From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: Szabolcs Nagy <szabolcs.nagy@arm.com>, libc-alpha@sourceware.org
Subject: Re: [PATCH v3 4/5] elf: Avoid RELATIVE relocs in __tunables_init
Date: Wed, 13 Jan 2021 14:42:26 -0300 [thread overview]
Message-ID: <313b46d1-e314-dc72-ded1-1d533cd93e8a@linaro.org> (raw)
In-Reply-To: <387267b5cd50f268056db8c89e68fac800959c15.1610471272.git.szabolcs.nagy@arm.com>
On 12/01/2021 14:22, Szabolcs Nagy via Libc-alpha wrote:
> With static pie linking pointers in the tunables list need
> RELATIVE relocs since the absolute address is not known at link
> time. We want to avoid relocations so the static pie self
> relocation can be done after tunables are initialized.
>
> This is a simple fix that embeds the tunable strings into the
> tunable list instead of using pointers. It is possible to have
> a more compact representation of tunables with some additional
> complexity in the generator and tunable parser logic. Such
> optimization will be useful if the list of tunables grows.
>
> There is still an issue that tunables_strdup allocates and the
> failure handling code path is sufficiently complex that it can
> easily have RELATIVE relocations. It is possible to avoid the
> early allocation and only change environment variables in a
> setuid exe after relocations are processed. But that is a
> bigger change and early failure is fatal anyway so it is not
> as critical to fix right away.
The _dl_fatal_printf is used quite earlier in the loader, does
still represent a potential failure? If so I think it would be
good to open a bug report to track it.
LGTM, thanks.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> ---
> elf/dl-tunable-types.h | 4 ++--
> elf/dl-tunables.c | 2 +-
> scripts/gen-tunables.awk | 12 +++++++++++-
> 3 files changed, 14 insertions(+), 4 deletions(-)
>
> diff --git a/elf/dl-tunable-types.h b/elf/dl-tunable-types.h
> index 05d4958e1c..3fcc0806f5 100644
> --- a/elf/dl-tunable-types.h
> +++ b/elf/dl-tunable-types.h
> @@ -59,7 +59,7 @@ typedef enum
> /* A tunable. */
> struct _tunable
> {
> - const char *name; /* Internal name of the tunable. */
> + const char name[TUNABLE_NAME_MAX]; /* Internal name of the tunable. */
> tunable_type_t type; /* Data type of the tunable. */
> tunable_val_t val; /* The value. */
> bool initialized; /* Flag to indicate that the tunable is
> @@ -75,7 +75,7 @@ struct _tunable
> target module if the value is
> considered unsafe. */
> /* Compatibility elements. */
> - const char *env_alias; /* The compatibility environment
> + const char env_alias[TUNABLE_ALIAS_MAX]; /* The compatibility environment
> variable name. */
> };
>
Ok.
> diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
> index 9b4d737fb8..3845b2c04e 100644
> --- a/elf/dl-tunables.c
> +++ b/elf/dl-tunables.c
> @@ -350,7 +350,7 @@ __tunables_init (char **envp)
>
> /* Skip over tunables that have either been set already or should be
> skipped. */
> - if (cur->initialized || cur->env_alias == NULL)
> + if (cur->initialized || cur->env_alias[0] == '\0')
> continue;
>
> const char *name = cur->env_alias;
Ok.
> diff --git a/scripts/gen-tunables.awk b/scripts/gen-tunables.awk
> index cda12ef62e..fa63e86d1a 100644
> --- a/scripts/gen-tunables.awk
> +++ b/scripts/gen-tunables.awk
> @@ -12,6 +12,8 @@ BEGIN {
> tunable=""
> ns=""
> top_ns=""
> + max_name_len=0
> + max_alias_len=0
> }
>
> # Skip over blank lines and comments.
> @@ -57,11 +59,14 @@ $1 == "}" {
> maxvals[top_ns,ns,tunable] = max_of[types[top_ns,ns,tunable]]
> }
> if (!env_alias[top_ns,ns,tunable]) {
> - env_alias[top_ns,ns,tunable] = "NULL"
> + env_alias[top_ns,ns,tunable] = "{0}"
> }
> if (!security_level[top_ns,ns,tunable]) {
> security_level[top_ns,ns,tunable] = "SXID_ERASE"
> }
> + len = length(top_ns"."ns"."tunable)
> + if (len > max_name_len)
> + max_name_len = len
>
> tunable = ""
> }
> @@ -109,6 +114,9 @@ $1 == "}" {
> }
> else if (attr == "env_alias") {
> env_alias[top_ns,ns,tunable] = sprintf("\"%s\"", val)
> + len = length(val)
> + if (len > max_alias_len)
> + max_alias_len = len
> }
> else if (attr == "security_level") {
> if (val == "SXID_ERASE" || val == "SXID_IGNORE" || val == "NONE") {
> @@ -158,6 +166,8 @@ END {
>
> print "\n#ifdef TUNABLES_INTERNAL"
> # Internal definitions.
> + print "# define TUNABLE_NAME_MAX " (max_name_len + 1)
> + print "# define TUNABLE_ALIAS_MAX " (max_alias_len + 1)
> print "# include \"dl-tunable-types.h\""
> # Finally, the tunable list.
> print "static tunable_t tunable_list[] attribute_relro = {"
>
Ok.
next prev parent reply other threads:[~2021-01-13 17:42 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-12 17:21 [PATCH v3 0/5] fix ifunc with static pie [BZ #27072] Szabolcs Nagy
2021-01-12 17:21 ` [PATCH v3 1/5] configure: Require PI_STATIC_AND_HIDDEN for static pie Szabolcs Nagy
2021-01-12 18:38 ` Adhemerval Zanella
2021-01-12 17:22 ` [PATCH v3 2/5] Make libc symbols hidden in static PIE Szabolcs Nagy
2021-01-12 23:09 ` H.J. Lu
2021-01-13 0:02 ` H.J. Lu
2021-01-13 0:33 ` H.J. Lu
2021-01-13 1:19 ` H.J. Lu
2021-01-13 9:50 ` Szabolcs Nagy
2021-01-14 11:17 ` Szabolcs Nagy
2021-01-14 15:39 ` H.J. Lu
2021-01-15 3:36 ` H.J. Lu
2021-01-15 4:29 ` H.J. Lu
2021-01-15 11:25 ` Szabolcs Nagy
2021-01-15 13:43 ` H.J. Lu
2021-01-15 14:27 ` Szabolcs Nagy
2021-01-15 15:28 ` H.J. Lu
2021-01-15 22:42 ` H.J. Lu
2021-01-16 0:41 ` H.J. Lu
2021-01-16 13:18 ` H.J. Lu
2021-01-18 16:22 ` Szabolcs Nagy
2021-01-12 17:22 ` [PATCH v3 3/5] elf: Make the tunable struct definition internal only Szabolcs Nagy
2021-01-13 17:38 ` Adhemerval Zanella
2021-01-12 17:22 ` [PATCH v3 4/5] elf: Avoid RELATIVE relocs in __tunables_init Szabolcs Nagy
2021-01-13 17:42 ` Adhemerval Zanella [this message]
2021-01-12 17:23 ` [PATCH v3 5/5] csu: Move static pie self relocation later [BZ #27072] Szabolcs Nagy
2021-01-12 22:55 ` H.J. Lu
2021-01-14 15:49 ` H.J. Lu
2021-01-14 15:52 ` H.J. Lu
2021-01-14 16:01 ` H.J. Lu
2021-01-14 16:26 ` H.J. Lu
2021-01-14 17:19 ` Szabolcs Nagy
2021-01-14 17:59 ` Szabolcs Nagy
2021-01-14 17:05 ` Szabolcs Nagy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=313b46d1-e314-dc72-ded1-1d533cd93e8a@linaro.org \
--to=adhemerval.zanella@linaro.org \
--cc=libc-alpha@sourceware.org \
--cc=szabolcs.nagy@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).