glibc/s390: Save and restore fprs/vrs while resolving symbols.
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Ubuntu on IBM z Systems |
Fix Released
|
Undecided
|
Unassigned | ||
| glibc (Ubuntu) |
Fix Released
|
High
|
Adam Conrad | ||
Bug Description
== Comment: #0 - Stefan Liebler <email address hidden> - 2016-04-01 08:33:44 ==
On s390, no fpr/vrs were saved while resolving a symbol
via _dl_runtime_
According to the abi, the fpr-arguments are defined as call clobbered.
In leaf-functions, gcc 4.9 and newer can use fprs for saving/restoring gprs
instead of saving them to the stack.
If gcc do this in one of the resolver-functions, then the floating point
arguments of a library-function are invalid for the first library-
Thus, this patch (see below) saves/restores the fprs around the resolving code.
The same could occur for vector registers. Furthermore an ifunc-resolver
could also clobber the vector/floating point argument registers.
Thus this patch provides the further variants _dl_runtime_
_dl_runtime_
we run on a machine with vector registers.
Furthermore, if _dl_runtime_profile calls _dl_call_pltexit,
the pointers to inregs-
Now they point to the correct location in the stack-frame.
Before branching back to the caller, the return values are now
restored instead of containing the return values of the
_dl_call_pltexit() call.
On s390-32, an endless loop occurs if _dl_call_pltexit() should be called.
Now, this code-path branches to this function instead of just after the
preceding basr-instruction.
(Picked from upstream commits 4603c51ef7989d7
and d8a012c5c9e4bfc
Starting with z13, vector registers can also occur as argument registers.
Thus the passed input/output register structs for
la_s390_
registers. This patch extends these structs La_s390_regs and La_s390_retval
and adjusts _dl_runtime_
running on a z13 machine.
(picked from upstream commit 5cdd1989d1d2f13
These upstream patches are also backported to glibc 2.23 release branch:
S390: Save and restore fprs/vrs while resolving symbols.
https:/
S390: Extend structs La_s390_regs / La_s390_retval with vector-registers.
https:/
Please pull both and add it to ubuntu glibc package.
CVE References
| tags: | added: architecture-s39064 bugnameltc-139912 severity-high targetmilestone-inin1604 |
| Changed in ubuntu: | |
| assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
| affects: | ubuntu → glibc (Ubuntu) |
| Changed in glibc (Ubuntu): | |
| assignee: | Skipper Bug Screeners (skipper-screen-team) → Adam Conrad (adconrad) |
| Changed in glibc (Ubuntu): | |
| importance: | Undecided → High |
| bugproxy (bugproxy) wrote Comment bridged from LTC Bugzilla | #1 |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in glibc (Ubuntu): | |
| status: | New → Fix Released |
| Changed in ubuntu-z-systems: | |
| status: | New → Fix Released |
------- Comment From <email address hidden> 2016-04-11 10:51 EDT-------
Canonical, will these updates been taken for glibc?