Commit Graph

98 Commits

Author SHA1 Message Date
Justin Hibbits
f62da49b2f powerpc: Transition to Secure-PLT, like most other OSs
Summary:
PowerPC has two PLT models: BSS-PLT and Secure-PLT.  BSS-PLT uses runtime
code generation to generate the PLT stubs.  Secure-PLT was introduced with
GCC 4.1 and Binutils 2.17 (base has GCC 4.2.1 and Binutils 2.17), and is a
more secure PLT format, using a read-only linkage table, with the dynamic
linker populating a non-executable index table.

This is the libc, rtld, and kernel support only.  The toolchain and build
parts will be updated separately.

Reviewed By: nwhitehorn, bdragon, pfg
Differential Revision: https://reviews.freebsd.org/D20598
MFC after:	1 month
2019-06-25 00:40:44 +00:00
Konstantin Belousov
5d00c5a657 Fix initial exec TLS mode for dynamically loaded shared objects.
If dso uses initial exec TLS mode, rtld tries to allocate TLS in
static space. If there is no space left, the dlopen(3) fails. If space
if allocated, initial content from PT_TLS segment is distributed to
all threads' pcbs, which was missed and caused un-initialized TLS
segment for such dso after dlopen(3).

The mode is auto-detected either due to the relocation used, or if the
DF_STATIC_TLS dynamic flag is set.  In the later case, the TLS segment
is tried to allocate earlier, which increases chance of the dlopen(3)
to succeed.  LLD was recently fixed to properly emit the flag, ld.bdf
did it always.

Initial test by:	dumbbell
Tested by:	emaste (amd64), ian (arm)
Tested by:	Gerald Aryeetey <aryeeteygerald_rogers.com> (arm64)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19072
2019-03-29 17:52:57 +00:00
Brooks Davis
db19a093bb Remove MD __sys_* private symbols.
No references to any of these exist in the tree. The list was also
erratic with different architectures exporting different things
(arm64 and riscv exported none).

Reviewed by:	kib
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D18425
2018-12-05 00:46:09 +00:00
Mark Johnston
9f9c9b22ec Reimplement brk() and sbrk() to avoid the use of _end.
Previously, libc.so would initialize its notion of the break address
using _end, a special symbol emitted by the static linker following
the bss section.  Compatibility issues between lld and ld.bfd could
cause the wrong definition of _end (libc.so's definition rather than
that of the executable) to be used, breaking the brk()/sbrk()
interface.

Avoid this problem and future interoperability issues by simply not
relying on _end.  Instead, modify the break() system call to return
the kernel's view of the current break address, and have libc
initialize its state using an extra syscall upon the first use of the
interface.  As a side effect, this appears to fix brk()/sbrk() usage
in executables run with rtld direct exec, since the kernel and libc.so
no longer maintain separate views of the process' break address.

PR:		228574
Reviewed by:	kib (previous version)
MFC after:	2 months
Differential Revision:	https://reviews.freebsd.org/D15663
2018-06-04 19:35:15 +00:00
Brooks Davis
87385baff6 Replace MD assembly exect() with a portable version.
Originally, on the VAX exect() enable tracing once the new executable
image was loaded.  This was possible because tracing was controllable
through user space code by setting the PSL_T flag.  The following
instruction is a system call that activated tracing (as all
instructions do) by copying PSL_T to PSL_TP (trace pending).  The
first instruction of the new executable image would trigger a trace
fault.

This is not portable to all platforms and the behavior was replaced with
ptrace(PT_TRACE_ME, ...) since FreeBSD forked off of the CSRG repository.
Platforms either incorrectly call execve(), trigger trace faults inside
the original executable, or do contain an implementation of this
function.

The exect() interfaces is deprecated or removed on NetBSD and OpenBSD.

Submitted by:	Ali Mashtizadeh <ali@mashtizadeh.com>
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D14989
2018-04-12 18:23:14 +00:00
Brooks Davis
047a2ef697 Remove caching from getlogin(2).
This caching has existed since the CSRG import, but serves no obvious
purpose. Sure, setlogin() is called rarely, but calls to getlogin()
should also be infrequent. The required invalidation was not
implemented on aarch64, arm, mips, amd riscv so updates would never
occur if getlogin() was called before setlogin().

Reported by:	Ali Mashtizadeh <ali@mashtizadeh.com>
Reviewed by:	kib
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D14965
2018-04-06 17:17:34 +00:00
John Baldwin
80996ef878 Remove bogus checks against NCARGS.
NCARGS isn't a limit on the number of arguments to pass to a function,
but the number of bytes that can be consumed by arguments to exec.  As
such, it is not suitable for a limit on the count of arguments passed
to makecontext().

Sponsored by:	DARPA / AFRL
2018-01-31 17:57:59 +00:00
Pedro F. Giffuni
d915a14ef0 libc: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
2017-11-25 17:12:48 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Brooks Davis
13f2393362 Correct an misunderstanding of MDSRCS.
MDSRCS it intended to allow assembly versions of funtions with C
implementations listed in MISRCS. The selection of the correct
machdep_ldis?.c for a given architecture does not follow this pattern
and the file should be added to SRCS directly.

Reviewed by:	emaste, imp, jhb
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D9841
2017-03-02 17:07:28 +00:00
Justin Hibbits
80d2e10c9b Fix a typo which broke the build for powerpc.
It's spelled LIBC_SRCTOP not LIBC_SRC.

Pointy-hat to:	jhibbits
Reported by:	kib
2016-10-25 01:32:35 +00:00
Justin Hibbits
54360de77b Reduce code duplication between powerpc and powerpcspe
They're nearly identical except for a few files.
Reported by:	kib
2016-10-22 21:51:58 +00:00
Brooks Davis
aec2fba60f Reduce duplicate NOASM and PSEUDO definitions
The initial value of NOASM is nearly the same in all cases and the
initial value of PSEUDO is the same in all cases so reduce duplication
(and hopefully, future merge conflicts) by machine independent defaults.

Also document the PSEUDO variable.

Reviewed by:	jhb, kib
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D7820
2016-09-08 22:38:20 +00:00
Konstantin Belousov
afd3e268d2 Rewrite ptrace(2) wrappers in C.
Besides removing hand-translation to assembler, this also adds missing
wrappers for arm64 and risc-v.

Reviewed by:	emaste, jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D7694
2016-08-29 18:47:51 +00:00
George V. Neville-Neil
5cba398b0c Remove unusedd and obsolete openbsd_poll system call. (Phase 1)
Reported by:	brooks
Reviewed by:	brooks,jhb
Differential Revision:	https://reviews.freebsd.org/D7548
2016-08-18 10:50:40 +00:00
Brooks Davis
b60998c633 Replace use of the pipe(2) system call with pipe2(2) with a zero flags
value.

This eliminates the need for machine dependant assembly wrappers for
pipe(2).

It also make passing an invalid address to pipe(2) return EFAULT rather
than triggering a segfault.  Document this behavior (which was already
true for pipe2(2), but undocumented).

Reviewed by:	andrew
Approved by:	re (gjb)
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D6815
2016-06-22 21:11:27 +00:00
Pedro F. Giffuni
bf51882a09 libc: make some more use of the nitems() macro.
We have an nitems() macro in the <sys/param.h> header that is
convenient to re-use as it makes things easier to read.
Given that it is available already without adding additional
headers and other parts of libc already use it, extend a bit
more its use.
2016-04-16 17:52:00 +00:00
Ed Maste
a38e4f5cc6 libc: stop exporting cerror
i386 stopped exporting .cerror in r240152, and likewise for amd64 in
r240178. It is not used by other libraries on any platform, so apply
the same change to the remaining architectures.

Reviewed by:	jhibbits, jilles
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5774
2016-03-30 14:42:09 +00:00
Ed Maste
dae2d550d6 libc: stop exporting curbrk and minbrk in the private namespace
They are not used anywhere else in the base system and are an internal
implementation detail that does not need to be exposed.

Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5728
2016-03-24 18:47:19 +00:00
Nathan Whitehorn
97a5390e6d Make unions in PowerPC libc endian-safe. 2016-02-26 20:38:23 +00:00
Craig Rodrigues
6874645fa9 Add include for declaration of _set_tp(). Eliminates -Wmissing-prototypes warnings. 2015-09-20 04:59:01 +00:00
Konstantin Belousov
0538aafc41 The lseek(2), mmap(2), truncate(2), ftruncate(2), pread(2), and
pwrite(2) syscalls are wrapped to provide compatibility with pre-7.x
kernels which required padding before the off_t parameter.  The
fcntl(2) contains compatibility code to handle kernels before the
struct flock was changed during the 8.x CURRENT development.  The
shims were reasonable to allow easier revert to the older kernel at
that time.

Now, two or three major releases later, shims do not serve any
purpose.  Such old kernels cannot handle current libc, so revert the
compatibility code.

Make padded syscalls support conditional under the COMPAT6 config
option.  For COMPAT32, the syscalls were under COMPAT6 already.

Remove WITHOUT_SYSCALL_COMPAT build option, which only purpose was to
(partially) disable the removed shims.

Reviewed by:	jhb, imp (previous versions)
Discussed with:	peter
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2015-04-18 21:50:13 +00:00
Justin Hibbits
6554d5b421 Fix powerpc setjmp FPR saving/restoring.
X-MFC-With:	r279784
2015-04-08 00:32:39 +00:00
Ed Maste
541236cf60 libc: Eliminate duplicate copies of __vdso_gettc.c
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D2152
2015-04-02 21:18:11 +00:00
Nathan Whitehorn
1ee3532451 Save and restore non-volatile floating-point registers during longjmp().
This should also save and restore non-volatile Altivec registers, but that
needs to wait on solving two problems:
1. Adding the nonvolatile vector registers means we need 5 more than _JBLEN
   entries in jmp_buf on 32-bit targets (64-bit is OK).
2. Need to figure out how to determine if saving/restoring vector regs
   is supported on the current CPU from userland.

MFC after:	1 month
2015-03-08 19:37:08 +00:00
Ed Maste
4b12fb6103 Remove duplicate copies of trivial getcontextx.c
Only i386 and amd64 provide a non-trivial __getcontextx(). Use a common
trivial implementation in gen/ for other architectures, rather than
copying the file to each MD subdirectory.

Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D1472
2015-01-12 18:13:38 +00:00
Justin Hibbits
85eda151ff Avoid use of register variables. Clang 3.5 treats this as undefined behavior,
and bad things happen.

MFC after:	1 week
2015-01-06 03:50:43 +00:00
Baptiste Daroussin
ad9bbe9854 Ensure that every ENTRY(foo) has a matching END(foo).
It allows to build with newer binutils

Differential Revision:	https://reviews.freebsd.org/D877
Reviewed by:	jhibbits
2014-10-01 15:00:21 +00:00
Warner Losh
a5fc5b6223 Convert from WITHOUT_SYSCALL_COMPAT to MK_SYSCALL_COMPAT. 2014-04-05 17:54:43 +00:00
Marcel Moolenaar
8876613dc5 Replace use of ${.CURDIR} by ${LIBC_SRCTOP} and define ${LIBC_SRCTOP}
if not already defined. This allows building libc from outside of
lib/libc using a reach-over makefile.

A typical use-case is to build a standard ILP32 version and a COMPAT32
version in a single iteration by building the COMPAT32 version using a
reach-over makefile.

Obtained from:	Juniper Networks, Inc.
2014-03-04 02:19:39 +00:00
Andreas Tobler
f9cc6b5558 Get rid of the CONCAT macro. 2013-11-23 18:50:43 +00:00
Andriy Gapon
a29cc9a34b Revert r253748,253749
This WIP should not have been committed yet.

Pointyhat to:	avg
2013-07-28 18:44:17 +00:00
Andriy Gapon
c722ec3a51 remove needless inclusion of machine/cpu.h in userland
MFC after:	21 days
2013-07-28 18:35:43 +00:00
Konstantin Belousov
55a1911ef2 The getcontext() from the __fillcontextx() call in the
check_deferred_signal() returns twice, since handle_signal() emulates
the return from the normal signal handler by sigreturn(2)ing the
passed context.  Second return is performed on the destroyed stack
frame, because __fillcontextx() has already returned.  This causes
undefined and bad behaviour, usually the victim thread gets SIGSEGV.

Avoid nested frame and the need to return from it by doing direct call
to getcontext() in the check_deferred_signal() and using a new private
libc helper __fillcontextx2() to complement the context with the
extended CPU state if the deferred signal is still present.

The __fillcontextx() is now unused, but is kept to allow older
libthr.so to be used with the new libc.

Mark __fillcontextx() as returning twice [1].

Reported by:	pgj
Pointy hat to:	kib
Discussed with:	dim
Tested by:	pgj, dim
Suggested by:	jilles [1]
MFC after:	1 week
2013-05-28 04:54:16 +00:00
Konstantin Belousov
150facd256 Rework the __vdso_* symbols attributes to only make the symbols weak,
but use normal references instead of weak.  This makes the statically
linked binaries to use fast gettimeofday(2) by forcing the linker to
resolve references and providing the neccessary functions.

Reported by:	bde
Tested by:	marius (sparc64)
MFC after:	2 weeks
2013-01-30 12:48:16 +00:00
Marcel Moolenaar
f7e3011309 Doh... Don't add __eabi to an old version tag (i.e. FBSD_1.0). Add it to the
current one (= FBSD_1.3).

Pointed out by: kib
2012-05-25 16:30:42 +00:00
Marcel Moolenaar
a4dcff16c8 Allow building for the PowerPC EABI by providing a dummy __eabi()
function. The purpose of the __eabi() function is to set up the
runtime and is called first thing by main(). The runtime is already
set up for us prior to caling main, so there's nothing to do for
us in the EABI case.
2012-05-24 20:12:46 +00:00
Nathan Whitehorn
88fe385600 Do not restore the register holding the TLS pointer when doing various
usermode context switches (long jumps and ucontext operations). If these
are used across threads, multiple threads can end up with the same TLS base.
Madness will then result.

This makes behavior on PPC match that on x86 systems and on Linux.

MFC after:	10 days
2012-04-11 00:00:40 +00:00
Andreas Tobler
54558cdc0e Replace the assembler macro WEAK_ALIAS with a new macro WEAK_REFERENCE which
has the same API as __weak_reference(). Give 'x' in SYS.h a more meaningful
name.

Tested on 32- and 64-bit PowerMac.

Reviewed by:	bde
2012-02-05 20:04:43 +00:00
Konstantin Belousov
754f1c1e63 Make the sys/ucontext.h self-contained by changing the return type
of __getcontextx_size(3) from size_t to int.

PR:	ports/164654
MFC after:	1 month
2012-02-01 13:33:53 +00:00
Konstantin Belousov
2b1de0afd1 Add API for obtaining extended machine context states that cannot be
fit into existing mcontext_t.

On i386 and amd64 do return the extended FPU states using
getcontextx(3). For other architectures, getcontextx(3) returns the
same information as getcontext(2).

Tested by:  pho
MFC after:  1 month
2012-01-21 18:00:28 +00:00
Andreas Tobler
d172493d20 Two other places where we can use WEAK_ALIAS. 2012-01-08 11:57:38 +00:00
Andreas Tobler
b286f80c2d Use the macro WEAK_ALIAS. Tested on 32 and 64-bit. 2012-01-06 09:21:40 +00:00
David Schultz
6232589aeb Replace a proliferation of buggy MD implementations of modf() with a
working MI one.  The MI one only needs to be overridden on machines
with non-IEEE754 arithmetic.  (The last supported one was the VAX.)
It can also be overridden if someone comes up with a faster one that
actually passes the regression tests -- but this is harder than it sounds.
2011-10-21 06:40:36 +00:00
Rebecca Cran
6bccea7c2b Fix typos - remove duplicate "the".
PR:	bin/154928
Submitted by:	Eitan Adler <lists at eitanadler.com>
MFC after: 	3 days
2011-02-21 09:01:34 +00:00
Konstantin Belousov
8f861da99c Mark assembler sources from libc as working with non-executable stack.
Reviewed and tested by:	nwhitehorn
2011-01-14 11:33:40 +00:00
Joel Dahl
edb8858bd1 The NetBSD Foundation has granted permission to remove clause 3 and 4 from
their software.

Obtained from:	NetBSD
2010-03-02 22:11:14 +00:00
Ed Schouten
a1b5a8955e Mark uname(), getdomainname() and setdomainname() with COMPAT_FREEBSD4.
Looking at our source code history, it seems the uname(),
getdomainname() and setdomainname() system calls got deprecated
somewhere after FreeBSD 1.1, but they have never been phased out
properly. Because we don't have a COMPAT_FREEBSD1, just use
COMPAT_FREEBSD4.

Also fix the Linuxolator to build without the setdomainname() routine by
just making it call userland_sysctl on kern.domainname. Also replace the
setdomainname()'s implementation to use this approach, because we're
duplicating code with sysctl_domainname().

I wasn't able to keep these three routines working in our
COMPAT_FREEBSD32, because that would require yet another keyword for
syscalls.master (COMPAT4+NOPROTO). Because this routine is probably
unused already, this won't be a problem in practice. If it turns out to
be a problem, we'll just restore this functionality.

Reviewed by:	rdivacky, kib
2008-11-09 10:45:13 +00:00
Nathan Whitehorn
a63c2f9df0 Fix some ifdef logic in the libc syncicache() bit that I somehow missed in the
last commit. Now it really can use a runtime-set cacheline size.
2008-09-24 01:06:11 +00:00
Nathan Whitehorn
4c01c0b965 Allow the cacheline size on PowerPC to be set at runtime. This is essential for
supporting 64-bit CPUs, which often have 128-byte cache lines instead of the
standard 32.
2008-09-24 00:28:46 +00:00