about summary refs log tree commit diff
path: root/csu
Commit message (Collapse)AuthorAgeFilesLines
* elf: Fix GL(dl_phdr) and GL(dl_phnum) for static builds [BZ #29864]Adhemerval Zanella2023-01-122-34/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The 73fc4e28b9464f0e refactor did not add the GL(dl_phdr) and GL(dl_phnum) for static build, relying on the __ehdr_start symbol, which is always added by the static linker, to get the correct values. This is problematic in some ways: - The segment may see its in-memory size differ from its in-file size (or the binary may have holes). The Linux has fixed is to provide concise values for both AT_PHDR and AT_PHNUM (commit 0da1d5002745c - "fs/binfmt_elf: Fix AT_PHDR for unusual ELF files") - Some archs (alpha for instance) the hidden weak reference is not correctly pulled by the static linker and __ehdr_start address end up being 0, which makes GL(dl_phdr) and GL(dl_phnum) have both invalid values (and triggering a segfault later on libc.so while accessing TLS variables). The safer fix is to just restore the previous behavior to setup GL(dl_phdr) and GL(dl_phnum) for static based on kernel auxv. The __ehdr_start fallback can also be simplified by not assuming weak linkage (as for PIE). The libc-static.c auxv init logic is moved to dl-support.c, since the later is build without SHARED and then GLRO macro is defined to access the variables directly. The _dl_phdr is also assumed to be always non NULL, since an invalid NULL values does not trigger TLS initialization (which is used in various libc systems). Checked on aarch64-linux-gnu, x86_64-linux-gnu, and i686-linux-gnu. Reviewed-by: Florian Weimer <fweimer@redhat.com>
* Update copyright dates with scripts/update-copyrightsJoseph Myers2023-01-0613-14/+14
|
* elf: Introduce <dl-call_tls_init_tp.h> and call_tls_init_tp (bug 29249)Florian Weimer2022-11-031-9/+5
| | | | | | | | This makes it more likely that the compiler can compute the strlen argument in _startup_fatal at compile time, which is required to avoid a dependency on strlen this early during process startup. Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
* csu: Disable stack protector for static-reloc for static-pieAdhemerval Zanella2022-10-061-5/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For instance on x86_64 with gcc 12.1.1 andwith fstack-protector enabled the empty function still generates a stack protector code sequence: 0000000000000000 <_dl_relocate_static_pie>: 0: 48 83 ec 18 sub $0x18,%rsp 4: 64 48 8b 04 25 28 00 mov %fs:0x28,%rax b: 00 00 d: 48 89 44 24 08 mov %rax,0x8(%rsp) 12: 31 c0 xor %eax,%eax 14: 48 8b 44 24 08 mov 0x8(%rsp),%rax 19: 64 48 2b 04 25 28 00 sub %fs:0x28,%rax 20: 00 00 22: 75 05 jne 29 <_dl_relocate_static_pie+0x29> 24: 48 83 c4 18 add $0x18,%rsp 28: c3 ret 29: e8 00 00 00 00 call 2e <_dl_relocate_static_pie+0x2e> And since the function is called prior thread pointer setup, it triggers a invalid memory access (this is shown with the failure of elf/tst-tls1-static-non-pie). Although it might characterizes as compiler issue or missed optimization, to be safe also disables stack protector on static-reloc object. Checked on x86_64-linux-gnu and sparc64-linux-gnu. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* Remove kernel version checkAdhemerval Zanella2022-05-162-8/+3
| | | | | | | | | | | | | | | | | | | | The kernel version check is used to avoid glibc to run on older kernels where some syscall are not available and fallback code are not enabled to handle graciously fail. However, it does not prevent if the kernel does not correctly advertise its version through vDSO note, uname or procfs. Also kernel version checks are sometime not desirable by users, where they want to deploy on different system with different kernel version knowing the minimum set of syscall is always presented on such systems. The kernel version check has been removed along with the LD_ASSUME_KERNEL environment variable. The minimum kernel used to built glibc is still provided through NT_GNU_ABI_TAG ELF note and also printed when libc.so is issued. Checked on x86_64-linux-gnu.
* csu: Implement and use _dl_early_allocate during static startupFlorian Weimer2022-05-161-3/+8
| | | | | | | | | | | This implements mmap fallback for a brk failure during TLS allocation. scripts/tls-elf-edit.py is updated to support the new patching method. The script no longer requires that in the input object is of ET_DYN type. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Remove __libc_init_secureFangrui Song2022-04-191-3/+0
| | | | | | | | | | | | | | After 73fc4e28b9464f0e13edc719a5372839970e7ddb, __libc_enable_secure_decided is always 0 and a statically linked executable may overwrite __libc_enable_secure without considering AT_SECURE. The __libc_enable_secure has been correctly initialized in _dl_aux_init, so just remove __libc_enable_secure_decided and __libc_init_secure. This allows us to remove some startup_get*id functions from 22b79ed7f413cd980a7af0cf258da5bf82b6d5e5. Reviewed-by: Florian Weimer <fweimer@redhat.com>
* Update copyright dates with scripts/update-copyrightsPaul Eggert2022-01-0113-14/+14
| | | | | | | | | | | | | | | | | | | | | | | I used these shell commands: ../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright (cd ../glibc && git commit -am"[this commit message]") and then ignored the output, which consisted lines saying "FOO: warning: copyright statement not found" for each of 7061 files FOO. I then removed trailing white space from math/tgmath.h, support/tst-support-open-dev-null-range.c, and sysdeps/x86_64/multiarch/strlen-vec.S, to work around the following obscure pre-commit check failure diagnostics from Savannah. I don't know why I run into these diagnostics whereas others evidently do not. remote: *** 912-#endif remote: *** 913: remote: *** 914- remote: *** error: lines with trailing whitespace found ... remote: *** error: sysdeps/unix/sysv/linux/statx_cp.c: trailing lines
* elf: Add _dl_audit_preinitAdhemerval Zanella2021-12-281-20/+3
| | | | | | | | | It consolidates the code required to call la_preinit audit callback. Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu. Reviewed-by: Florian Weimer <fweimer@redhat.com>
* hurd: Add rules for static PIE buildSamuel Thibault2021-12-121-5/+12
| | | | This fixes [BZ #28671].
* Remove TLS_TCB_ALIGN and TLS_INIT_TCB_ALIGNFlorian Weimer2021-12-091-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TLS_INIT_TCB_ALIGN is not actually used. TLS_TCB_ALIGN was likely introduced to support a configuration where the thread pointer has not the same alignment as THREAD_SELF. Only ia64 seems to use that, but for the stack/pointer guard, not for storing tcbhead_t. Some ports use TLS_TCB_OFFSET and TLS_PRE_TCB_SIZE to shift the thread pointer, potentially landing in a different residue class modulo the alignment, but the changes should not impact that. In general, given that TLS variables have their own alignment requirements, having different alignment for the (unshifted) thread pointer and struct pthread would potentially result in dynamic offsets, leading to more complexity. hppa had different values before: __alignof__ (tcbhead_t), which seems to be 4, and __alignof__ (struct pthread), which was 8 (old default) and is now 32. However, it defines THREAD_SELF as: /* Return the thread descriptor for the current thread. */ # define THREAD_SELF \ ({ struct pthread *__self; \ __self = __get_cr27(); \ __self - 1; \ }) So the thread pointer points after struct pthread (hence __self - 1), and they have to have the same alignment on hppa as well. Similarly, on ia64, the definitions were different. We have: # define TLS_PRE_TCB_SIZE \ (sizeof (struct pthread) \ + (PTHREAD_STRUCT_END_PADDING < 2 * sizeof (uintptr_t) \ ? ((2 * sizeof (uintptr_t) + __alignof__ (struct pthread) - 1) \ & ~(__alignof__ (struct pthread) - 1)) \ : 0)) # define THREAD_SELF \ ((struct pthread *) ((char *) __thread_self - TLS_PRE_TCB_SIZE)) And TLS_PRE_TCB_SIZE is a multiple of the struct pthread alignment (confirmed by the new _Static_assert in sysdeps/ia64/libc-tls.c). On m68k, we have a larger gap between tcbhead_t and struct pthread. But as far as I can tell, the port is fine with that. The definition of TCB_OFFSET is sufficient to handle the shifted TCB scenario. This fixes commit 23c77f60181eb549f11ec2f913b4270af29eee38 ("nptl: Increase default TCB alignment to 32"). Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
* csu: Always use __executable_start in gmon-start.cFlorian Weimer2021-12-051-26/+3
| | | | | | | | | | | | | | Current binutils defines __executable_start as the lowest text address, so using the entry point address as a fallback is no longer necessary. As a result, overriding <entry.h> is only necessary if the entry point is not called _start. The previous approach to define __ASSEMBLY__ to suppress the declaration breaks if headers included by <entry.h> are not compatible with __ASSEMBLY__. This happens with rseq integration because it is necessary to include kernel headers in more places. Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
* Extend struct r_debug to support multiple namespaces [BZ #15971]H.J. Lu2021-09-192-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Glibc does not provide an interface for debugger to access libraries loaded in multiple namespaces via dlmopen. The current rtld-debugger interface is described in the file: elf/rtld-debugger-interface.txt under the "Standard debugger interface" heading. This interface only provides access to the first link-map (LM_ID_BASE). 1. Bump r_version to 2 when multiple namespaces are used. This triggers the GDB bug: https://sourceware.org/bugzilla/show_bug.cgi?id=28236 2. Add struct r_debug_extended to extend struct r_debug into a linked-list, where each element correlates to an unique namespace. 3. Initialize the r_debug_extended structure. Bump r_version to 2 for the new namespace and add the new namespace to the namespace linked list. 4. Add _dl_debug_update to return the address of struct r_debug' of a namespace. 5. Add a hidden symbol, _r_debug_extended, for struct r_debug_extended. 6. Provide the symbol, _r_debug, with size of struct r_debug, as an alias of _r_debug_extended, for programs which reference _r_debug. This fixes BZ #15971. Reviewed-by: Florian Weimer <fweimer@redhat.com>
* Use __executable_start as the lowest address for profiling [BZ #28153]H.J. Lu2021-08-241-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | Glibc assumes that ENTRY_POINT is the lowest address for which we need to keep profiling records and BFD linker uses a linker script to place the input sections. Starting from GCC 4.6, the main function is placed in .text.startup section and starting from binutils 2.22, BFD linker with commit add44f8d5c5c05e08b11e033127a744d61c26aee Author: Alan Modra <amodra@gmail.com> Date: Thu Nov 25 03:03:02 2010 +0000 * scripttempl/elf.sc: Group .text.exit, text.startup and .text.hot sections. places .text.startup section before .text section, which leave the main function out of profiling records. Starting from binutils 2.15, linker provides __executable_start to mark the lowest address of the executable. Use __executable_start as the lowest address to keep the main function in profiling records. This fixes [BZ #28153]. Tested on Linux/x86-64, Linux/x32 and Linux/i686 as well as with build-many-glibcs.py.
* Force building with -fno-commonFlorian Weimer2021-07-091-2/+1
| | | | | | | | | | As a result, is not necessary to specify __attribute__ ((nocommon)) on individual definitions. GCC 10 defaults to -fno-common on all architectures except ARC, but this change is compatible with older GCC versions and ARC, too. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Use 64 bit time_t stat internallyAdhemerval Zanella2021-06-221-4/+4
| | | | | | | | | | For the legacy ABI with supports 32-bit time_t it calls the 64-bit time directly, since the LFS symbols calls the 64-bit time_t ones internally. Checked on i686-linux-gnu and x86_64-linux-gnu. Reviewed-by: Lukasz Majewski <lukma@denx.de>
* nptl: Remove exit-thread.hAdhemerval Zanella2021-06-041-1/+0
| | | | | No function change. The code is used only for Linux, besides being included in generic code.
* elf: Introduce __tls_pre_init_tpFlorian Weimer2021-05-101-0/+2
| | | | | | | | | | | This is an early variant of __tls_init_tp, primarily for initializing thread-related elements of _rtld_global/GL. Some existing initialization code not needed for NPTL is moved into the generic version of this function. Tested-by: Carlos O'Donell <carlos@redhat.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* elf: Introduce __tls_init_tp for second-phase TCB initializationFlorian Weimer2021-04-211-7/+1
| | | | | | | | | | TLS_INIT_TP is processor-specific, so it is not a good place to put thread library initialization code (it would have to be repeated for all CPUs). Introduce __tls_init_tp as a separate function, to be called immediately after TLS_INIT_TP. Move the existing stack list setup code for NPTL to this function. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* csu: Move calling main out of __libc_start_main_implFlorian Weimer2021-04-211-70/+4
| | | | | | | This code depends on whether glibc has unwinding support for a particular port. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Build libc-start with stack protector for SHAREDSiddhesh Poyarekar2021-03-151-10/+12
| | | | | | | | | | This does not change the emitted code since __libc_start_main does not return, but is important for formal flags compliance. This also cleans up the cosmetic inconsistency in the stack protector flags in csu, especially the incorrect value of STACK_PROTECTOR_LEVEL. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Reduce the statically linked startup code [BZ #23323]Florian Weimer2021-02-254-127/+159
| | | | | | | | | | | | | | | | | | | It turns out the startup code in csu/elf-init.c has a perfect pair of ROP gadgets (see Marco-Gisbert and Ripoll-Ripoll, "return-to-csu: A New Method to Bypass 64-bit Linux ASLR"). These functions are not needed in dynamically-linked binaries because DT_INIT/DT_INIT_ARRAY are already processed by the dynamic linker. However, the dynamic linker skipped the main program for some reason. For maximum backwards compatibility, this is not changed, and instead, the main map is consulted from __libc_start_main if the init function argument is a NULL pointer. For statically linked binaries, the old approach based on linker symbols is still used because there is nothing else available. A new symbol version __libc_start_main@@GLIBC_2.34 is introduced because new binaries running on an old libc would not run their ELF constructors, leading to difficult-to-debug issues.
* csu: Move static pie self relocation later [BZ #27072]Szabolcs Nagy2021-01-211-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IFUNC resolvers may depend on tunables and cpu feature setup so move static pie self relocation after those. It is hard to guarantee that the ealy startup code does not rely on relocations so this is a bit fragile. It would be more robust to handle RELATIVE relocs early and only IRELATIVE relocs later, but the current relocation processing code cannot do that. The early startup code up to relocation processing includes _dl_aux_init (auxvec); __libc_init_secure (); __tunables_init (__environ); ARCH_INIT_CPU_FEATURES (); _dl_relocate_static_pie (); These are simple enough that RELATIVE relocs can be avoided. The following steps include ARCH_SETUP_IREL (); ARCH_SETUP_TLS (); ARCH_APPLY_IREL (); On some targets IRELATIVE processing relies on TLS setup on others TLS setup relies on IRELATIVE relocs, so the right position for _dl_relocate_static_pie is target dependent. For now move self relocation as early as possible on targets that support static PIE. Fixes bug 27072. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Use hidden visibility for early static PIE codeSzabolcs Nagy2021-01-211-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | Extern symbol access in position independent code usually involves GOT indirection which needs RELATIVE reloc in a static linked PIE. (On some targets this is avoided e.g. because the linker can relax a GOT access to a pc-relative access, but this is not generally true.) Code that runs before static PIE self relocation must avoid relying on dynamic relocations which can be ensured by using hidden visibility. However we cannot just make all symbols hidden: On i386, all calls to IFUNC functions must go through PLT and calls to hidden functions CANNOT go through PLT in PIE since EBX used in PIE PLT may not be set up for local calls to hidden IFUNC functions. This patch aims to make symbol references hidden in code that is used before and by _dl_relocate_static_pie when building a static PIE libc. Note: for an object that is used in the startup code, its references and definition may not have consistent visibility: it is only forced hidden in the startup code. This is needed for fixing bug 27072. Co-authored-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* csu: Avoid weak ref for __ehdr_start in static PIESzabolcs Nagy2021-01-211-0/+4
| | | | | | | | | | | | | All linkers support __ehdr_start that support static PIE linking, so there is no need to check for its presence via a weak reference. This avoids a RELATIVE relocation in static PIE startup code on some targets. With non-PIE static linking the weak ref check is kept in case the linker does not support __ehdr_start. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Update copyright dates with scripts/update-copyrightsPaul Eggert2021-01-0214-15/+15
| | | | | | | | | | | | | | | | I used these shell commands: ../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright (cd ../glibc && git commit -am"[this commit message]") and then ignored the output, which consisted lines saying "FOO: warning: copyright statement not found" for each of 6694 files FOO. I then removed trailing white space from benchtests/bench-pthread-locks.c and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this diagnostic from Savannah: remote: *** pre-commit check failed ... remote: *** error: lines with trailing whitespace found remote: error: hook declined to update refs/heads/master
* Replace __libc_multiple_libcs with __libc_initial flagFlorian Weimer2020-12-162-15/+8
| | | | | | | | | | | | | | Change sbrk to fail for !__libc_initial (in the generic implementation). As a result, sbrk is (relatively) safe to use for the __libc_initial case (from the main libc). It is therefore no longer necessary to avoid using it in that case (or updating the brk cache), and the __libc_initial flag does not need to be updated as part of dlmopen or static dlopen. As before, direct brk system calls on Linux may lead to memory corruption. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* nptl: Move stack list variables into _rtld_globalFlorian Weimer2020-11-161-0/+7
| | | | | | | | | Now __thread_gscope_wait (the function behind THREAD_GSCOPE_WAIT, formerly __wait_lookup_done) can be implemented directly in ld.so, eliminating the unprotected GL (dl_wait_lookup_done) function pointer. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Disable spurious -Wstringop-overflow for setjmp/longjmp (bug 26647)Joseph Myers2020-10-301-0/+10
| | | | | | | | | | | | | | | | | Building glibc with GCC 11 fails with (among other warnings) spurious -Wstringop-overflow warnings from calls to setjmp and longjmp with a pointer to a pthread_unwind_buf that is smaller than jmp_buf. As discussed in bug 26647, the warning in libc-start.c is a false positive, because setjmp and longjmp do not access anything (the signal mask) beyond the common prefix of the two structures, so this patch disables the warning for that call to setjmp, as well as for two calls in NPTL code that produce the same warning and look like false positives for the same reason. Tested with build-many-glibcs.py for arm-linux-gnueabi, where this allows the build to get further. Reviewed-by: DJ Delorie <dj@redhat.com>
* Remove internal usage of extensible stat functionsAdhemerval Zanella2020-09-111-1/+1
| | | | | | | | | | | | It replaces the internal usage of __{f,l}xstat{at}{64} with the __{f,l}stat{at}{64}. It should not change the generate code since sys/stat.h explicit defines redirections to internal calls back to xstat* symbols. Checked with a build for all affected ABIs. I also check on x86_64-linux-gnu and i686-linux-gnu. Reviewed-by: Lukasz Majewski <lukma@denx.de>
* Linux: Remove rseq supportFlorian Weimer2020-07-161-6/+0
| | | | | | | | | | | | | | | | | | The kernel ABI is not finalized, and there are now various proposals to change the size of struct rseq, which would make the glibc ABI dependent on the version of the kernels used for building glibc. This is of course not acceptable. This reverts commit 48699da1c468543ade14777819bd1b4d652709de ("elf: Support at least 32-byte alignment in static dlopen"), commit 8f4632deb3545b2949cec5454afc3cb21a0024ea ("Linux: rseq registration tests"), commit 6e29cb3f61ff5432c78a1c84b0d9b123a350ab36 ("Linux: Use rseq in sched_getcpu if available"), and commit 0c76fc3c2b346dc5401dc055d97d4279632b0fb3 ("Linux: Perform rseq registration at C startup and thread creation"), resolving the conflicts introduced by the ARC port and the TLS static surplus changes. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* elf: Support at least 32-byte alignment in static dlopenFlorian Weimer2020-07-121-0/+6
| | | | | | | | | | | Otherwise loading a dynamically linked libc with rseq support fails, as result of the __rseq_abi TLS variable, which has an alignment of 32 bytes. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Vineet Gupta <vgupta@synopsys.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Tested-by: Alistair Francis <alistair.francis@wdc.com>
* rtld: Avoid using up static TLS surplus for optimizations [BZ #25051]Szabolcs Nagy2020-07-081-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | On some targets static TLS surplus area can be used opportunistically for dynamically loaded modules such that the TLS access then becomes faster (TLSDESC and powerpc TLS optimization). However we don't want all surplus TLS to be used for this optimization because dynamically loaded modules with initial-exec model TLS can only use surplus TLS. The new contract for surplus static TLS use is: - libc.so can have up to 192 bytes of IE TLS, - other system libraries together can have up to 144 bytes of IE TLS. - Some "optional" static TLS is available for opportunistic use. The optional TLS is now tunable: rtld.optional_static_tls, so users can directly affect the allocated static TLS size. (Note that module unloading with dlclose does not reclaim static TLS. After the optional TLS runs out, TLS access is no longer optimized to use static TLS.) The default setting of rtld.optional_static_tls is 512 so the surplus TLS is 3*192 + 4*144 + 512 = 1664 by default, the same as before. Fixes BZ #25051. Tested on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* rtld: Account static TLS surplus for audit modulesSzabolcs Nagy2020-07-081-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | The new static TLS surplus size computation is surplus_tls = 192 * (nns-1) + 144 * nns + 512 where nns is controlled via the rtld.nns tunable. This commit accounts audit modules too so nns = rtld.nns + audit modules. rtld.nns should only include the namespaces required by the application, namespaces for audit modules are accounted on top of that so audit modules don't use up the static TLS that is reserved for the application. This allows loading many audit modules without tuning rtld.nns or using up static TLS, and it fixes FAIL: elf/tst-auditmany Note that DL_NNS is currently a hard upper limit for nns, and if rtld.nns + audit modules go over the limit that's a fatal error. By default rtld.nns is 4 which allows 12 audit modules. Counting the audit modules is based on existing audit string parsing code, we cannot use GLRO(dl_naudit) before the modules are actually loaded.
* rtld: Add rtld.nns tunable for the number of supported namespacesSzabolcs Nagy2020-07-081-14/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TLS_STATIC_SURPLUS is 1664 bytes currently which is not enough to support DL_NNS (== 16) number of dynamic link namespaces, if we assume 192 bytes of TLS are reserved for libc use and 144 bytes are reserved for other system libraries that use IE TLS. A new tunable is introduced to control the number of supported namespaces and to adjust the surplus static TLS size as follows: surplus_tls = 192 * (rtld.nns-1) + 144 * rtld.nns + 512 The default is rtld.nns == 4 and then the surplus TLS size is the same as before, so the behaviour is unchanged by default. If an application creates more namespaces than the rtld.nns setting allows, then it is not guaranteed to work, but the limit is not checked. So existing usage will continue to work, but in the future if an application creates more than 4 dynamic link namespaces then the tunable will need to be set. In this patch DL_NNS is a fixed value and provides a maximum to the rtld.nns setting. Static linking used fixed 2048 bytes surplus TLS, this is changed so the same contract is used as for dynamic linking. With static linking DL_NNS == 1 so rtld.nns tunable is forced to 1, so by default the surplus TLS is reduced to 144 + 512 = 656 bytes. This change is not expected to cause problems. Tested on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Rewrite abi-note.S in C.Szabolcs Nagy2020-07-081-10/+15
| | | | | | | | Using C code allows the compiler to add target specific object file markings based on CFLAGS. The arm specific abi-note.S is removed and similar object file fix up will be avoided on AArch64 with standard branch protection.
* Remove NO_CTORS_DTORS_SECTIONS macroFlorian Weimer2020-05-181-4/+0
| | | | | | | | | | | This was originally added to support binutils older than version 2.22: <https://sourceware.org/ml/libc-alpha/2010-12/msg00051.html> Since 2.22 is older than the minimum required binutils version for building glibc, we no longer need this. (The changes do not impact the statically linked startup code.)
* elf: Add initial flag argument to __libc_early_initFlorian Weimer2020-04-291-1/+2
| | | | | | | | | | | The rseq initialization should happen only for the libc in the base namespace (in the dynamic case) or the statically linked libc. The __libc_multiple_libcs flag does not quite cover this case at present, so this commit introduces a flag argument to __libc_early_init, indicating whether the libc being libc is the primary one (of the main program). Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* elf: Implement __libc_early_initFlorian Weimer2020-04-242-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This function is defined in libc.so, and the dynamic loader calls right after relocation has been finished, before any ELF constructors or the preinit function is invoked. It is also used in the static build for initializing parts of the static libc. To locate __libc_early_init, a direct symbol lookup function is used, _dl_lookup_direct. It does not search the entire symbol scope and consults merely a single link map. This function could also be used to implement lookups in the vDSO (as an optimization). A per-namespace variable (libc_map) is added for locating libc.so, to avoid repeated traversals of the search scope. It is similar to GL(dl_initfirst). An alternative would have been to thread a context argument from _dl_open down to _dl_map_object_from_fd (where libc.so is identified). This could have avoided the global variable, but the change would be larger as a result. It would not have been possible to use this to replace GL(dl_initfirst) because that global variable is used to pass the function pointer past the stack switch from dl_main to the main program. Replacing that requires adding a new argument to _dl_init, which in turn needs changes to the architecture-specific libc.so startup code written in assembler. __libc_early_init should not be used to replace _dl_var_init (as it exists today on some architectures). Instead, _dl_lookup_direct should be used to look up a new variable symbol in libc.so, and that should then be initialized from the dynamic loader, immediately after the object has been loaded in _dl_map_object_from_fd (before relocation is run). This way, more IFUNC resolvers which depend on these variables will work. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* csu: Use ELF constructor instead of _init in libc.soFlorian Weimer2020-02-251-6/+6
| | | | | | | | On !ELF_INITFINI architectures, _init is no longer called by the dynamic linker. We can use an ELF constructor instead because the constructor order does not matter. (The other constructors are used to set up libio vtable bypasses and do not depend on this initialization routine.)
* Introduce <elf-initfini.h> and ELF_INITFINI for all architecturesFlorian Weimer2020-02-182-3/+12
| | | | | | | | | | | | | | | | This supersedes the init_array sysdeps directory. It allows us to check for ELF_INITFINI in both C and assembler code, and skip DT_INIT and DT_FINI processing completely on newer architectures. A new header file is needed because <dl-machine.h> is incompatible with assembler code. <sysdep.h> is compatible with assembler code, but it cannot be included in all assembler files because on some architectures, it redefines register names, and some assembler files conflict with that. <elf-initfini.h> is replicated for legacy architectures which need DT_INIT/DT_FINI support. New architectures follow the generic default and disable it.
* elf: Move vDSO setup to rtld (BZ#24967)Adhemerval Zanella2020-01-031-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | This patch moves the vDSO setup from libc to loader code, just after the vDSO link_map setup. For static case the initialization is moved to _dl_non_dynamic_init instead. Instead of using the mangled pointer, the vDSO data is set as attribute_relro (on _rtld_global_ro for shared or _dl_vdso_* for static). It is read-only even with partial relro. It fixes BZ#24967 now that the vDSO pointer is setup earlier than malloc interposition is called. Also, vDSO calls should not be a problem for static dlopen as indicated by BZ#20802. The vDSO pointer would be zero-initialized and the syscall will be issued instead. Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu, arm-linux-gnueabihf, powerpc64le-linux-gnu, powerpc64-linux-gnu, powerpc-linux-gnu, s390x-linux-gnu, sparc64-linux-gnu, and sparcv9-linux-gnu. I also run some tests on mips. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* Update copyright dates not handled by scripts/update-copyrights.Joseph Myers2020-01-011-1/+1
| | | | | | | | | | | | | | | I've updated copyright dates in glibc for 2020. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. As well as the usual annual updates, mainly dates in --version output (minus libc.texinfo which previously had to be handled manually but is now successfully updated by update-copyrights), there is a fix to sysdeps/unix/sysv/linux/powerpc/bits/termios-c_lflag.h where a typo in the copyright notice meant it failed to be updated automatically. Please remember to include 2020 in the dates for any new files added in future (which means updating any existing uncommitted patches you have that add new files to use the new copyright dates in them).
* Update copyright dates with scripts/update-copyrights.Joseph Myers2020-01-0114-14/+14
|
* Introduce link_map_audit_state accessor functionFlorian Weimer2019-11-151-1/+1
| | | | | | | | | | | | To improve GCC 10 compatibility, it is necessary to remove the l_audit zero-length array from the end of struct link_map. In preparation of that, this commit introduces an accessor function for the audit state, so that it is possible to change the representation of the audit state without adjusting the code that accesses it. Tested on x86_64-linux-gnu. Built on i686-gnu. Change-Id: Id815673c29950fc011ae5301d7cde12624f658df
* slotinfo in struct dtv_slotinfo_list should be flexible array [BZ #25097]Florian Weimer2019-11-121-20/+14
| | | | | | | | | GCC 10 will warn about subscribing inner length zero arrays. Use a GCC extension in csu/libc-tls.c to allocate space for the static_slotinfo variable. Adjust nptl_db so that the type description machinery does not attempt to determine the size of the flexible array member slotinfo. Change-Id: I51be146a7857186a4ede0bb40b332509487bdde8
* Prefer https to http for gnu.org and fsf.org URLsPaul Eggert2019-09-0714-14/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, change sources.redhat.com to sourceware.org. This patch was automatically generated by running the following shell script, which uses GNU sed, and which avoids modifying files imported from upstream: sed -ri ' s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g ' \ $(find $(git ls-files) -prune -type f \ ! -name '*.po' \ ! -name 'ChangeLog*' \ ! -path COPYING ! -path COPYING.LIB \ ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \ ! -path manual/texinfo.tex ! -path scripts/config.guess \ ! -path scripts/config.sub ! -path scripts/install-sh \ ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \ ! -path INSTALL ! -path locale/programs/charmap-kw.h \ ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \ ! '(' -name configure \ -execdir test -f configure.ac -o -f configure.in ';' ')' \ ! '(' -name preconfigure \ -execdir test -f preconfigure.ac ';' ')' \ -print) and then by running 'make dist-prepare' to regenerate files built from the altered files, and then executing the following to cleanup: chmod a+x sysdeps/unix/sysv/linux/riscv/configure # Omit irrelevant whitespace and comment-only changes, # perhaps from a slightly-different Autoconf version. git checkout -f \ sysdeps/csky/configure \ sysdeps/hppa/configure \ sysdeps/riscv/configure \ sysdeps/unix/sysv/linux/csky/configure # Omit changes that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines git checkout -f \ sysdeps/powerpc/powerpc64/ppc-mcount.S \ sysdeps/unix/sysv/linux/s390/s390-64/syscall.S # Omit change that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
* Update copyright dates not handled by scripts/update-copyrights.Joseph Myers2019-01-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I've updated copyright dates in glibc for 2019. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. Please remember to include 2019 in the dates for any new files added in future (which means updating any existing uncommitted patches you have that add new files to use the new copyright dates in them). * NEWS: Update copyright dates. * catgets/gencat.c (print_version): Likewise. * csu/version.c (banner): Likewise. * debug/catchsegv.sh: Likewise. * debug/pcprofiledump.c (print_version): Likewise. * debug/xtrace.sh (do_version): Likewise. * elf/ldconfig.c (print_version): Likewise. * elf/ldd.bash.in: Likewise. * elf/pldd.c (print_version): Likewise. * elf/sotruss.sh: Likewise. * elf/sprof.c (print_version): Likewise. * iconv/iconv_prog.c (print_version): Likewise. * iconv/iconvconfig.c (print_version): Likewise. * locale/programs/locale.c (print_version): Likewise. * locale/programs/localedef.c (print_version): Likewise. * login/programs/pt_chown.c (print_version): Likewise. * malloc/memusage.sh (do_version): Likewise. * malloc/memusagestat.c (print_version): Likewise. * malloc/mtrace.pl: Likewise. * manual/libc.texinfo: Likewise. * nptl/version.c (banner): Likewise. * nscd/nscd.c (print_version): Likewise. * nss/getent.c (print_version): Likewise. * nss/makedb.c (print_version): Likewise. * posix/getconf.c (main): Likewise. * scripts/test-installation.pl: Likewise. * sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
* Update copyright dates with scripts/update-copyrights.Joseph Myers2019-01-0114-14/+14
| | | | | | | * All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
* Build csu/elf-init.c and csu/static-reloc.c with stack protectorFlorian Weimer2018-07-051-0/+16
| | | | | | | This does not change generated code (with -fstack-protector-strong), but is important for formal compiler flags compliance. Reviewed-by: Carlos O'Donell <carlos@redhat.com>