From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 8D9D53858C66; Fri, 24 Nov 2023 17:40:08 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 8D9D53858C66 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1700847608; bh=UdY0xMVeURnA5CzNwhPIGObmevi+r5goBcVSpKNsMfI=; h=From:To:Subject:Date:In-Reply-To:References:From; b=AVMTTkNwjEmA4kLCXCSyFedYo6q0rJXIrV2Jt0BGMxn1yPzUJNqKqHV/QDlSjPZmh 2JS193zOnxZGNcm8OdE1Fk3DQIK+rsecXg2y3ogR9xwWpzBxbTdhUzFiyEycUCfglu wJJ3pqS0lUy6DF2yzl1k39QMhfeVOQd8woG7/ryg= From: "adhemerval.zanella at linaro dot org" To: glibc-bugs@sourceware.org Subject: [Bug dynamic-link/31076] Extra struct vm_area_struct with ---p created when PAGE_SIZE < max-page-size Date: Fri, 24 Nov 2023 17:40:07 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: dynamic-link X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: adhemerval.zanella at linaro dot org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D31076 Adhemerval Zanella changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |adhemerval.zanella at lina= ro dot o | |rg --- Comment #4 from Adhemerval Zanella --- In ancient times, ldso used to unmap the disjoined regions from PT_LOAD. It was changed decades ago (22930c9bf21ea15d0da1477a379029e2de259b69), most li= kely due some kernel VMA limitation since it done between Linux 1.3 to 2.0 relea= se.=20 Changing back to unmap should remove the extra VMA ranges: diff --git a/elf/dl-load.h b/elf/dl-load.h index 1d5207694b..f53983fd1f 100644 --- a/elf/dl-load.h +++ b/elf/dl-load.h @@ -124,6 +124,8 @@ static const char *_dl_map_segments (struct link_map *l, int fd, guaranteed to have translations. */ #define DL_MAP_SEGMENTS_ERROR_MAP_SEGMENT \ N_("failed to map segment from shared object") +#define DL_MAP_SEGMENTS_ERROR_UNMAP_SEGMENT \ + N_("failed to unmap segment from shared object") #define DL_MAP_SEGMENTS_ERROR_MPROTECT \ N_("cannot change memory protections") #define DL_MAP_SEGMENTS_ERROR_MAP_ZERO_FILL \ diff --git a/elf/dl-map-segments.h b/elf/dl-map-segments.h index ac10182d58..7ecb1d917b 100644 --- a/elf/dl-map-segments.h +++ b/elf/dl-map-segments.h @@ -115,11 +115,10 @@ _dl_map_segments (struct link_map *l, int fd, if (__glibc_unlikely (loadcmds[nloadcmds - 1].mapstart < c->mapend)) return N_("ELF load command address/offset not page-aligned"); - if (__glibc_unlikely - (__mprotect ((caddr_t) (l->l_addr + c->mapend), - loadcmds[nloadcmds - 1].mapstart - c->mapend, - PROT_NONE) < 0)) - return DL_MAP_SEGMENTS_ERROR_MPROTECT; + if (__glibc_unlikely + (__munmap ((caddr_t) (l->l_addr + c->mapend), + loadcmds[nloadcmds - 1].mapstart - c->mapend) < 0)) + return DL_MAP_SEGMENTS_ERROR_UNMAP_SEGMENT; } l->l_contiguous =3D 1; It would be somewhat more coslty, since kernel will need to remap and split= the VMA range. However, it is not really clear to me what is the advantage of mprotect/mun= map the scenario where the PT_LOAD might have 'holes' (essentially where the sy= stem page size is lower than the required alignment). I can understand the munm= ap, since it might have some sense back on 32 bit deployments were common and V= MA range was scarse in some situation (specially due fragmentation). But the mprotect does not relly bring any advantage here, it consumes more kernel metadata, do not improve the process VMA range usage, nor it was don= e as a hardening scheme. --=20 You are receiving this mail because: You are on the CC list for the bug.=