| Age | Commit message (Collapse) | Author |
|---|
|
Make sure that fts_safe_changedir can handle a directory with a time stamp
after y2038.
|
|
It adds the new fields on generic statx struct from Linux commit
5d894321c49e61379189b0ff605f316e39cbd1e9.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
It adds the new constant STATX_DIO_READ_ALIGN and related fields in
generic statx struct from Linux commit
7ed6cbe0f8caa6ee38a2dc8f1b925acb904cc01f.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
statx
The commit fc650bfd71081d26c1015d299827fb58a23a6b02 added
STATX_WRITE_ATOMIC/STATX_ATTR_WRITE_ATOMIC on the statx-generic.h
without updating the generic statx struct.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
The commit bbb6a742c88b4a37c5410eceefbc9c94df815075 added
STATX_SUBVOL on the statx-generic.h without updating the
generic statx struct.
|
|
The commit 07937809ac377f8ffb5bad3335194dd9a447922f added
STATX_MNT_ID_UNIQUE on the statx-generic.h without updating the
generic statx struct.
|
|
The commit 88a2cf6c4bab6e94a65e9c0db8813709372e9180 added
STATX_MNT_ID_UNIQUE on the statx-generic.h without updating the
generic statx struct.
|
|
The setrlimit(2) function returns 0 on success and -1 on error, but
several test files were incorrectly checking for a return value of 1
to detect errors. This means the error checks would never trigger,
causing tests to continue silently even when setrlimit() failed.
This commit fixes the error checks in five files to correctly test
for -1, matching both the documented behavior and the pattern used
correctly in other parts of the codebase.
Signed-off-by: Osama Abdelkader <osama.abdelkader@gmail.com>
Reviewed-by: Collin Funk <collin.funk1@gmail.com>
|
|
Mode 0777 should be used for directories only because it results
in executable entries (after typical umasks are applied).
Reviewed-by: Arjun Shankar <arjun@redhat.com>
|
|
Call support_create_temp_directory to create a temporary directory for
symlink test, instead of a fixed file in the glibc source tree, to avoid
the race condition when there are more than one glibc tests running at the
same time with the same glibc source tree. This fixes BZ #33178.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Andreas K. Huettel <dilfridge@gentoo.org>
|
|
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
The definition may depend on termios internals.
|
|
The fstatat behaviour when the target is a dangling symlink is different
if flags contains AT_SYMLINK_NOFOLLOW or not.
Add a test for this and document it.
|
|
Document the fstatat behaviour leading to a ENOENT errno, and extend
tests to test the case where filename does not exist.
Signed-off-by: Matteo Croce <teknoraver@meta.com>
|
|
Replace local_isatty() inlined in libio with a proper function
__isatty_nostatus(). This allows simpler system-specific
implementations that don't need to touch errno at all.
Note: I left the prototype in include/unistd.h (the internal header
file.) It didn't much make sense to me to put it in a different header
(not-cancel.h), but perhaps someone can elucidate the need.
Add such an implementation for Linux, with a generic fallback.
Signed-off-by: H. Peter Anvin (Intel) <hpa@zytor.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
In commit 0476597b28 flock() was marked __wur in posix/unistd.h, but not
in io/fcntl.h, the declarations must match.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
|
|
Since Linux 6.11 the kernel allows path to be NULL if flags &
AT_EMPTY_PATH. Let's allow users to take the advantage if they don't
care running on old kernels.
Signed-off-by: Miao Wang <shankerwangmiao@gmail.com>
Signed-off-by: Xi Ruoyao <xry111@xry111.site>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
This matches kernel behavior. With this change, it is possible
to use utimensat as a replacement for the futimens interface,
similar to what glibc does internally.
Reviewed-by: Paul Eggert <eggert@cs.ucla.edu>
|
|
Since GCC 4.9 doesn't have __builtin_add_overflow:
In file included from tst-stringtable.c:180:0:
stringtable.c: In function ‘stringtable_finalize’:
stringtable.c:185:7: error: implicit declaration of function ‘__builtin_add_overflow’ [-Werror=implicit-function-declaration]
else if (__builtin_add_overflow (previous->offset,
^
return EXIT_UNSUPPORTED for GCC 4.9 or older.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
|
|
Add a new test tst-faccessat-setuid that iterates through real and
effective UID/GID combination and tests the faccessat() interface for
default and AT_EACCESS flags.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
Use libsupport convenience functions and macros instead of the old
test-skeleton. Also add a new xdup() convenience wrapper function.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
When building with e.g. -std=c99 and _ATFILE_SOURCE, stat.h was missing
including bits/types/struct_timespec.h to get the struct timespec
declaration for utimensat.
|
|
It adds the new constants from 'fs: Add initial atomic write support
info to statx' (commit 0f9ca80fa4f9670ba09721e4e36b8baf086a500c).
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
|
|
The -Wp does not work properly if the compiler is configured to enable
fortify by default, since it bypasses the compiler driver (which defines
the fortify flags in this case).
This patch is similar to the one used on Ubuntu [1].
I checked with a build for x86_64-linux-gnu, i686-linux-gnu,
aarch64-linux-gnu, s390x-linux-gnu, and riscv64-linux-gnu with
gcc-13 that enables the fortify by default.
Co-authored-by: Matthias Klose <matthias.klose@canonical.com>
[1] https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/glibc/tree/debian/patches/ubuntu/fix-fortify-source.patch
Reviewed-by: DJ Delorie <dj@redhat.com>
|
|
Test all mode arguments, and that extra bits are ignored
as required by POSIX.
Reviewed-by: DJ Delorie <dj@redhat.com>
|
|
They verify that lstat, lstat64 do not follow symbolic links.
Reviewed-by: DJ Delorie <dj@redhat.com>
|
|
We must not change the permissions of /dev/null if running
as root.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
On Linux most descriptors that do not correspond to file system
entities (such as anonymous pipes and sockets) have file permissions
that can be changed. While it is possible to create a custom file
system that returns (say) EINVAL for an fchmod attempt, testing this
does not appear to be useful.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
The test io/tst-mkdirat doesn't verify the permissions on the created
directory (thus, doesn't verify at all anything about how mkdirat uses
the mode argument). Add checks of this to the existing test.
Tested for x86_64.
|
|
Macros will automatically use the correct types, without
having to fiddle with internal glibc macros. It's also
impossible to get the types wrong due to aliasing because
support_check_stat_fd and support_check_stat_path do not
depend on the struct stat* types.
The changes reveal some inconsistencies in tests.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
This avoids the need to define struct_statx to an appropriate
struct stat type variant because struct statx does not change
based on time/file offset flags.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
Tested for aarch64-linux-gnu.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
The clang open fortify wrapper from 4228baef1a94e8bde84ad74 added
a restriction where open with 3 arguments where flags do not
contain O_CREAT or O_TMPFILE are handled as invalid. They are
not invalid, since the third argument is ignored, and the gcc
wrapper also allows it.
Checked x86_64-linux-gnu and with a yocto build for some affected
packages.
Tested-by: “Khem Raj <raj.khen@gmail.com>”
|
|
The fcntl.h fortify wrapper for clang added by 86889e22db329abac61
missed the __fortify_clang_overload_arg and and also added the
mode argument for the __fortify_function_error_function function,
which leads clang to be able to correct resolve which overloaded
function it should emit.
Checked on x86_64-linux-gnu.
Reported-by: Khem Raj <raj.khem@gmail.com>
Tested-by: Khem Raj <raj.khem@gmail.com>
|
|
It was raised on libc-help [1] that some Linux kernel interfaces expect
the libc to define __USE_TIME_BITS64 to indicate the time_t size for the
kABI. Different than defined by the initial y2038 design document [2],
the __USE_TIME_BITS64 is only defined for ABIs that support more than
one time_t size (by defining the _TIME_BITS for each module).
The 64 bit time_t redirects are now enabled using a different internal
define (__USE_TIME64_REDIRECTS). There is no expected change in semantic
or code generation.
Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu, and
arm-linux-gnueabi
[1] https://sourceware.org/pipermail/libc-help/2024-January/006557.html
[2] https://sourceware.org/glibc/wiki/Y2038ProofnessDesign
Reviewed-by: DJ Delorie <dj@redhat.com>
|
|
Linux 6.8 adds a new STATX_MNT_ID_UNIQUE constant. Add it to glibc's
bits/statx-generic.h.
Tested for x86_64.
|
|
When passed a pointer to a zero-sized struct, the access attribute
without the third argument misleads -Wstringop-overflow diagnostics to
think that a function is writing 1 byte into the zero-sized structs.
The attribute doesn't add that much value in this context, so drop it
completely for _FORTIFY_SOURCE=3.
Resolves: BZ #31383
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
It improves open, open64, openat, and openat64. The compile and runtime
checks have similar coverage as with GCC.
Checked on aarch64, armhf, x86_64, and i686.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
|
|
It improve fortify checks recv, recvfrom, poll, and ppoll. The compile
and runtime hecks have similar coverage as with GCC.
Checked on aarch64, armhf, x86_64, and i686.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
|
|
|
|
A recent commit, apparently commit
6c6fce572fb8f583f14d898e54fd7d25ae91cf56 "elf: Remove /etc/suid-debug
support", resulted in localplt failures for i686-gnu and x86_64-gnu:
Missing required PLT reference: ld.so: __access_noerrno
After that commit, __access_noerrno is actually no longer used at all.
So rather than just removing the localplt expectation for that symbol
for Hurd, completely remove all definitions of and references to that
symbol.
Tested for x86_64, and with build-many-glibcs.py for i686-gnu and
x86_64-gnu.
|
|
Linux 6.6 (09da082b07bbae1c) added support for fchmodat2, which has
similar semantics as fchmodat with an extra flag argument. This
allows fchmodat to implement AT_SYMLINK_NOFOLLOW and AT_EMPTY_PATH
without the need for procfs.
The syscall is registered on all architectures (with value of 452
except on alpha which is 562, commit 78252deb023cf087).
The tst-lchmod.c requires a small fix where fchmodat checks two
contradictory assertions ('(st.st_mode & 0777) == 2' and
'(st.st_mode & 0777) == 3').
Checked on x86_64-linux-gnu on a 6.6 kernel.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
This fixes a typo.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
Commit 5f828ff824e3b7cd1 ("io: Fix F_GETLK, F_SETLK, and F_SETLKW for
powerpc64") fixed an issue with the value of the lock constants on
powerpc64 when not using __USE_FILE_OFFSET64, but it ended-up also
changing the value when using __USE_FILE_OFFSET64 causing an API change.
Fix that by also checking that define, restoring the pre
4d0fe291aed3a476a commit values:
Default values:
- F_GETLK: 5
- F_SETLK: 6
- F_SETLKW: 7
With -D_FILE_OFFSET_BITS=64:
- F_GETLK: 12
- F_SETLK: 13
- F_SETLKW: 14
At the same time, it has been noticed that there was no test for io lock
with __USE_FILE_OFFSET64, so just add one.
Tested on x86_64-linux-gnu, i686-linux-gnu and
powerpc64le-unknown-linux-gnu.
Resolves: BZ #30804.
Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
|
|
On i686 f_type is an i32 so the test fails when that has the top bit set.
Explicitly cast to u32.
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
This is the only missing part in struct statvfs.
The LSB calls [f]statfs() deprecated, and its weird types are definitely
off-putting. However, its use is required to get f_type.
Instead, allocate one of the six spares to f_type,
copied directly from struct statfs.
This then becomes a small glibc extension to the standard interface
on Linux and the Hurd, instead of two different interfaces, one of which
is quite odd due to being an ABI type, and there no longer is any reason
to use statfs().
The underlying kernel type is a mess, but all architectures agree on u32
(or more) for the ABI, and all filesystem magicks are 32-bit integers.
We don't lose any generality by using u32, and by doing so we both make
the API consistent with the Hurd, and allow C++
switch(f_type) { case RAMFS_MAGIC: ...; }
Also fix tst-statvfs so that it actually fails;
as it stood, all it did was return 0 always.
Test statfs()' and statvfs()' f_types are the same.
Link: https://lore.kernel.org/linux-man/f54kudgblgk643u32tb6at4cd3kkzha6hslahv24szs4raroaz@ogivjbfdaqtb/t/#u
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
Since the _FORTIFY_SOURCE feature uses some routines of Glibc, they need to
be excluded from the fortification.
On top of that:
- some tests explicitly verify that some level of fortification works
appropriately, we therefore shouldn't modify the level set for them.
- some objects need to be build with optimization disabled, which
prevents _FORTIFY_SOURCE to be used for them.
Assembler files that implement architecture specific versions of the
fortified routines were not excluded from _FORTIFY_SOURCE as there is no
C header included that would impact their behavior.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
|
|
|
|
With fortification enabled, ftruncate calls return result needs to be
checked, has it gets the __wur macro enabled.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
|
|
Using write without cheks leads to warn unused result when __wur is
enabled.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
|
