aboutsummaryrefslogtreecommitdiff
path: root/sysdeps/mach/hurd
AgeCommit message (Collapse)Author
2023-07-03hurd: Map brk non-executableSergey Bugaev
The rest of the heap (backed by individual pages) is already mapped RW. Mapping these pages RWX presents a security hazard. Also, in another branch memory gets allocated using vm_allocate, which sets memory protection to VM_PROT_DEFAULT (which is RW). The mismatch between protections prevents Mach from coalescing the VM map entries. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230625231751.404120-2-bugaevc@gmail.com>
2023-07-01hurd: Make getrandom return ENOSYS when /dev/random is not set upSamuel Thibault
So that callers (e.g. __arc4random_buf) don't try calling it again.
2023-06-15hurd: Add strlcpy, strlcat, wcslcpy, wcslcat to libc.abilistFlorian Weimer
2023-06-14Add the wcslcpy, wcslcat functionsFlorian Weimer
These functions are about to be added to POSIX, under Austin Group issue 986. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-14Implement strlcpy and strlcat [BZ #178]Florian Weimer
These functions are about to be added to POSIX, under Austin Group issue 986. The fortified strlcat implementation does not raise SIGABRT if the destination buffer does not contain a null terminator, it just inherits the non-failing regular strlcat behavior. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-04hurd: Fix x86_64 sigreturn restoring bogus reply_portSergey Bugaev
Since the area of the user's stack we use for the registers dump (and otherwise as __sigreturn2's stack) can and does overlap the sigcontext, we have to be very careful about the order of loads and stores that we do. In particular we have to load sc_reply_port before we start clobbering the sigcontext. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
2023-06-02Fix a few more typos I missed in previous round -- BZ 25337Paul Pluzhnikov
2023-05-30Fix misspellings in sysdeps/ -- BZ 25337Paul Pluzhnikov
2023-05-28hurd: Fix setting up signal thread stack alignmentSamuel Thibault
x86_64 needs special alignment when calling functions, so we have to use MACHINE_THREAD_STATE_SETUP_CALL for the signal thread when forking.
2023-05-23mach: Fix accessing mach_i386.hSamuel Thibault
Fixes: 196358ae26aa ("mach: Fix installing mach_i386.h")
2023-05-23hurd: Fix making ld.so run static binaries with retrySamuel Thibault
We need O_EXEC for __rtld_execve
2023-05-20hurd: Use __hurd_fail () instead of assigning errnoSergey Bugaev
The __hurd_fail () inline function is the dedicated, idiomatic way of reporting errors in the Hurd part of glibc. Not only is it more concise than '{ errno = err; return -1; }', it is since commit 6639cc10029e24e06b34e169712b21c31b8cf213 "hurd: Mark error functions as __COLD" marked with the cold attribute, telling the compiler that this codepath is unlikely to be executed. In one case, use __hurd_dfail () over the plain __hurd_fail (). Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230520115531.3911877-1-bugaevc@gmail.com>
2023-05-19hurd: Fix using interposable hurd_thread_selfSergey Bugaev
Create a private hidden __hurd_thread_self alias, and use that one. Fixes 2f8ecb58a59eb82c43214d000842d99644a662d1 "hurd: Fix x86_64 _hurd_tls_fork" and c7fcce38c83a2bb665ef5dc4981bf20c7e586123 "hurd: Make sure to not use tcb->self" Reported-by: Joseph Myers <joseph@codesourcery.com> Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
2023-05-19hurd: Fix __TIMESIZE on x86_64Sergey Bugaev
We had sizeof (time_t) == 8, but __TIMESIZE == 32. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230519171516.3698754-1-bugaevc@gmail.com>
2023-05-19hurd: Fix expected c++ typesSamuel Thibault
90604f670c10 ("hurd 64bit: Add data for check-c++-types") actually added the 32bit version. This fixes it into a 64bit version.
2023-05-17hurd: Also make it possible to call strlen very earlySergey Bugaev
strlen, which is another ifunc-selected function, is invoked during early static executable startup if the argv arrives from the exec server. Make it not crash. Checked on x86_64-gnu: statically linked executables launched after the exec server is up now start up successfully. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230517191436.73636-10-bugaevc@gmail.com>
2023-05-17hurd: Fix setting up pthreadsSergey Bugaev
On x86_64, we have to pass function arguments in registers, not on the stack. We also have to align the stack pointer in a specific way. Since sharing the logic with i386 does not bring much benefit, split the file back into i386- and x86_64-specific versions, and fix the x86_64 version to set up the thread properly. Bonus: i386 keeps doing the extra RPC inside __thread_set_pcsptp to fetch the state of the thread before setting it; but x86_64 no lnoger does that. Checked on x86_64-gnu and i686-gnu. Fixes be6d002ca277ffc90058d382396150cb0e785b9c "hurd: Set up the basic tree for x86_64-gnu" Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230517191436.73636-9-bugaevc@gmail.com>
2023-05-17hurd: Fix x86_64 _hurd_tls_forkSergey Bugaev
It is illegal to call thread_get_state () on mach_thread_self (), so this codepath cannot be used as-is to fork the calling thread's TLS. Fortunately we can use THREAD_SELF (aka %fs:0x0) to find out the value of our fs_base without calling into the kernel. Fixes: f6cf701efc61c9ad910372bda14b9a235db310a8 "hurd: Implement TLS for x86_64" Checked on x86_64-gnu: fork () now works! Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230517191436.73636-8-bugaevc@gmail.com>
2023-05-17hurd: Make sure to not use tcb->selfSergey Bugaev
Unlike sigstate->thread, tcb->self did not hold a Mach port reference on the thread port it names. This means that the port can be deallocated, and the name reused for something else, without anyone noticing. Using tcb->self will then lead to port use-after-free. Fortunately nothing was accessing tcb->self, other than it being intially set to then-valid thread port name upon TCB initialization. To assert that this keeps being the case without altering TCB layout, rename self -> self_do_not_use, and stop initializing it. Also, do not (re-)allocate a whole separate and unused stack for the main thread, and just exit __pthread_setup early in this case. Found upon attempting to use tcb->self and getting unexpected crashes. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230517191436.73636-7-bugaevc@gmail.com>
2023-05-17hurd: Use __mach_setup_thread_call ()Sergey Bugaev
...instead of mach_setup_thread (), which is unsuitable for setting up function calls. Checked on x86_64-gnu: the signal thread no longer crashes upon trying to process a message. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230517191436.73636-6-bugaevc@gmail.com>
2023-05-16hurd: Fix computing user stack pointerSergey Bugaev
Fixes b574ae0a2876ee94e4fe617f878407bf818c2df0 "hurd: Implement sigreturn for x86_64" Checked on x86_64-gnu. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230515083323.1358039-5-bugaevc@gmail.com>
2023-05-16hurd: Fix sc_i386_thread_state layoutSergey Bugaev
The real i386_thread_state Mach structure has an alignment of 8 on x86_64. However, in struct sigcontext, the compiler was packing sc_gs (which is the first member of sc_i386_thread_state) into the same 8-byte slot as sc_error; this resulted in the rest of sc_i386_thread_state members having wrong offsets relative to each other, and the overall sc_i386_thread_state layout mismatching that of i386_thread_state. Fix this by explicitly adding the required padding members, and statically asserting that this results in the desired alignment. The same goes for sc_i386_float_state. Checked on x86_64-gnu. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230515083323.1358039-4-bugaevc@gmail.com>
2023-05-16hurd: Align signal stack pointer after allocating stackframeSergey Bugaev
sizeof (*stackframe) appears to be divisible by 16, but we should not rely on that. So make sure to leave enough space for the stackframe first, and then align the final pointer at 16 bytes. Checked on x86_64-gnu. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230515083323.1358039-3-bugaevc@gmail.com>
2023-05-16hurd: Fix aligning signal stack pointerSergey Bugaev
Fixes 60f9bf974694d50daf58d46347b06a5975ac5ddd "hurd: Port trampoline.c to x86_64" Checked on x86_64-gnu. Reported-by: Bruno Haible <bruno@clisp.org> Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230515083323.1358039-2-bugaevc@gmail.com>
2023-05-11hurd: rule out some mach headers when generating errno.hSamuel Thibault
While mach/kern_return.h happens to pull mach/machine/kern_return.h, mach/machine/boolean.h, and mach/machine/vm_types.h (and realpath-ing them exposes the machine-specific machine symlink content), those headers do not actually define anything machine-specific for the content of errno.h. So we can just rule out these machine-specific from the dependency comment.
2023-05-06Update hurd/hurdselect.c to be more portable.Flavio Cruz
Summary of changes: - Use BAD_TYPECHECK to perform type checking in a cleaner way. BAD_TYPECHECK is moved into sysdeps/mach/rpc.h to avoid duplication. - Remove assertions for mach_msg_type_t since those won't work for x86_64. - Update message structs to use mach_msg_type_t directly. - Use designated initializers. Message-Id: <ZFa+roan3ioo0ONM@jupiter.tail36e24.ts.net>
2023-05-06hurd: Fix ld.so nameSamuel Thibault
This was set to ld-x86-64.so.1 in gcc.
2023-05-06hurd: Add ioperm symbol on x86_64Samuel Thibault
2023-05-05Update sysdeps/mach/hurd/ioctl.c to make it more portableFlavio Cruz
Summary of the changes: - Update msg_align to use ALIGN_UP like we have done in previous patches. Use it below whenever necessary to avoid repeating the same alignment logic. - Define BAD_TYPECHECK to make it easier to do type checking in a few places below. - Update io2mach_type to use designated initializers. - Make RetCodeType use mach_msg_type_t. mach_msg_type_t is 8 byte for x86_64, so this make it portable. - Also call msg_align for _IOT_COUNT2/_IOT_TYPE2 since it is more correct. Message-Id: <ZFMvVsuFKwIy2dUS@jupiter.tail36e24.ts.net>
2023-05-02hurd 64bit: Make dev_t word typeSamuel Thibault
dev_t are 64bit on Linux ports, so better increase their size on 64bit Hurd. It happens that this helps with BZ 23084 there: st_dev has type fsid_t (quad) and is specified by POSIX to have type dev_t. Making dev_t 64bit makes these match.
2023-05-01hurd 64bit: Fix struct msqid_ds and shmid_ds fieldsSamuel Thibault
The standards want msg_lspid/msg_lrpid/shm_cpid/shm_lpid to be pid_t, see BZ 23083 and 23085. We can leave them __rpc_pid_t on i386 for ABI compatibility, but avoid hitting the issue on 64bit.
2023-05-01hurd 64bit: Fix ipc_perm fields typesSamuel Thibault
The standards want uid/cuid to be uid_t, gid/cgid to be gid_t and mode to be mode_t, see BZ 23082. We can leave them short ints on i386 for ABI compatibility, but avoid hitting the issue on 64bit. bits/ipc.h ends up being exactly the same in sysdeps/gnu/ and sysdeps/unix/sysv/linux/, so remove the latter.
2023-05-01hurd 64bit: Fix flock fields typesSamuel Thibault
The standards want l_type and l_whence to be short ints, see BZ 23081. We can leave them ints on i386 for ABI compatibility, but avoid hitting the issue on 64bit.
2023-05-01hurd 64bit: Add data for check-c++-typesSamuel Thibault
2023-05-01hurd 64bit: Fix pthread_t/thread_t type to longSamuel Thibault
So that they can be trivially cast to pointer type, like with nptl.
2023-05-01hurd 64bit: Add missing data file for check-localplt testSamuel Thibault
2023-05-01hurd 64bit: Add missing libanlSamuel Thibault
The move of libanl to libc was in glibc 2.34 for nptl only.
2023-05-01hurd: Also XFAIL missing SA_NOCLDWAIT on 64bitSamuel Thibault
2023-05-01hurd: Add expected abilist files for x86_64Sergey Bugaev
These were created by creating stub files, running 'make update-abi', and reviewing the results. Also, set baseline ABI to GLIBC_2.38, the (upcoming) first glibc release to first have x86_64-gnu support. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
2023-05-01hurd: Replace reply port with a dead name on failed interruptionSergey Bugaev
If we're trying to interrupt an interruptible RPC, but the server fails to respond to our __interrupt_operation () call, we instead destroy the reply port we were expecting the reply to the RPC on. Instead of deallocating the name completely, replace it with a dead name, so the name won't get reused for some other right, and deallocate it in _hurd_intr_rpc_mach_msg once we return from the signal handler. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230429201822.2605207-4-bugaevc@gmail.com>
2023-05-01hurd: Make it possible to call memcpy very earlySergey Bugaev
Normally, in static builds, the first code that runs is _start, in e.g. sysdeps/x86_64/start.S, which quickly calls __libc_start_main, passing it the argv etc. Among the first things __libc_start_main does is initializing the tunables (based on env), then CPU features, and then calls _dl_relocate_static_pie (). Specifically, this runs ifunc resolvers to pick, based on the CPU features discovered earlier, the most suitable implementation of "string" functions such as memcpy. Before that point, calling memcpy (or other ifunc-resolved functions) will not work. In the Hurd port, things are more complex. In order to get argv/env for our process, glibc normally needs to do an RPC to the exec server, unless our args/env are already located on the stack (which is what happens to bootstrap processes spawned by GNU Mach). Fetching our argv/env from the exec server has to be done before the call to __libc_start_main, since we need to know what our argv/env are to pass them to __libc_start_main. On the other hand, the implementation of the RPC (and other initial setup needed on the Hurd before __libc_start_main can be run) is not very trivial. In particular, it may (and on x86_64, will) use memcpy. But as described above, calling memcpy before __libc_start_main can not work, since the GOT entry for it is not yet initialized at that point. Work around this by pre-filling the GOT entry with the baseline version of memcpy, __memcpy_sse2_unaligned. This makes it possible for early calls to memcpy to just work. The initial value of the GOT entry is unused on x86_64, and changing it won't interfere with the relocation being performed later: once _dl_relocate_static_pie () is called, the baseline version will get replaced with the most suitable one, and that is what subsequent calls of memcpy are going to call. Checked on x86_64-gnu. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230429201822.2605207-6-bugaevc@gmail.com>
2023-05-01hurd: Implement longjmp for x86_64Sergey Bugaev
Checked on x86_64-gnu. [samuel.thibault@ens-lyon.org: Restored same comments as on i386] Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230429201822.2605207-3-bugaevc@gmail.com>
2023-05-01hurd: Implement sigreturn for x86_64Sergey Bugaev
Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230429201822.2605207-2-bugaevc@gmail.com>
2023-04-29hurd: Make _exit work during early boot-upSergey Bugaev
If any of the early boot-up tasks calls exit () or returns from main (), terminate it properly instead of crashing on trying to dereference _hurd_ports and getting forcibly terminated by the kernel. We sadly cannot make the __USEPORT macro do the check for _hurd_ports being unset, because it evaluates to the value of the expression provided as the second argument, and that can be of any type; so there is no single suitable fallback value for the macro to evaluate to in case _hurd_ports is unset. Instead, each use site that wants to care for this case will have to do its own checking. Checked on x86_64-gnu. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230429131354.2507443-4-bugaevc@gmail.com>
2023-04-27Fix Hurd getcwd build with GCC >= 13Joseph Myers
The build of glibc for i686-gnu has been failing for a while with GCC mainline / GCC 13: ../sysdeps/mach/hurd/getcwd.c: In function '__hurd_canonicalize_directory_name_internal': ../sysdeps/mach/hurd/getcwd.c:242:48: error: pointer 'file_name' may be used after 'realloc' [-Werror=use-after-free] 242 | file_namep = &buf[file_namep - file_name + size / 2]; | ~~~~~~~~~~~^~~~~~~~~~~ ../sysdeps/mach/hurd/getcwd.c:236:25: note: call to 'realloc' here 236 | buf = realloc (file_name, size); | ^~~~~~~~~~~~~~~~~~~~~~~~~ Fix by doing the subtraction before the reallocation. Tested with build-many-glibcs.py for i686-gnu. [samuel.thibault@ens-lyon.rg: Removed mention of this being a bug] Message-Id: <18587337-7815-4056-ebd0-724df262d591@codesourcery.com>
2023-04-26Regenerate sysdeps/mach/hurd/bits/errno.hJoseph Myers
This file was out of date, as shown by build-many-glibcs.py runs resulting in a modified source directory.
2023-04-25hurd: Do not take any flag from the CMSG_DATASamuel Thibault
As fixed in 0822e3552a78 ("hurd: Don't pass FD_CLOEXEC in CMSG_DATA"), senders currently don't have any flag to pass. We shouldn't blindly take random flags that senders could be erroneously giving us.
2023-04-24hurd: Implement MSG_CMSG_CLOEXECSergey Bugaev
This is a new flag that can be passed to recvmsg () to make it atomically set the CLOEXEC flag on all the file descriptors received using the SCM_RIGHTS mechanism. This is useful for all the same reasons that the other XXX_CLOEXEC flags are useful: namely, it provides atomicity with respect to another thread of the same process calling (fork and then) exec at the same time. This flag is already supported on Linux and FreeBSD. The flag's value, 0x40000, is choosen to match FreeBSD's. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230423160548.126576-2-bugaevc@gmail.com>
2023-04-24hurd: Don't pass FD_CLOEXEC in CMSG_DATASamuel Thibault
The flags are used by _hurd_intern_fd, which takes O_* flags, not FD_*. Also, it is of no concern to the receiving process whether or not the sender process wants to close its copy of sent file descriptor upon exec, and it should not influence whether or not the received file descriptor gets the FD_CLOEXEC flag set in the receiving process. The latter should in fact be dependent on the MSG_CMSG_CLOEXEC flag being passed to the recvmsg () call, which is going to be implemented in the following commit. Fixes 344e755248ce02c0f8d095d11cc49e340703d926 "hurd: Support sending file descriptors over Unix sockets" Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
2023-04-24hurd: Implement prefer_map_32bit_exec tunableSergey Bugaev
This makes the prefer_map_32bit_exec tunable no longer Linux-specific. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230423215526.346009-4-bugaevc@gmail.com>