From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oa1-x2d.google.com (mail-oa1-x2d.google.com [IPv6:2001:4860:4864:20::2d]) by sourceware.org (Postfix) with ESMTPS id 7F6853858D33 for ; Fri, 31 Mar 2023 12:54:33 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7F6853858D33 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-oa1-x2d.google.com with SMTP id 586e51a60fabf-17ebba88c60so23041322fac.3 for ; Fri, 31 Mar 2023 05:54:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1680267273; h=content-transfer-encoding:in-reply-to:organization:from:references :to:content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=ffp8u+GLelMKLSG16ZnxAlt54T5FIdUMAVxaGYyIXAg=; b=kiY6cJvS9b+TZSAT2sHckk2MrrrTaMOmPwLL/KmDhKm27p2VjH1roewp85gTBARoVu +QItBbT8BMkqZZnE+9A5oTJSOc2R7NkC5V0ETe0CvrV4B8FBCeLn2dkRUBGBJdrXIwkh t5rRs5m/jv0hAOyuCAsc7bknWveJacASJta9lUr72FBQmbdGDl/u0ZvYBXZvzhsUBpsW ELdRce6DuzKrm++vOGlaEodmznEsTr28EVrpBzZTN3j7nVmYkXajJggOKO9qfRNIO+mL S+m3lyBuflc/DWYL89jPbyekmp2A/dGakctlNvbsictVgtiSEAWRJ6QpRdFuHZvWKWre bnrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680267273; h=content-transfer-encoding:in-reply-to:organization:from:references :to:content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ffp8u+GLelMKLSG16ZnxAlt54T5FIdUMAVxaGYyIXAg=; b=tcP3gDKVVDLBIq5h1JsHdG76W4FTCSLYqaCm4gSNwzSvc4GCc3sHPf+SvuI915QId3 zHQeIrCuf6tKx+4btiu4Bq5q7xTRAFma3W9dolgQvwS4vo4E+c0iL5lpTbZGe29/d6AC N9C2dzZEuXxFJr9/UT/a1BYBHrQqWcKeaSH8yChKMCeg/UzulOYlXa/VkNMdJGGIiB6K Y13ILTFsEjT+WvByAs/iDPcc/Ws4fl8UPXkY5V47z4MORtxvvuqBRimCM5ME0PjAYGsN 1JCZjp4YefVQo0aT17N1E4a2No2llXhoe3/l1GkHU56r9HHYsuvk2JnUwp5jtUi16b/F pgLA== X-Gm-Message-State: AAQBX9cqxOhs+3l3pdyaXwWzEMK5WCxv1NNiQ0IUUuiyvKQan9OZ647j 7HZ6rH84CBAUzql2/Yys2b8fuw== X-Google-Smtp-Source: AKy350YCAKiHIKQk9DHZw05SEAU/vrxTyQnNkEfuiC12Ndoc68svD757xHNZNzVWpRmOptGkv24YYg== X-Received: by 2002:a05:6870:3329:b0:180:2c98:ec45 with SMTP id x41-20020a056870332900b001802c98ec45mr2195828oae.1.1680267272738; Fri, 31 Mar 2023 05:54:32 -0700 (PDT) Received: from ?IPV6:2804:1b3:a7c1:60f9:4ca7:df5c:ca4c:27b4? ([2804:1b3:a7c1:60f9:4ca7:df5c:ca4c:27b4]) by smtp.gmail.com with ESMTPSA id vk10-20020a0568710e4a00b0017e0c13b29asm883829oab.36.2023.03.31.05.54.30 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 31 Mar 2023 05:54:31 -0700 (PDT) Message-ID: <7aeca4bd-ccc7-bc23-82b2-a215b423587e@linaro.org> Date: Fri, 31 Mar 2023 09:54:29 -0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.9.0 Subject: Re: [PATCH 03/13] elf: dont pass fd to _dl_process_pt_xx Content-Language: en-US To: Szabolcs Nagy , stsp , libc-alpha@sourceware.org References: <20230318165110.3672749-1-stsp2@yandex.ru> <20230318165110.3672749-4-stsp2@yandex.ru> <77329e53-bb96-dc39-1f3d-6a5dfa0e7263@linaro.org> From: Adhemerval Zanella Netto Organization: Linaro In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-10.6 required=5.0 tests=BAYES_00,BODY_8BITS,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 31/03/23 09:02, Szabolcs Nagy wrote: > The 03/30/2023 17:46, Adhemerval Zanella Netto wrote: >> On 30/03/23 13:08, stsp wrote: >>> >>> 29.03.2023 22:10, Adhemerval Zanella Netto пишет: >>>> >>>> On 18/03/23 13:51, Stas Sergeev via Libc-alpha wrote: >>>>> It is not used in these functions. >>>>> rtld.c:rtld_setup_main_map() does the same. >>>>> >>>>> The test-suite was run on x86_64/64 and showed no regressions. >>>>> >>>>> Signed-off-by: Stas Sergeev >>>>> --- >>>>>   elf/dl-load.c | 4 ++-- >>>>>   1 file changed, 2 insertions(+), 2 deletions(-) >>>>> >>>>> diff --git a/elf/dl-load.c b/elf/dl-load.c >>>>> index fcb39a78d4..ab8b648687 100644 >>>>> --- a/elf/dl-load.c >>>>> +++ b/elf/dl-load.c >>>>> @@ -1379,10 +1379,10 @@ cannot enable executable stack as shared object requires"); >>>>>       switch (ph[-1].p_type) >>>>>         { >>>>>         case PT_NOTE: >>>>> -    _dl_process_pt_note (l, fd, &ph[-1]); >>>>> +    _dl_process_pt_note (l, -1, &ph[-1]); >>>>>       break; >>>>>         case PT_GNU_PROPERTY: >>>>> -    _dl_process_pt_gnu_property (l, fd, &ph[-1]); >>>>> +    _dl_process_pt_gnu_property (l, -1, &ph[-1]); >>>>>       break; >>>>>         } >>>>>   >>>> >>>> It allows both _dl_process_pt_note and _dl_process_pt_gnu_property to know >>>> if the called where rtld code during statup code or dlopen.  But you are >>>> right that it is not used. >>>> >>>> However this does not accomplish anything, a better refactor would to just >>>> remove the argument altogether.  It at least would simplify the interface >>>> and allow slight better code generation. >>> >>> I tried to do that, but there is also that >>> _dl_process_gnu_property() called from >>> _dl_process_pt_gnu_property(). >>> For aarch64 it has this: >>>       unsigned int feature_1 = *(unsigned int *) data; >>>       if (feature_1 & GNU_PROPERTY_AARCH64_FEATURE_1_BTI) >>>         _dl_bti_protect (l, fd); >>> >>> What should I do here to remove that fd? >>> >> >> In fact aarch64 _dl_bti_protect requires to know whether the map was done by >> the kernel or not. >> >> Szabolcs, shouldn't the code: >> >> 1257 for (const ElfW(Phdr) *ph = &phdr[phnum]; ph != phdr; --ph) >> 1258 switch (ph[-1].p_type) >> 1259 { >> 1260 case PT_NOTE: >> 1261 _dl_process_pt_note (main_map, -1, &ph[-1]); >> 1262 break; >> 1263 case PT_GNU_PROPERTY: >> 1264 _dl_process_pt_gnu_property (main_map, -1, &ph[-1]); >> 1265 break; >> 1266 } >> >> Take in consideration whether the main_map was allocated by the kernel or >> by loader to pass the correct value on 'fd'? > > if the exe is loaded by ld.so then we already took care of bti > (and other gnu properties) at load time. > > here we could skip processing properties again in that case but > it does not hurt on aarch64 (it will try to mprotect with > PROT_BTI again and ignore any failures). Right, I was asking if this part is really necessary. Because if kernel already supports BTI this will be covered, otherwise this seems unnecessary. > > however the fd must be passed down in elf/dl-load.c otherwise > bti protection is silently dropped (when systemd filters out > mprotect with PROT_EXEC, this is being fixed, but there are old > systems configured like that). > This patch I figured out much.