From patchwork Sat Nov 28 10:24:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= X-Patchwork-Id: 25403 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id CD53527BBF9; Sat, 28 Nov 2020 10:25:28 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id CE5E927BBF8 for ; Sat, 28 Nov 2020 10:25:27 +0000 (GMT) Received: from localhost ([::1]:35342 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kixPz-0002zn-2S for patchwork@mira.cbaines.net; Sat, 28 Nov 2020 05:25:27 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:33406) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kixPc-0002XM-Oj for guix-patches@gnu.org; Sat, 28 Nov 2020 05:25:04 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:35449) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kixPc-0002eQ-Gq for guix-patches@gnu.org; Sat, 28 Nov 2020 05:25:04 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kixPc-0006u0-DZ for guix-patches@gnu.org; Sat, 28 Nov 2020 05:25:04 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#44899] [PATCH v2 3/4] gnu: glibc: Load ${ORIGIN}/../etc/ld.so.cache when available. Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 28 Nov 2020 10:25:04 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 44899 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 44899@debbugs.gnu.org Cc: Ludovic =?utf-8?q?Court=C3=A8s?= Received: via spool by 44899-submit@debbugs.gnu.org id=B44899.160655910026482 (code B ref 44899); Sat, 28 Nov 2020 10:25:04 +0000 Received: (at 44899) by debbugs.gnu.org; 28 Nov 2020 10:25:00 +0000 Received: from localhost ([127.0.0.1]:46990 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kixPV-0006sw-S5 for submit@debbugs.gnu.org; Sat, 28 Nov 2020 05:25:00 -0500 Received: from eggs.gnu.org ([209.51.188.92]:43348) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kixPH-0006rU-Fd for 44899@debbugs.gnu.org; Sat, 28 Nov 2020 05:24:47 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:42765) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kixPC-0002WC-As; Sat, 28 Nov 2020 05:24:38 -0500 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=49898 helo=gnu.org) by fencepost.gnu.org with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1kixPB-0000YV-SR; Sat, 28 Nov 2020 05:24:38 -0500 From: Ludovic =?utf-8?q?Court=C3=A8s?= Date: Sat, 28 Nov 2020 11:24:08 +0100 Message-Id: <20201128102409.3157-5-ludo@gnu.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20201128102409.3157-1-ludo@gnu.org> References: <20201127083302.2578-1-ludo@gnu.org> <20201128102409.3157-1-ludo@gnu.org> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/packages/patches/glibc-dl-cache.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/base.scm (glibc)[source]: Remove 'snippet' and 'modules'. [arguments]: In 'pre-configure' phase, substitute @STORE_DIRECTORY@ in 'elf/dl-cache.c'. --- gnu/local.mk | 1 + gnu/packages/base.scm | 16 +-- gnu/packages/patches/glibc-dl-cache.patch | 140 ++++++++++++++++++++++ 3 files changed, 147 insertions(+), 10 deletions(-) create mode 100644 gnu/packages/patches/glibc-dl-cache.patch diff --git a/gnu/local.mk b/gnu/local.mk index f9fed30a3f..82c3c608c6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1051,6 +1051,7 @@ dist_patch_DATA = \ %D%/packages/patches/glibc-bootstrap-system-2.2.5.patch \ %D%/packages/patches/glibc-bootstrap-system-2.16.0.patch \ %D%/packages/patches/glibc-bootstrap-system.patch \ + %D%/packages/patches/glibc-dl-cache.patch \ %D%/packages/patches/glibc-hidden-visibility-ldconfig.patch \ %D%/packages/patches/glibc-hurd-clock_gettime_monotonic.patch \ %D%/packages/patches/glibc-hurd-clock_t_centiseconds.patch \ diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index bd352319a1..ad4415f226 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -675,17 +675,8 @@ the store.") (sha256 (base32 "0di848ibffrnwq7g2dvgqrnn4xqhj3h96csn69q4da51ymafl9qn")) - (snippet - ;; Disable 'ldconfig' and /etc/ld.so.cache. The latter is - ;; required on LFS distros to avoid loading the distro's libc.so - ;; instead of ours. - '(begin - (substitute* "sysdeps/unix/sysv/linux/configure" - (("use_ldconfig=yes") - "use_ldconfig=no")) - #t)) - (modules '((guix build utils))) (patches (search-patches "glibc-ldd-x86_64.patch" + "glibc-dl-cache.patch" "glibc-hidden-visibility-ldconfig.patch" "glibc-versioned-locpath.patch" "glibc-allow-kernel-2.6.32.patch" @@ -800,6 +791,11 @@ the store.") ;; 4.7.1. ((" -lgcc_s") "")) + ;; Tell the ld.so cache code where the store is. + (substitute* "elf/dl-cache.c" + (("@STORE_DIRECTORY@") + (string-append "\"" (%store-directory) "\""))) + ;; Have `system' use that Bash. (substitute* "sysdeps/posix/system.c" (("#define[[:blank:]]+SHELL_PATH.*$") diff --git a/gnu/packages/patches/glibc-dl-cache.patch b/gnu/packages/patches/glibc-dl-cache.patch new file mode 100644 index 0000000000..0f23b12add --- /dev/null +++ b/gnu/packages/patches/glibc-dl-cache.patch @@ -0,0 +1,140 @@ +Read the shared library cache relative to $ORIGIN instead of reading +from /etc/ld.so.cache. Also arrange so that this cache takes +precedence over RUNPATH. + +diff --git a/elf/dl-cache.c b/elf/dl-cache.c +index 93d185e788..e0760a1f40 100644 +--- a/elf/dl-cache.c ++++ b/elf/dl-cache.c +@@ -171,6 +171,51 @@ _dl_cache_libcmp (const char *p1, const char *p2) + return *p1 - *p2; + } + ++/* Special value representing the lack of an ld.so cache. */ ++static const char ld_so_cache_lacking[] = "/ld.so cache is lacking"; ++ ++/* Return the per-application ld.so cache, relative to $ORIGIN, or NULL if ++ that fails for some reason. Do not return the system-wide LD_SO_CACHE ++ since on a foreign distro it would contain invalid information. */ ++static const char * ++ld_so_cache (void) ++{ ++ static const char *loader_cache; ++ ++ if (loader_cache == NULL) ++ { ++ static const char store[] = "/gnu/store"; ++ const char *origin = _dl_get_origin (); ++ ++ /* Check whether ORIGIN is something like "/gnu/store/…-foo/bin". */ ++ if (strncmp (store, origin, strlen (store)) == 0 ++ && origin[sizeof store - 1] == '/') ++ { ++ char *store_item_end = strchr (origin + sizeof store, '/'); ++ ++ if (store_item_end != NULL) ++ { ++ static const char suffix[] = "/etc/ld.so.cache"; ++ size_t store_item_len = store_item_end - origin; ++ ++ /* Note: We can't use 'malloc' because it can be interposed. ++ Likewise, 'strncpy' is not available. */ ++ char *cache = alloca (strlen (origin) + sizeof suffix); ++ ++ strcpy (cache, origin); ++ strcpy (cache + store_item_len, suffix); ++ ++ loader_cache = __strdup (cache) ?: ld_so_cache_lacking; ++ } ++ else ++ loader_cache = ld_so_cache_lacking; ++ } ++ else ++ loader_cache = ld_so_cache_lacking; ++ } ++ ++ return loader_cache; ++} + + /* Look up NAME in ld.so.cache and return the file name stored there, or null + if none is found. The cache is loaded if it was not already. If loading +@@ -190,12 +235,15 @@ _dl_load_cache_lookup (const char *name) + + /* Print a message if the loading of libs is traced. */ + if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS)) +- _dl_debug_printf (" search cache=%s\n", LD_SO_CACHE); ++ _dl_debug_printf (" search cache=%s\n", ld_so_cache ()); ++ ++ if (__glibc_unlikely (ld_so_cache () == ld_so_cache_lacking)) ++ return NULL; + + if (cache == NULL) + { + /* Read the contents of the file. */ +- void *file = _dl_sysdep_read_whole_file (LD_SO_CACHE, &cachesize, ++ void *file = _dl_sysdep_read_whole_file (ld_so_cache (), &cachesize, + PROT_READ); + + /* We can handle three different cache file formats here: +diff --git a/elf/dl-load.c b/elf/dl-load.c +index f3201e7c14..a69aec3428 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -2152,28 +2152,6 @@ _dl_map_object (struct link_map *loader, const char *name, + loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded, + LA_SER_LIBPATH, &found_other_class); + +- /* Look at the RUNPATH information for this binary. */ +- if (fd == -1 && loader != NULL +- && cache_rpath (loader, &loader->l_runpath_dirs, +- DT_RUNPATH, "RUNPATH")) +- fd = open_path (name, namelen, mode, +- &loader->l_runpath_dirs, &realname, &fb, loader, +- LA_SER_RUNPATH, &found_other_class); +- +- if (fd == -1) +- { +- realname = _dl_sysdep_open_object (name, namelen, &fd); +- if (realname != NULL) +- { +- fd = open_verify (realname, fd, +- &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded, +- LA_SER_CONFIG, mode, &found_other_class, +- false); +- if (fd == -1) +- free (realname); +- } +- } +- + #ifdef USE_LDCONFIG + if (fd == -1 + && (__glibc_likely ((mode & __RTLD_SECURE) == 0) +@@ -2232,6 +2210,28 @@ _dl_map_object (struct link_map *loader, const char *name, + } + #endif + ++ /* Look at the RUNPATH information for this binary. */ ++ if (fd == -1 && loader != NULL ++ && cache_rpath (loader, &loader->l_runpath_dirs, ++ DT_RUNPATH, "RUNPATH")) ++ fd = open_path (name, namelen, mode, ++ &loader->l_runpath_dirs, &realname, &fb, loader, ++ LA_SER_RUNPATH, &found_other_class); ++ ++ if (fd == -1) ++ { ++ realname = _dl_sysdep_open_object (name, namelen, &fd); ++ if (realname != NULL) ++ { ++ fd = open_verify (realname, fd, ++ &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded, ++ LA_SER_CONFIG, mode, &found_other_class, ++ false); ++ if (fd == -1) ++ free (realname); ++ } ++ } ++ + /* Finally, try the default path. */ + if (fd == -1 + && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL