[AArch64] When DF_BIND_NOW don't use TLSDESC GOT value.

Message ID 20190329185819.GA32230@arm.com
State New
Headers show
Series
  • [AArch64] When DF_BIND_NOW don't use TLSDESC GOT value.
Related show

Commit Message

Tamar Christina March 29, 2019, 6:58 p.m.
Hi All,

When using DF_BIND_NOW on AArch64 we don't reserve the GOT slot for a TLSDESC,
but we still emitted DT_TLSDESC_GOT and DT_TLSDESC_PLT.  This caused random
memory corruption as the "special" value of (bfd_vma)-1 would be set for
dt_tlsdesc_got.

Since we don't have a value of dt_tlsdesc_got I also don't emit DT_TLSDESC_PLT
now becuase it would point to an incomplete PLT. To be able to write the PLT
entry DT_TLSDESC_GOT is needed and since we don't have one we can't write the
PLT entry either.

It is my understanding that GLIBC doesn't need these two entries when not lazy
loading.  Conversely AArch32 does not reserve neither the GOT not the PLT slot
when doing DF_BIND_NOW.

AArch32 does not need these checks because these values are initialized to 0
and so the if (...) checks don't pass, but on AArch64 these are initialized
to (bfd_vma)-1 and thus we need some extra checks.

build on native hardware and regtested on
  aarch64-none-elf, aarch64-none-elf (32 bit host),
  aarch64-none-linux-gnu, aarch64-none-linux-gnu (32 bit host)

Cross-compiled and regtested on
  aarch64-none-linux-gnu, aarch64_be-none-linux-gnu

and no issues, also fixes 3 other linker testcases.

Ok for master? and for backport to binutils-2.32?

Thanks,
Tamar

bfd/ChangeLog:

2019-03-29  Tamar Christina  <tamar.christina@arm.com>

	PR ld/24302
	* elfnn-aarch64.c (elfNN_aarch64_size_dynamic_sections): Don't emit
	DT_TLSDESC_GOT and DT_TLSDESC_PLT when DF_BIND_NOW.
	(elfNN_aarch64_finish_dynamic_sections): Don't write PLT if DF_BIND_NOW.

ld/ChangeLog:

2019-03-29  Tamar Christina  <tamar.christina@arm.com>

	PR ld/24302
	* testsuite/ld-aarch64/aarch64-elf.exp: Add new test.
	* testsuite/ld-aarch64/tls-relax-gdesc-le-now.d: New test.

--

Comments

Tamar Christina March 29, 2019, 7:16 p.m. | #1
Hi All,

I will post a slight modification on Monday after all checks finish for an small thing I noticed after sending this out.

Please hold on review until then.

Thanks,
Tamar

> -----Original Message-----

> From: binutils-owner@sourceware.org <binutils-owner@sourceware.org>

> On Behalf Of Tamar Christina

> Sent: Friday, March 29, 2019 18:58

> To: binutils@sourceware.org

> Cc: nd <nd@arm.com>; Richard Earnshaw <Richard.Earnshaw@arm.com>;

> Marcus Shawcroft <Marcus.Shawcroft@arm.com>

> Subject: [PATCH][Binutils][AArch64] When DF_BIND_NOW don't use

> TLSDESC GOT value.

> 

> Hi All,

> 

> When using DF_BIND_NOW on AArch64 we don't reserve the GOT slot for a

> TLSDESC, but we still emitted DT_TLSDESC_GOT and DT_TLSDESC_PLT.  This

> caused random memory corruption as the "special" value of (bfd_vma)-1

> would be set for dt_tlsdesc_got.

> 

> Since we don't have a value of dt_tlsdesc_got I also don't emit

> DT_TLSDESC_PLT now becuase it would point to an incomplete PLT. To be

> able to write the PLT entry DT_TLSDESC_GOT is needed and since we don't

> have one we can't write the PLT entry either.

> 

> It is my understanding that GLIBC doesn't need these two entries when not

> lazy loading.  Conversely AArch32 does not reserve neither the GOT not the

> PLT slot when doing DF_BIND_NOW.

> 

> AArch32 does not need these checks because these values are initialized to 0

> and so the if (...) checks don't pass, but on AArch64 these are initialized to

> (bfd_vma)-1 and thus we need some extra checks.

> 

> build on native hardware and regtested on

>   aarch64-none-elf, aarch64-none-elf (32 bit host),

>   aarch64-none-linux-gnu, aarch64-none-linux-gnu (32 bit host)

> 

> Cross-compiled and regtested on

>   aarch64-none-linux-gnu, aarch64_be-none-linux-gnu

> 

> and no issues, also fixes 3 other linker testcases.

> 

> Ok for master? and for backport to binutils-2.32?

> 

> Thanks,

> Tamar

> 

> bfd/ChangeLog:

> 

> 2019-03-29  Tamar Christina  <tamar.christina@arm.com>

> 

> 	PR ld/24302

> 	* elfnn-aarch64.c (elfNN_aarch64_size_dynamic_sections): Don't

> emit

> 	DT_TLSDESC_GOT and DT_TLSDESC_PLT when DF_BIND_NOW.

> 	(elfNN_aarch64_finish_dynamic_sections): Don't write PLT if

> DF_BIND_NOW.

> 

> ld/ChangeLog:

> 

> 2019-03-29  Tamar Christina  <tamar.christina@arm.com>

> 

> 	PR ld/24302

> 	* testsuite/ld-aarch64/aarch64-elf.exp: Add new test.

> 	* testsuite/ld-aarch64/tls-relax-gdesc-le-now.d: New test.

> 

> --
Tamar Christina April 1, 2019, 1 p.m. | #2
Hi All,

When using DF_BIND_NOW on AArch64 we don't reserve the GOT slot for a TLSDESC,
but we still emitted DT_TLSDESC_GOT and DT_TLSDESC_PLT.  This caused random
memory corruption as the "special" value of (bfd_vma)-1 would be set for
dt_tlsdesc_got.

Since we don't have a value of dt_tlsdesc_got I also don't emit DT_TLSDESC_PLT
now becuase it would point to an incomplete PLT. To be able to write the PLT
entry DT_TLSDESC_GOT is needed and since we don't have one we can't write the
PLT entry either.

It is my understanding that GLIBC doesn't need these two entries when not lazy
loading.  Conversely AArch32 does not reserve neither the GOT not the PLT slot
when doing DF_BIND_NOW.

AArch32 does not need these checks because these values are initialized to 0
and so the if (...) checks don't pass, but on AArch64 these are initialized
to (bfd_vma)-1 and thus we need some extra checks.

build on native hardware and regtested on
  aarch64-none-elf, aarch64-none-elf (32 bit host),
  aarch64-none-linux-gnu, aarch64-none-linux-gnu (32 bit host)

Cross-compiled and regtested on
  aarch64-none-linux-gnu, aarch64_be-none-linux-gnu

and no issues, also fixes 3 other linker testcases.

Ok for master? and for backport to binutils-2.32?

Thanks,
Tamar

bfd/ChangeLog:

2019-04-01  Tamar Christina  <tamar.christina@arm.com>

	PR ld/24302
	* elfnn-aarch64.c (elfNN_aarch64_size_dynamic_sections): Don't emit
	DT_TLSDESC_GOT and DT_TLSDESC_PLT when DF_BIND_NOW.
	(elfNN_aarch64_finish_dynamic_sections): Don't write PLT if DF_BIND_NOW.

ld/ChangeLog:

2019-04-01  Tamar Christina  <tamar.christina@arm.com>

	PR ld/24302
	* testsuite/ld-aarch64/aarch64-elf.exp: Add new test.
	* testsuite/ld-aarch64/tls-relax-gdesc-le-now.d: New test.


The 03/29/2019 19:16, Tamar Christina wrote:
> Hi All,

> 

> I will post a slight modification on Monday after all checks finish for an small thing I noticed after sending this out.

> 

> Please hold on review until then.

> 

> Thanks,

> Tamar

> 

> > -----Original Message-----

> > From: binutils-owner@sourceware.org <binutils-owner@sourceware.org>

> > On Behalf Of Tamar Christina

> > Sent: Friday, March 29, 2019 18:58

> > To: binutils@sourceware.org

> > Cc: nd <nd@arm.com>; Richard Earnshaw <Richard.Earnshaw@arm.com>;

> > Marcus Shawcroft <Marcus.Shawcroft@arm.com>

> > Subject: [PATCH][Binutils][AArch64] When DF_BIND_NOW don't use

> > TLSDESC GOT value.

> > 

> > Hi All,

> > 

> > When using DF_BIND_NOW on AArch64 we don't reserve the GOT slot for a

> > TLSDESC, but we still emitted DT_TLSDESC_GOT and DT_TLSDESC_PLT.  This

> > caused random memory corruption as the "special" value of (bfd_vma)-1

> > would be set for dt_tlsdesc_got.

> > 

> > Since we don't have a value of dt_tlsdesc_got I also don't emit

> > DT_TLSDESC_PLT now becuase it would point to an incomplete PLT. To be

> > able to write the PLT entry DT_TLSDESC_GOT is needed and since we don't

> > have one we can't write the PLT entry either.

> > 

> > It is my understanding that GLIBC doesn't need these two entries when not

> > lazy loading.  Conversely AArch32 does not reserve neither the GOT not the

> > PLT slot when doing DF_BIND_NOW.

> > 

> > AArch32 does not need these checks because these values are initialized to 0

> > and so the if (...) checks don't pass, but on AArch64 these are initialized to

> > (bfd_vma)-1 and thus we need some extra checks.

> > 

> > build on native hardware and regtested on

> >   aarch64-none-elf, aarch64-none-elf (32 bit host),

> >   aarch64-none-linux-gnu, aarch64-none-linux-gnu (32 bit host)

> > 

> > Cross-compiled and regtested on

> >   aarch64-none-linux-gnu, aarch64_be-none-linux-gnu

> > 

> > and no issues, also fixes 3 other linker testcases.

> > 

> > Ok for master? and for backport to binutils-2.32?

> > 

> > Thanks,

> > Tamar

> > 

> > bfd/ChangeLog:

> > 

> > 2019-03-29  Tamar Christina  <tamar.christina@arm.com>

> > 

> > 	PR ld/24302

> > 	* elfnn-aarch64.c (elfNN_aarch64_size_dynamic_sections): Don't

> > emit

> > 	DT_TLSDESC_GOT and DT_TLSDESC_PLT when DF_BIND_NOW.

> > 	(elfNN_aarch64_finish_dynamic_sections): Don't write PLT if

> > DF_BIND_NOW.

> > 

> > ld/ChangeLog:

> > 

> > 2019-03-29  Tamar Christina  <tamar.christina@arm.com>

> > 

> > 	PR ld/24302

> > 	* testsuite/ld-aarch64/aarch64-elf.exp: Add new test.

> > 	* testsuite/ld-aarch64/tls-relax-gdesc-le-now.d: New test.

> > 

> > --


--
diff --git a/bfd/elfnn-aarch64.c b/bfd/elfnn-aarch64.c
index 57a723d547734b4a4b5074fb7c90811e9bd56184..9d4df11f9d42c39fad5742f92a5edb561e809259 100644
--- a/bfd/elfnn-aarch64.c
+++ b/bfd/elfnn-aarch64.c
@@ -9064,13 +9064,13 @@ elfNN_aarch64_size_dynamic_sections (bfd *output_bfd ATTRIBUTE_UNUSED,
       if (htab->root.splt->size == 0)
 	htab->root.splt->size += htab->plt_header_size;
 
-      htab->tlsdesc_plt = htab->root.splt->size;
-      htab->root.splt->size += htab->tlsdesc_plt_entry_size;
-
       /* If we're not using lazy TLS relocations, don't generate the
-	 GOT entry required.  */
+	 GOT and PLT entry required.  */
       if (!(info->flags & DF_BIND_NOW))
 	{
+	  htab->tlsdesc_plt = htab->root.splt->size;
+	  htab->root.splt->size += htab->tlsdesc_plt_entry_size;
+
 	  htab->dt_tlsdesc_got = htab->root.sgot->size;
 	  htab->root.sgot->size += GOT_ENTRY_SIZE;
 	}
@@ -9174,6 +9174,7 @@ elfNN_aarch64_size_dynamic_sections (bfd *output_bfd ATTRIBUTE_UNUSED,
 	    return FALSE;
 
 	  if (htab->tlsdesc_plt
+	      && !(info->flags & DF_BIND_NOW)
 	      && (!add_dynamic_entry (DT_TLSDESC_PLT, 0)
 		  || !add_dynamic_entry (DT_TLSDESC_GOT, 0)))
 	    return FALSE;
@@ -9686,6 +9687,7 @@ elfNN_aarch64_finish_dynamic_sections (bfd *output_bfd,
 
 	    case DT_TLSDESC_GOT:
 	      s = htab->root.sgot;
+	      BFD_ASSERT (htab->dt_tlsdesc_got != (bfd_vma)-1);
 	      dyn.d_un.d_ptr = s->output_section->vma + s->output_offset
 		+ htab->dt_tlsdesc_got;
 	      break;
@@ -9705,8 +9707,9 @@ elfNN_aarch64_finish_dynamic_sections (bfd *output_bfd,
 	this_hdr.sh_entsize = htab->plt_entry_size;
 
 
-      if (htab->tlsdesc_plt)
+      if (htab->tlsdesc_plt && !(info->flags & DF_BIND_NOW))
 	{
+	  BFD_ASSERT (htab->dt_tlsdesc_got != (bfd_vma)-1);
 	  bfd_put_NN (output_bfd, (bfd_vma) 0,
 		      htab->root.sgot->contents + htab->dt_tlsdesc_got);
 
diff --git a/ld/testsuite/ld-aarch64/aarch64-elf.exp b/ld/testsuite/ld-aarch64/aarch64-elf.exp
index ba3ce36191f49b2ce25880b7a61408b6e8875884..e69aedd0d4d1b434b659a9d426cf86c528610608 100644
--- a/ld/testsuite/ld-aarch64/aarch64-elf.exp
+++ b/ld/testsuite/ld-aarch64/aarch64-elf.exp
@@ -256,6 +256,7 @@ run_dump_test "tls-relax-all-ilp32"
 run_dump_test "tls-relax-gd-le"
 run_dump_test "tls-relax-gd-le-ilp32"
 run_dump_test "tls-relax-gdesc-le"
+run_dump_test "tls-relax-gdesc-le-now"
 run_dump_test "tls-relax-gdesc-le-ilp32"
 run_dump_test "tls-relax-gd-ie"
 run_dump_test "tls-relax-gd-ie-ilp32"
diff --git a/ld/testsuite/ld-aarch64/tls-relax-gdesc-le-now.d b/ld/testsuite/ld-aarch64/tls-relax-gdesc-le-now.d
new file mode 100644
index 0000000000000000000000000000000000000000..f1565e9c11f0136a5183694ecc22191617bf5cc2
--- /dev/null
+++ b/ld/testsuite/ld-aarch64/tls-relax-gdesc-le-now.d
@@ -0,0 +1,19 @@
+#source: tls-relax-gdesc-le.s
+#ld: -shared -z now
+#readelf: -dr
+#...
+ 0x.+ \(STRTAB\)   \s+0x.+
+ 0x.+ \(SYMTAB\)   \s+0x.+
+ 0x.+ \(STRSZ\)    \s+.+ \(bytes\)
+ 0x.+ \(SYMENT\)   \s+.+ \(bytes\)
+ 0x.+ \(PLTGOT\)   \s+0x.+
+ 0x.+ \(PLTRELSZ\) \s+.+ \(bytes\)
+ 0x.+ \(PLTREL\)   \s+RELA
+ 0x.+ \(JMPREL\)   \s+0x.+
+ 0x.+ \(BIND_NOW\) \s+
+ 0x.+ \(FLAGS_1\)  \s+   Flags: NOW
+ 0x.+ \(NULL\)     \s+   0x0
+
+Relocation section '\.rela\.plt' at offset .+ contains 1 entry:
+  Offset          Info           Type           Sym\. Value    Sym\. Name \+ Addend
+.+  .+ R_AARCH64_TLSDESC                    0
Nick Clifton April 10, 2019, 4:19 p.m. | #3
Hi Tamar,

> Ok for master? and for backport to binutils-2.32?


Approved (for both) - please apply.

Cheers
  Nick

> bfd/ChangeLog:

> 2019-04-01  Tamar Christina  <tamar.christina@arm.com>

> 

> 	PR ld/24302

> 	* elfnn-aarch64.c (elfNN_aarch64_size_dynamic_sections): Don't emit

> 	DT_TLSDESC_GOT and DT_TLSDESC_PLT when DF_BIND_NOW.

> 	(elfNN_aarch64_finish_dynamic_sections): Don't write PLT if DF_BIND_NOW.

> 

> ld/ChangeLog:

> 2019-04-01  Tamar Christina  <tamar.christina@arm.com>

> 

> 	PR ld/24302

> 	* testsuite/ld-aarch64/aarch64-elf.exp: Add new test.

> 	* testsuite/ld-aarch64/tls-relax-gdesc-le-now.d: New test.

Patch

diff --git a/bfd/elfnn-aarch64.c b/bfd/elfnn-aarch64.c
index 57a723d547734b4a4b5074fb7c90811e9bd56184..9d4df11f9d42c39fad5742f92a5edb561e809259 100644
--- a/bfd/elfnn-aarch64.c
+++ b/bfd/elfnn-aarch64.c
@@ -9064,13 +9064,13 @@  elfNN_aarch64_size_dynamic_sections (bfd *output_bfd ATTRIBUTE_UNUSED,
       if (htab->root.splt->size == 0)
 	htab->root.splt->size += htab->plt_header_size;
 
-      htab->tlsdesc_plt = htab->root.splt->size;
-      htab->root.splt->size += htab->tlsdesc_plt_entry_size;
-
       /* If we're not using lazy TLS relocations, don't generate the
-	 GOT entry required.  */
+	 GOT and PLT entry required.  */
       if (!(info->flags & DF_BIND_NOW))
 	{
+	  htab->tlsdesc_plt = htab->root.splt->size;
+	  htab->root.splt->size += htab->tlsdesc_plt_entry_size;
+
 	  htab->dt_tlsdesc_got = htab->root.sgot->size;
 	  htab->root.sgot->size += GOT_ENTRY_SIZE;
 	}
@@ -9174,6 +9174,7 @@  elfNN_aarch64_size_dynamic_sections (bfd *output_bfd ATTRIBUTE_UNUSED,
 	    return FALSE;
 
 	  if (htab->tlsdesc_plt
+	      && !(info->flags & DF_BIND_NOW)
 	      && (!add_dynamic_entry (DT_TLSDESC_PLT, 0)
 		  || !add_dynamic_entry (DT_TLSDESC_GOT, 0)))
 	    return FALSE;
@@ -9686,6 +9687,7 @@  elfNN_aarch64_finish_dynamic_sections (bfd *output_bfd,
 
 	    case DT_TLSDESC_GOT:
 	      s = htab->root.sgot;
+	      BFD_ASSERT (htab->dt_tlsdesc_got != (bfd_vma)-1);
 	      dyn.d_un.d_ptr = s->output_section->vma + s->output_offset
 		+ htab->dt_tlsdesc_got;
 	      break;
@@ -9705,8 +9707,9 @@  elfNN_aarch64_finish_dynamic_sections (bfd *output_bfd,
 	this_hdr.sh_entsize = htab->plt_entry_size;
 
 
-      if (htab->tlsdesc_plt)
+      if (htab->tlsdesc_plt && !(info->flags & DF_BIND_NOW))
 	{
+	  BFD_ASSERT (htab->dt_tlsdesc_got != (bfd_vma)-1);
 	  bfd_put_NN (output_bfd, (bfd_vma) 0,
 		      htab->root.sgot->contents + htab->dt_tlsdesc_got);
 
diff --git a/ld/testsuite/ld-aarch64/aarch64-elf.exp b/ld/testsuite/ld-aarch64/aarch64-elf.exp
index ba3ce36191f49b2ce25880b7a61408b6e8875884..e69aedd0d4d1b434b659a9d426cf86c528610608 100644
--- a/ld/testsuite/ld-aarch64/aarch64-elf.exp
+++ b/ld/testsuite/ld-aarch64/aarch64-elf.exp
@@ -256,6 +256,7 @@  run_dump_test "tls-relax-all-ilp32"
 run_dump_test "tls-relax-gd-le"
 run_dump_test "tls-relax-gd-le-ilp32"
 run_dump_test "tls-relax-gdesc-le"
+run_dump_test "tls-relax-gdesc-le-now"
 run_dump_test "tls-relax-gdesc-le-ilp32"
 run_dump_test "tls-relax-gd-ie"
 run_dump_test "tls-relax-gd-ie-ilp32"
diff --git a/ld/testsuite/ld-aarch64/tls-relax-gdesc-le-now.d b/ld/testsuite/ld-aarch64/tls-relax-gdesc-le-now.d
new file mode 100644
index 0000000000000000000000000000000000000000..82f2d0852389bf1a95a196b9e9813d27b4792dd8
--- /dev/null
+++ b/ld/testsuite/ld-aarch64/tls-relax-gdesc-le-now.d
@@ -0,0 +1,22 @@ 
+#source: tls-relax-gdesc-le.s
+#ld: -shared -z now
+#readelf: -dr
+
+Dynamic section at offset 0x1c8 contains 12 entries:
+  Tag        Type                         Name/Value
+ 0x0000000000000004 \(HASH\)               0x120
+ 0x0000000000000005 \(STRTAB\)             0x168
+ 0x0000000000000006 \(SYMTAB\)             0x138
+ 0x000000000000000a \(STRSZ\)              8 \(bytes\)
+ 0x000000000000000b \(SYMENT\)             24 \(bytes\)
+ 0x0000000000000003 \(PLTGOT\)             0x102e0
+ 0x0000000000000002 \(PLTRELSZ\)           24 \(bytes\)
+ 0x0000000000000014 \(PLTREL\)             RELA
+ 0x0000000000000017 \(JMPREL\)             0x170
+ 0x0000000000000018 \(BIND_NOW\)           
+ 0x000000006ffffffb \(FLAGS_1\)            Flags: NOW
+ 0x0000000000000000 \(NULL\)               0x0
+
+Relocation section '\.rela\.plt' at offset 0x170 contains 1 entry:
+  Offset          Info           Type           Sym\. Value    Sym\. Name \+ Addend
+0000000102f8  000000000407 R_AARCH64_TLSDESC                    0