| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
When MD_FALLBACK_FRAME_STATE_FOR handler in libgcc unwind code checks
the second instruction opcode in __default_rt_sa_restorer function,
it expects to see the following values for ARC cores:
- 0x7ee0781e for ARCv2 LE
- 0x003f226f for ARC700 LE
ARC700 value correspond to trap0 instruction. ARCv2 value corresponds
to the following code:
traps_0
j_s [blink]
However, unlike glibc, uClibc implementation of __default_rt_sa_restorer
for ARC does not have that jump. Hence libgcc unwind code is not able
to recognize signal frame correctly on ARCv2 and completes too early.
This change fixes libgcc unwinding over signal frame on ARCv2 adding
missing jump to __default_rt_sa_restorer.
Signed-off-by: Sergey Matyukevich <sergey.matyukevich@synopsys.com>
|
|
Fixes those two warnings:
In file included from <command-line>:
libc/sysdeps/linux/common/openat64.c:18:33: warning: 'openat64' alias between functions of incompatible types 'int(int, const char *, int, ...)' and 'int(int, const char *, int, mode_t)' {aka 'int(int, const char *, int, unsigned int)'} [-Wattribute-alias=]
18 | strong_alias_untyped(__openat64,openat64)
| ^~~~~~~~
./include/libc-symbols.h:177:31: note: in definition of macro '_strong_alias_untyped'
177 | extern __typeof (aliasname) aliasname __attribute__ ((alias (#name))) __attribute_copy__ (name);
| ^~~~~~~~~
libc/sysdeps/linux/common/openat64.c:18:1: note: in expansion of macro 'strong_alias_untyped'
18 | strong_alias_untyped(__openat64,openat64)
| ^~~~~~~~~~~~~~~~~~~~
libc/sysdeps/linux/common/openat64.c:14:12: note: aliased declaration here
14 | static int __openat64(int fd, const char *file, int oflag, mode_t mode)
| ^~~~~~~~~~
and
CC libc/sysdeps/linux/common/stat.os
libc/sysdeps/linux/common/stat.c: In function 'stat':
libc/sysdeps/linux/common/stat.c:28:40: warning: passing argument 3 of 'fstatat64' from incompatible pointer type [-Wincompatible-pointer-types]
28 | return fstatat64(AT_FDCWD, file_name, buf, 0);
| ^~~
| |
| struct stat *
In file included from libc/sysdeps/linux/common/stat.c:11:
./include/sys/stat.h:258:35: note: expected 'struct stat64 * restrict' but argument is of type 'struct stat *'
258 | struct stat64 *__restrict __buf, int __flag)
| ~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
- use the provided __res_state() method instead of direct access
to struct __res_state pointer &_res/*__resp
- change the __UCLIBC_HAS_TLS__ protected __res_state() implementation
to the one where the comment 'When threaded, _res may be a per-thread
variable.' indicates this should be used with threads/TLS enabled
Fixes the following segfaults with buildroot raspberrypi3_64_defconfig
(uclibc, -Os, Note: runs fine using the raspberrypi3_defconfig):
$ /usr/sbin/ntpd -n -d
1970-01-01T00:01:49 ntpd[249]: INIT: ntpd ntpsec-1.2.0 2021-11-03T20:39:50Z: Starting
1970-01-01T00:01:49 ntpd[249]: INIT: Command line: /usr/sbin/ntpd -n -d
1970-01-01T00:01:49 ntpd[249]: INIT: precision = 7.240 usec (-17)
1970-01-01T00:01:49 ntpd[249]: INIT: successfully locked into RAM
1970-01-01T00:01:49 ntpd[249]: CONFIG: readconfig: parsing file: /etc/ntp.conf
1970-01-01T00:01:49 ntpd[249]: CONFIG: restrict nopeer ignored
1970-01-01T00:01:49 ntpd[249]: INIT: Using SO_TIMESTAMPNS
1970-01-01T00:01:49 ntpd[249]: IO: Listen and drop on 0 v6wildcard [::]:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 2 lo 127.0.0.1:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 3 eth0 172.16.0.30:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 4 lo [::1]:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 5 eth0 [fe80::ba27:ebff:fea6:340%2]:123
1970-01-01T00:01:49 ntpd[249]: IO: Listening on routing socket on fd #22 for interface updates
1970-01-01T00:01:50 ntpd[249]: SYNC: Found 10 servers, suggest minsane at least 3
1970-01-01T00:01:50 ntpd[249]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
1970-01-01T00:01:50 ntpd[249]: statistics directory /var/NTP/ does not exist or is unwriteable, error No such file or directory
1970-01-01T00:01:51 ntpd[249]: DNS: dns_probe: 0.pool.ntp.org, cast_flags:8, flags:101
Segmentation fault (core dumped)
$ ./host/bin/aarch64-buildroot-linux-uclibc-gdb ./build/ntpsec-1_2_0/build/main/ntpd/ntpd core
Core was generated by `/usr/sbin/ntpd -n -d'.
Program terminated with signal SIGSEGV, Segmentation fault.
(gdb) where
#0 0x0000007f8ff1f150 in res_sync_func () at libc/inet/resolv.c:3356
#1 0x0000007f8ff1c468 in __open_nameservers () at libc/inet/resolv.c:949
#2 0x0000007f8ff1b498 in __dns_lookup (name=0x55943c67f0 "0.pool.ntp.org",
type=1, outpacket=0x7f8fe91c48, a=0x7f8fe91c08) at libc/inet/resolv.c:1134
#3 0x0000007f8ff1d744 in __GI_gethostbyname_r (
name=0x55943c67f0 "0.pool.ntp.org", result_buf=0x7f8fe92628,
buf=0x7f8fe91d90 "", buflen=992, result=0x7f8fe92670,
h_errnop=0x7f8fe92668) at libc/inet/resolv.c:1966
#4 0x0000007f8ff1d9a0 in __GI_gethostbyname2_r (
name=0x55943c67f0 "0.pool.ntp.org", family=2, result_buf=0x7f8fe92628,
buf=0x7f8fe91d70 "0.pool.ntp.org", buflen=1024, result=0x7f8fe92670,
h_errnop=0x7f8fe92668) at libc/inet/resolv.c:2065
#5 0x0000007f8ff16924 in gaih_inet (name=0x55943c67f0 "0.pool.ntp.org",
service=0x7f8fe92828, req=0x7f8fe92890, pai=0x7f8fe92838)
at libc/inet/getaddrinfo.c:596
#6 0x0000007f8ff17624 in __GI_getaddrinfo (
name=0x55943c67f0 "0.pool.ntp.org",
service=0x5582eb8acd "\377H\213D$\bL\211\367H\213\260\270",
hints=0x7f8fe92890, pai=0x5582ee1bf8) at libc/inet/getaddrinfo.c:957
#7 0x0000005582ea60f4 in _start ()
(gdb) p _res
$1 = {options = 0, nsaddr_list = {{sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, {
sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}}, dnsrch = {0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0}, nscount = 0 '\000', ndots = 0 '\000',
retrans = 0 '\000', retry = 0 '\000', defdname = '\000' <repeats 255 times>,
nsort = 0 '\000', pfcode = 0, id = 0, res_h_errno = 0, sort_list = {{addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}}, _u = {
_ext = {nsaddrs = {0x0, 0x0, 0x0}, nscount = 0 '\000', nstimes = {0, 0,
0}, nssocks = {0, 0, 0}, nscount6 = 0, nsinit = 0}}}
(gdb) p &_res
$2 = (struct __res_state *) 0x7f8ff8fd98 <_res>
(gdb) p rp
$3 = (struct __res_state *) 0x7fffffffff
And the following uclibc code at libc/inet/resolv.c:3356:
3345 static void res_sync_func(void)
3346 {
3347 struct __res_state *rp = &(_res);
3348 int n;
3349
3350 /* If we didn't get malloc failure earlier... */
3351 if (__nameserver != (void*) &__local_nameserver) {
3352 /* TODO:
3353 * if (__nameservers < rp->nscount) - try to grow __nameserver[]?
3354 */
3355 #ifdef __UCLIBC_HAS_IPV6__
3356 if (__nameservers > rp->_u._ext.nscount)
3357 __nameservers = rp->_u._ext.nscount;
3358 n = __nameservers;
The special thing about ntpsec is the DNS lookup in an extra thread
and/or the call to res_init(), see ntpsec-1_2_0/ntpd/ntp_dns.c:
69 msyslog(LOG_INFO, "DNS: dns_probe: %s, cast_flags:%x, flags:%x%s",
70 hostname, pp->cast_flags, pp->cfg.flags, busy);
71 if (NULL != active) /* normally redundant */
72 return false;
73
74 active = pp;
75
76 sigfillset(&block_mask);
77 pthread_sigmask(SIG_BLOCK, &block_mask, &saved_sig_mask);
78 rc = pthread_create(&worker, NULL, dns_lookup, pp);
and
165 static void* dns_lookup(void* arg)
166 {
167 struct peer *pp = (struct peer *) arg;
168 struct addrinfo hints;
169
170 #ifdef HAVE_SECCOMP_H
171 setup_SIGSYS_trap(); /* enable trap for this thread */
172 #endif
173
174 #ifdef HAVE_RES_INIT
175 /* Reload DNS servers from /etc/resolv.conf in case DHCP has updated it.
176 * We only need to do this occasionally, but it's not expensive
177 * and simpler to do it every time than it is to figure out when
178 * to do it.
179 * This res_init() covers NTS too.
180 */
181 res_init();
182 #endif
183
184 if (pp->cfg.flags & FLAG_NTS) {
185 #ifndef DISABLE_NTS
186 nts_probe(pp);
187 #endif
188 } else {
189 ZERO(hints);
190 hints.ai_protocol = IPPROTO_UDP;
191 hints.ai_socktype = SOCK_DGRAM;
192 hints.ai_family = AF(&pp->srcadr);
193 gai_rc = getaddrinfo(pp->hostname, NTP_PORTA, &hints, &answer);
194 }
$ /usr/lib/uclibc-ng-test/test/inet/tst-res
Segmentation fault (core dumped)
$ ./host/bin/aarch64-buildroot-linux-uclibc-gdb ./build/uclibc-ng-test-0844445e7358eb10e716155b55b0fb23e88d644a/test/inet/tst-res core
Core was generated by `/usr/lib/uclibc-ng-test/test/inet/tst-res'.
Program terminated with signal SIGSEGV, Segmentation fault.
(gdb) where
#0 __GI___res_init () at libc/inet/resolv.c:3514
#1 0x0000005591e507e4 in main (argc=<optimized out>, argv=<optimized out>)
at tst-res.c:20
First reported here:
https://lore.kernel.org/buildroot/20211028230131.5f50d6e7@gmx.net/
https://www.mail-archive.com/devel@uclibc-ng.org/msg01085.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
|
|
|
|
… using the same rules glibc does
also call __hnbad in some places to check answers
|
|
they merely call dn_{comp,expand} slightly rearranging the arguments
Signed-off-by: mirabilos <mirabilos@evolvis.org>
|
|
Signed-off-by: mirabilos <mirabilos@evolvis.org>
|
|
Minimal-invasive change: just ifdeffing away the older code.
There is no reason to have two different sets of functions doing
the same thing, one used in half the code and another, doing less
escaping, in the other half; just use one.
Signed-off-by: mirabilos <mirabilos@evolvis.org>
|
|
default
This patch fixes segfault of all user space processes (including init, which caused a panic) on recent buildroot powerpc32 builds.
The issue has been reported by Romain Naour in this thread: https://mailman.uclibc-ng.org/pipermail/devel/2021-May/002068.html
Recent buildroot toolchain enables secure PLT in powerpc gcc.
The latter will then supply -msecure-plt to gas invocations by default.
Recent buildroot also enables PIE by defaults.
For the secure PLT to work in PIC, the r30 register needs to point to the GOT.
Old "bss plt" was just a one-instruction-wide PLT slot, pointed-to by a R_PPC_JMP_SLOT relocation, which was written on-the-fly to contain a branch instruction to the correct address. It therefore had to stay writable.
New secure PLT only contains read-only code which loads the branch address from the writable GOT.
Note: secure PLT without PIC does not need r30 to be set. Because offset between plt stub code and got is known at link-time. In this case the PLT entry looks like:
1009b3e0 <__uClibc_main@plt>:
1009b3e0: 3d 60 10 0e lis r11,4110
1009b3e4: 81 6b 03 74 lwz r11,884(r11)
1009b3e8: 7d 69 03 a6 mtctr r11
1009b3ec: 4e 80 04 20 bctr
Whereas secure PLT with PIC - offset between plt and got is unknown at link-time - looks like this:
000af800 <00000000.plt_pic32.__uClibc_main>:
af800: 81 7e 03 80 lwz r11,896(r30)
af804: 7d 69 03 a6 mtctr r11
af808: 4e 80 04 20 bctr
af80c: 60 00 00 00 nop
Signed-off-by: Yann Sionneau <yann@sionneau.net>
|
|
Since Linux 3.11, O_TMPFILE allows to create unnamed files that can be
linked later on. It is internally defined as (O_TMPFILE | O_DIRECTORY)
to make it fail on old kernels.
Copying definitions from glibc for O_TMPFILE is not enough to support
O_TMPFILE; The open() wrapper also need to pass the mode when the flag
contains O_TMPFILE, otherwise, it will pass mode 000 which will succeed
but yield unexpected results.
openat() is curiously not affected since it passes the mode
unconditionally..
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
|
|
The F_DUPFD_CLOEXEC flag was added in POSIX 2008.09.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
|
|
|
|
|
|
Building uclibc 1.0.37 for SuperH architecture with linux-headers 5.10.7
fails at libpthread level due to missing time-related data structures,
usually defined by the kernel.
Define those missing data structures in SuperH-specific kernel_types.h.
Context: building for sh4eb-r2d[1] and sh4-r2d[1] boards emulations for
QEMU using the buildroot image generation tool.
Regarding the issue, a patch[3] was already issued in the kernel some
time ago, which aimed to solve precisely this problem. After coming up
with a quick and dirty patch for buildroot modifying Linux headers[4],
some discussion was sparked on the subject with Linux folks[5]. Some
analyzing later, conclusion was that:
1) Previously mentioned patch[4] was fixing the symptom, not the ill
2) SuperH-specific code in uclibc could be patched instead, to solve
the problem for other use cases (e.g. building just a toolchain)
[1] https://git.buildroot.net/buildroot/tree/configs/qemu_sh4eb_r2d_defconfig?h=2020.02.9
[2] https://git.buildroot.net/buildroot/tree/configs/qemu_sh4_r2d_defconfig?h=2020.02.9
[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc94cf2092c7c1267fa2deb8388d624f50eba808
[4] https://git.buildroot.net/buildroot/commit/?id=742f37de8d0e3797698411dfc6a63bd7e98aafe2
[5] https://patchwork.kernel.org/project/linux-sh/patch/20210123165652.10884-1-geoffrey.legourrierec@gmail.com/
Signed-off-by: Geoffrey Le Gourriérec <geoffrey.legourrierec@gmail.com>
|
|
malloc-simple allocator
Two things are fixed by this commit:
1/ It is wrong to allocate an object of size > PTRDIFF_MAX.
It is explained in this thread: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63303
2/ There was a possible integer overflow in both malloc() and memalign() implementations
of stdlib/malloc-simple.
The malloc() integer overflow issue is fixed by the side effect of fixing the PTRDIFF_MAX issue.
The memalign() one is fixed by adding a comparison.
Signed-off-by: Yann Sionneau <yann@sionneau.net>
|
|
Previous implementation was respecting the man page description
of what the function should do.
Also the function does not seem to be defined by POSIX.
But... to be really useful the function needs to handle
option matching and not just substring matching.
This is copy pasted from glibc.
This fixes issue reported by https://github.com/wbx-github/uclibc-ng/issues/8
that can happen for instance there: https://github.com/frida/glib/blob/master/gio/gunixmounts.c#L622
Signed-off-by: Yann Sionneau <yann@sionneau.net>
|
|
This commit adds support for Kalray VLIW family (kvx)
Kalray kv3 core is embedded in Kalray Coolidge SoC. This core which is the
third of the KV family has the following features:
32/64 bits execution mode
6-issue VLIW architecture
64 x 64bits general purpose registers
SIMD instructions
little-endian
In order to build a usable toolchain, build scripts are provided at the
following address: https://github.com/kalray/build-scripts.
Kalray uses FOSS which is available at https://github.com/kalray
This includes Linux kernel, uClibc-ng, gcc, binutils, etc.
Signed-off-by: Clément Léger <cleger@kalray.eu>
Signed-off-by: Guillaume Thouvenin <gthouvenin@kalray.eu>
Signed-off-by: Laurent Thevenoux <lthevenoux@kalray.eu>
Signed-off-by: Marc Poulhies <mpoulhies@kalray.eu>
Signed-off-by: Marius Gligor <mgligor@kalray.eu>
Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
Fixes this:
libc/string/generic/strlen.c: In function 'strlen':
libc/string/generic/strlen.c:31:31: warning: variable 'magic_bits' set but not used [-Wunused-but-set-variable]
unsigned long int longword, magic_bits, himagic, lomagic;
^~~~~~~~~~
Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
Fixes this:
libc/misc/internals/tempname.c: In function 'brain_damaged_fillrand':
libc/misc/internals/tempname.c:155:0: warning: "L" redefined
#define L ((UINT32_MAX % NUM_LETTERS + 1) % NUM_LETTERS)
In file included from ./libpthread/nptl/sysdeps/unix/sysv/linux/lowlevellock.h:24:0,
from ./include/bits/libc-lock.h:35,
from ./include/bits/stdio-lock.h:22,
from ./include/bits/uClibc_mutex.h:73,
from ./include/bits/uClibc_stdio.h:83,
from ./include/stdio.h:71,
from libc/misc/internals/tempname.c:35:
./libc/sysdeps/linux/kvx/sysdep.h:40:0: note: this is the location of the previous definition
# define L(name) $L##name
Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
Fixes this:
In file included from libc/misc/fnmatch/fnmatch.c:235:0:
libc/misc/fnmatch/fnmatch_loop.c: In function 'internal_fnmatch':
libc/misc/fnmatch/fnmatch_loop.c:207:21: warning: initialization discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
CHAR *p_init = p;
^
libc/misc/fnmatch/fnmatch_loop.c:208:21: warning: initialization discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
CHAR *n_init = n;
Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
Signed-off-by: akater <nuclearspace@gmail.com>
|
|
Kernel stat/stat64 structure and uClibc-ng ones were not
in sync regarding the timespec fields.
Kernel had them but uClibc did not expose it in some cases.
Man page says that stat struct should have timespec fields if:
* _POSIX_C_SOURCE is defined to 200809L or greater
or
* _XOPEN_SOURCE is defined to 700 or greater
or
* _BSD_SOURCE is defined
or
* _SVID_SOURCE is defined
In the case of buildroot vim build, neither _BSD_SOURCE nor _SVID_SOURCE were defined.
Only _POSIX_C_SOURCE and _XOPEN_SOURCE were defined.
uClibc-ng header only checked for _BSD_SOURCE and _SVID_SOURCE via __USE_MISC.
This patch adds a check to __USE_XOPEN2K8 which is defined
if _POSIX_C_SOURCE >= 200809L or _XOPEN_SOURCE >= 700
This for instance fixes a crash at startup of vim (not the busybox one) on aarch64 and all other
arch where in kernel STAT_HAVE_NSEC is set and where stat.h in uClibc-ng comes from libc/sysdeps/linux/common-generic/bits
Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
This reverts commit 5b58a1ebd89a4f05778441814e81817c82193fa3.
This breaks all static builds earlier to gcc 10 :(
Bad testing on my side.
|
|
copied from musl 1.2.1.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
|
|
Always use the systemcall as uClibc-ng has no vdso support.
Tested with libffi and python in qemu-system-riscv64.
|
|
Reported-By: akater <nuclearspace@gmail.com>
|
|
Starting with GCC-10 multiple definitions of global variables by will be
rejected.
https://gcc.gnu.org/gcc-10/porting_to.html
This fixes multiple definitions of _dl_pagesize and _dl_tls_static_size
while attempting static linking.
Of course this only occurs when compiling something that requires these
symbols.
First patch submission so hopefully all done correctly.
thanks,
Lance Fredrickson
From e0686f7c03ce8e51ccffefeb6365e50311e6dd10 Mon Sep 17 00:00:00 2001
From: lancethepants <lancethepants@gmail.com>
Date: Wed, 15 Jul 2020 13:09:26 -0600
Subject: [PATCH] Starting with GCC-10 multiple definitions of global variables
by will be rejected. This fixes multiple definitions of _dl_pagesize and
_dl_tls_static_size while attempting static linking.
|
|
Add XCHAL definitions for S32C1I and EXCLUSIVE options to
xtensa-config.h, include it in places that implement atomic operations
and add implementations with exclusive access option opcodes.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
|
|
Replace "a" constraints with "+m" to avoid forcing atomic variable
address into a register and let the compiler use non-zero offset in
load/store opcodes.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
|
|
Rename various spare fields in structs to include a namespace
This should avoid accidental clashes with uses of the __unused symbol
in upstream projects. eg currently it causes a compile error in dhcpcd 8.x
due to their re-use of the __unused symbol as a macro
This follows the style of glibc which does something equivalent
|
|
Import musl C sockatmark implementation into uClibc-ng.
Signed-off-by: Clement Leger <cleger@kalray.eu>
Acked-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
From [1]
"GCC 10 (PR 91233) won't silently allow registers that are not architecturally
available to be present in the clobber list anymore, resulting in build failure
for mips*r6 targets in form of:
...
.../sysdep.h:146:2: error: the register ‘lo’ cannot be clobbered in ‘asm’ for the current target
146 | __asm__ volatile ( \
| ^~~~~~~
This is because base R6 ISA doesn't define hi and lo registers w/o DSP extension.
This patch provides the alternative definitions of __SYSCALL_CLOBBERS for r6
targets that won't include those registers."
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=020b2a97bb15f807c0482f0faee2184ed05bcad8
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Waldemar Brodkorb <wbx@openadk.org>
|
|
|
|
Safe-Linking alignment checks should be done on the user's buffer and not
the mchunkptr. The new check adds support for cases in which:
MALLOC_ALIGNMENT != 2*(sizeof(size_t))
The default case for both 32 bits and 64 bits was already supported, and
this patch adds support for the described irregular case.
|
|
|
|
Safe-Linking is a security mechanism that protects single-linked
lists (such as the fastbins) from being tampered by attackers. The
mechanism makes use of randomness from ASLR (mmap_base), and when
combined with chunk alignment integrity checks, it protects the
pointers from being hijacked by an attacker.
While Safe-Unlinking protects double-linked lists (such as the small
bins), there wasn't any similar protection for attacks against
single-linked lists. This solution protects against 3 common attacks:
* Partial pointer override: modifies the lower bytes (Little Endian)
* Full pointer override: hijacks the pointer to an attacker's location
* Unaligned chunks: pointing the list to an unaligned address
The design assumes an attacker doesn't know where the heap is located,
and uses the ASLR randomness to "sign" the single-linked pointers. We
mark the pointer as P and the location in which it is stored as L, and
the calculation will be:
* PROTECT(P) := (L >> PAGE_SHIFT) XOR (P)
* *L = PROTECT(P)
This way, the random bits from the address L (which start at the bits
in the PAGE_SHIFT position), will be merged with the LSB of the stored
protected pointer. This protection layer prevents an attacker from
modifying the pointer into a controlled value.
An additional check that the chunks are MALLOC_ALIGNed adds an
important layer:
* Attackers can't point to illegal (unaligned) memory addresses
* Attackers must guess correctly the alignment bits
On standard 32 bit Linux machines, an attacker will directly fail 7
out of 8 times, and on 64 bit machines it will fail 15 out of 16
times.
The proposed solution adds 3-4 asm instructions per malloc()/free()
and therefore has only minor performance implications if it has
any. A similar protection was added to Chromium's version of TCMalloc
in 2013, and according to their documentation the performance overhead
was less than 2%.
Signed-off-by: Eyal Itkin <eyalit@checkpoint.com>
|
|
It fixes tst-signal6 and friends.
Signed-off-by: Vladimir Murzin <vladimir.murzin@arm.com>
|
|
It fixes tst-cancel1 and friends.
Signed-off-by: Vladimir Murzin <vladimir.murzin@arm.com>
|
|
It fixes:
FAIL sem got 1 expected 0
failed: incorrect sem_nsems!
semget(IPC_CREAT) = 0
semctl(k) = 0
sem_nsems = 0
for aarch64.
Signed-off-by: Vladimir Murzin <vladimir.murzin@arm.com>
|
|
Similar to glibc commit
https://sourceware.org/git/?p=glibc.git;a=commit;h=6bbfc5c09fc5b5e3d4a0cddbbd4e2e457767dae7
we need to handle Linux kernel change, which removed stat64 family from default syscall set.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Waldemar Brodkorb <wbrodkorb@conet.de>
|
|
map_newlink() may abort when interface list changed between netlink
request for getting interfaces and getting addresses. This commit is
ported from the same change from glibc commit.
Signed-off-by: Vincent Hou <vincent.houyi@gmail.com>
|
|
Avoid calling select with empty sets which hangs the process
This makes uClibc-ng act like glibc and musl
Without this fix the test_poll of python3 testsuite hangs forever
Scenario of the issue:
If you call poll with only invalid file descriptors, like in python3
testsuite
(https://github.com/python/cpython/blob/master/Lib/test/test_poll.py#L83)
You will go through uClibc poll emulation code, which is based on
select syscall.
Your first call to select will fail, it will return -1 and errno will be
set to EBADF: https://github.com/wbx-github/uclibc-ng/blob/master/libc/sysdeps/linux/common/poll.c#L120
Then you will go through the for loop which tests individually each file descriptor by calling
select on each one: https://github.com/wbx-github/uclibc-ng/blob/master/libc/sysdeps/linux/common/poll.c#L163
each call will also return -1 with errno being equal to EBADF.
Therefore all pollfd will have the POLLNVAL flag in their respective revents field.
And, the most important, rset/wset/xset will stay empty.
Then the for loop ends, the "continue" makes the while loop run again.
The following select() is run again: https://github.com/wbx-github/uclibc-ng/blob/master/libc/sysdeps/linux/common/poll.c#L120
But this time the sets are empty.
If the poll was called with timeout set to -1, this select will hang forever because there is no timeout
and the sets are empty so no event will ever wake it up.
test program:
int main(void)
{
struct pollfd pfd;
int ret;
int pipe_fds[2];
pipe(pipe_fds);
close(pipe_fds[0]);
close(pipe_fds[1]);
pfd.fd = pipe_fds[0];
pfd.events = POLLIN | POLLOUT | POLLPRI;
pfd.revents = 0;
ret = poll(&pfd, 1, -1);
printf("ret: %d\n", ret);
if (ret < 0)
printf("error: %s", strerror(errno));
else {
puts("revents: ");
if (pfd.revents & POLLERR)
printf(" POLLERR");
if (pfd.revents & POLLHUP)
printf(" POLLHUP");
if (pfd.revents & POLLNVAL)
printf(" POLLNVAL");
puts("");
}
return 0;
}
This hangs on uClibc-ng aarch64 and Kalray's arch (kv3) but does the following on musl and glibc:
"
ret: 1
revents:
POLLNVAL
"
strace output of this program with uClibc *without* the patch applied:
pselect6(4, [3], [3], [3], NULL, NULL) = -1 EBADF (Bad file descriptor)
pselect6(4, [3], [3], [3], {tv_sec=0, tv_nsec=0}, NULL) = -1 EBADF (Bad file descriptor)
pselect6(0, 0x7ffffffb80, 0x7ffffffb68, 0x7ffffffb50, NULL, NULL
(never finishes)
strace output of this program with uClibc *with* the patch applied:
pselect6(4, [3], [3], [3], NULL, NULL) = -1 EBADF (Bad file descriptor)
pselect6(4, [3], [3], [3], {tv_sec=0, tv_nsec=0}, NULL) = -1 EBADF (Bad file descriptor)
write(1, "ret: 1\n", 7ret: 1
) = 7
write(1, "revents: \n", 10revents:
) = 10
write(1, " POLLNVAL\n", 10 POLLNVAL
) = 10
exit_group(0) = ?
+++ exited with 0 +++
|
|
The getenv() library call can trap under certain conditions. It compares the
passed in environment variable name (var) with the name=variables (*ep) in the
environment area and returns a pointer to the value in the environment if it
exists. To accomplish this, it does a memcmp() using the length of the passed
in name (len) for each environment variable (*ep) against the passed in name (
var). So memcmp will attempt to scan both strings for len bytes. However, if
for some reason, len is equal to or greater than 16 and longer than the length
of the *ep in the environment and the *ep resides near the end of a page
boundary while the next page is not present or mapped, the memcmp could trap
with a sigsegv error while continuing the scan with the optimization
read-ahead. However, if strncmp is used instead, there is no problem since both
source and destination scanning will stop when either reaches a terminating
NULL
|
|
Hi,
This diff fixes a typo in the PTRACE_EVENT_SECCOMP event code.
The typo itself was introduced in 2012 when syncing with glibc header
files and was itself fixed in 2013 in the glibc headers.
|
|
basically from or1k port of uClibc-ng, with fixes for structures in
pthreadtypes.h from 64 bit architectures.
18 testsuite failures counted.
|
|
|
