From bd0ccb21041b6db2052844d9c36b12b1fa63c4ff Mon Sep 17 00:00:00 2001 From: Chunmei Xu Date: Thu, 5 Jan 2023 15:24:43 +0800 Subject: [PATCH] sync patches from 2.36 release branch optimise langpack subpackage Signed-off-by: Chunmei Xu --- ...tra-whitespace-between-timestamp-and.patch | 58 ++ 0021-Add-NEWS-entry-for-CVE-2022-39046.patch | 31 + ...-cache-invalidation-if-epoll-is-used.patch | 59 ++ ...esolv-byaddr-for-testing-reverse-loo.patch | 409 ++++++++ 0024-resolv-Add-tst-resolv-aliases.patch | 296 ++++++ ...-internal-__res_binary_hnok-function.patch | 64 ++ ...Add-the-__ns_samebinaryname-function.patch | 192 ++++ ...nal-__ns_name_length_uncompressed-fu.patch | 283 ++++++ ...acket-parsing-helpers-geared-towards.patch | 545 +++++++++++ ...Split-getanswer_ptr-from-getanswer_r.patch | 452 +++++++++ ..._nss_dns_gethostbyaddr2_r-and-getans.patch | 513 ++++++++++ ...ove-remnants-of-IPv6-address-mapping.patch | 321 +++++++ ...getanswer_r-to-match-getanswer_ptr-b.patch | 571 +++++++++++ ...getanswer_slice-skip-strange-aliases.patch | 57 ++ ...olv-Add-new-tst-resolv-invalid-cname.patch | 452 +++++++++ ..._nss_dns_gethostbyname4_r-using-curr.patch | 596 ++++++++++++ ...ing-tst-resolv-invalid-cname-for-ear.patch | 40 + ...ote-bug-12154-and-bug-29305-as-fixed.patch | 26 + ...t-tlsdesc-tst-audit-tlsdesc-dlopen-e.patch | 79 ++ ...ix-hwcaps-string-size-overestimation.patch | 60 ++ ...ring-test.py-Generate-program-run-ti.patch | 44 + ...ort_maps-parameter-from-skip-to-forc.patch | 87 ++ ...rce_first-handling-in-_dl_sort_maps_.patch | 114 +++ ...-interfaces-in-gconv_parseconfdir-bu.patch | 81 ++ ...yte-alignment-on-internal-locks-BZ-2.patch | 142 +++ ...dresses-Fix-subscript-typos-BZ-29605.patch | 38 + ...random_nocancel-type-and-arc4random-.patch | 60 ++ ...itialization-of-dp-register-BZ-29635.patch | 73 ++ ...-hppa-undef-__ASSUME_SET_ROBUST_LIST.patch | 27 + ...ude-BMI1-and-BMI2-in-x86-64-v3-level.patch | 31 + ...MI2-for-AVX2-str-n-casecmp-implement.patch | 118 +++ ...-BMI2-for-AVX2-strcmp-implementation.patch | 62 ++ ...BMI2-for-AVX2-strncmp-implementation.patch | 67 ++ ...MI2-for-AVX2-wcs-n-cmp-implementatio.patch | 56 ++ ...MI2-for-AVX2-raw-w-memchr-implementa.patch | 67 ++ ...MI2-and-LZCNT-for-AVX2-memrchr-imple.patch | 74 ++ ...MI1-BMI2-for-AVX2-strrchr-and-wcsrch.patch | 94 ++ ...ocal-address-tuple-variable-BZ-29607.patch | 68 ++ ...ons-happen-with-desired-rounding-mod.patch | 54 ++ ...ment-no-addrconfig-option-for-getent.patch | 79 ++ ...files-hosts-long-on-single-stack-hos.patch | 57 ++ ...refix-in-IPv4-address-in-tst-reload1.patch | 52 + ...etely-clear-reused-namespace-in-dlmo.patch | 111 +++ ...the-ibm128-implementation-of-y1l-too.patch | 37 + ...behaviour-in-ibm128-implementation-o.patch | 85 ++ ...c-struct_stat-for-64-bit-time-BZ-296.patch | 889 ++++++++++++++++++ ...-DL_DEBUG_BINDINGS-_dl_lookup_symbol.patch | 46 + ...e-from-GCC-for-LoongArch-clz-ctz-sup.patch | 38 + ...inux-Fix-fstatat-on-MIPSn64-BZ-29730.patch | 93 ++ ...I-related-macros-in-elf.h-to-keep-co.patch | 35 + ...KEFLAGS-assignment-for-upcoming-make.patch | 115 +++ ...ve-heuristic-for-ca-1986-Indiana-DST.patch | 78 ++ ...IPC_64-in-sysvctl-ctl-command-argume.patch | 243 +++++ ...ix-rtld-audit-trampoline-for-aarch64.patch | 51 + ...avx2-page-cross-length-comparison-BZ.patch | 137 +++ ...ctions-in-syslog.h-before-first-use-.patch | 79 ++ ...-nis-Build-libnsl-with-64-bit-time_t.patch | 79 ++ ...time_t-on-libc-nscd-routines-BZ-2940.patch | 58 ++ 0078-time-Use-64-bit-time-on-tzfile.patch | 29 + ...aybe-uninitialized-errors-with-Os-BZ.patch | 54 ++ ...press-GCC-Os-warning-on-user2netname.patch | 62 ++ 0081-x86-Fix-Os-build-BZ-29576.patch | 61 ++ glibc.spec | 582 +++--------- langpacklist | 198 ++++ 64 files changed, 9345 insertions(+), 464 deletions(-) create mode 100644 0020-syslog-Remove-extra-whitespace-between-timestamp-and.patch create mode 100644 0021-Add-NEWS-entry-for-CVE-2022-39046.patch create mode 100644 0022-nscd-Fix-netlink-cache-invalidation-if-epoll-is-used.patch create mode 100644 0023-resolv-Add-tst-resolv-byaddr-for-testing-reverse-loo.patch create mode 100644 0024-resolv-Add-tst-resolv-aliases.patch create mode 100644 0025-resolv-Add-internal-__res_binary_hnok-function.patch create mode 100644 0026-resolv-Add-the-__ns_samebinaryname-function.patch create mode 100644 0027-resolv-Add-internal-__ns_name_length_uncompressed-fu.patch create mode 100644 0028-resolv-Add-DNS-packet-parsing-helpers-geared-towards.patch create mode 100644 0029-nss_dns-Split-getanswer_ptr-from-getanswer_r.patch create mode 100644 0030-nss_dns-Rewrite-_nss_dns_gethostbyaddr2_r-and-getans.patch create mode 100644 0031-nss_dns-Remove-remnants-of-IPv6-address-mapping.patch create mode 100644 0032-nss_dns-Rewrite-getanswer_r-to-match-getanswer_ptr-b.patch create mode 100644 0033-nss_dns-In-gaih_getanswer_slice-skip-strange-aliases.patch create mode 100644 0034-resolv-Add-new-tst-resolv-invalid-cname.patch create mode 100644 0035-nss_dns-Rewrite-_nss_dns_gethostbyname4_r-using-curr.patch create mode 100644 0036-resolv-Fix-building-tst-resolv-invalid-cname-for-ear.patch create mode 100644 0037-NEWS-Note-bug-12154-and-bug-29305-as-fixed.patch create mode 100644 0038-elf-Run-tst-audit-tlsdesc-tst-audit-tlsdesc-dlopen-e.patch create mode 100644 0039-elf-Fix-hwcaps-string-size-overestimation.patch create mode 100644 0040-scripts-dso-ordering-test.py-Generate-program-run-ti.patch create mode 100644 0041-elf-Rename-_dl_sort_maps-parameter-from-skip-to-forc.patch create mode 100644 0042-elf-Implement-force_first-handling-in-_dl_sort_maps_.patch create mode 100644 0043-gconv-Use-64-bit-interfaces-in-gconv_parseconfdir-bu.patch create mode 100644 0044-m68k-Enforce-4-byte-alignment-on-internal-locks-BZ-2.patch create mode 100644 0045-get_nscd_addresses-Fix-subscript-typos-BZ-29605.patch create mode 100644 0046-stdlib-Fix-__getrandom_nocancel-type-and-arc4random-.patch create mode 100644 0047-hppa-Fix-initialization-of-dp-register-BZ-29635.patch create mode 100644 0048-hppa-undef-__ASSUME_SET_ROBUST_LIST.patch create mode 100644 0049-x86-include-BMI1-and-BMI2-in-x86-64-v3-level.patch create mode 100644 0050-x86-64-Require-BMI2-for-AVX2-str-n-casecmp-implement.patch create mode 100644 0051-x86-64-Require-BMI2-for-AVX2-strcmp-implementation.patch create mode 100644 0052-x86-64-Require-BMI2-for-AVX2-strncmp-implementation.patch create mode 100644 0053-x86-64-Require-BMI2-for-AVX2-wcs-n-cmp-implementatio.patch create mode 100644 0054-x86-64-Require-BMI2-for-AVX2-raw-w-memchr-implementa.patch create mode 100644 0055-x86-64-Require-BMI2-and-LZCNT-for-AVX2-memrchr-imple.patch create mode 100644 0056-x86-64-Require-BMI1-BMI2-for-AVX2-strrchr-and-wcsrch.patch create mode 100644 0057-nscd-Drop-local-address-tuple-variable-BZ-29607.patch create mode 100644 0058-Ensure-calculations-happen-with-desired-rounding-mod.patch create mode 100644 0059-nss-Implement-no-addrconfig-option-for-getent.patch create mode 100644 0060-nss-Fix-tst-nss-files-hosts-long-on-single-stack-hos.patch create mode 100644 0061-nss-Use-shared-prefix-in-IPv4-address-in-tst-reload1.patch create mode 100644 0062-elf-Do-not-completely-clear-reused-namespace-in-dlmo.patch create mode 100644 0063-Fix-BZ-29463-in-the-ibm128-implementation-of-y1l-too.patch create mode 100644 0064-Avoid-undefined-behaviour-in-ibm128-implementation-o.patch create mode 100644 0065-linux-Fix-generic-struct_stat-for-64-bit-time-BZ-296.patch create mode 100644 0066-elf-Reinstate-on-DL_DEBUG_BINDINGS-_dl_lookup_symbol.patch create mode 100644 0067-longlong.h-update-from-GCC-for-LoongArch-clz-ctz-sup.patch create mode 100644 0068-linux-Fix-fstatat-on-MIPSn64-BZ-29730.patch create mode 100644 0069-LoongArch-Fix-ABI-related-macros-in-elf.h-to-keep-co.patch create mode 100644 0070-Makerules-fix-MAKEFLAGS-assignment-for-upcoming-make.patch create mode 100644 0071-mktime-improve-heuristic-for-ca-1986-Indiana-DST.patch create mode 100644 0072-Linux-Support-__IPC_64-in-sysvctl-ctl-command-argume.patch create mode 100644 0073-elf-Fix-rtld-audit-trampoline-for-aarch64.patch create mode 100644 0074-x86-Fix-wcsnlen-avx2-page-cross-length-comparison-BZ.patch create mode 100644 0075-Apply-asm-redirections-in-syslog.h-before-first-use-.patch create mode 100644 0076-nis-Build-libnsl-with-64-bit-time_t.patch create mode 100644 0077-nscd-Use-64-bit-time_t-on-libc-nscd-routines-BZ-2940.patch create mode 100644 0078-time-Use-64-bit-time-on-tzfile.patch create mode 100644 0079-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch create mode 100644 0080-sunrpc-Suppress-GCC-Os-warning-on-user2netname.patch create mode 100644 0081-x86-Fix-Os-build-BZ-29576.patch create mode 100644 langpacklist diff --git a/0020-syslog-Remove-extra-whitespace-between-timestamp-and.patch b/0020-syslog-Remove-extra-whitespace-between-timestamp-and.patch new file mode 100644 index 0000000..86dd6e8 --- /dev/null +++ b/0020-syslog-Remove-extra-whitespace-between-timestamp-and.patch @@ -0,0 +1,58 @@ +From 645d94808aaa90fb1b20a25ff70bb50d9eb1d55b Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Mon, 5 Sep 2022 09:34:39 -0300 +Subject: [PATCH 20/81] syslog: Remove extra whitespace between timestamp and + message (BZ#29544) + +The rfc3164 clear states that a single space character must follow +the timestamp field. + +Checked on x86_64-linux-gnu. +--- + misc/syslog.c | 2 +- + misc/tst-syslog.c | 9 ++++++--- + 2 files changed, 7 insertions(+), 4 deletions(-) + +diff --git a/misc/syslog.c b/misc/syslog.c +index b88f66c835..f67d4b58a4 100644 +--- a/misc/syslog.c ++++ b/misc/syslog.c +@@ -167,7 +167,7 @@ __vsyslog_internal (int pri, const char *fmt, va_list ap, + _nl_C_locobj_ptr); + + #define SYSLOG_HEADER(__pri, __timestamp, __msgoff, pid) \ +- "<%d>%s %n%s%s%.0d%s: ", \ ++ "<%d>%s%n%s%s%.0d%s: ", \ + __pri, __timestamp, __msgoff, \ + LogTag == NULL ? __progname : LogTag, \ + "[" + (pid == 0), pid, "]" + (pid == 0) +diff --git a/misc/tst-syslog.c b/misc/tst-syslog.c +index 1d332ece53..3560b518a2 100644 +--- a/misc/tst-syslog.c ++++ b/misc/tst-syslog.c +@@ -275,16 +275,19 @@ parse_syslog_msg (const char *msg) + { + struct msg_t r = { .pid = -1 }; + int number; ++ int wsb, wsa; + + #define STRINPUT(size) XSTRINPUT(size) + #define XSTRINPUT(size) "%" # size "s" + + /* The message in the form: +- <179>Apr 8 14:51:19 tst-syslog: message 176 3 */ +- int n = sscanf (msg, "<%3d>%*s %*d %*d:%*d:%*d " STRINPUT(IDENT_LENGTH) ++ <179>Apr 8 14:51:19 tst-syslog: message 176 3 */ ++ int n = sscanf (msg, "<%3d>%*s %*d %*d:%*d:%*d%n %n" STRINPUT(IDENT_LENGTH) + " " STRINPUT(MSG_LENGTH) " %*d %*d", +- &number, r.ident, r.msg); ++ &number, &wsb, &wsa, r.ident, r.msg); + TEST_COMPARE (n, 3); ++ /* It should only one space between timestamp and message. */ ++ TEST_COMPARE (wsa - wsb, 1); + + r.facility = number & LOG_FACMASK; + r.priority = number & LOG_PRIMASK; +-- +2.19.1.6.gb485710b + diff --git a/0021-Add-NEWS-entry-for-CVE-2022-39046.patch b/0021-Add-NEWS-entry-for-CVE-2022-39046.patch new file mode 100644 index 0000000..785c0df --- /dev/null +++ b/0021-Add-NEWS-entry-for-CVE-2022-39046.patch @@ -0,0 +1,31 @@ +From b46412fb17e8bfc6c9e1f144bbcf833320c80f8a Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 6 Sep 2022 09:31:50 -0400 +Subject: [PATCH 21/81] Add NEWS entry for CVE-2022-39046 + +(cherry picked from commit 76fe56020e7ef354685b2284580ac1630c078a2b) +--- + NEWS | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/NEWS b/NEWS +index 757ded85e0..10a7613f09 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,6 +7,13 @@ using `glibc' in the "product" field. + + Version 2.36.1 + ++Security related changes: ++ ++ CVE-2022-39046: When the syslog function is passed a crafted input ++ string larger than 1024 bytes, it reads uninitialized memory from the ++ heap and prints it to the target log file, potentially revealing a ++ portion of the contents of the heap. ++ + The following bugs are resolved with this release: + + [28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning +-- +2.19.1.6.gb485710b + diff --git a/0022-nscd-Fix-netlink-cache-invalidation-if-epoll-is-used.patch b/0022-nscd-Fix-netlink-cache-invalidation-if-epoll-is-used.patch new file mode 100644 index 0000000..cfca8f3 --- /dev/null +++ b/0022-nscd-Fix-netlink-cache-invalidation-if-epoll-is-used.patch @@ -0,0 +1,59 @@ +From c399271c10bd00714504e8d4dfbec8aebf996dd4 Mon Sep 17 00:00:00 2001 +From: Fabian Vogt +Date: Wed, 27 Jul 2022 11:44:07 +0200 +Subject: [PATCH 22/81] nscd: Fix netlink cache invalidation if epoll is used + [BZ #29415] + +Processes cache network interface information such as whether IPv4 or IPv6 +are enabled. This is only checked again if the "netlink timestamp" provided +by nscd changed, which is triggered by netlink socket activity. + +However, in the epoll handler for the netlink socket, it was missed to +assign the new timestamp to the nscd database. The handler for plain poll +did that properly, copy that over. + +This bug caused that e.g. processes which started before network +configuration got unusuable addresses from getaddrinfo, like IPv6 only even +though only IPv4 is available: +https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1041 + +It's a bit hard to reproduce, so I verified this by checking the timestamp +on calls to __check_pf manually. Without this patch it's stuck at 1, now +it's increasing on network changes as expected. + +Signed-off-by: Fabian Vogt +(cherry picked from commit 02ca25fef2785974011e9c5beecc99b900b69fd7) +--- + NEWS | 1 + + nscd/connections.c | 3 ++- + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index 10a7613f09..9360596fcc 100644 +--- a/NEWS ++++ b/NEWS +@@ -17,6 +17,7 @@ Security related changes: + The following bugs are resolved with this release: + + [28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning ++ [29415] nscd: Fix netlink cache invalidation if epoll is used + [29446] _dlopen now ignores dl_caller argument in static mode + [29485] Linux: Terminate subprocess on late failure in tst-pidfd + [29490] alpha: New __brk_call implementation is broken +diff --git a/nscd/connections.c b/nscd/connections.c +index 61d1674eb4..531d2e83df 100644 +--- a/nscd/connections.c ++++ b/nscd/connections.c +@@ -2284,7 +2284,8 @@ main_loop_epoll (int efd) + sizeof (buf))) != -1) + ; + +- __bump_nl_timestamp (); ++ dbs[hstdb].head->extra_data[NSCD_HST_IDX_CONF_TIMESTAMP] ++ = __bump_nl_timestamp (); + } + # endif + else +-- +2.19.1.6.gb485710b + diff --git a/0023-resolv-Add-tst-resolv-byaddr-for-testing-reverse-loo.patch b/0023-resolv-Add-tst-resolv-byaddr-for-testing-reverse-loo.patch new file mode 100644 index 0000000..5f7ec9d --- /dev/null +++ b/0023-resolv-Add-tst-resolv-byaddr-for-testing-reverse-loo.patch @@ -0,0 +1,409 @@ +From 9d7eebde8f134ea25bdb9ab61bc74d5e71e41288 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 23/81] resolv: Add tst-resolv-byaddr for testing reverse + lookup + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 0b99828d54e5d1fc8f5ad3edf5ba262ad2e9c5b0) +--- + resolv/Makefile | 2 + + resolv/tst-resolv-byaddr.c | 326 +++++++++++++++++++++++++++ + resolv/tst-resolv-maybe_insert_sig.h | 32 +++ + 3 files changed, 360 insertions(+) + create mode 100644 resolv/tst-resolv-byaddr.c + create mode 100644 resolv/tst-resolv-maybe_insert_sig.h + +diff --git a/resolv/Makefile b/resolv/Makefile +index 5b15321f9b..98b10d97a0 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -91,6 +91,7 @@ tests += \ + tst-res_hnok \ + tst-resolv-basic \ + tst-resolv-binary \ ++ tst-resolv-byaddr \ + tst-resolv-edns \ + tst-resolv-network \ + tst-resolv-noaaaa \ +@@ -260,6 +261,7 @@ $(objpfx)tst-resolv-ai_idn-nolibidn2.out: \ + $(gen-locales) $(objpfx)tst-no-libidn2.so + $(objpfx)tst-resolv-basic: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-binary: $(objpfx)libresolv.so $(shared-thread-library) ++$(objpfx)tst-resolv-byaddr: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-edns: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-network: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-res_init: $(objpfx)libresolv.so +diff --git a/resolv/tst-resolv-byaddr.c b/resolv/tst-resolv-byaddr.c +new file mode 100644 +index 0000000000..6299e89837 +--- /dev/null ++++ b/resolv/tst-resolv-byaddr.c +@@ -0,0 +1,326 @@ ++/* Test reverse DNS lookup. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "tst-resolv-maybe_insert_sig.h" ++ ++/* QNAME format: ++ ++ ADDRESSES.CNAMES...(lots of 0s)...8.b.d.0.1.0.0.2.ip6.arpa. ++ CNAMES|ADDRESSES.2.0.192.in-addr-arpa. ++ ++ For the IPv4 reverse lookup, the address count is in the lower ++ bits. ++ ++ CNAMES is the length of the CNAME chain, ADDRESSES is the number of ++ addresses in the response. The special value 15 means that there ++ are no addresses, and the RCODE is NXDOMAIN. */ ++static void ++response (const struct resolv_response_context *ctx, ++ struct resolv_response_builder *b, ++ const char *qname, uint16_t qclass, uint16_t qtype) ++{ ++ TEST_COMPARE (qclass, C_IN); ++ TEST_COMPARE (qtype, T_PTR); ++ ++ unsigned int addresses, cnames, bits; ++ char *tail; ++ if (strstr (qname, "ip6.arpa") != NULL ++ && sscanf (qname, "%x.%x.%ms", &addresses, &cnames, &tail) == 3) ++ TEST_COMPARE_STRING (tail, "\ ++0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa"); ++ else if (sscanf (qname, "%u.%ms", &bits, &tail) == 2) ++ { ++ TEST_COMPARE_STRING (tail, "2.0.192.in-addr.arpa"); ++ addresses = bits & 0x0f; ++ cnames = bits >> 4; ++ } ++ else ++ FAIL_EXIT1 ("invalid QNAME: %s", qname); ++ free (tail); ++ ++ int rcode; ++ if (addresses == 15) ++ { ++ /* Special case: Use no addresses with NXDOMAIN response. */ ++ rcode = ns_r_nxdomain; ++ addresses = 0; ++ } ++ else ++ rcode = 0; ++ ++ struct resolv_response_flags flags = { .rcode = rcode }; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ resolv_response_section (b, ns_s_an); ++ maybe_insert_sig (b, qname); ++ ++ /* Provide the requested number of CNAME records. */ ++ char *previous_name = (char *) qname; ++ for (int unique = 0; unique < cnames; ++unique) ++ { ++ resolv_response_open_record (b, previous_name, qclass, T_CNAME, 60); ++ char *new_name = xasprintf ("%d.alias.example", unique); ++ resolv_response_add_name (b, new_name); ++ resolv_response_close_record (b); ++ ++ maybe_insert_sig (b, qname); ++ ++ if (previous_name != qname) ++ free (previous_name); ++ previous_name = new_name; ++ } ++ ++ for (int unique = 0; unique < addresses; ++unique) ++ { ++ resolv_response_open_record (b, previous_name, qclass, T_PTR, 60); ++ char *ptr = xasprintf ("unique-%d.cnames-%u.addresses-%u.example", ++ unique, cnames, addresses); ++ resolv_response_add_name (b, ptr); ++ free (ptr); ++ resolv_response_close_record (b); ++ } ++ ++ if (previous_name != qname) ++ free (previous_name); ++} ++ ++/* Used to check that gethostbyaddr_r does not write past the buffer ++ end. */ ++static struct support_next_to_fault ntf; ++ ++/* Perform a gethostbyaddr call and check the result. */ ++static void ++check_gethostbyaddr (const char *address, const char *expected) ++{ ++ unsigned char bytes[16]; ++ unsigned int byteslen; ++ int family; ++ if (strchr (address, ':') != NULL) ++ { ++ family = AF_INET6; ++ byteslen = 16; ++ } ++ else ++ { ++ family = AF_INET; ++ byteslen = 4; ++ } ++ TEST_COMPARE (inet_pton (family, address, bytes), 1); ++ ++ struct hostent *e = gethostbyaddr (bytes, byteslen, family); ++ check_hostent (address, e, expected); ++ ++ if (e == NULL) ++ return; ++ ++ /* Try gethostbyaddr_r with increasing sizes until success. First ++ compute a reasonable minimum buffer size, to avoid many pointless ++ attempts. */ ++ size_t minimum_size = strlen (e->h_name); ++ for (int i = 0; e->h_addr_list[i] != NULL; ++i) ++ minimum_size += e->h_length + sizeof (char *); ++ for (int i = 0; e->h_aliases[i] != NULL; ++i) ++ minimum_size += strlen (e->h_aliases[i]) + 1 + sizeof (char *); ++ ++ /* Gradually increase the size until success. */ ++ for (size_t size = minimum_size; size < ntf.length; ++size) ++ { ++ struct hostent result; ++ int herrno; ++ int ret = gethostbyaddr_r (bytes, byteslen, family, &result, ++ ntf.buffer + ntf.length - size, size, ++ &e, &herrno); ++ if (ret == ERANGE) ++ /* Retry with larger size. */ ++ TEST_COMPARE (herrno, NETDB_INTERNAL); ++ else if (ret == 0) ++ { ++ TEST_VERIFY (size > minimum_size); ++ check_hostent (address, e, expected); ++ return; ++ } ++ else ++ FAIL_EXIT1 ("Unexpected gethostbyaddr_r failure: %d", ret); ++ } ++ ++ FAIL_EXIT1 ("gethostbyaddr_r always failed for: %s", address); ++} ++ ++/* Perform a getnameinfo call and check the result. */ ++static void ++check_getnameinfo (const char *address, const char *expected) ++{ ++ struct sockaddr_in sin = { }; ++ struct sockaddr_in6 sin6 = { }; ++ void *sa; ++ socklen_t salen; ++ if (strchr (address, ':') != NULL) ++ { ++ sin6.sin6_family = AF_INET6; ++ TEST_COMPARE (inet_pton (AF_INET6, address, &sin6.sin6_addr), 1); ++ sin6.sin6_port = htons (80); ++ sa = &sin6; ++ salen = sizeof (sin6); ++ } ++ else ++ { ++ sin.sin_family = AF_INET; ++ TEST_COMPARE (inet_pton (AF_INET, address, &sin.sin_addr), 1); ++ sin.sin_port = htons (80); ++ sa = &sin; ++ salen = sizeof (sin); ++ } ++ ++ char host[64]; ++ char service[64]; ++ int ret = getnameinfo (sa, salen, host, ++ sizeof (host), service, sizeof (service), ++ NI_NAMEREQD | NI_NUMERICSERV); ++ switch (ret) ++ { ++ case 0: ++ TEST_COMPARE_STRING (host, expected); ++ TEST_COMPARE_STRING (service, "80"); ++ break; ++ case EAI_SYSTEM: ++ TEST_COMPARE_STRING (strerror (errno), expected); ++ break; ++ default: ++ TEST_COMPARE_STRING (gai_strerror (ret), expected); ++ } ++} ++ ++static int ++do_test (void) ++{ ++ /* Some reasonably upper bound for the maximum response size. */ ++ ntf = support_next_to_fault_allocate (4096); ++ ++ struct resolv_test *obj = resolv_test_start ++ ((struct resolv_redirect_config) ++ { ++ .response_callback = response ++ }); ++ ++ for (int do_insert_sig = 0; do_insert_sig < 2; ++do_insert_sig) ++ { ++ insert_sig = do_insert_sig; ++ ++ /* No PTR record, RCODE=0. */ ++ check_gethostbyaddr ("192.0.2.0", "error: NO_RECOVERY\n"); ++ check_getnameinfo ("192.0.2.0", "Name or service not known"); ++ check_gethostbyaddr ("192.0.2.16", "error: NO_RECOVERY\n"); ++ check_getnameinfo ("192.0.2.16", "Name or service not known"); ++ check_gethostbyaddr ("192.0.2.32", "error: NO_RECOVERY\n"); ++ check_getnameinfo ("192.0.2.32", "Name or service not known"); ++ check_gethostbyaddr ("2001:db8::", "error: NO_RECOVERY\n"); ++ check_getnameinfo ("2001:db8::", "Name or service not known"); ++ check_gethostbyaddr ("2001:db8::10", "error: NO_RECOVERY\n"); ++ check_getnameinfo ("2001:db8::10", "Name or service not known"); ++ check_gethostbyaddr ("2001:db8::20", "error: NO_RECOVERY\n"); ++ check_getnameinfo ("2001:db8::20", "Name or service not known"); ++ ++ /* No PTR record, NXDOMAIN. */ ++ check_gethostbyaddr ("192.0.2.15", "error: HOST_NOT_FOUND\n"); ++ check_getnameinfo ("192.0.2.15", "Name or service not known"); ++ check_gethostbyaddr ("192.0.2.31", "error: HOST_NOT_FOUND\n"); ++ check_getnameinfo ("192.0.2.31", "Name or service not known"); ++ check_gethostbyaddr ("192.0.2.47", "error: HOST_NOT_FOUND\n"); ++ check_getnameinfo ("192.0.2.47", "Name or service not known"); ++ check_gethostbyaddr ("2001:db8::f", "error: HOST_NOT_FOUND\n"); ++ check_getnameinfo ("2001:db8::f", "Name or service not known"); ++ check_gethostbyaddr ("2001:db8::1f", "error: HOST_NOT_FOUND\n"); ++ check_getnameinfo ("2001:db8::1f", "Name or service not known"); ++ check_gethostbyaddr ("2001:db8::2f", "error: HOST_NOT_FOUND\n"); ++ check_getnameinfo ("2001:db8::2f", "Name or service not known"); ++ ++ /* Actual response data. Only the first PTR record is returned. */ ++ check_gethostbyaddr ("192.0.2.1", ++ "name: unique-0.cnames-0.addresses-1.example\n" ++ "address: 192.0.2.1\n"); ++ check_getnameinfo ("192.0.2.1", ++ "unique-0.cnames-0.addresses-1.example"); ++ check_gethostbyaddr ("192.0.2.17", ++ "name: unique-0.cnames-1.addresses-1.example\n" ++ "address: 192.0.2.17\n"); ++ check_getnameinfo ("192.0.2.17", ++ "unique-0.cnames-1.addresses-1.example"); ++ check_gethostbyaddr ("192.0.2.18", ++ "name: unique-0.cnames-1.addresses-2.example\n" ++ "address: 192.0.2.18\n"); ++ check_getnameinfo ("192.0.2.18", ++ "unique-0.cnames-1.addresses-2.example"); ++ check_gethostbyaddr ("192.0.2.33", ++ "name: unique-0.cnames-2.addresses-1.example\n" ++ "address: 192.0.2.33\n"); ++ check_getnameinfo ("192.0.2.33", ++ "unique-0.cnames-2.addresses-1.example"); ++ check_gethostbyaddr ("192.0.2.34", ++ "name: unique-0.cnames-2.addresses-2.example\n" ++ "address: 192.0.2.34\n"); ++ check_getnameinfo ("192.0.2.34", ++ "unique-0.cnames-2.addresses-2.example"); ++ ++ /* Same for IPv6 addresses. */ ++ check_gethostbyaddr ("2001:db8::1", ++ "name: unique-0.cnames-0.addresses-1.example\n" ++ "address: 2001:db8::1\n"); ++ check_getnameinfo ("2001:db8::1", ++ "unique-0.cnames-0.addresses-1.example"); ++ check_gethostbyaddr ("2001:db8::11", ++ "name: unique-0.cnames-1.addresses-1.example\n" ++ "address: 2001:db8::11\n"); ++ check_getnameinfo ("2001:db8::11", ++ "unique-0.cnames-1.addresses-1.example"); ++ check_gethostbyaddr ("2001:db8::12", ++ "name: unique-0.cnames-1.addresses-2.example\n" ++ "address: 2001:db8::12\n"); ++ check_getnameinfo ("2001:db8::12", ++ "unique-0.cnames-1.addresses-2.example"); ++ check_gethostbyaddr ("2001:db8::21", ++ "name: unique-0.cnames-2.addresses-1.example\n" ++ "address: 2001:db8::21\n"); ++ check_getnameinfo ("2001:db8::21", ++ "unique-0.cnames-2.addresses-1.example"); ++ check_gethostbyaddr ("2001:db8::22", ++ "name: unique-0.cnames-2.addresses-2.example\n" ++ "address: 2001:db8::22\n"); ++ check_getnameinfo ("2001:db8::22", ++ "unique-0.cnames-2.addresses-2.example"); ++ } ++ ++ resolv_test_end (obj); ++ ++ support_next_to_fault_free (&ntf); ++ return 0; ++} ++ ++#include +diff --git a/resolv/tst-resolv-maybe_insert_sig.h b/resolv/tst-resolv-maybe_insert_sig.h +new file mode 100644 +index 0000000000..05725225af +--- /dev/null ++++ b/resolv/tst-resolv-maybe_insert_sig.h +@@ -0,0 +1,32 @@ ++/* Code snippet for optionally inserting ignored SIG records in resolver tests. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++/* Set to true for an alternative pass that inserts (ignored) SIG ++ records. This does not alter the response, so this property is not ++ encoded in the QNAME. The variable needs to be volatile because ++ leaf attributes tell GCC that the response function is not ++ called. */ ++static volatile bool insert_sig; ++ ++static void ++maybe_insert_sig (struct resolv_response_builder *b, const char *owner) ++{ ++ resolv_response_open_record (b, owner, C_IN, T_SIG, 60); ++ resolv_response_add_data (b, "", 1); ++ resolv_response_close_record (b); ++} +-- +2.19.1.6.gb485710b + diff --git a/0024-resolv-Add-tst-resolv-aliases.patch b/0024-resolv-Add-tst-resolv-aliases.patch new file mode 100644 index 0000000..34fd594 --- /dev/null +++ b/0024-resolv-Add-tst-resolv-aliases.patch @@ -0,0 +1,296 @@ +From bffc33e90ed57a4786c676dda92d935e3613e031 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 24/81] resolv: Add tst-resolv-aliases + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 87aa98aa80627553a66bdcad2701fd6307723645) +--- + resolv/Makefile | 2 + + resolv/tst-resolv-aliases.c | 254 ++++++++++++++++++++++++++++++++++++ + 2 files changed, 256 insertions(+) + create mode 100644 resolv/tst-resolv-aliases.c + +diff --git a/resolv/Makefile b/resolv/Makefile +index 98b10d97a0..0038bb7028 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -89,6 +89,7 @@ tests += \ + tst-ns_name_pton \ + tst-res_hconf_reorder \ + tst-res_hnok \ ++ tst-resolv-aliases \ + tst-resolv-basic \ + tst-resolv-binary \ + tst-resolv-byaddr \ +@@ -259,6 +260,7 @@ $(objpfx)tst-resolv-ai_idn.out: $(gen-locales) + $(objpfx)tst-resolv-ai_idn-latin1.out: $(gen-locales) + $(objpfx)tst-resolv-ai_idn-nolibidn2.out: \ + $(gen-locales) $(objpfx)tst-no-libidn2.so ++$(objpfx)tst-resolv-aliases: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-basic: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-binary: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-byaddr: $(objpfx)libresolv.so $(shared-thread-library) +diff --git a/resolv/tst-resolv-aliases.c b/resolv/tst-resolv-aliases.c +new file mode 100644 +index 0000000000..b212823aa0 +--- /dev/null ++++ b/resolv/tst-resolv-aliases.c +@@ -0,0 +1,254 @@ ++/* Test alias handling (mainly for gethostbyname). ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "tst-resolv-maybe_insert_sig.h" ++ ++/* QNAME format: ++ ++ aADDRESSES-cCNAMES.example.net ++ ++ CNAMES is the length of the CNAME chain, ADDRESSES is the number of ++ addresses in the response. The special value 255 means that there ++ are no addresses, and the RCODE is NXDOMAIN. */ ++static void ++response (const struct resolv_response_context *ctx, ++ struct resolv_response_builder *b, ++ const char *qname, uint16_t qclass, uint16_t qtype) ++{ ++ TEST_COMPARE (qclass, C_IN); ++ if (qtype != T_A) ++ TEST_COMPARE (qtype, T_AAAA); ++ ++ unsigned int addresses, cnames; ++ char *tail; ++ if (sscanf (qname, "a%u-c%u%ms", &addresses, &cnames, &tail) == 3) ++ { ++ if (strcmp (tail, ".example.com") == 0 ++ || strcmp (tail, ".example.net.example.net") == 0 ++ || strcmp (tail, ".example.net.example.com") == 0) ++ /* These only happen after NXDOMAIN. */ ++ TEST_VERIFY (addresses == 255); ++ else if (strcmp (tail, ".example.net") != 0) ++ FAIL_EXIT1 ("invalid QNAME: %s", qname); ++ } ++ free (tail); ++ ++ int rcode; ++ if (addresses == 255) ++ { ++ /* Special case: Use no addresses with NXDOMAIN response. */ ++ rcode = ns_r_nxdomain; ++ addresses = 0; ++ } ++ else ++ rcode = 0; ++ ++ struct resolv_response_flags flags = { .rcode = rcode }; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ resolv_response_section (b, ns_s_an); ++ maybe_insert_sig (b, qname); ++ ++ /* Provide the requested number of CNAME records. */ ++ char *previous_name = (char *) qname; ++ for (int unique = 0; unique < cnames; ++unique) ++ { ++ resolv_response_open_record (b, previous_name, qclass, T_CNAME, 60); ++ char *new_name = xasprintf ("%d.alias.example", unique); ++ resolv_response_add_name (b, new_name); ++ resolv_response_close_record (b); ++ ++ maybe_insert_sig (b, qname); ++ ++ if (previous_name != qname) ++ free (previous_name); ++ previous_name = new_name; ++ } ++ ++ for (int unique = 0; unique < addresses; ++unique) ++ { ++ resolv_response_open_record (b, previous_name, qclass, qtype, 60); ++ ++ if (qtype == T_A) ++ { ++ char ipv4[4] = {192, 0, 2, 1 + unique}; ++ resolv_response_add_data (b, &ipv4, sizeof (ipv4)); ++ } ++ else if (qtype == T_AAAA) ++ { ++ char ipv6[16] = ++ { ++ 0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 1 + unique ++ }; ++ resolv_response_add_data (b, &ipv6, sizeof (ipv6)); ++ } ++ resolv_response_close_record (b); ++ } ++ ++ if (previous_name != qname) ++ free (previous_name); ++} ++ ++static char * ++make_qname (bool do_search, int cnames, int addresses) ++{ ++ return xasprintf ("a%d-c%d%s", ++ addresses, cnames, do_search ? "" : ".example.net"); ++} ++ ++static void ++check_cnames_failure (int af, bool do_search, int cnames, int addresses) ++{ ++ char *qname = make_qname (do_search, cnames, addresses); ++ ++ struct hostent *e; ++ if (af == AF_UNSPEC) ++ e = gethostbyname (qname); ++ else ++ e = gethostbyname2 (qname, af); ++ ++ if (addresses == 0) ++ check_hostent (qname, e, "error: NO_RECOVERY\n"); ++ else ++ check_hostent (qname, e, "error: HOST_NOT_FOUND\n"); ++ ++ free (qname); ++} ++ ++static void ++check (int af, bool do_search, int cnames, int addresses) ++{ ++ char *qname = make_qname (do_search, cnames, addresses); ++ char *fqdn = make_qname (false, cnames, addresses); ++ ++ struct hostent *e; ++ if (af == AF_UNSPEC) ++ e = gethostbyname (qname); ++ else ++ e = gethostbyname2 (qname, af); ++ if (e == NULL) ++ FAIL_EXIT1 ("unexpected failure for %d, %d, %d", af, cnames, addresses); ++ ++ if (af == AF_UNSPEC || af == AF_INET) ++ { ++ TEST_COMPARE (e->h_addrtype, AF_INET); ++ TEST_COMPARE (e->h_length, 4); ++ } ++ else ++ { ++ TEST_COMPARE (e->h_addrtype, AF_INET6); ++ TEST_COMPARE (e->h_length, 16); ++ } ++ ++ for (int i = 0; i < addresses; ++i) ++ { ++ char ipv4[4] = {192, 0, 2, 1 + i}; ++ char ipv6[16] = ++ { 0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 + i }; ++ char *expected = e->h_addrtype == AF_INET ? ipv4 : ipv6; ++ TEST_COMPARE_BLOB (e->h_addr_list[i], e->h_length, ++ expected, e->h_length); ++ } ++ TEST_VERIFY (e->h_addr_list[addresses] == NULL); ++ ++ ++ if (cnames == 0) ++ { ++ /* QNAME is fully qualified. */ ++ TEST_COMPARE_STRING (e->h_name, fqdn); ++ TEST_VERIFY (e->h_aliases[0] == NULL); ++ } ++ else ++ { ++ /* Fully-qualified QNAME is demoted to an aliases. */ ++ TEST_COMPARE_STRING (e->h_aliases[0], fqdn); ++ ++ for (int i = 1; i <= cnames; ++i) ++ { ++ char *expected = xasprintf ("%d.alias.example", i - 1); ++ if (i == cnames) ++ TEST_COMPARE_STRING (e->h_name, expected); ++ else ++ TEST_COMPARE_STRING (e->h_aliases[i], expected); ++ free (expected); ++ } ++ TEST_VERIFY (e->h_aliases[cnames] == NULL); ++ } ++ ++ free (fqdn); ++ free (qname); ++} ++ ++static int ++do_test (void) ++{ ++ struct resolv_test *obj = resolv_test_start ++ ((struct resolv_redirect_config) ++ { ++ .response_callback = response, ++ .search = { "example.net", "example.com" }, ++ }); ++ ++ static const int families[] = { AF_UNSPEC, AF_INET, AF_INET6 }; ++ ++ for (int do_insert_sig = 0; do_insert_sig < 2; ++do_insert_sig) ++ { ++ insert_sig = do_insert_sig; ++ ++ /* If do_search is true, a bare host name (for example, a1-c1) ++ is used. This exercises search path processing and FQDN ++ qualification. */ ++ for (int do_search = 0; do_search < 2; ++do_search) ++ for (const int *paf = families; paf != array_end (families); ++paf) ++ { ++ for (int cnames = 0; cnames <= 100; ++cnames) ++ { ++ check_cnames_failure (*paf, do_search, cnames, 0); ++ /* Now with NXDOMAIN responses. */ ++ check_cnames_failure (*paf, do_search, cnames, 255); ++ } ++ ++ for (int cnames = 0; cnames <= 10; ++cnames) ++ for (int addresses = 1; addresses <= 10; ++addresses) ++ check (*paf, do_search, cnames, addresses); ++ ++ /* The current implementation is limited to 47 aliases. ++ Addresses do not have such a limit. */ ++ check (*paf, do_search, 47, 60); ++ } ++ } ++ ++ resolv_test_end (obj); ++ ++ return 0; ++} ++ ++#include +-- +2.19.1.6.gb485710b + diff --git a/0025-resolv-Add-internal-__res_binary_hnok-function.patch b/0025-resolv-Add-internal-__res_binary_hnok-function.patch new file mode 100644 index 0000000..b8e9d33 --- /dev/null +++ b/0025-resolv-Add-internal-__res_binary_hnok-function.patch @@ -0,0 +1,64 @@ +From 3c9b4004e2dccc9ca2ace078a0106f9d682fd1a0 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 25/81] resolv: Add internal __res_binary_hnok function + +During package parsing, only the binary representation is available, +and it is convenient to check that directly for conformance with host +name requirements. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit c79327bf00a4be6d60259227acc78ef80ead3622) +--- + include/resolv.h | 3 +++ + resolv/res-name-checking.c | 14 +++++++++----- + 2 files changed, 12 insertions(+), 5 deletions(-) + +diff --git a/include/resolv.h b/include/resolv.h +index 3590b6f496..4dbbac3800 100644 +--- a/include/resolv.h ++++ b/include/resolv.h +@@ -70,5 +70,8 @@ libc_hidden_proto (__libc_res_nameinquery) + extern __typeof (__res_queriesmatch) __libc_res_queriesmatch; + libc_hidden_proto (__libc_res_queriesmatch) + ++/* Variant of res_hnok which operates on binary (but uncompressed) names. */ ++bool __res_binary_hnok (const unsigned char *dn) attribute_hidden; ++ + # endif /* _RESOLV_H_ && !_ISOMAC */ + #endif +diff --git a/resolv/res-name-checking.c b/resolv/res-name-checking.c +index 07a412d8ff..213edceaf3 100644 +--- a/resolv/res-name-checking.c ++++ b/resolv/res-name-checking.c +@@ -138,6 +138,12 @@ binary_leading_dash (const unsigned char *dn) + return dn[0] > 0 && dn[1] == '-'; + } + ++bool ++__res_binary_hnok (const unsigned char *dn) ++{ ++ return !binary_leading_dash (dn) && binary_hnok (dn); ++} ++ + /* Return 1 if res_hnok is a valid host name. Labels must only + contain [0-9a-zA-Z_-] characters, and the name must not start with + a '-'. The latter is to avoid confusion with program options. */ +@@ -145,11 +151,9 @@ int + ___res_hnok (const char *dn) + { + unsigned char buf[NS_MAXCDNAME]; +- if (!printable_string (dn) +- || __ns_name_pton (dn, buf, sizeof (buf)) < 0 +- || binary_leading_dash (buf)) +- return 0; +- return binary_hnok (buf); ++ return (printable_string (dn) ++ && __ns_name_pton (dn, buf, sizeof (buf)) >= 0 ++ && __res_binary_hnok (buf)); + } + versioned_symbol (libc, ___res_hnok, res_hnok, GLIBC_2_34); + versioned_symbol (libc, ___res_hnok, __libc_res_hnok, GLIBC_PRIVATE); +-- +2.19.1.6.gb485710b + diff --git a/0026-resolv-Add-the-__ns_samebinaryname-function.patch b/0026-resolv-Add-the-__ns_samebinaryname-function.patch new file mode 100644 index 0000000..cc0fabd --- /dev/null +++ b/0026-resolv-Add-the-__ns_samebinaryname-function.patch @@ -0,0 +1,192 @@ +From 20ec40a51d3a8e9487f40dc9352d158def23ea8c Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 26/81] resolv: Add the __ns_samebinaryname function + +During packet parsing, only the binary name is available. If the name +equality check is performed before conversion to text, we can sometimes +skip the last step. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 394085a34d25a51513019a4dc411acd3527fbd33) +--- + include/arpa/nameser.h | 6 ++++ + resolv/Makefile | 5 +++ + resolv/ns_samebinaryname.c | 55 ++++++++++++++++++++++++++++++ + resolv/tst-ns_samebinaryname.c | 62 ++++++++++++++++++++++++++++++++++ + 4 files changed, 128 insertions(+) + create mode 100644 resolv/ns_samebinaryname.c + create mode 100644 resolv/tst-ns_samebinaryname.c + +diff --git a/include/arpa/nameser.h b/include/arpa/nameser.h +index 53f1dbc7c3..bb1dede187 100644 +--- a/include/arpa/nameser.h ++++ b/include/arpa/nameser.h +@@ -55,6 +55,12 @@ int __ns_name_ntop (const unsigned char *, char *, size_t) __THROW; + int __ns_name_unpack (const unsigned char *, const unsigned char *, + const unsigned char *, unsigned char *, size_t) __THROW; + ++/* Like ns_samename, but for uncompressed binary names. Return true ++ if the two arguments compare are equal as case-insensitive domain ++ names. */ ++_Bool __ns_samebinaryname (const unsigned char *, const unsigned char *) ++ attribute_hidden; ++ + #define ns_msg_getflag(handle, flag) \ + (((handle)._flags & _ns_flagdata[flag].mask) >> _ns_flagdata[flag].shift) + +diff --git a/resolv/Makefile b/resolv/Makefile +index 0038bb7028..ec61ad07bd 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -46,6 +46,7 @@ routines := \ + ns_name_skip \ + ns_name_uncompress \ + ns_name_unpack \ ++ ns_samebinaryname \ + ns_samename \ + nsap_addr \ + nss_dns_functions \ +@@ -106,6 +107,10 @@ tests += \ + tests-internal += tst-resolv-txnid-collision + tests-static += tst-resolv-txnid-collision + ++# Likewise for __ns_samebinaryname. ++tests-internal += tst-ns_samebinaryname ++tests-static += tst-ns_samebinaryname ++ + # These tests need libdl. + ifeq (yes,$(build-shared)) + tests += \ +diff --git a/resolv/ns_samebinaryname.c b/resolv/ns_samebinaryname.c +new file mode 100644 +index 0000000000..9a47d8e97a +--- /dev/null ++++ b/resolv/ns_samebinaryname.c +@@ -0,0 +1,55 @@ ++/* Compare two binary domain names for quality. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++/* Convert ASCII letters to upper case. */ ++static inline int ++ascii_toupper (unsigned char ch) ++{ ++ if (ch >= 'a' && ch <= 'z') ++ return ch - 'a' + 'A'; ++ else ++ return ch; ++} ++ ++bool ++__ns_samebinaryname (const unsigned char *a, const unsigned char *b) ++{ ++ while (*a != 0 && *b != 0) ++ { ++ if (*a != *b) ++ /* Different label length. */ ++ return false; ++ int labellen = *a; ++ ++a; ++ ++b; ++ for (int i = 0; i < labellen; ++i) ++ { ++ if (*a != *b && ascii_toupper (*a) != ascii_toupper (*b)) ++ /* Different character in label. */ ++ return false; ++ ++a; ++ ++b; ++ } ++ } ++ ++ /* Match if both names are at the root label. */ ++ return *a == 0 && *b == 0; ++} +diff --git a/resolv/tst-ns_samebinaryname.c b/resolv/tst-ns_samebinaryname.c +new file mode 100644 +index 0000000000..b06ac610b4 +--- /dev/null ++++ b/resolv/tst-ns_samebinaryname.c +@@ -0,0 +1,62 @@ ++/* Test the __ns_samebinaryname function. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++ ++/* First character denotes the comparison group: All names with the ++ same first character are expected to compare equal. */ ++static const char *const cases[] = ++ { ++ " ", ++ "1\001a", "1\001A", ++ "2\002ab", "2\002aB", "2\002Ab", "2\002AB", ++ "3\001a\002ab", "3\001A\002ab", ++ "w\003www\007example\003com", "w\003Www\007Example\003Com", ++ "w\003WWW\007EXAMPLE\003COM", ++ "W\003WWW", "W\003www", ++ }; ++ ++static int ++do_test (void) ++{ ++ for (int i = 0; i < array_length (cases); ++i) ++ for (int j = 0; j < array_length (cases); ++j) ++ { ++ unsigned char *a = (unsigned char *) &cases[i][1]; ++ unsigned char *b = (unsigned char *) &cases[j][1]; ++ bool actual = __ns_samebinaryname (a, b); ++ bool expected = cases[i][0] == cases[j][0]; ++ if (actual != expected) ++ { ++ char a1[NS_MAXDNAME]; ++ TEST_VERIFY (ns_name_ntop (a, a1, sizeof (a1)) > 0); ++ char b1[NS_MAXDNAME]; ++ TEST_VERIFY (ns_name_ntop (b, b1, sizeof (b1)) > 0); ++ printf ("error: \"%s\" \"%s\": expected %s\n", ++ a1, b1, expected ? "equal" : "unqueal"); ++ support_record_failure (); ++ } ++ } ++ return 0; ++} ++ ++#include +-- +2.19.1.6.gb485710b + diff --git a/0027-resolv-Add-internal-__ns_name_length_uncompressed-fu.patch b/0027-resolv-Add-internal-__ns_name_length_uncompressed-fu.patch new file mode 100644 index 0000000..3e0b76c --- /dev/null +++ b/0027-resolv-Add-internal-__ns_name_length_uncompressed-fu.patch @@ -0,0 +1,283 @@ +From adb69f8ffe83db5d475868b42996bc70de8cff77 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 27/81] resolv: Add internal __ns_name_length_uncompressed + function + +This function is useful for checking that the question name is +uncompressed (as it should be). + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 78b1a4f0e49064e5dfb686c7cd87bd4df2640b29) +--- + include/arpa/nameser.h | 8 ++ + resolv/Makefile | 5 + + resolv/ns_name_length_uncompressed.c | 72 ++++++++++++ + resolv/tst-ns_name_length_uncompressed.c | 135 +++++++++++++++++++++++ + 4 files changed, 220 insertions(+) + create mode 100644 resolv/ns_name_length_uncompressed.c + create mode 100644 resolv/tst-ns_name_length_uncompressed.c + +diff --git a/include/arpa/nameser.h b/include/arpa/nameser.h +index bb1dede187..6e4808f00d 100644 +--- a/include/arpa/nameser.h ++++ b/include/arpa/nameser.h +@@ -95,5 +95,13 @@ libc_hidden_proto (__ns_name_unpack) + extern __typeof (ns_samename) __libc_ns_samename; + libc_hidden_proto (__libc_ns_samename) + ++/* Packet parser helper functions. */ ++ ++/* Verify that P points to an uncompressed domain name in wire format. ++ On success, return the length of the encoded name, including the ++ terminating null byte. On failure, return -1 and set errno. EOM ++ must point one past the last byte in the packet. */ ++int __ns_name_length_uncompressed (const unsigned char *p, ++ const unsigned char *eom) attribute_hidden; + # endif /* !_ISOMAC */ + #endif +diff --git a/resolv/Makefile b/resolv/Makefile +index ec61ad07bd..bf28825f60 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -40,6 +40,7 @@ routines := \ + inet_pton \ + ns_makecanon \ + ns_name_compress \ ++ ns_name_length_uncompressed \ + ns_name_ntop \ + ns_name_pack \ + ns_name_pton \ +@@ -111,6 +112,10 @@ tests-static += tst-resolv-txnid-collision + tests-internal += tst-ns_samebinaryname + tests-static += tst-ns_samebinaryname + ++# Likewise for __ns_name_length_uncompressed. ++tests-internal += tst-ns_name_length_uncompressed ++tests-static += tst-ns_name_length_uncompressed ++ + # These tests need libdl. + ifeq (yes,$(build-shared)) + tests += \ +diff --git a/resolv/ns_name_length_uncompressed.c b/resolv/ns_name_length_uncompressed.c +new file mode 100644 +index 0000000000..51296b47ef +--- /dev/null ++++ b/resolv/ns_name_length_uncompressed.c +@@ -0,0 +1,72 @@ ++/* Skip over an uncompressed name in wire format. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++ ++int ++__ns_name_length_uncompressed (const unsigned char *p, ++ const unsigned char *eom) ++{ ++ const unsigned char *start = p; ++ ++ while (true) ++ { ++ if (p == eom) ++ { ++ /* Truncated packet: no room for label length. */ ++ __set_errno (EMSGSIZE); ++ return -1; ++ } ++ ++ unsigned char b = *p; ++ ++p; ++ if (b == 0) ++ { ++ /* Root label. */ ++ size_t length = p - start; ++ if (length > NS_MAXCDNAME) ++ { ++ /* Domain name too long. */ ++ __set_errno (EMSGSIZE); ++ return -1; ++ } ++ return length; ++ } ++ ++ if (b <= 63) ++ { ++ /* Regular label. */ ++ if (b <= eom - p) ++ p += b; ++ else ++ { ++ /* Truncated packet: label incomplete. */ ++ __set_errno (EMSGSIZE); ++ return -1; ++ } ++ } ++ else ++ { ++ /* Compression reference or corrupted label length. */ ++ __set_errno (EMSGSIZE); ++ return -1; ++ } ++ } ++} +diff --git a/resolv/tst-ns_name_length_uncompressed.c b/resolv/tst-ns_name_length_uncompressed.c +new file mode 100644 +index 0000000000..c4a2904db7 +--- /dev/null ++++ b/resolv/tst-ns_name_length_uncompressed.c +@@ -0,0 +1,135 @@ ++/* Test __ns_name_length_uncompressed. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/* Reference implementation based on other building blocks. */ ++static int ++reference_length (const unsigned char *p, const unsigned char *eom) ++{ ++ unsigned char buf[NS_MAXCDNAME]; ++ int n = __ns_name_unpack (p, eom, p, buf, sizeof (buf)); ++ if (n < 0) ++ return n; ++ const unsigned char *q = buf; ++ if (__ns_name_skip (&q, array_end (buf)) < 0) ++ return -1; ++ if (q - buf != n) ++ /* Compressed name. */ ++ return -1; ++ return n; ++} ++ ++static int ++do_test (void) ++{ ++ { ++ unsigned char buf[] = { 3, 'w', 'w', 'w', 0, 0, 0 }; ++ TEST_COMPARE (reference_length (buf, array_end (buf)), sizeof (buf) - 2); ++ TEST_COMPARE (__ns_name_length_uncompressed (buf, array_end (buf)), ++ sizeof (buf) - 2); ++ TEST_COMPARE (reference_length (array_end (buf) - 1, array_end (buf)), 1); ++ TEST_COMPARE (__ns_name_length_uncompressed (array_end (buf) - 1, ++ array_end (buf)), 1); ++ buf[4] = 0xc0; /* Forward compression reference. */ ++ buf[5] = 0x06; ++ TEST_COMPARE (reference_length (buf, array_end (buf)), -1); ++ TEST_COMPARE (__ns_name_length_uncompressed (buf, array_end (buf)), -1); ++ } ++ ++ struct support_next_to_fault ntf = support_next_to_fault_allocate (300); ++ ++ /* Buffer region with all possible bytes at start and end. */ ++ for (int length = 1; length <= 300; ++length) ++ { ++ unsigned char *end = (unsigned char *) ntf.buffer + ntf.length; ++ unsigned char *start = end - length; ++ memset (start, 'X', length); ++ for (int first = 0; first <= 255; ++first) ++ { ++ *start = first; ++ for (int last = 0; last <= 255; ++last) ++ { ++ start[length - 1] = last; ++ TEST_COMPARE (reference_length (start, end), ++ __ns_name_length_uncompressed (start, end)); ++ } ++ } ++ } ++ ++ /* Poor man's fuzz testing: patch two bytes. */ ++ { ++ unsigned char ref[] = ++ { ++ 7, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 3, 'n', 'e', 't', 0, 0, 0 ++ }; ++ TEST_COMPARE (reference_length (ref, array_end (ref)), 13); ++ TEST_COMPARE (__ns_name_length_uncompressed (ref, array_end (ref)), 13); ++ ++ int good = 0; ++ int bad = 0; ++ for (int length = 1; length <= sizeof (ref); ++length) ++ { ++ unsigned char *end = (unsigned char *) ntf.buffer + ntf.length; ++ unsigned char *start = end - length; ++ memcpy (start, ref, length); ++ ++ for (int patch1_pos = 0; patch1_pos < length; ++patch1_pos) ++ { ++ for (int patch1_value = 0; patch1_value <= 255; ++patch1_value) ++ { ++ start[patch1_pos] = patch1_value; ++ for (int patch2_pos = 0; patch2_pos < length; ++patch2_pos) ++ { ++ for (int patch2_value = 0; patch2_value <= 255; ++ ++patch2_value) ++ { ++ start[patch2_pos] = patch2_value; ++ int expected = reference_length (start, end); ++ errno = EINVAL; ++ int actual ++ = __ns_name_length_uncompressed (start, end); ++ if (actual > 0) ++ ++good; ++ else ++ { ++ TEST_COMPARE (errno, EMSGSIZE); ++ ++bad; ++ } ++ TEST_COMPARE (expected, actual); ++ } ++ start[patch2_pos] = ref[patch2_pos]; ++ } ++ } ++ start[patch1_pos] = ref[patch1_pos]; ++ } ++ } ++ printf ("info: patched inputs with success: %d\n", good); ++ printf ("info: patched inputs with failure: %d\n", bad); ++ } ++ ++ support_next_to_fault_free (&ntf); ++ return 0; ++} ++ ++#include +-- +2.19.1.6.gb485710b + diff --git a/0028-resolv-Add-DNS-packet-parsing-helpers-geared-towards.patch b/0028-resolv-Add-DNS-packet-parsing-helpers-geared-towards.patch new file mode 100644 index 0000000..df3aaa6 --- /dev/null +++ b/0028-resolv-Add-DNS-packet-parsing-helpers-geared-towards.patch @@ -0,0 +1,545 @@ +From f0e9657067240b8b105c6d58d5da9dc926f2f0ed Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 28/81] resolv: Add DNS packet parsing helpers geared towards + wire format + +The public parser functions around the ns_rr record type produce +textual domain names, but usually, this is not what we need while +parsing DNS packets within glibc. This commit adds two new helper +functions, __ns_rr_cursor_init and __ns_rr_cursor_next, for writing +packet parsers, and struct ns_rr_cursor, struct ns_rr_wire as +supporting types. + +In theory, it is possible to avoid copying the owner name +into the rname field in __ns_rr_cursor_next, but this would need +more functions that work on compressed names. + +Eventually, __res_context_send could be enhanced to preserve the +result of the packet parsing that is necessary for matching the +incoming UDP packets, so that this works does not have to be done +twice. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 857c890d9b42c50c8a94b76d47d4a61ab6d2f49c) +--- + include/arpa/nameser.h | 92 +++++++++++++++ + resolv/Makefile | 6 + + resolv/ns_rr_cursor_init.c | 62 ++++++++++ + resolv/ns_rr_cursor_next.c | 74 ++++++++++++ + resolv/tst-ns_rr_cursor.c | 227 +++++++++++++++++++++++++++++++++++++ + 5 files changed, 461 insertions(+) + create mode 100644 resolv/ns_rr_cursor_init.c + create mode 100644 resolv/ns_rr_cursor_next.c + create mode 100644 resolv/tst-ns_rr_cursor.c + +diff --git a/include/arpa/nameser.h b/include/arpa/nameser.h +index 6e4808f00d..c27e7886b7 100644 +--- a/include/arpa/nameser.h ++++ b/include/arpa/nameser.h +@@ -103,5 +103,97 @@ libc_hidden_proto (__libc_ns_samename) + must point one past the last byte in the packet. */ + int __ns_name_length_uncompressed (const unsigned char *p, + const unsigned char *eom) attribute_hidden; ++ ++/* Iterator over the resource records in a DNS packet. */ ++struct ns_rr_cursor ++{ ++ /* These members are not changed after initialization. */ ++ const unsigned char *begin; /* First byte of packet. */ ++ const unsigned char *end; /* One past the last byte of the packet. */ ++ const unsigned char *first_rr; /* First resource record (or packet end). */ ++ ++ /* Advanced towards the end while reading the packet. */ ++ const unsigned char *current; ++}; ++ ++/* Returns the RCODE field from the DNS header. */ ++static inline int ++ns_rr_cursor_rcode (const struct ns_rr_cursor *c) ++{ ++ return c->begin[3] & 0x0f; /* Lower 4 bits at offset 3. */ ++} ++ ++/* Returns the length of the answer section according to the DNS header. */ ++static inline int ++ns_rr_cursor_ancount (const struct ns_rr_cursor *c) ++{ ++ return c->begin[6] * 256 + c->begin[7]; /* 16 bits at offset 6. */ ++} ++ ++/* Returns the length of the authority (name server) section according ++ to the DNS header. */ ++static inline int ++ns_rr_cursor_nscount (const struct ns_rr_cursor *c) ++{ ++ return c->begin[8] * 256 + c->begin[9]; /* 16 bits at offset 8. */ ++} ++ ++/* Returns the length of the additional data section according to the ++ DNS header. */ ++static inline int ++ns_rr_cursor_adcount (const struct ns_rr_cursor *c) ++{ ++ return c->begin[10] * 256 + c->begin[11]; /* 16 bits at offset 10. */ ++} ++ ++/* Returns a pointer to the uncompressed question name in wire ++ format. */ ++static inline const unsigned char * ++ns_rr_cursor_qname (const struct ns_rr_cursor *c) ++{ ++ return c->begin + 12; /* QNAME starts right after the header. */ ++} ++ ++/* Returns the question type of the first and only question. */ ++static inline const int ++ns_rr_cursor_qtype (const struct ns_rr_cursor *c) ++{ ++ /* 16 bits 4 bytes back from the first RR header start. */ ++ return c->first_rr[-4] * 256 + c->first_rr[-3]; ++} ++ ++/* Returns the clss of the first and only question (usally C_IN). */ ++static inline const int ++ns_rr_cursor_qclass (const struct ns_rr_cursor *c) ++{ ++ /* 16 bits 2 bytes back from the first RR header start. */ ++ return c->first_rr[-2] * 256 + c->first_rr[-1]; ++} ++ ++/* Initializes *C to cover the packet [BUF, BUF+LEN). Returns false ++ if LEN is less than sizeof (*HD), if the packet does not contain a ++ full (uncompressed) question, or if the question count is not 1. */ ++_Bool __ns_rr_cursor_init (struct ns_rr_cursor *c, ++ const unsigned char *buf, size_t len) ++ attribute_hidden; ++ ++/* Like ns_rr, but the record owner name is not decoded into text format. */ ++struct ns_rr_wire ++{ ++ unsigned char rname[NS_MAXCDNAME]; /* Owner name of the record. */ ++ uint16_t rtype; /* Resource record type (T_*). */ ++ uint16_t rclass; /* Resource record class (C_*). */ ++ uint32_t ttl; /* Time-to-live field. */ ++ const unsigned char *rdata; /* Start of resource record data. */ ++ uint16_t rdlength; /* Length of the data at rdata, in bytes. */ ++}; ++ ++/* Attempts to parse the record at C into *RR. On success, return ++ true, and C is advanced past the record, and RR->rdata points to ++ the record data. On failure, errno is set to EMSGSIZE, and false ++ is returned. */ ++_Bool __ns_rr_cursor_next (struct ns_rr_cursor *c, struct ns_rr_wire *rr) ++ attribute_hidden; ++ + # endif /* !_ISOMAC */ + #endif +diff --git a/resolv/Makefile b/resolv/Makefile +index bf28825f60..018b1808d6 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -47,6 +47,8 @@ routines := \ + ns_name_skip \ + ns_name_uncompress \ + ns_name_unpack \ ++ ns_rr_cursor_init \ ++ ns_rr_cursor_next \ + ns_samebinaryname \ + ns_samename \ + nsap_addr \ +@@ -116,6 +118,10 @@ tests-static += tst-ns_samebinaryname + tests-internal += tst-ns_name_length_uncompressed + tests-static += tst-ns_name_length_uncompressed + ++# Likewise for struct ns_rr_cursor and its functions. ++tests-internal += tst-ns_rr_cursor ++tests-static += tst-ns_rr_cursor ++ + # These tests need libdl. + ifeq (yes,$(build-shared)) + tests += \ +diff --git a/resolv/ns_rr_cursor_init.c b/resolv/ns_rr_cursor_init.c +new file mode 100644 +index 0000000000..6ee80b30e9 +--- /dev/null ++++ b/resolv/ns_rr_cursor_init.c +@@ -0,0 +1,62 @@ ++/* Initialize a simple DNS packet parser. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++bool ++__ns_rr_cursor_init (struct ns_rr_cursor *c, ++ const unsigned char *buf, size_t len) ++{ ++ c->begin = buf; ++ c->end = buf + len; ++ ++ /* Check for header size and 16-bit question count value (it must be 1). */ ++ if (len < 12 || buf[4] != 0 || buf[5] != 1) ++ { ++ __set_errno (EMSGSIZE); ++ c->current = c->end; ++ return false; ++ } ++ c->current = buf + 12; ++ ++ int consumed = __ns_name_length_uncompressed (c->current, c->end); ++ if (consumed < 0) ++ { ++ __set_errno (EMSGSIZE); ++ c->current = c->end; ++ c->first_rr = NULL; ++ return false; ++ } ++ c->current += consumed; ++ ++ /* Ensure there is room for question type and class. */ ++ if (c->end - c->current < 4) ++ { ++ __set_errno (EMSGSIZE); ++ c->current = c->end; ++ c->first_rr = NULL; ++ return false; ++ } ++ c->current += 4; ++ c->first_rr = c->current; ++ ++ return true; ++} +diff --git a/resolv/ns_rr_cursor_next.c b/resolv/ns_rr_cursor_next.c +new file mode 100644 +index 0000000000..33652fc5da +--- /dev/null ++++ b/resolv/ns_rr_cursor_next.c +@@ -0,0 +1,74 @@ ++/* Simple DNS record parser without textual name decoding. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++bool ++__ns_rr_cursor_next (struct ns_rr_cursor *c, struct ns_rr_wire *rr) ++{ ++ rr->rdata = NULL; ++ ++ /* Extract the record owner name. */ ++ int consumed = __ns_name_unpack (c->begin, c->end, c->current, ++ rr->rname, sizeof (rr->rname)); ++ if (consumed < 0) ++ { ++ memset (rr, 0, sizeof (*rr)); ++ __set_errno (EMSGSIZE); ++ return false; ++ } ++ c->current += consumed; ++ ++ /* Extract the metadata. */ ++ struct ++ { ++ uint16_t rtype; ++ uint16_t rclass; ++ uint32_t ttl; ++ uint16_t rdlength; ++ } __attribute__ ((packed)) metadata; ++ _Static_assert (sizeof (metadata) == 10, "sizeof metadata"); ++ if (c->end - c->current < sizeof (metadata)) ++ { ++ memset (rr, 0, sizeof (*rr)); ++ __set_errno (EMSGSIZE); ++ return false; ++ } ++ memcpy (&metadata, c->current, sizeof (metadata)); ++ c->current += sizeof (metadata); ++ /* Endianess conversion. */ ++ rr->rtype = ntohs (metadata.rtype); ++ rr->rclass = ntohs (metadata.rclass); ++ rr->ttl = ntohl (metadata.ttl); ++ rr->rdlength = ntohs (metadata.rdlength); ++ ++ /* Extract record data. */ ++ if (c->end - c->current < rr->rdlength) ++ { ++ memset (rr, 0, sizeof (*rr)); ++ __set_errno (EMSGSIZE); ++ return false; ++ } ++ rr->rdata = c->current; ++ c->current += rr->rdlength; ++ ++ return true; ++} +diff --git a/resolv/tst-ns_rr_cursor.c b/resolv/tst-ns_rr_cursor.c +new file mode 100644 +index 0000000000..c3c0908905 +--- /dev/null ++++ b/resolv/tst-ns_rr_cursor.c +@@ -0,0 +1,227 @@ ++/* Tests for resource record parsing. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++ ++/* Reference packet for packet parsing. */ ++static const unsigned char valid_packet[] = ++ { 0x11, 0x12, 0x13, 0x14, ++ 0x00, 0x01, /* Question count. */ ++ 0x00, 0x02, /* Answer count. */ ++ 0x21, 0x22, 0x23, 0x24, /* Other counts (not actually in packet). */ ++ 3, 'w', 'w', 'w', 7, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 0, ++ 0x00, 0x1c, /* Question type: AAAA. */ ++ 0x00, 0x01, /* Question class: IN. */ ++ 0xc0, 0x0c, /* Compression reference to QNAME. */ ++ 0x00, 0x1c, /* Record type: AAAA. */ ++ 0x00, 0x01, /* Record class: IN. */ ++ 0x12, 0x34, 0x56, 0x78, /* Record TTL. */ ++ 0x00, 0x10, /* Record data length (16 bytes). */ ++ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, ++ 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, /* IPv6 address. */ ++ 0xc0, 0x0c, /* Compression reference to QNAME. */ ++ 0x00, 0x1c, /* Record type: AAAA. */ ++ 0x00, 0x01, /* Record class: IN. */ ++ 0x11, 0x33, 0x55, 0x77, /* Record TTL. */ ++ 0x00, 0x10, /* Record data length (16 bytes). */ ++ 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, ++ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, /* IPv6 address. */ ++ }; ++ ++/* Special offsets in valid_packet. */ ++enum ++ { ++ offset_of_first_record = 29, ++ offset_of_second_record = 57, ++ }; ++ ++/* Check that parsing valid_packet succeeds. */ ++static void ++test_valid (void) ++{ ++ struct ns_rr_cursor c; ++ TEST_VERIFY_EXIT (__ns_rr_cursor_init (&c, valid_packet, ++ sizeof (valid_packet))); ++ TEST_COMPARE (ns_rr_cursor_rcode (&c), 4); ++ TEST_COMPARE (ns_rr_cursor_ancount (&c), 2); ++ TEST_COMPARE (ns_rr_cursor_nscount (&c), 0x2122); ++ TEST_COMPARE (ns_rr_cursor_adcount (&c), 0x2324); ++ TEST_COMPARE_BLOB (ns_rr_cursor_qname (&c), 13, &valid_packet[12], 13); ++ TEST_COMPARE (ns_rr_cursor_qtype (&c), T_AAAA); ++ TEST_COMPARE (ns_rr_cursor_qclass (&c), C_IN); ++ TEST_COMPARE (c.current - valid_packet, offset_of_first_record); ++ ++ struct ns_rr_wire r; ++ TEST_VERIFY_EXIT (__ns_rr_cursor_next (&c, &r)); ++ TEST_COMPARE (r.rtype, T_AAAA); ++ TEST_COMPARE (r.rclass, C_IN); ++ TEST_COMPARE (r.ttl, 0x12345678); ++ TEST_COMPARE_BLOB (r.rdata, r.rdlength, ++ "\x90\x91\x92\x93\x94\x95\x96\x97" ++ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f", 16); ++ TEST_COMPARE (c.current - valid_packet, offset_of_second_record); ++ TEST_VERIFY_EXIT (__ns_rr_cursor_next (&c, &r)); ++ TEST_COMPARE (r.rtype, T_AAAA); ++ TEST_COMPARE (r.rclass, C_IN); ++ TEST_COMPARE (r.ttl, 0x11335577); ++ TEST_COMPARE_BLOB (r.rdata, r.rdlength, ++ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7" ++ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf", 16); ++ TEST_VERIFY (c.current == c.end); ++} ++ ++/* Check that trying to parse a packet with a compressed QNAME fails. */ ++static void ++test_compressed_qname (void) ++{ ++ static const unsigned char packet[] = ++ { 0x11, 0x12, 0x13, 0x14, ++ 0x00, 0x01, /* Question count. */ ++ 0x00, 0x00, /* Answer count. */ ++ 0x00, 0x00, 0x00, 0x00, /* Other counts. */ ++ 3, 'w', 'w', 'w', 7, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 0xc0, 0x04, ++ 0x00, 0x01, /* Question type: A. */ ++ 0x00, 0x01, /* Question class: IN. */ ++ }; ++ ++ struct ns_rr_cursor c; ++ TEST_VERIFY_EXIT (!__ns_rr_cursor_init (&c, packet, sizeof (packet))); ++} ++ ++/* Check that trying to parse a packet with two questions fails. */ ++static void ++test_two_questions (void) ++{ ++ static const unsigned char packet[] = ++ { 0x11, 0x12, 0x13, 0x14, ++ 0x00, 0x02, /* Question count. */ ++ 0x00, 0x00, /* Answer count. */ ++ 0x00, 0x00, 0x00, 0x00, /* Other counts. */ ++ 3, 'w', 'w', 'w', 7, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 0xc0, 0x04, ++ 0x00, 0x01, /* Question type: A. */ ++ 0x00, 0x01, /* Question class: IN. */ ++ 3, 'w', 'w', 'w', 7, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 0xc0, 0x04, ++ 0x00, 0x1c, /* Question type: AAAA. */ ++ 0x00, 0x01, /* Question class: IN. */ ++ }; ++ ++ struct ns_rr_cursor c; ++ TEST_VERIFY_EXIT (!__ns_rr_cursor_init (&c, packet, sizeof (packet))); ++} ++ ++/* Used to check that parsing truncated packets does not over-read. */ ++static struct support_next_to_fault ntf; ++ ++/* Truncated packet in the second resource record. */ ++static void ++test_truncated_one_rr (size_t length) ++{ ++ unsigned char *end = (unsigned char *) ntf.buffer - ntf.length; ++ unsigned char *start = end - length; ++ ++ /* Produce the truncated packet. */ ++ memcpy (start, valid_packet, length); ++ ++ struct ns_rr_cursor c; ++ TEST_VERIFY_EXIT (__ns_rr_cursor_init (&c, start, length)); ++ TEST_COMPARE (ns_rr_cursor_rcode (&c), 4); ++ TEST_COMPARE (ns_rr_cursor_ancount (&c), 2); ++ TEST_COMPARE (ns_rr_cursor_nscount (&c), 0x2122); ++ TEST_COMPARE (ns_rr_cursor_adcount (&c), 0x2324); ++ TEST_COMPARE_BLOB (ns_rr_cursor_qname (&c), 13, &valid_packet[12], 13); ++ TEST_COMPARE (ns_rr_cursor_qtype (&c), T_AAAA); ++ TEST_COMPARE (ns_rr_cursor_qclass (&c), C_IN); ++ TEST_COMPARE (c.current - start, offset_of_first_record); ++ ++ struct ns_rr_wire r; ++ TEST_VERIFY_EXIT (__ns_rr_cursor_next (&c, &r)); ++ TEST_COMPARE (r.rtype, T_AAAA); ++ TEST_COMPARE (r.rclass, C_IN); ++ TEST_COMPARE (r.ttl, 0x12345678); ++ TEST_COMPARE_BLOB (r.rdata, r.rdlength, ++ "\x90\x91\x92\x93\x94\x95\x96\x97" ++ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f", 16); ++ TEST_COMPARE (c.current - start, offset_of_second_record); ++ TEST_VERIFY (!__ns_rr_cursor_next (&c, &r)); ++} ++ ++/* Truncated packet in the first resource record. */ ++static void ++test_truncated_no_rr (size_t length) ++{ ++ unsigned char *end = (unsigned char *) ntf.buffer - ntf.length; ++ unsigned char *start = end - length; ++ ++ /* Produce the truncated packet. */ ++ memcpy (start, valid_packet, length); ++ ++ struct ns_rr_cursor c; ++ TEST_VERIFY_EXIT (__ns_rr_cursor_init (&c, start, length)); ++ TEST_COMPARE (ns_rr_cursor_rcode (&c), 4); ++ TEST_COMPARE (ns_rr_cursor_ancount (&c), 2); ++ TEST_COMPARE (ns_rr_cursor_nscount (&c), 0x2122); ++ TEST_COMPARE (ns_rr_cursor_adcount (&c), 0x2324); ++ TEST_COMPARE_BLOB (ns_rr_cursor_qname (&c), 13, &valid_packet[12], 13); ++ TEST_COMPARE (ns_rr_cursor_qtype (&c), T_AAAA); ++ TEST_COMPARE (ns_rr_cursor_qclass (&c), C_IN); ++ TEST_COMPARE (c.current - start, offset_of_first_record); ++ ++ struct ns_rr_wire r; ++ TEST_VERIFY (!__ns_rr_cursor_next (&c, &r)); ++} ++ ++/* Truncated packet before first resource record. */ ++static void ++test_truncated_before_rr (size_t length) ++{ ++ unsigned char *end = (unsigned char *) ntf.buffer - ntf.length; ++ unsigned char *start = end - length; ++ ++ /* Produce the truncated packet. */ ++ memcpy (start, valid_packet, length); ++ ++ struct ns_rr_cursor c; ++ TEST_VERIFY_EXIT (!__ns_rr_cursor_init (&c, start, length)); ++} ++ ++static int ++do_test (void) ++{ ++ ntf = support_next_to_fault_allocate (sizeof (valid_packet)); ++ ++ test_valid (); ++ test_compressed_qname (); ++ test_two_questions (); ++ ++ for (int length = offset_of_second_record; length < sizeof (valid_packet); ++ ++length) ++ test_truncated_one_rr (length); ++ for (int length = offset_of_first_record; length < offset_of_second_record; ++ ++length) ++ test_truncated_no_rr (length); ++ for (int length = 0; length < offset_of_first_record; ++length) ++ test_truncated_before_rr (length); ++ ++ support_next_to_fault_free (&ntf); ++ return 0; ++} ++ ++#include +-- +2.19.1.6.gb485710b + diff --git a/0029-nss_dns-Split-getanswer_ptr-from-getanswer_r.patch b/0029-nss_dns-Split-getanswer_ptr-from-getanswer_r.patch new file mode 100644 index 0000000..89226c0 --- /dev/null +++ b/0029-nss_dns-Split-getanswer_ptr-from-getanswer_r.patch @@ -0,0 +1,452 @@ +From b714ab7e3ce999b79401cdd22291128a7fd6d8ef Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 29/81] nss_dns: Split getanswer_ptr from getanswer_r + +And expand the use of name_ok and qtype in getanswer_ptr (the +former also in getanswer_r). + +After further cleanups, not much code will be shared between the +two functions. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 0dcc43e9981005540bf39dc7bf33fbab62cf9e84) +--- + resolv/nss_dns/dns-host.c | 320 +++++++++++++++++++++++++++++++------- + 1 file changed, 268 insertions(+), 52 deletions(-) + +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c +index 544cffbecd..d384e1f82d 100644 +--- a/resolv/nss_dns/dns-host.c ++++ b/resolv/nss_dns/dns-host.c +@@ -116,6 +116,11 @@ static enum nss_status getanswer_r (struct resolv_context *ctx, + struct hostent *result, char *buffer, + size_t buflen, int *errnop, int *h_errnop, + int map, int32_t *ttlp, char **canonp); ++static enum nss_status getanswer_ptr (const querybuf *answer, int anslen, ++ const char *qname, ++ struct hostent *result, char *buffer, ++ size_t buflen, int *errnop, ++ int *h_errnop, int32_t *ttlp); + + static enum nss_status gaih_getanswer (const querybuf *answer1, int anslen1, + const querybuf *answer2, int anslen2, +@@ -561,9 +566,8 @@ _nss_dns_gethostbyaddr2_r (const void *addr, socklen_t len, int af, + return errno == ECONNREFUSED ? NSS_STATUS_UNAVAIL : NSS_STATUS_NOTFOUND; + } + +- status = getanswer_r +- (ctx, host_buffer.buf, n, qbuf, T_PTR, result, buffer, buflen, +- errnop, h_errnop, 0 /* XXX */, ttlp, NULL); ++ status = getanswer_ptr (host_buffer.buf, n, qbuf, result, ++ buffer, buflen, errnop, h_errnop, ttlp); + if (host_buffer.buf != orig_host_buffer) + free (host_buffer.buf); + if (status != NSS_STATUS_SUCCESS) +@@ -659,8 +663,6 @@ getanswer_r (struct resolv_context *ctx, + int haveanswer, had_error; + char *bp, **ap, **hap; + char tbuf[MAXDNAME]; +- const char *tname; +- int (*name_ok) (const char *); + u_char packtmp[NS_MAXCDNAME]; + int have_to_map = 0; + uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data); +@@ -679,22 +681,8 @@ getanswer_r (struct resolv_context *ctx, + if (buflen - sizeof (struct host_data) != linebuflen) + linebuflen = INT_MAX; + +- tname = qname; + result->h_name = NULL; + end_of_message = answer->buf + anslen; +- switch (qtype) +- { +- case T_A: +- case T_AAAA: +- name_ok = __libc_res_hnok; +- break; +- case T_PTR: +- name_ok = __libc_res_dnok; +- break; +- default: +- *errnop = ENOENT; +- return NSS_STATUS_UNAVAIL; /* XXX should be abort(); */ +- } + + /* + * find first satisfactory answer +@@ -729,7 +717,7 @@ getanswer_r (struct resolv_context *ctx, + *h_errnop = NO_RECOVERY; + return NSS_STATUS_UNAVAIL; + } +- if (__glibc_unlikely (name_ok (bp) == 0)) ++ if (__glibc_unlikely (__libc_res_hnok (bp) == 0)) + { + errno = EBADMSG; + *errnop = EBADMSG; +@@ -783,7 +771,7 @@ getanswer_r (struct resolv_context *ctx, + n = -1; + } + +- if (__glibc_unlikely (n < 0 || (*name_ok) (bp) == 0)) ++ if (__glibc_unlikely (n < 0 || __libc_res_hnok (bp) == 0)) + { + ++had_error; + continue; +@@ -816,7 +804,7 @@ getanswer_r (struct resolv_context *ctx, + continue; /* XXX - had_error++ ? */ + } + +- if ((qtype == T_A || qtype == T_AAAA) && type == T_CNAME) ++ if (type == T_CNAME) + { + /* A CNAME could also have a TTL entry. */ + if (ttlp != NULL && ttl < *ttlp) +@@ -826,7 +814,7 @@ getanswer_r (struct resolv_context *ctx, + continue; + n = __libc_dn_expand (answer->buf, end_of_message, cp, + tbuf, sizeof tbuf); +- if (__glibc_unlikely (n < 0 || (*name_ok) (tbuf) == 0)) ++ if (__glibc_unlikely (n < 0 || __libc_res_hnok (tbuf) == 0)) + { + ++had_error; + continue; +@@ -857,7 +845,260 @@ getanswer_r (struct resolv_context *ctx, + continue; + } + +- if (qtype == T_PTR && type == T_CNAME) ++ if (type == T_A && qtype == T_AAAA && map) ++ have_to_map = 1; ++ else if (__glibc_unlikely (type != qtype)) ++ { ++ cp += n; ++ continue; /* XXX - had_error++ ? */ ++ } ++ ++ switch (type) ++ { ++ case T_A: ++ case T_AAAA: ++ if (__glibc_unlikely (__strcasecmp (result->h_name, bp) != 0)) ++ { ++ cp += n; ++ continue; /* XXX - had_error++ ? */ ++ } ++ ++ /* Stop parsing at a record whose length is incorrect. */ ++ if (n != rrtype_to_rdata_length (type)) ++ { ++ ++had_error; ++ break; ++ } ++ ++ /* Skip records of the wrong type. */ ++ if (n != result->h_length) ++ { ++ cp += n; ++ continue; ++ } ++ if (!haveanswer) ++ { ++ int nn; ++ ++ /* We compose a single hostent out of the entire chain of ++ entries, so the TTL of the hostent is essentially the lowest ++ TTL in the chain. */ ++ if (ttlp != NULL && ttl < *ttlp) ++ *ttlp = ttl; ++ if (canonp != NULL) ++ *canonp = bp; ++ result->h_name = bp; ++ nn = strlen (bp) + 1; /* for the \0 */ ++ bp += nn; ++ linebuflen -= nn; ++ } ++ ++ /* Provide sufficient alignment for both address ++ families. */ ++ enum { align = 4 }; ++ _Static_assert ((align % __alignof__ (struct in_addr)) == 0, ++ "struct in_addr alignment"); ++ _Static_assert ((align % __alignof__ (struct in6_addr)) == 0, ++ "struct in6_addr alignment"); ++ { ++ char *new_bp = PTR_ALIGN_UP (bp, align); ++ linebuflen -= new_bp - bp; ++ bp = new_bp; ++ } ++ ++ if (__glibc_unlikely (n > linebuflen)) ++ goto too_small; ++ bp = __mempcpy (*hap++ = bp, cp, n); ++ cp += n; ++ linebuflen -= n; ++ break; ++ default: ++ abort (); ++ } ++ if (had_error == 0) ++ ++haveanswer; ++ } ++ ++ if (haveanswer > 0) ++ { ++ *ap = NULL; ++ *hap = NULL; ++ /* ++ * Note: we sort even if host can take only one address ++ * in its return structures - should give it the "best" ++ * address in that case, not some random one ++ */ ++ if (haveanswer > 1 && qtype == T_A ++ && __resolv_context_sort_count (ctx) > 0) ++ addrsort (ctx, host_data->h_addr_ptrs, haveanswer); ++ ++ if (result->h_name == NULL) ++ { ++ n = strlen (qname) + 1; /* For the \0. */ ++ if (n > linebuflen) ++ goto too_small; ++ if (n >= MAXHOSTNAMELEN) ++ goto no_recovery; ++ result->h_name = bp; ++ bp = __mempcpy (bp, qname, n); /* Cannot overflow. */ ++ linebuflen -= n; ++ } ++ ++ if (have_to_map) ++ if (map_v4v6_hostent (result, &bp, &linebuflen)) ++ goto too_small; ++ *h_errnop = NETDB_SUCCESS; ++ return NSS_STATUS_SUCCESS; ++ } ++ no_recovery: ++ *h_errnop = NO_RECOVERY; ++ *errnop = ENOENT; ++ /* Special case here: if the resolver sent a result but it only ++ contains a CNAME while we are looking for a T_A or T_AAAA record, ++ we fail with NOTFOUND instead of TRYAGAIN. */ ++ return ((qtype == T_A || qtype == T_AAAA) && ap != host_data->aliases ++ ? NSS_STATUS_NOTFOUND : NSS_STATUS_TRYAGAIN); ++} ++ ++static enum nss_status ++getanswer_ptr (const querybuf *answer, int anslen, const char *qname, ++ struct hostent *result, char *buffer, size_t buflen, ++ int *errnop, int *h_errnop, int32_t *ttlp) ++{ ++ struct host_data ++ { ++ char *aliases[MAX_NR_ALIASES]; ++ unsigned char host_addr[16]; /* IPv4 or IPv6 */ ++ char *h_addr_ptrs[0]; ++ } *host_data; ++ int linebuflen; ++ const HEADER *hp; ++ const u_char *end_of_message, *cp; ++ int n, ancount, qdcount; ++ int haveanswer, had_error; ++ char *bp, **ap, **hap; ++ char tbuf[MAXDNAME]; ++ const char *tname; ++ u_char packtmp[NS_MAXCDNAME]; ++ uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data); ++ buffer += pad; ++ buflen = buflen > pad ? buflen - pad : 0; ++ if (__glibc_unlikely (buflen < sizeof (struct host_data))) ++ { ++ /* The buffer is too small. */ ++ too_small: ++ *errnop = ERANGE; ++ *h_errnop = NETDB_INTERNAL; ++ return NSS_STATUS_TRYAGAIN; ++ } ++ host_data = (struct host_data *) buffer; ++ linebuflen = buflen - sizeof (struct host_data); ++ if (buflen - sizeof (struct host_data) != linebuflen) ++ linebuflen = INT_MAX; ++ ++ tname = qname; ++ result->h_name = NULL; ++ end_of_message = answer->buf + anslen; ++ ++ /* ++ * find first satisfactory answer ++ */ ++ hp = &answer->hdr; ++ ancount = ntohs (hp->ancount); ++ qdcount = ntohs (hp->qdcount); ++ cp = answer->buf + HFIXEDSZ; ++ if (__glibc_unlikely (qdcount != 1)) ++ { ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; ++ } ++ if (sizeof (struct host_data) + (ancount + 1) * sizeof (char *) >= buflen) ++ goto too_small; ++ bp = (char *) &host_data->h_addr_ptrs[ancount + 1]; ++ linebuflen -= (ancount + 1) * sizeof (char *); ++ ++ n = __ns_name_unpack (answer->buf, end_of_message, cp, ++ packtmp, sizeof packtmp); ++ if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1) ++ { ++ if (__glibc_unlikely (errno == EMSGSIZE)) ++ goto too_small; ++ ++ n = -1; ++ } ++ ++ if (__glibc_unlikely (n < 0)) ++ { ++ *errnop = errno; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; ++ } ++ if (__glibc_unlikely (__libc_res_dnok (bp) == 0)) ++ { ++ errno = EBADMSG; ++ *errnop = EBADMSG; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; ++ } ++ cp += n + QFIXEDSZ; ++ ++ ap = host_data->aliases; ++ *ap = NULL; ++ result->h_aliases = host_data->aliases; ++ hap = host_data->h_addr_ptrs; ++ *hap = NULL; ++ result->h_addr_list = host_data->h_addr_ptrs; ++ haveanswer = 0; ++ had_error = 0; ++ ++ while (ancount-- > 0 && cp < end_of_message && had_error == 0) ++ { ++ int type, class; ++ ++ n = __ns_name_unpack (answer->buf, end_of_message, cp, ++ packtmp, sizeof packtmp); ++ if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1) ++ { ++ if (__glibc_unlikely (errno == EMSGSIZE)) ++ goto too_small; ++ ++ n = -1; ++ } ++ ++ if (__glibc_unlikely (n < 0 || __libc_res_dnok (bp) == 0)) ++ { ++ ++had_error; ++ continue; ++ } ++ cp += n; /* name */ ++ ++ if (__glibc_unlikely (cp + 10 > end_of_message)) ++ { ++ ++had_error; ++ continue; ++ } ++ ++ NS_GET16 (type, cp); ++ NS_GET16 (class, cp); ++ int32_t ttl; ++ NS_GET32 (ttl, cp); ++ NS_GET16 (n, cp); /* RDATA length. */ ++ ++ if (end_of_message - cp < n) ++ { ++ /* RDATA extends beyond the end of the packet. */ ++ ++had_error; ++ continue; ++ } ++ ++ if (__glibc_unlikely (class != C_IN)) ++ { ++ /* XXX - debug? syslog? */ ++ cp += n; ++ continue; /* XXX - had_error++ ? */ ++ } ++ ++ if (type == T_CNAME) + { + /* A CNAME could also have a TTL entry. */ + if (ttlp != NULL && ttl < *ttlp) +@@ -886,14 +1127,6 @@ getanswer_r (struct resolv_context *ctx, + continue; + } + +- if (type == T_A && qtype == T_AAAA && map) +- have_to_map = 1; +- else if (__glibc_unlikely (type != qtype)) +- { +- cp += n; +- continue; /* XXX - had_error++ ? */ +- } +- + switch (type) + { + case T_PTR: +@@ -955,8 +1188,6 @@ getanswer_r (struct resolv_context *ctx, + TTL in the chain. */ + if (ttlp != NULL && ttl < *ttlp) + *ttlp = ttl; +- if (canonp != NULL) +- *canonp = bp; + result->h_name = bp; + nn = strlen (bp) + 1; /* for the \0 */ + bp += nn; +@@ -983,7 +1214,8 @@ getanswer_r (struct resolv_context *ctx, + linebuflen -= n; + break; + default: +- abort (); ++ cp += n; ++ continue; /* XXX - had_error++ ? */ + } + if (had_error == 0) + ++haveanswer; +@@ -993,14 +1225,6 @@ getanswer_r (struct resolv_context *ctx, + { + *ap = NULL; + *hap = NULL; +- /* +- * Note: we sort even if host can take only one address +- * in its return structures - should give it the "best" +- * address in that case, not some random one +- */ +- if (haveanswer > 1 && qtype == T_A +- && __resolv_context_sort_count (ctx) > 0) +- addrsort (ctx, host_data->h_addr_ptrs, haveanswer); + + if (result->h_name == NULL) + { +@@ -1014,23 +1238,15 @@ getanswer_r (struct resolv_context *ctx, + linebuflen -= n; + } + +- if (have_to_map) +- if (map_v4v6_hostent (result, &bp, &linebuflen)) +- goto too_small; + *h_errnop = NETDB_SUCCESS; + return NSS_STATUS_SUCCESS; + } + no_recovery: + *h_errnop = NO_RECOVERY; + *errnop = ENOENT; +- /* Special case here: if the resolver sent a result but it only +- contains a CNAME while we are looking for a T_A or T_AAAA record, +- we fail with NOTFOUND instead of TRYAGAIN. */ +- return ((qtype == T_A || qtype == T_AAAA) && ap != host_data->aliases +- ? NSS_STATUS_NOTFOUND : NSS_STATUS_TRYAGAIN); ++ return NSS_STATUS_TRYAGAIN; + } + +- + static enum nss_status + gaih_getanswer_slice (const querybuf *answer, int anslen, const char *qname, + struct gaih_addrtuple ***patp, +-- +2.19.1.6.gb485710b + diff --git a/0030-nss_dns-Rewrite-_nss_dns_gethostbyaddr2_r-and-getans.patch b/0030-nss_dns-Rewrite-_nss_dns_gethostbyaddr2_r-and-getans.patch new file mode 100644 index 0000000..1c1f358 --- /dev/null +++ b/0030-nss_dns-Rewrite-_nss_dns_gethostbyaddr2_r-and-getans.patch @@ -0,0 +1,513 @@ +From 77f523c473878ec0051582ef15161c6982879095 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 30/81] nss_dns: Rewrite _nss_dns_gethostbyaddr2_r and + getanswer_ptr + +The simplification takes advantage of the split from getanswer_r. +It fixes various aliases issues, and optimizes NSS buffer usage. +The new DNS packet parsing helpers are used, too. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit e32547d661a43da63368e488b6cfa9c53b4dcf92) +--- + resolv/nss_dns/dns-host.c | 405 ++++++++++---------------------------- + 1 file changed, 102 insertions(+), 303 deletions(-) + +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c +index d384e1f82d..cd26399b7e 100644 +--- a/resolv/nss_dns/dns-host.c ++++ b/resolv/nss_dns/dns-host.c +@@ -69,6 +69,7 @@ + * --Copyright-- + */ + ++#include + #include + #include + #include +@@ -116,10 +117,9 @@ static enum nss_status getanswer_r (struct resolv_context *ctx, + struct hostent *result, char *buffer, + size_t buflen, int *errnop, int *h_errnop, + int map, int32_t *ttlp, char **canonp); +-static enum nss_status getanswer_ptr (const querybuf *answer, int anslen, +- const char *qname, +- struct hostent *result, char *buffer, +- size_t buflen, int *errnop, ++static enum nss_status getanswer_ptr (unsigned char *packet, size_t packetlen, ++ struct alloc_buffer *abuf, ++ char **hnamep, int *errnop, + int *h_errnop, int32_t *ttlp); + + static enum nss_status gaih_getanswer (const querybuf *answer1, int anslen1, +@@ -456,36 +456,21 @@ _nss_dns_gethostbyaddr2_r (const void *addr, socklen_t len, int af, + static const u_char tunnelled[] = { 0,0, 0,0, 0,0, 0,0, 0,0, 0,0 }; + static const u_char v6local[] = { 0,0, 0,1 }; + const u_char *uaddr = (const u_char *)addr; +- struct host_data +- { +- char *aliases[MAX_NR_ALIASES]; +- unsigned char host_addr[16]; /* IPv4 or IPv6 */ +- char *h_addr_ptrs[MAX_NR_ADDRS + 1]; +- char linebuffer[0]; +- } *host_data = (struct host_data *) buffer; +- union +- { +- querybuf *buf; +- u_char *ptr; +- } host_buffer; +- querybuf *orig_host_buffer; + char qbuf[MAXDNAME+1], *qp = NULL; + size_t size; + int n, status; + int olderr = errno; + +- uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data); +- buffer += pad; +- buflen = buflen > pad ? buflen - pad : 0; +- +- if (__glibc_unlikely (buflen < sizeof (struct host_data))) +- { +- *errnop = ERANGE; +- *h_errnop = NETDB_INTERNAL; +- return NSS_STATUS_TRYAGAIN; +- } +- +- host_data = (struct host_data *) buffer; ++ /* Prepare the allocation buffer. Store the pointer array first, to ++ benefit from buffer alignment. */ ++ struct alloc_buffer abuf = alloc_buffer_create (buffer, buflen); ++ char **address_array = alloc_buffer_alloc_array (&abuf, char *, 2); ++ if (address_array == NULL) ++ { ++ *errnop = ERANGE; ++ *h_errnop = NETDB_INTERNAL; ++ return NSS_STATUS_TRYAGAIN; ++ } + + struct resolv_context *ctx = __resolv_context_get (); + if (ctx == NULL) +@@ -529,8 +514,6 @@ _nss_dns_gethostbyaddr2_r (const void *addr, socklen_t len, int af, + return NSS_STATUS_UNAVAIL; + } + +- host_buffer.buf = orig_host_buffer = (querybuf *) alloca (1024); +- + switch (af) + { + case AF_INET: +@@ -554,35 +537,52 @@ _nss_dns_gethostbyaddr2_r (const void *addr, socklen_t len, int af, + break; + } + +- n = __res_context_query (ctx, qbuf, C_IN, T_PTR, host_buffer.buf->buf, +- 1024, &host_buffer.ptr, NULL, NULL, NULL, NULL); ++ unsigned char dns_packet_buffer[1024]; ++ unsigned char *alt_dns_packet_buffer = dns_packet_buffer; ++ n = __res_context_query (ctx, qbuf, C_IN, T_PTR, ++ dns_packet_buffer, sizeof (dns_packet_buffer), ++ &alt_dns_packet_buffer, ++ NULL, NULL, NULL, NULL); + if (n < 0) + { + *h_errnop = h_errno; + __set_errno (olderr); +- if (host_buffer.buf != orig_host_buffer) +- free (host_buffer.buf); ++ if (alt_dns_packet_buffer != dns_packet_buffer) ++ free (alt_dns_packet_buffer); + __resolv_context_put (ctx); + return errno == ECONNREFUSED ? NSS_STATUS_UNAVAIL : NSS_STATUS_NOTFOUND; + } + +- status = getanswer_ptr (host_buffer.buf, n, qbuf, result, +- buffer, buflen, errnop, h_errnop, ttlp); +- if (host_buffer.buf != orig_host_buffer) +- free (host_buffer.buf); ++ status = getanswer_ptr (alt_dns_packet_buffer, n, ++ &abuf, &result->h_name, errnop, h_errnop, ttlp); ++ ++ if (alt_dns_packet_buffer != dns_packet_buffer) ++ free (alt_dns_packet_buffer); ++ __resolv_context_put (ctx); ++ + if (status != NSS_STATUS_SUCCESS) +- { +- __resolv_context_put (ctx); +- return status; +- } ++ return status; + ++ /* result->h_name has already been set by getanswer_ptr. */ + result->h_addrtype = af; + result->h_length = len; +- memcpy (host_data->host_addr, addr, len); +- host_data->h_addr_ptrs[0] = (char *) host_data->host_addr; +- host_data->h_addr_ptrs[1] = NULL; ++ /* Increase the alignment to 4, in case there are applications out ++ there that expect at least this level of address alignment. */ ++ address_array[0] = (char *) alloc_buffer_next (&abuf, uint32_t); ++ alloc_buffer_copy_bytes (&abuf, uaddr, len); ++ address_array[1] = NULL; ++ ++ /* This check also covers allocation failure in getanswer_ptr. */ ++ if (alloc_buffer_has_failed (&abuf)) ++ { ++ *errnop = ERANGE; ++ *h_errnop = NETDB_INTERNAL; ++ return NSS_STATUS_TRYAGAIN; ++ } ++ result->h_addr_list = address_array; ++ result->h_aliases = &address_array[1]; /* Points to NULL. */ ++ + *h_errnop = NETDB_SUCCESS; +- __resolv_context_put (ctx); + return NSS_STATUS_SUCCESS; + } + libc_hidden_def (_nss_dns_gethostbyaddr2_r) +@@ -961,287 +961,86 @@ getanswer_r (struct resolv_context *ctx, + } + + static enum nss_status +-getanswer_ptr (const querybuf *answer, int anslen, const char *qname, +- struct hostent *result, char *buffer, size_t buflen, ++getanswer_ptr (unsigned char *packet, size_t packetlen, ++ struct alloc_buffer *abuf, char **hnamep, + int *errnop, int *h_errnop, int32_t *ttlp) + { +- struct host_data +- { +- char *aliases[MAX_NR_ALIASES]; +- unsigned char host_addr[16]; /* IPv4 or IPv6 */ +- char *h_addr_ptrs[0]; +- } *host_data; +- int linebuflen; +- const HEADER *hp; +- const u_char *end_of_message, *cp; +- int n, ancount, qdcount; +- int haveanswer, had_error; +- char *bp, **ap, **hap; +- char tbuf[MAXDNAME]; +- const char *tname; +- u_char packtmp[NS_MAXCDNAME]; +- uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data); +- buffer += pad; +- buflen = buflen > pad ? buflen - pad : 0; +- if (__glibc_unlikely (buflen < sizeof (struct host_data))) +- { +- /* The buffer is too small. */ +- too_small: +- *errnop = ERANGE; +- *h_errnop = NETDB_INTERNAL; +- return NSS_STATUS_TRYAGAIN; +- } +- host_data = (struct host_data *) buffer; +- linebuflen = buflen - sizeof (struct host_data); +- if (buflen - sizeof (struct host_data) != linebuflen) +- linebuflen = INT_MAX; +- +- tname = qname; +- result->h_name = NULL; +- end_of_message = answer->buf + anslen; +- +- /* +- * find first satisfactory answer +- */ +- hp = &answer->hdr; +- ancount = ntohs (hp->ancount); +- qdcount = ntohs (hp->qdcount); +- cp = answer->buf + HFIXEDSZ; +- if (__glibc_unlikely (qdcount != 1)) +- { +- *h_errnop = NO_RECOVERY; +- return NSS_STATUS_UNAVAIL; +- } +- if (sizeof (struct host_data) + (ancount + 1) * sizeof (char *) >= buflen) +- goto too_small; +- bp = (char *) &host_data->h_addr_ptrs[ancount + 1]; +- linebuflen -= (ancount + 1) * sizeof (char *); +- +- n = __ns_name_unpack (answer->buf, end_of_message, cp, +- packtmp, sizeof packtmp); +- if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1) ++ struct ns_rr_cursor c; ++ if (!__ns_rr_cursor_init (&c, packet, packetlen)) + { +- if (__glibc_unlikely (errno == EMSGSIZE)) +- goto too_small; +- +- n = -1; +- } +- +- if (__glibc_unlikely (n < 0)) +- { +- *errnop = errno; +- *h_errnop = NO_RECOVERY; +- return NSS_STATUS_UNAVAIL; +- } +- if (__glibc_unlikely (__libc_res_dnok (bp) == 0)) +- { +- errno = EBADMSG; +- *errnop = EBADMSG; ++ /* This should not happen because __res_context_query already ++ perfroms response validation. */ + *h_errnop = NO_RECOVERY; + return NSS_STATUS_UNAVAIL; + } +- cp += n + QFIXEDSZ; ++ int ancount = ns_rr_cursor_ancount (&c); ++ const unsigned char *expected_name = ns_rr_cursor_qname (&c); ++ /* expected_name may be updated to point into this buffer. */ ++ unsigned char name_buffer[NS_MAXCDNAME]; + +- ap = host_data->aliases; +- *ap = NULL; +- result->h_aliases = host_data->aliases; +- hap = host_data->h_addr_ptrs; +- *hap = NULL; +- result->h_addr_list = host_data->h_addr_ptrs; +- haveanswer = 0; +- had_error = 0; +- +- while (ancount-- > 0 && cp < end_of_message && had_error == 0) ++ while (ancount > 0) + { +- int type, class; +- +- n = __ns_name_unpack (answer->buf, end_of_message, cp, +- packtmp, sizeof packtmp); +- if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1) ++ struct ns_rr_wire rr; ++ if (!__ns_rr_cursor_next (&c, &rr)) + { +- if (__glibc_unlikely (errno == EMSGSIZE)) +- goto too_small; +- +- n = -1; +- } +- +- if (__glibc_unlikely (n < 0 || __libc_res_dnok (bp) == 0)) +- { +- ++had_error; +- continue; +- } +- cp += n; /* name */ +- +- if (__glibc_unlikely (cp + 10 > end_of_message)) +- { +- ++had_error; +- continue; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; + } + +- NS_GET16 (type, cp); +- NS_GET16 (class, cp); +- int32_t ttl; +- NS_GET32 (ttl, cp); +- NS_GET16 (n, cp); /* RDATA length. */ ++ /* Skip over records with the wrong class. */ ++ if (rr.rclass != C_IN) ++ continue; + +- if (end_of_message - cp < n) +- { +- /* RDATA extends beyond the end of the packet. */ +- ++had_error; +- continue; +- } +- +- if (__glibc_unlikely (class != C_IN)) +- { +- /* XXX - debug? syslog? */ +- cp += n; +- continue; /* XXX - had_error++ ? */ +- } ++ /* Update TTL for known record types. */ ++ if ((rr.rtype == T_CNAME || rr.rtype == T_PTR) ++ && ttlp != NULL && *ttlp > rr.ttl) ++ *ttlp = rr.ttl; + +- if (type == T_CNAME) ++ if (rr.rtype == T_CNAME) + { +- /* A CNAME could also have a TTL entry. */ +- if (ttlp != NULL && ttl < *ttlp) +- *ttlp = ttl; +- +- n = __libc_dn_expand (answer->buf, end_of_message, cp, +- tbuf, sizeof tbuf); +- if (__glibc_unlikely (n < 0 || __libc_res_dnok (tbuf) == 0)) +- { +- ++had_error; +- continue; +- } +- cp += n; +- /* Get canonical name. */ +- n = strlen (tbuf) + 1; /* For the \0. */ +- if (__glibc_unlikely (n > linebuflen)) +- goto too_small; +- if (__glibc_unlikely (n >= MAXHOSTNAMELEN)) ++ /* NB: No check for owner name match, based on historic ++ precedent. Record the CNAME target as the new expected ++ name. */ ++ int n = __ns_name_unpack (c.begin, c.end, rr.rdata, ++ name_buffer, sizeof (name_buffer)); ++ if (n < 0) + { +- ++had_error; +- continue; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; + } +- tname = bp; +- bp = __mempcpy (bp, tbuf, n); /* Cannot overflow. */ +- linebuflen -= n; +- continue; ++ expected_name = name_buffer; + } +- +- switch (type) ++ else if (rr.rtype == T_PTR ++ && __ns_samebinaryname (rr.rname, expected_name)) + { +- case T_PTR: +- if (__glibc_unlikely (__strcasecmp (tname, bp) != 0)) +- { +- cp += n; +- continue; /* XXX - had_error++ ? */ +- } +- +- n = __ns_name_unpack (answer->buf, end_of_message, cp, +- packtmp, sizeof packtmp); +- if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1) +- { +- if (__glibc_unlikely (errno == EMSGSIZE)) +- goto too_small; +- +- n = -1; +- } +- +- if (__glibc_unlikely (n < 0 || __libc_res_hnok (bp) == 0)) ++ /* Decompress the target of the PTR record. This is the ++ host name we are looking for. We can only use it if it ++ is syntactically valid. Historically, only one host name ++ is returned here. If the recursive resolver performs DNS ++ record rotation, the returned host name is essentially ++ random, which is why multiple PTR records are rarely ++ used. Use MAXHOSTNAMELEN instead of NS_MAXCDNAME for ++ additional length checking. */ ++ char hname[MAXHOSTNAMELEN + 1]; ++ if (__ns_name_unpack (c.begin, c.end, rr.rdata, ++ name_buffer, sizeof (name_buffer)) < 0 ++ || !__res_binary_hnok (expected_name) ++ || __ns_name_ntop (name_buffer, hname, sizeof (hname)) < 0) + { +- ++had_error; +- break; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; + } +- if (ttlp != NULL && ttl < *ttlp) +- *ttlp = ttl; +- /* bind would put multiple PTR records as aliases, but we don't do +- that. */ +- result->h_name = bp; +- *h_errnop = NETDB_SUCCESS; ++ /* Successful allocation is checked by the caller. */ ++ *hnamep = alloc_buffer_copy_string (abuf, hname); + return NSS_STATUS_SUCCESS; +- case T_A: +- case T_AAAA: +- if (__glibc_unlikely (__strcasecmp (result->h_name, bp) != 0)) +- { +- cp += n; +- continue; /* XXX - had_error++ ? */ +- } +- +- /* Stop parsing at a record whose length is incorrect. */ +- if (n != rrtype_to_rdata_length (type)) +- { +- ++had_error; +- break; +- } +- +- /* Skip records of the wrong type. */ +- if (n != result->h_length) +- { +- cp += n; +- continue; +- } +- if (!haveanswer) +- { +- int nn; +- +- /* We compose a single hostent out of the entire chain of +- entries, so the TTL of the hostent is essentially the lowest +- TTL in the chain. */ +- if (ttlp != NULL && ttl < *ttlp) +- *ttlp = ttl; +- result->h_name = bp; +- nn = strlen (bp) + 1; /* for the \0 */ +- bp += nn; +- linebuflen -= nn; +- } +- +- /* Provide sufficient alignment for both address +- families. */ +- enum { align = 4 }; +- _Static_assert ((align % __alignof__ (struct in_addr)) == 0, +- "struct in_addr alignment"); +- _Static_assert ((align % __alignof__ (struct in6_addr)) == 0, +- "struct in6_addr alignment"); +- { +- char *new_bp = PTR_ALIGN_UP (bp, align); +- linebuflen -= new_bp - bp; +- bp = new_bp; +- } +- +- if (__glibc_unlikely (n > linebuflen)) +- goto too_small; +- bp = __mempcpy (*hap++ = bp, cp, n); +- cp += n; +- linebuflen -= n; +- break; +- default: +- cp += n; +- continue; /* XXX - had_error++ ? */ + } +- if (had_error == 0) +- ++haveanswer; + } + +- if (haveanswer > 0) +- { +- *ap = NULL; +- *hap = NULL; +- +- if (result->h_name == NULL) +- { +- n = strlen (qname) + 1; /* For the \0. */ +- if (n > linebuflen) +- goto too_small; +- if (n >= MAXHOSTNAMELEN) +- goto no_recovery; +- result->h_name = bp; +- bp = __mempcpy (bp, qname, n); /* Cannot overflow. */ +- linebuflen -= n; +- } ++ /* No PTR record found. */ ++ if (ttlp != NULL) ++ /* No caching of negative responses. */ ++ *ttlp = 0; + +- *h_errnop = NETDB_SUCCESS; +- return NSS_STATUS_SUCCESS; +- } +- no_recovery: + *h_errnop = NO_RECOVERY; + *errnop = ENOENT; + return NSS_STATUS_TRYAGAIN; +-- +2.19.1.6.gb485710b + diff --git a/0031-nss_dns-Remove-remnants-of-IPv6-address-mapping.patch b/0031-nss_dns-Remove-remnants-of-IPv6-address-mapping.patch new file mode 100644 index 0000000..374d755 --- /dev/null +++ b/0031-nss_dns-Remove-remnants-of-IPv6-address-mapping.patch @@ -0,0 +1,321 @@ +From 5165080fec63a1f03aa1985b77bca300465bf570 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 31/81] nss_dns: Remove remnants of IPv6 address mapping + +res_use_inet6 always returns false since commit 3f8b44be0a658266adff5 +("resolv: Remove support for RES_USE_INET6 and the inet6 option"). + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit a7fc30b522a0cd7c8c5e7e285b9531b704e02f04) +--- + resolv/README | 3 -- + resolv/mapv4v6addr.h | 69 -------------------------------- + resolv/mapv4v6hostent.h | 84 --------------------------------------- + resolv/nss_dns/dns-host.c | 54 +++++-------------------- + 4 files changed, 9 insertions(+), 201 deletions(-) + delete mode 100644 resolv/mapv4v6addr.h + delete mode 100644 resolv/mapv4v6hostent.h + +diff --git a/resolv/README b/resolv/README +index 514e9bb617..2146bc3b27 100644 +--- a/resolv/README ++++ b/resolv/README +@@ -146,6 +146,3 @@ res_libc.c is home-brewn, although parts of it are taken from res_data.c. + + res_hconf.c and res_hconf.h were contributed by David Mosberger, and + do not come from BIND. +- +-The files gethnamaddr.c, mapv4v6addr.h and mapv4v6hostent.h are +-leftovers from BIND 4.9.7. +diff --git a/resolv/mapv4v6addr.h b/resolv/mapv4v6addr.h +deleted file mode 100644 +index 7f85f7d5e3..0000000000 +--- a/resolv/mapv4v6addr.h ++++ /dev/null +@@ -1,69 +0,0 @@ +-/* +- * ++Copyright++ 1985, 1988, 1993 +- * - +- * Copyright (c) 1985, 1988, 1993 +- * The Regents of the University of California. All rights reserved. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * 1. Redistributions of source code must retain the above copyright +- * notice, this list of conditions and the following disclaimer. +- * 2. Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in the +- * documentation and/or other materials provided with the distribution. +- * 4. Neither the name of the University nor the names of its contributors +- * may be used to endorse or promote products derived from this software +- * without specific prior written permission. +- * +- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +- * SUCH DAMAGE. +- * - +- * Portions Copyright (c) 1993 by Digital Equipment Corporation. +- * +- * Permission to use, copy, modify, and distribute this software for any +- * purpose with or without fee is hereby granted, provided that the above +- * copyright notice and this permission notice appear in all copies, and that +- * the name of Digital Equipment Corporation not be used in advertising or +- * publicity pertaining to distribution of the document or software without +- * specific, written prior permission. +- * +- * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL +- * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES +- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT +- * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL +- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR +- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS +- * SOFTWARE. +- * - +- * --Copyright-- +- */ +- +-#include +-#include +- +-static void +-map_v4v6_address (const char *src, char *dst) +-{ +- u_char *p = (u_char *) dst; +- int i; +- +- /* Move the IPv4 part to the right position. */ +- memcpy (dst + 12, src, INADDRSZ); +- +- /* Mark this ipv6 addr as a mapped ipv4. */ +- for (i = 0; i < 10; i++) +- *p++ = 0x00; +- *p++ = 0xff; +- *p = 0xff; +-} +diff --git a/resolv/mapv4v6hostent.h b/resolv/mapv4v6hostent.h +deleted file mode 100644 +index c11038adf3..0000000000 +--- a/resolv/mapv4v6hostent.h ++++ /dev/null +@@ -1,84 +0,0 @@ +-/* +- * ++Copyright++ 1985, 1988, 1993 +- * - +- * Copyright (c) 1985, 1988, 1993 +- * The Regents of the University of California. All rights reserved. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * 1. Redistributions of source code must retain the above copyright +- * notice, this list of conditions and the following disclaimer. +- * 2. Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in the +- * documentation and/or other materials provided with the distribution. +- * 4. Neither the name of the University nor the names of its contributors +- * may be used to endorse or promote products derived from this software +- * without specific prior written permission. +- * +- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +- * SUCH DAMAGE. +- * - +- * Portions Copyright (c) 1993 by Digital Equipment Corporation. +- * +- * Permission to use, copy, modify, and distribute this software for any +- * purpose with or without fee is hereby granted, provided that the above +- * copyright notice and this permission notice appear in all copies, and that +- * the name of Digital Equipment Corporation not be used in advertising or +- * publicity pertaining to distribution of the document or software without +- * specific, written prior permission. +- * +- * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL +- * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES +- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT +- * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL +- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR +- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS +- * SOFTWARE. +- * - +- * --Copyright-- +- */ +- +-#include +-#include +- +-typedef union { +- int32_t al; +- char ac; +-} align; +- +-static int +-map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp) +-{ +- char **ap; +- +- if (hp->h_addrtype != AF_INET || hp->h_length != INADDRSZ) +- return 0; +- hp->h_addrtype = AF_INET6; +- hp->h_length = IN6ADDRSZ; +- for (ap = hp->h_addr_list; *ap; ap++) +- { +- int i = sizeof (align) - ((u_long) *bpp % sizeof (align)); +- +- if (*lenp < (i + IN6ADDRSZ)) +- /* Out of memory. */ +- return 1; +- *bpp += i; +- *lenp -= i; +- map_v4v6_address (*ap, *bpp); +- *ap = *bpp; +- *bpp += IN6ADDRSZ; +- *lenp -= IN6ADDRSZ; +- } +- return 0; +-} +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c +index cd26399b7e..8e38583e15 100644 +--- a/resolv/nss_dns/dns-host.c ++++ b/resolv/nss_dns/dns-host.c +@@ -87,10 +87,6 @@ + #include + #include + +-/* Get implementations of some internal functions. */ +-#include +-#include +- + #define RESOLVSORT + + #if PACKETSZ > 65536 +@@ -116,7 +112,7 @@ static enum nss_status getanswer_r (struct resolv_context *ctx, + const char *qname, int qtype, + struct hostent *result, char *buffer, + size_t buflen, int *errnop, int *h_errnop, +- int map, int32_t *ttlp, char **canonp); ++ int32_t *ttlp, char **canonp); + static enum nss_status getanswer_ptr (unsigned char *packet, size_t packetlen, + struct alloc_buffer *abuf, + char **hnamep, int *errnop, +@@ -197,7 +193,6 @@ gethostbyname3_context (struct resolv_context *ctx, + char tmp[NS_MAXDNAME]; + int size, type, n; + const char *cp; +- int map = 0; + int olderr = errno; + enum nss_status status; + +@@ -258,32 +253,12 @@ gethostbyname3_context (struct resolv_context *ctx, + *errnop = EAGAIN; + else + __set_errno (olderr); +- +- /* If we are looking for an IPv6 address and mapping is enabled +- by having the RES_USE_INET6 bit in _res.options set, we try +- another lookup. */ +- if (af == AF_INET6 && res_use_inet6 ()) +- n = __res_context_search (ctx, name, C_IN, T_A, host_buffer.buf->buf, +- host_buffer.buf != orig_host_buffer +- ? MAXPACKET : 1024, &host_buffer.ptr, +- NULL, NULL, NULL, NULL); +- +- if (n < 0) +- { +- if (host_buffer.buf != orig_host_buffer) +- free (host_buffer.buf); +- return status; +- } +- +- map = 1; +- +- result->h_addrtype = AF_INET; +- result->h_length = INADDRSZ; + } ++ else ++ status = getanswer_r ++ (ctx, host_buffer.buf, n, name, type, result, buffer, buflen, ++ errnop, h_errnop, ttlp, canonp); + +- status = getanswer_r +- (ctx, host_buffer.buf, n, name, type, result, buffer, buflen, +- errnop, h_errnop, map, ttlp, canonp); + if (host_buffer.buf != orig_host_buffer) + free (host_buffer.buf); + return status; +@@ -329,13 +304,8 @@ _nss_dns_gethostbyname_r (const char *name, struct hostent *result, + *h_errnop = NETDB_INTERNAL; + return NSS_STATUS_UNAVAIL; + } +- status = NSS_STATUS_NOTFOUND; +- if (res_use_inet6 ()) +- status = gethostbyname3_context (ctx, name, AF_INET6, result, buffer, +- buflen, errnop, h_errnop, NULL, NULL); +- if (status == NSS_STATUS_NOTFOUND) +- status = gethostbyname3_context (ctx, name, AF_INET, result, buffer, +- buflen, errnop, h_errnop, NULL, NULL); ++ status = gethostbyname3_context (ctx, name, AF_INET, result, buffer, ++ buflen, errnop, h_errnop, NULL, NULL); + __resolv_context_put (ctx); + return status; + } +@@ -648,7 +618,7 @@ static enum nss_status + getanswer_r (struct resolv_context *ctx, + const querybuf *answer, int anslen, const char *qname, int qtype, + struct hostent *result, char *buffer, size_t buflen, +- int *errnop, int *h_errnop, int map, int32_t *ttlp, char **canonp) ++ int *errnop, int *h_errnop, int32_t *ttlp, char **canonp) + { + struct host_data + { +@@ -664,7 +634,6 @@ getanswer_r (struct resolv_context *ctx, + char *bp, **ap, **hap; + char tbuf[MAXDNAME]; + u_char packtmp[NS_MAXCDNAME]; +- int have_to_map = 0; + uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data); + buffer += pad; + buflen = buflen > pad ? buflen - pad : 0; +@@ -845,9 +814,7 @@ getanswer_r (struct resolv_context *ctx, + continue; + } + +- if (type == T_A && qtype == T_AAAA && map) +- have_to_map = 1; +- else if (__glibc_unlikely (type != qtype)) ++ if (__glibc_unlikely (type != qtype)) + { + cp += n; + continue; /* XXX - had_error++ ? */ +@@ -944,9 +911,6 @@ getanswer_r (struct resolv_context *ctx, + linebuflen -= n; + } + +- if (have_to_map) +- if (map_v4v6_hostent (result, &bp, &linebuflen)) +- goto too_small; + *h_errnop = NETDB_SUCCESS; + return NSS_STATUS_SUCCESS; + } +-- +2.19.1.6.gb485710b + diff --git a/0032-nss_dns-Rewrite-getanswer_r-to-match-getanswer_ptr-b.patch b/0032-nss_dns-Rewrite-getanswer_r-to-match-getanswer_ptr-b.patch new file mode 100644 index 0000000..a3028fb --- /dev/null +++ b/0032-nss_dns-Rewrite-getanswer_r-to-match-getanswer_ptr-b.patch @@ -0,0 +1,571 @@ +From 78c8ef21fa54e994451d5b42ead6080d99a88a49 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 32/81] nss_dns: Rewrite getanswer_r to match getanswer_ptr + (bug 12154, bug 29305) + +Allocate the pointer arrays only at the end, when their sizes +are known. This addresses bug 29305. + +Skip over invalid names instead of failing lookups. This partially +fixes bug 12154 (for gethostbyname, fixing getaddrinfo requires +different changes). + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit d101d836e7e4bd1d4e4972b0e0bd0a55c9b650fa) +--- + resolv/nss_dns/dns-host.c | 478 ++++++++++++++------------------------ + 1 file changed, 180 insertions(+), 298 deletions(-) + +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c +index 8e38583e15..b887e77e9c 100644 +--- a/resolv/nss_dns/dns-host.c ++++ b/resolv/nss_dns/dns-host.c +@@ -107,12 +107,19 @@ typedef union querybuf + u_char buf[MAXPACKET]; + } querybuf; + +-static enum nss_status getanswer_r (struct resolv_context *ctx, +- const querybuf *answer, int anslen, +- const char *qname, int qtype, +- struct hostent *result, char *buffer, +- size_t buflen, int *errnop, int *h_errnop, +- int32_t *ttlp, char **canonp); ++/* For historic reasons, pointers to IP addresses are char *, so use a ++ single list type for addresses and host names. */ ++#define DYNARRAY_STRUCT ptrlist ++#define DYNARRAY_ELEMENT char * ++#define DYNARRAY_PREFIX ptrlist_ ++#include ++ ++static enum nss_status getanswer_r (unsigned char *packet, size_t packetlen, ++ uint16_t qtype, struct alloc_buffer *abuf, ++ struct ptrlist *addresses, ++ struct ptrlist *aliases, ++ int *errnop, int *h_errnop, int32_t *ttlp); ++static void addrsort (struct resolv_context *ctx, char **ap, int num); + static enum nss_status getanswer_ptr (unsigned char *packet, size_t packetlen, + struct alloc_buffer *abuf, + char **hnamep, int *errnop, +@@ -184,12 +191,6 @@ gethostbyname3_context (struct resolv_context *ctx, + char *buffer, size_t buflen, int *errnop, + int *h_errnop, int32_t *ttlp, char **canonp) + { +- union +- { +- querybuf *buf; +- u_char *ptr; +- } host_buffer; +- querybuf *orig_host_buffer; + char tmp[NS_MAXDNAME]; + int size, type, n; + const char *cp; +@@ -223,10 +224,12 @@ gethostbyname3_context (struct resolv_context *ctx, + && (cp = __res_context_hostalias (ctx, name, tmp, sizeof (tmp))) != NULL) + name = cp; + +- host_buffer.buf = orig_host_buffer = (querybuf *) alloca (1024); ++ unsigned char dns_packet_buffer[1024]; ++ unsigned char *alt_dns_packet_buffer = dns_packet_buffer; + +- n = __res_context_search (ctx, name, C_IN, type, host_buffer.buf->buf, +- 1024, &host_buffer.ptr, NULL, NULL, NULL, NULL); ++ n = __res_context_search (ctx, name, C_IN, type, ++ dns_packet_buffer, sizeof (dns_packet_buffer), ++ &alt_dns_packet_buffer, NULL, NULL, NULL, NULL); + if (n < 0) + { + switch (errno) +@@ -255,12 +258,77 @@ gethostbyname3_context (struct resolv_context *ctx, + __set_errno (olderr); + } + else +- status = getanswer_r +- (ctx, host_buffer.buf, n, name, type, result, buffer, buflen, +- errnop, h_errnop, ttlp, canonp); ++ { ++ struct alloc_buffer abuf = alloc_buffer_create (buffer, buflen); + +- if (host_buffer.buf != orig_host_buffer) +- free (host_buffer.buf); ++ struct ptrlist addresses; ++ ptrlist_init (&addresses); ++ struct ptrlist aliases; ++ ptrlist_init (&aliases); ++ ++ status = getanswer_r (alt_dns_packet_buffer, n, type, ++ &abuf, &addresses, &aliases, ++ errnop, h_errnop, ttlp); ++ if (status == NSS_STATUS_SUCCESS) ++ { ++ if (ptrlist_has_failed (&addresses) ++ || ptrlist_has_failed (&aliases)) ++ { ++ /* malloc failure. Do not retry using the ERANGE protocol. */ ++ *errnop = ENOMEM; ++ *h_errnop = NETDB_INTERNAL; ++ status = NSS_STATUS_UNAVAIL; ++ } ++ ++ /* Reserve the address and alias arrays in the result ++ buffer. Both are NULL-terminated, but the first element ++ of the alias array is stored in h_name, so no extra space ++ for the NULL terminator is needed there. */ ++ result->h_addr_list ++ = alloc_buffer_alloc_array (&abuf, char *, ++ ptrlist_size (&addresses) + 1); ++ result->h_aliases ++ = alloc_buffer_alloc_array (&abuf, char *, ++ ptrlist_size (&aliases)); ++ if (alloc_buffer_has_failed (&abuf)) ++ { ++ /* Retry using the ERANGE protocol. */ ++ *errnop = ERANGE; ++ *h_errnop = NETDB_INTERNAL; ++ status = NSS_STATUS_TRYAGAIN; ++ } ++ else ++ { ++ /* Copy the address list and NULL-terminate it. */ ++ memcpy (result->h_addr_list, ptrlist_begin (&addresses), ++ ptrlist_size (&addresses) * sizeof (char *)); ++ result->h_addr_list[ptrlist_size (&addresses)] = NULL; ++ ++ /* Sort the address list if requested. */ ++ if (type == T_A && __resolv_context_sort_count (ctx) > 0) ++ addrsort (ctx, result->h_addr_list, ptrlist_size (&addresses)); ++ ++ /* Copy the aliases, excluding the last one. */ ++ memcpy (result->h_aliases, ptrlist_begin (&aliases), ++ (ptrlist_size (&aliases) - 1) * sizeof (char *)); ++ result->h_aliases[ptrlist_size (&aliases) - 1] = NULL; ++ ++ /* The last alias goes into h_name. */ ++ assert (ptrlist_size (&aliases) >= 1); ++ result->h_name = ptrlist_end (&aliases)[-1]; ++ ++ /* This is also the canonical name. */ ++ if (canonp != NULL) ++ *canonp = result->h_name; ++ } ++ } ++ ++ ptrlist_free (&aliases); ++ ptrlist_free (&addresses); ++ } ++ ++ if (alt_dns_packet_buffer != dns_packet_buffer) ++ free (alt_dns_packet_buffer); + return status; + } + +@@ -614,314 +682,128 @@ addrsort (struct resolv_context *ctx, char **ap, int num) + break; + } + +-static enum nss_status +-getanswer_r (struct resolv_context *ctx, +- const querybuf *answer, int anslen, const char *qname, int qtype, +- struct hostent *result, char *buffer, size_t buflen, +- int *errnop, int *h_errnop, int32_t *ttlp, char **canonp) ++/* Convert the uncompressed, binary domain name CDNAME into its ++ textual representation and add it to the end of ALIASES, allocating ++ space for a copy of the name from ABUF. Skip adding the name if it ++ is not a valid host name, and return false in that case, otherwise ++ true. */ ++static bool ++getanswer_r_store_alias (const unsigned char *cdname, ++ struct alloc_buffer *abuf, ++ struct ptrlist *aliases) + { +- struct host_data +- { +- char *aliases[MAX_NR_ALIASES]; +- unsigned char host_addr[16]; /* IPv4 or IPv6 */ +- char *h_addr_ptrs[0]; +- } *host_data; +- int linebuflen; +- const HEADER *hp; +- const u_char *end_of_message, *cp; +- int n, ancount, qdcount; +- int haveanswer, had_error; +- char *bp, **ap, **hap; +- char tbuf[MAXDNAME]; +- u_char packtmp[NS_MAXCDNAME]; +- uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data); +- buffer += pad; +- buflen = buflen > pad ? buflen - pad : 0; +- if (__glibc_unlikely (buflen < sizeof (struct host_data))) +- { +- /* The buffer is too small. */ +- too_small: +- *errnop = ERANGE; +- *h_errnop = NETDB_INTERNAL; +- return NSS_STATUS_TRYAGAIN; +- } +- host_data = (struct host_data *) buffer; +- linebuflen = buflen - sizeof (struct host_data); +- if (buflen - sizeof (struct host_data) != linebuflen) +- linebuflen = INT_MAX; +- +- result->h_name = NULL; +- end_of_message = answer->buf + anslen; +- +- /* +- * find first satisfactory answer +- */ +- hp = &answer->hdr; +- ancount = ntohs (hp->ancount); +- qdcount = ntohs (hp->qdcount); +- cp = answer->buf + HFIXEDSZ; +- if (__glibc_unlikely (qdcount != 1)) +- { +- *h_errnop = NO_RECOVERY; +- return NSS_STATUS_UNAVAIL; +- } +- if (sizeof (struct host_data) + (ancount + 1) * sizeof (char *) >= buflen) +- goto too_small; +- bp = (char *) &host_data->h_addr_ptrs[ancount + 1]; +- linebuflen -= (ancount + 1) * sizeof (char *); +- +- n = __ns_name_unpack (answer->buf, end_of_message, cp, +- packtmp, sizeof packtmp); +- if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1) +- { +- if (__glibc_unlikely (errno == EMSGSIZE)) +- goto too_small; +- +- n = -1; +- } ++ /* Filter out domain names that are not host names. */ ++ if (!__res_binary_hnok (cdname)) ++ return false; ++ ++ /* Note: Not NS_MAXCDNAME, so that __ns_name_ntop implicitly checks ++ for length. */ ++ char dname[MAXHOSTNAMELEN + 1]; ++ if (__ns_name_ntop (cdname, dname, sizeof (dname)) < 0) ++ return false; ++ /* Do not report an error on allocation failure, instead store NULL ++ or do nothing. getanswer_r's caller will see NSS_STATUS_SUCCESS ++ and detect the memory allocation failure or buffer space ++ exhaustion, and report it accordingly. */ ++ ptrlist_add (aliases, alloc_buffer_copy_string (abuf, dname)); ++ return true; ++} + +- if (__glibc_unlikely (n < 0)) +- { +- *errnop = errno; +- *h_errnop = NO_RECOVERY; +- return NSS_STATUS_UNAVAIL; +- } +- if (__glibc_unlikely (__libc_res_hnok (bp) == 0)) ++static enum nss_status __attribute__ ((noinline)) ++getanswer_r (unsigned char *packet, size_t packetlen, uint16_t qtype, ++ struct alloc_buffer *abuf, ++ struct ptrlist *addresses, struct ptrlist *aliases, ++ int *errnop, int *h_errnop, int32_t *ttlp) ++{ ++ struct ns_rr_cursor c; ++ if (!__ns_rr_cursor_init (&c, packet, packetlen)) + { +- errno = EBADMSG; +- *errnop = EBADMSG; ++ /* This should not happen because __res_context_query already ++ perfroms response validation. */ + *h_errnop = NO_RECOVERY; + return NSS_STATUS_UNAVAIL; + } +- cp += n + QFIXEDSZ; + +- if (qtype == T_A || qtype == T_AAAA) ++ /* Treat the QNAME just like an alias. Error out if it is not a ++ valid host name. */ ++ if (ns_rr_cursor_rcode (&c) == NXDOMAIN ++ || !getanswer_r_store_alias (ns_rr_cursor_qname (&c), abuf, aliases)) + { +- /* res_send() has already verified that the query name is the +- * same as the one we sent; this just gets the expanded name +- * (i.e., with the succeeding search-domain tacked on). +- */ +- n = strlen (bp) + 1; /* for the \0 */ +- if (n >= MAXHOSTNAMELEN) +- { +- *h_errnop = NO_RECOVERY; +- *errnop = ENOENT; +- return NSS_STATUS_TRYAGAIN; +- } +- result->h_name = bp; +- bp += n; +- linebuflen -= n; +- if (linebuflen < 0) +- goto too_small; +- /* The qname can be abbreviated, but h_name is now absolute. */ +- qname = result->h_name; ++ if (ttlp != NULL) ++ /* No negative caching. */ ++ *ttlp = 0; ++ *h_errnop = HOST_NOT_FOUND; ++ *errnop = ENOENT; ++ return NSS_STATUS_NOTFOUND; + } + +- ap = host_data->aliases; +- *ap = NULL; +- result->h_aliases = host_data->aliases; +- hap = host_data->h_addr_ptrs; +- *hap = NULL; +- result->h_addr_list = host_data->h_addr_ptrs; +- haveanswer = 0; +- had_error = 0; ++ int ancount = ns_rr_cursor_ancount (&c); ++ const unsigned char *expected_name = ns_rr_cursor_qname (&c); ++ /* expected_name may be updated to point into this buffer. */ ++ unsigned char name_buffer[NS_MAXCDNAME]; + +- while (ancount-- > 0 && cp < end_of_message && had_error == 0) ++ for (; ancount > 0; --ancount) + { +- int type, class; +- +- n = __ns_name_unpack (answer->buf, end_of_message, cp, +- packtmp, sizeof packtmp); +- if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1) +- { +- if (__glibc_unlikely (errno == EMSGSIZE)) +- goto too_small; +- +- n = -1; +- } +- +- if (__glibc_unlikely (n < 0 || __libc_res_hnok (bp) == 0)) +- { +- ++had_error; +- continue; +- } +- cp += n; /* name */ +- +- if (__glibc_unlikely (cp + 10 > end_of_message)) ++ struct ns_rr_wire rr; ++ if (!__ns_rr_cursor_next (&c, &rr)) + { +- ++had_error; +- continue; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; + } + +- NS_GET16 (type, cp); +- NS_GET16 (class, cp); +- int32_t ttl; +- NS_GET32 (ttl, cp); +- NS_GET16 (n, cp); /* RDATA length. */ +- +- if (end_of_message - cp < n) +- { +- /* RDATA extends beyond the end of the packet. */ +- ++had_error; +- continue; +- } ++ /* Skip over records with the wrong class. */ ++ if (rr.rclass != C_IN) ++ continue; + +- if (__glibc_unlikely (class != C_IN)) +- { +- /* XXX - debug? syslog? */ +- cp += n; +- continue; /* XXX - had_error++ ? */ +- } ++ /* Update TTL for recognized record types. */ ++ if ((rr.rtype == T_CNAME || rr.rtype == qtype) ++ && ttlp != NULL && *ttlp > rr.ttl) ++ *ttlp = rr.ttl; + +- if (type == T_CNAME) ++ if (rr.rtype == T_CNAME) + { +- /* A CNAME could also have a TTL entry. */ +- if (ttlp != NULL && ttl < *ttlp) +- *ttlp = ttl; +- +- if (ap >= &host_data->aliases[MAX_NR_ALIASES - 1]) +- continue; +- n = __libc_dn_expand (answer->buf, end_of_message, cp, +- tbuf, sizeof tbuf); +- if (__glibc_unlikely (n < 0 || __libc_res_hnok (tbuf) == 0)) +- { +- ++had_error; +- continue; +- } +- cp += n; +- /* Store alias. */ +- *ap++ = bp; +- n = strlen (bp) + 1; /* For the \0. */ +- if (__glibc_unlikely (n >= MAXHOSTNAMELEN)) +- { +- ++had_error; +- continue; +- } +- bp += n; +- linebuflen -= n; +- /* Get canonical name. */ +- n = strlen (tbuf) + 1; /* For the \0. */ +- if (__glibc_unlikely (n > linebuflen)) +- goto too_small; +- if (__glibc_unlikely (n >= MAXHOSTNAMELEN)) ++ /* NB: No check for owner name match, based on historic ++ precedent. Record the CNAME target as the new expected ++ name. */ ++ int n = __ns_name_unpack (c.begin, c.end, rr.rdata, ++ name_buffer, sizeof (name_buffer)); ++ if (n < 0) + { +- ++had_error; +- continue; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; + } +- result->h_name = bp; +- bp = __mempcpy (bp, tbuf, n); /* Cannot overflow. */ +- linebuflen -= n; +- continue; ++ /* And store the new name as an alias. */ ++ getanswer_r_store_alias (name_buffer, abuf, aliases); ++ expected_name = name_buffer; + } +- +- if (__glibc_unlikely (type != qtype)) ++ else if (rr.rtype == qtype ++ && __ns_samebinaryname (rr.rname, expected_name) ++ && rr.rdlength == rrtype_to_rdata_length (qtype)) + { +- cp += n; +- continue; /* XXX - had_error++ ? */ ++ /* Make a copy of the address and store it. Increase the ++ alignment to 4, in case there are applications out there ++ that expect at least this level of address alignment. */ ++ ptrlist_add (addresses, (char *) alloc_buffer_next (abuf, uint32_t)); ++ alloc_buffer_copy_bytes (abuf, rr.rdata, rr.rdlength); + } +- +- switch (type) +- { +- case T_A: +- case T_AAAA: +- if (__glibc_unlikely (__strcasecmp (result->h_name, bp) != 0)) +- { +- cp += n; +- continue; /* XXX - had_error++ ? */ +- } +- +- /* Stop parsing at a record whose length is incorrect. */ +- if (n != rrtype_to_rdata_length (type)) +- { +- ++had_error; +- break; +- } +- +- /* Skip records of the wrong type. */ +- if (n != result->h_length) +- { +- cp += n; +- continue; +- } +- if (!haveanswer) +- { +- int nn; +- +- /* We compose a single hostent out of the entire chain of +- entries, so the TTL of the hostent is essentially the lowest +- TTL in the chain. */ +- if (ttlp != NULL && ttl < *ttlp) +- *ttlp = ttl; +- if (canonp != NULL) +- *canonp = bp; +- result->h_name = bp; +- nn = strlen (bp) + 1; /* for the \0 */ +- bp += nn; +- linebuflen -= nn; +- } +- +- /* Provide sufficient alignment for both address +- families. */ +- enum { align = 4 }; +- _Static_assert ((align % __alignof__ (struct in_addr)) == 0, +- "struct in_addr alignment"); +- _Static_assert ((align % __alignof__ (struct in6_addr)) == 0, +- "struct in6_addr alignment"); +- { +- char *new_bp = PTR_ALIGN_UP (bp, align); +- linebuflen -= new_bp - bp; +- bp = new_bp; +- } +- +- if (__glibc_unlikely (n > linebuflen)) +- goto too_small; +- bp = __mempcpy (*hap++ = bp, cp, n); +- cp += n; +- linebuflen -= n; +- break; +- default: +- abort (); +- } +- if (had_error == 0) +- ++haveanswer; + } + +- if (haveanswer > 0) ++ if (ptrlist_size (addresses) == 0) + { +- *ap = NULL; +- *hap = NULL; +- /* +- * Note: we sort even if host can take only one address +- * in its return structures - should give it the "best" +- * address in that case, not some random one +- */ +- if (haveanswer > 1 && qtype == T_A +- && __resolv_context_sort_count (ctx) > 0) +- addrsort (ctx, host_data->h_addr_ptrs, haveanswer); +- +- if (result->h_name == NULL) +- { +- n = strlen (qname) + 1; /* For the \0. */ +- if (n > linebuflen) +- goto too_small; +- if (n >= MAXHOSTNAMELEN) +- goto no_recovery; +- result->h_name = bp; +- bp = __mempcpy (bp, qname, n); /* Cannot overflow. */ +- linebuflen -= n; +- } ++ /* No address record found. */ ++ if (ttlp != NULL) ++ /* No caching of negative responses. */ ++ *ttlp = 0; + ++ *h_errnop = NO_RECOVERY; ++ *errnop = ENOENT; ++ return NSS_STATUS_TRYAGAIN; ++ } ++ else ++ { + *h_errnop = NETDB_SUCCESS; + return NSS_STATUS_SUCCESS; + } +- no_recovery: +- *h_errnop = NO_RECOVERY; +- *errnop = ENOENT; +- /* Special case here: if the resolver sent a result but it only +- contains a CNAME while we are looking for a T_A or T_AAAA record, +- we fail with NOTFOUND instead of TRYAGAIN. */ +- return ((qtype == T_A || qtype == T_AAAA) && ap != host_data->aliases +- ? NSS_STATUS_NOTFOUND : NSS_STATUS_TRYAGAIN); + } + + static enum nss_status +-- +2.19.1.6.gb485710b + diff --git a/0033-nss_dns-In-gaih_getanswer_slice-skip-strange-aliases.patch b/0033-nss_dns-In-gaih_getanswer_slice-skip-strange-aliases.patch new file mode 100644 index 0000000..1b7b84e --- /dev/null +++ b/0033-nss_dns-In-gaih_getanswer_slice-skip-strange-aliases.patch @@ -0,0 +1,57 @@ +From 7a236dc44a22dc4252e803d1ee1d3b970ec43805 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 33/81] nss_dns: In gaih_getanswer_slice, skip strange aliases + (bug 12154) + +If the name is not a host name, skip adding it to the result, instead +of reporting query failure. This fixes bug 12154 for getaddrinfo. + +This commit still keeps the old parsing code, and only adjusts when +a host name is copied. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 32b599ac8c21c4c332cc3900a792a1395bca79c7) +--- + resolv/nss_dns/dns-host.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c +index b887e77e9c..bea505d697 100644 +--- a/resolv/nss_dns/dns-host.c ++++ b/resolv/nss_dns/dns-host.c +@@ -970,12 +970,12 @@ gaih_getanswer_slice (const querybuf *answer, int anslen, const char *qname, + + n = -1; + } +- if (__glibc_unlikely (n < 0 || __libc_res_hnok (buffer) == 0)) ++ if (__glibc_unlikely (n < 0)) + { + ++had_error; + continue; + } +- if (*firstp && canon == NULL) ++ if (*firstp && canon == NULL && __libc_res_hnok (buffer)) + { + h_name = buffer; + buffer += h_namelen; +@@ -1021,14 +1021,14 @@ gaih_getanswer_slice (const querybuf *answer, int anslen, const char *qname, + + n = __libc_dn_expand (answer->buf, end_of_message, cp, + tbuf, sizeof tbuf); +- if (__glibc_unlikely (n < 0 || __libc_res_hnok (tbuf) == 0)) ++ if (__glibc_unlikely (n < 0)) + { + ++had_error; + continue; + } + cp += n; + +- if (*firstp) ++ if (*firstp && __libc_res_hnok (tbuf)) + { + /* Reclaim buffer space. */ + if (h_name + h_namelen == buffer) +-- +2.19.1.6.gb485710b + diff --git a/0034-resolv-Add-new-tst-resolv-invalid-cname.patch b/0034-resolv-Add-new-tst-resolv-invalid-cname.patch new file mode 100644 index 0000000..74ffb70 --- /dev/null +++ b/0034-resolv-Add-new-tst-resolv-invalid-cname.patch @@ -0,0 +1,452 @@ +From e2ec6a8db38a6b734bbdb41e498fdc9460f7566a Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 34/81] resolv: Add new tst-resolv-invalid-cname + +This test checks resolution through CNAME chains that do not contain +host names (bug 12154). + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 9caf782276ecea4bc86fc94fbb52779736f3106d) +--- + resolv/Makefile | 3 + + resolv/tst-resolv-invalid-cname.c | 406 ++++++++++++++++++++++++++++++ + 2 files changed, 409 insertions(+) + create mode 100644 resolv/tst-resolv-invalid-cname.c + +diff --git a/resolv/Makefile b/resolv/Makefile +index 018b1808d6..f8a92c6cff 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -98,6 +98,7 @@ tests += \ + tst-resolv-binary \ + tst-resolv-byaddr \ + tst-resolv-edns \ ++ tst-resolv-invalid-cname \ + tst-resolv-network \ + tst-resolv-noaaaa \ + tst-resolv-nondecimal \ +@@ -287,6 +288,8 @@ $(objpfx)tst-resolv-res_init-multi: $(objpfx)libresolv.so \ + $(shared-thread-library) + $(objpfx)tst-resolv-res_init-thread: $(objpfx)libresolv.so \ + $(shared-thread-library) ++$(objpfx)tst-resolv-invalid-cname: $(objpfx)libresolv.so \ ++ $(shared-thread-library) + $(objpfx)tst-resolv-noaaaa: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) +diff --git a/resolv/tst-resolv-invalid-cname.c b/resolv/tst-resolv-invalid-cname.c +new file mode 100644 +index 0000000000..ae2d4419b1 +--- /dev/null ++++ b/resolv/tst-resolv-invalid-cname.c +@@ -0,0 +1,406 @@ ++/* Test handling of CNAMEs with non-host domain names (bug 12154). ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/* Query strings describe the CNAME chain in the response. They have ++ the format "bitsBITS.countCOUNT.example.", where BITS and COUNT are ++ replaced by unsigned decimal numbers. COUNT is the number of CNAME ++ records in the response. BITS has two bits for each CNAME record, ++ describing a special prefix that is added to that CNAME. ++ ++ 0: No special leading label. ++ 1: Starting with "*.". ++ 2: Starting with "-x.". ++ 3: Starting with "star.*.". ++ ++ The first CNAME in the response using the two least significant ++ bits. ++ ++ For PTR queries, the QNAME format is different, it is either ++ COUNT.BITS.168.192.in-addr.arpa. (with BITS and COUNT still ++ decimal), or: ++ ++COUNT.BITS0.BITS1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. ++ ++ where BITS and COUNT are hexadecimal. */ ++ ++static void ++response (const struct resolv_response_context *ctx, ++ struct resolv_response_builder *b, ++ const char *qname, uint16_t qclass, uint16_t qtype) ++{ ++ TEST_COMPARE (qclass, C_IN); ++ ++ /* The only other query type besides A is PTR. */ ++ if (qtype != T_A && qtype != T_AAAA) ++ TEST_COMPARE (qtype, T_PTR); ++ ++ unsigned int bits, bits1, count; ++ char *tail = NULL; ++ if (sscanf (qname, "bits%u.count%u.%ms", &bits, &count, &tail) == 3) ++ TEST_COMPARE_STRING (tail, "example"); ++ else if (strstr (qname, "in-addr.arpa") != NULL ++ && sscanf (qname, "%u.%u.%ms", &bits, &count, &tail) == 3) ++ TEST_COMPARE_STRING (tail, "168.192.in-addr.arpa"); ++ else if (sscanf (qname, "%x.%x.%x.%ms", &bits, &bits1, &count, &tail) == 4) ++ { ++ TEST_COMPARE_STRING (tail, "\ ++0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa"); ++ bits |= bits1 << 4; ++ } ++ else ++ FAIL_EXIT1 ("invalid QNAME: %s\n", qname); ++ free (tail); ++ ++ struct resolv_response_flags flags = {}; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ resolv_response_section (b, ns_s_an); ++ ++ /* Provide the requested number of CNAME records. */ ++ char *previous_name = (char *) qname; ++ unsigned int original_bits = bits; ++ for (int unique = 0; unique < count; ++unique) ++ { ++ resolv_response_open_record (b, previous_name, qclass, T_CNAME, 60); ++ ++ static const char bits_to_prefix[4][8] = { "", "*.", "-x.", "star.*." }; ++ char *new_name = xasprintf ("%sunique%d.example", ++ bits_to_prefix[bits & 3], unique); ++ bits >>= 2; ++ resolv_response_add_name (b, new_name); ++ resolv_response_close_record (b); ++ ++ if (previous_name != qname) ++ free (previous_name); ++ previous_name = new_name; ++ } ++ ++ /* Actual answer record. */ ++ resolv_response_open_record (b, previous_name, qclass, qtype, 60); ++ switch (qtype) ++ { ++ case T_A: ++ { ++ char ipv4[4] = {192, 168, count, original_bits}; ++ resolv_response_add_data (b, &ipv4, sizeof (ipv4)); ++ } ++ break; ++ case T_AAAA: ++ { ++ char ipv6[16] = ++ { ++ 0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ count, original_bits ++ }; ++ resolv_response_add_data (b, &ipv6, sizeof (ipv6)); ++ } ++ break; ++ ++ case T_PTR: ++ { ++ char *name = xasprintf ("bits%u.count%u.example", ++ original_bits, count); ++ resolv_response_add_name (b, name); ++ free (name); ++ } ++ break; ++ } ++ resolv_response_close_record (b); ++ ++ if (previous_name != qname) ++ free (previous_name); ++} ++ ++/* Controls which name resolution function is invoked. */ ++enum test_mode ++ { ++ byname, /* gethostbyname. */ ++ byname2, /* gethostbyname2. */ ++ gai, /* getaddrinfo without AI_CANONNAME. */ ++ gai_canon, /* getaddrinfo with AI_CANONNAME. */ ++ ++ test_mode_num /* Number of enum values. */ ++ }; ++ ++static const char * ++test_mode_to_string (enum test_mode mode) ++{ ++ switch (mode) ++ { ++ case byname: ++ return "byname"; ++ case byname2: ++ return "byname2"; ++ case gai: ++ return "gai"; ++ case gai_canon: ++ return "gai_canon"; ++ case test_mode_num: ++ /* Report error below. */ ++ } ++ FAIL_EXIT1 ("invalid test_mode: %d", mode); ++} ++ ++/* Append the name and aliases to OUT. */ ++static void ++append_names (FILE *out, const char *qname, int bits, int count, ++ enum test_mode mode) ++{ ++ /* Largest valid index which has a corresponding zero in bits ++ (meaning a syntactically valid CNAME). */ ++ int last_valid_cname = -1; ++ ++ for (int i = 0; i < count; ++i) ++ if ((bits & (3 << (i * 2))) == 0) ++ last_valid_cname = i; ++ ++ if (mode != gai) ++ { ++ const char *label; ++ if (mode == gai_canon) ++ label = "canonname"; ++ else ++ label = "name"; ++ if (last_valid_cname >= 0) ++ fprintf (out, "%s: unique%d.example\n", label, last_valid_cname); ++ else ++ fprintf (out, "%s: %s\n", label, qname); ++ } ++ ++ if (mode == byname || mode == byname2) ++ { ++ if (last_valid_cname >= 0) ++ fprintf (out, "alias: %s\n", qname); ++ for (int i = 0; i < count; ++i) ++ { ++ if ((bits & (3 << (i * 2))) == 0 && i != last_valid_cname) ++ fprintf (out, "alias: unique%d.example\n", i); ++ } ++ } ++} ++ ++/* Append the address information to OUT. */ ++static void ++append_addresses (FILE *out, int af, int bits, int count, enum test_mode mode) ++{ ++ int last = count * 256 + bits; ++ if (mode == gai || mode == gai_canon) ++ { ++ if (af == AF_INET || af == AF_UNSPEC) ++ fprintf (out, "address: STREAM/TCP 192.168.%d.%d 80\n", count, bits); ++ if (af == AF_INET6 || af == AF_UNSPEC) ++ { ++ if (last == 0) ++ fprintf (out, "address: STREAM/TCP 2001:db8:: 80\n"); ++ else ++ fprintf (out, "address: STREAM/TCP 2001:db8::%x 80\n", last); ++ } ++ } ++ else ++ { ++ TEST_VERIFY (af != AF_UNSPEC); ++ if (af == AF_INET) ++ fprintf (out, "address: 192.168.%d.%d\n", count, bits); ++ if (af == AF_INET6) ++ { ++ if (last == 0) ++ fprintf (out, "address: 2001:db8::\n"); ++ else ++ fprintf (out, "address: 2001:db8::%x\n", last); ++ } ++ } ++} ++ ++/* Perform one test using a forward lookup. */ ++static void ++check_forward (int af, int bits, int count, enum test_mode mode) ++{ ++ char *qname = xasprintf ("bits%d.count%d.example", bits, count); ++ char *label = xasprintf ("af=%d bits=%d count=%d mode=%s qname=%s", ++ af, bits, count, test_mode_to_string (mode), qname); ++ ++ struct xmemstream expected; ++ xopen_memstream (&expected); ++ if (mode == gai_canon) ++ fprintf (expected.out, "flags: AI_CANONNAME\n"); ++ append_names (expected.out, qname, bits, count, mode); ++ append_addresses (expected.out, af, bits, count, mode); ++ xfclose_memstream (&expected); ++ ++ if (mode == gai || mode == gai_canon) ++ { ++ struct addrinfo *ai; ++ struct addrinfo hints = ++ { ++ .ai_family = af, ++ .ai_socktype = SOCK_STREAM, ++ }; ++ if (mode == gai_canon) ++ hints.ai_flags |= AI_CANONNAME; ++ int ret = getaddrinfo (qname, "80", &hints, &ai); ++ check_addrinfo (label, ai, ret, expected.buffer); ++ if (ret == 0) ++ freeaddrinfo (ai); ++ } ++ else ++ { ++ struct hostent *e; ++ if (mode == gai) ++ { ++ TEST_COMPARE (af, AF_INET); ++ e = gethostbyname (qname); ++ } ++ else ++ { ++ if (af != AF_INET) ++ TEST_COMPARE (af, AF_INET6); ++ e = gethostbyname2 (qname, af); ++ } ++ check_hostent (label, e, expected.buffer); ++ } ++ ++ free (expected.buffer); ++ free (label); ++ free (qname); ++} ++ ++/* Perform one check using a reverse lookup. */ ++ ++static void ++check_reverse (int af, int bits, int count) ++{ ++ TEST_VERIFY (af == AF_INET || af == AF_INET6); ++ ++ char *label = xasprintf ("af=%d bits=%d count=%d", af, bits, count); ++ char *fqdn = xasprintf ("bits%d.count%d.example", bits, count); ++ ++ struct xmemstream expected; ++ xopen_memstream (&expected); ++ fprintf (expected.out, "name: %s\n", fqdn); ++ append_addresses (expected.out, af, bits, count, byname); ++ xfclose_memstream (&expected); ++ ++ char addr[16] = { 0 }; ++ socklen_t addrlen; ++ if (af == AF_INET) ++ { ++ addr[0] = 192; ++ addr[1] = 168; ++ addr[2] = count; ++ addr[3] = bits; ++ addrlen = 4; ++ } ++ else ++ { ++ addr[0] = 0x20; ++ addr[1] = 0x01; ++ addr[2] = 0x0d; ++ addr[3] = 0xb8; ++ addr[14] = count; ++ addr[15] = bits; ++ addrlen = 16; ++ } ++ ++ struct hostent *e = gethostbyaddr (addr, addrlen, af); ++ check_hostent (label, e, expected.buffer); ++ ++ /* getnameinfo check is different. There is no generic check_* ++ function for it. */ ++ { ++ struct sockaddr_in sin = { }; ++ struct sockaddr_in6 sin6 = { }; ++ void *sa; ++ socklen_t salen; ++ if (af == AF_INET) ++ { ++ sin.sin_family = AF_INET; ++ memcpy (&sin.sin_addr, addr, addrlen); ++ sin.sin_port = htons (80); ++ sa = &sin; ++ salen = sizeof (sin); ++ } ++ else ++ { ++ sin6.sin6_family = AF_INET6; ++ memcpy (&sin6.sin6_addr, addr, addrlen); ++ sin6.sin6_port = htons (80); ++ sa = &sin6; ++ salen = sizeof (sin6); ++ } ++ ++ char host[64]; ++ char service[64]; ++ int ret = getnameinfo (sa, salen, host, ++ sizeof (host), service, sizeof (service), ++ NI_NAMEREQD | NI_NUMERICSERV); ++ TEST_COMPARE (ret, 0); ++ TEST_COMPARE_STRING (host, fqdn); ++ TEST_COMPARE_STRING (service, "80"); ++ } ++ ++ free (expected.buffer); ++ free (fqdn); ++ free (label); ++} ++ ++static int ++do_test (void) ++{ ++ struct resolv_test *obj = resolv_test_start ++ ((struct resolv_redirect_config) ++ { ++ .response_callback = response ++ }); ++ ++ for (int count = 0; count <= 3; ++count) ++ for (int bits = 0; bits <= 1 << (count * 2); ++bits) ++ { ++ if (count > 0 && bits == count) ++ /* The last bits value is only checked if count == 0. */ ++ continue; ++ ++ for (enum test_mode mode = 0; mode < test_mode_num; ++mode) ++ { ++ check_forward (AF_INET, bits, count, mode); ++ if (mode != byname) ++ check_forward (AF_INET6, bits, count, mode); ++ if (mode == gai || mode == gai_canon) ++ check_forward (AF_UNSPEC, bits, count, mode); ++ } ++ ++ check_reverse (AF_INET, bits, count); ++ check_reverse (AF_INET6, bits, count); ++ } ++ ++ resolv_test_end (obj); ++ ++ return 0; ++} ++ ++#include +-- +2.19.1.6.gb485710b + diff --git a/0035-nss_dns-Rewrite-_nss_dns_gethostbyname4_r-using-curr.patch b/0035-nss_dns-Rewrite-_nss_dns_gethostbyname4_r-using-curr.patch new file mode 100644 index 0000000..82e7ce5 --- /dev/null +++ b/0035-nss_dns-Rewrite-_nss_dns_gethostbyname4_r-using-curr.patch @@ -0,0 +1,596 @@ +From c5cdb39c20e96d9ac0d46fc7284b8276a537fd35 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 10:02:49 +0200 +Subject: [PATCH 35/81] nss_dns: Rewrite _nss_dns_gethostbyname4_r using + current interfaces + +Introduce struct alloc_buffer to this function, and use it and +struct ns_rr_cursor in gaih_getanswer_slice. Adjust gaih_getanswer +and gaih_getanswer_noaaaa accordingly. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 1d495912a746e2a1ffb780c9a81fd234ec2464e8) +--- + resolv/nss_dns/dns-host.c | 443 ++++++++++++++------------------------ + 1 file changed, 162 insertions(+), 281 deletions(-) + +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c +index bea505d697..9fa81f23c8 100644 +--- a/resolv/nss_dns/dns-host.c ++++ b/resolv/nss_dns/dns-host.c +@@ -100,13 +100,6 @@ + #endif + #define MAXHOSTNAMELEN 256 + +-/* We need this time later. */ +-typedef union querybuf +-{ +- HEADER hdr; +- u_char buf[MAXPACKET]; +-} querybuf; +- + /* For historic reasons, pointers to IP addresses are char *, so use a + single list type for addresses and host names. */ + #define DYNARRAY_STRUCT ptrlist +@@ -125,18 +118,18 @@ static enum nss_status getanswer_ptr (unsigned char *packet, size_t packetlen, + char **hnamep, int *errnop, + int *h_errnop, int32_t *ttlp); + +-static enum nss_status gaih_getanswer (const querybuf *answer1, int anslen1, +- const querybuf *answer2, int anslen2, +- const char *qname, ++static enum nss_status gaih_getanswer (unsigned char *packet1, ++ size_t packet1len, ++ unsigned char *packet2, ++ size_t packet2len, ++ struct alloc_buffer *abuf, + struct gaih_addrtuple **pat, +- char *buffer, size_t buflen, + int *errnop, int *h_errnop, + int32_t *ttlp); +-static enum nss_status gaih_getanswer_noaaaa (const querybuf *answer1, +- int anslen1, +- const char *qname, ++static enum nss_status gaih_getanswer_noaaaa (unsigned char *packet, ++ size_t packetlen, ++ struct alloc_buffer *abuf, + struct gaih_addrtuple **pat, +- char *buffer, size_t buflen, + int *errnop, int *h_errnop, + int32_t *ttlp); + +@@ -408,17 +401,13 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat, + name = cp; + } + +- union +- { +- querybuf *buf; +- u_char *ptr; +- } host_buffer; +- querybuf *orig_host_buffer; +- host_buffer.buf = orig_host_buffer = (querybuf *) alloca (2048); ++ unsigned char dns_packet_buffer[2048]; ++ unsigned char *alt_dns_packet_buffer = dns_packet_buffer; + u_char *ans2p = NULL; + int nans2p = 0; + int resplen2 = 0; + int ans2p_malloced = 0; ++ struct alloc_buffer abuf = alloc_buffer_create (buffer, buflen); + + + int olderr = errno; +@@ -427,22 +416,21 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat, + if ((ctx->resp->options & RES_NOAAAA) == 0) + { + n = __res_context_search (ctx, name, C_IN, T_QUERY_A_AND_AAAA, +- host_buffer.buf->buf, 2048, &host_buffer.ptr, +- &ans2p, &nans2p, &resplen2, &ans2p_malloced); ++ dns_packet_buffer, sizeof (dns_packet_buffer), ++ &alt_dns_packet_buffer, &ans2p, &nans2p, ++ &resplen2, &ans2p_malloced); + if (n >= 0) +- status = gaih_getanswer (host_buffer.buf, n, (const querybuf *) ans2p, +- resplen2, name, pat, buffer, buflen, +- errnop, herrnop, ttlp); ++ status = gaih_getanswer (alt_dns_packet_buffer, n, ans2p, resplen2, ++ &abuf, pat, errnop, herrnop, ttlp); + } + else + { + n = __res_context_search (ctx, name, C_IN, T_A, +- host_buffer.buf->buf, 2048, NULL, +- NULL, NULL, NULL, NULL); ++ dns_packet_buffer, sizeof (dns_packet_buffer), ++ NULL, NULL, NULL, NULL, NULL); + if (n >= 0) +- status = gaih_getanswer_noaaaa (host_buffer.buf, n, +- name, pat, buffer, buflen, +- errnop, herrnop, ttlp); ++ status = gaih_getanswer_noaaaa (alt_dns_packet_buffer, n, ++ &abuf, pat, errnop, herrnop, ttlp); + } + if (n < 0) + { +@@ -473,12 +461,20 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat, + __set_errno (olderr); + } + ++ /* Implement the buffer resizing protocol. */ ++ if (alloc_buffer_has_failed (&abuf)) ++ { ++ *errnop = ERANGE; ++ *herrnop = NETDB_INTERNAL; ++ status = NSS_STATUS_TRYAGAIN; ++ } ++ + /* Check whether ans2p was separately allocated. */ + if (ans2p_malloced) + free (ans2p); + +- if (host_buffer.buf != orig_host_buffer) +- free (host_buffer.buf); ++ if (alt_dns_packet_buffer != dns_packet_buffer) ++ free (alt_dns_packet_buffer); + + __resolv_context_put (ctx); + return status; +@@ -892,259 +888,152 @@ getanswer_ptr (unsigned char *packet, size_t packetlen, + return NSS_STATUS_TRYAGAIN; + } + ++/* Parses DNS data found in PACKETLEN bytes at PACKET in struct ++ gaih_addrtuple address tuples. The new address tuples are linked ++ from **TAILP, with backing store allocated from ABUF, and *TAILP is ++ updated to point where the next tuple pointer should be stored. If ++ TTLP is not null, *TTLP is updated to reflect the minimum TTL. If ++ STORE_CANON is true, the canonical name is stored as part of the ++ first address tuple being written. */ + static enum nss_status +-gaih_getanswer_slice (const querybuf *answer, int anslen, const char *qname, +- struct gaih_addrtuple ***patp, +- char **bufferp, size_t *buflenp, +- int *errnop, int *h_errnop, int32_t *ttlp, int *firstp) ++gaih_getanswer_slice (unsigned char *packet, size_t packetlen, ++ struct alloc_buffer *abuf, ++ struct gaih_addrtuple ***tailp, ++ int *errnop, int *h_errnop, int32_t *ttlp, ++ bool store_canon) + { +- char *buffer = *bufferp; +- size_t buflen = *buflenp; +- +- struct gaih_addrtuple **pat = *patp; +- const HEADER *hp = &answer->hdr; +- int ancount = ntohs (hp->ancount); +- int qdcount = ntohs (hp->qdcount); +- const u_char *cp = answer->buf + HFIXEDSZ; +- const u_char *end_of_message = answer->buf + anslen; +- if (__glibc_unlikely (qdcount != 1)) +- { +- *h_errnop = NO_RECOVERY; +- return NSS_STATUS_UNAVAIL; +- } +- +- u_char packtmp[NS_MAXCDNAME]; +- int n = __ns_name_unpack (answer->buf, end_of_message, cp, +- packtmp, sizeof packtmp); +- /* We unpack the name to check it for validity. But we do not need +- it later. */ +- if (n != -1 && __ns_name_ntop (packtmp, buffer, buflen) == -1) +- { +- if (__glibc_unlikely (errno == EMSGSIZE)) +- { +- too_small: +- *errnop = ERANGE; +- *h_errnop = NETDB_INTERNAL; +- return NSS_STATUS_TRYAGAIN; +- } +- +- n = -1; +- } +- +- if (__glibc_unlikely (n < 0)) +- { +- *errnop = errno; +- *h_errnop = NO_RECOVERY; +- return NSS_STATUS_UNAVAIL; +- } +- if (__glibc_unlikely (__libc_res_hnok (buffer) == 0)) ++ struct ns_rr_cursor c; ++ if (!__ns_rr_cursor_init (&c, packet, packetlen)) + { +- errno = EBADMSG; +- *errnop = EBADMSG; ++ /* This should not happen because __res_context_query already ++ perfroms response validation. */ + *h_errnop = NO_RECOVERY; + return NSS_STATUS_UNAVAIL; + } +- cp += n + QFIXEDSZ; ++ bool haveanswer = false; /* Set to true if at least one address. */ ++ uint16_t qtype = ns_rr_cursor_qtype (&c); ++ int ancount = ns_rr_cursor_ancount (&c); ++ const unsigned char *expected_name = ns_rr_cursor_qname (&c); ++ /* expected_name may be updated to point into this buffer. */ ++ unsigned char name_buffer[NS_MAXCDNAME]; + +- int haveanswer = 0; +- int had_error = 0; +- char *canon = NULL; +- char *h_name = NULL; +- int h_namelen = 0; ++ /* This is a pointer to a possibly-compressed name in the packet. ++ Eventually it is equivalent to the canonical name. If needed, it ++ is uncompressed and translated to text form when the first ++ address tuple is encountered. */ ++ const unsigned char *compressed_alias_name = expected_name; + +- if (ancount == 0) ++ if (ancount == 0 || !__res_binary_hnok (compressed_alias_name)) + { + *h_errnop = HOST_NOT_FOUND; + return NSS_STATUS_NOTFOUND; + } + +- while (ancount-- > 0 && cp < end_of_message && had_error == 0) ++ for (; ancount > -0; --ancount) + { +- n = __ns_name_unpack (answer->buf, end_of_message, cp, +- packtmp, sizeof packtmp); +- if (n != -1 && +- (h_namelen = __ns_name_ntop (packtmp, buffer, buflen)) == -1) +- { +- if (__glibc_unlikely (errno == EMSGSIZE)) +- goto too_small; +- +- n = -1; +- } +- if (__glibc_unlikely (n < 0)) +- { +- ++had_error; +- continue; +- } +- if (*firstp && canon == NULL && __libc_res_hnok (buffer)) +- { +- h_name = buffer; +- buffer += h_namelen; +- buflen -= h_namelen; +- } +- +- cp += n; /* name */ +- +- if (__glibc_unlikely (cp + 10 > end_of_message)) +- { +- ++had_error; +- continue; +- } +- +- uint16_t type; +- NS_GET16 (type, cp); +- uint16_t class; +- NS_GET16 (class, cp); +- int32_t ttl; +- NS_GET32 (ttl, cp); +- NS_GET16 (n, cp); /* RDATA length. */ +- +- if (end_of_message - cp < n) ++ struct ns_rr_wire rr; ++ if (!__ns_rr_cursor_next (&c, &rr)) + { +- /* RDATA extends beyond the end of the packet. */ +- ++had_error; +- continue; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; + } + +- if (class != C_IN) +- { +- cp += n; +- continue; +- } ++ /* Update TTL for known record types. */ ++ if ((rr.rtype == T_CNAME || rr.rtype == qtype) ++ && ttlp != NULL && *ttlp > rr.ttl) ++ *ttlp = rr.ttl; + +- if (type == T_CNAME) ++ if (rr.rtype == T_CNAME) + { +- char tbuf[MAXDNAME]; +- +- /* A CNAME could also have a TTL entry. */ +- if (ttlp != NULL && ttl < *ttlp) +- *ttlp = ttl; +- +- n = __libc_dn_expand (answer->buf, end_of_message, cp, +- tbuf, sizeof tbuf); +- if (__glibc_unlikely (n < 0)) +- { +- ++had_error; +- continue; +- } +- cp += n; +- +- if (*firstp && __libc_res_hnok (tbuf)) ++ /* NB: No check for owner name match, based on historic ++ precedent. Record the CNAME target as the new expected ++ name. */ ++ int n = __ns_name_unpack (c.begin, c.end, rr.rdata, ++ name_buffer, sizeof (name_buffer)); ++ if (n < 0) + { +- /* Reclaim buffer space. */ +- if (h_name + h_namelen == buffer) +- { +- buffer = h_name; +- buflen += h_namelen; +- } +- +- n = strlen (tbuf) + 1; +- if (__glibc_unlikely (n > buflen)) +- goto too_small; +- if (__glibc_unlikely (n >= MAXHOSTNAMELEN)) +- { +- ++had_error; +- continue; +- } +- +- canon = buffer; +- buffer = __mempcpy (buffer, tbuf, n); +- buflen -= n; +- h_namelen = 0; ++ *h_errnop = NO_RECOVERY; ++ return NSS_STATUS_UNAVAIL; + } +- continue; ++ expected_name = name_buffer; ++ if (store_canon && __res_binary_hnok (name_buffer)) ++ /* This name can be used as a canonical name. Do not ++ translate to text form here to conserve buffer space. ++ Point to the compressed name because name_buffer can be ++ overwritten with an unusable name later. */ ++ compressed_alias_name = rr.rdata; + } +- +- /* Stop parsing if we encounter a record with incorrect RDATA +- length. */ +- if (type == T_A || type == T_AAAA) ++ else if (rr.rtype == qtype ++ && __ns_samebinaryname (rr.rname, expected_name) ++ && rr.rdlength == rrtype_to_rdata_length (qtype)) + { +- if (n != rrtype_to_rdata_length (type)) ++ struct gaih_addrtuple *ntup ++ = alloc_buffer_alloc (abuf, struct gaih_addrtuple); ++ /* Delay error reporting to the callers (they implement the ++ ERANGE buffer resizing handshake). */ ++ if (ntup != NULL) + { +- ++had_error; +- continue; ++ ntup->next = NULL; ++ if (store_canon && compressed_alias_name != NULL) ++ { ++ /* This assumes that all the CNAME records come ++ first. Use MAXHOSTNAMELEN instead of ++ NS_MAXCDNAME for additional length checking. ++ However, these checks are not expected to fail ++ because all size NS_MAXCDNAME names should into ++ the hname buffer because no escaping is ++ needed. */ ++ char unsigned nbuf[NS_MAXCDNAME]; ++ char hname[MAXHOSTNAMELEN + 1]; ++ if (__ns_name_unpack (c.begin, c.end, ++ compressed_alias_name, ++ nbuf, sizeof (nbuf)) >= 0 ++ && __ns_name_ntop (nbuf, hname, sizeof (hname)) >= 0) ++ /* Space checking is performed by the callers. */ ++ ntup->name = alloc_buffer_copy_string (abuf, hname); ++ store_canon = false; ++ } ++ else ++ ntup->name = NULL; ++ if (rr.rdlength == 4) ++ ntup->family = AF_INET; ++ else ++ ntup->family = AF_INET6; ++ memcpy (ntup->addr, rr.rdata, rr.rdlength); ++ ntup->scopeid = 0; ++ ++ /* Link in the new tuple, and update the tail pointer to ++ point to its next field. */ ++ **tailp = ntup; ++ *tailp = &ntup->next; ++ ++ haveanswer = true; + } + } +- else +- { +- /* Skip unknown records. */ +- cp += n; +- continue; +- } +- +- assert (type == T_A || type == T_AAAA); +- if (*pat == NULL) +- { +- uintptr_t pad = (-(uintptr_t) buffer +- % __alignof__ (struct gaih_addrtuple)); +- buffer += pad; +- buflen = buflen > pad ? buflen - pad : 0; +- +- if (__glibc_unlikely (buflen < sizeof (struct gaih_addrtuple))) +- goto too_small; +- +- *pat = (struct gaih_addrtuple *) buffer; +- buffer += sizeof (struct gaih_addrtuple); +- buflen -= sizeof (struct gaih_addrtuple); +- } +- +- (*pat)->name = NULL; +- (*pat)->next = NULL; +- +- if (*firstp) +- { +- /* We compose a single hostent out of the entire chain of +- entries, so the TTL of the hostent is essentially the lowest +- TTL in the chain. */ +- if (ttlp != NULL && ttl < *ttlp) +- *ttlp = ttl; +- +- (*pat)->name = canon ?: h_name; +- +- *firstp = 0; +- } +- +- (*pat)->family = type == T_A ? AF_INET : AF_INET6; +- memcpy ((*pat)->addr, cp, n); +- cp += n; +- (*pat)->scopeid = 0; +- +- pat = &((*pat)->next); +- +- haveanswer = 1; + } + + if (haveanswer) + { +- *patp = pat; +- *bufferp = buffer; +- *buflenp = buflen; +- + *h_errnop = NETDB_SUCCESS; + return NSS_STATUS_SUCCESS; + } +- +- /* Special case here: if the resolver sent a result but it only +- contains a CNAME while we are looking for a T_A or T_AAAA record, +- we fail with NOTFOUND instead of TRYAGAIN. */ +- if (canon != NULL) ++ else + { ++ /* Special case here: if the resolver sent a result but it only ++ contains a CNAME while we are looking for a T_A or T_AAAA ++ record, we fail with NOTFOUND. */ + *h_errnop = HOST_NOT_FOUND; + return NSS_STATUS_NOTFOUND; + } +- +- *h_errnop = NETDB_INTERNAL; +- return NSS_STATUS_TRYAGAIN; + } + + + static enum nss_status +-gaih_getanswer (const querybuf *answer1, int anslen1, const querybuf *answer2, +- int anslen2, const char *qname, +- struct gaih_addrtuple **pat, char *buffer, size_t buflen, ++gaih_getanswer (unsigned char *packet1, size_t packet1len, ++ unsigned char *packet2, size_t packet2len, ++ struct alloc_buffer *abuf, struct gaih_addrtuple **pat, + int *errnop, int *h_errnop, int32_t *ttlp) + { +- int first = 1; +- + enum nss_status status = NSS_STATUS_NOTFOUND; + + /* Combining the NSS status of two distinct queries requires some +@@ -1156,7 +1045,10 @@ gaih_getanswer (const querybuf *answer1, int anslen1, const querybuf *answer2, + between TRYAGAIN (recoverable) and TRYAGAIN' (not-recoverable). + A recoverable TRYAGAIN is almost always due to buffer size issues + and returns ERANGE in errno and the caller is expected to retry +- with a larger buffer. ++ with a larger buffer. (The caller, _nss_dns_gethostbyname4_r, ++ ignores the return status if it detects that the result buffer ++ has been exhausted and generates a TRYAGAIN failure with an ++ ERANGE code.) + + Lastly, you may be tempted to make significant changes to the + conditions in this code to bring about symmetry between responses. +@@ -1236,36 +1128,30 @@ gaih_getanswer (const querybuf *answer1, int anslen1, const querybuf *answer2, + is a recoverable error we now return TRYAGIN even if the first + response was SUCCESS. */ + +- if (anslen1 > 0) +- status = gaih_getanswer_slice(answer1, anslen1, qname, +- &pat, &buffer, &buflen, +- errnop, h_errnop, ttlp, +- &first); +- +- if ((status == NSS_STATUS_SUCCESS || status == NSS_STATUS_NOTFOUND +- || (status == NSS_STATUS_TRYAGAIN +- /* We want to look at the second answer in case of an +- NSS_STATUS_TRYAGAIN only if the error is non-recoverable, i.e. +- *h_errnop is NO_RECOVERY. If not, and if the failure was due to +- an insufficient buffer (ERANGE), then we need to drop the results +- and pass on the NSS_STATUS_TRYAGAIN to the caller so that it can +- repeat the query with a larger buffer. */ +- && (*errnop != ERANGE || *h_errnop == NO_RECOVERY))) +- && answer2 != NULL && anslen2 > 0) ++ if (packet1len > 0) + { +- enum nss_status status2 = gaih_getanswer_slice(answer2, anslen2, qname, +- &pat, &buffer, &buflen, +- errnop, h_errnop, ttlp, +- &first); ++ status = gaih_getanswer_slice (packet1, packet1len, ++ abuf, &pat, errnop, h_errnop, ttlp, true); ++ if (alloc_buffer_has_failed (abuf)) ++ /* Do not try parsing the second packet if a larger result ++ buffer is needed. The caller implements the resizing ++ protocol because *abuf has been exhausted. */ ++ return NSS_STATUS_TRYAGAIN; /* Ignored by the caller. */ ++ } ++ ++ if ((status == NSS_STATUS_SUCCESS || status == NSS_STATUS_NOTFOUND) ++ && packet2 != NULL && packet2len > 0) ++ { ++ enum nss_status status2 ++ = gaih_getanswer_slice (packet2, packet2len, ++ abuf, &pat, errnop, h_errnop, ttlp, ++ /* Success means that data with a ++ canonical name has already been ++ stored. Do not store the name again. */ ++ status != NSS_STATUS_SUCCESS); + /* Use the second response status in some cases. */ + if (status != NSS_STATUS_SUCCESS && status2 != NSS_STATUS_NOTFOUND) + status = status2; +- /* Do not return a truncated second response (unless it was +- unavoidable e.g. unrecoverable TRYAGAIN). */ +- if (status == NSS_STATUS_SUCCESS +- && (status2 == NSS_STATUS_TRYAGAIN +- && *errnop == ERANGE && *h_errnop != NO_RECOVERY)) +- status = NSS_STATUS_TRYAGAIN; + } + + return status; +@@ -1273,18 +1159,13 @@ gaih_getanswer (const querybuf *answer1, int anslen1, const querybuf *answer2, + + /* Variant of gaih_getanswer without a second (AAAA) response. */ + static enum nss_status +-gaih_getanswer_noaaaa (const querybuf *answer1, int anslen1, const char *qname, +- struct gaih_addrtuple **pat, +- char *buffer, size_t buflen, ++gaih_getanswer_noaaaa (unsigned char *packet, size_t packetlen, ++ struct alloc_buffer *abuf, struct gaih_addrtuple **pat, + int *errnop, int *h_errnop, int32_t *ttlp) + { +- int first = 1; +- + enum nss_status status = NSS_STATUS_NOTFOUND; +- if (anslen1 > 0) +- status = gaih_getanswer_slice (answer1, anslen1, qname, +- &pat, &buffer, &buflen, +- errnop, h_errnop, ttlp, +- &first); ++ if (packetlen > 0) ++ status = gaih_getanswer_slice (packet, packetlen, ++ abuf, &pat, errnop, h_errnop, ttlp, true); + return status; + } +-- +2.19.1.6.gb485710b + diff --git a/0036-resolv-Fix-building-tst-resolv-invalid-cname-for-ear.patch b/0036-resolv-Fix-building-tst-resolv-invalid-cname-for-ear.patch new file mode 100644 index 0000000..8ac7c18 --- /dev/null +++ b/0036-resolv-Fix-building-tst-resolv-invalid-cname-for-ear.patch @@ -0,0 +1,40 @@ +From a7fa604f3050a1024dc8ec28ff28bad811f6151f Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 30 Aug 2022 13:30:03 +0200 +Subject: [PATCH 36/81] resolv: Fix building tst-resolv-invalid-cname for + earlier C standards +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This fixes this compiler error: + +tst-resolv-invalid-cname.c: In function ‘test_mode_to_string’: +tst-resolv-invalid-cname.c:164:10: error: label at end of compound statement + case test_mode_num: + ^~~~~~~~~~~~~ + +Fixes commit 9caf782276ecea4bc86fc94fbb52779736f3106d +("resolv: Add new tst-resolv-invalid-cname"). + +(cherry picked from commit d09aa4a17229bcaa2ec7642006b12612498582e7) +--- + resolv/tst-resolv-invalid-cname.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/resolv/tst-resolv-invalid-cname.c b/resolv/tst-resolv-invalid-cname.c +index ae2d4419b1..63dac90e02 100644 +--- a/resolv/tst-resolv-invalid-cname.c ++++ b/resolv/tst-resolv-invalid-cname.c +@@ -162,7 +162,7 @@ test_mode_to_string (enum test_mode mode) + case gai_canon: + return "gai_canon"; + case test_mode_num: +- /* Report error below. */ ++ break; /* Report error below. */ + } + FAIL_EXIT1 ("invalid test_mode: %d", mode); + } +-- +2.19.1.6.gb485710b + diff --git a/0037-NEWS-Note-bug-12154-and-bug-29305-as-fixed.patch b/0037-NEWS-Note-bug-12154-and-bug-29305-as-fixed.patch new file mode 100644 index 0000000..6c2b922 --- /dev/null +++ b/0037-NEWS-Note-bug-12154-and-bug-29305-as-fixed.patch @@ -0,0 +1,26 @@ +From 5d885617cec5713fdde42177398fe98acb66b7a2 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 13 Sep 2022 13:22:27 +0200 +Subject: [PATCH 37/81] NEWS: Note bug 12154 and bug 29305 as fixed + +--- + NEWS | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/NEWS b/NEWS +index 9360596fcc..03281e3ab4 100644 +--- a/NEWS ++++ b/NEWS +@@ -16,7 +16,9 @@ Security related changes: + + The following bugs are resolved with this release: + ++ [12154] Do not fail DNS resolution for CNAMEs which are not host names + [28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning ++ [29305] Conserve NSS buffer space during DNS packet parsing + [29415] nscd: Fix netlink cache invalidation if epoll is used + [29446] _dlopen now ignores dl_caller argument in static mode + [29485] Linux: Terminate subprocess on late failure in tst-pidfd +-- +2.19.1.6.gb485710b + diff --git a/0038-elf-Run-tst-audit-tlsdesc-tst-audit-tlsdesc-dlopen-e.patch b/0038-elf-Run-tst-audit-tlsdesc-tst-audit-tlsdesc-dlopen-e.patch new file mode 100644 index 0000000..781a1b8 --- /dev/null +++ b/0038-elf-Run-tst-audit-tlsdesc-tst-audit-tlsdesc-dlopen-e.patch @@ -0,0 +1,79 @@ +From df51334828f2af214105aad82042140ee3a6de0a Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 13 Sep 2022 19:57:43 +0200 +Subject: [PATCH 38/81] elf: Run tst-audit-tlsdesc, tst-audit-tlsdesc-dlopen + everywhere + +The test is valid for all TLS models, but we want to make a reasonable +effort to test the GNU2 model specifically. For example, aarch64 +defaults to GNU2, but does not have -mtls-dialect=gnu2, and the test +was not run there. + +Suggested-by: Martin Coufal +(cherry picked from commit dd2315a866a4ac2b838ea1cb10c5ea1c35d51a2f) + +Fixes early backport commit 924e4f3eaa502ce82fccf8537f021a796d158771 +("elf: Call __libc_early_init for reused namespaces (bug 29528)"); +it had a wrong conflict resolution. +--- + elf/Makefile | 22 ++++++---------------- + 1 file changed, 6 insertions(+), 16 deletions(-) + +diff --git a/elf/Makefile b/elf/Makefile +index 43353a4b08..72178d33ff 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -374,6 +374,8 @@ tests += \ + tst-align \ + tst-align2 \ + tst-align3 \ ++ tst-audit-tlsdesc \ ++ tst-audit-tlsdesc-dlopen \ + tst-audit1 \ + tst-audit2 \ + tst-audit8 \ +@@ -766,6 +768,8 @@ modules-names += \ + tst-alignmod3 \ + tst-array2dep \ + tst-array5dep \ ++ tst-audit-tlsdesc-mod1 \ ++ tst-audit-tlsdesc-mod2 \ + tst-audit11mod1 \ + tst-audit11mod2 \ + tst-audit12mod1 \ +@@ -799,6 +803,7 @@ modules-names += \ + tst-auditmanymod7 \ + tst-auditmanymod8 \ + tst-auditmanymod9 \ ++ tst-auditmod-tlsdesc \ + tst-auditmod1 \ + tst-auditmod9a \ + tst-auditmod9b \ +@@ -993,23 +998,8 @@ modules-names += tst-gnu2-tls1mod + $(objpfx)tst-gnu2-tls1: $(objpfx)tst-gnu2-tls1mod.so + tst-gnu2-tls1mod.so-no-z-defs = yes + CFLAGS-tst-gnu2-tls1mod.c += -mtls-dialect=gnu2 ++endif # $(have-mtls-dialect-gnu2) + +-tests += tst-audit-tlsdesc tst-audit-tlsdesc-dlopen +-modules-names += tst-audit-tlsdesc-mod1 tst-audit-tlsdesc-mod2 tst-auditmod-tlsdesc +-$(objpfx)tst-audit-tlsdesc: $(objpfx)tst-audit-tlsdesc-mod1.so \ +- $(objpfx)tst-audit-tlsdesc-mod2.so \ +- $(shared-thread-library) +-CFLAGS-tst-audit-tlsdesc-mod1.c += -mtls-dialect=gnu2 +-CFLAGS-tst-audit-tlsdesc-mod2.c += -mtls-dialect=gnu2 +-$(objpfx)tst-audit-tlsdesc-dlopen: $(shared-thread-library) +-$(objpfx)tst-audit-tlsdesc-dlopen.out: $(objpfx)tst-audit-tlsdesc-mod1.so \ +- $(objpfx)tst-audit-tlsdesc-mod2.so +-$(objpfx)tst-audit-tlsdesc-mod1.so: $(objpfx)tst-audit-tlsdesc-mod2.so +-$(objpfx)tst-audit-tlsdesc.out: $(objpfx)tst-auditmod-tlsdesc.so +-tst-audit-tlsdesc-ENV = LD_AUDIT=$(objpfx)tst-auditmod-tlsdesc.so +-$(objpfx)tst-audit-tlsdesc-dlopen.out: $(objpfx)tst-auditmod-tlsdesc.so +-tst-audit-tlsdesc-dlopen-ENV = LD_AUDIT=$(objpfx)tst-auditmod-tlsdesc.so +-endif + ifeq (yes,$(have-protected-data)) + modules-names += tst-protected1moda tst-protected1modb + tests += tst-protected1a tst-protected1b +-- +2.19.1.6.gb485710b + diff --git a/0039-elf-Fix-hwcaps-string-size-overestimation.patch b/0039-elf-Fix-hwcaps-string-size-overestimation.patch new file mode 100644 index 0000000..11ba862 --- /dev/null +++ b/0039-elf-Fix-hwcaps-string-size-overestimation.patch @@ -0,0 +1,60 @@ +From 4b95b6e8bbb5a2b6856f707bf3bc3308ebef595a Mon Sep 17 00:00:00 2001 +From: Javier Pello +Date: Mon, 5 Sep 2022 20:09:01 +0200 +Subject: [PATCH 39/81] elf: Fix hwcaps string size overestimation + +Commit dad90d528259b669342757c37dedefa8577e2636 added glibc-hwcaps +support for LD_LIBRARY_PATH and, for this, it adjusted the total +string size required in _dl_important_hwcaps. However, in doing so +it inadvertently altered the calculation of the size required for +the power set strings, as the computation of the power set string +size depended on the first value assigned to the total variable, +which is later shifted, resulting in overallocation of string +space. Fix this now by using a different variable to hold the +string size required for glibc-hwcaps. + +Signed-off-by: Javier Pello +(cherry picked from commit a23820f6052a740246fdc7dcd9c43ce8eed0c45a) +--- + elf/dl-hwcaps.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/elf/dl-hwcaps.c b/elf/dl-hwcaps.c +index 6f161f6ad5..92eb53790e 100644 +--- a/elf/dl-hwcaps.c ++++ b/elf/dl-hwcaps.c +@@ -193,7 +193,7 @@ _dl_important_hwcaps (const char *glibc_hwcaps_prepend, + /* Each hwcaps subdirectory has a GLIBC_HWCAPS_PREFIX string prefix + and a "/" suffix once stored in the result. */ + hwcaps_counts.maximum_length += strlen (GLIBC_HWCAPS_PREFIX) + 1; +- size_t total = (hwcaps_counts.count * (strlen (GLIBC_HWCAPS_PREFIX) + 1) ++ size_t hwcaps_sz = (hwcaps_counts.count * (strlen (GLIBC_HWCAPS_PREFIX) + 1) + + hwcaps_counts.total_length); + + /* Count the number of bits set in the masked value. */ +@@ -229,11 +229,12 @@ _dl_important_hwcaps (const char *glibc_hwcaps_prepend, + assert (m == cnt); + + /* Determine the total size of all strings together. */ ++ size_t total; + if (cnt == 1) +- total += temp[0].len + 1; ++ total = temp[0].len + 1; + else + { +- total += temp[0].len + temp[cnt - 1].len + 2; ++ total = temp[0].len + temp[cnt - 1].len + 2; + if (cnt > 2) + { + total <<= 1; +@@ -255,6 +256,7 @@ _dl_important_hwcaps (const char *glibc_hwcaps_prepend, + /* This is the overall result, including both glibc-hwcaps + subdirectories and the legacy hwcaps subdirectories using the + power set construction. */ ++ total += hwcaps_sz; + struct r_strlenpair *overall_result + = malloc (*sz * sizeof (*result) + total); + if (overall_result == NULL) +-- +2.19.1.6.gb485710b + diff --git a/0040-scripts-dso-ordering-test.py-Generate-program-run-ti.patch b/0040-scripts-dso-ordering-test.py-Generate-program-run-ti.patch new file mode 100644 index 0000000..d6cd24e --- /dev/null +++ b/0040-scripts-dso-ordering-test.py-Generate-program-run-ti.patch @@ -0,0 +1,44 @@ +From 7a3f8c8a7aeb41d4bbfeec07d0be1e92c3019919 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 6 Sep 2022 07:38:10 +0200 +Subject: [PATCH 40/81] scripts/dso-ordering-test.py: Generate program run-time + dependencies + +The main program needs to depend on all shared objects, even objects +that have link-time dependencies among shared objects. Filtering +out shared objects that already have an link-time dependencies is not +necessary here; make will do this automatically. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 183d99737298bb3200f0610fdcd1c7549c8ed560) +--- + scripts/dso-ordering-test.py | 13 ++++++------- + 1 file changed, 6 insertions(+), 7 deletions(-) + +diff --git a/scripts/dso-ordering-test.py b/scripts/dso-ordering-test.py +index 2dd6bfda18..b87cf2f809 100644 +--- a/scripts/dso-ordering-test.py ++++ b/scripts/dso-ordering-test.py +@@ -707,13 +707,12 @@ def process_testcase(t): + "\t$(compile.c) $(OUTPUT_OPTION)\n") + makefile.write (rule) + +- not_depended_objs = find_objs_not_depended_on(test_descr) +- if not_depended_objs: +- depstr = "" +- for dep in not_depended_objs: +- depstr += (" $(objpfx)" + test_subdir + "/" +- + test_name + "-" + dep + ".so") +- makefile.write("$(objpfx)%s.out:%s\n" % (base_test_name, depstr)) ++ # Ensure that all shared objects are built before running the ++ # test, whether there link-time dependencies or not. ++ depobjs = ["$(objpfx){}/{}-{}.so".format(test_subdir, test_name, dep) ++ for dep in test_descr.objs] ++ makefile.write("$(objpfx){}.out: {}\n".format( ++ base_test_name, " ".join(depobjs))) + + # Add main executable to test-srcs + makefile.write("test-srcs += %s/%s\n" % (test_subdir, test_name)) +-- +2.19.1.6.gb485710b + diff --git a/0041-elf-Rename-_dl_sort_maps-parameter-from-skip-to-forc.patch b/0041-elf-Rename-_dl_sort_maps-parameter-from-skip-to-forc.patch new file mode 100644 index 0000000..ac98822 --- /dev/null +++ b/0041-elf-Rename-_dl_sort_maps-parameter-from-skip-to-forc.patch @@ -0,0 +1,87 @@ +From d1241cf00139733de069c84933cd576dc1a1f45e Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 6 Sep 2022 07:38:10 +0200 +Subject: [PATCH 41/81] elf: Rename _dl_sort_maps parameter from skip to + force_first + +The new implementation will not be able to skip an arbitrary number +of objects. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit dbb75513f5cf9285c77c9e55777c5c35b653f890) +--- + elf/dl-sort-maps.c | 14 +++++++------- + sysdeps/generic/ldsodefs.h | 6 ++++-- + 2 files changed, 11 insertions(+), 9 deletions(-) + +diff --git a/elf/dl-sort-maps.c b/elf/dl-sort-maps.c +index 96638d7ed1..5b550b1e94 100644 +--- a/elf/dl-sort-maps.c ++++ b/elf/dl-sort-maps.c +@@ -27,12 +27,12 @@ + If FOR_FINI is true, this is called for finishing an object. */ + static void + _dl_sort_maps_original (struct link_map **maps, unsigned int nmaps, +- unsigned int skip, bool for_fini) ++ bool force_first, bool for_fini) + { + /* Allows caller to do the common optimization of skipping the first map, + usually the main binary. */ +- maps += skip; +- nmaps -= skip; ++ maps += force_first; ++ nmaps -= force_first; + + /* A list of one element need not be sorted. */ + if (nmaps <= 1) +@@ -182,7 +182,7 @@ dfs_traversal (struct link_map ***rpo, struct link_map *map, + + static void + _dl_sort_maps_dfs (struct link_map **maps, unsigned int nmaps, +- unsigned int skip __attribute__ ((unused)), bool for_fini) ++ bool force_first __attribute__ ((unused)), bool for_fini) + { + for (int i = nmaps - 1; i >= 0; i--) + maps[i]->l_visited = 0; +@@ -286,7 +286,7 @@ _dl_sort_maps_init (void) + + void + _dl_sort_maps (struct link_map **maps, unsigned int nmaps, +- unsigned int skip, bool for_fini) ++ bool force_first, bool for_fini) + { + /* It can be tempting to use a static function pointer to store and call + the current selected sorting algorithm routine, but experimentation +@@ -296,9 +296,9 @@ _dl_sort_maps (struct link_map **maps, unsigned int nmaps, + input cases. A simple if-case with direct function calls appears to + be the fastest. */ + if (__glibc_likely (GLRO(dl_dso_sort_algo) == dso_sort_algorithm_original)) +- _dl_sort_maps_original (maps, nmaps, skip, for_fini); ++ _dl_sort_maps_original (maps, nmaps, force_first, for_fini); + else +- _dl_sort_maps_dfs (maps, nmaps, skip, for_fini); ++ _dl_sort_maps_dfs (maps, nmaps, force_first, for_fini); + } + + #endif /* HAVE_TUNABLES. */ +diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h +index 050a3032de..6b256b8388 100644 +--- a/sysdeps/generic/ldsodefs.h ++++ b/sysdeps/generic/ldsodefs.h +@@ -1048,9 +1048,11 @@ extern void _dl_init (struct link_map *main_map, int argc, char **argv, + initializer functions have completed. */ + extern void _dl_fini (void) attribute_hidden; + +-/* Sort array MAPS according to dependencies of the contained objects. */ ++/* Sort array MAPS according to dependencies of the contained objects. ++ If FORCE_FIRST, MAPS[0] keeps its place even if the dependencies ++ say otherwise. */ + extern void _dl_sort_maps (struct link_map **maps, unsigned int nmaps, +- unsigned int skip, bool for_fini) attribute_hidden; ++ bool force_first, bool for_fini) attribute_hidden; + + /* The dynamic linker calls this function before and having changing + any shared object mappings. The `r_state' member of `struct r_debug' +-- +2.19.1.6.gb485710b + diff --git a/0042-elf-Implement-force_first-handling-in-_dl_sort_maps_.patch b/0042-elf-Implement-force_first-handling-in-_dl_sort_maps_.patch new file mode 100644 index 0000000..fa38f61 --- /dev/null +++ b/0042-elf-Implement-force_first-handling-in-_dl_sort_maps_.patch @@ -0,0 +1,114 @@ +From da5f134f6d59701a3a6119309ae91c93c3fa5b51 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 20 Sep 2022 11:00:42 +0200 +Subject: [PATCH 42/81] elf: Implement force_first handling in + _dl_sort_maps_dfs (bug 28937) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The implementation in _dl_close_worker requires that the first +element of l_initfini is always this very map (“We are always the +zeroth entry, and since we don't include ourselves in the +dependency analysis start at 1.”). Rather than fixing that +assumption, this commit adds an implementation of the force_first +argument to the new dependency sorting algorithm. This also means +that the directly dlopen'ed shared object is always initialized last, +which is the least surprising behavior in the presence of cycles. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 1df71d32fe5f5905ffd5d100e5e9ca8ad6210891) +--- + NEWS | 1 + + elf/dl-sort-maps.c | 32 +++++++++++++++++++++++--------- + elf/dso-sort-tests-1.def | 7 +++++++ + 3 files changed, 31 insertions(+), 9 deletions(-) + +diff --git a/NEWS b/NEWS +index 03281e3ab4..5b4753416f 100644 +--- a/NEWS ++++ b/NEWS +@@ -20,6 +20,7 @@ The following bugs are resolved with this release: + [28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning + [29305] Conserve NSS buffer space during DNS packet parsing + [29415] nscd: Fix netlink cache invalidation if epoll is used ++ [28937] New DSO dependency sorter does not put new map first if in a cycle + [29446] _dlopen now ignores dl_caller argument in static mode + [29485] Linux: Terminate subprocess on late failure in tst-pidfd + [29490] alpha: New __brk_call implementation is broken +diff --git a/elf/dl-sort-maps.c b/elf/dl-sort-maps.c +index 5b550b1e94..3e2a6a584e 100644 +--- a/elf/dl-sort-maps.c ++++ b/elf/dl-sort-maps.c +@@ -182,8 +182,9 @@ dfs_traversal (struct link_map ***rpo, struct link_map *map, + + static void + _dl_sort_maps_dfs (struct link_map **maps, unsigned int nmaps, +- bool force_first __attribute__ ((unused)), bool for_fini) ++ bool force_first, bool for_fini) + { ++ struct link_map *first_map = maps[0]; + for (int i = nmaps - 1; i >= 0; i--) + maps[i]->l_visited = 0; + +@@ -208,14 +209,6 @@ _dl_sort_maps_dfs (struct link_map **maps, unsigned int nmaps, + Adjusting the order so that maps[0] is last traversed naturally avoids + this problem. + +- Further, the old "optimization" of skipping the main object at maps[0] +- from the call-site (i.e. _dl_sort_maps(maps+1,nmaps-1)) is in general +- no longer valid, since traversing along object dependency-links +- may "find" the main object even when it is not included in the initial +- order (e.g. a dlopen()'ed shared object can have circular dependencies +- linked back to itself). In such a case, traversing N-1 objects will +- create a N-object result, and raise problems. +- + To summarize, just passing in the full list, and iterating from back + to front makes things much more straightforward. */ + +@@ -274,6 +267,27 @@ _dl_sort_maps_dfs (struct link_map **maps, unsigned int nmaps, + } + + memcpy (maps, rpo, sizeof (struct link_map *) * nmaps); ++ ++ /* Skipping the first object at maps[0] is not valid in general, ++ since traversing along object dependency-links may "find" that ++ first object even when it is not included in the initial order ++ (e.g., a dlopen'ed shared object can have circular dependencies ++ linked back to itself). In such a case, traversing N-1 objects ++ will create a N-object result, and raise problems. Instead, ++ force the object back into first place after sorting. This naive ++ approach may introduce further dependency ordering violations ++ compared to rotating the cycle until the first map is again in ++ the first position, but as there is a cycle, at least one ++ violation is already present. */ ++ if (force_first && maps[0] != first_map) ++ { ++ int i; ++ for (i = 0; maps[i] != first_map; ++i) ++ ; ++ assert (i < nmaps); ++ memmove (&maps[1], maps, i * sizeof (maps[0])); ++ maps[0] = first_map; ++ } + } + + void +diff --git a/elf/dso-sort-tests-1.def b/elf/dso-sort-tests-1.def +index 5f7f18ef27..4bf9052db1 100644 +--- a/elf/dso-sort-tests-1.def ++++ b/elf/dso-sort-tests-1.def +@@ -64,3 +64,10 @@ output: b>a>{}b->c->d;d=>[ba];c=>a;b=>e=>a;c=>f=>b;d=>g=>c + output(glibc.rtld.dynamic_sort=1): {+a[d>c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[a1;a->a2;a2->a;b->b1;c->a1;c=>a1 ++output(glibc.rtld.dynamic_sort=1): {+a[a2>a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());} +Date: Tue, 20 Sep 2022 12:12:43 +0200 +Subject: [PATCH 43/81] gconv: Use 64-bit interfaces in gconv_parseconfdir (bug + 29583) + +It's possible that inode numbers are outside the 32-bit range. +The existing code only handles the in-libc case correctly, and +still uses the legacy interfaces when building iconv. + +Suggested-by: Helge Deller +(cherry picked from commit f97905f24631097af325d6a231093071c3077a5f) +--- + NEWS | 1 + + iconv/gconv_parseconfdir.h | 16 ++++++++-------- + 2 files changed, 9 insertions(+), 8 deletions(-) + +diff --git a/NEWS b/NEWS +index 5b4753416f..eab882987b 100644 +--- a/NEWS ++++ b/NEWS +@@ -26,6 +26,7 @@ The following bugs are resolved with this release: + [29490] alpha: New __brk_call implementation is broken + [29528] elf: Call __libc_early_init for reused namespaces + [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are ++ [29583] Use 64-bit interfaces in gconv_parseconfdir + + Version 2.36 + +diff --git a/iconv/gconv_parseconfdir.h b/iconv/gconv_parseconfdir.h +index debb96b322..b72933b526 100644 +--- a/iconv/gconv_parseconfdir.h ++++ b/iconv/gconv_parseconfdir.h +@@ -29,14 +29,14 @@ + # define isspace(__c) __isspace_l ((__c), _nl_C_locobj_ptr) + # define asprintf __asprintf + # define opendir __opendir +-# define readdir __readdir ++# define readdir64 __readdir64 + # define closedir __closedir + # define mempcpy __mempcpy +-# define struct_stat struct __stat64_t64 +-# define lstat __lstat64_time64 ++# define struct_stat64 struct __stat64_t64 ++# define lstat64 __lstat64_time64 + # define feof_unlocked __feof_unlocked + #else +-# define struct_stat struct stat ++# define struct_stat64 struct stat64 + #endif + + /* Name of the file containing the module information in the directories +@@ -148,8 +148,8 @@ gconv_parseconfdir (const char *prefix, const char *dir, size_t dir_len) + DIR *confdir = opendir (buf); + if (confdir != NULL) + { +- struct dirent *ent; +- while ((ent = readdir (confdir)) != NULL) ++ struct dirent64 *ent; ++ while ((ent = readdir64 (confdir)) != NULL) + { + if (ent->d_type != DT_REG && ent->d_type != DT_UNKNOWN) + continue; +@@ -161,12 +161,12 @@ gconv_parseconfdir (const char *prefix, const char *dir, size_t dir_len) + && strcmp (ent->d_name + len - strlen (suffix), suffix) == 0) + { + char *conf; +- struct_stat st; ++ struct_stat64 st; + if (asprintf (&conf, "%s/%s", buf, ent->d_name) < 0) + continue; + + if (ent->d_type != DT_UNKNOWN +- || (lstat (conf, &st) != -1 && S_ISREG (st.st_mode))) ++ || (lstat64 (conf, &st) != -1 && S_ISREG (st.st_mode))) + found |= read_conf_file (conf, dir, dir_len); + + free (conf); +-- +2.19.1.6.gb485710b + diff --git a/0044-m68k-Enforce-4-byte-alignment-on-internal-locks-BZ-2.patch b/0044-m68k-Enforce-4-byte-alignment-on-internal-locks-BZ-2.patch new file mode 100644 index 0000000..4a84f0a --- /dev/null +++ b/0044-m68k-Enforce-4-byte-alignment-on-internal-locks-BZ-2.patch @@ -0,0 +1,142 @@ +From 2628500f5dff1dd99c49a09b418b3b1ea3a6b5d3 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Tue, 30 Aug 2022 10:33:15 -0300 +Subject: [PATCH 44/81] m68k: Enforce 4-byte alignment on internal locks (BZ + #29537) + +A new internal definition, __LIBC_LOCK_ALIGNMENT, is used to force +the 4-byte alignment only for m68k, other architecture keep the +natural alignment of the type used internally (and hppa does not +require 16-byte alignment for kernel-assisted CAS). + +Reviewed-by: Florian Weimer +(cherry picked from commit aeb4d2e9815d459e2640a31f5abb8ef803830107) +--- + NEWS | 1 + + sysdeps/generic/libc-lock-arch.h | 25 +++++++++++++++++++ + sysdeps/nptl/libc-lock.h | 8 +++++- + sysdeps/nptl/libc-lockP.h | 3 ++- + sysdeps/unix/sysv/linux/m68k/libc-lock-arch.h | 25 +++++++++++++++++++ + 5 files changed, 60 insertions(+), 2 deletions(-) + create mode 100644 sysdeps/generic/libc-lock-arch.h + create mode 100644 sysdeps/unix/sysv/linux/m68k/libc-lock-arch.h + +diff --git a/NEWS b/NEWS +index eab882987b..1cc9a16bbf 100644 +--- a/NEWS ++++ b/NEWS +@@ -25,6 +25,7 @@ The following bugs are resolved with this release: + [29485] Linux: Terminate subprocess on late failure in tst-pidfd + [29490] alpha: New __brk_call implementation is broken + [29528] elf: Call __libc_early_init for reused namespaces ++ [29537] libc: [2.34 regression]: Alignment issue on m68k when using + [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are + [29583] Use 64-bit interfaces in gconv_parseconfdir + +diff --git a/sysdeps/generic/libc-lock-arch.h b/sysdeps/generic/libc-lock-arch.h +new file mode 100644 +index 0000000000..4713b30a8a +--- /dev/null ++++ b/sysdeps/generic/libc-lock-arch.h +@@ -0,0 +1,25 @@ ++/* Private libc-internal arch-specific definitions. Generic version. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public License as ++ published by the Free Software Foundation; either version 2.1 of the ++ License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; see the file COPYING.LIB. If ++ not, see . */ ++ ++#ifndef _LIBC_LOCK_ARCH_H ++#define _LIBC_LOCK_ARCH_H ++ ++/* The default definition uses the natural alignment from the lock type. */ ++#define __LIBC_LOCK_ALIGNMENT ++ ++#endif +diff --git a/sysdeps/nptl/libc-lock.h b/sysdeps/nptl/libc-lock.h +index 5af476c48b..63b3f3d75c 100644 +--- a/sysdeps/nptl/libc-lock.h ++++ b/sysdeps/nptl/libc-lock.h +@@ -22,6 +22,7 @@ + #include + #define __need_NULL + #include ++#include + + + /* Mutex type. */ +@@ -29,7 +30,12 @@ + # if (!IS_IN (libc) && !IS_IN (libpthread)) || !defined _LIBC + typedef struct { pthread_mutex_t mutex; } __libc_lock_recursive_t; + # else +-typedef struct { int lock; int cnt; void *owner; } __libc_lock_recursive_t; ++typedef struct ++{ ++ int lock __LIBC_LOCK_ALIGNMENT; ++ int cnt; ++ void *owner; ++} __libc_lock_recursive_t; + # endif + #else + typedef struct __libc_lock_recursive_opaque__ __libc_lock_recursive_t; +diff --git a/sysdeps/nptl/libc-lockP.h b/sysdeps/nptl/libc-lockP.h +index d3a6837fd2..425f514c5c 100644 +--- a/sysdeps/nptl/libc-lockP.h ++++ b/sysdeps/nptl/libc-lockP.h +@@ -32,9 +32,10 @@ + ld.so might be used on old kernels with a different libc.so. */ + #include + #include ++#include + + /* Mutex type. */ +-typedef int __libc_lock_t; ++typedef int __libc_lock_t __LIBC_LOCK_ALIGNMENT; + typedef struct { pthread_mutex_t mutex; } __rtld_lock_recursive_t; + typedef pthread_rwlock_t __libc_rwlock_t; + +diff --git a/sysdeps/unix/sysv/linux/m68k/libc-lock-arch.h b/sysdeps/unix/sysv/linux/m68k/libc-lock-arch.h +new file mode 100644 +index 0000000000..1844bbaf6f +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/m68k/libc-lock-arch.h +@@ -0,0 +1,25 @@ ++/* Private libc-internal arch-specific definitions. m68k version. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public License as ++ published by the Free Software Foundation; either version 2.1 of the ++ License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; see the file COPYING.LIB. If ++ not, see . */ ++ ++#ifndef _LIBC_LOCK_ARCH_H ++#define _LIBC_LOCK_ARCH_H ++ ++/* Linux enforces 4-bytes alignment on futex inputs. */ ++#define __LIBC_LOCK_ALIGNMENT __attribute__ ((__aligned__ (4))) ++ ++#endif +-- +2.19.1.6.gb485710b + diff --git a/0045-get_nscd_addresses-Fix-subscript-typos-BZ-29605.patch b/0045-get_nscd_addresses-Fix-subscript-typos-BZ-29605.patch new file mode 100644 index 0000000..aa06d3b --- /dev/null +++ b/0045-get_nscd_addresses-Fix-subscript-typos-BZ-29605.patch @@ -0,0 +1,38 @@ +From 227c9035872fc9e9e2cf56ec8f89219747ee19bc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Sonnenberger?= +Date: Mon, 26 Sep 2022 13:59:16 -0400 +Subject: [PATCH 45/81] get_nscd_addresses: Fix subscript typos [BZ #29605] + +Fix the subscript on air->family, which was accidentally set to COUNT +when it should have remained as I. + +Resolves: BZ #29605 + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit c9226c03da0276593a0918eaa9a14835183343e8) +--- + sysdeps/posix/getaddrinfo.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c +index bcff909b2f..5cda9bb072 100644 +--- a/sysdeps/posix/getaddrinfo.c ++++ b/sysdeps/posix/getaddrinfo.c +@@ -540,11 +540,11 @@ get_nscd_addresses (const char *name, const struct addrinfo *req, + at[count].addr[2] = htonl (0xffff); + } + else if (req->ai_family == AF_UNSPEC +- || air->family[count] == req->ai_family) ++ || air->family[i] == req->ai_family) + { +- at[count].family = air->family[count]; ++ at[count].family = air->family[i]; + memcpy (at[count].addr, addrs, size); +- if (air->family[count] == AF_INET6) ++ if (air->family[i] == AF_INET6) + res->got_ipv6 = true; + } + at[count].next = at + count + 1; +-- +2.19.1.6.gb485710b + diff --git a/0046-stdlib-Fix-__getrandom_nocancel-type-and-arc4random-.patch b/0046-stdlib-Fix-__getrandom_nocancel-type-and-arc4random-.patch new file mode 100644 index 0000000..8734831 --- /dev/null +++ b/0046-stdlib-Fix-__getrandom_nocancel-type-and-arc4random-.patch @@ -0,0 +1,60 @@ +From 76e05613ee28f4ac4a0ab97effc32e0e78e37a56 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Thu, 29 Sep 2022 16:15:20 -0300 +Subject: [PATCH 46/81] stdlib: Fix __getrandom_nocancel type and arc4random + usage (BZ #29638) + +Using an unsigned type prevents the fallback to be used if kernel +does not support getrandom syscall. + +Checked on x86_64-linux-gnu. + +Reviewed-by: Wilco Dijkstra +(cherry picked from commit 13db9ee2cb3b77e25f852be7d6952882e1be6f00) +--- + NEWS | 1 + + stdlib/arc4random.c | 2 +- + sysdeps/unix/sysv/linux/not-cancel.h | 2 +- + 3 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/NEWS b/NEWS +index 1cc9a16bbf..91bcfeb7a6 100644 +--- a/NEWS ++++ b/NEWS +@@ -28,6 +28,7 @@ The following bugs are resolved with this release: + [29537] libc: [2.34 regression]: Alignment issue on m68k when using + [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are + [29583] Use 64-bit interfaces in gconv_parseconfdir ++ [29638] libc: stdlib: arc4random fallback is never used + + Version 2.36 + +diff --git a/stdlib/arc4random.c b/stdlib/arc4random.c +index e417ef624d..960a38f295 100644 +--- a/stdlib/arc4random.c ++++ b/stdlib/arc4random.c +@@ -34,7 +34,7 @@ void + __arc4random_buf (void *p, size_t n) + { + static int seen_initialized; +- size_t l; ++ ssize_t l; + int fd; + + if (n == 0) +diff --git a/sysdeps/unix/sysv/linux/not-cancel.h b/sysdeps/unix/sysv/linux/not-cancel.h +index a263d294b1..cf35c8bfc9 100644 +--- a/sysdeps/unix/sysv/linux/not-cancel.h ++++ b/sysdeps/unix/sysv/linux/not-cancel.h +@@ -68,7 +68,7 @@ __writev_nocancel_nostatus (int fd, const struct iovec *iov, int iovcnt) + INTERNAL_SYSCALL_CALL (writev, fd, iov, iovcnt); + } + +-static inline int ++static inline ssize_t + __getrandom_nocancel (void *buf, size_t buflen, unsigned int flags) + { + return INLINE_SYSCALL_CALL (getrandom, buf, buflen, flags); +-- +2.19.1.6.gb485710b + diff --git a/0047-hppa-Fix-initialization-of-dp-register-BZ-29635.patch b/0047-hppa-Fix-initialization-of-dp-register-BZ-29635.patch new file mode 100644 index 0000000..a1d1aea --- /dev/null +++ b/0047-hppa-Fix-initialization-of-dp-register-BZ-29635.patch @@ -0,0 +1,73 @@ +From d1d8379bff34f02f86f82db2cef5bf66746d3560 Mon Sep 17 00:00:00 2001 +From: John David Anglin +Date: Sat, 1 Oct 2022 19:49:25 +0000 +Subject: [PATCH 47/81] hppa: Fix initialization of dp register [BZ 29635] + +After upgrading glibc to Debian 2.35-1, gdb faulted on +startup and dropped core in a function call in the main +application. This was caused by not initializing the +global dp register for the main application early enough. + +Restore the code to initialize dp in _dl_start_user. +It was removed when code was added to initialize dp in +elf_machine_runtime_setup. + +Signed-off-by: John David Anglin +--- + sysdeps/hppa/dl-machine.h | 24 +++++++++++++++++++----- + 1 file changed, 19 insertions(+), 5 deletions(-) + +diff --git a/sysdeps/hppa/dl-machine.h b/sysdeps/hppa/dl-machine.h +index c865713be1..1d51948566 100644 +--- a/sysdeps/hppa/dl-machine.h ++++ b/sysdeps/hppa/dl-machine.h +@@ -347,6 +347,16 @@ elf_machine_runtime_setup (struct link_map *l, struct r_scope_elem *scope[], + its return value is the user program's entry point. */ + + #define RTLD_START \ ++/* Set up dp for any non-PIC lib constructors that may be called. */ \ ++static struct link_map * __attribute__((used)) \ ++set_dp (struct link_map *map) \ ++{ \ ++ register Elf32_Addr dp asm ("%r27"); \ ++ dp = D_PTR (map, l_info[DT_PLTGOT]); \ ++ asm volatile ("" : : "r" (dp)); \ ++ return map; \ ++} \ ++ \ + asm ( \ + " .text\n" \ + " .globl _start\n" \ +@@ -426,6 +436,13 @@ asm ( \ + direct loader invocation. Thus, argc and argv must be \ + reloaded from from _dl_argc and _dl_argv. */ \ + \ ++ /* Load main_map from _rtld_local and setup dp. */ \ ++" addil LT'_rtld_local,%r19\n" \ ++" ldw RT'_rtld_local(%r1),%r26\n" \ ++" bl set_dp, %r2\n" \ ++" ldw 0(%r26),%r26\n" \ ++" copy %ret0,%r26\n" \ ++ \ + /* Load argc from _dl_argc. */ \ + " addil LT'_dl_argc,%r19\n" \ + " ldw RT'_dl_argc(%r1),%r20\n" \ +@@ -438,13 +455,10 @@ asm ( \ + " ldw 0(%r20),%r24\n" \ + " stw %r24,-44(%sp)\n" \ + \ +- /* Call _dl_init(main_map, argc, argv, envp). */ \ +-" addil LT'_rtld_local,%r19\n" \ +-" ldw RT'_rtld_local(%r1),%r26\n" \ +-" ldw 0(%r26),%r26\n" \ +- \ + /* envp = argv + argc + 1 */ \ + " sh2add %r25,%r24,%r23\n" \ ++ \ ++ /* Call _dl_init(main_map, argc, argv, envp). */ \ + " bl _dl_init,%r2\n" \ + " ldo 4(%r23),%r23\n" /* delay slot */ \ + \ +-- +2.19.1.6.gb485710b + diff --git a/0048-hppa-undef-__ASSUME_SET_ROBUST_LIST.patch b/0048-hppa-undef-__ASSUME_SET_ROBUST_LIST.patch new file mode 100644 index 0000000..f579b52 --- /dev/null +++ b/0048-hppa-undef-__ASSUME_SET_ROBUST_LIST.patch @@ -0,0 +1,27 @@ +From cdc496eb55e30f8f2461bedb0a7381c0a7a3d3ae Mon Sep 17 00:00:00 2001 +From: John David Anglin +Date: Tue, 20 Sep 2022 20:14:14 +0000 +Subject: [PATCH 48/81] hppa: undef __ASSUME_SET_ROBUST_LIST + +QEMU does not support support set_robust_list. Thus, we need +to enable detection of set_robust_list system call. + +Signed-off-by: John David Anglin +--- + sysdeps/unix/sysv/linux/hppa/kernel-features.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/sysdeps/unix/sysv/linux/hppa/kernel-features.h b/sysdeps/unix/sysv/linux/hppa/kernel-features.h +index 0cd21ef0fa..079612e4aa 100644 +--- a/sysdeps/unix/sysv/linux/hppa/kernel-features.h ++++ b/sysdeps/unix/sysv/linux/hppa/kernel-features.h +@@ -30,3 +30,6 @@ + + #undef __ASSUME_CLONE_DEFAULT + #define __ASSUME_CLONE_BACKWARDS 1 ++ ++/* QEMU does not support set_robust_list. */ ++#undef __ASSUME_SET_ROBUST_LIST +-- +2.19.1.6.gb485710b + diff --git a/0049-x86-include-BMI1-and-BMI2-in-x86-64-v3-level.patch b/0049-x86-include-BMI1-and-BMI2-in-x86-64-v3-level.patch new file mode 100644 index 0000000..e6001d1 --- /dev/null +++ b/0049-x86-include-BMI1-and-BMI2-in-x86-64-v3-level.patch @@ -0,0 +1,31 @@ +From 18bec23cbb4d530a2a8ce95353770661fabcd55f Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 3 Oct 2022 23:46:11 +0200 +Subject: [PATCH 49/81] x86: include BMI1 and BMI2 in x86-64-v3 level + +The "System V Application Binary Interface AMD64 Architecture Processor +Supplement" mandates the BMI1 and BMI2 CPU features for the x86-64-v3 +level. + +Reviewed-by: Noah Goldstein +(cherry picked from commit b80f16adbd979831bf25ea491e1261e81885c2b6) +--- + sysdeps/x86/get-isa-level.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/sysdeps/x86/get-isa-level.h b/sysdeps/x86/get-isa-level.h +index 1ade78ab73..5b4dd5f062 100644 +--- a/sysdeps/x86/get-isa-level.h ++++ b/sysdeps/x86/get-isa-level.h +@@ -47,6 +47,8 @@ get_isa_level (const struct cpu_features *cpu_features) + isa_level |= GNU_PROPERTY_X86_ISA_1_V2; + if (CPU_FEATURE_USABLE_P (cpu_features, AVX) + && CPU_FEATURE_USABLE_P (cpu_features, AVX2) ++ && CPU_FEATURE_USABLE_P (cpu_features, BMI1) ++ && CPU_FEATURE_USABLE_P (cpu_features, BMI2) + && CPU_FEATURE_USABLE_P (cpu_features, F16C) + && CPU_FEATURE_USABLE_P (cpu_features, FMA) + && CPU_FEATURE_USABLE_P (cpu_features, LZCNT) +-- +2.19.1.6.gb485710b + diff --git a/0050-x86-64-Require-BMI2-for-AVX2-str-n-casecmp-implement.patch b/0050-x86-64-Require-BMI2-for-AVX2-str-n-casecmp-implement.patch new file mode 100644 index 0000000..f5ffd54 --- /dev/null +++ b/0050-x86-64-Require-BMI2-for-AVX2-str-n-casecmp-implement.patch @@ -0,0 +1,118 @@ +From 46479e5d10ed87825aa277da158d6a687974518b Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 3 Oct 2022 23:46:11 +0200 +Subject: [PATCH 50/81] x86-64: Require BMI2 for AVX2 str(n)casecmp + implementations + +The AVX2 str(n)casecmp implementations use the 'bzhi' instruction, which +belongs to the BMI2 CPU feature. + +NB: It also uses the 'tzcnt' BMI1 instruction, but it is executed as BSF +as BSF if the CPU doesn't support TZCNT, and produces the same result +for non-zero input. + +Partially fixes: b77b06e0e296 ("x86: Optimize strcmp-avx2.S") +Partially resolves: BZ #29611 + +Reviewed-by: Noah Goldstein +(cherry picked from commit 10f79d3670b036925da63dc532b122d27ce65ff8) +--- + sysdeps/x86_64/multiarch/ifunc-impl-list.c | 28 +++++++++++++++------ + sysdeps/x86_64/multiarch/ifunc-strcasecmp.h | 1 + + 2 files changed, 21 insertions(+), 8 deletions(-) + +diff --git a/sysdeps/x86_64/multiarch/ifunc-impl-list.c b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +index a71444eccb..d208fae4bf 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +@@ -448,13 +448,16 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, strcasecmp, + X86_IFUNC_IMPL_ADD_V4 (array, i, strcasecmp, + (CPU_FEATURE_USABLE (AVX512VL) +- && CPU_FEATURE_USABLE (AVX512BW)), ++ && CPU_FEATURE_USABLE (AVX512BW) ++ && CPU_FEATURE_USABLE (BMI2)), + __strcasecmp_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, strcasecmp, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __strcasecmp_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, strcasecmp, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __strcasecmp_avx2_rtm) + X86_IFUNC_IMPL_ADD_V2 (array, i, strcasecmp, +@@ -470,13 +473,16 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, strcasecmp_l, + X86_IFUNC_IMPL_ADD_V4 (array, i, strcasecmp, + (CPU_FEATURE_USABLE (AVX512VL) +- && CPU_FEATURE_USABLE (AVX512BW)), ++ && CPU_FEATURE_USABLE (AVX512BW) ++ && CPU_FEATURE_USABLE (BMI2)), + __strcasecmp_l_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, strcasecmp, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __strcasecmp_l_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, strcasecmp, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __strcasecmp_l_avx2_rtm) + X86_IFUNC_IMPL_ADD_V2 (array, i, strcasecmp_l, +@@ -638,13 +644,16 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, strncasecmp, + X86_IFUNC_IMPL_ADD_V4 (array, i, strncasecmp, + (CPU_FEATURE_USABLE (AVX512VL) +- && CPU_FEATURE_USABLE (AVX512BW)), ++ && CPU_FEATURE_USABLE (AVX512BW) ++ && CPU_FEATURE_USABLE (BMI2)), + __strncasecmp_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, strncasecmp, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __strncasecmp_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, strncasecmp, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __strncasecmp_avx2_rtm) + X86_IFUNC_IMPL_ADD_V2 (array, i, strncasecmp, +@@ -660,13 +669,16 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, strncasecmp_l, + X86_IFUNC_IMPL_ADD_V4 (array, i, strncasecmp, + (CPU_FEATURE_USABLE (AVX512VL) +- && CPU_FEATURE_USABLE (AVX512BW)), ++ & CPU_FEATURE_USABLE (AVX512BW) ++ && CPU_FEATURE_USABLE (BMI2)), + __strncasecmp_l_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, strncasecmp, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __strncasecmp_l_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, strncasecmp, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __strncasecmp_l_avx2_rtm) + X86_IFUNC_IMPL_ADD_V2 (array, i, strncasecmp_l, +diff --git a/sysdeps/x86_64/multiarch/ifunc-strcasecmp.h b/sysdeps/x86_64/multiarch/ifunc-strcasecmp.h +index 68646ef199..7622af259c 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-strcasecmp.h ++++ b/sysdeps/x86_64/multiarch/ifunc-strcasecmp.h +@@ -34,6 +34,7 @@ IFUNC_SELECTOR (void) + const struct cpu_features *cpu_features = __get_cpu_features (); + + if (X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX2) ++ && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, BMI2) + && X86_ISA_CPU_FEATURES_ARCH_P (cpu_features, + AVX_Fast_Unaligned_Load, )) + { +-- +2.19.1.6.gb485710b + diff --git a/0051-x86-64-Require-BMI2-for-AVX2-strcmp-implementation.patch b/0051-x86-64-Require-BMI2-for-AVX2-strcmp-implementation.patch new file mode 100644 index 0000000..c76529c --- /dev/null +++ b/0051-x86-64-Require-BMI2-for-AVX2-strcmp-implementation.patch @@ -0,0 +1,62 @@ +From 7afbd1e56acb721031bffd876f275dcb1af7e530 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 3 Oct 2022 23:46:11 +0200 +Subject: [PATCH 51/81] x86-64: Require BMI2 for AVX2 strcmp implementation + +The AVX2 strcmp implementation uses the 'bzhi' instruction, which +belongs to the BMI2 CPU feature. + +NB: It also uses the 'tzcnt' BMI1 instruction, but it is executed as BSF +as BSF if the CPU doesn't support TZCNT, and produces the same result +for non-zero input. + +Partially fixes: b77b06e0e296 ("x86: Optimize strcmp-avx2.S") +Partially resolves: BZ #29611 + +Reviewed-by: Noah Goldstein +(cherry picked from commit 4d64c6445735e9b34e2ac8e369312cbfc2f88e17) +--- + sysdeps/x86_64/multiarch/ifunc-impl-list.c | 4 +++- + sysdeps/x86_64/multiarch/strcmp.c | 4 ++-- + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/sysdeps/x86_64/multiarch/ifunc-impl-list.c b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +index d208fae4bf..a42b0a4620 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +@@ -591,10 +591,12 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + && CPU_FEATURE_USABLE (BMI2)), + __strcmp_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, strcmp, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __strcmp_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, strcmp, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __strcmp_avx2_rtm) + X86_IFUNC_IMPL_ADD_V2 (array, i, strcmp, +diff --git a/sysdeps/x86_64/multiarch/strcmp.c b/sysdeps/x86_64/multiarch/strcmp.c +index fdd5afe3af..9d6c9f66ba 100644 +--- a/sysdeps/x86_64/multiarch/strcmp.c ++++ b/sysdeps/x86_64/multiarch/strcmp.c +@@ -45,12 +45,12 @@ IFUNC_SELECTOR (void) + const struct cpu_features *cpu_features = __get_cpu_features (); + + if (X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX2) ++ && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, BMI2) + && X86_ISA_CPU_FEATURES_ARCH_P (cpu_features, + AVX_Fast_Unaligned_Load, )) + { + if (X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX512VL) +- && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX512BW) +- && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, BMI2)) ++ && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX512BW)) + return OPTIMIZE (evex); + + if (CPU_FEATURE_USABLE_P (cpu_features, RTM)) +-- +2.19.1.6.gb485710b + diff --git a/0052-x86-64-Require-BMI2-for-AVX2-strncmp-implementation.patch b/0052-x86-64-Require-BMI2-for-AVX2-strncmp-implementation.patch new file mode 100644 index 0000000..a8b431c --- /dev/null +++ b/0052-x86-64-Require-BMI2-for-AVX2-strncmp-implementation.patch @@ -0,0 +1,67 @@ +From 29c577e0f54fe6e70ceacb3659179781c5569903 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 3 Oct 2022 23:46:11 +0200 +Subject: [PATCH 52/81] x86-64: Require BMI2 for AVX2 strncmp implementation + +The AVX2 strncmp implementations uses the 'bzhi' instruction, which +belongs to the BMI2 CPU feature. + +NB: It also uses the 'tzcnt' BMI1 instruction, but it is executed as BSF +as BSF if the CPU doesn't support TZCNT, and produces the same result +for non-zero input. + +Partially fixes: b77b06e0e296 ("x86: Optimize strcmp-avx2.S") +Partially resolves: BZ #29611 + +Reviewed-by: Noah Goldstein +(cherry picked from commit fc7de1d9b99ae1676bc626ddca422d7abee0eb48) +--- + sysdeps/x86_64/multiarch/ifunc-impl-list.c | 7 +++++-- + sysdeps/x86_64/multiarch/strncmp.c | 4 ++-- + 2 files changed, 7 insertions(+), 4 deletions(-) + +diff --git a/sysdeps/x86_64/multiarch/ifunc-impl-list.c b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +index a42b0a4620..aebef3daaf 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +@@ -1176,13 +1176,16 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, strncmp, + X86_IFUNC_IMPL_ADD_V4 (array, i, strncmp, + (CPU_FEATURE_USABLE (AVX512VL) +- && CPU_FEATURE_USABLE (AVX512BW)), ++ && CPU_FEATURE_USABLE (AVX512BW) ++ && CPU_FEATURE_USABLE (BMI2)), + __strncmp_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, strncmp, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __strncmp_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, strncmp, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __strncmp_avx2_rtm) + X86_IFUNC_IMPL_ADD_V2 (array, i, strncmp, +diff --git a/sysdeps/x86_64/multiarch/strncmp.c b/sysdeps/x86_64/multiarch/strncmp.c +index 4ebe4bde30..c4f8b6bbb5 100644 +--- a/sysdeps/x86_64/multiarch/strncmp.c ++++ b/sysdeps/x86_64/multiarch/strncmp.c +@@ -41,12 +41,12 @@ IFUNC_SELECTOR (void) + const struct cpu_features *cpu_features = __get_cpu_features (); + + if (X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX2) ++ && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, BMI2) + && X86_ISA_CPU_FEATURES_ARCH_P (cpu_features, + AVX_Fast_Unaligned_Load, )) + { + if (X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX512VL) +- && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX512BW) +- && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, BMI2)) ++ && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX512BW)) + return OPTIMIZE (evex); + + if (CPU_FEATURE_USABLE_P (cpu_features, RTM)) +-- +2.19.1.6.gb485710b + diff --git a/0053-x86-64-Require-BMI2-for-AVX2-wcs-n-cmp-implementatio.patch b/0053-x86-64-Require-BMI2-for-AVX2-wcs-n-cmp-implementatio.patch new file mode 100644 index 0000000..9250178 --- /dev/null +++ b/0053-x86-64-Require-BMI2-for-AVX2-wcs-n-cmp-implementatio.patch @@ -0,0 +1,56 @@ +From d8bf4388df679fa5a3ae7889a649e573e3124530 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 3 Oct 2022 23:46:11 +0200 +Subject: [PATCH 53/81] x86-64: Require BMI2 for AVX2 wcs(n)cmp implementations + +The AVX2 wcs(n)cmp implementations use the 'bzhi' instruction, which +belongs to the BMI2 CPU feature. + +NB: It also uses the 'tzcnt' BMI1 instruction, but it is executed as BSF +as BSF if the CPU doesn't support TZCNT, and produces the same result +for non-zero input. + +Partially fixes: b77b06e0e296 ("x86: Optimize strcmp-avx2.S") +Partially resolves: BZ #29611 + +Reviewed-by: Noah Goldstein +(cherry picked from commit f31a5a884ed84bd37032729d4d1eb9d06c9f3c29) +--- + sysdeps/x86_64/multiarch/ifunc-impl-list.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/x86_64/multiarch/ifunc-impl-list.c b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +index aebef3daaf..fec8790c11 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +@@ -810,10 +810,12 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + && CPU_FEATURE_USABLE (BMI2)), + __wcscmp_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, wcscmp, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __wcscmp_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, wcscmp, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __wcscmp_avx2_rtm) + /* ISA V2 wrapper for SSE2 implementation because the SSE2 +@@ -830,10 +832,12 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + && CPU_FEATURE_USABLE (BMI2)), + __wcsncmp_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, wcsncmp, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __wcsncmp_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, wcsncmp, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __wcsncmp_avx2_rtm) + /* ISA V2 wrapper for GENERIC implementation because the +-- +2.19.1.6.gb485710b + diff --git a/0054-x86-64-Require-BMI2-for-AVX2-raw-w-memchr-implementa.patch b/0054-x86-64-Require-BMI2-for-AVX2-raw-w-memchr-implementa.patch new file mode 100644 index 0000000..32f56af --- /dev/null +++ b/0054-x86-64-Require-BMI2-for-AVX2-raw-w-memchr-implementa.patch @@ -0,0 +1,67 @@ +From d9196d4f3fa9997388655813ddd236426a16dd92 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 3 Oct 2022 23:46:11 +0200 +Subject: [PATCH 54/81] x86-64: Require BMI2 for AVX2 (raw|w)memchr + implementations + +The AVX2 memchr, rawmemchr and wmemchr implementations use the 'bzhi' +and 'sarx' instructions, which belongs to the BMI2 CPU feature. + +Fixes: acfd088a1963 ("x86: Optimize memchr-avx2.S") +Partially resolves: BZ #29611 + +Reviewed-by: Noah Goldstein +(cherry picked from commit e3e7fab7fe5186d18ca2046d99ba321c27db30ad) +--- + sysdeps/x86_64/multiarch/ifunc-impl-list.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/sysdeps/x86_64/multiarch/ifunc-impl-list.c b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +index fec8790c11..7c84963d92 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +@@ -69,10 +69,12 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + && CPU_FEATURE_USABLE (BMI2)), + __memchr_evex_rtm) + X86_IFUNC_IMPL_ADD_V3 (array, i, memchr, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __memchr_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, memchr, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __memchr_avx2_rtm) + /* ISA V2 wrapper for SSE2 implementation because the SSE2 +@@ -335,10 +337,12 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + && CPU_FEATURE_USABLE (BMI2)), + __rawmemchr_evex_rtm) + X86_IFUNC_IMPL_ADD_V3 (array, i, rawmemchr, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __rawmemchr_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, rawmemchr, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __rawmemchr_avx2_rtm) + /* ISA V2 wrapper for SSE2 implementation because the SSE2 +@@ -927,10 +931,12 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + && CPU_FEATURE_USABLE (BMI2)), + __wmemchr_evex_rtm) + X86_IFUNC_IMPL_ADD_V3 (array, i, wmemchr, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2)), + __wmemchr_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, wmemchr, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __wmemchr_avx2_rtm) + /* ISA V2 wrapper for SSE2 implementation because the SSE2 +-- +2.19.1.6.gb485710b + diff --git a/0055-x86-64-Require-BMI2-and-LZCNT-for-AVX2-memrchr-imple.patch b/0055-x86-64-Require-BMI2-and-LZCNT-for-AVX2-memrchr-imple.patch new file mode 100644 index 0000000..541029e --- /dev/null +++ b/0055-x86-64-Require-BMI2-and-LZCNT-for-AVX2-memrchr-imple.patch @@ -0,0 +1,74 @@ +From 923c3f3c373f499e62160e00831dda576443317b Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 3 Oct 2022 23:46:11 +0200 +Subject: [PATCH 55/81] x86-64: Require BMI2 and LZCNT for AVX2 memrchr + implementation + +The AVX2 memrchr implementation uses the 'shlxl' instruction, which +belongs to the BMI2 CPU feature and uses the 'lzcnt' instruction, which +belongs to the LZCNT CPU feature. + +Fixes: af5306a735eb ("x86: Optimize memrchr-avx2.S") +Partially resolves: BZ #29611 + +Reviewed-by: Noah Goldstein +(cherry picked from commit 3c0c78afabfed4b6fc161c159e628fbf14ff370b) +--- + sysdeps/x86/isa-level.h | 1 + + sysdeps/x86_64/multiarch/ifunc-avx2.h | 1 + + sysdeps/x86_64/multiarch/ifunc-impl-list.c | 10 ++++++++-- + 3 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/x86/isa-level.h b/sysdeps/x86/isa-level.h +index 3c4480aba7..bbb90f5c5e 100644 +--- a/sysdeps/x86/isa-level.h ++++ b/sysdeps/x86/isa-level.h +@@ -80,6 +80,7 @@ + #define AVX_X86_ISA_LEVEL 3 + #define AVX2_X86_ISA_LEVEL 3 + #define BMI2_X86_ISA_LEVEL 3 ++#define LZCNT_X86_ISA_LEVEL 3 + #define MOVBE_X86_ISA_LEVEL 3 + + /* ISA level >= 2 guaranteed includes. */ +diff --git a/sysdeps/x86_64/multiarch/ifunc-avx2.h b/sysdeps/x86_64/multiarch/ifunc-avx2.h +index a57a9952f3..f1741083fd 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-avx2.h ++++ b/sysdeps/x86_64/multiarch/ifunc-avx2.h +@@ -37,6 +37,7 @@ IFUNC_SELECTOR (void) + + if (X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX2) + && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, BMI2) ++ && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, LZCNT) + && X86_ISA_CPU_FEATURES_ARCH_P (cpu_features, + AVX_Fast_Unaligned_Load, )) + { +diff --git a/sysdeps/x86_64/multiarch/ifunc-impl-list.c b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +index 7c84963d92..ec1c5b55fb 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +@@ -209,13 +209,19 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, memrchr, + X86_IFUNC_IMPL_ADD_V4 (array, i, memrchr, + (CPU_FEATURE_USABLE (AVX512VL) +- && CPU_FEATURE_USABLE (AVX512BW)), ++ && CPU_FEATURE_USABLE (AVX512BW) ++ && CPU_FEATURE_USABLE (BMI2) ++ && CPU_FEATURE_USABLE (LZCNT)), + __memrchr_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, memrchr, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) ++ && CPU_FEATURE_USABLE (LZCNT)), + __memrchr_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, memrchr, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI2) ++ && CPU_FEATURE_USABLE (LZCNT) + && CPU_FEATURE_USABLE (RTM)), + __memrchr_avx2_rtm) + /* ISA V2 wrapper for SSE2 implementation because the SSE2 +-- +2.19.1.6.gb485710b + diff --git a/0056-x86-64-Require-BMI1-BMI2-for-AVX2-strrchr-and-wcsrch.patch b/0056-x86-64-Require-BMI1-BMI2-for-AVX2-strrchr-and-wcsrch.patch new file mode 100644 index 0000000..b238265 --- /dev/null +++ b/0056-x86-64-Require-BMI1-BMI2-for-AVX2-strrchr-and-wcsrch.patch @@ -0,0 +1,94 @@ +From 2d8ef784bd6a784496a6fd460de6b6f57c70a501 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 3 Oct 2022 23:46:11 +0200 +Subject: [PATCH 56/81] x86-64: Require BMI1/BMI2 for AVX2 strrchr and wcsrchr + implementations + +The AVX2 strrchr and wcsrchr implementation uses the 'blsmsk' +instruction which belongs to the BMI1 CPU feature and the 'shrx' +instruction, which belongs to the BMI2 CPU feature. + +Fixes: df7e295d18ff ("x86: Optimize {str|wcs}rchr-avx2") +Partially resolves: BZ #29611 + +Reviewed-by: Noah Goldstein +(cherry picked from commit 7e8283170c5d6805b609a040801d819e362a6292) +--- + sysdeps/x86/isa-level.h | 1 + + sysdeps/x86_64/multiarch/ifunc-avx2.h | 1 + + sysdeps/x86_64/multiarch/ifunc-impl-list.c | 17 ++++++++++++++--- + 3 files changed, 16 insertions(+), 3 deletions(-) + +diff --git a/sysdeps/x86/isa-level.h b/sysdeps/x86/isa-level.h +index bbb90f5c5e..06f6c9663e 100644 +--- a/sysdeps/x86/isa-level.h ++++ b/sysdeps/x86/isa-level.h +@@ -79,6 +79,7 @@ + /* ISA level >= 3 guaranteed includes. */ + #define AVX_X86_ISA_LEVEL 3 + #define AVX2_X86_ISA_LEVEL 3 ++#define BMI1_X86_ISA_LEVEL 3 + #define BMI2_X86_ISA_LEVEL 3 + #define LZCNT_X86_ISA_LEVEL 3 + #define MOVBE_X86_ISA_LEVEL 3 +diff --git a/sysdeps/x86_64/multiarch/ifunc-avx2.h b/sysdeps/x86_64/multiarch/ifunc-avx2.h +index f1741083fd..f2f5e8a211 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-avx2.h ++++ b/sysdeps/x86_64/multiarch/ifunc-avx2.h +@@ -36,6 +36,7 @@ IFUNC_SELECTOR (void) + const struct cpu_features *cpu_features = __get_cpu_features (); + + if (X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, AVX2) ++ && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, BMI1) + && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, BMI2) + && X86_ISA_CPU_FEATURE_USABLE_P (cpu_features, LZCNT) + && X86_ISA_CPU_FEATURES_ARCH_P (cpu_features, +diff --git a/sysdeps/x86_64/multiarch/ifunc-impl-list.c b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +index ec1c5b55fb..00a91123d3 100644 +--- a/sysdeps/x86_64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/x86_64/multiarch/ifunc-impl-list.c +@@ -578,13 +578,19 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + IFUNC_IMPL (i, name, strrchr, + X86_IFUNC_IMPL_ADD_V4 (array, i, strrchr, + (CPU_FEATURE_USABLE (AVX512VL) +- && CPU_FEATURE_USABLE (AVX512BW)), ++ && CPU_FEATURE_USABLE (AVX512BW) ++ && CPU_FEATURE_USABLE (BMI1) ++ && CPU_FEATURE_USABLE (BMI2)), + __strrchr_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, strrchr, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI1) ++ && CPU_FEATURE_USABLE (BMI2)), + __strrchr_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, strrchr, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI1) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __strrchr_avx2_rtm) + /* ISA V2 wrapper for SSE2 implementation because the SSE2 +@@ -797,13 +803,18 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, + X86_IFUNC_IMPL_ADD_V4 (array, i, wcsrchr, + (CPU_FEATURE_USABLE (AVX512VL) + && CPU_FEATURE_USABLE (AVX512BW) ++ && CPU_FEATURE_USABLE (BMI1) + && CPU_FEATURE_USABLE (BMI2)), + __wcsrchr_evex) + X86_IFUNC_IMPL_ADD_V3 (array, i, wcsrchr, +- CPU_FEATURE_USABLE (AVX2), ++ (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI1) ++ && CPU_FEATURE_USABLE (BMI2)), + __wcsrchr_avx2) + X86_IFUNC_IMPL_ADD_V3 (array, i, wcsrchr, + (CPU_FEATURE_USABLE (AVX2) ++ && CPU_FEATURE_USABLE (BMI1) ++ && CPU_FEATURE_USABLE (BMI2) + && CPU_FEATURE_USABLE (RTM)), + __wcsrchr_avx2_rtm) + /* ISA V2 wrapper for SSE2 implementation because the SSE2 +-- +2.19.1.6.gb485710b + diff --git a/0057-nscd-Drop-local-address-tuple-variable-BZ-29607.patch b/0057-nscd-Drop-local-address-tuple-variable-BZ-29607.patch new file mode 100644 index 0000000..0b83cab --- /dev/null +++ b/0057-nscd-Drop-local-address-tuple-variable-BZ-29607.patch @@ -0,0 +1,68 @@ +From 2bd815d8347851212b9a91dbdca8053f4dbdac87 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 4 Oct 2022 18:43:50 -0400 +Subject: [PATCH 57/81] nscd: Drop local address tuple variable [BZ #29607] +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When a request needs to be resent (e.g. due to insufficient buffer +space), the references to subsequent tuples in the local variable are +stale and should not be used. This used to work by accident before, but +since 1d495912a it no longer does. Instead of trying to reset it, just +let gethostbyname4_r write into TUMPBUF6 for us, thus maintaining a +consistent state at all times. This is now consistent with what is done +in gaih_inet for getaddrinfo. + +Resolves: BZ #29607 +Reported-by: Holger Hoffstätte +Tested-by: Holger Hoffstätte +Reviewed-by: Carlos O'Donell +(cherry picked from commit 6e33e5c4b73cea7b8aa3de0947123db16200fb65) +--- + NEWS | 2 ++ + nscd/aicache.c | 5 ++--- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/NEWS b/NEWS +index 91bcfeb7a6..63e26d7062 100644 +--- a/NEWS ++++ b/NEWS +@@ -28,6 +28,8 @@ The following bugs are resolved with this release: + [29537] libc: [2.34 regression]: Alignment issue on m68k when using + [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are + [29583] Use 64-bit interfaces in gconv_parseconfdir ++ [29607] nscd repeatably crashes calling __strlen_avx2 when hosts cache is ++ enabled + [29638] libc: stdlib: arc4random fallback is never used + + Version 2.36 +diff --git a/nscd/aicache.c b/nscd/aicache.c +index 51e793199f..e0baed170b 100644 +--- a/nscd/aicache.c ++++ b/nscd/aicache.c +@@ -110,11 +110,10 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req, + "gethostbyname4_r"); + if (fct4 != NULL) + { +- struct gaih_addrtuple atmem; + struct gaih_addrtuple *at; + while (1) + { +- at = &atmem; ++ at = NULL; + rc6 = 0; + herrno = 0; + status[1] = DL_CALL_FCT (fct4, (key, &at, +@@ -137,7 +136,7 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req, + goto next_nip; + + /* We found the data. Count the addresses and the size. */ +- for (const struct gaih_addrtuple *at2 = at = &atmem; at2 != NULL; ++ for (const struct gaih_addrtuple *at2 = at; at2 != NULL; + at2 = at2->next) + { + ++naddrs; +-- +2.19.1.6.gb485710b + diff --git a/0058-Ensure-calculations-happen-with-desired-rounding-mod.patch b/0058-Ensure-calculations-happen-with-desired-rounding-mod.patch new file mode 100644 index 0000000..187d419 --- /dev/null +++ b/0058-Ensure-calculations-happen-with-desired-rounding-mod.patch @@ -0,0 +1,54 @@ +From 3e279192749cfcae4ceebb1f21a3275e677d0561 Mon Sep 17 00:00:00 2001 +From: Michael Hudson-Doyle +Date: Fri, 12 Aug 2022 11:29:31 +1200 +Subject: [PATCH 58/81] Ensure calculations happen with desired rounding mode + in y1lf128 + +math/test-float128-y1 fails on x86_64 and ppc64el with gcc 12 and -O3, +because code inside a block guarded by SET_RESTORE_ROUNDL is being moved +after the rounding mode has been restored. Use math_force_eval to +prevent this (and insert some math_opt_barrier calls to prevent code +from being moved before the rounding mode is set). + +Fixes #29463 + +Reviewed-By: Wilco Dijkstra +(cherry picked from commit 2b274fd8c9c776cf70fcdb8356e678ada522a7b0) +--- + NEWS | 1 + + sysdeps/ieee754/ldbl-128/e_j1l.c | 3 +++ + 2 files changed, 4 insertions(+) + +diff --git a/NEWS b/NEWS +index 63e26d7062..bea1d8a11f 100644 +--- a/NEWS ++++ b/NEWS +@@ -24,6 +24,7 @@ The following bugs are resolved with this release: + [29446] _dlopen now ignores dl_caller argument in static mode + [29485] Linux: Terminate subprocess on late failure in tst-pidfd + [29490] alpha: New __brk_call implementation is broken ++ [29463] math/test-float128-y1 fails on x86_64 + [29528] elf: Call __libc_early_init for reused namespaces + [29537] libc: [2.34 regression]: Alignment issue on m68k when using + [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are +diff --git a/sysdeps/ieee754/ldbl-128/e_j1l.c b/sysdeps/ieee754/ldbl-128/e_j1l.c +index 54c457681a..9a9c5c6f00 100644 +--- a/sysdeps/ieee754/ldbl-128/e_j1l.c ++++ b/sysdeps/ieee754/ldbl-128/e_j1l.c +@@ -869,10 +869,13 @@ __ieee754_y1l (_Float128 x) + { + /* 0 <= x <= 2 */ + SET_RESTORE_ROUNDL (FE_TONEAREST); ++ xx = math_opt_barrier (xx); ++ x = math_opt_barrier (x); + z = xx * xx; + p = xx * neval (z, Y0_2N, NY0_2N) / deval (z, Y0_2D, NY0_2D); + p = -TWOOPI / xx + p; + p = TWOOPI * __ieee754_logl (x) * __ieee754_j1l (x) + p; ++ math_force_eval (p); + return p; + } + +-- +2.19.1.6.gb485710b + diff --git a/0059-nss-Implement-no-addrconfig-option-for-getent.patch b/0059-nss-Implement-no-addrconfig-option-for-getent.patch new file mode 100644 index 0000000..49437b1 --- /dev/null +++ b/0059-nss-Implement-no-addrconfig-option-for-getent.patch @@ -0,0 +1,79 @@ +From 700d3281f9e57b53c27bc991394b22d467432626 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 13 Sep 2022 16:10:20 +0200 +Subject: [PATCH 59/81] nss: Implement --no-addrconfig option for getent + +The ahosts, ahostsv4, ahostsv6 commands unconditionally pass +AI_ADDRCONFIG to getaddrinfo, which is not always desired. + +Reviewed-by: Carlos O'Donell +(cherry picked from commit a623f13adfac47c8634a7288e08f821a846bc650) +--- + NEWS | 7 +++++++ + nss/getent.c | 11 ++++++++++- + 2 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index bea1d8a11f..462a12253d 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,6 +7,13 @@ using `glibc' in the "product" field. + + Version 2.36.1 + ++Major new features: ++ ++* The getent tool now supports the --no-addrconfig option. The output of ++ getent with --no-addrconfig may contain addresses of families not ++ configured on the current host i.e. as-if you had not passed ++ AI_ADDRCONFIG to getaddrinfo calls. ++ + Security related changes: + + CVE-2022-39046: When the syslog function is passed a crafted input +diff --git a/nss/getent.c b/nss/getent.c +index 8178b4b470..d2d2524b0c 100644 +--- a/nss/getent.c ++++ b/nss/getent.c +@@ -58,6 +58,8 @@ static const struct argp_option args_options[] = + { + { "service", 's', N_("CONFIG"), 0, N_("Service configuration to be used") }, + { "no-idn", 'i', NULL, 0, N_("disable IDN encoding") }, ++ { "no-addrconfig", 'A', NULL, 0, ++ N_("do not filter out unsupported IPv4/IPv6 addresses (with ahosts*)") }, + { NULL, 0, NULL, 0, NULL }, + }; + +@@ -79,6 +81,9 @@ static struct argp argp = + /* Additional getaddrinfo flags for IDN encoding. */ + static int idn_flags = AI_IDN | AI_CANONIDN; + ++/* Set to 0 by --no-addrconfig. */ ++static int addrconfig_flags = AI_ADDRCONFIG; ++ + /* Print the version information. */ + static void + print_version (FILE *stream, struct argp_state *state) +@@ -346,7 +351,7 @@ ahosts_keys_int (int af, int xflags, int number, char *key[]) + + struct addrinfo hint; + memset (&hint, '\0', sizeof (hint)); +- hint.ai_flags = (AI_V4MAPPED | AI_ADDRCONFIG | AI_CANONNAME ++ hint.ai_flags = (AI_V4MAPPED | addrconfig_flags | AI_CANONNAME + | idn_flags | xflags); + hint.ai_family = af; + +@@ -905,6 +910,10 @@ parse_option (int key, char *arg, struct argp_state *state) + idn_flags = 0; + break; + ++ case 'A': ++ addrconfig_flags = 0; ++ break; ++ + default: + return ARGP_ERR_UNKNOWN; + } +-- +2.19.1.6.gb485710b + diff --git a/0060-nss-Fix-tst-nss-files-hosts-long-on-single-stack-hos.patch b/0060-nss-Fix-tst-nss-files-hosts-long-on-single-stack-hos.patch new file mode 100644 index 0000000..82b4c59 --- /dev/null +++ b/0060-nss-Fix-tst-nss-files-hosts-long-on-single-stack-hos.patch @@ -0,0 +1,57 @@ +From 2681d38cafaceafeb330bc0536fa710b75ed5947 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 13 Sep 2022 16:11:40 +0200 +Subject: [PATCH 60/81] nss: Fix tst-nss-files-hosts-long on single-stack hosts + (bug 24816) + +getent implicitly passes AI_ADDRCONFIG to getaddrinfo by default. +Use --no-addrconfig to suppress that, so that both IPv4 and IPv6 +lookups succeed even if the address family is not supported by the +host. + +Reviewed-by: Carlos O'Donell +(cherry picked from commit c75d20b5b27b0a60f0678236f51a4d3b0b058c00) +--- + NEWS | 1 + + nss/tst-nss-files-hosts-long.c | 9 +++++---- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/NEWS b/NEWS +index 462a12253d..de775ab116 100644 +--- a/NEWS ++++ b/NEWS +@@ -24,6 +24,7 @@ Security related changes: + The following bugs are resolved with this release: + + [12154] Do not fail DNS resolution for CNAMEs which are not host names ++ [24816] Fix tst-nss-files-hosts-long on single-stack hosts + [28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning + [29305] Conserve NSS buffer space during DNS packet parsing + [29415] nscd: Fix netlink cache invalidation if epoll is used +diff --git a/nss/tst-nss-files-hosts-long.c b/nss/tst-nss-files-hosts-long.c +index 3942cf5fca..a7697e3143 100644 +--- a/nss/tst-nss-files-hosts-long.c ++++ b/nss/tst-nss-files-hosts-long.c +@@ -28,14 +28,15 @@ do_test (void) + { + int ret; + +- /* Run getent to fetch the IPv4 address for host test4. +- This forces /etc/hosts to be parsed. */ +- ret = system("getent ahostsv4 test4"); ++ /* Run getent to fetch the IPv4 address for host test4. This forces ++ /etc/hosts to be parsed. Use --no-addrconfig to return addresses ++ even in an IPv6-only environment. */ ++ ret = system("getent --no-addrconfig ahostsv4 test4"); + if (ret != 0) + FAIL_EXIT1("ahostsv4 failed"); + + /* Likewise for IPv6. */ +- ret = system("getent ahostsv6 test6"); ++ ret = system("getent --no-addrconfig ahostsv6 test6"); + if (ret != 0) + FAIL_EXIT1("ahostsv6 failed"); + +-- +2.19.1.6.gb485710b + diff --git a/0061-nss-Use-shared-prefix-in-IPv4-address-in-tst-reload1.patch b/0061-nss-Use-shared-prefix-in-IPv4-address-in-tst-reload1.patch new file mode 100644 index 0000000..dc04d7a --- /dev/null +++ b/0061-nss-Use-shared-prefix-in-IPv4-address-in-tst-reload1.patch @@ -0,0 +1,52 @@ +From 908454129d21126bf7fc58f2a520b1f304dc5f02 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 23 Sep 2022 19:30:57 +0200 +Subject: [PATCH 61/81] nss: Use shared prefix in IPv4 address in tst-reload1 + +Otherwise, sorting based on the longest-matching prefix in +getaddrinfo can reorder the addresses in ways the test does not +expect, depending on the IPv4 address of the host. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit c02e29a0ba47d636281e1a026444a1a0a254aa12) +--- + nss/tst-reload1.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/nss/tst-reload1.c b/nss/tst-reload1.c +index fdc5bdd65b..bc32bb132a 100644 +--- a/nss/tst-reload1.c ++++ b/nss/tst-reload1.c +@@ -43,12 +43,12 @@ static struct passwd pwd_table_1[] = { + + static const char *hostaddr_5[] = + { +- "ABCD", "abcd", "1234", NULL ++ "ABCd", "ABCD", "ABC4", NULL + }; + + static const char *hostaddr_15[] = + { +- "4321", "ghij", NULL ++ "4321", "4322", NULL + }; + + static const char *hostaddr_25[] = +@@ -86,12 +86,12 @@ static const char *hostaddr_6[] = + + static const char *hostaddr_16[] = + { +- "7890", "a1b2", NULL ++ "7890", "7891", NULL + }; + + static const char *hostaddr_26[] = + { +- "qwer", "tyui", NULL ++ "qwer", "qweR", NULL + }; + + static struct hostent host_table_2[] = { +-- +2.19.1.6.gb485710b + diff --git a/0062-elf-Do-not-completely-clear-reused-namespace-in-dlmo.patch b/0062-elf-Do-not-completely-clear-reused-namespace-in-dlmo.patch new file mode 100644 index 0000000..b65639b --- /dev/null +++ b/0062-elf-Do-not-completely-clear-reused-namespace-in-dlmo.patch @@ -0,0 +1,111 @@ +From 19535f3b57306ea3ec559a6c0b10d2d7a87418a7 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 14 Oct 2022 11:02:25 +0200 +Subject: [PATCH 62/81] elf: Do not completely clear reused namespace in + dlmopen (bug 29600) + +The data in the _ns_debug member must be preserved, otherwise +_dl_debug_initialize enters an infinite loop. To be conservative, +only clear the libc_map member for now, to fix bug 29528. + +Fixes commit d0e357ff45a75553dee3b17ed7d303bfa544f6fe +("elf: Call __libc_early_init for reused namespaces (bug 29528)"), +by reverting most of it. + +Reviewed-by: Carlos O'Donell +Tested-by: Carlos O'Donell +(cherry picked from commit 2c42257314536b94cc8d52edede86e94e98c1436) +--- + NEWS | 1 + + elf/dl-open.c | 14 ++++++-------- + elf/tst-dlmopen-twice.c | 28 ++++++++++++++++++++++++---- + 3 files changed, 31 insertions(+), 12 deletions(-) + +diff --git a/NEWS b/NEWS +index de775ab116..a6da588c85 100644 +--- a/NEWS ++++ b/NEWS +@@ -37,6 +37,7 @@ The following bugs are resolved with this release: + [29537] libc: [2.34 regression]: Alignment issue on m68k when using + [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are + [29583] Use 64-bit interfaces in gconv_parseconfdir ++ [29600] Do not completely clear reused namespace in dlmopen + [29607] nscd repeatably crashes calling __strlen_avx2 when hosts cache is + enabled + [29638] libc: stdlib: arc4random fallback is never used +diff --git a/elf/dl-open.c b/elf/dl-open.c +index 46e8066fd8..e7db5e9642 100644 +--- a/elf/dl-open.c ++++ b/elf/dl-open.c +@@ -844,15 +844,13 @@ _dl_open (const char *file, int mode, const void *caller_dlopen, Lmid_t nsid, + _dl_signal_error (EINVAL, file, NULL, N_("\ + no more namespaces available for dlmopen()")); + } ++ else if (nsid == GL(dl_nns)) ++ { ++ __rtld_lock_initialize (GL(dl_ns)[nsid]._ns_unique_sym_table.lock); ++ ++GL(dl_nns); ++ } + +- if (nsid == GL(dl_nns)) +- ++GL(dl_nns); +- +- /* Initialize the new namespace. Most members are +- zero-initialized, only the lock needs special treatment. */ +- memset (&GL(dl_ns)[nsid], 0, sizeof (GL(dl_ns)[nsid])); +- __rtld_lock_initialize (GL(dl_ns)[nsid]._ns_unique_sym_table.lock); +- ++ GL(dl_ns)[nsid].libc_map = NULL; + _dl_debug_update (nsid)->r_state = RT_CONSISTENT; + } + /* Never allow loading a DSO in a namespace which is empty. Such +diff --git a/elf/tst-dlmopen-twice.c b/elf/tst-dlmopen-twice.c +index 449f3c8fa9..70c71fe19c 100644 +--- a/elf/tst-dlmopen-twice.c ++++ b/elf/tst-dlmopen-twice.c +@@ -16,18 +16,38 @@ + License along with the GNU C Library; if not, see + . */ + +-#include ++#include + #include ++#include + +-static int +-do_test (void) ++/* Run the test multiple times, to check finding a new namespace while ++ another namespace is already in use. This used to trigger bug 29600. */ ++static void ++recurse (int depth) + { +- void *handle = xdlmopen (LM_ID_NEWLM, "tst-dlmopen-twice-mod1.so", RTLD_NOW); ++ if (depth == 0) ++ return; ++ ++ printf ("info: running at depth %d\n", depth); ++ void *handle = xdlmopen (LM_ID_NEWLM, "tst-dlmopen-twice-mod1.so", ++ RTLD_NOW); + xdlclose (handle); + handle = xdlmopen (LM_ID_NEWLM, "tst-dlmopen-twice-mod2.so", RTLD_NOW); + int (*run_check) (void) = xdlsym (handle, "run_check"); + TEST_COMPARE (run_check (), 0); ++ recurse (depth - 1); + xdlclose (handle); ++} ++ ++static int ++do_test (void) ++{ ++ /* First run the test without nesting. */ ++ recurse (1); ++ ++ /* Then with nesting. The constant needs to be less than the ++ internal DL_NNS namespace constant. */ ++ recurse (10); + return 0; + } + +-- +2.19.1.6.gb485710b + diff --git a/0063-Fix-BZ-29463-in-the-ibm128-implementation-of-y1l-too.patch b/0063-Fix-BZ-29463-in-the-ibm128-implementation-of-y1l-too.patch new file mode 100644 index 0000000..e11eea7 --- /dev/null +++ b/0063-Fix-BZ-29463-in-the-ibm128-implementation-of-y1l-too.patch @@ -0,0 +1,37 @@ +From b357157361117182c7a68c90fda7ba431b64442c Mon Sep 17 00:00:00 2001 +From: Michael Hudson-Doyle +Date: Mon, 22 Aug 2022 14:05:04 +1200 +Subject: [PATCH 63/81] Fix BZ #29463 in the ibm128 implementation of y1l too + +Avoid moving code across SET_RESTORE_ROUNDL in order to fix +[BZ #29463]. + +Tested-by: Aurelien Jarno +Reviewed-by: Aurelien Jarno +Reviewed-by: Tulio Magno Quites Machado Filho +(cherry picked from commit b6e37b7805b0182c3e25cdab39ebf5f001c04d05) +--- + sysdeps/ieee754/ldbl-128ibm/e_j1l.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/sysdeps/ieee754/ldbl-128ibm/e_j1l.c b/sysdeps/ieee754/ldbl-128ibm/e_j1l.c +index f85ba94466..0a5fe68342 100644 +--- a/sysdeps/ieee754/ldbl-128ibm/e_j1l.c ++++ b/sysdeps/ieee754/ldbl-128ibm/e_j1l.c +@@ -792,10 +792,13 @@ __ieee754_y1l (long double x) + { + /* 0 <= x <= 2 */ + SET_RESTORE_ROUNDL (FE_TONEAREST); ++ xx = math_opt_barrier (xx); ++ x = math_opt_barrier (x); + z = xx * xx; + p = xx * neval (z, Y0_2N, NY0_2N) / deval (z, Y0_2D, NY0_2D); + p = -TWOOPI / xx + p; + p = TWOOPI * __ieee754_logl (x) * __ieee754_j1l (x) + p; ++ math_force_eval (p); + return p; + } + +-- +2.19.1.6.gb485710b + diff --git a/0064-Avoid-undefined-behaviour-in-ibm128-implementation-o.patch b/0064-Avoid-undefined-behaviour-in-ibm128-implementation-o.patch new file mode 100644 index 0000000..b543956 --- /dev/null +++ b/0064-Avoid-undefined-behaviour-in-ibm128-implementation-o.patch @@ -0,0 +1,85 @@ +From 9273b2d0e93e7355656cad3be3a1ca76489df483 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Mon, 10 Oct 2022 00:39:33 +0200 +Subject: [PATCH 64/81] Avoid undefined behaviour in ibm128 implementation of + llroundl (BZ #29488) + +Detecting an overflow edge case depended on signed overflow of a long +long. Replace the additions and the overflow checks by +__builtin_add_overflow(). + +Reviewed-by: Tulio Magno Quites Machado Filho +(cherry picked from commit 2b5478569e72ee4820a6e163d306690c9c0eaf5e) +--- + NEWS | 2 ++ + sysdeps/ieee754/ldbl-128ibm/s_llroundl.c | 21 +++++++++------------ + 2 files changed, 11 insertions(+), 12 deletions(-) + +diff --git a/NEWS b/NEWS +index a6da588c85..8c60d3dc8d 100644 +--- a/NEWS ++++ b/NEWS +@@ -33,6 +33,8 @@ The following bugs are resolved with this release: + [29485] Linux: Terminate subprocess on late failure in tst-pidfd + [29490] alpha: New __brk_call implementation is broken + [29463] math/test-float128-y1 fails on x86_64 ++ [29488] test-ibm128-llround fails on ppc64el when built with gcc-12 and -O2 ++ or higher + [29528] elf: Call __libc_early_init for reused namespaces + [29537] libc: [2.34 regression]: Alignment issue on m68k when using + [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are +diff --git a/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c b/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c +index d85154e73a..d8c0de1faf 100644 +--- a/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c ++++ b/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c +@@ -66,38 +66,35 @@ __llroundl (long double x) + /* Peg at max/min values, assuming that the above conversions do so. + Strictly speaking, we can return anything for values that overflow, + but this is more useful. */ +- res = hi + lo; +- +- /* This is just sign(hi) == sign(lo) && sign(res) != sign(hi). */ +- if (__glibc_unlikely (((~(hi ^ lo) & (res ^ hi)) < 0))) ++ if (__glibc_unlikely (__builtin_add_overflow (hi, lo, &res))) + goto overflow; + + xh -= lo; + ldbl_canonicalize (&xh, &xl); + +- hi = res; + if (xh > 0.5) + { +- res += 1; ++ if (__glibc_unlikely (__builtin_add_overflow (res, 1, &res))) ++ goto overflow; + } + else if (xh == 0.5) + { + if (xl > 0.0 || (xl == 0.0 && res >= 0)) +- res += 1; ++ if (__glibc_unlikely (__builtin_add_overflow (res, 1, &res))) ++ goto overflow; + } + else if (-xh > 0.5) + { +- res -= 1; ++ if (__glibc_unlikely (__builtin_add_overflow (res, -1, &res))) ++ goto overflow; + } + else if (-xh == 0.5) + { + if (xl < 0.0 || (xl == 0.0 && res <= 0)) +- res -= 1; ++ if (__glibc_unlikely (__builtin_add_overflow (res, -1, &res))) ++ goto overflow; + } + +- if (__glibc_unlikely (((~(hi ^ (res - hi)) & (res ^ hi)) < 0))) +- goto overflow; +- + return res; + } + else +-- +2.19.1.6.gb485710b + diff --git a/0065-linux-Fix-generic-struct_stat-for-64-bit-time-BZ-296.patch b/0065-linux-Fix-generic-struct_stat-for-64-bit-time-BZ-296.patch new file mode 100644 index 0000000..a8f02fa --- /dev/null +++ b/0065-linux-Fix-generic-struct_stat-for-64-bit-time-BZ-296.patch @@ -0,0 +1,889 @@ +From 7b7dfbb0cbdffebf0233c650627a4861212fbb60 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Wed, 19 Oct 2022 19:14:04 -0300 +Subject: [PATCH 65/81] linux: Fix generic struct_stat for 64 bit time (BZ# + 29657) + +The generic Linux struct_stat misses the conditionals to use +bits/struct_stat_time64_helper.h in the __USE_TIME_BITS64 for +architecture that uses __TIMESIZE == 32 (currently csky and nios2). + +Since newer ports should not support 32 bit time_t, the generic +implementation should be used as default. + +For arm, hppa, and sh a copy of default struct_stat is added, +while for csky and nios a new one based on generic is used, along +with conditionals to use bits/struct_stat_time64_helper.h. + +The default struct_stat is also replaced with the generic one. + +Checked on aarch64-linux-gnu and arm-linux-gnueabihf. + +(cherry picked from commit 7a6ca82f8007ddbd43e2b8fce806ba7101ee47f5) +--- + NEWS | 2 + + .../unix/sysv/linux/arm/bits/struct_stat.h | 139 ++++++++++++++++++ + sysdeps/unix/sysv/linux/bits/struct_stat.h | 116 +++++++-------- + .../{generic => csky}/bits/struct_stat.h | 28 ++-- + .../unix/sysv/linux/hppa/bits/struct_stat.h | 139 ++++++++++++++++++ + .../unix/sysv/linux/nios2/bits/struct_stat.h | 135 +++++++++++++++++ + sysdeps/unix/sysv/linux/sh/bits/struct_stat.h | 139 ++++++++++++++++++ + 7 files changed, 624 insertions(+), 74 deletions(-) + create mode 100644 sysdeps/unix/sysv/linux/arm/bits/struct_stat.h + rename sysdeps/unix/sysv/linux/{generic => csky}/bits/struct_stat.h (92%) + create mode 100644 sysdeps/unix/sysv/linux/hppa/bits/struct_stat.h + create mode 100644 sysdeps/unix/sysv/linux/nios2/bits/struct_stat.h + create mode 100644 sysdeps/unix/sysv/linux/sh/bits/struct_stat.h + +diff --git a/NEWS b/NEWS +index 8c60d3dc8d..833045585f 100644 +--- a/NEWS ++++ b/NEWS +@@ -43,6 +43,8 @@ The following bugs are resolved with this release: + [29607] nscd repeatably crashes calling __strlen_avx2 when hosts cache is + enabled + [29638] libc: stdlib: arc4random fallback is never used ++ [29657] libc: Incorrect struct stat for 64-bit time on linux/generic ++ platforms + + Version 2.36 + +diff --git a/sysdeps/unix/sysv/linux/arm/bits/struct_stat.h b/sysdeps/unix/sysv/linux/arm/bits/struct_stat.h +new file mode 100644 +index 0000000000..30ee6279d2 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/arm/bits/struct_stat.h +@@ -0,0 +1,139 @@ ++/* Definition for struct stat. Linux/arm version. ++ Copyright (C) 2020-2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#if !defined _SYS_STAT_H && !defined _FCNTL_H ++# error "Never include directly; use instead." ++#endif ++ ++#ifndef _BITS_STRUCT_STAT_H ++#define _BITS_STRUCT_STAT_H 1 ++ ++#include ++#include ++ ++struct stat ++ { ++#ifdef __USE_TIME_BITS64 ++# include ++#else ++ __dev_t st_dev; /* Device. */ ++ unsigned short int __pad1; ++# ifndef __USE_FILE_OFFSET64 ++ __ino_t st_ino; /* File serial number. */ ++# else ++ __ino_t __st_ino; /* 32bit file serial number. */ ++# endif ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ unsigned short int __pad2; ++# ifndef __USE_FILE_OFFSET64 ++ __off_t st_size; /* Size of file, in bytes. */ ++# else ++ __off64_t st_size; /* Size of file, in bytes. */ ++# endif ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ ++# ifndef __USE_FILE_OFFSET64 ++ __blkcnt_t st_blocks; /* Number 512-byte blocks allocated. */ ++# else ++ __blkcnt64_t st_blocks; /* Number 512-byte blocks allocated. */ ++# endif ++# ifdef __USE_XOPEN2K8 ++ /* Nanosecond resolution timestamps are stored in a format ++ equivalent to 'struct timespec'. This is the type used ++ whenever possible but the Unix namespace rules do not allow the ++ identifier 'timespec' to appear in the header. ++ Therefore we have to handle the use of this header in strictly ++ standard-compliant sources special. */ ++ struct timespec st_atim; /* Time of last access. */ ++ struct timespec st_mtim; /* Time of last modification. */ ++ struct timespec st_ctim; /* Time of last status change. */ ++# define st_atime st_atim.tv_sec /* Backward compatibility. */ ++# define st_mtime st_mtim.tv_sec ++# define st_ctime st_ctim.tv_sec ++# else ++ __time_t st_atime; /* Time of last access. */ ++ unsigned long int st_atimensec; /* Nscecs of last access. */ ++ __time_t st_mtime; /* Time of last modification. */ ++ unsigned long int st_mtimensec; /* Nsecs of last modification. */ ++ __time_t st_ctime; /* Time of last status change. */ ++ unsigned long int st_ctimensec; /* Nsecs of last status change. */ ++# endif ++# ifndef __USE_FILE_OFFSET64 ++ unsigned long int __glibc_reserved4; ++ unsigned long int __glibc_reserved5; ++# else ++ __ino64_t st_ino; /* File serial number. */ ++# endif ++#endif /* __USE_TIME_BITS64 */ ++ }; ++ ++#ifdef __USE_LARGEFILE64 ++struct stat64 ++ { ++# ifdef __USE_TIME_BITS64 ++# include ++# else ++ __dev_t st_dev; /* Device. */ ++ unsigned int __pad1; ++ ++ __ino_t __st_ino; /* 32bit file serial number. */ ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ unsigned int __pad2; ++ __off64_t st_size; /* Size of file, in bytes. */ ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ ++ __blkcnt64_t st_blocks; /* Number 512-byte blocks allocated. */ ++# ifdef __USE_XOPEN2K8 ++ /* Nanosecond resolution timestamps are stored in a format ++ equivalent to 'struct timespec'. This is the type used ++ whenever possible but the Unix namespace rules do not allow the ++ identifier 'timespec' to appear in the header. ++ Therefore we have to handle the use of this header in strictly ++ standard-compliant sources special. */ ++ struct timespec st_atim; /* Time of last access. */ ++ struct timespec st_mtim; /* Time of last modification. */ ++ struct timespec st_ctim; /* Time of last status change. */ ++# else ++ __time_t st_atime; /* Time of last access. */ ++ unsigned long int st_atimensec; /* Nscecs of last access. */ ++ __time_t st_mtime; /* Time of last modification. */ ++ unsigned long int st_mtimensec; /* Nsecs of last modification. */ ++ __time_t st_ctime; /* Time of last status change. */ ++ unsigned long int st_ctimensec; /* Nsecs of last status change. */ ++# endif ++ __ino64_t st_ino; /* File serial number. */ ++# endif /* __USE_TIME_BITS64 */ ++ }; ++#endif ++ ++/* Tell code we have these members. */ ++#define _STATBUF_ST_BLKSIZE ++#define _STATBUF_ST_RDEV ++/* Nanosecond resolution time values are supported. */ ++#define _STATBUF_ST_NSEC ++ ++ ++#endif /* _BITS_STRUCT_STAT_H */ +diff --git a/sysdeps/unix/sysv/linux/bits/struct_stat.h b/sysdeps/unix/sysv/linux/bits/struct_stat.h +index 25bd6cb638..fb11a3fba4 100644 +--- a/sysdeps/unix/sysv/linux/bits/struct_stat.h ++++ b/sysdeps/unix/sysv/linux/bits/struct_stat.h +@@ -26,37 +26,36 @@ + #include + #include + +-struct stat +- { +-#ifdef __USE_TIME_BITS64 +-# include +-#else +- __dev_t st_dev; /* Device. */ +- unsigned short int __pad1; +-# ifndef __USE_FILE_OFFSET64 +- __ino_t st_ino; /* File serial number. */ +-# else +- __ino_t __st_ino; /* 32bit file serial number. */ ++#if defined __USE_FILE_OFFSET64 ++# define __field64(type, type64, name) type64 name ++#elif __WORDSIZE == 64 || defined __INO_T_MATCHES_INO64_T ++# if defined __INO_T_MATCHES_INO64_T && !defined __OFF_T_MATCHES_OFF64_T ++# error "ino_t and off_t must both be the same type" + # endif +- __mode_t st_mode; /* File mode. */ +- __nlink_t st_nlink; /* Link count. */ +- __uid_t st_uid; /* User ID of the file's owner. */ +- __gid_t st_gid; /* Group ID of the file's group.*/ +- __dev_t st_rdev; /* Device number, if device. */ +- unsigned short int __pad2; +-# ifndef __USE_FILE_OFFSET64 +- __off_t st_size; /* Size of file, in bytes. */ +-# else +- __off64_t st_size; /* Size of file, in bytes. */ +-# endif +- __blksize_t st_blksize; /* Optimal block size for I/O. */ ++# define __field64(type, type64, name) type name ++#elif __BYTE_ORDER == __LITTLE_ENDIAN ++# define __field64(type, type64, name) \ ++ type name __attribute__((__aligned__ (__alignof__ (type64)))); int __##name##_pad ++#else ++# define __field64(type, type64, name) \ ++ int __##name##_pad __attribute__((__aligned__ (__alignof__ (type64)))); type name ++#endif + +-# ifndef __USE_FILE_OFFSET64 +- __blkcnt_t st_blocks; /* Number 512-byte blocks allocated. */ +-# else +- __blkcnt64_t st_blocks; /* Number 512-byte blocks allocated. */ +-# endif +-# ifdef __USE_XOPEN2K8 ++struct stat ++ { ++ __dev_t st_dev; /* Device. */ ++ __field64(__ino_t, __ino64_t, st_ino); /* File serial number. */ ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ __dev_t __pad1; ++ __field64(__off_t, __off64_t, st_size); /* Size of file, in bytes. */ ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ int __pad2; ++ __field64(__blkcnt_t, __blkcnt64_t, st_blocks); /* 512-byte blocks */ ++#ifdef __USE_XOPEN2K8 + /* Nanosecond resolution timestamps are stored in a format + equivalent to 'struct timespec'. This is the type used + whenever possible but the Unix namespace rules do not allow the +@@ -66,47 +65,38 @@ struct stat + struct timespec st_atim; /* Time of last access. */ + struct timespec st_mtim; /* Time of last modification. */ + struct timespec st_ctim; /* Time of last status change. */ +-# define st_atime st_atim.tv_sec /* Backward compatibility. */ +-# define st_mtime st_mtim.tv_sec +-# define st_ctime st_ctim.tv_sec +-# else ++# define st_atime st_atim.tv_sec /* Backward compatibility. */ ++# define st_mtime st_mtim.tv_sec ++# define st_ctime st_ctim.tv_sec ++#else + __time_t st_atime; /* Time of last access. */ + unsigned long int st_atimensec; /* Nscecs of last access. */ + __time_t st_mtime; /* Time of last modification. */ + unsigned long int st_mtimensec; /* Nsecs of last modification. */ + __time_t st_ctime; /* Time of last status change. */ + unsigned long int st_ctimensec; /* Nsecs of last status change. */ +-# endif +-# ifndef __USE_FILE_OFFSET64 +- unsigned long int __glibc_reserved4; +- unsigned long int __glibc_reserved5; +-# else +- __ino64_t st_ino; /* File serial number. */ +-# endif +-#endif /* __USE_TIME_BITS64 */ ++#endif ++ int __glibc_reserved[2]; + }; + ++#undef __field64 ++ + #ifdef __USE_LARGEFILE64 + struct stat64 + { +-# ifdef __USE_TIME_BITS64 +-# include +-# else +- __dev_t st_dev; /* Device. */ +- unsigned int __pad1; +- +- __ino_t __st_ino; /* 32bit file serial number. */ +- __mode_t st_mode; /* File mode. */ +- __nlink_t st_nlink; /* Link count. */ +- __uid_t st_uid; /* User ID of the file's owner. */ +- __gid_t st_gid; /* Group ID of the file's group.*/ +- __dev_t st_rdev; /* Device number, if device. */ +- unsigned int __pad2; +- __off64_t st_size; /* Size of file, in bytes. */ +- __blksize_t st_blksize; /* Optimal block size for I/O. */ +- +- __blkcnt64_t st_blocks; /* Number 512-byte blocks allocated. */ +-# ifdef __USE_XOPEN2K8 ++ __dev_t st_dev; /* Device. */ ++ __ino64_t st_ino; /* File serial number. */ ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ __dev_t __pad1; ++ __off64_t st_size; /* Size of file, in bytes. */ ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ int __pad2; ++ __blkcnt64_t st_blocks; /* Nr. 512-byte blocks allocated. */ ++#ifdef __USE_XOPEN2K8 + /* Nanosecond resolution timestamps are stored in a format + equivalent to 'struct timespec'. This is the type used + whenever possible but the Unix namespace rules do not allow the +@@ -116,16 +106,15 @@ struct stat64 + struct timespec st_atim; /* Time of last access. */ + struct timespec st_mtim; /* Time of last modification. */ + struct timespec st_ctim; /* Time of last status change. */ +-# else ++#else + __time_t st_atime; /* Time of last access. */ + unsigned long int st_atimensec; /* Nscecs of last access. */ + __time_t st_mtime; /* Time of last modification. */ + unsigned long int st_mtimensec; /* Nsecs of last modification. */ + __time_t st_ctime; /* Time of last status change. */ + unsigned long int st_ctimensec; /* Nsecs of last status change. */ +-# endif +- __ino64_t st_ino; /* File serial number. */ +-# endif /* __USE_TIME_BITS64 */ ++#endif ++ int __glibc_reserved[2]; + }; + #endif + +@@ -135,5 +124,4 @@ struct stat64 + /* Nanosecond resolution time values are supported. */ + #define _STATBUF_ST_NSEC + +- + #endif /* _BITS_STRUCT_STAT_H */ +diff --git a/sysdeps/unix/sysv/linux/generic/bits/struct_stat.h b/sysdeps/unix/sysv/linux/csky/bits/struct_stat.h +similarity index 92% +rename from sysdeps/unix/sysv/linux/generic/bits/struct_stat.h +rename to sysdeps/unix/sysv/linux/csky/bits/struct_stat.h +index fb11a3fba4..f0ee455748 100644 +--- a/sysdeps/unix/sysv/linux/generic/bits/struct_stat.h ++++ b/sysdeps/unix/sysv/linux/csky/bits/struct_stat.h +@@ -1,4 +1,4 @@ +-/* Definition for struct stat. ++/* Definition for struct stat. Linux/csky version. + Copyright (C) 2020-2022 Free Software Foundation, Inc. + This file is part of the GNU C Library. + +@@ -43,6 +43,9 @@ + + struct stat + { ++#ifdef __USE_TIME_BITS64 ++# include ++#else + __dev_t st_dev; /* Device. */ + __field64(__ino_t, __ino64_t, st_ino); /* File serial number. */ + __mode_t st_mode; /* File mode. */ +@@ -55,7 +58,7 @@ struct stat + __blksize_t st_blksize; /* Optimal block size for I/O. */ + int __pad2; + __field64(__blkcnt_t, __blkcnt64_t, st_blocks); /* 512-byte blocks */ +-#ifdef __USE_XOPEN2K8 ++# ifdef __USE_XOPEN2K8 + /* Nanosecond resolution timestamps are stored in a format + equivalent to 'struct timespec'. This is the type used + whenever possible but the Unix namespace rules do not allow the +@@ -65,18 +68,19 @@ struct stat + struct timespec st_atim; /* Time of last access. */ + struct timespec st_mtim; /* Time of last modification. */ + struct timespec st_ctim; /* Time of last status change. */ +-# define st_atime st_atim.tv_sec /* Backward compatibility. */ +-# define st_mtime st_mtim.tv_sec +-# define st_ctime st_ctim.tv_sec +-#else ++# define st_atime st_atim.tv_sec /* Backward compatibility. */ ++# define st_mtime st_mtim.tv_sec ++# define st_ctime st_ctim.tv_sec ++# else + __time_t st_atime; /* Time of last access. */ + unsigned long int st_atimensec; /* Nscecs of last access. */ + __time_t st_mtime; /* Time of last modification. */ + unsigned long int st_mtimensec; /* Nsecs of last modification. */ + __time_t st_ctime; /* Time of last status change. */ + unsigned long int st_ctimensec; /* Nsecs of last status change. */ +-#endif ++# endif + int __glibc_reserved[2]; ++#endif + }; + + #undef __field64 +@@ -84,6 +88,9 @@ struct stat + #ifdef __USE_LARGEFILE64 + struct stat64 + { ++# ifdef __USE_TIME_BITS64 ++# include ++# else + __dev_t st_dev; /* Device. */ + __ino64_t st_ino; /* File serial number. */ + __mode_t st_mode; /* File mode. */ +@@ -96,7 +103,7 @@ struct stat64 + __blksize_t st_blksize; /* Optimal block size for I/O. */ + int __pad2; + __blkcnt64_t st_blocks; /* Nr. 512-byte blocks allocated. */ +-#ifdef __USE_XOPEN2K8 ++# ifdef __USE_XOPEN2K8 + /* Nanosecond resolution timestamps are stored in a format + equivalent to 'struct timespec'. This is the type used + whenever possible but the Unix namespace rules do not allow the +@@ -106,15 +113,16 @@ struct stat64 + struct timespec st_atim; /* Time of last access. */ + struct timespec st_mtim; /* Time of last modification. */ + struct timespec st_ctim; /* Time of last status change. */ +-#else ++# else + __time_t st_atime; /* Time of last access. */ + unsigned long int st_atimensec; /* Nscecs of last access. */ + __time_t st_mtime; /* Time of last modification. */ + unsigned long int st_mtimensec; /* Nsecs of last modification. */ + __time_t st_ctime; /* Time of last status change. */ + unsigned long int st_ctimensec; /* Nsecs of last status change. */ +-#endif ++# endif + int __glibc_reserved[2]; ++# endif + }; + #endif + +diff --git a/sysdeps/unix/sysv/linux/hppa/bits/struct_stat.h b/sysdeps/unix/sysv/linux/hppa/bits/struct_stat.h +new file mode 100644 +index 0000000000..38b6e13e68 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/hppa/bits/struct_stat.h +@@ -0,0 +1,139 @@ ++/* Definition for struct stat. Linux/hppa version. ++ Copyright (C) 2020-2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#if !defined _SYS_STAT_H && !defined _FCNTL_H ++# error "Never include directly; use instead." ++#endif ++ ++#ifndef _BITS_STRUCT_STAT_H ++#define _BITS_STRUCT_STAT_H 1 ++ ++#include ++#include ++ ++struct stat ++ { ++#ifdef __USE_TIME_BITS64 ++# include ++#else ++ __dev_t st_dev; /* Device. */ ++ unsigned short int __pad1; ++# ifndef __USE_FILE_OFFSET64 ++ __ino_t st_ino; /* File serial number. */ ++# else ++ __ino_t __st_ino; /* 32bit file serial number. */ ++# endif ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ unsigned short int __pad2; ++# ifndef __USE_FILE_OFFSET64 ++ __off_t st_size; /* Size of file, in bytes. */ ++# else ++ __off64_t st_size; /* Size of file, in bytes. */ ++# endif ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ ++# ifndef __USE_FILE_OFFSET64 ++ __blkcnt_t st_blocks; /* Number 512-byte blocks allocated. */ ++# else ++ __blkcnt64_t st_blocks; /* Number 512-byte blocks allocated. */ ++# endif ++# ifdef __USE_XOPEN2K8 ++ /* Nanosecond resolution timestamps are stored in a format ++ equivalent to 'struct timespec'. This is the type used ++ whenever possible but the Unix namespace rules do not allow the ++ identifier 'timespec' to appear in the header. ++ Therefore we have to handle the use of this header in strictly ++ standard-compliant sources special. */ ++ struct timespec st_atim; /* Time of last access. */ ++ struct timespec st_mtim; /* Time of last modification. */ ++ struct timespec st_ctim; /* Time of last status change. */ ++# define st_atime st_atim.tv_sec /* Backward compatibility. */ ++# define st_mtime st_mtim.tv_sec ++# define st_ctime st_ctim.tv_sec ++# else ++ __time_t st_atime; /* Time of last access. */ ++ unsigned long int st_atimensec; /* Nscecs of last access. */ ++ __time_t st_mtime; /* Time of last modification. */ ++ unsigned long int st_mtimensec; /* Nsecs of last modification. */ ++ __time_t st_ctime; /* Time of last status change. */ ++ unsigned long int st_ctimensec; /* Nsecs of last status change. */ ++# endif ++# ifndef __USE_FILE_OFFSET64 ++ unsigned long int __glibc_reserved4; ++ unsigned long int __glibc_reserved5; ++# else ++ __ino64_t st_ino; /* File serial number. */ ++# endif ++#endif /* __USE_TIME_BITS64 */ ++ }; ++ ++#ifdef __USE_LARGEFILE64 ++struct stat64 ++ { ++# ifdef __USE_TIME_BITS64 ++# include ++# else ++ __dev_t st_dev; /* Device. */ ++ unsigned int __pad1; ++ ++ __ino_t __st_ino; /* 32bit file serial number. */ ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ unsigned int __pad2; ++ __off64_t st_size; /* Size of file, in bytes. */ ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ ++ __blkcnt64_t st_blocks; /* Number 512-byte blocks allocated. */ ++# ifdef __USE_XOPEN2K8 ++ /* Nanosecond resolution timestamps are stored in a format ++ equivalent to 'struct timespec'. This is the type used ++ whenever possible but the Unix namespace rules do not allow the ++ identifier 'timespec' to appear in the header. ++ Therefore we have to handle the use of this header in strictly ++ standard-compliant sources special. */ ++ struct timespec st_atim; /* Time of last access. */ ++ struct timespec st_mtim; /* Time of last modification. */ ++ struct timespec st_ctim; /* Time of last status change. */ ++# else ++ __time_t st_atime; /* Time of last access. */ ++ unsigned long int st_atimensec; /* Nscecs of last access. */ ++ __time_t st_mtime; /* Time of last modification. */ ++ unsigned long int st_mtimensec; /* Nsecs of last modification. */ ++ __time_t st_ctime; /* Time of last status change. */ ++ unsigned long int st_ctimensec; /* Nsecs of last status change. */ ++# endif ++ __ino64_t st_ino; /* File serial number. */ ++# endif /* __USE_TIME_BITS64 */ ++ }; ++#endif ++ ++/* Tell code we have these members. */ ++#define _STATBUF_ST_BLKSIZE ++#define _STATBUF_ST_RDEV ++/* Nanosecond resolution time values are supported. */ ++#define _STATBUF_ST_NSEC ++ ++ ++#endif /* _BITS_STRUCT_STAT_H */ +diff --git a/sysdeps/unix/sysv/linux/nios2/bits/struct_stat.h b/sysdeps/unix/sysv/linux/nios2/bits/struct_stat.h +new file mode 100644 +index 0000000000..e00e71173e +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/nios2/bits/struct_stat.h +@@ -0,0 +1,135 @@ ++/* Definition for struct stat. Linux/nios2 version. ++ Copyright (C) 2020-2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#if !defined _SYS_STAT_H && !defined _FCNTL_H ++# error "Never include directly; use instead." ++#endif ++ ++#ifndef _BITS_STRUCT_STAT_H ++#define _BITS_STRUCT_STAT_H 1 ++ ++#include ++#include ++ ++#if defined __USE_FILE_OFFSET64 ++# define __field64(type, type64, name) type64 name ++#elif __WORDSIZE == 64 || defined __INO_T_MATCHES_INO64_T ++# if defined __INO_T_MATCHES_INO64_T && !defined __OFF_T_MATCHES_OFF64_T ++# error "ino_t and off_t must both be the same type" ++# endif ++# define __field64(type, type64, name) type name ++#elif __BYTE_ORDER == __LITTLE_ENDIAN ++# define __field64(type, type64, name) \ ++ type name __attribute__((__aligned__ (__alignof__ (type64)))); int __##name##_pad ++#else ++# define __field64(type, type64, name) \ ++ int __##name##_pad __attribute__((__aligned__ (__alignof__ (type64)))); type name ++#endif ++ ++struct stat ++ { ++#ifdef __USE_TIME_BITS64 ++# include ++#else ++ __dev_t st_dev; /* Device. */ ++ __field64(__ino_t, __ino64_t, st_ino); /* File serial number. */ ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ __dev_t __pad1; ++ __field64(__off_t, __off64_t, st_size); /* Size of file, in bytes. */ ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ int __pad2; ++ __field64(__blkcnt_t, __blkcnt64_t, st_blocks); /* 512-byte blocks */ ++# ifdef __USE_XOPEN2K8 ++ /* Nanosecond resolution timestamps are stored in a format ++ equivalent to 'struct timespec'. This is the type used ++ whenever possible but the Unix namespace rules do not allow the ++ identifier 'timespec' to appear in the header. ++ Therefore we have to handle the use of this header in strictly ++ standard-compliant sources special. */ ++ struct timespec st_atim; /* Time of last access. */ ++ struct timespec st_mtim; /* Time of last modification. */ ++ struct timespec st_ctim; /* Time of last status change. */ ++# define st_atime st_atim.tv_sec /* Backward compatibility. */ ++# define st_mtime st_mtim.tv_sec ++# define st_ctime st_ctim.tv_sec ++# else ++ __time_t st_atime; /* Time of last access. */ ++ unsigned long int st_atimensec; /* Nscecs of last access. */ ++ __time_t st_mtime; /* Time of last modification. */ ++ unsigned long int st_mtimensec; /* Nsecs of last modification. */ ++ __time_t st_ctime; /* Time of last status change. */ ++ unsigned long int st_ctimensec; /* Nsecs of last status change. */ ++# endif ++ int __glibc_reserved[2]; ++#endif ++ }; ++ ++#undef __field64 ++ ++#ifdef __USE_LARGEFILE64 ++struct stat64 ++ { ++# ifdef __USE_TIME_BITS64 ++# include ++# else ++ __dev_t st_dev; /* Device. */ ++ __ino64_t st_ino; /* File serial number. */ ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ __dev_t __pad1; ++ __off64_t st_size; /* Size of file, in bytes. */ ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ int __pad2; ++ __blkcnt64_t st_blocks; /* Nr. 512-byte blocks allocated. */ ++# ifdef __USE_XOPEN2K8 ++ /* Nanosecond resolution timestamps are stored in a format ++ equivalent to 'struct timespec'. This is the type used ++ whenever possible but the Unix namespace rules do not allow the ++ identifier 'timespec' to appear in the header. ++ Therefore we have to handle the use of this header in strictly ++ standard-compliant sources special. */ ++ struct timespec st_atim; /* Time of last access. */ ++ struct timespec st_mtim; /* Time of last modification. */ ++ struct timespec st_ctim; /* Time of last status change. */ ++# else ++ __time_t st_atime; /* Time of last access. */ ++ unsigned long int st_atimensec; /* Nscecs of last access. */ ++ __time_t st_mtime; /* Time of last modification. */ ++ unsigned long int st_mtimensec; /* Nsecs of last modification. */ ++ __time_t st_ctime; /* Time of last status change. */ ++ unsigned long int st_ctimensec; /* Nsecs of last status change. */ ++# endif ++ int __glibc_reserved[2]; ++# endif ++ }; ++#endif ++ ++/* Tell code we have these members. */ ++#define _STATBUF_ST_BLKSIZE ++#define _STATBUF_ST_RDEV ++/* Nanosecond resolution time values are supported. */ ++#define _STATBUF_ST_NSEC ++ ++#endif /* _BITS_STRUCT_STAT_H */ +diff --git a/sysdeps/unix/sysv/linux/sh/bits/struct_stat.h b/sysdeps/unix/sysv/linux/sh/bits/struct_stat.h +new file mode 100644 +index 0000000000..0f7c9cdc89 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/sh/bits/struct_stat.h +@@ -0,0 +1,139 @@ ++/* Definition for struct stat. Linux/sh version. ++ Copyright (C) 2020-2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#if !defined _SYS_STAT_H && !defined _FCNTL_H ++# error "Never include directly; use instead." ++#endif ++ ++#ifndef _BITS_STRUCT_STAT_H ++#define _BITS_STRUCT_STAT_H 1 ++ ++#include ++#include ++ ++struct stat ++ { ++#ifdef __USE_TIME_BITS64 ++# include ++#else ++ __dev_t st_dev; /* Device. */ ++ unsigned short int __pad1; ++# ifndef __USE_FILE_OFFSET64 ++ __ino_t st_ino; /* File serial number. */ ++# else ++ __ino_t __st_ino; /* 32bit file serial number. */ ++# endif ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ unsigned short int __pad2; ++# ifndef __USE_FILE_OFFSET64 ++ __off_t st_size; /* Size of file, in bytes. */ ++# else ++ __off64_t st_size; /* Size of file, in bytes. */ ++# endif ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ ++# ifndef __USE_FILE_OFFSET64 ++ __blkcnt_t st_blocks; /* Number 512-byte blocks allocated. */ ++# else ++ __blkcnt64_t st_blocks; /* Number 512-byte blocks allocated. */ ++# endif ++# ifdef __USE_XOPEN2K8 ++ /* Nanosecond resolution timestamps are stored in a format ++ equivalent to 'struct timespec'. This is the type used ++ whenever possible but the Unix namespace rules do not allow the ++ identifier 'timespec' to appear in the header. ++ Therefore we have to handle the use of this header in strictly ++ standard-compliant sources special. */ ++ struct timespec st_atim; /* Time of last access. */ ++ struct timespec st_mtim; /* Time of last modification. */ ++ struct timespec st_ctim; /* Time of last status change. */ ++# define st_atime st_atim.tv_sec /* Backward compatibility. */ ++# define st_mtime st_mtim.tv_sec ++# define st_ctime st_ctim.tv_sec ++# else ++ __time_t st_atime; /* Time of last access. */ ++ unsigned long int st_atimensec; /* Nscecs of last access. */ ++ __time_t st_mtime; /* Time of last modification. */ ++ unsigned long int st_mtimensec; /* Nsecs of last modification. */ ++ __time_t st_ctime; /* Time of last status change. */ ++ unsigned long int st_ctimensec; /* Nsecs of last status change. */ ++# endif ++# ifndef __USE_FILE_OFFSET64 ++ unsigned long int __glibc_reserved4; ++ unsigned long int __glibc_reserved5; ++# else ++ __ino64_t st_ino; /* File serial number. */ ++# endif ++#endif /* __USE_TIME_BITS64 */ ++ }; ++ ++#ifdef __USE_LARGEFILE64 ++struct stat64 ++ { ++# ifdef __USE_TIME_BITS64 ++# include ++# else ++ __dev_t st_dev; /* Device. */ ++ unsigned int __pad1; ++ ++ __ino_t __st_ino; /* 32bit file serial number. */ ++ __mode_t st_mode; /* File mode. */ ++ __nlink_t st_nlink; /* Link count. */ ++ __uid_t st_uid; /* User ID of the file's owner. */ ++ __gid_t st_gid; /* Group ID of the file's group.*/ ++ __dev_t st_rdev; /* Device number, if device. */ ++ unsigned int __pad2; ++ __off64_t st_size; /* Size of file, in bytes. */ ++ __blksize_t st_blksize; /* Optimal block size for I/O. */ ++ ++ __blkcnt64_t st_blocks; /* Number 512-byte blocks allocated. */ ++# ifdef __USE_XOPEN2K8 ++ /* Nanosecond resolution timestamps are stored in a format ++ equivalent to 'struct timespec'. This is the type used ++ whenever possible but the Unix namespace rules do not allow the ++ identifier 'timespec' to appear in the header. ++ Therefore we have to handle the use of this header in strictly ++ standard-compliant sources special. */ ++ struct timespec st_atim; /* Time of last access. */ ++ struct timespec st_mtim; /* Time of last modification. */ ++ struct timespec st_ctim; /* Time of last status change. */ ++# else ++ __time_t st_atime; /* Time of last access. */ ++ unsigned long int st_atimensec; /* Nscecs of last access. */ ++ __time_t st_mtime; /* Time of last modification. */ ++ unsigned long int st_mtimensec; /* Nsecs of last modification. */ ++ __time_t st_ctime; /* Time of last status change. */ ++ unsigned long int st_ctimensec; /* Nsecs of last status change. */ ++# endif ++ __ino64_t st_ino; /* File serial number. */ ++# endif /* __USE_TIME_BITS64 */ ++ }; ++#endif ++ ++/* Tell code we have these members. */ ++#define _STATBUF_ST_BLKSIZE ++#define _STATBUF_ST_RDEV ++/* Nanosecond resolution time values are supported. */ ++#define _STATBUF_ST_NSEC ++ ++ ++#endif /* _BITS_STRUCT_STAT_H */ +-- +2.19.1.6.gb485710b + diff --git a/0066-elf-Reinstate-on-DL_DEBUG_BINDINGS-_dl_lookup_symbol.patch b/0066-elf-Reinstate-on-DL_DEBUG_BINDINGS-_dl_lookup_symbol.patch new file mode 100644 index 0000000..5686f1f --- /dev/null +++ b/0066-elf-Reinstate-on-DL_DEBUG_BINDINGS-_dl_lookup_symbol.patch @@ -0,0 +1,46 @@ +From a1dc0be03c9dd850b864bd7a9c03cf8e396eb7ca Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Tue, 25 Oct 2022 13:19:16 -0300 +Subject: [PATCH 66/81] elf: Reinstate on DL_DEBUG_BINDINGS _dl_lookup_symbol_x + +The prelink removal done by 6628c742b2c16e wrongly removed the debug +support. + +Checked on x86_64-linux-gnu. + +(cherry picked from commit 891a7958a28eac6d4af1517dd2896fef5e4951d4) +--- + elf/dl-lookup.c | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + +diff --git a/elf/dl-lookup.c b/elf/dl-lookup.c +index 4c86dc694e..67fb2e31e2 100644 +--- a/elf/dl-lookup.c ++++ b/elf/dl-lookup.c +@@ -854,6 +854,23 @@ _dl_lookup_symbol_x (const char *undef_name, struct link_map *undef_map, + if (__glibc_unlikely (current_value.m->l_used == 0)) + current_value.m->l_used = 1; + ++ if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_BINDINGS)) ++ { ++ const char *reference_name = undef_map->l_name; ++ ++ _dl_debug_printf ("binding file %s [%lu] to %s [%lu]: %s symbol `%s'", ++ DSO_FILENAME (reference_name), ++ undef_map->l_ns, ++ DSO_FILENAME (current_value.m->l_name), ++ current_value.m->l_ns, ++ protected ? "protected" : "normal", undef_name); ++ if (version) ++ _dl_debug_printf_c (" [%s]\n", version->name); ++ else ++ _dl_debug_printf_c ("\n"); ++ } ++ ++ + *ref = current_value.s; + return LOOKUP_VALUE (current_value.m); + } +-- +2.19.1.6.gb485710b + diff --git a/0067-longlong.h-update-from-GCC-for-LoongArch-clz-ctz-sup.patch b/0067-longlong.h-update-from-GCC-for-LoongArch-clz-ctz-sup.patch new file mode 100644 index 0000000..2458794 --- /dev/null +++ b/0067-longlong.h-update-from-GCC-for-LoongArch-clz-ctz-sup.patch @@ -0,0 +1,38 @@ +From 4c6a78addabbd6e1b69763e286768919e56dfe0a Mon Sep 17 00:00:00 2001 +From: Xi Ruoyao +Date: Sat, 15 Oct 2022 14:12:13 +0800 +Subject: [PATCH 67/81] longlong.h: update from GCC for LoongArch clz/ctz + support + +Update longlong.h to GCC r13-3269. Keep our local change (prefer https +for gnu.org URL). +--- + stdlib/longlong.h | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/stdlib/longlong.h b/stdlib/longlong.h +index 9b89469ac2..d8f76a43b5 100644 +--- a/stdlib/longlong.h ++++ b/stdlib/longlong.h +@@ -593,6 +593,18 @@ extern UDItype __umulsidi3 (USItype, USItype); + #define UMUL_TIME 14 + #endif + ++#ifdef __loongarch__ ++# if W_TYPE_SIZE == 32 ++# define count_leading_zeros(count, x) ((count) = __builtin_clz (x)) ++# define count_trailing_zeros(count, x) ((count) = __builtin_ctz (x)) ++# define COUNT_LEADING_ZEROS_0 32 ++# elif W_TYPE_SIZE == 64 ++# define count_leading_zeros(count, x) ((count) = __builtin_clzll (x)) ++# define count_trailing_zeros(count, x) ((count) = __builtin_ctzll (x)) ++# define COUNT_LEADING_ZEROS_0 64 ++# endif ++#endif ++ + #if defined (__M32R__) && W_TYPE_SIZE == 32 + #define add_ssaaaa(sh, sl, ah, al, bh, bl) \ + /* The cmp clears the condition bit. */ \ +-- +2.19.1.6.gb485710b + diff --git a/0068-linux-Fix-fstatat-on-MIPSn64-BZ-29730.patch b/0068-linux-Fix-fstatat-on-MIPSn64-BZ-29730.patch new file mode 100644 index 0000000..c2e1e25 --- /dev/null +++ b/0068-linux-Fix-fstatat-on-MIPSn64-BZ-29730.patch @@ -0,0 +1,93 @@ +From dd4131c8322891a0ad7cfb661efa41aecc02b581 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Tue, 1 Nov 2022 20:43:55 +0100 +Subject: [PATCH 68/81] linux: Fix fstatat on MIPSn64 (BZ #29730) + +Commit 6e8a0aac2f883 ("time: Fix overflow itimer tests on 32-bit +systems") changed in_time_t_range to assume a 32-bit time_t. This broke +fstatat on MIPSn64 that was using it with a 64-bit time_t due to +difference between stat and stat64. This commit fix that by adding a +MIPSn64 specific version, which bypasses the EOVERFLOW tests. + +Resolves: BZ #29730 + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 7457b7eef8dfe8cc48e55b9f9837df6dd397b80d) +--- + NEWS | 1 + + .../unix/sysv/linux/mips/mips64/n64/fstatat.c | 51 +++++++++++++++++++ + 2 files changed, 52 insertions(+) + create mode 100644 sysdeps/unix/sysv/linux/mips/mips64/n64/fstatat.c + +diff --git a/NEWS b/NEWS +index 833045585f..e92d547e2c 100644 +--- a/NEWS ++++ b/NEWS +@@ -45,6 +45,7 @@ The following bugs are resolved with this release: + [29638] libc: stdlib: arc4random fallback is never used + [29657] libc: Incorrect struct stat for 64-bit time on linux/generic + platforms ++ [29730] broken y2038 support in fstatat on MIPS N64 + + Version 2.36 + +diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/fstatat.c b/sysdeps/unix/sysv/linux/mips/mips64/n64/fstatat.c +new file mode 100644 +index 0000000000..fe6c3a0dda +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/fstatat.c +@@ -0,0 +1,51 @@ ++/* Get file status. Linux/MIPSn64 version. ++ Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++/* Different than other ABIs, mips64 has different layouts for non-LFS ++ and LFS struct stat. */ ++int ++__fstatat (int fd, const char *file, struct stat *buf, int flag) ++{ ++ struct __stat64_t64 st64; ++ int r = __fstatat64_time64 (fd, file, &st64, flag); ++ if (r == 0) ++ { ++ /* Clear internal pad and reserved fields. */ ++ memset (buf, 0, sizeof (*buf)); ++ ++ buf->st_dev = st64.st_dev; ++ buf->st_ino = st64.st_ino; ++ buf->st_mode = st64.st_mode; ++ buf->st_nlink = st64.st_nlink; ++ buf->st_uid = st64.st_uid; ++ buf->st_gid = st64.st_gid; ++ buf->st_rdev = st64.st_rdev; ++ buf->st_size = st64.st_size; ++ buf->st_blksize = st64.st_blksize; ++ buf->st_blocks = st64.st_blocks; ++ buf->st_atim = st64.st_atim; ++ buf->st_mtim = st64.st_mtim; ++ buf->st_ctim = st64.st_ctim; ++ } ++ return r; ++} ++ ++weak_alias (__fstatat, fstatat) +-- +2.19.1.6.gb485710b + diff --git a/0069-LoongArch-Fix-ABI-related-macros-in-elf.h-to-keep-co.patch b/0069-LoongArch-Fix-ABI-related-macros-in-elf.h-to-keep-co.patch new file mode 100644 index 0000000..cc80d02 --- /dev/null +++ b/0069-LoongArch-Fix-ABI-related-macros-in-elf.h-to-keep-co.patch @@ -0,0 +1,35 @@ +From 2fce85f67c56e46863db40b8ca75bbf0fa993053 Mon Sep 17 00:00:00 2001 +From: caiyinyu +Date: Wed, 12 Oct 2022 20:28:42 +0800 +Subject: [PATCH 69/81] LoongArch: Fix ABI related macros in elf.h to keep + consistent with binutils[1]. + +[1]: +https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=c4a7e6b56218e1d5a858682186b542e2eae01a4a;hp=0d94a8735055432029237612a6eb9165db1ec9dd +[2]: +Reference: https://loongson.github.io/LoongArch-Documentation/LoongArch-ELF-ABI-EN.html#_e_flags_identifies_abi_type_and_version +--- + elf/elf.h | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/elf/elf.h b/elf/elf.h +index 02a1b3f52f..014393f3cc 100644 +--- a/elf/elf.h ++++ b/elf/elf.h +@@ -4085,8 +4085,11 @@ enum + #define R_NDS32_TLS_DESC 119 + + /* LoongArch ELF Flags */ +-#define EF_LARCH_ABI 0x07 +-#define EF_LARCH_ABI_LP64D 0x03 ++#define EF_LARCH_ABI_MODIFIER_MASK 0x07 ++#define EF_LARCH_ABI_SOFT_FLOAT 0x01 ++#define EF_LARCH_ABI_SINGLE_FLOAT 0x02 ++#define EF_LARCH_ABI_DOUBLE_FLOAT 0x03 ++#define EF_LARCH_OBJABI_V1 0x40 + + /* LoongArch specific dynamic relocations */ + #define R_LARCH_NONE 0 +-- +2.19.1.6.gb485710b + diff --git a/0070-Makerules-fix-MAKEFLAGS-assignment-for-upcoming-make.patch b/0070-Makerules-fix-MAKEFLAGS-assignment-for-upcoming-make.patch new file mode 100644 index 0000000..83590e5 --- /dev/null +++ b/0070-Makerules-fix-MAKEFLAGS-assignment-for-upcoming-make.patch @@ -0,0 +1,115 @@ +From 36cc06341a0c5029f49efaeef744dc3e9758e669 Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich +Date: Tue, 13 Sep 2022 13:39:13 -0400 +Subject: [PATCH 70/81] Makerules: fix MAKEFLAGS assignment for upcoming + make-4.4 [BZ# 29564] + +make-4.4 will add long flags to MAKEFLAGS variable: + + * WARNING: Backward-incompatibility! + Previously only simple (one-letter) options were added to the MAKEFLAGS + variable that was visible while parsing makefiles. Now, all options + are available in MAKEFLAGS. + +This causes locale builds to fail when long options are used: + + $ make --shuffle + ... + make -C localedata install-locales + make: invalid shuffle mode: '1662724426r' + +The change fixes it by passing eash option via whitespace and dashes. +That way option is appended to both single-word form and whitespace +separated form. + +While at it fixed --silent mode detection in $(MAKEFLAGS) by filtering +out --long-options. Otherwise options like --shuffle flag enable silent +mode unintentionally. $(silent-make) variable consolidates the checks. + +Resolves: BZ# 29564 + +CC: Paul Smith +CC: Siddhesh Poyarekar +Signed-off-by: Sergei Trofimovich +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 2d7ed98add14f75041499ac189696c9bd3d757fe) +--- + Makeconfig | 18 +++++++++++++++++- + Makerules | 4 ++-- + elf/rtld-Rules | 2 +- + 3 files changed, 20 insertions(+), 4 deletions(-) + +diff --git a/Makeconfig b/Makeconfig +index ba70321af1..2bbcabd8f9 100644 +--- a/Makeconfig ++++ b/Makeconfig +@@ -43,6 +43,22 @@ else + $(error objdir must be defined by the build-directory Makefile) + endif + ++# Did we request 'make -s' run? "yes" or "no". ++# Starting from make-4.4 MAKEFLAGS now contains long ++# options like '--shuffle'. To detect presence of 's' ++# we pick first word with short options. Long options ++# are guaranteed to come after whitespace. We use '-' ++# prefix to always have a word before long options ++# even if no short options were passed. ++# Typical MAKEFLAGS values to watch for: ++# "rs --shuffle=42" (silent) ++# " --shuffle" (not silent) ++ifeq ($(findstring s, $(firstword -$(MAKEFLAGS))),) ++silent-make := no ++else ++silent-make := yes ++endif ++ + # Root of the sysdeps tree. + sysdep_dir := $(..)sysdeps + export sysdep_dir := $(sysdep_dir) +@@ -917,7 +933,7 @@ endif + # umpteen zillion filenames along with it (we use `...' instead) + # but we don't want this echoing done when the user has said + # he doesn't want to see commands echoed by using -s. +-ifneq "$(findstring s,$(MAKEFLAGS))" "" # if -s ++ifeq ($(silent-make),yes) # if -s + +cmdecho := echo >/dev/null + else # not -s + +cmdecho := echo +diff --git a/Makerules b/Makerules +index d1e139d03c..09c0cf8357 100644 +--- a/Makerules ++++ b/Makerules +@@ -794,7 +794,7 @@ endif + # Maximize efficiency by minimizing the number of rules. + .SUFFIXES: # Clear the suffix list. We don't use suffix rules. + # Don't define any builtin rules. +-MAKEFLAGS := $(MAKEFLAGS)r ++MAKEFLAGS := $(MAKEFLAGS) -r + + # Generic rule for making directories. + %/: +@@ -811,7 +811,7 @@ MAKEFLAGS := $(MAKEFLAGS)r + .PRECIOUS: $(foreach l,$(libtypes),$(patsubst %,$(common-objpfx)$l,c)) + + # Use the verbose option of ar and tar when not running silently. +-ifeq "$(findstring s,$(MAKEFLAGS))" "" # if not -s ++ifeq ($(silent-make),no) # if not -s + verbose := v + else # -s + verbose := +diff --git a/elf/rtld-Rules b/elf/rtld-Rules +index ca00dd1fe2..3c5e273f2b 100644 +--- a/elf/rtld-Rules ++++ b/elf/rtld-Rules +@@ -52,7 +52,7 @@ $(objpfx)rtld-libc.a: $(foreach dir,$(rtld-subdirs),\ + mv -f $@T $@ + + # Use the verbose option of ar and tar when not running silently. +-ifeq "$(findstring s,$(MAKEFLAGS))" "" # if not -s ++ifeq ($(silent-make),no) # if not -s + verbose := v + else # -s + verbose := +-- +2.19.1.6.gb485710b + diff --git a/0071-mktime-improve-heuristic-for-ca-1986-Indiana-DST.patch b/0071-mktime-improve-heuristic-for-ca-1986-Indiana-DST.patch new file mode 100644 index 0000000..4dbcfc5 --- /dev/null +++ b/0071-mktime-improve-heuristic-for-ca-1986-Indiana-DST.patch @@ -0,0 +1,78 @@ +From 70410f2286cc36c9ccb133878811c728ae51725f Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Thu, 8 Sep 2022 20:08:32 -0500 +Subject: [PATCH 71/81] mktime: improve heuristic for ca-1986 Indiana DST + +This patch syncs mktime.c from Gnulib, fixing a +problem reported by Mark Krenz , +and it should fix BZ#29035 too. +* time/mktime.c (__mktime_internal): Be more generous about +accepting arguments with the wrong value of tm_isdst, by falling +back to a one-hour DST difference if we find no nearby DST that is +unusual. This fixes a problem where "1986-04-28 00:00 EDT" was +rejected when TZ="America/Indianapolis" because the nearest DST +timestamp occurred in 1970, a temporal distance too great for the +old heuristic. This also also narrows the search a bit, which +is a minor performance win. + +(cherry picked from commit 83859e1115269cf56d21669361d4ddbe2687831c) +--- + time/mktime.c | 28 ++++++++++++++++++++-------- + 1 file changed, 20 insertions(+), 8 deletions(-) + +diff --git a/time/mktime.c b/time/mktime.c +index 494c89bf54..e9a6006710 100644 +--- a/time/mktime.c ++++ b/time/mktime.c +@@ -429,8 +429,13 @@ __mktime_internal (struct tm *tp, + time with the right value, and use its UTC offset. + + Heuristic: probe the adjacent timestamps in both directions, +- looking for the desired isdst. This should work for all real +- time zone histories in the tz database. */ ++ looking for the desired isdst. If none is found within a ++ reasonable duration bound, assume a one-hour DST difference. ++ This should work for all real time zone histories in the tz ++ database. */ ++ ++ /* +1 if we wanted standard time but got DST, -1 if the reverse. */ ++ int dst_difference = (isdst == 0) - (tm.tm_isdst == 0); + + /* Distance between probes when looking for a DST boundary. In + tzdata2003a, the shortest period of DST is 601200 seconds +@@ -441,12 +446,14 @@ __mktime_internal (struct tm *tp, + periods when probing. */ + int stride = 601200; + +- /* The longest period of DST in tzdata2003a is 536454000 seconds +- (e.g., America/Jujuy starting 1946-10-01 01:00). The longest +- period of non-DST is much longer, but it makes no real sense +- to search for more than a year of non-DST, so use the DST +- max. */ +- int duration_max = 536454000; ++ /* In TZDB 2021e, the longest period of DST (or of non-DST), in ++ which the DST (or adjacent DST) difference is not one hour, ++ is 457243209 seconds: e.g., America/Cambridge_Bay with leap ++ seconds, starting 1965-10-31 00:00 in a switch from ++ double-daylight time (-05) to standard time (-07), and ++ continuing to 1980-04-27 02:00 in a switch from standard time ++ (-07) to daylight time (-06). */ ++ int duration_max = 457243209; + + /* Search in both directions, so the maximum distance is half + the duration; add the stride to avoid off-by-1 problems. */ +@@ -483,6 +490,11 @@ __mktime_internal (struct tm *tp, + } + } + ++ /* No unusual DST offset was found nearby. Assume one-hour DST. */ ++ t += 60 * 60 * dst_difference; ++ if (mktime_min <= t && t <= mktime_max && convert_time (convert, t, &tm)) ++ goto offset_found; ++ + __set_errno (EOVERFLOW); + return -1; + } +-- +2.19.1.6.gb485710b + diff --git a/0072-Linux-Support-__IPC_64-in-sysvctl-ctl-command-argume.patch b/0072-Linux-Support-__IPC_64-in-sysvctl-ctl-command-argume.patch new file mode 100644 index 0000000..ebf8602 --- /dev/null +++ b/0072-Linux-Support-__IPC_64-in-sysvctl-ctl-command-argume.patch @@ -0,0 +1,243 @@ +From 0f90d6204d79223fd32248c774df0cb7f0e604de Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 8 Nov 2022 14:15:02 +0100 +Subject: [PATCH 72/81] Linux: Support __IPC_64 in sysvctl *ctl command + arguments (bug 29771) + +Old applications pass __IPC_64 as part of the command argument because +old glibc did not check for unknown commands, and passed through the +arguments directly to the kernel, without adding __IPC_64. +Applications need to continue doing that for old glibc compatibility, +so this commit enables this approach in current glibc. + +For msgctl and shmctl, if no translation is required, make +direct system calls, as we did before the time64 changes. If +translation is required, mask __IPC_64 from the command argument. + +For semctl, the union-in-vararg argument handling means that +translation is needed on all architectures. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 22a46dee24351fd5f4f188ad80554cad79c82524) +--- + NEWS | 1 + + sysdeps/unix/sysv/linux/ipc_priv.h | 6 +++++ + sysdeps/unix/sysv/linux/msgctl.c | 38 ++++++++++++++++++++---------- + sysdeps/unix/sysv/linux/semctl.c | 7 ++++++ + sysdeps/unix/sysv/linux/shmctl.c | 38 ++++++++++++++++++++---------- + 5 files changed, 64 insertions(+), 26 deletions(-) + +diff --git a/NEWS b/NEWS +index e92d547e2c..9f8edea5db 100644 +--- a/NEWS ++++ b/NEWS +@@ -46,6 +46,7 @@ The following bugs are resolved with this release: + [29657] libc: Incorrect struct stat for 64-bit time on linux/generic + platforms + [29730] broken y2038 support in fstatat on MIPS N64 ++ [29771] Restore IPC_64 support in sysvipc *ctl functions + + Version 2.36 + +diff --git a/sysdeps/unix/sysv/linux/ipc_priv.h b/sysdeps/unix/sysv/linux/ipc_priv.h +index 87893a6757..2f50c31a8e 100644 +--- a/sysdeps/unix/sysv/linux/ipc_priv.h ++++ b/sysdeps/unix/sysv/linux/ipc_priv.h +@@ -63,4 +63,10 @@ struct __old_ipc_perm + # define __IPC_TIME64 0 + #endif + ++#if __IPC_TIME64 || defined __ASSUME_SYSVIPC_BROKEN_MODE_T ++# define IPC_CTL_NEED_TRANSLATION 1 ++#else ++# define IPC_CTL_NEED_TRANSLATION 0 ++#endif ++ + #include +diff --git a/sysdeps/unix/sysv/linux/msgctl.c b/sysdeps/unix/sysv/linux/msgctl.c +index e824ebb095..2072205252 100644 +--- a/sysdeps/unix/sysv/linux/msgctl.c ++++ b/sysdeps/unix/sysv/linux/msgctl.c +@@ -85,11 +85,19 @@ msgctl_syscall (int msqid, int cmd, msgctl_arg_t *buf) + int + __msgctl64 (int msqid, int cmd, struct __msqid64_ds *buf) + { +-#if __IPC_TIME64 ++#if IPC_CTL_NEED_TRANSLATION ++# if __IPC_TIME64 + struct kernel_msqid64_ds ksemid, *arg = NULL; +-#else ++# else + msgctl_arg_t *arg; +-#endif ++# endif ++ ++ /* Some applications pass the __IPC_64 flag in cmd, to invoke ++ previously unsupported commands back when there was no EINVAL ++ error checking in glibc. Mask the flag for the switch statements ++ below. msgctl_syscall adds back the __IPC_64 flag for the actual ++ system call. */ ++ cmd &= ~__IPC_64; + + switch (cmd) + { +@@ -101,19 +109,19 @@ __msgctl64 (int msqid, int cmd, struct __msqid64_ds *buf) + case IPC_STAT: + case MSG_STAT: + case MSG_STAT_ANY: +-#if __IPC_TIME64 ++# if __IPC_TIME64 + if (buf != NULL) + { + msqid64_to_kmsqid64 (buf, &ksemid); + arg = &ksemid; + } +-# ifdef __ASSUME_SYSVIPC_BROKEN_MODE_T ++# ifdef __ASSUME_SYSVIPC_BROKEN_MODE_T + if (cmd == IPC_SET) + arg->msg_perm.mode *= 0x10000U; +-# endif +-#else ++# endif ++# else + arg = buf; +-#endif ++# endif + break; + + case IPC_INFO: +@@ -137,21 +145,25 @@ __msgctl64 (int msqid, int cmd, struct __msqid64_ds *buf) + case IPC_STAT: + case MSG_STAT: + case MSG_STAT_ANY: +-#ifdef __ASSUME_SYSVIPC_BROKEN_MODE_T ++# ifdef __ASSUME_SYSVIPC_BROKEN_MODE_T + arg->msg_perm.mode >>= 16; +-#else ++# else + /* Old Linux kernel versions might not clear the mode padding. */ + if (sizeof ((struct msqid_ds){0}.msg_perm.mode) + != sizeof (__kernel_mode_t)) + arg->msg_perm.mode &= 0xFFFF; +-#endif ++# endif + +-#if __IPC_TIME64 ++# if __IPC_TIME64 + kmsqid64_to_msqid64 (arg, buf); +-#endif ++# endif + } + + return ret; ++ ++#else /* !IPC_CTL_NEED_TRANSLATION */ ++ return msgctl_syscall (msqid, cmd, buf); ++#endif + } + #if __TIMESIZE != 64 + libc_hidden_def (__msgctl64) +diff --git a/sysdeps/unix/sysv/linux/semctl.c b/sysdeps/unix/sysv/linux/semctl.c +index 77a8130c18..3458b018bc 100644 +--- a/sysdeps/unix/sysv/linux/semctl.c ++++ b/sysdeps/unix/sysv/linux/semctl.c +@@ -140,6 +140,13 @@ __semctl64 (int semid, int semnum, int cmd, ...) + union semun64 arg64 = { 0 }; + va_list ap; + ++ /* Some applications pass the __IPC_64 flag in cmd, to invoke ++ previously unsupported commands back when there was no EINVAL ++ error checking in glibc. Mask the flag for the switch statements ++ below. semctl_syscall adds back the __IPC_64 flag for the actual ++ system call. */ ++ cmd &= ~__IPC_64; ++ + /* Get the argument only if required. */ + switch (cmd) + { +diff --git a/sysdeps/unix/sysv/linux/shmctl.c b/sysdeps/unix/sysv/linux/shmctl.c +index ea38935497..f00817a6f6 100644 +--- a/sysdeps/unix/sysv/linux/shmctl.c ++++ b/sysdeps/unix/sysv/linux/shmctl.c +@@ -85,11 +85,19 @@ shmctl_syscall (int shmid, int cmd, shmctl_arg_t *buf) + int + __shmctl64 (int shmid, int cmd, struct __shmid64_ds *buf) + { +-#if __IPC_TIME64 ++#if IPC_CTL_NEED_TRANSLATION ++# if __IPC_TIME64 + struct kernel_shmid64_ds kshmid, *arg = NULL; +-#else ++# else + shmctl_arg_t *arg; +-#endif ++# endif ++ ++ /* Some applications pass the __IPC_64 flag in cmd, to invoke ++ previously unsupported commands back when there was no EINVAL ++ error checking in glibc. Mask the flag for the switch statements ++ below. shmctl_syscall adds back the __IPC_64 flag for the actual ++ system call. */ ++ cmd &= ~__IPC_64; + + switch (cmd) + { +@@ -103,19 +111,19 @@ __shmctl64 (int shmid, int cmd, struct __shmid64_ds *buf) + case IPC_STAT: + case SHM_STAT: + case SHM_STAT_ANY: +-#if __IPC_TIME64 ++# if __IPC_TIME64 + if (buf != NULL) + { + shmid64_to_kshmid64 (buf, &kshmid); + arg = &kshmid; + } +-# ifdef __ASSUME_SYSVIPC_BROKEN_MODE_T ++# ifdef __ASSUME_SYSVIPC_BROKEN_MODE_T + if (cmd == IPC_SET) + arg->shm_perm.mode *= 0x10000U; +-# endif +-#else ++# endif ++# else + arg = buf; +-#endif ++# endif + break; + + case IPC_INFO: +@@ -140,21 +148,25 @@ __shmctl64 (int shmid, int cmd, struct __shmid64_ds *buf) + case IPC_STAT: + case SHM_STAT: + case SHM_STAT_ANY: +-#ifdef __ASSUME_SYSVIPC_BROKEN_MODE_T ++# ifdef __ASSUME_SYSVIPC_BROKEN_MODE_T + arg->shm_perm.mode >>= 16; +-#else ++# else + /* Old Linux kernel versions might not clear the mode padding. */ + if (sizeof ((struct shmid_ds){0}.shm_perm.mode) + != sizeof (__kernel_mode_t)) + arg->shm_perm.mode &= 0xFFFF; +-#endif ++# endif + +-#if __IPC_TIME64 ++# if __IPC_TIME64 + kshmid64_to_shmid64 (arg, buf); +-#endif ++# endif + } + + return ret; ++ ++#else /* !IPC_CTL_NEED_TRANSLATION */ ++ return shmctl_syscall (shmid, cmd, buf); ++#endif + } + #if __TIMESIZE != 64 + libc_hidden_def (__shmctl64) +-- +2.19.1.6.gb485710b + diff --git a/0073-elf-Fix-rtld-audit-trampoline-for-aarch64.patch b/0073-elf-Fix-rtld-audit-trampoline-for-aarch64.patch new file mode 100644 index 0000000..12badd8 --- /dev/null +++ b/0073-elf-Fix-rtld-audit-trampoline-for-aarch64.patch @@ -0,0 +1,51 @@ +From 2ba9801d9f222de9fe1f5f04dcd1c276e56b4245 Mon Sep 17 00:00:00 2001 +From: Vladislav Khmelevsky +Date: Thu, 17 Nov 2022 12:47:29 +0400 +Subject: [PATCH 73/81] elf: Fix rtld-audit trampoline for aarch64 + +This patch fixes two problems with audit: + + 1. The DL_OFFSET_RV_VPCS offset was mixed up with DL_OFFSET_RG_VPCS, + resulting in x2 register value nulling in RG structure. + + 2. We need to preserve the x8 register before function call, but + don't have to save it's new value and restore it before return. + +Anyway the final restore was using OFFSET_RV instead of OFFSET_RG value +which is wrong (althoug doesn't affect anything). + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit eb4181e9f4a512de37dad4ba623c921671584dea) +--- + sysdeps/aarch64/dl-trampoline.S | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/sysdeps/aarch64/dl-trampoline.S b/sysdeps/aarch64/dl-trampoline.S +index 909b208578..d66f0b9c45 100644 +--- a/sysdeps/aarch64/dl-trampoline.S ++++ b/sysdeps/aarch64/dl-trampoline.S +@@ -298,12 +298,11 @@ _dl_runtime_profile: + stp x2, x3, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*1] + stp x4, x5, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*2] + stp x6, x7, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*3] +- str x8, [x29, #OFFSET_RG + DL_OFFSET_RG_X0 + 16*4] + stp q0, q1, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*0] + stp q2, q3, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*1] + stp q4, q5, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*2] + stp q6, q7, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*3] +- str xzr, [X29, #OFFSET_RV + DL_OFFSET_RG_VPCS] ++ str xzr, [X29, #OFFSET_RV + DL_OFFSET_RV_VPCS] + + /* Setup call to pltexit */ + ldp x0, x1, [x29, #OFFSET_SAVED_CALL_X0] +@@ -315,7 +314,6 @@ _dl_runtime_profile: + ldp x2, x3, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*1] + ldp x4, x5, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*2] + ldp x6, x7, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*3] +- ldr x8, [x29, #OFFSET_RV + DL_OFFSET_RV_X0 + 16*4] + ldp q0, q1, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*0] + ldp q2, q3, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*1] + ldp q4, q5, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*2] +-- +2.19.1.6.gb485710b + diff --git a/0074-x86-Fix-wcsnlen-avx2-page-cross-length-comparison-BZ.patch b/0074-x86-Fix-wcsnlen-avx2-page-cross-length-comparison-BZ.patch new file mode 100644 index 0000000..e03f0f5 --- /dev/null +++ b/0074-x86-Fix-wcsnlen-avx2-page-cross-length-comparison-BZ.patch @@ -0,0 +1,137 @@ +From fa196d06d392f9bb2eae2f41613c6b0710f26293 Mon Sep 17 00:00:00 2001 +From: Noah Goldstein +Date: Tue, 20 Sep 2022 17:58:04 -0700 +Subject: [PATCH 74/81] x86: Fix wcsnlen-avx2 page cross length comparison [BZ + #29591] + +Previous implementation was adjusting length (rsi) to match +bytes (eax), but since there is no bound to length this can cause +overflow. + +Fix is to just convert the byte-count (eax) to length by dividing by +sizeof (wchar_t) before the comparison. + +Full check passes on x86-64 and build succeeds w/ and w/o multiarch. + +(cherry picked from commit b0969fa53a28b4ab2159806bf6c99a98999502ee) +--- + string/test-strnlen.c | 70 +++++++++++++++----------- + sysdeps/x86_64/multiarch/strlen-avx2.S | 7 +-- + 2 files changed, 43 insertions(+), 34 deletions(-) + +diff --git a/string/test-strnlen.c b/string/test-strnlen.c +index 4a9375112a..5cbaf4b734 100644 +--- a/string/test-strnlen.c ++++ b/string/test-strnlen.c +@@ -73,7 +73,7 @@ do_test (size_t align, size_t len, size_t maxlen, int max_char) + { + size_t i; + +- align &= 63; ++ align &= (getpagesize () / sizeof (CHAR) - 1); + if ((align + len) * sizeof (CHAR) >= page_size) + return; + +@@ -90,38 +90,50 @@ do_test (size_t align, size_t len, size_t maxlen, int max_char) + static void + do_overflow_tests (void) + { +- size_t i, j, len; ++ size_t i, j, al_idx, repeats, len; + const size_t one = 1; + uintptr_t buf_addr = (uintptr_t) buf1; ++ const size_t alignments[] = { 0, 1, 7, 9, 31, 33, 63, 65, 95, 97, 127, 129 }; + +- for (i = 0; i < 750; ++i) ++ for (al_idx = 0; al_idx < sizeof (alignments) / sizeof (alignments[0]); ++ al_idx++) + { +- do_test (1, i, SIZE_MAX, BIG_CHAR); +- +- do_test (0, i, SIZE_MAX - i, BIG_CHAR); +- do_test (0, i, i - buf_addr, BIG_CHAR); +- do_test (0, i, -buf_addr - i, BIG_CHAR); +- do_test (0, i, SIZE_MAX - buf_addr - i, BIG_CHAR); +- do_test (0, i, SIZE_MAX - buf_addr + i, BIG_CHAR); +- +- len = 0; +- for (j = 8 * sizeof(size_t) - 1; j ; --j) +- { +- len |= one << j; +- do_test (0, i, len - i, BIG_CHAR); +- do_test (0, i, len + i, BIG_CHAR); +- do_test (0, i, len - buf_addr - i, BIG_CHAR); +- do_test (0, i, len - buf_addr + i, BIG_CHAR); +- +- do_test (0, i, ~len - i, BIG_CHAR); +- do_test (0, i, ~len + i, BIG_CHAR); +- do_test (0, i, ~len - buf_addr - i, BIG_CHAR); +- do_test (0, i, ~len - buf_addr + i, BIG_CHAR); +- +- do_test (0, i, -buf_addr, BIG_CHAR); +- do_test (0, i, j - buf_addr, BIG_CHAR); +- do_test (0, i, -buf_addr - j, BIG_CHAR); +- } ++ for (repeats = 0; repeats < 2; ++repeats) ++ { ++ size_t align = repeats ? (getpagesize () - alignments[al_idx]) ++ : alignments[al_idx]; ++ align /= sizeof (CHAR); ++ for (i = 0; i < 750; ++i) ++ { ++ do_test (align, i, SIZE_MAX, BIG_CHAR); ++ ++ do_test (align, i, SIZE_MAX - i, BIG_CHAR); ++ do_test (align, i, i - buf_addr, BIG_CHAR); ++ do_test (align, i, -buf_addr - i, BIG_CHAR); ++ do_test (align, i, SIZE_MAX - buf_addr - i, BIG_CHAR); ++ do_test (align, i, SIZE_MAX - buf_addr + i, BIG_CHAR); ++ ++ len = 0; ++ for (j = 8 * sizeof (size_t) - 1; j; --j) ++ { ++ len |= one << j; ++ do_test (align, i, len, BIG_CHAR); ++ do_test (align, i, len - i, BIG_CHAR); ++ do_test (align, i, len + i, BIG_CHAR); ++ do_test (align, i, len - buf_addr - i, BIG_CHAR); ++ do_test (align, i, len - buf_addr + i, BIG_CHAR); ++ ++ do_test (align, i, ~len - i, BIG_CHAR); ++ do_test (align, i, ~len + i, BIG_CHAR); ++ do_test (align, i, ~len - buf_addr - i, BIG_CHAR); ++ do_test (align, i, ~len - buf_addr + i, BIG_CHAR); ++ ++ do_test (align, i, -buf_addr, BIG_CHAR); ++ do_test (align, i, j - buf_addr, BIG_CHAR); ++ do_test (align, i, -buf_addr - j, BIG_CHAR); ++ } ++ } ++ } + } + } + +diff --git a/sysdeps/x86_64/multiarch/strlen-avx2.S b/sysdeps/x86_64/multiarch/strlen-avx2.S +index 0593fb303b..b9b58ef599 100644 +--- a/sysdeps/x86_64/multiarch/strlen-avx2.S ++++ b/sysdeps/x86_64/multiarch/strlen-avx2.S +@@ -544,14 +544,11 @@ L(return_vzeroupper): + L(cross_page_less_vec): + tzcntl %eax, %eax + # ifdef USE_AS_WCSLEN +- /* NB: Multiply length by 4 to get byte count. */ +- sall $2, %esi ++ /* NB: Divide by 4 to convert from byte-count to length. */ ++ shrl $2, %eax + # endif + cmpq %rax, %rsi + cmovb %esi, %eax +-# ifdef USE_AS_WCSLEN +- shrl $2, %eax +-# endif + VZEROUPPER_RETURN + # endif + +-- +2.19.1.6.gb485710b + diff --git a/0075-Apply-asm-redirections-in-syslog.h-before-first-use-.patch b/0075-Apply-asm-redirections-in-syslog.h-before-first-use-.patch new file mode 100644 index 0000000..f592c80 --- /dev/null +++ b/0075-Apply-asm-redirections-in-syslog.h-before-first-use-.patch @@ -0,0 +1,79 @@ +From 3aae843e9e9e6a2502e98ff44d2671b20a023f8e Mon Sep 17 00:00:00 2001 +From: Tulio Magno Quites Machado Filho +Date: Fri, 11 Nov 2022 17:00:15 -0300 +Subject: [PATCH 75/81] Apply asm redirections in syslog.h before first use [BZ + #27087] + +Similar to d0fa09a770, but for syslog.h when _FORTIFY_SOURCE > 0. +Fixes [BZ #27087] by applying long double-related asm redirections +before using functions in bits/syslog.h. + +Tested with build-many-glibcs.py. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 227df6243a2b5b4d70d11772d12c02eb9cb666ca) +--- + misc/bits/syslog.h | 18 ++++++++++++++---- + misc/sys/syslog.h | 10 +++++----- + 2 files changed, 19 insertions(+), 9 deletions(-) + +diff --git a/misc/bits/syslog.h b/misc/bits/syslog.h +index fd30dd3114..916d2b6f12 100644 +--- a/misc/bits/syslog.h ++++ b/misc/bits/syslog.h +@@ -24,6 +24,20 @@ + extern void __syslog_chk (int __pri, int __flag, const char *__fmt, ...) + __attribute__ ((__format__ (__printf__, 3, 4))); + ++#ifdef __USE_MISC ++extern void __vsyslog_chk (int __pri, int __flag, const char *__fmt, ++ __gnuc_va_list __ap) ++ __attribute__ ((__format__ (__printf__, 3, 0))); ++#endif ++ ++#include ++#if defined __LDBL_COMPAT || __LDOUBLE_REDIRECTS_TO_FLOAT128_ABI == 1 ++# include ++#endif ++ ++/* The following functions must be used only after applying all asm ++ redirections, e.g. long double asm redirections. */ ++ + #ifdef __va_arg_pack + __fortify_function void + syslog (int __pri, const char *__fmt, ...) +@@ -37,10 +51,6 @@ syslog (int __pri, const char *__fmt, ...) + + + #ifdef __USE_MISC +-extern void __vsyslog_chk (int __pri, int __flag, const char *__fmt, +- __gnuc_va_list __ap) +- __attribute__ ((__format__ (__printf__, 3, 0))); +- + __fortify_function void + vsyslog (int __pri, const char *__fmt, __gnuc_va_list __ap) + { +diff --git a/misc/sys/syslog.h b/misc/sys/syslog.h +index d933fea104..3888153ed2 100644 +--- a/misc/sys/syslog.h ++++ b/misc/sys/syslog.h +@@ -205,11 +205,11 @@ extern void vsyslog (int __pri, const char *__fmt, __gnuc_va_list __ap) + /* Define some macros helping to catch buffer overflows. */ + #if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function + # include +-#endif +- +-#include +-#if defined __LDBL_COMPAT || __LDOUBLE_REDIRECTS_TO_FLOAT128_ABI == 1 +-# include ++#else ++# include ++# if defined __LDBL_COMPAT || __LDOUBLE_REDIRECTS_TO_FLOAT128_ABI == 1 ++# include ++# endif + #endif + + __END_DECLS +-- +2.19.1.6.gb485710b + diff --git a/0076-nis-Build-libnsl-with-64-bit-time_t.patch b/0076-nis-Build-libnsl-with-64-bit-time_t.patch new file mode 100644 index 0000000..8ca28db --- /dev/null +++ b/0076-nis-Build-libnsl-with-64-bit-time_t.patch @@ -0,0 +1,79 @@ +From fdcd20a55bf88f79f6457d36a93aee69f9bed971 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella Netto +Date: Wed, 26 Oct 2022 16:04:23 -0300 +Subject: [PATCH 76/81] nis: Build libnsl with 64 bit time_t + +And remove the usage of glibc reserved names. +Reviewed-by: DJ Delorie + +(cherry picked from commit 545eefc2f5da61801ba82b7a32ca2589b769ec90) +--- + Makeconfig | 2 +- + nis/nis_call.c | 10 +++++----- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/Makeconfig b/Makeconfig +index 2bbcabd8f9..9dd058e04b 100644 +--- a/Makeconfig ++++ b/Makeconfig +@@ -884,7 +884,7 @@ endif + # Use 64 bit time_t support for installed programs + installed-modules = nonlib nscd lddlibc4 ldconfig locale_programs \ + iconvprogs libnss_files libnss_compat libnss_db libnss_hesiod \ +- libutil libpcprofile libSegFault ++ libutil libpcprofile libSegFault libnsl + +extra-time-flags = $(if $(filter $(installed-modules),\ + $(in-module)),-D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64) + +diff --git a/nis/nis_call.c b/nis/nis_call.c +index 90187e30b1..5b9dd50151 100644 +--- a/nis/nis_call.c ++++ b/nis/nis_call.c +@@ -574,7 +574,7 @@ static struct nis_server_cache + unsigned int size; + unsigned int server_used; + unsigned int current_ep; +- __time64_t expires; ++ time_t expires; + char name[]; + } *nis_server_cache[16]; + static time_t nis_cold_start_mtime; +@@ -583,7 +583,7 @@ __libc_lock_define_initialized (static, nis_server_cache_lock) + static directory_obj * + nis_server_cache_search (const_nis_name name, int search_parent, + unsigned int *server_used, unsigned int *current_ep, +- struct __timespec64 *now) ++ struct timespec *now) + { + directory_obj *ret = NULL; + int i; +@@ -641,7 +641,7 @@ nis_server_cache_search (const_nis_name name, int search_parent, + static void + nis_server_cache_add (const_nis_name name, int search_parent, + directory_obj *dir, unsigned int server_used, +- unsigned int current_ep, struct __timespec64 *now) ++ unsigned int current_ep, struct timespec *now) + { + struct nis_server_cache **loc; + struct nis_server_cache *new; +@@ -707,7 +707,7 @@ __nisfind_server (const_nis_name name, int search_parent, + nis_error result = NIS_SUCCESS; + nis_error status; + directory_obj *obj; +- struct __timespec64 ts; ++ struct timespec ts; + unsigned int server_used = ~0; + unsigned int current_ep = ~0; + +@@ -717,7 +717,7 @@ __nisfind_server (const_nis_name name, int search_parent, + if (*dir != NULL) + return NIS_SUCCESS; + +- __clock_gettime64 (CLOCK_REALTIME, &ts); ++ clock_gettime (CLOCK_REALTIME, &ts); + + if ((flags & NO_CACHE) == 0) + *dir = nis_server_cache_search (name, search_parent, &server_used, +-- +2.19.1.6.gb485710b + diff --git a/0077-nscd-Use-64-bit-time_t-on-libc-nscd-routines-BZ-2940.patch b/0077-nscd-Use-64-bit-time_t-on-libc-nscd-routines-BZ-2940.patch new file mode 100644 index 0000000..0010d37 --- /dev/null +++ b/0077-nscd-Use-64-bit-time_t-on-libc-nscd-routines-BZ-2940.patch @@ -0,0 +1,58 @@ +From c1e080bc9521d2282a1f60c2ee19d80adae672ee Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella Netto +Date: Wed, 26 Oct 2022 16:04:24 -0300 +Subject: [PATCH 77/81] nscd: Use 64 bit time_t on libc nscd routines (BZ# + 29402) + +Although the nscd module is built with 64 bit time_t, the routines +linked direct to libc.so need to use the internal symbols. +Reviewed-by: DJ Delorie + +(cherry picked from commit fa4a19277842fd09a4815a986f70e0fe0903836f) +--- + NEWS | 1 + + nscd/nscd.h | 2 +- + nscd/nscd_gethst_r.c | 2 +- + 3 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/NEWS b/NEWS +index 9f8edea5db..c3df0c007d 100644 +--- a/NEWS ++++ b/NEWS +@@ -27,6 +27,7 @@ The following bugs are resolved with this release: + [24816] Fix tst-nss-files-hosts-long on single-stack hosts + [28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning + [29305] Conserve NSS buffer space during DNS packet parsing ++ [29402] nscd: nscd: No such file or directory + [29415] nscd: Fix netlink cache invalidation if epoll is used + [28937] New DSO dependency sorter does not put new map first if in a cycle + [29446] _dlopen now ignores dl_caller argument in static mode +diff --git a/nscd/nscd.h b/nscd/nscd.h +index 368091aef8..f15321585b 100644 +--- a/nscd/nscd.h ++++ b/nscd/nscd.h +@@ -65,7 +65,7 @@ typedef enum + struct traced_file + { + /* Tracks the last modified time of the traced file. */ +- time_t mtime; ++ __time64_t mtime; + /* Support multiple registered files per database. */ + struct traced_file *next; + int call_res_init; +diff --git a/nscd/nscd_gethst_r.c b/nscd/nscd_gethst_r.c +index 9becb62033..31c64275f0 100644 +--- a/nscd/nscd_gethst_r.c ++++ b/nscd/nscd_gethst_r.c +@@ -112,7 +112,7 @@ __nscd_get_nl_timestamp (void) + if (map == NULL + || (map != NO_MAPPING + && map->head->nscd_certainly_running == 0 +- && map->head->timestamp + MAPPING_TIMEOUT < time_now ())) ++ && map->head->timestamp + MAPPING_TIMEOUT < time64_now ())) + map = __nscd_get_mapping (GETFDHST, "hosts", &__hst_map_handle.mapped); + + if (map == NO_MAPPING) +-- +2.19.1.6.gb485710b + diff --git a/0078-time-Use-64-bit-time-on-tzfile.patch b/0078-time-Use-64-bit-time-on-tzfile.patch new file mode 100644 index 0000000..f229ac3 --- /dev/null +++ b/0078-time-Use-64-bit-time-on-tzfile.patch @@ -0,0 +1,29 @@ +From 4321cbc2af788827e56e5581f56d7da2876b48f1 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella Netto +Date: Wed, 26 Oct 2022 16:04:25 -0300 +Subject: [PATCH 78/81] time: Use 64 bit time on tzfile + +The tzfile_mtime is already compared to 64 bit time_t stat call. +Reviewed-by: DJ Delorie + +(cherry picked from commit 4e21c2075193e406a92c0d1cb091a7c804fda4d9) +--- + time/tzfile.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/time/tzfile.c b/time/tzfile.c +index dd75848ba9..394b098856 100644 +--- a/time/tzfile.c ++++ b/time/tzfile.c +@@ -32,7 +32,7 @@ + int __use_tzfile; + static dev_t tzfile_dev; + static ino64_t tzfile_ino; +-static time_t tzfile_mtime; ++static __time64_t tzfile_mtime; + + struct ttinfo + { +-- +2.19.1.6.gb485710b + diff --git a/0079-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch b/0079-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch new file mode 100644 index 0000000..9c84379 --- /dev/null +++ b/0079-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch @@ -0,0 +1,54 @@ +From 4444be051cae74fed390d4bc1a15ed730cc07b02 Mon Sep 17 00:00:00 2001 +From: Martin Jansa +Date: Wed, 21 Sep 2022 10:51:03 -0300 +Subject: [PATCH 79/81] locale: prevent maybe-uninitialized errors with -Os [BZ + #19444] + +Fixes following error when building with -Os: +| In file included from strcoll_l.c:43: +| strcoll_l.c: In function '__strcoll_l': +| ../locale/weight.h:31:26: error: 'seq2.back_us' may be used +uninitialized in this function [-Werror=maybe-uninitialized] +| int_fast32_t i = table[*(*cpp)++]; +| ^~~~~~~~~ +| strcoll_l.c:304:18: note: 'seq2.back_us' was declared here +| coll_seq seq1, seq2; +| ^~~~ +| In file included from strcoll_l.c:43: +| ../locale/weight.h:31:26: error: 'seq1.back_us' may be used +uninitialized in this function [-Werror=maybe-uninitialized] +| int_fast32_t i = table[*(*cpp)++]; +| ^~~~~~~~~ +| strcoll_l.c:304:12: note: 'seq1.back_us' was declared here +| coll_seq seq1, seq2; +| ^~~~ +Reviewed-by: Carlos O'Donell +Tested-by: Carlos O'Donell + +(cherry picked from commit c651f9da530320e9939e6cbad57b87695eeba41c) +--- + locale/weight.h | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/locale/weight.h b/locale/weight.h +index 8be2d220f8..4a4d5aa6b2 100644 +--- a/locale/weight.h ++++ b/locale/weight.h +@@ -27,7 +27,14 @@ findidx (const int32_t *table, + const unsigned char *extra, + const unsigned char **cpp, size_t len) + { ++ /* With GCC 8 when compiling with -Os the compiler warns that ++ seq1.back_us and seq2.back_us might be used uninitialized. ++ This uninitialized use is impossible for the same reason ++ as described in comments in locale/weightwc.h. */ ++ DIAG_PUSH_NEEDS_COMMENT; ++ DIAG_IGNORE_Os_NEEDS_COMMENT (8, "-Wmaybe-uninitialized"); + int32_t i = table[*(*cpp)++]; ++ DIAG_POP_NEEDS_COMMENT; + const unsigned char *cp; + const unsigned char *usrc; + +-- +2.19.1.6.gb485710b + diff --git a/0080-sunrpc-Suppress-GCC-Os-warning-on-user2netname.patch b/0080-sunrpc-Suppress-GCC-Os-warning-on-user2netname.patch new file mode 100644 index 0000000..6af1e4a --- /dev/null +++ b/0080-sunrpc-Suppress-GCC-Os-warning-on-user2netname.patch @@ -0,0 +1,62 @@ +From 997d844a97b0478a3a7f9e7d7027c7431edbb51d Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella Netto +Date: Wed, 21 Sep 2022 10:51:07 -0300 +Subject: [PATCH 80/81] sunrpc: Suppress GCC -Os warning on user2netname +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC with -Os warns that sprint might overflow: + + netname.c: In function ‘user2netname’: + netname.c:51:28: error: ‘%s’ directive writing up to 255 bytes into a + region of size between 239 and 249 [-Werror=format-overflow=] + 51 | sprintf (netname, "%s.%d@%s", OPSYS, uid, dfltdom); + | ^~ ~~~~~~~ + netname.c:51:3: note: ‘sprintf’ output between 8 and 273 bytes into a + destination of size 256 + 51 | sprintf (netname, "%s.%d@%s", OPSYS, uid, dfltdom); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + cc1: all warnings being treated as errors + +However the code does test prior the sprintf call that dfltdom plus +the required extra space for OPSYS, uid, and extra character will not +overflow and return 0 instead. + +Checked on x86_64-linux-gnu and i686-linux-gnu. +Reviewed-by: Carlos O'Donell +Tested-by: Carlos O'Donell + +(cherry picked from commit 6128e82ebe973163d2dd614d31753c88c0c4d645) +--- + sunrpc/netname.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/sunrpc/netname.c b/sunrpc/netname.c +index bf7f0b81c4..c1d1c43e50 100644 +--- a/sunrpc/netname.c ++++ b/sunrpc/netname.c +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + + #include "nsswitch.h" + +@@ -48,7 +49,12 @@ user2netname (char netname[MAXNETNAMELEN + 1], const uid_t uid, + if ((strlen (dfltdom) + OPSYS_LEN + 3 + MAXIPRINT) > (size_t) MAXNETNAMELEN) + return 0; + ++ /* GCC with -Os warns that sprint might overflow while handling dfltdom, ++ however the above test does check if an overflow would happen. */ ++ DIAG_PUSH_NEEDS_COMMENT; ++ DIAG_IGNORE_Os_NEEDS_COMMENT (8, "-Wformat-overflow"); + sprintf (netname, "%s.%d@%s", OPSYS, uid, dfltdom); ++ DIAG_POP_NEEDS_COMMENT; + i = strlen (netname); + if (netname[i - 1] == '.') + netname[i - 1] = '\0'; +-- +2.19.1.6.gb485710b + diff --git a/0081-x86-Fix-Os-build-BZ-29576.patch b/0081-x86-Fix-Os-build-BZ-29576.patch new file mode 100644 index 0000000..fc271f6 --- /dev/null +++ b/0081-x86-Fix-Os-build-BZ-29576.patch @@ -0,0 +1,61 @@ +From 4f4d7a13edfd2fdc57c9d76e1fd6d017fb47550c Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella Netto +Date: Wed, 21 Sep 2022 10:51:08 -0300 +Subject: [PATCH 81/81] x86: Fix -Os build (BZ #29576) + +The compiler might transform __stpcpy calls (which are routed to +__builtin_stpcpy as an optimization) to strcpy and x86_64 strcpy +multiarch implementation does not build any working symbol due +ISA_SHOULD_BUILD not being evaluated for IS_IN(rtld). + +Checked on x86_64-linux-gnu. +Reviewed-by: Carlos O'Donell +Tested-by: Carlos O'Donell + +(cherry picked from commit 9dc4e29f630c6ef8299120b275e503321dc0c8c7) +--- + NEWS | 2 ++ + sysdeps/x86_64/multiarch/rtld-strcpy.S | 18 ++++++++++++++++++ + 2 files changed, 20 insertions(+) + create mode 100644 sysdeps/x86_64/multiarch/rtld-strcpy.S + +diff --git a/NEWS b/NEWS +index c3df0c007d..fb2d73a6be 100644 +--- a/NEWS ++++ b/NEWS +@@ -39,6 +39,8 @@ The following bugs are resolved with this release: + [29528] elf: Call __libc_early_init for reused namespaces + [29537] libc: [2.34 regression]: Alignment issue on m68k when using + [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are ++ [29576] build: librtld.os: in function `_dl_start_profile': ++ (.text+0x9444): undefined reference to `strcpy' + [29583] Use 64-bit interfaces in gconv_parseconfdir + [29600] Do not completely clear reused namespace in dlmopen + [29607] nscd repeatably crashes calling __strlen_avx2 when hosts cache is +diff --git a/sysdeps/x86_64/multiarch/rtld-strcpy.S b/sysdeps/x86_64/multiarch/rtld-strcpy.S +new file mode 100644 +index 0000000000..19439c553d +--- /dev/null ++++ b/sysdeps/x86_64/multiarch/rtld-strcpy.S +@@ -0,0 +1,18 @@ ++/* Copyright (C) 2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include "../strcpy.S" +-- +2.19.1.6.gb485710b + diff --git a/glibc.spec b/glibc.spec index 22201a3..d293dea 100644 --- a/glibc.spec +++ b/glibc.spec @@ -1,16 +1,5 @@ -%define anolis_release 2 -############################################################################## -# We support the following options: -# --with/--without, -# * testsuite - Running the testsuite. -# * benchtests - Running and building benchmark subpackage. -# * bootstrap - Bootstrapping the package. -# * werror - Build with -Werror -# * docs - Build with documentation and the required dependencies. -# * valgrind - Run smoke tests with valgrind to verify dynamic loader. -# -# You must always run the testsuite for production builds. -# Default: Always run the testsuite. +%define anolis_release 3 + %bcond_without testsuite # Default: Always build the benchtests. %bcond_without benchtests @@ -40,21 +29,6 @@ # rpm_inherit_flags below. %undefine _auto_set_build_flags -############################################################################## -# Any architecture/kernel combination that supports running 32-bit and 64-bit -# code in userspace is considered a biarch arch. -%define biarcharches x86_64 - -# Avoid generating a glibc-headers package on architectures which are -# not biarch. -%ifarch %{biarcharches} -%define need_headers_package 1 -%define headers_package_name glibc-headers -%else -%define need_headers_package 0 -%dnl !biarcharches -%endif - ############################################################################## # Utility functions for pre/post scripts. Stick them at the beginning of # any lua %pre, %post, %postun, etc. sections to have them expand into @@ -135,7 +109,7 @@ Source0: https://ftp.gnu.org/gnu/glibc/%{name}-%{version}.tar.xz Source1: bench.mk Source2: glibc-bench-compare Source10: wrap-find-debuginfo.sh -Source11: parse-SUPPORTED.py +Source20: langpacklist ###################################################################### # Activate the wrapper script for debuginfo generation, by rewriting @@ -189,6 +163,68 @@ Patch0116: 0016-syslog-Fix-large-messages-BZ-29536.patch Patch0117: 0017-elf-Call-__libc_early_init-for-reused-namespaces-bug.patch Patch0118: 0018-Apply-asm-redirections-in-wchar.h-before-first-use.patch Patch0119: 0019-elf-Restore-how-vDSO-dependency-is-printed-with-LD_T.patch +Patch0120: 0020-syslog-Remove-extra-whitespace-between-timestamp-and.patch +Patch0121: 0021-Add-NEWS-entry-for-CVE-2022-39046.patch +Patch0122: 0022-nscd-Fix-netlink-cache-invalidation-if-epoll-is-used.patch +Patch0123: 0023-resolv-Add-tst-resolv-byaddr-for-testing-reverse-loo.patch +Patch0124: 0024-resolv-Add-tst-resolv-aliases.patch +Patch0125: 0025-resolv-Add-internal-__res_binary_hnok-function.patch +Patch0126: 0026-resolv-Add-the-__ns_samebinaryname-function.patch +Patch0127: 0027-resolv-Add-internal-__ns_name_length_uncompressed-fu.patch +Patch0128: 0028-resolv-Add-DNS-packet-parsing-helpers-geared-towards.patch +Patch0129: 0029-nss_dns-Split-getanswer_ptr-from-getanswer_r.patch +Patch0130: 0030-nss_dns-Rewrite-_nss_dns_gethostbyaddr2_r-and-getans.patch +Patch0131: 0031-nss_dns-Remove-remnants-of-IPv6-address-mapping.patch +Patch0132: 0032-nss_dns-Rewrite-getanswer_r-to-match-getanswer_ptr-b.patch +Patch0133: 0033-nss_dns-In-gaih_getanswer_slice-skip-strange-aliases.patch +Patch0134: 0034-resolv-Add-new-tst-resolv-invalid-cname.patch +Patch0135: 0035-nss_dns-Rewrite-_nss_dns_gethostbyname4_r-using-curr.patch +Patch0136: 0036-resolv-Fix-building-tst-resolv-invalid-cname-for-ear.patch +Patch0137: 0037-NEWS-Note-bug-12154-and-bug-29305-as-fixed.patch +Patch0138: 0038-elf-Run-tst-audit-tlsdesc-tst-audit-tlsdesc-dlopen-e.patch +Patch0139: 0039-elf-Fix-hwcaps-string-size-overestimation.patch +Patch0140: 0040-scripts-dso-ordering-test.py-Generate-program-run-ti.patch +Patch0141: 0041-elf-Rename-_dl_sort_maps-parameter-from-skip-to-forc.patch +Patch0142: 0042-elf-Implement-force_first-handling-in-_dl_sort_maps_.patch +Patch0143: 0043-gconv-Use-64-bit-interfaces-in-gconv_parseconfdir-bu.patch +Patch0144: 0044-m68k-Enforce-4-byte-alignment-on-internal-locks-BZ-2.patch +Patch0145: 0045-get_nscd_addresses-Fix-subscript-typos-BZ-29605.patch +Patch0146: 0046-stdlib-Fix-__getrandom_nocancel-type-and-arc4random-.patch +Patch0147: 0047-hppa-Fix-initialization-of-dp-register-BZ-29635.patch +Patch0148: 0048-hppa-undef-__ASSUME_SET_ROBUST_LIST.patch +Patch0149: 0049-x86-include-BMI1-and-BMI2-in-x86-64-v3-level.patch +Patch0150: 0050-x86-64-Require-BMI2-for-AVX2-str-n-casecmp-implement.patch +Patch0151: 0051-x86-64-Require-BMI2-for-AVX2-strcmp-implementation.patch +Patch0152: 0052-x86-64-Require-BMI2-for-AVX2-strncmp-implementation.patch +Patch0153: 0053-x86-64-Require-BMI2-for-AVX2-wcs-n-cmp-implementatio.patch +Patch0154: 0054-x86-64-Require-BMI2-for-AVX2-raw-w-memchr-implementa.patch +Patch0155: 0055-x86-64-Require-BMI2-and-LZCNT-for-AVX2-memrchr-imple.patch +Patch0156: 0056-x86-64-Require-BMI1-BMI2-for-AVX2-strrchr-and-wcsrch.patch +Patch0157: 0057-nscd-Drop-local-address-tuple-variable-BZ-29607.patch +Patch0158: 0058-Ensure-calculations-happen-with-desired-rounding-mod.patch +Patch0159: 0059-nss-Implement-no-addrconfig-option-for-getent.patch +Patch0160: 0060-nss-Fix-tst-nss-files-hosts-long-on-single-stack-hos.patch +Patch0161: 0061-nss-Use-shared-prefix-in-IPv4-address-in-tst-reload1.patch +Patch0162: 0062-elf-Do-not-completely-clear-reused-namespace-in-dlmo.patch +Patch0163: 0063-Fix-BZ-29463-in-the-ibm128-implementation-of-y1l-too.patch +Patch0164: 0064-Avoid-undefined-behaviour-in-ibm128-implementation-o.patch +Patch0165: 0065-linux-Fix-generic-struct_stat-for-64-bit-time-BZ-296.patch +Patch0166: 0066-elf-Reinstate-on-DL_DEBUG_BINDINGS-_dl_lookup_symbol.patch +Patch0167: 0067-longlong.h-update-from-GCC-for-LoongArch-clz-ctz-sup.patch +Patch0168: 0068-linux-Fix-fstatat-on-MIPSn64-BZ-29730.patch +Patch0169: 0069-LoongArch-Fix-ABI-related-macros-in-elf.h-to-keep-co.patch +Patch0170: 0070-Makerules-fix-MAKEFLAGS-assignment-for-upcoming-make.patch +Patch0171: 0071-mktime-improve-heuristic-for-ca-1986-Indiana-DST.patch +Patch0172: 0072-Linux-Support-__IPC_64-in-sysvctl-ctl-command-argume.patch +Patch0173: 0073-elf-Fix-rtld-audit-trampoline-for-aarch64.patch +Patch0174: 0074-x86-Fix-wcsnlen-avx2-page-cross-length-comparison-BZ.patch +Patch0175: 0075-Apply-asm-redirections-in-syslog.h-before-first-use-.patch +Patch0176: 0076-nis-Build-libnsl-with-64-bit-time_t.patch +Patch0177: 0077-nscd-Use-64-bit-time_t-on-libc-nscd-routines-BZ-2940.patch +Patch0178: 0078-time-Use-64-bit-time-on-tzfile.patch +Patch0179: 0079-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch +Patch0180: 0080-sunrpc-Suppress-GCC-Os-warning-on-user2netname.patch +Patch0181: 0081-x86-Fix-Os-build-BZ-29576.patch ############################################################################## # Continued list of core "glibc" package information: @@ -214,8 +250,6 @@ Requires: basesystem %if %{without bootstrap} BuildRequires: gd-devel libpng-devel zlib-devel %endif -%if %{with docs} -%endif %if %{without bootstrap} BuildRequires: libselinux-devel >= 1.33.4-3 %endif @@ -336,15 +370,9 @@ Requires: %{name} = %{version}-%{release} Requires: libxcrypt-devel >= 4.0.0 Requires: kernel-headers >= 3.2 BuildRequires: kernel-headers >= 3.2 -%if %{need_headers_package} -Requires: %{headers_package_name} = %{version}-%{release} -%endif -%if !%{need_headers_package} -# For backwards compatibility, when the glibc-headers package existed. Provides: glibc-headers = %{version}-%{release} Provides: glibc-headers(%{_target_cpu}) Obsoletes: glibc-headers < %{version}-%{release} -%endif %description devel The glibc-devel package contains the object files necessary @@ -390,28 +418,6 @@ The glibc-static package contains the C library static libraries for -static linking. You don't need these, unless you link statically, which is highly discouraged. -############################################################################## -# glibc "headers" sub-package -# - The headers package includes all common headers that are shared amongst -# the multilib builds. It avoids file conflicts between the architecture- -# specific glibc-devel variants. -# Files like gnu/stubs.h which have gnu/stubs-32.h (i686) and gnu/stubs-64.h -# are included in glibc-headers, but the -32 and -64 files are in their -# respective i686 and x86_64 devel packages. -############################################################################## -%if %{need_headers_package} -%package -n %{headers_package_name} -Summary: Additional internal header files for glibc-devel. -Requires: %{name} = %{version}-%{release} -Provides: %{name}-headers(%{_target_cpu}) -Obsoletes: glibc-headers-x86 < %{version}-%{release} -Obsoletes: glibc-headers-s390 < %{version}-%{release} - -%description -n %{headers_package_name} -The %{headers_package_name} package contains the architecture-specific -header files which cannot be included in glibc-devel package. -%endif - ############################################################################## # glibc "common" sub-package ############################################################################## @@ -459,367 +465,46 @@ these sources as the basis for your new locale. %global locale_rx eo syr *_* -%{lua: --- To make lua-mode happy: ' - --- List of supported locales. This is used to generate the langpack --- subpackages below. This table needs adjustments if the set of --- glibc locales changes. "code" is the glibc code for the language --- (before the "_". "name" is the English translation of the language --- name (for use in subpackage descriptions). "regions" is a table of --- variant specifiers (after the "_", excluding "@" and "." --- variants/charset specifiers). The table must be sorted by the code --- field, and the regions table must be sorted as well. --- --- English translations of language names can be obtained using (for --- the "aa" language in this example): --- --- python3 -c 'import langtable; print(langtable.language_name("aa", languageIdQuery="en"))' - -local locales = { - { code="aa", name="Afar", regions={ "DJ", "ER", "ET" } }, - { code="af", name="Afrikaans", regions={ "ZA" } }, - { code="agr", name="Aguaruna", regions={ "PE" } }, - { code="ak", name="Akan", regions={ "GH" } }, - { code="am", name="Amharic", regions={ "ET" } }, - { code="an", name="Aragonese", regions={ "ES" } }, - { code="anp", name="Angika", regions={ "IN" } }, - { - code="ar", - name="Arabic", - regions={ - "AE", - "BH", - "DZ", - "EG", - "IN", - "IQ", - "JO", - "KW", - "LB", - "LY", - "MA", - "OM", - "QA", - "SA", - "SD", - "SS", - "SY", - "TN", - "YE" - } - }, - { code="as", name="Assamese", regions={ "IN" } }, - { code="ast", name="Asturian", regions={ "ES" } }, - { code="ayc", name="Southern Aymara", regions={ "PE" } }, - { code="az", name="Azerbaijani", regions={ "AZ", "IR" } }, - { code="be", name="Belarusian", regions={ "BY" } }, - { code="bem", name="Bemba", regions={ "ZM" } }, - { code="ber", name="Berber", regions={ "DZ", "MA" } }, - { code="bg", name="Bulgarian", regions={ "BG" } }, - { code="bhb", name="Bhili", regions={ "IN" } }, - { code="bho", name="Bhojpuri", regions={ "IN", "NP" } }, - { code="bi", name="Bislama", regions={ "VU" } }, - { code="bn", name="Bangla", regions={ "BD", "IN" } }, - { code="bo", name="Tibetan", regions={ "CN", "IN" } }, - { code="br", name="Breton", regions={ "FR" } }, - { code="brx", name="Bodo", regions={ "IN" } }, - { code="bs", name="Bosnian", regions={ "BA" } }, - { code="byn", name="Blin", regions={ "ER" } }, - { code="ca", name="Catalan", regions={ "AD", "ES", "FR", "IT" } }, - { code="ce", name="Chechen", regions={ "RU" } }, - { code="chr", name="Cherokee", regions={ "US" } }, - { code="ckb", name="Central Kurdish", regions={ "IQ" } }, - { code="cmn", name="Mandarin Chinese", regions={ "TW" } }, - { code="crh", name="Crimean Turkish", regions={ "UA" } }, - { code="cs", name="Czech", regions={ "CZ" } }, - { code="csb", name="Kashubian", regions={ "PL" } }, - { code="cv", name="Chuvash", regions={ "RU" } }, - { code="cy", name="Welsh", regions={ "GB" } }, - { code="da", name="Danish", regions={ "DK" } }, - { - code="de", - name="German", - regions={ "AT", "BE", "CH", "DE", "IT", "LI", "LU" } - }, - { code="doi", name="Dogri", regions={ "IN" } }, - { code="dsb", name="Lower Sorbian", regions={ "DE" } }, - { code="dv", name="Divehi", regions={ "MV" } }, - { code="dz", name="Dzongkha", regions={ "BT" } }, - { code="el", name="Greek", regions={ "CY", "GR" } }, - { - code="en", - name="English", - regions={ - "AG", - "AU", - "BW", - "CA", - "DK", - "GB", - "HK", - "IE", - "IL", - "IN", - "NG", - "NZ", - "PH", - "SC", - "SG", - "US", - "ZA", - "ZM", - "ZW" - } - }, - { code="eo", name="Esperanto", regions={} }, - { - code="es", - name="Spanish", - regions={ - "AR", - "BO", - "CL", - "CO", - "CR", - "CU", - "DO", - "EC", - "ES", - "GT", - "HN", - "MX", - "NI", - "PA", - "PE", - "PR", - "PY", - "SV", - "US", - "UY", - "VE" - } - }, - { code="et", name="Estonian", regions={ "EE" } }, - { code="eu", name="Basque", regions={ "ES" } }, - { code="fa", name="Persian", regions={ "IR" } }, - { code="ff", name="Fulah", regions={ "SN" } }, - { code="fi", name="Finnish", regions={ "FI" } }, - { code="fil", name="Filipino", regions={ "PH" } }, - { code="fo", name="Faroese", regions={ "FO" } }, - { code="fr", name="French", regions={ "BE", "CA", "CH", "FR", "LU" } }, - { code="fur", name="Friulian", regions={ "IT" } }, - { code="fy", name="Western Frisian", regions={ "DE", "NL" } }, - { code="ga", name="Irish", regions={ "IE" } }, - { code="gd", name="Scottish Gaelic", regions={ "GB" } }, - { code="gez", name="Geez", regions={ "ER", "ET" } }, - { code="gl", name="Galician", regions={ "ES" } }, - { code="gu", name="Gujarati", regions={ "IN" } }, - { code="gv", name="Manx", regions={ "GB" } }, - { code="ha", name="Hausa", regions={ "NG" } }, - { code="hak", name="Hakka Chinese", regions={ "TW" } }, - { code="he", name="Hebrew", regions={ "IL" } }, - { code="hi", name="Hindi", regions={ "IN" } }, - { code="hif", name="Fiji Hindi", regions={ "FJ" } }, - { code="hne", name="Chhattisgarhi", regions={ "IN" } }, - { code="hr", name="Croatian", regions={ "HR" } }, - { code="hsb", name="Upper Sorbian", regions={ "DE" } }, - { code="ht", name="Haitian Creole", regions={ "HT" } }, - { code="hu", name="Hungarian", regions={ "HU" } }, - { code="hy", name="Armenian", regions={ "AM" } }, - { code="ia", name="Interlingua", regions={ "FR" } }, - { code="id", name="Indonesian", regions={ "ID" } }, - { code="ig", name="Igbo", regions={ "NG" } }, - { code="ik", name="Inupiaq", regions={ "CA" } }, - { code="is", name="Icelandic", regions={ "IS" } }, - { code="it", name="Italian", regions={ "CH", "IT" } }, - { code="iu", name="Inuktitut", regions={ "CA" } }, - { code="ja", name="Japanese", regions={ "JP" } }, - { code="ka", name="Georgian", regions={ "GE" } }, - { code="kab", name="Kabyle", regions={ "DZ" } }, - { code="kk", name="Kazakh", regions={ "KZ" } }, - { code="kl", name="Kalaallisut", regions={ "GL" } }, - { code="km", name="Khmer", regions={ "KH" } }, - { code="kn", name="Kannada", regions={ "IN" } }, - { code="ko", name="Korean", regions={ "KR" } }, - { code="kok", name="Konkani", regions={ "IN" } }, - { code="ks", name="Kashmiri", regions={ "IN" } }, - { code="ku", name="Kurdish", regions={ "TR" } }, - { code="kw", name="Cornish", regions={ "GB" } }, - { code="ky", name="Kyrgyz", regions={ "KG" } }, - { code="lb", name="Luxembourgish", regions={ "LU" } }, - { code="lg", name="Ganda", regions={ "UG" } }, - { code="li", name="Limburgish", regions={ "BE", "NL" } }, - { code="lij", name="Ligurian", regions={ "IT" } }, - { code="ln", name="Lingala", regions={ "CD" } }, - { code="lo", name="Lao", regions={ "LA" } }, - { code="lt", name="Lithuanian", regions={ "LT" } }, - { code="lv", name="Latvian", regions={ "LV" } }, - { code="lzh", name="Literary Chinese", regions={ "TW" } }, - { code="mag", name="Magahi", regions={ "IN" } }, - { code="mai", name="Maithili", regions={ "IN", "NP" } }, - { code="mfe", name="Morisyen", regions={ "MU" } }, - { code="mg", name="Malagasy", regions={ "MG" } }, - { code="mhr", name="Meadow Mari", regions={ "RU" } }, - { code="mi", name="Maori", regions={ "NZ" } }, - { code="miq", name="Miskito", regions={ "NI" } }, - { code="mjw", name="Karbi", regions={ "IN" } }, - { code="mk", name="Macedonian", regions={ "MK" } }, - { code="ml", name="Malayalam", regions={ "IN" } }, - { code="mn", name="Mongolian", regions={ "MN" } }, - { code="mni", name="Manipuri", regions={ "IN" } }, - { code="mnw", name="Mon", regions={ "MM" } }, - { code="mr", name="Marathi", regions={ "IN" } }, - { code="ms", name="Malay", regions={ "MY" } }, - { code="mt", name="Maltese", regions={ "MT" } }, - { code="my", name="Burmese", regions={ "MM" } }, - { code="nan", name="Min Nan Chinese", regions={ "TW" } }, - { code="nb", name="Norwegian Bokmål", regions={ "NO" } }, - { code="nds", name="Low German", regions={ "DE", "NL" } }, - { code="ne", name="Nepali", regions={ "NP" } }, - { code="nhn", name="Tlaxcala-Puebla Nahuatl", regions={ "MX" } }, - { code="niu", name="Niuean", regions={ "NU", "NZ" } }, - { code="nl", name="Dutch", regions={ "AW", "BE", "NL" } }, - { code="nn", name="Norwegian Nynorsk", regions={ "NO" } }, - { code="nr", name="South Ndebele", regions={ "ZA" } }, - { code="nso", name="Northern Sotho", regions={ "ZA" } }, - { code="oc", name="Occitan", regions={ "FR" } }, - { code="om", name="Oromo", regions={ "ET", "KE" } }, - { code="or", name="Odia", regions={ "IN" } }, - { code="os", name="Ossetic", regions={ "RU" } }, - { code="pa", name="Punjabi", regions={ "IN", "PK" } }, - { code="pap", name="Papiamento", regions={ "AW", "CW" } }, - { code="pl", name="Polish", regions={ "PL" } }, - { code="ps", name="Pashto", regions={ "AF" } }, - { code="pt", name="Portuguese", regions={ "BR", "PT" } }, - { code="quz", name="Cusco Quechua", regions={ "PE" } }, - { code="raj", name="Rajasthani", regions={ "IN" } }, - { code="rif", name="Tarifit", regions={ "MA" } }, - { code="ro", name="Romanian", regions={ "RO" } }, - { code="ru", name="Russian", regions={ "RU", "UA" } }, - { code="rw", name="Kinyarwanda", regions={ "RW" } }, - { code="sa", name="Sanskrit", regions={ "IN" } }, - { code="sah", name="Sakha", regions={ "RU" } }, - { code="sat", name="Santali", regions={ "IN" } }, - { code="sc", name="Sardinian", regions={ "IT" } }, - { code="sd", name="Sindhi", regions={ "IN" } }, - { code="se", name="Northern Sami", regions={ "NO" } }, - { code="sgs", name="Samogitian", regions={ "LT" } }, - { code="shn", name="Shan", regions={ "MM" } }, - { code="shs", name="Shuswap", regions={ "CA" } }, - { code="si", name="Sinhala", regions={ "LK" } }, - { code="sid", name="Sidamo", regions={ "ET" } }, - { code="sk", name="Slovak", regions={ "SK" } }, - { code="sl", name="Slovenian", regions={ "SI" } }, - { code="sm", name="Samoan", regions={ "WS" } }, - { code="so", name="Somali", regions={ "DJ", "ET", "KE", "SO" } }, - { code="sq", name="Albanian", regions={ "AL", "MK" } }, - { code="sr", name="Serbian", regions={ "ME", "RS" } }, - { code="ss", name="Swati", regions={ "ZA" } }, - { code="st", name="Southern Sotho", regions={ "ZA" } }, - { code="sv", name="Swedish", regions={ "FI", "SE" } }, - { code="sw", name="Swahili", regions={ "KE", "TZ" } }, - { code="syr", name="Syriac", regions={} }, - { code="szl", name="Silesian", regions={ "PL" } }, - { code="ta", name="Tamil", regions={ "IN", "LK" } }, - { code="tcy", name="Tulu", regions={ "IN" } }, - { code="te", name="Telugu", regions={ "IN" } }, - { code="tg", name="Tajik", regions={ "TJ" } }, - { code="th", name="Thai", regions={ "TH" } }, - { code="the", name="Chitwania Tharu", regions={ "NP" } }, - { code="ti", name="Tigrinya", regions={ "ER", "ET" } }, - { code="tig", name="Tigre", regions={ "ER" } }, - { code="tk", name="Turkmen", regions={ "TM" } }, - { code="tl", name="Tagalog", regions={ "PH" } }, - { code="tn", name="Tswana", regions={ "ZA" } }, - { code="to", name="Tongan", regions={ "TO" } }, - { code="tpi", name="Tok Pisin", regions={ "PG" } }, - { code="tr", name="Turkish", regions={ "CY", "TR" } }, - { code="ts", name="Tsonga", regions={ "ZA" } }, - { code="tt", name="Tatar", regions={ "RU" } }, - { code="ug", name="Uyghur", regions={ "CN" } }, - { code="uk", name="Ukrainian", regions={ "UA" } }, - { code="unm", name="Unami language", regions={ "US" } }, - { code="ur", name="Urdu", regions={ "IN", "PK" } }, - { code="uz", name="Uzbek", regions={ "UZ" } }, - { code="ve", name="Venda", regions={ "ZA" } }, - { code="vi", name="Vietnamese", regions={ "VN" } }, - { code="wa", name="Walloon", regions={ "BE" } }, - { code="wae", name="Walser", regions={ "CH" } }, - { code="wal", name="Wolaytta", regions={ "ET" } }, - { code="wo", name="Wolof", regions={ "SN" } }, - { code="xh", name="Xhosa", regions={ "ZA" } }, - { code="yi", name="Yiddish", regions={ "US" } }, - { code="yo", name="Yoruba", regions={ "NG" } }, - { code="yue", name="Cantonese", regions={ "HK" } }, - { code="yuw", name="Yau", regions={ "PG" } }, - { code="zh", name="Mandarin Chinese", regions={ "CN", "HK", "SG", "TW" } }, - { code="zu", name="Zulu", regions={ "ZA" } } -} - --- Prints a list of LANGUAGE "_" REGION pairs. The output is expected --- to be identical to parse-SUPPORTED.py. Called from the %%prep section. -function print_locale_pairs() - for i = 1, #locales do - local locale = locales[i] - if #locale.regions == 0 then - print(locale.code .. "\n") - else - for j = 1, #locale.regions do - print(locale.code .. "_" .. locale.regions[j] .. "\n") - end - end - end -end - -local function compute_supplements(locale) - local lang = locale.code - local regions = locale.regions - result = "langpacks-core-" .. lang - for i = 1, #regions do - result = result .. " or langpacks-core-" .. lang .. "_" .. regions[i] - end - return result -end - --- Emit the definition of a language pack package. -local function lang_package(locale) - local lang = locale.code - local langname = locale.name - local suppl = compute_supplements(locale) - print(rpm.expand([[ - -%package langpack-]]..lang..[[ - -Summary: Locale data for ]]..langname..[[ - +%package all-langpacks +Summary: All language packs for %{name}. Provides: glibc-langpack = %{version}-%{release} Requires: %{name} = %{version}-%{release} Requires: %{name}-common = %{version}-%{release} -Supplements: (glibc and (]]..suppl..[[)) -%description langpack-]]..lang..[[ - -The glibc-langpack-]]..lang..[[ package includes the basic information required -to support the ]]..langname..[[ language in your applications. -%files -f langpack-]]..lang..[[.filelist langpack-]]..lang..[[ +%{lua: +-- List the langpacks provided by all-langpacks +lang_provides = {} +for line in io.lines(rpm.expand("%{SOURCE20}")) do + print(rpm.expand([[ +Provides: %{name}-langpack-]]..line..[[ = %{version}-%{release} +Obsoletes: %{name}-langpack-]]..line..[[ <= %{version}-%{release} ]])) end - -for i = 1, #locales do - lang_package(locales[i]) -end } -# The glibc-all-langpacks provides the virtual glibc-langpack, -# and thus satisfies glibc's requirement for installed locales. -# Users can add one more other langauge packs and then eventually -# uninstall all-langpacks to save space. -%package all-langpacks -Summary: All language packs for %{name}. +%description all-langpacks +This package includes all the basic infomation required to support all language. +Exclude en and zh langpack. + +%package langpack-en +Summary: Locale data for English +Provides: glibc-langpack = %{version}-%{release} Requires: %{name} = %{version}-%{release} Requires: %{name}-common = %{version}-%{release} -Provides: %{name}-langpack = %{version}-%{release} -%description all-langpacks + +%description langpack-en +The glibc-langpack-en package includes the basic information required +to support the English language in your applications. + +%package langpack-zh +Summary: Locale data for Mandarin Chinese +Provides: glibc-langpack = %{version}-%{release} +Requires: %{name} = %{version}-%{release} +Requires: %{name}-common = %{version}-%{release} + +%description langpack-zh +The glibc-langpack-zh package includes the basic information required +to support the Mandarin Chinese language in your applications. + # No %files, this is an empty package. The C/POSIX and # C.UTF-8 files are already installed by glibc. We create @@ -862,12 +547,6 @@ This package contains all iconv converter modules built in %{name}. %package -n nss_db Summary: Name Service Switch (NSS) module using hash-indexed files Requires: %{name} = %{version}-%{release} -%ifarch x86_64 -# Automatically install the 32-bit variant if the 64-bit variant has -# been installed. This covers the case when glibc.i686 is installed -# before nss_db.x86_64. (See above for the other ordering.) -Recommends: (nss_db(x86-32) if glibc(x86-32)) -%endif %description -n nss_db The nss_db Name Service Switch module uses hash-indexed files in /var/db @@ -876,12 +555,6 @@ to speed up user, group, service, host name, and other NSS-based lookups. %package -n nss_hesiod Summary: Name Service Switch (NSS) module using Hesiod Requires: %{name} = %{version}-%{release} -%ifarch x86_64 -# Automatically install the 32-bit variant if the 64-bit variant has -# been installed. This covers the case when glibc.i686 is installed -# before nss_hesiod.x86_64. (See above for the other ordering.) -Recommends: (nss_hesiod(x86-32) if glibc(x86-32)) -%endif %description -n nss_hesiod The nss_hesiod Name Service Switch module uses the Domain Name System @@ -962,17 +635,6 @@ touch `find . -name configure` # Ensure *-kw.h files are current to prevent regenerating them. touch locale/programs/*-kw.h -# Verify that our locales table is compatible with the locales table -# in the spec file. -set +x -echo '%{lua: print_locale_pairs()}' > localedata/SUPPORTED.spec -set -x -python3 %{SOURCE11} localedata/SUPPORTED > localedata/SUPPORTED.glibc -diff -u \ - --label "spec file" localedata/SUPPORTED.spec \ - --label "glibc localedata/SUPPORTED" localedata/SUPPORTED.glibc -rm localedata/SUPPORTED.spec localedata/SUPPORTED.glibc - ############################################################################## # Build glibc... ############################################################################## @@ -1426,8 +1088,6 @@ ar cr %{glibc_sysroot}%{_prefix}/%{_lib}/libpthread_nonshared.a # - Files for the devel subpackage. # * doc.filelist # - Files for the documentation subpackage. -# * headers.filelist -# - Files for the headers subpackage. # * static.filelist # - Files for the static subpackage. # * libnsl.filelist @@ -1450,7 +1110,6 @@ touch utils.filelist touch gconv.filelist touch devel.filelist touch doc.filelist -touch headers.filelist touch static.filelist touch libnsl.filelist touch nss_db.filelist @@ -1604,6 +1263,7 @@ sed -i -e '\,libmemusage.so,d' \ -e '\,/libnss_[a-z]*\.so$,d' \ devel.filelist +grep '%{_prefix}/include' < master.filelist >> devel.filelist ############################################################################### # glibc-doc @@ -1613,28 +1273,7 @@ sed -i -e '\,libmemusage.so,d' \ # Put the info files into the doc file list, but exclude the generated dir. grep '%{_infodir}' master.filelist | grep -v '%{_infodir}/dir' > doc.filelist grep '%{_docdir}' master.filelist >> doc.filelist -%endif - -############################################################################### -# glibc-headers -############################################################################### - -%if %{need_headers_package} -# The glibc-headers package includes only common files which are identical -# across all multilib packages. We must keep gnu/stubs.h and gnu/lib-names.h -# in the glibc-headers package, but the -32, -64, -64-v1, and -64-v2 versions -# go into glibc-devel. -grep '%{_prefix}/include/gnu/stubs-.*\.h$' < master.filelist >> devel.filelist || : -grep '%{_prefix}/include/gnu/lib-names-.*\.h$' < master.filelist >> devel.filelist || : -# Put the include files into headers file list. -grep '%{_prefix}/include' < master.filelist \ - | egrep -v '%{_prefix}/include/gnu/stubs-.*\.h$' \ - | egrep -v '%{_prefix}/include/gnu/lib-names-.*\.h$' \ - > headers.filelist -%else -# If there is no glibc-headers package, all header files go into the -# glibc-devel package. -grep '%{_prefix}/include' < master.filelist >> devel.filelist +sed -i -e 's/\.gz/\.*/' doc.filelist %endif ############################################################################### @@ -2044,9 +1683,25 @@ update_gconv_modules_cache () %{_prefix}/lib/locale/C.utf8/* %files all-langpacks +%{_prefix}/lib/locale %{_prefix}/lib/locale/locale-archive %{_prefix}/lib/locale/locale-archive.real %{_prefix}/share/locale/*/LC_MESSAGES/libc.mo +%exclude %{_prefix}/lib/locale/C.utf8 +%exclude %{_prefix}/lib/locale/zh* +%exclude %{_prefix}/lib/locale/en* +%exclude %{_prefix}/share/locale/zh* +%exclude %{_prefix}/share/locale/en* + +%files langpack-en +%dir %{_prefix}/lib/locale +%{_prefix}/lib/locale/en* +%{_prefix}/share/locale/en_*/LC_MESSAGES/libc.mo + +%files langpack-zh +%dir %{_prefix}/lib/locale +%{_prefix}/lib/locale/zh* +%{_prefix}/share/locale/zh_*/LC_MESSAGES/libc.mo %files locale-source %dir %{_prefix}/share/i18n/locales @@ -2062,10 +1717,6 @@ update_gconv_modules_cache () %files -f static.filelist static -%if %{need_headers_package} -%files -f headers.filelist -n %{headers_package_name} -%endif - %files -f utils.filelist utils %files -f gconv.filelist gconv-extra @@ -2077,7 +1728,6 @@ update_gconv_modules_cache () %files -f nss-devel.filelist nss-devel %files -f libnsl.filelist -n libnsl -/%{_lib}/libnsl.so.1 %if %{with benchtests} %files benchtests -f benchtests.filelist @@ -2086,6 +1736,10 @@ update_gconv_modules_cache () %files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared %changelog +* Thu Jan 5 2023 Chunmei Xu - 2.36-3 +- sync patches from 2.36 release branch, upstream commit 4f4d7a13edfd2fdc57c9d76e1fd6d017fb47550c +- move glibc-langpack-xxx subpackage to glibc-all-langpacks except glibc-langpack-en/zh + * Thu Sep 1 2022 Chunmei Xu - 2.36-2 - sync patches from 2.36 release branch - upstream commit: b3736d1a3c60a3ec9959bf3b38794958546bf6a2 diff --git a/langpacklist b/langpacklist new file mode 100644 index 0000000..7a24bdc --- /dev/null +++ b/langpacklist @@ -0,0 +1,198 @@ +aa +af +agr +ak +am +an +anp +ar +as +ast +ayc +az +be +bem +ber +bg +bhb +bho +bi +bn +bo +br +brx +bs +byn +ca +ce +chr +ckb +cmn +crh +cs +csb +cv +cy +da +de +doi +dsb +dv +dz +el +eo +es +et +eu +fa +ff +fi +fil +fo +fr +fur +fy +ga +gd +gez +gl +gu +gv +ha +hak +he +hi +hif +hne +hr +hsb +ht +hu +hy +ia +id +ig +ik +is +it +iu +ja +ka +kab +kk +kl +km +kn +ko +kok +ks +ku +kw +ky +lb +lg +li +lij +ln +lo +lt +lv +lzh +mag +mai +mfe +mg +mhr +mi +miq +mjw +mk +ml +mn +mni +mnw +mr +ms +mt +my +nan +nb +nds +ne +nhn +niu +nl +nn +nr +nso +oc +om +or +os +pa +pap +pl +ps +pt +quz +raj +rif +ro +ru +rw +sa +sah +sat +sc +sd +se +sgs +shn +shs +si +sid +sk +sl +sm +so +sq +sr +ss +st +sv +sw +syr +szl +ta +tcy +te +tg +th +the +ti +tig +tk +tl +tn +to +tpi +tr +ts +tt +ug +uk +unm +ur +uz +ve +vi +wa +wae +wal +wo +xh +yi +yo +yue +yuw +zu