From patchwork Fri Dec 16 11:39:29 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 88286 Delivered-To: patch@linaro.org Received: by 10.140.20.101 with SMTP id 92csp1352976qgi; Fri, 16 Dec 2016 03:39:46 -0800 (PST) X-Received: by 10.99.37.195 with SMTP id l186mr4744983pgl.91.1481888386833; Fri, 16 Dec 2016 03:39:46 -0800 (PST) Return-Path: Received: from sourceware.org (server1.sourceware.org. [209.132.180.131]) by mx.google.com with ESMTPS id u3si2411677plj.135.2016.12.16.03.39.46 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 16 Dec 2016 03:39:46 -0800 (PST) Received-SPF: pass (google.com: domain of libc-alpha-return-75976-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) client-ip=209.132.180.131; Authentication-Results: mx.google.com; dkim=pass header.i=@sourceware.org; spf=pass (google.com: domain of libc-alpha-return-75976-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) smtp.mailfrom=libc-alpha-return-75976-patch=linaro.org@sourceware.org DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:cc:from:message-id:date :mime-version:in-reply-to:content-type; q=dns; s=default; b=sL3n ADTgZSB4Q+C0VOmP90MxMOFQFE/XdDkUV6j/1RlxAo9NKoR3QOrXqAtyqYE7nzMJ ml/meWrCenJoxNPgmzCCsxTiHdzwNTlApgWXle1FUL1a/sit9NWwtEZJ/7pzN2aU stMQ6oSS0DyI6CpIqxrXf0c3IAUruEmDgy1kv5g= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:cc:from:message-id:date :mime-version:in-reply-to:content-type; s=default; bh=efms7gNNS7 Mw3jrCq7Phv/VcSyg=; b=l9hSugiSOjUSoxG+hMf+cuazd34ZOwu5+zuRAYVBtX BSp7WD9YZoBopwC/oT8ITIM9zZyAp/hmTzPdUXCXD0amq8pu5OEilGczYwz6CQk9 I8FZdH/2sO7SrBpYIoN+s9cr7GwwyRCvALwdsHWIUMxt4DkykutSEmlLid2QuaMy I= Received: (qmail 106100 invoked by alias); 16 Dec 2016 11:39:36 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 103711 invoked by uid 89); 16 Dec 2016 11:39:34 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.0 required=5.0 tests=BAYES_00, RP_MATCHES_RCVD, SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=sk:shared, sk:shared- X-HELO: mx1.redhat.com Subject: Re: [PATCH 08/12] De-PLTize __stack_chk_fail internal calls within libc.so. To: Nix References: <20161128123228.30856-1-nix@esperi.org.uk> <20161128123228.30856-9-nix@esperi.org.uk> <87y3zhjn1s.fsf@esperi.org.uk> <78b1f109-91e5-4150-4c00-15a86aacb2f7@redhat.com> <87poktjmfn.fsf@esperi.org.uk> <87lgvhjlx1.fsf@esperi.org.uk> <87oa0dhzrg.fsf@esperi.org.uk> <1d8f61e7-bd57-7b1e-d43d-ab18a6ebbd54@redhat.com> <87bmwdhsj3.fsf@esperi.org.uk> Cc: libc-alpha@sourceware.org, Adhemerval Zanella From: Florian Weimer Message-ID: <3785c2b6-4d2b-e1ac-4276-8a6231db7c56@redhat.com> Date: Fri, 16 Dec 2016 12:39:29 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: On 12/15/2016 09:22 PM, Florian Weimer wrote: > On 12/15/2016 09:00 PM, Nix wrote: > >>> Could you try this? >>> >>> # if defined STACK_PROTECTOR_LEVEL && STACK_PROTECTOR_LEVEL > 0 >>> asm (".hidden __stack_chk_fail_local"); >>> asm ("__stack_chk_fail = __stack_chk_fail_local"); >>> # endif >> >> No change :( the only reference to __stack_chk_fail is still inside >> stack_chk_fail_local: >> >> Symbols from libc_pic.a[libc-stack_chk_fail_local.os]: >> >> Name Value Class Type >> Size Line Section >> >> __GI_memcpy ||GLOBAL|NOTYPE || |UNDEF >> __GI_memmove ||GLOBAL|NOTYPE || |UNDEF >> __GI_memset ||GLOBAL|NOTYPE || |UNDEF >> __stack_chk_fail ||GLOBAL|NOTYPE || |UNDEF >> __stack_chk_fail_local |0000000000000000|GLOBAL|FUNC >> |0000000000000010| |.text >> libc-stack_chk_fail_local.c|0000000000000000|LOCAL |FILE >> |0000000000000000| |ABS >> >> (And, of course, this code is not affected by your suggestion, because >> it's compiled with -fno-stack-protector -DSTACK_PROTECTOR_LEVEL=0.) > > I think this attempt at PLT avoidance within libc.so itself is subtly > wrong. We need to mirror more closely what > libc_hidden_proto/libc_hidden_def does, and perhaps disentangle this > from the __stack_chk_fail_local definition used in other DSOs. > > I think this means removing any definition of a C function definition > called __stack_chk_fail_local from libc.so, and instead use a strong > alias from __stack_chk_fail to __stack_chk_fail_local to define the > symbol. The alias will not incorporate a PLT reference. If you look at > include/libc-symbols.h, strong_alias and hidden_def are quite similar. With this patch on top of the series you posted (without any other changes), I get both MIPS and ia64 to build, and I don't see a PLT failure on SPARC. Thanks, Florian diff --git a/debug/Makefile b/debug/Makefile index 27da081..cfcf392 100644 --- a/debug/Makefile +++ b/debug/Makefile @@ -48,14 +48,10 @@ routines = backtrace backtracesyms backtracesymsfd noophooks \ vdprintf_chk obprintf_chk \ longjmp_chk ____longjmp_chk \ fdelt_chk poll_chk ppoll_chk \ - stack_chk_fail fortify_fail libc-stack_chk_fail_local \ + stack_chk_fail fortify_fail \ $(static-only-routines) -# stack_chk_fail_local must be non-PIC, thus static-only, but we also -# want an identical thunk hidden in libc.so to avoid going via the PLT. - static-only-routines := warning-nop stack_chk_fail_local -shared-only-routines += libc-stack_chk_fail_local # Building the stack-protector failure routines with stack protection # makes no sense. diff --git a/debug/libc-stack_chk_fail_local.c b/debug/libc-stack_chk_fail_local.c deleted file mode 100644 index 73da970..0000000 --- a/debug/libc-stack_chk_fail_local.c +++ /dev/null @@ -1,3 +0,0 @@ -/* This goes into the shared libc. */ - -#include diff --git a/debug/stack_chk_fail.c b/debug/stack_chk_fail.c index 4d0796f..a545239 100644 --- a/debug/stack_chk_fail.c +++ b/debug/stack_chk_fail.c @@ -27,3 +27,11 @@ __stack_chk_fail (void) { __fortify_fail ("stack smashing detected"); } + +#ifdef SHARED +/* The compiler generates hidden references to __stack_chk_fail for + PLT avoidance. Outside of libc.so, a definition provided by + libc_nonshared.a, but within libc.so, a local definition is + needed. */ +strong_alias (__stack_chk_fail, __stack_chk_fail_local) +#endif diff --git a/sysdeps/generic/symbol-hacks.h b/sysdeps/generic/symbol-hacks.h index 36908b5..ce576c9 100644 --- a/sysdeps/generic/symbol-hacks.h +++ b/sysdeps/generic/symbol-hacks.h @@ -4,8 +4,4 @@ asm ("memmove = __GI_memmove"); asm ("memset = __GI_memset"); asm ("memcpy = __GI_memcpy"); - -/* -fstack-protector generates calls to __stack_chk_fail, which need - similar adjustments to avoid going through the PLT. */ -asm ("__stack_chk_fail = __stack_chk_fail_local"); #endif