From patchwork Fri May 28 06:59:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yann Sionneau X-Patchwork-Id: 1485031 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=uclibc-ng.org (client-ip=89.238.66.15; helo=helium.openadk.org; envelope-from=devel-bounces@uclibc-ng.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=sionneau.net header.i=@sionneau.net header.a=rsa-sha1 header.s=selectormx3 header.b=Mxub2M6o; dkim-atps=neutral Received: from helium.openadk.org (helium.openadk.org [89.238.66.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FrwZ70cGgz9sSn for ; Fri, 28 May 2021 17:00:47 +1000 (AEST) Received: from helium.openadk.org (localhost [IPv6:::1]) by helium.openadk.org (Postfix) with ESMTP id A2142100F5; Fri, 28 May 2021 09:00:43 +0200 (CEST) X-Original-To: devel@uclibc-ng.org Delivered-To: devel@helium.openadk.org Received: from mx3.sionneau.net (mx3.sionneau.net [163.172.183.177]) by helium.openadk.org (Postfix) with ESMTPS id 8E9B1100F5 for ; Fri, 28 May 2021 09:00:25 +0200 (CEST) Received: from mx3.sionneau.net (localhost [127.0.0.1]) by mx3.sionneau.net. (OpenSMTPD) with ESMTP id 4c0bbd55 for ; Fri, 28 May 2021 07:00:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=sionneau.net; h=from:to:cc :subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; s=selectormx3; bh=qNbOX0S90wZxBqvL+G oYYtO4UZE=; b=Mxub2M6ogHTm+TKcMd/mRHVTsnyo3iJd3o1PO2H/e1v7LhqE8d o8sFBIb7HBD6oGr4rQem68NbNBIseLHdL0wM9ROni4GGdSjCoGaGN1sZuD3i9Ynf H7GWjE++X7xc44z7DVMuiykGbJosLtKU9BCvdUgBCKctgF3CLCRRIKVhw= DomainKey-Signature: a=rsa-sha1; c=simple; d=sionneau.net; h=from:to:cc :subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; q=dns; s=selectormx3; b=w64M9u4yICOQ BZCm++NqkZDY2c+eKjNJ90COlpw/YuQEKbhmYJ+gmVklO3V228xYHakU2Nir7rEI MHcpFXllJaz1fk+Lx4YfI1ZKl1LaJGEUi8xB5HgfymIZQXYsEHedYX2X1npiAIfb BVm5WWeX13Ox5uT2fdv6qYTfZ0A2P2w= Received: by mx3.sionneau.net (OpenSMTPD) with ESMTPSA id 1534a11d (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Fri, 28 May 2021 07:00:21 +0000 (UTC) From: Yann Sionneau To: devel@uclibc-ng.org Date: Fri, 28 May 2021 08:59:58 +0200 Message-Id: <20210528065958.3965167-2-yann@sionneau.net> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210528065958.3965167-1-yann@sionneau.net> References: <20210528065958.3965167-1-yann@sionneau.net> MIME-Version: 1.0 Subject: [uclibc-ng-devel] [PATCH 1/1] powerpc: fix PIE/PIC builds with newer gcc/binutils which use secureplt by default X-BeenThere: devel@uclibc-ng.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: uClibc-ng Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: devel-bounces@uclibc-ng.org Sender: "devel" This patch fixes segfault of all user space processes (including init, which caused a panic) on recent buildroot powerpc32 builds. The issue has been reported by Romain Naour in this thread: https://mailman.uclibc-ng.org/pipermail/devel/2021-May/002068.html Recent buildroot toolchain enables secure PLT in powerpc gcc. The latter will then supply -msecure-plt to gas invocations by default. Recent buildroot also enables PIE by default. For the secure PLT to work in PIC, the r30 register needs to point to the GOT. Old "bss plt" was just a one-instruction-wide PLT slot, pointed-to by a R_PPC_JMP_SLOT relocation, which was written on-the-fly to contain a branch instruction to the correct address. It therefore had to stay writable+executable, which you generally want to avoid for security reasons. New secure PLT only contains read-only code which loads the branch address from the writable GOT. Note: secure PLT without PIC does not need r30 to be set. Because offset between plt stub code and got is known at link-time. In this case the PLT entry looks like: 1009b3e0 <__uClibc_main@plt>: 1009b3e0: 3d 60 10 0e lis r11,4110 1009b3e4: 81 6b 03 74 lwz r11,884(r11) 1009b3e8: 7d 69 03 a6 mtctr r11 1009b3ec: 4e 80 04 20 bctr Whereas secure PLT with PIC - offset between plt and got is unknown at link-time - looks like this: 000af800 <00000000.plt_pic32.__uClibc_main>: af800: 81 7e 03 80 lwz r11,896(r30) af804: 7d 69 03 a6 mtctr r11 af808: 4e 80 04 20 bctr af80c: 60 00 00 00 nop Signed-off-by: Yann Sionneau Tested-by: Romain Naour --- Rules.mak | 3 ++- ldso/ldso/powerpc/dl-startup.h | 3 +++ libc/sysdeps/linux/powerpc/crt1.S | 4 ++++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Rules.mak b/Rules.mak index 1fa09be23..c789aefd3 100644 --- a/Rules.mak +++ b/Rules.mak @@ -483,9 +483,10 @@ ifeq ($(TARGET_ARCH),powerpc) PICFLAG:=-fpic PIEFLAG_NAME:=-fpie PPC_HAS_REL16:=$(shell printf "\t.text\n\taddis 11,30,_GLOBAL_OFFSET_TABLE_-.@ha\n" | $(CC) -c -x assembler -o /dev/null - 2> /dev/null && echo -n y || echo -n n) + PPC_HAS_SECUREPLT:=$(shell $(CC) --verbose 2>&1 | grep -- --enable-secureplt > /dev/null && echo -n y || echo -n n) + CPU_CFLAGS-$(PPC_HAS_SECUREPLT) += -DPPC_HAS_SECUREPLT CPU_CFLAGS-$(PPC_HAS_REL16)+= -DHAVE_ASM_PPC_REL16 CPU_CFLAGS-$(CONFIG_E500) += "-D__NO_MATH_INLINES" - endif ifeq ($(TARGET_ARCH),bfin) diff --git a/ldso/ldso/powerpc/dl-startup.h b/ldso/ldso/powerpc/dl-startup.h index 8b2a517e2..7749395eb 100644 --- a/ldso/ldso/powerpc/dl-startup.h +++ b/ldso/ldso/powerpc/dl-startup.h @@ -25,6 +25,9 @@ __asm__( #else " bl _GLOBAL_OFFSET_TABLE_-4@local\n" /* Put our GOT pointer in r31, */ " mflr 31\n" +#endif +#ifdef PPC_HAS_SECUREPLT + " mr 30,31\n" #endif " addi 1,1,16\n" /* Restore SP */ " lwz 7,_dl_skip_args@got(31)\n" /* load EA of _dl_skip_args */ diff --git a/libc/sysdeps/linux/powerpc/crt1.S b/libc/sysdeps/linux/powerpc/crt1.S index 27bfc5a5a..3f5d056c0 100644 --- a/libc/sysdeps/linux/powerpc/crt1.S +++ b/libc/sysdeps/linux/powerpc/crt1.S @@ -56,6 +56,10 @@ _start: # else bl _GLOBAL_OFFSET_TABLE_-4@local mflr r31 +# endif + /* in PIC/PIE, plt stubs need r30 to point to the GOT if using secure-plt */ +# ifdef PPC_HAS_SECUREPLT + mr 30,31 # endif #endif /* Set up the small data pointer in r13. */