David S. Miller [Tue, 12 Nov 2013 20:48:01 +0000 (12:48 -0800)]
Fix sparc 64-bit GMP ifunc resolution in static builds.
[BZ #16150]
* sysdeps/sparc/sparc64/multiarch/add_n.S: Resolve to the correct generic
symbol in the non-vis3 case in static builds.
* sysdeps/sparc/sparc64/multiarch/addmul_1.S: Likewise.
* sysdeps/sparc/sparc64/multiarch/mul_1.S: Likewise.
* sysdeps/sparc/sparc64/multiarch/sub_n.S: Likewise.
* sysdeps/sparc/sparc64/multiarch/submul_1.S: Likewise.
Will Newton [Fri, 16 Aug 2013 11:54:29 +0000 (12:54 +0100)]
malloc: Check for integer overflow in memalign.
A large bytes parameter to memalign could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15857]
* malloc/malloc.c (__libc_memalign): Check the value of bytes
does not overflow.
Will Newton [Fri, 16 Aug 2013 10:59:37 +0000 (11:59 +0100)]
malloc: Check for integer overflow in valloc.
A large bytes parameter to valloc could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15856]
* malloc/malloc.c (__libc_valloc): Check the value of bytes
does not overflow.
Will Newton [Mon, 12 Aug 2013 14:08:02 +0000 (15:08 +0100)]
malloc: Check for integer overflow in pvalloc.
A large bytes parameter to pvalloc could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15855]
* malloc/malloc.c (__libc_pvalloc): Check the value of bytes
does not overflow.
Carlos O'Donell [Mon, 23 Sep 2013 04:52:09 +0000 (00:52 -0400)]
BZ #15754: CVE-2013-4788
The pointer guard used for pointer mangling was not initialized for
static applications resulting in the security feature being disabled.
The pointer guard is now correctly initialized to a random value for
static applications. Existing static applications need to be
recompiled to take advantage of the fix.
The test tst-ptrguard1-static and tst-ptrguard1 add regression
coverage to ensure the pointer guards are sufficiently random
and initialized to a default value.
This patch fixes another stack overflow in getaddrinfo when it is
called with AF_INET6. The AF_UNSPEC case was fixed as CVE-2013-1914,
but the AF_INET6 case went undetected back then.
Fix PI mutex check in pthread_cond_broadcast and pthread_cond_signal
Fixes BZ #15996.
The check had a typo - it checked for PTHREAD_MUTEX_ROBUST_NP instead
of PTHREAD_MUTEX_ROBUST_NORMAL_NP. It has now been replaced by the
already existing convenience macro USE_REQUEUE_PI.
Mike Frysinger [Sun, 5 Jan 2014 21:23:42 +0000 (16:23 -0500)]
ia64: add __ prefix to pt_all_user_regs/ia64_fpreg [BZ #762]
This addresses a long standing collision between userspace headers and
kernel headers only on ia64 systems. All other types have a __ prefix
in the ptrace headers except these two. Let's finally namespace these.
Verified that at least strace still builds after this change, as well
as after deleting all the struct hacks it has specifically for ia64.
URL: https://sourceware.org/bugzilla/show_bug.cgi?id=762 Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Mike Frysinger [Sun, 5 Jan 2014 21:07:13 +0000 (16:07 -0500)]
ptrace.h: add __ prefix to ptrace_peeksiginfo_args
All the other ptrace structures in this file have a __ prefix except this
new one. This in turn causes build problems for most packages that try to
use ptrace such as strace:
gcc -DHAVE_CONFIG_H -I. -I../.. -I../../linux/x86_64 -I../../linux \
-I./linux -Wall -Wwrite-strings -g -O2 -MT process.o -MD -MP \
-MF .deps/process.Tpo -c -o process.o ../../process.c
In file included from ../../process.c:63:0:
/usr/include/linux/ptrace.h:58:8: error: redefinition of 'struct ptrace_peeksiginfo_args'
struct ptrace_peeksiginfo_args {
^
In file included from ../../defs.h:159:0,
from ../../process.c:37:
/usr/include/sys/ptrace.h:191:8: note: originally defined here
struct ptrace_peeksiginfo_args
^
Since this struct was introduced in glibc-2.18, there shouldn't be any
real regressions with adding the __ prefix.
Guy Martin [Thu, 21 Nov 2013 18:23:16 +0000 (13:23 -0500)]
Don't use broken DL_AUTO_FUNCTION_ADDRESS()
On hppa and ia64, the macro DL_AUTO_FUNCTION_ADDRESS() uses the
variable fptr[2] in it's own scope.
The content of fptr[] is thus undefined right after the macro exits.
Newer gcc's (>= 4.7) reuse the stack space of this variable triggering
a segmentation fault in dl-init.c:69.
To fix this we rewrite the macros to make the call directly to init
and fini without needing to pass back a constructed function pointer.
Mike Frysinger [Tue, 3 Sep 2013 03:13:57 +0000 (23:13 -0400)]
hppa: add fanotify_mark
Another example of all the 64bit arches getting the definition via a
common file, but the 32bit ones all adding it by themselves and hppa
was missed.
I'm not entirely sure about the usage of GLIBC_2.19 symbols here.
We'd like to backport this so people can use it, but it means we'd
be releasing a glibc-2.17/glibc-2.18 with a GLIBC_2.19 symbol in it.
But maybe it won't be a big deal since you'd only get that 2.19 ref
if you actually used the symbol ?
There hasn't been a glibc release where hppa worked w/out a bunch of
patches, so in reality there's only two distros that matter -- Gentoo
and Debian.
URL: https://bugs.gentoo.org/480268 Reported-by: Jeroen Roovers <jer@gentoo.org> Signed-off-by: Mike Frysinger <vapier@gentoo.org>
(cherry picked from commit 18d4371683fbe347bf4fbaef05d18b5a4918887a)
Mike Frysinger [Fri, 16 Aug 2013 19:10:41 +0000 (15:10 -0400)]
mips: add clock_{g,s}ettime symbol compat hacks
we kind of screwed ourselves into a corner by having the clock symbols
exported only with the glibc-2.0 version ... this patch fixes the
export so all new binaries built against librt will use the correct
glibc-2.2 symbol version
David Lamparter [Fri, 16 Aug 2013 19:06:34 +0000 (15:06 -0400)]
arm: fix PIC vs SHARED typos
the logic in setjmp/__longjmp incorrectly tie to "PIC" to figure out
whether the code is going into a shared library when it should be using
"SHARED". otherwise, building static PIC code goes wrong.
when glibc runs its tests, it does so by invoking the local library loader.
in Gentoo, we build/run inside of our "sandbox" which itself is linked against
libdl (so that it can load libraries and pull out symbols). the trouble
is that when you upgrade from an older glibc to the new one, often times
internal symbols change name or abi. this is normally OK as you cannot use
libc.so from say version 2.3.6 but libpthread.so from say version 2.5, so
we always say "keep all of the glibc libraries from the same build". but
when glibc runs its tests, it uses dynamic paths to point to its new local
copies of libraries. if the test doesnt use libdl, then glibc doesnt add
its path, and when sandbox triggers the loading of libdl, glibc does so
from the host system system. this gets us into the case of all libraries
are from the locally compiled version of glibc except for libdl.so.
Mike Frysinger [Sat, 4 May 2013 18:07:11 +0000 (14:07 -0400)]
disable ldconfig during install
do not bother running ldconfig on DESTDIR. it wants to write the temp cache
file outside of the chroot. doesnt matter anyways as we wont use the cache
results (portage will rebuild cache), so running ldconfig is simply a waste
of time.
PowerPC: use _dl_static_init to set GLRO(gl_pagesize)
This patch fixes dlfcn/tststatic5 for PowerPC where pagesize
variable was not properly initialized in certain cases. This patch
is based on other architecture code.
Carlos O'Donell [Fri, 19 Jul 2013 06:42:03 +0000 (02:42 -0400)]
CVE-2013-2207, BZ #15755: Disable pt_chown.
The helper binary pt_chown tricked into granting access to another
user's pseudo-terminal.
Pre-conditions for the attack:
* Attacker with local user account
* Kernel with FUSE support
* "user_allow_other" in /etc/fuse.conf
* Victim with allocated slave in /dev/pts
Using the setuid installed pt_chown and a weak check on whether a file
descriptor is a tty, an attacker could fake a pty check using FUSE and
trick pt_chown to grant ownership of a pty descriptor that the current
user does not own. It cannot access /dev/pts/ptmx however.
In most modern distributions pt_chown is not needed because devpts
is enabled by default. The fix for this CVE is to disable building
and using pt_chown by default. We still provide a configure option
to enable hte use of pt_chown but distributions do so at their own
risk.
Carlos O'Donell [Tue, 16 Jul 2013 21:55:43 +0000 (17:55 -0400)]
BZ #15711: Avoid circular dependency for syscall.h
The generated header is compiled with `-ffreestanding' to avoid any
circular dependencies against the installed implementation headers.
Such a dependency would require the implementation header to be
installed before the generated header could be built (See bug 15711).
In current practice the generated header dependencies do not include
any of the implementation headers removed by the use of `-ffreestanding'.
---
2013-07-15 Carlos O'Donell <carlos@redhat.com>
[BZ #15711]
* sysdeps/unix/sysv/linux/Makefile ($(objpfx)bits/syscall%h):
Avoid system header dependency with -ffreestanding.
($(objpfx)bits/syscall%d): Likewise.
Chris Metcalf [Wed, 3 Jul 2013 18:48:39 +0000 (14:48 -0400)]
tile: use _dl_static_init to set GLRO(gl_pagesize)
A recently-added test (dlfcn/tststatic5) pointed out that tile was not
properly initializing the variable pagesize in certain cases. This
change just copies the existing code from MIPS.
Chris Metcalf [Wed, 3 Jul 2013 15:23:01 +0000 (11:23 -0400)]
tile: use soft-fp for fma() and fmaf()
The sfp-machine.h is based on the gcc version, but extended with
required new macros by comparison with other architectures and by
investigating the hardware support for FP on tile.
Andi Kleen [Thu, 27 Jun 2013 18:15:06 +0000 (11:15 -0700)]
Disable elision for any pthread_mutexattr_settype call
PTHREAD_MUTEX_NORMAL requires deadlock for nesting, DEFAULT
does not. Since glibc uses the same value (0) disable elision
for any call to pthread_mutexattr_settype() with a 0 value.
This implies that a program can disable elision by doing
pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_NORMAL)
Andi Kleen [Sat, 22 Dec 2012 09:03:04 +0000 (01:03 -0800)]
Add elision to pthread_mutex_{try,timed,un}lock
Add elision paths to the basic mutex locks.
The normal path has a check for RTM and upgrades the lock
to RTM when available. Trylocks cannot automatically upgrade,
so they check for elision every time.
We use a 4 byte value in the mutex to store the lock
elision adaptation state. This is separate from the adaptive
spin state and uses a separate field.
Condition variables currently do not support elision.
Recursive mutexes and condition variables may be supported at some point,
but are not in the current implementation. Also "trylock" will
not automatically enable elision unless some other lock call
has been already called on the lock.
This version does not use IFUNC, so it means every lock has one
additional check for elision. Benchmarking showed the overhead
to be negligible.
Andi Kleen [Fri, 28 Jun 2013 12:19:37 +0000 (05:19 -0700)]
Add minimal test suite changes for elision enabled kernels
tst-mutex5 and 8 test some behaviour not required by POSIX,
that elision changes. This changes these tests to not check
this when elision is enabled at configure time.
Andi Kleen [Sat, 10 Nov 2012 08:51:26 +0000 (00:51 -0800)]
Add the low level infrastructure for pthreads lock elision with TSX
Lock elision using TSX is a technique to optimize lock scaling
It allows to run locks in parallel using hardware support for
a transactional execution mode in 4th generation Intel Core CPUs.
See http://www.intel.com/software/tsx for more Information.
This patch implements a simple adaptive lock elision algorithm based
on RTM. It enables elision for the pthread mutexes and rwlocks.
The algorithm keeps track whether a mutex successfully elides or not,
and stops eliding for some time when it is not.
When the CPU supports RTM the elision path is automatically tried,
otherwise any elision is disabled.
The adaptation algorithm and its tuning is currently preliminary.
The code adds some checks to the lock fast paths. Micro-benchmarks
show little to no difference without RTM.
This patch implements the low level "lll_" code for lock elision.
Followon patches hook this into the pthread implementation
Changes with the RTM mutexes:
-----------------------------
Lock elision in pthreads is generally compatible with existing programs.
There are some obscure exceptions, which are expected to be uncommon.
See the manual for more details.
- A broken program that unlocks a free lock will crash.
There are ways around this with some tradeoffs (more code in hot paths)
I'm still undecided on what approach to take here; have to wait for testing reports.
- pthread_mutex_destroy of a lock mutex will not return EBUSY but 0.
- There's also a similar situation with trylock outside the mutex,
"knowing" that the mutex must be held due to some other condition.
In this case an assert failure cannot be recovered. This situation is
usually an existing bug in the program.
- Same applies to the rwlocks. Some of the return values changes
(for example there is no EDEADLK for an elided lock, unless it aborts.
However when elided it will also never deadlock of course)
- Timing changes, so broken programs that make assumptions about specific timing
may expose already existing latent problems. Note that these broken programs will
break in other situations too (loaded system, new faster hardware, compiler
optimizations etc.)
- Programs with non recursive mutexes that take them recursively in a thread and
which would always deadlock without elision may not always see a deadlock.
The deadlock will only happen on an early or delayed abort (which typically
happens at some point)
This only happens for mutexes not explicitely set to PTHREAD_MUTEX_NORMAL
or PTHREAD_MUTEX_ADAPTIVE_NP. PTHREAD_MUTEX_NORMAL mutexes do not elide.
The elision default can be set at configure time.
This patch implements the basic infrastructure for elision.
projects / thirdparty / glibc.git / log
