[PATCH v5 18/22] elf: Issue la_symbind() for bind-now (BZ #23734)

Mon Nov 15 14:20:13 GMT 2021

On 11/11/2021 14:39, Florian Weimer wrote:
> * Adhemerval Zanella:
> 
>> The audit callback is not called for binaries built with -Wl,-z,now or
>> when LD_BIND_NOW=1 is used.  The PLT tracking callbacks are still not
>> issue for such case, since this will would change the expected program
>> semantic (where no PTL is expected) and also yield performance
>> implications (such as for BZ#15533).
>>
>> To handle powerpc64 ELFv1 function descriptor, _dl_audit_symbind()
>> requires to know whether bind-now is used so the symbol value is
>> updated to function text segment instead of the ODP (for lazy binding
>> this is done by PPC64_LOAD_FUNCPTR on _dl_runtime_resolve).
> 
> Typo: OPD (I think)
>

Ack.

> This needs updates to sysdeps/hppa/dl-lookupcfg.h and
> sysdeps/ia64/dl-lookupcfg.h as well.  Presently these two targets fail
> to build.

I have fixed and also tested on ia64 (which leads to some fixed on
other new audit tests). I am still figuring out why hppa fails.

> 
>> diff --git a/elf/dl-audit.c b/elf/dl-audit.c
>> index c3569cb357..4540d93913 100644
>> --- a/elf/dl-audit.c
>> +++ b/elf/dl-audit.c
>> @@ -190,7 +190,7 @@ rtld_hidden_def (_dl_audit_symbind_alt)
>>  void
>>  _dl_audit_symbind (struct link_map *l, struct reloc_result *reloc_result,
>>  		   const ElfW(Sym) *defsym, DL_FIXUP_VALUE_TYPE *value,
>> -		   lookup_t result)
>> +		   lookup_t result, bool bindnow)
>>  {
>>    reloc_result->bound = result;
>>    /* Compute index of the symbol entry in the symbol table of the DSO with the
>> @@ -238,7 +238,8 @@ _dl_audit_symbind (struct link_map *l, struct reloc_result *reloc_result,
>>  	      if (new_value != (uintptr_t) sym.st_value)
>>  		{
>>  		  flags |= LA_SYMB_ALTVALUE;
>> -		  sym.st_value = new_value;
>> +		  sym.st_value = bindnow
>> +		    ? DL_FIXUP_BINDNOW_ADDR_VALUE (new_value) : new_value;
>>  		}
>>  	    }
> 
> I think if PLT enter/exit hooks are not available, we should set
> LA_SYMB_NOPLTENTER | LA_SYMB_NOPLTEXIT in flags before calling the
> symbind callback.

It does make sense indeed.

> 
> I find DL_FIXUP_BINDNOW_ADDR_VALUE very confusing.  Why is it safe to
> extract just the code address from the function descriptor?

That's my understanding because at this point st.st_value points to code
address, not OPD address.

> 
> In the future, I want to call symbind for all symbol bindings.
> Basically, I want to remove
> 
>> +	      if (ELFW(R_TYPE) (r->r_info) == ELF_MACHINE_JMP_SLOT
> 
> eventually, and add symbind callbacks for dlsym lookups.  Hopefully we
> can make these changes compatible.

I think we will need still handle powerpc64 ELFv1 OPD, but I think it should
be feasible.