summary refs log tree commit diff
path: root/configure
Commit message (Collapse)AuthorAgeFilesLines
* Support for multiple versions in versioned_symbol, compat_symbolFlorian Weimer2021-03-251-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This essentially folds compat_symbol_unique functionality into compat_symbol. This change eliminates the need for intermediate aliases for defining multiple symbol versions, for both compat_symbol and versioned_symbol. Some binutils versions do not suport multiple versions per symbol on some targets, so aliases are automatically introduced, similar to what compat_symbol_unique did. To reduce symbol table sizes, a configure check is added to avoid these aliases if they are not needed. The new mechanism works with data symbols as well as function symbols, due to the way an assembler-level redirect is used. It is not compatible with weak symbols for old binutils versions, which is why the definition of __malloc_initialize_hook had to be changed. This is not a loss of functionality because weak symbols do not matter to dynamic linking. The placeholder symbol needs repeating in nptl/libpthread-compat.c now that compat_symbol is used, but that seems more obvious than introducing yet another macro. A subtle difference was that compat_symbol_unique made the symbol global automatically. compat_symbol does not do this, so static had to be removed from the definition of __libpthread_version_placeholder. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Fix not compiling ifunc tests that need gcc ifunc supportSamuel Thibault2021-03-241-0/+2
|
* configure: Remove obsolete AC_CHECK_TOOL_PREFIXNaohiro Tamura2021-02-211-1/+0
| | | | | | | | | | | | | This patch removes obsolete AC_CHECK_TOOL_PREFIX. It has been confirmed that AC_CHECK_TOOL_PREFIX is defined as NOP in GNU 'autoconf' 2.69 [1], so we can safely remove it. The 'configure' file has been deleted one blank line by the 'autoconf' 2.69 command . [1] autoconf-2.69/share/autoconf/autoconf/programs.m4 181 # AC_CHECK_TOOL_PREFIX 182 # -------------------- 183 AU_DEFUN([AC_CHECK_TOOL_PREFIX])
* configure: Check for static PIE supportSzabolcs Nagy2021-01-211-0/+13
| | | | | | | | | | | | | | Add SUPPORT_STATIC_PIE that targets can define if they support static PIE. This requires PI_STATIC_AND_HIDDEN support and various linker features as described in commit 9d7a3741c9e59eba87fb3ca6b9f979befce07826 Add --enable-static-pie configure option to build static PIE [BZ #19574] Currently defined on x86_64, i386 and aarch64 where static PIE is known to work. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* install: Replace scripts/output-format.sed with objdump -f [BZ #26559]Fangrui Song2021-01-111-19/+0
| | | | | | | | | | | | | | GNU ld and gold have supported --print-output-format since 2011. glibc requires binutils>=2.25 (2015), so if LD is GNU ld or gold, we can assume the option is supported. lld is by default a cross linker supporting multiple targets. It auto detects the file format and does not need OUTPUT_FORMAT. It does not support --print-output-format. By parsing objdump -f, we can support all the three linkers. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* config: Allow memory tagging to be enabled when configuring glibcRichard Earnshaw2020-12-211-0/+22
| | | | | | | | This patch adds the configuration machinery to allow memory tagging to be enabled from the command line via the configure option --enable-memory-tagging. The current default is off, though in time we may change that once the API is more stable.
* Remove --enable-obsolete-rpc configure flagPetr Vorel2020-07-131-18/+0
| | | | | | | | | | | | | | | | | | | | | | Sun RPC was removed from glibc. This includes rpcgen program, librpcsvc, and Sun RPC headers. Also test for bug #20790 was removed (test for rpcgen). Backward compatibility for old programs is kept only for architectures and ABIs that have been added in or before version 2.28. libtirpc is mature enough, librpcsvc and rpcgen are provided in rpcsvc-proto project. NOTE: libnsl code depends on Sun RPC (installed libnsl headers use installed Sun RPC headers), thus --enable-obsolete-rpc was a dependency for --enable-obsolete-nsl (removed in a previous commit). The arc ABI list file has to be updated because the port was added with the sunrpc symbols Tested-by: Carlos O'Donell <carlos@redhat.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Remove --enable-obsolete-nsl configure flagPetr Vorel2020-07-081-19/+1
| | | | | | | | | | | | | | | | | | | this means that *always* libnsl is only built as shared library for backward compatibility and the NSS modules libnss_nis and libnss_nisplus are not built at all, libnsl's headers aren't installed. This compatibility is kept only for architectures and ABIs that have been added in or before version 2.28. Replacement implementations based on TIRPC, which additionally support IPv6, are available from <https://github.com/thkukuk/>. This change does not affect libnss_compat which does not depended on libnsl since 2.27 and thus can be used without NIS. libnsl code depends on Sun RPC, e.g. on --enable-obsolete-rpc (installed libnsl headers use installed Sun RPC headers), which will be removed in the following commit.
* Remove NO_CTORS_DTORS_SECTIONS macroFlorian Weimer2020-05-181-53/+0
| | | | | | | | | | | This was originally added to support binutils older than version 2.22: <https://sourceware.org/ml/libc-alpha/2010-12/msg00051.html> Since 2.22 is older than the minimum required binutils version for building glibc, we no longer need this. (The changes do not impact the statically linked startup code.)
* Remove reference of --without-fp on configureAdhemerval Zanella2020-03-061-1/+2
|
* Improve IFUNC check [BZ #25506]Fangrui Song2020-03-051-1/+1
| | | | | | | | | GNU ld's RISCV port does not support IFUNC. ld -no-pie produces no relocation and the test passed incorrectly. Be more rigid by testing IRELATIVE explicitly. Tested-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* x86: Assume --enable-cet if GCC defaults to CET [BZ #25225]Florian Weimer2019-12-031-1/+22
| | | | | | | This links in CET support if GCC defaults to CET. Otherwise, __CET__ is defined, yet CET functionality is not compiled and linked into the dynamic loader, resulting in a linker failure due to undefined references to _dl_cet_check and _dl_open_check.
* Fix http: URL in 'configure'Paul Eggert2019-09-091-3/+3
| | | | | | * configure.ac: Add URL to AC_INIT so that it generates an https: URL instead of an http: URL. * configure: Regenerate.
* Prefer https to http for gnu.org and fsf.org URLsPaul Eggert2019-09-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, change sources.redhat.com to sourceware.org. This patch was automatically generated by running the following shell script, which uses GNU sed, and which avoids modifying files imported from upstream: sed -ri ' s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g ' \ $(find $(git ls-files) -prune -type f \ ! -name '*.po' \ ! -name 'ChangeLog*' \ ! -path COPYING ! -path COPYING.LIB \ ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \ ! -path manual/texinfo.tex ! -path scripts/config.guess \ ! -path scripts/config.sub ! -path scripts/install-sh \ ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \ ! -path INSTALL ! -path locale/programs/charmap-kw.h \ ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \ ! '(' -name configure \ -execdir test -f configure.ac -o -f configure.in ';' ')' \ ! '(' -name preconfigure \ -execdir test -f preconfigure.ac ';' ')' \ -print) and then by running 'make dist-prepare' to regenerate files built from the altered files, and then executing the following to cleanup: chmod a+x sysdeps/unix/sysv/linux/riscv/configure # Omit irrelevant whitespace and comment-only changes, # perhaps from a slightly-different Autoconf version. git checkout -f \ sysdeps/csky/configure \ sysdeps/hppa/configure \ sysdeps/riscv/configure \ sysdeps/unix/sysv/linux/csky/configure # Omit changes that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines git checkout -f \ sysdeps/powerpc/powerpc64/ppc-mcount.S \ sysdeps/unix/sysv/linux/s390/s390-64/syscall.S # Omit change that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
* elf/Makefile: Run IFUNC tests if binutils supports IFUNCH.J. Lu2019-02-271-0/+2
| | | | | | | | | | | | | | We should run IFUNC tests with --disable-multi-arch if the toolchain supports IFUNCs. For correctness, --disable-multi-arch must not remove IFUNC support from the loader. Tested on x86-64, x32 and i686 with and without --disable-multi-arch. * configure.ac (have-ifunc): New LIBC_CONFIG_VAR. * configure: Regenerated. * elf/Makefile: Run IFUNC tests if binutils supports IFUNC. Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
* Require GCC 6.2 or later to build glibc.Joseph Myers2019-02-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | As discussed during development for glibc 2.29, when we increased the required minimum GCC version for building glibc to GCC 5, working purely based on the times at which such requirements have been increased in the past it would be appropriate for glibc 2.30 to require GCC 6 (matching GCC 4.9 having been required for glibc 2.26). Naming 6.2 specifically as the minimum version then means a separate version requirement no longer needs to be specified for powerpc64le. Thus, this patch increases the minimum to 6.2, removing the documentation of the separate requirement for powerpc64le. It does not remove the powerpc64le configure test, or any __GNUC_PREREQ that could be removed as not being in installed headers or files shared with gnulib; I think such cleanups are best done separately. Tested for x86_64. * configure.ac (libc_cv_compiler_ok): Require GCC 6.2 or later. * configure: Regenerated. * manual/install.texi (Tools for Compilation): Update minimum GCC version. * INSTALL: Regenerated.
* Require GCC 5 or later to build glibc (bug 23993).Joseph Myers2018-12-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | We know that building glibc with GCC 4.9 is broken on various platforms (bug 23993). As it's more than a year since we last increased the minimum GCC version to build glibc, this patch changes the requirement to be GCC 5 or later (indeed, based on 4.9 having been required for building 2.26, it would be consistent in terms of timing to require GCC 6 or later from the 2.30 release onwards). It deliberately just updates the configure test and corresponding documentation, leaving removal of no-longer-needed __GNUC_PREREQ tests for a separate patch. In the NEWS entry, the requirement for a newer GCC version for powerpc64le is reiterated (as in the entry for the 4.9 requirement in 2.26) to avoid suggesting the version requirement there has gone down. (If that version goes up further as part of support for binary128 long double, of course the wording would change at that time.) Tested for x86_64. [BZ #23993] * configure.ac (libc_cv_compiler_ok): Require GCC 5 or later. * configure: Regenerated. * manual/install.texi (Tools for Compilation): Update minimum GCC version. * INSTALL: Regenerated.
* Patch to require Python 3.4 or later to build glibc.Joseph Myers2018-10-291-9/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes Python 3.4 or later a required tool for building glibc, so allowing changes of awk, perl etc. code used in the build and test to Python code without any such changes needing makefile conditionals or to handle older Python versions. This patch makes the configure test for Python check the version and give an error if Python is missing or too old, and removes makefile conditionals that are no longer needed. It does not itself convert any code from another language to Python, and does not remove any compatibility with older Python versions from existing scripts. Tested for x86_64. * configure.ac (PYTHON_PROG): Use AC_CHECK_PROG_VER. Set critic_missing for versions before 3.4. * configure: Regenerated. * manual/install.texi (Tools for Compilation): Document requirement for Python to build glibc. * INSTALL: Regenerated. * Rules [PYTHON]: Make code unconditional. * benchtests/Makefile [PYTHON]: Likewise. * conform/Makefile [PYTHON]: Likewise. * manual/Makefile [PYTHON]: Likewise. * math/Makefile [PYTHON]: Likewise.
* Fix ifunc support with DT_TEXTREL segments (BZ#20480)Adhemerval Zanella2018-09-251-0/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, DT_TEXTREL is incompatible with IFUNC. When DT_TEXTREL or DF_TEXTREL is seen, the dynamic linker calls __mprotect on the segments with PROT_READ|PROT_WRITE before applying dynamic relocations. It leads to segfault when performing IFUNC resolution (which requires PROT_EXEC as well for the IFUNC resolver). This patch makes it call __mprotect with extra PROT_WRITE bit, which will keep the PROT_EXEC bit if exists, and thus fixes the segfault. FreeBSD rtld libexec/rtld-elf/rtld.c (reloc_textrel_prot) does the same. Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu, sparc64-linux-gnu, sparcv9-linux-gnu, and armv8-linux-gnueabihf. Adam J. Richte <adam_richter2004@yahoo.com> Adhemerval Zanella <adhemerval.zanella@linaro.org> Fangrui Song <maskray@google.com> [BZ #20480] * config.h.in (CAN_TEXTREL_IFUNC): New define. * configure.ac: Add check if linker supports textrel relocation with ifunc. * elf/dl-reloc.c (_dl_relocate_object): Use all required flags on DT_TEXTREL segments, not only PROT_READ and PROT_WRITE. * elf/Makefile (ifunc-pie-tests): Add tst-ifunc-textrel. (CFLAGS-tst-ifunc-textrel.c): New rule. * elf/tst-ifunc-textrel.c: New file.
* Add --with-nonshared-cflags option to configureFlorian Weimer2018-08-171-0/+14
|
* x86: Support IBT and SHSTK in Intel CET [BZ #21598]H.J. Lu2018-07-161-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Intel Control-flow Enforcement Technology (CET) instructions: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-en forcement-technology-preview.pdf includes Indirect Branch Tracking (IBT) and Shadow Stack (SHSTK). GNU_PROPERTY_X86_FEATURE_1_IBT is added to GNU program property to indicate that all executable sections are compatible with IBT when ENDBR instruction starts each valid target where an indirect branch instruction can land. Linker sets GNU_PROPERTY_X86_FEATURE_1_IBT on output only if it is set on all relocatable inputs. On an IBT capable processor, the following steps should be taken: 1. When loading an executable without an interpreter, enable IBT and lock IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the executable. 2. When loading an executable with an interpreter, enable IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the interpreter. a. If GNU_PROPERTY_X86_FEATURE_1_IBT isn't set on the executable, disable IBT. b. Lock IBT. 3. If IBT is enabled, when loading a shared object without GNU_PROPERTY_X86_FEATURE_1_IBT: a. If legacy interwork is allowed, then mark all pages in executable PT_LOAD segments in legacy code page bitmap. Failure of legacy code page bitmap allocation causes an error. b. If legacy interwork isn't allowed, it causes an error. GNU_PROPERTY_X86_FEATURE_1_SHSTK is added to GNU program property to indicate that all executable sections are compatible with SHSTK where return address popped from shadow stack always matches return address popped from normal stack. Linker sets GNU_PROPERTY_X86_FEATURE_1_SHSTK on output only if it is set on all relocatable inputs. On a SHSTK capable processor, the following steps should be taken: 1. When loading an executable without an interpreter, enable SHSTK if GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on the executable. 2. When loading an executable with an interpreter, enable SHSTK if GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on interpreter. a. If GNU_PROPERTY_X86_FEATURE_1_SHSTK isn't set on the executable or any shared objects loaded via the DT_NEEDED tag, disable SHSTK. b. Otherwise lock SHSTK. 3. After SHSTK is enabled, it is an error to load a shared object without GNU_PROPERTY_X86_FEATURE_1_SHSTK. To enable CET support in glibc, --enable-cet is required to configure glibc. When CET is enabled, both compiler and assembler must support CET. Otherwise, it is a configure-time error. To support CET run-time control, 1. _dl_x86_feature_1 is added to the writable ld.so namespace to indicate if IBT or SHSTK are enabled at run-time. It should be initialized by init_cpu_features. 2. For dynamic executables: a. A l_cet field is added to struct link_map to indicate if IBT or SHSTK is enabled in an ELF module. _dl_process_pt_note or _rtld_process_pt_note is called to process PT_NOTE segment for GNU program property and set l_cet. b. _dl_open_check is added to check IBT and SHSTK compatibilty when dlopening a shared object. 3. Replace i386 _dl_runtime_resolve and _dl_runtime_profile with _dl_runtime_resolve_shstk and _dl_runtime_profile_shstk, respectively if SHSTK is enabled. CET run-time control can be changed via GLIBC_TUNABLES with $ export GLIBC_TUNABLES=glibc.tune.x86_shstk=[permissive|on|off] $ export GLIBC_TUNABLES=glibc.tune.x86_ibt=[permissive|on|off] 1. permissive: SHSTK is disabled when dlopening a legacy ELF module. 2. on: IBT or SHSTK are always enabled, regardless if there are IBT or SHSTK bits in GNU program property. 3. off: IBT or SHSTK are always disabled, regardless if there are IBT or SHSTK bits in GNU program property. <cet.h> from CET-enabled GCC is automatically included by assembly codes to add GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK to GNU program property. _CET_ENDBR is added at the entrance of all assembly functions whose address may be taken. _CET_NOTRACK is used to insert NOTRACK prefix with indirect jump table to support IBT. It is defined as notrack when _CET_NOTRACK is defined in <cet.h>. [BZ #21598] * configure.ac: Add --enable-cet. * configure: Regenerated. * elf/Makefille (all-built-dso): Add a comment. * elf/dl-load.c (filebuf): Moved before "dynamic-link.h". Include <dl-prop.h>. (_dl_map_object_from_fd): Call _dl_process_pt_note on PT_NOTE segment. * elf/dl-open.c: Include <dl-prop.h>. (dl_open_worker): Call _dl_open_check. * elf/rtld.c: Include <dl-prop.h>. (dl_main): Call _rtld_process_pt_note on PT_NOTE segment. Call _rtld_main_check. * sysdeps/generic/dl-prop.h: New file. * sysdeps/i386/dl-cet.c: Likewise. * sysdeps/unix/sysv/linux/x86/cpu-features.c: Likewise. * sysdeps/unix/sysv/linux/x86/dl-cet.h: Likewise. * sysdeps/x86/cet-tunables.h: Likewise. * sysdeps/x86/check-cet.awk: Likewise. * sysdeps/x86/configure: Likewise. * sysdeps/x86/configure.ac: Likewise. * sysdeps/x86/dl-cet.c: Likewise. * sysdeps/x86/dl-procruntime.c: Likewise. * sysdeps/x86/dl-prop.h: Likewise. * sysdeps/x86/libc-start.h: Likewise. * sysdeps/x86/link_map.h: Likewise. * sysdeps/i386/dl-trampoline.S (_dl_runtime_resolve): Add _CET_ENDBR. (_dl_runtime_profile): Likewise. (_dl_runtime_resolve_shstk): New. (_dl_runtime_profile_shstk): Likewise. * sysdeps/linux/x86/Makefile (sysdep-dl-routines): Add dl-cet if CET is enabled. (CFLAGS-.o): Add -fcf-protection if CET is enabled. (CFLAGS-.os): Likewise. (CFLAGS-.op): Likewise. (CFLAGS-.oS): Likewise. (asm-CPPFLAGS): Add -fcf-protection -include cet.h if CET is enabled. (tests-special): Add $(objpfx)check-cet.out. (cet-built-dso): New. (+$(cet-built-dso:=.note)): Likewise. (common-generated): Add $(cet-built-dso:$(common-objpfx)%=%.note). ($(objpfx)check-cet.out): New. (generated): Add check-cet.out. * sysdeps/x86/cpu-features.c: Include <dl-cet.h> and <cet-tunables.h>. (TUNABLE_CALLBACK (set_x86_ibt)): New prototype. (TUNABLE_CALLBACK (set_x86_shstk)): Likewise. (init_cpu_features): Call get_cet_status to check CET status and update dl_x86_feature_1 with CET status. Call TUNABLE_CALLBACK (set_x86_ibt) and TUNABLE_CALLBACK (set_x86_shstk). Disable and lock CET in libc.a. * sysdeps/x86/cpu-tunables.c: Include <cet-tunables.h>. (TUNABLE_CALLBACK (set_x86_ibt)): New function. (TUNABLE_CALLBACK (set_x86_shstk)): Likewise. * sysdeps/x86/sysdep.h (_CET_NOTRACK): New. (_CET_ENDBR): Define if not defined. (ENTRY): Add _CET_ENDBR. * sysdeps/x86/dl-tunables.list (glibc.tune): Add x86_ibt and x86_shstk. * sysdeps/x86_64/dl-trampoline.h (_dl_runtime_resolve): Add _CET_ENDBR. (_dl_runtime_profile): Likewise.
* testrun.sh: Implement --tool=strace, --tool=valgrindFlorian Weimer2018-07-041-1/+1
| | | | | | | | $(file …) appears to be the only convenient way to create files with newlines and make substitution variables. This needs make 4.0 (released in 2013), so update the requirement to match. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* New configure option --disable-crypt.Zack Weinberg2018-06-291-0/+18
| | | | | | | | Some Linux distributions are experimenting with a new, separately maintained and hopefully more agile implementation of the crypt API. To facilitate this, add a configure option which disables glibc's embedded libcrypt. When this option is given, libcrypt.* and crypt.h will not be built nor installed.
* Pass -no-pie to GCC only if GCC defaults to PIE [BZ #22614]H.J. Lu2017-12-181-5/+8
| | | | | | | | | | | | | | | | | | | | After --enable-static-pie is added to configure, libc_cv_pie_default is set to yes when either --enable-static-pie is used to configure glibc or GCC defaults to PIE. We should set no-pie-ldflag to -no-pie, which is supported on GCC 6 and later, only if GCC defaults to PIE, not when --enable-static-pie is used to configure glibc. Tested on x32 with --enable-static-pie using GCC 5 and without --enable-static-pie using GCC 7. [BZ #22614] * Makeconfig (no-pie-ldflag): Set to -no-pie only if $(cc-pie-default) == yes. * config.make.in (cc-pie-default): New. * configure.ac (libc_cv_pie_default): Renamed to ... (libc_cv_cc_pie_default): This. (libc_cv_pie_default): Set to $libc_cv_cc_pie_default. * configure: Regenerated.
* Add --enable-static-pie configure option to build static PIE [BZ #19574]H.J. Lu2017-12-151-0/+79
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Static PIE extends address space layout randomization to static executables. It provides additional security hardening benefits at the cost of some memory and performance. Dynamic linker, ld.so, is a standalone program which can be loaded at any address. This patch adds a configure option, --enable-static-pie, to embed the part of ld.so in static executable to create static position independent executable (static PIE). A static PIE is similar to static executable, but can be loaded at any address without help from a dynamic linker. When --enable-static-pie is used to configure glibc, libc.a is built as PIE and all static executables, including tests, are built as static PIE. The resulting libc.a can be used together with GCC 8 or above to build static PIE with the compiler option, -static-pie. But GCC 8 isn't required to build glibc with --enable-static-pie. Only GCC with PIE support is needed. When an older GCC is used to build glibc with --enable-static-pie, proper input files are passed to linker to create static executables as static PIE, together with "-z text" to prevent dynamic relocations in read-only segments, which are not allowed in static PIE. The following changes are made for static PIE: 1. Add a new function, _dl_relocate_static_pie, to: a. Get the run-time load address. b. Read the dynamic section. c. Perform dynamic relocations. Dynamic linker also performs these steps. But static PIE doesn't load any shared objects. 2. Call _dl_relocate_static_pie at entrance of LIBC_START_MAIN in libc.a. crt1.o, which is used to create dynamic and non-PIE static executables, is updated to include a dummy _dl_relocate_static_pie. rcrt1.o is added to create static PIE, which will link in the real _dl_relocate_static_pie. grcrt1.o is also added to create static PIE with -pg. GCC 8 has been updated to support rcrt1.o and grcrt1.o for static PIE. Static PIE can work on all architectures which support PIE, provided: 1. Target must support accessing of local functions without dynamic relocations, which is needed in start.S to call __libc_start_main with function addresses of __libc_csu_init, __libc_csu_fini and main. All functions in static PIE are local functions. If PIE start.S can't reach main () defined in a shared object, the code sequence: pass address of local_main to __libc_start_main ... local_main: tail call to main via PLT can be used. 2. start.S is updated to check PIC instead SHARED for PIC code path and avoid dynamic relocation, when PIC is defined and SHARED isn't defined, to support static PIE. 3. All assembly codes are updated check PIC instead SHARED for PIC code path to avoid dynamic relocations in read-only sections. 4. All assembly codes are updated check SHARED instead PIC for static symbol name. 5. elf_machine_load_address in dl-machine.h are updated to support static PIE. 6. __brk works without TLS nor dynamic relocations in read-only section so that it can be used by __libc_setup_tls to initializes TLS in static PIE. NB: When glibc is built with GCC defaulted to PIE, libc.a is compiled with -fPIE, regardless if --enable-static-pie is used to configure glibc. When glibc is configured with --enable-static-pie, libc.a is compiled with -fPIE, regardless whether GCC defaults to PIE or not. The same libc.a can be used to build both static executable and static PIE. There is no need for separate PIE copy of libc.a. On x86-64, the normal static sln: text data bss dec hex filename 625425 8284 5456 639165 9c0bd elf/sln the static PIE sln: text data bss dec hex filename 657626 20636 5392 683654 a6e86 elf/sln The code size is increased by 5% and the binary size is increased by 7%. Linker requirements to build glibc with --enable-static-pie: 1. Linker supports --no-dynamic-linker to remove PT_INTERP segment from static PIE. 2. Linker can create working static PIE. The x86-64 linker needs the fix for https://sourceware.org/bugzilla/show_bug.cgi?id=21782 The i386 linker needs to be able to convert "movl main@GOT(%ebx), %eax" to "leal main@GOTOFF(%ebx), %eax" if main is defined locally. Binutils 2.29 or above are OK for i686 and x86-64. But linker status for other targets need to be verified. 3. Linker should resolve undefined weak symbols to 0 in static PIE: https://sourceware.org/bugzilla/show_bug.cgi?id=22269 4. Many ELF backend linkers incorrectly check bfd_link_pic for TLS relocations, which should check bfd_link_executable instead: https://sourceware.org/bugzilla/show_bug.cgi?id=22263 Tested on aarch64, i686 and x86-64. Using GCC 7 and binutils master branch, build-many-glibcs.py with --enable-static-pie with all patches for static PIE applied have the following build successes: PASS: glibcs-aarch64_be-linux-gnu build PASS: glibcs-aarch64-linux-gnu build PASS: glibcs-armeb-linux-gnueabi-be8 build PASS: glibcs-armeb-linux-gnueabi build PASS: glibcs-armeb-linux-gnueabihf-be8 build PASS: glibcs-armeb-linux-gnueabihf build PASS: glibcs-arm-linux-gnueabi build PASS: glibcs-arm-linux-gnueabihf build PASS: glibcs-arm-linux-gnueabihf-v7a build PASS: glibcs-arm-linux-gnueabihf-v7a-disable-multi-arch build PASS: glibcs-m68k-linux-gnu build PASS: glibcs-microblazeel-linux-gnu build PASS: glibcs-microblaze-linux-gnu build PASS: glibcs-mips64el-linux-gnu-n32 build PASS: glibcs-mips64el-linux-gnu-n32-nan2008 build PASS: glibcs-mips64el-linux-gnu-n32-nan2008-soft build PASS: glibcs-mips64el-linux-gnu-n32-soft build PASS: glibcs-mips64el-linux-gnu-n64 build PASS: glibcs-mips64el-linux-gnu-n64-nan2008 build PASS: glibcs-mips64el-linux-gnu-n64-nan2008-soft build PASS: glibcs-mips64el-linux-gnu-n64-soft build PASS: glibcs-mips64-linux-gnu-n32 build PASS: glibcs-mips64-linux-gnu-n32-nan2008 build PASS: glibcs-mips64-linux-gnu-n32-nan2008-soft build PASS: glibcs-mips64-linux-gnu-n32-soft build PASS: glibcs-mips64-linux-gnu-n64 build PASS: glibcs-mips64-linux-gnu-n64-nan2008 build PASS: glibcs-mips64-linux-gnu-n64-nan2008-soft build PASS: glibcs-mips64-linux-gnu-n64-soft build PASS: glibcs-mipsel-linux-gnu build PASS: glibcs-mipsel-linux-gnu-nan2008 build PASS: glibcs-mipsel-linux-gnu-nan2008-soft build PASS: glibcs-mipsel-linux-gnu-soft build PASS: glibcs-mips-linux-gnu build PASS: glibcs-mips-linux-gnu-nan2008 build PASS: glibcs-mips-linux-gnu-nan2008-soft build PASS: glibcs-mips-linux-gnu-soft build PASS: glibcs-nios2-linux-gnu build PASS: glibcs-powerpc64le-linux-gnu build PASS: glibcs-powerpc64-linux-gnu build PASS: glibcs-tilegxbe-linux-gnu-32 build PASS: glibcs-tilegxbe-linux-gnu build PASS: glibcs-tilegx-linux-gnu-32 build PASS: glibcs-tilegx-linux-gnu build PASS: glibcs-tilepro-linux-gnu build and the following build failures: FAIL: glibcs-alpha-linux-gnu build elf/sln is failed to link due to: assertion fail bfd/elf64-alpha.c:4125 This is caused by linker bug and/or non-PIC code in PIE libc.a. FAIL: glibcs-hppa-linux-gnu build elf/sln is failed to link due to: collect2: fatal error: ld terminated with signal 11 [Segmentation fault] https://sourceware.org/bugzilla/show_bug.cgi?id=22537 FAIL: glibcs-ia64-linux-gnu build elf/sln is failed to link due to: collect2: fatal error: ld terminated with signal 11 [Segmentation fault] FAIL: glibcs-powerpc-linux-gnu build FAIL: glibcs-powerpc-linux-gnu-soft build FAIL: glibcs-powerpc-linux-gnuspe build FAIL: glibcs-powerpc-linux-gnuspe-e500v1 build elf/sln is failed to link due to: ld: read-only segment has dynamic relocations. This is caused by linker bug and/or non-PIC code in PIE libc.a. See: https://sourceware.org/bugzilla/show_bug.cgi?id=22264 FAIL: glibcs-powerpc-linux-gnu-power4 build elf/sln is failed to link due to: findlocale.c:96:(.text+0x22c): @local call to ifunc memchr This is caused by linker bug and/or non-PIC code in PIE libc.a. FAIL: glibcs-s390-linux-gnu build elf/sln is failed to link due to: collect2: fatal error: ld terminated with signal 11 [Segmentation fault], core dumped assertion fail bfd/elflink.c:14299 This is caused by linker bug and/or non-PIC code in PIE libc.a. FAIL: glibcs-sh3eb-linux-gnu build FAIL: glibcs-sh3-linux-gnu build FAIL: glibcs-sh4eb-linux-gnu build FAIL: glibcs-sh4eb-linux-gnu-soft build FAIL: glibcs-sh4-linux-gnu build FAIL: glibcs-sh4-linux-gnu-soft build elf/sln is failed to link due to: ld: read-only segment has dynamic relocations. This is caused by linker bug and/or non-PIC code in PIE libc.a. See: https://sourceware.org/bugzilla/show_bug.cgi?id=22263 Also TLS code sequence in SH assembly syscalls in glibc doesn't match TLS code sequence expected by ld: https://sourceware.org/bugzilla/show_bug.cgi?id=22270 FAIL: glibcs-sparc64-linux-gnu build FAIL: glibcs-sparcv9-linux-gnu build FAIL: glibcs-tilegxbe-linux-gnu build FAIL: glibcs-tilegxbe-linux-gnu-32 build FAIL: glibcs-tilegx-linux-gnu build FAIL: glibcs-tilegx-linux-gnu-32 build FAIL: glibcs-tilepro-linux-gnu build elf/sln is failed to link due to: ld: read-only segment has dynamic relocations. This is caused by linker bug and/or non-PIC code in PIE libc.a. See: https://sourceware.org/bugzilla/show_bug.cgi?id=22263 [BZ #19574] * INSTALL: Regenerated. * Makeconfig (real-static-start-installed-name): New. (pic-default): Updated for --enable-static-pie. (pie-default): New for --enable-static-pie. (default-pie-ldflag): Likewise. (+link-static-before-libc): Replace $(DEFAULT-LDFLAGS-$(@F)) with $(if $($(@F)-no-pie),$(no-pie-ldflag),$(default-pie-ldflag)). Replace $(static-start-installed-name) with $(real-static-start-installed-name). (+prectorT): Updated for --enable-static-pie. (+postctorT): Likewise. (CFLAGS-.o): Add $(pie-default). (CFLAGS-.op): Likewise. * NEWS: Mention --enable-static-pie. * config.h.in (ENABLE_STATIC_PIE): New. * configure.ac (--enable-static-pie): New configure option. (have-no-dynamic-linker): New LIBC_CONFIG_VAR. (have-static-pie): Likewise. Enable static PIE if linker supports --no-dynamic-linker. (ENABLE_STATIC_PIE): New AC_DEFINE. (enable-static-pie): New LIBC_CONFIG_VAR. * configure: Regenerated. * csu/Makefile (omit-deps): Add r$(start-installed-name) and gr$(start-installed-name) for --enable-static-pie. (extra-objs): Likewise. (install-lib): Likewise. (extra-objs): Add static-reloc.o and static-reloc.os ($(objpfx)$(start-installed-name)): Also depend on $(objpfx)static-reloc.o. ($(objpfx)r$(start-installed-name)): New. ($(objpfx)g$(start-installed-name)): Also depend on $(objpfx)static-reloc.os. ($(objpfx)gr$(start-installed-name)): New. * csu/libc-start.c (LIBC_START_MAIN): Call _dl_relocate_static_pie in libc.a. * csu/libc-tls.c (__libc_setup_tls): Add main_map->l_addr to initimage. * csu/static-reloc.c: New file. * elf/Makefile (routines): Add dl-reloc-static-pie. (elide-routines.os): Likewise. (DEFAULT-LDFLAGS-tst-tls1-static-non-pie): Removed. (tst-tls1-static-non-pie-no-pie): New. * elf/dl-reloc-static-pie.c: New file. * elf/dl-support.c (_dl_get_dl_main_map): New function. * elf/dynamic-link.h (ELF_DURING_STARTUP): Also check STATIC_PIE_BOOTSTRAP. * elf/get-dynamic-info.h (elf_get_dynamic_info): Likewise. * gmon/Makefile (tests): Add tst-gmon-static-pie. (tests-static): Likewise. (DEFAULT-LDFLAGS-tst-gmon-static): Removed. (tst-gmon-static-no-pie): New. (CFLAGS-tst-gmon-static-pie.c): Likewise. (CRT-tst-gmon-static-pie): Likewise. (tst-gmon-static-pie-ENV): Likewise. (tests-special): Likewise. ($(objpfx)tst-gmon-static-pie.out): Likewise. (clean-tst-gmon-static-pie-data): Likewise. ($(objpfx)tst-gmon-static-pie-gprof.out): Likewise. * gmon/tst-gmon-static-pie.c: New file. * manual/install.texi: Document --enable-static-pie. * sysdeps/generic/ldsodefs.h (_dl_relocate_static_pie): New. (_dl_get_dl_main_map): Likewise. * sysdeps/i386/configure.ac: Check if linker supports static PIE. * sysdeps/x86_64/configure.ac: Likewise. * sysdeps/i386/configure: Regenerated. * sysdeps/x86_64/configure: Likewise. * sysdeps/mips/Makefile (ASFLAGS-.o): Add $(pie-default). (ASFLAGS-.op): Likewise.
* Remove --with-fp / --without-fp.Joseph Myers2017-12-121-13/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is a configure option --without-fp that specifies that nofpu sysdeps directories should be used instead of fpu directories. For most glibc configurations, this option is of no use: either there is no valid nofpu variant of that configuration, or there are no fpu or nofpu sysdeps directories for that processor and so the option does nothing. For a few configurations, if you are using a soft-float compiler this option is required, and failing to use it generally results in compilation errors from inline asm using unavailable floating-point instructions. We're moving away from --with-cpu to configuring glibc based on how the compiler generates code, and it is natural to do so for --without-fp as well; in most cases the soft-float and hard-float ABIs are incompatible so you have no hope of building a working glibc with an inappropriately configured compiler or libgcc. This patch eliminates --without-fp, replacing it entirely by automatic configuration based on the compiler. Configurations for which this is relevant (coldfire / mips / powerpc32 / sh) define a variable with_fp_cond in their preconfigure fragments (under the same conditions under which those fragments do anything); this is a preprocessor conditional which the toplevel configure script then uses in a test to determine which sysdeps directories to use. The config.make with-fp variable remains. It's used only by powerpc (sysdeps/powerpc/powerpc32/Makefile) to add -mhard-float to various flags variables. For powerpc, -mcpu= options can imply use of soft-float. That could be an issue if you want to build for e.g. 476fp, but are using --with-cpu=476 because there isn't a 476fp sysdeps directory. If in future we eliminate --with-cpu and replace it entirely by testing the compiler, it would be natural at that point to eliminate that code as well (as the user should then just use a compiler defaulting to 476fp and the 476 sysdeps directory would be used automatically). Tested for x86_64, and tested with build-many-glibcs.py that installed shared libraries are unchanged by this patch. * configure.ac (--with-fp): Remove configure option. (with_fp_cond): New variable. (libc_cv_with_fp): New configure test. Use this variable instead of with_fp. * configure: Regenerated. * config.make.in (with-fp): Use @libc_cv_with_fp@. * manual/install.texi (Configuring and compiling): Remove --without-fp. * INSTALL: Regenerated. * sysdeps/m68k/preconfigure (with_fp_cond): Define for ColdFire. * sysdeps/mips/preconfigure (with_fp_cond): Define. * sysdeps/powerpc/preconfigure (with_fp_cond): Define for 32-bit. * sysdeps/sh/preconfigure (with_fp_cond): Define. * scripts/build-many-glibcs.py (Context.add_all_configs): Do not use --without-fp to configure glibc.
* Add elision tunablesRogerio Alves2017-12-051-17/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds several new tunables to control the behavior of elision on supported platforms[1]. Since elision now depends on tunables, we should always *compile* with elision enabled, and leave the code disabled, but available for runtime selection. This gives us *much* better compile-time testing of the existing code to avoid bit-rot[2]. Tested on ppc, ppc64, ppc64le, s390x and x86_64. [1] This part of the patch was initially proposed by Paul Murphy but was "staled" because the framework have changed since the patch was originally proposed: https://patchwork.sourceware.org/patch/10342/ [2] This part of the patch was inititally proposed as a RFC by Carlos O'Donnell. Make sense to me integrate this on the patch: https://sourceware.org/ml/libc-alpha/2017-05/msg00335.html * elf/dl-tunables.list: Add elision parameters. * manual/tunables.texi: Add entries about elision tunable. * sysdeps/unix/sysv/linux/powerpc/elision-conf.c: Add callback functions to dynamically enable/disable elision. Add multiple callbacks functions to set elision parameters. Deleted __libc_enable_secure check. * sysdeps/unix/sysv/linux/s390/elision-conf.c: Likewise. * sysdeps/unix/sysv/linux/x86/elision-conf.c: Likewise. * configure: Regenerated. * configure.ac: Option enable_lock_elision was deleted. * config.h.in: ENABLE_LOCK_ELISION flag was deleted. * config.make.in: Remove references to enable_lock_elision. * manual/install.texi: Elision configure option was removed. * INSTALL: Regenerated to remove enable_lock_elision. * nptl/Makefile: Disable elision so it can verify error case for destroying a mutex. * sysdeps/powerpc/nptl/elide.h: Cleanup ENABLE_LOCK_ELISION check. Deleted macros for the case when ENABLE_LOCK_ELISION was not defined. * sysdeps/s390/configure: Regenerated. * sysdeps/s390/configure.ac: Remove references to enable_lock_elision.. * nptl/tst-mutex8.c: Deleted all #ifndef ENABLE_LOCK_ELISION from the test. * sysdeps/powerpc/powerpc32/sysdep.h: Deleted all ENABLE_LOCK_ELISION checks. * sysdeps/powerpc/powerpc64/sysdep.h: Likewise. * sysdeps/powerpc/sysdep.h: Likewise. * sysdeps/s390/nptl/bits/pthreadtypes-arch.h: Likewise. * sysdeps/unix/sysv/linux/powerpc/force-elision.h: Likewise. * sysdeps/unix/sysv/linux/s390/elision-conf.h: Likewise. * sysdeps/unix/sysv/linux/s390/force-elision.h: Likewise. * sysdeps/unix/sysv/linux/s390/lowlevellock.h: Likewise. * sysdeps/unix/sysv/linux/s390/Makefile: Remove references to enable-lock-elision. Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
* plural.c: improve reproducibilityJuro Bystricky2017-11-301-64/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is a subtle non-determinism when building glibc. This depends on whether the glibc is built using the distibuted file intl/plural.c or built using the generated file intl/plural.c. These two files (intl/plural.c generated vs. distributed) are slightly different, hence we may end up with slightly different libraries. Originally, having "bison" installed was optional. So if "bison" was not present, we always built libraries with the distributed plural.c. If bison was installed, we *** may have *** replaced the distributed file plural.c with a new plural.c generated from plural.y. if the timestamps triggered this rule: plural.c plural.y $(BISON) $(BISONFLAGS) $@ $^ Given that timestamps are not preserved in GIT repositories, the above rule is not reliable without explicitly touching plural.c or plural.y. In other words, the rule may or may not have fired. In summary: there are two distinct sources of non-determinism: 1. Having "bison" installed or not 2. Having "bison" installed but timestamps poorly defined. This patch fixes this by requiring "bison" being installed and by always generating intl/plural.c from intl/plural.y. (This is achieved by simply removing checked-in intl/plural.c) [BZ #22432] * configure.ac (BISON): Require to be present. * configure: Regenerated. * intl/Makefile (generated): Add plural.c. [$(BISON) != no]: Make code unconditional. (plural.c): Change rule to $(objpfx)plural.c. ($(objpfx)plural.o): Depend on $(objpfx)plural.c. * intl/plural.c: Remove. * manual/install.texi (Tools for Compilation): Document bison as required. * INSTALL: Regenerated.
* Prefer https for Sourceware linksSiddhesh Poyarekar2017-11-161-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | Update all sourceware links to https. The website redirects everything to https anyway so let the web server do a bit less work. The only reference that remains unchanged is the one in the old ChangeLog, since it didn't seem worth changing it. * NEWS: Update sourceware link to https. * configure.ac: Likewise. * crypt/md5test-giant.c: Likewise. * dlfcn/bug-atexit1.c: Likewise. * dlfcn/bug-atexit2.c: Likewise. * localedata/README: Likewise. * malloc/tst-mallocfork.c: Likewise. * manual/install.texi: Likewise. * nptl/tst-pthread-getattr.c: Likewise. * stdio-common/tst-fgets.c: Likewise. * stdio-common/tst-fwrite.c: Likewise. * sunrpc/Makefile: Likewise. * sysdeps/arm/armv7/multiarch/memcpy_impl.S: Likewise. * wcsmbs/tst-mbrtowc2.c: Likewise. * configure: Regenerate. * INSTALL: Regenerate.
* Use newly built crt*.o files to build shared objects [BZ #22362]H.J. Lu2017-11-061-0/+6
| | | | | | | | | | | | | | | | | | | When multi-lib GCC is used to build glibc, the search order of GCC driver for crt*.o is -B*/`gcc -print-multi-directory`, the installed diretory, -B*/. This patch adds multi-lib support to csu/Makefile so that -B/glibc-build-directory/csu/ will pick up the newly built crt*.o. Tested on x86-64 for i686 and x32. [BZ #22362] * Makerules (make-link-multidir): New. * config.make.in (multidir): New. * configure.ac (libc_cv_multidir): New. AC_SUBST. * configure: Regenerated. * csu/Makefile [$(multidir) != .](multilib-extra-objs): New. [$(multidir) != .](extra-objs): Add $(multilib-extra-objs). [$(multidir) != .]($(addprefix $(objpfx)$(multidir)/, $(install-lib))): New target.
* Avoid build multiarch if compiler warns about mismatched aliasAdhemerval Zanella2017-10-201-3/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | GCC 8 emits an warning for alias for functions with incompatible types and it is used extensivelly for ifunc resolvers implementations in C (for instance on weak_alias with the internal symbol name to the external one or with the libc_hidden_def to set ifunc for internal usage). This breaks the build when the ifunc resolver is not defined using gcc attribute extensions (HAVE_GCC_IFUNC being 0). Although for all currently architectures that have multiarch support this compiler options is enabled for default, there is still the option where the user might try build glibc with a compiler without support for such extension. In this case this patch just disable the multiarch folder in sysdeps selections. GCC 7 and before still builds IFUNCs regardless of compiler support (although for the lack of attribute support debug information would be optimal). Checked with a build on multiarch support architectures (aarch64, arm, sparc, s390, powerpc, x86_64, i386) with multiarch enable and disable and with GCC 7 and GCC 8. * configure.ac (libc_cv_gcc_incompatbile_alias): New define: indicates whether compiler emits an warning for alias for functions with incompatible types.
* Remove add-ons mechanism.Joseph Myers2017-10-051-260/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | glibc has an add-ons mechanism to allow additional software to be integrated into the glibc build. Such add-ons may be within the glibc source tree, or outside it at a path passed to the --enable-add-ons configure option. localedata and crypt were once add-ons, distributed in separate release tarballs, but long since stopped using that mechanism. Linuxthreads was always an add-on. Ports spent some time as an add-on with separate release tarballs, then was first moved into the glibc source tree, then had its sysdeps files moved into the main sysdeps hierarchy so the add-ons mechanism was no longer used. NPTL spent some time as an add-on in the main glibc tree before stopping using the add-on mechanism. libidn used to have separate release tarballs but no longer does so, but still uses the add-ons mechanism within the glibc source tree. Various other software has supported building with the add-ons mechanism at times in the past, but I don't think any is still widely used. Add-ons involve significant, little-used complexity in the glibc build system, and make it hard to understand what the space of possible glibc configurations is. This patch removes the add-ons mechanism. libidn is now built via the Subdirs mechanism to cause any configuration using sysdeps/unix/inet to build libidn; HAVE_LIBIDN (which effectively means shared libraries are available) is now defined via sysdeps/unix/inet/configure. Various references to add-ons around the source tree are removed (in the case of maint.texi, the example list of sysdeps directories is still very out of date). Externally maintained ports should now put their files in the normal sysdeps directory structure rather than being arranged as add-ons; they probably need to change e.g. elf.h anyway, rather than actually being able to work just as a drop-in subtree. Hurd libpthread should be arranged similarly to NPTL, so some files might go in a hurd-pthreads (or similar) top-level directory in glibc, while sysdeps files should go in the normal sysdeps directory structure (possibly in hurd or hurd-pthreads subdirectories, just as there are nptl subdirectories in the sysdeps tree). Tested for x86_64, and with build-many-glibcs.py. * configure.ac (--enable-add-ons): Remove option. (machine): Do not mention add-ons in comment. (LIBC_PRECONFIGURE): Likewise. (add_ons): Remove variable and sanity checks and logic to locate add-ons. (add_ons_automatic): Remove variable. (configured_add_ons): Likewise. (add_ons_sfx): Likewise. (add_ons_pfx): Likewise. (add_on_subdirs): Likewise. (sysnames_add_ons): Likewise. Remove loop over add-ons and consideration of add-ons in Implies handling. (sysdeps_add_ons): Likewise. * configure: Regenerated. * libidn/configure.ac: Remove. * libidn/configure: Likewise. * sysdeps/unix/inet/configure.ac: New file. * sysdeps/unix/inet/configure: New generated file. * sysdeps/unix/inet/Subdirs: Add libidn. * Makeconfig (sysdeps-srcdirs): Remove variable. (+sysdep_dirs): Do not include $(sysdeps-srcdirs). ($(common-objpfx)config.status): Do not depend on add-on files. ($(common-objpfx)shlib-versions.v.i): Do not mention add-ons in comment. (all-subdirs): Do not include $(add-on-subdirs). * Makefile (dist-prepare): Do not use $(sysdeps-add-ons). * config.make.in (add-ons): Remove variable. (add-on-subdirs): Likewise. (sysdeps-add-ons): Likewise. * manual/Makefile (add-chapters): Remove. ($(objpfx)texis): Do not depend on $(add-chapters). (nonexamples): Do not handle $(add-chapters). (examples): Do not handle $(add-ons). (chapters.% top-menu.%): Do not pass '$(add-chapters)' to libc-texinfo.sh. * manual/install.texi (Installation): Do not mention add-ons. (--enable-add-ons): Do not document configure option. * INSTALL: Regenerated. * manual/libc-texinfo.sh: Do not handle $2 add-ons argument. * manual/maint.texi (Hierarchy Conventions): Do not mention add-ons. * scripts/build-many-glibcs.py (Glibc.build_glibc): Do not use --enable-add-ons. * scripts/gen-sorted.awk: Do not handle Subdirs files from add-ons. * scripts/test-installation.pl: Do not handle glibc-compat add-on. * sysdeps/nptl/Makeconfig: Do not mention add-ons in comment.
* crypt: Use NSPR header files in addition to NSS header files [BZ #17956]Guido Trentalancia2017-10-041-1/+5
| | | | | | | | | When configuring and building GNU libc using the Mozilla NSS library for cryptography (--enable-nss-crypt option), also include the NSPR header files along with the Mozilla NSS library header files. Finally, when running the check-local-headers test, ignore the Mozilla NSPR library header files (used by the Mozilla NSS library).
* Update configure.ac for binutils 2.25H.J. Lu2017-09-251-2/+2
| | | | | | | | | | | | | | Commit 073e8fa7739ed453d6854b834f290c263a6cdb9f requires binutils 2.25 or later to build glibc: * configure.ac (AS): Require binutils 2.25 or later. (LD): Likewise. But it only updated LD version check in configure.ac. This patch adds the missing AS version check. * configure.ac (AS): Require binutils 2.25 or later. * configure: Regenerated.
* gmon: Add test for basic mcount/gprof functionalityFlorian Weimer2017-08-151-0/+3
|
* Check linker support for INSERT in linker scriptH.J. Lu2017-08-041-0/+33
| | | | | | | | | | | | | | | | | Since gold doesn't support INSERT in linker script: https://sourceware.org/bugzilla/show_bug.cgi?id=21676 tst-split-dynreloc fails to link with gold. Check if linker supports INSERT in linker script before using it. * config.make.in (have-insert): New. * configure.ac (libc_cv_insert): New. Set to yes if linker supports INSERT in linker script. (AC_SUBST(libc_cv_insert): New. * configure: Regenerated. * sysdeps/x86_64/Makefile (tests): Add tst-split-dynreloc only if $(have-insert) == yes.
* Add per-thread cache to mallocDJ Delorie2017-07-061-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * config.make.in: Enable experimental malloc option. * configure.ac: Likewise. * configure: Regenerate. * manual/install.texi: Document it. * INSTALL: Regenerate. * malloc/Makefile: Likewise. * malloc/malloc.c: Add per-thread cache (tcache). (tcache_put): New. (tcache_get): New. (tcache_thread_freeres): New. (tcache_init): New. (__libc_malloc): Use cached chunks if available. (__libc_free): Initialize tcache if needed. (__libc_realloc): Likewise. (__libc_calloc): Likewise. (_int_malloc): Prefill tcache when appropriate. (_int_free): Likewise. (do_set_tcache_max): New. (do_set_tcache_count): New. (do_set_tcache_unsorted_limit): New. * manual/probes.texi: Document new probes. * malloc/arena.c: Add new tcache tunables. * elf/dl-tunables.list: Likewise. * manual/tunables.texi: Document them. * NEWS: Mention the per-thread cache.
* Require binutils 2.25 or later to build glibc.Joseph Myers2017-06-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | This patch implements a requirement of binutils >= 2.25 (up from 2.22) to build glibc. Tests for 2.24 or later on x86_64 and s390 are removed. It was already the case, as indicated by buildbot results, that 2.24 was too old for building tests for 32-bit x86 (produced internal linker errors linking elf/tst-gnu2-tls1mod.so). I don't know if any configure tests for binutils features are obsolete given the increased version requirement. Tested for x86_64. * configure.ac (AS): Require binutils 2.25 or later. (LD): Likewise. * configure: Regenerated. * sysdeps/s390/configure.ac (AS): Remove version check. * sysdeps/s390/configure: Regenerated. * sysdeps/x86_64/configure.ac (AS): Remove version check. * sysdeps/x86_64/configure: Regenerated. * manual/install.texi (Tools for Compilation): Document requirement for binutils 2.25 or later. * INSTALL: Regenerated.
* Support building glibc with gold 1.14 or above [BZ #14995]H.J. Lu2017-06-281-2/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch changes configure.ac to allow gold 1.14 or above to be used to configire glibc so that gold glibc bugs can be fixed. Tested with CC="gcc -fuse-ld=gold" CXX="g++ -fuse-ld=gold" on Fedora 25 with gold 1.14 (20170623). Gold 1.14 was first released in binutils 2.28. On x86-64, for "make check", I got Error in `/export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload1': double free or corruption (fasttop): 0x00000000008755f0 *** ======= Backtrace: ========= /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so.6(+0x772fb)[0x7f85225b52fb] /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so.6(+0x7d6c6)[0x7f85225bb6c6] /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so.6(+0x7df0e)[0x7f85225bbf0e] /export/build/gnu/glibc-gold/build-x86_64-linux/dlfcn/libdl.so.2(+0x182d)[0x7f85226e682d] /export/build/gnu/glibc-gold/build-x86_64-linux/dlfcn/libdl.so.2(dlclose+0x1f)[0x7f85226e623f] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload2.so(+0x933)[0x7f8522539933] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/ld.so(+0xfd1a)[0x7f85226fbd1a] /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so.6(+0x3c5e0)[0x7f852257a5e0] /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so.6(+0x3c63a)[0x7f852257a63a] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload2.so(+0x9aa)[0x7f85225399aa] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/ld.so(+0xf74a)[0x7f85226fb74a] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/ld.so(+0xf85b)[0x7f85226fb85b] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/ld.so(+0x13e98)[0x7f85226ffe98] /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so.6(_dl_catch_error+0x71)[0x7f85226643c1] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/ld.so(+0x13639)[0x7f85226ff639] /export/build/gnu/glibc-gold/build-x86_64-linux/dlfcn/libdl.so.2(+0x1156)[0x7f85226e6156] /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so.6(_dl_catch_error+0x71)[0x7f85226643c1] /export/build/gnu/glibc-gold/build-x86_64-linux/dlfcn/libdl.so.2(+0x1789)[0x7f85226e6789] /export/build/gnu/glibc-gold/build-x86_64-linux/dlfcn/libdl.so.2(dlopen+0x32)[0x7f85226e61e2] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload1[0x4009ca] /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so.6(__libc_start_main+0xf1)[0x7f8522565231] /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload1[0x400a5a] ======= Memory map: ======== 00400000-00401000 r-xp 00000000 08:11 26334965 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload1 00401000-00402000 r--p 00000000 08:11 26334965 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload1 00402000-00403000 rw-p 00001000 08:11 26334965 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload1 00875000-00896000 rw-p 00000000 00:00 0 [heap] 7f851c000000-7f851c021000 rw-p 00000000 00:00 0 7f851c021000-7f8520000000 ---p 00000000 00:00 0 7f85222f3000-7f8522309000 r-xp 00000000 08:02 136658 /usr/lib64/libgcc_s-6.3.1-20170216.so.1 7f8522309000-7f8522508000 ---p 00016000 08:02 136658 /usr/lib64/libgcc_s-6.3.1-20170216.so.1 7f8522508000-7f8522509000 r--p 00015000 08:02 136658 /usr/lib64/libgcc_s-6.3.1-20170216.so.1 7f8522509000-7f852250a000 rw-p 00016000 08:02 136658 /usr/lib64/libgcc_s-6.3.1-20170216.so.1 7f8522539000-7f852253a000 r-xp 00000000 08:11 26334619 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload2.so 7f852253a000-7f852253b000 r--p 00000000 08:11 26334619 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload2.so 7f852253b000-7f852253c000 rw-p 00001000 08:11 26334619 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/constload2.so 7f852253c000-7f852253e000 rw-p 00000000 00:00 0 7f852253e000-7f85226da000 r-xp 00000000 08:11 26309973 /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so 7f85226da000-7f85226db000 ---p 0019c000 08:11 26309973 /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so 7f85226db000-7f85226de000 r--p 0019c000 08:11 26309973 /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so 7f85226de000-7f85226e1000 rw-p 0019f000 08:11 26309973 /export/build/gnu/glibc-gold/build-x86_64-linux/libc.so 7f85226e1000-7f85226e5000 rw-p 00000000 00:00 0 7f85226e5000-7f85226e8000 r-xp 00000000 08:11 26313777 /export/build/gnu/glibc-gold/build-x86_64-linux/dlfcn/libdl.so 7f85226e8000-7f85226e9000 r--p 00002000 08:11 26313777 /export/build/gnu/glibc-gold/build-x86_64-linux/dlfcn/libdl.so 7f85226e9000-7f85226ea000 rw-p 00003000 08:11 26313777 /export/build/gnu/glibc-gold/build-x86_64-linux/dlfcn/libdl.so 7f85226ea000-7f85226ec000 rw-p 00000000 00:00 0 7f85226ec000-7f8522711000 r-xp 00000000 08:11 26309972 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/ld.so 7f8522711000-7f8522712000 rw-p 00000000 00:00 0 7f8522712000-7f8522713000 r--p 00025000 08:11 26309972 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/ld.so 7f8522713000-7f8522714000 rw-p 00026000 08:11 26309972 /export/build/gnu/glibc-gold/build-x86_64-linux/elf/ld.so 7f8522714000-7f8522715000 rw-p 00000000 00:00 0 7ffc5a2bd000-7ffc5a2df000 rw-p 00000000 00:00 0 [stack] 7ffc5a32c000-7ffc5a32e000 r--p 00000000 00:00 0 [vvar] 7ffc5a32e000-7ffc5a330000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] and make[4]: *** [/export/build/gnu/glibc-gold/build-x86_64-linux/elf/vismain] Error 1 This is because gold doesn't support protected data symbols: configure:5672: checking linker support for protected data symbol configure:5682: gcc -fuse-ld=gold -nostdlib -nostartfiles -fno-stack-protector -fPIC -shared conftest.c -o conftest.so configure:5685: $? = 0 configure:5692: gcc -fuse-ld=gold -nostdlib -nostartfiles -fno-stack-protector conftest.c -o conftest conftest.so /usr/local/bin/ld.gold: error: /tmp/ccXWoofs.o: cannot make copy relocation for protected symbol 'bar', defined in conftest.so collect2: error: ld returned 1 exit status make[4]: *** [/export/build/gnu/glibc-gold/build-x86_64-linux/elf/tst-split-dynreloc] Error 1 This is because gold doesn't support INSERT in linker script: https://sourceware.org/bugzilla/show_bug.cgi?id=21676 The total failures are FAIL: dlfcn/bug-dl-leaf FAIL: elf/constload1 FAIL: elf/global FAIL: elf/ifuncmain1 FAIL: elf/ifuncmain1pic FAIL: elf/ifuncmain1pie FAIL: elf/ifuncmain1vis FAIL: elf/ifuncmain1vispic FAIL: elf/ifuncmain1vispie FAIL: elf/ifuncmain3 FAIL: elf/initfirst FAIL: elf/preloadtest FAIL: elf/tst-audit11 FAIL: elf/tst-audit12 FAIL: elf/tst-audit4 FAIL: elf/tst-audit5 FAIL: elf/tst-audit6 FAIL: elf/tst-audit7 FAIL: elf/tst-dlmodcount FAIL: elf/tst-dlmopen1 FAIL: elf/tst-dlmopen3 FAIL: elf/tst-dlopenrpath FAIL: elf/tst-latepthread FAIL: elf/tst-leaks1-mem FAIL: elf/tst-nodelete-dlclose FAIL: elf/unload6 FAIL: nss/test-netdb FAIL: nss/tst-nss-test1 FAIL: posix/tst-getaddrinfo5 [BZ #14995] * configure.ac: Allow gold 1.14 or above to configire glibc * configure: Regenerated.
* Require GCC 4.9 or later for building glibc.Joseph Myers2017-06-191-1/+1
| | | | | | | | | | | | | | | | | | | This patch makes configure require GCC 4.9 or later for building glibc, and documents that requirement. Requiring GCC 4.9 or later allows use of _Generic (as in tzcode). It would allow <stdatomic.h> and _Atomic to be used as well if desired, although we need to avoid any libatomic dependencies on any platforms. This patch is explicitly the minimum to implement a new version requirement, with any consequent cleanups of conditional code (not in installed headers or files shared with gnulib etc.) to be done separately. Tested for x86_64. * configure.ac (libc_cv_compiler_ok): Require GCC 4.9 or later. * configure: Regenerated. * manual/install.texi (Tools for Compilation): Document requirement for GCC 4.9 or later. * INSTALL: Regenerated.
* Enable tunables by defaultSiddhesh Poyarekar2017-06-151-1/+1
| | | | | | | | | | | | | | | | | | | | All of the major architectures are adopting tunables as a way to add tuning to the library, from hwcap_mask for aarch64 to HLE for s390 and ifunc and cache geometry for x86. Given this adoption and the fact that we don't want additional tuning knobs to be added outside of tunables, it makes sense to enable tunables by default using this trivial patch. Smoke tested on x86 to ensure that tunables code was built without specifying it as a configure flag. I have kept it as --enabled and not changed it to --disable since we want to still keep the option of different kinds of front-ends for tunables. * configure.ac(--enable-tunables): Enable by default. * configure: Regenerate. * NEWS: Mention change. * manual/install.texi (enable-tunables): Adjust documentation. * INSTALL: Regenerate.
* configure: Suppress expected compiler error messageFlorian Weimer2017-06-131-1/+2
|
* Make copy of <bits/std_abs.h> from GCC 7 [BZ #21573]H.J. Lu2017-06-131-1/+4
| | | | | | | | | | | | | | | | | | <bits/std_abs.h> from GCC 7 will include /usr/include/stdlib.h from "#include_next" (instead of stdlib/stdlib.h in the glibc source directory), and this turns up as a make dependency. Also make a copy of <bits/std_abs.h> to prevent it from including /usr/include/stdlib.h. [BZ #21573] * Makerules [$(c++-bits-std_abs-h) != ""] (before-compile): Add $(common-objpfx)bits/std_abs.h. [$(c++-bits-std_abs-h) != ""] ($(common-objpfx)bits/std_abs.h): New target. * config.make.in (c++-bits-std_abs-h): New. * configure.ac (find_cxx_header): Use "\,$1," with sed. (CXX_BITS_STD_ABS_H): New. (AC_SUBST(CXX_BITS_STD_ABS_H)): Likewise. * configure: Regenerated.
* Deprecate libnsl by default (only shared library will beThorsten Kukuk2017-03-211-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | build for backward compatibility, no linking possible) and disable building of libnss_compat, libnss_nis and libnss_nisplus, except --enable-obsolete-nsl option is given to configure. * config.h.in: Add LINK_OBSOLETE_NSL. * config.make.in: Add build-obsolete-nsl. * configure.ac: Add obsolete-nsl option. * include/libc-symbols.h: Define libnsl_hidden_nolink_def. * include/rpcsvc/yp.h: Add missing functions as libnsl_hidden_proto. * include/rpcsvc/nislib.h: Likewise. * include/rpcsvc/ypclnt.h: Likewise. * manual/install.texi: Document --enable-obsolete-nsl. * nis/Makefile: Build only libnsl by default (add build-obsolete-nsl). * nis/nis_add.c: Replace libnsl_hidden_def with libnsl_hidden_nolink_def. * nis/nis_addmember.c: Likewise. * nis/nis_call.c: Likewise. * nis/nis_clone_obj.c: Likewise. * nis/nis_defaults.c: Likeise. * nis/nis_domain_of_r.c: Likewise. * nis/nis_error.c: Likewise. * nis/nis_file.c: Likewise. * nis/nis_free.c: Likewise. * nis_local_names.c: Likewise. * nis/nis_lookup.c: Likewise. * nis/nis_modify.c: Likewise. * nis/nis_print.c: Likewise. * nis/nis_remove.c: Likewise. * nis/nis_table.c: Likewise. * nis/nis_util.c: Likewise. * nis/nis_xdr.c: Likewise. * nis/yp_xdr.c: Likewise. * nis/ypclnt.c: Likewise. * nis/ypupdate_xdr.c: Likewise. * nis/nis_checkpoint.c: Add libnsl_hidden_nolink_def to all functions. * nis/nis_clone_dir.c: Likewise. * nis/nis_clone_res.c: Likewise. * nis/nis_creategroup.c: Likewise. * nis/nis_destroygroup.c: Likewise. * nis/nis_domain_of.c: Likewise. * nis/nis_getservlist.c: Likewise. * nis/nis_ismember.c: Likewise. * nis/nis_mkdir.c: Likewise. * nis/nis_ping.c: Likewise. * nis/nis_print_group_entry.c: Likewise. * nis/nis_removemember.c: Likewise. * nis/nis_rmdir.c: Likewise. * nis/nis_server.c: Likewise. * nis/nis_subr.c: Likewise. * nis/nis_verifygroup.c: Likewise. Signed-off-by: Thorsten Kukuk <kukuk@suse.com>
* Fix combreloc test with BSD grepAlexey Neyman2017-03-151-4/+4
| | | | | | | | | | | | | | The test for "-z combreloc" fails when cross-compiling on a machine that uses BSD grep (e.g. on macos). grep complains about empty subexpression and exits with non-zero status, which is interpreted by configure as "not found". As a result, support for "-z combreloc" (HAVE_Z_COMBRELOC) is not detected, leading to link failure on SPARC. While there, replace fgrep with 'grep -F', as fgrep is non-POSIX. * configure.ac: Avoid empty subexpression in grep. Signed-off-by: Alexey Neyman <stilor@att.net>
* Enhance --enable-tunables to select tunables frontend at build timeSiddhesh Poyarekar2016-12-311-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At the GNU Tools Cauldron 2016, the state of the current tunables patchset was considered OK with the addition of a way to select the frontend to be used for the tunables. That is, to avoid being locked in to one type of frontend initially, it should be possible to build tunables with a different frontend with something as simple as a configure switch. To that effect, this patch enhances the --enable-tunables option to accept more values than just 'yes' or 'no'. The current frontend (and default when enable-tunables is 'yes') is called 'valstring', to select the frontend where a single environment variable is set to a colon-separated value string. More such frontends can be added in future. * Makeconfig (have-tunables): Check for non-negative instead of positive. * configure.ac: Add 'valstring' as a valid value for --enable-tunables. * configure: Regenerate. * elf/Makefile (have-tunables): Check for non-negative instead of positive. (CPPFLAGS-dl-tunables.c): Define TUNABLES_FRONTEND for dl-tunables.c. * elf/dl-tunables.c (GLIBC_TUNABLES): Define only when TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring. (tunables_strdup): Likewise. (disable_tunables): Likewise. (parse_tunables): Likewise. (__tunables_init): Process GLIBC_TUNABLES envvar only when. TUNABLES_FRONTEND == TUNABLES_FRONTEND_valstring. * elf/dl-tunables.h (TUNABLES_FRONTEND_valstring): New macro. (TUNABLES_FRONTEND_yes): New macro, define as TUNABLES_FRONTEND_valstring by default. * manual/install.texi: Document new acceptable values for --enable-tunables. * INSTALL: Regenerate.
* Add framework for tunablesSiddhesh Poyarekar2016-12-311-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The tunables framework allows us to uniformly manage and expose global variables inside glibc as switches to users. tunables/README has instructions for glibc developers to add new tunables. Tunables support can be enabled by passing the --enable-tunables configure flag to the configure script. This patch only adds a framework and does not pose any limitations on how tunable values are read from the user. It also adds environment variables used in malloc behaviour tweaking to the tunables framework as a PoC of the compatibility interface. * manual/install.texi: Add --enable-tunables option. * INSTALL: Regenerate. * README.tunables: New file. * Makeconfig (CPPFLAGS): Define TOP_NAMESPACE. (before-compile): Generate dl-tunable-list.h early. * config.h.in: Add HAVE_TUNABLES. * config.make.in: Add have-tunables. * configure.ac: Add --enable-tunables option. * configure: Regenerate. * csu/init-first.c (__libc_init_first): Move __libc_init_secure earlier... * csu/init-first.c (LIBC_START_MAIN):... to here. Include dl-tunables.h, libc-internal.h. (LIBC_START_MAIN) [!SHARED]: Initialize tunables for static binaries. * elf/Makefile (dl-routines): Add dl-tunables. * elf/Versions (ld): Add __tunable_set_val to GLIBC_PRIVATE namespace. * elf/dl-support (_dl_nondynamic_init): Unset MALLOC_CHECK_ only when !HAVE_TUNABLES. * elf/rtld.c (process_envvars): Likewise. * elf/dl-sysdep.c [HAVE_TUNABLES]: Include dl-tunables.h (_dl_sysdep_start): Call __tunables_init. * elf/dl-tunable-types.h: New file. * elf/dl-tunables.c: New file. * elf/dl-tunables.h: New file. * elf/dl-tunables.list: New file. * malloc/tst-malloc-usable-static.c: New test case. * malloc/Makefile (tests-static): Add it. * malloc/arena.c [HAVE_TUNABLES]: Include dl-tunables.h. Define TUNABLE_NAMESPACE. (DL_TUNABLE_CALLBACK (set_mallopt_check)): New function. (DL_TUNABLE_CALLBACK_FNDECL): New macro. Use it to define callback functions. (ptmalloc_init): Set tunable values. * scripts/gen-tunables.awk: New file. * sysdeps/mach/hurd/dl-sysdep.c: Include dl-tunables.h. (_dl_sysdep_start): Call __tunables_init.
* Work even with compilers which enable -fstack-protector by default [BZ #7065]Nick Alcock2016-12-261-65/+25
| | | | | | | | | | | | | | | | | With all the machinery we just added, we can easily arrange to work even when the compiler passes in -fstack-protector automatically: all the necessary bits of glibc are always compiled with -fno-stack-protector now. So tear out the check in configure, and add appropriate calls to -fno-stack-protector in tests that need them (largely those that use -nostdlib), since we don't yet have a __stack_chk_fail that those tests can rely upon. (GCC often provides one, but we cannot rely on this, especially not when bootstrapping.) When stack protection is disabled, explicitly pass -fno-stack-protector to everything, to stop a compiler hacked to enable it from inserting calls to __stack_chk_fail via the PLT in every object file.
* Do not stack-protect ifunc resolvers [BZ #7065]Nick Alcock2016-12-261-0/+2
| | | | | | | | | | | When dynamically linking, ifunc resolvers are called before TLS is initialized, so they cannot be safely stack-protected. We avoid disabling stack-protection on large numbers of files by using __attribute__ ((__optimize__ ("-fno-stack-protector"))) to turn it off just for the resolvers themselves. (We provide the attribute even when statically linking, because we will later use it elsewhere too.)
* Configure support for --enable-stack-protector [BZ #7065]Nick Alcock2016-12-261-49/+102
| | | | | | | | | | | | | | | | | | This adds =all and =strong, with obvious semantics, defaulting to off. We don't validate the value of the option yet: that's in a later patch. Nor do we use it for anything at this stage. We differentiate between 'the compiler understands -fstack-protector' and 'the user wanted -fstack-protector' so that we can pass -fno-stack-protector in appropriate places even if the user didn't want to turn on -fstack-protector for other parts. (This helps us overcome another existing limitation, that glibc doesn't work with GCCs hacked to pass in -fstack-protector by default.) We also arrange to set the STACK_PROTECTOR_LEVEL #define to a value appropriate for the stack-protection level in use for each file in particular.