Commit Graph

1688 Commits

Author SHA1 Message Date
H.J. Lu
d8ea0d0168 Add an internal wrapper for clone, clone2 and clone3
The clone3 system call (since Linux 5.3) provides a superset of the
functionality of clone and clone2.  It also provides a number of API
improvements, including the ability to specify the size of the child's
stack area which can be used by kernel to compute the shadow stack size
when allocating the shadow stack.  Add:

extern int __clone_internal (struct clone_args *__cl_args,
			     int (*__func) (void *__arg), void *__arg);

to provide an abstract interface for clone, clone2 and clone3.

1. Simplify stack management for thread creation by passing both stack
base and size to create_thread.
2. Consolidate clone vs clone2 differences into a single file.
3. Call __clone3 if HAVE_CLONE3_WAPPER is defined.  If __clone3 returns
-1 with ENOSYS, fall back to clone or clone2.
4. Use only __clone_internal to clone a thread.  Since the stack size
argument for create_thread is now unconditional, always pass stack size
to create_thread.
5. Enable the public clone3 wrapper in the future after it has been
added to all targets.

NB: Sandbox will return ENOSYS on clone3 in both Chromium:

The following revision refers to this bug:
  218438259d

commit 218438259dd795456f0a48f67cbe5b4e520db88b
Author: Matthew Denton <mpdenton@chromium.org>
Date: Thu Jun 03 20:06:13 2021

Linux sandbox: return ENOSYS for clone3

Because clone3 uses a pointer argument rather than a flags argument, we
cannot examine the contents with seccomp, which is essential to
preventing sandboxed processes from starting other processes. So, we
won't be able to support clone3 in Chromium. This CL modifies the
BPF policy to return ENOSYS for clone3 so glibc always uses the fallback
to clone.

Bug: 1213452
Change-Id: I7c7c585a319e0264eac5b1ebee1a45be2d782303
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2936184
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#888980}

[modify] https://crrev.com/218438259dd795456f0a48f67cbe5b4e520db88b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc

and Firefox:

https://hg.mozilla.org/integration/autoland/rev/ecb4011a0c76

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-07-14 06:33:58 -07:00
Florian Weimer
aaacde11f2 Reduce <limits.h> pollution due to dynamic PTHREAD_STACK_MIN
<limits.h> used to be a header file with no declarations.
GCC's libgomp includes it in a #pragma GCC visibility hidden block.
Including <unistd.h> from <limits.h> (indirectly) declares everything
in <unistd.h> with hidden visibility, resulting in linker failures.

This commit avoids C declarations in assembler mode and only declares
__sysconf in <limits.h> (and not the entire contents of <unistd.h>).
The __sysconf symbol is already part of the ABI.  PTHREAD_STACK_MIN
is no longer defined for __USE_DYNAMIC_STACK_SIZE && __ASSEMBLER__
because there is no possible definition.

Additionally, PTHREAD_STACK_MIN is now defined by <pthread.h> for
__USE_MISC because this is what developers expect based on the macro
name.  It also helps to avoid libgomp linker failures in GCC because
libgomp includes <pthread.h> before its visibility hacks.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-12 18:43:32 +02:00
H.J. Lu
5d98a7dae9 Define PTHREAD_STACK_MIN to sysconf(_SC_THREAD_STACK_MIN)
The constant PTHREAD_STACK_MIN may be too small for some processors.
Rename _SC_SIGSTKSZ_SOURCE to _DYNAMIC_STACK_SIZE_SOURCE.  When
_DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined, define
PTHREAD_STACK_MIN to sysconf(_SC_THREAD_STACK_MIN) which is changed
to MIN (PTHREAD_STACK_MIN, sysconf(_SC_MINSIGSTKSZ)).

Consolidate <bits/local_lim.h> with <bits/pthread_stack_min.h> to
provide a constant target specific PTHREAD_STACK_MIN value.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-09 15:10:35 -07:00
Florian Weimer
7c241325d6 Force building with -fno-common
As a result, is not necessary to specify __attribute__ ((nocommon))
on individual definitions.

GCC 10 defaults to -fno-common on all architectures except ARC,
but this change is compatible with older GCC versions and ARC, too.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-09 20:09:14 +02:00
Adhemerval Zanella
882d6e17bc posix: Add posix_spawn_file_actions_addclosefrom_np
This patch adds a way to close a range of file descriptors on
posix_spawn as a new file action.  The API is similar to the one
provided by Solaris 11 [1], where the file action causes the all open
file descriptors greater than or equal to input on to be closed when
the new process is spawned.

The function posix_spawn_file_actions_addclosefrom_np is safe to be
implemented by iterating over /proc/self/fd, since the Linux spawni.c
helper process does not use CLONE_FILES, so its has own file descriptor
table and any failure (in /proc operation) aborts the process creation
and returns an error to the caller.

I am aware that this file action might be redundant to the current
approach of POSIX in promoting O_CLOEXEC in more interfaces. However
O_CLOEXEC is still not the default and for some specific usages, the
caller needs to close all possible file descriptors to avoid them
leaking.  Some examples are CPython (discussed in BZ#10353) and OpenJDK
jspawnhelper [2] (where OpenJDK spawns a helper process to exactly
closes all file descriptors).  Most likely any environment which calls
functions that might open file descriptor under the hood and aim to use
posix_spawn might face the same requirement.

Checked on x86_64-linux-gnu and i686-linux-gnu on kernel 5.11 and 4.15.

[1] https://docs.oracle.com/cd/E36784_01/html/E36874/posix-spawn-file-actions-addclosefrom-np-3c.html
[2] https://github.com/openjdk/jdk/blob/master/src/java.base/unix/native/libjava/childproc.c#L82
2021-07-08 14:08:15 -03:00
Adhemerval Zanella
607449506f io: Add closefrom [BZ #10353]
The function closes all open file descriptors greater than or equal to
input argument.  Negative values are clamped to 0, i.e, it will close
all file descriptors.

As indicated by the bug report, this is a common symbol provided by
different systems (Solaris, OpenBSD, NetBSD, FreeBSD) and, although
its has inherent issues with not taking in consideration internal libc
file descriptors (such as syslog), this is also a common feature used
in multiple projects [1][2][3][4][5].

The Linux fallback implementation iterates over /proc and close all
file descriptors sequentially.  Although it was raised the questioning
whether getdents on /proc/self/fd might return disjointed entries
when file descriptor are closed; it does not seems the case on my
testing on multiple kernel (v4.18, v5.4, v5.9) and the same strategy
is used on different projects [1][2][3][5].

Also, the interface is set a fail-safe meaning that a failure in the
fallback results in a process abort.

Checked on x86_64-linux-gnu and i686-linux-gnu on kernel 5.11 and 4.15.

[1] 5238e95759/src/basic/fd-util.c (L217)
[2] ddf4b77e11/src/lxc/start.c (L236)
[3] 9e4f2f3a6b/Modules/_posixsubprocess.c (L220)
[4] 5f47c0613e/src/libstd/sys/unix/process2.rs (L303-L308)
[5] https://github.com/openjdk/jdk/blob/master/src/java.base/unix/native/libjava/childproc.c#L82
2021-07-08 14:08:14 -03:00
Adhemerval Zanella
286286283e linux: Add close_range
It was added on Linux 5.9 (278a5fbaed89) with CLOSE_RANGE_CLOEXEC
added on 5.11 (582f1fb6b721f).  Although FreeBSD has added the same
syscall, this only adds the symbol on Linux ports.  This syscall is
required to provided a fail-safe way to implement the closefrom
symbol (BZ #10353).

Checked on x86_64-linux-gnu and i686-linux-gnu on kernel 5.11 and 4.15.
2021-07-08 14:08:13 -03:00
Florian Weimer
f9c8b11ed7 nss: Access nss_files through direct references
This partially fixes static-only NSS support (bug 27959): The files
module no longer needs dlopen.  Support for the dns module remains
to be added, and also support for disabling dlopen altogether.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
6212bb67f4 nss_files: Move into libc
This is the first step towards fixing bug 27959.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
36861a968a nss_files: Add generic code for set*ent, end*ent and file open
This reduces RSS usage if nss_files is not actually used, and can
be used later to make NSS data thread-specific.  It also results in
a small code size reduction.

Before:

   text	   data	    bss	    dec	    hex	filename
   2288	      0	     72	   2360	    938	nss/files-alias.os
   1807	      0	     72	   1879	    757	nss/files-ethers.os
   1371	      0	     72	   1443	    5a3	nss/files-grp.os
   6246	      0	     72	   6318	   18ae	nss/files-hosts.os
    869	      0	      0	    869	    365	nss/files-initgroups.os
    666	      0	      0	    666	    29a	nss/files-init.os
   1934	      0	      0	   1934	    78e	nss/files-netgrp.os
   2353	      0	     72	   2425	    979	nss/files-network.os
   2130	      0	     72	   2202	    89a	nss/files-proto.os
   1372	      0	     72	   1444	    5a4	nss/files-pwd.os
   2124	      0	     72	   2196	    894	nss/files-rpc.os
   2265	      0	     72	   2337	    921	nss/files-service.os
   1125	      0	     72	   1197	    4ad	nss/files-sgrp.os
   1124	      0	     72	   1196	    4ac	nss/files-spwd.os

After:

   text	   data	    bss	    dec	    hex	filename
   2040	      0	      0	   2040	    7f8	nss/files-alias.os
   1599	      0	      0	   1599	    63f	nss/files-ethers.os
   1155	      0	      0	   1155	    483	nss/files-grp.os
   6010	      0	      0	   6010	   177a	nss/files-hosts.os
    869	      0	      0	    869	    365	nss/files-initgroups.os
    666	      0	      0	    666	    29a	nss/files-init.os
   1934	      0	      0	   1934	    78e	nss/files-netgrp.os
   2129	      0	      0	   2129	    851	nss/files-network.os
   1914	      0	      0	   1914	    77a	nss/files-proto.os
   1156	      0	      0	   1156	    484	nss/files-pwd.os
   1908	      0	      0	   1908	    774	nss/files-rpc.os
   2057	      0	      0	   2057	    809	nss/files-service.os
    909	      0	      0	    909	    38d	nss/files-sgrp.os
    908	      0	      0	    908	    38c	nss/files-spwd.os
   1090	      0	      8	   1098	    44a	nss/nss_files_data.os

27674 code bytes before, 26344 code bytes after, so it is an overall
win despite the extra initialization code.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
7fcdb53253 libio: Replace internal _IO_getdelim symbol with __getdelim
__getdelim is exported, _IO_getdelim is not.  Add a hidden prototype
for __getdelim.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
771473a8c4 libio: Add hidden prototype for ungetc
And make ungetc the primary symbol, with _IO_ungetc as an alias.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
c4ec8cab07 inet: Add hidden prototype for __inet_network
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 18:33:52 +02:00
Florian Weimer
7a5db2e82f elf: Clean up GLIBC_PRIVATE exports of internal libdl symbols
They are no longer needed after everything has been moved into
libc.  The _dl_vsym test has to be removed because the symbol
cannot be used outside libc anymore.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-07-07 08:41:24 +02:00
Florian Weimer
dbb949f53d resolv: Move libanl into libc (if libpthread is in libc)
The symbols gai_cancel, gai_error, gai_suspend, getaddrinfo_a,
__gai_suspend_time64 were moved using scripts/move-symbol-to-libc.py.

For Hurd (which remains !PTHREAD_IN_LIBC), a few #define redirects
had to be added because several pthread functions are not available
under __.  (Linux uses __ prefixes for most hidden aliases, and has
to in some cases to avoid linknamespace issues.)
2021-07-02 11:45:00 +02:00
Stefan Liebler
ba436665b1 Fix extra PLT reference in libc.so due to __glob64_time64 if build with gcc 7.5 on 32bit.
Starting with recent commit 84f7ce8447
"posix: Add glob64 with 64-bit time_t support", elf/check-localplt
fails due to extra PLT reference __glob64_time64 in __glob64_time64
itself.

This is observable with gcc 7.5 on x86_64 with -m32 or s390x with
-m31.  E.g. if build with gcc 10, gcc is generating a call to
__glob64_time64.localalias.

This patch is adding a hidden version of __glob64_time64 in the
same way as for __globfree64_time64.
2021-07-01 16:46:59 +02:00
Florian Weimer
734c60ebb6 login: Move libutil into libc
The symbols forkpty, login, login_tty, logout, logwtmp, openpty
were moved using scripts/move-symbol-to-libc.py.

This is a single commit because most of the symbols are tied together
via forkpty, for example.

Several changes to use hidden prototypes are needed.  This commit
also updates pseudoterminal terminology on modified lines.

For 390 (31-bit), this commit follows the existing style for the
compat symbol version creation.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-30 08:43:37 +02:00
Florian Weimer
98164ba55d login: Rework hidden prototypes for __setutent, __utmpname, __endutent
Replace attribute_hidden with a regular combination of
libc_hidden_proto and libc_hidden_def.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-30 07:28:27 +02:00
Florian Weimer
8d1f854d60 login: Hidden prototypes for _getpt, __ptsname_r, grantpt, unlockpt
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-30 07:28:12 +02:00
Florian Weimer
477910b83e Linux: Move timer_settime, __timer_settime64 from librt to libc
The symbols were moved using scripts/move-symbol-to-libc.py.

The way the ABI intransition is implemented is changed with this
commit: the implementation is now consolidated in one file with a
TIMER_T_WAS_INT_COMPAT check.

The shared librt is now empty, so this commit adds a placeholder
symbol at the base version, GLIBC_2.2, and potentially at the
GLIBC_2.3.3 version as well (the leftover from the int/timer_t ABI
transition).

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-28 09:51:01 +02:00
Florian Weimer
a1d6ed027b Linux: Move timer_gettime, __timer_gettime64 from librt to libc
The symbols were moved using scripts/move-symbol-to-libc.py.

The way the ABI intransition is implemented is changed with this
commit: the implementation is now consolidated in one file with a
TIMER_T_WAS_INT_COMPAT check.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-28 09:51:01 +02:00
Shen-Ta Hsieh
447954a206 math: redirect roundeven function
This patch redirect roundeven function for futhermore changes.

Signed-off-by: Shen-Ta Hsieh <ibmibmibm.tw@gmail.com>
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2021-06-27 07:56:57 -07:00
Florian Weimer
5b3a2abfb3 Linux: Move mq_send, mq_timedsend, __mq_timedsend_time64 to libc
The symbols were moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerva Zanella  <adhemerval.zanella@linaro.org>
2021-06-25 12:21:12 +02:00
Florian Weimer
903e6f9960 Linux: Move mq_receive, mq_timedreceive, __mq_timedreceive_time64 to libc
The symbols were moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerva Zanella  <adhemerval.zanella@linaro.org>
2021-06-25 12:21:12 +02:00
Florian Weimer
2da5f22fff Linux: Move mq_notify from librt to libc
The symbol was moved using scripts/move-symbol-to-libc.py.

An explicit call from fork into the mq_notify implementation replaces
the previous use of pthread_atfork.

Reviewed-by: Adhemerva Zanella  <adhemerval.zanella@linaro.org>
2021-06-25 12:20:47 +02:00
Florian Weimer
a752cb670a Linux: Move mq_setattr from librt to libc
The symbol was moved using scripts/move-symbol-to-libc.py.

To introduce the proper symbol versioning, the implementation of
the system call wrapper us moved to a C file.

Reviewed-by: Adhemerva Zanella  <adhemerval.zanella@linaro.org>
2021-06-25 12:19:58 +02:00
Florian Weimer
32e750516c Linux: Move aio_suspend, aio_suspend64, __aio_suspend_time64 to libc
The symbols were moved using scripts/move-symbol-to-libc.py.

There is a minor oddity here: This is generic code shared with Hurd,
and Hurd does not have time64 support.  This is why the
versioned_symbol export for __aio_suspend_time64 is restricted to
the PTHREAD_IN_LIBC code.

Reviewed-by: Adhemerva Zanella  <adhemerval.zanella@linaro.org>
2021-06-25 11:55:27 +02:00
Adhemerval Zanella
9a75654037 posix: Consolidate fork implementation
The Linux nptl implementation is used as base for generic fork
implementation to handle the internal locks and mutexes.  The
system specific bits are moved a new internal _Fork symbol.

(This new implementation will be used to provide a async-signal-safe
_Fork now that POSIX has clarified that fork might not be
async-signal-safe [1]).

For Hurd it means that the __nss_database_fork_prepare_parent and
__nss_database_fork_subprocess will be run in a slight different
order.

[1] https://austingroupbugs.net/view.php?id=62
2021-06-24 10:02:06 -03:00
Adhemerval Zanella
4c3df0eba5 linux: Only use 64-bit syscall if required for select
For !__ASSUME_TIME64_SYSCALLS there is no need to issue a 64-bit syscall
if the provided timeout fits in a 32-bit one.  The 64-bit usage should
be rare since the timeout is a relative one.  This also avoids the need
to use supports_time64() (which breaks the usage case of live migration
like CRIU or similar).

It also fixes an issue on 32-bit select call for !__ASSUME_PSELECT
(microblase with older kernels only) where the expected timeout
is a 'struct timeval' instead of 'struct timespec'.

Checked on i686-linux-gnu on a 4.15 kernel and on a 5.11 kernel
(with and without --enable-kernel=5.1) and on x86_64-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2021-06-22 12:09:52 -03:00
Adhemerval Zanella
52a5fe70a2 Use 64 bit time_t stat internally
For the legacy ABI with supports 32-bit time_t it calls the 64-bit
time directly, since the LFS symbols calls the 64-bit time_t ones
internally.

Checked on i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2021-06-22 12:09:52 -03:00
Florian Weimer
412b05fec9 Add hidden prototypes for fsync, fdatasync
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-22 09:51:14 +02:00
Adhemerval Zanella
19873b18b0 io: Add ftw64 with 64-bit time_t support
Similar to fts, ftw routines passes a stat pointer that might
differ of size and layout when 64-bit time API is used.

Checked on i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-06-15 10:42:11 -03:00
Adhemerval Zanella
70961aee18 io: Add fts64 with 64-bit time_t support
Similar to glob, fts routines passes a stat pointer that might
differ of size and layout when 64-bit time API is used.

Checked on i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-06-15 10:42:11 -03:00
Adhemerval Zanella
84f7ce8447 posix: Add glob64 with 64-bit time_t support
The glob might pass a different stat struct for gl_stat and gl_lstat
when GLOB_ALTDIRFUNC is used.  This requires add a new 64-bit time
version that also uses 64-bit time stat functions.

Checked on i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-06-15 10:42:11 -03:00
Adhemerval Zanella
47f24c21ee y2038: Add support for 64-bit time on legacy ABIs
A new build flag, _TIME_BITS, enables the usage of the newer 64-bit
time symbols for legacy ABI (where 32-bit time_t is default).  The 64
bit time support is only enabled if LFS (_FILE_OFFSET_BITS=64) is
also used.

Different than LFS support, the y2038 symbols are added only for the
required ABIs (armhf, csky, hppa, i386, m68k, microblaze, mips32,
mips64-n32, nios2, powerpc32, sparc32, s390-32, and sh).  The ABIs with
64-bit time support are unchanged, both for symbol and types
redirection.

On Linux the full 64-bit time support requires a minimum of kernel
version v5.1.  Otherwise, the 32-bit fallbacks are used and might
results in error with overflow return code (EOVERFLOW).

The i686-gnu does not yet support 64-bit time.

This patch exports following rediretions to support 64-bit time:

  * libc:
    adjtime
    adjtimex
    clock_adjtime
    clock_getres
    clock_gettime
    clock_nanosleep
    clock_settime
    cnd_timedwait
    ctime
    ctime_r
    difftime
    fstat
    fstatat
    futimens
    futimes
    futimesat
    getitimer
    getrusage
    gettimeofday
    gmtime
    gmtime_r
    localtime
    localtime_r
    lstat_time
    lutimes
    mktime
    msgctl
    mtx_timedlock
    nanosleep
    nanosleep
    ntp_gettime
    ntp_gettimex
    ppoll
    pselec
    pselect
    pthread_clockjoin_np
    pthread_cond_clockwait
    pthread_cond_timedwait
    pthread_mutex_clocklock
    pthread_mutex_timedlock
    pthread_rwlock_clockrdlock
    pthread_rwlock_clockwrlock
    pthread_rwlock_timedrdlock
    pthread_rwlock_timedwrlock
    pthread_timedjoin_np
    recvmmsg
    sched_rr_get_interval
    select
    sem_clockwait
    semctl
    semtimedop
    sem_timedwait
    setitimer
    settimeofday
    shmctl
    sigtimedwait
    stat
    thrd_sleep
    time
    timegm
    timerfd_gettime
    timerfd_settime
    timespec_get
    utime
    utimensat
    utimes
    utimes
    wait3
    wait4

  * librt:
    aio_suspend
    mq_timedreceive
    mq_timedsend
    timer_gettime
    timer_settime

  * libanl:
    gai_suspend

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-06-15 10:42:11 -03:00
Adhemerval Zanella
8af344feb5 time: Add 64-bit time support for getdate
The getdate is basically a wrapper localtime and mktime.  The 64-bit
time support is done calling the 64-bit internal functions, there is
no need to add a new symbol version.

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-06-15 10:42:11 -03:00
Adhemerval Zanella
13c51549e2 linux: Add fallback for 64-bit time_t SO_TIMESTAMP{NS}
The recvmsg handling is more complicated because it requires check the
returned kernel control message and make some convertions.  For
!__ASSUME_TIME64_SYSCALLS it converts the first 32-bit time SO_TIMESTAMP
or SO_TIMESTAMPNS and appends it to the control buffer if has extra
space or returns MSG_CTRUNC otherwise.  The 32-bit time field is kept
as-is.

Calls with __TIMESIZE=32 will see the converted 64-bit time control
messages as spurious control message of unknown type.  Calls with
__TIMESIZE=64 running on pre-time64 kernels will see the original
message as a spurious control ones of unknown typ while running on
kernel with native 64-bit time support will only see the time64 version
of the control message.

Checked on x86_64-linux-gnu and i686-linux-gnu (on 5.4 and on 4.15
kernel).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-06-15 10:42:06 -03:00
Adhemerval Zanella
f779b1efb3 nptl: Implement raise in terms of pthread_kill
Now that pthread_kill is provided by libc.so it is possible to
implement the generic POSIX implementation as
'pthread_kill(pthread_self(), sig)'.

For Linux implementation, pthread_kill read the targeting TID from
the TCB.  For raise, this it not possible because it would make raise
fail when issue after vfork (where creates the resulting process
has a different TID from the parent, but its TCB is not updated as
for pthread_create).  To make raise use pthread_kill, it is make
usable from vfork by getting the target thread id through gettid
syscall.

Checked on x86_64-linux-gnu and aarch64-linux-gnu.
2021-06-09 15:16:45 -03:00
Florian Weimer
466c1ea15f dlfcn: Rework static dlopen hooks
Consolidate all hooks structures into a single one.  There are
no static dlopen ABI concerns because glibc 2.34 already comes
with substantial ABI-incompatible changes in this area.  (Static
dlopen requires the exact same dynamic glibc version that was used
for static linking.)

The new approach uses a pointer to the hooks structure into
_rtld_global_ro and initalizes it in __rtld_static_init.  This avoids
a back-and-forth with various callback functions.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 09:12:05 +02:00
Florian Weimer
6f1c701026 dlfcn: Cleanups after -ldl is no longer required
This commit removes the ELF constructor and internal variables from
dlfcn/dlfcn.c.  The file now serves the same purpose as
nptl/libpthread-compat.c, so it is renamed to dlfcn/libdl-compat.c.
The use of libdl-shared-only-routines ensures that libdl.a is empty.

This commit adjusts the test suite not to use $(libdl).  The libdl.so
symbolic link is no longer installed.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 09:11:45 +02:00
Florian Weimer
0c1c3a771e dlfcn: Move dlopen into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 08:26:04 +02:00
Florian Weimer
add8d7ea01 dlfcn: Move dlvsym into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 08:26:04 +02:00
Florian Weimer
6dfc0207eb dlfcn: Move dlinfo into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 08:26:04 +02:00
Florian Weimer
492560a32e dlfcn: Move dladdr1 into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 08:26:04 +02:00
Florian Weimer
6a1ed32789 dlfcn: Move dlmopen into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 08:26:04 +02:00
Florian Weimer
77f876c0e3 dlfcn: Move dlsym into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

In elf/Makefile, remove the $(libdl) dependency from testobj1.so
because it the unused libdl DSO now causes elf/tst-unused-deps to
fail.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 08:26:04 +02:00
Florian Weimer
602252b553 dlfcn: Move dladdr into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 08:26:04 +02:00
Florian Weimer
d8cce17d2a dlfcn: Move dlclose into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-03 08:26:04 +02:00
Florian Weimer
a23c28ec0d dlfcn: Move dlerror into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

There is a minor functionality enhancement: dlerror now sets
errno if it was set as part of the exception.  (This is the result
of using %m in asprintf, to avoid the strerror PLT call.) The
previous errno value upon function return was unpredictable.
Documenting this as a feature is premature; we need to make sure
that the error codes are meaningful when they are set by the dynamic
loader.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-02 09:06:10 +02:00
Joseph Myers
858045ad1c Update floating-point feature test macro handling for C2X
ISO C2X has made some changes to the handling of feature test macros
related to features from the floating-point TSes, and to exactly what
such features are present in what headers, that require corresponding
changes in glibc.

* For the few features that were controlled by
  __STDC_WANT_IEC_60559_BFP_EXT__ (and the corresponding DFP macro) in
  C2X, there is now instead a new feature test macro
  __STDC_WANT_IEC_60559_EXT__ covering both binary and decimal FP.
  This controls CR_DECIMAL_DIG in <float.h> (provided by GCC; I
  implemented support for the new feature test macro for GCC 11) and
  the totalorder and payload functions in <math.h>.  C2X no longer
  says anything about __STDC_WANT_IEC_60559_BFP_EXT__ (so it's
  appropriate for that macro to continue to enable exactly the
  features from TS 18661-1).

* The SNAN macros for each floating-point type have moved to <float.h>
  (and been renamed in the process).  Thus, the copies in <math.h>
  should only be defined for __STDC_WANT_IEC_60559_BFP_EXT__, not for
  C2X.

* The fmaxmag and fminmag functions have been removed (replaced by new
  functions for the new min/max operations in IEEE 754-2019).  Thus
  those should also only be declared for
  __STDC_WANT_IEC_60559_BFP_EXT__.

* The _FloatN / _FloatNx handling for the last two points in glibc is
  trickier, since __STDC_WANT_IEC_60559_TYPES_EXT__ is still in C2X
  (the integration of TS 18661-3 as an Annex, that is, which hasn't
  yet been merged into the C standard git repository but has been
  accepted by WG14), so C2X with that macro should not declare some
  things that are declared for older standards with that macro.  The
  approach taken here is to provide the declarations (when
  __STDC_WANT_IEC_60559_TYPES_EXT__ is enabled) only when (defined
  __USE_GNU || !__GLIBC_USE (ISOC2X)), so if C2X features are enabled
  then those declarations (that are only in TS 18661-3 and not in C2X)
  will only be provided if _GNU_SOURCE is defined as well.  Thus
  _GNU_SOURCE remains a superset of the TS features as well as of C2X.

Some other somewhat related changes in C2X are not addressed here.
There's an open proposal not to include the fmin and fmax functions
for the _FloatN / _FloatNx types, given the new min/max operations,
which could be handled like the previous point if adopted.  And the
fromfp functions have been changed to return a result in floating type
rather than intmax_t / uintmax_t; my inclination there is to treat
that like that change of totalorder type (new symbol versions etc. for
the ABI change; old versions become compat symbols and are no longer
supported as an API).

Tested for x86_64 and x86.
2021-06-01 14:22:06 +00:00
H.J. Lu
94bc766ec6 Add cast_to_pointer to cast an integer to void * pointer 2021-05-22 05:09:15 -07:00
Florian Weimer
f47f1d91af nptl: Move pthread_create, thrd_create into libc
The symbols were moved using scripts/move-symbol-to-libc.py.

The libpthread placeholder symbols need some changes because some
symbol versions have gone away completely.  But
__errno_location@@GLIBC_2.0 still exists, so the GLIBC_2.0 version
is still there.

The internal __pthread_create symbol now points to the correct
function, so the sysdeps/nptl/thrd_create.c override is no longer
necessary.

There was an issue how the hidden alias of pthread_getattr_default_np
was defined, so this commit cleans up that aspects and removes the
GLIBC_PRIVATE export altogether.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-21 22:35:00 +02:00
Samuel Thibault
4d4bb451d5 hurd: Add execveat 2021-05-18 09:36:00 +00:00
Joseph Myers
e5ac7bd679 Add C2X timespec_getres
ISO C2X adds a timespec_getres function alongside the C11
timespec_get, with functionality similar to that of POSIX clock_getres
(including allowing a NULL pointer to be passed to the function).
Implement this function for glibc, similarly to the implementation of
timespec_get.

This includes a basic test like that of timespec_get, but no
documentation in the manual, given that TIME_UTC and timespec_get
aren't documented in the manual at all.  The handling of 64-bit time
follows that in timespec_get; people maintaining patch series for
64-bit time will need to update them accordingly (to export
__timespec_getres64, redirect calls in time.h and run the test for
_TIME_BITS=64).

Tested for x86_64 and x86, and (previous version; only testcase
differs) with build-many-glibcs.py.
2021-05-17 20:55:21 +00:00
Martin Sebor
c1760eaf3b Enable support for GCC 11 -Wmismatched-dealloc.
To help detect common kinds of memory (and other resource) management
bugs, GCC 11 adds support for the detection of mismatched calls to
allocation and deallocation functions.  At each call site to a known
deallocation function GCC checks the set of allocation functions
the former can be paired with and, if the two don't match, issues
a -Wmismatched-dealloc warning (something similar happens in C++
for mismatched calls to new and delete).  GCC also uses the same
mechanism to detect attempts to deallocate objects not allocated
by any allocation function (or pointers past the first byte into
allocated objects) by -Wfree-nonheap-object.

This support is enabled for built-in functions like malloc and free.
To extend it beyond those, GCC extends attribute malloc to designate
a deallocation function to which pointers returned from the allocation
function may be passed to deallocate the allocated objects.  Another,
optional argument designates the positional argument to which
the pointer must be passed.

This change is the first step in enabling this extended support for
Glibc.
2021-05-16 15:21:18 -06:00
Érico Nogueira
05ae46ee7a linux: implement ttyname as a wrapper around ttyname_r.
Big win in binary size and avoids duplicating the logic in multiple
places.

On x86_64, dropped from 1883206 to 1881790, a 1416 byte decrease.

Also changed logic to track if ttyname_buf has been allocated by
checking if it's NULL instead of tracking buflen as an additional
variable.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-07 13:56:02 -03:00
Adhemerval Zanella
903bc7dcc2 linux: Use sched_getaffinity for __get_nprocs (BZ #27645)
Both the sysfs and procfs parsing (through GET_NPROCS_PARSER) are
removed in favor the syscall.  The initial scratch buffer should
fit to most of the common usage (1024 bytes with maps to 8192 CPUs).

Checked on x86_64-linux-gnu and aarch64-linux-gnu.
2021-05-07 13:54:09 -03:00
Florian Weimer
f1af331c4e nptl: Move pthread_barrier_init into libc
The symbol was moved using scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-06 15:56:37 +02:00
Florian Weimer
0b7d48d106 nptl: Move sem_close, sem_open into libc
The symbols were moved using move-symbol-to-libc.py.

Both functions are moved at the same time because they depend
on internal functions in sysdeps/pthread/sem_routines.c, which
are moved in this commit as well.  Additional hidden prototypes
are required to avoid check-localplt failures.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-05-05 17:19:38 +02:00
Florian Weimer
fada901819 dlfcn: dlerror needs to call free from the base namespace [BZ #24773]
Calling free directly may end up freeing a pointer allocated by the
dynamic loader using malloc from libc.so in the base namespace using
the allocator from libc.so in a secondary namespace, which results in
crashes.

This commit redirects the free call through GLRO and the dynamic
linker, to reach the correct namespace.  It also cleans up the dlerror
handling along the way, so that pthread_setspecific is no longer
needed (which avoids triggering bug 24774).
2021-04-21 19:49:51 +02:00
Florian Weimer
1d95b035c7 nptl: Move __pthread_unwind_next into libc
It's necessary to stub out __libc_disable_asynccancel and
__libc_enable_asynccancel via rtld-stubbed-symbols because the new
direct references to the unwinder result in symbol conflicts when the
rtld exception handling from libc is linked in during the construction
of librtld.map.

unwind-forcedunwind.c is merged into unwind-resume.c.  libc now needs
the functions that were previously only used in libpthread.

The GLIBC_PRIVATE exports of __libc_longjmp and __libc_siglongjmp are
no longer needed, so switch them to hidden symbols.

The symbol __pthread_unwind_next has been moved using
scripts/move-symbol-to-libc.py.

Reviewed-by: Adhemerva Zanella  <adhemerval.zanella@linaro.org>
2021-04-21 19:49:50 +02:00
Fangrui Song
cd6ae7ea54 Set the retain attribute on _elf_set_element if CC supports [BZ #27492]
So that text_set_element/data_set_element/bss_set_element defined
variables will be retained by the linker.

Note: 'used' and 'retain' are orthogonal: 'used' makes sure the variable
will not be optimized out; 'retain' prevents section garbage collection
if the linker support SHF_GNU_RETAIN.

GNU ld 2.37 and LLD 13 will support -z start-stop-gc which allow C
identifier name sections to be GCed even if there are live
__start_/__stop_ references.

Without the change, there are some static linking problems, e.g.
_IO_cleanup (libio/genops.c) may be discarded by ld --gc-sections, so
stdout is not flushed on exit.

Note: GCC may warning 'retain' attribute ignored while __has_attribute(retain)
is 1 (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99587).

Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2021-04-16 11:26:39 -07:00
Adhemerval Zanella
9d7c5cc38e linux: Normalize and return timeout on select (BZ #27651)
The commit 2433d39b69, which added time64 support to select, changed
the function to use __NR_pselect6 (or __NR_pelect6_time64) on all
architectures.  However, on architectures where the symbol was
implemented with __NR_select the kernel normalizes the passed timeout
instead of return EINVAL.  For instance, the input timeval
{ 0, 5000000 } is interpreted as { 5, 0 }.

And as indicated by BZ #27651, this semantic seems to be expected
and changing it results in some performance issues (most likely
the program does not check the return code and keeps issuing
select with unormalized tv_usec argument).

To avoid a different semantic depending whether which syscall the
architecture used to issue, select now always normalize the timeout
input.  This is a slight change for some ABIs (for instance aarch64).

Checked on x86_64-linux-gnu and i686-linux-gnu.
2021-04-12 18:38:37 -03:00
Adhemerval Zanella
4c8cb283ec nptl: Remove pwrite from libpthread
The libc version is identical and built with same flags, it is also
uses as the default version.

Checked on x86_64-linux-gnu.
2021-03-26 13:37:18 -03:00
Adhemerval Zanella
dd795c6c24 nptl: Remove pread from libpthread
The libc version is identical and built with same flags, it is also
uses as the default version.

Checked on x86_64-linux-gnu.
2021-03-26 13:37:18 -03:00
Adhemerval Zanella
c5c3588475 nptl: Remove lseek from libpthread
The libc version is identical and built with same flags.  The libc
version is set as the default version.

The libpthread compat symbol requires to mask it when building the
loader object otherwise ld might complain about a missing
versioned symbol (as for alpha).

Checked on x86_64-linux-gnu.
2021-03-26 13:36:17 -03:00
Adhemerval Zanella
4d2e9ef806 Add OTHER_SHLIB_COMPAT
It is similar to SHLIB_COMPAT, but allows to check versions from
other libraries.  It is used to move compat symbol from other libraries
to libc.
2021-03-26 13:36:16 -03:00
Szabolcs Nagy
0ae773bba0 malloc: Move MTAG_MMAP_FLAGS definition
This is only used internally in malloc.c, the extern declaration
was wrong, __mtag_mmap_flags has internal linkage.

Reviewed-by: DJ Delorie <dj@redhat.com>
2021-03-26 11:03:06 +00:00
Florian Weimer
0923f74ada Support for multiple versions in versioned_symbol, compat_symbol
This essentially folds compat_symbol_unique functionality into
compat_symbol.

This change eliminates the need for intermediate aliases for defining
multiple symbol versions, for both compat_symbol and versioned_symbol.
Some binutils versions do not suport multiple versions per symbol on
some targets, so aliases are automatically introduced, similar to what
compat_symbol_unique did.  To reduce symbol table sizes, a configure
check is added to avoid these aliases if they are not needed.

The new mechanism works with data symbols as well as function symbols,
due to the way an assembler-level redirect is used.  It is not
compatible with weak symbols for old binutils versions, which is why
the definition of __malloc_initialize_hook had to be changed.  This
is not a loss of functionality because weak symbols do not matter
to dynamic linking.

The placeholder symbol needs repeating in nptl/libpthread-compat.c
now that compat_symbol is used, but that seems more obvious than
introducing yet another macro.

A subtle difference was that compat_symbol_unique made the symbol
global automatically.  compat_symbol does not do this, so static
had to be removed from the definition of
__libpthread_version_placeholder.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-03-25 12:33:02 +01:00
Florian Weimer
3a24ddeab5 Change how the symbol_version_reference macro is defined
A subsequent change will require including <config.h> for defining
symbol_version_reference.  <libc-symbol.h> should not include
<config.h> for _ISOMAC, so it cannot define symbol_version_reference
anymore, but symbol_version_reference is needed <shlib-compat.h> even
for _ISOMAC.  Moving the definition of symbol_version_reference to a
separate file <libc-symver.h> makes it possible to use a single
definition for both cases.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-03-25 11:06:56 +01:00
Adhemerval Zanella
2b47727c68 posix: Consolidate register-atfork
Both htl and nptl uses a different data structure to implement atfork
handlers.  The nptl one was refactored by 27761a1042 to use a dynarray
which simplifies the code.

This patch moves the nptl one to be the generic implementation and
replace Hurd linked one.  Different than previous NPTL, Hurd also uses
a global lock, so performance should be similar.

Checked on x86_64-linux-gnu, i686-linux-gnu, and with a build for
i686-gnu.
2021-03-12 10:19:22 -03:00
Florian Weimer
36f6e40884 <shlib-compat.h>: Support compat_symbol_reference for _ISOMAC
This is helpful for testing compat symbols in cases where _ISOMAC
is activated implicitly due to -DMODULE_NAME=testsuite and cannot
be disabled easily.
2021-03-09 21:07:24 +01:00
Adhemerval Zanella
52f527d6f1 linux: Consolidate statvfs implementations
There is no need to handle ENOSYS on fstatfs64 call, required only
for alpha (where is already fallbacks to fstatfs).

Checked on x86_64-linux-gnu.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-02-11 08:00:41 -03:00
Adhemerval Zanella
1bfbaf7130 linux: Consolidate fstatfs implementations
The __NR_fstatfs64 syscall is supported on all architectures but
aarch64, mips64, riscv64, and x86_64.  And newer ABIs also uses
the new fstatfs64 interface (where the struct size is used as
first argument).

So the default implementation now uses:

  1. __NR_fstatfs64 for non-LFS call and handle overflow directly
     There is no need to handle __NR_fstatfs since all architectures
     that only support are LFS only.

  2. __NR_fstatfs if defined or __NR_fstatfs64 otherwise for LFS
     call.

Alpha is the only outlier, it is a 64-bit architecture which
provides non-LFS interface and only provides __NR_fstatfs64 on
newer kernels (5.1+).

Checked on x86_64-linux-gnu.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-02-11 07:58:31 -03:00
Xiaoming Ni
e604a5e4bb setrlimit/getrlimit: Use __nonnull to avoid null pointer
Add __nonnull((2)) to the setrlimit()/getrlimit() function declaration
to avoid null pointer access.

-----
v2
  According to the suggestions of the Adhemerval Zanella and Zack Weinberg:
    use __nonnull() to check null pointers in the compilation phase.
    do not add pointer check code to setrlimit()/getrlimit().
    The validity of the "resource" parameter is checked in the syscall.
v1
  https://public-inbox.org/libc-alpha/20201230114131.47589-1-nixiaoming@huawei.com/
-----
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-02-10 08:36:17 -03:00
Florian Weimer
e9fed2438a linux: Require /dev/shm as the shared memory file system
Previously, glibc would pick an arbitrary tmpfs file system from
/proc/mounts if /dev/shm was not available.  This could lead to
an unsuitable file system being picked for the backing storage for
shm_open, sem_open, and related functions.

This patch introduces a new function, __shm_get_name, which builds
the file name under the appropriate (now hard-coded) directory.  It is
called from the various shm_* and sem_* function.  Unlike the
SHM_GET_NAME macro it replaces, the callers handle the return values
and errno updates.  shm-directory.c is moved directly into the posix
subdirectory because it can be implemented directly using POSIX
functionality.  It resides in libc because it is needed by both
librt and nptl/htl.

In the sem_open implementation, tmpfname is initialized directly
from a string constant.  This happens to remove one alloca call.

Checked on x86_64-linux-gnu.
2021-02-08 14:10:42 -03:00
H.J. Lu
6c57d32048 sysconf: Add _SC_MINSIGSTKSZ/_SC_SIGSTKSZ [BZ #20305]
Add _SC_MINSIGSTKSZ for the minimum signal stack size derived from
AT_MINSIGSTKSZ, which is the minimum number of bytes of free stack
space required in order to gurantee successful, non-nested handling
of a single signal whose handler is an empty function, and _SC_SIGSTKSZ
which is the suggested minimum number of bytes of stack space required
for a signal stack.

If AT_MINSIGSTKSZ isn't available, sysconf (_SC_MINSIGSTKSZ) returns
MINSIGSTKSZ.  On Linux/x86 with XSAVE, the signal frame used by kernel
is composed of the following areas and laid out as:

 ------------------------------
 | alignment padding          |
 ------------------------------
 | xsave buffer               |
 ------------------------------
 | fsave header (32-bit only) |
 ------------------------------
 | siginfo + ucontext         |
 ------------------------------

Compute AT_MINSIGSTKSZ value as size of xsave buffer + size of fsave
header (32-bit only) + size of siginfo and ucontext + alignment padding.

If _SC_SIGSTKSZ_SOURCE or _GNU_SOURCE are defined, MINSIGSTKSZ and SIGSTKSZ
are redefined as

/* Default stack size for a signal handler: sysconf (SC_SIGSTKSZ).  */
 # undef SIGSTKSZ
 # define SIGSTKSZ sysconf (_SC_SIGSTKSZ)

/* Minimum stack size for a signal handler: SIGSTKSZ.  */
 # undef MINSIGSTKSZ
 # define MINSIGSTKSZ SIGSTKSZ

Compilation will fail if the source assumes constant MINSIGSTKSZ or
SIGSTKSZ.

The reason for not simply increasing the kernel's MINSIGSTKSZ #define
(apart from the fact that it is rarely used, due to glibc's shadowing
definitions) was that userspace binaries will have baked in the old
value of the constant and may be making assumptions about it.

For example, the type (char [MINSIGSTKSZ]) changes if this #define
changes.  This could be a problem if an newly built library tries to
memcpy() or dump such an object defined by and old binary.
Bounds-checking and the stack sizes passed to things like sigaltstack()
and makecontext() could similarly go wrong.
2021-02-01 11:00:52 -08:00
Adhemerval Zanella
9826b03b74 Prepare for glibc 2.33 release
Update version.h, features.h, and ChangeLog.old/ChangeLog.22.
2021-02-01 14:15:33 -03:00
Szabolcs Nagy
df359a25ba Revert "Make libc symbols hidden in static PIE" [BZ #27237]
This reverts commit 2682695e5c.
Fixes bug 27237.

That commit turned out to be too intrusive affecting crt files, test
system and benchmark files.  They should not be affected, but the
build system does not set the MODULE_NAME and LIBC_NONSHARED reliably.
2021-01-27 09:44:19 +00:00
Adhemerval Zanella
46c1c765d1 Revert "linux: Move {f}xstat{at} to compat symbols" for static build
This reverts commit 20b39d5946 for static
library.  This avoids the need to rebuild the world for the case where
libstdc++ (and potentially other libraries) are linked to a old glibc.

To avoid requering to provide xstat symbols for newer ABIs (such as
riscv32) a new LIB_COMPAT macro is added.  It is similar to SHLIB_COMPAT
but also works for static case (thus evaluating similar to SHLIB_COMPAT
for both shared and static case).

Checked with a check-abi on all affected ABIs. I also check if the
static library does contains the xstat symbols.
2021-01-21 14:11:53 -03:00
Szabolcs Nagy
2682695e5c Make libc symbols hidden in static PIE
Hidden visibility can avoid indirections and RELATIVE relocs in
static PIE libc.

The check should use IS_IN_LIB instead of IS_IN(libc) since all
symbols are defined locally in static PIE and the optimization is
useful in all libraries not just libc. However the test system
links objects from libcrypt.a into dynamic linked test binaries
where hidden visibility does not work.  I think mixing static and
shared libc components in the same binary should not be supported
usage, but to be safe only use hidden in libc.a.

On some targets (i386) this optimization cannot be applied because
hidden visibility PIE ifunc functions don't work, so it is gated by
NO_HIDDEN_EXTERN_FUNC_IN_PIE.

From -static-pie linked 'int main(){}' this shaves off 71 relative
relocs on aarch64 and reduces code size by about 2k.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-01-21 15:55:17 +00:00
Adhemerval Zanella
448a256359 malloc: Add scratch_buffer_dupfree
It returns a copy of the buffer up to a defined size.  It will be used
on realpath sync with gnulib.
2021-01-05 11:33:16 -03:00
Adhemerval Zanella
47f4316095 Import filename.h from gnulib
And use to simplify stdlib/canonicalize.c implementation.
2021-01-05 11:33:16 -03:00
Adhemerval Zanella
ef8c78a6c6 Import idx.h from gnulib
And use to simplify stdlib/canonicalize.c implementation.
2021-01-05 11:33:16 -03:00
Adhemerval Zanella
11b2858bd1 Sync intprops.h with gnulib
It sync with gnulib commit 43ee1a6bf.

Checked on x86_64-linux-gnu.
2021-01-04 08:42:04 -03:00
Paul Eggert
2b778ceb40 Update copyright dates with scripts/update-copyrights
I used these shell commands:

../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")

and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
2021-01-02 12:17:34 -08:00
Siddhesh Poyarekar
2a3224c536 string: Enable __FORTIFY_LEVEL=3
This change enhances fortified string functions to use
__builtin_dynamic_object_size under _FORTIFY_SOURCE=3 whenever the
compiler supports it.
2020-12-31 16:55:21 +05:30
Siddhesh Poyarekar
c43c579612 Introduce _FORTIFY_SOURCE=3
Introduce a new _FORTIFY_SOURCE level of 3 to enable additional
fortifications that may have a noticeable performance impact, allowing
more fortification coverage at the cost of some performance.

With llvm 9.0 or later, this will replace the use of
__builtin_object_size with __builtin_dynamic_object_size.

__builtin_dynamic_object_size
-----------------------------

__builtin_dynamic_object_size is an LLVM builtin that is similar to
__builtin_object_size.  In addition to what __builtin_object_size
does, i.e. replace the builtin call with a constant object size,
__builtin_dynamic_object_size will replace the call site with an
expression that evaluates to the object size, thus expanding its
applicability.  In practice, __builtin_dynamic_object_size evaluates
these expressions through malloc/calloc calls that it can associate
with the object being evaluated.

A simple motivating example is below; -D_FORTIFY_SOURCE=2 would miss
this and emit memcpy, but -D_FORTIFY_SOURCE=3 with the help of
__builtin_dynamic_object_size is able to emit __memcpy_chk with the
allocation size expression passed into the function:

void *copy_obj (const void *src, size_t alloc, size_t copysize)
{
  void *obj = malloc (alloc);
  memcpy (obj, src, copysize);
  return obj;
}

Limitations
-----------

If the object was allocated elsewhere that the compiler cannot see, or
if it was allocated in the function with a function that the compiler
does not recognize as an allocator then __builtin_dynamic_object_size
also returns -1.

Further, the expression used to compute object size may be non-trivial
and may potentially incur a noticeable performance impact.  These
fortifications are hence enabled at a new _FORTIFY_SOURCE level to
allow developers to make a choice on the tradeoff according to their
environment.
2020-12-31 16:55:21 +05:30
Siddhesh Poyarekar
2a08b6e833 Warn on unsupported fortification levels
Make the _FORTIFY_SOURCE macro soup in features.h warn about
unsupported fortification levels.  For example, it will warn about
_FORTIFY_SOURCE=3 and over with an indication of which level has been
selected.

Co-authored-by: Paul Eggert <eggert@cs.ucla.edu>
2020-12-31 16:55:21 +05:30
Richard Earnshaw
3784dfc098 malloc: Basic support for memory tagging in the malloc() family
This patch adds the basic support for memory tagging.

Various flavours are supported, particularly being able to turn on
tagged memory at run-time: this allows the same code to be used on
systems where memory tagging support is not present without neededing
a separate build of glibc.  Also, depending on whether the kernel
supports it, the code will use mmap for the default arena if morecore
does not, or cannot support tagged memory (on AArch64 it is not
available).

All the hooks use function pointers to allow this to work without
needing ifuncs.

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-12-21 15:25:25 +00:00
Florian Weimer
e7570f4131 Replace __libc_multiple_libcs with __libc_initial flag
Change sbrk to fail for !__libc_initial (in the generic
implementation).  As a result, sbrk is (relatively) safe to use
for the __libc_initial case (from the main libc).  It is therefore
no longer necessary to avoid using it in that case (or updating the
brk cache), and the __libc_initial flag does not need to be updated
as part of dlmopen or static dlopen.

As before, direct brk system calls on Linux may lead to memory
corruption.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-12-16 15:13:40 +01:00
H.J. Lu
3c1fe20a9f Mark __libc_freeres_fn as used [BZ #27002]
GCC 11 with

commit 6fbec038f7a7ddf29f074943611b53210d17c40c
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Mon Feb 3 11:55:43 2020 -0800

    Use SHF_GNU_RETAIN to preserve symbol definitions

places used symbols in SECTION_RETAIN sections if assembler supports it.
Mark __libc_freeres_fn as used to avoid

gconv_dl.c: In function 'free_mem':
gconv_dl.c:191:1: error: 'do_release_all' without 'used' attribute and 'free_mem' with 'used' attribute are placed in a section with the same name [-Werror=attributes]
  191 | do_release_all (void *nodep)
      | ^~~~~~~~~~~~~~
In file included from <command-line>:
gconv_dl.c:202:18: note: 'free_mem' was declared here
  202 | libc_freeres_fn (free_mem)
      |                  ^~~~~~~~
./../include/libc-symbols.h:316:15: note: in definition of macro 'libc_freeres_fn'
  316 |   static void name (void)
      |               ^~~~
cc1: all warnings being treated as errors
2020-12-16 04:40:12 -08:00
Stefan Liebler
4b2e40a925 Handle out-of-memory case in svc_tcp.c/svc_unix.c:rendezvous_request.
If glibc is build with -O3 on at least 390 (-m31) or x86 (-m32),
gcc 11 dumps this warning:
svc_tcp.c: In function 'rendezvous_request':
svc_tcp.c:274:3: error: 'memcpy' offset [0, 15] is out of the bounds [0, 0] [-Werror=array-bounds]
  274 |   memcpy (&xprt->xp_raddr, &addr, sizeof (addr));
      |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

In out-of-memory case, if one of the mallocs in makefd_xprt function
returns NULL, a message is dumped, makefd_xprt returns NULL
and the subsequent memcpy would copy to NULL.

Instead of a segfaulting, we delay a bit (see also __svc_accept_failed
and Bug 14889 (CVE-2011-4609) - svc_run() produces high cpu usage when
accept() fails with EMFILE (CVE-2011-4609).

The same applies to svc_unix.c.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-12-10 11:11:20 +01:00
Joseph Myers
224b419d1e Make strtoimax, strtoumax, wcstoimax, wcstoumax into aliases
The functions strtoimax, strtoumax, wcstoimax, wcstoumax currently
have three implementations each (wordsize-32, wordsize-64 and dummy
implementation in stdlib/ using #error), defining the functions as
thin wrappers round corresponding *_internal functions.  Simplify the
code by changing them into aliases of functions such as strtol and
wcstoull.  This is more consistent with how e.g. imaxdiv is handled.

Tested for x86_64 and x86.
2020-12-08 18:15:27 +00:00
Lukasz Majewski
47f78f3683 y2038: Convert gai_suspend to support 64 bit time
This change uses (in gai_misc.h):
- __futex_abstimed_wait64 (instead of futex_reltimed_wait)
- __futex_abstimed_wait_cancellable64
    	(instead of futex_reltimed_wait_cancellable)
        from ./sysdeps/nptl/futex-helpers.h

The gai_suspend() accepts relative timeout, which then is converted to
absolute one.

The i686-gnu port (HURD) do not define DONT_NEED_GAI_MISC_COND and as it
doesn't (yet) support 64 bit time it uses not converted
pthread_cond_timedwait().

The __gai_suspend() is supposed to be run on ports with __TIMESIZE !=64 and
__WORDSIZE==32. It internally utilizes __gai_suspend_time64() and hence the
conversion from 32 bit struct timespec to 64 bit one is required.

For ports supporting 64 bit time the __gai_suspend_time64() will be used
either via alias (to __gai_suspend when __TIMESIZE==64) or redirection
(when -D_TIME_BITS=64 is passed).

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2020-12-04 10:04:38 +01:00
Lukasz Majewski
94551be902 symbols: Add defines for libanl's libanl_hidden_{def|proto}
The __gai_suspend_time64, which supports 64 bit time on ports with
__WORDSIZE == 32 && __TIMESIZE != 64, shall be exported from libanl
(the same library from which original gai_suspend is exported).

Up till now there were no defines for this library. This commit adds
them.
2020-12-04 10:04:38 +01:00
Lukasz Majewski
cc5d5852c6 y2038: Convert aio_suspend to support 64 bit time
The aio_suspend function has been converted to support 64 bit time.

This change uses (in aio_misc.h):
- __futex_abstimed_wait64 (instead of futex_reltimed_wait)
- __futex_abstimed_wait_cancellable64
	(instead of futex_reltimed_wait_cancellable)
    from ./sysdeps/nptl/futex-helpers.h

The aio_suspend() accepts relative timeout, which then is converted to
absolute one.

The i686-gnu port (HURD) do not define DONT_NEED_AIO_MISC_COND and as it
doesn't (yet) support 64 bit time it uses not converted
pthread_cond_timedwait().

The __aio_suspend() is supposed to be run on ports with __TIMESIZE !=64 and
__WORDSIZE==32. It internally utilizes __aio_suspend_time64() and hence the
conversion from 32 bit struct timespec to 64 bit one is required.

For ports supporting 64 bit time the __aio_suspend_time64() will be used
either via alias (to __aio_suspend when __TIMESIZE==64) or redirection
(when -D_TIME_BITS=64 is passed).

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-11-30 14:08:44 +01:00
Adhemerval Zanella
01bd62517c Remove tls.h inclusion from internal errno.h
The tls.h inclusion is not really required and limits possible
definition on more arch specific headers.

This is a cleanup to allow inline functions on sysdep.h, more
specifically on i386 and ia64 which requires to access some tls
definitions its own.

No semantic changes expected, checked with a build against all
affected ABIs.
2020-11-13 12:59:19 -03:00
Samuel Thibault
85741f7eba hurd: Move {,f,l}xstat{,at} and xmknod{at} to compat symbols
We do not actually need them, so we can move their implementations
into the standard {,f,l}stat{,at} variants and only keep compatibility
wrappers.
2020-11-11 23:56:56 +00:00
Samuel Thibault
3d3316b1de hurd: keep only required PLTs in ld.so
We need NO_RTLD_HIDDEN because of the need for PLT calls in ld.so.
See Roland's comment in
https://sourceware.org/bugzilla/show_bug.cgi?id=15605
"in the Hurd it's crucial that calls like __mmap be the libc ones
instead of the rtld-local ones after the bootstrap phase, when the
dynamic linker is being used for dlopen and the like."

We used to just avoid all hidden use in the rtld ; this commit switches to
keeping only those that should use PLT calls, i.e. essentially those defined in
sysdeps/mach/hurd/dl-sysdep.c:

__assert_fail
__assert_perror_fail
__*stat64
_exit

This fixes a few startup issues, notably the call to __tunable_get_val that is
made before PLTs are set up.
2020-11-11 02:36:22 +01:00
Florian Weimer
562ef5e69e misc: Add internal __getauxval2 function
The explicit error return value (without in-band signaling) avoids
complicated steps to detect errors based on whether errno has been
updated.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2020-10-27 16:34:37 +01:00
Adhemerval Zanella
5d8aa97da2 time: Add 64-bit time_t support for ftime
It basically calls the 64-bit __clock_gettime64 and adds the overflow
check.

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-27 09:54:50 -03:00
Adhemerval Zanella
30a0b167d3 Reinstate ftime and add deprecate message on ftime usage
This patch revert "Move ftime to a compatibility symbol" (commit
14633d3e56).

Checked on x86_64-linux-gnu and i686-linux-gnu.
2020-10-27 09:54:13 -03:00
Adhemerval Zanella
ab5ee31e14 Move vtimes to a compatibility symbol
I couldn't pinpoint which standard has added it, but no other POSIX
system supports it and/or no longer provide it.  The 'struct vtimes'
also has a lot of drawbacks due its limited internal type size.

I couldn't also see find any project that actually uses this symbol,
either in some dignostic way (such as sanitizer).  So I think it should
be safer to just move to compat symbol, instead of deprecated.  The
idea it to avoid new ports to export such broken interface (riscv32
for instance).

Checked on x86_64-linux-gnu and i686-linux-gnu.
2020-10-19 16:44:20 -03:00
Lukasz Majewski
75c4044b9a y2038: linux: Provide __time64 implementation
In the glibc the time function can use vDSO (on power and x86 the
USE_IFUNC_TIME is defined), time syscall or 'default' time() from
./time/time.c (as a fallback).

In this patch the last function (time) has been refactored and moved
to ./sysdeps/unix/sysv/linux/time.c to be Linux specific.

The new __time64 explicit 64 bit function for providing 64 bit value of
seconds after epoch (by internally calling __clock_gettime64) has been
introduced.

Moreover, a 32 bit version - __time has been refactored to internally
use __time64.

The __time is now supposed to be used on systems still supporting 32 bit
time (__TIMESIZE != 64) - hence the necessary check for time_t potential
overflow.

The iFUNC vDSO direct call optimization has been removed from both i686 and
powerpc32 (USE_IFUNC_TIME is not defined for those architectures
anymore). The Linux kernel does not provide a y2038 safe implementation of
time neither it plans to provide it in the future, __clock_gettime64
should be used instead. Keeping support for this optimization would require
to handle another build permutation (!__ASSUME_TIME64_SYSCALLS &&
USE_IFUNC_TIME which adds more complexity and has limited use (since the
idea is to eventually have a y2038 safe glibc build).

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
https://github.com/lmajewski/meta-y2038 and run tests:
https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as
without to test proper usage of both __time64 and __time.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-10-19 16:01:37 +02:00
Adhemerval Zanella
30d2e4a963 linux: Add __readdir_unlocked
And use it on readdir_r implementation.

Checked on i686-linux-gnu.
2020-10-16 14:19:23 -03:00
Adhemerval Zanella
4b962c9e85 linux: Simplify opendir buffer allocation
The fallback allocation is removed, so the possible size constraint
should be analyzed just once; __alloc_dir assumes that 'statp'
argument is non-null, and the max_buffer_size move to close its
used.

Checked on x86_64-linux-gnu and i686-linux-gnu.
2020-10-16 14:19:23 -03:00
Adhemerval Zanella
f1ed4d4c2c linux: Add 64-bit time_t support for wait3
It basically calls the 64-bit time_t wait4 internal symbol.

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-16 14:19:23 -03:00
Adhemerval Zanella
14633d3e56 Move ftime to a compatibility symbol
It was made deprecated on 2.31, so it moves to compat symbol after
two releases.  It was also removed from exported symbol for riscv32
(since ABI will be supported on for 2.33).

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-16 14:19:23 -03:00
Lukasz Majewski
af79ed5fb6 y2038: Remove not used __fstatat_time64 define
This define is only present in the ./include/sys/stat.h file. As it is not
used in any other place it is eligible to be removed.
2020-10-15 09:35:53 +02:00
Adhemerval Zanella
81b83ff61f linux: Move xmknod{at} to compat symbols
It also decouple mknod{at} from xmknod{at}.  The riscv32 ABI was added
on 2.33, so it is safe to remove the old __xmknot{at} symbols and just
provide the newer mknod{at} ones.

Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-09 17:02:07 -03:00
Adhemerval Zanella
aa03f722f3 linux: Add {f}stat{at} y2038 support
A new struct __stat{64}_t64 type is added with the required
__timespec64 time definition.  Only LFS is added, 64-bit time with
32-bit offsets is not supposed to be supported (no existing glibc
configuration supports such a combination).  It is done with an extra
__NR_statx call plus a conversion to the new __stat{64}_t64 type.
The statx call is done only for 32-bit time_t ABIs.

Internally some extra routines to copy from/to struct stat{64}
to struct __stat{64} used on multiple implementations (stat, fstat,
lstat, and fstatat) are added on a extra implementation
(stat_t64_cp.c).  Alse some extra routines to copy from statx to
__stat{64} is added on statx_cp.c.

Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-09 17:02:07 -03:00
Adhemerval Zanella
6073bae64c linux: Disentangle fstatat from fxstatat
It implements all the required syscall for the all Linux kABIS on
fstatat{64} instead of calling fxstatat{64}.

On non-LFS implementation, it handles 3 cases:

  1. New kABIs which uses generic pre 64-bit time Linux ABI (csky and
     nios): it issues __NR_fstat64 plus handle the overflow on st_ino,
     st_size, or st_blocks.

  2. Old KABIs with old non-LFS support (arm, i386, hppa, m68k,
     microblaze, mips32, s390, sh, powerpc, and sparc32): it issues
     __NR_fstatat64 and convert the result to struct stat.

  3. 64-bit kABI outliers (mips64 and mips64-n32): it issues
     __NR_newfstatat and convert the result to struct stat.

The generic LFS implementation handles multiple cases:

  1. XSTAT_IS_XSTAT64 being 1:

    1.1. 64-bit kABI (aarch64, ia64, powerpc64*, s390x, riscv64, and
         x86_64): it issues __NR_newfstatat.

    1.2. 64-bit kABI outlier (alpha): it issues __NR_fstatat64.

    1.3. 64-bit kABI outlier where struct stat64 does not match kernel
         one (sparc64): it issues __NR_fstatat64 and convert the result
         to struct stat64.

    1.4. 32-bit kABI with default 64-bit time_t (arc, riscv32): it
         issues __NR_statx and convert the result to struct stat64.

  2. Old ABIs with XSTAT_IS_XSTAT64 being 0:

    2.1. All kABIs with non-LFS support (arm, csky, i386, hppa, m68k,
         microblaze, nios2, sh, powerpc32, and sparc32): it issues
         __NR_fstatat64.

    2.2. 64-bit kABI outliers (mips64 and mips64-n32): it issues
         __NR_newfstatat and convert the result to struct stat64.

It allows to remove all the hidden definitions from the {f,l}xstat{64}
(some are still kept because Hurd requires it).

Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-09 17:02:06 -03:00
Adhemerval Zanella
589260cef8 Remove mknod wrapper functions, move them to symbols
This patch removes the mknod and mknodat static wrapper and add the
symbols on the libc with the expected names.

Both the prototypes of the internal symbol linked by the static
wrappers and the inline redirectors are also removed from the installed
sys/stat.h header file.  The wrapper implementation license LGPL
exception is also removed since it is no longer statically linked to
binaries.

Internally the _STAT_VER* definitions are moved to the arch-specific
xstatver.h file.

Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-09 17:02:06 -03:00
Adhemerval Zanella
8ed005daf0 Remove stat wrapper functions, move them to exported symbols
This patch removes the stat, stat64, lstat, lstat64, fstat, fstat64,
fstatat, and fstatat64 static wrapper and add the symbol on the libc
with the expected names.

Both the prototypes of the internal symbol linked by the static
wrappers and the inline redirectors are also removed from the installed
sys/stat.h header file.  The wrapper implementation license LGPL
exception is also removed since it is no longer statically linked to
binaries.

Internally the _STAT_VER* definitions are moved to a arch-specific
xstatver.h file.  The internal defines that redirects internals
{f}stat{at} to their {f}xstat{at} counterparts are removed for Linux
(!NO_RTLD_HIDDEN).  Hurd still requires them since {f}stat{at} pulls
extra objects that makes the loader build fail otherwise (I haven't
dig into why exactly).

Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-09 17:02:06 -03:00
Florian Weimer
50b1b7a390 elf: Make __rtld_env_path_list and __rtld_search_dirs global variables
They have been renamed from env_path_list and rtld_search_dirs to
avoid linknamespace issues.

This change will allow future use these variables in diagnostics.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-10-08 17:12:28 +02:00
Florian Weimer
72d36ffd7d elf: Implement __rtld_malloc_is_complete
In some cases, it is difficult to determine the kind of malloc
based on the execution context, so a function to determine that
is helpful.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-10-08 11:00:42 +02:00
Joseph Myers
19302b27bd Fix GCC 11 -Warray-parameter warning for __sigsetjmp (bug 26647)
This patch fixes part of bug 26647 (-Werror=array-parameter error
building with GCC 11 because of __sigsetjmp being declared using an
array parameter in one header and a pointer parameter in another).

The fix is to split the struct __jmp_buf_tag definition out to a
separate bits/types/ header so it can be included in pthread.h, so
that pthread.h can declare __sigsetjmp with the type contents visible,
so can use an array (as in setjmp.h) rather than a pointer in the
declaration.

Note that several other build failures with GCC 11 remain.  This does
not fix the jmp_buf-related -Wstringop-overflow errors (also discussed
in bug 26647), or -Warray-parameter errors for other functions (bug
26686), or -Warray-bounds errors (bug 26687).

Tested, with older compilers, natively for x86_64 and with
build-many-glibc.py for aarch64-linux-gnu.  Tested with
build-many-glibcs.py with GCC mainline for aarch64-linux-gnu that this
gets past the -Warray-parameter issue for __sigsetjmp (with the next
build failure being the other one discussed in bug 26647).
2020-10-05 16:46:46 +00:00
Adhemerval Zanella
b16f282cb0 linux: Add time64 recvmmsg support
The wire-up syscall __NR_recvmmsg_time64 (for 32-bit) or
__NR_recvmmsg (for 64-bit) is used as default.  The 32-bit fallback
is used iff __ASSUME_TIME64_SYSCALLS is not defined, which assumes the
kernel ABI provides either __NR_socketcall or __NR_recvmmsg
(32-bit time_t).

It does not handle the timestamps on ancillary data (SCM_TIMESTAMPING
records).

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2020-09-28 17:28:39 -03:00
Adhemerval Zanella
c3a020eedd linux: Add time64 support for nanosleep
It uses __clock_nanosleep64 and adds the __nanosleep64 symbol.

Checked on x86_64-linux-gnu and i686-linux-gnu (on 5.4 and on 4.15
kernel).

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2020-09-28 16:22:03 -03:00
Adhemerval Zanella
94a83d8667 linux: Add time64 sigtimedwait support
The syscall __NR_sigtimedwait_time64 (for 32-bit) or __NR_sigtimedwait
(for 64-bit) is used as default.  The 32-bit fallback is used iff
__ASSUME_TIME64_SYSCALLS is not defined, which assumes the kernel ABI
provides either __NR_rt_sigtimedwait (32-bit time_t).

Checked on x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2020-09-28 16:21:51 -03:00
Adhemerval Zanella
2433d39b69 linux: Add time64 select support
The syscall __NR_pselect6_time64 (32-bit) or __NR_pselect6 (64-bit)
is used as default.  For architectures with __ASSUME_TIME64_SYSCALLS
the 32-bit fallback uses __NR_select/__NR__newselect or __NR_pselect6
(it should cover the microblaze case where older kernels do not
provide __NR_pselect6).

Checked on x86_64-linux-gnu and i686-linux-gnu (on 5.4 and on 4.15
kernel).

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2020-09-28 16:21:48 -03:00
Adhemerval Zanella
a92f4e6299 linux: Add time64 pselect support
The syscall __NR_pselect6_time64 (32-bit) or __NR_pselect6 (64-bit)
is used as default.  For architectures with __ASSUME_TIME64_SYSCALLS
the 32-bit fallback uses __NR_pselec6.

To accomodate microblaze missing pselect6 support on kernel older
than 3.15 the fallback is moved to its own function to the microblaze
specific implementation can override it.

Checked on x86_64-linux-gnu and i686-linux-gnu (on 5.4 and on 4.15
kernel).

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2020-09-11 16:20:49 -03:00
Adhemerval Zanella
04986243d1 Remove internal usage of extensible stat functions
It replaces the internal usage of __{f,l}xstat{at}{64} with the
__{f,l}stat{at}{64}.  It should not change the generate code since
sys/stat.h explicit defines redirections to internal calls back to
xstat* symbols.

Checked with a build for all affected ABIs.  I also check on
x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-09-11 14:35:32 -03:00
Joseph Myers
e5baabf57b Add C2x BOOL_MAX and BOOL_WIDTH to limits.h.
C2x adds BOOL_MAX and BOOL_WIDTH macros to <limits.h>.  This patch
adds them to glibc's <limits.h> for the case when they aren't defined
by GCC's <limits.h>.

Tested for x86_64.
2020-08-19 22:46:41 +00:00
Paul Eggert
7279f0a282 Sync intprops.h from Gnulib
* include/intprops.h: Sync from Gnulib.  This improves
performance of INT_MULTIPLY_WRAPV on recent GCC, which affects
glibc only in the support library.
2020-08-04 22:58:58 -07:00
Carlos O'Donell
3de512be7e Prepare for glibc 2.32 release.
Update version.h, features.h, and ChangeLog.old/ChangeLog.21.
2020-08-04 22:17:00 -04:00
Florian Weimer
ec2f1fddf2 libio: Remove __libc_readline_unlocked
__nss_readline supersedes it.  This reverts part of commit
3f5e3f5d06 ("libio: Implement
internal function __libc_readline_unlocked").  The internal
aliases __fseeko64 and __ftello64 are preserved because
they are needed by __nss_readline as well.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:34:50 +02:00
Florian Weimer
bdee910e88 nss: Add __nss_fgetent_r
And helper functions __nss_readline, __nss_readline_seek,
 __nss_parse_line_result.

This consolidates common code for handling overlong lines and
parse files.  Use the new functionality in internal_getent
in nss/nss_files/files-XXX.c.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:33:50 +02:00
Florian Weimer
d4b4586315 libio: Add fseterr_unlocked for internal use
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:33:42 +02:00
Florian Weimer
9980bf0b30 nss_files: Use generic result pointer in parse_line
As a result, all parse_line functions have the same prototype, except
for that producing struct hostent.  This change is ABI-compatible, so
it does not alter the internal GLIBC_PRIVATE ABI (otherwise we should
probably have renamed the exported functions).

A future change will use this to implement a generict fget*ent_r
function.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:33:33 +02:00
Florian Weimer
e9b2340998 nss_files: Consolidate line parse declarations in <nss_files.h>
These functions should eventually have the same type, so it makes
sense to declare them together.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:33:20 +02:00
Florian Weimer
299210c1fa nss_files: Consolidate file opening in __nss_files_fopen
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:32:46 +02:00
Florian Weimer
76b8442db5 Move <rpc/netdb.h> from sunrpc to inet
Restore <rpc/netdb.h> as an installed header. Delete the dummy header
resolv/rpc/netdb.h because inet is not an optional glibc component
(so its <rpc/netdb.h> is always available).

Fixes commit acb527929d ("Move
non-deprecated RPC-related functions from sunrpc to inet") in
combination with commit 5500cdba40
("Remove --enable-obsolete-rpc configure flag").
2020-07-17 15:19:35 +02:00
Petr Vorel
5500cdba40 Remove --enable-obsolete-rpc configure flag
Sun RPC was removed from glibc. This includes rpcgen program, librpcsvc,
and Sun RPC headers. Also test for bug #20790 was removed
(test for rpcgen).

Backward compatibility for old programs is kept only for architectures
and ABIs that have been added in or before version 2.28.

libtirpc is mature enough, librpcsvc and rpcgen are provided in
rpcsvc-proto project.

NOTE: libnsl code depends on Sun RPC (installed libnsl headers use
installed Sun RPC headers), thus --enable-obsolete-rpc was a dependency
for --enable-obsolete-nsl (removed in a previous commit).

The arc ABI list file has to be updated because the port was added
with the sunrpc symbols

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-13 19:36:35 +02:00
Adhemerval Zanella
ffd178c651 sysv: linux: Add 64-bit time_t variant for shmctl
To provide a y2038 safe interface a new symbol __shmctl64 is added
and __shmctl is change to call it instead (it adds some extra buffer
copying for the 32 bit time_t implementation).

Two new structures are added:

  1. kernel_shmid64_ds: used internally only on 32-bit architectures
     to issue the syscall.  A handful of architectures (hppa, i386,
     mips, powerpc32, and sparc32) require specific implementations
     due to their kernel ABI.

  2. shmid_ds64: this is only for __TIMESIZE != 64 to use along with
     the 64-bit shmctl.  It is different than the kernel struct because
     the exported 64-bit time_t might require different alignment
     depending on the architecture ABI.

So the resulting implementation does:

  1. For 64-bit architectures it assumes shmid_ds already contains
     64-bit time_t fields and will result in just the __shmctl symbol
     using the __shmctl64 code.  The shmid_ds argument is passed as-is
     to the syscall.

  2. For 32-bit architectures with default 64-bit time_t (newer ABIs
     such riscv32 or arc), it will also result in only one exported
     symbol but with the required high/low time handling.

  3. Finally for 32-bit architecture with both 32-bit and 64-bit time_t
     support we follow the already set way to provide one symbol with
     64-bit time_t support and implement the 32-bit time_t support
     using of the 64-bit one.

     The default 32-bit symbol will allocate and copy the shmid_ds
     over multiple buffers, but this should be deprecated in favor
     of the __shmctl64 anyway.

Checked on i686-linux-gnu and x86_64-linux-gnu.  I also did some sniff
tests on powerpc, powerpc64, mips, mips64, armhf, sparcv9, and
sparc64.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Tested-by: Alistair Francis <alistair.francis@wdc.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-09 12:05:47 -03:00
Adhemerval Zanella
3283f71113 sysv: linux: Add 64-bit time_t variant for msgctl
To provide a y2038 safe interface a new symbol __msgctl64 is added
and __msgctl is change to call it instead (it adds some extra buffer
coping for the 32 bit time_t implementation).

Two new structures are added:

  1. kernel_msqid64_ds: used internally only on 32-bit architectures
     to issue the syscall.  A handful of architectures (hppa, i386, mips,
     powerpc32, and sparc32) require specific implementations due to
     their kernel ABI.

  2. msqid_ds64: this is only for __TIMESIZE != 64 to use along with
     the 64-bit msgctl.  It is different than the kernel struct because
     the exported 64-bit time_t might require different alignment
     depending on the architecture ABI.

So the resulting implementation does:

  1. For 64-bit architectures it assumes msqid_ds already contains
     64-bit time_t fields and will result in just the __msgctl symbol
     using the __msgctl64 code.  The msgid_ds argument is passed as-is
     to the syscall.

  2. For 32-bit architectures with default 64-bit time_t (newer ABIs
     such riscv32 or arc), it will also result in only one exported
     symbol but with the required high/low time handling.

  3. Finally for 32-bit architecture with both 32-bit and 64-bit time_t
     support we follow the already set way to provide one symbol with
     64-bit time_t support and implement the 32-bit time_t support using
     the 64-bit time_t.

     The default 32-bit symbol will allocate and copy the msqid_ds
     over multiple buffers, but this should be deprecated in favor
     of the __msgctl64 anyway.

Checked on i686-linux-gnu and x86_64-linux-gnu.  I also did some sniff
tests on powerpc, powerpc64, mips, mips64, armhf, sparcv9, and
sparc64.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Tested-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-09 12:05:40 -03:00
Adhemerval Zanella
dba950e317 sysv: linux: Add 64-bit time_t variant for semctl
Different than others 64-bit time_t syscalls, the SysIPC interface
does not provide a new set of syscall for y2038 safeness.  Instead it
uses unused fields in semid_ds structure to return the high bits for
the timestamps.

To provide a y2038 safe interface a new symbol __semctl64 is added
and __semctl is change to call it instead (it adds some extra buffer
copying for the 32 bit time_t implementation).

Two new structures are added:

  1. kernel_semid64_ds: used internally only on 32-bit architectures
     to issue the syscall.  A handful of architectures (hppa, i386,
     mips, powerpc32, sparc32) require specific implementations due
     their kernel ABI.

  2. semid_ds64: this is only for __TIMESIZE != 64 to use along with
     the 64-bit semctl.  It is different than the kernel struct because
     the exported 64-bit time_t might require different alignment
     depending on the architecture ABI.

So the resulting implementation does:

  1. For 64-bit architectures it assumes semid_ds already contains
     64-bit time_t fields and will result in just the __semctl symbol
     using the __semctl64 code.  The semid_ds argument is passed as-is
     to the syscall.

  2. For 32-bit architectures with default 64-bit time_t (newer ABIs
     such riscv32 or arc), it will also result in only one exported
     symbol but with the required high/low handling.

     It might be possible to optimize it further to avoid the
     kernel_semid64_ds to semun transformation if the exported ABI
     for the architectures matches the expected kernel ABI, but the
     implementation is already complex enough and don't think this
     should be a hotspot in any case.

  3. Finally for 32-bit architecture with both 32-bit and 64-bit time_t
     support we follow the already set way to provide one symbol with
     64-bit time_t support and implement the 32-bit time_t support
     using the 64-bit one.

     The default 32-bit symbol will allocate and copy the semid_ds
     over multiple buffers, but this should be deprecated in favor
     of the __semctl64 anyway.

Checked on i686-linux-gnu and x86_64-linux-gnu.  I also did some sniff
tests on powerpc, powerpc64, mips, mips64, armhf, sparcv9, and
sparc64.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Tested-by: Alistair Francis <alistair.francis@wdc.com>
Tested-by: Vineet Gupta <vgupta@synopsys.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2020-07-09 12:05:35 -03:00
Petr Vorel
ae7a94e5e3 Remove --enable-obsolete-nsl configure flag
this means that *always* libnsl is only built as shared library for
backward compatibility and the NSS modules libnss_nis and libnss_nisplus
are not built at all, libnsl's headers aren't installed.

This compatibility is kept only for architectures and ABIs that have
been added in or before version 2.28.

Replacement implementations based on TIRPC, which additionally support
IPv6, are available from <https://github.com/thkukuk/>.

This change does not affect libnss_compat which does not depended
on libnsl since 2.27 and thus can be used without NIS.

libnsl code depends on Sun RPC, e.g. on --enable-obsolete-rpc (installed
libnsl headers use installed Sun RPC headers), which will be removed in
the following commit.
2020-07-08 17:25:57 +02:00
Florian Weimer
78e02c4698 sunrpc: Remove hidden aliases for global data symbols (bug 26210)
It is generally not possible to add hidden aliases for global data
symbols: If the main executable contains a copy relocation against
the symbol, the hidden aliases keep pointing to the glibc-internal
copy of the symbol, instead of the symbol actually used by the
application.

Fixes commit 89aacb513e ("sunrpc:
Remove stray exports without --enable-obsolete-rpc [BZ #23166]").

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-08 08:39:39 +02:00
Adhemerval Zanella
325081b9eb string: Add strerrorname_np and strerrordesc_np
The strerrorname_np returns error number name (e.g. "EINVAL" for EINVAL)
while strerrordesc_np returns string describing error number (e.g
"Invalid argument" for EINVAL).  Different than strerror,
strerrordesc_np does not attempt to translate the return description,
both functions return NULL for an invalid error number.

They should be used instead of sys_errlist and sys_nerr, both are
thread and async-signal safe.  These functions are GNU extensions.

Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 15:02:57 -03:00
Adhemerval Zanella
bfe05aa289 string: Add sigabbrev_np and sigdescr_np
The sigabbrev_np returns the abbreviated signal name (e.g. "HUP" for
SIGHUP) while sigdescr_np returns the string describing the error
number (e.g "Hangup" for SIGHUP).  Different than strsignal,
sigdescr_np does not attempt to translate the return description and
both functions return NULL for an invalid signal number.

They should be used instead of sys_siglist or sys_sigabbrev and they
are both thread and async-signal safe.  They are added as GNU
extensions on string.h header (same as strsignal).

Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 14:57:14 -03:00
Adhemerval Zanella
725eeb4af1 string: Use tls-internal on strerror_l
The buffer allocation uses the same strategy of strsignal.

Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 14:10:58 -03:00
Adhemerval Zanella
28aff04781 string: Implement strerror in terms of strerror_l
If the thread is terminated then __libc_thread_freeres will free the
storage via __glibc_tls_internal_free.

It is only within the calling thread that this matters.  It makes
strerror MT-safe.

Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 14:10:58 -03:00
Adhemerval Zanella
f26d456b98 linux: Fix __NSIG_WORDS and add __NSIG_BYTES
The __NSIG_WORDS value is based on minimum number of words to hold
the maximum number of signals supported by the architecture.

This patch also adds __NSIG_BYTES, which is the number of bytes
required to represent the supported number of signals.  It is used in
syscalls which takes a sigset_t.

Checked on x86_64-linux-gnu and i686-linux-gnu.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 14:10:58 -03:00
Adhemerval Zanella
f13d260190 signal: Move sys_errlist to a compat symbol
The symbol is deprecated by strerror since its usage imposes some issues
such as copy relocations.

Its internal name is also changed to _sys_errlist_internal to avoid
static linking usage.  The compat code is also refactored by removing
the over enginered errlist-compat.c generation from manual entried and
extra comment token in linker script file.  It disantangle the code
generation from manual and simplify both Linux and Hurd compat code.

The definitions from errlist.c are moved to errlist.h and a new test
is added to avoid a new errno entry without an associated one in manual.

Checked on x86_64-linux-gnu and i686-linux-gnu. I also run a check-abi
on all affected platforms.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 14:10:58 -03:00
Adhemerval Zanella
b1ccfc061f signal: Move sys_siglist to a compat symbol
The symbol was deprecated by strsignal and its usage imposes issues
such as copy relocations.

Its internal name is changed to __sys_siglist and __sys_sigabbrev to
avoid static linking usage.  The compat code is also refactored, since
both Linux and Hurd usage the same strategy: export the same array with
different object sizes.

The libSegfault change avoids calling strsignal on the SIGFAULT signal
handler (the current usage is already sketchy, adding a call that
potentially issue locale internal function is even sketchier).

Checked on x86_64-linux-gnu and i686-linux-gnu. I also run a check-abi
on all affected platforms.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 14:10:58 -03:00
Florian Weimer
706ad1e7af Add the __libc_single_threaded variable
The variable is placed in libc.so, and it can be true only in
an outer libc, not libcs loaded via dlmopen or static dlopen.
Since thread creation from inner namespaces does not work,
pthread_create can update __libc_single_threaded directly.

Using __libc_early_init and its initial flag, implementation of this
variable is very straightforward.  A future version may reset the flag
during fork (but not in an inner namespace), or after joining all
threads except one.

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-07-06 11:15:58 +02:00
Florian Weimer
e3022f4bcd <libc-symbols.h>: Add libpthread hidden alias support
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2020-05-20 20:29:56 +02:00
Lukasz Majewski
e9698175b0 y2038: Replace __clock_gettime with __clock_gettime64
The __clock_gettime internal function is not supporting 64 bit time on
architectures with __WORDSIZE == 32 and __TIMESIZE != 64 (like e.g. ARM 32
bit).

The __clock_gettime64 function shall be used instead in the glibc itself as
it supports 64 bit time on those systems.
This patch does not bring any changes to systems with __WORDSIZE == 64 as
for them the __clock_gettime64 is aliased to __clock_gettime (in
./include/time.h).
2020-05-20 16:45:16 +02:00
Lukasz Majewski
0308077e3a y2038: linux: Provide __adjtime64 implementation
This patch provides new __adjtime64 explicit 64 bit function for adjusting
Linux kernel clock.

Internally, the __clock_adjtime64 syscall is used instead of __adjtimex. This
patch is necessary for having architectures with __WORDSIZE == 32 Y2038 safe.

Moreover, a 32 bit version - __adjtime has been refactored to internally use
__adjtime64.

The __adjtime is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversions between struct
timeval and 64 bit struct __timeval64.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as without to
test the proper usage of both __adjtime64 and __adjtime.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-05-20 01:03:26 +02:00
Florian Weimer
ce12fc7113 Remove NO_CTORS_DTORS_SECTIONS macro
This was originally added to support binutils older than version
2.22:

  <https://sourceware.org/ml/libc-alpha/2010-12/msg00051.html>

Since 2.22 is older than the minimum required binutils version
for building glibc, we no longer need this.  (The changes do
not impact the statically linked startup code.)
2020-05-18 15:39:34 +02:00
Florian Weimer
d69c3a9e75 Document the internal _ and N_ macros
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-05-06 17:35:40 +02:00
Lukasz Majewski
a308615f7c y2038: include: Move struct __timeval64 definition to a separate file
The struct __timeval64's definition has been moved from ./include/time.h to
./include/struct___timeval64.h.

This change would prevent from polluting other glibc namespaces (when
headers are modified to support 64 bit time on architectures with
__WORDSIZE==32).

Now it is possible to just include definition of this particular structure
when needed.

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-05-05 19:36:25 +02:00
Paul E. Murphy
a49e56a945 float128: use builtin_signbitf128 always
The minimum GCC version has been raised to 6.2 for building
glibc.  Therefore, follow the advice inside the implementation
and remove the GCC < 6 codepath.

Likewise, remove the hidden_proto as all internal usages should
inline now.
2020-05-04 13:18:45 -05:00
H.J. Lu
ff026950e2 Add a C wrapper for prctl [BZ #25896]
Add a C wrapper to pass arguments in

/* Control process execution.  */
extern int prctl (int __option, ...) __THROW;

to prctl syscall:

extern int prctl (int, unsigned long int, unsigned long int,
		  unsigned long int, unsigned long int);
2020-04-30 10:42:43 -07:00
Paul E. Murphy
e2239af353 Rename __LONG_DOUBLE_USES_FLOAT128 to __LDOUBLE_REDIRECTS_TO_FLOAT128_ABI
Improve the commentary to aid future developers who will stumble
upon this novel, yet not always perfect, mechanism to support
alternative formats for long double.

Likewise, rename __LONG_DOUBLE_USES_FLOAT128 to
__LDOUBLE_REDIRECTS_TO_FLOAT128_ABI now that development work
has settled down.  The command used was

git grep -l __LONG_DOUBLE_USES_FLOAT128 ':!./ChangeLog*' | \
  xargs sed -i 's/__LONG_DOUBLE_USES_FLOAT128/__LDOUBLE_REDIRECTS_TO_FLOAT128_ABI/g'

Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
2020-04-30 08:52:08 -05:00
Paul E. Murphy
86005fdbf4 ldbl-128ibm-compat: workaround GCC 9 C++ PR90731
GCC 9 has a bug (PR90731) whereby __typeof does not correctly copy
exception specifiers[1].  Surprisingly, this can be quieted by declaring
"#pragma system_header", or if the headers are installed in a system
directory.

Work around this by using the pragma for any gcc version between
9.0 and 9.2 to ensure tests continue to compile.

[1] Example error from g++ 9.2.1:

In file included from ../include/sys/cdefs.h:3,
                 from ../include/features.h:465,
                 from ../bits/libc-header-start.h:33,
                 from ../math/math.h:27,
                 from ../include/math.h:7,
                 from test-math-isinff.cc:21:
../libio/bits/stdio-ldbl.h:25:20: error: declaration of ‘int sprintf(char*, const char*, ...)’ has a different exception specifier
   25 | __LDBL_REDIR_DECL (sprintf)
      |                    ^~~~~~~
../misc/sys/cdefs.h:461:26: note: in definition of macro ‘__LDBL_REDIR_DECL’
  461 |   extern __typeof (name) name __asm (__ASMNAME ("__" #name "ieee128"));
      |                          ^~~~
In file included from ../include/stdio.h:5,
                 from test-math-isinff.cc:22:
../libio/stdio.h:334:12: note: from previous declaration ‘int sprintf(char*, const char*, ...) throw ()’
  334 | extern int sprintf (char *__restrict __s,
      |            ^~~~~~~

Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
2020-04-30 08:52:08 -05:00
Carlos O'Donell
99de869beb Use 2020 as copyright year.
Use the year 2020 for files added by commit:
92954ffa5a
2020-04-27 10:34:52 -04:00
Carlos O'Donell
92954ffa5a localedef: Add verbose messages for failure paths.
During testing of localedef running in a minimal container
there were several error cases which were hard to diagnose
since they appeared as strerror (errno) values printed by the
higher level functions.  This change adds three new verbose
messages for potential failure paths.  The new messages give
the user the opportunity to use -v and display additional
information about why localedef might be failing.  I found
these messages useful myself while writing a localedef
container test for --no-hard-links.

Since the changes cleanup the code that handle codeset
normalization we add tst-localedef-path-norm which contains
many sub-tests to verify the correct expected normalization of
codeset strings both when installing to default paths (the
only time normalization is enabled) and installing to absolute
paths.  During the refactoring I created at least one
buffer-overflow which valgrind caught, but these tests did not
catch because the exec in the container had a very clean heap
with zero-initialized memory. However, between valgrind and
the tests the results are clean.

The new tst-localedef-path-norm passes without regression on
x86_64.

Change-Id: I28b9f680711ff00252a2cb15625b774cc58ecb9d
2020-04-26 13:55:58 -04:00
Florian Weimer
076f09afba Linux: Remove <sys/sysctl.h> and the sysctl function
Linux 5.5 remove the system call in commit
61a47c1ad3a4dc6882f01ebdc88138ac62d0df03 ("Linux: Remove
<sys/sysctl.h>").  Therefore, the compat function is just a stub that
sets ENOSYS.

Due to SHLIB_COMPAT, new ports will not add the sysctl function anymore
automatically.

x32 already lacks the sysctl function, so an empty sysctl.c file is
used to suppress it.  Otherwise, a new compat symbol would be added.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-15 17:17:32 +02:00
Lukasz Majewski
0b65a8fbaf y2038: linux: Provide __mq_timedreceive_time64 implementation
This patch provides new __mq_timedreceive_time64 explicit 64 bit function for
receiving messages with absolute timeout.
Moreover, a 32 bit version - __mq_timedreceive has been refactored to
internally use __mq_timedreceive_time64.

The __mq_timedreceive is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion to 64 bit struct
__timespec64 from struct timespec.

The new mq_timedsend_time64 syscall available from Linux 5.1+ has been used,
when applicable.

As this wrapper function is also used internally in the glibc, to e.g. provide
mq_receive implementation, an explicit check for abs_timeout being NULL has been
added due to conversions between struct timespec and struct __timespec64.
Before this change the Linux kernel handled this NULL pointer.

Build tests:
- ./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Linux kernel, headers and minimal kernel version for glibc build test matrix:
- Linux v5.1 (with mq_timedreceive_time64) and glibc built with v5.1 as
  minimal kernel version (--enable-kernel="5.1.0")
  The __ASSUME_TIME64_SYSCALLS flag defined.

- Linux v5.1 and default minimal kernel version
  The __ASSUME_TIME64_SYSCALLS not defined, but kernel supports
  mq_timedreceive_time64 syscall.

- Linux v4.19 (no mq_timedreceive_time64 support) with default minimal kernel
  version for contemporary glibc (3.2.0)
  This kernel doesn't support mq_timedreceive_time64 syscall, so the fallback to
  mq_timedreceive is tested.

Above tests were performed with Y2038 redirection applied as well as without
(so the __TIMESIZE != 64 execution path is checked as well).

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-06 23:05:11 +02:00
Lukasz Majewski
6f5eb5b2e5 y2038: linux: Provide __mq_timedsend_time64 implementation
This patch provides new __mq_timedsend_time64 explicit 64 bit function for
sending messages with absolute timeout.
Moreover, a 32 bit version - __mq_timedsend has been refactored to internally
use __mq_timedsend_time64.

The __mq_timedsend is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion to 64 bit struct
__timespec64 from struct timespec.

The new __mq_timedsend_time64 syscall available from Linux 5.1+ has been used,
when applicable.

As this wrapper function is also used internally in the glibc, to e.g. provide
mq_send implementation, an explicit check for abs_timeout being NULL has been
added due to conversions between struct timespec and struct __timespec64.
Before this change the Linux kernel handled this NULL pointer.

Build tests:
- ./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Linux kernel, headers and minimal kernel version for glibc build test matrix:
- Linux v5.1 (with mq_timedsend_time64) and glibc built with v5.1 as a
  minimal kernel version (--enable-kernel="5.1.0")
  The __ASSUME_TIME64_SYSCALLS flag defined.

- Linux v5.1 and default minimal kernel version
  The __ASSUME_TIME64_SYSCALLS not defined, but kernel supports
  mq_timedsend_time64 syscall.

- Linux v4.19 (no mq_timedsend_time64 support) with default minimal kernel
  version for contemporary glibc (3.2.0)
  This kernel doesn't support mq_timedsend_time64 syscall, so the fallback to
  mq_timedsend is tested.

Above tests were performed with Y2038 redirection applied as well as without
(so the __TIMESIZE != 64 execution path is checked as well).

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-06 23:05:11 +02:00
Lukasz Majewski
390b5a4727 y2038: include: Move struct __timespec64 definition to a separate file
The struct __timespec64's definition has been moved from ./include/time.h to
./include/struct___timespec64.h.

This change would prevent from polluting other glibc namespaces (when
headers are modified to support 64 bit time on architectures with
__WORDSIZE==32).

Now it is possible to just include definition of this particular structure
when needed.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-06 23:05:11 +02:00
Alistair Francis
600f00b747 linux: Use long time_t for wait4/getrusage
The Linux kernel expects rusage to use a 32-bit time_t, even on archs
with a 64-bit time_t (like RV32). To address this let's convert
rusage to/from 32-bit and 64-bit to ensure the kernel always gets
a 32-bit time_t.

While we are converting these functions let's also convert them to be
the y2038 safe versions. This means there is a *64 function that is
called by a backwards compatible wrapper.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-02 09:21:06 -07:00
Alistair Francis
5d24ba82c4 resource: Add a __rusage64 struct
Add a __rusage64 struct which always uses a 64-bit time_t.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-02 09:21:06 -07:00
Alistair Francis
a51e035889 linux: Use long time_t __getitimer/__setitimer
The Linux kernel expects itimerval to use a 32-bit time_t, even on archs
with a 64-bit time_t (like RV32). To address this let's convert
itimerval to/from 32-bit and 64-bit to ensure the kernel always gets
a 32-bit time_t.

While we are converting these functions let's also convert them to be
the y2038 safe versions. This means there is a *64 function that is
called by a backwards compatible wrapper.

Tested-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-04-02 09:21:06 -07:00
Alistair Francis
933dc0e570 time: Add a __itimerval64 struct
Add a __itimerval64 which always uses a 64-bit time_t.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-03-27 11:23:15 -07:00
Alistair Francis
d1876749a8 time: Add a timeval with a 32-bit tv_sec and tv_usec
On y2038 safe 32-bit systems the Linux kernel expects itimerval to
use a 32-bit time_t, even though the other time_t's are 64-bit. To
address this let's add a __timeval32 struct to be used internally.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-03-27 11:23:15 -07:00
Paul E. Murphy
45ae17dd7e ldbl-128ibm-compat: PLT redirects for using ldbl redirects internally
Tweak the PLT bypass magic when building glibc with long double
redirects.  This is made more difficult by the fact we only get
one chance to redirect functions.  This happens via the public
headers.

There are roughly three classes of redirect we need to attend to
today:

 1. Simple redirects, redirected via cdef macro overrides and
    and new libc_hidden_ldbl_proto macro.
 2. Internal usage of internal API, e.g __snprintf, which has
    no direct analogue.  This is bypassed directly on case-by-
    case basis.
 3. Double redirects, e.g sscanf and related.  These require
    a heavier handed approach of macro renaming to existing
    symbols.

Most simple redirects are handled via 1.  Ideally, the libc_*
macro would live in libc-symbols.h, but in practice the macros
needed for it to do anything useful live in cdefs.h, so they
are defined in the local override.

Notably, the internal name of the asprintf generated for ieee ldbl
redirects is renamed to work with internal prefixed usage.

This resolves the local plt usage introduced when building glibc
with ldbl == ieee128 on ppc64le.

Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
2020-03-25 14:34:23 -05:00
Lukasz Majewski
8b8f39376b y2038: linux: Provide __futimesat64 implementation
This conversion patch for supporting 64 bit time for futimesat only differs
from the work performed for futimes (when providing __futimes64) with passing
also the file name (and path) to utimensat.

All the design and conversion decisions are exactly the same as for futimens
conversion.
2020-03-09 10:26:46 +01:00
Lukasz Majewski
1a5e12826c y2038: linux: Provide __lutimes64 implementation
This conversion patch for supporting 64 bit time for lutimes mostly differs from
the work performed for futimes (when providing __futimes64) with adding the
AT_SYMLINK_NOFOLLOW flag to utimensat.
It also supports passing file name instead of file descriptor number, but this
is not relevant for utimensat used to implement it.

All the design and conversion decisions are exactly the same as for futimens
conversion.
2020-03-09 10:26:46 +01:00
Lukasz Majewski
f072671cf5 y2038: linux: Provide __futimes64 implementation
This patch provides new __futimes64 explicit 64 bit function for setting file's
64 bit attributes for access and modification time (by specifying file
descriptor number).

Internally, the __utimensat64_helper function is used. This patch is necessary
for having architectures with __WORDSIZE == 32 Y2038 safe.

Moreover, a 32 bit version - __futimes has been refactored to internally use
__futimes64.

The __futimes is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion of struct timeval
to 64 bit struct __timeval64.

The check if struct timevals' usec fields are in the range between 0 and 1000000
has been removed as Linux kernel performs it internally in the implementation
of utimensat (the conversion between struct __timeval64 and __timespec64 is not
relevant for this particular check).

Last but not least, checks for tvp{64} not being NULL have been preserved from
the original code as some legacy user space programs may rely on it.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as without to
test the proper usage of both __futimes64 and __futimes.
2020-03-09 10:26:46 +01:00
Lukasz Majewski
66449d9339 y2038: linux: Provide __utime64 implementation
This patch replaces auto generated wrapper (as described in
sysdeps/unix/sysv/linux/syscalls.list) for utime with one which adds extra
support for setting file's access and modification 64 bit time on machines
with __TIMESIZE != 64.

Internally, the __utimensat_time64 helper function is used. This patch is
necessary for having architectures with __WORDSIZE == 32 && __TIMESIZE != 64
Y2038 safe.

Moreover, a 32 bit version - __utime has been refactored to internally use
__utime64.
The __utime is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion between struct
utimbuf and struct __utimbuf64.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as
without to test proper usage of both __utime64 and __utime.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 14:28:08 +01:00
Lukasz Majewski
d962a5d68a y2038: linux: Provide __utimes64 implementation
This patch provides new __utimes64 explicit 64 bit function for setting file's
64 bit attributes for access and modification time.

Internally, the __utimensat64_helper function is used. This patch is necessary
for having architectures with __WORDSIZE == 32 Y2038 safe.

Moreover, a 32 bit version - __utimes has been refactored to internally use
__utimes64.

The __utimes is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion of struct
timeval to 64 bit struct __timeval64.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as without
to test proper usage of both __utimes64 and __utimes.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-03-03 14:28:08 +01:00
Lukasz Majewski
847d3913da y2038: Introduce struct __utimbuf64 - new internal glibc type
This type is a glibc's "internal" type to store file's access and modification
times in __time64_t rather than __time_t, which makes it Y2038-proof.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
2020-03-03 14:28:08 +01:00
Tulio Magno Quites Machado Filho
8dbfea3a20 ldbl-128ibm-compat: Redirect long double functions to f128/ieee128 functions
Modify the headers to redirect long double functions to global __*f128
symbols or to __*ieee128 otherwise.

Most of the functions in math.h benefit from the infrastructure already
available for __LDBL_COMPAT.  The only exceptions are nexttowardf and
nexttoward that need especial treatment.

Both math/bits/mathcalls-helper-functions.h and math/bits/mathcalls.h
were modified in order to provide alternative redirection destinations
that are essential to support functions that should not be redirected to
the same name pattern of the rest of the functions, i.e.: __fpclassify,
__signbit, __iseqsig, __issignaling, isinf, finite and isnan, which will
be redirected to __*f128 instead of __*ieee128 used for the rest.
2020-02-28 08:20:02 -06:00
Florian Weimer
d423e17031 nss_nis: Use NSS_DECLARE_MODULE_FUNCTIONS
This commit removes the minor optimization based on strong aliases
because it loses type safety.
2020-02-25 16:15:09 +01:00
Florian Weimer
783e641fba csu: Use ELF constructor instead of _init in libc.so
On !ELF_INITFINI architectures, _init is no longer called by the
dynamic linker.  We can use an ELF constructor instead because the
constructor order does not matter.  (The other constructors are used
to set up libio vtable bypasses and do not depend on this
initialization routine.)
2020-02-25 14:58:52 +01:00
Florian Weimer
c1080713ad Add hidden prototypes for __sched_getparam, __sched_getscheduler
This will enable them to be used in libc.so without PLTs.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-20 08:57:01 +01:00
Lukasz Majewski
7455b70027 y2038: linux: Provide __gettimeofday64 implementation
In the glibc the gettimeofday can use vDSO (on power and x86 the
USE_IFUNC_GETTIMEOFDAY is defined), gettimeofday syscall or 'default'
___gettimeofday() from ./time/gettime.c (as a fallback).

In this patch the last function (___gettimeofday) has been refactored and
moved to ./sysdeps/unix/sysv/linux/gettimeofday.c to be Linux specific.

The new __gettimeofday64 explicit 64 bit function for getting 64 bit time from
the kernel (by internally calling __clock_gettime64) has been introduced.

Moreover, a 32 bit version - __gettimeofday has been refactored to internally
use __gettimeofday64.

The __gettimeofday is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary check for time_t potential
overflow and conversion of struct __timeval64 to 32 bit struct timespec.

The iFUNC vDSO direct call optimization has been removed from both i686 and
powerpc32 (USE_IFUNC_GETTIMEOFDAY is not defined for those architectures
anymore). The Linux kernel does not provide a y2038 safe implementation of
gettimeofday neither it plans to provide it in the future, clock_gettime64
should be used instead. Keeping support for this optimization would require
to handle another build permutation (!__ASSUME_TIME64_SYSCALLS &&
USE_IFUNC_GETTIMEOFDAY) which adds more complexity and has limited use
(since the idea is to eventually have a y2038 safe glibc build).

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as without
to test proper usage of both __gettimeofday64 and __gettimeofday.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
[Including some commit message improvement]
2020-02-18 23:55:47 +01:00
Florian Weimer
631cf64bc1 Move implementation of <file_change_detection.h> into a C file
file_change_detection_for_stat partially initialize
struct file_change_detection in some cases, when the size member
alone determines the outcome of all comparisons.  This results
in maybe-uninitialized compiler warnings in case of sufficiently
aggressive inlining.

Once the implementation is moved into a separate C file, this kind
of inlining is no longer possible, so the compiler warnings are gone.
2020-02-18 13:44:48 +01:00
Florian Weimer
3a0ecccb59 ld.so: Do not export free/calloc/malloc/realloc functions [BZ #25486]
Exporting functions and relying on symbol interposition from libc.so
makes the choice of implementation dependent on DT_NEEDED order, which
is not what some compiler drivers expect.

This commit replaces one magic mechanism (symbol interposition) with
another one (preprocessor-/compiler-based redirection).  This makes
the hand-over from the minimal malloc to the full malloc more
explicit.

Removing the ABI symbols is backwards-compatible because libc.so is
always in scope, and the dynamic loader will find the malloc-related
symbols there since commit f0b2132b35
("ld.so: Support moving versioned symbols between sonames
[BZ #24741]").

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-02-15 11:01:23 +01:00
Florian Weimer
2efa52c880 Remove weak declaration of free from <inline-hashtab.h>
elf/dl-minimal.c provides a definition of free, so the function
pointer is always non-null, even before the final relocation
of the loader.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-02-15 11:01:20 +01:00
Florian Weimer
6b89c385d8 io: Implement lchmod using fchmodat [BZ #14578] 2020-02-12 08:43:59 +01:00
Florian Weimer
6c80c6e876 Add internal <file_change_detection.h> header file
The code started out with bits form resolv/resolv_conf.c, but it
was enhanced to deal with directories and FIFOs in a more predictable
manner.  A test case is included as well.

This will be used to implement the /etc/resolv.conf change detection.

This currently lives in a header file only.  Once there are multiple
users, the implementations should be moved into C files.
2020-02-12 08:42:58 +01:00
Lukasz Majewski
d2e3b697da y2038: linux: Provide __settimeofday64 implementation
This patch provides new __settimeofday64 explicit 64 bit function for setting
64 bit time in the kernel (by internally calling __clock_settime64).
Moreover, a 32 bit version - __settimeofday has been refactored to internally
use __settimeofday64.

The __settimeofday is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion of struct
timeval to 64 bit struct __timespec64.

Internally the settimeofday uses __settimeofday64. This patch is necessary
for having architectures with __WORDSIZE == 32 Y2038 safe.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as without
to test proper usage of both __settimeofday64 and __settimeofday.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-07 17:55:08 +01:00
Lukasz Majewski
29bf83ccd7 y2038: Provide conversion helpers for struct __timeval64
Those functions allow easy conversion between Y2038 safe, glibc internal
struct __timeval64 and other time related data structures (like struct timeval
or struct __timespec64).

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-07 17:55:08 +01:00
Lukasz Majewski
504c987170 y2038: Introduce struct __timeval64 - new internal glibc type
This type is a glibc's "internal" type similar to struct timeval but
whose tv_sec field is a __time64_t rather than a time_t, which makes it
Y2038-proof. This struct is NOT supposed to be passed to the kernel -
instead it shall be converted to struct __timespec64 and clock_[sg]ettime
syscalls shall be used (which are now Y2038 safe).

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-07 17:55:08 +01:00
Lukasz Majewski
f1c314d275 y2038: linux: Provide __timespec_get64 implementation
This patch provides new instance of Linux specific timespec_get.c file placed
in ./sysdeps/unix/sysv/linux/.

When compared to this file version from ./time directory, it provides
__timespec_get64 explicit 64 bit function for getting 64 bit time in the
struct __timespec64 (for compilation using C11 standard).
Moreover, a 32 bit version - __timespec_get internally uses
__timespec_get64.

The __timespec_get is now supposed to be used on systems still supporting 32
bit time (__TIMESIZE != 64) - hence the necessary conversion to 32 bit struct
timespec.

Internally the timespec_get uses __clock_gettime64. This patch is necessary
for having architectures with __WORDSIZE == 32 Y2038 safe.

Build tests:
./src/scripts/build-many-glibcs.py glibcs

Run-time tests:
- Run specific tests on ARM/x86 32bit systems (qemu):
  https://github.com/lmajewski/meta-y2038 and run tests:
  https://github.com/lmajewski/y2038-tests/commits/master

Above tests were performed with Y2038 redirection applied as well as without
to test proper usage of both __timespec_get64 and __timespec_get.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-05 00:10:16 +01:00
Andreas Schwab
6befb33f31 rt: avoid PLT setup in timer_[sg]ettime
The functions __timer_gettime64 and __timer_settime64 live in librt, not
libc.  Use proper hidden aliases so that the callers do not need to set up
the PLT register.

Fixes commits cae1635a70 ("y2038: linux: Provide __timer_settime64
implementation") and 562cdc19c7 ("y2038: linux: Provide __timer_gettime64
implementation").
2020-02-03 12:16:09 +01:00
Lukasz Majewski
b112f53e9d y2038: linux: Provide __sched_rr_get_interval64 implementation
This patch replaces auto generated wrapper (as described in
sysdeps/unix/sysv/linux/syscalls.list) for sched_rr_get_interval with one which
adds extra support for reading 64 bit time values on machines with
__TIMESIZE != 64.
There is no functional change for architectures already supporting 64 bit
time ABI.

The sched_rr_get_interval declaration in ./include/sched.h is not followed by
corresponding libc_hidden_proto(), so it has been assumed that newly introduced
syscall wrapper doesn't require libc_hidden_def() (which has been added by
template used with auto generation script).

Moreover, the code for building sched_rr_gi.c file is already placed in
./posix/Makefiles, so there was no need to add it elsewhere.

Performed tests and validation are the same as for timer_gettime() conversion
(sysdeps/unix/sysv/linux/timer_gettime.c).

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-02 11:23:50 +01:00
Lukasz Majewski
eae2243272 y2038: linux: Provide __timerfd_settime64 implementation
This patch replaces auto generated wrapper (as described in
sysdeps/unix/sysv/linux/syscalls.list) for timerfd_settime with one which
adds extra support for reading and writing from Linux kernel 64 bit time
values on machines with __TIMESIZE != 64.
There is no functional change for archs already supporting 64 bit time ABI.

This patch is conceptually identical to timer_settime conversion already
done in sysdeps/unix/sysv/linux/timer_settime.c.
Please refer to corresponding commit message for detailed description of
introduced functions and the testing procedure.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

---
Changes for v4:
- Update date from 2019 to 2020

Changes for v3:
- Add missing libc_hidden_def()

Changes for v2:
- Remove "Contributed by" from the file header
- Remove early check for (fd < 0) in __timerfd_settime64 as the fd
  correctness check is already done in Linux kernel
- Add single descriptive comment line to provide concise explanation
  of the code
2020-02-02 11:23:23 +01:00
Lukasz Majewski
0f6e6b9764 y2038: linux: Provide __timerfd_gettime64 implementation
This patch replaces auto generated wrapper (as described in
sysdeps/unix/sysv/linux/syscalls.list) for timerfd_gettime with one which
adds extra support for reading 64 bit time values on machines with
__TIMESIZE != 64.
There is no functional change for architectures already supporting 64 bit
time ABI.

This patch is conceptually identical to timer_gettime conversion already
done in sysdeps/unix/sysv/linux/timer_gettime.c.
Please refer to corresponding commit message for detailed description of
introduced functions and the testing procedure.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

---
Changes for v4:
- Update date from 2019 to 2020

Changes for v3:
- Add missing libc_hidden_def()

Changes for v2:
- Remove "Contributed by" from the file header
- Remove early check for (fd < 0) in __timerfd_gettime64 as the fd
  correctness check is already done in Linux kernel
- Add single descriptive comment line to provide concise explanation
  of the code
2020-02-02 11:23:23 +01:00
Siddhesh Poyarekar
7ef9556328 Update version numbers for 2.31 release 2020-02-01 17:16:54 +05:30
Joseph Myers
d614a75396 Update copyright dates with scripts/update-copyrights. 2020-01-01 00:14:33 +00:00
Tulio Magno Quites Machado Filho
1ef9b6e0bf Do not redirect calls to __GI_* symbols, when redirecting to *ieee128
On platforms where long double has IEEE binary128 format as a third
option (initially, only powerpc64le), many exported functions are
redirected to their __*ieee128 equivalents.  This redirection is
provided by installed headers such as stdio-ldbl.h, and is supposed to
work correctly with user code.

However, during the build of glibc, similar redirections are employed,
in internal headers, such as include/stdio.h, in order to avoid extra
PLT entries.  These redirections conflict with the redirections to
__*ieee128, and must be avoided during the build.  This patch protects
the second redirections with a test for __LONG_DOUBLE_USES_FLOAT128, a
new macro that is defined to 1 when functions that deal with long double
typed values reuses the _Float128 implementation (this is currently only
true for powerpc64le).

Tested for powerpc64le, x86_64, and with build-many-glibcs.py.

Co-authored-by: Gabriel F. T. Gomes <gabrielftg@linux.ibm.com>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
2019-12-27 15:02:10 -03:00
Adhemerval Zanella
848791557b Implement waitpid in terms of wait4
This also consolidate all waitpid implementations.

Checked on x86_64-linux-gnu.
2019-12-19 16:11:09 -03:00
Samuel Thibault
8eaf34eda2 hurd: Fix local PLT
* include/sys/random.h (__getrandom): Add hidden prototype.
* stdlib/getrandom.c (getrandom): Rename to hidden definition __getrandom.
Add weak alias.
* sysdeps/mach/hurd/getrandom.c (getrandom): Likewise.
* sysdeps/unix/sysv/linux/getrandom.c (getrandom): Likewise.
* sysdeps/mach/hurd/getentropy.c (getentropy): Use __getrandom instead of
getrandom.
2019-12-13 11:11:54 +01:00
Florian Weimer
f8ed116aa5 dlopen: Rework handling of pending NODELETE status
Commit a2e8aa0d9e ("Block signals during
the initial part of dlopen") was deemed necessary because of
read-modify-write operations like the one in  add_dependency in
elf/dl-lookup.c.  In the old code, we check for any kind of NODELETE
status and bail out:

      /* Redo the NODELETE check, as when dl_load_lock wasn't held
	 yet this could have changed.  */
      if (map->l_nodelete != link_map_nodelete_inactive)
	goto out;

And then set pending status (during relocation):

	  if (flags & DL_LOOKUP_FOR_RELOCATE)
	    map->l_nodelete = link_map_nodelete_pending;
	  else
	    map->l_nodelete = link_map_nodelete_active;

If a signal arrives during relocation and the signal handler, through
lazy binding, adds a global scope dependency on the same map, it will
set map->l_nodelete to link_map_nodelete_active.  This will be
overwritten with link_map_nodelete_pending by the dlopen relocation
code.

To avoid such problems in relation to the l_nodelete member, this
commit introduces two flags for active NODELETE status (irrevocable)
and pending NODELETE status (revocable until activate_nodelete is
invoked).  As a result, NODELETE processing in dlopen does not
introduce further reasons why lazy binding from signal handlers
is unsafe during dlopen, and a subsequent commit can remove signal
blocking from dlopen.

This does not address pre-existing issues (unrelated to the NODELETE
changes) which make lazy binding in a signal handler during dlopen
unsafe, such as the use of malloc in both cases.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-12-13 10:18:46 +01:00