Commit Graph

57 Commits

Author SHA1 Message Date
Hauke Mehrtens
b2cb6bb48a musl: Fix CVE-2019-14697
musl libc through 1.1.23 has an x87 floating-point stack adjustment
imbalance, related to the math/i386/ directory. In some cases, use of
this library could introduce out-of-bounds writes that are not present
in an application's source code.

This problem only affects x86 and no other architectures.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c262daf308)
2019-08-18 23:59:23 +02:00
Luiz Angelo Daros de Luca
3b34fcaf94 musl: ldso/dlsym: fix mips returning undef dlsym
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.

Using upstream fix which now uses the same logic for relocation time
and dlsym.

Fixes openwrt/packages#9297

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 0d0617ff14)
2019-08-17 17:13:51 +02:00
Koen Vandeputte
82625374ee toolchain/musl: update to version 1.1.22
new features:
- priority-inheritance mutexes
- membarrier syscall, pre-registration to use it, fallback emulation
- header-level support for new linux features in 4.19, 4.20, 5.0

major internal changes:
- complete, async-safe view of all existent threads as global list
- robust __synccall based on new thread list
- new dynamic TLS is installed synchronously at dlopen
- TLSDESC resolver functions no longer make bad ABI assumptions to call C
- resolved shared library dependencies are now recorded

compatibility & conformance:
- dependency-order shared library constructor execution
- sigaltstack no longer rejects SS_AUTODISARM, future flags
- FILE is now a complete (dummy) type in pre-C11 feature profiles
- setvbuf reports failure on invalid arguments
- TSVTX is exposed unconditionally in tar.h
- multithreaded set*id() no longer depends on /proc
- key slot reuse after pthread_key_delete no longer depends on /proc

bugs fixed:
- failures in multithreaded set*id() with concurrent thread creation/exit
- interposed free was called from invalid/inconsistent contexts
- freeaddrinfo performed invalid free of some partial results lists
- dlsym dependency order search had false negatives and false positives
- dn_skipname gave wrong results for labels with 8-bit content
- dcngettext clobbered errno, often breaking printing of error messages
- sscanf read past end of buffer under certain conditions (1.1.21 regression)
- pthread_key_create spuriously failed under race condition (1.1.21 regression)
- fdopendir wrongly succeeded with O_PATH file descriptors
- gets behaved incorrectly in presence of null bytes
- namespace violations in c11 tsd and mutex function dependencies
- incorrect prototype for makecontext (unimplemented)

arch-specfic bugs fixed:
- s390x had wrong values for POSIX_FADV_DONTNEED/_NOREUSE

Extensively tested on dozens of devices, covering most popular architectures.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Dainis Jonitis <dainis.jonitis@ubnt.com>
Signed-off-by: Roman Yeryomin <roman@advem.lv>
2019-04-23 13:29:04 +02:00
Christian Lamparter
917e6d772c toolchain/musl: update to version 1.1.21
<https://www.openwall.com/lists/musl/2019/01/21/8>
"This release makes improvements with respect to default thread stack
size, including increasing the default from 80k to 128k, increasing
the default guard size from 4k to 8k, and allowing the default to be
increased via ELF headers so that programs that need larger stacks can
be build without source-level changes, using just LDFLAGS.
Insufficient stack size for AIO threads on kernels that don't honor
the constant MINSIGSTKSZ is also fixed.

The glob core has been rewritten to fix inability to see past
searchable-but-unreadable path components, and to avoid excessive
stack usage and unnecessary syscalls. The tsearch AVL tree
implementation has also been rewritten for better size and
performance. The math library adds more native single-instruction
implementations for arm, s390x, powerpc, and x86_64.

Various bugs are fixed, including several possible deadlocks, one of
which was a new regression in 1.1.20."

detailed release notes can be found in the WHATSNEW file:
<http://git.musl-libc.org/cgit/musl/tree/WHATSNEW#n1989>

Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-02-05 19:35:40 +01:00
Jo-Philipp Wich
ceb625439a musl: improve crypt() size hack
Instead of silently downgrading any non-MD5 crypt() request to DES,
cleanly fail with return NULL and errno = ENOSYS. This allows callers
to notice the missing support instead of the unwanted silent fallback
to DES.

Also add a menuconfig toolchain option to optionally disable the crypt
size hack completely. This can be probably made dependant on SMALL_FLASH
or a similar feature indicator in a future commit.

Ref: https://github.com/openwrt/openwrt/pull/1331
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-22 12:08:03 +01:00
Christian Lamparter
1801e60390 toolchain/musl: update to version 1.1.20
This release introduces the ability to replace/interpose the allocator
(malloc) subject to certain restrictions, adds an experimental m68k
port, and makes notable improvements to stdio (application-provided
buffers), getaddrinfo (AI_ADDRCONFIG, support for IPv4-only kernel
configurations), the dynamic linker (safety against dlopen of
libraries using initial-exec TLS model, reclaiming unused memory on
FDPIC archs, better dladdr results), and handling of default thread
stack size (pthread_setattr_default_np now works more reliably).

Many bugs have been fixed, including potentially dangerous regressions
in iconv (only for new conversions to legacy encodings) and visibly
incorrect behavior in printf on non-x86 archs (%a format with
precision specifier), in getopt_long_only when short options are a
prefix for a long option, in complex arc-trig/hyperbolic functions, in
strftime and mktime (timezone-specific issues), and numerous
less-obvious places.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[altered commit msg a bit keeping it tight]
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-21 13:25:08 +02:00
Matthias Schiffer
4b50854a60
musl: sys/socket.h: fix SO_PEERSEC value on MIPS
Differing from all other archs supported by musl, MIPS defines SO_PEERSEC
to 30 instead of 31.

Patch has also been submitted upstream.

Reported-by: Andrey Jr. Mlenikov <temnota.am@gmail.com>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-06-24 17:24:53 +02:00
Hauke Mehrtens
87606e25af musl: update to version 1.1.19
This updates musl from a commit between 1.1.18 and 1.1.19 to the final
release of the version 1.1.19.
This mostly fixes bugs in musl.

The size of the uncompressed binary is increased by about 4 KB.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-11 23:42:38 +01:00
Hauke Mehrtens
4336efe14b kernel: use upstream patches for musl
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-20 22:11:33 +01:00
Christian Lamparter
6b175b7cd6 toolchain: musl: update to current HEAD
Changes:

72656157 fix fgetwc when decoding a character that crosses buffer boundary
a223dbd2 add reverse iconv mappings for JIS-based encodings
105eff9d generalize iconv framework for 8-bit codepages
a71b46cf fix malloc state corruption when ldso rejects loading a second libc
d060edf6 reformat cjk iconv tables to be diff-friendly, match tool output
c21051e9 prevent fork's errno from being clobbered by atfork handlers
a39f20bf add iso-2022-jp support (decoding only) to iconv
5b546faa add iconv framework for decoding stateful encodings
0df5b39a simplify/optimize iconv utf-8 case
9eb6dd51 handle ascii range individually in each iconv case
bff59d13 move iconv_close to its own translation unit
79f49eff refactor iconv conversion descriptor encoding/decoding
30fdda6c fix getaddrinfo error code for non-numeric service with AI_NUMERICSERV
67b29947 fix mismatched type of __pthread_tsd_run_dtors weak definition
13935337 s390x: use generic ioctl.h
4dc44ce8 microblaze: add statx syscall from linux v4.13
ffd048a0 aarch64: add extra_context struct from linux v4.13
6651ef1f add new tcp.h socket options from linux v4.13
14ced228 add new fcntl.h macros from linux v4.13
754f66af ioctl TIOCGPTPEER from linux v4.13
c35a8bf4 add SO_ getsockopt options from linux v4.13
5daaed6a s390x: add syscall number for s390_guarded_storage from linux v4.12
2dc6760f i386: add arch_prctl syscall number from linux v4.12
840d45be aarch64: add new HWCAP_* flags from linux v4.12
4c811227 add ARPHDR_VSOCKMON from linux v4.12
54f04d99 add new SO_ socket options from linux v4.12
9864f60e add statx syscall numbers from linux v4.11
c519658c add TCP_NLA_* enums from linux v4.11
ee3ae782 add TCP_FASTOPEN_CONNECT tcp socket option from linux v4.11
3eb82f73 add ETH_P_IBOE from linux v4.11
bd1560f6 update aarch64 hwcap.h for linux v4.11
cee73f0c add kexec_file_load syscall number on powerpc from linux v4.10
8f569557 add microblaze syscall numbers from linux v4.10
d8004030 add TFD_TIMER_CANCEL_ON_SET that timerfd.h was missing
f5638c22 add ETH_MIN_MTU and ETH_MAX_MTU from linux v4.10
01369691 add IP_RECVFRAGSIZE and IPV6_RECVFRAGSIZE from linux v4.10
5c596ed8 add SCM_TIMESTAMPING_OPT_STATS and related TCP_ enums from linux v4.10
6fc6ca1a adjust posix_spawn dup2 action behavior to match future requirements

Cc: Syrone Wong <wong.syrone@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-08 19:54:21 +01:00
Felix Fietkau
981be0c3bd toolchain/musl: update to version 1.1.18
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-11-09 12:35:31 +01:00
Christian Lamparter
a8a5cb9595 musl: update musl to 1.1.16+ and switch to download from git
This patch updates musl to 1.1.16+ [0] and removes all the
backported patches. This is a major release and tagged as such.
For more information visit musl-libc.org or read the WHATSNEW.

Furthermore, this patch also changes musl to download directly
from git. This makes it easier to update musl in the future.

The patch custom Add-format-attribute-to-some-function-declarations.patch
was assigned a new 400- number. This should avoid confusion
since 0xx numbers are usually assigned to backports.

[0] <http://git.musl-libc.org/cgit/musl/commit/?id=769f53598e781ffc89191520f3f8a93cb58db91f>

Cc: Hannu Nyman <hannu.nyman@iki.fi>
Cc: Koen Vandeputte <koen.vandeputte@ncentric.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2017-01-16 20:40:00 +01:00
Koen Vandeputte
4c4047ec19 musl: refresh patches
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-12-26 11:17:33 +01:00
Koen Vandeputte
2912f9f2a2 musl: backport various post-1.1.15 fixes
Backport most important fixes up to latest HEAD

- Taken post-commit reverts/fixes into account

Compile tested
Run-tested on cns3xxx & imx6 targets

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-12-26 11:17:33 +01:00
Koen Vandeputte
b97c933ffb musl: rename a custom backport patch
Ensure there is room in the numbering for next patches

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-12-26 11:17:33 +01:00
Hannu Nyman
671cb35880 musl: fix parsing of quoted time zone names
fix parsing of the < > quoted time zone names. Compare the correct
character instead of repeatedly comparing the first character.

Patch has been submitted to upstream as
http://www.openwall.com/lists/musl/2016/10/24/3

Longer explanation in
http://www.openwall.com/lists/musl/2016/10/19/1

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
[Jo-Philipp Wich: move references into commit message, shorten title prefix]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 12:55:27 +01:00
Hauke Mehrtens
9816d2f5f5 musl: update musl to version 1.1.15
The removed patch is already integrated in upstream musl.
Add one additional patch which fixes a regression on mips.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-13 23:04:19 +02:00
Felix Fietkau
7eeb254cc4 treewide: replace nbd@openwrt.org with nbd@nbd.name
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-07 08:58:42 +02:00
Felix Fietkau
fb0fcf9ae2 musl: update to latest git, adds some fixes for the mips64 port and regular expressions
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48957
2016-03-07 21:00:49 +00:00
Felix Fietkau
e70ec04eb3 musl: add mips64 port
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48803
2016-02-26 10:55:59 +00:00
Felix Fietkau
796968fc0f musl: update to version 1.1.14
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48762
2016-02-25 09:24:46 +00:00
Felix Fietkau
8fe8360981 musl: fix an alignment issue that was breaking ldso on ARMv5
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48577
2016-01-31 00:55:05 +00:00
Felix Fietkau
0c6b003704 musl: fix GDB debugging on mips (local, remote)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48575
2016-01-30 20:15:16 +00:00
Felix Fietkau
ed95e47f07 musl: update to the latest git version, fixes TLS issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48574
2016-01-30 20:15:11 +00:00
Hauke Mehrtens
998f8bd02c musl: fix mips vdso handling
mips returns -ENOSYS in case it can not handle the vdso call and wants
the libc to call the original syscall in such a case. This fixes the
patch to add such handling. I hope this fixes the random reboots I got.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48501
2016-01-25 23:26:19 +00:00
Felix Fietkau
99419349e6 musl: update to 1.1.12 + git from 2016-01-22
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48486
2016-01-25 12:42:00 +00:00
Hauke Mehrtens
be5fcf9fd7 musl: Add format attribute to some function declarations
GCC and Clang are able to check the format arguments given to a
function and warn the user if there is a error in the format arguments
or if there is a potential uncontrolled format string security problem
in the code. GCC does this automatically for some functions like
printf(), but it is also possible to annotate other functions in a way
that it will check them too. This feature is used by glibc for many
functions. This patch adds the attribute to the some functions of musl
expect for these functions where gcc automatically adds it.

GCC automatically adds checks for these functions: printf, fprintf,
sprintf, scanf, fscanf, sscanf, strftime, vprintf, vfprintf and
vsprintf.

The documentation from gcc is here:
https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html

The documentation from Clang is here:
http://clang.llvm.org/docs/AttributeReference.html#format-gnu-format

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48467
2016-01-24 00:05:14 +00:00
Hauke Mehrtens
b5d6256ca8 musl: mips: add vdso support
vdso support is available on mips starting with kernel 4.4, see kernel
commit a7f4df4e21 "MIPS: VDSO: Add implementations of gettimeofday()
and clock_gettime()" for details.

These are my micro benchmark results for 1.000.000 calls to
clock_gettime(CLOCK_MONOTONIC, &tp)

without vdso:
root@OpenWrt:/# time ./vdso-test
real 0m 0.95s
user 0m 0.24s
sys 0m 0.70s

with vdso:
root@OpenWrt:/# time /usr/bin/vdso-test
real 0m 0.35s
user 0m 0.34s
sys 0m 0.00s

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48466
2016-01-23 23:48:55 +00:00
Felix Fietkau
d0077103b7 musl: backport a fix that caused the wrong relocations to be emitted on some architectures
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48444
2016-01-21 19:00:51 +00:00
Jo-Philipp Wich
ab11edcd4c musl: fix handling of point-to-point interfaces in getifaddrs()
Current musl reports the peer (remote) address of a point-to-point
interface and does not store the local address at all.

Apply the same special treatment of IFA_LOCAL to musl's getifaddrs() which
is also used in glibc and uclibc.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 47488
2015-11-16 18:15:00 +00:00
John Crispin
5430c095af musl: add upstream patch for open_[w]memstream
This patch fixes corner case in open_memstrem, when stream is created,
but nothing is written.
This case is present in tgtadm, tgtd management tool.

Signed-off-by: Maxim Storchak <m.storchak@gmail.com>

SVN-Revision: 47339
2015-11-02 10:16:40 +00:00
Felix Fietkau
7ac91a91b3 musl: re-enable des crypto support, fixes pppd MPPE issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47078
2015-10-01 19:50:06 +00:00
Felix Fietkau
0c2f21d303 Revert "musl: fix termios struct c_ispeed/c_ospeed field names" (accidental commit)
SVN-Revision: 46898
2015-09-13 17:39:24 +00:00
Felix Fietkau
5dd5a2990e musl: fix termios struct c_ispeed/c_ospeed field names
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46896
2015-09-13 17:38:49 +00:00
Felix Fietkau
9365745f8e musl: add a hack to remove unused crypt() algorithms, saves ~14k after lzma
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46816
2015-09-08 10:57:11 +00:00
Felix Fietkau
58ab3ad6b0 musl: update to version 1.1.11
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46772
2015-09-02 15:44:17 +00:00
Steven Barth
a6dc587cf6 musl: fix getsubopt function
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46684
2015-08-18 09:18:40 +00:00
Felix Fietkau
5537698be1 musl: update to latest git version
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46481
2015-07-24 15:35:55 +00:00
Felix Fietkau
0f81020b97 gcc: use the -sf suffix for musl ldso on powerpc
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46313
2015-07-12 18:54:30 +00:00
Felix Fietkau
172374dbdd musl: add powerpc soft-float support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46267
2015-07-08 12:06:03 +00:00
Felix Fietkau
cd5d45604f musl: call a_crash() inside __stack_chk_fail_local instead of calling __stack_chk_fail
Fixes relocation errors on PowerPC

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46266
2015-07-08 12:05:55 +00:00
Felix Fietkau
2475351cb1 musl: update to latest git to fix MIPS and PowerPC TLS issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46134
2015-06-27 23:25:46 +00:00
Matteo Croce
c37d7a7e8f fix mklibs with musl
crate a relative symlink to libc.so because
make wildcard function ignores broken symlinks

SVN-Revision: 46123
2015-06-25 10:14:22 +00:00
Steven Barth
1877bc9d8f gcc/musl: rework SSP-support
Make musl provide libssp_nonshared.a and make GCC link it unconditionally
if musl is used. This should be a no-op if SSP is disabled and seems to be
the only reliable way of dealing with SSP over all packages due to the mess
that is linkerflags handling in packages.

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46108
2015-06-22 10:31:07 +00:00
Steven Barth
eb73f4aed7 musl: update musl to 2015-06-20
Fixes a mips-regression and a missing SSP function

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46075
2015-06-20 18:36:50 +00:00
Felix Fietkau
7b4d039e00 musl: read the timezone from /etc/TZ
Currently the OpenWRT boot scripts write the timezone configuration to
/tmp/TZ, relying on the behaviour of uClibc that the timezone is read
from /etc/TZ if no TZ env variable is found.

This works because /etc/TZ is a symlink to /tmp/TZ.

Musl libc however only reads the timezone from the TZ env variable and
if it doesn't find it or it's empty, it will look for a zoneinfo
file, that doesn't exist.

So in musl builds no timezone is ever set.

This patch fixes the issue by having musl libc behave like uClibc: if no
TZ env variable is found it will try to load it from /etc/TZ.

Signed-off-by: Gianluca Anzolin <gianluca at sottospazio.it>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46069
2015-06-19 17:48:11 +00:00
Felix Fietkau
41c53d8f0c musl: update to version 1.1.10+git
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46001
2015-06-16 11:55:23 +00:00
Felix Fietkau
555df40af9 musl: update to version 1.1.9
Patch to 2015-06-04 to fix ldso related regressions on PPC and MIPS.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45886
2015-06-04 20:08:39 +00:00
Felix Fietkau
3d35dfb782 Revert "musl: update to version 1.1.9" (r45754)
The current version seems to be broken on MIPS.

SVN-Revision: 45879
2015-06-03 00:22:51 +00:00
Felix Fietkau
8cff8c8b08 musl: update to version 1.1.9
Patch to 2015-05-25 to fix ldso related regressions on PPC and MIPS.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 45754
2015-05-25 23:11:01 +00:00