From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 16698 invoked by alias); 26 Feb 2004 17:26:24 -0000 Mailing-List: contact libc-hacker-help@sources.redhat.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-hacker-owner@sources.redhat.com Received: (qmail 16661 invoked from network); 26 Feb 2004 17:26:24 -0000 Received: from unknown (HELO sunsite.ms.mff.cuni.cz) (195.113.19.66) by sources.redhat.com with SMTP; 26 Feb 2004 17:26:24 -0000 Received: from sunsite.ms.mff.cuni.cz (sunsite.mff.cuni.cz [127.0.0.1]) by sunsite.ms.mff.cuni.cz (8.12.8/8.12.8) with ESMTP id i1QFHZvf007861; Thu, 26 Feb 2004 16:17:35 +0100 Received: (from jakub@localhost) by sunsite.ms.mff.cuni.cz (8.12.8/8.12.8/Submit) id i1QFHY7a007859; Thu, 26 Feb 2004 16:17:34 +0100 Date: Thu, 26 Feb 2004 17:26:00 -0000 From: Jakub Jelinek To: Ulrich Drepper Cc: Glibc hackers , mingo@redhat.com Subject: [PATCH] vDSO fixes Message-ID: <20040226151734.GK4581@sunsite.ms.mff.cuni.cz> Reply-To: Jakub Jelinek Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i X-SW-Source: 2004-02/txt/msg00053.txt.bz2 Hi! This patch fixes 3 problems with vDSOs: 1) assertion failure if AT_SYSINFO_EHDR is passed to ld.so and one runs e.g. elf/ld.so ./libc.so (the code needs to take into account the vDSO which is in the dl_loaded chain, yet not in the search list 2) if AT_SYSINFO has been passed to the app, IMHO ld.so should honor it, not unconditionally overwrite it with e_entry of the vDSO pointed by AT_SYSINFO_EHDR 3) ld.so did not handle randomized vDSO properly (although there is code which handles relocation of .dynamic in such cases, a) e_entry for GL(dl_sysinfo) has not been adjusted b) l_addr and l_map_end have not been computed properly c) there was an assertion that l_addr is 0) To test this (don't have a kernel with randomized vDSO yet), I added open/mmap/close of vsyscall.so into dl-sysdep.c and tweaked GL(dl_sysinfo_dso) and GL(dl_sysinfo) accordingly (on AMD64 for 32-bit app, and syscall insn doesn't need fixed return address, so I did not need kernel changes). 2004-02-26 Jakub Jelinek * elf/rtld.c (dl_main): Correctly set up l_map_end and l_addr in vDSO's link_map, don't assume l_addr == 0. Set GL(dl_sysinfo) from e_entry only if AT_SYSINFO not present and adjust by l_addr. Take vDSO into account when inserting rtld into _dl_loaded chain. --- libc/elf/rtld.c 20 Feb 2004 05:40:40 -0000 1.313 +++ libc/elf/rtld.c 26 Feb 2004 17:02:38 -0000 @@ -1211,11 +1211,9 @@ ERROR: ld.so: object '%s' from %s cannot } #ifdef NEED_DL_SYSINFO + struct link_map *sysinfo_map = NULL; if (GL(dl_sysinfo_dso) != NULL) { - /* We have a prelinked DSO preloaded by the system. */ - GL(dl_sysinfo) = GL(dl_sysinfo_dso)->e_entry; - /* Do an abridged version of the work _dl_map_object_from_fd would do to map in the object. It's already mapped and prelinked (and better be, since it's read-only and so we couldn't relocate it). @@ -1225,9 +1223,6 @@ ERROR: ld.so: object '%s' from %s cannot if (__builtin_expect (l != NULL, 1)) { static ElfW(Dyn) dyn_temp[DL_RO_DYN_TEMP_CNT]; -#ifndef NDEBUG - uint_fast16_t pt_load_num = 0; -#endif l->l_phdr = ((const void *) GL(dl_sysinfo_dso) + GL(dl_sysinfo_dso)->e_phoff); @@ -1239,21 +1234,21 @@ ERROR: ld.so: object '%s' from %s cannot { l->l_ld = (void *) ph->p_vaddr; l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn)); - break; } -#ifndef NDEBUG - if (ph->p_type == PT_LOAD) + else if (ph->p_type == PT_LOAD) { - assert (pt_load_num - || (void *) ph->p_vaddr == GL(dl_sysinfo_dso)); - pt_load_num++; + if (! l->l_addr) + l->l_addr = ph->p_vaddr; + else if (ph->p_vaddr + ph->p_memsz >= l->l_map_end) + l->l_map_end = ph->p_vaddr + ph->p_memsz; } -#endif } + l->l_map_start = (ElfW(Addr)) GL(dl_sysinfo_dso); + l->l_addr = l->l_map_start - l->l_addr; + l->l_map_end += l->l_addr; elf_get_dynamic_info (l, dyn_temp); _dl_setup_hash (l); l->l_relocated = 1; - l->l_map_start = (ElfW(Addr)) GL(dl_sysinfo_dso); /* Now that we have the info handy, use the DSO image's soname so this object can be looked up by name. Note that we do not @@ -1271,6 +1266,11 @@ ERROR: ld.so: object '%s' from %s cannot _dl_fatal_printf ("out of memory\n"); l->l_libname->name = memcpy (copy, dsoname, len); } + + /* We have a prelinked DSO preloaded by the system. */ + if (GL(dl_sysinfo) == DL_SYSINFO_DEFAULT) + GL(dl_sysinfo) = GL(dl_sysinfo_dso)->e_entry + l->l_addr; + sysinfo_map = l; } } #endif @@ -1316,9 +1316,17 @@ ERROR: ld.so: object '%s' from %s cannot ++i; GL(dl_rtld_map).l_prev = GL(dl_loaded)->l_searchlist.r_list[i - 1]; if (__builtin_expect (mode, normal) == normal) - GL(dl_rtld_map).l_next = (i + 1 < GL(dl_loaded)->l_searchlist.r_nlist - ? GL(dl_loaded)->l_searchlist.r_list[i + 1] - : NULL); + { + GL(dl_rtld_map).l_next = (i + 1 < GL(dl_loaded)->l_searchlist.r_nlist + ? GL(dl_loaded)->l_searchlist.r_list[i + 1] + : NULL); +#ifdef NEED_DL_SYSINFO + if (sysinfo_map != NULL + && GL(dl_rtld_map).l_prev->l_next == sysinfo_map + && GL(dl_rtld_map).l_next != sysinfo_map) + GL(dl_rtld_map).l_prev = sysinfo_map; +#endif + } else /* In trace mode there might be an invisible object (which we could not find) after the previous one in the search list. Jakub