Commit Graph

3019 Commits

Author SHA1 Message Date
Stefan Liebler
d2f6ceaccb elf/rtld: Fix auxiliary vector for enable_secure
Starting with commit
59974938fe
elf/rtld: Count skipped environment variables for enable_secure

The new testcase elf/tst-tunables-enable_secure-env segfaults on s390 (31bit).
There _start parses the auxiliary vector for some additional checks.

Therefore it skips over the zeros after the environment variables ...
0x7fffac20:     0x7fffbd17      0x7fffbd32      0x7fffbd69      0x00000000
------------------------------------------------^^^last environment variable

... and then it parses the auxiliary vector and stops at AT_NULL.
0x7fffac30:     0x00000000      0x00000021      0x00000000      0x00000000
--------------------------------^^^AT_SYSINFO_EHDR--------------^^^AT_NULL
----------------^^^newp-----------------------------------------^^^oldp
Afterwards it tries to access AT_PHDR which points to somewhere and segfaults.

Due to not incorporating the skip_env variable in the computation of oldp
when shuffling down the auxv in rtld.c, it just copies one entry with AT_NULL
and value 0x00000021 and stops the loop.  In reality we have skipped
GLIBC_TUNABLES environment variable (=> skip_env=1). Thus we should copy from
here:
0x7fffac40:     0x00000021      0x7ffff000      0x00000010      0x007fffff
----------------^^^fixed-oldp

This patch fixes the computation of oldp when shuffling down auxiliary vector.
It also adds some checks in the testcase.  Those checks also fail on
s390x (64bit) and x86_64 without the fix.

Co-authored-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-07-03 13:01:44 +02:00
Florian Weimer
018f0fc3b8 elf: Support recursive use of dynamic TLS in interposed malloc
It turns out that quite a few applications use bundled mallocs that
have been built to use global-dynamic TLS (instead of the recommended
initial-exec TLS).  The previous workaround from
commit afe42e935b ("elf: Avoid some
free (NULL) calls in _dl_update_slotinfo") does not fix all
encountered cases unfortunatelly.

This change avoids the TLS generation update for recursive use
of TLS from a malloc that was called during a TLS update.  This
is possible because an interposed malloc has a fixed module ID and
TLS slot.  (It cannot be unloaded.)  If an initially-loaded module ID
is encountered in __tls_get_addr and the dynamic linker is already
in the middle of a TLS update, use the outdated DTV, thus avoiding
another call into malloc.  It's still necessary to update the
DTV to the most recent generation, to get out of the slow path,
which is why the check for recursion is needed.

The bookkeeping is done using a global counter instead of per-thread
flag because TLS access in the dynamic linker is tricky.

All this will go away once the dynamic linker stops using malloc
for TLS, likely as part of a change that pre-allocates all TLS
during pthread_create/dlopen.

Fixes commit d2123d6827 ("elf: Fix slow
tls access after dlopen [BZ #19924]").

Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2024-07-01 19:02:11 +02:00
Carlos O'Donell
a7fe3e805d
Fix conditionals on mtrace-based tests (bug 31892)
The conditionals for several mtrace-based tests in catgets, elf, libio,
malloc, misc, nptl, posix, and stdio-common were incorrect leading to
test failures when bootstrapping glibc without perl.

The correct conditional for mtrace-based tests requires three checks:
first checking for run-built-tests, then build-shared, and lastly that
PERL is not equal to "no" (missing perl).
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-07-01 17:20:30 +02:00
Stefan Liebler
e260ceb4aa elf: Remove HWCAP_IMPORTANT
Remove the definitions of HWCAP_IMPORTANT after removal of
LD_HWCAP_MASK / tunable glibc.cpu.hwcap_mask.  There HWCAP_IMPORTANT
was used as default value.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-06-18 10:45:36 +02:00
Stefan Liebler
ad0aa1f549 elf: Remove LD_HWCAP_MASK / tunable glibc.cpu.hwcap_mask
Remove the environment variable LD_HWCAP_MASK and the tunable
glibc.cpu.hwcap_mask as those are not used anymore in common-code
after removal in elf/dl-cache.c:search_cache().

The only remaining user is sparc32 where it is used in
elf_machine_matches_host().  If sparc32 does not need it anymore,
we can get rid of it at all.  Otherwise we could also move
LD_HWCAP_MASK / tunable glibc.cpu.hwcap_mask to be sparc32 specific.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-06-18 10:45:36 +02:00
Stefan Liebler
8faada8302 elf: Remove _dl_string_platform
Despite of powerpc where the returned integer is stored in tcb,
and the diagnostics output, there is no user anymore.

Thus this patch removes the diagnostics output and
_dl_string_platform for all other platforms.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-06-18 10:45:36 +02:00
Stefan Liebler
c5aa5fd40a elf: Remove loading legacy hwcaps/platform entries in dynamic loader
The legacy hwcaps mechanism was removed with glibc 2.37:
See this commit series:
- d178c67535
x86_64: Remove platform directory library loading test
- 6099908fb8
elf: Remove legacy hwcaps support from the dynamic loader
- b78ff5a25d
elf: Remove legacy hwcaps support from ldconfig
- 4a7094119c
elf: Remove hwcap parameter from add_to_cache signature
- cfbf883db3
elf: Remove hwcap and bits_hwcap fields from struct cache_entry
- 78d9a1620b
Add NEWS entry for legacy hwcaps removal
- ab40f20364
elf: Remove _dl_string_hwcap
- e76369ed63
elf: Simplify output of hwcap subdirectories in ld.so help

According to Florian Weimer, this was an oversight and should also
have been removed.

As ldconfig does not generate ld.so.cache entries with hwcap/platform
bits in the hwcap-field anymore, this patch now skips those entries.
Thus currently only named-hwcap-entries and the default entries are
allowed.
For named-hwcap entries bit 62 is set and also the isa-level bits can
be set.
For the default entries the hwcap-field is 0.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-06-18 10:45:36 +02:00
H.J. Lu
0b7f7842f8 elf: Change module-names to modules-names in comments
module-names should be modules-names.

Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
2024-06-14 13:29:21 -07:00
Adhemerval Zanella
7edd3814b0 linux: Remove __stack_prot
The __stack_prot is used by Linux to make the stack executable if
a modules requires it.  It is also marked as RELRO, which requires
to change the segment permission to RW to update it.

Also, there is no need to keep track of the flags: either the stack
will have the default permission of the ABI or should be change to
PROT_READ | PROT_WRITE | PROT_EXEC.  The only additional flag,
PROT_GROWSDOWN or PROT_GROWSUP, is Linux only and can be deducted
from _STACK_GROWS_DOWN/_STACK_GROWS_UP.

Also, the check_consistency function was already removed some time
ago.

Checked on x86_64-linux-gnu and i686-linux-gnu.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-06-12 15:25:54 -03:00
Joseph Myers
9063b32b3c Add more NT_ARM_* constants from Linux kernel to elf.h
Linux 6.9 adds the ELF note type NT_ARM_FPMR.  Add this to glibc's
elf.h, along with the previously missed NT_ARM_SSVE, NT_ARM_ZA and
NT_ARM_ZT (added in older kernel versions).

Tested for x86_64.
2024-06-04 12:24:37 +00:00
Florian Weimer
afe42e935b elf: Avoid some free (NULL) calls in _dl_update_slotinfo
This has been confirmed to work around some interposed mallocs.  Here
is a discussion of the impact test ust/libc-wrapper/test_libc-wrapper
in lttng-tools:

  New TLS usage in libgcc_s.so.1, compatibility impact
  <https://inbox.sourceware.org/libc-alpha/8734v1ieke.fsf@oldenburg.str.redhat.com/>

Reportedly, this patch also papers over a similar issue when tcmalloc
2.9.1 is not compiled with -ftls-model=initial-exec.  Of course the
goal really should be to compile mallocs with the initial-exec TLS
model, but this commit appears to be a useful interim workaround.

Fixes commit d2123d6827 ("elf: Fix slow
tls access after dlopen [BZ #19924]").

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-06-03 19:02:19 +02:00
Luca Boccassi
53f9d74322 elf: add note identifier for dlopen metadata
This new note type is defined at https://systemd.io/ELF_DLOPEN_METADATA/
and is used to list shared library dependencies loaded via dlopen().
Distro packagers can use this, via tools like those available at
https://github.com/systemd/package-notes to automatically generate
dependencies when building projects that make use of this
specification.

By defining the note id here we can use it in other projects as a
stable identifier, for example in 'readelf' to pretty-print its
content.

Signed-off-by: Luca Boccassi <bluca@debian.org>
Reviewed-by: Arjun Shankar <arjun@redhat.com>
2024-05-30 12:24:23 +02:00
Luca Boccassi
52aae08600 elf: update NT_FDO_PACKAGING_METADATA spec URL
Page was renamed some time ago, there's a redirect but better
to point to the right one

Signed-off-by: Luca Boccassi <bluca@debian.org>
Reviewed-by: Arjun Shankar <arjun@redhat.com>
2024-05-30 12:24:16 +02:00
H.J. Lu
ab46c6ba6c elf/Makefile: Split and sort PIE tests
Put each item on a separate line and sort PIE tests.

Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
2024-05-25 14:53:30 -07:00
H.J. Lu
d97842653f Obsolete _dl_mcount_wrapper in glibc 2.40 [BZ #31765]
There is no _dl_mcount_wrapper prototype in any installed header files.
Fix BZ #31765 by changing _dl_mcount_wrapper to a compat symbol and
obsolete it in glibc 2.40.

Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sunil K Pandey <skpgkp2@gmail.com>
2024-05-21 10:11:57 -07:00
mengqinggang
1dbf2bef79 LoongArch: Add support for TLS Descriptors
This is mostly based on AArch64 and RISC-V implementation.

Add R_LARCH_TLS_DESC32 and R_LARCH_TLS_DESC64 relocations.

For _dl_tlsdesc_dynamic function slow path, temporarily save and restore
all vector registers.
2024-05-15 10:31:53 +08:00
Adhemerval Zanella
eb59c7b43d elf: Make glibc.rtld.enable_secure ignore alias environment variables
Tunable with environment variables aliases are also ignored if
glibc.rtld.enable_secure is enabled.  The tunable parsing is also
optimized a bit, where the loop that checks each environment variable
only checks for the tunables with aliases instead of all tables.

Checked on aarch64-linux-gnu and x86_64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-05-07 12:16:36 -03:00
Adhemerval Zanella
1e1ad714ee support: Add envp argument to support_capture_subprogram
So tests can specify a list of environment variables.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-05-07 12:16:36 -03:00
Adhemerval Zanella
c8a0e21da6 elf: Remove glibc.rtld.enable_secure check from parse_tunables_string
And move it to parse_tunables.  It avoids a string comparison for
each tunable.

Checked on aarch64-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-05-07 12:16:36 -03:00
Adhemerval Zanella
bcae44ea85 elf: Only process multiple tunable once (BZ 31686)
The 680c597e9c commit made loader reject ill-formatted strings by
first tracking all set tunables and then applying them. However, it does
not take into consideration if the same tunable is set multiple times,
where parse_tunables_string appends the found tunable without checking
if it was already in the list. It leads to a stack-based buffer overflow
if the tunable is specified more than the total number of tunables.  For
instance:

  GLIBC_TUNABLES=glibc.malloc.check=2:... (repeat over the number of
  total support for different tunable).

Instead, use the index of the tunable list to get the expected tunable
entry.  Since now the initial list is zero-initialized, the compiler
might emit an extra memset and this requires some minor adjustment
on some ports.

Checked on x86_64-linux-gnu and aarch64-linux-gnu.

Reported-by: Yuto Maeda <maeda@cyberdefense.jp>
Reported-by: Yutaro Shimizu <shimizu@cyberdefense.jp>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-05-07 12:16:36 -03:00
H.J. Lu
049b7684c9 elf: Also compile dl-misc.os with $(rtld-early-cflags)
Also compile dl-misc.os with $(rtld-early-cflags) to avoid

Program received signal SIGILL, Illegal instruction.
0x00007ffff7fd36ea in _dl_strtoul (nptr=nptr@entry=0x7fffffffe2c9 "2",
    endptr=endptr@entry=0x7fffffffd728) at dl-misc.c:156
156	  bool positive = true;
(gdb) bt
 #0  0x00007ffff7fd36ea in _dl_strtoul (nptr=nptr@entry=0x7fffffffe2c9 "2",
    endptr=endptr@entry=0x7fffffffd728) at dl-misc.c:156
 #1  0x00007ffff7fdb1a9 in tunable_initialize (
    cur=cur@entry=0x7ffff7ffbc00 <tunable_list+2176>,
    strval=strval@entry=0x7fffffffe2c9 "2", len=len@entry=1)
    at dl-tunables.c:131
 #2  0x00007ffff7fdb3a2 in parse_tunables (valstring=<optimized out>)
    at dl-tunables.c:258
 #3  0x00007ffff7fdb5d9 in __GI___tunables_init (envp=0x7fffffffdd58)
    at dl-tunables.c:288
 #4  0x00007ffff7fe44c3 in _dl_sysdep_start (
    start_argptr=start_argptr@entry=0x7fffffffdcb0,
    dl_main=dl_main@entry=0x7ffff7fe5f80 <dl_main>)
    at ../sysdeps/unix/sysv/linux/dl-sysdep.c:110
 #5  0x00007ffff7fe5cae in _dl_start_final (arg=0x7fffffffdcb0) at rtld.c:494
 #6  _dl_start (arg=0x7fffffffdcb0) at rtld.c:581
 #7  0x00007ffff7fe4b38 in _start ()
(gdb)

when setting GLIBC_TUNABLES in glibc compiled with APX.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-04-25 08:09:49 -07:00
Samuel Thibault
16c8dfba14 Revert "Allow glibc to be compiled without EXEC_PAGESIZE"
This reverts commit 49aa652db8.

This is still being discussed.
2024-04-22 23:00:18 +02:00
Adhemerval Zanella
25b191f6d3 elf: Do not check for loader mmap on tst-decorate-maps (BZ 31553)
On some architectures and depending on the page size, the loader can
also allocate some memory during dependencies loading and it will be
marked as 'loader malloc'.  However, if the system page size is
large enough, the initial data page will be enough for all required
allocation and there will be no extra loader mmap.  To avoid false
negatives, the test does not check for such pages.

Checked on powerpc64le-linux-gnu with 64k pagesize.
Reviewed-by: Simon Chopin <simon.chopin@canonical.com>
2024-04-22 15:39:48 -03:00
Joe Simmons-Talbott
59974938fe elf/rtld: Count skipped environment variables for enable_secure
When using the glibc.rtld.enable_secure tunable we need to keep track of
the count of environment variables we skip due to __libc_enable_secure
being set and adjust the auxv section of the stack.  This fixes an
assertion when running ld.so directly with glibc.rtld.enable_secure set.
Add a testcase that ensures the assert is not hit.

elf/rtld.c:1324   assert (auxv == sp + 1);

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-04-16 20:32:10 +00:00
Florian Weimer
aea52e3d2b Revert "x86_64: Suppress false positive valgrind error"
This reverts commit a1735e0aa8.

The test failure is a real valgrind bug that needs to be fixed before
valgrind is usable with a glibc that has been built with
CC="gcc -march=x86-64-v3".  The proposed valgrind patch teaches
valgrind to replace ld.so strcmp with an unoptimized scalar
implementation, thus avoiding any AVX2-related problems.

Valgrind bug: <https://bugs.kde.org/show_bug.cgi?id=485487>

Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-04-13 17:42:13 +02:00
Florian Weimer
ae7468a7b0 elf: Add ld.so test with non-existing program name
None of the existing tests seem to cover the case where
_dl_signal_error is called without an active error handler.
The new elf/tst-rtld-does-not-exist test triggers such a
_dl_signal_error call from _dl_map_object.

Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-04-08 19:19:09 +02:00
H.J. Lu
1cce91d8ae elf: Check objname before calling fatal_error
_dl_signal_error may be called with objname == NULL.  _dl_exception_create
checks objname == NULL.  But fatal_error doesn't.  Check objname before
calling fatal_error.  This fixes BZ #31596.
Reviewed-by: Sunil K Pandey <skpgkp2@gmail.com>
2024-04-08 09:41:02 -07:00
Florian Weimer
5653ccd847 elf: Add CPU iteration support for future use in ld.so diagnostics
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2024-04-08 16:48:55 +02:00
Sergey Bugaev
49aa652db8 Allow glibc to be compiled without EXEC_PAGESIZE
We would like to avoid statically defining any specific page size on
aarch64-gnu, and instead make sure that everything uses the dynamic
page size, available via vm_page_size and GLRO(dl_pagesize).

There are currently a few places in glibc that require EXEC_PAGESIZE
to be defined. Per Roland's suggestion [0], drop the static
GLRO(dl_pagesize) initializers (for now, only if EXEC_PAGESIZE is not
defined), and don't require EXEC_PAGESIZE definition for libio to
enable mmap usage.

[0]: https://mail.gnu.org/archive/html/bug-hurd/2011-10/msg00035.html

Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
Message-ID: <20240323173301.151066-4-bugaevc@gmail.com>
2024-03-23 22:47:26 +01:00
Manjunath Matti
3ab9b88e2a powerpc: Add HWCAP3/HWCAP4 data to TCB for Power Architecture.
This patch adds a new feature for powerpc.  In order to get faster
access to the HWCAP3/HWCAP4 masks, similar to HWCAP/HWCAP2 (i.e. for
implementing __builtin_cpu_supports() in GCC) without the overhead of
reading them from the auxiliary vector, we now reserve space for them
in the TCB.

This is an ABI change for GLIBC 2.39.

Suggested-by: Peter Bergner <bergner@linux.ibm.com>
Reviewed-by: Peter Bergner <bergner@linux.ibm.com>
2024-03-19 17:19:27 -05:00
Adhemerval Zanella
3d53d18fc7 elf: Enable TLS descriptor tests on aarch64
The aarch64 uses 'trad' for traditional tls and 'desc' for tls
descriptors, but unlike other targets it defaults to 'desc'.  The
gnutls2 configure check does not set aarch64 as an ABI that uses
TLS descriptors, which then disable somes stests.

Also rename the internal machinery fron gnu2 to tls descriptors.

Checked on aarch64-linux-gnu.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-03-19 14:53:30 -03:00
Adhemerval Zanella
64c7e34428 arm: Update _dl_tlsdesc_dynamic to preserve caller-saved registers (BZ 31372)
ARM _dl_tlsdesc_dynamic slow path has two issues:

  * The ip/r12 is defined by AAPCS as a scratch register, and gcc is
    used to save the stack pointer before on some function calls.  So it
    should also be saved/restored as well.  It fixes the tst-gnu2-tls2.

  * None of the possible VFP registers are saved/restored.  ARM has the
    additional complexity to have different VFP bank sizes (depending of
    VFP support by the chip).

The tst-gnu2-tls2 test is extended to check for VFP registers, although
only for hardfp builds.  Different than setcontext, _dl_tlsdesc_dynamic
does not have  HWCAP_ARM_IWMMXT (I don't have a way to properly test
it and it is almost a decade since newer hardware was released).

With this patch there is no need to mark tst-gnu2-tls2 as XFAIL.

Checked on arm-linux-gnueabihf.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-03-19 14:53:30 -03:00
Joe Simmons-Talbott
71648e8004 rtld: Add glibc.rtld.enable_secure tunable.
Add a tunable for setting __libc_enable_secure to 1.  Do not set
__libc_enable_secure to 0 if the tunable is set to 0.  Ignore all
tunables if glib.rtld.enable_secure is set.  One use-case for this
addition is to enable testing code paths that depend on
__libc_enable_secure being set without the need to use setxid binaries.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-02-29 19:55:58 +00:00
H.J. Lu
a1735e0aa8 x86_64: Suppress false positive valgrind error
When strcmp-avx2.S is used as the default, elf/tst-valgrind-smoke fails
with

==1272761== Conditional jump or move depends on uninitialised value(s)
==1272761==    at 0x4022C98: strcmp (strcmp-avx2.S:462)
==1272761==    by 0x400B05B: _dl_name_match_p (dl-misc.c:75)
==1272761==    by 0x40085F3: _dl_map_object (dl-load.c:1966)
==1272761==    by 0x401AEA4: map_doit (rtld.c:644)
==1272761==    by 0x4001488: _dl_catch_exception (dl-catch.c:237)
==1272761==    by 0x40015AE: _dl_catch_error (dl-catch.c:256)
==1272761==    by 0x401B38F: do_preload (rtld.c:816)
==1272761==    by 0x401C116: handle_preload_list (rtld.c:892)
==1272761==    by 0x401EDF5: dl_main (rtld.c:1842)
==1272761==    by 0x401A79E: _dl_sysdep_start (dl-sysdep.c:140)
==1272761==    by 0x401BEEE: _dl_start_final (rtld.c:494)
==1272761==    by 0x401BEEE: _dl_start (rtld.c:581)
==1272761==    by 0x401AD87: ??? (in */elf/ld.so)

The assembly codes are:

   0x0000000004022c80 <+144>:	vmovdqu 0x20(%rdi),%ymm0
   0x0000000004022c85 <+149>:	vpcmpeqb 0x20(%rsi),%ymm0,%ymm1
   0x0000000004022c8a <+154>:	vpcmpeqb %ymm0,%ymm15,%ymm2
   0x0000000004022c8e <+158>:	vpandn %ymm1,%ymm2,%ymm1
   0x0000000004022c92 <+162>:	vpmovmskb %ymm1,%ecx
   0x0000000004022c96 <+166>:	inc    %ecx
=> 0x0000000004022c98 <+168>:	jne    0x4022c32 <strcmp+66>

strcmp-avx2.S has 32-byte vector loads of strings which are shorter than
32 bytes:

(gdb) p (char *) ($rdi + 0x20)
$6 = 0x1ffeffea20 "memcheck-amd64-linux.so"
(gdb) p (char *) ($rsi + 0x20)
$7 = 0x4832640 "core-amd64-linux.so"
(gdb) call (int) strlen ((char *) ($rsi + 0x20))
$8 = 19
(gdb) call (int) strlen ((char *) ($rdi + 0x20))
$9 = 23
(gdb)

It triggers the valgrind error.  The above code is safe since the loads
don't cross the page boundary.  Update tst-valgrind-smoke.sh to accept
an optional suppression file and pass a suppression file to valgrind when
strcmp-avx2.S is the default implementation of strcmp.
Reviewed-by: Sunil K Pandey <skpgkp2@gmail.com>
2024-02-28 13:40:55 -08:00
H.J. Lu
0aac205a81 x86: Update _dl_tlsdesc_dynamic to preserve caller-saved registers
Compiler generates the following instruction sequence for GNU2 dynamic
TLS access:

	leaq	tls_var@TLSDESC(%rip), %rax
	call	*tls_var@TLSCALL(%rax)

or

	leal	tls_var@TLSDESC(%ebx), %eax
	call	*tls_var@TLSCALL(%eax)

CALL instruction is transparent to compiler which assumes all registers,
except for EFLAGS and RAX/EAX, are unchanged after CALL.  When
_dl_tlsdesc_dynamic is called, it calls __tls_get_addr on the slow
path.  __tls_get_addr is a normal function which doesn't preserve any
caller-saved registers.  _dl_tlsdesc_dynamic saved and restored integer
caller-saved registers, but didn't preserve any other caller-saved
registers.  Add _dl_tlsdesc_dynamic IFUNC functions for FNSAVE, FXSAVE,
XSAVE and XSAVEC to save and restore all caller-saved registers.  This
fixes BZ #31372.

Add GLRO(dl_x86_64_runtime_resolve) with GLRO(dl_x86_tlsdesc_dynamic)
to optimize elf_machine_runtime_setup.
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
2024-02-28 09:02:56 -08:00
Adhemerval Zanella
f4c142bb9f arm: Use _dl_find_object on __gnu_Unwind_Find_exidx (BZ 31405)
Instead of __dl_iterate_phdr. On ARM dlfo_eh_frame/dlfo_eh_count
maps to PT_ARM_EXIDX vaddr start / length.

On a Neoverse N1 machine with 160 cores, the following program:

  $ cat test.c
  #include <stdlib.h>
  #include <pthread.h>
  #include <assert.h>

  enum {
    niter = 1024,
    ntimes = 128,
  };

  static void *
  tf (void *arg)
  {
    int a = (int) arg;

    for (int i = 0; i < niter; i++)
      {
        void *p[ntimes];
        for (int j = 0; j < ntimes; j++)
  	p[j] = malloc (a * 128);
        for (int j = 0; j < ntimes; j++)
  	free (p[j]);
      }

    return NULL;
  }

  int main (int argc, char *argv[])
  {
    enum { nthreads = 16 };
    pthread_t t[nthreads];

    for (int i = 0; i < nthreads; i ++)
      assert (pthread_create (&t[i], NULL, tf, (void *) i) == 0);

    for (int i = 0; i < nthreads; i++)
      {
        void *r;
        assert (pthread_join (t[i], &r) == 0);
        assert (r == NULL);
      }

    return 0;
  }
  $ arm-linux-gnueabihf-gcc -fsanitize=address test.c -o test

Improves from ~15s to 0.5s.

Checked on arm-linux-gnueabihf.
2024-02-23 08:50:00 -03:00
Xi Ruoyao
b881f1efcd elf: Add new LoongArch reloc types (110 to 126) into elf.h
These reloc types have been added in LoongArch psABI v2.30.

Link: https://github.com/loongson/la-abi-specs/blob/v2.30/laelf.adoc#relocation-types
Signed-off-by: Xi Ruoyao <xry111@xry111.site>
2024-02-22 20:12:07 +08:00
Florian Weimer
15de3d17e1 elf: Remove attempt at env handling in elf/tst-rtld-list-diagnostics.py
Instead, let the system shell parse the whole thing and invoke the env
command.
2024-02-09 16:16:33 +01:00
Florian Weimer
7c8df0b944 elf: Remove _dl_sysdep_open_object hook function
It is currently not used by any target.
2024-02-01 08:59:02 +01:00
Andreas Schwab
9c72830eb3 elf: correct relocation statistics for !ELF_MACHINE_START_ADDRESS
Fixes: 6628c742b2 ("elf: Remove prelink support")
2024-01-29 18:27:35 +01:00
Carlos O'Donell
94aa256a47 elf: Fix tst-nodeps2 test failure.
After 78ca44da01
("elf: Relocate libc.so early during startup and dlmopen (bug 31083)")
we start seeing tst-nodeps2 failures when building the testsuite with
--enable-hard-coded-path-in-tests.

When building the testsuite with --enable-hard-coded-path-in-tests
the tst-nodeps2-mod.so is not built with the required DT_RUNPATH
values and the test escapes the test framework and loads the system
libraries and aborts. The fix is to use the existing
$(link-test-modules-rpath-link) variable to set DT_RUNPATH correctly.

No regressions on x86_64.

Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-01-10 14:08:26 -05:00
Adhemerval Zanella
460860f457 Remove ia64-linux-gnu
Linux 6.7 removed ia64 from the official tree [1], following the general
principle that a glibc port needs upstream support for the architecture
in all the components it depends on (binutils, GCC, and the Linux
kernel).

Apart from the removal of sysdeps/ia64 and sysdeps/unix/sysv/linux/ia64,
there are updates to various comments referencing ia64 for which removal
of those references seemed appropriate. The configuration is removed
from README and build-many-glibcs.py.

The CONTRIBUTED-BY, elf/elf.h, manual/contrib.texi (the porting
mention), *.po files, config.guess, and longlong.h are not changed.

For Linux it allows cleanup some clone2 support on multiple files.

The following bug can be closed as WONTFIX: BZ 22634 [2], BZ 14250 [3],
BZ 21634 [4], BZ 10163 [5], BZ 16401 [6], and BZ 11585 [7].

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43ff221426d33db909f7159fdf620c3b052e2d1c
[2] https://sourceware.org/bugzilla/show_bug.cgi?id=22634
[3] https://sourceware.org/bugzilla/show_bug.cgi?id=14250
[4] https://sourceware.org/bugzilla/show_bug.cgi?id=21634
[5] https://sourceware.org/bugzilla/show_bug.cgi?id=10163
[6] https://sourceware.org/bugzilla/show_bug.cgi?id=16401
[7] https://sourceware.org/bugzilla/show_bug.cgi?id=11585
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-08 17:09:36 -03:00
H.J. Lu
848746e88e elf: Add ELF_DYNAMIC_AFTER_RELOC to rewrite PLT
Add ELF_DYNAMIC_AFTER_RELOC to allow target specific processing after
relocation.

For x86-64, add

 #define DT_X86_64_PLT     (DT_LOPROC + 0)
 #define DT_X86_64_PLTSZ   (DT_LOPROC + 1)
 #define DT_X86_64_PLTENT  (DT_LOPROC + 3)

1. DT_X86_64_PLT: The address of the procedure linkage table.
2. DT_X86_64_PLTSZ: The total size, in bytes, of the procedure linkage
table.
3. DT_X86_64_PLTENT: The size, in bytes, of a procedure linkage table
entry.

With the r_addend field of the R_X86_64_JUMP_SLOT relocation set to the
memory offset of the indirect branch instruction.

Define ELF_DYNAMIC_AFTER_RELOC for x86-64 to rewrite the PLT section
with direct branch after relocation when the lazy binding is disabled.

PLT rewrite is disabled by default since SELinux may disallow modifying
code pages and ld.so can't detect it in all cases.  Use

$ export GLIBC_TUNABLES=glibc.cpu.plt_rewrite=1

to enable PLT rewrite with 32-bit direct jump at run-time or

$ export GLIBC_TUNABLES=glibc.cpu.plt_rewrite=2

to enable PLT rewrite with 32-bit direct jump and on APX processors with
64-bit absolute jump at run-time.

Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
2024-01-05 05:49:49 -08:00
Paul Eggert
1059defeee Update copyright dates not handled by scripts/update-copyrights
I've updated copyright dates in glibc for 2024.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.
2024-01-01 10:53:40 -08:00
Paul Eggert
dff8da6b3e Update copyright dates with scripts/update-copyrights 2024-01-01 10:53:40 -08:00
H.J. Lu
8d9f9c4460 elf: Always provide _dl_get_dl_main_map in libc.a
Always provide _dl_get_dl_main_map in libc.a.  It will be used by x86
to process PT_GNU_PROPERTY segment.
2024-01-01 05:22:48 -08:00
Szabolcs Nagy
980450f126 elf: Add TLS modid reuse test for bug 29039
This is a minimal regression test for bug 29039 which only affects
targets with TLSDESC and a reproducer requires that

1) Have modid gaps (closed modules) with old generation.
2) Update a DTV to a newer generation (needs a newer dlopen).
3) But do not update the closed gap entry in that DTV.
4) Reuse the modid gap for a new module (another dlopen).
5) Use dynamic TLSDESC in that new module with old generation (bug).
6) Access TLS via this TLSDESC and the now outdated DTV.

However step (3) in practice rarely happens: during DTV update the
entries for closed modids are initialized to "unallocated" and then
dynamic TLSDESC calls __tls_get_addr independently of its generation.
The only exception to this is DTV setup at thread creation (gaps are
initialized to NULL instead of unallocated) or DTV resize where the
gap entries are outside the previous DTV array (again NULL instead
of unallocated, and this requires loading > DTV_SURPLUS modules).

So the bug can only cause NULL (+ offset) dereference, not use after
free. And the easiest way to get (3) is via thread creation.

Note that step (5) requires that the newly loaded module has larger
TLS than the remaining optional static TLS. And for (6) there cannot
be other TLS access or dlopen in the thread that updates the DTV.

Tested on aarch64-linux-gnu.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2023-12-20 08:45:48 +00:00
Stefan Liebler
3150cc0c90 Fix elf/tst-env-setuid[-static] if test needs to be rerun.
If /tmp is mounted nosuid and make xcheck is run,
then tst-env-setuid fails UNSUPPORTED with "SGID failed: GID and EGID match"
and /var/tmp/tst-sonamemove-runmod1.so.profile is created.

If you then try to rerun the test with a suid mounted test-dir
(the SGID binary is created in test-dir which defaults to /tmp)
with something like that:
make tst-env-setuid-ENV="TMPDIR=..." t=elf/tst-env-setuid test
the test fails as the LD_PROFILE output file is still available
from the previous run.

Thus this patch removes the LD_PROFILE output file in parent
before spawning the SGID binary.

Even if LD_PROFILE is not supported anymore in static binaries,
use a different library and thus output file for tst-env-setuid
and tst-env-setuid-static in order to not interfere if both
tests are run in parallel.

Furthermore the checks in test_child are now more verbose.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2023-12-20 08:41:06 +01:00
Adhemerval Zanella
f94446c38f elf: Do not set invalid tunables values
The loader now warns for invalid and out-of-range tunable values. The
patch also fixes the parsing of size_t maximum values, where
_dl_strtoul was failing for large values close to SIZE_MAX.

Checked on x86_64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-12-19 13:25:45 -03:00
Adhemerval Zanella
2a969b53c0 elf: Do not duplicate the GLIBC_TUNABLES string
The tunable parsing duplicates the tunable environment variable so it
null-terminates each one since it simplifies the later parsing. It has
the drawback of adding another point of failure (__minimal_malloc
failing), and the memory copy requires tuning the compiler to avoid mem
operations calls.

The parsing now tracks the tunable start and its size. The
dl-tunable-parse.h adds helper functions to help parsing, like a strcmp
that also checks for size and an iterator for suboptions that are
comma-separated (used on hwcap parsing by x86, powerpc, and s390x).

Since the environment variable is allocated on the stack by the kernel,
it is safe to keep the references to the suboptions for later parsing
of string tunables (as done by set_hwcaps by multiple architectures).

Checked on x86_64-linux-gnu, powerpc64le-linux-gnu, and
aarch64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-12-19 13:25:45 -03:00