Page MenuHomeFreeBSD

rtld: Handle ELF dso with program headers outside the first page.
ClosedPublic

Authored by kib on Sep 4 2020, 1:02 PM.
Tags
None
Referenced Files
Unknown Object (File)
Jan 5 2024, 4:31 PM
Unknown Object (File)
Dec 22 2023, 8:06 AM
Unknown Object (File)
Dec 21 2023, 2:39 AM
Unknown Object (File)
Dec 20 2023, 7:44 AM
Unknown Object (File)
Dec 12 2023, 11:43 PM
Unknown Object (File)
Sep 6 2023, 12:27 PM
Unknown Object (File)
Jul 20 2023, 12:44 AM
Unknown Object (File)
Jul 13 2023, 4:17 PM
Subscribers

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib requested review of this revision.Sep 4 2020, 1:02 PM

LGTM. It works for me with the libwidevinecdm.so from the PR. I tried to generate an .so with weird phdrs using patchelf, but that didn't work. Not sure if there are other such tools...

This revision is now accepted and ready to land.Sep 4 2020, 8:50 PM
emaste added inline comments.
libexec/rtld-elf/map_object.c
334–335 ↗(On Diff #76647)

This seems a bit magical

libexec/rtld-elf/map_object.c
334–335 ↗(On Diff #76647)

Ah yes, from this diff you pretty easily see that the condition matches the one below where the pages are mapped, but maybe not if somebody is later looking at the whole .c file. I guess a comment might be nice, or otherwise putting the hdr->e_phoff + hdr->e_phnum * sizeof(Elf_Phdr) > (size_t)PAGE_SIZE expression into a macro, maybe?

libexec/rtld-elf/map_object.c
334–335 ↗(On Diff #76647)

Yeah, in the context of this diff it's clear why this is like this but might not be clear for someone looking at this file in the future.

Move check into helper.
Fix off-by-one.

This revision now requires review to proceed.Sep 4 2020, 9:40 PM
libexec/rtld-elf/map_object.c
341–342 ↗(On Diff #76673)

Oh, one more thing, what happens if the phdr starts in the first mapped page but crosses the boundary into the next one?

libexec/rtld-elf/map_object.c
341–342 ↗(On Diff #76673)

As far as I can see, the first page would be mapped twice, once with offset 0 (line 360 in the new version), and once with offset hdr->e_phoff. It's not a big issue, but it may waste a page. AFAIK you can map pages multiple times just fine, certainly when they're read-only?

libexec/rtld-elf/map_object.c
341–342 ↗(On Diff #76673)

It happens only during parsing, map_object() unmaps both special mappings.

In the case Ed noted, we must map two pages. Test checks that the end of the supposed mapping fits into zero page. If it not, we indeed would map zero page twice, and it must work. For instance, we map shared libraries at different bases.

This revision is now accepted and ready to land.Sep 5 2020, 2:07 AM