From patchwork Mon Feb 7 14:15:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 50857 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 0E7553858425 for ; Mon, 7 Feb 2022 14:15:39 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0E7553858425 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1644243339; bh=pMLyhMBB4zWEjR8wkxV6J4brVoj8avrTAEjweRCt+2E=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=vES0c8phLHbaBVrfoDL0Q6w8v8iFR3c5pj97rQ2sgcXKPHQtDA1rBRI+lB0ErYHtr ycunuxw5l9dhMYMrUwZIO34/yhuUXMMniFJkaxBpCucq91Hwl8NibKeiyTFTboK2FU AEgKcWKBwv3gX9Hvv1MuLnLnQmqGHkR/jIFFtSIo= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-oo1-xc2b.google.com (mail-oo1-xc2b.google.com [IPv6:2607:f8b0:4864:20::c2b]) by sourceware.org (Postfix) with ESMTPS id 327413858C83 for ; Mon, 7 Feb 2022 14:15:16 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 327413858C83 Received: by mail-oo1-xc2b.google.com with SMTP id 189-20020a4a03c6000000b003179d7b30d8so3261508ooi.2 for ; Mon, 07 Feb 2022 06:15:16 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=pMLyhMBB4zWEjR8wkxV6J4brVoj8avrTAEjweRCt+2E=; b=V+GXKy26jvyAkHsngokLcT2lxzYcpLsvPs7ym4VRAILUOftK+zxFOwPCIKnI6meaSp avp2zA8Y/AgTt5vIGIU0fs4Ip2fZeBa0jDPLe4qmACb3vKDjAjS0UUqISXR0EnCyn3Ys 652BYHTCMM88cG8cOR0iZ2oXcXUuy6idcf+STJURfK3Jzms8UcLPadZ9pFnioUHzgIh5 tXb2UaOa9vL3SdfeztFrd38d2/jd/P+w/7nD+wpntgCyCgUCUB8/0QKo0n8NDiSAn335 /2Jrn442VwxjfeSfFYRAmBb2QsMAdIqyaIVM0d6PmCjA/U33Nl+km5I6jYhEIWqP7ERL VGyw== X-Gm-Message-State: AOAM533cB8Orx0JHBHC0Szy5ukMAqPb/w7wd0lkvMBCXKxkYNJyWOhSt aTg6wc85QRFC89AE/Zaybco7V1R5S6/25w== X-Google-Smtp-Source: ABdhPJw4h1VBi3n2dlfYsMMkbQO1nVfx8+8Cao/IYD50az7YbY+vcsbDHynr+nDMeNw+mXmKPcLBsQ== X-Received: by 2002:a05:6870:9513:: with SMTP id u19mr4372181oal.306.1644243315256; Mon, 07 Feb 2022 06:15:15 -0800 (PST) Received: from birita.. ([2804:431:c7ca:733:4cdc:e08a:54c6:5108]) by smtp.gmail.com with ESMTPSA id 9sm267603oas.27.2022.02.07.06.15.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 07 Feb 2022 06:15:15 -0800 (PST) To: libc-alpha@sourceware.org, John David Anglin Subject: [PATCH v3] hppa: Fix bind-now audit (BZ #28857) Date: Mon, 7 Feb 2022 11:15:11 -0300 Message-Id: <20220207141511.668554-1-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_STOCKGEN, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Adhemerval Zanella via Libc-alpha From: Adhemerval Zanella Reply-To: Adhemerval Zanella Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" On hppa, a function pointer returned by la_symbind is actually a function descriptor has the plabel bit set (bit 30). This must be cleared to get the actual address of the descriptor. If the descriptor has been bound, the first word of the descriptor is the physical address of theA function, otherwise, the first word of the descriptor points to a trampoline in the PLT. This patch also adds a workaround on tests because on hppa (and it seems to be the only ABI I have see it), some shared library adds a dynamic PLT relocation to am empty symbol name: $ readelf -r elf/tst-audit25mod1.so [...] Relocation section '.rela.plt' at offset 0x464 contains 6 entries: Offset Info Type Sym.Value Sym. Name + Addend 00002008 00000081 R_PARISC_IPLT 508 [...] It breaks some assumptions on the test, where a symbol with an empty name ("") is passed on la_symbind. Checked on x86_64-linux-gnu and hppa-linux-gnu. --- v3: Remove _dl_lookup_address usage. --- elf/Makefile | 2 +- elf/dl-audit.c | 3 ++- elf/tst-auditmod24a.c | 4 +++- elf/tst-auditmod24d.c | 4 +++- elf/tst-auditmod25.c | 2 +- sysdeps/hppa/dl-lookupcfg.h | 8 +++++--- 6 files changed, 15 insertions(+), 8 deletions(-) diff --git a/elf/Makefile b/elf/Makefile index 5bdf0a383d..7372cb191c 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -2210,7 +2210,7 @@ $(objpfx)tst-audit24c.out: $(objpfx)tst-auditmod24c.so $(objpfx)tst-audit24c: $(objpfx)tst-audit24amod1.so \ $(objpfx)tst-audit24amod2.so tst-audit24c-ENV = LD_BIND_NOW=1 LD_AUDIT=$(objpfx)tst-auditmod24c.so -LDFLAGS-tst-audit24b = -Wl,-z,lazy +LDFLAGS-tst-audit24c = -Wl,-z,lazy $(objpfx)tst-audit24d.out: $(objpfx)tst-auditmod24d.so $(objpfx)tst-audit24d: $(objpfx)tst-audit24dmod1.so \ diff --git a/elf/dl-audit.c b/elf/dl-audit.c index 794bfd45cd..efc0492474 100644 --- a/elf/dl-audit.c +++ b/elf/dl-audit.c @@ -257,7 +257,8 @@ _dl_audit_symbind (struct link_map *l, struct reloc_result *reloc_result, reloc_result->flags = flags; } - DL_FIXUP_BINDNOW_RELOC (value, new_value, sym.st_value); + if (flags & LA_SYMB_ALTVALUE) + DL_FIXUP_BINDNOW_RELOC (value, new_value, sym.st_value); } void diff --git a/elf/tst-auditmod24a.c b/elf/tst-auditmod24a.c index d8e88f3984..3075dfae2f 100644 --- a/elf/tst-auditmod24a.c +++ b/elf/tst-auditmod24a.c @@ -110,5 +110,7 @@ la_symbind32 (Elf32_Sym *sym, unsigned int ndx, return sym->st_value; } - abort (); + if (symname[0] != '\0') + abort (); + return sym->st_value; } diff --git a/elf/tst-auditmod24d.c b/elf/tst-auditmod24d.c index 8c803ecc0a..badc6be451 100644 --- a/elf/tst-auditmod24d.c +++ b/elf/tst-auditmod24d.c @@ -116,5 +116,7 @@ la_symbind32 (Elf32_Sym *sym, unsigned int ndx, } } - abort (); + if (symname[0] != '\0') + abort (); + return sym->st_value; } diff --git a/elf/tst-auditmod25.c b/elf/tst-auditmod25.c index 526f5c54bc..20640a8daf 100644 --- a/elf/tst-auditmod25.c +++ b/elf/tst-auditmod25.c @@ -72,7 +72,7 @@ la_symbind32 (Elf32_Sym *sym, unsigned int ndx, unsigned int *flags, const char *symname) #endif { - if (*refcook != -1 && *defcook != -1) + if (*refcook != -1 && *defcook != -1 && symname[0] != '\0') fprintf (stderr, "la_symbind: %s %u\n", symname, *flags & (LA_SYMB_NOPLTENTER | LA_SYMB_NOPLTEXIT) ? 1 : 0); return sym->st_value; diff --git a/sysdeps/hppa/dl-lookupcfg.h b/sysdeps/hppa/dl-lookupcfg.h index 8da2412fea..535177df66 100644 --- a/sysdeps/hppa/dl-lookupcfg.h +++ b/sysdeps/hppa/dl-lookupcfg.h @@ -79,7 +79,9 @@ void attribute_hidden _dl_unmap (struct link_map *map); /* Extract the code address from a fixup value */ #define DL_FIXUP_VALUE_CODE_ADDR(value) ((value).ip) #define DL_FIXUP_VALUE_ADDR(value) ((uintptr_t) &(value)) -#define DL_FIXUP_ADDR_VALUE(addr) (*(struct fdesc *) (addr)) +/* Clear the plabel bit to get the actual address of the descriptor. */ +#define DL_FIXUP_ADDR_VALUE(addr) \ + (*(DL_FIXUP_VALUE_TYPE *) ((unsigned int) (addr) & ~2)) #define DL_FIXUP_BINDNOW_ADDR_VALUE(addr) (addr) -#define DL_FIXUP_BINDNOW_RELOC(value, new_value, st_value) \ - (*value) = *(struct fdesc *) (st_value) +#define DL_FIXUP_BINDNOW_RELOC(value, new_value, st_value) \ + *(value) = *(DL_FIXUP_VALUE_TYPE *) ((unsigned int) (new_value) & ~2);