Commit Graph

589 Commits

Author SHA1 Message Date
Frédéric Bérat
8022fc7d51 tests: replace system by xsystem
With fortification enabled, system calls return result needs to be checked,
has it gets the __wur macro enabled.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-19 09:15:05 -04:00
Frédéric Bérat
f6a532fbd0 tests: Replace various function calls with their x variant
With fortification enabled, few function calls return result need to be
checked, has they get the __wur macro enabled.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-06 08:23:53 -04:00
Paul Pluzhnikov
7f0d9e61f4 Fix all the remaining misspellings -- BZ 25337 2023-06-02 01:39:48 +00:00
Arjun Shankar
bea1a4a773 nss: Reconcile conditional declaration and use of `is_nscd'
This change harmonizes the declaration and use of `is_nscd' and fixes a
build failure with the "--enable-static-nss --enable-nscd"
configuration options due to `is_nscd' being used undeclared.

The purpose of `is_nscd' is to avoid (nss <-> nscd) recursion in
dynamically linked libc (SHARED) that is nscd-aware (USE_NSCD), and so
its declaration and use should be guarded by the definition of those
macros.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-05-16 11:40:10 +02:00
Adhemerval Zanella Netto
88677348b4 Move libc_freeres_ptrs and libc_subfreeres to hidden/weak functions
They are both used by __libc_freeres to free all library malloc
allocated resources to help tooling like mtrace or valgrind with
memory leak tracking.

The current scheme uses assembly markers and linker script entries
to consolidate the free routine function pointers in the RELRO segment
and to be freed buffers in BSS.

This patch changes it to use specific free functions for
libc_freeres_ptrs buffers and call the function pointer array directly
with call_function_static_weak.

It allows the removal of both the internal macros and the linker
script sections.

Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-03-27 13:57:55 -03:00
Qihao Chencao
cc4d6614b5 Use uintptr_t instead of performing pointer subtraction with a null pointer
Signed-off-by: Qihao Chencao <twose@qq.com>

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2023-02-17 17:07:44 -03:00
Wilco Dijkstra
32c7acd464 Replace rawmemchr (s, '\0') with strchr
Almost all uses of rawmemchr find the end of a string.  Since most targets use
a generic implementation, replacing it with strchr is better since that is
optimized by compilers into strlen (s) + s.  Also fix the generic rawmemchr
implementation to use a cast to unsigned char in the if statement.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2023-02-06 16:16:19 +00:00
Joseph Myers
ae612c45ef Update copyright dates not handled by scripts/update-copyrights
I've updated copyright dates in glibc for 2023.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.
2023-01-06 21:45:36 +00:00
Joseph Myers
6d7e8eda9b Update copyright dates with scripts/update-copyrights 2023-01-06 21:14:39 +00:00
Florian Weimer
58548b9d68 Use PTR_MANGLE and PTR_DEMANGLE unconditionally in C sources
In the future, this will result in a compilation failure if the
macros are unexpectedly undefined (due to header inclusion ordering
or header inclusion missing altogether).

Assembler sources are more difficult to convert.  In many cases,
they are hand-optimized for the mangling and no-mangling variants,
which is why they are not converted.

sysdeps/s390/s390-32/__longjmp.c and sysdeps/s390/s390-64/__longjmp.c
are special: These are C sources, but most of the implementation is
in assembler, so the PTR_DEMANGLE macro has to be undefined in some
cases, to match the assembler style.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2022-10-18 17:04:10 +02:00
Florian Weimer
88f4b6929c Introduce <pointer_guard.h>, extracted from <sysdep.h>
This allows us to define a generic no-op version of PTR_MANGLE and
PTR_DEMANGLE.  In the future, we can use PTR_MANGLE and PTR_DEMANGLE
unconditionally in C sources, avoiding an unintended loss of hardening
due to missing include files or unlucky header inclusion ordering.

In i386 and x86_64, we can avoid a <tls.h> dependency in the C
code by using the computed constant from <tcb-offsets.h>.  <sysdep.h>
no longer includes these definitions, so there is no cyclic dependency
anymore when computing the <tcb-offsets.h> constants.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2022-10-18 17:03:55 +02:00
Florian Weimer
c02e29a0ba nss: Use shared prefix in IPv4 address in tst-reload1
Otherwise, sorting based on the longest-matching prefix in
getaddrinfo can reorder the addresses in ways the test does not
expect, depending on the IPv4 address of the host.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-09-23 19:30:57 +02:00
Florian Weimer
fecf481f0f nss: Enhance tst-reload1 coverage and logging
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-09-23 19:30:57 +02:00
Florian Weimer
c75d20b5b2 nss: Fix tst-nss-files-hosts-long on single-stack hosts (bug 24816)
getent implicitly passes AI_ADDRCONFIG to getaddrinfo by default.
Use --no-addrconfig to suppress that, so that both IPv4 and IPv6
lookups succeed even if the address family is not supported by the
host.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2022-09-20 13:09:55 +02:00
Florian Weimer
a623f13adf nss: Implement --no-addrconfig option for getent
The ahosts, ahostsv4, ahostsv6 commands unconditionally pass
AI_ADDRCONFIG to getaddrinfo, which is not always desired.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2022-09-20 13:09:25 +02:00
Aurelien Jarno
f278835f59 makedb: fix build with libselinux >= 3.1 (Bug 26233)
glibc doesn't build with libselinux 3.1 that has been released recently
due to new deprecations introduced in that version and the fact that
glibc is built with -Werror by default:

| makedb.c: In function ‘set_file_creation_context’:
| makedb.c:849:3: error: ‘security_context_t’ is deprecated [-Werror=deprecated-declarations]
|   849 |   security_context_t ctx;
|       |   ^~~~~~~~~~~~~~~~~~
| makedb.c:863:3: error: ‘matchpathcon’ is deprecated: Use selabel_lookup instead [-Werror=deprecated-declarations]
|   863 |   if (matchpathcon (outname, S_IFREG | mode, &ctx) == 0 && ctx != NULL)
|       |   ^~
| In file included from makedb.c:50:
| /usr/include/selinux/selinux.h:500:12: note: declared here
|   500 | extern int matchpathcon(const char *path,
|       |            ^~~~~~~~~~~~
| cc1: all warnings being treated as errors

This patch fixes the makedb half of bug 26233 by moving to the new
SELinux APIs and removes the existing compiler pragmas as no longer
required. Upstream API usage feedback gathered by Arjun is integrated
into this version of the fix.

The built makedb was tested and operates as expected on x86_64 with
SELinu in enforcing mode.

No regressions on x86_64 with libselinux 3.3.

Co-authored-by: Arjun Shankar <arjun@redhat.com>
Co-authored-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-09-12 18:26:49 -04:00
Sam James
ace9e3edbc nss: handle stat failure in check_reload_and_get (BZ #28752)
Skip the chroot test if the database isn't loaded
correctly (because the chroot test uses some
existing DB state).

The __stat64_time64 -> fstatat call can fail if
running under an (aggressive) seccomp filter,
like Firefox seems to use.

This manifested in a crash when using glib built
with FAM support with such a Firefox build.

Suggested-by: DJ Delorie <dj@redhat.com>
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: DJ Delorie <dj@redhat.com>
2022-06-08 21:29:39 -04:00
Sam James
3fdf0a205b nss: add assert to DB_LOOKUP_FCT (BZ #28752)
It's interesting if we have a null action list,
so an assert is worthwhile.

Suggested-by: DJ Delorie <dj@redhat.com>
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: DJ Delorie <dj@redhat.com>
2022-06-08 21:29:39 -04:00
Noah Goldstein
3d155d4b6c nss: Optimize nss_hash in nss_hash.c
The prior unrolling didn't really do much as it left the dependency
chain between iterations. Unrolled the loop for 4 so 4x multiplies
could be pipelined in out-of-order machines.

Results for __nss_hash
Benchmarked on Tigerlake: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz

Time as Geometric Mean of N=25 runs
Geometric of all benchmark New / Old: 0.845
  type, length, New Time, Old Time, New Time / Old Time
 fixed,      0,    4.019,    3.729,               1.078
 fixed,      1,     4.95,    5.707,               0.867
 fixed,      2,    5.152,    5.657,               0.911
 fixed,      3,    4.641,    5.721,               0.811
 fixed,      4,    5.551,     5.81,               0.955
 fixed,      5,    6.525,    6.552,               0.996
 fixed,      6,    6.711,    6.561,               1.023
 fixed,      7,    6.715,    6.767,               0.992
 fixed,      8,    7.874,    7.915,               0.995
 fixed,      9,    8.888,    9.767,                0.91
 fixed,     10,    8.959,    9.762,               0.918
 fixed,     11,    9.188,    9.987,                0.92
 fixed,     12,    9.708,   10.618,               0.914
 fixed,     13,   10.393,    11.14,               0.933
 fixed,     14,   10.628,   12.097,               0.879
 fixed,     15,   10.982,   12.965,               0.847
 fixed,     16,   11.851,   14.429,               0.821
 fixed,     32,   24.334,   34.414,               0.707
 fixed,     64,   55.618,   86.688,               0.642
 fixed,    128,  118.261,   224.36,               0.527
 fixed,    256,  256.183,  538.629,               0.476
random,      2,   11.194,   11.556,               0.969
random,      4,   17.516,   17.205,               1.018
random,      8,   23.501,   20.985,                1.12
random,     16,   28.131,   29.212,               0.963
random,     32,   35.436,   38.662,               0.917
random,     64,    45.74,   58.868,               0.777
random,    128,   75.394,  121.963,               0.618
random,    256,  139.524,  260.726,               0.535
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-05-23 10:38:40 -05:00
Noah Goldstein
5f2f0f6977 nss: Add tests for the nss_hash in nss_hash.h
If we want to further optimize the function tests are needed.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-05-23 10:38:40 -05:00
Samuel Thibault
67ab66541d hurd: Fix arbitrary error code
ELIBBAD is Linux-specific.
2022-04-12 22:15:48 +02:00
DJ Delorie
2fe64148a8 Allow for unpriviledged nested containers
If the build itself is run in a container, we may not be able to
fully set up a nested container for test-container testing.
Notably is the mounting of /proc, since it's critical that it
be mounted from within the same PID namespace as its users, and
thus cannot be bind mounted from outside the container like other
mounts.

This patch defaults to using the parent's PID namespace instead of
creating a new one, as this is more likely to be allowed.

If the test needs an isolated PID namespace, it should add the "pidns"
command to its init script.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2022-04-04 14:17:08 -04:00
Siddhesh Poyarekar
1c37b8022e Simplify allocations and fix merge and continue actions [BZ #28931]
Allocations for address tuples is currently a bit confusing because of
the pointer chasing through PAT, making it hard to observe the sequence
in which allocations have been made.  Narrow scope of the pointer
chasing through PAT so that it is only used where necessary.

This also tightens actions behaviour with the hosts database in
getaddrinfo to comply with the manual text.  The "continue" action
discards previous results and the "merge" action results in an immedate
lookup failure.  Consequently, chaining of allocations across modules is
no longer necessary, thus opening up cleanup opportunities.

A test has been added that checks some combinations to ensure that they
work correctly.

Resolves: BZ #28931

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: DJ Delorie <dj@redhat.com>
2022-03-22 19:38:36 +05:30
Siddhesh Poyarekar
e2f68b54e8 nss: Sort tests and tests-container and put one test per line
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-03-17 11:16:57 +05:30
Florian Weimer
9bdf92c79d nss: Protect against errno changes in function lookup (bug 28953)
dlopen may clobber errno.  The nss_test_errno module uses an ELF
constructor to achieve that, but there could be internal errors
during dlopen that cause this, too.  Therefore, the NSS framework
has to guard against such errno clobbers.

__nss_module_get_function is currently the only function that calls
__nss_module_load, so it is sufficient to save and restore errno
around this call.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2022-03-11 08:24:19 +01:00
Florian Weimer
aefc79ab5a nss: Do not mention NSS test modules in <gnu/lib-names.h>
They are not actually installed.  Use the nss_files version instead
in nss/Makefile, similar to how __nss_shlib_revision is derived
from LIBNSS_FILES_SO.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2022-03-11 08:24:04 +01:00
Paul Eggert
634b5ebac6 Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2022.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.  As well as the usual annual
updates, mainly dates in --version output (minus csu/version.c which
previously had to be handled manually but is now successfully updated
by update-copyrights), there is a small change to the copyright notice
in NEWS which should let NEWS get updated automatically next year.

Please remember to include 2022 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).
2022-01-01 11:42:26 -08:00
Paul Eggert
581c785bf3 Update copyright dates with scripts/update-copyrights
I used these shell commands:

../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")

and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 7061 files FOO.

I then removed trailing white space from math/tgmath.h,
support/tst-support-open-dev-null-range.c, and
sysdeps/x86_64/multiarch/strlen-vec.S, to work around the following
obscure pre-commit check failure diagnostics from Savannah.  I don't
know why I run into these diagnostics whereas others evidently do not.

remote: *** 912-#endif
remote: *** 913:
remote: *** 914-
remote: *** error: lines with trailing whitespace found
...
remote: *** error: sysdeps/unix/sysv/linux/statx_cp.c: trailing lines
2022-01-01 11:40:24 -08:00
Florian Weimer
b99b0f93ee nss: Use "files dns" as the default for the hosts database (bug 28700)
This matches what is currently in nss/nsswitch.conf.  The new ordering
matches what most distributions use in their installed configuration
files.

It is common to add localhost to /etc/hosts because the name does not
exist in the DNS, but is commonly used as a host name.

With the built-in "dns [!UNAVAIL=return] files" default, dns is
searched first and provides an answer for "localhost" (NXDOMAIN).
We never look at the files database as a result, so the contents of
/etc/hosts is ignored.  This means that "getent hosts localhost"
fail without a /etc/nsswitch.conf file, even though the host name
is listed in /etc/hosts.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-12-17 12:01:25 +01:00
H.J. Lu
57e349b1b0 Disable DT_RUNPATH on NSS tests [BZ #28455]
The glibc internal NSS functions should always load NSS modules from
the system.  For testing purpose, disable DT_RUNPATH on NSS tests so
that the glibc internal NSS functions can load testing NSS modules
via DT_RPATH.

This partially fixes BZ #28455.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-12-13 07:32:04 -08:00
Fangrui Song
53d19edf7b nss: Unnest nested function add_key
This makes makedb.c compilable with Clang which does not support nested
functions.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-10-19 09:36:43 -07:00
Aurelien Jarno
2738480a4b Fix failing nss/tst-nss-files-hosts-long with local resolver
When a local resolver like unbound is listening on the IPv4 loopback
address 127.0.0.1, the nss/tst-nss-files-hosts-long test fails. This is
due to:
- the default resolver in the absence of resolv.conf being 127.0.0.1
- the default DNS NSS database configuration in the absence of
  nsswitch.conf being 'hosts: dns [!UNAVAIL=return] file'

This causes the requests for 'test4' and 'test6' to first be sent to the
local resolver, which responds with NXDOMAIN in the likely case those
records do no exist. In turn that causes the access to /etc/hosts to be
skipped, which is the purpose of that test.

Fix that by providing a simple nsswitch.conf file forcing access to
/etc/hosts for that test. I have tested that the only changed result in
the testsuite is that test.
2021-09-07 21:41:38 +02:00
Siddhesh Poyarekar
30891f35fa Remove "Contributed by" lines
We stopped adding "Contributed by" or similar lines in sources in 2012
in favour of git logs and keeping the Contributors section of the
glibc manual up to date.  Removing these lines makes the license
header a bit more consistent across files and also removes the
possibility of error in attribution when license blocks or files are
copied across since the contributed-by lines don't actually reflect
reality in those cases.

Move all "Contributed by" and similar lines (Written by, Test by,
etc.) into a new file CONTRIBUTED-BY to retain record of these
contributions.  These contributors are also mentioned in
manual/contrib.texi, so we just maintain this additional record as a
courtesy to the earlier developers.

The following scripts were used to filter a list of files to edit in
place and to clean up the CONTRIBUTED-BY file respectively.  These
were not added to the glibc sources because they're not expected to be
of any use in future given that this is a one time task:

https://gist.github.com/siddhesh/b5ecac94eabfd72ed2916d6d8157e7dc
https://gist.github.com/siddhesh/15ea1f5e435ace9774f485030695ee02

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-09-03 22:06:44 +05:30
Florian Weimer
ee5ed99922 nss: Directly load nss_dns, without going through dlsym/dlopen
This partially fixes static-only NSS support (bug 27959): The dns
module no longer needs dlopen.  Support for disabling dlopen altogher
remains to be added.

This commit introduces module_load_builtin into nss/nss_module.c, which
handles the common parts of loading the built-in nss_files and nss_dns
modules.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-19 07:56:57 +02:00
Stefan Liebler
0e1f068108 Fix linknamespace errors and local-plt-usages in nss_files.
After commit f9c8b11ed7
"nss: Access nss_files through direct references",
when building with -Os, multiple conform/.../linknamespace tests
and elf/check-localplt are failing:
Extra PLT reference: libc.so: fgetc_unlocked
Extra PLT reference: libc.so: getline

Or e.g.:
[initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endaliasent -> [libc.a(files-alias.o)] feof_unlocked
[initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endaliasent -> [libc.a(files-alias.o)] fgetc_unlocked
[initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endnetgrent -> [libc.a(files-netgrp.o)] getline

This patch is using the hidden symbols where possible.
Instead of fputc_unlocked, __putc_unlocked is used.
(Compare to commit eeaa19f75e
"mntent: Use __putc_unlocked instead of fputc_unlocked")
2021-07-14 16:59:12 +02:00
Cooper Qu
135425a1dd nss: Fix build error with --disable-nscd
The error is as follows:
nss_module.c: In function 'module_load_nss_files':
nss_module.c:117:7: error: 'is_nscd' undeclared (first use in this function)
  117 |   if (is_nscd)
      |       ^~~~~~~
nss_module.c:117:7: note: each undeclared identifier is reported only once for each function it appears in
nss_module.c:119:51: error: 'nscd_init_cb' undeclared (first use in this function); did you mean 'nscd_init'?
  119 |       void (*cb) (size_t, struct traced_file *) = nscd_init_cb;
      |                                                   ^~~~~~~~~~~~
      |                                                   nscd_init
2021-07-14 10:17:49 +02:00
Stefan Liebler
8235f9311b Fix failing nss/tst-nss-files-hosts-long.
Sometimes the test nss/tst-nss-files-hosts-long is failing as getent
fails with exit-code 2.

This happens if tst-reload1 was run just before this test:
make t=nss/tst-reload1 test
make t=nss/tst-nss-files-hosts-long test
Then the test fails as /etc/nsswitch.conf contains "hosts: test2"
and the hosts are not searched in /etc/hosts at all.

Thus this patch just requests a post cleanup after nss/tst-reload1
has run.
2021-07-12 11:59:04 +02:00
Florian Weimer
9ed48feed8 nss: Do not install static linker input files for libnss_files 2021-07-08 14:06:53 +02:00
Florian Weimer
f9c8b11ed7 nss: Access nss_files through direct references
This partially fixes static-only NSS support (bug 27959): The files
module no longer needs dlopen.  Support for the dns module remains
to be added, and also support for disabling dlopen altogether.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
6212bb67f4 nss_files: Move into libc
This is the first step towards fixing bug 27959.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
36861a968a nss_files: Add generic code for set*ent, end*ent and file open
This reduces RSS usage if nss_files is not actually used, and can
be used later to make NSS data thread-specific.  It also results in
a small code size reduction.

Before:

   text	   data	    bss	    dec	    hex	filename
   2288	      0	     72	   2360	    938	nss/files-alias.os
   1807	      0	     72	   1879	    757	nss/files-ethers.os
   1371	      0	     72	   1443	    5a3	nss/files-grp.os
   6246	      0	     72	   6318	   18ae	nss/files-hosts.os
    869	      0	      0	    869	    365	nss/files-initgroups.os
    666	      0	      0	    666	    29a	nss/files-init.os
   1934	      0	      0	   1934	    78e	nss/files-netgrp.os
   2353	      0	     72	   2425	    979	nss/files-network.os
   2130	      0	     72	   2202	    89a	nss/files-proto.os
   1372	      0	     72	   1444	    5a4	nss/files-pwd.os
   2124	      0	     72	   2196	    894	nss/files-rpc.os
   2265	      0	     72	   2337	    921	nss/files-service.os
   1125	      0	     72	   1197	    4ad	nss/files-sgrp.os
   1124	      0	     72	   1196	    4ac	nss/files-spwd.os

After:

   text	   data	    bss	    dec	    hex	filename
   2040	      0	      0	   2040	    7f8	nss/files-alias.os
   1599	      0	      0	   1599	    63f	nss/files-ethers.os
   1155	      0	      0	   1155	    483	nss/files-grp.os
   6010	      0	      0	   6010	   177a	nss/files-hosts.os
    869	      0	      0	    869	    365	nss/files-initgroups.os
    666	      0	      0	    666	    29a	nss/files-init.os
   1934	      0	      0	   1934	    78e	nss/files-netgrp.os
   2129	      0	      0	   2129	    851	nss/files-network.os
   1914	      0	      0	   1914	    77a	nss/files-proto.os
   1156	      0	      0	   1156	    484	nss/files-pwd.os
   1908	      0	      0	   1908	    774	nss/files-rpc.os
   2057	      0	      0	   2057	    809	nss/files-service.os
    909	      0	      0	    909	    38d	nss/files-sgrp.os
    908	      0	      0	    908	    38c	nss/files-spwd.os
   1090	      0	      8	   1098	    44a	nss/nss_files_data.os

27674 code bytes before, 26344 code bytes after, so it is an overall
win despite the extra initialization code.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
f0c28504a9 nss_files: Allocate nscd file registration data on the heap
This is only needed if nss_files is loaded by nscd.

Before:

   text	   data	    bss	    dec	    hex	filename
    767	      0	  24952	  25719	   6477	nss/files-init.os

After:

   text	   data	    bss	    dec	    hex	filename
    666	      0	      0	    666	    29a	nss/files-init.os

Using PATH_MAX bytes unconditionally for the directory name
is wasteful, but fixing that would constitute another break
of this semi-public ABI.  (The other issue is that with
symbolic links, an arbitrary set of parent directories may need
watching, not just a single one.)

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
5e1ce61e3e nss: Fix NSS_DECLARE_MODULE_FUNCTIONS handling of _nss_*_endnetgrent
The old version had an additional underscore, making the declaration
ineffective.
2021-06-29 12:06:40 +02:00
Adhemerval Zanella
52a5fe70a2 Use 64 bit time_t stat internally
For the legacy ABI with supports 32-bit time_t it calls the 64-bit
time directly, since the LFS symbols calls the 64-bit time_t ones
internally.

Checked on i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2021-06-22 12:09:52 -03:00
Florian Weimer
6f1c701026 dlfcn: Cleanups after -ldl is no longer required
This commit removes the ELF constructor and internal variables from
dlfcn/dlfcn.c.  The file now serves the same purpose as
nptl/libpthread-compat.c, so it is renamed to dlfcn/libdl-compat.c.
The use of libdl-shared-only-routines ensures that libdl.a is empty.

This commit adjusts the test suite not to use $(libdl).  The libdl.so
symbolic link is no longer installed.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 09:11:45 +02:00
Martin Sebor
30685597a4 Use a #pragma to suppress a bogus GCC 10 warning instead of an assert [BZ 27832].
Reviewed-by: fweimer@redhat.com
2021-05-10 14:30:09 -06:00
Martin Sebor
26492c0a14 Annotate additional APIs with GCC attribute access.
This change continues the improvements to compile-time out of bounds
checking by decorating more APIs with either attribute access, or by
explicitly providing the array bound in APIs such as tmpnam() that
expect arrays of some minimum size as arguments.  (The latter feature
is new in GCC 11.)

The only effects of the attribute and/or the array bound is to check
and diagnose calls to the functions that fail to provide a sufficient
number of elements, and the definitions of the functions that access
elements outside the specified bounds.  (There is no interplay with
_FORTIFY_SOURCE here yet.)

Tested with GCC 7 through 11 on x86_64-linux.
2021-05-06 11:01:05 -06:00
DJ Delorie
9b456c5da9 nss: fix nss_database_lookup2's alternate handling [BZ #27416]
__nss_database_lookup2's extra arguments were left unused in the
nsswitch reloading patch set; this broke compat (default config
ignored) and shadow files (secondary name ignored) which relies on
these fallbacks.

This patch adds in the previous behavior by correcting the
initialization of the database list to reflect the fallbacks.  This
means that the nss_database_lookup2 interface no longer needs to be
passed the fallback info, so API and callers were adjusted.

Since all callers needed to be edited anyway, the calls were changed
from __nss_database_lookup2 to the faster __nss_database_get.  This
was an intended optimization which was deferred during the initial
lookup changes to avoid touching so many files.

The test case verifies that compat targets work (passwd) and that the
default configuration works (group).  Tested on x86-64.
2021-03-09 14:34:50 -05:00
DJ Delorie
58673149f3 nss: Re-enable NSS module loading after chroot [BZ #27389]
The glibc 2.33 release enabled /etc/nsswitch.conf reloading,
and to prevent potential security issues like CVE-2019-14271
the re-loading of nsswitch.conf and all mdoules was disabled
when the root filesystem changes (see bug 27077).

Unfortunately php-lpfm and openldap both require the ability
to continue to load NSS modules after chroot. The packages
do not exec after the chroot, and so do not cause the
protections to be reset. The only solution is to re-enable
only NSS module loading (not nsswitch.conf reloading) and so
get back the previous glibc behaviour.

In the future we may introduce a way to harden applications
so they do not reload NSS modules once the root filesystem
changes, or that only files/dns are available pre-loaded
(or builtin).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-03-02 16:14:18 -05:00
Sergei Trofimovich
c3479fb793 nsswitch: return result when nss database is locked [BZ #27343]
Before the change nss_database_check_reload_and_get() did not populate
the '*result' value when it returned success in a case of chroot
detection. This caused initgroups() to use garage pointer in the
following test (extracted from unbound):

```

int main() {
    // load some NSS modules
    struct passwd * pw = getpwnam("root");

    chdir("/tmp");
    chroot("/tmp");
    chdir("/");
    // access nsswitch.conf in a chroot
    initgroups("root", 0);
}
```

Reviewed-by: DJ Delorie <dj@redhat.com>
2021-02-05 13:07:10 -05:00