From patchwork Thu Jan 11 15:58:49 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "H.J. Lu" <hjl.tools@gmail.com>
X-Patchwork-Id: 83907
Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 28DA2385E445
	for <patchwork@sourceware.org>; Thu, 11 Jan 2024 15:59:19 +0000 (GMT)
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pf1-x42a.google.com (mail-pf1-x42a.google.com
 [IPv6:2607:f8b0:4864:20::42a])
 by sourceware.org (Postfix) with ESMTPS id 232E6385800D
 for <libc-alpha@sourceware.org>; Thu, 11 Jan 2024 15:58:52 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 232E6385800D
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 232E6385800D
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::42a
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1704988734; cv=none;
 b=hmJpzWTvPA/tbMgPMRNSD0B/np+aHVajHXB2ijyQEV8SspKfTnU1F+WBlzFDZJsafPTfZ4r7n0WWCgCGA4mJt3R4leQhVW3gkm5rengidIzg4kLPOtOBd3tKw/80hyR3AgSukKmBqjNdj9DohFxiS9IpBbpYHBoRBNqD55T8T6s=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1704988734; c=relaxed/simple;
 bh=erluzpRlIz/Q7bLLxgljIZw4i6sCWydEjSzdA+W8QSw=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=XnDLLNocXj41GeWDsjDT5NsbpUyaAq2T0XbqBmD2ju/lxTxkBeokjlE1GMXToYEWIILS+ya+H9DiDTlxe44IDOLSxD4YYal2INs0eYrUQTK5VI4sppQfNqyh+Usg48UykAVYsS63PuvzYGLX6OIeiX6ausrHO39MOby7bzRtUPw=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pf1-x42a.google.com with SMTP id
 d2e1a72fcca58-6daf9d5f111so4062123b3a.0
 for <libc-alpha@sourceware.org>; Thu, 11 Jan 2024 07:58:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1704988731; x=1705593531; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=6fZiATxpUmjQMgEj01PoZLyBfAy4R41LJTi3V56YXh0=;
 b=byvFjKWFtu1rjSqYK6whNIaan764Z1esn4PmG4aFGSJprm2NdRMpqUUQ114uiG4Br9
 bGEtk+xnf9mehlX77ficDksjgHPMFFaWMb/dUSvjqcWN+/W7OiLPN+tB2oJMEGbng/4k
 bh68vR18JmCywg7MzCyS/GelPhlPZO0TimT1gQymRR3FJjcKrMK14qV8b7NsLBDZsd5P
 ca60NtoyiYoSN5c78Ih9yvzsDHLZnMekJAqka1+b7anjNIcUnjtG0WgfI/u2gpReH+d7
 r5FYWt2K8f9NGj0kGCJBqFa+So0/zXrxQOkOx547GFUPf4DG+3005AYBNWVro+XQ4jks
 xlTA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1704988731; x=1705593531;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=6fZiATxpUmjQMgEj01PoZLyBfAy4R41LJTi3V56YXh0=;
 b=OnR8MMTaj8TN4sw5EQabmyEnHaR5WoCy2G+Rn8hnseiUxx4w54O9WRqhfaM+G8hEuR
 ZgZyVn1ZTCD5SDqvi8gMfnRKGrsXIbzpB0NTE0qCbjFr9/Qxb4bh9VRaSUsJm0SRvoT/
 pshIZ/cR38v0u0fFMYGG0l+0JIn0bnMbl22PZEKHQtqddZq2I1j7XqGcaAqETqUbKLGw
 mbrVYn2ovpDa4/XruD4AuVbeYFIILC7Gzg7bAW9b95HHsMweS+DuSeSr1fMX3r0lPt5a
 v51EdZdd1P9cr6BirLOKhLg0xvNWNm1MHQyV0UxLvwUBeu1d8snOZu8XDH7isx03U/iZ
 Kuog==
X-Gm-Message-State: AOJu0Ywx5rrgS/Y8BbDslNfryNpXgSFVa6x4iv/LudZ6qrzfn22v3grk
 4MDdMhkJiC6yFOJpK0YdIyBl2O6zv6Y=
X-Google-Smtp-Source: 
 AGHT+IHLPsSyeXz5upuMO2Oh9tPc8zvLgpDqqxiaDpzhLngb0DrZKn69yxnWytjVzESZh6T9FrnVZQ==
X-Received: by 2002:aa7:88c7:0:b0:6da:e557:8132 with SMTP id
 k7-20020aa788c7000000b006dae5578132mr1541640pff.14.1704988730989;
 Thu, 11 Jan 2024 07:58:50 -0800 (PST)
Received: from gnu-cfl-3.localdomain ([172.56.168.9])
 by smtp.gmail.com with ESMTPSA id
 bs192-20020a6328c9000000b005c6e8fa9f24sm1356769pgb.49.2024.01.11.07.58.50
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 11 Jan 2024 07:58:50 -0800 (PST)
Received: from gnu-cfl-3.. (localhost [IPv6:::1])
 by gnu-cfl-3.localdomain (Postfix) with ESMTP id 6E478740139;
 Thu, 11 Jan 2024 07:58:49 -0800 (PST)
From: "H.J. Lu" <hjl.tools@gmail.com>
To: libc-alpha@sourceware.org
Cc: goldstein.w.n@gmail.com
Subject: [PATCH] x86-64: Check if mprotect works before rewriting PLT
Date: Thu, 11 Jan 2024 07:58:49 -0800
Message-ID: <20240111155849.8976-1-hjl.tools@gmail.com>
X-Mailer: git-send-email 2.43.0
MIME-Version: 1.0
X-Spam-Status: No, score=-3024.4 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0,
 KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org

Systemd execution environment configuration may prohibit changing a memory
mapping to become executable:

MemoryDenyWriteExecute=
Takes a boolean argument. If set, attempts to create memory mappings
that are writable and executable at the same time, or to change existing
memory mappings to become executable, or mapping shared memory segments
as executable, are prohibited.

When it is set, systemd service stops working if PLT rewrite is enabled.
Check if mprotect works before rewriting PLT.  This fixes BZ #31230.
---
 .../unix/sysv/linux/x86_64/dl-plt-rewrite.h   | 43 +++++++++++++++++++
 sysdeps/x86/cpu-features.c                    |  4 +-
 sysdeps/x86_64/dl-plt-rewrite.h               | 25 +++++++++++
 3 files changed, 71 insertions(+), 1 deletion(-)
 create mode 100644 sysdeps/unix/sysv/linux/x86_64/dl-plt-rewrite.h
 create mode 100644 sysdeps/x86_64/dl-plt-rewrite.h

diff --git a/sysdeps/unix/sysv/linux/x86_64/dl-plt-rewrite.h b/sysdeps/unix/sysv/linux/x86_64/dl-plt-rewrite.h
new file mode 100644
index 0000000000..6401b7b2f2
--- /dev/null
+++ b/sysdeps/unix/sysv/linux/x86_64/dl-plt-rewrite.h
@@ -0,0 +1,43 @@
+/* PLT rewrite help function.  Linux/x86-64 version.
+   Copyright (C) 2024 Free Software Foundation, Inc.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <stdbool.h>
+#include <sys/mman.h>
+
+static __always_inline bool
+dl_plt_rewrite_supported (void)
+{
+  /* PLT rewrite is enabled.  Check if mprotect works.  */
+  void *plt = (void *) INTERNAL_SYSCALL_CALL (mmap, NULL, 4096,
+					      PROT_READ | PROT_WRITE,
+					      MAP_PRIVATE | MAP_ANONYMOUS,
+					      -1, 0);
+  if (__glibc_unlikely (plt == MAP_FAILED))
+    return false;
+
+  /* Touch the PROT_READ | PROT_WRITE page.  */
+  *(int32_t *) plt = 1;
+
+  /* If the updated PROT_READ | PROT_WRITE page can be changed to
+     PROT_EXEC | PROT_READ, rewrite PLT.  */
+  bool status = (INTERNAL_SYSCALL_CALL (mprotect, plt, 4096,
+					PROT_EXEC | PROT_READ) == 0);
+
+  INTERNAL_SYSCALL_CALL (munmap, plt, 4096);
+
+  return status;
+}
diff --git a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c
index 46bdaffbc2..6aaa750e20 100644
--- a/sysdeps/x86/cpu-features.c
+++ b/sysdeps/x86/cpu-features.c
@@ -28,10 +28,12 @@ extern void TUNABLE_CALLBACK (set_hwcaps) (tunable_val_t *)
   attribute_hidden;
 
 #if defined SHARED && defined __x86_64__
+# include <dl-plt-rewrite.h>
+
 static void
 TUNABLE_CALLBACK (set_plt_rewrite) (tunable_val_t *valp)
 {
-  if (valp->numval != 0)
+  if (valp->numval != 0 && dl_plt_rewrite_supported ())
     {
       /* Use JMPABS only on APX processors.  */
       const struct cpu_features *cpu_features = __get_cpu_features ();
diff --git a/sysdeps/x86_64/dl-plt-rewrite.h b/sysdeps/x86_64/dl-plt-rewrite.h
new file mode 100644
index 0000000000..7eaae8f457
--- /dev/null
+++ b/sysdeps/x86_64/dl-plt-rewrite.h
@@ -0,0 +1,25 @@
+/* PLT rewrite help function.  x86-64 version.
+   Copyright (C) 2024 Free Software Foundation, Inc.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <stdbool.h>
+#include <sys/mman.h>
+
+static __always_inline bool
+dl_plt_rewrite_supported (void)
+{
+  return true;
+}