From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <hjl.tools@gmail.com>
Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com
 [IPv6:2607:f8b0:4864:20::436])
 by sourceware.org (Postfix) with ESMTPS id BE6033858400;
 Mon, 18 Oct 2021 14:42:46 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org BE6033858400
Received: by mail-pf1-x436.google.com with SMTP id m26so14872909pff.3;
 Mon, 18 Oct 2021 07:42:46 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=NXlPSQcDTJgGXoIZD/FjmM5IXOcJJZYNJB0tbaiRdN0=;
 b=Dh7OCmn5sCqlAPpRSm0rQC3wI0Bo7IjCmwRaUFcnDQlfBLETvhrLrNXvWEnViI2Cle
 10fPxvvd7aIkhPFwckHJsecwgxq43H4f9ciW/RCVZUiTfIZqk9O2UaIdl6O8XSgPpqSv
 JAJfjyTuwHZ+Z3cdiN7yG0apmQf4E5Jp5aesz3v84QEUOuaItA7OKozbm4AQUYyx9Pgs
 wH5wvZhQ6QxVHNVWNwCETcpFkUK5QhHEZynCzlLnezq1xCtT+wpXRWGRVKNw0UcBgj1x
 kEh2p6YSC2c4te96didvd3kY/Qxpa+bo70J9cub7pQTihk5K+fnDgiX8YAN7Bt2LMJgt
 NoCQ==
X-Gm-Message-State: AOAM5339V9gyvpgJ8ZOqzO8/JaNzWO2OPYZm891MNI7/VadCjpUIBI5J
 n4aKiyTXb1xfCvbpA7Ujt4Yu0ZQpIueIQyWKyyGcYIJ+sN8=
X-Google-Smtp-Source: ABdhPJw4bC7TUnt6d5P+KURvY2DtXDOybjOg7Pib7r0Q1hYl5sUO0RIBzUTQaiFqMyZiQJOgvr+wu9jmkz7EqkOXaUE=
X-Received: by 2002:a62:7752:0:b0:44c:eb65:8561 with SMTP id
 s79-20020a627752000000b0044ceb658561mr29337393pfc.43.1634568165660; Mon, 18
 Oct 2021 07:42:45 -0700 (PDT)
MIME-Version: 1.0
References: <20211017005020.2645717-1-maskray@google.com>
In-Reply-To: <20211017005020.2645717-1-maskray@google.com>
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Mon, 18 Oct 2021 07:42:09 -0700
Message-ID: <CAMe9rOoEbpYvRqh17uSWEXUNwgVZX1w0xPAEdKAFeg7upkmtPg@mail.gmail.com>
Subject: Re: [PATCH v2] elf: Support DT_RELR relative relocation format [BZ
 #27924]
To: Fangrui Song <maskray@google.com>
Cc: GNU C Library <libc-alpha@sourceware.org>,
 Binutils <binutils@sourceware.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-3030.2 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0,
 RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Oct 2021 14:42:50 -0000

On Sat, Oct 16, 2021 at 5:50 PM Fangrui Song via Binutils
<binutils@sourceware.org> wrote:
>
> PIE and shared objects usually have many relative relocations. In
> 2017/2018, SHT_RELR/DT_RELR was proposed on
> https://groups.google.com/g/generic-abi/c/bX460iggiKg/m/GxjM0L-PBAAJ
> ("Proposal for a new section type SHT_RELR") and is a pre-standard. RELR
> usually takes 3% or smaller space than R_*_RELATIVE relocations. The
> virtual memory size of a mostly statically linked PIE is typically 5~10%
> smaller.
>
> ---
>
> Notes I will not include in the submitted commit:
>
> Available on https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/maskray/relr
>
> "pre-standard": even Solaris folks are happy with the refined generic-abi
> proposal. Cary Coutant will apply the change
> https://sourceware.org/pipermail/libc-alpha/2021-October/131781.html
>
> This patch is simpler than Chrome OS's glibc patch and makes ELF_DYNAMIC_DO_RELR
> available to all ports. I don't think the current glibc implementation
> supports ia64 in an ELFCLASS32 container. That said, the style I used is
> works with an ELFCLASS32 container for 64-bit machine if ElfW(Addr) is
> 64-bit.
>
> * Chrome OS folks have carried a local patch since 2018 (latest version:
>   https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/refs/heads/main/sys-libs/glibc/files/local/glibc-2.32).
>   I.e. this feature has been battle tested.
> * Android bionic supports 2018 and switched to DT_RELR==36 in 2020.
> * The Linux kernel has supported CONFIG_RELR since 2019-08
>   (https://git.kernel.org/linus/5cf896fb6be3effd9aea455b22213e27be8bdb1d).
> * A musl patch (by me) exists but is not applied:
>   https://www.openwall.com/lists/musl/2019/03/06/3
> * rtld-elf from FreeBSD 14 will support DT_RELR.
>
> I believe upstream glibc should support DT_RELR to benefit all Linux
> distributions. I filed some feature requests to get their attention:
>
> * Gentoo: https://bugs.gentoo.org/818376
> * Arch Linux: https://bugs.archlinux.org/task/72433
> * Debian https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996598
> * Fedora https://bugzilla.redhat.com/show_bug.cgi?id=2014699
>
> As of linker support (to the best of my knowledge):
>
> * LLD support DT_RELR.
> * https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/refs/heads/main/sys-devel/binutils/files/
>   has a gold patch.
> * GNU ld feature request https://sourceware.org/bugzilla/show_bug.cgi?id=27923
>
> I wish that GNU ld and gold maintainers can implement the feature as well :)
>
> Tested on aarch64 and x86_64.
>
> Changes from v1 (https://sourceware.org/pipermail/libc-alpha/2021-October/131768.html)
> * Fix style, simplify code
> * Improve test
> ---
>  configure              | 31 +++++++++++++++++++++++++++++++
>  configure.ac           |  4 ++++
>  elf/Makefile           |  4 ++++
>  elf/dynamic-link.h     | 28 ++++++++++++++++++++++++++++
>  elf/elf.h              | 13 +++++++++++--
>  elf/get-dynamic-info.h |  3 +++
>  elf/tst-relr.c         | 27 +++++++++++++++++++++++++++
>  7 files changed, 108 insertions(+), 2 deletions(-)
>  create mode 100644 elf/tst-relr.c
>
> diff --git a/configure b/configure
> index 3227e434d3..fdab6a97ef 100755
> --- a/configure
> +++ b/configure
> @@ -6067,6 +6067,37 @@ $as_echo "$libc_linker_feature" >&6; }
>  config_vars="$config_vars
>  have-depaudit = $libc_cv_depaudit"
>
> +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for linker that supports --pack-dyn-relocs=relr" >&5
> +$as_echo_n "checking for linker that supports --pack-dyn-relocs=relr... " >&6; }
> +libc_linker_feature=no
> +if test x"$gnu_ld" = x"yes"; then
> +  cat > conftest.c <<EOF
> +int _start (void) { return 42; }
> +EOF
> +  if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS $no_ssp
> +                   -Wl,--pack-dyn-relocs=relr -nostdlib -nostartfiles
> +                   -fPIC -shared -o conftest.so conftest.c
> +                   1>&5'
> +  { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
> +  (eval $ac_try) 2>&5
> +  ac_status=$?
> +  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> +  test $ac_status = 0; }; }
> +  then
> +    libc_linker_feature=yes
> +  fi
> +  rm -f conftest*
> +fi
> +if test $libc_linker_feature = yes; then
> +  libc_cv_relr=yes
> +else
> +  libc_cv_relr=no
> +fi
> +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $libc_linker_feature" >&5
> +$as_echo "$libc_linker_feature" >&6; }
> +config_vars="$config_vars
> +have-relr = $libc_cv_relr"
> +
>  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for linker that supports --no-dynamic-linker" >&5
>  $as_echo_n "checking for linker that supports --no-dynamic-linker... " >&6; }
>  libc_linker_feature=no
> diff --git a/configure.ac b/configure.ac
> index 00f49f09f7..96110f9d7d 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -1354,6 +1354,10 @@ LIBC_LINKER_FEATURE([--depaudit], [-Wl,--depaudit,x],
>                     [libc_cv_depaudit=yes], [libc_cv_depaudit=no])
>  LIBC_CONFIG_VAR([have-depaudit], [$libc_cv_depaudit])
>
> +LIBC_LINKER_FEATURE([--pack-dyn-relocs=relr], [-Wl,--pack-dyn-relocs=relr],
> +                   [libc_cv_relr=yes], [libc_cv_relr=no])
> +LIBC_CONFIG_VAR([have-relr], [$libc_cv_relr])
> +
>  LIBC_LINKER_FEATURE([--no-dynamic-linker],
>                     [-Wl,--no-dynamic-linker],
>                     [libc_cv_no_dynamic_linker=yes],
> diff --git a/elf/Makefile b/elf/Makefile
> index bf45d8ee24..2c4cdfac68 100644
> --- a/elf/Makefile
> +++ b/elf/Makefile
> @@ -245,6 +245,10 @@ tests-special += $(objpfx)tst-audit14-cmp.out $(objpfx)tst-audit15-cmp.out \
>                  $(objpfx)tst-audit16-cmp.out
>  endif
>  endif
> +ifeq ($(have-relr),yes)
> +tests += tst-relr
> +LDFLAGS-tst-relr += -Wl,--pack-dyn-relocs=relr
> +endif
>  endif

Is DT_RELR only generated for PIE? If yes, you need to add it
to tests-pie and compile it as PIE.

[hjl@gnu-cfl-2 tmp]$ gcc -pie -fPIE -O2 tst-relr.c
-Wl,--pack-dyn-relocs=relr -fuse-ld=lld
[hjl@gnu-cfl-2 tmp]$ ./a.out
Segmentation fault (core dumped)
[hjl@gnu-cfl-2 tmp]$

Given that the current lld implementation generates broken
binaries for existing glibc without any warning at run-time,
we should use a different linker command line option to
implement it properly so that the new binary will fail to
run on glibc without DT_RELR support at run-time.

-- 
H.J.