1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
|
From 6476b8135760659b25c93ff9308425ca98a9e777 Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Mon, 13 Mar 2017 08:52:41 -0400
Subject: [PATCH] emulate lazy relocation as deferrable relocation
traditional lazy relocation with call-time plt resolver is
intentionally not implemented, as it is a huge bug surface and demands
significant amounts of arch-specific code and requires ongoing
maintenance to ensure compatibility with applications which make use
of new additions to the arch's register file in passing function
arguments.
some applications, however, depend on the ability to dlopen modules
which have unsatisfied symbol references at the time they are loaded,
either avoiding use of the affected interfaces or manually loading
another module to provide the missing definition via their own module
dependency tracking outside the ELF data structures. while such usage
is non-conforming, failure to support it has been a significant
obstacle for users/distributions trying to support affected software,
particularly the X.org server.
instead of resolving lazy relocations at call time, this patch saves
unresolved GOT/PLT relocations for deferral and retries them after
each subsequent dlopen until they are resolved. since dlopen is the
only time at which the effective global symbol table can change, this
behavior is not observably different from traditional lazy binding,
and the required code is minimal.
---
ldso/dynlink.c | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 66 insertions(+), 3 deletions(-)
diff --git a/ldso/dynlink.c b/ldso/dynlink.c
index 0bd9d50c..f8db1f82 100644
--- a/ldso/dynlink.c
+++ b/ldso/dynlink.c
@@ -58,7 +58,8 @@ struct dso {
uint32_t *ghashtab;
int16_t *versym;
char *strings;
- struct dso *syms_next;
+ struct dso *syms_next, *lazy_next;
+ size_t *lazy, lazy_cnt;
unsigned char *map;
size_t map_len;
dev_t dev;
@@ -113,7 +114,7 @@ static struct builtin_tls {
static size_t *saved_addends, *apply_addends_to;
static struct dso ldso;
-static struct dso *head, *tail, *fini_head, *syms_tail;
+static struct dso *head, *tail, *fini_head, *syms_tail, *lazy_head;
static char *env_path, *sys_path;
static unsigned long long gencnt;
static int runtime;
@@ -350,6 +351,13 @@ static void do_relocs(struct dso *dso, size_t *rel, size_t rel_size, size_t stri
: find_sym(ctx, name, type==REL_PLT);
if (!def.sym && (sym->st_shndx != SHN_UNDEF
|| sym->st_info>>4 != STB_WEAK)) {
+ if (dso->lazy && (type==REL_PLT || type==REL_GOT)) {
+ dso->lazy[3*dso->lazy_cnt+0] = rel[0];
+ dso->lazy[3*dso->lazy_cnt+1] = rel[1];
+ dso->lazy[3*dso->lazy_cnt+2] = addend;
+ dso->lazy_cnt++;
+ continue;
+ }
error("Error relocating %s: %s: symbol not found",
dso->name, name);
if (runtime) longjmp(*rtld_fail, 1);
@@ -451,6 +459,26 @@ static void do_relocs(struct dso *dso, size_t *rel, size_t rel_size, size_t stri
}
}
+static void redo_lazy_relocs()
+{
+ struct dso *p = lazy_head, *next;
+ lazy_head = 0;
+ for (; p; p=next) {
+ next = p->lazy_next;
+ size_t size = p->lazy_cnt*3*sizeof(size_t);
+ p->lazy_cnt = 0;
+ do_relocs(p, p->lazy, size, 3);
+ if (p->lazy_cnt) {
+ p->lazy_next = lazy_head;
+ lazy_head = p;
+ } else {
+ free(p->lazy);
+ p->lazy = 0;
+ p->lazy_next = 0;
+ }
+ }
+}
+
/* A huge hack: to make up for the wastefulness of shared libraries
* needing at least a page of dirty memory even if they have no global
* data, we reclaim the gaps at the beginning and end of writable maps
@@ -1653,9 +1681,31 @@ _Noreturn void __dls3(size_t *sp)
for(;;);
}
+static void prepare_lazy(struct dso *p)
+{
+ size_t dyn[DYN_CNT], n, flags1=0;
+ decode_vec(p->dynv, dyn, DYN_CNT);
+ search_vec(p->dynv, &flags1, DT_FLAGS_1);
+ if (dyn[DT_BIND_NOW] || (dyn[DT_FLAGS] & DF_BIND_NOW) || (flags1 & DF_1_NOW))
+ return;
+ n = dyn[DT_RELSZ]/2 + dyn[DT_RELASZ]/3 + dyn[DT_PLTRELSZ]/2 + 1;
+ if (NEED_MIPS_GOT_RELOCS) {
+ size_t j=0; search_vec(p->dynv, &j, DT_MIPS_GOTSYM);
+ size_t i=0; search_vec(p->dynv, &i, DT_MIPS_SYMTABNO);
+ n += i-j;
+ }
+ p->lazy = calloc(n, 3*sizeof(size_t));
+ if (!p->lazy) {
+ error("Error preparing lazy relocation for %s: %m", p->name);
+ longjmp(*rtld_fail, 1);
+ }
+ p->lazy_next = lazy_head;
+ lazy_head = p;
+}
+
void *dlopen(const char *file, int mode)
{
- struct dso *volatile p, *orig_tail, *orig_syms_tail, *next;
+ struct dso *volatile p, *orig_tail, *orig_syms_tail, *orig_lazy_head, *next;
struct tls_module *orig_tls_tail;
size_t orig_tls_cnt, orig_tls_offset, orig_tls_align;
size_t i;
@@ -1673,6 +1723,7 @@ void *dlopen(const char *file, int mode)
orig_tls_cnt = tls_cnt;
orig_tls_offset = tls_offset;
orig_tls_align = tls_align;
+ orig_lazy_head = lazy_head;
orig_syms_tail = syms_tail;
orig_tail = tail;
noload = mode & RTLD_NOLOAD;
@@ -1701,6 +1752,7 @@ void *dlopen(const char *file, int mode)
tls_cnt = orig_tls_cnt;
tls_offset = orig_tls_offset;
tls_align = orig_tls_align;
+ lazy_head = orig_lazy_head;
tail = orig_tail;
tail->next = 0;
p = 0;
@@ -1718,6 +1770,12 @@ void *dlopen(const char *file, int mode)
/* First load handling */
if (!p->relocated) {
load_deps(p);
+ if ((mode & RTLD_LAZY)) {
+ prepare_lazy(p);
+ if (p->deps) for (i=0; p->deps[i]; i++)
+ if (!p->deps[i]->relocated)
+ prepare_lazy(p->deps[i]);
+ }
/* Make new symbols global, at least temporarily, so we can do
* relocations. If not RTLD_GLOBAL, this is reverted below. */
add_syms(p);
@@ -1732,6 +1790,11 @@ void *dlopen(const char *file, int mode)
if (!(mode & RTLD_GLOBAL))
revert_syms(orig_syms_tail);
+ /* Processing of deferred lazy relocations must not happen until
+ * the new libraries are committed; otherwise we could end up with
+ * relocations resolved to symbol definitions that get removed. */
+ redo_lazy_relocs();
+
update_tls_size();
_dl_debug_state();
orig_tail = tail;
--
2.12.1
|