rtld: Handle ELF dso with program headers outside the first page.
ClosedPublic
Actions

Authored by kib on Sep 4 2020, 1:02 PM.

Details

Reviewers

emaste
dim

Commits

rS365360: rtld: Handle ELF dso with program headers outside the first page.

Summary

PR: 229708

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

kib created this revision.Sep 4 2020, 1:02 PM

Herald added subscribers: bdragon, imp. · View Herald TranscriptSep 4 2020, 1:02 PM

kib requested review of this revision.Sep 4 2020, 1:02 PM

Harbormaster completed remote builds in B33387: Diff 76647.Sep 4 2020, 1:03 PM

LGTM. It works for me with the libwidevinecdm.so from the PR. I tried to generate an .so with weird phdrs using patchelf, but that didn't work. Not sure if there are other such tools...

This revision is now accepted and ready to land.Sep 4 2020, 8:50 PM

emaste accepted this revision.Sep 4 2020, 9:01 PM

emaste added inline comments.

libexec/rtld-elf/map_object.c
334–335 ↗	(On Diff #76647)	This seems a bit magical

dim added inline comments.Sep 4 2020, 9:09 PM

libexec/rtld-elf/map_object.c
334–335 ↗	(On Diff #76647)	Ah yes, from this diff you pretty easily see that the condition matches the one below where the pages are mapped, but maybe not if somebody is later looking at the whole .c file. I guess a comment might be nice, or otherwise putting the `hdr->e_phoff + hdr->e_phnum * sizeof(Elf_Phdr) > (size_t)PAGE_SIZE` expression into a macro, maybe?

emaste added inline comments.Sep 4 2020, 9:17 PM

libexec/rtld-elf/map_object.c
334–335 ↗	(On Diff #76647)	Yeah, in the context of this diff it's clear why this is like this but might not be clear for someone looking at this file in the future.

Move check into helper.
Fix off-by-one.

This revision now requires review to proceed.Sep 4 2020, 9:40 PM

Harbormaster completed remote builds in B33404: Diff 76673.Sep 4 2020, 9:40 PM

emaste added inline comments.Sep 4 2020, 9:46 PM

libexec/rtld-elf/map_object.c
341–342 ↗	(On Diff #76673)	Oh, one more thing, what happens if the phdr starts in the first mapped page but crosses the boundary into the next one?

dim added inline comments.Sep 4 2020, 10:28 PM

libexec/rtld-elf/map_object.c
341–342 ↗	(On Diff #76673)	As far as I can see, the first page would be mapped twice, once with offset 0 (line 360 in the new version), and once with offset `hdr->e_phoff`. It's not a big issue, but it may waste a page. AFAIK you can map pages multiple times just fine, certainly when they're read-only?

kib added inline comments.Sep 4 2020, 10:36 PM

libexec/rtld-elf/map_object.c
341–342 ↗	(On Diff #76673)	It happens only during parsing, map_object() unmaps both special mappings. In the case Ed noted, we must map two pages. Test checks that the end of the supposed mapping fits into zero page. If it not, we indeed would map zero page twice, and it must work. For instance, we map shared libraries at different bases.