From 419df3c68a392360f7367a1ee5f73d936fe63494 Mon Sep 17 00:00:00 2001 From: Tim Biermann Date: Wed, 4 Oct 2023 14:26:31 +0200 Subject: [PATCH 01/14] glibc-32: fixes for CVE-2023-4527, CVE-2023-4806, CVE-2023-5156 and CVE-2023-4911 --- glibc-32/.signature | 6 +- glibc-32/Pkgfile | 6 +- ...{glibc-2.36-6.patch => glibc-2.36-7.patch} | 1754 ++++++++++++++++- 3 files changed, 1716 insertions(+), 50 deletions(-) rename glibc-32/{glibc-2.36-6.patch => glibc-2.36-7.patch} (85%) diff --git a/glibc-32/.signature b/glibc-32/.signature index 2312df6a..6c55f4b7 100644 --- a/glibc-32/.signature +++ b/glibc-32/.signature @@ -1,8 +1,8 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqsMEoo0F4bHIZTNEfriWjb0GGBNye5tiEXgbOcoPRHdR+kLilS2razeqKiYHJrIVUT2RqSfRiV9jBY796at6Dg0= -SHA256 (Pkgfile) = 664baf3fd909c8572776b23cc40a0db0d5a2a572e195ca854ccde9563e9b5bf0 +RWRJc1FUaeVeqoDmegyZ5807RzNCLTQ4yW6hzWIWG7L/NcBmH63Pvl8uvwvj2oEyvR4G/AopUuiyGM47rDSTHROJlfyGuqYRWQc= +SHA256 (Pkgfile) = 6b82f2a39a48667c4d0435eed3fc7d0cefa6412f0f7ed37bc755d0e239fee1b0 SHA256 (.footprint) = f676700a19f936a1af944e81a516dbf182723d6ac244eadabd3fd19e9a01daa5 SHA256 (glibc-2.36.tar.xz) = 1c959fea240906226062cb4b1e7ebce71a9f0e3c0836c09e7e3423d434fcfe75 SHA256 (linux-5.15.55.tar.xz) = 1ef6bd508b6c3af3bef2d5b337e4477254dba284c79e329aa38f9763ae3bfdcc -SHA256 (glibc-2.36-6.patch) = 571cc9d6ba0b1e81a00fae152347a29c2879a4970dad7d30a841690908788a01 +SHA256 (glibc-2.36-7.patch) = c167ddd1eb9e63fade7e60a2dc612a18e0900519d8c0ec1e0cf06fa92fca638a SHA256 (lib32.conf) = 2f174d2bcefe1c29327690514f34d6970fffdd54398320ca23a11b5f1e3c9b2d diff --git a/glibc-32/Pkgfile b/glibc-32/Pkgfile index 9008bd24..6b3718fd 100644 --- a/glibc-32/Pkgfile +++ b/glibc-32/Pkgfile @@ -4,12 +4,12 @@ name=glibc-32 version=2.36 -release=7 +release=8 _kernel_version=5.15.55 source=(https://ftp.gnu.org/gnu/glibc/glibc-$version.tar.xz https://www.kernel.org/pub/linux/kernel/v5.x/linux-$_kernel_version.tar.xz - glibc-$version-6.patch lib32.conf) + glibc-$version-7.patch lib32.conf) build() { # install kernel headers @@ -17,7 +17,7 @@ build() { make -C $SRC/linux-$_kernel_version INSTALL_HDR_PATH=$PKG/usr headers_install chown root:root $PKG/usr - patch -p1 -d $SRC/glibc-${version:0:4} -i $SRC/glibc-$version-6.patch + patch -p1 -d $SRC/glibc-${version:0:4} -i $SRC/glibc-$version-7.patch mkdir $SRC/build cd $SRC/build diff --git a/glibc-32/glibc-2.36-6.patch b/glibc-32/glibc-2.36-7.patch similarity index 85% rename from glibc-32/glibc-2.36-6.patch rename to glibc-32/glibc-2.36-7.patch index bbb133c8..ad5972b3 100644 --- a/glibc-32/glibc-2.36-6.patch +++ b/glibc-32/glibc-2.36-7.patch @@ -66,10 +66,10 @@ index d1e139d03c..09c0cf8357 100644 else # -s verbose := diff --git a/NEWS b/NEWS -index f61e521fc8..82e868d73b 100644 +index f61e521fc8..5358e0cbe3 100644 --- a/NEWS +++ b/NEWS -@@ -5,6 +5,66 @@ See the end for copying conditions. +@@ -5,6 +5,90 @@ See the end for copying conditions. Please send GNU C library bug reports via using `glibc' in the "product" field. @@ -89,6 +89,26 @@ index f61e521fc8..82e868d73b 100644 + heap and prints it to the target log file, potentially revealing a + portion of the contents of the heap. + ++ CVE-2023-4527: If the system is configured in no-aaaa mode via ++ /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address ++ family, and a DNS response is received over TCP that is larger than ++ 2048 bytes, getaddrinfo may potentially disclose stack contents via ++ the returned address data, or crash. ++ ++ CVE-2023-4806: When an NSS plugin only implements the ++ _gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use ++ memory that was freed during buffer resizing, potentially causing a ++ crash or read or write to arbitrary memory. ++ ++ CVE-2023-5156: The fix for CVE-2023-4806 introduced a memory leak when ++ an application calls getaddrinfo for AF_INET6 with AI_CANONNAME, ++ AI_ALL and AI_V4MAPPED flags set. ++ ++ CVE-2023-4911: If a tunable of the form NAME=NAME=VAL is passed in the ++ environment of a setuid program and NAME is valid, it may result in a ++ buffer overflow, which could be exploited to achieve escalated ++ privileges. This flaw was introduced in glibc 2.34. ++ +The following bugs are resolved with this release: + + [12154] Do not fail DNS resolution for CNAMEs which are not host names @@ -132,6 +152,10 @@ index f61e521fc8..82e868d73b 100644 + [30305] x86_64: Fix asm constraints in feraiseexcept + [30477] libc: [RISCV]: time64 does not work on riscv32 + [30515] _dl_find_object incorrectly returns 1 during early startup ++ [30785] Always call destructors in reverse constructor order ++ [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with ++ -D_FILE_OFFSET_BITS=64 ++ [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) + Version 2.36 @@ -282,10 +306,18 @@ index 2696dde4b1..9b07b4e132 100644 void * diff --git a/elf/Makefile b/elf/Makefile -index fd77d0c7c8..48788fcdb8 100644 +index fd77d0c7c8..30c9af1de9 100644 --- a/elf/Makefile +++ b/elf/Makefile -@@ -374,6 +374,8 @@ tests += \ +@@ -53,6 +53,7 @@ routines = \ + # profiled libraries. + dl-routines = \ + dl-call-libc-early-init \ ++ dl-call_fini \ + dl-close \ + dl-debug \ + dl-debug-symbols \ +@@ -374,6 +375,8 @@ tests += \ tst-align \ tst-align2 \ tst-align3 \ @@ -294,7 +326,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-audit1 \ tst-audit2 \ tst-audit8 \ -@@ -408,6 +410,7 @@ tests += \ +@@ -408,6 +411,7 @@ tests += \ tst-dlmopen4 \ tst-dlmopen-dlerror \ tst-dlmopen-gethostbyname \ @@ -302,7 +334,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-dlopenfail \ tst-dlopenfail-2 \ tst-dlopenrpath \ -@@ -631,6 +634,7 @@ ifeq ($(run-built-tests),yes) +@@ -631,6 +635,7 @@ ifeq ($(run-built-tests),yes) tests-special += \ $(objpfx)noload-mem.out \ $(objpfx)tst-ldconfig-X.out \ @@ -310,7 +342,7 @@ index fd77d0c7c8..48788fcdb8 100644 $(objpfx)tst-leaks1-mem.out \ $(objpfx)tst-rtld-help.out \ # tests-special -@@ -765,6 +769,8 @@ modules-names += \ +@@ -765,6 +770,8 @@ modules-names += \ tst-alignmod3 \ tst-array2dep \ tst-array5dep \ @@ -319,7 +351,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-audit11mod1 \ tst-audit11mod2 \ tst-audit12mod1 \ -@@ -798,6 +804,7 @@ modules-names += \ +@@ -798,6 +805,7 @@ modules-names += \ tst-auditmanymod7 \ tst-auditmanymod8 \ tst-auditmanymod9 \ @@ -327,7 +359,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-auditmod1 \ tst-auditmod9a \ tst-auditmod9b \ -@@ -834,6 +841,8 @@ modules-names += \ +@@ -834,6 +842,8 @@ modules-names += \ tst-dlmopen1mod \ tst-dlmopen-dlerror-mod \ tst-dlmopen-gethostbyname-mod \ @@ -336,7 +368,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-dlopenfaillinkmod \ tst-dlopenfailmod1 \ tst-dlopenfailmod2 \ -@@ -990,23 +999,8 @@ modules-names += tst-gnu2-tls1mod +@@ -990,23 +1000,8 @@ modules-names += tst-gnu2-tls1mod $(objpfx)tst-gnu2-tls1: $(objpfx)tst-gnu2-tls1mod.so tst-gnu2-tls1mod.so-no-z-defs = yes CFLAGS-tst-gnu2-tls1mod.c += -mtls-dialect=gnu2 @@ -361,7 +393,7 @@ index fd77d0c7c8..48788fcdb8 100644 ifeq (yes,$(have-protected-data)) modules-names += tst-protected1moda tst-protected1modb tests += tst-protected1a tst-protected1b -@@ -2410,6 +2404,11 @@ $(objpfx)tst-ldconfig-X.out : tst-ldconfig-X.sh $(objpfx)ldconfig +@@ -2410,6 +2405,11 @@ $(objpfx)tst-ldconfig-X.out : tst-ldconfig-X.sh $(objpfx)ldconfig '$(run-program-env)' > $@; \ $(evaluate-test) @@ -373,7 +405,7 @@ index fd77d0c7c8..48788fcdb8 100644 # Test static linking of all the libraries we can possibly link # together. Note that in some configurations this may be less than the # complete list of libraries we build but we try to maxmimize this list. -@@ -2967,3 +2966,25 @@ $(objpfx)tst-tls-allocation-failure-static-patched.out: \ +@@ -2967,3 +2967,25 @@ $(objpfx)tst-tls-allocation-failure-static-patched.out: \ grep -q '^Fatal glibc error: Cannot allocate TLS block$$' $@ \ && grep -q '^status: 127$$' $@; \ $(evaluate-test) @@ -415,6 +447,323 @@ index 8bbf110d02..b97c17b3a9 100644 return __strdup (temp); } +diff --git a/elf/dl-call_fini.c b/elf/dl-call_fini.c +new file mode 100644 +index 0000000000..9e7ba10fa2 +--- /dev/null ++++ b/elf/dl-call_fini.c +@@ -0,0 +1,50 @@ ++/* Invoke DT_FINI and DT_FINI_ARRAY callbacks. ++ Copyright (C) 1996-2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++void ++_dl_call_fini (void *closure_map) ++{ ++ struct link_map *map = closure_map; ++ ++ /* When debugging print a message first. */ ++ if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_IMPCALLS)) ++ _dl_debug_printf ("\ncalling fini: %s [%lu]\n\n", map->l_name, map->l_ns); ++ ++ /* Make sure nothing happens if we are called twice. */ ++ map->l_init_called = 0; ++ ++ ElfW(Dyn) *fini_array = map->l_info[DT_FINI_ARRAY]; ++ if (fini_array != NULL) ++ { ++ ElfW(Addr) *array = (ElfW(Addr) *) (map->l_addr ++ + fini_array->d_un.d_ptr); ++ size_t sz = (map->l_info[DT_FINI_ARRAYSZ]->d_un.d_val ++ / sizeof (ElfW(Addr))); ++ ++ while (sz-- > 0) ++ ((fini_t) array[sz]) (); ++ } ++ ++ /* Next try the old-style destructor. */ ++ ElfW(Dyn) *fini = map->l_info[DT_FINI]; ++ if (fini != NULL) ++ DL_CALL_DT_FINI (map, ((void *) map->l_addr + fini->d_un.d_ptr)); ++} +diff --git a/elf/dl-close.c b/elf/dl-close.c +index bcd6e206e9..640bbd88c3 100644 +--- a/elf/dl-close.c ++++ b/elf/dl-close.c +@@ -36,11 +36,6 @@ + + #include + +- +-/* Type of the constructor functions. */ +-typedef void (*fini_t) (void); +- +- + /* Special l_idx value used to indicate which objects remain loaded. */ + #define IDX_STILL_USED -1 + +@@ -110,31 +105,6 @@ remove_slotinfo (size_t idx, struct dtv_slotinfo_list *listp, size_t disp, + return false; + } + +-/* Invoke dstructors for CLOSURE (a struct link_map *). Called with +- exception handling temporarily disabled, to make errors fatal. */ +-static void +-call_destructors (void *closure) +-{ +- struct link_map *map = closure; +- +- if (map->l_info[DT_FINI_ARRAY] != NULL) +- { +- ElfW(Addr) *array = +- (ElfW(Addr) *) (map->l_addr +- + map->l_info[DT_FINI_ARRAY]->d_un.d_ptr); +- unsigned int sz = (map->l_info[DT_FINI_ARRAYSZ]->d_un.d_val +- / sizeof (ElfW(Addr))); +- +- while (sz-- > 0) +- ((fini_t) array[sz]) (); +- } +- +- /* Next try the old-style destructor. */ +- if (map->l_info[DT_FINI] != NULL) +- DL_CALL_DT_FINI (map, ((void *) map->l_addr +- + map->l_info[DT_FINI]->d_un.d_ptr)); +-} +- + void + _dl_close_worker (struct link_map *map, bool force) + { +@@ -168,30 +138,31 @@ _dl_close_worker (struct link_map *map, bool force) + + bool any_tls = false; + const unsigned int nloaded = ns->_ns_nloaded; +- struct link_map *maps[nloaded]; + +- /* Run over the list and assign indexes to the link maps and enter +- them into the MAPS array. */ ++ /* Run over the list and assign indexes to the link maps. */ + int idx = 0; + for (struct link_map *l = ns->_ns_loaded; l != NULL; l = l->l_next) + { + l->l_map_used = 0; + l->l_map_done = 0; + l->l_idx = idx; +- maps[idx] = l; + ++idx; + } + assert (idx == nloaded); + +- /* Keep track of the lowest index link map we have covered already. */ +- int done_index = -1; +- while (++done_index < nloaded) ++ /* Keep marking link maps until no new link maps are found. */ ++ for (struct link_map *l = ns->_ns_loaded; l != NULL; ) + { +- struct link_map *l = maps[done_index]; ++ /* next is reset to earlier link maps for remarking. */ ++ struct link_map *next = l->l_next; ++ int next_idx = l->l_idx + 1; /* next->l_idx, but covers next == NULL. */ + + if (l->l_map_done) +- /* Already handled. */ +- continue; ++ { ++ /* Already handled. */ ++ l = next; ++ continue; ++ } + + /* Check whether this object is still used. */ + if (l->l_type == lt_loaded +@@ -201,7 +172,10 @@ _dl_close_worker (struct link_map *map, bool force) + acquire is sufficient and correct. */ + && atomic_load_acquire (&l->l_tls_dtor_count) == 0 + && !l->l_map_used) +- continue; ++ { ++ l = next; ++ continue; ++ } + + /* We need this object and we handle it now. */ + l->l_map_used = 1; +@@ -228,8 +202,11 @@ _dl_close_worker (struct link_map *map, bool force) + already processed it, then we need to go back + and process again from that point forward to + ensure we keep all of its dependencies also. */ +- if ((*lp)->l_idx - 1 < done_index) +- done_index = (*lp)->l_idx - 1; ++ if ((*lp)->l_idx < next_idx) ++ { ++ next = *lp; ++ next_idx = next->l_idx; ++ } + } + } + +@@ -249,54 +226,65 @@ _dl_close_worker (struct link_map *map, bool force) + if (!jmap->l_map_used) + { + jmap->l_map_used = 1; +- if (jmap->l_idx - 1 < done_index) +- done_index = jmap->l_idx - 1; ++ if (jmap->l_idx < next_idx) ++ { ++ next = jmap; ++ next_idx = next->l_idx; ++ } + } + } + } +- } + +- /* Sort the entries. We can skip looking for the binary itself which is +- at the front of the search list for the main namespace. */ +- _dl_sort_maps (maps, nloaded, (nsid == LM_ID_BASE), true); ++ l = next; ++ } + +- /* Call all termination functions at once. */ +- bool unload_any = false; +- bool scope_mem_left = false; +- unsigned int unload_global = 0; +- unsigned int first_loaded = ~0; +- for (unsigned int i = 0; i < nloaded; ++i) ++ /* Call the destructors in reverse constructor order, and remove the ++ closed link maps from the list. */ ++ for (struct link_map **init_called_head = &_dl_init_called_list; ++ *init_called_head != NULL; ) + { +- struct link_map *imap = maps[i]; +- +- /* All elements must be in the same namespace. */ +- assert (imap->l_ns == nsid); ++ struct link_map *imap = *init_called_head; + +- if (!imap->l_map_used) ++ /* _dl_init_called_list is global, to produce a global odering. ++ Ignore the other namespaces (and link maps that are still used). */ ++ if (imap->l_ns != nsid || imap->l_map_used) ++ init_called_head = &imap->l_init_called_next; ++ else + { + assert (imap->l_type == lt_loaded && !imap->l_nodelete_active); + +- /* Call its termination function. Do not do it for +- half-cooked objects. Temporarily disable exception +- handling, so that errors are fatal. */ +- if (imap->l_init_called) +- { +- /* When debugging print a message first. */ +- if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_IMPCALLS, +- 0)) +- _dl_debug_printf ("\ncalling fini: %s [%lu]\n\n", +- imap->l_name, nsid); +- +- if (imap->l_info[DT_FINI_ARRAY] != NULL +- || imap->l_info[DT_FINI] != NULL) +- _dl_catch_exception (NULL, call_destructors, imap); +- } ++ /* _dl_init_called_list is updated at the same time as ++ l_init_called. */ ++ assert (imap->l_init_called); ++ ++ if (imap->l_info[DT_FINI_ARRAY] != NULL ++ || imap->l_info[DT_FINI] != NULL) ++ _dl_catch_exception (NULL, _dl_call_fini, imap); + + #ifdef SHARED + /* Auditing checkpoint: we remove an object. */ + _dl_audit_objclose (imap); + #endif ++ /* Unlink this link map. */ ++ *init_called_head = imap->l_init_called_next; ++ } ++ } ++ + ++ bool unload_any = false; ++ bool scope_mem_left = false; ++ unsigned int unload_global = 0; ++ ++ /* For skipping un-unloadable link maps in the second loop. */ ++ struct link_map *first_loaded = ns->_ns_loaded; ++ ++ /* Iterate over the namespace to find objects to unload. Some ++ unloadable objects may not be on _dl_init_called_list due to ++ dlopen failure. */ ++ for (struct link_map *imap = first_loaded; imap != NULL; imap = imap->l_next) ++ { ++ if (!imap->l_map_used) ++ { + /* This object must not be used anymore. */ + imap->l_removed = 1; + +@@ -307,8 +295,8 @@ _dl_close_worker (struct link_map *map, bool force) + ++unload_global; + + /* Remember where the first dynamically loaded object is. */ +- if (i < first_loaded) +- first_loaded = i; ++ if (first_loaded == NULL) ++ first_loaded = imap; + } + /* Else imap->l_map_used. */ + else if (imap->l_type == lt_loaded) +@@ -444,8 +432,8 @@ _dl_close_worker (struct link_map *map, bool force) + imap->l_loader = NULL; + + /* Remember where the first dynamically loaded object is. */ +- if (i < first_loaded) +- first_loaded = i; ++ if (first_loaded == NULL) ++ first_loaded = imap; + } + } + +@@ -516,10 +504,11 @@ _dl_close_worker (struct link_map *map, bool force) + + /* Check each element of the search list to see if all references to + it are gone. */ +- for (unsigned int i = first_loaded; i < nloaded; ++i) ++ for (struct link_map *imap = first_loaded; imap != NULL; ) + { +- struct link_map *imap = maps[i]; +- if (!imap->l_map_used) ++ if (imap->l_map_used) ++ imap = imap->l_next; ++ else + { + assert (imap->l_type == lt_loaded); + +@@ -730,7 +719,9 @@ _dl_close_worker (struct link_map *map, bool force) + if (imap == GL(dl_initfirst)) + GL(dl_initfirst) = NULL; + ++ struct link_map *next = imap->l_next; + free (imap); ++ imap = next; + } + } + diff --git a/elf/dl-find_object.c b/elf/dl-find_object.c index 4d5831b6f4..2e5b456c11 100644 --- a/elf/dl-find_object.c @@ -428,6 +777,218 @@ index 4d5831b6f4..2e5b456c11 100644 } /* Object not found. */ +diff --git a/elf/dl-fini.c b/elf/dl-fini.c +index 030b1fcbcd..50087a1bfc 100644 +--- a/elf/dl-fini.c ++++ b/elf/dl-fini.c +@@ -21,155 +21,71 @@ + #include + #include + +- +-/* Type of the constructor functions. */ +-typedef void (*fini_t) (void); +- +- + void + _dl_fini (void) + { +- /* Lots of fun ahead. We have to call the destructors for all still +- loaded objects, in all namespaces. The problem is that the ELF +- specification now demands that dependencies between the modules +- are taken into account. I.e., the destructor for a module is +- called before the ones for any of its dependencies. +- +- To make things more complicated, we cannot simply use the reverse +- order of the constructors. Since the user might have loaded objects +- using `dlopen' there are possibly several other modules with its +- dependencies to be taken into account. Therefore we have to start +- determining the order of the modules once again from the beginning. */ +- +- /* We run the destructors of the main namespaces last. As for the +- other namespaces, we pick run the destructors in them in reverse +- order of the namespace ID. */ ++ /* Call destructors strictly in the reverse order of constructors. ++ This causes fewer surprises than some arbitrary reordering based ++ on new (relocation) dependencies. None of the objects are ++ unmapped, so applications can deal with this if their DSOs remain ++ in a consistent state after destructors have run. */ ++ ++ /* Protect against concurrent loads and unloads. */ ++ __rtld_lock_lock_recursive (GL(dl_load_lock)); ++ ++ /* Ignore objects which are opened during shutdown. */ ++ struct link_map *local_init_called_list = _dl_init_called_list; ++ ++ for (struct link_map *l = local_init_called_list; l != NULL; ++ l = l->l_init_called_next) ++ /* Bump l_direct_opencount of all objects so that they ++ are not dlclose()ed from underneath us. */ ++ ++l->l_direct_opencount; ++ ++ /* After this point, everything linked from local_init_called_list ++ cannot be unloaded because of the reference counter update. */ ++ __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ ++ /* Perform two passes: One for non-audit modules, one for audit ++ modules. This way, audit modules receive unload notifications ++ for non-audit objects, and the destructors for audit modules ++ still run. */ + #ifdef SHARED +- int do_audit = 0; +- again: ++ int last_pass = GLRO(dl_naudit) > 0; ++ Lmid_t last_ns = -1; ++ for (int do_audit = 0; do_audit <= last_pass; ++do_audit) + #endif +- for (Lmid_t ns = GL(dl_nns) - 1; ns >= 0; --ns) +- { +- /* Protect against concurrent loads and unloads. */ +- __rtld_lock_lock_recursive (GL(dl_load_lock)); +- +- unsigned int nloaded = GL(dl_ns)[ns]._ns_nloaded; +- /* No need to do anything for empty namespaces or those used for +- auditing DSOs. */ +- if (nloaded == 0 +-#ifdef SHARED +- || GL(dl_ns)[ns]._ns_loaded->l_auditing != do_audit +-#endif +- ) +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); +- else +- { +-#ifdef SHARED +- _dl_audit_activity_nsid (ns, LA_ACT_DELETE); +-#endif +- +- /* Now we can allocate an array to hold all the pointers and +- copy the pointers in. */ +- struct link_map *maps[nloaded]; +- +- unsigned int i; +- struct link_map *l; +- assert (nloaded != 0 || GL(dl_ns)[ns]._ns_loaded == NULL); +- for (l = GL(dl_ns)[ns]._ns_loaded, i = 0; l != NULL; l = l->l_next) +- /* Do not handle ld.so in secondary namespaces. */ +- if (l == l->l_real) +- { +- assert (i < nloaded); +- +- maps[i] = l; +- l->l_idx = i; +- ++i; +- +- /* Bump l_direct_opencount of all objects so that they +- are not dlclose()ed from underneath us. */ +- ++l->l_direct_opencount; +- } +- assert (ns != LM_ID_BASE || i == nloaded); +- assert (ns == LM_ID_BASE || i == nloaded || i == nloaded - 1); +- unsigned int nmaps = i; +- +- /* Now we have to do the sorting. We can skip looking for the +- binary itself which is at the front of the search list for +- the main namespace. */ +- _dl_sort_maps (maps, nmaps, (ns == LM_ID_BASE), true); +- +- /* We do not rely on the linked list of loaded object anymore +- from this point on. We have our own list here (maps). The +- various members of this list cannot vanish since the open +- count is too high and will be decremented in this loop. So +- we release the lock so that some code which might be called +- from a destructor can directly or indirectly access the +- lock. */ +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); +- +- /* 'maps' now contains the objects in the right order. Now +- call the destructors. We have to process this array from +- the front. */ +- for (i = 0; i < nmaps; ++i) +- { +- struct link_map *l = maps[i]; +- +- if (l->l_init_called) +- { +- /* Make sure nothing happens if we are called twice. */ +- l->l_init_called = 0; +- +- /* Is there a destructor function? */ +- if (l->l_info[DT_FINI_ARRAY] != NULL +- || (ELF_INITFINI && l->l_info[DT_FINI] != NULL)) +- { +- /* When debugging print a message first. */ +- if (__builtin_expect (GLRO(dl_debug_mask) +- & DL_DEBUG_IMPCALLS, 0)) +- _dl_debug_printf ("\ncalling fini: %s [%lu]\n\n", +- DSO_FILENAME (l->l_name), +- ns); +- +- /* First see whether an array is given. */ +- if (l->l_info[DT_FINI_ARRAY] != NULL) +- { +- ElfW(Addr) *array = +- (ElfW(Addr) *) (l->l_addr +- + l->l_info[DT_FINI_ARRAY]->d_un.d_ptr); +- unsigned int i = (l->l_info[DT_FINI_ARRAYSZ]->d_un.d_val +- / sizeof (ElfW(Addr))); +- while (i-- > 0) +- ((fini_t) array[i]) (); +- } +- +- /* Next try the old-style destructor. */ +- if (ELF_INITFINI && l->l_info[DT_FINI] != NULL) +- DL_CALL_DT_FINI +- (l, l->l_addr + l->l_info[DT_FINI]->d_un.d_ptr); +- } +- ++ for (struct link_map *l = local_init_called_list; l != NULL; ++ l = l->l_init_called_next) ++ { + #ifdef SHARED +- /* Auditing checkpoint: another object closed. */ +- _dl_audit_objclose (l); ++ if (GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing != do_audit) ++ continue; ++ ++ /* Avoid back-to-back calls of _dl_audit_activity_nsid for the ++ same namespace. */ ++ if (last_ns != l->l_ns) ++ { ++ if (last_ns >= 0) ++ _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); ++ _dl_audit_activity_nsid (l->l_ns, LA_ACT_DELETE); ++ last_ns = l->l_ns; ++ } + #endif +- } + +- /* Correct the previous increment. */ +- --l->l_direct_opencount; +- } ++ /* There is no need to re-enable exceptions because _dl_fini ++ is not called from a context where exceptions are caught. */ ++ _dl_call_fini (l); + + #ifdef SHARED +- _dl_audit_activity_nsid (ns, LA_ACT_CONSISTENT); ++ /* Auditing checkpoint: another object closed. */ ++ _dl_audit_objclose (l); + #endif +- } +- } ++ } + + #ifdef SHARED +- if (! do_audit && GLRO(dl_naudit) > 0) +- { +- do_audit = 1; +- goto again; +- } ++ if (last_ns >= 0) ++ _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); + + if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_STATISTICS)) + _dl_debug_printf ("\nruntime linker statistics:\n" diff --git a/elf/dl-hwcaps.c b/elf/dl-hwcaps.c index 6f161f6ad5..92eb53790e 100644 --- a/elf/dl-hwcaps.c @@ -464,6 +1025,96 @@ index 6f161f6ad5..92eb53790e 100644 struct r_strlenpair *overall_result = malloc (*sz * sizeof (*result) + total); if (overall_result == NULL) +diff --git a/elf/dl-init.c b/elf/dl-init.c +index deefeb099a..77b2edd838 100644 +--- a/elf/dl-init.c ++++ b/elf/dl-init.c +@@ -21,14 +21,19 @@ + #include + #include + ++struct link_map *_dl_init_called_list; + + static void + call_init (struct link_map *l, int argc, char **argv, char **env) + { ++ /* Do not run constructors for proxy objects. */ ++ if (l != l->l_real) ++ return; ++ + /* If the object has not been relocated, this is a bug. The + function pointers are invalid in this case. (Executables do not +- need relocation, and neither do proxy objects.) */ +- assert (l->l_real->l_relocated || l->l_real->l_type == lt_executable); ++ need relocation.) */ ++ assert (l->l_relocated || l->l_type == lt_executable); + + if (l->l_init_called) + /* This object is all done. */ +@@ -38,6 +43,21 @@ call_init (struct link_map *l, int argc, char **argv, char **env) + dependency. */ + l->l_init_called = 1; + ++ /* Help an already-running dlclose: The just-loaded object must not ++ be removed during the current pass. (No effect if no dlclose in ++ progress.) */ ++ l->l_map_used = 1; ++ ++ /* Record execution before starting any initializers. This way, if ++ the initializers themselves call dlopen, their ELF destructors ++ will eventually be run before this object is destructed, matching ++ that their ELF constructors have run before this object was ++ constructed. _dl_fini uses this list for audit callbacks, so ++ register objects on the list even if they do not have a ++ constructor. */ ++ l->l_init_called_next = _dl_init_called_list; ++ _dl_init_called_list = l; ++ + /* Check for object which constructors we do not run here. */ + if (__builtin_expect (l->l_name[0], 'a') == '\0' + && l->l_type == lt_executable) +diff --git a/elf/dl-load.c b/elf/dl-load.c +index 1ad0868dad..cb59c21ce7 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1263,7 +1263,7 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, + + /* Now process the load commands and map segments into memory. + This is responsible for filling in: +- l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr ++ l_map_start, l_map_end, l_addr, l_contiguous, l_phdr + */ + errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds, + maplength, has_holes, loader); +diff --git a/elf/dl-load.h b/elf/dl-load.h +index f98d264e90..ebf7d74cd0 100644 +--- a/elf/dl-load.h ++++ b/elf/dl-load.h +@@ -83,14 +83,11 @@ struct loadcmd + + /* This is a subroutine of _dl_map_segments. It should be called for each + load command, some time after L->l_addr has been set correctly. It is +- responsible for setting up the l_text_end and l_phdr fields. */ ++ responsible for setting the l_phdr fields */ + static __always_inline void + _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, + const struct loadcmd *c) + { +- if (c->prot & PROT_EXEC) +- l->l_text_end = l->l_addr + c->mapend; +- + if (l->l_phdr == 0 + && c->mapoff <= header->e_phoff + && ((size_t) (c->mapend - c->mapstart + c->mapoff) +@@ -103,7 +100,7 @@ _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, + + /* This is a subroutine of _dl_map_object_from_fd. It is responsible + for filling in several fields in *L: l_map_start, l_map_end, l_addr, +- l_contiguous, l_text_end, l_phdr. On successful return, all the ++ l_contiguous, l_phdr. On successful return, all the + segments are mapped (or copied, or whatever) from the file into their + final places in the address space, with the correct page permissions, + and any bss-like regions already zeroed. It returns a null pointer diff --git a/elf/dl-lookup.c b/elf/dl-lookup.c index 4c86dc694e..67fb2e31e2 100644 --- a/elf/dl-lookup.c @@ -663,6 +1314,42 @@ index 4af0b5b2ce..f45b630ba5 100644 call_function_static_weak (_dl_find_object_init); +diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c +index 8e7ee9df10..76cf8b9da3 100644 +--- a/elf/dl-tunables.c ++++ b/elf/dl-tunables.c +@@ -187,11 +187,7 @@ parse_tunables (char *tunestr, char *valstring) + /* If we reach the end of the string before getting a valid name-value + pair, bail out. */ + if (p[len] == '\0') +- { +- if (__libc_enable_secure) +- tunestr[off] = '\0'; +- return; +- } ++ break; + + /* We did not find a valid name-value pair before encountering the + colon. */ +@@ -251,9 +247,16 @@ parse_tunables (char *tunestr, char *valstring) + } + } + +- if (p[len] != '\0') +- p += len + 1; ++ /* We reached the end while processing the tunable string. */ ++ if (p[len] == '\0') ++ break; ++ ++ p += len + 1; + } ++ ++ /* Terminate tunestr before we leave. */ ++ if (__libc_enable_secure) ++ tunestr[off] = '\0'; + } + #endif + diff --git a/elf/dl-tunables.list b/elf/dl-tunables.list index e6a56b3070..9fa3b484cf 100644 --- a/elf/dl-tunables.list @@ -686,20 +1373,34 @@ index e6a56b3070..9fa3b484cf 100644 + } } diff --git a/elf/dso-sort-tests-1.def b/elf/dso-sort-tests-1.def -index 5f7f18ef27..4bf9052db1 100644 +index 5f7f18ef27..61dc54f8ae 100644 --- a/elf/dso-sort-tests-1.def +++ b/elf/dso-sort-tests-1.def -@@ -64,3 +64,10 @@ output: b>a>{}a->b->c;soname({})=c + output: b>a>{}b->c->d order). +-# The older dynamic_sort=1 algorithm does not achieve this, while the DFS-based +-# dynamic_sort=2 algorithm does, although it is still arguable whether going +-# beyond spec to do this is the right thing to do. +-# The below expected outputs are what the two algorithms currently produce +-# respectively, for regression testing purposes. ++# relocation(dynamic) dependencies. For both sorting algorithms, the ++# destruction order is the reverse of the construction order, and ++# relocation dependencies are not taken into account. tst-bz15311: {+a;+e;+f;+g;+d;%d;-d;-g;-f;-e;-a};a->b->c->d;d=>[ba];c=>a;b=>e=>a;c=>f=>b;d=>g=>c - output(glibc.rtld.dynamic_sort=1): {+a[d>c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[a1;a->a2;a2->a;b->b1;c->a1;c=>a1 -+output(glibc.rtld.dynamic_sort=1): {+a[a2>a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());}l_map_end = 0; +- main_map->l_text_end = 0; + /* Perhaps the executable has no PT_LOAD header entries at all. */ + main_map->l_map_start = ~0; + /* And it was opened directly. */ +@@ -1216,8 +1214,6 @@ rtld_setup_main_map (struct link_map *main_map) + allocend = main_map->l_addr + ph->p_vaddr + ph->p_memsz; + if (main_map->l_map_end < allocend) + main_map->l_map_end = allocend; +- if ((ph->p_flags & PF_X) && allocend > main_map->l_text_end) +- main_map->l_text_end = allocend; + + /* The next expected address is the page following this load + segment. */ +@@ -1277,8 +1273,6 @@ rtld_setup_main_map (struct link_map *main_map) + = (char *) main_map->l_tls_initimage + main_map->l_addr; + if (! main_map->l_map_end) + main_map->l_map_end = ~0; +- if (! main_map->l_text_end) +- main_map->l_text_end = ~0; + if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name) + { + /* We were invoked directly, so the program might not have a +@@ -2122,6 +2116,12 @@ dl_main (const ElfW(Phdr) *phdr, if (l->l_faked) /* The library was not found. */ _dl_printf ("\t%s => not found\n", l->l_libname->name); @@ -748,6 +1483,127 @@ index cbbaf4a331..3e771a93d8 100644 else _dl_printf ("\t%s => %s (0x%0*Zx)\n", DSO_FILENAME (l->l_libname->name), +diff --git a/elf/setup-vdso.h b/elf/setup-vdso.h +index c0807ea82b..415d5057c3 100644 +--- a/elf/setup-vdso.h ++++ b/elf/setup-vdso.h +@@ -51,9 +51,6 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), + l->l_addr = ph->p_vaddr; + if (ph->p_vaddr + ph->p_memsz >= l->l_map_end) + l->l_map_end = ph->p_vaddr + ph->p_memsz; +- if ((ph->p_flags & PF_X) +- && ph->p_vaddr + ph->p_memsz >= l->l_text_end) +- l->l_text_end = ph->p_vaddr + ph->p_memsz; + } + else + /* There must be no TLS segment. */ +@@ -62,7 +59,6 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), + l->l_map_start = (ElfW(Addr)) GLRO(dl_sysinfo_dso); + l->l_addr = l->l_map_start - l->l_addr; + l->l_map_end += l->l_addr; +- l->l_text_end += l->l_addr; + l->l_ld = (void *) ((ElfW(Addr)) l->l_ld + l->l_addr); + elf_get_dynamic_info (l, false, false); + _dl_setup_hash (l); +diff --git a/elf/tst-audit23.c b/elf/tst-audit23.c +index 4904cf1340..f40760bd70 100644 +--- a/elf/tst-audit23.c ++++ b/elf/tst-audit23.c +@@ -98,6 +98,8 @@ do_test (int argc, char *argv[]) + char *lname; + uintptr_t laddr; + Lmid_t lmid; ++ uintptr_t cookie; ++ uintptr_t namespace; + bool closed; + } objs[max_objs] = { [0 ... max_objs-1] = { .closed = false } }; + size_t nobjs = 0; +@@ -117,6 +119,9 @@ do_test (int argc, char *argv[]) + size_t buffer_length = 0; + while (xgetline (&buffer, &buffer_length, out)) + { ++ *strchrnul (buffer, '\n') = '\0'; ++ printf ("info: subprocess output: %s\n", buffer); ++ + if (startswith (buffer, "la_activity: ")) + { + uintptr_t cookie; +@@ -125,29 +130,26 @@ do_test (int argc, char *argv[]) + &cookie); + TEST_COMPARE (r, 2); + +- /* The cookie identifies the object at the head of the link map, +- so we only add a new namespace if it changes from the previous +- one. This works since dlmopen is the last in the test body. */ +- if (cookie != last_act_cookie && last_act_cookie != -1) +- TEST_COMPARE (last_act, LA_ACT_CONSISTENT); +- + if (this_act == LA_ACT_ADD && acts[nacts] != cookie) + { ++ /* The cookie identifies the object at the head of the ++ link map, so we only add a new namespace if it ++ changes from the previous one. This works since ++ dlmopen is the last in the test body. */ ++ if (cookie != last_act_cookie && last_act_cookie != -1) ++ TEST_COMPARE (last_act, LA_ACT_CONSISTENT); ++ + acts[nacts++] = cookie; + last_act_cookie = cookie; + } +- /* The LA_ACT_DELETE is called in the reverse order of LA_ACT_ADD +- at program termination (if the tests adds a dlclose or a library +- with extra dependencies this will need to be adapted). */ ++ /* LA_ACT_DELETE is called multiple times for each ++ namespace, depending on destruction order. */ + else if (this_act == LA_ACT_DELETE) +- { +- last_act_cookie = acts[--nacts]; +- TEST_COMPARE (acts[nacts], cookie); +- acts[nacts] = 0; +- } ++ last_act_cookie = cookie; + else if (this_act == LA_ACT_CONSISTENT) + { + TEST_COMPARE (cookie, last_act_cookie); ++ last_act_cookie = -1; + + /* LA_ACT_DELETE must always be followed by an la_objclose. */ + if (last_act == LA_ACT_DELETE) +@@ -179,6 +181,8 @@ do_test (int argc, char *argv[]) + objs[nobjs].lname = lname; + objs[nobjs].laddr = laddr; + objs[nobjs].lmid = lmid; ++ objs[nobjs].cookie = cookie; ++ objs[nobjs].namespace = last_act_cookie; + objs[nobjs].closed = false; + nobjs++; + +@@ -201,6 +205,12 @@ do_test (int argc, char *argv[]) + if (strcmp (lname, objs[i].lname) == 0 && lmid == objs[i].lmid) + { + TEST_COMPARE (objs[i].closed, false); ++ TEST_COMPARE (objs[i].cookie, cookie); ++ if (objs[i].namespace == -1) ++ /* No LA_ACT_ADD before the first la_objopen call. */ ++ TEST_COMPARE (acts[0], last_act_cookie); ++ else ++ TEST_COMPARE (objs[i].namespace, last_act_cookie); + objs[i].closed = true; + break; + } +@@ -209,11 +219,7 @@ do_test (int argc, char *argv[]) + /* la_objclose should be called after la_activity(LA_ACT_DELETE) for + the closed object's namespace. */ + TEST_COMPARE (last_act, LA_ACT_DELETE); +- if (!seen_first_objclose) +- { +- TEST_COMPARE (last_act_cookie, cookie); +- seen_first_objclose = true; +- } ++ seen_first_objclose = true; + } + } + diff --git a/elf/tst-auditmod28.c b/elf/tst-auditmod28.c index db7ba95abe..9e0a122c38 100644 --- a/elf/tst-auditmod28.c @@ -929,6 +1785,97 @@ index 0000000000..70c71fe19c +} + +#include +diff --git a/elf/tst-env-setuid-tunables.c b/elf/tst-env-setuid-tunables.c +index 88182b7b25..5e9e4c5756 100644 +--- a/elf/tst-env-setuid-tunables.c ++++ b/elf/tst-env-setuid-tunables.c +@@ -52,6 +52,8 @@ const char *teststrings[] = + "glibc.malloc.perturb=0x800:not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096", + "glibc.not_valid.check=2:glibc.malloc.mmap_threshold=4096", + "not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096", ++ "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096", ++ "glibc.malloc.check=2", + "glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096:glibc.malloc.check=2", + "glibc.malloc.check=4:glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096", + ":glibc.malloc.garbage=2:glibc.malloc.check=1", +@@ -70,6 +72,8 @@ const char *resultstrings[] = + "glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096", + "glibc.malloc.mmap_threshold=4096", + "glibc.malloc.mmap_threshold=4096", ++ "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096", ++ "", + "", + "", + "", +@@ -84,11 +88,18 @@ test_child (int off) + const char *val = getenv ("GLIBC_TUNABLES"); + + #if HAVE_TUNABLES ++ printf (" [%d] GLIBC_TUNABLES is %s\n", off, val); ++ fflush (stdout); + if (val != NULL && strcmp (val, resultstrings[off]) == 0) + return 0; + + if (val != NULL) +- printf ("[%d] Unexpected GLIBC_TUNABLES VALUE %s\n", off, val); ++ printf (" [%d] Unexpected GLIBC_TUNABLES VALUE %s, expected %s\n", ++ off, val, resultstrings[off]); ++ else ++ printf (" [%d] GLIBC_TUNABLES environment variable absent\n", off); ++ ++ fflush (stdout); + + return 1; + #else +@@ -117,21 +128,26 @@ do_test (int argc, char **argv) + if (ret != 0) + exit (1); + +- exit (EXIT_SUCCESS); ++ /* Special return code to make sure that the child executed all the way ++ through. */ ++ exit (42); + } + else + { +- int ret = 0; +- + /* Spawn tests. */ + for (int i = 0; i < array_length (teststrings); i++) + { + char buf[INT_BUFSIZE_BOUND (int)]; + +- printf ("Spawned test for %s (%d)\n", teststrings[i], i); ++ printf ("[%d] Spawned test for %s\n", i, teststrings[i]); + snprintf (buf, sizeof (buf), "%d\n", i); ++ fflush (stdout); + if (setenv ("GLIBC_TUNABLES", teststrings[i], 1) != 0) +- exit (1); ++ { ++ printf (" [%d] Failed to set GLIBC_TUNABLES: %m", i); ++ support_record_failure (); ++ continue; ++ } + + int status = support_capture_subprogram_self_sgid (buf); + +@@ -139,9 +155,14 @@ do_test (int argc, char **argv) + if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) + return EXIT_UNSUPPORTED; + +- ret |= status; ++ if (WEXITSTATUS (status) != 42) ++ { ++ printf (" [%d] child failed with status %d\n", i, ++ WEXITSTATUS (status)); ++ support_record_failure (); ++ } + } +- return ret; ++ return 0; + } + } + diff --git a/elf/tst-ldconfig-p.sh b/elf/tst-ldconfig-p.sh new file mode 100644 index 0000000000..ec937bf4ec @@ -1654,6 +2601,23 @@ index 0000000000..00b1b93342 +++ b/include/bits/wchar2-decl.h @@ -0,0 +1 @@ +#include +diff --git a/include/link.h b/include/link.h +index 0ac82d7c77..4eb8fe0d96 100644 +--- a/include/link.h ++++ b/include/link.h +@@ -253,8 +253,10 @@ struct link_map + /* Start and finish of memory map for this object. l_map_start + need not be the same as l_addr. */ + ElfW(Addr) l_map_start, l_map_end; +- /* End of the executable part of the mapping. */ +- ElfW(Addr) l_text_end; ++ ++ /* Linked list of objects in reverse ELF constructor execution ++ order. Head of list is stored in _dl_init_called_list. */ ++ struct link_map *l_init_called_next; + + /* Default array for 'l_scope'. */ + struct r_scope_elem *l_scope_mem[4]; diff --git a/include/resolv.h b/include/resolv.h index 3590b6f496..4dbbac3800 100644 --- a/include/resolv.h @@ -1668,19 +2632,36 @@ index 3590b6f496..4dbbac3800 100644 # endif /* _RESOLV_H_ && !_ISOMAC */ #endif diff --git a/io/Makefile b/io/Makefile -index b1710407d0..fb363c612c 100644 +index b1710407d0..b896484320 100644 --- a/io/Makefile +++ b/io/Makefile -@@ -80,7 +80,8 @@ tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \ +@@ -59,6 +59,7 @@ routines := \ + ftw64-time64 \ + closefrom close_range + ++ + others := pwd + test-srcs := ftwtest ftwtest-time64 + tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \ +@@ -80,7 +81,9 @@ tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \ tst-utimensat \ tst-closefrom \ tst-close_range \ - tst-ftw-bz28126 + tst-ftw-bz28126 \ -+ tst-fcntl-lock ++ tst-fcntl-lock \ ++ tst-fcntl-lock-lfs tests-time64 := \ tst-fcntl-time64 \ +diff --git a/io/tst-fcntl-lock-lfs.c b/io/tst-fcntl-lock-lfs.c +new file mode 100644 +index 0000000000..f2a909fb02 +--- /dev/null ++++ b/io/tst-fcntl-lock-lfs.c +@@ -0,0 +1,2 @@ ++#define _FILE_OFFSET_BITS 64 ++#include diff --git a/io/tst-fcntl-lock.c b/io/tst-fcntl-lock.c new file mode 100644 index 0000000000..357c4b7b56 @@ -2480,6 +3461,93 @@ index 9becb62033..31c64275f0 100644 map = __nscd_get_mapping (GETFDHST, "hosts", &__hst_map_handle.mapped); if (map == NO_MAPPING) +diff --git a/nss/Makefile b/nss/Makefile +index a978e3927a..7a52c68791 100644 +--- a/nss/Makefile ++++ b/nss/Makefile +@@ -81,6 +81,7 @@ tests-container := \ + tst-nss-test3 \ + tst-reload1 \ + tst-reload2 \ ++ tst-nss-gai-hv2-canonname \ + # tests-container + + # Tests which need libdl +@@ -144,7 +145,17 @@ libnss_compat-inhibit-o = $(filter-out .os,$(object-suffixes)) + ifeq ($(build-static-nss),yes) + tests-static += tst-nss-static + endif +-extra-test-objs += nss_test1.os nss_test2.os nss_test_errno.os ++extra-test-objs += nss_test1.os nss_test2.os nss_test_errno.os \ ++ nss_test_gai_hv2_canonname.os ++ ++ifeq ($(run-built-tests),yes) ++ifneq (no,$(PERL)) ++tests-special += $(objpfx)mtrace-tst-nss-gai-hv2-canonname.out ++endif ++endif ++ ++generated += mtrace-tst-nss-gai-hv2-canonname.out \ ++ tst-nss-gai-hv2-canonname.mtrace + + include ../Rules + +@@ -179,12 +190,16 @@ rtld-tests-LDFLAGS += -Wl,--dynamic-list=nss_test.ver + libof-nss_test1 = extramodules + libof-nss_test2 = extramodules + libof-nss_test_errno = extramodules ++libof-nss_test_gai_hv2_canonname = extramodules + $(objpfx)/libnss_test1.so: $(objpfx)nss_test1.os $(link-libc-deps) + $(build-module) + $(objpfx)/libnss_test2.so: $(objpfx)nss_test2.os $(link-libc-deps) + $(build-module) + $(objpfx)/libnss_test_errno.so: $(objpfx)nss_test_errno.os $(link-libc-deps) + $(build-module) ++$(objpfx)/libnss_test_gai_hv2_canonname.so: \ ++ $(objpfx)nss_test_gai_hv2_canonname.os $(link-libc-deps) ++ $(build-module) + $(objpfx)nss_test2.os : nss_test1.c + # Use the nss_files suffix for these objects as well. + $(objpfx)/libnss_test1.so$(libnss_files.so-version): $(objpfx)/libnss_test1.so +@@ -194,10 +209,14 @@ $(objpfx)/libnss_test2.so$(libnss_files.so-version): $(objpfx)/libnss_test2.so + $(objpfx)/libnss_test_errno.so$(libnss_files.so-version): \ + $(objpfx)/libnss_test_errno.so + $(make-link) ++$(objpfx)/libnss_test_gai_hv2_canonname.so$(libnss_files.so-version): \ ++ $(objpfx)/libnss_test_gai_hv2_canonname.so ++ $(make-link) + $(patsubst %,$(objpfx)%.out,$(tests) $(tests-container)) : \ + $(objpfx)/libnss_test1.so$(libnss_files.so-version) \ + $(objpfx)/libnss_test2.so$(libnss_files.so-version) \ +- $(objpfx)/libnss_test_errno.so$(libnss_files.so-version) ++ $(objpfx)/libnss_test_errno.so$(libnss_files.so-version) \ ++ $(objpfx)/libnss_test_gai_hv2_canonname.so$(libnss_files.so-version) + + ifeq (yes,$(have-thread-library)) + $(objpfx)tst-cancel-getpwuid_r: $(shared-thread-library) +@@ -206,6 +225,17 @@ endif + $(objpfx)tst-nss-files-alias-leak.out: $(objpfx)/libnss_files.so + $(objpfx)tst-nss-files-alias-truncated.out: $(objpfx)/libnss_files.so + ++tst-nss-gai-hv2-canonname-ENV = \ ++ MALLOC_TRACE=$(objpfx)tst-nss-gai-hv2-canonname.mtrace \ ++ LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so ++$(objpfx)mtrace-tst-nss-gai-hv2-canonname.out: \ ++ $(objpfx)tst-nss-gai-hv2-canonname.out ++ { test -r $(objpfx)tst-nss-gai-hv2-canonname.mtrace \ ++ || ( echo "tst-nss-gai-hv2-canonname.mtrace does not exist"; exit 77; ) \ ++ && $(common-objpfx)malloc/mtrace \ ++ $(objpfx)tst-nss-gai-hv2-canonname.mtrace; } > $@; \ ++ $(evaluate-test) ++ + # Disable DT_RUNPATH on NSS tests so that the glibc internal NSS + # functions can load testing NSS modules via DT_RPATH. + LDFLAGS-tst-nss-test1 = -Wl,--disable-new-dtags +@@ -214,3 +244,4 @@ LDFLAGS-tst-nss-test3 = -Wl,--disable-new-dtags + LDFLAGS-tst-nss-test4 = -Wl,--disable-new-dtags + LDFLAGS-tst-nss-test5 = -Wl,--disable-new-dtags + LDFLAGS-tst-nss-test_errno = -Wl,--disable-new-dtags ++LDFLAGS-tst-nss-test_gai_hv2_canonname = -Wl,--disable-new-dtags diff --git a/nss/getent.c b/nss/getent.c index 8178b4b470..d2d2524b0c 100644 --- a/nss/getent.c @@ -2523,6 +3591,68 @@ index 8178b4b470..d2d2524b0c 100644 default: return ARGP_ERR_UNKNOWN; } +diff --git a/nss/nss_test_gai_hv2_canonname.c b/nss/nss_test_gai_hv2_canonname.c +new file mode 100644 +index 0000000000..4439c83c9f +--- /dev/null ++++ b/nss/nss_test_gai_hv2_canonname.c +@@ -0,0 +1,56 @@ ++/* NSS service provider that only provides gethostbyname2_r. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include "nss/tst-nss-gai-hv2-canonname.h" ++ ++/* Catch misnamed and functions. */ ++#pragma GCC diagnostic error "-Wmissing-prototypes" ++NSS_DECLARE_MODULE_FUNCTIONS (test_gai_hv2_canonname) ++ ++extern enum nss_status _nss_files_gethostbyname2_r (const char *, int, ++ struct hostent *, char *, ++ size_t, int *, int *); ++ ++enum nss_status ++_nss_test_gai_hv2_canonname_gethostbyname2_r (const char *name, int af, ++ struct hostent *result, ++ char *buffer, size_t buflen, ++ int *errnop, int *herrnop) ++{ ++ return _nss_files_gethostbyname2_r (name, af, result, buffer, buflen, errnop, ++ herrnop); ++} ++ ++enum nss_status ++_nss_test_gai_hv2_canonname_getcanonname_r (const char *name, char *buffer, ++ size_t buflen, char **result, ++ int *errnop, int *h_errnop) ++{ ++ /* We expect QUERYNAME, which is a small enough string that it shouldn't fail ++ the test. */ ++ if (memcmp (QUERYNAME, name, sizeof (QUERYNAME)) ++ || buflen < sizeof (QUERYNAME)) ++ abort (); ++ ++ strncpy (buffer, name, buflen); ++ *result = buffer; ++ return NSS_STATUS_SUCCESS; ++} diff --git a/nss/tst-nss-files-hosts-long.c b/nss/tst-nss-files-hosts-long.c index 3942cf5fca..a7697e3143 100644 --- a/nss/tst-nss-files-hosts-long.c @@ -2547,6 +3677,96 @@ index 3942cf5fca..a7697e3143 100644 if (ret != 0) FAIL_EXIT1("ahostsv6 failed"); +diff --git a/nss/tst-nss-gai-hv2-canonname.c b/nss/tst-nss-gai-hv2-canonname.c +new file mode 100644 +index 0000000000..7db53cf09d +--- /dev/null ++++ b/nss/tst-nss-gai-hv2-canonname.c +@@ -0,0 +1,66 @@ ++/* Test NSS query path for plugins that only implement gethostbyname2 ++ (#30843). ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "nss/tst-nss-gai-hv2-canonname.h" ++ ++#define PREPARE do_prepare ++ ++static void do_prepare (int a, char **av) ++{ ++ FILE *hosts = xfopen ("/etc/hosts", "w"); ++ for (unsigned i = 2; i < 255; i++) ++ { ++ fprintf (hosts, "ff01::ff02:ff03:%u:2\ttest.example.com\n", i); ++ fprintf (hosts, "192.168.0.%u\ttest.example.com\n", i); ++ } ++ xfclose (hosts); ++} ++ ++static int ++do_test (void) ++{ ++ mtrace (); ++ ++ __nss_configure_lookup ("hosts", "test_gai_hv2_canonname"); ++ ++ struct addrinfo hints = {}; ++ struct addrinfo *result = NULL; ++ ++ hints.ai_family = AF_INET6; ++ hints.ai_flags = AI_ALL | AI_V4MAPPED | AI_CANONNAME; ++ ++ int ret = getaddrinfo (QUERYNAME, NULL, &hints, &result); ++ ++ if (ret != 0) ++ FAIL_EXIT1 ("getaddrinfo failed: %s\n", gai_strerror (ret)); ++ ++ TEST_COMPARE_STRING (result->ai_canonname, QUERYNAME); ++ ++ freeaddrinfo(result); ++ return 0; ++} ++ ++#include +diff --git a/nss/tst-nss-gai-hv2-canonname.h b/nss/tst-nss-gai-hv2-canonname.h +new file mode 100644 +index 0000000000..14f2a9cb08 +--- /dev/null ++++ b/nss/tst-nss-gai-hv2-canonname.h +@@ -0,0 +1 @@ ++#define QUERYNAME "test.example.com" +diff --git a/nss/tst-nss-gai-hv2-canonname.root/postclean.req b/nss/tst-nss-gai-hv2-canonname.root/postclean.req +new file mode 100644 +index 0000000000..e69de29bb2 +diff --git a/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script b/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script +new file mode 100644 +index 0000000000..31848b4a28 +--- /dev/null ++++ b/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script +@@ -0,0 +1,2 @@ ++cp $B/nss/libnss_test_gai_hv2_canonname.so $L/libnss_test_gai_hv2_canonname.so.2 ++su diff --git a/nss/tst-reload1.c b/nss/tst-reload1.c index fdc5bdd65b..bc32bb132a 100644 --- a/nss/tst-reload1.c @@ -2582,7 +3802,7 @@ index fdc5bdd65b..bc32bb132a 100644 static struct hostent host_table_2[] = { diff --git a/resolv/Makefile b/resolv/Makefile -index 5b15321f9b..f8a92c6cff 100644 +index 5b15321f9b..28cedf49ee 100644 --- a/resolv/Makefile +++ b/resolv/Makefile @@ -40,12 +40,16 @@ routines := \ @@ -2602,7 +3822,7 @@ index 5b15321f9b..f8a92c6cff 100644 ns_samename \ nsap_addr \ nss_dns_functions \ -@@ -89,9 +93,12 @@ tests += \ +@@ -89,11 +93,15 @@ tests += \ tst-ns_name_pton \ tst-res_hconf_reorder \ tst-res_hnok \ @@ -2614,8 +3834,11 @@ index 5b15321f9b..f8a92c6cff 100644 + tst-resolv-invalid-cname \ tst-resolv-network \ tst-resolv-noaaaa \ ++ tst-resolv-noaaaa-vc \ tst-resolv-nondecimal \ -@@ -104,6 +111,18 @@ tests += \ + tst-resolv-res_init-multi \ + tst-resolv-search \ +@@ -104,6 +112,18 @@ tests += \ tests-internal += tst-resolv-txnid-collision tests-static += tst-resolv-txnid-collision @@ -2634,7 +3857,7 @@ index 5b15321f9b..f8a92c6cff 100644 # These tests need libdl. ifeq (yes,$(build-shared)) tests += \ -@@ -258,8 +277,10 @@ $(objpfx)tst-resolv-ai_idn.out: $(gen-locales) +@@ -258,8 +278,10 @@ $(objpfx)tst-resolv-ai_idn.out: $(gen-locales) $(objpfx)tst-resolv-ai_idn-latin1.out: $(gen-locales) $(objpfx)tst-resolv-ai_idn-nolibidn2.out: \ $(gen-locales) $(objpfx)tst-no-libidn2.so @@ -2645,15 +3868,17 @@ index 5b15321f9b..f8a92c6cff 100644 $(objpfx)tst-resolv-edns: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-network: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-res_init: $(objpfx)libresolv.so -@@ -267,6 +288,8 @@ $(objpfx)tst-resolv-res_init-multi: $(objpfx)libresolv.so \ +@@ -267,7 +289,10 @@ $(objpfx)tst-resolv-res_init-multi: $(objpfx)libresolv.so \ $(shared-thread-library) $(objpfx)tst-resolv-res_init-thread: $(objpfx)libresolv.so \ $(shared-thread-library) +$(objpfx)tst-resolv-invalid-cname: $(objpfx)libresolv.so \ + $(shared-thread-library) $(objpfx)tst-resolv-noaaaa: $(objpfx)libresolv.so $(shared-thread-library) ++$(objpfx)tst-resolv-noaaaa-vc: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library) diff --git a/resolv/README b/resolv/README index 514e9bb617..2146bc3b27 100644 --- a/resolv/README @@ -3118,7 +4343,7 @@ index 0000000000..9a47d8e97a + return *a == 0 && *b == 0; +} diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c -index 544cffbecd..9fa81f23c8 100644 +index 544cffbecd..227734da5c 100644 --- a/resolv/nss_dns/dns-host.c +++ b/resolv/nss_dns/dns-host.c @@ -69,6 +69,7 @@ @@ -3392,7 +4617,7 @@ index 544cffbecd..9fa81f23c8 100644 - host_buffer.buf->buf, 2048, NULL, - NULL, NULL, NULL, NULL); + dns_packet_buffer, sizeof (dns_packet_buffer), -+ NULL, NULL, NULL, NULL, NULL); ++ &alt_dns_packet_buffer, NULL, NULL, NULL, NULL); if (n >= 0) - status = gaih_getanswer_noaaaa (host_buffer.buf, n, - name, pat, buffer, buflen, @@ -6081,6 +7306,141 @@ index 0000000000..05725225af + resolv_response_add_data (b, "", 1); + resolv_response_close_record (b); +} +diff --git a/resolv/tst-resolv-noaaaa-vc.c b/resolv/tst-resolv-noaaaa-vc.c +new file mode 100644 +index 0000000000..9f5aebd99f +--- /dev/null ++++ b/resolv/tst-resolv-noaaaa-vc.c +@@ -0,0 +1,129 @@ ++/* Test the RES_NOAAAA resolver option with a large response. ++ Copyright (C) 2022-2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/* Used to keep track of the number of queries. */ ++static volatile unsigned int queries; ++ ++/* If true, add a large TXT record at the start of the answer section. */ ++static volatile bool stuff_txt; ++ ++static void ++response (const struct resolv_response_context *ctx, ++ struct resolv_response_builder *b, ++ const char *qname, uint16_t qclass, uint16_t qtype) ++{ ++ /* If not using TCP, just force its use. */ ++ if (!ctx->tcp) ++ { ++ struct resolv_response_flags flags = {.tc = true}; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ return; ++ } ++ ++ /* The test needs to send four queries, the first three are used to ++ grow the NSS buffer via the ERANGE handshake. */ ++ ++queries; ++ TEST_VERIFY (queries <= 4); ++ ++ /* AAAA queries are supposed to be disabled. */ ++ TEST_COMPARE (qtype, T_A); ++ TEST_COMPARE (qclass, C_IN); ++ TEST_COMPARE_STRING (qname, "example.com"); ++ ++ struct resolv_response_flags flags = {}; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ ++ resolv_response_section (b, ns_s_an); ++ ++ if (stuff_txt) ++ { ++ resolv_response_open_record (b, qname, qclass, T_TXT, 60); ++ int zero = 0; ++ for (int i = 0; i <= 15000; ++i) ++ resolv_response_add_data (b, &zero, sizeof (zero)); ++ resolv_response_close_record (b); ++ } ++ ++ for (int i = 0; i < 200; ++i) ++ { ++ resolv_response_open_record (b, qname, qclass, qtype, 60); ++ char ipv4[4] = {192, 0, 2, i + 1}; ++ resolv_response_add_data (b, &ipv4, sizeof (ipv4)); ++ resolv_response_close_record (b); ++ } ++} ++ ++static int ++do_test (void) ++{ ++ struct resolv_test *obj = resolv_test_start ++ ((struct resolv_redirect_config) ++ { ++ .response_callback = response ++ }); ++ ++ _res.options |= RES_NOAAAA; ++ ++ for (int do_stuff_txt = 0; do_stuff_txt < 2; ++do_stuff_txt) ++ { ++ queries = 0; ++ stuff_txt = do_stuff_txt; ++ ++ struct addrinfo *ai = NULL; ++ int ret; ++ ret = getaddrinfo ("example.com", "80", ++ &(struct addrinfo) ++ { ++ .ai_family = AF_UNSPEC, ++ .ai_socktype = SOCK_STREAM, ++ }, &ai); ++ ++ char *expected_result; ++ { ++ struct xmemstream mem; ++ xopen_memstream (&mem); ++ for (int i = 0; i < 200; ++i) ++ fprintf (mem.out, "address: STREAM/TCP 192.0.2.%d 80\n", i + 1); ++ xfclose_memstream (&mem); ++ expected_result = mem.buffer; ++ } ++ ++ check_addrinfo ("example.com", ai, ret, expected_result); ++ ++ free (expected_result); ++ freeaddrinfo (ai); ++ } ++ ++ resolv_test_end (obj); ++ return 0; ++} ++ ++#include diff --git a/scripts/dso-ordering-test.py b/scripts/dso-ordering-test.py index 2dd6bfda18..b87cf2f809 100644 --- a/scripts/dso-ordering-test.py @@ -6837,14 +8197,37 @@ index 909b208578..d66f0b9c45 100644 ldp q2, q3, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*1] ldp q4, q5, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*2] diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h -index 050a3032de..6b256b8388 100644 +index 050a3032de..ab8a7fbf84 100644 --- a/sysdeps/generic/ldsodefs.h +++ b/sysdeps/generic/ldsodefs.h -@@ -1048,9 +1048,11 @@ extern void _dl_init (struct link_map *main_map, int argc, char **argv, +@@ -105,6 +105,9 @@ typedef struct link_map *lookup_t; + DT_PREINIT_ARRAY. */ + typedef void (*dl_init_t) (int, char **, char **); + ++/* Type of a constructor function, in DT_FINI, DT_FINI_ARRAY. */ ++typedef void (*fini_t) (void); ++ + /* On some architectures a pointer to a function is not just a pointer + to the actual code of the function but rather an architecture + specific descriptor. */ +@@ -1044,13 +1047,24 @@ extern int _dl_check_map_versions (struct link_map *map, int verbose, + extern void _dl_init (struct link_map *main_map, int argc, char **argv, + char **env) attribute_hidden; + ++/* List of ELF objects in reverse order of their constructor ++ invocation. */ ++extern struct link_map *_dl_init_called_list attribute_hidden; ++ + /* Call the finalizer functions of all shared objects whose initializer functions have completed. */ extern void _dl_fini (void) attribute_hidden; -/* Sort array MAPS according to dependencies of the contained objects. */ ++/* Invoke the DT_FINI_ARRAY and DT_FINI destructors for MAP, which ++ must be a struct link_map *. Can be used as an argument to ++ _dl_catch_exception. */ ++void _dl_call_fini (void *map) attribute_hidden; ++ +/* Sort array MAPS according to dependencies of the contained objects. + If FORCE_FIRST, MAPS[0] keeps its place even if the dependencies + say otherwise. */ @@ -7130,10 +8513,81 @@ index d3a6837fd2..425f514c5c 100644 typedef pthread_rwlock_t __libc_rwlock_t; diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index bcff909b2f..5cda9bb072 100644 +index bcff909b2f..f975dcd2bc 100644 --- a/sysdeps/posix/getaddrinfo.c +++ b/sysdeps/posix/getaddrinfo.c -@@ -540,11 +540,11 @@ get_nscd_addresses (const char *name, const struct addrinfo *req, +@@ -120,6 +120,7 @@ struct gaih_result + { + struct gaih_addrtuple *at; + char *canon; ++ char *h_name; + bool free_at; + bool got_ipv6; + }; +@@ -165,6 +166,7 @@ gaih_result_reset (struct gaih_result *res) + if (res->free_at) + free (res->at); + free (res->canon); ++ free (res->h_name); + memset (res, 0, sizeof (*res)); + } + +@@ -203,9 +205,8 @@ gaih_inet_serv (const char *servicename, const struct gaih_typeproto *tp, + return 0; + } + +-/* Convert struct hostent to a list of struct gaih_addrtuple objects. h_name +- is not copied, and the struct hostent object must not be deallocated +- prematurely. The new addresses are appended to the tuple array in RES. */ ++/* Convert struct hostent to a list of struct gaih_addrtuple objects. The new ++ addresses are appended to the tuple array in RES. */ + static bool + convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, + struct hostent *h, struct gaih_result *res) +@@ -238,6 +239,15 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, + res->at = array; + res->free_at = true; + ++ /* Duplicate h_name because it may get reclaimed when the underlying storage ++ is freed. */ ++ if (res->h_name == NULL) ++ { ++ res->h_name = __strdup (h->h_name); ++ if (res->h_name == NULL) ++ return false; ++ } ++ + /* Update the next pointers on reallocation. */ + for (size_t i = 0; i < old; i++) + array[i].next = array + i + 1; +@@ -262,7 +272,6 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, + } + array[i].next = array + i + 1; + } +- array[0].name = h->h_name; + array[count - 1].next = NULL; + + return true; +@@ -324,15 +333,15 @@ gethosts (nss_gethostbyname3_r fct, int family, const char *name, + memory allocation failure. The returned string is allocated on the + heap; the caller has to free it. */ + static char * +-getcanonname (nss_action_list nip, struct gaih_addrtuple *at, const char *name) ++getcanonname (nss_action_list nip, const char *hname, const char *name) + { + nss_getcanonname_r *cfct = __nss_lookup_function (nip, "getcanonname_r"); + char *s = (char *) name; + if (cfct != NULL) + { + char buf[256]; +- if (DL_CALL_FCT (cfct, (at->name ?: name, buf, sizeof (buf), +- &s, &errno, &h_errno)) != NSS_STATUS_SUCCESS) ++ if (DL_CALL_FCT (cfct, (hname ?: name, buf, sizeof (buf), &s, &errno, ++ &h_errno)) != NSS_STATUS_SUCCESS) + /* If the canonical name cannot be determined, use the passed + string. */ + s = (char *) name; +@@ -540,11 +549,11 @@ get_nscd_addresses (const char *name, const struct addrinfo *req, at[count].addr[2] = htonl (0xffff); } else if (req->ai_family == AF_UNSPEC @@ -7148,6 +8602,26 @@ index bcff909b2f..5cda9bb072 100644 res->got_ipv6 = true; } at[count].next = at + count + 1; +@@ -771,7 +780,7 @@ get_nss_addresses (const char *name, const struct addrinfo *req, + if ((req->ai_flags & AI_CANONNAME) != 0 + && res->canon == NULL) + { +- char *canonbuf = getcanonname (nip, res->at, name); ++ char *canonbuf = getcanonname (nip, res->h_name, name); + if (canonbuf == NULL) + { + __resolv_context_put (res_ctx); +@@ -1187,9 +1196,7 @@ free_and_return: + if (malloc_name) + free ((char *) name); + free (addrmem); +- if (res.free_at) +- free (res.at); +- free (res.canon); ++ gaih_result_reset (&res); + + return result; + } diff --git a/sysdeps/posix/system.c b/sysdeps/posix/system.c index 8014f63355..20c9420dd4 100644 --- a/sysdeps/posix/system.c @@ -8302,14 +9776,14 @@ index a263d294b1..cf35c8bfc9 100644 { return INLINE_SYSCALL_CALL (getrandom, buf, buflen, flags); diff --git a/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h b/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h -index d7cf158b33..49c8fac0fb 100644 +index d7cf158b33..0ca6e69ee9 100644 --- a/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h +++ b/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h @@ -33,6 +33,12 @@ # define __O_LARGEFILE 0200000 #endif -+#if __WORDSIZE == 64 ++#if __WORDSIZE == 64 && !defined __USE_FILE_OFFSET64 +# define F_GETLK 5 +# define F_SETLK 6 +# define F_SETLKW 7 @@ -8953,13 +10427,205 @@ index 037af22290..5711d1c312 100644 char *path = xasprintf ("/proc/%d/fd/%d", pid, remote_fd); diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h -index e9f3382108..637b5a022d 100644 +index e9f3382108..d95c1efa2c 100644 --- a/sysdeps/x86/dl-cacheinfo.h +++ b/sysdeps/x86/dl-cacheinfo.h -@@ -861,6 +861,18 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - share of the cache, it has a substantial risk of negatively - impacting the performance of other threads running on the chip. */ - unsigned long int non_temporal_threshold = shared * 3 / 4; +@@ -478,7 +478,7 @@ handle_zhaoxin (int name) + } + + static void +-get_common_cache_info (long int *shared_ptr, unsigned int *threads_ptr, ++get_common_cache_info (long int *shared_ptr, long int * shared_per_thread_ptr, unsigned int *threads_ptr, + long int core) + { + unsigned int eax; +@@ -497,6 +497,7 @@ get_common_cache_info (long int *shared_ptr, unsigned int *threads_ptr, + unsigned int family = cpu_features->basic.family; + unsigned int model = cpu_features->basic.model; + long int shared = *shared_ptr; ++ long int shared_per_thread = *shared_per_thread_ptr; + unsigned int threads = *threads_ptr; + bool inclusive_cache = true; + bool support_count_mask = true; +@@ -512,6 +513,7 @@ get_common_cache_info (long int *shared_ptr, unsigned int *threads_ptr, + /* Try L2 otherwise. */ + level = 2; + shared = core; ++ shared_per_thread = core; + threads_l2 = 0; + threads_l3 = -1; + } +@@ -668,29 +670,27 @@ get_common_cache_info (long int *shared_ptr, unsigned int *threads_ptr, + } + else + { +-intel_bug_no_cache_info: +- /* Assume that all logical threads share the highest cache +- level. */ +- threads +- = ((cpu_features->features[CPUID_INDEX_1].cpuid.ebx >> 16) +- & 0xff); +- } +- +- /* Cap usage of highest cache level to the number of supported +- threads. */ +- if (shared > 0 && threads > 0) +- shared /= threads; ++ intel_bug_no_cache_info: ++ /* Assume that all logical threads share the highest cache ++ level. */ ++ threads = ((cpu_features->features[CPUID_INDEX_1].cpuid.ebx >> 16) ++ & 0xff); ++ } ++ /* Get per-thread size of highest level cache. */ ++ if (shared_per_thread > 0 && threads > 0) ++ shared_per_thread /= threads; + } + + /* Account for non-inclusive L2 and L3 caches. */ + if (!inclusive_cache) + { +- if (threads_l2 > 0) +- core /= threads_l2; ++ long int core_per_thread = threads_l2 > 0 ? (core / threads_l2) : core; ++ shared_per_thread += core_per_thread; + shared += core; + } + + *shared_ptr = shared; ++ *shared_per_thread_ptr = shared_per_thread; + *threads_ptr = threads; + } + +@@ -704,6 +704,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + int max_cpuid_ex; + long int data = -1; + long int shared = -1; ++ long int shared_per_thread = -1; + long int core = -1; + unsigned int threads = 0; + unsigned long int level1_icache_size = -1; +@@ -724,6 +725,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + data = handle_intel (_SC_LEVEL1_DCACHE_SIZE, cpu_features); + core = handle_intel (_SC_LEVEL2_CACHE_SIZE, cpu_features); + shared = handle_intel (_SC_LEVEL3_CACHE_SIZE, cpu_features); ++ shared_per_thread = shared; + + level1_icache_size + = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features); +@@ -747,13 +749,14 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + level4_cache_size + = handle_intel (_SC_LEVEL4_CACHE_SIZE, cpu_features); + +- get_common_cache_info (&shared, &threads, core); ++ get_common_cache_info (&shared, &shared_per_thread, &threads, core); + } + else if (cpu_features->basic.kind == arch_kind_zhaoxin) + { + data = handle_zhaoxin (_SC_LEVEL1_DCACHE_SIZE); + core = handle_zhaoxin (_SC_LEVEL2_CACHE_SIZE); + shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE); ++ shared_per_thread = shared; + + level1_icache_size = handle_zhaoxin (_SC_LEVEL1_ICACHE_SIZE); + level1_icache_linesize = handle_zhaoxin (_SC_LEVEL1_ICACHE_LINESIZE); +@@ -767,13 +770,14 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + level3_cache_assoc = handle_zhaoxin (_SC_LEVEL3_CACHE_ASSOC); + level3_cache_linesize = handle_zhaoxin (_SC_LEVEL3_CACHE_LINESIZE); + +- get_common_cache_info (&shared, &threads, core); ++ get_common_cache_info (&shared, &shared_per_thread, &threads, core); + } + else if (cpu_features->basic.kind == arch_kind_amd) + { + data = handle_amd (_SC_LEVEL1_DCACHE_SIZE); + core = handle_amd (_SC_LEVEL2_CACHE_SIZE); + shared = handle_amd (_SC_LEVEL3_CACHE_SIZE); ++ shared_per_thread = shared; + + level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE); + level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE); +@@ -791,8 +795,11 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + __cpuid (0x80000000, max_cpuid_ex, ebx, ecx, edx); + + if (shared <= 0) +- /* No shared L3 cache. All we have is the L2 cache. */ +- shared = core; ++ { ++ /* No shared L3 cache. All we have is the L2 cache. */ ++ shared = core; ++ shared_per_thread = core; ++ } + else + { + /* Figure out the number of logical threads that share L3. */ +@@ -816,7 +823,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + /* Cap usage of highest cache level to the number of + supported threads. */ + if (threads > 0) +- shared /= threads; ++ shared_per_thread /= threads; + + /* Get shared cache per ccx for Zen architectures. */ + if (cpu_features->basic.family >= 0x17) +@@ -827,12 +834,13 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + __cpuid_count (0x8000001D, 0x3, eax, ebx, ecx, edx); + + unsigned int threads_per_ccx = ((eax >> 14) & 0xfff) + 1; +- shared *= threads_per_ccx; ++ shared_per_thread *= threads_per_ccx; + } + else + { + /* Account for exclusive L2 and L3 caches. */ + shared += core; ++ shared_per_thread += core; + } + } + } +@@ -850,17 +858,46 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + cpu_features->level3_cache_linesize = level3_cache_linesize; + cpu_features->level4_cache_size = level4_cache_size; + +- /* The default setting for the non_temporal threshold is 3/4 of one +- thread's share of the chip's cache. For most Intel and AMD processors +- with an initial release date between 2017 and 2020, a thread's typical +- share of the cache is from 500 KBytes to 2 MBytes. Using the 3/4 +- threshold leaves 125 KBytes to 500 KBytes of the thread's data +- in cache after a maximum temporal copy, which will maintain +- in cache a reasonable portion of the thread's stack and other +- active data. If the threshold is set higher than one thread's +- share of the cache, it has a substantial risk of negatively +- impacting the performance of other threads running on the chip. */ +- unsigned long int non_temporal_threshold = shared * 3 / 4; ++ /* The default setting for the non_temporal threshold is 1/4 of size ++ of the chip's cache. For most Intel and AMD processors with an ++ initial release date between 2017 and 2023, a thread's typical ++ share of the cache is from 18-64MB. Using the 1/4 L3 is meant to ++ estimate the point where non-temporal stores begin out-competing ++ REP MOVSB. As well the point where the fact that non-temporal ++ stores are forced back to main memory would already occurred to the ++ majority of the lines in the copy. Note, concerns about the ++ entire L3 cache being evicted by the copy are mostly alleviated ++ by the fact that modern HW detects streaming patterns and ++ provides proper LRU hints so that the maximum thrashing ++ capped at 1/associativity. */ ++ unsigned long int non_temporal_threshold = shared / 4; ++ ++ /* If the computed non_temporal_threshold <= 3/4 * per-thread L3, we most ++ likely have incorrect/incomplete cache info in which case, default to ++ 3/4 * per-thread L3 to avoid regressions. */ ++ unsigned long int non_temporal_threshold_lowbound ++ = shared_per_thread * 3 / 4; ++ if (non_temporal_threshold < non_temporal_threshold_lowbound) ++ non_temporal_threshold = non_temporal_threshold_lowbound; ++ ++ /* If no ERMS, we use the per-thread L3 chunking. Normal cacheable stores run ++ a higher risk of actually thrashing the cache as they don't have a HW LRU ++ hint. As well, their performance in highly parallel situations is ++ noticeably worse. */ ++ if (!CPU_FEATURE_USABLE_P (cpu_features, ERMS)) ++ non_temporal_threshold = non_temporal_threshold_lowbound; + /* SIZE_MAX >> 4 because memmove-vec-unaligned-erms right-shifts the value of + 'x86_non_temporal_threshold' by `LOG_4X_MEMCPY_THRESH` (4) and it is best + if that operation cannot overflow. Minimum of 0x4040 (16448) because the @@ -8975,7 +10641,7 @@ index e9f3382108..637b5a022d 100644 #if HAVE_TUNABLES /* NB: The REP MOVSB threshold must be greater than VEC_SIZE * 8. */ -@@ -915,8 +927,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -915,8 +952,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) shared = tunable_size; tunable_size = TUNABLE_GET (x86_non_temporal_threshold, long int, NULL); @@ -8986,7 +10652,7 @@ index e9f3382108..637b5a022d 100644 non_temporal_threshold = tunable_size; tunable_size = TUNABLE_GET (x86_rep_movsb_threshold, long int, NULL); -@@ -931,14 +943,9 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -931,14 +968,9 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) TUNABLE_SET_WITH_BOUNDS (x86_data_cache_size, data, 0, SIZE_MAX); TUNABLE_SET_WITH_BOUNDS (x86_shared_cache_size, shared, 0, SIZE_MAX); From bcd53756d34181aa373fe9b016bce55064207473 Mon Sep 17 00:00:00 2001 From: Tim Biermann Date: Wed, 4 Oct 2023 14:26:44 +0200 Subject: [PATCH 02/14] [notify] glibc: fixes for CVE-2023-4527, CVE-2023-4806, CVE-2023-5156 and CVE-2023-4911 --- glibc/.signature | 6 +- glibc/Pkgfile | 6 +- ...{glibc-2.36-6.patch => glibc-2.36-7.patch} | 1754 ++++++++++++++++- 3 files changed, 1716 insertions(+), 50 deletions(-) rename glibc/{glibc-2.36-6.patch => glibc-2.36-7.patch} (85%) diff --git a/glibc/.signature b/glibc/.signature index c2b7d905..0af7bcbe 100644 --- a/glibc/.signature +++ b/glibc/.signature @@ -1,10 +1,10 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqogJDPcqs21HTSqzFyxgEKBXxqHz0teCvdjM+yu+rh7KtQ/Moyz16f1LBb0veaDBl1Yg13EQAFKiCM/klFaOygs= -SHA256 (Pkgfile) = 3fb99e9e1553590e8a8136c648823c0b84add195862ee591dd86bb22ea6ddee0 +RWRJc1FUaeVeqpoW2OjCDQ3pK1hhqCCUSYuX9ciV1KAwTYdVuCv2RJf3OhZnimlfsBVUR/o0d8Asuyu4xcDxPYBt7fy7gMe/BAI= +SHA256 (Pkgfile) = a7ea5f73724ac39fc56dda2879c73fd72c04e378b5694035d5ca8feea914ac92 SHA256 (.footprint) = 9eff4b9e8478995dd0aceacfe9301a250827c8b27cb1d4605c696ac55eec873c SHA256 (glibc-2.36.tar.xz) = 1c959fea240906226062cb4b1e7ebce71a9f0e3c0836c09e7e3423d434fcfe75 SHA256 (linux-5.15.55.tar.xz) = 1ef6bd508b6c3af3bef2d5b337e4477254dba284c79e329aa38f9763ae3bfdcc -SHA256 (glibc-2.36-6.patch) = 571cc9d6ba0b1e81a00fae152347a29c2879a4970dad7d30a841690908788a01 +SHA256 (glibc-2.36-7.patch) = c167ddd1eb9e63fade7e60a2dc612a18e0900519d8c0ec1e0cf06fa92fca638a SHA256 (hosts) = 5c02b256c105f1d4a12fb738d71c1bab9eb126533074d7a0c8a14b92670c9431 SHA256 (resolv.conf) = 72ccb58768a72a771ec37142bc361a18478a07ec9de6e925a20760794389bf51 SHA256 (nsswitch.conf) = 859b8984e5e90aff3cce8f9779996ae4033b280d2122840e9411e2f44a1c2e61 diff --git a/glibc/Pkgfile b/glibc/Pkgfile index e3aea73d..c2e731d7 100644 --- a/glibc/Pkgfile +++ b/glibc/Pkgfile @@ -4,12 +4,12 @@ name=glibc version=2.36 -release=6 +release=7 _kernel_version=5.15.55 source=(https://ftp.gnu.org/gnu/glibc/glibc-$version.tar.xz https://www.kernel.org/pub/linux/kernel/v5.x/linux-$_kernel_version.tar.xz - glibc-$version-6.patch + glibc-$version-7.patch hosts resolv.conf nsswitch.conf host.conf ld.so.conf locale-gen locale.gen.in) @@ -19,7 +19,7 @@ build() { make -C $SRC/linux-$_kernel_version INSTALL_HDR_PATH=$PKG/usr headers_install chown root:root $PKG/usr - patch -p1 -d $SRC/$name-${version:0:4} -i $SRC/$name-$version-6.patch + patch -p1 -d $SRC/$name-${version:0:4} -i $SRC/$name-$version-7.patch mkdir $SRC/build cd $SRC/build diff --git a/glibc/glibc-2.36-6.patch b/glibc/glibc-2.36-7.patch similarity index 85% rename from glibc/glibc-2.36-6.patch rename to glibc/glibc-2.36-7.patch index bbb133c8..ad5972b3 100644 --- a/glibc/glibc-2.36-6.patch +++ b/glibc/glibc-2.36-7.patch @@ -66,10 +66,10 @@ index d1e139d03c..09c0cf8357 100644 else # -s verbose := diff --git a/NEWS b/NEWS -index f61e521fc8..82e868d73b 100644 +index f61e521fc8..5358e0cbe3 100644 --- a/NEWS +++ b/NEWS -@@ -5,6 +5,66 @@ See the end for copying conditions. +@@ -5,6 +5,90 @@ See the end for copying conditions. Please send GNU C library bug reports via using `glibc' in the "product" field. @@ -89,6 +89,26 @@ index f61e521fc8..82e868d73b 100644 + heap and prints it to the target log file, potentially revealing a + portion of the contents of the heap. + ++ CVE-2023-4527: If the system is configured in no-aaaa mode via ++ /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address ++ family, and a DNS response is received over TCP that is larger than ++ 2048 bytes, getaddrinfo may potentially disclose stack contents via ++ the returned address data, or crash. ++ ++ CVE-2023-4806: When an NSS plugin only implements the ++ _gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use ++ memory that was freed during buffer resizing, potentially causing a ++ crash or read or write to arbitrary memory. ++ ++ CVE-2023-5156: The fix for CVE-2023-4806 introduced a memory leak when ++ an application calls getaddrinfo for AF_INET6 with AI_CANONNAME, ++ AI_ALL and AI_V4MAPPED flags set. ++ ++ CVE-2023-4911: If a tunable of the form NAME=NAME=VAL is passed in the ++ environment of a setuid program and NAME is valid, it may result in a ++ buffer overflow, which could be exploited to achieve escalated ++ privileges. This flaw was introduced in glibc 2.34. ++ +The following bugs are resolved with this release: + + [12154] Do not fail DNS resolution for CNAMEs which are not host names @@ -132,6 +152,10 @@ index f61e521fc8..82e868d73b 100644 + [30305] x86_64: Fix asm constraints in feraiseexcept + [30477] libc: [RISCV]: time64 does not work on riscv32 + [30515] _dl_find_object incorrectly returns 1 during early startup ++ [30785] Always call destructors in reverse constructor order ++ [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with ++ -D_FILE_OFFSET_BITS=64 ++ [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) + Version 2.36 @@ -282,10 +306,18 @@ index 2696dde4b1..9b07b4e132 100644 void * diff --git a/elf/Makefile b/elf/Makefile -index fd77d0c7c8..48788fcdb8 100644 +index fd77d0c7c8..30c9af1de9 100644 --- a/elf/Makefile +++ b/elf/Makefile -@@ -374,6 +374,8 @@ tests += \ +@@ -53,6 +53,7 @@ routines = \ + # profiled libraries. + dl-routines = \ + dl-call-libc-early-init \ ++ dl-call_fini \ + dl-close \ + dl-debug \ + dl-debug-symbols \ +@@ -374,6 +375,8 @@ tests += \ tst-align \ tst-align2 \ tst-align3 \ @@ -294,7 +326,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-audit1 \ tst-audit2 \ tst-audit8 \ -@@ -408,6 +410,7 @@ tests += \ +@@ -408,6 +411,7 @@ tests += \ tst-dlmopen4 \ tst-dlmopen-dlerror \ tst-dlmopen-gethostbyname \ @@ -302,7 +334,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-dlopenfail \ tst-dlopenfail-2 \ tst-dlopenrpath \ -@@ -631,6 +634,7 @@ ifeq ($(run-built-tests),yes) +@@ -631,6 +635,7 @@ ifeq ($(run-built-tests),yes) tests-special += \ $(objpfx)noload-mem.out \ $(objpfx)tst-ldconfig-X.out \ @@ -310,7 +342,7 @@ index fd77d0c7c8..48788fcdb8 100644 $(objpfx)tst-leaks1-mem.out \ $(objpfx)tst-rtld-help.out \ # tests-special -@@ -765,6 +769,8 @@ modules-names += \ +@@ -765,6 +770,8 @@ modules-names += \ tst-alignmod3 \ tst-array2dep \ tst-array5dep \ @@ -319,7 +351,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-audit11mod1 \ tst-audit11mod2 \ tst-audit12mod1 \ -@@ -798,6 +804,7 @@ modules-names += \ +@@ -798,6 +805,7 @@ modules-names += \ tst-auditmanymod7 \ tst-auditmanymod8 \ tst-auditmanymod9 \ @@ -327,7 +359,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-auditmod1 \ tst-auditmod9a \ tst-auditmod9b \ -@@ -834,6 +841,8 @@ modules-names += \ +@@ -834,6 +842,8 @@ modules-names += \ tst-dlmopen1mod \ tst-dlmopen-dlerror-mod \ tst-dlmopen-gethostbyname-mod \ @@ -336,7 +368,7 @@ index fd77d0c7c8..48788fcdb8 100644 tst-dlopenfaillinkmod \ tst-dlopenfailmod1 \ tst-dlopenfailmod2 \ -@@ -990,23 +999,8 @@ modules-names += tst-gnu2-tls1mod +@@ -990,23 +1000,8 @@ modules-names += tst-gnu2-tls1mod $(objpfx)tst-gnu2-tls1: $(objpfx)tst-gnu2-tls1mod.so tst-gnu2-tls1mod.so-no-z-defs = yes CFLAGS-tst-gnu2-tls1mod.c += -mtls-dialect=gnu2 @@ -361,7 +393,7 @@ index fd77d0c7c8..48788fcdb8 100644 ifeq (yes,$(have-protected-data)) modules-names += tst-protected1moda tst-protected1modb tests += tst-protected1a tst-protected1b -@@ -2410,6 +2404,11 @@ $(objpfx)tst-ldconfig-X.out : tst-ldconfig-X.sh $(objpfx)ldconfig +@@ -2410,6 +2405,11 @@ $(objpfx)tst-ldconfig-X.out : tst-ldconfig-X.sh $(objpfx)ldconfig '$(run-program-env)' > $@; \ $(evaluate-test) @@ -373,7 +405,7 @@ index fd77d0c7c8..48788fcdb8 100644 # Test static linking of all the libraries we can possibly link # together. Note that in some configurations this may be less than the # complete list of libraries we build but we try to maxmimize this list. -@@ -2967,3 +2966,25 @@ $(objpfx)tst-tls-allocation-failure-static-patched.out: \ +@@ -2967,3 +2967,25 @@ $(objpfx)tst-tls-allocation-failure-static-patched.out: \ grep -q '^Fatal glibc error: Cannot allocate TLS block$$' $@ \ && grep -q '^status: 127$$' $@; \ $(evaluate-test) @@ -415,6 +447,323 @@ index 8bbf110d02..b97c17b3a9 100644 return __strdup (temp); } +diff --git a/elf/dl-call_fini.c b/elf/dl-call_fini.c +new file mode 100644 +index 0000000000..9e7ba10fa2 +--- /dev/null ++++ b/elf/dl-call_fini.c +@@ -0,0 +1,50 @@ ++/* Invoke DT_FINI and DT_FINI_ARRAY callbacks. ++ Copyright (C) 1996-2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++void ++_dl_call_fini (void *closure_map) ++{ ++ struct link_map *map = closure_map; ++ ++ /* When debugging print a message first. */ ++ if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_IMPCALLS)) ++ _dl_debug_printf ("\ncalling fini: %s [%lu]\n\n", map->l_name, map->l_ns); ++ ++ /* Make sure nothing happens if we are called twice. */ ++ map->l_init_called = 0; ++ ++ ElfW(Dyn) *fini_array = map->l_info[DT_FINI_ARRAY]; ++ if (fini_array != NULL) ++ { ++ ElfW(Addr) *array = (ElfW(Addr) *) (map->l_addr ++ + fini_array->d_un.d_ptr); ++ size_t sz = (map->l_info[DT_FINI_ARRAYSZ]->d_un.d_val ++ / sizeof (ElfW(Addr))); ++ ++ while (sz-- > 0) ++ ((fini_t) array[sz]) (); ++ } ++ ++ /* Next try the old-style destructor. */ ++ ElfW(Dyn) *fini = map->l_info[DT_FINI]; ++ if (fini != NULL) ++ DL_CALL_DT_FINI (map, ((void *) map->l_addr + fini->d_un.d_ptr)); ++} +diff --git a/elf/dl-close.c b/elf/dl-close.c +index bcd6e206e9..640bbd88c3 100644 +--- a/elf/dl-close.c ++++ b/elf/dl-close.c +@@ -36,11 +36,6 @@ + + #include + +- +-/* Type of the constructor functions. */ +-typedef void (*fini_t) (void); +- +- + /* Special l_idx value used to indicate which objects remain loaded. */ + #define IDX_STILL_USED -1 + +@@ -110,31 +105,6 @@ remove_slotinfo (size_t idx, struct dtv_slotinfo_list *listp, size_t disp, + return false; + } + +-/* Invoke dstructors for CLOSURE (a struct link_map *). Called with +- exception handling temporarily disabled, to make errors fatal. */ +-static void +-call_destructors (void *closure) +-{ +- struct link_map *map = closure; +- +- if (map->l_info[DT_FINI_ARRAY] != NULL) +- { +- ElfW(Addr) *array = +- (ElfW(Addr) *) (map->l_addr +- + map->l_info[DT_FINI_ARRAY]->d_un.d_ptr); +- unsigned int sz = (map->l_info[DT_FINI_ARRAYSZ]->d_un.d_val +- / sizeof (ElfW(Addr))); +- +- while (sz-- > 0) +- ((fini_t) array[sz]) (); +- } +- +- /* Next try the old-style destructor. */ +- if (map->l_info[DT_FINI] != NULL) +- DL_CALL_DT_FINI (map, ((void *) map->l_addr +- + map->l_info[DT_FINI]->d_un.d_ptr)); +-} +- + void + _dl_close_worker (struct link_map *map, bool force) + { +@@ -168,30 +138,31 @@ _dl_close_worker (struct link_map *map, bool force) + + bool any_tls = false; + const unsigned int nloaded = ns->_ns_nloaded; +- struct link_map *maps[nloaded]; + +- /* Run over the list and assign indexes to the link maps and enter +- them into the MAPS array. */ ++ /* Run over the list and assign indexes to the link maps. */ + int idx = 0; + for (struct link_map *l = ns->_ns_loaded; l != NULL; l = l->l_next) + { + l->l_map_used = 0; + l->l_map_done = 0; + l->l_idx = idx; +- maps[idx] = l; + ++idx; + } + assert (idx == nloaded); + +- /* Keep track of the lowest index link map we have covered already. */ +- int done_index = -1; +- while (++done_index < nloaded) ++ /* Keep marking link maps until no new link maps are found. */ ++ for (struct link_map *l = ns->_ns_loaded; l != NULL; ) + { +- struct link_map *l = maps[done_index]; ++ /* next is reset to earlier link maps for remarking. */ ++ struct link_map *next = l->l_next; ++ int next_idx = l->l_idx + 1; /* next->l_idx, but covers next == NULL. */ + + if (l->l_map_done) +- /* Already handled. */ +- continue; ++ { ++ /* Already handled. */ ++ l = next; ++ continue; ++ } + + /* Check whether this object is still used. */ + if (l->l_type == lt_loaded +@@ -201,7 +172,10 @@ _dl_close_worker (struct link_map *map, bool force) + acquire is sufficient and correct. */ + && atomic_load_acquire (&l->l_tls_dtor_count) == 0 + && !l->l_map_used) +- continue; ++ { ++ l = next; ++ continue; ++ } + + /* We need this object and we handle it now. */ + l->l_map_used = 1; +@@ -228,8 +202,11 @@ _dl_close_worker (struct link_map *map, bool force) + already processed it, then we need to go back + and process again from that point forward to + ensure we keep all of its dependencies also. */ +- if ((*lp)->l_idx - 1 < done_index) +- done_index = (*lp)->l_idx - 1; ++ if ((*lp)->l_idx < next_idx) ++ { ++ next = *lp; ++ next_idx = next->l_idx; ++ } + } + } + +@@ -249,54 +226,65 @@ _dl_close_worker (struct link_map *map, bool force) + if (!jmap->l_map_used) + { + jmap->l_map_used = 1; +- if (jmap->l_idx - 1 < done_index) +- done_index = jmap->l_idx - 1; ++ if (jmap->l_idx < next_idx) ++ { ++ next = jmap; ++ next_idx = next->l_idx; ++ } + } + } + } +- } + +- /* Sort the entries. We can skip looking for the binary itself which is +- at the front of the search list for the main namespace. */ +- _dl_sort_maps (maps, nloaded, (nsid == LM_ID_BASE), true); ++ l = next; ++ } + +- /* Call all termination functions at once. */ +- bool unload_any = false; +- bool scope_mem_left = false; +- unsigned int unload_global = 0; +- unsigned int first_loaded = ~0; +- for (unsigned int i = 0; i < nloaded; ++i) ++ /* Call the destructors in reverse constructor order, and remove the ++ closed link maps from the list. */ ++ for (struct link_map **init_called_head = &_dl_init_called_list; ++ *init_called_head != NULL; ) + { +- struct link_map *imap = maps[i]; +- +- /* All elements must be in the same namespace. */ +- assert (imap->l_ns == nsid); ++ struct link_map *imap = *init_called_head; + +- if (!imap->l_map_used) ++ /* _dl_init_called_list is global, to produce a global odering. ++ Ignore the other namespaces (and link maps that are still used). */ ++ if (imap->l_ns != nsid || imap->l_map_used) ++ init_called_head = &imap->l_init_called_next; ++ else + { + assert (imap->l_type == lt_loaded && !imap->l_nodelete_active); + +- /* Call its termination function. Do not do it for +- half-cooked objects. Temporarily disable exception +- handling, so that errors are fatal. */ +- if (imap->l_init_called) +- { +- /* When debugging print a message first. */ +- if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_IMPCALLS, +- 0)) +- _dl_debug_printf ("\ncalling fini: %s [%lu]\n\n", +- imap->l_name, nsid); +- +- if (imap->l_info[DT_FINI_ARRAY] != NULL +- || imap->l_info[DT_FINI] != NULL) +- _dl_catch_exception (NULL, call_destructors, imap); +- } ++ /* _dl_init_called_list is updated at the same time as ++ l_init_called. */ ++ assert (imap->l_init_called); ++ ++ if (imap->l_info[DT_FINI_ARRAY] != NULL ++ || imap->l_info[DT_FINI] != NULL) ++ _dl_catch_exception (NULL, _dl_call_fini, imap); + + #ifdef SHARED + /* Auditing checkpoint: we remove an object. */ + _dl_audit_objclose (imap); + #endif ++ /* Unlink this link map. */ ++ *init_called_head = imap->l_init_called_next; ++ } ++ } ++ + ++ bool unload_any = false; ++ bool scope_mem_left = false; ++ unsigned int unload_global = 0; ++ ++ /* For skipping un-unloadable link maps in the second loop. */ ++ struct link_map *first_loaded = ns->_ns_loaded; ++ ++ /* Iterate over the namespace to find objects to unload. Some ++ unloadable objects may not be on _dl_init_called_list due to ++ dlopen failure. */ ++ for (struct link_map *imap = first_loaded; imap != NULL; imap = imap->l_next) ++ { ++ if (!imap->l_map_used) ++ { + /* This object must not be used anymore. */ + imap->l_removed = 1; + +@@ -307,8 +295,8 @@ _dl_close_worker (struct link_map *map, bool force) + ++unload_global; + + /* Remember where the first dynamically loaded object is. */ +- if (i < first_loaded) +- first_loaded = i; ++ if (first_loaded == NULL) ++ first_loaded = imap; + } + /* Else imap->l_map_used. */ + else if (imap->l_type == lt_loaded) +@@ -444,8 +432,8 @@ _dl_close_worker (struct link_map *map, bool force) + imap->l_loader = NULL; + + /* Remember where the first dynamically loaded object is. */ +- if (i < first_loaded) +- first_loaded = i; ++ if (first_loaded == NULL) ++ first_loaded = imap; + } + } + +@@ -516,10 +504,11 @@ _dl_close_worker (struct link_map *map, bool force) + + /* Check each element of the search list to see if all references to + it are gone. */ +- for (unsigned int i = first_loaded; i < nloaded; ++i) ++ for (struct link_map *imap = first_loaded; imap != NULL; ) + { +- struct link_map *imap = maps[i]; +- if (!imap->l_map_used) ++ if (imap->l_map_used) ++ imap = imap->l_next; ++ else + { + assert (imap->l_type == lt_loaded); + +@@ -730,7 +719,9 @@ _dl_close_worker (struct link_map *map, bool force) + if (imap == GL(dl_initfirst)) + GL(dl_initfirst) = NULL; + ++ struct link_map *next = imap->l_next; + free (imap); ++ imap = next; + } + } + diff --git a/elf/dl-find_object.c b/elf/dl-find_object.c index 4d5831b6f4..2e5b456c11 100644 --- a/elf/dl-find_object.c @@ -428,6 +777,218 @@ index 4d5831b6f4..2e5b456c11 100644 } /* Object not found. */ +diff --git a/elf/dl-fini.c b/elf/dl-fini.c +index 030b1fcbcd..50087a1bfc 100644 +--- a/elf/dl-fini.c ++++ b/elf/dl-fini.c +@@ -21,155 +21,71 @@ + #include + #include + +- +-/* Type of the constructor functions. */ +-typedef void (*fini_t) (void); +- +- + void + _dl_fini (void) + { +- /* Lots of fun ahead. We have to call the destructors for all still +- loaded objects, in all namespaces. The problem is that the ELF +- specification now demands that dependencies between the modules +- are taken into account. I.e., the destructor for a module is +- called before the ones for any of its dependencies. +- +- To make things more complicated, we cannot simply use the reverse +- order of the constructors. Since the user might have loaded objects +- using `dlopen' there are possibly several other modules with its +- dependencies to be taken into account. Therefore we have to start +- determining the order of the modules once again from the beginning. */ +- +- /* We run the destructors of the main namespaces last. As for the +- other namespaces, we pick run the destructors in them in reverse +- order of the namespace ID. */ ++ /* Call destructors strictly in the reverse order of constructors. ++ This causes fewer surprises than some arbitrary reordering based ++ on new (relocation) dependencies. None of the objects are ++ unmapped, so applications can deal with this if their DSOs remain ++ in a consistent state after destructors have run. */ ++ ++ /* Protect against concurrent loads and unloads. */ ++ __rtld_lock_lock_recursive (GL(dl_load_lock)); ++ ++ /* Ignore objects which are opened during shutdown. */ ++ struct link_map *local_init_called_list = _dl_init_called_list; ++ ++ for (struct link_map *l = local_init_called_list; l != NULL; ++ l = l->l_init_called_next) ++ /* Bump l_direct_opencount of all objects so that they ++ are not dlclose()ed from underneath us. */ ++ ++l->l_direct_opencount; ++ ++ /* After this point, everything linked from local_init_called_list ++ cannot be unloaded because of the reference counter update. */ ++ __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ ++ /* Perform two passes: One for non-audit modules, one for audit ++ modules. This way, audit modules receive unload notifications ++ for non-audit objects, and the destructors for audit modules ++ still run. */ + #ifdef SHARED +- int do_audit = 0; +- again: ++ int last_pass = GLRO(dl_naudit) > 0; ++ Lmid_t last_ns = -1; ++ for (int do_audit = 0; do_audit <= last_pass; ++do_audit) + #endif +- for (Lmid_t ns = GL(dl_nns) - 1; ns >= 0; --ns) +- { +- /* Protect against concurrent loads and unloads. */ +- __rtld_lock_lock_recursive (GL(dl_load_lock)); +- +- unsigned int nloaded = GL(dl_ns)[ns]._ns_nloaded; +- /* No need to do anything for empty namespaces or those used for +- auditing DSOs. */ +- if (nloaded == 0 +-#ifdef SHARED +- || GL(dl_ns)[ns]._ns_loaded->l_auditing != do_audit +-#endif +- ) +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); +- else +- { +-#ifdef SHARED +- _dl_audit_activity_nsid (ns, LA_ACT_DELETE); +-#endif +- +- /* Now we can allocate an array to hold all the pointers and +- copy the pointers in. */ +- struct link_map *maps[nloaded]; +- +- unsigned int i; +- struct link_map *l; +- assert (nloaded != 0 || GL(dl_ns)[ns]._ns_loaded == NULL); +- for (l = GL(dl_ns)[ns]._ns_loaded, i = 0; l != NULL; l = l->l_next) +- /* Do not handle ld.so in secondary namespaces. */ +- if (l == l->l_real) +- { +- assert (i < nloaded); +- +- maps[i] = l; +- l->l_idx = i; +- ++i; +- +- /* Bump l_direct_opencount of all objects so that they +- are not dlclose()ed from underneath us. */ +- ++l->l_direct_opencount; +- } +- assert (ns != LM_ID_BASE || i == nloaded); +- assert (ns == LM_ID_BASE || i == nloaded || i == nloaded - 1); +- unsigned int nmaps = i; +- +- /* Now we have to do the sorting. We can skip looking for the +- binary itself which is at the front of the search list for +- the main namespace. */ +- _dl_sort_maps (maps, nmaps, (ns == LM_ID_BASE), true); +- +- /* We do not rely on the linked list of loaded object anymore +- from this point on. We have our own list here (maps). The +- various members of this list cannot vanish since the open +- count is too high and will be decremented in this loop. So +- we release the lock so that some code which might be called +- from a destructor can directly or indirectly access the +- lock. */ +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); +- +- /* 'maps' now contains the objects in the right order. Now +- call the destructors. We have to process this array from +- the front. */ +- for (i = 0; i < nmaps; ++i) +- { +- struct link_map *l = maps[i]; +- +- if (l->l_init_called) +- { +- /* Make sure nothing happens if we are called twice. */ +- l->l_init_called = 0; +- +- /* Is there a destructor function? */ +- if (l->l_info[DT_FINI_ARRAY] != NULL +- || (ELF_INITFINI && l->l_info[DT_FINI] != NULL)) +- { +- /* When debugging print a message first. */ +- if (__builtin_expect (GLRO(dl_debug_mask) +- & DL_DEBUG_IMPCALLS, 0)) +- _dl_debug_printf ("\ncalling fini: %s [%lu]\n\n", +- DSO_FILENAME (l->l_name), +- ns); +- +- /* First see whether an array is given. */ +- if (l->l_info[DT_FINI_ARRAY] != NULL) +- { +- ElfW(Addr) *array = +- (ElfW(Addr) *) (l->l_addr +- + l->l_info[DT_FINI_ARRAY]->d_un.d_ptr); +- unsigned int i = (l->l_info[DT_FINI_ARRAYSZ]->d_un.d_val +- / sizeof (ElfW(Addr))); +- while (i-- > 0) +- ((fini_t) array[i]) (); +- } +- +- /* Next try the old-style destructor. */ +- if (ELF_INITFINI && l->l_info[DT_FINI] != NULL) +- DL_CALL_DT_FINI +- (l, l->l_addr + l->l_info[DT_FINI]->d_un.d_ptr); +- } +- ++ for (struct link_map *l = local_init_called_list; l != NULL; ++ l = l->l_init_called_next) ++ { + #ifdef SHARED +- /* Auditing checkpoint: another object closed. */ +- _dl_audit_objclose (l); ++ if (GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing != do_audit) ++ continue; ++ ++ /* Avoid back-to-back calls of _dl_audit_activity_nsid for the ++ same namespace. */ ++ if (last_ns != l->l_ns) ++ { ++ if (last_ns >= 0) ++ _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); ++ _dl_audit_activity_nsid (l->l_ns, LA_ACT_DELETE); ++ last_ns = l->l_ns; ++ } + #endif +- } + +- /* Correct the previous increment. */ +- --l->l_direct_opencount; +- } ++ /* There is no need to re-enable exceptions because _dl_fini ++ is not called from a context where exceptions are caught. */ ++ _dl_call_fini (l); + + #ifdef SHARED +- _dl_audit_activity_nsid (ns, LA_ACT_CONSISTENT); ++ /* Auditing checkpoint: another object closed. */ ++ _dl_audit_objclose (l); + #endif +- } +- } ++ } + + #ifdef SHARED +- if (! do_audit && GLRO(dl_naudit) > 0) +- { +- do_audit = 1; +- goto again; +- } ++ if (last_ns >= 0) ++ _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); + + if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_STATISTICS)) + _dl_debug_printf ("\nruntime linker statistics:\n" diff --git a/elf/dl-hwcaps.c b/elf/dl-hwcaps.c index 6f161f6ad5..92eb53790e 100644 --- a/elf/dl-hwcaps.c @@ -464,6 +1025,96 @@ index 6f161f6ad5..92eb53790e 100644 struct r_strlenpair *overall_result = malloc (*sz * sizeof (*result) + total); if (overall_result == NULL) +diff --git a/elf/dl-init.c b/elf/dl-init.c +index deefeb099a..77b2edd838 100644 +--- a/elf/dl-init.c ++++ b/elf/dl-init.c +@@ -21,14 +21,19 @@ + #include + #include + ++struct link_map *_dl_init_called_list; + + static void + call_init (struct link_map *l, int argc, char **argv, char **env) + { ++ /* Do not run constructors for proxy objects. */ ++ if (l != l->l_real) ++ return; ++ + /* If the object has not been relocated, this is a bug. The + function pointers are invalid in this case. (Executables do not +- need relocation, and neither do proxy objects.) */ +- assert (l->l_real->l_relocated || l->l_real->l_type == lt_executable); ++ need relocation.) */ ++ assert (l->l_relocated || l->l_type == lt_executable); + + if (l->l_init_called) + /* This object is all done. */ +@@ -38,6 +43,21 @@ call_init (struct link_map *l, int argc, char **argv, char **env) + dependency. */ + l->l_init_called = 1; + ++ /* Help an already-running dlclose: The just-loaded object must not ++ be removed during the current pass. (No effect if no dlclose in ++ progress.) */ ++ l->l_map_used = 1; ++ ++ /* Record execution before starting any initializers. This way, if ++ the initializers themselves call dlopen, their ELF destructors ++ will eventually be run before this object is destructed, matching ++ that their ELF constructors have run before this object was ++ constructed. _dl_fini uses this list for audit callbacks, so ++ register objects on the list even if they do not have a ++ constructor. */ ++ l->l_init_called_next = _dl_init_called_list; ++ _dl_init_called_list = l; ++ + /* Check for object which constructors we do not run here. */ + if (__builtin_expect (l->l_name[0], 'a') == '\0' + && l->l_type == lt_executable) +diff --git a/elf/dl-load.c b/elf/dl-load.c +index 1ad0868dad..cb59c21ce7 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1263,7 +1263,7 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, + + /* Now process the load commands and map segments into memory. + This is responsible for filling in: +- l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr ++ l_map_start, l_map_end, l_addr, l_contiguous, l_phdr + */ + errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds, + maplength, has_holes, loader); +diff --git a/elf/dl-load.h b/elf/dl-load.h +index f98d264e90..ebf7d74cd0 100644 +--- a/elf/dl-load.h ++++ b/elf/dl-load.h +@@ -83,14 +83,11 @@ struct loadcmd + + /* This is a subroutine of _dl_map_segments. It should be called for each + load command, some time after L->l_addr has been set correctly. It is +- responsible for setting up the l_text_end and l_phdr fields. */ ++ responsible for setting the l_phdr fields */ + static __always_inline void + _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, + const struct loadcmd *c) + { +- if (c->prot & PROT_EXEC) +- l->l_text_end = l->l_addr + c->mapend; +- + if (l->l_phdr == 0 + && c->mapoff <= header->e_phoff + && ((size_t) (c->mapend - c->mapstart + c->mapoff) +@@ -103,7 +100,7 @@ _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, + + /* This is a subroutine of _dl_map_object_from_fd. It is responsible + for filling in several fields in *L: l_map_start, l_map_end, l_addr, +- l_contiguous, l_text_end, l_phdr. On successful return, all the ++ l_contiguous, l_phdr. On successful return, all the + segments are mapped (or copied, or whatever) from the file into their + final places in the address space, with the correct page permissions, + and any bss-like regions already zeroed. It returns a null pointer diff --git a/elf/dl-lookup.c b/elf/dl-lookup.c index 4c86dc694e..67fb2e31e2 100644 --- a/elf/dl-lookup.c @@ -663,6 +1314,42 @@ index 4af0b5b2ce..f45b630ba5 100644 call_function_static_weak (_dl_find_object_init); +diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c +index 8e7ee9df10..76cf8b9da3 100644 +--- a/elf/dl-tunables.c ++++ b/elf/dl-tunables.c +@@ -187,11 +187,7 @@ parse_tunables (char *tunestr, char *valstring) + /* If we reach the end of the string before getting a valid name-value + pair, bail out. */ + if (p[len] == '\0') +- { +- if (__libc_enable_secure) +- tunestr[off] = '\0'; +- return; +- } ++ break; + + /* We did not find a valid name-value pair before encountering the + colon. */ +@@ -251,9 +247,16 @@ parse_tunables (char *tunestr, char *valstring) + } + } + +- if (p[len] != '\0') +- p += len + 1; ++ /* We reached the end while processing the tunable string. */ ++ if (p[len] == '\0') ++ break; ++ ++ p += len + 1; + } ++ ++ /* Terminate tunestr before we leave. */ ++ if (__libc_enable_secure) ++ tunestr[off] = '\0'; + } + #endif + diff --git a/elf/dl-tunables.list b/elf/dl-tunables.list index e6a56b3070..9fa3b484cf 100644 --- a/elf/dl-tunables.list @@ -686,20 +1373,34 @@ index e6a56b3070..9fa3b484cf 100644 + } } diff --git a/elf/dso-sort-tests-1.def b/elf/dso-sort-tests-1.def -index 5f7f18ef27..4bf9052db1 100644 +index 5f7f18ef27..61dc54f8ae 100644 --- a/elf/dso-sort-tests-1.def +++ b/elf/dso-sort-tests-1.def -@@ -64,3 +64,10 @@ output: b>a>{}a->b->c;soname({})=c + output: b>a>{}b->c->d order). +-# The older dynamic_sort=1 algorithm does not achieve this, while the DFS-based +-# dynamic_sort=2 algorithm does, although it is still arguable whether going +-# beyond spec to do this is the right thing to do. +-# The below expected outputs are what the two algorithms currently produce +-# respectively, for regression testing purposes. ++# relocation(dynamic) dependencies. For both sorting algorithms, the ++# destruction order is the reverse of the construction order, and ++# relocation dependencies are not taken into account. tst-bz15311: {+a;+e;+f;+g;+d;%d;-d;-g;-f;-e;-a};a->b->c->d;d=>[ba];c=>a;b=>e=>a;c=>f=>b;d=>g=>c - output(glibc.rtld.dynamic_sort=1): {+a[d>c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[a1;a->a2;a2->a;b->b1;c->a1;c=>a1 -+output(glibc.rtld.dynamic_sort=1): {+a[a2>a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());}l_map_end = 0; +- main_map->l_text_end = 0; + /* Perhaps the executable has no PT_LOAD header entries at all. */ + main_map->l_map_start = ~0; + /* And it was opened directly. */ +@@ -1216,8 +1214,6 @@ rtld_setup_main_map (struct link_map *main_map) + allocend = main_map->l_addr + ph->p_vaddr + ph->p_memsz; + if (main_map->l_map_end < allocend) + main_map->l_map_end = allocend; +- if ((ph->p_flags & PF_X) && allocend > main_map->l_text_end) +- main_map->l_text_end = allocend; + + /* The next expected address is the page following this load + segment. */ +@@ -1277,8 +1273,6 @@ rtld_setup_main_map (struct link_map *main_map) + = (char *) main_map->l_tls_initimage + main_map->l_addr; + if (! main_map->l_map_end) + main_map->l_map_end = ~0; +- if (! main_map->l_text_end) +- main_map->l_text_end = ~0; + if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name) + { + /* We were invoked directly, so the program might not have a +@@ -2122,6 +2116,12 @@ dl_main (const ElfW(Phdr) *phdr, if (l->l_faked) /* The library was not found. */ _dl_printf ("\t%s => not found\n", l->l_libname->name); @@ -748,6 +1483,127 @@ index cbbaf4a331..3e771a93d8 100644 else _dl_printf ("\t%s => %s (0x%0*Zx)\n", DSO_FILENAME (l->l_libname->name), +diff --git a/elf/setup-vdso.h b/elf/setup-vdso.h +index c0807ea82b..415d5057c3 100644 +--- a/elf/setup-vdso.h ++++ b/elf/setup-vdso.h +@@ -51,9 +51,6 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), + l->l_addr = ph->p_vaddr; + if (ph->p_vaddr + ph->p_memsz >= l->l_map_end) + l->l_map_end = ph->p_vaddr + ph->p_memsz; +- if ((ph->p_flags & PF_X) +- && ph->p_vaddr + ph->p_memsz >= l->l_text_end) +- l->l_text_end = ph->p_vaddr + ph->p_memsz; + } + else + /* There must be no TLS segment. */ +@@ -62,7 +59,6 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), + l->l_map_start = (ElfW(Addr)) GLRO(dl_sysinfo_dso); + l->l_addr = l->l_map_start - l->l_addr; + l->l_map_end += l->l_addr; +- l->l_text_end += l->l_addr; + l->l_ld = (void *) ((ElfW(Addr)) l->l_ld + l->l_addr); + elf_get_dynamic_info (l, false, false); + _dl_setup_hash (l); +diff --git a/elf/tst-audit23.c b/elf/tst-audit23.c +index 4904cf1340..f40760bd70 100644 +--- a/elf/tst-audit23.c ++++ b/elf/tst-audit23.c +@@ -98,6 +98,8 @@ do_test (int argc, char *argv[]) + char *lname; + uintptr_t laddr; + Lmid_t lmid; ++ uintptr_t cookie; ++ uintptr_t namespace; + bool closed; + } objs[max_objs] = { [0 ... max_objs-1] = { .closed = false } }; + size_t nobjs = 0; +@@ -117,6 +119,9 @@ do_test (int argc, char *argv[]) + size_t buffer_length = 0; + while (xgetline (&buffer, &buffer_length, out)) + { ++ *strchrnul (buffer, '\n') = '\0'; ++ printf ("info: subprocess output: %s\n", buffer); ++ + if (startswith (buffer, "la_activity: ")) + { + uintptr_t cookie; +@@ -125,29 +130,26 @@ do_test (int argc, char *argv[]) + &cookie); + TEST_COMPARE (r, 2); + +- /* The cookie identifies the object at the head of the link map, +- so we only add a new namespace if it changes from the previous +- one. This works since dlmopen is the last in the test body. */ +- if (cookie != last_act_cookie && last_act_cookie != -1) +- TEST_COMPARE (last_act, LA_ACT_CONSISTENT); +- + if (this_act == LA_ACT_ADD && acts[nacts] != cookie) + { ++ /* The cookie identifies the object at the head of the ++ link map, so we only add a new namespace if it ++ changes from the previous one. This works since ++ dlmopen is the last in the test body. */ ++ if (cookie != last_act_cookie && last_act_cookie != -1) ++ TEST_COMPARE (last_act, LA_ACT_CONSISTENT); ++ + acts[nacts++] = cookie; + last_act_cookie = cookie; + } +- /* The LA_ACT_DELETE is called in the reverse order of LA_ACT_ADD +- at program termination (if the tests adds a dlclose or a library +- with extra dependencies this will need to be adapted). */ ++ /* LA_ACT_DELETE is called multiple times for each ++ namespace, depending on destruction order. */ + else if (this_act == LA_ACT_DELETE) +- { +- last_act_cookie = acts[--nacts]; +- TEST_COMPARE (acts[nacts], cookie); +- acts[nacts] = 0; +- } ++ last_act_cookie = cookie; + else if (this_act == LA_ACT_CONSISTENT) + { + TEST_COMPARE (cookie, last_act_cookie); ++ last_act_cookie = -1; + + /* LA_ACT_DELETE must always be followed by an la_objclose. */ + if (last_act == LA_ACT_DELETE) +@@ -179,6 +181,8 @@ do_test (int argc, char *argv[]) + objs[nobjs].lname = lname; + objs[nobjs].laddr = laddr; + objs[nobjs].lmid = lmid; ++ objs[nobjs].cookie = cookie; ++ objs[nobjs].namespace = last_act_cookie; + objs[nobjs].closed = false; + nobjs++; + +@@ -201,6 +205,12 @@ do_test (int argc, char *argv[]) + if (strcmp (lname, objs[i].lname) == 0 && lmid == objs[i].lmid) + { + TEST_COMPARE (objs[i].closed, false); ++ TEST_COMPARE (objs[i].cookie, cookie); ++ if (objs[i].namespace == -1) ++ /* No LA_ACT_ADD before the first la_objopen call. */ ++ TEST_COMPARE (acts[0], last_act_cookie); ++ else ++ TEST_COMPARE (objs[i].namespace, last_act_cookie); + objs[i].closed = true; + break; + } +@@ -209,11 +219,7 @@ do_test (int argc, char *argv[]) + /* la_objclose should be called after la_activity(LA_ACT_DELETE) for + the closed object's namespace. */ + TEST_COMPARE (last_act, LA_ACT_DELETE); +- if (!seen_first_objclose) +- { +- TEST_COMPARE (last_act_cookie, cookie); +- seen_first_objclose = true; +- } ++ seen_first_objclose = true; + } + } + diff --git a/elf/tst-auditmod28.c b/elf/tst-auditmod28.c index db7ba95abe..9e0a122c38 100644 --- a/elf/tst-auditmod28.c @@ -929,6 +1785,97 @@ index 0000000000..70c71fe19c +} + +#include +diff --git a/elf/tst-env-setuid-tunables.c b/elf/tst-env-setuid-tunables.c +index 88182b7b25..5e9e4c5756 100644 +--- a/elf/tst-env-setuid-tunables.c ++++ b/elf/tst-env-setuid-tunables.c +@@ -52,6 +52,8 @@ const char *teststrings[] = + "glibc.malloc.perturb=0x800:not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096", + "glibc.not_valid.check=2:glibc.malloc.mmap_threshold=4096", + "not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096", ++ "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096", ++ "glibc.malloc.check=2", + "glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096:glibc.malloc.check=2", + "glibc.malloc.check=4:glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096", + ":glibc.malloc.garbage=2:glibc.malloc.check=1", +@@ -70,6 +72,8 @@ const char *resultstrings[] = + "glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096", + "glibc.malloc.mmap_threshold=4096", + "glibc.malloc.mmap_threshold=4096", ++ "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096", ++ "", + "", + "", + "", +@@ -84,11 +88,18 @@ test_child (int off) + const char *val = getenv ("GLIBC_TUNABLES"); + + #if HAVE_TUNABLES ++ printf (" [%d] GLIBC_TUNABLES is %s\n", off, val); ++ fflush (stdout); + if (val != NULL && strcmp (val, resultstrings[off]) == 0) + return 0; + + if (val != NULL) +- printf ("[%d] Unexpected GLIBC_TUNABLES VALUE %s\n", off, val); ++ printf (" [%d] Unexpected GLIBC_TUNABLES VALUE %s, expected %s\n", ++ off, val, resultstrings[off]); ++ else ++ printf (" [%d] GLIBC_TUNABLES environment variable absent\n", off); ++ ++ fflush (stdout); + + return 1; + #else +@@ -117,21 +128,26 @@ do_test (int argc, char **argv) + if (ret != 0) + exit (1); + +- exit (EXIT_SUCCESS); ++ /* Special return code to make sure that the child executed all the way ++ through. */ ++ exit (42); + } + else + { +- int ret = 0; +- + /* Spawn tests. */ + for (int i = 0; i < array_length (teststrings); i++) + { + char buf[INT_BUFSIZE_BOUND (int)]; + +- printf ("Spawned test for %s (%d)\n", teststrings[i], i); ++ printf ("[%d] Spawned test for %s\n", i, teststrings[i]); + snprintf (buf, sizeof (buf), "%d\n", i); ++ fflush (stdout); + if (setenv ("GLIBC_TUNABLES", teststrings[i], 1) != 0) +- exit (1); ++ { ++ printf (" [%d] Failed to set GLIBC_TUNABLES: %m", i); ++ support_record_failure (); ++ continue; ++ } + + int status = support_capture_subprogram_self_sgid (buf); + +@@ -139,9 +155,14 @@ do_test (int argc, char **argv) + if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) + return EXIT_UNSUPPORTED; + +- ret |= status; ++ if (WEXITSTATUS (status) != 42) ++ { ++ printf (" [%d] child failed with status %d\n", i, ++ WEXITSTATUS (status)); ++ support_record_failure (); ++ } + } +- return ret; ++ return 0; + } + } + diff --git a/elf/tst-ldconfig-p.sh b/elf/tst-ldconfig-p.sh new file mode 100644 index 0000000000..ec937bf4ec @@ -1654,6 +2601,23 @@ index 0000000000..00b1b93342 +++ b/include/bits/wchar2-decl.h @@ -0,0 +1 @@ +#include +diff --git a/include/link.h b/include/link.h +index 0ac82d7c77..4eb8fe0d96 100644 +--- a/include/link.h ++++ b/include/link.h +@@ -253,8 +253,10 @@ struct link_map + /* Start and finish of memory map for this object. l_map_start + need not be the same as l_addr. */ + ElfW(Addr) l_map_start, l_map_end; +- /* End of the executable part of the mapping. */ +- ElfW(Addr) l_text_end; ++ ++ /* Linked list of objects in reverse ELF constructor execution ++ order. Head of list is stored in _dl_init_called_list. */ ++ struct link_map *l_init_called_next; + + /* Default array for 'l_scope'. */ + struct r_scope_elem *l_scope_mem[4]; diff --git a/include/resolv.h b/include/resolv.h index 3590b6f496..4dbbac3800 100644 --- a/include/resolv.h @@ -1668,19 +2632,36 @@ index 3590b6f496..4dbbac3800 100644 # endif /* _RESOLV_H_ && !_ISOMAC */ #endif diff --git a/io/Makefile b/io/Makefile -index b1710407d0..fb363c612c 100644 +index b1710407d0..b896484320 100644 --- a/io/Makefile +++ b/io/Makefile -@@ -80,7 +80,8 @@ tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \ +@@ -59,6 +59,7 @@ routines := \ + ftw64-time64 \ + closefrom close_range + ++ + others := pwd + test-srcs := ftwtest ftwtest-time64 + tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \ +@@ -80,7 +81,9 @@ tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \ tst-utimensat \ tst-closefrom \ tst-close_range \ - tst-ftw-bz28126 + tst-ftw-bz28126 \ -+ tst-fcntl-lock ++ tst-fcntl-lock \ ++ tst-fcntl-lock-lfs tests-time64 := \ tst-fcntl-time64 \ +diff --git a/io/tst-fcntl-lock-lfs.c b/io/tst-fcntl-lock-lfs.c +new file mode 100644 +index 0000000000..f2a909fb02 +--- /dev/null ++++ b/io/tst-fcntl-lock-lfs.c +@@ -0,0 +1,2 @@ ++#define _FILE_OFFSET_BITS 64 ++#include diff --git a/io/tst-fcntl-lock.c b/io/tst-fcntl-lock.c new file mode 100644 index 0000000000..357c4b7b56 @@ -2480,6 +3461,93 @@ index 9becb62033..31c64275f0 100644 map = __nscd_get_mapping (GETFDHST, "hosts", &__hst_map_handle.mapped); if (map == NO_MAPPING) +diff --git a/nss/Makefile b/nss/Makefile +index a978e3927a..7a52c68791 100644 +--- a/nss/Makefile ++++ b/nss/Makefile +@@ -81,6 +81,7 @@ tests-container := \ + tst-nss-test3 \ + tst-reload1 \ + tst-reload2 \ ++ tst-nss-gai-hv2-canonname \ + # tests-container + + # Tests which need libdl +@@ -144,7 +145,17 @@ libnss_compat-inhibit-o = $(filter-out .os,$(object-suffixes)) + ifeq ($(build-static-nss),yes) + tests-static += tst-nss-static + endif +-extra-test-objs += nss_test1.os nss_test2.os nss_test_errno.os ++extra-test-objs += nss_test1.os nss_test2.os nss_test_errno.os \ ++ nss_test_gai_hv2_canonname.os ++ ++ifeq ($(run-built-tests),yes) ++ifneq (no,$(PERL)) ++tests-special += $(objpfx)mtrace-tst-nss-gai-hv2-canonname.out ++endif ++endif ++ ++generated += mtrace-tst-nss-gai-hv2-canonname.out \ ++ tst-nss-gai-hv2-canonname.mtrace + + include ../Rules + +@@ -179,12 +190,16 @@ rtld-tests-LDFLAGS += -Wl,--dynamic-list=nss_test.ver + libof-nss_test1 = extramodules + libof-nss_test2 = extramodules + libof-nss_test_errno = extramodules ++libof-nss_test_gai_hv2_canonname = extramodules + $(objpfx)/libnss_test1.so: $(objpfx)nss_test1.os $(link-libc-deps) + $(build-module) + $(objpfx)/libnss_test2.so: $(objpfx)nss_test2.os $(link-libc-deps) + $(build-module) + $(objpfx)/libnss_test_errno.so: $(objpfx)nss_test_errno.os $(link-libc-deps) + $(build-module) ++$(objpfx)/libnss_test_gai_hv2_canonname.so: \ ++ $(objpfx)nss_test_gai_hv2_canonname.os $(link-libc-deps) ++ $(build-module) + $(objpfx)nss_test2.os : nss_test1.c + # Use the nss_files suffix for these objects as well. + $(objpfx)/libnss_test1.so$(libnss_files.so-version): $(objpfx)/libnss_test1.so +@@ -194,10 +209,14 @@ $(objpfx)/libnss_test2.so$(libnss_files.so-version): $(objpfx)/libnss_test2.so + $(objpfx)/libnss_test_errno.so$(libnss_files.so-version): \ + $(objpfx)/libnss_test_errno.so + $(make-link) ++$(objpfx)/libnss_test_gai_hv2_canonname.so$(libnss_files.so-version): \ ++ $(objpfx)/libnss_test_gai_hv2_canonname.so ++ $(make-link) + $(patsubst %,$(objpfx)%.out,$(tests) $(tests-container)) : \ + $(objpfx)/libnss_test1.so$(libnss_files.so-version) \ + $(objpfx)/libnss_test2.so$(libnss_files.so-version) \ +- $(objpfx)/libnss_test_errno.so$(libnss_files.so-version) ++ $(objpfx)/libnss_test_errno.so$(libnss_files.so-version) \ ++ $(objpfx)/libnss_test_gai_hv2_canonname.so$(libnss_files.so-version) + + ifeq (yes,$(have-thread-library)) + $(objpfx)tst-cancel-getpwuid_r: $(shared-thread-library) +@@ -206,6 +225,17 @@ endif + $(objpfx)tst-nss-files-alias-leak.out: $(objpfx)/libnss_files.so + $(objpfx)tst-nss-files-alias-truncated.out: $(objpfx)/libnss_files.so + ++tst-nss-gai-hv2-canonname-ENV = \ ++ MALLOC_TRACE=$(objpfx)tst-nss-gai-hv2-canonname.mtrace \ ++ LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so ++$(objpfx)mtrace-tst-nss-gai-hv2-canonname.out: \ ++ $(objpfx)tst-nss-gai-hv2-canonname.out ++ { test -r $(objpfx)tst-nss-gai-hv2-canonname.mtrace \ ++ || ( echo "tst-nss-gai-hv2-canonname.mtrace does not exist"; exit 77; ) \ ++ && $(common-objpfx)malloc/mtrace \ ++ $(objpfx)tst-nss-gai-hv2-canonname.mtrace; } > $@; \ ++ $(evaluate-test) ++ + # Disable DT_RUNPATH on NSS tests so that the glibc internal NSS + # functions can load testing NSS modules via DT_RPATH. + LDFLAGS-tst-nss-test1 = -Wl,--disable-new-dtags +@@ -214,3 +244,4 @@ LDFLAGS-tst-nss-test3 = -Wl,--disable-new-dtags + LDFLAGS-tst-nss-test4 = -Wl,--disable-new-dtags + LDFLAGS-tst-nss-test5 = -Wl,--disable-new-dtags + LDFLAGS-tst-nss-test_errno = -Wl,--disable-new-dtags ++LDFLAGS-tst-nss-test_gai_hv2_canonname = -Wl,--disable-new-dtags diff --git a/nss/getent.c b/nss/getent.c index 8178b4b470..d2d2524b0c 100644 --- a/nss/getent.c @@ -2523,6 +3591,68 @@ index 8178b4b470..d2d2524b0c 100644 default: return ARGP_ERR_UNKNOWN; } +diff --git a/nss/nss_test_gai_hv2_canonname.c b/nss/nss_test_gai_hv2_canonname.c +new file mode 100644 +index 0000000000..4439c83c9f +--- /dev/null ++++ b/nss/nss_test_gai_hv2_canonname.c +@@ -0,0 +1,56 @@ ++/* NSS service provider that only provides gethostbyname2_r. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include "nss/tst-nss-gai-hv2-canonname.h" ++ ++/* Catch misnamed and functions. */ ++#pragma GCC diagnostic error "-Wmissing-prototypes" ++NSS_DECLARE_MODULE_FUNCTIONS (test_gai_hv2_canonname) ++ ++extern enum nss_status _nss_files_gethostbyname2_r (const char *, int, ++ struct hostent *, char *, ++ size_t, int *, int *); ++ ++enum nss_status ++_nss_test_gai_hv2_canonname_gethostbyname2_r (const char *name, int af, ++ struct hostent *result, ++ char *buffer, size_t buflen, ++ int *errnop, int *herrnop) ++{ ++ return _nss_files_gethostbyname2_r (name, af, result, buffer, buflen, errnop, ++ herrnop); ++} ++ ++enum nss_status ++_nss_test_gai_hv2_canonname_getcanonname_r (const char *name, char *buffer, ++ size_t buflen, char **result, ++ int *errnop, int *h_errnop) ++{ ++ /* We expect QUERYNAME, which is a small enough string that it shouldn't fail ++ the test. */ ++ if (memcmp (QUERYNAME, name, sizeof (QUERYNAME)) ++ || buflen < sizeof (QUERYNAME)) ++ abort (); ++ ++ strncpy (buffer, name, buflen); ++ *result = buffer; ++ return NSS_STATUS_SUCCESS; ++} diff --git a/nss/tst-nss-files-hosts-long.c b/nss/tst-nss-files-hosts-long.c index 3942cf5fca..a7697e3143 100644 --- a/nss/tst-nss-files-hosts-long.c @@ -2547,6 +3677,96 @@ index 3942cf5fca..a7697e3143 100644 if (ret != 0) FAIL_EXIT1("ahostsv6 failed"); +diff --git a/nss/tst-nss-gai-hv2-canonname.c b/nss/tst-nss-gai-hv2-canonname.c +new file mode 100644 +index 0000000000..7db53cf09d +--- /dev/null ++++ b/nss/tst-nss-gai-hv2-canonname.c +@@ -0,0 +1,66 @@ ++/* Test NSS query path for plugins that only implement gethostbyname2 ++ (#30843). ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "nss/tst-nss-gai-hv2-canonname.h" ++ ++#define PREPARE do_prepare ++ ++static void do_prepare (int a, char **av) ++{ ++ FILE *hosts = xfopen ("/etc/hosts", "w"); ++ for (unsigned i = 2; i < 255; i++) ++ { ++ fprintf (hosts, "ff01::ff02:ff03:%u:2\ttest.example.com\n", i); ++ fprintf (hosts, "192.168.0.%u\ttest.example.com\n", i); ++ } ++ xfclose (hosts); ++} ++ ++static int ++do_test (void) ++{ ++ mtrace (); ++ ++ __nss_configure_lookup ("hosts", "test_gai_hv2_canonname"); ++ ++ struct addrinfo hints = {}; ++ struct addrinfo *result = NULL; ++ ++ hints.ai_family = AF_INET6; ++ hints.ai_flags = AI_ALL | AI_V4MAPPED | AI_CANONNAME; ++ ++ int ret = getaddrinfo (QUERYNAME, NULL, &hints, &result); ++ ++ if (ret != 0) ++ FAIL_EXIT1 ("getaddrinfo failed: %s\n", gai_strerror (ret)); ++ ++ TEST_COMPARE_STRING (result->ai_canonname, QUERYNAME); ++ ++ freeaddrinfo(result); ++ return 0; ++} ++ ++#include +diff --git a/nss/tst-nss-gai-hv2-canonname.h b/nss/tst-nss-gai-hv2-canonname.h +new file mode 100644 +index 0000000000..14f2a9cb08 +--- /dev/null ++++ b/nss/tst-nss-gai-hv2-canonname.h +@@ -0,0 +1 @@ ++#define QUERYNAME "test.example.com" +diff --git a/nss/tst-nss-gai-hv2-canonname.root/postclean.req b/nss/tst-nss-gai-hv2-canonname.root/postclean.req +new file mode 100644 +index 0000000000..e69de29bb2 +diff --git a/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script b/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script +new file mode 100644 +index 0000000000..31848b4a28 +--- /dev/null ++++ b/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script +@@ -0,0 +1,2 @@ ++cp $B/nss/libnss_test_gai_hv2_canonname.so $L/libnss_test_gai_hv2_canonname.so.2 ++su diff --git a/nss/tst-reload1.c b/nss/tst-reload1.c index fdc5bdd65b..bc32bb132a 100644 --- a/nss/tst-reload1.c @@ -2582,7 +3802,7 @@ index fdc5bdd65b..bc32bb132a 100644 static struct hostent host_table_2[] = { diff --git a/resolv/Makefile b/resolv/Makefile -index 5b15321f9b..f8a92c6cff 100644 +index 5b15321f9b..28cedf49ee 100644 --- a/resolv/Makefile +++ b/resolv/Makefile @@ -40,12 +40,16 @@ routines := \ @@ -2602,7 +3822,7 @@ index 5b15321f9b..f8a92c6cff 100644 ns_samename \ nsap_addr \ nss_dns_functions \ -@@ -89,9 +93,12 @@ tests += \ +@@ -89,11 +93,15 @@ tests += \ tst-ns_name_pton \ tst-res_hconf_reorder \ tst-res_hnok \ @@ -2614,8 +3834,11 @@ index 5b15321f9b..f8a92c6cff 100644 + tst-resolv-invalid-cname \ tst-resolv-network \ tst-resolv-noaaaa \ ++ tst-resolv-noaaaa-vc \ tst-resolv-nondecimal \ -@@ -104,6 +111,18 @@ tests += \ + tst-resolv-res_init-multi \ + tst-resolv-search \ +@@ -104,6 +112,18 @@ tests += \ tests-internal += tst-resolv-txnid-collision tests-static += tst-resolv-txnid-collision @@ -2634,7 +3857,7 @@ index 5b15321f9b..f8a92c6cff 100644 # These tests need libdl. ifeq (yes,$(build-shared)) tests += \ -@@ -258,8 +277,10 @@ $(objpfx)tst-resolv-ai_idn.out: $(gen-locales) +@@ -258,8 +278,10 @@ $(objpfx)tst-resolv-ai_idn.out: $(gen-locales) $(objpfx)tst-resolv-ai_idn-latin1.out: $(gen-locales) $(objpfx)tst-resolv-ai_idn-nolibidn2.out: \ $(gen-locales) $(objpfx)tst-no-libidn2.so @@ -2645,15 +3868,17 @@ index 5b15321f9b..f8a92c6cff 100644 $(objpfx)tst-resolv-edns: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-network: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-res_init: $(objpfx)libresolv.so -@@ -267,6 +288,8 @@ $(objpfx)tst-resolv-res_init-multi: $(objpfx)libresolv.so \ +@@ -267,7 +289,10 @@ $(objpfx)tst-resolv-res_init-multi: $(objpfx)libresolv.so \ $(shared-thread-library) $(objpfx)tst-resolv-res_init-thread: $(objpfx)libresolv.so \ $(shared-thread-library) +$(objpfx)tst-resolv-invalid-cname: $(objpfx)libresolv.so \ + $(shared-thread-library) $(objpfx)tst-resolv-noaaaa: $(objpfx)libresolv.so $(shared-thread-library) ++$(objpfx)tst-resolv-noaaaa-vc: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library) diff --git a/resolv/README b/resolv/README index 514e9bb617..2146bc3b27 100644 --- a/resolv/README @@ -3118,7 +4343,7 @@ index 0000000000..9a47d8e97a + return *a == 0 && *b == 0; +} diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c -index 544cffbecd..9fa81f23c8 100644 +index 544cffbecd..227734da5c 100644 --- a/resolv/nss_dns/dns-host.c +++ b/resolv/nss_dns/dns-host.c @@ -69,6 +69,7 @@ @@ -3392,7 +4617,7 @@ index 544cffbecd..9fa81f23c8 100644 - host_buffer.buf->buf, 2048, NULL, - NULL, NULL, NULL, NULL); + dns_packet_buffer, sizeof (dns_packet_buffer), -+ NULL, NULL, NULL, NULL, NULL); ++ &alt_dns_packet_buffer, NULL, NULL, NULL, NULL); if (n >= 0) - status = gaih_getanswer_noaaaa (host_buffer.buf, n, - name, pat, buffer, buflen, @@ -6081,6 +7306,141 @@ index 0000000000..05725225af + resolv_response_add_data (b, "", 1); + resolv_response_close_record (b); +} +diff --git a/resolv/tst-resolv-noaaaa-vc.c b/resolv/tst-resolv-noaaaa-vc.c +new file mode 100644 +index 0000000000..9f5aebd99f +--- /dev/null ++++ b/resolv/tst-resolv-noaaaa-vc.c +@@ -0,0 +1,129 @@ ++/* Test the RES_NOAAAA resolver option with a large response. ++ Copyright (C) 2022-2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/* Used to keep track of the number of queries. */ ++static volatile unsigned int queries; ++ ++/* If true, add a large TXT record at the start of the answer section. */ ++static volatile bool stuff_txt; ++ ++static void ++response (const struct resolv_response_context *ctx, ++ struct resolv_response_builder *b, ++ const char *qname, uint16_t qclass, uint16_t qtype) ++{ ++ /* If not using TCP, just force its use. */ ++ if (!ctx->tcp) ++ { ++ struct resolv_response_flags flags = {.tc = true}; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ return; ++ } ++ ++ /* The test needs to send four queries, the first three are used to ++ grow the NSS buffer via the ERANGE handshake. */ ++ ++queries; ++ TEST_VERIFY (queries <= 4); ++ ++ /* AAAA queries are supposed to be disabled. */ ++ TEST_COMPARE (qtype, T_A); ++ TEST_COMPARE (qclass, C_IN); ++ TEST_COMPARE_STRING (qname, "example.com"); ++ ++ struct resolv_response_flags flags = {}; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ ++ resolv_response_section (b, ns_s_an); ++ ++ if (stuff_txt) ++ { ++ resolv_response_open_record (b, qname, qclass, T_TXT, 60); ++ int zero = 0; ++ for (int i = 0; i <= 15000; ++i) ++ resolv_response_add_data (b, &zero, sizeof (zero)); ++ resolv_response_close_record (b); ++ } ++ ++ for (int i = 0; i < 200; ++i) ++ { ++ resolv_response_open_record (b, qname, qclass, qtype, 60); ++ char ipv4[4] = {192, 0, 2, i + 1}; ++ resolv_response_add_data (b, &ipv4, sizeof (ipv4)); ++ resolv_response_close_record (b); ++ } ++} ++ ++static int ++do_test (void) ++{ ++ struct resolv_test *obj = resolv_test_start ++ ((struct resolv_redirect_config) ++ { ++ .response_callback = response ++ }); ++ ++ _res.options |= RES_NOAAAA; ++ ++ for (int do_stuff_txt = 0; do_stuff_txt < 2; ++do_stuff_txt) ++ { ++ queries = 0; ++ stuff_txt = do_stuff_txt; ++ ++ struct addrinfo *ai = NULL; ++ int ret; ++ ret = getaddrinfo ("example.com", "80", ++ &(struct addrinfo) ++ { ++ .ai_family = AF_UNSPEC, ++ .ai_socktype = SOCK_STREAM, ++ }, &ai); ++ ++ char *expected_result; ++ { ++ struct xmemstream mem; ++ xopen_memstream (&mem); ++ for (int i = 0; i < 200; ++i) ++ fprintf (mem.out, "address: STREAM/TCP 192.0.2.%d 80\n", i + 1); ++ xfclose_memstream (&mem); ++ expected_result = mem.buffer; ++ } ++ ++ check_addrinfo ("example.com", ai, ret, expected_result); ++ ++ free (expected_result); ++ freeaddrinfo (ai); ++ } ++ ++ resolv_test_end (obj); ++ return 0; ++} ++ ++#include diff --git a/scripts/dso-ordering-test.py b/scripts/dso-ordering-test.py index 2dd6bfda18..b87cf2f809 100644 --- a/scripts/dso-ordering-test.py @@ -6837,14 +8197,37 @@ index 909b208578..d66f0b9c45 100644 ldp q2, q3, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*1] ldp q4, q5, [x29, #OFFSET_RV + DL_OFFSET_RV_V0 + 32*2] diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h -index 050a3032de..6b256b8388 100644 +index 050a3032de..ab8a7fbf84 100644 --- a/sysdeps/generic/ldsodefs.h +++ b/sysdeps/generic/ldsodefs.h -@@ -1048,9 +1048,11 @@ extern void _dl_init (struct link_map *main_map, int argc, char **argv, +@@ -105,6 +105,9 @@ typedef struct link_map *lookup_t; + DT_PREINIT_ARRAY. */ + typedef void (*dl_init_t) (int, char **, char **); + ++/* Type of a constructor function, in DT_FINI, DT_FINI_ARRAY. */ ++typedef void (*fini_t) (void); ++ + /* On some architectures a pointer to a function is not just a pointer + to the actual code of the function but rather an architecture + specific descriptor. */ +@@ -1044,13 +1047,24 @@ extern int _dl_check_map_versions (struct link_map *map, int verbose, + extern void _dl_init (struct link_map *main_map, int argc, char **argv, + char **env) attribute_hidden; + ++/* List of ELF objects in reverse order of their constructor ++ invocation. */ ++extern struct link_map *_dl_init_called_list attribute_hidden; ++ + /* Call the finalizer functions of all shared objects whose initializer functions have completed. */ extern void _dl_fini (void) attribute_hidden; -/* Sort array MAPS according to dependencies of the contained objects. */ ++/* Invoke the DT_FINI_ARRAY and DT_FINI destructors for MAP, which ++ must be a struct link_map *. Can be used as an argument to ++ _dl_catch_exception. */ ++void _dl_call_fini (void *map) attribute_hidden; ++ +/* Sort array MAPS according to dependencies of the contained objects. + If FORCE_FIRST, MAPS[0] keeps its place even if the dependencies + say otherwise. */ @@ -7130,10 +8513,81 @@ index d3a6837fd2..425f514c5c 100644 typedef pthread_rwlock_t __libc_rwlock_t; diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index bcff909b2f..5cda9bb072 100644 +index bcff909b2f..f975dcd2bc 100644 --- a/sysdeps/posix/getaddrinfo.c +++ b/sysdeps/posix/getaddrinfo.c -@@ -540,11 +540,11 @@ get_nscd_addresses (const char *name, const struct addrinfo *req, +@@ -120,6 +120,7 @@ struct gaih_result + { + struct gaih_addrtuple *at; + char *canon; ++ char *h_name; + bool free_at; + bool got_ipv6; + }; +@@ -165,6 +166,7 @@ gaih_result_reset (struct gaih_result *res) + if (res->free_at) + free (res->at); + free (res->canon); ++ free (res->h_name); + memset (res, 0, sizeof (*res)); + } + +@@ -203,9 +205,8 @@ gaih_inet_serv (const char *servicename, const struct gaih_typeproto *tp, + return 0; + } + +-/* Convert struct hostent to a list of struct gaih_addrtuple objects. h_name +- is not copied, and the struct hostent object must not be deallocated +- prematurely. The new addresses are appended to the tuple array in RES. */ ++/* Convert struct hostent to a list of struct gaih_addrtuple objects. The new ++ addresses are appended to the tuple array in RES. */ + static bool + convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, + struct hostent *h, struct gaih_result *res) +@@ -238,6 +239,15 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, + res->at = array; + res->free_at = true; + ++ /* Duplicate h_name because it may get reclaimed when the underlying storage ++ is freed. */ ++ if (res->h_name == NULL) ++ { ++ res->h_name = __strdup (h->h_name); ++ if (res->h_name == NULL) ++ return false; ++ } ++ + /* Update the next pointers on reallocation. */ + for (size_t i = 0; i < old; i++) + array[i].next = array + i + 1; +@@ -262,7 +272,6 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, + } + array[i].next = array + i + 1; + } +- array[0].name = h->h_name; + array[count - 1].next = NULL; + + return true; +@@ -324,15 +333,15 @@ gethosts (nss_gethostbyname3_r fct, int family, const char *name, + memory allocation failure. The returned string is allocated on the + heap; the caller has to free it. */ + static char * +-getcanonname (nss_action_list nip, struct gaih_addrtuple *at, const char *name) ++getcanonname (nss_action_list nip, const char *hname, const char *name) + { + nss_getcanonname_r *cfct = __nss_lookup_function (nip, "getcanonname_r"); + char *s = (char *) name; + if (cfct != NULL) + { + char buf[256]; +- if (DL_CALL_FCT (cfct, (at->name ?: name, buf, sizeof (buf), +- &s, &errno, &h_errno)) != NSS_STATUS_SUCCESS) ++ if (DL_CALL_FCT (cfct, (hname ?: name, buf, sizeof (buf), &s, &errno, ++ &h_errno)) != NSS_STATUS_SUCCESS) + /* If the canonical name cannot be determined, use the passed + string. */ + s = (char *) name; +@@ -540,11 +549,11 @@ get_nscd_addresses (const char *name, const struct addrinfo *req, at[count].addr[2] = htonl (0xffff); } else if (req->ai_family == AF_UNSPEC @@ -7148,6 +8602,26 @@ index bcff909b2f..5cda9bb072 100644 res->got_ipv6 = true; } at[count].next = at + count + 1; +@@ -771,7 +780,7 @@ get_nss_addresses (const char *name, const struct addrinfo *req, + if ((req->ai_flags & AI_CANONNAME) != 0 + && res->canon == NULL) + { +- char *canonbuf = getcanonname (nip, res->at, name); ++ char *canonbuf = getcanonname (nip, res->h_name, name); + if (canonbuf == NULL) + { + __resolv_context_put (res_ctx); +@@ -1187,9 +1196,7 @@ free_and_return: + if (malloc_name) + free ((char *) name); + free (addrmem); +- if (res.free_at) +- free (res.at); +- free (res.canon); ++ gaih_result_reset (&res); + + return result; + } diff --git a/sysdeps/posix/system.c b/sysdeps/posix/system.c index 8014f63355..20c9420dd4 100644 --- a/sysdeps/posix/system.c @@ -8302,14 +9776,14 @@ index a263d294b1..cf35c8bfc9 100644 { return INLINE_SYSCALL_CALL (getrandom, buf, buflen, flags); diff --git a/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h b/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h -index d7cf158b33..49c8fac0fb 100644 +index d7cf158b33..0ca6e69ee9 100644 --- a/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h +++ b/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h @@ -33,6 +33,12 @@ # define __O_LARGEFILE 0200000 #endif -+#if __WORDSIZE == 64 ++#if __WORDSIZE == 64 && !defined __USE_FILE_OFFSET64 +# define F_GETLK 5 +# define F_SETLK 6 +# define F_SETLKW 7 @@ -8953,13 +10427,205 @@ index 037af22290..5711d1c312 100644 char *path = xasprintf ("/proc/%d/fd/%d", pid, remote_fd); diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h -index e9f3382108..637b5a022d 100644 +index e9f3382108..d95c1efa2c 100644 --- a/sysdeps/x86/dl-cacheinfo.h +++ b/sysdeps/x86/dl-cacheinfo.h -@@ -861,6 +861,18 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - share of the cache, it has a substantial risk of negatively - impacting the performance of other threads running on the chip. */ - unsigned long int non_temporal_threshold = shared * 3 / 4; +@@ -478,7 +478,7 @@ handle_zhaoxin (int name) + } + + static void +-get_common_cache_info (long int *shared_ptr, unsigned int *threads_ptr, ++get_common_cache_info (long int *shared_ptr, long int * shared_per_thread_ptr, unsigned int *threads_ptr, + long int core) + { + unsigned int eax; +@@ -497,6 +497,7 @@ get_common_cache_info (long int *shared_ptr, unsigned int *threads_ptr, + unsigned int family = cpu_features->basic.family; + unsigned int model = cpu_features->basic.model; + long int shared = *shared_ptr; ++ long int shared_per_thread = *shared_per_thread_ptr; + unsigned int threads = *threads_ptr; + bool inclusive_cache = true; + bool support_count_mask = true; +@@ -512,6 +513,7 @@ get_common_cache_info (long int *shared_ptr, unsigned int *threads_ptr, + /* Try L2 otherwise. */ + level = 2; + shared = core; ++ shared_per_thread = core; + threads_l2 = 0; + threads_l3 = -1; + } +@@ -668,29 +670,27 @@ get_common_cache_info (long int *shared_ptr, unsigned int *threads_ptr, + } + else + { +-intel_bug_no_cache_info: +- /* Assume that all logical threads share the highest cache +- level. */ +- threads +- = ((cpu_features->features[CPUID_INDEX_1].cpuid.ebx >> 16) +- & 0xff); +- } +- +- /* Cap usage of highest cache level to the number of supported +- threads. */ +- if (shared > 0 && threads > 0) +- shared /= threads; ++ intel_bug_no_cache_info: ++ /* Assume that all logical threads share the highest cache ++ level. */ ++ threads = ((cpu_features->features[CPUID_INDEX_1].cpuid.ebx >> 16) ++ & 0xff); ++ } ++ /* Get per-thread size of highest level cache. */ ++ if (shared_per_thread > 0 && threads > 0) ++ shared_per_thread /= threads; + } + + /* Account for non-inclusive L2 and L3 caches. */ + if (!inclusive_cache) + { +- if (threads_l2 > 0) +- core /= threads_l2; ++ long int core_per_thread = threads_l2 > 0 ? (core / threads_l2) : core; ++ shared_per_thread += core_per_thread; + shared += core; + } + + *shared_ptr = shared; ++ *shared_per_thread_ptr = shared_per_thread; + *threads_ptr = threads; + } + +@@ -704,6 +704,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + int max_cpuid_ex; + long int data = -1; + long int shared = -1; ++ long int shared_per_thread = -1; + long int core = -1; + unsigned int threads = 0; + unsigned long int level1_icache_size = -1; +@@ -724,6 +725,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + data = handle_intel (_SC_LEVEL1_DCACHE_SIZE, cpu_features); + core = handle_intel (_SC_LEVEL2_CACHE_SIZE, cpu_features); + shared = handle_intel (_SC_LEVEL3_CACHE_SIZE, cpu_features); ++ shared_per_thread = shared; + + level1_icache_size + = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features); +@@ -747,13 +749,14 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + level4_cache_size + = handle_intel (_SC_LEVEL4_CACHE_SIZE, cpu_features); + +- get_common_cache_info (&shared, &threads, core); ++ get_common_cache_info (&shared, &shared_per_thread, &threads, core); + } + else if (cpu_features->basic.kind == arch_kind_zhaoxin) + { + data = handle_zhaoxin (_SC_LEVEL1_DCACHE_SIZE); + core = handle_zhaoxin (_SC_LEVEL2_CACHE_SIZE); + shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE); ++ shared_per_thread = shared; + + level1_icache_size = handle_zhaoxin (_SC_LEVEL1_ICACHE_SIZE); + level1_icache_linesize = handle_zhaoxin (_SC_LEVEL1_ICACHE_LINESIZE); +@@ -767,13 +770,14 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + level3_cache_assoc = handle_zhaoxin (_SC_LEVEL3_CACHE_ASSOC); + level3_cache_linesize = handle_zhaoxin (_SC_LEVEL3_CACHE_LINESIZE); + +- get_common_cache_info (&shared, &threads, core); ++ get_common_cache_info (&shared, &shared_per_thread, &threads, core); + } + else if (cpu_features->basic.kind == arch_kind_amd) + { + data = handle_amd (_SC_LEVEL1_DCACHE_SIZE); + core = handle_amd (_SC_LEVEL2_CACHE_SIZE); + shared = handle_amd (_SC_LEVEL3_CACHE_SIZE); ++ shared_per_thread = shared; + + level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE); + level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE); +@@ -791,8 +795,11 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + __cpuid (0x80000000, max_cpuid_ex, ebx, ecx, edx); + + if (shared <= 0) +- /* No shared L3 cache. All we have is the L2 cache. */ +- shared = core; ++ { ++ /* No shared L3 cache. All we have is the L2 cache. */ ++ shared = core; ++ shared_per_thread = core; ++ } + else + { + /* Figure out the number of logical threads that share L3. */ +@@ -816,7 +823,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + /* Cap usage of highest cache level to the number of + supported threads. */ + if (threads > 0) +- shared /= threads; ++ shared_per_thread /= threads; + + /* Get shared cache per ccx for Zen architectures. */ + if (cpu_features->basic.family >= 0x17) +@@ -827,12 +834,13 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + __cpuid_count (0x8000001D, 0x3, eax, ebx, ecx, edx); + + unsigned int threads_per_ccx = ((eax >> 14) & 0xfff) + 1; +- shared *= threads_per_ccx; ++ shared_per_thread *= threads_per_ccx; + } + else + { + /* Account for exclusive L2 and L3 caches. */ + shared += core; ++ shared_per_thread += core; + } + } + } +@@ -850,17 +858,46 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) + cpu_features->level3_cache_linesize = level3_cache_linesize; + cpu_features->level4_cache_size = level4_cache_size; + +- /* The default setting for the non_temporal threshold is 3/4 of one +- thread's share of the chip's cache. For most Intel and AMD processors +- with an initial release date between 2017 and 2020, a thread's typical +- share of the cache is from 500 KBytes to 2 MBytes. Using the 3/4 +- threshold leaves 125 KBytes to 500 KBytes of the thread's data +- in cache after a maximum temporal copy, which will maintain +- in cache a reasonable portion of the thread's stack and other +- active data. If the threshold is set higher than one thread's +- share of the cache, it has a substantial risk of negatively +- impacting the performance of other threads running on the chip. */ +- unsigned long int non_temporal_threshold = shared * 3 / 4; ++ /* The default setting for the non_temporal threshold is 1/4 of size ++ of the chip's cache. For most Intel and AMD processors with an ++ initial release date between 2017 and 2023, a thread's typical ++ share of the cache is from 18-64MB. Using the 1/4 L3 is meant to ++ estimate the point where non-temporal stores begin out-competing ++ REP MOVSB. As well the point where the fact that non-temporal ++ stores are forced back to main memory would already occurred to the ++ majority of the lines in the copy. Note, concerns about the ++ entire L3 cache being evicted by the copy are mostly alleviated ++ by the fact that modern HW detects streaming patterns and ++ provides proper LRU hints so that the maximum thrashing ++ capped at 1/associativity. */ ++ unsigned long int non_temporal_threshold = shared / 4; ++ ++ /* If the computed non_temporal_threshold <= 3/4 * per-thread L3, we most ++ likely have incorrect/incomplete cache info in which case, default to ++ 3/4 * per-thread L3 to avoid regressions. */ ++ unsigned long int non_temporal_threshold_lowbound ++ = shared_per_thread * 3 / 4; ++ if (non_temporal_threshold < non_temporal_threshold_lowbound) ++ non_temporal_threshold = non_temporal_threshold_lowbound; ++ ++ /* If no ERMS, we use the per-thread L3 chunking. Normal cacheable stores run ++ a higher risk of actually thrashing the cache as they don't have a HW LRU ++ hint. As well, their performance in highly parallel situations is ++ noticeably worse. */ ++ if (!CPU_FEATURE_USABLE_P (cpu_features, ERMS)) ++ non_temporal_threshold = non_temporal_threshold_lowbound; + /* SIZE_MAX >> 4 because memmove-vec-unaligned-erms right-shifts the value of + 'x86_non_temporal_threshold' by `LOG_4X_MEMCPY_THRESH` (4) and it is best + if that operation cannot overflow. Minimum of 0x4040 (16448) because the @@ -8975,7 +10641,7 @@ index e9f3382108..637b5a022d 100644 #if HAVE_TUNABLES /* NB: The REP MOVSB threshold must be greater than VEC_SIZE * 8. */ -@@ -915,8 +927,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -915,8 +952,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) shared = tunable_size; tunable_size = TUNABLE_GET (x86_non_temporal_threshold, long int, NULL); @@ -8986,7 +10652,7 @@ index e9f3382108..637b5a022d 100644 non_temporal_threshold = tunable_size; tunable_size = TUNABLE_GET (x86_rep_movsb_threshold, long int, NULL); -@@ -931,14 +943,9 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) +@@ -931,14 +968,9 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) TUNABLE_SET_WITH_BOUNDS (x86_data_cache_size, data, 0, SIZE_MAX); TUNABLE_SET_WITH_BOUNDS (x86_shared_cache_size, shared, 0, SIZE_MAX); From d701fba4d517c5de9b12166d5d44c365b415ff71 Mon Sep 17 00:00:00 2001 From: Juergen Daubert Date: Thu, 5 Oct 2023 10:17:43 +0200 Subject: [PATCH 03/14] gettext: update to 0.22.3 --- gettext/.footprint | 28 ++++++++++++++-------------- gettext/.signature | 8 ++++---- gettext/Pkgfile | 2 +- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/gettext/.footprint b/gettext/.footprint index 3e312ed6..44ae6513 100644 --- a/gettext/.footprint +++ b/gettext/.footprint @@ -42,18 +42,18 @@ drwxr-xr-x root/root usr/lib/gettext/ lrwxrwxrwx root/root usr/lib/libasprintf.so -> libasprintf.so.0.0.0 lrwxrwxrwx root/root usr/lib/libasprintf.so.0 -> libasprintf.so.0.0.0 -rwxr-xr-x root/root usr/lib/libasprintf.so.0.0.0 --rwxr-xr-x root/root usr/lib/libgettextlib-0.22.2.so +-rwxr-xr-x root/root usr/lib/libgettextlib-0.22.3.so -rw-r--r-- root/root usr/lib/libgettextlib.a -rwxr-xr-x root/root usr/lib/libgettextlib.la -lrwxrwxrwx root/root usr/lib/libgettextlib.so -> libgettextlib-0.22.2.so +lrwxrwxrwx root/root usr/lib/libgettextlib.so -> libgettextlib-0.22.3.so -rw-r--r-- root/root usr/lib/libgettextpo.a -rwxr-xr-x root/root usr/lib/libgettextpo.la lrwxrwxrwx root/root usr/lib/libgettextpo.so -> libgettextpo.so.0.5.10 lrwxrwxrwx root/root usr/lib/libgettextpo.so.0 -> libgettextpo.so.0.5.10 -rwxr-xr-x root/root usr/lib/libgettextpo.so.0.5.10 --rwxr-xr-x root/root usr/lib/libgettextsrc-0.22.2.so +-rwxr-xr-x root/root usr/lib/libgettextsrc-0.22.3.so -rwxr-xr-x root/root usr/lib/libgettextsrc.la -lrwxrwxrwx root/root usr/lib/libgettextsrc.so -> libgettextsrc-0.22.2.so +lrwxrwxrwx root/root usr/lib/libgettextsrc.so -> libgettextsrc-0.22.3.so -rw-r--r-- root/root usr/lib/libtextstyle.a -rwxr-xr-x root/root usr/lib/libtextstyle.la lrwxrwxrwx root/root usr/lib/libtextstyle.so -> libtextstyle.so.0.2.1 @@ -73,16 +73,16 @@ drwxr-xr-x root/root usr/share/aclocal/ -rw-r--r-- root/root usr/share/aclocal/nls.m4 -rw-r--r-- root/root usr/share/aclocal/po.m4 -rw-r--r-- root/root usr/share/aclocal/progtest.m4 -drwxr-xr-x root/root usr/share/gettext-0.22.2/ -drwxr-xr-x root/root usr/share/gettext-0.22.2/its/ --rw-r--r-- root/root usr/share/gettext-0.22.2/its/glade.loc --rw-r--r-- root/root usr/share/gettext-0.22.2/its/glade1.its --rw-r--r-- root/root usr/share/gettext-0.22.2/its/glade2.its --rw-r--r-- root/root usr/share/gettext-0.22.2/its/gsettings.its --rw-r--r-- root/root usr/share/gettext-0.22.2/its/gsettings.loc --rw-r--r-- root/root usr/share/gettext-0.22.2/its/gtkbuilder.its --rw-r--r-- root/root usr/share/gettext-0.22.2/its/metainfo.its --rw-r--r-- root/root usr/share/gettext-0.22.2/its/metainfo.loc +drwxr-xr-x root/root usr/share/gettext-0.22.3/ +drwxr-xr-x root/root usr/share/gettext-0.22.3/its/ +-rw-r--r-- root/root usr/share/gettext-0.22.3/its/glade.loc +-rw-r--r-- root/root usr/share/gettext-0.22.3/its/glade1.its +-rw-r--r-- root/root usr/share/gettext-0.22.3/its/glade2.its +-rw-r--r-- root/root usr/share/gettext-0.22.3/its/gsettings.its +-rw-r--r-- root/root usr/share/gettext-0.22.3/its/gsettings.loc +-rw-r--r-- root/root usr/share/gettext-0.22.3/its/gtkbuilder.its +-rw-r--r-- root/root usr/share/gettext-0.22.3/its/metainfo.its +-rw-r--r-- root/root usr/share/gettext-0.22.3/its/metainfo.loc drwxr-xr-x root/root usr/share/gettext/ -rw-r--r-- root/root usr/share/gettext/ABOUT-NLS -rw-r--r-- root/root usr/share/gettext/archive.dir.tar.xz diff --git a/gettext/.signature b/gettext/.signature index 1130f01e..f6a1a5cc 100644 --- a/gettext/.signature +++ b/gettext/.signature @@ -1,5 +1,5 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVequ7i4c2nFS4J8pxJfCvyJ4eu1YHj1CuQlQYkkqNWooE6LqFq2K41mabkDju/y8DyiP4bOGyQo3sIYxO+RjFtQgg= -SHA256 (Pkgfile) = f42793805b963ca51069de2ddbf16ddca0f705a007b8f5d690041251ecd8e344 -SHA256 (.footprint) = fb79e2efa828f966d1545b6ccd9da0d8bc2cd88154201b31cb6753b53a744424 -SHA256 (gettext-0.22.2.tar.xz) = 4c82fbfe5e53d71a97c634aa98a898b9da807b08b27410f6a4641e8bb44dc4b2 +RWRJc1FUaeVequLftpKou8dI2u2GX0euvuLGwiQziy9dKp82p6X9yrAzEBMZ/OBNy9Sg+JDtEGOLTM8P0XBU96dqkfnm9m+aeAE= +SHA256 (Pkgfile) = 2b56e07a43589485ff4d4ecca870ca026bda262891b5cc604ce3a3fccac1e91a +SHA256 (.footprint) = 6da68cb5aac3fc86a175fabda9e2b0e7b2a63189a3610d13420db1198c7fc6f9 +SHA256 (gettext-0.22.3.tar.xz) = b838228b3f8823a6c1eddf07297197c4db13f7e1b173b9ef93f3f945a63080b6 diff --git a/gettext/Pkgfile b/gettext/Pkgfile index 4a49d7a9..c063ec67 100644 --- a/gettext/Pkgfile +++ b/gettext/Pkgfile @@ -4,7 +4,7 @@ # Depends on: acl ncurses name=gettext -version=0.22.2 +version=0.22.3 release=1 source=(https://ftpmirror.gnu.org/gnu/$name/$name-$version.tar.xz) From ce9f37db07807780afc3fce9fecce295b9cceea6 Mon Sep 17 00:00:00 2001 From: Juergen Daubert Date: Thu, 5 Oct 2023 10:41:18 +0200 Subject: [PATCH 04/14] openssh: update to 9.5p1 --- openssh/.signature | 6 +++--- openssh/Pkgfile | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/openssh/.signature b/openssh/.signature index e3d19730..cdbe5846 100644 --- a/openssh/.signature +++ b/openssh/.signature @@ -1,7 +1,7 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqkuKsGPG28Fq7IZYDiDBdaBxvXAkp93zEPKfP/g9MrJmMiKYpAsxu5MuL/v+WZz+HAF3mnvypvVRGXRUgtfGUg4= -SHA256 (Pkgfile) = 19d55ab4499c59423d74c829d2c26e4d5766265bbbd5c216b2619fe18d1b1036 +RWRJc1FUaeVeqqB8Xhbnc4mUja33XfuBkrtB9D/2204KVBJXd1/40dGmP3E9Oey8DNNDBrAUDFcY02KyRMqpbmRGfGIpfbEggA4= +SHA256 (Pkgfile) = 51b53852ff602691a9d2047b37085d97f895216a04c73a54d296511212c73442 SHA256 (.footprint) = 99f794239faa72eb1bf13505e50d7d846e78bdbd1338a8bcd0975953921855cb -SHA256 (openssh-9.4p1.tar.gz) = 3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85 +SHA256 (openssh-9.5p1.tar.gz) = f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b SHA256 (sshd.rc) = ecce66e3f94670f963e9bd74254359561f26a20cdfc4b37fb9ec1a87e37f90ea SHA256 (sshd.pam) = 2b1053e21c1b1399281e06cae5c254f7e1109bb27c83ccb49969962d58595415 diff --git a/openssh/Pkgfile b/openssh/Pkgfile index e4b89dd9..7776ef4d 100644 --- a/openssh/Pkgfile +++ b/openssh/Pkgfile @@ -4,7 +4,7 @@ # Depends on: linux-pam openssl zlib name=openssh -version=9.4p1 +version=9.5p1 release=1 source=(https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$name-$version.tar.gz sshd.rc sshd.pam) From 692b37136a8d7a00ad4d2357cf7b9c5f4fcc9a2f Mon Sep 17 00:00:00 2001 From: Tim Biermann Date: Thu, 5 Oct 2023 20:47:32 +0200 Subject: [PATCH 05/14] eudev: 3.2.12 -> 3.2.14 --- eudev/.signature | 6 +++--- eudev/Pkgfile | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/eudev/.signature b/eudev/.signature index 00991cb9..6278b342 100644 --- a/eudev/.signature +++ b/eudev/.signature @@ -1,7 +1,7 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqtccanE0TsoxC8Wt42LXlk86S1rMItpMk3Kvag/oHKU3cf2i60D9y37Il21n+/gcUcFQicwjbE0TlI39IKSvSQU= -SHA256 (Pkgfile) = 190bdfceb03d6a5aa2c75f21371f1dcac2fac366d5d7d8579a44d880a771cffe +RWRJc1FUaeVeqqC/1jhKJ0LxAkGZE9nRh39XcrWwjilqzsOVoJEkVgFqfT3ysgmzWOTn8J8Vj8U6c7ntdsLN+kGRKS63I0PuKgE= +SHA256 (Pkgfile) = 926254100e0fb7eefddb0f36c48ca3ba54bfb526f264747e66e564382cd111ec SHA256 (.footprint) = e53692cb93720480d67d014cee3e32c485e1f08c9d2e94d2d87fb5e56f1c8253 -SHA256 (eudev-3.2.12.tar.gz) = ccdd64ec3c381d3c3ed0e99d2e70d1f62988c7763de89ca7bdffafa5eacb9ad8 +SHA256 (eudev-3.2.14.tar.gz) = 8da4319102f24abbf7fff5ce9c416af848df163b29590e666d334cc1927f006f SHA256 (81-crux.rules) = 087045a1dcce3af4445799dfd28482fa7243653a4d93439bbea64f2b241c1fad SHA256 (start_udev) = bf6d5dcffd0193a13dab90db623f4adf440782998797182715fc85281207905d diff --git a/eudev/Pkgfile b/eudev/Pkgfile index 25267cb5..ed556566 100644 --- a/eudev/Pkgfile +++ b/eudev/Pkgfile @@ -4,7 +4,7 @@ # Depends on: kmod name=eudev -version=3.2.12 +version=3.2.14 release=1 source=(https://github.com/eudev-project/eudev/releases/download/v$version/$name-$version.tar.gz 81-crux.rules start_udev) @@ -31,7 +31,7 @@ build() { # create binary hwdb LD_LIBRARY_PATH=$PKG/lib \ - $PKG/sbin/udevadm hwdb --update --root=$PKG + $PKG/sbin/udevadm hwdb --update --root=$PKG # Devices install -d $PKG/lib/{firmware,udev/devices/{pts,shm}} From 21f973337ec66cf8c9f131cac6740897fd552b5d Mon Sep 17 00:00:00 2001 From: Juergen Daubert Date: Fri, 6 Oct 2023 14:32:12 +0200 Subject: [PATCH 06/14] dhcpcd: update to 10.0.3 --- dhcpcd/.signature | 6 +++--- dhcpcd/Pkgfile | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/dhcpcd/.signature b/dhcpcd/.signature index b27e267c..9a1a890d 100644 --- a/dhcpcd/.signature +++ b/dhcpcd/.signature @@ -1,6 +1,6 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqrp3Ds+h1SASfsGDZ9EwM20ZDzDZ8+q4iikH0T68PfCC24TeWTO9SrJm5eseEh9mN0xRiHftiU6p/lEHrmGvBgU= -SHA256 (Pkgfile) = 8ecdc5b5ea222c9d79bc22dd326cb0d551e6f18504634dffc1533577699c4bcf +RWRJc1FUaeVeqi7a9mbsUOi3g0/vVF826y1EMrcYldUUXC4OV9t5CAofjr9v9ltoa7yG8s2kWEPIYWSCqzN5XFW/6+AYyeLYiwE= +SHA256 (Pkgfile) = f5d9e6f8fc6a73f55e5ac9bb07635858e62b4282311136a25b668a1af7c0bcec SHA256 (.footprint) = 6794a3116abf6567ff89e551b7560d585d97371577a6897efbd2bfcf75cd9db3 -SHA256 (dhcpcd-10.0.2.tar.xz) = 3aa15c50be86d9595467f21dd9dc66f7115e3de1f5ab0b704b753684062b8541 +SHA256 (dhcpcd-10.0.3.tar.xz) = 232a3f7ee41f026e644ee8c8468d4baf2d5f37ca91ade442c5a7b4bc81b3cb0f SHA256 (rc.dhcpcd) = f35d0748daa2e20aab01462684513bac6673e833459ba5ac1093ed814a3cae15 diff --git a/dhcpcd/Pkgfile b/dhcpcd/Pkgfile index 7faf7fd3..10ed6495 100644 --- a/dhcpcd/Pkgfile +++ b/dhcpcd/Pkgfile @@ -4,7 +4,7 @@ # Depends on: eudev name=dhcpcd -version=10.0.2 +version=10.0.3 release=1 source=(https://github.com/NetworkConfiguration/dhcpcd/releases/download/v$version/$name-$version.tar.xz rc.dhcpcd) From b3d7503fd751e03b2fd7c1eb1038648479431307 Mon Sep 17 00:00:00 2001 From: Juergen Daubert Date: Fri, 6 Oct 2023 14:34:36 +0200 Subject: [PATCH 07/14] vim: update to 9.0.1994, add syntax files by Tim Biermann --- vim/.footprint | 14 ++++++++++++++ vim/.signature | 9 +++++---- vim/Pkgfile | 9 +++++++-- 3 files changed, 26 insertions(+), 6 deletions(-) diff --git a/vim/.footprint b/vim/.footprint index 11f9afdc..066b74ef 100644 --- a/vim/.footprint +++ b/vim/.footprint @@ -30,6 +30,7 @@ drwxr-xr-x root/root usr/share/vim/autoload/ -rw-r--r-- root/root usr/share/vim/autoload/ada.vim -rw-r--r-- root/root usr/share/vim/autoload/adacomplete.vim -rw-r--r-- root/root usr/share/vim/autoload/bitbake.vim +-rw-r--r-- root/root usr/share/vim/autoload/cargo.vim -rw-r--r-- root/root usr/share/vim/autoload/ccomplete.vim -rw-r--r-- root/root usr/share/vim/autoload/clojurecomplete.vim -rw-r--r-- root/root usr/share/vim/autoload/context.vim @@ -515,6 +516,7 @@ drwxr-xr-x root/root usr/share/vim/ftplugin/ -rw-r--r-- root/root usr/share/vim/ftplugin/jsp.vim -rw-r--r-- root/root usr/share/vim/ftplugin/julia.vim -rw-r--r-- root/root usr/share/vim/ftplugin/kconfig.vim +-rw-r--r-- root/root usr/share/vim/ftplugin/kotlin.vim -rw-r--r-- root/root usr/share/vim/ftplugin/kwt.vim -rw-r--r-- root/root usr/share/vim/ftplugin/ld.vim -rw-r--r-- root/root usr/share/vim/ftplugin/less.vim @@ -766,6 +768,7 @@ drwxr-xr-x root/root usr/share/vim/indent/ -rw-r--r-- root/root usr/share/vim/indent/jsonc.vim -rw-r--r-- root/root usr/share/vim/indent/jsp.vim -rw-r--r-- root/root usr/share/vim/indent/julia.vim +-rw-r--r-- root/root usr/share/vim/indent/kotlin.vim -rw-r--r-- root/root usr/share/vim/indent/krl.vim -rw-r--r-- root/root usr/share/vim/indent/ld.vim -rw-r--r-- root/root usr/share/vim/indent/less.vim @@ -1265,6 +1268,7 @@ drwxr-xr-x root/root usr/share/vim/syntax/ -rw-r--r-- root/root usr/share/vim/syntax/kconfig.vim -rw-r--r-- root/root usr/share/vim/syntax/kivy.vim -rw-r--r-- root/root usr/share/vim/syntax/kix.vim +-rw-r--r-- root/root usr/share/vim/syntax/kotlin.vim -rw-r--r-- root/root usr/share/vim/syntax/krl.vim -rw-r--r-- root/root usr/share/vim/syntax/kscript.vim -rw-r--r-- root/root usr/share/vim/syntax/kwt.vim @@ -1336,6 +1340,7 @@ drwxr-xr-x root/root usr/share/vim/syntax/ -rw-r--r-- root/root usr/share/vim/syntax/modsim3.vim -rw-r--r-- root/root usr/share/vim/syntax/modula2.vim -rw-r--r-- root/root usr/share/vim/syntax/modula3.vim +-rw-r--r-- root/root usr/share/vim/syntax/mojo.vim -rw-r--r-- root/root usr/share/vim/syntax/monk.vim -rw-r--r-- root/root usr/share/vim/syntax/moo.vim -rw-r--r-- root/root usr/share/vim/syntax/mp.vim @@ -1697,4 +1702,13 @@ drwxr-xr-x root/root usr/share/vim/tools/ -rwxr-xr-x root/root usr/share/vim/tools/vimspell.sh -rw-r--r-- root/root usr/share/vim/tools/vimspell.txt -rw-r--r-- root/root usr/share/vim/tools/xcmdsrv_client.c +drwxr-xr-x root/root usr/share/vim/vimfiles/ +drwxr-xr-x root/root usr/share/vim/vimfiles/ftdetect/ +-rw-r--r-- root/root usr/share/vim/vimfiles/ftdetect/Pkgfile.vim +drwxr-xr-x root/root usr/share/vim/vimfiles/ftplugin/ +-rw-r--r-- root/root usr/share/vim/vimfiles/ftplugin/Pkgfile.vim +drwxr-xr-x root/root usr/share/vim/vimfiles/indent/ +-rw-r--r-- root/root usr/share/vim/vimfiles/indent/Pkgfile.vim +drwxr-xr-x root/root usr/share/vim/vimfiles/syntax/ +-rw-r--r-- root/root usr/share/vim/vimfiles/syntax/Pkgfile.vim -rw-r--r-- root/root usr/share/vim/vimrc diff --git a/vim/.signature b/vim/.signature index 7174fe76..113ee609 100644 --- a/vim/.signature +++ b/vim/.signature @@ -1,5 +1,6 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqmiycwwFhd4Y2zCUCCYS/MWd6INiTw0Mkp84MXj71Fgyf9ihZrNd+aFVhZh3IFb/iYZN3e1XTeK5Lk4+IooUago= -SHA256 (Pkgfile) = beb62d55da1126857c9c19f84fb1d2a21a8cdf38c595b7b1efb4408c4fdacc43 -SHA256 (.footprint) = b6100de4fd3a5e491919153983d6514b78c6b844abb8dfb905d6a81a8abe25be -SHA256 (vim-9.0.1888.tar.gz) = 90c269fc1c030bf814be08f94e565429626abcb8b2f8c9415f219c4ecafd2231 +RWRJc1FUaeVeqlTsF9c+nPe3a9CUJicD1m8mlP1Z6B3slKBjZ+eesuEX8XgRiiUIcPF/L+mlcQpuQdaOVAYLMM+0RPvBUUDM3Qg= +SHA256 (Pkgfile) = fcb1672165a8bd6dd594f1b93fbf23729fa7dccd5aff3e6960b02ee4f7f33a99 +SHA256 (.footprint) = fba2b6465885a8eb80652adc02224d224b01bb9e6fd960a103fcc39bc638d6c0 +SHA256 (vim-9.0.1994.tar.gz) = db5136162519060af95c207ff2408617a71fda62a73d8606ea65c517698c7164 +SHA256 (master.tar.gz) = 1f275a454fdd936b446518dbd6b60ea8e82895b4fb9759a2f5757e03e996b195 diff --git a/vim/Pkgfile b/vim/Pkgfile index 0ee82e60..981356df 100644 --- a/vim/Pkgfile +++ b/vim/Pkgfile @@ -4,9 +4,10 @@ # Depends on: ncurses acl name=vim -version=9.0.1888 +version=9.0.1994 release=1 -source=(https://github.com/vim/vim/archive/v${version}/$name-$version.tar.gz) +source=(https://github.com/vim/vim/archive/v${version}/$name-$version.tar.gz \ + https://git.crux.nu:82/tb/Pkgfile.vim/archive/master.tar.gz) build() { cd $name-$version/src @@ -53,4 +54,8 @@ build() { make VIMRTDIR= make -j1 VIMRTDIR= DESTDIR=$PKG installvimbin + + cd $SRC/pkgfile.vim + install -d $PKG/usr/share/vim/vimfiles + cp -r * $PKG/usr/share/vim/vimfiles } From 784177a5d2d13d86723eaa46ce150d9b6ebc1da6 Mon Sep 17 00:00:00 2001 From: Tim Biermann Date: Sat, 7 Oct 2023 09:04:35 +0200 Subject: [PATCH 08/14] cmake: 3.27.6 -> 3.27.7 --- cmake/.signature | 6 +++--- cmake/Pkgfile | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cmake/.signature b/cmake/.signature index 5a1ddf4f..5b6bb75a 100644 --- a/cmake/.signature +++ b/cmake/.signature @@ -1,5 +1,5 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqlq/yFHM+chBvZ3uxUaMUO1+pNuagq0dDafuJ/20uYawy0ft0ep9cr4FeSOCH0Brxw3uK6NgU37UkoMsiB+nVgM= -SHA256 (Pkgfile) = 15b308c5084fdb1acfce89543fda008ecfd9950439737b0af22a82215597d090 +RWRJc1FUaeVeqrbH1BF9FEukk4NkYMETqi3MfUbn/T/NGBGYIFfouda/OlJbM2VQROU7ebqD8xd9hAm3rx1Un0ymmS7AINVKcwg= +SHA256 (Pkgfile) = 58f0b9d360a7a6de7ae098013ea5ce13831397acea8179e127d7f62919c3a9e5 SHA256 (.footprint) = dc5a8773716c67f8298cb28aba8cdb89e40d01703503f2a6692879ccc93e1234 -SHA256 (cmake-3.27.6.tar.gz) = ef3056df528569e0e8956f6cf38806879347ac6de6a4ff7e4105dc4578732cfb +SHA256 (cmake-3.27.7.tar.gz) = 08f71a106036bf051f692760ef9558c0577c42ac39e96ba097e7662bd4158d8e diff --git a/cmake/Pkgfile b/cmake/Pkgfile index ab93400e..5e51d205 100644 --- a/cmake/Pkgfile +++ b/cmake/Pkgfile @@ -5,7 +5,7 @@ # Optional: python3-sphinx name=cmake -version=3.27.6 +version=3.27.7 release=1 source=(https://cmake.org/files/v${version%.*}/$name-$version.tar.gz) From c36c9f67ae1f809f3520099b56cea5fef493b917 Mon Sep 17 00:00:00 2001 From: Tim Biermann Date: Sat, 7 Oct 2023 20:13:32 +0200 Subject: [PATCH 09/14] libtirpc: 1.3.3 -> 1.3.4 --- libtirpc/.signature | 6 +++--- libtirpc/Pkgfile | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/libtirpc/.signature b/libtirpc/.signature index 7bf42af7..2c7b994d 100644 --- a/libtirpc/.signature +++ b/libtirpc/.signature @@ -1,5 +1,5 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqrCZUR2hnbWlR/wstrRS/nCoPFOmeFbBypLxEjlAn6nuuLYr3WAMPnH6XqarpFoizHgo/LmV+9iD9Fpb3pnRAQI= -SHA256 (Pkgfile) = 6ab5039acadee115141d87f276d493a9d820b7345af6f5994b40bc414b9a2ed5 +RWRJc1FUaeVeqrOuj0mW/IF3jiM2vDdQXLgrYHKttrMcyImiIV2cyIx4e3ZAWsCgdtfQjexDOJMeH0vTyV2+hoE6mwejp2THNQE= +SHA256 (Pkgfile) = 35f67ea74773215aba5923e53e4aab3ed3e5d10d14de1fe104a2dde43b3b9ff1 SHA256 (.footprint) = dfffa90037e87e2954aec95c896e466e6be48fc6a8e9bc80b72d6aab0b64bdd7 -SHA256 (libtirpc-1.3.3.tar.bz2) = 6474e98851d9f6f33871957ddee9714fdcd9d8a5ee9abb5a98d63ea2e60e12f3 +SHA256 (libtirpc-1.3.4.tar.bz2) = 1e0b0c7231c5fa122e06c0609a76723664d068b0dba3b8219b63e6340b347860 diff --git a/libtirpc/Pkgfile b/libtirpc/Pkgfile index 8e9af800..f05977c1 100644 --- a/libtirpc/Pkgfile +++ b/libtirpc/Pkgfile @@ -3,7 +3,7 @@ # Maintainer: CRUX System Team, core-ports at crux dot nu name=libtirpc -version=1.3.3 +version=1.3.4 release=1 source=(http://downloads.sourceforge.net/project/$name/$name/$version/$name-$version.tar.bz2) From 69fb650590e853282766b83770a156527f2ce154 Mon Sep 17 00:00:00 2001 From: Juergen Daubert Date: Tue, 10 Oct 2023 18:06:34 +0200 Subject: [PATCH 10/14] sqlite3: update to 3.43.2 --- sqlite3/.signature | 6 +++--- sqlite3/Pkgfile | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/sqlite3/.signature b/sqlite3/.signature index 5d1bc1bc..b9d72785 100644 --- a/sqlite3/.signature +++ b/sqlite3/.signature @@ -1,5 +1,5 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqsQm4n5DiF36JYfR8ZDf+PqRGLZXj4qWTdddj+lQka5VBjsshYHzIeJvl66iCv1rqfi+lqsv4mfnhH7wtVpdMws= -SHA256 (Pkgfile) = 8514a80908f49e65b036da369fbeff09b91c7f5ad3f130fb19cde87a1e836991 +RWRJc1FUaeVeqnKjghnk+rQxlLcVbTMdR2Fk5MUaG1/k2/uV3sVIuFl0qr1Mm/p89KOa+hSdMMmMAMuruI+M7LuzQyDxuveaeAc= +SHA256 (Pkgfile) = 76afb930c2c6ec030ce8cf38b9e1f4a6bfd3f41701c48ef336310498af07cf8b SHA256 (.footprint) = 54d29bd72af140bd285f65d0e72b3ef8eb4279298c98354632552b41db701253 -SHA256 (sqlite-autoconf-3430100.tar.gz) = 39116c94e76630f22d54cd82c3cea308565f1715f716d1b2527f1c9c969ba4d9 +SHA256 (sqlite-autoconf-3430200.tar.gz) = 6d422b6f62c4de2ca80d61860e3a3fb693554d2f75bb1aaca743ccc4d6f609f0 diff --git a/sqlite3/Pkgfile b/sqlite3/Pkgfile index 82e1eefc..cca1bba8 100644 --- a/sqlite3/Pkgfile +++ b/sqlite3/Pkgfile @@ -4,7 +4,7 @@ # Depends on: readline zlib name=sqlite3 -version=3.43.1 +version=3.43.2 release=1 _version=$(printf "%i%.2i%.2i%.2i" ${version//./ }) From ca709dd2838985f4f37d79889b70ac9ccd2ed13a Mon Sep 17 00:00:00 2001 From: Tim Biermann Date: Tue, 10 Oct 2023 18:37:14 +0200 Subject: [PATCH 11/14] libnghttp2: 1.56.0 -> 1.57.0 --- libnghttp2/.footprint | 6 +++--- libnghttp2/.signature | 8 ++++---- libnghttp2/Pkgfile | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/libnghttp2/.footprint b/libnghttp2/.footprint index 863f20d9..e703d4ee 100644 --- a/libnghttp2/.footprint +++ b/libnghttp2/.footprint @@ -6,8 +6,8 @@ drwxr-xr-x root/root usr/include/nghttp2/ drwxr-xr-x root/root usr/lib/ -rw-r--r-- root/root usr/lib/libnghttp2.a -rwxr-xr-x root/root usr/lib/libnghttp2.la -lrwxrwxrwx root/root usr/lib/libnghttp2.so -> libnghttp2.so.14.24.4 -lrwxrwxrwx root/root usr/lib/libnghttp2.so.14 -> libnghttp2.so.14.24.4 --rwxr-xr-x root/root usr/lib/libnghttp2.so.14.24.4 +lrwxrwxrwx root/root usr/lib/libnghttp2.so -> libnghttp2.so.14.25.0 +lrwxrwxrwx root/root usr/lib/libnghttp2.so.14 -> libnghttp2.so.14.25.0 +-rwxr-xr-x root/root usr/lib/libnghttp2.so.14.25.0 drwxr-xr-x root/root usr/lib/pkgconfig/ -rw-r--r-- root/root usr/lib/pkgconfig/libnghttp2.pc diff --git a/libnghttp2/.signature b/libnghttp2/.signature index 5ed8e1d4..16d57bfc 100644 --- a/libnghttp2/.signature +++ b/libnghttp2/.signature @@ -1,5 +1,5 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqjxgHNUuHwrDTLQr0tPz13o394Loj9f+HRjQCsI8Pkox2qTRuozjemRrynrdWt/BFCorxb6QUSrixwfLMrKK7AA= -SHA256 (Pkgfile) = a0e27bdf96f9df4ad331f6ed8a64e2d5b732b6ffa11515af4fdee19b356f8ad4 -SHA256 (.footprint) = 0388dea4fdad93060ea83f37602c9a3eeb4149c43f22f0edcb41395ce49383b8 -SHA256 (nghttp2-1.56.0.tar.xz) = 65eee8021e9d3620589a4a4e91ce9983d802b5229f78f3313770e13f4d2720e9 +RWRJc1FUaeVeqv6/9M78+RW4fwuJ7QjDIc8A9XH80tQtF04v0zKjb0PQm/XrnTdWVOkFNFsGKHVsWT7Cl6gksIKVAOfIremjBgM= +SHA256 (Pkgfile) = 4eec0fdb661b146443d3434c08f6e09a9354ca2344fafa41f5b0d27df7f4c87f +SHA256 (.footprint) = f64b20b8b114acbf49013edebc98776beb21e0afb5922c0d6d4b01273de97b29 +SHA256 (nghttp2-1.57.0.tar.xz) = 9210b0113109f43be526ac5835d58a701411821a4d39e155c40d67c40f47a958 diff --git a/libnghttp2/Pkgfile b/libnghttp2/Pkgfile index 40133c20..5dd3c105 100644 --- a/libnghttp2/Pkgfile +++ b/libnghttp2/Pkgfile @@ -3,7 +3,7 @@ # Maintainer: CRUX System Team, core-ports at crux dot nu name=libnghttp2 -version=1.56.0 +version=1.57.0 release=1 source=(https://github.com/nghttp2/nghttp2/releases/download/v$version/nghttp2-$version.tar.xz) From 127bfaad307f9f54bad79dca2b6896bcbb6735a9 Mon Sep 17 00:00:00 2001 From: Juergen Daubert Date: Wed, 11 Oct 2023 08:57:49 +0200 Subject: [PATCH 12/14] curl: update to 8.4.0 --- curl/.footprint | 7 +++++++ curl/.signature | 8 ++++---- curl/Pkgfile | 2 +- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/curl/.footprint b/curl/.footprint index 2219c6c6..560bb2ac 100644 --- a/curl/.footprint +++ b/curl/.footprint @@ -41,6 +41,7 @@ drwxr-xr-x root/root usr/share/man/man3/ -rw-r--r-- root/root usr/share/man/man3/CURLINFO_CONDITION_UNMET.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLINFO_CONNECT_TIME.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLINFO_CONNECT_TIME_T.3.gz +-rw-r--r-- root/root usr/share/man/man3/CURLINFO_CONN_ID.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3.gz @@ -101,6 +102,7 @@ drwxr-xr-x root/root usr/share/man/man3/ -rw-r--r-- root/root usr/share/man/man3/CURLINFO_TLS_SSL_PTR.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLINFO_TOTAL_TIME.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLINFO_TOTAL_TIME_T.3.gz +-rw-r--r-- root/root usr/share/man/man3/CURLINFO_XFER_ID.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLMOPT_MAXCONNECTS.3.gz @@ -312,6 +314,7 @@ drwxr-xr-x root/root usr/share/man/man3/ -rw-r--r-- root/root usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_PUT.3.gz +-rw-r--r-- root/root usr/share/man/man3/CURLOPT_QUICK_EXIT.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_QUOTE.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_RANDOM_FILE.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_RANGE.3.gz @@ -346,6 +349,8 @@ drwxr-xr-x root/root usr/share/man/man3/ -rw-r--r-- root/root usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3.gz +-rw-r--r-- root/root usr/share/man/man3/CURLOPT_SSH_HOSTKEYDATA.3.gz +-rw-r--r-- root/root usr/share/man/man3/CURLOPT_SSH_HOSTKEYFUNCTION.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256.3.gz -rw-r--r-- root/root usr/share/man/man3/CURLOPT_SSH_KEYDATA.3.gz @@ -471,6 +476,7 @@ drwxr-xr-x root/root usr/share/man/man3/ -rw-r--r-- root/root usr/share/man/man3/curl_multi_assign.3.gz -rw-r--r-- root/root usr/share/man/man3/curl_multi_cleanup.3.gz -rw-r--r-- root/root usr/share/man/man3/curl_multi_fdset.3.gz +-rw-r--r-- root/root usr/share/man/man3/curl_multi_get_handles.3.gz -rw-r--r-- root/root usr/share/man/man3/curl_multi_info_read.3.gz -rw-r--r-- root/root usr/share/man/man3/curl_multi_init.3.gz -rw-r--r-- root/root usr/share/man/man3/curl_multi_perform.3.gz @@ -507,6 +513,7 @@ drwxr-xr-x root/root usr/share/man/man3/ -rw-r--r-- root/root usr/share/man/man3/curl_ws_recv.3.gz -rw-r--r-- root/root usr/share/man/man3/curl_ws_send.3.gz -rw-r--r-- root/root usr/share/man/man3/libcurl-easy.3.gz +-rw-r--r-- root/root usr/share/man/man3/libcurl-env-dbg.3.gz -rw-r--r-- root/root usr/share/man/man3/libcurl-env.3.gz -rw-r--r-- root/root usr/share/man/man3/libcurl-errors.3.gz -rw-r--r-- root/root usr/share/man/man3/libcurl-multi.3.gz diff --git a/curl/.signature b/curl/.signature index 3bd117ae..40d45ab3 100644 --- a/curl/.signature +++ b/curl/.signature @@ -1,5 +1,5 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqvmQMxOqw7a7GuoZt84zB1onmXCbe3s5AD69VkiQZ8fyOYHPaBdVnoM4jHRhYXAsYGklsQKCV8R/iUlaNKWmLA8= -SHA256 (Pkgfile) = a39acd48d84312764a2948177b9403241ae0e71dd65bcb6d48e64241178eb400 -SHA256 (.footprint) = 50adb77911a6304efb864b58422c65a52d2b8e5d87b5fec7775f5d031123c28e -SHA256 (curl-8.3.0.tar.xz) = 376d627767d6c4f05105ab6d497b0d9aba7111770dd9d995225478209c37ea63 +RWRJc1FUaeVeqpUi++mzc1ii2hbOoMrBcviKsEEg5wLeR4M+iHb1BbSBizYUmhLNCF4hDEdFI/DN8ao7hZDAunLmRck50MsG9Qw= +SHA256 (Pkgfile) = 8b55b92d0ca270921d3c79e50ff692f5970cd858e53fd27cd686460b7978b2a2 +SHA256 (.footprint) = c3470b7ba99683af6b8fe29f22eda2ab180e02b1e51ee4977dfa21755793ea81 +SHA256 (curl-8.4.0.tar.xz) = 16c62a9c4af0f703d28bda6d7bbf37ba47055ad3414d70dec63e2e6336f2a82d diff --git a/curl/Pkgfile b/curl/Pkgfile index 007395a1..9b6eb198 100644 --- a/curl/Pkgfile +++ b/curl/Pkgfile @@ -4,7 +4,7 @@ # Depends on: libnghttp2 openssl zstd name=curl -version=8.3.0 +version=8.4.0 release=1 source=(https://curl.haxx.se/download/$name-$version.tar.xz) From 5c50077473df938af06234b8035677d2ac4387f5 Mon Sep 17 00:00:00 2001 From: Juergen Daubert Date: Wed, 11 Oct 2023 10:02:46 +0200 Subject: [PATCH 13/14] iptables: update to 1.8.10 --- iptables/.footprint | 1 - iptables/.signature | 8 ++++---- iptables/Pkgfile | 2 +- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/iptables/.footprint b/iptables/.footprint index d358f4db..14eac8b2 100644 --- a/iptables/.footprint +++ b/iptables/.footprint @@ -3,7 +3,6 @@ drwxr-xr-x root/root usr/bin/ lrwxrwxrwx root/root usr/bin/iptables-xml -> /usr/sbin/xtables-legacy-multi drwxr-xr-x root/root usr/etc/ -rw-r--r-- root/root usr/etc/ethertypes --rw-r--r-- root/root usr/etc/xtables.conf drwxr-xr-x root/root usr/include/ -rw-r--r-- root/root usr/include/libipq.h drwxr-xr-x root/root usr/include/libiptc/ diff --git a/iptables/.signature b/iptables/.signature index 2b49d481..d85cdbf7 100644 --- a/iptables/.signature +++ b/iptables/.signature @@ -1,5 +1,5 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqluOE0fRGRJaOO/C0neYmY/wsQiYtbZU89vwvL4ygW7Uf1ta/zZKAHPUF1J3ZOU98XhfG6+7YDQFDtkTLQpSOgA= -SHA256 (Pkgfile) = 2ce4898b0d6e428798e65c57b9b428c9c90f8b193885ecc910388150caab2df0 -SHA256 (.footprint) = 7c88563fc0923889c4369510490d691dbba15e2435496f0d799bd10a1b23b5c5 -SHA256 (iptables-1.8.9.tar.xz) = ef6639a43be8325a4f8ea68123ffac236cb696e8c78501b64e8106afb008c87f +RWRJc1FUaeVeqkEdKkgmippeULkPnDwNE5DiCqBwWrVrSBHTlUH1dEeyYbOYOzKlvaLTeGaG2+TA6/7PaUO6qa2Q8iu4B9CASQA= +SHA256 (Pkgfile) = 69208ddf2d56f1e6f778040a915d525d3ce88c660774a8aa19b5f80fc5e29288 +SHA256 (.footprint) = f64deb8da4afc0ac5f73cf70fd2caad21df033e59e688c8fd9c621a83b4cfaff +SHA256 (iptables-1.8.10.tar.xz) = 5cc255c189356e317d070755ce9371eb63a1b783c34498fb8c30264f3cc59c9c diff --git a/iptables/Pkgfile b/iptables/Pkgfile index eb5f5882..2f61a3ef 100644 --- a/iptables/Pkgfile +++ b/iptables/Pkgfile @@ -4,7 +4,7 @@ # Depends on: nftables name=iptables -version=1.8.9 +version=1.8.10 release=1 source=(https://www.netfilter.org/projects/$name/files/$name-$version.tar.xz) From b328cc5d420b26c2227cc4fa34381fa9dc386eb7 Mon Sep 17 00:00:00 2001 From: Tim Biermann Date: Sat, 14 Oct 2023 09:01:29 +0200 Subject: [PATCH 14/14] libnsl: 2.0.0 -> 2.0.1 --- libnsl/.signature | 6 +++--- libnsl/Pkgfile | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/libnsl/.signature b/libnsl/.signature index 78928123..3614f9d0 100644 --- a/libnsl/.signature +++ b/libnsl/.signature @@ -1,5 +1,5 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqoIKLYI1PfUs0kFIYIiVlQ1+B6vwDNcNIBABWVE4+BZVFUbNSRez3B9zicHz10k4UPEic41q4AWIM+cCLY/ArQQ= -SHA256 (Pkgfile) = 3c1834bc0b2c49fdcf2fd149b9c9c23c2ebf26625f115b58fd61fbfabb18f367 +RWRJc1FUaeVeqqAFFRcKrWqTIH27AZKOgD3pA7O0UawlVZg5aMDyuWjBMUwhIz0NfY2R9EX6XZGyV7vMfRiD8du5V3wC4gn1IQs= +SHA256 (Pkgfile) = aa8c06142731bd693ea261ef5750e87cd7a687a50da293ecd984719528eb7a0f SHA256 (.footprint) = 38f0afbdfac0c23ab732a17ebb485af02e6f8e89692d00d2e6d22da1ec9cb0b0 -SHA256 (libnsl-2.0.0.tar.xz) = 2da075ef1893ebdfc5f074f83ac811873dc06fd5c62bc9a4729fd2e27a40341a +SHA256 (libnsl-2.0.1.tar.xz) = 5c9e470b232a7acd3433491ac5221b4832f0c71318618dc6aa04dd05ffcd8fd9 diff --git a/libnsl/Pkgfile b/libnsl/Pkgfile index e8352982..ccb30a6a 100644 --- a/libnsl/Pkgfile +++ b/libnsl/Pkgfile @@ -3,7 +3,7 @@ # Maintainer: CRUX System Team, core-ports at crux dot nu name=libnsl -version=2.0.0 +version=2.0.1 release=1 source=(https://github.com/thkukuk/$name/releases/download/v$version/$name-$version.tar.xz)