[v2,2/3] Linux: Implement a useful version of _startup_fatal

  On i386 and ia64, the TCB is not available at this point.
---
v2: Add ia64 override.  On i386, use non-TCB version for non-PIE static, too.
 sysdeps/unix/sysv/linux/i386/startup.h | 21 ++------------
 sysdeps/unix/sysv/linux/ia64/startup.h | 22 +++++++++++++++
 sysdeps/unix/sysv/linux/startup.h      | 38 ++++++++++++++++++++++++++
 3 files changed, 63 insertions(+), 18 deletions(-)
 create mode 100644 sysdeps/unix/sysv/linux/ia64/startup.h
 create mode 100644 sysdeps/unix/sysv/linux/startup.h
  

On 04/05/2022 13:48, Florian Weimer wrote:
> diff --git a/sysdeps/unix/sysv/linux/startup.h b/sysdeps/unix/sysv/linux/startup.h
> new file mode 100644
> index 0000000000..a5de941759
> --- /dev/null
> +++ b/sysdeps/unix/sysv/linux/startup.h
> @@ -0,0 +1,38 @@
> +/* Linux definitions of functions used by static libc main startup.
> +   Copyright (C) 2017-2022 Free Software Foundation, Inc.
> +   This file is part of the GNU C Library.
> +
> +   The GNU C Library is free software; you can redistribute it and/or
> +   modify it under the terms of the GNU Lesser General Public
> +   License as published by the Free Software Foundation; either
> +   version 2.1 of the License, or (at your option) any later version.
> +
> +   The GNU C Library is distributed in the hope that it will be useful,
> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +   Lesser General Public License for more details.
> +
> +   You should have received a copy of the GNU Lesser General Public
> +   License along with the GNU C Library; if not, see
> +   <https://www.gnu.org/licenses/>.  */
> +
> +#ifdef SHARED
> +# include_next <startup.h>
> +#else
> +# include <sysdep.h>
> +
> +/* Avoid a run-time invocation of strlen.  */
> +#define _startup_fatal(message)                                         \
> +  do                                                                    \
> +    {                                                                   \
> +      size_t message_length = __builtin_strlen (message);               \

Shoudn't we use double underscore name to avoid clash with local variables?

> +      if (! __builtin_constant_p (message_length))                      \
> +        {                                                               \
> +          extern void _startup_fatal_not_constant (void);               \
> +          _startup_fatal_not_constant ();                               \
> +        }                                                               \
> +      INTERNAL_SYSCALL_CALL (write, STDERR_FILENO, message, message_length); \
> +      INTERNAL_SYSCALL_CALL (exit_group, 127);                          \
> +    }                                                                   \
> +  while (0)
> +#endif  /* !SHARED */
  

* Adhemerval Zanella:

> On 04/05/2022 13:48, Florian Weimer wrote:
>> diff --git a/sysdeps/unix/sysv/linux/startup.h b/sysdeps/unix/sysv/linux/startup.h
>> new file mode 100644
>> index 0000000000..a5de941759
>> --- /dev/null
>> +++ b/sysdeps/unix/sysv/linux/startup.h
>> @@ -0,0 +1,38 @@
>> +/* Linux definitions of functions used by static libc main startup.
>> +   Copyright (C) 2017-2022 Free Software Foundation, Inc.
>> +   This file is part of the GNU C Library.
>> +
>> +   The GNU C Library is free software; you can redistribute it and/or
>> +   modify it under the terms of the GNU Lesser General Public
>> +   License as published by the Free Software Foundation; either
>> +   version 2.1 of the License, or (at your option) any later version.
>> +
>> +   The GNU C Library is distributed in the hope that it will be useful,
>> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
>> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
>> +   Lesser General Public License for more details.
>> +
>> +   You should have received a copy of the GNU Lesser General Public
>> +   License along with the GNU C Library; if not, see
>> +   <https://www.gnu.org/licenses/>.  */
>> +
>> +#ifdef SHARED
>> +# include_next <startup.h>
>> +#else
>> +# include <sysdep.h>
>> +
>> +/* Avoid a run-time invocation of strlen.  */
>> +#define _startup_fatal(message)                                         \
>> +  do                                                                    \
>> +    {                                                                   \
>> +      size_t message_length = __builtin_strlen (message);               \
>
> Shoudn't we use double underscore name to avoid clash with local
> variables?

I think it's a problem only if message expands to something that uses
message_length, which is as likely as __message_length.  message can't
be a complex expression anyway because we don't want to call strlen at
this point.

Thanks,
Florian
  

* Florian Weimer:

> * Adhemerval Zanella:
>
>> On 04/05/2022 13:48, Florian Weimer wrote:
>>> diff --git a/sysdeps/unix/sysv/linux/startup.h b/sysdeps/unix/sysv/linux/startup.h
>>> new file mode 100644
>>> index 0000000000..a5de941759
>>> --- /dev/null
>>> +++ b/sysdeps/unix/sysv/linux/startup.h
>>> @@ -0,0 +1,38 @@
>>> +/* Linux definitions of functions used by static libc main startup.
>>> +   Copyright (C) 2017-2022 Free Software Foundation, Inc.
>>> +   This file is part of the GNU C Library.
>>> +
>>> +   The GNU C Library is free software; you can redistribute it and/or
>>> +   modify it under the terms of the GNU Lesser General Public
>>> +   License as published by the Free Software Foundation; either
>>> +   version 2.1 of the License, or (at your option) any later version.
>>> +
>>> +   The GNU C Library is distributed in the hope that it will be useful,
>>> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
>>> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
>>> +   Lesser General Public License for more details.
>>> +
>>> +   You should have received a copy of the GNU Lesser General Public
>>> +   License along with the GNU C Library; if not, see
>>> +   <https://www.gnu.org/licenses/>.  */
>>> +
>>> +#ifdef SHARED
>>> +# include_next <startup.h>
>>> +#else
>>> +# include <sysdep.h>
>>> +
>>> +/* Avoid a run-time invocation of strlen.  */
>>> +#define _startup_fatal(message)                                         \
>>> +  do                                                                    \
>>> +    {                                                                   \
>>> +      size_t message_length = __builtin_strlen (message);               \
>>
>> Shoudn't we use double underscore name to avoid clash with local
>> variables?
>
> I think it's a problem only if message expands to something that uses
> message_length, which is as likely as __message_length.  message can't
> be a complex expression anyway because we don't want to call strlen at
> this point.

Never mind, I'm making the change.

Thanks,
Florian
  

On Wed, May 4, 2022 at 9:48 AM Florian Weimer <fweimer@redhat.com> wrote:
>
> On i386 and ia64, the TCB is not available at this point.
> ---
> v2: Add ia64 override.  On i386, use non-TCB version for non-PIE static, too.
>  sysdeps/unix/sysv/linux/i386/startup.h | 21 ++------------
>  sysdeps/unix/sysv/linux/ia64/startup.h | 22 +++++++++++++++
>  sysdeps/unix/sysv/linux/startup.h      | 38 ++++++++++++++++++++++++++
>  3 files changed, 63 insertions(+), 18 deletions(-)
>  create mode 100644 sysdeps/unix/sysv/linux/ia64/startup.h
>  create mode 100644 sysdeps/unix/sysv/linux/startup.h
>
> diff --git a/sysdeps/unix/sysv/linux/i386/startup.h b/sysdeps/unix/sysv/linux/i386/startup.h
> index 67c9310f3a..85534d09f1 100644
> --- a/sysdeps/unix/sysv/linux/i386/startup.h
> +++ b/sysdeps/unix/sysv/linux/i386/startup.h
> @@ -16,22 +16,7 @@
>     License along with the GNU C Library; if not, see
>     <https://www.gnu.org/licenses/>.  */
>
> -#if BUILD_PIE_DEFAULT
> -/* Can't use "call *%gs:SYSINFO_OFFSET" during statup in static PIE.  */
> -# define I386_USE_SYSENTER 0
> +/* Can't use "call *%gs:SYSINFO_OFFSET" during statup.  */
> +#define I386_USE_SYSENTER 0
>
> -# include <sysdep.h>
> -# include <abort-instr.h>
> -
> -__attribute__ ((__noreturn__))
> -static inline void
> -_startup_fatal (const char *message __attribute__ ((unused)))
> -{
> -  /* This is only called very early during startup in static PIE.
> -     FIXME: How can it be improved?  */
> -  ABORT_INSTRUCTION;
> -  __builtin_unreachable ();
> -}
> -#else
> -# include_next <startup.h>
> -#endif
> +#include_next <startup.h>
> diff --git a/sysdeps/unix/sysv/linux/ia64/startup.h b/sysdeps/unix/sysv/linux/ia64/startup.h
> new file mode 100644
> index 0000000000..68fcd9fea0
> --- /dev/null
> +++ b/sysdeps/unix/sysv/linux/ia64/startup.h
> @@ -0,0 +1,22 @@
> +/* Linux/ia64 definitions of functions used by static libc main startup.
> +   Copyright (C) 2017-2022 Free Software Foundation, Inc.

Just 2022.

> +   This file is part of the GNU C Library.
> +
> +   The GNU C Library is free software; you can redistribute it and/or
> +   modify it under the terms of the GNU Lesser General Public
> +   License as published by the Free Software Foundation; either
> +   version 2.1 of the License, or (at your option) any later version.
> +
> +   The GNU C Library is distributed in the hope that it will be useful,
> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +   Lesser General Public License for more details.
> +
> +   You should have received a copy of the GNU Lesser General Public
> +   License along with the GNU C Library; if not, see
> +   <https://www.gnu.org/licenses/>.  */
> +
> +/* This code is used before the TCB is set up.  */
> +#define IA64_USE_NEW_STUB 0
> +
> +#include_next <startup.h>
> diff --git a/sysdeps/unix/sysv/linux/startup.h b/sysdeps/unix/sysv/linux/startup.h
> new file mode 100644
> index 0000000000..a5de941759
> --- /dev/null
> +++ b/sysdeps/unix/sysv/linux/startup.h
> @@ -0,0 +1,38 @@
> +/* Linux definitions of functions used by static libc main startup.
> +   Copyright (C) 2017-2022 Free Software Foundation, Inc.

Just 2022.

> +   This file is part of the GNU C Library.
> +
> +   The GNU C Library is free software; you can redistribute it and/or
> +   modify it under the terms of the GNU Lesser General Public
> +   License as published by the Free Software Foundation; either
> +   version 2.1 of the License, or (at your option) any later version.
> +
> +   The GNU C Library is distributed in the hope that it will be useful,
> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +   Lesser General Public License for more details.
> +
> +   You should have received a copy of the GNU Lesser General Public
> +   License along with the GNU C Library; if not, see
> +   <https://www.gnu.org/licenses/>.  */
> +
> +#ifdef SHARED

Will SHARED ever be defined?

> +# include_next <startup.h>
> +#else
> +# include <sysdep.h>
> +
> +/* Avoid a run-time invocation of strlen.  */
> +#define _startup_fatal(message)                                         \
> +  do                                                                    \
> +    {                                                                   \
> +      size_t message_length = __builtin_strlen (message);               \
> +      if (! __builtin_constant_p (message_length))                      \
> +        {                                                               \
> +          extern void _startup_fatal_not_constant (void);               \
> +          _startup_fatal_not_constant ();                               \
> +        }                                                               \
> +      INTERNAL_SYSCALL_CALL (write, STDERR_FILENO, message, message_length); \
> +      INTERNAL_SYSCALL_CALL (exit_group, 127);                          \
> +    }                                                                   \
> +  while (0)
> +#endif  /* !SHARED */
> --
> 2.35.1
>
>
  

* H. J. Lu:

>> diff --git a/sysdeps/unix/sysv/linux/ia64/startup.h b/sysdeps/unix/sysv/linux/ia64/startup.h
>> new file mode 100644
>> index 0000000000..68fcd9fea0
>> --- /dev/null
>> +++ b/sysdeps/unix/sysv/linux/ia64/startup.h
>> @@ -0,0 +1,22 @@
>> +/* Linux/ia64 definitions of functions used by static libc main startup.
>> +   Copyright (C) 2017-2022 Free Software Foundation, Inc.
>
> Just 2022.

The file started out as a copy, but it's a borderline case.  I'm going
to make the change.

>> +   This file is part of the GNU C Library.
>> +
>> +   The GNU C Library is free software; you can redistribute it and/or
>> +   modify it under the terms of the GNU Lesser General Public
>> +   License as published by the Free Software Foundation; either
>> +   version 2.1 of the License, or (at your option) any later version.
>> +
>> +   The GNU C Library is distributed in the hope that it will be useful,
>> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
>> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
>> +   Lesser General Public License for more details.
>> +
>> +   You should have received a copy of the GNU Lesser General Public
>> +   License along with the GNU C Library; if not, see
>> +   <https://www.gnu.org/licenses/>.  */
>> +
>> +#ifdef SHARED
>
> Will SHARED ever be defined?

I believe so, see elf/dl-tunables.c.

Thanks,
Florian
  

Hi Florian,

On 5/4/22 20:34, H.J. Lu via Libc-alpha wrote:
> On Wed, May 4, 2022 at 9:48 AM Florian Weimer <fweimer@redhat.com> wrote:
>>
>> On i386 and ia64, the TCB is not available at this point.
>> ---
>> v2: Add ia64 override.  On i386, use non-TCB version for non-PIE static, too.
>>   sysdeps/unix/sysv/linux/i386/startup.h | 21 ++------------
>>   sysdeps/unix/sysv/linux/ia64/startup.h | 22 +++++++++++++++
>>   sysdeps/unix/sysv/linux/startup.h      | 38 ++++++++++++++++++++++++++
>>   3 files changed, 63 insertions(+), 18 deletions(-)
>>   create mode 100644 sysdeps/unix/sysv/linux/ia64/startup.h
>>   create mode 100644 sysdeps/unix/sysv/linux/startup.h
>>
>> diff --git a/sysdeps/unix/sysv/linux/i386/startup.h b/sysdeps/unix/sysv/linux/i386/startup.h
>> index 67c9310f3a..85534d09f1 100644
>> --- a/sysdeps/unix/sysv/linux/i386/startup.h
>> +++ b/sysdeps/unix/sysv/linux/i386/startup.h
>> @@ -16,22 +16,7 @@
>>      License along with the GNU C Library; if not, see
>>      <https://www.gnu.org/licenses/>.  */
>>
>> -#if BUILD_PIE_DEFAULT
>> -/* Can't use "call *%gs:SYSINFO_OFFSET" during statup in static PIE.  */
>> -# define I386_USE_SYSENTER 0
>> +/* Can't use "call *%gs:SYSINFO_OFFSET" during statup.  */

Typo?

s/statup/startup/

Cheers,

Alex
  

* Alejandro Colomar:

> Hi Florian,
>
> On 5/4/22 20:34, H.J. Lu via Libc-alpha wrote:
>> On Wed, May 4, 2022 at 9:48 AM Florian Weimer <fweimer@redhat.com> wrote:
>>>
>>> On i386 and ia64, the TCB is not available at this point.
>>> ---
>>> v2: Add ia64 override.  On i386, use non-TCB version for non-PIE static, too.
>>>   sysdeps/unix/sysv/linux/i386/startup.h | 21 ++------------
>>>   sysdeps/unix/sysv/linux/ia64/startup.h | 22 +++++++++++++++
>>>   sysdeps/unix/sysv/linux/startup.h      | 38 ++++++++++++++++++++++++++
>>>   3 files changed, 63 insertions(+), 18 deletions(-)
>>>   create mode 100644 sysdeps/unix/sysv/linux/ia64/startup.h
>>>   create mode 100644 sysdeps/unix/sysv/linux/startup.h
>>>
>>> diff --git a/sysdeps/unix/sysv/linux/i386/startup.h b/sysdeps/unix/sysv/linux/i386/startup.h
>>> index 67c9310f3a..85534d09f1 100644
>>> --- a/sysdeps/unix/sysv/linux/i386/startup.h
>>> +++ b/sysdeps/unix/sysv/linux/i386/startup.h
>>> @@ -16,22 +16,7 @@
>>>      License along with the GNU C Library; if not, see
>>>      <https://www.gnu.org/licenses/>.  */
>>>
>>> -#if BUILD_PIE_DEFAULT
>>> -/* Can't use "call *%gs:SYSINFO_OFFSET" during statup in static PIE.  */
>>> -# define I386_USE_SYSENTER 0
>>> +/* Can't use "call *%gs:SYSINFO_OFFSET" during statup.  */
>
> Typo?
>
> s/statup/startup/

I've fixed this in the two files I changed.

Thanks,
Florian