about summary refs log tree commit diff
path: root/elf
Commit message (Collapse)AuthorAgeFilesLines
* elf: Implement ld.so --helpFlorian Weimer2020-10-083-13/+75
| | | | | | | | | | | | | | | --help processing is deferred to the point where the executable has been loaded, so that it is possible to eventually include information from the main executable in the help output. As suggested in the GNU command-line interface guidelines, the help message is printed to standard output, and the exit status is successful. Handle usage errors closer to the GNU command-line interface guidelines. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Record whether paths come from LD_LIBRARY_PATH or --library-pathFlorian Weimer2020-10-084-4/+10
| | | | | | This allows more precise LD_DEBUG diagnostics. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Move ld.so error/help output to _dl_usageFlorian Weimer2020-10-084-26/+65
| | | | | | | Also add a comment to elf/Makefile, explaining why we cannot use config.status for autoconf template processing. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Extract command-line/environment variables state from rtld.cFlorian Weimer2020-10-082-96/+157
| | | | | | | | | Introduce struct dl_main_state and move it to <dl-main.h>. Rename enum mode to enum rtld_mode and add the rtld_mode_ prefix to the enum constants. This avoids the need for putting state that is only needed during startup into the ld.so data segment.
* elf: Implement __rtld_malloc_is_completeFlorian Weimer2020-10-081-0/+8
| | | | | | | | In some cases, it is difficult to determine the kind of malloc based on the execution context, so a function to determine that is helpful. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Revert "Fix missing redirects in testsuite targets"Andreas Schwab2020-10-081-1/+1
| | | | | This reverts commit d5afb38503. The log files are actually created by the various shell scripts that drive the tests.
* elf: Implement _dl_writeFlorian Weimer2020-10-072-1/+57
| | | | | | | | The generic version is parallel to _dl_writev. It cannot use _dl_writev directly because the errno value needs to be obtained under a lock. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Do not search HWCAP subdirectories in statically linked binariesFlorian Weimer2020-10-072-2/+16
| | | | | | | | | This functionality does not seem to be useful since static dlopen is mostly used for iconv/character set conversion and NSS support. gconv modules are loaded with full paths anyway, so that the HWCAP subdirectory logic does not apply. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Set tunable value as well as min/max valuesH.J. Lu2020-09-292-6/+60
| | | | | | | | Some tunable values and their minimum/maximum values must be determinted at run-time. Add TUNABLE_SET_WITH_BOUNDS and TUNABLE_SET_WITH_BOUNDS_FULL to update tunable value together with minimum and maximum values. __tunable_set_val is updated to set tunable value as well as min/max values.
* ld.so: add an --argv0 option [BZ #16124]Vincent Mihalkovic2020-09-294-3/+94
|
* Remove internal usage of extensible stat functionsAdhemerval Zanella2020-09-114-6/+6
| | | | | | | | | | | | It replaces the internal usage of __{f,l}xstat{at}{64} with the __{f,l}stat{at}{64}. It should not change the generate code since sys/stat.h explicit defines redirections to internal calls back to xstat* symbols. Checked with a build for all affected ABIs. I also check on x86_64-linux-gnu and i686-linux-gnu. Reviewed-by: Lukasz Majewski <lukma@denx.de>
* elf.h: Add aarch64 bti/pac dynamic tag constantsMark Wielaard2020-09-071-0/+2
| | | | | | | | Constants double checked against binutils and the ELF for the Arm 64-bit Architecture (AArch64) Release 2020Q2 document. Only BTI PLT is used in glibc, there's no PAC PLT with glibc, and people are expected to use BIND_NOW.
* elf/tst-libc_dlvsym: Add a TEST_COMPAT around some symbol testsAlistair Francis2020-08-271-0/+5
| | | | | | | | | The _sys_errlist and _sys_siglist symbols are deprecated since 2.32. This patch adds a TEST_COMPAT check around the tests. This fixes test failures on new architectures (such as RV32) that don't have this symbol defined. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Change TLS static surplus default back to 1664Florian Weimer2020-07-203-8/+75
| | | | | | | Make the computation in elf/dl-tls.c more transparent, and add an explicit test for the historic value. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Linux: Remove rseq supportFlorian Weimer2020-07-162-12/+1
| | | | | | | | | | | | | | | | | | The kernel ABI is not finalized, and there are now various proposals to change the size of struct rseq, which would make the glibc ABI dependent on the version of the kernels used for building glibc. This is of course not acceptable. This reverts commit 48699da1c468543ade14777819bd1b4d652709de ("elf: Support at least 32-byte alignment in static dlopen"), commit 8f4632deb3545b2949cec5454afc3cb21a0024ea ("Linux: rseq registration tests"), commit 6e29cb3f61ff5432c78a1c84b0d9b123a350ab36 ("Linux: Use rseq in sched_getcpu if available"), and commit 0c76fc3c2b346dc5401dc055d97d4279632b0fb3 ("Linux: Perform rseq registration at C startup and thread creation"), resolving the conflicts introduced by the ARC port and the TLS static surplus changes. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* rtld: Avoid using up static TLS surplus for optimizations [BZ #25051]Szabolcs Nagy2020-07-0815-17/+359
| | | | | | | | | | | | | | | | | | | | | | | | | | | | On some targets static TLS surplus area can be used opportunistically for dynamically loaded modules such that the TLS access then becomes faster (TLSDESC and powerpc TLS optimization). However we don't want all surplus TLS to be used for this optimization because dynamically loaded modules with initial-exec model TLS can only use surplus TLS. The new contract for surplus static TLS use is: - libc.so can have up to 192 bytes of IE TLS, - other system libraries together can have up to 144 bytes of IE TLS. - Some "optional" static TLS is available for opportunistic use. The optional TLS is now tunable: rtld.optional_static_tls, so users can directly affect the allocated static TLS size. (Note that module unloading with dlclose does not reclaim static TLS. After the optional TLS runs out, TLS access is no longer optimized to use static TLS.) The default setting of rtld.optional_static_tls is 512 so the surplus TLS is 3*192 + 4*144 + 512 = 1664 by default, the same as before. Fixes BZ #25051. Tested on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* rtld: Account static TLS surplus for audit modulesSzabolcs Nagy2020-07-082-6/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | The new static TLS surplus size computation is surplus_tls = 192 * (nns-1) + 144 * nns + 512 where nns is controlled via the rtld.nns tunable. This commit accounts audit modules too so nns = rtld.nns + audit modules. rtld.nns should only include the namespaces required by the application, namespaces for audit modules are accounted on top of that so audit modules don't use up the static TLS that is reserved for the application. This allows loading many audit modules without tuning rtld.nns or using up static TLS, and it fixes FAIL: elf/tst-auditmany Note that DL_NNS is currently a hard upper limit for nns, and if rtld.nns + audit modules go over the limit that's a fatal error. By default rtld.nns is 4 which allows 12 audit modules. Counting the audit modules is based on existing audit string parsing code, we cannot use GLRO(dl_naudit) before the modules are actually loaded.
* rtld: Add rtld.nns tunable for the number of supported namespacesSzabolcs Nagy2020-07-083-5/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TLS_STATIC_SURPLUS is 1664 bytes currently which is not enough to support DL_NNS (== 16) number of dynamic link namespaces, if we assume 192 bytes of TLS are reserved for libc use and 144 bytes are reserved for other system libraries that use IE TLS. A new tunable is introduced to control the number of supported namespaces and to adjust the surplus static TLS size as follows: surplus_tls = 192 * (rtld.nns-1) + 144 * rtld.nns + 512 The default is rtld.nns == 4 and then the surplus TLS size is the same as before, so the behaviour is unchanged by default. If an application creates more namespaces than the rtld.nns setting allows, then it is not guaranteed to work, but the limit is not checked. So existing usage will continue to work, but in the future if an application creates more than 4 dynamic link namespaces then the tunable will need to be set. In this patch DL_NNS is a fixed value and provides a maximum to the rtld.nns setting. Static linking used fixed 2048 bytes surplus TLS, this is changed so the same contract is used as for dynamic linking. With static linking DL_NNS == 1 so rtld.nns tunable is forced to 1, so by default the surplus TLS is reduced to 144 + 512 = 656 bytes. This change is not expected to cause problems. Tested on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* rtld: Clean up PT_NOTE and add PT_GNU_PROPERTY handlingSzabolcs Nagy2020-07-082-12/+96
| | | | | | | | | | | | | | | | | | | | | | Add generic code to handle PT_GNU_PROPERTY notes. Invalid content is ignored, _dl_process_pt_gnu_property is always called after PT_LOAD segments are mapped and it has no failure modes. Currently only one NT_GNU_PROPERTY_TYPE_0 note is handled, which contains target specific properties: the _dl_process_gnu_property hook is called for each property. The old _dl_process_pt_note and _rtld_process_pt_note differ in how the program header is read. The old _dl_process_pt_note is called before PT_LOAD segments are mapped and _rtld_process_pt_note is called after PT_LOAD segments are mapped. The old _rtld_process_pt_note is removed and _dl_process_pt_note is always called after PT_LOAD segments are mapped and now it has no failure modes. The program headers are scanned backwards so that PT_NOTE can be skipped if PT_GNU_PROPERTY exists. Co-Authored-By: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Do not signal LA_ACT_CONSISTENT for an empty namespace [BZ #26076]Florian Weimer2020-07-071-2/+8
| | | | | | | | | The auditing interface identifies namespaces by their first loaded module. Once the namespace is empty, it is no longer possible to signal LA_ACT_CONSISTENT for it because the first loaded module is already gone at that point. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Add the __libc_single_threaded variableFlorian Weimer2020-07-0611-6/+548
| | | | | | | | | | | | | | The variable is placed in libc.so, and it can be true only in an outer libc, not libcs loaded via dlmopen or static dlopen. Since thread creation from inner namespaces does not work, pthread_create can update __libc_single_threaded directly. Using __libc_early_init and its initial flag, implementation of this variable is very straightforward. A future version may reset the flag during fork (but not in an inner namespace), or after joining all threads except one. Reviewed-by: DJ Delorie <dj@redhat.com>
* Linux: Perform rseq registration at C startup and thread creationMathieu Desnoyers2020-07-062-1/+11
| | | | | | | | | | | | | | | | | | | Register rseq TLS for each thread (including main), and unregister for each thread (excluding main). "rseq" stands for Restartable Sequences. See the rseq(2) man page proposed here: https://lkml.org/lkml/2018/9/19/647 Those are based on glibc master branch commit 3ee1e0ec5c. The rseq system call was merged into Linux 4.18. The TLS_STATIC_SURPLUS define is increased to leave additional room for dlopen'd initial-exec TLS, which keeps elf/tst-auditmany working. The increase (76 bytes) is larger than 32 bytes because it has not been increased in quite a while. The cost in terms of additional TLS storage is quite significant, but it will also obscure some initial-exec-related dlopen failures.
* elf: Include <stdbool.h> in <dl-tunables.h> because bool is usedFlorian Weimer2020-06-241-0/+2
|
* ld.so: Check for new cache format first and enhance corruption checkFlorian Weimer2020-06-151-12/+15
| | | | | | | | | Now that ldconfig defaults to the new format (only), check for it first. Also apply the corruption check added in commit 2954daf00bb4d ("Add more checks for valid ld.so.cache file (bug 18093)") to the new-format-only case. Suggested-by: Josh Triplett <josh@joshtriplett.org>
* Add "%d" support to _dl_debug_vdprintfH.J. Lu2020-06-091-2/+29
| | | | "%d" will be used to print out signed value.
* dl-runtime: reloc_{offset,index} now functions arch overide'ableVineet Gupta2020-06-052-11/+47
| | | | | | | | | | | | | | | The existing macros are fragile and expect local variables with a certain name. Fix this by defining them as functions with default implementation in a new header dl-runtime.h which arches can override if need be. This came up during ARC port review, hence the need for argument pltgot in reloc_index() which is not needed by existing ports. This patch potentially only affects hppa/x86 ports, build tested for both those configs and a few more. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Replace val with __val in TUNABLE_SET_VAL_IF_VALID_RANGEH.J. Lu2020-06-041-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | There are: #define TUNABLE_SET_VAL_IF_VALID_RANGE(__cur, __val, __type) \ ({ \ __type min = (__cur)->type.min; \ __type max = (__cur)->type.max; \ \ if ((__type) (__val) >= min && (__type) (val) <= max) \ ^^^ Should be __val { \ (__cur)->val.numval = val; \ ^^^ Should be __val (__cur)->initialized = true; \ } \ }) Luckily since all TUNABLE_SET_VAL_IF_VALID_RANGE usages are TUNABLE_SET_VAL_IF_VALID_RANGE (cur, val, int64_t); this didn't cause any issues. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* elf: Remove extra hwcap mechanism from ldconfigFlorian Weimer2020-05-281-71/+16
| | | | | | | | | | | | | | Historically, this mechanism was used to process "nosegneg" subdirectories, and it is still used to include the "tls" subdirectories. With nosegneg support gone from ld.so, this is part no longer useful. The entire mechanism is not well-designed because it causes the meaning of hwcap bits in ld.so.cache to depend on the kernel version that was used to generate the cache, which makes it difficult to use this mechanism for anything else in the future. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Do not read hwcaps from the vDSO in ld.soFlorian Weimer2020-05-281-110/+0
| | | | | | | | | | This was only ever used for the "nosegneg" flag. This approach for passing hardware capability information creates a subtle dependency between the kernel and userspace, and ld.so.cache contents. It seems inappropriate for toady, where people expect to be able to run system images which very different kernel versions. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf: Turn _dl_printf, _dl_error_printf, _dl_fatal_printf into functionsFlorian Weimer2020-05-252-1/+32
| | | | | | | | | | | | | | This change makes it easier to set a breakpoint on these calls. This also addresses the issue that including <ldsodefs.h> without <unistd.h> does not result usable _dl_*printf macros because of the use of the STD*_FILENO macros there. (The private symbol for _dl_fatal_printf will go away again once the exception handling implementation is unified between libc and ld.so.) Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf.h: add aarch64 property definitionsSzabolcs Nagy2020-05-211-0/+6
| | | | | | | These property values are specified by the AArch64 ELF ABI and binutils can create binaries marked with them. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* elf.h: Add PT_GNU_PROPERTYSzabolcs Nagy2020-05-211-0/+1
| | | | | | | This program header type is already used in binaries on x86 and aarch64 targets. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* ldconfig: Default to the new format for ld.so.cacheJosh Triplett2020-05-191-2/+2
| | | | glibc has supported this format for close to 20 years.
* Remove NO_CTORS_DTORS_SECTIONS macroFlorian Weimer2020-05-183-56/+1
| | | | | | | | | | | This was originally added to support binutils older than version 2.22: <https://sourceware.org/ml/libc-alpha/2010-12/msg00051.html> Since 2.22 is older than the minimum required binutils version for building glibc, we no longer need this. (The changes do not impact the statically linked startup code.)
* elf: Assert that objects are relocated before their constructors runFlorian Weimer2020-05-181-0/+6
| | | | | | | | | If we try to run constructors before relocation, this is always a dynamic linker bug. An assert is easier to notice than a call via an invalid function pointer (which may not even produce a valid call stack). Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* x86: Move CET control to _dl_x86_feature_control [BZ #25887]H.J. Lu2020-05-181-0/+2
| | | | | | | | | | 1. Include <dl-procruntime.c> to get architecture specific initializer in rtld_global. 2. Change _dl_x86_feature_1[2] to _dl_x86_feature_1. 3. Add _dl_x86_feature_control after _dl_x86_feature_1, which is a struct of 2 bitfields for IBT and SHSTK control This fixes [BZ #25887].
* elf: Remove redundant add_to_global_resize_failure call from dl_open_argsFlorian Weimer2020-05-121-5/+0
| | | | | | | | | | The second call does not do anything because the data structures have already been resized by the call that comes before the demarcation point. Fixes commit a509eb117fac1d764b15eba64993f4bdb63d7f3c ("Avoid late dlopen failure due to scope, TLS slotinfo updates [BZ #25112]"). Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Rename __LONG_DOUBLE_USES_FLOAT128 to __LDOUBLE_REDIRECTS_TO_FLOAT128_ABIPaul E. Murphy2020-04-301-1/+1
| | | | | | | | | | | | | | | Improve the commentary to aid future developers who will stumble upon this novel, yet not always perfect, mechanism to support alternative formats for long double. Likewise, rename __LONG_DOUBLE_USES_FLOAT128 to __LDOUBLE_REDIRECTS_TO_FLOAT128_ABI now that development work has settled down. The command used was git grep -l __LONG_DOUBLE_USES_FLOAT128 ':!./ChangeLog*' | \ xargs sed -i 's/__LONG_DOUBLE_USES_FLOAT128/__LDOUBLE_REDIRECTS_TO_FLOAT128_ABI/g' Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
* elf: Add initial flag argument to __libc_early_initFlorian Weimer2020-04-295-11/+29
| | | | | | | | | | | The rseq initialization should happen only for the libc in the base namespace (in the dynamic case) or the statically linked libc. The __libc_multiple_libcs flag does not quite cover this case at present, so this commit introduces a flag argument to __libc_early_init, indicating whether the libc being libc is the primary one (of the main program). Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* elf: Implement __libc_early_initFlorian Weimer2020-04-249-2/+261
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This function is defined in libc.so, and the dynamic loader calls right after relocation has been finished, before any ELF constructors or the preinit function is invoked. It is also used in the static build for initializing parts of the static libc. To locate __libc_early_init, a direct symbol lookup function is used, _dl_lookup_direct. It does not search the entire symbol scope and consults merely a single link map. This function could also be used to implement lookups in the vDSO (as an optimization). A per-namespace variable (libc_map) is added for locating libc.so, to avoid repeated traversals of the search scope. It is similar to GL(dl_initfirst). An alternative would have been to thread a context argument from _dl_open down to _dl_map_object_from_fd (where libc.so is identified). This could have avoided the global variable, but the change would be larger as a result. It would not have been possible to use this to replace GL(dl_initfirst) because that global variable is used to pass the function pointer past the stack switch from dl_main to the main program. Replacing that requires adding a new argument to _dl_init, which in turn needs changes to the architecture-specific libc.so startup code written in assembler. __libc_early_init should not be used to replace _dl_var_init (as it exists today on some architectures). Instead, _dl_lookup_direct should be used to look up a new variable symbol in libc.so, and that should then be initialized from the dynamic loader, immediately after the object has been loaded in _dl_map_object_from_fd (before relocation is run). This way, more IFUNC resolvers which depend on these variables will work. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* elf: Introduce <elf_machine_sym_no_match.h>Florian Weimer2020-04-241-8/+2
| | | | | | | | | | | MIPS needs to ignore certain existing symbols during symbol lookup. The old scheme uses the ELF_MACHINE_SYM_NO_MATCH macro, with an inline function, within its own header, with a sysdeps override for MIPS. This allows re-use of the function from another file (without having to include <dl-machine.h> or providing the default definition for ELF_MACHINE_SYM_NO_MATCH). Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* elf: Support lld-style link map for librtld.mapFangrui Song2020-04-211-1/+2
| | | | | | | | | | | | | GNU ld and gold's -Map include a line like: path/to/build/libc_pic.a(check_fds.os) lld -Map does not have the archive member list, but we can still derive the members from the following output VMA LMA Size Align Out In Symbol ... 1a1c0 1a1c0 e2 16 path/to/build/libc_pic.a(check_fds.os):(.text)
* elf: Implement DT_AUDIT, DT_DEPAUDIT support [BZ #24943]Florian Weimer2020-04-038-3/+273
| | | | | | | binutils ld has supported --audit, --depaudit for a long time, only support in glibc has been missing. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* elf: Simplify handling of lists of audit stringsFlorian Weimer2020-04-031-117/+112
| | | | | | | | | | | | | | | | All list elements are colon-separated strings, and there is a hard upper limit for the number of audit modules, so it is possible to pre-allocate a fixed-size array of strings to which the LD_AUDIT environment variable and --audit arguments are added. Also eliminate the global variables for the audit list because the list is only needed briefly during startup. There is a slight behavior change: All duplicate LD_AUDIT environment variables are now processed, not just the last one as before. However, such environment vectors are invalid anyway. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* ARC: add definitions to elf/elf.hVineet Gupta2020-03-251-1/+69
| | | | Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
* Fix tests which expose ldbl -> _Float128 redirectsPaul E. Murphy2020-03-251-0/+11
| | | | | | | | | | | | | | | | | | The ldbl redirects for ieee128 have some jagged edges when inspecting and manipulating symbols directly. e.g asprintf is unconditionally redirected to __asprintfieee128 thus any tests relying on GCC's redirect behavior will encounter problems if they inspect the symbol names too closely. I've mitigated tests which expose the limitations of the ldbl -> f128 redirects by giving them knowledge about the redirected symbol names. Hopefully there isn't much user code which depends on this implementation specific behavior. Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
* parse_tunables: Fix typo in commentJonathan Wakely2020-03-131-1/+1
|
* ldconfig: trace origin paths with -vDJ Delorie2020-03-111-6/+24
| | | | | | With this patch, -v turns on a "from" trace for each directory searched, that tells you WHY that directory is being searched - is it a builtin, from the command line, or from some config file?
* elf: Fix wrong indentation from commit eb447b7b4bAdhemerval Zanella2020-03-101-5/+6
|
* elf: Add elf/check-wx-segment, a test for the presence of WX segmentsFlorian Weimer2020-03-021-0/+7
| | | | | | | Writable, executable segments defeat security hardening. The existing check for DT_TEXTREL does not catch this. hppa and SPARC currently keep the PLT in an RWX load segment.