Sync from SUSE:SLFO:Main glibc revision e047c8446074aefab836e019a5f41fc1

This commit is contained in:
Adrian Schröter 2024-08-02 15:25:34 +02:00
parent 212e12e8ba
commit 087bf6cd2e
4 changed files with 147 additions and 38 deletions

View File

@ -1,8 +1,33 @@
-------------------------------------------------------------------
Thu Jul 18 08:31:37 UTC 2024 - Andreas Schwab <schwab@suse.de>
- s390x-wcsncmp.patch: s390x: Fix segfault in wcsncmp (bsc#1228041, BZ
#31934)
-------------------------------------------------------------------
Wed May 29 10:41:20 UTC 2024 - Andreas Schwab <schwab@suse.de>
- Fix typo in last change
-------------------------------------------------------------------
Thu May 23 11:31:34 UTC 2024 - Andreas Schwab <schwab@suse.de>
- Also include stat64 in the 32-bit libc_nonshared.a workaround
(bsc#1221482)
-------------------------------------------------------------------
Wed May 8 14:06:39 UTC 2024 - Giuliano Belinassi <giuliano.belinassi@suse.com>
- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
for _start routine (bsc#1221940)
-------------------------------------------------------------------
Tue May 7 10:32:54 UTC 2024 - Andreas Schwab <schwab@suse.de>
- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
addgetnetgrentX (CVE-2024-33602, bsc#1223425)
- Also add libc_nonshared.a workaround to 32-bit x86 compat package
(bsc#1221482)
-------------------------------------------------------------------
Wed May 1 23:50:51 UTC 2024 - Giuliano Belinassi <giuliano.belinassi@suse.com>
@ -26,6 +51,12 @@ Thu Apr 18 08:22:48 UTC 2024 - Andreas Schwab <schwab@suse.de>
- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
writes when writing escape sequence (CVE-2024-2961, bsc#1222992)
-------------------------------------------------------------------
Wed Apr 3 15:54:02 UTC 2024 - Andreas Schwab <schwab@suse.de>
- Add workaround for invalid use of libc_nonshared.a with non-SUSE libc
(bsc#1221482)
-------------------------------------------------------------------
Thu Mar 21 13:22:51 UTC 2024 - Andreas Schwab <schwab@suse.de>

View File

@ -359,6 +359,8 @@ Patch1030: glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch
Patch1031: glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch
# PATCH-FIX-UPSTREAM nscd: Use time_t for return type of addgetnetgrentX (CVE-2024-33602)
Patch1032: nscd-netgroup-cache-timeout.patch
# PATCH-FIX-UPSTREAM s390x: Fix segfault in wcsncmp (BZ #31934)
Patch1033: s390x-wcsncmp.patch
###
# Patches awaiting upstream approval
@ -767,40 +769,31 @@ echo 'CFLAGS-.os += -fdump-ipa-clones' \
make %{?_smp_mflags} %{?make_output_sync}
%ifarch x86_64
%if %{build_main} && 0%{?sle_version}
%ifarch x86_64 i686
# Horrible workaround for bsc#1221482
gcc -O2 -xc - -c -o stat.oS <<\EOF
#define _STAT_VER 1
int __xstat (int, const char *, void *);
xstatbuild ()
{
gcc -O2 -I ../sysdeps/unix/sysv/linux/x86 -xc - -c -o $1stat$2.oS <<EOF
#include <xstatver.h>
int __$1xstat$2 (int, $3, void *);
int
stat (const char *file, void *buf)
$1stat$2 ($3 file, void *buf)
{
return __xstat (_STAT_VER, file, buf);
return __$1xstat$2 (_STAT_VER, file, buf);
}
EOF
gcc -O2 -xc - -c -o fstat.oS <<\EOF
#define _STAT_VER 1
int __fxstat (int, int, void *);
int
fstat (int fd, void *buf)
{
return __fxstat (_STAT_VER, fd, buf);
ar r libc_nonshared.a $1stat$2.oS
}
EOF
gcc -O2 -xc - -c -o lstat.oS <<\EOF
#define _STAT_VER 1
int __lxstat (int, const char *, void *);
int
lstat (const char *file, void *buf)
{
return __lxstat (_STAT_VER, file, buf);
}
EOF
ar r libc_nonshared.a stat.oS fstat.oS lstat.oS
xstatbuild "" "" "const char *"
xstatbuild f "" int
xstatbuild l "" "const char *"
%ifarch i686
xstatbuild "" 64 "const char *"
xstatbuild f 64 int
xstatbuild l 64 "const char *"
%endif
%endif
%endif

58
s390x-wcsncmp.patch Normal file
View File

@ -0,0 +1,58 @@
From 712453634c8efd71a9b3ff0122145a9e90e9955c Mon Sep 17 00:00:00 2001
From: Stefan Liebler <stli@linux.ibm.com>
Date: Thu, 11 Jul 2024 11:28:53 +0200
Subject: [PATCH] s390x: Fix segfault in wcsncmp [BZ #31934]
The z13/vector-optimized wcsncmp implementation segfaults if n=1
and there is only one character (equal on both strings) before
the page end. Then it loads and compares one character and misses
to check n again. The following load fails.
This patch removes the extra load and compare of the first character
and just start with the loop which uses vector-load-to-block-boundary.
This code-path also checks n.
With this patch both tests are passing:
- the simplified one mentioned in the bugzilla 31934
- the full one in Florian Weimer's patch:
"manual: Document a GNU extension for strncmp/wcsncmp"
(https://patchwork.sourceware.org/project/glibc/patch/874j9eml6y.fsf@oldenburg.str.redhat.com/):
On s390x-linux-gnu (z16), the new wcsncmp test fails due to bug 31934.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 9b7651410375ec8848a1944992d663d514db4ba7)
---
sysdeps/s390/wcsncmp-vx.S | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/sysdeps/s390/wcsncmp-vx.S b/sysdeps/s390/wcsncmp-vx.S
index 1bf769b870..4028d1e624 100644
--- a/sysdeps/s390/wcsncmp-vx.S
+++ b/sysdeps/s390/wcsncmp-vx.S
@@ -59,14 +59,7 @@ ENTRY(WCSNCMP_Z13)
sllg %r4,%r4,2 /* Convert character-count to byte-count. */
locgrne %r4,%r1 /* Use max byte-count, if bit 0/1 was one. */
- /* Check first character without vector load. */
- lghi %r5,4 /* current_len = 4 bytes. */
- /* Check s1/2[0]. */
- lt %r0,0(%r2)
- l %r1,0(%r3)
- je .Lend_cmp_one_char
- crjne %r0,%r1,.Lend_cmp_one_char
-
+ lghi %r5,0 /* current_len = 0 bytes. */
.Lloop:
vlbb %v17,0(%r5,%r3),6 /* Load s2 to block boundary. */
vlbb %v16,0(%r5,%r2),6 /* Load s1 to block boundary. */
@@ -167,7 +160,6 @@ ENTRY(WCSNCMP_Z13)
srl %r4,2 /* And convert it to character-index. */
vlgvf %r0,%v16,0(%r4) /* Load character-values. */
vlgvf %r1,%v17,0(%r4)
-.Lend_cmp_one_char:
cr %r0,%r1
je .Lend_equal
lghi %r2,1
--
2.45.2

View File

@ -153,19 +153,19 @@ index 0b3483a77a..329c16306e 100644
+/* For 32-bit glibc then define those macros as empty. */
+#ifndef ULP_PRE_PROLOGUE
+# define ULP_PRE_PROLOGUE
+# define ULP_PRE_PROLOGUE(name)
+#endif
+#ifndef ULP_POST_PROLOGUE
+# define ULP_POST_PROLOGUE
+# define ULP_POST_PROLOGUE(name)
+#endif
+
+/* Define the first instructions of a function. */
+#define FUNCTION_START(name) \
+ ULP_PRE_PROLOGUE; \
+ ULP_PRE_PROLOGUE(name); \
+ C_LABEL(name); \
+ cfi_startproc; \
+ _CET_ENDBR; \
+ ULP_POST_PROLOGUE; \
+ ULP_POST_PROLOGUE(name); \
+ CALL_MCOUNT;
+
/* Define an entry point visible from C. */
@ -230,10 +230,10 @@ index cbb22884eb..327377daa6 100644
/*
* This implementation uses SSE to compare up to 16 bytes at a time.
diff --git a/sysdeps/x86_64/sysdep.h b/sysdeps/x86_64/sysdep.h
index 6ca169573d..c18f0ef914 100644
index c8ad778fee..59c278eb58 100644
--- a/sysdeps/x86_64/sysdep.h
+++ b/sysdeps/x86_64/sysdep.h
@@ -24,6 +24,19 @@
@@ -23,6 +23,46 @@
#ifdef __ASSEMBLER__
@ -242,12 +242,39 @@ index 6ca169573d..c18f0ef914 100644
+ written in ASM, the way we do this is by adding this prologue manually. */
+
+#if ENABLE_USERSPACE_LIVEPATCH
+# undef ULP_PRE_PROLOGUE
+# undef ULP_POST_PROLOGUE
+# define ULP_PRE_PROLOGUE \
+ .rept 14; nop; .endr
+# define ULP_POST_PROLOGUE \
+ xchg %ax, %ax
+
+/* Instructions to be inserted before the function label. */
+# define ULP_NOPS_PRE_PROLOGUE .rept 14; nop; .endr
+
+/* Instruction to be inserted after the function label. */
+# define ULP_NOPS_POST_PROLOGUE .rept 2; nop; .endr
+
+
+/* this macro expands according to the following condition:
+ * if name = _start, then the prologue is not inserted.
+ * if name = _dl_relocate_static_pie, then the prologue is not inserted.
+ * if name = anything else, then the prologue is inserted.
+ **/
+# define __ULP_POST_PROLOGUE_dl_relocate_static_pie ,
+# define __ULP_PRE_PROLOGUE_start ,
+# define __ULP_PRE_PROLOGUE(x, y,...) y
+# define _ULP_PRE_PROLOGUE(x, ...) __ULP_PRE_PROLOGUE(x, __VA_ARGS__)
+# define ULP_PRE_PROLOGUE(name) _ULP_PRE_PROLOGUE(__ULP_PRE_PROLOGUE##name, ULP_NOPS_PRE_PROLOGUE,)
+
+/* this macro expands according to the following condition:
+ * if name = _start, then the postlogue is not inserted.
+ * if name = _dl_relocate_static_pie, then the postlogue is not inserted.
+ * if name = anything else, then the postlogue is inserted.
+ **/
+# define __ULP_POST_PROLOGUE_dl_relocate_static_pie ,
+# define __ULP_POST_PROLOGUE_start ,
+# define __ULP_POST_PROLOGUE(x, y,...) y
+# define _ULP_POST_PROLOGUE(x, ...) __ULP_POST_PROLOGUE(x, __VA_ARGS__)
+# define ULP_POST_PROLOGUE(name) _ULP_POST_PROLOGUE(__ULP_POST_PROLOGUE##name, ULP_NOPS_POST_PROLOGUE,)
+
+#else
+# define ULP_PRE_PROLOGUE(name)
+# define ULP_POST_PROLOGUE(name)
+#endif
+
/* Syntactic details of assembler. */