From 931d0d4440f7201deaee68f519b9500d32ca29d6 Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Mon, 21 Jan 2019 18:57:15 +0000 Subject: system/musl: bump to 1.1.21 --- ...ernals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch | 29 ------- system/musl/APKBUILD | 28 +++---- system/musl/__stack_chk_fail_local.c | 2 - system/musl/dcngettext-null-deref.patch | 82 ------------------ system/musl/dynamic-binary-stack-size.patch | 97 ---------------------- system/musl/fix-file-locking-race.patch | 54 ------------ system/musl/getaddrinfo-regression.patch | 51 ------------ system/musl/ppc64-atomic.patch | 74 ----------------- 8 files changed, 10 insertions(+), 407 deletions(-) delete mode 100644 system/musl/2000-pthread-internals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch delete mode 100644 system/musl/__stack_chk_fail_local.c delete mode 100644 system/musl/dcngettext-null-deref.patch delete mode 100644 system/musl/dynamic-binary-stack-size.patch delete mode 100644 system/musl/fix-file-locking-race.patch delete mode 100644 system/musl/getaddrinfo-regression.patch delete mode 100644 system/musl/ppc64-atomic.patch (limited to 'system/musl') diff --git a/system/musl/2000-pthread-internals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch b/system/musl/2000-pthread-internals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch deleted file mode 100644 index b39664dac..000000000 --- a/system/musl/2000-pthread-internals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 58dec23397e3fcc4300cc03839ce5e508389abbc Mon Sep 17 00:00:00 2001 -From: William Pitcock -Date: Thu, 22 Jun 2017 22:04:51 +0000 -Subject: [PATCH] pthread internals: increase DEFAULT_GUARD_SIZE to 2 pages - instead of 1 page. - -This is intended to be a proactive mitigation against any bugs similar to CVE-2017-1000366. - -Signed-off-by: William Pitcock ---- - src/internal/pthread_impl.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/internal/pthread_impl.h b/src/internal/pthread_impl.h -index ae0ab1c5..ad4ea3fa 100644 ---- a/src/internal/pthread_impl.h -+++ b/src/internal/pthread_impl.h -@@ -146,7 +146,7 @@ void __block_app_sigs(void *); - void __restore_sigs(void *); - - #define DEFAULT_STACK_SIZE 81920 --#define DEFAULT_GUARD_SIZE 4096 -+#define DEFAULT_GUARD_SIZE 8192 - - #define __ATTRP_C11_THREAD ((void*)(uintptr_t)-1) - --- -2.13.0 - diff --git a/system/musl/APKBUILD b/system/musl/APKBUILD index df828a90e..368ba8766 100644 --- a/system/musl/APKBUILD +++ b/system/musl/APKBUILD @@ -1,16 +1,14 @@ -# Contributor: William Pitcock # Maintainer: A. Wilcox pkgname=musl -pkgver=1.1.20 -pkgrel=6 +pkgver=1.1.21 +pkgrel=0 pkgdesc="System library (libc) implementation" url="http://www.musl-libc.org/" arch="all" options="!check" license="MIT" depends="" -depends_dev="!uclibc-dev" -makedepends="$depends_dev" +makedepends="" subpackages="$pkgname-dev" case "$BOOTSTRAP" in nocc) pkgname="musl-dev" @@ -25,14 +23,8 @@ nolibc) ;; esac source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz amalgamation.patch - 2000-pthread-internals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch 3001-make-real-lastlog-h.patch handle-aux-at_base.patch - fix-file-locking-race.patch - dcngettext-null-deref.patch - getaddrinfo-regression.patch - ppc64-atomic.patch - dynamic-binary-stack-size.patch fgetspent_r.patch ldconfig @@ -104,8 +96,14 @@ package() { rm "$pkgdir"/usr/include/utmpx.h # utmps } +dev() { + provides="libc-dev=$pkgver-r$pkgrel" + default_dev +} + utils() { depends="!uclibc-utils scanelf" + provides="libc-utils=$pkgver-r$pkgrel" replaces="libiconv uclibc-utils" license="BSD-2-Clause AND GPL-2.0+" @@ -120,16 +118,10 @@ utils() { install -D -m755 "$srcdir"/ldconfig "$subpkgdir"/sbin } -sha512sums="d3a7a30aa375ca50d7dcfbd618581d59e1aa5378417f50a0ca5510099336fd74cc9db468e05c93dda3067abd890f6bd47af226c3446bb833adf0a5054bff2e5d musl-1.1.20.tar.gz +sha512sums="fa6c4cc012626c5e517e0e10926fc845e3aa5f863ffaceeb38ac5b9ce0af631a37f6b94f470997db09aa0d5e03f4f28a2db83484b0f98481bea2239c1989d363 musl-1.1.21.tar.gz 3162b778101a46d9fb3a38927e3c4969781ccdabb9bb72de10d48ea31691215ecba605faee945ed86144a7e31fc948c31c2fee2881dc07897be3e82b6c6ff1e6 amalgamation.patch -2c8e1dde1834238097b2ee8a7bfb53471a0d9cff4a5e38b55f048b567deff1cdd47c170d0578a67b1a039f95a6c5fbb8cff369c75b6a3e4d7ed171e8e86ebb8c 2000-pthread-internals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch 88ae443dbb8e0a4368235bdc3a1c5c7b718495afa75e06deb8e01becc76cb1f0d6964589e2204fc749c9c1b3190b8b9ac1ae2c0099cab8e2ce3ec877103d4332 3001-make-real-lastlog-h.patch 6a7ff16d95b5d1be77e0a0fbb245491817db192176496a57b22ab037637d97a185ea0b0d19da687da66c2a2f5578e4343d230f399d49fe377d8f008410974238 handle-aux-at_base.patch -b967339d9048161583523e847be91779adb0e16cc225d6ff85ef51748269b2dab08a0b8e558ad01469135837a9df76a59bf9a31791dd4063d75bc5efe6e94861 fix-file-locking-race.patch -a08d1b170356beea333ace1da12f8a8399ca80c5d9c32ff2fcd8562537a670214f566e4b1219a11b32129078e22fbf7009bb277b7de8550a89352a64b3b5090d dcngettext-null-deref.patch -e3953a3a73ef11696dd3eb216e18b152ae35198d8bff686d157e27bc90fb558f9a0be518025a90534e9afd6ea1bf731ffdb6fcb202bb9368f2c8eec7ca886141 getaddrinfo-regression.patch -aae9110eccb8cd7dcd3c957fcb01ed524598f79f7fa1a16b9993af40793545d1ec211e7e6aeabe7af7715d94cc26a473ea0acf6d6e66019bf65f03d4b8e24a4b ppc64-atomic.patch -654f76c96ed0e69e19b1a20569e83751bb207a8c181b26742f505638095dde3f4dd3f785deb92c49a603bd15cd8d4932129f567de8cd2edffdd8551c4dfd6976 dynamic-binary-stack-size.patch ded41235148930f8cf781538f7d63ecb0c65ea4e8ce792565f3649ee2523592a76b2a166785f0b145fc79f5852fd1fb1729a7a09110b3b8f85cba3912e790807 fgetspent_r.patch cce2f1eeb61e55674469c26871a573cce61d739c3defe9c8f56f2b774f6ba5435849ad542a6714120efddc98c297098e9c98a1a424ac593df2243d4aa479f9a9 ldconfig 378d70e65bcc65bb4e1415354cecfa54b0c1146dfb24474b69e418cdbf7ad730472cd09f6f103e1c99ba6c324c9560bccdf287f5889bbc3ef0bdf0e08da47413 getent.c diff --git a/system/musl/__stack_chk_fail_local.c b/system/musl/__stack_chk_fail_local.c deleted file mode 100644 index 2b403a6e0..000000000 --- a/system/musl/__stack_chk_fail_local.c +++ /dev/null @@ -1,2 +0,0 @@ -extern void __stack_chk_fail(void); -void __attribute__((visibility ("hidden"))) __stack_chk_fail_local(void) { __stack_chk_fail(); } diff --git a/system/musl/dcngettext-null-deref.patch b/system/musl/dcngettext-null-deref.patch deleted file mode 100644 index bcc385e86..000000000 --- a/system/musl/dcngettext-null-deref.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 017e67ddde79fa2b6187a5e56b1e92bafc7c4cd2 Mon Sep 17 00:00:00 2001 -From: Rich Felker -Date: Fri, 14 Sep 2018 13:00:41 -0400 -Subject: drop lazy plural forms init in dcngettext - -there is no good reason to wait to find and process the plural rules -for a translated message file until a gettext form requesting plural -rule processing is used. it just imposes additional synchronization, -here in the form of clunky use of atomics. - -it looks like there may also have been a race condition where nplurals -could be seen without plural_rule being seen, possibly leading to null -pointer dereference. if so, this commit fixes it. ---- - src/locale/dcngettext.c | 35 +++++++++++++++++------------------ - 1 file changed, 17 insertions(+), 18 deletions(-) - -diff --git a/src/locale/dcngettext.c b/src/locale/dcngettext.c -index 7fbe7196..8b891d00 100644 ---- a/src/locale/dcngettext.c -+++ b/src/locale/dcngettext.c -@@ -100,8 +100,8 @@ struct msgcat { - struct msgcat *next; - const void *map; - size_t map_size; -- void *volatile plural_rule; -- volatile int nplurals; -+ const char *plural_rule; -+ int nplurals; - struct binding *binding; - const struct __locale_map *lm; - int cat; -@@ -200,20 +200,7 @@ notrans: - p->lm = lm; - p->map = map; - p->map_size = map_size; -- do { -- old_cats = cats; -- p->next = old_cats; -- } while (a_cas_p(&cats, old_cats, p) != old_cats); -- } -- -- const char *trans = __mo_lookup(p->map, p->map_size, msgid1); -- if (!trans) goto notrans; -- -- /* Non-plural-processing gettext forms pass a null pointer as -- * msgid2 to request that dcngettext suppress plural processing. */ -- if (!msgid2) return (char *)trans; - -- if (!p->plural_rule) { - const char *rule = "n!=1;"; - unsigned long np = 2; - const char *r = __mo_lookup(p->map, p->map_size, ""); -@@ -237,10 +224,22 @@ notrans: - rule = r+7; - } - } -- a_store(&p->nplurals, np); -- a_cas_p(&p->plural_rule, 0, (void *)rule); -+ p->nplurals = np; -+ p->plural_rule = rule; -+ -+ do { -+ old_cats = cats; -+ p->next = old_cats; -+ } while (a_cas_p(&cats, old_cats, p) != old_cats); - } -- if (p->nplurals) { -+ -+ const char *trans = __mo_lookup(p->map, p->map_size, msgid1); -+ if (!trans) goto notrans; -+ -+ /* Non-plural-processing gettext forms pass a null pointer as -+ * msgid2 to request that dcngettext suppress plural processing. */ -+ -+ if (msgid2 && p->nplurals) { - unsigned long plural = __pleval(p->plural_rule, n); - if (plural > p->nplurals) goto notrans; - while (plural--) { --- -cgit v1.2.1 - diff --git a/system/musl/dynamic-binary-stack-size.patch b/system/musl/dynamic-binary-stack-size.patch deleted file mode 100644 index e2e3f12d3..000000000 --- a/system/musl/dynamic-binary-stack-size.patch +++ /dev/null @@ -1,97 +0,0 @@ -From 7b3348a98c139b4b4238384e52d4b0eb237e4833 Mon Sep 17 00:00:00 2001 -From: Rich Felker -Date: Tue, 18 Sep 2018 23:54:18 -0400 -Subject: support setting of default thread stack size via PT_GNU_STACK header - -this facilitates building software that assumes a large default stack -size without any patching to call pthread_setattr_default_np or -pthread_attr_setstacksize at each thread creation site, using just -LDFLAGS. - -normally the PT_GNU_STACK header is used only to reflect whether -executable stack is desired, but with GNU ld at least, passing --Wl,-z,stack-size=N will set a size on the program header. with this -patch, that size will be incorporated into the default stack size -(subject to increase-only rule and DEFAULT_STACK_MAX limit). - -both static and dynamic linking honor the program header. for dynamic -linking, all libraries loaded at program start, including preloaded -ones, are considered. dlopened libraries are not considered, for -several reasons. extra logic would be needed to defer processing until -the load of the new library is commited, synchronization woud be -needed since other threads may be running concurrently, and the -effectiveness woud be limited since the larger size would not apply to -threads that already existed at the time of dlopen. programs that will -dlopen code expecting a large stack need to declare the requirement -themselves, or pthread_setattr_default_np can be used. ---- - ldso/dynlink.c | 12 ++++++++++++ - src/env/__init_tls.c | 5 +++++ - 2 files changed, 17 insertions(+) - -diff --git a/ldso/dynlink.c b/ldso/dynlink.c -index e4829c3a..3ecbddfa 100644 ---- a/ldso/dynlink.c -+++ b/ldso/dynlink.c -@@ -22,6 +22,7 @@ - #include "dynlink.h" - - static void error(const char *, ...); -+extern size_t __default_stacksize; - - #define MAXP2(a,b) (-(-(a)&-(b))) - #define ALIGN(x,y) ((x)+(y)-1 & -(y)) -@@ -609,6 +610,12 @@ static void *map_library(int fd, struct dso *dso) - } else if (ph->p_type == PT_GNU_RELRO) { - dso->relro_start = ph->p_vaddr & -PAGE_SIZE; - dso->relro_end = (ph->p_vaddr + ph->p_memsz) & -PAGE_SIZE; -+ } else if (ph->p_type == PT_GNU_STACK) { -+ if (!runtime && ph->p_memsz > __default_stacksize) { -+ __default_stacksize = -+ ph->p_memsz < (8<<20) ? -+ ph->p_memsz : (8<<20); -+ } - } - if (ph->p_type != PT_LOAD) continue; - nsegs++; -@@ -1238,6 +1245,12 @@ static void kernel_mapped_dso(struct dso *p) - } else if (ph->p_type == PT_GNU_RELRO) { - p->relro_start = ph->p_vaddr & -PAGE_SIZE; - p->relro_end = (ph->p_vaddr + ph->p_memsz) & -PAGE_SIZE; -+ } else if (ph->p_type == PT_GNU_STACK) { -+ if (!runtime && ph->p_memsz > __default_stacksize) { -+ __default_stacksize = -+ ph->p_memsz < (8<<20) ? -+ ph->p_memsz : (8<<20); -+ } - } - if (ph->p_type != PT_LOAD) continue; - if (ph->p_vaddr < min_addr) -diff --git a/src/env/__init_tls.c b/src/env/__init_tls.c -index e0224243..96d0e284 100644 ---- a/src/env/__init_tls.c -+++ b/src/env/__init_tls.c -@@ -8,6 +8,8 @@ - #include "atomic.h" - #include "syscall.h" - -+extern size_t __default_stacksize; -+ - int __init_tp(void *p) - { - pthread_t td = p; -@@ -90,6 +91,11 @@ static void static_init_tls(size_t *aux) - base = (size_t)_DYNAMIC - phdr->p_vaddr; - if (phdr->p_type == PT_TLS) - tls_phdr = phdr; -+ if (phdr->p_type == PT_GNU_STACK && -+ phdr->p_memsz > __default_stacksize) -+ __default_stacksize = -+ phdr->p_memsz < (8<<20) ? -+ phdr->p_memsz : (8<<20); - } - - if (tls_phdr) { --- -cgit v1.2.1 - diff --git a/system/musl/fix-file-locking-race.patch b/system/musl/fix-file-locking-race.patch deleted file mode 100644 index 2ef91390a..000000000 --- a/system/musl/fix-file-locking-race.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 0db393d3a77bb9f300a356c6a5484fc2dddb161d Mon Sep 17 00:00:00 2001 -From: Kaarle Ritvanen -Date: Tue, 18 Sep 2018 10:03:27 +0300 -Subject: fix race condition in file locking - -The condition occurs when -- thread #1 is holding the lock -- thread #2 is waiting for it on __futexwait -- thread #1 is about to release the lock and performs a_swap -- thread #3 enters the __lockfile function and manages to grab the lock - before thread #1 calls __wake, resetting the MAYBE_WAITERS flag -- thread #1 calls __wake -- thread #2 wakes up but goes again to __futexwait as the lock is - held by thread #3 -- thread #3 releases the lock but does not call __wake as the - MAYBE_WAITERS flag is not set - -This condition results in thread #2 not being woken up. This patch fixes -the problem by making the woken up thread ensure that the flag is -properly set before going to sleep again. - -Mainainer's note: This fixes a regression introduced in commit -c21f750727515602a9e84f2a190ee8a0a2aeb2a1. ---- - src/stdio/__lockfile.c | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git a/src/stdio/__lockfile.c b/src/stdio/__lockfile.c -index 2ff75d8a..0dcb2a42 100644 ---- a/src/stdio/__lockfile.c -+++ b/src/stdio/__lockfile.c -@@ -8,13 +8,13 @@ int __lockfile(FILE *f) - int owner = f->lock, tid = __pthread_self()->tid; - if ((owner & ~MAYBE_WAITERS) == tid) - return 0; -- for (;;) { -- owner = a_cas(&f->lock, 0, tid); -- if (!owner) return 1; -- if (a_cas(&f->lock, owner, owner|MAYBE_WAITERS)==owner) break; -+ owner = a_cas(&f->lock, 0, tid); -+ if (!owner) return 1; -+ while ((owner = a_cas(&f->lock, 0, tid|MAYBE_WAITERS))) { -+ if ((owner & MAYBE_WAITERS) || -+ a_cas(&f->lock, owner, owner|MAYBE_WAITERS)==owner) -+ __futexwait(&f->lock, owner|MAYBE_WAITERS, 1); - } -- while ((owner = a_cas(&f->lock, 0, tid|MAYBE_WAITERS))) -- __futexwait(&f->lock, owner, 1); - return 1; - } - --- -cgit v1.2.1 - diff --git a/system/musl/getaddrinfo-regression.patch b/system/musl/getaddrinfo-regression.patch deleted file mode 100644 index 28d4558b8..000000000 --- a/system/musl/getaddrinfo-regression.patch +++ /dev/null @@ -1,51 +0,0 @@ -From f381c118b2d4f7d914481d3cdc830ce41369b002 Mon Sep 17 00:00:00 2001 -From: Rich Felker -Date: Wed, 19 Sep 2018 18:03:22 -0400 -Subject: fix getaddrinfo regression with AI_ADDRCONFIG on some configurations - -despite not being documented to do so in the standard or Linux -documentation, attempts to udp connect to 127.0.0.1 or ::1 generate -EADDRNOTAVAIL when the loopback device is not configured and there is -no default route for IPv6. this caused getaddrinfo with AI_ADDRCONFIG -to fail with EAI_SYSTEM and EADDRNOTAVAIL on some no-IPv6 -configurations, rather than the intended behavior of detecting IPv6 as -unsuppported and producing IPv4-only results. - -previously, only EAFNOSUPPORT was treated as unavailability of the -address family being probed. instead, treat all errors related to -inability to get an address or route as conclusive that the family -being probed is unsupported, and only fail with EAI_SYSTEM on other -errors. - -further improvements may be desirable, such as reporting EAI_AGAIN -instead of EAI_SYSTEM for errors which are expected to be transient, -but this patch should suffice to fix the serious regression. ---- - src/network/getaddrinfo.c | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/src/network/getaddrinfo.c b/src/network/getaddrinfo.c -index ba26847a..e33bfa28 100644 ---- a/src/network/getaddrinfo.c -+++ b/src/network/getaddrinfo.c -@@ -76,7 +76,16 @@ int getaddrinfo(const char *restrict host, const char *restrict serv, const stru - close(s); - if (!r) continue; - } -- if (errno != EAFNOSUPPORT) return EAI_SYSTEM; -+ switch (errno) { -+ case EADDRNOTAVAIL: -+ case EAFNOSUPPORT: -+ case EHOSTUNREACH: -+ case ENETDOWN: -+ case ENETUNREACH: -+ break; -+ default: -+ return EAI_SYSTEM; -+ } - if (family == tf[i]) return EAI_NONAME; - family = tf[1-i]; - } --- -cgit v1.2.1 - diff --git a/system/musl/ppc64-atomic.patch b/system/musl/ppc64-atomic.patch deleted file mode 100644 index 6e96a9048..000000000 --- a/system/musl/ppc64-atomic.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 12817793301398241b6cb00c740f0d3ca41076e9 Mon Sep 17 00:00:00 2001 -From: Rich Felker -Date: Fri, 14 Sep 2018 10:47:16 -0400 -Subject: fix broken atomic store on powerpc[64] - -in our memory model, all atomics are supposed to be full barriers; -stores are not release-only. this is important because store is used -as an unlock operation in places where it needs to acquire the waiter -count to determine if a futex wake is needed. at least in the -malloc-internal locks, but possibly elsewhere, soft deadlocks from -missing futex wake (breakable by poking the threads to restart the -syscall, e.g. by attaching a tracer) were reported to occur. - -once the malloc lock is replaced with Jens Gustedt's new lock -implementation (see commit 47d0bcd4762f223364e5b58d5a381aaa0cbd7c38), -malloc will not be affected by the issue, but it's not clear that -other uses won't be. reducing the strength of the ordering properties -required from a_store would require a thorough analysis of how it's -used. - -to fix the problem, I'm removing the powerpc[64]-specific a_store -definition; now, the top-level atomic.h will implement a_store using -a_barrier on both sides of the store. - -it's not clear to me yet whether there might be issues with the other -atomics. it's possible that a_post_llsc needs to be replaced with a -full barrier to guarantee the formal semanics we want, but either way -I think the difference is unlikely to impact the way we use them. ---- - arch/powerpc/atomic_arch.h | 8 -------- - arch/powerpc64/atomic_arch.h | 8 -------- - 2 files changed, 16 deletions(-) - -diff --git a/arch/powerpc/atomic_arch.h b/arch/powerpc/atomic_arch.h -index 5b65cde7..c2673919 100644 ---- a/arch/powerpc/atomic_arch.h -+++ b/arch/powerpc/atomic_arch.h -@@ -30,14 +30,6 @@ static inline void a_post_llsc() - __asm__ __volatile__ ("isync" : : : "memory"); - } - --#define a_store a_store --static inline void a_store(volatile int *p, int v) --{ -- a_pre_llsc(); -- *p = v; -- a_post_llsc(); --} -- - #define a_clz_32 a_clz_32 - static inline int a_clz_32(uint32_t x) - { -diff --git a/arch/powerpc64/atomic_arch.h b/arch/powerpc64/atomic_arch.h -index 17cababd..2bed82be 100644 ---- a/arch/powerpc64/atomic_arch.h -+++ b/arch/powerpc64/atomic_arch.h -@@ -48,14 +48,6 @@ static inline void a_post_llsc() - __asm__ __volatile__ ("isync" : : : "memory"); - } - --#define a_store a_store --static inline void a_store(volatile int *p, int v) --{ -- a_pre_llsc(); -- *p = v; -- a_post_llsc(); --} -- - #define a_crash a_crash - static inline void a_crash() - { --- -cgit v1.2.1 - -- cgit v1.2.3-60-g2f50