CHERI TGOT TLS #2428
Draft
CHERI TGOT TLS #2428
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Member
jrtc27
commented
Jul 12, 2025
jrtc27
commented
- rtld-elf: Extract part of allocate_tls_offset into allocate_tls_offset_common
- rtld-elf: Track allocated TCBs internally and use for distribute_static_tls
- libc,libthr: Remove __pthread_distribute_static_tls
- bsd.mkopt.mk: Allow OPT_FOO to be set to override FOO
- sys: Delete deprecated / reserved CHERI-RISC-V relocations
- libc/csu: Extract reloc.c include
- rtld-elf: Extract core of tls_get_addr_common into tls_get_block and split
- tls: Expose new _rtld_tls_get_block
- libc: Use new _rtld_tls_get_block interface for dl_iterate_phdr
- rtld-elf: Use new _rtld_tls_get_block interface for dl_iterate_phdr
- rtld-elf: Pass lockstate to allocate_tls
- rtld-elf: Extract new process___cap_reloc
- readelf: Teach about additional NT_CHERI_TLS_ABI variants
- sys: Add new sys/_tls_tgot.h
- sys: Add CHERI ELF gABI TGOT defines
- libc: Add support for CHERI TGOT TLS for static binaries
- rtld-elf: Add CHERI TGOT TLS support
- sys: Support CHERI TGOT TLS in arm64 headers
- libc: Support CHERI TGOT TLS on Morello for static binaries
- rtld-elf: Support CHERI TGOT TLS on Morello
- sys: Support CHERI TGOT TLS in riscv headers
- libc: Support CHERI TGOT TLS on CHERI-RISC-V for static binaries
- rtld-elf: Support CHERI TGOT TLS on CHERI-RISC-V
- cheribsdtest: Expect exact TLS bounds for CHERI TGOT TLS on CHERI-RISC-V
- libc: Support compat CHERI TGOT TLS for static binaries
- libc: Support compat CHEIR TGOT TLS on Morello for static binaries
- rtld-elf: Support compat CHERI TGOT TLS
- sys: Support compat CHERI TGOT TLS in arm64 headers
- rtld-elf: Support compat CHERI TGOT TLS on Morello
- bsd.opts.mk: Add new CHERI_TGOT_TLS option
Member
Author
Not part of this PR; based on distribute-static-tls-cleanup.
Should be upstreamed.
Maybe upstream?
Should upstream (cleaner interface even ignoring CHERI). |
jrtc27
commented
Jul 12, 2025
| const char *strtab; /* String table */ | ||
| unsigned long strsize; /* Size in bytes of string table */ | ||
| #ifdef TLS_TGOT | ||
| /* TODO: sub-library TGOTs */ |
Member
Author
There was a problem hiding this comment.
NB: atom smashing not yet done
jrtc27
commented
Jul 12, 2025
| #define R_MORELLO_TLS_TPREL128 59398 | ||
| #define R_MORELLO_FUNC_RELATIVE 59400 | ||
| #define R_AARCH64_FUNC_RELATIVE 59401 | ||
| #define R_MORELLO_TLS_TGOT_SLOT 59916 |
Member
Author
There was a problem hiding this comment.
These are currently in the "reserved for private Morello experiments" range; we should reserve real relocations at some point before merging
…t_common This will be used to allocate additional space for a TAILQ_ENTRY by rtld at a known offset from the TCB, as if it were TLS data. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D51068 (cherry picked from commit 4d2752925a4f75547a67f093dfe249da54196803)
…ic_tls Currently rtld delegates to libc or libthr to initialise the TCBs for all existing threads when dlopen is called for a library that is using static TLS. This creates an odd split where rtld manages all of TLS for dynamically-linked executables except for this specific case, and is unnecessarily complex, including having to reason about the locking due to dropping the bind lock so libthr can take the thread list lock without deadlocking if any of the code run whilst that lock is held ends up calling back into rtld (such as for lazy PLT resolution). The only real reason we call out into libc / libthr is that we don't have a list of threads in rtld and that's how we find the currently used TCBs to initialise (and at the same time do the copy in the callee rather than adding overhead with some kind of callback that provides the TCB to rtld. If we instead keep a list of allocated TCBs in rtld itself then we no longer need to do this, and can just copy the data in rtld. How these TCBs are mapped to threads is irrelevant, rtld can just treat all TCBs equally and ensure that each TCB's static TLS data block remains in sync with the current set of loaded modules, just as how _rtld_allocate_tls creates a fresh TCB and associated data without any embedded threading model assumptions. As an implementation detail, to avoid a separate allocation for the list entry and having to find that allocation from the TCB to remove and free it on deallocation, we allocate a fake TLS offset for it and embed the list entry there in each TLS block. This will also make it easier to add a new TLS ABI downstream in CheriBSD, especially in the presence of library compartmentalisation. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D50920 (cherry picked from commit a1d971ad3f8216c9b6b651e97dbe3d8177b11825)
This private API is no longer used by rtld-elf so can be removed. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D50921 (cherry picked from commit 2c444fdb0c75fbc73a0ac78d0ecbaef4e1e8baf8)
Just as we allow MK_FOO to be set, overriding any WITH(OUT)_FOO and the default, we should allow OPT_FOO to be set, overriding any FOO and the default.
Also fix a comment; these relocation encodings aren't grouped any more (and that's also true of the normal RISC-V ones, so upstream's comments for those are wrong too).
We will need to include this for other orthogonal uses and don't want to include the implementation twice.
…split The new tls_get_block will be exposed as an API in a future commit, and both it and tls_get_slot_slow will be used as part of CHERI TGOT TLS support.
This interface lets you query the TLS data block without needing to use __tls_get_addr with an offset of -TLS_DTV_OFFSET, which won't work once CHERI TGOT TLS is used, since that offset will become an offset into the TGOT to load a pointer from, not an offset into the TLS data block.
This will be needed for CHERI TGOT TLS support, which will need to perform symbol lookups.
This will be needed for CHERI TGOT TLS support on CHERI-RISC-V. As part of this, introduce an allow_zero parameter to treat object (offset) 0 as any other offset, rather than NULL (since TLS starts at address 0 in its own address space and thus is a normal, common value). We should remove this for normal caprelocs in future, since this was always bogus (though in practice there are various metadata sections at the start of the object so the actual symbols won't start at 0), but CHERI LLD has only recently been fixed to fill in the NULL-derived capability and omit the capreloc.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.