Commit Graph

755 Commits

Author SHA1 Message Date
emaste
33a9dab77f Add WITH_PIE knob to build Position Independent Executables
Building binaries as PIE allows the executable itself to be loaded at a
random address when ASLR is enabled (not just its shared libraries).

With this change PIE objects have a .pieo extension and INTERNALLIB
libraries libXXX_pie.a.

MK_PIE is disabled for some kerberos5 tools, Clang, and Subversion, as
they explicitly reference .a libraries in their Makefiles.  These can
be addressed on an individual basis later.  MK_PIE is also disabled for
rtld-elf because it is already position-independent using bespoke
Makefile rules.

Currently only dynamically linked binaries will be built as PIE.

Discussed with:	dim
Reviewed by:	kib
MFC after:	1 month
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18423
2019-02-15 22:22:38 +00:00
vangyzen
388de14948 rtld: pacify -Wmaybe-uninitialized from gcc6
Sponsored by:	Dell EMC Isilon
2019-02-01 23:16:59 +00:00
kib
00ad846ae4 Rename rtld-elf/malloc.c to rtld-elf/rtld_malloc.c.
Then malloc.c file name is too generic to use it for libthr.a.

Sponsored by:	The FreeBSD Foundation
MFC after:	13 days
2019-01-30 16:28:27 +00:00
kib
949bf85901 Add header file missed in r343564.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D18988
2019-01-29 22:45:24 +00:00
kib
e50de39a98 Adjust posix symbols from rtld-elf/malloc.c with the __crt_ prefix.
This allows to reuse the allocator in other environments that get
malloc(3) and related functions from libc or interposer.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D18988
2019-01-29 22:40:42 +00:00
kib
42ffd5f945 Remove now redundand ifunc relocation code which should have been
removed as part of r341441.

This call to reloc_non_plt() may crash if ifunc resolvers use the
needed libraries symbols since the pass over the needed libs
relocation is not yet done.  The change in r341441 ensures the right
relocation order otherwise.

Submitted by:	theraven
MFC after:	1 week
Discussed in:	https://reviews.freebsd.org/D17529
2019-01-27 00:37:52 +00:00
des
822f8baa4c Revert r343093 until I can address the issues raised by kib@. 2019-01-17 16:50:50 +00:00
des
776282ee21 Implement dlopenat(3).
MFC after:	3 weeks
2019-01-16 12:12:40 +00:00
jhibbits
34bac9a05e Fix rtld-elf compilation warning for powerpc64 ELFv2 ABI
Summary: reloc_jmpslot function parameter 'defobj' is not used when using ELFv2
ABI

Submitted by:	alfredo.junior_eldorado.org.br
Reviewed By: kib, git_bdragon.rtk0.net, emaste, jhibbits
Differential Revision: https://reviews.freebsd.org/D18808
2019-01-13 02:33:20 +00:00
jhibbits
d6cbcdd4c0 rtld-elf: Fix powerpc64 TLS handling, matching powerpc's fix
We need to subtract the TLS_TCB_SIZE to get to the real data pointer, since
r13 points to the end of the TCB structure.  Prior to this, devel/protobuf-c
port broke with recent update to devel/protobuf, which exposed this issue.

Submitted by:	andreast
Reported by:	Piotr Kubaj
MFC after:	1 week
2019-01-01 20:12:58 +00:00
mmel
4a03477e31 Improve R_AARCH64_TLSDESC relocation.
The original code did not support dynamically loaded libraries and used
suboptimal access to TLS variables.
New implementation removes lazy resolving of TLS relocation - due to flaw
in TLSDESC design is impossible to switch resolver function at runtime
without expensive locking.

Due to this, 3 specialized resolvers are implemented:
 - load time resolver for TLS relocation from libraries loaded with main
   executable (thus with known TLS offset).
 - resolver for undefined thread weak symbols.
 - slower lazy resolver for dynamically loaded libraries with fast path for
   already resolved symbols.

PR:		228892, 232149, 233204, 232311
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18417
2018-12-15 10:38:07 +00:00
mmel
73763781e7 Implement R_AARCH64_TLS_DTPMOD64 and A_AARCH64_TLS_DTPREL64 relocations.
Although these are slightly obsolete in favor of R_AARCH64_TLSDESC,
gcc -mtls-dialect=trad still use them.

Please note that definition of TLS_DTPMOD64 and TLS_DTPREL64 are incorrectly
exchanged in GNU binutils. TLS_DTPREL64 should be encoded to 1028 (as is
defined in ARM ELF ABI) but binutils encode it to 1029. And vice versa,
TLS_DTPMOD64 should be encoded to 1029 but binutils encode it to 1028.

While I'm in, add also R_AARCH64_NONE. It can be produced as result of linker
relaxation.

MFC after:	1 week
2018-12-08 14:58:17 +00:00
mmel
0275a9632c Tidy up arm64 reloc_jmpslots() implementation.
- don't relocate jump slots multiple times (if LD_BIND_NOW is defined).
- process only R_AARCH64_JUMP_SLOT here, other relocation types are handled
  by reloc_plt().

MFC after:	1 week
2018-12-05 10:30:53 +00:00
mmel
d2e12e4129 Implement arm64 version of __tls_get_addr().
MFC after:	1 week
2018-12-05 10:23:38 +00:00
mmel
90d0da9858 Fix style(9).
Not a functional change.

MFC after:	1 week
2018-12-05 10:22:14 +00:00
kib
afa4092620 Some fixes for LD_BIND_NOW + ifuncs.
- Do not perform ifunc relocations together with other PLT relocations
  in PLT.  Instead, do it during an additional pass over the init
  list, so that ifuncs are resolved in the order of dso
  dependencies. This allows the ifuncs resolvers to call into depended
  libs.  Init list now includes all objects instead of only objects
  with init/fini callables.
- Disable relro protection around bind_now ifunc relocations.

I considered calling ifunc resolvers of dso after initializers of all
dependencies are processed, and decided that this is wrong/should not
be supported. The order now is normal relocations for all
objects->ifunc resolution in init order->initializers, where each step
does complete pass over all loaded objects before moving to the next
step.

Reported, tested and reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D18400
2018-12-03 20:03:43 +00:00
kib
f76ddef342 Provide naive but self-contained implementations of memset(3) and
bzero(3) for rtld.

This again reduces rtld dependency on libc, and in future, avoid ifunc
relocations when the functions are converted to ifuncs in libc.

Reported by:	mjg
Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D18400
2018-12-03 19:55:55 +00:00
emaste
4b8684b1a7 disable BIND_NOW in libc, libthr, and rtld
An issue remains with BIND_NOW and processes using threads.  For now,
restore libc's BIND_NOW disable, and also disable BIND_NOW in rtld and
libthr.

A patch is in review (D18400) that likely fixes this issue, but just
disable BIND_NOW pending further testing after it is committed.

PR:		233333
Sponsored by:	The FreeBSD Foundation
2018-12-03 15:59:46 +00:00
kib
eaf760e402 rtld: parse FreeBSD Feature Control note on the object load.
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2018-11-23 22:37:35 +00:00
cem
5ba01d2430 Revert r340843 - addressed independently in r340842! 2018-11-23 18:27:16 +00:00
cem
52b184fd16 rtld: Silence a false positive GCC 6.4.0 warning
The function reloc_non_plt has complicated variable lifetimes that GCC 6.4.0
(the version currently used by amd64-xtoolchain-gcc) misunderstands and
produces an erroneous warning about.  Silence it to allow the -Werror build
to proceed.

Reviewed by:	emaste
2018-11-23 18:23:29 +00:00
kib
61fe5f31f1 Silence gcc warnings.
Reported by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2018-11-23 18:15:23 +00:00
kib
9593615a0c rtld: when immediate bind mode is requested, process irelocs in PLT
immediately after other PLT relocs.

Otherwise, if the object has relro page, we write to readonly page,
and we would need to use mprotect(2) two more times to fix it.  Note
that resolve_object_ifunc() does nothing when called second time, so
there is no need to avoid existing call.

Reported and tested by:	emaste
PR:	233333
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-11-20 14:52:43 +00:00
arichardson
cd8fbf39d6 Handle the DT_MIPS_RLD_MAP_REL dynamic tag in RTLD
This dynamic tag contains the location of the .rld_map section relative to
the location of the dynamic tag. For PIE MIPS binaries DT_MIPS_RLD_MAP can
not be used since it contains an absolute address. Without this change
GDB can not find the function program counters in other libraries and once
I apply this change I can successfully run info sharedlibraries again.

Reviewed By:	kib
Differential Revision: https://reviews.freebsd.org/D17867
2018-11-07 15:04:41 +00:00
emaste
04e0acd935 rtld: move relro enforcement after ifunc processing
Previously the combination of relro (implicit), -z now and ifunc use
resulted in a segfault when applying ifuncs after relro (test binary
here just calls amd64_get_fsbase()):

| % env LD_DEBUG=1 libexec/rtld-elf/obj/ld-elf.so.1 a.out
| ...
| enforcing main obj relro
| ...
| resolving ifuncs
| reloc_jmpslot: *0x203198 = 0x189368ea4570
| zsh: bus error (core dumped)  LD_DEBUG=1 obj/ld-elf.so.1 ~/a.out

Reported by:	Shawn Webb
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
2018-11-04 19:21:12 +00:00
kib
cafa79dcef Remove Obj_Entry textsize member.
It is unused after r340102, and more important, I do not see how to
define textsize in both practically useful and correct way, for binaries
with more that one executable segments.

Sponsored by:	The FreeBSD Foundation
2018-11-04 00:32:28 +00:00
kib
5b944b1c03 Flush data cache for executable loadable segments explicitly.
Do not use textsize and do not flush everything between map base and
base + textsize, because unmapped areas cannot be flushed.

This makes Obj_Entry textsize only use go away, and I will remove it
later.

Reported by:	tuexen
Tested by:	Mark Millard <marklmi26-fbsd@yahoo.com>
Sponsored by:	The FreeBSD Foundation
2018-11-03 20:39:16 +00:00
kib
1387551a9c Remove rtld use of libc amd64_set_fsbase().
One less non-trivial dependency of rtld on libc.  Also,
amd64_set_fsbase() is to be converted to ifunc, which I do not want to
support inside rtld.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-10-29 23:59:26 +00:00
kib
8e7496aa64 Initialize ifunc calling machinery earlier.
In particular, do it before the first call to allocate_initial_tls(),
which contains MD parts to set the initial thread' TLS pointer.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-10-29 23:56:39 +00:00
arichardson
17d3c0ce4c rtld-elf: fix more warnings to allow compiling with WARNS=6
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17154
2018-10-29 21:08:28 +00:00
arichardson
b885decb3c rtld-elf: compile with WANRS=4 warnings other than -Wcast-align
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17153
2018-10-29 21:08:19 +00:00
arichardson
ea67da5f83 rtld-elf: make it compile with WARNS=3
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17150
2018-10-29 21:08:11 +00:00
arichardson
4a1080a9d3 rtld: set obj->textsize correctly
With lld-generated binaries the first PT_LOAD will usually be a read-only
segment unless you pass --no-rosegment. For those binaries the textsize is
determined by the next PT_LOAD. To allow both LLD and bfd 2.17 binaries to
be parsed correctly use the end of the last PT_LOAD that is marked as
executable instead.

I noticed that the value was wrong while adding some debug prints for some rtld
changes for CHERI binaries. `obj->textsize` only seems to be used by PPC so the
effect is untested. However, the value before was definitely wrong and the new
result matches the phdrs.

Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17117
2018-10-29 21:08:02 +00:00
andreast
a195c2356b This commit reverts 338930. The approach was wrong.
Fix the issue with subtracting the TLS_TCB_SIZE too when we are trying to get
the 'where' in the R_PPC_TPREL32 case. At allocation time we added an offset
and the TLS_TCB_SIZE. This has to be subtracted as well.

Now all the issues reported are fixed. Tests were done on G4 and G5 PowerMac's.
Additionally I ran the tls tests from the gcc test suite and made sure the
results are as good as pre 338486.

Thanks to tuexen for reporting the malfunction and for patient testing.
Also testing thanks goes to jhibbits.

Reported by:	tuexen
Discussed with:	jhibbits, nwhitehorn
Approved by:	re (gjb)
Pointyhat to:	andreast
2018-10-01 18:46:35 +00:00
andrew
c148541690 Add STT_GNU_IFUNC and R_AARCH64_IRELATIVE support on arm64.
This is based on the amd64 implementation. Support for both PLT and
non-PLT (e.g. a global variable initilised with a pointer to an ifunc)
cases are supported.

We don't pass anything to the resolver as it is expected they will read
the ID registers directly, with the number of registers with CPU info
likely to increase in the future.

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17341
2018-10-01 14:02:29 +00:00
kib
5982fcac46 Provide refobj context when doing libmap substitution inside
search_library_path().

This corrects the scope of libmap matches.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:28:14 +00:00
kib
9593a6d4aa When doing lm_add(), check for duplicates.
This is useful when lm_find() moves the match to the global mapping,
since lm_find() could be called with a same path more than once.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:27:08 +00:00
andreast
bbfa8d7720 Bring the 32-bit powerpc (PowerMac) back to live. The commit 338486 reworked
some TLS bits. This broke operation on the PowerMac. Namely one could not login.
At login the screen/shell was giving back lots of backslashes and the login
shell dumped core.

The fix to this issue is to revert the powerpc commit from 338486 and to
increase the TLS_TCB_SIZE to 16.
Reverting only did not help, login was possible but userland applications
aborted with strange messages.

I tested this patch with world/kernel builds and with port upgrades.
Additionally a full gcc8 bootstrap was successfully completed.

Reviewed by: jhibbits@
Approved by: re (Glen)
2018-09-25 19:29:35 +00:00
brd
eb92ef0b12 Move libmap.conf to libexec/rtld-elf/
This leverages CONFS to handle the config file install.

Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D17161
2018-09-18 00:25:00 +00:00
brooks
ad8dc1e97b Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

This was previously commited as r337978 and reverted in r338149 due to
exposing a bug the ARM rtld.  This bug was fixed in r338317 by mmel.

Submitted by:	James Clarke
Approved by:	re (kib)
Reviewed by:	kbowling
Testing by:	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-09-05 23:23:16 +00:00
kib
ae9e5bc0c3 Style cleanup. No functional changes.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Approved by:    re (rgrimes)
2018-09-02 15:42:37 +00:00
mmel
58ecd611cd Fix wrong offset calculation for R_ARM_TLS_TPOFF32 relocations.
TLS_TCB_SIZE is already accounted in defobj-> tlsoffset so all these symbols
were incorrectly relocated by +8.

Note:
The only consumer (for all binaries on my ARM board) of R_ARM_TLS_TPOFF32
relocation is _ThreadRuneLocale variable. And the incorrectly relocated
ThreadRuneLocale accidentally pointed to zeroed memory before memory layout
change from D16510 had changed status quo.

MFC after:	3 weeks
Reviewed by:	imp, jhb
Approved by:	re (marius)
2018-08-25 16:54:37 +00:00
brooks
d47030f7df Revert r337978: Rework rtld's TLS Variant I implementation to match r326794
Michal Meloun reports that it breaks ctype (isspace()..) related
functions on armv7 so back out while we diagnose the issue.

Reported by:	Michal Meloun <melounmichal@gmail.com>
2018-08-21 18:22:12 +00:00
brooks
214c1ab8d7 Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

Submitted by:	James Clarke
Reviewed by:	kbowling
Testing byL	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-08-17 16:19:47 +00:00
br
3b2642649d Save and restore floating-point arguments.
Sponsored by:	DARPA, AFRL
2018-08-02 12:21:39 +00:00
trasz
8d28f4cb0f Fix regression tests broken by r337067.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-02 11:55:16 +00:00
trasz
bc0d1a1d0e Make sure the rtld(1) error messages go to stderr, not stdout.
While here fix capitalization of a few nearby strings, add the
rtld's file name prefix so it's obvious where the message come
from, and return zero when "-h" is used.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16530
2018-08-02 07:43:28 +00:00
kib
c856dc5dce Make rtld use libc_nossp_pic.a. Remove SSP shims.
Submitted by:	Luis Pires
Reviewed by:	brooks
Differential revision:	https://reviews.freebsd.org/D15341
2018-05-09 10:30:56 +00:00
mmel
bd14553bb6 Make rtld_bind_start() debugger friendly.
Save link register and annotate call frame structure so debugger can unwind
call frame created by rtld_bind_start().

MFC after:	2 weeks
2018-02-27 15:35:11 +00:00
marius
d9ac9c210e o Let rtld(1) set up psABI user trap handlers prior to executing the
objects' init functions instead of doing the setup via a constructor
  in libc as the init functions may already depend on these handlers
  to be in place. This gets us rid of:
  - the undefined order in which libc constructors as __guard_setup()
    and jemalloc_constructor() are executed WRT __sparc_utrap_setup(),
  - the requirement to link libc last so __sparc_utrap_setup() gets
    called prior to constructors in other libraries (see r122883).
  For static binaries, crt1.o still sets up the user trap handlers.
o Move misplaced prototypes for MD functions in to the MD prototype
  section of rtld.h.
o Sprinkle nitems().
2018-02-03 23:14:11 +00:00