When dynamically linking, ifunc resolvers are called before TLS is
initialized, so they cannot be safely stack-protected.
We avoid disabling stack-protection on large numbers of files by
using __attribute__ ((__optimize__ ("-fno-stack-protector")))
to turn it off just for the resolvers themselves. (We provide
the attribute even when statically linking, because we will later
use it elsewhere too.)
This adds =all and =strong, with obvious semantics, defaulting to off.
We don't validate the value of the option yet: that's in a later patch.
Nor do we use it for anything at this stage.
We differentiate between 'the compiler understands -fstack-protector'
and 'the user wanted -fstack-protector' so that we can pass
-fno-stack-protector in appropriate places even if the user didn't want
to turn on -fstack-protector for other parts. (This helps us overcome
another existing limitation, that glibc doesn't work with GCCs hacked
to pass in -fstack-protector by default.)
We also arrange to set the STACK_PROTECTOR_LEVEL #define to a value
appropriate for the stack-protection level in use for each file in
particular.
Add a configure check that looks for python3 and python in that order
since we had agreed in the past to prefer python3 over python in all
our code. The patch also adjusts invocations through the various
Makefiles to use the set variable.
* configure.ac: Check for python3 or python.
* configure: Regenerated.
* config.make.in (PYTHON): New variable.
* benchtests/Makefile: Don't define PYTHON.
(bench): Define target only if PYTHON was defined.
* Rules: Don't define PYTHON.
Define pretty printer targets only if PYTHON was defined.
(tests-printers): Add to tests-unsupported if PYTHON is not
found.
(python-flags, python-invoke): Remove.
(tests-printers-out): Use PYTHON instead of python-invoke.
Some configurations may use NSS cryptographic routines but have no
static library for those routines. The following changes allow glibc to
be built and tested with --enable-nss-crypt, but without having a static
NSS library. At a high level the change does two things:
(1) Detect at configure time if static NSS crypto libraries are
available. Assumes libfreebl3.a (instead of the existing Fedora
libfreebl.a which is incomplete) which matches libfreebl3.so.
(2) If static NSS crypto libraries are _not_ available then adjust the
way in which we build tst-linkall-static. This includes excluding a
reference to crypt and not linking against libcrypt.a, all of which
will fail otherwise.
Testing assumptions:
* Static library is named libfreebl3.a (not libfreebl.a as is currently
provided in Fedora), matching libfreebl3.so shared link name.
Tested on x86_64 on Fedora with:
(a) --enable-nss-crypt, with no static NSS library support: PASS
(previous FAIL)
(b) --enable-nss-crypt, with faked static NSS library support: PASS
(unsupported)
* Requires changing elf/Makefile to include a stub
/lib64/libfreebl3.a for testing purposes.
(c) --disable-nss-crypt: PASS
(default)
No regressions on x86_64.
For details see:
https://www.sourceware.org/ml/libc-alpha/2016-11/msg00647.html
When glibc is compiled with gcc 6.2 that has been configured with
--enable-default-pie and --enable-default-ssp, the configure script
fails to detect that the compiler has ssp turned on by default when
being built for i686-linux-gnu.
This is because gcc is emitting __stack_chk_fail_local but the
script is only looking for __stack_chk_fail. Support both.
Example output:
checking whether x86_64-pc-linux-gnu-gcc -m32 -Wl,-O1 -Wl,--as-needed
implicitly enables -fstack-protector... no
This patch adds a configure check to test if gcc supports attribute ifunc.
The support can either be enabled in <gcc-src>/gcc/config.gcc for one
architecture in general by setting default_gnu_indirect_function variable to yes
or by configuring gcc with --enable-gnu-indirect-function.
The next patch rewrites libc_ifunc macro to use gcc attribute ifunc instead
of inline assembly to generate the IFUNC symbols due to false debuginfo.
If gcc does not support attribute ifunc, the old approach for generating
ifunc'ed symbols is used. Then the debug-information is false. Thus it is
recommended to use a gcc with indirect function support (See notes in INSTALL).
After this patch-series these inline assemblies for ifunc-handling are not
scattered in multiple files but are used only indirect via ifunc-macros
and can simply removed in libc-symbols.h in future.
If glibc is configured with --enable-multi-arch and gcc does not support
attribute ifunc, a configure warning is dumped!
ChangeLog:
* config.h.in (HAVE_GCC_IFUNC): New undef.
* configure.ac: Add check if gcc supports attribute ifunc feature.
* configure: Regenerated.
* manual/install.texi: Add recommendation for gcc with
indirect-function support.
* INSTALL: Regenerated.
Since _dl_tlsdesc_dynamic is called via PLT, we need to add 8 bytes for
push in the PLT entry to align the stack.
[BZ #20309]
* configure.ac (have-mtls-dialect-gnu2): Set to yes if
-mtls-dialect=gnu2 works.
* configure: Regenerated.
* elf/Makefile [have-mtls-dialect-gnu2 = yes]
(tests): Add tst-gnu2-tls1.
(modules-names): Add tst-gnu2-tls1mod.
($(objpfx)tst-gnu2-tls1): New.
(tst-gnu2-tls1mod.so-no-z-defs): Likewise.
(CFLAGS-tst-gnu2-tls1mod.c): Likewise.
* elf/tst-gnu2-tls1.c: New file.
* elf/tst-gnu2-tls1mod.c: Likewise.
* sysdeps/x86_64/dl-tlsdesc.S (_dl_tlsdesc_dynamic): Add 8
bytes for push in the PLT entry to align the stack.
When --enable-bind-now is used to configure glibc build, we can avoid
an extra branch to the PLT entry by using indirect branch via the GOT
slot instead, which is similar to the first instructuon in the PLT
entry. Changes in the shared library sizes in text sections:
Shared library Before (bytes) After (bytes)
libm.so 1060813 1060797
libmvec.so 160881 160805
libpthread.so 94992 94984
librt.so 25064 25048
* config.h.in (BIND_NOW): New.
* configure.ac (BIND_NOW): New. Defined for --enable-bind-now.
* configure: Regenerated.
* sysdeps/x86_64/sysdep.h (JUMPTARGET)[BIND_NOW]: Defined to
indirect branch via the GOT slot.
In preparation to fix the --localedir configure argument we must
move the existing conflicting definition of localedir to a more
appropriate name. Given that all current internal uses of localedir
relate to the compiled locales we rename to complocaledir.
There are configure tests for the linker -z nodelete, -z nodlopen and
-z initfirst options. These options were added in binutils 2.11, so
the tests are obsolete; this patch removes them.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_z_nodelete): Remove configure test.
(libc_cv_z_nodlopen): Likewise.
(libc_cv_z_initfirst): Likewise.
* configure: Regenerated.
There is a configure test for the --no-whole-archive linker option.
This option was added in binutils 2.7, so the test is obsolete; this
patch removes it.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_ld_no_whole_archive): Remove configure
test.
* configure: Regenerated.
There is a configure test "for .preinit_array/.init_array/.fini_array
support". Support for this feature was added in binutils 2.13, so the
configure test is obsolete; this patch removes it.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_initfini_array): Remove configure test.
* configure: Regenerated.
There are various configure tests for visibility support in the
compiler and assember.
GCC support for visibility attributes was added in GCC 3.3. I don't
know what specific fix was intended by the test "for broken
__attribute__((visibility())", but it was added by
<https://sourceware.org/ml/libc-hacker/2002-08/msg00030.html>, and GCC
3.3 appears not to have that breakage, so I suspect it was only ever
in development versions before 3.3 was released. The assembler
support was added in binutils 2.10.
This patch removes the tests in question as obsolete. Two tests that
were formerly conditional on "if test $libc_cv_visibility_attribute =
yes", including the one for linker support for protected data, are now
unconditional.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_asm_protected_directive): Remove configure
test.
(libc_cv_visibility_attribute): Likewise.
(libc_cv_protected_data): Test unconditionally.
(libc_cv_broken_visibility_attribute): Remove configure test.
(libc_cv_have_sdata_section): Test unconditionally.
* configure: Regenerated.
Now that GCC 4.7 or later is required to build glibc, this patch moves
the build from using -std=gnu99 to -std=gnu11 (option added in 4.7).
This allows use of C11 features from GCC's headers, such as new
float.h macros and max_align_t.
Tested for x86_64 and x86 (testsuite; installed stripped shared
libraries are unchanged by the patch on x86_64, while I see some
slight code reordering of no significance on x86).
* Makeconfig (CFLAGS): Use -std=gnu11 instead of -std=gnu99.
* Makefile ($(objpfx)c++-types-check.out): Filter out -std=gnu11
instead of -std=gnu99.
* configure.ac (systemtap): Test with -std=gnu11 instead of
-std=gnu99.
* configure: Regenerated.
* math/gen-auto-libm-tests.c: Use -std=gnu11 instead of -std=gnu99
in compilation command in comment.
sysdeps/nptl/configure.ac tests for forced unwind support and the C
cleanup attribute, giving errors if either is unsupported. It does
nothing beyond running those two tests.
Both the attribute, and _Unwind_GetCFA which is used in the forced
unwind test, were added in GCC 3.3. Thus these tests are long
obsolete, and this patch removes the configure fragment running them,
along with associated conditionals.
Tested for x86_64 and x86 (testsuite, and that installed stripped
shared libraries are unchanged by the patch).
* sysdeps/nptl/configure.ac: Remove file.
* sysdeps/nptl/configure: Remove generated file.
* configure.ac (libc_cv_forced_unwind): Do not substitute.
* configure: Regenerated.
* config.h.in (HAVE_FORCED_UNWIND): Remove #undef.
* config.make.in (have-forced-unwind): Remove variable.
* nptl/Makefile [$(have-forced-unwind) = yes]: Make code
unconditional.
* nptl/descr.h [HAVE_FORCED_UNWIND]: Likewise.
* nptl/unwind.c [HAVE_FORCED_UNWIND]: Likewise.
(__pthread_unwind) [!HAVE_FORCED_UNWIND]: Remove conditional code.
* nptl/version.c [HAVE_FORCED_UNWIND]: Make code unconditional.
* sysdeps/nptl/Makefile [$(have-forced-unwind) = yes]: Make code
unconditional.
This patch implements a requirement of GCC 4.7 or later to build
glibc.
This was discussed in the thread starting at
<https://sourceware.org/ml/libc-alpha/2015-08/msg00851.html>.
Concerns were expressed by Mike and David. At
<https://sourceware.org/ml/libc-alpha/2015-10/msg00453.html> I have
provided a 14-patch series showing in outline the cleanups facilitated
by this version requirement, as requested by Mike (this patch is the
first in that series, with the addition of a NEWS entry). Given the
absence of further concerns or alternative proposals for criteria for
updates to this version requirement as requested in
<https://sourceware.org/ml/libc-alpha/2015-10/msg00065.html>, I am
interpreting this as "absence of sustained opposition" under Carlos's
definition at <https://sourceware.org/glibc/wiki/Consensus> and
proposing this patch for inclusion in glibc. I'd like to remind
people testing with 4.6 that if they move to testing with GCC 5 then
it will probably be about four years before they need to update the
compiler they use to test glibc again.
Although on the principles of time-based updates I think a move to
requiring binutils 2.23 would be reasonable, I'm not currently aware
of any cleanups that would facilitate so am not proposing that at this
time (but would expect to propose a move to requiring binutils 2.24 in
a year's time, as that brings features such as AVX512 support that
should allow some conditionals to be cleaned up). If someone thinks a
move to requiring 2.23 would help clean things up for their
architecture, please speak up. (And in general, I suspect there are
lots of architecture-specific configure tests that could be removed on
the basis of current GCC and binutils version requirements, given how
I've found architecture-independent tests obsolete on the basis of
version requirements going back 20 years.)
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_compiler_ok): Require GCC 4.7 or later.
* configure: Regenerated.
* manual/install.texi (Tools for Compilation): Document
requirement for GCC 4.7 or later.
* INSTALL: Regenerated.
There seemed to be support in response to
<https://sourceware.org/ml/libc-alpha/2015-10/msg00510.html> for
removing configure tests that exist only to produce errors, where we
expect that tool versions failing the tests would also fail the tests
of minimum GCC / binutils versions.
This patch removes the tests for TLS support as one instance of such
tests. Since the addition of TLS emulation support in GCC 4.3, I
don't think these tests would have failed even if proper TLS support
(as required by glibc) was missing in that architecture's GCC back
end, so any new glibc ports wanting a substantive test (if there are
actual GCC or binutils versions for those architectures, with
supported version numbers, missing TLS support) would have needed an
architecture-specific test anyway.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_gcc___thread): Remove configure test.
(libc_cv_gcc_tls_model_attr): Likewise.
* configure: Regenerated.
There is a configure test for "whether we need to use -P to assemble
.S files".
I think this test is long obsolete. I don't have a specific reference
to a binutils change or version that obsoleted this test, but: (a) we
only support GNU binutils; (b) it looks like every architecture
supported by glibc has '#' as a line comment character in its gas
port; (c) in any case, if the (compiler, assembler) combination in use
cannot compile a .S file without special options, that would clearly
be a substantially broken combination, which I don't think we need to
allow for at all.
The test in question was added by:
Thu Jan 27 16:46:03 1994 Roland McGrath (roland@churchy.gnu.ai.mit.edu)
* configure.in (asm-CPPFLAGS): Add new check to see if assembling
a .S file loses without -P. If so, set asm-CPPFLAGS=-P in config.make.
This patch removes the test and the reference to this issue in the
comment on the default empty definition of asm-CPPFLAGS. (Various
other settings of asm-CPPFLAGS remain in sysdeps Makefile fragments.)
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_need_minus_P): Remove configure test.
* configure: Regenerated.
* Makeconfig (asm-CPPFLAGS): Remove reference to -P in comment.
There is a configure test for the presence of glibc 2.0 headers (that
were renamed / no longer installed in glibc 2.1) and associated
support for removing them on "make install".
Normal practice for subsequent removal / renaming of installed files
has been not to do anything special about removing them; if you want
installed files from an old installation removed reliably, you need to
use a packaging system that tracks what files were installed by a
previous glibc package (via installing in an intermediate directory
with install_root). I think it's been long enough since 2.0 that it's
not particularly useful to have that special logic for those old
headers either; this patch removes it.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (old_glibc_headers): Remove configure test.
* configure: Regenerated.
* config.make.in (old-glibc-headers): Remove variable.
* Makefile [!$(install_root) && $(old-glibc-headers) = yes]
(install): Remove dependency on remove-old-headers.
(headers2_0): Remove variable.
(remove-old-headers): Remove rule.
There is a configure test for assembler support for the .text
directive.
I suppose this test must have been aimed at some non-ELF platform or
non-GNU assembler. Certainly the GNU assembler has had ELF-specific
architecture-independent handling for .text since version 2.2, and
generic non-ELF-specific support predates that.
This patch removes this test as obsolete.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_dot_text): Remove configure test.
(libc_cv_asm_set_directive): Use .text instead of
${libc_cv_dot_text} in configure test.
* configure: Regenerated.
There is a configure test for assembler support for the
gnu_unique_object symbol type. This support was added in binutils
2.20, so is present in all versions supported for building glibc.
Thus, I think the configure test can be removed; this patch does so.
Now, there is a caveat that the gas NEWS entry refers to this as a
feature for GNU/Linux targets. But the condition is use of
ELFOSABI_GNU or ELFOSABI_NONE. ELFOSABI_GNU covers Hurd as well as
GNU/Linux (as was the case with the older ELFOSABI_LINUX name), and
ELFOSABI_NONE means this is effectively OS-independent. Furthermore,
I think a correct binutils port for any glibc target ought to support
this feature for use with glibc; glibc supports this as an
OS-independent feature (the configure test is only about glibc
testcases).
Tested for x86_64 (testsuite, and that installed shared libraries are
unchanged by the patch).
* configure.ac (libc_cv_asm_unique_object): Remove configure test.
* configure: Regenerated.
* config.h.in (HAVE_ASM_UNIQUE_OBJECT): Remove #undef.
* elf/tst-unique1.c (do_test) [HAVE_ASM_UNIQUE_OBJECT]: Make code
unconditional.
* elf/tst-unique1mod1.c [HAVE_ASM_UNIQUE_OBJECT]: Likewise.
* elf/tst-unique1mod2.c [HAVE_ASM_UNIQUE_OBJECT]: Likewise.
* elf/tst-unique2.c (do_test) [HAVE_ASM_UNIQUE_OBJECT]: Likewise.
(do_test) [!HAVE_ASM_UNIQUE_OBJECT]: Remove conditional code.
* elf/tst-unique2mod1.c [HAVE_ASM_UNIQUE_OBJECT]: Make code
unconditional.
* elf/tst-unique2mod2.c [HAVE_ASM_UNIQUE_OBJECT]: Likewise.
With gcc-4.9, a new -fstack-protector-strong flag is available that is
between -fstack-protector (pretty weak) and -fstack-protector-all (pretty
strong) that provides good trade-offs between overhead but still providing
good coverage. Update the places in glibc that use ssp to use this flag
when it's available.
This also kills off the indirection of hardcoding the flag name in the
Makefiles and adding it based on a have-ssp boolean. Instead, the build
always expands the $(stack-protector) variable to the best ssp setting.
This makes the build logic a bit simpler and allows people to easily set
to a diff flag like:
make stack-protector=-fstack-protector-all
There is a configure test for -fgnu89-inline. This option was added
in GCC 4.2, so the test is obsolete; this patch removes it.
Tested for x86_64 (testsuite, and that installed shared libraries are
unchanged by the patch).
* configure.ac (libc_cv_gnu89_inline): Remove configure test.
* configure: Regenerated.
* config.make.in (gnu89-inline-CFLAGS): Remove variable.
* Makeconfig (CFLAGS): Use -fgnu89-inline instead of
$(gnu89-inline-CFLAGS).
There are configure tests for assembler .weak support, and, as a
fallback, for .weakext support.
.weakext appears to be an ECOFF thing (although a few ELF targets
support it as well). .weak has been supported by the GNU assembler
for ELF targets since version 2.2, so given the requirement for ELF
the configure tests are obsolete; this patch removes them.
Tested for x86_64 (testsuite, and that installed shared libraries are
unchanged by the patch).
* configure.ac (libc_cv_asm_weak_directive): Remove configure
test.
(libc_cv_asm_weakext_directive): Likewise.
* configure: Regenerated.
* config.h.in (HAVE_ASM_WEAK_DIRECTIVE): Remove #undef.
(HAVE_ASM_WEAKEXT_DIRECTIVE): Likewise.
* include/libc-symbols.h
[!HAVE_ASM_WEAK_DIRECTIVE && !HAVE_ASM_WEAKEXT_DIRECTIVE]: Remove
#error.
[HAVE_ASM_WEAKEXT_DIRECTIVE]: Remove conditional code.
[!HAVE_ASM_WEAKEXT_DIRECTIVE]: Make code unconditional.
There is a configure test for the -Bgroup linker option whose results
aren't used anywhere. This patch removes that test.
Tested for x86_64 (testsuite, and that installed shared libraries are
unchanged by the patch).
* configure.ac (libc_cv_Bgroup): Remove configure test.
* configure: Regenerated.
* config.make.in (have-Bgroup): Remove variable.
There is a configure test for sizeof (long double) whose results
aren't used anywhere. This patch removes that test.
Tested for x86_64 (testsuite, and that installed shared libraries are
unchanged by the patch).
* configure.ac (sizeof_long_double): Remove configure test.
* configure: Regenerated.
* config.make.in (sizeof-long-double): Remove variable.
There is a configure test for the assembler .previous directive, and,
as a fallback, for .popsection.
glibc now only supports ELF. For ELF, the GNU assembler has supported
.previous since version 2.2 (support added by
Mon Jul 19 15:21:20 1993 Ken Raeburn (raeburn@rtl.cygnus.com)
* config/obj-elf.c (obj_elf_previous): New function.
(previous_section, previous_subsection): New vars.
(obj_elf_section): Save current place in case DWARF code wants us
to pop back to it. Handle unquoted section name as well as quoted
section name. Don't crash on invalid strings.
(obj_pseudo_table): Handle new pseudos "previous", "2byte", and
"4byte".
). Thus this configure test is obsolete, and this patch removes it
(and with it the fallback .popsection test).
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_asm_previous_directive): Remove configure
test.
(libc_cv_asm_popsection_directive): Likewise.
* configure: Regenerated.
* config.h.in (HAVE_ASM_PREVIOUS_DIRECTIVE): Remove #undef.
(HAVE_ASM_POPSECTION_DIRECTIVE): Likewise.
* include/libc-symbols.h [HAVE_ASM_PREVIOUS_DIRECTIVE]
(__make_section_unallocated): Make definition unconditional.
[HAVE_ASM_POPSECTION_DIRECTIVE] (__make_section_unallocated):
Remove conditional definition.
[!HAVE_ASM_PREVIOUS_DIRECTIVE && !HAVE_ASM_POPSECTION_DIRECTIVE]
(__make_section_unallocated): Likewise.
There is a configure test for -static-libgcc. GCC added this option
in version 3.0, so this test is obsolete; this patch removes it.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_gcc_static_libgcc): Remove configure test.
* configure: Regenerated.
* config.make.in (static-libgcc): Remove variable.
* Makerules (build-shlib-helper): Use -static-libgcc instead of
$(static-libgcc).
(build-module-helper): Likewise.
There is a configure test "for libc-friendly stddef.h", which sets a
makefile variable stddef.h that appears to be nowhere used. It
appears the uses of this variable were removed by:
Tue Feb 21 00:10:50 1995 Roland McGrath <roland@churchy.gnu.ai.mit.edu>
* Makefile (headers): Remove $(stddef.h).
* Makeconfig (stddef.h): Variable removed; now require gcc version
>= 2.2.
* stddef.h: File removed.
(having been added by
Wed May 26 14:44:19 1993 Roland McGrath (roland@churchy.gnu.ai.mit.edu)
* configure.in (autoconf checks): Add new check for a
libc-friendly stddef.h.
so the test was of use for less than two years, before being obsolete
for over 20 years). This patch removes the test.
Tested for x86_64 and x86 (testsuite, and that installed shared
libraries are unchanged by the patch).
* configure.ac (libc_cv_friendly_stddef): Remove configure test.
* configure: Regenerated.
Some distros build+install the timezone tools (zic/zdump/tzselect) outside
of glibc and use the upstream package directly. Add a configure flag to
glibc so they can disable install of those tools.
This allows tests to run & pass regardless of the configure flag. Only
the install of them is impacted.
To support building glibc with GCC 6 configured with --enable-default-pie,
which generates PIE by default, we need to build programs as PIE. But
elf/tst-dlopen-aout must not be built as PIE since it tests dlopen on
ET_EXEC file and PIE is ET_DYN.
[BZ #17841]
* Makeconfig (no-pie-ldflag): New.
(+link): Set to $(+link-pie) if default to PIE.
(+link-tests): Set to $(+link-pie-tests) if default to PIE.
* config.make.in (build-pie-default): New.
* configure.ac (libc_cv_pie_default): New. Set to yes if -fPIE
is default. AC_SUBST.
* configure: Regenerated.
* elf/Makefile (LDFLAGS-tst-dlopen-aout): New.
Installation of libm.so as linker script only in case of libmvec.so build.
2015-05-14 Andrew Senkevich <andrew.n.senkevich@gmail.com>
* Makeconfig (rpath-dirs, all-subdirs): Added mathvec folder.
(libmvec): New variable.
* configure.ac: Added option for mathvec build.
* configure: Regenerated.
* mathvec/Depend: New file.
* mathvec/Makefile: New file.
* shlib-versions: Added libmvec.
* math/Makefile: Added rule for libm.so installation.
Linkers in some versions of binutils 2.25 and 2.26 don't support protected
data symbol with error messsage like:
/usr/bin/ld: copy reloc against protected `bar' is invalid
/usr/bin/ld: failed to set dynamic section sizes: Bad value
We check if linker supports copy reloc against protected data symbol to
avoid running the test if linker is broken.
[BZ #17711]
* config.make.in (have-protected-data): New.
* configure.ac: Check linker support for protected data symbol.
* configure: Regenerated.
* elf/Makefile (modules-names): Add tst-protected1moda and
tst-protected1modb if $(have-protected-data) is yes.
(tests): Add tst-protected1a and tst-protected1b if
$(have-protected-data) is yes.
($(objpfx)tst-protected1a): New.
($(objpfx)tst-protected1b): Likewise.
(tst-protected1modb.so-no-z-defs): Likewise.
* elf/tst-protected1a.c: New file.
* elf/tst-protected1b.c: Likewise.
* elf/tst-protected1mod.h: Likewise.
* elf/tst-protected1moda.c: Likewise.
* elf/tst-protected1modb.c: Likewise.
and revert the corresponding part of ba90e05 which was making the fix
necessary.
* abi-tags: Revert ae20c9a: rename back gnu into gnu-gnu.
* configure.ac, configure: Revert ba90e05: modify gnu-* host_os back
into gnu-gnu, and update comment to refer to abi-tags.
The merge of the latest gettext code introduced changes to the yacc
parser source that are incompatible with versions of bison older
than 2.7. Add a configure check for the appropriate versions and
document the requirement in INSTALL.
ChangeLog:
2014-12-22 Will Newton <will.newton@linaro.org>
* manual/install.texi: Document that we require bison 2.7
or above.
* INSTALL: Regenerate.
* configure.ac: Use AC_CHECK_PROG_VER instead of
AC_PATH_PROG when checking for bison and check for
version 2.7 or above.
* configure: Regenerate.
It seems we require texinfo 4.7 for the --plaintext option, so
document that and check for the correct version in configure.
ChangeLog:
2014-12-15 Will Newton <will.newton@linaro.org>
* manual/install.texi: Bump required version of texinfo
to 4.7 from 4.5.
* INSTALL: Regenerated.
* configure.ac: Check for makeinfo version 4.7 and above.
* configure: Regenerated.
As discussed starting at
<https://sourceware.org/ml/libc-alpha/2014-11/msg00323.html>, this
patch makes the glibc build use -Werror by default to avoid
accidentally adding new warnings to the build. The configure option
--disable-werror can be used to disable this.
-Wno-error=undef is temporarily used because the build isn't clean
regarding -Wundef warnings. The idea is that once the remaining
-Wundef warnings have been cleaned up (in at least one configuration),
-Wno-error=undef will be removed.
I get a clean build and test on x86_64 (GCC 4.9 branch) with this
patch. The expectation is that this may well break the build for some
other configurations, and people seeing such breakage should make
appropriate fixes to fix or suppress the warnings for their
configurations. In some cases that may involve using pragmas as the
right fix (I think that will be right for the -Wno-inline issue for
MIPS I referred to in
<https://sourceware.org/ml/libc-alpha/2012-11/msg00798.html>, for
example), in some cases -Wno-error in sysdeps makefiles (__restore_rt
in MIPS sigaction, for example), in some cases substantive fixes for
the warnings.
Note that if, with a view to listing all the warnings then fixing them
all, you just look for "warning:" in output from building and testing
with --disable-werror, you'll see lots of warnings from the linker
about functions such as tmpnam. Those warnings can be ignored - only
compiler warnings are relevant to -Werror, not linker warnings.
* configure.ac (--disable-werror): New configure option.
(enable_werror): New AC_SUBST.
* configure: Regenerated.
* config.make.in (enable-werror): New variable.
* Makeconfig [$(enable-werror) = yes] (+gccwarn): Add -Werror
-Wno-error=undef.
(+gccwarn-c): Do not use -Werror=implicit-function-declaration.
* manual/install.texi (Configuring and compiling): Document
--disable-werror.
* INSTALL: Regenerated.
* debug/Makefile (CFLAGS-tst-chk1.c): Add -Wno-error.
(CFLAGS-tst-chk2.c): Likewise.
(CFLAGS-tst-chk3.c): Likewise.
(CFLAGS-tst-chk4.cc): Likewise.
(CFLAGS-tst-chk5.cc): Likewise.
(CFLAGS-tst-chk6.cc): Likewise.
(CFLAGS-tst-lfschk1.c): Likewise.
(CFLAGS-tst-lfschk2.c): Likewise.
(CFLAGS-tst-lfschk3.c): Likewise.
(CFLAGS-tst-lfschk4.cc): Likewise.
(CFLAGS-tst-lfschk5.cc): Likewise.
(CFLAGS-tst-lfschk6.cc): Likewise.
As discussed in the thread starting at
<https://sourceware.org/ml/libc-alpha/2014-10/msg00792.html>, and
continuing into November, this patch increases the minimum GCC version
for building glibc to 4.6 (there seemed to be no clear consensus for
4.7). In particular, this allows us to use #pragma GCC diagnostic for
fine-grained warning control with -Werror (subject to establishing a
suitable policy for that use). The documentation has a statement, as
requested, about the most recent GCC version tested for building
glibc, and I've updated <https://sourceware.org/glibc/wiki/Release> to
refer to updating that statement. A NEWS entry is added for this
change, although previous such changes didn't get them.
Tested for x86_64 (testsuite, and that installed shared libraries are
unchanged by this patch).
* configure.ac (libc_cv_compiler_ok): Require GCC 4.6 or later.
* configure: Regenerated.
* manual/install.texi (Tools for Compilation): Document a
requirement of GCC 4.6 or later and that GCC 4.9 is the newest
compiler verified to work.
* INSTALL: Regenerated.
This patch removes the --enable-oldest-abi configure option, which has
long been bitrotten (as reported in bug 6652). The principle of
removing this option was agreed in the thread starting at
<https://sourceware.org/ml/libc-alpha/2013-07/msg00174.html>.
Tested for x86_64 and x86 that the installed shared libraries other
than libc.so are unchanged by this patch and that libc.so disassembly
and symbol versions are unchanged (debug info changes because of
changed line numbers in csu/version.c).
[BZ #6652]
* Makeconfig (soversions-default-setname): Remove variable.
($(common-objpfx)soversions.i): Don't pass default_setname to
soversions.awk.
* Makerules ($(common-objpfx)abi-versions.h): Don't pass
oldest_abi to abi-versions.awk.
* config.h.in (GLIBC_OLDEST_ABI): Remove macro undefine.
* config.make.in (oldest-abi): Remove variable.
* configure.ac (--enable-oldest-abi): Remove configure option.
* configure: Regenerated.
* csu/version.c (banner) [GLIBC_OLDEST_ABI]: Remove conditional
text.
* scripts/abi-versions.awk: Do not handle oldest_abi variable.
* scripts/soversions.awk: Do not handle default_setname variable.
* sysdeps/mach/hurd/configure.ac: Do not handle oldest_abi
variable.
* sysdeps/mach/hurd/configure: Regenerated.
* sysdeps/unix/sysv/linux/configure.ac: Do not handle oldest_abi
variable.
* sysdeps/unix/sysv/linux/configure: Regenerated.
This patch removes the first column (patterns matching configuration
names) from shlib-versions, leaving shlib-versions entry selection
based purely on sysdeps directories.
An implication of this removal is that the default for any non-Linux
ports using NPTL will be the same SONAMEs for NPTL libraries as for
Linux (as those defaults, previously limited to .*-.*-linux.*, are
left in nptl/shlib-versions and nptl_db/shlib-versions).
Special host_os handling in configure.ac that was purely for
shlib-versions is removed. (The host_os setting is still used for
libc-abis - see
<https://sourceware.org/ml/libc-alpha/2014-01/msg00375.html> regarding
that - but no entries there are affected by this change.)
Tested on x86_64 and x86 that the installed shared libraries are
unchanged by this patch.
* scripts/soversions.awk: Do not handle configuration names.
* Makeconfig ($(common-objpfx)soversions.i): Do not pass cpu,
vendor and os variables to soversions.awk.
* configure.ac: Do not modify gnu-* host_os.
* configure: Regenerated
* shlib-versions: Remove first column with configuration names.
* nptl/shlib-versions: Likewise.
* nptl_db/shlib-versions: Likewise.
* sysdeps/hppa/shlib-versions: Likewise.
* sysdeps/m68k/shlib-versions: Likewise.
* sysdeps/mach/hurd/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/aarch64/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/alpha/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/arm/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/hppa/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/ia64/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/m68k/coldfire/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/microblaze/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/mips/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/powerpc/powerpc64/shlib-versions:
Likewise.
* sysdeps/unix/sysv/linux/s390/s390-64/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/sh/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc32/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/tile/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/x86_64/64/shlib-versions: Likewise.
* sysdeps/unix/sysv/linux/x86_64/x32/shlib-versions: Likewise.
libidn/ChangeLog:
* shlib-versions: Remove first column with configuration names.
Older versions of ld on ia64 support __ehdr_start, but generate relocs
when they shouldn't. This causes the ld.so to not run because it tries
to resolve the __ehdr_start symbol (but it's not exported).
This patch removes the configure test for working -z relro.
The use of -z relro in Makeconfig became unconditional with
commit 2e6ab1df44c412bb9d30b26a4d8a679150a7e375
Author: Ulrich Drepper <drepper@redhat.com>
Date: Sat Oct 28 06:44:04 2006 +0000
Remove conditional code which now is unnecessary.
(commit reference from git://repo.or.cz/glibc/history), so since then
the configure test has not controlled anything about how glibc is
built - simply about whether configure succeeds and allows a build to
be attempted. The test for whether the option did something useful
(as opposed to whether it exists - which we can certainly just assume
by now) was originally added in
<https://sourceware.org/ml/libc-hacker/2004-09/msg00069.html> to
disable the option in a case when it did nothing useful on ia64 (as a
result of something deliberate in the linker on ia64). Since 2006
that disabling has been of no effect, and given that the current test
does not set libc_relro_required for ia64, it does nothing whatever
useful for the original motivating case. Also at around the same time
in 2006 the test was made to give an error for missing or broken -z
relro support on various architectures.
So effectively all the test does now is verify that, on certain
architectures, the linker has not been changed deliberately to make
the option ineffective. I see no apparent reason why such a change
should be expected, or why the build should be stopped if it were to
be made (any more than we disallow build on ia64); I think we can
trust binutils patch review to point out the consequences of any
change to COMMONPAGESIZE setting. The only thing that might now make
sense would be disabling the -z relro use on an architecture-specific
basis if there were an architecture-specific reason to consider that
to make sense; it would be for the ia64 maintainer to decide if that
makes sense for ia64 at present, but I think that could be done
through sysdeps Makefiles - no special configure tests needed.
Tested for x86_64 that this patch makes no change to the installed
shared libraries.
Together with
<https://sourceware.org/ml/libc-alpha/2014-06/msg00788.html> (pending
review) this substantially eliminates architecture-specific cases from
architecture-independent configure.ac files. There remains an i386
case in sysdeps/mach/hurd/configure.ac that should properly move to
the i386 subdirectory. (There are also OS-specific cases outside
OS-specific directories; in principle I think should should also
move.)
* configure.ac (libc_commonpagesize): Remove variable.
(libc_relro_required): Likewise.
(libc_cv_z_relro): Remove configure test.
* configure: Regenerated.
* sysdeps/aarch64/preconfigure (libc_commonpagesize): Do not set
variable.
(libc_relro_required): Likewise.
* sysdeps/alpha/preconfigure (libc_commonpagesize): Likewise.
(libc_relro_required): Likewise.
* sysdeps/arm/preconfigure.ac (libc_commonpagesize): Likewise.
(libc_relro_required): Likewise.
* sysdeps/arm/preconfigure: Regenerated.
* sysdeps/ia64/preconfigure: Remove file.
* sysdeps/tile/preconfigure (libc_commonpagesize): Do not set
variable.
(libc_relro_required): Likewise.
This patch removes two powerpc special cases in the main configure.ac.
The test for rs6000 is irrelevant to currently supported
configurations (config.guess reports rs6000 for some OSes, of which
the only one currently supported by GCC is AIX, but not for Linux).
There's no need either for a special case for powerpc*-*soft;
--without-fp suffices, and GCC doesn't have any special handling of
such a triplet.
Not tested.
* configure.ac: Do not test for machine being rs6000. Do not test
for powerpc*-*soft.
* configure: Regenerated.
This patch removes configure tests for assembler CFI support (and
thereby eliminates an architecture-specific case in the main
configure.ac), instead assuming that support is present
unconditionally.
The main test was added in 2003 around the time CFI support was added
to the assembler. cfi_personality and cfi_lsda support were added to
the assembler in 2006. cfi_sections support was added in 2009, a few
weeks before binutils 2.20 was released; it's in 2.20, the minimum
supported version, so even that configure test is obsolete.
Tested x86_64 that the installed shared libraries are unchanged by
this patch.
* configure.ac (libc_cv_asm_cfi_directives): Remove configure
test.
* configure: Regenerated.
* config.h.in (HAVE_ASM_CFI_DIRECTIVES): Remove macro undefine.
* sysdeps/arm/configure.ac (libc_cv_asm_cfi_directive_sections):
Remove configure test.
* sysdeps/arm/configure: Regenerated.
* sysdeps/nptl/configure.ac: Do not check
libc_cv_asm_cfi_directives.
* sysdeps/nptl/configure: Regenerated.
* sysdeps/x86_64/nptl/configure.ac: Remove file.
* sysdeps/x86_64/nptl/configure: Remove generated file.
* b/sysdeps/generic/sysdep.h [HAVE_ASM_CFI_DIRECTIVES]: Make code
unconditional.
[!HAVE_ASM_CFI_DIRECTIVES]: Remove conditional code.
This patch moves the USE_REGPARMS define from the toplevel
configure.ac to sysdeps/i386/configure.ac.
Tested x86 that the disassembly of installed shared libraries is
unchanged by this patch.
* configure.ac (USE_REGPARMS): Don't define here.
* configure: Regenerated.
* sysdeps/i386/configure.ac (USE_REGPARMS): Define here.
* sysdeps/i386/configure: Regenerated.
One piece of architecture-specific code in the main configure.ac is
the powerpc test that can define BROKEN_PPC_ASM_CR0. There's no need
to move this to a sysdeps configure script, or to work out what bug it
was testing in May 1998 to see if it's still relevant, since nothing
in the source tree now uses the results of this test. Thus, this
patch just removes the test in question.
Not tested.
* configure.ac (libc_cv_c_asmcr0_bug): Remove configure test.
* configure: Regenerated.
* config.h.in (BROKEN_PPC_ASM_CR0): Remove macro.
This patch makes non-ex-ports architectures set base_machine and
machine based on the original configured machine value in preconfigure
fragments, like ex-ports architectures, rather than in the toplevel
configure.ac.
Tested x86 that the disassembly of installed shared libraries is
unchanged by the patch.
* configure.ac (base_machine): Do not set specially for particular
machines here.
* configure: Regenerated.
* sysdeps/powerpc/preconfigure: Move machine and base_machine
settings from configure.ac.
* sysdeps/i386/preconfigure: New file.
* sysdeps/s390/preconfigure: Likewise.
* sysdeps/sh/preconfigure: Likewise.
* sysdeps/sparc/preconfigure: Likewise.
Added support for TX lock elision of pthread mutexes on s390 and
s390x. This may improve lock scaling of existing programs on TX
capable systems. The lock elision code is only built with
--enable-lock-elision=yes and then requires a GCC version supporting
the TX builtins. With lock elision default mutexes are elided via
__builtin_tbegin, if the cpu supports transactions. By default lock
elision is not enabled and the elision code is not built.
The SELinux team has indicated to me that glibc's SELinux checks
in nscd are not being carried out as they would expect the API
to be used today. They would like to move away from static header
defines for class and permissions and instead use dynamic checks
at runtime that provide an answer which is dependent on the runtime
status of SELinux i.e. more dynamic.
The following patch is a minimal change that moves us forward in
this direction.
It does the following:
* Stop checking for SELinux headers that define NSCD__SHMEMHOST.
Check only for the presence or absence of the library.
* Don't encode the specific SELinux permission constants into a
table at build time, and instead use the symbolic name for the
permission as expected.
* Lookup the "What do we do if we don't know this permission?"
policy and use that if we find SELinux's policy is older than
the glibc policy e.g. we make a request for a permission that
SELinux doesn't know about.
* Lastly, translate the class and permission and then make
the permission check. This is done every time we lookup
a permission, and this is the expected way to use the API.
SELinux will optimize this for us, and we expect the network
latencies to hide these extra library calls.
Tested on x86, x86-64, and via Fedora Rawhide since November 2013.
See:
https://sourceware.org/ml/libc-alpha/2014-04/msg00179.html
This patch makes the configure adds -D_CALL_ELF=1 when compiler does
not define _CALL_ELF (versions before powerpc64le support). It cleans
up compiler warnings on old compiler where _CALL_ELF is not defined
on powerpc64(be) builds.
It does by add a new config.make variable for configure-deduced
CPPFLAGS and accumulate into that (confix-extra-cppflags). It also
generalizes libc_extra_cflags so it accumulates in sysdeps configure
fragmenets.
Autoconf is tested for and run if needed only when --enable-maintainer-mode
is used on configure. This results in the autom4te.cache directory only
being written in the source directory during configure if automatic
autoconf usage is requested.
Fixes BZ #14120.
Autoconf has been deprecating configure.in for quite a long time.
Rename all our configure.in and preconfigure.in files to .ac.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
http://sourceware.org/ml/libc-alpha/2013-08/msg00096.html
This adds the basic configury bits for powerpc64le and powerpcle.
* configure.in: Map powerpc64le and powerpcle to base_machine/machine.
* configure: Regenerate.
* nptl/shlib-versions: Powerpc*le starts at 2.18.
* shlib-versions: Likewise.
The helper binary pt_chown tricked into granting access to another
user's pseudo-terminal.
Pre-conditions for the attack:
* Attacker with local user account
* Kernel with FUSE support
* "user_allow_other" in /etc/fuse.conf
* Victim with allocated slave in /dev/pts
Using the setuid installed pt_chown and a weak check on whether a file
descriptor is a tty, an attacker could fake a pty check using FUSE and
trick pt_chown to grant ownership of a pty descriptor that the current
user does not own. It cannot access /dev/pts/ptmx however.
In most modern distributions pt_chown is not needed because devpts
is enabled by default. The fix for this CVE is to disable building
and using pt_chown by default. We still provide a configure option
to enable hte use of pt_chown but distributions do so at their own
risk.
Check wheter the compiler has the option -fno-tree-loop-distribute-patterns
to inhibit loop transformation to library calls and uses it on memset
and memmove default implementation to avoid recursive calls.
We no longer support configuring for i386, nor do we
elide such a configuration to i686. Configuring with
i386-* is a failure, and we provide an example of
how to fix that.
---
2013-04-17 Carlos O'Donell <carlos@redhat.com>
* configure.in: Remove i386 configure warning. Remove i386 case.
* configure: Regenerate.
* sysdeps/i386/configure.in: Raise error if config_machine is i386.
Add example to error message.
* sysdeps/i386/configure: Regenerate.
This change does two things:
* Treats a target i386-* as if it were i686.
* Fails configure if the user is generating code
for i386.
We no longer support i386 code-generation because the i386
lacks the atomic operations we need in glibc.
You can still configure for i386-*, but you get i686 code.
You can't build with --march=i386, --mtune=i386 or a compiler
that defaults to i386 code-generation.
I've added two i386 entries in the master todo list to discuss
merging and renaming:
http://sourceware.org/glibc/wiki/Development_Todo/Master#i386
The failure modes are fail-safe here. You compile for i386,
get i686, and try to run on i386 and it fails. The configure
log has a warning saying we elided to i686. There is no situation
that I can see where we run into any serious problems.
The patch makes the current state better in that we get less
confused users and we build successfully in more default
configurations.
The next enhancement would be to add --march=i?86
as suggested in #c20 of BZ#10062 for any i?86-* builds, which
would solve the problem of a 32-bit compiler that defaults to
i386 code-gen and glibc configured for i686-* target. Which
previously failed at build time, and now will fail at configure
time (requires adding --march=i686).
Updated NEWS with BZ #10060 and #10062.
No regressions.
---
2013-04-06 Carlos O'Donell <carlos@redhat.com>
[BZ #10060, #10062]
* aclocal.m4 (LIBC_COMPILER_BUILTIN_INLINED): New macro.
* sysdeps/i386/configure.in: Use LIBC_COMPILER_BUILTIN_INLINED and
fail configure if __sync_val_compare_and_swap is not inlined.
* sysdeps/i386/configure: Regenerate.
* configure.in: Build for i686 when configured for i386.
* configure: Regenerate.
* README: Remove i386 reference.
Stop assuming specific path layouts for C++ headers, and instead
use an autodetection method that looks for paths with '/[cg]++'
in the g++ include list.
The test currently tests the binutils frontend support which passes for
all versions of binutils we currently require (2.20+). It doesn't test
the backend which is required for ifunc to actually work, and which most
targets don't yet support.
Change the assembly code so that when we link it, we get a file that has
ifunc relocations if the backend supports it. That way we can test to
see if binutils supports everything we need.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>