From 93721a641a55a943363149ed6a77eea4668878ce Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Sun, 22 Nov 2009 11:43:57 -0800 Subject: [PATCH 1/9] Reinitialize _create_xid state after fork. Programs forking and using RPC in the forks would use the same XIDs. (cherry picked from commit c5a8b997e2de005697a992d8db5c54995bd361a8) --- ChangeLog | 4 ++++ sunrpc/create_xid.c | 12 +++++++----- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index e0fd11c15e..143c45af39 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2009-11-22 Ulrich Drepper + + * sunrpc/create_xid.c (_create_xid): Reinitialize state after fork. + 2009-11-18 H.J. Lu [BZ #10162] diff --git a/sunrpc/create_xid.c b/sunrpc/create_xid.c index 4e76918644..c247568cee 100644 --- a/sunrpc/create_xid.c +++ b/sunrpc/create_xid.c @@ -1,4 +1,4 @@ -/* Copyright (c) 1998, 2000 Free Software Foundation, Inc. +/* Copyright (c) 1998, 2000, 2009 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Thorsten Kukuk , 1998. @@ -27,7 +27,7 @@ __libc_lock_define_initialized (static, createxid_lock) -static int is_initialized; +static pid_t is_initialized; static struct drand48_data __rpc_lrand48_data; unsigned long @@ -37,13 +37,15 @@ _create_xid (void) __libc_lock_lock (createxid_lock); - if (!is_initialized) + pid_t pid = getpid (); + if (is_initialized != pid) { struct timeval now; __gettimeofday (&now, (struct timezone *) 0); - __srand48_r (now.tv_sec ^ now.tv_usec, &__rpc_lrand48_data); - is_initialized = 1; + __srand48_r (now.tv_sec ^ now.tv_usec ^ pid, + &__rpc_lrand48_data); + is_initialized = pid; } lrand48_r (&__rpc_lrand48_data, &res); From 360f6f3a2522731cfdeedc959b21200d325952b1 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Sun, 22 Nov 2009 16:54:45 -0800 Subject: [PATCH 2/9] Fix week information for nl_NL locale. (cherry picked from commit 6503cfe2de2105e83456fb04fdeb5d4e2323e9b4) --- localedata/ChangeLog | 4 ++++ localedata/locales/nl_NL | 52 +++++++++++++++++++++------------------- 2 files changed, 32 insertions(+), 24 deletions(-) diff --git a/localedata/ChangeLog b/localedata/ChangeLog index 4ddd35d681..fa5536c126 100644 --- a/localedata/ChangeLog +++ b/localedata/ChangeLog @@ -1,3 +1,7 @@ +2009-11-22 Ulrich Drepper + + * locales/nl_NL: Define week, first_weekday, and first_workday. + 2009-10-30 Ulrich Drepper * locales/it_CH: Fix typos in last change. diff --git a/localedata/locales/nl_NL b/localedata/locales/nl_NL index 9719cec5f6..6f832927a3 100644 --- a/localedata/locales/nl_NL +++ b/localedata/locales/nl_NL @@ -88,33 +88,33 @@ END LC_NUMERIC LC_TIME abday "";"";"";/ - "";"";"";/ - "" + "";"";"";/ + "" day "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "" + "";/ + "";/ + "";/ + "";/ + "";/ + "" abmon "";"";/ - "";"";/ - "";"";/ - "";"";/ - "";"";/ - "";"" + "";"";/ + "";"";/ + "";"";/ + "";"";/ + "";"" mon "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "" + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "" d_t_fmt "" d_fmt "" t_fmt "" @@ -123,6 +123,10 @@ t_fmt_ampm "" date_fmt "/ / " + +week 7;19971130;4 +first_weekday 2 +first_workday 2 END LC_TIME LC_PAPER From ede3f7ef5c553fc81efe6cf7ddf383f081bfd7e6 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Mon, 23 Nov 2009 16:16:26 -0800 Subject: [PATCH 3/9] Define week, first_weekday, and first_workday for en_DK locale. (cherry picked from commit 49c7f27194d16976a6bb9c5b7be186662ec7a6e6) --- localedata/ChangeLog | 4 +++ localedata/locales/en_DK | 53 +++++++++++++++++++++------------------- 2 files changed, 32 insertions(+), 25 deletions(-) diff --git a/localedata/ChangeLog b/localedata/ChangeLog index fa5536c126..077182b4c2 100644 --- a/localedata/ChangeLog +++ b/localedata/ChangeLog @@ -1,3 +1,7 @@ +2009-11-23 Ulrich Drepper + + * locales/en_DK: Define week, first_weekday, and first_workday. + 2009-11-22 Ulrich Drepper * locales/nl_NL: Define week, first_weekday, and first_workday. diff --git a/localedata/locales/en_DK b/localedata/locales/en_DK index aa58763578..3ec5170558 100644 --- a/localedata/locales/en_DK +++ b/localedata/locales/en_DK @@ -85,34 +85,34 @@ END LC_NUMERIC LC_TIME abday "";"";/ - "";"";/ - "";"";/ - "" + "";"";/ + "";"";/ + "" day "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "" + "";/ + "";/ + "";/ + "";/ + "";/ + "" abmon "";"";/ - "";"";/ - "";"";/ - "";"";/ - "";"";/ - "";"" + "";"";/ + "";"";/ + "";"";/ + "";"";/ + "";"" mon "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "" + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "";/ + "" % date formats following ISO 8601-1988 d_t_fmt "" d_fmt "" @@ -122,6 +122,9 @@ t_fmt_ampm "" date_fmt "/ / " +week 7;19971130;4 +first_weekday 2 +first_workday 2 END LC_TIME LC_MESSAGES From b15f34af1c3b6f2658d3f73c331db8e94fa47b0a Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Tue, 24 Nov 2009 10:00:28 -0800 Subject: [PATCH 4/9] Define week, first_weekday, and first_workday for hsb_DE locale. (cherry picked from commit ee5a5ba6725ee949483f043cd0cf2a1579b6b509) --- localedata/ChangeLog | 4 ++++ localedata/locales/hsb_DE | 24 ++++++++++++++---------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/localedata/ChangeLog b/localedata/ChangeLog index 077182b4c2..88284268a9 100644 --- a/localedata/ChangeLog +++ b/localedata/ChangeLog @@ -1,3 +1,7 @@ +2009-11-24 Ulrich Drepper + + * locales/hsb_DE: Define week, first_weekday, and first_workday. + 2009-11-23 Ulrich Drepper * locales/en_DK: Define week, first_weekday, and first_workday. diff --git a/localedata/locales/hsb_DE b/localedata/locales/hsb_DE index 50355af35a..0929897c8a 100644 --- a/localedata/locales/hsb_DE +++ b/localedata/locales/hsb_DE @@ -197,7 +197,7 @@ collating-symbol % letter;accent;case;specials order_start forward;backward/ - ;forward;position + ;forward;position % or letters first: @@ -2136,16 +2136,16 @@ END LC_NUMERIC LC_TIME abday "";"";/ - "";"";/ - "";"";/ - "" + "";"";/ + "";"";/ + "" day "";/ - "";/ - "";/ - "";/ - "";/ - "";/ - "" + "";/ + "";/ + "";/ + "";/ + "";/ + "" abmon "";"";/ "";"";/ "";"";/ @@ -2172,6 +2172,10 @@ t_fmt_ampm "" date_fmt "/ / " + +week 7;19971130;4 +first_weekday 2 +first_workday 2 END LC_TIME LC_PAPER From 4f9d265e05056df279186d033af75352a679685f Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Tue, 24 Nov 2009 11:17:06 -0800 Subject: [PATCH 5/9] Fix startup to security-relevant statically linked binaries. Before the change they crash on startup. Perform IREL relocations earlier to prevent this. (cherry picked from commit 1c3c269b55c84c29ec1e2c70f122c5e33fef4257) --- ChangeLog | 7 +++++++ csu/elf-init.c | 21 +++++++++++++++------ csu/libc-start.c | 6 ++++++ 3 files changed, 28 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 143c45af39..962d609700 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2009-11-24 Ulrich Drepper + + * csu/elf-init.c (__libc_csu_irel): New function. Code to perform + irel relocations split out from... + (__libc_csu_init): ...here. + * csu/libc-start.c [!SHARED]: Call __libc_csu_irel early. + 2009-11-22 Ulrich Drepper * sunrpc/create_xid.c (_create_xid): Reinitialize state after fork. diff --git a/csu/elf-init.c b/csu/elf-init.c index 1d2df62ca3..1e3d6d6cd8 100644 --- a/csu/elf-init.c +++ b/csu/elf-init.c @@ -72,15 +72,14 @@ extern void _fini (void); /* These functions are passed to __libc_start_main by the startup code. These get statically linked into each program. For dynamically linked programs, this module will come from libc_nonshared.a and differs from - the libc.a module in that it doesn't call the preinit array. */ + the libc.a module in that it doesn't call the preinit array and performs + explicit IREL{,A} relocations. */ -void -__libc_csu_init (int argc, char **argv, char **envp) -{ - /* For dynamically linked executables the preinit array is executed by - the dynamic linker (before initializing any shared object. */ #ifndef LIBC_NONSHARED +void +__libc_csu_irel (void) +{ # ifdef USE_MULTIARCH # ifdef ELF_MACHINE_IRELA { @@ -98,7 +97,17 @@ __libc_csu_init (int argc, char **argv, char **envp) } # endif # endif +} +#endif + +void +__libc_csu_init (int argc, char **argv, char **envp) +{ + /* For dynamically linked executables the preinit array is executed by + the dynamic linker (before initializing any shared object. */ + +#ifndef LIBC_NONSHARED /* For static executables, preinit happens right before init. */ { const size_t size = __preinit_array_end - __preinit_array_start; diff --git a/csu/libc-start.c b/csu/libc-start.c index 80b672f88d..dc7ca55f09 100644 --- a/csu/libc-start.c +++ b/csu/libc-start.c @@ -24,6 +24,9 @@ #include extern void __libc_init_first (int argc, char **argv, char **envp); +#ifndef SHARED +extern void __libc_csu_irel (void); +#endif extern int __libc_multiple_libcs; @@ -134,6 +137,9 @@ LIBC_START_MAIN (int (*main) (int, char **, char ** MAIN_AUXVEC_DECL), } # endif + /* Performe IREL{,A} relocations. */ + __libc_csu_irel (); + /* Initialize the thread library at least a bit since the libgcc functions are using thread functions if these are available and we need to setup errno. */ From 65a27b0b41a8ec07407ad0415fd0963917c59941 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Tue, 24 Nov 2009 18:24:14 -0800 Subject: [PATCH 6/9] Prevent unintended file desriptor leak in grantpt. The pt_chown program is completely transparently called. It might not be able to live with the various file descriptors the program has open at the time of the call (e.g., under SELinux). Close all but the needed descriptor and connect stdin, stdout, and stderr with /dev/null. pt_chown shouldn't print anything when called to do real work. (cherry picked from commit 139ee080b6b428240bf49f3e6361f3ac729f891a) --- ChangeLog | 6 +++++ login/programs/pt_chown.c | 5 ++-- sysdeps/unix/grantpt.c | 4 +++ sysdeps/unix/sysv/linux/grantpt.c | 42 +++++++++++++++++++++++++++++++ 4 files changed, 54 insertions(+), 3 deletions(-) create mode 100644 sysdeps/unix/sysv/linux/grantpt.c diff --git a/ChangeLog b/ChangeLog index 962d609700..25b96ae9e2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ 2009-11-24 Ulrich Drepper + * sysdeps/unix/grantpt.c (grantpt): Use CLOSE_ALL_FDS is available + before the exec. + * sysdeps/unix/sysv/linux/grantpt.c: New file. + * login/programs/pt_chown.c (main): Don't print message on errors + when doing real work. + * csu/elf-init.c (__libc_csu_irel): New function. Code to perform irel relocations split out from... (__libc_csu_init): ...here. diff --git a/login/programs/pt_chown.c b/login/programs/pt_chown.c index 7e279a5f3b..4c36f2ceac 100644 --- a/login/programs/pt_chown.c +++ b/login/programs/pt_chown.c @@ -154,8 +154,7 @@ main (int argc, char *argv[]) # define ncap_list (sizeof (cap_list) / sizeof (cap_list[0])) cap_t caps = cap_init (); if (caps == NULL) - error (FAIL_ENOMEM, errno, - _("Failed to initialize drop of capabilities")); + return FAIL_ENOMEM; /* There is no reason why these should not work. */ cap_set_flag (caps, CAP_PERMITTED, ncap_list, cap_list, CAP_SET); @@ -166,7 +165,7 @@ main (int argc, char *argv[]) cap_free (caps); if (__builtin_expect (res != 0, 0)) - error (FAIL_EXEC, errno, _("cap_set_proc failed")); + return FAIL_EXEC; } #endif diff --git a/sysdeps/unix/grantpt.c b/sysdeps/unix/grantpt.c index 8c299e9147..b02bf7cccf 100644 --- a/sysdeps/unix/grantpt.c +++ b/sysdeps/unix/grantpt.c @@ -190,6 +190,10 @@ grantpt (int fd) if (__dup2 (fd, PTY_FILENO) < 0) _exit (FAIL_EBADF); +#ifdef CLOSE_ALL_FDS + CLOSE_ALL_FDS (); +#endif + execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL); _exit (FAIL_EXEC); } diff --git a/sysdeps/unix/sysv/linux/grantpt.c b/sysdeps/unix/sysv/linux/grantpt.c new file mode 100644 index 0000000000..6305ed4944 --- /dev/null +++ b/sysdeps/unix/sysv/linux/grantpt.c @@ -0,0 +1,42 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +#include "not-cancel.h" +#include "pty-private.h" + + +/* Close all file descriptors except the one specified. */ +static void +close_all_fds (void) +{ + DIR *dir = opendir ("/proc/self/fd"); + if (dir != NULL) + { + struct dirent64 *d; + while ((d = readdir64 (dir)) != NULL) + if (isdigit (d->d_name[0])) + { + char *endp; + long int fd = strtol (d->d_name, &endp, 10); + if (*endp == '\0' && fd != PTY_FILENO && fd != dirfd (dir)) + close_not_cancel_no_status (fd); + } + + closedir (dir); + + int nullfd = open_not_cancel_2 (_PATH_DEVNULL, O_RDONLY); + assert (nullfd == STDIN_FILENO); + nullfd = open_not_cancel_2 (_PATH_DEVNULL, O_WRONLY); + assert (nullfd == STDOUT_FILENO); + __dup2 (STDOUT_FILENO, STDERR_FILENO); + } +} +#define CLOSE_ALL_FDS() close_all_fds() + +#include From bc207ace446b2e0fc4a474a2a4cf945d9cca6573 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Tue, 24 Nov 2009 18:47:26 -0800 Subject: [PATCH 7/9] Avoid local PLTs. (cherry picked from commit 0f622686af3ae5a8f03dae886b08c260b38bda16) --- sysdeps/unix/sysv/linux/grantpt.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sysdeps/unix/sysv/linux/grantpt.c b/sysdeps/unix/sysv/linux/grantpt.c index 6305ed4944..f2fc60f83a 100644 --- a/sysdeps/unix/sysv/linux/grantpt.c +++ b/sysdeps/unix/sysv/linux/grantpt.c @@ -15,11 +15,11 @@ static void close_all_fds (void) { - DIR *dir = opendir ("/proc/self/fd"); + DIR *dir = __opendir ("/proc/self/fd"); if (dir != NULL) { struct dirent64 *d; - while ((d = readdir64 (dir)) != NULL) + while ((d = __readdir64 (dir)) != NULL) if (isdigit (d->d_name[0])) { char *endp; @@ -28,7 +28,7 @@ close_all_fds (void) close_not_cancel_no_status (fd); } - closedir (dir); + __closedir (dir); int nullfd = open_not_cancel_2 (_PATH_DEVNULL, O_RDONLY); assert (nullfd == STDIN_FILENO); From 1db8b35487c8c3842f81176c25e72e4cf0948f00 Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Fri, 27 Nov 2009 21:37:30 -0800 Subject: [PATCH 8/9] Fix infloop in __pthread_disable_asynccancel on x86_64 (cherry picked from commit b55ec98c6490b944593243c7da54dda1796e3f84) --- nptl/ChangeLog | 5 +++++ nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S | 5 +++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/nptl/ChangeLog b/nptl/ChangeLog index 0aaaa3f7b9..08a55ee5c8 100644 --- a/nptl/ChangeLog +++ b/nptl/ChangeLog @@ -1,3 +1,8 @@ +2009-11-27 Andreas Schwab + + * sysdeps/unix/sysv/linux/x86_64/cancellation.S: Reload + THREAD_SELF->cancelhandling after returning from futex call. + 2009-11-03 Andreas Schwab [BZ #4457] diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S b/nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S index 0d48ec6fcd..680696200a 100644 --- a/nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S +++ b/nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S @@ -96,8 +96,8 @@ ENTRY(__pthread_disable_asynccancel) cmpxchgl %r11d, %fs:CANCELHANDLING jnz 2b -3: movl %r11d, %eax - andl $(TCB_CANCELING_BITMASK|TCB_CANCELED_BITMASK), %eax + movl %r11d, %eax +3: andl $(TCB_CANCELING_BITMASK|TCB_CANCELED_BITMASK), %eax cmpl $TCB_CANCELING_BITMASK, %eax je 4f 1: ret @@ -111,5 +111,6 @@ ENTRY(__pthread_disable_asynccancel) addq $CANCELHANDLING, %rdi LOAD_PRIVATE_FUTEX_WAIT (%esi) syscall + movl %fs:CANCELHANDLING, %eax jmp 3b END(__pthread_disable_asynccancel) From 3decedce640208c25323bca68c98381c640ab06f Mon Sep 17 00:00:00 2001 From: Petr Baudis Date: Tue, 8 Dec 2009 21:10:20 +0100 Subject: [PATCH 9/9] glibc 2.11.1 release --- version.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version.h b/version.h index e44ecd4a19..3c51c9ca2a 100644 --- a/version.h +++ b/version.h @@ -1,4 +1,4 @@ /* This file just defines the current version number of libc. */ #define RELEASE "stable" -#define VERSION "2.11" +#define VERSION "2.11.1"