public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup
@ 2020-12-15 11:01 nsz at gcc dot gnu.org
2020-12-15 11:38 ` [Bug dynamic-link/27072] " fweimer at redhat dot com
` (10 more replies)
0 siblings, 11 replies; 12+ messages in thread
From: nsz at gcc dot gnu.org @ 2020-12-15 11:01 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
Bug ID: 27072
Summary: static pie ifunc resolvers run before hwcap is setup
Product: glibc
Version: 2.32
Status: NEW
Severity: normal
Priority: P2
Component: dynamic-link
Assignee: unassigned at sourceware dot org
Reporter: nsz at gcc dot gnu.org
Target Milestone: ---
as far as i can tell in csu/libc-start.c
_dl_relocate_static_pie ();
is before
_dl_aux_init (auxvec);
so ifunc resolvers are run before GL(dl_hwcap) and GL(dl_hwcap2) are set up.
on aarch64 this at least affects memory tagging: non-MTE-safe string functions
are selected in static PIE binaries unconditionally.
but i think this is a bug on all targets where hwcap is passed to ifunc
resolvers and support static pie.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
@ 2020-12-15 11:38 ` fweimer at redhat dot com
2021-01-07 12:42 ` hjl.tools at gmail dot com
` (9 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: fweimer at redhat dot com @ 2020-12-15 11:38 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security-
CC| |fweimer at redhat dot com
--- Comment #1 from Florian Weimer <fweimer at redhat dot com> ---
Yes, we ran into this on x86 too, where it has been fixed with an artificial
IFUNC relocation (which I think it is inappropriate):
commit 0f09154c64005e78b61484ae87b5ea2028051ea0
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Sat Jul 4 06:35:49 2020 -0700
x86: Initialize CPU info via IFUNC relocation [BZ 26203]
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
2020-12-15 11:38 ` [Bug dynamic-link/27072] " fweimer at redhat dot com
@ 2021-01-07 12:42 ` hjl.tools at gmail dot com
2021-01-07 14:00 ` nsz at gcc dot gnu.org
` (8 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: hjl.tools at gmail dot com @ 2021-01-07 12:42 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |hjl.tools at gmail dot com
--- Comment #2 from H.J. Lu <hjl.tools at gmail dot com> ---
Did you run into
https://sourceware.org/bugzilla/show_bug.cgi?id=13302
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
2020-12-15 11:38 ` [Bug dynamic-link/27072] " fweimer at redhat dot com
2021-01-07 12:42 ` hjl.tools at gmail dot com
@ 2021-01-07 14:00 ` nsz at gcc dot gnu.org
2021-01-07 17:10 ` hjl.tools at gmail dot com
` (7 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: nsz at gcc dot gnu.org @ 2021-01-07 14:00 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
--- Comment #3 from Szabolcs Nagy <nsz at gcc dot gnu.org> ---
(In reply to H.J. Lu from comment #2)
> Did you run into
>
> https://sourceware.org/bugzilla/show_bug.cgi?id=13302
first of all IRELATIVE relocs are in a separate
section (.rela.plt where DT_JUMPREL points to)
that is processed later than RELATIVE relocs
(which are in .rela.dyn where DT_RELA points to)
see the two 'ranges' in _ELF_DYNAMIC_DO_RELOC.
with static pie 'ELF_DURING_STARTUP' is set, so
the two ranges are not processed separately, but
in one go, but because of the different section,
IRELATIVE is necessarily after RELATIVE in the
binary.
of course glibc may choose to process relocs in
different order than they appear in the binary.
see elf_dynamic_do_Rela, but that's not a linker
issue anymore.
(within DT_JUMPREL i'd expect ld to order IRELATIVE
after JUMP_SLOT relocs, but before TLSDESC relocs,
but such relocs cannot appear in static pie so this
is not relevant here anyway.)
also note that currently in glibc the aarch64 ifunc
resolvers don't depend on RELATIVE relocs so even
if there was no ordering the reloc processing would
work for now (assuming no user ifuncs).
in short 13302 is not relevant to this bug.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
` (2 preceding siblings ...)
2021-01-07 14:00 ` nsz at gcc dot gnu.org
@ 2021-01-07 17:10 ` hjl.tools at gmail dot com
2021-01-07 20:33 ` hjl.tools at gmail dot com
` (6 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: hjl.tools at gmail dot com @ 2021-01-07 17:10 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
--- Comment #4 from H.J. Lu <hjl.tools at gmail dot com> ---
This works on x86:
diff --git a/csu/libc-start.c b/csu/libc-start.c
index db859c3bed..3c2cf2f384 100644
--- a/csu/libc-start.c
+++ b/csu/libc-start.c
@@ -142,6 +142,8 @@ LIBC_START_MAIN (int (*main) (int, char **, char **
MAIN_AUXVEC_DECL),
int result;
#ifndef SHARED
+ ARCH_INIT_CPU_FEATURES ();
+
_dl_relocate_static_pie ();
char **ev = &argv[argc + 1];
@@ -189,8 +191,6 @@ LIBC_START_MAIN (int (*main) (int, char **, char **
MAIN_AUXVEC_DECL),
__tunables_init (__environ);
- ARCH_INIT_CPU_FEATURES ();
-
/* Perform IREL{,A} relocations. */
ARCH_SETUP_IREL ();
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
` (3 preceding siblings ...)
2021-01-07 17:10 ` hjl.tools at gmail dot com
@ 2021-01-07 20:33 ` hjl.tools at gmail dot com
2021-01-13 19:20 ` i at maskray dot me
` (5 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: hjl.tools at gmail dot com @ 2021-01-07 20:33 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
--- Comment #5 from H.J. Lu <hjl.tools at gmail dot com> ---
Created attachment 13101
--> https://sourceware.org/bugzilla/attachment.cgi?id=13101&action=edit
An IFUNC testcase on x86
It failed with static PIE.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
` (4 preceding siblings ...)
2021-01-07 20:33 ` hjl.tools at gmail dot com
@ 2021-01-13 19:20 ` i at maskray dot me
2021-01-19 14:39 ` cvs-commit at gcc dot gnu.org
` (4 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: i at maskray dot me @ 2021-01-13 19:20 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
Fangrui Song <i at maskray dot me> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |i at maskray dot me
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
` (5 preceding siblings ...)
2021-01-13 19:20 ` i at maskray dot me
@ 2021-01-19 14:39 ` cvs-commit at gcc dot gnu.org
2021-01-21 15:59 ` cvs-commit at gcc dot gnu.org
` (3 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2021-01-19 14:39 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
--- Comment #6 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by H.J. Lu <hjl@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cabc8a291629011894ff5d1dc4ec7e25ecee6269
commit cabc8a291629011894ff5d1dc4ec7e25ecee6269
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Mon Jan 18 11:45:46 2021 +0000
elf: Avoid RELATIVE relocation for _dl_sysinfo
Set the default _dl_sysinfo in _dl_aux_init to avoid RELATIVE relocation
in static PIE.
This is needed for fixing bug 27072 on x86.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
` (6 preceding siblings ...)
2021-01-19 14:39 ` cvs-commit at gcc dot gnu.org
@ 2021-01-21 15:59 ` cvs-commit at gcc dot gnu.org
2021-01-21 15:59 ` cvs-commit at gcc dot gnu.org
` (2 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2021-01-21 15:59 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
--- Comment #7 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Szabolcs Nagy <nsz@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=47618209d05a0e77932038f21c6bba2425bd75c6
commit 47618209d05a0e77932038f21c6bba2425bd75c6
Author: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date: Fri Jan 15 12:49:24 2021 +0000
Use hidden visibility for early static PIE code
Extern symbol access in position independent code usually involves GOT
indirection which needs RELATIVE reloc in a static linked PIE. (On
some targets this is avoided e.g. because the linker can relax a GOT
access to a pc-relative access, but this is not generally true.) Code
that runs before static PIE self relocation must avoid relying on
dynamic relocations which can be ensured by using hidden visibility.
However we cannot just make all symbols hidden:
On i386, all calls to IFUNC functions must go through PLT and calls to
hidden functions CANNOT go through PLT in PIE since EBX used in PIE PLT
may not be set up for local calls to hidden IFUNC functions.
This patch aims to make symbol references hidden in code that is used
before and by _dl_relocate_static_pie when building a static PIE libc.
Note: for an object that is used in the startup code, its references
and definition may not have consistent visibility: it is only forced
hidden in the startup code.
This is needed for fixing bug 27072.
Co-authored-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
` (7 preceding siblings ...)
2021-01-21 15:59 ` cvs-commit at gcc dot gnu.org
@ 2021-01-21 15:59 ` cvs-commit at gcc dot gnu.org
2021-01-21 17:06 ` adhemerval.zanella at linaro dot org
2021-01-21 18:23 ` hjl.tools at gmail dot com
10 siblings, 0 replies; 12+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2021-01-21 15:59 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
--- Comment #8 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Szabolcs Nagy <nsz@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=86d439b06fb29af8d063ee8855ff63a863f46ef3
commit 86d439b06fb29af8d063ee8855ff63a863f46ef3
Author: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date: Tue Jan 19 17:17:01 2021 +0000
csu: Move static pie self relocation later [BZ #27072]
IFUNC resolvers may depend on tunables and cpu feature setup so
move static pie self relocation after those.
It is hard to guarantee that the ealy startup code does not rely
on relocations so this is a bit fragile. It would be more robust
to handle RELATIVE relocs early and only IRELATIVE relocs later,
but the current relocation processing code cannot do that.
The early startup code up to relocation processing includes
_dl_aux_init (auxvec);
__libc_init_secure ();
__tunables_init (__environ);
ARCH_INIT_CPU_FEATURES ();
_dl_relocate_static_pie ();
These are simple enough that RELATIVE relocs can be avoided.
The following steps include
ARCH_SETUP_IREL ();
ARCH_SETUP_TLS ();
ARCH_APPLY_IREL ();
On some targets IRELATIVE processing relies on TLS setup on
others TLS setup relies on IRELATIVE relocs, so the right
position for _dl_relocate_static_pie is target dependent.
For now move self relocation as early as possible on targets
that support static PIE.
Fixes bug 27072.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
` (8 preceding siblings ...)
2021-01-21 15:59 ` cvs-commit at gcc dot gnu.org
@ 2021-01-21 17:06 ` adhemerval.zanella at linaro dot org
2021-01-21 18:23 ` hjl.tools at gmail dot com
10 siblings, 0 replies; 12+ messages in thread
From: adhemerval.zanella at linaro dot org @ 2021-01-21 17:06 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
Adhemerval Zanella <adhemerval.zanella at linaro dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |adhemerval.zanella at linaro dot o
| |rg
Target Milestone|--- |2.33
Status|NEW |RESOLVED
Resolution|--- |NOTABUG
--- Comment #9 from Adhemerval Zanella <adhemerval.zanella at linaro dot org> ---
Fixed on 2.33.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug dynamic-link/27072] static pie ifunc resolvers run before hwcap is setup
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
` (9 preceding siblings ...)
2021-01-21 17:06 ` adhemerval.zanella at linaro dot org
@ 2021-01-21 18:23 ` hjl.tools at gmail dot com
10 siblings, 0 replies; 12+ messages in thread
From: hjl.tools at gmail dot com @ 2021-01-21 18:23 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=27072
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|NOTABUG |FIXED
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2021-01-21 18:23 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-15 11:01 [Bug dynamic-link/27072] New: static pie ifunc resolvers run before hwcap is setup nsz at gcc dot gnu.org
2020-12-15 11:38 ` [Bug dynamic-link/27072] " fweimer at redhat dot com
2021-01-07 12:42 ` hjl.tools at gmail dot com
2021-01-07 14:00 ` nsz at gcc dot gnu.org
2021-01-07 17:10 ` hjl.tools at gmail dot com
2021-01-07 20:33 ` hjl.tools at gmail dot com
2021-01-13 19:20 ` i at maskray dot me
2021-01-19 14:39 ` cvs-commit at gcc dot gnu.org
2021-01-21 15:59 ` cvs-commit at gcc dot gnu.org
2021-01-21 15:59 ` cvs-commit at gcc dot gnu.org
2021-01-21 17:06 ` adhemerval.zanella at linaro dot org
2021-01-21 18:23 ` hjl.tools at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).