From 330b961e669d1cdaaca4af8ff0269d9a18e3c999 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Sep 15 2021 13:26:17 +0000 Subject: Sync with upstream branch release/2.34/master Upstream commit: 4ed990e5b97a61f29f929bdeb36c5b2abb547a64 - Add MADV_POPULATE_READ and MADV_POPULATE_WRITE from Linux 5.14 to bits/mman-linux.h - Update kernel version to 5.14 in tst-mman-consts.py - Update syscall lists for Linux 5.14 - Use Linux 5.14 in build-many-glibcs.py - Fix failing nss/tst-nss-files-hosts-long with local resolver - iconvconfig: Fix behaviour with --prefix [BZ #28199] - nptl: Fix race between pthread_kill and thread exit (swbz#12889, #1994068) - nptl: pthread_kill, pthread_cancel should not fail after exit (swbz#19193, #1994068) - support: Add support_wait_for_thread_exit - MIPS: Setup errno for {f,l,}xstat - x86-64: Use testl to check __x86_string_control - elf: Fix missing colon in LD_SHOW_AUXV output (swbz#28253, #1995648) - librt: add test (swbz#28213, #1994264) - CVE-2021-38604: fix NULL pointer dereference in mq_notify (swbz#28213, #1994264) - Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (bug 28182) - iconv_charmap: Close output file when done - copy_and_spawn_sgid: Avoid double calls to close() - gaiconf_init: Avoid double-free in label and precedence lists - gconv_parseconfdir: Fix memory leak - ldconfig: avoid leak on empty paths in config file --- diff --git a/glibc-upstream-2.34-1.patch b/glibc-upstream-2.34-1.patch new file mode 100644 index 0000000..c161318 --- /dev/null +++ b/glibc-upstream-2.34-1.patch @@ -0,0 +1,26 @@ +commit 0b03996304f86d6dba8f0d4b7048b9bb7186f17d +Author: Siddhesh Poyarekar +Date: Tue Aug 3 21:10:10 2021 +0530 + + ldconfig: avoid leak on empty paths in config file + + Reviewed-by: Arjun Shankar + (cherry picked from commit b0234d79e7d82475d1666f25326ec045c045b3ed) + +diff --git a/elf/ldconfig.c b/elf/ldconfig.c +index 1037e8d0cf8d28b6..b8893637f8aaea8d 100644 +--- a/elf/ldconfig.c ++++ b/elf/ldconfig.c +@@ -503,7 +503,11 @@ add_dir_1 (const char *line, const char *from_file, int from_line) + entry->path[--i] = '\0'; + + if (i == 0) +- return; ++ { ++ free (entry->path); ++ free (entry); ++ return; ++ } + + char *path = entry->path; + if (opt_chroot != NULL) diff --git a/glibc-upstream-2.34-10.patch b/glibc-upstream-2.34-10.patch new file mode 100644 index 0000000..023ea30 --- /dev/null +++ b/glibc-upstream-2.34-10.patch @@ -0,0 +1,34 @@ +commit f2413f2710d5d5cc884b413b83fcf8198e3717fa +Author: H.J. Lu +Date: Sat Aug 28 06:10:38 2021 -0700 + + x86-64: Use testl to check __x86_string_control + + Use testl, instead of andl, to check __x86_string_control to avoid + updating __x86_string_control. + + Reviewed-by: Carlos O'Donell + (cherry picked from commit 3c8b9879cab6d41787bc5b14c1748f62fd6d0e5f) + +diff --git a/sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S b/sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S +index 9f02624375c07b26..abde8438d41f2320 100644 +--- a/sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S ++++ b/sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S +@@ -325,7 +325,7 @@ L(movsb): + /* Avoid slow backward REP MOVSB. */ + jb L(more_8x_vec_backward) + # if AVOID_SHORT_DISTANCE_REP_MOVSB +- andl $X86_STRING_CONTROL_AVOID_SHORT_DISTANCE_REP_MOVSB, __x86_string_control(%rip) ++ testl $X86_STRING_CONTROL_AVOID_SHORT_DISTANCE_REP_MOVSB, __x86_string_control(%rip) + jz 3f + movq %rdi, %rcx + subq %rsi, %rcx +@@ -333,7 +333,7 @@ L(movsb): + # endif + 1: + # if AVOID_SHORT_DISTANCE_REP_MOVSB +- andl $X86_STRING_CONTROL_AVOID_SHORT_DISTANCE_REP_MOVSB, __x86_string_control(%rip) ++ testl $X86_STRING_CONTROL_AVOID_SHORT_DISTANCE_REP_MOVSB, __x86_string_control(%rip) + jz 3f + movq %rsi, %rcx + subq %rdi, %rcx diff --git a/glibc-upstream-2.34-11.patch b/glibc-upstream-2.34-11.patch new file mode 100644 index 0000000..47849fb --- /dev/null +++ b/glibc-upstream-2.34-11.patch @@ -0,0 +1,62 @@ +commit 52d0119743180164d1664b6773ac5d873f224608 +Author: Jiaxun Yang +Date: Tue Sep 7 13:31:42 2021 +0800 + + MIPS: Setup errno for {f,l,}xstat + + {f,l,}xstat stub for MIPS is using INTERNAL_SYSCALL + to do xstat syscall for glibc ver, However it leaves + errno untouched and thus giving bad errno output. + + Setup errno properly when syscall returns non-zero. + + Signed-off-by: Jiaxun Yang + Reviewed-by: Adhemerval Zanella + + (cherry picked from commit 66016ec8aeefd40e016d7040d966484c764b0e9c) + +diff --git a/sysdeps/unix/sysv/linux/mips/fxstat.c b/sysdeps/unix/sysv/linux/mips/fxstat.c +index 11511d30b38708ce..4a6016ff123e8dd9 100644 +--- a/sysdeps/unix/sysv/linux/mips/fxstat.c ++++ b/sysdeps/unix/sysv/linux/mips/fxstat.c +@@ -35,7 +35,9 @@ __fxstat (int vers, int fd, struct stat *buf) + { + struct kernel_stat kbuf; + int r = INTERNAL_SYSCALL_CALL (fstat, fd, &kbuf); +- return r ?: __xstat_conv (vers, &kbuf, buf); ++ if (r == 0) ++ return __xstat_conv (vers, &kbuf, buf); ++ return INLINE_SYSCALL_ERROR_RETURN_VALUE (-r); + } + } + } +diff --git a/sysdeps/unix/sysv/linux/mips/lxstat.c b/sysdeps/unix/sysv/linux/mips/lxstat.c +index 871fb6c6c5886665..54f990a250677091 100644 +--- a/sysdeps/unix/sysv/linux/mips/lxstat.c ++++ b/sysdeps/unix/sysv/linux/mips/lxstat.c +@@ -35,7 +35,9 @@ __lxstat (int vers, const char *name, struct stat *buf) + { + struct kernel_stat kbuf; + int r = INTERNAL_SYSCALL_CALL (lstat, name, &kbuf); +- return r ?: __xstat_conv (vers, &kbuf, buf); ++ if (r == 0) ++ return __xstat_conv (vers, &kbuf, buf); ++ return INLINE_SYSCALL_ERROR_RETURN_VALUE (-r); + } + } + } +diff --git a/sysdeps/unix/sysv/linux/mips/xstat.c b/sysdeps/unix/sysv/linux/mips/xstat.c +index 9d810b6f653b964b..86f4dc31a82ff1bb 100644 +--- a/sysdeps/unix/sysv/linux/mips/xstat.c ++++ b/sysdeps/unix/sysv/linux/mips/xstat.c +@@ -35,7 +35,9 @@ __xstat (int vers, const char *name, struct stat *buf) + { + struct kernel_stat kbuf; + int r = INTERNAL_SYSCALL_CALL (stat, name, &kbuf); +- return r ?: __xstat_conv (vers, &kbuf, buf); ++ if (r == 0) ++ return __xstat_conv (vers, &kbuf, buf); ++ return INLINE_SYSCALL_ERROR_RETURN_VALUE (-r); + } + } + } diff --git a/glibc-upstream-2.34-12.patch b/glibc-upstream-2.34-12.patch new file mode 100644 index 0000000..ef0ec20 --- /dev/null +++ b/glibc-upstream-2.34-12.patch @@ -0,0 +1,117 @@ +commit addc9d62d61eea790a35328cbfce53333a07bd3e +Author: Florian Weimer +Date: Mon Aug 30 13:43:56 2021 +0200 + + support: Add support_wait_for_thread_exit + + (cherry picked from commit 032d74eaf6179100048a5bf0ce942e97dc8b9a60) + +diff --git a/support/Makefile b/support/Makefile +index a462781718426d35..ef2b1a980a407f8f 100644 +--- a/support/Makefile ++++ b/support/Makefile +@@ -82,9 +82,10 @@ libsupport-routines = \ + support_test_compare_blob \ + support_test_compare_failure \ + support_test_compare_string \ +- support_write_file_string \ + support_test_main \ + support_test_verify_impl \ ++ support_wait_for_thread_exit \ ++ support_write_file_string \ + temp_file \ + timespec \ + timespec-time64 \ +diff --git a/support/support.h b/support/support.h +index 834dba909770a992..a5978b939af2fb41 100644 +--- a/support/support.h ++++ b/support/support.h +@@ -174,6 +174,10 @@ timer_t support_create_timer (uint64_t sec, long int nsec, bool repeat, + /* Disable the timer TIMER. */ + void support_delete_timer (timer_t timer); + ++/* Wait until all threads except the current thread have exited (as ++ far as the kernel is concerned). */ ++void support_wait_for_thread_exit (void); ++ + struct support_stack + { + void *stack; +diff --git a/support/support_wait_for_thread_exit.c b/support/support_wait_for_thread_exit.c +new file mode 100644 +index 0000000000000000..658a81381006ea62 +--- /dev/null ++++ b/support/support_wait_for_thread_exit.c +@@ -0,0 +1,72 @@ ++/* Wait until all threads except the current thread has exited. ++ Copyright (C) 2021 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++void ++support_wait_for_thread_exit (void) ++{ ++#ifdef __linux__ ++ DIR *proc_self_task = opendir ("/proc/self/task"); ++ TEST_VERIFY_EXIT (proc_self_task != NULL); ++ ++ while (true) ++ { ++ errno = 0; ++ struct dirent *e = readdir (proc_self_task); ++ if (e == NULL && errno != 0) ++ FAIL_EXIT1 ("readdir: %m"); ++ if (e == NULL) ++ { ++ /* Only the main thread remains. Testing may continue. */ ++ closedir (proc_self_task); ++ return; ++ } ++ ++ if (strcmp (e->d_name, ".") == 0 || strcmp (e->d_name, "..") == 0) ++ continue; ++ ++ int task_tid = atoi (e->d_name); ++ if (task_tid <= 0) ++ FAIL_EXIT1 ("Invalid /proc/self/task entry: %s", e->d_name); ++ ++ if (task_tid == gettid ()) ++ /* The current thread. Keep scanning for other ++ threads. */ ++ continue; ++ ++ /* task_tid does not refer to this thread here, i.e., there is ++ another running thread. */ ++ ++ /* Small timeout to give the thread a chance to exit. */ ++ usleep (50 * 1000); ++ ++ /* Start scanning the directory from the start. */ ++ rewinddir (proc_self_task); ++ } ++#else ++ /* Use a large timeout because we cannot verify that the thread has ++ exited. */ ++ usleep (5 * 1000 * 1000); ++#endif ++} diff --git a/glibc-upstream-2.34-13.patch b/glibc-upstream-2.34-13.patch new file mode 100644 index 0000000..8f0acc6 --- /dev/null +++ b/glibc-upstream-2.34-13.patch @@ -0,0 +1,279 @@ +commit 3abf3bd4edc86fb28c099cc85203cb46a811e0b8 +Author: Florian Weimer +Date: Mon Sep 13 11:06:08 2021 +0200 + + nptl: pthread_kill, pthread_cancel should not fail after exit (bug 19193) + + This closes one remaining race condition related to bug 12889: if + the thread already exited on the kernel side, returning ESRCH + is not correct because that error is reserved for the thread IDs + (pthread_t values) whose lifetime has ended. In case of a + kernel-side exit and a valid thread ID, no signal needs to be sent + and cancellation does not have an effect, so just return 0. + + sysdeps/pthread/tst-kill4.c triggers undefined behavior and is + removed with this commit. + + Reviewed-by: Adhemerval Zanella + (cherry picked from commit 8af8456004edbab71f8903a60a3cae442cf6fe69) + +diff --git a/nptl/pthread_cancel.c b/nptl/pthread_cancel.c +index cc25ff21f364e8a4..9bac6e3b76a20312 100644 +--- a/nptl/pthread_cancel.c ++++ b/nptl/pthread_cancel.c +@@ -62,10 +62,11 @@ __pthread_cancel (pthread_t th) + { + volatile struct pthread *pd = (volatile struct pthread *) th; + +- /* Make sure the descriptor is valid. */ +- if (INVALID_TD_P (pd)) +- /* Not a valid thread handle. */ +- return ESRCH; ++ if (pd->tid == 0) ++ /* The thread has already exited on the kernel side. Its outcome ++ (regular exit, other cancelation) has already been ++ determined. */ ++ return 0; + + static int init_sigcancel = 0; + if (atomic_load_relaxed (&init_sigcancel) == 0) +diff --git a/nptl/pthread_kill.c b/nptl/pthread_kill.c +index f79a2b26fc7f72e5..5d4c86f9205a6fb5 100644 +--- a/nptl/pthread_kill.c ++++ b/nptl/pthread_kill.c +@@ -46,7 +46,12 @@ __pthread_kill_internal (pthread_t threadid, int signo) + ? INTERNAL_SYSCALL_ERRNO (val) : 0); + } + else +- val = ESRCH; ++ /* The kernel reports that the thread has exited. POSIX specifies ++ the ESRCH error only for the case when the lifetime of a thread ++ ID has ended, but calling pthread_kill on such a thread ID is ++ undefined in glibc. Therefore, do not treat kernel thread exit ++ as an error. */ ++ val = 0; + + return val; + } +diff --git a/sysdeps/pthread/Makefile b/sysdeps/pthread/Makefile +index 42f9fc507263657d..dedfa0d290da4949 100644 +--- a/sysdeps/pthread/Makefile ++++ b/sysdeps/pthread/Makefile +@@ -89,7 +89,7 @@ tests += tst-cnd-basic tst-mtx-trylock tst-cnd-broadcast \ + tst-join8 tst-join9 tst-join10 tst-join11 tst-join12 tst-join13 \ + tst-join14 tst-join15 \ + tst-key1 tst-key2 tst-key3 tst-key4 \ +- tst-kill1 tst-kill2 tst-kill3 tst-kill4 tst-kill5 tst-kill6 \ ++ tst-kill1 tst-kill2 tst-kill3 tst-kill5 tst-kill6 \ + tst-locale1 tst-locale2 \ + tst-memstream \ + tst-mutex-errorcheck tst-mutex1 tst-mutex2 tst-mutex3 tst-mutex4 \ +@@ -118,6 +118,9 @@ tests += tst-cnd-basic tst-mtx-trylock tst-cnd-broadcast \ + tst-unload \ + tst-unwind-thread \ + tst-pt-vfork1 tst-pt-vfork2 tst-vfork1x tst-vfork2x \ ++ tst-pthread_cancel-exited \ ++ tst-pthread_kill-exited \ ++ # tests + + tests-time64 := \ + tst-abstime-time64 \ +diff --git a/sysdeps/pthread/tst-kill4.c b/sysdeps/pthread/tst-kill4.c +deleted file mode 100644 +index 9563939792b96ebd..0000000000000000 +--- a/sysdeps/pthread/tst-kill4.c ++++ /dev/null +@@ -1,90 +0,0 @@ +-/* Copyright (C) 2003-2021 Free Software Foundation, Inc. +- This file is part of the GNU C Library. +- Contributed by Ulrich Drepper , 2003. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library; if not, see +- . */ +- +-#include +-#include +-#include +-#include +-#include +-#include +- +- +-static void * +-tf (void *a) +-{ +- return NULL; +-} +- +- +-int +-do_test (void) +-{ +- pthread_attr_t at; +- if (pthread_attr_init (&at) != 0) +- { +- puts ("attr_create failed"); +- exit (1); +- } +- +- /* Limit thread stack size, because if it is too large, pthread_join +- will free it immediately rather than put it into stack cache. */ +- if (pthread_attr_setstacksize (&at, 2 * 1024 * 1024) != 0) +- { +- puts ("setstacksize failed"); +- exit (1); +- } +- +- pthread_t th; +- if (pthread_create (&th, &at, tf, NULL) != 0) +- { +- puts ("create failed"); +- exit (1); +- } +- +- pthread_attr_destroy (&at); +- +- if (pthread_join (th, NULL) != 0) +- { +- puts ("join failed"); +- exit (1); +- } +- +- /* The following only works because we assume here something about +- the implementation. Namely, that the memory allocated for the +- thread descriptor is not going away, that the TID field is +- cleared and therefore the signal is sent to process 0, and that +- we can savely assume there is no other process with this ID at +- that time. */ +- int e = pthread_kill (th, 0); +- if (e == 0) +- { +- puts ("pthread_kill succeeded"); +- exit (1); +- } +- if (e != ESRCH) +- { +- puts ("pthread_kill didn't return ESRCH"); +- exit (1); +- } +- +- return 0; +-} +- +- +-#define TEST_FUNCTION do_test () +-#include "../test-skeleton.c" +diff --git a/sysdeps/pthread/tst-pthread_cancel-exited.c b/sysdeps/pthread/tst-pthread_cancel-exited.c +new file mode 100644 +index 0000000000000000..811c9bee07ab2638 +--- /dev/null ++++ b/sysdeps/pthread/tst-pthread_cancel-exited.c +@@ -0,0 +1,45 @@ ++/* Test that pthread_kill succeeds for an exited thread. ++ Copyright (C) 2021 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++/* This test verifies that pthread_kill returns 0 (and not ESRCH) for ++ a thread that has exited on the kernel side. */ ++ ++#include ++#include ++#include ++ ++static void * ++noop_thread (void *closure) ++{ ++ return NULL; ++} ++ ++static int ++do_test (void) ++{ ++ pthread_t thr = xpthread_create (NULL, noop_thread, NULL); ++ ++ support_wait_for_thread_exit (); ++ ++ xpthread_cancel (thr); ++ xpthread_join (thr); ++ ++ return 0; ++} ++ ++#include +diff --git a/sysdeps/pthread/tst-pthread_kill-exited.c b/sysdeps/pthread/tst-pthread_kill-exited.c +new file mode 100644 +index 0000000000000000..7575fb6d58cae99c +--- /dev/null ++++ b/sysdeps/pthread/tst-pthread_kill-exited.c +@@ -0,0 +1,46 @@ ++/* Test that pthread_kill succeeds for an exited thread. ++ Copyright (C) 2021 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++/* This test verifies that pthread_kill returns 0 (and not ESRCH) for ++ a thread that has exited on the kernel side. */ ++ ++#include ++#include ++#include ++#include ++ ++static void * ++noop_thread (void *closure) ++{ ++ return NULL; ++} ++ ++static int ++do_test (void) ++{ ++ pthread_t thr = xpthread_create (NULL, noop_thread, NULL); ++ ++ support_wait_for_thread_exit (); ++ ++ xpthread_kill (thr, SIGUSR1); ++ xpthread_join (thr); ++ ++ return 0; ++} ++ ++#include diff --git a/glibc-upstream-2.34-14.patch b/glibc-upstream-2.34-14.patch new file mode 100644 index 0000000..9d9c1c5 --- /dev/null +++ b/glibc-upstream-2.34-14.patch @@ -0,0 +1,411 @@ +commit a8ac8c4725ddb1119764126a8674a04c9dd5aea8 +Author: Florian Weimer +Date: Mon Sep 13 11:06:08 2021 +0200 + + nptl: Fix race between pthread_kill and thread exit (bug 12889) + + A new thread exit lock and flag are introduced. They are used to + detect that the thread is about to exit or has exited in + __pthread_kill_internal, and the signal is not sent in this case. + + The test sysdeps/pthread/tst-pthread_cancel-select-loop.c is derived + from a downstream test originally written by Marek Polacek. + + Reviewed-by: Adhemerval Zanella + (cherry picked from commit 526c3cf11ee9367344b6b15d669e4c3cb461a2be) + +diff --git a/nptl/allocatestack.c b/nptl/allocatestack.c +index cfe37a3443b69454..50065bc9bd8a28e5 100644 +--- a/nptl/allocatestack.c ++++ b/nptl/allocatestack.c +@@ -32,6 +32,7 @@ + #include + #include + #include ++#include + + /* Default alignment of stack. */ + #ifndef STACK_ALIGN +@@ -127,6 +128,8 @@ get_cached_stack (size_t *sizep, void **memp) + /* No pending event. */ + result->nextevent = NULL; + ++ result->exiting = false; ++ __libc_lock_init (result->exit_lock); + result->tls_state = (struct tls_internal_t) { 0 }; + + /* Clear the DTV. */ +diff --git a/nptl/descr.h b/nptl/descr.h +index c85778d44941a42f..4de84138fb960fa4 100644 +--- a/nptl/descr.h ++++ b/nptl/descr.h +@@ -396,6 +396,12 @@ struct pthread + PTHREAD_CANCEL_ASYNCHRONOUS). */ + unsigned char canceltype; + ++ /* Used in __pthread_kill_internal to detected a thread that has ++ exited or is about to exit. exit_lock must only be acquired ++ after blocking signals. */ ++ bool exiting; ++ int exit_lock; /* A low-level lock (for use with __libc_lock_init etc). */ ++ + /* Used on strsignal. */ + struct tls_internal_t tls_state; + +diff --git a/nptl/pthread_create.c b/nptl/pthread_create.c +index d8ec299cb1661e82..33b426fc682300dc 100644 +--- a/nptl/pthread_create.c ++++ b/nptl/pthread_create.c +@@ -37,6 +37,7 @@ + #include + #include + #include ++#include + + #include + +@@ -485,6 +486,19 @@ start_thread (void *arg) + /* This was the last thread. */ + exit (0); + ++ /* This prevents sending a signal from this thread to itself during ++ its final stages. This must come after the exit call above ++ because atexit handlers must not run with signals blocked. */ ++ __libc_signal_block_all (NULL); ++ ++ /* Tell __pthread_kill_internal that this thread is about to exit. ++ If there is a __pthread_kill_internal in progress, this delays ++ the thread exit until the signal has been queued by the kernel ++ (so that the TID used to send it remains valid). */ ++ __libc_lock_lock (pd->exit_lock); ++ pd->exiting = true; ++ __libc_lock_unlock (pd->exit_lock); ++ + #ifndef __ASSUME_SET_ROBUST_LIST + /* If this thread has any robust mutexes locked, handle them now. */ + # if __PTHREAD_MUTEX_HAVE_PREV +diff --git a/nptl/pthread_kill.c b/nptl/pthread_kill.c +index 5d4c86f9205a6fb5..fb7862eff787a94f 100644 +--- a/nptl/pthread_kill.c ++++ b/nptl/pthread_kill.c +@@ -16,6 +16,7 @@ + License along with the GNU C Library; if not, see + . */ + ++#include + #include + #include + #include +@@ -23,37 +24,51 @@ + int + __pthread_kill_internal (pthread_t threadid, int signo) + { +- pid_t tid; + struct pthread *pd = (struct pthread *) threadid; +- + if (pd == THREAD_SELF) +- /* It is a special case to handle raise() implementation after a vfork +- call (which does not update the PD tid field). */ +- tid = INLINE_SYSCALL_CALL (gettid); +- else +- /* Force load of pd->tid into local variable or register. Otherwise +- if a thread exits between ESRCH test and tgkill, we might return +- EINVAL, because pd->tid would be cleared by the kernel. */ +- tid = atomic_forced_read (pd->tid); +- +- int val; +- if (__glibc_likely (tid > 0)) + { +- pid_t pid = __getpid (); +- +- val = INTERNAL_SYSCALL_CALL (tgkill, pid, tid, signo); +- val = (INTERNAL_SYSCALL_ERROR_P (val) +- ? INTERNAL_SYSCALL_ERRNO (val) : 0); ++ /* Use the actual TID from the kernel, so that it refers to the ++ current thread even if called after vfork. There is no ++ signal blocking in this case, so that the signal is delivered ++ immediately, before __pthread_kill_internal returns: a signal ++ sent to the thread itself needs to be delivered ++ synchronously. (It is unclear if Linux guarantees the ++ delivery of all pending signals after unblocking in the code ++ below. POSIX only guarantees delivery of a single signal, ++ which may not be the right one.) */ ++ pid_t tid = INTERNAL_SYSCALL_CALL (gettid); ++ int ret = INTERNAL_SYSCALL_CALL (kill, tid, signo); ++ return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0; + } ++ ++ /* Block all signals, as required by pd->exit_lock. */ ++ sigset_t old_mask; ++ __libc_signal_block_all (&old_mask); ++ __libc_lock_lock (pd->exit_lock); ++ ++ int ret; ++ if (pd->exiting) ++ /* The thread is about to exit (or has exited). Sending the ++ signal is either not observable (the target thread has already ++ blocked signals at this point), or it will fail, or it might be ++ delivered to a new, unrelated thread that has reused the TID. ++ So do not actually send the signal. Do not report an error ++ because the threadid argument is still valid (the thread ID ++ lifetime has not ended), and ESRCH (for example) would be ++ misleading. */ ++ ret = 0; + else +- /* The kernel reports that the thread has exited. POSIX specifies +- the ESRCH error only for the case when the lifetime of a thread +- ID has ended, but calling pthread_kill on such a thread ID is +- undefined in glibc. Therefore, do not treat kernel thread exit +- as an error. */ +- val = 0; ++ { ++ /* Using tgkill is a safety measure. pd->exit_lock ensures that ++ the target thread cannot exit. */ ++ ret = INTERNAL_SYSCALL_CALL (tgkill, __getpid (), pd->tid, signo); ++ ret = INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0; ++ } ++ ++ __libc_lock_unlock (pd->exit_lock); ++ __libc_signal_restore_set (&old_mask); + +- return val; ++ return ret; + } + + int +diff --git a/sysdeps/pthread/Makefile b/sysdeps/pthread/Makefile +index dedfa0d290da4949..48dba717a1cdc20a 100644 +--- a/sysdeps/pthread/Makefile ++++ b/sysdeps/pthread/Makefile +@@ -119,7 +119,9 @@ tests += tst-cnd-basic tst-mtx-trylock tst-cnd-broadcast \ + tst-unwind-thread \ + tst-pt-vfork1 tst-pt-vfork2 tst-vfork1x tst-vfork2x \ + tst-pthread_cancel-exited \ ++ tst-pthread_cancel-select-loop \ + tst-pthread_kill-exited \ ++ tst-pthread_kill-exiting \ + # tests + + tests-time64 := \ +diff --git a/sysdeps/pthread/tst-pthread_cancel-select-loop.c b/sysdeps/pthread/tst-pthread_cancel-select-loop.c +new file mode 100644 +index 0000000000000000..a62087589cee24b5 +--- /dev/null ++++ b/sysdeps/pthread/tst-pthread_cancel-select-loop.c +@@ -0,0 +1,87 @@ ++/* Test that pthread_cancel succeeds during thread exit. ++ Copyright (C) 2021 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++/* This test tries to trigger an internal race condition in ++ pthread_cancel, where the cancellation signal is sent after the ++ thread has begun the cancellation process. This can result in a ++ spurious ESRCH error. For the original bug 12889, the window is ++ quite small, so the bug was not reproduced in every run. */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/* Set to true by timeout_thread_function when the test should ++ terminate. */ ++static bool timeout; ++ ++static void * ++timeout_thread_function (void *unused) ++{ ++ usleep (5 * 1000 * 1000); ++ __atomic_store_n (&timeout, true, __ATOMIC_RELAXED); ++ return NULL; ++} ++ ++/* Used for blocking the select function below. */ ++static int pipe_fds[2]; ++ ++static void * ++canceled_thread_function (void *unused) ++{ ++ while (true) ++ { ++ fd_set rfs; ++ fd_set wfs; ++ fd_set efs; ++ FD_ZERO (&rfs); ++ FD_ZERO (&wfs); ++ FD_ZERO (&efs); ++ FD_SET (pipe_fds[0], &rfs); ++ ++ /* If the cancellation request is recognized early, the thread ++ begins exiting while the cancellation signal arrives. */ ++ select (FD_SETSIZE, &rfs, &wfs, &efs, NULL); ++ } ++ return NULL; ++} ++ ++static int ++do_test (void) ++{ ++ xpipe (pipe_fds); ++ pthread_t thr_timeout = xpthread_create (NULL, timeout_thread_function, NULL); ++ ++ while (!__atomic_load_n (&timeout, __ATOMIC_RELAXED)) ++ { ++ pthread_t thr = xpthread_create (NULL, canceled_thread_function, NULL); ++ xpthread_cancel (thr); ++ TEST_VERIFY (xpthread_join (thr) == PTHREAD_CANCELED); ++ } ++ ++ xpthread_join (thr_timeout); ++ xclose (pipe_fds[0]); ++ xclose (pipe_fds[1]); ++ return 0; ++} ++ ++#include +diff --git a/sysdeps/pthread/tst-pthread_kill-exiting.c b/sysdeps/pthread/tst-pthread_kill-exiting.c +new file mode 100644 +index 0000000000000000..f803e94f1195f204 +--- /dev/null ++++ b/sysdeps/pthread/tst-pthread_kill-exiting.c +@@ -0,0 +1,123 @@ ++/* Test that pthread_kill succeeds during thread exit. ++ Copyright (C) 2021 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++/* This test verifies that pthread_kill for a thread that is exiting ++ succeeds (with or without actually delivering the signal). */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/* Set to true by timeout_thread_function when the test should ++ terminate. */ ++static bool timeout; ++ ++static void * ++timeout_thread_function (void *unused) ++{ ++ usleep (1000 * 1000); ++ __atomic_store_n (&timeout, true, __ATOMIC_RELAXED); ++ return NULL; ++} ++ ++/* Used to synchronize the sending threads with the target thread and ++ main thread. */ ++static pthread_barrier_t barrier_1; ++static pthread_barrier_t barrier_2; ++ ++/* The target thread to which signals are to be sent. */ ++static pthread_t target_thread; ++ ++/* Set by the main thread to true after timeout has been set to ++ true. */ ++static bool exiting; ++ ++static void * ++sender_thread_function (void *unused) ++{ ++ while (true) ++ { ++ /* Wait until target_thread has been initialized. The target ++ thread and main thread participate in this barrier. */ ++ xpthread_barrier_wait (&barrier_1); ++ ++ if (exiting) ++ break; ++ ++ xpthread_kill (target_thread, SIGUSR1); ++ ++ /* Communicate that the signal has been sent. The main thread ++ participates in this barrier. */ ++ xpthread_barrier_wait (&barrier_2); ++ } ++ return NULL; ++} ++ ++static void * ++target_thread_function (void *unused) ++{ ++ target_thread = pthread_self (); ++ xpthread_barrier_wait (&barrier_1); ++ return NULL; ++} ++ ++static int ++do_test (void) ++{ ++ xsignal (SIGUSR1, SIG_IGN); ++ ++ pthread_t thr_timeout = xpthread_create (NULL, timeout_thread_function, NULL); ++ ++ pthread_t threads[4]; ++ xpthread_barrier_init (&barrier_1, NULL, array_length (threads) + 2); ++ xpthread_barrier_init (&barrier_2, NULL, array_length (threads) + 1); ++ ++ for (int i = 0; i < array_length (threads); ++i) ++ threads[i] = xpthread_create (NULL, sender_thread_function, NULL); ++ ++ while (!__atomic_load_n (&timeout, __ATOMIC_RELAXED)) ++ { ++ xpthread_create (NULL, target_thread_function, NULL); ++ ++ /* Wait for the target thread to be set up and signal sending to ++ start. */ ++ xpthread_barrier_wait (&barrier_1); ++ ++ /* Wait for signal sending to complete. */ ++ xpthread_barrier_wait (&barrier_2); ++ ++ xpthread_join (target_thread); ++ } ++ ++ exiting = true; ++ ++ /* Signal the sending threads to exit. */ ++ xpthread_create (NULL, target_thread_function, NULL); ++ xpthread_barrier_wait (&barrier_1); ++ ++ for (int i = 0; i < array_length (threads); ++i) ++ xpthread_join (threads[i]); ++ xpthread_join (thr_timeout); ++ ++ return 0; ++} ++ ++#include diff --git a/glibc-upstream-2.34-15.patch b/glibc-upstream-2.34-15.patch new file mode 100644 index 0000000..a2275fb --- /dev/null +++ b/glibc-upstream-2.34-15.patch @@ -0,0 +1,117 @@ +commit 3fc51f35b4f32e1bb99d85c1578e930e725ff929 +Author: Siddhesh Poyarekar +Date: Mon Sep 13 20:48:35 2021 +0530 + + iconvconfig: Fix behaviour with --prefix [BZ #28199] + + The consolidation of configuration parsing broke behaviour with + --prefix, where the prefix bled into the modules cache. Accept a + prefix which, when non-NULL, is prepended to the path when looking for + configuration files but only the original directory is added to the + modules cache. + + This has no effect on the codegen of gconv_conf since it passes NULL. + + Reported-by: Patrick McCarty + Reported-by: Michael Hudson-Doyle + Reviewed-by: Andreas Schwab + (cherry picked from commit 43cea6d5652b6b9e61ac6ecc69419c909b504f47) + +diff --git a/iconv/gconv_conf.c b/iconv/gconv_conf.c +index 62bee28769deb979..cc391d8f936687f3 100644 +--- a/iconv/gconv_conf.c ++++ b/iconv/gconv_conf.c +@@ -478,7 +478,7 @@ __gconv_read_conf (void) + __gconv_get_path (); + + for (cnt = 0; __gconv_path_elem[cnt].name != NULL; ++cnt) +- gconv_parseconfdir (__gconv_path_elem[cnt].name, ++ gconv_parseconfdir (NULL, __gconv_path_elem[cnt].name, + __gconv_path_elem[cnt].len); + #endif + +diff --git a/iconv/gconv_parseconfdir.h b/iconv/gconv_parseconfdir.h +index 2f062689ecc72749..a586268abc103abd 100644 +--- a/iconv/gconv_parseconfdir.h ++++ b/iconv/gconv_parseconfdir.h +@@ -39,7 +39,6 @@ + /* Name of the file containing the module information in the directories + along the path. */ + static const char gconv_conf_filename[] = "gconv-modules"; +-static const char gconv_conf_dirname[] = "gconv-modules.d"; + + static void add_alias (char *); + static void add_module (char *, const char *, size_t, int); +@@ -110,19 +109,28 @@ read_conf_file (const char *filename, const char *directory, size_t dir_len) + return true; + } + ++/* Prefix DIR (with length DIR_LEN) with PREFIX if the latter is non-NULL and ++ parse configuration in it. */ ++ + static __always_inline bool +-gconv_parseconfdir (const char *dir, size_t dir_len) ++gconv_parseconfdir (const char *prefix, const char *dir, size_t dir_len) + { +- /* No slash needs to be inserted between dir and gconv_conf_filename; +- dir already ends in a slash. */ +- char *buf = malloc (dir_len + sizeof (gconv_conf_dirname)); ++ /* No slash needs to be inserted between dir and gconv_conf_filename; dir ++ already ends in a slash. The additional 2 is to accommodate the ".d" ++ when looking for configuration files in gconv-modules.d. */ ++ size_t buflen = dir_len + sizeof (gconv_conf_filename) + 2; ++ char *buf = malloc (buflen + (prefix != NULL ? strlen (prefix) : 0)); ++ char *cp = buf; + bool found = false; + + if (buf == NULL) + return false; + +- char *cp = mempcpy (mempcpy (buf, dir, dir_len), gconv_conf_filename, +- sizeof (gconv_conf_filename)); ++ if (prefix != NULL) ++ cp = stpcpy (cp, prefix); ++ ++ cp = mempcpy (mempcpy (cp, dir, dir_len), gconv_conf_filename, ++ sizeof (gconv_conf_filename)); + + /* Read the gconv-modules configuration file first. */ + found = read_conf_file (buf, dir, dir_len); +diff --git a/iconv/iconvconfig.c b/iconv/iconvconfig.c +index 783b2bbdbb684ac6..273a71f67315f670 100644 +--- a/iconv/iconvconfig.c ++++ b/iconv/iconvconfig.c +@@ -653,13 +653,21 @@ add_module (char *rp, const char *directory, + static int + handle_dir (const char *dir) + { ++ char *newp = NULL; + size_t dirlen = strlen (dir); + bool found = false; + +- char *fulldir = xasprintf ("%s%s%s", dir[0] == '/' ? prefix : "", +- dir, dir[dirlen - 1] != '/' ? "/" : ""); ++ /* End directory path with a '/' if it doesn't already. */ ++ if (dir[dirlen - 1] != '/') ++ { ++ newp = xmalloc (dirlen + 2); ++ memcpy (newp, dir, dirlen); ++ newp[dirlen++] = '/'; ++ newp[dirlen] = '\0'; ++ dir = newp; ++ } + +- found = gconv_parseconfdir (fulldir, strlen (fulldir)); ++ found = gconv_parseconfdir (dir[0] == '/' ? prefix : NULL, dir, dirlen); + + if (!found) + { +@@ -671,7 +679,7 @@ handle_dir (const char *dir) + "configuration files with names ending in .conf."); + } + +- free (fulldir); ++ free (newp); + + return found ? 0 : 1; + } diff --git a/glibc-upstream-2.34-16.patch b/glibc-upstream-2.34-16.patch new file mode 100644 index 0000000..3d8a568 --- /dev/null +++ b/glibc-upstream-2.34-16.patch @@ -0,0 +1,31 @@ +commit ae925404a10bf0ea63d6e8d41e3821f68b4d776c +Author: Aurelien Jarno +Date: Fri Sep 3 00:28:14 2021 +0200 + + Fix failing nss/tst-nss-files-hosts-long with local resolver + + When a local resolver like unbound is listening on the IPv4 loopback + address 127.0.0.1, the nss/tst-nss-files-hosts-long test fails. This is + due to: + - the default resolver in the absence of resolv.conf being 127.0.0.1 + - the default DNS NSS database configuration in the absence of + nsswitch.conf being 'hosts: dns [!UNAVAIL=return] file' + + This causes the requests for 'test4' and 'test6' to first be sent to the + local resolver, which responds with NXDOMAIN in the likely case those + records do no exist. In turn that causes the access to /etc/hosts to be + skipped, which is the purpose of that test. + + Fix that by providing a simple nsswitch.conf file forcing access to + /etc/hosts for that test. I have tested that the only changed result in + the testsuite is that test. + + (cherry picked from commit 2738480a4b0866723fb8c633f36bdd34a8767581) + +diff --git a/nss/tst-nss-files-hosts-long.root/etc/nsswitch.conf b/nss/tst-nss-files-hosts-long.root/etc/nsswitch.conf +new file mode 100644 +index 0000000000000000..5b0c6a419937a013 +--- /dev/null ++++ b/nss/tst-nss-files-hosts-long.root/etc/nsswitch.conf +@@ -0,0 +1 @@ ++hosts: files diff --git a/glibc-upstream-2.34-17.patch b/glibc-upstream-2.34-17.patch new file mode 100644 index 0000000..ca37faa --- /dev/null +++ b/glibc-upstream-2.34-17.patch @@ -0,0 +1,26 @@ +commit 007d699d0e0d0957eead78ad252ad592656284de +Author: Joseph Myers +Date: Tue Sep 7 13:08:38 2021 +0000 + + Use Linux 5.14 in build-many-glibcs.py + + This patch makes build-many-glibcs.py use Linux 5.14. + + Tested with build-many-glibcs.py (host-libraries, compilers and glibcs + builds). + + (cherry picked from commit 4e04a47208e1712fcf202a6d9831f0900d575225) + +diff --git a/scripts/build-many-glibcs.py b/scripts/build-many-glibcs.py +index 5a77af90a6b49909..86537fa8005cfd3d 100755 +--- a/scripts/build-many-glibcs.py ++++ b/scripts/build-many-glibcs.py +@@ -782,7 +782,7 @@ class Context(object): + 'gcc': 'vcs-11', + 'glibc': 'vcs-mainline', + 'gmp': '6.2.1', +- 'linux': '5.13', ++ 'linux': '5.14', + 'mpc': '1.2.1', + 'mpfr': '4.1.0', + 'mig': 'vcs-mainline', diff --git a/glibc-upstream-2.34-18.patch b/glibc-upstream-2.34-18.patch new file mode 100644 index 0000000..017225a --- /dev/null +++ b/glibc-upstream-2.34-18.patch @@ -0,0 +1,377 @@ +commit 005bafcf5b8a85d4c82831401f052747e160a7e8 +Author: Joseph Myers +Date: Wed Sep 8 12:42:06 2021 +0000 + + Update syscall lists for Linux 5.14 + + Linux 5.14 has two new syscalls, memfd_secret (on some architectures + only) and quotactl_fd. Update syscall-names.list and regenerate the + arch-syscall.h headers with build-many-glibcs.py update-syscalls. + + Tested with build-many-glibcs.py. + + (cherry picked from commit 89dc0372a9055e7ef86fe19be6201fa0b16b2f0e) + +diff --git a/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h b/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h +index e9eb707d0ac022ed..bedab1abbac7f6c1 100644 +--- a/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h +@@ -126,6 +126,7 @@ + #define __NR_mbind 235 + #define __NR_membarrier 283 + #define __NR_memfd_create 279 ++#define __NR_memfd_secret 447 + #define __NR_migrate_pages 238 + #define __NR_mincore 232 + #define __NR_mkdirat 34 +@@ -187,6 +188,7 @@ + #define __NR_pwritev 70 + #define __NR_pwritev2 287 + #define __NR_quotactl 60 ++#define __NR_quotactl_fd 443 + #define __NR_read 63 + #define __NR_readahead 213 + #define __NR_readlinkat 78 +diff --git a/sysdeps/unix/sysv/linux/alpha/arch-syscall.h b/sysdeps/unix/sysv/linux/alpha/arch-syscall.h +index bd6b7d4003a252be..91354ed9e29b8d15 100644 +--- a/sysdeps/unix/sysv/linux/alpha/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/alpha/arch-syscall.h +@@ -337,6 +337,7 @@ + #define __NR_pwritev2 521 + #define __NR_query_module 347 + #define __NR_quotactl 148 ++#define __NR_quotactl_fd 553 + #define __NR_read 3 + #define __NR_readahead 379 + #define __NR_readlink 58 +diff --git a/sysdeps/unix/sysv/linux/arc/arch-syscall.h b/sysdeps/unix/sysv/linux/arc/arch-syscall.h +index 10650549c1dcd100..ff5c7eb36db89494 100644 +--- a/sysdeps/unix/sysv/linux/arc/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/arc/arch-syscall.h +@@ -190,6 +190,7 @@ + #define __NR_pwritev 70 + #define __NR_pwritev2 287 + #define __NR_quotactl 60 ++#define __NR_quotactl_fd 443 + #define __NR_read 63 + #define __NR_readahead 213 + #define __NR_readlinkat 78 +diff --git a/sysdeps/unix/sysv/linux/arm/arch-syscall.h b/sysdeps/unix/sysv/linux/arm/arch-syscall.h +index 85c9b236ce7862b6..5772333ceef6ce59 100644 +--- a/sysdeps/unix/sysv/linux/arm/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/arm/arch-syscall.h +@@ -244,6 +244,7 @@ + #define __NR_pwritev 362 + #define __NR_pwritev2 393 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 225 + #define __NR_readlink 85 +diff --git a/sysdeps/unix/sysv/linux/csky/arch-syscall.h b/sysdeps/unix/sysv/linux/csky/arch-syscall.h +index 24b0d1f94e5f99da..4af6d6202f6df7ae 100644 +--- a/sysdeps/unix/sysv/linux/csky/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/csky/arch-syscall.h +@@ -199,6 +199,7 @@ + #define __NR_pwritev 70 + #define __NR_pwritev2 287 + #define __NR_quotactl 60 ++#define __NR_quotactl_fd 443 + #define __NR_read 63 + #define __NR_readahead 213 + #define __NR_readlinkat 78 +diff --git a/sysdeps/unix/sysv/linux/hppa/arch-syscall.h b/sysdeps/unix/sysv/linux/hppa/arch-syscall.h +index feb70abc3e1eb486..b07fc8549de34157 100644 +--- a/sysdeps/unix/sysv/linux/hppa/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/hppa/arch-syscall.h +@@ -231,6 +231,7 @@ + #define __NR_pwritev 316 + #define __NR_pwritev2 348 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 207 + #define __NR_readlink 85 +diff --git a/sysdeps/unix/sysv/linux/i386/arch-syscall.h b/sysdeps/unix/sysv/linux/i386/arch-syscall.h +index 3b1894a79b6fcfaf..6e4264698b5ce480 100644 +--- a/sysdeps/unix/sysv/linux/i386/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/i386/arch-syscall.h +@@ -183,6 +183,7 @@ + #define __NR_mbind 274 + #define __NR_membarrier 375 + #define __NR_memfd_create 356 ++#define __NR_memfd_secret 447 + #define __NR_migrate_pages 294 + #define __NR_mincore 218 + #define __NR_mkdir 39 +@@ -266,6 +267,7 @@ + #define __NR_pwritev2 379 + #define __NR_query_module 167 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 225 + #define __NR_readdir 89 +diff --git a/sysdeps/unix/sysv/linux/ia64/arch-syscall.h b/sysdeps/unix/sysv/linux/ia64/arch-syscall.h +index fb388a5fa4e9b28e..1ca706d7216a3902 100644 +--- a/sysdeps/unix/sysv/linux/ia64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/ia64/arch-syscall.h +@@ -218,6 +218,7 @@ + #define __NR_pwritev 1320 + #define __NR_pwritev2 1349 + #define __NR_quotactl 1137 ++#define __NR_quotactl_fd 1467 + #define __NR_read 1026 + #define __NR_readahead 1216 + #define __NR_readlink 1092 +diff --git a/sysdeps/unix/sysv/linux/m68k/arch-syscall.h b/sysdeps/unix/sysv/linux/m68k/arch-syscall.h +index 7bc8c4af92cf2bd3..2f10f71f90d225ff 100644 +--- a/sysdeps/unix/sysv/linux/m68k/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/m68k/arch-syscall.h +@@ -254,6 +254,7 @@ + #define __NR_pwritev2 378 + #define __NR_query_module 167 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 240 + #define __NR_readdir 89 +diff --git a/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h b/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h +index cf560d3af47f19c5..0607a4dfa6adaa23 100644 +--- a/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/microblaze/arch-syscall.h +@@ -266,6 +266,7 @@ + #define __NR_pwritev2 394 + #define __NR_query_module 167 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 225 + #define __NR_readdir 89 +diff --git a/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h +index f346460f4880f10e..0055eec0b169ba96 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h +@@ -251,6 +251,7 @@ + #define __NR_pwritev2 4362 + #define __NR_query_module 4187 + #define __NR_quotactl 4131 ++#define __NR_quotactl_fd 4443 + #define __NR_read 4003 + #define __NR_readahead 4223 + #define __NR_readdir 4089 +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h +index 38ed84997a2fa3d1..8e8e9f91ccfebfab 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h +@@ -232,6 +232,7 @@ + #define __NR_pwritev2 6326 + #define __NR_query_module 6171 + #define __NR_quotactl 6172 ++#define __NR_quotactl_fd 6443 + #define __NR_read 6000 + #define __NR_readahead 6179 + #define __NR_readlink 6087 +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h b/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h +index e6a10c842178168c..ebd1545f806564bb 100644 +--- a/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h +@@ -219,6 +219,7 @@ + #define __NR_pwritev2 5322 + #define __NR_query_module 5171 + #define __NR_quotactl 5172 ++#define __NR_quotactl_fd 5443 + #define __NR_read 5000 + #define __NR_readahead 5179 + #define __NR_readlink 5087 +diff --git a/sysdeps/unix/sysv/linux/nios2/arch-syscall.h b/sysdeps/unix/sysv/linux/nios2/arch-syscall.h +index 5314890289a1723f..2b530b1f88e4c52a 100644 +--- a/sysdeps/unix/sysv/linux/nios2/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/nios2/arch-syscall.h +@@ -198,6 +198,7 @@ + #define __NR_pwritev 70 + #define __NR_pwritev2 287 + #define __NR_quotactl 60 ++#define __NR_quotactl_fd 443 + #define __NR_read 63 + #define __NR_readahead 213 + #define __NR_readlinkat 78 +diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h b/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h +index b5b075853297cf2e..a32984a9c17315ee 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/arch-syscall.h +@@ -260,6 +260,7 @@ + #define __NR_pwritev2 381 + #define __NR_query_module 166 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 191 + #define __NR_readdir 89 +diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h b/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h +index c77435ca61aba109..b01e464fb906d632 100644 +--- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/arch-syscall.h +@@ -243,6 +243,7 @@ + #define __NR_pwritev2 381 + #define __NR_query_module 166 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 191 + #define __NR_readdir 89 +diff --git a/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h b/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h +index 70854bb9e360b40a..24d0a2c455caa630 100644 +--- a/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/riscv/rv32/arch-syscall.h +@@ -179,6 +179,7 @@ + #define __NR_pwritev 70 + #define __NR_pwritev2 287 + #define __NR_quotactl 60 ++#define __NR_quotactl_fd 443 + #define __NR_read 63 + #define __NR_readahead 213 + #define __NR_readlinkat 78 +diff --git a/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h b/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h +index 83b9f31abaee9d52..e526c89ae7b285cc 100644 +--- a/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/riscv/rv64/arch-syscall.h +@@ -187,6 +187,7 @@ + #define __NR_pwritev 70 + #define __NR_pwritev2 287 + #define __NR_quotactl 60 ++#define __NR_quotactl_fd 443 + #define __NR_read 63 + #define __NR_readahead 213 + #define __NR_readlinkat 78 +diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h b/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h +index b224c4aad4c9b1b1..d4c7b101b64c010f 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/s390/s390-32/arch-syscall.h +@@ -251,6 +251,7 @@ + #define __NR_pwritev2 377 + #define __NR_query_module 167 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 222 + #define __NR_readdir 89 +diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h b/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h +index 59864af125b437e4..bd8c78d7059a0f31 100644 +--- a/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/s390/s390-64/arch-syscall.h +@@ -221,6 +221,7 @@ + #define __NR_pwritev2 377 + #define __NR_query_module 167 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 222 + #define __NR_readdir 89 +diff --git a/sysdeps/unix/sysv/linux/sh/arch-syscall.h b/sysdeps/unix/sysv/linux/sh/arch-syscall.h +index 23612c9092b9c2ee..3b6ac3d084d74638 100644 +--- a/sysdeps/unix/sysv/linux/sh/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sh/arch-syscall.h +@@ -246,6 +246,7 @@ + #define __NR_pwritev 334 + #define __NR_pwritev2 382 + #define __NR_quotactl 131 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 225 + #define __NR_readdir 89 +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h b/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h +index 380cddb2d8f9f443..35221a707e4d4a7c 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sparc/sparc32/arch-syscall.h +@@ -252,6 +252,7 @@ + #define __NR_pwritev2 359 + #define __NR_query_module 184 + #define __NR_quotactl 165 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 205 + #define __NR_readdir 204 +diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h b/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h +index 2175eeb6edcf7c34..5ba2b2050924df1c 100644 +--- a/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/sparc/sparc64/arch-syscall.h +@@ -231,6 +231,7 @@ + #define __NR_pwritev2 359 + #define __NR_query_module 184 + #define __NR_quotactl 165 ++#define __NR_quotactl_fd 443 + #define __NR_read 3 + #define __NR_readahead 205 + #define __NR_readdir 204 +diff --git a/sysdeps/unix/sysv/linux/syscall-names.list b/sysdeps/unix/sysv/linux/syscall-names.list +index 89c5895b9b6845ff..fd98893b0e44a606 100644 +--- a/sysdeps/unix/sysv/linux/syscall-names.list ++++ b/sysdeps/unix/sysv/linux/syscall-names.list +@@ -21,8 +21,8 @@ + # This file can list all potential system calls. The names are only + # used if the installed kernel headers also provide them. + +-# The list of system calls is current as of Linux 5.13. +-kernel 5.13 ++# The list of system calls is current as of Linux 5.14. ++kernel 5.14 + + FAST_atomic_update + FAST_cmpxchg +@@ -247,6 +247,7 @@ madvise + mbind + membarrier + memfd_create ++memfd_secret + memory_ordering + migrate_pages + mincore +@@ -452,6 +453,7 @@ pwritev + pwritev2 + query_module + quotactl ++quotactl_fd + read + readahead + readdir +diff --git a/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h +index 8e028eb62be2041d..26d6ac68a651ec98 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/x86_64/64/arch-syscall.h +@@ -154,6 +154,7 @@ + #define __NR_mbind 237 + #define __NR_membarrier 324 + #define __NR_memfd_create 319 ++#define __NR_memfd_secret 447 + #define __NR_migrate_pages 256 + #define __NR_mincore 27 + #define __NR_mkdir 83 +@@ -224,6 +225,7 @@ + #define __NR_pwritev2 328 + #define __NR_query_module 178 + #define __NR_quotactl 179 ++#define __NR_quotactl_fd 443 + #define __NR_read 0 + #define __NR_readahead 187 + #define __NR_readlink 89 +diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +index 004feb53f1f38ced..36847783f6b91d5e 100644 +--- a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h ++++ b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +@@ -148,6 +148,7 @@ + #define __NR_mbind 1073742061 + #define __NR_membarrier 1073742148 + #define __NR_memfd_create 1073742143 ++#define __NR_memfd_secret 1073742271 + #define __NR_migrate_pages 1073742080 + #define __NR_mincore 1073741851 + #define __NR_mkdir 1073741907 +@@ -216,6 +217,7 @@ + #define __NR_pwritev 1073742359 + #define __NR_pwritev2 1073742371 + #define __NR_quotactl 1073742003 ++#define __NR_quotactl_fd 1073742267 + #define __NR_read 1073741824 + #define __NR_readahead 1073742011 + #define __NR_readlink 1073741913 diff --git a/glibc-upstream-2.34-19.patch b/glibc-upstream-2.34-19.patch new file mode 100644 index 0000000..b0f0b9a --- /dev/null +++ b/glibc-upstream-2.34-19.patch @@ -0,0 +1,27 @@ +commit 114581bf53864aaee562ee237461fc394bc61963 +Author: Joseph Myers +Date: Tue Sep 14 13:51:58 2021 +0000 + + Update kernel version to 5.14 in tst-mman-consts.py + + This patch updates the kernel version in the test tst-mman-consts.py + to 5.14. (There are no new MAP_* constants covered by this test in + 5.14 that need any other header changes.) + + Tested with build-many-glibcs.py. + + (cherry picked from commit 4b39e3498324d1aea802fea8d4b8764f5ddb4fd1) + +diff --git a/sysdeps/unix/sysv/linux/tst-mman-consts.py b/sysdeps/unix/sysv/linux/tst-mman-consts.py +index ee5b13ee1232fdf5..810433c238f31c25 100644 +--- a/sysdeps/unix/sysv/linux/tst-mman-consts.py ++++ b/sysdeps/unix/sysv/linux/tst-mman-consts.py +@@ -33,7 +33,7 @@ def main(): + help='C compiler (including options) to use') + args = parser.parse_args() + linux_version_headers = glibcsyscalls.linux_kernel_version(args.cc) +- linux_version_glibc = (5, 13) ++ linux_version_glibc = (5, 14) + sys.exit(glibcextract.compare_macro_consts( + '#define _GNU_SOURCE 1\n' + '#include \n', diff --git a/glibc-upstream-2.34-2.patch b/glibc-upstream-2.34-2.patch new file mode 100644 index 0000000..fbddab3 --- /dev/null +++ b/glibc-upstream-2.34-2.patch @@ -0,0 +1,33 @@ +commit 3a48da47a91ccc6f5de260574809e7a44551b876 +Author: Siddhesh Poyarekar +Date: Tue Aug 3 21:10:20 2021 +0530 + + gconv_parseconfdir: Fix memory leak + + The allocated `conf` would leak if we have to skip over the file due + to the underlying filesystem not supporting dt_type. + + Reviewed-by: Arjun Shankar + (cherry picked from commit 5f9b78fe35d08739b6da1e5b356786d41116c108) + +diff --git a/iconv/gconv_parseconfdir.h b/iconv/gconv_parseconfdir.h +index a4153e54c6d43797..2f062689ecc72749 100644 +--- a/iconv/gconv_parseconfdir.h ++++ b/iconv/gconv_parseconfdir.h +@@ -153,12 +153,11 @@ gconv_parseconfdir (const char *dir, size_t dir_len) + struct stat64 st; + if (asprintf (&conf, "%s/%s", buf, ent->d_name) < 0) + continue; +- if (ent->d_type == DT_UNKNOWN +- && (lstat64 (conf, &st) == -1 +- || !S_ISREG (st.st_mode))) +- continue; + +- found |= read_conf_file (conf, dir, dir_len); ++ if (ent->d_type != DT_UNKNOWN ++ || (lstat64 (conf, &st) != -1 && S_ISREG (st.st_mode))) ++ found |= read_conf_file (conf, dir, dir_len); ++ + free (conf); + } + } diff --git a/glibc-upstream-2.34-20.patch b/glibc-upstream-2.34-20.patch new file mode 100644 index 0000000..f4b1aed --- /dev/null +++ b/glibc-upstream-2.34-20.patch @@ -0,0 +1,29 @@ +commit 4ed990e5b97a61f29f929bdeb36c5b2abb547a64 +Author: Joseph Myers +Date: Tue Sep 14 14:19:24 2021 +0000 + + Add MADV_POPULATE_READ and MADV_POPULATE_WRITE from Linux 5.14 to bits/mman-linux.h + + Linux 5.14 adds constants MADV_POPULATE_READ and MADV_POPULATE_WRITE + (with the same values on all architectures). Add these to glibc's + bits/mman-linux.h. + + Tested for x86_64. + + (cherry picked from commit 3561106278cddd2f007bd27fd4c3e90caaf14b43) + +diff --git a/sysdeps/unix/sysv/linux/bits/mman-linux.h b/sysdeps/unix/sysv/linux/bits/mman-linux.h +index 3b1ae418e073c122..31451c28d93f9f72 100644 +--- a/sysdeps/unix/sysv/linux/bits/mman-linux.h ++++ b/sysdeps/unix/sysv/linux/bits/mman-linux.h +@@ -89,6 +89,10 @@ + # define MADV_KEEPONFORK 19 /* Undo MADV_WIPEONFORK. */ + # define MADV_COLD 20 /* Deactivate these pages. */ + # define MADV_PAGEOUT 21 /* Reclaim these pages. */ ++# define MADV_POPULATE_READ 22 /* Populate (prefault) page tables ++ readable. */ ++# define MADV_POPULATE_WRITE 23 /* Populate (prefault) page tables ++ writable. */ + # define MADV_HWPOISON 100 /* Poison a page for testing. */ + #endif + diff --git a/glibc-upstream-2.34-3.patch b/glibc-upstream-2.34-3.patch new file mode 100644 index 0000000..136cbf2 --- /dev/null +++ b/glibc-upstream-2.34-3.patch @@ -0,0 +1,32 @@ +commit a5bd2e10e0c25b80286dc36068e22a4cb4893af0 +Author: Siddhesh Poyarekar +Date: Tue Aug 3 21:11:03 2021 +0530 + + gaiconf_init: Avoid double-free in label and precedence lists + + labellist and precedencelist could get freed a second time if there + are allocation failures, so set them to NULL to avoid a double-free. + + Reviewed-by: Arjun Shankar + (cherry picked from commit 77a34079d8f3d63b61543bf3af93043f8674e4c4) + +diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c +index 838a68f0229b5aa8..43dfc6739e350a58 100644 +--- a/sysdeps/posix/getaddrinfo.c ++++ b/sysdeps/posix/getaddrinfo.c +@@ -2008,6 +2008,7 @@ gaiconf_init (void) + l = l->next; + } + free_prefixlist (labellist); ++ labellist = NULL; + + /* Sort the entries so that the most specific ones are at + the beginning. */ +@@ -2046,6 +2047,7 @@ gaiconf_init (void) + l = l->next; + } + free_prefixlist (precedencelist); ++ precedencelist = NULL; + + /* Sort the entries so that the most specific ones are at + the beginning. */ diff --git a/glibc-upstream-2.34-4.patch b/glibc-upstream-2.34-4.patch new file mode 100644 index 0000000..12ce5e6 --- /dev/null +++ b/glibc-upstream-2.34-4.patch @@ -0,0 +1,24 @@ +commit 7ff4da3dc26de351a5abe7c2905038cbe55c8041 +Author: Siddhesh Poyarekar +Date: Tue Aug 3 21:10:53 2021 +0530 + + copy_and_spawn_sgid: Avoid double calls to close() + + If close() on infd and outfd succeeded, reset the fd numbers so that + we don't attempt to close them again. + + Reviewed-by: Arjun Shankar + (cherry picked from commit 45caed9d67a00af917d8b5b88d4b5eb1225b7aef) + +diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c +index 27bfd19c9374a183..0bacf6dbc23b0732 100644 +--- a/support/support_capture_subprocess.c ++++ b/support/support_capture_subprocess.c +@@ -170,6 +170,7 @@ copy_and_spawn_sgid (char *child_id, gid_t gid) + support_subprogram because we only want the program exit status, not the + contents. */ + ret = 0; ++ infd = outfd = -1; + + char * const args[] = {execname, child_id, NULL}; + diff --git a/glibc-upstream-2.34-5.patch b/glibc-upstream-2.34-5.patch new file mode 100644 index 0000000..fe8b853 --- /dev/null +++ b/glibc-upstream-2.34-5.patch @@ -0,0 +1,22 @@ +commit 9995d0588f4f9adc68419224d2b3698e2ca4f77e +Author: Siddhesh Poyarekar +Date: Tue Aug 3 21:10:29 2021 +0530 + + iconv_charmap: Close output file when done + + Reviewed-by: Arjun Shankar + (cherry picked from commit 1e0e6d656db9dfa12ef7eb67976385d3deb0d4ff) + +diff --git a/iconv/iconv_charmap.c b/iconv/iconv_charmap.c +index e2d53fee3cbfbb7a..a8b6b56124909f6c 100644 +--- a/iconv/iconv_charmap.c ++++ b/iconv/iconv_charmap.c +@@ -234,6 +234,8 @@ charmap_conversion (const char *from_code, struct charmap_t *from_charmap, + while (++remaining < argc); + + /* All done. */ ++ if (output != stdout) ++ fclose (output); + free_table (cvtbl); + return status; + } diff --git a/glibc-upstream-2.34-6.patch b/glibc-upstream-2.34-6.patch new file mode 100644 index 0000000..5e6a43d --- /dev/null +++ b/glibc-upstream-2.34-6.patch @@ -0,0 +1,65 @@ +commit 31902ae639d6a50e768a85f1cd2a17e56b8463c2 +Author: Florian Weimer +Date: Fri Aug 6 09:51:38 2021 +0200 + + Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (bug 28182) + + __REDIRECT and __THROW are not compatible with C++ due to the ordering of the + __asm__ alias and the throw specifier. __REDIRECT_NTH has to be used + instead. + + Fixes commit 8a40aff86ba5f64a3a84883e539cb67b ("io: Add time64 alias + for fcntl"), commit 82c395d91ea4f69120d453aeec398e30 ("misc: Add + time64 alias for ioctl"), commit b39ffab860cd743a82c91946619f1b8158 + ("Linux: Add time64 alias for prctl"). + + Reviewed-by: Carlos O'Donell + (cherry picked from commit c87fcacc50505d550f1bb038382bcc7ea73a5926) + +diff --git a/io/fcntl.h b/io/fcntl.h +index 8917a73b420b503d..1c96f98f4d75ce65 100644 +--- a/io/fcntl.h ++++ b/io/fcntl.h +@@ -187,10 +187,10 @@ extern int fcntl64 (int __fd, int __cmd, ...); + # endif + #else /* __USE_TIME_BITS64 */ + # ifdef __REDIRECT +-extern int __REDIRECT (fcntl, (int __fd, int __request, ...), +- __fcntl_time64) __THROW; +-extern int __REDIRECT (fcntl64, (int __fd, int __request, ...), +- __fcntl_time64) __THROW; ++extern int __REDIRECT_NTH (fcntl, (int __fd, int __request, ...), ++ __fcntl_time64); ++extern int __REDIRECT_NTH (fcntl64, (int __fd, int __request, ...), ++ __fcntl_time64); + # else + extern int __fcntl_time64 (int __fd, int __request, ...) __THROW; + # define fcntl64 __fcntl_time64 +diff --git a/misc/sys/ioctl.h b/misc/sys/ioctl.h +index 6884d9925f06125f..9945c1e9181eb313 100644 +--- a/misc/sys/ioctl.h ++++ b/misc/sys/ioctl.h +@@ -42,8 +42,8 @@ __BEGIN_DECLS + extern int ioctl (int __fd, unsigned long int __request, ...) __THROW; + #else + # ifdef __REDIRECT +-extern int __REDIRECT (ioctl, (int __fd, unsigned long int __request, ...), +- __ioctl_time64) __THROW; ++extern int __REDIRECT_NTH (ioctl, (int __fd, unsigned long int __request, ...), ++ __ioctl_time64); + # else + extern int __ioctl_time64 (int __fd, unsigned long int __request, ...) __THROW; + # define ioctl __ioctl_time64 +diff --git a/sysdeps/unix/sysv/linux/sys/prctl.h b/sysdeps/unix/sysv/linux/sys/prctl.h +index db88938b3a542b0b..f0e0d2f27f9b9ee9 100644 +--- a/sysdeps/unix/sysv/linux/sys/prctl.h ++++ b/sysdeps/unix/sysv/linux/sys/prctl.h +@@ -42,7 +42,7 @@ __BEGIN_DECLS + extern int prctl (int __option, ...) __THROW; + #else + # ifdef __REDIRECT +-extern int __REDIRECT (prctl, (int __option, ...), __prctl_time64) __THROW; ++extern int __REDIRECT_NTH (prctl, (int __option, ...), __prctl_time64); + # else + extern int __prctl_time64 (int __option,d ...) __THROW; + # define ioctl __prctl_time64 diff --git a/glibc-upstream-2.34-7.patch b/glibc-upstream-2.34-7.patch new file mode 100644 index 0000000..c49b837 --- /dev/null +++ b/glibc-upstream-2.34-7.patch @@ -0,0 +1,35 @@ +commit 79474303223c5665bec75ffbdb2a86ee04a2514b +Author: Nikita Popov +Date: Mon Aug 9 20:17:34 2021 +0530 + + librt: fix NULL pointer dereference (bug 28213) + + Helper thread frees copied attribute on NOTIFY_REMOVED message + received from the OS kernel. Unfortunately, it fails to check whether + copied attribute actually exists (data.attr != NULL). This worked + earlier because free() checks passed pointer before actually + attempting to release corresponding memory. But + __pthread_attr_destroy assumes pointer is not NULL. + + So passing NULL pointer to __pthread_attr_destroy will result in + segmentation fault. This scenario is possible if + notification->sigev_notify_attributes == NULL (which means default + thread attributes should be used). + + Signed-off-by: Nikita Popov + Reviewed-by: Siddhesh Poyarekar + (cherry picked from commit b805aebd42364fe696e417808a700fdb9800c9e8) + +diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c +index 9799dcdaa479a1d5..eccae2e4c6cdfefa 100644 +--- a/sysdeps/unix/sysv/linux/mq_notify.c ++++ b/sysdeps/unix/sysv/linux/mq_notify.c +@@ -131,7 +131,7 @@ helper_thread (void *arg) + to wait until it is done with it. */ + (void) __pthread_barrier_wait (¬ify_barrier); + } +- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED) ++ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED && data.attr != NULL) + { + /* The only state we keep is the copy of the thread attributes. */ + __pthread_attr_destroy (data.attr); diff --git a/glibc-upstream-2.34-8.patch b/glibc-upstream-2.34-8.patch new file mode 100644 index 0000000..b08f0ce --- /dev/null +++ b/glibc-upstream-2.34-8.patch @@ -0,0 +1,140 @@ +commit 7c987a5ccb31df80456d53a094e47f81310f549b +Author: Nikita Popov +Date: Thu Aug 12 16:09:50 2021 +0530 + + librt: add test (bug 28213) + + This test implements following logic: + 1) Create POSIX message queue. + Register a notification with mq_notify (using NULL attributes). + Then immediately unregister the notification with mq_notify. + Helper thread in a vulnerable version of glibc + should cause NULL pointer dereference after these steps. + 2) Once again, register the same notification. + Try to send a dummy message. + Test is considered successfulif the dummy message + is successfully received by the callback function. + + Signed-off-by: Nikita Popov + Reviewed-by: Siddhesh Poyarekar + (cherry picked from commit 4cc79c217744743077bf7a0ec5e0a4318f1e6641) + +diff --git a/rt/Makefile b/rt/Makefile +index 113cea03a5b75613..910e7759956d7ae9 100644 +--- a/rt/Makefile ++++ b/rt/Makefile +@@ -74,6 +74,7 @@ tests := tst-shm tst-timer tst-timer2 \ + tst-aio7 tst-aio8 tst-aio9 tst-aio10 \ + tst-mqueue1 tst-mqueue2 tst-mqueue3 tst-mqueue4 \ + tst-mqueue5 tst-mqueue6 tst-mqueue7 tst-mqueue8 tst-mqueue9 \ ++ tst-bz28213 \ + tst-timer3 tst-timer4 tst-timer5 \ + tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3 \ + tst-shm-cancel \ +diff --git a/rt/tst-bz28213.c b/rt/tst-bz28213.c +new file mode 100644 +index 0000000000000000..0c096b5a0ad4170a +--- /dev/null ++++ b/rt/tst-bz28213.c +@@ -0,0 +1,101 @@ ++/* Bug 28213: test for NULL pointer dereference in mq_notify. ++ Copyright (C) The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static mqd_t m = -1; ++static const char msg[] = "hello"; ++ ++static void ++check_bz28213_cb (union sigval sv) ++{ ++ char buf[sizeof (msg)]; ++ ++ (void) sv; ++ ++ TEST_VERIFY_EXIT ((size_t) mq_receive (m, buf, sizeof (buf), NULL) ++ == sizeof (buf)); ++ TEST_VERIFY_EXIT (memcmp (buf, msg, sizeof (buf)) == 0); ++ ++ exit (0); ++} ++ ++static void ++check_bz28213 (void) ++{ ++ struct sigevent sev; ++ ++ memset (&sev, '\0', sizeof (sev)); ++ sev.sigev_notify = SIGEV_THREAD; ++ sev.sigev_notify_function = check_bz28213_cb; ++ ++ /* Step 1: Register & unregister notifier. ++ Helper thread should receive NOTIFY_REMOVED notification. ++ In a vulnerable version of glibc, NULL pointer dereference follows. */ ++ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0); ++ TEST_VERIFY_EXIT (mq_notify (m, NULL) == 0); ++ ++ /* Step 2: Once again, register notification. ++ Try to send one message. ++ Test is considered successful, if the callback does exit (0). */ ++ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0); ++ TEST_VERIFY_EXIT (mq_send (m, msg, sizeof (msg), 1) == 0); ++ ++ /* Wait... */ ++ pause (); ++} ++ ++static int ++do_test (void) ++{ ++ static const char m_name[] = "/bz28213_queue"; ++ struct mq_attr m_attr; ++ ++ memset (&m_attr, '\0', sizeof (m_attr)); ++ m_attr.mq_maxmsg = 1; ++ m_attr.mq_msgsize = sizeof (msg); ++ ++ m = mq_open (m_name, ++ O_RDWR | O_CREAT | O_EXCL, ++ 0600, ++ &m_attr); ++ ++ if (m < 0) ++ { ++ if (errno == ENOSYS) ++ FAIL_UNSUPPORTED ("POSIX message queues are not implemented\n"); ++ FAIL_EXIT1 ("Failed to create POSIX message queue: %m\n"); ++ } ++ ++ TEST_VERIFY_EXIT (mq_unlink (m_name) == 0); ++ ++ check_bz28213 (); ++ ++ return 0; ++} ++ ++#include diff --git a/glibc-upstream-2.34-9.patch b/glibc-upstream-2.34-9.patch new file mode 100644 index 0000000..b22636d --- /dev/null +++ b/glibc-upstream-2.34-9.patch @@ -0,0 +1,24 @@ +commit 9acab0bba6a5a57323b1f94bf95b21618a9e5aa4 +Author: Arjun Shankar +Date: Fri Aug 20 16:24:05 2021 +0200 + + elf: Fix missing colon in LD_SHOW_AUXV output [BZ #28253] + + This commit adds a missing colon in the AT_MINSIGSTKSZ entry in + the _dl_show_auxv function. + + (cherry picked from commit 82fbcd7118d760492e2ecc9fa291e358b9ba0361) + +diff --git a/elf/dl-sysdep.c b/elf/dl-sysdep.c +index d47bef1340ce6f35..2c684c2db2a1f59b 100644 +--- a/elf/dl-sysdep.c ++++ b/elf/dl-sysdep.c +@@ -317,7 +317,7 @@ _dl_show_auxv (void) + [AT_SYSINFO_EHDR - 2] = { "SYSINFO_EHDR: 0x", hex }, + [AT_RANDOM - 2] = { "RANDOM: 0x", hex }, + [AT_HWCAP2 - 2] = { "HWCAP2: 0x", hex }, +- [AT_MINSIGSTKSZ - 2] = { "MINSIGSTKSZ ", dec }, ++ [AT_MINSIGSTKSZ - 2] = { "MINSIGSTKSZ: ", dec }, + [AT_L1I_CACHESIZE - 2] = { "L1I_CACHESIZE: ", dec }, + [AT_L1I_CACHEGEOMETRY - 2] = { "L1I_CACHEGEOMETRY: 0x", hex }, + [AT_L1D_CACHESIZE - 2] = { "L1D_CACHESIZE: ", dec }, diff --git a/glibc.spec b/glibc.spec index 7c373b5..eddcd3b 100644 --- a/glibc.spec +++ b/glibc.spec @@ -151,7 +151,7 @@ end \ Summary: The GNU libc libraries Name: glibc Version: %{glibcversion} -Release: 3%{?dist} +Release: 4%{?dist} # In general, GPLv2+ is used by programs, LGPLv2+ is used for # libraries. @@ -231,6 +231,26 @@ Patch23: glibc-python3.patch Patch29: glibc-fedora-nsswitch.patch Patch30: glibc-deprecated-selinux-makedb.patch Patch31: glibc-deprecated-selinux-nscd.patch +Patch32: glibc-upstream-2.34-1.patch +Patch33: glibc-upstream-2.34-2.patch +Patch34: glibc-upstream-2.34-3.patch +Patch35: glibc-upstream-2.34-4.patch +Patch36: glibc-upstream-2.34-5.patch +Patch37: glibc-upstream-2.34-6.patch +Patch38: glibc-upstream-2.34-7.patch +Patch39: glibc-upstream-2.34-8.patch +Patch40: glibc-upstream-2.34-9.patch +Patch41: glibc-upstream-2.34-10.patch +Patch42: glibc-upstream-2.34-11.patch +Patch43: glibc-upstream-2.34-12.patch +Patch44: glibc-upstream-2.34-13.patch +Patch45: glibc-upstream-2.34-14.patch +Patch46: glibc-upstream-2.34-15.patch +Patch47: glibc-upstream-2.34-16.patch +Patch48: glibc-upstream-2.34-17.patch +Patch49: glibc-upstream-2.34-18.patch +Patch50: glibc-upstream-2.34-19.patch +Patch51: glibc-upstream-2.34-20.patch ############################################################################## # Continued list of core "glibc" package information: @@ -2262,6 +2282,33 @@ fi %files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared %changelog +* Wed Sep 15 2021 Florian Weimer - 2.34-4 +- Sync with upstream branch release/2.34/master, + commit 4ed990e5b97a61f29f929bdeb36c5b2abb547a64: +- Add MADV_POPULATE_READ and MADV_POPULATE_WRITE from Linux 5.14 to + bits/mman-linux.h +- Update kernel version to 5.14 in tst-mman-consts.py +- Update syscall lists for Linux 5.14 +- Use Linux 5.14 in build-many-glibcs.py +- Fix failing nss/tst-nss-files-hosts-long with local resolver +- iconvconfig: Fix behaviour with --prefix [BZ #28199] +- nptl: Fix race between pthread_kill and thread exit (swbz#12889, #1994068) +- nptl: pthread_kill, pthread_cancel should not fail after exit + (swbz#19193, #1994068) +- support: Add support_wait_for_thread_exit +- MIPS: Setup errno for {f,l,}xstat +- x86-64: Use testl to check __x86_string_control +- elf: Fix missing colon in LD_SHOW_AUXV output (swbz#28253, #1995648) +- librt: add test (swbz#28213, #1994264) +- CVE-2021-38604: fix NULL pointer dereference in mq_notify + (swbz#28213, #1994264) +- Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (bug 28182) +- iconv_charmap: Close output file when done +- copy_and_spawn_sgid: Avoid double calls to close() +- gaiconf_init: Avoid double-free in label and precedence lists +- gconv_parseconfdir: Fix memory leak +- ldconfig: avoid leak on empty paths in config file + * Wed Sep 15 2021 Florian Weimer - 2.34-3 - Switch to upstream version of C.UTF-8 (#1997589)