[glibc] Add fix for CVE-2021-38604. Fixes JB#55185

0001-Fix-libc6-alignment-error-in-lib-ld-linux.so.3-on-ar.patch

@@ -0,0 +1,41 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Bidar?= <bjorn.bidar@jolla.com>
+Date: Tue, 31 Aug 2021 00:17:48 +0300
+Subject: [PATCH] Fix libc6: alignment error in /lib/ld-linux.so.3 on armel
+
+Source of the patch is:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548842
+https://sourceware.org/legacy-ml/crossgcc/2009-11/msg00008.html
+---
+ sysdeps/arm/dl-machine.h | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/sysdeps/arm/dl-machine.h b/sysdeps/arm/dl-machine.h
+index 7a2f9d9b782e321dc26f117ea9719eb2191a1ccf..87f1bccb5615f54803f028316c5390874ec1ceb3 100644
+--- a/sysdeps/arm/dl-machine.h
++++ b/sysdeps/arm/dl-machine.h
+@@ -626,13 +626,22 @@ elf_machine_rela (struct link_map *map, const Elf32_Rela *reloc,
+ }
+ # endif
+
++union arm_unaligned_data {
++  Elf32_Addr l_addr;
++} __attribute__ ((packed));
++
+ auto inline void
+ __attribute__ ((always_inline))
+ elf_machine_rel_relative (Elf32_Addr l_addr, const Elf32_Rel *reloc,
+ 			  void *const reloc_addr_arg)
+ {
+-  Elf32_Addr *const reloc_addr = reloc_addr_arg;
+-  *reloc_addr += l_addr;
++  if (((long)reloc_addr_arg) & 0x3) {
++    union arm_unaligned_data *const lpdata = reloc_addr_arg;
++    lpdata->l_addr += l_addr;
++  } else {
++    Elf32_Addr *const reloc_addr = reloc_addr_arg;
++    *reloc_addr += l_addr;
++  }
+ }
+
+ # ifndef RTLD_BOOTSTRAP

glibc-2.25-arm-runfast.patch → 0002-ARM-default-to-FPU-RunFast-mode.patch

@@ -1,21 +1,36 @@
-diff -ru eglibc-2.18/csu/init-first.c eglibc-2.18-runfast/csu/init-first.c
---- eglibc-2.18/csu/init-first.c	2013-01-10 00:28:48.000000000 +0000
-+++ eglibc-2.18-runfast/csu/init-first.c	2014-01-01 10:46:24.000000000 +0000
-@@ -69,6 +69,9 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Bidar?= <bjorn.bidar@jolla.com>
+Date: Tue, 31 Aug 2021 02:07:12 +0300
+Subject: [PATCH] ARM: default to FPU RunFast mode
+
+---
+ csu/init-first.c          | 5 +++++
+ sysdeps/arm/fpu_control.h | 8 +++++---
+ 2 files changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/csu/init-first.c b/csu/init-first.c
+index 10762b61f590df5e2bde19d6554e21e8cacc76ee..7257fc005088a1f71d3b058d4d1f4abe1ffbbb7d 100644
+--- a/csu/init-first.c
++++ b/csu/init-first.c
+@@ -63,6 +63,11 @@ _init (int argc, char **argv, char **envp)
  	__setfpucw (__fpu_control);
      }
-
+
++#if defined(__arm__)
 +  /* Set the default FPU mode once again it is RunFast */
 +  _FPU_SETCW(_FPU_DEFAULT);
++#endif
 +
    /* Save the command-line arguments.  */
    __libc_argc = argc;
    __libc_argv = argv;
---- eglibc-2.18/ports/sysdeps/arm/fpu_control.h	2013-06-24 22:42:26.000000000 +0000
-+++ eglibc-2.18-runfast/sysdeps/arm/fpu_control.h	2014-01-01 11:06:13.000000000 +0000
+diff --git a/sysdeps/arm/fpu_control.h b/sysdeps/arm/fpu_control.h
+index dcf39fcb03612a0d2f7a28b588aa60dc5061e4e7..c32b219b746f5e7bbf75ceaa0806882cba67452c 100644
+--- a/sysdeps/arm/fpu_control.h
++++ b/sysdeps/arm/fpu_control.h
 @@ -22,7 +22,8 @@
  #if !(defined(_LIBC) && !defined(_LIBC_TEST)) && defined(__SOFTFP__)
-
+ 
  #define _FPU_RESERVED 0xffffffff
 -#define _FPU_DEFAULT  0x00000000
 +#define _FPU_DEFAULT    (3 << 24)
@@ -30,10 +45,10 @@ diff -ru eglibc-2.18/csu/init-first.c eglibc-2.18-runfast/csu/init-first.c
 -#define _FPU_DEFAULT    0x00000000
 +/* The default mode is RunFast */
 +#define _FPU_DEFAULT   (3 << 24)
-
+ 
  /* Default + exceptions enabled.  */
 -#define _FPU_IEEE	(_FPU_DEFAULT | 0x00001f00)
 +#define _FPU_IEEE	0x00001f00
-
+ 
  /* Type of the control word.  */
  typedef unsigned int fpu_control_t;

glibc-2.14-locarchive-fedora.patch → 0003-Fix-locale-archives-fixing-MER-295.patch

@@ -1,7 +1,17 @@
-diff -Nrup a/locale/programs/locarchive.c b/locale/programs/locarchive.c
---- a/locale/programs/locarchive.c	2012-01-01 05:16:32.000000000 -0700
-+++ b/locale/programs/locarchive.c	2012-04-05 15:41:04.332889619 -0600
-@@ -253,9 +253,9 @@ oldlocrecentcmp (const void *a, const vo
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Bidar?= <bjorn.bidar@jolla.com>
+Date: Tue, 31 Aug 2021 01:37:16 +0300
+Subject: [PATCH] Fix locale archives, fixing MER#295
+
+---
+ locale/programs/locarchive.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/locale/programs/locarchive.c b/locale/programs/locarchive.c
+index e6310b18beee8dd2a6d505fedfecbc8df7ec4400..7d50c758f1a7bc47525dd7f5c5cf4697dc44ab38 100644
+--- a/locale/programs/locarchive.c
++++ b/locale/programs/locarchive.c
+@@ -281,9 +281,9 @@ oldlocrecentcmp (const void *a, const void *b)
  /* forward decls for below */
  static uint32_t add_locale (struct locarhandle *ah, const char *name,
  			    locale_data_t data, bool replace);
@@ -14,7 +24,7 @@ diff -Nrup a/locale/programs/locarchive.c b/locale/programs/locarchive.c
 
 
  static bool
-@@ -636,7 +636,7 @@ close_archive (struct locarhandle *ah)
+@@ -695,7 +695,7 @@ close_archive (struct locarhandle *ah)
  #include "../../intl/explodename.c"
  #include "../../intl/l10nflist.c"
 
@@ -23,12 +33,12 @@ diff -Nrup a/locale/programs/locarchive.c b/locale/programs/locarchive.c
  insert_name (struct locarhandle *ah,
  	     const char *name, size_t name_len, bool replace)
  {
-@@ -694,7 +694,7 @@ insert_name (struct locarhandle *ah,
+@@ -756,7 +756,7 @@ insert_name (struct locarhandle *ah,
    return &namehashtab[idx];
  }
 
 -static void
 +void
  add_alias (struct locarhandle *ah, const char *alias, bool replace,
  	   const char *oldname, uint32_t *locrec_offset_p)
- {
+ {

eglibc-2.15-fix-neon-libdl.patch → 0004-Fix-crash-when-linking-with-libdl-on-arm-with-NEON.patch

@@ -1,3 +1,8 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Bidar?= <bjorn.bidar@jolla.com>
+Date: Tue, 31 Aug 2021 01:19:23 +0300
+Subject: [PATCH] Fix crash when linking with libdl on arm with NEON
+
 When compiled for arm with -mfpu=neon, the .init_array section declared
 here becomes 64-bit aligned. Since the dynamic linker expects an array of
 32-bit function pointers with no gaps, this causes an immediate SIGSEGV
@@ -16,10 +21,15 @@ attribute wasn't available yet when this code was written.)
 
 Richard Braakman
 richard.braakman@jollamobile.com
+---
+ dlfcn/dlfcn.c | 9 +--------
+ 1 file changed, 1 insertion(+), 8 deletions(-)
 
---- eglibc-2.15/dlfcn/dlfcn.c	2006-08-17 04:18:26.000000000 +0300
-+++ glibc-fixed/dlfcn/dlfcn.c	2013-06-10 13:20:34.846885906 +0300
-@@ -24,16 +24,9 @@
+diff --git a/dlfcn/dlfcn.c b/dlfcn/dlfcn.c
+index b30f42d50dbd3f1d4b70d80ecbf9cd9fdfb8f460..69b82e7dafe8da3db7c42896cd55d34c15b92fdf 100644
+--- a/dlfcn/dlfcn.c
++++ b/dlfcn/dlfcn.c
+@@ -23,16 +23,9 @@ int __dlfcn_argc attribute_hidden;
  char **__dlfcn_argv attribute_hidden;
 
 

eglibc-2.19-shlib-make.patch → 0005-Fix-shlib.lds-generation.patch

@@ -1,8 +1,21 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Bidar?= <bjorn.bidar@jolla.com>
+Date: Tue, 31 Aug 2021 01:34:24 +0300
+Subject: [PATCH] Fix shlib.lds generation
+
+Generate sed command line used to create shlib.lds before invoking it
+to prevent buffer overflow in make.
+
+Fixes MER#472
+---
+ Makerules | 23 ++++++++++++-----------
+ 1 file changed, 12 insertions(+), 11 deletions(-)
+
 diff --git a/Makerules b/Makerules
-index b46b09b..297e605 100644
+index 83bdd3a44d0d42db6634b91f26bc1d126aa43c3f..6b85423c4a12bed4518688ac55f9cae3857117d5 100644
 --- a/Makerules
 +++ b/Makerules
-@@ -454,25 +454,19 @@ shlib-lds-flags =
+@@ -553,25 +553,19 @@ shlib-lds-flags =
  else
  # binutils only position loadable notes into the first page for binaries,
  # not for shared objects
@@ -33,9 +46,9 @@ index b46b09b..297e605 100644
  		 PROVIDE(__start___libc_subfreeres = .);\
  		 __libc_subfreeres : { *(__libc_subfreeres) }\
  		 PROVIDE(__stop___libc_subfreeres = .);\
-@@ -483,6 +477,13 @@ $(common-objpfx)shlib.lds: $(common-objpfx)config.make $(..)Makerules
- 		 __libc_thread_subfreeres : { *(__libc_thread_subfreeres) }\
- 		 PROVIDE(__stop___libc_thread_subfreeres = .);\
+@@ -582,6 +576,13 @@ $(common-objpfx)shlib.lds: $(common-objpfx)config.make $(..)Makerules
+ 		 __libc_IO_vtables : { *(__libc_IO_vtables) }\
+ 		 PROVIDE(__stop___libc_IO_vtables = .);\
  		 /DISCARD/ : { *(.gnu.glibc-stub.*) }@'
 +$(common-objpfx)shlib.lds: $(common-objpfx)config.make $(..)Makerules
 +	$(LINK.o) -shared -Wl,-O1 \

glibc-2.25-nscd-socket-location.diff → 0006-scratchbox2-Allow-specifying-of-nscd-socket-location.patch

@@ -1,10 +1,24 @@
-diff -ur glibc-2.14.1+p3/nscd/connections.c glibc-2.14.1/nscd/connections.c
---- glibc-2.14.1+p3/nscd/connections.c	2011-10-07 12:48:55.000000000 +0300
-+++ glibc-2.14.1/nscd/connections.c	2011-11-16 17:22:40.000000000 +0200
-@@ -502,6 +502,20 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Bidar?= <bjorn.bidar@jolla.com>
+Date: Tue, 31 Aug 2021 01:47:36 +0300
+Subject: [PATCH] (scratchbox2) Allow specifying of nscd socket location
+
+This patch makes location of nscd's socket to be run-time
+configurable via an environment variable.
+---
+ nscd/connections.c | 25 ++++++++++++++++++++++---
+ nscd/nscd.c        | 21 +++++++++++++++++----
+ nscd/nscd_helper.c | 16 +++++++++++++++-
+ 3 files changed, 54 insertions(+), 8 deletions(-)
+
+diff --git a/nscd/connections.c b/nscd/connections.c
+index a9bc00de9056c83b579c0fb7a1e29a9a98c6a5bb..05953bfcc2da3e8e4eff8f49205aa42435976fe5 100644
+--- a/nscd/connections.c
++++ b/nscd/connections.c
+@@ -477,6 +477,20 @@ fail:
    return 0;
  }
-
+ 
 +int __nscd_get_socket_path(char *buf, size_t bufsiz)
 +{
 +  const char *ext_nscd_socket_path = getenv ("NSCD_SOCKET_PATH");
@@ -19,10 +33,10 @@ diff -ur glibc-2.14.1+p3/nscd/connections.c glibc-2.14.1/nscd/connections.c
 +  return 0;
 +}
 +
-
- #ifdef O_CLOEXEC
- # define EXTRA_O_FLAGS O_CLOEXEC
-@@ -900,10 +914,15 @@
+ 
+ /* Initialize database information structures.  */
+ void
+@@ -788,15 +802,20 @@ cannot create read-only descriptor for \"%s\"; no mmap"),
    /* Bind a name to the socket.  */
    struct sockaddr_un sock_addr;
    sock_addr.sun_family = AF_UNIX;
@@ -39,44 +53,42 @@ diff -ur glibc-2.14.1+p3/nscd/connections.c glibc-2.14.1/nscd/connections.c
 +      dbg_log ("%s: %s", sock_addr.sun_path, strerror (errno));
        do_exit (errno == EACCES ? 4 : 1, 0, NULL);
      }
-
-@@ -930,7 +949,7 @@
- #endif
-
+
    /* Set permissions for the socket.  */
 -  chmod (_PATH_NSCDSOCKET, DEFFILEMODE);
 +  chmod (sock_addr.sun_path, DEFFILEMODE);
-
+ 
    /* Set the socket up to accept connections.  */
    if (listen (sock, SOMAXCONN) < 0)
-diff -ur glibc-2.14.1+p3/nscd/nscd.c glibc-2.14.1/nscd/nscd.c
---- glibc-2.14.1+p3/nscd/nscd.c	2011-10-07 12:48:55.000000000 +0300
-+++ glibc-2.14.1/nscd/nscd.c	2011-11-16 17:22:40.000000000 +0200
-@@ -126,6 +126,8 @@
- /* True if only statistics are requested.  */
+diff --git a/nscd/nscd.c b/nscd/nscd.c
+index eea1db7ad500cac4a405a6eba62e0f13dbbc16ef..6c68dee3a1a361c04e204273ab8c5eecfb68ceb6 100644
+--- a/nscd/nscd.c
++++ b/nscd/nscd.c
+@@ -134,6 +134,8 @@ static struct argp argp =
  static bool get_stats;
-
+ static int parent_fd = -1;
+
 +extern int __nscd_get_socket_path(char *buf, size_t bufsiz);
 +
  int
  main (int argc, char **argv)
  {
-@@ -270,7 +272,11 @@
+@@ -290,7 +292,11 @@ main (int argc, char **argv)
    signal (SIGPIPE, SIG_IGN);
-
+ 
    /* Cleanup files created by a previous 'bind'.  */
 -  unlink (_PATH_NSCDSOCKET);
 +  {
 +    struct sockaddr_un addr;
 +    if (__nscd_get_socket_path (addr.sun_path, sizeof(addr.sun_path)) >= 0)
 +      unlink (addr.sun_path);
 +  }
-
-   /* Make sure we do not get recursive calls.  */
-   __nss_disable_nscd ();
-@@ -448,8 +454,12 @@
+ 
+ #ifdef HAVE_INOTIFY
+   /* Use inotify to recognize changed files.  */
+@@ -528,8 +534,12 @@ nscd_open_socket (void)
      return -1;
-
+ 
    addr.sun_family = AF_UNIX;
 -  assert (sizeof (addr.sun_path) >= sizeof (_PATH_NSCDSOCKET));
 -  strcpy (addr.sun_path, _PATH_NSCDSOCKET);
@@ -89,28 +101,29 @@ diff -ur glibc-2.14.1+p3/nscd/nscd.c glibc-2.14.1/nscd/nscd.c
    if (connect (sock, (struct sockaddr *) &addr, sizeof (addr)) < 0)
      {
        close (sock);
-@@ -464,10 +474,13 @@
+@@ -544,10 +554,13 @@ nscd_open_socket (void)
  void
  termination_handler (int signum)
  {
 +  struct sockaddr_un addr;
 +
    close_sockets ();
-
+ 
    /* Clean up the file created by 'bind'.  */
 -  unlink (_PATH_NSCDSOCKET);
 +  if (__nscd_get_socket_path (addr.sun_path, sizeof(addr.sun_path)) >= 0)
 +    unlink (addr.sun_path);
-
+ 
    /* Clean up pid file.  */
    unlink (_PATH_NSCDPID);
-diff -ur glibc-2.14.1+p3/nscd/nscd_helper.c glibc-2.14.1/nscd/nscd_helper.c
---- glibc-2.14.1+p3/nscd/nscd_helper.c	2011-10-07 12:48:55.000000000 +0300
-+++ glibc-2.14.1/nscd/nscd_helper.c	2011-11-16 17:22:40.000000000 +0200
-@@ -159,6 +159,19 @@
+diff --git a/nscd/nscd_helper.c b/nscd/nscd_helper.c
+index 733c2a60cd01338c344fabb5a9dccb71f6ba9492..55b7d234633ed23bd8b1f72f2175f1e533388090 100644
+--- a/nscd/nscd_helper.c
++++ b/nscd/nscd_helper.c
+@@ -160,6 +160,19 @@ __readvall (int fd, const struct iovec *iov, int iovcnt)
    return ret;
  }
-
+ 
 +static int nscd_get_socket_path(char *buf, size_t bufsiz)
 +{
 +  const char *ext_nscd_socket_path = getenv ("NSCD_SOCKET_PATH");
@@ -124,11 +137,11 @@ diff -ur glibc-2.14.1+p3/nscd/nscd_helper.c glibc-2.14.1/nscd/nscd_helper.c
 +  if (sizeof(_PATH_NSCDSOCKET) >= bufsiz) return -1;
 +  return 0;
 +}
-
+ 
  static int
  open_socket (request_type type, const char *key, size_t keylen)
-@@ -203,7 +216,8 @@
-
+@@ -179,7 +192,8 @@ open_socket (request_type type, const char *key, size_t keylen)
+ 
    struct sockaddr_un sun;
    sun.sun_family = AF_UNIX;
 -  strcpy (sun.sun_path, _PATH_NSCDSOCKET);