Re: dynamic linker change to handle multiple PT_LOAD segments
On 1/6/23 1:53 AM, Christos Zoulas wrote: > Our dynamic linker ld_elf.so in map_object.c currently can only handle 2 PT_LOAD segments (one for text and one for data); the kernel elf loader does not have this limitation, it can load multiple PT_LOAD segment. The following patch (from FreeBSD) removes this limitation from the dynamic linker. The reason I made this patch now is that the latest binutils (2.39) for amd64 sets a maxinum pagesize of 2Mb, and when using relocation read only binaries (ld -z relro) this will cause the binaries to have an extra 2Mbytes for alignment. This can be fixed by building binutils to set a separate code segment by default (ld -z separate-code). Binutils then sets the maximum page size to 4Kb. Setting this option creates 4 PT_LOAD segments, two for text (r--, r-x) and two for data (r--, rw-), which also improves security. This is the default for linux on x86 and the patch also makes it the default for NetBSD x86. The patch also adds -z noseparate-code to the kernel builds so that we don't need to fix the boot loaders. I am planning to commit this soon, so please let me know if you hsve any objections. Yes please! I've been tired of BFD ld running so slow and eating up all the memory, and have been seeking for a good alternative. mold[1] looks very promising but it tends to produce more than two PT_LOADs so we can't use it right now. [1] https://github.com/rui314/mold
Re: dynamic linker change to handle multiple PT_LOAD segments
In article <3cf2e88d-1262-419d-bfcf-c11599e2b...@me.com>, Jason Thorpe wrote: > >> On Jan 5, 2023, at 8:53 AM, Christos Zoulas wrote: >> >> Hello, >> >> Our dynamic linker ld_elf.so in map_object.c currently can only handle >2 PT_LOAD segments (one for text and one for data); the kernel elf >loader does not have this limitation, it can load multiple PT_LOAD >segment. The following patch (from FreeBSD) removes this limitation from >the dynamic linker. The reason I made this patch now is that the latest >binutils (2.39) for amd64 sets a maxinum pagesize of 2Mb, and when using >relocation read only binaries (ld -z relro) this will cause the binaries >to have an extra 2Mbytes for alignment. This can be fixed by building >binutils to set a separate code segment by default (ld -z >separate-code). Binutils then sets the maximum page size to 4Kb. Setting >this option creates 4 PT_LOAD segments, two for text (r--, r-x) and two >for data (r--, rw-), which also improves security. This is the default >for linux on x86 and the patch also makes it the default for NetBSD x86. >The patch also adds -z noseparate-code to the kernel builds so that we >don't need to fix the boot loaders. I am planning to commit this soon, >so please let me know if you hsve any objections. >> >> Best, >> >> christos > >Is this ld.elf_so change also going to be put into NetBSD 10? (Seems >like it could / should be?). That way, the configuration changes for the >toolchain (which you will presumable want to upstream) can match against >NetBSD 10 for the new defaults. I've been mulling about it. I would like to give it enough time to be tested on most platforms (ones that I don't have access to) first. christos
Re: dynamic linker change to handle multiple PT_LOAD segments
> On Jan 5, 2023, at 8:53 AM, Christos Zoulas wrote: > > Hello, > > Our dynamic linker ld_elf.so in map_object.c currently can only handle 2 > PT_LOAD segments (one for text and one for data); the kernel elf loader does > not have this limitation, it can load multiple PT_LOAD segment. The following > patch (from FreeBSD) removes this limitation from the dynamic linker. The > reason I made this patch now is that the latest binutils (2.39) for amd64 > sets a maxinum pagesize of 2Mb, and when using relocation read only binaries > (ld -z relro) this will cause the binaries to have an extra 2Mbytes for > alignment. This can be fixed by building binutils to set a separate code > segment by default (ld -z separate-code). Binutils then sets the maximum page > size to 4Kb. Setting this option creates 4 PT_LOAD segments, two for text > (r--, r-x) and two for data (r--, rw-), which also improves security. This is > the default for linux on x86 and the patch also makes it the default for > NetBSD x86. The patch also adds -z noseparate-code to the kernel builds so > that we don't need to fix the boot loaders. I am planning to commit this > soon, so please let me know if you hsve any objections. > > Best, > > christos Is this ld.elf_so change also going to be put into NetBSD 10? (Seems like it could / should be?). That way, the configuration changes for the toolchain (which you will presumable want to upstream) can match against NetBSD 10 for the new defaults. -- thorpej
