From patchwork Thu Dec 7 10:30:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 56472 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id C558F385AC19 for ; Thu, 7 Dec 2023 10:31:07 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 026D83858023 for ; Thu, 7 Dec 2023 10:30:43 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 026D83858023 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 026D83858023 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1701945054; cv=none; b=TsCycKFDJbu53OvnfxDZulZyi9oWZ4W0s+z/b2/abh+3f0w1ntKkFgGt6ef/SMRpKphe+3n8/63VdfKCNr/pmD0MGFth5zW9wJ5HMjX64R9pDiSjMYgQhyWW8HNcthjfukW9YpiibV30GoU3G+xtFVgxqdkJWhXWuFzJdT6X/4Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1701945054; c=relaxed/simple; bh=h9GZTI64Un1STBjNg6oORcqAEwKpgOTtmnqyI8jkVLs=; h=DKIM-Signature:From:To:Subject:Message-ID:Date:MIME-Version; b=U+106AOfQI2lwy6HHfpmqt2wOLM/gjhHuoNE8aoaD7602PxRVAo9ovX1dM6e3rGZiCArWHXo54Q+8C3pV8zxL9lFihWcA9SkY0WILGqYR5vRDrBiSEO0VzwUkcctDpcLbzoSWHOL2QneVMdH4BoIk6qBUAY1Qy/u1WmonSPb9ps= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1701945043; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rnvTQddQEMLfu56Wge6mQIi8LrMhuLf1flJ/u2KYDfQ=; b=gFBOA2u5cTQGr0RCx7czHQifm/951sXZdt3uNxjurqSUuXoAPYbQ86p+Fr1pXuanIO2xR6 kpWbOz9uz/1em9ba32IAWlnZfNL/KoBsjQfo/1RDxOPnYQtYAZlafFU7q0aPV6vkIs8wa5 JuTmNwJ4w8+eW6nq+83nMlhXTr8KhWs= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-96-lMogiRgDPY-IzHhrsU7l0w-1; Thu, 07 Dec 2023 05:30:42 -0500 X-MC-Unique: lMogiRgDPY-IzHhrsU7l0w-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D77731C05EB4 for ; Thu, 7 Dec 2023 10:30:41 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.39.192.131]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B00291C060AF for ; Thu, 7 Dec 2023 10:30:40 +0000 (UTC) From: Florian Weimer To: libc-alpha@sourceware.org Subject: [PATCH v3 00/32] RELRO linkmaps Message-ID: X-From-Line: 160e47e5faaa2dbd908bffeae458b4271527dd2e Mon Sep 17 00:00:00 2001 Date: Thu, 07 Dec 2023 11:30:38 +0100 User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.3 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org This is a rebase on top of the current development branch. There were quite a few conflicts. Is the struct link_map_private change something we want? (We currently have different definitions of struct link_map within glibc and for applications, resulting in conflicting debugging information.) I can submit that as a separate patch. Likewise, I'd like to move the dl_rtld_map out of _rtld_global because it makes the internal GLIBC_PRIVATE ABI more stable. This series achieves this as a side effect because the link map is now allocated using the protected memory allocator. But if the entire series can't land in 2.39, I'd like to submit this separately as well, along with the “_dl_rtld_map should not exist in static builds” cleanup. Thanks, Florian Florian Weimer (32): support: Add for protection flags probing misc: Enable internal use of memory protection keys elf: Remove _dl_sysdep_open_object hook function elf: Eliminate second loop in find_version in dl-version.c elf: In rtld_setup_main_map, assume ld.so has a DYNAMIC segment elf: Remove version assert in check_match in elf/dl-lookup.c elf: Disambiguate some failures in _dl_load_cache_lookup elf: Eliminate alloca in open_verify Do not export functions from libc elf: Make usable in ld.so elf: Merge the three implementations of _dl_dst_substitute elf: Move __rtld_malloc_init_stubs call into _dl_start_final elf: Merge __dl_libc_freemem into __rtld_libc_freeres elf: Use struct link_map_private for the internal link map elf: Remove run-time-writable fields from struct link_map_private elf: Move l_tls_offset into read-write part of link map elf: Allocate auditor state after read-write link map elf: Move link map fields used by dependency sorting to writable part elf: Split _dl_lookup_map, _dl_map_new_object from _dl_map_object elf: Add l_soname accessor function for DT_SONAME values elf: _dl_rtld_map should not exist in static builds elf: Introduce GLPM accessor for the protected memory area elf: Bootstrap allocation for future protected memory allocator elf: Implement a basic protected memory allocator elf: Move most of the _dl_find_object data to the protected heap elf: Switch to a region-based protected memory allocator elf: Determine the caller link map in _dl_open elf: Add fast path to dlopen for fully-opened maps elf: Use _dl_find_object instead of _dl_find_dso_for_object in dlopen elf: Put critical _dl_find_object pointers into protected memory area elf: Add hash tables to speed up DT_NEEDED, dlopen lookups elf: Use memory protection keys for the protected memory allocator NEWS | 4 + csu/libc-start.c | 7 +- csu/libc-tls.c | 8 +- debug/backtracesyms.c | 4 +- debug/backtracesymsfd.c | 6 +- dlfcn/dladdr1.c | 7 +- dlfcn/dlinfo.c | 4 +- dlfcn/tst-dlinfo-phdr.c | 15 +- elf/Makefile | 24 + elf/circleload1.c | 18 +- elf/dl-addr-obj.c | 4 +- elf/dl-addr.c | 13 +- elf/dl-audit.c | 25 +- elf/dl-cache.c | 33 +- elf/dl-call-libc-early-init.c | 2 +- elf/dl-call_fini.c | 11 +- elf/dl-close.c | 187 ++--- elf/dl-debug.c | 12 - elf/dl-deps.c | 177 +++-- elf/dl-diagnostics.c | 2 + elf/dl-find_object.c | 167 ++--- elf/dl-find_object.h | 21 +- elf/dl-fini.c | 16 +- elf/dl-fptr.c | 6 +- elf/dl-init.c | 22 +- elf/dl-iteratephdr.c | 11 +- elf/dl-libc.c | 115 +-- elf/dl-libc_freeres.c | 94 ++- elf/dl-libname.c | 281 ++++++++ elf/dl-libname.h | 121 ++++ elf/dl-load.c | 501 ++++++------- elf/dl-load.h | 6 +- elf/dl-lookup-direct.c | 5 +- elf/dl-lookup.c | 150 ++-- elf/dl-machine-reject-phdr.h | 4 +- elf/dl-map-segments.h | 16 +- elf/dl-minimal.c | 4 +- elf/dl-misc.c | 20 - elf/dl-object.c | 181 +++-- elf/dl-open.c | 227 +++--- elf/dl-profile.c | 4 +- elf/dl-protmem-internal.h | 100 +++ elf/dl-protmem.c | 679 ++++++++++++++++++ elf/dl-protmem.h | 102 +++ elf/dl-protmem_bootstrap.h | 36 + elf/dl-reloc-static-pie.c | 7 +- elf/dl-reloc.c | 46 +- elf/dl-runtime.c | 6 +- elf/dl-setup_hash.c | 2 +- elf/dl-sort-maps.c | 53 +- elf/dl-static-tls.h | 10 +- elf/dl-support.c | 46 +- elf/dl-sym-post.h | 6 +- elf/dl-sym.c | 10 +- elf/dl-symaddr.c | 2 +- elf/dl-sysdep-open.h | 45 -- elf/dl-tls.c | 61 +- elf/dl-tunables.list | 6 + elf/dl-unmap-segments.h | 2 +- elf/dl-usage.c | 2 +- elf/dl-version.c | 77 +- elf/do-rel.h | 19 +- elf/dynamic-link.h | 14 +- elf/get-dynamic-info.h | 12 +- elf/libc-early-init.h | 6 +- elf/loadtest.c | 34 +- elf/neededtest.c | 18 +- elf/neededtest2.c | 18 +- elf/neededtest3.c | 18 +- elf/neededtest4.c | 18 +- elf/pldd-xx.c | 19 +- elf/pldd.c | 1 + elf/rtld.c | 454 ++++++------ elf/rtld_static_init.c | 2 +- elf/setup-vdso.h | 46 +- elf/sotruss-lib.c | 5 +- elf/sprof.c | 27 +- elf/tlsdeschtab.h | 4 +- elf/tst-_dl_addr_inside_object.c | 13 +- elf/tst-audit19a.c | 2 +- elf/tst-dl-protmem.c | 364 ++++++++++ elf/tst-dl_find_object-threads.c | 6 +- elf/tst-dl_find_object.c | 19 +- elf/tst-relro-linkmap-disabled-mod1.c | 46 ++ elf/tst-relro-linkmap-disabled-mod2.c | 2 + elf/tst-relro-linkmap-disabled.c | 64 ++ elf/tst-relro-linkmap-mod1.c | 42 ++ elf/tst-relro-linkmap-mod2.c | 2 + elf/tst-relro-linkmap-mod3.c | 2 + elf/tst-relro-linkmap.c | 112 +++ elf/tst-rtld-list-tunables.exp | 1 + elf/tst-rtld-nomem.c | 177 +++++ elf/tst-tls6.c | 8 +- elf/tst-tls7.c | 8 +- elf/tst-tls8.c | 24 +- elf/unload.c | 10 +- elf/unload2.c | 10 +- htl/pt-alloc.c | 7 +- include/alloc_buffer.h | 26 +- include/dlfcn.h | 6 +- include/link.h | 178 +++-- include/rtld-malloc.h | 5 +- include/set-freeres.h | 1 - libio/vtables.c | 2 +- malloc/Makefile | 6 +- malloc/Versions | 7 - malloc/alloc_buffer_alloc_array.c | 1 - malloc/alloc_buffer_allocate.c | 1 - malloc/alloc_buffer_copy_bytes.c | 1 - malloc/alloc_buffer_copy_string.c | 1 - malloc/alloc_buffer_create_failure.c | 7 +- malloc/set-freeres.c | 2 - malloc/tst-alloc_buffer.c | 4 + manual/tunables.texi | 29 + nptl/Versions | 3 +- nptl/pthread_create.c | 8 + nptl_db/db_info.c | 3 +- nptl_db/structs.def | 3 +- nptl_db/td_thr_tlsbase.c | 12 +- nss/Makefile | 4 +- stdlib/cxa_thread_atexit_impl.c | 10 +- stdlib/tst-tls-atexit.c | 10 +- support/Makefile | 3 + support/memprobe.h | 43 ++ support/support-alloc_buffer.c | 26 + support/support_memprobe.c | 251 +++++++ support/tst-support_memprobe.c | 118 +++ sysdeps/aarch64/dl-bti.c | 14 +- sysdeps/aarch64/dl-lookupcfg.h | 4 +- sysdeps/aarch64/dl-machine.h | 29 +- sysdeps/aarch64/dl-prop.h | 12 +- sysdeps/aarch64/dl-tlsdesc.h | 2 +- sysdeps/aarch64/tlsdesc.c | 2 +- sysdeps/alpha/dl-machine.h | 24 +- sysdeps/arc/dl-machine.h | 21 +- sysdeps/arm/dl-lookupcfg.h | 4 +- sysdeps/arm/dl-machine.h | 43 +- sysdeps/arm/dl-tlsdesc.h | 2 +- sysdeps/arm/tlsdesc.c | 2 +- sysdeps/csky/dl-machine.h | 22 +- sysdeps/generic/dl-debug.h | 2 +- sysdeps/generic/dl-early_mmap.h | 35 + sysdeps/generic/dl-fptr.h | 4 +- sysdeps/generic/dl-prop.h | 8 +- sysdeps/generic/dl-protected.h | 10 +- sysdeps/generic/dl-protmem-pkey.h | 20 + sysdeps/generic/ldsodefs.h | 280 +++++--- sysdeps/generic/rtld_static_init.h | 3 +- sysdeps/hppa/dl-fptr.c | 10 +- sysdeps/hppa/dl-lookupcfg.h | 6 +- sysdeps/hppa/dl-machine.h | 29 +- sysdeps/hppa/dl-runtime.c | 4 +- sysdeps/hppa/dl-runtime.h | 2 +- sysdeps/hppa/dl-symaddr.c | 2 +- sysdeps/htl/pthreadP.h | 2 +- sysdeps/i386/dl-machine.h | 41 +- sysdeps/i386/dl-tlsdesc.h | 2 +- sysdeps/i386/tlsdesc.c | 2 +- sysdeps/ia64/dl-lookupcfg.h | 6 +- sysdeps/ia64/dl-machine.h | 29 +- sysdeps/loongarch/dl-machine.h | 19 +- sysdeps/loongarch/dl-tls.h | 2 +- sysdeps/m68k/dl-machine.h | 20 +- sysdeps/m68k/dl-tls.h | 2 +- sysdeps/microblaze/dl-machine.h | 23 +- sysdeps/mips/Makefile | 6 + sysdeps/mips/dl-debug.h | 2 +- sysdeps/mips/dl-machine-reject-phdr.h | 20 +- sysdeps/mips/dl-machine.h | 74 +- sysdeps/mips/dl-tls.h | 2 +- sysdeps/mips/dl-trampoline.c | 19 +- sysdeps/nios2/dl-init.c | 6 +- sysdeps/nios2/dl-machine.h | 19 +- sysdeps/nios2/dl-tls.h | 2 +- sysdeps/nptl/dl-mutex.c | 2 +- sysdeps/or1k/dl-machine.h | 20 +- sysdeps/powerpc/dl-tls.h | 2 +- sysdeps/powerpc/powerpc32/dl-machine.c | 19 +- sysdeps/powerpc/powerpc32/dl-machine.h | 40 +- sysdeps/powerpc/powerpc64/dl-machine.c | 8 +- sysdeps/powerpc/powerpc64/dl-machine.h | 48 +- sysdeps/riscv/dl-machine.h | 26 +- sysdeps/riscv/dl-tls.h | 2 +- sysdeps/s390/s390-32/dl-machine.h | 29 +- sysdeps/s390/s390-64/dl-machine.h | 29 +- sysdeps/sh/dl-machine.h | 36 +- sysdeps/sparc/sparc32/dl-machine.h | 24 +- sysdeps/sparc/sparc64/dl-irel.h | 2 +- sysdeps/sparc/sparc64/dl-machine.h | 27 +- sysdeps/sparc/sparc64/dl-plt.h | 4 +- sysdeps/unix/sysv/linux/dl-early_allocate.c | 17 +- sysdeps/unix/sysv/linux/dl-early_mmap.h | 41 ++ sysdeps/unix/sysv/linux/dl-origin.c | 1 - sysdeps/unix/sysv/linux/dl-protmem-pkey.h | 23 + sysdeps/unix/sysv/linux/dl-sysdep.c | 2 + sysdeps/unix/sysv/linux/dl-vdso.h | 2 +- .../sysv/linux/include/bits/mman-shared.h | 16 + sysdeps/unix/sysv/linux/pkey_get.c | 5 +- sysdeps/unix/sysv/linux/pkey_mprotect.c | 4 +- sysdeps/unix/sysv/linux/pkey_set.c | 5 +- sysdeps/unix/sysv/linux/powerpc/libc-start.c | 2 +- .../sysv/linux/powerpc/powerpc64/ldsodefs.h | 14 +- .../sysv/linux/powerpc/powerpc64/pkey_get.c | 4 +- .../sysv/linux/powerpc/powerpc64/pkey_set.c | 4 +- .../sysv/linux/powerpc/rtld_static_init.h | 3 +- sysdeps/unix/sysv/linux/syscalls.list | 4 +- sysdeps/unix/sysv/linux/x86/dl-protmem-pkey.h | 26 + sysdeps/unix/sysv/linux/x86/pkey_get.c | 5 +- sysdeps/unix/sysv/linux/x86/pkey_set.c | 5 +- sysdeps/x86/dl-cet.c | 4 +- sysdeps/x86/dl-lookupcfg.h | 4 +- sysdeps/x86/dl-prop.h | 29 +- sysdeps/x86_64/dl-machine.h | 39 +- sysdeps/x86_64/dl-tlsdesc.h | 2 +- sysdeps/x86_64/tlsdesc.c | 2 +- 215 files changed, 5267 insertions(+), 2446 deletions(-) create mode 100644 elf/dl-libname.c create mode 100644 elf/dl-libname.h create mode 100644 elf/dl-protmem-internal.h create mode 100644 elf/dl-protmem.c create mode 100644 elf/dl-protmem.h create mode 100644 elf/dl-protmem_bootstrap.h delete mode 100644 elf/dl-sysdep-open.h create mode 100644 elf/tst-dl-protmem.c create mode 100644 elf/tst-relro-linkmap-disabled-mod1.c create mode 100644 elf/tst-relro-linkmap-disabled-mod2.c create mode 100644 elf/tst-relro-linkmap-disabled.c create mode 100644 elf/tst-relro-linkmap-mod1.c create mode 100644 elf/tst-relro-linkmap-mod2.c create mode 100644 elf/tst-relro-linkmap-mod3.c create mode 100644 elf/tst-relro-linkmap.c create mode 100644 elf/tst-rtld-nomem.c create mode 100644 support/memprobe.h create mode 100644 support/support-alloc_buffer.c create mode 100644 support/support_memprobe.c create mode 100644 support/tst-support_memprobe.c create mode 100644 sysdeps/generic/dl-early_mmap.h create mode 100644 sysdeps/generic/dl-protmem-pkey.h create mode 100644 sysdeps/unix/sysv/linux/dl-early_mmap.h create mode 100644 sysdeps/unix/sysv/linux/dl-protmem-pkey.h create mode 100644 sysdeps/unix/sysv/linux/include/bits/mman-shared.h create mode 100644 sysdeps/unix/sysv/linux/x86/dl-protmem-pkey.h base-commit: 958478889c6a7a12b35b857b9788b7ad8706a01e