diff --git a/display-declaration-fstat-function-make-fstat-call-t.patch b/display-declaration-fstat-function-make-fstat-call-t.patch deleted file mode 100644 index 406da5048de9ff5183610f69d5afb893dd83e6ee..0000000000000000000000000000000000000000 --- a/display-declaration-fstat-function-make-fstat-call-t.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 3b1ee2b0be6ef6a78ae86482eb336f3ac2976fc8 Mon Sep 17 00:00:00 2001 -From: lijianglin -Date: Tue, 13 Jun 2023 11:12:22 +0800 -Subject: [PATCH] display declaration fstat function, make fstat call the - system fstat function - -the patch(commit 8ed005daf0ab03e142500324a34087ce179ae78) changed the implementation -process of interface fstat and used a new system call newfstatat, which resulted in a -decrease in the performance of fstat.this patch make fstat call the original system -call to restore performance. ---- - sysdeps/unix/sysv/linux/fxstat64.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/sysdeps/unix/sysv/linux/fxstat64.c b/sysdeps/unix/sysv/linux/fxstat64.c -index be127982..52775f7e 100644 ---- a/sysdeps/unix/sysv/linux/fxstat64.c -+++ b/sysdeps/unix/sysv/linux/fxstat64.c -@@ -76,6 +76,10 @@ strong_alias (___fxstat64, __fxstat64) - - #if XSTAT_IS_XSTAT64 - strong_alias (___fxstat64, __fxstat) -+int fstat (int __fd, struct stat *__statbuf) -+{ -+ return __fxstat (_STAT_VER, __fd, (struct stat64 *)__statbuf); -+} - #endif - - #endif /* LIB_COMPAT */ --- -2.33.0 - diff --git a/glibc.spec b/glibc.spec index 8e6f28c9ec8c8aacf2814e29f03b4aabf0397458..bf6a98f7e25cc4639f2326314c3a5b83a72cb2fa 100644 --- a/glibc.spec +++ b/glibc.spec @@ -70,7 +70,7 @@ ############################################################################## Name: glibc Version: 2.34 -Release: 137 +Release: 138 Summary: The GNU libc libraries License: %{all_license} URL: http://www.gnu.org/software/glibc/ @@ -278,6 +278,7 @@ Patch187: backport-CVE-2023-4813.patch Patch188: backport-CVE-2023-4806.patch Patch189: backport-CVE-2023-5156.patch Patch190: backport-CVE-2023-4911.patch +Patch191: io-Do-not-implement-fstat-with-fstatat.patch Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch @@ -325,17 +326,13 @@ Patch9030: elf-ld.so-add-MAP_NORESERVE-flag-for-the-first-mmap-2MB-contig.patch Patch9041: elf-ld.so-prohibit-multiple-i-options-and-do-not-allow-i-speci.patch Patch9042: elf-ld.so-Consider-maybe-existing-hole-between-PT_LO.patch Patch9043: add-GB18030-2022-charmap-BZ-30243.patch - %if %{with noseparate_code} Patch9044: add-Wl-z-noseparate-code-for-so.patch %endif - -Patch9045: display-declaration-fstat-function-make-fstat-call-t.patch -Patch9046: fix-Segmentation-fault-in-nss-module.patch -Patch9047: fix_nss_database_check_reload_and_get_memleak.patch -Patch9048: inet-fix-warn-unused-result.patch - -Patch9049: backport-resolv_conf-release-lock-on-allocation-failure-bug-30527.patch +Patch9045: fix-Segmentation-fault-in-nss-module.patch +Patch9046: fix_nss_database_check_reload_and_get_memleak.patch +Patch9047: inet-fix-warn-unused-result.patch +Patch9048: backport-resolv_conf-release-lock-on-allocation-failure-bug-30527.patch Provides: ldconfig rtld(GNU_HASH) bundled(gnulib) @@ -1501,6 +1498,9 @@ fi %endif %changelog +* Wed Oct 11 2023 Qingqing Li - 2.34-138 +- io: Do not implement fstat with fstatat + * Sat Oct 7 2023 liningjie - 2.34-137 - fix CVE-2023-4911 diff --git a/io-Do-not-implement-fstat-with-fstatat.patch b/io-Do-not-implement-fstat-with-fstatat.patch new file mode 100644 index 0000000000000000000000000000000000000000..98aab2066f2589865455cc883668b47106f248ef --- /dev/null +++ b/io-Do-not-implement-fstat-with-fstatat.patch @@ -0,0 +1,165 @@ +From 551101e8240b7514fc646d1722f8b79c90362b8f Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Mon, 11 Sep 2023 10:25:48 -0300 +Subject: [PATCH] io: Do not implement fstat with fstatat + +AT_EMPTY_PATH is a requirement to implement fstat over fstatat, +however it does not prevent the kernel to read the path argument. +It is not an issue, but on x86-64 with SMAP-capable CPUs the kernel is +forced to perform expensive user memory access. After that regular +lookup is performed which adds even more overhead. + +Instead, issue the fstat syscall directly on LFS fstat implementation +(32 bit architectures will still continue to use statx, which is +required to have 64 bit time_t support). it should be even a +small performance gain on non x86_64, since there is no need +to handle the path argument. + +Checked on x86_64-linux-gnu. +--- + sysdeps/unix/sysv/linux/fstat64.c | 37 +++++++++++++++++++++++-- + sysdeps/unix/sysv/linux/fstatat64.c | 12 ++------ + sysdeps/unix/sysv/linux/internal-stat.h | 31 +++++++++++++++++++++ + 3 files changed, 68 insertions(+), 12 deletions(-) + create mode 100644 sysdeps/unix/sysv/linux/internal-stat.h + +diff --git a/sysdeps/unix/sysv/linux/fstat64.c b/sysdeps/unix/sysv/linux/fstat64.c +index 124384e57f..a291f0825b 100644 +--- a/sysdeps/unix/sysv/linux/fstat64.c ++++ b/sysdeps/unix/sysv/linux/fstat64.c +@@ -19,20 +19,53 @@ + #define __fstat __redirect___fstat + #define fstat __redirect_fstat + #include ++#undef __fstat ++#undef fstat + #include +-#include +-#include ++#include + #include + + int + __fstat64_time64 (int fd, struct __stat64_t64 *buf) + { ++#if !FSTATAT_USE_STATX ++# if XSTAT_IS_XSTAT64 ++# ifdef __NR_fstat ++ /* 64-bit kABI, e.g. aarch64, ia64, powerpc64*, s390x, riscv64, and ++ x86_64. */ ++ return INLINE_SYSCALL_CALL (fstat, fd, buf); ++# elif defined __NR_fstat64 ++# if STAT64_IS_KERNEL_STAT64 ++ /* 64-bit kABI outlier, e.g. alpha */ ++ return INLINE_SYSCALL_CALL (fstat64, fd, buf); ++# else ++ /* 64-bit kABI outlier, e.g. sparc64. */ ++ struct kernel_stat64 kst64; ++ int r = INLINE_SYSCALL_CALL (fstat64, fd, &kst64); ++ if (r == 0) ++ __cp_stat64_kstat64 (buf, &kst64); ++ return r; ++# endif /* STAT64_IS_KERNEL_STAT64 */ ++# endif ++# else /* XSTAT_IS_XSTAT64 */ ++ /* 64-bit kabi outlier, e.g. mips64 and mips64-n32. */ ++ struct kernel_stat kst; ++ int r = INLINE_SYSCALL_CALL (fstat, fd, &kst); ++ if (r == 0) ++ __cp_kstat_stat64_t64 (&kst, buf); ++ return r; ++# endif ++#else /* !FSTATAT_USE_STATX */ ++ /* All kABIs with non-LFS support and with old 32-bit time_t support ++ e.g. arm, csky, i386, hppa, m68k, microblaze, nios2, sh, powerpc32, ++ and sparc32. */ + if (fd < 0) + { + __set_errno (EBADF); + return -1; + } + return __fstatat64_time64 (fd, "", buf, AT_EMPTY_PATH); ++#endif + } + #if __TIMESIZE != 64 + hidden_def (__fstat64_time64) +diff --git a/sysdeps/unix/sysv/linux/fstatat64.c b/sysdeps/unix/sysv/linux/fstatat64.c +index 3509d3ca6d..127c6ff601 100644 +--- a/sysdeps/unix/sysv/linux/fstatat64.c ++++ b/sysdeps/unix/sysv/linux/fstatat64.c +@@ -21,12 +21,10 @@ + #include + #include + #include +-#include + #include + #include +-#include +-#include + #include ++#include + + #if __TIMESIZE == 64 \ + && (__WORDSIZE == 32 \ +@@ -40,11 +38,7 @@ _Static_assert (sizeof (__blkcnt_t) == sizeof (__blkcnt64_t), + "__blkcnt_t and __blkcnt64_t must match"); + #endif + +-#if (__WORDSIZE == 32 \ +- && (!defined __SYSCALL_WORDSIZE || __SYSCALL_WORDSIZE == 32)) \ +- || defined STAT_HAS_TIME32 \ +- || (!defined __NR_newfstatat && !defined __NR_fstatat64) +-# define FSTATAT_USE_STATX 1 ++#if FSTATAT_USE_STATX + + static inline int + fstatat64_time64_statx (int fd, const char *file, struct __stat64_t64 *buf, +@@ -79,8 +73,6 @@ fstatat64_time64_statx (int fd, const char *file, struct __stat64_t64 *buf, + + return r; + } +-#else +-# define FSTATAT_USE_STATX 0 + #endif + + /* Only statx supports 64-bit timestamps for 32-bit architectures with +diff --git a/sysdeps/unix/sysv/linux/internal-stat.h b/sysdeps/unix/sysv/linux/internal-stat.h +new file mode 100644 +index 0000000000..e3b0569853 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/internal-stat.h +@@ -0,0 +1,31 @@ ++/* Internal stat definitions. ++ Copyright (C) 2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++#if (__WORDSIZE == 32 \ ++ && (!defined __SYSCALL_WORDSIZE || __SYSCALL_WORDSIZE == 32)) \ ++ || defined STAT_HAS_TIME32 \ ++ || (!defined __NR_newfstatat && !defined __NR_fstatat64) ++# define FSTATAT_USE_STATX 1 ++#else ++# define FSTATAT_USE_STATX 0 ++#endif +-- +2.33.0 +