Re: [PATCH] Add Prefer_MAP_32BIT_EXEC to map executable pages with MAP_32BIT

["Michael Kerrisk (man-pages)" <mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>]

On 12/15/2015 10:34 PM, H.J. Lu wrote:
> On Tue, Dec 15, 2015 at 1:06 PM, Carlos O'Donell <carlos-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> wrote:
>> On 12/15/2015 03:08 PM, H.J. Lu wrote:
>>> On Tue, Dec 15, 2015 at 10:38 AM, Carlos O'Donell <carlos-H+wXaHxf7aJhl2p70BpVqQ@public.gmane.orgm> wrote:
>>>>> On 12/15/2015 01:27 PM, Carlos O'Donell wrote:
>>>>>>> +  cpu_features->feature[index_Prefer_MAP_32BIT_EXEC]
>>>>>>> +    |= get_prefer_map_32bit_exec ();
>>>>>>>
>>>>>>> You wouldn't need get_prefer_map_32bit_exec, since this is all part of
>>>>>>> the code, like dl-librecon.h, which parses the extra env var.
>>>>>
>>>>> To be clear:
>>>>>
>>>>> * Add new bit flag definitions for cpu_features.
>>>>> * Add a sysdeps/unix/sysv/linux/x86_64/dl-silvermont.h
>>>>>   * Fill in EXTRA_LD_ENVVARS or add new ones.
>>>>>   * Write to rtld's GLRO cpu_features the bit you need based
>>>>>     on __libc_enable_secure.
>>>>>
>>>>> That should simplify and concentrate the Silvermont fixes to
>>>>> just two files, making future maintenance and documentation
>>>>> easier.
>>>>>
>>>>>
>>> This is the updated patch.  I put EXTRA_LD_ENVVARS and
>>> EXTRA_UNSECURE_ENVVARS in x86_64/64/dl-librecon.h
>>> to be consistent with i386/dl-librecon.h.  If we ever need to
>>> update EXTRA_LD_ENVVARS/EXTRA_UNSECURE_ENVVARS
>>> in the future, we have a single file to change.
>>>
>>> Tested on x86-64.  OK for master?
>>>
>>> Thanks for all the feedbacks and suggestions.
>>
>> This looks much better and much cleaner. Looks good to me now. It also
>> appears you have consesnsus with this last change.
>>
>> It needs a bug # please since you're fixing a user-visible performance
>> problem on Silvermont.
> 
> I opened
> 
> https://sourceware.org/bugzilla/show_bug.cgi?id=19367
> 
> and checked in my patch.
> 
>> It appears to meet Zack's requirement to choose a security safe default
>> at the expense of performance (I agree with that).
>>
>> I *strongly* urge you to immediately submit a patch to the linux man
>> pages project to document that as of 2.23 this new flag exists and
>> does what you describe it does.

(Thanks, Carlos.)

> Here is a patch for Linux man page.

Thanks, H.J. I applied the patch and tweaked your text somewhat.
Does the following look okay?

       LD_PREFER_MAP_32BIT_EXEC
              (x86-64 only)(glibc since 2.23)  According  to  the  Intel
              Silvermont  software optimization guide, for 64-bit appli‐
              cations, branch prediction performance can  be  negatively
              impacted when the target of a branch is more than 4GB away
              from the branch.  If this environment variable is set  (to
              any  value),  ld.so will first try to map executable pages
              using the mmap(2) MAP_32BIT flag, and fall back to mapping
              without  that  flag  if that attempt fails.  NB: MAP_32BIT
              will map to the low 2GB (not 2GB) of  the  address  space.
              Because  MAP_32BIT reduces the address range available for
              address  space  layout   randomization   (ASLR),   LD_PRE‐
              FER_MAP_32BIT_EXEC  is always disabled in secure-execution
              mode.

Thanks,

Michael

-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html