49306bc2e10b4ac9ceed8f9 that
introduced substitution of dynamic string tokens in fillin_rpath,
_dl_init_paths invokes _dl_dst_substitute for $LD_LIBRARY_PATH twice:
the first time it's called directly, the second time the result
is passed on to fillin_rpath which calls expand_dynamic_string_token
which in turn calls _dl_dst_substitute, leading to the following
behaviour:

$ mkdir -p /tmp/'$ORIGIN' && cd /tmp/'$ORIGIN' &&
  echo 'int main(){}' |gcc -xc - &&
  strace -qq -E LD_LIBRARY_PATH='$ORIGIN' -e /open ./a.out
open("/tmp//tmp/$ORIGIN/tls/x86_64/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/tmp//tmp/$ORIGIN/tls/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/tmp//tmp/$ORIGIN/x86_64/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/tmp//tmp/$ORIGIN/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3

Fix this by removing the direct _dl_dst_substitute invocation.

* elf/dl-load.c (_dl_init_paths): Remove _dl_dst_substitute preparatory
code and invocation.
2017-12-18 12:24:48 +00:00
Aurelien Jarno
7d38eb3897 ldconfig: set LC_COLLATE to C [BZ #22505]
ldconfig supports `include' directives and use the glob function to
process them. The glob function sort entries according to the LC_COLLATE
category. When using a standard "include /etc/ld.so.conf.d/*.conf" entry
in /etc/ld.so.conf, the order therefore depends on the locale used to
run ldconfig. A few examples of locale specific order that might be
disturbing in that context compared to the C locale:
- The cs_CZ and sk_SK locales sort the digits after the letters.
- The et_EE locale sorts the 'z' between 's' and 't'.

This patch fixes that by setting LC_COLLATE to C in order to process
files in deterministic order, independently of the locale used to launch
ldconfig.

NOTE: This should NOT be backported to older release branches.

Changelog:
	[BZ #22505]
	* elf/ldconfig.c (main): Call setlocale to force LC_COLLATE to C.
2017-12-16 12:25:41 +01:00
Carlos O'Donell
93930ea935 Fix tst-leaks1 (bug 14681)
The test tst-leaks1 exercises calling dlopen with a $ORIGIN DST.

This results in a theoretical leak e.g.

Memory not freed:
-----------------
           Address     Size     Caller
0x0000000001d766c0     0x21  at 0x7fb1bd8bf4ab

Or as seen via valgrind:

==27582== 33 bytes in 1 blocks are still reachable in loss record 1 of 1
==27582==    at 0x4C2CB6B: malloc (vg_replace_malloc.c:299)
==27582==    by 0x40124AA: _dl_get_origin (dl-origin.c:50)
==27582==    by 0x4007DB9: expand_dynamic_string_token (dl-load.c:382)
==27582==    by 0x400899C: _dl_map_object (dl-load.c:2160)
==27582==    by 0x4013020: dl_open_worker (dl-open.c:224)
==27582==    by 0x5166F9B: _dl_catch_exception (dl-error-skeleton.c:198)
==27582==    by 0x4012BD9: _dl_open (dl-open.c:594)
==27582==    by 0x4E39EF5: dlopen_doit (dlopen.c:66)
==27582==    by 0x5166F9B: _dl_catch_exception (dl-error-skeleton.c:198)
==27582==    by 0x516700E: _dl_catch_error (dl-error-skeleton.c:217)
==27582==    by 0x4E3A514: _dlerror_run (dlerror.c:162)
==27582==    by 0x4E39F70: dlopen@@GLIBC_2.2.5 (dlopen.c:87)

There is no real leak.

The calling link map (the executable's link map) has it's l_origin
expanded for future use as part of _dl_get_origin, and that results
in the main executable link map having a N-byte allocation for
l->l_origin that is never freed since the executable's link map is
just a part of the process.

To take this into account we do one dlopen with $ORIGIN before
calling mtrace to force the initialization of the executable link
map.

Signed-off-by: Carlos O'Donell <carlos@redhat.com>
2017-12-15 20:22:29 -08:00
H.J. Lu
9d7a3741c9 Add --enable-static-pie configure option to build static PIE [BZ #19574]
Static PIE extends address space layout randomization to static
executables.  It provides additional security hardening benefits at
the cost of some memory and performance.

Dynamic linker, ld.so, is a standalone program which can be loaded at
any address.  This patch adds a configure option, --enable-static-pie,
to embed the part of ld.so in static executable to create static position
independent executable (static PIE).  A static PIE is similar to static
executable, but can be loaded at any address without help from a dynamic
linker.  When --enable-static-pie is used to configure glibc, libc.a is
built as PIE and all static executables, including tests, are built as
static PIE.  The resulting libc.a can be used together with GCC 8 or
above to build static PIE with the compiler option, -static-pie.  But
GCC 8 isn't required to build glibc with --enable-static-pie.  Only GCC
with PIE support is needed.  When an older GCC is used to build glibc
with --enable-static-pie, proper input files are passed to linker to
create static executables as static PIE, together with "-z text" to
prevent dynamic relocations in read-only segments, which are not allowed
in static PIE.

The following changes are made for static PIE:

1. Add a new function, _dl_relocate_static_pie, to:
   a. Get the run-time load address.
   b. Read the dynamic section.
   c. Perform dynamic relocations.
Dynamic linker also performs these steps.  But static PIE doesn't load
any shared objects.
2. Call _dl_relocate_static_pie at entrance of LIBC_START_MAIN in
libc.a.  crt1.o, which is used to create dynamic and non-PIE static
executables, is updated to include a dummy _dl_relocate_static_pie.
rcrt1.o is added to create static PIE, which will link in the real
_dl_relocate_static_pie.  grcrt1.o is also added to create static PIE
with -pg.  GCC 8 has been updated to support rcrt1.o and grcrt1.o for
static PIE.

Static PIE can work on all architectures which support PIE, provided:

1. Target must support accessing of local functions without dynamic
relocations, which is needed in start.S to call __libc_start_main with
function addresses of __libc_csu_init, __libc_csu_fini and main.  All
functions in static PIE are local functions.  If PIE start.S can't reach
main () defined in a shared object, the code sequence:

	pass address of local_main to __libc_start_main
	...

local_main:
	tail call to main via PLT

can be used.
2. start.S is updated to check PIC instead SHARED for PIC code path and
avoid dynamic relocation, when PIC is defined and SHARED isn't defined,
to support static PIE.
3. All assembly codes are updated check PIC instead SHARED for PIC code
path to avoid dynamic relocations in read-only sections.
4. All assembly codes are updated check SHARED instead PIC for static
symbol name.
5. elf_machine_load_address in dl-machine.h are updated to support static
PIE.
6. __brk works without TLS nor dynamic relocations in read-only section
so that it can be used by __libc_setup_tls to initializes TLS in static
PIE.

NB: When glibc is built with GCC defaulted to PIE, libc.a is compiled
with -fPIE, regardless if --enable-static-pie is used to configure glibc.
When glibc is configured with --enable-static-pie, libc.a is compiled
with -fPIE, regardless whether GCC defaults to PIE or not.  The same
libc.a can be used to build both static executable and static PIE.
There is no need for separate PIE copy of libc.a.

On x86-64, the normal static sln:

   text	   data	    bss	    dec	    hex	filename
 625425	   8284	   5456	 639165	  9c0bd	elf/sln

the static PIE sln:

   text	   data	    bss	    dec	    hex	filename
 657626	  20636	   5392	 683654	  a6e86	elf/sln

The code size is increased by 5% and the binary size is increased by 7%.

Linker requirements to build glibc with --enable-static-pie:

1. Linker supports --no-dynamic-linker to remove PT_INTERP segment from
static PIE.
2. Linker can create working static PIE.  The x86-64 linker needs the
fix for

https://sourceware.org/bugzilla/show_bug.cgi?id=21782

The i386 linker needs to be able to convert "movl main@GOT(%ebx), %eax"
to "leal main@GOTOFF(%ebx), %eax" if main is defined locally.

Binutils 2.29 or above are OK for i686 and x86-64.  But linker status for
other targets need to be verified.

3. Linker should resolve undefined weak symbols to 0 in static PIE:

https://sourceware.org/bugzilla/show_bug.cgi?id=22269

4. Many ELF backend linkers incorrectly check bfd_link_pic for TLS
relocations, which should check bfd_link_executable instead:

https://sourceware.org/bugzilla/show_bug.cgi?id=22263

Tested on aarch64, i686 and x86-64.

Using GCC 7 and binutils master branch, build-many-glibcs.py with
--enable-static-pie with all patches for static PIE applied have the
following build successes:

PASS: glibcs-aarch64_be-linux-gnu build
PASS: glibcs-aarch64-linux-gnu build
PASS: glibcs-armeb-linux-gnueabi-be8 build
PASS: glibcs-armeb-linux-gnueabi build
PASS: glibcs-armeb-linux-gnueabihf-be8 build
PASS: glibcs-armeb-linux-gnueabihf build
PASS: glibcs-arm-linux-gnueabi build
PASS: glibcs-arm-linux-gnueabihf build
PASS: glibcs-arm-linux-gnueabihf-v7a build
PASS: glibcs-arm-linux-gnueabihf-v7a-disable-multi-arch build
PASS: glibcs-m68k-linux-gnu build
PASS: glibcs-microblazeel-linux-gnu build
PASS: glibcs-microblaze-linux-gnu build
PASS: glibcs-mips64el-linux-gnu-n32 build
PASS: glibcs-mips64el-linux-gnu-n32-nan2008 build
PASS: glibcs-mips64el-linux-gnu-n32-nan2008-soft build
PASS: glibcs-mips64el-linux-gnu-n32-soft build
PASS: glibcs-mips64el-linux-gnu-n64 build
PASS: glibcs-mips64el-linux-gnu-n64-nan2008 build
PASS: glibcs-mips64el-linux-gnu-n64-nan2008-soft build
PASS: glibcs-mips64el-linux-gnu-n64-soft build
PASS: glibcs-mips64-linux-gnu-n32 build
PASS: glibcs-mips64-linux-gnu-n32-nan2008 build
PASS: glibcs-mips64-linux-gnu-n32-nan2008-soft build
PASS: glibcs-mips64-linux-gnu-n32-soft build
PASS: glibcs-mips64-linux-gnu-n64 build
PASS: glibcs-mips64-linux-gnu-n64-nan2008 build
PASS: glibcs-mips64-linux-gnu-n64-nan2008-soft build
PASS: glibcs-mips64-linux-gnu-n64-soft build
PASS: glibcs-mipsel-linux-gnu build
PASS: glibcs-mipsel-linux-gnu-nan2008 build
PASS: glibcs-mipsel-linux-gnu-nan2008-soft build
PASS: glibcs-mipsel-linux-gnu-soft build
PASS: glibcs-mips-linux-gnu build
PASS: glibcs-mips-linux-gnu-nan2008 build
PASS: glibcs-mips-linux-gnu-nan2008-soft build
PASS: glibcs-mips-linux-gnu-soft build
PASS: glibcs-nios2-linux-gnu build
PASS: glibcs-powerpc64le-linux-gnu build
PASS: glibcs-powerpc64-linux-gnu build
PASS: glibcs-tilegxbe-linux-gnu-32 build
PASS: glibcs-tilegxbe-linux-gnu build
PASS: glibcs-tilegx-linux-gnu-32 build
PASS: glibcs-tilegx-linux-gnu build
PASS: glibcs-tilepro-linux-gnu build

and the following build failures:

FAIL: glibcs-alpha-linux-gnu build

elf/sln is failed to link due to:

assertion fail bfd/elf64-alpha.c:4125

This is caused by linker bug and/or non-PIC code in PIE libc.a.

FAIL: glibcs-hppa-linux-gnu build

elf/sln is failed to link due to:

collect2: fatal error: ld terminated with signal 11 [Segmentation fault]

https://sourceware.org/bugzilla/show_bug.cgi?id=22537

FAIL: glibcs-ia64-linux-gnu build

elf/sln is failed to link due to:

collect2: fatal error: ld terminated with signal 11 [Segmentation fault]

FAIL: glibcs-powerpc-linux-gnu build
FAIL: glibcs-powerpc-linux-gnu-soft build
FAIL: glibcs-powerpc-linux-gnuspe build
FAIL: glibcs-powerpc-linux-gnuspe-e500v1 build

elf/sln is failed to link due to:

ld: read-only segment has dynamic relocations.

This is caused by linker bug and/or non-PIC code in PIE libc.a.  See:

https://sourceware.org/bugzilla/show_bug.cgi?id=22264

FAIL: glibcs-powerpc-linux-gnu-power4 build

elf/sln is failed to link due to:

findlocale.c:96:(.text+0x22c): @local call to ifunc memchr

This is caused by linker bug and/or non-PIC code in PIE libc.a.

FAIL: glibcs-s390-linux-gnu build

elf/sln is failed to link due to:

collect2: fatal error: ld terminated with signal 11 [Segmentation fault], core dumped

assertion fail bfd/elflink.c:14299

This is caused by linker bug and/or non-PIC code in PIE libc.a.

FAIL: glibcs-sh3eb-linux-gnu build
FAIL: glibcs-sh3-linux-gnu build
FAIL: glibcs-sh4eb-linux-gnu build
FAIL: glibcs-sh4eb-linux-gnu-soft build
FAIL: glibcs-sh4-linux-gnu build
FAIL: glibcs-sh4-linux-gnu-soft build

elf/sln is failed to link due to:

ld: read-only segment has dynamic relocations.

This is caused by linker bug and/or non-PIC code in PIE libc.a.  See:

https://sourceware.org/bugzilla/show_bug.cgi?id=22263

Also TLS code sequence in SH assembly syscalls in glibc doesn't match TLS
code sequence expected by ld:

https://sourceware.org/bugzilla/show_bug.cgi?id=22270

FAIL: glibcs-sparc64-linux-gnu build
FAIL: glibcs-sparcv9-linux-gnu build
FAIL: glibcs-tilegxbe-linux-gnu build
FAIL: glibcs-tilegxbe-linux-gnu-32 build
FAIL: glibcs-tilegx-linux-gnu build
FAIL: glibcs-tilegx-linux-gnu-32 build
FAIL: glibcs-tilepro-linux-gnu build

elf/sln is failed to link due to:

ld: read-only segment has dynamic relocations.

This is caused by linker bug and/or non-PIC code in PIE libc.a.  See:

https://sourceware.org/bugzilla/show_bug.cgi?id=22263

	[BZ #19574]
	* INSTALL: Regenerated.
	* Makeconfig (real-static-start-installed-name): New.
	(pic-default): Updated for --enable-static-pie.
	(pie-default): New for --enable-static-pie.
	(default-pie-ldflag): Likewise.
	(+link-static-before-libc): Replace $(DEFAULT-LDFLAGS-$(@F))
	with $(if $($(@F)-no-pie),$(no-pie-ldflag),$(default-pie-ldflag)).
	Replace $(static-start-installed-name) with
	$(real-static-start-installed-name).
	(+prectorT): Updated for --enable-static-pie.
	(+postctorT): Likewise.
	(CFLAGS-.o): Add $(pie-default).
	(CFLAGS-.op): Likewise.
	* NEWS: Mention --enable-static-pie.
	* config.h.in (ENABLE_STATIC_PIE): New.
	* configure.ac (--enable-static-pie): New configure option.
	(have-no-dynamic-linker): New LIBC_CONFIG_VAR.
	(have-static-pie): Likewise.
	Enable static PIE if linker supports --no-dynamic-linker.
	(ENABLE_STATIC_PIE): New AC_DEFINE.
	(enable-static-pie): New LIBC_CONFIG_VAR.
	* configure: Regenerated.
	* csu/Makefile (omit-deps): Add r$(start-installed-name) and
	gr$(start-installed-name) for --enable-static-pie.
	(extra-objs): Likewise.
	(install-lib): Likewise.
	(extra-objs): Add static-reloc.o and static-reloc.os
	($(objpfx)$(start-installed-name)): Also depend on
	$(objpfx)static-reloc.o.
	($(objpfx)r$(start-installed-name)): New.
	($(objpfx)g$(start-installed-name)): Also depend on
	$(objpfx)static-reloc.os.
	($(objpfx)gr$(start-installed-name)): New.
	* csu/libc-start.c (LIBC_START_MAIN): Call _dl_relocate_static_pie
	in libc.a.
	* csu/libc-tls.c (__libc_setup_tls): Add main_map->l_addr to
	initimage.
	* csu/static-reloc.c: New file.
	* elf/Makefile (routines): Add dl-reloc-static-pie.
	(elide-routines.os): Likewise.
	(DEFAULT-LDFLAGS-tst-tls1-static-non-pie): Removed.
	(tst-tls1-static-non-pie-no-pie): New.
	* elf/dl-reloc-static-pie.c: New file.
	* elf/dl-support.c (_dl_get_dl_main_map): New function.
	* elf/dynamic-link.h (ELF_DURING_STARTUP): Also check
	STATIC_PIE_BOOTSTRAP.
	* elf/get-dynamic-info.h (elf_get_dynamic_info): Likewise.
	* gmon/Makefile (tests): Add tst-gmon-static-pie.
	(tests-static): Likewise.
	(DEFAULT-LDFLAGS-tst-gmon-static): Removed.
	(tst-gmon-static-no-pie): New.
	(CFLAGS-tst-gmon-static-pie.c): Likewise.
	(CRT-tst-gmon-static-pie): Likewise.
	(tst-gmon-static-pie-ENV): Likewise.
	(tests-special): Likewise.
	($(objpfx)tst-gmon-static-pie.out): Likewise.
	(clean-tst-gmon-static-pie-data): Likewise.
	($(objpfx)tst-gmon-static-pie-gprof.out): Likewise.
	* gmon/tst-gmon-static-pie.c: New file.
	* manual/install.texi: Document --enable-static-pie.
	* sysdeps/generic/ldsodefs.h (_dl_relocate_static_pie): New.
	(_dl_get_dl_main_map): Likewise.
	* sysdeps/i386/configure.ac: Check if linker supports static PIE.
	* sysdeps/x86_64/configure.ac: Likewise.
	* sysdeps/i386/configure: Regenerated.
	* sysdeps/x86_64/configure: Likewise.
	* sysdeps/mips/Makefile (ASFLAGS-.o): Add $(pie-default).
	(ASFLAGS-.op): Likewise.
2017-12-15 17:12:14 -08:00
Siddhesh Poyarekar
aa6932aa7b Remove redundant mention of SXID_ERASE
SXID_ERASE is implicit for all environment variables.  Avoid
mentioning it in the tunables list; that way only the ones with
SXID_IGNORE remain prominent and mentioned.  TODO: we need to audit
each of those cases and drop them to SXID_ERASE wherever possible.
2017-12-15 00:48:12 +05:30
Florian Weimer
3ff3dfa5af elf: Count components of the expanded path in _dl_init_path [BZ #22607] 2017-12-14 15:31:46 +01:00
Florian Weimer
8a0b17e48b elf: Compute correct array size in _dl_init_paths [BZ #22606] 2017-12-14 15:27:08 +01:00
Carlos O'Donell
243b63337c Fix testing with nss-crypt.
A glibc master build with --enable-nss-crypt using the NSS
crypto libraries fails during make check with the following error:

<command-line>:0:0: error: "USE_CRYPT" redefined [-Werror]
<command-line>:0:0: note: this is the location of the previous
definition

This is caused by commit 36975e8e7e
by H.J. Lu which replaces all = with +=. The fix is to undefine
USE_CRYPT before defining it to zero.

Committed as an obvious fix. Fixes the build issue on x86_64 with
no regressions.

Signed-off-by: Carlos O'Donell <carlos@redhat.com>
2017-12-12 18:34:33 -08:00
H.J. Lu
36975e8e7e Replace = with += in CFLAGS-xxx.c/CPPFLAGS-xxx.c
Replace = with += in CFLAGS-xxx.c and CPPFLAGS-xxx.c to allow Makefile
under sysdeps to define CFLAGS-xx.c and CPPFLAGS-xxx.c.

	* argp/Makefile (CFLAGS-argp-help.c): Replace = with +=.
	(CFLAGS-argp-parse.c): Likewise.
	(CFLAGS-argp-fmtstream.c): Likewise.
	* crypt/Makefile (CPPFLAGS-sha256-crypt.c): Likewise.
	(CPPFLAGS-sha512-crypt.c): Likewise.
	(CPPFLAGS-md5-crypt.c): Likewise.
	* debug/Makefile (CFLAGS-stack_chk_fail.c): Likewise.
	(CFLAGS-stack_chk_fail_local.c): Likewise.
	(CFLAGS-backtrace.c): Likewise.
	(CFLAGS-sprintf_chk.c): Likewise.
	(CFLAGS-snprintf_chk.c): Likewise.
	(CFLAGS-vsprintf_chk.c): Likewise.
	(CFLAGS-vsnprintf_chk.c): Likewise.
	(CFLAGS-asprintf_chk.c): Likewise.
	(CFLAGS-vasprintf_chk.c): Likewise.
	(CFLAGS-obprintf_chk.c): Likewise.
	(CFLAGS-dprintf_chk.c): Likewise.
	(CFLAGS-vdprintf_chk.c): Likewise.
	(CFLAGS-printf_chk.c): Likewise.
	(CFLAGS-fprintf_chk.c): Likewise.
	(CFLAGS-vprintf_chk.c): Likewise.
	(CFLAGS-vfprintf_chk.c): Likewise.
	(CFLAGS-gets_chk.c): Likewise.
	(CFLAGS-fgets_chk.c): Likewise.
	(CFLAGS-fgets_u_chk.c): Likewise.
	(CFLAGS-fread_chk.c): Likewise.
	(CFLAGS-fread_u_chk.c): Likewise.
	(CFLAGS-swprintf_chk.c): Likewise.
	(CFLAGS-vswprintf_chk.c): Likewise.
	(CFLAGS-wprintf_chk.c): Likewise.
	(CFLAGS-fwprintf_chk.c): Likewise.
	(CFLAGS-vwprintf_chk.c): Likewise.
	(CFLAGS-vfwprintf_chk.c): Likewise.
	(CFLAGS-fgetws_chk.c): Likewise.
	(CFLAGS-fgetws_u_chk.c): Likewise.
	(CFLAGS-read_chk.c): Likewise.
	(CFLAGS-pread_chk.c): Likewise.
	(CFLAGS-pread64_chk.c): Likewise.
	(CFLAGS-recv_chk.c): Likewise.
	(CFLAGS-recvfrom_chk.c): Likewise.
	(CFLAGS-tst-longjmp_chk.c): Likewise.
	(CPPFLAGS-tst-longjmp_chk.c): Likewise.
	(CFLAGS-tst-longjmp_chk2.c): Likewise.
	(CPPFLAGS-tst-longjmp_chk2.c): Likewise.
	(CFLAGS-tst-longjmp_chk3.c): Likewise.
	(CPPFLAGS-tst-longjmp_chk3.c): Likewise.
	(CFLAGS-tst-chk1.c): Likewise.
	(CFLAGS-tst-chk2.c): Likewise.
	(CFLAGS-tst-chk3.c): Likewise.
	(CFLAGS-tst-chk4.cc): Likewise.
	(CFLAGS-tst-chk5.cc): Likewise.
	(CFLAGS-tst-chk6.cc): Likewise.
	(CFLAGS-tst-lfschk1.c): Likewise.
	(CFLAGS-tst-lfschk2.c): Likewise.
	(CFLAGS-tst-lfschk3.c): Likewise.
	(CFLAGS-tst-lfschk4.cc): Likewise.
	(CFLAGS-tst-lfschk5.cc): Likewise.
	(CFLAGS-tst-lfschk6.cc): Likewise.
	(CFLAGS-tst-ssp-1.c): Likewise.
	* dirent/Makefile (CFLAGS-scandir.c): Likewise.
	(CFLAGS-scandir64.c): Likewise.
	(CFLAGS-scandir-tail.c): Likewise.
	(CFLAGS-scandir64-tail.c): Likewise.
	* elf/Makefile (CPPFLAGS-dl-tunables.c): Likewise.
	(CFLAGS-dl-tunables.c): Likewise.
	(CFLAGS-dl-runtime.c): Likewise.
	(CFLAGS-dl-lookup.c): Likewise.
	(CFLAGS-dl-iterate-phdr.c): Likewise.
	(CFLAGS-vismain.c): Likewise.
	(CFLAGS-tst-linkall-static.c): Likewise.
	(CFLAGS-tst-linkall-static.c): Likewise.
	(CPPFLAGS-dl-load.c): Likewise.
	(CFLAGS-ldconfig.c): Likewise.
	(CFLAGS-dl-cache.c): Likewise.
	(CFLAGS-cache.c): Likewise.
	(CFLAGS-rtld.c): Likewise.
	(CFLAGS-multiload.c): Likewise.
	(CFLAGS-filtmod1.c): Likewise.
	(CFLAGS-tst-align.c): Likewise.
	(CFLAGS-tst-align2.c): Likewise.
	(CFLAGS-tst-alignmod.c): Likewise.
	(CFLAGS-tst-alignmod2.c): Likewise.
	(CPPFLAGS-tst-execstack.c): Likewise.
	(CFLAGS-tst-ptrguard1-static.c): Likewise.
	(CFLAGS-tst-latepthreadmod.c): Likewise.
	* grp/Makefile (CFLAGS-getgrgid_r.c): Likewise.
	(CFLAGS-getgrnam_r.c): Likewise.
	(CFLAGS-getgrent_r.c): Likewise.
	(CFLAGS-getgrent.c): Likewise.
	(CFLAGS-fgetgrent.c): Likewise.
	(CFLAGS-fgetgrent_r.c): Likewise.
	(CFLAGS-putgrent.c): Likewise.
	(CFLAGS-initgroups.c): Likewise.
	(CFLAGS-getgrgid.c): Likewise.
	* gshadow/Makefile (CFLAGS-getsgent_r.c): Likewise.
	(CFLAGS-getsgent.c): Likewise.
	(CFLAGS-fgetsgent.c): Likewise.
	(CFLAGS-fgetsgent_r.c): Likewise.
	(CFLAGS-putsgent.c): Likewise.
	(CFLAGS-getsgnam.c): Likewise.
	(CFLAGS-getsgnam_r.c): Likewise.
	* iconv/Makefile (CFLAGS-iconv_prog.c): Likewise.
	(CFLAGS-iconv_charmap.c): Likewise.
	(CFLAGS-dummy-repertoire.c): Likewise.
	(CFLAGS-charmap.c): Likewise.
	(CFLAGS-linereader.c): Likewise.
	(CFLAGS-simple-hash.c): Likewise.
	(CFLAGS-gconv_conf.c): Likewise.
	(CFLAGS-iconvconfig.c): Likewise.
	* inet/Makefile (CFLAGS-gethstbyad_r.c): Likewise.
	(CFLAGS-gethstbyad.c): Likewise.
	(CFLAGS-gethstbynm_r.c): Likewise.
	(CFLAGS-gethstbynm.c): Likewise.
	(CFLAGS-gethstbynm2_r.c): Likewise.
	(CFLAGS-gethstbynm2.c): Likewise.
	(CFLAGS-gethstent_r.c): Likewise.
	(CFLAGS-gethstent.c): Likewise.
	(CFLAGS-rcmd.c): Likewise.
	(CFLAGS-getnetbynm_r.c): Likewise.
	(CFLAGS-getnetbynm.c): Likewise.
	(CFLAGS-getnetbyad_r.c): Likewise.
	(CFLAGS-getnetbyad.c): Likewise.
	(CFLAGS-getnetent_r.c): Likewise.
	(CFLAGS-getnetent.c): Likewise.
	(CFLAGS-getaliasent_r.c): Likewise.
	(CFLAGS-getaliasent.c): Likewise.
	(CFLAGS-getrpcent_r.c): Likewise.
	(CFLAGS-getrpcent.c): Likewise.
	(CFLAGS-getservent_r.c): Likewise.
	(CFLAGS-getservent.c): Likewise.
	(CFLAGS-getprtent_r.c): Likewise.
	(CFLAGS-getprtent.c): Likewise.
	(CFLAGS-either_ntoh.c): Likewise.
	(CFLAGS-either_hton.c): Likewise.
	(CFLAGS-getnetgrent.c): Likewise.
	(CFLAGS-getnetgrent_r.c): Likewise.
	(CFLAGS-tst-checks-posix.c): Likewise.
	(CFLAGS-tst-sockaddr.c): Likewise.
	* intl/Makefile (CFLAGS-tst-gettext.c): Likewise.
	(CFLAGS-tst-translit.c): Likewise.
	(CFLAGS-tst-gettext2.c): Likewise.
	(CFLAGS-tst-codeset.c): Likewise.
	(CFLAGS-tst-gettext3.c): Likewise.
	(CFLAGS-tst-gettext4.c): Likewise.
	(CFLAGS-tst-gettext5.c): Likewise.
	(CFLAGS-tst-gettext6.c): Likewise.
	* io/Makefile (CFLAGS-open.c): Likewise.
	(CFLAGS-open64.c): Likewise.
	(CFLAGS-creat.c): Likewise.
	(CFLAGS-creat64.c): Likewise.
	(CFLAGS-fcntl.c): Likewise.
	(CFLAGS-poll.c): Likewise.
	(CFLAGS-ppoll.c): Likewise.
	(CFLAGS-lockf.c): Likewise.
	(CFLAGS-statfs.c): Likewise.
	(CFLAGS-fstatfs.c): Likewise.
	(CFLAGS-statvfs.c): Likewise.
	(CFLAGS-fstatvfs.c): Likewise.
	(CFLAGS-fts.c): Likewise.
	(CFLAGS-fts64.c): Likewise.
	(CFLAGS-ftw.c): Likewise.
	(CFLAGS-ftw64.c): Likewise.
	(CFLAGS-lockf.c): Likewise.
	(CFLAGS-posix_fallocate.c): Likewise.
	(CFLAGS-posix_fallocate64.c): Likewise.
	(CFLAGS-fallocate.c): Likewise.
	(CFLAGS-fallocate64.c): Likewise.
	(CFLAGS-read.c): Likewise.
	(CFLAGS-write.c): Likewise.
	(CFLAGS-test-stat.c): Likewise.
	(CFLAGS-test-lfs.c): Likewise.
	* libio/Makefile (CFLAGS-fileops.c): Likewise.
	(CFLAGS-fputc.c): Likewise.
	(CFLAGS-fputwc.c): Likewise.
	(CFLAGS-freopen64.c): Likewise.
	(CFLAGS-freopen.c): Likewise.
	(CFLAGS-fseek.c): Likewise.
	(CFLAGS-fseeko64.c): Likewise.
	(CFLAGS-fseeko.c): Likewise.
	(CFLAGS-ftello64.c): Likewise.
	(CFLAGS-ftello.c): Likewise.
	(CFLAGS-fwide.c): Likewise.
	(CFLAGS-genops.c): Likewise.
	(CFLAGS-getc.c): Likewise.
	(CFLAGS-getchar.c): Likewise.
	(CFLAGS-getwc.c): Likewise.
	(CFLAGS-getwchar.c): Likewise.
	(CFLAGS-iofclose.c): Likewise.
	(CFLAGS-iofflush.c): Likewise.
	(CFLAGS-iofgetpos64.c): Likewise.
	(CFLAGS-iofgetpos.c): Likewise.
	(CFLAGS-iofgets.c): Likewise.
	(CFLAGS-iofgetws.c): Likewise.
	(CFLAGS-iofputs.c): Likewise.
	(CFLAGS-iofputws.c): Likewise.
	(CFLAGS-iofread.c): Likewise.
	(CFLAGS-iofsetpos64.c): Likewise.
	(CFLAGS-iofsetpos.c): Likewise.
	(CFLAGS-ioftell.c): Likewise.
	(CFLAGS-iofwrite.c): Likewise.
	(CFLAGS-iogetdelim.c): Likewise.
	(CFLAGS-iogetline.c): Likewise.
	(CFLAGS-iogets.c): Likewise.
	(CFLAGS-iogetwline.c): Likewise.
	(CFLAGS-ioputs.c): Likewise.
	(CFLAGS-ioseekoff.c): Likewise.
	(CFLAGS-ioseekpos.c): Likewise.
	(CFLAGS-iosetbuffer.c): Likewise.
	(CFLAGS-iosetvbuf.c): Likewise.
	(CFLAGS-ioungetc.c): Likewise.
	(CFLAGS-ioungetwc.c): Likewise.
	(CFLAGS-oldfileops.c): Likewise.
	(CFLAGS-oldiofclose.c): Likewise.
	(CFLAGS-oldiofgetpos64.c): Likewise.
	(CFLAGS-oldiofgetpos.c): Likewise.
	(CFLAGS-oldiofsetpos64.c): Likewise.
	(CFLAGS-oldiofsetpos.c): Likewise.
	(CFLAGS-peekc.c): Likewise.
	(CFLAGS-putc.c): Likewise.
	(CFLAGS-putchar.c): Likewise.
	(CFLAGS-putwc.c): Likewise.
	(CFLAGS-putwchar.c): Likewise.
	(CFLAGS-rewind.c): Likewise.
	(CFLAGS-wfileops.c): Likewise.
	(CFLAGS-wgenops.c): Likewise.
	(CFLAGS-oldiofopen.c): Likewise.
	(CFLAGS-iofopen.c): Likewise.
	(CFLAGS-iofopen64.c): Likewise.
	(CFLAGS-oldtmpfile.c): Likewise.
	(CFLAGS-tst_putwc.c): Likewise.
	* locale/Makefile (CFLAGS-md5.c): Likewise.
	(CFLAGS-charmap.c): Likewise.
	(CFLAGS-locfile.c): Likewise.
	(CFLAGS-charmap-dir.c): Likewise.
	* login/Makefile (CFLAGS-grantpt.c): Likewise.
	(CFLAGS-getpt.c): Likewise.
	(CFLAGS-pt_chown.c): Likewise.
	* malloc/Makefile (CFLAGS-mcheck-init.c): Likewise.
	(CFLAGS-obstack.c): Likewise.
	* math/Makefile (CFLAGS-test-tgmath3.c): Likewise.
	(CFLAGS-test-double-vlen4-wrappers.c): Likewise.
	(CFLAGS-test-double-vlen8-wrappers.c): Likewise.
	(CFLAGS-test-float-vlen8-wrappers.c): Likewise.
	(CFLAGS-test-float-vlen16-wrappers.c): Likewise.
	(CFLAGS-test-tgmath.c): Likewise.
	(CFLAGS-test-tgmath2.c): Likewise.
	(CFLAGS-test-tgmath-ret.c): Likewise.
	(CFLAGS-test-powl.c): Likewise.
	(CFLAGS-test-snan.c): Likewise.
	(CFLAGS-test-signgam-finite.c): Likewise.
	(CFLAGS-test-signgam-finite-c99.c): Likewise.
	(CFLAGS-test-signgam-finite-c11.c): Likewise.
	(CFLAGS-test-signgam-uchar.c): Likewise.
	(CFLAGS-test-signgam-uchar-init.c): Likewise.
	(CFLAGS-test-signgam-uchar-static.c): Likewise.
	(CFLAGS-test-signgam-uchar-init-static.c): Likewise.
	(CFLAGS-test-signgam-uint.c): Likewise.
	(CFLAGS-test-signgam-uint-init.c): Likewise.
	(CFLAGS-test-signgam-uint-static.c): Likewise.
	(CFLAGS-test-signgam-uint-init-static.c): Likewise.
	(CFLAGS-test-signgam-ullong.c): Likewise.
	(CFLAGS-test-signgam-ullong-init.c): Likewise.
	(CFLAGS-test-signgam-ullong-static.c): Likewise.
	(CFLAGS-test-signgam-ullong-init-static.c): Likewise.
	(CFLAGS-test-math-cxx11.cc): Likewise.
	(CFLAGS-test-math-isinff.cc): Likewise.
	(CFLAGS-test-math-iszero.cc): Likewise.
	(CFLAGS-test-math-issignaling.cc): Likewise.
	(CFLAGS-test-math-iscanonical.cc): Likewise.
	(CFLAGS-test-iszero-excess-precision.c): Likewise.
	(CFLAGS-test-iseqsig-excess-precision.c): Likewise.
	(CFLAGS-test-flt-eval-method.c): Likewise.
	(CFLAGS-test-fe-snans-always-signal.c): Likewise.
	(CFLAGS-test-finite-macros.c): Likewise.
	* misc/Makefile (CFLAGS-select.c): Likewise.
	(CFLAGS-tsearch.c): Likewise.
	(CFLAGS-lsearch.c): Likewise.
	(CFLAGS-pselect.c): Likewise.
	(CFLAGS-readv.c): Likewise.
	(CFLAGS-writev.c): Likewise.
	(CFLAGS-preadv.c): Likewise.
	(CFLAGS-preadv64.c): Likewise.
	(CFLAGS-pwritev.c): Likewise.
	(CFLAGS-pwritev64.c): Likewise.
	(CFLAGS-preadv2.c): Likewise.
	(CFLAGS-preadv64v2.c): Likewise.
	(CFLAGS-pwritev2.c): Likewise.
	(CFLAGS-pwritev64v2.c): Likewise.
	(CFLAGS-usleep.c): Likewise.
	(CFLAGS-syslog.c): Likewise.
	(CFLAGS-error.c): Likewise.
	(CFLAGS-getpass.c): Likewise.
	(CFLAGS-mkstemp.c): Likewise.
	(CFLAGS-mkstemp64.c): Likewise.
	(CFLAGS-getsysstats.c): Likewise.
	(CFLAGS-getusershell.c): Likewise.
	(CFLAGS-err.c): Likewise.
	(CFLAGS-tst-tsearch.c): Likewise.
	(CFLAGS-msync.c): Likewise.
	(CFLAGS-fdatasync.c): Likewise.
	(CFLAGS-fsync.c): Likewise.
	* nptl/Makefile (CFLAGS-nptl-init.c): Likewise.
	(CFLAGS-unwind.c): Likewise.
	(CFLAGS-unwind-forcedunwind.c): Likewise.
	(CFLAGS-pthread_cancel.c): Likewise.
	(CFLAGS-pthread_setcancelstate.c): Likewise.
	(CFLAGS-pthread_setcanceltype.c): Likewise.
	(CFLAGS-cancellation.c): Likewise.
	(CFLAGS-libc-cancellation.c): Likewise.
	(CFLAGS-pthread_exit.c): Likewise.
	(CFLAGS-forward.c): Likewise.
	(CFLAGS-pthread_testcancel.c): Likewise.
	(CFLAGS-pthread_join.c): Likewise.
	(CFLAGS-pthread_timedjoin.c): Likewise.
	(CFLAGS-pthread_once.c): Likewise.
	(CFLAGS-pthread_cond_wait.c): Likewise.
	(CFLAGS-sem_wait.c): Likewise.
	(CFLAGS-sem_timedwait.c): Likewise.
	(CFLAGS-fcntl.c): Likewise.
	(CFLAGS-lockf.c): Likewise.
	(CFLAGS-pread.c): Likewise.
	(CFLAGS-pread64.c): Likewise.
	(CFLAGS-pwrite.c): Likewise.
	(CFLAGS-pwrite64.c): Likewise.
	(CFLAGS-wait.c): Likewise.
	(CFLAGS-waitpid.c): Likewise.
	(CFLAGS-sigwait.c): Likewise.
	(CFLAGS-msgrcv.c): Likewise.
	(CFLAGS-msgsnd.c): Likewise.
	(CFLAGS-tcdrain.c): Likewise.
	(CFLAGS-open.c): Likewise.
	(CFLAGS-open64.c): Likewise.
	(CFLAGS-pause.c): Likewise.
	(CFLAGS-recv.c): Likewise.
	(CFLAGS-send.c): Likewise.
	(CFLAGS-accept.c): Likewise.
	(CFLAGS-sendto.c): Likewise.
	(CFLAGS-connect.c): Likewise.
	(CFLAGS-recvfrom.c): Likewise.
	(CFLAGS-recvmsg.c): Likewise.
	(CFLAGS-sendmsg.c): Likewise.
	(CFLAGS-close.c): Likewise.
	(CFLAGS-read.c): Likewise.
	(CFLAGS-write.c): Likewise.
	(CFLAGS-nanosleep.c): Likewise.
	(CFLAGS-sigsuspend.c): Likewise.
	(CFLAGS-msync.c): Likewise.
	(CFLAGS-fdatasync.c): Likewise.
	(CFLAGS-fsync.c): Likewise.
	(CFLAGS-pt-system.c): Likewise.
	(CFLAGS-tst-cleanup2.c): Likewise.
	(CFLAGS-tst-cleanupx2.c): Likewise.
	(CFLAGS-flockfile.c): Likewise.
	(CFLAGS-ftrylockfile.c): Likewise.
	(CFLAGS-funlockfile.c): Likewise.
	(CFLAGS-tst-initializers1.c): Likewise.
	(CFLAGS-tst-initializers1-c89.c): Likewise.
	(CFLAGS-tst-initializers1-c99.c): Likewise.
	(CFLAGS-tst-initializers1-c11.c): Likewise.
	(CFLAGS-tst-initializers1-gnu89.c): Likewise.
	(CFLAGS-tst-initializers1-gnu99.c): Likewise.
	(CFLAGS-tst-initializers1-gnu11.c): Likewise.
	* nscd/Makefile (CFLAGS-nscd_getpw_r.c): Likewise.
	(CFLAGS-nscd_getgr_r.c): Likewise.
	(CFLAGS-nscd_gethst_r.c): Likewise.
	(CFLAGS-nscd_getai.c): Likewise.
	(CFLAGS-nscd_initgroups.c): Likewise.
	* posix/Makefile (CFLAGS-getaddrinfo.c): Likewise.
	(CFLAGS-pause.c): Likewise.
	(CFLAGS-pread.c): Likewise.
	(CFLAGS-pread64.c): Likewise.
	(CFLAGS-pwrite.c): Likewise.
	(CFLAGS-pwrite64.c): Likewise.
	(CFLAGS-sleep.c): Likewise.
	(CFLAGS-wait.c): Likewise.
	(CFLAGS-waitid.c): Likewise.
	(CFLAGS-waitpid.c): Likewise.
	(CFLAGS-getopt.c): Likewise.
	(CFLAGS-wordexp.c): Likewise.
	(CFLAGS-sysconf.c): Likewise.
	(CFLAGS-pathconf.c): Likewise.
	(CFLAGS-fpathconf.c): Likewise.
	(CFLAGS-spawn.c): Likewise.
	(CFLAGS-spawnp.c): Likewise.
	(CFLAGS-spawni.c): Likewise.
	(CFLAGS-glob.c): Likewise.
	(CFLAGS-glob64.c): Likewise.
	(CFLAGS-getconf.c): Likewise.
	(CFLAGS-nanosleep.c): Likewise.
	* pwd/Makefile (CFLAGS-getpwent_r.c): Likewise.
	(CFLAGS-getpwent.c): Likewise.
	(CFLAGS-getpw.c): Likewise.
	(CFLAGS-fgetpwent_r.c): Likewise.
	* resolv/Makefile (CFLAGS-res_hconf.c): Likewise.
	* rt/Makefile (CFLAGS-aio_suspend.c): Likewise.
	(CFLAGS-mq_timedreceive.c): Likewise.
	(CFLAGS-mq_timedsend.c): Likewise.
	(CFLAGS-clock_nanosleep.c): Likewise.
	(CFLAGS-librt-cancellation.c): Likewise.
	* shadow/Makefile (CFLAGS-getspent_r.c): Likewise.
	(CFLAGS-getspent.c): Likewise.
	(CFLAGS-fgetspent.c): Likewise.
	(CFLAGS-fgetspent_r.c): Likewise.
	(CFLAGS-putspent.c): Likewise.
	(CFLAGS-getspnam.c): Likewise.
	(CFLAGS-getspnam_r.c): Likewise.
	* signal/Makefile (CFLAGS-sigpause.c): Likewise.
	(CFLAGS-sigsuspend.c): Likewise.
	(CFLAGS-sigtimedwait.c): Likewise.
	(CFLAGS-sigwait.c): Likewise.
	(CFLAGS-sigwaitinfo.c): Likewise.
	(CFLAGS-sigreturn.c): Likewise.
	* stdio-common/Makefile (CFLAGS-vfprintf.c): Likewise.
	(CFLAGS-vfwprintf.c): Likewise.
	(CFLAGS-tmpfile.c): Likewise.
	(CFLAGS-tmpfile64.c): Likewise.
	(CFLAGS-tempname.c): Likewise.
	(CFLAGS-psignal.c): Likewise.
	(CFLAGS-vprintf.c): Likewise.
	(CFLAGS-cuserid.c): Likewise.
	(CFLAGS-errlist.c): Likewise.
	(CFLAGS-siglist.c): Likewise.
	(CFLAGS-scanf15.c): Likewise.
	(CFLAGS-scanf17.c): Likewise.
	* stdlib/Makefile (CFLAGS-bsearch.c): Likewise.
	(CFLAGS-msort.c): Likewise.
	(CFLAGS-qsort.c): Likewise.
	(CFLAGS-system.c): Likewise.
	(CFLAGS-fmtmsg.c): Likewise.
	(CFLAGS-strfmon.c): Likewise.
	(CFLAGS-strfmon_l.c): Likewise.
	(CFLAGS-strfromd.c): Likewise.
	(CFLAGS-strfromf.c): Likewise.
	(CFLAGS-strfroml.c): Likewise.
	(CFLAGS-tst-bsearch.c): Likewise.
	(CFLAGS-tst-qsort.c): Likewise.
	(CFLAGS-tst-makecontext2.c): Likewise.
	* sunrpc/Makefile (CFLAGS-xbootparam_prot.c): Likewise.
	(CFLAGS-xnlm_prot.c): Likewise.
	(CFLAGS-xrstat.c): Likewise.
	(CFLAGS-xyppasswd.c): Likewise.
	(CFLAGS-xklm_prot.c): Likewise.
	(CFLAGS-xrex.c): Likewise.
	(CFLAGS-xsm_inter.c): Likewise.
	(CFLAGS-xmount.c): Likewise.
	(CFLAGS-xrusers.c): Likewise.
	(CFLAGS-xspray.c): Likewise.
	(CFLAGS-xnfs_prot.c): Likewise.
	(CFLAGS-xrquota.c): Likewise.
	(CFLAGS-xkey_prot.c): Likewise.
	(CFLAGS-auth_unix.c): Likewise.
	(CFLAGS-key_call.c): Likewise.
	(CFLAGS-pmap_rmt.c): Likewise.
	(CFLAGS-clnt_perr.c): Likewise.
	(CFLAGS-openchild.c): Likewise.
	* sysvipc/Makefile (CFLAGS-msgrcv.c): Likewise.
	(CFLAGS-msgsnd.c): Likewise.
	* termios/Makefile (CFLAGS-tcdrain.c): Likewise.
	* time/Makefile (CFLAGS-tzfile.c): Likewise.
	(CFLAGS-tzset.c): Likewise.
	(CFLAGS-getdate.c): Likewise.
	(CFLAGS-test_time.c): Likewise.
	(CPPFLAGS-tst-tzname.c): Likewise.
	* timezone/Makefile (CFLAGS-zdump.c): Likewise.
	(CFLAGS-zic.c): Likewise.
	* wcsmbs/Makefile (CFLAGS-wcwidth.c): Likewise.
	(CFLAGS-wcswidth.c): Likewise.
	(CFLAGS-wcstol.c): Likewise.
	(CFLAGS-wcstoul.c): Likewise.
	(CFLAGS-wcstoll.c): Likewise.
	(CFLAGS-wcstoull.c): Likewise.
	(CFLAGS-wcstod.c): Likewise.
	(CFLAGS-wcstold.c): Likewise.
	(CFLAGS-wcstof128.c): Likewise.
	(CFLAGS-wcstof.c): Likewise.
	(CFLAGS-wcstol_l.c): Likewise.
	(CFLAGS-wcstoul_l.c): Likewise.
	(CFLAGS-wcstoll_l.c): Likewise.
	(CFLAGS-wcstoull_l.c): Likewise.
	(CFLAGS-wcstod_l.c): Likewise.
	(CFLAGS-wcstold_l.c): Likewise.
	(CFLAGS-wcstof128_l.c): Likewise.
	(CFLAGS-wcstof_l.c): Likewise.
	(CPPFLAGS-tst-wchar-h.c): Likewise.
	(CPPFLAGS-wcstold_l.c): Likewise.

Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
2017-12-11 13:11:33 -08:00
Aurelien Jarno
f648728cb1 elf/rtld.c (init_tls): Add missing new line to the _dl_fatal_printf call [BZ #22577]
Changelog:
	* elf/rtld.c (init_tls): Add missing new line to the _dl_fatal_printf
	call.
2017-12-10 19:10:28 +01:00
Rogerio Alves
07ed18d26a Add elision tunables
This patch adds several new tunables to control the behavior of
elision on supported platforms[1].   Since elision now depends
on tunables, we should always *compile* with elision enabled,
and leave the code disabled, but available for runtime
selection.  This gives us *much* better compile-time testing of
the existing code to avoid bit-rot[2].

Tested on ppc, ppc64, ppc64le, s390x and x86_64.

[1] This part of the patch was initially proposed by
Paul Murphy but was "staled" because the framework have changed
since the patch was originally proposed:

https://patchwork.sourceware.org/patch/10342/

[2] This part of the patch was inititally proposed as a RFC by
Carlos O'Donnell.  Make sense to me integrate this on the patch:

https://sourceware.org/ml/libc-alpha/2017-05/msg00335.html

	* elf/dl-tunables.list: Add elision parameters.
	* manual/tunables.texi: Add entries about elision tunable.
	* sysdeps/unix/sysv/linux/powerpc/elision-conf.c:
	Add callback functions to dynamically enable/disable elision.
	Add multiple callbacks functions to set elision parameters.
	Deleted __libc_enable_secure check.
	* sysdeps/unix/sysv/linux/s390/elision-conf.c: Likewise.
	* sysdeps/unix/sysv/linux/x86/elision-conf.c: Likewise.
	* configure: Regenerated.
	* configure.ac: Option enable_lock_elision was deleted.
	* config.h.in: ENABLE_LOCK_ELISION flag was deleted.
	* config.make.in: Remove references to enable_lock_elision.
	* manual/install.texi: Elision configure option was removed.
	* INSTALL: Regenerated to remove enable_lock_elision.
	* nptl/Makefile:
	Disable elision so it can verify error case for destroying a mutex.
	* sysdeps/powerpc/nptl/elide.h:
	Cleanup ENABLE_LOCK_ELISION check.
	Deleted macros for the case when ENABLE_LOCK_ELISION was not defined.
	* sysdeps/s390/configure: Regenerated.
	* sysdeps/s390/configure.ac: Remove references to enable_lock_elision..
	* nptl/tst-mutex8.c:
	Deleted all #ifndef ENABLE_LOCK_ELISION from the test.
	* sysdeps/powerpc/powerpc32/sysdep.h:
	Deleted all ENABLE_LOCK_ELISION checks.
	* sysdeps/powerpc/powerpc64/sysdep.h: Likewise.
	* sysdeps/powerpc/sysdep.h: Likewise.
	* sysdeps/s390/nptl/bits/pthreadtypes-arch.h: Likewise.
	* sysdeps/unix/sysv/linux/powerpc/force-elision.h: Likewise.
	* sysdeps/unix/sysv/linux/s390/elision-conf.h: Likewise.
	* sysdeps/unix/sysv/linux/s390/force-elision.h: Likewise.
	* sysdeps/unix/sysv/linux/s390/lowlevellock.h: Likewise.
	* sysdeps/unix/sysv/linux/s390/Makefile: Remove references to
	enable-lock-elision.

Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
2017-12-05 17:48:48 -02:00
H.J. Lu
8d81ce0c6d Properly compute offsets of note descriptor and next note [BZ #22370]
A note header has 3 4-bytes fields, followed by note name and note
descriptor.  According to gABI, in a note entry, the note name field,
not note name size, is padded for the note descriptor.  And the note
descriptor field, not note descriptor size, is padded for the next
note entry.  Notes are aligned to 4 bytes in 32-bit objects and 8 bytes
in 64-bit objects.

For all GNU notes, the name is "GNU" which is 4 bytes.  They have the
same format in the first 16 bytes in both 32-bit and 64-bit objects.
They differ by note descriptor size and note type.  So far, .note.ABI-tag
and .note.gnu.build-id notes are always aligned to 4 bytes.  The exsting
codes compute the note size by aligning the note name size and note
descriptor size to 4 bytes.  It happens to produce the same value as
the actual note size by luck since the name size is 4 and offset of the
note descriptor is 16.  But it will produce the wrong size when note
alignment is 8 bytes in 64-bit objects.

This patch defines ELF_NOTE_DESC_OFFSET and ELF_NOTE_NEXT_OFFSET to
properly compute offsets of note descriptor and next note.  It uses
alignment of PT_NOTE segment to support both 4-byte and 8-byte note
alignments in 64-bit objects.  To handle PT_NOTE segments with
incorrect alignment, which may lead to an infinite loop, if segment
alignment is less than 4, we treate alignment as 4 bytes since some
note segments have 0 or 1 byte alignment.

	[BZ #22370]
	* elf/dl-hwcaps.c (ROUND): Removed.
	(_dl_important_hwcaps): Replace ROUND with ELF_NOTE_DESC_OFFSET
	and ELF_NOTE_NEXT_OFFSET.
	* elf/dl-load.c (ROUND): Removed.
	(open_verify): Replace ROUND with ELF_NOTE_NEXT_OFFSET.
	* elf/readelflib.c (ROUND): Removed.
	(process_elf_file): Replace ROUND with ELF_NOTE_NEXT_OFFSET.
	* include/elf.h [!_ISOMAC]: Include <libc-pointer-arith.h>.
	[!_ISOMAC] (ELF_NOTE_DESC_OFFSET): New.
	[!_ISOMAC] (ELF_NOTE_NEXT_OFFSET): Likewise.
2017-11-28 09:57:00 -08:00
Andreas Schwab
c2c299fd24 Consolidate link map sorting
Combine the four places where link maps are sorted into a single function.
This also moves the logic to skip the first map (representing the main
binary) to the callers.
2017-11-27 11:37:19 +01:00
H.J. Lu
4a306ef1c8 ld.so: Add architecture specific fields
To support Intel Control-flow Enforcement Technology (CET) run-time
control:

1. An architecture specific field in the writable ld.so namespace is
needed to indicate if CET features are enabled at run-time.
2. An architecture specific field in struct link_map is needed if
CET features are enabled in an ELF module.

This patch adds dl-procruntime.c to the writable ld.so namespace and
link_map.h to struct link_map.

Tested with build-many-glibcs.py.

	* elf/dl-support.c: Include <dl-procruntime.c>.
	* include/link.h: Include <link_map.h>.
	* sysdeps/generic/dl-procruntime.c: New file.
	* sysdeps/generic/link_map.h: Likewise.
	* sysdeps/generic/ldsodefs.h: Include <dl-procruntime.c> in
	the writable ld.so namespace.
2017-11-13 08:02:52 -08:00
Szabolcs Nagy
0cc5b022f8 Mark lazy tlsdesc helper functions unused to avoid warnings
These static functions are not needed if a target does not do lazy
tlsdesc initialization.

	* elf/tlsdeschtab.h (_dl_tls_resolve_early_return_p): Mark unused.
	(_dl_tlsdesc_wake_up_held_fixups): Likewise.
2017-11-03 14:40:28 +00:00
Florian Weimer
4484b9e296 Assume that _DIRENT_HAVE_D_TYPE is always defined.
References remain in io/fts.c, io/ftw.c, posix/glob.c,
sysdeps/posix/getcwd.c.  These files are (potentially) externally
shared.
2017-10-30 15:48:33 +01:00
H.J. Lu
a67029ff12 Use $(DEFAULT-LDFLAGS-$(@F)) in +link-static-before-libc
Use $(LDFLAGS-$(@F)) with tst-tls1-static-non-pie may not be sufficient
when static PIE is built by default.  Use $(DEFAULT-LDFLAGS-$(@F)) in
+link-static-before-libc to make sure that tst-tls1-static-non-pie is
always built as non-PIE static executable and make sure that crt1.o is
used with tst-tls1-static-non-pie.

	* Makeconfig (+link-static-before-libc): Use
	$(DEFAULT-LDFLAGS-$(@F)).
	* elf/Makefile (CRT-tst-tls1-static-non-pie): New.
	(LDFLAGS-tst-tls1-static-non-pie): Renamed to ...
	(DEFAULT-LDFLAGS-tst-tls1-static-non-pie): This.
2017-10-04 17:16:04 -07:00
H.J. Lu
5dba84b324 Add a test for main () in a shared object
Verify that crt1.o can be used with main () in a shared object.

	* elf/Makefile (tests): Add tst-main1.
	(modules-names): Add tst-main1mod.
	($(objpfx)tst-main1): New.
	(CRT-tst-main1): Likewise.
	(LDFLAGS-tst-main1): Likewise.
	(LDLIBS-tst-main1): Likewise.
	(tst-main1mod.so-no-z-defs): Likewise.
	* elf/tst-main1.c: New file.
	* elf/tst-main1mod.c: Likewise.
2017-10-04 15:40:49 -07:00
H.J. Lu
b8818ab592 ld.so: Replace (&bootstrap_map) with BOOTSTRAP_MAP
(&_dl_main_map) is used instead of (&bootstrap_map) to bootstrap static
PIE.  Define BOOTSTRAP_MAP with (&_dl_main_map) to avoid hardcode to
(&bootstrap_map).

	* elf/rtld.c (BOOTSTRAP_MAP): New.
	(RESOLVE_MAP): Replace (&bootstrap_map) with BOOTSTRAP_MAP.
	* sysdeps/hppa/dl-machine.h (ELF_MACHINE_BEFORE_RTLD_RELOC):
	Likewise.
	* sysdeps/ia64/dl-machine.h (ELF_MACHINE_BEFORE_RTLD_RELOC):
	Likewise.
	* sysdeps/mips/dl-machine.h (ELF_MACHINE_BEFORE_RTLD_RELOC):
	Likewise.
2017-10-03 01:55:12 -07:00
H.J. Lu
a0aef7830e Move hidden_proto (__dl_iterate_phdr) to include/link.h [BZ #18822]
__dl_iterate_phdr is hidden and should be accessed directly within
libc.so and libc.a without using GOT nor PLT.

	[BZ #18822]
	* elf/dl-iteratephdr.c (hidden_proto (__dl_iterate_phdr)): Moved
	to ...
	* include/link.h (hidden_proto (__dl_iterate_phdr)): Here.
2017-10-01 16:09:38 -07:00
H.J. Lu
2000067a4b Add a test for non-PIE static executable
tst-tls1-static-non-pie is built with $(no-pie-ldflag) to make it a
non-PIE static executable, regardless if --enable-static-pie is used
to configure glibc.

	* elf/Makefile (tests-static-internal): Add
	tst-tls1-static-non-pie.
	(LDFLAGS-tst-tls1-static-non-pie): New.
	* elf/tst-tls1-static-non-pie.c: New file.
2017-09-30 01:39:32 -07:00
Alexey Makhalov
cebcb9f864 Fix range check in do_tunable_update_val
Current implementation of tunables does not set arena_max and arena_test
values. Any value provided by glibc.malloc.arena_max and
glibc.malloc.arena_test parameters is ignored.

These tunables have minval value set to 1 (see elf/dl-tunables.list file)
and undefined maxval value. In that case default value (which is 0. see
scripts/gen-tunables.awk) is being used to set maxval.

For instance, generated tunable_list[] entry for arena_max is:
(gdb) p *cur
$1 = {name = 0x7ffff7df6217 "glibc.malloc.arena_max",
 type = {type_code = TUNABLE_TYPE_SIZE_T, min = 1, max = 0},
  val = {numval = 0, strval = 0x0}, initialized = false,
   security_level = TUNABLE_SECLEVEL_SXID_IGNORE,
    env_alias = 0x7ffff7df622e "MALLOC_ARENA_MAX"}

As a result, any value of glibc.malloc.arena_max is ignored by
TUNABLE_SET_VAL_IF_VALID_RANGE macro
  __type min = (__cur)->type.min;                    <- initialized to 1
  __type max = (__cur)->type.max;                    <- initialized to 0!
  if (min == max)                                    <- false
    {
      min = __default_min;
      max = __default_max;
    }
  if ((__type) (__val) >= min && (__type) (val) <= max)  <- false
    {
      (__cur)->val.numval = val;
      (__cur)->initialized = true;
    }

Assigning correct min/max values at a build time fixes a problem.
Plus, a bit of optimization: Setting of default min/max values for the
given type at a run time might be eliminated.

	* elf/dl-tunables.c (do_tunable_update_val): Range checking fix.
	* scripts/gen-tunables.awk: Set unspecified minval and/or maxval
	values to correct default value for given type.
2017-09-27 02:44:09 +05:30