Staging tree of Piotr Dymacz https://git.openwrt.org/openwrt/staging/pepe2k/atom?h=master 2025-05-21T11:50:25Z 2025-05-21T11:50:25Z Konstantin Demin 2025-05-21T05:34:16Z urn:sha1:328eb84ee4e2a7573e7d5de348ed0a72d1cb054f 3be3728d elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static 454f24e9 support: Use const char * argument in support_capture_subprogram_self_sgid 4335cd9b support: Add support_record_failure_barrier 31fa0f73 elf: Test case for bug 32976 (CVE-2025-4802) ca41fe44 x86_64: Fix typo in ifunc-impl-list.c. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> Link: https://github.com/openwrt/openwrt/pull/18863 Signed-off-by: Robert Marko <robimarko@gmail.com> 2025-05-20T09:42:24Z Konstantin Demin 2025-05-20T07:04:14Z urn:sha1:45889aecf8aa818bc00ac254b7ef2f6b3246a067 Minimum kernel version is 6.6 so it's safe to increase minimum kernel version to 6.6 for glibc too. This change effectively removes last compatibility quirk in [1] which leads to better/faster detection of SVE support in string ifuncs for aarch64. Furthermore, this change will allow to use "fchmodat2" syscall within fchmodat() wrapper in future glibc versions (starting from 2.39) as noted in [2] and [3]. [1] https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/aarch64/cpu-features.c;h=4a205a6b35050ffcfac771b4b4ff2d9fb7581f93;hb=refs/heads/release/2.38/master [2] https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/kernel-features.h;h=86b2d3ce512588c8823c11076c91116092836402;hb=refs/heads/release/2.41/master [3] https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/fchmodat.c;h=dd1fa5db86bde99fe3eb4804b06c5adf11914b94;hb=refs/heads/release/2.41/master Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> Link: https://github.com/openwrt/openwrt/pull/18850 Signed-off-by: Robert Marko <robimarko@gmail.com> 2025-05-01T17:26:53Z Konstantin Demin 2025-05-01T16:07:10Z urn:sha1:c1cbcd35e785faa103f1a299637602bea81fe7e4 f510d75f nscd: Use time_t for return type of addgetnetgrentX 5aa4bb67 resolv: Fix some unaligned accesses in resolver [BZ #30750] 249646f1 Force DT_RPATH for --enable-hardcoded-path-in-tests 697ab62d i386: Disable Intel Xeon Phi tests for GCC 15 and above (BZ 31782) c8cb4d2b misc: Add support for Linux uio.h RWF_NOAPPEND flag 71245363 s390x: Fix segfault in wcsncmp [BZ #31934] 7bfc3595 nptl: fix potential merge of __rseq_* relro symbols d9d019d6 elf: Make dl-rseq-symbols Linux only bb30bd21 Linux: Make __rseq_size useful for feature detection (bug 31965) dc512364 resolv: Allow short error responses to match any query (bug 31890) 6cad0f54 resolv: Do not wait for non-existing second DNS response after error (bug 30081) 1bed6acf resolv: Track single-request fallback via _res._flags (bug 31476) 0301637b linux: Update the mremap C implementation [BZ #31968] f0e21145 mremap: Update manual entry 6bb75212 Add mremap tests 3ac7ba61 Update syscall lists for Linux 6.5 9184c136 resolv: Fix tst-resolv-short-response for older GCC (bug 32042) 059f82c3 Fix name space violation in fortify wrappers (bug 32052) c005d1bd x86: Fix bug in strchrnul-evex512 [BZ #32078] 28f358bc support: Add FAIL test failure helper 99ffa84b stdio-common: Add test for vfscanf with matches longer than INT_MAX [BZ #27650] 87a1968a Make tst-ungetc use libsupport 804d3c8d ungetc: Fix uninitialized read when putting into unused streams [BZ #27821] b9f72bd5 ungetc: Fix backup buffer leak on program exit [BZ #27821] 15ca6630 posix: Use <support/check.h> facilities in tst-truncate and tst-truncate64 f30501ca nptl: Use <support/check.h> facilities in tst-setuid3 370be858 libio: Attempt wide backup free only for non-legacy code 4dd86414 Add crt1-2.0.o for glibc 2.0 compatibility tests fa4ad104 elf: Change ldconfig auxcache magic number (bug 32231) 9423cc53 nptl: initialize rseq area prior to registration 37ded328 nptl: initialize cpu_id_start prior to rseq registration cf067723 x86: Avoid integer truncation with large cache sizes (bug 32470) 5c9be512 x86_64: Sort fpu/multiarch/Makefile 49016f21 x86_64: Add log2 with FMA b2a45f1e x86_64: Add expm1 with FMA c92946d9 x86_64: Add log1p with FMA 58822f95 x86: Check the lower byte of EAX of CPUID leaf 2 [BZ #30643] 7772f935 elf: Fix slow tls access after dlopen [BZ #19924] 5a64f933 x86: Only align destination to 1x VEC_SIZE in memset 4x loop 0d14bf07 sysdeps/x86/Makefile: Split and sort tests dc176211 x86_64: Fix missing wcsncat function definition without multiarch (x86-64-v4) 04b8d484 x86: Improve large memset perf with non-temporal stores [RHEL-29312] 12fec8aa x86/string: Fixup alignment of main loop in str{n}cmp-evex [BZ #32212] 48642ef1 elf: Avoid some free (NULL) calls in _dl_update_slotinfo 549e7f7c elf: Support recursive use of dynamic TLS in interposed malloc c32fd593 Fix underallocation of abort_msg_s struct (CVE-2025-0395) 650a0aaa stdlib: Test using setenv with updated environ [BZ #32588] f984e2d7 assert: Add test for CVE-2025-0395 9ca74b8a AArch64: Improve generic strlen 95aa2143 AArch64: Optimize memset 5fe151d8 AArch64: Remove zva_128 from memset 3de51123 math: Improve layout of expf data 52c2b155 AArch64: Add SVE memset 097299ff AArch64: Use prefer_sve_ifuncs for SVE memset 5a08d049 math: Improve layout of exp/exp10 data Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> Link: https://github.com/openwrt/openwrt/pull/18648 Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> 2024-05-04T18:03:47Z Hauke Mehrtens 2024-04-28T20:05:23Z urn:sha1:6b3195ae62091fc224500e50661ccdc9651376fc 23514c72b7 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246) d0338312aa syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779) d37c2b20a4 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780) 30e546d76e x86_64: Optimize ffsll function code size. 18876c9ff5 S390: Fix building with --disable-mutli-arch [BZ #31196] 6f68075869 sparc: Fix broken memset for sparc32 [BZ #31068] 0e383d2d4e sparc64: Remove unwind information from signal return stubs [BZ#31244] aac57faf54 sparc: Fix sparc64 memmove length comparison (BZ 31266) 0c5e5bace5 sparc: Remove unwind information from signal return stubs [BZ #31244] b09073e631 arm: Remove wrong ldr from _dl_start_user (BZ 31339) 506e47da1d malloc: Use __get_nprocs on arena_get2 (BZ 30945) ee4806e978 S390: Do not clobber r7 in clone [BZ #31402] 5753cda1ca linux: Use rseq area unconditionally in sched_getcpu (bug 31479) 0518bb0c16 LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf 5456ff5d80 Add HWCAP2_MOPS from Linux 6.5 to AArch64 bits/hwcap.h d8a2b56b4f AArch64: Add support for MOPS memcpy/memmove/memset 25b66e8c4a AArch64: Cleanup ifuncs 1521237c32 AArch64: Cleanup emag memset 156e44845f AArch64: Add memset_zva64 a08ff92294 AArch64: Remove Falkor memcpy 168ae58e6e aarch64: correct CFI in rawmemchr (bug 31113) 1bf17ce978 aarch64: fix check for SVE support in assembler 92da7c2cfe AArch64: Check kernel version for SVE ifuncs 20534f8176 powerpc: Fix ld.so address determination for PCREL mode (bug 31640) e1135387de iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961) 61484011e7 sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574) 78d9f91da6 login: Check default sizes of structs utmp, utmpx, lastlog 68bff88592 login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701) decc9f504a nptl: Fix tst-cancel30 on kernels without ppoll_time64 support 29e20bd122 i386: ulp update for SSE2 --disable-multi-arch configurations 5968aebb86 CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677) 541ea5172a CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678) 2ae9446c1b CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678) 71af8ca864 CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680) e9f05fa1c6 elf: Also compile dl-misc.os with $(rtld-early-cflags) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2024-04-29T20:55:02Z Kazuki H 2023-12-22T14:58:16Z urn:sha1:5ee2b6fe57857ca479f86a778811ecb3230e3e83 This updates glibc to version 2.38. Add --enable-crypt since the crypt function got disabled in 2.38, but we still need it. Also add the newly introduced --enable-fortify-source flag and hook it up to the build system. Switch to .zst archive while at it. Signed-off-by: Kazuki H <kazukih0205@gmail.com> Link: https://github.com/openwrt/openwrt/pull/14259 [ switch to .zst and fix mirror HASH ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> 2024-02-10T11:52:09Z Hauke Mehrtens 2024-02-07T20:30:52Z urn:sha1:2ef5714277ce32d0dc7d59e59f20591004f070c4 512e30fd56 Revert "elf: Remove unused l_text_end field from struct link_map" 55d3dfadf8 Revert "elf: Always call destructors in reverse constructor order (bug 30785)" 8e20aedfd7 Revert "elf: Move l_init_called_next to old place of l_text_end in link map" 5014fb12f4 elf: Fix wrong break removal from 8ee878592c 874d418697 elf: Fix TLS modid reuse generation assignment (BZ 29039) 8bd00f5b6d x86-64: Fix the dtv field load for x32 [BZ #31184] d052665f35 x86-64: Fix the tcb field load for x32 [BZ #31185] 0ca9ba3a9e NEWS: Mention bug fixes for 29039/30745/30843 9b90e763db getaddrinfo: translate ENOMEM to EAI_MEMORY (bug 31163) bd9f194c34 libio: Check remaining buffer size in _IO_wdo_write (bug 31183) 8b8a3f0aaf sunrpc: Fix netname build with older gcc 97a4292aa4 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246) 67062eccd9 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779) 2b58cba076 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780) 1d8bb622df i386: Use pthread_barrier for synchronization on tst-bz21269 32450f6e8d sysdeps: tst-bz21269: fix test parameter f7e97cea20 sysdeps: tst-bz21269: handle ENOSYS & skip appropriately d97929eadc sysdeps: tst-bz21269: fix -Wreturn-type 5bbe7e0da5 x86_64: Optimize ffsll function code size. 98ec3e004e sparc: Fix broken memset for sparc32 [BZ #31068] 2ce7abef67 sparc64: Remove unwind information from signal return stubs [BZ#31244] 18da90677c sparc: Fix sparc64 memmove length comparison (BZ 31266) 8b849f70b3 sparc: Remove unwind information from signal return stubs [BZ #31244] eee7525d35 arm: Remove wrong ldr from _dl_start_user (BZ 31339) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2024-01-19T20:28:53Z Cedric DOURLENT 2024-01-18T09:17:21Z urn:sha1:34fd41a99784b5d0f281d3c7053ec27f0dedca39 Add missing configurition for glibc based on CONFIG_PKG_CC_STACKPROTECTOR_ALL Signed-off-by: Cedric DOURLENT <cedric.dourlent@softathome.com> 2023-10-08T12:05:12Z Hauke Mehrtens 2023-10-07T10:29:57Z urn:sha1:e66eed033f9f9d27fc839d81d3a03d4fad1b9b5b This adds the following changes: b4f76ecc9e Ignore MAP_VARIABLE in tst-mman-consts.py f5d377c896 __check_pf: Add a cancellation cleanup handler [BZ #20975] 0e3e9dbb0e Document BZ #20975 fix e2974d26ce io: Fix record locking contants on 32 bit arch with 64 bit default time_t (BZ#30477) 3593050c27 io: Fix F_GETLK, F_SETLK, and F_SETLKW for powerpc64 8dcb1a5181 hppa: xfail debug/tst-ssp-1 when have-ssp is yes (gcc-12 and later) 0930ff8eb3 realloc: Limit chunk reuse to only growing requests [BZ #30579] 3f4b4e2cdd elf: _dl_find_object may return 1 during early startup (bug 30515) 260d4b742b nptl: Fix tst-cancel30 on sparc64 58f7431fd7 sparc: Fix la_symbind for bind-now (BZ 23734) 1caf955269 x86: Increase `non_temporal_threshold` to roughly `sizeof_L3 / 4` 80a8c858a5 x86: Fix slight bug in `shared_per_thread` cache size calculation. cc8243fb0b x86: Use `3/4*sizeof(per-thread-L3)` as low bound for NT threshold. f94ff95e93 x86: Fix incorrect scope of setting `shared_per_thread` [BZ# 30745] 0d500bfdc0 hurd: Make exception subcode a long be26b29262 io: Fix record locking contants for powerpc64 with __USE_FILE_OFFSET64 3d24d1903d elf: Do not run constructors for proxy objects a7e34a6675 elf: Always call destructors in reverse constructor order (bug 30785) bdb594afa5 elf: Remove unused l_text_end field from struct link_map 1a7cbe52c8 elf: Move l_init_called_next to old place of l_text_end in link map b752934602 CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa mode 6529a7466c (HEAD) getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806) 79310b45af x86/dl-cacheinfo: remove unsused parameter from handle_amd 9d5c6e27ed x86: Fix for cache computation on AMD legacy cpus. 4473d1b87d Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843] 94ef701365 Document CVE-2023-4806 and CVE-2023-5156 in NEWS 2dfd8c77b5 i686: Regenerate ulps b4e23c75ae tunables: Terminate if end of input is reached (CVE-2023-4911) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2023-09-19T18:22:59Z Alexander Couzens 2023-09-18T22:23:40Z urn:sha1:bcf02c5d3123a99c717ca33f1d7c6250acf0f33f The PKG_CPE_ID links to NIST CPE version 2.2. Assign PKG_CPE_ID to all remaining package which have a CPE ID. Not every package has a CPE id. Related: https://github.com/openwrt/packages/issues/8534 Signed-off-by: Alexander Couzens <lynxis@fe80.eu> 2023-05-18T16:55:27Z Hauke Mehrtens 2023-05-17T22:31:21Z urn:sha1:76f241ad57da585d24f5fe56508f26780b8d885e The glibc build was failing with this error message: aclocal.m4:6: error: Exactly version 2.69 of Autoconf is required but you have 2.71 aclocal.m4:6: the top level The autoconf run on glibc is not needed, just remove it. Fixes: #12631 Fixes: 030447b8f4c7 ("tools/autoconf: bump to 2.71") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>