From 49b58457611edc2fccba4f6bbaff46128be15ecc Mon Sep 17 00:00:00 2001 From: abushwang Date: Wed, 17 Sep 2025 14:43:17 +0800 Subject: [PATCH] backport patches from upstream 2.38 branch Signed-off-by: abushwang --- ...e-unused-l_text_end-field-from-struc.patch | 135 ++ ...-Do-not-clobber-r7-in-clone-BZ-31402.patch | 157 ++ ...t-run-constructors-for-proxy-objects.patch | 37 + 0001-pthreads-NPTL-lost-wakeup-fix-2.patch | 4 +- ...90x-Fix-segfault-in-wcsncmp-BZ-31934.patch | 58 + ...-Clear-O_CREAT-when-semaphore-file-i.patch | 15 +- ...cache-computation-on-AMD-legacy-cpus.patch | 286 ++++ ...-2023-4806-and-CVE-2023-5156-in-NEWS.patch | 36 + ...s-call-destructors-in-reverse-constr.patch | 593 +++++++ ...destructors-in-reverse-constructor-o.patch | 669 ++++++++ ...rbosity-with-unrecognized-encoding-n.patch | 32 + ...rea-unconditionally-in-sched_getcpu-.patch | 52 + ...ents-and-indentation-for-new-condvar.patch | 4 +- ...ntial-merge-of-__rseq_-relro-symbols.patch | 161 ++ ...Do-not-rebuild-getaddrinfo-bug-30709.patch | 185 +++ ...te-GLIBC_TUNABLES-in-setxid-binaries.patch | 32 + ...l_init_called_next-to-old-place-of-l.patch | 42 + ...-elf-Make-dl-rseq-symbols-Linux-only.patch | 51 + ...d-l_text_end-field-from-struct-link_.patch | 142 ++ ...cessary-catch-all-wake-in-condvar-gr.patch | 4 +- ...r-build-with-fortify-enable-with-gcc.patch | 50 + ...t-scope-of-setting-shared_per_thread.patch | 45 + ...from-Linux-6.5-to-AArch64-bits-hwcap.patch | 27 + ...q_size-useful-for-feature-detection-.patch | 171 ++ ...Arch-Add-support-for-TLS-Descriptors.patch | 6 +- ...called_next-to-old-place-of-l_text_e.patch | 41 + ...i-Add-missing-item-EPERM-for-getpgid.patch | 30 + ...cessary-quadruple-check-in-pthread_c.patch | 4 +- ...uild-with-disable-multiarch-BZ-30721.patch | 60 + ...pport-for-MOPS-memcpy-memmove-memset.patch | 314 ++++ 0005-NEWS-Add-the-2.38.1-bug-list.patch | 37 + ...686-Fix-build-with-disable-multiarch.patch | 100 ++ ...move-g_refs-from-condition-variables.patch | 4 +- ...rt-error-responses-to-match-any-quer.patch | 223 +++ 0006-AArch64-Cleanup-ifuncs.patch | 540 ++++++ ...e-loop-in-pthread_cond_wait-instaed-.patch | 4 +- ...it-for-non-existing-second-DNS-respo.patch | 232 +++ 0007-AArch64-Cleanup-emag-memset.patch | 348 ++++ 0007-nptl-Fix-indentation.patch | 4 +- ...gle-request-fallback-via-_res._flags.patch | 81 + 0008-AArch64-Add-memset_zva64.patch | 228 +++ ...the-mremap-C-implementation-BZ-31968.patch | 68 + ...name-__condvar_quiesce_and_switch_g1.patch | 4 +- ...sdeps-tst-bz21269-fix-test-parameter.patch | 31 + 0009-AArch64-Remove-Falkor-memcpy.patch | 468 ++++++ 0009-mremap-Update-manual-entry.patch | 88 + ...tl-Use-all-of-g1_start-and-g_signals.patch | 4 +- ...269-handle-ENOSYS-skip-appropriately.patch | 42 + 0010-Add-mremap-tests.patch | 302 ++++ ...4-correct-CFI-in-rawmemchr-bug-31113.patch | 31 + ...D_INITIALIZER-compatibility-with-pre.patch | 4 +- ...sysdeps-tst-bz21269-fix-Wreturn-type.patch | 30 + 0011-Update-syscall-lists-for-Linux-6.5.patch | 394 +++++ ...x-check-for-SVE-support-in-assembler.patch | 61 + ...cking-contants-for-powerpc64-with-__.patch | 91 + ...-Check-kernel-version-for-SVE-ifuncs.patch | 153 ++ ...esolv-short-response-for-older-GCC-b.patch | 35 + ...o-address-determination-for-PCREL-mo.patch | 56 + ...bit-check-on-sparc32-wordsize-BZ-275.patch | 38 + ...ult-sizes-of-structs-utmp-utmpx-last.patch | 247 +++ ...mp-utmpx-lastlog-_TIME_BITS-independ.patch | 399 +++++ ...cel30-on-kernels-without-ppoll_time6.patch | 55 + ...for-SSE2-disable-multi-arch-configur.patch | 26 + ...formation-support-for-Hygon-processo.patch | 14 +- ...ix-Zen3-Zen4-ERMS-selection-BZ-30994.patch | 53 +- ...e-memset-perf-with-non-temporal-stor.patch | 8 +- ...le-dl-misc.os-with-rtld-early-cflags.patch | 54 + ...t-for-return-type-of-addgetnetgrentX.patch | 36 + ...unaligned-accesses-in-resolver-BZ-30.patch | 57 + ...estination-to-1x-VEC_SIZE-in-memset-.patch | 12 +- ...e2545588a837f4b6715a90f5a22f9fc99c46.patch | 33 +- ...eb61fc2845b7f80dba7c56bd7f7a55b63a59.patch | 259 +++ ...e48a2858ae901b4cf532a5d7a88931f1c149.patch | 166 ++ ...d818e54157d6042c4a03b07d93f05d1e492a.patch | 69 + ...5015c9b28ea521d816237805fbbee5224c86.patch | 216 +++ ...6f136680905b56cc816a01674550d2c17bf4.patch | 520 ++++++ ...6d885c7acd2b74e4f78a35fbd7ac251ebc1f.patch | 1469 +++++++++++++++++ AArch64-Add-SVE-memset.patch | 200 +++ AArch64-Improve-generic-strlen.patch | 92 ++ AArch64-Optimize-memset.patch | 287 ++++ AArch64-Remove-zva_128-from-memset.patch | 65 + ...Use-prefer_sve_ifuncs-for-SVE-memset.patch | 29 + ....o-for-glibc-2.0-compatibility-tests.patch | 231 +++ Apply-the-Makefile-sorting-fix.patch | 156 ++ ...ack-read-overflow-with-large-TCP-res.patch | 37 +- ...use-after-free-in-getcanonname-CVE-2.patch | 9 +- ...ddrinfo-introduced-by-the-fix-for-CV.patch | 14 +- ...buffer-overflow-in-__vsyslog_interna.patch | 9 +- ...buffer-overflow-in-__vsyslog_interna.patch | 7 +- ...er-overflow-in-__vsyslog_internal-CV.patch | 7 +- ...N-EXT-fix-out-of-bound-writes-when-w.patch | 14 +- ...scd-Stack-based-buffer-overflow-in-n.patch | 9 +- ...scd-Avoid-null-pointer-crashes-after.patch | 9 +- ...scd-Do-not-send-missing-not-found-re.patch | 9 +- ...VE-2024-33602-nscd-netgroup-Use-two-.patch | 9 +- ...ion-of-abort_msg_s-struct-CVE-2025-0.patch | 29 +- ...BRARY_PATH-and-debug-env-var-for-set.patch | 6 +- ...-free-after-allocation-failure-in-re.patch | 18 +- ...te-if-end-of-input-is-reached-CVE-20.patch | 24 +- ...orting-false-negatives-in-SGID-tests.patch | 320 ++++ ...iolation-in-fortify-wrappers-bug-320.patch | 298 ++++ ...H-for-enable-hardcoded-path-in-tests.patch | 50 + Make-tst-ungetc-use-libsupport.patch | 147 ++ ...ug-fixes-for-29039-30694-30709-30721.patch | 27 + NEWS-Mention-bug-fixes-for-30745-30843.patch | 30 + ...ing-with-disable-mutli-arch-BZ-31196.patch | 66 + Update-syscall-lists-for-Linux-6.6.patch | 406 +++++ Update-syscall-lists-for-Linux-6.7.patch | 671 ++++++++ ...ong-ldr-from-_dl_start_user-BZ-31339.patch | 40 + ..._object-on-__gnu_Unwind_Find_exidx-B.patch | 202 +++ ...rt-assert-Add-test-for-CVE-2025-0395.patch | 2 +- ...irectory-name-in-search-path-BZ-3103.patch | 220 +++ ...c-PIE-with-non-zero-load-address-BZ-.patch | 306 ++++ ...troduce-_dl_relocate_object_no_relro.patch | 89 + ...inimal-malloc-after-early-DTV-resize.patch | 192 +++ ...malloc_init_stubs-call-into-_dl_star.patch | 39 + ...in-malloc-after-final-ld.so-self-rel.patch | 217 +++ ...id-jumping-over-a-needed-declaration.patch | 40 + ...ort-libio-Fix-oversized-__io_vtables.patch | 4 +- ...-alignment-of-main-loop-in-str-n-cmp.patch | 11 +- ...88fc71aa5657662c5c4f176a51034b029ac4.patch | 7 +- ...c13e039df061c7bf48e458e9ea26fa3ca8a3.patch | 35 + ...d-TLS-modid-reuse-test-for-bug-29039.patch | 210 +++ ...-to-check-if-tunable-is-set-BZ-27069.patch | 201 +++ ...ree-NULL-calls-in-_dl_update_slotinf.patch | 50 + ...nfig-auxcache-magic-number-bug-32231.patch | 49 + ...a-copy-of-_dl_find_object-to-libc.so.patch | 101 ++ ...d-reuse-generation-assignment-BZ-290.patch | 53 + ...low-tls-access-after-dlopen-BZ-19924.patch | 328 ++++ ...ss-status-handling-for-tst-dlopen-sg.patch | 62 + ...-wrong-break-removal-from-8ee878592c.patch | 26 + ...rsive-use-of-dynamic-TLS-in-interpos.patch | 521 ++++++ ...est-case-for-bug-32976-CVE-2025-4802.patch | 166 ++ ...slate-ENOMEM-to-EAI_MEMORY-bug-31163.patch | 36 + glibc.spec | 299 +++- ...d-GLIBC_ABI_GNU_TLS-version-BZ-33221.patch | 66 + ...-GLIBC_ABI_GNU2_TLS-version-BZ-33129.patch | 98 ++ ...el-Xeon-Phi-tests-for-GCC-15-and-abo.patch | 68 + i386-Fail-if-configured-with-enable-cet.patch | 15 + i386-Ignore-enable-cet.patch | 14 + ...ls_get_addr-to-preserve-vector-regis.patch | 1186 +++++++++++++ ...de-backup-free-only-for-non-legacy-c.patch | 54 + ...ining-buffer-size-in-_IO_wdo_write-b.patch | 48 + ...rging-of-remainders-in-memalign-bug-.patch | 290 +--- ...AP_HUGETLB-with-glibc.malloc.hugetlb.patch | 50 + ...bin-scanning-from-memalign-bug-30723.patch | 269 +++ ...ection-for-malloc-like-functions-in-.patch | 187 +++ malloc-cleanup-casts-in-tst-calloc.patch | 32 + malloc-obscure-calloc-use-in-tst-calloc.patch | 60 + math-Improve-layout-of-exp-exp10-data.patch | 39 + math-Improve-layout-of-expf-data.patch | 34 + ...rt-for-Linux-uio.h-RWF_NOAPPEND-flag.patch | 75 + ...cpu_id_start-prior-to-rseq-registrat.patch | 34 + ...lize-rseq-area-prior-to-registration.patch | 61 + ...x-broken-memset-for-sparc32-BZ-31068.patch | 43 + ...4-memmove-length-comparison-BZ-31266.patch | 32 + ...ind-information-from-signal-return-s.patch | 74 + ...nwind-information-from-signal-return.patch | 42 + ...-test-for-vfscanf-with-matches-longe.patch | 176 ++ ...st-realpath-compatibility-with-sourc.patch | 43 + ...g-setenv-with-updated-environ-BZ-325.patch | 75 + ...t-Add-support_record_failure_barrier.patch | 49 + ...up-in-support_capture_subprogram_sel.patch | 112 ++ ...t-char-argument-in-support_capture_s.patch | 64 + ...p-buffer-leak-on-program-exit-BZ-278.patch | 145 ++ ...tialized-read-when-putting-into-unus.patch | 78 + ...-the-dtv-field-load-for-x32-BZ-31184.patch | 68 + ...-the-tcb-field-load-for-x32-BZ-31185.patch | 69 + ...r-truncation-with-large-cache-sizes-.patch | 49 + ...wer-byte-of-EAX-of-CPUID-leaf-2-BZ-3.patch | 77 + ...ix-bug-in-strchrnul-evex512-BZ-32078.patch | 162 ++ x86_64-Add-expm1-with-FMA.patch | 135 ++ x86_64-Add-log1p-with-FMA.patch | 140 ++ x86_64-Add-log2-with-FMA.patch | 102 ++ ...ng-wcsncat-function-definition-witho.patch | 44 + x86_64-Fix-typo-in-ifunc-impl-list.c.patch | 38 + ...64-Optimize-ffsll-function-code-size.patch | 50 + x86_64-Sort-fpu-multiarch-Makefile.patch | 144 ++ 178 files changed, 21802 insertions(+), 517 deletions(-) create mode 100644 0001-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch create mode 100644 0001-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch create mode 100644 0001-elf-Do-not-run-constructors-for-proxy-objects.patch create mode 100644 0001-s390x-Fix-segfault-in-wcsncmp-BZ-31934.patch create mode 100644 0001-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch create mode 100644 0002-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch create mode 100644 0002-Revert-elf-Always-call-destructors-in-reverse-constr.patch create mode 100644 0002-elf-Always-call-destructors-in-reverse-constructor-o.patch create mode 100644 0002-iconv-restore-verbosity-with-unrecognized-encoding-n.patch create mode 100644 0002-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch create mode 100644 0002-nptl-fix-potential-merge-of-__rseq_-relro-symbols.patch create mode 100644 0002-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch create mode 100644 0003-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch create mode 100644 0003-Revert-elf-Move-l_init_called_next-to-old-place-of-l.patch create mode 100644 0003-elf-Make-dl-rseq-symbols-Linux-only.patch create mode 100644 0003-elf-Remove-unused-l_text_end-field-from-struct-link_.patch create mode 100644 0003-string-Fix-tester-build-with-fortify-enable-with-gcc.patch create mode 100644 0003-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch create mode 100644 0004-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch create mode 100644 0004-Linux-Make-__rseq_size-useful-for-feature-detection-.patch create mode 100644 0004-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch create mode 100644 0004-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch create mode 100644 0004-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch create mode 100644 0005-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch create mode 100644 0005-NEWS-Add-the-2.38.1-bug-list.patch create mode 100644 0005-i686-Fix-build-with-disable-multiarch.patch create mode 100644 0005-resolv-Allow-short-error-responses-to-match-any-quer.patch create mode 100644 0006-AArch64-Cleanup-ifuncs.patch create mode 100644 0006-resolv-Do-not-wait-for-non-existing-second-DNS-respo.patch create mode 100644 0007-AArch64-Cleanup-emag-memset.patch create mode 100644 0007-resolv-Track-single-request-fallback-via-_res._flags.patch create mode 100644 0008-AArch64-Add-memset_zva64.patch create mode 100644 0008-linux-Update-the-mremap-C-implementation-BZ-31968.patch create mode 100644 0008-sysdeps-tst-bz21269-fix-test-parameter.patch create mode 100644 0009-AArch64-Remove-Falkor-memcpy.patch create mode 100644 0009-mremap-Update-manual-entry.patch create mode 100644 0009-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch create mode 100644 0010-Add-mremap-tests.patch create mode 100644 0010-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch create mode 100644 0010-sysdeps-tst-bz21269-fix-Wreturn-type.patch create mode 100644 0011-Update-syscall-lists-for-Linux-6.5.patch create mode 100644 0011-aarch64-fix-check-for-SVE-support-in-assembler.patch create mode 100644 0011-io-Fix-record-locking-contants-for-powerpc64-with-__.patch create mode 100644 0012-AArch64-Check-kernel-version-for-SVE-ifuncs.patch create mode 100644 0012-resolv-Fix-tst-resolv-short-response-for-older-GCC-b.patch create mode 100644 0013-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch create mode 100644 0015-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch create mode 100644 0016-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch create mode 100644 0017-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch create mode 100644 0018-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch create mode 100644 0019-i386-ulp-update-for-SSE2-disable-multi-arch-configur.patch create mode 100644 0024-elf-Also-compile-dl-misc.os-with-rtld-early-cflags.patch create mode 100644 0025-nscd-Use-time_t-for-return-type-of-addgetnetgrentX.patch create mode 100644 0026-resolv-Fix-some-unaligned-accesses-in-resolver-BZ-30.patch create mode 100644 2ce5eb61fc2845b7f80dba7c56bd7f7a55b63a59.patch create mode 100644 2d34e48a2858ae901b4cf532a5d7a88931f1c149.patch create mode 100644 3f0dd818e54157d6042c4a03b07d93f05d1e492a.patch create mode 100644 5cb05015c9b28ea521d816237805fbbee5224c86.patch create mode 100644 6f076f136680905b56cc816a01674550d2c17bf4.patch create mode 100644 88866d885c7acd2b74e4f78a35fbd7ac251ebc1f.patch create mode 100644 AArch64-Add-SVE-memset.patch create mode 100644 AArch64-Improve-generic-strlen.patch create mode 100644 AArch64-Optimize-memset.patch create mode 100644 AArch64-Remove-zva_128-from-memset.patch create mode 100644 AArch64-Use-prefer_sve_ifuncs-for-SVE-memset.patch create mode 100644 Add-crt1-2.0.o-for-glibc-2.0-compatibility-tests.patch create mode 100644 Apply-the-Makefile-sorting-fix.patch create mode 100644 Fix-error-reporting-false-negatives-in-SGID-tests.patch create mode 100644 Fix-name-space-violation-in-fortify-wrappers-bug-320.patch create mode 100644 Force-DT_RPATH-for-enable-hardcoded-path-in-tests.patch create mode 100644 Make-tst-ungetc-use-libsupport.patch create mode 100644 NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch create mode 100644 NEWS-Mention-bug-fixes-for-30745-30843.patch create mode 100644 S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch create mode 100644 Update-syscall-lists-for-Linux-6.6.patch create mode 100644 Update-syscall-lists-for-Linux-6.7.patch create mode 100644 arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch create mode 100644 arm-Use-_dl_find_object-on-__gnu_Unwind_Find_exidx-B.patch create mode 100644 backport-elf-Handle-non-directory-name-in-search-path-BZ-3103.patch create mode 100644 backport-elf-Handle-static-PIE-with-non-zero-load-address-BZ-.patch create mode 100644 backport-elf-Introduce-_dl_relocate_object_no_relro.patch create mode 100644 backport-elf-Keep-using-minimal-malloc-after-early-DTV-resize.patch create mode 100644 backport-elf-Move-__rtld_malloc_init_stubs-call-into-_dl_star.patch create mode 100644 backport-elf-Switch-to-main-malloc-after-final-ld.so-self-rel.patch create mode 100644 backport-elf-avoid-jumping-over-a-needed-declaration.patch create mode 100644 e925c13e039df061c7bf48e458e9ea26fa3ca8a3.patch create mode 100644 elf-Add-TLS-modid-reuse-test-for-bug-29039.patch create mode 100644 elf-Add-a-way-to-check-if-tunable-is-set-BZ-27069.patch create mode 100644 elf-Avoid-some-free-NULL-calls-in-_dl_update_slotinf.patch create mode 100644 elf-Change-ldconfig-auxcache-magic-number-bug-32231.patch create mode 100644 elf-Do-not-add-a-copy-of-_dl_find_object-to-libc.so.patch create mode 100644 elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch create mode 100644 elf-Fix-slow-tls-access-after-dlopen-BZ-19924.patch create mode 100644 elf-Fix-subprocess-status-handling-for-tst-dlopen-sg.patch create mode 100644 elf-Fix-wrong-break-removal-from-8ee878592c.patch create mode 100644 elf-Support-recursive-use-of-dynamic-TLS-in-interpos.patch create mode 100644 elf-Test-case-for-bug-32976-CVE-2025-4802.patch create mode 100644 getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch create mode 100644 i386-Add-GLIBC_ABI_GNU_TLS-version-BZ-33221.patch create mode 100644 i386-Also-add-GLIBC_ABI_GNU2_TLS-version-BZ-33129.patch create mode 100644 i386-Disable-Intel-Xeon-Phi-tests-for-GCC-15-and-abo.patch create mode 100644 i386-Update-___tls_get_addr-to-preserve-vector-regis.patch create mode 100644 libio-Attempt-wide-backup-free-only-for-non-legacy-c.patch create mode 100644 libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch rename 0001-glibc-2.38-memalign_fix-1.patch => malloc-Enable-merging-of-remainders-in-memalign-bug-.patch (54%) create mode 100644 malloc-Improve-MAP_HUGETLB-with-glibc.malloc.hugetlb.patch create mode 100644 malloc-Remove-bin-scanning-from-memalign-bug-30723.patch create mode 100644 malloc-add-indirection-for-malloc-like-functions-in-.patch create mode 100644 malloc-cleanup-casts-in-tst-calloc.patch create mode 100644 malloc-obscure-calloc-use-in-tst-calloc.patch create mode 100644 math-Improve-layout-of-exp-exp10-data.patch create mode 100644 math-Improve-layout-of-expf-data.patch create mode 100644 misc-Add-support-for-Linux-uio.h-RWF_NOAPPEND-flag.patch create mode 100644 nptl-initialize-cpu_id_start-prior-to-rseq-registrat.patch create mode 100644 nptl-initialize-rseq-area-prior-to-registration.patch create mode 100644 sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch create mode 100644 sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch create mode 100644 sparc-Remove-unwind-information-from-signal-return-s.patch create mode 100644 sparc64-Remove-unwind-information-from-signal-return.patch create mode 100644 stdio-common-Add-test-for-vfscanf-with-matches-longe.patch create mode 100644 stdlib-Improve-tst-realpath-compatibility-with-sourc.patch create mode 100644 stdlib-Test-using-setenv-with-updated-environ-BZ-325.patch create mode 100644 support-Add-support_record_failure_barrier.patch create mode 100644 support-Pick-group-in-support_capture_subprogram_sel.patch create mode 100644 support-Use-const-char-argument-in-support_capture_s.patch create mode 100644 ungetc-Fix-backup-buffer-leak-on-program-exit-BZ-278.patch create mode 100644 ungetc-Fix-uninitialized-read-when-putting-into-unus.patch create mode 100644 x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch create mode 100644 x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch create mode 100644 x86-Avoid-integer-truncation-with-large-cache-sizes-.patch create mode 100644 x86-Check-the-lower-byte-of-EAX-of-CPUID-leaf-2-BZ-3.patch create mode 100644 x86-Fix-bug-in-strchrnul-evex512-BZ-32078.patch create mode 100644 x86_64-Add-expm1-with-FMA.patch create mode 100644 x86_64-Add-log1p-with-FMA.patch create mode 100644 x86_64-Add-log2-with-FMA.patch create mode 100644 x86_64-Fix-missing-wcsncat-function-definition-witho.patch create mode 100644 x86_64-Fix-typo-in-ifunc-impl-list.c.patch create mode 100644 x86_64-Optimize-ffsll-function-code-size.patch create mode 100644 x86_64-Sort-fpu-multiarch-Makefile.patch diff --git a/0001-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch b/0001-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch new file mode 100644 index 0000000..90d6c1f --- /dev/null +++ b/0001-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch @@ -0,0 +1,135 @@ +From e0b6c9706c91a642c781918eea52588ee8dc9f09 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 18 Oct 2023 14:22:59 +0200 +Subject: [PATCH 1/3] Revert "elf: Remove unused l_text_end field from struct + link_map" + +This reverts commit 750f19526ae71aac801c77a3f7ef5374890c09b7. + +Reason for revert: Restore ABI after revert of commit a3189f66a5f. +--- + elf/dl-load.c | 2 +- + elf/dl-load.h | 7 +++++-- + elf/rtld.c | 6 ++++++ + elf/setup-vdso.h | 4 ++++ + include/link.h | 2 ++ + 5 files changed, 18 insertions(+), 3 deletions(-) + +diff --git a/elf/dl-load.c b/elf/dl-load.c +index 2923b1141d..9a87fda9c9 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1253,7 +1253,7 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, + + /* Now process the load commands and map segments into memory. + This is responsible for filling in: +- l_map_start, l_map_end, l_addr, l_contiguous, l_phdr ++ l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr + */ + errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds, + maplength, has_holes, loader); +diff --git a/elf/dl-load.h b/elf/dl-load.h +index 1d5207694b..ecf6910c68 100644 +--- a/elf/dl-load.h ++++ b/elf/dl-load.h +@@ -83,11 +83,14 @@ struct loadcmd + + /* This is a subroutine of _dl_map_segments. It should be called for each + load command, some time after L->l_addr has been set correctly. It is +- responsible for setting the l_phdr fields */ ++ responsible for setting up the l_text_end and l_phdr fields. */ + static __always_inline void + _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, + const struct loadcmd *c) + { ++ if (c->prot & PROT_EXEC) ++ l->l_text_end = l->l_addr + c->mapend; ++ + if (l->l_phdr == 0 + && c->mapoff <= header->e_phoff + && ((size_t) (c->mapend - c->mapstart + c->mapoff) +@@ -100,7 +103,7 @@ _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, + + /* This is a subroutine of _dl_map_object_from_fd. It is responsible + for filling in several fields in *L: l_map_start, l_map_end, l_addr, +- l_contiguous, l_phdr. On successful return, all the ++ l_contiguous, l_text_end, l_phdr. On successful return, all the + segments are mapped (or copied, or whatever) from the file into their + final places in the address space, with the correct page permissions, + and any bss-like regions already zeroed. It returns a null pointer +diff --git a/elf/rtld.c b/elf/rtld.c +index 5107d16fe3..a91e2a4471 100644 +--- a/elf/rtld.c ++++ b/elf/rtld.c +@@ -477,6 +477,7 @@ _dl_start_final (void *arg, struct dl_start_final_info *info) + GL(dl_rtld_map).l_real = &GL(dl_rtld_map); + GL(dl_rtld_map).l_map_start = (ElfW(Addr)) &__ehdr_start; + GL(dl_rtld_map).l_map_end = (ElfW(Addr)) _end; ++ GL(dl_rtld_map).l_text_end = (ElfW(Addr)) _etext; + /* Copy the TLS related data if necessary. */ + #ifndef DONT_USE_BOOTSTRAP_MAP + # if NO_TLS_OFFSET != 0 +@@ -1118,6 +1119,7 @@ rtld_setup_main_map (struct link_map *main_map) + bool has_interp = false; + + main_map->l_map_end = 0; ++ main_map->l_text_end = 0; + /* Perhaps the executable has no PT_LOAD header entries at all. */ + main_map->l_map_start = ~0; + /* And it was opened directly. */ +@@ -1209,6 +1211,8 @@ rtld_setup_main_map (struct link_map *main_map) + allocend = main_map->l_addr + ph->p_vaddr + ph->p_memsz; + if (main_map->l_map_end < allocend) + main_map->l_map_end = allocend; ++ if ((ph->p_flags & PF_X) && allocend > main_map->l_text_end) ++ main_map->l_text_end = allocend; + + /* The next expected address is the page following this load + segment. */ +@@ -1268,6 +1272,8 @@ rtld_setup_main_map (struct link_map *main_map) + = (char *) main_map->l_tls_initimage + main_map->l_addr; + if (! main_map->l_map_end) + main_map->l_map_end = ~0; ++ if (! main_map->l_text_end) ++ main_map->l_text_end = ~0; + if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name) + { + /* We were invoked directly, so the program might not have a +diff --git a/elf/setup-vdso.h b/elf/setup-vdso.h +index d92b12a7aa..0079842d1f 100644 +--- a/elf/setup-vdso.h ++++ b/elf/setup-vdso.h +@@ -51,6 +51,9 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), + l->l_addr = ph->p_vaddr; + if (ph->p_vaddr + ph->p_memsz >= l->l_map_end) + l->l_map_end = ph->p_vaddr + ph->p_memsz; ++ if ((ph->p_flags & PF_X) ++ && ph->p_vaddr + ph->p_memsz >= l->l_text_end) ++ l->l_text_end = ph->p_vaddr + ph->p_memsz; + } + else + /* There must be no TLS segment. */ +@@ -59,6 +62,7 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), + l->l_map_start = (ElfW(Addr)) GLRO(dl_sysinfo_dso); + l->l_addr = l->l_map_start - l->l_addr; + l->l_map_end += l->l_addr; ++ l->l_text_end += l->l_addr; + l->l_ld = (void *) ((ElfW(Addr)) l->l_ld + l->l_addr); + elf_get_dynamic_info (l, false, false); + _dl_setup_hash (l); +diff --git a/include/link.h b/include/link.h +index 686813f281..a02d5f2eba 100644 +--- a/include/link.h ++++ b/include/link.h +@@ -253,6 +253,8 @@ struct link_map + /* Start and finish of memory map for this object. l_map_start + need not be the same as l_addr. */ + ElfW(Addr) l_map_start, l_map_end; ++ /* End of the executable part of the mapping. */ ++ ElfW(Addr) l_text_end; + + /* Linked list of objects in reverse ELF constructor execution + order. Head of list is stored in _dl_init_called_list. */ +-- +2.33.0 + diff --git a/0001-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch b/0001-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch new file mode 100644 index 0000000..02bfee3 --- /dev/null +++ b/0001-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch @@ -0,0 +1,157 @@ +From ee4806e978467d705b26ccb7dfddb9e0a710f8e4 Mon Sep 17 00:00:00 2001 +From: Stefan Liebler +Date: Thu, 22 Feb 2024 15:03:27 +0100 +Subject: [PATCH 01/26] S390: Do not clobber r7 in clone [BZ #31402] + +Starting with commit e57d8fc97b90127de4ed3e3a9cdf663667580935 +"S390: Always use svc 0" +clone clobbers the call-saved register r7 in error case: +function or stack is NULL. + +This patch restores the saved registers also in the error case. +Furthermore the existing test misc/tst-clone is extended to check +all error cases and that clone does not clobber registers in this +error case. + +(cherry picked from commit 02782fd12849b6673cb5c2728cb750e8ec295aa3) +Note: Added ia64 __clone2 call to tst-clone.c. +--- + sysdeps/unix/sysv/linux/s390/s390-32/clone.S | 1 + + sysdeps/unix/sysv/linux/s390/s390-64/clone.S | 1 + + sysdeps/unix/sysv/linux/tst-clone.c | 76 ++++++++++++++++---- + 3 files changed, 65 insertions(+), 13 deletions(-) + +diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/clone.S b/sysdeps/unix/sysv/linux/s390/s390-32/clone.S +index 5d8d873383..fd1e509cf4 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-32/clone.S ++++ b/sysdeps/unix/sysv/linux/s390/s390-32/clone.S +@@ -53,6 +53,7 @@ ENTRY(__clone) + br %r14 + error: + lhi %r2,-EINVAL ++ lm %r6,%r7,24(%r15) /* Load registers. */ + j SYSCALL_ERROR_LABEL + PSEUDO_END (__clone) + +diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/clone.S b/sysdeps/unix/sysv/linux/s390/s390-64/clone.S +index f1c4288a3d..7b37b18010 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-64/clone.S ++++ b/sysdeps/unix/sysv/linux/s390/s390-64/clone.S +@@ -54,6 +54,7 @@ ENTRY(__clone) + br %r14 + error: + lghi %r2,-EINVAL ++ lmg %r6,%r7,48(%r15) /* Restore registers. */ + jg SYSCALL_ERROR_LABEL + PSEUDO_END (__clone) + +diff --git a/sysdeps/unix/sysv/linux/tst-clone.c b/sysdeps/unix/sysv/linux/tst-clone.c +index 56348707d4..95bd0f6ccb 100644 +--- a/sysdeps/unix/sysv/linux/tst-clone.c ++++ b/sysdeps/unix/sysv/linux/tst-clone.c +@@ -16,12 +16,16 @@ + License along with the GNU C Library; if not, see + . */ + +-/* BZ #2386 */ ++/* BZ #2386, BZ #31402 */ + #include + #include + #include + #include + #include ++#include /* For _STACK_GROWS_{UP,DOWN}. */ ++#include ++ ++volatile unsigned v = 0xdeadbeef; + + #ifdef __ia64__ + extern int __clone2 (int (*__fn) (void *__arg), void *__child_stack_base, +@@ -35,26 +39,72 @@ int child_fn(void *arg) + } + + static int +-do_test (void) ++__attribute__((noinline)) ++do_clone (int (*fn)(void *), void *stack) + { + int result; ++ unsigned int a = v; ++ unsigned int b = v; ++ unsigned int c = v; ++ unsigned int d = v; ++ unsigned int e = v; ++ unsigned int f = v; ++ unsigned int g = v; ++ unsigned int h = v; ++ unsigned int i = v; ++ unsigned int j = v; ++ unsigned int k = v; ++ unsigned int l = v; ++ unsigned int m = v; ++ unsigned int n = v; ++ unsigned int o = v; + + #ifdef __ia64__ +- result = __clone2 (child_fn, NULL, 0, 0, NULL, NULL, NULL); ++ result = __clone2 (fn, stack, stack != NULL ? 128 * 1024 : 0, 0, NULL, NULL, ++ NULL); ++#else ++ result = clone (fn, stack, 0, NULL); ++#endif ++ ++ /* Check that clone does not clobber call-saved registers. */ ++ TEST_VERIFY (a == v && b == v && c == v && d == v && e == v && f == v ++ && g == v && h == v && i == v && j == v && k == v && l == v ++ && m == v && n == v && o == v); ++ ++ return result; ++} ++ ++static void ++__attribute__((noinline)) ++do_test_single (int (*fn)(void *), void *stack) ++{ ++ printf ("%s (fn=%p, stack=%p)\n", __FUNCTION__, fn, stack); ++ errno = 0; ++ ++ int result = do_clone (fn, stack); ++ ++ TEST_COMPARE (errno, EINVAL); ++ TEST_COMPARE (result, -1); ++} ++ ++static int ++do_test (void) ++{ ++ char st[128 * 1024] __attribute__ ((aligned)); ++ void *stack = NULL; ++#if defined __ia64__ || _STACK_GROWS_UP ++ stack = st; ++#elif _STACK_GROWS_DOWN ++ stack = st + sizeof (st); + #else +- result = clone (child_fn, NULL, 0, NULL); ++# error "Define either _STACK_GROWS_DOWN or _STACK_GROWS_UP" + #endif + +- if (errno != EINVAL || result != -1) +- { +- printf ("FAIL: clone()=%d (wanted -1) errno=%d (wanted %d)\n", +- result, errno, EINVAL); +- return 1; +- } ++ do_test_single (child_fn, NULL); ++ do_test_single (NULL, stack); ++ do_test_single (NULL, NULL); + +- puts ("All OK"); + return 0; + } + +-#define TEST_FUNCTION do_test () +-#include "../test-skeleton.c" ++#include +-- +2.33.0 + diff --git a/0001-elf-Do-not-run-constructors-for-proxy-objects.patch b/0001-elf-Do-not-run-constructors-for-proxy-objects.patch new file mode 100644 index 0000000..f7d1463 --- /dev/null +++ b/0001-elf-Do-not-run-constructors-for-proxy-objects.patch @@ -0,0 +1,37 @@ +From 7ae211a01b085d0bde54bd13b887ce8f9d57c2b4 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 22 Aug 2023 13:56:25 +0200 +Subject: [PATCH 1/5] elf: Do not run constructors for proxy objects + +Otherwise, the ld.so constructor runs for each audit namespace +and each dlmopen namespace. + +(cherry picked from commit f6c8204fd7fabf0cf4162eaf10ccf23258e4d10e) +--- + elf/dl-init.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/elf/dl-init.c b/elf/dl-init.c +index 5b0732590f..ba4d2fdc85 100644 +--- a/elf/dl-init.c ++++ b/elf/dl-init.c +@@ -25,10 +25,14 @@ + static void + call_init (struct link_map *l, int argc, char **argv, char **env) + { ++ /* Do not run constructors for proxy objects. */ ++ if (l != l->l_real) ++ return; ++ + /* If the object has not been relocated, this is a bug. The + function pointers are invalid in this case. (Executables do not +- need relocation, and neither do proxy objects.) */ +- assert (l->l_real->l_relocated || l->l_real->l_type == lt_executable); ++ need relocation.) */ ++ assert (l->l_relocated || l->l_type == lt_executable); + + if (l->l_init_called) + /* This object is all done. */ +-- +2.33.0 + diff --git a/0001-pthreads-NPTL-lost-wakeup-fix-2.patch b/0001-pthreads-NPTL-lost-wakeup-fix-2.patch index 29fac94..a7de0cc 100644 --- a/0001-pthreads-NPTL-lost-wakeup-fix-2.patch +++ b/0001-pthreads-NPTL-lost-wakeup-fix-2.patch @@ -1,7 +1,7 @@ From 1a0d73a625877a1a759975613a4f10bb341c66d4 Mon Sep 17 00:00:00 2001 From: Frank Barrus Date: Fri, 11 Jul 2025 05:57:41 -0700 -Subject: [PATCH 01/10] pthreads NPTL: lost wakeup fix 2 +Subject: [PATCH] pthreads NPTL: lost wakeup fix 2 [BZ #25847] @@ -450,5 +450,5 @@ index 806c432d13..235813f685 100644 /* Confirm that we have been woken. We do that before acquiring the mutex -- -2.39.3 +2.27.0 diff --git a/0001-s390x-Fix-segfault-in-wcsncmp-BZ-31934.patch b/0001-s390x-Fix-segfault-in-wcsncmp-BZ-31934.patch new file mode 100644 index 0000000..fddb6c8 --- /dev/null +++ b/0001-s390x-Fix-segfault-in-wcsncmp-BZ-31934.patch @@ -0,0 +1,58 @@ +From 712453634c8efd71a9b3ff0122145a9e90e9955c Mon Sep 17 00:00:00 2001 +From: Stefan Liebler +Date: Thu, 11 Jul 2024 11:28:53 +0200 +Subject: [PATCH 01/12] s390x: Fix segfault in wcsncmp [BZ #31934] + +The z13/vector-optimized wcsncmp implementation segfaults if n=1 +and there is only one character (equal on both strings) before +the page end. Then it loads and compares one character and misses +to check n again. The following load fails. + +This patch removes the extra load and compare of the first character +and just start with the loop which uses vector-load-to-block-boundary. +This code-path also checks n. + +With this patch both tests are passing: +- the simplified one mentioned in the bugzilla 31934 +- the full one in Florian Weimer's patch: +"manual: Document a GNU extension for strncmp/wcsncmp" +(https://patchwork.sourceware.org/project/glibc/patch/874j9eml6y.fsf@oldenburg.str.redhat.com/): +On s390x-linux-gnu (z16), the new wcsncmp test fails due to bug 31934. +Reviewed-by: Carlos O'Donell + +(cherry picked from commit 9b7651410375ec8848a1944992d663d514db4ba7) +--- + sysdeps/s390/wcsncmp-vx.S | 10 +--------- + 1 file changed, 1 insertion(+), 9 deletions(-) + +diff --git a/sysdeps/s390/wcsncmp-vx.S b/sysdeps/s390/wcsncmp-vx.S +index 1bf769b870..4028d1e624 100644 +--- a/sysdeps/s390/wcsncmp-vx.S ++++ b/sysdeps/s390/wcsncmp-vx.S +@@ -59,14 +59,7 @@ ENTRY(WCSNCMP_Z13) + sllg %r4,%r4,2 /* Convert character-count to byte-count. */ + locgrne %r4,%r1 /* Use max byte-count, if bit 0/1 was one. */ + +- /* Check first character without vector load. */ +- lghi %r5,4 /* current_len = 4 bytes. */ +- /* Check s1/2[0]. */ +- lt %r0,0(%r2) +- l %r1,0(%r3) +- je .Lend_cmp_one_char +- crjne %r0,%r1,.Lend_cmp_one_char +- ++ lghi %r5,0 /* current_len = 0 bytes. */ + .Lloop: + vlbb %v17,0(%r5,%r3),6 /* Load s2 to block boundary. */ + vlbb %v16,0(%r5,%r2),6 /* Load s1 to block boundary. */ +@@ -167,7 +160,6 @@ ENTRY(WCSNCMP_Z13) + srl %r4,2 /* And convert it to character-index. */ + vlgvf %r0,%v16,0(%r4) /* Load character-values. */ + vlgvf %r1,%v17,0(%r4) +-.Lend_cmp_one_char: + cr %r0,%r1 + je .Lend_equal + lghi %r2,1 +-- +2.33.0 + diff --git a/0001-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch b/0001-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch index 18f5cf6..1ca450d 100644 --- a/0001-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch +++ b/0001-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch @@ -47,6 +47,19 @@ Fixes: 533deafbdf189f5fbb280c28562dd43ace2f4b0f ("Use O_CLOEXEC in more places ( sysdeps/pthread/sem_open.c | 10 ++++------ 2 files changed, 6 insertions(+), 6 deletions(-) +diff --git a/NEWS b/NEWS +index f117874e34..5ac488bf9b 100644 +--- a/NEWS ++++ b/NEWS +@@ -32,6 +32,8 @@ Security related changes: + The following bugs are resolved with this release: + + [30723] posix_memalign repeatedly scans long bin lists ++ [30789] sem_open will fail on multithreaded scenarios when semaphore ++ file doesn't exist (O_CREAT) + [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with + -D_FILE_OFFSET_BITS=64 + [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) diff --git a/sysdeps/pthread/sem_open.c b/sysdeps/pthread/sem_open.c index e5db929d20..0e331a7445 100644 --- a/sysdeps/pthread/sem_open.c @@ -88,5 +101,5 @@ index e5db929d20..0e331a7445 100644 { if (errno == EEXIST) -- -2.39.3 +2.33.0 diff --git a/0001-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch b/0001-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch new file mode 100644 index 0000000..cb4f03e --- /dev/null +++ b/0001-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch @@ -0,0 +1,286 @@ +From ced101ed9d3b7cfd12d97ef24940cb00b8658c81 Mon Sep 17 00:00:00 2001 +From: Sajan Karumanchi +Date: Tue, 1 Aug 2023 15:20:55 +0000 +Subject: [PATCH 01/12] x86: Fix for cache computation on AMD legacy cpus. + +Some legacy AMD CPUs and hypervisors have the _cpuid_ '0x8000_001D' +set to Zero, thus resulting in zeroed-out computed cache values. +This patch reintroduces the old way of cache computation as a +fail-safe option to handle these exceptions. +Fixed 'level4_cache_size' value through handle_amd(). + +Reviewed-by: Premachandra Mallappa +Tested-by: Florian Weimer +--- + sysdeps/x86/dl-cacheinfo.h | 226 ++++++++++++++++++++++++++++++++----- + 1 file changed, 199 insertions(+), 27 deletions(-) + +diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h +index cd4d0351ae..285773039f 100644 +--- a/sysdeps/x86/dl-cacheinfo.h ++++ b/sysdeps/x86/dl-cacheinfo.h +@@ -315,40 +315,206 @@ handle_amd (int name) + { + unsigned int eax; + unsigned int ebx; +- unsigned int ecx; ++ unsigned int ecx = 0; + unsigned int edx; +- unsigned int count = 0x1; ++ unsigned int max_cpuid = 0; ++ unsigned int fn = 0; + + /* No level 4 cache (yet). */ + if (name > _SC_LEVEL3_CACHE_LINESIZE) + return 0; + +- if (name >= _SC_LEVEL3_CACHE_SIZE) +- count = 0x3; +- else if (name >= _SC_LEVEL2_CACHE_SIZE) +- count = 0x2; +- else if (name >= _SC_LEVEL1_DCACHE_SIZE) +- count = 0x0; ++ __cpuid (0x80000000, max_cpuid, ebx, ecx, edx); ++ ++ if (max_cpuid >= 0x8000001D) ++ /* Use __cpuid__ '0x8000_001D' to compute cache details. */ ++ { ++ unsigned int count = 0x1; ++ ++ if (name >= _SC_LEVEL3_CACHE_SIZE) ++ count = 0x3; ++ else if (name >= _SC_LEVEL2_CACHE_SIZE) ++ count = 0x2; ++ else if (name >= _SC_LEVEL1_DCACHE_SIZE) ++ count = 0x0; ++ ++ __cpuid_count (0x8000001D, count, eax, ebx, ecx, edx); ++ ++ if (ecx != 0) ++ { ++ switch (name) ++ { ++ case _SC_LEVEL1_ICACHE_ASSOC: ++ case _SC_LEVEL1_DCACHE_ASSOC: ++ case _SC_LEVEL2_CACHE_ASSOC: ++ case _SC_LEVEL3_CACHE_ASSOC: ++ return ((ebx >> 22) & 0x3ff) + 1; ++ case _SC_LEVEL1_ICACHE_LINESIZE: ++ case _SC_LEVEL1_DCACHE_LINESIZE: ++ case _SC_LEVEL2_CACHE_LINESIZE: ++ case _SC_LEVEL3_CACHE_LINESIZE: ++ return (ebx & 0xfff) + 1; ++ case _SC_LEVEL1_ICACHE_SIZE: ++ case _SC_LEVEL1_DCACHE_SIZE: ++ case _SC_LEVEL2_CACHE_SIZE: ++ case _SC_LEVEL3_CACHE_SIZE: ++ return (((ebx >> 22) & 0x3ff) + 1) * ((ebx & 0xfff) + 1) * (ecx + 1); ++ default: ++ __builtin_unreachable (); ++ } ++ return -1; ++ } ++ } ++ ++ /* Legacy cache computation for CPUs prior to Bulldozer family. ++ This is also a fail-safe mechanism for some hypervisors that ++ accidentally configure __cpuid__ '0x8000_001D' to Zero. */ + +- __cpuid_count (0x8000001D, count, eax, ebx, ecx, edx); ++ fn = 0x80000005 + (name >= _SC_LEVEL2_CACHE_SIZE); ++ ++ if (max_cpuid < fn) ++ return 0; ++ ++ __cpuid (fn, eax, ebx, ecx, edx); ++ ++ if (name < _SC_LEVEL1_DCACHE_SIZE) ++ { ++ name += _SC_LEVEL1_DCACHE_SIZE - _SC_LEVEL1_ICACHE_SIZE; ++ ecx = edx; ++ } + + switch (name) + { +- case _SC_LEVEL1_ICACHE_ASSOC: +- case _SC_LEVEL1_DCACHE_ASSOC: +- case _SC_LEVEL2_CACHE_ASSOC: ++ case _SC_LEVEL1_DCACHE_SIZE: ++ return (ecx >> 14) & 0x3fc00; ++ ++ case _SC_LEVEL1_DCACHE_ASSOC: ++ ecx >>= 16; ++ if ((ecx & 0xff) == 0xff) ++ { ++ /* Fully associative. */ ++ return (ecx << 2) & 0x3fc00; ++ } ++ return ecx & 0xff; ++ ++ case _SC_LEVEL1_DCACHE_LINESIZE: ++ return ecx & 0xff; ++ ++ case _SC_LEVEL2_CACHE_SIZE: ++ return (ecx & 0xf000) == 0 ? 0 : (ecx >> 6) & 0x3fffc00; ++ ++ case _SC_LEVEL2_CACHE_ASSOC: ++ switch ((ecx >> 12) & 0xf) ++ { ++ case 0: ++ case 1: ++ case 2: ++ case 4: ++ return (ecx >> 12) & 0xf; ++ case 6: ++ return 8; ++ case 8: ++ return 16; ++ case 10: ++ return 32; ++ case 11: ++ return 48; ++ case 12: ++ return 64; ++ case 13: ++ return 96; ++ case 14: ++ return 128; ++ case 15: ++ return ((ecx >> 6) & 0x3fffc00) / (ecx & 0xff); ++ default: ++ return 0; ++ } ++ ++ case _SC_LEVEL2_CACHE_LINESIZE: ++ return (ecx & 0xf000) == 0 ? 0 : ecx & 0xff; ++ ++ case _SC_LEVEL3_CACHE_SIZE: ++ { ++ long int total_l3_cache = 0, l3_cache_per_thread = 0; ++ unsigned int threads = 0; ++ const struct cpu_features *cpu_features; ++ ++ if ((edx & 0xf000) == 0) ++ return 0; ++ ++ total_l3_cache = (edx & 0x3ffc0000) << 1; ++ cpu_features = __get_cpu_features (); ++ ++ /* Figure out the number of logical threads that share L3. */ ++ if (max_cpuid >= 0x80000008) ++ { ++ /* Get width of APIC ID. */ ++ __cpuid (0x80000008, eax, ebx, ecx, edx); ++ threads = (ecx & 0xff) + 1; ++ } ++ ++ if (threads == 0) ++ { ++ /* If APIC ID width is not available, use logical ++ processor count. */ ++ __cpuid (0x00000001, eax, ebx, ecx, edx); ++ if ((edx & (1 << 28)) != 0) ++ threads = (ebx >> 16) & 0xff; ++ } ++ ++ /* Cap usage of highest cache level to the number of ++ supported threads. */ ++ if (threads > 0) ++ l3_cache_per_thread = total_l3_cache/threads; ++ ++ /* Get shared cache per ccx for Zen architectures. */ ++ if (cpu_features->basic.family >= 0x17) ++ { ++ long int l3_cache_per_ccx = 0; ++ /* Get number of threads share the L3 cache in CCX. */ ++ __cpuid_count (0x8000001D, 0x3, eax, ebx, ecx, edx); ++ unsigned int threads_per_ccx = ((eax >> 14) & 0xfff) + 1; ++ l3_cache_per_ccx = l3_cache_per_thread * threads_per_ccx; ++ return l3_cache_per_ccx; ++ } ++ else ++ { ++ return l3_cache_per_thread; ++ } ++ } ++ + case _SC_LEVEL3_CACHE_ASSOC: +- return ecx ? ((ebx >> 22) & 0x3ff) + 1 : 0; +- case _SC_LEVEL1_ICACHE_LINESIZE: +- case _SC_LEVEL1_DCACHE_LINESIZE: +- case _SC_LEVEL2_CACHE_LINESIZE: ++ switch ((edx >> 12) & 0xf) ++ { ++ case 0: ++ case 1: ++ case 2: ++ case 4: ++ return (edx >> 12) & 0xf; ++ case 6: ++ return 8; ++ case 8: ++ return 16; ++ case 10: ++ return 32; ++ case 11: ++ return 48; ++ case 12: ++ return 64; ++ case 13: ++ return 96; ++ case 14: ++ return 128; ++ case 15: ++ return ((edx & 0x3ffc0000) << 1) / (edx & 0xff); ++ default: ++ return 0; ++ } ++ + case _SC_LEVEL3_CACHE_LINESIZE: +- return ecx ? (ebx & 0xfff) + 1 : 0; +- case _SC_LEVEL1_ICACHE_SIZE: +- case _SC_LEVEL1_DCACHE_SIZE: +- case _SC_LEVEL2_CACHE_SIZE: +- case _SC_LEVEL3_CACHE_SIZE: +- return ecx ? (((ebx >> 22) & 0x3ff) + 1) * ((ebx & 0xfff) + 1) * (ecx + 1): 0; ++ return (edx & 0xf000) == 0 ? 0 : edx & 0xff; ++ + default: + __builtin_unreachable (); + } +@@ -703,7 +869,6 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + data = handle_amd (_SC_LEVEL1_DCACHE_SIZE); + core = handle_amd (_SC_LEVEL2_CACHE_SIZE); + shared = handle_amd (_SC_LEVEL3_CACHE_SIZE); +- shared_per_thread = shared; + + level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE); + level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE); +@@ -716,13 +881,20 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + level3_cache_size = shared; + level3_cache_assoc = handle_amd (_SC_LEVEL3_CACHE_ASSOC); + level3_cache_linesize = handle_amd (_SC_LEVEL3_CACHE_LINESIZE); ++ level4_cache_size = handle_amd (_SC_LEVEL4_CACHE_SIZE); + + if (shared <= 0) +- /* No shared L3 cache. All we have is the L2 cache. */ +- shared = core; ++ { ++ /* No shared L3 cache. All we have is the L2 cache. */ ++ shared = core; ++ } ++ else if (cpu_features->basic.family < 0x17) ++ { ++ /* Account for exclusive L2 and L3 caches. */ ++ shared += core; ++ } + +- if (shared_per_thread <= 0) +- shared_per_thread = shared; ++ shared_per_thread = shared; + } + + cpu_features->level1_icache_size = level1_icache_size; +-- +2.33.0 + diff --git a/0002-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch b/0002-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch new file mode 100644 index 0000000..13d6904 --- /dev/null +++ b/0002-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch @@ -0,0 +1,36 @@ +From f6445dc94da185b3d1ee283f0ca0a34c4e1986cc Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 26 Sep 2023 07:38:07 -0400 +Subject: [PATCH 2/4] Document CVE-2023-4806 and CVE-2023-5156 in NEWS + +These are tracked in BZ #30884 and BZ #30843. + +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit fd134feba35fa839018965733b34d28a09a075dd) +--- + NEWS | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/NEWS b/NEWS +index dfee278a9c..f1b1b0a3b4 100644 +--- a/NEWS ++++ b/NEWS +@@ -15,6 +15,15 @@ Security related changes: + 2048 bytes, getaddrinfo may potentially disclose stack contents via + the returned address data, or crash. + ++ CVE-2023-4806: When an NSS plugin only implements the ++ _gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use ++ memory that was freed during buffer resizing, potentially causing a ++ crash or read or write to arbitrary memory. ++ ++ CVE-2023-5156: The fix for CVE-2023-4806 introduced a memory leak when ++ an application calls getaddrinfo for AF_INET6 with AI_CANONNAME, ++ AI_ALL and AI_V4MAPPED flags set. ++ + The following bugs are resolved with this release: + + [30723] posix_memalign repeatedly scans long bin lists +-- +2.33.0 + diff --git a/0002-Revert-elf-Always-call-destructors-in-reverse-constr.patch b/0002-Revert-elf-Always-call-destructors-in-reverse-constr.patch new file mode 100644 index 0000000..10d9b58 --- /dev/null +++ b/0002-Revert-elf-Always-call-destructors-in-reverse-constr.patch @@ -0,0 +1,593 @@ +From 719866ab2ff0e6d514a04fb47e507d92e70ef7ee Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 18 Oct 2023 14:25:46 +0200 +Subject: [PATCH 2/3] Revert "elf: Always call destructors in reverse + constructor order (bug 30785)" + +This reverts commit a3189f66a5f2fe86568286fa025fa153be04c6c0. + +Reason for revert: Incompatibility with existing applications. +--- + NEWS | 1 - + elf/dl-close.c | 113 ++++++++++----------------- + elf/dl-fini.c | 152 ++++++++++++++++++++++++------------- + elf/dl-init.c | 16 ---- + elf/dso-sort-tests-1.def | 19 +++-- + elf/tst-audit23.c | 44 +++++------ + sysdeps/generic/ldsodefs.h | 4 - + 7 files changed, 173 insertions(+), 176 deletions(-) + +diff --git a/NEWS b/NEWS +index bfcd46efa9..f117874e34 100644 +--- a/NEWS ++++ b/NEWS +@@ -32,7 +32,6 @@ Security related changes: + The following bugs are resolved with this release: + + [30723] posix_memalign repeatedly scans long bin lists +- [30785] Always call destructors in reverse constructor order + [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with + -D_FILE_OFFSET_BITS=64 + [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) +diff --git a/elf/dl-close.c b/elf/dl-close.c +index ea62d0e601..b887a44888 100644 +--- a/elf/dl-close.c ++++ b/elf/dl-close.c +@@ -138,31 +138,30 @@ _dl_close_worker (struct link_map *map, bool force) + + bool any_tls = false; + const unsigned int nloaded = ns->_ns_nloaded; ++ struct link_map *maps[nloaded]; + +- /* Run over the list and assign indexes to the link maps. */ ++ /* Run over the list and assign indexes to the link maps and enter ++ them into the MAPS array. */ + int idx = 0; + for (struct link_map *l = ns->_ns_loaded; l != NULL; l = l->l_next) + { + l->l_map_used = 0; + l->l_map_done = 0; + l->l_idx = idx; ++ maps[idx] = l; + ++idx; + } + assert (idx == nloaded); + +- /* Keep marking link maps until no new link maps are found. */ +- for (struct link_map *l = ns->_ns_loaded; l != NULL; ) ++ /* Keep track of the lowest index link map we have covered already. */ ++ int done_index = -1; ++ while (++done_index < nloaded) + { +- /* next is reset to earlier link maps for remarking. */ +- struct link_map *next = l->l_next; +- int next_idx = l->l_idx + 1; /* next->l_idx, but covers next == NULL. */ ++ struct link_map *l = maps[done_index]; + + if (l->l_map_done) +- { +- /* Already handled. */ +- l = next; +- continue; +- } ++ /* Already handled. */ ++ continue; + + /* Check whether this object is still used. */ + if (l->l_type == lt_loaded +@@ -172,10 +171,7 @@ _dl_close_worker (struct link_map *map, bool force) + acquire is sufficient and correct. */ + && atomic_load_acquire (&l->l_tls_dtor_count) == 0 + && !l->l_map_used) +- { +- l = next; +- continue; +- } ++ continue; + + /* We need this object and we handle it now. */ + l->l_map_used = 1; +@@ -202,11 +198,8 @@ _dl_close_worker (struct link_map *map, bool force) + already processed it, then we need to go back + and process again from that point forward to + ensure we keep all of its dependencies also. */ +- if ((*lp)->l_idx < next_idx) +- { +- next = *lp; +- next_idx = next->l_idx; +- } ++ if ((*lp)->l_idx - 1 < done_index) ++ done_index = (*lp)->l_idx - 1; + } + } + +@@ -226,65 +219,44 @@ _dl_close_worker (struct link_map *map, bool force) + if (!jmap->l_map_used) + { + jmap->l_map_used = 1; +- if (jmap->l_idx < next_idx) +- { +- next = jmap; +- next_idx = next->l_idx; +- } ++ if (jmap->l_idx - 1 < done_index) ++ done_index = jmap->l_idx - 1; + } + } + } +- +- l = next; + } + +- /* Call the destructors in reverse constructor order, and remove the +- closed link maps from the list. */ +- for (struct link_map **init_called_head = &_dl_init_called_list; +- *init_called_head != NULL; ) ++ /* Sort the entries. We can skip looking for the binary itself which is ++ at the front of the search list for the main namespace. */ ++ _dl_sort_maps (maps, nloaded, (nsid == LM_ID_BASE), true); ++ ++ /* Call all termination functions at once. */ ++ bool unload_any = false; ++ bool scope_mem_left = false; ++ unsigned int unload_global = 0; ++ unsigned int first_loaded = ~0; ++ for (unsigned int i = 0; i < nloaded; ++i) + { +- struct link_map *imap = *init_called_head; ++ struct link_map *imap = maps[i]; + +- /* _dl_init_called_list is global, to produce a global odering. +- Ignore the other namespaces (and link maps that are still used). */ +- if (imap->l_ns != nsid || imap->l_map_used) +- init_called_head = &imap->l_init_called_next; +- else ++ /* All elements must be in the same namespace. */ ++ assert (imap->l_ns == nsid); ++ ++ if (!imap->l_map_used) + { + assert (imap->l_type == lt_loaded && !imap->l_nodelete_active); + +- /* _dl_init_called_list is updated at the same time as +- l_init_called. */ +- assert (imap->l_init_called); +- +- if (imap->l_info[DT_FINI_ARRAY] != NULL +- || imap->l_info[DT_FINI] != NULL) ++ /* Call its termination function. Do not do it for ++ half-cooked objects. Temporarily disable exception ++ handling, so that errors are fatal. */ ++ if (imap->l_init_called) + _dl_catch_exception (NULL, _dl_call_fini, imap); + + #ifdef SHARED + /* Auditing checkpoint: we remove an object. */ + _dl_audit_objclose (imap); + #endif +- /* Unlink this link map. */ +- *init_called_head = imap->l_init_called_next; +- } +- } +- +- +- bool unload_any = false; +- bool scope_mem_left = false; +- unsigned int unload_global = 0; +- +- /* For skipping un-unloadable link maps in the second loop. */ +- struct link_map *first_loaded = ns->_ns_loaded; + +- /* Iterate over the namespace to find objects to unload. Some +- unloadable objects may not be on _dl_init_called_list due to +- dlopen failure. */ +- for (struct link_map *imap = first_loaded; imap != NULL; imap = imap->l_next) +- { +- if (!imap->l_map_used) +- { + /* This object must not be used anymore. */ + imap->l_removed = 1; + +@@ -295,8 +267,8 @@ _dl_close_worker (struct link_map *map, bool force) + ++unload_global; + + /* Remember where the first dynamically loaded object is. */ +- if (first_loaded == NULL) +- first_loaded = imap; ++ if (i < first_loaded) ++ first_loaded = i; + } + /* Else imap->l_map_used. */ + else if (imap->l_type == lt_loaded) +@@ -432,8 +404,8 @@ _dl_close_worker (struct link_map *map, bool force) + imap->l_loader = NULL; + + /* Remember where the first dynamically loaded object is. */ +- if (first_loaded == NULL) +- first_loaded = imap; ++ if (i < first_loaded) ++ first_loaded = i; + } + } + +@@ -504,11 +476,10 @@ _dl_close_worker (struct link_map *map, bool force) + + /* Check each element of the search list to see if all references to + it are gone. */ +- for (struct link_map *imap = first_loaded; imap != NULL; ) ++ for (unsigned int i = first_loaded; i < nloaded; ++i) + { +- if (imap->l_map_used) +- imap = imap->l_next; +- else ++ struct link_map *imap = maps[i]; ++ if (!imap->l_map_used) + { + assert (imap->l_type == lt_loaded); + +@@ -719,9 +690,7 @@ _dl_close_worker (struct link_map *map, bool force) + if (imap == GL(dl_initfirst)) + GL(dl_initfirst) = NULL; + +- struct link_map *next = imap->l_next; + free (imap); +- imap = next; + } + } + +diff --git a/elf/dl-fini.c b/elf/dl-fini.c +index e201d36651..9acb64f47c 100644 +--- a/elf/dl-fini.c ++++ b/elf/dl-fini.c +@@ -24,68 +24,116 @@ + void + _dl_fini (void) + { +- /* Call destructors strictly in the reverse order of constructors. +- This causes fewer surprises than some arbitrary reordering based +- on new (relocation) dependencies. None of the objects are +- unmapped, so applications can deal with this if their DSOs remain +- in a consistent state after destructors have run. */ +- +- /* Protect against concurrent loads and unloads. */ +- __rtld_lock_lock_recursive (GL(dl_load_lock)); +- +- /* Ignore objects which are opened during shutdown. */ +- struct link_map *local_init_called_list = _dl_init_called_list; +- +- for (struct link_map *l = local_init_called_list; l != NULL; +- l = l->l_init_called_next) +- /* Bump l_direct_opencount of all objects so that they +- are not dlclose()ed from underneath us. */ +- ++l->l_direct_opencount; +- +- /* After this point, everything linked from local_init_called_list +- cannot be unloaded because of the reference counter update. */ +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); +- +- /* Perform two passes: One for non-audit modules, one for audit +- modules. This way, audit modules receive unload notifications +- for non-audit objects, and the destructors for audit modules +- still run. */ ++ /* Lots of fun ahead. We have to call the destructors for all still ++ loaded objects, in all namespaces. The problem is that the ELF ++ specification now demands that dependencies between the modules ++ are taken into account. I.e., the destructor for a module is ++ called before the ones for any of its dependencies. ++ ++ To make things more complicated, we cannot simply use the reverse ++ order of the constructors. Since the user might have loaded objects ++ using `dlopen' there are possibly several other modules with its ++ dependencies to be taken into account. Therefore we have to start ++ determining the order of the modules once again from the beginning. */ ++ ++ /* We run the destructors of the main namespaces last. As for the ++ other namespaces, we pick run the destructors in them in reverse ++ order of the namespace ID. */ ++#ifdef SHARED ++ int do_audit = 0; ++ again: ++#endif ++ for (Lmid_t ns = GL(dl_nns) - 1; ns >= 0; --ns) ++ { ++ /* Protect against concurrent loads and unloads. */ ++ __rtld_lock_lock_recursive (GL(dl_load_lock)); ++ ++ unsigned int nloaded = GL(dl_ns)[ns]._ns_nloaded; ++ /* No need to do anything for empty namespaces or those used for ++ auditing DSOs. */ ++ if (nloaded == 0 ++#ifdef SHARED ++ || GL(dl_ns)[ns]._ns_loaded->l_auditing != do_audit ++#endif ++ ) ++ __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ else ++ { + #ifdef SHARED +- int last_pass = GLRO(dl_naudit) > 0; +- Lmid_t last_ns = -1; +- for (int do_audit = 0; do_audit <= last_pass; ++do_audit) ++ _dl_audit_activity_nsid (ns, LA_ACT_DELETE); + #endif +- for (struct link_map *l = local_init_called_list; l != NULL; +- l = l->l_init_called_next) +- { ++ ++ /* Now we can allocate an array to hold all the pointers and ++ copy the pointers in. */ ++ struct link_map *maps[nloaded]; ++ ++ unsigned int i; ++ struct link_map *l; ++ assert (nloaded != 0 || GL(dl_ns)[ns]._ns_loaded == NULL); ++ for (l = GL(dl_ns)[ns]._ns_loaded, i = 0; l != NULL; l = l->l_next) ++ /* Do not handle ld.so in secondary namespaces. */ ++ if (l == l->l_real) ++ { ++ assert (i < nloaded); ++ ++ maps[i] = l; ++ l->l_idx = i; ++ ++i; ++ ++ /* Bump l_direct_opencount of all objects so that they ++ are not dlclose()ed from underneath us. */ ++ ++l->l_direct_opencount; ++ } ++ assert (ns != LM_ID_BASE || i == nloaded); ++ assert (ns == LM_ID_BASE || i == nloaded || i == nloaded - 1); ++ unsigned int nmaps = i; ++ ++ /* Now we have to do the sorting. We can skip looking for the ++ binary itself which is at the front of the search list for ++ the main namespace. */ ++ _dl_sort_maps (maps, nmaps, (ns == LM_ID_BASE), true); ++ ++ /* We do not rely on the linked list of loaded object anymore ++ from this point on. We have our own list here (maps). The ++ various members of this list cannot vanish since the open ++ count is too high and will be decremented in this loop. So ++ we release the lock so that some code which might be called ++ from a destructor can directly or indirectly access the ++ lock. */ ++ __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ ++ /* 'maps' now contains the objects in the right order. Now ++ call the destructors. We have to process this array from ++ the front. */ ++ for (i = 0; i < nmaps; ++i) ++ { ++ struct link_map *l = maps[i]; ++ ++ if (l->l_init_called) ++ { ++ _dl_call_fini (l); + #ifdef SHARED +- if (GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing != do_audit) +- continue; +- +- /* Avoid back-to-back calls of _dl_audit_activity_nsid for the +- same namespace. */ +- if (last_ns != l->l_ns) +- { +- if (last_ns >= 0) +- _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); +- _dl_audit_activity_nsid (l->l_ns, LA_ACT_DELETE); +- last_ns = l->l_ns; +- } ++ /* Auditing checkpoint: another object closed. */ ++ _dl_audit_objclose (l); + #endif ++ } + +- /* There is no need to re-enable exceptions because _dl_fini +- is not called from a context where exceptions are caught. */ +- _dl_call_fini (l); ++ /* Correct the previous increment. */ ++ --l->l_direct_opencount; ++ } + + #ifdef SHARED +- /* Auditing checkpoint: another object closed. */ +- _dl_audit_objclose (l); ++ _dl_audit_activity_nsid (ns, LA_ACT_CONSISTENT); + #endif +- } ++ } ++ } + + #ifdef SHARED +- if (last_ns >= 0) +- _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); ++ if (! do_audit && GLRO(dl_naudit) > 0) ++ { ++ do_audit = 1; ++ goto again; ++ } + + if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_STATISTICS)) + _dl_debug_printf ("\nruntime linker statistics:\n" +diff --git a/elf/dl-init.c b/elf/dl-init.c +index ffd05b7806..ba4d2fdc85 100644 +--- a/elf/dl-init.c ++++ b/elf/dl-init.c +@@ -21,7 +21,6 @@ + #include + #include + +-struct link_map *_dl_init_called_list; + + static void + call_init (struct link_map *l, int argc, char **argv, char **env) +@@ -43,21 +42,6 @@ call_init (struct link_map *l, int argc, char **argv, char **env) + dependency. */ + l->l_init_called = 1; + +- /* Help an already-running dlclose: The just-loaded object must not +- be removed during the current pass. (No effect if no dlclose in +- progress.) */ +- l->l_map_used = 1; +- +- /* Record execution before starting any initializers. This way, if +- the initializers themselves call dlopen, their ELF destructors +- will eventually be run before this object is destructed, matching +- that their ELF constructors have run before this object was +- constructed. _dl_fini uses this list for audit callbacks, so +- register objects on the list even if they do not have a +- constructor. */ +- l->l_init_called_next = _dl_init_called_list; +- _dl_init_called_list = l; +- + /* Check for object which constructors we do not run here. */ + if (__builtin_expect (l->l_name[0], 'a') == '\0' + && l->l_type == lt_executable) +diff --git a/elf/dso-sort-tests-1.def b/elf/dso-sort-tests-1.def +index 61dc54f8ae..4bf9052db1 100644 +--- a/elf/dso-sort-tests-1.def ++++ b/elf/dso-sort-tests-1.def +@@ -53,14 +53,21 @@ tst-dso-ordering10: {}->a->b->c;soname({})=c + output: b>a>{}b->c->d order). ++# The older dynamic_sort=1 algorithm does not achieve this, while the DFS-based ++# dynamic_sort=2 algorithm does, although it is still arguable whether going ++# beyond spec to do this is the right thing to do. ++# The below expected outputs are what the two algorithms currently produce ++# respectively, for regression testing purposes. + tst-bz15311: {+a;+e;+f;+g;+d;%d;-d;-g;-f;-e;-a};a->b->c->d;d=>[ba];c=>a;b=>e=>a;c=>f=>b;d=>g=>c +-output: {+a[d>c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[a1;a->a2;a2->a;b->b1;c->a1;c=>a1 +-output: {+a[a2>a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());} +Date: Fri, 8 Sep 2023 12:32:14 +0200 +Subject: [PATCH 2/5] elf: Always call destructors in reverse constructor order + (bug 30785) + +The current implementation of dlclose (and process exit) re-sorts the +link maps before calling ELF destructors. Destructor order is not the +reverse of the constructor order as a result: The second sort takes +relocation dependencies into account, and other differences can result +from ambiguous inputs, such as cycles. (The force_first handling in +_dl_sort_maps is not effective for dlclose.) After the changes in +this commit, there is still a required difference due to +dlopen/dlclose ordering by the application, but the previous +discrepancies went beyond that. + +A new global (namespace-spanning) list of link maps, +_dl_init_called_list, is updated right before ELF constructors are +called from _dl_init. + +In dl_close_worker, the maps variable, an on-stack variable length +array, is eliminated. (VLAs are problematic, and dlclose should not +call malloc because it cannot readily deal with malloc failure.) +Marking still-used objects uses the namespace list directly, with +next and next_idx replacing the done_index variable. + +After marking, _dl_init_called_list is used to call the destructors +of now-unused maps in reverse destructor order. These destructors +can call dlopen. Previously, new objects do not have l_map_used set. +This had to change: There is no copy of the link map list anymore, +so processing would cover newly opened (and unmarked) mappings, +unloading them. Now, _dl_init (indirectly) sets l_map_used, too. +(dlclose is handled by the existing reentrancy guard.) + +After _dl_init_called_list traversal, two more loops follow. The +processing order changes to the original link map order in the +namespace. Previously, dependency order was used. The difference +should not matter because relocation dependencies could already +reorder link maps in the old code. + +The changes to _dl_fini remove the sorting step and replace it with +a traversal of _dl_init_called_list. The l_direct_opencount +decrement outside the loader lock is removed because it appears +incorrect: the counter manipulation could race with other dynamic +loader operations. + +tst-audit23 needs adjustments to the changes in LA_ACT_DELETE +notifications. The new approach for checking la_activity should +make it clearer that la_activty calls come in pairs around namespace +updates. + +The dependency sorting test cases need updates because the destructor +order is always the opposite order of constructor order, even with +relocation dependencies or cycles present. + +There is a future cleanup opportunity to remove the now-constant +force_first and for_fini arguments from the _dl_sort_maps function. + +Fixes commit 1df71d32fe5f5905ffd5d100e5e9ca8ad62 ("elf: Implement +force_first handling in _dl_sort_maps_dfs (bug 28937)"). + +Reviewed-by: DJ Delorie +(cherry picked from commit 6985865bc3ad5b23147ee73466583dd7fdf65892) +--- + NEWS | 7 ++ + elf/dl-close.c | 113 +++++++++++++++++---------- + elf/dl-fini.c | 152 +++++++++++++------------------------ + elf/dl-init.c | 16 ++++ + elf/dso-sort-tests-1.def | 19 ++--- + elf/tst-audit23.c | 44 ++++++----- + include/link.h | 4 + + sysdeps/generic/ldsodefs.h | 4 + + 8 files changed, 186 insertions(+), 173 deletions(-) + +diff --git a/NEWS b/NEWS +index 8156572cdf..f1a14f45dd 100644 +--- a/NEWS ++++ b/NEWS +@@ -4,6 +4,13 @@ See the end for copying conditions. + + Please send GNU C library bug reports via + using `glibc' in the "product" field. ++ ++Version 2.38.1 ++ ++The following bugs are resolved with this release: ++ ++ [30785] Always call destructors in reverse constructor order ++ + + Version 2.38 + +diff --git a/elf/dl-close.c b/elf/dl-close.c +index b887a44888..ea62d0e601 100644 +--- a/elf/dl-close.c ++++ b/elf/dl-close.c +@@ -138,30 +138,31 @@ _dl_close_worker (struct link_map *map, bool force) + + bool any_tls = false; + const unsigned int nloaded = ns->_ns_nloaded; +- struct link_map *maps[nloaded]; + +- /* Run over the list and assign indexes to the link maps and enter +- them into the MAPS array. */ ++ /* Run over the list and assign indexes to the link maps. */ + int idx = 0; + for (struct link_map *l = ns->_ns_loaded; l != NULL; l = l->l_next) + { + l->l_map_used = 0; + l->l_map_done = 0; + l->l_idx = idx; +- maps[idx] = l; + ++idx; + } + assert (idx == nloaded); + +- /* Keep track of the lowest index link map we have covered already. */ +- int done_index = -1; +- while (++done_index < nloaded) ++ /* Keep marking link maps until no new link maps are found. */ ++ for (struct link_map *l = ns->_ns_loaded; l != NULL; ) + { +- struct link_map *l = maps[done_index]; ++ /* next is reset to earlier link maps for remarking. */ ++ struct link_map *next = l->l_next; ++ int next_idx = l->l_idx + 1; /* next->l_idx, but covers next == NULL. */ + + if (l->l_map_done) +- /* Already handled. */ +- continue; ++ { ++ /* Already handled. */ ++ l = next; ++ continue; ++ } + + /* Check whether this object is still used. */ + if (l->l_type == lt_loaded +@@ -171,7 +172,10 @@ _dl_close_worker (struct link_map *map, bool force) + acquire is sufficient and correct. */ + && atomic_load_acquire (&l->l_tls_dtor_count) == 0 + && !l->l_map_used) +- continue; ++ { ++ l = next; ++ continue; ++ } + + /* We need this object and we handle it now. */ + l->l_map_used = 1; +@@ -198,8 +202,11 @@ _dl_close_worker (struct link_map *map, bool force) + already processed it, then we need to go back + and process again from that point forward to + ensure we keep all of its dependencies also. */ +- if ((*lp)->l_idx - 1 < done_index) +- done_index = (*lp)->l_idx - 1; ++ if ((*lp)->l_idx < next_idx) ++ { ++ next = *lp; ++ next_idx = next->l_idx; ++ } + } + } + +@@ -219,44 +226,65 @@ _dl_close_worker (struct link_map *map, bool force) + if (!jmap->l_map_used) + { + jmap->l_map_used = 1; +- if (jmap->l_idx - 1 < done_index) +- done_index = jmap->l_idx - 1; ++ if (jmap->l_idx < next_idx) ++ { ++ next = jmap; ++ next_idx = next->l_idx; ++ } + } + } + } +- } + +- /* Sort the entries. We can skip looking for the binary itself which is +- at the front of the search list for the main namespace. */ +- _dl_sort_maps (maps, nloaded, (nsid == LM_ID_BASE), true); ++ l = next; ++ } + +- /* Call all termination functions at once. */ +- bool unload_any = false; +- bool scope_mem_left = false; +- unsigned int unload_global = 0; +- unsigned int first_loaded = ~0; +- for (unsigned int i = 0; i < nloaded; ++i) ++ /* Call the destructors in reverse constructor order, and remove the ++ closed link maps from the list. */ ++ for (struct link_map **init_called_head = &_dl_init_called_list; ++ *init_called_head != NULL; ) + { +- struct link_map *imap = maps[i]; ++ struct link_map *imap = *init_called_head; + +- /* All elements must be in the same namespace. */ +- assert (imap->l_ns == nsid); +- +- if (!imap->l_map_used) ++ /* _dl_init_called_list is global, to produce a global odering. ++ Ignore the other namespaces (and link maps that are still used). */ ++ if (imap->l_ns != nsid || imap->l_map_used) ++ init_called_head = &imap->l_init_called_next; ++ else + { + assert (imap->l_type == lt_loaded && !imap->l_nodelete_active); + +- /* Call its termination function. Do not do it for +- half-cooked objects. Temporarily disable exception +- handling, so that errors are fatal. */ +- if (imap->l_init_called) ++ /* _dl_init_called_list is updated at the same time as ++ l_init_called. */ ++ assert (imap->l_init_called); ++ ++ if (imap->l_info[DT_FINI_ARRAY] != NULL ++ || imap->l_info[DT_FINI] != NULL) + _dl_catch_exception (NULL, _dl_call_fini, imap); + + #ifdef SHARED + /* Auditing checkpoint: we remove an object. */ + _dl_audit_objclose (imap); + #endif ++ /* Unlink this link map. */ ++ *init_called_head = imap->l_init_called_next; ++ } ++ } ++ ++ ++ bool unload_any = false; ++ bool scope_mem_left = false; ++ unsigned int unload_global = 0; ++ ++ /* For skipping un-unloadable link maps in the second loop. */ ++ struct link_map *first_loaded = ns->_ns_loaded; + ++ /* Iterate over the namespace to find objects to unload. Some ++ unloadable objects may not be on _dl_init_called_list due to ++ dlopen failure. */ ++ for (struct link_map *imap = first_loaded; imap != NULL; imap = imap->l_next) ++ { ++ if (!imap->l_map_used) ++ { + /* This object must not be used anymore. */ + imap->l_removed = 1; + +@@ -267,8 +295,8 @@ _dl_close_worker (struct link_map *map, bool force) + ++unload_global; + + /* Remember where the first dynamically loaded object is. */ +- if (i < first_loaded) +- first_loaded = i; ++ if (first_loaded == NULL) ++ first_loaded = imap; + } + /* Else imap->l_map_used. */ + else if (imap->l_type == lt_loaded) +@@ -404,8 +432,8 @@ _dl_close_worker (struct link_map *map, bool force) + imap->l_loader = NULL; + + /* Remember where the first dynamically loaded object is. */ +- if (i < first_loaded) +- first_loaded = i; ++ if (first_loaded == NULL) ++ first_loaded = imap; + } + } + +@@ -476,10 +504,11 @@ _dl_close_worker (struct link_map *map, bool force) + + /* Check each element of the search list to see if all references to + it are gone. */ +- for (unsigned int i = first_loaded; i < nloaded; ++i) ++ for (struct link_map *imap = first_loaded; imap != NULL; ) + { +- struct link_map *imap = maps[i]; +- if (!imap->l_map_used) ++ if (imap->l_map_used) ++ imap = imap->l_next; ++ else + { + assert (imap->l_type == lt_loaded); + +@@ -690,7 +719,9 @@ _dl_close_worker (struct link_map *map, bool force) + if (imap == GL(dl_initfirst)) + GL(dl_initfirst) = NULL; + ++ struct link_map *next = imap->l_next; + free (imap); ++ imap = next; + } + } + +diff --git a/elf/dl-fini.c b/elf/dl-fini.c +index 9acb64f47c..e201d36651 100644 +--- a/elf/dl-fini.c ++++ b/elf/dl-fini.c +@@ -24,116 +24,68 @@ + void + _dl_fini (void) + { +- /* Lots of fun ahead. We have to call the destructors for all still +- loaded objects, in all namespaces. The problem is that the ELF +- specification now demands that dependencies between the modules +- are taken into account. I.e., the destructor for a module is +- called before the ones for any of its dependencies. +- +- To make things more complicated, we cannot simply use the reverse +- order of the constructors. Since the user might have loaded objects +- using `dlopen' there are possibly several other modules with its +- dependencies to be taken into account. Therefore we have to start +- determining the order of the modules once again from the beginning. */ +- +- /* We run the destructors of the main namespaces last. As for the +- other namespaces, we pick run the destructors in them in reverse +- order of the namespace ID. */ +-#ifdef SHARED +- int do_audit = 0; +- again: +-#endif +- for (Lmid_t ns = GL(dl_nns) - 1; ns >= 0; --ns) +- { +- /* Protect against concurrent loads and unloads. */ +- __rtld_lock_lock_recursive (GL(dl_load_lock)); +- +- unsigned int nloaded = GL(dl_ns)[ns]._ns_nloaded; +- /* No need to do anything for empty namespaces or those used for +- auditing DSOs. */ +- if (nloaded == 0 +-#ifdef SHARED +- || GL(dl_ns)[ns]._ns_loaded->l_auditing != do_audit +-#endif +- ) +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); +- else +- { ++ /* Call destructors strictly in the reverse order of constructors. ++ This causes fewer surprises than some arbitrary reordering based ++ on new (relocation) dependencies. None of the objects are ++ unmapped, so applications can deal with this if their DSOs remain ++ in a consistent state after destructors have run. */ ++ ++ /* Protect against concurrent loads and unloads. */ ++ __rtld_lock_lock_recursive (GL(dl_load_lock)); ++ ++ /* Ignore objects which are opened during shutdown. */ ++ struct link_map *local_init_called_list = _dl_init_called_list; ++ ++ for (struct link_map *l = local_init_called_list; l != NULL; ++ l = l->l_init_called_next) ++ /* Bump l_direct_opencount of all objects so that they ++ are not dlclose()ed from underneath us. */ ++ ++l->l_direct_opencount; ++ ++ /* After this point, everything linked from local_init_called_list ++ cannot be unloaded because of the reference counter update. */ ++ __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ ++ /* Perform two passes: One for non-audit modules, one for audit ++ modules. This way, audit modules receive unload notifications ++ for non-audit objects, and the destructors for audit modules ++ still run. */ + #ifdef SHARED +- _dl_audit_activity_nsid (ns, LA_ACT_DELETE); ++ int last_pass = GLRO(dl_naudit) > 0; ++ Lmid_t last_ns = -1; ++ for (int do_audit = 0; do_audit <= last_pass; ++do_audit) + #endif +- +- /* Now we can allocate an array to hold all the pointers and +- copy the pointers in. */ +- struct link_map *maps[nloaded]; +- +- unsigned int i; +- struct link_map *l; +- assert (nloaded != 0 || GL(dl_ns)[ns]._ns_loaded == NULL); +- for (l = GL(dl_ns)[ns]._ns_loaded, i = 0; l != NULL; l = l->l_next) +- /* Do not handle ld.so in secondary namespaces. */ +- if (l == l->l_real) +- { +- assert (i < nloaded); +- +- maps[i] = l; +- l->l_idx = i; +- ++i; +- +- /* Bump l_direct_opencount of all objects so that they +- are not dlclose()ed from underneath us. */ +- ++l->l_direct_opencount; +- } +- assert (ns != LM_ID_BASE || i == nloaded); +- assert (ns == LM_ID_BASE || i == nloaded || i == nloaded - 1); +- unsigned int nmaps = i; +- +- /* Now we have to do the sorting. We can skip looking for the +- binary itself which is at the front of the search list for +- the main namespace. */ +- _dl_sort_maps (maps, nmaps, (ns == LM_ID_BASE), true); +- +- /* We do not rely on the linked list of loaded object anymore +- from this point on. We have our own list here (maps). The +- various members of this list cannot vanish since the open +- count is too high and will be decremented in this loop. So +- we release the lock so that some code which might be called +- from a destructor can directly or indirectly access the +- lock. */ +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); +- +- /* 'maps' now contains the objects in the right order. Now +- call the destructors. We have to process this array from +- the front. */ +- for (i = 0; i < nmaps; ++i) +- { +- struct link_map *l = maps[i]; +- +- if (l->l_init_called) +- { +- _dl_call_fini (l); ++ for (struct link_map *l = local_init_called_list; l != NULL; ++ l = l->l_init_called_next) ++ { + #ifdef SHARED +- /* Auditing checkpoint: another object closed. */ +- _dl_audit_objclose (l); ++ if (GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing != do_audit) ++ continue; ++ ++ /* Avoid back-to-back calls of _dl_audit_activity_nsid for the ++ same namespace. */ ++ if (last_ns != l->l_ns) ++ { ++ if (last_ns >= 0) ++ _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); ++ _dl_audit_activity_nsid (l->l_ns, LA_ACT_DELETE); ++ last_ns = l->l_ns; ++ } + #endif +- } + +- /* Correct the previous increment. */ +- --l->l_direct_opencount; +- } ++ /* There is no need to re-enable exceptions because _dl_fini ++ is not called from a context where exceptions are caught. */ ++ _dl_call_fini (l); + + #ifdef SHARED +- _dl_audit_activity_nsid (ns, LA_ACT_CONSISTENT); ++ /* Auditing checkpoint: another object closed. */ ++ _dl_audit_objclose (l); + #endif +- } +- } ++ } + + #ifdef SHARED +- if (! do_audit && GLRO(dl_naudit) > 0) +- { +- do_audit = 1; +- goto again; +- } ++ if (last_ns >= 0) ++ _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); + + if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_STATISTICS)) + _dl_debug_printf ("\nruntime linker statistics:\n" +diff --git a/elf/dl-init.c b/elf/dl-init.c +index ba4d2fdc85..ffd05b7806 100644 +--- a/elf/dl-init.c ++++ b/elf/dl-init.c +@@ -21,6 +21,7 @@ + #include + #include + ++struct link_map *_dl_init_called_list; + + static void + call_init (struct link_map *l, int argc, char **argv, char **env) +@@ -42,6 +43,21 @@ call_init (struct link_map *l, int argc, char **argv, char **env) + dependency. */ + l->l_init_called = 1; + ++ /* Help an already-running dlclose: The just-loaded object must not ++ be removed during the current pass. (No effect if no dlclose in ++ progress.) */ ++ l->l_map_used = 1; ++ ++ /* Record execution before starting any initializers. This way, if ++ the initializers themselves call dlopen, their ELF destructors ++ will eventually be run before this object is destructed, matching ++ that their ELF constructors have run before this object was ++ constructed. _dl_fini uses this list for audit callbacks, so ++ register objects on the list even if they do not have a ++ constructor. */ ++ l->l_init_called_next = _dl_init_called_list; ++ _dl_init_called_list = l; ++ + /* Check for object which constructors we do not run here. */ + if (__builtin_expect (l->l_name[0], 'a') == '\0' + && l->l_type == lt_executable) +diff --git a/elf/dso-sort-tests-1.def b/elf/dso-sort-tests-1.def +index 4bf9052db1..61dc54f8ae 100644 +--- a/elf/dso-sort-tests-1.def ++++ b/elf/dso-sort-tests-1.def +@@ -53,21 +53,14 @@ tst-dso-ordering10: {}->a->b->c;soname({})=c + output: b>a>{}b->c->d order). +-# The older dynamic_sort=1 algorithm does not achieve this, while the DFS-based +-# dynamic_sort=2 algorithm does, although it is still arguable whether going +-# beyond spec to do this is the right thing to do. +-# The below expected outputs are what the two algorithms currently produce +-# respectively, for regression testing purposes. ++# relocation(dynamic) dependencies. For both sorting algorithms, the ++# destruction order is the reverse of the construction order, and ++# relocation dependencies are not taken into account. + tst-bz15311: {+a;+e;+f;+g;+d;%d;-d;-g;-f;-e;-a};a->b->c->d;d=>[ba];c=>a;b=>e=>a;c=>f=>b;d=>g=>c +-output(glibc.rtld.dynamic_sort=1): {+a[d>c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[a1;a->a2;a2->a;b->b1;c->a1;c=>a1 +-output(glibc.rtld.dynamic_sort=1): {+a[a2>a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());} +Date: Tue, 1 Aug 2023 17:01:37 +0200 +Subject: [PATCH 2/4] iconv: restore verbosity with unrecognized encoding names + (bug 30694) + +Commit 91927b7c76 ("Rewrite iconv option parsing [BZ #19519]") changed the +iconv program to call __gconv_open directly instead of the iconv_open +wrapper, but the former does not set errno. Update the caller to +interpret the return codes like iconv_open does. + +(cherry picked from commit fc72b6d7d818ab2868920af956d1542d03342a4d) +--- + iconv/iconv_prog.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/iconv/iconv_prog.c b/iconv/iconv_prog.c +index bee898c63c..cf32cf9b44 100644 +--- a/iconv/iconv_prog.c ++++ b/iconv/iconv_prog.c +@@ -187,7 +187,7 @@ main (int argc, char *argv[]) + + if (res != __GCONV_OK) + { +- if (errno == EINVAL) ++ if (res == __GCONV_NOCONV || res == __GCONV_NODB) + { + /* Try to be nice with the user and tell her which of the + two encoding names is wrong. This is possible because +-- +2.33.0 + diff --git a/0002-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch b/0002-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch new file mode 100644 index 0000000..b3d890d --- /dev/null +++ b/0002-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch @@ -0,0 +1,52 @@ +From 5753cda1ca0749002c4718122a9b6d5177087b7b Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 15 Mar 2024 19:08:24 +0100 +Subject: [PATCH 02/26] linux: Use rseq area unconditionally in sched_getcpu + (bug 31479) + +Originally, nptl/descr.h included , but we removed that +in commit 2c6b4b272e6b4d07303af25709051c3e96288f2d ("nptl: +Unconditionally use a 32-byte rseq area"). After that, it was +not ensured that the RSEQ_SIG macro was defined during sched_getcpu.c +compilation that provided a definition. This commit always checks +the rseq area for CPU number information before using the other +approaches. + +This adds an unnecessary (but well-predictable) branch on +architectures which do not define RSEQ_SIG, but its cost is small +compared to the system call. Most architectures that have vDSO +acceleration for getcpu also have rseq support. + +Fixes: 2c6b4b272e6b4d07303af25709051c3e96288f2d +Fixes: 1d350aa06091211863e41169729cee1bca39f72f +Reviewed-by: Arjun Shankar +(cherry picked from commit 7a76f218677d149d8b7875b336722108239f7ee9) +--- + sysdeps/unix/sysv/linux/sched_getcpu.c | 8 -------- + 1 file changed, 8 deletions(-) + +diff --git a/sysdeps/unix/sysv/linux/sched_getcpu.c b/sysdeps/unix/sysv/linux/sched_getcpu.c +index 4457d714bc..22700ef846 100644 +--- a/sysdeps/unix/sysv/linux/sched_getcpu.c ++++ b/sysdeps/unix/sysv/linux/sched_getcpu.c +@@ -33,17 +33,9 @@ vsyscall_sched_getcpu (void) + return r == -1 ? r : cpu; + } + +-#ifdef RSEQ_SIG + int + sched_getcpu (void) + { + int cpu_id = THREAD_GETMEM_VOLATILE (THREAD_SELF, rseq_area.cpu_id); + return __glibc_likely (cpu_id >= 0) ? cpu_id : vsyscall_sched_getcpu (); + } +-#else /* RSEQ_SIG */ +-int +-sched_getcpu (void) +-{ +- return vsyscall_sched_getcpu (); +-} +-#endif /* RSEQ_SIG */ +-- +2.33.0 + diff --git a/0002-nptl-Update-comments-and-indentation-for-new-condvar.patch b/0002-nptl-Update-comments-and-indentation-for-new-condvar.patch index e431eb6..b3f7208 100644 --- a/0002-nptl-Update-comments-and-indentation-for-new-condvar.patch +++ b/0002-nptl-Update-comments-and-indentation-for-new-condvar.patch @@ -1,7 +1,7 @@ From b5c4727e590ab9545d74b16f03338261870563bf Mon Sep 17 00:00:00 2001 From: Malte Skarupke Date: Fri, 11 Jul 2025 05:57:42 -0700 -Subject: [PATCH 02/10] nptl: Update comments and indentation for new condvar +Subject: [PATCH] nptl: Update comments and indentation for new condvar implementation [BZ #25847] @@ -141,5 +141,5 @@ index 235813f685..a01904c965 100644 &signals, signals - 2)); -- -2.39.3 +2.27.0 diff --git a/0002-nptl-fix-potential-merge-of-__rseq_-relro-symbols.patch b/0002-nptl-fix-potential-merge-of-__rseq_-relro-symbols.patch new file mode 100644 index 0000000..f393800 --- /dev/null +++ b/0002-nptl-fix-potential-merge-of-__rseq_-relro-symbols.patch @@ -0,0 +1,161 @@ +From 7bfc35959dae3287e9097a960ebfddb19441bb55 Mon Sep 17 00:00:00 2001 +From: Michael Jeanson +Date: Wed, 3 Jul 2024 12:35:34 -0400 +Subject: [PATCH 02/12] nptl: fix potential merge of __rseq_* relro symbols + +While working on a patch to add support for the extensible rseq ABI, we +came across an issue where a new 'const' variable would be merged with +the existing '__rseq_size' variable. We tracked this to the use of +'-fmerge-all-constants' which allows the compiler to merge identical +constant variables. This means that all 'const' variables in a compile +unit that are of the same size and are initialized to the same value can +be merged. + +In this specific case, on 32 bit systems 'unsigned int' and 'ptrdiff_t' +are both 4 bytes and initialized to 0 which should trigger the merge. +However for reasons we haven't delved into when the attribute 'section +(".data.rel.ro")' is added to the mix, only variables of the same exact +types are merged. As far as we know this behavior is not specified +anywhere and could change with a new compiler version, hence this patch. + +Move the definitions of these variables into an assembler file and add +hidden writable aliases for internal use. This has the added bonus of +removing the asm workaround to set the values on rseq registration. + +Tested on Debian 12 with GCC 12.2. + +Signed-off-by: Michael Jeanson +Reviewed-by: Mathieu Desnoyers +Reviewed-by: Florian Weimer +(cherry picked from commit 2b92982e2369d292560793bee8e730f695f48ff3) +--- + elf/Makefile | 1 + + elf/dl-rseq-symbols.S | 64 +++++++++++++++++++++++++++++++++++ + sysdeps/nptl/dl-tls_init_tp.c | 14 ++++---- + 3 files changed, 71 insertions(+), 8 deletions(-) + create mode 100644 elf/dl-rseq-symbols.S + +diff --git a/elf/Makefile b/elf/Makefile +index c2af11b92c..04e1d7ded5 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -74,6 +74,7 @@ dl-routines = \ + dl-printf \ + dl-profile \ + dl-reloc \ ++ dl-rseq-symbols \ + dl-runtime \ + dl-scope \ + dl-setup_hash \ +diff --git a/elf/dl-rseq-symbols.S b/elf/dl-rseq-symbols.S +new file mode 100644 +index 0000000000..b4bba06a99 +--- /dev/null ++++ b/elf/dl-rseq-symbols.S +@@ -0,0 +1,64 @@ ++/* Define symbols used by rseq. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++#if __WORDSIZE == 64 ++#define RSEQ_OFFSET_SIZE 8 ++#else ++#define RSEQ_OFFSET_SIZE 4 ++#endif ++ ++/* Some targets define a macro to denote the zero register. */ ++#undef zero ++ ++/* Define 2 symbols: '__rseq_size' is public const and '_rseq_size' (an ++ alias of '__rseq_size') is hidden and writable for internal use by the ++ dynamic linker which will initialize the value both symbols point to ++ before copy relocations take place. */ ++ ++ .globl __rseq_size ++ .type __rseq_size, %object ++ .size __rseq_size, 4 ++ .hidden _rseq_size ++ .globl _rseq_size ++ .type _rseq_size, %object ++ .size _rseq_size, 4 ++ .section .data.rel.ro ++ .balign 4 ++__rseq_size: ++_rseq_size: ++ .zero 4 ++ ++/* Define 2 symbols: '__rseq_offset' is public const and '_rseq_offset' (an ++ alias of '__rseq_offset') is hidden and writable for internal use by the ++ dynamic linker which will initialize the value both symbols point to ++ before copy relocations take place. */ ++ ++ .globl __rseq_offset ++ .type __rseq_offset, %object ++ .size __rseq_offset, RSEQ_OFFSET_SIZE ++ .hidden _rseq_offset ++ .globl _rseq_offset ++ .type _rseq_offset, %object ++ .size _rseq_offset, RSEQ_OFFSET_SIZE ++ .section .data.rel.ro ++ .balign RSEQ_OFFSET_SIZE ++__rseq_offset: ++_rseq_offset: ++ .zero RSEQ_OFFSET_SIZE +diff --git a/sysdeps/nptl/dl-tls_init_tp.c b/sysdeps/nptl/dl-tls_init_tp.c +index 2ed98c5a31..45ae260ceb 100644 +--- a/sysdeps/nptl/dl-tls_init_tp.c ++++ b/sysdeps/nptl/dl-tls_init_tp.c +@@ -45,8 +45,10 @@ rtld_mutex_dummy (pthread_mutex_t *lock) + #endif + + const unsigned int __rseq_flags; +-const unsigned int __rseq_size attribute_relro; +-const ptrdiff_t __rseq_offset attribute_relro; ++ ++/* The variables are in .data.relro but are not yet write-protected. */ ++extern unsigned int _rseq_size attribute_hidden; ++extern ptrdiff_t _rseq_offset attribute_hidden; + + void + __tls_pre_init_tp (void) +@@ -105,10 +107,7 @@ __tls_init_tp (void) + do_rseq = TUNABLE_GET (rseq, int, NULL); + if (rseq_register_current_thread (pd, do_rseq)) + { +- /* We need a writable view of the variables. They are in +- .data.relro and are not yet write-protected. */ +- extern unsigned int size __asm__ ("__rseq_size"); +- size = sizeof (pd->rseq_area); ++ _rseq_size = sizeof (pd->rseq_area); + } + + #ifdef RSEQ_SIG +@@ -117,8 +116,7 @@ __tls_init_tp (void) + all targets support __thread_pointer, so set __rseq_offset only + if the rseq registration may have happened because RSEQ_SIG is + defined. */ +- extern ptrdiff_t offset __asm__ ("__rseq_offset"); +- offset = (char *) &pd->rseq_area - (char *) __thread_pointer (); ++ _rseq_offset = (char *) &pd->rseq_area - (char *) __thread_pointer (); + #endif + } + +-- +2.33.0 + diff --git a/0002-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch b/0002-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch new file mode 100644 index 0000000..a0aed1a --- /dev/null +++ b/0002-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch @@ -0,0 +1,185 @@ +From 6b99458d197ab779ebb6ff632c168e2cbfa4f543 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 11 Aug 2023 10:10:16 +0200 +Subject: [PATCH 02/12] nscd: Do not rebuild getaddrinfo (bug 30709) + +The nscd daemon caches hosts data from NSS modules verbatim, without +filtering protocol families or sorting them (otherwise separate caches +would be needed for certain ai_flags combinations). The cache +implementation is complete separate from the getaddrinfo code. This +means that rebuilding getaddrinfo is not needed. The only function +actually used is __bump_nl_timestamp from check_pf.c, and this change +moves it into nscd/connections.c. + +Tested on x86_64-linux-gnu with -fexceptions, built with +build-many-glibcs.py. I also backported this patch into a distribution +that still supports nscd and verified manually that caching still works. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 039ff51ac7e02db1cfc0c23e38ac7bfbb00221d1) +--- + include/ifaddrs.h | 4 --- + inet/check_pf.c | 9 ------ + nscd/Makefile | 2 +- + nscd/connections.c | 11 +++++++ + nscd/gai.c | 50 ------------------------------ + sysdeps/unix/sysv/linux/check_pf.c | 17 +--------- + 6 files changed, 13 insertions(+), 80 deletions(-) + delete mode 100644 nscd/gai.c + +diff --git a/include/ifaddrs.h b/include/ifaddrs.h +index 416118f1b3..19a3afb19f 100644 +--- a/include/ifaddrs.h ++++ b/include/ifaddrs.h +@@ -34,9 +34,5 @@ extern void __check_native (uint32_t a1_index, int *a1_native, + uint32_t a2_index, int *a2_native) + attribute_hidden; + +-#if IS_IN (nscd) +-extern uint32_t __bump_nl_timestamp (void) attribute_hidden; +-#endif +- + # endif /* !_ISOMAC */ + #endif /* ifaddrs.h */ +diff --git a/inet/check_pf.c b/inet/check_pf.c +index 5310c99121..6d1475920f 100644 +--- a/inet/check_pf.c ++++ b/inet/check_pf.c +@@ -60,12 +60,3 @@ __free_in6ai (struct in6addrinfo *in6ai) + { + /* Nothing to do. */ + } +- +- +-#if IS_IN (nscd) +-uint32_t +-__bump_nl_timestamp (void) +-{ +- return 0; +-} +-#endif +diff --git a/nscd/Makefile b/nscd/Makefile +index 2a0489f4cf..16b6460ee9 100644 +--- a/nscd/Makefile ++++ b/nscd/Makefile +@@ -35,7 +35,7 @@ nscd-modules := nscd connections pwdcache getpwnam_r getpwuid_r grpcache \ + getgrnam_r getgrgid_r hstcache gethstbyad_r gethstbynm3_r \ + getsrvbynm_r getsrvbypt_r servicescache \ + dbg_log nscd_conf nscd_stat cache mem nscd_setup_thread \ +- xmalloc xstrdup aicache initgrcache gai res_hconf \ ++ xmalloc xstrdup aicache initgrcache res_hconf \ + netgroupcache cachedumper + + ifeq ($(build-nscd)$(have-thread-library),yesyes) +diff --git a/nscd/connections.c b/nscd/connections.c +index a405a44a9b..15693e5090 100644 +--- a/nscd/connections.c ++++ b/nscd/connections.c +@@ -256,6 +256,17 @@ int inotify_fd = -1; + #ifdef HAVE_NETLINK + /* Descriptor for netlink status updates. */ + static int nl_status_fd = -1; ++ ++static uint32_t ++__bump_nl_timestamp (void) ++{ ++ static uint32_t nl_timestamp; ++ ++ if (atomic_fetch_add_relaxed (&nl_timestamp, 1) + 1 == 0) ++ atomic_fetch_add_relaxed (&nl_timestamp, 1); ++ ++ return nl_timestamp; ++} + #endif + + /* Number of times clients had to wait. */ +diff --git a/nscd/gai.c b/nscd/gai.c +deleted file mode 100644 +index e29f3fe583..0000000000 +--- a/nscd/gai.c ++++ /dev/null +@@ -1,50 +0,0 @@ +-/* Copyright (C) 2004-2023 Free Software Foundation, Inc. +- This file is part of the GNU C Library. +- +- This program is free software; you can redistribute it and/or modify +- it under the terms of the GNU General Public License as published +- by the Free Software Foundation; version 2 of the License, or +- (at your option) any later version. +- +- This program is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- GNU General Public License for more details. +- +- You should have received a copy of the GNU General Public License +- along with this program; if not, see . */ +- +-#include +-#include +- +-/* This file uses the getaddrinfo code but it compiles it without NSCD +- support. We just need a few symbol renames. */ +-#define __ioctl ioctl +-#define __getsockname getsockname +-#define __socket socket +-#define __recvmsg recvmsg +-#define __bind bind +-#define __sendto sendto +-#define __strchrnul strchrnul +-#define __getline getline +-#define __qsort_r qsort_r +-/* nscd uses 1MB or 2MB thread stacks. */ +-#define __libc_use_alloca(size) (size <= __MAX_ALLOCA_CUTOFF) +-#define __getifaddrs getifaddrs +-#define __freeifaddrs freeifaddrs +-#undef __fstat64 +-#define __fstat64 fstat64 +-#undef __stat64 +-#define __stat64 stat64 +- +-/* We are nscd, so we don't want to be talking to ourselves. */ +-#undef USE_NSCD +- +-#include +- +-/* Support code. */ +-#include +-#include +- +-/* Some variables normally defined in libc. */ +-nss_action_list __nss_hosts_database attribute_hidden; +diff --git a/sysdeps/unix/sysv/linux/check_pf.c b/sysdeps/unix/sysv/linux/check_pf.c +index 2b0b8b6368..3aa6a00348 100644 +--- a/sysdeps/unix/sysv/linux/check_pf.c ++++ b/sysdeps/unix/sysv/linux/check_pf.c +@@ -66,25 +66,10 @@ static struct cached_data *cache; + __libc_lock_define_initialized (static, lock); + + +-#if IS_IN (nscd) +-static uint32_t nl_timestamp; +- +-uint32_t +-__bump_nl_timestamp (void) +-{ +- if (atomic_fetch_add_relaxed (&nl_timestamp, 1) + 1 == 0) +- atomic_fetch_add_relaxed (&nl_timestamp, 1); +- +- return nl_timestamp; +-} +-#endif +- + static inline uint32_t + get_nl_timestamp (void) + { +-#if IS_IN (nscd) +- return nl_timestamp; +-#elif defined USE_NSCD ++#if defined USE_NSCD + return __nscd_get_nl_timestamp (); + #else + return 0; +-- +2.33.0 + diff --git a/0003-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch b/0003-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch new file mode 100644 index 0000000..0508bef --- /dev/null +++ b/0003-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch @@ -0,0 +1,32 @@ +From 73e3fcd1a552783e66ff1f65c5f322e2f17a81d1 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 19 Sep 2023 13:25:40 -0400 +Subject: [PATCH 3/4] Propagate GLIBC_TUNABLES in setxid binaries + +GLIBC_TUNABLES scrubbing happens earlier than envvar scrubbing and some +tunables are required to propagate past setxid boundary, like their +env_alias. Rely on tunable scrubbing to clean out GLIBC_TUNABLES like +before, restoring behaviour in glibc 2.37 and earlier. + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: Carlos O'Donell +(cherry picked from commit 0d5f9ea97f1b39f2a855756078771673a68497e1) +--- + sysdeps/generic/unsecvars.h | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h +index 81397fb90b..8278c50a84 100644 +--- a/sysdeps/generic/unsecvars.h ++++ b/sysdeps/generic/unsecvars.h +@@ -4,7 +4,6 @@ + #define UNSECURE_ENVVARS \ + "GCONV_PATH\0" \ + "GETCONF_DIR\0" \ +- "GLIBC_TUNABLES\0" \ + "HOSTALIASES\0" \ + "LD_AUDIT\0" \ + "LD_DEBUG\0" \ +-- +2.33.0 + diff --git a/0003-Revert-elf-Move-l_init_called_next-to-old-place-of-l.patch b/0003-Revert-elf-Move-l_init_called_next-to-old-place-of-l.patch new file mode 100644 index 0000000..f634150 --- /dev/null +++ b/0003-Revert-elf-Move-l_init_called_next-to-old-place-of-l.patch @@ -0,0 +1,42 @@ +From 1e04dcec491bd8f48b5b74ce3e8414132578a645 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 19 Oct 2023 09:17:38 +0200 +Subject: [PATCH 3/3] Revert "elf: Move l_init_called_next to old place of + l_text_end in link map" + +This reverts commit d3ba6c1333b10680ce5900a628108507d9d4b844. + +Reason: Preserve internal ABI. +--- + include/link.h | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/include/link.h b/include/link.h +index a02d5f2eba..69bda3ed17 100644 +--- a/include/link.h ++++ b/include/link.h +@@ -256,10 +256,6 @@ struct link_map + /* End of the executable part of the mapping. */ + ElfW(Addr) l_text_end; + +- /* Linked list of objects in reverse ELF constructor execution +- order. Head of list is stored in _dl_init_called_list. */ +- struct link_map *l_init_called_next; +- + /* Default array for 'l_scope'. */ + struct r_scope_elem *l_scope_mem[4]; + /* Size of array allocated for 'l_scope'. */ +@@ -282,6 +278,10 @@ struct link_map + /* List of object in order of the init and fini calls. */ + struct link_map **l_initfini; + ++ /* Linked list of objects in reverse ELF constructor execution ++ order. Head of list is stored in _dl_init_called_list. */ ++ struct link_map *l_init_called_next; ++ + /* List of the dependencies introduced through symbol binding. */ + struct link_map_reldeps + { +-- +2.33.0 + diff --git a/0003-elf-Make-dl-rseq-symbols-Linux-only.patch b/0003-elf-Make-dl-rseq-symbols-Linux-only.patch new file mode 100644 index 0000000..484d0d0 --- /dev/null +++ b/0003-elf-Make-dl-rseq-symbols-Linux-only.patch @@ -0,0 +1,51 @@ +From d9d019d674f95509b5001f4d878ae09e32ea7a10 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Thu, 4 Jul 2024 10:09:07 -0300 +Subject: [PATCH 03/12] elf: Make dl-rseq-symbols Linux only + +And avoid a Hurd build failures. + +Checked on x86_64-linux-gnu. + +(cherry picked from commit 9fc639f654dc004736836613be703e6bed0c36a8) +--- + elf/Makefile | 1 - + sysdeps/unix/sysv/linux/Makefile | 4 ++++ + {elf => sysdeps/unix/sysv/linux}/dl-rseq-symbols.S | 0 + 3 files changed, 4 insertions(+), 1 deletion(-) + rename {elf => sysdeps/unix/sysv/linux}/dl-rseq-symbols.S (100%) + +diff --git a/elf/Makefile b/elf/Makefile +index 04e1d7ded5..c2af11b92c 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -74,7 +74,6 @@ dl-routines = \ + dl-printf \ + dl-profile \ + dl-reloc \ +- dl-rseq-symbols \ + dl-runtime \ + dl-scope \ + dl-setup_hash \ +diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile +index be801e3be4..623a7d4de0 100644 +--- a/sysdeps/unix/sysv/linux/Makefile ++++ b/sysdeps/unix/sysv/linux/Makefile +@@ -587,6 +587,10 @@ tests += \ + endif + + ifeq ($(subdir),elf) ++dl-routines += \ ++ dl-rseq-symbols \ ++ # dl-routines ++ + sysdep-rtld-routines += \ + dl-brk \ + dl-getcwd \ +diff --git a/elf/dl-rseq-symbols.S b/sysdeps/unix/sysv/linux/dl-rseq-symbols.S +similarity index 100% +rename from elf/dl-rseq-symbols.S +rename to sysdeps/unix/sysv/linux/dl-rseq-symbols.S +-- +2.33.0 + diff --git a/0003-elf-Remove-unused-l_text_end-field-from-struct-link_.patch b/0003-elf-Remove-unused-l_text_end-field-from-struct-link_.patch new file mode 100644 index 0000000..86e34f8 --- /dev/null +++ b/0003-elf-Remove-unused-l_text_end-field-from-struct-link_.patch @@ -0,0 +1,142 @@ +From 750f19526ae71aac801c77a3f7ef5374890c09b7 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 8 Sep 2023 13:02:06 +0200 +Subject: [PATCH 3/5] elf: Remove unused l_text_end field from struct link_map + +It is a left-over from commit 52a01100ad011293197637e42b5be1a479a2 +("elf: Remove ad-hoc restrictions on dlopen callers [BZ #22787]"). + +When backporting commmit 6985865bc3ad5b23147ee73466583dd7fdf65892 +("elf: Always call destructors in reverse constructor order +(bug 30785)"), we can move the l_init_called_next field to this +place, so that the internal GLIBC_PRIVATE ABI does not change. + +Reviewed-by: Carlos O'Donell +Tested-by: Carlos O'Donell +(cherry picked from commit 53df2ce6885da3d0e89e87dca7b095622296014f) +--- + elf/dl-load.c | 2 +- + elf/dl-load.h | 7 ++----- + elf/rtld.c | 6 ------ + elf/setup-vdso.h | 4 ---- + include/link.h | 2 -- + 5 files changed, 3 insertions(+), 18 deletions(-) + +diff --git a/elf/dl-load.c b/elf/dl-load.c +index 9a87fda9c9..2923b1141d 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1253,7 +1253,7 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, + + /* Now process the load commands and map segments into memory. + This is responsible for filling in: +- l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr ++ l_map_start, l_map_end, l_addr, l_contiguous, l_phdr + */ + errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds, + maplength, has_holes, loader); +diff --git a/elf/dl-load.h b/elf/dl-load.h +index ecf6910c68..1d5207694b 100644 +--- a/elf/dl-load.h ++++ b/elf/dl-load.h +@@ -83,14 +83,11 @@ struct loadcmd + + /* This is a subroutine of _dl_map_segments. It should be called for each + load command, some time after L->l_addr has been set correctly. It is +- responsible for setting up the l_text_end and l_phdr fields. */ ++ responsible for setting the l_phdr fields */ + static __always_inline void + _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, + const struct loadcmd *c) + { +- if (c->prot & PROT_EXEC) +- l->l_text_end = l->l_addr + c->mapend; +- + if (l->l_phdr == 0 + && c->mapoff <= header->e_phoff + && ((size_t) (c->mapend - c->mapstart + c->mapoff) +@@ -103,7 +100,7 @@ _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, + + /* This is a subroutine of _dl_map_object_from_fd. It is responsible + for filling in several fields in *L: l_map_start, l_map_end, l_addr, +- l_contiguous, l_text_end, l_phdr. On successful return, all the ++ l_contiguous, l_phdr. On successful return, all the + segments are mapped (or copied, or whatever) from the file into their + final places in the address space, with the correct page permissions, + and any bss-like regions already zeroed. It returns a null pointer +diff --git a/elf/rtld.c b/elf/rtld.c +index a91e2a4471..5107d16fe3 100644 +--- a/elf/rtld.c ++++ b/elf/rtld.c +@@ -477,7 +477,6 @@ _dl_start_final (void *arg, struct dl_start_final_info *info) + GL(dl_rtld_map).l_real = &GL(dl_rtld_map); + GL(dl_rtld_map).l_map_start = (ElfW(Addr)) &__ehdr_start; + GL(dl_rtld_map).l_map_end = (ElfW(Addr)) _end; +- GL(dl_rtld_map).l_text_end = (ElfW(Addr)) _etext; + /* Copy the TLS related data if necessary. */ + #ifndef DONT_USE_BOOTSTRAP_MAP + # if NO_TLS_OFFSET != 0 +@@ -1119,7 +1118,6 @@ rtld_setup_main_map (struct link_map *main_map) + bool has_interp = false; + + main_map->l_map_end = 0; +- main_map->l_text_end = 0; + /* Perhaps the executable has no PT_LOAD header entries at all. */ + main_map->l_map_start = ~0; + /* And it was opened directly. */ +@@ -1211,8 +1209,6 @@ rtld_setup_main_map (struct link_map *main_map) + allocend = main_map->l_addr + ph->p_vaddr + ph->p_memsz; + if (main_map->l_map_end < allocend) + main_map->l_map_end = allocend; +- if ((ph->p_flags & PF_X) && allocend > main_map->l_text_end) +- main_map->l_text_end = allocend; + + /* The next expected address is the page following this load + segment. */ +@@ -1272,8 +1268,6 @@ rtld_setup_main_map (struct link_map *main_map) + = (char *) main_map->l_tls_initimage + main_map->l_addr; + if (! main_map->l_map_end) + main_map->l_map_end = ~0; +- if (! main_map->l_text_end) +- main_map->l_text_end = ~0; + if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name) + { + /* We were invoked directly, so the program might not have a +diff --git a/elf/setup-vdso.h b/elf/setup-vdso.h +index 0079842d1f..d92b12a7aa 100644 +--- a/elf/setup-vdso.h ++++ b/elf/setup-vdso.h +@@ -51,9 +51,6 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), + l->l_addr = ph->p_vaddr; + if (ph->p_vaddr + ph->p_memsz >= l->l_map_end) + l->l_map_end = ph->p_vaddr + ph->p_memsz; +- if ((ph->p_flags & PF_X) +- && ph->p_vaddr + ph->p_memsz >= l->l_text_end) +- l->l_text_end = ph->p_vaddr + ph->p_memsz; + } + else + /* There must be no TLS segment. */ +@@ -62,7 +59,6 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), + l->l_map_start = (ElfW(Addr)) GLRO(dl_sysinfo_dso); + l->l_addr = l->l_map_start - l->l_addr; + l->l_map_end += l->l_addr; +- l->l_text_end += l->l_addr; + l->l_ld = (void *) ((ElfW(Addr)) l->l_ld + l->l_addr); + elf_get_dynamic_info (l, false, false); + _dl_setup_hash (l); +diff --git a/include/link.h b/include/link.h +index 69bda3ed17..c6af095d87 100644 +--- a/include/link.h ++++ b/include/link.h +@@ -253,8 +253,6 @@ struct link_map + /* Start and finish of memory map for this object. l_map_start + need not be the same as l_addr. */ + ElfW(Addr) l_map_start, l_map_end; +- /* End of the executable part of the mapping. */ +- ElfW(Addr) l_text_end; + + /* Default array for 'l_scope'. */ + struct r_scope_elem *l_scope_mem[4]; +-- +2.33.0 + diff --git a/0003-nptl-Remove-unnecessary-catch-all-wake-in-condvar-gr.patch b/0003-nptl-Remove-unnecessary-catch-all-wake-in-condvar-gr.patch index 0542bbf..d37d6bb 100644 --- a/0003-nptl-Remove-unnecessary-catch-all-wake-in-condvar-gr.patch +++ b/0003-nptl-Remove-unnecessary-catch-all-wake-in-condvar-gr.patch @@ -1,7 +1,7 @@ From 1fa5e5189713e64fbd1bd775ab1cb6de1035eff9 Mon Sep 17 00:00:00 2001 From: Malte Skarupke Date: Fri, 11 Jul 2025 05:57:43 -0700 -Subject: [PATCH 03/10] nptl: Remove unnecessary catch-all-wake in condvar +Subject: [PATCH] nptl: Remove unnecessary catch-all-wake in condvar group switch [BZ #25847] @@ -74,5 +74,5 @@ index c1eeec6a93..1c43432bc5 100644 No old waiter can neither grab a signal nor acquire a reference without noticing that __g1_start is larger. -- -2.39.3 +2.27.0 diff --git a/0003-string-Fix-tester-build-with-fortify-enable-with-gcc.patch b/0003-string-Fix-tester-build-with-fortify-enable-with-gcc.patch new file mode 100644 index 0000000..b467daa --- /dev/null +++ b/0003-string-Fix-tester-build-with-fortify-enable-with-gcc.patch @@ -0,0 +1,50 @@ +From d94461bb86ba176b9390c0015bb612a528e22d95 Mon Sep 17 00:00:00 2001 +From: Mahesh Bodapati +Date: Fri, 11 Aug 2023 10:38:25 -0500 +Subject: [PATCH 3/4] string: Fix tester build with fortify enable with gcc < + 12 + +When building with fortify enabled, GCC < 12 issues a warning on the +fortify strncat wrapper might overflow the destination buffer (the +failure is tied to -Werror). + +Checked on ppc64 and x86_64. +Reviewed-by: Adhemerval Zanella + +(cherry picked from commit f1c7ed0859a45929136836341741c7cd70f428cb) +--- + string/tester.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/string/tester.c b/string/tester.c +index f7d4bac5a8..824cf315ff 100644 +--- a/string/tester.c ++++ b/string/tester.c +@@ -34,6 +34,14 @@ + DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-truncation"); + #endif + ++/* When building with fortify enabled, GCC < 12 issues a warning on the ++ fortify strncat wrapper might overflow the destination buffer (the ++ failure is tied to -Werror). ++ Triggered by strncat fortify wrapper when it is enabled. */ ++#if __GNUC_PREREQ (11, 0) ++DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread"); ++#endif ++ + #include + #include + #include +@@ -52,9 +60,6 @@ DIAG_IGNORE_NEEDS_COMMENT (5.0, "-Wmemset-transposed-args"); + DIAG_IGNORE_NEEDS_COMMENT (9, "-Wrestrict"); + DIAG_IGNORE_NEEDS_COMMENT (7, "-Wstringop-overflow="); + #endif +-#if __GNUC_PREREQ (11, 0) +-DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread"); +-#endif + + + #define STREQ(a, b) (strcmp((a), (b)) == 0) +-- +2.33.0 + diff --git a/0003-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch b/0003-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch new file mode 100644 index 0000000..cb8390d --- /dev/null +++ b/0003-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch @@ -0,0 +1,45 @@ +From 5ea70cc02626d9b85f1570153873d8648a47bf95 Mon Sep 17 00:00:00 2001 +From: Noah Goldstein +Date: Thu, 10 Aug 2023 19:28:24 -0500 +Subject: [PATCH 03/12] x86: Fix incorrect scope of setting `shared_per_thread` + [BZ# 30745] + +The: + +``` + if (shared_per_thread > 0 && threads > 0) + shared_per_thread /= threads; +``` + +Code was accidentally moved to inside the else scope. This doesn't +match how it was previously (before af992e7abd). + +This patch fixes that by putting the division after the `else` block. + +(cherry picked from commit 084fb31bc2c5f95ae0b9e6df4d3cf0ff43471ede) +--- + sysdeps/x86/dl-cacheinfo.h | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h +index 285773039f..5ddb35c9d9 100644 +--- a/sysdeps/x86/dl-cacheinfo.h ++++ b/sysdeps/x86/dl-cacheinfo.h +@@ -770,11 +770,10 @@ get_common_cache_info (long int *shared_ptr, long int * shared_per_thread_ptr, u + level. */ + threads = ((cpu_features->features[CPUID_INDEX_1].cpuid.ebx >> 16) + & 0xff); +- +- /* Get per-thread size of highest level cache. */ +- if (shared_per_thread > 0 && threads > 0) +- shared_per_thread /= threads; + } ++ /* Get per-thread size of highest level cache. */ ++ if (shared_per_thread > 0 && threads > 0) ++ shared_per_thread /= threads; + } + + /* Account for non-inclusive L2 and L3 caches. */ +-- +2.33.0 + diff --git a/0004-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch b/0004-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch new file mode 100644 index 0000000..2efca3d --- /dev/null +++ b/0004-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch @@ -0,0 +1,27 @@ +From 5456ff5d80e45741a73cf9fa792d789a1ed17a09 Mon Sep 17 00:00:00 2001 +From: Joseph Myers +Date: Tue, 17 Oct 2023 13:13:27 +0000 +Subject: [PATCH 04/26] Add HWCAP2_MOPS from Linux 6.5 to AArch64 bits/hwcap.h + +Linux 6.5 adds a new AArch64 HWCAP2 value, HWCAP2_MOPS. Add it to +glibc's bits/hwcap.h. + +Tested with build-many-glibcs.py for aarch64-linux-gnu. + +(cherry picked from commit ff5d2abd18629e0efac41e31699cdff3be0e08fa) +--- + sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h b/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h +index 55c7ed39be..b251c2d417 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h ++++ b/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h +@@ -98,3 +98,4 @@ + #define HWCAP2_SME_BI32I32 (1UL << 40) + #define HWCAP2_SME_B16B16 (1UL << 41) + #define HWCAP2_SME_F16F16 (1UL << 42) ++#define HWCAP2_MOPS (1UL << 43) +-- +2.33.0 + diff --git a/0004-Linux-Make-__rseq_size-useful-for-feature-detection-.patch b/0004-Linux-Make-__rseq_size-useful-for-feature-detection-.patch new file mode 100644 index 0000000..3dd3fd1 --- /dev/null +++ b/0004-Linux-Make-__rseq_size-useful-for-feature-detection-.patch @@ -0,0 +1,171 @@ +From bb30bd21622910715b7b3020b17e6e97a8b4ec80 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 8 Jul 2024 21:14:00 +0200 +Subject: [PATCH 04/12] Linux: Make __rseq_size useful for feature detection + (bug 31965) + +The __rseq_size value is now the active area of struct rseq +(so 20 initially), not the full struct size including padding +at the end (32 initially). + +Update misc/tst-rseq to print some additional diagnostics. + +Reviewed-by: Michael Jeanson +Reviewed-by: Mathieu Desnoyers +(cherry picked from commit 2e456ccf0c34a056e3ccafac4a0c7effef14d918) +--- + NEWS | 6 ++++++ + manual/threads.texi | 8 ++++++-- + sysdeps/nptl/dl-tls_init_tp.c | 8 +------- + sysdeps/unix/sysv/linux/rseq-internal.h | 23 +++++++++++++++++++++-- + sysdeps/unix/sysv/linux/tst-rseq.c | 10 +++++++++- + 5 files changed, 43 insertions(+), 12 deletions(-) + +diff --git a/NEWS b/NEWS +index 6768c2da6f..f0a0834496 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,6 +7,11 @@ using `glibc' in the "product" field. + + Version 2.38.1 + ++Deprecated and removed features, and other changes affecting compatibility: ++ ++* __rseq_size now denotes the size of the active rseq area (20 bytes ++ initially), not the size of struct rseq (32 bytes initially). ++ + Security related changes: + + CVE-2023-4527: If the system is configured in no-aaaa mode via +@@ -46,6 +51,7 @@ The following bugs are resolved with this release: + [31183] Wide stream buffer size reduced MB_LEN_MAX bytes after bug 17522 fix + [31184] FAIL: elf/tst-tlsgap + [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic ++ [31965] rseq extension mechanism does not work as intended + + + Version 2.38 +diff --git a/manual/threads.texi b/manual/threads.texi +index e5544ff3da..25e99c9606 100644 +--- a/manual/threads.texi ++++ b/manual/threads.texi +@@ -1007,8 +1007,12 @@ This variable is either zero (if restartable sequence registration + failed or has been disabled) or the size of the restartable sequence + registration. This can be different from the size of @code{struct rseq} + if the kernel has extended the size of the registration. If +-registration is successful, @code{__rseq_size} is at least 32 (the +-initial size of @code{struct rseq}). ++registration is successful, @code{__rseq_size} is at least 20 (the ++initially active size of @code{struct rseq}). ++ ++Previous versions of @theglibc{} set this to 32 even if the kernel only ++supported the initial area of 20 bytes because the value included unused ++padding at the end of the restartable sequence area. + @end deftypevar + + @deftypevar {unsigned int} __rseq_flags +diff --git a/sysdeps/nptl/dl-tls_init_tp.c b/sysdeps/nptl/dl-tls_init_tp.c +index 45ae260ceb..8f731393c4 100644 +--- a/sysdeps/nptl/dl-tls_init_tp.c ++++ b/sysdeps/nptl/dl-tls_init_tp.c +@@ -46,10 +46,6 @@ rtld_mutex_dummy (pthread_mutex_t *lock) + + const unsigned int __rseq_flags; + +-/* The variables are in .data.relro but are not yet write-protected. */ +-extern unsigned int _rseq_size attribute_hidden; +-extern ptrdiff_t _rseq_offset attribute_hidden; +- + void + __tls_pre_init_tp (void) + { +@@ -106,9 +102,7 @@ __tls_init_tp (void) + bool do_rseq = true; + do_rseq = TUNABLE_GET (rseq, int, NULL); + if (rseq_register_current_thread (pd, do_rseq)) +- { +- _rseq_size = sizeof (pd->rseq_area); +- } ++ _rseq_size = RSEQ_AREA_SIZE_INITIAL_USED; + + #ifdef RSEQ_SIG + /* This should be a compile-time constant, but the current +diff --git a/sysdeps/unix/sysv/linux/rseq-internal.h b/sysdeps/unix/sysv/linux/rseq-internal.h +index 294880c04e..226ba59a24 100644 +--- a/sysdeps/unix/sysv/linux/rseq-internal.h ++++ b/sysdeps/unix/sysv/linux/rseq-internal.h +@@ -25,15 +25,34 @@ + #include + #include + ++/* 32 is the initially required value for the area size. The ++ actually used rseq size may be less (20 bytes initially). */ ++#define RSEQ_AREA_SIZE_INITIAL 32 ++#define RSEQ_AREA_SIZE_INITIAL_USED 20 ++ ++/* The variables are in .data.relro but are not yet write-protected. */ ++extern unsigned int _rseq_size attribute_hidden; ++extern ptrdiff_t _rseq_offset attribute_hidden; ++ + #ifdef RSEQ_SIG + static inline bool + rseq_register_current_thread (struct pthread *self, bool do_rseq) + { + if (do_rseq) + { ++ unsigned int size; ++#if IS_IN (rtld) ++ /* Use the hidden symbol in ld.so. */ ++ size = _rseq_size; ++#else ++ size = __rseq_size; ++#endif ++ if (size < RSEQ_AREA_SIZE_INITIAL) ++ /* The initial implementation used only 20 bytes out of 32, ++ but still expected size 32. */ ++ size = RSEQ_AREA_SIZE_INITIAL; + int ret = INTERNAL_SYSCALL_CALL (rseq, &self->rseq_area, +- sizeof (self->rseq_area), +- 0, RSEQ_SIG); ++ size, 0, RSEQ_SIG); + if (!INTERNAL_SYSCALL_ERROR_P (ret)) + return true; + } +diff --git a/sysdeps/unix/sysv/linux/tst-rseq.c b/sysdeps/unix/sysv/linux/tst-rseq.c +index 16983503b1..9f9aa7eb21 100644 +--- a/sysdeps/unix/sysv/linux/tst-rseq.c ++++ b/sysdeps/unix/sysv/linux/tst-rseq.c +@@ -29,6 +29,7 @@ + # include + # include + # include ++# include + # include + # include + # include "tst-rseq.h" +@@ -42,7 +43,8 @@ do_rseq_main_test (void) + TEST_COMPARE (__rseq_flags, 0); + TEST_VERIFY ((char *) __thread_pointer () + __rseq_offset + == (char *) &pd->rseq_area); +- TEST_COMPARE (__rseq_size, sizeof (pd->rseq_area)); ++ /* The current implementation only supports the initial size. */ ++ TEST_COMPARE (__rseq_size, 20); + } + + static void +@@ -52,6 +54,12 @@ do_rseq_test (void) + { + FAIL_UNSUPPORTED ("kernel does not support rseq, skipping test"); + } ++ printf ("info: __rseq_size: %u\n", __rseq_size); ++ printf ("info: __rseq_offset: %td\n", __rseq_offset); ++ printf ("info: __rseq_flags: %u\n", __rseq_flags); ++ printf ("info: getauxval (AT_RSEQ_FEATURE_SIZE): %ld\n", ++ getauxval (AT_RSEQ_FEATURE_SIZE)); ++ printf ("info: getauxval (AT_RSEQ_ALIGN): %ld\n", getauxval (AT_RSEQ_ALIGN)); + do_rseq_main_test (); + } + #else /* RSEQ_SIG */ +-- +2.33.0 + diff --git a/0004-LoongArch-Add-support-for-TLS-Descriptors.patch b/0004-LoongArch-Add-support-for-TLS-Descriptors.patch index 06ab0b2..f3b0c3c 100644 --- a/0004-LoongArch-Add-support-for-TLS-Descriptors.patch +++ b/0004-LoongArch-Add-support-for-TLS-Descriptors.patch @@ -810,7 +810,7 @@ index 2f5bf534..4e637d49 100644 + void *tlsdesc_table; /* Address of TLS descriptor hash table. */ }; diff --git a/sysdeps/loongarch/preconfigure b/sysdeps/loongarch/preconfigure -index dfc7ecfd..0d1e9ed8 100644 +index 6b015ae5..6726ab83 100644 --- a/sysdeps/loongarch/preconfigure +++ b/sysdeps/loongarch/preconfigure @@ -43,6 +43,7 @@ loongarch*) @@ -818,9 +818,9 @@ index dfc7ecfd..0d1e9ed8 100644 base_machine=loongarch + mtls_descriptor=desc + mtls_traditional=trad ;; esac - diff --git a/sysdeps/loongarch/sys/asm.h b/sysdeps/loongarch/sys/asm.h index c5eb8afa..dbee93ee 100644 --- a/sysdeps/loongarch/sys/asm.h @@ -1308,5 +1308,5 @@ index 00000000..8e421678 + +#include_next -- -2.43.0 +2.39.3 diff --git a/0004-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch b/0004-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch new file mode 100644 index 0000000..53db4f2 --- /dev/null +++ b/0004-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch @@ -0,0 +1,41 @@ +From d3ba6c1333b10680ce5900a628108507d9d4b844 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 11 Sep 2023 09:17:52 +0200 +Subject: [PATCH 4/5] elf: Move l_init_called_next to old place of l_text_end + in link map + +This preserves all member offsets and the GLIBC_PRIVATE ABI +for backporting. +--- + include/link.h | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/include/link.h b/include/link.h +index c6af095d87..686813f281 100644 +--- a/include/link.h ++++ b/include/link.h +@@ -254,6 +254,10 @@ struct link_map + need not be the same as l_addr. */ + ElfW(Addr) l_map_start, l_map_end; + ++ /* Linked list of objects in reverse ELF constructor execution ++ order. Head of list is stored in _dl_init_called_list. */ ++ struct link_map *l_init_called_next; ++ + /* Default array for 'l_scope'. */ + struct r_scope_elem *l_scope_mem[4]; + /* Size of array allocated for 'l_scope'. */ +@@ -276,10 +280,6 @@ struct link_map + /* List of object in order of the init and fini calls. */ + struct link_map **l_initfini; + +- /* Linked list of objects in reverse ELF constructor execution +- order. Head of list is stored in _dl_init_called_list. */ +- struct link_map *l_init_called_next; +- + /* List of the dependencies introduced through symbol binding. */ + struct link_map_reldeps + { +-- +2.33.0 + diff --git a/0004-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch b/0004-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch new file mode 100644 index 0000000..a60c664 --- /dev/null +++ b/0004-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch @@ -0,0 +1,30 @@ +From 0e1ef6779a90bc0f8a05bc367796df2793deecaa Mon Sep 17 00:00:00 2001 +From: Mark Wielaard +Date: Thu, 24 Aug 2023 21:36:34 +0200 +Subject: [PATCH 4/4] manual/jobs.texi: Add missing @item EPERM for getpgid + +The missing @item makes it look like errno will be set to ESRCH +if a cross-session getpgid is not permitted. + +Found by ulfvonbelow on irc. + +(cherry picked from commit 5a21cefd5abab1b99eda1fbf84204a9bf41662ab) +--- + manual/job.texi | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/manual/job.texi b/manual/job.texi +index 42cb9fb26d..8157f13a1c 100644 +--- a/manual/job.texi ++++ b/manual/job.texi +@@ -1133,6 +1133,7 @@ following @code{errno} error conditions are defined for this function: + @table @code + @item ESRCH + There is no process with the given process ID @var{pid}. ++@item EPERM + The calling process and the process specified by @var{pid} are in + different sessions, and the implementation doesn't allow to access the + process group ID of the process with ID @var{pid} from the calling +-- +2.33.0 + diff --git a/0004-nptl-Remove-unnecessary-quadruple-check-in-pthread_c.patch b/0004-nptl-Remove-unnecessary-quadruple-check-in-pthread_c.patch index 9884687..f18050d 100644 --- a/0004-nptl-Remove-unnecessary-quadruple-check-in-pthread_c.patch +++ b/0004-nptl-Remove-unnecessary-quadruple-check-in-pthread_c.patch @@ -1,7 +1,7 @@ From 44eaf0615d3feddfb0a0a0bb20adff2119dd44c4 Mon Sep 17 00:00:00 2001 From: Malte Skarupke Date: Fri, 11 Jul 2025 05:57:44 -0700 -Subject: [PATCH 04/10] nptl: Remove unnecessary quadruple check in +Subject: [PATCH] nptl: Remove unnecessary quadruple check in pthread_cond_wait [BZ #25847] @@ -114,5 +114,5 @@ index a01904c965..ab486664ff 100644 /* Try to grab a signal. See above for MO. (if we do another loop iteration we need to see the correct value of g1_start) */ -- -2.39.3 +2.27.0 diff --git a/0004-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch b/0004-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch new file mode 100644 index 0000000..5eacc8d --- /dev/null +++ b/0004-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch @@ -0,0 +1,60 @@ +From 6135d50e44233d8c89ca788f78c669941ad09fb9 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Tue, 8 Aug 2023 09:27:54 -0300 +Subject: [PATCH 04/12] x86_64: Fix build with --disable-multiarch (BZ 30721) + +With multiarch disabled, the default memmove implementation provides +the fortify routines for memcpy, mempcpy, and memmove. However, it +does not provide the internal hidden definitions used when building +with fortify enabled. The memset has a similar issue. + +Checked on x86_64-linux-gnu building with different options: +default and --disable-multi-arch plus default, --disable-default-pie, +--enable-fortify-source={2,3}, and --enable-fortify-source={2,3} +with --disable-default-pie. +Tested-by: Andreas K. Huettel +Reviewed-by: Siddhesh Poyarekar + +(cherry picked from commit 51cb52214fcd72849c640b12f5099ed3ac776181) +--- + sysdeps/x86_64/memcpy.S | 2 +- + sysdeps/x86_64/memmove.S | 3 +++ + sysdeps/x86_64/memset.S | 1 + + 3 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/x86_64/memcpy.S b/sysdeps/x86_64/memcpy.S +index d98500a78a..4922cba657 100644 +--- a/sysdeps/x86_64/memcpy.S ++++ b/sysdeps/x86_64/memcpy.S +@@ -1 +1 @@ +-/* Implemented in memcpy.S. */ ++/* Implemented in memmove.S. */ +diff --git a/sysdeps/x86_64/memmove.S b/sysdeps/x86_64/memmove.S +index f0b84e3b52..c3c08165e1 100644 +--- a/sysdeps/x86_64/memmove.S ++++ b/sysdeps/x86_64/memmove.S +@@ -46,6 +46,9 @@ weak_alias (__mempcpy, mempcpy) + + #ifndef USE_MULTIARCH + libc_hidden_builtin_def (memmove) ++libc_hidden_builtin_def (__memmove_chk) ++libc_hidden_builtin_def (__memcpy_chk) ++libc_hidden_builtin_def (__mempcpy_chk) + # if defined SHARED && IS_IN (libc) + strong_alias (memmove, __memcpy) + libc_hidden_ver (memmove, memcpy) +diff --git a/sysdeps/x86_64/memset.S b/sysdeps/x86_64/memset.S +index 7c99df36db..c6df24e8de 100644 +--- a/sysdeps/x86_64/memset.S ++++ b/sysdeps/x86_64/memset.S +@@ -32,6 +32,7 @@ + #include "isa-default-impl.h" + + libc_hidden_builtin_def (memset) ++libc_hidden_builtin_def (__memset_chk) + + #if IS_IN (libc) + libc_hidden_def (__wmemset) +-- +2.33.0 + diff --git a/0005-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch b/0005-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch new file mode 100644 index 0000000..ef0ab27 --- /dev/null +++ b/0005-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch @@ -0,0 +1,314 @@ +From d8a2b56b4fdf39488eb8a94f8b1064e262708b6f Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Tue, 17 Oct 2023 16:54:21 +0100 +Subject: [PATCH 05/26] AArch64: Add support for MOPS memcpy/memmove/memset + +Add support for MOPS in cpu_features and INIT_ARCH. Add ifuncs using MOPS for +memcpy, memmove and memset (use .inst for now so it works with all binutils +versions without needing complex configure and conditional compilation). + +Reviewed-by: Szabolcs Nagy +(cherry picked from commit 2bd00179885928fd95fcabfafc50e7b5c6e660d2) +--- + sysdeps/aarch64/multiarch/Makefile | 3 ++ + sysdeps/aarch64/multiarch/ifunc-impl-list.c | 3 ++ + sysdeps/aarch64/multiarch/init-arch.h | 4 +- + sysdeps/aarch64/multiarch/memcpy.c | 4 ++ + sysdeps/aarch64/multiarch/memcpy_mops.S | 39 +++++++++++++++++++ + sysdeps/aarch64/multiarch/memmove.c | 4 ++ + sysdeps/aarch64/multiarch/memmove_mops.S | 39 +++++++++++++++++++ + sysdeps/aarch64/multiarch/memset.c | 4 ++ + sysdeps/aarch64/multiarch/memset_mops.S | 38 ++++++++++++++++++ + .../unix/sysv/linux/aarch64/cpu-features.c | 3 ++ + .../unix/sysv/linux/aarch64/cpu-features.h | 1 + + 11 files changed, 141 insertions(+), 1 deletion(-) + create mode 100644 sysdeps/aarch64/multiarch/memcpy_mops.S + create mode 100644 sysdeps/aarch64/multiarch/memmove_mops.S + create mode 100644 sysdeps/aarch64/multiarch/memset_mops.S + +diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile +index 223777d94e..e6099548b9 100644 +--- a/sysdeps/aarch64/multiarch/Makefile ++++ b/sysdeps/aarch64/multiarch/Makefile +@@ -5,14 +5,17 @@ sysdep_routines += \ + memcpy_a64fx \ + memcpy_falkor \ + memcpy_generic \ ++ memcpy_mops \ + memcpy_sve \ + memcpy_thunderx \ + memcpy_thunderx2 \ ++ memmove_mops \ + memset_a64fx \ + memset_emag \ + memset_falkor \ + memset_generic \ + memset_kunpeng \ ++ memset_mops \ + strlen_asimd \ + strlen_mte \ + # sysdep_routines +diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +index d274f01fdb..da7f115377 100644 +--- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +@@ -41,6 +41,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL_ADD (array, i, memcpy, sve, __memcpy_a64fx) + IFUNC_IMPL_ADD (array, i, memcpy, sve, __memcpy_sve) + #endif ++ IFUNC_IMPL_ADD (array, i, memcpy, mops, __memcpy_mops) + IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_generic)) + IFUNC_IMPL (i, name, memmove, + IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_thunderx) +@@ -50,6 +51,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL_ADD (array, i, memmove, sve, __memmove_a64fx) + IFUNC_IMPL_ADD (array, i, memmove, sve, __memmove_sve) + #endif ++ IFUNC_IMPL_ADD (array, i, memmove, mops, __memmove_mops) + IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_generic)) + IFUNC_IMPL (i, name, memset, + /* Enable this on non-falkor processors too so that other cores +@@ -60,6 +62,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + #if HAVE_AARCH64_SVE_ASM + IFUNC_IMPL_ADD (array, i, memset, sve && zva_size == 256, __memset_a64fx) + #endif ++ IFUNC_IMPL_ADD (array, i, memset, mops, __memset_mops) + IFUNC_IMPL_ADD (array, i, memset, 1, __memset_generic)) + IFUNC_IMPL (i, name, memchr, + IFUNC_IMPL_ADD (array, i, memchr, !mte, __memchr_nosimd) +diff --git a/sysdeps/aarch64/multiarch/init-arch.h b/sysdeps/aarch64/multiarch/init-arch.h +index 6de081e381..e23e6ff290 100644 +--- a/sysdeps/aarch64/multiarch/init-arch.h ++++ b/sysdeps/aarch64/multiarch/init-arch.h +@@ -35,4 +35,6 @@ + bool __attribute__((unused)) mte = \ + MTE_ENABLED (); \ + bool __attribute__((unused)) sve = \ +- GLRO(dl_aarch64_cpu_features).sve; ++ GLRO(dl_aarch64_cpu_features).sve; \ ++ bool __attribute__((unused)) mops = \ ++ GLRO(dl_aarch64_cpu_features).mops; +diff --git a/sysdeps/aarch64/multiarch/memcpy.c b/sysdeps/aarch64/multiarch/memcpy.c +index 3aae915c5f..9aace954cb 100644 +--- a/sysdeps/aarch64/multiarch/memcpy.c ++++ b/sysdeps/aarch64/multiarch/memcpy.c +@@ -34,12 +34,16 @@ extern __typeof (__redirect_memcpy) __memcpy_thunderx2 attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_falkor attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_a64fx attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_sve attribute_hidden; ++extern __typeof (__redirect_memcpy) __memcpy_mops attribute_hidden; + + static inline __typeof (__redirect_memcpy) * + select_memcpy_ifunc (void) + { + INIT_ARCH (); + ++ if (mops) ++ return __memcpy_mops; ++ + if (sve && HAVE_AARCH64_SVE_ASM) + { + if (IS_A64FX (midr)) +diff --git a/sysdeps/aarch64/multiarch/memcpy_mops.S b/sysdeps/aarch64/multiarch/memcpy_mops.S +new file mode 100644 +index 0000000000..4685629664 +--- /dev/null ++++ b/sysdeps/aarch64/multiarch/memcpy_mops.S +@@ -0,0 +1,39 @@ ++/* Optimized memcpy for MOPS. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#include ++ ++/* Assumptions: ++ * ++ * AArch64, MOPS. ++ * ++ */ ++ ++ENTRY (__memcpy_mops) ++ PTR_ARG (0) ++ PTR_ARG (1) ++ SIZE_ARG (2) ++ ++ mov x3, x0 ++ .inst 0x19010443 /* cpyfp [x3]!, [x1]!, x2! */ ++ .inst 0x19410443 /* cpyfm [x3]!, [x1]!, x2! */ ++ .inst 0x19810443 /* cpyfe [x3]!, [x1]!, x2! */ ++ ret ++ ++END (__memcpy_mops) +diff --git a/sysdeps/aarch64/multiarch/memmove.c b/sysdeps/aarch64/multiarch/memmove.c +index 312f90f111..fd346e7b73 100644 +--- a/sysdeps/aarch64/multiarch/memmove.c ++++ b/sysdeps/aarch64/multiarch/memmove.c +@@ -34,12 +34,16 @@ extern __typeof (__redirect_memmove) __memmove_thunderx2 attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_falkor attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_a64fx attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_sve attribute_hidden; ++extern __typeof (__redirect_memmove) __memmove_mops attribute_hidden; + + static inline __typeof (__redirect_memmove) * + select_memmove_ifunc (void) + { + INIT_ARCH (); + ++ if (mops) ++ return __memmove_mops; ++ + if (sve && HAVE_AARCH64_SVE_ASM) + { + if (IS_A64FX (midr)) +diff --git a/sysdeps/aarch64/multiarch/memmove_mops.S b/sysdeps/aarch64/multiarch/memmove_mops.S +new file mode 100644 +index 0000000000..c5ea66be3a +--- /dev/null ++++ b/sysdeps/aarch64/multiarch/memmove_mops.S +@@ -0,0 +1,39 @@ ++/* Optimized memmove for MOPS. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#include ++ ++/* Assumptions: ++ * ++ * AArch64, MOPS. ++ * ++ */ ++ ++ENTRY (__memmove_mops) ++ PTR_ARG (0) ++ PTR_ARG (1) ++ SIZE_ARG (2) ++ ++ mov x3, x0 ++ .inst 0x1d010443 /* cpyp [x3]!, [x1]!, x2! */ ++ .inst 0x1d410443 /* cpym [x3]!, [x1]!, x2! */ ++ .inst 0x1d810443 /* cpye [x3]!, [x1]!, x2! */ ++ ret ++ ++END (__memmove_mops) +diff --git a/sysdeps/aarch64/multiarch/memset.c b/sysdeps/aarch64/multiarch/memset.c +index f9c81d3d8e..23fc66e158 100644 +--- a/sysdeps/aarch64/multiarch/memset.c ++++ b/sysdeps/aarch64/multiarch/memset.c +@@ -33,12 +33,16 @@ extern __typeof (__redirect_memset) __memset_emag attribute_hidden; + extern __typeof (__redirect_memset) __memset_kunpeng attribute_hidden; + extern __typeof (__redirect_memset) __memset_a64fx attribute_hidden; + extern __typeof (__redirect_memset) __memset_generic attribute_hidden; ++extern __typeof (__redirect_memset) __memset_mops attribute_hidden; + + static inline __typeof (__redirect_memset) * + select_memset_ifunc (void) + { + INIT_ARCH (); + ++ if (mops) ++ return __memset_mops; ++ + if (sve && HAVE_AARCH64_SVE_ASM) + { + if (IS_A64FX (midr) && zva_size == 256) +diff --git a/sysdeps/aarch64/multiarch/memset_mops.S b/sysdeps/aarch64/multiarch/memset_mops.S +new file mode 100644 +index 0000000000..ca820b8636 +--- /dev/null ++++ b/sysdeps/aarch64/multiarch/memset_mops.S +@@ -0,0 +1,38 @@ ++/* Optimized memset for MOPS. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#include ++ ++/* Assumptions: ++ * ++ * AArch64, MOPS. ++ * ++ */ ++ ++ENTRY (__memset_mops) ++ PTR_ARG (0) ++ SIZE_ARG (2) ++ ++ mov x3, x0 ++ .inst 0x19c10443 /* setp [x3]!, x2!, x1 */ ++ .inst 0x19c14443 /* setm [x3]!, x2!, x1 */ ++ .inst 0x19c18443 /* sete [x3]!, x2!, x1 */ ++ ret ++ ++END (__memset_mops) +diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c +index dc09c1c827..233d5b2407 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c ++++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c +@@ -120,4 +120,7 @@ init_cpu_features (struct cpu_features *cpu_features) + + /* Check if SVE is supported. */ + cpu_features->sve = GLRO (dl_hwcap) & HWCAP_SVE; ++ ++ /* Check if MOPS is supported. */ ++ cpu_features->mops = GLRO (dl_hwcap2) & HWCAP2_MOPS; + } +diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h +index d67d286b53..40b709677d 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h ++++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h +@@ -76,6 +76,7 @@ struct cpu_features + /* Currently, the GLIBC memory tagging tunable only defines 8 bits. */ + uint8_t mte_state; + bool sve; ++ bool mops; + }; + + #endif /* _CPU_FEATURES_AARCH64_H */ +-- +2.33.0 + diff --git a/0005-NEWS-Add-the-2.38.1-bug-list.patch b/0005-NEWS-Add-the-2.38.1-bug-list.patch new file mode 100644 index 0000000..bb59835 --- /dev/null +++ b/0005-NEWS-Add-the-2.38.1-bug-list.patch @@ -0,0 +1,37 @@ +From 89da8bc588c2296252543b049bf6d9272321f90d Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 11 Sep 2023 10:06:15 +0200 +Subject: [PATCH 5/5] NEWS: Add the 2.38.1 bug list + +--- + NEWS | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/NEWS b/NEWS +index f1a14f45dd..64596d5d09 100644 +--- a/NEWS ++++ b/NEWS +@@ -9,7 +9,10 @@ Version 2.38.1 + + The following bugs are resolved with this release: + ++ [30723] posix_memalign repeatedly scans long bin lists + [30785] Always call destructors in reverse constructor order ++ [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with ++ -D_FILE_OFFSET_BITS=64 + + + Version 2.38 +@@ -139,9 +142,6 @@ The following bugs are resolved with this release: + [30555] string: strerror can incorrectly return NULL + [30579] malloc: trim_threshold in realloc lead to high memory usage + [30662] nscd: Group and password cache use errno in place of errval +- [30723] posix_memalign repeatedly scans long bin lists +- [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with +- -D_FILE_OFFSET_BITS=64 + + Version 2.37 + +-- +2.33.0 + diff --git a/0005-i686-Fix-build-with-disable-multiarch.patch b/0005-i686-Fix-build-with-disable-multiarch.patch new file mode 100644 index 0000000..a2b7349 --- /dev/null +++ b/0005-i686-Fix-build-with-disable-multiarch.patch @@ -0,0 +1,100 @@ +From 7ac405a74c6069b0627dc2d8449a82a621f8ff06 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Tue, 8 Aug 2023 09:27:55 -0300 +Subject: [PATCH 05/12] i686: Fix build with --disable-multiarch + +Since i686 provides the fortified wrappers for memcpy, mempcpy, +memmove, and memset on the same string implementation, the static +build tries to optimized it by not tying the fortified wrappers +to string routine (to avoid pulling the fortify function if +they are not required). + +Checked on i686-linux-gnu building with different option: +default and --disable-multi-arch plus default, --disable-default-pie, +--enable-fortify-source={2,3}, and --enable-fortify-source={2,3} +with --disable-default-pie. +Reviewed-by: Siddhesh Poyarekar + +(cherry picked from commit c73c96a4a1af1326df7f96eec58209e1e04066d8) +--- + sysdeps/i386/i686/memcpy.S | 2 +- + sysdeps/i386/i686/mempcpy.S | 2 +- + sysdeps/i386/i686/multiarch/memcpy_chk.c | 2 ++ + sysdeps/i386/i686/multiarch/memmove_chk.c | 2 ++ + sysdeps/i386/i686/multiarch/mempcpy_chk.c | 2 ++ + sysdeps/i386/i686/multiarch/memset_chk.c | 2 ++ + 6 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/i386/i686/memcpy.S b/sysdeps/i386/i686/memcpy.S +index 9b48ec0ea1..b86af4aac9 100644 +--- a/sysdeps/i386/i686/memcpy.S ++++ b/sysdeps/i386/i686/memcpy.S +@@ -27,7 +27,7 @@ + #define LEN SRC+4 + + .text +-#if defined PIC && IS_IN (libc) ++#if defined SHARED && IS_IN (libc) + ENTRY_CHK (__memcpy_chk) + movl 12(%esp), %eax + cmpl %eax, 16(%esp) +diff --git a/sysdeps/i386/i686/mempcpy.S b/sysdeps/i386/i686/mempcpy.S +index 26f8501e7d..14d9dd681a 100644 +--- a/sysdeps/i386/i686/mempcpy.S ++++ b/sysdeps/i386/i686/mempcpy.S +@@ -27,7 +27,7 @@ + #define LEN SRC+4 + + .text +-#if defined PIC && IS_IN (libc) ++#if defined SHARED && IS_IN (libc) + ENTRY_CHK (__mempcpy_chk) + movl 12(%esp), %eax + cmpl %eax, 16(%esp) +diff --git a/sysdeps/i386/i686/multiarch/memcpy_chk.c b/sysdeps/i386/i686/multiarch/memcpy_chk.c +index ec945dc91f..c3a8aeaf18 100644 +--- a/sysdeps/i386/i686/multiarch/memcpy_chk.c ++++ b/sysdeps/i386/i686/multiarch/memcpy_chk.c +@@ -32,4 +32,6 @@ libc_ifunc_redirected (__redirect_memcpy_chk, __memcpy_chk, + __hidden_ver1 (__memcpy_chk, __GI___memcpy_chk, __redirect_memcpy_chk) + __attribute__ ((visibility ("hidden"))) __attribute_copy__ (__memcpy_chk); + # endif ++#else ++# include + #endif +diff --git a/sysdeps/i386/i686/multiarch/memmove_chk.c b/sysdeps/i386/i686/multiarch/memmove_chk.c +index 55c7601d5d..070dde083a 100644 +--- a/sysdeps/i386/i686/multiarch/memmove_chk.c ++++ b/sysdeps/i386/i686/multiarch/memmove_chk.c +@@ -32,4 +32,6 @@ libc_ifunc_redirected (__redirect_memmove_chk, __memmove_chk, + __hidden_ver1 (__memmove_chk, __GI___memmove_chk, __redirect_memmove_chk) + __attribute__ ((visibility ("hidden"))) __attribute_copy__ (__memmove_chk); + # endif ++#else ++# include + #endif +diff --git a/sysdeps/i386/i686/multiarch/mempcpy_chk.c b/sysdeps/i386/i686/multiarch/mempcpy_chk.c +index 83569cf9d9..14360f1828 100644 +--- a/sysdeps/i386/i686/multiarch/mempcpy_chk.c ++++ b/sysdeps/i386/i686/multiarch/mempcpy_chk.c +@@ -32,4 +32,6 @@ libc_ifunc_redirected (__redirect_mempcpy_chk, __mempcpy_chk, + __hidden_ver1 (__mempcpy_chk, __GI___mempcpy_chk, __redirect_mempcpy_chk) + __attribute__ ((visibility ("hidden"))) __attribute_copy__ (__mempcpy_chk); + # endif ++#else ++# include + #endif +diff --git a/sysdeps/i386/i686/multiarch/memset_chk.c b/sysdeps/i386/i686/multiarch/memset_chk.c +index 1a7503858d..8179ef7c0b 100644 +--- a/sysdeps/i386/i686/multiarch/memset_chk.c ++++ b/sysdeps/i386/i686/multiarch/memset_chk.c +@@ -32,4 +32,6 @@ libc_ifunc_redirected (__redirect_memset_chk, __memset_chk, + __hidden_ver1 (__memset_chk, __GI___memset_chk, __redirect_memset_chk) + __attribute__ ((visibility ("hidden"))) __attribute_copy__ (__memset_chk); + # endif ++#else ++# include + #endif +-- +2.33.0 + diff --git a/0005-nptl-Remove-g_refs-from-condition-variables.patch b/0005-nptl-Remove-g_refs-from-condition-variables.patch index 99e6b1e..fe2f28a 100644 --- a/0005-nptl-Remove-g_refs-from-condition-variables.patch +++ b/0005-nptl-Remove-g_refs-from-condition-variables.patch @@ -1,7 +1,7 @@ From 7625579f1192a1b41e41db97e5bae937034fe52e Mon Sep 17 00:00:00 2001 From: Malte Skarupke Date: Fri, 11 Jul 2025 05:57:45 -0700 -Subject: [PATCH 05/10] nptl: Remove g_refs from condition variables +Subject: [PATCH] nptl: Remove g_refs from condition variables [BZ #25847] @@ -183,5 +183,5 @@ index 7f65483542..a43efa20d2 100644 /* Cleanup buffers */ -- -2.39.3 +2.27.0 diff --git a/0005-resolv-Allow-short-error-responses-to-match-any-quer.patch b/0005-resolv-Allow-short-error-responses-to-match-any-quer.patch new file mode 100644 index 0000000..811a328 --- /dev/null +++ b/0005-resolv-Allow-short-error-responses-to-match-any-quer.patch @@ -0,0 +1,223 @@ +From dc512364e8490facb30f8c23fcc496d21adfc4e4 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 24 Jul 2024 12:06:47 +0200 +Subject: [PATCH 05/12] resolv: Allow short error responses to match any query + (bug 31890) + +Reviewed-by: DJ Delorie +(cherry picked from commit 691a3b2e9bfaba842e46a5ccb7f5e6ea144c3ade) +--- + NEWS | 1 + + resolv/Makefile | 3 + + resolv/res_send.c | 29 +++++--- + resolv/tst-resolv-short-response.c | 112 +++++++++++++++++++++++++++++ + 4 files changed, 135 insertions(+), 10 deletions(-) + create mode 100644 resolv/tst-resolv-short-response.c + +diff --git a/NEWS b/NEWS +index f0a0834496..c331604747 100644 +--- a/NEWS ++++ b/NEWS +@@ -51,6 +51,7 @@ The following bugs are resolved with this release: + [31183] Wide stream buffer size reduced MB_LEN_MAX bytes after bug 17522 fix + [31184] FAIL: elf/tst-tlsgap + [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic ++ [31890] resolv: Allow short error responses to match any DNS query + [31965] rseq extension mechanism does not work as intended + + +diff --git a/resolv/Makefile b/resolv/Makefile +index 2f99eb3862..cca0748f9a 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -106,6 +106,7 @@ tests += \ + tst-resolv-nondecimal \ + tst-resolv-res_init-multi \ + tst-resolv-search \ ++ tst-resolv-short-response \ + tst-resolv-trailing \ + + # This test calls __res_context_send directly, which is not exported +@@ -299,6 +300,8 @@ $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-search: $(objpfx)libresolv.so $(shared-thread-library) ++$(objpfx)tst-resolv-short-response: $(objpfx)libresolv.so \ ++ $(shared-thread-library) + $(objpfx)tst-resolv-trailing: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-threads: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-txnid-collision: $(objpfx)libresolv.a \ +diff --git a/resolv/res_send.c b/resolv/res_send.c +index d098eba470..bf4ce67b1d 100644 +--- a/resolv/res_send.c ++++ b/resolv/res_send.c +@@ -1197,19 +1197,30 @@ send_dg(res_state statp, + } + + /* Check for the correct header layout and a matching +- question. */ ++ question. Some recursive resolvers send REFUSED ++ without copying back the question section ++ (producing a response that is only HFIXEDSZ bytes ++ long). Skip query matching in this case. */ ++ bool thisansp_error = (anhp->rcode == SERVFAIL || ++ anhp->rcode == NOTIMP || ++ anhp->rcode == REFUSED); ++ bool skip_query_match = (*thisresplenp == HFIXEDSZ ++ && ntohs (anhp->qdcount) == 0 ++ && thisansp_error); + int matching_query = 0; /* Default to no matching query. */ + if (!recvresp1 + && anhp->id == hp->id +- && __libc_res_queriesmatch (buf, buf + buflen, +- *thisansp, +- *thisansp + *thisanssizp)) ++ && (skip_query_match ++ || __libc_res_queriesmatch (buf, buf + buflen, ++ *thisansp, ++ *thisansp + *thisanssizp))) + matching_query = 1; + if (!recvresp2 + && anhp->id == hp2->id +- && __libc_res_queriesmatch (buf2, buf2 + buflen2, +- *thisansp, +- *thisansp + *thisanssizp)) ++ && (skip_query_match ++ || __libc_res_queriesmatch (buf2, buf2 + buflen2, ++ *thisansp, ++ *thisansp + *thisanssizp))) + matching_query = 2; + if (matching_query == 0) + /* Spurious UDP packet. Drop it and continue +@@ -1219,9 +1230,7 @@ send_dg(res_state statp, + goto wait; + } + +- if (anhp->rcode == SERVFAIL || +- anhp->rcode == NOTIMP || +- anhp->rcode == REFUSED) { ++ if (thisansp_error) { + next_ns: + if (recvresp1 || (buf2 != NULL && recvresp2)) { + *resplen2 = 0; +diff --git a/resolv/tst-resolv-short-response.c b/resolv/tst-resolv-short-response.c +new file mode 100644 +index 0000000000..cf1e39876f +--- /dev/null ++++ b/resolv/tst-resolv-short-response.c +@@ -0,0 +1,112 @@ ++/* Test for spurious timeouts with short 12-byte responses (bug 31890). ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++/* The rcode in the initial response. */ ++static volatile int rcode; ++ ++static void ++response (const struct resolv_response_context *ctx, ++ struct resolv_response_builder *b, ++ const char *qname, uint16_t qclass, uint16_t qtype) ++{ ++ switch (ctx->server_index) ++ { ++ case 0: ++ /* First server times out. */ ++ struct resolv_response_flags flags = {.rcode = rcode}; ++ resolv_response_init (b, flags); ++ break; ++ case 1: ++ /* Second server sends reply. */ ++ resolv_response_init (b, (struct resolv_response_flags) {}); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ resolv_response_section (b, ns_s_an); ++ resolv_response_open_record (b, qname, qclass, qtype, 0); ++ switch (qtype) ++ { ++ case T_A: ++ { ++ char ipv4[4] = {192, 0, 2, 17}; ++ resolv_response_add_data (b, &ipv4, sizeof (ipv4)); ++ } ++ break; ++ case T_AAAA: ++ { ++ char ipv6[16] ++ = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}; ++ resolv_response_add_data (b, &ipv6, sizeof (ipv6)); ++ } ++ break; ++ default: ++ FAIL_EXIT1 ("unexpected TYPE%d query", qtype); ++ } ++ resolv_response_close_record (b); ++ break; ++ default: ++ FAIL_EXIT1 ("unexpected query to server %d", ctx->server_index); ++ } ++} ++ ++static void ++check_one (void) ++{ ++ ++ /* The buggy 1-second query timeout results in 30 seconds of delay, ++ which triggers a test timeout failure. */ ++ for (int i = 0; i < 10; ++i) ++ { ++ check_hostent ("www.example", gethostbyname ("www.example"), ++ "name: www.example\n" ++ "address: 192.0.2.17\n"); ++ check_hostent ("www.example", gethostbyname2 ("www.example", AF_INET6), ++ "name: www.example\n" ++ "address: 2001:db8::1\n"); ++ } ++} ++ ++static int ++do_test (void) ++{ ++ struct resolv_test *aux = resolv_test_start ++ ((struct resolv_redirect_config) ++ { ++ .response_callback = response, ++ }); ++ ++ _res.options |= RES_SNGLKUP; ++ ++ rcode = 2; /* SERVFAIL. */ ++ check_one (); ++ ++ rcode = 4; /* NOTIMP. */ ++ check_one (); ++ ++ rcode = 5; /* REFUSED. */ ++ check_one (); ++ ++ resolv_test_end (aux); ++ ++ return 0; ++} ++ ++#include +-- +2.33.0 + diff --git a/0006-AArch64-Cleanup-ifuncs.patch b/0006-AArch64-Cleanup-ifuncs.patch new file mode 100644 index 0000000..c1ce54b --- /dev/null +++ b/0006-AArch64-Cleanup-ifuncs.patch @@ -0,0 +1,540 @@ +From 25b66e8c4a75b51b0122089cf6b99860fb05470d Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Tue, 24 Oct 2023 13:51:07 +0100 +Subject: [PATCH 06/26] AArch64: Cleanup ifuncs + +Cleanup ifuncs. Remove uses of libc_hidden_builtin_def, use ENTRY rather than +ENTRY_ALIGN, remove unnecessary defines and conditional compilation. Rename +strlen_mte to strlen_generic. Remove rtld-memset. + +Reviewed-by: Szabolcs Nagy +(cherry picked from commit 9fd3409842b3e2d31cff5dbd6f96066c430f0aa2) +--- + sysdeps/aarch64/memset.S | 2 +- + sysdeps/aarch64/multiarch/Makefile | 2 +- + sysdeps/aarch64/multiarch/ifunc-impl-list.c | 2 +- + sysdeps/aarch64/multiarch/memchr_nosimd.S | 9 ++---- + sysdeps/aarch64/multiarch/memcpy_a64fx.S | 14 +++------- + sysdeps/aarch64/multiarch/memcpy_falkor.S | 6 ++-- + sysdeps/aarch64/multiarch/memcpy_sve.S | 2 -- + sysdeps/aarch64/multiarch/memcpy_thunderx.S | 27 ++++-------------- + sysdeps/aarch64/multiarch/memcpy_thunderx2.S | 28 +++---------------- + sysdeps/aarch64/multiarch/memset_a64fx.S | 8 ++---- + sysdeps/aarch64/multiarch/memset_base64.S | 3 +- + sysdeps/aarch64/multiarch/memset_emag.S | 8 ++---- + sysdeps/aarch64/multiarch/memset_generic.S | 8 +++++- + sysdeps/aarch64/multiarch/memset_kunpeng.S | 9 ++---- + sysdeps/aarch64/multiarch/rtld-memset.S | 25 ----------------- + sysdeps/aarch64/multiarch/strlen.c | 4 +-- + sysdeps/aarch64/multiarch/strlen_asimd.S | 1 - + .../{strlen_mte.S => strlen_generic.S} | 8 +++--- + 18 files changed, 41 insertions(+), 125 deletions(-) + delete mode 100644 sysdeps/aarch64/multiarch/rtld-memset.S + rename sysdeps/aarch64/multiarch/{strlen_mte.S => strlen_generic.S} (85%) + +diff --git a/sysdeps/aarch64/memset.S b/sysdeps/aarch64/memset.S +index 50e5da3e7a..bf3cf85c8a 100644 +--- a/sysdeps/aarch64/memset.S ++++ b/sysdeps/aarch64/memset.S +@@ -29,7 +29,7 @@ + * + */ + +-ENTRY_ALIGN (MEMSET, 6) ++ENTRY (MEMSET) + + PTR_ARG (0) + SIZE_ARG (2) +diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile +index e6099548b9..a1a4de3cd9 100644 +--- a/sysdeps/aarch64/multiarch/Makefile ++++ b/sysdeps/aarch64/multiarch/Makefile +@@ -17,6 +17,6 @@ sysdep_routines += \ + memset_kunpeng \ + memset_mops \ + strlen_asimd \ +- strlen_mte \ ++ strlen_generic \ + # sysdep_routines + endif +diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +index da7f115377..836e8317a5 100644 +--- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +@@ -70,7 +70,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + + IFUNC_IMPL (i, name, strlen, + IFUNC_IMPL_ADD (array, i, strlen, !mte, __strlen_asimd) +- IFUNC_IMPL_ADD (array, i, strlen, 1, __strlen_mte)) ++ IFUNC_IMPL_ADD (array, i, strlen, 1, __strlen_generic)) + + return 0; + } +diff --git a/sysdeps/aarch64/multiarch/memchr_nosimd.S b/sysdeps/aarch64/multiarch/memchr_nosimd.S +index 57e48375e9..7800751899 100644 +--- a/sysdeps/aarch64/multiarch/memchr_nosimd.S ++++ b/sysdeps/aarch64/multiarch/memchr_nosimd.S +@@ -26,10 +26,6 @@ + * Use base integer registers. + */ + +-#ifndef MEMCHR +-# define MEMCHR __memchr_nosimd +-#endif +- + /* Arguments and results. */ + #define srcin x0 + #define chrin x1 +@@ -62,7 +58,7 @@ + #define REP8_7f 0x7f7f7f7f7f7f7f7f + + +-ENTRY_ALIGN (MEMCHR, 6) ++ENTRY (__memchr_nosimd) + + PTR_ARG (0) + SIZE_ARG (2) +@@ -219,5 +215,4 @@ L(none_chr): + mov result, 0 + ret + +-END (MEMCHR) +-libc_hidden_builtin_def (MEMCHR) ++END (__memchr_nosimd) +diff --git a/sysdeps/aarch64/multiarch/memcpy_a64fx.S b/sysdeps/aarch64/multiarch/memcpy_a64fx.S +index f89b5b670a..baff7e96d0 100644 +--- a/sysdeps/aarch64/multiarch/memcpy_a64fx.S ++++ b/sysdeps/aarch64/multiarch/memcpy_a64fx.S +@@ -39,9 +39,6 @@ + #define vlen8 x8 + + #if HAVE_AARCH64_SVE_ASM +-# if IS_IN (libc) +-# define MEMCPY __memcpy_a64fx +-# define MEMMOVE __memmove_a64fx + + .arch armv8.2-a+sve + +@@ -97,7 +94,7 @@ + #undef BTI_C + #define BTI_C + +-ENTRY (MEMCPY) ++ENTRY (__memcpy_a64fx) + + PTR_ARG (0) + PTR_ARG (1) +@@ -234,11 +231,10 @@ L(last_bytes): + st1b z3.b, p0, [dstend, -1, mul vl] + ret + +-END (MEMCPY) +-libc_hidden_builtin_def (MEMCPY) ++END (__memcpy_a64fx) + + +-ENTRY_ALIGN (MEMMOVE, 4) ++ENTRY_ALIGN (__memmove_a64fx, 4) + + PTR_ARG (0) + PTR_ARG (1) +@@ -307,7 +303,5 @@ L(full_overlap): + mov dst, dstin + b L(last_bytes) + +-END (MEMMOVE) +-libc_hidden_builtin_def (MEMMOVE) +-# endif /* IS_IN (libc) */ ++END (__memmove_a64fx) + #endif /* HAVE_AARCH64_SVE_ASM */ +diff --git a/sysdeps/aarch64/multiarch/memcpy_falkor.S b/sysdeps/aarch64/multiarch/memcpy_falkor.S +index ec0e4ade24..67c4ab34eb 100644 +--- a/sysdeps/aarch64/multiarch/memcpy_falkor.S ++++ b/sysdeps/aarch64/multiarch/memcpy_falkor.S +@@ -71,7 +71,7 @@ + The non-temporal stores help optimize cache utilization. */ + + #if IS_IN (libc) +-ENTRY_ALIGN (__memcpy_falkor, 6) ++ENTRY (__memcpy_falkor) + + PTR_ARG (0) + PTR_ARG (1) +@@ -198,7 +198,6 @@ L(loop64): + ret + + END (__memcpy_falkor) +-libc_hidden_builtin_def (__memcpy_falkor) + + + /* RATIONALE: +@@ -216,7 +215,7 @@ libc_hidden_builtin_def (__memcpy_falkor) + + For small and medium cases memcpy is used. */ + +-ENTRY_ALIGN (__memmove_falkor, 6) ++ENTRY (__memmove_falkor) + + PTR_ARG (0) + PTR_ARG (1) +@@ -311,5 +310,4 @@ L(move_long): + 3: ret + + END (__memmove_falkor) +-libc_hidden_builtin_def (__memmove_falkor) + #endif +diff --git a/sysdeps/aarch64/multiarch/memcpy_sve.S b/sysdeps/aarch64/multiarch/memcpy_sve.S +index d11be6a443..2f14f91366 100644 +--- a/sysdeps/aarch64/multiarch/memcpy_sve.S ++++ b/sysdeps/aarch64/multiarch/memcpy_sve.S +@@ -141,7 +141,6 @@ L(copy64_from_end): + ret + + END (__memcpy_sve) +-libc_hidden_builtin_def (__memcpy_sve) + + + ENTRY (__memmove_sve) +@@ -208,5 +207,4 @@ L(return): + ret + + END (__memmove_sve) +-libc_hidden_builtin_def (__memmove_sve) + #endif +diff --git a/sysdeps/aarch64/multiarch/memcpy_thunderx.S b/sysdeps/aarch64/multiarch/memcpy_thunderx.S +index 366287587f..14269b1a47 100644 +--- a/sysdeps/aarch64/multiarch/memcpy_thunderx.S ++++ b/sysdeps/aarch64/multiarch/memcpy_thunderx.S +@@ -65,21 +65,7 @@ + Overlapping large forward memmoves use a loop that copies backwards. + */ + +-#ifndef MEMMOVE +-# define MEMMOVE memmove +-#endif +-#ifndef MEMCPY +-# define MEMCPY memcpy +-#endif +- +-#if IS_IN (libc) +- +-# undef MEMCPY +-# define MEMCPY __memcpy_thunderx +-# undef MEMMOVE +-# define MEMMOVE __memmove_thunderx +- +-ENTRY_ALIGN (MEMMOVE, 6) ++ENTRY (__memmove_thunderx) + + PTR_ARG (0) + PTR_ARG (1) +@@ -91,9 +77,9 @@ ENTRY_ALIGN (MEMMOVE, 6) + b.lo L(move_long) + + /* Common case falls through into memcpy. */ +-END (MEMMOVE) +-libc_hidden_builtin_def (MEMMOVE) +-ENTRY (MEMCPY) ++END (__memmove_thunderx) ++ ++ENTRY (__memcpy_thunderx) + + PTR_ARG (0) + PTR_ARG (1) +@@ -316,7 +302,4 @@ L(move_long): + stp C_l, C_h, [dstin] + 3: ret + +-END (MEMCPY) +-libc_hidden_builtin_def (MEMCPY) +- +-#endif ++END (__memcpy_thunderx) +diff --git a/sysdeps/aarch64/multiarch/memcpy_thunderx2.S b/sysdeps/aarch64/multiarch/memcpy_thunderx2.S +index d3d6f1debc..93993b9e03 100644 +--- a/sysdeps/aarch64/multiarch/memcpy_thunderx2.S ++++ b/sysdeps/aarch64/multiarch/memcpy_thunderx2.S +@@ -75,27 +75,12 @@ + #define I_v v16 + #define J_v v17 + +-#ifndef MEMMOVE +-# define MEMMOVE memmove +-#endif +-#ifndef MEMCPY +-# define MEMCPY memcpy +-#endif +- +-#if IS_IN (libc) +- +-#undef MEMCPY +-#define MEMCPY __memcpy_thunderx2 +-#undef MEMMOVE +-#define MEMMOVE __memmove_thunderx2 +- +- + /* Overlapping large forward memmoves use a loop that copies backwards. + Otherwise memcpy is used. Small moves branch to memcopy16 directly. + The longer memcpy cases fall through to the memcpy head. + */ + +-ENTRY_ALIGN (MEMMOVE, 6) ++ENTRY (__memmove_thunderx2) + + PTR_ARG (0) + PTR_ARG (1) +@@ -109,8 +94,7 @@ ENTRY_ALIGN (MEMMOVE, 6) + ccmp tmp1, count, 2, hi + b.lo L(move_long) + +-END (MEMMOVE) +-libc_hidden_builtin_def (MEMMOVE) ++END (__memmove_thunderx2) + + + /* Copies are split into 3 main cases: small copies of up to 16 bytes, +@@ -124,8 +108,7 @@ libc_hidden_builtin_def (MEMMOVE) + + #define MEMCPY_PREFETCH_LDR 640 + +- .p2align 4 +-ENTRY (MEMCPY) ++ENTRY (__memcpy_thunderx2) + + PTR_ARG (0) + PTR_ARG (1) +@@ -449,7 +432,7 @@ L(move_long): + 3: ret + + +-END (MEMCPY) ++END (__memcpy_thunderx2) + .section .rodata + .p2align 4 + +@@ -472,6 +455,3 @@ L(ext_table): + .word L(ext_size_13) -. + .word L(ext_size_14) -. + .word L(ext_size_15) -. +- +-libc_hidden_builtin_def (MEMCPY) +-#endif +diff --git a/sysdeps/aarch64/multiarch/memset_a64fx.S b/sysdeps/aarch64/multiarch/memset_a64fx.S +index d520355143..7176f3d284 100644 +--- a/sysdeps/aarch64/multiarch/memset_a64fx.S ++++ b/sysdeps/aarch64/multiarch/memset_a64fx.S +@@ -33,8 +33,6 @@ + #define vector_length x9 + + #if HAVE_AARCH64_SVE_ASM +-# if IS_IN (libc) +-# define MEMSET __memset_a64fx + + .arch armv8.2-a+sve + +@@ -49,7 +47,7 @@ + #undef BTI_C + #define BTI_C + +-ENTRY (MEMSET) ++ENTRY (__memset_a64fx) + PTR_ARG (0) + SIZE_ARG (2) + +@@ -166,8 +164,6 @@ L(L2): + add count, count, CACHE_LINE_SIZE + b L(last) + +-END (MEMSET) +-libc_hidden_builtin_def (MEMSET) ++END (__memset_a64fx) + +-#endif /* IS_IN (libc) */ + #endif /* HAVE_AARCH64_SVE_ASM */ +diff --git a/sysdeps/aarch64/multiarch/memset_base64.S b/sysdeps/aarch64/multiarch/memset_base64.S +index 35296a6dec..0e8f709fa5 100644 +--- a/sysdeps/aarch64/multiarch/memset_base64.S ++++ b/sysdeps/aarch64/multiarch/memset_base64.S +@@ -34,7 +34,7 @@ + * + */ + +-ENTRY_ALIGN (MEMSET, 6) ++ENTRY (MEMSET) + + PTR_ARG (0) + SIZE_ARG (2) +@@ -183,4 +183,3 @@ L(zva_64): + #endif + + END (MEMSET) +-libc_hidden_builtin_def (MEMSET) +diff --git a/sysdeps/aarch64/multiarch/memset_emag.S b/sysdeps/aarch64/multiarch/memset_emag.S +index 17d609cead..6fecad4fae 100644 +--- a/sysdeps/aarch64/multiarch/memset_emag.S ++++ b/sysdeps/aarch64/multiarch/memset_emag.S +@@ -19,8 +19,7 @@ + + #include + +-#if IS_IN (libc) +-# define MEMSET __memset_emag ++#define MEMSET __memset_emag + + /* + * Using DC ZVA to zero memory does not produce better performance if +@@ -30,7 +29,6 @@ + * workloads. + */ + +-# define DC_ZVA_THRESHOLD 0 ++#define DC_ZVA_THRESHOLD 0 + +-# include "./memset_base64.S" +-#endif ++#include "./memset_base64.S" +diff --git a/sysdeps/aarch64/multiarch/memset_generic.S b/sysdeps/aarch64/multiarch/memset_generic.S +index 9c23e482bf..6c1f0daac8 100644 +--- a/sysdeps/aarch64/multiarch/memset_generic.S ++++ b/sysdeps/aarch64/multiarch/memset_generic.S +@@ -21,9 +21,15 @@ + + #if IS_IN (libc) + # define MEMSET __memset_generic ++ ++/* Do not hide the generic version of memset, we use it internally. */ ++# undef libc_hidden_builtin_def ++# define libc_hidden_builtin_def(name) ++ + /* Add a hidden definition for use within libc.so. */ + # ifdef SHARED + .globl __GI_memset; __GI_memset = __memset_generic + # endif +-# include + #endif ++ ++#include <../memset.S> +diff --git a/sysdeps/aarch64/multiarch/memset_kunpeng.S b/sysdeps/aarch64/multiarch/memset_kunpeng.S +index 86c46434fd..4a54373398 100644 +--- a/sysdeps/aarch64/multiarch/memset_kunpeng.S ++++ b/sysdeps/aarch64/multiarch/memset_kunpeng.S +@@ -20,16 +20,13 @@ + #include + #include + +-#if IS_IN (libc) +-# define MEMSET __memset_kunpeng +- + /* Assumptions: + * + * ARMv8-a, AArch64, unaligned accesses + * + */ + +-ENTRY_ALIGN (MEMSET, 6) ++ENTRY (__memset_kunpeng) + + PTR_ARG (0) + SIZE_ARG (2) +@@ -108,6 +105,4 @@ L(set_long): + stp q0, q0, [dstend, -32] + ret + +-END (MEMSET) +-libc_hidden_builtin_def (MEMSET) +-#endif ++END (__memset_kunpeng) +diff --git a/sysdeps/aarch64/multiarch/rtld-memset.S b/sysdeps/aarch64/multiarch/rtld-memset.S +deleted file mode 100644 +index 4b035ed8b2..0000000000 +--- a/sysdeps/aarch64/multiarch/rtld-memset.S ++++ /dev/null +@@ -1,25 +0,0 @@ +-/* Memset for aarch64, for the dynamic linker. +- Copyright (C) 2017-2023 Free Software Foundation, Inc. +- +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library. If not, see +- . */ +- +-#include +- +-#if IS_IN (rtld) +-# define MEMSET memset +-# include +-#endif +diff --git a/sysdeps/aarch64/multiarch/strlen.c b/sysdeps/aarch64/multiarch/strlen.c +index bbdd3de8c4..728bd1936a 100644 +--- a/sysdeps/aarch64/multiarch/strlen.c ++++ b/sysdeps/aarch64/multiarch/strlen.c +@@ -28,10 +28,10 @@ + + extern __typeof (__redirect_strlen) __strlen; + +-extern __typeof (__redirect_strlen) __strlen_mte attribute_hidden; ++extern __typeof (__redirect_strlen) __strlen_generic attribute_hidden; + extern __typeof (__redirect_strlen) __strlen_asimd attribute_hidden; + +-libc_ifunc (__strlen, (mte ? __strlen_mte : __strlen_asimd)); ++libc_ifunc (__strlen, (mte ? __strlen_generic : __strlen_asimd)); + + # undef strlen + strong_alias (__strlen, strlen); +diff --git a/sysdeps/aarch64/multiarch/strlen_asimd.S b/sysdeps/aarch64/multiarch/strlen_asimd.S +index 490439491d..aee5ef9f78 100644 +--- a/sysdeps/aarch64/multiarch/strlen_asimd.S ++++ b/sysdeps/aarch64/multiarch/strlen_asimd.S +@@ -203,4 +203,3 @@ L(page_cross): + ret + + END (__strlen_asimd) +-libc_hidden_builtin_def (__strlen_asimd) +diff --git a/sysdeps/aarch64/multiarch/strlen_mte.S b/sysdeps/aarch64/multiarch/strlen_generic.S +similarity index 85% +rename from sysdeps/aarch64/multiarch/strlen_mte.S +rename to sysdeps/aarch64/multiarch/strlen_generic.S +index 1c1220b767..2346296a18 100644 +--- a/sysdeps/aarch64/multiarch/strlen_mte.S ++++ b/sysdeps/aarch64/multiarch/strlen_generic.S +@@ -17,14 +17,14 @@ + . */ + + /* The actual strlen code is in ../strlen.S. If we are building libc this file +- defines __strlen_mte. Otherwise the include of ../strlen.S will define +- the normal __strlen entry points. */ ++ defines __strlen_generic. Otherwise the include of ../strlen.S will define ++ the normal __strlen entry points. */ + + #include + + #if IS_IN (libc) + +-# define STRLEN __strlen_mte ++# define STRLEN __strlen_generic + + /* Do not hide the generic version of strlen, we use it internally. */ + # undef libc_hidden_builtin_def +@@ -32,7 +32,7 @@ + + # ifdef SHARED + /* It doesn't make sense to send libc-internal strlen calls through a PLT. */ +- .globl __GI_strlen; __GI_strlen = __strlen_mte ++ .globl __GI_strlen; __GI_strlen = __strlen_generic + # endif + #endif + +-- +2.33.0 + diff --git a/0006-nptl-Use-a-single-loop-in-pthread_cond_wait-instaed-.patch b/0006-nptl-Use-a-single-loop-in-pthread_cond_wait-instaed-.patch index acfac70..0c94f4b 100644 --- a/0006-nptl-Use-a-single-loop-in-pthread_cond_wait-instaed-.patch +++ b/0006-nptl-Use-a-single-loop-in-pthread_cond_wait-instaed-.patch @@ -1,7 +1,7 @@ From 6bac834c5a44e6f72e0c7087e8b57b006beef816 Mon Sep 17 00:00:00 2001 From: Malte Skarupke Date: Fri, 11 Jul 2025 05:57:46 -0700 -Subject: [PATCH 06/10] nptl: Use a single loop in pthread_cond_wait instaed of +Subject: [PATCH] nptl: Use a single loop in pthread_cond_wait instaed of a nested loop [BZ #25847] @@ -98,5 +98,5 @@ index 4773859524..b7f1d9c41d 100644 /* Confirm that we have been woken. We do that before acquiring the mutex to allow for execution of pthread_cond_destroy while having acquired the -- -2.39.3 +2.27.0 diff --git a/0006-resolv-Do-not-wait-for-non-existing-second-DNS-respo.patch b/0006-resolv-Do-not-wait-for-non-existing-second-DNS-respo.patch new file mode 100644 index 0000000..572527b --- /dev/null +++ b/0006-resolv-Do-not-wait-for-non-existing-second-DNS-respo.patch @@ -0,0 +1,232 @@ +From 6cad0f543ccac5abd35a3a617fab72a9c8c64155 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 24 Jul 2024 12:06:47 +0200 +Subject: [PATCH 06/12] resolv: Do not wait for non-existing second DNS + response after error (bug 30081) + +In single-request mode, there is no second response after an error +because the second query has not been sent yet. Waiting for it +introduces an unnecessary timeout. + +Reviewed-by: DJ Delorie +(cherry picked from commit af625987d619388a100b153520d3ee308bda9889) +--- + NEWS | 1 + + resolv/Makefile | 3 + + resolv/res_send.c | 2 +- + resolv/tst-resolv-semi-failure.c | 133 +++++++++++++++++++++++++++++ + resolv/tst-resolv-short-response.c | 12 +++ + 5 files changed, 150 insertions(+), 1 deletion(-) + create mode 100644 resolv/tst-resolv-semi-failure.c + +diff --git a/NEWS b/NEWS +index c331604747..4156a017ac 100644 +--- a/NEWS ++++ b/NEWS +@@ -37,6 +37,7 @@ Security related changes: + The following bugs are resolved with this release: + + [29039] Corrupt DTV after reuse of a TLS module ID following dlclose with unused TLS ++ [30081] resolv: Do not wait for non-existing second DNS response after error + [30694] The iconv program no longer tells the user which given encoding name was wrong + [30709] nscd fails to build with cleanup handler if built with -fexceptions + [30721] x86_64: Fix build with --disable-multiarch +diff --git a/resolv/Makefile b/resolv/Makefile +index cca0748f9a..b53a5fcfdb 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -106,6 +106,7 @@ tests += \ + tst-resolv-nondecimal \ + tst-resolv-res_init-multi \ + tst-resolv-search \ ++ tst-resolv-semi-failure \ + tst-resolv-short-response \ + tst-resolv-trailing \ + +@@ -300,6 +301,8 @@ $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-search: $(objpfx)libresolv.so $(shared-thread-library) ++$(objpfx)tst-resolv-semi-failure: $(objpfx)libresolv.so \ ++ $(shared-thread-library) + $(objpfx)tst-resolv-short-response: $(objpfx)libresolv.so \ + $(shared-thread-library) + $(objpfx)tst-resolv-trailing: $(objpfx)libresolv.so $(shared-thread-library) +diff --git a/resolv/res_send.c b/resolv/res_send.c +index bf4ce67b1d..b741b42cae 100644 +--- a/resolv/res_send.c ++++ b/resolv/res_send.c +@@ -1236,7 +1236,7 @@ send_dg(res_state statp, + *resplen2 = 0; + return resplen; + } +- if (buf2 != NULL) ++ if (buf2 != NULL && !single_request) + { + /* No data from the first reply. */ + resplen = 0; +diff --git a/resolv/tst-resolv-semi-failure.c b/resolv/tst-resolv-semi-failure.c +new file mode 100644 +index 0000000000..aa9798b5a7 +--- /dev/null ++++ b/resolv/tst-resolv-semi-failure.c +@@ -0,0 +1,133 @@ ++/* Test parallel failure/success responses (bug 30081). ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++/* The rcode in the initial response. */ ++static volatile int rcode; ++ ++/* Whether to fail the initial A query (!fail_aaaa) or the initial ++ AAAA query (fail_aaaa). */ ++static volatile bool fail_aaaa; ++ ++static void ++response (const struct resolv_response_context *ctx, ++ struct resolv_response_builder *b, ++ const char *qname, uint16_t qclass, uint16_t qtype) ++{ ++ /* Handle the failing query. */ ++ if ((fail_aaaa && qtype == T_AAAA) && ctx->server_index == 0) ++ { ++ struct resolv_response_flags flags = {.rcode = rcode}; ++ resolv_response_init (b, flags); ++ return; ++ } ++ ++ /* Otherwise produce a response. */ ++ resolv_response_init (b, (struct resolv_response_flags) {}); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ resolv_response_section (b, ns_s_an); ++ resolv_response_open_record (b, qname, qclass, qtype, 0); ++ switch (qtype) ++ { ++ case T_A: ++ { ++ char ipv4[4] = {192, 0, 2, 17}; ++ resolv_response_add_data (b, &ipv4, sizeof (ipv4)); ++ } ++ break; ++ case T_AAAA: ++ { ++ char ipv6[16] ++ = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}; ++ resolv_response_add_data (b, &ipv6, sizeof (ipv6)); ++ } ++ break; ++ default: ++ FAIL_EXIT1 ("unexpected TYPE%d query", qtype); ++ } ++ resolv_response_close_record (b); ++} ++ ++static void ++check_one (void) ++{ ++ ++ /* The buggy 1-second query timeout results in 30 seconds of delay, ++ which triggers are test timeout failure. */ ++ for (int i = 0; i < 30; ++i) ++ { ++ static const struct addrinfo hints = ++ { ++ .ai_family = AF_UNSPEC, ++ .ai_socktype = SOCK_STREAM, ++ }; ++ struct addrinfo *ai; ++ int ret = getaddrinfo ("www.example", "80", &hints, &ai); ++ const char *expected; ++ if (ret == 0 && ai->ai_next != NULL) ++ expected = ("address: STREAM/TCP 192.0.2.17 80\n" ++ "address: STREAM/TCP 2001:db8::1 80\n"); ++ else ++ /* Only one response because the AAAA lookup failure is ++ treated as an ignoreable error. */ ++ expected = "address: STREAM/TCP 192.0.2.17 80\n"; ++ check_addrinfo ("www.example", ai, ret, expected); ++ if (ret == 0) ++ freeaddrinfo (ai); ++ } ++} ++ ++static int ++do_test (void) ++{ ++ for (int do_single_lookup = 0; do_single_lookup < 2; ++do_single_lookup) ++ { ++ struct resolv_test *aux = resolv_test_start ++ ((struct resolv_redirect_config) ++ { ++ .response_callback = response, ++ }); ++ ++ if (do_single_lookup) ++ _res.options |= RES_SNGLKUP; ++ ++ for (int do_fail_aaaa = 0; do_fail_aaaa < 2; ++do_fail_aaaa) ++ { ++ fail_aaaa = do_fail_aaaa; ++ ++ rcode = 2; /* SERVFAIL. */ ++ check_one (); ++ ++ rcode = 4; /* NOTIMP. */ ++ check_one (); ++ ++ rcode = 5; /* REFUSED. */ ++ check_one (); ++ } ++ ++ resolv_test_end (aux); ++ } ++ ++ return 0; ++} ++ ++#include +diff --git a/resolv/tst-resolv-short-response.c b/resolv/tst-resolv-short-response.c +index cf1e39876f..be354ae1c7 100644 +--- a/resolv/tst-resolv-short-response.c ++++ b/resolv/tst-resolv-short-response.c +@@ -81,6 +81,18 @@ check_one (void) + check_hostent ("www.example", gethostbyname2 ("www.example", AF_INET6), + "name: www.example\n" + "address: 2001:db8::1\n"); ++ static const struct addrinfo hints = ++ { ++ .ai_family = AF_UNSPEC, ++ .ai_socktype = SOCK_STREAM, ++ }; ++ struct addrinfo *ai; ++ int ret = getaddrinfo ("www.example", "80", &hints, &ai); ++ check_addrinfo ("www.example", ai, ret, ++ "address: STREAM/TCP 192.0.2.17 80\n" ++ "address: STREAM/TCP 2001:db8::1 80\n"); ++ if (ret == 0) ++ freeaddrinfo (ai); + } + } + +-- +2.33.0 + diff --git a/0007-AArch64-Cleanup-emag-memset.patch b/0007-AArch64-Cleanup-emag-memset.patch new file mode 100644 index 0000000..c579cfa --- /dev/null +++ b/0007-AArch64-Cleanup-emag-memset.patch @@ -0,0 +1,348 @@ +From 1521237c3211bb0b1a8f7a9c5793d382789b2b68 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Thu, 26 Oct 2023 16:34:47 +0100 +Subject: [PATCH 07/26] AArch64: Cleanup emag memset + +Cleanup emag memset - merge the memset_base64.S file, remove +the unused ZVA code (since it is disabled on emag). + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 9627ab99b50d250c6dd3001a3355aa03692f7fe5) +--- + sysdeps/aarch64/multiarch/ifunc-impl-list.c | 2 +- + sysdeps/aarch64/multiarch/memset.c | 2 +- + sysdeps/aarch64/multiarch/memset_base64.S | 185 -------------------- + sysdeps/aarch64/multiarch/memset_emag.S | 98 +++++++++-- + 4 files changed, 90 insertions(+), 197 deletions(-) + delete mode 100644 sysdeps/aarch64/multiarch/memset_base64.S + +diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +index 836e8317a5..3596d3c8d3 100644 +--- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +@@ -57,7 +57,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + /* Enable this on non-falkor processors too so that other cores + can do a comparative analysis with __memset_generic. */ + IFUNC_IMPL_ADD (array, i, memset, (zva_size == 64), __memset_falkor) +- IFUNC_IMPL_ADD (array, i, memset, (zva_size == 64), __memset_emag) ++ IFUNC_IMPL_ADD (array, i, memset, 1, __memset_emag) + IFUNC_IMPL_ADD (array, i, memset, 1, __memset_kunpeng) + #if HAVE_AARCH64_SVE_ASM + IFUNC_IMPL_ADD (array, i, memset, sve && zva_size == 256, __memset_a64fx) +diff --git a/sysdeps/aarch64/multiarch/memset.c b/sysdeps/aarch64/multiarch/memset.c +index 23fc66e158..9193b197dd 100644 +--- a/sysdeps/aarch64/multiarch/memset.c ++++ b/sysdeps/aarch64/multiarch/memset.c +@@ -56,7 +56,7 @@ select_memset_ifunc (void) + if ((IS_FALKOR (midr) || IS_PHECDA (midr)) && zva_size == 64) + return __memset_falkor; + +- if (IS_EMAG (midr) && zva_size == 64) ++ if (IS_EMAG (midr)) + return __memset_emag; + + return __memset_generic; +diff --git a/sysdeps/aarch64/multiarch/memset_base64.S b/sysdeps/aarch64/multiarch/memset_base64.S +deleted file mode 100644 +index 0e8f709fa5..0000000000 +--- a/sysdeps/aarch64/multiarch/memset_base64.S ++++ /dev/null +@@ -1,185 +0,0 @@ +-/* Copyright (C) 2018-2023 Free Software Foundation, Inc. +- +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library. If not, see +- . */ +- +-#include +-#include "memset-reg.h" +- +-#ifndef MEMSET +-# define MEMSET __memset_base64 +-#endif +- +-/* To disable DC ZVA, set this threshold to 0. */ +-#ifndef DC_ZVA_THRESHOLD +-# define DC_ZVA_THRESHOLD 512 +-#endif +- +-/* Assumptions: +- * +- * ARMv8-a, AArch64, unaligned accesses +- * +- */ +- +-ENTRY (MEMSET) +- +- PTR_ARG (0) +- SIZE_ARG (2) +- +- bfi valw, valw, 8, 8 +- bfi valw, valw, 16, 16 +- bfi val, val, 32, 32 +- +- add dstend, dstin, count +- +- cmp count, 96 +- b.hi L(set_long) +- cmp count, 16 +- b.hs L(set_medium) +- +- /* Set 0..15 bytes. */ +- tbz count, 3, 1f +- str val, [dstin] +- str val, [dstend, -8] +- ret +- +- .p2align 3 +-1: tbz count, 2, 2f +- str valw, [dstin] +- str valw, [dstend, -4] +- ret +-2: cbz count, 3f +- strb valw, [dstin] +- tbz count, 1, 3f +- strh valw, [dstend, -2] +-3: ret +- +- .p2align 3 +- /* Set 16..96 bytes. */ +-L(set_medium): +- stp val, val, [dstin] +- tbnz count, 6, L(set96) +- stp val, val, [dstend, -16] +- tbz count, 5, 1f +- stp val, val, [dstin, 16] +- stp val, val, [dstend, -32] +-1: ret +- +- .p2align 4 +- /* Set 64..96 bytes. Write 64 bytes from the start and +- 32 bytes from the end. */ +-L(set96): +- stp val, val, [dstin, 16] +- stp val, val, [dstin, 32] +- stp val, val, [dstin, 48] +- stp val, val, [dstend, -32] +- stp val, val, [dstend, -16] +- ret +- +- .p2align 4 +-L(set_long): +- stp val, val, [dstin] +- bic dst, dstin, 15 +-#if DC_ZVA_THRESHOLD +- cmp count, DC_ZVA_THRESHOLD +- ccmp val, 0, 0, cs +- b.eq L(zva_64) +-#endif +- /* Small-size or non-zero memset does not use DC ZVA. */ +- sub count, dstend, dst +- +- /* +- * Adjust count and bias for loop. By subtracting extra 1 from count, +- * it is easy to use tbz instruction to check whether loop tailing +- * count is less than 33 bytes, so as to bypass 2 unnecessary stps. +- */ +- sub count, count, 64+16+1 +- +-#if DC_ZVA_THRESHOLD +- /* Align loop on 16-byte boundary, this might be friendly to i-cache. */ +- nop +-#endif +- +-1: stp val, val, [dst, 16] +- stp val, val, [dst, 32] +- stp val, val, [dst, 48] +- stp val, val, [dst, 64]! +- subs count, count, 64 +- b.hs 1b +- +- tbz count, 5, 1f /* Remaining count is less than 33 bytes? */ +- stp val, val, [dst, 16] +- stp val, val, [dst, 32] +-1: stp val, val, [dstend, -32] +- stp val, val, [dstend, -16] +- ret +- +-#if DC_ZVA_THRESHOLD +- .p2align 3 +-L(zva_64): +- stp val, val, [dst, 16] +- stp val, val, [dst, 32] +- stp val, val, [dst, 48] +- bic dst, dst, 63 +- +- /* +- * Previous memory writes might cross cache line boundary, and cause +- * cache line partially dirty. Zeroing this kind of cache line using +- * DC ZVA will incur extra cost, for it requires loading untouched +- * part of the line from memory before zeoring. +- * +- * So, write the first 64 byte aligned block using stp to force +- * fully dirty cache line. +- */ +- stp val, val, [dst, 64] +- stp val, val, [dst, 80] +- stp val, val, [dst, 96] +- stp val, val, [dst, 112] +- +- sub count, dstend, dst +- /* +- * Adjust count and bias for loop. By subtracting extra 1 from count, +- * it is easy to use tbz instruction to check whether loop tailing +- * count is less than 33 bytes, so as to bypass 2 unnecessary stps. +- */ +- sub count, count, 128+64+64+1 +- add dst, dst, 128 +- nop +- +- /* DC ZVA sets 64 bytes each time. */ +-1: dc zva, dst +- add dst, dst, 64 +- subs count, count, 64 +- b.hs 1b +- +- /* +- * Write the last 64 byte aligned block using stp to force fully +- * dirty cache line. +- */ +- stp val, val, [dst, 0] +- stp val, val, [dst, 16] +- stp val, val, [dst, 32] +- stp val, val, [dst, 48] +- +- tbz count, 5, 1f /* Remaining count is less than 33 bytes? */ +- stp val, val, [dst, 64] +- stp val, val, [dst, 80] +-1: stp val, val, [dstend, -32] +- stp val, val, [dstend, -16] +- ret +-#endif +- +-END (MEMSET) +diff --git a/sysdeps/aarch64/multiarch/memset_emag.S b/sysdeps/aarch64/multiarch/memset_emag.S +index 6fecad4fae..bbfa815925 100644 +--- a/sysdeps/aarch64/multiarch/memset_emag.S ++++ b/sysdeps/aarch64/multiarch/memset_emag.S +@@ -18,17 +18,95 @@ + . */ + + #include ++#include "memset-reg.h" + +-#define MEMSET __memset_emag +- +-/* +- * Using DC ZVA to zero memory does not produce better performance if +- * memory size is not very large, especially when there are multiple +- * processes/threads contending memory/cache. Here we set threshold to +- * zero to disable using DC ZVA, which is good for multi-process/thread +- * workloads. ++/* Assumptions: ++ * ++ * ARMv8-a, AArch64, unaligned accesses ++ * + */ + +-#define DC_ZVA_THRESHOLD 0 ++ENTRY (__memset_emag) ++ ++ PTR_ARG (0) ++ SIZE_ARG (2) ++ ++ bfi valw, valw, 8, 8 ++ bfi valw, valw, 16, 16 ++ bfi val, val, 32, 32 ++ ++ add dstend, dstin, count ++ ++ cmp count, 96 ++ b.hi L(set_long) ++ cmp count, 16 ++ b.hs L(set_medium) ++ ++ /* Set 0..15 bytes. */ ++ tbz count, 3, 1f ++ str val, [dstin] ++ str val, [dstend, -8] ++ ret ++ ++ .p2align 3 ++1: tbz count, 2, 2f ++ str valw, [dstin] ++ str valw, [dstend, -4] ++ ret ++2: cbz count, 3f ++ strb valw, [dstin] ++ tbz count, 1, 3f ++ strh valw, [dstend, -2] ++3: ret ++ ++ .p2align 3 ++ /* Set 16..96 bytes. */ ++L(set_medium): ++ stp val, val, [dstin] ++ tbnz count, 6, L(set96) ++ stp val, val, [dstend, -16] ++ tbz count, 5, 1f ++ stp val, val, [dstin, 16] ++ stp val, val, [dstend, -32] ++1: ret ++ ++ .p2align 4 ++ /* Set 64..96 bytes. Write 64 bytes from the start and ++ 32 bytes from the end. */ ++L(set96): ++ stp val, val, [dstin, 16] ++ stp val, val, [dstin, 32] ++ stp val, val, [dstin, 48] ++ stp val, val, [dstend, -32] ++ stp val, val, [dstend, -16] ++ ret ++ ++ .p2align 4 ++L(set_long): ++ stp val, val, [dstin] ++ bic dst, dstin, 15 ++ /* Small-size or non-zero memset does not use DC ZVA. */ ++ sub count, dstend, dst ++ ++ /* ++ * Adjust count and bias for loop. By subtracting extra 1 from count, ++ * it is easy to use tbz instruction to check whether loop tailing ++ * count is less than 33 bytes, so as to bypass 2 unnecessary stps. ++ */ ++ sub count, count, 64+16+1 ++ ++1: stp val, val, [dst, 16] ++ stp val, val, [dst, 32] ++ stp val, val, [dst, 48] ++ stp val, val, [dst, 64]! ++ subs count, count, 64 ++ b.hs 1b ++ ++ tbz count, 5, 1f /* Remaining count is less than 33 bytes? */ ++ stp val, val, [dst, 16] ++ stp val, val, [dst, 32] ++1: stp val, val, [dstend, -32] ++ stp val, val, [dstend, -16] ++ ret + +-#include "./memset_base64.S" ++END (__memset_emag) +-- +2.33.0 + diff --git a/0007-nptl-Fix-indentation.patch b/0007-nptl-Fix-indentation.patch index 8609fd0..504687e 100644 --- a/0007-nptl-Fix-indentation.patch +++ b/0007-nptl-Fix-indentation.patch @@ -1,7 +1,7 @@ From 576565369755eb428ab34272ca18aba786bb7163 Mon Sep 17 00:00:00 2001 From: Malte Skarupke Date: Fri, 11 Jul 2025 05:57:47 -0700 -Subject: [PATCH 07/10] nptl: Fix indentation +Subject: [PATCH] nptl: Fix indentation [BZ #25847] @@ -144,5 +144,5 @@ index b7f1d9c41d..d70012d647 100644 to allow for execution of pthread_cond_destroy while having acquired the mutex. */ -- -2.39.3 +2.27.0 diff --git a/0007-resolv-Track-single-request-fallback-via-_res._flags.patch b/0007-resolv-Track-single-request-fallback-via-_res._flags.patch new file mode 100644 index 0000000..e8963df --- /dev/null +++ b/0007-resolv-Track-single-request-fallback-via-_res._flags.patch @@ -0,0 +1,81 @@ +From 1bed6acf50f6fdedf5a501cbd6a8225e5c13b886 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 13 Jun 2024 18:56:30 +0200 +Subject: [PATCH 07/12] resolv: Track single-request fallback via _res._flags + (bug 31476) + +This avoids changing _res.options, which inteferes with change +detection as part of automatic reloading of /etc/resolv.conf. + +Reviewed-by: DJ Delorie +(cherry picked from commit 868ab8923a2ec977faafec97ecafac0c3159c1b2) +--- + NEWS | 1 + + resolv/res_send.c | 12 +++++++----- + resolv/resolv-internal.h | 2 ++ + 3 files changed, 10 insertions(+), 5 deletions(-) + +diff --git a/NEWS b/NEWS +index 4156a017ac..3b252c96b4 100644 +--- a/NEWS ++++ b/NEWS +@@ -52,6 +52,7 @@ The following bugs are resolved with this release: + [31183] Wide stream buffer size reduced MB_LEN_MAX bytes after bug 17522 fix + [31184] FAIL: elf/tst-tlsgap + [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic ++ [31476] resolv: Track single-request fallback via _res._flags + [31890] resolv: Allow short error responses to match any DNS query + [31965] rseq extension mechanism does not work as intended + +diff --git a/resolv/res_send.c b/resolv/res_send.c +index b741b42cae..1b130b4df4 100644 +--- a/resolv/res_send.c ++++ b/resolv/res_send.c +@@ -947,9 +947,11 @@ send_dg(res_state statp, + seconds /= statp->nscount; + if (seconds <= 0) + seconds = 1; +- bool single_request_reopen = (statp->options & RES_SNGLKUPREOP) != 0; +- bool single_request = (((statp->options & RES_SNGLKUP) != 0) +- | single_request_reopen); ++ bool single_request_reopen = ((statp->options & RES_SNGLKUPREOP) ++ || (statp->_flags & RES_F_SNGLKUPREOP)); ++ bool single_request = ((statp->options & RES_SNGLKUP) ++ || (statp->_flags & RES_F_SNGLKUP) ++ || single_request_reopen); + int save_gotsomewhere = *gotsomewhere; + + int retval; +@@ -1006,14 +1008,14 @@ send_dg(res_state statp, + have received the first answer. */ + if (!single_request) + { +- statp->options |= RES_SNGLKUP; ++ statp->_flags |= RES_F_SNGLKUP; + single_request = true; + *gotsomewhere = save_gotsomewhere; + goto retry; + } + else if (!single_request_reopen) + { +- statp->options |= RES_SNGLKUPREOP; ++ statp->_flags |= RES_F_SNGLKUPREOP; + single_request_reopen = true; + *gotsomewhere = save_gotsomewhere; + __res_iclose (statp, false); +diff --git a/resolv/resolv-internal.h b/resolv/resolv-internal.h +index 2b98ac4920..3fa81d784f 100644 +--- a/resolv/resolv-internal.h ++++ b/resolv/resolv-internal.h +@@ -26,6 +26,8 @@ + #define RES_F_VC 0x00000001 /* Socket is TCP. */ + #define RES_F_CONN 0x00000002 /* Socket is connected. */ + #define RES_F_EDNS0ERR 0x00000004 /* EDNS0 caused errors. */ ++#define RES_F_SNGLKUP 0x00200000 /* Private version of RES_SNGLKUP. */ ++#define RES_F_SNGLKUPREOP 0x00400000 /* Private version of RES_SNGLKUPREOP. */ + + /* The structure HEADER is normally aligned on a word boundary. In + some code, we need to access this structure when it may be aligned +-- +2.33.0 + diff --git a/0008-AArch64-Add-memset_zva64.patch b/0008-AArch64-Add-memset_zva64.patch new file mode 100644 index 0000000..5225816 --- /dev/null +++ b/0008-AArch64-Add-memset_zva64.patch @@ -0,0 +1,228 @@ +From 156e44845f4137d6d3ea6c2824dd459652a7efda Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Thu, 26 Oct 2023 17:07:21 +0100 +Subject: [PATCH 08/26] AArch64: Add memset_zva64 + +Add a specialized memset for the common ZVA size of 64 to avoid the +overhead of reading the ZVA size. Since the code is identical to +__memset_falkor, remove the latter. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 3d7090f14b13312320e425b27dcf0fe72de026fd) +--- + sysdeps/aarch64/memset.S | 10 ++-- + sysdeps/aarch64/multiarch/Makefile | 2 +- + sysdeps/aarch64/multiarch/ifunc-impl-list.c | 4 +- + sysdeps/aarch64/multiarch/memset.c | 9 ++-- + sysdeps/aarch64/multiarch/memset_falkor.S | 54 --------------------- + sysdeps/aarch64/multiarch/memset_zva64.S | 27 +++++++++++ + 6 files changed, 38 insertions(+), 68 deletions(-) + delete mode 100644 sysdeps/aarch64/multiarch/memset_falkor.S + create mode 100644 sysdeps/aarch64/multiarch/memset_zva64.S + +diff --git a/sysdeps/aarch64/memset.S b/sysdeps/aarch64/memset.S +index bf3cf85c8a..bbfb7184c3 100644 +--- a/sysdeps/aarch64/memset.S ++++ b/sysdeps/aarch64/memset.S +@@ -101,19 +101,19 @@ L(tail64): + ret + + L(try_zva): +-#ifdef ZVA_MACRO +- zva_macro +-#else ++#ifndef ZVA64_ONLY + .p2align 3 + mrs tmp1, dczid_el0 + tbnz tmp1w, 4, L(no_zva) + and tmp1w, tmp1w, 15 + cmp tmp1w, 4 /* ZVA size is 64 bytes. */ + b.ne L(zva_128) +- ++ nop ++#endif + /* Write the first and last 64 byte aligned block using stp rather + than using DC ZVA. This is faster on some cores. + */ ++ .p2align 4 + L(zva_64): + str q0, [dst, 16] + stp q0, q0, [dst, 32] +@@ -123,7 +123,6 @@ L(zva_64): + sub count, dstend, dst /* Count is now 128 too large. */ + sub count, count, 128+64+64 /* Adjust count and bias for loop. */ + add dst, dst, 128 +- nop + 1: dc zva, dst + add dst, dst, 64 + subs count, count, 64 +@@ -134,6 +133,7 @@ L(zva_64): + stp q0, q0, [dstend, -32] + ret + ++#ifndef ZVA64_ONLY + .p2align 3 + L(zva_128): + cmp tmp1w, 5 /* ZVA size is 128 bytes. */ +diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile +index a1a4de3cd9..171ca5e4cf 100644 +--- a/sysdeps/aarch64/multiarch/Makefile ++++ b/sysdeps/aarch64/multiarch/Makefile +@@ -12,10 +12,10 @@ sysdep_routines += \ + memmove_mops \ + memset_a64fx \ + memset_emag \ +- memset_falkor \ + memset_generic \ + memset_kunpeng \ + memset_mops \ ++ memset_zva64 \ + strlen_asimd \ + strlen_generic \ + # sysdep_routines +diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +index 3596d3c8d3..fdd9ea9246 100644 +--- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +@@ -54,9 +54,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL_ADD (array, i, memmove, mops, __memmove_mops) + IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_generic)) + IFUNC_IMPL (i, name, memset, +- /* Enable this on non-falkor processors too so that other cores +- can do a comparative analysis with __memset_generic. */ +- IFUNC_IMPL_ADD (array, i, memset, (zva_size == 64), __memset_falkor) ++ IFUNC_IMPL_ADD (array, i, memset, (zva_size == 64), __memset_zva64) + IFUNC_IMPL_ADD (array, i, memset, 1, __memset_emag) + IFUNC_IMPL_ADD (array, i, memset, 1, __memset_kunpeng) + #if HAVE_AARCH64_SVE_ASM +diff --git a/sysdeps/aarch64/multiarch/memset.c b/sysdeps/aarch64/multiarch/memset.c +index 9193b197dd..6deb6865e5 100644 +--- a/sysdeps/aarch64/multiarch/memset.c ++++ b/sysdeps/aarch64/multiarch/memset.c +@@ -28,7 +28,7 @@ + + extern __typeof (__redirect_memset) __libc_memset; + +-extern __typeof (__redirect_memset) __memset_falkor attribute_hidden; ++extern __typeof (__redirect_memset) __memset_zva64 attribute_hidden; + extern __typeof (__redirect_memset) __memset_emag attribute_hidden; + extern __typeof (__redirect_memset) __memset_kunpeng attribute_hidden; + extern __typeof (__redirect_memset) __memset_a64fx attribute_hidden; +@@ -47,18 +47,17 @@ select_memset_ifunc (void) + { + if (IS_A64FX (midr) && zva_size == 256) + return __memset_a64fx; +- return __memset_generic; + } + + if (IS_KUNPENG920 (midr)) + return __memset_kunpeng; + +- if ((IS_FALKOR (midr) || IS_PHECDA (midr)) && zva_size == 64) +- return __memset_falkor; +- + if (IS_EMAG (midr)) + return __memset_emag; + ++ if (zva_size == 64) ++ return __memset_zva64; ++ + return __memset_generic; + } + +diff --git a/sysdeps/aarch64/multiarch/memset_falkor.S b/sysdeps/aarch64/multiarch/memset_falkor.S +deleted file mode 100644 +index c6946a8072..0000000000 +--- a/sysdeps/aarch64/multiarch/memset_falkor.S ++++ /dev/null +@@ -1,54 +0,0 @@ +-/* Memset for falkor. +- Copyright (C) 2017-2023 Free Software Foundation, Inc. +- +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library. If not, see +- . */ +- +-#include +-#include +- +-/* Reading dczid_el0 is expensive on falkor so move it into the ifunc +- resolver and assume ZVA size of 64 bytes. The IFUNC resolver takes care to +- use this function only when ZVA is enabled. */ +- +-#if IS_IN (libc) +-.macro zva_macro +- .p2align 4 +- /* Write the first and last 64 byte aligned block using stp rather +- than using DC ZVA. This is faster on some cores. */ +- str q0, [dst, 16] +- stp q0, q0, [dst, 32] +- bic dst, dst, 63 +- stp q0, q0, [dst, 64] +- stp q0, q0, [dst, 96] +- sub count, dstend, dst /* Count is now 128 too large. */ +- sub count, count, 128+64+64 /* Adjust count and bias for loop. */ +- add dst, dst, 128 +-1: dc zva, dst +- add dst, dst, 64 +- subs count, count, 64 +- b.hi 1b +- stp q0, q0, [dst, 0] +- stp q0, q0, [dst, 32] +- stp q0, q0, [dstend, -64] +- stp q0, q0, [dstend, -32] +- ret +-.endm +- +-# define ZVA_MACRO zva_macro +-# define MEMSET __memset_falkor +-# include +-#endif +diff --git a/sysdeps/aarch64/multiarch/memset_zva64.S b/sysdeps/aarch64/multiarch/memset_zva64.S +new file mode 100644 +index 0000000000..13f45fd3d8 +--- /dev/null ++++ b/sysdeps/aarch64/multiarch/memset_zva64.S +@@ -0,0 +1,27 @@ ++/* Optimized memset for zva size = 64. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#include ++ ++#define ZVA64_ONLY 1 ++#define MEMSET __memset_zva64 ++#undef libc_hidden_builtin_def ++#define libc_hidden_builtin_def(X) ++ ++#include "../memset.S" +-- +2.33.0 + diff --git a/0008-linux-Update-the-mremap-C-implementation-BZ-31968.patch b/0008-linux-Update-the-mremap-C-implementation-BZ-31968.patch new file mode 100644 index 0000000..a63fefc --- /dev/null +++ b/0008-linux-Update-the-mremap-C-implementation-BZ-31968.patch @@ -0,0 +1,68 @@ +From 0301637b9931766ee389aedf3899cde756b37283 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Wed, 24 Jul 2024 14:05:13 -0700 +Subject: [PATCH 08/12] linux: Update the mremap C implementation [BZ #31968] + +Update the mremap C implementation to support the optional argument for +MREMAP_DONTUNMAP added in Linux 5.7 since it may not always be correct +to implement a variadic function as a non-variadic function on all Linux +targets. Return MAP_FAILED and set errno to EINVAL for unknown flag bits. +This fixes BZ #31968. + +Note: A test must be added when a new flag bit is introduced. + +Signed-off-by: H.J. Lu +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 6c40cb0e9f893d49dc7caee580a055de53562206) +--- + NEWS | 1 + + sysdeps/unix/sysv/linux/mremap.c | 14 +++++++++++++- + 2 files changed, 14 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index 3b252c96b4..5172049eb2 100644 +--- a/NEWS ++++ b/NEWS +@@ -55,6 +55,7 @@ The following bugs are resolved with this release: + [31476] resolv: Track single-request fallback via _res._flags + [31890] resolv: Allow short error responses to match any DNS query + [31965] rseq extension mechanism does not work as intended ++ [31968] mremap implementation in C does not handle arguments correctly + + + Version 2.38 +diff --git a/sysdeps/unix/sysv/linux/mremap.c b/sysdeps/unix/sysv/linux/mremap.c +index 0ad5da86a2..05ed8febfa 100644 +--- a/sysdeps/unix/sysv/linux/mremap.c ++++ b/sysdeps/unix/sysv/linux/mremap.c +@@ -20,6 +20,12 @@ + #include + #include + #include ++#include ++ ++#define MREMAP_KNOWN_BITS \ ++ (MREMAP_MAYMOVE \ ++ | MREMAP_FIXED \ ++ | MREMAP_DONTUNMAP) + + void * + __mremap (void *addr, size_t old_len, size_t new_len, int flags, ...) +@@ -27,7 +33,13 @@ __mremap (void *addr, size_t old_len, size_t new_len, int flags, ...) + va_list va; + void *new_addr = NULL; + +- if (flags & MREMAP_FIXED) ++ if (flags & ~(MREMAP_KNOWN_BITS)) ++ { ++ __set_errno (EINVAL); ++ return MAP_FAILED; ++ } ++ ++ if (flags & (MREMAP_FIXED | MREMAP_DONTUNMAP)) + { + va_start (va, flags); + new_addr = va_arg (va, void *); +-- +2.33.0 + diff --git a/0008-nptl-rename-__condvar_quiesce_and_switch_g1.patch b/0008-nptl-rename-__condvar_quiesce_and_switch_g1.patch index 68345fd..7cf0f28 100644 --- a/0008-nptl-rename-__condvar_quiesce_and_switch_g1.patch +++ b/0008-nptl-rename-__condvar_quiesce_and_switch_g1.patch @@ -1,7 +1,7 @@ From 8899e89b29797fca151bc31ac26e2d1cbdffaa21 Mon Sep 17 00:00:00 2001 From: Malte Skarupke Date: Fri, 11 Jul 2025 05:57:48 -0700 -Subject: [PATCH 08/10] nptl: rename __condvar_quiesce_and_switch_g1 +Subject: [PATCH] nptl: rename __condvar_quiesce_and_switch_g1 [BZ #25847] @@ -156,5 +156,5 @@ index d70012d647..6f5277b9df 100644 uint64_t g1_start = __condvar_load_g1_start_relaxed (cond); unsigned int lowseq = (g1_start & 1) == g ? signals : g1_start & ~1U; -- -2.39.3 +2.27.0 diff --git a/0008-sysdeps-tst-bz21269-fix-test-parameter.patch b/0008-sysdeps-tst-bz21269-fix-test-parameter.patch new file mode 100644 index 0000000..b7c1eee --- /dev/null +++ b/0008-sysdeps-tst-bz21269-fix-test-parameter.patch @@ -0,0 +1,31 @@ +From c8ecda6251dd4a0dfe074e0a6011211cadeef742 Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Fri, 4 Aug 2023 23:58:27 +0100 +Subject: [PATCH 08/12] sysdeps: tst-bz21269: fix test parameter + +All callers pass 1 or 0x11 anyway (same meaning according to man page), +but still. + +Reviewed-by: DJ Delorie +Signed-off-by: Sam James +(cherry picked from commit e0b712dd9183d527aae4506cd39564c14af3bb28) +--- + sysdeps/unix/sysv/linux/i386/tst-bz21269.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c +index 51d4a1b082..f508ef8f16 100644 +--- a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c ++++ b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c +@@ -52,7 +52,7 @@ xset_thread_area (struct user_desc *u_info) + static void + xmodify_ldt (int func, const void *ptr, unsigned long bytecount) + { +- TEST_VERIFY_EXIT (syscall (SYS_modify_ldt, 1, ptr, bytecount) == 0); ++ TEST_VERIFY_EXIT (syscall (SYS_modify_ldt, func, ptr, bytecount) == 0); + } + + static int +-- +2.33.0 + diff --git a/0009-AArch64-Remove-Falkor-memcpy.patch b/0009-AArch64-Remove-Falkor-memcpy.patch new file mode 100644 index 0000000..4efda02 --- /dev/null +++ b/0009-AArch64-Remove-Falkor-memcpy.patch @@ -0,0 +1,468 @@ +From a08ff922946dca0303a270bbfa2557f74caa47aa Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Thu, 26 Oct 2023 17:30:36 +0100 +Subject: [PATCH 09/26] AArch64: Remove Falkor memcpy + +The latest implementations of memcpy are actually faster than the Falkor +implementations [1], so remove the falkor/phecda ifuncs for memcpy and +the now unused IS_FALKOR/IS_PHECDA defines. + +[1] https://sourceware.org/pipermail/libc-alpha/2022-December/144227.html + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 2f5524cc5381eb75fef55f7901bb907bd5628333) +--- + manual/tunables.texi | 2 +- + sysdeps/aarch64/multiarch/Makefile | 1 - + sysdeps/aarch64/multiarch/ifunc-impl-list.c | 2 - + sysdeps/aarch64/multiarch/memcpy.c | 4 - + sysdeps/aarch64/multiarch/memcpy_falkor.S | 313 ------------------ + sysdeps/aarch64/multiarch/memmove.c | 4 - + .../unix/sysv/linux/aarch64/cpu-features.c | 2 - + .../unix/sysv/linux/aarch64/cpu-features.h | 5 - + 8 files changed, 1 insertion(+), 332 deletions(-) + delete mode 100644 sysdeps/aarch64/multiarch/memcpy_falkor.S + +diff --git a/manual/tunables.texi b/manual/tunables.texi +index 4ca0e42a11..bb17fef5bd 100644 +--- a/manual/tunables.texi ++++ b/manual/tunables.texi +@@ -529,7 +529,7 @@ This tunable is specific to powerpc, powerpc64 and powerpc64le. + @deftp Tunable glibc.cpu.name + The @code{glibc.cpu.name=xxx} tunable allows the user to tell @theglibc{} to + assume that the CPU is @code{xxx} where xxx may have one of these values: +-@code{generic}, @code{falkor}, @code{thunderxt88}, @code{thunderx2t99}, ++@code{generic}, @code{thunderxt88}, @code{thunderx2t99}, + @code{thunderx2t99p1}, @code{ares}, @code{emag}, @code{kunpeng}, + @code{a64fx}. + +diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile +index 171ca5e4cf..e4720b7468 100644 +--- a/sysdeps/aarch64/multiarch/Makefile ++++ b/sysdeps/aarch64/multiarch/Makefile +@@ -3,7 +3,6 @@ sysdep_routines += \ + memchr_generic \ + memchr_nosimd \ + memcpy_a64fx \ +- memcpy_falkor \ + memcpy_generic \ + memcpy_mops \ + memcpy_sve \ +diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +index fdd9ea9246..73038ac810 100644 +--- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +@@ -36,7 +36,6 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, memcpy, + IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_thunderx) + IFUNC_IMPL_ADD (array, i, memcpy, !bti, __memcpy_thunderx2) +- IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_falkor) + #if HAVE_AARCH64_SVE_ASM + IFUNC_IMPL_ADD (array, i, memcpy, sve, __memcpy_a64fx) + IFUNC_IMPL_ADD (array, i, memcpy, sve, __memcpy_sve) +@@ -46,7 +45,6 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, memmove, + IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_thunderx) + IFUNC_IMPL_ADD (array, i, memmove, !bti, __memmove_thunderx2) +- IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_falkor) + #if HAVE_AARCH64_SVE_ASM + IFUNC_IMPL_ADD (array, i, memmove, sve, __memmove_a64fx) + IFUNC_IMPL_ADD (array, i, memmove, sve, __memmove_sve) +diff --git a/sysdeps/aarch64/multiarch/memcpy.c b/sysdeps/aarch64/multiarch/memcpy.c +index 9aace954cb..6471fe82e3 100644 +--- a/sysdeps/aarch64/multiarch/memcpy.c ++++ b/sysdeps/aarch64/multiarch/memcpy.c +@@ -31,7 +31,6 @@ extern __typeof (__redirect_memcpy) __libc_memcpy; + extern __typeof (__redirect_memcpy) __memcpy_generic attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_thunderx attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_thunderx2 attribute_hidden; +-extern __typeof (__redirect_memcpy) __memcpy_falkor attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_a64fx attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_sve attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_mops attribute_hidden; +@@ -57,9 +56,6 @@ select_memcpy_ifunc (void) + if (IS_THUNDERX2 (midr) || IS_THUNDERX2PA (midr)) + return __memcpy_thunderx2; + +- if (IS_FALKOR (midr) || IS_PHECDA (midr)) +- return __memcpy_falkor; +- + return __memcpy_generic; + } + +diff --git a/sysdeps/aarch64/multiarch/memcpy_falkor.S b/sysdeps/aarch64/multiarch/memcpy_falkor.S +deleted file mode 100644 +index 67c4ab34eb..0000000000 +--- a/sysdeps/aarch64/multiarch/memcpy_falkor.S ++++ /dev/null +@@ -1,313 +0,0 @@ +-/* Optimized memcpy for Qualcomm Falkor processor. +- Copyright (C) 2017-2023 Free Software Foundation, Inc. +- +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library. If not, see +- . */ +- +-#include +- +-/* Assumptions: +- +- ARMv8-a, AArch64, falkor, unaligned accesses. */ +- +-#define dstin x0 +-#define src x1 +-#define count x2 +-#define dst x3 +-#define srcend x4 +-#define dstend x5 +-#define tmp1 x14 +-#define A_x x6 +-#define B_x x7 +-#define A_w w6 +-#define B_w w7 +- +-#define A_q q0 +-#define B_q q1 +-#define C_q q2 +-#define D_q q3 +-#define E_q q4 +-#define F_q q5 +-#define G_q q6 +-#define H_q q7 +-#define Q_q q6 +-#define S_q q22 +- +-/* Copies are split into 3 main cases: +- +- 1. Small copies of up to 32 bytes +- 2. Medium copies of 33..128 bytes which are fully unrolled +- 3. Large copies of more than 128 bytes. +- +- Large copies align the source to a quad word and use an unrolled loop +- processing 64 bytes per iteration. +- +- FALKOR-SPECIFIC DESIGN: +- +- The smallest copies (32 bytes or less) focus on optimal pipeline usage, +- which is why the redundant copies of 0-3 bytes have been replaced with +- conditionals, since the former would unnecessarily break across multiple +- issue groups. The medium copy group has been enlarged to 128 bytes since +- bumping up the small copies up to 32 bytes allows us to do that without +- cost and also allows us to reduce the size of the prep code before loop64. +- +- The copy loop uses only one register q0. This is to ensure that all loads +- hit a single hardware prefetcher which can get correctly trained to prefetch +- a single stream. +- +- The non-temporal stores help optimize cache utilization. */ +- +-#if IS_IN (libc) +-ENTRY (__memcpy_falkor) +- +- PTR_ARG (0) +- PTR_ARG (1) +- SIZE_ARG (2) +- +- cmp count, 32 +- add srcend, src, count +- add dstend, dstin, count +- b.ls L(copy32) +- cmp count, 128 +- b.hi L(copy_long) +- +- /* Medium copies: 33..128 bytes. */ +-L(copy128): +- sub tmp1, count, 1 +- ldr A_q, [src] +- ldr B_q, [src, 16] +- ldr C_q, [srcend, -32] +- ldr D_q, [srcend, -16] +- tbz tmp1, 6, 1f +- ldr E_q, [src, 32] +- ldr F_q, [src, 48] +- ldr G_q, [srcend, -64] +- ldr H_q, [srcend, -48] +- str G_q, [dstend, -64] +- str H_q, [dstend, -48] +- str E_q, [dstin, 32] +- str F_q, [dstin, 48] +-1: +- str A_q, [dstin] +- str B_q, [dstin, 16] +- str C_q, [dstend, -32] +- str D_q, [dstend, -16] +- ret +- +- .p2align 4 +- /* Small copies: 0..32 bytes. */ +-L(copy32): +- /* 16-32 */ +- cmp count, 16 +- b.lo 1f +- ldr A_q, [src] +- ldr B_q, [srcend, -16] +- str A_q, [dstin] +- str B_q, [dstend, -16] +- ret +- .p2align 4 +-1: +- /* 8-15 */ +- tbz count, 3, 1f +- ldr A_x, [src] +- ldr B_x, [srcend, -8] +- str A_x, [dstin] +- str B_x, [dstend, -8] +- ret +- .p2align 4 +-1: +- /* 4-7 */ +- tbz count, 2, 1f +- ldr A_w, [src] +- ldr B_w, [srcend, -4] +- str A_w, [dstin] +- str B_w, [dstend, -4] +- ret +- .p2align 4 +-1: +- /* 2-3 */ +- tbz count, 1, 1f +- ldrh A_w, [src] +- ldrh B_w, [srcend, -2] +- strh A_w, [dstin] +- strh B_w, [dstend, -2] +- ret +- .p2align 4 +-1: +- /* 0-1 */ +- tbz count, 0, 1f +- ldrb A_w, [src] +- strb A_w, [dstin] +-1: +- ret +- +- /* Align SRC to 16 bytes and copy; that way at least one of the +- accesses is aligned throughout the copy sequence. +- +- The count is off by 0 to 15 bytes, but this is OK because we trim +- off the last 64 bytes to copy off from the end. Due to this the +- loop never runs out of bounds. */ +- +- .p2align 4 +- nop /* Align loop64 below. */ +-L(copy_long): +- ldr A_q, [src] +- sub count, count, 64 + 16 +- and tmp1, src, 15 +- str A_q, [dstin] +- bic src, src, 15 +- sub dst, dstin, tmp1 +- add count, count, tmp1 +- +-L(loop64): +- ldr A_q, [src, 16]! +- str A_q, [dst, 16] +- ldr A_q, [src, 16]! +- subs count, count, 64 +- str A_q, [dst, 32] +- ldr A_q, [src, 16]! +- str A_q, [dst, 48] +- ldr A_q, [src, 16]! +- str A_q, [dst, 64]! +- b.hi L(loop64) +- +- /* Write the last full set of 64 bytes. The remainder is at most 64 +- bytes, so it is safe to always copy 64 bytes from the end even if +- there is just 1 byte left. */ +- ldr E_q, [srcend, -64] +- str E_q, [dstend, -64] +- ldr D_q, [srcend, -48] +- str D_q, [dstend, -48] +- ldr C_q, [srcend, -32] +- str C_q, [dstend, -32] +- ldr B_q, [srcend, -16] +- str B_q, [dstend, -16] +- ret +- +-END (__memcpy_falkor) +- +- +-/* RATIONALE: +- +- The move has 4 distinct parts: +- * Small moves of 32 bytes and under. +- * Medium sized moves of 33-128 bytes (fully unrolled). +- * Large moves where the source address is higher than the destination +- (forward copies) +- * Large moves where the destination address is higher than the source +- (copy backward, or move). +- +- We use only two registers q6 and q22 for the moves and move 32 bytes at a +- time to correctly train the hardware prefetcher for better throughput. +- +- For small and medium cases memcpy is used. */ +- +-ENTRY (__memmove_falkor) +- +- PTR_ARG (0) +- PTR_ARG (1) +- SIZE_ARG (2) +- +- cmp count, 32 +- add srcend, src, count +- add dstend, dstin, count +- b.ls L(copy32) +- cmp count, 128 +- b.ls L(copy128) +- sub tmp1, dstin, src +- ccmp tmp1, count, 2, hi +- b.lo L(move_long) +- +- /* CASE: Copy Forwards +- +- Align src to 16 byte alignment so that we don't cross cache line +- boundaries on both loads and stores. There are at least 128 bytes +- to copy, so copy 16 bytes unaligned and then align. The loop +- copies 32 bytes per iteration and prefetches one iteration ahead. */ +- +- ldr S_q, [src] +- and tmp1, src, 15 +- bic src, src, 15 +- sub dst, dstin, tmp1 +- add count, count, tmp1 /* Count is now 16 too large. */ +- ldr Q_q, [src, 16]! +- str S_q, [dstin] +- ldr S_q, [src, 16]! +- sub count, count, 32 + 32 + 16 /* Test and readjust count. */ +- +- .p2align 4 +-1: +- subs count, count, 32 +- str Q_q, [dst, 16] +- ldr Q_q, [src, 16]! +- str S_q, [dst, 32]! +- ldr S_q, [src, 16]! +- b.hi 1b +- +- /* Copy 32 bytes from the end before writing the data prefetched in the +- last loop iteration. */ +-2: +- ldr B_q, [srcend, -32] +- ldr C_q, [srcend, -16] +- str Q_q, [dst, 16] +- str S_q, [dst, 32] +- str B_q, [dstend, -32] +- str C_q, [dstend, -16] +- ret +- +- /* CASE: Copy Backwards +- +- Align srcend to 16 byte alignment so that we don't cross cache line +- boundaries on both loads and stores. There are at least 128 bytes +- to copy, so copy 16 bytes unaligned and then align. The loop +- copies 32 bytes per iteration and prefetches one iteration ahead. */ +- +- .p2align 4 +- nop +- nop +-L(move_long): +- cbz tmp1, 3f /* Return early if src == dstin */ +- ldr S_q, [srcend, -16] +- and tmp1, srcend, 15 +- sub srcend, srcend, tmp1 +- ldr Q_q, [srcend, -16]! +- str S_q, [dstend, -16] +- sub count, count, tmp1 +- ldr S_q, [srcend, -16]! +- sub dstend, dstend, tmp1 +- sub count, count, 32 + 32 +- +-1: +- subs count, count, 32 +- str Q_q, [dstend, -16] +- ldr Q_q, [srcend, -16]! +- str S_q, [dstend, -32]! +- ldr S_q, [srcend, -16]! +- b.hi 1b +- +- /* Copy 32 bytes from the start before writing the data prefetched in the +- last loop iteration. */ +- +- ldr B_q, [src, 16] +- ldr C_q, [src] +- str Q_q, [dstend, -16] +- str S_q, [dstend, -32] +- str B_q, [dstin, 16] +- str C_q, [dstin] +-3: ret +- +-END (__memmove_falkor) +-#endif +diff --git a/sysdeps/aarch64/multiarch/memmove.c b/sysdeps/aarch64/multiarch/memmove.c +index fd346e7b73..7602a5d57d 100644 +--- a/sysdeps/aarch64/multiarch/memmove.c ++++ b/sysdeps/aarch64/multiarch/memmove.c +@@ -31,7 +31,6 @@ extern __typeof (__redirect_memmove) __libc_memmove; + extern __typeof (__redirect_memmove) __memmove_generic attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_thunderx attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_thunderx2 attribute_hidden; +-extern __typeof (__redirect_memmove) __memmove_falkor attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_a64fx attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_sve attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_mops attribute_hidden; +@@ -57,9 +56,6 @@ select_memmove_ifunc (void) + if (IS_THUNDERX2 (midr) || IS_THUNDERX2PA (midr)) + return __memmove_thunderx2; + +- if (IS_FALKOR (midr) || IS_PHECDA (midr)) +- return __memmove_falkor; +- + return __memmove_generic; + } + +diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c +index 233d5b2407..a11a86efab 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c ++++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c +@@ -37,11 +37,9 @@ struct cpu_list + }; + + static struct cpu_list cpu_list[] = { +- {"falkor", 0x510FC000}, + {"thunderxt88", 0x430F0A10}, + {"thunderx2t99", 0x431F0AF0}, + {"thunderx2t99p1", 0x420F5160}, +- {"phecda", 0x680F0000}, + {"ares", 0x411FD0C0}, + {"emag", 0x503F0001}, + {"kunpeng920", 0x481FD010}, +diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h +index 40b709677d..2cf745cd19 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h ++++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h +@@ -47,11 +47,6 @@ + #define IS_THUNDERX2(midr) (MIDR_IMPLEMENTOR(midr) == 'C' \ + && MIDR_PARTNUM(midr) == 0xaf) + +-#define IS_FALKOR(midr) (MIDR_IMPLEMENTOR(midr) == 'Q' \ +- && MIDR_PARTNUM(midr) == 0xc00) +- +-#define IS_PHECDA(midr) (MIDR_IMPLEMENTOR(midr) == 'h' \ +- && MIDR_PARTNUM(midr) == 0x000) + #define IS_NEOVERSE_N1(midr) (MIDR_IMPLEMENTOR(midr) == 'A' \ + && MIDR_PARTNUM(midr) == 0xd0c) + #define IS_NEOVERSE_N2(midr) (MIDR_IMPLEMENTOR(midr) == 'A' \ +-- +2.33.0 + diff --git a/0009-mremap-Update-manual-entry.patch b/0009-mremap-Update-manual-entry.patch new file mode 100644 index 0000000..8d47fda --- /dev/null +++ b/0009-mremap-Update-manual-entry.patch @@ -0,0 +1,88 @@ +From f0e211453546a134ac27e1e54579332534acb349 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Wed, 24 Jul 2024 14:05:14 -0700 +Subject: [PATCH 09/12] mremap: Update manual entry + +Update mremap manual entry: + +1. Change mremap to variadic. +2. Document MREMAP_FIXED and MREMAP_DONTUNMAP. + +Signed-off-by: H.J. Lu +Reviewed-by: Adhemerval Zanella +(cherry picked from commit cb2dee4eccf46642eef588bee64f9c875c408f1c) +--- + manual/llio.texi | 42 +++++++++++++++++++++++++++++++++++------- + 1 file changed, 35 insertions(+), 7 deletions(-) + +diff --git a/manual/llio.texi b/manual/llio.texi +index fae49d1433..a65230d612 100644 +--- a/manual/llio.texi ++++ b/manual/llio.texi +@@ -1781,7 +1781,7 @@ There is no existing mapping in at least part of the given region. + + @end deftypefun + +-@deftypefun {void *} mremap (void *@var{address}, size_t @var{length}, size_t @var{new_length}, int @var{flag}) ++@deftypefun {void *} mremap (void *@var{address}, size_t @var{length}, size_t @var{new_length}, int @var{flag}, ... /* void *@var{new_address} */) + @standards{GNU, sys/mman.h} + @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} + +@@ -1790,12 +1790,40 @@ area. @var{address} and @var{length} must cover a region entirely mapped + in the same @code{mmap} statement. A new mapping with the same + characteristics will be returned with the length @var{new_length}. + +-One option is possible, @code{MREMAP_MAYMOVE}. If it is given in +-@var{flags}, the system may remove the existing mapping and create a new +-one of the desired length in another location. ++Possible flags are + +-The address of the resulting mapping is returned, or @math{-1}. Possible +-error codes include: ++@table @code ++ ++@item MREMAP_MAYMOVE ++If it is given in @var{flags}, the system may remove the existing mapping ++and create a new one of the desired length in another location. ++ ++@item MREMAP_FIXED ++If it is given in @var{flags}, @code{mremap} accepts a fifth argument, ++@code{void *new_address}, which specifies a page-aligned address to ++which the mapping must be moved. Any previous mapping at the address ++range specified by @var{new_address} and @var{new_size} is unmapped. ++ ++@code{MREMAP_FIXED} must be used together with @code{MREMAP_MAYMOVE}. ++ ++@item MREMAP_DONTUNMAP ++If it is given in @var{flags}, @code{mremap} accepts a fifth argument, ++@code{void *new_address}, which specifies a page-aligned address. Any ++previous mapping at the address range specified by @var{new_address} and ++@var{new_size} is unmapped. If @var{new_address} is @code{NULL}, the ++kernel chooses the page-aligned address at which to create the mapping. ++Otherwise, the kernel takes it as a hint about where to place the mapping. ++The mapping at the address range specified by @var{old_address} and ++@var{old_size} isn't unmapped. ++ ++@code{MREMAP_DONTUNMAP} must be used together with @code{MREMAP_MAYMOVE}. ++@var{old_size} must be the same as @var{new_size}. This flag bit is ++Linux-specific. ++ ++@end table ++ ++The address of the resulting mapping is returned, or @code{MAP_FAILED}. ++Possible error codes include: + + @table @code + +@@ -1804,7 +1832,7 @@ There is no existing mapping in at least part of the original region, or + the region covers two or more distinct mappings. + + @item EINVAL +-The address given is misaligned or inappropriate. ++Any arguments are inappropriate, including unknown @var{flags} values. + + @item EAGAIN + The region has pages locked, and if extended it would exceed the +-- +2.33.0 + diff --git a/0009-nptl-Use-all-of-g1_start-and-g_signals.patch b/0009-nptl-Use-all-of-g1_start-and-g_signals.patch index 6bc448a..c0a1b27 100644 --- a/0009-nptl-Use-all-of-g1_start-and-g_signals.patch +++ b/0009-nptl-Use-all-of-g1_start-and-g_signals.patch @@ -1,7 +1,7 @@ From 39a80f40359e2b7b778c2c42cabf3d16765a101b Mon Sep 17 00:00:00 2001 From: Malte Skarupke Date: Fri, 11 Jul 2025 05:57:49 -0700 -Subject: [PATCH 09/10] nptl: Use all of g1_start and g_signals +Subject: [PATCH] nptl: Use all of g1_start and g_signals [BZ #25847] @@ -188,5 +188,5 @@ index 6f5277b9df..d919b3622a 100644 else continue; -- -2.39.3 +2.27.0 diff --git a/0009-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch b/0009-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch new file mode 100644 index 0000000..986eb98 --- /dev/null +++ b/0009-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch @@ -0,0 +1,42 @@ +From ad9b8399537670a990572c4b0c4da5411e3b68cf Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Sat, 5 Aug 2023 00:04:33 +0100 +Subject: [PATCH 09/12] sysdeps: tst-bz21269: handle ENOSYS & skip + appropriately + +SYS_modify_ldt requires CONFIG_MODIFY_LDT_SYSCALL to be set in the kernel, which +some distributions may disable for hardening. Check if that's the case (unset) +and mark the test as UNSUPPORTED if so. + +Reviewed-by: DJ Delorie +Signed-off-by: Sam James +(cherry picked from commit 652b9fdb77d9fd056d4dd26dad2c14142768ab49) +--- + sysdeps/unix/sysv/linux/i386/tst-bz21269.c | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c +index f508ef8f16..28f5359bea 100644 +--- a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c ++++ b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c +@@ -52,7 +52,16 @@ xset_thread_area (struct user_desc *u_info) + static void + xmodify_ldt (int func, const void *ptr, unsigned long bytecount) + { +- TEST_VERIFY_EXIT (syscall (SYS_modify_ldt, func, ptr, bytecount) == 0); ++ long ret = syscall (SYS_modify_ldt, func, ptr, bytecount); ++ ++ if (ret == -1) ++ { ++ if (errno == ENOSYS) ++ FAIL_UNSUPPORTED ("modify_ldt not supported"); ++ FAIL_EXIT1 ("modify_ldt failed (errno=%d)", errno); ++ } ++ ++ return 0; + } + + static int +-- +2.33.0 + diff --git a/0010-Add-mremap-tests.patch b/0010-Add-mremap-tests.patch new file mode 100644 index 0000000..e63fb93 --- /dev/null +++ b/0010-Add-mremap-tests.patch @@ -0,0 +1,302 @@ +From 6bb75212e6198cd14ab9d1d538a61fa9cdec31d1 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Wed, 24 Jul 2024 14:05:15 -0700 +Subject: [PATCH 10/12] Add mremap tests + +Add tests for MREMAP_MAYMOVE and MREMAP_FIXED. On Linux, also test +MREMAP_DONTUNMAP. + +Signed-off-by: H.J. Lu +Reviewed-by: Adhemerval Zanella +(cherry picked from commit ff0320bec2810192d453c579623482fab87bfa01) +--- + misc/Makefile | 2 + + misc/tst-mremap1.c | 46 +++++++++++++++ + misc/tst-mremap2.c | 54 ++++++++++++++++++ + sysdeps/generic/mremap-failure.h | 25 ++++++++ + sysdeps/unix/sysv/linux/Makefile | 1 + + sysdeps/unix/sysv/linux/mremap-failure.h | 30 ++++++++++ + sysdeps/unix/sysv/linux/tst-linux-mremap1.c | 63 +++++++++++++++++++++ + 7 files changed, 221 insertions(+) + create mode 100644 misc/tst-mremap1.c + create mode 100644 misc/tst-mremap2.c + create mode 100644 sysdeps/generic/mremap-failure.h + create mode 100644 sysdeps/unix/sysv/linux/mremap-failure.h + create mode 100644 sysdeps/unix/sysv/linux/tst-linux-mremap1.c + +diff --git a/misc/Makefile b/misc/Makefile +index 90b31952c5..87778a538a 100644 +--- a/misc/Makefile ++++ b/misc/Makefile +@@ -251,6 +251,8 @@ tests := \ + tst-mntent-blank-passno \ + tst-mntent-escape \ + tst-mntent2 \ ++ tst-mremap1 \ ++ tst-mremap2 \ + tst-preadvwritev \ + tst-preadvwritev2 \ + tst-preadvwritev64 \ +diff --git a/misc/tst-mremap1.c b/misc/tst-mremap1.c +new file mode 100644 +index 0000000000..0469991a6c +--- /dev/null ++++ b/misc/tst-mremap1.c +@@ -0,0 +1,46 @@ ++/* Test mremap with MREMAP_MAYMOVE. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static int ++do_test (void) ++{ ++ size_t old_size = getpagesize (); ++ char *old_addr = xmmap (NULL, old_size, PROT_READ | PROT_WRITE, ++ MAP_PRIVATE | MAP_ANONYMOUS, -1); ++ old_addr[0] = 1; ++ old_addr[old_size - 1] = 2; ++ ++ /* Test MREMAP_MAYMOVE. */ ++ size_t new_size = old_size + old_size; ++ char *new_addr = mremap (old_addr, old_size, new_size, MREMAP_MAYMOVE); ++ TEST_VERIFY_EXIT (new_addr != MAP_FAILED); ++ new_addr[0] = 1; ++ new_addr[new_size - 1] = 2; ++ xmunmap (new_addr, new_size); ++ ++ return 0; ++} ++ ++#include +diff --git a/misc/tst-mremap2.c b/misc/tst-mremap2.c +new file mode 100644 +index 0000000000..45be7f0369 +--- /dev/null ++++ b/misc/tst-mremap2.c +@@ -0,0 +1,54 @@ ++/* Test mremap with MREMAP_FIXED. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static int ++do_test (void) ++{ ++ size_t old_size = getpagesize (); ++ size_t new_size = old_size + old_size; ++ char *old_addr = xmmap (NULL, old_size, PROT_READ | PROT_WRITE, ++ MAP_PRIVATE | MAP_ANONYMOUS, -1); ++ old_addr[0] = 1; ++ old_addr[old_size - 1] = 2; ++ ++ char *fixed_addr = xmmap (NULL, new_size, PROT_READ | PROT_WRITE, ++ MAP_PRIVATE | MAP_ANONYMOUS, -1); ++ fixed_addr[0] = 1; ++ fixed_addr[new_size - 1] = 2; ++ ++ /* Test MREMAP_FIXED. */ ++ char *new_addr = mremap (old_addr, old_size, new_size, ++ MREMAP_FIXED | MREMAP_MAYMOVE, ++ fixed_addr); ++ if (new_addr == MAP_FAILED) ++ return mremap_failure_exit (errno); ++ new_addr[0] = 1; ++ new_addr[new_size - 1] = 2; ++ xmunmap (new_addr, new_size); ++ ++ return 0; ++} ++ ++#include +diff --git a/sysdeps/generic/mremap-failure.h b/sysdeps/generic/mremap-failure.h +new file mode 100644 +index 0000000000..bc0d476368 +--- /dev/null ++++ b/sysdeps/generic/mremap-failure.h +@@ -0,0 +1,25 @@ ++/* mremap failure handling. Generic version. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++/* Return exit value on mremap failure with errno ERR. */ ++ ++static int ++mremap_failure_exit (int err) ++{ ++ return EXIT_FAILURE; ++} +diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile +index 623a7d4de0..9b503c8379 100644 +--- a/sysdeps/unix/sysv/linux/Makefile ++++ b/sysdeps/unix/sysv/linux/Makefile +@@ -202,6 +202,7 @@ tests += \ + tst-getauxval \ + tst-gettid \ + tst-gettid-kill \ ++ tst-linux-mremap1 \ + tst-memfd_create \ + tst-misalign-clone \ + tst-mlock2 \ +diff --git a/sysdeps/unix/sysv/linux/mremap-failure.h b/sysdeps/unix/sysv/linux/mremap-failure.h +new file mode 100644 +index 0000000000..c99ab30ca9 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/mremap-failure.h +@@ -0,0 +1,30 @@ ++/* mremap failure handling. Linux version. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++/* Return exit value on mremap failure with errno ERR. */ ++ ++static int ++mremap_failure_exit (int err) ++{ ++ if (err != EINVAL) ++ return EXIT_FAILURE; ++ ++ return EXIT_UNSUPPORTED; ++} +diff --git a/sysdeps/unix/sysv/linux/tst-linux-mremap1.c b/sysdeps/unix/sysv/linux/tst-linux-mremap1.c +new file mode 100644 +index 0000000000..408e8af2ab +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/tst-linux-mremap1.c +@@ -0,0 +1,63 @@ ++/* Test mremap with MREMAP_DONTUNMAP. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static int ++do_test (void) ++{ ++ size_t old_size = getpagesize (); ++ size_t new_size = old_size; ++ char *old_addr = xmmap (NULL, old_size, PROT_READ | PROT_WRITE, ++ MAP_PRIVATE | MAP_ANONYMOUS, -1); ++ old_addr[0] = 1; ++ old_addr[old_size - 1] = 2; ++ ++ /* Create an available 64-page mmap region. */ ++ size_t fixed_size = old_size * 64; ++ char *fixed_addr = xmmap (NULL, fixed_size, PROT_READ | PROT_WRITE, ++ MAP_PRIVATE | MAP_ANONYMOUS, -1); ++ xmunmap (fixed_addr, fixed_size); ++ ++ /* Add 3 * pagesize. */ ++ fixed_size += 3 * old_size; ++ ++ /* Test MREMAP_DONTUNMAP. It should return FIXED_ADDR created above. */ ++ char *new_addr = mremap (old_addr, old_size, new_size, ++ MREMAP_DONTUNMAP | MREMAP_MAYMOVE, ++ fixed_addr); ++ if (new_addr == MAP_FAILED) ++ return mremap_failure_exit (errno); ++ TEST_VERIFY_EXIT (fixed_addr == new_addr); ++ old_addr[0] = 3; ++ old_addr[old_size - 1] = 4; ++ new_addr[0] = 1; ++ new_addr[new_size - 1] = 2; ++ xmunmap (new_addr, new_size); ++ xmunmap (old_addr, old_size); ++ ++ return 0; ++} ++ ++#include +-- +2.33.0 + diff --git a/0010-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch b/0010-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch new file mode 100644 index 0000000..b260311 --- /dev/null +++ b/0010-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch @@ -0,0 +1,31 @@ +From 168ae58e6e705a53a71850ee63ba5514fd5d7b70 Mon Sep 17 00:00:00 2001 +From: Andreas Schwab +Date: Thu, 23 Nov 2023 18:23:46 +0100 +Subject: [PATCH 10/26] aarch64: correct CFI in rawmemchr (bug 31113) + +The .cfi_return_column directive changes the return column for the whole +FDE range. But the actual intent is to tell the unwinder that the value +in x30 (lr) now resides in x15 after the move, and that is expressed by +the .cfi_register directive. + +(cherry picked from commit 3f798427884fa57770e8e2291cf58d5918254bb5) +--- + sysdeps/aarch64/rawmemchr.S | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysdeps/aarch64/rawmemchr.S b/sysdeps/aarch64/rawmemchr.S +index efc4b7007b..1fff094215 100644 +--- a/sysdeps/aarch64/rawmemchr.S ++++ b/sysdeps/aarch64/rawmemchr.S +@@ -31,7 +31,7 @@ ENTRY (__rawmemchr) + + L(do_strlen): + mov x15, x30 +- cfi_return_column (x15) ++ cfi_register (x30, x15) + mov x14, x0 + bl __strlen + add x0, x14, x0 +-- +2.33.0 + diff --git a/0010-nptl-PTHREAD_COND_INITIALIZER-compatibility-with-pre.patch b/0010-nptl-PTHREAD_COND_INITIALIZER-compatibility-with-pre.patch index a3439df..74f91fe 100644 --- a/0010-nptl-PTHREAD_COND_INITIALIZER-compatibility-with-pre.patch +++ b/0010-nptl-PTHREAD_COND_INITIALIZER-compatibility-with-pre.patch @@ -1,7 +1,7 @@ From 51210d64966caa0091e9c9cd260f1be1b19f7f4d Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Fri, 11 Jul 2025 05:57:50 -0700 -Subject: [PATCH 10/10] nptl: PTHREAD_COND_INITIALIZER compatibility with +Subject: [PATCH] nptl: PTHREAD_COND_INITIALIZER compatibility with pre-2.41 versions (bug 32786) [BZ #25847] @@ -49,5 +49,5 @@ index a43efa20d2..476cd0ed54 100644 /* Cleanup buffers */ -- -2.39.3 +2.27.0 diff --git a/0010-sysdeps-tst-bz21269-fix-Wreturn-type.patch b/0010-sysdeps-tst-bz21269-fix-Wreturn-type.patch new file mode 100644 index 0000000..e329830 --- /dev/null +++ b/0010-sysdeps-tst-bz21269-fix-Wreturn-type.patch @@ -0,0 +1,30 @@ +From 1aed90c9c8f8be9f68b58e96b6e4cd0fc08eb2b1 Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Thu, 17 Aug 2023 09:30:29 +0100 +Subject: [PATCH 10/12] sysdeps: tst-bz21269: fix -Wreturn-type + +Thanks to Andreas Schwab for reporting. + +Fixes: 652b9fdb77d9fd056d4dd26dad2c14142768ab49 +Signed-off-by: Sam James +(cherry picked from commit 369f373057073c307938da91af16922bda3dff6a) +--- + sysdeps/unix/sysv/linux/i386/tst-bz21269.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c +index 28f5359bea..822c41fceb 100644 +--- a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c ++++ b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c +@@ -60,8 +60,6 @@ xmodify_ldt (int func, const void *ptr, unsigned long bytecount) + FAIL_UNSUPPORTED ("modify_ldt not supported"); + FAIL_EXIT1 ("modify_ldt failed (errno=%d)", errno); + } +- +- return 0; + } + + static int +-- +2.33.0 + diff --git a/0011-Update-syscall-lists-for-Linux-6.5.patch b/0011-Update-syscall-lists-for-Linux-6.5.patch new file mode 100644 index 0000000..b7db5ca --- /dev/null +++ b/0011-Update-syscall-lists-for-Linux-6.5.patch @@ -0,0 +1,394 @@ +From 3ac7ba61d2d4a914b64a1d793857b84f6a875fa0 Mon Sep 17 00:00:00 2001 +From: Joseph Myers +Date: Tue, 12 Sep 2023 14:08:53 +0000 +Subject: [PATCH 11/12] Update syscall lists for Linux 6.5 + +Linux 6.5 has one new syscall, cachestat, and also enables the +cacheflush syscall for hppa. Update syscall-names.list and regenerate +the arch-syscall.h headers with build-many-glibcs.py update-syscalls. + +Tested with build-many-glibcs.py. + +(cherry picked from commit 72511f539cc34681ec61c6a0dc2fe6d684760ffe) +--- + sysdeps/unix/sysv/linux/aarch64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/alpha/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/arc/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/arm/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/csky/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/hppa/arch-syscall.h | 2 ++ + sysdeps/unix/sysv/linux/i386/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/ia64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/loongarch/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/m68k/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/microblaze/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/nios2/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/or1k/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/sh/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/syscall-names.list | 5 +++-- + sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h | 1 + + 28 files changed, 31 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h b/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h +index 4fcb6da80a..8f21ee66a0 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h +@@ -7,6 +7,7 @@ + #define __NR_bind 200 + #define __NR_bpf 280 + #define __NR_brk 214 ++#define __NR_cachestat 451 + #define __NR_capget 90 + #define __NR_capset 91 + #define __NR_chdir 49 +diff --git a/sysdeps/unix/sysv/linux/alpha/arch-syscall.h b/sysdeps/unix/sysv/linux/alpha/arch-syscall.h +index 0cf74c1a96..c5802a5fec 100644 +--- a/sysdeps/unix/sysv/linux/alpha/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/alpha/arch-syscall.h +@@ -11,6 +11,7 @@ + #define __NR_bind 104 + #define __NR_bpf 515 + #define __NR_brk 17 ++#define __NR_cachestat 561 + #define __NR_capget 368 + #define __NR_capset 369 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/arc/arch-syscall.h b/sysdeps/unix/sysv/linux/arc/arch-syscall.h +index c1207aaa12..f23f9e1154 100644 +--- a/sysdeps/unix/sysv/linux/arc/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/arc/arch-syscall.h +@@ -11,6 +11,7 @@ + #define __NR_bpf 280 + #define __NR_brk 214 + #define __NR_cacheflush 244 ++#define __NR_cachestat 451 + #define __NR_capget 90 + #define __NR_capset 91 + #define __NR_chdir 49 +diff --git a/sysdeps/unix/sysv/linux/arm/arch-syscall.h b/sysdeps/unix/sysv/linux/arm/arch-syscall.h +index e7ba04c106..7edf574899 100644 +--- a/sysdeps/unix/sysv/linux/arm/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/arm/arch-syscall.h +@@ -15,6 +15,7 @@ + #define __NR_bpf 386 + #define __NR_brk 45 + #define __NR_cacheflush 983042 ++#define __NR_cachestat 451 + #define __NR_capget 184 + #define __NR_capset 185 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/csky/arch-syscall.h b/sysdeps/unix/sysv/linux/csky/arch-syscall.h +index dc9383758e..d74a06e063 100644 +--- a/sysdeps/unix/sysv/linux/csky/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/csky/arch-syscall.h +@@ -8,6 +8,7 @@ + #define __NR_bpf 280 + #define __NR_brk 214 + #define __NR_cacheflush 245 ++#define __NR_cachestat 451 + #define __NR_capget 90 + #define __NR_capset 91 + #define __NR_chdir 49 +diff --git a/sysdeps/unix/sysv/linux/hppa/arch-syscall.h b/sysdeps/unix/sysv/linux/hppa/arch-syscall.h +index 767f1287a3..5568b94cd3 100644 +--- a/sysdeps/unix/sysv/linux/hppa/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/hppa/arch-syscall.h +@@ -13,6 +13,8 @@ + #define __NR_bind 22 + #define __NR_bpf 341 + #define __NR_brk 45 ++#define __NR_cacheflush 356 ++#define __NR_cachestat 451 + #define __NR_capget 106 + #define __NR_capset 107 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/i386/arch-syscall.h b/sysdeps/unix/sysv/linux/i386/arch-syscall.h +index 1998f0d76a..3af21a15cb 100644 +--- a/sysdeps/unix/sysv/linux/i386/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/i386/arch-syscall.h +@@ -15,6 +15,7 @@ + #define __NR_bpf 357 + #define __NR_break 17 + #define __NR_brk 45 ++#define __NR_cachestat 451 + #define __NR_capget 184 + #define __NR_capset 185 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/ia64/arch-syscall.h b/sysdeps/unix/sysv/linux/ia64/arch-syscall.h +index b2eab1b93d..39b270e642 100644 +--- a/sysdeps/unix/sysv/linux/ia64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/ia64/arch-syscall.h +@@ -11,6 +11,7 @@ + #define __NR_bind 1191 + #define __NR_bpf 1341 + #define __NR_brk 1060 ++#define __NR_cachestat 1475 + #define __NR_capget 1185 + #define __NR_capset 1186 + #define __NR_chdir 1034 +diff --git a/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h b/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h +index 6bb3c8adbc..fdefe8bb6f 100644 +--- a/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h +@@ -7,6 +7,7 @@ + #define __NR_bind 200 + #define __NR_bpf 280 + #define __NR_brk 214 ++#define __NR_cachestat 451 + #define __NR_capget 90 + #define __NR_capset 91 + #define __NR_chdir 49 +diff --git a/sysdeps/unix/sysv/linux/m68k/arch-syscall.h b/sysdeps/unix/sysv/linux/m68k/arch-syscall.h +index 5fc3723772..315e49cd33 100644 +--- a/sysdeps/unix/sysv/linux/m68k/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/m68k/arch-syscall.h +@@ -15,6 +15,7 @@ + #define __NR_bpf 354 + #define __NR_brk 45 + #define __NR_cacheflush 123 ++#define __NR_cachestat 451 + #define __NR_capget 184 + #define __NR_capset 185 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h b/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h +index b6e9b007e4..54af12780c 100644 +--- a/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h +@@ -15,6 +15,7 @@ + #define __NR_bpf 387 + #define __NR_break 17 + #define __NR_brk 45 ++#define __NR_cachestat 451 + #define __NR_capget 184 + #define __NR_capset 185 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h +index b3a3871f8a..a2aa1ffa1b 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h +@@ -17,6 +17,7 @@ + #define __NR_brk 4045 + #define __NR_cachectl 4148 + #define __NR_cacheflush 4147 ++#define __NR_cachestat 4451 + #define __NR_capget 4204 + #define __NR_capset 4205 + #define __NR_chdir 4012 +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h +index b462182723..5bec858040 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h +@@ -14,6 +14,7 @@ + #define __NR_brk 6012 + #define __NR_cachectl 6198 + #define __NR_cacheflush 6197 ++#define __NR_cachestat 6451 + #define __NR_capget 6123 + #define __NR_capset 6124 + #define __NR_chdir 6078 +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h +index a9d6b94572..0166371ee2 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h +@@ -14,6 +14,7 @@ + #define __NR_brk 5012 + #define __NR_cachectl 5198 + #define __NR_cacheflush 5197 ++#define __NR_cachestat 5451 + #define __NR_capget 5123 + #define __NR_capset 5124 + #define __NR_chdir 5078 +diff --git a/sysdeps/unix/sysv/linux/nios2/arch-syscall.h b/sysdeps/unix/sysv/linux/nios2/arch-syscall.h +index 809a219ef3..29a4cfa988 100644 +--- a/sysdeps/unix/sysv/linux/nios2/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/nios2/arch-syscall.h +@@ -8,6 +8,7 @@ + #define __NR_bpf 280 + #define __NR_brk 214 + #define __NR_cacheflush 244 ++#define __NR_cachestat 451 + #define __NR_capget 90 + #define __NR_capset 91 + #define __NR_chdir 49 +diff --git a/sysdeps/unix/sysv/linux/or1k/arch-syscall.h b/sysdeps/unix/sysv/linux/or1k/arch-syscall.h +index 1364f4cbc0..f5a3729663 100644 +--- a/sysdeps/unix/sysv/linux/or1k/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/or1k/arch-syscall.h +@@ -7,6 +7,7 @@ + #define __NR_bind 200 + #define __NR_bpf 280 + #define __NR_brk 214 ++#define __NR_cachestat 451 + #define __NR_capget 90 + #define __NR_capset 91 + #define __NR_chdir 49 +diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h b/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h +index 627831ebae..3a212a0269 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h +@@ -15,6 +15,7 @@ + #define __NR_bpf 361 + #define __NR_break 17 + #define __NR_brk 45 ++#define __NR_cachestat 451 + #define __NR_capget 183 + #define __NR_capset 184 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h b/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h +index bae597199d..1038ead227 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h +@@ -15,6 +15,7 @@ + #define __NR_bpf 361 + #define __NR_break 17 + #define __NR_brk 45 ++#define __NR_cachestat 451 + #define __NR_capget 183 + #define __NR_capset 184 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h b/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h +index 2416e041c8..57b043ffb5 100644 +--- a/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h +@@ -6,6 +6,7 @@ + #define __NR_bind 200 + #define __NR_bpf 280 + #define __NR_brk 214 ++#define __NR_cachestat 451 + #define __NR_capget 90 + #define __NR_capset 91 + #define __NR_chdir 49 +diff --git a/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h b/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h +index a32bc82f60..1041a0f8c9 100644 +--- a/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h +@@ -7,6 +7,7 @@ + #define __NR_bind 200 + #define __NR_bpf 280 + #define __NR_brk 214 ++#define __NR_cachestat 451 + #define __NR_capget 90 + #define __NR_capset 91 + #define __NR_chdir 49 +diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h b/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h +index 2288f20e45..70d4c6782e 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h +@@ -13,6 +13,7 @@ + #define __NR_bind 361 + #define __NR_bpf 351 + #define __NR_brk 45 ++#define __NR_cachestat 451 + #define __NR_capget 184 + #define __NR_capset 185 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h b/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h +index 05e6d8428e..65a8a9e316 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h +@@ -11,6 +11,7 @@ + #define __NR_bind 361 + #define __NR_bpf 351 + #define __NR_brk 45 ++#define __NR_cachestat 451 + #define __NR_capget 184 + #define __NR_capset 185 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/sh/arch-syscall.h b/sysdeps/unix/sysv/linux/sh/arch-syscall.h +index d52b522d9c..94aad0f119 100644 +--- a/sysdeps/unix/sysv/linux/sh/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sh/arch-syscall.h +@@ -14,6 +14,7 @@ + #define __NR_bpf 375 + #define __NR_brk 45 + #define __NR_cacheflush 123 ++#define __NR_cachestat 451 + #define __NR_capget 184 + #define __NR_capset 185 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h b/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h +index d3f4d8aa3e..d630306c75 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h +@@ -14,6 +14,7 @@ + #define __NR_bind 353 + #define __NR_bpf 349 + #define __NR_brk 17 ++#define __NR_cachestat 451 + #define __NR_capget 21 + #define __NR_capset 22 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h b/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h +index 2cc03d7a24..930f29b4d2 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h +@@ -14,6 +14,7 @@ + #define __NR_bind 353 + #define __NR_bpf 349 + #define __NR_brk 17 ++#define __NR_cachestat 451 + #define __NR_capget 21 + #define __NR_capset 22 + #define __NR_chdir 12 +diff --git a/sysdeps/unix/sysv/linux/syscall-names.list b/sysdeps/unix/sysv/linux/syscall-names.list +index 5b69106434..cf6f70ecd9 100644 +--- a/sysdeps/unix/sysv/linux/syscall-names.list ++++ b/sysdeps/unix/sysv/linux/syscall-names.list +@@ -21,8 +21,8 @@ + # This file can list all potential system calls. The names are only + # used if the installed kernel headers also provide them. + +-# The list of system calls is current as of Linux 6.4. +-kernel 6.4 ++# The list of system calls is current as of Linux 6.5. ++kernel 6.5 + + FAST_atomic_update + FAST_cmpxchg +@@ -58,6 +58,7 @@ breakpoint + brk + cachectl + cacheflush ++cachestat + capget + capset + chdir +diff --git a/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h +index b4ab892ec1..58646cf0bd 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h +@@ -12,6 +12,7 @@ + #define __NR_bind 49 + #define __NR_bpf 321 + #define __NR_brk 12 ++#define __NR_cachestat 451 + #define __NR_capget 125 + #define __NR_capset 126 + #define __NR_chdir 80 +diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +index 772559c87b..604bcdfa5b 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +@@ -11,6 +11,7 @@ + #define __NR_bind 1073741873 + #define __NR_bpf 1073742145 + #define __NR_brk 1073741836 ++#define __NR_cachestat 1073742275 + #define __NR_capget 1073741949 + #define __NR_capset 1073741950 + #define __NR_chdir 1073741904 +-- +2.33.0 + diff --git a/0011-aarch64-fix-check-for-SVE-support-in-assembler.patch b/0011-aarch64-fix-check-for-SVE-support-in-assembler.patch new file mode 100644 index 0000000..ecc3b27 --- /dev/null +++ b/0011-aarch64-fix-check-for-SVE-support-in-assembler.patch @@ -0,0 +1,61 @@ +From 1bf17ce978da71431dbd1fc3660cfae3dff0672f Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Wed, 13 Mar 2024 14:34:14 +0000 +Subject: [PATCH 11/26] aarch64: fix check for SVE support in assembler + +Due to GCC bug 110901 -mcpu can override -march setting when compiling +asm code and thus a compiler targetting a specific cpu can fail the +configure check even when binutils gas supports SVE. + +The workaround is that explicit .arch directive overrides both -mcpu +and -march, and since that's what the actual SVE memcpy uses the +configure check should use that too even if the GCC issue is fixed +independently. + +Reviewed-by: Florian Weimer +(cherry picked from commit 73c26018ed0ecd9c807bb363cc2c2ab4aca66a82) +--- + sysdeps/aarch64/configure | 5 +++-- + sysdeps/aarch64/configure.ac | 5 +++-- + 2 files changed, 6 insertions(+), 4 deletions(-) + mode change 100644 => 100755 sysdeps/aarch64/configure + +diff --git a/sysdeps/aarch64/configure b/sysdeps/aarch64/configure +old mode 100644 +new mode 100755 +index ca57edce47..9606137e8d +--- a/sysdeps/aarch64/configure ++++ b/sysdeps/aarch64/configure +@@ -325,9 +325,10 @@ then : + printf %s "(cached) " >&6 + else $as_nop + cat > conftest.s <<\EOF +- ptrue p0.b ++ .arch armv8.2-a+sve ++ ptrue p0.b + EOF +-if { ac_try='${CC-cc} -c -march=armv8.2-a+sve conftest.s 1>&5' ++if { ac_try='${CC-cc} -c conftest.s 1>&5' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 + (eval $ac_try) 2>&5 + ac_status=$? +diff --git a/sysdeps/aarch64/configure.ac b/sysdeps/aarch64/configure.ac +index 27874eceb4..56d12d661d 100644 +--- a/sysdeps/aarch64/configure.ac ++++ b/sysdeps/aarch64/configure.ac +@@ -90,9 +90,10 @@ LIBC_CONFIG_VAR([aarch64-variant-pcs], [$libc_cv_aarch64_variant_pcs]) + # Check if asm support armv8.2-a+sve + AC_CACHE_CHECK([for SVE support in assembler], [libc_cv_aarch64_sve_asm], [dnl + cat > conftest.s <<\EOF +- ptrue p0.b ++ .arch armv8.2-a+sve ++ ptrue p0.b + EOF +-if AC_TRY_COMMAND(${CC-cc} -c -march=armv8.2-a+sve conftest.s 1>&AS_MESSAGE_LOG_FD); then ++if AC_TRY_COMMAND(${CC-cc} -c conftest.s 1>&AS_MESSAGE_LOG_FD); then + libc_cv_aarch64_sve_asm=yes + else + libc_cv_aarch64_sve_asm=no +-- +2.33.0 + diff --git a/0011-io-Fix-record-locking-contants-for-powerpc64-with-__.patch b/0011-io-Fix-record-locking-contants-for-powerpc64-with-__.patch new file mode 100644 index 0000000..1e9a5c3 --- /dev/null +++ b/0011-io-Fix-record-locking-contants-for-powerpc64-with-__.patch @@ -0,0 +1,91 @@ +From 5bdef6f27c91f45505ed5444147be4ed0e9bc3c7 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 28 Aug 2023 23:30:37 +0200 +Subject: [PATCH 11/12] io: Fix record locking contants for powerpc64 with + __USE_FILE_OFFSET64 + +Commit 5f828ff824e3b7cd1 ("io: Fix F_GETLK, F_SETLK, and F_SETLKW for +powerpc64") fixed an issue with the value of the lock constants on +powerpc64 when not using __USE_FILE_OFFSET64, but it ended-up also +changing the value when using __USE_FILE_OFFSET64 causing an API change. + +Fix that by also checking that define, restoring the pre +4d0fe291aed3a476a commit values: + +Default values: +- F_GETLK: 5 +- F_SETLK: 6 +- F_SETLKW: 7 + +With -D_FILE_OFFSET_BITS=64: +- F_GETLK: 12 +- F_SETLK: 13 +- F_SETLKW: 14 + +At the same time, it has been noticed that there was no test for io lock +with __USE_FILE_OFFSET64, so just add one. + +Tested on x86_64-linux-gnu, i686-linux-gnu and +powerpc64le-unknown-linux-gnu. + +Resolves: BZ #30804. +Co-authored-by: Adhemerval Zanella +Signed-off-by: Aurelien Jarno +(cherry picked from commit 434bf72a94de68f0cc7fbf3c44bf38c1911b70cb) +--- + NEWS | 2 ++ + io/Makefile | 1 + + io/tst-fcntl-lock-lfs.c | 2 ++ + sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h | 2 +- + 4 files changed, 6 insertions(+), 1 deletion(-) + create mode 100644 io/tst-fcntl-lock-lfs.c + +diff --git a/NEWS b/NEWS +index c339cb444e..8156572cdf 100644 +--- a/NEWS ++++ b/NEWS +@@ -133,6 +133,8 @@ The following bugs are resolved with this release: + [30579] malloc: trim_threshold in realloc lead to high memory usage + [30662] nscd: Group and password cache use errno in place of errval + [30723] posix_memalign repeatedly scans long bin lists ++ [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with ++ -D_FILE_OFFSET_BITS=64 + + Version 2.37 + +diff --git a/io/Makefile b/io/Makefile +index 6ccc0e8691..8a3c83a3bb 100644 +--- a/io/Makefile ++++ b/io/Makefile +@@ -192,6 +192,7 @@ tests := \ + tst-fchownat \ + tst-fcntl \ + tst-fcntl-lock \ ++ tst-fcntl-lock-lfs \ + tst-fstatat \ + tst-fts \ + tst-fts-lfs \ +diff --git a/io/tst-fcntl-lock-lfs.c b/io/tst-fcntl-lock-lfs.c +new file mode 100644 +index 0000000000..f2a909fb02 +--- /dev/null ++++ b/io/tst-fcntl-lock-lfs.c +@@ -0,0 +1,2 @@ ++#define _FILE_OFFSET_BITS 64 ++#include +diff --git a/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h b/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h +index f7615a447e..d8a291a331 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h ++++ b/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h +@@ -33,7 +33,7 @@ + # define __O_LARGEFILE 0200000 + #endif + +-#if __WORDSIZE == 64 ++#if __WORDSIZE == 64 && !defined __USE_FILE_OFFSET64 + # define F_GETLK 5 + # define F_SETLK 6 + # define F_SETLKW 7 +-- +2.33.0 + diff --git a/0012-AArch64-Check-kernel-version-for-SVE-ifuncs.patch b/0012-AArch64-Check-kernel-version-for-SVE-ifuncs.patch new file mode 100644 index 0000000..687c821 --- /dev/null +++ b/0012-AArch64-Check-kernel-version-for-SVE-ifuncs.patch @@ -0,0 +1,153 @@ +From 92da7c2cfeeea36d651142f47e570dd5076bc166 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Thu, 21 Mar 2024 16:48:33 +0000 +Subject: [PATCH 12/26] AArch64: Check kernel version for SVE ifuncs + +Old Linux kernels disable SVE after every system call. Calling the +SVE-optimized memcpy afterwards will then cause a trap to reenable SVE. +As a result, applications with a high use of syscalls may run slower with +the SVE memcpy. This is true for kernels between 4.15.0 and before 6.2.0, +except for 5.14.0 which was patched. Avoid this by checking the kernel +version and selecting the SVE ifunc on modern kernels. + +Parse the kernel version reported by uname() into a 24-bit kernel.major.minor +value without calling any library functions. If uname() is not supported or +if the version format is not recognized, assume the kernel is modern. + +Tested-by: Florian Weimer +Reviewed-by: Szabolcs Nagy +(cherry picked from commit 2e94e2f5d2bf2de124c8ad7da85463355e54ccb2) +--- + sysdeps/aarch64/multiarch/init-arch.h | 2 + + sysdeps/aarch64/multiarch/memcpy.c | 2 +- + sysdeps/aarch64/multiarch/memmove.c | 2 +- + .../unix/sysv/linux/aarch64/cpu-features.c | 48 +++++++++++++++++++ + .../unix/sysv/linux/aarch64/cpu-features.h | 1 + + 5 files changed, 53 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/aarch64/multiarch/init-arch.h b/sysdeps/aarch64/multiarch/init-arch.h +index e23e6ff290..daef631e04 100644 +--- a/sysdeps/aarch64/multiarch/init-arch.h ++++ b/sysdeps/aarch64/multiarch/init-arch.h +@@ -36,5 +36,7 @@ + MTE_ENABLED (); \ + bool __attribute__((unused)) sve = \ + GLRO(dl_aarch64_cpu_features).sve; \ ++ bool __attribute__((unused)) prefer_sve_ifuncs = \ ++ GLRO(dl_aarch64_cpu_features).prefer_sve_ifuncs; \ + bool __attribute__((unused)) mops = \ + GLRO(dl_aarch64_cpu_features).mops; +diff --git a/sysdeps/aarch64/multiarch/memcpy.c b/sysdeps/aarch64/multiarch/memcpy.c +index 6471fe82e3..e7c7795db6 100644 +--- a/sysdeps/aarch64/multiarch/memcpy.c ++++ b/sysdeps/aarch64/multiarch/memcpy.c +@@ -47,7 +47,7 @@ select_memcpy_ifunc (void) + { + if (IS_A64FX (midr)) + return __memcpy_a64fx; +- return __memcpy_sve; ++ return prefer_sve_ifuncs ? __memcpy_sve : __memcpy_generic; + } + + if (IS_THUNDERX (midr)) +diff --git a/sysdeps/aarch64/multiarch/memmove.c b/sysdeps/aarch64/multiarch/memmove.c +index 7602a5d57d..6b77166851 100644 +--- a/sysdeps/aarch64/multiarch/memmove.c ++++ b/sysdeps/aarch64/multiarch/memmove.c +@@ -47,7 +47,7 @@ select_memmove_ifunc (void) + { + if (IS_A64FX (midr)) + return __memmove_a64fx; +- return __memmove_sve; ++ return prefer_sve_ifuncs ? __memmove_sve : __memmove_generic; + } + + if (IS_THUNDERX (midr)) +diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c +index a11a86efab..4a205a6b35 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c ++++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + + #define DCZID_DZP_MASK (1 << 4) + #define DCZID_BS_MASK (0xf) +@@ -57,6 +58,46 @@ get_midr_from_mcpu (const char *mcpu) + return UINT64_MAX; + } + ++#if __LINUX_KERNEL_VERSION < 0x060200 ++ ++/* Return true if we prefer using SVE in string ifuncs. Old kernels disable ++ SVE after every system call which results in unnecessary traps if memcpy ++ uses SVE. This is true for kernels between 4.15.0 and before 6.2.0, except ++ for 5.14.0 which was patched. For these versions return false to avoid using ++ SVE ifuncs. ++ Parse the kernel version into a 24-bit kernel.major.minor value without ++ calling any library functions. If uname() is not supported or if the version ++ format is not recognized, assume the kernel is modern and return true. */ ++ ++static inline bool ++prefer_sve_ifuncs (void) ++{ ++ struct utsname buf; ++ const char *p = &buf.release[0]; ++ int kernel = 0; ++ int val; ++ ++ if (__uname (&buf) < 0) ++ return true; ++ ++ for (int shift = 16; shift >= 0; shift -= 8) ++ { ++ for (val = 0; *p >= '0' && *p <= '9'; p++) ++ val = val * 10 + *p - '0'; ++ kernel |= (val & 255) << shift; ++ if (*p++ != '.') ++ break; ++ } ++ ++ if (kernel >= 0x060200 || kernel == 0x050e00) ++ return true; ++ if (kernel >= 0x040f00) ++ return false; ++ return true; ++} ++ ++#endif ++ + static inline void + init_cpu_features (struct cpu_features *cpu_features) + { +@@ -119,6 +160,13 @@ init_cpu_features (struct cpu_features *cpu_features) + /* Check if SVE is supported. */ + cpu_features->sve = GLRO (dl_hwcap) & HWCAP_SVE; + ++ cpu_features->prefer_sve_ifuncs = cpu_features->sve; ++ ++#if __LINUX_KERNEL_VERSION < 0x060200 ++ if (cpu_features->sve) ++ cpu_features->prefer_sve_ifuncs = prefer_sve_ifuncs (); ++#endif ++ + /* Check if MOPS is supported. */ + cpu_features->mops = GLRO (dl_hwcap2) & HWCAP2_MOPS; + } +diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h +index 2cf745cd19..351a619dcb 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h ++++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h +@@ -71,6 +71,7 @@ struct cpu_features + /* Currently, the GLIBC memory tagging tunable only defines 8 bits. */ + uint8_t mte_state; + bool sve; ++ bool prefer_sve_ifuncs; + bool mops; + }; + +-- +2.33.0 + diff --git a/0012-resolv-Fix-tst-resolv-short-response-for-older-GCC-b.patch b/0012-resolv-Fix-tst-resolv-short-response-for-older-GCC-b.patch new file mode 100644 index 0000000..fc16820 --- /dev/null +++ b/0012-resolv-Fix-tst-resolv-short-response-for-older-GCC-b.patch @@ -0,0 +1,35 @@ +From 9184c13681b5de1f9e078538f0e1ee9b8599e1c3 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 1 Aug 2024 10:46:10 +0200 +Subject: [PATCH 12/12] resolv: Fix tst-resolv-short-response for older GCC + (bug 32042) + +Previous GCC versions do not support the C23 change that +allows labels on declarations. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit ec119972cb2598c04ec7d4219e20506006836f64) +--- + resolv/tst-resolv-short-response.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/resolv/tst-resolv-short-response.c b/resolv/tst-resolv-short-response.c +index be354ae1c7..9b06b0c176 100644 +--- a/resolv/tst-resolv-short-response.c ++++ b/resolv/tst-resolv-short-response.c +@@ -33,8 +33,10 @@ response (const struct resolv_response_context *ctx, + { + case 0: + /* First server times out. */ +- struct resolv_response_flags flags = {.rcode = rcode}; +- resolv_response_init (b, flags); ++ { ++ struct resolv_response_flags flags = {.rcode = rcode}; ++ resolv_response_init (b, flags); ++ } + break; + case 1: + /* Second server sends reply. */ +-- +2.33.0 + diff --git a/0013-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch b/0013-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch new file mode 100644 index 0000000..526dc2c --- /dev/null +++ b/0013-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch @@ -0,0 +1,56 @@ +From 20534f81760635f3a71fb11ba251568cdc11c6a0 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Sun, 14 Apr 2024 08:24:51 +0200 +Subject: [PATCH 13/26] powerpc: Fix ld.so address determination for PCREL mode + (bug 31640) + +This seems to have stopped working with some GCC 14 versions, +which clobber r2. With other compilers, the kernel-provided +r2 value is still available at this point. + +Reviewed-by: Peter Bergner +(cherry picked from commit 14e56bd4ce15ac2d1cc43f762eb2e6b83fec1afe) +--- + sysdeps/powerpc/powerpc64/dl-machine.h | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/sysdeps/powerpc/powerpc64/dl-machine.h b/sysdeps/powerpc/powerpc64/dl-machine.h +index 9b8943bc91..7fa8a355b5 100644 +--- a/sysdeps/powerpc/powerpc64/dl-machine.h ++++ b/sysdeps/powerpc/powerpc64/dl-machine.h +@@ -79,6 +79,7 @@ elf_host_tolerates_class (const Elf64_Ehdr *ehdr) + static inline Elf64_Addr + elf_machine_load_address (void) __attribute__ ((const)); + ++#ifndef __PCREL__ + static inline Elf64_Addr + elf_machine_load_address (void) + { +@@ -106,6 +107,24 @@ elf_machine_dynamic (void) + /* Then subtract off the load address offset. */ + return runtime_dynamic - elf_machine_load_address() ; + } ++#else /* __PCREL__ */ ++/* In PCREL mode, r2 may have been clobbered. Rely on relative ++ relocations instead. */ ++ ++static inline ElfW(Addr) ++elf_machine_load_address (void) ++{ ++ extern const ElfW(Ehdr) __ehdr_start attribute_hidden; ++ return (ElfW(Addr)) &__ehdr_start; ++} ++ ++static inline ElfW(Addr) ++elf_machine_dynamic (void) ++{ ++ extern ElfW(Dyn) _DYNAMIC[] attribute_hidden; ++ return (ElfW(Addr)) _DYNAMIC - elf_machine_load_address (); ++} ++#endif /* __PCREL__ */ + + /* The PLT uses Elf64_Rela relocs. */ + #define elf_machine_relplt elf_machine_rela +-- +2.33.0 + diff --git a/0015-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch b/0015-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch new file mode 100644 index 0000000..b32b5b4 --- /dev/null +++ b/0015-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch @@ -0,0 +1,38 @@ +From 61484011e76d2bfafbe401f7058717c2029dd155 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Wed, 17 Jan 2024 10:13:06 -0300 +Subject: [PATCH 15/26] sparc: Remove 64 bit check on sparc32 wordsize (BZ + 27574) + +The sparc32 is always 32 bits. + +Checked on sparcv9-linux-gnu. + +(cherry picked from commit dd57f5e7b652772499cb220d78157c1038d24f06) +--- + sysdeps/sparc/sparc32/bits/wordsize.h | 13 ++++--------- + 1 file changed, 4 insertions(+), 9 deletions(-) + +diff --git a/sysdeps/sparc/sparc32/bits/wordsize.h b/sysdeps/sparc/sparc32/bits/wordsize.h +index 2f66f10d72..4bbd2e63b4 100644 +--- a/sysdeps/sparc/sparc32/bits/wordsize.h ++++ b/sysdeps/sparc/sparc32/bits/wordsize.h +@@ -1,11 +1,6 @@ + /* Determine the wordsize from the preprocessor defines. */ + +-#if defined __arch64__ || defined __sparcv9 +-# define __WORDSIZE 64 +-# define __WORDSIZE_TIME64_COMPAT32 1 +-#else +-# define __WORDSIZE 32 +-# define __WORDSIZE_TIME64_COMPAT32 0 +-# define __WORDSIZE32_SIZE_ULONG 0 +-# define __WORDSIZE32_PTRDIFF_LONG 0 +-#endif ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 0 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 +-- +2.33.0 + diff --git a/0016-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch b/0016-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch new file mode 100644 index 0000000..c1595fa --- /dev/null +++ b/0016-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch @@ -0,0 +1,247 @@ +From 78d9f91da6682f4073f05abaf309e4ca2b746003 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 19 Apr 2024 14:38:17 +0200 +Subject: [PATCH 16/26] login: Check default sizes of structs utmp, utmpx, + lastlog + +The default is for ports with a 64-bit time_t. +Ports with a 32-bit time_t or with __WORDSIZE_TIME64_COMPAT32=1 +need to override it. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 4d4da5aab936504b2d3eca3146e109630d9093c4) +--- + login/Makefile | 2 +- + login/tst-utmp-size.c | 33 +++++++++++++++++++++++++++++++++ + sysdeps/arc/utmp-size.h | 3 +++ + sysdeps/arm/utmp-size.h | 2 ++ + sysdeps/csky/utmp-size.h | 2 ++ + sysdeps/generic/utmp-size.h | 23 +++++++++++++++++++++++ + sysdeps/hppa/utmp-size.h | 2 ++ + sysdeps/m68k/utmp-size.h | 3 +++ + sysdeps/microblaze/utmp-size.h | 2 ++ + sysdeps/mips/utmp-size.h | 2 ++ + sysdeps/nios2/utmp-size.h | 2 ++ + sysdeps/or1k/utmp-size.h | 3 +++ + sysdeps/powerpc/utmp-size.h | 2 ++ + sysdeps/riscv/utmp-size.h | 2 ++ + sysdeps/sh/utmp-size.h | 2 ++ + sysdeps/sparc/utmp-size.h | 2 ++ + sysdeps/x86/utmp-size.h | 2 ++ + 17 files changed, 88 insertions(+), 1 deletion(-) + create mode 100644 login/tst-utmp-size.c + create mode 100644 sysdeps/arc/utmp-size.h + create mode 100644 sysdeps/arm/utmp-size.h + create mode 100644 sysdeps/csky/utmp-size.h + create mode 100644 sysdeps/generic/utmp-size.h + create mode 100644 sysdeps/hppa/utmp-size.h + create mode 100644 sysdeps/m68k/utmp-size.h + create mode 100644 sysdeps/microblaze/utmp-size.h + create mode 100644 sysdeps/mips/utmp-size.h + create mode 100644 sysdeps/nios2/utmp-size.h + create mode 100644 sysdeps/or1k/utmp-size.h + create mode 100644 sysdeps/powerpc/utmp-size.h + create mode 100644 sysdeps/riscv/utmp-size.h + create mode 100644 sysdeps/sh/utmp-size.h + create mode 100644 sysdeps/sparc/utmp-size.h + create mode 100644 sysdeps/x86/utmp-size.h + +diff --git a/login/Makefile b/login/Makefile +index 74216cbcb2..1cca663769 100644 +--- a/login/Makefile ++++ b/login/Makefile +@@ -44,7 +44,7 @@ subdir-dirs = programs + vpath %.c programs + + tests := tst-utmp tst-utmpx tst-grantpt tst-ptsname tst-getlogin tst-updwtmpx \ +- tst-pututxline-lockfail tst-pututxline-cache ++ tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size + + # Empty compatibility library for old binaries. + extra-libs := libutil +diff --git a/login/tst-utmp-size.c b/login/tst-utmp-size.c +new file mode 100644 +index 0000000000..1b7f7ff042 +--- /dev/null ++++ b/login/tst-utmp-size.c +@@ -0,0 +1,33 @@ ++/* Check expected sizes of struct utmp, struct utmpx, struct lastlog. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++ ++static int ++do_test (void) ++{ ++ _Static_assert (sizeof (struct utmp) == UTMP_SIZE, "struct utmp size"); ++ _Static_assert (sizeof (struct utmpx) == UTMP_SIZE, "struct utmpx size"); ++ _Static_assert (sizeof (struct lastlog) == LASTLOG_SIZE, ++ "struct lastlog size"); ++ return 0; ++} ++ ++#include +diff --git a/sysdeps/arc/utmp-size.h b/sysdeps/arc/utmp-size.h +new file mode 100644 +index 0000000000..a247fcd3da +--- /dev/null ++++ b/sysdeps/arc/utmp-size.h +@@ -0,0 +1,3 @@ ++/* arc has less padding than other architectures with 64-bit time_t. */ ++#define UTMP_SIZE 392 ++#define LASTLOG_SIZE 296 +diff --git a/sysdeps/arm/utmp-size.h b/sysdeps/arm/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/arm/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/csky/utmp-size.h b/sysdeps/csky/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/csky/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/generic/utmp-size.h b/sysdeps/generic/utmp-size.h +new file mode 100644 +index 0000000000..89dbe878b0 +--- /dev/null ++++ b/sysdeps/generic/utmp-size.h +@@ -0,0 +1,23 @@ ++/* Expected sizes of utmp-related structures stored in files. 64-bit version. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++/* Expected size, in bytes, of struct utmp and struct utmpx. */ ++#define UTMP_SIZE 400 ++ ++/* Expected size, in bytes, of struct lastlog. */ ++#define LASTLOG_SIZE 296 +diff --git a/sysdeps/hppa/utmp-size.h b/sysdeps/hppa/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/hppa/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/m68k/utmp-size.h b/sysdeps/m68k/utmp-size.h +new file mode 100644 +index 0000000000..5946685819 +--- /dev/null ++++ b/sysdeps/m68k/utmp-size.h +@@ -0,0 +1,3 @@ ++/* m68k has 2-byte alignment. */ ++#define UTMP_SIZE 382 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/microblaze/utmp-size.h b/sysdeps/microblaze/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/microblaze/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/mips/utmp-size.h b/sysdeps/mips/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/mips/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/nios2/utmp-size.h b/sysdeps/nios2/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/nios2/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/or1k/utmp-size.h b/sysdeps/or1k/utmp-size.h +new file mode 100644 +index 0000000000..6b3653aa4d +--- /dev/null ++++ b/sysdeps/or1k/utmp-size.h +@@ -0,0 +1,3 @@ ++/* or1k has less padding than other architectures with 64-bit time_t. */ ++#define UTMP_SIZE 392 ++#define LASTLOG_SIZE 296 +diff --git a/sysdeps/powerpc/utmp-size.h b/sysdeps/powerpc/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/powerpc/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/riscv/utmp-size.h b/sysdeps/riscv/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/riscv/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/sh/utmp-size.h b/sysdeps/sh/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/sh/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/sparc/utmp-size.h b/sysdeps/sparc/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/sparc/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +diff --git a/sysdeps/x86/utmp-size.h b/sysdeps/x86/utmp-size.h +new file mode 100644 +index 0000000000..8f21ebe1b6 +--- /dev/null ++++ b/sysdeps/x86/utmp-size.h +@@ -0,0 +1,2 @@ ++#define UTMP_SIZE 384 ++#define LASTLOG_SIZE 292 +-- +2.33.0 + diff --git a/0017-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch b/0017-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch new file mode 100644 index 0000000..9de4ff7 --- /dev/null +++ b/0017-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch @@ -0,0 +1,399 @@ +From 68bff8859231787f7e19b01788cc59b673c14046 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 19 Apr 2024 14:38:17 +0200 +Subject: [PATCH 17/26] login: structs utmp, utmpx, lastlog _TIME_BITS + independence (bug 30701) + +These structs describe file formats under /var/log, and should not +depend on the definition of _TIME_BITS. This is achieved by +defining __WORDSIZE_TIME64_COMPAT32 to 1 on 32-bit ports that +support 32-bit time_t values (where __time_t is 32 bits). + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 9abdae94c7454c45e02e97e4ed1eb1b1915d13d8) +--- + bits/wordsize.h | 6 ++++-- + login/Makefile | 4 +++- + login/tst-utmp-size-64.c | 2 ++ + sysdeps/arm/bits/wordsize.h | 21 +++++++++++++++++++ + sysdeps/csky/bits/wordsize.h | 21 +++++++++++++++++++ + sysdeps/m68k/bits/wordsize.h | 21 +++++++++++++++++++ + sysdeps/microblaze/bits/wordsize.h | 21 +++++++++++++++++++ + sysdeps/mips/bits/wordsize.h | 6 +----- + sysdeps/nios2/bits/wordsize.h | 21 +++++++++++++++++++ + sysdeps/powerpc/powerpc32/bits/wordsize.h | 3 +-- + sysdeps/powerpc/powerpc64/bits/wordsize.h | 3 +-- + sysdeps/sh/bits/wordsize.h | 21 +++++++++++++++++++ + sysdeps/sparc/sparc32/bits/wordsize.h | 2 +- + sysdeps/sparc/sparc64/bits/wordsize.h | 3 +-- + sysdeps/unix/sysv/linux/hppa/bits/wordsize.h | 21 +++++++++++++++++++ + .../unix/sysv/linux/powerpc/bits/wordsize.h | 3 +-- + sysdeps/unix/sysv/linux/sparc/bits/wordsize.h | 3 +-- + sysdeps/x86/bits/wordsize.h | 5 ++--- + 18 files changed, 165 insertions(+), 22 deletions(-) + create mode 100644 login/tst-utmp-size-64.c + create mode 100644 sysdeps/arm/bits/wordsize.h + create mode 100644 sysdeps/csky/bits/wordsize.h + create mode 100644 sysdeps/m68k/bits/wordsize.h + create mode 100644 sysdeps/microblaze/bits/wordsize.h + create mode 100644 sysdeps/nios2/bits/wordsize.h + create mode 100644 sysdeps/sh/bits/wordsize.h + create mode 100644 sysdeps/unix/sysv/linux/hppa/bits/wordsize.h + +diff --git a/bits/wordsize.h b/bits/wordsize.h +index 14edae3a11..53013a9275 100644 +--- a/bits/wordsize.h ++++ b/bits/wordsize.h +@@ -21,7 +21,9 @@ + #define __WORDSIZE32_PTRDIFF_LONG + + /* Set to 1 in order to force time types to be 32 bits instead of 64 bits in +- struct lastlog and struct utmp{,x} on 64-bit ports. This may be done in ++ struct lastlog and struct utmp{,x}. This may be done in + order to make 64-bit ports compatible with 32-bit ports. Set to 0 for +- 64-bit ports where the time types are 64-bits or for any 32-bit ports. */ ++ 64-bit ports where the time types are 64-bits and new 32-bit ports ++ where time_t is 64 bits, and there is no companion architecture with ++ 32-bit time_t. */ + #define __WORDSIZE_TIME64_COMPAT32 +diff --git a/login/Makefile b/login/Makefile +index 1cca663769..7dd6cab9c9 100644 +--- a/login/Makefile ++++ b/login/Makefile +@@ -44,7 +44,9 @@ subdir-dirs = programs + vpath %.c programs + + tests := tst-utmp tst-utmpx tst-grantpt tst-ptsname tst-getlogin tst-updwtmpx \ +- tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size ++ tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size tst-utmp-size-64 ++ ++CFLAGS-tst-utmp-size-64.c += -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 + + # Empty compatibility library for old binaries. + extra-libs := libutil +diff --git a/login/tst-utmp-size-64.c b/login/tst-utmp-size-64.c +new file mode 100644 +index 0000000000..7a581a4c12 +--- /dev/null ++++ b/login/tst-utmp-size-64.c +@@ -0,0 +1,2 @@ ++/* The on-disk layout must not change in time64 mode. */ ++#include "tst-utmp-size.c" +diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h +new file mode 100644 +index 0000000000..6ecbfe7c86 +--- /dev/null ++++ b/sysdeps/arm/bits/wordsize.h +@@ -0,0 +1,21 @@ ++/* Copyright (C) 1999-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 +diff --git a/sysdeps/csky/bits/wordsize.h b/sysdeps/csky/bits/wordsize.h +new file mode 100644 +index 0000000000..6ecbfe7c86 +--- /dev/null ++++ b/sysdeps/csky/bits/wordsize.h +@@ -0,0 +1,21 @@ ++/* Copyright (C) 1999-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 +diff --git a/sysdeps/m68k/bits/wordsize.h b/sysdeps/m68k/bits/wordsize.h +new file mode 100644 +index 0000000000..6ecbfe7c86 +--- /dev/null ++++ b/sysdeps/m68k/bits/wordsize.h +@@ -0,0 +1,21 @@ ++/* Copyright (C) 1999-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 +diff --git a/sysdeps/microblaze/bits/wordsize.h b/sysdeps/microblaze/bits/wordsize.h +new file mode 100644 +index 0000000000..6ecbfe7c86 +--- /dev/null ++++ b/sysdeps/microblaze/bits/wordsize.h +@@ -0,0 +1,21 @@ ++/* Copyright (C) 1999-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 +diff --git a/sysdeps/mips/bits/wordsize.h b/sysdeps/mips/bits/wordsize.h +index 9d7d961f3e..cb72a0869a 100644 +--- a/sysdeps/mips/bits/wordsize.h ++++ b/sysdeps/mips/bits/wordsize.h +@@ -19,11 +19,7 @@ + + #define __WORDSIZE _MIPS_SZPTR + +-#if _MIPS_SIM == _ABI64 +-# define __WORDSIZE_TIME64_COMPAT32 1 +-#else +-# define __WORDSIZE_TIME64_COMPAT32 0 +-#endif ++#define __WORDSIZE_TIME64_COMPAT32 1 + + #if __WORDSIZE == 32 + #define __WORDSIZE32_SIZE_ULONG 0 +diff --git a/sysdeps/nios2/bits/wordsize.h b/sysdeps/nios2/bits/wordsize.h +new file mode 100644 +index 0000000000..6ecbfe7c86 +--- /dev/null ++++ b/sysdeps/nios2/bits/wordsize.h +@@ -0,0 +1,21 @@ ++/* Copyright (C) 1999-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 +diff --git a/sysdeps/powerpc/powerpc32/bits/wordsize.h b/sysdeps/powerpc/powerpc32/bits/wordsize.h +index 04ca9debf0..6993fb6b29 100644 +--- a/sysdeps/powerpc/powerpc32/bits/wordsize.h ++++ b/sysdeps/powerpc/powerpc32/bits/wordsize.h +@@ -2,10 +2,9 @@ + + #if defined __powerpc64__ + # define __WORDSIZE 64 +-# define __WORDSIZE_TIME64_COMPAT32 1 + #else + # define __WORDSIZE 32 +-# define __WORDSIZE_TIME64_COMPAT32 0 + # define __WORDSIZE32_SIZE_ULONG 0 + # define __WORDSIZE32_PTRDIFF_LONG 0 + #endif ++#define __WORDSIZE_TIME64_COMPAT32 1 +diff --git a/sysdeps/powerpc/powerpc64/bits/wordsize.h b/sysdeps/powerpc/powerpc64/bits/wordsize.h +index 04ca9debf0..6993fb6b29 100644 +--- a/sysdeps/powerpc/powerpc64/bits/wordsize.h ++++ b/sysdeps/powerpc/powerpc64/bits/wordsize.h +@@ -2,10 +2,9 @@ + + #if defined __powerpc64__ + # define __WORDSIZE 64 +-# define __WORDSIZE_TIME64_COMPAT32 1 + #else + # define __WORDSIZE 32 +-# define __WORDSIZE_TIME64_COMPAT32 0 + # define __WORDSIZE32_SIZE_ULONG 0 + # define __WORDSIZE32_PTRDIFF_LONG 0 + #endif ++#define __WORDSIZE_TIME64_COMPAT32 1 +diff --git a/sysdeps/sh/bits/wordsize.h b/sysdeps/sh/bits/wordsize.h +new file mode 100644 +index 0000000000..6ecbfe7c86 +--- /dev/null ++++ b/sysdeps/sh/bits/wordsize.h +@@ -0,0 +1,21 @@ ++/* Copyright (C) 1999-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 +diff --git a/sysdeps/sparc/sparc32/bits/wordsize.h b/sysdeps/sparc/sparc32/bits/wordsize.h +index 4bbd2e63b4..a2e79e0fa9 100644 +--- a/sysdeps/sparc/sparc32/bits/wordsize.h ++++ b/sysdeps/sparc/sparc32/bits/wordsize.h +@@ -1,6 +1,6 @@ + /* Determine the wordsize from the preprocessor defines. */ + + #define __WORDSIZE 32 +-#define __WORDSIZE_TIME64_COMPAT32 0 ++#define __WORDSIZE_TIME64_COMPAT32 1 + #define __WORDSIZE32_SIZE_ULONG 0 + #define __WORDSIZE32_PTRDIFF_LONG 0 +diff --git a/sysdeps/sparc/sparc64/bits/wordsize.h b/sysdeps/sparc/sparc64/bits/wordsize.h +index 2f66f10d72..ea103e5970 100644 +--- a/sysdeps/sparc/sparc64/bits/wordsize.h ++++ b/sysdeps/sparc/sparc64/bits/wordsize.h +@@ -2,10 +2,9 @@ + + #if defined __arch64__ || defined __sparcv9 + # define __WORDSIZE 64 +-# define __WORDSIZE_TIME64_COMPAT32 1 + #else + # define __WORDSIZE 32 +-# define __WORDSIZE_TIME64_COMPAT32 0 + # define __WORDSIZE32_SIZE_ULONG 0 + # define __WORDSIZE32_PTRDIFF_LONG 0 + #endif ++#define __WORDSIZE_TIME64_COMPAT32 1 +diff --git a/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h b/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h +new file mode 100644 +index 0000000000..6ecbfe7c86 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h +@@ -0,0 +1,21 @@ ++/* Copyright (C) 1999-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 +diff --git a/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h b/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h +index 04ca9debf0..6993fb6b29 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h ++++ b/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h +@@ -2,10 +2,9 @@ + + #if defined __powerpc64__ + # define __WORDSIZE 64 +-# define __WORDSIZE_TIME64_COMPAT32 1 + #else + # define __WORDSIZE 32 +-# define __WORDSIZE_TIME64_COMPAT32 0 + # define __WORDSIZE32_SIZE_ULONG 0 + # define __WORDSIZE32_PTRDIFF_LONG 0 + #endif ++#define __WORDSIZE_TIME64_COMPAT32 1 +diff --git a/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h b/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h +index 7562875ee2..ea103e5970 100644 +--- a/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h ++++ b/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h +@@ -2,10 +2,9 @@ + + #if defined __arch64__ || defined __sparcv9 + # define __WORDSIZE 64 +-# define __WORDSIZE_TIME64_COMPAT32 1 + #else + # define __WORDSIZE 32 + # define __WORDSIZE32_SIZE_ULONG 0 + # define __WORDSIZE32_PTRDIFF_LONG 0 +-# define __WORDSIZE_TIME64_COMPAT32 0 + #endif ++#define __WORDSIZE_TIME64_COMPAT32 1 +diff --git a/sysdeps/x86/bits/wordsize.h b/sysdeps/x86/bits/wordsize.h +index 70f652bca1..3f40aa76f9 100644 +--- a/sysdeps/x86/bits/wordsize.h ++++ b/sysdeps/x86/bits/wordsize.h +@@ -8,10 +8,9 @@ + #define __WORDSIZE32_PTRDIFF_LONG 0 + #endif + ++#define __WORDSIZE_TIME64_COMPAT32 1 ++ + #ifdef __x86_64__ +-# define __WORDSIZE_TIME64_COMPAT32 1 + /* Both x86-64 and x32 use the 64-bit system call interface. */ + # define __SYSCALL_WORDSIZE 64 +-#else +-# define __WORDSIZE_TIME64_COMPAT32 0 + #endif +-- +2.33.0 + diff --git a/0018-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch b/0018-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch new file mode 100644 index 0000000..0aeaa18 --- /dev/null +++ b/0018-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch @@ -0,0 +1,55 @@ +From decc9f504ae78bbee6faa49b9bca71c7eae62ea9 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 23 Apr 2024 21:16:32 +0200 +Subject: [PATCH 18/26] nptl: Fix tst-cancel30 on kernels without ppoll_time64 + support + +Fall back to ppoll if ppoll_time64 fails with ENOSYS. +Fixes commit 370da8a121c3ba9eeb2f13da15fc0f21f4136b25 ("nptl: Fix +tst-cancel30 on sparc64"). + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit f4724843ada64a51d66f65d3199fe431f9d4c254) +--- + sysdeps/pthread/tst-cancel30.c | 15 +++++++++++---- + 1 file changed, 11 insertions(+), 4 deletions(-) + +diff --git a/sysdeps/pthread/tst-cancel30.c b/sysdeps/pthread/tst-cancel30.c +index ff803386be..ace925ca67 100644 +--- a/sysdeps/pthread/tst-cancel30.c ++++ b/sysdeps/pthread/tst-cancel30.c +@@ -18,6 +18,7 @@ + License along with the GNU C Library; if not, see + . */ + ++#include + #include + #include + #include +@@ -46,13 +47,19 @@ tf (void *arg) + + /* Wait indefinitely for cancellation, which only works if asynchronous + cancellation is enabled. */ +-#if defined SYS_ppoll || defined SYS_ppoll_time64 +-# ifndef SYS_ppoll_time64 +-# define SYS_ppoll_time64 SYS_ppoll ++#ifdef SYS_ppoll_time64 ++ long int ret = syscall (SYS_ppoll_time64, NULL, 0, NULL, NULL); ++ (void) ret; ++# ifdef SYS_ppoll ++ if (ret == -1 && errno == ENOSYS) ++ syscall (SYS_ppoll, NULL, 0, NULL, NULL); + # endif +- syscall (SYS_ppoll_time64, NULL, 0, NULL, NULL); + #else ++# ifdef SYS_ppoll ++ syscall (SYS_ppoll, NULL, 0, NULL, NULL); ++# else + for (;;); ++# endif + #endif + + return 0; +-- +2.33.0 + diff --git a/0019-i386-ulp-update-for-SSE2-disable-multi-arch-configur.patch b/0019-i386-ulp-update-for-SSE2-disable-multi-arch-configur.patch new file mode 100644 index 0000000..8acf758 --- /dev/null +++ b/0019-i386-ulp-update-for-SSE2-disable-multi-arch-configur.patch @@ -0,0 +1,26 @@ +From 29e20bd1222cb69dcc6827e899ce7181090052dc Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 25 Apr 2024 12:56:48 +0200 +Subject: [PATCH 19/26] i386: ulp update for SSE2 --disable-multi-arch + configurations + +(cherry picked from commit 3a3a4497421422aa854c855cbe5110ca7d598ffc) +--- + sysdeps/i386/fpu/libm-test-ulps | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/sysdeps/i386/fpu/libm-test-ulps b/sysdeps/i386/fpu/libm-test-ulps +index 84e6686eba..f2139fc172 100644 +--- a/sysdeps/i386/fpu/libm-test-ulps ++++ b/sysdeps/i386/fpu/libm-test-ulps +@@ -1232,6 +1232,7 @@ ldouble: 6 + + Function: "hypot": + double: 1 ++float: 1 + float128: 1 + ldouble: 1 + +-- +2.33.0 + diff --git a/0020-x86-Add-cache-information-support-for-Hygon-processo.patch b/0020-x86-Add-cache-information-support-for-Hygon-processo.patch index 419a229..fa22e41 100644 --- a/0020-x86-Add-cache-information-support-for-Hygon-processo.patch +++ b/0020-x86-Add-cache-information-support-for-Hygon-processo.patch @@ -1,7 +1,7 @@ -From 2f0279349ee27ca438a26c394c3d86d0cf016909 Mon Sep 17 00:00:00 2001 +From daa15a5bffc436cf7b943b306c85c90ce8bb369e Mon Sep 17 00:00:00 2001 From: Feifei Wang Date: Mon, 19 Aug 2024 14:57:54 +0800 -Subject: [PATCH 03/13] x86: Add cache information support for Hygon processors +Subject: [PATCH 02/10] x86: Add cache information support for Hygon processors Add hygon branch in dl_init_cacheinfo function to initialize cache size variables for hygon processors. In the meanwhile, @@ -15,10 +15,10 @@ Reviewed-by: H.J. Lu 1 file changed, 60 insertions(+) diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h -index cd4d0351ae..bccff2d346 100644 +index 7b5ed210ca..85c404dd26 100644 --- a/sysdeps/x86/dl-cacheinfo.h +++ b/sysdeps/x86/dl-cacheinfo.h -@@ -406,6 +406,48 @@ handle_zhaoxin (int name) +@@ -567,6 +567,48 @@ handle_zhaoxin (int name) return 0; } @@ -67,9 +67,9 @@ index cd4d0351ae..bccff2d346 100644 static void get_common_cache_info (long int *shared_ptr, long int * shared_per_thread_ptr, unsigned int *threads_ptr, long int core) -@@ -724,6 +766,24 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - if (shared_per_thread <= 0) - shared_per_thread = shared; +@@ -890,6 +932,24 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + + shared_per_thread = shared; } + else if (cpu_features->basic.kind == arch_kind_hygon) + { diff --git a/0021-x86-Fix-Zen3-Zen4-ERMS-selection-BZ-30994.patch b/0021-x86-Fix-Zen3-Zen4-ERMS-selection-BZ-30994.patch index c218b39..3d77226 100644 --- a/0021-x86-Fix-Zen3-Zen4-ERMS-selection-BZ-30994.patch +++ b/0021-x86-Fix-Zen3-Zen4-ERMS-selection-BZ-30994.patch @@ -1,7 +1,7 @@ -From 7ba2a914293db0b86de3ba48103c3b3e1b38fc3e Mon Sep 17 00:00:00 2001 +From f1ea6401d790764e4fcf02c6fb28e69841c25640 Mon Sep 17 00:00:00 2001 From: Adhemerval Zanella Date: Thu, 8 Feb 2024 10:08:38 -0300 -Subject: [PATCH 04/13] x86: Fix Zen3/Zen4 ERMS selection (BZ 30994) +Subject: [PATCH 03/10] x86: Fix Zen3/Zen4 ERMS selection (BZ 30994) The REP MOVSB usage on memcpy/memmove does not show much performance improvement on Zen3/Zen4 cores compared to the vectorized loops. Also, @@ -17,14 +17,14 @@ sharing the cache. Checked on x86_64-linux-gnu on Zen3. Reviewed-by: H.J. Lu --- - sysdeps/x86/dl-cacheinfo.h | 45 +++++++++++++++++++++----------------- - 1 file changed, 25 insertions(+), 20 deletions(-) + sysdeps/x86/dl-cacheinfo.h | 38 ++++++++++++++++++-------------------- + 1 file changed, 18 insertions(+), 20 deletions(-) diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h -index bccff2d346..55db3dfaa4 100644 +index 85c404dd26..ce2e6927e4 100644 --- a/sysdeps/x86/dl-cacheinfo.h +++ b/sysdeps/x86/dl-cacheinfo.h -@@ -673,7 +673,6 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -833,7 +833,6 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) long int data = -1; long int shared = -1; long int shared_per_thread = -1; @@ -32,7 +32,7 @@ index bccff2d346..55db3dfaa4 100644 unsigned int threads = 0; unsigned long int level1_icache_size = -1; unsigned long int level1_icache_linesize = -1; -@@ -691,7 +690,6 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -851,7 +850,6 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) if (cpu_features->basic.kind == arch_kind_intel) { data = handle_intel (_SC_LEVEL1_DCACHE_SIZE, cpu_features); @@ -40,7 +40,7 @@ index bccff2d346..55db3dfaa4 100644 shared = handle_intel (_SC_LEVEL3_CACHE_SIZE, cpu_features); shared_per_thread = shared; -@@ -704,7 +702,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -864,7 +862,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) = handle_intel (_SC_LEVEL1_DCACHE_ASSOC, cpu_features); level1_dcache_linesize = handle_intel (_SC_LEVEL1_DCACHE_LINESIZE, cpu_features); @@ -50,7 +50,7 @@ index bccff2d346..55db3dfaa4 100644 level2_cache_assoc = handle_intel (_SC_LEVEL2_CACHE_ASSOC, cpu_features); level2_cache_linesize -@@ -717,12 +716,12 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -877,12 +876,12 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) level4_cache_size = handle_intel (_SC_LEVEL4_CACHE_SIZE, cpu_features); @@ -65,7 +65,7 @@ index bccff2d346..55db3dfaa4 100644 shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE); shared_per_thread = shared; -@@ -731,19 +730,19 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -891,19 +890,19 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) level1_dcache_size = data; level1_dcache_assoc = handle_zhaoxin (_SC_LEVEL1_DCACHE_ASSOC); level1_dcache_linesize = handle_zhaoxin (_SC_LEVEL1_DCACHE_LINESIZE); @@ -86,9 +86,9 @@ index bccff2d346..55db3dfaa4 100644 data = handle_amd (_SC_LEVEL1_DCACHE_SIZE); - core = handle_amd (_SC_LEVEL2_CACHE_SIZE); shared = handle_amd (_SC_LEVEL3_CACHE_SIZE); - shared_per_thread = shared; -@@ -752,7 +751,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE); +@@ -911,7 +910,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) level1_dcache_size = data; level1_dcache_assoc = handle_amd (_SC_LEVEL1_DCACHE_ASSOC); level1_dcache_linesize = handle_amd (_SC_LEVEL1_DCACHE_LINESIZE); @@ -97,25 +97,22 @@ index bccff2d346..55db3dfaa4 100644 level2_cache_assoc = handle_amd (_SC_LEVEL2_CACHE_ASSOC); level2_cache_linesize = handle_amd (_SC_LEVEL2_CACHE_LINESIZE); level3_cache_size = shared; -@@ -760,8 +759,15 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - level3_cache_linesize = handle_amd (_SC_LEVEL3_CACHE_LINESIZE); - +@@ -922,12 +921,12 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) if (shared <= 0) -- /* No shared L3 cache. All we have is the L2 cache. */ -- shared = core; -+ { -+ /* No shared L3 cache. All we have is the L2 cache. */ + { + /* No shared L3 cache. All we have is the L2 cache. */ +- shared = core; + shared = level2_cache_size; -+ } -+ else if (cpu_features->basic.family < 0x17) -+ { -+ /* Account for exclusive L2 and L3 caches. */ + } + else if (cpu_features->basic.family < 0x17) + { + /* Account for exclusive L2 and L3 caches. */ +- shared += core; + shared += level2_cache_size; -+ } + } - if (shared_per_thread <= 0) - shared_per_thread = shared; -@@ -881,6 +887,12 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + shared_per_thread = shared; +@@ -1049,6 +1048,12 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) if (CPU_FEATURE_USABLE_P (cpu_features, FSRM)) rep_movsb_threshold = 2112; @@ -128,7 +125,7 @@ index bccff2d346..55db3dfaa4 100644 /* The default threshold to use Enhanced REP STOSB. */ unsigned long int rep_stosb_threshold = 2048; -@@ -922,16 +934,9 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -1090,16 +1095,9 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) SIZE_MAX); unsigned long int rep_movsb_stop_threshold; diff --git a/0022-x86-Improve-large-memset-perf-with-non-temporal-stor.patch b/0022-x86-Improve-large-memset-perf-with-non-temporal-stor.patch index d9daceb..abd7fdf 100644 --- a/0022-x86-Improve-large-memset-perf-with-non-temporal-stor.patch +++ b/0022-x86-Improve-large-memset-perf-with-non-temporal-stor.patch @@ -1,7 +1,7 @@ -From 2dc68d161248c05676530a07625fea46a771c1d4 Mon Sep 17 00:00:00 2001 +From 04b8d484323b2ff18b3422c4b883ef4cb6281c53 Mon Sep 17 00:00:00 2001 From: Noah Goldstein Date: Fri, 24 May 2024 12:38:50 -0500 -Subject: [PATCH 05/13] x86: Improve large memset perf with non-temporal stores +Subject: [PATCH] x86: Improve large memset perf with non-temporal stores [RHEL-29312] Previously we use `rep stosb` for all medium/large memsets. This is @@ -57,7 +57,7 @@ Reviewed-by: H.J. Lu 1 file changed, 91 insertions(+), 56 deletions(-) diff --git a/sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S b/sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S -index 3d9ad49cb9..2b2c9890e3 100644 +index 0f0636b90f..aba45e3da0 100644 --- a/sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S +++ b/sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S @@ -21,8 +21,13 @@ @@ -250,5 +250,5 @@ index 3d9ad49cb9..2b2c9890e3 100644 + +END(MEMSET_SYMBOL(__memset, unaligned_erms)) -- -2.17.1 +2.27.0 diff --git a/0024-elf-Also-compile-dl-misc.os-with-rtld-early-cflags.patch b/0024-elf-Also-compile-dl-misc.os-with-rtld-early-cflags.patch new file mode 100644 index 0000000..8233425 --- /dev/null +++ b/0024-elf-Also-compile-dl-misc.os-with-rtld-early-cflags.patch @@ -0,0 +1,54 @@ +From e9f05fa1c62c8044ff025963498063f73eb51c5f Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Thu, 25 Apr 2024 08:06:52 -0700 +Subject: [PATCH 24/26] elf: Also compile dl-misc.os with $(rtld-early-cflags) + +Also compile dl-misc.os with $(rtld-early-cflags) to avoid + +Program received signal SIGILL, Illegal instruction. +0x00007ffff7fd36ea in _dl_strtoul (nptr=nptr@entry=0x7fffffffe2c9 "2", + endptr=endptr@entry=0x7fffffffd728) at dl-misc.c:156 +156 bool positive = true; +(gdb) bt + #0 0x00007ffff7fd36ea in _dl_strtoul (nptr=nptr@entry=0x7fffffffe2c9 "2", + endptr=endptr@entry=0x7fffffffd728) at dl-misc.c:156 + #1 0x00007ffff7fdb1a9 in tunable_initialize ( + cur=cur@entry=0x7ffff7ffbc00 , + strval=strval@entry=0x7fffffffe2c9 "2", len=len@entry=1) + at dl-tunables.c:131 + #2 0x00007ffff7fdb3a2 in parse_tunables (valstring=) + at dl-tunables.c:258 + #3 0x00007ffff7fdb5d9 in __GI___tunables_init (envp=0x7fffffffdd58) + at dl-tunables.c:288 + #4 0x00007ffff7fe44c3 in _dl_sysdep_start ( + start_argptr=start_argptr@entry=0x7fffffffdcb0, + dl_main=dl_main@entry=0x7ffff7fe5f80 ) + at ../sysdeps/unix/sysv/linux/dl-sysdep.c:110 + #5 0x00007ffff7fe5cae in _dl_start_final (arg=0x7fffffffdcb0) at rtld.c:494 + #6 _dl_start (arg=0x7fffffffdcb0) at rtld.c:581 + #7 0x00007ffff7fe4b38 in _start () +(gdb) + +when setting GLIBC_TUNABLES in glibc compiled with APX. +Reviewed-by: Florian Weimer + +(cherry picked from commit 049b7684c912dd32b67b1b15b0f43bf07d5f512e) +--- + elf/Makefile | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/elf/Makefile b/elf/Makefile +index 1a05a6aaca..c2af11b92c 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -166,6 +166,7 @@ CFLAGS-.op += $(call elide-stack-protector,.op,$(elide-routines.os)) + CFLAGS-.os += $(call elide-stack-protector,.os,$(all-rtld-routines)) + + # Add the requested compiler flags to the early startup code. ++CFLAGS-dl-misc.os += $(rtld-early-cflags) + CFLAGS-dl-printf.os += $(rtld-early-cflags) + CFLAGS-dl-setup_hash.os += $(rtld-early-cflags) + CFLAGS-dl-sysdep.os += $(rtld-early-cflags) +-- +2.33.0 + diff --git a/0025-nscd-Use-time_t-for-return-type-of-addgetnetgrentX.patch b/0025-nscd-Use-time_t-for-return-type-of-addgetnetgrentX.patch new file mode 100644 index 0000000..dd97d37 --- /dev/null +++ b/0025-nscd-Use-time_t-for-return-type-of-addgetnetgrentX.patch @@ -0,0 +1,36 @@ +From f510d75ff7f7405328853bd67b75f6847dfe9d31 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 2 May 2024 17:06:19 +0200 +Subject: [PATCH 25/26] nscd: Use time_t for return type of addgetnetgrentX + +Using int may give false results for future dates (timeouts after the +year 2028). + +Fixes commit 04a21e050d64a1193a6daab872bca2528bda44b ("CVE-2024-33601, +CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX +(bug 31680)"). + +Reviewed-by: Carlos O'Donell +(cherry picked from commit 4bbca1a44691a6e9adcee5c6798a707b626bc331) +--- + nscd/netgroupcache.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c +index cc4e270c1f..a63b260fdb 100644 +--- a/nscd/netgroupcache.c ++++ b/nscd/netgroupcache.c +@@ -680,8 +680,8 @@ readdinnetgr (struct database_dyn *db, struct hashentry *he, + .key_len = he->len + }; + +- int timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner, +- he, dh); ++ time_t timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner, ++ he, dh); + if (timeout < 0) + timeout = 0; + return timeout; +-- +2.33.0 + diff --git a/0026-resolv-Fix-some-unaligned-accesses-in-resolver-BZ-30.patch b/0026-resolv-Fix-some-unaligned-accesses-in-resolver-BZ-30.patch new file mode 100644 index 0000000..38d2a39 --- /dev/null +++ b/0026-resolv-Fix-some-unaligned-accesses-in-resolver-BZ-30.patch @@ -0,0 +1,57 @@ +From 5aa4bb67b9cbd334789199c03c9d30b90662a313 Mon Sep 17 00:00:00 2001 +From: John David Anglin +Date: Wed, 13 Sep 2023 11:04:41 +0000 +Subject: [PATCH 26/26] resolv: Fix some unaligned accesses in resolver [BZ + #30750] + +Signed-off-by: John David Anglin +--- + resolv/res_nameinquery.c | 3 ++- + resolv/res_queriesmatch.c | 3 ++- + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/resolv/res_nameinquery.c b/resolv/res_nameinquery.c +index 24172700e1..ca56bc9283 100644 +--- a/resolv/res_nameinquery.c ++++ b/resolv/res_nameinquery.c +@@ -84,6 +84,7 @@ + + #include + #include ++#include + + /* Author: paul vixie, 29may94. */ + int +@@ -91,7 +92,7 @@ __libc_res_nameinquery (const char *name, int type, int class, + const unsigned char *buf, const unsigned char *eom) + { + const unsigned char *cp = buf + HFIXEDSZ; +- int qdcount = ntohs (((HEADER *) buf)->qdcount); ++ int qdcount = ntohs (((UHEADER *) buf)->qdcount); + + while (qdcount-- > 0) + { +diff --git a/resolv/res_queriesmatch.c b/resolv/res_queriesmatch.c +index 13a6936c47..ba1c1d0c0c 100644 +--- a/resolv/res_queriesmatch.c ++++ b/resolv/res_queriesmatch.c +@@ -83,6 +83,7 @@ + */ + + #include ++#include + + /* Author: paul vixie, 29may94. */ + int +@@ -102,7 +103,7 @@ __libc_res_queriesmatch (const unsigned char *buf1, const unsigned char *eom1, + order. We can compare it with the second buffer's QDCOUNT + value without doing this. */ + int qdcount = ((HEADER *) buf1)->qdcount; +- if (qdcount != ((HEADER *) buf2)->qdcount) ++ if (qdcount != ((UHEADER *) buf2)->qdcount) + return 0; + + qdcount = htons (qdcount); +-- +2.33.0 + diff --git a/0030-x86-Only-align-destination-to-1x-VEC_SIZE-in-memset-.patch b/0030-x86-Only-align-destination-to-1x-VEC_SIZE-in-memset-.patch index 7c366d3..0e870fe 100644 --- a/0030-x86-Only-align-destination-to-1x-VEC_SIZE-in-memset-.patch +++ b/0030-x86-Only-align-destination-to-1x-VEC_SIZE-in-memset-.patch @@ -1,7 +1,7 @@ -From f4217529cce4382c40ab563b448266d4ba363c67 Mon Sep 17 00:00:00 2001 +From 5a64f933655384477d85122c6855dc6d84061810 Mon Sep 17 00:00:00 2001 From: Noah Goldstein Date: Wed, 1 Nov 2023 15:30:26 -0500 -Subject: [PATCH 13/13] x86: Only align destination to 1x VEC_SIZE in memset 4x +Subject: [PATCH] x86: Only align destination to 1x VEC_SIZE in memset 4x loop Current code aligns to 2x VEC_SIZE. Aligning to 2x has no affect on @@ -10,15 +10,17 @@ iteration of the loop. 1x maintains aligned stores (the only reason to align in this case) and doesn't incur any unnecessary loop iterations. Reviewed-by: Sunil K Pandey + +(cherry picked from commit 9469261cf1924d350feeec64d2c80cafbbdcdd4d) --- sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S b/sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S -index 02c6df9e55..d95750b516 100644 +index 3d9ad49cb9..0f0636b90f 100644 --- a/sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S +++ b/sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S -@@ -285,7 +285,7 @@ L(more_2x_vec): +@@ -293,7 +293,7 @@ L(more_2x_vec): leaq (VEC_SIZE * 4)(%rax), %LOOP_REG #endif /* Align dst for loop. */ @@ -28,5 +30,5 @@ index 02c6df9e55..d95750b516 100644 L(loop): VMOVA %VMM(0), LOOP_4X_OFFSET(%LOOP_REG) -- -2.17.1 +2.27.0 diff --git a/1bdce2545588a837f4b6715a90f5a22f9fc99c46.patch b/1bdce2545588a837f4b6715a90f5a22f9fc99c46.patch index d7ac67c..74c3c78 100644 --- a/1bdce2545588a837f4b6715a90f5a22f9fc99c46.patch +++ b/1bdce2545588a837f4b6715a90f5a22f9fc99c46.patch @@ -1,8 +1,8 @@ From 1bdce2545588a837f4b6715a90f5a22f9fc99c46 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Fri, 1 Aug 2025 12:19:49 +0200 -Subject: [PATCH] elf: Handle ld.so with LOAD segment gaps in _dl_find_object - (bug 31943) +Subject: [PATCH] elf: Handle ld.so with LOAD segment gaps in + _dl_find_object (bug 31943) Detect if ld.so not contiguous and handle that case in _dl_find_object. Set l_find_object_processed even for initially loaded link maps, @@ -42,8 +42,20 @@ Reviewed-by: Adhemerval Zanella create mode 100644 elf/tst-link-map-contiguous-libc.c create mode 100644 elf/tst-link-map-contiguous-main.c +diff --git a/NEWS b/NEWS +index cbc15745f5..41c48e1997 100644 +--- a/NEWS ++++ b/NEWS +@@ -60,6 +60,7 @@ The following bugs are resolved with this release: + [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic + [31476] resolv: Track single-request fallback via _res._flags + [31890] resolv: Allow short error responses to match any DNS query ++ [31943] _dl_find_object can fail if ld.so contains gaps between load segments + [31965] rseq extension mechanism does not work as intended + [31968] mremap implementation in C does not handle arguments correctly + [32052] Name space violation in fortify wrappers diff --git a/elf/Makefile b/elf/Makefile -index ff14e80900e..098d9a15b7d 100644 +index ff14e80900..098d9a15b7 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -497,6 +497,8 @@ tests-internal += \ @@ -67,7 +79,7 @@ index ff14e80900e..098d9a15b7d 100644 tst-dlopen-self-container \ tst-dlopen-tlsmodid-container \ diff --git a/elf/dl-find_object.c b/elf/dl-find_object.c -index c1390ee10f3..d750d58bfaa 100644 +index c1390ee10f..d750d58bfa 100644 --- a/elf/dl-find_object.c +++ b/elf/dl-find_object.c @@ -465,6 +465,37 @@ _dl_find_object (void *pc1, struct dl_find_object *result) @@ -177,7 +189,7 @@ index c1390ee10f3..d750d58bfaa 100644 } diff --git a/elf/dl-find_object.h b/elf/dl-find_object.h -index 87c94606191..b6ce6140be0 100644 +index 87c9460619..b6ce6140be 100644 --- a/elf/dl-find_object.h +++ b/elf/dl-find_object.h @@ -87,7 +87,7 @@ _dl_find_object_to_external (struct dl_find_object_internal *internal, @@ -199,7 +211,7 @@ index 87c94606191..b6ce6140be0 100644 ph < ph_end; ++ph) if (ph->p_type == DLFO_EH_SEGMENT_TYPE) diff --git a/elf/rtld.c b/elf/rtld.c -index 8b7b0ff4841..e1c7e7fcfb6 100644 +index 8b7b0ff484..e1c7e7fcfb 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -1292,7 +1292,7 @@ rtld_setup_main_map (struct link_map *main_map) @@ -243,7 +255,7 @@ index 8b7b0ff4841..e1c7e7fcfb6 100644 while (cnt-- > 0) diff --git a/elf/tst-link-map-contiguous-ldso.c b/elf/tst-link-map-contiguous-ldso.c new file mode 100644 -index 00000000000..04de808bb23 +index 0000000000..04de808bb2 --- /dev/null +++ b/elf/tst-link-map-contiguous-ldso.c @@ -0,0 +1,98 @@ @@ -347,7 +359,7 @@ index 00000000000..04de808bb23 +#include diff --git a/elf/tst-link-map-contiguous-libc.c b/elf/tst-link-map-contiguous-libc.c new file mode 100644 -index 00000000000..eb5728c765a +index 0000000000..eb5728c765 --- /dev/null +++ b/elf/tst-link-map-contiguous-libc.c @@ -0,0 +1,57 @@ @@ -410,7 +422,7 @@ index 00000000000..eb5728c765a +#include diff --git a/elf/tst-link-map-contiguous-main.c b/elf/tst-link-map-contiguous-main.c new file mode 100644 -index 00000000000..2d1a054f0fb +index 0000000000..2d1a054f0f --- /dev/null +++ b/elf/tst-link-map-contiguous-main.c @@ -0,0 +1,45 @@ @@ -459,3 +471,6 @@ index 00000000000..2d1a054f0fb + return 0; +} +#include +-- +2.27.0 + diff --git a/2ce5eb61fc2845b7f80dba7c56bd7f7a55b63a59.patch b/2ce5eb61fc2845b7f80dba7c56bd7f7a55b63a59.patch new file mode 100644 index 0000000..ddb0a79 --- /dev/null +++ b/2ce5eb61fc2845b7f80dba7c56bd7f7a55b63a59.patch @@ -0,0 +1,259 @@ +From 2ce5eb61fc2845b7f80dba7c56bd7f7a55b63a59 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Mon, 18 Mar 2024 06:40:16 -0700 +Subject: [PATCH] x86-64: Allocate state buffer space for RDI, RSI and + RBX + +_dl_tlsdesc_dynamic preserves RDI, RSI and RBX before realigning stack. +After realigning stack, it saves RCX, RDX, R8, R9, R10 and R11. Define +TLSDESC_CALL_REGISTER_SAVE_AREA to allocate space for RDI, RSI and RBX +to avoid clobbering saved RDI, RSI and RBX values on stack by xsave to +STATE_SAVE_OFFSET(%rsp). + + +==================+<- stack frame start aligned at 8 or 16 bytes + | |<- RDI saved in the red zone + | |<- RSI saved in the red zone + | |<- RBX saved in the red zone + | |<- paddings for stack realignment of 64 bytes + |------------------|<- xsave buffer end aligned at 64 bytes + | |<- + | |<- + | |<- + |------------------|<- xsave buffer start at STATE_SAVE_OFFSET(%rsp) + | |<- 8-byte padding for 64-byte alignment + | |<- 8-byte padding for 64-byte alignment + | |<- R11 + | |<- R10 + | |<- R9 + | |<- R8 + | |<- RDX + | |<- RCX + +==================+<- RSP aligned at 64 bytes + +Define TLSDESC_CALL_REGISTER_SAVE_AREA, the total register save area size +for all integer registers by adding 24 to STATE_SAVE_OFFSET since RDI, RSI +and RBX are saved onto stack without adjusting stack pointer first, using +the red-zone. This fixes BZ #31501. +Reviewed-by: Sunil K Pandey + +(cherry picked from commit 717ebfa85c8240d32d0d19d86a484c31c55c9617) +--- + sysdeps/x86/cpu-features.c | 11 ++-- + sysdeps/x86/sysdep.h | 60 ++++++++++++++++++--- + sysdeps/x86_64/tst-gnu2-tls2mod1.S | 87 ++++++++++++++++++++++++++++++ + 3 files changed, 147 insertions(+), 11 deletions(-) + create mode 100644 sysdeps/x86_64/tst-gnu2-tls2mod1.S + +diff --git a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c +index c693b8a25a..4b75d3bcf2 100644 +--- a/sysdeps/x86/cpu-features.c ++++ b/sysdeps/x86/cpu-features.c +@@ -265,7 +265,7 @@ update_active (struct cpu_features *cpu_features) + /* NB: On AMX capable processors, ebx always includes AMX + states. */ + unsigned int xsave_state_full_size +- = ALIGN_UP (ebx + STATE_SAVE_OFFSET, 64); ++ = ALIGN_UP (ebx + TLSDESC_CALL_REGISTER_SAVE_AREA, 64); + + cpu_features->xsave_state_size + = xsave_state_full_size; +@@ -355,8 +355,10 @@ update_active (struct cpu_features *cpu_features) + unsigned int amx_size + = (xstate_amx_comp_offsets[31] + + xstate_amx_comp_sizes[31]); +- amx_size = ALIGN_UP (amx_size + STATE_SAVE_OFFSET, +- 64); ++ amx_size ++ = ALIGN_UP ((amx_size ++ + TLSDESC_CALL_REGISTER_SAVE_AREA), ++ 64); + /* Set xsave_state_full_size to the compact AMX + state size for XSAVEC. NB: xsave_state_full_size + is only used in _dl_tlsdesc_dynamic_xsave and +@@ -364,7 +366,8 @@ update_active (struct cpu_features *cpu_features) + cpu_features->xsave_state_full_size = amx_size; + #endif + cpu_features->xsave_state_size +- = ALIGN_UP (size + STATE_SAVE_OFFSET, 64); ++ = ALIGN_UP (size + TLSDESC_CALL_REGISTER_SAVE_AREA, ++ 64); + CPU_FEATURE_SET (cpu_features, XSAVEC); + } + } +diff --git a/sysdeps/x86/sysdep.h b/sysdeps/x86/sysdep.h +index e41e5401f0..9dab03a488 100644 +--- a/sysdeps/x86/sysdep.h ++++ b/sysdeps/x86/sysdep.h +@@ -38,14 +38,59 @@ + #ifdef __x86_64__ + /* Offset for fxsave/xsave area used by _dl_runtime_resolve. Also need + space to preserve RCX, RDX, RSI, RDI, R8, R9 and RAX. It must be +- aligned to 16 bytes for fxsave and 64 bytes for xsave. +- +- NB: Is is non-zero because of the 128-byte red-zone. Some registers +- are saved on stack without adjusting stack pointer first. When we +- update stack pointer to allocate more space, we need to take the +- red-zone into account. */ ++ aligned to 16 bytes for fxsave and 64 bytes for xsave. It is non-zero ++ because MOV, instead of PUSH, is used to save registers onto stack. ++ ++ +==================+<- stack frame start aligned at 8 or 16 bytes ++ | |<- paddings for stack realignment of 64 bytes ++ |------------------|<- xsave buffer end aligned at 64 bytes ++ | |<- ++ | |<- ++ | |<- ++ |------------------|<- xsave buffer start at STATE_SAVE_OFFSET(%rsp) ++ | |<- 8-byte padding for 64-byte alignment ++ | |<- R9 ++ | |<- R8 ++ | |<- RDI ++ | |<- RSI ++ | |<- RDX ++ | |<- RCX ++ | |<- RAX ++ +==================+<- RSP aligned at 64 bytes ++ ++ */ + # define STATE_SAVE_OFFSET (8 * 7 + 8) + ++/* _dl_tlsdesc_dynamic preserves RDI, RSI and RBX before realigning ++ stack. After realigning stack, it saves RCX, RDX, R8, R9, R10 and ++ R11. Allocate space for RDI, RSI and RBX to avoid clobbering saved ++ RDI, RSI and RBX values on stack by xsave. ++ ++ +==================+<- stack frame start aligned at 8 or 16 bytes ++ | |<- RDI saved in the red zone ++ | |<- RSI saved in the red zone ++ | |<- RBX saved in the red zone ++ | |<- paddings for stack realignment of 64 bytes ++ |------------------|<- xsave buffer end aligned at 64 bytes ++ | |<- ++ | |<- ++ | |<- ++ |------------------|<- xsave buffer start at STATE_SAVE_OFFSET(%rsp) ++ | |<- 8-byte padding for 64-byte alignment ++ | |<- 8-byte padding for 64-byte alignment ++ | |<- R11 ++ | |<- R10 ++ | |<- R9 ++ | |<- R8 ++ | |<- RDX ++ | |<- RCX ++ +==================+<- RSP aligned at 64 bytes ++ ++ Define the total register save area size for all integer registers by ++ adding 24 to STATE_SAVE_OFFSET since RDI, RSI and RBX are saved onto ++ stack without adjusting stack pointer first, using the red-zone. */ ++# define TLSDESC_CALL_REGISTER_SAVE_AREA (STATE_SAVE_OFFSET + 24) ++ + /* Save SSE, AVX, AVX512, mask, bound and APX registers. Bound and APX + registers are mutually exclusive. */ + # define STATE_SAVE_MASK \ +@@ -66,8 +111,9 @@ + (STATE_SAVE_MASK | AMX_STATE_SAVE_MASK) + #else + /* Offset for fxsave/xsave area used by _dl_tlsdesc_dynamic. Since i386 +- doesn't have red-zone, use 0 here. */ ++ uses PUSH to save registers onto stack, use 0 here. */ + # define STATE_SAVE_OFFSET 0 ++# define TLSDESC_CALL_REGISTER_SAVE_AREA 0 + + /* Save SSE, AVX, AXV512, mask and bound registers. */ + # define STATE_SAVE_MASK \ +diff --git a/sysdeps/x86_64/tst-gnu2-tls2mod1.S b/sysdeps/x86_64/tst-gnu2-tls2mod1.S +new file mode 100644 +index 0000000000..1d636669ba +--- /dev/null ++++ b/sysdeps/x86_64/tst-gnu2-tls2mod1.S +@@ -0,0 +1,87 @@ ++/* Check if TLSDESC relocation preserves %rdi, %rsi and %rbx. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++/* On AVX512 machines, OFFSET == 40 caused _dl_tlsdesc_dynamic_xsavec ++ to clobber %rdi, %rsi and %rbx. On Intel AVX CPUs, the state size ++ is 960 bytes and this test didn't fail. It may be due to the unused ++ last 128 bytes. On AMD AVX CPUs, the state size is 832 bytes and ++ this test might fail without the fix. */ ++#ifndef OFFSET ++# define OFFSET 40 ++#endif ++ ++ .text ++ .p2align 4 ++ .globl apply_tls ++ .type apply_tls, @function ++apply_tls: ++ cfi_startproc ++ _CET_ENDBR ++ pushq %rbp ++ cfi_def_cfa_offset (16) ++ cfi_offset (6, -16) ++ movdqu (%RDI_LP), %xmm0 ++ lea tls_var1@TLSDESC(%rip), %RAX_LP ++ mov %RSP_LP, %RBP_LP ++ cfi_def_cfa_register (6) ++ /* Align stack to 64 bytes. */ ++ and $-64, %RSP_LP ++ sub $OFFSET, %RSP_LP ++ pushq %rbx ++ /* Set %ebx to 0xbadbeef. */ ++ movl $0xbadbeef, %ebx ++ movl $0xbadbeef, %esi ++ movq %rdi, saved_rdi(%rip) ++ movq %rsi, saved_rsi(%rip) ++ call *tls_var1@TLSCALL(%RAX_LP) ++ /* Check if _dl_tlsdesc_dynamic preserves %rdi, %rsi and %rbx. */ ++ cmpq saved_rdi(%rip), %rdi ++ jne L(hlt) ++ cmpq saved_rsi(%rip), %rsi ++ jne L(hlt) ++ cmpl $0xbadbeef, %ebx ++ jne L(hlt) ++ add %fs:0, %RAX_LP ++ movups %xmm0, 32(%RAX_LP) ++ movdqu 16(%RDI_LP), %xmm1 ++ mov %RAX_LP, %RBX_LP ++ movups %xmm1, 48(%RAX_LP) ++ lea 32(%RBX_LP), %RAX_LP ++ pop %rbx ++ leave ++ cfi_def_cfa (7, 8) ++ ret ++L(hlt): ++ hlt ++ cfi_endproc ++ .size apply_tls, .-apply_tls ++ .hidden tls_var1 ++ .globl tls_var1 ++ .section .tbss,"awT",@nobits ++ .align 16 ++ .type tls_var1, @object ++ .size tls_var1, 3200 ++tls_var1: ++ .zero 3200 ++ .local saved_rdi ++ .comm saved_rdi,8,8 ++ .local saved_rsi ++ .comm saved_rsi,8,8 ++ .section .note.GNU-stack,"",@progbits +-- +2.27.0 + diff --git a/2d34e48a2858ae901b4cf532a5d7a88931f1c149.patch b/2d34e48a2858ae901b4cf532a5d7a88931f1c149.patch new file mode 100644 index 0000000..b273b2d --- /dev/null +++ b/2d34e48a2858ae901b4cf532a5d7a88931f1c149.patch @@ -0,0 +1,166 @@ +From 2d34e48a2858ae901b4cf532a5d7a88931f1c149 Mon Sep 17 00:00:00 2001 +From: Sunil K Pandey +Date: Thu, 3 Apr 2025 13:00:45 -0700 +Subject: [PATCH] x86: Optimize xstate size calculation + +Scan xstate IDs up to the maximum supported xstate ID. Remove the +separate AMX xstate calculation. Instead, exclude the AMX space from +the start of TILECFG to the end of TILEDATA in xsave_state_size. + +Completed validation on SKL/SKX/SPR/SDE and compared xsave state size +with "ld.so --list-diagnostics" option, no regression. + +Co-Authored-By: H.J. Lu +Reviewed-by: Sunil K Pandey +(cherry picked from commit 70b648855185e967e54668b101d24704c3fb869d) +--- + sysdeps/x86/cpu-features.c | 74 ++++++++++---------------------------- + sysdeps/x86/sysdep.h | 6 ++++ + 2 files changed, 24 insertions(+), 56 deletions(-) + +diff --git a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c +index b9ae482429..975b75c68b 100644 +--- a/sysdeps/x86/cpu-features.c ++++ b/sysdeps/x86/cpu-features.c +@@ -278,13 +278,8 @@ update_active (struct cpu_features *cpu_features) + /* Check if XSAVEC is available. */ + if (CPU_FEATURES_CPU_P (cpu_features, XSAVEC)) + { +- unsigned int xstate_comp_offsets[32]; +- unsigned int xstate_comp_sizes[32]; +-#ifdef __x86_64__ +- unsigned int xstate_amx_comp_offsets[32]; +- unsigned int xstate_amx_comp_sizes[32]; +- unsigned int amx_ecx; +-#endif ++ unsigned int xstate_comp_offsets[X86_XSTATE_MAX_ID + 1]; ++ unsigned int xstate_comp_sizes[X86_XSTATE_MAX_ID + 1]; + unsigned int i; + + xstate_comp_offsets[0] = 0; +@@ -292,39 +287,16 @@ update_active (struct cpu_features *cpu_features) + xstate_comp_offsets[2] = 576; + xstate_comp_sizes[0] = 160; + xstate_comp_sizes[1] = 256; +-#ifdef __x86_64__ +- xstate_amx_comp_offsets[0] = 0; +- xstate_amx_comp_offsets[1] = 160; +- xstate_amx_comp_offsets[2] = 576; +- xstate_amx_comp_sizes[0] = 160; +- xstate_amx_comp_sizes[1] = 256; +-#endif + +- for (i = 2; i < 32; i++) ++ for (i = 2; i <= X86_XSTATE_MAX_ID; i++) + { + if ((FULL_STATE_SAVE_MASK & (1 << i)) != 0) + { + __cpuid_count (0xd, i, eax, ebx, ecx, edx); +-#ifdef __x86_64__ +- /* Include this in xsave_state_full_size. */ +- amx_ecx = ecx; +- xstate_amx_comp_sizes[i] = eax; +- if ((AMX_STATE_SAVE_MASK & (1 << i)) != 0) +- { +- /* Exclude this from xsave_state_size. */ +- ecx = 0; +- xstate_comp_sizes[i] = 0; +- } +- else +-#endif +- xstate_comp_sizes[i] = eax; ++ xstate_comp_sizes[i] = eax; + } + else + { +-#ifdef __x86_64__ +- amx_ecx = 0; +- xstate_amx_comp_sizes[i] = 0; +-#endif + ecx = 0; + xstate_comp_sizes[i] = 0; + } +@@ -333,42 +305,32 @@ update_active (struct cpu_features *cpu_features) + { + xstate_comp_offsets[i] + = (xstate_comp_offsets[i - 1] +- + xstate_comp_sizes[i -1]); ++ + xstate_comp_sizes[i - 1]); + if ((ecx & (1 << 1)) != 0) + xstate_comp_offsets[i] + = ALIGN_UP (xstate_comp_offsets[i], 64); +-#ifdef __x86_64__ +- xstate_amx_comp_offsets[i] +- = (xstate_amx_comp_offsets[i - 1] +- + xstate_amx_comp_sizes[i - 1]); +- if ((amx_ecx & (1 << 1)) != 0) +- xstate_amx_comp_offsets[i] +- = ALIGN_UP (xstate_amx_comp_offsets[i], +- 64); +-#endif + } + } + + /* Use XSAVEC. */ + unsigned int size +- = xstate_comp_offsets[31] + xstate_comp_sizes[31]; ++ = (xstate_comp_offsets[X86_XSTATE_MAX_ID] ++ + xstate_comp_sizes[X86_XSTATE_MAX_ID]); + if (size) + { ++ size = ALIGN_UP (size + TLSDESC_CALL_REGISTER_SAVE_AREA, ++ 64); + #ifdef __x86_64__ +- unsigned int amx_size +- = (xstate_amx_comp_offsets[31] +- + xstate_amx_comp_sizes[31]); +- amx_size +- = ALIGN_UP ((amx_size +- + TLSDESC_CALL_REGISTER_SAVE_AREA), +- 64); +- /* Set TLSDESC state size to the compact AMX +- state size for XSAVEC. */ +- _dl_x86_features_tlsdesc_state_size = amx_size; ++ _dl_x86_features_tlsdesc_state_size = size; ++ /* Exclude the AMX space from the start of TILECFG ++ space to the end of TILEDATA space. If CPU ++ doesn't support AMX, TILECFG offset is the same ++ as TILEDATA + 1 offset. Otherwise, they are ++ multiples of 64. */ ++ size -= (xstate_comp_offsets[X86_XSTATE_TILEDATA_ID + 1] ++ - xstate_comp_offsets[X86_XSTATE_TILECFG_ID]); + #endif +- cpu_features->xsave_state_size +- = ALIGN_UP (size + TLSDESC_CALL_REGISTER_SAVE_AREA, +- 64); ++ cpu_features->xsave_state_size = size; + CPU_FEATURE_SET (cpu_features, XSAVEC); + } + } +diff --git a/sysdeps/x86/sysdep.h b/sysdeps/x86/sysdep.h +index 9dab03a488..0f744859a0 100644 +--- a/sysdeps/x86/sysdep.h ++++ b/sysdeps/x86/sysdep.h +@@ -102,6 +102,9 @@ + | (1 << X86_XSTATE_ZMM_ID) \ + | (1 << X86_XSTATE_APX_F_ID)) + ++/* The maximum supported xstate ID. */ ++# define X86_XSTATE_MAX_ID X86_XSTATE_APX_F_ID ++ + /* AMX state mask. */ + # define AMX_STATE_SAVE_MASK \ + ((1 << X86_XSTATE_TILECFG_ID) | (1 << X86_XSTATE_TILEDATA_ID)) +@@ -123,6 +126,9 @@ + | (1 << X86_XSTATE_K_ID) \ + | (1 << X86_XSTATE_ZMM_H_ID)) + ++/* The maximum supported xstate ID. */ ++# define X86_XSTATE_MAX_ID X86_XSTATE_ZMM_H_ID ++ + /* States to be included in xsave_state_size. */ + # define FULL_STATE_SAVE_MASK STATE_SAVE_MASK + #endif +-- +2.27.0 + diff --git a/3f0dd818e54157d6042c4a03b07d93f05d1e492a.patch b/3f0dd818e54157d6042c4a03b07d93f05d1e492a.patch new file mode 100644 index 0000000..2c32c7e --- /dev/null +++ b/3f0dd818e54157d6042c4a03b07d93f05d1e492a.patch @@ -0,0 +1,69 @@ +From 3f0dd818e54157d6042c4a03b07d93f05d1e492a Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Mon, 28 Jul 2025 12:18:22 -0700 +Subject: [PATCH] x86-64: Add GLIBC_ABI_GNU2_TLS version [BZ #33129] + +Programs and shared libraries compiled with -mtls-dialect=gnu2 may fail +silently at run-time against glibc without the GNU2 TLS run-time fix +for: + +https://sourceware.org/bugzilla/show_bug.cgi?id=31372 + +Add GLIBC_ABI_GNU2_TLS version to indicate that glibc has the working +GNU2 TLS run-time. Linker can add the GLIBC_ABI_GNU2_TLS version to +binaries which depend on the working GNU2 TLS run-time: + +https://sourceware.org/bugzilla/show_bug.cgi?id=33130 + +so that such programs and shared libraries will fail to load and run at +run-time against libc.so without the GLIBC_ABI_GNU2_TLS version, instead +of fail silently at random. + +This fixes BZ #33129. + +Signed-off-by: H.J. Lu +Reviewed-by: Sam James +(cherry picked from commit 9df8fa397d515dc86ff5565f6c45625e672d539e) +--- + sysdeps/x86_64/Makefile | 8 ++++++++ + sysdeps/x86_64/Versions | 5 +++++ + 2 files changed, 13 insertions(+) + +diff --git a/sysdeps/x86_64/Makefile b/sysdeps/x86_64/Makefile +index 9c8af27300..191cf7f5b0 100644 +--- a/sysdeps/x86_64/Makefile ++++ b/sysdeps/x86_64/Makefile +@@ -181,6 +181,14 @@ $(objpfx)check-dt-x86-64-plt.out: $(common-objpfx)libc.so + $(evaluate-test) + generated += check-dt-x86-64-plt.out + ++tests-special += $(objpfx)check-gnu2-tls.out ++ ++$(objpfx)check-gnu2-tls.out: $(common-objpfx)libc.so ++ LC_ALL=C $(READELF) -V -W $< \ ++ | sed -ne '/.gnu.version_d/, /.gnu.version_r/ p' \ ++ | grep GLIBC_ABI_GNU2_TLS > $@; \ ++ $(evaluate-test) ++generated += check-gnu2-tls.out + endif # $(subdir) == elf + + ifeq ($(subdir),csu) +diff --git a/sysdeps/x86_64/Versions b/sysdeps/x86_64/Versions +index 6a989ad3b3..0a759029e5 100644 +--- a/sysdeps/x86_64/Versions ++++ b/sysdeps/x86_64/Versions +@@ -5,6 +5,11 @@ libc { + GLIBC_2.13 { + __fentry__; + } ++ GLIBC_ABI_GNU2_TLS { ++ # This symbol is used only for empty version map and will be removed ++ # by scripts/versions.awk. ++ __placeholder_only_for_empty_version_map; ++ } + GLIBC_ABI_DT_X86_64_PLT { + # This symbol is used only for empty version map and will be removed + # by scripts/versions.awk. +-- +2.27.0 + diff --git a/5cb05015c9b28ea521d816237805fbbee5224c86.patch b/5cb05015c9b28ea521d816237805fbbee5224c86.patch new file mode 100644 index 0000000..9a1ddd3 --- /dev/null +++ b/5cb05015c9b28ea521d816237805fbbee5224c86.patch @@ -0,0 +1,216 @@ +From 5cb05015c9b28ea521d816237805fbbee5224c86 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 28 Mar 2025 09:26:59 +0100 +Subject: [PATCH] x86: Use separate variable for TLSDESC XSAVE/XSAVEC state + size (bug 32810) + +Previously, the initialization code reused the xsave_state_full_size +member of struct cpu_features for the TLSDESC state size. However, +the tunable processing code assumes that this member has the +original XSAVE (non-compact) state size, so that it can use its +value if XSAVEC is disabled via tunable. + +This change uses a separate variable and not a struct member because +the value is only needed in ld.so and the static libc, but not in +libc.so. As a result, struct cpu_features layout does not change, +helping a future backport of this change. + +Fixes commit 9b7091415af47082664717210ac49d51551456ab ("x86-64: +Update _dl_tlsdesc_dynamic to preserve AMX registers"). + +Reviewed-by: H.J. Lu +(cherry picked from commit 145097dff170507fe73190e8e41194f5b5f7e6bf) +--- + NEWS | 4 ++++ + sysdeps/x86/Makefile | 19 +++++++++++++++++++ + sysdeps/x86/cpu-features.c | 11 ++++++----- + sysdeps/x86/cpu-tunables.c | 2 ++ + sysdeps/x86/dl-diagnostics-cpu.c | 2 ++ + sysdeps/x86/include/cpu-features.h | 9 +++++++-- + sysdeps/x86/tst-gnu2-tls2-x86-noxsave.c | 1 + + sysdeps/x86/tst-gnu2-tls2-x86-noxsavec.c | 1 + + sysdeps/x86/tst-gnu2-tls2-x86-noxsavexsavec.c | 1 + + sysdeps/x86_64/dl-tlsdesc-dynamic.h | 2 +- + 10 files changed, 44 insertions(+), 8 deletions(-) + create mode 100644 sysdeps/x86/tst-gnu2-tls2-x86-noxsave.c + create mode 100644 sysdeps/x86/tst-gnu2-tls2-x86-noxsavec.c + create mode 100644 sysdeps/x86/tst-gnu2-tls2-x86-noxsavexsavec.c + +diff --git a/NEWS b/NEWS +index 77e89c9619..7f3049367f 100644 +--- a/NEWS ++++ b/NEWS +@@ -10,6 +10,10 @@ Version 2.38.1 + * Sync with Linux kernel 6.6 shadow stack interface. The --enable-cet + configure option in only supported on x86-64. + ++The following bugs are resolved with this release: ++ ++ [32810] Crash on x86-64 if XSAVEC disable via tunable ++ + Deprecated and removed features, and other changes affecting compatibility: + + * __rseq_size now denotes the size of the active rseq area (20 bytes +diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile +index 02ecfbf146..e4286a7acd 100644 +--- a/sysdeps/x86/Makefile ++++ b/sysdeps/x86/Makefile +@@ -21,6 +21,9 @@ tests += \ + tst-cpu-features-supports-static \ + tst-get-cpu-features \ + tst-get-cpu-features-static \ ++ tst-gnu2-tls2-x86-noxsave \ ++ tst-gnu2-tls2-x86-noxsavec \ ++ tst-gnu2-tls2-x86-noxsavexsavec \ + # tests + tests-static += \ + tst-cpu-features-cpuinfo-static \ +@@ -89,6 +92,22 @@ CFLAGS-tst-gnu2-tls2.c += -msse + CFLAGS-tst-gnu2-tls2mod0.c += -msse2 -mtune=haswell + CFLAGS-tst-gnu2-tls2mod1.c += -msse2 -mtune=haswell + CFLAGS-tst-gnu2-tls2mod2.c += -msse2 -mtune=haswell ++ ++LDFLAGS-tst-gnu2-tls2-x86-noxsave += -Wl,-z,lazy ++LDFLAGS-tst-gnu2-tls2-x86-noxsavec += -Wl,-z,lazy ++LDFLAGS-tst-gnu2-tls2-x86-noxsavexsavec += -Wl,-z,lazy ++ ++# Test for bug 32810: incorrect XSAVE state size if XSAVEC is disabled ++# via tunable. ++tst-gnu2-tls2-x86-noxsave-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-XSAVE ++tst-gnu2-tls2-x86-noxsavec-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-XSAVEC ++tst-gnu2-tls2-x86-noxsavexsavec-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-XSAVE,-XSAVEC ++$(objpfx)tst-gnu2-tls2-x86-noxsave.out \ ++$(objpfx)tst-gnu2-tls2-x86-noxsavec.out \ ++$(objpfx)tst-gnu2-tls2-x86-noxsavexsavec.out: \ ++ $(objpfx)tst-gnu2-tls2mod0.so \ ++ $(objpfx)tst-gnu2-tls2mod1.so \ ++ $(objpfx)tst-gnu2-tls2mod2.so + endif + + ifeq ($(subdir),math) +diff --git a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c +index 4b75d3bcf2..b9ae482429 100644 +--- a/sysdeps/x86/cpu-features.c ++++ b/sysdeps/x86/cpu-features.c +@@ -62,6 +62,8 @@ extern void TUNABLE_CALLBACK (set_x86_shstk) (tunable_val_t *) + # include + #endif + ++unsigned long int _dl_x86_features_tlsdesc_state_size; ++ + static void + update_active (struct cpu_features *cpu_features) + { +@@ -271,6 +273,7 @@ update_active (struct cpu_features *cpu_features) + = xsave_state_full_size; + cpu_features->xsave_state_full_size + = xsave_state_full_size; ++ _dl_x86_features_tlsdesc_state_size = xsave_state_full_size; + + /* Check if XSAVEC is available. */ + if (CPU_FEATURES_CPU_P (cpu_features, XSAVEC)) +@@ -359,11 +362,9 @@ update_active (struct cpu_features *cpu_features) + = ALIGN_UP ((amx_size + + TLSDESC_CALL_REGISTER_SAVE_AREA), + 64); +- /* Set xsave_state_full_size to the compact AMX +- state size for XSAVEC. NB: xsave_state_full_size +- is only used in _dl_tlsdesc_dynamic_xsave and +- _dl_tlsdesc_dynamic_xsavec. */ +- cpu_features->xsave_state_full_size = amx_size; ++ /* Set TLSDESC state size to the compact AMX ++ state size for XSAVEC. */ ++ _dl_x86_features_tlsdesc_state_size = amx_size; + #endif + cpu_features->xsave_state_size + = ALIGN_UP (size + TLSDESC_CALL_REGISTER_SAVE_AREA, +diff --git a/sysdeps/x86/cpu-tunables.c b/sysdeps/x86/cpu-tunables.c +index c144124142..7cd2899b40 100644 +--- a/sysdeps/x86/cpu-tunables.c ++++ b/sysdeps/x86/cpu-tunables.c +@@ -196,6 +196,8 @@ TUNABLE_CALLBACK (set_hwcaps) (tunable_val_t *valp) + /* Update xsave_state_size to XSAVE state size. */ + cpu_features->xsave_state_size + = cpu_features->xsave_state_full_size; ++ _dl_x86_features_tlsdesc_state_size ++ = cpu_features->xsave_state_full_size; + CPU_FEATURE_UNSET (cpu_features, XSAVEC); + } + } +diff --git a/sysdeps/x86/dl-diagnostics-cpu.c b/sysdeps/x86/dl-diagnostics-cpu.c +index 5aab63e532..3b32056362 100644 +--- a/sysdeps/x86/dl-diagnostics-cpu.c ++++ b/sysdeps/x86/dl-diagnostics-cpu.c +@@ -78,6 +78,8 @@ _dl_diagnostics_cpu (void) + cpu_features->xsave_state_size); + print_cpu_features_value ("xsave_state_full_size", + cpu_features->xsave_state_full_size); ++ print_cpu_features_value ("tlsdesc_state_full_size", ++ _dl_x86_features_tlsdesc_state_size); + print_cpu_features_value ("data_cache_size", cpu_features->data_cache_size); + print_cpu_features_value ("shared_cache_size", + cpu_features->shared_cache_size); +diff --git a/sysdeps/x86/include/cpu-features.h b/sysdeps/x86/include/cpu-features.h +index bedea77167..3a786a12d9 100644 +--- a/sysdeps/x86/include/cpu-features.h ++++ b/sysdeps/x86/include/cpu-features.h +@@ -909,8 +909,6 @@ struct cpu_features + /* The full state size for XSAVE when XSAVEC is disabled by + + GLIBC_TUNABLES=glibc.cpu.hwcaps=-XSAVEC +- +- and the AMX state size when XSAVEC is available. + */ + unsigned int xsave_state_full_size; + /* Data cache size for use in memory and string routines, typically +@@ -962,6 +960,13 @@ extern const struct cpu_features *_dl_x86_get_cpu_features (void) + + #define __get_cpu_features() _dl_x86_get_cpu_features() + ++#if IS_IN (rtld) || IS_IN (libc) ++/* XSAVE/XSAVEC state size used by TLS descriptors. Compared to ++ xsave_state_size from struct cpu_features, this includes additional ++ registers. */ ++extern unsigned long int _dl_x86_features_tlsdesc_state_size attribute_hidden; ++#endif ++ + #if defined (_LIBC) && !IS_IN (nonlib) + /* Unused for x86. */ + # define INIT_ARCH() +diff --git a/sysdeps/x86/tst-gnu2-tls2-x86-noxsave.c b/sysdeps/x86/tst-gnu2-tls2-x86-noxsave.c +new file mode 100644 +index 0000000000..f0024c143d +--- /dev/null ++++ b/sysdeps/x86/tst-gnu2-tls2-x86-noxsave.c +@@ -0,0 +1 @@ ++#include +diff --git a/sysdeps/x86/tst-gnu2-tls2-x86-noxsavec.c b/sysdeps/x86/tst-gnu2-tls2-x86-noxsavec.c +new file mode 100644 +index 0000000000..f0024c143d +--- /dev/null ++++ b/sysdeps/x86/tst-gnu2-tls2-x86-noxsavec.c +@@ -0,0 +1 @@ ++#include +diff --git a/sysdeps/x86/tst-gnu2-tls2-x86-noxsavexsavec.c b/sysdeps/x86/tst-gnu2-tls2-x86-noxsavexsavec.c +new file mode 100644 +index 0000000000..f0024c143d +--- /dev/null ++++ b/sysdeps/x86/tst-gnu2-tls2-x86-noxsavexsavec.c +@@ -0,0 +1 @@ ++#include +diff --git a/sysdeps/x86_64/dl-tlsdesc-dynamic.h b/sysdeps/x86_64/dl-tlsdesc-dynamic.h +index 9f02cfc3eb..44d948696f 100644 +--- a/sysdeps/x86_64/dl-tlsdesc-dynamic.h ++++ b/sysdeps/x86_64/dl-tlsdesc-dynamic.h +@@ -99,7 +99,7 @@ _dl_tlsdesc_dynamic: + # endif + #else + /* Allocate stack space of the required size to save the state. */ +- sub _rtld_local_ro+RTLD_GLOBAL_RO_DL_X86_CPU_FEATURES_OFFSET+XSAVE_STATE_FULL_SIZE_OFFSET(%rip), %RSP_LP ++ sub _dl_x86_features_tlsdesc_state_size(%rip), %RSP_LP + #endif + /* Besides rdi and rsi, saved above, save rcx, rdx, r8, r9, + r10 and r11. */ +-- +2.27.0 + diff --git a/6f076f136680905b56cc816a01674550d2c17bf4.patch b/6f076f136680905b56cc816a01674550d2c17bf4.patch new file mode 100644 index 0000000..6b76c97 --- /dev/null +++ b/6f076f136680905b56cc816a01674550d2c17bf4.patch @@ -0,0 +1,520 @@ +From 6f076f136680905b56cc816a01674550d2c17bf4 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Wed, 28 Feb 2024 12:08:03 -0800 +Subject: [PATCH] x86-64: Update _dl_tlsdesc_dynamic to preserve AMX + registers + +_dl_tlsdesc_dynamic should also preserve AMX registers which are +caller-saved. Add X86_XSTATE_TILECFG_ID and X86_XSTATE_TILEDATA_ID +to x86-64 TLSDESC_CALL_STATE_SAVE_MASK. Compute the AMX state size +and save it in xsave_state_full_size which is only used by +_dl_tlsdesc_dynamic_xsave and _dl_tlsdesc_dynamic_xsavec. This fixes +the AMX part of BZ #31372. Tested on AMX processor. + +AMX test is enabled only for compilers with the fix for + +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114098 + +GCC 14 and GCC 11/12/13 branches have the bug fix. +Reviewed-by: Sunil K Pandey + +(cherry picked from commit 9b7091415af47082664717210ac49d51551456ab) +--- + sysdeps/unix/sysv/linux/x86_64/Makefile | 27 ++++++ + .../sysv/linux/x86_64/include/asm/prctl.h | 5 ++ + .../linux/x86_64/tst-gnu2-tls2-amx-mod0.c | 2 + + .../linux/x86_64/tst-gnu2-tls2-amx-mod1.c | 2 + + .../linux/x86_64/tst-gnu2-tls2-amx-mod2.c | 2 + + .../sysv/linux/x86_64/tst-gnu2-tls2-amx.c | 83 +++++++++++++++++++ + .../sysv/linux/x86_64/tst-gnu2-tls2-amx.h | 63 ++++++++++++++ + sysdeps/x86/cpu-features-offsets.sym | 1 + + sysdeps/x86/cpu-features.c | 55 +++++++++++- + sysdeps/x86/include/cpu-features.h | 2 + + sysdeps/x86/sysdep.h | 18 +++- + sysdeps/x86_64/configure | 28 +++++++ + sysdeps/x86_64/configure.ac | 15 ++++ + sysdeps/x86_64/dl-tlsdesc-dynamic.h | 2 +- + 14 files changed, 299 insertions(+), 6 deletions(-) + create mode 100644 sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod0.c + create mode 100644 sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod1.c + create mode 100644 sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod2.c + create mode 100644 sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx.c + create mode 100644 sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx.h + +diff --git a/sysdeps/unix/sysv/linux/x86_64/Makefile b/sysdeps/unix/sysv/linux/x86_64/Makefile +index 4223feb95f..9a1e7aa646 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/Makefile ++++ b/sysdeps/unix/sysv/linux/x86_64/Makefile +@@ -63,6 +63,33 @@ $(objpfx)libx86-64-isa-level%.os: $(..)/sysdeps/unix/sysv/linux/x86_64/x86-64-is + $(objpfx)libx86-64-isa-level.so: $(objpfx)libx86-64-isa-level-1.so + cp $< $@ + endif ++ ++ifeq (yes,$(have-mamx-tile)) ++tests += \ ++ tst-gnu2-tls2-amx \ ++# tests ++ ++modules-names += \ ++ tst-gnu2-tls2-amx-mod0 \ ++ tst-gnu2-tls2-amx-mod1 \ ++ tst-gnu2-tls2-amx-mod2 \ ++# modules-names ++ ++$(objpfx)tst-gnu2-tls2-amx: $(shared-thread-library) ++$(objpfx)tst-gnu2-tls2-amx.out: \ ++ $(objpfx)tst-gnu2-tls2-amx-mod0.so \ ++ $(objpfx)tst-gnu2-tls2-amx-mod1.so \ ++ $(objpfx)tst-gnu2-tls2-amx-mod2.so ++$(objpfx)tst-gnu2-tls2-amx-mod0.so: $(libsupport) ++$(objpfx)tst-gnu2-tls2-amx-mod1.so: $(libsupport) ++$(objpfx)tst-gnu2-tls2-amx-mod2.so: $(libsupport) ++ ++CFLAGS-tst-gnu2-tls2-amx.c += -mamx-tile ++CFLAGS-tst-gnu2-tls2-amx-mod0.c += -mamx-tile -mtls-dialect=gnu2 ++CFLAGS-tst-gnu2-tls2-amx-mod1.c += -mamx-tile -mtls-dialect=gnu2 ++CFLAGS-tst-gnu2-tls2-amx-mod2.c += -mamx-tile -mtls-dialect=gnu2 ++endif ++ + endif # $(subdir) == elf + + ifneq ($(enable-cet),no) +diff --git a/sysdeps/unix/sysv/linux/x86_64/include/asm/prctl.h b/sysdeps/unix/sysv/linux/x86_64/include/asm/prctl.h +index 2f511321ad..ef4631bf4b 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/include/asm/prctl.h ++++ b/sysdeps/unix/sysv/linux/x86_64/include/asm/prctl.h +@@ -20,3 +20,8 @@ + # define ARCH_SHSTK_SHSTK 0x1 + # define ARCH_SHSTK_WRSS 0x2 + #endif ++ ++#ifndef ARCH_GET_XCOMP_PERM ++# define ARCH_GET_XCOMP_PERM 0x1022 ++# define ARCH_REQ_XCOMP_PERM 0x1023 ++#endif +diff --git a/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod0.c b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod0.c +new file mode 100644 +index 0000000000..2e0c7b91b7 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod0.c +@@ -0,0 +1,2 @@ ++#include "tst-gnu2-tls2-amx.h" ++#include +diff --git a/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod1.c b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod1.c +new file mode 100644 +index 0000000000..b8a8ccf1c1 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod1.c +@@ -0,0 +1,2 @@ ++#include "tst-gnu2-tls2-amx.h" ++#include +diff --git a/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod2.c b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod2.c +new file mode 100644 +index 0000000000..cdf4a8f363 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx-mod2.c +@@ -0,0 +1,2 @@ ++#include "tst-gnu2-tls2-amx.h" ++#include +diff --git a/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx.c b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx.c +new file mode 100644 +index 0000000000..ae4dd82556 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx.c +@@ -0,0 +1,83 @@ ++/* Test TLSDESC relocation with AMX. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include "tst-gnu2-tls2-amx.h" ++ ++extern int arch_prctl (int, ...); ++ ++#define X86_XSTATE_TILECFG_ID 17 ++#define X86_XSTATE_TILEDATA_ID 18 ++ ++/* Initialize tile config. */ ++__attribute__ ((noinline, noclone)) ++static void ++init_tile_config (__tilecfg *tileinfo) ++{ ++ int i; ++ tileinfo->palette_id = 1; ++ tileinfo->start_row = 0; ++ ++ tileinfo->colsb[0] = MAX_ROWS; ++ tileinfo->rows[0] = MAX_ROWS; ++ ++ for (i = 1; i < 4; ++i) ++ { ++ tileinfo->colsb[i] = MAX_COLS; ++ tileinfo->rows[i] = MAX_ROWS; ++ } ++ ++ _tile_loadconfig (tileinfo); ++} ++ ++static bool ++enable_amx (void) ++{ ++ uint64_t bitmask; ++ if (arch_prctl (ARCH_GET_XCOMP_PERM, &bitmask) != 0) ++ return false; ++ ++ if ((bitmask & (1 << X86_XSTATE_TILECFG_ID)) == 0) ++ return false; ++ ++ if (arch_prctl (ARCH_REQ_XCOMP_PERM, X86_XSTATE_TILEDATA_ID) != 0) ++ return false; ++ ++ /* Load tile configuration. */ ++ __tilecfg tile_data = { 0 }; ++ init_tile_config (&tile_data); ++ ++ return true; ++} ++ ++/* An architecture can define it to clobber caller-saved registers in ++ malloc below to verify that the implicit TLSDESC call won't change ++ caller-saved registers. */ ++static void ++clear_tile_register (void) ++{ ++ _tile_zero (2); ++} ++ ++#define MOD(i) "tst-gnu2-tls2-amx-mod" #i ".so" ++#define IS_SUPPORTED() enable_amx () ++#define PREPARE_MALLOC() clear_tile_register () ++ ++#include +diff --git a/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx.h b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx.h +new file mode 100644 +index 0000000000..1845a3caba +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/x86_64/tst-gnu2-tls2-amx.h +@@ -0,0 +1,63 @@ ++/* Test TLSDESC relocation with AMX. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++#define MAX_ROWS 16 ++#define MAX_COLS 64 ++#define MAX 1024 ++#define STRIDE 64 ++ ++typedef struct __tile_config ++{ ++ uint8_t palette_id; ++ uint8_t start_row; ++ uint8_t reserved_0[14]; ++ uint16_t colsb[16]; ++ uint8_t rows[16]; ++} __tilecfg __attribute__ ((aligned (64))); ++ ++/* Initialize int8_t buffer */ ++static inline void ++init_buffer (int8_t *buf, int8_t value) ++{ ++ int rows, colsb, i, j; ++ rows = MAX_ROWS; ++ colsb = MAX_COLS; ++ ++ for (i = 0; i < rows; i++) ++ for (j = 0; j < colsb; j++) ++ buf[i * colsb + j] = value; ++} ++ ++#define BEFORE_TLSDESC_CALL() \ ++ int8_t src[MAX]; \ ++ int8_t res[MAX]; \ ++ /* Initialize src with data */ \ ++ init_buffer (src, 2); \ ++ /* Load tile rows from memory. */ \ ++ _tile_loadd (2, src, STRIDE); ++ ++#define AFTER_TLSDESC_CALL() \ ++ /* Store the tile data to memory. */ \ ++ _tile_stored (2, res, STRIDE); \ ++ _tile_release (); \ ++ TEST_VERIFY_EXIT (memcmp (src, res, sizeof (res)) == 0); +diff --git a/sysdeps/x86/cpu-features-offsets.sym b/sysdeps/x86/cpu-features-offsets.sym +index 6a8fd29813..21fc88d651 100644 +--- a/sysdeps/x86/cpu-features-offsets.sym ++++ b/sysdeps/x86/cpu-features-offsets.sym +@@ -3,3 +3,4 @@ + #include + + XSAVE_STATE_SIZE_OFFSET offsetof (struct cpu_features, xsave_state_size) ++XSAVE_STATE_FULL_SIZE_OFFSET offsetof (struct cpu_features, xsave_state_full_size) +diff --git a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c +index 769350814d..c693b8a25a 100644 +--- a/sysdeps/x86/cpu-features.c ++++ b/sysdeps/x86/cpu-features.c +@@ -262,6 +262,8 @@ update_active (struct cpu_features *cpu_features) + __cpuid_count (0xd, 0, eax, ebx, ecx, edx); + if (ebx != 0) + { ++ /* NB: On AMX capable processors, ebx always includes AMX ++ states. */ + unsigned int xsave_state_full_size + = ALIGN_UP (ebx + STATE_SAVE_OFFSET, 64); + +@@ -275,6 +277,11 @@ update_active (struct cpu_features *cpu_features) + { + unsigned int xstate_comp_offsets[32]; + unsigned int xstate_comp_sizes[32]; ++#ifdef __x86_64__ ++ unsigned int xstate_amx_comp_offsets[32]; ++ unsigned int xstate_amx_comp_sizes[32]; ++ unsigned int amx_ecx; ++#endif + unsigned int i; + + xstate_comp_offsets[0] = 0; +@@ -282,16 +289,39 @@ update_active (struct cpu_features *cpu_features) + xstate_comp_offsets[2] = 576; + xstate_comp_sizes[0] = 160; + xstate_comp_sizes[1] = 256; ++#ifdef __x86_64__ ++ xstate_amx_comp_offsets[0] = 0; ++ xstate_amx_comp_offsets[1] = 160; ++ xstate_amx_comp_offsets[2] = 576; ++ xstate_amx_comp_sizes[0] = 160; ++ xstate_amx_comp_sizes[1] = 256; ++#endif + + for (i = 2; i < 32; i++) + { +- if ((STATE_SAVE_MASK & (1 << i)) != 0) ++ if ((FULL_STATE_SAVE_MASK & (1 << i)) != 0) + { + __cpuid_count (0xd, i, eax, ebx, ecx, edx); +- xstate_comp_sizes[i] = eax; ++#ifdef __x86_64__ ++ /* Include this in xsave_state_full_size. */ ++ amx_ecx = ecx; ++ xstate_amx_comp_sizes[i] = eax; ++ if ((AMX_STATE_SAVE_MASK & (1 << i)) != 0) ++ { ++ /* Exclude this from xsave_state_size. */ ++ ecx = 0; ++ xstate_comp_sizes[i] = 0; ++ } ++ else ++#endif ++ xstate_comp_sizes[i] = eax; + } + else + { ++#ifdef __x86_64__ ++ amx_ecx = 0; ++ xstate_amx_comp_sizes[i] = 0; ++#endif + ecx = 0; + xstate_comp_sizes[i] = 0; + } +@@ -304,6 +334,15 @@ update_active (struct cpu_features *cpu_features) + if ((ecx & (1 << 1)) != 0) + xstate_comp_offsets[i] + = ALIGN_UP (xstate_comp_offsets[i], 64); ++#ifdef __x86_64__ ++ xstate_amx_comp_offsets[i] ++ = (xstate_amx_comp_offsets[i - 1] ++ + xstate_amx_comp_sizes[i - 1]); ++ if ((amx_ecx & (1 << 1)) != 0) ++ xstate_amx_comp_offsets[i] ++ = ALIGN_UP (xstate_amx_comp_offsets[i], ++ 64); ++#endif + } + } + +@@ -312,6 +351,18 @@ update_active (struct cpu_features *cpu_features) + = xstate_comp_offsets[31] + xstate_comp_sizes[31]; + if (size) + { ++#ifdef __x86_64__ ++ unsigned int amx_size ++ = (xstate_amx_comp_offsets[31] ++ + xstate_amx_comp_sizes[31]); ++ amx_size = ALIGN_UP (amx_size + STATE_SAVE_OFFSET, ++ 64); ++ /* Set xsave_state_full_size to the compact AMX ++ state size for XSAVEC. NB: xsave_state_full_size ++ is only used in _dl_tlsdesc_dynamic_xsave and ++ _dl_tlsdesc_dynamic_xsavec. */ ++ cpu_features->xsave_state_full_size = amx_size; ++#endif + cpu_features->xsave_state_size + = ALIGN_UP (size + STATE_SAVE_OFFSET, 64); + CPU_FEATURE_SET (cpu_features, XSAVEC); +diff --git a/sysdeps/x86/include/cpu-features.h b/sysdeps/x86/include/cpu-features.h +index 2dfab74941..bedea77167 100644 +--- a/sysdeps/x86/include/cpu-features.h ++++ b/sysdeps/x86/include/cpu-features.h +@@ -909,6 +909,8 @@ struct cpu_features + /* The full state size for XSAVE when XSAVEC is disabled by + + GLIBC_TUNABLES=glibc.cpu.hwcaps=-XSAVEC ++ ++ and the AMX state size when XSAVEC is available. + */ + unsigned int xsave_state_full_size; + /* Data cache size for use in memory and string routines, typically +diff --git a/sysdeps/x86/sysdep.h b/sysdeps/x86/sysdep.h +index 9c41b5bbfb..e41e5401f0 100644 +--- a/sysdeps/x86/sysdep.h ++++ b/sysdeps/x86/sysdep.h +@@ -56,6 +56,14 @@ + | (1 << X86_XSTATE_ZMM_H_ID) \ + | (1 << X86_XSTATE_ZMM_ID) \ + | (1 << X86_XSTATE_APX_F_ID)) ++ ++/* AMX state mask. */ ++# define AMX_STATE_SAVE_MASK \ ++ ((1 << X86_XSTATE_TILECFG_ID) | (1 << X86_XSTATE_TILEDATA_ID)) ++ ++/* States to be included in xsave_state_full_size. */ ++# define FULL_STATE_SAVE_MASK \ ++ (STATE_SAVE_MASK | AMX_STATE_SAVE_MASK) + #else + /* Offset for fxsave/xsave area used by _dl_tlsdesc_dynamic. Since i386 + doesn't have red-zone, use 0 here. */ +@@ -68,13 +76,17 @@ + | (1 << X86_XSTATE_BNDREGS_ID) \ + | (1 << X86_XSTATE_K_ID) \ + | (1 << X86_XSTATE_ZMM_H_ID)) ++ ++/* States to be included in xsave_state_size. */ ++# define FULL_STATE_SAVE_MASK STATE_SAVE_MASK + #endif + + /* States which should be saved for TLSDESC_CALL and TLS_DESC_CALL. +- Compiler assumes that all registers, including x87 FPU stack registers, +- are unchanged after CALL, except for EFLAGS and RAX/EAX. */ ++ Compiler assumes that all registers, including AMX and x87 FPU ++ stack registers, are unchanged after CALL, except for EFLAGS and ++ RAX/EAX. */ + #define TLSDESC_CALL_STATE_SAVE_MASK \ +- (STATE_SAVE_MASK | (1 << X86_XSTATE_X87_ID)) ++ (FULL_STATE_SAVE_MASK | (1 << X86_XSTATE_X87_ID)) + + /* Constants for bits in __x86_string_control: */ + +diff --git a/sysdeps/x86_64/configure b/sysdeps/x86_64/configure +index b4a80b8035..76c7b5943c 100755 +--- a/sysdeps/x86_64/configure ++++ b/sysdeps/x86_64/configure +@@ -99,6 +99,34 @@ fi + config_vars="$config_vars + enable-cet = $enable_cet" + ++# Check if -mamx-tile works properly. ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether -mamx-tile works properly" >&5 ++printf %s "checking whether -mamx-tile works properly... " >&6; } ++if test ${libc_cv_x86_have_amx_tile+y} ++then : ++ printf %s "(cached) " >&6 ++else $as_nop ++ cat > conftest.c < ++EOF ++ libc_cv_x86_have_amx_tile=no ++ if { ac_try='${CC-cc} -E $CFLAGS -mamx-tile conftest.c > conftest.i' ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 ++ (eval $ac_try) 2>&5 ++ ac_status=$? ++ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 ++ test $ac_status = 0; }; }; then ++ if grep -q __builtin_ia32_ldtilecfg conftest.i; then ++ libc_cv_x86_have_amx_tile=yes ++ fi ++ fi ++ rm -rf conftest* ++fi ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $libc_cv_x86_have_amx_tile" >&5 ++printf "%s\n" "$libc_cv_x86_have_amx_tile" >&6; } ++config_vars="$config_vars ++have-mamx-tile = $libc_cv_x86_have_amx_tile" ++ + test -n "$critic_missing" && as_fn_error $? " + *** $critic_missing" "$LINENO" 5 + +diff --git a/sysdeps/x86_64/configure.ac b/sysdeps/x86_64/configure.ac +index 937d1aff7e..d767b5a98a 100644 +--- a/sysdeps/x86_64/configure.ac ++++ b/sysdeps/x86_64/configure.ac +@@ -57,5 +57,20 @@ elif test $enable_cet = permissive; then + fi + LIBC_CONFIG_VAR([enable-cet], [$enable_cet]) + ++# Check if -mamx-tile works properly. ++AC_CACHE_CHECK(whether -mamx-tile works properly, ++ libc_cv_x86_have_amx_tile, [dnl ++cat > conftest.c < ++EOF ++ libc_cv_x86_have_amx_tile=no ++ if AC_TRY_COMMAND(${CC-cc} -E $CFLAGS -mamx-tile conftest.c > conftest.i); then ++ if grep -q __builtin_ia32_ldtilecfg conftest.i; then ++ libc_cv_x86_have_amx_tile=yes ++ fi ++ fi ++ rm -rf conftest*]) ++LIBC_CONFIG_VAR([have-mamx-tile], [$libc_cv_x86_have_amx_tile]) ++ + test -n "$critic_missing" && AC_MSG_ERROR([ + *** $critic_missing]) +diff --git a/sysdeps/x86_64/dl-tlsdesc-dynamic.h b/sysdeps/x86_64/dl-tlsdesc-dynamic.h +index 0c2e8d5320..9f02cfc3eb 100644 +--- a/sysdeps/x86_64/dl-tlsdesc-dynamic.h ++++ b/sysdeps/x86_64/dl-tlsdesc-dynamic.h +@@ -99,7 +99,7 @@ _dl_tlsdesc_dynamic: + # endif + #else + /* Allocate stack space of the required size to save the state. */ +- sub _rtld_local_ro+RTLD_GLOBAL_RO_DL_X86_CPU_FEATURES_OFFSET+XSAVE_STATE_SIZE_OFFSET(%rip), %RSP_LP ++ sub _rtld_local_ro+RTLD_GLOBAL_RO_DL_X86_CPU_FEATURES_OFFSET+XSAVE_STATE_FULL_SIZE_OFFSET(%rip), %RSP_LP + #endif + /* Besides rdi and rsi, saved above, save rcx, rdx, r8, r9, + r10 and r11. */ +-- +2.27.0 + diff --git a/88866d885c7acd2b74e4f78a35fbd7ac251ebc1f.patch b/88866d885c7acd2b74e4f78a35fbd7ac251ebc1f.patch new file mode 100644 index 0000000..5410a1d --- /dev/null +++ b/88866d885c7acd2b74e4f78a35fbd7ac251ebc1f.patch @@ -0,0 +1,1469 @@ +From 88866d885c7acd2b74e4f78a35fbd7ac251ebc1f Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Mon, 26 Feb 2024 06:37:03 -0800 +Subject: [PATCH] x86: Update _dl_tlsdesc_dynamic to preserve + caller-saved registers + +Compiler generates the following instruction sequence for GNU2 dynamic +TLS access: + + leaq tls_var@TLSDESC(%rip), %rax + call *tls_var@TLSCALL(%rax) + +or + + leal tls_var@TLSDESC(%ebx), %eax + call *tls_var@TLSCALL(%eax) + +CALL instruction is transparent to compiler which assumes all registers, +except for EFLAGS and RAX/EAX, are unchanged after CALL. When +_dl_tlsdesc_dynamic is called, it calls __tls_get_addr on the slow +path. __tls_get_addr is a normal function which doesn't preserve any +caller-saved registers. _dl_tlsdesc_dynamic saved and restored integer +caller-saved registers, but didn't preserve any other caller-saved +registers. Add _dl_tlsdesc_dynamic IFUNC functions for FNSAVE, FXSAVE, +XSAVE and XSAVEC to save and restore all caller-saved registers. This +fixes BZ #31372. + +Add GLRO(dl_x86_64_runtime_resolve) with GLRO(dl_x86_tlsdesc_dynamic) +to optimize elf_machine_runtime_setup. +Reviewed-by: Noah Goldstein + +(cherry picked from commit 0aac205a814a8511e98d02b91a8dc908f1c53cde) +--- + elf/Makefile | 18 ++ + elf/tst-gnu2-tls2.c | 122 ++++++++++++ + elf/tst-gnu2-tls2.h | 36 ++++ + elf/tst-gnu2-tls2mod0.c | 31 +++ + elf/tst-gnu2-tls2mod1.c | 31 +++ + elf/tst-gnu2-tls2mod2.c | 31 +++ + sysdeps/i386/dl-machine.h | 2 +- + sysdeps/i386/dl-tlsdesc-dynamic.h | 190 +++++++++++++++++++ + sysdeps/i386/dl-tlsdesc.S | 115 +++++------ + sysdeps/x86/Makefile | 7 +- + sysdeps/x86/cpu-features.c | 54 ++++++ + sysdeps/x86/dl-procinfo.c | 16 ++ + sysdeps/{x86_64 => x86}/features-offsets.sym | 2 + + sysdeps/x86/sysdep.h | 6 + + sysdeps/x86/tst-gnu2-tls2.c | 20 ++ + sysdeps/x86_64/Makefile | 2 +- + sysdeps/x86_64/dl-machine.h | 16 +- + sysdeps/x86_64/dl-procinfo.c | 16 ++ + sysdeps/x86_64/dl-tlsdesc-dynamic.h | 166 ++++++++++++++++ + sysdeps/x86_64/dl-tlsdesc.S | 108 ++++------- + sysdeps/x86_64/dl-trampoline-save.h | 34 ++++ + sysdeps/x86_64/dl-trampoline-state.h | 51 +++++ + sysdeps/x86_64/dl-trampoline.S | 20 +- + sysdeps/x86_64/dl-trampoline.h | 34 +--- + 24 files changed, 919 insertions(+), 209 deletions(-) + create mode 100644 elf/tst-gnu2-tls2.c + create mode 100644 elf/tst-gnu2-tls2.h + create mode 100644 elf/tst-gnu2-tls2mod0.c + create mode 100644 elf/tst-gnu2-tls2mod1.c + create mode 100644 elf/tst-gnu2-tls2mod2.c + create mode 100644 sysdeps/i386/dl-tlsdesc-dynamic.h + rename sysdeps/{x86_64 => x86}/features-offsets.sym (89%) + create mode 100644 sysdeps/x86/tst-gnu2-tls2.c + create mode 100644 sysdeps/x86_64/dl-tlsdesc-dynamic.h + create mode 100644 sysdeps/x86_64/dl-trampoline-save.h + create mode 100644 sysdeps/x86_64/dl-trampoline-state.h + +diff --git a/elf/Makefile b/elf/Makefile +index 098d9a15b7..970192bde4 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -419,6 +419,7 @@ tests += \ + tst-glibc-hwcaps-prepend \ + tst-global1 \ + tst-global2 \ ++ tst-gnu2-tls2 \ + tst-initfinilazyfail \ + tst-initorder \ + tst-initorder2 \ +@@ -846,6 +847,9 @@ modules-names += \ + tst-filterobj-flt \ + tst-finilazyfailmod \ + tst-globalmod2 \ ++ tst-gnu2-tls2mod0 \ ++ tst-gnu2-tls2mod1 \ ++ tst-gnu2-tls2mod2 \ + tst-initlazyfailmod \ + tst-initorder2a \ + tst-initorder2b \ +@@ -3046,10 +3050,24 @@ $(objpfx)tst-tlsgap.out: \ + $(objpfx)tst-tlsgap-mod0.so \ + $(objpfx)tst-tlsgap-mod1.so \ + $(objpfx)tst-tlsgap-mod2.so ++ ++$(objpfx)tst-gnu2-tls2: $(shared-thread-library) ++$(objpfx)tst-gnu2-tls2.out: \ ++ $(objpfx)tst-gnu2-tls2mod0.so \ ++ $(objpfx)tst-gnu2-tls2mod1.so \ ++ $(objpfx)tst-gnu2-tls2mod2.so ++ + ifeq (yes,$(have-mtls-dialect-gnu2)) ++# This test fails if dl_tlsdesc_dynamic doesn't preserve all caller-saved ++# registers. See https://sourceware.org/bugzilla/show_bug.cgi?id=31372 ++test-xfail-tst-gnu2-tls2 = yes ++ + CFLAGS-tst-tlsgap-mod0.c += -mtls-dialect=gnu2 + CFLAGS-tst-tlsgap-mod1.c += -mtls-dialect=gnu2 + CFLAGS-tst-tlsgap-mod2.c += -mtls-dialect=gnu2 ++CFLAGS-tst-gnu2-tls2mod0.c += -mtls-dialect=gnu2 ++CFLAGS-tst-gnu2-tls2mod1.c += -mtls-dialect=gnu2 ++CFLAGS-tst-gnu2-tls2mod2.c += -mtls-dialect=gnu2 + endif + + $(objpfx)tst-recursive-tls: $(objpfx)tst-recursive-tlsmallocmod.so +diff --git a/elf/tst-gnu2-tls2.c b/elf/tst-gnu2-tls2.c +new file mode 100644 +index 0000000000..7ac04d7f33 +--- /dev/null ++++ b/elf/tst-gnu2-tls2.c +@@ -0,0 +1,122 @@ ++/* Test TLSDESC relocation. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "tst-gnu2-tls2.h" ++ ++#ifndef IS_SUPPORTED ++# define IS_SUPPORTED() true ++#endif ++ ++/* An architecture can define it to clobber caller-saved registers in ++ malloc below to verify that the implicit TLSDESC call won't change ++ caller-saved registers. */ ++#ifndef PREPARE_MALLOC ++# define PREPARE_MALLOC() ++#endif ++ ++extern void * __libc_malloc (size_t); ++ ++size_t malloc_counter = 0; ++ ++void * ++malloc (size_t n) ++{ ++ PREPARE_MALLOC (); ++ malloc_counter++; ++ return __libc_malloc (n); ++} ++ ++static void *mod[3]; ++#ifndef MOD ++# define MOD(i) "tst-gnu2-tls2mod" #i ".so" ++#endif ++static const char *modname[3] = { MOD(0), MOD(1), MOD(2) }; ++#undef MOD ++ ++static void ++open_mod (int i) ++{ ++ mod[i] = xdlopen (modname[i], RTLD_LAZY); ++ printf ("open %s\n", modname[i]); ++} ++ ++static void ++close_mod (int i) ++{ ++ xdlclose (mod[i]); ++ mod[i] = NULL; ++ printf ("close %s\n", modname[i]); ++} ++ ++static void ++access_mod (int i, const char *sym) ++{ ++ struct tls var = { -1, -1, -1, -1 }; ++ struct tls *(*f) (struct tls *) = xdlsym (mod[i], sym); ++ /* Check that our malloc is called. */ ++ malloc_counter = 0; ++ struct tls *p = f (&var); ++ TEST_VERIFY (malloc_counter != 0); ++ printf ("access %s: %s() = %p\n", modname[i], sym, p); ++ TEST_VERIFY_EXIT (memcmp (p, &var, sizeof (var)) == 0); ++ ++(p->a); ++} ++ ++static void * ++start (void *arg) ++{ ++ /* The DTV generation is at the last dlopen of mod0 and the ++ entry for mod1 is NULL. */ ++ ++ open_mod (1); /* Reuse modid of mod1. Uses dynamic TLS. */ ++ ++ /* Force the slow path in GNU2 TLS descriptor call. */ ++ access_mod (1, "apply_tls"); ++ ++ return arg; ++} ++ ++static int ++do_test (void) ++{ ++ if (!IS_SUPPORTED ()) ++ return EXIT_UNSUPPORTED; ++ ++ open_mod (0); ++ open_mod (1); ++ open_mod (2); ++ close_mod (0); ++ close_mod (1); /* Create modid gap at mod1. */ ++ open_mod (0); /* Reuse modid of mod0, bump generation count. */ ++ ++ /* Create a thread where DTV of mod1 is NULL. */ ++ pthread_t t = xpthread_create (NULL, start, NULL); ++ xpthread_join (t); ++ return 0; ++} ++ ++#include +diff --git a/elf/tst-gnu2-tls2.h b/elf/tst-gnu2-tls2.h +new file mode 100644 +index 0000000000..77964a57a3 +--- /dev/null ++++ b/elf/tst-gnu2-tls2.h +@@ -0,0 +1,36 @@ ++/* Test TLSDESC relocation. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++struct tls ++{ ++ int64_t a, b, c, d; ++}; ++ ++extern struct tls *apply_tls (struct tls *); ++ ++/* An architecture can define them to verify that clobber caller-saved ++ registers aren't changed by the implicit TLSDESC call. */ ++#ifndef BEFORE_TLSDESC_CALL ++# define BEFORE_TLSDESC_CALL() ++#endif ++ ++#ifndef AFTER_TLSDESC_CALL ++# define AFTER_TLSDESC_CALL() ++#endif +diff --git a/elf/tst-gnu2-tls2mod0.c b/elf/tst-gnu2-tls2mod0.c +new file mode 100644 +index 0000000000..45556a0e17 +--- /dev/null ++++ b/elf/tst-gnu2-tls2mod0.c +@@ -0,0 +1,31 @@ ++/* DSO used by tst-gnu2-tls2. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include "tst-gnu2-tls2.h" ++ ++__thread struct tls tls_var0 __attribute__ ((visibility ("hidden"))); ++ ++struct tls * ++apply_tls (struct tls *p) ++{ ++ BEFORE_TLSDESC_CALL (); ++ tls_var0 = *p; ++ struct tls *ret = &tls_var0; ++ AFTER_TLSDESC_CALL (); ++ return ret; ++} +diff --git a/elf/tst-gnu2-tls2mod1.c b/elf/tst-gnu2-tls2mod1.c +new file mode 100644 +index 0000000000..e10b9dbc0a +--- /dev/null ++++ b/elf/tst-gnu2-tls2mod1.c +@@ -0,0 +1,31 @@ ++/* DSO used by tst-gnu2-tls2. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include "tst-gnu2-tls2.h" ++ ++__thread struct tls tls_var1[100] __attribute__ ((visibility ("hidden"))); ++ ++struct tls * ++apply_tls (struct tls *p) ++{ ++ BEFORE_TLSDESC_CALL (); ++ tls_var1[1] = *p; ++ struct tls *ret = &tls_var1[1]; ++ AFTER_TLSDESC_CALL (); ++ return ret; ++} +diff --git a/elf/tst-gnu2-tls2mod2.c b/elf/tst-gnu2-tls2mod2.c +new file mode 100644 +index 0000000000..141af51e55 +--- /dev/null ++++ b/elf/tst-gnu2-tls2mod2.c +@@ -0,0 +1,31 @@ ++/* DSO used by tst-gnu2-tls2. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include "tst-gnu2-tls2.h" ++ ++__thread struct tls tls_var2 __attribute__ ((visibility ("hidden"))); ++ ++struct tls * ++apply_tls (struct tls *p) ++{ ++ BEFORE_TLSDESC_CALL (); ++ tls_var2 = *p; ++ struct tls *ret = &tls_var2; ++ AFTER_TLSDESC_CALL (); ++ return ret; ++} +diff --git a/sysdeps/i386/dl-machine.h b/sysdeps/i386/dl-machine.h +index b21322adc8..a521129d1f 100644 +--- a/sysdeps/i386/dl-machine.h ++++ b/sysdeps/i386/dl-machine.h +@@ -345,7 +345,7 @@ and creates an unsatisfiable circular dependency.\n", + { + td->arg = _dl_make_tlsdesc_dynamic + (sym_map, sym->st_value + (ElfW(Word))td->arg); +- td->entry = _dl_tlsdesc_dynamic; ++ td->entry = GLRO(dl_x86_tlsdesc_dynamic); + } + else + # endif +diff --git a/sysdeps/i386/dl-tlsdesc-dynamic.h b/sysdeps/i386/dl-tlsdesc-dynamic.h +new file mode 100644 +index 0000000000..3627028577 +--- /dev/null ++++ b/sysdeps/i386/dl-tlsdesc-dynamic.h +@@ -0,0 +1,190 @@ ++/* Thread-local storage handling in the ELF dynamic linker. i386 version. ++ Copyright (C) 2004-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#undef REGISTER_SAVE_AREA ++ ++#if !defined USE_FNSAVE && (STATE_SAVE_ALIGNMENT % 16) != 0 ++# error STATE_SAVE_ALIGNMENT must be multiple of 16 ++#endif ++ ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++# ifdef USE_FNSAVE ++# error USE_FNSAVE shouldn't be defined ++# endif ++# ifdef USE_FXSAVE ++/* Use fxsave to save all registers. */ ++# define REGISTER_SAVE_AREA 512 ++# endif ++#else ++# ifdef USE_FNSAVE ++/* Use fnsave to save x87 FPU stack registers. */ ++# define REGISTER_SAVE_AREA 108 ++# else ++# ifndef USE_FXSAVE ++# error USE_FXSAVE must be defined ++# endif ++/* Use fxsave to save all registers. Add 12 bytes to align the stack ++ to 16 bytes. */ ++# define REGISTER_SAVE_AREA (512 + 12) ++# endif ++#endif ++ ++ .hidden _dl_tlsdesc_dynamic ++ .global _dl_tlsdesc_dynamic ++ .type _dl_tlsdesc_dynamic,@function ++ ++ /* This function is used for symbols that need dynamic TLS. ++ ++ %eax points to the TLS descriptor, such that 0(%eax) points to ++ _dl_tlsdesc_dynamic itself, and 4(%eax) points to a struct ++ tlsdesc_dynamic_arg object. It must return in %eax the offset ++ between the thread pointer and the object denoted by the ++ argument, without clobbering any registers. ++ ++ The assembly code that follows is a rendition of the following ++ C code, hand-optimized a little bit. ++ ++ptrdiff_t ++__attribute__ ((__regparm__ (1))) ++_dl_tlsdesc_dynamic (struct tlsdesc *tdp) ++{ ++ struct tlsdesc_dynamic_arg *td = tdp->arg; ++ dtv_t *dtv = *(dtv_t **)((char *)__thread_pointer + DTV_OFFSET); ++ if (__builtin_expect (td->gen_count <= dtv[0].counter ++ && (dtv[td->tlsinfo.ti_module].pointer.val ++ != TLS_DTV_UNALLOCATED), ++ 1)) ++ return dtv[td->tlsinfo.ti_module].pointer.val + td->tlsinfo.ti_offset ++ - __thread_pointer; ++ ++ return ___tls_get_addr (&td->tlsinfo) - __thread_pointer; ++} ++*/ ++ cfi_startproc ++ .align 16 ++_dl_tlsdesc_dynamic: ++ /* Like all TLS resolvers, preserve call-clobbered registers. ++ We need two scratch regs anyway. */ ++ subl $32, %esp ++ cfi_adjust_cfa_offset (32) ++ movl %ecx, 20(%esp) ++ movl %edx, 24(%esp) ++ movl TLSDESC_ARG(%eax), %eax ++ movl %gs:DTV_OFFSET, %edx ++ movl TLSDESC_GEN_COUNT(%eax), %ecx ++ cmpl (%edx), %ecx ++ ja 2f ++ movl TLSDESC_MODID(%eax), %ecx ++ movl (%edx,%ecx,8), %edx ++ cmpl $-1, %edx ++ je 2f ++ movl TLSDESC_MODOFF(%eax), %eax ++ addl %edx, %eax ++1: ++ movl 20(%esp), %ecx ++ subl %gs:0, %eax ++ movl 24(%esp), %edx ++ addl $32, %esp ++ cfi_adjust_cfa_offset (-32) ++ ret ++ .p2align 4,,7 ++2: ++ cfi_adjust_cfa_offset (32) ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++ movl %ebx, -28(%esp) ++ movl %esp, %ebx ++ cfi_def_cfa_register(%ebx) ++ and $-STATE_SAVE_ALIGNMENT, %esp ++#endif ++#ifdef REGISTER_SAVE_AREA ++ subl $REGISTER_SAVE_AREA, %esp ++# if !DL_RUNTIME_RESOLVE_REALIGN_STACK ++ cfi_adjust_cfa_offset(REGISTER_SAVE_AREA) ++# endif ++#else ++# if !DL_RUNTIME_RESOLVE_REALIGN_STACK ++# error DL_RUNTIME_RESOLVE_REALIGN_STACK must be true ++# endif ++ /* Allocate stack space of the required size to save the state. */ ++ LOAD_PIC_REG (cx) ++ subl RTLD_GLOBAL_RO_DL_X86_CPU_FEATURES_OFFSET+XSAVE_STATE_SIZE_OFFSET+_rtld_local_ro@GOTOFF(%ecx), %esp ++#endif ++#ifdef USE_FNSAVE ++ fnsave (%esp) ++#elif defined USE_FXSAVE ++ fxsave (%esp) ++#else ++ /* Save the argument for ___tls_get_addr in EAX. */ ++ movl %eax, %ecx ++ movl $TLSDESC_CALL_STATE_SAVE_MASK, %eax ++ xorl %edx, %edx ++ /* Clear the XSAVE Header. */ ++# ifdef USE_XSAVE ++ movl %edx, (512)(%esp) ++ movl %edx, (512 + 4 * 1)(%esp) ++ movl %edx, (512 + 4 * 2)(%esp) ++ movl %edx, (512 + 4 * 3)(%esp) ++# endif ++ movl %edx, (512 + 4 * 4)(%esp) ++ movl %edx, (512 + 4 * 5)(%esp) ++ movl %edx, (512 + 4 * 6)(%esp) ++ movl %edx, (512 + 4 * 7)(%esp) ++ movl %edx, (512 + 4 * 8)(%esp) ++ movl %edx, (512 + 4 * 9)(%esp) ++ movl %edx, (512 + 4 * 10)(%esp) ++ movl %edx, (512 + 4 * 11)(%esp) ++ movl %edx, (512 + 4 * 12)(%esp) ++ movl %edx, (512 + 4 * 13)(%esp) ++ movl %edx, (512 + 4 * 14)(%esp) ++ movl %edx, (512 + 4 * 15)(%esp) ++# ifdef USE_XSAVE ++ xsave (%esp) ++# else ++ xsavec (%esp) ++# endif ++ /* Restore the argument for ___tls_get_addr in EAX. */ ++ movl %ecx, %eax ++#endif ++ call HIDDEN_JUMPTARGET (___tls_get_addr) ++ /* Get register content back. */ ++#ifdef USE_FNSAVE ++ frstor (%esp) ++#elif defined USE_FXSAVE ++ fxrstor (%esp) ++#else ++ /* Save and retore ___tls_get_addr return value stored in EAX. */ ++ movl %eax, %ecx ++ movl $TLSDESC_CALL_STATE_SAVE_MASK, %eax ++ xorl %edx, %edx ++ xrstor (%esp) ++ movl %ecx, %eax ++#endif ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++ mov %ebx, %esp ++ cfi_def_cfa_register(%esp) ++ movl -28(%esp), %ebx ++ cfi_restore(%ebx) ++#else ++ addl $REGISTER_SAVE_AREA, %esp ++ cfi_adjust_cfa_offset(-REGISTER_SAVE_AREA) ++#endif ++ jmp 1b ++ cfi_endproc ++ .size _dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic ++ ++#undef STATE_SAVE_ALIGNMENT +diff --git a/sysdeps/i386/dl-tlsdesc.S b/sysdeps/i386/dl-tlsdesc.S +index 0574ce714e..725506f58d 100644 +--- a/sysdeps/i386/dl-tlsdesc.S ++++ b/sysdeps/i386/dl-tlsdesc.S +@@ -18,8 +18,27 @@ + + #include + #include ++#include ++#include + #include "tlsdesc.h" + ++#ifndef DL_STACK_ALIGNMENT ++/* Due to GCC bug: ++ ++ https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58066 ++ ++ __tls_get_addr may be called with 4-byte stack alignment. Although ++ this bug has been fixed in GCC 4.9.4, 5.3 and 6, we can't assume ++ that stack will be always aligned at 16 bytes. */ ++# define DL_STACK_ALIGNMENT 4 ++#endif ++ ++/* True if _dl_tlsdesc_dynamic should align stack for STATE_SAVE or align ++ stack to MINIMUM_ALIGNMENT bytes before calling ___tls_get_addr. */ ++#define DL_RUNTIME_RESOLVE_REALIGN_STACK \ ++ (STATE_SAVE_ALIGNMENT > DL_STACK_ALIGNMENT \ ++ || MINIMUM_ALIGNMENT > DL_STACK_ALIGNMENT) ++ + .text + + /* This function is used to compute the TP offset for symbols in +@@ -65,69 +84,35 @@ _dl_tlsdesc_undefweak: + .size _dl_tlsdesc_undefweak, .-_dl_tlsdesc_undefweak + + #ifdef SHARED +- .hidden _dl_tlsdesc_dynamic +- .global _dl_tlsdesc_dynamic +- .type _dl_tlsdesc_dynamic,@function +- +- /* This function is used for symbols that need dynamic TLS. +- +- %eax points to the TLS descriptor, such that 0(%eax) points to +- _dl_tlsdesc_dynamic itself, and 4(%eax) points to a struct +- tlsdesc_dynamic_arg object. It must return in %eax the offset +- between the thread pointer and the object denoted by the +- argument, without clobbering any registers. +- +- The assembly code that follows is a rendition of the following +- C code, hand-optimized a little bit. +- +-ptrdiff_t +-__attribute__ ((__regparm__ (1))) +-_dl_tlsdesc_dynamic (struct tlsdesc *tdp) +-{ +- struct tlsdesc_dynamic_arg *td = tdp->arg; +- dtv_t *dtv = *(dtv_t **)((char *)__thread_pointer + DTV_OFFSET); +- if (__builtin_expect (td->gen_count <= dtv[0].counter +- && (dtv[td->tlsinfo.ti_module].pointer.val +- != TLS_DTV_UNALLOCATED), +- 1)) +- return dtv[td->tlsinfo.ti_module].pointer.val + td->tlsinfo.ti_offset +- - __thread_pointer; +- +- return ___tls_get_addr (&td->tlsinfo) - __thread_pointer; +-} +-*/ +- cfi_startproc +- .align 16 +-_dl_tlsdesc_dynamic: +- /* Like all TLS resolvers, preserve call-clobbered registers. +- We need two scratch regs anyway. */ +- subl $28, %esp +- cfi_adjust_cfa_offset (28) +- movl %ecx, 20(%esp) +- movl %edx, 24(%esp) +- movl TLSDESC_ARG(%eax), %eax +- movl %gs:DTV_OFFSET, %edx +- movl TLSDESC_GEN_COUNT(%eax), %ecx +- cmpl (%edx), %ecx +- ja .Lslow +- movl TLSDESC_MODID(%eax), %ecx +- movl (%edx,%ecx,8), %edx +- cmpl $-1, %edx +- je .Lslow +- movl TLSDESC_MODOFF(%eax), %eax +- addl %edx, %eax +-.Lret: +- movl 20(%esp), %ecx +- subl %gs:0, %eax +- movl 24(%esp), %edx +- addl $28, %esp +- cfi_adjust_cfa_offset (-28) +- ret +- .p2align 4,,7 +-.Lslow: +- cfi_adjust_cfa_offset (28) +- call HIDDEN_JUMPTARGET (___tls_get_addr) +- jmp .Lret +- cfi_endproc +- .size _dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic ++# define USE_FNSAVE ++# define MINIMUM_ALIGNMENT 4 ++# define STATE_SAVE_ALIGNMENT 4 ++# define _dl_tlsdesc_dynamic _dl_tlsdesc_dynamic_fnsave ++# include "dl-tlsdesc-dynamic.h" ++# undef _dl_tlsdesc_dynamic ++# undef MINIMUM_ALIGNMENT ++# undef USE_FNSAVE ++ ++# define MINIMUM_ALIGNMENT 16 ++ ++# define USE_FXSAVE ++# define STATE_SAVE_ALIGNMENT 16 ++# define _dl_tlsdesc_dynamic _dl_tlsdesc_dynamic_fxsave ++# include "dl-tlsdesc-dynamic.h" ++# undef _dl_tlsdesc_dynamic ++# undef USE_FXSAVE ++ ++# define USE_XSAVE ++# define STATE_SAVE_ALIGNMENT 64 ++# define _dl_tlsdesc_dynamic _dl_tlsdesc_dynamic_xsave ++# include "dl-tlsdesc-dynamic.h" ++# undef _dl_tlsdesc_dynamic ++# undef USE_XSAVE ++ ++# define USE_XSAVEC ++# define STATE_SAVE_ALIGNMENT 64 ++# define _dl_tlsdesc_dynamic _dl_tlsdesc_dynamic_xsavec ++# include "dl-tlsdesc-dynamic.h" ++# undef _dl_tlsdesc_dynamic ++# undef USE_XSAVEC + #endif /* SHARED */ +diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile +index c1b6220992..f1f00825a6 100644 +--- a/sysdeps/x86/Makefile ++++ b/sysdeps/x86/Makefile +@@ -1,5 +1,5 @@ + ifeq ($(subdir),csu) +-gen-as-const-headers += cpu-features-offsets.sym ++gen-as-const-headers += cpu-features-offsets.sym features-offsets.sym + endif + + ifeq ($(subdir),elf) +@@ -84,6 +84,11 @@ $(objpfx)tst-isa-level-1.out: $(objpfx)tst-isa-level-mod-1-baseline.so \ + endif + tst-ifunc-isa-2-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-SSE4_2,-AVX,-AVX2,-AVX512F + tst-ifunc-isa-2-static-ENV = $(tst-ifunc-isa-2-ENV) ++ ++CFLAGS-tst-gnu2-tls2.c += -msse ++CFLAGS-tst-gnu2-tls2mod0.c += -msse2 -mtune=haswell ++CFLAGS-tst-gnu2-tls2mod1.c += -msse2 -mtune=haswell ++CFLAGS-tst-gnu2-tls2mod2.c += -msse2 -mtune=haswell + endif + + ifeq ($(subdir),math) +diff --git a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c +index 87845e9fe8..769350814d 100644 +--- a/sysdeps/x86/cpu-features.c ++++ b/sysdeps/x86/cpu-features.c +@@ -27,6 +27,22 @@ + extern void TUNABLE_CALLBACK (set_hwcaps) (tunable_val_t *) + attribute_hidden; + ++#if defined SHARED ++extern void _dl_tlsdesc_dynamic_fxsave (void) attribute_hidden; ++extern void _dl_tlsdesc_dynamic_xsave (void) attribute_hidden; ++extern void _dl_tlsdesc_dynamic_xsavec (void) attribute_hidden; ++ ++# ifndef __x86_64__ ++extern void _dl_tlsdesc_dynamic_fnsave (void) attribute_hidden; ++# endif ++#endif ++ ++#ifdef __x86_64__ ++extern void _dl_runtime_resolve_fxsave (void) attribute_hidden; ++extern void _dl_runtime_resolve_xsave (void) attribute_hidden; ++extern void _dl_runtime_resolve_xsavec (void) attribute_hidden; ++#endif ++ + #ifdef __LP64__ + static void + TUNABLE_CALLBACK (set_prefer_map_32bit_exec) (tunable_val_t *valp) +@@ -1083,6 +1099,44 @@ no_cpuid: + TUNABLE_CALLBACK (set_x86_shstk)); + #endif + ++ if (GLRO(dl_x86_cpu_features).xsave_state_size != 0) ++ { ++ if (CPU_FEATURE_USABLE_P (cpu_features, XSAVEC)) ++ { ++#ifdef __x86_64__ ++ GLRO(dl_x86_64_runtime_resolve) = _dl_runtime_resolve_xsavec; ++#endif ++#ifdef SHARED ++ GLRO(dl_x86_tlsdesc_dynamic) = _dl_tlsdesc_dynamic_xsavec; ++#endif ++ } ++ else ++ { ++#ifdef __x86_64__ ++ GLRO(dl_x86_64_runtime_resolve) = _dl_runtime_resolve_xsave; ++#endif ++#ifdef SHARED ++ GLRO(dl_x86_tlsdesc_dynamic) = _dl_tlsdesc_dynamic_xsave; ++#endif ++ } ++ } ++ else ++ { ++#ifdef __x86_64__ ++ GLRO(dl_x86_64_runtime_resolve) = _dl_runtime_resolve_fxsave; ++# ifdef SHARED ++ GLRO(dl_x86_tlsdesc_dynamic) = _dl_tlsdesc_dynamic_fxsave; ++# endif ++#else ++# ifdef SHARED ++ if (CPU_FEATURE_USABLE_P (cpu_features, FXSR)) ++ GLRO(dl_x86_tlsdesc_dynamic) = _dl_tlsdesc_dynamic_fxsave; ++ else ++ GLRO(dl_x86_tlsdesc_dynamic) = _dl_tlsdesc_dynamic_fnsave; ++# endif ++#endif ++ } ++ + #ifndef SHARED + /* NB: In libc.a, call init_cacheinfo. */ + init_cacheinfo (); +diff --git a/sysdeps/x86/dl-procinfo.c b/sysdeps/x86/dl-procinfo.c +index fef4a9f41e..c0dd06ceed 100644 +--- a/sysdeps/x86/dl-procinfo.c ++++ b/sysdeps/x86/dl-procinfo.c +@@ -86,3 +86,19 @@ PROCINFO_CLASS const char _dl_x86_platforms[4][9] + #else + , + #endif ++ ++#if defined SHARED && !IS_IN (ldconfig) ++# if !defined PROCINFO_DECL ++ ._dl_x86_tlsdesc_dynamic ++# else ++PROCINFO_CLASS void * _dl_x86_tlsdesc_dynamic ++# endif ++# ifndef PROCINFO_DECL ++= NULL ++# endif ++# ifdef PROCINFO_DECL ++; ++# else ++, ++# endif ++#endif +diff --git a/sysdeps/x86_64/features-offsets.sym b/sysdeps/x86/features-offsets.sym +similarity index 89% +rename from sysdeps/x86_64/features-offsets.sym +rename to sysdeps/x86/features-offsets.sym +index 9e4be3393a..77e990c705 100644 +--- a/sysdeps/x86_64/features-offsets.sym ++++ b/sysdeps/x86/features-offsets.sym +@@ -3,4 +3,6 @@ + #include + + RTLD_GLOBAL_RO_DL_X86_CPU_FEATURES_OFFSET offsetof (struct rtld_global_ro, _dl_x86_cpu_features) ++#ifdef __x86_64__ + RTLD_GLOBAL_DL_X86_FEATURE_1_OFFSET offsetof (struct rtld_global, _dl_x86_feature_1) ++#endif +diff --git a/sysdeps/x86/sysdep.h b/sysdeps/x86/sysdep.h +index 4e1dd96d4b..9c41b5bbfb 100644 +--- a/sysdeps/x86/sysdep.h ++++ b/sysdeps/x86/sysdep.h +@@ -70,6 +70,12 @@ + | (1 << X86_XSTATE_ZMM_H_ID)) + #endif + ++/* States which should be saved for TLSDESC_CALL and TLS_DESC_CALL. ++ Compiler assumes that all registers, including x87 FPU stack registers, ++ are unchanged after CALL, except for EFLAGS and RAX/EAX. */ ++#define TLSDESC_CALL_STATE_SAVE_MASK \ ++ (STATE_SAVE_MASK | (1 << X86_XSTATE_X87_ID)) ++ + /* Constants for bits in __x86_string_control: */ + + /* Avoid short distance REP MOVSB. */ +diff --git a/sysdeps/x86/tst-gnu2-tls2.c b/sysdeps/x86/tst-gnu2-tls2.c +new file mode 100644 +index 0000000000..de900a423b +--- /dev/null ++++ b/sysdeps/x86/tst-gnu2-tls2.c +@@ -0,0 +1,20 @@ ++#ifndef __x86_64__ ++#include ++ ++#define IS_SUPPORTED() CPU_FEATURE_ACTIVE (SSE2) ++#endif ++ ++/* Clear XMM0...XMM7 */ ++#define PREPARE_MALLOC() \ ++{ \ ++ asm volatile ("xorps %%xmm0, %%xmm0" : : : "xmm0" ); \ ++ asm volatile ("xorps %%xmm1, %%xmm1" : : : "xmm1" ); \ ++ asm volatile ("xorps %%xmm2, %%xmm2" : : : "xmm2" ); \ ++ asm volatile ("xorps %%xmm3, %%xmm3" : : : "xmm3" ); \ ++ asm volatile ("xorps %%xmm4, %%xmm4" : : : "xmm4" ); \ ++ asm volatile ("xorps %%xmm5, %%xmm5" : : : "xmm5" ); \ ++ asm volatile ("xorps %%xmm6, %%xmm6" : : : "xmm6" ); \ ++ asm volatile ("xorps %%xmm7, %%xmm7" : : : "xmm7" ); \ ++} ++ ++#include +diff --git a/sysdeps/x86_64/Makefile b/sysdeps/x86_64/Makefile +index a3b0440aa7..36be2f6d56 100644 +--- a/sysdeps/x86_64/Makefile ++++ b/sysdeps/x86_64/Makefile +@@ -2,7 +2,7 @@ + long-double-fcts = yes + + ifeq ($(subdir),csu) +-gen-as-const-headers += features-offsets.sym link-defines.sym ++gen-as-const-headers += link-defines.sym + endif + + ifeq ($(subdir),gmon) +diff --git a/sysdeps/x86_64/dl-machine.h b/sysdeps/x86_64/dl-machine.h +index d35022c45f..f22f9abb82 100644 +--- a/sysdeps/x86_64/dl-machine.h ++++ b/sysdeps/x86_64/dl-machine.h +@@ -67,9 +67,6 @@ elf_machine_runtime_setup (struct link_map *l, struct r_scope_elem *scope[], + int lazy, int profile) + { + Elf64_Addr *got; +- extern void _dl_runtime_resolve_fxsave (ElfW(Word)) attribute_hidden; +- extern void _dl_runtime_resolve_xsave (ElfW(Word)) attribute_hidden; +- extern void _dl_runtime_resolve_xsavec (ElfW(Word)) attribute_hidden; + extern void _dl_runtime_profile_sse (ElfW(Word)) attribute_hidden; + extern void _dl_runtime_profile_avx (ElfW(Word)) attribute_hidden; + extern void _dl_runtime_profile_avx512 (ElfW(Word)) attribute_hidden; +@@ -120,15 +117,8 @@ elf_machine_runtime_setup (struct link_map *l, struct r_scope_elem *scope[], + /* This function will get called to fix up the GOT entry + indicated by the offset on the stack, and then jump to + the resolved address. */ +- if (MINIMUM_X86_ISA_LEVEL >= AVX_X86_ISA_LEVEL +- || GLRO(dl_x86_cpu_features).xsave_state_size != 0) +- *(ElfW(Addr) *) (got + 2) +- = (CPU_FEATURE_USABLE_P (cpu_features, XSAVEC) +- ? (ElfW(Addr)) &_dl_runtime_resolve_xsavec +- : (ElfW(Addr)) &_dl_runtime_resolve_xsave); +- else +- *(ElfW(Addr) *) (got + 2) +- = (ElfW(Addr)) &_dl_runtime_resolve_fxsave; ++ *(ElfW(Addr) *) (got + 2) ++ = (ElfW(Addr)) GLRO(dl_x86_64_runtime_resolve); + } + } + +@@ -380,7 +370,7 @@ and creates an unsatisfiable circular dependency.\n", + { + td->arg = _dl_make_tlsdesc_dynamic + (sym_map, sym->st_value + reloc->r_addend); +- td->entry = _dl_tlsdesc_dynamic; ++ td->entry = GLRO(dl_x86_tlsdesc_dynamic); + } + else + # endif +diff --git a/sysdeps/x86_64/dl-procinfo.c b/sysdeps/x86_64/dl-procinfo.c +index e15fb52e19..85d0dc3d09 100644 +--- a/sysdeps/x86_64/dl-procinfo.c ++++ b/sysdeps/x86_64/dl-procinfo.c +@@ -41,5 +41,21 @@ + + #include + ++#if !IS_IN (ldconfig) ++# if !defined PROCINFO_DECL && defined SHARED ++ ._dl_x86_64_runtime_resolve ++# else ++PROCINFO_CLASS void * _dl_x86_64_runtime_resolve ++# endif ++# ifndef PROCINFO_DECL ++= NULL ++# endif ++# if !defined SHARED || defined PROCINFO_DECL ++; ++# else ++, ++# endif ++#endif ++ + #undef PROCINFO_DECL + #undef PROCINFO_CLASS +diff --git a/sysdeps/x86_64/dl-tlsdesc-dynamic.h b/sysdeps/x86_64/dl-tlsdesc-dynamic.h +new file mode 100644 +index 0000000000..0c2e8d5320 +--- /dev/null ++++ b/sysdeps/x86_64/dl-tlsdesc-dynamic.h +@@ -0,0 +1,166 @@ ++/* Thread-local storage handling in the ELF dynamic linker. x86_64 version. ++ Copyright (C) 2004-2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#ifndef SECTION ++# define SECTION(p) p ++#endif ++ ++#undef REGISTER_SAVE_AREA ++#undef LOCAL_STORAGE_AREA ++#undef BASE ++ ++#include "dl-trampoline-state.h" ++ ++ .section SECTION(.text),"ax",@progbits ++ ++ .hidden _dl_tlsdesc_dynamic ++ .global _dl_tlsdesc_dynamic ++ .type _dl_tlsdesc_dynamic,@function ++ ++ /* %rax points to the TLS descriptor, such that 0(%rax) points to ++ _dl_tlsdesc_dynamic itself, and 8(%rax) points to a struct ++ tlsdesc_dynamic_arg object. It must return in %rax the offset ++ between the thread pointer and the object denoted by the ++ argument, without clobbering any registers. ++ ++ The assembly code that follows is a rendition of the following ++ C code, hand-optimized a little bit. ++ ++ptrdiff_t ++_dl_tlsdesc_dynamic (register struct tlsdesc *tdp asm ("%rax")) ++{ ++ struct tlsdesc_dynamic_arg *td = tdp->arg; ++ dtv_t *dtv = *(dtv_t **)((char *)__thread_pointer + DTV_OFFSET); ++ if (__builtin_expect (td->gen_count <= dtv[0].counter ++ && (dtv[td->tlsinfo.ti_module].pointer.val ++ != TLS_DTV_UNALLOCATED), ++ 1)) ++ return dtv[td->tlsinfo.ti_module].pointer.val + td->tlsinfo.ti_offset ++ - __thread_pointer; ++ ++ return __tls_get_addr_internal (&td->tlsinfo) - __thread_pointer; ++} ++*/ ++ cfi_startproc ++ .align 16 ++_dl_tlsdesc_dynamic: ++ _CET_ENDBR ++ /* Preserve call-clobbered registers that we modify. ++ We need two scratch regs anyway. */ ++ movq %rsi, -16(%rsp) ++ mov %fs:DTV_OFFSET, %RSI_LP ++ movq %rdi, -8(%rsp) ++ movq TLSDESC_ARG(%rax), %rdi ++ movq (%rsi), %rax ++ cmpq %rax, TLSDESC_GEN_COUNT(%rdi) ++ ja 2f ++ movq TLSDESC_MODID(%rdi), %rax ++ salq $4, %rax ++ movq (%rax,%rsi), %rax ++ cmpq $-1, %rax ++ je 2f ++ addq TLSDESC_MODOFF(%rdi), %rax ++1: ++ movq -16(%rsp), %rsi ++ sub %fs:0, %RAX_LP ++ movq -8(%rsp), %rdi ++ ret ++2: ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++ movq %rbx, -24(%rsp) ++ mov %RSP_LP, %RBX_LP ++ cfi_def_cfa_register(%rbx) ++ and $-STATE_SAVE_ALIGNMENT, %RSP_LP ++#endif ++#ifdef REGISTER_SAVE_AREA ++# if DL_RUNTIME_RESOLVE_REALIGN_STACK ++ /* STATE_SAVE_OFFSET has space for 8 integer registers. But we ++ need space for RCX, RDX, RSI, RDI, R8, R9, R10 and R11, plus ++ RBX above. */ ++ sub $(REGISTER_SAVE_AREA + STATE_SAVE_ALIGNMENT), %RSP_LP ++# else ++ sub $REGISTER_SAVE_AREA, %RSP_LP ++ cfi_adjust_cfa_offset(REGISTER_SAVE_AREA) ++# endif ++#else ++ /* Allocate stack space of the required size to save the state. */ ++ sub _rtld_local_ro+RTLD_GLOBAL_RO_DL_X86_CPU_FEATURES_OFFSET+XSAVE_STATE_SIZE_OFFSET(%rip), %RSP_LP ++#endif ++ /* Besides rdi and rsi, saved above, save rcx, rdx, r8, r9, ++ r10 and r11. */ ++ movq %rcx, REGISTER_SAVE_RCX(%rsp) ++ movq %rdx, REGISTER_SAVE_RDX(%rsp) ++ movq %r8, REGISTER_SAVE_R8(%rsp) ++ movq %r9, REGISTER_SAVE_R9(%rsp) ++ movq %r10, REGISTER_SAVE_R10(%rsp) ++ movq %r11, REGISTER_SAVE_R11(%rsp) ++#ifdef USE_FXSAVE ++ fxsave STATE_SAVE_OFFSET(%rsp) ++#else ++ movl $TLSDESC_CALL_STATE_SAVE_MASK, %eax ++ xorl %edx, %edx ++ /* Clear the XSAVE Header. */ ++# ifdef USE_XSAVE ++ movq %rdx, (STATE_SAVE_OFFSET + 512)(%rsp) ++ movq %rdx, (STATE_SAVE_OFFSET + 512 + 8)(%rsp) ++# endif ++ movq %rdx, (STATE_SAVE_OFFSET + 512 + 8 * 2)(%rsp) ++ movq %rdx, (STATE_SAVE_OFFSET + 512 + 8 * 3)(%rsp) ++ movq %rdx, (STATE_SAVE_OFFSET + 512 + 8 * 4)(%rsp) ++ movq %rdx, (STATE_SAVE_OFFSET + 512 + 8 * 5)(%rsp) ++ movq %rdx, (STATE_SAVE_OFFSET + 512 + 8 * 6)(%rsp) ++ movq %rdx, (STATE_SAVE_OFFSET + 512 + 8 * 7)(%rsp) ++# ifdef USE_XSAVE ++ xsave STATE_SAVE_OFFSET(%rsp) ++# else ++ xsavec STATE_SAVE_OFFSET(%rsp) ++# endif ++#endif ++ /* %rdi already points to the tlsinfo data structure. */ ++ call HIDDEN_JUMPTARGET (__tls_get_addr) ++ # Get register content back. ++#ifdef USE_FXSAVE ++ fxrstor STATE_SAVE_OFFSET(%rsp) ++#else ++ /* Save and retore __tls_get_addr return value stored in RAX. */ ++ mov %RAX_LP, %RCX_LP ++ movl $TLSDESC_CALL_STATE_SAVE_MASK, %eax ++ xorl %edx, %edx ++ xrstor STATE_SAVE_OFFSET(%rsp) ++ mov %RCX_LP, %RAX_LP ++#endif ++ movq REGISTER_SAVE_R11(%rsp), %r11 ++ movq REGISTER_SAVE_R10(%rsp), %r10 ++ movq REGISTER_SAVE_R9(%rsp), %r9 ++ movq REGISTER_SAVE_R8(%rsp), %r8 ++ movq REGISTER_SAVE_RDX(%rsp), %rdx ++ movq REGISTER_SAVE_RCX(%rsp), %rcx ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++ mov %RBX_LP, %RSP_LP ++ cfi_def_cfa_register(%rsp) ++ movq -24(%rsp), %rbx ++ cfi_restore(%rbx) ++#else ++ add $REGISTER_SAVE_AREA, %RSP_LP ++ cfi_adjust_cfa_offset(-REGISTER_SAVE_AREA) ++#endif ++ jmp 1b ++ cfi_endproc ++ .size _dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic ++ ++#undef STATE_SAVE_ALIGNMENT +diff --git a/sysdeps/x86_64/dl-tlsdesc.S b/sysdeps/x86_64/dl-tlsdesc.S +index 4579424bf7..6f97128187 100644 +--- a/sysdeps/x86_64/dl-tlsdesc.S ++++ b/sysdeps/x86_64/dl-tlsdesc.S +@@ -18,7 +18,19 @@ + + #include + #include ++#include ++#include + #include "tlsdesc.h" ++#include "dl-trampoline-save.h" ++ ++/* Area on stack to save and restore registers used for parameter ++ passing when calling _dl_tlsdesc_dynamic. */ ++#define REGISTER_SAVE_RCX 0 ++#define REGISTER_SAVE_RDX (REGISTER_SAVE_RCX + 8) ++#define REGISTER_SAVE_R8 (REGISTER_SAVE_RDX + 8) ++#define REGISTER_SAVE_R9 (REGISTER_SAVE_R8 + 8) ++#define REGISTER_SAVE_R10 (REGISTER_SAVE_R9 + 8) ++#define REGISTER_SAVE_R11 (REGISTER_SAVE_R10 + 8) + + .text + +@@ -67,80 +79,24 @@ _dl_tlsdesc_undefweak: + .size _dl_tlsdesc_undefweak, .-_dl_tlsdesc_undefweak + + #ifdef SHARED +- .hidden _dl_tlsdesc_dynamic +- .global _dl_tlsdesc_dynamic +- .type _dl_tlsdesc_dynamic,@function +- +- /* %rax points to the TLS descriptor, such that 0(%rax) points to +- _dl_tlsdesc_dynamic itself, and 8(%rax) points to a struct +- tlsdesc_dynamic_arg object. It must return in %rax the offset +- between the thread pointer and the object denoted by the +- argument, without clobbering any registers. +- +- The assembly code that follows is a rendition of the following +- C code, hand-optimized a little bit. +- +-ptrdiff_t +-_dl_tlsdesc_dynamic (register struct tlsdesc *tdp asm ("%rax")) +-{ +- struct tlsdesc_dynamic_arg *td = tdp->arg; +- dtv_t *dtv = *(dtv_t **)((char *)__thread_pointer + DTV_OFFSET); +- if (__builtin_expect (td->gen_count <= dtv[0].counter +- && (dtv[td->tlsinfo.ti_module].pointer.val +- != TLS_DTV_UNALLOCATED), +- 1)) +- return dtv[td->tlsinfo.ti_module].pointer.val + td->tlsinfo.ti_offset +- - __thread_pointer; +- +- return __tls_get_addr_internal (&td->tlsinfo) - __thread_pointer; +-} +-*/ +- cfi_startproc +- .align 16 +-_dl_tlsdesc_dynamic: +- _CET_ENDBR +- /* Preserve call-clobbered registers that we modify. +- We need two scratch regs anyway. */ +- movq %rsi, -16(%rsp) +- mov %fs:DTV_OFFSET, %RSI_LP +- movq %rdi, -8(%rsp) +- movq TLSDESC_ARG(%rax), %rdi +- movq (%rsi), %rax +- cmpq %rax, TLSDESC_GEN_COUNT(%rdi) +- ja .Lslow +- movq TLSDESC_MODID(%rdi), %rax +- salq $4, %rax +- movq (%rax,%rsi), %rax +- cmpq $-1, %rax +- je .Lslow +- addq TLSDESC_MODOFF(%rdi), %rax +-.Lret: +- movq -16(%rsp), %rsi +- sub %fs:0, %RAX_LP +- movq -8(%rsp), %rdi +- ret +-.Lslow: +- /* Besides rdi and rsi, saved above, save rdx, rcx, r8, r9, +- r10 and r11. Also, align the stack, that's off by 8 bytes. */ +- subq $72, %rsp +- cfi_adjust_cfa_offset (72) +- movq %rdx, 8(%rsp) +- movq %rcx, 16(%rsp) +- movq %r8, 24(%rsp) +- movq %r9, 32(%rsp) +- movq %r10, 40(%rsp) +- movq %r11, 48(%rsp) +- /* %rdi already points to the tlsinfo data structure. */ +- call HIDDEN_JUMPTARGET (__tls_get_addr) +- movq 8(%rsp), %rdx +- movq 16(%rsp), %rcx +- movq 24(%rsp), %r8 +- movq 32(%rsp), %r9 +- movq 40(%rsp), %r10 +- movq 48(%rsp), %r11 +- addq $72, %rsp +- cfi_adjust_cfa_offset (-72) +- jmp .Lret +- cfi_endproc +- .size _dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic ++# define USE_FXSAVE ++# define STATE_SAVE_ALIGNMENT 16 ++# define _dl_tlsdesc_dynamic _dl_tlsdesc_dynamic_fxsave ++# include "dl-tlsdesc-dynamic.h" ++# undef _dl_tlsdesc_dynamic ++# undef USE_FXSAVE ++ ++# define USE_XSAVE ++# define STATE_SAVE_ALIGNMENT 64 ++# define _dl_tlsdesc_dynamic _dl_tlsdesc_dynamic_xsave ++# include "dl-tlsdesc-dynamic.h" ++# undef _dl_tlsdesc_dynamic ++# undef USE_XSAVE ++ ++# define USE_XSAVEC ++# define STATE_SAVE_ALIGNMENT 64 ++# define _dl_tlsdesc_dynamic _dl_tlsdesc_dynamic_xsavec ++# include "dl-tlsdesc-dynamic.h" ++# undef _dl_tlsdesc_dynamic ++# undef USE_XSAVEC + #endif /* SHARED */ +diff --git a/sysdeps/x86_64/dl-trampoline-save.h b/sysdeps/x86_64/dl-trampoline-save.h +new file mode 100644 +index 0000000000..84eac4a8ac +--- /dev/null ++++ b/sysdeps/x86_64/dl-trampoline-save.h +@@ -0,0 +1,34 @@ ++/* x86-64 PLT trampoline register save macros. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#ifndef DL_STACK_ALIGNMENT ++/* Due to GCC bug: ++ ++ https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58066 ++ ++ __tls_get_addr may be called with 8-byte stack alignment. Although ++ this bug has been fixed in GCC 4.9.4, 5.3 and 6, we can't assume ++ that stack will be always aligned at 16 bytes. */ ++# define DL_STACK_ALIGNMENT 8 ++#endif ++ ++/* True if _dl_runtime_resolve should align stack for STATE_SAVE or align ++ stack to 16 bytes before calling _dl_fixup. */ ++#define DL_RUNTIME_RESOLVE_REALIGN_STACK \ ++ (STATE_SAVE_ALIGNMENT > DL_STACK_ALIGNMENT \ ++ || 16 > DL_STACK_ALIGNMENT) +diff --git a/sysdeps/x86_64/dl-trampoline-state.h b/sysdeps/x86_64/dl-trampoline-state.h +new file mode 100644 +index 0000000000..575f120797 +--- /dev/null ++++ b/sysdeps/x86_64/dl-trampoline-state.h +@@ -0,0 +1,51 @@ ++/* x86-64 PLT dl-trampoline state macros. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#if (STATE_SAVE_ALIGNMENT % 16) != 0 ++# error STATE_SAVE_ALIGNMENT must be multiple of 16 ++#endif ++ ++#if (STATE_SAVE_OFFSET % STATE_SAVE_ALIGNMENT) != 0 ++# error STATE_SAVE_OFFSET must be multiple of STATE_SAVE_ALIGNMENT ++#endif ++ ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++/* Local stack area before jumping to function address: RBX. */ ++# define LOCAL_STORAGE_AREA 8 ++# define BASE rbx ++# ifdef USE_FXSAVE ++/* Use fxsave to save XMM registers. */ ++# define REGISTER_SAVE_AREA (512 + STATE_SAVE_OFFSET) ++# if (REGISTER_SAVE_AREA % 16) != 0 ++# error REGISTER_SAVE_AREA must be multiple of 16 ++# endif ++# endif ++#else ++# ifndef USE_FXSAVE ++# error USE_FXSAVE must be defined ++# endif ++/* Use fxsave to save XMM registers. */ ++# define REGISTER_SAVE_AREA (512 + STATE_SAVE_OFFSET + 8) ++/* Local stack area before jumping to function address: All saved ++ registers. */ ++# define LOCAL_STORAGE_AREA REGISTER_SAVE_AREA ++# define BASE rsp ++# if (REGISTER_SAVE_AREA % 16) != 8 ++# error REGISTER_SAVE_AREA must be odd multiple of 8 ++# endif ++#endif +diff --git a/sysdeps/x86_64/dl-trampoline.S b/sysdeps/x86_64/dl-trampoline.S +index 3c18500690..e84d6ffcb3 100644 +--- a/sysdeps/x86_64/dl-trampoline.S ++++ b/sysdeps/x86_64/dl-trampoline.S +@@ -22,25 +22,7 @@ + #include + #include + #include +- +-#ifndef DL_STACK_ALIGNMENT +-/* Due to GCC bug: +- +- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58066 +- +- __tls_get_addr may be called with 8-byte stack alignment. Although +- this bug has been fixed in GCC 4.9.4, 5.3 and 6, we can't assume +- that stack will be always aligned at 16 bytes. We use unaligned +- 16-byte move to load and store SSE registers, which has no penalty +- on modern processors if stack is 16-byte aligned. */ +-# define DL_STACK_ALIGNMENT 8 +-#endif +- +-/* True if _dl_runtime_resolve should align stack for STATE_SAVE or align +- stack to 16 bytes before calling _dl_fixup. */ +-#define DL_RUNTIME_RESOLVE_REALIGN_STACK \ +- (STATE_SAVE_ALIGNMENT > DL_STACK_ALIGNMENT \ +- || 16 > DL_STACK_ALIGNMENT) ++#include "dl-trampoline-save.h" + + /* Area on stack to save and restore registers used for parameter + passing when calling _dl_fixup. */ +diff --git a/sysdeps/x86_64/dl-trampoline.h b/sysdeps/x86_64/dl-trampoline.h +index 70ba6ec6f5..8a424f8f64 100644 +--- a/sysdeps/x86_64/dl-trampoline.h ++++ b/sysdeps/x86_64/dl-trampoline.h +@@ -27,39 +27,7 @@ + # undef LOCAL_STORAGE_AREA + # undef BASE + +-# if (STATE_SAVE_ALIGNMENT % 16) != 0 +-# error STATE_SAVE_ALIGNMENT must be multiple of 16 +-# endif +- +-# if (STATE_SAVE_OFFSET % STATE_SAVE_ALIGNMENT) != 0 +-# error STATE_SAVE_OFFSET must be multiple of STATE_SAVE_ALIGNMENT +-# endif +- +-# if DL_RUNTIME_RESOLVE_REALIGN_STACK +-/* Local stack area before jumping to function address: RBX. */ +-# define LOCAL_STORAGE_AREA 8 +-# define BASE rbx +-# ifdef USE_FXSAVE +-/* Use fxsave to save XMM registers. */ +-# define REGISTER_SAVE_AREA (512 + STATE_SAVE_OFFSET) +-# if (REGISTER_SAVE_AREA % 16) != 0 +-# error REGISTER_SAVE_AREA must be multiple of 16 +-# endif +-# endif +-# else +-# ifndef USE_FXSAVE +-# error USE_FXSAVE must be defined +-# endif +-/* Use fxsave to save XMM registers. */ +-# define REGISTER_SAVE_AREA (512 + STATE_SAVE_OFFSET + 8) +-/* Local stack area before jumping to function address: All saved +- registers. */ +-# define LOCAL_STORAGE_AREA REGISTER_SAVE_AREA +-# define BASE rsp +-# if (REGISTER_SAVE_AREA % 16) != 8 +-# error REGISTER_SAVE_AREA must be odd multiple of 8 +-# endif +-# endif ++# include "dl-trampoline-state.h" + + .globl _dl_runtime_resolve + .hidden _dl_runtime_resolve +-- +2.27.0 + diff --git a/AArch64-Add-SVE-memset.patch b/AArch64-Add-SVE-memset.patch new file mode 100644 index 0000000..502acd4 --- /dev/null +++ b/AArch64-Add-SVE-memset.patch @@ -0,0 +1,200 @@ +From 52c2b1556f773d9a75d030160e0e273a5ea84502 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Tue, 24 Dec 2024 18:01:59 +0000 +Subject: [PATCH] AArch64: Add SVE memset + +Add SVE memset based on the generic memset with predicated load for sizes < 16. +Unaligned memsets of 128-1024 are improved by ~20% on average by using aligned +stores for the last 64 bytes. Performance of random memset benchmark improves +by ~2% on Neoverse V1. + +Reviewed-by: Yury Khrustalev +(cherry picked from commit 163b1bbb76caba4d9673c07940c5930a1afa7548) +--- + sysdeps/aarch64/multiarch/Makefile | 1 + + sysdeps/aarch64/multiarch/ifunc-impl-list.c | 3 +- + sysdeps/aarch64/multiarch/memset.c | 4 + + sysdeps/aarch64/multiarch/memset_sve_zva64.S | 123 +++++++++++++++++++ + 4 files changed, 130 insertions(+), 1 deletion(-) + create mode 100644 sysdeps/aarch64/multiarch/memset_sve_zva64.S + +diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile +index e4720b7468..214b6137b0 100644 +--- a/sysdeps/aarch64/multiarch/Makefile ++++ b/sysdeps/aarch64/multiarch/Makefile +@@ -14,6 +14,7 @@ sysdep_routines += \ + memset_generic \ + memset_kunpeng \ + memset_mops \ ++ memset_sve_zva64 \ + memset_zva64 \ + strlen_asimd \ + strlen_generic \ +diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +index 73038ac810..2fa6baa319 100644 +--- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +@@ -56,7 +56,8 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL_ADD (array, i, memset, 1, __memset_emag) + IFUNC_IMPL_ADD (array, i, memset, 1, __memset_kunpeng) + #if HAVE_AARCH64_SVE_ASM +- IFUNC_IMPL_ADD (array, i, memset, sve && zva_size == 256, __memset_a64fx) ++ IFUNC_IMPL_ADD (array, i, memset, sve && !bti && zva_size == 256, __memset_a64fx) ++ IFUNC_IMPL_ADD (array, i, memset, sve && zva_size == 64, __memset_sve_zva64) + #endif + IFUNC_IMPL_ADD (array, i, memset, mops, __memset_mops) + IFUNC_IMPL_ADD (array, i, memset, 1, __memset_generic)) +diff --git a/sysdeps/aarch64/multiarch/memset.c b/sysdeps/aarch64/multiarch/memset.c +index 6deb6865e5..89fde57f42 100644 +--- a/sysdeps/aarch64/multiarch/memset.c ++++ b/sysdeps/aarch64/multiarch/memset.c +@@ -34,6 +34,7 @@ extern __typeof (__redirect_memset) __memset_kunpeng attribute_hidden; + extern __typeof (__redirect_memset) __memset_a64fx attribute_hidden; + extern __typeof (__redirect_memset) __memset_generic attribute_hidden; + extern __typeof (__redirect_memset) __memset_mops attribute_hidden; ++extern __typeof (__redirect_memset) __memset_sve_zva64 attribute_hidden; + + static inline __typeof (__redirect_memset) * + select_memset_ifunc (void) +@@ -47,6 +48,9 @@ select_memset_ifunc (void) + { + if (IS_A64FX (midr) && zva_size == 256) + return __memset_a64fx; ++ ++ if (zva_size == 64) ++ return __memset_sve_zva64; + } + + if (IS_KUNPENG920 (midr)) +diff --git a/sysdeps/aarch64/multiarch/memset_sve_zva64.S b/sysdeps/aarch64/multiarch/memset_sve_zva64.S +new file mode 100644 +index 0000000000..7fb40fdd9e +--- /dev/null ++++ b/sysdeps/aarch64/multiarch/memset_sve_zva64.S +@@ -0,0 +1,123 @@ ++/* Optimized memset for SVE. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#include ++ ++/* Assumptions: ++ * ++ * ARMv8-a, AArch64, Advanced SIMD, SVE, unaligned accesses. ++ * ZVA size is 64. ++ */ ++ ++#if HAVE_AARCH64_SVE_ASM ++ ++.arch armv8.2-a+sve ++ ++#define dstin x0 ++#define val x1 ++#define valw w1 ++#define count x2 ++#define dst x3 ++#define dstend x4 ++#define zva_val x5 ++#define vlen x5 ++#define off x3 ++#define dstend2 x5 ++ ++ENTRY (__memset_sve_zva64) ++ dup v0.16B, valw ++ cmp count, 16 ++ b.lo L(set_16) ++ ++ add dstend, dstin, count ++ cmp count, 64 ++ b.hs L(set_128) ++ ++ /* Set 16..63 bytes. */ ++ mov off, 16 ++ and off, off, count, lsr 1 ++ sub dstend2, dstend, off ++ str q0, [dstin] ++ str q0, [dstin, off] ++ str q0, [dstend2, -16] ++ str q0, [dstend, -16] ++ ret ++ ++ .p2align 4 ++L(set_16): ++ whilelo p0.b, xzr, count ++ st1b z0.b, p0, [dstin] ++ ret ++ ++ .p2align 4 ++L(set_128): ++ bic dst, dstin, 15 ++ cmp count, 128 ++ b.hi L(set_long) ++ stp q0, q0, [dstin] ++ stp q0, q0, [dstin, 32] ++ stp q0, q0, [dstend, -64] ++ stp q0, q0, [dstend, -32] ++ ret ++ ++ .p2align 4 ++L(set_long): ++ cmp count, 256 ++ b.lo L(no_zva) ++ tst valw, 255 ++ b.ne L(no_zva) ++ ++ str q0, [dstin] ++ str q0, [dst, 16] ++ bic dst, dstin, 31 ++ stp q0, q0, [dst, 32] ++ bic dst, dstin, 63 ++ sub count, dstend, dst /* Count is now 64 too large. */ ++ sub count, count, 128 /* Adjust count and bias for loop. */ ++ ++ sub x8, dstend, 1 /* Write last bytes before ZVA loop. */ ++ bic x8, x8, 15 ++ stp q0, q0, [x8, -48] ++ str q0, [x8, -16] ++ str q0, [dstend, -16] ++ ++ .p2align 4 ++L(zva64_loop): ++ add dst, dst, 64 ++ dc zva, dst ++ subs count, count, 64 ++ b.hi L(zva64_loop) ++ ret ++ ++L(no_zva): ++ str q0, [dstin] ++ sub count, dstend, dst /* Count is 16 too large. */ ++ sub count, count, 64 + 16 /* Adjust count and bias for loop. */ ++L(no_zva_loop): ++ stp q0, q0, [dst, 16] ++ stp q0, q0, [dst, 48] ++ add dst, dst, 64 ++ subs count, count, 64 ++ b.hi L(no_zva_loop) ++ stp q0, q0, [dstend, -64] ++ stp q0, q0, [dstend, -32] ++ ret ++ ++END (__memset_sve_zva64) ++#endif +-- +2.27.0 + diff --git a/AArch64-Improve-generic-strlen.patch b/AArch64-Improve-generic-strlen.patch new file mode 100644 index 0000000..7868ad4 --- /dev/null +++ b/AArch64-Improve-generic-strlen.patch @@ -0,0 +1,92 @@ +From 9ca74b8ad1968d935815bdc2f1f1c7e9f2e32f70 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Wed, 7 Aug 2024 14:43:47 +0100 +Subject: [PATCH] AArch64: Improve generic strlen + +Improve performance by handling another 16 bytes before entering the loop. +Use ADDHN in the loop to avoid SHRN+FMOV when it terminates. Change final +size computation to avoid increasing latency. On Neoverse V1 performance +of the random strlen benchmark improves by 4.6%. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 3dc426b642dcafdbc11a99f2767e081d086f5fc7) +--- + sysdeps/aarch64/strlen.S | 39 +++++++++++++++++++++++++++------------ + 1 file changed, 27 insertions(+), 12 deletions(-) + +diff --git a/sysdeps/aarch64/strlen.S b/sysdeps/aarch64/strlen.S +index 133ef93342..352fb40d3a 100644 +--- a/sysdeps/aarch64/strlen.S ++++ b/sysdeps/aarch64/strlen.S +@@ -1,4 +1,5 @@ +-/* Copyright (C) 2012-2023 Free Software Foundation, Inc. ++/* Generic optimized strlen using SIMD. ++ Copyright (C) 2012-2024 Free Software Foundation, Inc. + + This file is part of the GNU C Library. + +@@ -56,36 +57,50 @@ ENTRY (STRLEN) + shrn vend.8b, vhas_nul.8h, 4 /* 128->64 */ + fmov synd, dend + lsr synd, synd, shift +- cbz synd, L(loop) ++ cbz synd, L(next16) + + rbit synd, synd + clz result, synd + lsr result, result, 2 + ret + ++L(next16): ++ ldr data, [src, 16] ++ cmeq vhas_nul.16b, vdata.16b, 0 ++ shrn vend.8b, vhas_nul.8h, 4 /* 128->64 */ ++ fmov synd, dend ++ cbz synd, L(loop) ++ add src, src, 16 ++#ifndef __AARCH64EB__ ++ rbit synd, synd ++#endif ++ sub result, src, srcin ++ clz tmp, synd ++ add result, result, tmp, lsr 2 ++ ret ++ + .p2align 5 + L(loop): +- ldr data, [src, 16] ++ ldr data, [src, 32]! + cmeq vhas_nul.16b, vdata.16b, 0 +- umaxp vend.16b, vhas_nul.16b, vhas_nul.16b ++ addhn vend.8b, vhas_nul.8h, vhas_nul.8h + fmov synd, dend + cbnz synd, L(loop_end) +- ldr data, [src, 32]! ++ ldr data, [src, 16] + cmeq vhas_nul.16b, vdata.16b, 0 +- umaxp vend.16b, vhas_nul.16b, vhas_nul.16b ++ addhn vend.8b, vhas_nul.8h, vhas_nul.8h + fmov synd, dend + cbz synd, L(loop) +- sub src, src, 16 ++ add src, src, 16 + L(loop_end): +- shrn vend.8b, vhas_nul.8h, 4 /* 128->64 */ +- sub result, src, srcin +- fmov synd, dend ++ sub result, shift, src, lsl 2 /* (srcin - src) << 2. */ + #ifndef __AARCH64EB__ + rbit synd, synd ++ sub result, result, 3 + #endif +- add result, result, 16 + clz tmp, synd +- add result, result, tmp, lsr 2 ++ sub result, tmp, result ++ lsr result, result, 2 + ret + + END (STRLEN) +-- +2.27.0 + diff --git a/AArch64-Optimize-memset.patch b/AArch64-Optimize-memset.patch new file mode 100644 index 0000000..663f4ef --- /dev/null +++ b/AArch64-Optimize-memset.patch @@ -0,0 +1,287 @@ +From 95aa21432ccbf77225abd485d98df36ba760ff80 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Mon, 9 Sep 2024 15:26:47 +0100 +Subject: [PATCH] AArch64: Optimize memset + +Improve small memsets by avoiding branches and use overlapping stores. +Use DC ZVA for copies over 128 bytes. Remove unnecessary code for ZVA sizes +other than 64 and 128. Performance of random memset benchmark improves by 24% +on Neoverse N1. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit cec3aef32412779e207f825db0d057ebb4628ae8) +--- + sysdeps/aarch64/memset.S | 195 +++++++++++++++++---------------------- + 1 file changed, 84 insertions(+), 111 deletions(-) + +diff --git a/sysdeps/aarch64/memset.S b/sysdeps/aarch64/memset.S +index bbfb7184c3..caafb019e2 100644 +--- a/sysdeps/aarch64/memset.S ++++ b/sysdeps/aarch64/memset.S +@@ -1,4 +1,5 @@ +-/* Copyright (C) 2012-2023 Free Software Foundation, Inc. ++/* Generic optimized memset using SIMD. ++ Copyright (C) 2012-2024 Free Software Foundation, Inc. + + This file is part of the GNU C Library. + +@@ -17,7 +18,6 @@ + . */ + + #include +-#include "memset-reg.h" + + #ifndef MEMSET + # define MEMSET memset +@@ -25,130 +25,132 @@ + + /* Assumptions: + * +- * ARMv8-a, AArch64, unaligned accesses ++ * ARMv8-a, AArch64, Advanced SIMD, unaligned accesses. + * + */ + +-ENTRY (MEMSET) ++#define dstin x0 ++#define val x1 ++#define valw w1 ++#define count x2 ++#define dst x3 ++#define dstend x4 ++#define zva_val x5 ++#define off x3 ++#define dstend2 x5 + ++ENTRY (MEMSET) + PTR_ARG (0) + SIZE_ARG (2) + + dup v0.16B, valw ++ cmp count, 16 ++ b.lo L(set_small) ++ + add dstend, dstin, count ++ cmp count, 64 ++ b.hs L(set_128) + +- cmp count, 96 +- b.hi L(set_long) +- cmp count, 16 +- b.hs L(set_medium) +- mov val, v0.D[0] ++ /* Set 16..63 bytes. */ ++ mov off, 16 ++ and off, off, count, lsr 1 ++ sub dstend2, dstend, off ++ str q0, [dstin] ++ str q0, [dstin, off] ++ str q0, [dstend2, -16] ++ str q0, [dstend, -16] ++ ret + ++ .p2align 4 + /* Set 0..15 bytes. */ +- tbz count, 3, 1f +- str val, [dstin] +- str val, [dstend, -8] +- ret +- nop +-1: tbz count, 2, 2f +- str valw, [dstin] +- str valw, [dstend, -4] ++L(set_small): ++ add dstend, dstin, count ++ cmp count, 4 ++ b.lo 2f ++ lsr off, count, 3 ++ sub dstend2, dstend, off, lsl 2 ++ str s0, [dstin] ++ str s0, [dstin, off, lsl 2] ++ str s0, [dstend2, -4] ++ str s0, [dstend, -4] + ret ++ ++ /* Set 0..3 bytes. */ + 2: cbz count, 3f ++ lsr off, count, 1 + strb valw, [dstin] +- tbz count, 1, 3f +- strh valw, [dstend, -2] ++ strb valw, [dstin, off] ++ strb valw, [dstend, -1] + 3: ret + +- /* Set 17..96 bytes. */ +-L(set_medium): +- str q0, [dstin] +- tbnz count, 6, L(set96) +- str q0, [dstend, -16] +- tbz count, 5, 1f +- str q0, [dstin, 16] +- str q0, [dstend, -32] +-1: ret +- + .p2align 4 +- /* Set 64..96 bytes. Write 64 bytes from the start and +- 32 bytes from the end. */ +-L(set96): +- str q0, [dstin, 16] ++L(set_128): ++ bic dst, dstin, 15 ++ cmp count, 128 ++ b.hi L(set_long) ++ stp q0, q0, [dstin] + stp q0, q0, [dstin, 32] ++ stp q0, q0, [dstend, -64] + stp q0, q0, [dstend, -32] + ret + +- .p2align 3 +- nop ++ .p2align 4 + L(set_long): +- and valw, valw, 255 +- bic dst, dstin, 15 + str q0, [dstin] +- cmp count, 256 +- ccmp valw, 0, 0, cs +- b.eq L(try_zva) +-L(no_zva): +- sub count, dstend, dst /* Count is 16 too large. */ +- sub dst, dst, 16 /* Dst is biased by -32. */ +- sub count, count, 64 + 16 /* Adjust count and bias for loop. */ +-1: stp q0, q0, [dst, 32] +- stp q0, q0, [dst, 64]! +-L(tail64): +- subs count, count, 64 +- b.hi 1b +-2: stp q0, q0, [dstend, -64] ++ str q0, [dst, 16] ++ tst valw, 255 ++ b.ne L(no_zva) ++#ifndef ZVA64_ONLY ++ mrs zva_val, dczid_el0 ++ and zva_val, zva_val, 31 ++ cmp zva_val, 4 /* ZVA size is 64 bytes. */ ++ b.ne L(zva_128) ++#endif ++ stp q0, q0, [dst, 32] ++ bic dst, dstin, 63 ++ sub count, dstend, dst /* Count is now 64 too large. */ ++ sub count, count, 64 + 64 /* Adjust count and bias for loop. */ ++ ++ /* Write last bytes before ZVA loop. */ ++ stp q0, q0, [dstend, -64] + stp q0, q0, [dstend, -32] ++ ++ .p2align 4 ++L(zva64_loop): ++ add dst, dst, 64 ++ dc zva, dst ++ subs count, count, 64 ++ b.hi L(zva64_loop) + ret + +-L(try_zva): +-#ifndef ZVA64_ONLY + .p2align 3 +- mrs tmp1, dczid_el0 +- tbnz tmp1w, 4, L(no_zva) +- and tmp1w, tmp1w, 15 +- cmp tmp1w, 4 /* ZVA size is 64 bytes. */ +- b.ne L(zva_128) +- nop +-#endif +- /* Write the first and last 64 byte aligned block using stp rather +- than using DC ZVA. This is faster on some cores. +- */ +- .p2align 4 +-L(zva_64): +- str q0, [dst, 16] ++L(no_zva): ++ sub count, dstend, dst /* Count is 32 too large. */ ++ sub count, count, 64 + 32 /* Adjust count and bias for loop. */ ++L(no_zva_loop): + stp q0, q0, [dst, 32] +- bic dst, dst, 63 + stp q0, q0, [dst, 64] +- stp q0, q0, [dst, 96] +- sub count, dstend, dst /* Count is now 128 too large. */ +- sub count, count, 128+64+64 /* Adjust count and bias for loop. */ +- add dst, dst, 128 +-1: dc zva, dst + add dst, dst, 64 + subs count, count, 64 +- b.hi 1b +- stp q0, q0, [dst, 0] +- stp q0, q0, [dst, 32] ++ b.hi L(no_zva_loop) + stp q0, q0, [dstend, -64] + stp q0, q0, [dstend, -32] + ret + + #ifndef ZVA64_ONLY +- .p2align 3 ++ .p2align 4 + L(zva_128): +- cmp tmp1w, 5 /* ZVA size is 128 bytes. */ +- b.ne L(zva_other) ++ cmp zva_val, 5 /* ZVA size is 128 bytes. */ ++ b.ne L(no_zva) + +- str q0, [dst, 16] + stp q0, q0, [dst, 32] + stp q0, q0, [dst, 64] + stp q0, q0, [dst, 96] + bic dst, dst, 127 + sub count, dstend, dst /* Count is now 128 too large. */ +- sub count, count, 128+128 /* Adjust count and bias for loop. */ +- add dst, dst, 128 +-1: dc zva, dst +- add dst, dst, 128 ++ sub count, count, 128 + 128 /* Adjust count and bias for loop. */ ++1: add dst, dst, 128 ++ dc zva, dst + subs count, count, 128 + b.hi 1b + stp q0, q0, [dstend, -128] +@@ -156,35 +158,6 @@ L(zva_128): + stp q0, q0, [dstend, -64] + stp q0, q0, [dstend, -32] + ret +- +-L(zva_other): +- mov tmp2w, 4 +- lsl zva_lenw, tmp2w, tmp1w +- add tmp1, zva_len, 64 /* Max alignment bytes written. */ +- cmp count, tmp1 +- blo L(no_zva) +- +- sub tmp2, zva_len, 1 +- add tmp1, dst, zva_len +- add dst, dst, 16 +- subs count, tmp1, dst /* Actual alignment bytes to write. */ +- bic tmp1, tmp1, tmp2 /* Aligned dc zva start address. */ +- beq 2f +-1: stp q0, q0, [dst], 64 +- stp q0, q0, [dst, -32] +- subs count, count, 64 +- b.hi 1b +-2: mov dst, tmp1 +- sub count, dstend, tmp1 /* Remaining bytes to write. */ +- subs count, count, zva_len +- b.lo 4f +-3: dc zva, dst +- add dst, dst, zva_len +- subs count, count, zva_len +- b.hs 3b +-4: add count, count, zva_len +- sub dst, dst, 32 /* Bias dst for tail loop. */ +- b L(tail64) + #endif + + END (MEMSET) +-- +2.27.0 + diff --git a/AArch64-Remove-zva_128-from-memset.patch b/AArch64-Remove-zva_128-from-memset.patch new file mode 100644 index 0000000..aa8bc76 --- /dev/null +++ b/AArch64-Remove-zva_128-from-memset.patch @@ -0,0 +1,65 @@ +From 5fe151d86a19bc3dc791fd2d92efeb6c6e11cf64 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Mon, 25 Nov 2024 18:43:08 +0000 +Subject: [PATCH] AArch64: Remove zva_128 from memset + +Remove ZVA 128 support from memset - the new memset no longer +guarantees count >= 256, which can result in underflow and a +crash if ZVA size is 128 ([1]). Since only one CPU uses a ZVA +size of 128 and its memcpy implementation was removed in commit +e162ab2bf1b82c40f29e1925986582fa07568ce8, remove this special +case too. + +[1] https://sourceware.org/pipermail/libc-alpha/2024-November/161626.html + +Reviewed-by: Andrew Pinski +(cherry picked from commit a08d9a52f967531a77e1824c23b5368c6434a72d) +--- + sysdeps/aarch64/memset.S | 25 +------------------------ + 1 file changed, 1 insertion(+), 24 deletions(-) + +diff --git a/sysdeps/aarch64/memset.S b/sysdeps/aarch64/memset.S +index caafb019e2..71814d0b2f 100644 +--- a/sysdeps/aarch64/memset.S ++++ b/sysdeps/aarch64/memset.S +@@ -104,7 +104,7 @@ L(set_long): + mrs zva_val, dczid_el0 + and zva_val, zva_val, 31 + cmp zva_val, 4 /* ZVA size is 64 bytes. */ +- b.ne L(zva_128) ++ b.ne L(no_zva) + #endif + stp q0, q0, [dst, 32] + bic dst, dstin, 63 +@@ -137,28 +137,5 @@ L(no_zva_loop): + stp q0, q0, [dstend, -32] + ret + +-#ifndef ZVA64_ONLY +- .p2align 4 +-L(zva_128): +- cmp zva_val, 5 /* ZVA size is 128 bytes. */ +- b.ne L(no_zva) +- +- stp q0, q0, [dst, 32] +- stp q0, q0, [dst, 64] +- stp q0, q0, [dst, 96] +- bic dst, dst, 127 +- sub count, dstend, dst /* Count is now 128 too large. */ +- sub count, count, 128 + 128 /* Adjust count and bias for loop. */ +-1: add dst, dst, 128 +- dc zva, dst +- subs count, count, 128 +- b.hi 1b +- stp q0, q0, [dstend, -128] +- stp q0, q0, [dstend, -96] +- stp q0, q0, [dstend, -64] +- stp q0, q0, [dstend, -32] +- ret +-#endif +- + END (MEMSET) + libc_hidden_builtin_def (MEMSET) +-- +2.27.0 + diff --git a/AArch64-Use-prefer_sve_ifuncs-for-SVE-memset.patch b/AArch64-Use-prefer_sve_ifuncs-for-SVE-memset.patch new file mode 100644 index 0000000..b92230b --- /dev/null +++ b/AArch64-Use-prefer_sve_ifuncs-for-SVE-memset.patch @@ -0,0 +1,29 @@ +From 097299ffa904b327fce83770fa6a522e4393ddb3 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Thu, 27 Feb 2025 16:28:52 +0000 +Subject: [PATCH] AArch64: Use prefer_sve_ifuncs for SVE memset + +Use prefer_sve_ifuncs for SVE memset just like memcpy. + +Reviewed-by: Yury Khrustalev +(cherry picked from commit 0f044be1dae5169d0e57f8d487b427863aeadab4) +--- + sysdeps/aarch64/multiarch/memset.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysdeps/aarch64/multiarch/memset.c b/sysdeps/aarch64/multiarch/memset.c +index 89fde57f42..ce5d35a20e 100644 +--- a/sysdeps/aarch64/multiarch/memset.c ++++ b/sysdeps/aarch64/multiarch/memset.c +@@ -49,7 +49,7 @@ select_memset_ifunc (void) + if (IS_A64FX (midr) && zva_size == 256) + return __memset_a64fx; + +- if (zva_size == 64) ++ if (prefer_sve_ifuncs && zva_size == 64) + return __memset_sve_zva64; + } + +-- +2.27.0 + diff --git a/Add-crt1-2.0.o-for-glibc-2.0-compatibility-tests.patch b/Add-crt1-2.0.o-for-glibc-2.0-compatibility-tests.patch new file mode 100644 index 0000000..7ae76a5 --- /dev/null +++ b/Add-crt1-2.0.o-for-glibc-2.0-compatibility-tests.patch @@ -0,0 +1,231 @@ +From 4dd8641461463b667b5503ab0ea4abcf261378a9 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Tue, 30 Apr 2024 09:57:12 -0700 +Subject: [PATCH] Add crt1-2.0.o for glibc 2.0 compatibility tests + +Starting from glibc 2.1, crt1.o contains _IO_stdin_used which is checked +by _IO_check_libio to provide binary compatibility for glibc 2.0. Add +crt1-2.0.o for tests against glibc 2.0. Define tests-2.0 for glibc 2.0 +compatibility tests. Add and update glibc 2.0 compatibility tests for +stderr, matherr and pthread_kill. +Reviewed-by: Carlos O'Donell + +(cherry picked from commit 5f245f3bfbe61b2182964dafb94907e38284b806) +--- + Makeconfig | 21 ++++++++++++++++ + Rules | 13 +++++++++- + csu/Makefile | 5 +++- + libio/Makefile | 6 +++++ + libio/tst-stderr-compat.c | 52 +++++++++++++++++++++++++++++++++++++++ + math/Makefile | 3 +++ + sysdeps/pthread/Makefile | 4 +++ + 7 files changed, 102 insertions(+), 2 deletions(-) + create mode 100644 libio/tst-stderr-compat.c + +diff --git a/Makeconfig b/Makeconfig +index 3f8acff459..3a2c864b04 100644 +--- a/Makeconfig ++++ b/Makeconfig +@@ -360,6 +360,8 @@ whole-archive = -Wl,--whole-archive + # Installed name of the startup code. + # The ELF convention is that the startfile is called crt1.o + start-installed-name = crt1.o ++# Similar to crt1.o, but without _IO_stdin_used. ++start-name-2.0 = crt1-2.0.o + # On systems that do not need a special startfile for statically linked + # binaries, simply set it to the normal name. + ifndef static-start-installed-name +@@ -537,6 +539,25 @@ else # build-static + endif # build-shared + endif # +link + ++# Command for linking test programs with crt1.o from glibc 2.0. +++link-2.0-before-inputs = -nostdlib -nostartfiles $(no-pie-ldflag) \ ++ $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ ++ $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \ ++ $(firstword $(CRT-$(@F)) $(csu-objpfx)$(start-name-2.0)) \ ++ $(+preinit) $(+prector) +++link-2.0-before-libc = -o $@ $(+link-2.0-before-inputs) \ ++ $(filter-out $(addprefix $(csu-objpfx),start.o \ ++ $(start-name-2.0))\ ++ $(+preinit) $(link-extra-libs) \ ++ $(common-objpfx)libc% $(+postinit),$^) \ ++ $(link-extra-libs) +++link-after-libc = $(+postctor) $(+postinit) ++define +link-2.0-tests ++$(CC) $(+link-2.0-before-libc) $(rtld-tests-LDFLAGS) $(link-libc-tests) \ ++ $(+link-after-libc) ++$(call after-link,$@) ++endef ++ + # The pretty printer test programs need to be compiled without optimizations + # so they won't confuse gdb. We could use either the 'GCC optimize' pragma + # or the 'optimize' function attribute to achieve this; however, at least on +diff --git a/Rules b/Rules +index 279ae490ac..e8096cb285 100644 +--- a/Rules ++++ b/Rules +@@ -188,6 +188,7 @@ binaries-all = $(binaries-all-notests) $(binaries-all-tests) + binaries-static-notests = $(others-static) + binaries-static-tests = $(tests-static) $(xtests-static) + binaries-static = $(binaries-static-notests) $(binaries-static-tests) ++binaries-shared-2.0-tests = $(tests-2.0) + ifeq (yesyes,$(have-fpie)$(build-shared)) + binaries-pie-tests = $(tests-pie) $(xtests-pie) + binaries-pie-notests = $(others-pie) +@@ -215,7 +216,8 @@ binaries-malloc-hugetlb2-tests = + endif + + binaries-pie = $(binaries-pie-tests) $(binaries-pie-notests) +-binaries-shared-tests = $(filter-out $(binaries-pie) $(binaries-static), \ ++binaries-shared-tests = $(filter-out $(binaries-pie) $(binaries-static) \ ++ $(binaries-shared-2.0-tests), \ + $(binaries-all-tests)) + binaries-shared-notests = $(filter-out $(binaries-pie) $(binaries-static), \ + $(binaries-all-notests)) +@@ -235,6 +237,15 @@ $(addprefix $(objpfx),$(binaries-shared-tests)): %: %.o \ + $(+link-tests) + endif + ++# Linking test programs with crt1.o from glibc 2.0. ++ifneq "$(strip $(binaries-shared-2.0-tests))" "" ++$(addprefix $(objpfx),$(binaries-shared-2.0-tests)): %: %.o \ ++ $(link-extra-libs-tests) \ ++ $(sort $(filter $(common-objpfx)lib%,$(link-libc))) \ ++ $(addprefix $(csu-objpfx),start.o) $(+preinit) $(+postinit) ++ $(+link-2.0-tests) ++endif ++ + ifneq "$(strip $(binaries-mcheck-tests))" "" + $(addprefix $(objpfx),$(binaries-mcheck-tests)): %-mcheck: %.o \ + $(link-extra-libs-tests) \ +diff --git a/csu/Makefile b/csu/Makefile +index fcd277e6d3..c2b1c4013f 100644 +--- a/csu/Makefile ++++ b/csu/Makefile +@@ -33,7 +33,7 @@ elide-routines.os = libc-tls + csu-dummies = $(filter-out $(start-installed-name),crt1.o Mcrt1.o) + extra-objs = start.o \ + $(start-installed-name) g$(start-installed-name) $(csu-dummies) \ +- S$(start-installed-name) ++ S$(start-installed-name) $(start-name-2.0) + omit-deps = $(patsubst %.o,%,$(start-installed-name) g$(start-installed-name) \ + b$(start-installed-name) $(csu-dummies) \ + S$(start-installed-name) \ +@@ -138,6 +138,9 @@ ifndef start-installed-name-rule + $(objpfx)$(start-installed-name): $(objpfx)start.o $(objpfx)abi-note.o \ + $(objpfx)init.o $(objpfx)static-reloc.o + $(link-relocatable) ++$(objpfx)$(start-name-2.0): $(objpfx)start.o $(objpfx)abi-note.o \ ++ $(objpfx)static-reloc.o ++ $(link-relocatable) + $(objpfx)r$(start-installed-name): $(objpfx)start.o $(objpfx)abi-note.o \ + $(objpfx)init.o + $(link-relocatable) +diff --git a/libio/Makefile b/libio/Makefile +index 287ec11338..8f9f302807 100644 +--- a/libio/Makefile ++++ b/libio/Makefile +@@ -212,6 +212,12 @@ aux := fileops genops stdfiles stdio strops + ifeq ($(build-shared),yes) + generated += tst-bz24228.mtrace tst-bz24228.check + aux += oldfileops oldstdfiles ++tests += \ ++ tst-stderr-compat \ ++# tests ++tests-2.0 += \ ++ tst-stderr-compat \ ++# tests-2.0 + endif + + shared-only-routines = oldiofopen oldiofdopen oldiofclose oldfileops \ +diff --git a/libio/tst-stderr-compat.c b/libio/tst-stderr-compat.c +new file mode 100644 +index 0000000000..8221415cd4 +--- /dev/null ++++ b/libio/tst-stderr-compat.c +@@ -0,0 +1,52 @@ ++/* Test that fclose works on stderr from glibc 2.0. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++#if TEST_COMPAT (libc, GLIBC_2_0, GLIBC_2_1) ++# define _LIBC ++# define _IO_USE_OLD_IO_FILE ++# include ++# include ++ ++extern FILE _IO_stderr_; ++compat_symbol_reference (libc, _IO_stderr_, _IO_stderr_, GLIBC_2_0); ++compat_symbol_reference (libc, fclose, fclose, GLIBC_2_0); ++ ++__attribute__ ((weak, noclone, noinline)) ++void ++do_fclose (FILE *fp) ++{ ++ TEST_VERIFY_EXIT (fclose (fp) == 0); ++} ++ ++static int ++do_test (void) ++{ ++ do_fclose (&_IO_stderr_); ++ return 0; ++} ++#else ++static int ++do_test (void) ++{ ++ return 0; ++} ++#endif ++ ++#include +diff --git a/math/Makefile b/math/Makefile +index a9daae09de..9730093630 100644 +--- a/math/Makefile ++++ b/math/Makefile +@@ -261,6 +261,9 @@ tests-static = test-fpucw-static test-fpucw-ieee-static \ + # The tested symbols matherr, _LIB_VERSION have been removed in glibc 2.27. + ifeq ($(have-GLIBC_2.26)$(build-shared),yesyes) + tests += test-matherr test-matherr-2 ++tests-2.0 += \ ++ test-matherr-2 \ ++ # tests-2.0 + endif + + # These tests use internal (unexported) GMP functions and are linked +diff --git a/sysdeps/pthread/Makefile b/sysdeps/pthread/Makefile +index 31028406d5..67706433f0 100644 +--- a/sysdeps/pthread/Makefile ++++ b/sysdeps/pthread/Makefile +@@ -282,6 +282,10 @@ tests += \ + tst-vfork2x \ + # tests + ++tests-2.0 += \ ++ tst-pthread_kill-exited ++ # tests-2.0 ++ + tests-time64 += \ + tst-abstime-time64 \ + tst-cnd-timedwait-time64 \ +-- +2.27.0 + diff --git a/Apply-the-Makefile-sorting-fix.patch b/Apply-the-Makefile-sorting-fix.patch new file mode 100644 index 0000000..70efa96 --- /dev/null +++ b/Apply-the-Makefile-sorting-fix.patch @@ -0,0 +1,156 @@ +From a477851fd2b5f86bc981d4e293ced4d837797e24 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Thu, 15 Feb 2024 11:19:56 -0800 +Subject: [PATCH] Apply the Makefile sorting fix + +Apply the Makefile sorting fix generated by sort-makefile-lines.py. + +(cherry picked from commit ef7f4b1fef67430a8f3cfc77fa6aada2add851d7) +--- + sysdeps/x86/Makefile | 6 +++--- + sysdeps/x86_64/Makefile | 10 +++++----- + sysdeps/x86_64/fpu/multiarch/Makefile | 14 +++++++------- + sysdeps/x86_64/multiarch/Makefile | 4 ++-- + 4 files changed, 17 insertions(+), 17 deletions(-) + +diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile +index f1f00825a6..02ecfbf146 100644 +--- a/sysdeps/x86/Makefile ++++ b/sysdeps/x86/Makefile +@@ -15,17 +15,17 @@ CFLAGS-dl-get-cpu-features.os += $(rtld-early-cflags) + CFLAGS-get-cpuid-feature-leaf.o += $(no-stack-protector) + + tests += \ +- tst-get-cpu-features \ +- tst-get-cpu-features-static \ + tst-cpu-features-cpuinfo \ + tst-cpu-features-cpuinfo-static \ + tst-cpu-features-supports \ + tst-cpu-features-supports-static \ ++ tst-get-cpu-features \ ++ tst-get-cpu-features-static \ + # tests + tests-static += \ +- tst-get-cpu-features-static \ + tst-cpu-features-cpuinfo-static \ + tst-cpu-features-supports-static \ ++ tst-get-cpu-features-static \ + # tests-static + ifeq (yes,$(have-ifunc)) + ifeq (yes,$(have-gcc-ifunc)) +diff --git a/sysdeps/x86_64/Makefile b/sysdeps/x86_64/Makefile +index 36be2f6d56..75c5029b36 100644 +--- a/sysdeps/x86_64/Makefile ++++ b/sysdeps/x86_64/Makefile +@@ -224,6 +224,10 @@ sysdep-dl-routines += dl-cet + + tests += \ + tst-cet-legacy-1 \ ++ tst-cet-legacy-10 \ ++ tst-cet-legacy-10-static \ ++ tst-cet-legacy-10a \ ++ tst-cet-legacy-10a-static \ + tst-cet-legacy-1a \ + tst-cet-legacy-2 \ + tst-cet-legacy-2a \ +@@ -235,15 +239,11 @@ tests += \ + tst-cet-legacy-8 \ + tst-cet-legacy-9 \ + tst-cet-legacy-9-static \ +- tst-cet-legacy-10 \ +- tst-cet-legacy-10-static \ +- tst-cet-legacy-10a \ +- tst-cet-legacy-10a-static \ + # tests + tests-static += \ +- tst-cet-legacy-9-static \ + tst-cet-legacy-10-static \ + tst-cet-legacy-10a-static \ ++ tst-cet-legacy-9-static \ + # tests-static + tst-cet-legacy-1a-ARGS = -- $(host-test-program-cmd) + +diff --git a/sysdeps/x86_64/fpu/multiarch/Makefile b/sysdeps/x86_64/fpu/multiarch/Makefile +index ea81753b70..e1a490dd98 100644 +--- a/sysdeps/x86_64/fpu/multiarch/Makefile ++++ b/sysdeps/x86_64/fpu/multiarch/Makefile +@@ -4,10 +4,10 @@ libm-sysdep_routines += \ + s_ceilf-c \ + s_floor-c \ + s_floorf-c \ +- s_rint-c \ +- s_rintf-c \ + s_nearbyint-c \ + s_nearbyintf-c \ ++ s_rint-c \ ++ s_rintf-c \ + s_roundeven-c \ + s_roundevenf-c \ + s_trunc-c \ +@@ -21,10 +21,10 @@ libm-sysdep_routines += \ + s_floorf-sse4_1 \ + s_nearbyint-sse4_1 \ + s_nearbyintf-sse4_1 \ +- s_roundeven-sse4_1 \ +- s_roundevenf-sse4_1 \ + s_rint-sse4_1 \ + s_rintf-sse4_1 \ ++ s_roundeven-sse4_1 \ ++ s_roundevenf-sse4_1 \ + s_trunc-sse4_1 \ + s_truncf-sse4_1 \ + # libm-sysdep_routines +@@ -84,12 +84,12 @@ CFLAGS-s_cosf-fma.c = -mfma -mavx2 + CFLAGS-s_sincosf-fma.c = -mfma -mavx2 + + libm-sysdep_routines += \ ++ e_asin-fma4 \ ++ e_atan2-fma4 \ + e_exp-fma4 \ + e_log-fma4 \ + e_pow-fma4 \ +- e_asin-fma4 \ + s_atan-fma4 \ +- e_atan2-fma4 \ + s_sin-fma4 \ + s_sincos-fma4 \ + s_tan-fma4 \ +@@ -106,10 +106,10 @@ CFLAGS-s_tan-fma4.c = -mfma4 + CFLAGS-s_sincos-fma4.c = -mfma4 + + libm-sysdep_routines += \ ++ e_atan2-avx \ + e_exp-avx \ + e_log-avx \ + s_atan-avx \ +- e_atan2-avx \ + s_sin-avx \ + s_sincos-avx \ + s_tan-avx \ +diff --git a/sysdeps/x86_64/multiarch/Makefile b/sysdeps/x86_64/multiarch/Makefile +index e1e894c963..d3d2270394 100644 +--- a/sysdeps/x86_64/multiarch/Makefile ++++ b/sysdeps/x86_64/multiarch/Makefile +@@ -4,8 +4,8 @@ sysdep_routines += \ + memchr-avx2 \ + memchr-avx2-rtm \ + memchr-evex \ +- memchr-evex512 \ + memchr-evex-rtm \ ++ memchr-evex512 \ + memchr-sse2 \ + memcmp-avx2-movbe \ + memcmp-avx2-movbe-rtm \ +@@ -37,8 +37,8 @@ sysdep_routines += \ + rawmemchr-avx2 \ + rawmemchr-avx2-rtm \ + rawmemchr-evex \ +- rawmemchr-evex512 \ + rawmemchr-evex-rtm \ ++ rawmemchr-evex512 \ + rawmemchr-sse2 \ + stpcpy-avx2 \ + stpcpy-avx2-rtm \ +-- +2.27.0 + diff --git a/CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch b/CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch index 0a1200f..8040136 100644 --- a/CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch +++ b/CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch @@ -1,4 +1,4 @@ -From bd77dd7e73e3530203be1c52c8a29d08270cb25d Mon Sep 17 00:00:00 2001 +From b25508dd774b617f99419bdc3cf2ace4560cd2d6 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Wed, 13 Sep 2023 14:10:56 +0200 Subject: [PATCH] CVE-2023-4527: Stack read overflow with large TCP responses @@ -12,13 +12,42 @@ of the stack-allocated buffer. Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa stub resolver option") and bug 30842. + +(cherry picked from commit bd77dd7e73e3530203be1c52c8a29d08270cb25d) --- + NEWS | 9 +++ resolv/Makefile | 2 + resolv/nss_dns/dns-host.c | 2 +- resolv/tst-resolv-noaaaa-vc.c | 129 ++++++++++++++++++++++++++++++++++ - 4 files changed, 137 insertions(+), 2 deletions(-) + 4 files changed, 141 insertions(+), 1 deletion(-) create mode 100644 resolv/tst-resolv-noaaaa-vc.c +diff --git a/NEWS b/NEWS +index 64596d5d09..dfee278a9c 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,12 +7,21 @@ using `glibc' in the "product" field. + + Version 2.38.1 + ++Security related changes: ++ ++ CVE-2023-4527: If the system is configured in no-aaaa mode via ++ /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address ++ family, and a DNS response is received over TCP that is larger than ++ 2048 bytes, getaddrinfo may potentially disclose stack contents via ++ the returned address data, or crash. ++ + The following bugs are resolved with this release: + + [30723] posix_memalign repeatedly scans long bin lists + [30785] Always call destructors in reverse constructor order + [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with + -D_FILE_OFFSET_BITS=64 ++ [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) + + + Version 2.38 diff --git a/resolv/Makefile b/resolv/Makefile index 054b1fa36c..2f99eb3862 100644 --- a/resolv/Makefile @@ -40,7 +69,7 @@ index 054b1fa36c..2f99eb3862 100644 $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library) diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c -index c8b77bbc35..119dc9f00f 100644 +index 1d60c51f5e..5d0ab30de6 100644 --- a/resolv/nss_dns/dns-host.c +++ b/resolv/nss_dns/dns-host.c @@ -427,7 +427,7 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat, @@ -188,5 +217,5 @@ index 0000000000..9f5aebd99f + +#include -- -2.37.3 +2.33.0 diff --git a/CVE-2023-4806-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch b/CVE-2023-4806-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch index fcb016e..307b1eb 100644 --- a/CVE-2023-4806-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch +++ b/CVE-2023-4806-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch @@ -1,7 +1,7 @@ -From 973fe93a5675c42798b2161c6f29c01b0e243994 Mon Sep 17 00:00:00 2001 +From 00ae4f10b504bc4564e9f22f00907093f1ab9338 Mon Sep 17 00:00:00 2001 From: Siddhesh Poyarekar Date: Fri, 15 Sep 2023 13:51:12 -0400 -Subject: [PATCH] getaddrinfo: Fix use after free in getcanonname +Subject: [PATCH 1/4] getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806) When an NSS plugin only implements the _gethostbyname2_r and @@ -24,6 +24,7 @@ Fix this by copying h_name over and freeing it at the end. This resolves BZ #30843, which is assigned CVE-2023-4806. Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit 973fe93a5675c42798b2161c6f29c01b0e243994) --- nss/Makefile | 15 ++++- nss/nss_test_gai_hv2_canonname.c | 56 +++++++++++++++++ @@ -249,7 +250,7 @@ index 0000000000..31848b4a28 +cp $B/nss/libnss_test_gai_hv2_canonname.so $L/libnss_test_gai_hv2_canonname.so.2 +su diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index 6ae6744fe4..47f421fddf 100644 +index 0356b622be..b2236b105c 100644 --- a/sysdeps/posix/getaddrinfo.c +++ b/sysdeps/posix/getaddrinfo.c @@ -120,6 +120,7 @@ struct gaih_result @@ -333,5 +334,5 @@ index 6ae6744fe4..47f421fddf 100644 { __resolv_context_put (res_ctx); -- -2.37.3 +2.33.0 diff --git a/CVE-2023-5156-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch b/CVE-2023-5156-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch index c3720a4..933e109 100644 --- a/CVE-2023-5156-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch +++ b/CVE-2023-5156-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch @@ -1,12 +1,18 @@ -From ec6b95c3303c700eb89eebeda2d7264cc184a796 Mon Sep 17 00:00:00 2001 +From 5ee59ca371b99984232d7584fe2b1a758b4421d3 Mon Sep 17 00:00:00 2001 From: Romain Geissler Date: Mon, 25 Sep 2023 01:21:51 +0100 -Subject: [PATCH] Fix leak in getaddrinfo introduced by the fix for +Subject: [PATCH 1/4] Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843] This patch fixes a very recently added leak in getaddrinfo. +This was assigned CVE-2023-5156. + +Resolves: BZ #30884 +Related: BZ #30842 + Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit ec6b95c3303c700eb89eebeda2d7264cc184a796) --- nss/Makefile | 20 ++++++++++++++++++++ nss/tst-nss-gai-hv2-canonname.c | 3 +++ @@ -73,7 +79,7 @@ index d5f10c07d6..7db53cf09d 100644 struct addrinfo hints = {}; diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index 47f421fddf..531124958d 100644 +index b2236b105c..13082305d3 100644 --- a/sysdeps/posix/getaddrinfo.c +++ b/sysdeps/posix/getaddrinfo.c @@ -1196,9 +1196,7 @@ free_and_return: @@ -88,5 +94,5 @@ index 47f421fddf..531124958d 100644 return result; } -- -2.37.3 +2.33.0 diff --git a/CVE-2023-6246-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch b/CVE-2023-6246-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch index d0c150a..395b520 100644 --- a/CVE-2023-6246-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch +++ b/CVE-2023-6246-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch @@ -1,7 +1,7 @@ -From 6bd0e4efcc78f3c0115e5ea9739a1642807450da Mon Sep 17 00:00:00 2001 +From 23514c72b780f3da097ecf33a793b7ba9c2070d2 Mon Sep 17 00:00:00 2001 From: Arjun Shankar Date: Mon, 15 Jan 2024 17:44:43 +0100 -Subject: [PATCH] syslog: Fix heap buffer overflow in __vsyslog_internal +Subject: [PATCH 1/3] syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246) __vsyslog_internal did not handle a case where printing a SYSLOG_HEADER @@ -13,6 +13,7 @@ that uses glibc.malloc.check. Reviewed-by: Adhemerval Zanella Reviewed-by: Carlos O'Donell Tested-by: Carlos O'Donell +(cherry picked from commit 6bd0e4efcc78f3c0115e5ea9739a1642807450da) --- misc/Makefile | 8 ++- misc/syslog.c | 50 +++++++++++++------ @@ -23,7 +24,7 @@ Tested-by: Carlos O'Donell create mode 100644 misc/tst-syslog-long-progname.root/postclean.req diff --git a/misc/Makefile b/misc/Makefile -index 42899c2b6c..c273ec6974 100644 +index fe0d49c1de..90b31952c5 100644 --- a/misc/Makefile +++ b/misc/Makefile @@ -289,7 +289,10 @@ tests-special += $(objpfx)tst-error1-mem.out \ @@ -176,5 +177,5 @@ diff --git a/misc/tst-syslog-long-progname.root/postclean.req b/misc/tst-syslog- new file mode 100644 index 0000000000..e69de29bb2 -- -2.37.3 +2.33.0 diff --git a/CVE-2023-6779-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch b/CVE-2023-6779-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch index bfd402b..c19c3bf 100644 --- a/CVE-2023-6779-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch +++ b/CVE-2023-6779-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch @@ -1,7 +1,7 @@ -From 7e5a0c286da33159d47d0122007aac016f3e02cd Mon Sep 17 00:00:00 2001 +From d0338312aace5bbfef85e03055e1212dd0e49578 Mon Sep 17 00:00:00 2001 From: Arjun Shankar Date: Mon, 15 Jan 2024 17:44:44 +0100 -Subject: [PATCH] syslog: Fix heap buffer overflow in __vsyslog_internal +Subject: [PATCH 2/3] syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779) __vsyslog_internal used the return value of snprintf/vsnprintf to @@ -13,6 +13,7 @@ All snprintf/vsnprintf calls are checked for negative return values and the function silently returns upon encountering them. Reviewed-by: Carlos O'Donell +(cherry picked from commit 7e5a0c286da33159d47d0122007aac016f3e02cd) --- misc/syslog.c | 39 ++++++++++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 11 deletions(-) @@ -101,5 +102,5 @@ index 814d224a1e..53440e47ad 100644 } -- -2.37.3 +2.33.0 diff --git a/CVE-2023-6780-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch b/CVE-2023-6780-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch index 4207ef9..70ee520 100644 --- a/CVE-2023-6780-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch +++ b/CVE-2023-6780-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch @@ -1,7 +1,7 @@ -From ddf542da94caf97ff43cc2875c88749880b7259b Mon Sep 17 00:00:00 2001 +From d37c2b20a4787463d192b32041c3406c2bd91de0 Mon Sep 17 00:00:00 2001 From: Arjun Shankar Date: Mon, 15 Jan 2024 17:44:45 +0100 -Subject: [PATCH] syslog: Fix integer overflow in __vsyslog_internal +Subject: [PATCH 3/3] syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780) __vsyslog_internal calculated a buffer size by adding two integers, but @@ -10,6 +10,7 @@ that. Reviewed-by: Carlos O'Donell Tested-by: Carlos O'Donell +(cherry picked from commit ddf542da94caf97ff43cc2875c88749880b7259b) --- misc/syslog.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) @@ -36,5 +37,5 @@ index 53440e47ad..4af87f54fd 100644 if (vl >= len) -- -2.37.3 +2.33.0 diff --git a/CVE-2024-2961-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch b/CVE-2024-2961-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch index e16109e..1cd02a8 100644 --- a/CVE-2024-2961-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch +++ b/CVE-2024-2961-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch @@ -1,8 +1,8 @@ -From f9dc609e06b1136bb0408be9605ce7973a767ada Mon Sep 17 00:00:00 2001 +From e1135387deded5d73924f6ca20c72a35dc8e1bda Mon Sep 17 00:00:00 2001 From: Charles Fol Date: Thu, 28 Mar 2024 12:25:38 -0300 -Subject: [PATCH] iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing - escape sequence (CVE-2024-2961) +Subject: [PATCH 14/26] iconv: ISO-2022-CN-EXT: fix out-of-bound writes when + writing escape sequence (CVE-2024-2961) ISO-2022-CN-EXT uses escape sequences to indicate character set changes (as specified by RFC 1922). While the SOdesignation has the expected @@ -15,6 +15,8 @@ Checked on aarch64-linux-gnu. Co-authored-by: Adhemerval Zanella Reviewed-by: Carlos O'Donell Tested-by: Carlos O'Donell + +(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada) --- iconvdata/Makefile | 5 +- iconvdata/iso-2022-cn-ext.c | 12 +++ @@ -23,7 +25,7 @@ Tested-by: Carlos O'Donell create mode 100644 iconvdata/tst-iconv-iso-2022-cn-ext.c diff --git a/iconvdata/Makefile b/iconvdata/Makefile -index ea019ce5c0..7196a8744b 100644 +index dd5cafab21..075098dce8 100644 --- a/iconvdata/Makefile +++ b/iconvdata/Makefile @@ -75,7 +75,8 @@ ifeq (yes,$(build-shared)) @@ -46,7 +48,7 @@ index ea019ce5c0..7196a8744b 100644 $(objpfx)iconv-test.out: run-iconv-test.sh \ $(addprefix $(objpfx), $(gconv-modules)) \ diff --git a/iconvdata/iso-2022-cn-ext.c b/iconvdata/iso-2022-cn-ext.c -index b34c8a36f4..cce29b1969 100644 +index 36727f0865..9bb02238a3 100644 --- a/iconvdata/iso-2022-cn-ext.c +++ b/iconvdata/iso-2022-cn-ext.c @@ -574,6 +574,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized"); @@ -210,5 +212,5 @@ index 0000000000..96a8765fd5 + +#include -- -2.39.3 +2.33.0 diff --git a/CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch b/CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch index f070e84..2188c60 100644 --- a/CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch +++ b/CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch @@ -1,19 +1,20 @@ -From 87801a8fd06db1d654eea3e4f7626ff476a9bdaa Mon Sep 17 00:00:00 2001 +From 5968aebb86164034b8f8421b4abab2f837a5bdaf Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Thu, 25 Apr 2024 15:00:45 +0200 -Subject: [PATCH 1/4] CVE-2024-33599: nscd: Stack-based buffer overflow in +Subject: [PATCH 20/26] CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677) Using alloca matches what other caches do. The request length is bounded by MAXKEYLEN. Reviewed-by: Carlos O'Donell +(cherry picked from commit 87801a8fd06db1d654eea3e4f7626ff476a9bdaa) --- nscd/netgroupcache.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index 0c6e46f15c..f227dc7fa2 100644 +index 06b7d7b6ca..31b721bbee 100644 --- a/nscd/netgroupcache.c +++ b/nscd/netgroupcache.c @@ -502,12 +502,13 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, @@ -33,5 +34,5 @@ index 0c6e46f15c..f227dc7fa2 100644 datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len, -- -2.39.3 +2.33.0 diff --git a/CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch b/CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch index 3cdcff6..b861cda 100644 --- a/CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch +++ b/CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch @@ -1,7 +1,7 @@ -From b048a482f088e53144d26a61c390bed0210f49f2 Mon Sep 17 00:00:00 2001 +From 2ae9446c1b7a3064743b4a51c0bbae668ee43e4c Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Thu, 25 Apr 2024 15:01:07 +0200 -Subject: [PATCH 3/4] CVE-2024-33600: nscd: Avoid null pointer crashes after +Subject: [PATCH 22/26] CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678) The addgetnetgrentX call in addinnetgrX may have failed to produce @@ -16,12 +16,13 @@ add the negative response to the mapping, so that the client can get it from there in the future, instead of going through the socket. Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit b048a482f088e53144d26a61c390bed0210f49f2) --- nscd/netgroupcache.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index c18fe111f3..e22ffa5884 100644 +index 32c6aef370..c3cd79dec5 100644 --- a/nscd/netgroupcache.c +++ b/nscd/netgroupcache.c @@ -511,14 +511,15 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, @@ -55,5 +56,5 @@ index c18fe111f3..e22ffa5884 100644 /* We write the dataset before inserting it to the database since while inserting this thread might block and so would -- -2.39.3 +2.33.0 diff --git a/CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch b/CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch index 5441a7c..29b9214 100644 --- a/CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch +++ b/CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch @@ -1,19 +1,20 @@ -From 7835b00dbce53c3c87bbbb1754a95fb5e58187aa Mon Sep 17 00:00:00 2001 +From 541ea5172aa658c4bd5c6c6d6fd13903c3d5bb0a Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Thu, 25 Apr 2024 15:01:07 +0200 -Subject: [PATCH 2/4] CVE-2024-33600: nscd: Do not send missing not-found +Subject: [PATCH 21/26] CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678) If we failed to add a not-found response to the cache, the dataset point can be null, resulting in a null pointer dereference. Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 7835b00dbce53c3c87bbbb1754a95fb5e58187aa) --- nscd/netgroupcache.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index f227dc7fa2..c18fe111f3 100644 +index 31b721bbee..32c6aef370 100644 --- a/nscd/netgroupcache.c +++ b/nscd/netgroupcache.c @@ -147,7 +147,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, @@ -54,5 +55,5 @@ index f227dc7fa2..c18fe111f3 100644 { /* If necessary, we also propagate the data to disk. */ -- -2.39.3 +2.33.0 diff --git a/CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two-.patch b/CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two-.patch index d0ca2ac..8f027b3 100644 --- a/CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two-.patch +++ b/CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two-.patch @@ -1,7 +1,7 @@ -From c04a21e050d64a1193a6daab872bca2528bda44b Mon Sep 17 00:00:00 2001 +From 71af8ca864345d39b746d5cee84b94b430fad5db Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Thu, 25 Apr 2024 15:01:07 +0200 -Subject: [PATCH] CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two +Subject: [PATCH 23/26] CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680) This avoids potential memory corruption when the underlying NSS @@ -16,12 +16,13 @@ Scratch buffer allocation failure is handled by return -1 This fixes bug 31679. Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit c04a21e050d64a1193a6daab872bca2528bda44b) --- nscd/netgroupcache.c | 219 ++++++++++++++++++++++++------------------- 1 file changed, 121 insertions(+), 98 deletions(-) diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index c3cd79de..cc4e270c 100644 +index c3cd79dec5..cc4e270c1f 100644 --- a/nscd/netgroupcache.c +++ b/nscd/netgroupcache.c @@ -23,6 +23,7 @@ @@ -385,5 +386,5 @@ index c3cd79de..cc4e270c 100644 + return timeout; } -- -2.39.3 +2.33.0 diff --git a/CVE-2025-0395-Fix-underallocation-of-abort_msg_s-struct-CVE-2025-0.patch b/CVE-2025-0395-Fix-underallocation-of-abort_msg_s-struct-CVE-2025-0.patch index 8730526..64ab3bf 100644 --- a/CVE-2025-0395-Fix-underallocation-of-abort_msg_s-struct-CVE-2025-0.patch +++ b/CVE-2025-0395-Fix-underallocation-of-abort_msg_s-struct-CVE-2025-0.patch @@ -1,7 +1,8 @@ From c32fd59314c343db88c3ea4a203870481d33c3d2 Mon Sep 17 00:00:00 2001 From: Siddhesh Poyarekar Date: Tue, 21 Jan 2025 16:11:06 -0500 -Subject: [PATCH] Fix underallocation of abort_msg_s struct (CVE-2025-0395) +Subject: [PATCH] Fix underallocation of abort_msg_s struct + (CVE-2025-0395) Include the space needed to store the length of the message itself, in addition to the message string. This resolves BZ #32582. @@ -15,6 +16,30 @@ Reviewed: Adhemerval Zanella sysdeps/posix/libc_fatal.c | 4 +++- 3 files changed, 12 insertions(+), 2 deletions(-) +diff --git a/NEWS b/NEWS +index d0815514e0..3e511d6de4 100644 +--- a/NEWS ++++ b/NEWS +@@ -34,6 +34,11 @@ Security related changes: + buffer overflow, which could be exploited to achieve escalated + privileges. This flaw was introduced in glibc 2.34. + ++ CVE-2025-0395: When the assert() function fails, it does not allocate ++ enough space for the assertion failure message string and size ++ information, which may lead to a buffer overflow if the message string ++ size aligns to page size. ++ + The following bugs are resolved with this release: + + [27821] ungetc: Fix backup buffer leak on program exit +@@ -61,6 +66,7 @@ The following bugs are resolved with this release: + [32137] libio: Attempt wide backup free only for non-legacy code + [32231] elf: Change ldconfig auxcache magic number + [32470] x86: Avoid integer truncation with large cache sizes ++ [32582] Fix underallocation of abort_msg_s struct (CVE-2025-0395) + + Version 2.38 + diff --git a/assert/assert.c b/assert/assert.c index b7c7a4a1ba..65a9fedf0d 100644 --- a/assert/assert.c @@ -60,5 +85,5 @@ index 70edcc10c1..5b9e4b7918 100644 PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); -- -2.39.3 +2.27.0 diff --git a/CVE-2025-4802-elf-Ignore-LD_LIBRARY_PATH-and-debug-env-var-for-set.patch b/CVE-2025-4802-elf-Ignore-LD_LIBRARY_PATH-and-debug-env-var-for-set.patch index 3ad84ac..88a1497 100644 --- a/CVE-2025-4802-elf-Ignore-LD_LIBRARY_PATH-and-debug-env-var-for-set.patch +++ b/CVE-2025-4802-elf-Ignore-LD_LIBRARY_PATH-and-debug-env-var-for-set.patch @@ -1,8 +1,8 @@ From 3be3728df2f1912c80abd3288bc6e3a25ad679e4 Mon Sep 17 00:00:00 2001 From: Adhemerval Zanella Date: Mon, 6 Nov 2023 17:25:49 -0300 -Subject: [PATCH] elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for - static +Subject: [PATCH] elf: Ignore LD_LIBRARY_PATH and debug env var for setuid + for static It mimics the ld.so behavior. @@ -78,5 +78,5 @@ index 44a54dea07..d57e650583 100644 DL_PLATFORM_INIT; #endif -- -2.39.3 +2.27.0 diff --git a/CVE-2025-8058-posix-Fix-double-free-after-allocation-failure-in-re.patch b/CVE-2025-8058-posix-Fix-double-free-after-allocation-failure-in-re.patch index 078829d..4770bc2 100644 --- a/CVE-2025-8058-posix-Fix-double-free-after-allocation-failure-in-re.patch +++ b/CVE-2025-8058-posix-Fix-double-free-after-allocation-failure-in-re.patch @@ -1,4 +1,4 @@ -From 6a52d5cab01ee8d3303f7c0939d6b2618c8a9606 Mon Sep 17 00:00:00 2001 +From 7ea06e994093fa0bcca0d0ee2c1db271d8d7885d Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Mon, 21 Jul 2025 21:43:49 +0200 Subject: [PATCH] posix: Fix double-free after allocation failure in regcomp @@ -10,20 +10,18 @@ parsing in regcomp, a double-free error may result. Reported-by: Anastasia Belova Co-authored-by: Paul Eggert Reviewed-by: Andreas K. Huettel -(cherry picked from commit 7ea06e994093fa0bcca0d0ee2c1db271d8d7885d) --- - NEWS | 1 + posix/Makefile | 1 + posix/regcomp.c | 4 +- posix/tst-regcomp-bracket-free.c | 176 +++++++++++++++++++++++++++++++ - 4 files changed, 181 insertions(+), 1 deletion(-) + 3 files changed, 180 insertions(+), 1 deletion(-) create mode 100644 posix/tst-regcomp-bracket-free.c diff --git a/posix/Makefile b/posix/Makefile -index 3d368b91f6..1fc0f565af 100644 +index 36b8b14c46..a36e5decd3 100644 --- a/posix/Makefile +++ b/posix/Makefile -@@ -305,6 +305,7 @@ tests := \ +@@ -304,6 +304,7 @@ tests := \ tst-posix_spawn-setsid \ tst-preadwrite \ tst-preadwrite64 \ @@ -32,10 +30,10 @@ index 3d368b91f6..1fc0f565af 100644 tst-regex \ tst-regex2 \ diff --git a/posix/regcomp.c b/posix/regcomp.c -index 12650714c0..dff00b7cab 100644 +index 32043e9d37..f7278bb852 100644 --- a/posix/regcomp.c +++ b/posix/regcomp.c -@@ -3384,6 +3384,7 @@ parse_bracket_exp (re_string_t *regexp, re_dfa_t *dfa, re_token_t *token, +@@ -3387,6 +3387,7 @@ parse_bracket_exp (re_string_t *regexp, re_dfa_t *dfa, re_token_t *token, { #ifdef RE_ENABLE_I18N free_charset (mbcset); @@ -43,7 +41,7 @@ index 12650714c0..dff00b7cab 100644 #endif /* Build a tree for simple bracket. */ br_token.type = SIMPLE_BRACKET; -@@ -3399,7 +3400,8 @@ parse_bracket_exp (re_string_t *regexp, re_dfa_t *dfa, re_token_t *token, +@@ -3402,7 +3403,8 @@ parse_bracket_exp (re_string_t *regexp, re_dfa_t *dfa, re_token_t *token, parse_bracket_exp_free_return: re_free (sbcset); #ifdef RE_ENABLE_I18N @@ -236,5 +234,5 @@ index 0000000000..3c091d8c44 + +#include -- -2.39.3 +2.27.0 diff --git a/CVE-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch b/CVE-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch index f87992c..1de6445 100644 --- a/CVE-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch +++ b/CVE-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch @@ -1,7 +1,7 @@ -From 1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa Mon Sep 17 00:00:00 2001 +From 750a45a783906a19591fb8ff6b7841470f1f5701 Mon Sep 17 00:00:00 2001 From: Siddhesh Poyarekar Date: Tue, 19 Sep 2023 18:39:32 -0400 -Subject: [PATCH] tunables: Terminate if end of input is reached +Subject: [PATCH 4/4] tunables: Terminate if end of input is reached (CVE-2023-4911) The string parsing routine may end up writing beyond bounds of tunestr @@ -18,11 +18,29 @@ correct and add new tests to validate the fix for this CVE. Signed-off-by: Siddhesh Poyarekar Reviewed-by: Carlos O'Donell +(cherry picked from commit 1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa) --- + NEWS | 5 +++++ elf/dl-tunables.c | 17 +++++++++------- elf/tst-env-setuid-tunables.c | 37 +++++++++++++++++++++++++++-------- 3 files changed, 44 insertions(+), 15 deletions(-) +diff --git a/NEWS b/NEWS +index f1b1b0a3b4..bfcd46efa9 100644 +--- a/NEWS ++++ b/NEWS +@@ -24,6 +24,11 @@ Security related changes: + an application calls getaddrinfo for AF_INET6 with AI_CANONNAME, + AI_ALL and AI_V4MAPPED flags set. + ++ CVE-2023-4911: If a tunable of the form NAME=NAME=VAL is passed in the ++ environment of a setuid program and NAME is valid, it may result in a ++ buffer overflow, which could be exploited to achieve escalated ++ privileges. This flaw was introduced in glibc 2.34. ++ + The following bugs are resolved with this release: + + [30723] posix_memalign repeatedly scans long bin lists diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 62b7332d95..cae67efa0a 100644 --- a/elf/dl-tunables.c @@ -151,5 +169,5 @@ index 7dfb0e073a..f0b92c97e7 100644 } -- -2.37.3 +2.33.0 diff --git a/Fix-error-reporting-false-negatives-in-SGID-tests.patch b/Fix-error-reporting-false-negatives-in-SGID-tests.patch new file mode 100644 index 0000000..88d862f --- /dev/null +++ b/Fix-error-reporting-false-negatives-in-SGID-tests.patch @@ -0,0 +1,320 @@ +From 5a6276d97aa6f8ab105de811020ab7187e388dcb Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 22 May 2025 14:36:37 +0200 +Subject: [PATCH] Fix error reporting (false negatives) in SGID tests + +And simplify the interface of support_capture_subprogram_self_sgid. + +Use the existing framework for temporary directories (now with +mode 0700) and directory/file deletion. Handle all execution +errors within support_capture_subprogram_self_sgid. In particular, +this includes test failures because the invoked program did not +exit with exit status zero. Existing tests that expect exit +status 42 are adjusted to use zero instead. + +In addition, fix callers not to call exit (0) with test failures +pending (which may mask them, especially when running with --direct). + +Fixes commit 35fc356fa3b4f485bd3ba3114c9f774e5df7d3c2 +("elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)"). + +Reviewed-by: Carlos O'Donell +(cherry picked from commit 3a3fb2ed83f79100c116c824454095ecfb335ad7) +--- + elf/tst-dlopen-sgid.c | 8 +- + elf/tst-env-setuid-tunables.c | 18 +---- + elf/tst-env-setuid.c | 10 +-- + stdlib/tst-secure-getenv.c | 9 +-- + support/capture_subprocess.h | 10 ++- + support/support_capture_subprocess.c | 106 ++++++--------------------- + 6 files changed, 36 insertions(+), 125 deletions(-) + +diff --git a/elf/tst-dlopen-sgid.c b/elf/tst-dlopen-sgid.c +index 5688b79f2e..8aec52e19f 100644 +--- a/elf/tst-dlopen-sgid.c ++++ b/elf/tst-dlopen-sgid.c +@@ -70,13 +70,7 @@ do_test (void) + + free (libdir); + +- int status = support_capture_subprogram_self_sgid (magic_argument); +- +- if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) +- return EXIT_UNSUPPORTED; +- +- if (!WIFEXITED (status)) +- FAIL_EXIT1 ("Unexpected exit status %d from child process\n", status); ++ support_capture_subprogram_self_sgid (magic_argument); + + return 0; + } +diff --git a/elf/tst-env-setuid-tunables.c b/elf/tst-env-setuid-tunables.c +index f0b92c97e7..4634498587 100644 +--- a/elf/tst-env-setuid-tunables.c ++++ b/elf/tst-env-setuid-tunables.c +@@ -116,10 +116,7 @@ do_test (int argc, char **argv) + + if (ret != 0) + exit (1); +- +- /* Special return code to make sure that the child executed all the way +- through. */ +- exit (42); ++ return 0; + } + else + { +@@ -138,18 +135,7 @@ do_test (int argc, char **argv) + continue; + } + +- int status = support_capture_subprogram_self_sgid (buf); +- +- /* Bail out early if unsupported. */ +- if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) +- return EXIT_UNSUPPORTED; +- +- if (WEXITSTATUS (status) != 42) +- { +- printf (" [%d] child failed with status %d\n", i, +- WEXITSTATUS (status)); +- support_record_failure (); +- } ++ support_capture_subprogram_self_sgid (buf); + } + return 0; + } +diff --git a/elf/tst-env-setuid.c b/elf/tst-env-setuid.c +index 032ab44be2..d3753f0fe7 100644 +--- a/elf/tst-env-setuid.c ++++ b/elf/tst-env-setuid.c +@@ -104,20 +104,14 @@ do_test (int argc, char **argv) + if (ret != 0) + exit (1); + +- exit (EXIT_SUCCESS); ++ return 0; + } + else + { + if (test_parent () != 0) + exit (1); + +- int status = support_capture_subprogram_self_sgid (SETGID_CHILD); +- +- if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) +- return EXIT_UNSUPPORTED; +- +- if (!WIFEXITED (status)) +- FAIL_EXIT1 ("Unexpected exit status %d from child process\n", status); ++ support_capture_subprogram_self_sgid (SETGID_CHILD); + + return 0; + } +diff --git a/stdlib/tst-secure-getenv.c b/stdlib/tst-secure-getenv.c +index b722f9909a..10847dacc5 100644 +--- a/stdlib/tst-secure-getenv.c ++++ b/stdlib/tst-secure-getenv.c +@@ -57,13 +57,7 @@ do_test (void) + exit (1); + } + +- int status = support_capture_subprogram_self_sgid (MAGIC_ARGUMENT); +- +- if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) +- return EXIT_UNSUPPORTED; +- +- if (!WIFEXITED (status)) +- FAIL_EXIT1 ("Unexpected exit status %d from child process\n", status); ++ support_capture_subprogram_self_sgid (MAGIC_ARGUMENT); + + return 0; + } +@@ -82,6 +76,7 @@ alternative_main (int argc, char **argv) + if (secure_getenv ("PATH") != NULL) + FAIL_EXIT (4, "PATH variable not filtered out\n"); + ++ support_record_failure_barrier (); + exit (EXIT_SUCCESS); + } + } +diff --git a/support/capture_subprocess.h b/support/capture_subprocess.h +index 098d63c6e3..48d99abe14 100644 +--- a/support/capture_subprocess.h ++++ b/support/capture_subprocess.h +@@ -41,10 +41,12 @@ struct support_capture_subprocess support_capture_subprocess + struct support_capture_subprocess support_capture_subprogram + (const char *file, char *const argv[]); + +-/* Copy the running program into a setgid binary and run it with CHILD_ID +- argument. If execution is successful, return the exit status of the child +- program, otherwise return a non-zero failure exit code. */ +-int support_capture_subprogram_self_sgid (const char *child_id); ++/* Copy the running program into a setgid binary and run it with ++ CHILD_ID argument. If the program exits with a non-zero status, ++ exit with that exit status (or status 1 if the program did not exit ++ normally). If the test cannot be performed, exit with ++ EXIT_UNSUPPORTED. */ ++void support_capture_subprogram_self_sgid (const char *child_id); + + /* Deallocate the subprocess data captured by + support_capture_subprocess. */ +diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c +index 76c8a235e3..21f024af41 100644 +--- a/support/support_capture_subprocess.c ++++ b/support/support_capture_subprocess.c +@@ -31,6 +31,7 @@ + #include + #include + #include ++#include + #include + + static void +@@ -112,105 +113,44 @@ support_capture_subprogram (const char *file, char *const argv[]) + /* Copies the executable into a restricted directory, so that we can + safely make it SGID with the TARGET group ID. Then runs the + executable. */ +-static int ++static void + copy_and_spawn_sgid (const char *child_id, gid_t gid) + { +- char *dirname = xasprintf ("%s/tst-tunables-setuid.%jd", +- test_dir, (intmax_t) getpid ()); ++ char *dirname = support_create_temp_directory ("tst-glibc-sgid-"); + char *execname = xasprintf ("%s/bin", dirname); +- int infd = -1; +- int outfd = -1; +- int ret = 1, status = 1; +- +- TEST_VERIFY (mkdir (dirname, 0700) == 0); +- if (support_record_failure_is_failed ()) +- goto err; ++ add_temp_file (execname); + +- infd = open ("/proc/self/exe", O_RDONLY); +- if (infd < 0) ++ if (access ("/proc/self/exe", R_OK) != 0) + FAIL_UNSUPPORTED ("unsupported: Cannot read binary from procfs\n"); + +- outfd = open (execname, O_WRONLY | O_CREAT | O_EXCL, 0700); +- TEST_VERIFY (outfd >= 0); +- if (support_record_failure_is_failed ()) +- goto err; +- +- char buf[4096]; +- for (;;) +- { +- ssize_t rdcount = read (infd, buf, sizeof (buf)); +- TEST_VERIFY (rdcount >= 0); +- if (support_record_failure_is_failed ()) +- goto err; +- if (rdcount == 0) +- break; +- char *p = buf; +- char *end = buf + rdcount; +- while (p != end) +- { +- ssize_t wrcount = write (outfd, buf, end - p); +- if (wrcount == 0) +- errno = ENOSPC; +- TEST_VERIFY (wrcount > 0); +- if (support_record_failure_is_failed ()) +- goto err; +- p += wrcount; +- } +- } ++ support_copy_file ("/proc/self/exe", execname); + +- bool chowned = false; +- TEST_VERIFY ((chowned = fchown (outfd, getuid (), gid) == 0) +- || errno == EPERM); +- if (support_record_failure_is_failed ()) +- goto err; +- else if (!chowned) +- { +- ret = 77; +- goto err; +- } ++ if (chown (execname, getuid (), gid) != 0) ++ FAIL_UNSUPPORTED ("cannot change group of \"%s\" to %jd: %m", ++ execname, (intmax_t) gid); + +- TEST_VERIFY (fchmod (outfd, 02750) == 0); +- if (support_record_failure_is_failed ()) +- goto err; +- TEST_VERIFY (close (outfd) == 0); +- if (support_record_failure_is_failed ()) +- goto err; +- TEST_VERIFY (close (infd) == 0); +- if (support_record_failure_is_failed ()) +- goto err; ++ if (chmod (execname, 02750) != 0) ++ FAIL_UNSUPPORTED ("cannot make \"%s\" SGID: %m ", execname); + + /* We have the binary, now spawn the subprocess. Avoid using + support_subprogram because we only want the program exit status, not the + contents. */ +- ret = 0; +- infd = outfd = -1; + + char * const args[] = {execname, (char *) child_id, NULL}; ++ int status = support_subprogram_wait (args[0], args); + +- status = support_subprogram_wait (args[0], args); ++ free (execname); ++ free (dirname); + +-err: +- if (outfd >= 0) +- close (outfd); +- if (infd >= 0) +- close (infd); +- if (execname != NULL) +- { +- unlink (execname); +- free (execname); +- } +- if (dirname != NULL) ++ if (WIFEXITED (status)) + { +- rmdir (dirname); +- free (dirname); ++ if (WEXITSTATUS (status) == 0) ++ return; ++ else ++ exit (WEXITSTATUS (status)); + } +- +- if (ret == 77) +- FAIL_UNSUPPORTED ("Failed to make sgid executable for test\n"); +- if (ret != 0) +- FAIL_EXIT1 ("Failed to make sgid executable for test\n"); +- +- return status; ++ else ++ FAIL_EXIT1 ("subprogram failed with status %d", status); + } + + /* Returns true if a group with NAME has been found, and writes its +@@ -252,7 +192,7 @@ find_sgid_group (gid_t *target, const char *name) + return ok; + } + +-int ++void + support_capture_subprogram_self_sgid (const char *child_id) + { + const int count = 64; +@@ -287,7 +227,7 @@ support_capture_subprogram_self_sgid (const char *child_id) + (intmax_t) getuid ()); + } + +- return copy_and_spawn_sgid (child_id, target); ++ copy_and_spawn_sgid (child_id, target); + } + + void +-- +2.27.0 + diff --git a/Fix-name-space-violation-in-fortify-wrappers-bug-320.patch b/Fix-name-space-violation-in-fortify-wrappers-bug-320.patch new file mode 100644 index 0000000..daab1bf --- /dev/null +++ b/Fix-name-space-violation-in-fortify-wrappers-bug-320.patch @@ -0,0 +1,298 @@ +From 059f82c3b9bd929182195c163c6d7f3bbffabf51 Mon Sep 17 00:00:00 2001 +From: Andreas Schwab +Date: Mon, 5 Aug 2024 10:55:51 +0200 +Subject: [PATCH] Fix name space violation in fortify wrappers (bug 32052) + +Rename the identifier sz to __sz everywhere. + +Fixes: a643f60c53 ("Make sure that the fortified function conditionals are constant") +(cherry picked from commit 39ca997ab378990d5ac1aadbaa52aaf1db6d526f) +(redone from scratch because of many conflicts) +--- + NEWS | 2 +- + libio/bits/stdio2.h | 40 +++++++++++++++---------------- + socket/bits/socket2.h | 20 ++++++++-------- + stdlib/bits/stdlib.h | 10 ++++---- + wcsmbs/bits/wchar2.h | 56 +++++++++++++++++++++---------------------- + 5 files changed, 64 insertions(+), 64 deletions(-) + +diff --git a/NEWS b/NEWS +index 5172049eb2..7a9a4b7ea3 100644 +--- a/NEWS ++++ b/NEWS +@@ -56,7 +56,7 @@ The following bugs are resolved with this release: + [31890] resolv: Allow short error responses to match any DNS query + [31965] rseq extension mechanism does not work as intended + [31968] mremap implementation in C does not handle arguments correctly +- ++ [32052] Name space violation in fortify wrappers + + Version 2.38 + +diff --git a/libio/bits/stdio2.h b/libio/bits/stdio2.h +index 71226408ab..6cecd1b956 100644 +--- a/libio/bits/stdio2.h ++++ b/libio/bits/stdio2.h +@@ -194,36 +194,36 @@ gets (char *__str) + __fortify_function __wur __fortified_attr_access (__write_only__, 1, 2) char * + fgets (char *__restrict __s, int __n, FILE *__restrict __stream) + { +- size_t sz = __glibc_objsize (__s); +- if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) ++ size_t __sz = __glibc_objsize (__s); ++ if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) + return __fgets_alias (__s, __n, __stream); +- if (__glibc_unsafe_len (__n, sizeof (char), sz)) +- return __fgets_chk_warn (__s, sz, __n, __stream); +- return __fgets_chk (__s, sz, __n, __stream); ++ if (__glibc_unsafe_len (__n, sizeof (char), __sz)) ++ return __fgets_chk_warn (__s, __sz, __n, __stream); ++ return __fgets_chk (__s, __sz, __n, __stream); + } + + __fortify_function __wur size_t + fread (void *__restrict __ptr, size_t __size, size_t __n, + FILE *__restrict __stream) + { +- size_t sz = __glibc_objsize0 (__ptr); +- if (__glibc_safe_or_unknown_len (__n, __size, sz)) ++ size_t __sz = __glibc_objsize0 (__ptr); ++ if (__glibc_safe_or_unknown_len (__n, __size, __sz)) + return __fread_alias (__ptr, __size, __n, __stream); +- if (__glibc_unsafe_len (__n, __size, sz)) +- return __fread_chk_warn (__ptr, sz, __size, __n, __stream); +- return __fread_chk (__ptr, sz, __size, __n, __stream); ++ if (__glibc_unsafe_len (__n, __size, __sz)) ++ return __fread_chk_warn (__ptr, __sz, __size, __n, __stream); ++ return __fread_chk (__ptr, __sz, __size, __n, __stream); + } + + #ifdef __USE_GNU + __fortify_function __wur __fortified_attr_access (__write_only__, 1, 2) char * + fgets_unlocked (char *__restrict __s, int __n, FILE *__restrict __stream) + { +- size_t sz = __glibc_objsize (__s); +- if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) ++ size_t __sz = __glibc_objsize (__s); ++ if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) + return __fgets_unlocked_alias (__s, __n, __stream); +- if (__glibc_unsafe_len (__n, sizeof (char), sz)) +- return __fgets_unlocked_chk_warn (__s, sz, __n, __stream); +- return __fgets_unlocked_chk (__s, sz, __n, __stream); ++ if (__glibc_unsafe_len (__n, sizeof (char), __sz)) ++ return __fgets_unlocked_chk_warn (__s, __sz, __n, __stream); ++ return __fgets_unlocked_chk (__s, __sz, __n, __stream); + } + #endif + +@@ -233,8 +233,8 @@ __fortify_function __wur size_t + fread_unlocked (void *__restrict __ptr, size_t __size, size_t __n, + FILE *__restrict __stream) + { +- size_t sz = __glibc_objsize0 (__ptr); +- if (__glibc_safe_or_unknown_len (__n, __size, sz)) ++ size_t __sz = __glibc_objsize0 (__ptr); ++ if (__glibc_safe_or_unknown_len (__n, __size, __sz)) + { + # ifdef __USE_EXTERN_INLINES + if (__builtin_constant_p (__size) +@@ -259,9 +259,9 @@ fread_unlocked (void *__restrict __ptr, size_t __size, size_t __n, + # endif + return __fread_unlocked_alias (__ptr, __size, __n, __stream); + } +- if (__glibc_unsafe_len (__n, __size, sz)) +- return __fread_unlocked_chk_warn (__ptr, sz, __size, __n, __stream); +- return __fread_unlocked_chk (__ptr, sz, __size, __n, __stream); ++ if (__glibc_unsafe_len (__n, __size, __sz)) ++ return __fread_unlocked_chk_warn (__ptr, __sz, __size, __n, __stream); ++ return __fread_unlocked_chk (__ptr, __sz, __size, __n, __stream); + + } + #endif +diff --git a/socket/bits/socket2.h b/socket/bits/socket2.h +index ffcc671625..5ed2498782 100644 +--- a/socket/bits/socket2.h ++++ b/socket/bits/socket2.h +@@ -33,12 +33,12 @@ extern ssize_t __REDIRECT (__recv_chk_warn, + __fortify_function ssize_t + recv (int __fd, void *__buf, size_t __n, int __flags) + { +- size_t sz = __glibc_objsize0 (__buf); +- if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) ++ size_t __sz = __glibc_objsize0 (__buf); ++ if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) + return __recv_alias (__fd, __buf, __n, __flags); +- if (__glibc_unsafe_len (__n, sizeof (char), sz)) +- return __recv_chk_warn (__fd, __buf, __n, sz, __flags); +- return __recv_chk (__fd, __buf, __n, sz, __flags); ++ if (__glibc_unsafe_len (__n, sizeof (char), __sz)) ++ return __recv_chk_warn (__fd, __buf, __n, __sz, __flags); ++ return __recv_chk (__fd, __buf, __n, __sz, __flags); + } + + extern ssize_t __recvfrom_chk (int __fd, void *__restrict __buf, size_t __n, +@@ -61,11 +61,11 @@ __fortify_function ssize_t + recvfrom (int __fd, void *__restrict __buf, size_t __n, int __flags, + __SOCKADDR_ARG __addr, socklen_t *__restrict __addr_len) + { +- size_t sz = __glibc_objsize0 (__buf); +- if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) ++ size_t __sz = __glibc_objsize0 (__buf); ++ if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) + return __recvfrom_alias (__fd, __buf, __n, __flags, __addr, __addr_len); +- if (__glibc_unsafe_len (__n, sizeof (char), sz)) +- return __recvfrom_chk_warn (__fd, __buf, __n, sz, __flags, __addr, ++ if (__glibc_unsafe_len (__n, sizeof (char), __sz)) ++ return __recvfrom_chk_warn (__fd, __buf, __n, __sz, __flags, __addr, + __addr_len); +- return __recvfrom_chk (__fd, __buf, __n, sz, __flags, __addr, __addr_len); ++ return __recvfrom_chk (__fd, __buf, __n, __sz, __flags, __addr, __addr_len); + } +diff --git a/stdlib/bits/stdlib.h b/stdlib/bits/stdlib.h +index c6c0082ad5..ef33180f10 100644 +--- a/stdlib/bits/stdlib.h ++++ b/stdlib/bits/stdlib.h +@@ -36,16 +36,16 @@ extern char *__REDIRECT_NTH (__realpath_chk_warn, + __fortify_function __wur char * + __NTH (realpath (const char *__restrict __name, char *__restrict __resolved)) + { +- size_t sz = __glibc_objsize (__resolved); ++ size_t __sz = __glibc_objsize (__resolved); + +- if (sz == (size_t) -1) ++ if (__sz == (size_t) -1) + return __realpath_alias (__name, __resolved); + + #if defined _LIBC_LIMITS_H_ && defined PATH_MAX +- if (__glibc_unsafe_len (PATH_MAX, sizeof (char), sz)) +- return __realpath_chk_warn (__name, __resolved, sz); ++ if (__glibc_unsafe_len (PATH_MAX, sizeof (char), __sz)) ++ return __realpath_chk_warn (__name, __resolved, __sz); + #endif +- return __realpath_chk (__name, __resolved, sz); ++ return __realpath_chk (__name, __resolved, __sz); + } + + +diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h +index 6e6234d606..44c1643565 100644 +--- a/wcsmbs/bits/wchar2.h ++++ b/wcsmbs/bits/wchar2.h +@@ -59,18 +59,18 @@ __NTH (wmemset (wchar_t *__s, wchar_t __c, size_t __n)) + __fortify_function wchar_t * + __NTH (wcscpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) + { +- size_t sz = __glibc_objsize (__dest); +- if (sz != (size_t) -1) +- return __wcscpy_chk (__dest, __src, sz / sizeof (wchar_t)); ++ size_t __sz = __glibc_objsize (__dest); ++ if (__sz != (size_t) -1) ++ return __wcscpy_chk (__dest, __src, __sz / sizeof (wchar_t)); + return __wcscpy_alias (__dest, __src); + } + + __fortify_function wchar_t * + __NTH (wcpcpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) + { +- size_t sz = __glibc_objsize (__dest); +- if (sz != (size_t) -1) +- return __wcpcpy_chk (__dest, __src, sz / sizeof (wchar_t)); ++ size_t __sz = __glibc_objsize (__dest); ++ if (__sz != (size_t) -1) ++ return __wcpcpy_chk (__dest, __src, __sz / sizeof (wchar_t)); + return __wcpcpy_alias (__dest, __src); + } + +@@ -95,9 +95,9 @@ __NTH (wcpncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, + __fortify_function wchar_t * + __NTH (wcscat (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) + { +- size_t sz = __glibc_objsize (__dest); +- if (sz != (size_t) -1) +- return __wcscat_chk (__dest, __src, sz / sizeof (wchar_t)); ++ size_t __sz = __glibc_objsize (__dest); ++ if (__sz != (size_t) -1) ++ return __wcscat_chk (__dest, __src, __sz / sizeof (wchar_t)); + return __wcscat_alias (__dest, __src); + } + +@@ -105,9 +105,9 @@ __fortify_function wchar_t * + __NTH (wcsncat (wchar_t *__restrict __dest, const wchar_t *__restrict __src, + size_t __n)) + { +- size_t sz = __glibc_objsize (__dest); +- if (sz != (size_t) -1) +- return __wcsncat_chk (__dest, __src, __n, sz / sizeof (wchar_t)); ++ size_t __sz = __glibc_objsize (__dest); ++ if (__sz != (size_t) -1) ++ return __wcsncat_chk (__dest, __src, __n, __sz / sizeof (wchar_t)); + return __wcsncat_alias (__dest, __src, __n); + } + +@@ -144,10 +144,10 @@ __fortify_function int + __NTH (swprintf (wchar_t *__restrict __s, size_t __n, + const wchar_t *__restrict __fmt, ...)) + { +- size_t sz = __glibc_objsize (__s); +- if (sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) ++ size_t __sz = __glibc_objsize (__s); ++ if (__sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) + return __swprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, +- sz / sizeof (wchar_t), __fmt, __va_arg_pack ()); ++ __sz / sizeof (wchar_t), __fmt, __va_arg_pack ()); + return __swprintf_alias (__s, __n, __fmt, __va_arg_pack ()); + } + #elif !defined __cplusplus +@@ -163,10 +163,10 @@ __fortify_function int + __NTH (vswprintf (wchar_t *__restrict __s, size_t __n, + const wchar_t *__restrict __fmt, __gnuc_va_list __ap)) + { +- size_t sz = __glibc_objsize (__s); +- if (sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) ++ size_t __sz = __glibc_objsize (__s); ++ if (__sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) + return __vswprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, +- sz / sizeof (wchar_t), __fmt, __ap); ++ __sz / sizeof (wchar_t), __fmt, __ap); + return __vswprintf_alias (__s, __n, __fmt, __ap); + } + +@@ -210,25 +210,25 @@ vfwprintf (__FILE *__restrict __stream, + __fortify_function __wur wchar_t * + fgetws (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream) + { +- size_t sz = __glibc_objsize (__s); +- if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), sz)) ++ size_t __sz = __glibc_objsize (__s); ++ if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), __sz)) + return __fgetws_alias (__s, __n, __stream); +- if (__glibc_unsafe_len (__n, sizeof (wchar_t), sz)) +- return __fgetws_chk_warn (__s, sz / sizeof (wchar_t), __n, __stream); +- return __fgetws_chk (__s, sz / sizeof (wchar_t), __n, __stream); ++ if (__glibc_unsafe_len (__n, sizeof (wchar_t), __sz)) ++ return __fgetws_chk_warn (__s, __sz / sizeof (wchar_t), __n, __stream); ++ return __fgetws_chk (__s, __sz / sizeof (wchar_t), __n, __stream); + } + + #ifdef __USE_GNU + __fortify_function __wur wchar_t * + fgetws_unlocked (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream) + { +- size_t sz = __glibc_objsize (__s); +- if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), sz)) ++ size_t __sz = __glibc_objsize (__s); ++ if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), __sz)) + return __fgetws_unlocked_alias (__s, __n, __stream); +- if (__glibc_unsafe_len (__n, sizeof (wchar_t), sz)) +- return __fgetws_unlocked_chk_warn (__s, sz / sizeof (wchar_t), __n, ++ if (__glibc_unsafe_len (__n, sizeof (wchar_t), __sz)) ++ return __fgetws_unlocked_chk_warn (__s, __sz / sizeof (wchar_t), __n, + __stream); +- return __fgetws_unlocked_chk (__s, sz / sizeof (wchar_t), __n, __stream); ++ return __fgetws_unlocked_chk (__s, __sz / sizeof (wchar_t), __n, __stream); + } + #endif + +-- +2.33.0 + diff --git a/Force-DT_RPATH-for-enable-hardcoded-path-in-tests.patch b/Force-DT_RPATH-for-enable-hardcoded-path-in-tests.patch new file mode 100644 index 0000000..aff97d9 --- /dev/null +++ b/Force-DT_RPATH-for-enable-hardcoded-path-in-tests.patch @@ -0,0 +1,50 @@ +From 249646f12b08f3dbd9a8e8b8021e5c0e3a0b7e1e Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Thu, 9 May 2024 20:07:01 -0700 +Subject: [PATCH] Force DT_RPATH for --enable-hardcoded-path-in-tests + +On Fedora 40/x86-64, linker enables --enable-new-dtags by default which +generates DT_RUNPATH instead of DT_RPATH. Unlike DT_RPATH, DT_RUNPATH +only applies to DT_NEEDED entries in the executable and doesn't applies +to DT_NEEDED entries in shared libraries which are loaded via DT_NEEDED +entries in the executable. Some glibc tests have libstdc++.so.6 in +DT_NEEDED, which has libm.so.6 in DT_NEEDED. When DT_RUNPATH is generated, +/lib64/libm.so.6 is loaded for such tests. If the newly built glibc is +older than glibc 2.36, these tests fail with + +assert/tst-assert-c++: /export/build/gnu/tools-build/glibc-gitlab-release/build-x86_64-linux/libc.so.6: version `GLIBC_2.36' not found (required by /lib64/libm.so.6) +assert/tst-assert-c++: /export/build/gnu/tools-build/glibc-gitlab-release/build-x86_64-linux/libc.so.6: version `GLIBC_ABI_DT_RELR' not found (required by /lib64/libm.so.6) + +Pass -Wl,--disable-new-dtags to linker when building glibc tests with +--enable-hardcoded-path-in-tests. This fixes BZ #31719. + +Signed-off-by: H.J. Lu +(cherry picked from commit 2dcaf70643710e22f92a351e36e3cff8b48c60dc) +--- + Makeconfig | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/Makeconfig b/Makeconfig +index 77d7fd14df..3f8acff459 100644 +--- a/Makeconfig ++++ b/Makeconfig +@@ -586,10 +586,13 @@ link-libc-rpath-link = -Wl,-rpath-link=$(rpath-link) + # before the expansion of LDLIBS-* variables). + + # Tests use -Wl,-rpath instead of -Wl,-rpath-link for +-# build-hardcoded-path-in-tests. ++# build-hardcoded-path-in-tests. Add -Wl,--disable-new-dtags to force ++# DT_RPATH instead of DT_RUNPATH which only applies to DT_NEEDED entries ++# in the executable and doesn't applies to DT_NEEDED entries in shared ++# libraries which are loaded via DT_NEEDED entries in the executable. + ifeq (yes,$(build-hardcoded-path-in-tests)) +-link-libc-tests-rpath-link = $(link-libc-rpath) +-link-test-modules-rpath-link = $(link-libc-rpath) ++link-libc-tests-rpath-link = $(link-libc-rpath) -Wl,--disable-new-dtags ++link-test-modules-rpath-link = $(link-libc-rpath) -Wl,--disable-new-dtags + else + link-libc-tests-rpath-link = $(link-libc-rpath-link) + link-test-modules-rpath-link = +-- +2.33.0 + diff --git a/Make-tst-ungetc-use-libsupport.patch b/Make-tst-ungetc-use-libsupport.patch new file mode 100644 index 0000000..8a0a140 --- /dev/null +++ b/Make-tst-ungetc-use-libsupport.patch @@ -0,0 +1,147 @@ +From 87a1968a72e4b4e5436f3e2be1ed8a8d5a5862c7 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Wed, 14 Aug 2024 19:20:04 -0400 +Subject: [PATCH] Make tst-ungetc use libsupport + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: Carlos O'Donell +(cherry picked from commit 3f7df7e757f4efec38e45d4068e5492efcac4856) +--- + stdio-common/tst-ungetc.c | 112 +++++++++++++++++++------------------- + 1 file changed, 57 insertions(+), 55 deletions(-) + +diff --git a/stdio-common/tst-ungetc.c b/stdio-common/tst-ungetc.c +index 1344b2b591..5c808f0734 100644 +--- a/stdio-common/tst-ungetc.c ++++ b/stdio-common/tst-ungetc.c +@@ -1,70 +1,72 @@ +-/* Test for ungetc bugs. */ ++/* Test for ungetc bugs. ++ Copyright (C) 1996-2024 Free Software Foundation, Inc. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ + + #include + #include +-#include +- +-#undef assert +-#define assert(x) \ +- if (!(x)) \ +- { \ +- fputs ("test failed: " #x "\n", stderr); \ +- retval = 1; \ +- goto the_end; \ +- } ++#include ++#include ++#include ++#include ++#include + +-int +-main (int argc, char *argv[]) ++static int ++do_test (void) + { +- char name[] = "/tmp/tst-ungetc.XXXXXX"; ++ char *name = NULL; + FILE *fp = NULL; +- int retval = 0; + int c; + char buffer[64]; + +- int fd = mkstemp (name); ++ int fd = create_temp_file ("tst-ungetc.", &name); + if (fd == -1) +- { +- printf ("mkstemp failed: %m\n"); +- return 1; +- } +- close (fd); +- fp = fopen (name, "w"); +- assert (fp != NULL) +- fputs ("bla", fp); +- fclose (fp); +- fp = NULL; ++ FAIL_EXIT1 ("cannot create temporary file: %m"); ++ xclose (fd); + +- fp = fopen (name, "r"); +- assert (fp != NULL); +- assert (ungetc ('z', fp) == 'z'); +- assert (getc (fp) == 'z'); +- assert (getc (fp) == 'b'); +- assert (getc (fp) == 'l'); +- assert (ungetc ('m', fp) == 'm'); +- assert (getc (fp) == 'm'); +- assert ((c = getc (fp)) == 'a'); +- assert (getc (fp) == EOF); +- assert (ungetc (c, fp) == c); +- assert (feof (fp) == 0); +- assert (getc (fp) == c); +- assert (getc (fp) == EOF); +- fclose (fp); +- fp = NULL; ++ fp = xfopen (name, "w"); ++ fputs ("bla", fp); ++ xfclose (fp); + +- fp = fopen (name, "r"); +- assert (fp != NULL); +- assert (getc (fp) == 'b'); +- assert (getc (fp) == 'l'); +- assert (ungetc ('b', fp) == 'b'); +- assert (fread (buffer, 1, 64, fp) == 2); +- assert (buffer[0] == 'b'); +- assert (buffer[1] == 'a'); ++ fp = xfopen (name, "r"); ++ TEST_VERIFY_EXIT (ungetc ('z', fp) == 'z'); ++ TEST_VERIFY_EXIT (getc (fp) == 'z'); ++ TEST_VERIFY_EXIT (getc (fp) == 'b'); ++ TEST_VERIFY_EXIT (getc (fp) == 'l'); ++ TEST_VERIFY_EXIT (ungetc ('m', fp) == 'm'); ++ TEST_VERIFY_EXIT (getc (fp) == 'm'); ++ TEST_VERIFY_EXIT ((c = getc (fp)) == 'a'); ++ TEST_VERIFY_EXIT (getc (fp) == EOF); ++ TEST_VERIFY_EXIT (ungetc (c, fp) == c); ++ TEST_VERIFY_EXIT (feof (fp) == 0); ++ TEST_VERIFY_EXIT (getc (fp) == c); ++ TEST_VERIFY_EXIT (getc (fp) == EOF); ++ xfclose (fp); + +-the_end: +- if (fp != NULL) +- fclose (fp); +- unlink (name); ++ fp = xfopen (name, "r"); ++ TEST_VERIFY_EXIT (getc (fp) == 'b'); ++ TEST_VERIFY_EXIT (getc (fp) == 'l'); ++ TEST_VERIFY_EXIT (ungetc ('b', fp) == 'b'); ++ TEST_VERIFY_EXIT (fread (buffer, 1, 64, fp) == 2); ++ TEST_VERIFY_EXIT (buffer[0] == 'b'); ++ TEST_VERIFY_EXIT (buffer[1] == 'a'); ++ xfclose (fp); + +- return retval; ++ return 0; + } ++ ++#include +-- +2.33.0 + diff --git a/NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch b/NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch new file mode 100644 index 0000000..3c6ba52 --- /dev/null +++ b/NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch @@ -0,0 +1,27 @@ +From d25e2c8d5cb0778ae87ad43b1f4c301abe5a932b Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Sat, 23 Dec 2023 06:24:41 -0800 +Subject: [PATCH 6/9] NEWS: Mention bug fixes for 29039/30694/30709/30721 + +--- + NEWS | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/NEWS b/NEWS +index 6fbb8a9e1d..db4d6c8373 100644 +--- a/NEWS ++++ b/NEWS +@@ -31,6 +31,10 @@ Security related changes: + + The following bugs are resolved with this release: + ++ [29039] Corrupt DTV after reuse of a TLS module ID following dlclose with unused TLS ++ [30694] The iconv program no longer tells the user which given encoding name was wrong ++ [30709] nscd fails to build with cleanup handler if built with -fexceptions ++ [30721] x86_64: Fix build with --disable-multiarch + [30723] posix_memalign repeatedly scans long bin lists + [30789] sem_open will fail on multithreaded scenarios when semaphore + file doesn't exist (O_CREAT) +-- +2.33.0 + diff --git a/NEWS-Mention-bug-fixes-for-30745-30843.patch b/NEWS-Mention-bug-fixes-for-30745-30843.patch new file mode 100644 index 0000000..4148758 --- /dev/null +++ b/NEWS-Mention-bug-fixes-for-30745-30843.patch @@ -0,0 +1,30 @@ +From 27339a3eb8f987eebae72b854af80256c1588ebd Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Sat, 23 Dec 2023 06:27:50 -0800 +Subject: [PATCH 7/9] NEWS: Mention bug fixes for 30745/30843 + +--- + NEWS | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/NEWS b/NEWS +index db4d6c8373..905230b838 100644 +--- a/NEWS ++++ b/NEWS +@@ -36,11 +36,13 @@ The following bugs are resolved with this release: + [30709] nscd fails to build with cleanup handler if built with -fexceptions + [30721] x86_64: Fix build with --disable-multiarch + [30723] posix_memalign repeatedly scans long bin lists ++ [30745] Slight bug in cache info codes for x86 + [30789] sem_open will fail on multithreaded scenarios when semaphore + file doesn't exist (O_CREAT) + [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with + -D_FILE_OFFSET_BITS=64 + [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) ++ [30843] potential use-after-free in getcanonname (CVE-2023-4806) + [31184] FAIL: elf/tst-tlsgap + [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic + +-- +2.33.0 + diff --git a/S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch b/S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch new file mode 100644 index 0000000..5ad5372 --- /dev/null +++ b/S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch @@ -0,0 +1,66 @@ +From 18876c9ff52c3d9aefe2c663b1a287589bebedc0 Mon Sep 17 00:00:00 2001 +From: Stefan Liebler +Date: Tue, 30 Jan 2024 09:34:32 +0100 +Subject: [PATCH 2/6] S390: Fix building with --disable-mutli-arch [BZ #31196] +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Starting with commits +- 7ea510127e2067efa07865158ac92c330c379950 +string: Add libc_hidden_proto for strchrnul +- 22999b2f0fb62eed1af4095d062bd1272d6afeb1 +string: Add libc_hidden_proto for memrchr + +building glibc on s390x with --disable-multi-arch fails if only +the C-variant of strchrnul / memrchr is used. This is the case +if gcc uses -march < z13. + +The build fails with: +../sysdeps/s390/strchrnul-c.c:28:49: error: ‘__strchrnul_c’ undeclared here (not in a function); did you mean ‘__strchrnul’? + 28 | __hidden_ver1 (__strchrnul_c, __GI___strchrnul, __strchrnul_c); + +With --disable-multi-arch, __strchrnul_c is not available as string/strchrnul.c +is just included without defining STRCHRNUL and thus we also don't have to create +the internal hidden symbol. + +Tested-by: Andreas K. Hüttel +(cherry picked from commit cc1b91eabd806057aa7e3058a84bf129ed36e157) +--- + sysdeps/s390/memrchr-c.c | 4 +++- + sysdeps/s390/strchrnul-c.c | 4 +++- + 2 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/s390/memrchr-c.c b/sysdeps/s390/memrchr-c.c +index bdf3c7bbe0..fadd63087a 100644 +--- a/sysdeps/s390/memrchr-c.c ++++ b/sysdeps/s390/memrchr-c.c +@@ -25,7 +25,9 @@ + + # include + +-# if defined SHARED && IS_IN (libc) ++# if HAVE_MEMRCHR_IFUNC ++# if defined SHARED && IS_IN (libc) + __hidden_ver1 (__memrchr_c, __GI___memrchr, __memrchr_c); ++# endif + # endif + #endif +diff --git a/sysdeps/s390/strchrnul-c.c b/sysdeps/s390/strchrnul-c.c +index f6f5bae311..97fbc16edb 100644 +--- a/sysdeps/s390/strchrnul-c.c ++++ b/sysdeps/s390/strchrnul-c.c +@@ -24,7 +24,9 @@ + # endif + + # include +-# if defined SHARED && IS_IN (libc) ++# if HAVE_STRCHRNUL_IFUNC ++# if defined SHARED && IS_IN (libc) + __hidden_ver1 (__strchrnul_c, __GI___strchrnul, __strchrnul_c); ++# endif + # endif + #endif +-- +2.33.0 + diff --git a/Update-syscall-lists-for-Linux-6.6.patch b/Update-syscall-lists-for-Linux-6.6.patch new file mode 100644 index 0000000..dcacdb2 --- /dev/null +++ b/Update-syscall-lists-for-Linux-6.6.patch @@ -0,0 +1,406 @@ +From ffdf8ef6c12e2fe887d3b8be708884b0279c2871 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Tue, 31 Oct 2023 13:32:33 -0300 +Subject: [PATCH] Update syscall lists for Linux 6.6 + +Linux 6.6 has one new syscall for all architectures, fchmodat2, and +the map_shadow_stack on x86_64. + +(cherry picked from commit 582383b37d95b133c1ee6855ffaa2b1f5cb3d3b8) +--- + sysdeps/unix/sysv/linux/aarch64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/alpha/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/arc/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/arm/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/csky/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/hppa/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/i386/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/ia64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/loongarch/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/m68k/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/microblaze/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/nios2/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/or1k/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/sh/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h | 1 + + sysdeps/unix/sysv/linux/syscall-names.list | 6 ++++-- + sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h | 2 ++ + sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h | 1 + + 28 files changed, 32 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h b/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h +index 8f21ee66a0..746991aa2f 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h +@@ -44,6 +44,7 @@ + #define __NR_fchdir 50 + #define __NR_fchmod 52 + #define __NR_fchmodat 53 ++#define __NR_fchmodat2 452 + #define __NR_fchown 55 + #define __NR_fchownat 54 + #define __NR_fcntl 25 +diff --git a/sysdeps/unix/sysv/linux/alpha/arch-syscall.h b/sysdeps/unix/sysv/linux/alpha/arch-syscall.h +index c5802a5fec..32efe51267 100644 +--- a/sysdeps/unix/sysv/linux/alpha/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/alpha/arch-syscall.h +@@ -56,6 +56,7 @@ + #define __NR_fchdir 13 + #define __NR_fchmod 124 + #define __NR_fchmodat 461 ++#define __NR_fchmodat2 562 + #define __NR_fchown 123 + #define __NR_fchownat 453 + #define __NR_fcntl 92 +diff --git a/sysdeps/unix/sysv/linux/arc/arch-syscall.h b/sysdeps/unix/sysv/linux/arc/arch-syscall.h +index f23f9e1154..1d2879e877 100644 +--- a/sysdeps/unix/sysv/linux/arc/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/arc/arch-syscall.h +@@ -48,6 +48,7 @@ + #define __NR_fchdir 50 + #define __NR_fchmod 52 + #define __NR_fchmodat 53 ++#define __NR_fchmodat2 452 + #define __NR_fchown 55 + #define __NR_fchownat 54 + #define __NR_fcntl64 25 +diff --git a/sysdeps/unix/sysv/linux/arm/arch-syscall.h b/sysdeps/unix/sysv/linux/arm/arch-syscall.h +index 7edf574899..6711981e78 100644 +--- a/sysdeps/unix/sysv/linux/arm/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/arm/arch-syscall.h +@@ -64,6 +64,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 333 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchown32 207 + #define __NR_fchownat 325 +diff --git a/sysdeps/unix/sysv/linux/csky/arch-syscall.h b/sysdeps/unix/sysv/linux/csky/arch-syscall.h +index d74a06e063..92d9a703ea 100644 +--- a/sysdeps/unix/sysv/linux/csky/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/csky/arch-syscall.h +@@ -50,6 +50,7 @@ + #define __NR_fchdir 50 + #define __NR_fchmod 52 + #define __NR_fchmodat 53 ++#define __NR_fchmodat2 452 + #define __NR_fchown 55 + #define __NR_fchownat 54 + #define __NR_fcntl64 25 +diff --git a/sysdeps/unix/sysv/linux/hppa/arch-syscall.h b/sysdeps/unix/sysv/linux/hppa/arch-syscall.h +index 5568b94cd3..fbac124b70 100644 +--- a/sysdeps/unix/sysv/linux/hppa/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/hppa/arch-syscall.h +@@ -63,6 +63,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 286 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchownat 278 + #define __NR_fcntl 55 +diff --git a/sysdeps/unix/sysv/linux/i386/arch-syscall.h b/sysdeps/unix/sysv/linux/i386/arch-syscall.h +index 3af21a15cb..8961788a96 100644 +--- a/sysdeps/unix/sysv/linux/i386/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/i386/arch-syscall.h +@@ -67,6 +67,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 306 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchown32 207 + #define __NR_fchownat 298 +diff --git a/sysdeps/unix/sysv/linux/ia64/arch-syscall.h b/sysdeps/unix/sysv/linux/ia64/arch-syscall.h +index 39b270e642..1ef762d693 100644 +--- a/sysdeps/unix/sysv/linux/ia64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/ia64/arch-syscall.h +@@ -55,6 +55,7 @@ + #define __NR_fchdir 1035 + #define __NR_fchmod 1099 + #define __NR_fchmodat 1292 ++#define __NR_fchmodat2 1476 + #define __NR_fchown 1100 + #define __NR_fchownat 1284 + #define __NR_fcntl 1066 +diff --git a/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h b/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h +index fdefe8bb6f..3664e6f7c8 100644 +--- a/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h +@@ -44,6 +44,7 @@ + #define __NR_fchdir 50 + #define __NR_fchmod 52 + #define __NR_fchmodat 53 ++#define __NR_fchmodat2 452 + #define __NR_fchown 55 + #define __NR_fchownat 54 + #define __NR_fcntl 25 +diff --git a/sysdeps/unix/sysv/linux/m68k/arch-syscall.h b/sysdeps/unix/sysv/linux/m68k/arch-syscall.h +index 315e49cd33..2053d5d392 100644 +--- a/sysdeps/unix/sysv/linux/m68k/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/m68k/arch-syscall.h +@@ -67,6 +67,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 299 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchown32 207 + #define __NR_fchownat 291 +diff --git a/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h b/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h +index 54af12780c..6865b1693c 100644 +--- a/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h +@@ -67,6 +67,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 306 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchown32 207 + #define __NR_fchownat 298 +diff --git a/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h +index a2aa1ffa1b..b13ace8e1c 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h +@@ -67,6 +67,7 @@ + #define __NR_fchdir 4133 + #define __NR_fchmod 4094 + #define __NR_fchmodat 4299 ++#define __NR_fchmodat2 4452 + #define __NR_fchown 4095 + #define __NR_fchownat 4291 + #define __NR_fcntl 4055 +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h +index 5bec858040..b7a7c0dfa7 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h +@@ -64,6 +64,7 @@ + #define __NR_fchdir 6079 + #define __NR_fchmod 6089 + #define __NR_fchmodat 6262 ++#define __NR_fchmodat2 6452 + #define __NR_fchown 6091 + #define __NR_fchownat 6254 + #define __NR_fcntl 6070 +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h +index 0166371ee2..e5d7f91f48 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h +@@ -59,6 +59,7 @@ + #define __NR_fchdir 5079 + #define __NR_fchmod 5089 + #define __NR_fchmodat 5258 ++#define __NR_fchmodat2 5452 + #define __NR_fchown 5091 + #define __NR_fchownat 5250 + #define __NR_fcntl 5070 +diff --git a/sysdeps/unix/sysv/linux/nios2/arch-syscall.h b/sysdeps/unix/sysv/linux/nios2/arch-syscall.h +index 29a4cfa988..89950cc33a 100644 +--- a/sysdeps/unix/sysv/linux/nios2/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/nios2/arch-syscall.h +@@ -49,6 +49,7 @@ + #define __NR_fchdir 50 + #define __NR_fchmod 52 + #define __NR_fchmodat 53 ++#define __NR_fchmodat2 452 + #define __NR_fchown 55 + #define __NR_fchownat 54 + #define __NR_fcntl64 25 +diff --git a/sysdeps/unix/sysv/linux/or1k/arch-syscall.h b/sysdeps/unix/sysv/linux/or1k/arch-syscall.h +index f5a3729663..4c07d9c204 100644 +--- a/sysdeps/unix/sysv/linux/or1k/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/or1k/arch-syscall.h +@@ -49,6 +49,7 @@ + #define __NR_fchdir 50 + #define __NR_fchmod 52 + #define __NR_fchmodat 53 ++#define __NR_fchmodat2 452 + #define __NR_fchown 55 + #define __NR_fchownat 54 + #define __NR_fcntl64 25 +diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h b/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h +index 3a212a0269..64683bcb76 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h +@@ -66,6 +66,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 297 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchownat 289 + #define __NR_fcntl 55 +diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h b/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h +index 1038ead227..af1bbf32e8 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h +@@ -60,6 +60,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 297 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchownat 289 + #define __NR_fcntl 55 +diff --git a/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h b/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h +index 57b043ffb5..56e3088cbf 100644 +--- a/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h +@@ -43,6 +43,7 @@ + #define __NR_fchdir 50 + #define __NR_fchmod 52 + #define __NR_fchmodat 53 ++#define __NR_fchmodat2 452 + #define __NR_fchown 55 + #define __NR_fchownat 54 + #define __NR_fcntl64 25 +diff --git a/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h b/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h +index 1041a0f8c9..508161b47a 100644 +--- a/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h +@@ -44,6 +44,7 @@ + #define __NR_fchdir 50 + #define __NR_fchmod 52 + #define __NR_fchmodat 53 ++#define __NR_fchmodat2 452 + #define __NR_fchown 55 + #define __NR_fchownat 54 + #define __NR_fcntl 25 +diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h b/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h +index 70d4c6782e..1498ebf42e 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h +@@ -65,6 +65,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 299 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchown32 207 + #define __NR_fchownat 291 +diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h b/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h +index 65a8a9e316..624d71b56d 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h +@@ -56,6 +56,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 299 ++#define __NR_fchmodat2 452 + #define __NR_fchown 207 + #define __NR_fchownat 291 + #define __NR_fcntl 55 +diff --git a/sysdeps/unix/sysv/linux/sh/arch-syscall.h b/sysdeps/unix/sysv/linux/sh/arch-syscall.h +index 94aad0f119..37211f5f8c 100644 +--- a/sysdeps/unix/sysv/linux/sh/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sh/arch-syscall.h +@@ -64,6 +64,7 @@ + #define __NR_fchdir 133 + #define __NR_fchmod 94 + #define __NR_fchmodat 306 ++#define __NR_fchmodat2 452 + #define __NR_fchown 95 + #define __NR_fchown32 207 + #define __NR_fchownat 298 +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h b/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h +index d630306c75..8093abcc9c 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h +@@ -66,6 +66,7 @@ + #define __NR_fchdir 176 + #define __NR_fchmod 124 + #define __NR_fchmodat 295 ++#define __NR_fchmodat2 452 + #define __NR_fchown 123 + #define __NR_fchown32 32 + #define __NR_fchownat 287 +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h b/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h +index 930f29b4d2..d25ccfb571 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h +@@ -60,6 +60,7 @@ + #define __NR_fchdir 176 + #define __NR_fchmod 124 + #define __NR_fchmodat 295 ++#define __NR_fchmodat2 452 + #define __NR_fchown 123 + #define __NR_fchownat 287 + #define __NR_fcntl 92 +diff --git a/sysdeps/unix/sysv/linux/syscall-names.list b/sysdeps/unix/sysv/linux/syscall-names.list +index cf6f70ecd9..c3627fcd7f 100644 +--- a/sysdeps/unix/sysv/linux/syscall-names.list ++++ b/sysdeps/unix/sysv/linux/syscall-names.list +@@ -21,8 +21,8 @@ + # This file can list all potential system calls. The names are only + # used if the installed kernel headers also provide them. + +-# The list of system calls is current as of Linux 6.5. +-kernel 6.5 ++# The list of system calls is current as of Linux 6.6. ++kernel 6.6 + + FAST_atomic_update + FAST_cmpxchg +@@ -117,6 +117,7 @@ fanotify_mark + fchdir + fchmod + fchmodat ++fchmodat2 + fchown + fchown32 + fchownat +@@ -246,6 +247,7 @@ lsetxattr + lstat + lstat64 + madvise ++map_shadow_stack + mbind + membarrier + memfd_create +diff --git a/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h +index 58646cf0bd..5e4c9e901c 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h +@@ -59,6 +59,7 @@ + #define __NR_fchdir 81 + #define __NR_fchmod 91 + #define __NR_fchmodat 268 ++#define __NR_fchmodat2 452 + #define __NR_fchown 93 + #define __NR_fchownat 260 + #define __NR_fcntl 72 +@@ -153,6 +154,7 @@ + #define __NR_lsetxattr 189 + #define __NR_lstat 6 + #define __NR_madvise 28 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 237 + #define __NR_membarrier 324 + #define __NR_memfd_create 319 +diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +index 604bcdfa5b..dd5e196272 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +@@ -55,6 +55,7 @@ + #define __NR_fchdir 1073741905 + #define __NR_fchmod 1073741915 + #define __NR_fchmodat 1073742092 ++#define __NR_fchmodat2 1073742276 + #define __NR_fchown 1073741917 + #define __NR_fchownat 1073742084 + #define __NR_fcntl 1073741896 +-- +2.27.0 + diff --git a/Update-syscall-lists-for-Linux-6.7.patch b/Update-syscall-lists-for-Linux-6.7.patch new file mode 100644 index 0000000..9f9a93f --- /dev/null +++ b/Update-syscall-lists-for-Linux-6.7.patch @@ -0,0 +1,671 @@ +From 058c4723cbc37176497fa69148451c70d62d0e78 Mon Sep 17 00:00:00 2001 +From: Joseph Myers +Date: Wed, 17 Jan 2024 15:38:54 +0000 +Subject: [PATCH] Update syscall lists for Linux 6.7 + +Linux 6.7 adds the futex_requeue, futex_wait and futex_wake syscalls, +and enables map_shadow_stack for architectures previously missing it. +Update syscall-names.list and regenerate the arch-syscall.h headers +with build-many-glibcs.py update-syscalls. + +Tested with build-many-glibcs.py. + +(cherry picked from commit df11c05be91fda5ef490c76fd0d4a53821750116) +--- + sysdeps/unix/sysv/linux/aarch64/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/alpha/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/arc/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/arm/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/csky/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/hppa/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/i386/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/loongarch/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/m68k/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/microblaze/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/nios2/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/or1k/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/sh/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h | 4 ++++ + sysdeps/unix/sysv/linux/syscall-names.list | 7 +++++-- + sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h | 3 +++ + sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h | 3 +++ + 27 files changed, 107 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h b/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h +index 746991aa2f..1713897f85 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h +@@ -64,7 +64,10 @@ + #define __NR_fsync 82 + #define __NR_ftruncate 46 + #define __NR_futex 98 ++#define __NR_futex_requeue 456 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_get_mempolicy 236 + #define __NR_get_robust_list 100 + #define __NR_getcpu 168 +@@ -126,6 +129,7 @@ + #define __NR_lseek 62 + #define __NR_lsetxattr 6 + #define __NR_madvise 233 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 +diff --git a/sysdeps/unix/sysv/linux/alpha/arch-syscall.h b/sysdeps/unix/sysv/linux/alpha/arch-syscall.h +index 32efe51267..5457d2d8ae 100644 +--- a/sysdeps/unix/sysv/linux/alpha/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/alpha/arch-syscall.h +@@ -80,7 +80,10 @@ + #define __NR_fsync 95 + #define __NR_ftruncate 130 + #define __NR_futex 394 ++#define __NR_futex_requeue 566 ++#define __NR_futex_wait 565 + #define __NR_futex_waitv 559 ++#define __NR_futex_wake 564 + #define __NR_futimesat 454 + #define __NR_get_kernel_syms 309 + #define __NR_get_mempolicy 430 +@@ -156,6 +159,7 @@ + #define __NR_lstat 68 + #define __NR_lstat64 426 + #define __NR_madvise 75 ++#define __NR_map_shadow_stack 563 + #define __NR_mbind 429 + #define __NR_membarrier 517 + #define __NR_memfd_create 512 +diff --git a/sysdeps/unix/sysv/linux/arc/arch-syscall.h b/sysdeps/unix/sysv/linux/arc/arch-syscall.h +index 1d2879e877..a66471c83a 100644 +--- a/sysdeps/unix/sysv/linux/arc/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/arc/arch-syscall.h +@@ -66,8 +66,11 @@ + #define __NR_fstatfs64 44 + #define __NR_fsync 82 + #define __NR_ftruncate64 46 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_get_mempolicy 236 + #define __NR_get_robust_list 100 + #define __NR_getcpu 168 +@@ -130,6 +133,7 @@ + #define __NR_lremovexattr 15 + #define __NR_lsetxattr 6 + #define __NR_madvise 233 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 +diff --git a/sysdeps/unix/sysv/linux/arm/arch-syscall.h b/sysdeps/unix/sysv/linux/arm/arch-syscall.h +index 6711981e78..74a57f4520 100644 +--- a/sysdeps/unix/sysv/linux/arm/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/arm/arch-syscall.h +@@ -91,8 +91,11 @@ + #define __NR_ftruncate 93 + #define __NR_ftruncate64 194 + #define __NR_futex 240 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 326 + #define __NR_get_mempolicy 320 + #define __NR_get_robust_list 339 +@@ -170,6 +173,7 @@ + #define __NR_lstat 107 + #define __NR_lstat64 196 + #define __NR_madvise 220 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 319 + #define __NR_membarrier 389 + #define __NR_memfd_create 385 +diff --git a/sysdeps/unix/sysv/linux/csky/arch-syscall.h b/sysdeps/unix/sysv/linux/csky/arch-syscall.h +index 92d9a703ea..ba7632e018 100644 +--- a/sysdeps/unix/sysv/linux/csky/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/csky/arch-syscall.h +@@ -71,8 +71,11 @@ + #define __NR_fsync 82 + #define __NR_ftruncate64 46 + #define __NR_futex 98 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_get_mempolicy 236 + #define __NR_get_robust_list 100 + #define __NR_getcpu 168 +@@ -135,6 +138,7 @@ + #define __NR_lremovexattr 15 + #define __NR_lsetxattr 6 + #define __NR_madvise 233 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 +diff --git a/sysdeps/unix/sysv/linux/hppa/arch-syscall.h b/sysdeps/unix/sysv/linux/hppa/arch-syscall.h +index fbac124b70..483706de9b 100644 +--- a/sysdeps/unix/sysv/linux/hppa/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/hppa/arch-syscall.h +@@ -89,8 +89,11 @@ + #define __NR_ftruncate 93 + #define __NR_ftruncate64 200 + #define __NR_futex 210 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 279 + #define __NR_get_mempolicy 261 + #define __NR_get_robust_list 290 +@@ -161,6 +164,7 @@ + #define __NR_lstat 84 + #define __NR_lstat64 198 + #define __NR_madvise 119 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 260 + #define __NR_membarrier 343 + #define __NR_memfd_create 340 +diff --git a/sysdeps/unix/sysv/linux/i386/arch-syscall.h b/sysdeps/unix/sysv/linux/i386/arch-syscall.h +index 8961788a96..21c1308bb3 100644 +--- a/sysdeps/unix/sysv/linux/i386/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/i386/arch-syscall.h +@@ -95,8 +95,11 @@ + #define __NR_ftruncate 93 + #define __NR_ftruncate64 194 + #define __NR_futex 240 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 299 + #define __NR_get_kernel_syms 130 + #define __NR_get_mempolicy 275 +@@ -183,6 +186,7 @@ + #define __NR_lstat 107 + #define __NR_lstat64 196 + #define __NR_madvise 219 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 274 + #define __NR_membarrier 375 + #define __NR_memfd_create 356 +diff --git a/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h b/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h +index 3664e6f7c8..f6a434630e 100644 +--- a/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/loongarch/arch-syscall.h +@@ -63,7 +63,10 @@ + #define __NR_fsync 82 + #define __NR_ftruncate 46 + #define __NR_futex 98 ++#define __NR_futex_requeue 456 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_get_mempolicy 236 + #define __NR_get_robust_list 100 + #define __NR_getcpu 168 +@@ -124,6 +127,7 @@ + #define __NR_lseek 62 + #define __NR_lsetxattr 6 + #define __NR_madvise 233 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 +diff --git a/sysdeps/unix/sysv/linux/m68k/arch-syscall.h b/sysdeps/unix/sysv/linux/m68k/arch-syscall.h +index 2053d5d392..6d788e3440 100644 +--- a/sysdeps/unix/sysv/linux/m68k/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/m68k/arch-syscall.h +@@ -94,8 +94,11 @@ + #define __NR_ftruncate 93 + #define __NR_ftruncate64 194 + #define __NR_futex 235 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 292 + #define __NR_get_kernel_syms 130 + #define __NR_get_mempolicy 269 +@@ -177,6 +180,7 @@ + #define __NR_lstat 107 + #define __NR_lstat64 196 + #define __NR_madvise 238 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 268 + #define __NR_membarrier 374 + #define __NR_memfd_create 353 +diff --git a/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h b/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h +index 6865b1693c..91e1630f7b 100644 +--- a/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h +@@ -95,8 +95,11 @@ + #define __NR_ftruncate 93 + #define __NR_ftruncate64 194 + #define __NR_futex 240 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 299 + #define __NR_get_kernel_syms 130 + #define __NR_get_mempolicy 275 +@@ -183,6 +186,7 @@ + #define __NR_lstat 107 + #define __NR_lstat64 196 + #define __NR_madvise 219 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 274 + #define __NR_membarrier 390 + #define __NR_memfd_create 386 +diff --git a/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h +index b13ace8e1c..d75af97467 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h +@@ -94,8 +94,11 @@ + #define __NR_ftruncate 4093 + #define __NR_ftruncate64 4212 + #define __NR_futex 4238 ++#define __NR_futex_requeue 4456 + #define __NR_futex_time64 4422 ++#define __NR_futex_wait 4455 + #define __NR_futex_waitv 4449 ++#define __NR_futex_wake 4454 + #define __NR_futimesat 4292 + #define __NR_get_kernel_syms 4130 + #define __NR_get_mempolicy 4269 +@@ -173,6 +176,7 @@ + #define __NR_lstat 4107 + #define __NR_lstat64 4214 + #define __NR_madvise 4218 ++#define __NR_map_shadow_stack 4453 + #define __NR_mbind 4268 + #define __NR_membarrier 4358 + #define __NR_memfd_create 4354 +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h +index b7a7c0dfa7..05bf7d251d 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h +@@ -87,8 +87,11 @@ + #define __NR_fsync 6072 + #define __NR_ftruncate 6075 + #define __NR_futex 6194 ++#define __NR_futex_requeue 6456 + #define __NR_futex_time64 6422 ++#define __NR_futex_wait 6455 + #define __NR_futex_waitv 6449 ++#define __NR_futex_wake 6454 + #define __NR_futimesat 6255 + #define __NR_get_kernel_syms 6170 + #define __NR_get_mempolicy 6232 +@@ -159,6 +162,7 @@ + #define __NR_lsetxattr 6181 + #define __NR_lstat 6006 + #define __NR_madvise 6027 ++#define __NR_map_shadow_stack 6453 + #define __NR_mbind 6231 + #define __NR_membarrier 6322 + #define __NR_memfd_create 6318 +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h +index e5d7f91f48..41ffaf3255 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h +@@ -80,7 +80,10 @@ + #define __NR_fsync 5072 + #define __NR_ftruncate 5075 + #define __NR_futex 5194 ++#define __NR_futex_requeue 5456 ++#define __NR_futex_wait 5455 + #define __NR_futex_waitv 5449 ++#define __NR_futex_wake 5454 + #define __NR_futimesat 5251 + #define __NR_get_kernel_syms 5170 + #define __NR_get_mempolicy 5228 +@@ -150,6 +153,7 @@ + #define __NR_lsetxattr 5181 + #define __NR_lstat 5006 + #define __NR_madvise 5027 ++#define __NR_map_shadow_stack 5453 + #define __NR_mbind 5227 + #define __NR_membarrier 5318 + #define __NR_memfd_create 5314 +diff --git a/sysdeps/unix/sysv/linux/nios2/arch-syscall.h b/sysdeps/unix/sysv/linux/nios2/arch-syscall.h +index 89950cc33a..d94e7e9ee9 100644 +--- a/sysdeps/unix/sysv/linux/nios2/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/nios2/arch-syscall.h +@@ -70,8 +70,11 @@ + #define __NR_fsync 82 + #define __NR_ftruncate64 46 + #define __NR_futex 98 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_get_mempolicy 236 + #define __NR_get_robust_list 100 + #define __NR_getcpu 168 +@@ -134,6 +137,7 @@ + #define __NR_lremovexattr 15 + #define __NR_lsetxattr 6 + #define __NR_madvise 233 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 +diff --git a/sysdeps/unix/sysv/linux/or1k/arch-syscall.h b/sysdeps/unix/sysv/linux/or1k/arch-syscall.h +index 4c07d9c204..39295a6f94 100644 +--- a/sysdeps/unix/sysv/linux/or1k/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/or1k/arch-syscall.h +@@ -70,8 +70,11 @@ + #define __NR_fsync 82 + #define __NR_ftruncate64 46 + #define __NR_futex 98 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_get_mempolicy 236 + #define __NR_get_robust_list 100 + #define __NR_getcpu 168 +@@ -134,6 +137,7 @@ + #define __NR_lremovexattr 15 + #define __NR_lsetxattr 6 + #define __NR_madvise 233 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 +diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h b/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h +index 64683bcb76..b5522e8889 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h +@@ -93,8 +93,11 @@ + #define __NR_ftruncate 93 + #define __NR_ftruncate64 194 + #define __NR_futex 221 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 290 + #define __NR_get_kernel_syms 130 + #define __NR_get_mempolicy 260 +@@ -173,6 +176,7 @@ + #define __NR_lstat 107 + #define __NR_lstat64 196 + #define __NR_madvise 205 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 259 + #define __NR_membarrier 365 + #define __NR_memfd_create 360 +diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h b/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h +index af1bbf32e8..162d782ae6 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h +@@ -83,7 +83,10 @@ + #define __NR_ftime 35 + #define __NR_ftruncate 93 + #define __NR_futex 221 ++#define __NR_futex_requeue 456 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 290 + #define __NR_get_kernel_syms 130 + #define __NR_get_mempolicy 260 +@@ -160,6 +163,7 @@ + #define __NR_lsetxattr 210 + #define __NR_lstat 107 + #define __NR_madvise 205 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 259 + #define __NR_membarrier 365 + #define __NR_memfd_create 360 +diff --git a/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h b/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h +index 56e3088cbf..013222e5de 100644 +--- a/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h +@@ -61,8 +61,11 @@ + #define __NR_fstatfs64 44 + #define __NR_fsync 82 + #define __NR_ftruncate64 46 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_get_mempolicy 236 + #define __NR_get_robust_list 100 + #define __NR_getcpu 168 +@@ -121,6 +124,7 @@ + #define __NR_lremovexattr 15 + #define __NR_lsetxattr 6 + #define __NR_madvise 233 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 +diff --git a/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h b/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h +index 508161b47a..d03dad8200 100644 +--- a/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h +@@ -64,7 +64,10 @@ + #define __NR_fsync 82 + #define __NR_ftruncate 46 + #define __NR_futex 98 ++#define __NR_futex_requeue 456 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_get_mempolicy 236 + #define __NR_get_robust_list 100 + #define __NR_getcpu 168 +@@ -126,6 +129,7 @@ + #define __NR_lseek 62 + #define __NR_lsetxattr 6 + #define __NR_madvise 233 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 +diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h b/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h +index 1498ebf42e..98e6b68b31 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h +@@ -92,8 +92,11 @@ + #define __NR_ftruncate 93 + #define __NR_ftruncate64 194 + #define __NR_futex 238 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 292 + #define __NR_get_kernel_syms 130 + #define __NR_get_mempolicy 269 +@@ -177,6 +180,7 @@ + #define __NR_lstat 107 + #define __NR_lstat64 196 + #define __NR_madvise 219 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 268 + #define __NR_membarrier 356 + #define __NR_memfd_create 350 +diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h b/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h +index 624d71b56d..951fbd7c97 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h +@@ -78,7 +78,10 @@ + #define __NR_fsync 118 + #define __NR_ftruncate 93 + #define __NR_futex 238 ++#define __NR_futex_requeue 456 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 292 + #define __NR_get_kernel_syms 130 + #define __NR_get_mempolicy 269 +@@ -151,6 +154,7 @@ + #define __NR_lsetxattr 225 + #define __NR_lstat 107 + #define __NR_madvise 219 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 268 + #define __NR_membarrier 356 + #define __NR_memfd_create 350 +diff --git a/sysdeps/unix/sysv/linux/sh/arch-syscall.h b/sysdeps/unix/sysv/linux/sh/arch-syscall.h +index 37211f5f8c..6b4418bcae 100644 +--- a/sysdeps/unix/sysv/linux/sh/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sh/arch-syscall.h +@@ -91,8 +91,11 @@ + #define __NR_ftruncate 93 + #define __NR_ftruncate64 194 + #define __NR_futex 240 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 299 + #define __NR_get_mempolicy 275 + #define __NR_get_robust_list 312 +@@ -170,6 +173,7 @@ + #define __NR_lstat 107 + #define __NR_lstat64 196 + #define __NR_madvise 219 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 274 + #define __NR_membarrier 378 + #define __NR_memfd_create 374 +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h b/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h +index 8093abcc9c..4f9460b1a3 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h +@@ -93,8 +93,11 @@ + #define __NR_ftruncate 130 + #define __NR_ftruncate64 84 + #define __NR_futex 142 ++#define __NR_futex_requeue 456 + #define __NR_futex_time64 422 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 288 + #define __NR_get_kernel_syms 223 + #define __NR_get_mempolicy 304 +@@ -175,6 +178,7 @@ + #define __NR_lstat 40 + #define __NR_lstat64 132 + #define __NR_madvise 75 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 303 + #define __NR_membarrier 351 + #define __NR_memfd_create 348 +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h b/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h +index d25ccfb571..129ce50646 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h +@@ -84,7 +84,10 @@ + #define __NR_fsync 95 + #define __NR_ftruncate 130 + #define __NR_futex 142 ++#define __NR_futex_requeue 456 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 288 + #define __NR_get_kernel_syms 223 + #define __NR_get_mempolicy 304 +@@ -158,6 +161,7 @@ + #define __NR_lstat 40 + #define __NR_lstat64 132 + #define __NR_madvise 75 ++#define __NR_map_shadow_stack 453 + #define __NR_mbind 303 + #define __NR_membarrier 351 + #define __NR_memfd_create 348 +diff --git a/sysdeps/unix/sysv/linux/syscall-names.list b/sysdeps/unix/sysv/linux/syscall-names.list +index c3627fcd7f..3ce7f481d2 100644 +--- a/sysdeps/unix/sysv/linux/syscall-names.list ++++ b/sysdeps/unix/sysv/linux/syscall-names.list +@@ -21,8 +21,8 @@ + # This file can list all potential system calls. The names are only + # used if the installed kernel headers also provide them. + +-# The list of system calls is current as of Linux 6.6. +-kernel 6.6 ++# The list of system calls is current as of Linux 6.7. ++kernel 6.7 + + FAST_atomic_update + FAST_cmpxchg +@@ -147,8 +147,11 @@ ftime + ftruncate + ftruncate64 + futex ++futex_requeue + futex_time64 ++futex_wait + futex_waitv ++futex_wake + futimesat + get_kernel_syms + get_mempolicy +diff --git a/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h +index 5e4c9e901c..4fa5b942c5 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h +@@ -80,7 +80,10 @@ + #define __NR_fsync 74 + #define __NR_ftruncate 77 + #define __NR_futex 202 ++#define __NR_futex_requeue 456 ++#define __NR_futex_wait 455 + #define __NR_futex_waitv 449 ++#define __NR_futex_wake 454 + #define __NR_futimesat 261 + #define __NR_get_kernel_syms 177 + #define __NR_get_mempolicy 239 +diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +index dd5e196272..b9db8bc5be 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +@@ -76,7 +76,10 @@ + #define __NR_fsync 1073741898 + #define __NR_ftruncate 1073741901 + #define __NR_futex 1073742026 ++#define __NR_futex_requeue 1073742280 ++#define __NR_futex_wait 1073742279 + #define __NR_futex_waitv 1073742273 ++#define __NR_futex_wake 1073742278 + #define __NR_futimesat 1073742085 + #define __NR_get_mempolicy 1073742063 + #define __NR_get_robust_list 1073742355 +-- +2.27.0 + diff --git a/arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch b/arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch new file mode 100644 index 0000000..cf400cd --- /dev/null +++ b/arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch @@ -0,0 +1,40 @@ +From b09073e63138ce409bf6426cf820eeaa0d28ca74 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Mon, 5 Feb 2024 16:10:24 +0000 +Subject: [PATCH] arm: Remove wrong ldr from _dl_start_user (BZ 31339) + +The commit 49d877a80b29d3002887b084eec6676d9f5fec18 (arm: Remove +_dl_skip_args usage) removed the _SKIP_ARGS literal, which was +previously loader to r4 on loader _start. However, the cleanup did not +remove the following 'ldr r4, [sl, r4]' on _dl_start_user, used to check +to skip the arguments after ld self-relocations. + +In my testing, the kernel initially set r4 to 0, which makes the +ldr instruction just read the _GLOBAL_OFFSET_TABLE_. However, since r4 +is a callee-saved register; a different runtime might not zero +initialize it and thus trigger an invalid memory access. + +Checked on arm-linux-gnu. + +Reported-by: Adrian Ratiu +Reviewed-by: Szabolcs Nagy +(cherry picked from commit 1e25112dc0cb2515d27d8d178b1ecce778a9d37a) +--- + sysdeps/arm/dl-machine.h | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/sysdeps/arm/dl-machine.h b/sysdeps/arm/dl-machine.h +index d720c02c96..77dc7415e9 100644 +--- a/sysdeps/arm/dl-machine.h ++++ b/sysdeps/arm/dl-machine.h +@@ -137,7 +137,6 @@ _start:\n\ + _dl_start_user:\n\ + adr r6, .L_GET_GOT\n\ + add sl, sl, r6\n\ +- ldr r4, [sl, r4]\n\ + @ save the entry point in another register\n\ + mov r6, r0\n\ + @ get the original arg count\n\ +-- +2.33.0 + diff --git a/arm-Use-_dl_find_object-on-__gnu_Unwind_Find_exidx-B.patch b/arm-Use-_dl_find_object-on-__gnu_Unwind_Find_exidx-B.patch new file mode 100644 index 0000000..6ad8445 --- /dev/null +++ b/arm-Use-_dl_find_object-on-__gnu_Unwind_Find_exidx-B.patch @@ -0,0 +1,202 @@ +From 40aa3ade66cbaf5a9be9e68c525f04ab193ceea1 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Thu, 22 Feb 2024 10:42:55 -0300 +Subject: [PATCH] arm: Use _dl_find_object on __gnu_Unwind_Find_exidx (BZ + 31405) + +Instead of __dl_iterate_phdr. On ARM dlfo_eh_frame/dlfo_eh_count +maps to PT_ARM_EXIDX vaddr start / length. + +On a Neoverse N1 machine with 160 cores, the following program: + + $ cat test.c + #include + #include + #include + + enum { + niter = 1024, + ntimes = 128, + }; + + static void * + tf (void *arg) + { + int a = (int) arg; + + for (int i = 0; i < niter; i++) + { + void *p[ntimes]; + for (int j = 0; j < ntimes; j++) + p[j] = malloc (a * 128); + for (int j = 0; j < ntimes; j++) + free (p[j]); + } + + return NULL; + } + + int main (int argc, char *argv[]) + { + enum { nthreads = 16 }; + pthread_t t[nthreads]; + + for (int i = 0; i < nthreads; i ++) + assert (pthread_create (&t[i], NULL, tf, (void *) i) == 0); + + for (int i = 0; i < nthreads; i++) + { + void *r; + assert (pthread_join (t[i], &r) == 0); + assert (r == NULL); + } + + return 0; + } + $ arm-linux-gnueabihf-gcc -fsanitize=address test.c -o test + +Improves from ~15s to 0.5s. + +Checked on arm-linux-gnueabihf. + +(cherry picked from commit f4c142bb9fe6b02c0af8cfca8a920091e2dba44b) +--- + elf/Makefile | 2 +- + elf/dl-find_object.c | 5 ++-- + include/dlfcn.h | 3 ++- + sysdeps/arm/find_exidx.c | 57 +++------------------------------------- + 4 files changed, 10 insertions(+), 57 deletions(-) + +diff --git a/elf/Makefile b/elf/Makefile +index ff14e80900..59b6ca73c7 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -34,6 +34,7 @@ routines = \ + dl-addr \ + dl-addr-obj \ + dl-early_allocate \ ++ dl-find_object \ + dl-iteratephdr \ + dl-libc \ + dl-origin \ +@@ -60,7 +61,6 @@ dl-routines = \ + dl-deps \ + dl-exception \ + dl-execstack \ +- dl-find_object \ + dl-fini \ + dl-init \ + dl-load \ +diff --git a/elf/dl-find_object.c b/elf/dl-find_object.c +index c1390ee10f..5885655026 100644 +--- a/elf/dl-find_object.c ++++ b/elf/dl-find_object.c +@@ -356,7 +356,7 @@ _dlfo_lookup (uintptr_t pc, struct dl_find_object_internal *first1, size_t size) + } + + int +-_dl_find_object (void *pc1, struct dl_find_object *result) ++__dl_find_object (void *pc1, struct dl_find_object *result) + { + uintptr_t pc = (uintptr_t) pc1; + +@@ -463,7 +463,8 @@ _dl_find_object (void *pc1, struct dl_find_object *result) + return -1; + } /* Transaction retry loop. */ + } +-rtld_hidden_def (_dl_find_object) ++hidden_def (__dl_find_object) ++weak_alias (__dl_find_object, _dl_find_object) + + /* _dlfo_process_initial is called twice. First to compute the array + sizes from the initial loaded mappings. Second to fill in the +diff --git a/include/dlfcn.h b/include/dlfcn.h +index ae25f05303..f3691439cc 100644 +--- a/include/dlfcn.h ++++ b/include/dlfcn.h +@@ -4,7 +4,8 @@ + #include /* For ElfW. */ + #include + +-rtld_hidden_proto (_dl_find_object) ++extern __typeof (_dl_find_object) __dl_find_object; ++hidden_proto (__dl_find_object) + + /* Internally used flag. */ + #define __RTLD_DLOPEN 0x80000000 +diff --git a/sysdeps/arm/find_exidx.c b/sysdeps/arm/find_exidx.c +index e4ee106fb8..eb56a50dc0 100644 +--- a/sysdeps/arm/find_exidx.c ++++ b/sysdeps/arm/find_exidx.c +@@ -16,64 +16,15 @@ + . */ + + #include +-#include +- +-struct unw_eh_callback_data +-{ +- _Unwind_Ptr pc; +- _Unwind_Ptr exidx_start; +- int exidx_len; +-}; +- +- +-/* Callback to determines if the PC lies within an object, and remember the +- location of the exception index table if it does. */ +- +-static int +-find_exidx_callback (struct dl_phdr_info * info, size_t size, void * ptr) +-{ +- struct unw_eh_callback_data * data; +- const ElfW(Phdr) *phdr; +- int i; +- int match; +- _Unwind_Ptr load_base; +- +- data = (struct unw_eh_callback_data *) ptr; +- load_base = info->dlpi_addr; +- phdr = info->dlpi_phdr; +- +- match = 0; +- for (i = info->dlpi_phnum; i > 0; i--, phdr++) +- { +- if (phdr->p_type == PT_LOAD) +- { +- _Unwind_Ptr vaddr = phdr->p_vaddr + load_base; +- if (data->pc >= vaddr && data->pc < vaddr + phdr->p_memsz) +- match = 1; +- } +- else if (phdr->p_type == PT_ARM_EXIDX) +- { +- data->exidx_start = (_Unwind_Ptr) (phdr->p_vaddr + load_base); +- data->exidx_len = phdr->p_memsz; +- } +- } +- +- return match; +-} +- + + /* Find the exception index table containing PC. */ + + _Unwind_Ptr + __gnu_Unwind_Find_exidx (_Unwind_Ptr pc, int * pcount) + { +- struct unw_eh_callback_data data; +- +- data.pc = pc; +- data.exidx_start = 0; +- if (__dl_iterate_phdr (find_exidx_callback, &data) <= 0) ++ struct dl_find_object data; ++ if (__dl_find_object ((void *) pc, &data) < 0) + return 0; +- +- *pcount = data.exidx_len / 8; +- return data.exidx_start; ++ *pcount = data.dlfo_eh_count; ++ return (_Unwind_Ptr) data.dlfo_eh_frame; + } +-- +2.27.0 + diff --git a/backport-assert-Add-test-for-CVE-2025-0395.patch b/backport-assert-Add-test-for-CVE-2025-0395.patch index 39b184b..2670800 100644 --- a/backport-assert-Add-test-for-CVE-2025-0395.patch +++ b/backport-assert-Add-test-for-CVE-2025-0395.patch @@ -128,5 +128,5 @@ index 0000000000..102cb0078d +#define TEST_FUNCTION_ARGV do_test +#include -- -2.39.3 +2.27.0 diff --git a/backport-elf-Handle-non-directory-name-in-search-path-BZ-3103.patch b/backport-elf-Handle-non-directory-name-in-search-path-BZ-3103.patch new file mode 100644 index 0000000..8385aac --- /dev/null +++ b/backport-elf-Handle-non-directory-name-in-search-path-BZ-3103.patch @@ -0,0 +1,220 @@ +From a8dcffb30680d6db5704f9ce2fc30621ceb454e7 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Fri, 10 Nov 2023 10:43:12 -0300 +Subject: [PATCH] elf: Handle non-directory name in search path (BZ 31035) + +The open_path stops if a relative path in search path contains a +component that is a non directory (for instance, if the component +is an existing file). + +For instance: + + $ cat > lib.c < void foo (void) {} + > EOF + $ gcc -shared -fPIC -o lib.so lib.c + $ cat > main.c < +--- + elf/Makefile | 12 ++++++ + elf/dl-load.c | 9 ++-- + elf/tst-non-directory-mod.c | 1 + + elf/tst-non-directory-path.c | 7 ++++ + elf/tst-non-directory-path.sh | 77 +++++++++++++++++++++++++++++++++++ + 5 files changed, 103 insertions(+), 3 deletions(-) + create mode 100644 elf/tst-non-directory-mod.c + create mode 100644 elf/tst-non-directory-path.c + create mode 100755 elf/tst-non-directory-path.sh + +diff --git a/elf/Makefile b/elf/Makefile +index 8cd01845..00ac7430 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -427,6 +427,7 @@ tests += \ + tst-nodelete-opened \ + tst-nodelete2 \ + tst-noload \ ++ tst-non-directory-path \ + tst-null-argv \ + tst-p_align1 \ + tst-p_align2 \ +@@ -855,6 +856,7 @@ modules-names += \ + tst-nodelete-dlclose-plugin \ + tst-nodelete-opened-lib \ + tst-nodelete2mod \ ++ tst-non-directory-mod \ + tst-null-argv-lib \ + tst-p_alignmod-base \ + tst-p_alignmod3 \ +@@ -1102,6 +1104,7 @@ ifeq (yes,$(build-shared)) + ifeq ($(run-built-tests),yes) + tests-special += \ + $(objpfx)argv0test.out \ ++ $(objpfx)tst-non-directory-path.out \ + $(objpfx)tst-pathopt.out \ + $(objpfx)tst-rtld-help.out \ + $(objpfx)tst-rtld-load-self.out \ +@@ -2990,3 +2993,12 @@ LDFLAGS-tst-dlclose-lazy-mod1.so = -Wl,-z,lazy,--no-as-needed + $(objpfx)tst-dlclose-lazy-mod1.so: $(objpfx)tst-dlclose-lazy-mod2.so + $(objpfx)tst-dlclose-lazy.out: \ + $(objpfx)tst-dlclose-lazy-mod1.so $(objpfx)tst-dlclose-lazy-mod2.so ++ ++LDFLAGS-tst-non-directory-mod.so = -Wl,-soname,tst-non-directory-mod.so ++$(objpfx)tst-non-directory-path: $(objpfx)tst-non-directory-mod.so ++$(objpfx)tst-non-directory-path.out: tst-non-directory-path.sh \ ++ $(objpfx)tst-non-directory-path ++ $(SHELL) tst-non-directory-path.sh $(objpfx)ld.so $(objpfx)tst-non-directory-path \ ++ '$(test-wrapper-env)' '$(run_program_env)' \ ++ '$(rpath-link)' $(objpfx) > $@; \ ++ $(evaluate-test) +diff --git a/elf/dl-load.c b/elf/dl-load.c +index 9a87fda9..7caa405b 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1810,7 +1810,6 @@ open_path (const char *name, size_t namelen, int mode, + size_t cnt; + char *edp; + int here_any = 0; +- int err; + + /* If we are debugging the search for libraries print the path + now if it hasn't happened now. */ +@@ -1911,8 +1910,12 @@ open_path (const char *name, size_t namelen, int mode, + return -1; + } + } +- if (here_any && (err = errno) != ENOENT && err != EACCES) +- /* The file exists and is readable, but something went wrong. */ ++ ++ /* Continue the search if the file does not exist (ENOENT), if it can ++ not be accessed (EACCES), or if the a component in the path is not a ++ directory (for instance, if the component is a existing file meaning ++ essentially that the pathname is invalid - ENOTDIR). */ ++ if (here_any && errno != ENOENT && errno != EACCES && errno != ENOTDIR) + return -1; + + /* Remember whether we found anything. */ +diff --git a/elf/tst-non-directory-mod.c b/elf/tst-non-directory-mod.c +new file mode 100644 +index 00000000..aa6d4c27 +--- /dev/null ++++ b/elf/tst-non-directory-mod.c +@@ -0,0 +1 @@ ++void foo (void) {} +diff --git a/elf/tst-non-directory-path.c b/elf/tst-non-directory-path.c +new file mode 100644 +index 00000000..1016a97a +--- /dev/null ++++ b/elf/tst-non-directory-path.c +@@ -0,0 +1,7 @@ ++extern void foo (void); ++ ++int main (int argc, char *argv[]) ++{ ++ foo (); ++ return 0; ++} +diff --git a/elf/tst-non-directory-path.sh b/elf/tst-non-directory-path.sh +new file mode 100755 +index 00000000..e804a445 +--- /dev/null ++++ b/elf/tst-non-directory-path.sh +@@ -0,0 +1,77 @@ ++#!/bin/sh ++# Test if library search path does not terminates with non-directory ++# components. ++# Copyright (C) 2023 Free Software Foundation, Inc. ++# This file is part of the GNU C Library. ++# ++# The GNU C Library is free software; you can redistribute it and/or ++# modify it under the terms of the GNU Lesser General Public ++# License as published by the Free Software Foundation; either ++# version 2.1 of the License, or (at your option) any later version. ++# ++# The GNU C Library is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# Lesser General Public License for more details. ++# ++# You should have received a copy of the GNU Lesser General Public ++# License along with the GNU C Library; if not, see ++# . ++ ++set -e ++ ++rtld=$1 ++test_program=$2 ++test_wrapper_env=$3 ++run_program_env=$4 ++# Remove the last space to allow concatenate extra paths. ++library_path=$(echo $5) ++objpfx=$6 ++ ++test_binary=$(basename ${test_program}) ++test_libpath=${test_binary}-x ++ ++mkdir -p ${objpfx}/${test_libpath} ++mv ${objpfx}/tst-non-directory-mod.so ${objpfx}/${test_libpath} ++ ++# Check with absolute paths. ++${test_wrapper_env} \ ++${run_program_env} \ ++$rtld --inhibit-cache \ ++ --library-path \ ++ "$library_path":"${objpfx}"tst-non-directory-invalid:"${objpfx}"${test_libpath} \ ++ $test_program 2>&1 && rc=0 || rc=$? ++ ++${test_wrapper_env} \ ++${run_program_env} \ ++$rtld --inhibit-cache \ ++ --library-path \ ++ "$library_path":"${objpfx}"${test_binary}:"${objpfx}"${test_libpath} \ ++ $test_program 2>&1 && rc=0 || rc=$? ++ ++# Relative paths along with non-existent path in search list. ++cd "$objpfx" ++${test_wrapper_env} \ ++${run_program_env} \ ++$rtld --inhibit-cache \ ++ --library-path \ ++ "$library_path":../elf/tst-non-directory-invalid::../elf/${test_libpath} \ ++ $test_program 2>&1 && rc=0 || rc=$? ++ ++# Relative paths along with component in the path is not a directory in search list. ++${test_wrapper_env} \ ++${run_program_env} \ ++$rtld --inhibit-cache \ ++ --library-path \ ++ "$library_path":../elf/${test_binary}:../elf/${test_libpath} \ ++ $test_program 2>&1 && rc=0 || rc=$? ++ ++# Relative paths along with non-existent path and a component in the path that is not a directory. ++${test_wrapper_env} \ ++${run_program_env} \ ++$rtld --inhibit-cache \ ++ --library-path \ ++ "$library_path":../elf/tst-non-directory-invalid:../elf/${test_binary}:../elf/${test_libpath} \ ++ $test_program 2>&1 && rc=0 || rc=$? ++ ++exit $rc +-- +2.27.0 + diff --git a/backport-elf-Handle-static-PIE-with-non-zero-load-address-BZ-.patch b/backport-elf-Handle-static-PIE-with-non-zero-load-address-BZ-.patch new file mode 100644 index 0000000..e926107 --- /dev/null +++ b/backport-elf-Handle-static-PIE-with-non-zero-load-address-BZ-.patch @@ -0,0 +1,306 @@ +From e7b553272196e6175b8a15f807cb59217ba2843a Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Tue, 29 Oct 2024 06:01:14 +0800 +Subject: [PATCH] elf: Handle static PIE with non-zero load address [BZ #31799] + +For a static PIE with non-zero load address, its PT_DYNAMIC segment +entries contain the relocated values for the load address in static PIE. +Since static PIE usually doesn't have PT_PHDR segment, use p_vaddr of +the PT_LOAD segment with offset == 0 as the load address in static PIE +and adjust the entries of PT_DYNAMIC segment in static PIE by properly +setting the l_addr field for static PIE. This fixes BZ #31799. + +Signed-off-by: H.J. Lu +Reviewed-by: Noah Goldstein +--- + configure | 74 ++++++++++++++++++++++++++++++++++++ + configure.ac | 36 ++++++++++++++++++ + elf/Makefile | 20 ++++++++++ + elf/dl-reloc-static-pie.c | 30 +++++++++++---- + elf/tst-pie-address-static.c | 19 +++++++++ + elf/tst-pie-address.c | 28 ++++++++++++++ + 6 files changed, 200 insertions(+), 7 deletions(-) + create mode 100644 elf/tst-pie-address-static.c + create mode 100644 elf/tst-pie-address.c + +diff --git a/configure b/configure +index 4ef38714..75f1a5fd 100755 +--- a/configure ++++ b/configure +@@ -7925,6 +7925,80 @@ printf "%s\n" "$libc_cv_cc_pie_default" >&6; } + config_vars="$config_vars + cc-pie-default = $libc_cv_cc_pie_default" + ++# Get Position Dependent Executable (PDE) load address to be used to ++# load static Position Independent Executable (PIE) at a known working ++# non-zero load address. This is only used by glibc tests to verify ++# that PIE and static PIE with non-zero load address work correctly. ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking PDE load address" >&5 ++printf %s "checking PDE load address... " >&6; } ++if test ${libc_cv_pde_load_address+y} ++then : ++ printf %s "(cached) " >&6 ++else case e in #( ++ e) cat > conftest.S <&5 2>&5; then ++ # Get the load address of the first PT_LOAD segment. ++ libc_cv_pde_load_address=$(LC_ALL=C $READELF -Wl conftest \ ++ | $AWK '/LOAD/ { print $3; exit 0; }') ++else ++ as_fn_error $? "${CC-cc} can not create PDE" "$LINENO" 5 ++fi ++rm -f conftest* ;; ++esac ++fi ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $libc_cv_pde_load_address" >&5 ++printf "%s\n" "$libc_cv_pde_load_address" >&6; } ++config_vars="$config_vars ++pde-load-address = $libc_cv_pde_load_address" ++ ++# Get the linker command-line option to load executable at a non-zero ++# load address. This is only used by glibc tests to verify that PIE and ++# static PIE with non-zero load address work correctly. ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for linker that supports -Ttext-segment=$libc_cv_pde_load_address" >&5 ++printf %s "checking for linker that supports -Ttext-segment=$libc_cv_pde_load_address... " >&6; } ++libc_linker_feature=no ++cat > conftest.c <&5 ++ (eval $ac_try) 2>&5 ++ ac_status=$? ++ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 ++ test $ac_status = 0; }; } ++then ++ if ${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS $no_ssp -Wl,-Ttext-segment=$libc_cv_pde_load_address -nostdlib \ ++ -nostartfiles -fPIC -shared -o conftest.so conftest.c 2>&1 \ ++ | grep "warning: -Ttext-segment=$libc_cv_pde_load_address ignored" > /dev/null 2>&1; then ++ true ++ else ++ libc_linker_feature=yes ++ fi ++fi ++rm -f conftest* ++if test $libc_linker_feature = yes; then ++ libc_cv_load_address_ldflag=-Wl,-Ttext-segment ++else ++ libc_cv_load_address_ldflag= ++fi ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $libc_linker_feature" >&5 ++printf "%s\n" "$libc_linker_feature" >&6; } ++config_vars="$config_vars ++load-address-ldflag = $libc_cv_load_address_ldflag" ++ + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if we can build programs as PIE" >&5 + printf %s "checking if we can build programs as PIE... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +diff --git a/configure.ac b/configure.ac +index 12d1f50b..14391840 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1778,6 +1778,42 @@ fi + rm -f conftest.*]) + LIBC_CONFIG_VAR([cc-pie-default], [$libc_cv_cc_pie_default]) + ++# Get Position Dependent Executable (PDE) load address to be used to ++# load static Position Independent Executable (PIE) at a known working ++# non-zero load address. This is only used by glibc tests to verify ++# that PIE and static PIE with non-zero load address work correctly. ++AC_CACHE_CHECK([PDE load address], ++ libc_cv_pde_load_address, [dnl ++cat > conftest.S <&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then ++ # Get the load address of the first PT_LOAD segment. ++ libc_cv_pde_load_address=$(LC_ALL=C $READELF -Wl conftest \ ++ | $AWK '/LOAD/ { print $3; exit 0; }') ++else ++ AC_MSG_ERROR([${CC-cc} can not create PDE]) ++fi ++rm -f conftest*]) ++LIBC_CONFIG_VAR([pde-load-address], [$libc_cv_pde_load_address]) ++ ++# Get the linker command-line option to load executable at a non-zero ++# load address. This is only used by glibc tests to verify that PIE and ++# static PIE with non-zero load address work correctly. ++LIBC_LINKER_FEATURE([-Ttext-segment=$libc_cv_pde_load_address], ++ [-Wl,-Ttext-segment=$libc_cv_pde_load_address], ++ [libc_cv_load_address_ldflag=-Wl,-Ttext-segment], ++ [libc_cv_load_address_ldflag=]) ++LIBC_CONFIG_VAR([load-address-ldflag], [$libc_cv_load_address_ldflag]) ++ + AC_MSG_CHECKING(if we can build programs as PIE) + AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#ifdef PIE_UNSUPPORTED + # error PIE is not supported +diff --git a/elf/Makefile b/elf/Makefile +index 383c1e23..82e7ef18 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -1012,6 +1012,25 @@ modules-names += tst-piemod1 + tests += tst-pie1 tst-pie2 tst-dlopen-pie tst-dlopen-tlsmodid-pie \ + tst-dlopen-self-pie + tests-pie += tst-pie1 tst-pie2 tst-dlopen-tlsmodid-pie tst-dlopen-self-pie ++ifneq (,$(load-address-ldflag)) ++tests += \ ++ tst-pie-address \ ++ # tests ++tests-pie += \ ++ tst-pie-address \ ++ # tests-pie ++LDFLAGS-tst-pie-address += $(load-address-ldflag)=$(pde-load-address) ++ifeq (yes,$(enable-static-pie)) ++tests += \ ++ tst-pie-address-static \ ++ # tests ++tests-static += \ ++ tst-pie-address-static \ ++ # tests-static ++LDFLAGS-tst-pie-address-static += \ ++ $(load-address-ldflag)=$(pde-load-address) ++endif ++endif + ifeq (yes,$(have-protected-data)) + tests += vismain + tests-pie += vismain +@@ -1875,6 +1894,7 @@ $(objpfx)tst-array5-static-cmp.out: tst-array5-static.exp \ + + CFLAGS-tst-pie1.c += $(pie-ccflag) + CFLAGS-tst-pie2.c += $(pie-ccflag) ++CFLAGS-tst-pie-address.c += $(pie-ccflag) + + $(objpfx)tst-piemod1.so: $(libsupport) + $(objpfx)tst-pie1: $(objpfx)tst-piemod1.so +diff --git a/elf/dl-reloc-static-pie.c b/elf/dl-reloc-static-pie.c +index a143ee5a..2de8a59f 100644 +--- a/elf/dl-reloc-static-pie.c ++++ b/elf/dl-reloc-static-pie.c +@@ -37,21 +37,37 @@ _dl_relocate_static_pie (void) + { + struct link_map *main_map = _dl_get_dl_main_map (); + +- /* Figure out the run-time load address of static PIE. */ +- main_map->l_addr = elf_machine_load_address (); +- +- /* Read our own dynamic section and fill in the info array. */ +- main_map->l_ld = ((void *) main_map->l_addr + elf_machine_dynamic ()); +- ++ /* NB: elf_machine_load_address () returns the run-time load address ++ of static PIE. The l_addr field contains the difference between the ++ link-time load address in the ELF file and the run-time load address ++ in memory. We must subtract the link-time load address of static PIE, ++ which can be non-zero, when computing the l_addr field. Since static ++ PIE usually doesn't have PT_PHDR segment, use p_vaddr of the PT_LOAD ++ segment with offset == 0 as the load address of static PIE. */ ++ ElfW(Addr) file_p_vaddr = 0; + const ElfW(Phdr) *ph, *phdr = GL(dl_phdr); + size_t phnum = GL(dl_phnum); + for (ph = phdr; ph < &phdr[phnum]; ++ph) +- if (ph->p_type == PT_DYNAMIC) ++ switch (ph->p_type) + { ++ case PT_LOAD: ++ if (ph->p_offset == 0) ++ file_p_vaddr = ph->p_vaddr; ++ break; ++ case PT_DYNAMIC: + main_map->l_ld_readonly = (ph->p_flags & PF_W) == 0; + break; ++ default: ++ break; + } + ++ /* Figure out the run-time load address of static PIE. */ ++ ElfW(Addr) l_addr = elf_machine_load_address (); ++ main_map->l_addr = l_addr - file_p_vaddr; ++ ++ /* Read our own dynamic section and fill in the info array. */ ++ main_map->l_ld = ((void *) l_addr + elf_machine_dynamic ()); ++ + elf_get_dynamic_info (main_map, false, true); + + # ifdef ELF_MACHINE_BEFORE_RTLD_RELOC +diff --git a/elf/tst-pie-address-static.c b/elf/tst-pie-address-static.c +new file mode 100644 +index 00000000..be2831e9 +--- /dev/null ++++ b/elf/tst-pie-address-static.c +@@ -0,0 +1,19 @@ ++/* Test static PIE with non-zero load address. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include "tst-pie-address.c" +diff --git a/elf/tst-pie-address.c b/elf/tst-pie-address.c +new file mode 100644 +index 00000000..aa1ca0a9 +--- /dev/null ++++ b/elf/tst-pie-address.c +@@ -0,0 +1,28 @@ ++/* Test PIE with non-zero load address. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++static int ++do_test (void) ++{ ++ printf ("Hello\n"); ++ return 0; ++} ++ ++#include +-- +2.27.0 + diff --git a/backport-elf-Introduce-_dl_relocate_object_no_relro.patch b/backport-elf-Introduce-_dl_relocate_object_no_relro.patch new file mode 100644 index 0000000..bf7dd93 --- /dev/null +++ b/backport-elf-Introduce-_dl_relocate_object_no_relro.patch @@ -0,0 +1,89 @@ +From f2326c2ec0a0a8db7bc7f4db8cce3002768fc3b6 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 6 Nov 2024 10:33:44 +0100 +Subject: [PATCH] elf: Introduce _dl_relocate_object_no_relro + +And make _dl_protect_relro apply RELRO conditionally. + +Reviewed-by: DJ Delorie +--- + elf/dl-reloc.c | 24 ++++++++++++++---------- + sysdeps/generic/ldsodefs.h | 7 +++++++ + 2 files changed, 21 insertions(+), 10 deletions(-) + +diff --git a/elf/dl-reloc.c b/elf/dl-reloc.c +index 1d558c1e..84bdddb2 100644 +--- a/elf/dl-reloc.c ++++ b/elf/dl-reloc.c +@@ -202,8 +202,8 @@ resolve_map (lookup_t l, struct r_scope_elem *scope[], const ElfW(Sym) **ref, + #include "dynamic-link.h" + + void +-_dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[], +- int reloc_mode, int consider_profiling) ++_dl_relocate_object_no_relro (struct link_map *l, struct r_scope_elem *scope[], ++ int reloc_mode, int consider_profiling) + { + struct textrels + { +@@ -242,9 +242,6 @@ _dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[], + # define consider_symbind 0 + #endif + +- if (l->l_relocated) +- return; +- + /* If DT_BIND_NOW is set relocate all references in this object. We + do not do this if we are profiling, of course. */ + // XXX Correct for auditing? +@@ -342,17 +339,24 @@ _dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[], + + textrels = textrels->next; + } +- +- /* In case we can protect the data now that the relocations are +- done, do it. */ +- if (l->l_relro_size != 0) +- _dl_protect_relro (l); + } + ++void ++_dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[], ++ int reloc_mode, int consider_profiling) ++{ ++ if (l->l_relocated) ++ return; ++ _dl_relocate_object_no_relro (l, scope, reloc_mode, consider_profiling); ++ _dl_protect_relro (l); ++} + + void + _dl_protect_relro (struct link_map *l) + { ++ if (l->l_relro_size == 0) ++ return; ++ + ElfW(Addr) start = ALIGN_DOWN((l->l_addr + + l->l_relro_addr), + GLRO(dl_pagesize)); +diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h +index e8b7359b..94b32151 100644 +--- a/sysdeps/generic/ldsodefs.h ++++ b/sysdeps/generic/ldsodefs.h +@@ -1012,6 +1012,13 @@ extern void _dl_relocate_object (struct link_map *map, + int reloc_mode, int consider_profiling) + attribute_hidden; + ++/* Perform relocation, but do not apply RELRO. Does not check ++ L->relocated. Otherwise the same as _dl_relocate_object. */ ++void _dl_relocate_object_no_relro (struct link_map *map, ++ struct r_scope_elem *scope[], ++ int reloc_mode, int consider_profiling) ++ attribute_hidden; ++ + /* Protect PT_GNU_RELRO area. */ + extern void _dl_protect_relro (struct link_map *map) attribute_hidden; + +-- +2.27.0 + diff --git a/backport-elf-Keep-using-minimal-malloc-after-early-DTV-resize.patch b/backport-elf-Keep-using-minimal-malloc-after-early-DTV-resize.patch new file mode 100644 index 0000000..a7fafdb --- /dev/null +++ b/backport-elf-Keep-using-minimal-malloc-after-early-DTV-resize.patch @@ -0,0 +1,192 @@ +From aa3d7bd5299b33bffc118aa618b59bfa66059bcb Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 13 Feb 2025 21:56:52 +0100 +Subject: [PATCH] elf: Keep using minimal malloc after early DTV resize (bug + 32412) + +If an auditor loads many TLS-using modules during startup, it is +possible to trigger DTV resizing. Previously, the DTV was marked +as allocated by the main malloc afterwards, even if the minimal +malloc was still in use. With this change, _dl_resize_dtv marks +the resized DTV as allocated with the minimal malloc. + +The new test reuses TLS-using modules from other auditing tests. + +Reviewed-by: DJ Delorie +--- + elf/Makefile | 5 +++ + elf/dl-tls.c | 7 ++++ + elf/tst-audit-tlsdesc-dlopen2.c | 46 +++++++++++++++++++++++++ + elf/tst-auditmod-tlsdesc2.c | 59 +++++++++++++++++++++++++++++++++ + 4 files changed, 117 insertions(+) + create mode 100644 elf/tst-audit-tlsdesc-dlopen2.c + create mode 100644 elf/tst-auditmod-tlsdesc2.c + +diff --git a/elf/Makefile b/elf/Makefile +index 5c833871d0..1ea0e7037e 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -379,6 +379,7 @@ tests += \ + tst-align3 \ + tst-audit-tlsdesc \ + tst-audit-tlsdesc-dlopen \ ++ tst-audit-tlsdesc-dlopen2 \ + tst-audit1 \ + tst-audit2 \ + tst-audit8 \ +@@ -863,6 +864,7 @@ modules-names += \ + tst-auditmanymod8 \ + tst-auditmanymod9 \ + tst-auditmod-tlsdesc \ ++ tst-auditmod-tlsdesc2 \ + tst-auditmod1 \ + tst-auditmod11 \ + tst-auditmod12 \ +@@ -3189,6 +3191,9 @@ $(objpfx)tst-audit-tlsdesc.out: $(objpfx)tst-auditmod-tlsdesc.so + tst-audit-tlsdesc-ENV = LD_AUDIT=$(objpfx)tst-auditmod-tlsdesc.so + $(objpfx)tst-audit-tlsdesc-dlopen.out: $(objpfx)tst-auditmod-tlsdesc.so + tst-audit-tlsdesc-dlopen-ENV = LD_AUDIT=$(objpfx)tst-auditmod-tlsdesc.so ++$(objpfx)tst-audit-tlsdesc-dlopen2.out: $(objpfx)tst-auditmod-tlsdesc2.so \ ++ $(patsubst %, $(objpfx)%.so, $(tlsmod17a-modules)) ++tst-audit-tlsdesc-dlopen2-ENV = LD_AUDIT=$(objpfx)tst-auditmod-tlsdesc2.so + + $(objpfx)tst-dlmopen-twice.out: \ + $(objpfx)tst-dlmopen-twice-mod1.so \ +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index 5178d9b66a..a083a82933 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -566,6 +566,13 @@ _dl_resize_dtv (dtv_t *dtv, size_t max_modid) + if (newp == NULL) + oom (); + memcpy (newp, &dtv[-1], (2 + oldsize) * sizeof (dtv_t)); ++#ifdef SHARED ++ /* Auditors can trigger a DTV resize event while the full malloc ++ is not yet in use. Mark the new DTV allocation as the ++ initial allocation. */ ++ if (!__rtld_malloc_is_complete ()) ++ GL(dl_initial_dtv) = &newp[1]; ++#endif + } + else + { +diff --git a/elf/tst-audit-tlsdesc-dlopen2.c b/elf/tst-audit-tlsdesc-dlopen2.c +new file mode 100644 +index 0000000000..7ba2c4129a +--- /dev/null ++++ b/elf/tst-audit-tlsdesc-dlopen2.c +@@ -0,0 +1,46 @@ ++/* Loading TLS-using modules from auditors (bug 32412). Main program. ++ Copyright (C) 2021-2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++static int ++do_test (void) ++{ ++ puts ("info: start of main program"); ++ ++ /* Load TLS-using modules, to trigger DTV resizing. The dynamic ++ linker will load them again (requiring their own TLS) because the ++ dlopen calls from the auditor were in the auditing namespace. */ ++ for (int i = 1; i <= 19; ++i) ++ { ++ char dso[30]; ++ snprintf (dso, sizeof (dso), "tst-tlsmod17a%d.so", i); ++ char sym[30]; ++ snprintf (sym, sizeof(sym), "tlsmod17a%d", i); ++ ++ void *handle = xdlopen (dso, RTLD_LAZY); ++ int (*func) (void) = xdlsym (handle, sym); ++ /* Trigger TLS allocation. */ ++ func (); ++ } ++ ++ return 0; ++} ++ ++#include +diff --git a/elf/tst-auditmod-tlsdesc2.c b/elf/tst-auditmod-tlsdesc2.c +new file mode 100644 +index 0000000000..50275cd34d +--- /dev/null ++++ b/elf/tst-auditmod-tlsdesc2.c +@@ -0,0 +1,59 @@ ++/* Loading TLS-using modules from auditors (bug 32412). Audit module. ++ Copyright (C) 2021-2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++ ++unsigned int ++la_version (unsigned int version) ++{ ++ /* Open some modules, to trigger DTV resizing before the switch to ++ the main malloc. */ ++ for (int i = 1; i <= 19; ++i) ++ { ++ char dso[30]; ++ snprintf (dso, sizeof (dso), "tst-tlsmod17a%d.so", i); ++ char sym[30]; ++ snprintf (sym, sizeof(sym), "tlsmod17a%d", i); ++ ++ void *handle = dlopen (dso, RTLD_LAZY); ++ if (handle == NULL) ++ { ++ printf ("error: dlmopen from auditor: %s\n", dlerror ()); ++ fflush (stdout); ++ _exit (1); ++ } ++ int (*func) (void) = dlsym (handle, sym); ++ if (func == NULL) ++ { ++ printf ("error: dlsym from auditor: %s\n", dlerror ()); ++ fflush (stdout); ++ _exit (1); ++ } ++ /* Trigger TLS allocation. */ ++ func (); ++ } ++ ++ puts ("info: TLS-using modules loaded from auditor"); ++ fflush (stdout); ++ ++ return LAV_CURRENT; ++} +-- +2.27.0 + diff --git a/backport-elf-Move-__rtld_malloc_init_stubs-call-into-_dl_star.patch b/backport-elf-Move-__rtld_malloc_init_stubs-call-into-_dl_star.patch new file mode 100644 index 0000000..08c28b1 --- /dev/null +++ b/backport-elf-Move-__rtld_malloc_init_stubs-call-into-_dl_star.patch @@ -0,0 +1,39 @@ +From 2abfa1907218c5ec9d52bb81bee3f1af652f67c7 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 24 Sep 2024 13:23:10 +0200 +Subject: [PATCH] elf: Move __rtld_malloc_init_stubs call into _dl_start_final + +Calling an extern function in a different translation unit before +self-relocation is brittle. The compiler may load the address +at an earlier point in _dl_start, before self-relocation. In +_dl_start_final, the call is behind a compiler barrier, so this +cannot happen. +--- + elf/rtld.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/elf/rtld.c b/elf/rtld.c +index 9355b30214..cb6b61d570 100644 +--- a/elf/rtld.c ++++ b/elf/rtld.c +@@ -452,6 +452,8 @@ _dl_start_final (void *arg, struct dl_start_final_info *info) + { + ElfW(Addr) start_addr; + ++ __rtld_malloc_init_stubs (); ++ + /* Do not use an initializer for these members because it would + interfere with __rtld_static_init. */ + GLRO (dl_find_object) = &_dl_find_object; +@@ -574,8 +576,6 @@ _dl_start (void *arg) + function, that way the compiler cannot put accesses to the GOT + before ELF_DYNAMIC_RELOCATE. */ + +- __rtld_malloc_init_stubs (); +- + #ifdef DONT_USE_BOOTSTRAP_MAP + return _dl_start_final (arg); + #else +-- +2.27.0 + diff --git a/backport-elf-Switch-to-main-malloc-after-final-ld.so-self-rel.patch b/backport-elf-Switch-to-main-malloc-after-final-ld.so-self-rel.patch new file mode 100644 index 0000000..6af7c97 --- /dev/null +++ b/backport-elf-Switch-to-main-malloc-after-final-ld.so-self-rel.patch @@ -0,0 +1,217 @@ +From c1560f3f75c0e892b5522c16f91b4e303f677094 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 6 Nov 2024 10:33:44 +0100 +Subject: [PATCH] elf: Switch to main malloc after final ld.so self-relocation + +Before commit ee1ada1bdb8074de6e1bdc956ab19aef7b6a7872 +("elf: Rework exception handling in the dynamic loader +[BZ #25486]"), the previous order called the main calloc +to allocate a shadow GOT/PLT array for auditing support. +This happened before libc.so.6 ELF constructors were run, so +a user malloc could run without libc.so.6 having been +initialized fully. One observable effect was that +environ was NULL at this point. + +It does not seem to be possible at present to trigger such +an allocation, but it seems more robust to delay switching +to main malloc after ld.so self-relocation is complete. +The elf/tst-rtld-no-malloc-audit test case fails with a +2.34-era glibc that does not have this fix. + +Reviewed-by: DJ Delorie +--- + elf/Makefile | 9 ++++ + elf/dl-support.c | 3 +- + elf/rtld.c | 26 +++++------ + elf/tst-rtld-no-malloc-audit.c | 1 + + elf/tst-rtld-no-malloc-preload.c | 1 + + elf/tst-rtld-no-malloc.c | 76 ++++++++++++++++++++++++++++++++ + 6 files changed, 100 insertions(+), 16 deletions(-) + create mode 100644 elf/tst-rtld-no-malloc-audit.c + create mode 100644 elf/tst-rtld-no-malloc-preload.c + create mode 100644 elf/tst-rtld-no-malloc.c + +diff --git a/elf/Makefile b/elf/Makefile +index cebc4a2a..ea98cba8 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -435,6 +435,9 @@ tests += \ + tst-p_align3 \ + tst-relsort1 \ + tst-ro-dynamic \ ++ tst-rtld-no-malloc \ ++ tst-rtld-no-malloc-audit \ ++ tst-rtld-no-malloc-preload \ + tst-rtld-run-static \ + tst-single_threaded \ + tst-single_threaded-pthread \ +@@ -3038,3 +3041,9 @@ CFLAGS-tst-tlsgap-mod0.c += -mtls-dialect=gnu2 + CFLAGS-tst-tlsgap-mod1.c += -mtls-dialect=gnu2 + CFLAGS-tst-tlsgap-mod2.c += -mtls-dialect=gnu2 + endif ++ ++# Reuse an audit module which provides ample debug logging. ++tst-rtld-no-malloc-audit-ENV = LD_AUDIT=$(objpfx)tst-auditmod1.so ++ ++# Any shared object should do. ++tst-rtld-no-malloc-preload-ENV = LD_PRELOAD=$(objpfx)tst-auditmod1.so +diff --git a/elf/dl-support.c b/elf/dl-support.c +index 44a54dea..5b7f4af2 100644 +--- a/elf/dl-support.c ++++ b/elf/dl-support.c +@@ -345,8 +345,7 @@ _dl_non_dynamic_init (void) + call_function_static_weak (_dl_find_object_init); + + /* Setup relro on the binary itself. */ +- if (_dl_main_map.l_relro_size != 0) +- _dl_protect_relro (&_dl_main_map); ++ _dl_protect_relro (&_dl_main_map); + } + + #ifdef DL_SYSINFO_IMPLEMENTATION +diff --git a/elf/rtld.c b/elf/rtld.c +index 87459ca7..558733b8 100644 +--- a/elf/rtld.c ++++ b/elf/rtld.c +@@ -2346,30 +2346,28 @@ dl_main (const ElfW(Phdr) *phdr, + + if (rtld_multiple_ref) + { +- /* There was an explicit ref to the dynamic linker as a shared lib. +- Re-relocate ourselves with user-controlled symbol definitions. +- +- We must do this after TLS initialization in case after this +- re-relocation, we might call a user-supplied function +- (e.g. calloc from _dl_relocate_object) that uses TLS data. */ + + /* Set up the object lookup structures. */ + _dl_find_object_init (); + +- /* The malloc implementation has been relocated, so resolving +- its symbols (and potentially calling IFUNC resolvers) is safe +- at this point. */ +- __rtld_malloc_init_real (main_map); +- + /* Likewise for the locking implementation. */ + __rtld_mutex_init (); + ++ /* Re-relocate ourselves with user-controlled symbol definitions. */ ++ + RTLD_TIMING_VAR (start); + rtld_timer_start (&start); + +- /* Mark the link map as not yet relocated again. */ +- GL(dl_rtld_map).l_relocated = 0; +- _dl_relocate_object (&GL(dl_rtld_map), main_map->l_scope, 0, 0); ++ _dl_relocate_object_no_relro (&GL(dl_rtld_map), main_map->l_scope, 0, 0); ++ ++ ++ /* The malloc implementation has been relocated, so resolving ++ * its symbols (and potentially calling IFUNC resolvers) is safe ++ * at this point. */ ++ __rtld_malloc_init_real (main_map); ++ ++ if (GL(dl_rtld_map).l_relro_size != 0) ++ _dl_protect_relro (&GL(dl_rtld_map)); + + rtld_timer_accum (&relocate_time, start); + } +diff --git a/elf/tst-rtld-no-malloc-audit.c b/elf/tst-rtld-no-malloc-audit.c +new file mode 100644 +index 00000000..a028377a +--- /dev/null ++++ b/elf/tst-rtld-no-malloc-audit.c +@@ -0,0 +1 @@ ++#include "tst-rtld-no-malloc.c" +diff --git a/elf/tst-rtld-no-malloc-preload.c b/elf/tst-rtld-no-malloc-preload.c +new file mode 100644 +index 00000000..a028377a +--- /dev/null ++++ b/elf/tst-rtld-no-malloc-preload.c +@@ -0,0 +1 @@ ++#include "tst-rtld-no-malloc.c" +diff --git a/elf/tst-rtld-no-malloc.c b/elf/tst-rtld-no-malloc.c +new file mode 100644 +index 00000000..5f24d4bd +--- /dev/null ++++ b/elf/tst-rtld-no-malloc.c +@@ -0,0 +1,76 @@ ++/* Test that program loading does not call malloc. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++ ++#include ++#include ++ ++static void ++print (const char *s) ++{ ++ const char *end = s + strlen (s); ++ while (s < end) ++ { ++ ssize_t ret = write (STDOUT_FILENO, s, end - s); ++ if (ret <= 0) ++ _exit (2); ++ s += ret; ++ } ++} ++ ++static void __attribute__ ((noreturn)) ++unexpected_call (const char *function) ++{ ++ print ("error: unexpected call to "); ++ print (function); ++ print ("\n"); ++ _exit (1); ++} ++ ++/* These are the malloc functions implement in elf/dl-minimal.c. */ ++ ++void ++free (void *ignored) ++{ ++ unexpected_call ("free"); ++} ++ ++void * ++calloc (size_t ignored1, size_t ignored2) ++{ ++ unexpected_call ("calloc"); ++} ++ ++void * ++malloc (size_t ignored) ++{ ++ unexpected_call ("malloc"); ++} ++ ++void * ++realloc (void *ignored1, size_t ignored2) ++{ ++ unexpected_call ("realloc"); ++} ++ ++int ++main (void) ++{ ++ /* Do not use the test wrapper, to avoid spurious malloc calls from it. */ ++ return 0; ++} +-- +2.27.0 + diff --git a/backport-elf-avoid-jumping-over-a-needed-declaration.patch b/backport-elf-avoid-jumping-over-a-needed-declaration.patch new file mode 100644 index 0000000..8837f48 --- /dev/null +++ b/backport-elf-avoid-jumping-over-a-needed-declaration.patch @@ -0,0 +1,40 @@ +From 8e572067976ea700e5ef750458c42c47328fe459 Mon Sep 17 00:00:00 2001 +From: DJ Delorie +Date: Wed, 6 Nov 2024 21:40:35 -0500 +Subject: [PATCH] elf: avoid jumping over a needed declaration + +The declaration of found_other_class could be jumped +over via the goto just above it, but the code jumped +to uses found_other_class. Move the declaration +up a bit to ensure it's properly declared and initialized. +--- + elf/dl-load.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/elf/dl-load.c b/elf/dl-load.c +index ac8e217a7f..335b34c56d 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1931,6 +1931,9 @@ _dl_map_object (struct link_map *loader, const char *name, + : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n", + name, nsid, DSO_FILENAME (loader->l_name), loader->l_ns); + ++ /* Will be true if we found a DSO which is of the other ELF class. */ ++ bool found_other_class = false; ++ + #ifdef SHARED + /* Give the auditing libraries a chance to change the name before we + try anything. */ +@@ -1948,9 +1951,6 @@ _dl_map_object (struct link_map *loader, const char *name, + } + #endif + +- /* Will be true if we found a DSO which is of the other ELF class. */ +- bool found_other_class = false; +- + if (strchr (name, '/') == NULL) + { + /* Search for NAME in several places. */ +-- +2.27.0 + diff --git a/backport-libio-Fix-oversized-__io_vtables.patch b/backport-libio-Fix-oversized-__io_vtables.patch index 6b5a409..6f8a158 100644 --- a/backport-libio-Fix-oversized-__io_vtables.patch +++ b/backport-libio-Fix-oversized-__io_vtables.patch @@ -1,7 +1,7 @@ From 92201f16cbcfd9eafe314ef6654be2ea7ba25675 Mon Sep 17 00:00:00 2001 From: Adam Jackson Date: Fri, 8 Sep 2023 15:55:19 -0400 -Subject: [PATCH] libio: Fix oversized __io_vtables +Subject: [PATCH 12/12] libio: Fix oversized __io_vtables IO_VTABLES_LEN is the size of the struct array in bytes, not the number of __IO_jump_t's in the array. Drops just under 384kb from .rodata on @@ -47,5 +47,5 @@ index 1d8ad612e9..34f7e15f1c 100644 #ifdef SHARED -- -2.39.3 +2.33.0 diff --git a/backport-x86-string-Fixup-alignment-of-main-loop-in-str-n-cmp.patch b/backport-x86-string-Fixup-alignment-of-main-loop-in-str-n-cmp.patch index 49f2479..5d5cf38 100644 --- a/backport-x86-string-Fixup-alignment-of-main-loop-in-str-n-cmp.patch +++ b/backport-x86-string-Fixup-alignment-of-main-loop-in-str-n-cmp.patch @@ -1,8 +1,8 @@ -From 483443d3211532903d7e790211af5a1d55fdb1f3 Mon Sep 17 00:00:00 2001 +From 12fec8aae5e17cc4dc3bb079265c46ee78faeddb Mon Sep 17 00:00:00 2001 From: Noah Goldstein Date: Fri, 27 Sep 2024 15:50:10 -0700 -Subject: [PATCH] x86/string: Fixup alignment of main loop in str{n}cmp-evex - [BZ #32212] +Subject: [PATCH] x86/string: Fixup alignment of main loop in + str{n}cmp-evex [BZ #32212] The loop should be aligned to 32-bytes so that it can ideally run out the DSB. This is particularly important on Skylake-Server where @@ -66,12 +66,13 @@ up in tight micro-benchmark loops and is unlikely to have any affect on realworld performance. Reviewed-by: H.J. Lu +(cherry picked from commit 483443d3211532903d7e790211af5a1d55fdb1f3) --- sysdeps/x86_64/multiarch/strcmp-evex.S | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/sysdeps/x86_64/multiarch/strcmp-evex.S b/sysdeps/x86_64/multiarch/strcmp-evex.S -index 06730ab2a1..cea034f394 100644 +index ae39cdf217..6a7fec669e 100644 --- a/sysdeps/x86_64/multiarch/strcmp-evex.S +++ b/sysdeps/x86_64/multiarch/strcmp-evex.S @@ -209,7 +209,9 @@ @@ -144,5 +145,5 @@ index 06730ab2a1..cea034f394 100644 xorl %r8d, %eax subl %r8d, %eax -- -2.39.3 +2.27.0 diff --git a/c69b88fc71aa5657662c5c4f176a51034b029ac4.patch b/c69b88fc71aa5657662c5c4f176a51034b029ac4.patch index 43b7a80..17b090f 100644 --- a/c69b88fc71aa5657662c5c4f176a51034b029ac4.patch +++ b/c69b88fc71aa5657662c5c4f176a51034b029ac4.patch @@ -42,7 +42,7 @@ Reviewed-by: Sam James 2 files changed, 14 insertions(+) diff --git a/sysdeps/x86_64/Makefile b/sysdeps/x86_64/Makefile -index 00120ca9caf..105a9a431ea 100644 +index 00120ca9ca..105a9a431e 100644 --- a/sysdeps/x86_64/Makefile +++ b/sysdeps/x86_64/Makefile @@ -175,6 +175,15 @@ ifeq (no,$(build-hardcoded-path-in-tests)) @@ -62,7 +62,7 @@ index 00120ca9caf..105a9a431ea 100644 ifeq ($(subdir),csu) diff --git a/sysdeps/x86_64/Versions b/sysdeps/x86_64/Versions -index e94758b2364..6a989ad3b37 100644 +index e94758b236..6a989ad3b3 100644 --- a/sysdeps/x86_64/Versions +++ b/sysdeps/x86_64/Versions @@ -5,6 +5,11 @@ libc { @@ -77,3 +77,6 @@ index e94758b2364..6a989ad3b37 100644 } libm { GLIBC_2.1 { +-- +2.27.0 + diff --git a/e925c13e039df061c7bf48e458e9ea26fa3ca8a3.patch b/e925c13e039df061c7bf48e458e9ea26fa3ca8a3.patch new file mode 100644 index 0000000..7ba74c2 --- /dev/null +++ b/e925c13e039df061c7bf48e458e9ea26fa3ca8a3.patch @@ -0,0 +1,35 @@ +From e925c13e039df061c7bf48e458e9ea26fa3ca8a3 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 31 Mar 2025 21:33:18 +0200 +Subject: [PATCH] x86: Link tst-gnu2-tls2-x86-noxsave{,c,xsavec} with + libpthread + +This fixes a test build failure on Hurd. + +Fixes commit 145097dff170507fe73190e8e41194f5b5f7e6bf ("x86: Use separate +variable for TLSDESC XSAVE/XSAVEC state size (bug 32810)"). + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit c6e2895695118ab59c7b17feb0fcb75a53e3478c) +(cherry picked from commit 837a36c371f18a3152d032e8060f4e5120c25e2b) +--- + sysdeps/x86/Makefile | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile +index e4286a7acd..b76b72ca4d 100644 +--- a/sysdeps/x86/Makefile ++++ b/sysdeps/x86/Makefile +@@ -102,6 +102,9 @@ LDFLAGS-tst-gnu2-tls2-x86-noxsavexsavec += -Wl,-z,lazy + tst-gnu2-tls2-x86-noxsave-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-XSAVE + tst-gnu2-tls2-x86-noxsavec-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-XSAVEC + tst-gnu2-tls2-x86-noxsavexsavec-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-XSAVE,-XSAVEC ++$(objpfx)tst-gnu2-tls2-x86-noxsave: $(shared-thread-library) ++$(objpfx)tst-gnu2-tls2-x86-noxsavec: $(shared-thread-library) ++$(objpfx)tst-gnu2-tls2-x86-noxsavexsavec: $(shared-thread-library) + $(objpfx)tst-gnu2-tls2-x86-noxsave.out \ + $(objpfx)tst-gnu2-tls2-x86-noxsavec.out \ + $(objpfx)tst-gnu2-tls2-x86-noxsavexsavec.out: \ +-- +2.27.0 + diff --git a/elf-Add-TLS-modid-reuse-test-for-bug-29039.patch b/elf-Add-TLS-modid-reuse-test-for-bug-29039.patch new file mode 100644 index 0000000..2dddd8e --- /dev/null +++ b/elf-Add-TLS-modid-reuse-test-for-bug-29039.patch @@ -0,0 +1,210 @@ +From 0de9082ed8d8f149ca87d569a73692046e236c18 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Wed, 29 Nov 2023 11:31:37 +0000 +Subject: [PATCH 3/9] elf: Add TLS modid reuse test for bug 29039 + +This is a minimal regression test for bug 29039 which only affects +targets with TLSDESC and a reproducer requires that + +1) Have modid gaps (closed modules) with old generation. +2) Update a DTV to a newer generation (needs a newer dlopen). +3) But do not update the closed gap entry in that DTV. +4) Reuse the modid gap for a new module (another dlopen). +5) Use dynamic TLSDESC in that new module with old generation (bug). +6) Access TLS via this TLSDESC and the now outdated DTV. + +However step (3) in practice rarely happens: during DTV update the +entries for closed modids are initialized to "unallocated" and then +dynamic TLSDESC calls __tls_get_addr independently of its generation. +The only exception to this is DTV setup at thread creation (gaps are +initialized to NULL instead of unallocated) or DTV resize where the +gap entries are outside the previous DTV array (again NULL instead +of unallocated, and this requires loading > DTV_SURPLUS modules). + +So the bug can only cause NULL (+ offset) dereference, not use after +free. And the easiest way to get (3) is via thread creation. + +Note that step (5) requires that the newly loaded module has larger +TLS than the remaining optional static TLS. And for (6) there cannot +be other TLS access or dlopen in the thread that updates the DTV. + +Tested on aarch64-linux-gnu. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 980450f12685326729d63ff72e93a996113bf073) + +Conflict: This adapt the context elf/Makefile due to BZ 31035. +--- + elf/Makefile | 15 +++++++ + elf/tst-tlsgap-mod0.c | 2 + + elf/tst-tlsgap-mod1.c | 2 + + elf/tst-tlsgap-mod2.c | 2 + + elf/tst-tlsgap.c | 92 +++++++++++++++++++++++++++++++++++++++++++ + 5 files changed, 113 insertions(+) + create mode 100644 elf/tst-tlsgap-mod0.c + create mode 100644 elf/tst-tlsgap-mod1.c + create mode 100644 elf/tst-tlsgap-mod2.c + create mode 100644 elf/tst-tlsgap.c + +diff --git a/elf/Makefile b/elf/Makefile +index 00ac7430..711f96fe 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -460,6 +460,7 @@ tests += \ + tst-tls21 \ + tst-tlsalign \ + tst-tlsalign-extern \ ++ tst-tlsgap \ + tst-unique1 \ + tst-unique2 \ + tst-unwind-ctor \ +@@ -885,6 +886,9 @@ modules-names += \ + tst-tls20mod-bad \ + tst-tls21mod \ + tst-tlsalign-lib \ ++ tst-tlsgap-mod0 \ ++ tst-tlsgap-mod1 \ ++ tst-tlsgap-mod2 \ + tst-tlsmod1 \ + tst-tlsmod10 \ + tst-tlsmod11 \ +@@ -3002,3 +3006,14 @@ $(objpfx)tst-non-directory-path.out: tst-non-directory-path.sh \ + '$(test-wrapper-env)' '$(run_program_env)' \ + '$(rpath-link)' $(objpfx) > $@; \ + $(evaluate-test) ++ ++$(objpfx)tst-tlsgap: $(shared-thread-library) ++$(objpfx)tst-tlsgap.out: \ ++ $(objpfx)tst-tlsgap-mod0.so \ ++ $(objpfx)tst-tlsgap-mod1.so \ ++ $(objpfx)tst-tlsgap-mod2.so ++ifeq (yes,$(have-mtls-dialect-gnu2)) ++CFLAGS-tst-tlsgap-mod0.c += -mtls-dialect=gnu2 ++CFLAGS-tst-tlsgap-mod1.c += -mtls-dialect=gnu2 ++CFLAGS-tst-tlsgap-mod2.c += -mtls-dialect=gnu2 ++endif +diff --git a/elf/tst-tlsgap-mod0.c b/elf/tst-tlsgap-mod0.c +new file mode 100644 +index 00000000..1478b0be +--- /dev/null ++++ b/elf/tst-tlsgap-mod0.c +@@ -0,0 +1,2 @@ ++int __thread tls0; ++int *f0(void) { return &tls0; } +diff --git a/elf/tst-tlsgap-mod1.c b/elf/tst-tlsgap-mod1.c +new file mode 100644 +index 00000000..b10fc370 +--- /dev/null ++++ b/elf/tst-tlsgap-mod1.c +@@ -0,0 +1,2 @@ ++int __thread tls1[100]; /* Size > glibc.rtld.optional_static_tls / 2. */ ++int *f1(void) { return tls1; } +diff --git a/elf/tst-tlsgap-mod2.c b/elf/tst-tlsgap-mod2.c +new file mode 100644 +index 00000000..166c27d7 +--- /dev/null ++++ b/elf/tst-tlsgap-mod2.c +@@ -0,0 +1,2 @@ ++int __thread tls2; ++int *f2(void) { return &tls2; } +diff --git a/elf/tst-tlsgap.c b/elf/tst-tlsgap.c +new file mode 100644 +index 00000000..49328850 +--- /dev/null ++++ b/elf/tst-tlsgap.c +@@ -0,0 +1,92 @@ ++/* TLS modid gap reuse regression test for bug 29039. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static void *mod[3]; ++#define MOD(i) "tst-tlsgap-mod" #i ".so" ++static const char *modname[3] = { MOD(0), MOD(1), MOD(2) }; ++#undef MOD ++ ++static void ++open_mod (int i) ++{ ++ mod[i] = xdlopen (modname[i], RTLD_LAZY); ++ printf ("open %s\n", modname[i]); ++} ++ ++static void ++close_mod (int i) ++{ ++ xdlclose (mod[i]); ++ mod[i] = NULL; ++ printf ("close %s\n", modname[i]); ++} ++ ++static void ++access_mod (int i, const char *sym) ++{ ++ int *(*f) (void) = xdlsym (mod[i], sym); ++ int *p = f (); ++ printf ("access %s: %s() = %p\n", modname[i], sym, p); ++ TEST_VERIFY_EXIT (p != NULL); ++ ++*p; ++} ++ ++static void * ++start (void *arg) ++{ ++ /* The DTV generation is at the last dlopen of mod0 and the ++ entry for mod1 is NULL. */ ++ ++ open_mod (1); /* Reuse modid of mod1. Uses dynamic TLS. */ ++ ++ /* DTV is unchanged: dlopen only updates the DTV to the latest ++ generation if static TLS is allocated for a loaded module. ++ ++ With bug 29039, the TLSDESC relocation in mod1 uses the old ++ dlclose generation of mod1 instead of the new dlopen one so ++ DTV is not updated on TLS access. */ ++ ++ access_mod (1, "f1"); ++ ++ return arg; ++} ++ ++static int ++do_test (void) ++{ ++ open_mod (0); ++ open_mod (1); ++ open_mod (2); ++ close_mod (0); ++ close_mod (1); /* Create modid gap at mod1. */ ++ open_mod (0); /* Reuse modid of mod0, bump generation count. */ ++ ++ /* Create a thread where DTV of mod1 is NULL. */ ++ pthread_t t = xpthread_create (NULL, start, NULL); ++ xpthread_join (t); ++ return 0; ++} ++ ++#include +-- +2.33.0 + diff --git a/elf-Add-a-way-to-check-if-tunable-is-set-BZ-27069.patch b/elf-Add-a-way-to-check-if-tunable-is-set-BZ-27069.patch new file mode 100644 index 0000000..79ffdec --- /dev/null +++ b/elf-Add-a-way-to-check-if-tunable-is-set-BZ-27069.patch @@ -0,0 +1,201 @@ +From a4c3f5f46e850c977cda81c251036475aab8313c Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Thu, 23 Nov 2023 14:29:14 -0300 +Subject: [PATCH] elf: Add a way to check if tunable is set (BZ 27069) + +The patch adds two new macros, TUNABLE_GET_DEFAULT and TUNABLE_IS_INITIALIZED, +here the former get the default value with a signature similar to +TUNABLE_GET, while the later returns whether the tunable was set by +the environment variable. + +Checked on x86_64-linux-gnu. +Reviewed-by: DJ Delorie +Tested-by: Zhangfei Gao + +Conflict: this adapt the context of scripts/gen-tunables.awk +--- + elf/Versions | 1 + + elf/dl-tunable-types.h | 1 + + elf/dl-tunables.c | 40 ++++++++++++++++++++++++++++++++++++++++ + elf/dl-tunables.h | 28 ++++++++++++++++++++++++++++ + elf/dl-tunables.list | 1 + + scripts/gen-tunables.awk | 4 ++-- + 6 files changed, 73 insertions(+), 2 deletions(-) + +diff --git a/elf/Versions b/elf/Versions +index 4614acea..1591031d 100644 +--- a/elf/Versions ++++ b/elf/Versions +@@ -77,6 +77,7 @@ ld { + _dl_signal_error; + + # Set value of a tunable. ++ __tunable_is_initialized; + __tunable_get_val; + } + } +diff --git a/elf/dl-tunable-types.h b/elf/dl-tunable-types.h +index c8833265..c41a3b3b 100644 +--- a/elf/dl-tunable-types.h ++++ b/elf/dl-tunable-types.h +@@ -61,6 +61,7 @@ struct _tunable + { + const char name[TUNABLE_NAME_MAX]; /* Internal name of the tunable. */ + tunable_type_t type; /* Data type of the tunable. */ ++ const tunable_val_t def; /* The value. */ + tunable_val_t val; /* The value. */ + bool initialized; /* Flag to indicate that the tunable is + initialized. */ +diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c +index cae67efa..79b4d542 100644 +--- a/elf/dl-tunables.c ++++ b/elf/dl-tunables.c +@@ -145,6 +145,13 @@ tunable_initialize (tunable_t *cur, const char *strval) + do_tunable_update_val (cur, &val, NULL, NULL); + } + ++bool ++__tunable_is_initialized (tunable_id_t id) ++{ ++ return tunable_list[id].initialized; ++} ++rtld_hidden_def (__tunable_is_initialized) ++ + void + __tunable_set_val (tunable_id_t id, tunable_val_t *valp, tunable_num_t *minp, + tunable_num_t *maxp) +@@ -388,6 +395,39 @@ __tunables_print (void) + } + } + ++void ++__tunable_get_default (tunable_id_t id, void *valp) ++{ ++ tunable_t *cur = &tunable_list[id]; ++ ++ switch (cur->type.type_code) ++ { ++ case TUNABLE_TYPE_UINT_64: ++ { ++ *((uint64_t *) valp) = (uint64_t) cur->def.numval; ++ break; ++ } ++ case TUNABLE_TYPE_INT_32: ++ { ++ *((int32_t *) valp) = (int32_t) cur->def.numval; ++ break; ++ } ++ case TUNABLE_TYPE_SIZE_T: ++ { ++ *((size_t *) valp) = (size_t) cur->def.numval; ++ break; ++ } ++ case TUNABLE_TYPE_STRING: ++ { ++ *((const char **)valp) = cur->def.strval; ++ break; ++ } ++ default: ++ __builtin_unreachable (); ++ } ++} ++rtld_hidden_def (__tunable_get_default) ++ + /* Set the tunable value. This is called by the module that the tunable exists + in. */ + void +diff --git a/elf/dl-tunables.h b/elf/dl-tunables.h +index 45c191e0..0df4dde2 100644 +--- a/elf/dl-tunables.h ++++ b/elf/dl-tunables.h +@@ -45,18 +45,26 @@ typedef void (*tunable_callback_t) (tunable_val_t *); + + extern void __tunables_init (char **); + extern void __tunables_print (void); ++extern bool __tunable_is_initialized (tunable_id_t); + extern void __tunable_get_val (tunable_id_t, void *, tunable_callback_t); + extern void __tunable_set_val (tunable_id_t, tunable_val_t *, tunable_num_t *, + tunable_num_t *); ++extern void __tunable_get_default (tunable_id_t id, void *valp); + rtld_hidden_proto (__tunables_init) + rtld_hidden_proto (__tunables_print) ++rtld_hidden_proto (__tunable_is_initialized) + rtld_hidden_proto (__tunable_get_val) + rtld_hidden_proto (__tunable_set_val) ++rtld_hidden_proto (__tunable_get_default) + + /* Define TUNABLE_GET and TUNABLE_SET in short form if TOP_NAMESPACE and + TUNABLE_NAMESPACE are defined. This is useful shorthand to get and set + tunables within a module. */ + #if defined TOP_NAMESPACE && defined TUNABLE_NAMESPACE ++# define TUNABLE_IS_INITIALIZED(__id) \ ++ TUNABLE_IS_INITIALIZED_FULL(TOP_NAMESPACE, TUNABLE_NAMESPACE, __id) ++# define TUNABLE_GET_DEFAULT(__id, __type) \ ++ TUNABLE_GET_DEFAULT_FULL(TOP_NAMESPACE, TUNABLE_NAMESPACE,__id, __type) + # define TUNABLE_GET(__id, __type, __cb) \ + TUNABLE_GET_FULL (TOP_NAMESPACE, TUNABLE_NAMESPACE, __id, __type, __cb) + # define TUNABLE_SET(__id, __val) \ +@@ -65,6 +73,10 @@ rtld_hidden_proto (__tunable_set_val) + TUNABLE_SET_WITH_BOUNDS_FULL (TOP_NAMESPACE, TUNABLE_NAMESPACE, __id, \ + __val, __min, __max) + #else ++# define TUNABLE_IS_INITIALIZED(__top, __ns, __id) \ ++ TUNABLE_IS_INITIALIZED_FULL(__top, __ns, __id) ++# define TUNABLE_GET_DEFAULT(__top, __ns, __type) \ ++ TUNABLE_GET_DEFAULT_FULL(__top, __ns, __id, __type) + # define TUNABLE_GET(__top, __ns, __id, __type, __cb) \ + TUNABLE_GET_FULL (__top, __ns, __id, __type, __cb) + # define TUNABLE_SET(__top, __ns, __id, __val) \ +@@ -73,6 +85,22 @@ rtld_hidden_proto (__tunable_set_val) + TUNABLE_SET_WITH_BOUNDS_FULL (__top, __ns, __id, __val, __min, __max) + #endif + ++/* Return whether the tunable was initialized by the environment variable. */ ++#define TUNABLE_IS_INITIALIZED_FULL(__top, __ns, __id) \ ++({ \ ++ tunable_id_t id = TUNABLE_ENUM_NAME (__top, __ns, __id); \ ++ __tunable_is_initialized (id); \ ++}) ++ ++/* Return the default value of the tunable. */ ++#define TUNABLE_GET_DEFAULT_FULL(__top, __ns, __id, __type) \ ++({ \ ++ tunable_id_t id = TUNABLE_ENUM_NAME (__top, __ns, __id); \ ++ __type __ret; \ ++ __tunable_get_default (id, &__ret); \ ++ __ret; \ ++}) ++ + /* Get and return a tunable value. If the tunable was set externally and __CB + is defined then call __CB before returning the value. */ + #define TUNABLE_GET_FULL(__top, __ns, __id, __type, __cb) \ +diff --git a/elf/dl-tunables.list b/elf/dl-tunables.list +index 695ba719..5bb858b1 100644 +--- a/elf/dl-tunables.list ++++ b/elf/dl-tunables.list +@@ -20,6 +20,7 @@ + # type: Defaults to STRING + # minval: Optional minimum acceptable value + # maxval: Optional maximum acceptable value ++# default: Optional default value (if not specified it will be 0 or "") + # env_alias: An alias environment variable + # security_level: Specify security level of the tunable for AT_SECURE binaries. + # Valid values are: +diff --git a/scripts/gen-tunables.awk b/scripts/gen-tunables.awk +index d6de100d..9726b052 100644 +--- a/scripts/gen-tunables.awk ++++ b/scripts/gen-tunables.awk +@@ -177,8 +177,8 @@ END { + n = indices[2]; + m = indices[3]; + printf (" {TUNABLE_NAME_S(%s, %s, %s)", t, n, m) +- printf (", {TUNABLE_TYPE_%s, %s, %s}, {%s}, false, TUNABLE_SECLEVEL_%s, %s},\n", +- types[t,n,m], minvals[t,n,m], maxvals[t,n,m], ++ printf (", {TUNABLE_TYPE_%s, %s, %s}, {%s}, {%s}, false, TUNABLE_SECLEVEL_%s, %s},\n", ++ types[t,n,m], minvals[t,n,m], maxvals[t,n,m], default_val[t,n,m], + default_val[t,n,m], security_level[t,n,m], env_alias[t,n,m]); + } + print "};" +-- +2.33.0 + diff --git a/elf-Avoid-some-free-NULL-calls-in-_dl_update_slotinf.patch b/elf-Avoid-some-free-NULL-calls-in-_dl_update_slotinf.patch new file mode 100644 index 0000000..6cfe03e --- /dev/null +++ b/elf-Avoid-some-free-NULL-calls-in-_dl_update_slotinf.patch @@ -0,0 +1,50 @@ +From 48642ef1a5721e0a7694d84fe46d83b6086dfe75 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 3 Jun 2024 10:49:40 +0200 +Subject: [PATCH] elf: Avoid some free (NULL) calls in + _dl_update_slotinfo + +This has been confirmed to work around some interposed mallocs. Here +is a discussion of the impact test ust/libc-wrapper/test_libc-wrapper +in lttng-tools: + + New TLS usage in libgcc_s.so.1, compatibility impact + + +Reportedly, this patch also papers over a similar issue when tcmalloc +2.9.1 is not compiled with -ftls-model=initial-exec. Of course the +goal really should be to compile mallocs with the initial-exec TLS +model, but this commit appears to be a useful interim workaround. + +Fixes commit d2123d68275acc0f061e73d5f86ca504e0d5a344 ("elf: Fix slow +tls access after dlopen [BZ #19924]"). + +Reviewed-by: Carlos O'Donell +(cherry picked from commit afe42e935b3ee97bac9a7064157587777259c60e) +--- + elf/dl-tls.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index 70446e71a8..de0168319c 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -819,7 +819,14 @@ _dl_update_slotinfo (unsigned long int req_modid, size_t new_gen) + dtv entry free it. Note: this is not AS-safe. */ + /* XXX Ideally we will at some point create a memory + pool. */ +- free (dtv[modid].pointer.to_free); ++ /* Avoid calling free on a null pointer. Some mallocs ++ incorrectly use dynamic TLS, and depending on how the ++ free function was compiled, it could call ++ __tls_get_addr before the null pointer check in the ++ free implementation. Checking here papers over at ++ least some dynamic TLS usage by interposed mallocs. */ ++ if (dtv[modid].pointer.to_free != NULL) ++ free (dtv[modid].pointer.to_free); + dtv[modid].pointer.val = TLS_DTV_UNALLOCATED; + dtv[modid].pointer.to_free = NULL; + +-- +2.27.0 + diff --git a/elf-Change-ldconfig-auxcache-magic-number-bug-32231.patch b/elf-Change-ldconfig-auxcache-magic-number-bug-32231.patch new file mode 100644 index 0000000..0059976 --- /dev/null +++ b/elf-Change-ldconfig-auxcache-magic-number-bug-32231.patch @@ -0,0 +1,49 @@ +From fa4ad104063204add2144df8151aa1135fffdd2d Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 28 Oct 2024 14:45:30 +0100 +Subject: [PATCH] elf: Change ldconfig auxcache magic number (bug 32231) + +In commit c628c2296392ed3bf2cb8d8470668e64fe53389f (elf: Remove +ldconfig kernel version check), the layout of auxcache entries +changed because the osversion field was removed from +struct aux_cache_file_entry. However, AUX_CACHEMAGIC was not +changed, so existing files are still used, potentially leading +to unintended ldconfig behavior. This commit changes AUX_CACHEMAGIC, +so that the file is regenerated. + +Reported-by: DJ Delorie +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 0a536f6e2f76e3ef581b3fd9af1e5cf4ddc7a5a2) +--- + NEWS | 1 + + elf/cache.c | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index a2adce11ff..8feb39f1ba 100644 +--- a/NEWS ++++ b/NEWS +@@ -59,6 +59,7 @@ The following bugs are resolved with this release: + [31968] mremap implementation in C does not handle arguments correctly + [32052] Name space violation in fortify wrappers + [32137] libio: Attempt wide backup free only for non-legacy code ++ [32231] elf: Change ldconfig auxcache magic number + + Version 2.38 + +diff --git a/elf/cache.c b/elf/cache.c +index 8149f889ba..5de69ec4ca 100644 +--- a/elf/cache.c ++++ b/elf/cache.c +@@ -823,7 +823,7 @@ struct aux_cache_entry + struct aux_cache_entry *next; + }; + +-#define AUX_CACHEMAGIC "glibc-ld.so.auxcache-1.0" ++#define AUX_CACHEMAGIC "glibc-ld.so.auxcache-2.0" + + struct aux_cache_file_entry + { +-- +2.27.0 + diff --git a/elf-Do-not-add-a-copy-of-_dl_find_object-to-libc.so.patch b/elf-Do-not-add-a-copy-of-_dl_find_object-to-libc.so.patch new file mode 100644 index 0000000..948b0e0 --- /dev/null +++ b/elf-Do-not-add-a-copy-of-_dl_find_object-to-libc.so.patch @@ -0,0 +1,101 @@ +From 93fa28a752a313b28f01a2adc9dc6a84a1da9987 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Sat, 1 Feb 2025 12:37:58 +0100 +Subject: [PATCH] elf: Do not add a copy of _dl_find_object to libc.so + +This reduces code size and dependencies on ld.so internals from +libc.so. + +Fixes commit f4c142bb9fe6b02c0af8cfca8a920091e2dba44b +("arm: Use _dl_find_object on __gnu_Unwind_Find_exidx (BZ 31405)"). + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 96429bcc91a14f71b177ddc5e716de3069060f2c) +--- + elf/Makefile | 2 +- + elf/dl-find_object.c | 5 ++--- + include/dlfcn.h | 3 +-- + sysdeps/arm/find_exidx.c | 3 ++- + 4 files changed, 6 insertions(+), 7 deletions(-) + +diff --git a/elf/Makefile b/elf/Makefile +index 59b6ca73c7..ff14e80900 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -34,7 +34,6 @@ routines = \ + dl-addr \ + dl-addr-obj \ + dl-early_allocate \ +- dl-find_object \ + dl-iteratephdr \ + dl-libc \ + dl-origin \ +@@ -61,6 +60,7 @@ dl-routines = \ + dl-deps \ + dl-exception \ + dl-execstack \ ++ dl-find_object \ + dl-fini \ + dl-init \ + dl-load \ +diff --git a/elf/dl-find_object.c b/elf/dl-find_object.c +index 5885655026..c1390ee10f 100644 +--- a/elf/dl-find_object.c ++++ b/elf/dl-find_object.c +@@ -356,7 +356,7 @@ _dlfo_lookup (uintptr_t pc, struct dl_find_object_internal *first1, size_t size) + } + + int +-__dl_find_object (void *pc1, struct dl_find_object *result) ++_dl_find_object (void *pc1, struct dl_find_object *result) + { + uintptr_t pc = (uintptr_t) pc1; + +@@ -463,8 +463,7 @@ __dl_find_object (void *pc1, struct dl_find_object *result) + return -1; + } /* Transaction retry loop. */ + } +-hidden_def (__dl_find_object) +-weak_alias (__dl_find_object, _dl_find_object) ++rtld_hidden_def (_dl_find_object) + + /* _dlfo_process_initial is called twice. First to compute the array + sizes from the initial loaded mappings. Second to fill in the +diff --git a/include/dlfcn.h b/include/dlfcn.h +index f3691439cc..ae25f05303 100644 +--- a/include/dlfcn.h ++++ b/include/dlfcn.h +@@ -4,8 +4,7 @@ + #include /* For ElfW. */ + #include + +-extern __typeof (_dl_find_object) __dl_find_object; +-hidden_proto (__dl_find_object) ++rtld_hidden_proto (_dl_find_object) + + /* Internally used flag. */ + #define __RTLD_DLOPEN 0x80000000 +diff --git a/sysdeps/arm/find_exidx.c b/sysdeps/arm/find_exidx.c +index eb56a50dc0..f23c6e8a19 100644 +--- a/sysdeps/arm/find_exidx.c ++++ b/sysdeps/arm/find_exidx.c +@@ -15,6 +15,7 @@ + License along with the GNU C Library. If not, see + . */ + ++#include + #include + + /* Find the exception index table containing PC. */ +@@ -23,7 +24,7 @@ _Unwind_Ptr + __gnu_Unwind_Find_exidx (_Unwind_Ptr pc, int * pcount) + { + struct dl_find_object data; +- if (__dl_find_object ((void *) pc, &data) < 0) ++ if (GLRO(dl_find_object) ((void *) pc, &data) < 0) + return 0; + *pcount = data.dlfo_eh_count; + return (_Unwind_Ptr) data.dlfo_eh_frame; +-- +2.27.0 + diff --git a/elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch b/elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch new file mode 100644 index 0000000..395a0a6 --- /dev/null +++ b/elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch @@ -0,0 +1,53 @@ +From ccdc4cba07684fe1397e1f5f134a0a827af98c04 Mon Sep 17 00:00:00 2001 +From: Hector Martin +Date: Tue, 28 Nov 2023 15:23:07 +0900 +Subject: [PATCH 2/9] elf: Fix TLS modid reuse generation assignment (BZ 29039) + +_dl_assign_tls_modid() assigns a slotinfo entry for a new module, but +does *not* do anything to the generation counter. The first time this +happens, the generation is zero and map_generation() returns the current +generation to be used during relocation processing. However, if +a slotinfo entry is later reused, it will already have a generation +assigned. If this generation has fallen behind the current global max +generation, then this causes an obsolete generation to be assigned +during relocation processing, as map_generation() returns this +generation if nonzero. _dl_add_to_slotinfo() eventually resets the +generation, but by then it is too late. This causes DTV updates to be +skipped, leading to NULL or broken TLS slot pointers and segfaults. + +Fix this by resetting the generation to zero in _dl_assign_tls_modid(), +so it behaves the same as the first time a slot is assigned. +_dl_add_to_slotinfo() will still assign the correct static generation +later during module load, but relocation processing will no longer use +an obsolete generation. + +Note that slotinfo entry (aka modid) reuse typically happens after a +dlclose and only TLS access via dynamic tlsdesc is affected. Because +tlsdesc is optimized to use the optional part of static TLS, dynamic +tlsdesc can be avoided by increasing the glibc.rtld.optional_static_tls +tunable to a large enough value, or by LD_PRELOAD-ing the affected +modules. + +Fixes bug 29039. + +Reviewed-by: Szabolcs Nagy +(cherry picked from commit 3921c5b40f293c57cb326f58713c924b0662ef59) +--- + elf/dl-tls.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index 99b83ca696..1f6f820819 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -154,6 +154,7 @@ _dl_assign_tls_modid (struct link_map *l) + { + /* Mark the entry as used, so any dependency see it. */ + atomic_store_relaxed (&runp->slotinfo[result - disp].map, l); ++ atomic_store_relaxed (&runp->slotinfo[result - disp].gen, 0); + break; + } + +-- +2.33.0 + diff --git a/elf-Fix-slow-tls-access-after-dlopen-BZ-19924.patch b/elf-Fix-slow-tls-access-after-dlopen-BZ-19924.patch new file mode 100644 index 0000000..d401ab1 --- /dev/null +++ b/elf-Fix-slow-tls-access-after-dlopen-BZ-19924.patch @@ -0,0 +1,328 @@ +From 7772f9358c9a947251196ea7844b339f0a423ff6 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Tue, 16 Feb 2021 12:55:13 +0000 +Subject: [PATCH] elf: Fix slow tls access after dlopen [BZ #19924] + +In short: __tls_get_addr checks the global generation counter and if +the current dtv is older then _dl_update_slotinfo updates dtv up to the +generation of the accessed module. So if the global generation is newer +than generation of the module then __tls_get_addr keeps hitting the +slow dtv update path. The dtv update path includes a number of checks +to see if any update is needed and this already causes measurable tls +access slow down after dlopen. + +It may be possible to detect up-to-date dtv faster. But if there are +many modules loaded (> TLS_SLOTINFO_SURPLUS) then this requires at +least walking the slotinfo list. + +This patch tries to update the dtv to the global generation instead, so +after a dlopen the tls access slow path is only hit once. The modules +with larger generation than the accessed one were not necessarily +synchronized before, so additional synchronization is needed. + +This patch uses acquire/release synchronization when accessing the +generation counter. + +Note: in the x86_64 version of dl-tls.c the generation is only loaded +once, since relaxed mo is not faster than acquire mo load. + +I have not benchmarked this. Tested by Adhemerval Zanella on aarch64, +powerpc, sparc, x86 who reported that it fixes the performance issue +of bug 19924. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit d2123d68275acc0f061e73d5f86ca504e0d5a344) +--- + elf/dl-close.c | 2 +- + elf/dl-open.c | 8 +-- + elf/dl-reloc.c | 6 +- + elf/dl-tls.c | 117 ++++++++++++++++++++----------------- + sysdeps/generic/ldsodefs.h | 3 +- + sysdeps/x86_64/dl-tls.c | 4 +- + 6 files changed, 74 insertions(+), 66 deletions(-) + +diff --git a/elf/dl-close.c b/elf/dl-close.c +index b887a44888..1c7a861db1 100644 +--- a/elf/dl-close.c ++++ b/elf/dl-close.c +@@ -703,7 +703,7 @@ _dl_close_worker (struct link_map *map, bool force) + if (__glibc_unlikely (newgen == 0)) + _dl_fatal_printf ("TLS generation counter wrapped! Please report as described in "REPORT_BUGS_TO".\n"); + /* Can be read concurrently. */ +- atomic_store_relaxed (&GL(dl_tls_generation), newgen); ++ atomic_store_release (&GL(dl_tls_generation), newgen); + + if (tls_free_end == GL(dl_tls_static_used)) + GL(dl_tls_static_used) = tls_free_start; +diff --git a/elf/dl-open.c b/elf/dl-open.c +index 2d985e21d8..351931af04 100644 +--- a/elf/dl-open.c ++++ b/elf/dl-open.c +@@ -405,7 +405,7 @@ update_tls_slotinfo (struct link_map *new) + _dl_fatal_printf (N_("\ + TLS generation counter wrapped! Please report this.")); + /* Can be read concurrently. */ +- atomic_store_relaxed (&GL(dl_tls_generation), newgen); ++ atomic_store_release (&GL(dl_tls_generation), newgen); + + /* We need a second pass for static tls data, because + _dl_update_slotinfo must not be run while calls to +@@ -422,8 +422,8 @@ TLS generation counter wrapped! Please report this.")); + now, but we can delay updating the DTV. */ + imap->l_need_tls_init = 0; + #ifdef SHARED +- /* Update the slot information data for at least the +- generation of the DSO we are allocating data for. */ ++ /* Update the slot information data for the current ++ generation. */ + + /* FIXME: This can terminate the process on memory + allocation failure. It is not possible to raise +@@ -431,7 +431,7 @@ TLS generation counter wrapped! Please report this.")); + _dl_update_slotinfo would have to be split into two + operations, similar to resize_scopes and update_scopes + above. This is related to bug 16134. */ +- _dl_update_slotinfo (imap->l_tls_modid); ++ _dl_update_slotinfo (imap->l_tls_modid, newgen); + #endif + + dl_init_static_tls (imap); +diff --git a/elf/dl-reloc.c b/elf/dl-reloc.c +index 1d558c1e0c..e5c555d82c 100644 +--- a/elf/dl-reloc.c ++++ b/elf/dl-reloc.c +@@ -112,11 +112,11 @@ _dl_try_allocate_static_tls (struct link_map *map, bool optional) + if (map->l_real->l_relocated) + { + #ifdef SHARED ++ /* Update the DTV of the current thread. Note: GL(dl_load_tls_lock) ++ is held here so normal load of the generation counter is valid. */ + if (__builtin_expect (THREAD_DTV()[0].counter != GL(dl_tls_generation), + 0)) +- /* Update the slot information data for at least the generation of +- the DSO we are allocating data for. */ +- (void) _dl_update_slotinfo (map->l_tls_modid); ++ (void) _dl_update_slotinfo (map->l_tls_modid, GL(dl_tls_generation)); + #endif + + dl_init_static_tls (map); +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index 1f6f820819..70446e71a8 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -716,57 +716,57 @@ allocate_and_init (struct link_map *map) + + + struct link_map * +-_dl_update_slotinfo (unsigned long int req_modid) ++_dl_update_slotinfo (unsigned long int req_modid, size_t new_gen) + { + struct link_map *the_map = NULL; + dtv_t *dtv = THREAD_DTV (); + +- /* The global dl_tls_dtv_slotinfo array contains for each module +- index the generation counter current when the entry was created. ++ /* CONCURRENCY NOTES: ++ ++ The global dl_tls_dtv_slotinfo_list array contains for each module ++ index the generation counter current when that entry was updated. + This array never shrinks so that all module indices which were +- valid at some time can be used to access it. Before the first +- use of a new module index in this function the array was extended +- appropriately. Access also does not have to be guarded against +- modifications of the array. It is assumed that pointer-size +- values can be read atomically even in SMP environments. It is +- possible that other threads at the same time dynamically load +- code and therefore add to the slotinfo list. This is a problem +- since we must not pick up any information about incomplete work. +- The solution to this is to ignore all dtv slots which were +- created after the one we are currently interested. We know that +- dynamic loading for this module is completed and this is the last +- load operation we know finished. */ +- unsigned long int idx = req_modid; ++ valid at some time can be used to access it. Concurrent loading ++ and unloading of modules can update slotinfo entries or extend ++ the array. The updates happen under the GL(dl_load_tls_lock) and ++ finish with the release store of the generation counter to ++ GL(dl_tls_generation) which is synchronized with the load of ++ new_gen in the caller. So updates up to new_gen are synchronized ++ but updates for later generations may not be. ++ ++ Here we update the thread dtv from old_gen (== dtv[0].counter) to ++ new_gen generation. For this, each dtv[i] entry is either set to ++ an unallocated state (set), or left unmodified (nop). Where (set) ++ may resize the dtv first if modid i >= dtv[-1].counter. The rules ++ for the decision between (set) and (nop) are ++ ++ (1) If slotinfo entry i is concurrently updated then either (set) ++ or (nop) is valid: TLS access cannot use dtv[i] unless it is ++ synchronized with a generation > new_gen. ++ ++ Otherwise, if the generation of slotinfo entry i is gen and the ++ loaded module for this entry is map then ++ ++ (2) If gen <= old_gen then do (nop). ++ ++ (3) If old_gen < gen <= new_gen then ++ (3.1) if map != 0 then (set) ++ (3.2) if map == 0 then either (set) or (nop). ++ ++ Note that (1) cannot be reliably detected, but since both actions ++ are valid it does not have to be. Only (2) and (3.1) cases need ++ to be distinguished for which relaxed mo access of gen and map is ++ enough: their value is synchronized when it matters. ++ ++ Note that a relaxed mo load may give an out-of-thin-air value since ++ it is used in decisions that can affect concurrent stores. But this ++ should only happen if the OOTA value causes UB that justifies the ++ concurrent store of the value. This is not expected to be an issue ++ in practice. */ + struct dtv_slotinfo_list *listp = GL(dl_tls_dtv_slotinfo_list); + +- while (idx >= listp->len) ++ if (dtv[0].counter < new_gen) + { +- idx -= listp->len; +- listp = listp->next; +- } +- +- if (dtv[0].counter < listp->slotinfo[idx].gen) +- { +- /* CONCURRENCY NOTES: +- +- Here the dtv needs to be updated to new_gen generation count. +- +- This code may be called during TLS access when GL(dl_load_tls_lock) +- is not held. In that case the user code has to synchronize with +- dlopen and dlclose calls of relevant modules. A module m is +- relevant if the generation of m <= new_gen and dlclose of m is +- synchronized: a memory access here happens after the dlopen and +- before the dlclose of relevant modules. The dtv entries for +- relevant modules need to be updated, other entries can be +- arbitrary. +- +- This e.g. means that the first part of the slotinfo list can be +- accessed race free, but the tail may be concurrently extended. +- Similarly relevant slotinfo entries can be read race free, but +- other entries are racy. However updating a non-relevant dtv +- entry does not affect correctness. For a relevant module m, +- max_modid >= modid of m. */ +- size_t new_gen = listp->slotinfo[idx].gen; + size_t total = 0; + size_t max_modid = atomic_load_relaxed (&GL(dl_tls_max_dtv_idx)); + assert (max_modid >= req_modid); +@@ -779,31 +779,33 @@ _dl_update_slotinfo (unsigned long int req_modid) + { + size_t modid = total + cnt; + +- /* Later entries are not relevant. */ ++ /* Case (1) for all later modids. */ + if (modid > max_modid) + break; + + size_t gen = atomic_load_relaxed (&listp->slotinfo[cnt].gen); + ++ /* Case (1). */ + if (gen > new_gen) +- /* Not relevant. */ + continue; + +- /* If the entry is older than the current dtv layout we +- know we don't have to handle it. */ ++ /* Case (2) or (1). */ + if (gen <= dtv[0].counter) + continue; + ++ /* Case (3) or (1). */ ++ + /* If there is no map this means the entry is empty. */ + struct link_map *map + = atomic_load_relaxed (&listp->slotinfo[cnt].map); + /* Check whether the current dtv array is large enough. */ + if (dtv[-1].counter < modid) + { ++ /* Case (3.2) or (1). */ + if (map == NULL) + continue; + +- /* Resize the dtv. */ ++ /* Resizing the dtv aborts on failure: bug 16134. */ + dtv = _dl_resize_dtv (dtv, max_modid); + + assert (modid <= dtv[-1].counter); +@@ -814,7 +816,7 @@ _dl_update_slotinfo (unsigned long int req_modid) + } + + /* If there is currently memory allocate for this +- dtv entry free it. */ ++ dtv entry free it. Note: this is not AS-safe. */ + /* XXX Ideally we will at some point create a memory + pool. */ + free (dtv[modid].pointer.to_free); +@@ -909,9 +911,9 @@ tls_get_addr_tail (GET_ADDR_ARGS, dtv_t *dtv, struct link_map *the_map) + + static struct link_map * + __attribute_noinline__ +-update_get_addr (GET_ADDR_ARGS) ++update_get_addr (GET_ADDR_ARGS, size_t gen) + { +- struct link_map *the_map = _dl_update_slotinfo (GET_ADDR_MODULE); ++ struct link_map *the_map = _dl_update_slotinfo (GET_ADDR_MODULE, gen); + dtv_t *dtv = THREAD_DTV (); + + void *p = dtv[GET_ADDR_MODULE].pointer.val; +@@ -941,12 +943,17 @@ __tls_get_addr (GET_ADDR_ARGS) + dtv_t *dtv = THREAD_DTV (); + + /* Update is needed if dtv[0].counter < the generation of the accessed +- module. The global generation counter is used here as it is easier +- to check. Synchronization for the relaxed MO access is guaranteed +- by user code, see CONCURRENCY NOTES in _dl_update_slotinfo. */ ++ module, but the global generation counter is easier to check (which ++ must be synchronized up to the generation of the accessed module by ++ user code doing the TLS access so relaxed mo read is enough). */ + size_t gen = atomic_load_relaxed (&GL(dl_tls_generation)); + if (__glibc_unlikely (dtv[0].counter != gen)) +- return update_get_addr (GET_ADDR_PARAM); ++ { ++ /* Update DTV up to the global generation, see CONCURRENCY NOTES ++ in _dl_update_slotinfo. */ ++ gen = atomic_load_acquire (&GL(dl_tls_generation)); ++ return update_get_addr (GET_ADDR_PARAM, gen); ++ } + + void *p = dtv[GET_ADDR_MODULE].pointer.val; + +diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h +index e8b7359b04..ed69c6babd 100644 +--- a/sysdeps/generic/ldsodefs.h ++++ b/sysdeps/generic/ldsodefs.h +@@ -1251,7 +1251,8 @@ extern void _dl_add_to_slotinfo (struct link_map *l, bool do_add) + + /* Update slot information data for at least the generation of the + module with the given index. */ +-extern struct link_map *_dl_update_slotinfo (unsigned long int req_modid) ++extern struct link_map *_dl_update_slotinfo (unsigned long int req_modid, ++ size_t gen) + attribute_hidden; + + /* Look up the module's TLS block as for __tls_get_addr, +diff --git a/sysdeps/x86_64/dl-tls.c b/sysdeps/x86_64/dl-tls.c +index 7a7fe38625..e9b6ab9970 100644 +--- a/sysdeps/x86_64/dl-tls.c ++++ b/sysdeps/x86_64/dl-tls.c +@@ -40,9 +40,9 @@ __tls_get_addr_slow (GET_ADDR_ARGS) + { + dtv_t *dtv = THREAD_DTV (); + +- size_t gen = atomic_load_relaxed (&GL(dl_tls_generation)); ++ size_t gen = atomic_load_acquire (&GL(dl_tls_generation)); + if (__glibc_unlikely (dtv[0].counter != gen)) +- return update_get_addr (GET_ADDR_PARAM); ++ return update_get_addr (GET_ADDR_PARAM, gen); + + return tls_get_addr_tail (GET_ADDR_PARAM, dtv, NULL); + } +-- +2.27.0 + diff --git a/elf-Fix-subprocess-status-handling-for-tst-dlopen-sg.patch b/elf-Fix-subprocess-status-handling-for-tst-dlopen-sg.patch new file mode 100644 index 0000000..d3b034b --- /dev/null +++ b/elf-Fix-subprocess-status-handling-for-tst-dlopen-sg.patch @@ -0,0 +1,62 @@ +From ca7e32d024fa7cc214a51213703f49703e1ab921 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 21 May 2025 08:43:32 +0200 +Subject: [PATCH] elf: Fix subprocess status handling for tst-dlopen-sgid (bug + 32987) + +This should really move into support_capture_subprogram_self_sgid. + +Reviewed-by: Sam James +(cherry picked from commit 35fc356fa3b4f485bd3ba3114c9f774e5df7d3c2) +--- + NEWS | 1 + + elf/tst-dlopen-sgid.c | 12 ++++++++++-- + 2 files changed, 11 insertions(+), 2 deletions(-) + +diff --git a/NEWS b/NEWS +index 3e511d6de4..f18319f003 100644 +--- a/NEWS ++++ b/NEWS +@@ -67,6 +67,7 @@ The following bugs are resolved with this release: + [32231] elf: Change ldconfig auxcache magic number + [32470] x86: Avoid integer truncation with large cache sizes + [32582] Fix underallocation of abort_msg_s struct (CVE-2025-0395) ++ [32987] elf: Fix subprocess status handling for tst-dlopen-sgid + + Version 2.38 + +diff --git a/elf/tst-dlopen-sgid.c b/elf/tst-dlopen-sgid.c +index 47829a405e..5688b79f2e 100644 +--- a/elf/tst-dlopen-sgid.c ++++ b/elf/tst-dlopen-sgid.c +@@ -26,6 +26,8 @@ + #include + #include + #include ++#include ++#include + #include + + /* This is the name of our test object. Use a custom module for +@@ -66,10 +68,16 @@ do_test (void) + free (from); + } + +- TEST_COMPARE (support_capture_subprogram_self_sgid (magic_argument), 0); +- + free (libdir); + ++ int status = support_capture_subprogram_self_sgid (magic_argument); ++ ++ if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) ++ return EXIT_UNSUPPORTED; ++ ++ if (!WIFEXITED (status)) ++ FAIL_EXIT1 ("Unexpected exit status %d from child process\n", status); ++ + return 0; + } + +-- +2.27.0 + diff --git a/elf-Fix-wrong-break-removal-from-8ee878592c.patch b/elf-Fix-wrong-break-removal-from-8ee878592c.patch new file mode 100644 index 0000000..b7afc64 --- /dev/null +++ b/elf-Fix-wrong-break-removal-from-8ee878592c.patch @@ -0,0 +1,26 @@ +From bf5aa419cbf545d2cd09dc097e518033d6e4df5e Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Thu, 7 Dec 2023 11:17:35 -0300 +Subject: [PATCH] elf: Fix wrong break removal from 8ee878592c + +Reported-by: Alexander Monakov +(cherry picked from commit 546a1ba664626603660b595662249d524e429013) +--- + elf/readelflib.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/elf/readelflib.c b/elf/readelflib.c +index f5b8c80e38..64f1d662a9 100644 +--- a/elf/readelflib.c ++++ b/elf/readelflib.c +@@ -107,6 +107,7 @@ process_elf_file (const char *file_name, const char *lib, int *flag, + case PT_INTERP: + program_interpreter = (char *) (file_contents + segment->p_offset); + check_ptr (program_interpreter); ++ break; + + case PT_GNU_PROPERTY: + /* The NT_GNU_PROPERTY_TYPE_0 note must be aligned to 4 bytes +-- +2.33.0 + diff --git a/elf-Support-recursive-use-of-dynamic-TLS-in-interpos.patch b/elf-Support-recursive-use-of-dynamic-TLS-in-interpos.patch new file mode 100644 index 0000000..c60cbb7 --- /dev/null +++ b/elf-Support-recursive-use-of-dynamic-TLS-in-interpos.patch @@ -0,0 +1,521 @@ +From 549e7f7c5a94f5ccbab2ad5f1babca05028a31c7 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 1 Jul 2024 17:42:04 +0200 +Subject: [PATCH] elf: Support recursive use of dynamic TLS in interposed + malloc + +It turns out that quite a few applications use bundled mallocs that +have been built to use global-dynamic TLS (instead of the recommended +initial-exec TLS). The previous workaround from +commit afe42e935b3ee97bac9a7064157587777259c60e ("elf: Avoid some +free (NULL) calls in _dl_update_slotinfo") does not fix all +encountered cases unfortunatelly. + +This change avoids the TLS generation update for recursive use +of TLS from a malloc that was called during a TLS update. This +is possible because an interposed malloc has a fixed module ID and +TLS slot. (It cannot be unloaded.) If an initially-loaded module ID +is encountered in __tls_get_addr and the dynamic linker is already +in the middle of a TLS update, use the outdated DTV, thus avoiding +another call into malloc. It's still necessary to update the +DTV to the most recent generation, to get out of the slow path, +which is why the check for recursion is needed. + +The bookkeeping is done using a global counter instead of per-thread +flag because TLS access in the dynamic linker is tricky. + +All this will go away once the dynamic linker stops using malloc +for TLS, likely as part of a change that pre-allocates all TLS +during pthread_create/dlopen. + +Fixes commit d2123d68275acc0f061e73d5f86ca504e0d5a344 ("elf: Fix slow +tls access after dlopen [BZ #19924]"). + +Reviewed-by: Szabolcs Nagy +(cherry picked from commit 018f0fc3b818d4d1460a4e2384c24802504b1d20) + +Conflict: adapt file "elf/Makefile" for patch "elf: Switch to main +malloc after final ld.so self-relocation" +--- + elf/Makefile | 26 +++++++++ + elf/dl-tls.c | 95 +++++++++++++++++++++++++++++--- + elf/rtld.c | 2 + + elf/tst-recursive-tls.c | 60 ++++++++++++++++++++ + elf/tst-recursive-tlsmallocmod.c | 64 +++++++++++++++++++++ + elf/tst-recursive-tlsmodN.c | 28 ++++++++++ + sysdeps/generic/ldsodefs.h | 14 +++++ + sysdeps/x86_64/dl-tls.c | 5 +- + 8 files changed, 284 insertions(+), 10 deletions(-) + create mode 100644 elf/tst-recursive-tls.c + create mode 100644 elf/tst-recursive-tlsmallocmod.c + create mode 100644 elf/tst-recursive-tlsmodN.c + +diff --git a/elf/Makefile b/elf/Makefile +index ea98cba8..391f29e9 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -433,6 +433,7 @@ tests += \ + tst-p_align1 \ + tst-p_align2 \ + tst-p_align3 \ ++ tst-recursive-tls \ + tst-relsort1 \ + tst-ro-dynamic \ + tst-rtld-no-malloc \ +@@ -865,6 +866,23 @@ modules-names += \ + tst-null-argv-lib \ + tst-p_alignmod-base \ + tst-p_alignmod3 \ ++ tst-recursive-tlsmallocmod \ ++ tst-recursive-tlsmod0 \ ++ tst-recursive-tlsmod1 \ ++ tst-recursive-tlsmod2 \ ++ tst-recursive-tlsmod3 \ ++ tst-recursive-tlsmod4 \ ++ tst-recursive-tlsmod5 \ ++ tst-recursive-tlsmod6 \ ++ tst-recursive-tlsmod7 \ ++ tst-recursive-tlsmod8 \ ++ tst-recursive-tlsmod9 \ ++ tst-recursive-tlsmod10 \ ++ tst-recursive-tlsmod11 \ ++ tst-recursive-tlsmod12 \ ++ tst-recursive-tlsmod13 \ ++ tst-recursive-tlsmod14 \ ++ tst-recursive-tlsmod15 \ + tst-relsort1mod1 \ + tst-relsort1mod2 \ + tst-ro-dynamic-mod \ +@@ -3042,6 +3060,14 @@ CFLAGS-tst-tlsgap-mod1.c += -mtls-dialect=gnu2 + CFLAGS-tst-tlsgap-mod2.c += -mtls-dialect=gnu2 + endif + ++$(objpfx)tst-recursive-tls: $(objpfx)tst-recursive-tlsmallocmod.so ++# More objects than DTV_SURPLUS, to trigger DTV reallocation. ++$(objpfx)tst-recursive-tls.out: \ ++ $(patsubst %,$(objpfx)tst-recursive-tlsmod%.so, \ ++ 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15) ++$(objpfx)tst-recursive-tlsmod%.os: tst-recursive-tlsmodN.c ++ $(compile-command.c) -DVAR=thread_$* -DFUNC=get_threadvar_$* ++ + # Reuse an audit module which provides ample debug logging. + tst-rtld-no-malloc-audit-ENV = LD_AUDIT=$(objpfx)tst-auditmod1.so + +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index de016831..59d4021e 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -75,6 +75,31 @@ + /* Default for dl_tls_static_optional. */ + #define OPTIONAL_TLS 512 + ++/* Used to count the number of threads currently executing dynamic TLS ++ updates. Used to avoid recursive malloc calls in __tls_get_addr ++ for an interposed malloc that uses global-dynamic TLS (which is not ++ recommended); see _dl_tls_allocate_active checks. This could be a ++ per-thread flag, but would need TLS access in the dynamic linker. */ ++unsigned int _dl_tls_threads_in_update; ++ ++static inline void ++_dl_tls_allocate_begin (void) ++{ ++ atomic_fetch_add_relaxed (&_dl_tls_threads_in_update, 1); ++} ++ ++static inline void ++_dl_tls_allocate_end (void) ++{ ++ atomic_fetch_add_relaxed (&_dl_tls_threads_in_update, -1); ++} ++ ++static inline bool ++_dl_tls_allocate_active (void) ++{ ++ return atomic_load_relaxed (&_dl_tls_threads_in_update) > 0; ++} ++ + /* Compute the static TLS surplus based on the namespace count and the + TLS space that can be used for optimizations. */ + static inline int +@@ -425,12 +450,18 @@ _dl_allocate_tls_storage (void) + size += TLS_PRE_TCB_SIZE; + #endif + +- /* Perform the allocation. Reserve space for the required alignment +- and the pointer to the original allocation. */ ++ /* Reserve space for the required alignment and the pointer to the ++ original allocation. */ + size_t alignment = GLRO (dl_tls_static_align); ++ ++ /* Perform the allocation. */ ++ _dl_tls_allocate_begin (); + void *allocated = malloc (size + alignment + sizeof (void *)); + if (__glibc_unlikely (allocated == NULL)) +- return NULL; ++ { ++ _dl_tls_allocate_end (); ++ return NULL; ++ } + + /* Perform alignment and allocate the DTV. */ + #if TLS_TCB_AT_TP +@@ -466,6 +497,8 @@ _dl_allocate_tls_storage (void) + result = allocate_dtv (result); + if (result == NULL) + free (allocated); ++ ++ _dl_tls_allocate_end (); + return result; + } + +@@ -483,6 +516,7 @@ _dl_resize_dtv (dtv_t *dtv, size_t max_modid) + size_t newsize = max_modid + DTV_SURPLUS; + size_t oldsize = dtv[-1].counter; + ++ _dl_tls_allocate_begin (); + if (dtv == GL(dl_initial_dtv)) + { + /* This is the initial dtv that was either statically allocated in +@@ -502,6 +536,7 @@ _dl_resize_dtv (dtv_t *dtv, size_t max_modid) + if (newp == NULL) + oom (); + } ++ _dl_tls_allocate_end (); + + newp[0].counter = newsize; + +@@ -676,7 +711,9 @@ allocate_dtv_entry (size_t alignment, size_t size) + if (powerof2 (alignment) && alignment <= _Alignof (max_align_t)) + { + /* The alignment is supported by malloc. */ ++ _dl_tls_allocate_begin (); + void *ptr = malloc (size); ++ _dl_tls_allocate_end (); + return (struct dtv_pointer) { ptr, ptr }; + } + +@@ -688,7 +725,10 @@ allocate_dtv_entry (size_t alignment, size_t size) + + /* Perform the allocation. This is the pointer we need to free + later. */ ++ _dl_tls_allocate_begin (); + void *start = malloc (alloc_size); ++ _dl_tls_allocate_end (); ++ + if (start == NULL) + return (struct dtv_pointer) {}; + +@@ -826,7 +866,11 @@ _dl_update_slotinfo (unsigned long int req_modid, size_t new_gen) + free implementation. Checking here papers over at + least some dynamic TLS usage by interposed mallocs. */ + if (dtv[modid].pointer.to_free != NULL) +- free (dtv[modid].pointer.to_free); ++ { ++ _dl_tls_allocate_begin (); ++ free (dtv[modid].pointer.to_free); ++ _dl_tls_allocate_end (); ++ } + dtv[modid].pointer.val = TLS_DTV_UNALLOCATED; + dtv[modid].pointer.to_free = NULL; + +@@ -956,10 +1000,22 @@ __tls_get_addr (GET_ADDR_ARGS) + size_t gen = atomic_load_relaxed (&GL(dl_tls_generation)); + if (__glibc_unlikely (dtv[0].counter != gen)) + { +- /* Update DTV up to the global generation, see CONCURRENCY NOTES +- in _dl_update_slotinfo. */ +- gen = atomic_load_acquire (&GL(dl_tls_generation)); +- return update_get_addr (GET_ADDR_PARAM, gen); ++ if (_dl_tls_allocate_active () ++ && GET_ADDR_MODULE < _dl_tls_initial_modid_limit) ++ /* This is a reentrant __tls_get_addr call, but we can ++ satisfy it because it's an initially-loaded module ID. ++ These TLS slotinfo slots do not change, so the ++ out-of-date generation counter does not matter. However, ++ if not in a TLS update, still update_get_addr below, to ++ get off the slow path eventually. */ ++ ; ++ else ++ { ++ /* Update DTV up to the global generation, see CONCURRENCY NOTES ++ in _dl_update_slotinfo. */ ++ gen = atomic_load_acquire (&GL(dl_tls_generation)); ++ return update_get_addr (GET_ADDR_PARAM, gen); ++ } + } + + void *p = dtv[GET_ADDR_MODULE].pointer.val; +@@ -969,7 +1025,7 @@ __tls_get_addr (GET_ADDR_ARGS) + + return (char *) p + GET_ADDR_OFFSET; + } +-#endif ++#endif /* SHARED */ + + + /* Look up the module's TLS block as for __tls_get_addr, +@@ -1018,6 +1074,25 @@ _dl_tls_get_addr_soft (struct link_map *l) + return data; + } + ++size_t _dl_tls_initial_modid_limit; ++ ++void ++_dl_tls_initial_modid_limit_setup (void) ++{ ++ struct dtv_slotinfo_list *listp = GL(dl_tls_dtv_slotinfo_list); ++ size_t idx; ++ for (idx = 0; idx < listp->len; ++idx) ++ { ++ struct link_map *l = listp->slotinfo[idx].map; ++ if (l == NULL ++ /* The object can be unloaded, so its modid can be ++ reassociated. */ ++ || !(l->l_type == lt_executable || l->l_type == lt_library)) ++ break; ++ } ++ _dl_tls_initial_modid_limit = idx; ++} ++ + + void + _dl_add_to_slotinfo (struct link_map *l, bool do_add) +@@ -1050,9 +1125,11 @@ _dl_add_to_slotinfo (struct link_map *l, bool do_add) + the first slot. */ + assert (idx == 0); + ++ _dl_tls_allocate_begin (); + listp = (struct dtv_slotinfo_list *) + malloc (sizeof (struct dtv_slotinfo_list) + + TLS_SLOTINFO_SURPLUS * sizeof (struct dtv_slotinfo)); ++ _dl_tls_allocate_end (); + if (listp == NULL) + { + /* We ran out of memory while resizing the dtv slotinfo list. */ +diff --git a/elf/rtld.c b/elf/rtld.c +index 558733b8..0a1e202c 100644 +--- a/elf/rtld.c ++++ b/elf/rtld.c +@@ -789,6 +789,8 @@ init_tls (size_t naudit) + _dl_fatal_printf ("\ + cannot allocate TLS data structures for initial thread\n"); + ++ _dl_tls_initial_modid_limit_setup (); ++ + /* Store for detection of the special case by __tls_get_addr + so it knows not to pass this dtv to the normal realloc. */ + GL(dl_initial_dtv) = GET_DTV (tcbp); +diff --git a/elf/tst-recursive-tls.c b/elf/tst-recursive-tls.c +new file mode 100644 +index 00000000..716d1f78 +--- /dev/null ++++ b/elf/tst-recursive-tls.c +@@ -0,0 +1,60 @@ ++/* Test with interposed malloc with dynamic TLS. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++/* Defined in tst-recursive-tlsmallocmod.so. */ ++extern __thread unsigned int malloc_subsytem_counter; ++ ++static int ++do_test (void) ++{ ++ /* 16 is large enough to exercise the DTV resizing case. */ ++ void *handles[16]; ++ ++ for (unsigned int i = 0; i < array_length (handles); ++i) ++ { ++ /* Re-use the TLS slot for module 0. */ ++ if (i > 0) ++ xdlclose (handles[0]); ++ ++ char soname[30]; ++ snprintf (soname, sizeof (soname), "tst-recursive-tlsmod%u.so", i); ++ handles[i] = xdlopen (soname, RTLD_NOW); ++ ++ if (i > 0) ++ { ++ handles[0] = xdlopen ("tst-recursive-tlsmod0.so", RTLD_NOW); ++ int (*fptr) (void) = xdlsym (handles[0], "get_threadvar_0"); ++ /* May trigger TLS storage allocation using malloc. */ ++ TEST_COMPARE (fptr (), 0); ++ } ++ } ++ ++ for (unsigned int i = 0; i < array_length (handles); ++i) ++ xdlclose (handles[i]); ++ ++ printf ("info: malloc subsystem calls: %u\n", malloc_subsytem_counter); ++ TEST_VERIFY (malloc_subsytem_counter > 0); ++ return 0; ++} ++ ++#include +diff --git a/elf/tst-recursive-tlsmallocmod.c b/elf/tst-recursive-tlsmallocmod.c +new file mode 100644 +index 00000000..c24e9945 +--- /dev/null ++++ b/elf/tst-recursive-tlsmallocmod.c +@@ -0,0 +1,64 @@ ++/* Interposed malloc with dynamic TLS. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++__thread unsigned int malloc_subsytem_counter; ++ ++static __typeof (malloc) *malloc_fptr; ++static __typeof (free) *free_fptr; ++static __typeof (calloc) *calloc_fptr; ++static __typeof (realloc) *realloc_fptr; ++ ++static void __attribute__ ((constructor)) ++init (void) ++{ ++ malloc_fptr = dlsym (RTLD_NEXT, "malloc"); ++ free_fptr = dlsym (RTLD_NEXT, "free"); ++ calloc_fptr = dlsym (RTLD_NEXT, "calloc"); ++ realloc_fptr = dlsym (RTLD_NEXT, "realloc"); ++} ++ ++void * ++malloc (size_t size) ++{ ++ ++malloc_subsytem_counter; ++ return malloc_fptr (size); ++} ++ ++void ++free (void *ptr) ++{ ++ ++malloc_subsytem_counter; ++ return free_fptr (ptr); ++} ++ ++void * ++calloc (size_t a, size_t b) ++{ ++ ++malloc_subsytem_counter; ++ return calloc_fptr (a, b); ++} ++ ++void * ++realloc (void *ptr, size_t size) ++{ ++ ++malloc_subsytem_counter; ++ return realloc_fptr (ptr, size); ++} +diff --git a/elf/tst-recursive-tlsmodN.c b/elf/tst-recursive-tlsmodN.c +new file mode 100644 +index 00000000..bb7592ae +--- /dev/null ++++ b/elf/tst-recursive-tlsmodN.c +@@ -0,0 +1,28 @@ ++/* Test module with global-dynamic TLS. Used to trigger DTV reallocation. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++/* Compiled with VAR and FUNC set via -D. FUNC requires some ++ relocation against TLS variable VAR. */ ++ ++__thread int VAR; ++ ++int ++FUNC (void) ++{ ++ return VAR; ++} +diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h +index 22fbbecd..ad271ae0 100644 +--- a/sysdeps/generic/ldsodefs.h ++++ b/sysdeps/generic/ldsodefs.h +@@ -1262,6 +1262,20 @@ extern struct link_map *_dl_update_slotinfo (unsigned long int req_modid, + size_t gen) + attribute_hidden; + ++/* The last TLS module ID that is initially loaded, plus 1. TLS ++ addresses for modules with IDs lower than that can be obtained from ++ the DTV even if its generation is outdated. */ ++extern size_t _dl_tls_initial_modid_limit attribute_hidden attribute_relro; ++ ++/* Compute _dl_tls_initial_modid_limit. To be called after initial ++ relocation. */ ++void _dl_tls_initial_modid_limit_setup (void) attribute_hidden; ++ ++/* Number of threads currently in a TLS update. This is used to ++ detect reentrant __tls_get_addr calls without a per-thread ++ flag. */ ++extern unsigned int _dl_tls_threads_in_update attribute_hidden; ++ + /* Look up the module's TLS block as for __tls_get_addr, + but never touch anything. Return null if it's not allocated yet. */ + extern void *_dl_tls_get_addr_soft (struct link_map *l) attribute_hidden; +diff --git a/sysdeps/x86_64/dl-tls.c b/sysdeps/x86_64/dl-tls.c +index e9b6ab99..c484f39e 100644 +--- a/sysdeps/x86_64/dl-tls.c ++++ b/sysdeps/x86_64/dl-tls.c +@@ -41,7 +41,10 @@ __tls_get_addr_slow (GET_ADDR_ARGS) + dtv_t *dtv = THREAD_DTV (); + + size_t gen = atomic_load_acquire (&GL(dl_tls_generation)); +- if (__glibc_unlikely (dtv[0].counter != gen)) ++ if (__glibc_unlikely (dtv[0].counter != gen) ++ /* See comment in __tls_get_addr in elf/dl-tls.c. */ ++ && !(_dl_tls_allocate_active () ++ && GET_ADDR_MODULE < _dl_tls_initial_modid_limit)) + return update_get_addr (GET_ADDR_PARAM, gen); + + return tls_get_addr_tail (GET_ADDR_PARAM, dtv, NULL); +-- +2.27.0 + diff --git a/elf-Test-case-for-bug-32976-CVE-2025-4802.patch b/elf-Test-case-for-bug-32976-CVE-2025-4802.patch new file mode 100644 index 0000000..5d5978d --- /dev/null +++ b/elf-Test-case-for-bug-32976-CVE-2025-4802.patch @@ -0,0 +1,166 @@ +From 9d7b0a0f0b5efaa1c587e39b6d4437f87f50cbe3 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 21 May 2025 10:38:17 +0800 +Subject: [PATCH] elf: Test case for bug 32976 (CVE-2025-4802) + +Check that LD_LIBRARY_PATH is ignored for AT_SECURE statically +linked binaries, using support_capture_subprogram_self_sgid. + +Reviewed-by: Carlos O'Donell +(cherry picked from commit d8f7a79335b0d861c12c42aec94c04cd5bb181e2) + +Conflict: adapt the context for "$(objpfx)tst-dlopen-sgid.out:" +--- + elf/Makefile | 4 ++ + elf/tst-dlopen-sgid-mod.c | 1 + + elf/tst-dlopen-sgid.c | 104 ++++++++++++++++++++++++++++++++++++++ + 3 files changed, 109 insertions(+) + create mode 100644 elf/tst-dlopen-sgid-mod.c + create mode 100644 elf/tst-dlopen-sgid.c + +diff --git a/elf/Makefile b/elf/Makefile +index 14f6758a..70c3a139 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -262,6 +262,7 @@ tests-static-normal := \ + tst-array1-static \ + tst-array5-static \ + tst-dl-iter-static \ ++ tst-dlopen-sgid \ + tst-dst-static \ + tst-env-setuid \ + tst-env-setuid-tunables \ +@@ -831,6 +832,7 @@ modules-names += \ + tst-dlmopen-twice-mod1 \ + tst-dlmopen-twice-mod2 \ + tst-dlmopen1mod \ ++ tst-dlopen-sgid-mod \ + tst-dlopenfaillinkmod \ + tst-dlopenfailmod1 \ + tst-dlopenfailmod2 \ +@@ -3073,3 +3075,5 @@ tst-rtld-no-malloc-audit-ENV = LD_AUDIT=$(objpfx)tst-auditmod1.so + + # Any shared object should do. + tst-rtld-no-malloc-preload-ENV = LD_PRELOAD=$(objpfx)tst-auditmod1.so ++ ++$(objpfx)tst-dlopen-sgid.out: $(objpfx)tst-dlopen-sgid-mod.so +diff --git a/elf/tst-dlopen-sgid-mod.c b/elf/tst-dlopen-sgid-mod.c +new file mode 100644 +index 00000000..5eb79eef +--- /dev/null ++++ b/elf/tst-dlopen-sgid-mod.c +@@ -0,0 +1 @@ ++/* Opening this object should not succeed. */ +diff --git a/elf/tst-dlopen-sgid.c b/elf/tst-dlopen-sgid.c +new file mode 100644 +index 00000000..47829a40 +--- /dev/null ++++ b/elf/tst-dlopen-sgid.c +@@ -0,0 +1,104 @@ ++/* Test case for ignored LD_LIBRARY_PATH in static startug (bug 32976). ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/* This is the name of our test object. Use a custom module for ++ testing, so that this object does not get picked up from the system ++ path. */ ++static const char dso_name[] = "tst-dlopen-sgid-mod.so"; ++ ++/* Used to mark the recursive invocation. */ ++static const char magic_argument[] = "run-actual-test"; ++ ++static int ++do_test (void) ++{ ++/* Pathname of the directory that receives the shared objects this ++ test attempts to load. */ ++ char *libdir = support_create_temp_directory ("tst-dlopen-sgid-"); ++ ++ /* This is supposed to be ignored and stripped. */ ++ TEST_COMPARE (setenv ("LD_LIBRARY_PATH", libdir, 1), 0); ++ ++ /* Copy of libc.so.6. */ ++ { ++ char *from = xasprintf ("%s/%s", support_objdir_root, LIBC_SO); ++ char *to = xasprintf ("%s/%s", libdir, LIBC_SO); ++ add_temp_file (to); ++ support_copy_file (from, to); ++ free (to); ++ free (from); ++ } ++ ++ /* Copy of the test object. */ ++ { ++ char *from = xasprintf ("%s/elf/%s", support_objdir_root, dso_name); ++ char *to = xasprintf ("%s/%s", libdir, dso_name); ++ add_temp_file (to); ++ support_copy_file (from, to); ++ free (to); ++ free (from); ++ } ++ ++ TEST_COMPARE (support_capture_subprogram_self_sgid (magic_argument), 0); ++ ++ free (libdir); ++ ++ return 0; ++} ++ ++static void ++alternative_main (int argc, char **argv) ++{ ++ if (argc == 2 && strcmp (argv[1], magic_argument) == 0) ++ { ++ if (getgid () == getegid ()) ++ /* This can happen if the file system is mounted nosuid. */ ++ FAIL_UNSUPPORTED ("SGID failed: GID and EGID match (%jd)\n", ++ (intmax_t) getgid ()); ++ ++ /* Should be removed due to SGID. */ ++ TEST_COMPARE_STRING (getenv ("LD_LIBRARY_PATH"), NULL); ++ ++ TEST_VERIFY (dlopen (dso_name, RTLD_NOW) == NULL); ++ { ++ const char *message = dlerror (); ++ TEST_COMPARE_STRING (message, ++ "tst-dlopen-sgid-mod.so:" ++ " cannot open shared object file:" ++ " No such file or directory"); ++ } ++ ++ support_record_failure_barrier (); ++ exit (EXIT_SUCCESS); ++ } ++} ++ ++#define PREPARE alternative_main ++#include +-- +2.27.0 + diff --git a/getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch b/getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch new file mode 100644 index 0000000..29a633d --- /dev/null +++ b/getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch @@ -0,0 +1,36 @@ +From ae1e5217021e43e1f2de443d26e87ea3adfb221c Mon Sep 17 00:00:00 2001 +From: Andreas Schwab +Date: Wed, 6 Dec 2023 14:48:22 +0100 +Subject: [PATCH 8/9] getaddrinfo: translate ENOMEM to EAI_MEMORY (bug 31163) + +When __resolv_context_get returns NULL due to out of memory, translate it +to a return value of EAI_MEMORY. + +(cherry picked from commit 5eabdb6a6ac1599d23dd5966a37417215950245f) +--- + sysdeps/posix/getaddrinfo.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c +index 13082305d3..da573bea24 100644 +--- a/sysdeps/posix/getaddrinfo.c ++++ b/sysdeps/posix/getaddrinfo.c +@@ -616,7 +616,14 @@ get_nss_addresses (const char *name, const struct addrinfo *req, + function variant. */ + res_ctx = __resolv_context_get (); + if (res_ctx == NULL) +- no_more = 1; ++ { ++ if (errno == ENOMEM) ++ { ++ result = -EAI_MEMORY; ++ goto out; ++ } ++ no_more = 1; ++ } + + while (!no_more) + { +-- +2.33.0 + diff --git a/glibc.spec b/glibc.spec index a2cb2f6..e43ada7 100644 --- a/glibc.spec +++ b/glibc.spec @@ -86,7 +86,7 @@ end} Summary: The GNU libc libraries Name: glibc Version: 2.38 -Release: 39%{?dist} +Release: 40%{?dist} License: LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL URL: http://www.gnu.org/software/glibc/ @@ -98,83 +98,220 @@ Source4: wrap-find-debuginfo.sh Source5: generate-langpack.lua Source6: nscd.conf -# CVE-2023-4911 -Patch0001: CVE-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch -Patch0002: CVE-2023-4806-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch -Patch0003: CVE-2023-5156-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch -Patch0004: CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch -Patch0005: CVE-2023-6246-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch -Patch0006: CVE-2023-6779-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch -Patch0007: CVE-2023-6780-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch -Patch0008: CVE-2024-2961-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch -Patch0010: backport-libio-Fix-oversized-__io_vtables.patch -Patch0011: CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch -Patch0012: CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch -Patch0013: CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch -Patch0014: CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two-.patch -Patch0015: backport-x86-string-Fixup-alignment-of-main-loop-in-str-n-cmp.patch -Patch0016: https://github.com/sailfishos-mirror/glibc/commit/950891b5e7a5307272da3e632832ac9da4c9eeec.patch -Patch0017: https://github.com/sailfishos-mirror/glibc/commit/6fd215d6ae9a4a6e75f7ea18d89db6a10f158eaf.patch -Patch0018: CVE-2025-0395-Fix-underallocation-of-abort_msg_s-struct-CVE-2025-0.patch -Patch0019: backport-assert-Add-test-for-CVE-2025-0395.patch -Patch0020: CVE-2025-4802-elf-Ignore-LD_LIBRARY_PATH-and-debug-env-var-for-set.patch -Patch0021: 0001-glibc-2.38-memalign_fix-1.patch -Patch0022: malloc-Use-__get_nprocs-on-arena_get2-BZ-30945.patch - -# patch 23-32 fix [BZ #25847] -Patch0023: 0001-pthreads-NPTL-lost-wakeup-fix-2.patch -Patch0024: 0002-nptl-Update-comments-and-indentation-for-new-condvar.patch -Patch0025: 0003-nptl-Remove-unnecessary-catch-all-wake-in-condvar-gr.patch -Patch0026: 0004-nptl-Remove-unnecessary-quadruple-check-in-pthread_c.patch -Patch0027: 0005-nptl-Remove-g_refs-from-condition-variables.patch -Patch0028: 0006-nptl-Use-a-single-loop-in-pthread_cond_wait-instaed-.patch -Patch0029: 0007-nptl-Fix-indentation.patch -Patch0030: 0008-nptl-rename-__condvar_quiesce_and_switch_g1.patch -Patch0031: 0009-nptl-Use-all-of-g1_start-and-g_signals.patch -Patch0032: 0010-nptl-PTHREAD_COND_INITIALIZER-compatibility-with-pre.patch -Patch0033: CVE-2025-8058-posix-Fix-double-free-after-allocation-failure-in-re.patch -Patch0034: 0001-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch -Patch0035: posix-Use-support-check.h-facilities-in-tst-truncate.patch -Patch0036: nptl-Use-support-check.h-facilities-in-tst-setuid3.patch -Patch0037: support-Add-FAIL-test-failure-helper.patch -Patch0038: https://github.com/sailfishos-mirror/glibc/commit/c69b88fc71aa5657662c5c4f176a51034b029ac4.patch -Patch0039: elf-Extract-rtld_setup_phdr-function-from-dl_main.patch -Patch0040: https://github.com/sailfishos-mirror/glibc/commit/1bdce2545588a837f4b6715a90f5a22f9fc99c46.patch - -Patch0041: sysdeps-x86-Makefile-Split-and-sort-tests.patch -Patch0042: i386-Remove-CET-support.patch -Patch0043: x86-64-Save-APX-registers-in-ld.so-trampoline.patch -Patch0044: debug-Adapt-fortify-tests-to-libsupport.patch -Patch0045: debug-Wire-up-tst-longjmp_chk3.patch -Patch0046: debug-Fix-tst-longjmp_chk3-build-failure-on-Hurd.patch -Patch0047: Remove-installed-header-rule-on-.-include-.h.patch -Patch0048: x86-cet-Check-user_shstk-in-proc-cpuinfo.patch -Patch0049: x86-cet-Don-t-assume-that-SHSTK-implies-IBT.patch -Patch0050: x86-cet-Check-legacy-shadow-stack-applications.patch -Patch0051: x86-cet-Check-CPU_FEATURE_ACTIVE-when-CET-is-disable.patch -Patch0052: x86-cet-Add-tests-for-GLIBC_TUNABLES-glibc.cpu.hwcap.patch -Patch0053: x86-cet-Check-legacy-shadow-stack-code-in-.init_arra.patch -Patch0054: x86-cet-Check-CPU_FEATURE_ACTIVE-in-permissive-mode.patch -Patch0055: x86-cet-Update-tst-cet-vfork-1.patch -Patch0056: x86-Modularize-sysdeps-x86-dl-cet.c.patch -Patch0057: x86-cet-Don-t-disable-CET-if-not-single-threaded.patch -Patch0058: x86-cet-Sync-with-Linux-kernel-6.6-shadow-stack-inte.patch -Patch0059: x86-cet-Enable-shadow-stack-during-startup.patch -Patch0060: x86-cet-Check-feature_1-in-TCB-for-active-IBT-and-SH.patch -Patch0061: x86-cet-Don-t-set-CET-active-by-default.patch -Patch0062: x86-cet-Run-some-CET-tests-with-shadow-stack.patch -Patch0063: x86-cet-Add-fcf-protection-none-before-fcf-protectio.patch -Patch0064: i386-Ignore-enable-cet.patch -Patch0065: x86-64-cet-Check-the-restore-token-in-longjmp.patch -Patch0066: i386-Fail-if-configured-with-enable-cet.patch -Patch0067: x86-64-cet-Move-dl-cet.-ch-to-x86_64-directories.patch -Patch0068: x86-Move-CET-infrastructure-to-x86_64.patch -Patch0069: x86-64-cet-Move-check-cet.awk-to-x86_64.patch -Patch0070: i386-Remove-CET-support-bits.patch -Patch0071: x86-64-cet-Make-CET-feature-check-specific-to-Linux-.patch -Patch0072: x86-cet-fix-shadow-stack-test-scripts.patch -Patch0073: x86-64-Remove-sysdeps-x86_64-x32-dl-machine.h.patch -Patch0074: x32-cet-Support-shadow-stack-during-startup-for-Linu.patch +Patch0001: stdlib-Improve-tst-realpath-compatibility-with-sourc.patch +Patch0002: 0001-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch +Patch0003: 0002-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch +Patch0004: 0003-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch +Patch0005: 0004-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch +Patch0006: 0005-i686-Fix-build-with-disable-multiarch.patch +Patch0007: malloc-Enable-merging-of-remainders-in-memalign-bug-.patch +Patch0008: malloc-Remove-bin-scanning-from-memalign-bug-30723.patch +Patch0009: 0008-sysdeps-tst-bz21269-fix-test-parameter.patch +Patch0010: 0009-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch +Patch0011: 0010-sysdeps-tst-bz21269-fix-Wreturn-type.patch +Patch0012: 0011-io-Fix-record-locking-contants-for-powerpc64-with-__.patch +Patch0013: backport-libio-Fix-oversized-__io_vtables.patch +Patch0014: 0001-elf-Do-not-run-constructors-for-proxy-objects.patch +Patch0015: 0002-elf-Always-call-destructors-in-reverse-constructor-o.patch +Patch0016: 0003-elf-Remove-unused-l_text_end-field-from-struct-link_.patch +Patch0017: 0004-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch +Patch0018: 0005-NEWS-Add-the-2.38.1-bug-list.patch +Patch0019: CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch +Patch0020: CVE-2023-4806-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch +Patch0021: 0002-iconv-restore-verbosity-with-unrecognized-encoding-n.patch +Patch0022: 0003-string-Fix-tester-build-with-fortify-enable-with-gcc.patch +Patch0023: 0004-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch +Patch0024: CVE-2023-5156-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch +Patch0025: 0002-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch +Patch0026: 0003-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch +Patch0027: CVE-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch +Patch0028: 0001-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch +Patch0029: 0002-Revert-elf-Always-call-destructors-in-reverse-constr.patch +Patch0030: 0003-Revert-elf-Move-l_init_called_next-to-old-place-of-l.patch +Patch0031: 0001-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch +Patch0032: elf-Fix-wrong-break-removal-from-8ee878592c.patch +Patch0033: backport-elf-Handle-non-directory-name-in-search-path-BZ-3103.patch +Patch0034: elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch +Patch0035: elf-Add-TLS-modid-reuse-test-for-bug-29039.patch +Patch0036: x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch +Patch0037: x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch +Patch0038: NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch +Patch0039: NEWS-Mention-bug-fixes-for-30745-30843.patch +Patch0040: getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch +Patch0041: libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch +Patch0042: elf-Add-a-way-to-check-if-tunable-is-set-BZ-27069.patch +Patch0043: malloc-Improve-MAP_HUGETLB-with-glibc.malloc.hugetlb.patch +Patch0044: CVE-2023-6246-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch +Patch0045: CVE-2023-6779-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch +Patch0046: CVE-2023-6780-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch +Patch0047: x86_64-Optimize-ffsll-function-code-size.patch +Patch0048: S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch +Patch0049: sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch +Patch0050: sparc64-Remove-unwind-information-from-signal-return.patch +Patch0051: sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch +Patch0052: sparc-Remove-unwind-information-from-signal-return-s.patch +Patch0053: arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch +Patch0054: malloc-Use-__get_nprocs-on-arena_get2-BZ-30945.patch +Patch0055: linux-Sync-Linux-6.6-elf.h.patch +Patch0056: 0001-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch +Patch0057: 0002-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch +Patch0058: 0004-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch +Patch0059: 0005-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch +Patch0060: 0006-AArch64-Cleanup-ifuncs.patch +Patch0061: 0007-AArch64-Cleanup-emag-memset.patch +Patch0062: 0008-AArch64-Add-memset_zva64.patch +Patch0063: 0009-AArch64-Remove-Falkor-memcpy.patch +Patch0064: 0010-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch +Patch0065: 0011-aarch64-fix-check-for-SVE-support-in-assembler.patch +Patch0066: 0012-AArch64-Check-kernel-version-for-SVE-ifuncs.patch +Patch0067: 0013-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch +Patch0068: CVE-2024-2961-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch +Patch0069: 0015-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch +Patch0070: 0016-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch +Patch0071: 0017-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch +Patch0072: 0018-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch +Patch0073: 0019-i386-ulp-update-for-SSE2-disable-multi-arch-configur.patch +Patch0074: CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch +Patch0075: CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch +Patch0076: CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch +Patch0077: CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two-.patch +Patch0078: 0024-elf-Also-compile-dl-misc.os-with-rtld-early-cflags.patch +Patch0079: 0025-nscd-Use-time_t-for-return-type-of-addgetnetgrentX.patch +Patch0080: 0026-resolv-Fix-some-unaligned-accesses-in-resolver-BZ-30.patch +Patch0081: Force-DT_RPATH-for-enable-hardcoded-path-in-tests.patch +Patch0082: i386-Disable-Intel-Xeon-Phi-tests-for-GCC-15-and-abo.patch +Patch0083: misc-Add-support-for-Linux-uio.h-RWF_NOAPPEND-flag.patch +Patch0084: 0001-s390x-Fix-segfault-in-wcsncmp-BZ-31934.patch +Patch0085: 0002-nptl-fix-potential-merge-of-__rseq_-relro-symbols.patch +Patch0086: 0003-elf-Make-dl-rseq-symbols-Linux-only.patch +Patch0087: 0004-Linux-Make-__rseq_size-useful-for-feature-detection-.patch +Patch0088: 0005-resolv-Allow-short-error-responses-to-match-any-quer.patch +Patch0089: 0006-resolv-Do-not-wait-for-non-existing-second-DNS-respo.patch +Patch0090: 0007-resolv-Track-single-request-fallback-via-_res._flags.patch +Patch0091: 0008-linux-Update-the-mremap-C-implementation-BZ-31968.patch +Patch0092: 0009-mremap-Update-manual-entry.patch +Patch0093: 0010-Add-mremap-tests.patch +Patch0094: 0011-Update-syscall-lists-for-Linux-6.5.patch +Patch0095: 0012-resolv-Fix-tst-resolv-short-response-for-older-GCC-b.patch +Patch0096: Fix-name-space-violation-in-fortify-wrappers-bug-320.patch +Patch0097: x86-Fix-bug-in-strchrnul-evex512-BZ-32078.patch +Patch0099: support-Add-FAIL-test-failure-helper.patch +Patch0100: stdio-common-Add-test-for-vfscanf-with-matches-longe.patch +Patch0101: Make-tst-ungetc-use-libsupport.patch +Patch0102: ungetc-Fix-uninitialized-read-when-putting-into-unus.patch +Patch0103: ungetc-Fix-backup-buffer-leak-on-program-exit-BZ-278.patch +Patch0104: posix-Use-support-check.h-facilities-in-tst-truncate.patch +Patch0105: nptl-Use-support-check.h-facilities-in-tst-setuid3.patch +Patch0106: libio-Attempt-wide-backup-free-only-for-non-legacy-c.patch +Patch0107: Add-crt1-2.0.o-for-glibc-2.0-compatibility-tests.patch +Patch0108: elf-Change-ldconfig-auxcache-magic-number-bug-32231.patch +Patch0109: backport-elf-avoid-jumping-over-a-needed-declaration.patch +Patch0110: backport-elf-Move-__rtld_malloc_init_stubs-call-into-_dl_star.patch +Patch0111: backport-elf-Handle-static-PIE-with-non-zero-load-address-BZ-.patch +Patch0112: backport-elf-Introduce-_dl_relocate_object_no_relro.patch +Patch0113: backport-elf-Switch-to-main-malloc-after-final-ld.so-self-rel.patch +Patch0114: nptl-initialize-rseq-area-prior-to-registration.patch +Patch0115: nptl-initialize-cpu_id_start-prior-to-rseq-registrat.patch +Patch0116: x86-Avoid-integer-truncation-with-large-cache-sizes-.patch +Patch0117: x86_64-Sort-fpu-multiarch-Makefile.patch +Patch0118: x86_64-Add-log2-with-FMA.patch +Patch0119: x86_64-Add-expm1-with-FMA.patch +Patch0120: x86_64-Add-log1p-with-FMA.patch +Patch0121: x86-Check-the-lower-byte-of-EAX-of-CPUID-leaf-2-BZ-3.patch +Patch0122: elf-Fix-slow-tls-access-after-dlopen-BZ-19924.patch +Patch0123: 0030-x86-Only-align-destination-to-1x-VEC_SIZE-in-memset-.patch +Patch0124: sysdeps-x86-Makefile-Split-and-sort-tests.patch +Patch0125: x86_64-Fix-missing-wcsncat-function-definition-witho.patch +Patch0126: 0022-x86-Improve-large-memset-perf-with-non-temporal-stor.patch +Patch0127: backport-x86-string-Fixup-alignment-of-main-loop-in-str-n-cmp.patch +Patch0128: elf-Avoid-some-free-NULL-calls-in-_dl_update_slotinf.patch +Patch0129: elf-Support-recursive-use-of-dynamic-TLS-in-interpos.patch +Patch0130: CVE-2025-0395-Fix-underallocation-of-abort_msg_s-struct-CVE-2025-0.patch +Patch0131: stdlib-Test-using-setenv-with-updated-environ-BZ-325.patch +Patch0132: backport-elf-Keep-using-minimal-malloc-after-early-DTV-resize.patch +Patch0133: backport-assert-Add-test-for-CVE-2025-0395.patch +Patch0134: AArch64-Improve-generic-strlen.patch +Patch0135: AArch64-Optimize-memset.patch +Patch0136: AArch64-Remove-zva_128-from-memset.patch +Patch0137: math-Improve-layout-of-expf-data.patch +Patch0138: AArch64-Add-SVE-memset.patch +Patch0139: AArch64-Use-prefer_sve_ifuncs-for-SVE-memset.patch +Patch0140: math-Improve-layout-of-exp-exp10-data.patch +Patch0141: CVE-2025-4802-elf-Ignore-LD_LIBRARY_PATH-and-debug-env-var-for-set.patch +Patch0142: support-Use-const-char-argument-in-support_capture_s.patch +Patch0143: support-Add-support_record_failure_barrier.patch +Patch0144: elf-Test-case-for-bug-32976-CVE-2025-4802.patch +Patch0145: x86_64-Fix-typo-in-ifunc-impl-list.c.patch +Patch0146: elf-Fix-subprocess-status-handling-for-tst-dlopen-sg.patch +Patch0147: support-Pick-group-in-support_capture_subprogram_sel.patch +Patch0148: Fix-error-reporting-false-negatives-in-SGID-tests.patch +Patch0149: 0001-pthreads-NPTL-lost-wakeup-fix-2.patch +Patch0150: 0002-nptl-Update-comments-and-indentation-for-new-condvar.patch +Patch0151: 0003-nptl-Remove-unnecessary-catch-all-wake-in-condvar-gr.patch +Patch0152: 0004-nptl-Remove-unnecessary-quadruple-check-in-pthread_c.patch +Patch0153: 0005-nptl-Remove-g_refs-from-condition-variables.patch +Patch0154: 0006-nptl-Use-a-single-loop-in-pthread_cond_wait-instaed-.patch +Patch0155: 0007-nptl-Fix-indentation.patch +Patch0156: 0008-nptl-rename-__condvar_quiesce_and_switch_g1.patch +Patch0157: 0009-nptl-Use-all-of-g1_start-and-g_signals.patch +Patch0158: 0010-nptl-PTHREAD_COND_INITIALIZER-compatibility-with-pre.patch +Patch0159: malloc-add-indirection-for-malloc-like-functions-in-.patch +Patch0160: malloc-obscure-calloc-use-in-tst-calloc.patch +Patch0161: malloc-cleanup-casts-in-tst-calloc.patch +Patch0162: CVE-2025-8058-posix-Fix-double-free-after-allocation-failure-in-re.patch +Patch0163: arm-Use-_dl_find_object-on-__gnu_Unwind_Find_exidx-B.patch +Patch0164: elf-Do-not-add-a-copy-of-_dl_find_object-to-libc.so.patch +Patch0165: elf-Extract-rtld_setup_phdr-function-from-dl_main.patch +Patch0166: 1bdce2545588a837f4b6715a90f5a22f9fc99c46.patch +Patch0167: c69b88fc71aa5657662c5c4f176a51034b029ac4.patch +Patch0168: i386-Remove-CET-support.patch +Patch0169: x86-64-Save-APX-registers-in-ld.so-trampoline.patch +Patch0170: debug-Adapt-fortify-tests-to-libsupport.patch +Patch0171: debug-Wire-up-tst-longjmp_chk3.patch +Patch0172: debug-Fix-tst-longjmp_chk3-build-failure-on-Hurd.patch +Patch0173: Remove-installed-header-rule-on-.-include-.h.patch +Patch0174: Update-syscall-lists-for-Linux-6.6.patch +Patch0175: Update-syscall-lists-for-Linux-6.7.patch +Patch0176: x86-cet-Check-user_shstk-in-proc-cpuinfo.patch +Patch0177: x86-cet-Don-t-assume-that-SHSTK-implies-IBT.patch +Patch0178: x86-cet-Check-legacy-shadow-stack-applications.patch +Patch0179: x86-cet-Check-CPU_FEATURE_ACTIVE-when-CET-is-disable.patch +Patch0180: x86-cet-Add-tests-for-GLIBC_TUNABLES-glibc.cpu.hwcap.patch +Patch0181: x86-cet-Check-legacy-shadow-stack-code-in-.init_arra.patch +Patch0182: x86-cet-Check-CPU_FEATURE_ACTIVE-in-permissive-mode.patch +Patch0183: x86-cet-Update-tst-cet-vfork-1.patch +Patch0184: x86-Modularize-sysdeps-x86-dl-cet.c.patch +Patch0185: x86-cet-Don-t-disable-CET-if-not-single-threaded.patch +Patch0186: x86-cet-Sync-with-Linux-kernel-6.6-shadow-stack-inte.patch +Patch0187: x86-cet-Enable-shadow-stack-during-startup.patch +Patch0188: x86-cet-Check-feature_1-in-TCB-for-active-IBT-and-SH.patch +Patch0189: x86-cet-Don-t-set-CET-active-by-default.patch +Patch0190: x86-cet-Run-some-CET-tests-with-shadow-stack.patch +Patch0191: x86-cet-Add-fcf-protection-none-before-fcf-protectio.patch +Patch0192: i386-Ignore-enable-cet.patch +Patch0193: x86-64-cet-Check-the-restore-token-in-longjmp.patch +Patch0194: i386-Fail-if-configured-with-enable-cet.patch +Patch0195: x86-64-cet-Move-dl-cet.-ch-to-x86_64-directories.patch +Patch0196: x86-Move-CET-infrastructure-to-x86_64.patch +Patch0197: x86-64-cet-Move-check-cet.awk-to-x86_64.patch +Patch0198: i386-Remove-CET-support-bits.patch +Patch0199: x86-64-cet-Make-CET-feature-check-specific-to-Linux-.patch +Patch0200: x86-cet-fix-shadow-stack-test-scripts.patch +Patch0201: x86-64-Remove-sysdeps-x86_64-x32-dl-machine.h.patch +Patch0202: x32-cet-Support-shadow-stack-during-startup-for-Linu.patch +Patch0203: 88866d885c7acd2b74e4f78a35fbd7ac251ebc1f.patch +Patch0204: 6f076f136680905b56cc816a01674550d2c17bf4.patch +Patch0205: 2ce5eb61fc2845b7f80dba7c56bd7f7a55b63a59.patch +Patch0206: Apply-the-Makefile-sorting-fix.patch +Patch0207: 5cb05015c9b28ea521d816237805fbbee5224c86.patch +Patch0208: e925c13e039df061c7bf48e458e9ea26fa3ca8a3.patch +Patch0209: 2d34e48a2858ae901b4cf532a5d7a88931f1c149.patch +Patch0210: i386-Update-___tls_get_addr-to-preserve-vector-regis.patch +Patch0211: 3f0dd818e54157d6042c4a03b07d93f05d1e492a.patch +Patch0212: i386-Also-add-GLIBC_ABI_GNU2_TLS-version-BZ-33129.patch +Patch0213: i386-Add-GLIBC_ABI_GNU_TLS-version-BZ-33221.patch +Patch0214: 950891b5e7a5307272da3e632832ac9da4c9eeec.patch +Patch0215: 6fd215d6ae9a4a6e75f7ea18d89db6a10f158eaf.patch Patch3000: glibc-python3.patch Patch3001: glibc-disable-werror-tst-realloc.patch @@ -207,7 +344,6 @@ Patch3027: LoongArch-Add-glibc.cpu.hwcap-support.patch Patch3028: Revert-LoongArch-Add-glibc.cpu.hwcap-support.patch Patch3029: LoongArch-Unify-Register-Names.patch Patch3030: LoongArch-Update-hwcap.h-to-sync-with-LoongArch-kern.patch -Patch3031: linux-Sync-Linux-6.6-elf.h.patch Patch3032: Decrease-value-of-arch_minimum_kernel-with-LoongArch.patch #-- Patch3033: 0001-LoongArch-Use-builtins-for-ffs-and-ffsll.patch @@ -232,7 +368,6 @@ Patch3051: LoongArch-Force-SHMLBA-the-same-as-kernel.patch Patch3052: 0019-x86-Add-new-architecture-type-for-Hygon-processors.patch Patch3053: 0020-x86-Add-cache-information-support-for-Hygon-processo.patch Patch3054: 0021-x86-Fix-Zen3-Zen4-ERMS-selection-BZ-30994.patch -Patch3055: 0022-x86-Improve-large-memset-perf-with-non-temporal-stor.patch Patch3056: 0023-x86-Add-seperate-non-temporal-tunable-for-memset.patch Patch3057: 0024-x86-Enable-non-temporal-memset-tunable-for-AMD.patch Patch3058: 0025-x86-Fix-value-for-x86_memset_non_temporal_threshold-.patch @@ -240,7 +375,6 @@ Patch3059: 0026-x86-Disable-non-temporal-memset-on-Skylake-Server.patch Patch3060: 0027-x86-Use-Avoid_Non_Temporal_Memset-to-control-non-tem.patch Patch3061: 0028-x86-Add-Avoid_STOSB-tunable-to-allow-NT-memset-witho.patch Patch3062: 0029-x86-Enable-non-temporal-memset-for-Hygon-processors.patch -Patch3063: 0030-x86-Only-align-destination-to-1x-VEC_SIZE-in-memset-.patch Patch3064: 0001-LoongArch-Update-ulps.patch Patch3065: 0002-Add-HWCAP_LOONGARCH_LSPW-from-Linux-6.12-to-bits-hwc.patch Patch3066: 0003-loongarch-Provide-stpcpy-in-stpcpy-aligned.S-for-rtl.patch @@ -1095,6 +1229,9 @@ update_gconv_modules_cache () %endif %changelog +* Wed Sep 17 2025 Shuo Wang - 2.38-40 +- backport patches from upstream 2.38 branch + * Wed Sep 10 2025 Tracker Robot - 2.38-39 - [Type] bugfix - [DESC] Apply patches from rpm-tracker diff --git a/i386-Add-GLIBC_ABI_GNU_TLS-version-BZ-33221.patch b/i386-Add-GLIBC_ABI_GNU_TLS-version-BZ-33221.patch new file mode 100644 index 0000000..d7d94f0 --- /dev/null +++ b/i386-Add-GLIBC_ABI_GNU_TLS-version-BZ-33221.patch @@ -0,0 +1,66 @@ +From a921ae4701f3b4b804ab7bc8f9e7a1e59001b083 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Mon, 28 Jul 2025 12:16:11 -0700 +Subject: [PATCH] i386: Add GLIBC_ABI_GNU_TLS version [BZ #33221] + +On i386, programs and shared libraries with __thread usage may fail +silently at run-time against glibc without the TLS run-time fix for: + +https://sourceware.org/bugzilla/show_bug.cgi?id=32996 + +Add GLIBC_ABI_GNU_TLS version to indicate that glibc has the working +GNU TLS run-time. Linker can add the GLIBC_ABI_GNU_TLS version to +binaries which depend on the working TLS run-time so that such programs +and shared libraries will fail to load and run at run-time against +libc.so without the GLIBC_ABI_GNU_TLS version, instead of fail silently +at random. + +This fixes BZ #33221. + +Signed-off-by: H.J. Lu +Reviewed-by: Sam James +(cherry picked from commit ed1b7a5a489ab555a27fad9c101ebe2e1c1ba881) +--- + sysdeps/i386/Makefile | 9 +++++++++ + sysdeps/i386/Versions | 5 +++++ + 2 files changed, 14 insertions(+) + +diff --git a/sysdeps/i386/Makefile b/sysdeps/i386/Makefile +index ee6470d78e..c0c017b899 100644 +--- a/sysdeps/i386/Makefile ++++ b/sysdeps/i386/Makefile +@@ -60,6 +60,15 @@ $(objpfx)tst-ld-sse-use.out: ../sysdeps/i386/tst-ld-sse-use.sh $(objpfx)ld.so + @echo "Checking ld.so for SSE register use. This will take a few seconds..." + $(BASH) $< $(objpfx) '$(NM)' '$(OBJDUMP)' '$(READELF)' > $@; \ + $(evaluate-test) ++ ++tests-special += $(objpfx)check-gnu-tls.out ++ ++$(objpfx)check-gnu-tls.out: $(common-objpfx)libc.so ++ LC_ALL=C $(READELF) -V -W $< \ ++ | sed -ne '/.gnu.version_d/, /.gnu.version_r/ p' \ ++ | grep GLIBC_ABI_GNU_TLS > $@; \ ++ $(evaluate-test) ++generated += check-gnu-tls.out + else + CFLAGS-.os += $(if $(filter rtld-%.os,$(@F)), $(rtld-CFLAGS)) + endif +diff --git a/sysdeps/i386/Versions b/sysdeps/i386/Versions +index 36e23b466a..9c84c8ef04 100644 +--- a/sysdeps/i386/Versions ++++ b/sysdeps/i386/Versions +@@ -28,6 +28,11 @@ libc { + GLIBC_2.13 { + __fentry__; + } ++ GLIBC_ABI_GNU_TLS { ++ # This symbol is used only for empty version map and will be removed ++ # by scripts/versions.awk. ++ __placeholder_only_for_empty_version_map; ++ } + } + libm { + GLIBC_2.1 { +-- +2.27.0 + diff --git a/i386-Also-add-GLIBC_ABI_GNU2_TLS-version-BZ-33129.patch b/i386-Also-add-GLIBC_ABI_GNU2_TLS-version-BZ-33129.patch new file mode 100644 index 0000000..21e2bb2 --- /dev/null +++ b/i386-Also-add-GLIBC_ABI_GNU2_TLS-version-BZ-33129.patch @@ -0,0 +1,98 @@ +From 0769ad2cdd670d89c75eb6ac1cbc25f5c2d92ce5 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Mon, 18 Aug 2025 09:06:48 -0700 +Subject: [PATCH] i386: Also add GLIBC_ABI_GNU2_TLS version [BZ #33129] + +Since the GNU2 TLS run-time bug: + +https://sourceware.org/bugzilla/show_bug.cgi?id=31372 + +affects both i386 and x86-64, also add GLIBC_ABI_GNU2_TLS version to i386 +to indicate the working GNU2 TLS run-time. For x86-64, the additional +GNU2 TLS run-time bug fix is needed for + +https://sourceware.org/bugzilla/show_bug.cgi?id=31501 + +Signed-off-by: H.J. Lu +Reviewed-by: Sam James +(cherry picked from commit bd4628f3f18ac312408782eea450429c6f044860) +--- + sysdeps/x86/Makefile | 9 +++++++++ + sysdeps/x86/Versions | 5 +++++ + sysdeps/x86_64/Makefile | 9 --------- + sysdeps/x86_64/Versions | 5 ----- + 4 files changed, 14 insertions(+), 14 deletions(-) + +diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile +index d39c2e8968..0ab42b14ba 100644 +--- a/sysdeps/x86/Makefile ++++ b/sysdeps/x86/Makefile +@@ -125,6 +125,15 @@ LDFLAGS-tst-tls23 += -rdynamic + tst-tls23-mod.so-no-z-defs = yes + + $(objpfx)tst-tls23-mod.so: $(libsupport) ++ ++tests-special += $(objpfx)check-gnu2-tls.out ++ ++$(objpfx)check-gnu2-tls.out: $(common-objpfx)libc.so ++ LC_ALL=C $(READELF) -V -W $< \ ++ | sed -ne '/.gnu.version_d/, /.gnu.version_r/ p' \ ++ | grep GLIBC_ABI_GNU2_TLS > $@; \ ++ $(evaluate-test) ++generated += check-gnu2-tls.out + endif + + ifeq ($(subdir),math) +diff --git a/sysdeps/x86/Versions b/sysdeps/x86/Versions +index 4b10c4b5d7..e8dcfccbe4 100644 +--- a/sysdeps/x86/Versions ++++ b/sysdeps/x86/Versions +@@ -7,4 +7,9 @@ libc { + GLIBC_2.33 { + __x86_get_cpuid_feature_leaf; + } ++ GLIBC_ABI_GNU2_TLS { ++ # This symbol is used only for empty version map and will be removed ++ # by scripts/versions.awk. ++ __placeholder_only_for_empty_version_map; ++ } + } +diff --git a/sysdeps/x86_64/Makefile b/sysdeps/x86_64/Makefile +index 191cf7f5b0..d83109b632 100644 +--- a/sysdeps/x86_64/Makefile ++++ b/sysdeps/x86_64/Makefile +@@ -180,15 +180,6 @@ $(objpfx)check-dt-x86-64-plt.out: $(common-objpfx)libc.so + | grep GLIBC_ABI_DT_X86_64_PLT > $@; \ + $(evaluate-test) + generated += check-dt-x86-64-plt.out +- +-tests-special += $(objpfx)check-gnu2-tls.out +- +-$(objpfx)check-gnu2-tls.out: $(common-objpfx)libc.so +- LC_ALL=C $(READELF) -V -W $< \ +- | sed -ne '/.gnu.version_d/, /.gnu.version_r/ p' \ +- | grep GLIBC_ABI_GNU2_TLS > $@; \ +- $(evaluate-test) +-generated += check-gnu2-tls.out + endif # $(subdir) == elf + + ifeq ($(subdir),csu) +diff --git a/sysdeps/x86_64/Versions b/sysdeps/x86_64/Versions +index 0a759029e5..6a989ad3b3 100644 +--- a/sysdeps/x86_64/Versions ++++ b/sysdeps/x86_64/Versions +@@ -5,11 +5,6 @@ libc { + GLIBC_2.13 { + __fentry__; + } +- GLIBC_ABI_GNU2_TLS { +- # This symbol is used only for empty version map and will be removed +- # by scripts/versions.awk. +- __placeholder_only_for_empty_version_map; +- } + GLIBC_ABI_DT_X86_64_PLT { + # This symbol is used only for empty version map and will be removed + # by scripts/versions.awk. +-- +2.27.0 + diff --git a/i386-Disable-Intel-Xeon-Phi-tests-for-GCC-15-and-abo.patch b/i386-Disable-Intel-Xeon-Phi-tests-for-GCC-15-and-abo.patch new file mode 100644 index 0000000..239b876 --- /dev/null +++ b/i386-Disable-Intel-Xeon-Phi-tests-for-GCC-15-and-abo.patch @@ -0,0 +1,68 @@ +From 697ab62d1176180bea49094130ad0af2b108874d Mon Sep 17 00:00:00 2001 +From: Sunil K Pandey +Date: Mon, 27 May 2024 10:08:18 -0700 +Subject: [PATCH 1/2] i386: Disable Intel Xeon Phi tests for GCC 15 and above + (BZ 31782) + +This patch disables Intel Xeon Phi tests for GCC 15 and above. + +GCC 15 removed Intel Xeon Phi ISA support. +commit e1a7e2c54d52d0ba374735e285b617af44841ace +Author: Haochen Jiang +Date: Mon May 20 10:43:44 2024 +0800 + + i386: Remove Xeon Phi ISA support + +Fixes BZ 31782. + +Reviewed-by: H.J. Lu +(cherry picked from commit 1b713c9a5349ef3cd1a8ccf9de017c7865713c67) +--- + sysdeps/x86/tst-cpu-features-supports.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/x86/tst-cpu-features-supports.c b/sysdeps/x86/tst-cpu-features-supports.c +index 32daf51053..f85356b589 100644 +--- a/sysdeps/x86/tst-cpu-features-supports.c ++++ b/sysdeps/x86/tst-cpu-features-supports.c +@@ -65,7 +65,7 @@ do_test (int argc, char **argv) + #endif + fails += CHECK_FEATURE_ACTIVE (avx, AVX); + fails += CHECK_FEATURE_ACTIVE (avx2, AVX2); +-#if __GNUC_PREREQ (7, 0) ++#if __GNUC_PREREQ (7, 0) && !__GNUC_PREREQ (15, 0) + fails += CHECK_FEATURE_ACTIVE (avx5124fmaps, AVX512_4FMAPS); + fails += CHECK_FEATURE_ACTIVE (avx5124vnniw, AVX512_4VNNIW); + #endif +@@ -92,14 +92,18 @@ do_test (int argc, char **argv) + #if __GNUC_PREREQ (6, 0) + fails += CHECK_FEATURE_ACTIVE (avx512bw, AVX512BW); + fails += CHECK_FEATURE_ACTIVE (avx512cd, AVX512CD); ++# if !__GNUC_PREREQ (15, 0) + fails += CHECK_FEATURE_ACTIVE (avx512er, AVX512ER); ++# endif + fails += CHECK_FEATURE_ACTIVE (avx512dq, AVX512DQ); + #endif + #if __GNUC_PREREQ (5, 0) + fails += CHECK_FEATURE_ACTIVE (avx512f, AVX512F); + #endif + #if __GNUC_PREREQ (6, 0) ++# if !__GNUC_PREREQ (15, 0) + fails += CHECK_FEATURE_ACTIVE (avx512pf, AVX512PF); ++# endif + fails += CHECK_FEATURE_ACTIVE (avx512vl, AVX512VL); + #endif + #if __GNUC_PREREQ (5, 0) +@@ -148,7 +152,9 @@ do_test (int argc, char **argv) + #endif + fails += CHECK_FEATURE_ACTIVE (popcnt, POPCNT); + #if __GNUC_PREREQ (11, 0) ++# if !__GNUC_PREREQ (15, 0) + fails += CHECK_FEATURE_ACTIVE (prefetchwt1, PREFETCHWT1); ++# endif + fails += CHECK_FEATURE_ACTIVE (ptwrite, PTWRITE); + fails += CHECK_FEATURE_ACTIVE (rdpid, RDPID); + fails += CHECK_FEATURE_ACTIVE (rdrnd, RDRAND); +-- +2.33.0 + diff --git a/i386-Fail-if-configured-with-enable-cet.patch b/i386-Fail-if-configured-with-enable-cet.patch index acf5fa6..dfcbcc5 100644 --- a/i386-Fail-if-configured-with-enable-cet.patch +++ b/i386-Fail-if-configured-with-enable-cet.patch @@ -30,6 +30,21 @@ index d583ca7b44..4365d909a2 100644 ‘--enable-memory-tagging’ Enable memory tagging support if the architecture supports it. +diff --git a/NEWS b/NEWS +index 65b5903622..77e89c9619 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,8 +7,8 @@ using `glibc' in the "product" field. + + Version 2.38.1 + +-* Sync with Linux kernel 6.6 shadow stack interface. Since only x86-64 +- is supported, --enable-cet is ignored for i386. ++* Sync with Linux kernel 6.6 shadow stack interface. The --enable-cet ++ configure option in only supported on x86-64. + + Deprecated and removed features, and other changes affecting compatibility: + diff --git a/manual/install.texi b/manual/install.texi index 2af7f35c4e..479a49c7dc 100644 --- a/manual/install.texi diff --git a/i386-Ignore-enable-cet.patch b/i386-Ignore-enable-cet.patch index 1af503d..ad5fef9 100644 --- a/i386-Ignore-enable-cet.patch +++ b/i386-Ignore-enable-cet.patch @@ -58,6 +58,20 @@ index 268acadd75..d583ca7b44 100644 ‘--enable-memory-tagging’ Enable memory tagging support if the architecture supports it. +diff --git a/NEWS b/NEWS +index 41c48e1997..65b5903622 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,6 +7,9 @@ using `glibc' in the "product" field. + + Version 2.38.1 + ++* Sync with Linux kernel 6.6 shadow stack interface. Since only x86-64 ++ is supported, --enable-cet is ignored for i386. ++ + Deprecated and removed features, and other changes affecting compatibility: + + * __rseq_size now denotes the size of the active rseq area (20 bytes diff --git a/manual/install.texi b/manual/install.texi index e8f36d5726..2af7f35c4e 100644 --- a/manual/install.texi diff --git a/i386-Update-___tls_get_addr-to-preserve-vector-regis.patch b/i386-Update-___tls_get_addr-to-preserve-vector-regis.patch new file mode 100644 index 0000000..4c51415 --- /dev/null +++ b/i386-Update-___tls_get_addr-to-preserve-vector-regis.patch @@ -0,0 +1,1186 @@ +From 1ea16a207ce05e90d4d24460b394452f64ae8f37 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Mon, 9 Jun 2025 05:22:10 +0800 +Subject: [PATCH] i386: Update ___tls_get_addr to preserve vector registers + +Compiler generates the following instruction sequence for dynamic TLS +access: + + leal tls_var@tlsgd(,%ebx,1), %eax + call ___tls_get_addr@PLT + +CALL instruction is transparent to compiler which assumes all registers, +except for EFLAGS, AX, CX, and DX, are unchanged after CALL. But +___tls_get_addr is a normal function which doesn't preserve any vector +registers. + +1. Rename the generic __tls_get_addr function to ___tls_get_addr_internal. +2. Change ___tls_get_addr to a wrapper function with implementations for +FNSAVE, FXSAVE, XSAVE and XSAVEC to save and restore all vector registers. +3. dl-tlsdesc-dynamic.h has: + +_dl_tlsdesc_dynamic: + /* Like all TLS resolvers, preserve call-clobbered registers. + We need two scratch regs anyway. */ + subl $32, %esp + cfi_adjust_cfa_offset (32) + +It is wrong to use + + movl %ebx, -28(%esp) + movl %esp, %ebx + cfi_def_cfa_register(%ebx) + ... + mov %ebx, %esp + cfi_def_cfa_register(%esp) + movl -28(%esp), %ebx + +to preserve EBX on stack. Fix it with: + + movl %ebx, 28(%esp) + movl %esp, %ebx + cfi_def_cfa_register(%ebx) + ... + mov %ebx, %esp + cfi_def_cfa_register(%esp) + movl 28(%esp), %ebx + +4. Update _dl_tlsdesc_dynamic to call ___tls_get_addr_internal directly. +5. Add have-test-mtls-traditional to compile tst-tls23-mod.c with +traditional TLS variant to verify the fix. +6. Define DL_RUNTIME_RESOLVE_REALIGN_STACK in sysdeps/x86/sysdep.h. + +This fixes BZ #32996. + +Co-Authored-By: Adhemerval Zanella +Signed-off-by: H.J. Lu +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 848f0e46f03f22404ed9a8aabf3fd5ce8809a1be) +--- + configure | 35 +++++ + configure.ac | 25 ++++ + elf/Makefile | 9 ++ + elf/tst-tls23-mod.c | 32 +++++ + elf/tst-tls23.c | 106 +++++++++++++++ + .../dl-trampoline-save.h => elf/tst-tls23.h | 34 +++-- + sysdeps/aarch64/preconfigure | 1 + + sysdeps/i386/Makefile | 4 +- + sysdeps/i386/dl-tls-get-addr.c | 68 ++++++++++ + sysdeps/i386/dl-tls.h | 28 +--- + sysdeps/i386/dl-tlsdesc-dynamic.h | 108 +-------------- + sysdeps/i386/dl-tlsdesc.S | 17 --- + sysdeps/i386/tls-get-addr-wrapper.h | 127 ++++++++++++++++++ + sysdeps/i386/tls_get_addr.S | 57 ++++++++ + sysdeps/i386/tls_get_addr.h | 42 ++++++ + sysdeps/loongarch/preconfigure | 1 + + sysdeps/loongarch/preconfigure.ac | 1 + + sysdeps/powerpc/Makefile | 5 + + sysdeps/x86/Makefile | 16 ++- + sysdeps/x86/sysdep.h | 23 ++++ + sysdeps/x86/tst-tls23.c | 22 +++ + sysdeps/x86/tst-tls23.h | 35 +++++ + sysdeps/x86_64/Makefile | 3 - + sysdeps/x86_64/dl-tlsdesc.S | 1 - + sysdeps/x86_64/dl-trampoline.S | 1 - + 25 files changed, 632 insertions(+), 169 deletions(-) + create mode 100644 elf/tst-tls23-mod.c + create mode 100644 elf/tst-tls23.c + rename sysdeps/x86_64/dl-trampoline-save.h => elf/tst-tls23.h (52%) + create mode 100644 sysdeps/i386/dl-tls-get-addr.c + create mode 100644 sysdeps/i386/tls-get-addr-wrapper.h + create mode 100644 sysdeps/i386/tls_get_addr.S + create mode 100644 sysdeps/i386/tls_get_addr.h + create mode 100644 sysdeps/x86/tst-tls23.c + create mode 100644 sysdeps/x86/tst-tls23.h + +diff --git a/configure b/configure +index 4ef387146d..56900f9af9 100755 +--- a/configure ++++ b/configure +@@ -4896,6 +4896,9 @@ libc_config_ok=no + # whether to use such directories. + with_fp_cond=1 + ++# A preconfigure script may define another name to traditional TLS variant ++mtls_traditional=gnu ++ + if frags=`ls -d $srcdir/sysdeps/*/preconfigure 2> /dev/null` + then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for sysdeps preconfigure fragments" >&5 +@@ -7175,6 +7178,38 @@ printf "%s\n" "$libc_cv_mtls_dialect_gnu2" >&6; } + config_vars="$config_vars + have-mtls-dialect-gnu2 = $libc_cv_mtls_dialect_gnu2" + ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for traditional tls support" >&5 ++printf %s "checking for traditional tls support... " >&6; } ++if test ${libc_cv_test_mtls_traditional+y} ++then : ++ printf %s "(cached) " >&6 ++else $as_nop ++ cat > conftest.c <&5 ++ (eval $ac_try) 2>&5 ++ ac_status=$? ++ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 ++ test $ac_status = 0; }; } ++then ++ libc_cv_test_mtls_traditional=$mtls_traditional ++else ++ libc_cv_test_mtls_traditional=no ++fi ++rm -f conftest* ++fi ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $libc_cv_test_mtls_traditional" >&5 ++printf "%s\n" "$libc_cv_test_mtls_traditional" >&6; } ++config_vars="$config_vars ++have-test-mtls-traditional = $libc_cv_test_mtls_traditional" ++ + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if -Wno-ignored-attributes is required for aliases" >&5 + printf %s "checking if -Wno-ignored-attributes is required for aliases... " >&6; } + if test ${libc_cv_wno_ignored_attributes+y} +diff --git a/configure.ac b/configure.ac +index 12d1f50b14..864f7738f5 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -517,6 +517,9 @@ libc_config_ok=no + # whether to use such directories. + with_fp_cond=1 + ++# A preconfigure script may define another name to traditional TLS variant ++mtls_traditional=gnu ++ + dnl Let sysdeps/*/preconfigure act here. + LIBC_PRECONFIGURE([$srcdir], [for sysdeps]) + +@@ -1382,6 +1385,28 @@ rm -f conftest*]) + AC_SUBST(libc_cv_mtls_dialect_gnu2) + LIBC_CONFIG_VAR([have-mtls-dialect-gnu2], [$libc_cv_mtls_dialect_gnu2]) + ++dnl Check if CC supports traditional tls. ++AC_CACHE_CHECK([for traditional tls support], ++ libc_cv_test_mtls_traditional, ++[dnl ++cat > conftest.c <&AS_MESSAGE_LOG_FD]) ++then ++ libc_cv_test_mtls_traditional=$mtls_traditional ++else ++ libc_cv_test_mtls_traditional=no ++fi ++rm -f conftest*]) ++LIBC_CONFIG_VAR([have-test-mtls-traditional], ++ [$libc_cv_test_mtls_traditional]) ++ + dnl clang emits an warning for a double alias redirection, to warn the + dnl original symbol is sed even when weak definition overrides it. + dnl It is a usual pattern for weak_alias, where multiple alias point to +diff --git a/elf/Makefile b/elf/Makefile +index 970192bde4..a7820defe6 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -461,6 +461,7 @@ tests += \ + tst-tls19 \ + tst-tls20 \ + tst-tls21 \ ++ tst-tls23 \ + tst-tlsalign \ + tst-tlsalign-extern \ + tst-tlsgap \ +@@ -914,6 +915,7 @@ modules-names += \ + tst-tls19mod3 \ + tst-tls20mod-bad \ + tst-tls21mod \ ++ tst-tls23-mod \ + tst-tlsalign-lib \ + tst-tlsgap-mod0 \ + tst-tlsgap-mod1 \ +@@ -3070,6 +3072,13 @@ CFLAGS-tst-gnu2-tls2mod1.c += -mtls-dialect=gnu2 + CFLAGS-tst-gnu2-tls2mod2.c += -mtls-dialect=gnu2 + endif + ++$(objpfx)tst-tls23: $(shared-thread-library) ++$(objpfx)tst-tls23.out: $(objpfx)tst-tls23-mod.so ++ ++ifneq (no,$(have-test-mtls-traditional)) ++CFLAGS-tst-tls23-mod.c += -mtls-dialect=$(have-test-mtls-traditional) ++endif ++ + $(objpfx)tst-recursive-tls: $(objpfx)tst-recursive-tlsmallocmod.so + # More objects than DTV_SURPLUS, to trigger DTV reallocation. + $(objpfx)tst-recursive-tls.out: \ +diff --git a/elf/tst-tls23-mod.c b/elf/tst-tls23-mod.c +new file mode 100644 +index 0000000000..3ee4c70e40 +--- /dev/null ++++ b/elf/tst-tls23-mod.c +@@ -0,0 +1,32 @@ ++/* DSO used by tst-tls23. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++__thread struct tls tls_var0 __attribute__ ((visibility ("hidden"))); ++ ++struct tls * ++apply_tls (struct tls *p) ++{ ++ INIT_TLS_CALL (); ++ BEFORE_TLS_CALL (); ++ tls_var0 = *p; ++ struct tls *ret = &tls_var0; ++ AFTER_TLS_CALL (); ++ return ret; ++} +diff --git a/elf/tst-tls23.c b/elf/tst-tls23.c +new file mode 100644 +index 0000000000..afe594c067 +--- /dev/null ++++ b/elf/tst-tls23.c +@@ -0,0 +1,106 @@ ++/* Test that __tls_get_addr preserves caller-saved registers. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifndef IS_SUPPORTED ++# define IS_SUPPORTED() true ++#endif ++ ++/* An architecture can define it to clobber caller-saved registers in ++ malloc below to verify that __tls_get_addr won't change caller-saved ++ registers. */ ++#ifndef PREPARE_MALLOC ++# define PREPARE_MALLOC() ++#endif ++ ++extern void * __libc_malloc (size_t); ++ ++size_t malloc_counter = 0; ++ ++void * ++malloc (size_t n) ++{ ++ PREPARE_MALLOC (); ++ malloc_counter++; ++ return __libc_malloc (n); ++} ++ ++static void *mod; ++static const char *modname = "tst-tls23-mod.so"; ++ ++static void ++open_mod (void) ++{ ++ mod = xdlopen (modname, RTLD_LAZY); ++ printf ("open %s\n", modname); ++} ++ ++static void ++close_mod (void) ++{ ++ xdlclose (mod); ++ mod = NULL; ++ printf ("close %s\n", modname); ++} ++ ++static void ++access_mod (const char *sym) ++{ ++ struct tls var = { -4, -4, -4, -4 }; ++ struct tls *(*f) (struct tls *) = xdlsym (mod, sym); ++ /* Check that our malloc is called. */ ++ malloc_counter = 0; ++ struct tls *p = f (&var); ++ TEST_VERIFY (malloc_counter != 0); ++ printf ("access %s: %s() = %p\n", modname, sym, p); ++ TEST_VERIFY_EXIT (memcmp (p, &var, sizeof (var)) == 0); ++ ++(p->a); ++} ++ ++static void * ++start (void *arg) ++{ ++ access_mod ("apply_tls"); ++ return arg; ++} ++ ++static int ++do_test (void) ++{ ++ if (!IS_SUPPORTED ()) ++ return EXIT_UNSUPPORTED; ++ ++ open_mod (); ++ pthread_t t = xpthread_create (NULL, start, NULL); ++ xpthread_join (t); ++ close_mod (); ++ ++ return 0; ++} ++ ++#include +diff --git a/sysdeps/x86_64/dl-trampoline-save.h b/elf/tst-tls23.h +similarity index 52% +rename from sysdeps/x86_64/dl-trampoline-save.h +rename to elf/tst-tls23.h +index 84eac4a8ac..d0e734569c 100644 +--- a/sysdeps/x86_64/dl-trampoline-save.h ++++ b/elf/tst-tls23.h +@@ -1,5 +1,5 @@ +-/* x86-64 PLT trampoline register save macros. +- Copyright (C) 2024 Free Software Foundation, Inc. ++/* Test that __tls_get_addr preserves caller-saved registers. ++ Copyright (C) 2025 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or +@@ -16,19 +16,25 @@ + License along with the GNU C Library; if not, see + . */ + +-#ifndef DL_STACK_ALIGNMENT +-/* Due to GCC bug: ++#include + +- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58066 ++struct tls ++{ ++ int64_t a, b, c, d; ++}; + +- __tls_get_addr may be called with 8-byte stack alignment. Although +- this bug has been fixed in GCC 4.9.4, 5.3 and 6, we can't assume +- that stack will be always aligned at 16 bytes. */ +-# define DL_STACK_ALIGNMENT 8 ++extern struct tls *apply_tls (struct tls *); ++ ++/* An architecture can define them to verify that caller-saved registers ++ aren't changed by __tls_get_addr. */ ++#ifndef INIT_TLS_CALL ++# define INIT_TLS_CALL() ++#endif ++ ++#ifndef BEFORE_TLS_CALL ++# define BEFORE_TLS_CALL() + #endif + +-/* True if _dl_runtime_resolve should align stack for STATE_SAVE or align +- stack to 16 bytes before calling _dl_fixup. */ +-#define DL_RUNTIME_RESOLVE_REALIGN_STACK \ +- (STATE_SAVE_ALIGNMENT > DL_STACK_ALIGNMENT \ +- || 16 > DL_STACK_ALIGNMENT) ++#ifndef AFTER_TLS_CALL ++# define AFTER_TLS_CALL() ++#endif +diff --git a/sysdeps/aarch64/preconfigure b/sysdeps/aarch64/preconfigure +index d9bd1f8558..16f5d3457e 100644 +--- a/sysdeps/aarch64/preconfigure ++++ b/sysdeps/aarch64/preconfigure +@@ -2,5 +2,6 @@ case "$machine" in + aarch64*) + base_machine=aarch64 + machine=aarch64 ++ mtls_traditional=trad + ;; + esac +diff --git a/sysdeps/i386/Makefile b/sysdeps/i386/Makefile +index a2e8c0b128..ee6470d78e 100644 +--- a/sysdeps/i386/Makefile ++++ b/sysdeps/i386/Makefile +@@ -30,7 +30,9 @@ stack-align-test-flags += -malign-double + endif + + ifeq ($(subdir),elf) +-sysdep-dl-routines += tlsdesc dl-tlsdesc ++sysdep-dl-routines += \ ++ dl-tls-get-addr \ ++# sysdep-dl-routines + + tests += tst-audit3 + modules-names += tst-auditmod3a tst-auditmod3b +diff --git a/sysdeps/i386/dl-tls-get-addr.c b/sysdeps/i386/dl-tls-get-addr.c +new file mode 100644 +index 0000000000..c97e5c57be +--- /dev/null ++++ b/sysdeps/i386/dl-tls-get-addr.c +@@ -0,0 +1,68 @@ ++/* Ifunc selector for ___tls_get_addr. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#ifdef SHARED ++# define ___tls_get_addr __redirect____tls_get_addr ++# include ++# undef ___tls_get_addr ++# undef __tls_get_addr ++ ++# define SYMBOL_NAME ___tls_get_addr ++# include ++ ++extern __typeof (REDIRECT_NAME) OPTIMIZE (fnsave) attribute_hidden; ++extern __typeof (REDIRECT_NAME) OPTIMIZE (fxsave) attribute_hidden; ++extern __typeof (REDIRECT_NAME) OPTIMIZE (xsave) attribute_hidden; ++extern __typeof (REDIRECT_NAME) OPTIMIZE (xsavec) attribute_hidden; ++ ++static inline void * ++IFUNC_SELECTOR (void) ++{ ++ const struct cpu_features* cpu_features = __get_cpu_features (); ++ ++ if (cpu_features->xsave_state_size != 0) ++ { ++ if (CPU_FEATURE_USABLE_P (cpu_features, XSAVEC)) ++ return OPTIMIZE (xsavec); ++ else ++ return OPTIMIZE (xsave); ++ } ++ else if (CPU_FEATURE_USABLE_P (cpu_features, FXSR)) ++ return OPTIMIZE (fxsave); ++ return OPTIMIZE (fnsave); ++} ++ ++libc_ifunc_redirected (__redirect____tls_get_addr, ___tls_get_addr, ++ IFUNC_SELECTOR ()); ++ ++/* The special thing about the x86 TLS ABI is that we have two ++ variants of the __tls_get_addr function with different calling ++ conventions. The GNU version, which we are mostly concerned here, ++ takes the parameter in a register. The name is changed by adding ++ an additional underscore at the beginning. The Sun version uses ++ the normal calling convention. */ ++ ++rtld_hidden_proto (___tls_get_addr) ++rtld_hidden_def (___tls_get_addr) ++ ++void * ++__tls_get_addr (tls_index *ti) ++{ ++ return ___tls_get_addr (ti); ++} ++#endif +diff --git a/sysdeps/i386/dl-tls.h b/sysdeps/i386/dl-tls.h +index ec7678096b..c4b2419b9a 100644 +--- a/sysdeps/i386/dl-tls.h ++++ b/sysdeps/i386/dl-tls.h +@@ -29,33 +29,13 @@ typedef struct dl_tls_index + /* This is the prototype for the GNU version. */ + extern void *___tls_get_addr (tls_index *ti) + __attribute__ ((__regparm__ (1))); +-extern void *___tls_get_addr_internal (tls_index *ti) +- __attribute__ ((__regparm__ (1))) attribute_hidden; +- + # if IS_IN (rtld) +-/* The special thing about the x86 TLS ABI is that we have two +- variants of the __tls_get_addr function with different calling +- conventions. The GNU version, which we are mostly concerned here, +- takes the parameter in a register. The name is changed by adding +- an additional underscore at the beginning. The Sun version uses +- the normal calling convention. */ +-void * +-__tls_get_addr (tls_index *ti) +-{ +- return ___tls_get_addr_internal (ti); +-} +- +- + /* Prepare using the definition of __tls_get_addr in the generic + version of this file. */ +-# define __tls_get_addr __attribute__ ((__regparm__ (1))) ___tls_get_addr +-strong_alias (___tls_get_addr, ___tls_get_addr_internal) +-rtld_hidden_proto (___tls_get_addr) +-rtld_hidden_def (___tls_get_addr) +-#else +- ++# define __tls_get_addr \ ++ __attribute__ ((__regparm__ (1))) ___tls_get_addr_internal ++# else + /* Users should get the better interface. */ +-# define __tls_get_addr ___tls_get_addr +- ++# define __tls_get_addr ___tls_get_addr + # endif + #endif +diff --git a/sysdeps/i386/dl-tlsdesc-dynamic.h b/sysdeps/i386/dl-tlsdesc-dynamic.h +index 3627028577..8a5952421e 100644 +--- a/sysdeps/i386/dl-tlsdesc-dynamic.h ++++ b/sysdeps/i386/dl-tlsdesc-dynamic.h +@@ -16,34 +16,6 @@ + License along with the GNU C Library; if not, see + . */ + +-#undef REGISTER_SAVE_AREA +- +-#if !defined USE_FNSAVE && (STATE_SAVE_ALIGNMENT % 16) != 0 +-# error STATE_SAVE_ALIGNMENT must be multiple of 16 +-#endif +- +-#if DL_RUNTIME_RESOLVE_REALIGN_STACK +-# ifdef USE_FNSAVE +-# error USE_FNSAVE shouldn't be defined +-# endif +-# ifdef USE_FXSAVE +-/* Use fxsave to save all registers. */ +-# define REGISTER_SAVE_AREA 512 +-# endif +-#else +-# ifdef USE_FNSAVE +-/* Use fnsave to save x87 FPU stack registers. */ +-# define REGISTER_SAVE_AREA 108 +-# else +-# ifndef USE_FXSAVE +-# error USE_FXSAVE must be defined +-# endif +-/* Use fxsave to save all registers. Add 12 bytes to align the stack +- to 16 bytes. */ +-# define REGISTER_SAVE_AREA (512 + 12) +-# endif +-#endif +- + .hidden _dl_tlsdesc_dynamic + .global _dl_tlsdesc_dynamic + .type _dl_tlsdesc_dynamic,@function +@@ -104,85 +76,7 @@ _dl_tlsdesc_dynamic: + ret + .p2align 4,,7 + 2: +- cfi_adjust_cfa_offset (32) +-#if DL_RUNTIME_RESOLVE_REALIGN_STACK +- movl %ebx, -28(%esp) +- movl %esp, %ebx +- cfi_def_cfa_register(%ebx) +- and $-STATE_SAVE_ALIGNMENT, %esp +-#endif +-#ifdef REGISTER_SAVE_AREA +- subl $REGISTER_SAVE_AREA, %esp +-# if !DL_RUNTIME_RESOLVE_REALIGN_STACK +- cfi_adjust_cfa_offset(REGISTER_SAVE_AREA) +-# endif +-#else +-# if !DL_RUNTIME_RESOLVE_REALIGN_STACK +-# error DL_RUNTIME_RESOLVE_REALIGN_STACK must be true +-# endif +- /* Allocate stack space of the required size to save the state. */ +- LOAD_PIC_REG (cx) +- subl RTLD_GLOBAL_RO_DL_X86_CPU_FEATURES_OFFSET+XSAVE_STATE_SIZE_OFFSET+_rtld_local_ro@GOTOFF(%ecx), %esp +-#endif +-#ifdef USE_FNSAVE +- fnsave (%esp) +-#elif defined USE_FXSAVE +- fxsave (%esp) +-#else +- /* Save the argument for ___tls_get_addr in EAX. */ +- movl %eax, %ecx +- movl $TLSDESC_CALL_STATE_SAVE_MASK, %eax +- xorl %edx, %edx +- /* Clear the XSAVE Header. */ +-# ifdef USE_XSAVE +- movl %edx, (512)(%esp) +- movl %edx, (512 + 4 * 1)(%esp) +- movl %edx, (512 + 4 * 2)(%esp) +- movl %edx, (512 + 4 * 3)(%esp) +-# endif +- movl %edx, (512 + 4 * 4)(%esp) +- movl %edx, (512 + 4 * 5)(%esp) +- movl %edx, (512 + 4 * 6)(%esp) +- movl %edx, (512 + 4 * 7)(%esp) +- movl %edx, (512 + 4 * 8)(%esp) +- movl %edx, (512 + 4 * 9)(%esp) +- movl %edx, (512 + 4 * 10)(%esp) +- movl %edx, (512 + 4 * 11)(%esp) +- movl %edx, (512 + 4 * 12)(%esp) +- movl %edx, (512 + 4 * 13)(%esp) +- movl %edx, (512 + 4 * 14)(%esp) +- movl %edx, (512 + 4 * 15)(%esp) +-# ifdef USE_XSAVE +- xsave (%esp) +-# else +- xsavec (%esp) +-# endif +- /* Restore the argument for ___tls_get_addr in EAX. */ +- movl %ecx, %eax +-#endif +- call HIDDEN_JUMPTARGET (___tls_get_addr) +- /* Get register content back. */ +-#ifdef USE_FNSAVE +- frstor (%esp) +-#elif defined USE_FXSAVE +- fxrstor (%esp) +-#else +- /* Save and retore ___tls_get_addr return value stored in EAX. */ +- movl %eax, %ecx +- movl $TLSDESC_CALL_STATE_SAVE_MASK, %eax +- xorl %edx, %edx +- xrstor (%esp) +- movl %ecx, %eax +-#endif +-#if DL_RUNTIME_RESOLVE_REALIGN_STACK +- mov %ebx, %esp +- cfi_def_cfa_register(%esp) +- movl -28(%esp), %ebx +- cfi_restore(%ebx) +-#else +- addl $REGISTER_SAVE_AREA, %esp +- cfi_adjust_cfa_offset(-REGISTER_SAVE_AREA) +-#endif ++#include "tls-get-addr-wrapper.h" + jmp 1b + cfi_endproc + .size _dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic +diff --git a/sysdeps/i386/dl-tlsdesc.S b/sysdeps/i386/dl-tlsdesc.S +index 725506f58d..1609cab002 100644 +--- a/sysdeps/i386/dl-tlsdesc.S ++++ b/sysdeps/i386/dl-tlsdesc.S +@@ -22,23 +22,6 @@ + #include + #include "tlsdesc.h" + +-#ifndef DL_STACK_ALIGNMENT +-/* Due to GCC bug: +- +- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58066 +- +- __tls_get_addr may be called with 4-byte stack alignment. Although +- this bug has been fixed in GCC 4.9.4, 5.3 and 6, we can't assume +- that stack will be always aligned at 16 bytes. */ +-# define DL_STACK_ALIGNMENT 4 +-#endif +- +-/* True if _dl_tlsdesc_dynamic should align stack for STATE_SAVE or align +- stack to MINIMUM_ALIGNMENT bytes before calling ___tls_get_addr. */ +-#define DL_RUNTIME_RESOLVE_REALIGN_STACK \ +- (STATE_SAVE_ALIGNMENT > DL_STACK_ALIGNMENT \ +- || MINIMUM_ALIGNMENT > DL_STACK_ALIGNMENT) +- + .text + + /* This function is used to compute the TP offset for symbols in +diff --git a/sysdeps/i386/tls-get-addr-wrapper.h b/sysdeps/i386/tls-get-addr-wrapper.h +new file mode 100644 +index 0000000000..0708e5ad1d +--- /dev/null ++++ b/sysdeps/i386/tls-get-addr-wrapper.h +@@ -0,0 +1,127 @@ ++/* Wrapper of i386 ___tls_get_addr to save and restore vector registers. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#undef REGISTER_SAVE_AREA ++ ++#if !defined USE_FNSAVE && (STATE_SAVE_ALIGNMENT % 16) != 0 ++# error STATE_SAVE_ALIGNMENT must be multiple of 16 ++#endif ++ ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++# ifdef USE_FNSAVE ++# error USE_FNSAVE shouldn't be defined ++# endif ++# ifdef USE_FXSAVE ++/* Use fxsave to save all registers. */ ++# define REGISTER_SAVE_AREA 512 ++# endif ++#else ++# ifdef USE_FNSAVE ++/* Use fnsave to save x87 FPU stack registers. */ ++# define REGISTER_SAVE_AREA 108 ++# else ++# ifndef USE_FXSAVE ++# error USE_FXSAVE must be defined ++# endif ++/* Use fxsave to save all registers. Add 12 bytes to align the stack ++ to 16 bytes. */ ++# define REGISTER_SAVE_AREA (512 + 12) ++# endif ++#endif ++ ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++ movl %ebx, 28(%esp) ++ movl %esp, %ebx ++ cfi_def_cfa_register(%ebx) ++ and $-STATE_SAVE_ALIGNMENT, %esp ++#endif ++#ifdef REGISTER_SAVE_AREA ++ subl $REGISTER_SAVE_AREA, %esp ++# if !DL_RUNTIME_RESOLVE_REALIGN_STACK ++ cfi_adjust_cfa_offset(REGISTER_SAVE_AREA) ++# endif ++#else ++# if !DL_RUNTIME_RESOLVE_REALIGN_STACK ++# error DL_RUNTIME_RESOLVE_REALIGN_STACK must be true ++# endif ++ /* Allocate stack space of the required size to save the state. */ ++ LOAD_PIC_REG (cx) ++ subl RTLD_GLOBAL_RO_DL_X86_CPU_FEATURES_OFFSET \ ++ +XSAVE_STATE_SIZE_OFFSET+_rtld_local_ro@GOTOFF(%ecx), %esp ++#endif ++#ifdef USE_FNSAVE ++ fnsave (%esp) ++#elif defined USE_FXSAVE ++ fxsave (%esp) ++#else ++ /* Save the argument for ___tls_get_addr in EAX. */ ++ movl %eax, %ecx ++ movl $TLSDESC_CALL_STATE_SAVE_MASK, %eax ++ xorl %edx, %edx ++ /* Clear the XSAVE Header. */ ++# ifdef USE_XSAVE ++ movl %edx, (512)(%esp) ++ movl %edx, (512 + 4 * 1)(%esp) ++ movl %edx, (512 + 4 * 2)(%esp) ++ movl %edx, (512 + 4 * 3)(%esp) ++# endif ++ movl %edx, (512 + 4 * 4)(%esp) ++ movl %edx, (512 + 4 * 5)(%esp) ++ movl %edx, (512 + 4 * 6)(%esp) ++ movl %edx, (512 + 4 * 7)(%esp) ++ movl %edx, (512 + 4 * 8)(%esp) ++ movl %edx, (512 + 4 * 9)(%esp) ++ movl %edx, (512 + 4 * 10)(%esp) ++ movl %edx, (512 + 4 * 11)(%esp) ++ movl %edx, (512 + 4 * 12)(%esp) ++ movl %edx, (512 + 4 * 13)(%esp) ++ movl %edx, (512 + 4 * 14)(%esp) ++ movl %edx, (512 + 4 * 15)(%esp) ++# ifdef USE_XSAVE ++ xsave (%esp) ++# else ++ xsavec (%esp) ++# endif ++ /* Restore the argument for ___tls_get_addr in EAX. */ ++ movl %ecx, %eax ++#endif ++ call ___tls_get_addr_internal ++ /* Get register content back. */ ++#ifdef USE_FNSAVE ++ frstor (%esp) ++#elif defined USE_FXSAVE ++ fxrstor (%esp) ++#else ++ /* Save and retore ___tls_get_addr return value stored in EAX. */ ++ movl %eax, %ecx ++ movl $TLSDESC_CALL_STATE_SAVE_MASK, %eax ++ xorl %edx, %edx ++ xrstor (%esp) ++ movl %ecx, %eax ++#endif ++#if DL_RUNTIME_RESOLVE_REALIGN_STACK ++ mov %ebx, %esp ++ cfi_def_cfa_register(%esp) ++ movl 28(%esp), %ebx ++ cfi_restore(%ebx) ++#else ++ addl $REGISTER_SAVE_AREA, %esp ++ cfi_adjust_cfa_offset(-REGISTER_SAVE_AREA) ++#endif ++ ++#undef STATE_SAVE_ALIGNMENT +diff --git a/sysdeps/i386/tls_get_addr.S b/sysdeps/i386/tls_get_addr.S +new file mode 100644 +index 0000000000..7d143d8a23 +--- /dev/null ++++ b/sysdeps/i386/tls_get_addr.S +@@ -0,0 +1,57 @@ ++/* Thread-local storage handling in the ELF dynamic linker. i386 version. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++ .text ++#ifdef SHARED ++# define USE_FNSAVE ++# define MINIMUM_ALIGNMENT 4 ++# define STATE_SAVE_ALIGNMENT 4 ++# define ___tls_get_addr _____tls_get_addr_fnsave ++# include "tls_get_addr.h" ++# undef ___tls_get_addr ++# undef MINIMUM_ALIGNMENT ++# undef USE_FNSAVE ++ ++# define MINIMUM_ALIGNMENT 16 ++ ++# define USE_FXSAVE ++# define STATE_SAVE_ALIGNMENT 16 ++# define ___tls_get_addr _____tls_get_addr_fxsave ++# include "tls_get_addr.h" ++# undef ___tls_get_addr ++# undef USE_FXSAVE ++ ++# define USE_XSAVE ++# define STATE_SAVE_ALIGNMENT 64 ++# define ___tls_get_addr _____tls_get_addr_xsave ++# include "tls_get_addr.h" ++# undef ___tls_get_addr ++# undef USE_XSAVE ++ ++# define USE_XSAVEC ++# define STATE_SAVE_ALIGNMENT 64 ++# define ___tls_get_addr _____tls_get_addr_xsavec ++# include "tls_get_addr.h" ++# undef ___tls_get_addr ++# undef USE_XSAVEC ++#endif /* SHARED */ +diff --git a/sysdeps/i386/tls_get_addr.h b/sysdeps/i386/tls_get_addr.h +new file mode 100644 +index 0000000000..1825798724 +--- /dev/null ++++ b/sysdeps/i386/tls_get_addr.h +@@ -0,0 +1,42 @@ ++/* Thread-local storage handling in the ELF dynamic linker. i386 version. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++ .hidden ___tls_get_addr ++ .global ___tls_get_addr ++ .type ___tls_get_addr,@function ++ ++ /* This function is a wrapper of ___tls_get_addr_internal to ++ preserve caller-saved vector registers. */ ++ ++ cfi_startproc ++ .align 16 ++___tls_get_addr: ++ /* Like all TLS resolvers, preserve call-clobbered registers. ++ We need two scratch regs anyway. */ ++ subl $32, %esp ++ cfi_adjust_cfa_offset (32) ++ movl %ecx, 20(%esp) ++ movl %edx, 24(%esp) ++#include "tls-get-addr-wrapper.h" ++ movl 20(%esp), %ecx ++ movl 24(%esp), %edx ++ addl $32, %esp ++ cfi_adjust_cfa_offset (-32) ++ ret ++ cfi_endproc ++ .size ___tls_get_addr, .-___tls_get_addr +diff --git a/sysdeps/loongarch/preconfigure b/sysdeps/loongarch/preconfigure +index dfc7ecfd9e..6b015ae5dc 100644 +--- a/sysdeps/loongarch/preconfigure ++++ b/sysdeps/loongarch/preconfigure +@@ -43,6 +43,7 @@ loongarch*) + + + base_machine=loongarch ++ mtls_traditional=trad + ;; + esac + +diff --git a/sysdeps/loongarch/preconfigure.ac b/sysdeps/loongarch/preconfigure.ac +index 67e4357013..31e9579e63 100644 +--- a/sysdeps/loongarch/preconfigure.ac ++++ b/sysdeps/loongarch/preconfigure.ac +@@ -41,6 +41,7 @@ loongarch*) + AC_DEFINE_UNQUOTED([LOONGARCH_ABI_FRLEN], [$abi_flen]) + + base_machine=loongarch ++ mtls_traditional=trad + ;; + esac + +diff --git a/sysdeps/powerpc/Makefile b/sysdeps/powerpc/Makefile +index 5e6cb07ce6..5cdb64f29b 100644 +--- a/sysdeps/powerpc/Makefile ++++ b/sysdeps/powerpc/Makefile +@@ -28,6 +28,11 @@ tst-cache-ppc-static-dlopen-ENV = LD_LIBRARY_PATH=$(objpfx):$(common-objpfx):$(c + $(objpfx)tst-cache-ppc-static-dlopen.out: $(objpfx)mod-cache-ppc.so + + $(objpfx)tst-cache-ppc: $(objpfx)mod-cache-ppc.so ++ ++# The test checks if the __tls_get_addr does not clobber caller-saved ++# register, so disable the powerpc specific optimization to force a ++# __tls_get_addr call. ++LDFLAGS-tst-tls23-mod.so = -Wl,--no-tls-get-addr-optimize + endif + + ifneq (no,$(multi-arch)) +diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile +index b76b72ca4d..d39c2e8968 100644 +--- a/sysdeps/x86/Makefile ++++ b/sysdeps/x86/Makefile +@@ -4,7 +4,13 @@ endif + + ifeq ($(subdir),elf) + sysdep_routines += get-cpuid-feature-leaf +-sysdep-dl-routines += dl-get-cpu-features ++sysdep-dl-routines += \ ++ dl-get-cpu-features \ ++ dl-tlsdesc \ ++ tls_get_addr \ ++ tlsdesc \ ++# sysdep-dl-routines ++ + sysdep_headers += \ + bits/platform/features.h \ + bits/platform/x86.h \ +@@ -111,6 +117,14 @@ $(objpfx)tst-gnu2-tls2-x86-noxsavexsavec.out: \ + $(objpfx)tst-gnu2-tls2mod0.so \ + $(objpfx)tst-gnu2-tls2mod1.so \ + $(objpfx)tst-gnu2-tls2mod2.so ++ ++CFLAGS-tst-tls23.c += -msse2 ++CFLAGS-tst-tls23-mod.c += -msse2 -mtune=haswell ++ ++LDFLAGS-tst-tls23 += -rdynamic ++tst-tls23-mod.so-no-z-defs = yes ++ ++$(objpfx)tst-tls23-mod.so: $(libsupport) + endif + + ifeq ($(subdir),math) +diff --git a/sysdeps/x86/sysdep.h b/sysdeps/x86/sysdep.h +index 0f744859a0..13948ae2e8 100644 +--- a/sysdeps/x86/sysdep.h ++++ b/sysdeps/x86/sysdep.h +@@ -183,6 +183,29 @@ + + #define atom_text_section .section ".text.atom", "ax" + ++#ifndef DL_STACK_ALIGNMENT ++/* Due to GCC bug: ++ ++ https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58066 ++ ++ __tls_get_addr may be called with 8-byte/4-byte stack alignment. ++ Although this bug has been fixed in GCC 4.9.4, 5.3 and 6, we can't ++ assume that stack will be always aligned at 16 bytes. */ ++# ifdef __x86_64__ ++# define DL_STACK_ALIGNMENT 8 ++# define MINIMUM_ALIGNMENT 16 ++# else ++# define DL_STACK_ALIGNMENT 4 ++# endif ++#endif ++ ++/* True if _dl_runtime_resolve/_dl_tlsdesc_dynamic should align stack for ++ STATE_SAVE or align stack to MINIMUM_ALIGNMENT bytes before calling ++ _dl_fixup/__tls_get_addr. */ ++#define DL_RUNTIME_RESOLVE_REALIGN_STACK \ ++ (STATE_SAVE_ALIGNMENT > DL_STACK_ALIGNMENT \ ++ || MINIMUM_ALIGNMENT > DL_STACK_ALIGNMENT) ++ + #endif /* __ASSEMBLER__ */ + + #endif /* _X86_SYSDEP_H */ +diff --git a/sysdeps/x86/tst-tls23.c b/sysdeps/x86/tst-tls23.c +new file mode 100644 +index 0000000000..6130d91cf8 +--- /dev/null ++++ b/sysdeps/x86/tst-tls23.c +@@ -0,0 +1,22 @@ ++#ifndef __x86_64__ ++#include ++ ++#define IS_SUPPORTED() CPU_FEATURE_ACTIVE (SSE2) ++#endif ++ ++/* Set XMM0...XMM7 to all 1s. */ ++#define PREPARE_MALLOC() \ ++{ \ ++ asm volatile ("pcmpeqd %%xmm0, %%xmm0" : : : "xmm0" ); \ ++ asm volatile ("pcmpeqd %%xmm1, %%xmm1" : : : "xmm1" ); \ ++ asm volatile ("pcmpeqd %%xmm2, %%xmm2" : : : "xmm2" ); \ ++ asm volatile ("pcmpeqd %%xmm3, %%xmm3" : : : "xmm3" ); \ ++ asm volatile ("pcmpeqd %%xmm4, %%xmm4" : : : "xmm4" ); \ ++ asm volatile ("pcmpeqd %%xmm5, %%xmm5" : : : "xmm5" ); \ ++ asm volatile ("pcmpeqd %%xmm6, %%xmm6" : : : "xmm6" ); \ ++ asm volatile ("pcmpeqd %%xmm7, %%xmm7" : : : "xmm7" ); \ ++} ++ ++#include ++ ++v2di v1, v2, v3; +diff --git a/sysdeps/x86/tst-tls23.h b/sysdeps/x86/tst-tls23.h +new file mode 100644 +index 0000000000..21cee4ca07 +--- /dev/null ++++ b/sysdeps/x86/tst-tls23.h +@@ -0,0 +1,35 @@ ++/* Test that __tls_get_addr preserves XMM registers. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++typedef long long v2di __attribute__((vector_size(16))); ++extern v2di v1, v2, v3; ++ ++#define BEFORE_TLS_CALL() \ ++ v1 = __extension__(v2di){0, 0}; \ ++ v2 = __extension__(v2di){0, 0}; ++ ++#define AFTER_TLS_CALL() \ ++ v3 = __extension__(v2di){0, 0}; \ ++ asm volatile ("" : "+x" (v3)); \ ++ union { v2di x; long long a[2]; } u; \ ++ u.x = v3; \ ++ TEST_VERIFY_EXIT (u.a[0] == 0 && u.a[1] == 0); ++ ++#include +diff --git a/sysdeps/x86_64/Makefile b/sysdeps/x86_64/Makefile +index 75c5029b36..9c8af27300 100644 +--- a/sysdeps/x86_64/Makefile ++++ b/sysdeps/x86_64/Makefile +@@ -32,9 +32,6 @@ ifeq ($(subdir),elf) + CFLAGS-.os += $(if $(filter $(@F),$(patsubst %,%.os,$(all-rtld-routines))),\ + -mno-mmx) + +-sysdep-dl-routines += tlsdesc dl-tlsdesc tls_get_addr +- +-tests += ifuncmain8 + modules-names += ifuncmod8 + + $(objpfx)ifuncmain8: $(objpfx)ifuncmod8.so +diff --git a/sysdeps/x86_64/dl-tlsdesc.S b/sysdeps/x86_64/dl-tlsdesc.S +index 6f97128187..1b80dd8a8c 100644 +--- a/sysdeps/x86_64/dl-tlsdesc.S ++++ b/sysdeps/x86_64/dl-tlsdesc.S +@@ -21,7 +21,6 @@ + #include + #include + #include "tlsdesc.h" +-#include "dl-trampoline-save.h" + + /* Area on stack to save and restore registers used for parameter + passing when calling _dl_tlsdesc_dynamic. */ +diff --git a/sysdeps/x86_64/dl-trampoline.S b/sysdeps/x86_64/dl-trampoline.S +index e84d6ffcb3..24616bb8a8 100644 +--- a/sysdeps/x86_64/dl-trampoline.S ++++ b/sysdeps/x86_64/dl-trampoline.S +@@ -22,7 +22,6 @@ + #include + #include + #include +-#include "dl-trampoline-save.h" + + /* Area on stack to save and restore registers used for parameter + passing when calling _dl_fixup. */ +-- +2.39.3 + diff --git a/libio-Attempt-wide-backup-free-only-for-non-legacy-c.patch b/libio-Attempt-wide-backup-free-only-for-non-legacy-c.patch new file mode 100644 index 0000000..322b185 --- /dev/null +++ b/libio-Attempt-wide-backup-free-only-for-non-legacy-c.patch @@ -0,0 +1,54 @@ +From 370be858928c2c537c112859ccd54cd1b0d56715 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 3 Sep 2024 14:58:33 -0400 +Subject: [PATCH] libio: Attempt wide backup free only for non-legacy code + +_wide_data and _mode are not available in legacy code, so do not attempt +to free the wide backup buffer in legacy code. + +Resolves: BZ #32137 and BZ #27821 + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: Florian Weimer +(cherry picked from commit ae4d44b1d501421ad9a3af95279b8f4d1546f1ce) +--- + NEWS | 2 ++ + libio/genops.c | 2 +- + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index 7a9a4b7ea3..a2adce11ff 100644 +--- a/NEWS ++++ b/NEWS +@@ -36,6 +36,7 @@ Security related changes: + + The following bugs are resolved with this release: + ++ [27821] ungetc: Fix backup buffer leak on program exit + [29039] Corrupt DTV after reuse of a TLS module ID following dlclose with unused TLS + [30081] resolv: Do not wait for non-existing second DNS response after error + [30694] The iconv program no longer tells the user which given encoding name was wrong +@@ -57,6 +58,7 @@ The following bugs are resolved with this release: + [31965] rseq extension mechanism does not work as intended + [31968] mremap implementation in C does not handle arguments correctly + [32052] Name space violation in fortify wrappers ++ [32137] libio: Attempt wide backup free only for non-legacy code + + Version 2.38 + +diff --git a/libio/genops.c b/libio/genops.c +index fb06245467..7b30aab095 100644 +--- a/libio/genops.c ++++ b/libio/genops.c +@@ -792,7 +792,7 @@ _IO_unbuffer_all (void) + /* Free up the backup area if it was ever allocated. */ + if (_IO_have_backup (fp)) + _IO_free_backup_area (fp); +- if (fp->_mode > 0 && _IO_have_wbackup (fp)) ++ if (!legacy && fp->_mode > 0 && _IO_have_wbackup (fp)) + _IO_free_wbackup_area (fp); + + if (! (fp->_flags & _IO_UNBUFFERED) +-- +2.27.0 + diff --git a/libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch b/libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch new file mode 100644 index 0000000..83f974e --- /dev/null +++ b/libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch @@ -0,0 +1,48 @@ +From cfe121910013a46e2477562282c56ae8062089aa Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 2 Jan 2024 14:36:17 +0100 +Subject: [PATCH 9/9] libio: Check remaining buffer size in _IO_wdo_write (bug + 31183) + +The multibyte character needs to fit into the remaining buffer space, +not the already-written buffer space. Without the fix, we were never +moving the write pointer from the start of the buffer, always using +the single-character fallback buffer. + +Fixes commit 04b76b5aa8b2d1d19066e42dd1 ("Don't error out writing +a multibyte character to an unbuffered stream (bug 17522)"). + +(cherry picked from commit ecc7c3deb9f347649c2078fcc0f94d4cedf92d60) +--- + NEWS | 1 + + libio/wfileops.c | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index 905230b838..6768c2da6f 100644 +--- a/NEWS ++++ b/NEWS +@@ -43,6 +43,7 @@ The following bugs are resolved with this release: + -D_FILE_OFFSET_BITS=64 + [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) + [30843] potential use-after-free in getcanonname (CVE-2023-4806) ++ [31183] Wide stream buffer size reduced MB_LEN_MAX bytes after bug 17522 fix + [31184] FAIL: elf/tst-tlsgap + [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic + +diff --git a/libio/wfileops.c b/libio/wfileops.c +index f16f6db1c3..9ab8f2e7f3 100644 +--- a/libio/wfileops.c ++++ b/libio/wfileops.c +@@ -55,7 +55,7 @@ _IO_wdo_write (FILE *fp, const wchar_t *data, size_t to_do) + char mb_buf[MB_LEN_MAX]; + char *write_base, *write_ptr, *buf_end; + +- if (fp->_IO_write_ptr - fp->_IO_write_base < sizeof (mb_buf)) ++ if (fp->_IO_buf_end - fp->_IO_write_ptr < sizeof (mb_buf)) + { + /* Make sure we have room for at least one multibyte + character. */ +-- +2.33.0 + diff --git a/0001-glibc-2.38-memalign_fix-1.patch b/malloc-Enable-merging-of-remainders-in-memalign-bug-.patch similarity index 54% rename from 0001-glibc-2.38-memalign_fix-1.patch rename to malloc-Enable-merging-of-remainders-in-memalign-bug-.patch index b04c21f..38f39e1 100644 --- a/0001-glibc-2.38-memalign_fix-1.patch +++ b/malloc-Enable-merging-of-remainders-in-memalign-bug-.patch @@ -1,19 +1,7 @@ -Submitted By: Xi Ruoyao -Date: 2023-08-13 -Initial Package Version: 2.38 -Upstream Status: Under review -Origin: Upstream & Self - - 1/3: https://sourceware.org/git/?p=glibc.git;a=patch;h=542b11058525 - - 2/3: https://sourceware.org/pipermail/libc-alpha/2023-August/150857.html - - 3/3: Trivial unused code removal -Description: Fixes a regression causing posix_memalign() - very slow in certain conditions to avoid - breaking ffmpeg-based applications. - -From fc01478d06658ace8d57e5328c1e717275acfe84 Mon Sep 17 00:00:00 2001 +From 98c293c61f770b6b7a22f89a6ea81b711ecb1952 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Fri, 11 Aug 2023 11:18:17 +0200 -Subject: [PATCH 1/3] malloc: Enable merging of remainders in memalign (bug +Subject: [PATCH 06/12] malloc: Enable merging of remainders in memalign (bug 30723) Previously, calling _int_free from _int_memalign could put remainders @@ -309,277 +297,5 @@ index e2f1a615a4..948f9759af 100644 check_inuse_chunk (av, p); -- -2.41.0 - -From b37e836b7cc2dba672e1de1cc7e076ba1c712614 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Fri, 11 Aug 2023 17:48:13 +0200 -Subject: [PATCH 2/3] malloc: Remove bin scanning from memalign (bug 30723) - -On the test workload (mpv --cache=yes with VP9 video decoding), the -bin scanning has a very poor success rate (less than 2%). The tcache -scanning has about 50% success rate, so keep that. - -Update comments in malloc/tst-memalign-2 to indicate the purpose -of the tests. Even with the scanning removed, the additional -merging opportunities since commit 542b1105852568c3ebc712225ae78b -("malloc: Enable merging of remainders in memalign (bug 30723)") -are sufficient to pass the existing large bins test. - -Link: https://sourceware.org/pipermail/libc-alpha/2023-August/150857.html ---- - malloc/malloc.c | 127 ++-------------------------------------- - malloc/tst-memalign-2.c | 7 ++- - 2 files changed, 10 insertions(+), 124 deletions(-) - -diff --git a/malloc/malloc.c b/malloc/malloc.c -index 948f9759af..9c2cab7a59 100644 ---- a/malloc/malloc.c -+++ b/malloc/malloc.c -@@ -5082,7 +5082,6 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) - mchunkptr remainder; /* spare room at end to split off */ - unsigned long remainder_size; /* its size */ - INTERNAL_SIZE_T size; -- mchunkptr victim; - - nb = checked_request2size (bytes); - if (nb == 0) -@@ -5101,129 +5100,13 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) - we don't find anything in those bins, the common malloc code will - scan starting at 2x. */ - -- /* This will be set if we found a candidate chunk. */ -- victim = NULL; -+ /* Call malloc with worst case padding to hit alignment. */ -+ m = (char *) (_int_malloc (av, nb + alignment + MINSIZE)); - -- /* Fast bins are singly-linked, hard to remove a chunk from the middle -- and unlikely to meet our alignment requirements. We have not done -- any experimentation with searching for aligned fastbins. */ -+ if (m == 0) -+ return 0; /* propagate failure */ - -- if (av != NULL) -- { -- int first_bin_index; -- int first_largebin_index; -- int last_bin_index; -- -- if (in_smallbin_range (nb)) -- first_bin_index = smallbin_index (nb); -- else -- first_bin_index = largebin_index (nb); -- -- if (in_smallbin_range (nb * 2)) -- last_bin_index = smallbin_index (nb * 2); -- else -- last_bin_index = largebin_index (nb * 2); -- -- first_largebin_index = largebin_index (MIN_LARGE_SIZE); -- -- int victim_index; /* its bin index */ -- -- for (victim_index = first_bin_index; -- victim_index < last_bin_index; -- victim_index ++) -- { -- victim = NULL; -- -- if (victim_index < first_largebin_index) -- { -- /* Check small bins. Small bin chunks are doubly-linked despite -- being the same size. */ -- -- mchunkptr fwd; /* misc temp for linking */ -- mchunkptr bck; /* misc temp for linking */ -- -- bck = bin_at (av, victim_index); -- fwd = bck->fd; -- while (fwd != bck) -- { -- if (chunk_ok_for_memalign (fwd, alignment, nb) > 0) -- { -- victim = fwd; -- -- /* Unlink it */ -- victim->fd->bk = victim->bk; -- victim->bk->fd = victim->fd; -- break; -- } -- -- fwd = fwd->fd; -- } -- } -- else -- { -- /* Check large bins. */ -- mchunkptr fwd; /* misc temp for linking */ -- mchunkptr bck; /* misc temp for linking */ -- mchunkptr best = NULL; -- size_t best_size = 0; -- -- bck = bin_at (av, victim_index); -- fwd = bck->fd; -- -- while (fwd != bck) -- { -- int extra; -- -- if (chunksize (fwd) < nb) -- break; -- extra = chunk_ok_for_memalign (fwd, alignment, nb); -- if (extra > 0 -- && (extra <= best_size || best == NULL)) -- { -- best = fwd; -- best_size = extra; -- } -- -- fwd = fwd->fd; -- } -- victim = best; -- -- if (victim != NULL) -- { -- unlink_chunk (av, victim); -- break; -- } -- } -- -- if (victim != NULL) -- break; -- } -- } -- -- /* Strategy: find a spot within that chunk that meets the alignment -- request, and then possibly free the leading and trailing space. -- This strategy is incredibly costly and can lead to external -- fragmentation if header and footer chunks are unused. */ -- -- if (victim != NULL) -- { -- p = victim; -- m = chunk2mem (p); -- set_inuse (p); -- if (av != &main_arena) -- set_non_main_arena (p); -- } -- else -- { -- /* Call malloc with worst case padding to hit alignment. */ -- -- m = (char *) (_int_malloc (av, nb + alignment + MINSIZE)); -- -- if (m == 0) -- return 0; /* propagate failure */ -- -- p = mem2chunk (m); -- } -+ p = mem2chunk (m); - - if ((((unsigned long) (m)) % alignment) != 0) /* misaligned */ - { -diff --git a/malloc/tst-memalign-2.c b/malloc/tst-memalign-2.c -index f229283dbf..ecd6fa249e 100644 ---- a/malloc/tst-memalign-2.c -+++ b/malloc/tst-memalign-2.c -@@ -86,7 +86,8 @@ do_test (void) - TEST_VERIFY (tcache_allocs[i].ptr1 == tcache_allocs[i].ptr2); - } - -- /* Test for non-head tcache hits. */ -+ /* Test for non-head tcache hits. This exercises the memalign -+ scanning code to find matching allocations. */ - for (i = 0; i < array_length (ptr); ++ i) - { - if (i == 4) -@@ -113,7 +114,9 @@ do_test (void) - free (p); - TEST_VERIFY (count > 0); - -- /* Large bins test. */ -+ /* Large bins test. This verifies that the over-allocated parts -+ that memalign releases for future allocations can be reused by -+ memalign itself at least in some cases. */ - - for (i = 0; i < LN; ++ i) - { --- -2.41.0 - -From 26973f7b09c33e67f6bcbc79371796c8dd334528 Mon Sep 17 00:00:00 2001 -From: Xi Ruoyao -Date: Mon, 14 Aug 2023 11:05:18 +0800 -Subject: [PATCH 3/3] malloc: Remove unused functions and variables - -Remove unused chunk_ok_for_memalign function and unused local variables -in _int_free. - -Signed-off-by: Xi Ruoyao ---- - malloc/malloc.c | 42 ------------------------------------------ - 1 file changed, 42 deletions(-) - -diff --git a/malloc/malloc.c b/malloc/malloc.c -index 9c2cab7a59..d0bbbf3710 100644 ---- a/malloc/malloc.c -+++ b/malloc/malloc.c -@@ -4488,12 +4488,6 @@ _int_free (mstate av, mchunkptr p, int have_lock) - { - INTERNAL_SIZE_T size; /* its size */ - mfastbinptr *fb; /* associated fastbin */ -- mchunkptr nextchunk; /* next contiguous chunk */ -- INTERNAL_SIZE_T nextsize; /* its size */ -- int nextinuse; /* true if nextchunk is used */ -- INTERNAL_SIZE_T prevsize; /* size of previous contiguous chunk */ -- mchunkptr bck; /* misc temp for linking */ -- mchunkptr fwd; /* misc temp for linking */ - - size = chunksize (p); - -@@ -5032,42 +5026,6 @@ _int_realloc (mstate av, mchunkptr oldp, INTERNAL_SIZE_T oldsize, - ------------------------------ memalign ------------------------------ - */ - --/* Returns 0 if the chunk is not and does not contain the requested -- aligned sub-chunk, else returns the amount of "waste" from -- trimming. NB is the *chunk* byte size, not the user byte -- size. */ --static size_t --chunk_ok_for_memalign (mchunkptr p, size_t alignment, size_t nb) --{ -- void *m = chunk2mem (p); -- INTERNAL_SIZE_T size = chunksize (p); -- void *aligned_m = m; -- -- if (__glibc_unlikely (misaligned_chunk (p))) -- malloc_printerr ("_int_memalign(): unaligned chunk detected"); -- -- aligned_m = PTR_ALIGN_UP (m, alignment); -- -- INTERNAL_SIZE_T front_extra = (intptr_t) aligned_m - (intptr_t) m; -- -- /* We can't trim off the front as it's too small. */ -- if (front_extra > 0 && front_extra < MINSIZE) -- return 0; -- -- /* If it's a perfect fit, it's an exception to the return value rule -- (we would return zero waste, which looks like "not usable"), so -- handle it here by returning a small non-zero value instead. */ -- if (size == nb && front_extra == 0) -- return 1; -- -- /* If the block we need fits in the chunk, calculate total waste. */ -- if (size > nb + front_extra) -- return size - nb; -- -- /* Can't use this chunk. */ -- return 0; --} -- - /* BYTES is user requested bytes, not requested chunksize bytes. */ - static void * - _int_memalign (mstate av, size_t alignment, size_t bytes) --- -2.41.0 +2.33.0 diff --git a/malloc-Improve-MAP_HUGETLB-with-glibc.malloc.hugetlb.patch b/malloc-Improve-MAP_HUGETLB-with-glibc.malloc.hugetlb.patch new file mode 100644 index 0000000..7f42d72 --- /dev/null +++ b/malloc-Improve-MAP_HUGETLB-with-glibc.malloc.hugetlb.patch @@ -0,0 +1,50 @@ +From bc6d79f4ae99206e7ec7d6a8c5abf26cdefc8bff Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Thu, 23 Nov 2023 14:29:15 -0300 +Subject: [PATCH] malloc: Improve MAP_HUGETLB with glibc.malloc.hugetlb=2 + +Even for explicit large page support, allocation might use mmap without +the hugepage bit set if the requested size is smaller than +mmap_threshold. For this case where mmap is issued, MAP_HUGETLB is set +iff the allocation size is larger than the used large page. + +To force such allocations to use large pages, also tune the mmap_threhold +(if it is not explicit set by a tunable). This forces allocation to +follow the sbrk path, which will fall back to mmap (which will try large +pages before galling back to default mmap). + +Checked on x86_64-linux-gnu. +Reviewed-by: DJ Delorie +Tested-by: Zhangfei Gao +--- + malloc/arena.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/malloc/arena.c b/malloc/arena.c +index a1a75e5a2b..c73f68890d 100644 +--- a/malloc/arena.c ++++ b/malloc/arena.c +@@ -312,10 +312,17 @@ ptmalloc_init (void) + # endif + TUNABLE_GET (mxfast, size_t, TUNABLE_CALLBACK (set_mxfast)); + TUNABLE_GET (hugetlb, size_t, TUNABLE_CALLBACK (set_hugetlb)); ++ + if (mp_.hp_pagesize > 0) +- /* Force mmap for main arena instead of sbrk, so hugepages are explicitly +- used. */ +- __always_fail_morecore = true; ++ { ++ /* Force mmap for main arena instead of sbrk, so MAP_HUGETLB is always ++ tried. Also tune the mmap threshold, so allocation smaller than the ++ large page will also try to use large pages by falling back ++ to sysmalloc_mmap_fallback on sysmalloc. */ ++ if (!TUNABLE_IS_INITIALIZED (mmap_threshold)) ++ do_set_mmap_threshold (mp_.hp_pagesize); ++ __always_fail_morecore = true; ++ } + } + + /* Managing heaps and arenas (for concurrent threads) */ +-- +2.27.0 + diff --git a/malloc-Remove-bin-scanning-from-memalign-bug-30723.patch b/malloc-Remove-bin-scanning-from-memalign-bug-30723.patch new file mode 100644 index 0000000..87db13c --- /dev/null +++ b/malloc-Remove-bin-scanning-from-memalign-bug-30723.patch @@ -0,0 +1,269 @@ +From 2af141bda3cd407abd4bedf615f9e45fe79518e2 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 10 Aug 2023 19:36:56 +0200 +Subject: [PATCH 07/12] malloc: Remove bin scanning from memalign (bug 30723) + +On the test workload (mpv --cache=yes with VP9 video decoding), the +bin scanning has a very poor success rate (less than 2%). The tcache +scanning has about 50% success rate, so keep that. + +Update comments in malloc/tst-memalign-2 to indicate the purpose +of the tests. Even with the scanning removed, the additional +merging opportunities since commit 542b1105852568c3ebc712225ae78b +("malloc: Enable merging of remainders in memalign (bug 30723)") +are sufficient to pass the existing large bins test. + +Remove leftover variables from _int_free from refactoring in the +same commit. + +Reviewed-by: DJ Delorie +(cherry picked from commit 0dc7fc1cf094406a138e4d1bcf9553e59edcf89d) +--- + NEWS | 1 + + malloc/malloc.c | 169 ++-------------------------------------- + malloc/tst-memalign-2.c | 7 +- + 3 files changed, 11 insertions(+), 166 deletions(-) + +diff --git a/NEWS b/NEWS +index 872bc8907b..c339cb444e 100644 +--- a/NEWS ++++ b/NEWS +@@ -132,6 +132,7 @@ The following bugs are resolved with this release: + [30555] string: strerror can incorrectly return NULL + [30579] malloc: trim_threshold in realloc lead to high memory usage + [30662] nscd: Group and password cache use errno in place of errval ++ [30723] posix_memalign repeatedly scans long bin lists + + Version 2.37 + +diff --git a/malloc/malloc.c b/malloc/malloc.c +index 948f9759af..d0bbbf3710 100644 +--- a/malloc/malloc.c ++++ b/malloc/malloc.c +@@ -4488,12 +4488,6 @@ _int_free (mstate av, mchunkptr p, int have_lock) + { + INTERNAL_SIZE_T size; /* its size */ + mfastbinptr *fb; /* associated fastbin */ +- mchunkptr nextchunk; /* next contiguous chunk */ +- INTERNAL_SIZE_T nextsize; /* its size */ +- int nextinuse; /* true if nextchunk is used */ +- INTERNAL_SIZE_T prevsize; /* size of previous contiguous chunk */ +- mchunkptr bck; /* misc temp for linking */ +- mchunkptr fwd; /* misc temp for linking */ + + size = chunksize (p); + +@@ -5032,42 +5026,6 @@ _int_realloc (mstate av, mchunkptr oldp, INTERNAL_SIZE_T oldsize, + ------------------------------ memalign ------------------------------ + */ + +-/* Returns 0 if the chunk is not and does not contain the requested +- aligned sub-chunk, else returns the amount of "waste" from +- trimming. NB is the *chunk* byte size, not the user byte +- size. */ +-static size_t +-chunk_ok_for_memalign (mchunkptr p, size_t alignment, size_t nb) +-{ +- void *m = chunk2mem (p); +- INTERNAL_SIZE_T size = chunksize (p); +- void *aligned_m = m; +- +- if (__glibc_unlikely (misaligned_chunk (p))) +- malloc_printerr ("_int_memalign(): unaligned chunk detected"); +- +- aligned_m = PTR_ALIGN_UP (m, alignment); +- +- INTERNAL_SIZE_T front_extra = (intptr_t) aligned_m - (intptr_t) m; +- +- /* We can't trim off the front as it's too small. */ +- if (front_extra > 0 && front_extra < MINSIZE) +- return 0; +- +- /* If it's a perfect fit, it's an exception to the return value rule +- (we would return zero waste, which looks like "not usable"), so +- handle it here by returning a small non-zero value instead. */ +- if (size == nb && front_extra == 0) +- return 1; +- +- /* If the block we need fits in the chunk, calculate total waste. */ +- if (size > nb + front_extra) +- return size - nb; +- +- /* Can't use this chunk. */ +- return 0; +-} +- + /* BYTES is user requested bytes, not requested chunksize bytes. */ + static void * + _int_memalign (mstate av, size_t alignment, size_t bytes) +@@ -5082,7 +5040,6 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) + mchunkptr remainder; /* spare room at end to split off */ + unsigned long remainder_size; /* its size */ + INTERNAL_SIZE_T size; +- mchunkptr victim; + + nb = checked_request2size (bytes); + if (nb == 0) +@@ -5101,129 +5058,13 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) + we don't find anything in those bins, the common malloc code will + scan starting at 2x. */ + +- /* This will be set if we found a candidate chunk. */ +- victim = NULL; +- +- /* Fast bins are singly-linked, hard to remove a chunk from the middle +- and unlikely to meet our alignment requirements. We have not done +- any experimentation with searching for aligned fastbins. */ +- +- if (av != NULL) +- { +- int first_bin_index; +- int first_largebin_index; +- int last_bin_index; +- +- if (in_smallbin_range (nb)) +- first_bin_index = smallbin_index (nb); +- else +- first_bin_index = largebin_index (nb); +- +- if (in_smallbin_range (nb * 2)) +- last_bin_index = smallbin_index (nb * 2); +- else +- last_bin_index = largebin_index (nb * 2); +- +- first_largebin_index = largebin_index (MIN_LARGE_SIZE); +- +- int victim_index; /* its bin index */ +- +- for (victim_index = first_bin_index; +- victim_index < last_bin_index; +- victim_index ++) +- { +- victim = NULL; +- +- if (victim_index < first_largebin_index) +- { +- /* Check small bins. Small bin chunks are doubly-linked despite +- being the same size. */ +- +- mchunkptr fwd; /* misc temp for linking */ +- mchunkptr bck; /* misc temp for linking */ +- +- bck = bin_at (av, victim_index); +- fwd = bck->fd; +- while (fwd != bck) +- { +- if (chunk_ok_for_memalign (fwd, alignment, nb) > 0) +- { +- victim = fwd; +- +- /* Unlink it */ +- victim->fd->bk = victim->bk; +- victim->bk->fd = victim->fd; +- break; +- } +- +- fwd = fwd->fd; +- } +- } +- else +- { +- /* Check large bins. */ +- mchunkptr fwd; /* misc temp for linking */ +- mchunkptr bck; /* misc temp for linking */ +- mchunkptr best = NULL; +- size_t best_size = 0; +- +- bck = bin_at (av, victim_index); +- fwd = bck->fd; ++ /* Call malloc with worst case padding to hit alignment. */ ++ m = (char *) (_int_malloc (av, nb + alignment + MINSIZE)); + +- while (fwd != bck) +- { +- int extra; +- +- if (chunksize (fwd) < nb) +- break; +- extra = chunk_ok_for_memalign (fwd, alignment, nb); +- if (extra > 0 +- && (extra <= best_size || best == NULL)) +- { +- best = fwd; +- best_size = extra; +- } ++ if (m == 0) ++ return 0; /* propagate failure */ + +- fwd = fwd->fd; +- } +- victim = best; +- +- if (victim != NULL) +- { +- unlink_chunk (av, victim); +- break; +- } +- } +- +- if (victim != NULL) +- break; +- } +- } +- +- /* Strategy: find a spot within that chunk that meets the alignment +- request, and then possibly free the leading and trailing space. +- This strategy is incredibly costly and can lead to external +- fragmentation if header and footer chunks are unused. */ +- +- if (victim != NULL) +- { +- p = victim; +- m = chunk2mem (p); +- set_inuse (p); +- if (av != &main_arena) +- set_non_main_arena (p); +- } +- else +- { +- /* Call malloc with worst case padding to hit alignment. */ +- +- m = (char *) (_int_malloc (av, nb + alignment + MINSIZE)); +- +- if (m == 0) +- return 0; /* propagate failure */ +- +- p = mem2chunk (m); +- } ++ p = mem2chunk (m); + + if ((((unsigned long) (m)) % alignment) != 0) /* misaligned */ + { +diff --git a/malloc/tst-memalign-2.c b/malloc/tst-memalign-2.c +index f229283dbf..ecd6fa249e 100644 +--- a/malloc/tst-memalign-2.c ++++ b/malloc/tst-memalign-2.c +@@ -86,7 +86,8 @@ do_test (void) + TEST_VERIFY (tcache_allocs[i].ptr1 == tcache_allocs[i].ptr2); + } + +- /* Test for non-head tcache hits. */ ++ /* Test for non-head tcache hits. This exercises the memalign ++ scanning code to find matching allocations. */ + for (i = 0; i < array_length (ptr); ++ i) + { + if (i == 4) +@@ -113,7 +114,9 @@ do_test (void) + free (p); + TEST_VERIFY (count > 0); + +- /* Large bins test. */ ++ /* Large bins test. This verifies that the over-allocated parts ++ that memalign releases for future allocations can be reused by ++ memalign itself at least in some cases. */ + + for (i = 0; i < LN; ++ i) + { +-- +2.33.0 + diff --git a/malloc-add-indirection-for-malloc-like-functions-in-.patch b/malloc-add-indirection-for-malloc-like-functions-in-.patch new file mode 100644 index 0000000..1388b2b --- /dev/null +++ b/malloc-add-indirection-for-malloc-like-functions-in-.patch @@ -0,0 +1,187 @@ +From 879f0ee122477e2b08b7cabea104338d9a9198eb Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Mon, 9 Dec 2024 23:11:25 +0000 +Subject: [PATCH] malloc: add indirection for malloc(-like) functions in + tests [BZ #32366] + +GCC 15 introduces allocation dead code removal (DCE) for PR117370 in +r15-5255-g7828dc070510f8. This breaks various glibc tests which want +to assert various properties of the allocator without doing anything +obviously useful with the allocated memory. + +Alexander Monakov rightly pointed out that we can and should do better +than passing -fno-malloc-dce to paper over the problem. Not least because +GCC 14 already does such DCE where there's no testing of malloc's return +value against NULL, and LLVM has such optimisations too. + +Handle this by providing malloc (and friends) wrappers with a volatile +function pointer to obscure that we're calling malloc (et. al) from the +compiler. + +Reviewed-by: Paul Eggert +(cherry picked from commit a9944a52c967ce76a5894c30d0274b824df43c7a) +--- + malloc/tst-aligned-alloc.c | 2 ++ + malloc/tst-compathooks-off.c | 2 ++ + malloc/tst-malloc-aux.h | 41 +++++++++++++++++++++++++++++++++++ + malloc/tst-malloc-check.c | 2 ++ + malloc/tst-malloc-too-large.c | 1 + + malloc/tst-malloc.c | 2 ++ + malloc/tst-realloc.c | 2 ++ + support/support.h | 2 +- + test-skeleton.c | 1 - + 9 files changed, 53 insertions(+), 2 deletions(-) + create mode 100644 malloc/tst-malloc-aux.h + +diff --git a/malloc/tst-aligned-alloc.c b/malloc/tst-aligned-alloc.c +index 8bd6527147..39f0cd22c0 100644 +--- a/malloc/tst-aligned-alloc.c ++++ b/malloc/tst-aligned-alloc.c +@@ -25,6 +25,8 @@ + #include + #include + ++#include "tst-malloc-aux.h" ++ + static int + do_test (void) + { +diff --git a/malloc/tst-compathooks-off.c b/malloc/tst-compathooks-off.c +index 134d7ea107..cd8043d6f5 100644 +--- a/malloc/tst-compathooks-off.c ++++ b/malloc/tst-compathooks-off.c +@@ -25,6 +25,8 @@ + #include + #include + ++#include "tst-malloc-aux.h" ++ + extern void (*volatile __free_hook) (void *, const void *); + extern void *(*volatile __malloc_hook)(size_t, const void *); + extern void *(*volatile __realloc_hook)(void *, size_t, const void *); +diff --git a/malloc/tst-malloc-aux.h b/malloc/tst-malloc-aux.h +new file mode 100644 +index 0000000000..54908b4a24 +--- /dev/null ++++ b/malloc/tst-malloc-aux.h +@@ -0,0 +1,41 @@ ++/* Wrappers for malloc-like functions to allow testing the implementation ++ without optimization. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public License as ++ published by the Free Software Foundation; either version 2.1 of the ++ License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; see the file COPYING.LIB. If ++ not, see . */ ++ ++#ifndef TST_MALLOC_AUX_H ++#define TST_MALLOC_AUX_H ++ ++#include ++#include ++ ++static void *(*volatile aligned_alloc_indirect)(size_t, size_t) = aligned_alloc; ++static void *(*volatile calloc_indirect)(size_t, size_t) = calloc; ++static void *(*volatile malloc_indirect)(size_t) = malloc; ++static void *(*volatile realloc_indirect)(void*, size_t) = realloc; ++ ++#undef aligned_alloc ++#undef calloc ++#undef malloc ++#undef realloc ++ ++#define aligned_alloc aligned_alloc_indirect ++#define calloc calloc_indirect ++#define malloc malloc_indirect ++#define realloc realloc_indirect ++ ++#endif /* TST_MALLOC_AUX_H */ +diff --git a/malloc/tst-malloc-check.c b/malloc/tst-malloc-check.c +index df9fd67c13..18c6f28f80 100644 +--- a/malloc/tst-malloc-check.c ++++ b/malloc/tst-malloc-check.c +@@ -20,6 +20,8 @@ + #include + #include + ++#include "tst-malloc-aux.h" ++ + static int errors = 0; + + static void +diff --git a/malloc/tst-malloc-too-large.c b/malloc/tst-malloc-too-large.c +index 5be6800b89..44979018b8 100644 +--- a/malloc/tst-malloc-too-large.c ++++ b/malloc/tst-malloc-too-large.c +@@ -43,6 +43,7 @@ + #include + #include + ++#include "tst-malloc-aux.h" + + /* This function prepares for each 'too-large memory allocation' test by + performing a small successful malloc/free and resetting errno prior to +diff --git a/malloc/tst-malloc.c b/malloc/tst-malloc.c +index 0da5a8f263..7b337e6e09 100644 +--- a/malloc/tst-malloc.c ++++ b/malloc/tst-malloc.c +@@ -20,6 +20,8 @@ + #include + #include + ++#include "tst-malloc-aux.h" ++ + static int errors = 0; + + static void +diff --git a/malloc/tst-realloc.c b/malloc/tst-realloc.c +index fb661d312e..b35a5a2125 100644 +--- a/malloc/tst-realloc.c ++++ b/malloc/tst-realloc.c +@@ -23,6 +23,8 @@ + #include + #include + ++#include "tst-malloc-aux.h" ++ + static int + do_test (void) + { +diff --git a/support/support.h b/support/support.h +index b7f76bf080..3742f26b55 100644 +--- a/support/support.h ++++ b/support/support.h +@@ -113,7 +113,7 @@ void *xposix_memalign (size_t alignment, size_t n) + __attribute_malloc__ __attribute_alloc_align__ ((1)) + __attribute_alloc_size__ ((2)) __attr_dealloc_free __returns_nonnull; + char *xasprintf (const char *format, ...) +- __attribute__ ((format (printf, 1, 2), malloc)) __attr_dealloc_free ++ __attribute__ ((format (printf, 1, 2), __malloc__)) __attr_dealloc_free + __returns_nonnull; + char *xstrdup (const char *) __attr_dealloc_free __returns_nonnull; + char *xstrndup (const char *, size_t) __attr_dealloc_free __returns_nonnull; +diff --git a/test-skeleton.c b/test-skeleton.c +index efd52a6fa4..508522fa33 100644 +--- a/test-skeleton.c ++++ b/test-skeleton.c +@@ -27,7 +27,6 @@ + #include + #include + #include +-#include + #include + #include + #include +-- +2.27.0 + diff --git a/malloc-cleanup-casts-in-tst-calloc.patch b/malloc-cleanup-casts-in-tst-calloc.patch new file mode 100644 index 0000000..b5e9708 --- /dev/null +++ b/malloc-cleanup-casts-in-tst-calloc.patch @@ -0,0 +1,32 @@ +From 21019afe6528f10b9a00e86df03a79a477037781 Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Mon, 13 Jan 2025 02:27:41 +0000 +Subject: [PATCH] malloc: cleanup casts in tst-calloc + +Followup to c3d1dac96bdd10250aa37bb367d5ef8334a093a1. As pointed out by +Maciej W. Rozycki, the casts are obviously useless now. + +Reviewed-by: H.J. Lu +(cherry picked from commit fc8f253d808ade5e97c93b363bd1932023e770ba) +--- + malloc/tst-calloc.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/malloc/tst-calloc.c b/malloc/tst-calloc.c +index d708a0fbeb..3d2e3d9fda 100644 +--- a/malloc/tst-calloc.c ++++ b/malloc/tst-calloc.c +@@ -106,8 +106,8 @@ null_test (void) + calloc (0, 0); + calloc (0, max_size); + calloc (max_size, 0); +- calloc (0, ~((size_t) zero_size)); +- calloc (~((size_t) zero_size), 0); ++ calloc (0, ~zero_size); ++ calloc (~zero_size, 0); + DIAG_POP_NEEDS_COMMENT; + } + +-- +2.27.0 + diff --git a/malloc-obscure-calloc-use-in-tst-calloc.patch b/malloc-obscure-calloc-use-in-tst-calloc.patch new file mode 100644 index 0000000..067ddba --- /dev/null +++ b/malloc-obscure-calloc-use-in-tst-calloc.patch @@ -0,0 +1,60 @@ +From a637f2c42ffa216571575f6cd8af6ebd8b9334db Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Fri, 10 Jan 2025 03:03:47 +0000 +Subject: [PATCH] malloc: obscure calloc use in tst-calloc + +Similar to a9944a52c967ce76a5894c30d0274b824df43c7a and +f9493a15ea9cfb63a815c00c23142369ec09d8ce, we need to hide calloc use from +the compiler to accommodate GCC's r15-6566-g804e9d55d9e54c change. + +First, include tst-malloc-aux.h, but then use `volatile` variables +for size. + +The test passes without the tst-malloc-aux.h change but IMO we want +it there for consistency and to avoid future problems (possibly silent). + +Reviewed-by: H.J. Lu +(cherry picked from commit c3d1dac96bdd10250aa37bb367d5ef8334a093a1) +--- + malloc/tst-calloc.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/malloc/tst-calloc.c b/malloc/tst-calloc.c +index 50b1d7d603..d708a0fbeb 100644 +--- a/malloc/tst-calloc.c ++++ b/malloc/tst-calloc.c +@@ -23,6 +23,7 @@ + #include + #include + ++#include "tst-malloc-aux.h" + + /* Number of samples per size. */ + #define N 50000 +@@ -94,16 +95,19 @@ random_test (void) + static void + null_test (void) + { ++ /* Obscure allocation size from the compiler. */ ++ volatile size_t max_size = UINT_MAX; ++ volatile size_t zero_size = 0; + /* If the size is 0 the result is implementation defined. Just make + sure the program doesn't crash. The result of calloc is + deliberately ignored, so do not warn about that. */ + DIAG_PUSH_NEEDS_COMMENT; + DIAG_IGNORE_NEEDS_COMMENT (10, "-Wunused-result"); + calloc (0, 0); +- calloc (0, UINT_MAX); +- calloc (UINT_MAX, 0); +- calloc (0, ~((size_t) 0)); +- calloc (~((size_t) 0), 0); ++ calloc (0, max_size); ++ calloc (max_size, 0); ++ calloc (0, ~((size_t) zero_size)); ++ calloc (~((size_t) zero_size), 0); + DIAG_POP_NEEDS_COMMENT; + } + +-- +2.27.0 + diff --git a/math-Improve-layout-of-exp-exp10-data.patch b/math-Improve-layout-of-exp-exp10-data.patch new file mode 100644 index 0000000..a0da041 --- /dev/null +++ b/math-Improve-layout-of-exp-exp10-data.patch @@ -0,0 +1,39 @@ +From 5a08d049dc5037e89eb95bb1506652f0043fa39e Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Fri, 13 Dec 2024 15:43:07 +0000 +Subject: [PATCH] math: Improve layout of exp/exp10 data + +GCC aligns global data to 16 bytes if their size is >= 16 bytes. This patch +changes the exp_data struct slightly so that the fields are better aligned +and without gaps. As a result on targets that support them, more load-pair +instructions are used in exp. + +The exp benchmark improves 2.5%, "144bits" by 7.2%, "768bits" by 12.7% on +Neoverse V2. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 5afaf99edb326fd9f36eb306a828d129a3a1d7f7) +--- + sysdeps/ieee754/dbl-64/math_config.h | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/ieee754/dbl-64/math_config.h b/sysdeps/ieee754/dbl-64/math_config.h +index 19af33fd86..52b720ecd1 100644 +--- a/sysdeps/ieee754/dbl-64/math_config.h ++++ b/sysdeps/ieee754/dbl-64/math_config.h +@@ -195,10 +195,11 @@ check_uflow (double x) + extern const struct exp_data + { + double invln2N; +- double shift; + double negln2hiN; + double negln2loN; + double poly[4]; /* Last four coefficients. */ ++ double shift; ++ + double exp2_shift; + double exp2_poly[EXP2_POLY_ORDER]; + uint64_t tab[2*(1 << EXP_TABLE_BITS)]; +-- +2.27.0 + diff --git a/math-Improve-layout-of-expf-data.patch b/math-Improve-layout-of-expf-data.patch new file mode 100644 index 0000000..aa3ee5e --- /dev/null +++ b/math-Improve-layout-of-expf-data.patch @@ -0,0 +1,34 @@ +From 3de5112326a4274c97f154f3d335c11965ee960c Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Wed, 24 Jul 2024 15:17:47 +0100 +Subject: [PATCH] math: Improve layout of expf data + +GCC aligns global data to 16 bytes if their size is >= 16 bytes. This patch +changes the exp2f_data struct slightly so that the fields are better aligned. +As a result on targets that support them, load-pair instructions accessing +poly_scaled and invln2_scaled are now 16-byte aligned. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 44fa9c1080fe6a9539f0d2345b9d2ae37b8ee57a) +--- + sysdeps/ieee754/flt-32/math_config.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysdeps/ieee754/flt-32/math_config.h b/sysdeps/ieee754/flt-32/math_config.h +index d1b06a1a90..5904eb9bac 100644 +--- a/sysdeps/ieee754/flt-32/math_config.h ++++ b/sysdeps/ieee754/flt-32/math_config.h +@@ -166,9 +166,9 @@ extern const struct exp2f_data + uint64_t tab[1 << EXP2F_TABLE_BITS]; + double shift_scaled; + double poly[EXP2F_POLY_ORDER]; +- double shift; + double invln2_scaled; + double poly_scaled[EXP2F_POLY_ORDER]; ++ double shift; + } __exp2f_data attribute_hidden; + + #define LOGF_TABLE_BITS 4 +-- +2.27.0 + diff --git a/misc-Add-support-for-Linux-uio.h-RWF_NOAPPEND-flag.patch b/misc-Add-support-for-Linux-uio.h-RWF_NOAPPEND-flag.patch new file mode 100644 index 0000000..b1799c1 --- /dev/null +++ b/misc-Add-support-for-Linux-uio.h-RWF_NOAPPEND-flag.patch @@ -0,0 +1,75 @@ +From c8cb4d2b86ece572793e31a3422ea29e88d77df5 Mon Sep 17 00:00:00 2001 +From: Stafford Horne +Date: Wed, 3 Apr 2024 06:40:37 +0100 +Subject: [PATCH 2/2] misc: Add support for Linux uio.h RWF_NOAPPEND flag + +In Linux 6.9 a new flag is added to allow for Per-io operations to +disable append mode even if a file was opened with the flag O_APPEND. +This is done with the new RWF_NOAPPEND flag. + +This caused two test failures as these tests expected the flag 0x00000020 +to be unused. Adding the flag definition now fixes these tests on Linux +6.9 (v6.9-rc1). + + FAIL: misc/tst-preadvwritev2 + FAIL: misc/tst-preadvwritev64v2 + +This patch adds the flag, adjusts the test and adds details to +documentation. + +Link: https://lore.kernel.org/all/20200831153207.GO3265@brightrain.aerifal.cx/ +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 3db9d208dd5f30b12900989c6d2214782b8e2011) +--- + manual/llio.texi | 4 ++++ + misc/tst-preadvwritev2-common.c | 5 ++++- + sysdeps/unix/sysv/linux/bits/uio-ext.h | 1 + + 3 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/manual/llio.texi b/manual/llio.texi +index 0b61d491f5..fae49d1433 100644 +--- a/manual/llio.texi ++++ b/manual/llio.texi +@@ -1339,6 +1339,10 @@ will fail and set @code{errno} to @code{EAGAIN} if the operation would block. + + @item RWF_APPEND + Per-IO synchronization as if the file was opened with @code{O_APPEND} flag. ++ ++@item RWF_NOAPPEND ++This flag allows an offset to be honored, even if the file was opened with ++@code{O_APPEND} flag. + @end vtable + + When the source file is compiled with @code{_FILE_OFFSET_BITS == 64} the +diff --git a/misc/tst-preadvwritev2-common.c b/misc/tst-preadvwritev2-common.c +index 355dbea05c..0d3729eac0 100644 +--- a/misc/tst-preadvwritev2-common.c ++++ b/misc/tst-preadvwritev2-common.c +@@ -34,8 +34,11 @@ + #ifndef RWF_APPEND + # define RWF_APPEND 0 + #endif ++#ifndef RWF_NOAPPEND ++# define RWF_NOAPPEND 0 ++#endif + #define RWF_SUPPORTED (RWF_HIPRI | RWF_DSYNC | RWF_SYNC | RWF_NOWAIT \ +- | RWF_APPEND) ++ | RWF_APPEND | RWF_NOAPPEND) + + /* Generic uio_lim.h does not define IOV_MAX. */ + #ifndef IOV_MAX +diff --git a/sysdeps/unix/sysv/linux/bits/uio-ext.h b/sysdeps/unix/sysv/linux/bits/uio-ext.h +index 311f5b16ce..d641f57b01 100644 +--- a/sysdeps/unix/sysv/linux/bits/uio-ext.h ++++ b/sysdeps/unix/sysv/linux/bits/uio-ext.h +@@ -47,6 +47,7 @@ extern ssize_t process_vm_writev (pid_t __pid, const struct iovec *__lvec, + #define RWF_SYNC 0x00000004 /* per-IO O_SYNC. */ + #define RWF_NOWAIT 0x00000008 /* per-IO nonblocking mode. */ + #define RWF_APPEND 0x00000010 /* per-IO O_APPEND. */ ++#define RWF_NOAPPEND 0x00000020 /* per-IO negation of O_APPEND */ + + __END_DECLS + +-- +2.33.0 + diff --git a/nptl-initialize-cpu_id_start-prior-to-rseq-registrat.patch b/nptl-initialize-cpu_id_start-prior-to-rseq-registrat.patch new file mode 100644 index 0000000..814d0ec --- /dev/null +++ b/nptl-initialize-cpu_id_start-prior-to-rseq-registrat.patch @@ -0,0 +1,34 @@ +From 37ded328c4240f5a84c69b8cb803f0652fa68d20 Mon Sep 17 00:00:00 2001 +From: Michael Jeanson +Date: Wed, 20 Nov 2024 14:15:42 -0500 +Subject: [PATCH] nptl: initialize cpu_id_start prior to rseq registration + +When adding explicit initialization of rseq fields prior to +registration, I glossed over the fact that 'cpu_id_start' is also +documented as initialized by user-space. + +While current kernels don't validate the content of this field on +registration, future ones could. + +Signed-off-by: Michael Jeanson +Reviewed-by: Mathieu Desnoyers +(cherry picked from commit d9f40387d3305d97e30a8cf8724218c42a63680a) +--- + sysdeps/unix/sysv/linux/rseq-internal.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/sysdeps/unix/sysv/linux/rseq-internal.h b/sysdeps/unix/sysv/linux/rseq-internal.h +index 8fd26f335e..0ad79174bd 100644 +--- a/sysdeps/unix/sysv/linux/rseq-internal.h ++++ b/sysdeps/unix/sysv/linux/rseq-internal.h +@@ -56,6 +56,7 @@ rseq_register_current_thread (struct pthread *self, bool do_rseq) + registration, there is no guarantee that struct pthread is + cleared on all architectures. */ + THREAD_SETMEM (self, rseq_area.cpu_id, RSEQ_CPU_ID_UNINITIALIZED); ++ THREAD_SETMEM (self, rseq_area.cpu_id_start, 0); + THREAD_SETMEM (self, rseq_area.rseq_cs, 0); + THREAD_SETMEM (self, rseq_area.flags, 0); + +-- +2.27.0 + diff --git a/nptl-initialize-rseq-area-prior-to-registration.patch b/nptl-initialize-rseq-area-prior-to-registration.patch new file mode 100644 index 0000000..7502c52 --- /dev/null +++ b/nptl-initialize-rseq-area-prior-to-registration.patch @@ -0,0 +1,61 @@ +From 9423cc5387d93de63be09740bfd86abd01dca7d1 Mon Sep 17 00:00:00 2001 +From: Michael Jeanson +Date: Thu, 7 Nov 2024 22:23:49 +0100 +Subject: [PATCH] nptl: initialize rseq area prior to registration + +Per the rseq syscall documentation, 3 fields are required to be +initialized by userspace prior to registration, they are 'cpu_id', +'rseq_cs' and 'flags'. Since we have no guarantee that 'struct pthread' +is cleared on all architectures, explicitly set those 3 fields prior to +registration. + +Signed-off-by: Michael Jeanson +Reviewed-by: Florian Weimer +(cherry picked from commit 97f60abd25628425971f07e9b0e7f8eec0741235) +--- + nptl/descr.h | 2 ++ + sysdeps/unix/sysv/linux/rseq-internal.h | 10 ++++++++++ + 2 files changed, 12 insertions(+) + +diff --git a/nptl/descr.h b/nptl/descr.h +index 0171576c23..4ec2df7a26 100644 +--- a/nptl/descr.h ++++ b/nptl/descr.h +@@ -414,6 +414,8 @@ struct pthread + { + uint32_t cpu_id_start; + uint32_t cpu_id; ++ uint64_t rseq_cs; ++ uint32_t flags; + }; + char pad[32]; /* Original rseq area size. */ + } rseq_area __attribute__ ((aligned (32))); +diff --git a/sysdeps/unix/sysv/linux/rseq-internal.h b/sysdeps/unix/sysv/linux/rseq-internal.h +index 226ba59a24..8fd26f335e 100644 +--- a/sysdeps/unix/sysv/linux/rseq-internal.h ++++ b/sysdeps/unix/sysv/linux/rseq-internal.h +@@ -51,11 +51,21 @@ rseq_register_current_thread (struct pthread *self, bool do_rseq) + /* The initial implementation used only 20 bytes out of 32, + but still expected size 32. */ + size = RSEQ_AREA_SIZE_INITIAL; ++ ++ /* Initialize the rseq fields that are read by the kernel on ++ registration, there is no guarantee that struct pthread is ++ cleared on all architectures. */ ++ THREAD_SETMEM (self, rseq_area.cpu_id, RSEQ_CPU_ID_UNINITIALIZED); ++ THREAD_SETMEM (self, rseq_area.rseq_cs, 0); ++ THREAD_SETMEM (self, rseq_area.flags, 0); ++ + int ret = INTERNAL_SYSCALL_CALL (rseq, &self->rseq_area, + size, 0, RSEQ_SIG); + if (!INTERNAL_SYSCALL_ERROR_P (ret)) + return true; + } ++ /* When rseq is disabled by tunables or the registration fails, inform ++ userspace by setting 'cpu_id' to RSEQ_CPU_ID_REGISTRATION_FAILED. */ + THREAD_SETMEM (self, rseq_area.cpu_id, RSEQ_CPU_ID_REGISTRATION_FAILED); + return false; + } +-- +2.27.0 + diff --git a/sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch b/sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch new file mode 100644 index 0000000..db3f4ae --- /dev/null +++ b/sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch @@ -0,0 +1,43 @@ +From 6f68075869f6034f5fde3823741623d34164dc7d Mon Sep 17 00:00:00 2001 +From: Andreas Larsson +Date: Wed, 15 Nov 2023 13:29:43 +0100 +Subject: [PATCH 3/6] sparc: Fix broken memset for sparc32 [BZ #31068] + +Fixes commit a61933fe27df ("sparc: Remove bzero optimization") that +after moving code jumped to the wrong label 4. + +Verfied by successfully running string/test-memset on sparc32. + +Signed-off-by: Andreas Larsson +Signed-off-by: Ludwig Rydberg +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 578190b7e43305141512dee777e4a3b3e8159393) +--- + sysdeps/sparc/sparc32/memset.S | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/sparc/sparc32/memset.S b/sysdeps/sparc/sparc32/memset.S +index ca29ff5685..1dc3a640e8 100644 +--- a/sysdeps/sparc/sparc32/memset.S ++++ b/sysdeps/sparc/sparc32/memset.S +@@ -55,7 +55,7 @@ ENTRY(memset) + + andcc %o0, 3, %o2 + bne 3f +-4: andcc %o0, 4, %g0 ++5: andcc %o0, 4, %g0 + + be 2f + mov %g3, %g2 +@@ -139,7 +139,7 @@ ENTRY(memset) + stb %g3, [%o0 + 0x02] + 2: sub %o2, 4, %o2 + add %o1, %o2, %o1 +- b 4b ++ b 5b + sub %o0, %o2, %o0 + END(memset) + libc_hidden_builtin_def (memset) +-- +2.33.0 + diff --git a/sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch b/sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch new file mode 100644 index 0000000..a74f672 --- /dev/null +++ b/sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch @@ -0,0 +1,32 @@ +From aac57faf5425b472a72132b09f4b3a2aa1f77a63 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Thu, 18 Jan 2024 10:52:18 -0300 +Subject: [PATCH 5/6] sparc: Fix sparc64 memmove length comparison (BZ 31266) + +The small counts copy bytes comparsion should be unsigned (as the +memmove size argument). It fixes string/tst-memmove-overflow on +sparcv9, where the input size triggers an invalid code path. + +Checked on sparc64-linux-gnu and sparcv9-linux-gnu. + +(cherry picked from commit 926a4bdbb5fc8955570208b5571b2d04c6ffbd1d) +--- + sysdeps/sparc/sparc64/memmove.S | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysdeps/sparc/sparc64/memmove.S b/sysdeps/sparc/sparc64/memmove.S +index db6f4f0e84..62b19ebc1b 100644 +--- a/sysdeps/sparc/sparc64/memmove.S ++++ b/sysdeps/sparc/sparc64/memmove.S +@@ -38,7 +38,7 @@ ENTRY(memmove) + /* + * normal, copy forwards + */ +-2: ble %XCC, .Ldbytecp ++2: bleu %XCC, .Ldbytecp + andcc %o1, 3, %o5 /* is src word aligned */ + bz,pn %icc, .Laldst + cmp %o5, 2 /* is src half-word aligned */ +-- +2.33.0 + diff --git a/sparc-Remove-unwind-information-from-signal-return-s.patch b/sparc-Remove-unwind-information-from-signal-return-s.patch new file mode 100644 index 0000000..0db30ef --- /dev/null +++ b/sparc-Remove-unwind-information-from-signal-return-s.patch @@ -0,0 +1,74 @@ +From 0c5e5bace57578ed3e28eb89ee2d2b31b74c4ecc Mon Sep 17 00:00:00 2001 +From: Daniel Cederman +Date: Tue, 16 Jan 2024 09:31:41 +0100 +Subject: [PATCH 6/6] sparc: Remove unwind information from signal return stubs + [BZ #31244] + +The functions were previously written in C, but were not compiled +with unwind information. The ENTRY/END macros includes .cfi_startproc +and .cfi_endproc which adds unwind information. This caused the +tests cleanup-8 and cleanup-10 in the GCC testsuite to fail. +This patch adds a version of the ENTRY/END macros without the +CFI instructions that can be used instead. + +sigaction registers a restorer address that is located two instructions +before the stub function. This patch adds a two instruction padding to +avoid that the unwinder accesses the unwind information from the function +that the linker has placed right before it in memory. This fixes an issue +with pthread_cancel that caused tst-mutex8-static (and other tests) to fail. + +Signed-off-by: Daniel Cederman +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 7bd06985c0a143cdcba2762bfe020e53514a53de) +--- + sysdeps/sparc/sysdep.h | 9 +++++++++ + .../unix/sysv/linux/sparc/sparc32/sigreturn_stub.S | 11 +++++++---- + 2 files changed, 16 insertions(+), 4 deletions(-) + +diff --git a/sysdeps/sparc/sysdep.h b/sysdeps/sparc/sysdep.h +index 687e626182..151baa5e10 100644 +--- a/sysdeps/sparc/sysdep.h ++++ b/sysdeps/sparc/sysdep.h +@@ -76,6 +76,15 @@ C_LABEL(name) \ + cfi_endproc; \ + .size name, . - name + ++#define ENTRY_NOCFI(name) \ ++ .align 4; \ ++ .global C_SYMBOL_NAME(name); \ ++ .type name, @function; \ ++C_LABEL(name) ++ ++#define END_NOCFI(name) \ ++ .size name, . - name ++ + #undef LOC + #define LOC(name) .L##name + +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S b/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S +index cf509c8d5c..1962f9053c 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S ++++ b/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S +@@ -23,12 +23,15 @@ + + [1] https://lkml.org/lkml/2016/5/27/465 */ + +-ENTRY (__rt_sigreturn_stub) ++ nop ++ nop ++ ++ENTRY_NOCFI (__rt_sigreturn_stub) + mov __NR_rt_sigreturn, %g1 + ta 0x10 +-END (__rt_sigreturn_stub) ++END_NOCFI (__rt_sigreturn_stub) + +-ENTRY (__sigreturn_stub) ++ENTRY_NOCFI (__sigreturn_stub) + mov __NR_sigreturn, %g1 + ta 0x10 +-END (__sigreturn_stub) ++END_NOCFI (__sigreturn_stub) +-- +2.33.0 + diff --git a/sparc64-Remove-unwind-information-from-signal-return.patch b/sparc64-Remove-unwind-information-from-signal-return.patch new file mode 100644 index 0000000..809a556 --- /dev/null +++ b/sparc64-Remove-unwind-information-from-signal-return.patch @@ -0,0 +1,42 @@ +From 0e383d2d4e7c08b36ad3edb30c072a3dc4d26ed8 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Wed, 17 Jan 2024 10:38:09 -0300 +Subject: [PATCH 4/6] sparc64: Remove unwind information from signal return + stubs [BZ#31244] + +Similar to sparc32 fix, remove the unwind information on the signal +return stubs. This fixes the regressions: + +FAIL: nptl/tst-cancel24-static +FAIL: nptl/tst-cond8-static +FAIL: nptl/tst-mutex8-static +FAIL: nptl/tst-mutexpi8-static +FAIL: nptl/tst-mutexpi9 + +On sparc64-linux-gnu. + +(cherry picked from commit 369efd817780276dbe0ecf8be6e1f354bdbc9857) +--- + sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S b/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S +index 7fac04f657..f089bcaf68 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S ++++ b/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S +@@ -23,7 +23,10 @@ + + [1] https://lkml.org/lkml/2016/5/27/465 */ + +-ENTRY (__rt_sigreturn_stub) ++ nop ++ nop ++ ++ENTRY_NOCFI (__rt_sigreturn_stub) + mov __NR_rt_sigreturn, %g1 + ta 0x6d +-END (__rt_sigreturn_stub) ++END_NOCFI (__rt_sigreturn_stub) +-- +2.33.0 + diff --git a/stdio-common-Add-test-for-vfscanf-with-matches-longe.patch b/stdio-common-Add-test-for-vfscanf-with-matches-longe.patch new file mode 100644 index 0000000..77a1cf1 --- /dev/null +++ b/stdio-common-Add-test-for-vfscanf-with-matches-longe.patch @@ -0,0 +1,176 @@ +From 99ffa84bdcdc3d81e82f448279f0c8278dd30964 Mon Sep 17 00:00:00 2001 +From: "Maciej W. Rozycki" +Date: Fri, 26 Jul 2024 13:21:34 +0100 +Subject: [PATCH] stdio-common: Add test for vfscanf with matches longer + than INT_MAX [BZ #27650] + +Complement commit b03e4d7bd25b ("stdio: fix vfscanf with matches longer +than INT_MAX (bug 27650)") and add a test case for the issue, inspired +by the reproducer provided with the bug report. + +This has been verified to succeed as from the commit referred and fail +beforehand. + +As the test requires 2GiB of data to be passed around its performance +has been evaluated using a choice of systems and the execution time +determined to be respectively in the range of 9s for POWER9@2.166GHz, +24s for FU740@1.2GHz, and 40s for 74Kf@950MHz. As this is on the verge +of and beyond the default timeout it has been increased by the factor of +8. Regardless, following recent practice the test has been added to the +standard rather than extended set. + +Reviewed-by: DJ Delorie +(cherry picked from commit 89cddc8a7096f3d9225868304d2bc0a1aaf07d63) +--- + stdio-common/Makefile | 5 ++ + stdio-common/tst-scanf-bz27650.c | 108 +++++++++++++++++++++++++++++++ + 2 files changed, 113 insertions(+) + create mode 100644 stdio-common/tst-scanf-bz27650.c + +diff --git a/stdio-common/Makefile b/stdio-common/Makefile +index 3866362bae..2bcbaf754a 100644 +--- a/stdio-common/Makefile ++++ b/stdio-common/Makefile +@@ -243,6 +243,7 @@ tests := \ + tst-scanf-binary-c2x \ + tst-scanf-binary-gnu11 \ + tst-scanf-binary-gnu89 \ ++ tst-scanf-bz27650 \ + tst-scanf-round \ + tst-scanf-to_inpunct \ + tst-setvbuf1 \ +@@ -312,6 +313,7 @@ generated += \ + tst-printf-fp-free.mtrace \ + tst-printf-fp-leak-mem.out \ + tst-printf-fp-leak.mtrace \ ++ tst-scanf-bz27650.mtrace \ + tst-vfprintf-width-prec-mem.out \ + tst-vfprintf-width-prec.mtrace \ + # generated +@@ -398,6 +400,9 @@ tst-printf-fp-free-ENV = \ + tst-printf-fp-leak-ENV = \ + MALLOC_TRACE=$(objpfx)tst-printf-fp-leak.mtrace \ + LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so ++tst-scanf-bz27650-ENV = \ ++ MALLOC_TRACE=$(objpfx)tst-scanf-bz27650.mtrace \ ++ LD_PRELOAD=$(common-objpfx)malloc/libc_malloc_debug.so + + $(objpfx)tst-unbputc.out: tst-unbputc.sh $(objpfx)tst-unbputc + $(SHELL) $< $(common-objpfx) '$(test-program-prefix)'; \ +diff --git a/stdio-common/tst-scanf-bz27650.c b/stdio-common/tst-scanf-bz27650.c +new file mode 100644 +index 0000000000..3a742bc865 +--- /dev/null ++++ b/stdio-common/tst-scanf-bz27650.c +@@ -0,0 +1,108 @@ ++/* Test for BZ #27650, formatted input matching beyond INT_MAX. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#include ++#include ++ ++/* Produce a stream of more than INT_MAX characters via buffer BUF of ++ size SIZE according to bookkeeping in COOKIE and then return EOF. */ ++ ++static ssize_t ++io_read (void *cookie, char *buf, size_t size) ++{ ++ unsigned int *written = cookie; ++ unsigned int w = *written; ++ ++ if (w > INT_MAX) ++ return 0; ++ ++ memset (buf, 'a', size); ++ *written = w + size; ++ return size; ++} ++ ++/* Consume a stream of more than INT_MAX characters from an artificial ++ input stream of which none is the new line character. The call to ++ fscanf is supposed to complete upon the EOF condition of input, ++ however in the presence of BZ #27650 it will terminate prematurely ++ with characters still outstanding in input. Diagnose the condition ++ and return status accordingly. */ ++ ++int ++do_test (void) ++{ ++ static cookie_io_functions_t io_funcs = { .read = io_read }; ++ unsigned int written = 0; ++ FILE *in; ++ int v; ++ ++ mtrace (); ++ ++ in = fopencookie (&written, "r", io_funcs); ++ if (in == NULL) ++ { ++ FAIL ("fopencookie: %m"); ++ goto out; ++ } ++ ++ v = fscanf (in, "%*[^\n]"); ++ if (ferror (in)) ++ { ++ FAIL ("fscanf: input failure, at %u: %m", written); ++ goto out_close; ++ } ++ else if (v == EOF) ++ { ++ FAIL ("fscanf: unexpected end of file, at %u", written); ++ goto out_close; ++ } ++ ++ if (!feof (in)) ++ { ++ v = fgetc (in); ++ if (ferror (in)) ++ FAIL ("fgetc: input failure: %m"); ++ else if (v == EOF) ++ FAIL ("fgetc: unexpected end of file after missing end of file"); ++ else if (v == '\n') ++ FAIL ("unexpected new line character received"); ++ else ++ FAIL ("character received after end of file expected: \\x%02x", v); ++ } ++ ++out_close: ++ if (fclose (in) != 0) ++ FAIL ("fclose: %m"); ++ ++out: ++ return EXIT_SUCCESS; ++} ++ ++#define TIMEOUT (DEFAULT_TIMEOUT * 8) ++#include +-- +2.33.0 + diff --git a/stdlib-Improve-tst-realpath-compatibility-with-sourc.patch b/stdlib-Improve-tst-realpath-compatibility-with-sourc.patch new file mode 100644 index 0000000..b58b467 --- /dev/null +++ b/stdlib-Improve-tst-realpath-compatibility-with-sourc.patch @@ -0,0 +1,43 @@ +From d97cca1e5df812be0e4de1e38091f02bb1e7ec4e Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 1 Aug 2023 10:27:15 +0200 +Subject: [PATCH] stdlib: Improve tst-realpath compatibility with source + fortification + +On GCC before 11, IPA can make the fortified realpath aware that the +buffer size is not large enough (8 bytes instead of PATH_MAX bytes). +Fix this by using a buffer that is large enough. + +(cherry picked from commit 510fc20d73de12c85823d9996faac74666e9c2e7) +--- + stdlib/tst-realpath.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/stdlib/tst-realpath.c b/stdlib/tst-realpath.c +index f325c95a44..3694ecd8af 100644 +--- a/stdlib/tst-realpath.c ++++ b/stdlib/tst-realpath.c +@@ -24,6 +24,7 @@ + License along with the GNU C Library; if not, see + . */ + ++#include + #include + #include + #include +@@ -50,7 +51,11 @@ void dealloc (void *p) + + char* alloc (void) + { +- return (char *)malloc (8); ++#ifdef PATH_MAX ++ return (char *)malloc (PATH_MAX); ++#else ++ return (char *)malloc (4096); ++#endif + } + + static int +-- +2.33.0 + diff --git a/stdlib-Test-using-setenv-with-updated-environ-BZ-325.patch b/stdlib-Test-using-setenv-with-updated-environ-BZ-325.patch new file mode 100644 index 0000000..9bbb5c3 --- /dev/null +++ b/stdlib-Test-using-setenv-with-updated-environ-BZ-325.patch @@ -0,0 +1,75 @@ +From 650a0aaaffa9ddb44732fa6156b31c5f30ee596f Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Fri, 24 Jan 2025 18:53:13 +0800 +Subject: [PATCH] stdlib: Test using setenv with updated environ [BZ + #32588] + +Add a test for setenv with updated environ. Verify that BZ #32588 is +fixed. + +Signed-off-by: H.J. Lu +Reviewed-by: Florian Weimer +(cherry picked from commit 8ab34497de14e35aff09b607222fe1309ef156da) +--- + stdlib/Makefile | 1 + + stdlib/tst-setenv-environ.c | 36 ++++++++++++++++++++++++++++++++++++ + 2 files changed, 37 insertions(+) + create mode 100644 stdlib/tst-setenv-environ.c + +diff --git a/stdlib/Makefile b/stdlib/Makefile +index 25e42a77e7..750810ee92 100644 +--- a/stdlib/Makefile ++++ b/stdlib/Makefile +@@ -232,6 +232,7 @@ tests := \ + tst-setcontext7 \ + tst-setcontext8 \ + tst-setcontext9 \ ++ tst-setenv-environ \ + tst-strfmon_l \ + tst-strfrom \ + tst-strfrom-locale \ +diff --git a/stdlib/tst-setenv-environ.c b/stdlib/tst-setenv-environ.c +new file mode 100644 +index 0000000000..02fcef96d0 +--- /dev/null ++++ b/stdlib/tst-setenv-environ.c +@@ -0,0 +1,36 @@ ++/* Test using setenv with updated environ. ++ Copyright (C) 2025 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++extern char **environ; ++ ++int ++do_test (void) ++{ ++ char *valp; ++ static char *dummy_environ[] = { NULL }; ++ environ = dummy_environ; ++ setenv ("A", "1", 0); ++ valp = getenv ("A"); ++ TEST_VERIFY_EXIT (valp[0] == '1' && valp[1] == '\0'); ++ return 0; ++} ++ ++#include +-- +2.27.0 + diff --git a/support-Add-support_record_failure_barrier.patch b/support-Add-support_record_failure_barrier.patch new file mode 100644 index 0000000..280c5a9 --- /dev/null +++ b/support-Add-support_record_failure_barrier.patch @@ -0,0 +1,49 @@ +From 4335cd9b58d1449abfba1bb5060970785940a399 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 23 Dec 2024 13:57:55 +0100 +Subject: [PATCH] support: Add support_record_failure_barrier + +This can be used to stop execution after a TEST_COMPARE_BLOB +failure, for example. + +(cherry picked from commit d0b8aa6de4529231fadfe604ac2c434e559c2d9e) +--- + support/check.h | 3 +++ + support/support_record_failure.c | 10 ++++++++++ + 2 files changed, 13 insertions(+) + +diff --git a/support/check.h b/support/check.h +index 0a9fff484f..632fe5298a 100644 +--- a/support/check.h ++++ b/support/check.h +@@ -207,6 +207,9 @@ void support_record_failure_reset (void); + failures or not. */ + int support_record_failure_is_failed (void); + ++/* Terminate the process if any failures have been encountered so far. */ ++void support_record_failure_barrier (void); ++ + __END_DECLS + + #endif /* SUPPORT_CHECK_H */ +diff --git a/support/support_record_failure.c b/support/support_record_failure.c +index 711f08801b..8466b895dc 100644 +--- a/support/support_record_failure.c ++++ b/support/support_record_failure.c +@@ -112,3 +112,13 @@ support_record_failure_is_failed (void) + synchronization for reliable test error reporting anyway. */ + return __atomic_load_n (&state->failed, __ATOMIC_RELAXED); + } ++ ++void ++support_record_failure_barrier (void) ++{ ++ if (__atomic_load_n (&state->failed, __ATOMIC_RELAXED)) ++ { ++ puts ("error: exiting due to previous errors"); ++ exit (1); ++ } ++} +-- +2.27.0 + diff --git a/support-Pick-group-in-support_capture_subprogram_sel.patch b/support-Pick-group-in-support_capture_subprogram_sel.patch new file mode 100644 index 0000000..23271de --- /dev/null +++ b/support-Pick-group-in-support_capture_subprogram_sel.patch @@ -0,0 +1,112 @@ +From 81f58dd9b7c3ec595ecdc0ea93a9c80ba2449169 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 21 May 2025 16:47:34 +0200 +Subject: [PATCH] support: Pick group in support_capture_subprogram_self_sgid + if UID == 0 + +When running as root, it is likely that we can run under any group. +Pick a harmless group from /etc/group in this case. + +Reviewed-by: Carlos O'Donell +(cherry picked from commit 2f769cec448d84a62b7dd0d4ff56978fe22c0cd6) +--- + support/support_capture_subprocess.c | 58 ++++++++++++++++++++++++++-- + 1 file changed, 54 insertions(+), 4 deletions(-) + +diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c +index 4393210d68..76c8a235e3 100644 +--- a/support/support_capture_subprocess.c ++++ b/support/support_capture_subprocess.c +@@ -21,7 +21,11 @@ + + #include + #include ++#include ++#include ++#include + #include ++#include + #include + #include + #include +@@ -209,10 +213,48 @@ err: + return status; + } + ++/* Returns true if a group with NAME has been found, and writes its ++ GID to *TARGET. */ ++static bool ++find_sgid_group (gid_t *target, const char *name) ++{ ++ /* Do not use getgrname_r because it does not work in statically ++ linked binaries if the system libc is different. */ ++ FILE *fp = fopen ("/etc/group", "rce"); ++ if (fp == NULL) ++ return false; ++ __fsetlocking (fp, FSETLOCKING_BYCALLER); ++ ++ bool ok = false; ++ struct scratch_buffer buf; ++ scratch_buffer_init (&buf); ++ while (true) ++ { ++ struct group grp; ++ struct group *result = NULL; ++ int status = fgetgrent_r (fp, &grp, buf.data, buf.length, &result); ++ if (status == 0 && result != NULL) ++ { ++ if (strcmp (result->gr_name, name) == 0) ++ { ++ *target = result->gr_gid; ++ ok = true; ++ break; ++ } ++ } ++ else if (errno != ERANGE) ++ break; ++ else if (!scratch_buffer_grow (&buf)) ++ break; ++ } ++ scratch_buffer_free (&buf); ++ fclose (fp); ++ return ok; ++} ++ + int + support_capture_subprogram_self_sgid (const char *child_id) + { +- gid_t target = 0; + const int count = 64; + gid_t groups[count]; + +@@ -224,6 +266,7 @@ support_capture_subprogram_self_sgid (const char *child_id) + (intmax_t) getuid ()); + + gid_t current = getgid (); ++ gid_t target = current; + for (int i = 0; i < ret; ++i) + { + if (groups[i] != current) +@@ -233,9 +276,16 @@ support_capture_subprogram_self_sgid (const char *child_id) + } + } + +- if (target == 0) +- FAIL_UNSUPPORTED("Could not find a suitable GID for user %jd\n", +- (intmax_t) getuid ()); ++ if (target == current) ++ { ++ /* If running as root, try to find a harmless group for SGID. */ ++ if (getuid () != 0 ++ || (!find_sgid_group (&target, "nogroup") ++ && !find_sgid_group (&target, "bin") ++ && !find_sgid_group (&target, "daemon"))) ++ FAIL_UNSUPPORTED("Could not find a suitable GID for user %jd\n", ++ (intmax_t) getuid ()); ++ } + + return copy_and_spawn_sgid (child_id, target); + } +-- +2.27.0 + diff --git a/support-Use-const-char-argument-in-support_capture_s.patch b/support-Use-const-char-argument-in-support_capture_s.patch new file mode 100644 index 0000000..2cb103a --- /dev/null +++ b/support-Use-const-char-argument-in-support_capture_s.patch @@ -0,0 +1,64 @@ +From 454f24e9815ea52d48595506bf564f83902e67d4 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 20 May 2025 19:36:02 +0200 +Subject: [PATCH] support: Use const char * argument in + support_capture_subprogram_self_sgid + +The function does not modify the passed-in string, so make this clear +via the prototype. + +Reviewed-by: Carlos O'Donell +(cherry picked from commit f0c09fe61678df6f7f18fe1ebff074e62fa5ca7a) +--- + support/capture_subprocess.h | 3 +-- + support/support_capture_subprocess.c | 6 +++--- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git a/support/capture_subprocess.h b/support/capture_subprocess.h +index 99ab7b8ab3..098d63c6e3 100644 +--- a/support/capture_subprocess.h ++++ b/support/capture_subprocess.h +@@ -44,8 +44,7 @@ struct support_capture_subprocess support_capture_subprogram + /* Copy the running program into a setgid binary and run it with CHILD_ID + argument. If execution is successful, return the exit status of the child + program, otherwise return a non-zero failure exit code. */ +-int support_capture_subprogram_self_sgid +- (char *child_id); ++int support_capture_subprogram_self_sgid (const char *child_id); + + /* Deallocate the subprocess data captured by + support_capture_subprocess. */ +diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c +index 2a8d37b284..4393210d68 100644 +--- a/support/support_capture_subprocess.c ++++ b/support/support_capture_subprocess.c +@@ -109,7 +109,7 @@ support_capture_subprogram (const char *file, char *const argv[]) + safely make it SGID with the TARGET group ID. Then runs the + executable. */ + static int +-copy_and_spawn_sgid (char *child_id, gid_t gid) ++copy_and_spawn_sgid (const char *child_id, gid_t gid) + { + char *dirname = xasprintf ("%s/tst-tunables-setuid.%jd", + test_dir, (intmax_t) getpid ()); +@@ -181,7 +181,7 @@ copy_and_spawn_sgid (char *child_id, gid_t gid) + ret = 0; + infd = outfd = -1; + +- char * const args[] = {execname, child_id, NULL}; ++ char * const args[] = {execname, (char *) child_id, NULL}; + + status = support_subprogram_wait (args[0], args); + +@@ -210,7 +210,7 @@ err: + } + + int +-support_capture_subprogram_self_sgid (char *child_id) ++support_capture_subprogram_self_sgid (const char *child_id) + { + gid_t target = 0; + const int count = 64; +-- +2.27.0 + diff --git a/ungetc-Fix-backup-buffer-leak-on-program-exit-BZ-278.patch b/ungetc-Fix-backup-buffer-leak-on-program-exit-BZ-278.patch new file mode 100644 index 0000000..9faa58c --- /dev/null +++ b/ungetc-Fix-backup-buffer-leak-on-program-exit-BZ-278.patch @@ -0,0 +1,145 @@ +From b9f72bd5de931eac39219018c2fa319a449bb2cf Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 13 Aug 2024 21:08:49 -0400 +Subject: [PATCH] ungetc: Fix backup buffer leak on program exit [BZ + #27821] + +If a file descriptor is left unclosed and is cleaned up by _IO_cleanup +on exit, its backup buffer remains unfreed, registering as a leak in +valgrind. This is not strictly an issue since (1) the program should +ideally be closing the stream once it's not in use and (2) the program +is about to exit anyway, so keeping the backup buffer around a wee bit +longer isn't a real problem. Free it anyway to keep valgrind happy +when the streams in question are the standard ones, i.e. stdout, stdin +or stderr. + +Also, the _IO_have_backup macro checks for _IO_save_base, +which is a roundabout way to check for a backup buffer instead of +directly looking for _IO_backup_base. The roundabout check breaks when +the main get area has not been used and user pushes a char into the +backup buffer with ungetc. Fix this to use the _IO_backup_base +directly. + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: Carlos O'Donell +(cherry picked from commit 3e1d8d1d1dca24ae90df2ea826a8916896fc7e77) +--- + libio/genops.c | 6 ++++++ + libio/libioP.h | 4 ++-- + stdio-common/Makefile | 7 +++++++ + stdio-common/tst-ungetc-leak.c | 32 ++++++++++++++++++++++++++++++++ + 4 files changed, 47 insertions(+), 2 deletions(-) + create mode 100644 stdio-common/tst-ungetc-leak.c + +diff --git a/libio/genops.c b/libio/genops.c +index c673c0acec..fb06245467 100644 +--- a/libio/genops.c ++++ b/libio/genops.c +@@ -789,6 +789,12 @@ _IO_unbuffer_all (void) + legacy = 1; + #endif + ++ /* Free up the backup area if it was ever allocated. */ ++ if (_IO_have_backup (fp)) ++ _IO_free_backup_area (fp); ++ if (fp->_mode > 0 && _IO_have_wbackup (fp)) ++ _IO_free_wbackup_area (fp); ++ + if (! (fp->_flags & _IO_UNBUFFERED) + /* Iff stream is un-orientated, it wasn't used. */ + && (legacy || fp->_mode != 0)) +diff --git a/libio/libioP.h b/libio/libioP.h +index 745278e076..e75ee770bc 100644 +--- a/libio/libioP.h ++++ b/libio/libioP.h +@@ -577,8 +577,8 @@ extern void _IO_old_init (FILE *fp, int flags) __THROW; + ((__fp)->_wide_data->_IO_write_base \ + = (__fp)->_wide_data->_IO_write_ptr = __p, \ + (__fp)->_wide_data->_IO_write_end = (__ep)) +-#define _IO_have_backup(fp) ((fp)->_IO_save_base != NULL) +-#define _IO_have_wbackup(fp) ((fp)->_wide_data->_IO_save_base != NULL) ++#define _IO_have_backup(fp) ((fp)->_IO_backup_base != NULL) ++#define _IO_have_wbackup(fp) ((fp)->_wide_data->_IO_backup_base != NULL) + #define _IO_in_backup(fp) ((fp)->_flags & _IO_IN_BACKUP) + #define _IO_have_markers(fp) ((fp)->_markers != NULL) + #define _IO_blen(fp) ((fp)->_IO_buf_end - (fp)->_IO_buf_base) +diff --git a/stdio-common/Makefile b/stdio-common/Makefile +index 2bcbaf754a..381040570b 100644 +--- a/stdio-common/Makefile ++++ b/stdio-common/Makefile +@@ -256,6 +256,7 @@ tests := \ + tst-swscanf \ + tst-tmpnam \ + tst-ungetc \ ++ tst-ungetc-leak \ + tst-unlockedio \ + tst-vfprintf-mbs-prec \ + tst-vfprintf-user-type \ +@@ -300,6 +301,7 @@ tests-special += \ + $(objpfx)tst-printfsz-islongdouble.out \ + $(objpfx)tst-setvbuf1-cmp.out \ + $(objpfx)tst-unbputc.out \ ++ $(objpfx)tst-ungetc-leak-mem.out \ + $(objpfx)tst-vfprintf-width-prec-mem.out \ + # tests-special + +@@ -314,6 +316,8 @@ generated += \ + tst-printf-fp-leak-mem.out \ + tst-printf-fp-leak.mtrace \ + tst-scanf-bz27650.mtrace \ ++ tst-ungetc-leak-mem.out \ ++ tst-ungetc-leak.mtrace \ + tst-vfprintf-width-prec-mem.out \ + tst-vfprintf-width-prec.mtrace \ + # generated +@@ -403,6 +407,9 @@ tst-printf-fp-leak-ENV = \ + tst-scanf-bz27650-ENV = \ + MALLOC_TRACE=$(objpfx)tst-scanf-bz27650.mtrace \ + LD_PRELOAD=$(common-objpfx)malloc/libc_malloc_debug.so ++tst-ungetc-leak-ENV = \ ++ MALLOC_TRACE=$(objpfx)tst-ungetc-leak.mtrace \ ++ LD_PRELOAD=$(common-objpfx)malloc/libc_malloc_debug.so + + $(objpfx)tst-unbputc.out: tst-unbputc.sh $(objpfx)tst-unbputc + $(SHELL) $< $(common-objpfx) '$(test-program-prefix)'; \ +diff --git a/stdio-common/tst-ungetc-leak.c b/stdio-common/tst-ungetc-leak.c +new file mode 100644 +index 0000000000..6c5152b43f +--- /dev/null ++++ b/stdio-common/tst-ungetc-leak.c +@@ -0,0 +1,32 @@ ++/* Test for memory leak with ungetc when stream is unused. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++static int ++do_test (void) ++{ ++ mtrace (); ++ TEST_COMPARE (ungetc('y', stdin), 'y'); ++ return 0; ++} ++ ++#include +-- +2.33.0 + diff --git a/ungetc-Fix-uninitialized-read-when-putting-into-unus.patch b/ungetc-Fix-uninitialized-read-when-putting-into-unus.patch new file mode 100644 index 0000000..405239f --- /dev/null +++ b/ungetc-Fix-uninitialized-read-when-putting-into-unus.patch @@ -0,0 +1,78 @@ +From 804d3c8db79db204154dcf5e11a76f14fdddc570 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 13 Aug 2024 21:00:06 -0400 +Subject: [PATCH] ungetc: Fix uninitialized read when putting into unused + streams [BZ #27821] + +When ungetc is called on an unused stream, the backup buffer is +allocated without the main get area being present. This results in +every subsequent ungetc (as the stream remains in the backup area) +checking uninitialized memory in the backup buffer when trying to put a +character back into the stream. + +Avoid comparing the input character with buffer contents when in backup +to avoid this uninitialized read. The uninitialized read is harmless in +this context since the location is promptly overwritten with the input +character, thus fulfilling ungetc functionality. + +Also adjust wording in the manual to drop the paragraph that says glibc +cannot do multiple ungetc back to back since with this change, ungetc +can actually do this. + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: Carlos O'Donell +(cherry picked from commit cdf0f88f97b0aaceb894cc02b21159d148d7065c) +--- + libio/genops.c | 2 +- + manual/stdio.texi | 8 +++----- + stdio-common/tst-ungetc.c | 2 ++ + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/libio/genops.c b/libio/genops.c +index fbd8dd9e75..c673c0acec 100644 +--- a/libio/genops.c ++++ b/libio/genops.c +@@ -635,7 +635,7 @@ _IO_sputbackc (FILE *fp, int c) + { + int result; + +- if (fp->_IO_read_ptr > fp->_IO_read_base ++ if (fp->_IO_read_ptr > fp->_IO_read_base && !_IO_in_backup (fp) + && (unsigned char)fp->_IO_read_ptr[-1] == (unsigned char)c) + { + fp->_IO_read_ptr--; +diff --git a/manual/stdio.texi b/manual/stdio.texi +index 9cf622403f..a54cd369db 100644 +--- a/manual/stdio.texi ++++ b/manual/stdio.texi +@@ -1474,11 +1474,9 @@ program; usually @code{ungetc} is used only to unread a character that + was just read from the same stream. @Theglibc{} supports this + even on files opened in binary mode, but other systems might not. + +-@Theglibc{} only supports one character of pushback---in other +-words, it does not work to call @code{ungetc} twice without doing input +-in between. Other systems might let you push back multiple characters; +-then reading from the stream retrieves the characters in the reverse +-order that they were pushed. ++@Theglibc{} supports pushing back multiple characters; subsequently ++reading from the stream retrieves the characters in the reverse order ++that they were pushed. + + Pushing back characters doesn't alter the file; only the internal + buffering for the stream is affected. If a file positioning function +diff --git a/stdio-common/tst-ungetc.c b/stdio-common/tst-ungetc.c +index 5c808f0734..388b202493 100644 +--- a/stdio-common/tst-ungetc.c ++++ b/stdio-common/tst-ungetc.c +@@ -48,6 +48,8 @@ do_test (void) + TEST_VERIFY_EXIT (getc (fp) == 'b'); + TEST_VERIFY_EXIT (getc (fp) == 'l'); + TEST_VERIFY_EXIT (ungetc ('m', fp) == 'm'); ++ TEST_VERIFY_EXIT (ungetc ('n', fp) == 'n'); ++ TEST_VERIFY_EXIT (getc (fp) == 'n'); + TEST_VERIFY_EXIT (getc (fp) == 'm'); + TEST_VERIFY_EXIT ((c = getc (fp)) == 'a'); + TEST_VERIFY_EXIT (getc (fp) == EOF); +-- +2.33.0 + diff --git a/x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch b/x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch new file mode 100644 index 0000000..c55bdf9 --- /dev/null +++ b/x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch @@ -0,0 +1,68 @@ +From 35ea7549751d4f13a28c732e6ad68204f5e60a06 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Wed, 20 Dec 2023 16:31:43 -0800 +Subject: [PATCH 4/9] x86-64: Fix the dtv field load for x32 [BZ #31184] + +On x32, I got + +FAIL: elf/tst-tlsgap + +$ gdb elf/tst-tlsgap +... +open tst-tlsgap-mod1.so + +Thread 2 "tst-tlsgap" received signal SIGSEGV, Segmentation fault. +[Switching to LWP 2268754] +_dl_tlsdesc_dynamic () at ../sysdeps/x86_64/dl-tlsdesc.S:108 +108 movq (%rsi), %rax +(gdb) p/x $rsi +$4 = 0xf7dbf9005655fb18 +(gdb) + +This is caused by + +_dl_tlsdesc_dynamic: + _CET_ENDBR + /* Preserve call-clobbered registers that we modify. + We need two scratch regs anyway. */ + movq %rsi, -16(%rsp) + movq %fs:DTV_OFFSET, %rsi + +Since the dtv field in TCB is a pointer, %fs:DTV_OFFSET is a 32-bit +location, not 64-bit. Load the dtv field to RSI_LP instead of rsi. +This fixes BZ #31184. + +(cherry picked from commit 3502440397bbb840e2f7223734aa5cc2cc0e29b6) +--- + NEWS | 1 + + sysdeps/x86_64/dl-tlsdesc.S | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index 5ac488bf9b..71057e4793 100644 +--- a/NEWS ++++ b/NEWS +@@ -37,6 +37,7 @@ The following bugs are resolved with this release: + [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with + -D_FILE_OFFSET_BITS=64 + [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) ++ [31184] FAIL: elf/tst-tlsgap + + + Version 2.38 +diff --git a/sysdeps/x86_64/dl-tlsdesc.S b/sysdeps/x86_64/dl-tlsdesc.S +index 5593897e29..c4823547d7 100644 +--- a/sysdeps/x86_64/dl-tlsdesc.S ++++ b/sysdeps/x86_64/dl-tlsdesc.S +@@ -102,7 +102,7 @@ _dl_tlsdesc_dynamic: + /* Preserve call-clobbered registers that we modify. + We need two scratch regs anyway. */ + movq %rsi, -16(%rsp) +- movq %fs:DTV_OFFSET, %rsi ++ mov %fs:DTV_OFFSET, %RSI_LP + movq %rdi, -8(%rsp) + movq TLSDESC_ARG(%rax), %rdi + movq (%rsi), %rax +-- +2.33.0 + diff --git a/x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch b/x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch new file mode 100644 index 0000000..515db6d --- /dev/null +++ b/x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch @@ -0,0 +1,69 @@ +From 968c983d43bc51f719f3e7a0fcb1bb8669b5f7c4 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Wed, 20 Dec 2023 19:42:12 -0800 +Subject: [PATCH 5/9] x86-64: Fix the tcb field load for x32 [BZ #31185] + +_dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic access the thread pointer +via the tcb field in TCB: + +_dl_tlsdesc_undefweak: + _CET_ENDBR + movq 8(%rax), %rax + subq %fs:0, %rax + ret + +_dl_tlsdesc_dynamic: + ... + subq %fs:0, %rax + movq -8(%rsp), %rdi + ret + +Since the tcb field in TCB is a pointer, %fs:0 is a 32-bit location, +not 64-bit. It should use "sub %fs:0, %RAX_LP" instead. Since +_dl_tlsdesc_undefweak returns ptrdiff_t and _dl_make_tlsdesc_dynamic +returns void *, RAX_LP is appropriate here for x32 and x86-64. This +fixes BZ #31185. + +(cherry picked from commit 81be2a61dafc168327c1639e97b6dae128c7ccf3) +--- + NEWS | 1 + + sysdeps/x86_64/dl-tlsdesc.S | 4 ++-- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/NEWS b/NEWS +index 71057e4793..6fbb8a9e1d 100644 +--- a/NEWS ++++ b/NEWS +@@ -38,6 +38,7 @@ The following bugs are resolved with this release: + -D_FILE_OFFSET_BITS=64 + [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) + [31184] FAIL: elf/tst-tlsgap ++ [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic + + + Version 2.38 +diff --git a/sysdeps/x86_64/dl-tlsdesc.S b/sysdeps/x86_64/dl-tlsdesc.S +index c4823547d7..4579424bf7 100644 +--- a/sysdeps/x86_64/dl-tlsdesc.S ++++ b/sysdeps/x86_64/dl-tlsdesc.S +@@ -61,7 +61,7 @@ _dl_tlsdesc_return: + _dl_tlsdesc_undefweak: + _CET_ENDBR + movq 8(%rax), %rax +- subq %fs:0, %rax ++ sub %fs:0, %RAX_LP + ret + cfi_endproc + .size _dl_tlsdesc_undefweak, .-_dl_tlsdesc_undefweak +@@ -116,7 +116,7 @@ _dl_tlsdesc_dynamic: + addq TLSDESC_MODOFF(%rdi), %rax + .Lret: + movq -16(%rsp), %rsi +- subq %fs:0, %rax ++ sub %fs:0, %RAX_LP + movq -8(%rsp), %rdi + ret + .Lslow: +-- +2.33.0 + diff --git a/x86-Avoid-integer-truncation-with-large-cache-sizes-.patch b/x86-Avoid-integer-truncation-with-large-cache-sizes-.patch new file mode 100644 index 0000000..5728bb7 --- /dev/null +++ b/x86-Avoid-integer-truncation-with-large-cache-sizes-.patch @@ -0,0 +1,49 @@ +From cf06772360017094b6b8de7cac29bb029df8a974 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 17 Dec 2024 18:12:03 +0100 +Subject: [PATCH] x86: Avoid integer truncation with large cache sizes (bug + 32470) + +Some hypervisors report 1 TiB L3 cache size. This results +in some variables incorrectly getting zeroed, causing crashes +in memcpy/memmove because invariants are violated. + +(cherry picked from commit 61c3450db96dce96ad2b24b4f0b548e6a46d68e5) +--- + NEWS | 1 + + sysdeps/x86/dl-cacheinfo.h | 4 ++-- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/NEWS b/NEWS +index 8feb39f1ba..d0815514e0 100644 +--- a/NEWS ++++ b/NEWS +@@ -60,6 +60,7 @@ The following bugs are resolved with this release: + [32052] Name space violation in fortify wrappers + [32137] libio: Attempt wide backup free only for non-legacy code + [32231] elf: Change ldconfig auxcache magic number ++ [32470] x86: Avoid integer truncation with large cache sizes + + Version 2.38 + +diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h +index 5ddb35c9d9..6c7740422a 100644 +--- a/sysdeps/x86/dl-cacheinfo.h ++++ b/sysdeps/x86/dl-cacheinfo.h +@@ -965,11 +965,11 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + non_temporal_threshold = maximum_non_temporal_threshold; + + /* NB: The REP MOVSB threshold must be greater than VEC_SIZE * 8. */ +- unsigned int minimum_rep_movsb_threshold; ++ unsigned long int minimum_rep_movsb_threshold; + /* NB: The default REP MOVSB threshold is 4096 * (VEC_SIZE / 16) for + VEC_SIZE == 64 or 32. For VEC_SIZE == 16, the default REP MOVSB + threshold is 2048 * (VEC_SIZE / 16). */ +- unsigned int rep_movsb_threshold; ++ unsigned long int rep_movsb_threshold; + if (CPU_FEATURE_USABLE_P (cpu_features, AVX512F) + && !CPU_FEATURE_PREFERRED_P (cpu_features, Prefer_No_AVX512)) + { +-- +2.27.0 + diff --git a/x86-Check-the-lower-byte-of-EAX-of-CPUID-leaf-2-BZ-3.patch b/x86-Check-the-lower-byte-of-EAX-of-CPUID-leaf-2-BZ-3.patch new file mode 100644 index 0000000..701321b --- /dev/null +++ b/x86-Check-the-lower-byte-of-EAX-of-CPUID-leaf-2-BZ-3.patch @@ -0,0 +1,77 @@ +From 58822f954f6284c8687dfff43fa4e9e349eeccad Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Mon, 28 Aug 2023 12:08:14 -0700 +Subject: [PATCH] x86: Check the lower byte of EAX of CPUID leaf 2 [BZ + #30643] + +The old Intel software developer manual specified that the low byte of +EAX of CPUID leaf 2 returned 1 which indicated the number of rounds of +CPUDID leaf 2 was needed to retrieve the complete cache information. The +newer Intel manual has been changed to that it should always return 1 +and be ignored. If the lower byte isn't 1, CPUID leaf 2 can't be used. +In this case, we ignore CPUID leaf 2 and use CPUID leaf 4 instead. If +CPUID leaf 4 doesn't contain the cache information, cache information +isn't available at all. This addresses BZ #30643. + +(cherry picked from commit 1493622f4f9048ffede3fbedb64695efa49d662a) +--- + sysdeps/x86/dl-cacheinfo.h | 31 +++++++++++++------------------ + 1 file changed, 13 insertions(+), 18 deletions(-) + +diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h +index 6c7740422a..400d15f208 100644 +--- a/sysdeps/x86/dl-cacheinfo.h ++++ b/sysdeps/x86/dl-cacheinfo.h +@@ -187,7 +187,7 @@ intel_check_word (int name, unsigned int value, bool *has_level_2, + ++round; + } + /* There is no other cache information anywhere else. */ +- break; ++ return -1; + } + else + { +@@ -257,28 +257,23 @@ handle_intel (int name, const struct cpu_features *cpu_features) + + /* OK, we can use the CPUID instruction to get all info about the + caches. */ +- unsigned int cnt = 0; +- unsigned int max = 1; + long int result = 0; + bool no_level_2_or_3 = false; + bool has_level_2 = false; ++ unsigned int eax; ++ unsigned int ebx; ++ unsigned int ecx; ++ unsigned int edx; ++ __cpuid (2, eax, ebx, ecx, edx); + +- while (cnt++ < max) ++ /* The low byte of EAX of CPUID leaf 2 should always return 1 and it ++ should be ignored. If it isn't 1, use CPUID leaf 4 instead. */ ++ if ((eax & 0xff) != 1) ++ return intel_check_word (name, 0xff, &has_level_2, &no_level_2_or_3, ++ cpu_features); ++ else + { +- unsigned int eax; +- unsigned int ebx; +- unsigned int ecx; +- unsigned int edx; +- __cpuid (2, eax, ebx, ecx, edx); +- +- /* The low byte of EAX in the first round contain the number of +- rounds we have to make. At least one, the one we are already +- doing. */ +- if (cnt == 1) +- { +- max = eax & 0xff; +- eax &= 0xffffff00; +- } ++ eax &= 0xffffff00; + + /* Process the individual registers' value. */ + result = intel_check_word (name, eax, &has_level_2, +-- +2.27.0 + diff --git a/x86-Fix-bug-in-strchrnul-evex512-BZ-32078.patch b/x86-Fix-bug-in-strchrnul-evex512-BZ-32078.patch new file mode 100644 index 0000000..85af57b --- /dev/null +++ b/x86-Fix-bug-in-strchrnul-evex512-BZ-32078.patch @@ -0,0 +1,162 @@ +From c005d1bd6f0e88ab4b822844d75d10c8978f5404 Mon Sep 17 00:00:00 2001 +From: Noah Goldstein +Date: Tue, 13 Aug 2024 23:29:14 +0800 +Subject: [PATCH] x86: Fix bug in strchrnul-evex512 [BZ #32078] + +Issue was we were expecting not matches with CHAR before the start of +the string in the page cross case. + +The check code in the page cross case: +``` + and $0xffffffffffffffc0,%rax + vmovdqa64 (%rax),%zmm17 + vpcmpneqb %zmm17,%zmm16,%k1 + vptestmb %zmm17,%zmm17,%k0{%k1} + kmovq %k0,%rax + inc %rax + shr %cl,%rax + je L(continue) +``` + +expects that all characters that neither match null nor CHAR will be +1s in `rax` prior to the `inc`. Then the `inc` will overflow all of +the 1s where no relevant match was found. + +This is incorrect in the page-cross case, as the +`vmovdqa64 (%rax),%zmm17` loads from before the start of the input +string. + +If there are matches with CHAR before the start of the string, `rax` +won't properly overflow. + +The fix is quite simple. Just replace: + +``` + inc %rax + shr %cl,%rax +``` +With: +``` + sar %cl,%rax + inc %rax +``` + +The arithmetic shift will clear any matches prior to the start of the +string while maintaining the signbit so the 1s can properly overflow +to zero in the case of no matches. +Reviewed-by: H.J. Lu + +(cherry picked from commit 7da08862471dfec6fdae731c2a5f351ad485c71f) +--- + string/test-strchr.c | 65 ++++++++++++++++++++- + sysdeps/x86_64/multiarch/strchr-evex-base.S | 8 +-- + 2 files changed, 68 insertions(+), 5 deletions(-) + +diff --git a/string/test-strchr.c b/string/test-strchr.c +index 933fc0bbba..2bfcf901fa 100644 +--- a/string/test-strchr.c ++++ b/string/test-strchr.c +@@ -248,6 +248,69 @@ check1 (void) + check_result (impl, s, c, exp_result); + } + ++static void ++check2 (void) ++{ ++ CHAR *s = (CHAR *) (buf1 + getpagesize () - 4 * sizeof (CHAR)); ++ CHAR *s_begin = (CHAR *) (buf1 + getpagesize () - 64); ++#ifndef USE_FOR_STRCHRNUL ++ CHAR *exp_result = NULL; ++#else ++ CHAR *exp_result = s + 1; ++#endif ++ CHAR val = 0x12; ++ for (; s_begin != s; ++s_begin) ++ *s_begin = val; ++ ++ s[0] = val + 1; ++ s[1] = 0; ++ s[2] = val + 1; ++ s[3] = val + 1; ++ ++ { ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, s, val, exp_result); ++ } ++ s[3] = val; ++ { ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, s, val, exp_result); ++ } ++ exp_result = s; ++ s[0] = val; ++ { ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, s, val, exp_result); ++ } ++ ++ s[3] = val + 1; ++ { ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, s, val, exp_result); ++ } ++ ++ s[0] = val + 1; ++ s[1] = val + 1; ++ s[2] = val + 1; ++ s[3] = val + 1; ++ s[4] = val; ++ exp_result = s + 4; ++ { ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, s, val, exp_result); ++ } ++ s[4] = 0; ++#ifndef USE_FOR_STRCHRNUL ++ exp_result = NULL; ++#else ++ exp_result = s + 4; ++#endif ++ { ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, s, val, exp_result); ++ } ++} ++ + int + test_main (void) + { +@@ -256,7 +319,7 @@ test_main (void) + test_init (); + + check1 (); +- ++ check2 (); + printf ("%20s", ""); + FOR_EACH_IMPL (impl, 0) + printf ("\t%s", impl->name); +diff --git a/sysdeps/x86_64/multiarch/strchr-evex-base.S b/sysdeps/x86_64/multiarch/strchr-evex-base.S +index 7209435caf..da6d0eafbb 100644 +--- a/sysdeps/x86_64/multiarch/strchr-evex-base.S ++++ b/sysdeps/x86_64/multiarch/strchr-evex-base.S +@@ -124,13 +124,13 @@ L(page_cross): + VPCMPNE %VMM(1), %VMM(0), %k1 + VPTEST %VMM(1), %VMM(1), %k0{%k1} + KMOV %k0, %VRAX +-# ifdef USE_AS_WCSCHR ++ sar %cl, %VRAX ++#ifdef USE_AS_WCSCHR + sub $VEC_MATCH_MASK, %VRAX +-# else ++#else + inc %VRAX +-# endif ++#endif + /* Ignore number of character for alignment adjustment. */ +- shr %cl, %VRAX + jz L(align_more) + + bsf %VRAX, %VRAX +-- +2.33.0 + diff --git a/x86_64-Add-expm1-with-FMA.patch b/x86_64-Add-expm1-with-FMA.patch new file mode 100644 index 0000000..eae04a5 --- /dev/null +++ b/x86_64-Add-expm1-with-FMA.patch @@ -0,0 +1,135 @@ +From b2a45f1eee39d67c1fff2d697d32857fb13c8c5d Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Fri, 11 Aug 2023 08:04:08 -0700 +Subject: [PATCH] x86_64: Add expm1 with FMA + +On Skylake, it improves expm1 bench performance by: + + Before After Improvement +max 70.204 68.054 3% +min 20.709 16.2 22% +mean 22.1221 16.7367 24% + +NB: Add + +extern long double __expm1l (long double); +extern long double __expm1f128 (long double); + +for __typeof (__expm1l) and __typeof (__expm1f128) when __expm1 is +defined since __expm1 may be expanded in their declarations which +causes the build failure. + +(cherry picked from commit 1b214630ce6f7e0099b8b6f87246246739b079cf) +--- + sysdeps/ieee754/dbl-64/s_expm1.c | 7 +++++ + sysdeps/x86_64/fpu/multiarch/Makefile | 2 ++ + sysdeps/x86_64/fpu/multiarch/s_expm1-fma.c | 10 ++++++ + sysdeps/x86_64/fpu/multiarch/s_expm1.c | 36 ++++++++++++++++++++++ + 4 files changed, 55 insertions(+) + create mode 100644 sysdeps/x86_64/fpu/multiarch/s_expm1-fma.c + create mode 100644 sysdeps/x86_64/fpu/multiarch/s_expm1.c + +diff --git a/sysdeps/ieee754/dbl-64/s_expm1.c b/sysdeps/ieee754/dbl-64/s_expm1.c +index 8f1c95bd04..1cafeca9c0 100644 +--- a/sysdeps/ieee754/dbl-64/s_expm1.c ++++ b/sysdeps/ieee754/dbl-64/s_expm1.c +@@ -130,6 +130,11 @@ static const double + 4.00821782732936239552e-06, /* 3ED0CFCA 86E65239 */ + -2.01099218183624371326e-07 }; /* BE8AFDB7 6E09C32D */ + ++#ifndef SECTION ++# define SECTION ++#endif ++ ++SECTION + double + __expm1 (double x) + { +@@ -258,4 +263,6 @@ __expm1 (double x) + } + return y; + } ++#ifndef __expm1 + libm_alias_double (__expm1, expm1) ++#endif +diff --git a/sysdeps/x86_64/fpu/multiarch/Makefile b/sysdeps/x86_64/fpu/multiarch/Makefile +index f773255721..add339a876 100644 +--- a/sysdeps/x86_64/fpu/multiarch/Makefile ++++ b/sysdeps/x86_64/fpu/multiarch/Makefile +@@ -37,6 +37,7 @@ libm-sysdep_routines += \ + e_log2-fma \ + e_pow-fma \ + s_atan-fma \ ++ s_expm1-fma \ + s_sin-fma \ + s_sincos-fma \ + s_tan-fma \ +@@ -49,6 +50,7 @@ CFLAGS-e_log-fma.c = -mfma -mavx2 + CFLAGS-e_log2-fma.c = -mfma -mavx2 + CFLAGS-e_pow-fma.c = -mfma -mavx2 + CFLAGS-s_atan-fma.c = -mfma -mavx2 ++CFLAGS-s_expm1-fma.c = -mfma -mavx2 + CFLAGS-s_sin-fma.c = -mfma -mavx2 + CFLAGS-s_tan-fma.c = -mfma -mavx2 + CFLAGS-s_sincos-fma.c = -mfma -mavx2 +diff --git a/sysdeps/x86_64/fpu/multiarch/s_expm1-fma.c b/sysdeps/x86_64/fpu/multiarch/s_expm1-fma.c +new file mode 100644 +index 0000000000..3ee2bd804e +--- /dev/null ++++ b/sysdeps/x86_64/fpu/multiarch/s_expm1-fma.c +@@ -0,0 +1,10 @@ ++#define __expm1 __expm1_fma ++ ++/* NB: __expm1 may be expanded to __expm1_fma in the following ++ prototypes. */ ++extern long double __expm1l (long double); ++extern long double __expm1f128 (long double); ++ ++#define SECTION __attribute__ ((section (".text.fma"))) ++ ++#include +diff --git a/sysdeps/x86_64/fpu/multiarch/s_expm1.c b/sysdeps/x86_64/fpu/multiarch/s_expm1.c +new file mode 100644 +index 0000000000..2cae83fb7f +--- /dev/null ++++ b/sysdeps/x86_64/fpu/multiarch/s_expm1.c +@@ -0,0 +1,36 @@ ++/* Multiple versions of expm1. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++extern double __redirect_expm1 (double); ++ ++#define SYMBOL_NAME expm1 ++#include "ifunc-fma.h" ++ ++libc_ifunc_redirected (__redirect_expm1, __expm1, IFUNC_SELECTOR ()); ++libm_alias_double (__expm1, expm1) ++ ++#define __expm1 __expm1_sse2 ++ ++/* NB: __expm1 may be expanded to __expm1_sse2 in the following ++ prototypes. */ ++extern long double __expm1l (long double); ++extern long double __expm1f128 (long double); ++ ++#include +-- +2.27.0 + diff --git a/x86_64-Add-log1p-with-FMA.patch b/x86_64-Add-log1p-with-FMA.patch new file mode 100644 index 0000000..64cb328 --- /dev/null +++ b/x86_64-Add-log1p-with-FMA.patch @@ -0,0 +1,140 @@ +From c92946d9b29956be78ca4487264848714fd5d505 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Thu, 17 Aug 2023 09:42:29 -0700 +Subject: [PATCH] x86_64: Add log1p with FMA + +On Skylake, it changes log1p bench performance by: + + Before After Improvement +max 63.349 58.347 8% +min 4.448 5.651 -30% +mean 12.0674 10.336 14% + +The minimum code path is + + if (hx < 0x3FDA827A) /* x < 0.41422 */ + { + if (__glibc_unlikely (ax >= 0x3ff00000)) /* x <= -1.0 */ + { + ... + } + if (__glibc_unlikely (ax < 0x3e200000)) /* |x| < 2**-29 */ + { + math_force_eval (two54 + x); /* raise inexact */ + if (ax < 0x3c900000) /* |x| < 2**-54 */ + { + ... + } + else + return x - x * x * 0.5; + +FMA and non-FMA code sequences look similar. Non-FMA version is slightly +faster. Since log1p is called by asinh and atanh, it improves asinh +performance by: + + Before After Improvement +max 75.645 63.135 16% +min 10.074 10.071 0% +mean 15.9483 14.9089 6% + +and improves atanh performance by: + + Before After Improvement +max 91.768 75.081 18% +min 15.548 13.883 10% +mean 18.3713 16.8011 8% + +(cherry picked from commit a8ecb126d4c26c52f4ad828c566afe4043a28155) +--- + sysdeps/ieee754/dbl-64/s_log1p.c | 5 ++++ + sysdeps/x86_64/fpu/multiarch/Makefile | 2 ++ + sysdeps/x86_64/fpu/multiarch/s_log1p-fma.c | 4 +++ + sysdeps/x86_64/fpu/multiarch/s_log1p.c | 29 ++++++++++++++++++++++ + 4 files changed, 40 insertions(+) + create mode 100644 sysdeps/x86_64/fpu/multiarch/s_log1p-fma.c + create mode 100644 sysdeps/x86_64/fpu/multiarch/s_log1p.c + +diff --git a/sysdeps/ieee754/dbl-64/s_log1p.c b/sysdeps/ieee754/dbl-64/s_log1p.c +index e6476a8260..eeb0af859f 100644 +--- a/sysdeps/ieee754/dbl-64/s_log1p.c ++++ b/sysdeps/ieee754/dbl-64/s_log1p.c +@@ -99,6 +99,11 @@ static const double + + static const double zero = 0.0; + ++#ifndef SECTION ++# define SECTION ++#endif ++ ++SECTION + double + __log1p (double x) + { +diff --git a/sysdeps/x86_64/fpu/multiarch/Makefile b/sysdeps/x86_64/fpu/multiarch/Makefile +index add339a876..ea81753b70 100644 +--- a/sysdeps/x86_64/fpu/multiarch/Makefile ++++ b/sysdeps/x86_64/fpu/multiarch/Makefile +@@ -38,6 +38,7 @@ libm-sysdep_routines += \ + e_pow-fma \ + s_atan-fma \ + s_expm1-fma \ ++ s_log1p-fma \ + s_sin-fma \ + s_sincos-fma \ + s_tan-fma \ +@@ -51,6 +52,7 @@ CFLAGS-e_log2-fma.c = -mfma -mavx2 + CFLAGS-e_pow-fma.c = -mfma -mavx2 + CFLAGS-s_atan-fma.c = -mfma -mavx2 + CFLAGS-s_expm1-fma.c = -mfma -mavx2 ++CFLAGS-s_log1p-fma.c = -mfma -mavx2 + CFLAGS-s_sin-fma.c = -mfma -mavx2 + CFLAGS-s_tan-fma.c = -mfma -mavx2 + CFLAGS-s_sincos-fma.c = -mfma -mavx2 +diff --git a/sysdeps/x86_64/fpu/multiarch/s_log1p-fma.c b/sysdeps/x86_64/fpu/multiarch/s_log1p-fma.c +new file mode 100644 +index 0000000000..8952df8f9e +--- /dev/null ++++ b/sysdeps/x86_64/fpu/multiarch/s_log1p-fma.c +@@ -0,0 +1,4 @@ ++#define __log1p __log1p_fma ++#define SECTION __attribute__ ((section (".text.fma"))) ++ ++#include +diff --git a/sysdeps/x86_64/fpu/multiarch/s_log1p.c b/sysdeps/x86_64/fpu/multiarch/s_log1p.c +new file mode 100644 +index 0000000000..6ce5198d6d +--- /dev/null ++++ b/sysdeps/x86_64/fpu/multiarch/s_log1p.c +@@ -0,0 +1,29 @@ ++/* Multiple versions of log1p. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++ ++extern double __redirect_log1p (double); ++ ++#define SYMBOL_NAME log1p ++#include "ifunc-fma.h" ++ ++libc_ifunc_redirected (__redirect_log1p, __log1p, IFUNC_SELECTOR ()); ++ ++#define __log1p __log1p_sse2 ++#include +-- +2.27.0 + diff --git a/x86_64-Add-log2-with-FMA.patch b/x86_64-Add-log2-with-FMA.patch new file mode 100644 index 0000000..2439490 --- /dev/null +++ b/x86_64-Add-log2-with-FMA.patch @@ -0,0 +1,102 @@ +From 49016f2190693d5b2d4d6294d438ebae7a58d151 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Thu, 10 Aug 2023 11:24:30 -0700 +Subject: [PATCH] x86_64: Add log2 with FMA + +On Skylake, it improves log2 bench performance by: + + Before After Improvement +max 208.779 63.827 69% +min 9.977 6.55 34% +mean 10.366 6.8191 34% + +(cherry picked from commit f6b10ed8e9a00de49d0951e760cc2b5288862b47) +--- + sysdeps/x86_64/fpu/multiarch/Makefile | 2 ++ + sysdeps/x86_64/fpu/multiarch/e_log2-fma.c | 3 ++ + sysdeps/x86_64/fpu/multiarch/e_log2.c | 43 +++++++++++++++++++++++ + 3 files changed, 48 insertions(+) + create mode 100644 sysdeps/x86_64/fpu/multiarch/e_log2-fma.c + create mode 100644 sysdeps/x86_64/fpu/multiarch/e_log2.c + +diff --git a/sysdeps/x86_64/fpu/multiarch/Makefile b/sysdeps/x86_64/fpu/multiarch/Makefile +index e37e488c37..f773255721 100644 +--- a/sysdeps/x86_64/fpu/multiarch/Makefile ++++ b/sysdeps/x86_64/fpu/multiarch/Makefile +@@ -34,6 +34,7 @@ libm-sysdep_routines += \ + e_atan2-fma \ + e_exp-fma \ + e_log-fma \ ++ e_log2-fma \ + e_pow-fma \ + s_atan-fma \ + s_sin-fma \ +@@ -45,6 +46,7 @@ CFLAGS-e_asin-fma.c = -mfma -mavx2 + CFLAGS-e_atan2-fma.c = -mfma -mavx2 + CFLAGS-e_exp-fma.c = -mfma -mavx2 + CFLAGS-e_log-fma.c = -mfma -mavx2 ++CFLAGS-e_log2-fma.c = -mfma -mavx2 + CFLAGS-e_pow-fma.c = -mfma -mavx2 + CFLAGS-s_atan-fma.c = -mfma -mavx2 + CFLAGS-s_sin-fma.c = -mfma -mavx2 +diff --git a/sysdeps/x86_64/fpu/multiarch/e_log2-fma.c b/sysdeps/x86_64/fpu/multiarch/e_log2-fma.c +new file mode 100644 +index 0000000000..9fbebc1b47 +--- /dev/null ++++ b/sysdeps/x86_64/fpu/multiarch/e_log2-fma.c +@@ -0,0 +1,3 @@ ++#define __log2 __log2_fma ++ ++#include +diff --git a/sysdeps/x86_64/fpu/multiarch/e_log2.c b/sysdeps/x86_64/fpu/multiarch/e_log2.c +new file mode 100644 +index 0000000000..c0320caf36 +--- /dev/null ++++ b/sysdeps/x86_64/fpu/multiarch/e_log2.c +@@ -0,0 +1,43 @@ ++/* Multiple versions of log2. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++extern double __redirect_log2 (double); ++ ++#define SYMBOL_NAME log2 ++#include "ifunc-fma.h" ++ ++libc_ifunc_redirected (__redirect_log2, __log2, IFUNC_SELECTOR ()); ++ ++#ifdef SHARED ++__hidden_ver1 (__log2, __GI___log2, __redirect_log2) ++ __attribute__ ((visibility ("hidden"))); ++ ++versioned_symbol (libm, __ieee754_log2, log2, GLIBC_2_29); ++libm_alias_double_other (__log2, log2) ++#else ++libm_alias_double (__log2, log2) ++#endif ++ ++strong_alias (__log2, __ieee754_log2) ++libm_alias_finite (__log2, __log2) ++ ++#define __log2 __log2_sse2 ++#include +-- +2.27.0 + diff --git a/x86_64-Fix-missing-wcsncat-function-definition-witho.patch b/x86_64-Fix-missing-wcsncat-function-definition-witho.patch new file mode 100644 index 0000000..a960466 --- /dev/null +++ b/x86_64-Fix-missing-wcsncat-function-definition-witho.patch @@ -0,0 +1,44 @@ +From dc1762113dbe40be832bedd41b52d9822d62c50f Mon Sep 17 00:00:00 2001 +From: Gabi Falk +Date: Tue, 7 May 2024 18:25:00 +0000 +Subject: [PATCH] x86_64: Fix missing wcsncat function definition without + multiarch (x86-64-v4) + +This code expects the WCSCAT preprocessor macro to be predefined in case +the evex implementation of the function should be defined with a name +different from __wcsncat_evex. However, when glibc is built for +x86-64-v4 without multiarch support, sysdeps/x86_64/wcsncat.S defines +WCSNCAT variable instead of WCSCAT to build it as wcsncat. Rename the +variable to WCSNCAT, as it is actually a better naming choice for the +variable in this case. + +Reported-by: Kenton Groombridge +Link: https://bugs.gentoo.org/921945 +Fixes: 64b8b6516b ("x86: Add evex optimized functions for the wchar_t strcpy family") +Signed-off-by: Gabi Falk +Reviewed-by: Sunil K Pandey +(cherry picked from commit dd5f891c1ad9f1b43b9db93afe2a55cbb7a6194e) +--- + sysdeps/x86_64/multiarch/wcsncat-evex.S | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/sysdeps/x86_64/multiarch/wcsncat-evex.S b/sysdeps/x86_64/multiarch/wcsncat-evex.S +index 392215950a..10bfb0a531 100644 +--- a/sysdeps/x86_64/multiarch/wcsncat-evex.S ++++ b/sysdeps/x86_64/multiarch/wcsncat-evex.S +@@ -1,9 +1,9 @@ +-#ifndef WCSCAT +-# define WCSCAT __wcsncat_evex ++#ifndef WCSNCAT ++# define WCSNCAT __wcsncat_evex + #endif + + #define USE_AS_WCSCPY + #define USE_AS_STRCAT + +-#define STRNCAT WCSCAT ++#define STRNCAT WCSNCAT + #include "strncat-evex.S" +-- +2.27.0 + diff --git a/x86_64-Fix-typo-in-ifunc-impl-list.c.patch b/x86_64-Fix-typo-in-ifunc-impl-list.c.patch new file mode 100644 index 0000000..4d1953e --- /dev/null +++ b/x86_64-Fix-typo-in-ifunc-impl-list.c.patch @@ -0,0 +1,38 @@ +From ca41fe44a552a78e78b1b5de6116c67ef712eb74 Mon Sep 17 00:00:00 2001 +From: Sunil K Pandey +Date: Tue, 20 May 2025 10:07:27 -0700 +Subject: [PATCH] x86_64: Fix typo in ifunc-impl-list.c. + +Fix wcsncpy and wcpncpy typo in ifunc-impl-list.c. + +Reviewed-by: H.J. Lu +(cherry picked from commit f2aeb6ff941dccc4c777b5621e77addea6cc076c) +--- + sysdeps/x86_64/multiarch/ifunc-impl-list.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/x86_64/multiarch/ifunc-impl-list.c b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +index 5427ff1907..2cc2d81c66 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +@@ -928,7 +928,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + (CPU_FEATURE_USABLE (AVX2) + && CPU_FEATURE_USABLE (BMI2)), + __wcsncpy_avx2) +- X86_IFUNC_IMPL_ADD_V2 (array, i, wcpncpy, ++ X86_IFUNC_IMPL_ADD_V2 (array, i, wcsncpy, + 1, + __wcsncpy_generic)) + +@@ -958,7 +958,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + (CPU_FEATURE_USABLE (AVX2) + && CPU_FEATURE_USABLE (BMI2)), + __wcpncpy_avx2) +- X86_IFUNC_IMPL_ADD_V2 (array, i, wcsncpy, ++ X86_IFUNC_IMPL_ADD_V2 (array, i, wcpncpy, + 1, + __wcpncpy_generic)) + +-- +2.27.0 + diff --git a/x86_64-Optimize-ffsll-function-code-size.patch b/x86_64-Optimize-ffsll-function-code-size.patch new file mode 100644 index 0000000..e5531b5 --- /dev/null +++ b/x86_64-Optimize-ffsll-function-code-size.patch @@ -0,0 +1,50 @@ +From 30e546d76e756fe4d2d20a8b2286de4fbf30ceb5 Mon Sep 17 00:00:00 2001 +From: Sunil K Pandey +Date: Wed, 26 Jul 2023 08:34:05 -0700 +Subject: [PATCH 1/6] x86_64: Optimize ffsll function code size. + +Ffsll function randomly regress by ~20%, depending on how code gets +aligned in memory. Ffsll function code size is 17 bytes. Since default +function alignment is 16 bytes, it can load on 16, 32, 48 or 64 bytes +aligned memory. When ffsll function load at 16, 32 or 64 bytes aligned +memory, entire code fits in single 64 bytes cache line. When ffsll +function load at 48 bytes aligned memory, it splits in two cache line, +hence random regression. + +Ffsll function size reduction from 17 bytes to 12 bytes ensures that it +will always fit in single 64 bytes cache line. + +This patch fixes ffsll function random performance regression. + +Reviewed-by: Carlos O'Donell +(cherry picked from commit 9d94997b5f9445afd4f2bccc5fa60ff7c4361ec1) +--- + sysdeps/x86_64/ffsll.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/sysdeps/x86_64/ffsll.c b/sysdeps/x86_64/ffsll.c +index a1c13d4906..0c6680735c 100644 +--- a/sysdeps/x86_64/ffsll.c ++++ b/sysdeps/x86_64/ffsll.c +@@ -26,13 +26,13 @@ int + ffsll (long long int x) + { + long long int cnt; +- long long int tmp; + +- asm ("bsfq %2,%0\n" /* Count low bits in X and store in %1. */ +- "cmoveq %1,%0\n" /* If number was zero, use -1 as result. */ +- : "=&r" (cnt), "=r" (tmp) : "rm" (x), "1" (-1)); ++ asm ("mov $-1,%k0\n" /* Initialize cnt to -1. */ ++ "bsf %1,%0\n" /* Count low bits in x and store in cnt. */ ++ "inc %k0\n" /* Increment cnt by 1. */ ++ : "=&r" (cnt) : "r" (x)); + +- return cnt + 1; ++ return cnt; + } + + #ifndef __ILP32__ +-- +2.33.0 + diff --git a/x86_64-Sort-fpu-multiarch-Makefile.patch b/x86_64-Sort-fpu-multiarch-Makefile.patch new file mode 100644 index 0000000..08ca62f --- /dev/null +++ b/x86_64-Sort-fpu-multiarch-Makefile.patch @@ -0,0 +1,144 @@ +From 5c9be512ee25ceab92a284adc75fe22bbd94b179 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Wed, 9 Aug 2023 11:08:52 -0700 +Subject: [PATCH] x86_64: Sort fpu/multiarch/Makefile + +Sort Makefile variables using scripts/sort-makefile-lines.py. + +No code generation changes observed in libm. No regressions on x86_64. + +(cherry picked from commit 881546979d0219c18337e1b4f4d00cfacab13c40) +--- + sysdeps/x86_64/fpu/multiarch/Makefile | 94 +++++++++++++++++++++------ + 1 file changed, 74 insertions(+), 20 deletions(-) + +diff --git a/sysdeps/x86_64/fpu/multiarch/Makefile b/sysdeps/x86_64/fpu/multiarch/Makefile +index 248162525b..e37e488c37 100644 +--- a/sysdeps/x86_64/fpu/multiarch/Makefile ++++ b/sysdeps/x86_64/fpu/multiarch/Makefile +@@ -1,17 +1,45 @@ + ifeq ($(subdir),math) +-libm-sysdep_routines += s_floor-c s_ceil-c s_floorf-c s_ceilf-c \ +- s_rint-c s_rintf-c s_nearbyint-c s_nearbyintf-c \ +- s_roundeven-c s_roundevenf-c s_trunc-c s_truncf-c ++libm-sysdep_routines += \ ++ s_ceil-c \ ++ s_ceilf-c \ ++ s_floor-c \ ++ s_floorf-c \ ++ s_rint-c \ ++ s_rintf-c \ ++ s_nearbyint-c \ ++ s_nearbyintf-c \ ++ s_roundeven-c \ ++ s_roundevenf-c \ ++ s_trunc-c \ ++ s_truncf-c \ ++# libm-sysdep_routines + +-libm-sysdep_routines += s_ceil-sse4_1 s_ceilf-sse4_1 s_floor-sse4_1 \ +- s_floorf-sse4_1 s_nearbyint-sse4_1 \ +- s_nearbyintf-sse4_1 s_roundeven-sse4_1 \ +- s_roundevenf-sse4_1 s_rint-sse4_1 s_rintf-sse4_1 \ +- s_trunc-sse4_1 s_truncf-sse4_1 ++libm-sysdep_routines += \ ++ s_ceil-sse4_1 \ ++ s_ceilf-sse4_1 \ ++ s_floor-sse4_1 \ ++ s_floorf-sse4_1 \ ++ s_nearbyint-sse4_1 \ ++ s_nearbyintf-sse4_1 \ ++ s_roundeven-sse4_1 \ ++ s_roundevenf-sse4_1 \ ++ s_rint-sse4_1 \ ++ s_rintf-sse4_1 \ ++ s_trunc-sse4_1 \ ++ s_truncf-sse4_1 \ ++# libm-sysdep_routines + +-libm-sysdep_routines += e_exp-fma e_log-fma e_pow-fma s_atan-fma \ +- e_asin-fma e_atan2-fma s_sin-fma s_tan-fma \ +- s_sincos-fma ++libm-sysdep_routines += \ ++ e_asin-fma \ ++ e_atan2-fma \ ++ e_exp-fma \ ++ e_log-fma \ ++ e_pow-fma \ ++ s_atan-fma \ ++ s_sin-fma \ ++ s_sincos-fma \ ++ s_tan-fma \ ++# libm-sysdep_routines + + CFLAGS-e_asin-fma.c = -mfma -mavx2 + CFLAGS-e_atan2-fma.c = -mfma -mavx2 +@@ -23,10 +51,22 @@ CFLAGS-s_sin-fma.c = -mfma -mavx2 + CFLAGS-s_tan-fma.c = -mfma -mavx2 + CFLAGS-s_sincos-fma.c = -mfma -mavx2 + +-libm-sysdep_routines += s_sinf-sse2 s_cosf-sse2 s_sincosf-sse2 ++libm-sysdep_routines += \ ++ s_cosf-sse2 \ ++ s_sincosf-sse2 \ ++ s_sinf-sse2 \ ++# libm-sysdep_routines + +-libm-sysdep_routines += e_exp2f-fma e_expf-fma e_log2f-fma e_logf-fma \ +- e_powf-fma s_sinf-fma s_cosf-fma s_sincosf-fma ++libm-sysdep_routines += \ ++ e_exp2f-fma \ ++ e_expf-fma \ ++ e_log2f-fma \ ++ e_logf-fma \ ++ e_powf-fma \ ++ s_cosf-fma \ ++ s_sincosf-fma \ ++ s_sinf-fma \ ++# libm-sysdep_routines + + CFLAGS-e_exp2f-fma.c = -mfma -mavx2 + CFLAGS-e_expf-fma.c = -mfma -mavx2 +@@ -37,9 +77,17 @@ CFLAGS-s_sinf-fma.c = -mfma -mavx2 + CFLAGS-s_cosf-fma.c = -mfma -mavx2 + CFLAGS-s_sincosf-fma.c = -mfma -mavx2 + +-libm-sysdep_routines += e_exp-fma4 e_log-fma4 e_pow-fma4 s_atan-fma4 \ +- e_asin-fma4 e_atan2-fma4 s_sin-fma4 s_tan-fma4 \ +- s_sincos-fma4 ++libm-sysdep_routines += \ ++ e_exp-fma4 \ ++ e_log-fma4 \ ++ e_pow-fma4 \ ++ e_asin-fma4 \ ++ s_atan-fma4 \ ++ e_atan2-fma4 \ ++ s_sin-fma4 \ ++ s_sincos-fma4 \ ++ s_tan-fma4 \ ++# libm-sysdep_routines + + CFLAGS-e_asin-fma4.c = -mfma4 + CFLAGS-e_atan2-fma4.c = -mfma4 +@@ -51,9 +99,15 @@ CFLAGS-s_sin-fma4.c = -mfma4 + CFLAGS-s_tan-fma4.c = -mfma4 + CFLAGS-s_sincos-fma4.c = -mfma4 + +-libm-sysdep_routines += e_exp-avx e_log-avx s_atan-avx \ +- e_atan2-avx s_sin-avx s_tan-avx \ +- s_sincos-avx ++libm-sysdep_routines += \ ++ e_exp-avx \ ++ e_log-avx \ ++ s_atan-avx \ ++ e_atan2-avx \ ++ s_sin-avx \ ++ s_sincos-avx \ ++ s_tan-avx \ ++# libm-sysdep_routines + + CFLAGS-e_atan2-avx.c = -msse2avx -DSSE2AVX + CFLAGS-e_exp-avx.c = -msse2avx -DSSE2AVX +-- +2.27.0 + -- Gitee