[llvm-bugs] [Bug 40474] New: Stop indirecting non-preemptable ifuncs via the PLT if it can be avoided

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Jan 25 20:46:28 PST 2019 

https://bugs.llvm.org/show_bug.cgi?id=40474

            Bug ID: 40474
           Summary: Stop indirecting non-preemptable ifuncs via the PLT if
                    it can be avoided
           Product: lld
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: ELF
          Assignee: unassignedbugs at nondot.org
          Reporter: peter at pcc.me.uk
                CC: llvm-bugs at lists.llvm.org, peter.smith at linaro.org

This is a follow up to my comment 3 in pr40250.

I've been giving this some more thought and it seems like there is only one
case where we need to create a PLT for an ifunc and redirect all references to
the ifunc (including GOT) to point to it, and that is the case where the
executable is non-PIC, there is a direct (non-GOT, non-PLT) relocation
referring to the ifunc, and the --ignore-function-address-equality argument
isn't passed. In this case, the address taken by the direct relocation and the
address in the GOT need to be equal. And since there isn't necessarily a
dynamic loader to fix up the direct relocation references for us (we can only
rely on a statically linked libc being able to apply the IRELATIVE relocs to
the GOT in __rela?_iplt_{start,end}), the symbol needs to have a constant
value, i.e. the address of the PLT entry. This is similar to the case of
pseudo-PLTs in dynamically relocated non-PIC binaries that we support already.

In PIC binaries, I think we can just use either the IRELATIVE (for the GOT) or
dynamic relocations (everything else). If --ignore-function-address-equality is
passed we can create the PLT and just make the direct and PLT relocations point
to it, leaving the GOT relocations pointing at the IRELATIVE.

Notably, this provides a way for sanitizers (and other users of
ifunc-resolves-to-data) to continue to work in a static executable: they simply
need to ensure that *all* references to their ifunc go via the GOT. Since the
sanitizers control the code that they generate, this seems doable to me. For
example in IR the sanitizers should be able to set dso_preemptable on the
GlobalVariable referring to the ifunc to ensure that the references go via the
GOT even without -fPIE.

Peter, does that match your understanding? I can also try to take a look at
this if you're not planning to take a look soon.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190126/01a9671d/attachment.html>

More information about the llvm-bugs mailing list