From nobody Tue Nov 19 15:14:52 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Xt7Mf3LmYz5f7WF; Tue, 19 Nov 2024 15:14:54 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Xt7Mf2st1z47kn; Tue, 19 Nov 2024 15:14:54 +0000 (UTC) (envelope-from jhb@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1732029294; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=j/K0sbjJ1U2jQShqgR8B2T21epl16DOPcRZtg2U8rPg=; b=eOKwCIUfGIrf5VFiMMlEZUQAL8hrqfcK4HHDLwqZCWxAMWb8yEfhvmm0DFZKL6FYBCzxcX pvmo4o3jcxWN10T8PlY7gHm/gxJ7sRAz73irYxoX88EZuUq4RTkQwRJwQ+bXamYHHozDVc YgVVxCZTZUbDUU44gYqT/E6ghlFl8lvpc7kUJSKU7mPKt+E/rI30K6DC1Qmjd8u8RU8EZF VZqIWs91mhXvwJNHo1O3gvH4WuPH9NXWVxqrKBacjHPN/HhMAzyWRAsbllAJfz3w5SvogX SQH7WcxsNOGz20xt4K52M5/1qF7GFAvYYD2aZxTgCCIcu18Z+N/sm8ryXv051w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1732029294; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=j/K0sbjJ1U2jQShqgR8B2T21epl16DOPcRZtg2U8rPg=; b=TpnUpxJ7NsBYtfaiWWP6G3XuFmBst3+8MnMpkvuIFT0YJrTvlgaf9fkV2PXDFuza4CBovd nmo51FL68hb+h+FrO2MfVbo8nmr/mDROko4em30FEIMxaZHyEZR3K4tpRwZPvJ6BE6/EAl SUEZaIVR+YGQmwE+1b0yn0o56JWbM/ISF4Wi6t3TCW5iw7l3ZfTpJyVuLsy3svPKIBAQ5H ksh1DEDiEXyn0OA1O8bEXvQd7Lv1jm6T493060NvIxEja6yGNmVC7ogbVagEQjESGh29xM IUn83kHOEbqBmxlK0nJJudlANthLvxhGavMZ7hvLaUSqDx+JqC7JBkV2sySoyA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1732029294; a=rsa-sha256; cv=none; b=nQdlg3thdsF0OZc3pyS/WNGpFfxdj+ZH+PIrChmWJVr4PtOMX1zNoNgE149vJAHGWijfNt /es678/tkSmw4RievC67HqT5VL7gISReMo+PkyogF0aGy63HwagRN6ljDjYI7m4CW+DxBP Eq8eASA2CVHsYBAAdQ9ZhLQs38J1VzJmbNsWJK8scQI4ro3DnQeYrb/mtq/J95TxyPv63c 0wiaLhswhiQBKK9VnSW9wO74Umn29R+JCTqfgSQscGr/OCIRfayFD1bacl/Akohqs2ZDso aW28uNuClcSUrBxAdgx/CaD5q08jrd5TTqTMnWcKHjKhpIq9bqz2b134XEePbA== Received: from [IPV6:2601:5c0:4200:b830:fd85:22bd:5200:42f2] (unknown [IPv6:2601:5c0:4200:b830:fd85:22bd:5200:42f2]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: jhb) by smtp.freebsd.org (Postfix) with ESMTPSA id 4Xt7Mf0ZlNzK5g; Tue, 19 Nov 2024 15:14:54 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Message-ID: Date: Tue, 19 Nov 2024 10:14:52 -0500 List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: git: e85eaa930862 - main - Have rtld query the page size from the kernel Content-Language: en-US To: Konstantin Belousov Cc: Jessica Clarke , Andrew Turner , "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" References: <202204071438.237Ecn2A012737@gitrepo.freebsd.org> <92a05dfe-683c-43d9-bd29-3110e89be275@FreeBSD.org> <768D45F9-2F02-4BA1-BFB7-51685486CFCC@freebsd.org> <4d81d34f-4749-4911-b302-eca9166e4be7@FreeBSD.org> From: John Baldwin In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 11/19/24 22:30, Konstantin Belousov wrote: > On Thu, Nov 14, 2024 at 09:47:30AM -0500, John Baldwin wrote: >> On 11/13/24 12:10, Jessica Clarke wrote: >>> On 13 Nov 2024, at 19:44, John Baldwin wrote: >>>> >>>> On 4/7/22 07:38, Andrew Turner wrote: >>>>> The branch main has been updated by andrew: >>>>> URL: https://cgit.FreeBSD.org/src/commit/?id=e85eaa930862d5b4dc917bc31e8d7254a693635d >>>>> commit e85eaa930862d5b4dc917bc31e8d7254a693635d >>>>> Author: Andrew Turner >>>>> AuthorDate: 2022-04-04 15:05:40 +0000 >>>>> Commit: Andrew Turner >>>>> CommitDate: 2022-04-07 14:37:37 +0000 >>>>> Have rtld query the page size from the kernel >>>>> To allow for a dynamic page size on arm64 have the runtime linker >>>>> query the kernel for the currentl page size. >>>>> Reviewed by: kib >>>>> Sponsored by: The FreeBSD Foundation >>>>> Differential Revision: https://reviews.freebsd.org/D34765 >>>> >>>> This broke relro handling for rtld. The reason is that init_pagesizes() is >>>> called after parsing the program headers for rltd in init_rtld(). As a result, >>>> page_size is 0 when rtld_round_page() is called so the relro_size is 0. The >>>> RTLD_INIT_EARLY_PAGESIZES case was for ia64, and in the early case it's probably >>>> not safe to call sysctl? If it is safe to call sysctl, we could just always >>>> init pagesizes early? >>> >>> It looks like there are a few things going on: >>> >>> 1. relocate_object calls obj_enforce_relro if !obj->mainprog, so will >>> try to enforce RELRO for RTLD itself whilst page_size is 0 >>> >>> 2. init_rtld later calls obj_enforce_relro for obj_rtld, after >>> page_size has been initialised >>> >>> 3. init_rtld is careful to avoid using global variables until it’s >>> called relocate_objects for RTLD itself, but by hiding accesses to >>> page_size away in rtld_*_page that’s no longer true (definitely not >>> true in the case of text relocations, for example, though whether it >>> also occurs for other cases we care more about I don’t know) >>> >>> So I think there are a couple of things to fix: >>> >>> 1. Stop accessing page_size prior to relocate_objects returning for >>> RTLD itself >>> >>> 2. Stop enforcing RELRO twice for RTLD (e.g. add && obj != rtldobj to >>> relocate_object’s case) >>> >>> At least, that’s what I’ve inferred from reading the code. >>> >>> Though, to be honest, things might be rather nicer if we just made >>> .rtld_start responsible for relocating RTLD itself prior to calling >>> init_rtld, that’s what we have to do for CHERI, as do arm, powerpc and >>> powerpc64, and it means you can use globals from the start in init_rtld. >> >> I've done 2) locally which fixed my immediate issue. > Can you provide some more info please? I have a local patch that supports mutiple PT_GNU_RELRO segments, and to do that it removes relro_* from Obj_Entry and just walks the list of phdrs in obj_remap_relro(). However, that defeats the order you mention below of the timing of parse_rtld_phdr(). I hadn't realized until your paragraph below that that local change was part of why this was exposed. It would still be more correct, strictly speaking, to skip obj_enforce_relro for rtldobj, and if we ever supported multiple PT_GNU_RELRO upstream we would want that change. I had also missed the later explicit call to obj_enforce_relro() for obj_rtld when I sent my original e-mail, so nothing is broken in FreeBSD. > obj_enforce_relro() only acts if obj_relro_size is > 0, which requires > the call to parse_rtld_phdr() to fill it. This is indeed called after the > rtld is relocated by relocate_object(s), but so it was before the Andrew' > change. > > I can see a problem if plt is mapped ro and requires relro to remap it > rw before relocation, but I do not believe this is the case for rtld and > any static linker. > > And what is the arch? I was testing on a CHERI arch since that is my use case for multiple PT_GNU_RELRO sections, though the change to obj_remap_relro() is applicable to all architectures. > The RTLD_INIT_PAGESIZES_EARLY symbol indeed should be eliminated, I have > the patch. But let's sort out the page size issue as well. I do think we can probably just axe that code entirely. >> I agree though that having all arches implement rtld_relocate_nonplt_self() >> which is called before rtld() would be nicer. This might still be a nice thing to do. -- John Baldwin