From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oi1-x232.google.com (mail-oi1-x232.google.com [IPv6:2607:f8b0:4864:20::232]) by sourceware.org (Postfix) with ESMTPS id 0B3203858D3C for ; Mon, 2 May 2022 15:38:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 0B3203858D3C Received: by mail-oi1-x232.google.com with SMTP id z8so15571850oix.3 for ; Mon, 02 May 2022 08:38:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=BoF98d1sNx0JAZo1b0ZVk2RrbTlrMPooBSYxQPJluBI=; b=feCmQevLxaPbeoeyIrIIfTbS7Qq0RDgXJBBT3KzsjFsXPDOCvNX3R8o+pun+Ft4y27 yZtTxMaWD73rizFEK4hKPfCKekgqREEPhj+MgHMsSGu3jD/OFbTqfTqR0KJCft+kgUSz NwwPF6FQxfzV1A7IVCNcyMDdb8ZT421t5EB/UAxDwggZxgAF68/WsT+qiW75q2l96QcT n6vNIrRxoHrLpcsr7zJCqU9ftXBnOziCC7+ZMVyTmi/8E3sJgAhzuyAENcqyi9CLenSd DiS1rGVtlKVRW2nnJqU/GL/OAgYCQVy8h1cEN2oxDas2gGDYT/I+we7rnlnUM4vCJNtn uwBw== X-Gm-Message-State: AOAM530J2/kcSleohzNUVwZDZfdwLQH5cWTOuWoGQWEL2V0mi8RfQRha QMLLrCaieGjJqupu/2BBcBtukQ== X-Google-Smtp-Source: ABdhPJxM4DDa/Q7W1owoXv2HSnP5/EMX+9nKe1BcCYaH4uNdltJT63jRGOJLnoio82k2+U+5abqR/g== X-Received: by 2002:a05:6808:1146:b0:325:cbe7:7cbb with SMTP id u6-20020a056808114600b00325cbe77cbbmr5933759oiu.219.1651505919302; Mon, 02 May 2022 08:38:39 -0700 (PDT) Received: from ?IPV6:2804:431:c7cb:726:60d4:f990:5a9a:e5b1? ([2804:431:c7cb:726:60d4:f990:5a9a:e5b1]) by smtp.gmail.com with ESMTPSA id v192-20020acaacc9000000b00325cda1ff89sm2411267oie.8.2022.05.02.08.38.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 02 May 2022 08:38:38 -0700 (PDT) Message-ID: <760241d4-2f3e-7078-ad98-a4d8ed3fdc69@linaro.org> Date: Mon, 2 May 2022 12:38:35 -0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.0 Subject: Re: [PATCH] S390: Enable static PIE Content-Language: en-US To: Florian Weimer , Stefan Liebler via Libc-alpha Cc: Stefan Liebler References: <20220428141530.567838-1-stli@linux.ibm.com> <87y1zk70vk.fsf@oldenburg.str.redhat.com> From: Adhemerval Zanella In-Reply-To: <87y1zk70vk.fsf@oldenburg.str.redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-6.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 May 2022 15:38:41 -0000 On 02/05/2022 06:13, Florian Weimer via Libc-alpha wrote: > * Stefan Liebler via Libc-alpha: > >> This commit enables static PIE on 64bit. On 31bit, static PIE is >> not supported. >> >> - kernel (the mentioned links to the commits belong to 5.19 merge window): >> - "s390/mmap: increase stack/mmap gap to 128MB" >> https://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git/commit/?h=features&id=f2f47d0ef72c30622e62471903ea19446ea79ee2 >> - "s390/vdso: move vdso mapping to its own function" >> https://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git/commit/?h=features&id=57761da4dc5cd60bed2c81ba0edb7495c3c740b8 >> - "s390/vdso: map vdso above stack" >> https://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git/commit/?h=features&id=9e37a2e8546f9e48ea76c839116fa5174d14e033 >> - "s390/vdso: add vdso randomization" >> https://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git/commit/?h=features&id=41cd81abafdc4e58a93fcb677712a76885e3ca25 >> (We can't test the kernel of the target system) >> Otherwise if /proc/sys/kernel/randomize_va_space is turned off (0), >> static PIE executables like ldconfig will crash. While startup sbrk is >> used to enlarge the HEAP. Unfortunately the underlying brk syscall fails >> as there is not enough space after the HEAP. Then the address of the TLS >> image is invalid and the following memcpy in __libc_setup_tls() leads >> to a segfault. >> If /proc/sys/kernel/randomize_va_space is activated (default: 2), there >> is enough space after HEAP. > > I'll work an early allocator that does not use the TCB and which should > avoid the sbrk crash. Will that be sufficient to enable static PIE > binaries to run on unchanged kernels? > > Otherwise I fear that we end up in a world of pain if we turn ldconfig > into a static PIE binary. 8-( I agree that ideally it should not rely a patched kernel to overcome the glibc issue of handling sbrk call failures and having a working loader allocator that work regardless of kernel version is the best approach. As I put on weekly call, I would prefer to make it only use mmap as for simplicity.