From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 54221 invoked by alias); 22 Mar 2018 16:06:14 -0000 Mailing-List: contact gnu-gabi-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Post: List-Help: List-Subscribe: Sender: gnu-gabi-owner@sourceware.org Received: (qmail 54198 invoked by uid 89); 22 Mar 2018 16:06:13 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.99.4 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_NONE autolearn=no version=3.3.2 spammy= X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_NONE autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org X-Spam-Level: X-HELO: mail-qk0-f178.google.com Received: from mail-qk0-f178.google.com (HELO mail-qk0-f178.google.com) (209.85.220.178) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 22 Mar 2018 16:06:12 +0000 Received: by mail-qk0-f178.google.com with SMTP id s188so9761676qkb.2 for ; Thu, 22 Mar 2018 09:06:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=rmHD/LhfkvQoN+VsvvP9PYrL/+47AEulJDpeegPXyPA=; b=ddHvkyTGgwf8R5va2QQS68IVMPRCI65j6zgODNCn5KF0XPR2EqpOy7NNy1S+4vcZEg OU3pl0b4QRd/V9Zo5uvERVqQt5iXxWbaId4BaDNpMkkeRJj/4pdnsancFGjpA9jA2goI 3wUCf/rsJe3SOKLa+hwaLegox8diEeujvJjRVhBr2vftESu6wz+zvAodWcoO3wHiGwvw MCbVYlbffknZZE/ppJZ34hUiJS2CnWqLiEBU7Iv6HQ7bpyHSW1lcnoCXiHxj3dc9ADiI YlUzOIbg4fZjvNP/aGGzavHBFvyaLpwVGdQ01KU4d9tIxQoSZTnQJyKYIjPyCHiYQxfz w/AA== X-Gm-Message-State: AElRT7FLjK7xIyblicbpeaL5gdVxz5LUxCkdV5XlNCOzPKjmaTm8OUow RlE1dFW91u63+JwBaKx1mKptj89u1LM= X-Google-Smtp-Source: AG47ELu72M8R+N0260hbxsb9P/aOyOkIowAOUd50CrsIUjo/uA5/0iVxYomTy00Mei1uzYcM8v9GdQ== X-Received: by 10.55.172.9 with SMTP id e9mr35785297qkm.112.1521734770435; Thu, 22 Mar 2018 09:06:10 -0700 (PDT) Received: from [10.150.73.95] (198.sub-174-207-13.myvzw.com. [174.207.13.198]) by smtp.gmail.com with ESMTPSA id w18sm5289430qkw.35.2018.03.22.09.06.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 22 Mar 2018 09:06:09 -0700 (PDT) Subject: Re: RFC: Audit external function called indirectly via GOT To: "H.J. Lu" Cc: Florian Weimer , Generic System V Application Binary Interface , gnu-gabi@sourceware.org References: <20180317133115.GA4681@gmail.com> <87370txhr1.fsf@mid.deneb.enyo.de> <3a203b82-1247-5538-4848-92c9227cc77e@redhat.com> <87po3wo589.fsf@mid.deneb.enyo.de> <76f5551d-e8dc-4915-e3d8-54a2305a5718@redhat.com> From: Carlos O'Donell Message-ID: Date: Mon, 01 Jan 2018 00:00:00 -0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2018-q1/txt/msg00020.txt.bz2 On 03/22/2018 11:01 AM, H.J. Lu wrote: > On Thu, Mar 22, 2018 at 8:36 AM, Carlos O'Donell wrote: >>> Using ld.so-generated thunks for all GLOB_DAT function symbol >>> relocations would happen in audit mode only and should work with >>> existing binaries which were built with -Wl,-z,now. >> >> This is a very good reason to prefer one method over another, that we >> could fix existing binaries. However, I still think the complexity of >> such a fix outweighs what we are trying to fix. Do we have another use >> for such stubs? > > If you take a look at BFD linker, it generates different PLT layouts for > MPX and CET. It is totally transparent to ld.so. Putting all PLT choices > as well as adding new ones in ld.so is very complex. I don't believe they > belong to ld.so. Belief is not a good reason to choose one technical solution over another. I agree with your statements though, there would be a lot of additional complexity added to ld.so without much apparent gain for that complexity e.g. fixing existing -fno-plt binaries to work with LD_AUDIT. Which is why I asked Florian if he had *other* uses for the stubs, since that might change the balance. I admit it would have to be a very good reason to make me consider the added complexity to balance the use case. I think your solution as you have defined it is the best option, but we should circle back and make sure we answer all of Cary and Alan's questions to their satisfaction and gain consensus. Cheers, Carlos.