Commit Graph

361 Commits

Author SHA1 Message Date
Rich Felker
4bf10ebf66 fix breakage in x32 dynamic linker due to mismatching register size
the jmp instruction requires a 64-bit register, so cast the desired PC
address up to uint64_t, going through uintptr_t to ensure that it's
zero-extended rather than possibly sign-extended.
2015-04-20 18:17:48 -04:00
Szabolcs Nagy
87c62d06e4 add execveat syscall number to microblaze
syscall number was reserved in linux v4.0, kernel commit
add4b1b02da7e7ec35c34dd04d351ac53f3f0dd8
2015-04-17 22:31:20 -04:00
Rich Felker
19bcdeeb1e fix missing quotation mark in mips crt_arch.h that broke build 2015-04-17 22:21:15 -04:00
Rich Felker
cbc02ba23c consistently use hidden visibility for cancellable syscall internals
in a few places, non-hidden symbols were referenced from asm in ways
that assumed ld-time binding. while these is no semantic reason these
symbols need to be hidden, fixing the references without making them
hidden was going to be ugly, and hidden reduces some bloat anyway.

in the asm files, .global/.hidden directives have been moved to the
top to unclutter the actual code.
2015-04-14 11:18:59 -04:00
Rich Felker
da7ccf822c use hidden visibility for i386 asm-internal __vsyscall symbol
otherwise the call instruction in the inline syscall asm results in
textrels without ld-time binding.
2015-04-14 10:22:12 -04:00
Rich Felker
f3ddd17380 dynamic linker bootstrap overhaul
this overhaul further reduces the amount of arch-specific code needed
by the dynamic linker and removes a number of assumptions, including:

- that symbolic function references inside libc are bound at link time
  via the linker option -Bsymbolic-functions.

- that libc functions used by the dynamic linker do not require
  access to data symbols.

- that static/internal function calls and data accesses can be made
  without performing any relocations, or that arch-specific startup
  code handled any such relocations needed.

removing these assumptions paves the way for allowing libc.so itself
to be built with stack protector (among other things), and is achieved
by a three-stage bootstrap process:

1. relative relocations are processed with a flat function.
2. symbolic relocations are processed with no external calls/data.
3. main program and dependency libs are processed with a
   fully-functional libc/ldso.

reduction in arch-specific code is achived through the following:

- crt_arch.h, used for generating crt1.o, now provides the entry point
  for the dynamic linker too.

- asm is no longer responsible for skipping the beginning of argv[]
  when ldso is invoked as a command.

- the functionality previously provided by __reloc_self for heavily
  GOT-dependent RISC archs is now the arch-agnostic stage-1.

- arch-specific relocation type codes are mapped directly as macros
  rather than via an inline translation function/switch statement.
2015-04-13 03:04:42 -04:00
Rich Felker
25748db301 fix possible clobbering of syscall return values on mips
depending on the compiler's interpretation of __asm__ register names
for register class objects, it may be possible for the return value in
r2 to be clobbered by the function call to __stat_fix. I have not
observed any such breakage in normal builds and suspect it only
happens with -O0 or other unusual build options, but since there's an
ambiguity as to the semantics of this feature, it's best to use an
explicit temporary to avoid the issue.

based on reporting and patch by Eugene.
2015-04-07 12:47:19 -04:00
Rich Felker
fd427c4eae move O_PATH definition back to arch bits
while it's the same for all presently supported archs, it differs at
least on sparc, and conceptually it's no less arch-specific than the
other O_* macros. O_SEARCH and O_EXEC are still defined in terms of
O_PATH in the main fcntl.h.
2015-04-01 19:31:06 -04:00
Rich Felker
abfe1f6541 aarch64: remove duplicate macro definitions in bits/fcntl.h 2015-04-01 19:25:32 -04:00
Rich Felker
dfc1a37c44 aarch64: fix definition of sem_nsems in semid_ds structure
POSIX requires the sem_nsems member to have type unsigned short. we
have to work around the incorrect kernel type using matching
endian-specific padding.
2015-04-01 19:12:18 -04:00
Szabolcs Nagy
b24d813d24 aarch64: fix namespace pollution in bits/shm.h
The shm_info struct is a gnu extension and some of its members do
not have shm* prefix. This is worked around in sys/shm.h by macros,
but aarch64 didn't use those.
2015-04-01 19:05:12 -04:00
Rich Felker
e626deeec8 fix missing max_align_t definition on aarch64 2015-03-20 01:21:37 -04:00
Rich Felker
d5a5045382 fix MINSIGSTKSZ values for archs with large signal contexts
the previous values (2k min and 8k default) were too small for some
archs. aarch64 reserves 4k in the signal context for future extensions
and requires about 4.5k total, and powerpc reportedly uses over 2k.
the new minimums are chosen to fit the saved context and also allow a
minimal signal handler to run.

since the default (SIGSTKSZ) has always been 6k larger than the
minimum, it is also increased to maintain the 6k usable by the signal
handler. this happens to be able to store one pathname buffer and
should be sufficient for calling any function in libc that doesn't
involve conversion between floating point and decimal representations.

x86 (both 32-bit and 64-bit variants) may also need a larger minimum
(around 2.5k) in the future to support avx-512, but the values on
these archs are left alone for now pending further analysis.

the value for PTHREAD_STACK_MIN is not increased to match MINSIGSTKSZ
at this time. this is so as not to preclude applications from using
extremely small thread stacks when they know they will not be handling
signals. unfortunately cancellation and multi-threaded set*id() use
signals as an implementation detail and therefore require a stack
large enough for a signal context, so applications which use extremely
small thread stacks may still need to avoid using these features.
2015-03-18 00:31:37 -04:00
Szabolcs Nagy
962cbfbf86 aarch64: fix typo in bits/ioctl.h 2015-03-14 15:49:08 -04:00
Szabolcs Nagy
38bf2d7cc3 aarch64: add struct _aarch64_ctx to signal.h
The unwind code in libgcc uses this type for unwinding across signal
handlers. On aarch64 the kernel may place a sequence of structs on the
signal stack on top of the ucontext to provide additional information.
The unwinder only needs the header, but added all the types the kernel
currently defines for this mechanism because they are part of the uapi.
2015-03-14 13:55:24 -04:00
Rich Felker
673cab5c56 align x32 pthread type sizes to be common with 32-bit archs
previously, commit e7b9887e8b aligned
the sizes with the glibc ABI. subsequent discussion during the merge
of the aarch64 port reached a conclusion that we should reject larger
arch-specific sizes, which have significant cost and no benefit, and
stick with the existing common 32-bit sizes for all 32-bit/ILP32 archs
and the x86_64 sizes for 64-bit archs.

one peculiarity of this change is that x32 pthread_attr_t is now
larger in musl than in the glibc x32 ABI, making it unsafe to call
pthread_attr_init from x32 code that was compiled against glibc. with
all the ABI issues of x32, it's not clear that ABI compatibility will
ever work, but if it's needed, pthread_attr_init and related functions
could be modified not to write to the last slot of the object.

this is not a regression versus previous releases, since on previous
releases the x32 pthread type sizes were all severely oversized
already (due to incorrectly using the x86_64 LP64 definitions).
moreover, x32 is still considered experimental and not ABI-stable.
2015-03-12 14:43:36 -04:00
Szabolcs Nagy
01ef3dd9c5 add aarch64 port
This adds complete aarch64 target support including bigendian subarch.

Some of the long double math functions are known to be broken otherwise
interfaces should be fully functional, but at this point consider this
port experimental.

Initial work on this port was done by Sireesh Tripurari and Kevin Bortis.
2015-03-11 20:12:35 -04:00
Szabolcs Nagy
559de8f5f0 fix FLT_ROUNDS to reflect the current rounding mode
Implemented as a wrapper around fegetround introducing a new function
to the ABI: __flt_rounds. (fegetround cannot be used directly from float.h)
2015-03-07 12:05:28 -05:00
Trutz Behn
f5011c62c3 fix POLLWRNORM and POLLWRBAND on mips
these macros have the same distinct definition on blackfin, frv, m68k,
mips, sparc and xtensa kernels. POLLMSG and POLLRDHUP additionally
differ on sparc.
2015-03-04 12:09:37 -05:00
Rich Felker
e7b9887e8b fix x32 pthread type definitions
the previous definitions were copied from x86_64. not only did they
fail to match the ABI sizes; they also wrongly encoded an assumption
that long/pointer types are twice as large as int.
2015-03-04 11:33:26 -05:00
Rich Felker
56fbaa3bbe make all objects used with atomic operations volatile
the memory model we use internally for atomics permits plain loads of
values which may be subject to concurrent modification without
requiring that a special load function be used. since a compiler is
free to make transformations that alter the number of loads or the way
in which loads are performed, the compiler is theoretically free to
break this usage. the most obvious concern is with atomic cas
constructs: something of the form tmp=*p;a_cas(p,tmp,f(tmp)); could be
transformed to a_cas(p,*p,f(*p)); where the latter is intended to show
multiple loads of *p whose resulting values might fail to be equal;
this would break the atomicity of the whole operation. but even more
fundamental breakage is possible.

with the changes being made now, objects that may be modified by
atomics are modeled as volatile, and the atomic operations performed
on them by other threads are modeled as asynchronous stores by
hardware which happens to be acting on the request of another thread.
such modeling of course does not itself address memory synchronization
between cores/cpus, but that aspect was already handled. this all
seems less than ideal, but it's the best we can do without mandating a
C11 compiler and using the C11 model for atomics.

in the case of pthread_once_t, the ABI type of the underlying object
is not volatile-qualified. so we are assuming that accessing the
object through a volatile-qualified lvalue via casts yields volatile
access semantics. the language of the C standard is somewhat unclear
on this matter, but this is an assumption the linux kernel also makes,
and seems to be the correct interpretation of the standard.
2015-03-03 22:50:02 -05:00
Szabolcs Nagy
f54c28cba2 add syscall numbers for the new execveat syscall
this syscall allows fexecve to be implemented without /proc, it is new
in linux v3.19, added in commit 51f39a1f0cea1cacf8c787f652f26dfee9611874
(sh and microblaze do not have allocated syscall numbers yet)

added a x32 fix as well: the io_setup and io_submit syscalls are no
longer common with x86_64, so use the x32 specific numbers.
2015-02-09 23:00:56 +01:00
Szabolcs Nagy
e63833cd43 remove cruft from x86_64 syscall.h
x86_64 syscall.h defined some musl internal syscall names and made
them public. These defines were already moved to src/internal/syscall.h
(except for SYS_fadvise which is added now) so the cruft in x86_64
syscall.h is not needed.
2015-02-07 11:55:00 -05:00
Felix Janda
4758f0565d fix typo in x86_64/x32 user_fpregs_struct
mxcs_mask should be mxcr_mask
2015-02-01 13:49:15 -05:00
Trutz Behn
2d67ae923d move MREMAP_MAYMOVE and MREMAP_FIXED out of bits
the definitions are generic for all kernel archs. exposure of these
macros now only occurs on the same feature test as for the function
accepting them, which is believed to be more correct.
2015-01-30 22:02:23 -05:00
Trutz Behn
02d8770dcf remove mips-only EINIT and EREMDEV errnos
the errno values are unused by the kernel and the macro definitions were
never exposed by glibc.
2015-01-30 21:58:11 -05:00
Szabolcs Nagy
f90fafea3c add new syscall numbers for bpf and kexec_file_load
these syscalls are new in linux v3.18, bpf is present on all
supported archs except sh, kexec_file_load is only allocted for
x86_64 and x32 yet.

bpf was added in linux commit 99c55f7d47c0dc6fc64729f37bf435abf43f4c60

kexec_file_load syscall number was allocated in commit
f0895685c7fd8c938c91a9d8a6f7c11f22df58d2
2014-12-23 01:44:19 -05:00
Rich Felker
91f15e2d0d move wint_t definition to the shared part of alltypes.h.in 2014-12-21 02:43:35 -05:00
Timo Teräs
be1f67ab6f add arm private syscall numbers
it is part of kernel uapi, and some programs (e.g. nodejs) do use them
2014-12-03 09:50:35 -05:00
Rich Felker
4134c68dd4 unify non-inline version of syscall code across archs
except powerpc, which still lacks inline syscalls simply because
nobody has written the code, these are all fallbacks used to work
around a clang bug that probably does not exist in versions of clang
that can compile musl. however, it's useful to have the generic
non-inline code anyway, as it eases the task of porting to new archs:
writing inline syscall code is now optional. this approach could also
help support compilers which don't understand inline asm or lack
support for the needed register constraints.

mips could not be unified because it has special fixup code for broken
layout of the kernel's struct stat.
2014-11-22 21:50:13 -05:00
Rich Felker
0e971b0e3f inline 5- and 6-argument syscalls on arm 2014-11-22 21:06:40 -05:00
Rich Felker
7d310ed1d0 remove old clang workarounds from arm syscall implementation
the register constraints in the non-clang case were tested to work on
clang back to 3.2, and earlier versions of clang have known bugs that
preclude building musl.

there may be other reasons to prefer not to use inline syscalls, but
if so the function-call-based implementations should be added back in
a unified way for all archs.
2014-11-22 20:50:01 -05:00
Rich Felker
8cd0b11eaf fix __aeabi_read_tp oversight in arm atomics/tls overhaul
calls to __aeabi_read_tp may be generated by the compiler to access
TLS on pre-v6 targets. previously, this function was hard-coded to
call the kuser helper, which would crash on kernels with kuser helper
removed.

to fix the problem most efficiently, the definition of __aeabi_read_tp
is moved so that it's an alias for the new __a_gettp. however, on v7+
targets, code to initialize the runtime choice of thread-pointer
loading code is not even compiled, meaning that defining
__aeabi_read_tp would have caused an immediate crash due to using the
default implementation of __a_gettp with a HCF instruction.

fortunately there is an elegant solution which reduces overall code
size: putting the native thread-pointer loading instruction in the
default code path for __a_gettp, so that separate default/native code
paths are not needed. this function should never be called before
__set_thread_area anyway, and if it is called early on pre-v6
hardware, the old behavior (crashing) is maintained.

ideally __aeabi_read_tp would not be called at all on v7+ targets
anyway -- in fact, prior to the overhaul, the same problem existed,
but it was never caught by users building for v7+ with kuser disabled.
however, it's possible for calls to __aeabi_read_tp to end up in a v7+
binary if some of the object files were built for pre-v7 targets, e.g.
in the case of static libraries that were built separately, so this
case needs to be handled.
2014-11-22 12:26:38 -05:00
Rich Felker
4a241f14a6 overhaul ARM atomics/tls for performance and compatibility
previously, builds for pre-armv6 targets hard-coded use of the "kuser
helper" system for atomics and thread-pointer access, resulting in
binaries that fail to run (crash) on systems where this functionality
has been disabled (as a security/hardening measure) in the kernel.
additionally, builds for armv6 hard-coded an outdated/deprecated
memory barrier instruction which may require emulation (extremely
slow) on future models.

this overhaul replaces the behavior for all pre-armv7 builds (both of
the above cases) to perform runtime detection of the appropriate
mechanisms for barrier, atomic compare-and-swap, and thread pointer
access. detection is based on information provided by the kernel in
auxv: presence of the HWCAP_TLS bit for AT_HWCAP and the architecture
version encoded in AT_PLATFORM. direct use of the instructions is
preferred when possible, since probing for the existence of the kuser
helper page would be difficult and would incur runtime cost.

for builds targeting armv7 or later, the runtime detection code is not
compiled at all, and much more efficient versions of the non-cas
atomic operations are provided by using ldrex/strex directly rather
than wrapping cas.
2014-11-19 01:02:01 -05:00
Rich Felker
de2b9c21d9 fix 64-bit syscall argument passing on or1k
the kernel syscall interface for or1k does not expect 64-bit arguments
to be aligned to "even" register boundaries. this incorrect alignment
broke truncate/ftruncate and as well as a few less-common syscalls.
2014-11-05 00:38:40 -05:00
Rich Felker
867b1822f3 add explicit barrier operation to internal atomic.h API 2014-10-10 18:17:09 -04:00
Szabolcs Nagy
4ffc39c654 add new syscall numbers for seccomp, getrandom, memfd_create
these syscalls are new in linux v3.17 and present on all supported
archs except sh.

seccomp was added in commit 48dc92b9fc3926844257316e75ba11eb5c742b2c
it has operation, flags and pointer arguments (if flags==0 then it is
the same as prctl(PR_SET_SECCOMP,...)), the uapi header for flag
definitions is linux/seccomp.h

getrandom was added in commit c6e9d6f38894798696f23c8084ca7edbf16ee895
it provides an entropy source when open("/dev/urandom",..) would fail,
the uapi header for flags is linux/random.h

memfd_create was added in commit 9183df25fe7b194563db3fec6dc3202a5855839c
it allows anon mmap to have an fd, that can be shared, sealed and needs no
mount point, the uapi header for flags is linux/memfd.h
2014-10-08 10:25:04 -04:00
Rich Felker
bd082916b1 fix C++ incompatibility in i386 definition of max_align_t
the C11 _Alignas keyword is not present in C++, and despite it being
in the reserved namespace and thus reasonable to support even in
non-C11 modes, compilers seem to fail to support it.
2014-09-11 10:16:30 -04:00
Rich Felker
b7cf71a190 add threads.h and needed per-arch types for mtx_t and cnd_t
based on patch by Jens Gustedt.

mtx_t and cnd_t are defined in such a way that they are formally
"compatible types" with pthread_mutex_t and pthread_cond_t,
respectively, when accessed from a different translation unit. this
makes it possible to implement the C11 functions using the pthread
functions (which will dereference them with the pthread types) without
having to use the same types, which would necessitate either namespace
violations (exposing pthread type names in threads.h) or incompatible
changes to the C++ name mangling ABI for the pthread types.

for the rest of the types, things are much simpler; using identical
types is possible without any namespace considerations.
2014-09-06 20:44:30 -04:00
Rich Felker
8b3d7d0d35 fix build error on arm due to new a_spin code
this was broken by commit ea818ea834.
2014-08-25 16:37:13 -04:00
Rich Felker
ea818ea834 add working a_spin() atomic for non-x86 targets
conceptually, a_spin needs to be at least a compiler barrier, so the
compiler will not optimize out loops (and the load on each iteration)
while spinning. it should also be a memory barrier, or the spinning
thread might keep spinning without noticing stores from other threads,
thus delaying for longer than it should.

ideally, an optimal a_spin implementation that avoids unnecessary
cache/memory contention should be chosen for each arch, but for now,
the easiest thing is to perform a useless a_cas on the calling
thread's stack.
2014-08-25 15:43:40 -04:00
Rich Felker
321f4fa906 add max_align_t definition for C11 and C++11
unfortunately this needs to be able to vary by arch, because of a huge
mess GCC made: the GCC definition, which became the ABI, depends on
quirks in GCC's definition of __alignof__, which does not match the
formal alignment of the type.

GCC's __alignof__ unexpectedly exposes the an implementation detail,
its "preferred alignment" for the type, rather than the formal/ABI
alignment of the type, which it only actually uses in structures. on
most archs the two values are the same, but on some (at least i386)
the preferred alignment is greater than the ABI alignment.

I considered using _Alignas(8) unconditionally, but on at least one
arch (or1k), the alignment of max_align_t with GCC's definition is
only 4 (even the "preferred alignment" for these types is only 4).
2014-08-20 17:20:14 -04:00
Rich Felker
de7e99c585 make pointers used in robust list volatile
when manipulating the robust list, the order of stores matters,
because the code may be asynchronously interrupted by a fatal signal
and the kernel will then access the robust list in what is essentially
an async-signal context.

previously, aliasing considerations made it seem unlikely that a
compiler could reorder the stores, but proving that they could not be
reordered incorrectly would have been extremely difficult. instead
I've opted to make all the pointers used as part of the robust list,
including those in the robust list head and in the individual mutexes,
volatile.

in addition, the format of the robust list has been changed to point
back to the head at the end, rather than ending with a null pointer.
this is to match the documented kernel robust list ABI. the null
pointer, which was previously used, only worked because faults during
access terminate the robust list processing.
2014-08-17 00:46:26 -04:00
Rich Felker
4f44937432 fix broken offset argument to the mmap2 syscall on or1k
for or1k, the kernel expects the offset passed to mmap2 in units of
the 8k page size, not the standard unit of 4k used on most other
archs.
2014-07-30 23:25:37 -04:00
Rich Felker
cc54f0aeba provide PAGE_SIZE as a constant value of 8192 on or1k
according to Stefan Kristiansson, or1k page size is not actually
variable and the value of 8192 is part of the ABI.
2014-07-30 23:19:43 -04:00
Rich Felker
cbb609b3db fix terminal control ioctl constants for sh
this commit changes the names to match the kernel names, exposing
under the normal names the "old" versions which work with a smaller
termios structure compatible with the userspace structure, and
renaming the "new" versions with "2" on the end like the kernel has.

this fixes spurious warnings "Unsupported ioctl: cmd=0x802c542a" from
qemu-sh4 and should be more correct anyway, since our userspace
termios structure does not have meaningful information in the part
which the kernel would be interpreting as speeds with the new ioctl.
2014-07-29 16:40:51 -04:00
Rich Felker
c0284b372c remove unused a_cas_l from or1k atomic.h
this follows the same logic as in the previous commit for other archs.
2014-07-27 21:59:58 -04:00
Rich Felker
90e51e45f5 clean up unused and inconsistent atomics in arch dirs
the a_cas_l, a_swap_l, a_swap_p, and a_store_l operations were
probably used a long time ago when only i386 and x86_64 were
supported. as other archs were added, support for them was
inconsistent, and they are obviously not in use at present. having
them around potentially confuses readers working on new ports, and the
type-punning hacks and inconsistent use of types in their definitions
is not a style I wish to perpetuate in the source tree, so removing
them seems appropriate.
2014-07-27 21:50:24 -04:00
Rich Felker
c394763d35 fix insufficient synchronization in sh atomic asm
while other usage I've seen only has the synco instruction after the
atomic operation, I cannot find any documentation indicating that this
is correct. certainly all stores before the atomic need to have been
synchronized before the atomic operation takes place.
2014-07-27 21:13:37 -04:00
Szabolcs Nagy
002e8d84c5 add syscall numbers for the new renameat2 syscall
it's like rename but with flags eg. to allow atomic exchange of two files,
introduced in linux 3.15 commit 520c8b16505236fc82daa352e6c5e73cd9870cff
2014-07-20 18:42:21 +02:00