forked from rpms/glibc
Import Import glibc-2.34-52.fc35 from f35
* Wed Nov 30 2022 Florian Weimer <fweimer@redhat.com> - 2.34-52 - Add noarch sysroot subpackages (#2149644) * Tue Nov 29 2022 Florian Weimer <fweimer@redhat.com> - 2.34-51 - Prepare for integration of GCC 8 compatible _Static_assert (#2149102) * Fri Nov 25 2022 Arjun Shankar <arjun@redhat.com> - 2.34-50 - Sync with upstream branch release/2.34/master, commit 405b8ae13540e9fd614df614e3361ebf9abd14cf: - elf: Fix wrong fscanf usage on tst-pldd - Allow for unpriviledged nested containers - elf: Fix wrong fscanf usage on tst-pldd - x86: Fix wcsnlen-avx2 page cross length comparison [BZ #29591] - elf: Fix rtld-audit trampoline for aarch64 Resolves: #2149102 Resolves: #2149644
This commit is contained in:
parent
1708d98eba
commit
fb3d49c3bf
19
glibc-rh2149102.patch
Normal file
19
glibc-rh2149102.patch
Normal file
@ -0,0 +1,19 @@
|
||||
commit b8c6166b1b75036ab3e4127a1c0aacf52ca93651
|
||||
Author: Florian Weimer <fweimer@redhat.com>
|
||||
Date: Mon Sep 6 19:43:37 2021 +0200
|
||||
|
||||
locale: Add missing second argument to _Static_assert in C-collate-seq.c
|
||||
|
||||
diff --git a/locale/C-collate-seq.c b/locale/C-collate-seq.c
|
||||
index 4fb82cb8357936b6..40b17f4f90313144 100644
|
||||
--- a/locale/C-collate-seq.c
|
||||
+++ b/locale/C-collate-seq.c
|
||||
@@ -55,7 +55,7 @@ static const char collseqmb[] =
|
||||
|
||||
/* This table must be 256 bytes in size. We index bytes into the
|
||||
table to find the collation sequence. */
|
||||
-_Static_assert (sizeof (collseqmb) == 256);
|
||||
+_Static_assert (sizeof (collseqmb) == 256, "sizeof (collseqmb)");
|
||||
|
||||
static const uint32_t collseqwc[] =
|
||||
{
|
46
glibc-upstream-2.34-361.patch
Normal file
46
glibc-upstream-2.34-361.patch
Normal file
@ -0,0 +1,46 @@
|
||||
commit 691f70b84a1284f35c8cf9fbf3ef3b1cec41c234
|
||||
Author: Vladislav Khmelevsky <och95@yandex.ru>
|
||||
Date: Thu Nov 17 12:47:29 2022 +0400
|
||||
|
||||
elf: Fix rtld-audit trampoline for aarch64
|
||||
|
||||
This patch fixes two problems with audit:
|
||||
|
||||
1. The DL_OFFSET_RV_VPCS offset was mixed up with DL_OFFSET_RG_VPCS,
|
||||
resulting in x2 register value nulling in RG structure.
|
||||
|
||||
2. We need to preserve the x8 register before function call, but
|
||||
don't have to save it's new value and restore it before return.
|
||||
|
||||
Anyway the final restore was using OFFSET_RV instead of OFFSET_RG value
|
||||
which is wrong (althoug doesn't affect anything).
|
||||
|
||||
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
||||
(cherry picked from commit eb4181e9f4a512de37dad4ba623c921671584dea)
|
||||
|
||||
diff --git a/sysdeps/aarch64/dl-trampoline.S b/sysdeps/aarch64/dl-trampoline.S
|
||||
index 457570e7df5148c0..b84c53d1a544c1b1 100644
|
||||
--- a/sysdeps/aarch64/dl-trampoline.S
|
||||
+++ b/sysdeps/aarch64/dl-trampoline.S
|
||||
@@ -298,12 +298,11 @@ _dl_runtime_profile:
|
||||
stp x2, x3, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*1]
|
||||
stp x4, x5, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*2]
|
||||
stp x6, x7, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*3]
|
||||
- str x8, [x29, #OFFSET_RG + DL_OFFSET_RG_X0 + 16*4]
|
||||
stp q0, q1, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*0]
|
||||
stp q2, q3, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*1]
|
||||
stp q4, q5, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*2]
|
||||
stp q6, q7, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*3]
|
||||
- str xzr, [X29, #OFFSET_RV + DL_OFFSET_RG_VPCS]
|
||||
+ str xzr, [X29, #OFFSET_RV + DL_OFFSET_RV_VPCS]
|
||||
|
||||
/* Setup call to pltexit */
|
||||
ldp x0, x1, [x29, #OFFSET_SAVED_CALL_X0]
|
||||
@@ -315,7 +314,6 @@ _dl_runtime_profile:
|
||||
ldp x2, x3, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*1]
|
||||
ldp x4, x5, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*2]
|
||||
ldp x6, x7, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*3]
|
||||
- ldr x8, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*4]
|
||||
ldp q0, q1, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*0]
|
||||
ldp q2, q3, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*1]
|
||||
ldp q4, q5, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*2]
|
128
glibc-upstream-2.34-362.patch
Normal file
128
glibc-upstream-2.34-362.patch
Normal file
@ -0,0 +1,128 @@
|
||||
commit e3255e7d2188d1731aad83ad0dc147513560aa1e
|
||||
Author: Noah Goldstein <goldstein.w.n@gmail.com>
|
||||
Date: Tue Sep 20 17:58:04 2022 -0700
|
||||
|
||||
x86: Fix wcsnlen-avx2 page cross length comparison [BZ #29591]
|
||||
|
||||
Previous implementation was adjusting length (rsi) to match
|
||||
bytes (eax), but since there is no bound to length this can cause
|
||||
overflow.
|
||||
|
||||
Fix is to just convert the byte-count (eax) to length by dividing by
|
||||
sizeof (wchar_t) before the comparison.
|
||||
|
||||
Full check passes on x86-64 and build succeeds w/ and w/o multiarch.
|
||||
|
||||
(cherry picked from commit b0969fa53a28b4ab2159806bf6c99a98999502ee)
|
||||
|
||||
diff --git a/string/test-strnlen.c b/string/test-strnlen.c
|
||||
index bb5d9b5f04fa6586..eac84cd17526d5d9 100644
|
||||
--- a/string/test-strnlen.c
|
||||
+++ b/string/test-strnlen.c
|
||||
@@ -75,7 +75,7 @@ do_test (size_t align, size_t len, size_t maxlen, int max_char)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
- align &= 63;
|
||||
+ align &= (getpagesize () / sizeof (CHAR) - 1);
|
||||
if ((align + len) * sizeof (CHAR) >= page_size)
|
||||
return;
|
||||
|
||||
@@ -92,36 +92,50 @@ do_test (size_t align, size_t len, size_t maxlen, int max_char)
|
||||
static void
|
||||
do_overflow_tests (void)
|
||||
{
|
||||
- size_t i, j, len;
|
||||
+ size_t i, j, al_idx, repeats, len;
|
||||
const size_t one = 1;
|
||||
uintptr_t buf_addr = (uintptr_t) buf1;
|
||||
+ const size_t alignments[] = { 0, 1, 7, 9, 31, 33, 63, 65, 95, 97, 127, 129 };
|
||||
|
||||
- for (i = 0; i < 750; ++i)
|
||||
+ for (al_idx = 0; al_idx < sizeof (alignments) / sizeof (alignments[0]);
|
||||
+ al_idx++)
|
||||
{
|
||||
- do_test (0, i, SIZE_MAX - i, BIG_CHAR);
|
||||
- do_test (0, i, i - buf_addr, BIG_CHAR);
|
||||
- do_test (0, i, -buf_addr - i, BIG_CHAR);
|
||||
- do_test (0, i, SIZE_MAX - buf_addr - i, BIG_CHAR);
|
||||
- do_test (0, i, SIZE_MAX - buf_addr + i, BIG_CHAR);
|
||||
-
|
||||
- len = 0;
|
||||
- for (j = 8 * sizeof(size_t) - 1; j ; --j)
|
||||
- {
|
||||
- len |= one << j;
|
||||
- do_test (0, i, len - i, BIG_CHAR);
|
||||
- do_test (0, i, len + i, BIG_CHAR);
|
||||
- do_test (0, i, len - buf_addr - i, BIG_CHAR);
|
||||
- do_test (0, i, len - buf_addr + i, BIG_CHAR);
|
||||
-
|
||||
- do_test (0, i, ~len - i, BIG_CHAR);
|
||||
- do_test (0, i, ~len + i, BIG_CHAR);
|
||||
- do_test (0, i, ~len - buf_addr - i, BIG_CHAR);
|
||||
- do_test (0, i, ~len - buf_addr + i, BIG_CHAR);
|
||||
-
|
||||
- do_test (0, i, -buf_addr, BIG_CHAR);
|
||||
- do_test (0, i, j - buf_addr, BIG_CHAR);
|
||||
- do_test (0, i, -buf_addr - j, BIG_CHAR);
|
||||
- }
|
||||
+ for (repeats = 0; repeats < 2; ++repeats)
|
||||
+ {
|
||||
+ size_t align = repeats ? (getpagesize () - alignments[al_idx])
|
||||
+ : alignments[al_idx];
|
||||
+ align /= sizeof (CHAR);
|
||||
+ for (i = 0; i < 750; ++i)
|
||||
+ {
|
||||
+ do_test (align, i, SIZE_MAX, BIG_CHAR);
|
||||
+
|
||||
+ do_test (align, i, SIZE_MAX - i, BIG_CHAR);
|
||||
+ do_test (align, i, i - buf_addr, BIG_CHAR);
|
||||
+ do_test (align, i, -buf_addr - i, BIG_CHAR);
|
||||
+ do_test (align, i, SIZE_MAX - buf_addr - i, BIG_CHAR);
|
||||
+ do_test (align, i, SIZE_MAX - buf_addr + i, BIG_CHAR);
|
||||
+
|
||||
+ len = 0;
|
||||
+ for (j = 8 * sizeof (size_t) - 1; j; --j)
|
||||
+ {
|
||||
+ len |= one << j;
|
||||
+ do_test (align, i, len, BIG_CHAR);
|
||||
+ do_test (align, i, len - i, BIG_CHAR);
|
||||
+ do_test (align, i, len + i, BIG_CHAR);
|
||||
+ do_test (align, i, len - buf_addr - i, BIG_CHAR);
|
||||
+ do_test (align, i, len - buf_addr + i, BIG_CHAR);
|
||||
+
|
||||
+ do_test (align, i, ~len - i, BIG_CHAR);
|
||||
+ do_test (align, i, ~len + i, BIG_CHAR);
|
||||
+ do_test (align, i, ~len - buf_addr - i, BIG_CHAR);
|
||||
+ do_test (align, i, ~len - buf_addr + i, BIG_CHAR);
|
||||
+
|
||||
+ do_test (align, i, -buf_addr, BIG_CHAR);
|
||||
+ do_test (align, i, j - buf_addr, BIG_CHAR);
|
||||
+ do_test (align, i, -buf_addr - j, BIG_CHAR);
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
diff --git a/sysdeps/x86_64/multiarch/strlen-avx2.S b/sysdeps/x86_64/multiarch/strlen-avx2.S
|
||||
index b282a75613bf52ab..4d7d68396bcd4049 100644
|
||||
--- a/sysdeps/x86_64/multiarch/strlen-avx2.S
|
||||
+++ b/sysdeps/x86_64/multiarch/strlen-avx2.S
|
||||
@@ -542,14 +542,11 @@ L(return_vzeroupper):
|
||||
L(cross_page_less_vec):
|
||||
tzcntl %eax, %eax
|
||||
# ifdef USE_AS_WCSLEN
|
||||
- /* NB: Multiply length by 4 to get byte count. */
|
||||
- sall $2, %esi
|
||||
+ /* NB: Divide by 4 to convert from byte-count to length. */
|
||||
+ shrl $2, %eax
|
||||
# endif
|
||||
cmpq %rax, %rsi
|
||||
cmovb %esi, %eax
|
||||
-# ifdef USE_AS_WCSLEN
|
||||
- shrl $2, %eax
|
||||
-# endif
|
||||
VZEROUPPER_RETURN
|
||||
# endif
|
||||
|
26
glibc-upstream-2.34-363.patch
Normal file
26
glibc-upstream-2.34-363.patch
Normal file
@ -0,0 +1,26 @@
|
||||
commit 309c4708aca762f57263a66e5bea926fdbfd82eb
|
||||
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
||||
Date: Fri Mar 25 11:16:49 2022 -0300
|
||||
|
||||
elf: Fix wrong fscanf usage on tst-pldd
|
||||
|
||||
To take in consideration the extra '\0'.
|
||||
|
||||
Checked on x86_64-linux-gnu.
|
||||
|
||||
(cherry picked from commit b2cd93fce666fdc8c9a5c64af2741a8a6940ac99)
|
||||
|
||||
diff --git a/elf/tst-pldd.c b/elf/tst-pldd.c
|
||||
index 210ca4d24b8338ab..72b7a99b369a105d 100644
|
||||
--- a/elf/tst-pldd.c
|
||||
+++ b/elf/tst-pldd.c
|
||||
@@ -113,7 +113,8 @@ do_test (void)
|
||||
TEST_VERIFY (out != NULL);
|
||||
|
||||
/* First line is in the form of <pid>: <full path of executable> */
|
||||
- TEST_COMPARE (fscanf (out, "%u: " STRINPUT (512), &pid, buffer), 2);
|
||||
+ TEST_COMPARE (fscanf (out, "%u: " STRINPUT (sizeof (buffer) - 1), &pid,
|
||||
+ buffer), 2);
|
||||
|
||||
TEST_COMPARE (pid, *target_pid_ptr);
|
||||
TEST_COMPARE (strcmp (basename (buffer), "tst-pldd"), 0);
|
362
glibc-upstream-2.34-364.patch
Normal file
362
glibc-upstream-2.34-364.patch
Normal file
@ -0,0 +1,362 @@
|
||||
commit 42b9d7def8fd7d26f1926cbc801923aa2c8a386a
|
||||
Author: DJ Delorie <dj@redhat.com>
|
||||
Date: Mon Mar 28 23:53:33 2022 -0400
|
||||
|
||||
Allow for unpriviledged nested containers
|
||||
|
||||
If the build itself is run in a container, we may not be able to
|
||||
fully set up a nested container for test-container testing.
|
||||
Notably is the mounting of /proc, since it's critical that it
|
||||
be mounted from within the same PID namespace as its users, and
|
||||
thus cannot be bind mounted from outside the container like other
|
||||
mounts.
|
||||
|
||||
This patch defaults to using the parent's PID namespace instead of
|
||||
creating a new one, as this is more likely to be allowed.
|
||||
|
||||
If the test needs an isolated PID namespace, it should add the "pidns"
|
||||
command to its init script.
|
||||
|
||||
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
||||
(cherry picked from commit 2fe64148a81f0d78050c302f34a6853d21f7cae4)
|
||||
|
||||
diff --git a/elf/tst-pldd.c b/elf/tst-pldd.c
|
||||
index 72b7a99b369a105d..6e4174cbf95b15c0 100644
|
||||
--- a/elf/tst-pldd.c
|
||||
+++ b/elf/tst-pldd.c
|
||||
@@ -85,6 +85,8 @@ in_str_list (const char *libname, const char *const strlist[])
|
||||
static int
|
||||
do_test (void)
|
||||
{
|
||||
+ support_need_proc ("needs /proc/sys/kernel/yama/ptrace_scope and /proc/$child");
|
||||
+
|
||||
/* Check if our subprocess can be debugged with ptrace. */
|
||||
{
|
||||
int ptrace_scope = support_ptrace_scope ();
|
||||
diff --git a/nptl/tst-pthread-getattr.c b/nptl/tst-pthread-getattr.c
|
||||
index 5f60cf9722b77a1a..6128402b2673c010 100644
|
||||
--- a/nptl/tst-pthread-getattr.c
|
||||
+++ b/nptl/tst-pthread-getattr.c
|
||||
@@ -28,6 +28,8 @@
|
||||
#include <unistd.h>
|
||||
#include <inttypes.h>
|
||||
|
||||
+#include <support/support.h>
|
||||
+
|
||||
/* There is an obscure bug in the kernel due to which RLIMIT_STACK is sometimes
|
||||
returned as unlimited when it is not, which may cause this test to fail.
|
||||
There is also the other case where RLIMIT_STACK is intentionally set as
|
||||
@@ -153,6 +155,8 @@ check_stack_top (void)
|
||||
static int
|
||||
do_test (void)
|
||||
{
|
||||
+ support_need_proc ("Reads /proc/self/maps to get stack size.");
|
||||
+
|
||||
pagesize = sysconf (_SC_PAGESIZE);
|
||||
return check_stack_top ();
|
||||
}
|
||||
diff --git a/nss/tst-reload2.c b/nss/tst-reload2.c
|
||||
index 5ecb032e9fcd6868..a494145dd679099d 100644
|
||||
--- a/nss/tst-reload2.c
|
||||
+++ b/nss/tst-reload2.c
|
||||
@@ -95,6 +95,8 @@ do_test (void)
|
||||
char buf1[PATH_MAX];
|
||||
char buf2[PATH_MAX];
|
||||
|
||||
+ support_need_proc ("Our xmkdirp fails if we can't map our uid, which requires /proc.");
|
||||
+
|
||||
sprintf (buf1, "/subdir%s", support_slibdir_prefix);
|
||||
xmkdirp (buf1, 0777);
|
||||
|
||||
diff --git a/support/Makefile b/support/Makefile
|
||||
index 6a5fc9faf2ca2e2d..0aa9d41c5a890087 100644
|
||||
--- a/support/Makefile
|
||||
+++ b/support/Makefile
|
||||
@@ -63,6 +63,7 @@ libsupport-routines = \
|
||||
support_format_hostent \
|
||||
support_format_netent \
|
||||
support_isolate_in_subprocess \
|
||||
+ support_need_proc \
|
||||
support_path_support_time64 \
|
||||
support_process_state \
|
||||
support_ptrace \
|
||||
diff --git a/support/support.h b/support/support.h
|
||||
index ecfc9a336d272a30..b69f588e2edce6be 100644
|
||||
--- a/support/support.h
|
||||
+++ b/support/support.h
|
||||
@@ -90,6 +90,11 @@ char *support_quote_string (const char *);
|
||||
regular file open for writing, and initially empty. */
|
||||
int support_descriptor_supports_holes (int fd);
|
||||
|
||||
+/* Predicates that a test requires a working /proc filesystem. This
|
||||
+ call will exit with UNSUPPORTED if /proc is not available, printing
|
||||
+ WHY_MSG as part of the diagnostic. */
|
||||
+void support_need_proc (const char *why_msg);
|
||||
+
|
||||
/* Error-checking wrapper functions which terminate the process on
|
||||
error. */
|
||||
|
||||
diff --git a/support/support_need_proc.c b/support/support_need_proc.c
|
||||
new file mode 100644
|
||||
index 0000000000000000..9b4eab7539b2d6c3
|
||||
--- /dev/null
|
||||
+++ b/support/support_need_proc.c
|
||||
@@ -0,0 +1,35 @@
|
||||
+/* Indicate that a test requires a working /proc.
|
||||
+ Copyright (C) 2022 Free Software Foundation, Inc.
|
||||
+ This file is part of the GNU C Library.
|
||||
+
|
||||
+ The GNU C Library is free software; you can redistribute it and/or
|
||||
+ modify it under the terms of the GNU Lesser General Public
|
||||
+ License as published by the Free Software Foundation; either
|
||||
+ version 2.1 of the License, or (at your option) any later version.
|
||||
+
|
||||
+ The GNU C Library is distributed in the hope that it will be useful,
|
||||
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
+ Lesser General Public License for more details.
|
||||
+
|
||||
+ You should have received a copy of the GNU Lesser General Public
|
||||
+ License along with the GNU C Library; if not, see
|
||||
+ <https://www.gnu.org/licenses/>. */
|
||||
+
|
||||
+#include <unistd.h>
|
||||
+#include <support/check.h>
|
||||
+#include <support/support.h>
|
||||
+
|
||||
+/* We test for /proc/self/maps since that's one of the files that one
|
||||
+ of our tests actually uses, but the general idea is if Linux's
|
||||
+ /proc/ (procfs) filesystem is mounted. If not, the process exits
|
||||
+ with an UNSUPPORTED result code. */
|
||||
+
|
||||
+void
|
||||
+support_need_proc (const char *why_msg)
|
||||
+{
|
||||
+#ifdef __linux__
|
||||
+ if (access ("/proc/self/maps", R_OK))
|
||||
+ FAIL_UNSUPPORTED ("/proc is not available, %s", why_msg);
|
||||
+#endif
|
||||
+}
|
||||
diff --git a/support/test-container.c b/support/test-container.c
|
||||
index 94498d39019a4776..7310335f7566b41e 100644
|
||||
--- a/support/test-container.c
|
||||
+++ b/support/test-container.c
|
||||
@@ -97,6 +97,7 @@ int verbose = 0;
|
||||
* mytest.root/mytest.script has a list of "commands" to run:
|
||||
syntax:
|
||||
# comment
|
||||
+ pidns <comment>
|
||||
su
|
||||
mv FILE FILE
|
||||
cp FILE FILE
|
||||
@@ -122,6 +123,8 @@ int verbose = 0;
|
||||
|
||||
details:
|
||||
- '#': A comment.
|
||||
+ - 'pidns': Require a separate PID namespace, prints comment if it can't
|
||||
+ (default is a shared pid namespace)
|
||||
- 'su': Enables running test as root in the container.
|
||||
- 'mv': A minimal move files command.
|
||||
- 'cp': A minimal copy files command.
|
||||
@@ -148,7 +151,7 @@ int verbose = 0;
|
||||
* Simple, easy to review code (i.e. prefer simple naive code over
|
||||
complex efficient code)
|
||||
|
||||
- * The current implementation ist parallel-make-safe, but only in
|
||||
+ * The current implementation is parallel-make-safe, but only in
|
||||
that it uses a lock to prevent parallel access to the testroot. */
|
||||
|
||||
|
||||
@@ -227,11 +230,37 @@ concat (const char *str, ...)
|
||||
return bufs[n];
|
||||
}
|
||||
|
||||
+/* Like the above, but put spaces between words. Caller frees. */
|
||||
+static char *
|
||||
+concat_words (char **words, int num_words)
|
||||
+{
|
||||
+ int len = 0;
|
||||
+ int i;
|
||||
+ char *rv, *p;
|
||||
+
|
||||
+ for (i = 0; i < num_words; i ++)
|
||||
+ {
|
||||
+ len += strlen (words[i]);
|
||||
+ len ++;
|
||||
+ }
|
||||
+
|
||||
+ p = rv = (char *) xmalloc (len);
|
||||
+
|
||||
+ for (i = 0; i < num_words; i ++)
|
||||
+ {
|
||||
+ if (i > 0)
|
||||
+ p = stpcpy (p, " ");
|
||||
+ p = stpcpy (p, words[i]);
|
||||
+ }
|
||||
+
|
||||
+ return rv;
|
||||
+}
|
||||
+
|
||||
/* Try to mount SRC onto DEST. */
|
||||
static void
|
||||
trymount (const char *src, const char *dest)
|
||||
{
|
||||
- if (mount (src, dest, "", MS_BIND, NULL) < 0)
|
||||
+ if (mount (src, dest, "", MS_BIND | MS_REC, NULL) < 0)
|
||||
FAIL_EXIT1 ("can't mount %s onto %s\n", src, dest);
|
||||
}
|
||||
|
||||
@@ -726,6 +755,9 @@ main (int argc, char **argv)
|
||||
gid_t original_gid;
|
||||
/* If set, the test runs as root instead of the user running the testsuite. */
|
||||
int be_su = 0;
|
||||
+ int require_pidns = 0;
|
||||
+ const char *pidns_comment = NULL;
|
||||
+ int do_proc_mounts = 0;
|
||||
int UMAP;
|
||||
int GMAP;
|
||||
/* Used for "%lld %lld 1" so need not be large. */
|
||||
@@ -1011,6 +1043,12 @@ main (int argc, char **argv)
|
||||
{
|
||||
be_su = 1;
|
||||
}
|
||||
+ else if (nt >= 1 && strcmp (the_words[0], "pidns") == 0)
|
||||
+ {
|
||||
+ require_pidns = 1;
|
||||
+ if (nt > 1)
|
||||
+ pidns_comment = concat_words (the_words + 1, nt - 1);
|
||||
+ }
|
||||
else if (nt == 3 && strcmp (the_words[0], "mkdirp") == 0)
|
||||
{
|
||||
long int m;
|
||||
@@ -1068,7 +1106,8 @@ main (int argc, char **argv)
|
||||
|
||||
#ifdef CLONE_NEWNS
|
||||
/* The unshare here gives us our own spaces and capabilities. */
|
||||
- if (unshare (CLONE_NEWUSER | CLONE_NEWPID | CLONE_NEWNS) < 0)
|
||||
+ if (unshare (CLONE_NEWUSER | CLONE_NEWNS
|
||||
+ | (require_pidns ? CLONE_NEWPID : 0)) < 0)
|
||||
{
|
||||
/* Older kernels may not support all the options, or security
|
||||
policy may block this call. */
|
||||
@@ -1079,6 +1118,11 @@ main (int argc, char **argv)
|
||||
check_for_unshare_hints ();
|
||||
FAIL_UNSUPPORTED ("unable to unshare user/fs: %s", strerror (saved_errno));
|
||||
}
|
||||
+ /* We're about to exit anyway, it's "safe" to call unshare again
|
||||
+ just to see if the CLONE_NEWPID caused the error. */
|
||||
+ else if (require_pidns && unshare (CLONE_NEWUSER | CLONE_NEWNS) >= 0)
|
||||
+ FAIL_EXIT1 ("unable to unshare pid ns: %s : %s", strerror (errno),
|
||||
+ pidns_comment ? pidns_comment : "required by test");
|
||||
else
|
||||
FAIL_EXIT1 ("unable to unshare user/fs: %s", strerror (errno));
|
||||
}
|
||||
@@ -1094,6 +1138,15 @@ main (int argc, char **argv)
|
||||
trymount (support_srcdir_root, new_srcdir_path);
|
||||
trymount (support_objdir_root, new_objdir_path);
|
||||
|
||||
+ /* It may not be possible to mount /proc directly. */
|
||||
+ if (! require_pidns)
|
||||
+ {
|
||||
+ char *new_proc = concat (new_root_path, "/proc", NULL);
|
||||
+ xmkdirp (new_proc, 0755);
|
||||
+ trymount ("/proc", new_proc);
|
||||
+ do_proc_mounts = 1;
|
||||
+ }
|
||||
+
|
||||
xmkdirp (concat (new_root_path, "/dev", NULL), 0755);
|
||||
devmount (new_root_path, "null");
|
||||
devmount (new_root_path, "zero");
|
||||
@@ -1163,42 +1216,60 @@ main (int argc, char **argv)
|
||||
|
||||
maybe_xmkdir ("/tmp", 0755);
|
||||
|
||||
- /* Now that we're pid 1 (effectively "root") we can mount /proc */
|
||||
- maybe_xmkdir ("/proc", 0777);
|
||||
- if (mount ("proc", "/proc", "proc", 0, NULL) < 0)
|
||||
- FAIL_EXIT1 ("Unable to mount /proc: ");
|
||||
-
|
||||
- /* We map our original UID to the same UID in the container so we
|
||||
- can own our own files normally. */
|
||||
- UMAP = open ("/proc/self/uid_map", O_WRONLY);
|
||||
- if (UMAP < 0)
|
||||
- FAIL_EXIT1 ("can't write to /proc/self/uid_map\n");
|
||||
-
|
||||
- sprintf (tmp, "%lld %lld 1\n",
|
||||
- (long long) (be_su ? 0 : original_uid), (long long) original_uid);
|
||||
- write (UMAP, tmp, strlen (tmp));
|
||||
- xclose (UMAP);
|
||||
-
|
||||
- /* We must disable setgroups () before we can map our groups, else we
|
||||
- get EPERM. */
|
||||
- GMAP = open ("/proc/self/setgroups", O_WRONLY);
|
||||
- if (GMAP >= 0)
|
||||
+ if (require_pidns)
|
||||
{
|
||||
- /* We support kernels old enough to not have this. */
|
||||
- write (GMAP, "deny\n", 5);
|
||||
- xclose (GMAP);
|
||||
+ /* Now that we're pid 1 (effectively "root") we can mount /proc */
|
||||
+ maybe_xmkdir ("/proc", 0777);
|
||||
+ if (mount ("proc", "/proc", "proc", 0, NULL) != 0)
|
||||
+ {
|
||||
+ /* This happens if we're trying to create a nested container,
|
||||
+ like if the build is running under podman, and we lack
|
||||
+ priviledges.
|
||||
+
|
||||
+ Ideally we would WARN here, but that would just add noise to
|
||||
+ *every* test-container test, and the ones that care should
|
||||
+ have their own relevent diagnostics.
|
||||
+
|
||||
+ FAIL_EXIT1 ("Unable to mount /proc: "); */
|
||||
+ }
|
||||
+ else
|
||||
+ do_proc_mounts = 1;
|
||||
}
|
||||
|
||||
- /* We map our original GID to the same GID in the container so we
|
||||
- can own our own files normally. */
|
||||
- GMAP = open ("/proc/self/gid_map", O_WRONLY);
|
||||
- if (GMAP < 0)
|
||||
- FAIL_EXIT1 ("can't write to /proc/self/gid_map\n");
|
||||
+ if (do_proc_mounts)
|
||||
+ {
|
||||
+ /* We map our original UID to the same UID in the container so we
|
||||
+ can own our own files normally. */
|
||||
+ UMAP = open ("/proc/self/uid_map", O_WRONLY);
|
||||
+ if (UMAP < 0)
|
||||
+ FAIL_EXIT1 ("can't write to /proc/self/uid_map\n");
|
||||
+
|
||||
+ sprintf (tmp, "%lld %lld 1\n",
|
||||
+ (long long) (be_su ? 0 : original_uid), (long long) original_uid);
|
||||
+ write (UMAP, tmp, strlen (tmp));
|
||||
+ xclose (UMAP);
|
||||
+
|
||||
+ /* We must disable setgroups () before we can map our groups, else we
|
||||
+ get EPERM. */
|
||||
+ GMAP = open ("/proc/self/setgroups", O_WRONLY);
|
||||
+ if (GMAP >= 0)
|
||||
+ {
|
||||
+ /* We support kernels old enough to not have this. */
|
||||
+ write (GMAP, "deny\n", 5);
|
||||
+ xclose (GMAP);
|
||||
+ }
|
||||
|
||||
- sprintf (tmp, "%lld %lld 1\n",
|
||||
- (long long) (be_su ? 0 : original_gid), (long long) original_gid);
|
||||
- write (GMAP, tmp, strlen (tmp));
|
||||
- xclose (GMAP);
|
||||
+ /* We map our original GID to the same GID in the container so we
|
||||
+ can own our own files normally. */
|
||||
+ GMAP = open ("/proc/self/gid_map", O_WRONLY);
|
||||
+ if (GMAP < 0)
|
||||
+ FAIL_EXIT1 ("can't write to /proc/self/gid_map\n");
|
||||
+
|
||||
+ sprintf (tmp, "%lld %lld 1\n",
|
||||
+ (long long) (be_su ? 0 : original_gid), (long long) original_gid);
|
||||
+ write (GMAP, tmp, strlen (tmp));
|
||||
+ xclose (GMAP);
|
||||
+ }
|
||||
|
||||
if (change_cwd)
|
||||
{
|
39
glibc-upstream-2.34-365.patch
Normal file
39
glibc-upstream-2.34-365.patch
Normal file
@ -0,0 +1,39 @@
|
||||
commit 405b8ae13540e9fd614df614e3361ebf9abd14cf
|
||||
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
||||
Date: Tue Jul 5 12:58:40 2022 -0300
|
||||
|
||||
elf: Fix wrong fscanf usage on tst-pldd
|
||||
|
||||
The fix done b2cd93fce666fdc8c9a5c64af2741a8a6940ac99 does not really
|
||||
work since macro strification does not expand the sizeof nor the
|
||||
arithmetic operation.
|
||||
|
||||
Checked on x86_64-linux-gnu.
|
||||
|
||||
(cherry picked from commit c353689e49e72f3aafa1a9e68d4f7a4f33a79cbe)
|
||||
|
||||
diff --git a/elf/tst-pldd.c b/elf/tst-pldd.c
|
||||
index 6e4174cbf95b15c0..d3ecb99149d619c6 100644
|
||||
--- a/elf/tst-pldd.c
|
||||
+++ b/elf/tst-pldd.c
|
||||
@@ -108,15 +108,16 @@ do_test (void)
|
||||
loader and libc. */
|
||||
{
|
||||
pid_t pid;
|
||||
- char buffer[512];
|
||||
-#define STRINPUT(size) "%" # size "s"
|
||||
+#define BUFFERLEN 511
|
||||
+ char buffer[BUFFERLEN + 1];
|
||||
+#define STRINPUT(size) XSTRINPUT(size)
|
||||
+#define XSTRINPUT(size) "%" # size "s"
|
||||
|
||||
FILE *out = fmemopen (pldd.out.buffer, pldd.out.length, "r");
|
||||
TEST_VERIFY (out != NULL);
|
||||
|
||||
/* First line is in the form of <pid>: <full path of executable> */
|
||||
- TEST_COMPARE (fscanf (out, "%u: " STRINPUT (sizeof (buffer) - 1), &pid,
|
||||
- buffer), 2);
|
||||
+ TEST_COMPARE (fscanf (out, "%u: " STRINPUT (BUFFERLEN), &pid, buffer), 2);
|
||||
|
||||
TEST_COMPARE (pid, *target_pid_ptr);
|
||||
TEST_COMPARE (strcmp (basename (buffer), "tst-pldd"), 0);
|
113
glibc.spec
113
glibc.spec
@ -148,7 +148,7 @@ end \
|
||||
Summary: The GNU libc libraries
|
||||
Name: glibc
|
||||
Version: %{glibcversion}
|
||||
Release: 49%{?dist}
|
||||
Release: 52%{?dist}
|
||||
|
||||
# In general, GPLv2+ is used by programs, LGPLv2+ is used for
|
||||
# libraries.
|
||||
@ -203,6 +203,19 @@ rpm.define("__debug_install_post bash " .. wrapper
|
||||
.. " " .. sysroot .. " " .. original)
|
||||
}
|
||||
|
||||
# sysroot package support. These contain arch-specific packages, so
|
||||
# turn off the rpmbuild check.
|
||||
%global _binaries_in_noarch_packages_terminate_build 0
|
||||
# Variant of %%dist that contains just the distribution release, no affixes.
|
||||
%{?fedora:%global sysroot_dist fc%{fedora}}
|
||||
%{?rhel:%global sysroot_dist el%{rhel}}
|
||||
%{?!sysroot_dist:%global sysroot_dist root}
|
||||
# The name of the sysroot package.
|
||||
%global sysroot_package_arch sysroot-%{_arch}-%{sysroot_dist}-%{name}
|
||||
# Installed path for the sysroot tree. Must contain /sys-root/, which
|
||||
# triggers filtering.
|
||||
%global sysroot_prefix /usr/%{_arch}-redhat-linux/sys-root/%{sysroot_dist}
|
||||
|
||||
# The wrapper script relies on the fact that debugedit does not change
|
||||
# build IDs.
|
||||
%define _no_recompute_build_ids 1
|
||||
@ -649,6 +662,12 @@ Patch438: glibc-upstream-2.34-357.patch
|
||||
Patch439: glibc-upstream-2.34-358.patch
|
||||
Patch440: glibc-upstream-2.34-359.patch
|
||||
# glibc-2.34-360-g75b0edb7ef only changes NEWS.
|
||||
Patch441: glibc-upstream-2.34-361.patch
|
||||
Patch442: glibc-upstream-2.34-362.patch
|
||||
Patch443: glibc-upstream-2.34-363.patch
|
||||
Patch444: glibc-upstream-2.34-364.patch
|
||||
Patch445: glibc-upstream-2.34-365.patch
|
||||
Patch446: glibc-rh2149102.patch
|
||||
|
||||
##############################################################################
|
||||
# Continued list of core "glibc" package information:
|
||||
@ -1450,6 +1469,21 @@ libpthread_nonshared.a which is no longer used. The static library
|
||||
libpthread_nonshared.a is an internal implementation detail of the C
|
||||
runtime and should not be expected to exist.
|
||||
|
||||
%if %{without bootstrap}
|
||||
%package -n %sysroot_package_arch
|
||||
Summary: Sysroot package for glibc, %{_arch} architecture
|
||||
BuildArch: noarch
|
||||
Provides: sysroot-%{_arch}-%{name}
|
||||
# The files are not usable for execution, so do not provide nor
|
||||
# require anything.
|
||||
AutoReqProv: no
|
||||
|
||||
%description -n %sysroot_package_arch
|
||||
This package contains development files for the glibc package
|
||||
that can be installed across architectures.
|
||||
%dnl %%{without bootstrap}
|
||||
%endif
|
||||
|
||||
##############################################################################
|
||||
# Prepare for the build.
|
||||
##############################################################################
|
||||
@ -1955,6 +1989,53 @@ done
|
||||
##############################################################################
|
||||
ar cr %{glibc_sysroot}%{_prefix}/%{_lib}/libpthread_nonshared.a
|
||||
|
||||
###############################################################################
|
||||
# Sysroot package creation.
|
||||
###############################################################################
|
||||
|
||||
%if %{without bootstrap}
|
||||
mkdir -p %{glibc_sysroot}/%{sysroot_prefix}
|
||||
pushd %{glibc_sysroot}/%{sysroot_prefix}
|
||||
mkdir -p usr/lib usr/lib64
|
||||
|
||||
cp -a %{glibc_sysroot}/%{_prefix}/include usr/.
|
||||
for lib in lib lib64; do
|
||||
for pfx in "" %{_prefix}/; do
|
||||
if test -d %{glibc_sysroot}/$pfx$lib ; then
|
||||
# Implement UsrMove: everything goes into usr/$lib. Only
|
||||
# copy files directly in $lib.
|
||||
find %{glibc_sysroot}/$pfx$lib -maxdepth 1 -type f \
|
||||
| xargs -I '{}' cp '{}' usr/$lib/.
|
||||
# Symbolic links need to be adjusted for UsrMove: They
|
||||
# need to stay within the same directory.
|
||||
for sl in `find %{glibc_sysroot}/$pfx$lib -maxdepth 1 -type l`; do
|
||||
set +x
|
||||
slbase=$(basename $sl)
|
||||
sltarget=$(basename $(readlink $sl))
|
||||
if ! test -r usr/$lib/$sltarget; then
|
||||
echo "$sl: inferred $sltarget ($(readlink $sl)) missing"
|
||||
exit 1
|
||||
fi
|
||||
set -x
|
||||
ln -s $sltarget usr/$lib/$slbase
|
||||
done
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
# Remove the executable bit from files in the sysroot. This prevents
|
||||
# debuginfo extraction.
|
||||
find -type f | xargs chmod a-x
|
||||
|
||||
# Use sysroot-relative paths in linker script. Ignore symbolic links.
|
||||
sed -e 's,\([^0-9a-zA-Z=*]/lib\),=/usr/lib,g' \
|
||||
-e 's,\([^0-9a-zA-Z=*]\)/,\1=/,g' \
|
||||
-i $(find -type f -name 'lib[cm].so')
|
||||
|
||||
popd
|
||||
%dnl %%{without bootstrap}
|
||||
%endif
|
||||
|
||||
##############################################################################
|
||||
# Beyond this point in the install process we no longer modify the set of
|
||||
# installed files.
|
||||
@ -2043,13 +2124,14 @@ touch compat-libpthread-nonshared.filelist
|
||||
# language specific sub-packages.
|
||||
# libnss_ files go into subpackages related to NSS modules.
|
||||
# and .*/share/i18n/charmaps/.*), they go into the sub-package
|
||||
# "locale-source":
|
||||
# "locale-source". /sys-root/ files are put into the sysroot package.
|
||||
sed -e '\,.*/share/locale/\([^/_]\+\).*/LC_MESSAGES/.*\.mo,d' \
|
||||
-e '\,.*/share/i18n/locales/.*,d' \
|
||||
-e '\,.*/share/i18n/charmaps/.*,d' \
|
||||
-e '\,.*/etc/\(localtime\|nsswitch.conf\|ld\.so\.conf\|ld\.so\.cache\|default\|rpc\|gai\.conf\),d' \
|
||||
-e '\,.*/%{_libdir}/lib\(pcprofile\|memusage\)\.so,d' \
|
||||
-e '\,.*/bin/\(memusage\|mtrace\|xtrace\|pcprofiledump\),d'
|
||||
-e '\,.*/bin/\(memusage\|mtrace\|xtrace\|pcprofiledump\),d' \
|
||||
-e '\,.*/sys-root,d'
|
||||
} | sort > master.filelist
|
||||
|
||||
# The master file list is now used by each subpackage to list their own
|
||||
@ -2384,8 +2466,9 @@ echo ====================PLT RELOCS END==================
|
||||
|
||||
# Obtain a way to run the dynamic loader. Avoid matching the symbolic
|
||||
# link and then pick the first loader (although there should be only
|
||||
# one). See wrap-find-debuginfo.sh.
|
||||
ldso_path="$(find %{glibc_sysroot}/ -regextype posix-extended \
|
||||
# one). Use -maxdepth 2 to avoid descending into the /sys-root/
|
||||
# sub-tree. See wrap-find-debuginfo.sh.
|
||||
ldso_path="$(find %{glibc_sysroot}/ -maxdepth 2 -regextype posix-extended \
|
||||
-regex '.*/ld(-.*|64|)\.so\.[0-9]+$' -type f | LC_ALL=C sort | head -n1)"
|
||||
run_ldso="$ldso_path --library-path %{glibc_sysroot}/%{_lib}"
|
||||
|
||||
@ -2704,7 +2787,27 @@ fi
|
||||
|
||||
%files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared
|
||||
|
||||
%if %{without bootstrap}
|
||||
%files -n sysroot-%{_arch}-%{sysroot_dist}-glibc
|
||||
%{sysroot_prefix}
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Nov 30 2022 Florian Weimer <fweimer@redhat.com> - 2.34-52
|
||||
- Add noarch sysroot subpackages (#2149644)
|
||||
|
||||
* Tue Nov 29 2022 Florian Weimer <fweimer@redhat.com> - 2.34-51
|
||||
- Prepare for integration of GCC 8 compatible _Static_assert (#2149102)
|
||||
|
||||
* Fri Nov 25 2022 Arjun Shankar <arjun@redhat.com> - 2.34-50
|
||||
- Sync with upstream branch release/2.34/master,
|
||||
commit 405b8ae13540e9fd614df614e3361ebf9abd14cf:
|
||||
- elf: Fix wrong fscanf usage on tst-pldd
|
||||
- Allow for unpriviledged nested containers
|
||||
- elf: Fix wrong fscanf usage on tst-pldd
|
||||
- x86: Fix wcsnlen-avx2 page cross length comparison [BZ #29591]
|
||||
- elf: Fix rtld-audit trampoline for aarch64
|
||||
|
||||
* Mon Nov 14 2022 Arjun Shankar <arjun@redhat.com> - 2.34-49
|
||||
- Sync with upstream branch release/2.34/master,
|
||||
commit: 75b0edb7ef338084e53925139ae81fb0dfc07dd4:
|
||||
|
@ -39,8 +39,8 @@ shift
|
||||
|
||||
# See ldso_path setting in glibc.spec.
|
||||
ldso_path=
|
||||
for ldso_candidate in `find "$sysroot_path" -regextype posix-extended \
|
||||
-regex '.*/ld(-.*|64|)\.so\.[0-9]+$' -type f` ; do
|
||||
for ldso_candidate in `find "$sysroot_path" -maxdepth 2 \
|
||||
-regextype posix-extended -regex '.*/ld(-.*|64|)\.so\.[0-9]+$' -type f` ; do
|
||||
if test -z "$ldso_path" ; then
|
||||
ldso_path="$ldso_candidate"
|
||||
else
|
||||
@ -51,7 +51,7 @@ done
|
||||
|
||||
# libc.so.6 always uses this name, so it is simpler to locate.
|
||||
libc_path=
|
||||
for libc_candidate in `find "$sysroot_path" -name libc.so.6`; do
|
||||
for libc_candidate in `find "$sysroot_path" -maxdepth 2 -name libc.so.6`; do
|
||||
if test -z "$libc_path" ; then
|
||||
libc_path="$libc_candidate"
|
||||
else
|
||||
@ -86,7 +86,8 @@ objcopy --add-section .gnu_debuglink="$libc_tmp.debuglink" "$libc_path"
|
||||
# ld.so does not have separated debuginfo and so the debuginfo file
|
||||
# generated by find-debuginfo is redundant. Therefore, remove it.
|
||||
ldso_debug=
|
||||
for ldso_debug_candidate in `find "$sysroot_path" -regextype posix-extended \
|
||||
for ldso_debug_candidate in `find "$sysroot_path" -maxdepth 2 \
|
||||
-regextype posix-extended \
|
||||
-regex '.*/ld(-.*|64|)\.so\.[0-9]+.*debug$' -type f` ; do
|
||||
if test -z "$ldso_debug" ; then
|
||||
ldso_debug="$ldso_debug_candidate"
|
||||
|
Loading…
Reference in New Issue
Block a user