Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Joseph Myers
Author Date: 2024-04-19 17:03:56 UTC

Use --enable-obsolete in build-many-glibcs.py for nios2-linux-gnu

Until GCC removes Nios II support (at which point we should do so as
well), this is now needed for GCC 14 / mainline to build for
nios2-linux-gnu target.

Tested with build-many-glibcs.py (GCC mainline) for nios2-linux-gnu.

Author: Adhemerval Zanella
Author Date: 2024-04-18 19:27:11 UTC

x86: Fix bsearch for compiler that do not define __USE_EXTERN_INLINES

The bsearch is called early during process initialization on Intel
platform, before TCB has been set up; and if compiler does not
enable __extern_inline it might call the symbol which might use an
invalid thread-pointer.

Expand the bsearch implementation from stdlib-bsearch.h with a
different name.

Checked on x86_64-linux-gnu with Intel chip.

Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Charles Fol
Author Date: 2024-03-28 15:25:38 UTC

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)

Author: Wilco Dijkstra
Author Date: 2022-10-26 13:16:50 UTC

aarch64: Use memcpy_simd as the default memcpy

Since __memcpy_simd is the fastest memcpy on almost all cores, replace
the generic memcpy with it.

(cherry picked from commit 531717afbc49c5cf1d994ddf827891abc906056a)

Author: Wilco Dijkstra
Author Date: 2022-10-26 13:16:50 UTC

aarch64: Use memcpy_simd as the default memcpy

Since __memcpy_simd is the fastest memcpy on almost all cores, replace
the generic memcpy with it.

(cherry picked from commit 531717afbc49c5cf1d994ddf827891abc906056a)

Author: Szabolcs Nagy
Author Date: 2024-02-14 15:06:40 UTC

doc: add plain text readme for using GCS

Author: Sunil K Pandey
Author Date: 2023-07-26 15:34:05 UTC

x86_64: Optimize ffsll function code size.

Ffsll function randomly regress by ~20%, depending on how code gets
aligned in memory. Ffsll function code size is 17 bytes. Since default
function alignment is 16 bytes, it can load on 16, 32, 48 or 64 bytes
aligned memory. When ffsll function load at 16, 32 or 64 bytes aligned
memory, entire code fits in single 64 bytes cache line. When ffsll
function load at 48 bytes aligned memory, it splits in two cache line,
hence random regression.

Ffsll function size reduction from 17 bytes to 12 bytes ensures that it
will always fit in single 64 bytes cache line.

This patch fixes ffsll function random performance regression.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 9d94997b5f9445afd4f2bccc5fa60ff7c4361ec1)

Author: Siddhesh Poyarekar
Author Date: 2022-03-03 17:37:42 UTC

getaddrinfo: Fix leak with AI_ALL [BZ #28852]

Use realloc in convert_hostent_to_gaih_addrtuple and fix up pointers in
the result list so that a single block is maintained for
hostbyname3_r/hostbyname2_r and freed in gaih_inet. This result is
never merged with any other results, since the hosts database does not
permit merging.

Resolves BZ #28852.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: DJ Delorie <dj@redhat.com>

Author: Adhemerval Zanella
Author Date: 2020-04-13 21:09:20 UTC

linux: Set internal DIR filepos as off64_t (BZ #23960, BZ #24050)

It allows to obtain the expected entry offset on telldir and set
it correctly on seekdir on platforms where long int is smaller
than off64_t.

On such cases opendir creates a map entry between the DIR d_off
offset and the returned long int (the telldir return value).
seekdir will then set the correct offset from the internal list
using the telldir as the list key.

It also removes the overflow check on readdir and the returned value
will be truncated by the non-LFS off_t size. As Joseph has noted
in BZ #23960 comment #22, d_off is an opaque value and since
telldir/seekdir works regardless of the returned dirent d_off value.

Finally it removes the requirement to check for overflow values on
telldir (BZ #24050).

Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc-linux-gnu,
and arm-linux-gnueabihf.

Author: Adhemerval Zanella
Author Date: 2023-12-27 13:21:24 UTC

mips: Implement roundevenf with hardware floating-point rounding instruction

Author: Adhemerval Zanella
Author Date: 2023-10-27 11:14:14 UTC

x86: Expand the comment on when REP STOSB is used on memset

Author: Zack Weinberg
Author Date: 2023-09-21 18:58:05 UTC

Remove all of the remaining libcrypt code.

Completing the removal of libcrypt, delete all of its actual code.
This patch contains only file removals:

git rm -r crypt
git rm include/crypt.h
git rm $(find sysdeps -name libcrypt.abilist)
git rm $(find sysdeps -name fips-private.h)
git rm $(find sysdeps -name 'md5-*' -o -name 'sha256-*' -o -name 'sha512-*')

For this patch (not the earlier ones, I'd still be waiting) I ran the
complete testsuite and found no *new* failures. 26 tests are failing
on my machine due to probable environment issues, but they were all
failing on trunk before I started making changes, and none of them
appear to have anything to do with this patchset.

Author: Adhemerval Zanella
Author Date: 2023-09-06 16:47:35 UTC

stdio: Remove __printf_fp_buffer_2 alloca usage

And replace with a scratch_buffer.

Author: Florian Weimer
Author Date: 2023-07-06 17:24:33 UTC

Test case for bug 30619

Author: Adhemerval Zanella
Author Date: 2023-06-19 17:11:58 UTC

linux: Do not spawn a new thread for SIGEV_THREAD (BZ 30558)

Author: Joe Simmons-Talbott
Author Date: 2023-04-21 13:24:25 UTC

wcsmbs: Add wcsdup() tests. (BZ #30266)

Enable wide character testcases for wcsdup().

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

Author: Adhemerval Zanella
Author Date: 2023-04-03 18:50:35 UTC

loongarch: Fix Race conditions in pthread cancellation [BZ#12683]

By adding the required syscall_cancel.S.

Checked against a build and make check run-built-tests=no for
loongarch64-linux-gnu-lp64d.

Author: Szabolcs Nagy
Author Date: 2023-04-04 15:39:34 UTC

cheri: malloc: exact capability check in free/realloc

Capability narrowing uses a lookup table from an address to the
internally used wide capability. Keep the narrow capability in the
table instead of just the address and check it. This allows free
and realloc to check their input and only accept capabilities
exactly matching what was returned by malloc.

When a user adds restrictions on top of malloc returned capabilities
(e.g. narrower bounds), realloc could bypass those restrictions when
it simply looked up the internal wide capability for the address.

Author: Florian Weimer
Author Date: 2022-08-18 06:49:55 UTC

libio: Convert __vswprintf_internal to buffers (bug 27857)

Always null-terminate the buffer and set E2BIG if the buffer is too
small. This fixes bug 27857.

Author: Szabolcs Nagy
Author Date: 2022-11-22 13:36:29 UTC

morello README: typo and wording fixes

Author: Carlos Eduardo Seo
Author Date: 2022-08-08 19:09:37 UTC

cheri: stdio-common: Add test for %#p printf modifier

Testcase for printing capabilities.

Author: Stefan Liebler
Author Date: 2021-06-28 11:01:07 UTC

s390x: Update math: redirect roundeven function

After recent commit
447954a206837b5f153869cfeeeab44631c3fac9
"math: redirect roundeven function", building on
s390x fails with:
Error: symbol `__roundevenl' is already defined

Similar to aarch64/riscv fix, this patch redirects target
specific functions for s390x:
commit 3213ed770cbc5821920d16caa93c85e92dd7b9f6
"Update math: redirect roundeven function"

(cherry picked from commit 259a17cc98058d2576511201f85d28cb5d9de2a2)

Author: Carlos Eduardo Seo
Author Date: 2020-11-13 19:33:07 UTC

TODO(drop): aarch64: morello: CPU feature detection for Morello

Initial detection of Arm Morello architecture from the HWCAP2 bit and CPU
identification from MIDR_EL0.

TODO: not needed?
- lp64 does not have to detect
- purecap can assume morello

Author: Florian Weimer
Author Date: 2022-05-17 09:38:29 UTC

locale: localdef input files are now encoded in UTF-8

Author: Szabolcs Nagy
Author Date: 2021-12-30 17:08:36 UTC

aarch64: Move ld.so _start to separate file and drop _dl_skip_args

A separate asm file is easier to maintain than a macro that expands to
inline asm.

The RTLD_START macro is only needed now because _dl_start is local in
rtld.c, but _start has to call it, if _dl_start was made hidden then it
could be empty.

_dl_skip_args is no longer needed.

---
v4:
- adjust commit message about _dl_skip_args.
v3:
- mention _dl_skip_args
v2:
- fix typo in commit message.

Author: Szabolcs Nagy
Author Date: 2021-12-30 17:08:36 UTC

aarch64: Move ld.so _start to separate file and drop _dl_skip_args

A separate asm file is easier to maintain than a macro that expands to
inline asm.

The RTLD_START macro is only needed now because _dl_start is local in
rtld.c, but _start has to call it, if _dl_start was made hidden then it
could be empty.

_dl_skip_args is no longer needed.

---
v4:
- adjust commit message about _dl_skip_args.
v3:
- mention _dl_skip_args
v2:
- fix typo in commit message.

Author: Szabolcs Nagy
Author Date: 2021-12-30 17:08:36 UTC

aarch64: Move ld.so _start to separate file and drop _dl_skip_args

A separate asm file is easier to maintain than a macro that expands to
inline asm.

The RTLD_START macro is only needed now because _dl_start is local in
rtld.c, but _start has to call it, if _dl_start was made hidden then it
could be empty.

_dl_skip_args is no longer needed.

---
v4:
- adjust commit message about _dl_skip_args.
v3:
- mention _dl_skip_args
v2:
- fix typo in commit message.

Author: Raoni Fassina Firmino
Author Date: 2022-04-01 20:05:01 UTC

Merge branch release/2.32/master into ibm/2.32/master

Author: Szabolcs Nagy
Author Date: 2022-02-02 14:03:58 UTC

Fix elf/tst-audit25a with default bind now toolchains

This test relies on lazy binding for the executable so request that
explicitly in case the toolchain defaults to bind now.

(cherry picked from commit 80a08d0faa9b224019f895800c4d97de4e23e1aa)

Author: Fangrui Song
Author Date: 2022-03-09 01:17:05 UTC

elf: Support DT_RELR relative relocation format [BZ #27924]

PIE and shared objects usually have many relative relocations. In
2017/2018, SHT_RELR/DT_RELR was proposed on
https://groups.google.com/g/generic-abi/c/bX460iggiKg/m/GxjM0L-PBAAJ
("Proposal for a new section type SHT_RELR") and is a pre-standard. RELR
usually takes 3% or smaller space than R_*_RELATIVE relocations. The
virtual memory size of a mostly statically linked PIE is typically 5~10%
smaller.

This patch adds ELF_DYNAMIC_DO_RELR to ELF_DYNAMIC_RELOCATE.
ELF_DYNAMIC_DO_RELR is ordered before ELF_DYNAMIC_DO_REL[A] so that ifunc
resolvers that require relocated got entries have them relocated. This is
needed for ppc64 according to Alan Modra.

Author: Raoni Fassina Firmino
Author Date: 2022-02-25 13:57:31 UTC

Merge branch release/2.30/master into ibm/2.30/master

Author: Siddhesh Poyarekar
Author Date: 2022-01-19 04:13:26 UTC

getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999)

No valid path returned by getcwd would fit into 1 byte, so reject the
size early and return NULL with errno set to ERANGE. This change is
prompted by CVE-2021-3999, which describes a single byte buffer
underflow and overflow when all of the following conditions are met:

- The buffer size (i.e. the second argument of getcwd) is 1 byte
- The current working directory is too long
- '/' is also mounted on the current working directory

Sequence of events:

- In sysdeps/unix/sysv/linux/getcwd.c, the syscall returns ENAMETOOLONG
  because the linux kernel checks for name length before it checks
  buffer size

- The code falls back to the generic getcwd in sysdeps/posix

- In the generic func, the buf[0] is set to '\0' on line 250

- this while loop on line 262 is bypassed:

    while (!(thisdev == rootdev && thisino == rootino))

  since the rootfs (/) is bind mounted onto the directory and the flow
  goes on to line 449, where it puts a '/' in the byte before the
  buffer.

- Finally on line 458, it moves 2 bytes (the underflowed byte and the
  '\0') to the buf[0] and buf[1], resulting in a 1 byte buffer overflow.

- buf is returned on line 469 and errno is not set.

This resolves BZ #28769.

Signed-off-by: Qualys Security Advisory <qsa@qualys.com>
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

Author: Fangrui Song
Author Date: 2021-10-11 05:32:12 UTC

elf: Remove Intel MPX support (lazy PLT, ld.so profile, and LD_AUDIT)

Intel MPX failed to gain wide adoption and has been deprecated for a
while. GCC 9.1 removed Intel MPX support. Linux kernel removed MPX in
2019.

This patch removes the support code from the dynamic loader.

Author: Carlos-0
Author Date: 2021-07-29 05:27:56 UTC

Add generic C.UTF-8 locale (Bug 17318)

We add a new C.UTF-8 locale. This locale is not builtin to glibc, but
is provided as a distinct locale. The locale provides full support
for UTF-8 and this includes full code point sorting via strcmp-based
collation.

The collation uses a new keyword 'strcmp_collation' which drops all
collation rules and generates an empty zero rules collation to enable
strcmp usage in collation. This ensures that we get full code point
sorting for C.UTF-8 with a minimal 92 bytes of overhead (LC_COLLATE
structure information).

The new locale is added to SUPPORTED. Minimal test data for specific
code points (minus those not supported by collate-test) is provided
in C.UTF-8.in, and this verifies code point sorting is working
reasonably across the range. The locale was tested manually with the
full set of code points without failure.

The locale is harmonized with locales already shipping in Gentoo,
Debian, Ubuntu, Fedora, CentOS Stream, and RHEL. A new tst-iconv9 test
is added which verifies the C.UTF-8 locale is generally usable.

Testing for fnmatch, regexec, and recomp is provided by extending
bug-regex1, bugregex19, bug-regex4, bug-regex6, transbug, tst-fnmatch,
tst-regcomp-truncated, and tst-regex to use C.UTF-8.

Tested on x86_64 or i686 without regression.

Author: Andreas Schwab
Author Date: 2021-06-25 13:02:47 UTC

wordexp: handle overflow in positional parameter number (bug 28011)

Use strtoul instead of atoi so that overflow can be detected.

(cherry picked from commit 5adda61f62b77384718b4c0d8336ade8f2b4b35c)

Author: Szabolcs Nagy
Author Date: 2021-02-16 12:55:13 UTC

RFC elf: Fix slow tls access after dlopen [BZ #19924]

In short: __tls_get_addr checks the global generation counter,
_dl_update_slotinfo updates up to the generation of the accessed
module. If the global generation is newer than geneneration of the
module then __tls_get_addr keeps hitting the slow path that updates
the dtv.

Possible approaches i can see:

1. update to global generation instead of module,
2. check the module generation in the fast path.

This patch is 1.: it needs additional sync (load acquire) so the
slotinfo list is up to date with the observed global generation.

Approach 2. would require walking the slotinfo list at all times.
I don't know how to make that fast with many modules.

Note: in the x86_64 version of dl-tls.c the generation is only loaded
once, since relaxed mo is not faster than acquire mo load.

I have not benchmarked this yet.

Author: Szabolcs Nagy
Author Date: 2021-03-15 11:44:32 UTC

malloc: Ensure mtag code path in checked_request2size is cold

This is a workaround (hack) for a gcc optimization issue (PR 99551).
Without this the generated code may evaluate the expression in the
cold path which causes performance regression for small allocations
in the memory tagging disabled (common) case.

Author: Szabolcs Nagy
Author Date: 2021-02-09 17:59:11 UTC

aarch64: Optimize __libc_mtag_tag_zero_region

This is a target hook for memory tagging, the original was a naive
implementation. Uses the same algorithm as __libc_mtag_tag_region,
but with instructions that also zero the memory. This was not
benchmarked on real cpu, but expected to be faster than the naive
implementation.

Author: Andreas Schwab
Author Date: 2021-02-21 21:22:29 UTC

aarch64: Update ILP32 abilists for glibc 2.33

Author: Tulio Magno Quites Machado Filho
Author Date: 2020-10-02 13:18:48 UTC

powerpc64: Stop assuming new processors have VSX

VSX has been available on IBM POWER since POWER7. All IBM processors
compliant with POWER ISAs 2.07, 3.0 and 3.1 also support VSX.
This patch aims to remove a barrier for new processors as they start to
support Linux on powerpc64 while not having support for all the altivec
and vsx instructions.

Author: Szabolcs Nagy
Author Date: 2021-02-11 13:24:47 UTC

elf: Remove lazy tlsdesc relocation related code

Remove generic tlsdesc code related to lazy tlsdesc processing since
lazy tlsdesc relocation is no longer supported. This includes removing
GL(dl_load_lock) from _dl_make_tlsdesc_dynamic which is only called at
load time when that lock is already held.

Added a documentation comment too.

Author: Tulio Magno Quites Machado Filho
Author Date: 2021-02-13 21:49:56 UTC

Merge branch release/2.28/master into ibm/2.28/master

Author: Szabolcs Nagy
Author Date: 2021-01-06 11:31:04 UTC

Make libc symbols hidden in static PIE

Hidden visibility can avoid indirections and RELATIVE relocs in
static PIE libc.

The check should use IS_IN_LIB instead of IS_IN(libc) since all
symbols are defined locally in static PIE and the optimization is
useful in all libraries not just libc. However the test system
links objects from libcrypt.a into dynamic linked test binaries
where hidden visibility does not work. I think mixing static and
shared libc components in the same binary should not be supported
usage, but to be safe only use hidden in libc.a.

On some targets (i386) this optimization cannot be applied because
hidden visibility PIE ifunc functions don't work, so it is gated by
NO_HIDDEN_EXTERN_FUNC_IN_PIE.

From -static-pie linked 'int main(){}' this shaves off 71 relative
relocs on aarch64 and reduces code size by about 2k.

Author: Fangrui Song
Author Date: 2021-01-12 07:56:32 UTC

Unconditionally define __stack_chk_guard [BZ #26817]

__stack_chk_guard is currently unavailable on architectures which define
THREAD_SET_STACK_GUARD, so {gcc,clang} -fstack-protector
-mstack-protector-guard=global will fail to link due to the undefined
symbol.

Define __stack_chk_guard to make -mstack-protector-guard=global compiled
user programs work. `#define THREAD_SET_STACK_GUARD` code is moved
outside of `#ifndef __ASSEMBLER__` so that cpp can preprocess
elf/Versions.

Author: Richard Earnshaw
Author Date: 2020-12-18 19:00:49 UTC

aarch64: Add aarch64-specific files for memory tagging support

This final patch provides the architecture-specific implementation of
the memory-tagging support hooks for aarch64.

Author: Szabolcs Nagy
Author Date: 2020-12-01 10:13:18 UTC

aarch64: Use mmap to add PROT_BTI instead of mprotect [BZ #26831]

Re-mmap executable segments if possible instead of using mprotect
to add PROT_BTI. This allows using BTI protection with security
policies that prevent mprotect with PROT_EXEC.

If the fd of the ELF module is not available because it was kernel
mapped then mprotect is used and failures are ignored. To protect
the main executable even when mprotect is filtered the linux kernel
 will have to be changed to add PROT_BTI to it.

The delayed failure reporting is mainly needed because currently
_dl_process_gnu_properties does not propagate failures such that
the required cleanups happen. Using the link_map_machine struct for
error propagation is not ideal, but this seemed to be the least
intrusive solution.

Fixes bug 26831.

Author: Szabolcs Nagy
Author Date: 2020-10-28 18:10:23 UTC

aarch64: Use mmap to add PROT_BTI instead of mprotect [BZ #26831]

Re-mmap executable segments if possible instead of using mprotect
to add PROT_BTI. This allows using BTI protection with security
policies that prevent mprotect with PROT_EXEC.

If the fd of the ELF module is not available because it was kernel
mapped then mprotect is used and failures are ignored. To protect
the main executable even when mprotect is filtered the linux kernel
will have to be changed to add PROT_BTI to it.

Computing the mapping bounds follows _dl_map_object_from_fd more
closely now.

The delayed failure reporting is mainly needed because currently
_dl_process_gnu_properties does not propagate failures such that
the required cleanups happen. Using the link_map_machine struct for
error propagation is not ideal, but this seemed to be the least
intrusive solution.

Fixes bug 26831.

Author: Richard Earnshaw
Author Date: 2020-11-20 17:20:10 UTC

aarch64: Add aarch64-specific files for memory tagging support

This final patch provides the architecture-specific implementation of
the memory-tagging support hooks for aarch64.

Author: Szabolcs Nagy
Author Date: 2020-10-22 16:55:01 UTC

aarch64: Fix DT_AARCH64_VARIANT_PCS handling [BZ #26798]

The variant PCS support was ineffective because in the common case
linkmap->l_mach.plt == 0 but then the symbol table flags were ignored
and normal lazy binding was used instead of resolving the relocs early.
(This was a misunderstanding about how GOT[1] is setup by the linker.)

In practice this mainly affects SVE calls when the vector length is
more than 128 bits, then the top bits of the argument registers get
clobbered during lazy binding.

Fixes bug 26798.

(cherry picked from commit 558251bd8785760ad40fcbfeaaee5d27fa5b0fe4)

Author: Alexandra Hájková
Author Date: 2020-04-27 14:52:38 UTC

 Linux: Add execveat system call wrapper

Author: Szabolcs Nagy
Author Date: 2020-06-11 17:19:40 UTC

aarch64: add NEWS entry about branch protection support

This is a new security feature that relies on architecture
extensions and needs glibc to be built with a gcc configured
with branch protection.

Author: Szabolcs Nagy
Author Date: 2020-06-11 17:19:40 UTC

aarch64: add NEWS entry about branch protection support

This is a new security feature that relies on architecture
extensions and needs glibc to be built with a gcc configured
with branch protection.

Author: Szabolcs Nagy
Author Date: 2020-06-11 17:19:40 UTC

aarch64: add NEWS entry about branch protection support

This is a new security feature that relies on architecture
extensions and needs glibc to be built with a gcc configured
with branch protection.

Author: Szabolcs Nagy
Author Date: 2020-06-11 17:19:40 UTC

aarch64: add NEWS entry about branch protection support

This is a new security feature that relies on architecture
extensions and needs glibc to be built with a gcc configured
with branch protection.

Author: Alistair Francis
Author Date: 2020-04-08 21:43:47 UTC

Revert "Add IPPROTO_ETHERNET and IPPROTO_MPTCP from Linux 5.6 to netinet/in.h."

This reverts commit f9ac84f92f151e07586c55e14ed628d493a5929d.

Author: Tulio Magno Quites Machado Filho
Author Date: 2020-03-20 21:24:51 UTC

Merge branch release/2.26/master into ibm/2.26/master

Author: Bert Tenjy
Author Date: 2020-02-13 17:55:31 UTC

PPC64: Attach SIMD attribute to cosf, sin, sinf function declarations.

These changes were mistakenly left out of the patches that added SIMD
versions of these functions to libmvec.

Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>

Author: Florian Weimer
Author Date: 2020-02-12 12:40:26 UTC

Linux: Work around kernel bugs in chmod on /proc/self/fd paths

It appears that the ability to change symbolic link modes through such
paths is unintended. On several file systems, the operation fails with
EOPNOTSUPP, even though the symbolic link permissions are updated.
The expected behavior is a failure to update the permissions, without
file system changes.

Author: Florian Weimer
Author Date: 2020-02-12 14:36:03 UTC

nss_nisplus: Use NSS_DECLARE_MODULE_FUNCTIONS

Author: Florian Weimer
Author Date: 2020-02-09 16:07:07 UTC

microblaze: vfork syscall number is always available

Due to the built-in tables, __NR_vfork is always defined, so the
fork-based fallback code is never used.

(It appears that the vfork system call was wired up when the port was
contributed to the kernel.)

Author: Alistair Francis
Author Date: 2020-01-17 05:49:34 UTC

WIP

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>

Author: Zack Weinberg
Author Date: 2019-06-11 17:05:02 UTC

Rename sys/ucontext.h to bits/ucontext.h.

sys/ucontext.h is effectively a bits header. Its contents are
extremely system-specific, and it’s strongly associated with a
specific public header (ucontext.h) that provides a superset of its
definitions, but there are other public headers that also require some
of its definitions. This patch therefore moves it into the bits/
namespace and adjusts all the headers that refer to it. In case there
are external users, a stub is added that includes ucontext.h.

Most of the fallout changes are trivial, but aarch64, ia64 and riscv
need a little more work. aarch64 sys/ucontext.h (now bits/ucontext.h)
was including sys/procfs.h for the definition of elf_greg_t etc;
the simplest fix is to have it include bits/procfs.h instead (and then
that needs to include sys/user.h for user_regs_struct). This is not
ideal but fixing it properly would require disentangling all of the
debugger interface headers which is more than I’m up for at the moment.

ia64 bits/ptrace.h and bits/procfs.h were both including
bits/sigcontext.h, which is only licensed to be included from
signal.h. (I’m not sure how this ever worked, or why it broke with
this patch and not some previous one.) This is fixed by creating
another single-type header, bits/types/__ia64_fpreg.h, which provides
the only thing they need from bits/sigcontext.h.

s/u/s/l/riscv/makecontext.c was defining makecontext with a function
head that didn’t agree with its official prototype (in ucontext.h);
formerly that file did not include ucontext.h, only sys/ucontext.h,
so we were getting away with it, but it’s still wrong. Making the
function head match the prototype actually simplifies the code.

 * sysdeps/generic/sys/ucontext.h: Move to top level bits/ucontext.h.
 Adjust multiple inclusion guard.
 * sysdeps/arm/sys/ucontext.h: Move to sysdeps/arm/bits/ucontext.h.
 Adjust multiple inclusion guard.
 * sysdeps/i386/sys/ucontext.h: Similarly.
 * sysdeps/m68k/sys/ucontext.h: Similarly.
 * sysdeps/mips/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/aarch64/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/alpha/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/arm/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/csky/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/hppa/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/ia64/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/m68k/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/microblaze/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/mips/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/nios2/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/powerpc/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/riscv/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/s390/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/sh/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/sparc/sys/ucontext.h: Similarly.
 * sysdeps/unix/sysv/linux/x86/sys/ucontext.h: Similarly.
 * stdlib/Makefile: Install bits/ucontext.h.

 * stdlib/sys/ucontext.h: New backward compatibility stub header,
 includes ucontext.h.
 * include/sys/ucontext.h: New wrapper.

 * sysdeps/unix/sysv/linux/aarch64/bits/procfs.h: Allow inclusion
 by bits/ucontext.h as well as sys/procfs.h. Include sys/user.h.
 * sysdeps/unix/sysv/linux/aarch64/bits/ucontext.h: Include
 bits/procfs.h instead of sys/procfs.h.

 * sysdeps/unix/sysv/linux/ia64/bits/types/__ia64_fpreg.h:
 New file, contents factored out of ia64/bits/sigcontext.h and
 ia64/bits/ucontext.h.
 * sysdeps/unix/sysv/linux/ia64/Makefile:
 Install bits/types/__ia64_fpreg.h. Merge subdir=misc blocks.
 * sysdeps/unix/sysv/linux/ia64/bits/sigcontext.h
 * sysdeps/unix/sysv/linux/ia64/bits/ucontext.h:
 Include bits/types/__ia64_fpreg.h for struct ia64_fpreg.

 * sysdeps/unix/sysv/linux/ia64/bits/procfs.h:
 Include bits/types/__ia64_fpreg.h for struct ia64_fpreg.
 Don’t include bits/sigcontext.h or bits/ucontext.h.
 * sysdeps/unix/sysv/linux/ia64/sys/ptrace.h:
 Don’t include bits/sigcontext.h.

 * sysdeps/unix/sysv/linux/riscv/makecontext.c: Include
 ucontext.h, not sys/ucontext.h. Correct function head to match
 prototype in ucontext.h. Use va_arg to retrieve all arguments
 past argc.

 * sysdeps/unix/sysv/linux/s390/tst-ptrace-singleblock.c:
 Sort list of includes.

 * signal/signal.h, stdlib/ucontext.h
 * sysdeps/unix/sysv/linux/alpha/bits/procfs-prregset.h
 * sysdeps/unix/sysv/linux/ia64/sys/ptrace.h
 * sysdeps/unix/sysv/linux/riscv/bits/procfs.h
 * sysdeps/unix/sysv/linux/s390/bits/procfs.h:
 Include bits/ucontext.h, not sys/ucontext.h.

 * sysdeps/unix/sysv/linux/aarch64/sigcontextinfo.h
 * sysdeps/unix/sysv/linux/arm/sigcontextinfo.h
 * sysdeps/unix/sysv/linux/nios2/sigcontextinfo.h
 * sysdeps/unix/sysv/linux/riscv/sigcontextinfo.h:
 Include signal.h, not sys/ucontext.h.

 * sysdeps/unix/sysv/linux/arm/register-dump.h
 * sysdeps/unix/sysv/linux/csky/register-dump.h:
 Include ucontext.h, not sys/ucontext.h.

 * sysdeps/unix/sysv/linux/aarch64/ucontext_i.sym
 * sysdeps/unix/sysv/linux/alpha/ucontext-offsets.sym
 * sysdeps/unix/sysv/linux/arm/ucontext_i.sym
 * sysdeps/unix/sysv/linux/csky/abiv2/ucontext_i.sym
 * sysdeps/unix/sysv/linux/hppa/ucontext_i.sym
 * sysdeps/unix/sysv/linux/i386/ucontext_i.sym
 * sysdeps/unix/sysv/linux/ia64/sigcontext-offsets.sym
 * sysdeps/unix/sysv/linux/m68k/m680x0/ucontext_i.sym
 * sysdeps/unix/sysv/linux/powerpc/powerpc32/ucontext_i.sym
 * sysdeps/unix/sysv/linux/powerpc/powerpc64/ucontext_i.sym
 * sysdeps/unix/sysv/linux/mips/ucontext_i.sym
 * sysdeps/unix/sysv/linux/nios2/ucontext_i.sym
 * sysdeps/unix/sysv/linux/riscv/ucontext_i.sym
 * sysdeps/unix/sysv/linux/s390/ucontext_i.sym
 * sysdeps/unix/sysv/linux/sh/sh3/ucontext_i.sym
 * sysdeps/unix/sysv/linux/sh/sh4/ucontext_i.sym
 * sysdeps/unix/sysv/linux/sparc/sparc32/ucontext_i.sym
 * sysdeps/unix/sysv/linux/x86_64/ucontext_i.sym:
 Include stddef.h and signal.h; don’t include any other headers.

 * scripts/check-obsolete-constructs.py (HEADER_ALLOWED_INCLUDES)
 (SYSDEP_ALLOWED_INCLUDES): Update.

Author: Zack Weinberg
Author Date: 2019-08-19 17:51:25 UTC

Warn when gettimeofday is called with non-null tzp argument.

Since there are no known uses of gettimeofday's vestigial "get time
zone" feature that are not bugs, add a fortify-style wrapper inline to
sys/time.h that issues a warning whenever gettimeofday is called with
a second argument that is not a compile-time null pointer
constant.

At present this is only possible with GCC; clang does not implement
attribute((warning)). The wrapper is only activated when __OPTIMIZE__
is defined because it throws false positives when optimization is off,
even though it's an always-inline function.

An oversight in the implementation of __builtin_constant_p causes it
to fail to detect compile-time *pointer* constants unless they are
cast to an integer of a different size. (Loss of data in this cast is
harmless; the overall expression is still constant if and only if the
original pointer was.) This is GCC bug 95514. Thanks to
Kamil Cukrowski <kamilcukrowski@gmail.com> for the workaround.
As a precaution, I added a static assertion to debug/warning-nop.c to
make sure that the cast _is_ casting to an integer of a different
size; this is too unlikely a scenario to be worth checking in the
public header, but if someone ever adds a port where short is the
same size as intptr_t, we'll still catch it.

Author: Gabriel F. T. Gomes
Author Date: 2019-07-11 14:48:28 UTC

RFC: powerpc64le: Enable support for IEEE long double

Not for glibc-2.31 - Do not commit!

No changes since v3.

Changes since v2:

  - Added definition of LDBL_IBM128_COMPAT_VERSION and
    LDBL_IBM128_VERSION (moved from a previous commit).

Changes since v1:

  - Use __LONG_DOUBLE_USES_FLOAT128 directly.

-- 8< --
On platforms where long double may have two different formats, i.e.: the
same format as double (64-bits) or something else (128-bits), building
with -mlong-double-128 is the default and function calls in the user
program match the name of the function in Glibc. When building with
-mlong-double-64, Glibc installed headers redirect such calls to the
appropriate function.

This patch adds similar redirections to be used by user code builds in
IEEE long double mode (-mabi=ieeelongdouble). It also skips some uses
of libc_hidden_proto in internal headers, because they also produce
redirections, causing a redirection conflict.

PS: Missing NEWS entry.

Author: Vineet Gupta
Author Date: 2019-11-07 23:24:05 UTC

build-many-glibcs.py: Enable ARC hard float builds

Signed-off-by: Vineet Gupta <vgupta@synopsys.com>

Author: Florian Weimer
Author Date: 2019-12-03 08:26:03 UTC

WIP dlopen NODELETE test

Author: Florian Weimer
Author Date: 2019-11-29 15:37:58 UTC

elf: Do not run IFUNC resolvers for LD_DEBUG=unused [BZ #24214]

This commit adds missing skip_ifunc checks to aarch64, arm, i386,
sparc, and x86_64. A new test case ensures that IRELATIVE IFUNC
resolvers do not run in various diagnostic modes of the dynamic
loader.

Tested on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu,
s390-linux-gnu, s390x-linux-gnu, powerpc64le-linux-gnu. Built with
build-many-glibcs.py.

Author: Florian Weimer
Author Date: 2019-11-22 21:10:42 UTC

libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]

Commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0 ("libio: Disable
vtable validation in case of interposition [BZ #23313]") only covered
the interposable glibc 2.1 handles, in libio/stdfiles.c. The
parallel code in libio/oldstdfiles.c needs similar detection logic.

Fixes (again) commit db3476aff19b75c4fdefbe65fcd5f0a90588ba51
("libio: Implement vtable verification [BZ #20191]").

Change-Id: Ief6f9f17e91d1f7263421c56a7dc018f4f595c21
(cherry picked from commit cb61630ed712d033f54295f776967532d3f4b46a)

Author: Florian Weimer
Author Date: 2019-11-22 21:10:42 UTC

libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]

Commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0 ("libio: Disable
vtable validation in case of interposition [BZ #23313]") only covered
the interposable glibc 2.1 handles, in libio/stdfiles.c. The
parallel code in libio/oldstdfiles.c needs similar detection logic.

Fixes (again) commit db3476aff19b75c4fdefbe65fcd5f0a90588ba51
("libio: Implement vtable verification [BZ #20191]").

Change-Id: Ief6f9f17e91d1f7263421c56a7dc018f4f595c21
(cherry picked from commit cb61630ed712d033f54295f776967532d3f4b46a)

Author: Florian Weimer
Author Date: 2019-10-11 14:11:21 UTC

Implement __libc_early_init

This function is defined in libc.so, and the dynamic loader calls
right after relocation has been finished, before any ELF constructors
or the preinit function is invoked. It is also used in the static
build for initializing parts of the static libc.

To locate __libc_early_init, a direct symbol lookup function is used,
_dl_lookup_direct. It does not search the entire symbol scope and
consults merely a single link map. This function could also be used
to implement lookups in the vDSO (as an optimization).

A per-namespace variable (libc_map) is added for locating libc.so,
to avoid repeated traversals of the search scope. It is similar to
GL(dl_initfirst). An alternative would have been to thread a context
argument from _dl_open down to _dl_map_object_from_fd (where libc.so
is identified). This could have avoided the global variable, but
the change would be larger as a result. It would not have been
possible to use this to replace GL(dl_initfirst) because that global
variable is used to pass the function pointer past the stack switch
from dl_main to the main program. Replacing that requires adding
a new argument to _dl_init, which in turn needs changes to the
architecture-specific libc.so startup code written in assembler.

__libc_early_init should not be used to replace _dl_var_init (as
it exists today on some architectures). Instead, _dl_lookup_direct
should be used to look up a new variable symbol in libc.so, and
that should then be initialized from the dynamic loader, immediately
after the object has been loaded in _dl_map_object_from_fd (before
relocation is run). This way, more IFUNC resolvers which depend on
these variables will work.

Author: Florian Weimer
Author Date: 2019-11-28 11:57:25 UTC

Add --disable-major-minor-libraries configure option

This option can be used to increase compatibility with package managers.
The name was choosen to avoid confusion with all the different versions
(glibc release, soname versions, symbol versions).

This patch makes all uses of -$(version).so conditional on the new
$(major-minor-libraries) flag. The alternative install targets write
the implementation DSOs directly to the locations determined by their
sonames, skipping the creation of an intermediate symbolic link.

install-symbolic-link in Makerules is updated not to require the
$(symbolic-link-list) file because it may not exist in
--disable-major-minor-libraries mode.

I verified that by default, the install tree is the same as before
on x86_64-linux-gnu except for the changes in the manual.

Author: Florian Weimer
Author Date: 2019-11-26 13:48:56 UTC

x86: Assume --enable-cet if GCC defaults to CET [BZ #25225]

This links in CET support if GCC defaults to CET. Otherwise, __CET__
is defined, yet CET functionality is not compiled and linked into the
dynamic loader, resulting in a linker failure due to undefined
references to _dl_cet_check and _dl_open_check.

Author: Marcin Kościelnicki
Author Date: 2019-11-20 23:20:15 UTC

rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]

The problem was introduced in glibc 2.23, in commit
b9eb92ab05204df772eb4929eccd018637c9f3e9
("Add Prefer_MAP_32BIT_EXEC to map executable pages with MAP_32BIT").

(cherry picked from commit d5dfad4326fc683c813df1e37bbf5cf920591c8e)

Author: Florian Weimer
Author Date: 2019-11-11 15:09:32 UTC

WIP mul64 dlsym optimization

Change-Id: I4caf4f14deb7a106c17e3ca89bdff5cd89f9541b

Author: Florian Weimer
Author Date: 2019-11-03 10:39:56 UTC

Redefine _IO_iconv_t to store a single gconv step pointer [BZ #25097]

libio can only deal with gconv conversions which consist of a single
step. Not using __gconv_info simplifies the data structures somewhat.

This eliminates a new GCC 10 warning about subscribing an inner
zero-length array.

Tested on x86_64-linux-gnu with mainline GCC. Built with
build-many-glibcs.py, also with mainline GCC. Due to GCC PR 92039,
there are failures left on 32-bit architectures with float128 support.

Change-Id: I8b4c489b619a53154712ff32e1b6f13bb92d4203

Author: Florian Weimer
Author Date: 2019-11-02 20:40:26 UTC

Properly initialize audit cookie for the dynamic loader [BZ #25157]

The l_audit array is indexed by audit module, not audit function.

Author: Florian Weimer
Author Date: 2019-10-28 18:49:46 UTC

Remove all loaded objects if dlopen fails [BZ #20839]

Author: Florian Weimer
Author Date: 2019-10-29 11:23:48 UTC

Introduce DL_LOOKUP_FOR_RELOCATE flag for _dl_lookup_symbol_x

This will allow changes in dependency processing during non-lazy
binding, for more precise processing of NODELETE objects: During
initial relocation in dlopen, the fate of NODELETE objects is still
unclear, so objects which are depended upon by NODELETE objects
cannot immediately be marked as NODELETE.

Author: Stan Shebs
Author Date: 2019-08-14 17:20:07 UTC

Forestall a filesystem bug while building shlib.lds by using a temp file

Author: Szabolcs Nagy
Author Date: 2019-08-01 13:47:11 UTC

aarch64: Update ILP32 abilists for glibc 2.30

This will need to be merged with the initial ilp32 abilist commit.

2019-08-01 Szabolcs Nagy <szabolcs.nagy@arm.com>

 * sysdeps/unix/sysv/linux/aarch64/ilp32/libc.abilist: Update.
 * sysdeps/unix/sysv/linux/aarch64/ilp32/libpthread.abilist: Update.

Author: Zack Weinberg
Author Date: 2019-07-27 23:26:23 UTC

Remove access to legacy time zone support in gettimeofday etc.

gettimeofday and ftime are not quite fully implementable on systems
that only provide a primitive equivalent to clock_gettime, because
they can also report information about a system-wide time zone. This
mechanism has been deprecated for many years because it can only be
configured on a system-wide basis, and because it only supports the
simplest kinds of daylight-savings rules, but we’ve supported it on a
best-effort basis until now. This patch removes our support for it:

 * The type 'struct timezone' is still declared as a complete type in
   <sys/time.h>, but code that uses its fields (tz_minuteswest and
   tz_dsttime) will not compile.

 * Similarly, code that uses the 'timezone' and 'dstflag' fields of
   struct timeb will not compile anymore. (This is a willful
   violation of the older iterations of XPG that included
   sys/timeb.h; the relevant conformance tests are XFAILed.)

 * Old binaries that pass a non-NULL 'tzp' pointer to gettimeofday
   will always receive a 'struct timezone' whose tz_minuteswest and
   tz_dsttime fields are zero (as if the system were operating on UTC).

 * Similarly, old binaries that call ftime will always receive a
   'struct timeb' whose timezone and dstflag fields are zero.

 * If the 'tzp' argument to settimeofday is not NULL, the call will fail
   and set errno to ENOSYS. (This was already the case on the Hurd.)

 * glibc will always pass a second argument of NULL when invoking a
   kernel-provided gettimeofday.

 * On Alpha, the compat symbols gettimeofday@GLIBC_2.0 and
   settimeofday@GLIBC_2.0 (which used 32-bit time_t) now convert
   their arguments and call system primitives that use 64-bit time_t,
   instead of invoking legacy “osf” system calls.

ChangeLog:

 * time/sys/time.h (struct timezone): Remove tz_minuteswest
 and tz_dsttime fields; replace with padding to preserve the size.
 * time/sys/timeb.h (struct timeb): Remove timezone and dstflag
 fields; replace with padding to preserve the size.
 * conform/Makefile: XFAIL tests because struct timeb is no longer
 fully conformant with Unix98.

 * sysdeps/posix/gettimeofday.c
 * sysdeps/unix/sysv/linux/gettimeofday.c
 * sysdeps/unix/sysv/linux/aarch64/gettimeofday.c
 * sysdeps/unix/sysv/linux/powerpc/gettimeofday.c
 * sysdeps/unix/sysv/linux/x86/gettimeofday.c
 (gettimeofday): When ‘tz’ argument is not NULL, just clear it.
 Always pass a null pointer as the second argument to a
 gettimeofday (v)syscall.

 * sysdeps/unix/bsd/ftime.c: Unconditionally clear the memory that
 was formerly the ‘timezone’ and ‘dstflag’ fields of struct timeb.

 * sysdeps/unix/syscalls.list: Remove entry for settimeofday.
 * sysdeps/unix/settimeofday.c: New file.
 (settimeofday): Fail with ENOSYS if ‘tz’ argument is not NULL.

 * sysdeps/unix/sysv/linux/alpha/syscalls.list: Remove entries for
        osf_gettimeofday, osf_settimeofday, and settimeofday.
 * sysdeps/unix/sysv/linux/alpha/osf_gettimeofday.c:
 New file. Call the 64-bit gettimeofday, then convert to a
 32-bit struct timeval. On overflow, saturate the struct timeval
 and fail with EOVERFLOW.
 * sysdeps/unix/sysv/linux/alpha/osf_settimeofday.c: New file.
        Convert to a 64-bit struct timeval and call 64-bit settimeofday.
        Fail with ENOSYS if ‘tz’ argument is not NULL.

 * sunrpc/auth_des.c, sunrpc/auth_unix.c
 * sysdeps/posix/time.c, sysdeps/unix/stime.c:
 Remove unnecessary casts of NULL.

 * sysdeps/unix/sysv/linux/powerpc/time.c (time_syscall):
 Use (void *)0 instead of NULL when passing a null pointer
 as an untyped argument.

 * manual/time.texi: Remove documentation of fields of
 struct timezone. Revise text to further emphasize that
 the second argument to gettimeofday/settimeofday should
 always be a null pointer.

Author: Florian Weimer
Author Date: 2019-07-25 10:48:41 UTC

Linux: Move getdents64 to <dirent.h>

This matches the location of the declaration in musl.

Author: Florian Weimer
Author Date: 2019-07-22 12:02:40 UTC

nptl: Use uintptr_t for address diagnostic in nptl/tst-pthread-getattr

Recent GCC versions warn about the attempt to return the address of a
local variable:

tst-pthread-getattr.c: In function ‘allocate_and_test’:
tst-pthread-getattr.c:54:10: error: function returns address of local variable [-Werror=return-local-addr]
   54 | return mem;
      | ^~~
In file included from ../include/alloca.h:3,
                 from tst-pthread-getattr.c:26:
../stdlib/alloca.h:35:23: note: declared here
   35 | # define alloca(size) __builtin_alloca (size)
      | ^~~~~~~~~~~~~~~~~~~~~~~
tst-pthread-getattr.c:51:9: note: in expansion of macro ‘alloca’
   51 | mem = alloca ((size_t) (mem - target));
      | ^~~~~~

The address itself is used in a check in the caller, so using
uintptr_t instead is reasonable.

Author: Florian Weimer
Author Date: 2019-07-22 09:01:17 UTC

Linux: Include <linux/sockios.h> in <bits/socket.h> under __USE_MISC

Historically, <asm/socket.h> (which is included from <bits/socket.h>)
provided ioctl operations for sockets. User code accessed them
through <sys/socket.h>. The kernel UAPI headers have removed these
definitions in favor of <linux/sockios.h>. This commit makes them
available via <sys/socket.h> again.

Author: Szabolcs Nagy
Author Date: 2019-06-28 14:23:27 UTC

aarch64: add vector sin, cos, log and pow abi symbols

Add simple assembly implementations that fall back to scalar code,
similar to the vector exp code.

2019-07-15 Szabolcs Nagy <szabolcs.nagy@arm.com>

 * sysdeps/aarch64/fpu/Makefile: Add functions.
 * sysdeps/aarch64/fpu/Versions: Add symbols.
 * sysdeps/aarch64/fpu/libmvec_double_vlen2_cos.S: New file.
 * sysdeps/aarch64/fpu/libmvec_double_vlen2_log.S: New file.
 * sysdeps/aarch64/fpu/libmvec_double_vlen2_pow.S: New file.
 * sysdeps/aarch64/fpu/libmvec_double_vlen2_sin.S: New file.
 * sysdeps/aarch64/fpu/libmvec_float_vlen4_cosf.S: New file.
 * sysdeps/aarch64/fpu/libmvec_float_vlen4_logf.S: New file.
 * sysdeps/aarch64/fpu/libmvec_float_vlen4_powf.S: New file.
 * sysdeps/aarch64/fpu/libmvec_float_vlen4_sinf.S: New file.
 * sysdeps/aarch64/fpu/test-double-vlen2-wrappers.c: Add wrappers.
 * sysdeps/aarch64/fpu/test-float-vlen4-wrappers.c: Add wrappers.
 * sysdeps/aarch64/libm-test-ulps: Update.
 * sysdeps/unix/sysv/linux/aarch64/libmvec.abilist: Update.

Author: Florian Weimer
Author Date: 2019-05-17 09:10:51 UTC

nss_dns: Remove RES_USE_INET6 handling

Since commit 3f8b44be0a658266adff5ece1e4bc3ce097a5dbe ("resolv:
Remove support for RES_USE_INET6 and the inet6 option"),
res_use_inet6 () always evaluates to false.

Author: Florian Weimer
Author Date: 2019-05-16 10:08:37 UTC

WIP Support exotic character sets in __fxprintf [BZ #24562]

This does not quite work because vfprintf has a similar
incorrect assumption.

Author: Florian Weimer
Author Date: 2019-05-03 15:46:36 UTC

malloc/tst-mallocfork2: Use process-shared barriers

This synchronization method has a lower overhead and makes
it more likely that the signal arrives during one of the critical
functions.

Also test for fork deadlocks explicitly.

Author: Florian Weimer
Author Date: 2019-05-02 10:37:21 UTC

iconv: Use __twalk_r in __gconv_release_shlib

Author: Stan Shebs
Author Date: 2018-03-13 18:37:02 UTC

As with gettimeofday, avoid vdso for clang-compiled time()

Author: Florian Weimer
Author Date: 2018-06-06 14:02:02 UTC

ld.so: Introduce delayed relocation processing

This makes it possible to use IFUNC resolvers which depend
on relocations themselves, as long as these reloctions do
not depend on IFUNCs.

So far, delayed relocation processing is only implemented for
x86-64.

Author: Florian Weimer
Author Date: 2019-02-04 14:47:59 UTC

Restore GLIBC_PRIVATE ABI after CVE-2016-10739 fix [BZ #20018]

This commit avoids adding the __inet_aton_exact@GLIBC_PRIVATE
symbol. In master, the separately-compiled getaddrinfo
implementation in nscd needs it, however such an internal ABI change
is not desirable on a release branch if it can be avoided easily.