From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oa1-x33.google.com (mail-oa1-x33.google.com [IPv6:2001:4860:4864:20::33]) by sourceware.org (Postfix) with ESMTPS id 0D047385B519 for ; Fri, 10 Feb 2023 16:51:26 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 0D047385B519 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-oa1-x33.google.com with SMTP id 586e51a60fabf-16aca2628c6so5171203fac.7 for ; Fri, 10 Feb 2023 08:51:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=/P/rsR1C5GZUlWjy/B/UJE4erUiW3nGV29cGJ2/GwzQ=; b=ZU1+STnvgzMZQD9wx1hBreY8+VgOW2dEQ1LTJeBjqtgD+12XXJuNUEx6+HXo02yZvZ 0N17o3Nksv5KOejxYUadvQ5fO4hSDOKi/xxK3gaYkxybUxmY5NviDnKPsW30a0cjaHNk ziqq8787odN80oRUhnN1fSGKVvR6UjxnoXXQMo/zfEnXs7yaOedezeyzv+o+jxS7R2ch Ui/pQhEdaDM7bTFdQPjejIaP3lq8x2QTc6EoOY56wYcnUmq6gOTT8V7mYWQaFxS3YDrm 3TZWUSfaK8FUv1nLTLeuWLyypJjnTZ28R0hTTDSe9crhsZbv7Te5rLui/lLXBN8JP2Wk 81Rw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/P/rsR1C5GZUlWjy/B/UJE4erUiW3nGV29cGJ2/GwzQ=; b=22koNTsJCkYUGOBRFzkBbDOanKSL3Vd/IyEfvWdHRbCfmTjBA/IIy8Ixn2BK5UPvBj rUP1BLt9R9xZicb8d/pHf+LvSEY07qNE8ds2NLxl+781W+f7puBW1NVCmteCbdn1Kqt9 v6tg1VOXIw6GV4TPPejAZfZo4ET7QT5nkpKkVznSqJ2/ziCa1fkFPoHsKOT0veriKHAO I58bu4UXWQnC0hjlLBhJ9OkuctYnDHR1jY/PhS4pKd8U4U+gSkxOfEdImMOmca/TmU7v 6hHPu1mCo/WnI7/mYPaCU0nohRcREqpxgy7ItyoRFf2cl1yPBUCjJdHz89OBydtxRdjW vobQ== X-Gm-Message-State: AO0yUKWuTp++Ds9PwPoDQRXPbA1nbG0zBRt2aEwJl0sKHXbG15xPGHFb p0WAR54mByLhn/tJ15jTy5Psemxzs+Z7fhX2IL5Y9c+8 X-Google-Smtp-Source: AK7set8SK2RAoXKw1PnKioIdfAco+nFa97RnvB0IJ063WlAtnzaeC5rpmSKtuPWsIsxn08ohTxwT1BqQmUslxOdh+Ts= X-Received: by 2002:a05:6870:10cf:b0:16a:839d:8ce5 with SMTP id 15-20020a05687010cf00b0016a839d8ce5mr2386597oar.298.1676047885282; Fri, 10 Feb 2023 08:51:25 -0800 (PST) MIME-Version: 1.0 References: <20230126172256.829709-1-hjl.tools@gmail.com> <87k00qkitj.fsf@oldenburg.str.redhat.com> In-Reply-To: <87k00qkitj.fsf@oldenburg.str.redhat.com> From: "H.J. Lu" Date: Fri, 10 Feb 2023 08:50:49 -0800 Message-ID: Subject: Re: [PATCH] x86-64: Restore LD_PREFER_MAP_32BIT_EXEC support [BZ #28656] To: Florian Weimer Cc: "H.J. Lu via Libc-alpha" , "Carlos O'Donell" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-3016.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Thu, Feb 9, 2023 at 6:35 AM Florian Weimer wrote: > > * H. J. Lu via Libc-alpha: > > > Crossing 2GB boundaries with indirect calls and jumps can use more > > branch prediction resources on Intel Golden Cove CPU (see the > > "Misprediction for Branches >2GB" section in Intel 64 and IA-32 > > Architectures Optimization Reference Manual.) There is visible > > performance improvement on workloads with many PLT calls when executable > > and shared libraries are mmapped below 2GB. Add the Prefer_MAP_32BIT_EXEC > > bit so that mmap will try to map executable or denywrite pages in shared > > libraries with MAP_32BIT first. > > > > NB: Prefer_MAP_32BIT_EXEC reduces bits available for address space > > layout randomization (ASLR), which is always disabled for SUID programs > > and can only be enabled by setting environment variable, > > LD_PREFER_MAP_32BIT_EXEC. LD_PREFER_MAP_32BIT_EXEC works only between > > shared libraries or between shared libraries and executables with > > addresses below 2GB. PIEs are usually mapped above 4GB by the kernel. > > I still think we should fix this in the kernel, using MAP_DENYWRITE as a > hint for placement. This way, it's easier to turn it on unconditionally > for the whole system because the lower 4 GiB will not be polluted by > code mappings. > Kernel MM change may take a long time and this mitigation may only be needed for a few specific applications. On the other hand, it is simpler to use tunable instead. Thanks. -- H.J.