public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
* [glibc/nsz/bug27072] Use hidden visibility for early static PIE code
@ 2021-01-18 16:15 Szabolcs Nagy
0 siblings, 0 replies; 3+ messages in thread
From: Szabolcs Nagy @ 2021-01-18 16:15 UTC (permalink / raw)
To: glibc-cvs
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=78d3bf1bc9e9f7c1eafbcf011bbd815e7f6e90b0
commit 78d3bf1bc9e9f7c1eafbcf011bbd815e7f6e90b0
Author: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date: Fri Jan 15 12:49:24 2021 +0000
Use hidden visibility for early static PIE code
This is necessary to avoid RELATIVE relocations in code that has to run
before static PIE self relocation. We cannot make all symbols hidden:
On i386, all calls to IFUNC functions must go through PLT and calls to
hidden functions CANNOT go through PLT in PIE since EBX used in PIE PLT
may not be set up for local calls to hidden IFUNC functions.
Even if we can't make all libc symbols hidden for static PIE on i386, we
must make all symbols used before and by _dl_relocate_static_pie hidden.
This is needed for fixing bug 27072.
Co-authored-by: H.J. Lu <hjl.tools@gmail.com>
Diff:
---
csu/libc-start.c | 4 ++++
elf/dl-reloc-static-pie.c | 2 ++
elf/dl-support.c | 6 ++++++
elf/dl-tunables.c | 4 ++++
elf/enbl-secure.c | 4 ++++
misc/sbrk.c | 4 ++++
sysdeps/unix/sysv/linux/aarch64/libc-start.c | 5 +++++
sysdeps/x86/libc-start.c | 5 +++++
8 files changed, 34 insertions(+)
diff --git a/csu/libc-start.c b/csu/libc-start.c
index db859c3bed..1e90dcb0a7 100644
--- a/csu/libc-start.c
+++ b/csu/libc-start.c
@@ -15,6 +15,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <assert.h>
#include <stdlib.h>
#include <stdio.h>
diff --git a/elf/dl-reloc-static-pie.c b/elf/dl-reloc-static-pie.c
index a8d964061e..d5bd2f31e9 100644
--- a/elf/dl-reloc-static-pie.c
+++ b/elf/dl-reloc-static-pie.c
@@ -17,6 +17,8 @@
<https://www.gnu.org/licenses/>. */
#if ENABLE_STATIC_PIE
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# pragma GCC visibility push(hidden)
#include <unistd.h>
#include <ldsodefs.h>
#include "dynamic-link.h"
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 9d468d5a4b..384080dd80 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -19,6 +19,12 @@
/* This file defines some things that for the dynamic linker are defined in
rtld.c and dl-sysdep.c in ways appropriate to bootstrap dynamic linking. */
+#include <string.h>
+/* Mark symbols hidden in static PIE for early self relocation to work.
+ Note: string.h may have ifuncs which cannot be hidden on i686. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <errno.h>
#include <libintl.h>
#include <stdlib.h>
diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
index e44476f204..b1a50b8469 100644
--- a/elf/dl-tunables.c
+++ b/elf/dl-tunables.c
@@ -18,6 +18,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <startup.h>
#include <stdint.h>
#include <stdbool.h>
diff --git a/elf/enbl-secure.c b/elf/enbl-secure.c
index bc8c5e96d2..ffd7938605 100644
--- a/elf/enbl-secure.c
+++ b/elf/enbl-secure.c
@@ -19,6 +19,10 @@
/* This file is used in the static libc. For the shared library,
dl-sysdep.c defines and initializes __libc_enable_secure. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <unistd.h>
#include <libc-internal.h>
diff --git a/misc/sbrk.c b/misc/sbrk.c
index 99b3fb517e..95800b32aa 100644
--- a/misc/sbrk.c
+++ b/misc/sbrk.c
@@ -15,6 +15,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <errno.h>
#include <libc-internal.h>
#include <stdbool.h>
diff --git a/sysdeps/unix/sysv/linux/aarch64/libc-start.c b/sysdeps/unix/sysv/linux/aarch64/libc-start.c
index f816f04ee1..e1604a6ed0 100644
--- a/sysdeps/unix/sysv/linux/aarch64/libc-start.c
+++ b/sysdeps/unix/sysv/linux/aarch64/libc-start.c
@@ -17,6 +17,11 @@
<https://www.gnu.org/licenses/>. */
#ifndef SHARED
+
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+# endif
# include <ldsodefs.h>
# include <cpu-features.c>
diff --git a/sysdeps/x86/libc-start.c b/sysdeps/x86/libc-start.c
index 4bbd7d555b..d30aec2aa1 100644
--- a/sysdeps/x86/libc-start.c
+++ b/sysdeps/x86/libc-start.c
@@ -16,6 +16,11 @@
<https://www.gnu.org/licenses/>. */
#ifndef SHARED
+
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+# endif
/* Define I386_USE_SYSENTER to support syscall during startup in static
PIE. */
# include <startup.h>
^ permalink raw reply [flat|nested] 3+ messages in thread
* [glibc/nsz/bug27072] Use hidden visibility for early static PIE code
@ 2021-01-20 15:23 Szabolcs Nagy
0 siblings, 0 replies; 3+ messages in thread
From: Szabolcs Nagy @ 2021-01-20 15:23 UTC (permalink / raw)
To: glibc-cvs
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=54afd0132a909969862bb2ce96bd5e95beab324a
commit 54afd0132a909969862bb2ce96bd5e95beab324a
Author: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date: Fri Jan 15 12:49:24 2021 +0000
Use hidden visibility for early static PIE code
Extern symbol access in position independent code usually involves GOT
indirection which needs RELATIVE reloc in a static linked PIE. (On
some targets this is avoided e.g. because the linker can relax a GOT
access to a pc-relative access, but this is not generally true.) Code
that runs before static PIE self relocation must avoid relying on
dynamic relocations which can be ensured by using hidden visibility.
However we cannot just make all symbols hidden:
On i386, all calls to IFUNC functions must go through PLT and calls to
hidden functions CANNOT go through PLT in PIE since EBX used in PIE PLT
may not be set up for local calls to hidden IFUNC functions.
This patch aims to make symbol references hidden in code that is used
before and by _dl_relocate_static_pie when building a static PIE libc.
Note: for an object that is used in the startup code, its references
and definition may not have consistent visibility: it is only forced
hidden in the startup code.
This is needed for fixing bug 27072.
Co-authored-by: H.J. Lu <hjl.tools@gmail.com>
Diff:
---
csu/libc-start.c | 4 ++++
elf/dl-reloc-static-pie.c | 2 ++
elf/dl-support.c | 6 ++++++
elf/dl-tunables.c | 4 ++++
elf/enbl-secure.c | 4 ++++
misc/sbrk.c | 4 ++++
sysdeps/unix/sysv/linux/aarch64/libc-start.c | 5 +++++
sysdeps/x86/libc-start.c | 5 +++++
8 files changed, 34 insertions(+)
diff --git a/csu/libc-start.c b/csu/libc-start.c
index 5b9ce1d158..a2f6e12728 100644
--- a/csu/libc-start.c
+++ b/csu/libc-start.c
@@ -15,6 +15,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <assert.h>
#include <stdlib.h>
#include <stdio.h>
diff --git a/elf/dl-reloc-static-pie.c b/elf/dl-reloc-static-pie.c
index a8d964061e..d5bd2f31e9 100644
--- a/elf/dl-reloc-static-pie.c
+++ b/elf/dl-reloc-static-pie.c
@@ -17,6 +17,8 @@
<https://www.gnu.org/licenses/>. */
#if ENABLE_STATIC_PIE
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# pragma GCC visibility push(hidden)
#include <unistd.h>
#include <ldsodefs.h>
#include "dynamic-link.h"
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 2434c470c7..7abb65d8e3 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -19,6 +19,12 @@
/* This file defines some things that for the dynamic linker are defined in
rtld.c and dl-sysdep.c in ways appropriate to bootstrap dynamic linking. */
+#include <string.h>
+/* Mark symbols hidden in static PIE for early self relocation to work.
+ Note: string.h may have ifuncs which cannot be hidden on i686. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <errno.h>
#include <libintl.h>
#include <stdlib.h>
diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
index e44476f204..b1a50b8469 100644
--- a/elf/dl-tunables.c
+++ b/elf/dl-tunables.c
@@ -18,6 +18,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <startup.h>
#include <stdint.h>
#include <stdbool.h>
diff --git a/elf/enbl-secure.c b/elf/enbl-secure.c
index 5dcf649626..9e47526bd3 100644
--- a/elf/enbl-secure.c
+++ b/elf/enbl-secure.c
@@ -19,6 +19,10 @@
/* This file is used in the static libc. For the shared library,
dl-sysdep.c defines and initializes __libc_enable_secure. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <startup.h>
#include <libc-internal.h>
diff --git a/misc/sbrk.c b/misc/sbrk.c
index 99b3fb517e..95800b32aa 100644
--- a/misc/sbrk.c
+++ b/misc/sbrk.c
@@ -15,6 +15,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <errno.h>
#include <libc-internal.h>
#include <stdbool.h>
diff --git a/sysdeps/unix/sysv/linux/aarch64/libc-start.c b/sysdeps/unix/sysv/linux/aarch64/libc-start.c
index f816f04ee1..e1604a6ed0 100644
--- a/sysdeps/unix/sysv/linux/aarch64/libc-start.c
+++ b/sysdeps/unix/sysv/linux/aarch64/libc-start.c
@@ -17,6 +17,11 @@
<https://www.gnu.org/licenses/>. */
#ifndef SHARED
+
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+# endif
# include <ldsodefs.h>
# include <cpu-features.c>
diff --git a/sysdeps/x86/libc-start.c b/sysdeps/x86/libc-start.c
index 4bbd7d555b..d30aec2aa1 100644
--- a/sysdeps/x86/libc-start.c
+++ b/sysdeps/x86/libc-start.c
@@ -16,6 +16,11 @@
<https://www.gnu.org/licenses/>. */
#ifndef SHARED
+
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+# endif
/* Define I386_USE_SYSENTER to support syscall during startup in static
PIE. */
# include <startup.h>
^ permalink raw reply [flat|nested] 3+ messages in thread
* [glibc/nsz/bug27072] Use hidden visibility for early static PIE code
@ 2021-01-19 15:59 Szabolcs Nagy
0 siblings, 0 replies; 3+ messages in thread
From: Szabolcs Nagy @ 2021-01-19 15:59 UTC (permalink / raw)
To: glibc-cvs
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a16cb63d41cc4d533ded4297a4e814125e9932e3
commit a16cb63d41cc4d533ded4297a4e814125e9932e3
Author: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date: Fri Jan 15 12:49:24 2021 +0000
Use hidden visibility for early static PIE code
This is necessary to avoid RELATIVE relocations in code that has to run
before static PIE self relocation. We cannot make all symbols hidden:
On i386, all calls to IFUNC functions must go through PLT and calls to
hidden functions CANNOT go through PLT in PIE since EBX used in PIE PLT
may not be set up for local calls to hidden IFUNC functions.
Even if we can't make all libc symbols hidden for static PIE on i386, we
must make all symbols used before and by _dl_relocate_static_pie hidden.
This is needed for fixing bug 27072.
Co-authored-by: H.J. Lu <hjl.tools@gmail.com>
Diff:
---
csu/libc-start.c | 4 ++++
elf/dl-reloc-static-pie.c | 2 ++
elf/dl-support.c | 6 ++++++
elf/dl-tunables.c | 4 ++++
elf/enbl-secure.c | 4 ++++
misc/sbrk.c | 4 ++++
sysdeps/unix/sysv/linux/aarch64/libc-start.c | 5 +++++
sysdeps/x86/libc-start.c | 5 +++++
8 files changed, 34 insertions(+)
diff --git a/csu/libc-start.c b/csu/libc-start.c
index db859c3bed..1e90dcb0a7 100644
--- a/csu/libc-start.c
+++ b/csu/libc-start.c
@@ -15,6 +15,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <assert.h>
#include <stdlib.h>
#include <stdio.h>
diff --git a/elf/dl-reloc-static-pie.c b/elf/dl-reloc-static-pie.c
index a8d964061e..d5bd2f31e9 100644
--- a/elf/dl-reloc-static-pie.c
+++ b/elf/dl-reloc-static-pie.c
@@ -17,6 +17,8 @@
<https://www.gnu.org/licenses/>. */
#if ENABLE_STATIC_PIE
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# pragma GCC visibility push(hidden)
#include <unistd.h>
#include <ldsodefs.h>
#include "dynamic-link.h"
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 2434c470c7..7abb65d8e3 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -19,6 +19,12 @@
/* This file defines some things that for the dynamic linker are defined in
rtld.c and dl-sysdep.c in ways appropriate to bootstrap dynamic linking. */
+#include <string.h>
+/* Mark symbols hidden in static PIE for early self relocation to work.
+ Note: string.h may have ifuncs which cannot be hidden on i686. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <errno.h>
#include <libintl.h>
#include <stdlib.h>
diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
index e44476f204..b1a50b8469 100644
--- a/elf/dl-tunables.c
+++ b/elf/dl-tunables.c
@@ -18,6 +18,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <startup.h>
#include <stdint.h>
#include <stdbool.h>
diff --git a/elf/enbl-secure.c b/elf/enbl-secure.c
index bc8c5e96d2..ffd7938605 100644
--- a/elf/enbl-secure.c
+++ b/elf/enbl-secure.c
@@ -19,6 +19,10 @@
/* This file is used in the static libc. For the shared library,
dl-sysdep.c defines and initializes __libc_enable_secure. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <unistd.h>
#include <libc-internal.h>
diff --git a/misc/sbrk.c b/misc/sbrk.c
index 99b3fb517e..95800b32aa 100644
--- a/misc/sbrk.c
+++ b/misc/sbrk.c
@@ -15,6 +15,10 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+#if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+#endif
#include <errno.h>
#include <libc-internal.h>
#include <stdbool.h>
diff --git a/sysdeps/unix/sysv/linux/aarch64/libc-start.c b/sysdeps/unix/sysv/linux/aarch64/libc-start.c
index f816f04ee1..e1604a6ed0 100644
--- a/sysdeps/unix/sysv/linux/aarch64/libc-start.c
+++ b/sysdeps/unix/sysv/linux/aarch64/libc-start.c
@@ -17,6 +17,11 @@
<https://www.gnu.org/licenses/>. */
#ifndef SHARED
+
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+# endif
# include <ldsodefs.h>
# include <cpu-features.c>
diff --git a/sysdeps/x86/libc-start.c b/sysdeps/x86/libc-start.c
index 4bbd7d555b..d30aec2aa1 100644
--- a/sysdeps/x86/libc-start.c
+++ b/sysdeps/x86/libc-start.c
@@ -16,6 +16,11 @@
<https://www.gnu.org/licenses/>. */
#ifndef SHARED
+
+/* Mark symbols hidden in static PIE for early self relocation to work. */
+# if BUILD_PIE_DEFAULT
+# pragma GCC visibility push(hidden)
+# endif
/* Define I386_USE_SYSENTER to support syscall during startup in static
PIE. */
# include <startup.h>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-01-20 15:23 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-18 16:15 [glibc/nsz/bug27072] Use hidden visibility for early static PIE code Szabolcs Nagy
2021-01-19 15:59 Szabolcs Nagy
2021-01-20 15:23 Szabolcs Nagy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).