rpm/glibc
SHA256
1
0
Fork 0
forked from pool/glibc
Code Pull Requests Activity

Accepting request 1190421 from Base:System

Browse Source 
- Update to glibc 2.40
  * The <stdbit.h> header type-generic macros have been changed when using
    GCC 14.1 or later to use __builtin_stdc_bit_ceil etc. built-in functions
  * The GNU C Library now supports a feature test macro _ISOC23_SOURCE to
    enable features from the ISO C23 standard
  * The ISO C23 function families introduced in TS
    18661-4:2015 are now supported in <math.h>
  * A new tunable, glibc.rtld.enable_secure, can be used to run a program
    as if it were a setuid process
  * On Linux, the epoll header was updated to include epoll ioctl definitions
    and the related structure added in Linux kernel 6.9
  * The fortify functionality has been significantly enhanced for building
    programs with clang against the GNU C Library
  * Many functions have been added to the vector library for aarch64
  * On x86, memset can now use non-temporal stores to improve the performance
    of large writes
  * Architectures which use a 32-bit seconds-since-epoch field in struct
    lastlog, struct utmp, struct utmpx (such as i386, powerpc64le, rv32,
    rv64, x86-64) switched from a signed to an unsigned type for that
    field
  * __rseq_size now denotes the size of the active rseq area (20 bytes
    initially), not the size of struct rseq (32 bytes initially).
- arm-dl-start-user.patch, duplocale-global-locale.patch,
  elf-parse-tunables.patch,
  glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch,
  glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch,
  glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch,
  glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch,
  iconv-iso-2022-cn-ext.patch, nscd-netgroup-cache-timeout.patch,
  s390-clone-error-clobber-r7.patch, sigisemptyset.patch, (forwarded request 1190420 from Andreas_Schwab)

OBS-URL: https://build.opensuse.org/request/show/1190421
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/glibc?expand=0&rev=294
This commit is contained in:
Dominique Leuenberger 2024-08-09 14:13:50 +00:00 committed by Git OBS Bridge
commit 2c4b2b4ac1
21 changed files with 191 additions and 3295 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
arm-dl-start-user.patch
View File

@ -1,40 +0,0 @@
From 63295e4fda1f6dab4bf7442706fe303bf283036c Mon Sep 17 00:00:00 2001
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date: Mon, 5 Feb 2024 16:10:24 +0000
Subject: [PATCH] arm: Remove wrong ldr from _dl_start_user (BZ 31339)
The commit 49d877a80b29d3002887b084eec6676d9f5fec18 (arm: Remove
_dl_skip_args usage) removed the _SKIP_ARGS literal, which was
previously loader to r4 on loader _start. However, the cleanup did not
remove the following 'ldr r4, [sl, r4]' on _dl_start_user, used to check
to skip the arguments after ld self-relocations.
In my testing, the kernel initially set r4 to 0, which makes the
ldr instruction just read the _GLOBAL_OFFSET_TABLE_. However, since r4
is a callee-saved register; a different runtime might not zero
initialize it and thus trigger an invalid memory access.
Checked on arm-linux-gnu.
Reported-by: Adrian Ratiu <adrian.ratiu@collabora.com>
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
(cherry picked from commit 1e25112dc0cb2515d27d8d178b1ecce778a9d37a)
---
sysdeps/arm/dl-machine.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/sysdeps/arm/dl-machine.h b/sysdeps/arm/dl-machine.h
index b857bbc868..dd1a0f6b6e 100644
--- a/sysdeps/arm/dl-machine.h
+++ b/sysdeps/arm/dl-machine.h
@@ -139,7 +139,6 @@ _start:\n\
_dl_start_user:\n\
adr r6, .L_GET_GOT\n\
add sl, sl, r6\n\
- ldr r4, [sl, r4]\n\
@ save the entry point in another register\n\
mov r6, r0\n\
@ get the original arg count\n\
--
2.43.0

57
duplocale-global-locale.patch
View File

@ -1,57 +0,0 @@
From 513331b788a3fa633f1d0417d43915e16a0c88f0 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Wed, 6 Mar 2024 12:59:47 +0100
Subject: [PATCH] duplocale: protect use of global locale (bug 23970)
Protect the global locale from being modified while we compute the size of
the locale category names. That allows the use of the global locale in a
single thread, while all other threads use the thread safe locale
functions.
---
locale/duplocale.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/locale/duplocale.c b/locale/duplocale.c
index a755ac5c36..bad476700f 100644
--- a/locale/duplocale.c
+++ b/locale/duplocale.c
@@ -43,6 +43,11 @@ __duplocale (locale_t dataset)
int cnt;
size_t names_len = 0;
+ /* If dataset points to _nl_global_locale, we need to prevent other
+ threads from modifying it. We also modify global data below (the
+ usage counts). */
+ __libc_rwlock_wrlock (__libc_setlocale_lock);
+
/* Calculate the total space we need to store all the names. */
for (cnt = 0; cnt < __LC_LAST; ++cnt)
if (cnt != LC_ALL && dataset->__names[cnt] != _nl_C_name)
@@ -55,9 +60,6 @@ __duplocale (locale_t dataset)
{
char *namep = (char *) (result + 1);
- /* We modify global data (the usage counts). */
- __libc_rwlock_wrlock (__libc_setlocale_lock);
-
for (cnt = 0; cnt < __LC_LAST; ++cnt)
if (cnt != LC_ALL)
{
@@ -78,11 +80,11 @@ __duplocale (locale_t dataset)
result->__ctype_b = dataset->__ctype_b;
result->__ctype_tolower = dataset->__ctype_tolower;
result->__ctype_toupper = dataset->__ctype_toupper;
-
- /* It's done. */
- __libc_rwlock_unlock (__libc_setlocale_lock);
}
+ /* It's done. */
+ __libc_rwlock_unlock (__libc_setlocale_lock);
+
return result;
}
weak_alias (__duplocale, duplocale)
--
2.44.0

215
elf-parse-tunables.patch
View File

@ -1,215 +0,0 @@
From 71149c2a2e85a8233631cc816030d449f021bb2a Mon Sep 17 00:00:00 2001
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date: Mon, 6 May 2024 13:18:45 -0300
Subject: [PATCH] elf: Only process multiple tunable once (BZ 31686)
The 680c597e9c3 commit made loader reject ill-formatted strings by
first tracking all set tunables and then applying them. However, it does
not take into consideration if the same tunable is set multiple times,
where parse_tunables_string appends the found tunable without checking
if it was already in the list. It leads to a stack-based buffer overflow
if the tunable is specified more than the total number of tunables. For
instance:
GLIBC_TUNABLES=glibc.malloc.check=2:... (repeat over the number of
total support for different tunable).
Instead, use the index of the tunable list to get the expected tunable
entry. Since now the initial list is zero-initialized, the compiler
might emit an extra memset and this requires some minor adjustment
on some ports.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Reported-by: Yuto Maeda <maeda@cyberdefense.jp>
Reported-by: Yutaro Shimizu <shimizu@cyberdefense.jp>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit bcae44ea8536b30a7119c0986ff5692bddacb672)
---
elf/dl-tunables.c | 28 ++++++----
elf/tst-tunables.c | 61 +++++++++++++++++++++-
sysdeps/aarch64/multiarch/memset_generic.S | 4 ++
sysdeps/sparc/sparc64/rtld-memset.c | 3 ++
4 files changed, 84 insertions(+), 12 deletions(-)
diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
index 03e1a68675..614ac9c047 100644
--- a/elf/dl-tunables.c
+++ b/elf/dl-tunables.c
@@ -32,6 +32,7 @@
#include <ldsodefs.h>
#include <array_length.h>
#include <dl-minimal-malloc.h>
+#include <dl-symbol-redir-ifunc.h>
#define TUNABLES_INTERNAL 1
#include "dl-tunables.h"
@@ -223,6 +224,7 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables)
{
tunables[ntunables++] =
(struct tunable_toset_t) { cur, value, p - value };
+
break;
}
}
@@ -234,23 +236,27 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables)
static void
parse_tunables (const char *valstring)
{
- struct tunable_toset_t tunables[tunables_list_size];
- int ntunables = parse_tunables_string (valstring, tunables);
- if (ntunables == -1)
+ struct tunable_toset_t tunables[tunables_list_size] = { 0 };
+ if (parse_tunables_string (valstring, tunables) == -1)
{
_dl_error_printf (
"WARNING: ld.so: invalid GLIBC_TUNABLES `%s': ignored.\n", valstring);
return;
}
- for (int i = 0; i < ntunables; i++)
- if (!tunable_initialize (tunables[i].t, tunables[i].value,
- tunables[i].len))
- _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' "
- "for option `%s': ignored.\n",
- (int) tunables[i].len,
- tunables[i].value,
- tunables[i].t->name);
+ for (int i = 0; i < tunables_list_size; i++)
+ {
+ if (tunables[i].t == NULL)
+ continue;
+
+ if (!tunable_initialize (tunables[i].t, tunables[i].value,
+ tunables[i].len))
+ _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' "
+ "for option `%s': ignored.\n",
+ (int) tunables[i].len,
+ tunables[i].value,
+ tunables[i].t->name);
+ }
}
/* Initialize the tunables list from the environment. For now we only use the
diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c
index 095b5c81d9..dff34ed748 100644
--- a/elf/tst-tunables.c
+++ b/elf/tst-tunables.c
@@ -17,6 +17,10 @@
<https://www.gnu.org/licenses/>. */
#include <array_length.h>
+/* The test uses the tunable_list size, which is only exported for
+ ld.so. This will result in a copy of tunable_list, which is ununsed by
+ the test itself. */
+#define TUNABLES_INTERNAL 1
#include <dl-tunables.h>
#include <getopt.h>
#include <intprops.h>
@@ -24,12 +28,13 @@
#include <stdlib.h>
#include <support/capture_subprocess.h>
#include <support/check.h>
+#include <support/support.h>
static int restart;
#define CMDLINE_OPTIONS \
{ "restart", no_argument, &restart, 1 },
-static const struct test_t
+static struct test_t
{
const char *name;
const char *value;
@@ -284,6 +289,29 @@ static const struct test_t
0,
0,
},
+ /* Also check for repeated tunables with a count larger than the total number
+ of tunables. */
+ {
+ "GLIBC_TUNABLES",
+ NULL,
+ 2,
+ 0,
+ 0,
+ },
+ {
+ "GLIBC_TUNABLES",
+ NULL,
+ 1,
+ 0,
+ 0,
+ },
+ {
+ "GLIBC_TUNABLES",
+ NULL,
+ 0,
+ 0,
+ 0,
+ },
};
static int
@@ -327,6 +355,37 @@ do_test (int argc, char *argv[])
spargv[i] = NULL;
}
+ /* Create a tunable line with the duplicate values with a total number
+ larger than the different number of tunables. */
+ {
+ enum { tunables_list_size = array_length (tunable_list) };
+ const char *value = "";
+ for (int i = 0; i < tunables_list_size; i++)
+ value = xasprintf ("%sglibc.malloc.check=2%c",
+ value,
+ i == (tunables_list_size - 1) ? '\0' : ':');
+ tests[33].value = value;
+ }
+ /* Same as before, but the last tunable values is differen than the
+ rest. */
+ {
+ enum { tunables_list_size = array_length (tunable_list) };
+ const char *value = "";
+ for (int i = 0; i < tunables_list_size - 1; i++)
+ value = xasprintf ("%sglibc.malloc.check=2:", value);
+ value = xasprintf ("%sglibc.malloc.check=1", value);
+ tests[34].value = value;
+ }
+ /* Same as before, but with an invalid last entry. */
+ {
+ enum { tunables_list_size = array_length (tunable_list) };
+ const char *value = "";
+ for (int i = 0; i < tunables_list_size - 1; i++)
+ value = xasprintf ("%sglibc.malloc.check=2:", value);
+ value = xasprintf ("%sglibc.malloc.check=1=1", value);
+ tests[35].value = value;
+ }
+
for (int i = 0; i < array_length (tests); i++)
{
snprintf (nteststr, sizeof nteststr, "%d", i);
diff --git a/sysdeps/aarch64/multiarch/memset_generic.S b/sysdeps/aarch64/multiarch/memset_generic.S
index 81748bdbce..e125a5ed85 100644
--- a/sysdeps/aarch64/multiarch/memset_generic.S
+++ b/sysdeps/aarch64/multiarch/memset_generic.S
@@ -33,3 +33,7 @@
#endif
#include <../memset.S>
+
+#if IS_IN (rtld)
+strong_alias (memset, __memset_generic)
+#endif
diff --git a/sysdeps/sparc/sparc64/rtld-memset.c b/sysdeps/sparc/sparc64/rtld-memset.c
index 55f3835790..a19202a620 100644
--- a/sysdeps/sparc/sparc64/rtld-memset.c
+++ b/sysdeps/sparc/sparc64/rtld-memset.c
@@ -1 +1,4 @@
#include <string/memset.c>
+#if IS_IN(rtld)
+strong_alias (memset, __memset_ultra1)
+#endif
--
2.45.0

21
glibc-2.3.90-langpackdir.diff
View File

@ -1,24 +1,3 @@
Index: glibc-2.38/debug/strcpy_chk.c
===================================================================
--- glibc-2.38.orig/debug/strcpy_chk.c
+++ glibc-2.38/debug/strcpy_chk.c
@@ -31,3 +31,4 @@ __strcpy_chk (char *dest, const char *sr
return memcpy (dest, src, len + 1);
}
+libc_hidden_builtin_def (__strcpy_chk)
Index: glibc-2.38/include/string.h
===================================================================
--- glibc-2.38.orig/include/string.h
+++ glibc-2.38/include/string.h
@@ -213,6 +213,7 @@ libc_hidden_builtin_proto (__memcpy_chk)
libc_hidden_builtin_proto (__memmove_chk)
libc_hidden_builtin_proto (__mempcpy_chk)
libc_hidden_builtin_proto (__memset_chk)
+libc_hidden_builtin_proto (__strcpy_chk)
libc_hidden_builtin_proto (__stpcpy_chk)
libc_hidden_builtin_proto (__strncpy_chk)
Index: glibc-2.38/intl/loadmsgcat.c
===================================================================
--- glibc-2.38.orig/intl/loadmsgcat.c

3
glibc-2.39.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f77bd47cf8170c57365ae7bf86696c118adb3b120d3259c64c502d3dc1e2d926
size 18520988

16
glibc-2.39.tar.xz.sig
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEcnNUKzmWLfeymZMUFnkrTqJTQPgFAmW6xDIACgkQFnkrTqJT
QPgAAg/9FnW6kXC3eth/BhuzaEEjOmy8BiTSrEHVLWz9veRTuBBYavxH/XUKfLrg
dAFMnASU4DtDUFI2kFWGJIDLk8E/rUau8a0f5Skh4W3VSrc7MDvQhMMt1HggRIqE
O2G7fS6uKZokZElcvEKYrTnq7iwH25K1lvXUKAeaUnVQg6upGYnCe8vuZutuZR9x
OFkewctLM8Canc6wvW0V92Oy+6eZsDq08HCJenFklSh1wz9+MUzyivkv/b6fXK6E
lKGLxpPH7vzfKao6YJBrAHT5raFxdz3yUGzevfeBE9S8UrOYHhsoBRZsaQUWkyKU
A3Gn1ioTkxj8szfgHCrweN6A4Y4MlGgMeQbplQnrjQEfUTVo9N2zkQwWRsM4VGeF
RkbWwpIQg6zMi3BFfizHqAZZWjjWb0wu6mDWmnQBaQ97dN0DAuKJ7cDNmLe6+vOE
OkXRTses8Ta3npAxKjrWNm6WjcrYAzEYLGUT6hLBmZj+WulHmRDPEyuo8H3eihuL
JzJXc7X6O3HntgCqqGrC4yNGtjRF0r3FjZ9Zrv6snEzWHVBnDw/9C5Ss9aZ+VSxO
Uqo0nESWKHtz9UBS73yA/H1k1rMnQS9yeugMoqBil+cJD5xMZETNKFbUGwR8feQ4
O6w8uH1q70ZwtTVf3l6sbijMeORfcrS0WEErxm8IREmUbqPIMRw=
=uGia
-----END PGP SIGNATURE-----

3
glibc-2.40.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:19a890175e9263d748f627993de6f4b1af9cd21e03f080e4bfb3a1fac10205a2
size 18752204

16
glibc-2.40.tar.xz.sig Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEcnNUKzmWLfeymZMUFnkrTqJTQPgFAmaeSXIACgkQFnkrTqJT
QPhcfw/+LG5lo6bi7F8Kggp7rsxw1QpRsT76HUNdsoVZRbKvERYihexEQST8rNM/
BvzWv+eAxE8h1XcBdYk3qKtyvsggVogaxnsfRq1+5yonrI0FGDdQZEjDhYVBEPma
T1m8qmZywPingm37gT5RevQJP3vg2OBW9l5/nwGk9K33e+09RXCAyvZVrn7binTV
27VESY5/6X7uC2Ga1WnZG2omu3W5+vAsGWoFnCNjJHfqyW6agaGLbGNSBJnSABv+
mTy4v8S6zpRovWZOA2hi7FUVbtDyvyJrGZLnTNBA/DxqKiKc2ZQUljXy7Uv+piDt
H0bwNsrC0mcRxdqsA8FNUv/gIpHcuBaLjUz37bA6d0iwkvqf8YCJ47O6KbMuuDeu
DudKO+QIVTgs0ahUnbomW27Un46cvkM2JM7dU9Akt5Cja9hImOOn1cbotkaMfmsL
c3Hq+O3LYwI76p3HUwsjg3xjgoLZy24+46PaXRncrYImgTif6yGq4uVjWXnaFsLs
WtE16EU9fvU1zCBRbdcT6cI6TiNQvQdc8aBGxKs4oFTMROWiczfwKmcIrC6OROIJ
kW5V0nI5t3Sk8XSubUxj4dZhk6E1e58RhKm/5pcdOVzwbd3H9sb5q/BhlWB7M49M
i5n7p77a1YCjuhl/m43Q036uDCER7/JSbnekU6zsTYUDX/ZfWiA=
=hPC5
-----END PGP SIGNATURE-----

38
glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch
View File

@ -1,38 +0,0 @@
From 1263d583d2e28afb8be53f8d6922f0842036f35d Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 25 Apr 2024 15:00:45 +0200
Subject: [PATCH] CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup
cache (bug 31677)
Using alloca matches what other caches do. The request length is
bounded by MAXKEYLEN.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 87801a8fd06db1d654eea3e4f7626ff476a9bdaa)
---
nscd/netgroupcache.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index 0c6e46f15c..f227dc7fa2 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -502,12 +502,13 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
= (struct indataset *) mempool_alloc (db,
sizeof (*dataset) + req->key_len,
1);
- struct indataset dataset_mem;
bool cacheable = true;
if (__glibc_unlikely (dataset == NULL))
{
cacheable = false;
- dataset = &dataset_mem;
+ /* The alloca is safe because nscd_run_worker verfies that
+ key_len is not larger than MAXKEYLEN. */
+ dataset = alloca (sizeof (*dataset) + req->key_len);
}
datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len,
--
2.45.0

60
glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch
View File

@ -1,60 +0,0 @@
From c99f886de54446cd4447db6b44be93dabbdc2f8b Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 25 Apr 2024 15:01:07 +0200
Subject: [PATCH] CVE-2024-33600: nscd: Avoid null pointer crashes after
notfound response (bug 31678)
The addgetnetgrentX call in addinnetgrX may have failed to produce
a result, so the result variable in addinnetgrX can be NULL.
Use db->negtimeout as the fallback value if there is no result data;
the timeout is also overwritten below.
Also avoid sending a second not-found response. (The client
disconnects after receiving the first response, so the data stream did
not go out of sync even without this fix.) It is still beneficial to
add the negative response to the mapping, so that the client can get
it from there in the future, instead of going through the socket.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit b048a482f088e53144d26a61c390bed0210f49f2)
---
nscd/netgroupcache.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index c18fe111f3..e22ffa5884 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -511,14 +511,15 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len,
sizeof (innetgroup_response_header),
- he == NULL ? 0 : dh->nreloads + 1, result->head.ttl);
+ he == NULL ? 0 : dh->nreloads + 1,
+ result == NULL ? db->negtimeout : result->head.ttl);
/* Set the notfound status and timeout based on the result from
getnetgrent. */
- dataset->head.notfound = result->head.notfound;
+ dataset->head.notfound = result == NULL || result->head.notfound;
dataset->head.timeout = timeout;
dataset->resp.version = NSCD_VERSION;
- dataset->resp.found = result->resp.found;
+ dataset->resp.found = result != NULL && result->resp.found;
/* Until we find a matching entry the result is 0. */
dataset->resp.result = 0;
@@ -566,7 +567,9 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
goto out;
}
- if (he == NULL)
+ /* addgetnetgrentX may have already sent a notfound response. Do
+ not send another one. */
+ if (he == NULL && dataset->resp.found)
{
/* We write the dataset before inserting it to the database
since while inserting this thread might block and so would
--
2.45.0

59
glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch
View File

@ -1,59 +0,0 @@
From 5a508e0b508c8ad53bd0d2fb48fd71b242626341 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 25 Apr 2024 15:01:07 +0200
Subject: [PATCH] CVE-2024-33600: nscd: Do not send missing not-found response
in addgetnetgrentX (bug 31678)
If we failed to add a not-found response to the cache, the dataset
point can be null, resulting in a null pointer dereference.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit 7835b00dbce53c3c87bbbb1754a95fb5e58187aa)
---
nscd/netgroupcache.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index f227dc7fa2..c18fe111f3 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -147,7 +147,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
/* No such service. */
cacheable = do_notfound (db, fd, req, key, &dataset, &total, &timeout,
&key_copy);
- goto writeout;
+ goto maybe_cache_add;
}
memset (&data, '\0', sizeof (data));
@@ -348,7 +348,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
{
cacheable = do_notfound (db, fd, req, key, &dataset, &total, &timeout,
&key_copy);
- goto writeout;
+ goto maybe_cache_add;
}
total = buffilled;
@@ -410,14 +410,12 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
}
if (he == NULL && fd != -1)
- {
- /* We write the dataset before inserting it to the database
- since while inserting this thread might block and so would
- unnecessarily let the receiver wait. */
- writeout:
+ /* We write the dataset before inserting it to the database since
+ while inserting this thread might block and so would
+ unnecessarily let the receiver wait. */
writeall (fd, &dataset->resp, dataset->head.recsize);
- }
+ maybe_cache_add:
if (cacheable)
{
/* If necessary, we also propagate the data to disk. */
--
2.45.0

390
glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch
View File

@ -1,390 +0,0 @@
From a9a8d3eebb145779a18d90e3966009a1daa63cd8 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 25 Apr 2024 15:01:07 +0200
Subject: [PATCH] CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two
buffers in addgetnetgrentX (bug 31680)
This avoids potential memory corruption when the underlying NSS
callback function does not use the buffer space to store all strings
(e.g., for constant strings).
Instead of custom buffer management, two scratch buffers are used.
This increases stack usage somewhat.
Scratch buffer allocation failure is handled by return -1
(an invalid timeout value) instead of terminating the process.
This fixes bug 31679.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit c04a21e050d64a1193a6daab872bca2528bda44b)
---
nscd/netgroupcache.c | 219 ++++++++++++++++++++++++-------------------
1 file changed, 121 insertions(+), 98 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index e22ffa5884..e8fe041846 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -23,6 +23,7 @@
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
+#include <scratch_buffer.h>
#include "../nss/netgroup.h"
#include "nscd.h"
@@ -65,6 +66,16 @@ struct dataset
char strdata[0];
};
+/* Send a notfound response to FD. Always returns -1 to indicate an
+ ephemeral error. */
+static time_t
+send_notfound (int fd)
+{
+ if (fd != -1)
+ TEMP_FAILURE_RETRY (send (fd, &notfound, sizeof (notfound), MSG_NOSIGNAL));
+ return -1;
+}
+
/* Sends a notfound message and prepares a notfound dataset to write to the
cache. Returns true if there was enough memory to allocate the dataset and
returns the dataset in DATASETP, total bytes to write in TOTALP and the
@@ -83,8 +94,7 @@ do_notfound (struct database_dyn *db, int fd, request_header *req,
total = sizeof (notfound);
timeout = time (NULL) + db->negtimeout;
- if (fd != -1)
- TEMP_FAILURE_RETRY (send (fd, &notfound, total, MSG_NOSIGNAL));
+ send_notfound (fd);
dataset = mempool_alloc (db, sizeof (struct dataset) + req->key_len, 1);
/* If we cannot permanently store the result, so be it. */
@@ -109,11 +119,78 @@ do_notfound (struct database_dyn *db, int fd, request_header *req,
return cacheable;
}
+struct addgetnetgrentX_scratch
+{
+ /* This is the result that the caller should use. It can be NULL,
+ point into buffer, or it can be in the cache. */
+ struct dataset *dataset;
+
+ struct scratch_buffer buffer;
+
+ /* Used internally in addgetnetgrentX as a staging area. */
+ struct scratch_buffer tmp;
+
+ /* Number of bytes in buffer that are actually used. */
+ size_t buffer_used;
+};
+
+static void
+addgetnetgrentX_scratch_init (struct addgetnetgrentX_scratch *scratch)
+{
+ scratch->dataset = NULL;
+ scratch_buffer_init (&scratch->buffer);
+ scratch_buffer_init (&scratch->tmp);
+
+ /* Reserve space for the header. */
+ scratch->buffer_used = sizeof (struct dataset);
+ static_assert (sizeof (struct dataset) < sizeof (scratch->tmp.__space),
+ "initial buffer space");
+ memset (scratch->tmp.data, 0, sizeof (struct dataset));
+}
+
+static void
+addgetnetgrentX_scratch_free (struct addgetnetgrentX_scratch *scratch)
+{
+ scratch_buffer_free (&scratch->buffer);
+ scratch_buffer_free (&scratch->tmp);
+}
+
+/* Copy LENGTH bytes from S into SCRATCH. Returns NULL if SCRATCH
+ could not be resized, otherwise a pointer to the copy. */
+static char *
+addgetnetgrentX_append_n (struct addgetnetgrentX_scratch *scratch,
+ const char *s, size_t length)
+{
+ while (true)
+ {
+ size_t remaining = scratch->buffer.length - scratch->buffer_used;
+ if (remaining >= length)
+ break;
+ if (!scratch_buffer_grow_preserve (&scratch->buffer))
+ return NULL;
+ }
+ char *copy = scratch->buffer.data + scratch->buffer_used;
+ memcpy (copy, s, length);
+ scratch->buffer_used += length;
+ return copy;
+}
+
+/* Copy S into SCRATCH, including its null terminator. Returns false
+ if SCRATCH could not be resized. */
+static bool
+addgetnetgrentX_append (struct addgetnetgrentX_scratch *scratch, const char *s)
+{
+ if (s == NULL)
+ s = "";
+ return addgetnetgrentX_append_n (scratch, s, strlen (s) + 1) != NULL;
+}
+
+/* Caller must initialize and free *SCRATCH. If the return value is
+ negative, this function has sent a notfound response. */
static time_t
addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
const char *key, uid_t uid, struct hashentry *he,
- struct datahead *dh, struct dataset **resultp,
- void **tofreep)
+ struct datahead *dh, struct addgetnetgrentX_scratch *scratch)
{
if (__glibc_unlikely (debug_level > 0))
{
@@ -132,14 +209,10 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
char *key_copy = NULL;
struct __netgrent data;
- size_t buflen = MAX (1024, sizeof (*dataset) + req->key_len);
- size_t buffilled = sizeof (*dataset);
- char *buffer = NULL;
size_t nentries = 0;
size_t group_len = strlen (key) + 1;
struct name_list *first_needed
= alloca (sizeof (struct name_list) + group_len);
- *tofreep = NULL;
if (netgroup_database == NULL
&& !__nss_database_get (nss_database_netgroup, &netgroup_database))
@@ -151,8 +224,6 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
}
memset (&data, '\0', sizeof (data));
- buffer = xmalloc (buflen);
- *tofreep = buffer;
first_needed->next = first_needed;
memcpy (first_needed->name, key, group_len);
data.needed_groups = first_needed;
@@ -195,8 +266,8 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
while (1)
{
int e;
- status = getfct.f (&data, buffer + buffilled,
- buflen - buffilled - req->key_len, &e);
+ status = getfct.f (&data, scratch->tmp.data,
+ scratch->tmp.length, &e);
if (status == NSS_STATUS_SUCCESS)
{
if (data.type == triple_val)
@@ -204,68 +275,10 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
const char *nhost = data.val.triple.host;
const char *nuser = data.val.triple.user;
const char *ndomain = data.val.triple.domain;
-
- size_t hostlen = strlen (nhost ?: "") + 1;
- size_t userlen = strlen (nuser ?: "") + 1;
- size_t domainlen = strlen (ndomain ?: "") + 1;
-
- if (nhost == NULL || nuser == NULL || ndomain == NULL
- || nhost > nuser || nuser > ndomain)
- {
- const char *last = nhost;
- if (last == NULL
- || (nuser != NULL && nuser > last))
- last = nuser;
- if (last == NULL
- || (ndomain != NULL && ndomain > last))
- last = ndomain;
-
- size_t bufused
- = (last == NULL
- ? buffilled
- : last + strlen (last) + 1 - buffer);
-
- /* We have to make temporary copies. */
- size_t needed = hostlen + userlen + domainlen;
-
- if (buflen - req->key_len - bufused < needed)
- {
- buflen += MAX (buflen, 2 * needed);
- /* Save offset in the old buffer. We don't
- bother with the NULL check here since
- we'll do that later anyway. */
- size_t nhostdiff = nhost - buffer;
- size_t nuserdiff = nuser - buffer;
- size_t ndomaindiff = ndomain - buffer;
-
- char *newbuf = xrealloc (buffer, buflen);
- /* Fix up the triplet pointers into the new
- buffer. */
- nhost = (nhost ? newbuf + nhostdiff
- : NULL);
- nuser = (nuser ? newbuf + nuserdiff
- : NULL);
- ndomain = (ndomain ? newbuf + ndomaindiff
- : NULL);
- *tofreep = buffer = newbuf;
- }
-
- nhost = memcpy (buffer + bufused,
- nhost ?: "", hostlen);
- nuser = memcpy ((char *) nhost + hostlen,
- nuser ?: "", userlen);
- ndomain = memcpy ((char *) nuser + userlen,
- ndomain ?: "", domainlen);
- }
-
- char *wp = buffer + buffilled;
- wp = memmove (wp, nhost ?: "", hostlen);
- wp += hostlen;
- wp = memmove (wp, nuser ?: "", userlen);
- wp += userlen;
- wp = memmove (wp, ndomain ?: "", domainlen);
- wp += domainlen;
- buffilled = wp - buffer;
+ if (!(addgetnetgrentX_append (scratch, nhost)
+ && addgetnetgrentX_append (scratch, nuser)
+ && addgetnetgrentX_append (scratch, ndomain)))
+ return send_notfound (fd);
++nentries;
}
else
@@ -317,8 +330,8 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
}
else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)
{
- buflen *= 2;
- *tofreep = buffer = xrealloc (buffer, buflen);
+ if (!scratch_buffer_grow (&scratch->tmp))
+ return send_notfound (fd);
}
else if (status == NSS_STATUS_RETURN
|| status == NSS_STATUS_NOTFOUND
@@ -351,10 +364,17 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
goto maybe_cache_add;
}
- total = buffilled;
+ /* Capture the result size without the key appended. */
+ total = scratch->buffer_used;
+
+ /* Make a copy of the key. The scratch buffer must not move after
+ this point. */
+ key_copy = addgetnetgrentX_append_n (scratch, key, req->key_len);
+ if (key_copy == NULL)
+ return send_notfound (fd);
/* Fill in the dataset. */
- dataset = (struct dataset *) buffer;
+ dataset = scratch->buffer.data;
timeout = datahead_init_pos (&dataset->head, total + req->key_len,
total - offsetof (struct dataset, resp),
he == NULL ? 0 : dh->nreloads + 1,
@@ -363,11 +383,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
dataset->resp.nresults = nentries;
- dataset->resp.result_len = buffilled - sizeof (*dataset);
-
- assert (buflen - buffilled >= req->key_len);
- key_copy = memcpy (buffer + buffilled, key, req->key_len);
- buffilled += req->key_len;
+ dataset->resp.result_len = total - sizeof (*dataset);
/* Now we can determine whether on refill we have to create a new
record or not. */
@@ -398,7 +414,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
if (__glibc_likely (newp != NULL))
{
/* Adjust pointer into the memory block. */
- key_copy = (char *) newp + (key_copy - buffer);
+ key_copy = (char *) newp + (key_copy - (char *) dataset);
dataset = memcpy (newp, dataset, total + req->key_len);
cacheable = true;
@@ -439,7 +455,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
}
out:
- *resultp = dataset;
+ scratch->dataset = dataset;
return timeout;
}
@@ -460,6 +476,9 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
if (user != NULL)
key = strchr (key, '\0') + 1;
const char *domain = *key++ ? key : NULL;
+ struct addgetnetgrentX_scratch scratch;
+
+ addgetnetgrentX_scratch_init (&scratch);
if (__glibc_unlikely (debug_level > 0))
{
@@ -475,12 +494,8 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
group, group_len,
db, uid);
time_t timeout;
- void *tofree;
if (result != NULL)
- {
- timeout = result->head.timeout;
- tofree = NULL;
- }
+ timeout = result->head.timeout;
else
{
request_header req_get =
@@ -489,7 +504,10 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
.key_len = group_len
};
timeout = addgetnetgrentX (db, -1, &req_get, group, uid, NULL, NULL,
- &result, &tofree);
+ &scratch);
+ result = scratch.dataset;
+ if (timeout < 0)
+ goto out;
}
struct indataset
@@ -603,7 +621,7 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
}
out:
- free (tofree);
+ addgetnetgrentX_scratch_free (&scratch);
return timeout;
}
@@ -613,11 +631,12 @@ addgetnetgrentX_ignore (struct database_dyn *db, int fd, request_header *req,
const char *key, uid_t uid, struct hashentry *he,
struct datahead *dh)
{
- struct dataset *ignore;
- void *tofree;
- time_t timeout = addgetnetgrentX (db, fd, req, key, uid, he, dh,
- &ignore, &tofree);
- free (tofree);
+ struct addgetnetgrentX_scratch scratch;
+ addgetnetgrentX_scratch_init (&scratch);
+ time_t timeout = addgetnetgrentX (db, fd, req, key, uid, he, dh, &scratch);
+ addgetnetgrentX_scratch_free (&scratch);
+ if (timeout < 0)
+ timeout = 0;
return timeout;
}
@@ -661,5 +680,9 @@ readdinnetgr (struct database_dyn *db, struct hashentry *he,
.key_len = he->len
};
- return addinnetgrX (db, -1, &req, db->data + he->key, he->owner, he, dh);
+ int timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner,
+ he, dh);
+ if (timeout < 0)
+ timeout = 0;
+ return timeout;
}
--
2.45.0

42
glibc.changes
View File

@ -1,10 +1,46 @@
-------------------------------------------------------------------
Mon Jul 29 07:50:31 UTC 2024 - Andreas Schwab <schwab@suse.de>
- Update to glibc 2.40
* The <stdbit.h> header type-generic macros have been changed when using
GCC 14.1 or later to use __builtin_stdc_bit_ceil etc. built-in functions
* The GNU C Library now supports a feature test macro _ISOC23_SOURCE to
enable features from the ISO C23 standard
* The ISO C23 function families introduced in TS
18661-4:2015 are now supported in <math.h>
* A new tunable, glibc.rtld.enable_secure, can be used to run a program
as if it were a setuid process
* On Linux, the epoll header was updated to include epoll ioctl definitions
and the related structure added in Linux kernel 6.9
* The fortify functionality has been significantly enhanced for building
programs with clang against the GNU C Library
* Many functions have been added to the vector library for aarch64
* On x86, memset can now use non-temporal stores to improve the performance
of large writes
* Architectures which use a 32-bit seconds-since-epoch field in struct
lastlog, struct utmp, struct utmpx (such as i386, powerpc64le, rv32,
rv64, x86-64) switched from a signed to an unsigned type for that
field
* __rseq_size now denotes the size of the active rseq area (20 bytes
initially), not the size of struct rseq (32 bytes initially).
- arm-dl-start-user.patch, duplocale-global-locale.patch,
elf-parse-tunables.patch,
glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch,
glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch,
glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch,
glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch,
iconv-iso-2022-cn-ext.patch, nscd-netgroup-cache-timeout.patch,
s390-clone-error-clobber-r7.patch, sigisemptyset.patch,
stdbit-builtins.patch, utmp-time-bits.patch: Removed
- glibc-2.3.90-langpackdir.diff: Rediff
-------------------------------------------------------------------
Mon Jun 3 08:24:38 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
- Also provide glibc-locale-base-<targettype> from
glibc-<targettype>: the package was merged in the baselibs.conf
case, so the capability is there. Steam for one has a requires
on the symbol (boo#1225809).
glibc-gconv-modules-extra-<targettype>: the package was merged in the
baselibs.conf case, so the capability is there. Steam for one has a
requires on the symbol (boo#1225809).
-------------------------------------------------------------------
Tue May 28 07:27:01 UTC 2024 - Andreas Schwab <schwab@suse.de>

264
glibc.keyring
View File

@ -188,138 +188,6 @@ ZthBvjkZUZCOl+wjwbn3k4bpiEYEGBECAAYFAj0n9DwACgkQWDlSU/gp6efSHgCc
DxXIOrZyOO3jtbtsTYR/VrsdK9sAn0lrUm/jZKWyvK6V1CCA3TwXyvLQ
=dSXY
-----END PGP PUBLIC KEY BLOCK-----
GPG keys of Siddhesh Poyarekar <siddhesh>
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBFMAZNMBCACeatEKl6YY9iEVxzS64bPbvJsA1mLE2XFWmKXyYzm58dFqPMa0
OQQTKCxjFCOrc+LD2KtmypttcahKnk5Lk1lNU/lV2hCuR7jJ37sL+/TFQuMMgsLP
ED6XU4/AYK3VUJvgGYLBnMVfpAGYLB5rnPvhFNx0r2KItO/CfiSEyD4g1Wu26SUA
XGOp5hbSyBRGhju+8YJlhHBBjn3vZfw7IpwAWDVjK0crqMhGDXoZwK+ADUFY5NER
AkT3Lb7d11F6+W4558WQZCYIWa3rZ62d986OE7+7xKmJUcLLWvlv5spgUmvotZ4D
MzaKba+waY5ygXdGIpm5seVIEUCTaBIe6QVLABEBAAG0KFNpZGRoZXNoIFBveWFy
ZWthciA8c3BveWFyZWtAcmVkaGF0LmNvbT6JAT4EEwECACgFAlMAbfUCGwMFCQIP
WAAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEHnEPfvxzyGHk74H/jwerQPx
3JBKCzvXYpdBLWEfgqnzrYMODf+KI8AspjjL+c8/BgIzBldtv3QvSmmgt4Oim/2o
+UMbfSwoRSqHmI4V4KWXOkBlnM1PkHeEn2bJSsqATuXTI5gNRvM9B6NZj5FQgEzP
zTxM9LjXSnRzExAr7SICUS1b+zOckTlvRystsoOJc5A/1/Ntj8sEKM+T7tNgeK9X
VmAjsblwqls3DgbARLXmki+9XjClsWrmUFU+v81YtZ9N+4S7SC/hXXJ/6pHYmk9t
udQd++OoN+KArHOVW/mHJO1wnamD5pauLU9UCX8LUN+k4SCOWBDu9bBKV1pr7WF1
OSKZL5ODP0DVT66IRgQQEQgABgUCUwH/1gAKCRBVlt0M6b9lPZiaAJ9MxtvRwQNE
RsGtkSkhdgkLIXxjcwCdHsZoh2lEa8SilHYkNRn4xm1XZOuJATgEEwECACICGwMG
CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJU6rJ6AAoJEHnEPfvxzyGHC34H/0uJ
CxjFHEMVrgYB4EULbi5g/T0EkzKqpZT9tet4oewKxxa0D0IkT3LKzglVRFQdm1Hs
Jt1ICBxNeVIRhcGS94084UlhKQJBu7xT4aO9WLHFnd8lSTzcgMgFU+9Gs0E7YPZ3
UKHIg+o0J4sfsa4kWFKksqBOWAgouHkdvF0+8qy9EbODQ/s8bfxlMYeCdYJZgT/U
yaFgOeVVnN1ip2sH34UQZvfQGfDH5JLd5DEkDS8QGX/t8XsHrMJtBwGkDoZDD+Kc
EdVrrURDlr49LjSsgNuHK+hEZIAUMXruVqbAT1Q9DmU4baCWlrJ1Tk84pkGbDVQR
6ig6gcQXeGc7XHdLOQqJAhwEEgECAAYFAlQlMiQACgkQHpo7X4VAg7aBXA/+IG4K
lFdp5YkTyBm9cLEZ5Wo3q8mel9LPdBh0YPvJj61F8B2CwhmJOxGyXh0zFF0ixmXG
fxuN9J4CiLT769qlB751P7J89Iu2M60TWd+hg5E3bCxAe48JOlUbeXZs9Vu43PkN
zZRmCo5MPV7UgxZ7j+vNaAHa5152fofg9JRq0BjhNOf8/CX5lQ1PJPHS4ufZr7vH
wq5KpnhxqKPjn4PfpAyXCVqvnXJUnLL5wJ6XKVpiWO/d2uL9IRNFFS0P6I73/tie
ZHZMvLU0DjfN0dVX01Zzx+8jAzpK6x+rG0iLBtqvabRg57izZaOUeUPBox1rQ/f+
n9DqSGdfQ8wlNT5sCToFiWFiIkLIbK4pA/2+uxDf92KvWJevsAx6J4XspJvnGles
WSlRP0+rQyjZpdoHItTd/izB09LEFy1aAyjtbkyjWahV5FQYL9D85F3J0FnC4C+/
SSv5AFNXkLxMXfPDUpMtIhbQgCBS6E/ooVH6/acC3B6clnYU4wUQh1rdidkb2oAg
b2pYyxAoqXsDi28ULY0PhdFtnF4JWRPSlFBU0gHbqAkFx6WodJTV08Jgrf7VmgCM
C+DLJYJktF5wMG5Xmp+rFpUn+wE3+rF7MTehbmSZ6jJwRk4QaAU6S57wjy9Mq7qy
v3uOJuY05wL02NhBeVMfKloERB4ekwWxB19j+J20KFNpZGRoZXNoIFBveWFyZWth
ciA8c2lkZGhlc2hAcmVkaGF0LmNvbT6JAT8EEwECACkFAlMAZNMCGwMFCQIPWAAH
CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB5xD378c8hh8z3B/427wTdRBE4
tHCm5BNgsfjQStPfp9qPR8v1P77IO9Tgeh3RrnsWUzQ450PZaQt7HCKqRQe9MqiG
8iShfGG3fw3rrGb1XvLKj9e8xM4gb0Pd76Zvym5zH4QEJakSLdxFGS8OzjdLbAb8
siDBqWuEf/ziPqNrVwBdfLFu7fhOC1IjGzwQMNBsSZEJFAg+biMamyjraqnmINQ1
Tj9yhY/CVgxoc1UvEOfFijrOx0n+sgdcm7mPCm30IxAcbj2IPwr2BXh2+PyrrI+G
MsMpsdlml7lkQAySDEBjm0N00iCYohcmryJUL0b/rcdN5zt4uNBs47VKUsyMpLjk
PsjbSNvalgkYiEYEEBEIAAYFAlMB/9gACgkQVZbdDOm/ZT2XFgCfXNlWZPmlyxPD
K0AI1tXtW9MajV4AnAmU6BxcJEZfJcQAfBIrn5BfG7mEiQE5BBMBAgAjAhsDBwsJ
CAcDAgEGFQgCCQoLBBYCAwECHgECF4AFAlTqsnoACgkQecQ9+/HPIYdf6QgAi2oy
elHbszp21Zeck9GQrwSHCt88FJj70TyANRw9CcvS7NLZM3Q8tsh68+I7zjVaZWpM
7RnQJ2+G/L0G2/LScRg4cMzN4PUpCLqms4OpbrBNU/N9R6QJClBlEP/2in1hVilp
ncsmgbzXFP6naLn+8NSPyX5WRjI1D5OIVa5CnpU4CZwzy5PKpzWwEiecd5DAwmDP
Eh+JRxkkhk76Wy9BIf9mdp3fgDD5CmLFzhNCHjSt7NF1gt8lkbcFKAJ1zbEdbmu7
C4R81WDEnPw436Co0wAwUNnqDgE1XpijS9E4S3DXYt9oO8nZc/6UhYrkQo1Q8glD
srAGe5aToccOPVj4OokCHAQSAQIABgUCVCUyIQAKCRAemjtfhUCDtvW8D/4yaPTC
hUVhvIQZIkE4Vp09XRpwaVw1PpnAVmB2/ZX9LoniNYL6Zo2o1syG8IHJHp1hj50C
iRVdxkdIqI/STqdSlnIHOF/AhX8iB5o8BCgdtE+hg7X4k6RhcnCdqk8N2YrIoZrH
oh5VDamzU5cAvOBFhHRSkHznPcm5uoPWFaVwh38pBlAEu8yqIGPZwXaBrsYWtt5Y
n1wqF1bPqxPNioDv6pFb6fY9hHXmjXhdQ2Co3x4Cs6cC8/xTUP/GhVnKJaN9mbQL
iO0SfWtQa0jXNZRQYI5U8ziLnth7Vkrtpu9Sy2i3eQ47DW92j3JRRGoUrAwTG2Vv
E/4MWcxpptNzcEfucKpEtXz+wQx+pD6YCfmG+63m9RZIR0iiakq2YsSMPFpZnDzC
IO4M+Kr61zO4wPeA8yVQaSw6DdunwSq4PDlPGjOH0d2h19gMRG6bf6hZEk4izXf7
ysrA87w1oSBkxVp4q0C3casfA+PqTwdaz9OEFX/DjDtpxz+DHvxU69seAnE+etxf
z9O/m/RrcoCYRIaYBEA1xkD6RpFF/0L6b1xzjUsGafGEzVDP2AF96D22NrqfAMsv
Pdg1jf3C7XcKszUinKBD4T183gNPyiDC4I+e6oAQZlGZ+osG+vheeJagqxf5E6ju
2IO7uYnaBc8tzzElhvWrCiwRFiBAvyqtFMwuFbQ8U2lkZGhlc2ggUG95YXJla2Fy
IChQZXJzb25hbCkgPHNpZGRoZXNoLnBveWFyZWthckBnbWFpbC5jb20+iQE4BBMB
AgAiAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVOqydwAKCRB5xD378c8h
h3bxB/0Z84r5WAPFpPPKLFsYdZVamTWeJ7rsF0+9qitNvWM5RWwjnzaMo75YMgqY
jY9MWT1HCw3juriz9DI3ygKOBgJia6P5yx7xmHlpwQnHYQ0lGY/RAslTd4ohAzEo
ntIbhQfJUGWp1yFavJmrkoMZsAp/da0yGAHOvzblSfJsialnuo98kzy7vzKMc9C8
EqQpoDOFXALrku34RJAD34Rmq9h4TCVikCrmCYopoP9CJqXIj/wUSyyEGrAN0vMU
wwNKMXFW6SOILm3dYm8XPna/63MRcTQdmxXbqn8us9ID5x6L+zvkUGbD2rPgAzRg
M6sRp4Qb4JJI8saBBgVgynURf4u+iQE+BBMBAgAoBQJUIjzaAhsDBQkCD1gABgsJ
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRB5xD378c8hh1TCCACchAW5lgBUJHBC
lh72oWEwpf/uFRCzu0UMOvbSmeYBagidRBQLhVrINxrRvWDHoo+EIU+xiKGWSNrK
IIBXW8mcla2iPhN8T6ull6F7+nGfA8f41EROh3ljYNVzFfQEOHQukIYVtXNSxszj
Gggv1yqWG/GBFmwWflOwSiKTM2ZoLi7qNtitPn1eNfXrNLyqyNcdGuzriM2xkV1h
cd7ynhSv5WHgOIHFfqHodfTzavx4g/qmwlgERF7YjjJq4nzEDXFZzNREDd9WEVOe
FEfxEaMIRi80FtQescBslpiQqQV0M5+CfJgMnp0pHvvBpG0blMt3k/qIsXMZTA8B
/UlLH7xciQIcBBIBAgAGBQJUJTIdAAoJEB6aO1+FQIO2o+sP/3oFHLzXDQpzJp8L
OQfybB1/4XYkHz4fAN8Gym6MsU7/mFrQJVaZQ92DxUhcnCXtpwTn6NwSSN0CZDgq
vIBZNx34DJZ4gTVokMoqbRmPMcK2HsE541eWxz8jl6T0OjTeZ/fVtc/7tSvl2RK/
6dZEq9ofkcJ6SeIi+Cr9QJ2XsHi2KBL3mjCoG4TTS8mT/FXlPiKsiN3bKSHQHjYg
4SOhvXvzi+tBuLb6IMgx3GPukKCi63Pp6Xh8krWs7qvOjOkBs85JS/2ZDPpQv6ku
PEylVyPcIyNwAx5cJAcVKwxJQmJPUYSJN8XqammZRx71i5NbX2+JPTC5YUUCrSaw
w/4rvEgt5xLUp7y5U0ZP9e6jHHgNJ4adTwgrKRfS0i3q6KB4252ysAqmvqA40Cwv
NGHdWhbTVV6lE07q3LnJhH6Vt4KMWNlZUb1HjSIRLmoqyRKbhreeCZSmn5YEwhtb
7DCaoKxibfyge06DDYBEv3pXAJj8xE2gf5DFxzqi0l5f2PJxIQzKxiOL2RIlxI5F
//Q/YZxeFw/SofKEUlSNyszWHb+Zk3bMDF07BdjnNrrT3IBGj48kiYwahOAWS0pd
8Ajk6uUE4rD9xW9jsRJ6KNDrhZ8xuG8HnzzDZv2oOxRe6vr+j1uUHA0lG9R3xONE
cZAZ3jr/ZI142iJFlfXNTH6dvFPetClTaWRkaGVzaCBQb3lhcmVrYXIgPHNpZEBy
ZXNlcnZlZC1iaXQuY29tPokBNwQTAQgAIQUCVcBkdgIbAwULCQgHAgYVCAkKCwIE
FgIDAQIeAQIXgAAKCRB5xD378c8hhz7PB/9wcwmw4VyNbcX42AglAycAzLWNoqnB
yDWW+yzxiRg28b7gMBICXG66SukJWwKgVwIOIcATszPgi2UT0UNIOIQbDUL9ZvtV
iCXW1H0vWS+DvVz1kh2HSmNFPvN1z8mlWpRjjzL0m9oJTstkUUQvghAjfQmkDW3y
aPdWX5jJN8GjWxKWek3tOL2fc3aER89w+6oa9lNh2s5b7+j/UxqihUWxGzIDMQST
Oy+loogYRSCMgQ+DdDWgdMZ3NSQdX8KX60X0U/Qj1nqpnl757dGxiQJc6Ru7XN3d
Hr72tpjFU6KMqgvL14gkbLM3KxuTWDj2JIJ7dGoaor1Rl3f+Ree7TLRqtChTaWRk
aGVzaCBQb3lhcmVrYXIgPHNpZGRoZXNoQGdvdHBsdC5vcmc+iQE4BBMBAgAiBQJX
tMtMAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRB5xD378c8hh1IICACb
SzL8x40UIvw4OqEjFDD7R+6BJoJ5OPNnQuDBjZf2wrVFe1VSALRDeUxrx8ZNRCgT
ao+PUPpmY3n/NopbltUW10WOvu9smd/NMlAuNUmPtoVTrqyf/4d57xPmB3zu0I1f
e8oSHoHNZHcAK1bYDTQKS8Y+TXNnqU/NuLmks51YcMgEtjiBxS5ojGLiFt9/Ll1R
LoNVygR8CfTKaVW5ZOM2qXPX0Rr0Ru9or20xlzYHM2vipMdSHQNFwdnREGgBNV0d
BTrISraXkg0REcGde/q0U/BI5pEbEe6ptbrz0jVu8DE7ZY/KMf17kshtAqMtTUYK
nuW4ud4WtZAaCpS2sb8ltEVTaWRkaGVzaCBQb3lhcmVrYXIgKGh0dHBzOi8vc291
cmNld2FyZS5vcmcpIDxzaWRkaGVzaEBzb3VyY2V3YXJlLm9yZz6JATgEEwECACIF
Ale0yvcCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEHnEPfvxzyGHp2gH
/j1oWbTa0kKKBc7s2tZGDt6yN1BPrqDz8thhrY7egd5/rIAJKa1t0laltnlpF5GV
51hywjVZW0uBQc5yGuyl4pU7opYADlwUwONGEw/QCuHHIvgoOrNT0Aemje31tgEY
o18f0N/drStWSeQgH03IQ08Amlsk52s0PRMNZeHI4csawULpa4Qy1C519Iow6EoW
rJI3TFlBQqVvXWfYxPjv2CqXDuj9Q8PLWAO2ywb7Mb0MPvZeSreVvPO2Ez97uV1w
Hx0xGhUuX17Vdkug58v9EBX/P1TEd7NGONgNXr0Q/HMqyCP4h3cDOZj1d5KpR4NZ
fXvPoBFXSaHi4Z48SuISY8K5AQ0EUwBk0wEIAKELSISlJ9rz3tSBPNkpyqwIPn4/
/ZBuENJQfIWIWYM9r72sBRHZgiilsN7K7g6Ea7vLUVgv5+WInE4PWFQaqUSbMubT
jshnaIAIeSU0rslwRRqu2B9HmS8marB+UYdQ+MsPVEInrB8uroFf8Jh7h+2Oqs2M
KUMsayoFyQkVtwh3HI/AMTkmK6iun3AikOK+J9WLQx2Qqf+fLjY5/ZIjbowbd8GK
3B4h4kUPbeUI5TNg6xcKVyxVPMy8HazfaDwlUHfh07K0UFWtaFuw9v3tlaieOTLH
0D0cBXyYTAqgs7C66cytxw+Qr6/+uHa8MMREDQwTEEwwick3h0h+vIhCsV0AEQEA
AYkBJQQYAQIADwUCUwBk0wIbDAUJAg9YAAAKCRB5xD378c8hh8B+B/9+LKzmAV1j
fWwlA2XG48fUTs2KyHQxO62IsaPBIAa/MaDNO1TuqOzfcH+fiEqVNqd3m/7dLsqH
BIW2J76eNCwGZYjD9rTFlGmz+vIv0qBmElOAH9ahukJ+uo0IH5IzhP1rTBZejToL
3mG/CQC5qhaZIpGBx9RfwUz5Wd14Narb+Yy/YThzoylcM3/Zi9PS6mXG9sNqvhQk
RyI+WihmvU2wzcQzAXyUZrRx62cJyQfiufcIZGlzNHWUobhJQE+CzmefZy/IrVRR
Z9V52tSlARj0GQJ2OGmf0tyFtfx6Xr3BVEerpa+/FHAgjSEagVsqLYKIJe/9k9Z4
qC2w9Qte07wYiQEfBBgBAgAJAhsMBQJU6rPfAAoJEHnEPfvxzyGH9TMH/RDXegv9
pLySb2xc5rwzWuhDr01SmqkwQ4YFY7mdorzBnZAqHgPTkN81rvJPkWA8sj5riR06
BZtbZ+IT/Axg4yK+OgW9452XM+mx7Dqfarn9y+imymuIIYlajNOTC/V2/2B9MoHt
0Mm34gJ1puntqiG82LnF5mAzgbEKI7Wt+vQmfs0BHcvm2lCxUPh4NNr2ODSqr8SI
X64tAfzYPpuzG1L9et7tv+xMoreMTqy2G6LrjDsXdfkzWrCTxcKyoI0DVnZz7NaQ
sYfhl4H9GvFqm7QfT9MCEEG1sOjrrkZpFvc1IrMbislKNdIRBziudr9jv+zdz24H
TKN3JdfTyacfNU4=
=IcJn
-----END PGP PUBLIC KEY BLOCK-----
GPG keys of Carlos O'Donell <codonell>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
@ -645,6 +513,138 @@ N7JGzLVNo+A=
=fZUN
-----END PGP PUBLIC KEY BLOCK-----
GPG keys of Siddhesh Poyarekar <siddhesh>
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBFMAZNMBCACeatEKl6YY9iEVxzS64bPbvJsA1mLE2XFWmKXyYzm58dFqPMa0
OQQTKCxjFCOrc+LD2KtmypttcahKnk5Lk1lNU/lV2hCuR7jJ37sL+/TFQuMMgsLP
ED6XU4/AYK3VUJvgGYLBnMVfpAGYLB5rnPvhFNx0r2KItO/CfiSEyD4g1Wu26SUA
XGOp5hbSyBRGhju+8YJlhHBBjn3vZfw7IpwAWDVjK0crqMhGDXoZwK+ADUFY5NER
AkT3Lb7d11F6+W4558WQZCYIWa3rZ62d986OE7+7xKmJUcLLWvlv5spgUmvotZ4D
MzaKba+waY5ygXdGIpm5seVIEUCTaBIe6QVLABEBAAG0KFNpZGRoZXNoIFBveWFy
ZWthciA8c3BveWFyZWtAcmVkaGF0LmNvbT6JAT4EEwECACgFAlMAbfUCGwMFCQIP
WAAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEHnEPfvxzyGHk74H/jwerQPx
3JBKCzvXYpdBLWEfgqnzrYMODf+KI8AspjjL+c8/BgIzBldtv3QvSmmgt4Oim/2o
+UMbfSwoRSqHmI4V4KWXOkBlnM1PkHeEn2bJSsqATuXTI5gNRvM9B6NZj5FQgEzP
zTxM9LjXSnRzExAr7SICUS1b+zOckTlvRystsoOJc5A/1/Ntj8sEKM+T7tNgeK9X
VmAjsblwqls3DgbARLXmki+9XjClsWrmUFU+v81YtZ9N+4S7SC/hXXJ/6pHYmk9t
udQd++OoN+KArHOVW/mHJO1wnamD5pauLU9UCX8LUN+k4SCOWBDu9bBKV1pr7WF1
OSKZL5ODP0DVT66IRgQQEQgABgUCUwH/1gAKCRBVlt0M6b9lPZiaAJ9MxtvRwQNE
RsGtkSkhdgkLIXxjcwCdHsZoh2lEa8SilHYkNRn4xm1XZOuJATgEEwECACICGwMG
CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJU6rJ6AAoJEHnEPfvxzyGHC34H/0uJ
CxjFHEMVrgYB4EULbi5g/T0EkzKqpZT9tet4oewKxxa0D0IkT3LKzglVRFQdm1Hs
Jt1ICBxNeVIRhcGS94084UlhKQJBu7xT4aO9WLHFnd8lSTzcgMgFU+9Gs0E7YPZ3
UKHIg+o0J4sfsa4kWFKksqBOWAgouHkdvF0+8qy9EbODQ/s8bfxlMYeCdYJZgT/U
yaFgOeVVnN1ip2sH34UQZvfQGfDH5JLd5DEkDS8QGX/t8XsHrMJtBwGkDoZDD+Kc
EdVrrURDlr49LjSsgNuHK+hEZIAUMXruVqbAT1Q9DmU4baCWlrJ1Tk84pkGbDVQR
6ig6gcQXeGc7XHdLOQqJAhwEEgECAAYFAlQlMiQACgkQHpo7X4VAg7aBXA/+IG4K
lFdp5YkTyBm9cLEZ5Wo3q8mel9LPdBh0YPvJj61F8B2CwhmJOxGyXh0zFF0ixmXG
fxuN9J4CiLT769qlB751P7J89Iu2M60TWd+hg5E3bCxAe48JOlUbeXZs9Vu43PkN
zZRmCo5MPV7UgxZ7j+vNaAHa5152fofg9JRq0BjhNOf8/CX5lQ1PJPHS4ufZr7vH
wq5KpnhxqKPjn4PfpAyXCVqvnXJUnLL5wJ6XKVpiWO/d2uL9IRNFFS0P6I73/tie
ZHZMvLU0DjfN0dVX01Zzx+8jAzpK6x+rG0iLBtqvabRg57izZaOUeUPBox1rQ/f+
n9DqSGdfQ8wlNT5sCToFiWFiIkLIbK4pA/2+uxDf92KvWJevsAx6J4XspJvnGles
WSlRP0+rQyjZpdoHItTd/izB09LEFy1aAyjtbkyjWahV5FQYL9D85F3J0FnC4C+/
SSv5AFNXkLxMXfPDUpMtIhbQgCBS6E/ooVH6/acC3B6clnYU4wUQh1rdidkb2oAg
b2pYyxAoqXsDi28ULY0PhdFtnF4JWRPSlFBU0gHbqAkFx6WodJTV08Jgrf7VmgCM
C+DLJYJktF5wMG5Xmp+rFpUn+wE3+rF7MTehbmSZ6jJwRk4QaAU6S57wjy9Mq7qy
v3uOJuY05wL02NhBeVMfKloERB4ekwWxB19j+J20KFNpZGRoZXNoIFBveWFyZWth
ciA8c2lkZGhlc2hAcmVkaGF0LmNvbT6JAT8EEwECACkFAlMAZNMCGwMFCQIPWAAH
CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB5xD378c8hh8z3B/427wTdRBE4
tHCm5BNgsfjQStPfp9qPR8v1P77IO9Tgeh3RrnsWUzQ450PZaQt7HCKqRQe9MqiG
8iShfGG3fw3rrGb1XvLKj9e8xM4gb0Pd76Zvym5zH4QEJakSLdxFGS8OzjdLbAb8
siDBqWuEf/ziPqNrVwBdfLFu7fhOC1IjGzwQMNBsSZEJFAg+biMamyjraqnmINQ1
Tj9yhY/CVgxoc1UvEOfFijrOx0n+sgdcm7mPCm30IxAcbj2IPwr2BXh2+PyrrI+G
MsMpsdlml7lkQAySDEBjm0N00iCYohcmryJUL0b/rcdN5zt4uNBs47VKUsyMpLjk
PsjbSNvalgkYiEYEEBEIAAYFAlMB/9gACgkQVZbdDOm/ZT2XFgCfXNlWZPmlyxPD
K0AI1tXtW9MajV4AnAmU6BxcJEZfJcQAfBIrn5BfG7mEiQE5BBMBAgAjAhsDBwsJ
CAcDAgEGFQgCCQoLBBYCAwECHgECF4AFAlTqsnoACgkQecQ9+/HPIYdf6QgAi2oy
elHbszp21Zeck9GQrwSHCt88FJj70TyANRw9CcvS7NLZM3Q8tsh68+I7zjVaZWpM
7RnQJ2+G/L0G2/LScRg4cMzN4PUpCLqms4OpbrBNU/N9R6QJClBlEP/2in1hVilp
ncsmgbzXFP6naLn+8NSPyX5WRjI1D5OIVa5CnpU4CZwzy5PKpzWwEiecd5DAwmDP
Eh+JRxkkhk76Wy9BIf9mdp3fgDD5CmLFzhNCHjSt7NF1gt8lkbcFKAJ1zbEdbmu7
C4R81WDEnPw436Co0wAwUNnqDgE1XpijS9E4S3DXYt9oO8nZc/6UhYrkQo1Q8glD
srAGe5aToccOPVj4OokCHAQSAQIABgUCVCUyIQAKCRAemjtfhUCDtvW8D/4yaPTC
hUVhvIQZIkE4Vp09XRpwaVw1PpnAVmB2/ZX9LoniNYL6Zo2o1syG8IHJHp1hj50C
iRVdxkdIqI/STqdSlnIHOF/AhX8iB5o8BCgdtE+hg7X4k6RhcnCdqk8N2YrIoZrH
oh5VDamzU5cAvOBFhHRSkHznPcm5uoPWFaVwh38pBlAEu8yqIGPZwXaBrsYWtt5Y
n1wqF1bPqxPNioDv6pFb6fY9hHXmjXhdQ2Co3x4Cs6cC8/xTUP/GhVnKJaN9mbQL
iO0SfWtQa0jXNZRQYI5U8ziLnth7Vkrtpu9Sy2i3eQ47DW92j3JRRGoUrAwTG2Vv
E/4MWcxpptNzcEfucKpEtXz+wQx+pD6YCfmG+63m9RZIR0iiakq2YsSMPFpZnDzC
IO4M+Kr61zO4wPeA8yVQaSw6DdunwSq4PDlPGjOH0d2h19gMRG6bf6hZEk4izXf7
ysrA87w1oSBkxVp4q0C3casfA+PqTwdaz9OEFX/DjDtpxz+DHvxU69seAnE+etxf
z9O/m/RrcoCYRIaYBEA1xkD6RpFF/0L6b1xzjUsGafGEzVDP2AF96D22NrqfAMsv
Pdg1jf3C7XcKszUinKBD4T183gNPyiDC4I+e6oAQZlGZ+osG+vheeJagqxf5E6ju
2IO7uYnaBc8tzzElhvWrCiwRFiBAvyqtFMwuFbQ8U2lkZGhlc2ggUG95YXJla2Fy
IChQZXJzb25hbCkgPHNpZGRoZXNoLnBveWFyZWthckBnbWFpbC5jb20+iQE4BBMB
AgAiAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVOqydwAKCRB5xD378c8h
h3bxB/0Z84r5WAPFpPPKLFsYdZVamTWeJ7rsF0+9qitNvWM5RWwjnzaMo75YMgqY
jY9MWT1HCw3juriz9DI3ygKOBgJia6P5yx7xmHlpwQnHYQ0lGY/RAslTd4ohAzEo
ntIbhQfJUGWp1yFavJmrkoMZsAp/da0yGAHOvzblSfJsialnuo98kzy7vzKMc9C8
EqQpoDOFXALrku34RJAD34Rmq9h4TCVikCrmCYopoP9CJqXIj/wUSyyEGrAN0vMU
wwNKMXFW6SOILm3dYm8XPna/63MRcTQdmxXbqn8us9ID5x6L+zvkUGbD2rPgAzRg
M6sRp4Qb4JJI8saBBgVgynURf4u+iQE+BBMBAgAoBQJUIjzaAhsDBQkCD1gABgsJ
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRB5xD378c8hh1TCCACchAW5lgBUJHBC
lh72oWEwpf/uFRCzu0UMOvbSmeYBagidRBQLhVrINxrRvWDHoo+EIU+xiKGWSNrK
IIBXW8mcla2iPhN8T6ull6F7+nGfA8f41EROh3ljYNVzFfQEOHQukIYVtXNSxszj
Gggv1yqWG/GBFmwWflOwSiKTM2ZoLi7qNtitPn1eNfXrNLyqyNcdGuzriM2xkV1h
cd7ynhSv5WHgOIHFfqHodfTzavx4g/qmwlgERF7YjjJq4nzEDXFZzNREDd9WEVOe
FEfxEaMIRi80FtQescBslpiQqQV0M5+CfJgMnp0pHvvBpG0blMt3k/qIsXMZTA8B
/UlLH7xciQIcBBIBAgAGBQJUJTIdAAoJEB6aO1+FQIO2o+sP/3oFHLzXDQpzJp8L
OQfybB1/4XYkHz4fAN8Gym6MsU7/mFrQJVaZQ92DxUhcnCXtpwTn6NwSSN0CZDgq
vIBZNx34DJZ4gTVokMoqbRmPMcK2HsE541eWxz8jl6T0OjTeZ/fVtc/7tSvl2RK/
6dZEq9ofkcJ6SeIi+Cr9QJ2XsHi2KBL3mjCoG4TTS8mT/FXlPiKsiN3bKSHQHjYg
4SOhvXvzi+tBuLb6IMgx3GPukKCi63Pp6Xh8krWs7qvOjOkBs85JS/2ZDPpQv6ku
PEylVyPcIyNwAx5cJAcVKwxJQmJPUYSJN8XqammZRx71i5NbX2+JPTC5YUUCrSaw
w/4rvEgt5xLUp7y5U0ZP9e6jHHgNJ4adTwgrKRfS0i3q6KB4252ysAqmvqA40Cwv
NGHdWhbTVV6lE07q3LnJhH6Vt4KMWNlZUb1HjSIRLmoqyRKbhreeCZSmn5YEwhtb
7DCaoKxibfyge06DDYBEv3pXAJj8xE2gf5DFxzqi0l5f2PJxIQzKxiOL2RIlxI5F
//Q/YZxeFw/SofKEUlSNyszWHb+Zk3bMDF07BdjnNrrT3IBGj48kiYwahOAWS0pd
8Ajk6uUE4rD9xW9jsRJ6KNDrhZ8xuG8HnzzDZv2oOxRe6vr+j1uUHA0lG9R3xONE
cZAZ3jr/ZI142iJFlfXNTH6dvFPetClTaWRkaGVzaCBQb3lhcmVrYXIgPHNpZEBy
ZXNlcnZlZC1iaXQuY29tPokBNwQTAQgAIQUCVcBkdgIbAwULCQgHAgYVCAkKCwIE
FgIDAQIeAQIXgAAKCRB5xD378c8hhz7PB/9wcwmw4VyNbcX42AglAycAzLWNoqnB
yDWW+yzxiRg28b7gMBICXG66SukJWwKgVwIOIcATszPgi2UT0UNIOIQbDUL9ZvtV
iCXW1H0vWS+DvVz1kh2HSmNFPvN1z8mlWpRjjzL0m9oJTstkUUQvghAjfQmkDW3y
aPdWX5jJN8GjWxKWek3tOL2fc3aER89w+6oa9lNh2s5b7+j/UxqihUWxGzIDMQST
Oy+loogYRSCMgQ+DdDWgdMZ3NSQdX8KX60X0U/Qj1nqpnl757dGxiQJc6Ru7XN3d
Hr72tpjFU6KMqgvL14gkbLM3KxuTWDj2JIJ7dGoaor1Rl3f+Ree7TLRqtChTaWRk
aGVzaCBQb3lhcmVrYXIgPHNpZGRoZXNoQGdvdHBsdC5vcmc+iQE4BBMBAgAiBQJX
tMtMAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRB5xD378c8hh1IICACb
SzL8x40UIvw4OqEjFDD7R+6BJoJ5OPNnQuDBjZf2wrVFe1VSALRDeUxrx8ZNRCgT
ao+PUPpmY3n/NopbltUW10WOvu9smd/NMlAuNUmPtoVTrqyf/4d57xPmB3zu0I1f
e8oSHoHNZHcAK1bYDTQKS8Y+TXNnqU/NuLmks51YcMgEtjiBxS5ojGLiFt9/Ll1R
LoNVygR8CfTKaVW5ZOM2qXPX0Rr0Ru9or20xlzYHM2vipMdSHQNFwdnREGgBNV0d
BTrISraXkg0REcGde/q0U/BI5pEbEe6ptbrz0jVu8DE7ZY/KMf17kshtAqMtTUYK
nuW4ud4WtZAaCpS2sb8ltEVTaWRkaGVzaCBQb3lhcmVrYXIgKGh0dHBzOi8vc291
cmNld2FyZS5vcmcpIDxzaWRkaGVzaEBzb3VyY2V3YXJlLm9yZz6JATgEEwECACIF
Ale0yvcCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEHnEPfvxzyGHp2gH
/j1oWbTa0kKKBc7s2tZGDt6yN1BPrqDz8thhrY7egd5/rIAJKa1t0laltnlpF5GV
51hywjVZW0uBQc5yGuyl4pU7opYADlwUwONGEw/QCuHHIvgoOrNT0Aemje31tgEY
o18f0N/drStWSeQgH03IQ08Amlsk52s0PRMNZeHI4csawULpa4Qy1C519Iow6EoW
rJI3TFlBQqVvXWfYxPjv2CqXDuj9Q8PLWAO2ywb7Mb0MPvZeSreVvPO2Ez97uV1w
Hx0xGhUuX17Vdkug58v9EBX/P1TEd7NGONgNXr0Q/HMqyCP4h3cDOZj1d5KpR4NZ
fXvPoBFXSaHi4Z48SuISY8K5AQ0EUwBk0wEIAKELSISlJ9rz3tSBPNkpyqwIPn4/
/ZBuENJQfIWIWYM9r72sBRHZgiilsN7K7g6Ea7vLUVgv5+WInE4PWFQaqUSbMubT
jshnaIAIeSU0rslwRRqu2B9HmS8marB+UYdQ+MsPVEInrB8uroFf8Jh7h+2Oqs2M
KUMsayoFyQkVtwh3HI/AMTkmK6iun3AikOK+J9WLQx2Qqf+fLjY5/ZIjbowbd8GK
3B4h4kUPbeUI5TNg6xcKVyxVPMy8HazfaDwlUHfh07K0UFWtaFuw9v3tlaieOTLH
0D0cBXyYTAqgs7C66cytxw+Qr6/+uHa8MMREDQwTEEwwick3h0h+vIhCsV0AEQEA
AYkBJQQYAQIADwUCUwBk0wIbDAUJAg9YAAAKCRB5xD378c8hh8B+B/9+LKzmAV1j
fWwlA2XG48fUTs2KyHQxO62IsaPBIAa/MaDNO1TuqOzfcH+fiEqVNqd3m/7dLsqH
BIW2J76eNCwGZYjD9rTFlGmz+vIv0qBmElOAH9ahukJ+uo0IH5IzhP1rTBZejToL
3mG/CQC5qhaZIpGBx9RfwUz5Wd14Narb+Yy/YThzoylcM3/Zi9PS6mXG9sNqvhQk
RyI+WihmvU2wzcQzAXyUZrRx62cJyQfiufcIZGlzNHWUobhJQE+CzmefZy/IrVRR
Z9V52tSlARj0GQJ2OGmf0tyFtfx6Xr3BVEerpa+/FHAgjSEagVsqLYKIJe/9k9Z4
qC2w9Qte07wYiQEfBBgBAgAJAhsMBQJU6rPfAAoJEHnEPfvxzyGH9TMH/RDXegv9
pLySb2xc5rwzWuhDr01SmqkwQ4YFY7mdorzBnZAqHgPTkN81rvJPkWA8sj5riR06
BZtbZ+IT/Axg4yK+OgW9452XM+mx7Dqfarn9y+imymuIIYlajNOTC/V2/2B9MoHt
0Mm34gJ1puntqiG82LnF5mAzgbEKI7Wt+vQmfs0BHcvm2lCxUPh4NNr2ODSqr8SI
X64tAfzYPpuzG1L9et7tv+xMoreMTqy2G6LrjDsXdfkzWrCTxcKyoI0DVnZz7NaQ
sYfhl4H9GvFqm7QfT9MCEEG1sOjrrkZpFvc1IrMbislKNdIRBziudr9jv+zdz24H
TKN3JdfTyacfNU4=
=IcJn
-----END PGP PUBLIC KEY BLOCK-----
GPG keys of Eric Blake <ericb>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.10 (GNU/Linux)

28
glibc.spec
View File

@ -152,7 +152,7 @@ Name: glibc%{name_suffix}
Summary: Standard Shared Libraries (from the GNU C Library)
License: GPL-2.0-or-later AND LGPL-2.1-or-later AND LGPL-2.1-or-later WITH GCC-exception-2.0
Group: System/Libraries
Version: 2.39
Version: 2.40
Release: 0
%if %{without snapshot}
%define git_id ef321e23c2
@ -303,32 +303,6 @@ Patch306: glibc-fix-double-loopback.diff
###
# Patches from upstream
###
# PATCH-FIX-UPSTREAM arm: Remove wrong ldr from _dl_start_user (BZ #31339)
Patch1000: arm-dl-start-user.patch
# PATCH-FIX-UPSTREAM S390: Do not clobber r7 in clone (BZ #31402)
Patch1001: s390-clone-error-clobber-r7.patch
# PATCH-FIX-UPSTREAM duplocale: protect use of global locale (BZ #23970)
Patch1002: duplocale-global-locale.patch
# PATCH-FIX-UPSTREAM linux/sigsetops: fix type confusion (BZ #31468)
Patch1003: sigisemptyset.patch
# PATCH-FIX-UPSTREAM Use gcc __builtin_stdc_* builtins in stdbit.h if possible
Patch1004: stdbit-builtins.patch
# PATCH-FIX-UPSTREAM iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)
Patch1005: iconv-iso-2022-cn-ext.patch
# PATCH-FIX-UPSTREAM login: structs utmp, utmpx, lastlog _TIME_BITS independence (BZ #30701)
Patch1006: utmp-time-bits.patch
# PATCH-FIX-UPSTREAM elf: Only process multiple tunable once (BZ #31686)
Patch1007: elf-parse-tunables.patch
# PATCH-FIX-UPSTREAM nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599, BZ #31677)
Patch1008: glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch
# PATCH-FIX-UPSTREAM nscd: Do not send missing not found response in addgetnetgrentX (CVE-2024-33600, BZ #31678)
Patch1009: glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch
# PATCH-FIX-UPSTREAM nscd: Avoid null pointer crashes after notfound response (CVE-2024-33600, BZ #31678)
Patch1010: glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch
# PATCH-FIX-UPSTREAM nscd netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601, CVE-2024-33602, BZ #31680)
Patch1011: glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch
# PATCH-FIX-UPSTREAM nscd: Use time_t for return type of addgetnetgrentX (CVE-2024-33602)
Patch1012: nscd-netgroup-cache-timeout.patch
%endif
###

216
iconv-iso-2022-cn-ext.patch
View File

@ -1,216 +0,0 @@
From 31da30f23cddd36db29d5b6a1c7619361b271fb4 Mon Sep 17 00:00:00 2001
From: Charles Fol <folcharles@gmail.com>
Date: Thu, 28 Mar 2024 12:25:38 -0300
Subject: [PATCH] iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing
escape sequence (CVE-2024-2961)
ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.
Checked on aarch64-linux-gnu.
Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)
---
iconvdata/Makefile | 5 +-
iconvdata/iso-2022-cn-ext.c | 12 +++
iconvdata/tst-iconv-iso-2022-cn-ext.c | 128 ++++++++++++++++++++++++++
3 files changed, 144 insertions(+), 1 deletion(-)
create mode 100644 iconvdata/tst-iconv-iso-2022-cn-ext.c
diff --git a/iconvdata/Makefile b/iconvdata/Makefile
index ea019ce5c0..7196a8744b 100644
--- a/iconvdata/Makefile
+++ b/iconvdata/Makefile
@@ -75,7 +75,8 @@ ifeq (yes,$(build-shared))
tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \
tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \
bug-iconv10 bug-iconv11 bug-iconv12 tst-iconv-big5-hkscs-to-2ucs4 \
- bug-iconv13 bug-iconv14 bug-iconv15
+ bug-iconv13 bug-iconv14 bug-iconv15 \
+ tst-iconv-iso-2022-cn-ext
ifeq ($(have-thread-library),yes)
tests += bug-iconv3
endif
@@ -330,6 +331,8 @@ $(objpfx)bug-iconv14.out: $(addprefix $(objpfx), $(gconv-modules)) \
$(addprefix $(objpfx),$(modules.so))
$(objpfx)bug-iconv15.out: $(addprefix $(objpfx), $(gconv-modules)) \
$(addprefix $(objpfx),$(modules.so))
+$(objpfx)tst-iconv-iso-2022-cn-ext.out: $(addprefix $(objpfx), $(gconv-modules)) \
+ $(addprefix $(objpfx),$(modules.so))
$(objpfx)iconv-test.out: run-iconv-test.sh \
$(addprefix $(objpfx), $(gconv-modules)) \
diff --git a/iconvdata/iso-2022-cn-ext.c b/iconvdata/iso-2022-cn-ext.c
index b34c8a36f4..cce29b1969 100644
--- a/iconvdata/iso-2022-cn-ext.c
+++ b/iconvdata/iso-2022-cn-ext.c
@@ -574,6 +574,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized");
{ \
const char *escseq; \
\
+ if (outptr + 4 > outend) \
+ { \
+ result = __GCONV_FULL_OUTPUT; \
+ break; \
+ } \
+ \
assert (used == CNS11643_2_set); /* XXX */ \
escseq = "*H"; \
*outptr++ = ESC; \
@@ -587,6 +593,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized");
{ \
const char *escseq; \
\
+ if (outptr + 4 > outend) \
+ { \
+ result = __GCONV_FULL_OUTPUT; \
+ break; \
+ } \
+ \
assert ((used >> 5) >= 3 && (used >> 5) <= 7); \
escseq = "+I+J+K+L+M" + ((used >> 5) - 3) * 2; \
*outptr++ = ESC; \
diff --git a/iconvdata/tst-iconv-iso-2022-cn-ext.c b/iconvdata/tst-iconv-iso-2022-cn-ext.c
new file mode 100644
index 0000000000..96a8765fd5
--- /dev/null
+++ b/iconvdata/tst-iconv-iso-2022-cn-ext.c
@@ -0,0 +1,128 @@
+/* Verify ISO-2022-CN-EXT does not write out of the bounds.
+ Copyright (C) 2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <stdio.h>
+#include <string.h>
+
+#include <errno.h>
+#include <iconv.h>
+#include <sys/mman.h>
+
+#include <support/xunistd.h>
+#include <support/check.h>
+#include <support/support.h>
+
+/* The test sets up a two memory page buffer with the second page marked
+ PROT_NONE to trigger a fault if the conversion writes beyond the exact
+ expected amount. Then we carry out various conversions and precisely
+ place the start of the output buffer in order to trigger a SIGSEGV if the
+ process writes anywhere between 1 and page sized bytes more (only one
+ PROT_NONE page is setup as a canary) than expected. These tests exercise
+ all three of the cases in ISO-2022-CN-EXT where the converter must switch
+ character sets and may run out of buffer space while doing the
+ operation. */
+
+static int
+do_test (void)
+{
+ iconv_t cd = iconv_open ("ISO-2022-CN-EXT", "UTF-8");
+ TEST_VERIFY_EXIT (cd != (iconv_t) -1);
+
+ char *ntf;
+ size_t ntfsize;
+ char *outbufbase;
+ {
+ int pgz = getpagesize ();
+ TEST_VERIFY_EXIT (pgz > 0);
+ ntfsize = 2 * pgz;
+
+ ntf = xmmap (NULL, ntfsize, PROT_READ | PROT_WRITE, MAP_PRIVATE
+ | MAP_ANONYMOUS, -1);
+ xmprotect (ntf + pgz, pgz, PROT_NONE);
+
+ outbufbase = ntf + pgz;
+ }
+
+ /* Check if SOdesignation escape sequence does not trigger an OOB write. */
+ {
+ char inbuf[] = "\xe4\xba\xa4\xe6\x8d\xa2";
+
+ for (int i = 0; i < 9; i++)
+ {
+ char *inp = inbuf;
+ size_t inleft = sizeof (inbuf) - 1;
+
+ char *outp = outbufbase - i;
+ size_t outleft = i;
+
+ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft)
+ == (size_t) -1);
+ TEST_COMPARE (errno, E2BIG);
+
+ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0);
+ }
+ }
+
+ /* Same as before for SS2designation. */
+ {
+ char inbuf[] = "㴽 \xe3\xb4\xbd";
+
+ for (int i = 0; i < 14; i++)
+ {
+ char *inp = inbuf;
+ size_t inleft = sizeof (inbuf) - 1;
+
+ char *outp = outbufbase - i;
+ size_t outleft = i;
+
+ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft)
+ == (size_t) -1);
+ TEST_COMPARE (errno, E2BIG);
+
+ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0);
+ }
+ }
+
+ /* Same as before for SS3designation. */
+ {
+ char inbuf[] = "劄 \xe5\x8a\x84";
+
+ for (int i = 0; i < 14; i++)
+ {
+ char *inp = inbuf;
+ size_t inleft = sizeof (inbuf) - 1;
+
+ char *outp = outbufbase - i;
+ size_t outleft = i;
+
+ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft)
+ == (size_t) -1);
+ TEST_COMPARE (errno, E2BIG);
+
+ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0);
+ }
+ }
+
+ TEST_VERIFY_EXIT (iconv_close (cd) != -1);
+
+ xmunmap (ntf, ntfsize);
+
+ return 0;
+}
+
+#include <support/test-driver.c>
--
2.44.0

36
nscd-netgroup-cache-timeout.patch
View File

@ -1,36 +0,0 @@
From acc56074b0a5127631a64640aef1b7c5c103ebd8 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 2 May 2024 17:06:19 +0200
Subject: [PATCH] nscd: Use time_t for return type of addgetnetgrentX
Using int may give false results for future dates (timeouts after the
year 2028).
Fixes commit 04a21e050d64a1193a6daab872bca2528bda44b ("CVE-2024-33601,
CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX
(bug 31680)").
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 4bbca1a44691a6e9adcee5c6798a707b626bc331)
---
nscd/netgroupcache.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index e8fe041846..01d554af9c 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -680,8 +680,8 @@ readdinnetgr (struct database_dyn *db, struct hashentry *he,
.key_len = he->len
};
- int timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner,
- he, dh);
+ time_t timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner,
+ he, dh);
if (timeout < 0)
timeout = 0;
return timeout;
--
2.45.0

148
s390-clone-error-clobber-r7.patch
View File

@ -1,148 +0,0 @@
From 02782fd12849b6673cb5c2728cb750e8ec295aa3 Mon Sep 17 00:00:00 2001
From: Stefan Liebler <stli@linux.ibm.com>
Date: Thu, 22 Feb 2024 15:03:27 +0100
Subject: [PATCH] S390: Do not clobber r7 in clone [BZ #31402]
Starting with commit e57d8fc97b90127de4ed3e3a9cdf663667580935
"S390: Always use svc 0"
clone clobbers the call-saved register r7 in error case:
function or stack is NULL.
This patch restores the saved registers also in the error case.
Furthermore the existing test misc/tst-clone is extended to check
all error cases and that clone does not clobber registers in this
error case.
---
sysdeps/unix/sysv/linux/s390/s390-32/clone.S | 1 +
sysdeps/unix/sysv/linux/s390/s390-64/clone.S | 1 +
sysdeps/unix/sysv/linux/tst-clone.c | 73 ++++++++++++++++----
3 files changed, 63 insertions(+), 12 deletions(-)
diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/clone.S b/sysdeps/unix/sysv/linux/s390/s390-32/clone.S
index 4c882ef2ee..a7a863242c 100644
--- a/sysdeps/unix/sysv/linux/s390/s390-32/clone.S
+++ b/sysdeps/unix/sysv/linux/s390/s390-32/clone.S
@@ -53,6 +53,7 @@ ENTRY(__clone)
br %r14
error:
lhi %r2,-EINVAL
+ lm %r6,%r7,24(%r15) /* Load registers. */
j SYSCALL_ERROR_LABEL
PSEUDO_END (__clone)
diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/clone.S b/sysdeps/unix/sysv/linux/s390/s390-64/clone.S
index 4eb104be71..c552a6b8de 100644
--- a/sysdeps/unix/sysv/linux/s390/s390-64/clone.S
+++ b/sysdeps/unix/sysv/linux/s390/s390-64/clone.S
@@ -54,6 +54,7 @@ ENTRY(__clone)
br %r14
error:
lghi %r2,-EINVAL
+ lmg %r6,%r7,48(%r15) /* Restore registers. */
jg SYSCALL_ERROR_LABEL
PSEUDO_END (__clone)
diff --git a/sysdeps/unix/sysv/linux/tst-clone.c b/sysdeps/unix/sysv/linux/tst-clone.c
index 470676ab2b..2bc7124983 100644
--- a/sysdeps/unix/sysv/linux/tst-clone.c
+++ b/sysdeps/unix/sysv/linux/tst-clone.c
@@ -16,12 +16,16 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
-/* BZ #2386 */
+/* BZ #2386, BZ #31402 */
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sched.h>
+#include <stackinfo.h> /* For _STACK_GROWS_{UP,DOWN}. */
+#include <support/check.h>
+
+volatile unsigned v = 0xdeadbeef;
int child_fn(void *arg)
{
@@ -30,22 +34,67 @@ int child_fn(void *arg)
}
static int
-do_test (void)
+__attribute__((noinline))
+do_clone (int (*fn)(void *), void *stack)
{
int result;
+ unsigned int a = v;
+ unsigned int b = v;
+ unsigned int c = v;
+ unsigned int d = v;
+ unsigned int e = v;
+ unsigned int f = v;
+ unsigned int g = v;
+ unsigned int h = v;
+ unsigned int i = v;
+ unsigned int j = v;
+ unsigned int k = v;
+ unsigned int l = v;
+ unsigned int m = v;
+ unsigned int n = v;
+ unsigned int o = v;
+
+ result = clone (fn, stack, 0, NULL);
+
+ /* Check that clone does not clobber call-saved registers. */
+ TEST_VERIFY (a == v && b == v && c == v && d == v && e == v && f == v
+ && g == v && h == v && i == v && j == v && k == v && l == v
+ && m == v && n == v && o == v);
+
+ return result;
+}
+
+static void
+__attribute__((noinline))
+do_test_single (int (*fn)(void *), void *stack)
+{
+ printf ("%s (fn=%p, stack=%p)\n", __FUNCTION__, fn, stack);
+ errno = 0;
+
+ int result = do_clone (fn, stack);
+
+ TEST_COMPARE (errno, EINVAL);
+ TEST_COMPARE (result, -1);
+}
- result = clone (child_fn, NULL, 0, NULL);
+static int
+do_test (void)
+{
+ char st[128 * 1024] __attribute__ ((aligned));
+ void *stack = NULL;
+#if _STACK_GROWS_DOWN
+ stack = st + sizeof (st);
+#elif _STACK_GROWS_UP
+ stack = st;
+#else
+# error "Define either _STACK_GROWS_DOWN or _STACK_GROWS_UP"
+#endif
- if (errno != EINVAL || result != -1)
- {
- printf ("FAIL: clone()=%d (wanted -1) errno=%d (wanted %d)\n",
- result, errno, EINVAL);
- return 1;
- }
+ do_test_single (child_fn, NULL);
+ do_test_single (NULL, stack);
+ do_test_single (NULL, NULL);
- puts ("All OK");
return 0;
}
-#define TEST_FUNCTION do_test ()
-#include "../test-skeleton.c"
+#include <support/test-driver.c>
--
2.44.0

128
sigisemptyset.patch
View File

@ -1,128 +0,0 @@
From 2173173d57971d042c0ad4b281431ae127e9b5b8 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Mon, 11 Mar 2024 15:13:09 +0100
Subject: [PATCH] linux/sigsetops: fix type confusion (bug 31468)
Each mask in the sigset array is an unsigned long, so fix __sigisemptyset
to use that instead of int. The __sigword function returns a simple array
index, so it can return int instead of unsigned long.
---
signal/tst-sigisemptyset.c | 11 +++++++++++
sysdeps/unix/sysv/linux/internal-sigset.h | 8 ++++----
sysdeps/unix/sysv/linux/sigsetops.h | 10 +++++-----
3 files changed, 20 insertions(+), 9 deletions(-)
diff --git a/signal/tst-sigisemptyset.c b/signal/tst-sigisemptyset.c
index f5e35e8c22..11e7f39d09 100644
--- a/signal/tst-sigisemptyset.c
+++ b/signal/tst-sigisemptyset.c
@@ -89,6 +89,17 @@ do_test (void)
TEST_COMPARE (sigisemptyset (&set), 1);
}
+ {
+ sigset_t set;
+ for (int sig = 1; sig <= NSIG; sig++)
+ {
+ sigemptyset (&set);
+ if (sigaddset (&set, sig) < 0)
+ continue;
+ TEST_COMPARE (sigisemptyset (&set), 0);
+ }
+ }
+
return 0;
}
diff --git a/sysdeps/unix/sysv/linux/internal-sigset.h b/sysdeps/unix/sysv/linux/internal-sigset.h
index 3c21c3b6d5..5d7020b42d 100644
--- a/sysdeps/unix/sysv/linux/internal-sigset.h
+++ b/sysdeps/unix/sysv/linux/internal-sigset.h
@@ -54,7 +54,7 @@ static inline int
internal_sigisemptyset (const internal_sigset_t *set)
{
int cnt = __NSIG_WORDS;
- int ret = set->__val[--cnt];
+ unsigned long int ret = set->__val[--cnt];
while (ret == 0 && --cnt >= 0)
ret = set->__val[cnt];
return ret == 0;
@@ -82,7 +82,7 @@ static inline int
internal_sigismember (const internal_sigset_t *set, int sig)
{
unsigned long int mask = __sigmask (sig);
- unsigned long int word = __sigword (sig);
+ int word = __sigword (sig);
return set->__val[word] & mask ? 1 : 0;
}
@@ -90,7 +90,7 @@ static inline void
internal_sigaddset (internal_sigset_t *set, int sig)
{
unsigned long int mask = __sigmask (sig);
- unsigned long int word = __sigword (sig);
+ int word = __sigword (sig);
set->__val[word] |= mask;
}
@@ -98,7 +98,7 @@ static inline void
internal_sigdelset (internal_sigset_t *set, int sig)
{
unsigned long int mask = __sigmask (sig);
- unsigned long int word = __sigword (sig);
+ int word = __sigword (sig);
set->__val[word] &= ~mask;
}
diff --git a/sysdeps/unix/sysv/linux/sigsetops.h b/sysdeps/unix/sysv/linux/sigsetops.h
index abd5576172..33db4f77b8 100644
--- a/sysdeps/unix/sysv/linux/sigsetops.h
+++ b/sysdeps/unix/sysv/linux/sigsetops.h
@@ -28,7 +28,7 @@
(1UL << (((sig) - 1) % ULONG_WIDTH))
/* Return the word index for SIG. */
-static inline unsigned long int
+static inline int
__sigword (int sig)
{
return (sig - 1) / ULONG_WIDTH;
@@ -66,7 +66,7 @@ static inline int
__sigisemptyset (const sigset_t *set)
{
int cnt = __NSIG_WORDS;
- int ret = set->__val[--cnt];
+ unsigned long int ret = set->__val[--cnt];
while (ret == 0 && --cnt >= 0)
ret = set->__val[cnt];
return ret == 0;
@@ -92,7 +92,7 @@ static inline int
__sigismember (const sigset_t *set, int sig)
{
unsigned long int mask = __sigmask (sig);
- unsigned long int word = __sigword (sig);
+ int word = __sigword (sig);
return set->__val[word] & mask ? 1 : 0;
}
@@ -100,7 +100,7 @@ static inline void
__sigaddset (sigset_t *set, int sig)
{
unsigned long int mask = __sigmask (sig);
- unsigned long int word = __sigword (sig);
+ int word = __sigword (sig);
set->__val[word] |= mask;
}
@@ -108,7 +108,7 @@ static inline void
__sigdelset (sigset_t *set, int sig)
{
unsigned long int mask = __sigmask (sig);
- unsigned long int word = __sigword (sig);
+ int word = __sigword (sig);
set->__val[word] &= ~mask;
}
--
2.44.0

1061
stdbit-builtins.patch
View File

File diff suppressed because it is too large Load Diff

645
utmp-time-bits.patch
View File

@ -1,645 +0,0 @@
From 9831f98c266a8d56d1bf729b709c08e40375540c Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Fri, 19 Apr 2024 14:38:17 +0200
Subject: [PATCH] login: Check default sizes of structs utmp, utmpx, lastlog
The default <utmp-size.h> is for ports with a 64-bit time_t.
Ports with a 32-bit time_t or with __WORDSIZE_TIME64_COMPAT32=1
need to override it.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
(cherry picked from commit 4d4da5aab936504b2d3eca3146e109630d9093c4)
---
login/Makefile | 2 +-
login/tst-utmp-size.c | 33 +++++++++++++++++++++++++++++++++
sysdeps/arc/utmp-size.h | 3 +++
sysdeps/arm/utmp-size.h | 2 ++
sysdeps/csky/utmp-size.h | 2 ++
sysdeps/generic/utmp-size.h | 23 +++++++++++++++++++++++
sysdeps/hppa/utmp-size.h | 2 ++
sysdeps/m68k/utmp-size.h | 3 +++
sysdeps/microblaze/utmp-size.h | 2 ++
sysdeps/mips/utmp-size.h | 2 ++
sysdeps/nios2/utmp-size.h | 2 ++
sysdeps/or1k/utmp-size.h | 3 +++
sysdeps/powerpc/utmp-size.h | 2 ++
sysdeps/riscv/utmp-size.h | 2 ++
sysdeps/sh/utmp-size.h | 2 ++
sysdeps/sparc/utmp-size.h | 2 ++
sysdeps/x86/utmp-size.h | 2 ++
17 files changed, 88 insertions(+), 1 deletion(-)
create mode 100644 login/tst-utmp-size.c
create mode 100644 sysdeps/arc/utmp-size.h
create mode 100644 sysdeps/arm/utmp-size.h
create mode 100644 sysdeps/csky/utmp-size.h
create mode 100644 sysdeps/generic/utmp-size.h
create mode 100644 sysdeps/hppa/utmp-size.h
create mode 100644 sysdeps/m68k/utmp-size.h
create mode 100644 sysdeps/microblaze/utmp-size.h
create mode 100644 sysdeps/mips/utmp-size.h
create mode 100644 sysdeps/nios2/utmp-size.h
create mode 100644 sysdeps/or1k/utmp-size.h
create mode 100644 sysdeps/powerpc/utmp-size.h
create mode 100644 sysdeps/riscv/utmp-size.h
create mode 100644 sysdeps/sh/utmp-size.h
create mode 100644 sysdeps/sparc/utmp-size.h
create mode 100644 sysdeps/x86/utmp-size.h
diff --git a/login/Makefile b/login/Makefile
index 1e22008a61..b26ac42bfc 100644
--- a/login/Makefile
+++ b/login/Makefile
@@ -44,7 +44,7 @@ subdir-dirs = programs
vpath %.c programs
tests := tst-utmp tst-utmpx tst-grantpt tst-ptsname tst-getlogin tst-updwtmpx \
- tst-pututxline-lockfail tst-pututxline-cache
+ tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size
# Empty compatibility library for old binaries.
extra-libs := libutil
diff --git a/login/tst-utmp-size.c b/login/tst-utmp-size.c
new file mode 100644
index 0000000000..1b7f7ff042
--- /dev/null
+++ b/login/tst-utmp-size.c
@@ -0,0 +1,33 @@
+/* Check expected sizes of struct utmp, struct utmpx, struct lastlog.
+ Copyright (C) 2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <utmp.h>
+#include <utmpx.h>
+#include <utmp-size.h>
+
+static int
+do_test (void)
+{
+ _Static_assert (sizeof (struct utmp) == UTMP_SIZE, "struct utmp size");
+ _Static_assert (sizeof (struct utmpx) == UTMP_SIZE, "struct utmpx size");
+ _Static_assert (sizeof (struct lastlog) == LASTLOG_SIZE,
+ "struct lastlog size");
+ return 0;
+}
+
+#include <support/test-driver.c>
diff --git a/sysdeps/arc/utmp-size.h b/sysdeps/arc/utmp-size.h
new file mode 100644
index 0000000000..a247fcd3da
--- /dev/null
+++ b/sysdeps/arc/utmp-size.h
@@ -0,0 +1,3 @@
+/* arc has less padding than other architectures with 64-bit time_t. */
+#define UTMP_SIZE 392
+#define LASTLOG_SIZE 296
diff --git a/sysdeps/arm/utmp-size.h b/sysdeps/arm/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/arm/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/csky/utmp-size.h b/sysdeps/csky/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/csky/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/generic/utmp-size.h b/sysdeps/generic/utmp-size.h
new file mode 100644
index 0000000000..89dbe878b0
--- /dev/null
+++ b/sysdeps/generic/utmp-size.h
@@ -0,0 +1,23 @@
+/* Expected sizes of utmp-related structures stored in files. 64-bit version.
+ Copyright (C) 2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+/* Expected size, in bytes, of struct utmp and struct utmpx. */
+#define UTMP_SIZE 400
+
+/* Expected size, in bytes, of struct lastlog. */
+#define LASTLOG_SIZE 296
diff --git a/sysdeps/hppa/utmp-size.h b/sysdeps/hppa/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/hppa/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/m68k/utmp-size.h b/sysdeps/m68k/utmp-size.h
new file mode 100644
index 0000000000..5946685819
--- /dev/null
+++ b/sysdeps/m68k/utmp-size.h
@@ -0,0 +1,3 @@
+/* m68k has 2-byte alignment. */
+#define UTMP_SIZE 382
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/microblaze/utmp-size.h b/sysdeps/microblaze/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/microblaze/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/mips/utmp-size.h b/sysdeps/mips/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/mips/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/nios2/utmp-size.h b/sysdeps/nios2/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/nios2/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/or1k/utmp-size.h b/sysdeps/or1k/utmp-size.h
new file mode 100644
index 0000000000..6b3653aa4d
--- /dev/null
+++ b/sysdeps/or1k/utmp-size.h
@@ -0,0 +1,3 @@
+/* or1k has less padding than other architectures with 64-bit time_t. */
+#define UTMP_SIZE 392
+#define LASTLOG_SIZE 296
diff --git a/sysdeps/powerpc/utmp-size.h b/sysdeps/powerpc/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/powerpc/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/riscv/utmp-size.h b/sysdeps/riscv/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/riscv/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/sh/utmp-size.h b/sysdeps/sh/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/sh/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/sparc/utmp-size.h b/sysdeps/sparc/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/sparc/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
diff --git a/sysdeps/x86/utmp-size.h b/sysdeps/x86/utmp-size.h
new file mode 100644
index 0000000000..8f21ebe1b6
--- /dev/null
+++ b/sysdeps/x86/utmp-size.h
@@ -0,0 +1,2 @@
+#define UTMP_SIZE 384
+#define LASTLOG_SIZE 292
--
2.45.0
From 836d43b98973e0845b739ff5d3aad3af09dc7d0f Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Fri, 19 Apr 2024 14:38:17 +0200
Subject: [PATCH] login: structs utmp, utmpx, lastlog _TIME_BITS independence
(bug 30701)
These structs describe file formats under /var/log, and should not
depend on the definition of _TIME_BITS. This is achieved by
defining __WORDSIZE_TIME64_COMPAT32 to 1 on 32-bit ports that
support 32-bit time_t values (where __time_t is 32 bits).
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
(cherry picked from commit 9abdae94c7454c45e02e97e4ed1eb1b1915d13d8)
---
bits/wordsize.h | 6 ++++--
login/Makefile | 4 +++-
login/tst-utmp-size-64.c | 2 ++
sysdeps/arm/bits/wordsize.h | 21 +++++++++++++++++++
sysdeps/csky/bits/wordsize.h | 21 +++++++++++++++++++
sysdeps/m68k/bits/wordsize.h | 21 +++++++++++++++++++
sysdeps/microblaze/bits/wordsize.h | 21 +++++++++++++++++++
sysdeps/mips/bits/wordsize.h | 6 +-----
sysdeps/nios2/bits/wordsize.h | 21 +++++++++++++++++++
sysdeps/powerpc/powerpc32/bits/wordsize.h | 3 +--
sysdeps/powerpc/powerpc64/bits/wordsize.h | 3 +--
sysdeps/sh/bits/wordsize.h | 21 +++++++++++++++++++
sysdeps/sparc/sparc32/bits/wordsize.h | 2 +-
sysdeps/sparc/sparc64/bits/wordsize.h | 3 +--
sysdeps/unix/sysv/linux/hppa/bits/wordsize.h | 21 +++++++++++++++++++
.../unix/sysv/linux/powerpc/bits/wordsize.h | 3 +--
sysdeps/unix/sysv/linux/sparc/bits/wordsize.h | 3 +--
sysdeps/x86/bits/wordsize.h | 5 ++---
18 files changed, 165 insertions(+), 22 deletions(-)
create mode 100644 login/tst-utmp-size-64.c
create mode 100644 sysdeps/arm/bits/wordsize.h
create mode 100644 sysdeps/csky/bits/wordsize.h
create mode 100644 sysdeps/m68k/bits/wordsize.h
create mode 100644 sysdeps/microblaze/bits/wordsize.h
create mode 100644 sysdeps/nios2/bits/wordsize.h
create mode 100644 sysdeps/sh/bits/wordsize.h
create mode 100644 sysdeps/unix/sysv/linux/hppa/bits/wordsize.h
diff --git a/bits/wordsize.h b/bits/wordsize.h
index 14edae3a11..53013a9275 100644
--- a/bits/wordsize.h
+++ b/bits/wordsize.h
@@ -21,7 +21,9 @@
#define __WORDSIZE32_PTRDIFF_LONG
/* Set to 1 in order to force time types to be 32 bits instead of 64 bits in
- struct lastlog and struct utmp{,x} on 64-bit ports. This may be done in
+ struct lastlog and struct utmp{,x}. This may be done in
order to make 64-bit ports compatible with 32-bit ports. Set to 0 for
- 64-bit ports where the time types are 64-bits or for any 32-bit ports. */
+ 64-bit ports where the time types are 64-bits and new 32-bit ports
+ where time_t is 64 bits, and there is no companion architecture with
+ 32-bit time_t. */
#define __WORDSIZE_TIME64_COMPAT32
diff --git a/login/Makefile b/login/Makefile
index b26ac42bfc..f91190e3dc 100644
--- a/login/Makefile
+++ b/login/Makefile
@@ -44,7 +44,9 @@ subdir-dirs = programs
vpath %.c programs
tests := tst-utmp tst-utmpx tst-grantpt tst-ptsname tst-getlogin tst-updwtmpx \
- tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size
+ tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size tst-utmp-size-64
+
+CFLAGS-tst-utmp-size-64.c += -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
# Empty compatibility library for old binaries.
extra-libs := libutil
diff --git a/login/tst-utmp-size-64.c b/login/tst-utmp-size-64.c
new file mode 100644
index 0000000000..7a581a4c12
--- /dev/null
+++ b/login/tst-utmp-size-64.c
@@ -0,0 +1,2 @@
+/* The on-disk layout must not change in time64 mode. */
+#include "tst-utmp-size.c"
diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h
new file mode 100644
index 0000000000..6ecbfe7c86
--- /dev/null
+++ b/sysdeps/arm/bits/wordsize.h
@@ -0,0 +1,21 @@
+/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#define __WORDSIZE 32
+#define __WORDSIZE_TIME64_COMPAT32 1
+#define __WORDSIZE32_SIZE_ULONG 0
+#define __WORDSIZE32_PTRDIFF_LONG 0
diff --git a/sysdeps/csky/bits/wordsize.h b/sysdeps/csky/bits/wordsize.h
new file mode 100644
index 0000000000..6ecbfe7c86
--- /dev/null
+++ b/sysdeps/csky/bits/wordsize.h
@@ -0,0 +1,21 @@
+/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#define __WORDSIZE 32
+#define __WORDSIZE_TIME64_COMPAT32 1
+#define __WORDSIZE32_SIZE_ULONG 0
+#define __WORDSIZE32_PTRDIFF_LONG 0
diff --git a/sysdeps/m68k/bits/wordsize.h b/sysdeps/m68k/bits/wordsize.h
new file mode 100644
index 0000000000..6ecbfe7c86
--- /dev/null
+++ b/sysdeps/m68k/bits/wordsize.h
@@ -0,0 +1,21 @@
+/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#define __WORDSIZE 32
+#define __WORDSIZE_TIME64_COMPAT32 1
+#define __WORDSIZE32_SIZE_ULONG 0
+#define __WORDSIZE32_PTRDIFF_LONG 0
diff --git a/sysdeps/microblaze/bits/wordsize.h b/sysdeps/microblaze/bits/wordsize.h
new file mode 100644
index 0000000000..6ecbfe7c86
--- /dev/null
+++ b/sysdeps/microblaze/bits/wordsize.h
@@ -0,0 +1,21 @@
+/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#define __WORDSIZE 32
+#define __WORDSIZE_TIME64_COMPAT32 1
+#define __WORDSIZE32_SIZE_ULONG 0
+#define __WORDSIZE32_PTRDIFF_LONG 0
diff --git a/sysdeps/mips/bits/wordsize.h b/sysdeps/mips/bits/wordsize.h
index 57f0f2a22f..30dd3fd85d 100644
--- a/sysdeps/mips/bits/wordsize.h
+++ b/sysdeps/mips/bits/wordsize.h
@@ -19,11 +19,7 @@
#define __WORDSIZE _MIPS_SZPTR
-#if _MIPS_SIM == _ABI64
-# define __WORDSIZE_TIME64_COMPAT32 1
-#else
-# define __WORDSIZE_TIME64_COMPAT32 0
-#endif
+#define __WORDSIZE_TIME64_COMPAT32 1
#if __WORDSIZE == 32
#define __WORDSIZE32_SIZE_ULONG 0
diff --git a/sysdeps/nios2/bits/wordsize.h b/sysdeps/nios2/bits/wordsize.h
new file mode 100644
index 0000000000..6ecbfe7c86
--- /dev/null
+++ b/sysdeps/nios2/bits/wordsize.h
@@ -0,0 +1,21 @@
+/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#define __WORDSIZE 32
+#define __WORDSIZE_TIME64_COMPAT32 1
+#define __WORDSIZE32_SIZE_ULONG 0
+#define __WORDSIZE32_PTRDIFF_LONG 0
diff --git a/sysdeps/powerpc/powerpc32/bits/wordsize.h b/sysdeps/powerpc/powerpc32/bits/wordsize.h
index 04ca9debf0..6993fb6b29 100644
--- a/sysdeps/powerpc/powerpc32/bits/wordsize.h
+++ b/sysdeps/powerpc/powerpc32/bits/wordsize.h
@@ -2,10 +2,9 @@
#if defined __powerpc64__
# define __WORDSIZE 64
-# define __WORDSIZE_TIME64_COMPAT32 1
#else
# define __WORDSIZE 32
-# define __WORDSIZE_TIME64_COMPAT32 0
# define __WORDSIZE32_SIZE_ULONG 0
# define __WORDSIZE32_PTRDIFF_LONG 0
#endif
+#define __WORDSIZE_TIME64_COMPAT32 1
diff --git a/sysdeps/powerpc/powerpc64/bits/wordsize.h b/sysdeps/powerpc/powerpc64/bits/wordsize.h
index 04ca9debf0..6993fb6b29 100644
--- a/sysdeps/powerpc/powerpc64/bits/wordsize.h
+++ b/sysdeps/powerpc/powerpc64/bits/wordsize.h
@@ -2,10 +2,9 @@
#if defined __powerpc64__
# define __WORDSIZE 64
-# define __WORDSIZE_TIME64_COMPAT32 1
#else
# define __WORDSIZE 32
-# define __WORDSIZE_TIME64_COMPAT32 0
# define __WORDSIZE32_SIZE_ULONG 0
# define __WORDSIZE32_PTRDIFF_LONG 0
#endif
+#define __WORDSIZE_TIME64_COMPAT32 1
diff --git a/sysdeps/sh/bits/wordsize.h b/sysdeps/sh/bits/wordsize.h
new file mode 100644
index 0000000000..6ecbfe7c86
--- /dev/null
+++ b/sysdeps/sh/bits/wordsize.h
@@ -0,0 +1,21 @@
+/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#define __WORDSIZE 32
+#define __WORDSIZE_TIME64_COMPAT32 1
+#define __WORDSIZE32_SIZE_ULONG 0
+#define __WORDSIZE32_PTRDIFF_LONG 0
diff --git a/sysdeps/sparc/sparc32/bits/wordsize.h b/sysdeps/sparc/sparc32/bits/wordsize.h
index 4bbd2e63b4..a2e79e0fa9 100644
--- a/sysdeps/sparc/sparc32/bits/wordsize.h
+++ b/sysdeps/sparc/sparc32/bits/wordsize.h
@@ -1,6 +1,6 @@
/* Determine the wordsize from the preprocessor defines. */
#define __WORDSIZE 32
-#define __WORDSIZE_TIME64_COMPAT32 0
+#define __WORDSIZE_TIME64_COMPAT32 1
#define __WORDSIZE32_SIZE_ULONG 0
#define __WORDSIZE32_PTRDIFF_LONG 0
diff --git a/sysdeps/sparc/sparc64/bits/wordsize.h b/sysdeps/sparc/sparc64/bits/wordsize.h
index 2f66f10d72..ea103e5970 100644
--- a/sysdeps/sparc/sparc64/bits/wordsize.h
+++ b/sysdeps/sparc/sparc64/bits/wordsize.h
@@ -2,10 +2,9 @@
#if defined __arch64__ || defined __sparcv9
# define __WORDSIZE 64
-# define __WORDSIZE_TIME64_COMPAT32 1
#else
# define __WORDSIZE 32
-# define __WORDSIZE_TIME64_COMPAT32 0
# define __WORDSIZE32_SIZE_ULONG 0
# define __WORDSIZE32_PTRDIFF_LONG 0
#endif
+#define __WORDSIZE_TIME64_COMPAT32 1
diff --git a/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h b/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h
new file mode 100644
index 0000000000..6ecbfe7c86
--- /dev/null
+++ b/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h
@@ -0,0 +1,21 @@
+/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#define __WORDSIZE 32
+#define __WORDSIZE_TIME64_COMPAT32 1
+#define __WORDSIZE32_SIZE_ULONG 0
+#define __WORDSIZE32_PTRDIFF_LONG 0
diff --git a/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h b/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h
index 04ca9debf0..6993fb6b29 100644
--- a/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h
+++ b/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h
@@ -2,10 +2,9 @@
#if defined __powerpc64__
# define __WORDSIZE 64
-# define __WORDSIZE_TIME64_COMPAT32 1
#else
# define __WORDSIZE 32
-# define __WORDSIZE_TIME64_COMPAT32 0
# define __WORDSIZE32_SIZE_ULONG 0
# define __WORDSIZE32_PTRDIFF_LONG 0
#endif
+#define __WORDSIZE_TIME64_COMPAT32 1
diff --git a/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h b/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h
index 7562875ee2..ea103e5970 100644
--- a/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h
+++ b/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h
@@ -2,10 +2,9 @@
#if defined __arch64__ || defined __sparcv9
# define __WORDSIZE 64
-# define __WORDSIZE_TIME64_COMPAT32 1
#else
# define __WORDSIZE 32
# define __WORDSIZE32_SIZE_ULONG 0
# define __WORDSIZE32_PTRDIFF_LONG 0
-# define __WORDSIZE_TIME64_COMPAT32 0
#endif
+#define __WORDSIZE_TIME64_COMPAT32 1
diff --git a/sysdeps/x86/bits/wordsize.h b/sysdeps/x86/bits/wordsize.h
index 70f652bca1..3f40aa76f9 100644
--- a/sysdeps/x86/bits/wordsize.h
+++ b/sysdeps/x86/bits/wordsize.h
@@ -8,10 +8,9 @@
#define __WORDSIZE32_PTRDIFF_LONG 0
#endif
+#define __WORDSIZE_TIME64_COMPAT32 1
+
#ifdef __x86_64__
-# define __WORDSIZE_TIME64_COMPAT32 1
/* Both x86-64 and x32 use the 64-bit system call interface. */
# define __SYSCALL_WORDSIZE 64
-#else
-# define __WORDSIZE_TIME64_COMPAT32 0
#endif
--
2.45.0