From: Alan Modra <amodra@gmail.com>
To: Jeff Law <law@redhat.com>
Cc: Cary Coutant <ccoutant@gmail.com>,
"H.J. Lu" <hjl.tools@gmail.com>, Joe Groff <jgroff@apple.com>,
Binutils <binutils@sourceware.org>
Subject: Re: Preventing preemption of 'protected' symbols in GNU ld 2.26
Date: Wed, 30 Mar 2016 14:44:00 -0000 [thread overview]
Message-ID: <20160330143421.GM15812@bubble.grove.modra.org> (raw)
In-Reply-To: <56FB5061.9010303@redhat.com>
OK, I'll try to list the technical issues re. pr65248 "Copy relocation
against protected symbol doesn't work".
Given a shared library that defines a variable, and a non-PIC
executable that references that variable, the linker makes a duplicate
of the variable in the executable .dynbss section and arranges to have
the copy initialized by the dynamic loader with a copy relocation.
.dynbss is a linker created section that becomes part of the
executable bss segment. The idea is that at run-time both the
executable and the shared library will use the executable copy of the
variable. It's a rather ancient linker hack to avoid dynamic text
relocations, invented well before symbol visibility.
The problem with protected visibility variables in shared libraries is
that the shared library continues to access its own copy. So we have
two copies of a variable where the source only contained one variable
definition. (It's not really the copy relocation as such that causes
a problem, but the fact that we have a duplicate in .dynbss.)
Solutions are:
1) Have the linker emit an error, suggesting that the executable needs
to be PIC to access a protected visibility variable in a shared
library. Pass the pain on to users.
2) Emit dynamic text relocations for non-PIC executable access to
protected visibility variables defined in shared libraries. Makes
executable pages with text relocations non-shared between processes.
(But can be shared again after relocation if two processes have the
same layout.)
3) Teach the linker to edit non-PIC to PIC. I've done this for ppc32,
but it's not very easy for x86 due to the fact that you can't find the
start of an instruction from a relocated field. It also results in
slow code, since PIC sequences are usually larger than non-PIC,
requiring a branch into a patch area and a branch back.
4) Have the compiler always emit PIC for external variable access.
The .dynbss hack could then die a natural death. Coupled with linker
editing of PIC to non-PIC, you'd get correct and reasonably fast code
with perhaps a few nops. Again, x86 has difficulty due to variable
length insns, but this could be solved with marker relocs.
5) HJ's solution. Make the compiler emit the same code for protected
visibility variables in shared libraries as it does for default
visibility variables. ie. shared libraries access their protected
visibility variables via the GOT, which allows the .dynbss hack to
work. Also, modify the dynamic loader to ensure protected visibility
semantics are enforced. (Consider the case of shared lib A that
defines protected visibility var V, and shared lib B that also defines
protected visibility var V, and an executable that references V.
Assuming A is before B in breadth-first order, then the executable and
A should use the .dynbss copy of V, but B should use its own V!) I've
got to hand it to HJ, I think he has all this working properly to
satisfy the semantics of protected visibility.
However, shared library access of protected visibility variables is of
course no quicker than default visibility variables. Which defeats
the main reason to use protected visibility variables in shared
libraries! Note also that it unnecessarily slows down shared library
code using protected visibility variables that are not accessed by the
executable (but perhaps accessed from some other shared library).
Also, I don't believe there is anything to prevent a newly compiled
program from running with an old glibc, which would mean protected
visibility semantics are broken on such a system. To be fair, they
were probably broken on such a system before the linker complained
about non-PIC protected visibility access, anyway.
--
Alan Modra
Australia Development Lab, IBM
next prev parent reply other threads:[~2016-03-30 14:44 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <AB592ABD-D6D7-4D2F-A0D6-45738F168DC4@apple.com>
2016-03-29 19:31 ` Fwd: " Joe Groff
2016-03-29 19:33 ` H.J. Lu
2016-03-29 19:36 ` Joe Groff
2016-03-29 19:43 ` H.J. Lu
2016-03-29 19:51 ` Joe Groff
2016-03-29 19:54 ` H.J. Lu
2016-03-29 22:05 ` H.J. Lu
2016-03-30 1:44 ` Alan Modra
2016-03-30 1:46 ` Cary Coutant
2016-03-30 4:04 ` Jeff Law
2016-03-30 7:20 ` Cary Coutant
2016-03-30 7:34 ` Cary Coutant
2016-03-30 14:44 ` Alan Modra [this message]
2016-03-31 0:45 ` Cary Coutant
2016-04-15 21:49 ` Preventing preemption of 'protected' symbols in GNU ld 2.26 [aka should we revert the fix for 65248] Jeff Law
2016-04-15 21:56 ` H.J. Lu
2016-04-18 9:02 ` Richard Biener
2016-04-18 14:49 ` Alan Modra
2016-04-18 14:59 ` H.J. Lu
2016-04-18 17:04 ` Maciej W. Rozycki
2016-04-18 17:09 ` H.J. Lu
2016-04-18 17:24 ` Michael Matz
2016-04-18 17:27 ` H.J. Lu
2016-04-18 18:52 ` Jakub Jelinek
2016-04-18 19:28 ` H.J. Lu
2016-04-18 17:55 ` Cary Coutant
2016-04-25 17:24 ` Jeff Law
2016-04-25 17:31 ` H.J. Lu
2016-04-18 17:57 ` Maciej W. Rozycki
2016-04-19 5:08 ` Alan Modra
2016-04-19 8:20 ` Richard Biener
2016-04-19 9:53 ` Szabolcs Nagy
2016-04-19 14:06 ` Michael Matz
2016-04-19 15:37 ` Cary Coutant
2016-04-19 15:44 ` H.J. Lu
2016-04-19 15:52 ` H.J. Lu
2016-04-19 15:54 ` H.J. Lu
2016-04-19 15:58 ` Cary Coutant
2016-04-19 16:00 ` H.J. Lu
2016-04-19 15:54 ` Cary Coutant
2016-04-19 19:11 ` H.J. Lu
2016-04-19 20:17 ` Rich Felker
2016-04-19 21:03 ` Cary Coutant
2016-04-20 17:45 ` anonymous
2016-04-19 15:46 ` Alan Modra
2016-04-25 17:35 ` Jeff Law
2016-04-26 5:55 ` Alan Modra
2016-04-26 8:13 ` Jakub Jelinek
2016-04-18 17:05 ` Cary Coutant
2016-03-31 0:40 ` Preventing preemption of 'protected' symbols in GNU ld 2.26 Cary Coutant
2016-03-31 0:53 ` Jeff Law
2016-03-31 13:27 ` Ramana Radhakrishnan
2016-03-31 15:05 ` H.J. Lu
2016-04-15 16:10 ` Szabolcs Nagy
2016-04-01 19:51 ` Jeff Law
2016-04-02 2:53 ` Alan Modra
2016-04-19 19:47 ` Fwd: " Rich Felker
2016-04-15 16:16 H.J. Lu
2016-04-15 16:36 ` Jeff Law
2016-04-15 16:45 ` H.J. Lu
2016-04-15 16:43 ` Szabolcs Nagy
2016-04-15 23:59 ` Maciej W. Rozycki
2016-04-16 1:08 ` Szabolcs Nagy
-- strict thread matches above, loose matches on Subject: below --
2016-03-24 0:00 Joe Groff
2016-03-24 0:45 ` H.J. Lu
2016-03-24 0:52 ` Joe Groff
2016-03-24 1:25 ` H.J. Lu
2016-03-24 15:01 ` Cary Coutant
2016-03-24 15:07 ` H.J. Lu
2016-03-24 16:06 ` Cary Coutant
2016-03-24 16:42 ` H.J. Lu
2016-03-24 16:56 ` Cary Coutant
2016-03-24 17:05 ` H.J. Lu
2016-03-24 17:06 ` Joe Groff
2016-03-24 17:09 ` H.J. Lu
2016-03-24 18:31 ` Cary Coutant
2016-03-27 16:26 ` Rafael Espíndola
2016-03-28 12:12 ` H.J. Lu
[not found] ` <BC969B3B-87A2-4238-90C8-DA2E166707AF@apple.com>
2016-03-28 17:03 ` Joe Groff
2016-03-28 17:17 ` H.J. Lu
2016-03-28 22:22 ` Cary Coutant
2016-03-28 22:24 ` Joe Groff
2016-03-28 22:38 ` Cary Coutant
2016-03-28 22:41 ` Joe Groff
2016-03-28 23:21 ` Alan Modra
2016-03-29 0:29 ` Cary Coutant
2016-03-29 15:44 ` H.J. Lu
2016-03-28 22:12 ` Cary Coutant
2016-03-29 12:40 ` Maciej W. Rozycki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160330143421.GM15812@bubble.grove.modra.org \
--to=amodra@gmail.com \
--cc=binutils@sourceware.org \
--cc=ccoutant@gmail.com \
--cc=hjl.tools@gmail.com \
--cc=jgroff@apple.com \
--cc=law@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).