(1) If an initial-exec relocation was used for a non-local symbol
(i.e. the definition of the symbol is in a different DSO), the
computation of the static TLS offset used the wrong DSO.
This would effectively mean the wrong address was computed
(PR toolchain/50277, PR pkg/57445).
Fix this by forcing the computation of the correct DSO (the one defining
the symbol).
This code uses __UNCONST to avoid the vast interface changes for this
special case.
(2) If symbols from a DSO loaded via dlopen are used with both
global-dynamic/local-dynamic and initial-exec relocations AND
a initial-exec relocation was resolved first in a thread, a split brain
situation could exist where the dynamic relocations would use one memory
block (separate allocation) and the initial-exec relocations the static
per-thread TLS space.
(3) If the initial-exec relocation in (2) is seen after any thread has
already used a GD/LD allocation, bail out. Since IE relocations are used
only in the GOT, this will prevent the dlopen. This is a bit more
aggressive than necessary, but a full blown reference counting doesn't
seem to be justified.
bits of hash. Unfortunately due to an implementation bu and the fact that
the return type is unsigned long which is 64 bits in LP64, this can fail
in some cases: "\xff\x0f\x0f\x0f\x0f\x0f\x12". See:
https://maskray.me/blog/2023-04-12-elf-hash-function
From Ed Maste @ FreeBSD:
https://cgit.freebsd.org/src/commit/\
?id=29e3a06510823edbb91667d21f530d3ec778116d
Need to write Unit Tests for this.
This ldscript is not needed and actually makes things worse by putting
everything in one LOAD section, which then needs to have rwx permission.
Remove it so that we get two LOAD sections with better permissions.
Fixes PR 57323.
We only need to ensure that there are no concurrent modifications to
the rtld data structures in flight, since the threads that began
those modifications will not exist in the child and will therefore be
unable to complete them in the child.
A shared lock suffices to ensure there are no such concurrent
modifications in flight; an exclusive lock is not necessary, and can
cause deadlock if fork is executed from a signal handler, which is
explicitly allowed by POSIX (and our own sigaction(2) man page) which
marks fork as async-signal-safe.
PR lib/56979
right value if they're called before _start. This is true of bash where
it provides its own getenv.
Part of port-hppa/56118: sporadic app crashes in HPPA -current
These are basic CAS-based locking primitives needing release and
acquire semantics, nothing fancy here -- except the membar_sync parts
which are questionable but not relevant to the present audit.
support for indirect functions was added. This fixes {init,fini}_array support
on hppa where each member of the array is (already) a plabel.
Discussed with joerg.
4 files changed, 29 insertions(+), 39 deletions(-)
: ----------------------------------------------------------------------
The use of membar_enter is to separate atomic r/m/w on a lock from
the body of the critical section so two different critical sections
happen in order:
body of previous critical section;
exit critical section:
membar_exit();
atomic_r/m/w(lock stuff);
enter critical section:
atomic_r/m/w(lock stuff);
membar_enter();
body of next critical section;
_rtld_shared_enter does this, but it _also_ issued an extraneous
membar_enter before the atomic_r/m/w part, which doesn't impose any
semantically important order but may cost some performance.
Changes:
- Add a new field r_ldbase in the r_debug struct.
- Set r_version to 1.
This harmonizes the support with OpenBSD and Linux.
FreeBSD uses version 0 (or no version).
Solaris uses version 2 that is not implemented elsewhere and relies on
SVR4 specific design and interfaces.
Update the code comments as r_debug and link_map is used by other software
than GDB, namely: sanitizers, rump, LLDB.
treat them like R_PPC_ADDR32
XXX
these relocs have been observed in the xf86-video-radeon driver, but only in
the AtomBios support code, which is unused on PowerPC. This allows the driver
to load but it's not clear if the affected parts would actually function.
riastradh