diff options
| -rw-r--r-- | main/musl/0003-handle-loss-of-syslog-socket-connection.patch | 77 | ||||
| -rw-r--r-- | main/musl/0003-reopen-syslog-socket-on-error.patch | 42 | ||||
| -rw-r--r-- | main/musl/0004-fix-missing-synchronization-in-atomic-store-on-i386-.patch | 68 | ||||
| -rw-r--r-- | main/musl/0005-mitigate-vsz-explotion.patch | 53 | ||||
| -rw-r--r-- | main/musl/APKBUILD | 18 |
5 files changed, 211 insertions, 47 deletions
diff --git a/main/musl/0003-handle-loss-of-syslog-socket-connection.patch b/main/musl/0003-handle-loss-of-syslog-socket-connection.patch new file mode 100644 index 0000000000..d33c2ff048 --- /dev/null +++ b/main/musl/0003-handle-loss-of-syslog-socket-connection.patch @@ -0,0 +1,77 @@ +From 0f9c2666aca95eb98eb0ef4f4d8d1473c8ce3fa0 Mon Sep 17 00:00:00 2001 +From: Rich Felker <dalias@aerifal.cx> +Date: Thu, 9 Jul 2015 18:36:02 +0000 +Subject: [PATCH] handle loss of syslog socket connection + +when traditional syslogd implementations are restarted, the old server +socket ceases to exist and a new unix socket with the same pathname is +created. when this happens, the default destination address associated +with the client socket via connect is no longer valid, and attempts to +send produce errors. this happens despite the socket being datagram +type, and is in contrast to the behavior that would be seen with an IP +datagram (UDP) socket. + +in order to avoid a situation where the application is unable to send +further syslog messages without calling closelog, this patch makes +syslog attempt to reconnect the socket when send returns an error +indicating a lost connection. + +additionally, initial failure to connect the socket no longer results +in the socket being closed. this ensures that an application which +calls openlog to reserve the socket file descriptor will not run into +a situation where transient connection failure (e.g. due to syslogd +restart) prevents fd reservation. however, applications which may be +unable to connect the socket later (e.g. due to chroot, restricted +permissions, seccomp, etc.) will still fail to log if the syslog +socket cannot be connected at openlog time or if it has to be +reconnected later. +--- + src/misc/syslog.c | 18 +++++++++++------- + 1 file changed, 11 insertions(+), 7 deletions(-) + +diff --git a/src/misc/syslog.c b/src/misc/syslog.c +index e026f9b..9dd1ddb 100644 +--- a/src/misc/syslog.c ++++ b/src/misc/syslog.c +@@ -48,12 +48,8 @@ void closelog(void) + + static void __openlog() + { +- int fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0); +- if (fd < 0) return; +- if (connect(fd, (void *)&log_addr, sizeof log_addr) < 0) +- close(fd); +- else +- log_fd = fd; ++ log_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0); ++ if (log_fd >= 0) connect(log_fd, (void *)&log_addr, sizeof log_addr); + } + + void openlog(const char *ident, int opt, int facility) +@@ -78,6 +74,11 @@ void openlog(const char *ident, int opt, int facility) + pthread_setcancelstate(cs, 0); + } + ++static int is_lost_conn(int e) ++{ ++ return e==ECONNREFUSED || e==ECONNRESET || e==ENOTCONN || e==EPIPE; ++} ++ + static void _vsyslog(int priority, const char *message, va_list ap) + { + char timebuf[16]; +@@ -107,7 +108,10 @@ static void _vsyslog(int priority, const char *message, va_list ap) + if (l2 >= sizeof buf - l) l = sizeof buf - 1; + else l += l2; + if (buf[l-1] != '\n') buf[l++] = '\n'; +- if (send(log_fd, buf, l, 0) < 0 && (log_opt & LOG_CONS)) { ++ if (send(log_fd, buf, l, 0) < 0 && (!is_lost_conn(errno) ++ || connect(log_fd, (void *)&log_addr, sizeof log_addr) < 0 ++ || send(log_fd, buf, l, 0) < 0) ++ && (log_opt & LOG_CONS)) { + fd = open("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC); + if (fd >= 0) { + dprintf(fd, "%.*s", l-hlen, buf+hlen); +-- +2.4.6 + diff --git a/main/musl/0003-reopen-syslog-socket-on-error.patch b/main/musl/0003-reopen-syslog-socket-on-error.patch deleted file mode 100644 index d89d6be22a..0000000000 --- a/main/musl/0003-reopen-syslog-socket-on-error.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 324dbe39c6941f9d37d438cc528a3dedbc89c636 Mon Sep 17 00:00:00 2001 -From: Rich Felker <dalias@aerifal.cx> -Date: Tue, 7 Jul 2015 10:35:50 +0300 -Subject: [PATCH] reopen syslog socket on error - ---- - src/misc/syslog.c | 12 +++++++++++- - 1 file changed, 11 insertions(+), 1 deletion(-) - -diff --git a/src/misc/syslog.c b/src/misc/syslog.c -index e026f9b..f98944f 100644 ---- a/src/misc/syslog.c -+++ b/src/misc/syslog.c -@@ -56,6 +56,14 @@ static void __openlog() - log_fd = fd; - } - -+static int __reopenlog() -+{ -+ close(log_fd); -+ log_fd = -1; -+ __openlog(); -+ return log_fd; -+} -+ - void openlog(const char *ident, int opt, int facility) - { - int cs; -@@ -107,7 +115,9 @@ static void _vsyslog(int priority, const char *message, va_list ap) - if (l2 >= sizeof buf - l) l = sizeof buf - 1; - else l += l2; - if (buf[l-1] != '\n') buf[l++] = '\n'; -- if (send(log_fd, buf, l, 0) < 0 && (log_opt & LOG_CONS)) { -+ if (send(log_fd, buf, l, 0) < 0 -+ && (__reopenlog() < 0 || send(log_fd, buf, l, 0) < 0) -+ && (log_opt & LOG_CONS)) { - fd = open("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC); - if (fd >= 0) { - dprintf(fd, "%.*s", l-hlen, buf+hlen); --- -2.4.5 - diff --git a/main/musl/0004-fix-missing-synchronization-in-atomic-store-on-i386-.patch b/main/musl/0004-fix-missing-synchronization-in-atomic-store-on-i386-.patch new file mode 100644 index 0000000000..f3195ff39e --- /dev/null +++ b/main/musl/0004-fix-missing-synchronization-in-atomic-store-on-i386-.patch @@ -0,0 +1,68 @@ +From 3c43c0761e1725fd5f89a9c028cbf43250abb913 Mon Sep 17 00:00:00 2001 +From: Rich Felker <dalias@aerifal.cx> +Date: Tue, 28 Jul 2015 18:40:18 +0000 +Subject: [PATCH] fix missing synchronization in atomic store on i386 and + x86_64 + +despite being strongly ordered, the x86 memory model does not preclude +reordering of loads across earlier stores. while a plain store +suffices as a release barrier, we actually need a full barrier, since +users of a_store subsequently load a waiter count to determine whether +to issue a futex wait, and using a stale count will result in soft +(fail-to-wake) deadlocks. these deadlocks were observed in malloc and +possible with stdio locks and other libc-internal locking. + +on i386, an atomic operation on the caller's stack is used as the +barrier rather than performing the store itself using xchg; this +avoids the need to read the cache line on which the store is being +performed. mfence is used on x86_64 where it's always available, and +could be used on i386 with the appropriate cpu model checks if it's +shown to perform better. +--- + arch/i386/atomic.h | 2 +- + arch/x32/atomic.h | 2 +- + arch/x86_64/atomic.h | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/arch/i386/atomic.h b/arch/i386/atomic.h +index 95fecbd..25441df 100644 +--- a/arch/i386/atomic.h ++++ b/arch/i386/atomic.h +@@ -88,7 +88,7 @@ static inline void a_dec(volatile int *x) + + static inline void a_store(volatile int *p, int x) + { +- __asm__( "movl %1, %0" : "=m"(*p) : "r"(x) : "memory" ); ++ __asm__( "movl %1, %0 ; lock ; orl $0,(%%esp)" : "=m"(*p) : "r"(x) : "memory" ); + } + + static inline void a_spin() +diff --git a/arch/x32/atomic.h b/arch/x32/atomic.h +index b2014cc..2ab1f7a 100644 +--- a/arch/x32/atomic.h ++++ b/arch/x32/atomic.h +@@ -83,7 +83,7 @@ static inline void a_dec(volatile int *x) + + static inline void a_store(volatile int *p, int x) + { +- __asm__( "mov %1, %0" : "=m"(*p) : "r"(x) : "memory" ); ++ __asm__( "mov %1, %0 ; mfence" : "=m"(*p) : "r"(x) : "memory" ); + } + + static inline void a_spin() +diff --git a/arch/x86_64/atomic.h b/arch/x86_64/atomic.h +index b2014cc..2ab1f7a 100644 +--- a/arch/x86_64/atomic.h ++++ b/arch/x86_64/atomic.h +@@ -83,7 +83,7 @@ static inline void a_dec(volatile int *x) + + static inline void a_store(volatile int *p, int x) + { +- __asm__( "mov %1, %0" : "=m"(*p) : "r"(x) : "memory" ); ++ __asm__( "mov %1, %0 ; mfence" : "=m"(*p) : "r"(x) : "memory" ); + } + + static inline void a_spin() +-- +2.4.6 + diff --git a/main/musl/0005-mitigate-vsz-explotion.patch b/main/musl/0005-mitigate-vsz-explotion.patch new file mode 100644 index 0000000000..93e4a883df --- /dev/null +++ b/main/musl/0005-mitigate-vsz-explotion.patch @@ -0,0 +1,53 @@ +diff --git a/src/malloc/malloc.c b/src/malloc/malloc.c +index eb68d55..b90636c 100644 +--- a/src/malloc/malloc.c ++++ b/src/malloc/malloc.c +@@ -464,18 +464,6 @@ void free(void *p) + if (next->psize != self->csize) a_crash(); + + for (;;) { +- /* Replace middle of large chunks with fresh zero pages */ +- if (reclaim && (self->psize & next->csize & C_INUSE)) { +- uintptr_t a = (uintptr_t)self + SIZE_ALIGN+PAGE_SIZE-1 & -PAGE_SIZE; +- uintptr_t b = (uintptr_t)next - SIZE_ALIGN & -PAGE_SIZE; +-#if 1 +- __madvise((void *)a, b-a, MADV_DONTNEED); +-#else +- __mmap((void *)a, b-a, PROT_READ|PROT_WRITE, +- MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED, -1, 0); +-#endif +- } +- + if (self->psize & next->csize & C_INUSE) { + self->csize = final_size | C_INUSE; + next->psize = final_size | C_INUSE; +@@ -505,6 +493,9 @@ void free(void *p) + } + } + ++ if (!(mal.binmap & 1ULL<<i)) ++ a_or_64(&mal.binmap, 1ULL<<i); ++ + self->csize = final_size; + next->psize = final_size; + unlock(mal.free_lock); +@@ -514,8 +505,17 @@ void free(void *p) + self->next->prev = self; + self->prev->next = self; + +- if (!(mal.binmap & 1ULL<<i)) +- a_or_64(&mal.binmap, 1ULL<<i); ++ /* Replace middle of large chunks with fresh zero pages */ ++ if (reclaim) { ++ uintptr_t a = (uintptr_t)self + SIZE_ALIGN+PAGE_SIZE-1 & -PAGE_SIZE; ++ uintptr_t b = (uintptr_t)next - SIZE_ALIGN & -PAGE_SIZE; ++#if 1 ++ __madvise((void *)a, b-a, MADV_DONTNEED); ++#else ++ __mmap((void *)a, b-a, PROT_READ|PROT_WRITE, ++ MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED, -1, 0); ++#endif ++ } + + unlock_bin(i); + } diff --git a/main/musl/APKBUILD b/main/musl/APKBUILD index 00a9414ab0..d1c65e085b 100644 --- a/main/musl/APKBUILD +++ b/main/musl/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Timo Teräs <timo.teras@iki.fi> pkgname=musl pkgver=1.1.10 -pkgrel=2 +pkgrel=3 pkgdesc="the musl c library (libc) implementation" url="http://www.musl-libc.org/" arch="all" @@ -14,7 +14,9 @@ subpackages="$pkgname-dev $pkgname-utils $pkgname-dbg libc6-compat:compat" source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz 0001-fix-uselocale-locale_t-0-to-not-modify-locale.patch 0002-ns_parse.c-fix-ns_skiprr.patch - 0003-reopen-syslog-socket-on-error.patch + 0003-handle-loss-of-syslog-socket-connection.patch + 0004-fix-missing-synchronization-in-atomic-store-on-i386-.patch + 0005-mitigate-vsz-explotion.patch ldconfig __stack_chk_fail_local.c @@ -134,7 +136,9 @@ compat() { md5sums="fc30892ee582c91920505bbd0021049f musl-1.1.10.tar.gz 787a1c3661a0fcf887ec0d3c4550e90b 0001-fix-uselocale-locale_t-0-to-not-modify-locale.patch b468a4063182bc08d6d100075067d7fe 0002-ns_parse.c-fix-ns_skiprr.patch -eddb1f6cfca2a57ff5463bbcd70d95f1 0003-reopen-syslog-socket-on-error.patch +ccf33ac806e1152b14316eadbb667fb3 0003-handle-loss-of-syslog-socket-connection.patch +14dd2ac16696f3bd894ffd8ce2e5ea15 0004-fix-missing-synchronization-in-atomic-store-on-i386-.patch +4b5d01740934c549173ef89575b70f97 0005-mitigate-vsz-explotion.patch 830d01f7821b978df770b06db3790921 ldconfig 0df687757221bbb0fc1aa67f1bd646f9 __stack_chk_fail_local.c 57ef2c63b9ec6a2041694ace97d4ffa2 getconf.c @@ -143,7 +147,9 @@ eddb1f6cfca2a57ff5463bbcd70d95f1 0003-reopen-syslog-socket-on-error.patch sha256sums="45bbe9b1c7f7a0f743477af1e103b6889bfe4dd9815e16f6c89f6c90831c8b7c musl-1.1.10.tar.gz af5821fd50ad1587a9ef8117dc1e121cdda573f623286c6af4793e999afe840f 0001-fix-uselocale-locale_t-0-to-not-modify-locale.patch 8b16b8bb3eef89c799aed85caf3f495abd00bbbba1819a5feeede781040296da 0002-ns_parse.c-fix-ns_skiprr.patch -2d50958ed69ccb4c67c5b7d8dc442e792efd80a2cd40e140ecfb237aff83b0a4 0003-reopen-syslog-socket-on-error.patch +624aeae194332de57c525306f00cc513a7708eff065fce75fe176645aa1c4062 0003-handle-loss-of-syslog-socket-connection.patch +aca83a914e90d9d1dbf8584fd00363301d453e324477e705dc3086ba00db2fb5 0004-fix-missing-synchronization-in-atomic-store-on-i386-.patch +b33c02f11b8ec1aad49bc054b1a52486077156dd7d91d3b68108f7e1cb6c53ac 0005-mitigate-vsz-explotion.patch b4a2c06db38742e8c42c3c9838b285a7d8cdac6c091ff3df5ff9a15f1e41b9c7 ldconfig 299a7d75a09de3e2e11e7fb4acc3182e4a14e868093d2f30938fce9bfcff13da __stack_chk_fail_local.c d87d0cbb3690ae2c5d8cc218349fd8278b93855dd625deaf7ae50e320aad247c getconf.c @@ -152,7 +158,9 @@ f79a2930a2e5bb0624321589edf8b889d1e9b603e01e6b7ae214616605b3fdd7 iconv.c" sha512sums="183a66a8cc9cd056a8387a1602dd44b502d8976642a21dd0dcef51165fa0dec8a4a124fda6c1918f402b20ad2d6037fcc188a8b174b07a0cbedf11fc2e011141 musl-1.1.10.tar.gz a77981c637a091e19435ee8b3ef3ee21dbc7171f8fa88b59cfd42934a270bb92c9c3777c176fa64c814cd531244764f440f46fce532c4192d9727baa144b98e6 0001-fix-uselocale-locale_t-0-to-not-modify-locale.patch 08e2ce562acef8dc4232461ffdbc1c948c19025495a8c59b1328f83cb2baf3ee5db67b7d0d54794aa639d008286bedb5453d9afbc7e6e56b2f64f95d9b76be85 0002-ns_parse.c-fix-ns_skiprr.patch -51415ef29feca5393db27ad885a973ec7bc51a6e150c1392143b7b1021a9822e4b61595ab7c402305f4093944373effff59133d49e3f3f30c7a849cc1e7ff8ec 0003-reopen-syslog-socket-on-error.patch +68ea86c8a388c1b122ef2e07fff847c9fbecc0ca818b2710c52976fbd91c11e0ed07c612ce8771ab6e2520e813701ea764e84744d7e08fa54616230c6499da01 0003-handle-loss-of-syslog-socket-connection.patch +9a696b0eeebffee21ae84d4fc415b36b93e412ddd4a7272ed3cfe93e06c9815c4070ea998d63de348b2ee82180162a586326f1741f1d98088c27989354c5ecb3 0004-fix-missing-synchronization-in-atomic-store-on-i386-.patch +2141c557a5f71a38510703d8266ed3fd21adfe137892b0fe81adcb28841b20a495f419beb273f381e6d9cb7f61cb8b182a249da61bf5a7b9df42b84235a01bc4 0005-mitigate-vsz-explotion.patch 8d3a2d5315fc56fee7da9abb8b89bb38c6046c33d154c10d168fb35bfde6b0cf9f13042a3bceee34daf091bc409d699223735dcf19f382eeee1f6be34154f26f ldconfig 062bb49fa54839010acd4af113e20f7263dde1c8a2ca359b5fb2661ef9ed9d84a0f7c3bc10c25dcfa10bb3c5a4874588dff636ac43d5dbb3d748d75400756d0b __stack_chk_fail_local.c 0d80f37b34a35e3d14b012257c50862dfeb9d2c81139ea2dfa101d981d093b009b9fa450ba27a708ac59377a48626971dfc58e20a3799084a65777a0c32cbc7d getconf.c |