diff -Nru glibc-2.31/debian/changelog glibc-2.31/debian/changelog --- glibc-2.31/debian/changelog 2022-02-24 19:42:40.000000000 +0000 +++ glibc-2.31/debian/changelog 2023-11-22 13:32:50.000000000 +0000 @@ -1,3 +1,85 @@ +glibc (2.31-0ubuntu9.14) focal-security; urgency=medium + + * SECURITY UPDATE: use-after-free through getcanonname_r plugin call + - debian/patches/any/CVE-2023-4806.patch: copy h_name over and free it at + the end (getaddrinfo). + - CVE-2023-4806 + * SECURITY UPDATE: use-after-free in gaih_inet function + - debian/patches/any/CVE-2023-4813.patch: simplify allocations and fix + merge and continue actions. + - CVE-2023-4813 + * debian/testsuite-xfail-debian.mk: add tst-nss-gai-actions and + tst-nss-gai-hv2-canonname to xfails (container tests). + + -- Camila Camargo de Matos Wed, 22 Nov 2023 10:32:50 -0300 + +glibc (2.31-0ubuntu9.12) focal; urgency=medium + + * Drop SVE memcpy implementation due to kernel-related performance + regression + + -- Simon Chopin Wed, 26 Jul 2023 09:44:39 +0200 + +glibc (2.31-0ubuntu9.11) focal; urgency=medium + + * Drop memcmp arm64 SIMD optimization patch due to performance regression + on Raspberry Pi 3+ and 4 + + -- Simon Chopin Fri, 07 Jul 2023 10:12:59 +0200 + +glibc (2.31-0ubuntu9.10) focal; urgency=medium + + [ Andrei Gherzan ] + * d/p/lp1910312: Backport upstream fix for SEM_STAT_ANY (LP: #1910312) + + [ Simon Chopin ] + * d/p/lp1999551/*: backport mem{cmp,cpy} optimizations for arm64 (LP: #1999551) + * d/p/lp2001932/*: fix segfault in AVX2 strncmp (LP: #2001932) + * d/p/lp2001975/*: fix overflow in AVX2 wcsncmp (LP: #2001975) + + -- Simon Chopin Wed, 31 May 2023 17:57:25 +0200 + +glibc (2.31-0ubuntu9.9) focal; urgency=medium + + * Disable testsuite on riscv64. It is failing maths tests intermittently in + ways that cannot be a glibc regression and is disabled in later series + anyway. + + -- Michael Hudson-Doyle Thu, 07 Apr 2022 13:24:41 +1200 + +glibc (2.31-0ubuntu9.8) focal; urgency=medium + + * Update for 20.04. (LP: #1951033) + + [ Balint Reczey ] + * Cherry-pick upstream patch to fix building with -moutline-atomics + * Prevent rare deadlock in pthread_cond_signal (LP: #1899800) + + [ Matthias Klose ] + * Revert: Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind. + Enables debugging ld.so related issues. (LP: #1918035) + * Don't strip ld.so on armhf. (LP: #1927192) + + [ Gunnar Hjalmarsson ] + * d/local/usr_sbin/update-locale: improve sanity checks. (LP: #1892825) + + [ Heitor Alves de Siqueira ] + * d/p/u/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch: + - Fix memcpy() performance regression on x86 AMD systems (LP: #1928508) + + [ Aurelien Jarno ] + * debian/debhelper.in/libc.preinst: drop the check for kernel release + > 255 now that glibc and preinstall script are fixed. (LP: #1962225) + + [ Michael Hudson-Doyle ] + * libc6 on arm64 is now built with -moutline-atomics so libc6-lse can now be + an empty package that is safe to remove. (LP: #1912652) + * d/patches/u/aarch64-memcpy-improvements.patch: Backport memcpy + improvements. (LP: #1951032) + * Add test-float64x-yn to xfails on riscv64. + + -- Michael Hudson-Doyle Thu, 10 Mar 2022 14:36:19 +1300 + glibc (2.31-0ubuntu9.7) focal-security; urgency=medium * SECURITY UPDATE: infinite loop in iconv diff -Nru glibc-2.31/debian/control glibc-2.31/debian/control --- glibc-2.31/debian/control 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/control 2023-07-26 07:44:39.000000000 +0000 @@ -906,19 +906,15 @@ Package: libc6-lse Architecture: arm64 -Section: libs +Section: oldlibs Priority: optional Multi-Arch: same Depends: libc6 (= ${binary:Version}), ${misc:Depends} -Build-Profiles: -Description: GNU C Library: Shared Libraries - Contains the standard libraries that are used by nearly all programs on - the system. This package includes shared versions of the standard C library - and the standard math library, as well as many others. - . - This set of libraries is optimized to support Large System Extensions (LSE). - It only needs to be installed on ARM machine supporting LSE. If you install - this on an machine without LSE support, it won't be used. +Description: Dummy package. + This package used to contain libraries optimized to support the "large + system extensions", but such support is now contained in the base libraries + in a way that works on all systems. This package is empty and can safely be + removed. Package: libc6-prof Architecture: amd64 arm64 armhf ppc64el riscv64 diff -Nru glibc-2.31/debian/control.in/opt glibc-2.31/debian/control.in/opt --- glibc-2.31/debian/control.in/opt 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/control.in/opt 2023-07-26 07:44:39.000000000 +0000 @@ -49,19 +49,15 @@ Package: libc6-lse Architecture: arm64 -Section: libs +Section: oldlibs Priority: optional Multi-Arch: same Depends: libc6 (= ${binary:Version}), ${misc:Depends} -Build-Profiles: -Description: GNU C Library: Shared Libraries - Contains the standard libraries that are used by nearly all programs on - the system. This package includes shared versions of the standard C library - and the standard math library, as well as many others. - . - This set of libraries is optimized to support Large System Extensions (LSE). - It only needs to be installed on ARM machine supporting LSE. If you install - this on an machine without LSE support, it won't be used. +Description: Dummy package. + This package used to contain libraries optimized to support the "large + system extensions", but such support is now contained in the base libraries + in a way that works on all systems. This package is empty and can safely be + removed. Package: libc6-prof Architecture: amd64 arm64 armhf ppc64el riscv64 diff -Nru glibc-2.31/debian/debhelper.in/libc.preinst glibc-2.31/debian/debhelper.in/libc.preinst --- glibc-2.31/debian/debhelper.in/libc.preinst 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/debhelper.in/libc.preinst 2023-07-26 07:44:39.000000000 +0000 @@ -136,21 +136,6 @@ system=`uname -s` if [ "$system" = "Linux" ] then - # Test to make sure z < 255, in x.y.z-n form of kernel version - # Also make sure we don't trip on x.y.zFOO-n form - kernel_rev=$(uname -r | sed 's/\([0-9]*\.\)\{1,2\}\([0-9]*\)\(.*\)/\2/') - if [ "$kernel_rev" -ge 255 ] - then - echo "ERROR: Your kernel version indicates a revision number" - echo "of 255 or greater. Glibc has a number of built in" - echo "assumptions that this revision number is less than 255." - echo "If you\'ve built your own kernel, please make sure that any" - echo "custom version numbers are appended to the upstream" - echo "kernel number with a dash or some other delimiter." - echo - exit 1 - fi - # sanity checking for the appropriate kernel on each architecture. kernel_ver=`uname -r` case ${DPKG_MAINTSCRIPT_ARCH} in diff -Nru glibc-2.31/debian/local/usr_sbin/update-locale glibc-2.31/debian/local/usr_sbin/update-locale --- glibc-2.31/debian/local/usr_sbin/update-locale 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/local/usr_sbin/update-locale 2023-06-16 10:22:06.000000000 +0000 @@ -64,7 +64,7 @@ } for (@ARGV) { - if (m/(.*?)=(.*)/) + if (m/(\w+)=(.*)/) { $arg{$1} = $2; } diff -Nru glibc-2.31/debian/patches/any/CVE-2023-4806.patch glibc-2.31/debian/patches/any/CVE-2023-4806.patch --- glibc-2.31/debian/patches/any/CVE-2023-4806.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/any/CVE-2023-4806.patch 2023-11-22 13:32:50.000000000 +0000 @@ -0,0 +1,328 @@ +Origin: backport, https://sourceware.org/git/?p=glibc.git;a=commit;h=973fe93a5675c42798b2161c6f29c01b0e243994 +Origin: backport, patch glibc-RHEL-2422.patch available in the glibc-2.28-225.el8_8.6.src.rpm package (RHEL) + +From 973fe93a5675c42798b2161c6f29c01b0e243994 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Fri, 15 Sep 2023 13:51:12 -0400 +Subject: [PATCH] getaddrinfo: Fix use after free in getcanonname + (CVE-2023-4806) + +When an NSS plugin only implements the _gethostbyname2_r and +_getcanonname_r callbacks, getaddrinfo could use memory that was freed +during tmpbuf resizing, through h_name in a previous query response. + +The backing store for res->at->name when doing a query with +gethostbyname3_r or gethostbyname2_r is tmpbuf, which is reallocated in +gethosts during the query. For AF_INET6 lookup with AI_ALL | +AI_V4MAPPED, gethosts gets called twice, once for a v6 lookup and second +for a v4 lookup. In this case, if the first call reallocates tmpbuf +enough number of times, resulting in a malloc, th->h_name (that +res->at->name refers to) ends up on a heap allocated storage in tmpbuf. +Now if the second call to gethosts also causes the plugin callback to +return NSS_STATUS_TRYAGAIN, tmpbuf will get freed, resulting in a UAF +reference in res->at->name. This then gets dereferenced in the +getcanonname_r plugin call, resulting in the use after free. + +Fix this by copying h_name over and freeing it at the end. This +resolves BZ #30843, which is assigned CVE-2023-4806. + +Signed-off-by: Siddhesh Poyarekar +--- + nss/Makefile | 15 ++++- + nss/nss_test_gai_hv2_canonname.c | 56 +++++++++++++++++ + nss/tst-nss-gai-hv2-canonname.c | 63 +++++++++++++++++++ + nss/tst-nss-gai-hv2-canonname.h | 1 + + .../postclean.req | 0 + .../tst-nss-gai-hv2-canonname.script | 2 + + sysdeps/posix/getaddrinfo.c | 25 +++++--- + 7 files changed, 152 insertions(+), 10 deletions(-) + create mode 100644 nss/nss_test_gai_hv2_canonname.c + create mode 100644 nss/tst-nss-gai-hv2-canonname.c + create mode 100644 nss/tst-nss-gai-hv2-canonname.h + create mode 100644 nss/tst-nss-gai-hv2-canonname.root/postclean.req + create mode 100644 nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script + +Index: glibc-2.31/nss/Makefile +=================================================================== +--- glibc-2.31.orig/nss/Makefile ++++ glibc-2.31/nss/Makefile +@@ -64,7 +64,8 @@ tests-container = \ + tst-nss-files-hosts-long \ + tst-nss-db-endpwent \ + tst-nss-db-endgrent \ +- tst-nss-gai-actions ++ tst-nss-gai-actions \ ++ tst-nss-gai-hv2-canonname + + # Tests which need libdl + ifeq (yes,$(build-shared)) +@@ -119,7 +120,7 @@ routines += $(libnss_file + static-only-routines += $(libnss_files-routines) + tests-static += tst-nss-static + endif +-extra-test-objs += nss_test1.os nss_test2.os ++extra-test-objs += nss_test1.os nss_test2.os nss_test_gai_hv2_canonname.os + + include ../Rules + +@@ -155,10 +156,15 @@ rtld-tests-LDFLAGS += -Wl,--dynamic-list + + libof-nss_test1 = extramodules + libof-nss_test2 = extramodules ++libof-nss_test_gai_hv2_canonname = extramodules + $(objpfx)/libnss_test1.so: $(objpfx)nss_test1.os $(link-libc-deps) + $(build-module) + $(objpfx)/libnss_test2.so: $(objpfx)nss_test2.os $(link-libc-deps) + $(build-module) ++$(objpfx)/libnss_test_gai_hv2_canonname.so: \ ++ $(objpfx)nss_test_gai_hv2_canonname.os $(link-libc-deps) \ ++ $(objpfx)/libnss_files.so ++ $(build-module) + $(objpfx)nss_test2.os : nss_test1.c + ifdef libnss_test1.so-version + $(objpfx)/libnss_test1.so$(libnss_test1.so-version): $(objpfx)/libnss_test1.so +@@ -168,9 +173,13 @@ ifdef libnss_test2.so-version + $(objpfx)/libnss_test2.so$(libnss_test2.so-version): $(objpfx)/libnss_test2.so + $(make-link) + endif ++$(objpfx)/libnss_test_gai_hv2_canonname.so$(libnss_files.so-version): \ ++ $(objpfx)/libnss_test_gai_hv2_canonname.so ++ $(make-link) + $(patsubst %,$(objpfx)%.out,$(tests) $(tests-container)) : \ + $(objpfx)/libnss_test1.so$(libnss_test1.so-version) \ +- $(objpfx)/libnss_test2.so$(libnss_test2.so-version) ++ $(objpfx)/libnss_test2.so$(libnss_test2.so-version) \ ++ $(objpfx)/libnss_test_gai_hv2_canonname.so$(libnss_files.so-version) + + ifeq (yes,$(have-thread-library)) + $(objpfx)tst-cancel-getpwuid_r: $(shared-thread-library) +@@ -183,3 +192,4 @@ $(objpfx)tst-nss-files-alias-leak: $(lib + $(objpfx)tst-nss-files-alias-leak.out: $(objpfx)/libnss_files.so + $(objpfx)tst-nss-files-alias-truncated: $(libdl) + $(objpfx)tst-nss-files-alias-truncated.out: $(objpfx)/libnss_files.so ++LDFLAGS-tst-nss-test_gai_hv2_canonname = -Wl,--disable-new-dtags +Index: glibc-2.31/nss/nss_test_gai_hv2_canonname.c +=================================================================== +--- /dev/null ++++ glibc-2.31/nss/nss_test_gai_hv2_canonname.c +@@ -0,0 +1,64 @@ ++/* NSS service provider that only provides gethostbyname2_r. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include "nss/tst-nss-gai-hv2-canonname.h" ++ ++/* Catch misnamed and functions. */ ++#pragma GCC diagnostic error "-Wmissing-prototypes" ++ ++extern enum nss_status _nss_files_gethostbyname2_r (const char *, int, ++ struct hostent *, char *, ++ size_t, int *, int *); ++ ++enum nss_status ++_nss_test_gai_hv2_canonname_gethostbyname2_r (const char *, int, struct hostent ++ *, char *, size_t, int *, int *); ++ ++enum nss_status ++_nss_test_gai_hv2_canonname_getcanonname_r (const char *, char *, size_t, char ++ **, int *, int *); ++ ++enum nss_status ++_nss_test_gai_hv2_canonname_gethostbyname2_r (const char *name, int af, ++ struct hostent *result, ++ char *buffer, size_t buflen, ++ int *errnop, int *herrnop) ++{ ++ return _nss_files_gethostbyname2_r (name, af, result, buffer, buflen, errnop, ++ herrnop); ++} ++ ++enum nss_status ++_nss_test_gai_hv2_canonname_getcanonname_r (const char *name, char *buffer, ++ size_t buflen, char **result, ++ int *errnop, int *h_errnop) ++{ ++ /* We expect QUERYNAME, which is a small enough string that it shouldn't fail ++ the test. */ ++ if (memcmp (QUERYNAME, name, sizeof (QUERYNAME)) ++ || buflen < sizeof (QUERYNAME)) ++ abort (); ++ ++ strncpy (buffer, name, buflen); ++ *result = buffer; ++ return NSS_STATUS_SUCCESS; ++} +Index: glibc-2.31/nss/tst-nss-gai-hv2-canonname.c +=================================================================== +--- /dev/null ++++ glibc-2.31/nss/tst-nss-gai-hv2-canonname.c +@@ -0,0 +1,63 @@ ++/* Test NSS query path for plugins that only implement gethostbyname2 ++ (#30843). ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include "nss/tst-nss-gai-hv2-canonname.h" ++ ++#define PREPARE do_prepare ++ ++static void do_prepare (int a, char **av) ++{ ++ FILE *hosts = xfopen ("/etc/hosts", "w"); ++ for (unsigned i = 2; i < 255; i++) ++ { ++ fprintf (hosts, "ff01::ff02:ff03:%u:2\ttest.example.com\n", i); ++ fprintf (hosts, "192.168.0.%u\ttest.example.com\n", i); ++ } ++ xfclose (hosts); ++} ++ ++static int ++do_test (void) ++{ ++ __nss_configure_lookup ("hosts", "test_gai_hv2_canonname"); ++ ++ struct addrinfo hints = {}; ++ struct addrinfo *result = NULL; ++ ++ hints.ai_family = AF_INET6; ++ hints.ai_flags = AI_ALL | AI_V4MAPPED | AI_CANONNAME; ++ ++ int ret = getaddrinfo (QUERYNAME, NULL, &hints, &result); ++ ++ if (ret != 0) ++ FAIL_EXIT1 ("getaddrinfo failed: %s\n", gai_strerror (ret)); ++ ++ TEST_COMPARE_STRING (result->ai_canonname, QUERYNAME); ++ ++ freeaddrinfo(result); ++ return 0; ++} ++ ++#include +Index: glibc-2.31/nss/tst-nss-gai-hv2-canonname.h +=================================================================== +--- /dev/null ++++ glibc-2.31/nss/tst-nss-gai-hv2-canonname.h +@@ -0,0 +1 @@ ++#define QUERYNAME "test.example.com" +Index: glibc-2.31/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script +=================================================================== +--- /dev/null ++++ glibc-2.31/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script +@@ -0,0 +1,2 @@ ++cp $B/nss/libnss_test_gai_hv2_canonname.so $L/libnss_test_gai_hv2_canonname.so.2 ++su +Index: glibc-2.31/sysdeps/posix/getaddrinfo.c +=================================================================== +--- glibc-2.31.orig/sysdeps/posix/getaddrinfo.c ++++ glibc-2.31/sysdeps/posix/getaddrinfo.c +@@ -232,7 +232,6 @@ convert_hostent_to_gaih_addrtuple (const + } + array[i].next = array + i + 1; + } +- array[0].name = h->h_name; + array[count - 1].next = NULL; + + *result = array; +@@ -283,6 +282,18 @@ convert_hostent_to_gaih_addrtuple (const + } \ + *pat = addrmem; \ + \ ++ /* Store h_name so that it survives accidental deallocation when \ ++ gethosts is called again and tmpbuf gets reallocated. */ \ ++ if (h_name == NULL && th.h_name != NULL) \ ++ { \ ++ h_name = __strdup (th.h_name); \ ++ if (h_name == NULL) \ ++ { \ ++ __resolv_context_put (res_ctx); \ ++ result = -EAI_SYSTEM; \ ++ goto free_and_return; \ ++ } \ ++ } \ + if (localcanon != NULL && canon == NULL) \ + { \ + canonbuf = __strdup (localcanon); \ +@@ -319,15 +330,15 @@ typedef enum nss_status (*nss_getcanonna + memory allocation failure. The returned string is allocated on the + heap; the caller has to free it. */ + static char * +-getcanonname (service_user *nip, struct gaih_addrtuple *at, const char *name) ++getcanonname (service_user *nip, const char *hname, const char *name) + { + nss_getcanonname_r cfct = __nss_lookup_function (nip, "getcanonname_r"); + char *s = (char *) name; + if (cfct != NULL) + { + char buf[256]; +- if (DL_CALL_FCT (cfct, (at->name ?: name, buf, sizeof (buf), +- &s, &errno, &h_errno)) != NSS_STATUS_SUCCESS) ++ if (DL_CALL_FCT (cfct, (hname ?: name, buf, sizeof (buf), &s, &errno, ++ &h_errno)) != NSS_STATUS_SUCCESS) + /* If the canonical name cannot be determined, use the passed + string. */ + s = (char *) name; +@@ -345,6 +356,7 @@ gaih_inet (const char *name, const struc + struct gaih_addrtuple *at = NULL; + bool got_ipv6 = false; + const char *canon = NULL; ++ char *h_name = NULL; + const char *orig_name = name; + + /* Reserve stack memory for the scratch buffer in the getaddrinfo +@@ -911,7 +923,7 @@ gaih_inet (const char *name, const struc + if ((req->ai_flags & AI_CANONNAME) != 0 + && canon == NULL) + { +- canonbuf = getcanonname (nip, at, name); ++ canonbuf = getcanonname (nip, h_name, name); + if (canonbuf == NULL) + { + __resolv_context_put (res_ctx); +@@ -1158,6 +1170,7 @@ gaih_inet (const char *name, const struc + free ((char *) name); + free (addrmem); + free (canonbuf); ++ free (h_name); + + return result; + } diff -Nru glibc-2.31/debian/patches/any/CVE-2023-4813.patch glibc-2.31/debian/patches/any/CVE-2023-4813.patch --- glibc-2.31/debian/patches/any/CVE-2023-4813.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/any/CVE-2023-4813.patch 2023-11-22 13:32:50.000000000 +0000 @@ -0,0 +1,983 @@ +Origin: backport, https://sourceware.org/git/?p=glibc.git;a=commit;h=6e867146ee01de3ed1e94e777372093812a578e9 + +From 6e867146ee01de3ed1e94e777372093812a578e9 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Thu, 17 Mar 2022 11:44:34 +0530 +Subject: [PATCH] Simplify allocations and fix merge and continue actions [BZ + #28931] + +Allocations for address tuples is currently a bit confusing because of +the pointer chasing through PAT, making it hard to observe the sequence +in which allocations have been made. Narrow scope of the pointer +chasing through PAT so that it is only used where necessary. + +This also tightens actions behaviour with the hosts database in +getaddrinfo to comply with the manual text. The "continue" action +discards previous results and the "merge" action results in an immedate +lookup failure. Consequently, chaining of allocations across modules is +no longer necessary, thus opening up cleanup opportunities. + +A test has been added that checks some combinations to ensure that they +work correctly. + +Resolves: BZ #28931 + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: DJ Delorie +(cherry picked from commit 1c37b8022e8763fedbb3f79c02e05c6acfe5a215) +--- + nss/Makefile | 3 +- + nss/tst-nss-gai-actions.c | 149 ++++++ + nss/tst-nss-gai-actions.root/etc/host.conf | 1 + + nss/tst-nss-gai-actions.root/etc/hosts | 508 +++++++++++++++++++++ + sysdeps/posix/getaddrinfo.c | 143 +++--- + 5 files changed, 751 insertions(+), 53 deletions(-) + create mode 100644 nss/tst-nss-gai-actions.c + create mode 100644 nss/tst-nss-gai-actions.root/etc/host.conf + create mode 100644 nss/tst-nss-gai-actions.root/etc/hosts + +Index: glibc-2.31/nss/Makefile +=================================================================== +--- glibc-2.31.orig/nss/Makefile ++++ glibc-2.31/nss/Makefile +@@ -63,7 +63,8 @@ tests-container = \ + tst-nss-test3 \ + tst-nss-files-hosts-long \ + tst-nss-db-endpwent \ +- tst-nss-db-endgrent ++ tst-nss-db-endgrent \ ++ tst-nss-gai-actions + + # Tests which need libdl + ifeq (yes,$(build-shared)) +Index: glibc-2.31/nss/tst-nss-gai-actions.c +=================================================================== +--- /dev/null ++++ glibc-2.31/nss/tst-nss-gai-actions.c +@@ -0,0 +1,150 @@ ++/* Test continue and merge NSS actions for getaddrinfo. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++#include ++ ++enum ++{ ++ ACTION_MERGE = 0, ++ ACTION_CONTINUE, ++}; ++ ++static const char * ++family_str (int family) ++{ ++ switch (family) ++ { ++ case AF_UNSPEC: ++ return "AF_UNSPEC"; ++ case AF_INET: ++ return "AF_INET"; ++ default: ++ __builtin_unreachable (); ++ } ++} ++ ++static const char * ++action_str (int action) ++{ ++ switch (action) ++ { ++ case ACTION_MERGE: ++ return "merge"; ++ case ACTION_CONTINUE: ++ return "continue"; ++ default: ++ __builtin_unreachable (); ++ } ++} ++ ++static void ++do_one_test (int action, int family, bool canon) ++{ ++ struct addrinfo hints = ++ { ++ .ai_family = family, ++ }; ++ ++ struct addrinfo *ai; ++ ++ if (canon) ++ hints.ai_flags = AI_CANONNAME; ++ ++ printf ("***** Testing \"files [SUCCESS=%s] files\" for family %s, %s\n", ++ action_str (action), family_str (family), ++ canon ? "AI_CANONNAME" : ""); ++ ++ int ret = getaddrinfo ("example.org", "80", &hints, &ai); ++ ++ switch (action) ++ { ++ case ACTION_MERGE: ++ if (ret == 0) ++ { ++ char *formatted = support_format_addrinfo (ai, ret); ++ ++ printf ("merge unexpectedly succeeded:\n %s\n", formatted); ++ support_record_failure (); ++ free (formatted); ++ } ++ else ++ return; ++ case ACTION_CONTINUE: ++ { ++ char *formatted = support_format_addrinfo (ai, ret); ++ ++ /* Verify that the result appears exactly once. */ ++ const char *expected = "address: STREAM/TCP 192.0.0.1 80\n" ++ "address: DGRAM/UDP 192.0.0.1 80\n" ++ "address: RAW/IP 192.0.0.1 80\n"; ++ ++ const char *contains = strstr (formatted, expected); ++ const char *contains2 = NULL; ++ ++ if (contains != NULL) ++ contains2 = strstr (contains + strlen (expected), expected); ++ ++ if (contains == NULL || contains2 != NULL) ++ { ++ printf ("continue failed:\n%s\n", formatted); ++ support_record_failure (); ++ } ++ ++ free (formatted); ++ break; ++ } ++ default: ++ __builtin_unreachable (); ++ } ++} ++ ++static void ++do_one_test_set (int action) ++{ ++ char buf[32]; ++ ++ snprintf (buf, sizeof (buf), "files [SUCCESS=%s] files", ++ action_str (action)); ++ __nss_configure_lookup ("hosts", buf); ++ ++ do_one_test (action, AF_UNSPEC, false); ++ do_one_test (action, AF_INET, false); ++ do_one_test (action, AF_INET, true); ++} ++ ++static int ++do_test (void) ++{ ++ do_one_test_set (ACTION_CONTINUE); ++ do_one_test_set (ACTION_MERGE); ++ return 0; ++} ++ ++#include +Index: glibc-2.31/nss/tst-nss-gai-actions.root/etc/host.conf +=================================================================== +--- /dev/null ++++ glibc-2.31/nss/tst-nss-gai-actions.root/etc/host.conf +@@ -0,0 +1 @@ ++multi on +Index: glibc-2.31/nss/tst-nss-gai-actions.root/etc/hosts +=================================================================== +--- /dev/null ++++ glibc-2.31/nss/tst-nss-gai-actions.root/etc/hosts +@@ -0,0 +1,508 @@ ++192.0.0.1 example.org ++192.0.0.2 example.org ++192.0.0.3 example.org ++192.0.0.4 example.org ++192.0.0.5 example.org ++192.0.0.6 example.org ++192.0.0.7 example.org ++192.0.0.8 example.org ++192.0.0.9 example.org ++192.0.0.10 example.org ++192.0.0.11 example.org ++192.0.0.12 example.org ++192.0.0.13 example.org ++192.0.0.14 example.org ++192.0.0.15 example.org ++192.0.0.16 example.org ++192.0.0.17 example.org ++192.0.0.18 example.org ++192.0.0.19 example.org ++192.0.0.20 example.org ++192.0.0.21 example.org ++192.0.0.22 example.org ++192.0.0.23 example.org ++192.0.0.24 example.org ++192.0.0.25 example.org ++192.0.0.26 example.org ++192.0.0.27 example.org ++192.0.0.28 example.org ++192.0.0.29 example.org ++192.0.0.30 example.org ++192.0.0.31 example.org ++192.0.0.32 example.org ++192.0.0.33 example.org ++192.0.0.34 example.org ++192.0.0.35 example.org ++192.0.0.36 example.org ++192.0.0.37 example.org ++192.0.0.38 example.org ++192.0.0.39 example.org ++192.0.0.40 example.org ++192.0.0.41 example.org ++192.0.0.42 example.org ++192.0.0.43 example.org ++192.0.0.44 example.org ++192.0.0.45 example.org ++192.0.0.46 example.org ++192.0.0.47 example.org ++192.0.0.48 example.org ++192.0.0.49 example.org ++192.0.0.50 example.org ++192.0.0.51 example.org ++192.0.0.52 example.org ++192.0.0.53 example.org ++192.0.0.54 example.org ++192.0.0.55 example.org ++192.0.0.56 example.org ++192.0.0.57 example.org ++192.0.0.58 example.org ++192.0.0.59 example.org ++192.0.0.60 example.org ++192.0.0.61 example.org ++192.0.0.62 example.org ++192.0.0.63 example.org ++192.0.0.64 example.org ++192.0.0.65 example.org ++192.0.0.66 example.org ++192.0.0.67 example.org ++192.0.0.68 example.org ++192.0.0.69 example.org ++192.0.0.70 example.org ++192.0.0.71 example.org ++192.0.0.72 example.org ++192.0.0.73 example.org ++192.0.0.74 example.org ++192.0.0.75 example.org ++192.0.0.76 example.org ++192.0.0.77 example.org ++192.0.0.78 example.org ++192.0.0.79 example.org ++192.0.0.80 example.org ++192.0.0.81 example.org ++192.0.0.82 example.org ++192.0.0.83 example.org ++192.0.0.84 example.org ++192.0.0.85 example.org ++192.0.0.86 example.org ++192.0.0.87 example.org ++192.0.0.88 example.org ++192.0.0.89 example.org ++192.0.0.90 example.org ++192.0.0.91 example.org ++192.0.0.92 example.org ++192.0.0.93 example.org ++192.0.0.94 example.org ++192.0.0.95 example.org ++192.0.0.96 example.org ++192.0.0.97 example.org ++192.0.0.98 example.org ++192.0.0.99 example.org ++192.0.0.100 example.org ++192.0.0.101 example.org ++192.0.0.102 example.org ++192.0.0.103 example.org ++192.0.0.104 example.org ++192.0.0.105 example.org ++192.0.0.106 example.org ++192.0.0.107 example.org ++192.0.0.108 example.org ++192.0.0.109 example.org ++192.0.0.110 example.org ++192.0.0.111 example.org ++192.0.0.112 example.org ++192.0.0.113 example.org ++192.0.0.114 example.org ++192.0.0.115 example.org ++192.0.0.116 example.org ++192.0.0.117 example.org ++192.0.0.118 example.org ++192.0.0.119 example.org ++192.0.0.120 example.org ++192.0.0.121 example.org ++192.0.0.122 example.org ++192.0.0.123 example.org ++192.0.0.124 example.org ++192.0.0.125 example.org ++192.0.0.126 example.org ++192.0.0.127 example.org ++192.0.0.128 example.org ++192.0.0.129 example.org ++192.0.0.130 example.org ++192.0.0.131 example.org ++192.0.0.132 example.org ++192.0.0.133 example.org ++192.0.0.134 example.org ++192.0.0.135 example.org ++192.0.0.136 example.org ++192.0.0.137 example.org ++192.0.0.138 example.org ++192.0.0.139 example.org ++192.0.0.140 example.org ++192.0.0.141 example.org ++192.0.0.142 example.org ++192.0.0.143 example.org ++192.0.0.144 example.org ++192.0.0.145 example.org ++192.0.0.146 example.org ++192.0.0.147 example.org ++192.0.0.148 example.org ++192.0.0.149 example.org ++192.0.0.150 example.org ++192.0.0.151 example.org ++192.0.0.152 example.org ++192.0.0.153 example.org ++192.0.0.154 example.org ++192.0.0.155 example.org ++192.0.0.156 example.org ++192.0.0.157 example.org ++192.0.0.158 example.org ++192.0.0.159 example.org ++192.0.0.160 example.org ++192.0.0.161 example.org ++192.0.0.162 example.org ++192.0.0.163 example.org ++192.0.0.164 example.org ++192.0.0.165 example.org ++192.0.0.166 example.org ++192.0.0.167 example.org ++192.0.0.168 example.org ++192.0.0.169 example.org ++192.0.0.170 example.org ++192.0.0.171 example.org ++192.0.0.172 example.org ++192.0.0.173 example.org ++192.0.0.174 example.org ++192.0.0.175 example.org ++192.0.0.176 example.org ++192.0.0.177 example.org ++192.0.0.178 example.org ++192.0.0.179 example.org ++192.0.0.180 example.org ++192.0.0.181 example.org ++192.0.0.182 example.org ++192.0.0.183 example.org ++192.0.0.184 example.org ++192.0.0.185 example.org ++192.0.0.186 example.org ++192.0.0.187 example.org ++192.0.0.188 example.org ++192.0.0.189 example.org ++192.0.0.190 example.org ++192.0.0.191 example.org ++192.0.0.192 example.org ++192.0.0.193 example.org ++192.0.0.194 example.org ++192.0.0.195 example.org ++192.0.0.196 example.org ++192.0.0.197 example.org ++192.0.0.198 example.org ++192.0.0.199 example.org ++192.0.0.200 example.org ++192.0.0.201 example.org ++192.0.0.202 example.org ++192.0.0.203 example.org ++192.0.0.204 example.org ++192.0.0.205 example.org ++192.0.0.206 example.org ++192.0.0.207 example.org ++192.0.0.208 example.org ++192.0.0.209 example.org ++192.0.0.210 example.org ++192.0.0.211 example.org ++192.0.0.212 example.org ++192.0.0.213 example.org ++192.0.0.214 example.org ++192.0.0.215 example.org ++192.0.0.216 example.org ++192.0.0.217 example.org ++192.0.0.218 example.org ++192.0.0.219 example.org ++192.0.0.220 example.org ++192.0.0.221 example.org ++192.0.0.222 example.org ++192.0.0.223 example.org ++192.0.0.224 example.org ++192.0.0.225 example.org ++192.0.0.226 example.org ++192.0.0.227 example.org ++192.0.0.228 example.org ++192.0.0.229 example.org ++192.0.0.230 example.org ++192.0.0.231 example.org ++192.0.0.232 example.org ++192.0.0.233 example.org ++192.0.0.234 example.org ++192.0.0.235 example.org ++192.0.0.236 example.org ++192.0.0.237 example.org ++192.0.0.238 example.org ++192.0.0.239 example.org ++192.0.0.240 example.org ++192.0.0.241 example.org ++192.0.0.242 example.org ++192.0.0.243 example.org ++192.0.0.244 example.org ++192.0.0.245 example.org ++192.0.0.246 example.org ++192.0.0.247 example.org ++192.0.0.248 example.org ++192.0.0.249 example.org ++192.0.0.250 example.org ++192.0.0.251 example.org ++192.0.0.252 example.org ++192.0.0.253 example.org ++192.0.0.254 example.org ++192.0.1.1 example.org ++192.0.1.2 example.org ++192.0.1.3 example.org ++192.0.1.4 example.org ++192.0.1.5 example.org ++192.0.1.6 example.org ++192.0.1.7 example.org ++192.0.1.8 example.org ++192.0.1.9 example.org ++192.0.1.10 example.org ++192.0.1.11 example.org ++192.0.1.12 example.org ++192.0.1.13 example.org ++192.0.1.14 example.org ++192.0.1.15 example.org ++192.0.1.16 example.org ++192.0.1.17 example.org ++192.0.1.18 example.org ++192.0.1.19 example.org ++192.0.1.20 example.org ++192.0.1.21 example.org ++192.0.1.22 example.org ++192.0.1.23 example.org ++192.0.1.24 example.org ++192.0.1.25 example.org ++192.0.1.26 example.org ++192.0.1.27 example.org ++192.0.1.28 example.org ++192.0.1.29 example.org ++192.0.1.30 example.org ++192.0.1.31 example.org ++192.0.1.32 example.org ++192.0.1.33 example.org ++192.0.1.34 example.org ++192.0.1.35 example.org ++192.0.1.36 example.org ++192.0.1.37 example.org ++192.0.1.38 example.org ++192.0.1.39 example.org ++192.0.1.40 example.org ++192.0.1.41 example.org ++192.0.1.42 example.org ++192.0.1.43 example.org ++192.0.1.44 example.org ++192.0.1.45 example.org ++192.0.1.46 example.org ++192.0.1.47 example.org ++192.0.1.48 example.org ++192.0.1.49 example.org ++192.0.1.50 example.org ++192.0.1.51 example.org ++192.0.1.52 example.org ++192.0.1.53 example.org ++192.0.1.54 example.org ++192.0.1.55 example.org ++192.0.1.56 example.org ++192.0.1.57 example.org ++192.0.1.58 example.org ++192.0.1.59 example.org ++192.0.1.60 example.org ++192.0.1.61 example.org ++192.0.1.62 example.org ++192.0.1.63 example.org ++192.0.1.64 example.org ++192.0.1.65 example.org ++192.0.1.66 example.org ++192.0.1.67 example.org ++192.0.1.68 example.org ++192.0.1.69 example.org ++192.0.1.70 example.org ++192.0.1.71 example.org ++192.0.1.72 example.org ++192.0.1.73 example.org ++192.0.1.74 example.org ++192.0.1.75 example.org ++192.0.1.76 example.org ++192.0.1.77 example.org ++192.0.1.78 example.org ++192.0.1.79 example.org ++192.0.1.80 example.org ++192.0.1.81 example.org ++192.0.1.82 example.org ++192.0.1.83 example.org ++192.0.1.84 example.org ++192.0.1.85 example.org ++192.0.1.86 example.org ++192.0.1.87 example.org ++192.0.1.88 example.org ++192.0.1.89 example.org ++192.0.1.90 example.org ++192.0.1.91 example.org ++192.0.1.92 example.org ++192.0.1.93 example.org ++192.0.1.94 example.org ++192.0.1.95 example.org ++192.0.1.96 example.org ++192.0.1.97 example.org ++192.0.1.98 example.org ++192.0.1.99 example.org ++192.0.1.100 example.org ++192.0.1.101 example.org ++192.0.1.102 example.org ++192.0.1.103 example.org ++192.0.1.104 example.org ++192.0.1.105 example.org ++192.0.1.106 example.org ++192.0.1.107 example.org ++192.0.1.108 example.org ++192.0.1.109 example.org ++192.0.1.110 example.org ++192.0.1.111 example.org ++192.0.1.112 example.org ++192.0.1.113 example.org ++192.0.1.114 example.org ++192.0.1.115 example.org ++192.0.1.116 example.org ++192.0.1.117 example.org ++192.0.1.118 example.org ++192.0.1.119 example.org ++192.0.1.120 example.org ++192.0.1.121 example.org ++192.0.1.122 example.org ++192.0.1.123 example.org ++192.0.1.124 example.org ++192.0.1.125 example.org ++192.0.1.126 example.org ++192.0.1.127 example.org ++192.0.1.128 example.org ++192.0.1.129 example.org ++192.0.1.130 example.org ++192.0.1.131 example.org ++192.0.1.132 example.org ++192.0.1.133 example.org ++192.0.1.134 example.org ++192.0.1.135 example.org ++192.0.1.136 example.org ++192.0.1.137 example.org ++192.0.1.138 example.org ++192.0.1.139 example.org ++192.0.1.140 example.org ++192.0.1.141 example.org ++192.0.1.142 example.org ++192.0.1.143 example.org ++192.0.1.144 example.org ++192.0.1.145 example.org ++192.0.1.146 example.org ++192.0.1.147 example.org ++192.0.1.148 example.org ++192.0.1.149 example.org ++192.0.1.150 example.org ++192.0.1.151 example.org ++192.0.1.152 example.org ++192.0.1.153 example.org ++192.0.1.154 example.org ++192.0.1.155 example.org ++192.0.1.156 example.org ++192.0.1.157 example.org ++192.0.1.158 example.org ++192.0.1.159 example.org ++192.0.1.160 example.org ++192.0.1.161 example.org ++192.0.1.162 example.org ++192.0.1.163 example.org ++192.0.1.164 example.org ++192.0.1.165 example.org ++192.0.1.166 example.org ++192.0.1.167 example.org ++192.0.1.168 example.org ++192.0.1.169 example.org ++192.0.1.170 example.org ++192.0.1.171 example.org ++192.0.1.172 example.org ++192.0.1.173 example.org ++192.0.1.174 example.org ++192.0.1.175 example.org ++192.0.1.176 example.org ++192.0.1.177 example.org ++192.0.1.178 example.org ++192.0.1.179 example.org ++192.0.1.180 example.org ++192.0.1.181 example.org ++192.0.1.182 example.org ++192.0.1.183 example.org ++192.0.1.184 example.org ++192.0.1.185 example.org ++192.0.1.186 example.org ++192.0.1.187 example.org ++192.0.1.188 example.org ++192.0.1.189 example.org ++192.0.1.190 example.org ++192.0.1.191 example.org ++192.0.1.192 example.org ++192.0.1.193 example.org ++192.0.1.194 example.org ++192.0.1.195 example.org ++192.0.1.196 example.org ++192.0.1.197 example.org ++192.0.1.198 example.org ++192.0.1.199 example.org ++192.0.1.200 example.org ++192.0.1.201 example.org ++192.0.1.202 example.org ++192.0.1.203 example.org ++192.0.1.204 example.org ++192.0.1.205 example.org ++192.0.1.206 example.org ++192.0.1.207 example.org ++192.0.1.208 example.org ++192.0.1.209 example.org ++192.0.1.210 example.org ++192.0.1.211 example.org ++192.0.1.212 example.org ++192.0.1.213 example.org ++192.0.1.214 example.org ++192.0.1.215 example.org ++192.0.1.216 example.org ++192.0.1.217 example.org ++192.0.1.218 example.org ++192.0.1.219 example.org ++192.0.1.220 example.org ++192.0.1.221 example.org ++192.0.1.222 example.org ++192.0.1.223 example.org ++192.0.1.224 example.org ++192.0.1.225 example.org ++192.0.1.226 example.org ++192.0.1.227 example.org ++192.0.1.228 example.org ++192.0.1.229 example.org ++192.0.1.230 example.org ++192.0.1.231 example.org ++192.0.1.232 example.org ++192.0.1.233 example.org ++192.0.1.234 example.org ++192.0.1.235 example.org ++192.0.1.236 example.org ++192.0.1.237 example.org ++192.0.1.238 example.org ++192.0.1.239 example.org ++192.0.1.240 example.org ++192.0.1.241 example.org ++192.0.1.242 example.org ++192.0.1.243 example.org ++192.0.1.244 example.org ++192.0.1.245 example.org ++192.0.1.246 example.org ++192.0.1.247 example.org ++192.0.1.248 example.org ++192.0.1.249 example.org ++192.0.1.250 example.org ++192.0.1.251 example.org ++192.0.1.252 example.org ++192.0.1.253 example.org ++192.0.1.254 example.org +Index: glibc-2.31/sysdeps/posix/getaddrinfo.c +=================================================================== +--- glibc-2.31.orig/sysdeps/posix/getaddrinfo.c ++++ glibc-2.31/sysdeps/posix/getaddrinfo.c +@@ -470,11 +470,6 @@ gaih_inet (const char *name, const struc + + if (name != NULL) + { +- at = alloca_account (sizeof (struct gaih_addrtuple), alloca_used); +- at->family = AF_UNSPEC; +- at->scopeid = 0; +- at->next = NULL; +- + if (req->ai_flags & AI_IDN) + { + char *out; +@@ -485,13 +480,21 @@ gaih_inet (const char *name, const struc + malloc_name = true; + } + +- if (__inet_aton_exact (name, (struct in_addr *) at->addr) != 0) ++ uint32_t addr[4]; ++ if (__inet_aton_exact (name, (struct in_addr *) addr) != 0) + { ++ at = alloca_account (sizeof (struct gaih_addrtuple), alloca_used); ++ at->scopeid = 0; ++ at->next = NULL; ++ + if (req->ai_family == AF_UNSPEC || req->ai_family == AF_INET) +- at->family = AF_INET; ++ { ++ memcpy (at->addr, addr, sizeof (at->addr)); ++ at->family = AF_INET; ++ } + else if (req->ai_family == AF_INET6 && (req->ai_flags & AI_V4MAPPED)) + { +- at->addr[3] = at->addr[0]; ++ at->addr[3] = addr[0]; + at->addr[2] = htonl (0xffff); + at->addr[1] = 0; + at->addr[0] = 0; +@@ -505,49 +508,62 @@ gaih_inet (const char *name, const struc + + if (req->ai_flags & AI_CANONNAME) + canon = name; ++ ++ goto process_list; + } +- else if (at->family == AF_UNSPEC) ++ ++ char *scope_delim = strchr (name, SCOPE_DELIMITER); ++ int e; ++ ++ if (scope_delim == NULL) ++ e = inet_pton (AF_INET6, name, addr); ++ else ++ e = __inet_pton_length (AF_INET6, name, scope_delim - name, addr); ++ ++ if (e > 0) + { +- char *scope_delim = strchr (name, SCOPE_DELIMITER); +- int e; +- if (scope_delim == NULL) +- e = inet_pton (AF_INET6, name, at->addr); +- else +- e = __inet_pton_length (AF_INET6, name, scope_delim - name, +- at->addr); +- if (e > 0) +- { +- if (req->ai_family == AF_UNSPEC || req->ai_family == AF_INET6) +- at->family = AF_INET6; +- else if (req->ai_family == AF_INET +- && IN6_IS_ADDR_V4MAPPED (at->addr)) +- { +- at->addr[0] = at->addr[3]; +- at->family = AF_INET; +- } +- else +- { +- result = -EAI_ADDRFAMILY; +- goto free_and_return; +- } ++ at = alloca_account (sizeof (struct gaih_addrtuple), ++ alloca_used); ++ at->scopeid = 0; ++ at->next = NULL; + +- if (scope_delim != NULL +- && __inet6_scopeid_pton ((struct in6_addr *) at->addr, +- scope_delim + 1, +- &at->scopeid) != 0) +- { +- result = -EAI_NONAME; +- goto free_and_return; +- } ++ if (req->ai_family == AF_UNSPEC || req->ai_family == AF_INET6) ++ { ++ memcpy (at->addr, addr, sizeof (at->addr)); ++ at->family = AF_INET6; ++ } ++ else if (req->ai_family == AF_INET ++ && IN6_IS_ADDR_V4MAPPED (addr)) ++ { ++ at->addr[0] = addr[3]; ++ at->addr[1] = addr[1]; ++ at->addr[2] = addr[2]; ++ at->addr[3] = addr[3]; ++ at->family = AF_INET; ++ } ++ else ++ { ++ result = -EAI_ADDRFAMILY; ++ goto free_and_return; ++ } + +- if (req->ai_flags & AI_CANONNAME) +- canon = name; ++ if (scope_delim != NULL ++ && __inet6_scopeid_pton ((struct in6_addr *) at->addr, ++ scope_delim + 1, ++ &at->scopeid) != 0) ++ { ++ result = -EAI_NONAME; ++ goto free_and_return; + } ++ ++ if (req->ai_flags & AI_CANONNAME) ++ canon = name; ++ ++ goto process_list; + } + +- if (at->family == AF_UNSPEC && (req->ai_flags & AI_NUMERICHOST) == 0) ++ if ((req->ai_flags & AI_NUMERICHOST) == 0) + { +- struct gaih_addrtuple **pat = &at; + int no_data = 0; + int no_inet6_data = 0; + service_user *nip; +@@ -555,6 +571,7 @@ gaih_inet (const char *name, const struc + enum nss_status status = NSS_STATUS_UNAVAIL; + int no_more; + struct resolv_context *res_ctx = NULL; ++ bool do_merge = false; + + /* If we do not have to look for IPv6 addresses or the canonical + name, use the simple, old functions, which do not support +@@ -591,7 +608,7 @@ gaih_inet (const char *name, const struc + result = -EAI_MEMORY; + goto free_and_return; + } +- *pat = addrmem; ++ at = addrmem; + } + else + { +@@ -644,6 +661,8 @@ gaih_inet (const char *name, const struc + } + + struct gaih_addrtuple *addrfree = addrmem; ++ struct gaih_addrtuple **pat = &at; ++ + for (int i = 0; i < air->naddrs; ++i) + { + socklen_t size = (air->family[i] == AF_INET +@@ -707,12 +726,6 @@ gaih_inet (const char *name, const struc + + free (air); + +- if (at->family == AF_UNSPEC) +- { +- result = -EAI_NONAME; +- goto free_and_return; +- } +- + goto process_list; + } + else if (err == 0) +@@ -750,6 +763,22 @@ gaih_inet (const char *name, const struc + + while (!no_more) + { ++ /* Always start afresh; continue should discard previous results ++ and the hosts database does not support merge. */ ++ at = NULL; ++ free (canonbuf); ++ free (addrmem); ++ canon = canonbuf = NULL; ++ addrmem = NULL; ++ got_ipv6 = false; ++ ++ if (do_merge) ++ { ++ __set_h_errno (NETDB_INTERNAL); ++ __set_errno (EBUSY); ++ break; ++ } ++ + no_data = 0; + nss_gethostbyname4_r fct4 = NULL; + +@@ -762,12 +791,14 @@ gaih_inet (const char *name, const struc + { + while (1) + { +- status = DL_CALL_FCT (fct4, (name, pat, ++ status = DL_CALL_FCT (fct4, (name, &at, + tmpbuf->data, tmpbuf->length, + &errno, &h_errno, + NULL)); + if (status == NSS_STATUS_SUCCESS) + break; ++ /* gethostbyname4_r may write into AT, so reset it. */ ++ at = NULL; + if (status != NSS_STATUS_TRYAGAIN + || errno != ERANGE || h_errno != NETDB_INTERNAL) + { +@@ -792,7 +823,9 @@ gaih_inet (const char *name, const struc + no_data = 1; + + if ((req->ai_flags & AI_CANONNAME) != 0 && canon == NULL) +- canon = (*pat)->name; ++ canon = at->name; ++ ++ struct gaih_addrtuple **pat = &at; + + while (*pat != NULL) + { +@@ -844,6 +877,8 @@ gaih_inet (const char *name, const struc + + if (fct != NULL) + { ++ struct gaih_addrtuple **pat = &at; ++ + if (req->ai_family == AF_INET6 + || req->ai_family == AF_UNSPEC) + { +@@ -917,6 +952,10 @@ gaih_inet (const char *name, const struc + if (nss_next_action (nip, status) == NSS_ACTION_RETURN) + break; + ++ /* The hosts database does not support MERGE. */ ++ if (nss_next_action (nip, status) == NSS_ACTION_MERGE) ++ do_merge = true; ++ + if (nip->next == NULL) + no_more = -1; + else +@@ -949,7 +988,7 @@ gaih_inet (const char *name, const struc + } + + process_list: +- if (at->family == AF_UNSPEC) ++ if (at == NULL) + { + result = -EAI_NONAME; + goto free_and_return; diff -Nru glibc-2.31/debian/patches/lp1910312-sysvipc-Fix-SEM_STAT_ANY-kernel-argument-pass-BZ-266.patch glibc-2.31/debian/patches/lp1910312-sysvipc-Fix-SEM_STAT_ANY-kernel-argument-pass-BZ-266.patch --- glibc-2.31/debian/patches/lp1910312-sysvipc-Fix-SEM_STAT_ANY-kernel-argument-pass-BZ-266.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/lp1910312-sysvipc-Fix-SEM_STAT_ANY-kernel-argument-pass-BZ-266.patch 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,280 @@ +From 389b66f99544407edebbdfc5373d4c6138478b7a Mon Sep 17 00:00:00 2001 +From: "Dmitry V. Levin" +Date: Tue, 29 Sep 2020 14:10:20 -0300 +Subject: [PATCH] sysvipc: Fix SEM_STAT_ANY kernel argument pass [BZ #26637] + +Handle SEM_STAT_ANY the same way as SEM_STAT so that the buffer argument +of SEM_STAT_ANY is properly passed to the kernel and back. + +The regression testcase checks for Linux specifix SysV ipc message +control extension. For IPC_INFO/SEM_INFO it tries to match the values +against the tunable /proc values and for SEM_STAT/SEM_STAT_ANY it +check if the create message queue is within the global list returned +by the kernel. + +Checked on x86_64-linux-gnu and on i686-linux-gnu (Linux v5.4 and on +Linux v4.15). + +Co-authored-by: Adhemerval Zanella +(backported from 574500a108be1d2a6a0dc97a075c9e0a98371aba) +[agherzan: a backport is required due to +dba950e3174a5210b900a26a7d2f361cadea2834 which introduces 64-bit time_t +variant for semctl. Even so, the backport is pretty straight forward.] +Signed-off-by: Andrei Gherzan + +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1910312 +Origin: upstream, https://sourceware.org/git/?p=glibc.git;a=commit;h=574500a108be +--- + sysdeps/unix/sysv/linux/Makefile | 2 +- + sysdeps/unix/sysv/linux/semctl.c | 3 + + sysdeps/unix/sysv/linux/tst-sysvsem-linux.c | 184 ++++++++++++++++++++ + sysvipc/test-sysvsem.c | 1 + + 4 files changed, 189 insertions(+), 1 deletion(-) + create mode 100644 sysdeps/unix/sysv/linux/tst-sysvsem-linux.c + +diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile +index f12b7b1a2d..c211198ab9 100644 +--- a/sysdeps/unix/sysv/linux/Makefile ++++ b/sysdeps/unix/sysv/linux/Makefile +@@ -97,7 +97,7 @@ tests += tst-clone tst-clone2 tst-clone3 tst-fanotify tst-personality \ + tst-quota tst-sync_file_range tst-sysconf-iov_max tst-ttyname \ + test-errno-linux tst-memfd_create tst-mlock2 tst-pkey \ + tst-rlimit-infinity tst-ofdlocks tst-gettid tst-gettid-kill \ +- tst-tgkill ++ tst-tgkill tst-sysvsem-linux + tests-internal += tst-ofdlocks-compat tst-sigcontext-get_pc + + CFLAGS-tst-sigcontext-get_pc.c = -fasynchronous-unwind-tables +diff --git a/sysdeps/unix/sysv/linux/semctl.c b/sysdeps/unix/sysv/linux/semctl.c +index 0c3eb0932f..7d915b8165 100644 +--- a/sysdeps/unix/sysv/linux/semctl.c ++++ b/sysdeps/unix/sysv/linux/semctl.c +@@ -72,6 +72,7 @@ __new_semctl (int semid, int semnum, int cmd, ...) + case IPC_STAT: /* arg.buf */ + case IPC_SET: + case SEM_STAT: ++ case SEM_STAT_ANY: + case IPC_INFO: /* arg.__buf */ + case SEM_INFO: + va_start (ap, cmd); +@@ -127,6 +128,7 @@ __semctl_mode16 (int semid, int semnum, int cmd, ...) + case IPC_STAT: /* arg.buf */ + case IPC_SET: + case SEM_STAT: ++ case SEM_STAT_ANY: + case IPC_INFO: /* arg.__buf */ + case SEM_INFO: + va_start (ap, cmd); +@@ -160,6 +162,7 @@ __old_semctl (int semid, int semnum, int cmd, ...) + case IPC_STAT: /* arg.buf */ + case IPC_SET: + case SEM_STAT: ++ case SEM_STAT_ANY: + case IPC_INFO: /* arg.__buf */ + case SEM_INFO: + va_start (ap, cmd); +diff --git a/sysdeps/unix/sysv/linux/tst-sysvsem-linux.c b/sysdeps/unix/sysv/linux/tst-sysvsem-linux.c +new file mode 100644 +index 0000000000..45f19e2d37 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/tst-sysvsem-linux.c +@@ -0,0 +1,184 @@ ++/* Basic tests for Linux SYSV semaphore extensions. ++ Copyright (C) 2020 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include ++ ++/* These are for the temporary file we generate. */ ++static char *name; ++static int semid; ++ ++static void ++remove_sem (void) ++{ ++ /* Enforce message queue removal in case of early test failure. ++ Ignore error since the sem may already have being removed. */ ++ semctl (semid, 0, IPC_RMID, 0); ++} ++ ++static void ++do_prepare (int argc, char *argv[]) ++{ ++ TEST_VERIFY_EXIT (create_temp_file ("tst-sysvsem.", &name) != -1); ++} ++ ++#define PREPARE do_prepare ++ ++#define SEM_MODE 0644 ++ ++union semun ++{ ++ int val; ++ struct semid_ds *buf; ++ unsigned short *array; ++ struct seminfo *__buf; ++}; ++ ++struct test_seminfo ++{ ++ int semmsl; ++ int semmns; ++ int semopm; ++ int semmni; ++}; ++ ++/* It tries to obtain some system-wide SysV semaphore information from /proc ++ to check against IPC_INFO/SEM_INFO. The /proc only returns the tunables ++ value of SEMMSL, SEMMNS, SEMOPM, and SEMMNI. ++ ++ The kernel also returns constant value for SEMVMX, SEMMNU, SEMMAP, SEMUME, ++ and also SEMUSZ and SEMAEM (for IPC_INFO). The issue to check them is they ++ might change over kernel releases. */ ++ ++static void ++read_sem_stat (struct test_seminfo *tseminfo) ++{ ++ FILE *f = fopen ("/proc/sys/kernel/sem", "r"); ++ if (f == NULL) ++ FAIL_UNSUPPORTED ("/proc is not mounted or /proc/sys/kernel/sem is not " ++ "available"); ++ ++ int r = fscanf (f, "%d %d %d %d", ++ &tseminfo->semmsl, &tseminfo->semmns, &tseminfo->semopm, ++ &tseminfo->semmni); ++ TEST_VERIFY_EXIT (r == 4); ++ ++ fclose (f); ++} ++ ++ ++/* Check if the semaphore with IDX (index into the kernel's internal array) ++ matches the one with KEY. The CMD is either SEM_STAT or SEM_STAT_ANY. */ ++ ++static bool ++check_seminfo (int idx, key_t key, int cmd) ++{ ++ struct semid_ds seminfo; ++ int sid = semctl (idx, 0, cmd, (union semun) { .buf = &seminfo }); ++ /* Ignore unused array slot returned by the kernel or information from ++ unknown semaphores. */ ++ if ((sid == -1 && errno == EINVAL) || sid != semid) ++ return false; ++ ++ if (sid == -1) ++ FAIL_EXIT1 ("semctl with SEM_STAT failed (errno=%d)", errno); ++ ++ TEST_COMPARE (seminfo.sem_perm.__key, key); ++ TEST_COMPARE (seminfo.sem_perm.mode, SEM_MODE); ++ TEST_COMPARE (seminfo.sem_nsems, 1); ++ ++ return true; ++} ++ ++static int ++do_test (void) ++{ ++ atexit (remove_sem); ++ ++ key_t key = ftok (name, 'G'); ++ if (key == -1) ++ FAIL_EXIT1 ("ftok failed: %m"); ++ ++ semid = semget (key, 1, IPC_CREAT | IPC_EXCL | SEM_MODE); ++ if (semid == -1) ++ FAIL_EXIT1 ("semget failed: %m"); ++ ++ struct test_seminfo tipcinfo; ++ read_sem_stat (&tipcinfo); ++ ++ int semidx; ++ ++ { ++ struct seminfo ipcinfo; ++ semidx = semctl (semid, 0, IPC_INFO, (union semun) { .__buf = &ipcinfo }); ++ if (semidx == -1) ++ FAIL_EXIT1 ("semctl with IPC_INFO failed: %m"); ++ ++ TEST_COMPARE (ipcinfo.semmsl, tipcinfo.semmsl); ++ TEST_COMPARE (ipcinfo.semmns, tipcinfo.semmns); ++ TEST_COMPARE (ipcinfo.semopm, tipcinfo.semopm); ++ TEST_COMPARE (ipcinfo.semmni, tipcinfo.semmni); ++ } ++ ++ /* Same as before but with SEM_INFO. */ ++ { ++ struct seminfo ipcinfo; ++ semidx = semctl (semid, 0, SEM_INFO, (union semun) { .__buf = &ipcinfo }); ++ if (semidx == -1) ++ FAIL_EXIT1 ("semctl with IPC_INFO failed: %m"); ++ ++ TEST_COMPARE (ipcinfo.semmsl, tipcinfo.semmsl); ++ TEST_COMPARE (ipcinfo.semmns, tipcinfo.semmns); ++ TEST_COMPARE (ipcinfo.semopm, tipcinfo.semopm); ++ TEST_COMPARE (ipcinfo.semmni, tipcinfo.semmni); ++ } ++ ++ /* We check if the created semaphore shows in the system-wide status. */ ++ bool found = false; ++ for (int i = 0; i <= semidx; i++) ++ { ++ /* We can't tell apart if SEM_STAT_ANY is not supported (kernel older ++ than 4.17) or if the index used is invalid. So it just check if ++ value returned from a valid call matches the created semaphore. */ ++ check_seminfo (i, key, SEM_STAT_ANY); ++ ++ if (check_seminfo (i, key, SEM_STAT)) ++ { ++ found = true; ++ break; ++ } ++ } ++ ++ if (!found) ++ FAIL_EXIT1 ("semctl with SEM_STAT/SEM_STAT_ANY could not find the " ++ "created semaphore"); ++ ++ if (semctl (semid, 0, IPC_RMID, 0) == -1) ++ FAIL_EXIT1 ("semctl failed: %m"); ++ ++ return 0; ++} ++ ++#include +diff --git a/sysvipc/test-sysvsem.c b/sysvipc/test-sysvsem.c +index 01dbff343a..b7284e0b48 100644 +--- a/sysvipc/test-sysvsem.c ++++ b/sysvipc/test-sysvsem.c +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + #include + #include + #include +-- +2.34.1 + diff -Nru glibc-2.31/debian/patches/lp2001932/0001-Fix-avx2-strncmp-offset-compare-condition-check-BZ-2.patch glibc-2.31/debian/patches/lp2001932/0001-Fix-avx2-strncmp-offset-compare-condition-check-BZ-2.patch --- glibc-2.31/debian/patches/lp2001932/0001-Fix-avx2-strncmp-offset-compare-condition-check-BZ-2.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/lp2001932/0001-Fix-avx2-strncmp-offset-compare-condition-check-BZ-2.patch 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,56 @@ +From 75870237ff3bb363447b03f4b0af100227570910 Mon Sep 17 00:00:00 2001 +From: Sunil K Pandey +Date: Fri, 12 Jun 2020 08:57:16 -0700 +Subject: [PATCH] Fix avx2 strncmp offset compare condition check [BZ #25933] + +strcmp-avx2.S: In avx2 strncmp function, strings are compared in +chunks of 4 vector size(i.e. 32x4=128 byte for avx2). After first 4 +vector size comparison, code must check whether it already passed +the given offset. This patch implement avx2 offset check condition +for strncmp function, if both string compare same for first 4 vector +size. + +Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=25933 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/2001932 +Origin: upstream, https://sourceware.org/git/?p=glibc.git;a=commit;h=75870237ff3bb363447b03f4b0af100227570910 +--- + sysdeps/x86_64/multiarch/strcmp-avx2.S | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/sysdeps/x86_64/multiarch/strcmp-avx2.S b/sysdeps/x86_64/multiarch/strcmp-avx2.S +index 5f88a68262..d42b04b54f 100644 +--- a/sysdeps/x86_64/multiarch/strcmp-avx2.S ++++ b/sysdeps/x86_64/multiarch/strcmp-avx2.S +@@ -591,7 +591,14 @@ L(loop_cross_page_2_vec): + movl $(PAGE_SIZE / (VEC_SIZE * 4) - 1), %esi + + testq %rdi, %rdi ++# ifdef USE_AS_STRNCMP ++ /* At this point, if %rdi value is 0, it already tested ++ VEC_SIZE*4+%r10 byte starting from %rax. This label ++ checks whether strncmp maximum offset reached or not. */ ++ je L(string_nbyte_offset_check) ++# else + je L(back_to_loop) ++# endif + tzcntq %rdi, %rcx + addq %r10, %rcx + /* Adjust for number of bytes skipped. */ +@@ -627,6 +634,14 @@ L(loop_cross_page_2_vec): + VZEROUPPER + ret + ++# ifdef USE_AS_STRNCMP ++L(string_nbyte_offset_check): ++ leaq (VEC_SIZE * 4)(%r10), %r10 ++ cmpq %r10, %r11 ++ jbe L(zero) ++ jmp L(back_to_loop) ++# endif ++ + .p2align 4 + L(cross_page_loop): + /* Check one byte/dword at a time. */ +-- +2.39.2 + diff -Nru glibc-2.31/debian/patches/lp2001932/0002-strncmp-Add-a-testcase-for-page-boundary-BZ-25933.patch glibc-2.31/debian/patches/lp2001932/0002-strncmp-Add-a-testcase-for-page-boundary-BZ-25933.patch --- glibc-2.31/debian/patches/lp2001932/0002-strncmp-Add-a-testcase-for-page-boundary-BZ-25933.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/lp2001932/0002-strncmp-Add-a-testcase-for-page-boundary-BZ-25933.patch 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,78 @@ +From f7e3f92b7c45663be808279a43b5221c16001229 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Thu, 7 May 2020 07:29:46 -0700 +Subject: [PATCH] strncmp: Add a testcase for page boundary [BZ #25933] + +Add a strncmp testcase to cover cases where one of strings ends on the +page boundary with the maximum string length less than the number bytes +of each AVX2 loop iteration and different offsets from page boundary. + +The updated string/test-strncmp fails on Intel Core i7-8559U without + +ommit 1c6432316bc434a72108d7b0c7cfbfdde64c3124 +Author: Sunil K Pandey +Date: Fri Jun 12 08:57:16 2020 -0700 + + Fix avx2 strncmp offset compare condition check [BZ #25933] + +Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=25933 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/2001932 +Origin: upstream, https://sourceware.org/git/?p=glibc.git;a=commit;h=f7e3f92b7c45663be808279a43b5221c16001229 +--- + string/test-strncmp.c | 33 +++++++++++++++++++++++++++++++++ + 1 file changed, 33 insertions(+) + +diff --git a/string/test-strncmp.c b/string/test-strncmp.c +index d961ac4493..962679b384 100644 +--- a/string/test-strncmp.c ++++ b/string/test-strncmp.c +@@ -403,6 +403,38 @@ check2 (void) + free (s2); + } + ++static void ++check3 (void) ++{ ++ /* To trigger bug 25933, we need a size that is equal to the vector ++ length times 4. In the case of AVX2 for Intel, we need 32 * 4. We ++ make this test generic and run it for all architectures as additional ++ boundary testing for such related algorithms. */ ++ size_t size = 32 * 4; ++ CHAR *s1 = (CHAR *) (buf1 + (BUF1PAGES - 1) * page_size); ++ CHAR *s2 = (CHAR *) (buf2 + (BUF1PAGES - 1) * page_size); ++ int exp_result; ++ ++ memset (s1, 'a', page_size); ++ memset (s2, 'a', page_size); ++ s1[(page_size / CHARBYTES) - 1] = (CHAR) 0; ++ ++ /* Iterate over a size that is just below where we expect the bug to ++ trigger up to the size we expect will trigger the bug e.g. [99-128]. ++ Likewise iterate the start of two strings between 30 and 31 bytes ++ away from the boundary to simulate alignment changes. */ ++ for (size_t s = 99; s <= size; s++) ++ for (size_t s1a = 30; s1a < 32; s1a++) ++ for (size_t s2a = 30; s2a < 32; s2a++) ++ { ++ CHAR *s1p = s1 + (page_size / CHARBYTES - s) - s1a; ++ CHAR *s2p = s2 + (page_size / CHARBYTES - s) - s2a; ++ exp_result = SIMPLE_STRNCMP (s1p, s2p, s); ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, s1p, s2p, s, exp_result); ++ } ++} ++ + int + test_main (void) + { +@@ -412,6 +444,7 @@ test_main (void) + + check1 (); + check2 (); ++ check3 (); + + printf ("%23s", ""); + FOR_EACH_IMPL (impl, 0) +-- +2.39.2 + diff -Nru glibc-2.31/debian/patches/lp2001975/0001-x86-Fix-__wcsncmp_avx2-in-strcmp-avx2.S-BZ-28755.patch glibc-2.31/debian/patches/lp2001975/0001-x86-Fix-__wcsncmp_avx2-in-strcmp-avx2.S-BZ-28755.patch --- glibc-2.31/debian/patches/lp2001975/0001-x86-Fix-__wcsncmp_avx2-in-strcmp-avx2.S-BZ-28755.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/lp2001975/0001-x86-Fix-__wcsncmp_avx2-in-strcmp-avx2.S-BZ-28755.patch 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,43 @@ +From ddf0992cf57a93200e0c782e2a94d0733a5a0b87 Mon Sep 17 00:00:00 2001 +From: Noah Goldstein +Date: Sun, 9 Jan 2022 16:02:21 -0600 +Subject: [PATCH] x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755] + +Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to +__wcscmp_avx2. For x86_64 this covers the entire address range so any +length larger could not possibly be used to bound `s1` or `s2`. + +test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass. + +Signed-off-by: Noah Goldstein + +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/focal/+source/glibc/+bug/2001975 +Origin: upstream, https://sourceware.org/git/?p=glibc.git;a=commit;h=ddf0992cf57a93200e0c782e2a94d0733a5a0b87 +--- + sysdeps/x86_64/multiarch/strcmp-avx2.S | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/sysdeps/x86_64/multiarch/strcmp-avx2.S b/sysdeps/x86_64/multiarch/strcmp-avx2.S +index a45f9d2749..9c73b5899d 100644 +--- a/sysdeps/x86_64/multiarch/strcmp-avx2.S ++++ b/sysdeps/x86_64/multiarch/strcmp-avx2.S +@@ -87,6 +87,16 @@ ENTRY (STRCMP) + je L(char0) + jb L(zero) + # ifdef USE_AS_WCSCMP ++# ifndef __ILP32__ ++ movq %rdx, %rcx ++ /* Check if length could overflow when multiplied by ++ sizeof(wchar_t). Checking top 8 bits will cover all potential ++ overflow cases as well as redirect cases where its impossible to ++ length to bound a valid memory region. In these cases just use ++ 'wcscmp'. */ ++ shrq $56, %rcx ++ jnz __wcscmp_avx2 ++# endif + /* Convert units: from wide to byte char. */ + shl $2, %RDX_LP + # endif +-- +2.39.2 + diff -Nru glibc-2.31/debian/patches/lp2001975/0002-string-Add-a-testcase-for-wcsncmp-with-SIZE_MAX-BZ-2.patch glibc-2.31/debian/patches/lp2001975/0002-string-Add-a-testcase-for-wcsncmp-with-SIZE_MAX-BZ-2.patch --- glibc-2.31/debian/patches/lp2001975/0002-string-Add-a-testcase-for-wcsncmp-with-SIZE_MAX-BZ-2.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/lp2001975/0002-string-Add-a-testcase-for-wcsncmp-with-SIZE_MAX-BZ-2.patch 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,66 @@ +From aa5a720056d37cf24924c138a3dbe6dace98e97c Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Thu, 17 Feb 2022 08:10:35 -0800 +Subject: [PATCH] string: Add a testcase for wcsncmp with SIZE_MAX [BZ #28755] + +Verify that wcsncmp (L("abc"), L("abd"), SIZE_MAX) == 0. The new test +fails without + +commit ddf0992cf57a93200e0c782e2a94d0733a5a0b87 +Author: Noah Goldstein +Date: Sun Jan 9 16:02:21 2022 -0600 + + x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755] + +and + +commit 7e08db3359c86c94918feb33a1182cd0ff3bb10b +Author: Noah Goldstein +Date: Sun Jan 9 16:02:28 2022 -0600 + + x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755] + +This is for BZ #28755. + +Reviewed-by: Sunil K Pandey + +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/focal/+source/glibc/+bug/2001975 +Origin: upstream, https://sourceware.org/git/?p=glibc.git;a=commit;h=aa5a720056d37cf24924c138a3dbe6dace98e97c +--- + string/test-strncmp.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/string/test-strncmp.c b/string/test-strncmp.c +index df7cea4068..1a87f0e73e 100644 +--- a/string/test-strncmp.c ++++ b/string/test-strncmp.c +@@ -445,6 +445,18 @@ check2 (void) + } + } + ++static void ++check4 (void) ++{ ++ const CHAR *s1 = L ("abc"); ++ CHAR *s2 = STRDUP (s1); ++ ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, s1, s2, SIZE_MAX, 0); ++ ++ free (s2); ++} ++ + int + test_main (void) + { +@@ -569,6 +581,7 @@ test_main (void) + check1 (); + check2 (); + check3 (); ++ check4 (); + + printf ("%23s", ""); + FOR_EACH_IMPL (impl, 0) +-- +2.39.2 + diff -Nru glibc-2.31/debian/patches/series glibc-2.31/debian/patches/series --- glibc-2.31/debian/patches/series 2022-01-26 23:54:19.000000000 +0000 +++ glibc-2.31/debian/patches/series 2023-11-20 15:35:43.000000000 +0000 @@ -159,3 +159,17 @@ any/CVE-2022-23218-pre1.patch any/CVE-2022-23218.patch any/CVE-2022-23219.patch +ubuntu/git-aarch64-Accept-PLT-calls-to-__getauxval-within-libc..patch +ubuntu/submitted-broadcast-to-prevent-deadlock.diff +ubuntu/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch +ubuntu/aarch64-memcpy-improvements.patch + +lp1910312-sysvipc-Fix-SEM_STAT_ANY-kernel-argument-pass-BZ-266.patch + +lp2001932/0001-Fix-avx2-strncmp-offset-compare-condition-check-BZ-2.patch +lp2001932/0002-strncmp-Add-a-testcase-for-page-boundary-BZ-25933.patch + +lp2001975/0001-x86-Fix-__wcsncmp_avx2-in-strcmp-avx2.S-BZ-28755.patch +lp2001975/0002-string-Add-a-testcase-for-wcsncmp-with-SIZE_MAX-BZ-2.patch +any/CVE-2023-4813.patch +any/CVE-2023-4806.patch diff -Nru glibc-2.31/debian/patches/ubuntu/aarch64-memcpy-improvements.patch glibc-2.31/debian/patches/ubuntu/aarch64-memcpy-improvements.patch --- glibc-2.31/debian/patches/ubuntu/aarch64-memcpy-improvements.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/ubuntu/aarch64-memcpy-improvements.patch 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,391 @@ +From 24a30c595958a1b23b620bc3dea62b0ab9d8f480 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Wed, 15 Jul 2020 16:55:07 +0100 +Subject: [PATCH] AArch64: Add optimized Q-register memcpy + +Add a new memcpy using 128-bit Q registers - this is faster on modern +cores and reduces codesize. Similar to the generic memcpy, small cases +include copies up to 32 bytes. 64-128 byte copies are split into two +cases to improve performance of 64-96 byte copies. Large copies align +the source rather than the destination. + +bench-memcpy-random is ~9% faster than memcpy_falkor on Neoverse N1, +so make this memcpy the default on N1 (on Centriq it is 15% faster than +memcpy_falkor). + +Passes GLIBC regression tests. + +Reviewed-by: Szabolcs Nagy +(cherry picked from commit 4a733bf375238a6a595033b5785cea7f27d61307) + +From bea507a3f55604064e2305fdf71e80ee4f43c2d3 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Wed, 15 Jul 2020 16:58:07 +0100 +Subject: [PATCH] AArch64: Rename IS_ARES to IS_NEOVERSE_N1 + +Rename IS_ARES to IS_NEOVERSE_N1 since that is a bit clearer. + +Reviewed-by: Carlos O'Donell +(cherry picked from commit 0f6278a8793a5d04ea31878119eccf99f469a02d) + +From 4bc9918c998085800ecf5bbb3c863e66ea6252a0 Mon Sep 17 00:00:00 2001 +From: Wilco Dijkstra +Date: Wed, 14 Oct 2020 13:56:21 +0100 +Subject: [PATCH] AArch64: Use __memcpy_simd on Neoverse N2/V1 + +Add CPU detection of Neoverse N2 and Neoverse V1, and select __memcpy_simd as +the memcpy/memmove ifunc. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit e11ed9d2b4558eeacff81557dc9557001af42a6b) + +--- + sysdeps/aarch64/multiarch/Makefile | 2 +- + sysdeps/aarch64/multiarch/ifunc-impl-list.c | 2 + + sysdeps/aarch64/multiarch/memcpy.c | 5 +- + sysdeps/aarch64/multiarch/memcpy_advsimd.S | 247 ++++++++++++++++++++ + sysdeps/aarch64/multiarch/memmove.c | 3 +- + 5 files changed, 255 insertions(+), 4 deletions(-) + create mode 100644 sysdeps/aarch64/multiarch/memcpy_advsimd.S + +--- a/sysdeps/aarch64/multiarch/Makefile ++++ b/sysdeps/aarch64/multiarch/Makefile +@@ -1,5 +1,5 @@ + ifeq ($(subdir),string) +-sysdep_routines += memcpy_generic memcpy_thunderx memcpy_thunderx2 \ ++sysdep_routines += memcpy_generic memcpy_advsimd memcpy_thunderx memcpy_thunderx2 \ + memcpy_falkor memmove_falkor \ + memset_generic memset_falkor memset_emag memset_kunpeng \ + memchr_generic memchr_nosimd \ +--- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c ++++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c +@@ -42,11 +42,13 @@ + IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_thunderx) + IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_thunderx2) + IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_falkor) ++ IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_simd) + IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_generic)) + IFUNC_IMPL (i, name, memmove, + IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_thunderx) + IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_thunderx2) + IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_falkor) ++ IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_simd) + IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_generic)) + IFUNC_IMPL (i, name, memset, + /* Enable this on non-falkor processors too so that other cores +--- a/sysdeps/aarch64/multiarch/memcpy.c ++++ b/sysdeps/aarch64/multiarch/memcpy.c +@@ -29,6 +29,7 @@ + extern __typeof (__redirect_memcpy) __libc_memcpy; + + extern __typeof (__redirect_memcpy) __memcpy_generic attribute_hidden; ++extern __typeof (__redirect_memcpy) __memcpy_simd attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_thunderx attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_thunderx2 attribute_hidden; + extern __typeof (__redirect_memcpy) __memcpy_falkor attribute_hidden; +@@ -36,11 +37,14 @@ + libc_ifunc (__libc_memcpy, + (IS_THUNDERX (midr) + ? __memcpy_thunderx +- : (IS_FALKOR (midr) || IS_PHECDA (midr) || IS_ARES (midr) || IS_KUNPENG920 (midr) ++ : (IS_FALKOR (midr) || IS_PHECDA (midr) || IS_KUNPENG920 (midr) + ? __memcpy_falkor + : (IS_THUNDERX2 (midr) || IS_THUNDERX2PA (midr) + ? __memcpy_thunderx2 +- : __memcpy_generic)))); ++ : (IS_NEOVERSE_N1 (midr) || IS_NEOVERSE_N2 (midr) ++ || IS_NEOVERSE_V1 (midr) ++ ? __memcpy_simd ++ : __memcpy_generic))))); + + # undef memcpy + strong_alias (__libc_memcpy, memcpy); +--- /dev/null ++++ b/sysdeps/aarch64/multiarch/memcpy_advsimd.S +@@ -0,0 +1,247 @@ ++/* Generic optimized memcpy using SIMD. ++ Copyright (C) 2020 Free Software Foundation, Inc. ++ ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library. If not, see ++ . */ ++ ++#include ++ ++/* Assumptions: ++ * ++ * ARMv8-a, AArch64, Advanced SIMD, unaligned accesses. ++ * ++ */ ++ ++#define dstin x0 ++#define src x1 ++#define count x2 ++#define dst x3 ++#define srcend x4 ++#define dstend x5 ++#define A_l x6 ++#define A_lw w6 ++#define A_h x7 ++#define B_l x8 ++#define B_lw w8 ++#define B_h x9 ++#define C_lw w10 ++#define tmp1 x14 ++ ++#define A_q q0 ++#define B_q q1 ++#define C_q q2 ++#define D_q q3 ++#define E_q q4 ++#define F_q q5 ++#define G_q q6 ++#define H_q q7 ++ ++ ++/* This implementation supports both memcpy and memmove and shares most code. ++ It uses unaligned accesses and branchless sequences to keep the code small, ++ simple and improve performance. ++ ++ Copies are split into 3 main cases: small copies of up to 32 bytes, medium ++ copies of up to 128 bytes, and large copies. The overhead of the overlap ++ check in memmove is negligible since it is only required for large copies. ++ ++ Large copies use a software pipelined loop processing 64 bytes per ++ iteration. The destination pointer is 16-byte aligned to minimize ++ unaligned accesses. The loop tail is handled by always copying 64 bytes ++ from the end. */ ++ ++ENTRY (__memcpy_simd) ++ DELOUSE (0) ++ DELOUSE (1) ++ DELOUSE (2) ++ ++ add srcend, src, count ++ add dstend, dstin, count ++ cmp count, 128 ++ b.hi L(copy_long) ++ cmp count, 32 ++ b.hi L(copy32_128) ++ ++ /* Small copies: 0..32 bytes. */ ++ cmp count, 16 ++ b.lo L(copy16) ++ ldr A_q, [src] ++ ldr B_q, [srcend, -16] ++ str A_q, [dstin] ++ str B_q, [dstend, -16] ++ ret ++ ++ /* Copy 8-15 bytes. */ ++L(copy16): ++ tbz count, 3, L(copy8) ++ ldr A_l, [src] ++ ldr A_h, [srcend, -8] ++ str A_l, [dstin] ++ str A_h, [dstend, -8] ++ ret ++ ++ /* Copy 4-7 bytes. */ ++L(copy8): ++ tbz count, 2, L(copy4) ++ ldr A_lw, [src] ++ ldr B_lw, [srcend, -4] ++ str A_lw, [dstin] ++ str B_lw, [dstend, -4] ++ ret ++ ++ /* Copy 0..3 bytes using a branchless sequence. */ ++L(copy4): ++ cbz count, L(copy0) ++ lsr tmp1, count, 1 ++ ldrb A_lw, [src] ++ ldrb C_lw, [srcend, -1] ++ ldrb B_lw, [src, tmp1] ++ strb A_lw, [dstin] ++ strb B_lw, [dstin, tmp1] ++ strb C_lw, [dstend, -1] ++L(copy0): ++ ret ++ ++ .p2align 4 ++ /* Medium copies: 33..128 bytes. */ ++L(copy32_128): ++ ldp A_q, B_q, [src] ++ ldp C_q, D_q, [srcend, -32] ++ cmp count, 64 ++ b.hi L(copy128) ++ stp A_q, B_q, [dstin] ++ stp C_q, D_q, [dstend, -32] ++ ret ++ ++ .p2align 4 ++ /* Copy 65..128 bytes. */ ++L(copy128): ++ ldp E_q, F_q, [src, 32] ++ cmp count, 96 ++ b.ls L(copy96) ++ ldp G_q, H_q, [srcend, -64] ++ stp G_q, H_q, [dstend, -64] ++L(copy96): ++ stp A_q, B_q, [dstin] ++ stp E_q, F_q, [dstin, 32] ++ stp C_q, D_q, [dstend, -32] ++ ret ++ ++ /* Align loop64 below to 16 bytes. */ ++ nop ++ ++ /* Copy more than 128 bytes. */ ++L(copy_long): ++ /* Copy 16 bytes and then align src to 16-byte alignment. */ ++ ldr D_q, [src] ++ and tmp1, src, 15 ++ bic src, src, 15 ++ sub dst, dstin, tmp1 ++ add count, count, tmp1 /* Count is now 16 too large. */ ++ ldp A_q, B_q, [src, 16] ++ str D_q, [dstin] ++ ldp C_q, D_q, [src, 48] ++ subs count, count, 128 + 16 /* Test and readjust count. */ ++ b.ls L(copy64_from_end) ++L(loop64): ++ stp A_q, B_q, [dst, 16] ++ ldp A_q, B_q, [src, 80] ++ stp C_q, D_q, [dst, 48] ++ ldp C_q, D_q, [src, 112] ++ add src, src, 64 ++ add dst, dst, 64 ++ subs count, count, 64 ++ b.hi L(loop64) ++ ++ /* Write the last iteration and copy 64 bytes from the end. */ ++L(copy64_from_end): ++ ldp E_q, F_q, [srcend, -64] ++ stp A_q, B_q, [dst, 16] ++ ldp A_q, B_q, [srcend, -32] ++ stp C_q, D_q, [dst, 48] ++ stp E_q, F_q, [dstend, -64] ++ stp A_q, B_q, [dstend, -32] ++ ret ++ ++END (__memcpy_simd) ++libc_hidden_builtin_def (__memcpy_simd) ++ ++ ++ENTRY (__memmove_simd) ++ DELOUSE (0) ++ DELOUSE (1) ++ DELOUSE (2) ++ ++ add srcend, src, count ++ add dstend, dstin, count ++ cmp count, 128 ++ b.hi L(move_long) ++ cmp count, 32 ++ b.hi L(copy32_128) ++ ++ /* Small moves: 0..32 bytes. */ ++ cmp count, 16 ++ b.lo L(copy16) ++ ldr A_q, [src] ++ ldr B_q, [srcend, -16] ++ str A_q, [dstin] ++ str B_q, [dstend, -16] ++ ret ++ ++L(move_long): ++ /* Only use backward copy if there is an overlap. */ ++ sub tmp1, dstin, src ++ cbz tmp1, L(move0) ++ cmp tmp1, count ++ b.hs L(copy_long) ++ ++ /* Large backwards copy for overlapping copies. ++ Copy 16 bytes and then align srcend to 16-byte alignment. */ ++L(copy_long_backwards): ++ ldr D_q, [srcend, -16] ++ and tmp1, srcend, 15 ++ bic srcend, srcend, 15 ++ sub count, count, tmp1 ++ ldp A_q, B_q, [srcend, -32] ++ str D_q, [dstend, -16] ++ ldp C_q, D_q, [srcend, -64] ++ sub dstend, dstend, tmp1 ++ subs count, count, 128 ++ b.ls L(copy64_from_start) ++ ++L(loop64_backwards): ++ stp A_q, B_q, [dstend, -32] ++ ldp A_q, B_q, [srcend, -96] ++ stp C_q, D_q, [dstend, -64] ++ ldp C_q, D_q, [srcend, -128] ++ sub srcend, srcend, 64 ++ sub dstend, dstend, 64 ++ subs count, count, 64 ++ b.hi L(loop64_backwards) ++ ++ /* Write the last iteration and copy 64 bytes from the start. */ ++L(copy64_from_start): ++ ldp E_q, F_q, [src, 32] ++ stp A_q, B_q, [dstend, -32] ++ ldp A_q, B_q, [src] ++ stp C_q, D_q, [dstend, -64] ++ stp E_q, F_q, [dstin, 32] ++ stp A_q, B_q, [dstin] ++L(move0): ++ ret ++ ++END (__memmove_simd) ++libc_hidden_builtin_def (__memmove_simd) +--- a/sysdeps/aarch64/multiarch/memmove.c ++++ b/sysdeps/aarch64/multiarch/memmove.c +@@ -29,6 +29,7 @@ + extern __typeof (__redirect_memmove) __libc_memmove; + + extern __typeof (__redirect_memmove) __memmove_generic attribute_hidden; ++extern __typeof (__redirect_memmove) __memmove_simd attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_thunderx attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_thunderx2 attribute_hidden; + extern __typeof (__redirect_memmove) __memmove_falkor attribute_hidden; +@@ -40,7 +41,10 @@ + ? __memmove_falkor + : (IS_THUNDERX2 (midr) || IS_THUNDERX2PA (midr) + ? __memmove_thunderx2 +- : __memmove_generic)))); ++ : (IS_NEOVERSE_N1 (midr) || IS_NEOVERSE_N2 (midr) ++ || IS_NEOVERSE_V1 (midr) ++ ? __memmove_simd ++ : __memmove_generic))))); + + # undef memmove + strong_alias (__libc_memmove, memmove); +--- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h ++++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h +@@ -51,8 +51,12 @@ + + #define IS_PHECDA(midr) (MIDR_IMPLEMENTOR(midr) == 'h' \ + && MIDR_PARTNUM(midr) == 0x000) +-#define IS_ARES(midr) (MIDR_IMPLEMENTOR(midr) == 'A' \ +- && MIDR_PARTNUM(midr) == 0xd0c) ++#define IS_NEOVERSE_N1(midr) (MIDR_IMPLEMENTOR(midr) == 'A' \ ++ && MIDR_PARTNUM(midr) == 0xd0c) ++#define IS_NEOVERSE_N2(midr) (MIDR_IMPLEMENTOR(midr) == 'A' \ ++ && MIDR_PARTNUM(midr) == 0xd49) ++#define IS_NEOVERSE_V1(midr) (MIDR_IMPLEMENTOR(midr) == 'A' \ ++ && MIDR_PARTNUM(midr) == 0xd40) + + #define IS_EMAG(midr) (MIDR_IMPLEMENTOR(midr) == 'P' \ + && MIDR_PARTNUM(midr) == 0x000) diff -Nru glibc-2.31/debian/patches/ubuntu/git-aarch64-Accept-PLT-calls-to-__getauxval-within-libc..patch glibc-2.31/debian/patches/ubuntu/git-aarch64-Accept-PLT-calls-to-__getauxval-within-libc..patch --- glibc-2.31/debian/patches/ubuntu/git-aarch64-Accept-PLT-calls-to-__getauxval-within-libc..patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/ubuntu/git-aarch64-Accept-PLT-calls-to-__getauxval-within-libc..patch 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,26 @@ +From 16536e98e36e08bc1ce1edbd8dd50c7c3bb7a936 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 12 May 2020 11:30:30 +0200 +Subject: [PATCH] aarch64: Accept PLT calls to __getauxval within libc.so + +When using outline atomics (-moutline-atomics, the default for ARMv8-A +starting with GCC 10), libgcc contains an ELF constructor which calls +__getauxval. This code is built outside of glibc, so none of its +internal PLT avoidance schemes can be applied to it. This change +suppresses the elf/check-localplt failure. +--- + sysdeps/unix/sysv/linux/aarch64/localplt.data | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/sysdeps/unix/sysv/linux/aarch64/localplt.data ++++ b/sysdeps/unix/sysv/linux/aarch64/localplt.data +@@ -7,6 +7,9 @@ + libc.so: memalign + libc.so: realloc + libm.so: matherr ++# If outline atomics are used, libgcc (built outside of glibc) may ++# call __getauxval using the PLT. ++libc.so: __getauxval ? + # The dynamic loader needs __tls_get_addr for TLS. + ld.so: __tls_get_addr + # The main malloc is interposed into the dynamic linker, for diff -Nru glibc-2.31/debian/patches/ubuntu/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch glibc-2.31/debian/patches/ubuntu/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch --- glibc-2.31/debian/patches/ubuntu/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/ubuntu/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,79 @@ +From d3c57027470b78dba79c6d931e4e409b1fecfc80 Mon Sep 17 00:00:00 2001 +From: Patrick McGehearty +Date: Mon, 28 Sep 2020 20:11:28 +0000 +Subject: [PATCH] Reversing calculation of __x86_shared_non_temporal_threshold + +The __x86_shared_non_temporal_threshold determines when memcpy on x86 +uses non_temporal stores to avoid pushing other data out of the last +level cache. + +This patch proposes to revert the calculation change made by H.J. Lu's +patch of June 2, 2017. + +H.J. Lu's patch selected a threshold suitable for a single thread +getting maximum performance. It was tuned using the single threaded +large memcpy micro benchmark on an 8 core processor. The last change +changes the threshold from using 3/4 of one thread's share of the +cache to using 3/4 of the entire cache of a multi-threaded system +before switching to non-temporal stores. Multi-threaded systems with +more than a few threads are server-class and typically have many +active threads. If one thread consumes 3/4 of the available cache for +all threads, it will cause other active threads to have data removed +from the cache. Two examples show the range of the effect. John +McCalpin's widely parallel Stream benchmark, which runs in parallel +and fetches data sequentially, saw a 20% slowdown with this patch on +an internal system test of 128 threads. This regression was discovered +when comparing OL8 performance to OL7. An example that compares +normal stores to non-temporal stores may be found at +https://vgatherps.github.io/2018-09-02-nontemporal/. A simple test +shows performance loss of 400 to 500% due to a failure to use +nontemporal stores. These performance losses are most likely to occur +when the system load is heaviest and good performance is critical. + +The tunable x86_non_temporal_threshold can be used to override the +default for the knowledgable user who really wants maximum cache +allocation to a single thread in a multi-threaded system. +The manual entry for the tunable has been expanded to provide +more information about its purpose. + + modified: sysdeps/x86/cacheinfo.c +--- + sysdeps/x86/cacheinfo.c | 16 +++++++++++----- + 1 file changed, 11 insertions(+), 5 deletions(-) + +Origin: backport, https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=d3c57027470b +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1928508 + +diff --git a/sysdeps/x86/cacheinfo.c b/sysdeps/x86/cacheinfo.c +index 217c21c34ff2..dadec5d58f9f 100644 +--- a/sysdeps/x86/cacheinfo.c ++++ b/sysdeps/x86/cacheinfo.c +@@ -778,14 +778,20 @@ init_cacheinfo (void) + __x86_shared_cache_size = shared; + } + +- /* The large memcpy micro benchmark in glibc shows that 6 times of +- shared cache size is the approximate value above which non-temporal +- store becomes faster on a 8-core processor. This is the 3/4 of the +- total shared cache size. */ ++ /* The default setting for the non_temporal threshold is 3/4 of one ++ thread's share of the chip's cache. For most Intel and AMD processors ++ with an initial release date between 2017 and 2020, a thread's typical ++ share of the cache is from 500 KBytes to 2 MBytes. Using the 3/4 ++ threshold leaves 125 KBytes to 500 KBytes of the thread's data ++ in cache after a maximum temporal copy, which will maintain ++ in cache a reasonable portion of the thread's stack and other ++ active data. If the threshold is set higher than one thread's ++ share of the cache, it has a substantial risk of negatively ++ impacting the performance of other threads running on the chip. */ + __x86_shared_non_temporal_threshold + = (cpu_features->non_temporal_threshold != 0 + ? cpu_features->non_temporal_threshold +- : __x86_shared_cache_size * threads * 3 / 4); ++ : __x86_shared_cache_size * 3 / 4); + } + + #endif +-- +2.31.1 + diff -Nru glibc-2.31/debian/patches/ubuntu/submitted-broadcast-to-prevent-deadlock.diff glibc-2.31/debian/patches/ubuntu/submitted-broadcast-to-prevent-deadlock.diff --- glibc-2.31/debian/patches/ubuntu/submitted-broadcast-to-prevent-deadlock.diff 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.31/debian/patches/ubuntu/submitted-broadcast-to-prevent-deadlock.diff 2023-07-26 07:44:39.000000000 +0000 @@ -0,0 +1,26 @@ +Description: Signal all waiters to prevent a potential deadlock + +Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=25847 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1899800 +Author: Qin Li + +diff --git a/nptl/pthread_cond_wait.c b/nptl/pthread_cond_wait.c +index cf372bc017..88ac0be6e1 100644 +--- a/nptl/pthread_cond_wait.c ++++ b/nptl/pthread_cond_wait.c +@@ -608,6 +608,15 @@ __pthread_cond_wait_common (pthread_cond_t *cond, pthread_mutex_t *mutex, + the signal from, which cause it to block using the + futex). */ + futex_wake (cond->__data.__g_signals + g, 1, private); ++ ++ /* We might be wrong about stealing, we got the signal ++ from the an old g1, but ended up returning it to ++ a different g1. We can't tell whether it is the case. ++ If it is, we now caused another issue: ++ now g_refs[g1] is one less than g_size[g1]. ++ The mitigation step is to broadcast g1 and g2, let every ++ waiter wake up spuriosly. */ ++ __pthread_cond_broadcast(cond); + break; + } + /* TODO Back off. */ diff -Nru glibc-2.31/debian/rules glibc-2.31/debian/rules --- glibc-2.31/debian/rules 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/rules 2023-07-26 07:44:39.000000000 +0000 @@ -177,7 +177,6 @@ DEBUG_$(libc) = 1 DEBUG_libc6-xen = 1 DEBUG_libc6.1-alphaev67 = 1 -DEBUG_libc6-lse = 1 DEBUG_libc6-prof = 1 ifeq ($(filter stage1,$(DEB_BUILD_PROFILES)),) @@ -201,7 +200,7 @@ # Required Debian targets build-arch: $(stamp)info \ $(patsubst %,$(stamp)build_%,$(GLIBC_PASSES)) \ - $(patsubst %,$(stamp)check_%,$(filter-out $(GLIBC_PASSES_NOCHECK),$(GLIBC_PASSES))) + $(patsubst %,$(stamp)check_%,$(GLIBC_PASSES)) ifeq ($(filter stage1,$(DEB_BUILD_PROFILES)),) build-arch: $(stamp)build_C.UTF-8 \ $(stamp)build_locales-all diff -Nru glibc-2.31/debian/rules.d/debhelper.mk glibc-2.31/debian/rules.d/debhelper.mk --- glibc-2.31/debian/rules.d/debhelper.mk 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/rules.d/debhelper.mk 2023-07-26 07:44:39.000000000 +0000 @@ -51,7 +51,11 @@ # work even without that package installed. if test "$(NOSTRIP_$(curpass))" != 1; then \ if test "$(DEBUG_$(curpass))" = 1; then \ - DH_COMPAT=8 dh_strip -p$(curpass) -Xlibpthread $(DH_STRIP_DEBUG_PACKAGE); \ + if test "$(DEB_HOST_ARCH)" = "armhf"; then \ + dh_strip -p$(curpass) -Xlibpthread -Xld-$(GLIBC_VERSION).so $(DH_STRIP_DEBUG_PACKAGE); \ + else \ + dh_strip -p$(curpass) -Xlibpthread $(DH_STRIP_DEBUG_PACKAGE); \ + fi ; \ for f in $$(find debian/$(curpass) -name libpthread-\*.so) ; do \ dbgfile=$$(LC_ALL=C readelf -n $$f | sed -e '/Build ID:/!d' \ -e "s#^.*Build ID: \([0-9a-f]\{2\}\)\([0-9a-f]\+\)#\1/\2.debug#") ; \ @@ -63,7 +67,11 @@ --remove-section=.note $$f ; \ done ; \ else \ - DH_COMPAT=8 dh_strip -p$(curpass) -Xlibpthread; \ + if test "$(DEB_HOST_ARCH)" = "armhf"; then \ + dh_strip -p$(curpass) -Xlibpthread -Xld-$(GLIBC_VERSION).so ; \ + else \ + dh_strip -p$(curpass) -Xlibpthread ; \ + fi ; \ fi ; \ for f in $$(find debian/$(curpass) -name \*crt\*.o) ; do \ $(DEB_HOST_GNU_TYPE)-strip --strip-debug --remove-section=.comment \ @@ -116,7 +124,7 @@ dh_testroot dh_installdirs -p$(curpass) dh_install -p$(curpass) - DH_COMPAT=8 dh_strip -p$(curpass) + dh_strip -p$(curpass) # when you want to install extra packages, use extra_pkg_install. $(call xx,extra_pkg_install) diff -Nru glibc-2.31/debian/sysdeps/arm64.mk glibc-2.31/debian/sysdeps/arm64.mk --- glibc-2.31/debian/sysdeps/arm64.mk 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/sysdeps/arm64.mk 2023-07-26 07:44:39.000000000 +0000 @@ -1,12 +1,4 @@ # configuration options for all flavours extra_config_options = --enable-multi-arch - -ifeq (,$(filter stage1 stage2, $(DEB_BUILD_PROFILES))) -# build an LSE optimized library -GLIBC_PASSES += lse -GLIBC_PASSES_NOCHECK += lse +libc_extra_cflags = -moutline-atomics DEB_ARCH_REGULAR_PACKAGES += libc6-lse -lse_CC = $(CC) -march=armv8-a+lse -lse_CXX = $(CXX) -march=armv8-a+lse -lse_slibdir = /lib/$(DEB_HOST_MULTIARCH)/atomics -endif diff -Nru glibc-2.31/debian/sysdeps/riscv64.mk glibc-2.31/debian/sysdeps/riscv64.mk --- glibc-2.31/debian/sysdeps/riscv64.mk 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/sysdeps/riscv64.mk 2023-07-26 07:44:39.000000000 +0000 @@ -1,2 +1,3 @@ # riscv64 buildd are QEMU based and thus very slow TIMEOUTFACTOR=100 +DEB_BUILD_OPTIONS+=nocheck diff -Nru glibc-2.31/debian/testsuite-xfail-debian.mk glibc-2.31/debian/testsuite-xfail-debian.mk --- glibc-2.31/debian/testsuite-xfail-debian.mk 2020-12-16 11:04:55.000000000 +0000 +++ glibc-2.31/debian/testsuite-xfail-debian.mk 2023-11-22 13:32:50.000000000 +0000 @@ -35,6 +35,8 @@ test-xfail-tst-nss-db-endgrent = yes test-xfail-tst-nss-files-hosts-long = yes test-xfail-tst-system = yes +test-xfail-tst-nss-gai-actions = yes +test-xfail-tst-nss-gai-hv2-canonname = yes # LP: #1891403 needs good entropy source test-xfail-tst-getrandom = yes @@ -1008,6 +1010,7 @@ # needs investigation, fail on launchpad test-xfail-tst-mxfast = yes test-xfail-tst-mutex10 = yes +test-xtail-test-float64x-yn = yes endif ######################################################################