[PATCH 0/5] Some ld.so updates

[PATCH 0/5] Some ld.so updates

[Adhemerval Zanella]

The patchset updates some environment variables that have been removed
on recent glibc versions, clarify the LD_PROFILE on secure-execution
mode, update the filtered ot environment variables, add missing loader
options, and add the recent glibc hardware capability that replaced the
legacy one.

I will probably sent more updates once my environment variable handling
handling set is installed [1]

[1] https://patchwork.sourceware.org/project/glibc/list/?series=25781

Adhemerval Zanella (5):
  ld.so.8: Update environment variables from recent glibc versions
  ld.so.8: Clarify LD_PROFILE in secure-execution mode
  ld.so.8: Add add filtered out environemnt variable in secure-execution
    mode
  ld.so.8: Describe glibc Hardware capabilities
  ld.so.8: Describe the --list-diagnostics loader option

 man8/ld.so.8 | 91 +++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 76 insertions(+), 15 deletions(-)

-- 
2.34.1

[PATCH 1/5] ld.so.8: Update environment variables from recent glibc versions

[Adhemerval Zanella]

Recent glibc version removed support for LD_TRACE_PRELINKING,
LD_ASSUME_KERNEL, and LD_USE_LOAD_BIAS.

Also adds a note for LD_HWCAP_MASk that since 2.26 the environment
variable might be ignored if glibc does not support tunables.

Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
---
 man8/ld.so.8 | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/man8/ld.so.8 b/man8/ld.so.8
index 900f3a9b9..5b5c22825 100644
--- a/man8/ld.so.8
+++ b/man8/ld.so.8
@@ -310,7 +310,7 @@ A nonzero value may have been set by a Linux Security Module.
 .SS Environment variables
 Among the more important environment variables are the following:
 .TP
-.BR LD_ASSUME_KERNEL " (since glibc 2.2.3)"
+.BR LD_ASSUME_KERNEL " (from glibc 2.2.3 to 2.36)"
 Each shared object can inform the dynamic linker of the minimum kernel ABI
 version that it requires.
 (This requirement is encoded in an ELF note section that is viewable via
@@ -627,8 +627,9 @@ Since glibc 2.3.4,
 .B LD_DYNAMIC_WEAK
 is ignored in secure-execution mode.
 .TP
-.BR LD_HWCAP_MASK " (since glibc 2.1)"
-Mask for hardware capabilities.
+.BR LD_HWCAP_MASK " (from glibc 2.1 to glibc 2.38)"
+Mask for hardware capabilities.  Since glibc 2.26 the option might be ignored
+if glibc does not support tunables.
 .TP
 .BR LD_ORIGIN_PATH " (since glibc 2.1)"
 Path where the binary is found.
@@ -691,7 +692,7 @@ Since glibc 2.3.4,
 .B LD_SHOW_AUXV
 is ignored in secure-execution mode.
 .TP
-.BR LD_TRACE_PRELINKING " (since glibc 2.4)"
+.BR LD_TRACE_PRELINKING " (from glibc 2.4 to glibc 2.35)"
 If this environment variable is defined,
 trace prelinking of the object whose name is assigned to
 this environment variable.
@@ -702,7 +703,7 @@ If the object name is not recognized,
 .\" (This is what seems to happen, from experimenting)
 then all prelinking activity is traced.
 .TP
-.BR LD_USE_LOAD_BIAS " (since glibc 2.3.3)"
+.BR LD_USE_LOAD_BIAS " (from glibc 2.3.3 to 2.35)"
 .\" http://sources.redhat.com/ml/libc-hacker/2003-11/msg00127.html
 .\" Subject: [PATCH] Support LD_USE_LOAD_BIAS
 .\" Jakub Jelinek
-- 
2.34.1

Re: [PATCH 1/5] ld.so.8: Update environment variables from recent glibc versions

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 4586 bytes --]

Hi Adhemerval!

On Wed, Oct 18, 2023 at 02:21:00PM -0300, Adhemerval Zanella wrote:
> Recent glibc version removed support for LD_TRACE_PRELINKING,
> LD_ASSUME_KERNEL, and LD_USE_LOAD_BIAS.
> 
> Also adds a note for LD_HWCAP_MASk that since 2.26 the environment
> variable might be ignored if glibc does not support tunables.
> 
> Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> ---

Patch applied.  Thanks!

I've also applied some small fixes for consistency, and to use "semantic
newlines".  See below.

Cheers,
Alex

P.S.:
I'm deprecating <alx.manpages@gmail.com>; please use <alx@kernel.org>.

---

diff --git a/man8/ld.so.8 b/man8/ld.so.8
index 5b5c22825..1999c24d6 100644
--- a/man8/ld.so.8
+++ b/man8/ld.so.8
@@ -310,7 +310,7 @@ .SS Secure-execution mode
 .SS Environment variables
 Among the more important environment variables are the following:
 .TP
-.BR LD_ASSUME_KERNEL " (from glibc 2.2.3 to 2.36)"
+.BR LD_ASSUME_KERNEL " (from glibc 2.2.3 to glibc 2.36)"
 Each shared object can inform the dynamic linker of the minimum kernel ABI
 version that it requires.
 (This requirement is encoded in an ELF note section that is viewable via
@@ -628,7 +628,9 @@ .SS Environment variables
 is ignored in secure-execution mode.
 .TP
 .BR LD_HWCAP_MASK " (from glibc 2.1 to glibc 2.38)"
-Mask for hardware capabilities.  Since glibc 2.26 the option might be ignored
+Mask for hardware capabilities.
+Since glibc 2.26,
+the option might be ignored
 if glibc does not support tunables.
 .TP
 .BR LD_ORIGIN_PATH " (since glibc 2.1)"
@@ -703,7 +705,7 @@ .SS Environment variables
 .\" (This is what seems to happen, from experimenting)
 then all prelinking activity is traced.
 .TP
-.BR LD_USE_LOAD_BIAS " (from glibc 2.3.3 to 2.35)"
+.BR LD_USE_LOAD_BIAS " (from glibc 2.3.3 to glibc 2.35)"
 .\" http://sources.redhat.com/ml/libc-hacker/2003-11/msg00127.html
 .\" Subject: [PATCH] Support LD_USE_LOAD_BIAS
 .\" Jakub Jelinek


$ MANWIDTH=72 man man-pages | sed -n '/Use semantic newlines/,/^$/p'
   Use semantic newlines
       In the source of a manual page, new sentences should be started
       on  new  lines,  long  sentences  should be split into lines at
       clause breaks (commas, semicolons, colons, and so on), and long
       clauses should be split at phrase boundaries.  This convention,
       sometimes known as "semantic newlines", makes it easier to  see
       the  effect of patches, which often operate at the level of in‐
       dividual sentences, clauses, or phrases.

>  man8/ld.so.8 | 11 ++++++-----
>  1 file changed, 6 insertions(+), 5 deletions(-)
> 
> diff --git a/man8/ld.so.8 b/man8/ld.so.8
> index 900f3a9b9..5b5c22825 100644
> --- a/man8/ld.so.8
> +++ b/man8/ld.so.8
> @@ -310,7 +310,7 @@ A nonzero value may have been set by a Linux Security Module.
>  .SS Environment variables
>  Among the more important environment variables are the following:
>  .TP
> -.BR LD_ASSUME_KERNEL " (since glibc 2.2.3)"
> +.BR LD_ASSUME_KERNEL " (from glibc 2.2.3 to 2.36)"
>  Each shared object can inform the dynamic linker of the minimum kernel ABI
>  version that it requires.
>  (This requirement is encoded in an ELF note section that is viewable via
> @@ -627,8 +627,9 @@ Since glibc 2.3.4,
>  .B LD_DYNAMIC_WEAK
>  is ignored in secure-execution mode.
>  .TP
> -.BR LD_HWCAP_MASK " (since glibc 2.1)"
> -Mask for hardware capabilities.
> +.BR LD_HWCAP_MASK " (from glibc 2.1 to glibc 2.38)"
> +Mask for hardware capabilities.  Since glibc 2.26 the option might be ignored
> +if glibc does not support tunables.
>  .TP
>  .BR LD_ORIGIN_PATH " (since glibc 2.1)"
>  Path where the binary is found.
> @@ -691,7 +692,7 @@ Since glibc 2.3.4,
>  .B LD_SHOW_AUXV
>  is ignored in secure-execution mode.
>  .TP
> -.BR LD_TRACE_PRELINKING " (since glibc 2.4)"
> +.BR LD_TRACE_PRELINKING " (from glibc 2.4 to glibc 2.35)"
>  If this environment variable is defined,
>  trace prelinking of the object whose name is assigned to
>  this environment variable.
> @@ -702,7 +703,7 @@ If the object name is not recognized,
>  .\" (This is what seems to happen, from experimenting)
>  then all prelinking activity is traced.
>  .TP
> -.BR LD_USE_LOAD_BIAS " (since glibc 2.3.3)"
> +.BR LD_USE_LOAD_BIAS " (from glibc 2.3.3 to 2.35)"
>  .\" http://sources.redhat.com/ml/libc-hacker/2003-11/msg00127.html
>  .\" Subject: [PATCH] Support LD_USE_LOAD_BIAS
>  .\" Jakub Jelinek
> -- 
> 2.34.1
> 

-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH 1/5] ld.so.8: Update environment variables from recent glibc versions

[Adhemerval Zanella Netto]

On 18/10/23 16:06, Alejandro Colomar wrote:
> Hi Adhemerval!
> 
> On Wed, Oct 18, 2023 at 02:21:00PM -0300, Adhemerval Zanella wrote:
>> Recent glibc version removed support for LD_TRACE_PRELINKING,
>> LD_ASSUME_KERNEL, and LD_USE_LOAD_BIAS.
>>
>> Also adds a note for LD_HWCAP_MASk that since 2.26 the environment
>> variable might be ignored if glibc does not support tunables.
>>
>> Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
>> ---
> 
> Patch applied.  Thanks!
> 
> I've also applied some small fixes for consistency, and to use "semantic
> newlines".  See below.

Thanks, I will keep this in mind for future patches.

> 
> Cheers,
> Alex
> 
> P.S.:
> I'm deprecating <alx.manpages@gmail.com>; please use <alx@kernel.org>.
> 
> ---
> 
> diff --git a/man8/ld.so.8 b/man8/ld.so.8
> index 5b5c22825..1999c24d6 100644
> --- a/man8/ld.so.8
> +++ b/man8/ld.so.8
> @@ -310,7 +310,7 @@ .SS Secure-execution mode
>  .SS Environment variables
>  Among the more important environment variables are the following:
>  .TP
> -.BR LD_ASSUME_KERNEL " (from glibc 2.2.3 to 2.36)"
> +.BR LD_ASSUME_KERNEL " (from glibc 2.2.3 to glibc 2.36)"
>  Each shared object can inform the dynamic linker of the minimum kernel ABI
>  version that it requires.
>  (This requirement is encoded in an ELF note section that is viewable via
> @@ -628,7 +628,9 @@ .SS Environment variables
>  is ignored in secure-execution mode.
>  .TP
>  .BR LD_HWCAP_MASK " (from glibc 2.1 to glibc 2.38)"
> -Mask for hardware capabilities.  Since glibc 2.26 the option might be ignored
> +Mask for hardware capabilities.
> +Since glibc 2.26,
> +the option might be ignored
>  if glibc does not support tunables.
>  .TP
>  .BR LD_ORIGIN_PATH " (since glibc 2.1)"
> @@ -703,7 +705,7 @@ .SS Environment variables
>  .\" (This is what seems to happen, from experimenting)
>  then all prelinking activity is traced.
>  .TP
> -.BR LD_USE_LOAD_BIAS " (from glibc 2.3.3 to 2.35)"
> +.BR LD_USE_LOAD_BIAS " (from glibc 2.3.3 to glibc 2.35)"
>  .\" http://sources.redhat.com/ml/libc-hacker/2003-11/msg00127.html
>  .\" Subject: [PATCH] Support LD_USE_LOAD_BIAS
>  .\" Jakub Jelinek
> 
> 
> $ MANWIDTH=72 man man-pages | sed -n '/Use semantic newlines/,/^$/p'
>    Use semantic newlines
>        In the source of a manual page, new sentences should be started
>        on  new  lines,  long  sentences  should be split into lines at
>        clause breaks (commas, semicolons, colons, and so on), and long
>        clauses should be split at phrase boundaries.  This convention,
>        sometimes known as "semantic newlines", makes it easier to  see
>        the  effect of patches, which often operate at the level of in‐
>        dividual sentences, clauses, or phrases.

[PATCH 2/5] ld.so.8: Clarify LD_PROFILE in secure-execution mode

[Adhemerval Zanella]

Different than specified, glibc 2.2.5 does not ignore LD_PROFILE in
secure-execution mode.  Instead, it uses the default LD_PROFILE_OUTPUT
(/var/profile) folder.

Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
---
 man8/ld.so.8 | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/man8/ld.so.8 b/man8/ld.so.8
index 5b5c22825..74286d583 100644
--- a/man8/ld.so.8
+++ b/man8/ld.so.8
@@ -664,7 +664,7 @@ Profiling output is appended to the file whose name is:
 .IP
 Since glibc 2.2.5,
 .B LD_PROFILE
-is ignored in secure-execution mode.
+uses a different default path in secure-execution mode.
 .TP
 .BR LD_PROFILE_OUTPUT " (since glibc 2.1)"
 Directory where
@@ -672,16 +672,13 @@ Directory where
 output should be written.
 If this variable is not defined, or is defined as an empty string,
 then the default is
-.IR /var/tmp .
+.IR /var/tmp
+or
+.IR /var/profile
+in secure-execution mode.
 .IP
 .B LD_PROFILE_OUTPUT
-is ignored in secure-execution mode; instead
-.I /var/profile
-is always used.
-(This detail is relevant only before glibc 2.2.5,
-since in later glibc versions,
-.B LD_PROFILE
-is also ignored in secure-execution mode.)
+is ignored in secure-execution mode.
 .TP
 .BR LD_SHOW_AUXV " (since glibc 2.1)"
 If this environment variable is defined (with any value),
-- 
2.34.1

Re: [PATCH 2/5] ld.so.8: Clarify LD_PROFILE in secure-execution mode

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 1786 bytes --]

Hi Adhemerval,

On Wed, Oct 18, 2023 at 02:21:01PM -0300, Adhemerval Zanella wrote:
> Different than specified, glibc 2.2.5 does not ignore LD_PROFILE in

The text being removed talks about glibc _before_ 2.2.5, that is,
every version until 2.2.4.  That doesn't match the commit message.
Please check.

Thanks,
Alex

> secure-execution mode.  Instead, it uses the default LD_PROFILE_OUTPUT
> (/var/profile) folder.
> 
> Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> ---
>  man8/ld.so.8 | 15 ++++++---------
>  1 file changed, 6 insertions(+), 9 deletions(-)
> 
> diff --git a/man8/ld.so.8 b/man8/ld.so.8
> index 5b5c22825..74286d583 100644
> --- a/man8/ld.so.8
> +++ b/man8/ld.so.8
> @@ -664,7 +664,7 @@ Profiling output is appended to the file whose name is:
>  .IP
>  Since glibc 2.2.5,
>  .B LD_PROFILE
> -is ignored in secure-execution mode.
> +uses a different default path in secure-execution mode.
>  .TP
>  .BR LD_PROFILE_OUTPUT " (since glibc 2.1)"
>  Directory where
> @@ -672,16 +672,13 @@ Directory where
>  output should be written.
>  If this variable is not defined, or is defined as an empty string,
>  then the default is
> -.IR /var/tmp .
> +.IR /var/tmp
> +or
> +.IR /var/profile
> +in secure-execution mode.
>  .IP
>  .B LD_PROFILE_OUTPUT
> -is ignored in secure-execution mode; instead
> -.I /var/profile
> -is always used.
> -(This detail is relevant only before glibc 2.2.5,
> -since in later glibc versions,
> -.B LD_PROFILE
> -is also ignored in secure-execution mode.)
> +is ignored in secure-execution mode.
>  .TP
>  .BR LD_SHOW_AUXV " (since glibc 2.1)"
>  If this environment variable is defined (with any value),
> -- 
> 2.34.1
> 

-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH 2/5] ld.so.8: Clarify LD_PROFILE in secure-execution mode

[Adhemerval Zanella Netto]

On 18/10/23 16:19, Alejandro Colomar wrote:
> Hi Adhemerval,
> 
> On Wed, Oct 18, 2023 at 02:21:01PM -0300, Adhemerval Zanella wrote:
>> Different than specified, glibc 2.2.5 does not ignore LD_PROFILE in
> 
> The text being removed talks about glibc _before_ 2.2.5, that is,
> every version until 2.2.4.  That doesn't match the commit message.
> Please check.

There is no different between 2.2.4 and 2.2.5, LD_PROFILE is always
accepeted for secure-execution mode, while LD_PROFILE_OUTPUT is 
ignored (the default path is used ("/var/profile")).

I though it would make clear to specify the profile path only on
LD_PROFILE description, but I don't have a strong preference.

> 
> Thanks,
> Alex
> 
>> secure-execution mode.  Instead, it uses the default LD_PROFILE_OUTPUT
>> (/var/profile) folder.
>>
>> Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
>> ---
>>  man8/ld.so.8 | 15 ++++++---------
>>  1 file changed, 6 insertions(+), 9 deletions(-)
>>
>> diff --git a/man8/ld.so.8 b/man8/ld.so.8
>> index 5b5c22825..74286d583 100644
>> --- a/man8/ld.so.8
>> +++ b/man8/ld.so.8
>> @@ -664,7 +664,7 @@ Profiling output is appended to the file whose name is:
>>  .IP
>>  Since glibc 2.2.5,
>>  .B LD_PROFILE
>> -is ignored in secure-execution mode.
>> +uses a different default path in secure-execution mode.
>>  .TP
>>  .BR LD_PROFILE_OUTPUT " (since glibc 2.1)"
>>  Directory where
>> @@ -672,16 +672,13 @@ Directory where
>>  output should be written.
>>  If this variable is not defined, or is defined as an empty string,
>>  then the default is
>> -.IR /var/tmp .
>> +.IR /var/tmp
>> +or
>> +.IR /var/profile
>> +in secure-execution mode.
>>  .IP
>>  .B LD_PROFILE_OUTPUT
>> -is ignored in secure-execution mode; instead
>> -.I /var/profile
>> -is always used.
>> -(This detail is relevant only before glibc 2.2.5,
>> -since in later glibc versions,
>> -.B LD_PROFILE
>> -is also ignored in secure-execution mode.)
>> +is ignored in secure-execution mode.
>>  .TP
>>  .BR LD_SHOW_AUXV " (since glibc 2.1)"
>>  If this environment variable is defined (with any value),
>> -- 
>> 2.34.1
>>
> 

Re: [PATCH 2/5] ld.so.8: Clarify LD_PROFILE in secure-execution mode

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 2516 bytes --]

Hi Adhemerval,

On Wed, Oct 18, 2023 at 05:47:19PM -0300, Adhemerval Zanella Netto wrote:
> 
> 
> On 18/10/23 16:19, Alejandro Colomar wrote:
> > Hi Adhemerval,
> > 
> > On Wed, Oct 18, 2023 at 02:21:01PM -0300, Adhemerval Zanella wrote:
> >> Different than specified, glibc 2.2.5 does not ignore LD_PROFILE in
> > 
> > The text being removed talks about glibc _before_ 2.2.5, that is,
> > every version until 2.2.4.  That doesn't match the commit message.
> > Please check.
> 
> There is no different between 2.2.4 and 2.2.5, LD_PROFILE is always
> accepeted for secure-execution mode, while LD_PROFILE_OUTPUT is 
> ignored (the default path is used ("/var/profile")).
> 
> I though it would make clear to specify the profile path only on
> LD_PROFILE description, but I don't have a strong preference.

Sorry, I misread the patch.  :)

Cheers,
Alex

> 
> > 
> > Thanks,
> > Alex
> > 
> >> secure-execution mode.  Instead, it uses the default LD_PROFILE_OUTPUT
> >> (/var/profile) folder.
> >>
> >> Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> >> ---
> >>  man8/ld.so.8 | 15 ++++++---------
> >>  1 file changed, 6 insertions(+), 9 deletions(-)
> >>
> >> diff --git a/man8/ld.so.8 b/man8/ld.so.8
> >> index 5b5c22825..74286d583 100644
> >> --- a/man8/ld.so.8
> >> +++ b/man8/ld.so.8
> >> @@ -664,7 +664,7 @@ Profiling output is appended to the file whose name is:
> >>  .IP
> >>  Since glibc 2.2.5,
> >>  .B LD_PROFILE
> >> -is ignored in secure-execution mode.
> >> +uses a different default path in secure-execution mode.
> >>  .TP
> >>  .BR LD_PROFILE_OUTPUT " (since glibc 2.1)"
> >>  Directory where
> >> @@ -672,16 +672,13 @@ Directory where
> >>  output should be written.
> >>  If this variable is not defined, or is defined as an empty string,
> >>  then the default is
> >> -.IR /var/tmp .
> >> +.IR /var/tmp
> >> +or
> >> +.IR /var/profile
> >> +in secure-execution mode.
> >>  .IP
> >>  .B LD_PROFILE_OUTPUT
> >> -is ignored in secure-execution mode; instead
> >> -.I /var/profile
> >> -is always used.
> >> -(This detail is relevant only before glibc 2.2.5,
> >> -since in later glibc versions,
> >> -.B LD_PROFILE
> >> -is also ignored in secure-execution mode.)
> >> +is ignored in secure-execution mode.
> >>  .TP
> >>  .BR LD_SHOW_AUXV " (since glibc 2.1)"
> >>  If this environment variable is defined (with any value),
> >> -- 
> >> 2.34.1
> >>
> > 

-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[PATCH 3/5] ld.so.8: Add add filtered out environment variable in secure-execution mode

[Adhemerval Zanella]

They are define by unservars.h file in glibc code [1].

[1] https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/generic/unsecvars.h;h=8278c50a84ffda18e28c178d390f1899d8306e26;hb=HEAD

Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
---
 man8/ld.so.8 | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/man8/ld.so.8 b/man8/ld.so.8
index 74286d583..a0020be98 100644
--- a/man8/ld.so.8
+++ b/man8/ld.so.8
@@ -280,6 +280,17 @@ Other environment variables treated in this way include:
 .BR GETCONF_DIR ,
 .BR HOSTALIASES ,
 .BR LOCALDOMAIN ,
+.BR LD_AUDIT ,
+.BR LD_DEBUG ,
+.BR LD_DEBUG_OUTPUT ,
+.BR LD_DYNAMIC_WEAK ,
+.BR LD_HWCAP_MASK,
+.BR LD_LIBRARY_PATH ,
+.BR LD_ORIGIN_PATH ,
+.BR LD_PRELOAD ,
+.BR LD_PROFILE ,
+.BR LD_SHOW_AUXV ,
+.BR LOCALDOMAIN ,
 .BR LOCPATH ,
 .BR MALLOC_TRACE ,
 .BR NIS_PATH ,
-- 
2.34.1

Re: [PATCH 3/5] ld.so.8: Add add filtered out environment variable in secure-execution mode

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 1147 bytes --]

Hi Adhemerval,

On Wed, Oct 18, 2023 at 02:21:02PM -0300, Adhemerval Zanella wrote:
> They are define by unservars.h file in glibc code [1].

s/define/defined/

> 
> [1] https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/generic/unsecvars.h;h=8278c50a84ffda18e28c178d390f1899d8306e26;hb=HEAD
> 
> Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

Patch applied.

Thanks,
Alex

> ---
>  man8/ld.so.8 | 11 +++++++++++
>  1 file changed, 11 insertions(+)
> 
> diff --git a/man8/ld.so.8 b/man8/ld.so.8
> index 74286d583..a0020be98 100644
> --- a/man8/ld.so.8
> +++ b/man8/ld.so.8
> @@ -280,6 +280,17 @@ Other environment variables treated in this way include:
>  .BR GETCONF_DIR ,
>  .BR HOSTALIASES ,
>  .BR LOCALDOMAIN ,
> +.BR LD_AUDIT ,
> +.BR LD_DEBUG ,
> +.BR LD_DEBUG_OUTPUT ,
> +.BR LD_DYNAMIC_WEAK ,
> +.BR LD_HWCAP_MASK,
> +.BR LD_LIBRARY_PATH ,
> +.BR LD_ORIGIN_PATH ,
> +.BR LD_PRELOAD ,
> +.BR LD_PROFILE ,
> +.BR LD_SHOW_AUXV ,
> +.BR LOCALDOMAIN ,
>  .BR LOCPATH ,
>  .BR MALLOC_TRACE ,
>  .BR NIS_PATH ,
> -- 
> 2.34.1
> 

-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[PATCH 4/5] ld.so.8: Describe glibc Hardware capabilities

[Adhemerval Zanella]

It was added on glibc 2.33 as a way to improve path search, since
legacy hardware capabilities combination scheme do not scale
properly with new hardware support.  The legacy support was removed
on glibc 2.37, so it is the only scheme currently supported.

Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
---
 man8/ld.so.8 | 47 ++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 46 insertions(+), 1 deletion(-)

diff --git a/man8/ld.so.8 b/man8/ld.so.8
index a0020be98..0e742cddd 100644
--- a/man8/ld.so.8
+++ b/man8/ld.so.8
@@ -208,6 +208,14 @@ The objects in
 .I list
 are delimited by colons.
 .TP
+.BI \-\-glibc-hwcaps-mask " list"
+only search built-in subdirectories if in
+.IR list .
+.TP
+.BI \-\-glibc-hwcaps-prepend " list"
+Search glibc-hwcaps subdirectories in
+.IR list .
+.TP
 .B \-\-inhibit\-cache
 Do not use
 .IR /etc/ld.so.cache .
@@ -797,7 +805,7 @@ as a temporary workaround to a library misconfiguration issue.)
 .I lib*.so*
 shared objects
 .SH NOTES
-.SS Hardware capabilities
+.SS Legacy Hardware capabilities (from glibc 2.5 to glibc 2.37)
 Some shared objects are compiled using hardware-specific instructions which do
 not exist on every CPU.
 Such objects should be installed in directories whose names define the
@@ -832,6 +840,43 @@ z900, z990, z9-109, z10, zarch
 .B x86 (32-bit only)
 acpi, apic, clflush, cmov, cx8, dts, fxsr, ht, i386, i486, i586, i686, mca, mmx,
 mtrr, pat, pbe, pge, pn, pse36, sep, ss, sse, sse2, tm
+.SS glibc Hardware capabilities (from glibc 2.33)
+The legacy hardware capabilities combinations has the drawback where each feature
+name incur in cascading extra paths added on the search path list, adding a lot of
+overhead on
+.B
+ld.so
+during library resolution.  For instance, on x86 32-bit, if the hardware supports
+.B i686
+and
+.B sse2
+, the resulting search path will be
+.B
+i686/sse2:i686:sse2:. .
+A new capability
+.B newcap
+will set the search path to
+.B
+newcap/i686/sse2:newcap/i686:newcap/sse2:newcap:i686/sse2:i686:sse2: .
+
+The glibc 2.33 added a new hardware capability scheme, where each ABI can define a
+set of paths based on expected hardware support. Each path is added depending of
+the hardware of the machine, and they are not combined together. They also have
+priority over the legacy hardware capabilities. The following paths are currently
+supported.
+.TP
+.B PowerPC (64-bit little-endian only)
+power9, power10
+.TP
+.B s390 (64-bit only)
+z13, z14, z15, z16
+.TP
+.B x86 (64-bit only)
+x86-64-v2, x86-64-v3, x86-64-v4
+.TP
+
+The glibc 2.37 removed support for the legacy hardware capabilities.
+
 .SH SEE ALSO
 .BR ld (1),
 .BR ldd (1),
-- 
2.34.1

Re: [PATCH 4/5] ld.so.8: Describe glibc Hardware capabilities

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 5621 bytes --]

Hi Adhemerval,

On Wed, Oct 18, 2023 at 02:21:03PM -0300, Adhemerval Zanella wrote:
> It was added on glibc 2.33 as a way to improve path search, since
> legacy hardware capabilities combination scheme do not scale
> properly with new hardware support.  The legacy support was removed
> on glibc 2.37, so it is the only scheme currently supported.
> 
> Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> ---
>  man8/ld.so.8 | 47 ++++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 46 insertions(+), 1 deletion(-)
> 
> diff --git a/man8/ld.so.8 b/man8/ld.so.8
> index a0020be98..0e742cddd 100644
> --- a/man8/ld.so.8
> +++ b/man8/ld.so.8
> @@ -208,6 +208,14 @@ The objects in
>  .I list
>  are delimited by colons.
>  .TP
> +.BI \-\-glibc-hwcaps-mask " list"
> +only search built-in subdirectories if in
> +.IR list .
> +.TP
> +.BI \-\-glibc-hwcaps-prepend " list"
> +Search glibc-hwcaps subdirectories in
> +.IR list .
> +.TP
>  .B \-\-inhibit\-cache
>  Do not use
>  .IR /etc/ld.so.cache .
> @@ -797,7 +805,7 @@ as a temporary workaround to a library misconfiguration issue.)
>  .I lib*.so*
>  shared objects
>  .SH NOTES
> -.SS Hardware capabilities
> +.SS Legacy Hardware capabilities (from glibc 2.5 to glibc 2.37)
>  Some shared objects are compiled using hardware-specific instructions which do
>  not exist on every CPU.
>  Such objects should be installed in directories whose names define the
> @@ -832,6 +840,43 @@ z900, z990, z9-109, z10, zarch
>  .B x86 (32-bit only)
>  acpi, apic, clflush, cmov, cx8, dts, fxsr, ht, i386, i486, i586, i686, mca, mmx,
>  mtrr, pat, pbe, pge, pn, pse36, sep, ss, sse, sse2, tm
> +.SS glibc Hardware capabilities (from glibc 2.33)
> +The legacy hardware capabilities combinations has the drawback where each feature

Please don't use more than 80 columns in man(7) source.  See this
warning:

$ make --debug=print lint-man-mandoc
LINT (mandoc)	.tmp/man/man8/ld.so.8.lint-man.mandoc.touch
! (mandoc -man -Tlint  man8/ld.so.8 2>&1 \
   | grep -v -f './share/lint/mandoc/man.ignore.grep' \
   ||:; \
) \
| grep ^ >&2
mandoc: man8/ld.so.8:849:81: STYLE: input text line longer than 80 bytes: The legacy hardware ...
mandoc: man8/ld.so.8:850:82: STYLE: input text line longer than 80 bytes: name incur in cascad...
mandoc: man8/ld.so.8:854:81: STYLE: input text line longer than 80 bytes: during library resol...
mandoc: man8/ld.so.8:867:82: STYLE: input text line longer than 80 bytes: The glibc 2.33 added...
mandoc: man8/ld.so.8:870:81: STYLE: input text line longer than 80 bytes: priority over the le...
mandoc: man8/ld.so.8:882:1: WARNING: skipping blank line in line scope
make: *** [share/mk/lint/man/man.mk:32: .tmp/man/man8/ld.so.8.lint-man.mandoc.touch] Error 1

> +name incur in cascading extra paths added on the search path list, adding a lot of

Also, please use semantic newlines.  See man-pages(7):

$ MANWIDTH=72 man man-pages | sed -n '/Use semantic newlines/,/^$/p'
   Use semantic newlines
       In the source of a manual page, new sentences should be started
       on  new  lines,  long  sentences  should be split into lines at
       clause breaks (commas, semicolons, colons, and so on), and long
       clauses should be split at phrase boundaries.  This convention,
       sometimes known as "semantic newlines", makes it easier to  see
       the  effect of patches, which often operate at the level of in‐
       dividual sentences, clauses, or phrases.

> +overhead on
> +.B
> +ld.so

We prefer having it all in one line:  .B ld.so

> +during library resolution.  For instance, on x86 32-bit, if the hardware supports
> +.B i686
> +and
> +.B sse2
> +, the resulting search path will be
> +.B
> +i686/sse2:i686:sse2:. .
> +A new capability
> +.B newcap
> +will set the search path to
> +.B
> +newcap/i686/sse2:newcap/i686:newcap/sse2:newcap:i686/sse2:i686:sse2: .
> +

Please don't use blank lines in man(7) source.  If you want a paragraph
separator, use '.PP'.  See this warning:

$ make build-catman
TROFF	.tmp/man/man8/ld.so.8.cat.set
an.tmac:man8/ld.so.8:866: style: blank line in input
an.tmac:man8/ld.so.8:882: style: blank line in input
an.tmac:man8/ld.so.8:884: style: blank line in input
make: *** [share/mk/build/catman.mk:54: .tmp/man/man8/ld.so.8.cat.set] Error 1
make: *** Deleting file '.tmp/man/man8/ld.so.8.cat.set'


> +The glibc 2.33 added a new hardware capability scheme, where each ABI can define a

s/The //
s/, /,\n/

> +set of paths based on expected hardware support. Each path is added depending of

s/\. /\.\n/

(And if we ever had two sentences in the same source line, there should
be two spaces.  But we don't.)

> +the hardware of the machine, and they are not combined together. They also have
> +priority over the legacy hardware capabilities. The following paths are currently
> +supported.
> +.TP
> +.B PowerPC (64-bit little-endian only)
> +power9, power10
> +.TP
> +.B s390 (64-bit only)
> +z13, z14, z15, z16
> +.TP
> +.B x86 (64-bit only)
> +x86-64-v2, x86-64-v3, x86-64-v4
> +.TP
> +

TP means tagged paragraph.  If you don't want a _tagged_ paragraph, you
just want a paragraph, which is PP.

> +The glibc 2.37 removed support for the legacy hardware capabilities.
> +

This blank is unnecessary, although you may want some separator before
the .SH, for which '.' or '.\"' would be acceptable.

Thanks,
Alex

>  .SH SEE ALSO
>  .BR ld (1),
>  .BR ldd (1),
> -- 
> 2.34.1
> 

-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[PATCH 5/5] ld.so.8: Describe the --list-diagnostics loader option

[Adhemerval Zanella]

It was added on glibc 2.33 as a way to print system diagnostic
information in a machine-readable format.

Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
---
 man8/ld.so.8 | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/man8/ld.so.8 b/man8/ld.so.8
index 0e742cddd..66f14aef4 100644
--- a/man8/ld.so.8
+++ b/man8/ld.so.8
@@ -246,6 +246,13 @@ are delimited by colons or spaces.
 .B \-\-list
 List all dependencies and how they are resolved.
 .TP
+.BR \-\-list\-diagnostics " (since glibc 2.33)
+Print system diagnostic information in a machine-readable format, such as some
+internal loader variables, the auxiliary vector (see
+.BR getauxval (3)),
+and the environment variables.  On some architecture, the command might print
+additional information (like the cpu features used in GNU indirect function
+selection on x86).
 .BR \-\-list\-tunables " (since glibc 2.33)"
 Print the names and values of all tunables,
 along with the minimum and maximum allowed values.
-- 
2.34.1

Re: [PATCH 5/5] ld.so.8: Describe the --list-diagnostics loader option

[Alejandro Colomar]

[-- Attachment #1: Type: text/plain, Size: 2937 bytes --]

Hi Adhemerval,

On Wed, Oct 18, 2023 at 02:21:04PM -0300, Adhemerval Zanella wrote:
> It was added on glibc 2.33 as a way to print system diagnostic
> information in a machine-readable format.
> 
> Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

Patch applied.  Thanks!

I've amended with the following minor fixes:

diff --git a/man8/ld.so.8 b/man8/ld.so.8
index 6684b8418..d4eb27a70 100644
--- a/man8/ld.so.8
+++ b/man8/ld.so.8
@@ -238,13 +238,16 @@ .SH OPTIONS
 .B \-\-list
 List all dependencies and how they are resolved.
 .TP
-.BR \-\-list\-diagnostics " (since glibc 2.33)
-Print system diagnostic information in a machine-readable format, such as some
-internal loader variables, the auxiliary vector (see
+.BR \-\-list\-diagnostics " (since glibc 2.33)"
+Print system diagnostic information in a machine-readable format,
+such as some internal loader variables,
+the auxiliary vector
+(see
 .BR getauxval (3)),
-and the environment variables.  On some architecture, the command might print
-additional information (like the cpu features used in GNU indirect function
-selection on x86).
+and the environment variables.
+On some architectures,
+the command might print additional information
+(like the cpu features used in GNU indirect function selection on x86).
 .BR \-\-list\-tunables " (since glibc 2.33)"
 Print the names and values of all tunables,
 along with the minimum and maximum allowed values.



> ---
>  man8/ld.so.8 | 7 +++++++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/man8/ld.so.8 b/man8/ld.so.8
> index 0e742cddd..66f14aef4 100644
> --- a/man8/ld.so.8
> +++ b/man8/ld.so.8
> @@ -246,6 +246,13 @@ are delimited by colons or spaces.
>  .B \-\-list
>  List all dependencies and how they are resolved.
>  .TP
> +.BR \-\-list\-diagnostics " (since glibc 2.33)

This triggered a warning:

$ make lint build check
LINT (mandoc)	.tmp/man/man8/ld.so.8.lint-man.mandoc.touch
mandoc: man8/ld.so.8:241:27: STYLE: unterminated quoted argument
make: *** [share/mk/lint/man/man.mk:32: .tmp/man/man8/ld.so.8.lint-man.mandoc.touch] Error 1

With the fix from above it vanished.

Here are the applied patches:
<https://www.alejandro-colomar.es/src/alx/linux/man-pages/man-pages.git/commit/?h=contrib&id=cce97466d5ed9e278120b7a49c7933e939742ef1>

Cheers,
Alex

> +Print system diagnostic information in a machine-readable format, such as some
> +internal loader variables, the auxiliary vector (see
> +.BR getauxval (3)),
> +and the environment variables.  On some architecture, the command might print
> +additional information (like the cpu features used in GNU indirect function
> +selection on x86).
>  .BR \-\-list\-tunables " (since glibc 2.33)"
>  Print the names and values of all tunables,
>  along with the minimum and maximum allowed values.
> -- 
> 2.34.1
> 

-- 
<https://www.alejandro-colomar.es/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]