| [c5c522c] | 1 | From: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com> |
|---|
| 2 | Date: Tue, 09 Sep 2014 15:17:19 -0700 |
|---|
| 3 | Subject: [klibc] [PATCH] ppc64: ELFv2: Load TOC value in system call stub |
|---|
| 4 | Forwarded: http://www.zytor.com/pipermail/klibc/2016-January/003878.html |
|---|
| 5 | |
|---|
| 6 | This fixes a segmentation fault in the system call's error handling path with |
|---|
| 7 | dynamically-linked binaries on PowerPC64 little endian. The system call stub |
|---|
| 8 | wasn't loading up r2 with the appropriate TOC value in its global entry point. |
|---|
| 9 | |
|---|
| 10 | The r2 setup code comes from the FUNC_START macro in gcc [1] and an equivalent |
|---|
| 11 | one can also be found in the LOCALENTRY macro in glibc [2]. |
|---|
| 12 | |
|---|
| 13 | On the ELFv2 ABI (see [1]): |
|---|
| 14 | - The global entry point is expected to load up r2 with the appropriate TOC |
|---|
| 15 | value for this function. |
|---|
| 16 | - The local entry point expects r2 to be set up to the current TOC. |
|---|
| 17 | |
|---|
| 18 | The problem happened with dynamically-linked binaries because: |
|---|
| 19 | - the system call is an indirect call (via global entry point) from the binary |
|---|
| 20 | to the shared library, landing in the syscall stub (which didn't load up r2 |
|---|
| 21 | with the TOC of the shared library) |
|---|
| 22 | - its branch to __syscall_error is a direct call (via local entry point) within |
|---|
| 23 | the shared library, landing in the function (which expects r2 to be set up to |
|---|
| 24 | that TOC) |
|---|
| 25 | - when the function attempts to store errno (in an address relative to the TOC), |
|---|
| 26 | that address incorrectly pointed to a read-only segment -- segmentation fault. |
|---|
| 27 | |
|---|
| 28 | The problem didn't happen with statically-linked binaries because the TOC value |
|---|
| 29 | wasn't different on that case. |
|---|
| 30 | |
|---|
| 31 | Thanks and credits to Alan Modra and Ulrich Weigand, for helping with this and |
|---|
| 32 | pointing out the solution. |
|---|
| 33 | |
|---|
| 34 | [1] https://gcc.gnu.org/ml/gcc-patches/2013-11/msg01141.html |
|---|
| 35 | [2] https://www.sourceware.org/ml/libc-alpha/2013-11/msg00315.html |
|---|
| 36 | |
|---|
| 37 | Signed-off-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com> |
|---|
| 38 | --- |
|---|
| 39 | usr/klibc/arch/ppc64/sysstub.ph | 3 +++ |
|---|
| 40 | 1 files changed, 3 insertions(+), 0 deletions(-) |
|---|
| 41 | |
|---|
| 42 | diff --git a/usr/klibc/arch/ppc64/sysstub.ph b/usr/klibc/arch/ppc64/sysstub.ph |
|---|
| 43 | index b3f6e38..a0c6d41 100644 |
|---|
| 44 | --- a/usr/klibc/arch/ppc64/sysstub.ph |
|---|
| 45 | +++ b/usr/klibc/arch/ppc64/sysstub.ph |
|---|
| 46 | @@ -18,6 +18,9 @@ sub make_sysstub($$$$$@) { |
|---|
| 47 | #if _CALL_ELF == 2 |
|---|
| 48 | .type ${fname},\@function |
|---|
| 49 | ${fname}: |
|---|
| 50 | +0: addis 2,12,(.TOC.-0b)\@ha |
|---|
| 51 | + addi 2,2,(.TOC.-0b)\@l |
|---|
| 52 | + .localentry ${fname},.-${fname} |
|---|
| 53 | #else |
|---|
| 54 | .section ".opd","aw" |
|---|
| 55 | .balign 8 |
|---|
| 56 | -- |
|---|
| 57 | 1.7.1 |
|---|
