Commit Graph

524 Commits

Author SHA1 Message Date
Mike Frysinger
8c12f01d07 configure: add missing quotes in $build_pt_chown test
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-08-25 16:02:09 -04:00
Carlos O'Donell
e4608715e6 CVE-2013-2207, BZ #15755: Disable pt_chown.
The helper binary pt_chown tricked into granting access to another
user's pseudo-terminal.

Pre-conditions for the attack:

 * Attacker with local user account
 * Kernel with FUSE support
 * "user_allow_other" in /etc/fuse.conf
 * Victim with allocated slave in /dev/pts

Using the setuid installed pt_chown and a weak check on whether a file
descriptor is a tty, an attacker could fake a pty check using FUSE and
trick pt_chown to grant ownership of a pty descriptor that the current
user does not own.  It cannot access /dev/pts/ptmx however.

In most modern distributions pt_chown is not needed because devpts
is enabled by default. The fix for this CVE is to disable building
and using pt_chown by default. We still provide a configure option
to enable hte use of pt_chown but distributions do so at their own
risk.
2013-07-21 15:39:55 -04:00
Siddhesh Poyarekar
52dfbe137e Fix lock elision help text in INSTALL and configure 2013-07-04 20:33:03 +05:30
Andi Kleen
1717da59ae Add a configure option to enable lock elision and disable by default
Can be enabled with --enable-lock-elision=yes at configure time.
2013-07-02 08:46:55 -07:00
Joseph Myers
cbe7d24bb4 Require GCC 4.4 or later to build glibc. 2013-06-26 23:10:48 +00:00
Adhemerval Zanella
85c2e6110c Fix loop construction to functions calls
Check wheter the compiler has the option -fno-tree-loop-distribute-patterns
to inhibit loop transformation to library calls and uses it on memset
and memmove default implementation to avoid recursive calls.
2013-06-20 19:42:05 -05:00
Roland McGrath
12086fb483 Sort sysd-rules-patterns by descending pattern length. 2013-06-17 09:55:49 -07:00
Carlos O'Donell
0f122b8d12 Configuring for i386 is no longer supported.
We no longer support configuring for i386, nor do we
elide such a configuration to i686. Configuring with
i386-* is a failure, and we provide an example of
how to fix that.

---

2013-04-17  Carlos O'Donell  <carlos@redhat.com>

	* configure.in: Remove i386 configure warning. Remove i386 case.
	* configure: Regenerate.
	* sysdeps/i386/configure.in: Raise error if config_machine is i386.
	Add example to error message.
	* sysdeps/i386/configure: Regenerate.
2013-04-17 17:13:20 -07:00
Carlos O'Donell
a01f19c8fb i386: Fail at configure time for i386 builds.
This change does two things:

* Treats a target i386-* as if it were i686.
* Fails configure if the user is generating code
  for i386.

We no longer support i386 code-generation because the i386
lacks the atomic operations we need in glibc.

You can still configure for i386-*, but you get i686 code.

You can't build with --march=i386, --mtune=i386 or a compiler
that defaults to i386 code-generation.

I've added two i386 entries in the master todo list to discuss
merging and renaming:
http://sourceware.org/glibc/wiki/Development_Todo/Master#i386

The failure modes are fail-safe here. You compile for i386,
get i686, and try to run on i386 and it fails. The configure
log has a warning saying we elided to i686. There is no situation
that I can see where we run into any serious problems.

The patch makes the current state better in that we get less
confused users and we build successfully in more default
configurations.

The next enhancement would be to add --march=i?86
as suggested in #c20 of BZ#10062 for any i?86-* builds, which
would solve the problem of a 32-bit compiler that defaults to
i386 code-gen and glibc configured for i686-* target. Which
previously failed at build time, and now will fail at configure
time (requires adding --march=i686).

Updated NEWS with BZ #10060 and #10062.

No regressions.

---

2013-04-06  Carlos O'Donell  <carlos@redhat.com>

	[BZ #10060, #10062]
	* aclocal.m4 (LIBC_COMPILER_BUILTIN_INLINED): New macro.
	* sysdeps/i386/configure.in: Use LIBC_COMPILER_BUILTIN_INLINED and
	fail configure if __sync_val_compare_and_swap is not inlined.
	* sysdeps/i386/configure: Regenerate.
	* configure.in: Build for i686 when configured for i386.
	* configure: Regenerate.
	* README: Remove i386 reference.
2013-04-06 12:00:35 -04:00
Joseph Myers
bef0b50749 Move system-specific settings out of toplevel configure.in and config.make.in. 2013-03-20 22:37:06 +00:00
Andreas Schwab
aaa8cb4b43 Add support for rtld directory different from slib directory 2013-03-19 12:07:26 +01:00
Thomas Schwinge
b5a5da2376 Don't bother checking for $CC option to accept ISO C89. 2013-01-25 12:44:45 +01:00
Thomas Schwinge
bb931195fe configure: Default to CPP="$CC -E" unless overridden. 2013-01-25 12:33:19 +01:00
Roland McGrath
6270516e15 Fix multiarch handling in sysdeps generation. 2013-01-11 16:00:49 -08:00
H.J. Lu
740b3dbee8 Add --enable-hardcoded-path-in-tests configure option 2013-01-11 07:14:18 -08:00
Roland McGrath
1c9f1a028a Remove some old cruft variables from configure. 2013-01-10 16:22:45 -08:00
Adam Conrad
6706074627 Fix C++ header directory detection for non-standard paths.
Stop assuming specific path layouts for C++ headers, and instead
use an autodetection method that looks for paths with '/[cg]++'
in the g++ include list.
2012-11-24 23:58:38 -07:00
H.J. Lu
6bfea97493 Properly check linker -z XXX support 2012-11-21 12:34:32 -08:00
Andreas Schwab
786b0b67a3 Fix ifunc configure check for 64-bit targets 2012-11-18 16:30:16 +01:00
Joseph Myers
8b748aed2a Support --with-pkgversion and --with-bugurl. 2012-11-09 22:13:45 +00:00
Roland McGrath
6e6249d0b4 BZ#14743: Move clock_* symbols from librt to libc. 2012-10-24 14:50:46 -07:00
Mike Frysinger
0cae3f4b03 change ifunc assembly test to a link test
The test currently tests the binutils frontend support which passes for
all versions of binutils we currently require (2.20+).  It doesn't test
the backend which is required for ifunc to actually work, and which most
targets don't yet support.

Change the assembly code so that when we link it, we get a file that has
ifunc relocations if the backend supports it.  That way we can test to
see if binutils supports everything we need.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2012-10-24 17:01:13 -04:00
Mike Frysinger
8175a2532b drop -q flag when using grep
We don't currently want to rely on the -q option to grep.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2012-10-24 13:00:48 -04:00
Joseph Myers
728e272aec Remove relics of support for configuring in the source directory. 2012-10-19 20:03:12 +00:00
Joseph Myers
1e4a95361c Use $CXX not cc1plus to locate C++ headers. 2012-10-10 22:07:36 +00:00
Roland McGrath
f57f805541 Clean up conditionalize of ld.so.cache support. 2012-10-03 16:13:14 -07:00
H.J. Lu
6551399088 Remove $(have-cpp-asm-debuginfo) check 2012-09-15 13:08:45 -07:00
Allan McRae
c4e85184d2 Improve C++ header location detection (bug 13966) 2012-09-06 00:16:24 +10:00
Allan McRae
0786794f3a Check for gawk >= 3.0 (bug 13412) 2012-09-02 09:30:18 +10:00
Roland McGrath
c53d909c80 Add --disable-build-nscd configure option. 2012-08-22 13:35:55 -07:00
Roland McGrath
3cc3ef96d6 BZ#13696: Add --disable-nscd configure option. 2012-08-22 13:31:12 -07:00
Dmitry V. Levin
07e5155066 Fix sed configure check for newer sed --version output. 2012-08-22 12:58:18 -07:00
Roland McGrath
c91c505f22 Make sysheaders available in config.make. 2012-08-17 14:05:53 -07:00
Marek Polacek
b67e9372b2 Get rid of ASM_TYPE_DIRECTIVE{,_PREFIX}. 2012-08-02 21:04:29 +02:00
Thomas Schwinge
576338111a configure.in <sysdeps resolving>: Correct printing Implies_before. 2012-07-23 12:27:12 +02:00
Marek Polacek
7b8e0d49cb Get rid of ASM_GLOBAL_DIRECTIVE. 2012-07-10 14:30:24 +02:00
Roland McGrath
4248b1b1cf Respect --localstatedir for /var/db parent directory. 2012-06-22 10:11:07 -07:00
Joseph Myers
4da0431d5f Weaken PIE configure test to a compile test. 2012-05-30 09:50:40 +00:00
H.J. Lu
918b56067a Don't use header files in glibc configure 2012-05-25 14:16:19 -07:00
Roland McGrath
3a097cc7a1 Add --enable-systemtap configuration to define static probe points. 2012-05-25 13:40:20 -07:00
Joseph Myers
59f0c22ed2 Filter out unknown symbols in stack-protector test. 2012-05-21 23:26:27 +00:00
Roland McGrath
30b99d798f BZ#10375: Configure magic to use -fno-stack-protector if needed. 2012-05-16 16:22:50 -07:00
Roland McGrath
61653dfb81 BZ#10375: Configure magic to use -U_FORTIFY_SOURCE if needed. 2012-05-16 16:20:59 -07:00
Joseph Myers
6a3951a036 Update Texinfo version requirement. 2012-05-16 18:50:39 +00:00
Roland McGrath
ba75122dd9 configure change to handle Implies-{before,after} files 2012-05-15 11:04:22 -07:00
Andreas Jaeger
021db4be6f Make sunrpc code usable again
New configure option --enable-obsolete-rpc makes the deprecated RPC
  headers and functions available at compile time as they were before
  version 2.14.  This option will be removed at some time in the future
  after the TI-RPC library becomes fully sufficient for the needs of
  existing applications.
2012-05-10 20:19:53 +02:00
Andreas Jaeger
ecf0ebfb04 Always run check-abi
Remove the configure options for running of check-abi and always
run it as part of the testsuite
2012-04-29 06:36:30 +02:00
Joseph Myers
2ce4f01533 Don't handle unsupported OSes in configure (base_os settings). 2012-04-26 18:42:42 +00:00
Joseph Myers
a3cc4f48e9 Remove --as-needed configure test. 2012-04-25 17:02:33 +00:00
Joseph Myers
3a533ca370 Don't handle libgcc_s suffixes. 2012-04-24 10:22:45 +00:00