Older versions of ld on ia64 support __ehdr_start, but generate relocs
when they shouldn't. This causes the ld.so to not run because it tries
to resolve the __ehdr_start symbol (but it's not exported).
This patch removes the configure test for working -z relro.
The use of -z relro in Makeconfig became unconditional with
commit 2e6ab1df44c412bb9d30b26a4d8a679150a7e375
Author: Ulrich Drepper <drepper@redhat.com>
Date: Sat Oct 28 06:44:04 2006 +0000
Remove conditional code which now is unnecessary.
(commit reference from git://repo.or.cz/glibc/history), so since then
the configure test has not controlled anything about how glibc is
built - simply about whether configure succeeds and allows a build to
be attempted. The test for whether the option did something useful
(as opposed to whether it exists - which we can certainly just assume
by now) was originally added in
<https://sourceware.org/ml/libc-hacker/2004-09/msg00069.html> to
disable the option in a case when it did nothing useful on ia64 (as a
result of something deliberate in the linker on ia64). Since 2006
that disabling has been of no effect, and given that the current test
does not set libc_relro_required for ia64, it does nothing whatever
useful for the original motivating case. Also at around the same time
in 2006 the test was made to give an error for missing or broken -z
relro support on various architectures.
So effectively all the test does now is verify that, on certain
architectures, the linker has not been changed deliberately to make
the option ineffective. I see no apparent reason why such a change
should be expected, or why the build should be stopped if it were to
be made (any more than we disallow build on ia64); I think we can
trust binutils patch review to point out the consequences of any
change to COMMONPAGESIZE setting. The only thing that might now make
sense would be disabling the -z relro use on an architecture-specific
basis if there were an architecture-specific reason to consider that
to make sense; it would be for the ia64 maintainer to decide if that
makes sense for ia64 at present, but I think that could be done
through sysdeps Makefiles - no special configure tests needed.
Tested for x86_64 that this patch makes no change to the installed
shared libraries.
Together with
<https://sourceware.org/ml/libc-alpha/2014-06/msg00788.html> (pending
review) this substantially eliminates architecture-specific cases from
architecture-independent configure.ac files. There remains an i386
case in sysdeps/mach/hurd/configure.ac that should properly move to
the i386 subdirectory. (There are also OS-specific cases outside
OS-specific directories; in principle I think should should also
move.)
* configure.ac (libc_commonpagesize): Remove variable.
(libc_relro_required): Likewise.
(libc_cv_z_relro): Remove configure test.
* configure: Regenerated.
* sysdeps/aarch64/preconfigure (libc_commonpagesize): Do not set
variable.
(libc_relro_required): Likewise.
* sysdeps/alpha/preconfigure (libc_commonpagesize): Likewise.
(libc_relro_required): Likewise.
* sysdeps/arm/preconfigure.ac (libc_commonpagesize): Likewise.
(libc_relro_required): Likewise.
* sysdeps/arm/preconfigure: Regenerated.
* sysdeps/ia64/preconfigure: Remove file.
* sysdeps/tile/preconfigure (libc_commonpagesize): Do not set
variable.
(libc_relro_required): Likewise.
This patch removes two powerpc special cases in the main configure.ac.
The test for rs6000 is irrelevant to currently supported
configurations (config.guess reports rs6000 for some OSes, of which
the only one currently supported by GCC is AIX, but not for Linux).
There's no need either for a special case for powerpc*-*soft;
--without-fp suffices, and GCC doesn't have any special handling of
such a triplet.
Not tested.
* configure.ac: Do not test for machine being rs6000. Do not test
for powerpc*-*soft.
* configure: Regenerated.
This patch removes configure tests for assembler CFI support (and
thereby eliminates an architecture-specific case in the main
configure.ac), instead assuming that support is present
unconditionally.
The main test was added in 2003 around the time CFI support was added
to the assembler. cfi_personality and cfi_lsda support were added to
the assembler in 2006. cfi_sections support was added in 2009, a few
weeks before binutils 2.20 was released; it's in 2.20, the minimum
supported version, so even that configure test is obsolete.
Tested x86_64 that the installed shared libraries are unchanged by
this patch.
* configure.ac (libc_cv_asm_cfi_directives): Remove configure
test.
* configure: Regenerated.
* config.h.in (HAVE_ASM_CFI_DIRECTIVES): Remove macro undefine.
* sysdeps/arm/configure.ac (libc_cv_asm_cfi_directive_sections):
Remove configure test.
* sysdeps/arm/configure: Regenerated.
* sysdeps/nptl/configure.ac: Do not check
libc_cv_asm_cfi_directives.
* sysdeps/nptl/configure: Regenerated.
* sysdeps/x86_64/nptl/configure.ac: Remove file.
* sysdeps/x86_64/nptl/configure: Remove generated file.
* b/sysdeps/generic/sysdep.h [HAVE_ASM_CFI_DIRECTIVES]: Make code
unconditional.
[!HAVE_ASM_CFI_DIRECTIVES]: Remove conditional code.
This patch moves the USE_REGPARMS define from the toplevel
configure.ac to sysdeps/i386/configure.ac.
Tested x86 that the disassembly of installed shared libraries is
unchanged by this patch.
* configure.ac (USE_REGPARMS): Don't define here.
* configure: Regenerated.
* sysdeps/i386/configure.ac (USE_REGPARMS): Define here.
* sysdeps/i386/configure: Regenerated.
One piece of architecture-specific code in the main configure.ac is
the powerpc test that can define BROKEN_PPC_ASM_CR0. There's no need
to move this to a sysdeps configure script, or to work out what bug it
was testing in May 1998 to see if it's still relevant, since nothing
in the source tree now uses the results of this test. Thus, this
patch just removes the test in question.
Not tested.
* configure.ac (libc_cv_c_asmcr0_bug): Remove configure test.
* configure: Regenerated.
* config.h.in (BROKEN_PPC_ASM_CR0): Remove macro.
This patch makes non-ex-ports architectures set base_machine and
machine based on the original configured machine value in preconfigure
fragments, like ex-ports architectures, rather than in the toplevel
configure.ac.
Tested x86 that the disassembly of installed shared libraries is
unchanged by the patch.
* configure.ac (base_machine): Do not set specially for particular
machines here.
* configure: Regenerated.
* sysdeps/powerpc/preconfigure: Move machine and base_machine
settings from configure.ac.
* sysdeps/i386/preconfigure: New file.
* sysdeps/s390/preconfigure: Likewise.
* sysdeps/sh/preconfigure: Likewise.
* sysdeps/sparc/preconfigure: Likewise.
Added support for TX lock elision of pthread mutexes on s390 and
s390x. This may improve lock scaling of existing programs on TX
capable systems. The lock elision code is only built with
--enable-lock-elision=yes and then requires a GCC version supporting
the TX builtins. With lock elision default mutexes are elided via
__builtin_tbegin, if the cpu supports transactions. By default lock
elision is not enabled and the elision code is not built.
The SELinux team has indicated to me that glibc's SELinux checks
in nscd are not being carried out as they would expect the API
to be used today. They would like to move away from static header
defines for class and permissions and instead use dynamic checks
at runtime that provide an answer which is dependent on the runtime
status of SELinux i.e. more dynamic.
The following patch is a minimal change that moves us forward in
this direction.
It does the following:
* Stop checking for SELinux headers that define NSCD__SHMEMHOST.
Check only for the presence or absence of the library.
* Don't encode the specific SELinux permission constants into a
table at build time, and instead use the symbolic name for the
permission as expected.
* Lookup the "What do we do if we don't know this permission?"
policy and use that if we find SELinux's policy is older than
the glibc policy e.g. we make a request for a permission that
SELinux doesn't know about.
* Lastly, translate the class and permission and then make
the permission check. This is done every time we lookup
a permission, and this is the expected way to use the API.
SELinux will optimize this for us, and we expect the network
latencies to hide these extra library calls.
Tested on x86, x86-64, and via Fedora Rawhide since November 2013.
See:
https://sourceware.org/ml/libc-alpha/2014-04/msg00179.html
This patch makes the configure adds -D_CALL_ELF=1 when compiler does
not define _CALL_ELF (versions before powerpc64le support). It cleans
up compiler warnings on old compiler where _CALL_ELF is not defined
on powerpc64(be) builds.
It does by add a new config.make variable for configure-deduced
CPPFLAGS and accumulate into that (confix-extra-cppflags). It also
generalizes libc_extra_cflags so it accumulates in sysdeps configure
fragmenets.
Autoconf is tested for and run if needed only when --enable-maintainer-mode
is used on configure. This results in the autom4te.cache directory only
being written in the source directory during configure if automatic
autoconf usage is requested.
Fixes BZ #14120.
Autoconf has been deprecating configure.in for quite a long time.
Rename all our configure.in and preconfigure.in files to .ac.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
http://sourceware.org/ml/libc-alpha/2013-08/msg00096.html
This adds the basic configury bits for powerpc64le and powerpcle.
* configure.in: Map powerpc64le and powerpcle to base_machine/machine.
* configure: Regenerate.
* nptl/shlib-versions: Powerpc*le starts at 2.18.
* shlib-versions: Likewise.
The helper binary pt_chown tricked into granting access to another
user's pseudo-terminal.
Pre-conditions for the attack:
* Attacker with local user account
* Kernel with FUSE support
* "user_allow_other" in /etc/fuse.conf
* Victim with allocated slave in /dev/pts
Using the setuid installed pt_chown and a weak check on whether a file
descriptor is a tty, an attacker could fake a pty check using FUSE and
trick pt_chown to grant ownership of a pty descriptor that the current
user does not own. It cannot access /dev/pts/ptmx however.
In most modern distributions pt_chown is not needed because devpts
is enabled by default. The fix for this CVE is to disable building
and using pt_chown by default. We still provide a configure option
to enable hte use of pt_chown but distributions do so at their own
risk.
Check wheter the compiler has the option -fno-tree-loop-distribute-patterns
to inhibit loop transformation to library calls and uses it on memset
and memmove default implementation to avoid recursive calls.
We no longer support configuring for i386, nor do we
elide such a configuration to i686. Configuring with
i386-* is a failure, and we provide an example of
how to fix that.
---
2013-04-17 Carlos O'Donell <carlos@redhat.com>
* configure.in: Remove i386 configure warning. Remove i386 case.
* configure: Regenerate.
* sysdeps/i386/configure.in: Raise error if config_machine is i386.
Add example to error message.
* sysdeps/i386/configure: Regenerate.
This change does two things:
* Treats a target i386-* as if it were i686.
* Fails configure if the user is generating code
for i386.
We no longer support i386 code-generation because the i386
lacks the atomic operations we need in glibc.
You can still configure for i386-*, but you get i686 code.
You can't build with --march=i386, --mtune=i386 or a compiler
that defaults to i386 code-generation.
I've added two i386 entries in the master todo list to discuss
merging and renaming:
http://sourceware.org/glibc/wiki/Development_Todo/Master#i386
The failure modes are fail-safe here. You compile for i386,
get i686, and try to run on i386 and it fails. The configure
log has a warning saying we elided to i686. There is no situation
that I can see where we run into any serious problems.
The patch makes the current state better in that we get less
confused users and we build successfully in more default
configurations.
The next enhancement would be to add --march=i?86
as suggested in #c20 of BZ#10062 for any i?86-* builds, which
would solve the problem of a 32-bit compiler that defaults to
i386 code-gen and glibc configured for i686-* target. Which
previously failed at build time, and now will fail at configure
time (requires adding --march=i686).
Updated NEWS with BZ #10060 and #10062.
No regressions.
---
2013-04-06 Carlos O'Donell <carlos@redhat.com>
[BZ #10060, #10062]
* aclocal.m4 (LIBC_COMPILER_BUILTIN_INLINED): New macro.
* sysdeps/i386/configure.in: Use LIBC_COMPILER_BUILTIN_INLINED and
fail configure if __sync_val_compare_and_swap is not inlined.
* sysdeps/i386/configure: Regenerate.
* configure.in: Build for i686 when configured for i386.
* configure: Regenerate.
* README: Remove i386 reference.
Stop assuming specific path layouts for C++ headers, and instead
use an autodetection method that looks for paths with '/[cg]++'
in the g++ include list.
The test currently tests the binutils frontend support which passes for
all versions of binutils we currently require (2.20+). It doesn't test
the backend which is required for ifunc to actually work, and which most
targets don't yet support.
Change the assembly code so that when we link it, we get a file that has
ifunc relocations if the backend supports it. That way we can test to
see if binutils supports everything we need.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
New configure option --enable-obsolete-rpc makes the deprecated RPC
headers and functions available at compile time as they were before
version 2.14. This option will be removed at some time in the future
after the TI-RPC library becomes fully sufficient for the needs of
existing applications.
* sysdeps/sparc/configure.in: New file.
* sysdeps/sparc/configure: Generate.
* configure.in (libc_cv_sparc_as_vis3): Substitute.
* configure: Regenerate.
* config.h.in (HAVE_AS_VIS3_SUPPORT): New.
* config.make.in (have-as-vis3): New.
* sysdeps/sparc/sparc32/sparcv9/Makefile (ASFLAGS-*): If VIS3 is
available use -Av9d instead of -Av9a.
* sysdeps/sparc/sparc64/Makefile: Likewise.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/Makefile: New file.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/s_copysign-vis3.S: New file.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/s_copysign.S: New file.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/s_copysignf-vis3.S: New file.
* sysdeps/sparc/sparc32/sparcv9/fpu/multiarch/s_copysignf.S: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/Makefile: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/s_signbit-vis3.S: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/s_signbit.S: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/s_signbitf-vis3.S: New file.
* sysdeps/sparc/sparc64/fpu/multiarch/s_signbitf.S: New file.
Some symbols have to be identified process-wide by their name. This is
particularly important for some C++ features (e.g., class local static data
and static variables in inline functions). This cannot completely be
implemented with ELF functionality so far. The STB_GNU_UNIQUE binding
helps by ensuring the dynamic linker will always use the same definition for
all symbols with the same name and this binding.
* config.make.in: Add nss-crypt entry.
* crypt/Makefile: If nss-crypt==yes, don't build md5.c, sha256.c,
sha512.c. Don't run md5test, sha256test, sha512test. Pass -DUSE_NSS
and include path for NSS directory to compiler for md5-crypt,
sha256-crypt, sha512-crypt. Link libcrypt.so with -lfreebl3.
* crypt/md5-crypt.c: If USE_NSS is defined, don't use local hash
function implementation, use NSS. Introduce wrappers around the
hash function calls. Little code size optimization.
* crypt/sha256-crypt.c: Likewise.
* crypt/sha512-crypt.c: Likewise.
* scripts/check-local-headers.sh: Ignore nss3 directory.
* configure.in: Rename pic_default to libc_cv_pic_default.
* config.make.in: Likewise.
smaller scopes.
* elf/dl-dst.h (DL_DST_REQ_STATIC): Add l as macro argument.
(DL_DST_REQUIRED): Adjust user.
* include/dlfcn.h (struct link_map): New forward decl.
* inet/getnameinfo.c: Include stddef.h.
(getnameinfo): Use offsetof.
* time/tst-mktime2.c (do_test): Don't rely on signed wrap.
* stdio-common/vfprintf.c (_itoa): Undef before redefining.
* string/strerror_l.c: Include stdlib.h.