Commit Graph

3338 Commits

Author SHA1 Message Date
Rich Felker
cf115059ba in crypt-sha*, reject excessive rounds as error rather than clamping
the reference implementation clamps rounds to [1000,999999999]. we
further limited rounds to at most 9999999 as a defense against extreme
run times, but wrongly clamped instead of treating out-of-bounds
values as an error, thereby producing implementation-specific hash
results. fixing this should not break anything since values of rounds
this high are not useful anyway.
2016-02-16 17:38:07 -05:00
Rich Felker
ef2b5e9f13 fix unlikely corner cases in getopt's message printing
like fputs (see commit 10a17dfbad), the
message printing code for getopt assumed that fwrite only returns 0 on
failure, but it can also happen on success if the total length to be
written is zero. programs with zero-length argv[0] were affected.

commit 500c6886c6 introduced this
problem in getopt by fixing the fwrite behavior to conform to the
requirements of ISO C. previously the wrong expectations of the getopt
code were met by the fwrite implementation.
2016-02-16 13:27:24 -05:00
Rich Felker
10a17dfbad fix assumption in fputs that fwrite returning 0 implies an error
internally, the idiom of passing nmemb=1 to fwrite and interpreting
the return value of fwrite (which is necessarily 0 or 1) as
failure/success is fairly widely used. this is not correct, however,
when the size argument is unknown and may be zero, since C requires
fwrite to return 0 in that special case. previously fwrite always
returned nmemb on success, but this was changed for conformance with
ISO C by commit 500c6886c6.
2016-02-16 13:26:16 -05:00
Rich Felker
9c102700a7 release 1.1.13 2016-02-15 23:12:42 -05:00
Rich Felker
0ed932f34f do not define static_assert macro for pre-C11 compilers
some software simply uses static_assert if the macro is defined, and
this breaks if the compiler does not recognize the _Static_assert
keyword used to define it.
2016-02-12 10:11:40 -05:00
Rich Felker
692b16d14b add declarations for utmpname/utmpxname to appropriate headers
commit 378f8cb522 added these functions
(as stubs) but left them without declarations. this broke some
autoconf based software that detected linkability of the symbols but
didn't check for a declaration.
2016-02-12 09:58:50 -05:00
Rich Felker
500c6886c6 fix return value for fread/fwrite when size argument is 0
when the size argument was zero but nmemb was nonzero, these functions
were returning nmemb, despite no data having been written.
conceptually this is not wrong, but the standard requires a return
value of zero in this case.
2016-02-10 19:44:19 -05:00
Rich Felker
416d1c7a71 fix line-buffered flush omission for odd usage of putc-family functions
as specified, the int argument providing the character to write is
converted to type unsigned char. for the actual write to buffer,
conversion happened implicitly via the assignment operator; however,
the logic to check whether the argument was a newline used the
original int value. thus usage such as putchar('\n'+0x100) failed to
produce a flush.
2016-02-10 19:10:34 -05:00
Rich Felker
5a6e8d098a fix failed write reporting by fwrite in line-buffered mode
when a write error occurred while flushing output due to a newline,
fwrite falsely reported all bytes up to and including the newline as
successfully written. in general, due to buffering such "spurious
success" returns are acceptable for stdio; however for line-buffered
mode it was subtly wrong. errors were still visible via ferror() or as
a short-write return if there was more data past the newline that
should have been written, but since the contract for line-buffered
mode is that everything up through the newline be written out
immediately, a discrepency was observable in the actual file contents.
2016-02-10 13:51:05 -05:00
Rich Felker
869a9df5b5 remove workaround for broken mips assemblers
the workaround was for a bug that botched .gpword references to local
labels, applying a nonsensical random offset of -0x4000 to them.

this reverses commit 5e396fb996 and a
removes a similar hack that was added to syscall_cp.s in the later
commit 756c8af858. it turns out one
additional instance of the same idiom, the GETFUNCSYM macro in
arch/mips/reloc.h, was still affected by the assembler bug and does
not admit an easy workaround without making assumptions about how the
macro is used. the previous workarounds made static linking work but
left the early-stage dynamic linker broken and thus had limited
usefulness.

instead, affected users (using binutils versions older than 2.20) will
need to fix the bug on the binutils side; the trivial patch is commit
453f5985b13e35161984bf1bf657bbab11515aa4 in the binutils-gdb
repository.
2016-02-08 21:07:09 +00:00
Rich Felker
756c8af858 in mips cancellable syscall asm, don't assume gp register is valid
the old __cp_cancel code path loaded the address of __cancel from the
GOT using the $gp register, which happened to be set to point to the
correct GOT by the calling C function, but there is no ABI requirement
that this happen. instead, go the roundabout way and compute the
address of __cancel via pc-relative and gp-relative addressing
starting with a fake return address generated by a bal instruction,
which is the same trick crt1 uses to bootstrap.
2016-02-04 23:01:03 +00:00
Rich Felker
aecda35373 avoid using signals when a thread attempts to cancel itself
not only is pthread_kill expensive in this case; it also breaks
testing under qemu app-level emulation.
2016-02-04 22:59:13 +00:00
Rich Felker
47314f1e67 make configure accept -h as an alias for --help 2016-02-02 21:14:09 -05:00
Rich Felker
40891ae6db update INSTALL file with new archs, compiler info
add aarch64 and or1k archs, upgrade sh from experimental, and note
that sh now supports the FDPIC ABI.

the old advice on compiler versions was outdated and more specific
than made sense. presence of compiler bugs varies a lot by arch, so
it's hard to make any good recommendations beyond "recent". if we want
to document specific known-good/bad compiler versions, a much larger
section in the documentation than what's appropriate for the INSTALL
file would be needed.
2016-02-02 17:47:25 -05:00
Szabolcs Nagy
d150764697 fix malloc_usable_size for NULL input
the linux man page specifies malloc_usable_size(0) to return 0 and
this is the semantics other implementations follow (jemalloc).
reported by Alexander Monakov.
2016-01-31 17:34:45 -05:00
Szabolcs Nagy
2810b30fc3 regex: increase the stack tre uses for tnfa creation
10k elements stack is increased to 1000k, otherwise tnfa creation fails
for reasonable sized patterns: a single literal char can add 7 elements
to this stack, so regcomp of an 1500 char long pattern (with only litral
chars) fails with REG_ESPACE. (the new limit allows about < 150k chars,
this arbitrary limit allows most command line regex usage.)

ideally there would be no upper bound: regcomp dynamically reallocates
this buffer, every reallocation checks for allocation failure and at
the end this stack is freed so there is no reason for special bound.
however that may have unwanted effect on regcomp and regexec runtime
so this is a conservative change.
2016-01-31 17:33:54 -05:00
Szabolcs Nagy
3b27725385 better a_sc inline asm constraint on aarch64 and arm
"Q" input constraint was used for the written object, instead of "=Q"
output constraint.  this should not cause problems because "memory"
is on the clobber list, but "=Q" better documents the intent and more
consistent with the actual asm code.

this changes the generated code, because different registers are used,
but other than the register names nothing should change.
2016-01-31 17:32:56 -05:00
Rich Felker
65498f289b don't suppress shared libc when linker lacks -Bsymbolic-functions
previous work overhauling the dynamic linker made it so that linking
libc with -Bsymbolic-functions was no longer mandatory, but the
configure logic that forced --disable-shared when ld failed to accept
the option was left in place.

this commit removes the hard-coded -Bsymbolic-functions from the
Makefile and changes the configure test to one that simply adds it to
the auto-detected LDFLAGS on success.
2016-01-31 00:40:33 -05:00
Felix Fietkau
c18d05f0e8 ldso: fix GDB dynamic linker info on MIPS
GDB is looking for a pointer to the ldso debug info in the data of the
..rld_map section.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2016-01-30 20:55:22 -05:00
Szabolcs Nagy
831e9d9efa regex: simplify the {,} repetition parsing logic 2016-01-30 20:53:52 -05:00
Szabolcs Nagy
25160f1c08 regex: treat \+, \? as repetitions in BRE
These are undefined escape sequences by the standard, but often
used in sed scripts.
2016-01-30 20:53:42 -05:00
Szabolcs Nagy
03498ec22a regex: rewrite the repetition parsing code
The goto logic was hard to follow and modify. This is
in preparation for the BRE \+ and \? support.
2016-01-30 20:53:29 -05:00
Szabolcs Nagy
da4cc13b97 regex: treat \| in BRE as alternation
The standard does not define semantics for \| in BRE, but some code
depends on it meaning alternation. Empty alternative expression is
allowed to be consistent with ERE.

Based on a patch by Rob Landley.
2016-01-30 20:53:17 -05:00
Szabolcs Nagy
7eaa76fc2e regex: reject repetitions in some cases with REG_BADRPT
Previously repetitions were accepted after empty expressions like
in (*|?)|{2}, but in BRE the handling of * and \{\} were not
consistent: they were accepted as literals in some cases and
repetitions in others.

It is better to treat repetitions after an empty expression as an
error (this is allowed by the standard, and glibc mostly does the
same). This is hard to do consistently with the current logic so
the new rule is:

Reject repetitions after empty expressions, except after assertions
^*, $? and empty groups ()+ and never treat them as literals.

Empty alternation (|a) is undefined by the standard, but it can be
useful so that should be accepted.
2016-01-30 20:53:04 -05:00
Szabolcs Nagy
a8cc225384 regex: clean up position accounting for literal nodes
This should not change the meaning of the code, just make the intent
clearer: advancing position is tied to adding a new literal.
2016-01-30 20:51:58 -05:00
Rich Felker
9ee57db883 fix misaligned pointer-like objects in arm atomics asm source file
this file's .data section was not aligned, and just happened to get
the correct alignment with past builds. it's likely that the move of
atomic.s from arch/arm/src to src/thread/arm caused the change in
alignment, which broke the atomic and thread-pointer access fragments
on actual armv5 hardware.
2016-01-30 19:42:08 -05:00
Rich Felker
140ad50cbf fix regression in dynamic-linked tls when both main app & libs have tls
commit d56460c939 introduced this bug by
setting up the tls module chain incorrectly when the main app has tls.
the singly-linked list head pointer was setup correctly, but the tail
pointer was not, so the first attempt to append to the list (for a
shared library with tls) would treat the list as empty and effectively
removed the main app from the list. this left all tls module id
numbers off-by-one.

this bug did not appear in any released versions.
2016-01-30 14:34:45 -05:00
Rich Felker
1563587b45 reuse parsed resolv.conf in dns core to avoid re-reading/re-parsing 2016-01-28 20:51:31 -05:00
Rich Felker
dcad020c9c fix uninitialized variable in new resolv.conf parser 2016-01-28 20:50:30 -05:00
Rich Felker
3d6e2e477c add support for search domains to dns resolver
search is only performed if the search or domain keyword is used in
resolv.conf and the queried name has fewer than ndots dots. there is
no default domain and names with >=ndots dots are never subjected to
search; failure in the root scope is final.

the (non-POSIX) res_search API presently does not honor search. this
may be added at some point in the future if needed.

resolv.conf is now parsed twice, at two different layers of the code
involved. this will be fixed in a subsequent patch.
2016-01-28 20:29:55 -05:00
Rich Felker
0fef7ffac1 fix handling of dns response codes
rcode of 3 (NxDomain) was treated as a hard EAI_NONAME failure, but it
should instead return 0 (no results) so the caller can continue
searching. this will be important for adding search domain support.
the top-level caller will automatically return EAI_NONAME if there are
zero results at the end.

also, the case where rcode is 0 (success) but there are no results was
not handled. this happens when the domain exists but there are no A or
AAAA records for it. in this case a hard EAI_NONAME should be imposed
to inhibit further search, since the name was defined and just does
not have any address associated with it. previously a misleading hard
failure of EAI_FAIL was reported.
2016-01-28 19:37:35 -05:00
Rich Felker
fe8453d2ee fix logic for matching search/domain keywords in resolv.conf 2016-01-28 19:20:13 -05:00
Rich Felker
d6cb08bcac factor resolv.conf parsing out of res_msend to its own file
this change is made in preparation for adding search domains, for
which higher-level code will need to parse resolv.conf. simply parsing
it twice for each lookup would be one reasonable option, but the
existing parser code was buggy anyway, which suggested to me that it's
a bad idea to have two variants of this code in two different places.

the old code in res_msend potentially misinterpreted overly long lines
in resolv.conf, and stopped parsing after it found 3 nameservers, even
if there were relevant options left to be parsed later in the file.
2016-01-28 18:39:22 -05:00
Rich Felker
19df86cbb3 add errno setting to stub utmpxname function 2016-01-28 00:38:23 -05:00
Kylie McClain
378f8cb522 legacy/utmpx: Add utmp{,x}name stubs 2016-01-28 00:19:14 -05:00
Rich Felker
4dfac11538 deduplicate the bulk of the arch bits headers
all bits headers that were identical for a number of 'clean' archs are
moved to the new arch/generic tree. in addition, a few headers that
differed only cosmetically from the new generic version are removed.

additional deduplication may be possible in mman.h and in several
headers (limits.h, posix.h, stdint.h) that mostly depend on whether
the arch is 32- or 64-bit, but they are left alone for now because
greater gains are likely possible with more invasive changes to header
logic, which is beyond the scope of this commit.
2016-01-27 21:52:14 -05:00
Rich Felker
efdf04cf87 add arch/generic include fallback to build rules
this sets the stage for the first phase of the bits deduplication.
bits headers which are identical for "most" archs will be moved to
arch/generic/bits.
2016-01-27 19:31:15 -05:00
Rich Felker
e1d99894b6 remove unneeded -I options from configure test for may_alias attribute
this test does not include anything, so the -I options are not useful
and are just a maintenance burden if paths change.
2016-01-27 19:01:21 -05:00
Hauke Mehrtens
b0bf52f3e9 mips: add vdso support
vdso support is available on mips starting with kernel 4.4, see kernel
commit a7f4df4e21 "MIPS: VDSO: Add implementations of gettimeofday()
and clock_gettime()" for details.

In Linux kernel 4.4.0 the mips code returns -ENOSYS in case it can not
handle the vdso call and assumes the libc will call the original
syscall in this case. Handle this case in musl. Currently Linux kernel
4.4.0 handles the following types: CLOCK_REALTIME_COARSE,
CLOCK_MONOTONIC_COARSE, CLOCK_REALTIME and CLOCK_MONOTONIC.
2016-01-27 12:40:24 -05:00
Rich Felker
a5ba2d7507 improve clock_gettime and adapt it to support slightly-broken vdso
these changes are motivated by a functionally similar patch by Hauke
Mehrtens to address the needs of the new mips vdso clock_gettime,
which wrongly fails with ENOSYS rather than falling back to making a
syscall for clock ids it cannot handle from userspace. in the process
of preparing to handle that case, it was noticed that the old
clock_gettime use of the vdso was actually wrong with respect to error
handling -- the tail call to the vdso function failed to set errno and
instead returned an error code.

since tail calls to vdso are no longer possible and since the plain
syscall code is now needed as a fallback path anyway, it does not make
sense to use a function pointer to call the plain syscall code path.
instead, it's inlined at the end of the main clock_gettime function.

the new code also avoids the need to test for initialization of the
vdso function pointer by statically initializing it to a self-init
function, and eliminates redundant loads from the volatile pointer
object.

finally, the use of a_cas_p on an object of type other than void *,
which is not permitted aliasing, is replaced by using an object with
the correct type and casting the value.
2016-01-27 12:23:47 -05:00
Szabolcs Nagy
9a3b8f97a1 fix siginfo_t for mips
si_errno and si_code are swapped in mips siginfo_t compared to other
archs and some si_code values are different.  This fix is required
for POSIX timers to work.

based on patch by Dmitry Ivanov.
2016-01-26 22:31:21 -05:00
Szabolcs Nagy
22f84829af move bits/signal.h include close to the top of signal.h
only have code above the bits/signal.h include that is necessary.
(some types are used for the ucontext struct and mips has to
override a few macro definitions)

this way mips bits/signal.h will be able to affect siginfo_t.
2016-01-26 22:26:47 -05:00
Szabolcs Nagy
c243d6f095 add new PTRACE_SECCOMP_GET_FILTER ptrace command
allows the tracer to dump the bpf seccomp filters of the tracee,
new in linux v4.4, commit f8e529ed941ba2bbcbf310b575d968159ce7e895
2016-01-26 18:31:17 -05:00
Szabolcs Nagy
789ff6a9f8 add MCL_ONFAULT and MLOCK_ONFAULT mlockall and mlock2 flags
they lock faulted pages into memory (useful when a small part of a
large mapped file needs efficient access), new in linux v4.4, commit
b0f205c2a3082dd9081f9a94e50658c5fa906ff1

MLOCK_* is not in the POSIX reserved namespace for sys/mman.h
2016-01-26 18:31:05 -05:00
Szabolcs Nagy
51d5f139ca add mlock2 syscall number from linux v4.4
this is mlock with a flags argument, new in linux commit
a8ca5d0ecbdde5cc3d7accacbd69968b0c98764e

as usual microblaze and sh don't have allocated syscall number yet.
2016-01-26 18:30:50 -05:00
Szabolcs Nagy
aaa604052d add new PTRACE_O_SUSPEND_SECCOMP ptrace option
allows a ptracer process to disable/enable seccomp filters of the
traced process, useful for checkpoint/restore, new in v4.3 commit
13c4a90119d28cfcb6b5bdd820c233b86c2b0237
2016-01-26 18:30:30 -05:00
Szabolcs Nagy
8afd2a1d03 add new PR_CAP_AMBIENT and related defines to sys/prctl.h
ambient capability mask is new in linux v4.3, commit
58319057b7847667f0c9585b9de0e8932b0fdb08
2016-01-26 18:30:14 -05:00
Szabolcs Nagy
3934f49c01 update netpacket/packet.h to linux v4.3 2016-01-26 18:29:32 -05:00
Szabolcs Nagy
09001a8f97 add new membarrier, userfaultfd and switch_endian syscalls
new in linux v4.3 added for aarch64, arm, i386, mips, or1k, powerpc,
x32 and x86_64.

membarrier is a system wide memory barrier, moves most of the
synchronization cost to one side, new in kernel commit
5b25b13ab08f616efd566347d809b4ece54570d1

userfaultfd is useful for qemu and is new in kernel commit
8d2afd96c20316d112e04d935d9e09150e988397

switch_endian is powerpc only for switching endianness, new in commit
529d235a0e190ded1d21ccc80a73e625ebcad09b
2016-01-26 18:28:20 -05:00
Szabolcs Nagy
37bfb68f68 add new i386 socket syscall numbers
new in linux v4.3 commit 9dea5dc921b5f4045a18c63eb92e84dc274d17eb
direct calls instead of socketcall allow better seccomp filtering.

musl continues to use socketcalls internally on i386. (older kernels
would need a fallback mechanism if the direct calls were used.)
2016-01-26 18:28:04 -05:00