This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Copy relocations against protected symbols
- From: Alan Modra <amodra at gmail dot com>
- To: "H.J. Lu" <hjl dot tools at gmail dot com>
- Cc: Cary Coutant <ccoutant at google dot com>, Binutils <binutils at sourceware dot org>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Fri, 19 Dec 2014 13:40:25 +1030
- Subject: Re: Copy relocations against protected symbols
- Authentication-results: sourceware.org; auth=none
- References: <CAMe9rOoJ-0ER8VAckjZyLwdgGJFeQBfri+d+NY81WozizTnCQw at mail dot gmail dot com> <20141218221354 dot GA31055 at bubble dot grove dot modra dot org> <CAMe9rOoa=V+PEUx_+x_PGiAXFhGRPW9vTRSjLpOJ1YYAUcM=XA at mail dot gmail dot com>
On Thu, Dec 18, 2014 at 03:06:14PM -0800, H.J. Lu wrote:
> On Thu, Dec 18, 2014 at 2:13 PM, Alan Modra <amodra@gmail.com> wrote:
> > On Thu, Dec 18, 2014 at 11:02:59AM -0800, H.J. Lu wrote:
> >> Adding glibc.
> >>
> >> On Thu, Dec 18, 2014 at 10:52 AM, Cary Coutant <ccoutant@google.com> wrote:
> >> >> Should we simply disallow creating DSO with protected data on targets
> >> >> with copy relocation?
> >> >
> >> > I don't think so. Protected symbols are useful, and their presence
> >>
> >> As soon as they are used in executable, the program will misbehave.
> >
> > Not if the references in the executable are in code compiled with
> > -fPIC. I agree with Cary, disallowing protected visibility variables
>
> It only works with -fPIC, not -fPIE when GCC 5 is used:
>
> https://gcc.gnu.org/ml/gcc-patches/2014-12/msg00428.html
That optimisation may not be such a good idea. What you gain in an
executable by using .dynbss, you lose in a shared library by not being
able to use protected visibility. So for hot variables accessed
mostly by a shared library you'd want to turn this optimisation off.
> Are we suggesting we should compile PIE with -fPIC now?
No, that would lose other optimisations as well.
> > in shared libraries, or disabling the compiler optimisation that
> > allows shared library code to access protected variables without a GOT
> > indirection, is too big a hammer.
--
Alan Modra
Australia Development Lab, IBM