This patch saves and restores bound registers in symbol lookup for x86-64:
1. Branches without BND prefix clear bound registers.
2. x86-64 pass bounds in bound registers as specified in MPX psABI
extension on hjl/mpx/master branch at
https://github.com/hjl-tools/x86-64-psABIhttps://groups.google.com/forum/#!topic/x86-64-abi/KFsB0XTgWYc
Binutils has been updated to create an alternate PLT to add BND prefix
when branching to ld.so.
* config.h.in (HAVE_MPX_SUPPORT): New #undef.
* sysdeps/x86_64/configure.ac: Set HAVE_MPX_SUPPORT.
* sysdeps/x86_64/configure: Regenerated.
* sysdeps/x86_64/dl-trampoline.S (REGISTER_SAVE_AREA): New
macro.
(REGISTER_SAVE_RAX): Likewise.
(REGISTER_SAVE_RCX): Likewise.
(REGISTER_SAVE_RDX): Likewise.
(REGISTER_SAVE_RSI): Likewise.
(REGISTER_SAVE_RDI): Likewise.
(REGISTER_SAVE_R8): Likewise.
(REGISTER_SAVE_R9): Likewise.
(REGISTER_SAVE_BND0): Likewise.
(REGISTER_SAVE_BND1): Likewise.
(REGISTER_SAVE_BND2): Likewise.
(_dl_runtime_resolve): Use them. Save and restore Intel MPX
bound registers when calling _dl_fixup.
AVX-512 ISA adds 512-bit zmm registers. This patch updates
_dl_runtime_profile to pass zmm registers to run-time audit. It also
changes _dl_x86_64_save_sse and _dl_x86_64_restore_sse to upport zmm
registers, which are called when only when RTLD_PREPARE_FOREIGN_CALL
is used. Its performance impact is minimum.
* config.h.in (HAVE_AVX512_SUPPORT): New #undef.
(HAVE_AVX512_ASM_SUPPORT): Likewise.
* sysdeps/x86_64/bits/link.h (La_x86_64_zmm): New.
(La_x86_64_vector): Add zmm.
* sysdeps/x86_64/Makefile (tests): Add tst-audit10.
(modules-names): Add tst-auditmod10a and tst-auditmod10b.
($(objpfx)tst-audit10): New target.
($(objpfx)tst-audit10.out): Likewise.
(tst-audit10-ENV): New.
(AVX512-CFLAGS): Likewise.
(CFLAGS-tst-audit10.c): Likewise.
(CFLAGS-tst-auditmod10a.c): Likewise.
(CFLAGS-tst-auditmod10b.c): Likewise.
* sysdeps/x86_64/configure.ac: Set config-cflags-avx512,
HAVE_AVX512_SUPPORT and HAVE_AVX512_ASM_SUPPORT.
* sysdeps/x86_64/configure: Regenerated.
* sysdeps/x86_64/dl-trampoline.S (_dl_runtime_profile): Add
AVX-512 zmm register support.
(_dl_x86_64_save_sse): Likewise.
(_dl_x86_64_restore_sse): Likewise.
* sysdeps/x86_64/dl-trampoline.h: Updated to support different
size vector registers.
* sysdeps/x86_64/link-defines.sym (YMM_SIZE): New.
(ZMM_SIZE): Likewise.
* sysdeps/x86_64/tst-audit10.c: New file.
* sysdeps/x86_64/tst-auditmod10a.c: Likewise.
* sysdeps/x86_64/tst-auditmod10b.c: Likewise.
Autoconf has been deprecating configure.in for quite a long time.
Rename all our configure.in and preconfigure.in files to .ac.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
It has been a long practice for software using IEEE 754 floating-point
arithmetic run on MIPS processors to use an encoding of Not-a-Number
(NaN) data different to one used by software run on other processors.
And as of IEEE 754-2008 revision [1] this encoding does not follow one
recommended in the standard, as specified in section 6.2.1, where it
is stated that quiet NaNs should have the first bit (d1) of their
significand set to 1 while signalling NaNs should have that bit set to
0, but MIPS software interprets the two bits in the opposite manner.
As from revision 3.50 [2][3] the MIPS Architecture provides for
processors that support the IEEE 754-2008 preferred NaN encoding format.
As the two formats (further referred to as "legacy NaN" and "2008 NaN")
are incompatible to each other, tools have to provide support for the
two formats to help people avoid using incompatible binary modules.
The change is comprised of two functional groups of features, both of
which are required for correct support.
1. Dynamic linker support.
To enforce the NaN encoding requirement in dynamic linking a new ELF
file header flag has been defined. This flag is set for 2008-NaN
shared modules and executables and clear for legacy-NaN ones. The
dynamic linker silently ignores any incompatible modules it
encounters in dependency processing.
To avoid unnecessary processing of incompatible modules in the
presence of a shared module cache, a set of new cache flags has been
defined to mark 2008-NaN modules for the three ABIs supported.
Changes to sysdeps/unix/sysv/linux/mips/readelflib.c have been made
following an earlier code quality suggestion made here:
http://sourceware.org/ml/libc-ports/2009-03/msg00036.html
and are therefore a little bit more extensive than the minimum
required.
Finally a new name has been defined for the dynamic linker so that
2008-NaN and legacy-NaN binaries can coexist on a single system that
supports dual-mode operation and that a legacy dynamic linker that
does not support verifying the 2008-NaN ELF file header flag is not
chosen to interpret a 2008-NaN binary by accident.
2. Floating environment support.
IEEE 754-2008 features are controlled in the Floating-Point Control
and Status (FCSR) register and updates are needed to floating
environment support so that the 2008-NaN flag is set correctly and
the kernel default, inferred from the 2008-NaN ELF file header flag
at the time an executable is loaded, respected.
As the NaN encoding format is a property of GCC code generation that is
both a user-selected GCC configuration default and can be overridden
with GCC options, code that needs to know what NaN encoding standard it
has been configured for checks for the __mips_nan2008 macro that is
defined internally by GCC whenever the 2008-NaN mode has been selected.
This mode is determined at the glibc configuration time and therefore a
few consistency checks have been added to catch cases where compilation
flags have been overridden by the user.
The 2008 NaN set of features relies on kernel support as the in-kernel
floating-point emulator needs to be aware of the NaN encoding used even
on hard-float processors and configure the FPU context according to the
value of the 2008 NaN ELF file header flag of the executable being
started. As at this time work on kernel support is still in progress
and the relevant changes have not made their way yet to linux.org master
repository.
Therefore the minimum version supported has been artificially set to
10.0.0 so that 2008-NaN code is not accidentally run on a Linux kernel
that does not suppport it. It is anticipated that the version is
adjusted later on to the actual initial linux.org kernel version to
support this feature. Legacy NaN encoding support is unaffected, older
kernel versions remain supported.
[1] "IEEE Standard for Floating-Point Arithmetic", IEEE Computer
Society, IEEE Std 754-2008, 29 August 2008
[2] "MIPS Architecture For Programmers, Volume I-A: Introduction to the
MIPS32 Architecture", MIPS Technologies, Inc., Document Number:
MD00082, Revision 3.50, September 20, 2012
[3] "MIPS Architecture For Programmers, Volume I-A: Introduction to the
MIPS64 Architecture", MIPS Technologies, Inc., Document Number:
MD00083, Revision 3.50, September 20, 2012
The helper binary pt_chown tricked into granting access to another
user's pseudo-terminal.
Pre-conditions for the attack:
* Attacker with local user account
* Kernel with FUSE support
* "user_allow_other" in /etc/fuse.conf
* Victim with allocated slave in /dev/pts
Using the setuid installed pt_chown and a weak check on whether a file
descriptor is a tty, an attacker could fake a pty check using FUSE and
trick pt_chown to grant ownership of a pty descriptor that the current
user does not own. It cannot access /dev/pts/ptmx however.
In most modern distributions pt_chown is not needed because devpts
is enabled by default. The fix for this CVE is to disable building
and using pt_chown by default. We still provide a configure option
to enable hte use of pt_chown but distributions do so at their own
risk.
Check wheter the compiler has the option -fno-tree-loop-distribute-patterns
to inhibit loop transformation to library calls and uses it on memset
and memmove default implementation to avoid recursive calls.
Pretty sure we require recent enough versions of gcc/binutils to make this
check pointless. I can't any logs in the last few years where this check
didn't return "yes".
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
New configure option --enable-obsolete-rpc makes the deprecated RPC
headers and functions available at compile time as they were before
version 2.14. This option will be removed at some time in the future
after the TI-RPC library becomes fully sufficient for the needs of
existing applications.
If the compiler and flags would select the hard-float ABI
then the ARM configure fragment will set HAVE_ARM_PCS_VFP.
This is later used by the ARM shlib-versions to select
the appropriately named dynamic linker.
* sysdeps/sparc/configure.in: New file.
* sysdeps/sparc/configure: Generate.
* configure.in (libc_cv_sparc_as_vis3): Substitute.
* configure: Regenerate.
* config.h.in (HAVE_AS_VIS3_SUPPORT): New.
* config.make.in (have-as-vis3): New.
* sysdeps/sparc/sparc32/sparcv9/Makefile (ASFLAGS-*): If VIS3 is
available use -Av9d instead of -Av9a.
* sysdeps/sparc/sparc64/Makefile: Likewise.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/Makefile: New file.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/s_copysign-vis3.S: New file.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/s_copysign.S: New file.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/s_copysignf-vis3.S: New file.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/s_copysignf.S: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/Makefile: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/s_signbit-vis3.S: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/s_signbit.S: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/s_signbitf-vis3.S: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/s_signbitf.S: New file.
* config.h.in (HAVE_BINUTILS_GOTDATA): New.
(HAVE_GCC_GOTDATA): New.
* sysdeps/sparc/elf/configure.in: Test for GOTDATA
relocation support in both binutils and gcc.
* sysdeps/sparc/elf/configure: Regenerate.
Some symbols have to be identified process-wide by their name. This is
particularly important for some C++ features (e.g., class local static data
and static variables in inline functions). This cannot completely be
implemented with ELF functionality so far. The STB_GNU_UNIQUE binding
helps by ensuring the dynamic linker will always use the same definition for
all symbols with the same name and this binding.
2007-03-22 Jakub Jelinek <jakub@redhat.com>
* config.h.in (HAVE_LIBCAP): Add.
* nscd/selinux.h: Include sys/capability.h rather than non-existent
sys/capabilities.h.
* nscd/selinux.c (preserve_capabilities): Use cap_free instead of
free_caps. Cast away const from 4th cap_set_flag argument.
* elf/check-textrel.c: Include config.h.
(AB(handle_file)): Don't fail if PF_X | PF_W on architectures known
to have executable writable PLT.
* sysdeps/powerpc/powerpc32/configure.in (HAVE_PPC_SECURE_PLT): New
test.
* config.h.in (HAVE_PPC_SECURE_PLT): Add.
* malloc/malloc.c (MALLOC_ALIGNMENT): Set to __alignof__ (long double)
if long double is more aligned than 2 * SIZE_SZ.
(misaligned_chunk): Define.
(public_rEALLOc, _int_free, _int_realloc): Use it.
* configure.in: Add --enable-stackguard-randomization option.
(ENABLE_STACKGUARD_RANDOMIZE): New define.
* config.h.in (ENABLE_STACKGUARD_RANDOMIZE): Add.
* sysdeps/unix/sysv/linux/dl-osinfo.h: Include stdint.h.
(_dl_setup_stack_chk_guard): New inline function.
* sysdeps/generic/dl-osinfo.h: Include stdint.h.
(_dl_setup_stack_chk_guard): New inline function.
* elf/rtld.c (__stack_chk_guard): New variable.
(dl_main): Remove all traces of TLS_INIT_TP_EXPENSIVE.
Set __stack_chk_guard to _dl_setup_stack_chk_guard (),
use THREAD_SET_STACK_GUARD if defined.
* elf/Versions (ld): Export __stack_chk_guard@@GLIBC_2.4.
* sysdeps/generic/libc-start.c (__stack_chk_guard): New variable.
(__libc_start_main): Set __stack_chk_guard to
_dl_setup_stack_chk_guard (), use THREAD_SET_STACK_GUARD if defined.
* sysdeps/generic/libc-tls.c (__libc_setup_tls): Remove all
traces of TLS_INIT_TP_EXPENSIVE.
* debug/Versions (libc): Export __stack_chk_fail@@GLIBC_2.4.
* debug/Makefile (routines): Add stack_chk_fail.
(static-only-routines): Add stack_chk_fail_local.
* debug/stack_chk_fail_local.c: New file.
* debug/stack_chk_fail.c: New file.
* elf/Makefile: Add rules to build and run tst-stackguard1{,-static}
tests.
* elf/tst-stackguard1.c: New file.
* elf/tst-stackguard1-static.c: New file.
* elf/stackguard-macros.h: New file.
