pthread_attr_getsigmask_np have been added. They allow applications
to specify the signal mask of a thread created with pthread_create.
+* Support for automatically registering threads with the Linux rseq
+ system call has been added. This system call is implemented starting
+ from Linux 4.18. The Restartable Sequences ABI accelerates user-space
+ operations on per-cpu data. It allows user-space to perform updates
+ on per-cpu data without requiring heavy-weight atomic operations.
+ Automatically registering threads allows all libraries, including libc,
+ to make immediate use of the rseq support by using the documented ABI.
+ The GNU C Library manual has details on integration of Restartable
+ Sequences.
+
Deprecated and removed features, and other changes affecting compatibility:
* The deprecated <sys/sysctl.h> header and the sysctl function have been
/* Amount of excess space to allocate in the static TLS area
to allow dynamic loading of modules defining IE-model TLS data. */
-#define TLS_STATIC_SURPLUS 64 + DL_NNS * 100
+#define TLS_STATIC_SURPLUS 64 + DL_NNS * 176
/* Out-of-memory handler. */
_dl_determine_tlsoffset (void)
{
size_t max_align = TLS_TCB_ALIGN;
+ /* libc.so with rseq has TLS with 32-byte alignment. Since TLS is
+ initialized before audit modules are loaded and slotinfo
+ information is available, this is not taken into account below in
+ the audit case. */
+ max_align = MAX (max_align, 32U);
+
size_t freetop = 0;
size_t freebottom = 0;
#include <ctype.h>
#include <libc-early-init.h>
+#include <rseq-internal.h>
void
__libc_early_init (_Bool initial)
{
/* Initialize ctype data. */
__ctype_init ();
+ /* Register rseq ABI to the kernel for the main program's libc. */
+ if (initial)
+ rseq_register_current_thread ();
}
* Initial Thread Signal Mask:: Setting the initial mask of threads.
* Waiting with Explicit Clocks:: Functions for waiting with an
explicit clock specification.
+* Restartable Sequences:: Linux-specific Restartable Sequences
+ integration.
@end menu
@node Default Thread Attributes
@var{abstime} is measured against the clock specified by @var{clockid}.
@end deftypefun
+@node Restartable Sequences
+@subsubsection Restartable Sequences
+
+This section describes Restartable Sequences integration for
+@theglibc{}. This functionality is only available on Linux.
+
+@deftypevar {struct rseq} __rseq_abi
+@standards{Linux, sys/rseq.h}
+@Theglibc{} implements a @code{__rseq_abi} TLS symbol to interact with
+the Restartable Sequences system call. The layout of this structure is
+defined by the @file{sys/rseq.h} header. Registration of each thread's
+@code{__rseq_abi} is performed by @theglibc{} at library initialization
+and thread creation. The manual for the rseq system call can be found
+at @uref{https://git.kernel.org/pub/scm/libs/librseq/librseq.git/tree/doc/man/rseq.2}.
+
+The main executable and shared libraries may either have an undefined
+@code{__rseq_abi} TLS symbol, or define their own, with the same
+declaration as the one present in @file{sys/rseq.h}. The dynamic linker
+will ensure that only one of those available symbols will be used at
+runtime across the process.
+
+If the main executable or shared libraries observe an uninitialized
+@code{__rseq_abi.cpu_id} field (value @code{RSEQ_CPU_ID_UNINITIALIZED}),
+they may perform rseq registration to the kernel: this means either
+glibc was prevented from doing the registration, or an older glibc
+version, which does not include rseq support, is in use. When the main
+executable or a library thus takes ownership of the registration, the
+memory used to hold the @code{__rseq_abi} TLS variable must stay
+allocated, and is not re-used, until the very end of the thread lifetime
+or until an explicit rseq unregistration for that thread is performed.
+It is not recommended to @code{dlclose} libraries owning the
+@code{__rseq_abi} TLS variable.
+
+Users of the @code{__rseq_abi} TLS symbol can store the address of a
+@code{struct rseq_cs} to the @code{__rseq_abi.rseq_cs} TLS variable,
+thus informing the kernel that it enters a Restartable Sequence critical
+section. This pointer and the code areas it itself points to must not
+be left pointing to memory areas which are freed or re-used. Several
+approaches can guarantee this. If the application or library can
+guarantee that the memory used to hold the @code{struct rseq_cs} and the
+code areas it refers to are never freed or re-used, no special action
+must be taken. Else, before that memory is re-used of freed, the
+application is responsible for setting the @code{__rseq_abi.rseq_cs} TLS
+variable to @code{NULL} in each thread's TLS to guarantee that it does
+not leak dangling references. Because the application does not
+typically have knowledge of libraries' use of Restartable Sequences, it
+is recommended that libraries using Restartable Sequences which may end
+up freeing or re-using their memory set the @code{__rseq_abi.rseq_cs}
+TLS variable to @code{NULL} before returning from library functions
+which use Restartable Sequences.
+
+@end deftypevar
+
+@deftypevr Macro int RSEQ_SIG
+@standards{Linux, sys/rseq.h}
+Each supported architecture provides a @code{RSEQ_SIG} macro in
+@file{sys/rseq.h} which contains a signature. That signature is
+expected to be present in the code before each Restartable Sequences
+abort handler. Failure to provide the expected signature may terminate
+the process with a segmentation fault.
+@end deftypevr
+
@c FIXME these are undocumented:
@c pthread_atfork
@c pthread_attr_destroy
#include <default-sched.h>
#include <futex-internal.h>
#include <tls-setup.h>
+#include <rseq-internal.h>
#include "libioP.h"
#include <shlib-compat.h>
/* Initialize pointers to locale data. */
__ctype_init ();
+ /* Register rseq TLS to the kernel. */
+ rseq_register_current_thread ();
+
#ifndef __ASSUME_SET_ROBUST_LIST
if (__set_robust_list_avail >= 0)
#endif
process is really dead since 'clone' got passed the CLONE_CHILD_CLEARTID
flag. The 'tid' field in the TCB will be set to zero.
+ rseq TLS is still registered at this point. Rely on implicit
+ unregistration performed by the kernel on thread teardown. This is not a
+ problem because the rseq TLS lives on the stack, and the stack outlives
+ the thread. If TCB allocation is ever changed, additional steps may be
+ required, such as performing explicit rseq unregistration before
+ reclaiming the rseq TLS area memory. It is NOT sufficient to block
+ signals because the kernel may write to the rseq area even without
+ signals.
+
The exit code is zero since in case all threads exit by calling
'pthread_exit' the exit status must be 0 (zero). */
__exit_thread ();
--- /dev/null
+/* Restartable Sequences internal API. Stub version.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef RSEQ_INTERNAL_H
+#define RSEQ_INTERNAL_H
+
+static inline void
+rseq_register_current_thread (void)
+{
+}
+
+#endif /* rseq-internal.h */
endif
ifeq ($(subdir),csu)
-sysdep_routines += errno-loc
+sysdep_routines += errno-loc rseq-sym
endif
ifeq ($(subdir),assert)
bits/termios-c_lflag.h bits/termios-tcflow.h \
bits/termios-misc.h \
bits/types/struct_semid_ds.h \
- bits/ipc-perm.h
+ bits/ipc-perm.h \
+ sys/rseq.h bits/rseq.h
tests += tst-clone tst-clone2 tst-clone3 tst-fanotify tst-personality \
tst-quota tst-sync_file_range tst-sysconf-iov_max tst-ttyname \
getdents64; gettid; tgkill;
}
GLIBC_2.32 {
+ __rseq_abi;
}
GLIBC_PRIVATE {
# functions used in other libraries
--- /dev/null
+/* Restartable Sequences Linux aarch64 architecture header.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _SYS_RSEQ_H
+# error "Never use <bits/rseq.h> directly; include <sys/rseq.h> instead."
+#endif
+
+/* RSEQ_SIG is a signature required before each abort handler code.
+
+ It is a 32-bit value that maps to actual architecture code compiled
+ into applications and libraries. It needs to be defined for each
+ architecture. When choosing this value, it needs to be taken into
+ account that generating invalid instructions may have ill effects on
+ tools like objdump, and may also have impact on the CPU speculative
+ execution efficiency in some cases.
+
+ aarch64 -mbig-endian generates mixed endianness code vs data:
+ little-endian code and big-endian data. Ensure the RSEQ_SIG signature
+ matches code endianness. */
+
+#define RSEQ_SIG_CODE 0xd428bc00 /* BRK #0x45E0. */
+
+#ifdef __AARCH64EB__
+# define RSEQ_SIG_DATA 0x00bc28d4 /* BRK #0x45E0. */
+#else
+# define RSEQ_SIG_DATA RSEQ_SIG_CODE
+#endif
+
+#define RSEQ_SIG RSEQ_SIG_DATA
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.31 msgctl F
GLIBC_2.31 semctl F
GLIBC_2.31 shmctl F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
--- /dev/null
+/* Restartable Sequences Linux arm architecture header.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _SYS_RSEQ_H
+# error "Never use <bits/rseq.h> directly; include <sys/rseq.h> instead."
+#endif
+
+/*
+ RSEQ_SIG is a signature required before each abort handler code.
+
+ It is a 32-bit value that maps to actual architecture code compiled
+ into applications and libraries. It needs to be defined for each
+ architecture. When choosing this value, it needs to be taken into
+ account that generating invalid instructions may have ill effects on
+ tools like objdump, and may also have impact on the CPU speculative
+ execution efficiency in some cases.
+
+ - ARM little endian
+
+ RSEQ_SIG uses the udf A32 instruction with an uncommon immediate operand
+ value 0x5de3. This traps if user-space reaches this instruction by mistake,
+ and the uncommon operand ensures the kernel does not move the instruction
+ pointer to attacker-controlled code on rseq abort.
+
+ The instruction pattern in the A32 instruction set is:
+
+ e7f5def3 udf #24035 ; 0x5de3
+
+ This translates to the following instruction pattern in the T16 instruction
+ set:
+
+ little endian:
+ def3 udf #243 ; 0xf3
+ e7f5 b.n <7f5>
+
+ - ARMv6+ big endian (BE8):
+
+ ARMv6+ -mbig-endian generates mixed endianness code vs data: little-endian
+ code and big-endian data. The data value of the signature needs to have its
+ byte order reversed to generate the trap instruction:
+
+ Data: 0xf3def5e7
+
+ Translates to this A32 instruction pattern:
+
+ e7f5def3 udf #24035 ; 0x5de3
+
+ Translates to this T16 instruction pattern:
+
+ def3 udf #243 ; 0xf3
+ e7f5 b.n <7f5>
+
+ - Prior to ARMv6 big endian (BE32):
+
+ Prior to ARMv6, -mbig-endian generates big-endian code and data
+ (which match), so the endianness of the data representation of the
+ signature should not be reversed. However, the choice between BE32
+ and BE8 is done by the linker, so we cannot know whether code and
+ data endianness will be mixed before the linker is invoked. So rather
+ than try to play tricks with the linker, the rseq signature is simply
+ data (not a trap instruction) prior to ARMv6 on big endian. This is
+ why the signature is expressed as data (.word) rather than as
+ instruction (.inst) in assembler. */
+
+#ifdef __ARMEB__
+# define RSEQ_SIG 0xf3def5e7 /* udf #24035 ; 0x5de3 (ARMv6+) */
+#else
+# define RSEQ_SIG 0xe7f5def3 /* udf #24035 ; 0x5de3 */
+#endif
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
--- /dev/null
+/* Restartable Sequences architecture header. Stub version.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _SYS_RSEQ_H
+# error "Never use <bits/rseq.h> directly; include <sys/rseq.h> instead."
+#endif
+
+/* RSEQ_SIG is a signature required before each abort handler code.
+
+ It is a 32-bit value that maps to actual architecture code compiled
+ into applications and libraries. It needs to be defined for each
+ architecture. When choosing this value, it needs to be taken into
+ account that generating invalid instructions may have ill effects on
+ tools like objdump, and may also have impact on the CPU speculative
+ execution efficiency in some cases. */
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.31 msgctl F
GLIBC_2.31 semctl F
GLIBC_2.31 shmctl F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.31 msgctl F
GLIBC_2.31 semctl F
GLIBC_2.31 shmctl F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.31 msgctl F
GLIBC_2.31 semctl F
GLIBC_2.31 shmctl F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
--- /dev/null
+/* Restartable Sequences Linux mips architecture header.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _SYS_RSEQ_H
+# error "Never use <bits/rseq.h> directly; include <sys/rseq.h> instead."
+#endif
+
+/* RSEQ_SIG is a signature required before each abort handler code.
+
+ It is a 32-bit value that maps to actual architecture code compiled
+ into applications and libraries. It needs to be defined for each
+ architecture. When choosing this value, it needs to be taken into
+ account that generating invalid instructions may have ill effects on
+ tools like objdump, and may also have impact on the CPU speculative
+ execution efficiency in some cases.
+
+ RSEQ_SIG uses the break instruction. The instruction pattern is:
+
+ On MIPS:
+ 0350000d break 0x350
+
+ On nanoMIPS:
+ 00100350 break 0x350
+
+ On microMIPS:
+ 0000d407 break 0x350
+
+ For nanoMIPS32 and microMIPS, the instruction stream is encoded as
+ 16-bit halfwords, so the signature halfwords need to be swapped
+ accordingly for little-endian. */
+
+#if defined (__nanomips__)
+# ifdef __MIPSEL__
+# define RSEQ_SIG 0x03500010
+# else
+# define RSEQ_SIG 0x00100350
+# endif
+#elif defined (__mips_micromips)
+# ifdef __MIPSEL__
+# define RSEQ_SIG 0xd4070000
+# else
+# define RSEQ_SIG 0x0000d407
+# endif
+#elif defined (__mips__)
+# define RSEQ_SIG 0x0350000d
+#else
+/* Unknown MIPS architecture. */
+#endif
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
--- /dev/null
+/* Restartable Sequences Linux powerpc architecture header.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _SYS_RSEQ_H
+# error "Never use <bits/rseq.h> directly; include <sys/rseq.h> instead."
+#endif
+
+/* RSEQ_SIG is a signature required before each abort handler code.
+
+ It is a 32-bit value that maps to actual architecture code compiled
+ into applications and libraries. It needs to be defined for each
+ architecture. When choosing this value, it needs to be taken into
+ account that generating invalid instructions may have ill effects on
+ tools like objdump, and may also have impact on the CPU speculative
+ execution efficiency in some cases.
+
+ RSEQ_SIG uses the following trap instruction:
+
+ powerpc-be: 0f e5 00 0b twui r5,11
+ powerpc64-le: 0b 00 e5 0f twui r5,11
+ powerpc64-be: 0f e5 00 0b twui r5,11 */
+
+#define RSEQ_SIG 0x0fe5000b
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.32 __qfcvtieee128 F
GLIBC_2.32 __qfcvtieee128_r F
GLIBC_2.32 __qgcvtieee128 F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 __scanfieee128 F
GLIBC_2.32 __snprintf_chkieee128 F
GLIBC_2.32 __snprintfieee128 F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
--- /dev/null
+/* Restartable Sequences internal API. Linux implementation.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef RSEQ_INTERNAL_H
+#define RSEQ_INTERNAL_H
+
+#include <sysdep.h>
+#include <errno.h>
+#include <kernel-features.h>
+#include <stdio.h>
+#include <sys/rseq.h>
+
+#ifdef RSEQ_SIG
+static inline void
+rseq_register_current_thread (void)
+{
+ int ret;
+
+ if (__rseq_abi.cpu_id != RSEQ_CPU_ID_UNINITIALIZED)
+ __libc_fatal ("glibc fatal error: "
+ "rseq already initialized for this thread\n");
+ ret = INTERNAL_SYSCALL_CALL (rseq, &__rseq_abi, sizeof (struct rseq),
+ 0, RSEQ_SIG);
+ if (INTERNAL_SYSCALL_ERROR_P (ret))
+ {
+ const char *msg = NULL;
+
+ switch (INTERNAL_SYSCALL_ERRNO (ret))
+ {
+ case ENOSYS: /* rseq system call not implemented. */
+ case EPERM: /* rseq system call filtered by seccomp. */
+ case EACCES: /* rseq system call filtered by seccomp. */
+ __rseq_abi.cpu_id = RSEQ_CPU_ID_REGISTRATION_FAILED;
+ break;
+ case EBUSY:
+ msg = "glibc fatal error: rseq already registered for this thread\n";
+ break;
+ case EFAULT:
+ msg = "glibc fatal error: rseq parameter is an invalid address\n";
+ break;
+ case EINVAL:
+ msg = "glibc fatal error: rseq parameters are invalid\n";
+ break;
+ default:
+ msg = "glibc fatal error: unexpected rseq errno\n";
+ break;
+ }
+ if (msg != NULL)
+ __libc_fatal (msg);
+ }
+}
+#else /* RSEQ_SIG */
+static inline void
+rseq_register_current_thread (void)
+{
+}
+#endif /* RSEQ_SIG */
+
+#endif /* rseq-internal.h */
--- /dev/null
+/* Restartable Sequences exported symbols. Linux Implementation.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <sys/syscall.h>
+#include <stdint.h>
+#include <kernel-features.h>
+#include <sys/rseq.h>
+
+__thread struct rseq __rseq_abi =
+ {
+ .cpu_id = RSEQ_CPU_ID_UNINITIALIZED,
+ };
--- /dev/null
+/* Restartable Sequences Linux s390 architecture header.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _SYS_RSEQ_H
+# error "Never use <bits/rseq.h> directly; include <sys/rseq.h> instead."
+#endif
+
+/* RSEQ_SIG is a signature required before each abort handler code.
+
+ It is a 32-bit value that maps to actual architecture code compiled
+ into applications and libraries. It needs to be defined for each
+ architecture. When choosing this value, it needs to be taken into
+ account that generating invalid instructions may have ill effects on
+ tools like objdump, and may also have impact on the CPU speculative
+ execution efficiency in some cases.
+
+ RSEQ_SIG uses the trap4 instruction. As Linux does not make use of the
+ access-register mode nor the linkage stack this instruction will always
+ cause a special-operation exception (the trap-enabled bit in the DUCT
+ is and will stay 0). The instruction pattern is
+ b2 ff 0f ff trap4 4095(%r0) */
+
+#define RSEQ_SIG 0xB2FF0FFF
GLIBC_2.31 msgctl F
GLIBC_2.31 semctl F
GLIBC_2.31 shmctl F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.31 msgctl F
GLIBC_2.31 semctl F
GLIBC_2.31 shmctl F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
--- /dev/null
+/* Restartable Sequences exported symbols. Linux header.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _SYS_RSEQ_H
+#define _SYS_RSEQ_H 1
+
+/* Architecture-specific rseq signature. */
+#include <bits/rseq.h>
+
+#include <stdint.h>
+#include <sys/cdefs.h>
+
+#ifdef __has_include
+# if __has_include ("linux/rseq.h")
+# define __GLIBC_HAVE_KERNEL_RSEQ
+# endif
+#else
+# include <linux/version.h>
+# if LINUX_VERSION_CODE >= KERNEL_VERSION (4, 18, 0)
+# define __GLIBC_HAVE_KERNEL_RSEQ
+# endif
+#endif
+
+/* Rely on GNU extensions for older standards and tls model. */
+#ifdef __GNUC__
+# define __rseq_tls_model_ie __attribute__ ((__tls_model__ ("initial-exec")))
+#else
+/* Specifying the TLS model on the declaration is optional. */
+# define __rseq_tls_model_ie /* Nothing. */
+#endif
+
+#ifdef __cplusplus
+# if __cplusplus >= 201103L
+# define __rseq_tls_storage_class thread_local
+# endif
+#elif (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) >= 201112L
+# define __rseq_tls_storage_class _Thread_local
+#endif
+
+/* Fall back to __thread for TLS storage class. */
+#ifndef __rseq_tls_storage_class
+# define __rseq_tls_storage_class __thread
+#endif
+
+#ifdef __GLIBC_HAVE_KERNEL_RSEQ
+/* We use the structures declarations from the kernel headers. */
+# include <linux/rseq.h>
+#else /* __GLIBC_HAVE_KERNEL_RSEQ */
+/* We use a copy of the include/uapi/linux/rseq.h kernel header. */
+
+# include <asm/byteorder.h>
+
+enum rseq_cpu_id_state
+ {
+ RSEQ_CPU_ID_UNINITIALIZED = -1,
+ RSEQ_CPU_ID_REGISTRATION_FAILED = -2,
+ };
+
+enum rseq_flags
+ {
+ RSEQ_FLAG_UNREGISTER = (1 << 0),
+ };
+
+enum rseq_cs_flags_bit
+ {
+ RSEQ_CS_FLAG_NO_RESTART_ON_PREEMPT_BIT = 0,
+ RSEQ_CS_FLAG_NO_RESTART_ON_SIGNAL_BIT = 1,
+ RSEQ_CS_FLAG_NO_RESTART_ON_MIGRATE_BIT = 2,
+ };
+
+enum rseq_cs_flags
+ {
+ RSEQ_CS_FLAG_NO_RESTART_ON_PREEMPT =
+ (1U << RSEQ_CS_FLAG_NO_RESTART_ON_PREEMPT_BIT),
+ RSEQ_CS_FLAG_NO_RESTART_ON_SIGNAL =
+ (1U << RSEQ_CS_FLAG_NO_RESTART_ON_SIGNAL_BIT),
+ RSEQ_CS_FLAG_NO_RESTART_ON_MIGRATE =
+ (1U << RSEQ_CS_FLAG_NO_RESTART_ON_MIGRATE_BIT),
+ };
+
+/* struct rseq_cs is aligned on 32 bytes to ensure it is always
+ contained within a single cache-line. It is usually declared as
+ link-time constant data. */
+struct rseq_cs
+ {
+ /* Version of this structure. */
+ uint32_t version;
+ /* enum rseq_cs_flags. */
+ uint32_t flags;
+ uint64_t start_ip;
+ /* Offset from start_ip. */
+ uint64_t post_commit_offset;
+ uint64_t abort_ip;
+ } __attribute__ ((__aligned__ (32)));
+
+/* struct rseq is aligned on 32 bytes to ensure it is always
+ contained within a single cache-line.
+
+ A single struct rseq per thread is allowed. */
+struct rseq
+ {
+ /* Restartable sequences cpu_id_start field. Updated by the
+ kernel. Read by user-space with single-copy atomicity
+ semantics. This field should only be read by the thread which
+ registered this data structure. Aligned on 32-bit. Always
+ contains a value in the range of possible CPUs, although the
+ value may not be the actual current CPU (e.g. if rseq is not
+ initialized). This CPU number value should always be compared
+ against the value of the cpu_id field before performing a rseq
+ commit or returning a value read from a data structure indexed
+ using the cpu_id_start value. */
+ uint32_t cpu_id_start;
+ /* Restartable sequences cpu_id field. Updated by the kernel.
+ Read by user-space with single-copy atomicity semantics. This
+ field should only be read by the thread which registered this
+ data structure. Aligned on 32-bit. Values
+ RSEQ_CPU_ID_UNINITIALIZED and RSEQ_CPU_ID_REGISTRATION_FAILED
+ have a special semantic: the former means "rseq uninitialized",
+ and latter means "rseq initialization failed". This value is
+ meant to be read within rseq critical sections and compared
+ with the cpu_id_start value previously read, before performing
+ the commit instruction, or read and compared with the
+ cpu_id_start value before returning a value loaded from a data
+ structure indexed using the cpu_id_start value. */
+ uint32_t cpu_id;
+ /* Restartable sequences rseq_cs field.
+
+ Contains NULL when no critical section is active for the current
+ thread, or holds a pointer to the currently active struct rseq_cs.
+
+ Updated by user-space, which sets the address of the currently
+ active rseq_cs at the beginning of assembly instruction sequence
+ block, and set to NULL by the kernel when it restarts an assembly
+ instruction sequence block, as well as when the kernel detects that
+ it is preempting or delivering a signal outside of the range
+ targeted by the rseq_cs. Also needs to be set to NULL by user-space
+ before reclaiming memory that contains the targeted struct rseq_cs.
+
+ Read and set by the kernel. Set by user-space with single-copy
+ atomicity semantics. This field should only be updated by the
+ thread which registered this data structure. Aligned on 64-bit. */
+ union
+ {
+ uint64_t ptr64;
+# ifdef __LP64__
+ uint64_t ptr;
+# else /* __LP64__ */
+ struct
+ {
+# if (defined (__BYTE_ORDER) && (__BYTE_ORDER == __BIG_ENDIAN)) || defined (__BIG_ENDIAN)
+ uint32_t padding; /* Initialized to zero. */
+ uint32_t ptr32;
+# else /* LITTLE */
+ uint32_t ptr32;
+ uint32_t padding; /* Initialized to zero. */
+# endif /* ENDIAN */
+ } ptr;
+# endif /* __LP64__ */
+ } rseq_cs;
+
+ /* Restartable sequences flags field.
+
+ This field should only be updated by the thread which
+ registered this data structure. Read by the kernel.
+ Mainly used for single-stepping through rseq critical sections
+ with debuggers.
+
+ - RSEQ_CS_FLAG_NO_RESTART_ON_PREEMPT
+ Inhibit instruction sequence block restart on preemption
+ for this thread.
+ - RSEQ_CS_FLAG_NO_RESTART_ON_SIGNAL
+ Inhibit instruction sequence block restart on signal
+ delivery for this thread.
+ - RSEQ_CS_FLAG_NO_RESTART_ON_MIGRATE
+ Inhibit instruction sequence block restart on migration for
+ this thread. */
+ uint32_t flags;
+ } __attribute__ ((__aligned__ (32)));
+
+#endif /* __GLIBC_HAVE_KERNEL_RSEQ */
+
+/* Allocations of struct rseq and struct rseq_cs on the heap need to
+ be aligned on 32 bytes. Therefore, use of malloc is discouraged
+ because it does not guarantee alignment. posix_memalign should be
+ used instead. */
+
+extern __rseq_tls_storage_class struct rseq __rseq_abi __rseq_tls_model_ie;
+
+#endif /* sys/rseq.h */
--- /dev/null
+/* Restartable Sequences Linux x86 architecture header.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _SYS_RSEQ_H
+# error "Never use <bits/rseq.h> directly; include <sys/rseq.h> instead."
+#endif
+
+/* RSEQ_SIG is a signature required before each abort handler code.
+
+ RSEQ_SIG is used with the following reserved undefined instructions, which
+ trap in user-space:
+
+ x86-32: 0f b9 3d 53 30 05 53 ud1 0x53053053,%edi
+ x86-64: 0f b9 3d 53 30 05 53 ud1 0x53053053(%rip),%edi */
+
+#define RSEQ_SIG 0x53053053
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
GLIBC_2.30 gettid F
GLIBC_2.30 tgkill F
GLIBC_2.30 twalk_r F
+GLIBC_2.32 __rseq_abi T 0x20
GLIBC_2.32 pthread_attr_getsigmask_np F
GLIBC_2.32 pthread_attr_setaffinity_np F
GLIBC_2.32 pthread_attr_setsigmask_np F
projects / platform / upstream / glibc.git / commitdiff