public inbox for glibc-bugs@sourceware.org help / color / mirror / Atom feed
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org> To: glibc-bugs@sourceware.org Subject: [Bug dynamic-link/31076] Extra struct vm_area_struct with ---p created when PAGE_SIZE < max-page-size Date: Thu, 07 Dec 2023 09:30:01 +0000 [thread overview] Message-ID: <bug-31076-131-VwuvkDQ9Hr@http.sourceware.org/bugzilla/> (raw) In-Reply-To: <bug-31076-131@http.sourceware.org/bugzilla/> https://sourceware.org/bugzilla/show_bug.cgi?id=31076 --- Comment #20 from Florian Weimer <fweimer at redhat dot com> --- (In reply to Fangrui Song from comment #19) > (In reply to Florian Weimer from comment #18) > > (In reply to Kalesh Singh from comment #15) > > > AIUI if the runtime-page-size equals the max-page-size, the holes are also > > > mapped in as part of the segment mapping and share the same permissions. > > > Does this mean that on such systems, any protection it offers becomes void? > > > > That's my understanding. The current behavior gives programmers the *option* > > to avoid mapping extra code on small-page systems, while maintaining > > compatibility with large-page systems. The proposed change to over-map to > > the next load-segment, to fill the gap, would take away that option. > > Can you elaborate what the option (and "functionality" below) is? Since > 22930c9bf21ea15d0da1477a379029e2de259b69 (1996) rtld just calls `mprotect` > (one > extra `struct vm_area_struct` instance, see `sudo grep vm_area_struct > /proc/slabinfo`), and the user has no option to control this behavior. The developer can produce a binary with a LOAD segment that does not need that mprotect call. > > Unmapping (to create a gap) has compatibility implications. > > I wonder the implications are. If they are related to l_contiguous not > accounted for correctly, the user needs to be fixed. We do not set l_contiguous for the dynamic loader, and it's an internal variable. The bug we have is that we assume (without checking) the the loader is mapped contiguously although the kernel does not do that. We have feedback from downstream that some tools break if the gaps are so large that objects are mapped in the gaps of other objects. This is particularly visible on x86-64 when objects linked with different binutils versions/flags are loaded because the gaps can be quite large due to 2 MiB load segment alignment in some builds. Other objects do not do that alignment and are much smaller than 2 MiB, and so can fit comfortably into the gaps. I'm worried that if we change loader behavior to munmap instead of mprotect, that we'll retroactively expose these bugs more widely. We obviously need to fix the l_contiguous assumption for ld.so in glibc, either by making sure that ld.so has contiguous load segments, or assuming in the code that it does not. -- You are receiving this mail because: You are on the CC list for the bug.
next prev parent reply other threads:[~2023-12-07 9:30 UTC|newest] Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top 2023-11-18 18:48 [Bug dynamic-link/31076] New: " jyescas at google dot com 2023-11-18 18:50 ` [Bug dynamic-link/31076] " jyescas at google dot com 2023-11-21 13:42 ` carlos at redhat dot com 2023-11-22 0:39 ` i at maskray dot me 2023-11-22 4:33 ` kaleshsingh at google dot com 2023-11-22 18:19 ` jyescas at google dot com 2023-11-23 11:42 ` sam at gentoo dot org 2023-11-24 17:40 ` adhemerval.zanella at linaro dot org 2023-11-27 15:11 ` fweimer at redhat dot com 2023-11-27 15:22 ` fweimer at redhat dot com 2023-11-27 16:27 ` adhemerval.zanella at linaro dot org 2023-11-27 17:19 ` fweimer at redhat dot com 2023-11-27 17:39 ` adhemerval.zanella at linaro dot org 2023-11-27 17:45 ` fweimer at redhat dot com 2023-11-27 17:58 ` adhemerval.zanella at linaro dot org 2023-11-27 19:47 ` jyescas at google dot com 2023-11-27 19:55 ` jyescas at google dot com 2023-11-28 8:48 ` rprichard at google dot com 2023-11-28 18:59 ` kaleshsingh at google dot com 2023-11-28 23:58 ` jyescas at google dot com 2023-12-02 17:08 ` i at maskray dot me 2023-12-06 11:57 ` fweimer at redhat dot com 2023-12-07 5:11 ` i at maskray dot me 2023-12-07 9:30 ` fweimer at redhat dot com [this message] 2023-12-08 3:22 ` i at maskray dot me
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-31076-131-VwuvkDQ9Hr@http.sourceware.org/bugzilla/ \ --to=sourceware-bugzilla@sourceware.org \ --cc=glibc-bugs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).