| Message ID | 20161027163058.12156-9-kevin.brodsky@arm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Thu, Oct 27, 2016 at 05:30:58PM +0100, Kevin Brodsky wrote: > * The vDSO page replaces the vector page. The vDSO provides its own > sigreturn trampolines, replacing those in the vector page, but the > kuser helpers are gone. As a result enabling the compat vDSO will > break userspace programs relying on the kuser helpers. I think vDSO and vectors page should not exclude each other. If you want to disable the vectors page, let's make it an independent config option like the KUSER_HELPERS in arch/arm64/mm/Kconfig. But I would very much like to be able to have both the vDSO and the vectors page at the same time.
On 04/11/2016 09:50, Catalin Marinas wrote: > On Thu, Oct 27, 2016 at 05:30:58PM +0100, Kevin Brodsky wrote: >> * The vDSO page replaces the vector page. The vDSO provides its own >> sigreturn trampolines, replacing those in the vector page, but the >> kuser helpers are gone. As a result enabling the compat vDSO will >> break userspace programs relying on the kuser helpers. > I think vDSO and vectors page should not exclude each other. If you want > to disable the vectors page, let's make it an independent config option > like the KUSER_HELPERS in arch/arm64/mm/Kconfig. But I would very much > like to be able to have both the vDSO and the vectors page at the same > time. Indeed, I've had exactly the same feedback from Google yesterday (apparently many Android apps with native libs still target ARMv6....). I'll add the option to keep the kuser helpers. There's a small problem though: how to ensure that the kuser helpers + sigreturn trampolines are always included if the compat vDSO is not built? I can enforce CONFIG_KUSER_HELPERS if !CONFIG_VDSO32 (directly in the code/Makefiles), but the dependency cannot be expressed in Kconfig. Thanks, Kevin
On Fri, Nov 04, 2016 at 10:30:08AM -0600, Kevin Brodsky wrote: > On 04/11/2016 09:50, Catalin Marinas wrote: > > On Thu, Oct 27, 2016 at 05:30:58PM +0100, Kevin Brodsky wrote: > > > * The vDSO page replaces the vector page. The vDSO provides its own > > > sigreturn trampolines, replacing those in the vector page, but the > > > kuser helpers are gone. As a result enabling the compat vDSO will > > > break userspace programs relying on the kuser helpers. > > I think vDSO and vectors page should not exclude each other. If you want > > to disable the vectors page, let's make it an independent config option > > like the KUSER_HELPERS in arch/arm64/mm/Kconfig. But I would very much > > like to be able to have both the vDSO and the vectors page at the same > > time. > > Indeed, I've had exactly the same feedback from Google yesterday (apparently > many Android apps with native libs still target ARMv6....). I'll add the > option to keep the kuser helpers. > > There's a small problem though: how to ensure that the kuser helpers + > sigreturn trampolines are always included if the compat vDSO is not built? I > can enforce CONFIG_KUSER_HELPERS if !CONFIG_VDSO32 (directly in the > code/Makefiles), but the dependency cannot be expressed in Kconfig. Or you could insert a separate "sigpage" as arm32 does. This could leave independently of vDSO or vectors page.
On 04/11/2016 10:47, Catalin Marinas wrote: > On Fri, Nov 04, 2016 at 10:30:08AM -0600, Kevin Brodsky wrote: >> On 04/11/2016 09:50, Catalin Marinas wrote: >>> On Thu, Oct 27, 2016 at 05:30:58PM +0100, Kevin Brodsky wrote: >>>> * The vDSO page replaces the vector page. The vDSO provides its own >>>> sigreturn trampolines, replacing those in the vector page, but the >>>> kuser helpers are gone. As a result enabling the compat vDSO will >>>> break userspace programs relying on the kuser helpers. >>> I think vDSO and vectors page should not exclude each other. If you want >>> to disable the vectors page, let's make it an independent config option >>> like the KUSER_HELPERS in arch/arm64/mm/Kconfig. But I would very much >>> like to be able to have both the vDSO and the vectors page at the same >>> time. >> Indeed, I've had exactly the same feedback from Google yesterday (apparently >> many Android apps with native libs still target ARMv6....). I'll add the >> option to keep the kuser helpers. >> >> There's a small problem though: how to ensure that the kuser helpers + >> sigreturn trampolines are always included if the compat vDSO is not built? I >> can enforce CONFIG_KUSER_HELPERS if !CONFIG_VDSO32 (directly in the >> code/Makefiles), but the dependency cannot be expressed in Kconfig. > Or you could insert a separate "sigpage" as arm32 does. This could leave > independently of vDSO or vectors page. Yeah I thought about this too. It's a bit more work but probably cleaner and more flexible, that would also allow to disable the kuser helpers independently of the compat vDSO. Thanks, Kevin
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 969ef880d234..883e50def0eb 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -1017,6 +1017,32 @@ config SYSVIPC_COMPAT def_bool y depends on COMPAT && SYSVIPC +config COMPAT_VDSO + bool "32-bit vDSO" + depends on COMPAT + default n + help + Warning: this completely removes the compat vector page, including + kuser helpers, which may break 32-bit processes. + + Warning: a 32-bit toolchain is necessary to build the vDSO. You + must explicitly define which toolchain should be used by setting + CROSS_COMPILE_ARM32 to the prefix of the 32-bit toolchain (same format + as CROSS_COMPILE). If a 32-bit compiler cannot be found, a warning + will be printed and the kernel will be built as if COMPAT_VDSO had not + been set. + + Provide a vDSO to 32-bit processes. It includes the symbols provided + by the vDSO from the 32-bit kernel, so that a 32-bit libc can use + the compat vDSO without modification. It also provides sigreturn + trampolines, and replaces the vector page. + +config CROSS_COMPILE_ARM32 + string "32-bit toolchain prefix" + help + Same as setting CROSS_COMPILE_ARM32 in the environment, but saved for + future builds. The environment variable overrides this config option. + endmenu menu "Power management options" diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index 3635b8662724..370d8de0c100 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -37,10 +37,32 @@ $(warning LSE atomics not supported by binutils) endif endif -KBUILD_CFLAGS += -mgeneral-regs-only $(lseinstr) +ifeq ($(CONFIG_COMPAT_VDSO), y) + CROSS_COMPILE_ARM32 ?= $(CONFIG_CROSS_COMPILE_ARM32:"%"=%) + + # Check that the user has provided a valid prefix for the 32-bit toolchain. + # To prevent selecting the system gcc by default, the prefix is not allowed to + # be empty, unlike CROSS_COMPILE. In the unlikely event that the system gcc + # is actually the 32-bit ARM compiler to be used, the variable can be set to + # the dirname (e.g. CROSS_COMPILE_ARM32=/usr/bin/). + # Note: this Makefile is read both before and after regenerating the + # config (if needed). Any warning appearing before the config has been + # regenerated should be ignored. + ifeq ($(CROSS_COMPILE_ARM32),) + $(warning CROSS_COMPILE_ARM32 not defined or empty, the compat vDSO will not be built) + else ifeq ($(shell which $(CROSS_COMPILE_ARM32)gcc 2> /dev/null),) + $(warning $(CROSS_COMPILE_ARM32)gcc not found, the compat vDSO will not be built) + else + export CROSS_COMPILE_ARM32 + export CONFIG_VDSO32 := y + vdso32 := -DCONFIG_VDSO32=1 + endif +endif + +KBUILD_CFLAGS += -mgeneral-regs-only $(lseinstr) $(vdso32) KBUILD_CFLAGS += -fno-asynchronous-unwind-tables KBUILD_CFLAGS += $(call cc-option, -mpc-relative-literal-loads) -KBUILD_AFLAGS += $(lseinstr) +KBUILD_AFLAGS += $(lseinstr) $(vdso32) ifeq ($(CONFIG_CPU_BIG_ENDIAN), y) KBUILD_CPPFLAGS += -mbig-endian @@ -139,6 +161,8 @@ archclean: prepare: vdso_prepare vdso_prepare: prepare0 $(Q)$(MAKE) $(build)=arch/arm64/kernel/vdso include/generated/vdso-offsets.h + $(if $(CONFIG_VDSO32),$(Q)$(MAKE) $(build)=arch/arm64/kernel/vdso32 \ + include/generated/vdso32-offsets.h) define archhelp echo '* Image.gz - Compressed kernel image (arch/$(ARCH)/boot/Image.gz)' diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile index 7d66bbaafc0c..1487f8cd06dd 100644 --- a/arch/arm64/kernel/Makefile +++ b/arch/arm64/kernel/Makefile @@ -27,8 +27,11 @@ OBJCOPYFLAGS := --prefix-symbols=__efistub_ $(obj)/%.stub.o: $(obj)/%.o FORCE $(call if_changed,objcopy) -arm64-obj-$(CONFIG_COMPAT) += sys32.o kuser32.o signal32.o \ - sys_compat.o entry32.o +arm64-obj-$(CONFIG_COMPAT) += sys32.o signal32.o sys_compat.o \ + entry32.o +ifneq ($(CONFIG_VDSO32),y) +arm64-obj-y += kuser32.o +endif arm64-obj-$(CONFIG_FUNCTION_TRACER) += ftrace.o entry-ftrace.o arm64-obj-$(CONFIG_MODULES) += arm64ksyms.o module.o arm64-obj-$(CONFIG_ARM64_MODULE_PLTS) += module-plts.o @@ -52,6 +55,7 @@ arm64-obj-$(CONFIG_KEXEC) += machine_kexec.o relocate_kernel.o \ cpu-reset.o obj-y += $(arm64-obj-y) vdso/ probes/ +obj-$(CONFIG_VDSO32) += vdso32/ obj-m += $(arm64-obj-m) head-y := head.o extra-y += $(head-y) vmlinux.lds
Expose the new compat vDSO via the COMPAT_VDSO config option. The option is not enabled in defconfig for two reasons: * The vDSO page replaces the vector page. The vDSO provides its own sigreturn trampolines, replacing those in the vector page, but the kuser helpers are gone. As a result enabling the compat vDSO will break userspace programs relying on the kuser helpers. * We really need a 32-bit compiler this time, and we rely on the user to provide it themselves by setting CROSS_COMPILE_ARM32. Therefore enabling the option by default would make little sense, since the user must explicitly set an environment variable anyway. CONFIG_COMPAT_VDSO is not directly used in the code, because we want to ignore it (build as if it were not set) if the user didn't set CROSS_COMPILE_ARM32 properly. If the variable has been set to a valid prefix, CONFIG_VDSO32 will be set; this is the option that the code and Makefiles test. For more flexibility, like CROSS_COMPILE, CROSS_COMPILE_ARM32 can also be set via CONFIG_CROSS_COMPILE_ARM32 (the environment variable overrides the config option). Signed-off-by: Kevin Brodsky <kevin.brodsky@arm.com> --- arch/arm64/Kconfig | 26 ++++++++++++++++++++++++++ arch/arm64/Makefile | 28 ++++++++++++++++++++++++++-- arch/arm64/kernel/Makefile | 8 ++++++-- 3 files changed, 58 insertions(+), 4 deletions(-)