The branch, master has been updated
via 8ae180e1678 third_party: Update socket_wrapper to version 1.4.3
via f88e60644e7 third_party: Update uid_wrapper to version 1.3.1
via 54fed589cca gitlab-ci: Set git safe.directory for devel repo
via f3af6e86080 bootstrap: Fix building CentOS 8 Stream container images
via d00e9482a50 bootstrap: Set git safe.directory
via 84fb5cc8451 bootstrap: Fix runner tags
from aecbfe52183 python/samba/tests/krb5: Add tests for password expiry
with krb5 ENC-TS
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8ae180e1678fc8565b8074d4886f7d3676a0f950
Author: Andreas Schneider <a...@samba.org>
Date: Thu Jun 13 07:47:26 2024 +0200
third_party: Update socket_wrapper to version 1.4.3
This fixes issues with bind compiled with jemalloc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org>
Autobuild-Date(master): Thu Jun 13 08:41:39 UTC 2024 on atb-devel-224
commit f88e60644e76c6310088934439f9c0da0f63905f
Author: Andreas Schneider <a...@samba.org>
Date: Thu Jun 13 07:41:41 2024 +0200
third_party: Update uid_wrapper to version 1.3.1
This fixes issues with bind compiled with jemalloc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit 54fed589cca245c716492bcc78b574c30378b19c
Author: Andreas Schneider <a...@samba.org>
Date: Fri Jun 7 16:20:10 2024 +0200
gitlab-ci: Set git safe.directory for devel repo
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit f3af6e860800d0f837cdf6c2d16d1cd12feb08df
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jun 10 15:28:30 2024 +0200
bootstrap: Fix building CentOS 8 Stream container images
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit d00e9482a50b5a756f4847cde977c40c80e179c5
Author: Andreas Schneider <a...@samba.org>
Date: Thu Jun 6 16:10:14 2024 +0200
bootstrap: Set git safe.directory
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit 84fb5cc8451c0af354850f39ae6debf388849ebb
Author: Andreas Schneider <a...@samba.org>
Date: Thu Jun 6 14:41:02 2024 +0200
bootstrap: Fix runner tags
See https://docs.gitlab.com/ee/ci/runners/hosted_runners/linux.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
.gitlab-ci-main.yml | 3 +-
bootstrap/.gitlab-ci.yml | 6 +--
bootstrap/config.py | 3 ++
bootstrap/generated-dists/centos8s/bootstrap.sh | 3 ++
bootstrap/sha1sum.txt | 2 +-
buildtools/wafsamba/samba_third_party.py | 4 +-
third_party/socket_wrapper/socket_wrapper.c | 45 ++++++++++++++++++-
third_party/socket_wrapper/wscript | 3 +-
third_party/uid_wrapper/uid_wrapper.c | 58 ++++++++++++++++++++++++-
third_party/uid_wrapper/wscript | 4 +-
10 files changed, 118 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/.gitlab-ci-main.yml b/.gitlab-ci-main.yml
index 1e4bdf82e74..c56c84c89d4 100644
--- a/.gitlab-ci-main.yml
+++ b/.gitlab-ci-main.yml
@@ -47,7 +47,7 @@ variables:
# Set this to the contents of bootstrap/sha1sum.txt
# which is generated by bootstrap/template.py --render
#
- SAMBA_CI_CONTAINER_TAG: 9a406973474a7903fe7fd6215226660911ed73c0
+ SAMBA_CI_CONTAINER_TAG: b078783e082ead539940faaa644567bf4ed67f67
#
# We use the ubuntu2204 image as default as
# it matches what we have on atb-devel-224
@@ -147,6 +147,7 @@ include:
- ccache -s
# We are already running .gitlab-ci directives from this repo, remove
additional checks that break our CI
- git config --global --add safe.directory `pwd`
+ - git config --global --add safe.directory
/builds/samba-team/devel/samba/.git
after_script:
- mount
- df -h
diff --git a/bootstrap/.gitlab-ci.yml b/bootstrap/.gitlab-ci.yml
index ba82cdc1251..77b4e4fe290 100644
--- a/bootstrap/.gitlab-ci.yml
+++ b/bootstrap/.gitlab-ci.yml
@@ -6,9 +6,7 @@
# We need to make sure we only use gitlab.com
# runners and not our own runners, as our current runners
# don't allow 'docker build ...' to run.
- - docker
- - gce
- - shared
+ - saas-linux-small-amd64
variables:
SAMBA_CI_IS_BROKEN_IMAGE: "no"
SAMBA_CI_TEST_JOB: "samba-o3"
@@ -47,7 +45,7 @@
diff -u bootstrap/sha1sum.txt /tmp/sha1sum-template.txt
# run smoke test with samba-o3 or samba-fuzz
podman run --volume $(pwd):/src:ro ${ci_image_name} \
- /bin/bash -c "git clone /src samba && cd samba && export
PKG_CONFIG_PATH=/usr/lib64/compat-gnutls34/pkgconfig:/usr/lib64/compat-nettle32/pkgconfig
&& script/autobuild.py ${SAMBA_CI_TEST_JOB} --verbose --nocleanup --keeplogs
--tail --testbase /tmp/samba-testbase"
+ /bin/bash -c "git config --global --add safe.directory /src/.git &&
git clone /src samba && cd samba && export
PKG_CONFIG_PATH=/usr/lib64/compat-gnutls34/pkgconfig:/usr/lib64/compat-nettle32/pkgconfig
&& script/autobuild.py ${SAMBA_CI_TEST_JOB} --verbose --nocleanup --keeplogs
--tail --testbase /tmp/samba-testbase"
podman tag ${ci_image_name} ${ci_image_path}:${SAMBA_CI_CONTAINER_TAG}
podman tag ${ci_image_name} ${ci_image_path}:${timestamp_tag}
# We build all images, but only upload is it's not marked as broken
diff --git a/bootstrap/config.py b/bootstrap/config.py
index 11d8314aefc..a5a7366c7fa 100644
--- a/bootstrap/config.py
+++ b/bootstrap/config.py
@@ -241,6 +241,9 @@ CENTOS8S_YUM_BOOTSTRAP = r"""
{GENERATED_MARKER}
set -xueo pipefail
+sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
+sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g'
/etc/yum.repos.d/CentOS-*
+
yum update -y
yum install -y dnf-plugins-core
yum install -y epel-release
diff --git a/bootstrap/generated-dists/centos8s/bootstrap.sh
b/bootstrap/generated-dists/centos8s/bootstrap.sh
index 4b2c62c66d9..9e0aabbac28 100755
--- a/bootstrap/generated-dists/centos8s/bootstrap.sh
+++ b/bootstrap/generated-dists/centos8s/bootstrap.sh
@@ -7,6 +7,9 @@
set -xueo pipefail
+sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
+sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g'
/etc/yum.repos.d/CentOS-*
+
yum update -y
yum install -y dnf-plugins-core
yum install -y epel-release
diff --git a/bootstrap/sha1sum.txt b/bootstrap/sha1sum.txt
index 61ecaf0ccf6..1bb5e922d9b 100644
--- a/bootstrap/sha1sum.txt
+++ b/bootstrap/sha1sum.txt
@@ -1 +1 @@
-9a406973474a7903fe7fd6215226660911ed73c0
+b078783e082ead539940faaa644567bf4ed67f67
diff --git a/buildtools/wafsamba/samba_third_party.py
b/buildtools/wafsamba/samba_third_party.py
index 52898486fd9..a42bb2ddc90 100644
--- a/buildtools/wafsamba/samba_third_party.py
+++ b/buildtools/wafsamba/samba_third_party.py
@@ -24,7 +24,7 @@ Build.BuildContext.CHECK_CMOCKA = CHECK_CMOCKA
@conf
def CHECK_SOCKET_WRAPPER(conf):
- return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.4.2')
+ return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.4.3')
Build.BuildContext.CHECK_SOCKET_WRAPPER = CHECK_SOCKET_WRAPPER
@conf
@@ -39,7 +39,7 @@ Build.BuildContext.CHECK_RESOLV_WRAPPER = CHECK_RESOLV_WRAPPER
@conf
def CHECK_UID_WRAPPER(conf):
- return conf.CHECK_BUNDLED_SYSTEM_PKG('uid_wrapper', minversion='1.3.0')
+ return conf.CHECK_BUNDLED_SYSTEM_PKG('uid_wrapper', minversion='1.3.1')
Build.BuildContext.CHECK_UID_WRAPPER = CHECK_UID_WRAPPER
@conf
diff --git a/third_party/socket_wrapper/socket_wrapper.c
b/third_party/socket_wrapper/socket_wrapper.c
index c759d350fb1..37799c82419 100644
--- a/third_party/socket_wrapper/socket_wrapper.c
+++ b/third_party/socket_wrapper/socket_wrapper.c
@@ -1388,6 +1388,9 @@ static ssize_t libc_writev(int fd, const struct iovec
*iov, int iovcnt)
return swrap.libc.symbols._libc_writev.f(fd, iov, iovcnt);
}
+/* JEMALLOC: This tells socket_wrapper if it should handle syscall() */
+static bool swrap_handle_syscall;
+
#ifdef HAVE_SYSCALL
DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
static long int libc_vsyscall(long int sysno, va_list va)
@@ -1396,7 +1399,27 @@ static long int libc_vsyscall(long int sysno, va_list va)
long int rc;
int i;
- swrap_bind_symbol_all();
+ /*
+ * JEMALLOC:
+ *
+ * This is a workaround to prevent a deadlock in jemalloc calling
+ * malloc_init() twice. The first allocation call will trigger a
+ * malloc_init() of jemalloc. The functions calls syscall(SYS_open, ...)
+ * so it goes to socket or uid wrapper. In this code path we need to
+ * avoid any allocation calls. This will prevent the deadlock.
+ *
+ * We also need to avoid dlopen() as that would trigger the recursion
+ * into malloc_init(), so we use dlsym(RTLD_NEXT), until we reached
+ * swrap_constructor() or any real socket call at that time
+ * swrap_bind_symbol_all() will replace the function pointer again after
+ * dlopen of libc.
+ */
+ if (swrap_handle_syscall) {
+ swrap_bind_symbol_all();
+ } else if (swrap.libc.symbols._libc_syscall.obj == NULL) {
+ swrap.libc.symbols._libc_syscall.obj = dlsym(RTLD_NEXT,
+ "syscall");
+ }
for (i = 0; i < 8; i++) {
args[i] = va_arg(va, long int);
@@ -1517,6 +1540,8 @@ static void __swrap_bind_symbol_all_once(void)
swrap_bind_symbol_rtld_default_optional(uid_wrapper_syscall_valid);
swrap_bind_symbol_rtld_default_optional(uid_wrapper_syscall_va);
#endif
+
+ swrap_handle_syscall = true;
}
static void swrap_bind_symbol_all(void)
@@ -8744,6 +8769,21 @@ long int syscall(long int sysno, ...)
va_start(va, sysno);
+ /*
+ * JEMALLOC:
+ *
+ * This is a workaround to prevent a deadlock in jemalloc calling
+ * malloc_init() twice. The first allocation call will trigger a
+ * malloc_init() of jemalloc. The functions calls syscall(SYS_open, ...)
+ * so it goes to socket or uid wrapper. In this code path we need to
+ * avoid any allocation calls. This will prevent the deadlock.
+ */
+ if (!swrap_handle_syscall) {
+ rc = libc_vsyscall(sysno, va);
+ va_end(va);
+ return rc;
+ }
+
/*
* We should only handle the syscall numbers
* we care about...
@@ -8860,6 +8900,9 @@ void swrap_constructor(void)
pthread_atfork(&swrap_thread_prepare,
&swrap_thread_parent,
&swrap_thread_child);
+
+ /* Let socket_wrapper handle syscall() */
+ swrap_handle_syscall = true;
}
/****************************
diff --git a/third_party/socket_wrapper/wscript
b/third_party/socket_wrapper/wscript
index 9d2210d9c35..cdd34938ba3 100644
--- a/third_party/socket_wrapper/wscript
+++ b/third_party/socket_wrapper/wscript
@@ -2,7 +2,7 @@
import os
-VERSION = "1.4.2"
+VERSION = "1.4.3"
def configure(conf):
@@ -10,6 +10,7 @@ def configure(conf):
conf.DEFINE('USING_SYSTEM_SOCKET_WRAPPER', 1)
libsocket_wrapper_so_path = 'libsocket_wrapper.so'
else:
+ conf.CHECK_HEADERS('gnu/lib-names.h')
if conf.CONFIG_SET("HAVE___THREAD"):
conf.DEFINE("HAVE_GCC_THREAD_LOCAL_STORAGE", 1)
diff --git a/third_party/uid_wrapper/uid_wrapper.c
b/third_party/uid_wrapper/uid_wrapper.c
index 5b6a82b8fef..ca578e61f2e 100644
--- a/third_party/uid_wrapper/uid_wrapper.c
+++ b/third_party/uid_wrapper/uid_wrapper.c
@@ -38,6 +38,10 @@
#include <pthread.h>
+#ifdef HAVE_GNU_LIB_NAMES_H
+#include <gnu/lib-names.h>
+#endif
+
#ifdef HAVE_GCC_THREAD_LOCAL_STORAGE
# define UWRAP_THREAD __thread
#else
@@ -558,6 +562,13 @@ static void *uwrap_load_lib_handle(enum uwrap_lib lib)
switch (lib) {
case UWRAP_LIBC:
handle = uwrap.libc.handle;
+#ifdef LIBC_SO
+ if (handle == NULL) {
+ handle = dlopen(LIBC_SO, flags);
+
+ uwrap.libc.handle = handle;
+ }
+#endif
if (handle == NULL) {
for (i = 10; i >= 0; i--) {
char soname[256] = {0};
@@ -656,6 +667,9 @@ static void *_uwrap_bind_symbol(enum uwrap_lib lib, const
char *fn_name)
dlsym(RTLD_DEFAULT, #sym_name); \
}
+/* JEMALLOC: This tells uid_wrapper if it should handle syscall() */
+static bool uwrap_handle_syscall;
+
/* DO NOT call this function during library initialization! */
static void __uwrap_bind_symbol_all_once(void)
{
@@ -699,6 +713,8 @@ static void __uwrap_bind_symbol_all_once(void)
#endif
uwrap_bind_symbol_libpthread(pthread_create);
uwrap_bind_symbol_libpthread(pthread_exit);
+
+ uwrap_handle_syscall = true;
}
static void uwrap_bind_symbol_all(void)
@@ -863,7 +879,27 @@ static long int libc_vsyscall(long int sysno, va_list va)
long int rc;
int i;
- uwrap_bind_symbol_all();
+ /*
+ * JEMALLOC:
+ *
+ * This is a workaround to prevent a deadlock in jemalloc calling
+ * malloc_init() twice. The first allocation call will trigger a
+ * malloc_init() of jemalloc. The functions calls syscall(SYS_open, ...)
+ * so it goes to socket or uid wrapper. In this code path we need to
+ * avoid any allocation calls. This will prevent the deadlock.
+ *
+ * We also need to avoid dlopen() as that would trigger the recursion
+ * into malloc_init(), so we use dlsym(RTLD_NEXT), until we reached
+ * swrap_constructor() or any real socket call at that time
+ * swrap_bind_symbol_all() will replace the function pointer again after
+ * dlopen of libc.
+ */
+ if (uwrap_handle_syscall) {
+ uwrap_bind_symbol_all();
+ } else if (uwrap.libc.symbols._libc_syscall.obj == NULL) {
+ uwrap.libc.symbols._libc_syscall.obj = dlsym(RTLD_NEXT,
+ "syscall");
+ }
for (i = 0; i < 8; i++) {
args[i] = va_arg(va, long int);
@@ -1375,7 +1411,7 @@ static void uwrap_init_env(struct uwrap_thread *id)
exit(-1);
}
- UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize groups with %s", env);
+ UWRAP_LOG(UWRAP_LOG_DEBUG, "Initialize groups with %s", env);
id->ngroups = ngroups;
}
}
@@ -2708,6 +2744,21 @@ long int syscall (long int sysno, ...)
va_start(va, sysno);
+ /*
+ * JEMALLOC:
+ *
+ * This is a workaround to prevent a deadlock in jemalloc calling
+ * malloc_init() twice. The first allocation call will trigger a
+ * malloc_init() of jemalloc. The functions calls syscall(SYS_open, ...)
+ * so it goes to socket or uid wrapper. In this code path we need to
+ * avoid any allocation calls. This will prevent the deadlock.
+ */
+ if (!uwrap_handle_syscall) {
+ rc = libc_vsyscall(sysno, va);
+ va_end(va);
+ return rc;
+ }
+
/*
* We need to check for uwrap related syscall numbers before calling
* uid_wrapper_enabled() otherwise we'd deadlock during the freebsd libc
@@ -2821,6 +2872,9 @@ void uwrap_constructor(void)
* for main process.
*/
uwrap_init();
+
+ /* Let socket_wrapper handle syscall() */
+ uwrap_handle_syscall = true;
}
/****************************
diff --git a/third_party/uid_wrapper/wscript b/third_party/uid_wrapper/wscript
index 7b65d930640..5af76903fb9 100644
--- a/third_party/uid_wrapper/wscript
+++ b/third_party/uid_wrapper/wscript
@@ -3,13 +3,15 @@
from waflib import Options
import os, sys
-VERSION="1.3.0"
+VERSION="1.3.1"
def configure(conf):
if conf.CHECK_UID_WRAPPER():
conf.DEFINE('USING_SYSTEM_UID_WRAPPER', 1)
libuid_wrapper_so_path = 'libuid_wrapper.so'
else:
+ conf.CHECK_HEADERS('gnu/lib-names.h')
+
# check HAVE_GCC_ATOMIC_BUILTINS
conf.CHECK_CODE('''
#include <stdbool.h>
--
Samba Shared Repository
