!580 elf/ld.so: Consider maybe-existing hole between PT_LOAD segments when mmap reserved area

From: @lvying6 Reviewed-by: @liqingqing_1229 Signed-off-by: @liqingqing_1229
2023-04-28 06:58:47 +00:00 · 2023-04-28 06:58:47 +00:00 · d5d8c4b407
commit d5d8c4b407
parent 9c979aff1f 17c0041f1c
2 changed files with 52 additions and 1 deletions
--- a/elf-ld.so-Consider-maybe-existing-hole-between-PT_LO.patch
+++ b/elf-ld.so-Consider-maybe-existing-hole-between-PT_LO.patch
@ -0,0 +1,47 @@
 From 1b296563c92c896f072343b5f19286e8b5942b9e Mon Sep 17 00:00:00 2001
 From: hubin <hubin73@huawei.com>
 Date: Fri, 28 Apr 2023 11:30:47 +0800
 Subject: [PATCH] elf/ld.so: Consider maybe-existing hole between PT_LOAD
 segments when mmap reserved area
 When mmap reserved area do NOT consider existing hole between PT_LOAD
 segments, this will cause reserved virtual address space too small to
 contain all the sections in the PT_LOAD segment. Since the address space
 mapping of subsequent segments is based on the reserved address space,
 each mmap has a MAP_FIXED flag, which will overwrite the reserved
 address space, if the reserved space is too small, these mmap with
 MAP_FIEXED flag will conflict with other address space. e.g. in some
 case, the address sapce in the .bss section(last data segment) conflicts
 with the address space in the heap(maybe other address space) cause the
 program coredump.
 ---
 elf/dl-map-segments-hugepage.h | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)
 diff --git a/elf/dl-map-segments-hugepage.h b/elf/dl-map-segments-hugepage.h
 index b99f726f..218e93a0 100644
 --- a/elf/dl-map-segments-hugepage.h
 +++ b/elf/dl-map-segments-hugepage.h
@@ -47,10 +47,18 @@ __mmap_reserved_area(const struct loadcmd loadcmds[], size_t nloadcmds,
   const struct loadcmd * c = loadcmds;
   *maparealen = 0;
 +  /*
 +   * Consider maybe-existing hole between PT_LOAD segments
 +   */
   while (c < &loadcmds[nloadcmds])
     {
 -      *maparealen += ALIGN_UP((c->mapend > c->allocend ? c->mapend : c->allocend), SIZE_2MB) -
 +      // c is not the last loadcmd
 +      if (c + 1 < &loadcmds[nloadcmds]) {
 +        *maparealen += ALIGN_UP((c + 1)->mapstart - c->mapstart, SIZE_2MB);
 +      } else {
 +        *maparealen += ALIGN_UP((c->mapend > c->allocend ? c->mapend : c->allocend), SIZE_2MB) -
                       ALIGN_DOWN(c->mapstart, SIZE_2MB);
 +      }
       c++;
     }
 -- 
 2.38.1
--- a/glibc.spec
+++ b/glibc.spec
@ -66,7 +66,7 @@
 ##############################################################################
 Name: 	 	glibc
 Version: 	2.34
-Release: 	117
+Release: 	118
 Summary: 	The GNU libc libraries
 License:	%{all_license}
 URL: 		http://www.gnu.org/software/glibc/
@ -297,6 +297,7 @@ Patch9034: 0002-elf-ld.so-keep-compatible-with-the-original-policy-o.patch
 Patch9035: 0003-elf-ld.so-remove-_mmap_hole-when-ld.so-mmap-PT_LOAD-.patch
 Patch9036: elf-ld.so-add-MAP_NORESERVE-flag-for-the-first-mmap-2MB-contig.patch
 Patch9037: elf-ld.so-prohibit-multiple-i-options-and-do-not-allow-i-speci.patch
 Patch9038: elf-ld.so-Consider-maybe-existing-hole-between-PT_LO.patch
 Provides: ldconfig rtld(GNU_HASH) bundled(gnulib)
@ -1462,6 +1463,9 @@ fi
 %endif
 %changelog
 * Fri Apr 28 2023 Lv Ying <lvying6@huawei.com> - 2.34-118
 - malloc: elf/ld.so: Consider maybe-existing hole between PT_LOAD segments when mmap reserved area
 * Thu Apr 13 2023 Qingqing Li <liqingqing3@huawei.com> - 2.34-117
 - malloc: Fix -Wuse-after-free warning in tst-mallocalign1 [BZ #26779]