From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2075.outbound.protection.outlook.com [40.107.244.75]) by sourceware.org (Postfix) with ESMTPS id 206463858CDB for ; Thu, 9 Mar 2023 11:32:39 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 206463858CDB Authentication-Results: sourceware.org; dmarc=pass (p=quarantine dis=none) header.from=azul.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=azul.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RNtNUUN7I7o4DBmgU2BT7hOv0pZ7N24lviEDQxqvH6DSQNozfav5FdbVRNY0qur2scBWn6dhK4maeeZprhQZbLER6PespV3BnofL6fEtPmjHVsZtXJZ/8LmK/liDH3pDJZaIa5iMo9XIJV4OHZQCxVuWViudBToscWgb+kZUAyZC+9UvNJwfgtvZNdzf87Qt5eOApTJQ+3v6r2lTlE+MYuuc6Rj6oagjMXnqDi+oen1IsWBjYGzgi1TNk0fWpIvWBXOQEDuVQnzncX1qpCSoAk4gEJHFIapvjvC9IgmxbvRKmlY/1UQVql0AX8fzhPV/WV5uYslEwZyaNoCK91LiEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mmtOFB3LwDCiAcLp0NSMkqeT9PnJikDg4EaK2jI9T7s=; b=W7OQP1rKuBpkfjscV/lHYKtTbynLGlkUS5k0+QJ8Uxf+8t6iTKoElUrX+RWQ04KGMizGBVDO8FgAW9yAtWUoE9RuRXHuE8K8RGgrfSfok2SVHTK2F92y5ppjAOE7rXBf7VQuQqxpRuZo6nU4f3iAU6G6RBcPqX3Ed+HzLFwk8xmNPR/7T4x5YSDkABf0Zlw67HW2aNkkLXBXXT3vD5wuYkCyloZ3c5xCGKm4K0g5cNxM//FpX9cP4OPHUfmPGiZZ5jV2tRBqIRwuHw1lawqAioqdTwnEMLVkf3JAmy4UlyjnLCjjsnw1xi3RrUE/tZPR72QriKPxMcN1yUYAcCjEpg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=azul.com; dmarc=pass action=none header.from=azul.com; dkim=pass header.d=azul.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azul.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mmtOFB3LwDCiAcLp0NSMkqeT9PnJikDg4EaK2jI9T7s=; b=a3zs4QPKOyvopQ7wje3V/vucjzMohmsaL6lXwZ2iUS6eHHavHFMKWxUHlJuLnU0kcttLNBZRaUFe7eScUlNOsGCEwoY+8bj5yGC7bDvaBnlbVD+6x8iUvLKegPD+c5uZXFwbTBc4mUDgf93AvFjkxBzSyKul29dkNQjcmeC/JV7hXuDShXURxLrxWuCNZ2a01mlwhLhBtdf9p2bFpdpno6hNco2UBLbTLCV4Q7CKIn7+DPp9myEughZ0F+ugLTs9cxCurlHkgMr8lbeuhT+Nc2WtFwMNFoyCsD2iNCl10r2kjjIAMtyeKC0w6QPUAv+0evcIQLAe7LVi6c2QqT1loQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=azul.com; Received: from DM6PR11MB4073.namprd11.prod.outlook.com (2603:10b6:5:19f::22) by PH7PR11MB7430.namprd11.prod.outlook.com (2603:10b6:510:274::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6156.28; Thu, 9 Mar 2023 11:32:33 +0000 Received: from DM6PR11MB4073.namprd11.prod.outlook.com ([fe80::8476:1cf6:afeb:c285]) by DM6PR11MB4073.namprd11.prod.outlook.com ([fe80::8476:1cf6:afeb:c285%3]) with mapi id 15.20.6178.019; Thu, 9 Mar 2023 11:32:33 +0000 Date: Thu, 9 Mar 2023 19:32:24 +0800 From: Jan Kratochvil To: Adhemerval Zanella Netto Cc: Florian Weimer , libc-alpha@sourceware.org, Anton Kozlov Subject: Re: [PATCH] RFC: Provide a function to reset IFUNC PLTs Message-ID: References: <87v8jdq7ht.fsf@oldenburg.str.redhat.com> <2659aadc-6518-cc0e-d103-84eafcbdc3f9@linaro.org> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/2.2.7 (2022-08-07) X-ClientProxiedBy: VI1PR09CA0091.eurprd09.prod.outlook.com (2603:10a6:803:78::14) To DM6PR11MB4073.namprd11.prod.outlook.com (2603:10b6:5:19f::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6PR11MB4073:EE_|PH7PR11MB7430:EE_ X-MS-Office365-Filtering-Correlation-Id: 0f112242-843c-4e73-059e-08db2091f94b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 4f6DZ8Xt2kqqXEht7c9/HdgygIr46TZC5cCUSIPnazHQhyvqxe78G573jLgD5YcKTojKIyDDA5IqcdMk3OmahKA9/IGLP5e0YvYH1tfhsmVmEfkXMCljolqpsmodpx6ygsx4v2xJMzkoQ4rFnG2KMJsuK0Iy0zbIWJyCrFv6AkTZgBWe28lXtQ3H1RtFy6V0O7T/aUH7TWxGzw4FbzbcfsVqJtCjHqyP3tv9x9v/5MtQ6QrceAKsGxeyAeStDOGOlfQbRz+UsFqZUQjzjcFVJaZH3ZdQDM0H5jeXUBZjhVl/MJD5qfY/LtRRkp16Kee1nTPRBPAHAMYzPsn7IFiyJUOaODViGG5ADs84M9k/lOrpA+kJa4NBRIo4GXUED21m+sF8rvMpqw7hy0GaB2SZ3et/vitGee9txVWiQoQ4k99LwA/G/RqWGJZQ+IYjQeqU7sR1cWY1YCcyQfJ8IK7LPDZEpUFXY7jbW4xvF7+zkJ+Ybnykb5D2W9X66bUIJqAJer28xmqU1P2bPmbGX/zDekdiMAq8GVHRR73f5y1sm4TDtKR7Qi5SRWwxmuyrMSYpkjwxvFREbCNu0yAo+ja/pfBIHQ1/uy+1a0fYpZMAqCXKwD3yAsuCedAO4NhSe+M2 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR11MB4073.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(346002)(376002)(396003)(136003)(39850400004)(366004)(451199018)(5660300002)(478600001)(41300700001)(66476007)(86362001)(66556008)(2906002)(66946007)(8676002)(6916009)(4326008)(8936002)(38100700002)(6486002)(966005)(107886003)(6666004)(6506007)(54906003)(316002)(6512007)(186003)(9686003)(83380400001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?wyZ4JGU6f0UZfdQxzbAsaYB8CCgljH4vc+iIEN0yda1O/PNGEhZleSAOxHnH?= =?us-ascii?Q?r4F24rU/gbbVikxfIqqG34eo6+gLcLJYyxjAG9Ij1NLx9ExHwQ0FOd6objJY?= =?us-ascii?Q?9apbgPSmFhG05ihJv4Vv095t9QofaKhX3Bah8ykyjOc/JkEsLIoKGiqk5c1P?= =?us-ascii?Q?P6LYvf0IvGEzkVEVVAi+hl94qrO1/J3y/NhJc5a+EqiO2IYb3VIBnRQQyynl?= =?us-ascii?Q?sfrP8KJ/OI5wHI6luAtsq2FdMhrn2recFt+dpjWQn6wzku9QQKzAVegRTYWQ?= =?us-ascii?Q?wIR2XKrSEZKtkrsEyLrEju+rycQIsYUhswgouTU7iatTk8K92HbuPOxFCnnA?= =?us-ascii?Q?pc/eFRwLXr3MBHk1L+sJBtNt32dbBjIG6vU54wtm+jYymIivAsHOYgI3HG0n?= =?us-ascii?Q?9ss/HAYajkUFboxmxRst+K4YYR437v1SR+rNOL3GaWPB9Yzq58gHsXmOWtNc?= =?us-ascii?Q?amjPSOvTiIe+QOxfqJwP38ptHl+kfhH4itS2qKUiGkqNYFYTM9YmVl31BueS?= =?us-ascii?Q?OnaaP20deHK56RS0gTJkjbmDLQ808UhUb9i80fSDQyJ/OyOqbyuKEPSiRh+B?= =?us-ascii?Q?XSRm4b0DLaKh80ClnsyYZvUZjlR0JEh1dhp36pnEQa5qGMO2Xcd9Ih/SxzJo?= =?us-ascii?Q?tbHw7ENCtv8mWHUvQiIL/CBx+uABMERGPCevPll4wN7ASHA7arQazMqlR6Ns?= =?us-ascii?Q?CdL9Wp0Es/xOAZFQRmMEAayQ/TOhdZ5inxbq67CZKA8LG4xV9ja+hz55etv0?= =?us-ascii?Q?H8dEtI9IPjMYwR/eGAhC7pL06YofBH57Tq6e5TNAQHTo7u2MF3kSy5aKguzw?= =?us-ascii?Q?t/1roKYJCAGFWTZ52TLAl4HX1Qf4Y2FP13hSmWcASjBD4G3bCvMqaZT4WIdL?= =?us-ascii?Q?vH3pz62TIyRsH0gsrDrYzyWpy0eXsRVb0hNAOhinRONDvi9t1SPu4AzSC/D0?= =?us-ascii?Q?v9qf7Y/3YhTPm9j4P/lTBtuRmWxY4c0tsic64qeWFTu3iFfVo36M6OQMGz3u?= =?us-ascii?Q?pcDUOaHXGyxMILqlvr+M9IoU3z/FSXF2jeydFJ+x5W8tyk4Bz3X/BZEVNJX0?= =?us-ascii?Q?E7Svh9qioDgj+sFUGJwiAe1hoifCe9iYQqB4rIKHkr8sgpPWeiVQPuaLnlbT?= =?us-ascii?Q?FPA5T++e5TK0Y5LoA+yfXA1KFTQHt5sZsMHZR5stEodHwp/bCgCHjI7pLq7W?= =?us-ascii?Q?1pzHSDZ0mJ+O7ep+s7pec9qGDMZGqCvtDPzeNfGf0NNTmL4n/oF7eTW51be6?= =?us-ascii?Q?2bOPa35DPZZe7iQfDk/RhrTYIqOkKDcfDNcPUdO48sOfKqJg9JD/vjrBtEHN?= =?us-ascii?Q?HjmTk3mgOsJmrSWUYPXm0jSxShfmWDsw2TwIc2qMtTmtyjjr+wTQxXsiOi20?= =?us-ascii?Q?ei8r4ahpp1Zof8EhVorpziUF8SfzFVGOXaAn/p137vEXDrwg4u/gLFnRxYBk?= =?us-ascii?Q?o+Btxjgu2bXCi2uQl5CNA9Z7G8Q6nwhlt4xyHeTKVgmdVRiUL6u3nzGt3B7O?= =?us-ascii?Q?HZvV7nv1czEFN9lQmjftHZ7+j9gHesq3bSPdb61Kvg+fnDS3Q2qROPm2Lm4F?= =?us-ascii?Q?0SqbK5Q7H11bpesUmu3wZxjqKU4mJc/O9+5acZo9TFl5AKi57G8EseZoFPN9?= =?us-ascii?Q?UQ=3D=3D?= X-OriginatorOrg: azul.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0f112242-843c-4e73-059e-08db2091f94b X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB4073.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Mar 2023 11:32:33.4565 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: c480eb31-2b17-43d7-b4c7-9bcb20cc4bf2 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: DWDXOZU4ZVnuOQg6PciieVT3m0cn/q1UV6RNRyfiznkqZOaC5ahkxbZVdlHQOyuCqrwrr45wOEvdYQ+ssadWeg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB7430 X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Wed, 08 Mar 2023 21:04:59 +0800, Adhemerval Zanella Netto wrote: > Yes, without a stop-the-world scheme where a helper thread sets PR_GET_DUMPABLE > and PTRACE_ATTACH the process can not really be sure that any new thread will not > be created between the time you enumerate the process threads and call the 'freeze' > function. That "Freezer" class does solve the race of new threads. I also do not see a need for ptrace there, it is self-snapshotting/restoring. https://github.com/openjdk/crac/pull/41/files#diff-aeec57d804d56002f26a85359fc4ac8b48cfc249d57c656a30a63fc6bf3457adR6029 > I really don't think glibc should provide an interface to temporary disable any > security hardening, it should always opt-in at either program startup or by > building time. The ifunc mechanism is already full or corner cases and I think > adding a runtime mechanism to reset them is *not* a way forward. > > As I said, I think CRIU heterogeneity should be handled by masking off the higher > cpu features. I am not if ARCH_SET_CPUID would a solution here, it means that > we will need to handle SIGSEGV in the loader and come up with a sane subset > in case of failure (we now have x86_64-vx, so we can use it as default). So the only remaining option is that all the programs will be doing setenv("GLIBC_TUNABLES=glibc.cpu.hwcaps=...") and re-exec(). That is a peformance kill and definitely not nice compared to any method of an IFUNC reset. > But as Florian has said, fixing on glibc won't work consistently on other > libraries that uses cpuid instruction. In Java world the other libraries (in general, there are some JNI exceptions) do not matter as they are a Java code JIT-compiled by JVM. Jan