From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 5BFB43857C46 for ; Tue, 12 Apr 2022 18:42:58 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 5BFB43857C46 Received: from mail-qv1-f71.google.com (mail-qv1-f71.google.com [209.85.219.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-477--cKofZmCNmi0YUlAT3u-Ew-1; Tue, 12 Apr 2022 14:42:56 -0400 X-MC-Unique: -cKofZmCNmi0YUlAT3u-Ew-1 Received: by mail-qv1-f71.google.com with SMTP id t10-20020ad45bca000000b0044457d2bab0so2617786qvt.22 for ; Tue, 12 Apr 2022 11:42:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=gj4cqQMtGOJhSai2JNe4R8Tygpp5ZGfJFj0/sIi3FAA=; b=JWTzJplA/GFVEwYvrc0CJJ5u7kWxUT4yClUjbPaPCDa384lYcgg1vyQPrWYXpBj4v9 nCzXz9eaaFRcqbuhxyP98F8w2rsP3cc0c+z2SLzOB0Do3ctEUPYzenmKNQr7lLQyBRCx /6GzvgphNARXVvWTN90/2zlfuYiOP4cWWzhXQj3cb7CjR+3FsafAPnSLCcwBiUFR67G4 SNHhyHhfFibZqo6AL6+W8abRmMZDs1busdPKnFWjyD2oWrUfLmwXRuC0TFiLdKfhkDQM Trj1+L0hgvJGbQiP8muQh5+qPYSKAFNHnBB2EOtRCFE+2RIvnVtnm4UJqDuIQN1zEnXV cHiw== X-Gm-Message-State: AOAM533sT3mI0tE0gtkcD/HtTWFHXxp5GwOXpdswtc4ydDLwdaeSZTq5 WfhBlhiA1F5qzcbE8/xiyNU7Po6d7r5+bhIDXEyre4nDDz27N5OH4+2cDik/4yC5aISOdf3MMUh y7DNUX3q2BQvBS6H4TDZVwq4luYJNEeYrDiLbYJeOnH01hqoZNnmqoiiDVCpcr0djbuZPdc0= X-Received: by 2002:ad4:5aa9:0:b0:441:3a0a:1aba with SMTP id u9-20020ad45aa9000000b004413a0a1abamr32366192qvg.20.1649788975976; Tue, 12 Apr 2022 11:42:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwqyrwq3OVf8+Tq9V31TnGj/CzVGDz43r274URgemeexZLoWLZ2h7MQFj4iII1JqcdQB0qBnw== X-Received: by 2002:ad4:5aa9:0:b0:441:3a0a:1aba with SMTP id u9-20020ad45aa9000000b004413a0a1abamr32366180qvg.20.1649788975723; Tue, 12 Apr 2022 11:42:55 -0700 (PDT) Received: from athas.redhat.com (135-23-175-80.cpe.pppoe.ca. [135.23.175.80]) by smtp.gmail.com with ESMTPSA id j19-20020a05622a039300b002ecc2ebfd87sm10953840qtx.32.2022.04.12.11.42.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Apr 2022 11:42:55 -0700 (PDT) From: Carlos O'Donell To: libc-stable@sourceware.org Subject: [PATCH 26/27] hppa: Fix bind-now audit (BZ #28857) Date: Tue, 12 Apr 2022 14:42:04 -0400 Message-Id: <20220412184205.3343677-27-carlos@redhat.com> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220412184205.3343677-1-carlos@redhat.com> References: <20220412184205.3343677-1-carlos@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: application/octet-stream; x-default=true X-Spam-Status: No, score=-5.5 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-stable@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-stable mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Apr 2022 18:42:59 -0000 From: Adhemerval Zanella On hppa, a function pointer returned by la_symbind is actually a function descriptor has the plabel bit set (bit 30). This must be cleared to get the actual address of the descriptor. If the descriptor has been bound, the first word of the descriptor is the physical address of theA function, otherwise, the first word of the descriptor points to a trampoline in the PLT. This patch also adds a workaround on tests because on hppa (and it seems to be the only ABI I have see it), some shared library adds a dynamic PLT relocation to am empty symbol name: $ readelf -r elf/tst-audit25mod1.so [...] Relocation section '.rela.plt' at offset 0x464 contains 6 entries: Offset Info Type Sym.Value Sym. Name + Addend 00002008 00000081 R_PARISC_IPLT 508 [...] It breaks some assumptions on the test, where a symbol with an empty name ("") is passed on la_symbind. Checked on x86_64-linux-gnu and hppa-linux-gnu. (cherry picked from commit 9e94f57484a2aba0fe67ea2059b5843f651887c2) --- elf/Makefile | 2 +- elf/dl-audit.c | 3 ++- elf/tst-auditmod24a.c | 4 +++- elf/tst-auditmod24d.c | 4 +++- elf/tst-auditmod25.c | 2 +- sysdeps/hppa/dl-lookupcfg.h | 8 +++++--- 6 files changed, 15 insertions(+), 8 deletions(-) diff --git a/elf/Makefile b/elf/Makefile index 38e5793f35..fe954374c9 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -2072,7 +2072,7 @@ $(objpfx)tst-audit24c.out: $(objpfx)tst-auditmod24c.so $(objpfx)tst-audit24c: $(objpfx)tst-audit24amod1.so \ $(objpfx)tst-audit24amod2.so tst-audit24c-ENV = LD_BIND_NOW=1 LD_AUDIT=$(objpfx)tst-auditmod24c.so -LDFLAGS-tst-audit24b = -Wl,-z,lazy +LDFLAGS-tst-audit24c = -Wl,-z,lazy $(objpfx)tst-audit24d.out: $(objpfx)tst-auditmod24d.so $(objpfx)tst-audit24d: $(objpfx)tst-audit24dmod1.so \ diff --git a/elf/dl-audit.c b/elf/dl-audit.c index 72a50717ef..ec9b032eae 100644 --- a/elf/dl-audit.c +++ b/elf/dl-audit.c @@ -257,7 +257,8 @@ _dl_audit_symbind (struct link_map *l, struct reloc_result *reloc_result, reloc_result->flags = flags; } - DL_FIXUP_BINDNOW_RELOC (value, new_value, sym.st_value); + if (flags & LA_SYMB_ALTVALUE) + DL_FIXUP_BINDNOW_RELOC (value, new_value, sym.st_value); } void diff --git a/elf/tst-auditmod24a.c b/elf/tst-auditmod24a.c index d8e88f3984..3075dfae2f 100644 --- a/elf/tst-auditmod24a.c +++ b/elf/tst-auditmod24a.c @@ -110,5 +110,7 @@ la_symbind32 (Elf32_Sym *sym, unsigned int ndx, return sym->st_value; } - abort (); + if (symname[0] != '\0') + abort (); + return sym->st_value; } diff --git a/elf/tst-auditmod24d.c b/elf/tst-auditmod24d.c index 8c803ecc0a..badc6be451 100644 --- a/elf/tst-auditmod24d.c +++ b/elf/tst-auditmod24d.c @@ -116,5 +116,7 @@ la_symbind32 (Elf32_Sym *sym, unsigned int ndx, } } - abort (); + if (symname[0] != '\0') + abort (); + return sym->st_value; } diff --git a/elf/tst-auditmod25.c b/elf/tst-auditmod25.c index 526f5c54bc..20640a8daf 100644 --- a/elf/tst-auditmod25.c +++ b/elf/tst-auditmod25.c @@ -72,7 +72,7 @@ la_symbind32 (Elf32_Sym *sym, unsigned int ndx, unsigned int *flags, const char *symname) #endif { - if (*refcook != -1 && *defcook != -1) + if (*refcook != -1 && *defcook != -1 && symname[0] != '\0') fprintf (stderr, "la_symbind: %s %u\n", symname, *flags & (LA_SYMB_NOPLTENTER | LA_SYMB_NOPLTEXIT) ? 1 : 0); return sym->st_value; diff --git a/sysdeps/hppa/dl-lookupcfg.h b/sysdeps/hppa/dl-lookupcfg.h index f4f00714fa..92fd0b7c84 100644 --- a/sysdeps/hppa/dl-lookupcfg.h +++ b/sysdeps/hppa/dl-lookupcfg.h @@ -80,7 +80,9 @@ void attribute_hidden _dl_unmap (struct link_map *map); /* Extract the code address from a fixup value */ #define DL_FIXUP_VALUE_CODE_ADDR(value) ((value).ip) #define DL_FIXUP_VALUE_ADDR(value) ((uintptr_t) &(value)) -#define DL_FIXUP_ADDR_VALUE(addr) (*(struct fdesc *) (addr)) +/* Clear the plabel bit to get the actual address of the descriptor. */ +#define DL_FIXUP_ADDR_VALUE(addr) \ + (*(DL_FIXUP_VALUE_TYPE *) ((uintptr_t) (addr) & ~2)) #define DL_FIXUP_BINDNOW_ADDR_VALUE(addr) (addr) -#define DL_FIXUP_BINDNOW_RELOC(value, new_value, st_value) \ - (*value) = *(struct fdesc *) (st_value) +#define DL_FIXUP_BINDNOW_RELOC(value, new_value, st_value) \ + *(value) = *(DL_FIXUP_VALUE_TYPE *) ((uintptr_t) (new_value) & ~2) -- 2.35.1