[PATCH v4 3/5] Add GLIBC_ABI_DT_RELR for DT_RELR support

H.J. Lu hjl.tools@gmail.com
Tue Mar 1 22:33:31 GMT 2022


On Tue, Mar 1, 2022 at 11:31 AM Fangrui Song <maskray@google.com> wrote:
>
> On 2022-03-01, H.J. Lu wrote:
> >The EI_ABIVERSION field of the ELF header in executables and shared
> >libraries can be bumped to indicate the minimum ABI requirement on the
> >dynamic linker.  However, EI_ABIVERSION in executables isn't checked by
> >the Linux kernel ELF loader nor the existing dynamic linker.  Executables
> >will crash mysteriously if the dynamic linker doesn't support the ABI
> >features required by the EI_ABIVERSION field.  The dynamic linker should
> >be changed to check EI_ABIVERSION in executables.
> >
> >Add a glibc version, GLIBC_ABI_DT_RELR, to indicate DT_RELR support so
> >that the existing dynamic linkers will issue an error on executables with
> >GLIBC_ABI_DT_RELR dependency.  Issue an error if there is a DT_RELR entry
> >without GLIBC_ABI_DT_RELR dependency nor GLIBC_PRIVATE definition.
> >
> >Support __placeholder_only_for_empty_version_map as the placeholder symbol
> >used only for empty version map to generate GLIBC_ABI_DT_RELR without any
> >symbols.
> >---
> > elf/Makefile             | 16 ++++++++++++++--
> > elf/Versions             |  5 +++++
> > elf/dl-version.c         | 33 +++++++++++++++++++++++++++++++--
> > elf/libc-abi-version.exp |  1 +
> > include/link.h           |  6 ++++++
> > scripts/abilist.awk      |  2 ++
> > scripts/versions.awk     |  7 ++++++-
> > 7 files changed, 65 insertions(+), 5 deletions(-)
> > create mode 100644 elf/libc-abi-version.exp
> >
> >diff --git a/elf/Makefile b/elf/Makefile
> >index fd462ba315..f533d377fd 100644
> >--- a/elf/Makefile
> >+++ b/elf/Makefile
> >@@ -1113,8 +1113,10 @@ $(eval $(call include_dsosort_tests,dso-sort-tests-1.def))
> > $(eval $(call include_dsosort_tests,dso-sort-tests-2.def))
> > endif
> >
> >-check-abi: $(objpfx)check-abi-ld.out
> >-tests-special += $(objpfx)check-abi-ld.out
> >+check-abi: $(objpfx)check-abi-ld.out \
> >+         $(objpfx)check-abi-version-libc.out
> >+tests-special += $(objpfx)check-abi-ld.out \
> >+         $(objpfx)check-abi-version-libc.out
> > update-abi: update-abi-ld
> > update-all-abi: update-all-abi-ld
> >
> >@@ -2739,3 +2741,13 @@ $(objpfx)check-tst-relr-pie.out: $(objpfx)tst-relr-pie
> >               | sed -ne '/required from libc.so/,$$ p' \
> >               | grep GLIBC_ABI_DT_RELR > $@; \
> >       $(evaluate-test)
> >+
> >+$(objpfx)check-abi-version-libc.out: libc-abi-version.exp \
> >+  $(objpfx)libc.symlist-abi-version
> >+      cmp $^ > $@; \
> >+      $(evaluate-test)
> >+
> >+$(objpfx)libc.symlist-abi-version: $(common-objpfx)libc.so
> >+      LC_ALL=C $(OBJDUMP) --dynamic-syms $< | grep " GLIBC_ABI_" \
> >+              | sed "s/0\+/00000000/g;s/[ \t]\+/ /g" > $@T
> >+      mv -f $@T $@
>
> As just mentioned on https://sourceware.org/pipermail/libc-alpha/2022-March/136764.html ,
> perhaps use something like $(READELF) -V $< | grep GLIBC_ABI_DT_RELR
>
>
> % nm -D a/glibc
>                   U stat@GLIBC_2.33
> % objdump --dynamic-syms a/glibc
>
> a/glibc:     file format elf64-x86-64
>
> DYNAMIC SYMBOL TABLE:
> 0000000000000000      D  *UND*  0000000000000000 (GLIBC_2.33) stat

It is easier to run cmp on "objdump --dynamic-syms" outputs on
different targets.

>
> % readelf -V a/glibc
>
> Version symbols section '.gnu.version' contains 2 entries:
>   Addr: 0x0000000000000230  Offset: 0x000230  Link: 1 (.dynsym)
>    000:   0 (*local*)       2 (GLIBC_2.33)
>
> Version needs section '.gnu.version_r' contains 1 entry:
>   Addr: 0x0000000000000234  Offset: 0x000234  Link: 6 (.dynstr)
>    000000: Version: 1  File: libc.so.6  Cnt: 2
>    0x0010:   Name: GLIBC_2.33  Flags: none  Version: 2
>    0x0020:   Name: GLIBC_ABI_DT_RELR  Flags: none  Version: 3
>
>
> Is there a static pie test? A static pie has DT_RELR but does not have verneed.

If linker supports DT_RELR, static PIE programs and tests will have
DT_RELR.  They will be tested.

> >diff --git a/elf/Versions b/elf/Versions
> >index 8bed855d8c..a9ff278de7 100644
> >--- a/elf/Versions
> >+++ b/elf/Versions
> >@@ -23,6 +23,11 @@ libc {
> >   GLIBC_2.35 {
> >     _dl_find_object;
> >   }
> >+  GLIBC_ABI_DT_RELR {
> >+    # This symbol is used only for empty version map and will be removed
> >+    # by scripts/versions.awk.
> >+    __placeholder_only_for_empty_version_map;
> >+  }
> >   GLIBC_PRIVATE {
> >     # functions used in other libraries
> >     __libc_early_init;
> >diff --git a/elf/dl-version.c b/elf/dl-version.c
> >index b47bd91727..720ec596a5 100644
> >--- a/elf/dl-version.c
> >+++ b/elf/dl-version.c
> >@@ -214,12 +214,20 @@ _dl_check_map_versions (struct link_map *map, int verbose, int trace_mode)
> >             while (1)
> >               {
> >                 /* Match the symbol.  */
> >+                const char *string = strtab + aux->vna_name;
> >                 result |= match_symbol (DSO_FILENAME (map->l_name),
> >                                         map->l_ns, aux->vna_hash,
> >-                                        strtab + aux->vna_name,
> >-                                        needed->l_real, verbose,
> >+                                        string, needed->l_real, verbose,
> >                                         aux->vna_flags & VER_FLG_WEAK);
> >
> >+                if (map->l_abi_version == lav_none
> >+                    /* 0xfd0e42: _dl_elf_hash ("GLIBC_ABI_DT_RELR").  */
> >+                    && aux->vna_hash == 0xfd0e42
> >+                    && __glibc_likely (strcmp (string,
> >+                                               "GLIBC_ABI_DT_RELR")
> >+                                       == 0))
> >+                  map->l_abi_version = lav_dt_relr_ref;
> >+
> >                 /* Compare the version index.  */
> >                 if ((unsigned int) (aux->vna_other & 0x7fff) > ndx_high)
> >                   ndx_high = aux->vna_other & 0x7fff;
> >@@ -253,6 +261,16 @@ _dl_check_map_versions (struct link_map *map, int verbose, int trace_mode)
> >       ent = (ElfW(Verdef) *) (map->l_addr + def->d_un.d_ptr);
> >       while (1)
> >       {
> >+        /* 0x0963cf85: _dl_elf_hash ("GLIBC_PRIVATE").  */
> >+        if (ent->vd_hash == 0x0963cf85)
> >+          {
> >+            ElfW(Verdaux) *aux = (ElfW(Verdaux) *) ((char *) ent
> >+                                                    + ent->vd_aux);
> >+            if (__glibc_likely (strcmp ("GLIBC_PRIVATE",
> >+                                        strtab + aux->vda_name) == 0))
> >+              map->l_abi_version = lav_private_def;
> >+          }
> >+
> >         if ((unsigned int) (ent->vd_ndx & 0x7fff) > ndx_high)
> >           ndx_high = ent->vd_ndx & 0x7fff;
> >
> >@@ -352,6 +370,17 @@ _dl_check_map_versions (struct link_map *map, int verbose, int trace_mode)
> >       }
> >     }
> >
> >+  /* Issue an error if there is a DT_RELR entry without GLIBC_ABI_DT_RELR
> >+     dependency nor GLIBC_PRIVATE definition.  */
> >+  if (map->l_info[DT_RELR] != NULL
> >+      && __glibc_unlikely (map->l_abi_version == lav_none))
> >+    {
> >+      _dl_exception_create
> >+      (&exception, DSO_FILENAME (map->l_name),
> >+       N_("DT_RELR without GLIBC_ABI_DT_RELR dependency"));
> >+      goto call_error;
> >+    }
> >+
> >   return result;
> > }
> >
> >diff --git a/elf/libc-abi-version.exp b/elf/libc-abi-version.exp
> >new file mode 100644
> >index 0000000000..ff8506b3ba
> >--- /dev/null
> >+++ b/elf/libc-abi-version.exp
> >@@ -0,0 +1 @@
> >+00000000 g DO *ABS* 00000000 GLIBC_ABI_DT_RELR GLIBC_ABI_DT_RELR
> >diff --git a/include/link.h b/include/link.h
> >index 03db14c7b0..8ec5e35cf2 100644
> >--- a/include/link.h
> >+++ b/include/link.h
> >@@ -177,6 +177,12 @@ struct link_map
> >       lt_library,             /* Library needed by main executable.  */
> >       lt_loaded               /* Extra run-time loaded shared object.  */
> >       } l_type:2;
> >+    enum                      /* ABI dependency of this object.  */
> >+      {
> >+      lav_none,               /* No ABI dependency.  */
> >+      lav_dt_relr_ref,        /* Need GLIBC_ABI_DT_RELR.  */
> >+      lav_private_def         /* Define GLIBC_PRIVATE.  */
> >+      } l_abi_version:2;
> >     unsigned int l_relocated:1;       /* Nonzero if object's relocations done.  */
> >     unsigned int l_init_called:1; /* Nonzero if DT_INIT function called.  */
> >     unsigned int l_global:1;  /* Nonzero if object in _dl_global_scope.  */
> >diff --git a/scripts/abilist.awk b/scripts/abilist.awk
> >index 24a34ccbed..6cc7af6ac8 100644
> >--- a/scripts/abilist.awk
> >+++ b/scripts/abilist.awk
> >@@ -55,6 +55,8 @@ $2 == "g" || $2 == "w" && (NF == 7 || NF == 8) {
> >   # caused STV_HIDDEN symbols to appear in .dynsym, though that is useless.
> >   if (NF > 7 && $7 == ".hidden") next;
> >
> >+  if (version ~ /^GLIBC_ABI_/ && !include_abi_version) next;
> >+
> >   if (version == "GLIBC_PRIVATE" && !include_private) next;
> >
> >   desc = "";
> >diff --git a/scripts/versions.awk b/scripts/versions.awk
> >index 357ad1355e..d70b07bd1a 100644
> >--- a/scripts/versions.awk
> >+++ b/scripts/versions.awk
> >@@ -185,8 +185,13 @@ END {
> >       closeversion(oldver, veryoldver);
> >       veryoldver = oldver;
> >       }
> >-      printf("%s {\n  global:\n", $2) > outfile;
> >       oldver = $2;
> >+      # Skip the placeholder symbol used only for empty version map.
> >+      if ($3 == "__placeholder_only_for_empty_version_map;") {
> >+      printf("%s {\n", $2) > outfile;
> >+      continue;
> >+      }
> >+      printf("%s {\n  global:\n", $2) > outfile;
> >     }
> >     printf("   ") > outfile;
> >     for (n = 3; n <= NF; ++n) {
> >--
> >2.35.1
> >



-- 
H.J.


More information about the Libc-alpha mailing list