Commit Graph

86 Commits

Author SHA1 Message Date
Rich Felker
6d05d86297 add O_EXEC open mode
the linux O_PATH mode provides the necessary semantics for both the
O_SEARCH and O_EXEC modes defined and required by POSIX 2008.
2012-09-15 23:45:41 -04:00
Rich Felker
b238b37a0f add O_PATH/O_SEARCH support to fcntl.h
I'm not 100% sure that Linux's O_PATH meets the POSIX requirements for
O_SEARCH, but it seems very close if not perfect. and old kernels
ignore it, so O_SEARCH will still work as desired as long as the
caller has read permissions to the directory.
2012-09-13 20:56:25 -04:00
Rich Felker
208eb584ef syscall organization overhaul
now public syscall.h only exposes __NR_* and SYS_* constants and the
variadic syscall function. no macros or inline functions, no
__syscall_ret or other internal details, no 16-/32-bit legacy syscall
renaming, etc. this logic has all been moved to src/internal/syscall.h
with the arch-specific parts in arch/$(ARCH)/syscall_arch.h, and the
amount of arch-specific stuff has been reduced to a minimum.

changes still need to be reviewed/double-checked. minimal testing on
i386 and mips has already been performed.
2012-09-08 22:43:14 -04:00
Rich Felker
6cf8bfdb64 add acct, accept4, setns, and dup3 syscalls (linux extensions)
based on patch by Justin Cormack
2012-09-08 20:22:08 -04:00
Rich Felker
fb247fafa0 avoid "inline" in public headers for strict c89 compatibility
while musl itself requires a c99 compiler, some applications insist on
being compiled with c89 compilers, and use of "inline" in the headers
was breaking them. much of this had been avoided already by just
skipping the inline keyword in pre-c99 compilers or modes, but this
new unified solution is cleaner and may/should result in better code
generation in the default gcc configuration.
2012-09-02 12:46:06 -04:00
Rich Felker
e3ebe7db5d use int instead of long for ptrdiff_t on all 32-bit archs
this is needed to match the underlying "ABI" standards. it's not
really an ABI issue since the binary representations are the same, but
having the wrong type can lead to errors when the type arising from a
difference-of-pointers expression does not match the defined type of
ptrdiff_t. most of the problems affect C++, not C.
2012-08-10 15:13:26 -04:00
Rich Felker
83b42d94bd add defines for number of sigset_t bytes syscalls expect
yet another gratuitous mips incompatibility...
2012-08-09 21:35:19 -04:00
Rich Felker
96107564e2 workaround another sendmsg kernel bug on 64-bit machines
the kernel wrongly expects the cmsg length field to be size_t instead
of socklen_t. in order to work around the issue, we have to impose a
length limit and copy to a local buffer. the length limit should be
more than sufficient for any real-world use; these headers are only
used for passing file descriptors and permissions between processes
over unix sockets.
2012-07-12 21:37:54 -04:00
Rich Felker
d6c0efe106 jmp_buf overhaul fixing several issues
on arm, the location of the saved-signal-mask flag and mask were off
by one between sigsetjmp and siglongjmp, causing incorrect behavior
restoring the signal mask. this is because the siglongjmp code assumed
an extra slot was in the non-sig jmp_buf for the flag, but arm did not
have this. now, the extra slot is removed for all archs since it was
useless.

also, arm eabi requires jmp_buf to have 8-byte alignment. we achieve
that using long long as the type rather than with non-portable gcc
attribute tags.
2012-07-03 20:07:33 -04:00
Rich Felker
213db3e3fa update syscall defs to latest kernel ones
patch submitted by Kristian L. <email@thexception.net>
2012-06-23 21:16:44 -04:00
Rich Felker
4e8b0938d9 proper error handling for fcntl F_GETOWN on modern kernels
on old kernels, there's no way to detect errors; we must assume
negative syscall return values are pgrp ids. but if the F_GETOWN_EX
fcntl works, we can get a reliable answer.
2012-06-20 22:16:47 -04:00
Rich Felker
030b452b8d fix missing _BSD_SOURCE support in bits/*.h
this is actually rather ugly, and would get even uglier if we ever
want to support further feature test macros. at some point i may
factor the bits headers into separate files for C base, POSIX base,
and nonstandard extensions (the only distinctions that seem to matter
now) and then the logic for which to include can go in the main header
rather than being duplicated for each arch. the downside of this is
that it would result in more files having to be opened during
compilation, so as long as the ugliness does not grow, i'm inclined to
leave it alone for now.
2012-05-22 22:12:10 -04:00
Rich Felker
aa85940388 fix float_t and double_t defs on x86 when -mfpmath=sse -msse2 is used 2012-04-29 19:54:29 -04:00
Rich Felker
a1b442335d support FLT_EVAL_METHOD changing on x86 with gcc -msse2 -mfpmath=sse
if the compiler provides a value, use it; otherwise fallback to the
platform default (2).
2012-04-27 01:39:03 -04:00
Rich Felker
848d30a1e5 use signed char rather than plain char for int8_t
otherwise this BADLY breaks if -funsigned-char is passed to gcc
2012-04-24 18:06:56 -04:00
Rich Felker
67b25fe0a8 move F_DUPFD_CLOEXEC out of bits
fcntl values 1024 and up are universal, arch-independent. later I'll
add some of the other linux-specific ones for notify, leases, pipe
size, etc. here too.
2012-04-15 17:05:10 -04:00
Rich Felker
a68af22926 add F_SETSIG and F_GETSIG (linux specific) to fcntl.h
F_* is in the reserved namespace so no feature test is needed
2012-04-15 17:01:58 -04:00
Rich Felker
5bd0ab8af6 work around nasty gcc bug in the i386 syscall asm
when the "r" (register) constraint is used to let gcc choose a
register, gcc will sometimes assign the same register that was used
for one of the other fixed-register operands, if it knows the values
are the same. one common case is multiple zero arguments to a syscall.
this horribly breaks the intended usage, which is swapping the GOT
pointer from ebx into the temp register and back to perform the
syscall.

presumably there is a way to fix this with advanced usage of register
constaints on the inline asm, but having bad memories about hellish
compatibility issues with different gcc versions, for the time being
i'm just going to hard-code specific registers to be used. this may
hurt the compiler's ability to optimize, but it will fix serious
miscompilation issues.

so far the only function i know what compiled incorrectly is
getrlimit.c, and naturally the bug only applies to shared (PIC)
builds, but it may be more extensive and may have gone undetected..
2012-04-04 00:37:33 -04:00
Rich Felker
47db8903f6 fix DECIMAL_DIG definitions
DECIMAL_DIG is not the same as LDBL_DIG

type_DIG is the maximimum number of decimal digits that can survive a
round trip from decimal to type and back to decimal.

DECIMAL_DIG is the minimum number of decimal digits required in order
for any floating point type to survive the round trip to decimal and
back, and it is generally larger than LDBL_DIG. since the exact
formula is non-trivial, and defining it larger than necessary may be
legal but wasteful, just define the right value in bits/float.h.
2012-03-21 12:42:48 -04:00
Rich Felker
414a4cdebc add float_t and double_t to math.h 2012-02-15 21:47:55 -05:00
Rich Felker
afc35d5efd replace bad cancellation cleanup abi with a sane one
the old abi was intended to duplicate glibc's abi at the expense of
being ugly and slow, but it turns out glib was not even using that abi
except on non-gcc-compatible compilers (which it doesn't even support)
and was instead using an exceptions-in-c/unwind-based approach whose
abi we could not duplicate anyway without nasty dwarf2/unwind
integration.

the new abi is copied from a very old glibc abi, which seems to still
be supported/present in current glibc. it avoids all unwinding,
whether by sjlj or exceptions, and merely maintains a linked list of
cleanup functions to be called from the context of pthread_exit. i've
made some care to ensure that longjmp out of a cleanup function should
work, even though it is not required to.

this change breaks abi compatibility with programs which were using
pthread cancellation, which is unfortunate, but that's why i'm making
the change now rather than later. considering that most pthread
features have not been usable until recently anyway, i don't see it as
a major issue at this point.
2012-02-09 02:33:08 -05:00
Rich Felker
26f38328d6 add prlimit syscall wrapper 2012-01-20 22:10:47 -05:00
Rich Felker
1d3c276807 don't define wchar_t on c++
it's a keyword in c++ (wtf). i'm not sure this is the cleanest
solution; it might be better to avoid ever defining __NEED_wchar_t on
c++. but in any case, this works for now.
2011-10-15 00:28:49 -04:00
Rich Felker
c651c473e5 cleanup/debloat i386 user.h 2011-09-22 15:35:57 -04:00
Rich Felker
0b6eb2dfb2 update syscalls with off_t arguments to handle argument alignment, if needed
the arm syscall abi requires 64-bit arguments to be aligned on an even
register boundary. these new macros facilitate meeting the abi
requirement without imposing significant ugliness on the code.
2011-09-21 20:11:10 -04:00
Rich Felker
114c80f141 fix the definition of struct statvfs to match lsb abi
at the same time, make struct statfs match the traditional definition
and make it more useful, especially the fsid_t stuff.
2011-09-19 23:35:48 -04:00
Rich Felker
f780ac5baf cleanup redundancy in bits/signal.h versions 2011-09-19 20:02:12 -04:00
Rich Felker
224c7a376a fix the type of wchar_t on arm; support wchar_t varying with arch
really wchar_t should never vary, but the ARM EABI defines it as an
unsigned 32-bit int instead of a signed one, and gcc follows this
nonsense. thus, to give a conformant environment, we have to follow
(otherwise L""[0] and L'\0' would be 0U rather than 0, but the
application would be unaware due to a mismatched definition for
WCHAR_MIN and WCHAR_MAX, and Bad Things could happen with respect to
signed/unsigned comparisons, promotions, etc.).

fortunately no rules are imposed by the C standard on the relationship
between wchar_t and wint_t, and WEOF has type wint_t, so we can still
make wint_t always-signed and use -1 for WEOF.
2011-09-19 17:39:51 -04:00
Rich Felker
b0c088ee55 cleanup more bits cruft (sysmacros and socket) 2011-09-18 16:34:13 -04:00
Rich Felker
ca8373dfcf more bits junk (tcp.h) 2011-09-18 15:39:52 -04:00
Rich Felker
c8175666f2 move invariant netinet/in.h stuff out of bits/in.h 2011-09-18 15:31:44 -04:00
Rich Felker
df0b5a4940 security hardening: ensure suid programs have valid stdin/out/err
this behavior (opening fds 0-2 for a suid program) is explicitly
allowed (but not required) by POSIX to protect badly-written suid
programs from clobbering files they later open.

this commit does add some cost in startup code, but the availability
of auxv and the security flag will be useful elsewhere in the future.
in particular auxv is needed for static-linked vdso support, which is
still waiting to be committed (sorry nik!)
2011-08-23 09:37:39 -04:00
Rich Felker
8426a99048 ensure the compiler does not move around thread-register-based reads
if gcc decided to move this across a conditional that checks validity
of the thread register, an invalid thread-register-based read could be
performed and raise sigsegv.
2011-08-06 20:45:30 -04:00
Rich Felker
63d447e2a3 socket headers macro adjustment - workaround for buggy programs
some program was undefining AF_NETLINK and thereby breaking AF_ROUTE...
2011-07-21 22:44:05 -04:00
Rich Felker
32de61e81a fix some symbol resolution issues in dynamic linker
1. search was wrongly beginning with lib itself rather than dso head
2. inconsistent resolution of function pointers for functions in plt
2011-06-25 22:36:21 -04:00
Rich Felker
e8b8f3c90e move all limits that don't vary out of bits/limits.h, into main limits.h 2011-06-25 15:38:00 -04:00
Rich Felker
568b8075a4 proper path searching for dynamic linker
first, use $LD_LIBRARY_PATH unless suid. if that fails, read path from
/etc/ld-musl-$ARCH.path and fallback to a builtin default.
2011-06-25 01:56:34 -04:00
Rich Felker
51e2d83102 experimental dynamic linker!
some notes:
- library search path is hard coded
- x86_64 code is untested and may not work
- dlopen/dlsym is not yet implemented
- relocations in read-only memory won't work
2011-06-18 19:48:42 -04:00
Rich Felker
836ba93d93 __syscall5 inline is having trouble with PIC; just use the function for now 2011-06-14 23:14:22 -04:00
Rich Felker
0b6b43ed3f use __WCHAR_TYPE__ on i386 if it is defined
unfortunately traditional i386 practice was to use "long" rather than
"int" for wchar_t, despite the latter being much more natural and
logical. we followed this practice, but it seems some compilers (clang
and maybe certain gcc builds or others too..?) have switched to using
int, resulting in spurious pointer type mismatches when L"..." wide
strings are used. the best solution I could find is to use the
compiler's definition of wchar_t if it exists, and otherwise fallback
to the traditional definition.

there's no point in duplicating this approach on 64-bit archs, as
their only 32-bit type is int.
2011-06-07 11:26:42 -04:00
Rich Felker
def0af1898 use compiler builtins for variadic macros when available
this slightly cuts down on the degree musl "fights with" gcc, but more
importantly, it fixes a critical bug when gcc inlines a variadic
function and optimizes out the variadic arguments due to noticing that
they were "not used" (by __builtin_va_arg).

we leave the old code in place if __GNUC__ >= 3 is false; it seems
like it might be necessary at least for tinycc support and perhaps if
anyone ever gets around to fixing gcc 2.95.3 enough to make it work..
2011-04-27 23:41:48 -04:00
Rich Felker
4bb9b4f3b4 add word-sized ctz function to atomic.h
strictly speaking this and a few other ops should be factored into
asm.h or the file should just be renamed to asm.h, but whatever. clean
it up someday.
2011-04-27 12:19:49 -04:00
Rich Felker
4b5f054098 move wait.h macros out of bits. they do not vary. 2011-04-21 14:27:28 -04:00
Rich Felker
b052f13cd1 namespace fixes for sys/mman.h 2011-04-20 15:55:58 -04:00
Rich Felker
1c76683cb4 add syscall wrappers for posix_fadvise, posix_fallocate 2011-04-20 15:20:22 -04:00
Rich Felker
feee98903c overhaul pthread cancellation
this patch improves the correctness, simplicity, and size of
cancellation-related code. modulo any small errors, it should now be
completely conformant, safe, and resource-leak free.

the notion of entering and exiting cancellation-point context has been
completely eliminated and replaced with alternative syscall assembly
code for cancellable syscalls. the assembly is responsible for setting
up execution context information (stack pointer and address of the
syscall instruction) which the cancellation signal handler can use to
determine whether the interrupted code was in a cancellable state.

these changes eliminate race conditions in the previous generation of
cancellation handling code (whereby a cancellation request received
just prior to the syscall would not be processed, leaving the syscall
to block, potentially indefinitely), and remedy an issue where
non-cancellable syscalls made from signal handlers became cancellable
if the signal handler interrupted a cancellation point.

x86_64 asm is untested and may need a second try to get it right.
2011-04-17 11:43:03 -04:00
Rich Felker
a3aa89d826 fix O_SYNC definition, cleanup fcntl.h 2011-04-14 22:06:30 -04:00
Rich Felker
c2b18f3531 fcntl.h: move macros that do not vary between archs out of bits 2011-04-14 21:49:22 -04:00
Rich Felker
9b96220e5a fix typo in legacy FAPPEND definition 2011-04-14 19:14:42 -04:00
Rich Felker
07e865cc5a numerous fixes to sysv ipc
some of these definitions were just plain wrong, others based on
outdated ancient "non-64" versions of the kernel interface.

as much as possible has now been moved out of bits/*

these changes break abi (the old abi for these functions was wrong),
but since they were not working anyway it can hardly matter.
2011-04-13 16:45:43 -04:00