From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=MAILING_LIST_MULTI, RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 17574 invoked from network); 30 Nov 2022 15:12:54 -0000 Received: from second.openwall.net (193.110.157.125) by inbox.vuxu.org with ESMTPUTF8; 30 Nov 2022 15:12:54 -0000 Received: (qmail 20274 invoked by uid 550); 30 Nov 2022 15:12:49 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 20231 invoked from network); 30 Nov 2022 15:12:48 -0000 Date: Wed, 30 Nov 2022 10:12:35 -0500 From: Rich Felker To: Markus Wichmann Cc: musl@lists.openwall.com Message-ID: <20221130151234.GR29905@brightrain.aerifal.cx> References: <20221128194740.GA23755@voyager> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="NgG1H2o5aFKkgPy/" Content-Disposition: inline In-Reply-To: <20221128194740.GA23755@voyager> User-Agent: Mutt/1.5.21 (2010-09-15) Subject: Re: [musl] Invalid page size reference in __dls2 --NgG1H2o5aFKkgPy/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Nov 28, 2022 at 08:47:40PM +0100, Markus Wichmann wrote: > Hi all, > > __dls2 calls kernel_mapped_dso(), and that one uses the PAGE_SIZE macro. > Whenever does not define PAGESIZE, PAGE_SIZE is defined > as libc.page_size. That variable is only initialized at the start of > __dls3, so the DSO descriptor for libc ends up being wrong. > > Since the libc object has static storage duration, page_size is > initialized with zero. So at least nothing undefined happens. The impact > is, it will calculate the relro pointers as being zero, so no relro will > happen, and it will calculate maximum and minimum addresses as being > zero, therefore setting map to base and map_len to zero. This will cause > dladdr() not to find the libc. Yeah, not the biggest of impacts. > > This, again, affects all architectures that don't define PAGESIZE, so at > this time those are > > aarch64 > arm > m68k > microblaze > mips > mips64 > mipsn32 > powerpc > powerpc64 > riscv64 > > I don't know whether references to libc are even valid in __dls2, but it > is defined as "hidden", so that ought to be good enough. In that case it > may be enough to just move the initialization. Otherwise it may be > necessary to add page size as parameter to kernel_mapped_dso(). Then > __dls2 can look it up in the aux vector at its leisure. Nice catch. The references to libc are not valid in __dls2. If they were, I would just re-run kernel_mapped_dso() from __dls2b or something to get the right relro map, but I think instead we should do something like the attached. Rich --NgG1H2o5aFKkgPy/ Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="ldso_page_size.diff" diff --git a/ldso/dynlink.c b/ldso/dynlink.c index 8068fb37..fb13a7b1 100644 --- a/ldso/dynlink.c +++ b/ldso/dynlink.c @@ -21,9 +21,15 @@ #include #include "pthread_impl.h" #include "fork_impl.h" -#include "libc.h" #include "dynlink.h" +static size_t ldso_page_size; +#ifndef PAGE_SIZE +define PAGE_SIZE ldso_page_size; +#endif + +#include "libc.h" + #define malloc __libc_malloc #define calloc __libc_calloc #define realloc __libc_realloc @@ -1723,6 +1729,7 @@ hidden void __dls2(unsigned char *base, size_t *sp) ldso.phnum = ehdr->e_phnum; ldso.phdr = laddr(&ldso, ehdr->e_phoff); ldso.phentsize = ehdr->e_phentsize; + search_vec(auxv, &ldso_page_size, AT_PAGESZ); kernel_mapped_dso(&ldso); decode_dyn(&ldso); --NgG1H2o5aFKkgPy/--