From patchwork Wed Nov 27 07:35:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yangyu Chen X-Patchwork-Id: 101950 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 9C5753858031 for ; Wed, 27 Nov 2024 07:37:27 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 9C5753858031 Authentication-Results: sourceware.org; dkim=pass (1024-bit key, unprotected) header.d=qq.com header.i=@qq.com header.a=rsa-sha256 header.s=s201512 header.b=umbFtcDT X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from out162-62-57-87.mail.qq.com (out162-62-57-87.mail.qq.com [162.62.57.87]) by sourceware.org (Postfix) with UTF8SMTPS id C1BA13858D37 for ; Wed, 27 Nov 2024 07:36:47 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C1BA13858D37 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=cyyself.name Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=cyyself.name ARC-Filter: OpenARC Filter v1.0.0 sourceware.org C1BA13858D37 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=162.62.57.87 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1732693008; cv=none; b=SYP26c+8suiguLleSS4yaA0XIf2tdSDfpCoDp7bILSCfG4aOrkKICMI4SNnfrh0ecLTsu1jtLh90+h3qY01au7gMpVLUB6aodYqMH/xk1o1jHdIgJCVJ/Lq8E2gKhOGvOtjGHzISBWLUMIFntTxfRpC3BEWTF737TZ7MyYFXClM= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1732693008; c=relaxed/simple; bh=+/FjVoYz5awpL2Mg2BAMqtHtI/QaSCvFPaHcWVxegvk=; h=DKIM-Signature:Message-ID:From:To:Subject:Date:MIME-Version; b=WSNVjtBonJXylaNC8TrUgAeun2c4xU3YKKk0PisSUKq4/FD7ZxFPgmp8nGqIomdUN+W04ORbb5DRq7CEcwlTI/LtznDBxSbUn8gtmxRMG9GAfXxWji3OiWRr/qn3832BVNNNW0c3eXnjU5MQ2YD8sZAPpoeImboUT455x12jn2E= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org C1BA13858D37 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qq.com; s=s201512; t=1732693004; bh=WeHcGXuXdFsyFEa+H2WZh1yCkO3AyI62WJY2ZQkERZw=; h=From:To:Cc:Subject:Date; b=umbFtcDTKUegj8VbRUqAsWX/vSs7DmHgZWWBxfreU50eoUSh8g5FTjPvgURWJlz5P 7g6mo5y28zpDkm5bsihM9F6lcJJoutH29o3V/j9vmATfVHDLziyCJVZqFuMRl0WZIR R6qYf7SEmE7G42x7JGS3rU9u3wZMxc67uuNtRSVg= Received: from cyy-pc.lan ([240e:379:2275:4500:b4b4:2212:4f7e:a2b2]) by newxmesmtplogicsvrszb21-0.qq.com (NewEsmtp) with SMTP id 92737A32; Wed, 27 Nov 2024 15:36:39 +0800 X-QQ-mid: xmsmtpt1732692999tsa7i51zk Message-ID: X-QQ-XMAILINFO: NZdUNwR6F/9nXNwiTVYe9V9mL9hTGXSlVtX+Z860Nu417P0eZ/4Ed1LGFM3Twx 9SitIh4ebm/avFsLxepieD9ZzsUTx2McPlgo0w5tVBY+qf2p8aw8e2oyA3d8lAM1QKfVFl2t1rq+ TYTawG8Wgv4mjRzs321NXMlE9mSdtJL7pRrq+u5ZBKRSfgx9o+78awircQuNq4gJpl9WxV330nCG HcqxS2s7WviHt7w2Z2x7b293wMbiPtfmFkg8ddJoPb86TGqUtcJ1Q9RUiu71Ljw9QWes/RyXCfzk Q+ylAbLhLP7jF+3PURTz3nluYhj5EwL0p8h0hevI1A8ak3O9WHMIl63rZsoBH6kRnglmZdxD538m fikSpkrJ4PAqeaUv6vV2vSLWCk95G5/ckhA06HbGr8mPuKdlOa5XkHQUbpYhjoxy+NmtuH+Tc5ny 1y2aNhlJ+O4FsKek8o8mRWR221uMnvkL+9sH3nLhr4bgiyaXZwvqZTgjcZs82icjPnlmCAfCOKDO y+BNzT4AbzITaR6cGH1WBrID6jNxrMeedikUV1ixTcjVOVigbUlCque0zee8X+yNQq4zQT0xdEsB XAgfvmLYzSBFnWffiiYo6hMDDF4vdEs8JAYVJETSI2xtsP2FtzByz22quGxIwB9XY4HNa6dC5Icj V34ONI6Vp4xgte3DB1wlqjEC9zMw7hjwBtewOvUA/OaubGGVbVilNo7mWoDHEtflGZJ4faNC3zqT kVM2psfo4Vnhe6gFkonM2EgO/Cc/ZjEUh5aLy4M5CQ10AI5rupQ0/uPBQhSb+gxEU3ZrQHliFm50 3WfFbxX8CtqI96pOlsQe1ILU2cumjkMaILxlTBjgE9jqEL6euPmoEzL/0HtkVSoKM9WhA1P+KsFC UJ+b8/9C5aYe2sxyb5vAkso4lBpqnpXRqt6KWyFz84TkDs/olTmA2cMA/4hR7+KVaZQpL/btdfzj IFkAvjJmBGkpBw88+s9qfLxJi3qMSRxTUB1bJnprTvkRaCEPK21w85OX85JQzm X-QQ-XMRINFO: NI4Ajvh11aEj8Xl/2s1/T8w= From: Yangyu Chen To: libc-alpha@sourceware.org Cc: Vivian Wang , Palmer Dabbelt , Vincent Chen , Kito Cheng , Florian Weimer , Andreas Schwab , Jessica Clarke , Andrew Waterman , Piyou Chen , Fangrui Song , Jeff Law , Wei Wu , Jiawei , Liao Shihua , Yixuan Chen , Yulong Shi , Dongyan Chen , Yangyu Chen Subject: [PATCH v3] RISC-V: Fix IFUNC resolver cannot access gp pointer Date: Wed, 27 Nov 2024 15:35:15 +0800 X-OQ-MSGID: <20241127073515.495591-1-cyy@cyyself.name> X-Mailer: git-send-email 2.45.2 MIME-Version: 1.0 X-Spam-Status: No, score=-8.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, GIT_PATCH_0, HELO_DYNAMIC_IPADDR, KAM_STOCKGEN, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, RDNS_DYNAMIC, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org In some cases, an IFUNC resolver may need to access the gp pointer to access global variables. Such an object may have l_relocated == 0 at this time. In this case, an IFUNC resolver will fail to access a global variable and cause a SIGSEGV. This patch fixes this issue by relaxing the check of l_relocated in elf_machine_runtime_setup. As for the original BZ #31317, since the static-linked executable has already set up the gp pointer, we don't need to execute the code to set up the gp pointer again. Thus, this code should be skipped for !SHARED case. I have also reproduced and checked BZ #31317 using a mold commit bed5b1731b ("illumos: Treat absolute symbols specially"), this patch can fix the issue. To prevent some other bug like original BZ #31317 from happening again, I also added check `l->l_scope != NULL`. Also, we used the wrong gp pointer previously because ref->st_value is not the relocated address but just the offset from the base address of ELF. An edge case may happen if we reference gp pointer in IFUNC resolverin a PIE object. The GP will be initialized incorrectly since the ref->st_value is not the address after relocation. This patch fixes this issue by adding the l->l_addr to ref->st_value to get the relocated address for the gp pointer. We don't use SYMBOL_ADDRESS macro here because __global_pointer$ is a special symbol that has SHN_ABS type, but it should use PC-relative addressing. Closes: BZ #32269 Fixes: 96d1b9ac23 ("RISC-V: Fix the static-PIE non-relocated object check") Co-authored-by: Vivian Wang Signed-off-by: Yangyu Chen --- sysdeps/riscv/dl-machine.h | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/sysdeps/riscv/dl-machine.h b/sysdeps/riscv/dl-machine.h index b2f28697f7..b10b2eb909 100644 --- a/sysdeps/riscv/dl-machine.h +++ b/sysdeps/riscv/dl-machine.h @@ -348,7 +348,8 @@ elf_machine_runtime_setup (struct link_map *l, struct r_scope_elem *scope[], gotplt[1] = (ElfW(Addr)) l; } - if (l->l_type == lt_executable && l->l_relocated) +#ifdef SHARED + if (l->l_type == lt_executable && l->l_scope != NULL) { /* The __global_pointer$ may not be defined by the linker if the $gp register does not be used to access the global variable @@ -362,12 +363,16 @@ elf_machine_runtime_setup (struct link_map *l, struct r_scope_elem *scope[], _dl_lookup_symbol_x ("__global_pointer$", l, &ref, l->l_scope, NULL, 0, 0, NULL); if (ref) - asm ( - "mv gp, %0\n" - : - : "r" (ref->st_value) - ); + asm ( + "mv gp, %0\n" + : + : "r" (ref->st_value + l->l_addr) + /* Don't use SYMBOL_ADDRESS here since __global_pointer$ + can be SHN_ABS type, but we need the address relative to + PC, not the absolute address. */ + ); } +#endif #endif return lazy; }