Re: [PATCH] elf,nptl: Add -z lazy -z norelro to tests that need it

public inbox for libc-alpha@sourceware.org
 help / color / mirror / Atom feed

From: "Arsen Arsenović" <arsen@gentoo.org>
To: Florian Weimer <fweimer@redhat.com>
Cc: libc-alpha@sourceware.org, Carlos O'Donell <carlos@redhat.com>,
	Gentoo Toolchain <toolchain@gentoo.org>
Subject: Re: [PATCH] elf,nptl: Add -z lazy -z norelro to tests that need it
Date: Fri, 03 Mar 2023 22:54:47 +0100	[thread overview]
Message-ID: <86y1odlbss.fsf@gentoo.org> (raw)
In-Reply-To: <87bklajbna.fsf@oldenburg.str.redhat.com>

[-- Attachment #1: Type: text/plain, Size: 1347 bytes --]

Florian Weimer <fweimer@redhat.com> writes:

> * Arsen Arsenović via Libc-alpha:
>
>> Some toolchains, such as that used on Gentoo Hardened, set -z now -z
>> relro out of the box.  These flags break tests that rely on fixups in
>> underlinked libraries being applied after a dlopen happens.
>
> I'm surprised that -z norelro is ever required.  Why isn't -z lazy
> enough?  If ld.so crashes because it attempts to apply relocations after
> the fact, woudln't that be an ld.so bug (or a linker bug that sets up
> the RELRO segment incorrectly)?

Hm.  Something went awry while I was debugging this.  I looked at a test
again just now and noticed that the symbols some of these tests were
crashing on came from libc (dlopen here) while loading constload2 (which
is dlopen'd from constload1).  The backtrace contains a PLT trampoline
which then fixups dlopen inside the RELRO segment.

I take it dlopen@got[plt] is not supposed to be in the RELRO range?

I could have sworn this failed when fixing up bar (void) as a result of
constload2 dlopening constload3... but maybe that was a different
failure.

Let's put this patch on hold while I investigate further.

FWIW, this should be easy to reproduce by building with CC='gcc
-Wl,-z,relro,-z,now' or so, I think.

Thanks, sorry about the fuss.
-- 
Arsen Arsenović

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 381 bytes --]

next prev parent reply	other threads:[~2023-03-03 22:17 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-03-02 11:25 Arsen Arsenović
2023-03-03 11:51 ` Florian Weimer
2023-03-03 21:54   ` Arsen Arsenović [this message]
2023-03-04 17:46     ` Arsen Arsenović
2023-03-06  9:15       ` Florian Weimer
2023-03-06 14:17         ` Arsen Arsenović
2023-03-06 16:42           ` Arsen Arsenović

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=86y1odlbss.fsf@gentoo.org \
    --to=arsen@gentoo.org \
    --cc=carlos@redhat.com \
    --cc=fweimer@redhat.com \
    --cc=libc-alpha@sourceware.org \
    --cc=toolchain@gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).