graphene/LibOS/glibc-patches/glibc-2.19.patch

diff --git a/Makeconfig b/Makeconfig
index 1908f27..cf34ba1 100644
--- a/Makeconfig
+++ b/Makeconfig
@@ -775,7 +775,8 @@ endif	# $(+cflags) == ""
 # current directory.
 +includes = -I$(..)include $(if $(subdir),$(objpfx:%/=-I%)) \
 	    $(+sysdep-includes) $(includes) \
-	    $(patsubst %/,-I%,$(..)) $(libio-include) -I. $(sysincludes)
+	    $(patsubst %/,-I%,$(..)) $(libio-include) -I. $(sysincludes) \
+	    -I$(common-objpfx)../shim/include
 
 # Since libio has several internal header files, we use a -I instead
 # of many little headers in the include directory.
diff --git a/Makefile b/Makefile
index 51d4690..d72c4b0 100644
--- a/Makefile
+++ b/Makefile
@@ -177,6 +177,8 @@ $(inst_includedir)/gnu/stubs.h: $(+force)
 install-others-nosubdir: $(installed-stubs)
 endif
 
+# For Graphene
+CFLAGS-syscalldb.c = -fPIC
 
 # Since stubs.h is never needed when building the library, we simplify the
 # hairy installation process by producing it in place only as the last part
diff --git a/Versions.def b/Versions.def
index 759c754..e1a270e 100644
--- a/Versions.def
+++ b/Versions.def
@@ -135,6 +138,7 @@ ld {
   GLIBC_2.3
   GLIBC_2.4
   GLIBC_PRIVATE
+  SHIM
 }
 libthread_db {
   GLIBC_2.1.3
diff --git a/elf/Makefile b/elf/Makefile
index 4c58fc9..0ae2fa8 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -21,7 +21,7 @@ subdir		:= elf
 
 include ../Makeconfig
 
-headers		= elf.h bits/elfclass.h link.h bits/link.h
+headers		= elf.h bits/elfclass.h link.h bits/link.h syscalldb.h
 routines	= $(dl-routines) dl-support dl-iteratephdr \
 		  dl-addr enbl-secure dl-profstub \
 		  dl-origin dl-libc dl-sym dl-tsd dl-sysdep
@@ -31,7 +31,8 @@ routines	= $(dl-routines) dl-support dl-iteratephdr \
 dl-routines	= $(addprefix dl-,load lookup object reloc deps hwcaps \
 				  runtime error init fini debug misc \
 				  version profile conflict tls origin scope \
-				  execstack caller open close trampoline)
+				  execstack caller open close trampoline) \
+		  syscalldb syscallas
 ifeq (yes,$(use-ldconfig))
 dl-routines += dl-cache
 endif
diff --git a/elf/Versions b/elf/Versions
index 2383992..98687f6 100644
--- a/elf/Versions
+++ b/elf/Versions
@@ -62,4 +65,7 @@ ld {
     # Pointer protection.
     __pointer_chk_guard;
   }
+  SHIM {
+    syscalldb; glibc_version; glibc_option; register_library;
+  }
 }
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 1be7a3c..c560ec1 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -39,6 +39,8 @@
 
 #include <dl-dst.h>
 
+#include <glibc-version.h>
+
 /* On some systems, no flag bits are given to specify file mapping.  */
 #ifndef MAP_FILE
 # define MAP_FILE	0
@@ -1595,6 +1597,9 @@ cannot enable executable stack as shared object requires");
   DL_AFTER_LOAD (l);
 #endif
 
+  /* register the library to SHIM */
+  register_library(l->l_name, l->l_addr);
+
   /* Now that the object is fully initialized add it to the object list.  */
   _dl_add_to_namespace_list (l, nsid);
 
diff --git a/elf/rtld.c b/elf/rtld.c
index 6dcbabc..c87c773 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -356,6 +356,23 @@ _dl_start_final (void *arg, struct dl_start_final_info *info)
   return start_addr;
 }
 
+/* For graphene, check if glibc version match to the compatible SHIM
+   library. If not, tell the user to update glibc. */
+#include "glibc-version.h"
+
+const unsigned int glibc_version __attribute__((weak)) = GLIBC_VERSION;
+
+static void __attribute__((noinline,optimize("-O0")))
+check_glibc_version (void)
+{
+  if (glibc_version != GLIBC_VERSION)
+    {
+      _dl_fatal_printf ("Warning from Graphene: "
+                        "Glibc version is incorrect. Please rebuild Glibc.\n");
+      _exit (1);
+    }
+}
+
 static ElfW(Addr) __attribute_used__ internal_function
 _dl_start (void *arg)
 {
@@ -546,6 +563,9 @@ _dl_start (void *arg)
      therefore need not test whether we have to allocate the array
      for the relocation results (as done in dl-reloc.c).  */
 
+  /* For Graphene, check if the glibc version is correct. */
+  check_glibc_version();
+
   /* Now life is sane; we can call functions and access global data.
      Set up to use the operating system facilities, and find out from
      the operating system's program loader where to find the program
diff --git a/nptl/Versions b/nptl/Versions
index bb11277..354149a 100644
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S b/nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S
index 89fda5e..f6963f6 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S
@@ -111,7 +111,7 @@ ENTRY(__pthread_disable_asynccancel)
 	xorq	%r10, %r10
 	addq	$CANCELHANDLING, %rdi
 	LOAD_PRIVATE_FUTEX_WAIT (%esi)
-	syscall
+	SYSCALLDB
 	movl	%fs:CANCELHANDLING, %eax
 	jmp	3b
 END(__pthread_disable_asynccancel)
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S b/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S
index f2dca07..0ce7c67 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S
@@ -90,7 +90,7 @@ __lll_lock_wait_private:
 
 1:	LIBC_PROBE (lll_lock_wait_private, 1, %rdi)
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 2:	movl	%edx, %eax
 	xchgl	%eax, (%rdi)	/* NB:	 lock is implied */
@@ -130,7 +130,7 @@ __lll_lock_wait:
 
 1:	LIBC_PROBE (lll_lock_wait, 2, %rdi, %rsi)
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 2:	movl	%edx, %eax
 	xchgl	%eax, (%rdi)	/* NB:	 lock is implied */
@@ -185,7 +185,7 @@ __lll_timedlock_wait:
 
 1:	movl	$SYS_futex, %eax
 	movl	$2, %edx
-	syscall
+	SYSCALLDB
 
 2:	xchgl	%edx, (%rdi)	/* NB:   lock is implied */
 
@@ -279,7 +279,7 @@ __lll_timedlock_wait:
 	LOAD_FUTEX_WAIT (%esi)
 	movq	%r12, %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	/* NB: %edx == 2 */
 	xchgl	%edx, (%r12)
@@ -336,7 +336,7 @@ __lll_unlock_wake_private:
 	LOAD_PRIVATE_FUTEX_WAKE (%esi)
 	movl	$1, %edx	/* Wake one thread.  */
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	popq	%rdx
 	cfi_adjust_cfa_offset(-8)
@@ -366,7 +366,7 @@ __lll_unlock_wake:
 	LOAD_FUTEX_WAKE (%esi)
 	movl	$1, %edx	/* Wake one thread.  */
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	popq	%rdx
 	cfi_adjust_cfa_offset(-8)
@@ -435,7 +435,7 @@ __lll_timedwait_tid:
 #endif
 	movq	%r12, %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	cmpl	$0, (%rdi)
 	jne	1f
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.h b/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.h
index 0a26739..8aae14a 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.h
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.h
@@ -214,7 +214,7 @@ LLL_STUB_UNWIND_INFO_END
     register const struct timespec *__to __asm ("r10") = timeout;	      \
     int __status;							      \
     register __typeof (val) _val __asm ("edx") = (val);			      \
-    __asm __volatile ("syscall"						      \
+    __asm __volatile (SYSCALLDB						      \
 		      : "=a" (__status)					      \
 		      : "0" (SYS_futex), "D" (futex),			      \
 			"S" (__lll_private_flag (FUTEX_WAIT, private)),	      \
@@ -229,7 +229,7 @@ LLL_STUB_UNWIND_INFO_END
     int __status;							      \
     register __typeof (nr) _nr __asm ("edx") = (nr);			      \
     LIBC_PROBE (lll_futex_wake, 3, futex, nr, private);                       \
-    __asm __volatile ("syscall"						      \
+    __asm __volatile (SYSCALLDB						      \
 		      : "=a" (__status)					      \
 		      : "0" (SYS_futex), "D" (futex),			      \
 			"S" (__lll_private_flag (FUTEX_WAKE, private)),	      \
@@ -540,7 +540,7 @@ extern int __lll_timedlock_elision (int *futex, short *adapt_count,
     {									      \
       int ignore;							      \
       __asm __volatile (LOCK_INSTR "orl %3, (%2)\n\t"			      \
-			"syscall"					      \
+			SYSCALLDB					      \
 			: "=m" (futex), "=a" (ignore)			      \
 			: "D" (&(futex)), "i" (FUTEX_OWNER_DIED),	      \
 			  "S" (__lll_private_flag (FUTEX_WAKE, private)),     \
@@ -555,7 +555,7 @@ extern int __lll_timedlock_elision (int *futex, short *adapt_count,
      register int __nr_move __asm ("r10") = nr_move;			      \
      register void *__mutex __asm ("r8") = mutex;			      \
      register int __val __asm ("r9") = val;				      \
-     __asm __volatile ("syscall"					      \
+     __asm __volatile (SYSCALLDB					      \
 		       : "=a" (__res)					      \
 		       : "0" (__NR_futex), "D" ((void *) ftx),		      \
 			 "S" (__lll_private_flag (FUTEX_CMP_REQUEUE,	      \
@@ -581,7 +581,7 @@ extern int __lll_timedlock_elision (int *futex, short *adapt_count,
     if (_tid != 0)							      \
       __asm __volatile ("xorq %%r10, %%r10\n\t"				      \
 			"1:\tmovq %2, %%rax\n\t"			      \
-			"syscall\n\t"					      \
+			SYSCALLDB					      \
 			"cmpl $0, (%%rdi)\n\t"				      \
 			"jne 1b"					      \
 			: "=&a" (__ignore)				      \
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevelrobustlock.S b/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevelrobustlock.S
index 990b6f9..b01214d 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevelrobustlock.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/lowlevelrobustlock.S
@@ -80,7 +80,7 @@ __lll_robust_lock_wait:
 	jnz	2f
 
 1:	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	movl	(%rdi), %eax
 
@@ -145,7 +145,7 @@ __lll_robust_timedlock_wait:
 	jnz	6f
 
 5:	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	movl	%eax, %ecx
 
 	movl	(%rdi), %eax
@@ -257,7 +257,7 @@ __lll_robust_timedlock_wait:
 	LOAD_FUTEX_WAIT (%esi)
 	movq	%r12, %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	movq	%rax, %rcx
 
 	movl	(%r12), %eax
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_barrier_wait.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_barrier_wait.S
index eec17f2..a350340 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_barrier_wait.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_barrier_wait.S
@@ -62,7 +62,7 @@ pthread_barrier_wait:
 #endif
 	xorq	%r10, %r10
 8:	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	/* Don't return on spurious wakeups.  The syscall does not change
 	   any register except %eax so there is no need to reload any of
@@ -109,7 +109,7 @@ pthread_barrier_wait:
 	movl	$FUTEX_WAKE, %esi
 	orl	PRIVATE(%rdi), %esi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	/* Increment LEFT.  If this brings the count back to the
 	   initial count unlock the object.  */
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_broadcast.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_broadcast.S
index 985e0f1..d559456 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_broadcast.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_broadcast.S
@@ -90,7 +90,7 @@ __pthread_cond_broadcast:
 	movl	$SYS_futex, %eax
 	movl	$1, %edx
 	movl	$0x7fffffff, %r10d
-	syscall
+	SYSCALLDB
 
 	/* For any kind of error, which mainly is EAGAIN, we try again
 	   with WAKE.  The general test also covers running on old
@@ -106,7 +106,7 @@ __pthread_cond_broadcast:
 	movl	$SYS_futex, %eax
 	movl	$1, %edx
 	movl	$0x7fffffff, %r10d
-	syscall
+	SYSCALLDB
 
 	/* For any kind of error, which mainly is EAGAIN, we try again
 	   with WAKE.  The general test also covers running on old
@@ -172,7 +172,7 @@ __pthread_cond_broadcast:
 	orl	$FUTEX_WAKE, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	jmp	10b
 	.size	__pthread_cond_broadcast, .-__pthread_cond_broadcast
 versioned_symbol (libpthread, __pthread_cond_broadcast, pthread_cond_broadcast,
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_signal.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_signal.S
index 53d65b6..16df581 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_signal.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_signal.S
@@ -82,7 +82,7 @@ __pthread_cond_signal:
 	addq	$cond_lock, %r8
 #endif
 	movl	$FUTEX_OP_CLEAR_WAKE_IF_GT_ONE, %r9d
-	syscall
+	SYSCALLDB
 #if cond_lock != 0
 	subq	$cond_lock, %r8
 #endif
@@ -99,7 +99,7 @@ __pthread_cond_signal:
 	movq	%rcx, %r8
 	xorq	%r10, %r10
 	movl	(%rdi), %r9d	// XXX Can this be right?
-	syscall
+	SYSCALLDB
 
 	leaq	-cond_futex(%rdi), %r8
 
@@ -118,7 +118,7 @@ __pthread_cond_signal:
 	movl	$SYS_futex, %eax
 	/* %rdx should be 1 already from $FUTEX_WAKE_OP syscall.
 	movl	$1, %edx  */
-	syscall
+	SYSCALLDB
 
 	/* Unlock.  */
 4:	LOCK
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S
index 0dc2340..8aff242 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S
@@ -188,7 +188,7 @@ __pthread_cond_timedwait:
 	movq	%r12, %rdx
 	addq	$cond_futex, %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	cmpl	$0, %eax
 	sete	%r15b
@@ -234,7 +234,7 @@ __pthread_cond_timedwait:
 	movq	%r12, %rdx
 	addq	$cond_futex, %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 62:	movq	%rax, %r14
 
 	movl	(%rsp), %edi
@@ -321,7 +321,7 @@ __pthread_cond_timedwait:
 	orl	$FUTEX_WAKE, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	subq	$cond_nwaiters, %rdi
 
 55:	LOCK
@@ -492,7 +492,7 @@ __pthread_cond_timedwait:
 	call	*%rax
 #  else
 	movl	$__NR_clock_gettime, %eax
-	syscall
+	SYSCALLDB
 #  endif
 
 	/* Compute relative timeout.  */
@@ -560,7 +553,7 @@ __pthread_cond_timedwait:
 # endif
 	addq	$cond_futex, %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	movq	%rax, %r14
 
 	movl	(%rsp), %edi
@@ -732,7 +725,7 @@ __condvar_cleanup2:
 	orl	$FUTEX_WAKE, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	subq	$cond_nwaiters, %rdi
 	movl	$1, %r12d
 
@@ -769,7 +762,7 @@ __condvar_cleanup2:
 	orl	$FUTEX_WAKE, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	/* Lock the mutex only if we don't own it already.  This only happens
 	   in case of PI mutexes, if we got cancelled after a successful
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S
index 0e61d0a..b4bcc15 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S
@@ -138,7 +138,7 @@ __pthread_cond_wait:
 
 	movl	$(FUTEX_WAIT_REQUEUE_PI|FUTEX_PRIVATE_FLAG), %esi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	cmpl	$0, %eax
 	sete	%r8b
@@ -180,7 +180,7 @@ __pthread_cond_wait:
 #endif
 60:	xorb	%r8b, %r8b
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 62:	movl	(%rsp), %edi
 	callq	__pthread_disable_asynccancel
@@ -239,7 +239,7 @@ __pthread_cond_wait:
 	orl	$FUTEX_WAKE, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	subq	$cond_nwaiters, %rdi
 
 17:	LOCK
@@ -455,7 +455,7 @@ __condvar_cleanup1:
 	orl	$FUTEX_WAKE, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	subq	$cond_nwaiters, %rdi
 	movl	$1, %ecx
 
@@ -493,7 +493,7 @@ __condvar_cleanup1:
 	orl	$FUTEX_WAKE, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	/* Lock the mutex only if we don't own it already.  This only happens
 	   in case of PI mutexes, if we got cancelled after a successful
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_once.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_once.S
index 2cbe2fa..489998a 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_once.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_once.S
@@ -90,7 +90,7 @@ __pthread_once:
 # endif
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	jmp	6b
 
 	/* Preserve the pointer to the control variable.  */
@@ -123,7 +123,7 @@ __pthread_once:
 	orl	%fs:PRIVATE_FUTEX, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 4:	addq	$8, %rsp
 	cfi_adjust_cfa_offset(-8)
@@ -152,7 +152,7 @@ clear_once_control:
 	orl	%fs:PRIVATE_FUTEX, %esi
 #endif
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	movq	%r8, %rdi
 .LcallUR:
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_rdlock.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_rdlock.S
index 3bbb4c7..53d5ca6 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_rdlock.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_rdlock.S
@@ -82,7 +82,7 @@ __pthread_rwlock_rdlock:
 #endif
 	addq	$READERS_WAKEUP, %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	subq	$READERS_WAKEUP, %rdi
 
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedrdlock.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedrdlock.S
index 40bcc04..348170e 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedrdlock.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedrdlock.S
@@ -109,7 +109,7 @@ pthread_rwlock_timedrdlock:
 #endif
 21:	leaq	READERS_WAKEUP(%r12), %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	movq	%rax, %rdx
 
 #ifndef __ASSUME_FUTEX_CLOCK_REALTIME
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedwrlock.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedwrlock.S
index f57ef52..e9ac77f 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedwrlock.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedwrlock.S
@@ -106,7 +106,7 @@ pthread_rwlock_timedwrlock:
 #endif
 21:	leaq	WRITERS_WAKEUP(%r12), %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 	movq	%rax, %rdx
 
 #ifndef __ASSUME_FUTEX_CLOCK_REALTIME
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_unlock.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_unlock.S
index d779f7b..849c74f 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_unlock.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_unlock.S
@@ -79,7 +79,7 @@ __pthread_rwlock_unlock:
 #endif
 	movl	$SYS_futex, %eax
 	movq	%r10, %rdi
-	syscall
+	SYSCALLDB
 
 	xorl	%eax, %eax
 	retq
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_wrlock.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_wrlock.S
index e444def..fd94930 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_wrlock.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_wrlock.S
@@ -80,7 +80,7 @@ __pthread_rwlock_wrlock:
 #endif
 	addq	$WRITERS_WAKEUP, %rdi
 	movl	$SYS_futex, %eax
-	syscall
+	SYSCALLDB
 
 	subq	$WRITERS_WAKEUP, %rdi
 
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/sem_post.S b/nptl/sysdeps/unix/sysv/linux/x86_64/sem_post.S
index 1c11600..bd166cf 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/sem_post.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/sem_post.S
@@ -52,7 +52,7 @@ sem_post:
 	movl	$FUTEX_WAKE, %esi
 	orl	PRIVATE(%rdi), %esi
 	movl	$1, %edx
-	syscall
+	SYSCALLDB
 
 	testq	%rax, %rax
 	js	1f
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S b/nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S
index 880610e..e520049 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S
@@ -97,7 +97,7 @@ sem_timedwait:
 	orl	PRIVATE(%rdi), %esi
 	movl	$SYS_futex, %eax
 	xorl	%edx, %edx
-	syscall
+	SYSCALLDB
 	movq	%rax, %r9
 #if VALUE != 0
 	leaq	-VALUE(%rdi), %rdi
@@ -233,7 +233,7 @@ sem_timedwait:
 # endif
 	movl	$SYS_futex, %eax
 	xorl	%edx, %edx
-	syscall
+	SYSCALLDB
 	movq	%rax, %r14
 
 	movl	16(%rsp), %edi
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/sem_wait.S b/nptl/sysdeps/unix/sysv/linux/x86_64/sem_wait.S
index 8f4d068..fe6dfbf 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/sem_wait.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/sem_wait.S
@@ -81,7 +81,7 @@ sem_wait:
 	orl	PRIVATE(%rdi), %esi
 #endif
 	xorl	%edx, %edx
-	syscall
+	SYSCALLDB
 	movq	%rax, %rcx
 
 	xchgq	%r8, %rdi
diff --git a/nptl/sysdeps/x86_64/pthreaddef.h b/nptl/sysdeps/x86_64/pthreaddef.h
index 18a15a1..f050241 100644
--- a/nptl/sysdeps/x86_64/pthreaddef.h
+++ b/nptl/sysdeps/x86_64/pthreaddef.h
@@ -48,4 +48,4 @@
 
 /* While there is no such syscall.  */
 #define __exit_thread_inline(val) \
-  asm volatile ("syscall" :: "a" (__NR_exit), "D" (val))
+  asm volatile (SYSCALLDB :: "a" (__NR_exit), "D" (val))
diff --git a/nptl/sysdeps/x86_64/tls.h b/nptl/sysdeps/x86_64/tls.h
index cbb5e9e..9b87e25 100644
--- a/nptl/sysdeps/x86_64/tls.h
+++ b/nptl/sysdeps/x86_64/tls.h
@@ -28,6 +28,8 @@
 # include <sysdep.h>
 # include <libc-internal.h>
 # include <kernel-features.h>
+# include <shim_tls.h>
+# include <syscalldb.h>
 
 /* Replacement type for __m128 since this file is included by ld.so,
    which is compiled with -mno-sse.  It must not change the alignment
@@ -67,6 +69,10 @@ typedef struct
 # else
   int __glibc_reserved1;
 # endif
+
+  shim_tcb_t shim_tcb;	/* For graphene, we allocate a shim_tcb
+			   in the real tcb. */
+
   int rtld_must_xmm_save;
   /* Reservation of some values for the TM ABI.  */
   void *__private_tm[4];
@@ -154,7 +159,7 @@ typedef struct
      _head->self = _thrdescr;						      \
 									      \
      /* It is a simple syscall to set the %fs value for the thread.  */	      \
-     asm volatile ("syscall"						      \
+     asm volatile (SYSCALLDB						      \
 		   : "=a" (_result)					      \
 		   : "0" ((unsigned long int) __NR_arch_prctl),		      \
 		     "D" ((unsigned long int) ARCH_SET_FS),		      \
diff --git a/sysdeps/unix/sysv/linux/_exit.c b/sysdeps/unix/sysv/linux/_exit.c
index 2468228..a9f1cd6 100644
--- a/sysdeps/unix/sysv/linux/_exit.c
+++ b/sysdeps/unix/sysv/linux/_exit.c
@@ -29,9 +29,9 @@ _exit (status)
   while (1)
     {
 #ifdef __NR_exit_group
-      INLINE_SYSCALL (exit_group, 1, status);
+      INLINE_SYSCALL_ASM (exit_group, 1, status);
 #endif
-      INLINE_SYSCALL (exit, 1, status);
+      INLINE_SYSCALL_ASM (exit, 1, status);
 
 #ifdef ABORT_INSTRUCTION
       ABORT_INSTRUCTION;
diff --git a/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S b/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S
index 49f0384..6b1a975 100644
--- a/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S
+++ b/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S
@@ -84,7 +84,8 @@ ENTRY(____longjmp_chk)
 	xorl	%edi, %edi
 	lea	-sizeSS(%rsp), %RSI_LP
 	movl	$__NR_sigaltstack, %eax
-	syscall
+	SYSCALLDB
+
 	/* Without working sigaltstack we cannot perform the test.  */
 	testl	%eax, %eax
 	jne	.Lok2
diff --git a/sysdeps/unix/sysv/linux/x86_64/clone.S b/sysdeps/unix/sysv/linux/x86_64/clone.S
index 0508730..e1b35ec 100644
--- a/sysdeps/unix/sysv/linux/x86_64/clone.S
+++ b/sysdeps/unix/sysv/linux/x86_64/clone.S
@@ -76,5 +80,5 @@ ENTRY (__clone)
 	/* End FDE now, because in the child the unwind info will be
 	   wrong.  */
 	cfi_endproc;
-	syscall
+	SYSCALLDB
 
@@ -99,10 +104,10 @@ L(thread_start):
 	movl	$-1, %eax
 	jne	2f
 	movl	$SYS_ify(getpid), %eax
-	syscall
+	SYSCALLDB
 2:	movl	%eax, %fs:PID
 	movl	%eax, %fs:TID
 1:
 #endif
 
 	/* Set up arguments for the function call.  */
diff --git a/sysdeps/unix/sysv/linux/x86_64/getcontext.S b/sysdeps/unix/sysv/linux/x86_64/getcontext.S
index 140db03..6967f10 100644
--- a/sysdeps/unix/sysv/linux/x86_64/getcontext.S
+++ b/sysdeps/unix/sysv/linux/x86_64/getcontext.S
@@ -75,7 +75,7 @@ ENTRY(__getcontext)
 #endif
 	movl	$_NSIG8,%r10d
 	movl	$__NR_rt_sigprocmask, %eax
-	syscall
+	SYSCALLDB
 	cmpq	$-4095, %rax		/* Check %rax for error.  */
 	jae	SYSCALL_ERROR_LABEL	/* Jump to error handler if error.  */
 
diff --git a/sysdeps/unix/sysv/linux/x86_64/sched_getcpu.S b/sysdeps/unix/sysv/linux/x86_64/sched_getcpu.S
index 0fd47f2..7a82975 100644
--- a/sysdeps/unix/sysv/linux/x86_64/sched_getcpu.S
+++ b/sysdeps/unix/sysv/linux/x86_64/sched_getcpu.S
@@ -44,7 +45,7 @@
 #else
 # ifdef __NR_getcpu
 	movl	$__NR_getcpu, %eax
-	syscall
+	SYSCALLDB
 #  ifndef __ASSUME_GETCPU_SYSCALL
        cmpq    $-ENOSYS, %rax
        jne     1f
diff --git a/sysdeps/unix/sysv/linux/x86_64/setcontext.S b/sysdeps/unix/sysv/linux/x86_64/setcontext.S
index b726fa0..bb3ae34 100644
--- a/sysdeps/unix/sysv/linux/x86_64/setcontext.S
+++ b/sysdeps/unix/sysv/linux/x86_64/setcontext.S
@@ -43,7 +43,7 @@ ENTRY(__setcontext)
 	movl	$SIG_SETMASK, %edi
 	movl	$_NSIG8,%r10d
 	movl	$__NR_rt_sigprocmask, %eax
-	syscall
+	SYSCALLDB
 	popq	%rdi			/* Reload %rdi, adjust stack.  */
 	cfi_adjust_cfa_offset(-8)
 	cmpq	$-4095, %rax		/* Check %rax for error.  */
diff --git a/sysdeps/unix/sysv/linux/x86_64/sigaction.c b/sysdeps/unix/sysv/linux/x86_64/sigaction.c
index ab23985..38a6b69 100644
--- a/sysdeps/unix/sysv/linux/x86_64/sigaction.c
+++ b/sysdeps/unix/sysv/linux/x86_64/sigaction.c
@@ -129,7 +129,7 @@ asm									\
    "	.type __" #name ",@function\n"					\
    "__" #name ":\n"							\
    "	movq $" #syscall ", %rax\n"					\
-   "	syscall\n"							\
+   SYSCALLDB_ASM							\
    ".LEND_" #name ":\n"							\
    ".section .eh_frame,\"a\",@progbits\n"				\
    ".LSTARTFRAME_" #name ":\n"						\
diff --git a/sysdeps/unix/sysv/linux/x86_64/swapcontext.S b/sysdeps/unix/sysv/linux/x86_64/swapcontext.S
index b3854fa..6369bfe 100644
--- a/sysdeps/unix/sysv/linux/x86_64/swapcontext.S
+++ b/sysdeps/unix/sysv/linux/x86_64/swapcontext.S
@@ -75,7 +75,7 @@ ENTRY(__swapcontext)
 	movl	$SIG_SETMASK, %edi
 	movl	$_NSIG8,%r10d
 	movl	$__NR_rt_sigprocmask, %eax
-	syscall
+	SYSCALLDB
 	cmpq	$-4095, %rax		/* Check %rax for error.  */
 	jae	SYSCALL_ERROR_LABEL	/* Jump to error handler if error.  */
 
diff --git a/sysdeps/unix/sysv/linux/x86_64/syscall.S b/sysdeps/unix/sysv/linux/x86_64/syscall.S
index 92c2f5b..e32ebb2 100644
--- a/sysdeps/unix/sysv/linux/x86_64/syscall.S
+++ b/sysdeps/unix/sysv/linux/x86_64/syscall.S
@@ -34,7 +34,7 @@
 	movq %r8, %r10
 	movq %r9, %r8
 	movq 8(%rsp),%r9	/* arg6 is on the stack.  */
-	syscall			/* Do the system call.  */
+	SYSCALLDB			/* Do the system call.  */
 	cmpq $-4095, %rax	/* Check %rax for error.  */
 	jae SYSCALL_ERROR_LABEL	/* Jump to error handler if error.  */
 	ret			/* Return to caller.  */
diff --git a/sysdeps/unix/sysv/linux/x86_64/sysdep.h b/sysdeps/unix/sysv/linux/x86_64/sysdep.h
index 4a9a9d9..dc452ed 100644
--- a/sysdeps/unix/sysv/linux/x86_64/sysdep.h
+++ b/sysdeps/unix/sysv/linux/x86_64/sysdep.h
@@ -21,6 +21,7 @@
 /* There is some commonality.  */
 #include <sysdeps/unix/x86_64/sysdep.h>
 #include <tls.h>
+#include "syscalldb.h"
 
 #ifdef IS_IN_rtld
 # include <dl-sysdep.h>		/* Defines RTLD_PRIVATE_ERRNO.  */
@@ -176,7 +177,7 @@
 # define DO_CALL(syscall_name, args)		\
     DOARGS_##args				\
     movl $SYS_ify (syscall_name), %eax;		\
-    syscall;
+    SYSCALLDB;
 
 # define DOARGS_0 /* nothing */
 # define DOARGS_1 /* nothing */
@@ -190,9 +191,20 @@
 /* Define a macro which expands inline into the wrapper code for a system
    call.  */
 # undef INLINE_SYSCALL
-# define INLINE_SYSCALL(name, nr, args...) \
+# define INLINE_SYSCALL(name, nr_args...) \
   ({									      \
-    unsigned long int resultvar = INTERNAL_SYSCALL (name, , nr, args);	      \
+    unsigned long int resultvar = INTERNAL_SYSCALL (name, , ##nr_args);	      \
+    if (__builtin_expect (INTERNAL_SYSCALL_ERROR_P (resultvar, ), 0))	      \
+      {									      \
+	__set_errno (INTERNAL_SYSCALL_ERRNO (resultvar, ));		      \
+	resultvar = (unsigned long int) -1;				      \
+      }									      \
+    (long int) resultvar; })
+
+# undef INLINE_SYSCALL_ASM
+# define INLINE_SYSCALL_ASM(name, nr_args...) \
+  ({									      \
+    unsigned long int resultvar = INTERNAL_SYSCALL_ASM (name, , ##nr_args);   \
     if (__builtin_expect (INTERNAL_SYSCALL_ERROR_P (resultvar, ), 0))	      \
       {									      \
 	__set_errno (INTERNAL_SYSCALL_ERRNO (resultvar, ));		      \
@@ -204,9 +216,9 @@
    into the wrapper code for a system call.  It should be used when size
    of any argument > size of long int.  */
 # undef INLINE_SYSCALL_TYPES
-# define INLINE_SYSCALL_TYPES(name, nr, args...) \
+# define INLINE_SYSCALL_TYPES(name, nr_args...) \
   ({									      \
-    unsigned long int resultvar = INTERNAL_SYSCALL_TYPES (name, , nr, args);  \
+    unsigned long int resultvar = INTERNAL_SYSCALL_TYPES (name, , ##nr_args); \
     if (__builtin_expect (INTERNAL_SYSCALL_ERROR_P (resultvar, ), 0))	      \
       {									      \
 	__set_errno (INTERNAL_SYSCALL_ERRNO (resultvar, ));		      \
@@ -223,13 +235,19 @@
     LOAD_ARGS_##nr (args)						      \
     LOAD_REGS_##nr							      \
     asm volatile (							      \
-    "syscall\n\t"							      \
+    SYSCALLDB								      \
     : "=a" (resultvar)							      \
     : "0" (name) ASM_ARGS_##nr : "memory", "cc", "r11", "cx");		      \
     (long int) resultvar; })
+# define INTERNAL_SYSCALL_NCS_ASM INTERNAL_SYSCALL_NCS
+
 # undef INTERNAL_SYSCALL
-# define INTERNAL_SYSCALL(name, err, nr, args...) \
-  INTERNAL_SYSCALL_NCS (__NR_##name, err, nr, ##args)
+# define INTERNAL_SYSCALL(name, err, nr_args...) \
+  INTERNAL_SYSCALL_NCS (__NR_##name, err, ##nr_args)
+
+# undef INTERNAL_SYSCALL_ASM
+# define INTERNAL_SYSCALL_ASM(name, err, nr_args...) \
+  INTERNAL_SYSCALL_NCS_ASM (__NR_##name, err, ##nr_args)
 
 # define INTERNAL_SYSCALL_NCS_TYPES(name, err, nr, args...) \
   ({									      \
@@ -237,7 +255,7 @@
     LOAD_ARGS_TYPES_##nr (args)						      \
     LOAD_REGS_TYPES_##nr (args)						      \
     asm volatile (							      \
-    "syscall\n\t"							      \
+    SYSCALLDB								      \
     : "=a" (resultvar)							      \
     : "0" (name) ASM_ARGS_##nr : "memory", "cc", "r11", "cx");		      \
     (long int) resultvar; })
diff --git a/sysdeps/unix/sysv/linux/x86_64/vfork.S b/sysdeps/unix/sysv/linux/x86_64/vfork.S
index d3b450a..75a63e1 100644
--- a/sysdeps/unix/sysv/linux/x86_64/vfork.S
+++ b/sysdeps/unix/sysv/linux/x86_64/vfork.S
@@ -38,7 +38,7 @@ ENTRY (__vfork)
 
 	/* Stuff the syscall number in RAX and enter into the kernel.  */
 	movl	$SYS_ify (vfork), %eax
-	syscall
+	SYSCALLDB
 
 	/* Push back the return PC.  */
 	pushq	%rdi
diff --git a/sysdeps/x86_64/dl-machine.h b/sysdeps/x86_64/dl-machine.h
index 504c95f..dcfc259 100644
--- a/sysdeps/x86_64/dl-machine.h
+++ b/sysdeps/x86_64/dl-machine.h
@@ -529,7 +529,8 @@ elf_machine_lazy_rel (struct link_map *map,
 	value = ((ElfW(Addr) (*) (void)) value) ();
       *reloc_addr = value;
     }
-  else
+  /* for graphene, get around R_X86_64_NONE */
+  else if (__builtin_expect (r_type != R_X86_64_NONE, 1))
     _dl_reloc_bad_type (map, r_type, 1);
 }