Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libcap for openSUSE:Factory checked
in at 2022-02-03 23:16:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libcap (Old)
and /work/SRC/openSUSE:Factory/.libcap.new.1898 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libcap"
Thu Feb 3 23:16:16 2022 rev:51 rq:950291 version:2.63
Changes:
--------
--- /work/SRC/openSUSE:Factory/libcap/libcap.changes 2022-01-02
16:06:25.195882870 +0100
+++ /work/SRC/openSUSE:Factory/.libcap.new.1898/libcap.changes 2022-02-03
23:16:52.392454381 +0100
@@ -1,0 +2,11 @@
+Mon Jan 31 20:08:24 UTC 2022 - Dirk M??ller <dmuel...@suse.com>
+
+- update to 2.63:
+ * restore errno to zero by the time main() is executed
+ * Consistent psx handling (a panic) for syscalls that return thread dependent
+ status Inconsistend behavior noticed by Lorenz Bauer
+ * Add a test case for a deadlock under investigation in golang
+ * Trim some of the #include file use to make the tree compile more
+ efficiently
+
+-------------------------------------------------------------------
Old:
----
libcap-2.62.tar.sign
libcap-2.62.tar.xz
New:
----
libcap-2.63.tar.sign
libcap-2.63.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libcap.spec ++++++
--- /var/tmp/diff_new_pack.LgrXYs/_old 2022-02-03 23:16:52.928450722 +0100
+++ /var/tmp/diff_new_pack.LgrXYs/_new 2022-02-03 23:16:52.932450695 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libcap
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: libcap
-Version: 2.62
+Version: 2.63
Release: 0
Summary: Library for Capabilities (linux-privs) Support
License: BSD-3-Clause AND GPL-2.0-only
++++++ libcap-2.62.tar.xz -> libcap-2.63.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/Make.Rules new/libcap-2.63/Make.Rules
--- old/libcap-2.62/Make.Rules 2021-12-12 03:05:17.000000000 +0100
+++ new/libcap-2.63/Make.Rules 2022-01-24 01:45:25.000000000 +0100
@@ -1,7 +1,7 @@
# Common version number defines for libcap
LIBTITLE=libcap
VERSION=2
-MINOR=62
+MINOR=63
#
## Optional prefixes:
@@ -148,7 +148,7 @@
# vestige of legacy workarounds then.
CGO_LDFLAGS_ALLOW := CGO_LDFLAGS_ALLOW="-Wl,-?-wrap[=,][^-.@][^,]*"
endif
-CGO_CFLAGS := -I$(topdir)/libcap/include
+CGO_CFLAGS := $(LIBCAP_INCLUDES)
CGO_LDFLAGS := -L$(topdir)/libcap
GO_BUILD_FLAGS :=
endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/Makefile new/libcap-2.63/Makefile
--- old/libcap-2.62/Makefile 2021-12-12 00:00:00.000000000 +0100
+++ new/libcap-2.63/Makefile 2022-01-24 01:45:25.000000000 +0100
@@ -52,7 +52,7 @@
$(MAKE) DYNAMIC=no COPTS="-D_FORTIFY_SOURCE=2 -O1 -g" clean test
$(MAKE) DYNAMIC=yes clean all test sudotest
$(MAKE) DYNAMIC=no COPTS="-O2 -std=c89" clean all test sudotest
- $(MAKE) PAM_CAP=no CC=/usr/local/musl/bin/musl-gcc clean all test
sudotest
+ $(MAKE) PAM_CAP=no CC=musl-gcc clean all test sudotest
$(MAKE) CC=clang clean all test sudotest
$(MAKE) clean all test sudotest
$(MAKE) distclean
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/cap/go.mod new/libcap-2.63/cap/go.mod
--- old/libcap-2.62/cap/go.mod 2021-12-12 03:05:53.000000000 +0100
+++ new/libcap-2.63/cap/go.mod 2022-01-24 01:45:25.000000000 +0100
@@ -2,4 +2,4 @@
go 1.11
-require kernel.org/pub/linux/libs/security/libcap/psx v1.2.62
+require kernel.org/pub/linux/libs/security/libcap/psx v1.2.63
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/contrib/seccomp/go.mod
new/libcap-2.63/contrib/seccomp/go.mod
--- old/libcap-2.62/contrib/seccomp/go.mod 2021-12-12 03:05:53.000000000
+0100
+++ new/libcap-2.63/contrib/seccomp/go.mod 2022-01-24 01:45:25.000000000
+0100
@@ -2,4 +2,4 @@
go 1.14
-require kernel.org/pub/linux/libs/security/libcap/psx v1.2.62
+require kernel.org/pub/linux/libs/security/libcap/psx v1.2.63
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/doc/Makefile new/libcap-2.63/doc/Makefile
--- old/libcap-2.62/doc/Makefile 2021-12-12 00:00:00.000000000 +0100
+++ new/libcap-2.63/doc/Makefile 2021-12-12 22:47:05.000000000 +0100
@@ -26,7 +26,8 @@
cap_iab_get_proc.3 cap_iab_get_pid.3 cap_iab_set_proc.3 \
cap_iab_to_text.3 cap_iab_from_text.3 cap_iab_get_vector.3 \
cap_iab_set_vector.3 cap_iab_fill.3 \
- psx_syscall.3 psx_syscall3.3 psx_syscall6.3 libpsx.3
+ psx_syscall.3 psx_syscall3.3 psx_syscall6.3 psx_set_sensitivity.3 \
+ libpsx.3
MAN8S = getcap.8 setcap.8 getpcaps.8 captree.8
MANS = $(MAN1S) $(MAN3S) $(MAN8S)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/doc/libpsx.3 new/libcap-2.63/doc/libpsx.3
--- old/libcap-2.62/doc/libpsx.3 2021-05-24 21:50:45.000000000 +0200
+++ new/libcap-2.63/doc/libpsx.3 2021-12-12 22:47:05.000000000 +0100
@@ -1,12 +1,13 @@
-.TH LIBPSX 3 "2021-03-06" "" "Linux Programmer's Manual"
+.TH LIBPSX 3 "2021-12-12" "" "Linux Programmer's Manual"
.SH NAME
-psx_syscall3, psx_syscall6 \- POSIX semantics for system calls
+psx_syscall3, psx_syscall6, psx_set_sensitivity \- POSIX semantics for system
calls
.SH SYNOPSIS
.nf
#include <sys/psx_syscall.h>
long int psx_syscall3(long int syscall_nr, long int arg1, long int arg2, long
int arg3);
long int psx_syscall6(long int syscall_nr, long int arg1, long int arg2, long
int arg3, long int arg4, long int arg5, long int arg6);
+int psx_set_sensitivity(psx_sensitivity_t sensitivity);
.fi
.sp
Link with one of these:
@@ -62,6 +63,17 @@
and
.BR psx_syscall6 ()
functions as needed.
+.PP
+.BR psx_set_sensitivity ()
+changes the behavior of the mirrored system calls:
+.B PSX_IGNORE
+ensures that differences are ignored (the default behavior);
+.B PSX_WARNING
+prints a stderr notification about how the results differ; and
+.B PSX_ERROR
+prints the error details and generates a
+.B SIGSYS
+signal.
.SH RETURN VALUE
The return value for system call functions is generally the value
returned by the kernel, or \-1 in the case of an error. In such cases
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/doc/psx_set_sensitivity.3
new/libcap-2.63/doc/psx_set_sensitivity.3
--- old/libcap-2.62/doc/psx_set_sensitivity.3 1970-01-01 01:00:00.000000000
+0100
+++ new/libcap-2.63/doc/psx_set_sensitivity.3 2021-12-12 22:47:05.000000000
+0100
@@ -0,0 +1 @@
+.so man3/libpsx.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/go/.gitignore
new/libcap-2.63/go/.gitignore
--- old/libcap-2.62/go/.gitignore 2021-12-12 00:00:00.000000000 +0100
+++ new/libcap-2.63/go/.gitignore 2022-01-24 01:45:25.000000000 +0100
@@ -2,11 +2,15 @@
compare-cap
try-launching
try-launching-cgo
+psx-fd
+psx-fd-cgo
psx-signals
psx-signals-cgo
b210613
b215283
b215283-cgo
+mismatch
+mismatch-cgo
mknames
web
setid
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/go/Makefile new/libcap-2.63/go/Makefile
--- old/libcap-2.62/go/Makefile 2021-12-12 00:00:00.000000000 +0100
+++ new/libcap-2.63/go/Makefile 2022-01-24 01:45:25.000000000 +0100
@@ -14,7 +14,7 @@
PKGDIR=pkg/$(GOOSARCH)/$(IMPORTDIR)
DEPS=../libcap/libcap.a ../libcap/libpsx.a
-TESTS=compare-cap try-launching psx-signals
+TESTS=compare-cap try-launching psx-signals mismatch
all: PSXGOPACKAGE CAPGOPACKAGE web setid gowns captree
@@ -83,6 +83,18 @@
CC="$(CC)" CGO_ENABLED="1" $(CGO_LDFLAGS_ALLOW) $(GO) build
$(GO_BUILD_FLAGS) -mod=vendor -o $@-cgo $<
endif
+# This is a test case developed from the deadlock investigation,
+# https://github.com/golang/go/issues/50113 . Note the psx-fd.go code
+# works when compiled CGO_ENABLED=1, but deadlocks when compiled
+# CGO_ENABLED=0. At the time of writing, this is true for go1.16+.
+psx-fd: psx-fd.go PSXGOPACKAGE
+ CC="$(CC)" CGO_ENABLED="$(CGO_REQUIRED)" $(CGO_LDFLAGS_ALLOW) $(GO)
build $(GO_BUILD_FLAGS) -mod=vendor -o $@ $<
+
+ifeq ($(CGO_REQUIRED),0)
+psx-fd-cgo: psx-fd.go PSXGOPACKAGE
+ CC="$(CC)" CGO_ENABLED="1" $(CGO_LDFLAGS_ALLOW) $(GO) build
$(GO_BUILD_FLAGS) -mod=vendor -o $@ $<
+endif
+
psx-signals: psx-signals.go PSXGOPACKAGE
CC="$(CC)" CGO_ENABLED="$(CGO_REQUIRED)" $(CGO_LDFLAGS_ALLOW)
CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" $(GO) build
$(GO_BUILD_FLAGS) -mod=vendor $<
@@ -102,14 +114,26 @@
CC="$(CC)" CGO_ENABLED="1" $(CGO_LDFLAGS_ALLOW)
CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" $(GO) build
$(GO_BUILD_FLAGS) -mod=vendor -o $@ $<
endif
-test: setid gowns captree $(TESTS)
+mismatch: mismatch.go PSXGOPACKAGE
+ CC="$(CC)" CGO_ENABLED="$(CGO_REQUIRED)" $(CGO_LDFLAGS_ALLOW)
CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" $(GO) build
$(GO_BUILD_FLAGS) -mod=vendor $<
+
+ifeq ($(CGO_REQUIRED),0)
+mismatch-cgo: mismatch.go CAPGOPACKAGE
+ CC="$(CC)" CGO_ENABLED="1" $(CGO_LDFLAGS_ALLOW)
CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" $(GO) build
$(GO_BUILD_FLAGS) -mod=vendor -o $@ $<
+endif
+
+test: setid gowns captree psx-fd $(TESTS)
CC="$(CC)" CGO_ENABLED="$(CGO_REQUIRED)" $(CGO_LDFLAGS_ALLOW) $(GO)
test -mod=vendor $(IMPORTDIR)/psx
CC="$(CC)" CGO_ENABLED="$(CGO_REQUIRED)" $(CGO_LDFLAGS_ALLOW) $(GO)
test -mod=vendor $(IMPORTDIR)/cap
LD_LIBRARY_PATH=../libcap ./compare-cap
./psx-signals
+ ./mismatch || exit 0 ; exit 1
+ timeout 5 ./psx-fd || echo "this is a known Go bug"
ifeq ($(CGO_REQUIRED),0)
- $(MAKE) psx-signals-cgo
+ $(MAKE) psx-signals-cgo mismatch-cgo psx-fd-cgo
./psx-signals-cgo
+ ./mismatch-cgo || exit 0 ; exit 1
+ ./psx-fd-cgo
endif
./setid --caps=false
./gowns -- -c "echo gowns runs"
@@ -157,4 +181,5 @@
rm -f compare-cap try-launching try-launching-cgo
rm -f $(topdir)/cap/*~ $(topdir)/psx/*~
rm -f b210613 b215283 b215283-cgo psx-signals psx-signals-cgo
+ rm -f mismatch mismatch-cgo psx-fd psx-fd-cgo
rm -fr vendor CAPGOPACKAGE PSXGOPACKAGE go.sum
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/go/go.mod new/libcap-2.63/go/go.mod
--- old/libcap-2.62/go/go.mod 2021-12-12 03:05:53.000000000 +0100
+++ new/libcap-2.63/go/go.mod 2022-01-24 01:45:25.000000000 +0100
@@ -3,6 +3,6 @@
go 1.11
require (
- kernel.org/pub/linux/libs/security/libcap/cap v1.2.62
- kernel.org/pub/linux/libs/security/libcap/psx v1.2.62
+ kernel.org/pub/linux/libs/security/libcap/cap v1.2.63
+ kernel.org/pub/linux/libs/security/libcap/psx v1.2.63
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/go/mismatch.go
new/libcap-2.63/go/mismatch.go
--- old/libcap-2.62/go/mismatch.go 1970-01-01 01:00:00.000000000 +0100
+++ new/libcap-2.63/go/mismatch.go 2021-12-12 22:47:05.000000000 +0100
@@ -0,0 +1,15 @@
+// Program mismatch should panic because the syscall being requested
+// never returns consistent results.
+package main
+
+import (
+ "fmt"
+ "syscall"
+
+ "kernel.org/pub/linux/libs/security/libcap/psx"
+)
+
+func main() {
+ tid, _, err := psx.Syscall3(syscall.SYS_GETTID, 0, 0, 0)
+ fmt.Printf("gettid() -> %d: %v\n", tid, err)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/go/psx-fd.go new/libcap-2.63/go/psx-fd.go
--- old/libcap-2.62/go/psx-fd.go 1970-01-01 01:00:00.000000000 +0100
+++ new/libcap-2.63/go/psx-fd.go 2022-01-24 01:45:25.000000000 +0100
@@ -0,0 +1,25 @@
+package main
+
+import (
+ "log"
+ "os"
+ "syscall"
+ "time"
+
+ "kernel.org/pub/linux/libs/security/libcap/psx"
+)
+
+const prSetKeepCaps = 8
+
+func main() {
+ r, w, err := os.Pipe()
+ if err != nil {
+ log.Fatalf("failed to obtain pipe: %v", err)
+ }
+ data := make([]byte, 2+r.Fd())
+ go r.Read(data)
+ time.Sleep(500 * time.Millisecond)
+ psx.Syscall3(syscall.SYS_PRCTL, prSetKeepCaps, 1, 0)
+ w.Close()
+ r.Close()
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/goapps/captree/go.mod
new/libcap-2.63/goapps/captree/go.mod
--- old/libcap-2.62/goapps/captree/go.mod 2021-12-12 03:05:53.000000000
+0100
+++ new/libcap-2.63/goapps/captree/go.mod 2022-01-24 01:45:25.000000000
+0100
@@ -2,4 +2,4 @@
go 1.16
-require kernel.org/pub/linux/libs/security/libcap/cap v1.2.62
+require kernel.org/pub/linux/libs/security/libcap/cap v1.2.63
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/goapps/gowns/go.mod
new/libcap-2.63/goapps/gowns/go.mod
--- old/libcap-2.62/goapps/gowns/go.mod 2021-12-12 03:05:53.000000000 +0100
+++ new/libcap-2.63/goapps/gowns/go.mod 2022-01-24 01:45:25.000000000 +0100
@@ -2,4 +2,4 @@
go 1.15
-require kernel.org/pub/linux/libs/security/libcap/cap v1.2.62
+require kernel.org/pub/linux/libs/security/libcap/cap v1.2.63
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/goapps/setid/go.mod
new/libcap-2.63/goapps/setid/go.mod
--- old/libcap-2.62/goapps/setid/go.mod 2021-12-12 03:05:53.000000000 +0100
+++ new/libcap-2.63/goapps/setid/go.mod 2022-01-24 01:45:25.000000000 +0100
@@ -3,6 +3,6 @@
go 1.11
require (
- kernel.org/pub/linux/libs/security/libcap/cap v1.2.62
- kernel.org/pub/linux/libs/security/libcap/psx v1.2.62
+ kernel.org/pub/linux/libs/security/libcap/cap v1.2.63
+ kernel.org/pub/linux/libs/security/libcap/psx v1.2.63
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/goapps/web/go.mod
new/libcap-2.63/goapps/web/go.mod
--- old/libcap-2.62/goapps/web/go.mod 2021-12-12 03:05:53.000000000 +0100
+++ new/libcap-2.63/goapps/web/go.mod 2022-01-24 01:45:25.000000000 +0100
@@ -2,4 +2,4 @@
go 1.11
-require kernel.org/pub/linux/libs/security/libcap/cap v1.2.62
+require kernel.org/pub/linux/libs/security/libcap/cap v1.2.63
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/libcap/cap_alloc.c
new/libcap-2.63/libcap/cap_alloc.c
--- old/libcap-2.62/libcap/cap_alloc.c 2021-11-15 06:19:25.000000000 +0100
+++ new/libcap-2.63/libcap/cap_alloc.c 2022-01-24 01:30:38.000000000 +0100
@@ -19,14 +19,15 @@
__attribute__((constructor (300))) void _libcap_initialize()
{
+ int errno_saved = errno;
_cap_mu_lock(&__libcap_mutex);
- if (_cap_max_bits) {
- _cap_mu_unlock(&__libcap_mutex);
- return;
+ if (!_cap_max_bits) {
+ cap_set_syscall(NULL, NULL);
+ _binary_search(_cap_max_bits, cap_get_bound, 0, __CAP_MAXBITS,
+ __CAP_BITS);
}
- cap_set_syscall(NULL, NULL);
- _binary_search(_cap_max_bits, cap_get_bound, 0, __CAP_MAXBITS, __CAP_BITS);
_cap_mu_unlock(&__libcap_mutex);
+ errno = errno_saved;
}
cap_value_t cap_max_bits(void)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/libcap/cap_file.c
new/libcap-2.63/libcap/cap_file.c
--- old/libcap-2.62/libcap/cap_file.c 2021-10-23 07:22:32.000000000 +0200
+++ new/libcap-2.63/libcap/cap_file.c 2022-01-24 01:45:25.000000000 +0100
@@ -12,7 +12,6 @@
#include <byteswap.h>
#include <sys/stat.h>
#include <unistd.h>
-#include <linux/xattr.h>
/*
* We hardcode the prototypes for the Linux system calls here since
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/libcap/cap_proc.c
new/libcap-2.63/libcap/cap_proc.c
--- old/libcap-2.62/libcap/cap_proc.c 2021-11-22 02:20:50.000000000 +0100
+++ new/libcap-2.63/libcap/cap_proc.c 2022-01-24 01:45:25.000000000 +0100
@@ -18,8 +18,6 @@
#include <sys/types.h>
#include <sys/wait.h>
-#include <linux/limits.h>
-
#include "libcap.h"
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/libcap/include/sys/capability.h
new/libcap-2.63/libcap/include/sys/capability.h
--- old/libcap-2.62/libcap/include/sys/capability.h 2021-11-22
02:20:50.000000000 +0100
+++ new/libcap-2.63/libcap/include/sys/capability.h 2022-01-24
01:45:25.000000000 +0100
@@ -2,7 +2,7 @@
* <sys/capability.h>
*
* Copyright (C) 1997 Aleph One
- * Copyright (C) 1997,8, 2008,19,20 Andrew G. Morgan <mor...@kernel.org>
+ * Copyright (C) 1997,8, 2008,19-22 Andrew G. Morgan <mor...@kernel.org>
*
* defunct POSIX.1e Standard: 25.2 Capabilities <sys/capability.h>
*/
@@ -21,7 +21,6 @@
#include <sys/types.h>
#include <stdint.h>
-#include <linux/types.h>
#ifndef __user
#define __user
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/libcap/include/uapi/linux/capability.h
new/libcap-2.63/libcap/include/uapi/linux/capability.h
--- old/libcap-2.62/libcap/include/uapi/linux/capability.h 2020-08-14
05:54:41.000000000 +0200
+++ new/libcap-2.63/libcap/include/uapi/linux/capability.h 2022-01-24
01:45:25.000000000 +0100
@@ -14,7 +14,9 @@
#ifndef _UAPI_LINUX_CAPABILITY_H
#define _UAPI_LINUX_CAPABILITY_H
-#include <linux/types.h>
+#include <stdint.h>
+#define __u32 uint32_t
+#define __le32 __u32
/* User-level do most of the mapping between kernel and user
capabilities based on the version tag given by the kernel. The
@@ -422,5 +424,4 @@
#define CAP_TO_INDEX(x) ((x) >> 5) /* 1 << 5 == bits in __u32 */
#define CAP_TO_MASK(x) (1u << ((x) & 31)) /* mask for indexed __u32 */
-
#endif /* _UAPI_LINUX_CAPABILITY_H */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/psx/psx.c new/libcap-2.63/psx/psx.c
--- old/libcap-2.62/psx/psx.c 2021-09-18 05:56:21.000000000 +0200
+++ new/libcap-2.63/psx/psx.c 2022-01-24 01:30:38.000000000 +0100
@@ -56,6 +56,8 @@
pthread_mutex_t mu;
int pending;
int gone;
+ long int retval;
+ pid_t tid;
} registered_thread_t;
static pthread_once_t psx_tracker_initialized = PTHREAD_ONCE_INIT;
@@ -81,6 +83,7 @@
psx_tracker_state_t state;
int initialized;
int psx_sig;
+ psx_sensitivity_t sensitivity;
struct {
long syscall_nr;
@@ -136,19 +139,20 @@
return;
}
+ long int retval;
if (!psx_tracker.cmd.six) {
- (void) syscall(psx_tracker.cmd.syscall_nr,
- psx_tracker.cmd.arg1,
- psx_tracker.cmd.arg2,
- psx_tracker.cmd.arg3);
+ retval = syscall(psx_tracker.cmd.syscall_nr,
+ psx_tracker.cmd.arg1,
+ psx_tracker.cmd.arg2,
+ psx_tracker.cmd.arg3);
} else {
- (void) syscall(psx_tracker.cmd.syscall_nr,
- psx_tracker.cmd.arg1,
- psx_tracker.cmd.arg2,
- psx_tracker.cmd.arg3,
- psx_tracker.cmd.arg4,
- psx_tracker.cmd.arg5,
- psx_tracker.cmd.arg6);
+ retval = syscall(psx_tracker.cmd.syscall_nr,
+ psx_tracker.cmd.arg1,
+ psx_tracker.cmd.arg2,
+ psx_tracker.cmd.arg3,
+ psx_tracker.cmd.arg4,
+ psx_tracker.cmd.arg5,
+ psx_tracker.cmd.arg6);
}
/*
@@ -160,6 +164,8 @@
if (ref) {
pthread_mutex_lock(&ref->mu);
ref->pending = 0;
+ ref->retval = retval;
+ ref->tid = syscall(SYS_gettid);
pthread_mutex_unlock(&ref->mu);
} /*
* else thread must be dying and its psx_action_key has already
@@ -607,6 +613,7 @@
}
psx_unlock();
+ int mismatch = 0;
for (;;) {
int waiting = 0;
psx_lock();
@@ -619,8 +626,12 @@
pthread_mutex_lock(&ref->mu);
int pending = ref->pending;
int gone = ref->gone;
- if (pending && !gone) {
- gone = (pthread_kill(ref->thread, 0) != 0);
+ if (!gone) {
+ if (pending) {
+ gone = (pthread_kill(ref->thread, 0) != 0);
+ } else {
+ mismatch |= (ref->retval != ret);
+ }
}
pthread_mutex_unlock(&ref->mu);
if (!gone) {
@@ -639,10 +650,67 @@
sched_yield();
}
- errno = restore_errno;
psx_tracker.cmd.active = 0;
+ if (mismatch) {
+ psx_lock();
+ switch (psx_tracker.sensitivity) {
+ case PSX_IGNORE:
+ break;
+ default:
+ fprintf(stderr, "psx_syscall result differs.\n");
+ if (psx_tracker.cmd.six) {
+ fprintf(stderr, "trap:%ld a123456=[%ld,%ld,%ld,%ld,%ld,%ld]\n",
+ psx_tracker.cmd.syscall_nr,
+ psx_tracker.cmd.arg1,
+ psx_tracker.cmd.arg2,
+ psx_tracker.cmd.arg3,
+ psx_tracker.cmd.arg4,
+ psx_tracker.cmd.arg5,
+ psx_tracker.cmd.arg6);
+ } else {
+ fprintf(stderr, "trap:%ld a123=[%ld,%ld,%ld]\n",
+ psx_tracker.cmd.syscall_nr,
+ psx_tracker.cmd.arg1,
+ psx_tracker.cmd.arg2,
+ psx_tracker.cmd.arg3);
+ }
+ fprintf(stderr, "results:");
+ for (ref = psx_tracker.root; ref; ref = next) {
+ next = ref->next;
+ if (ref->thread == self) {
+ continue;
+ }
+ if (ret != ref->retval) {
+ fprintf(stderr, " %d={%ld}", ref->tid, ref->retval);
+ }
+ }
+ fprintf(stderr, " wanted={%ld}\n", ret);
+ if (psx_tracker.sensitivity == PSX_WARNING) {
+ break;
+ }
+ pthread_kill(self, SIGSYS);
+ }
+ psx_unlock();
+ }
+ errno = restore_errno;
psx_new_state(_PSX_SYSCALL, _PSX_IDLE);
defer:
return ret;
}
+
+/*
+ * Change the PSX sensitivity level. If the threads appear to have
+ * diverged in behavior, this can cause the library to notify the
+ * user.
+ */
+int psx_set_sensitivity(psx_sensitivity_t level) {
+ if (level < PSX_IGNORE || level > PSX_ERROR) {
+ errno = EINVAL;
+ return -1;
+ }
+ psx_lock();
+ psx_tracker.sensitivity = level;
+ psx_unlock();
+ return 0;
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/psx/psx_cgo.go
new/libcap-2.63/psx/psx_cgo.go
--- old/libcap-2.62/psx/psx_cgo.go 2021-03-07 04:55:56.000000000 +0100
+++ new/libcap-2.63/psx/psx_cgo.go 2021-12-12 22:47:05.000000000 +0100
@@ -4,6 +4,7 @@
import (
"runtime"
+ "sync"
"syscall"
)
@@ -32,6 +33,15 @@
return int(C.__errno_too(C.long(v)))
}
+var makeFatal sync.Once
+
+// forceFatal configures the psx_syscall mechanism to PSX_ERROR.
+func forceFatal() {
+ makeFatal.Do(func() {
+ C.psx_set_sensitivity(C.PSX_ERROR)
+ })
+}
+
//go:uintptrescapes
// Syscall3 performs a 3 argument syscall. Syscall3 differs from
@@ -45,6 +55,7 @@
// If CGO_ENABLED=0 it redirects to the go1.16+
// syscall.AllThreadsSyscall() function.
func Syscall3(syscallnr, arg1, arg2, arg3 uintptr) (uintptr, uintptr,
syscall.Errno) {
+ forceFatal()
// We lock to the OSThread here because we may need errno to
// be the one for this thread.
runtime.LockOSThread()
@@ -65,6 +76,7 @@
// arguments, its behavior is identical to that of Syscall3() - see
// above for the full documentation.
func Syscall6(syscallnr, arg1, arg2, arg3, arg4, arg5, arg6 uintptr) (uintptr,
uintptr, syscall.Errno) {
+ forceFatal()
// We lock to the OSThread here because we may need errno to
// be the one for this thread.
runtime.LockOSThread()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/psx/psx_syscall.h
new/libcap-2.63/psx/psx_syscall.h
--- old/libcap-2.62/psx/psx_syscall.h 2021-09-18 05:56:21.000000000 +0200
+++ new/libcap-2.63/psx/psx_syscall.h 2021-12-12 22:47:05.000000000 +0100
@@ -67,6 +67,27 @@
long int, long int, long int,
long int, long int, long int));
+/*
+ * psx_sensitivity_t holds the level of paranoia for non-POSIX syscall
+ * behavior. The default is PSX_IGNORE: which is best effort - no
+ * enforcement; PSX_WARNING will dump to stderr a warning when a
+ * syscall's results differ; PSX_ERROR will dump info as per
+ * PSX_WARNING and generate a SIGSYS. The current mode can be set with
+ * psx_set_sensitivity().
+ */
+typedef enum {
+ PSX_IGNORE = 0,
+ PSX_WARNING = 1,
+ PSX_ERROR = 2,
+} psx_sensitivity_t;
+
+/*
+ * psx_set_sensitivity sets the current sensitivity of the PSX
+ * mechanism. The function returns 0 on success and -1 if the
+ * requested level is invalid.
+ */
+int psx_set_sensitivity(psx_sensitivity_t level);
+
#ifdef __cplusplus
}
#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-2.62/tests/libcap_launch_test.c
new/libcap-2.63/tests/libcap_launch_test.c
--- old/libcap-2.62/tests/libcap_launch_test.c 2021-09-27 04:01:29.000000000
+0200
+++ new/libcap-2.63/tests/libcap_launch_test.c 2022-01-24 01:30:38.000000000
+0100
@@ -1,3 +1,4 @@
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -119,6 +120,11 @@
},
};
+ if (errno != 0) {
+ perror("unexpected initial value for errno");
+ exit(1);
+ }
+
cap_t orig = cap_get_proc();
if (orig == NULL) {
perror("failed to get process capabilities");
