From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) by sourceware.org (Postfix) with ESMTPS id E28C03854834 for ; Mon, 21 Jun 2021 13:20:52 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org E28C03854834 Received: by mail-pl1-x62f.google.com with SMTP id x22so7002056pll.11 for ; Mon, 21 Jun 2021 06:20:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=P4TWwTfbsgx4bvcoxW2TxEuRdG5vjbuYKfiNubX+iUw=; b=iMX4HhReOB+/vJIM8ZTAj5aDSwSSD2k2A95v51n5zIrTQJLzQMkQMutSqceb4RvCHv WhFVWhjR38aC7T4L58dwW3PVF744dh4oT/Ma+1v8uyyX3EfAsOgRIrGgKHbRarNu/cJf 884uRxvYVVdG9PZ8VIp4CsR72uYGu+Y7aHWNg08lz9Fz47vCpPBOfrBJso9fB8aKqNS7 Pxkt0JqOy+TJWWcKnhS3TTqHcFaCrwkHXuoA/a6aKIcHYGGW1CWLfQxOMH9ObJish+pu PwOnXZv2GCuvDM9OKvmjXnO16x/RmgOooWIujTNBuWv4JUoS9nBGdfxO8JI+sRoK60aO tpNQ== X-Gm-Message-State: AOAM532E3Q5zfvfVBhea0ebV5IFQa2CiwqHk4J2/xeGo9paqzUoKViP7 cLezLfdY+tdO2uKHG4MYJcDkLNYAf+48ffWHmFE= X-Google-Smtp-Source: ABdhPJzJDhtGUNM7tiFwH0LSQOAyy9c+C+g4WS4G33PtnqlU32r3o/cv3v572fai6QLlyb5R1IcUM1EGMXOdX5JoPBk= X-Received: by 2002:a17:90a:8a95:: with SMTP id x21mr13268436pjn.154.1624281652061; Mon, 21 Jun 2021 06:20:52 -0700 (PDT) MIME-Version: 1.0 References: <20210620233620.391576-1-hjl.tools@gmail.com> <20210620233620.391576-4-hjl.tools@gmail.com> <87czsfn0w7.fsf@oldenburg.str.redhat.com> In-Reply-To: <87czsfn0w7.fsf@oldenburg.str.redhat.com> From: "H.J. Lu" Date: Mon, 21 Jun 2021 06:20:16 -0700 Message-ID: Subject: Re: [PATCH 3/4] Add run-time chesk for single global definition To: Florian Weimer Cc: "H.J. Lu via Libc-alpha" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-3027.0 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2021 13:20:54 -0000 On Mon, Jun 21, 2021 at 12:16 AM Florian Weimer wrote: > > * H. J. Lu via Libc-alpha: > > > +static inline void __attribute__ ((always_inline)) > > +_dl_check_protected_symbol (const char *undef_name, > > + const struct link_map *undef_map, > > + const ElfW(Sym) *ref, > > + const struct link_map *map, > > + int type_class) > > +{ > > + if (undef_map != NULL > > + && !(undef_map->l_1_needed > > + & GNU_PROPERTY_1_NEEDED_SINGLE_GLOBAL_DEFINITION) > > + && (map->l_1_needed > > + & GNU_PROPERTY_1_NEEDED_SINGLE_GLOBAL_DEFINITION)) > > + { > > + if ((type_class & ELF_RTYPE_CLASS_COPY)) > > + /* Disallow copy relocations against protected data symbols in > > + an object with single global definition. */ > > + _dl_fatal_printf ("copy relocation against non-copyable protected symbol=%s in file=%s\n", > > + undef_name, DSO_FILENAME (map->l_name)); > > + else if (ref->st_value != 0 > > + && ref->st_shndx == SHN_UNDEF > > + && (type_class & ELF_RTYPE_CLASS_PLT)) > > + /* Disallow non-zero symbol values of undefined symbols, which > > + are used as the function pointer, against protected function > > + symbols in an object with single global definition. */ > > + _dl_fatal_printf ("non-canonical reference to canonical protected function symbol=%s in file=%s\n", > > + undef_name, DSO_FILENAME (map->l_name)); > > + } > > +} > > Why are those fatal errors? 2 copies of the data symbol can be out of sync between executable and shared library. We can make them as warnings with tunable to control it. > I have trouble understanding the second comment (for the > ELF_RTYPE_CLASS_PLT). If st_value is the undefined symbol in executable is not zero, it is the PLT address in executable and ld.so will use it for function pointer which is different from the function address in shared library. -- H.J.