From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/11420 Path: news.gmane.org!.POSTED!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: a possible need for MAP_FIXED in ldso/dynlink.c ? Date: Sat, 10 Jun 2017 08:26:10 -0400 Message-ID: <20170610122610.GQ1627@brightrain.aerifal.cx> References: <20170610105151.GG30784@example.net> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: blaine.gmane.org 1497097582 8686 195.159.176.226 (10 Jun 2017 12:26:22 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 10 Jun 2017 12:26:22 +0000 (UTC) User-Agent: Mutt/1.5.21 (2010-09-15) To: musl@lists.openwall.com Original-X-From: musl-return-11433-gllmg-musl=m.gmane.org@lists.openwall.com Sat Jun 10 14:26:19 2017 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by blaine.gmane.org with smtp (Exim 4.84_2) (envelope-from ) id 1dJfT9-000224-9r for gllmg-musl@m.gmane.org; Sat, 10 Jun 2017 14:26:19 +0200 Original-Received: (qmail 23574 invoked by uid 550); 10 Jun 2017 12:26:22 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 23553 invoked from network); 10 Jun 2017 12:26:22 -0000 Content-Disposition: inline In-Reply-To: <20170610105151.GG30784@example.net> Original-Sender: Rich Felker Xref: news.gmane.org gmane.linux.lib.musl.general:11420 Archived-At: On Sat, Jun 10, 2017 at 12:51:51PM +0200, u-uy74@aetey.se wrote: > Hello, > > Running musl-based (1.1.16) Linux binaries (i386) under Linux ABI > on FreeBSD (11.0-RELEASE amd64), with explicit use of the loader like > /..../libc.so --library-path > fails when mmap() returns a different address than requested > which is rejected by the musl loader when mapping the executable: > "Not a valid dynamic program", > due to: > map = .... > : mmap((void *)addr_min, map_len, prot, > MAP_PRIVATE, fd, off_start); > ... > /* If the loaded file is not relocatable and the requested address is > * not available, then the load operation must fail. */ > if (eh->e_type != ET_DYN && addr_min && map!=(void *)addr_min) { > errno = EBUSY; > goto error; > ... > > mmap() returning a different address does not necessarily mean that > the requested one is not available. > > I wonder whether adding MAP_FIXED to MAP_PRIVATE above would be a > useful approach (conditionally on eh->e_type==ET_EXEC ?). > > Adding the MAP_FIXED flag, both conditionally or not, seems to work > around the particular problem but I am unsure about all its implications > and consequences, among others under the current Linux implementation > of the Lunux ABI. Use of MAP_FIXED with a memory range you don't already own is an invalid and unsafe operation. You may end up mapping over top of yourself, even. Implementations should honor the requested address passed to mmap and only fail to provide it if it's already in use. Basically MAP_FIXED is analogous to dup2, and mmap with a preferred address but no MAP_FIXED is analogous to fcntl F_DUPFD. Breaking the latter is popular among security snakeoil products but really has no benefits, since applications that don't have a reason for requesting a particular address should, and do, pass 0 as the request. Rich