The problem is, -Wa is a flag for assembler, but CFLAGS are also used
to generate dependencies, and clang complains loudly when it is used
for deps:
> > DEP compel/arch/x86/plugins/std/syscalls-64.d
> > clang-3.8: error: argument unused during compilation:
> > '-Wa,--noexecstack'
This patch moved the noexecflag from assembler to linker. I am not
100% sure but the end result seems to be the same.
This fixes dependency generation when using clang instead of gcc.
I surely have done my research before proposing this change, and
I have tested this change as good as I could.
Sorry, I should have provided more background in the commit message.
Here it goes.
There are a few ways to have non-executable stack:
1. mark the assembler source file (.S) with .section
.note.GNU-stack,"",%progbits
2. pass the -Wa,--noexecstack to compiler
3. pass the -z execstack to linker
All three ways are fine, let's see them in greater details.
Some people say (1) is the best way, but we have way too many
.S files now (23 of them, to be exact). Anyway, I can certainly do it
this way if you like, just let me know. It would look like this:
--- a/compel/arch/aarch64/plugins/std/syscalls/syscall-aux.S
+++ b/compel/arch/aarch64/plugins/std/syscalls/syscall-aux.S
@@ -3,6 +3,8 @@
* that are not implemented in the AArch64 Linux kernel
*/
+.section .note.GNU-stack,"",%progbits
+
ENTRY(sys_open)
mov x3, x2
mov x2, x1
Way (2) is what is currently used. Unfortunately it breaks dependency
generation with clang. One way to fix it would be to filter-out the bad
flag when we're generating deps. I tried experimenting with
$(filter-out) function in Makefiles today but it's complicated and I failed
to make it work.
Way (3) is what this commit offers. It seem to work fine while being
the least intrusive.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
This patch fix a build break on ppc64le introduced by changes in the
compel's build option.
I factorized the common CFLAGS to make easier identifying particular
flags required by some architectures.
Fixes: fef01d79f7ee ("compel: cli -- Add more flags into cflags report")
travis-ci: success for compel: fix build break on ppc64le
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
They are not supported in plugins.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
And use it in CRIU directly instead:
- move syscalls into compel/arch/ARCH/plugins/std/syscalls
- drop old symlinks
- no build for 32bit on x86 as expected
- use std.built-in.o inside criu directly (compel_main stub)
- drop syscalls on x86 criu directory, I copied them already
in first compel commist, so we can't move them now, but
delete in place
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
CRIU will reference to them, but for now they are just stubs.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Both std and criu will use it for syscalls sake.
Note I've to disable x86 compat mode for a while:
we have to provide native types there thus will
back once everything else is complete.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
- linkage.h points to CRIU's asm specific
- prologue.h is just a link to x86, we will need to
fix it when start using std with other plugins
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Plain "main" makes compilers unhappy since it's
known predefined name.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
The default compel binary is the one compiled for target architecture.
The compel-host one is compel compiled for current arch that is needed
to build something for target arch.
We could use default compel if target arch == current arch, but this
makes things more complex.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Use new compel.h header with appropriate types.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
This is fd passing via unix sockets (scm creds) suitable for use
by parasite code.
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
prologue.h defines sys_recv() macro - let's use it by now
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
The shmem pluging allows creation of shared memory segment between
parasite code and the caller.
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
The prologue includes routines needed for parasite blob to work
and is always included with the std plugin.
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Delete plugins/include/asm/std directory - let it be without plugin name.
Make symlinks to reuse criu's files, except those, which will
be deleted after libcompel from criu (like syscalls).
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
The plugin provides basic features as string copying, syscalls, printing.
Not used on its own by now but will be shipping by default with other
plugins.
With great help from Dmitry Safonov.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Will be used later.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
As we meet this before, I think, we should abort generation here.
No point for making PIE with external symbols for us (at least, yet),
so let's break build than find the problem at runtime.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Impact: just a bit more info for debugging.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Now it has 4 new tests:
ok 4 - section table start oob (64-bit ELF)
ok 5 - too many sections in table (64-bit ELF)
ok 6 - strings section's header oob of section table (64-bit ELF)
ok 7 - strings section oob (64-bit ELF)
I.e, if we forget to test string section's header oob with the next diff:
>--- a/compel/handle-elf.c
>+++ b/compel/handle-elf.c
>@@ -122,7 +122,7 @@ static const char *get_strings_section(Ehdr_t *hdr, uintptr_t mem,
> pr_err("String section @%#zx size %#lx is out of [%#zx, %#zx)\n",
> addr, (unsigned long)secstrings_hdr->sh_size,
> mem, mem + size);
>- return NULL;
>+ return (void*)addr;
> }
>
> return (void*)addr;
It will yell with:
ok 1 - zero ELF header (64-bit ELF)
...
not ok 6 - strings section's header oob of section table (64-bit ELF), expected -4 but ret is -1
...
not ok 12 - strings section's header oob of section table (32-bit ELF), expected -4 but ret is -1
Should be more useful when I add relocations tests after all.
(but this seems for me useful too).
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Well, I hope, I will not make integer promotion mistakes anymore:
> 6.3.1.1
> If an int can represent all values of the original type, the value
> is converted to an int; otherwise, it is converted to an unsigned int.
> These are called the integer promotions.48) All other types are
> unchanged by the integer promotions.
>>> CID 161317: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "hdr->e_shentsize" with type
"unsigned short" (16 bits, unsigned) is promoted in
"hdr->e_shentsize * hdr->e_shnum" to type "int" (32 bits, signed),
then sign-extended to type "unsigned long" (64 bits, unsigned).
If "hdr->e_shentsize * hdr->e_shnum" is greater than 0x7FFFFFFF,
the upper bits of the result will all be 1.
96 size_t sec_table_size = hdr->e_shentsize * hdr->e_shnum;
>>> CID 161317: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "hdr->e_shentsize" with type
"unsigned short" (16 bits, unsigned) is promoted in
"hdr->e_shentsize * hdr->e_shstrndx" to type "int" (32 bits, signed),
then sign-extended to type "unsigned long" (64 bits, unsigned).
If "hdr->e_shentsize * hdr->e_shstrndx" is greater than 0x7FFFFFFF,
the upper bits of the result will all be 1.
111 addr = sec_table + hdr->e_shentsize * hdr->e_shstrndx;
Fixes: #157
Fixes: commit 36664a3cabec ("compel: separate get_strings_section from
__handle_elf").
Reported-by: Coverity
Reported-by: Andrew Vagin <avagin@virtuozzo.com>
Cc: Andrew Vagin <avagin@virtuozzo.com>
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Yet they only test for ELF header, but soon I'll add more of them.
It's build with
$ make test/compel/handle_binary
and test output is in TAP format:
$ ./test/compel/handle_binary
ok 1 - check zero ELF header
ok 2 - check non-supported ELF header
ok 3 - check non-relocatable ELF header
ok 4 - check zero ELF header
ok 5 - check non-supported ELF header
ok 6 - check non-relocatable ELF header
(here two runs for x86_64 and x86_32 ELF binaries)
I'm planning to integrate it with Travis, so we will be
sure that compel is properly working (as this tests doesn't need
any ns and may be run on qemu-static).
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
For tests, we need to know if elf file parsing was interrupted
in a proper place (and thus meaningful error numbers).
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
That will help to omit pr_* output on the screen on tests,
where one can redefine `opts`.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
I copied __ptr_oob* checks from util-vdso.c.
That will allow to check not only structure begin pointers,
but structure end also.
Before this patch code checked if strings section's header pointer is OOB,
but it did it after dereferencing this pointer, which is meaningless.
Now it checks:
- OOB of sections table,
- strings section's header should be inside sections table,
- check strings section with it's length for OOB.
In the very next patches I will add tests for this functions and
other compel-related changes.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
I think, it's more pretty to pass -DCONFIG_X86_* instead of all
$DEFINES. That simplifies the statement and makes it more readable.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Sorry for this typo, I should be more attentive.
Fixes: commit ea523b183326 ("compel: shuffle skeleton a bit").
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Split handle_elf() function from main.c to per-arch.
Rename it to handle_binary not to cross-reference.
Rename generic handle_elf to __handle_elf as with define
not to litter namespace.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
I propose to change compel directory structure:
- if we want support more arch's than x86/ppc66, it seems
worth to add arch/ folder
- move all sources from src/ folder up
- to have headers and build additional object with CFLAGS for
a symlink seems for me less hacky way than mess around
with .c files cross-linking
- I made handle-elf.h header for arch helpers code. I may named
that just "elf.h", but that may confuse, as there are <elf.h>
system header
- I would like to drop those ELF_PPC64/ELF_X86_32/ELF_X86_64
defines and use CONFIG_X86_64 and whatnot
After this patch compel directory become:
compel/
├── arch
│ ├── ppc64
│ │ └── include
│ │ └── handle-elf.h
│ └── x86
│ └── include
│ └── handle-elf.h
├── handle-elf-32.c -> handle-elf.c
├── handle-elf.c
├── include
│ ├── piegen.h
│ └── uapi
│ ├── elf32-types.h
│ ├── elf64-types.h
│ └── types.h
├── main.c
└── Makefile
Note: temporary I make value32 and addend32 for compilation on arm/aarch64
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
In case of error don't re-close files already closed.
https://github.com/xemul/criu/issues/148
Reported-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reviewed-by: Andrey Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
We don't need it actually.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
The compel component is a replacement for several aspects of CRIU
functionality: binary blobs generation for PIE parasite/restore code,
and a library for parasite code injection and execution (to be implemented).
In the commit we rather shuffle compel into own directory and
use it for
1) Fetching cflags when compiling PIE blobs
2) Use its "piegen" functionality to generate blobs themselves.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
