Bug 1223033

Summary: emacs on ppc64le fails to build from source when RELRO is enabled
Product: Red Hat Enterprise Linux 7 Reporter: Brendan Conoboy <blc>
Component: emacsAssignee: Petr Hracek <phracek>
Status: CLOSED ERRATA QA Contact: Marek Haicman <mhaicman>
Severity: urgent Docs Contact: Bara Ancincova <bancinco>
Priority: high    
Version: 7.2CC: blc, dhorak, fweimer, law, lnykryn, mhaicman, peterm, phracek, than
Target Milestone: rc   
Target Release: ---   
Hardware: ppc64le   
OS: Linux   
Whiteboard:
Fixed In Version: emacs-24.3-16.el7 Doc Type: Bug Fix
Doc Text:
.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-19 13:53:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1247126, 1265271    
Bug Blocks: 1077836, 1192538, 1222989    
Attachments:
Description Flags
disable dumping none

Description Brendan Conoboy 2015-05-19 15:59:57 UTC 
Description of problem:

When built with a binutils that activties RELRO by default, emacs now fails to build on ppc64le.  Since RELRO is mandatory, emacs must be updated.

Version-Release number of selected component (if applicable):

Happens with binutils-2.23.52.0.1-35 and newer

How reproducible:

Every time.

Steps to Reproduce:
1. Build emacs with the rhel-7.2-ppc64le-candidate brew tag.

Actual results:

Excerpt:
Loading /builddir/build/BUILD/emacs-24.3/lisp/vc/ediff-hook.el (source)...
Loading /builddir/build/BUILD/emacs-24.3/lisp/tooltip.el (source)...
Finding pointers to doc strings...
Finding pointers to doc strings...done
Dumping under the name emacs
emacs: Program segment above .bss in /builddir/build/BUILD/emacs-24.3/build-gtk/src/temacs
make[2]: *** [bootstrap-emacs] Error 1
make[2]: Leaving directory `/builddir/build/BUILD/emacs-24.3/build-gtk/src'

Expected results:

Successful build.

Additional info:

Turning off dump/unexec works around the issue and allows the build to succeed.
Comment 1 Petr Hracek 2015-05-20 08:03:15 UTC 
I have informed the upstream about this issue.

http://debbugs.gnu.org/cgi/bugreport.cgi?bug=20614
Comment 2 Kyle McMartin 2015-05-20 13:23:13 UTC 
Created attachment 1027731 [details]
disable dumping

set CANNOT_DUMP %ifarch ppc64le so that dumping is disabled. working on fixing the underlying issue now.
Comment 7 Petr Hracek 2015-06-17 08:59:42 UTC 
Do you have any update?
Comment 13 Dan HorĂ¡k 2015-07-13 13:37:23 UTC 
for the record - the latest emacs in Fedora is successfully built with hardening enabled - http://ppc.koji.fedoraproject.org/koji/taskinfo?taskID=2562249
Comment 16 Petr Hracek 2015-09-15 11:43:13 UTC 
*** Bug 1261955 has been marked as a duplicate of this bug. ***
Comment 18 Jeff Law 2015-09-22 19:54:20 UTC 
Petr, that's a problem with emacs's dumping code, not binutils/ld.  emacs will need to be adjusted.
Comment 19 Petr Hracek 2015-09-23 08:01:20 UTC 
Jeff definitely you are right. This code should be corrected. But I guess that it is not a time to do it now.
Comment 22 Petr Hracek 2015-09-24 11:05:32 UTC 
I have made some investigation and here are results:

When the dumping failed with message "Program segment above .bss" then I have add a some debug info. Hopefully It helps.
Dumping under the name emacs
Looking for .bss - found .interp
Looking for .bss - found .note.ABI-tag
Looking for .bss - found .note.gnu.build-id
Looking for .bss - found .gnu.hash
Looking for .bss - found .dynsym
Looking for .bss - found .dynstr
Looking for .bss - found .gnu.version
Looking for .bss - found .gnu.version_r
Looking for .bss - found .rela.toc
Looking for .bss - found .rela.plt
Looking for .bss - found .init
Looking for .bss - found .text
Looking for .bss - found .fini
Looking for .bss - found .rodata
Looking for .bss - found .eh_frame_hdr
Looking for .bss - found .eh_frame
Looking for .bss - found .data.rel.ro
Looking for .bss - found .dynamic
Looking for .bss - found .got
Looking for .bss - found .plt
Looking for .bss - found .data
Looking for .bss - found .bss
Looking for .sbss - found .interp
Looking for .sbss - found .note.ABI-tag
Looking for .sbss - found .note.gnu.build-id
Looking for .sbss - found .gnu.hash
Looking for .sbss - found .dynsym
Looking for .sbss - found .dynstr
Looking for .sbss - found .gnu.version
Looking for .sbss - found .gnu.version_r
Looking for .sbss - found .rela.toc
Looking for .sbss - found .rela.plt
Looking for .sbss - found .init
Looking for .sbss - found .text
Looking for .sbss - found .fini
Looking for .sbss - found .rodata
Looking for .sbss - found .eh_frame_hdr
Looking for .sbss - found .eh_frame
Looking for .sbss - found .data.rel.ro
Looking for .sbss - found .dynamic
Looking for .sbss - found .got
Looking for .sbss - found .plt
Looking for .sbss - found .data
Looking for .sbss - found .bss
Looking for .sbss - found .comment
Looking for .sbss - found .debug_aranges
Looking for .sbss - found .debug_info
Looking for .sbss - found .debug_abbrev
Looking for .sbss - found .debug_line
Looking for .sbss - found .debug_str
Looking for .sbss - found .debug_loc
Looking for .sbss - found .debug_ranges
Looking for .sbss - found .shstrtab
Looking for .sbss - found .symtab
Looking for .sbss - found .strtab
Looking for .plt - found .interp
Looking for .plt - found .note.ABI-tag
Looking for .plt - found .note.gnu.build-id
Looking for .plt - found .gnu.hash
Looking for .plt - found .dynsym
Looking for .plt - found .dynstr
Looking for .plt - found .gnu.version
Looking for .plt - found .gnu.version_r
Looking for .plt - found .rela.toc
Looking for .plt - found .rela.plt
Looking for .plt - found .init
Looking for .plt - found .text
Looking for .plt - found .fini
Looking for .plt - found .rodata
Looking for .plt - found .eh_frame_hdr
Looking for .plt - found .eh_frame
Looking for .plt - found .data.rel.ro
Looking for .plt - found .dynamic
Looking for .plt - found .got
Looking for .plt - found .plt
Looking for .data - found .interp
Looking for .data - found .note.ABI-tag
Looking for .data - found .note.gnu.build-id
Looking for .data - found .gnu.hash
Looking for .data - found .dynsym
Looking for .data - found .dynstr
Looking for .data - found .gnu.version
Looking for .data - found .gnu.version_r
Looking for .data - found .rela.toc
Looking for .data - found .rela.plt
Looking for .data - found .init
Looking for .data - found .text
Looking for .data - found .fini
Looking for .data - found .rodata
Looking for .data - found .eh_frame_hdr
Looking for .data - found .eh_frame
Looking for .data - found .data.rel.ro
Looking for .data - found .dynamic
Looking for .data - found .got
Looking for .data - found .plt
Looking for .data - found .data
old_bss_index 22
old_bss_addr 102b0000
old_bss_size 89798
old_bss_offset 2a0000
new_bss_addr 115d0000
new_data2_addr 102b0000
new_data2_size 1320000
new_data2_offset 2a0000
new_data2_incr 1320000
Old section offset da1ac8
Old section count 34
New section offset 20c1ac8
New section count 35
new_file_h->e_phnum 9
old_sbss_index ffffffff
old_bss_addr 102b0000
alignment 10
NEW_PROGRAM_H (n).p_vaddr 102af638
NEW_PROGRAM_H (n).p_filesz 9c8
(OLD_SECTION_H (old_bss_index)).sh_addralign 10
old_sbss_index ffffffff
old_bss_addr 102b0000
alignment 10
NEW_PROGRAM_H (n).p_vaddr 0
NEW_PROGRAM_H (n).p_filesz 0
(OLD_SECTION_H (old_bss_index)).sh_addralign 10
old_sbss_index ffffffff
old_bss_addr 102b0000
alignment 10
NEW_PROGRAM_H (n).p_vaddr 10269510
NEW_PROGRAM_H (n).p_filesz 73cc
(OLD_SECTION_H (old_bss_index)).sh_addralign 10
old_sbss_index ffffffff
old_bss_addr 102b0000
alignment 10
NEW_PROGRAM_H (n).p_vaddr 1000024c
NEW_PROGRAM_H (n).p_filesz 44
(OLD_SECTION_H (old_bss_index)).sh_addralign 10
old_sbss_index ffffffff
old_bss_addr 102b0000
alignment 10
NEW_PROGRAM_H (n).p_vaddr 102afa68
NEW_PROGRAM_H (n).p_filesz 440
(OLD_SECTION_H (old_bss_index)).sh_addralign 10
old_sbss_index ffffffff
old_bss_addr 102b0000
alignment 10000
NEW_PROGRAM_H (n).p_vaddr 102af638
NEW_PROGRAM_H (n).p_filesz 2c9756
(OLD_SECTION_H (old_bss_index)).sh_addralign 10
emacs: Program segment above .bss in /home/phracek/rpmbuild/BUILD/emacs-24.3/build-gtk/src/temacs


Some useful information taken by command readelf:
readelf -h ./temacs
ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              EXEC (Executable file)
  Machine:                           PowerPC64
  Version:                           0x1
  Entry point address:               0x100184f0
  Start of program headers:          64 (bytes into file)
  Start of section headers:          14289272 (bytes into file)
  Flags:                             0x2, abiv2
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         9
  Size of section headers:           64 (bytes)
  Number of section headers:         34
  Section header string table index: 31

readelf -l ./temacs
Elf file type is EXEC (Executable file)
Entry point 0x100184f0
There are 9 program headers, starting at offset 64

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
  PHDR           0x0000000000000040 0x0000000010000040 0x0000000010000040
                 0x00000000000001f8 0x00000000000001f8  R E    8
  INTERP         0x0000000000000238 0x0000000010000238 0x0000000010000238
                 0x0000000000000011 0x0000000000000011  R      1
      [Requesting program interpreter: /lib64/ld64.so.2]
  LOAD           0x0000000000000000 0x0000000010000000 0x0000000010000000
                 0x000000000029e6d8 0x000000000029e6d8  R E    10000
  LOAD           0x000000000029f640 0x00000000102af640 0x00000000102af640
                 0x00000000002c974e 0x0000000000350e90  RW     10000
  DYNAMIC        0x000000000029fa70 0x00000000102afa70 0x00000000102afa70
                 0x0000000000000440 0x0000000000000440  RW     8
  NOTE           0x000000000000024c 0x000000001000024c 0x000000001000024c
                 0x0000000000000044 0x0000000000000044  R      4
  GNU_EH_FRAME   0x0000000000268fe0 0x0000000010268fe0 0x0000000010268fe0
                 0x00000000000073cc 0x00000000000073cc  R      4
  GNU_STACK      0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x0000000000000000 0x0000000000000000  RW     10
  GNU_RELRO      0x000000000029f640 0x00000000102af640 0x00000000102af640
                 0x00000000000009c0 0x00000000000009c0  R      1

 Section to Segment mapping:
  Segment Sections...
   00
   01     .interp
   02     .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.toc .rela.plt .init .text .fini .rodata .eh_frame_hdr .eh_frame
   03     .data.rel.ro .dynamic .got .plt .data .bss
   04     .dynamic
   05     .note.ABI-tag .note.gnu.build-id
   06     .eh_frame_hdr
   07
   08     .data.rel.ro .dynamic .got

readelf -S ./temacs
There are 34 section headers, starting at offset 0xda0978:

Section Headers:
  [Nr] Name              Type             Address           Offset
       Size              EntSize          Flags  Link  Info  Align
  [ 0]                   NULL             0000000000000000  00000000
       0000000000000000  0000000000000000           0     0     0
  [ 1] .interp           PROGBITS         0000000010000238  00000238
       0000000000000011  0000000000000000   A       0     0     1
  [ 2] .note.ABI-tag     NOTE             000000001000024c  0000024c
       0000000000000020  0000000000000000   A       0     0     4
  [ 3] .note.gnu.build-i NOTE             000000001000026c  0000026c
       0000000000000024  0000000000000000   A       0     0     4
  [ 4] .gnu.hash         GNU_HASH         0000000010000290  00000290
       00000000000000dc  0000000000000000   A       5     0     8
  [ 5] .dynsym           DYNSYM           0000000010000370  00000370
       00000000000063f0  0000000000000018   A       6     1     8
  [ 6] .dynstr           STRTAB           0000000010006760  00006760
       0000000000004ae9  0000000000000000   A       0     0     1
  [ 7] .gnu.version      VERSYM           000000001000b24a  0000b24a
       0000000000000854  0000000000000002   A       5     0     2
  [ 8] .gnu.version_r    VERNEED          000000001000baa0  0000baa0
       0000000000000160  0000000000000000   A       6    10     8
  [ 9] .rela.toc         RELA             000000001000bc00  0000bc00
       0000000000000330  0000000000000018   A       5     0     8
  [10] .rela.plt         RELA             000000001000bf30  0000bf30
       00000000000060d8  0000000000000018   A       5    20     8
  [11] .init             PROGBITS         0000000010012020  00012020
       000000000000004c  0000000000000000  AX       0     0     32
  [12] .text             PROGBITS         0000000010012080  00012080
       0000000000237140  0000000000000000  AX       0     0     32
  [13] .fini             PROGBITS         00000000102491c0  002491c0
       0000000000000024  0000000000000000  AX       0     0     4
  [14] .rodata           PROGBITS         00000000102491e8  002491e8
       000000000001fdf8  0000000000000000   A       0     0     8
  [15] .eh_frame_hdr     PROGBITS         0000000010268fe0  00268fe0
       00000000000073cc  0000000000000000   A       0     0     4
  [16] .eh_frame         PROGBITS         00000000102703b0  002703b0
       000000000002e328  0000000000000000   A       0     0     8
  [17] .data.rel.ro      PROGBITS         00000000102af640  0029f640
       0000000000000430  0000000000000000  WA       0     0     8
  [18] .dynamic          DYNAMIC          00000000102afa70  0029fa70
       0000000000000440  0000000000000010  WA       6     0     8
  [19] .got              PROGBITS         00000000102afeb0  0029feb0
       0000000000000150  0000000000000008  WA       0     0     8
  [20] .plt              NOBITS           00000000102b0000  002a0000
       0000000000002058  0000000000000008  WA       0     0     8
  [21] .data             PROGBITS         00000000102b2058  002a2058
       00000000002c6d36  0000000000000000  WA       0     0     8
  [22] .bss              NOBITS           0000000010578d90  00568d8e
       0000000000087740  0000000000000000  WA       0     0     16
  [23] .comment          PROGBITS         0000000000000000  00568d8e
       0000000000000058  0000000000000001  MS       0     0     1
  [24] .debug_aranges    PROGBITS         0000000000000000  00568de6
       0000000000001350  0000000000000000           0     0     1
  [25] .debug_info       PROGBITS         0000000000000000  0056a136
       00000000003aeadb  0000000000000000           0     0     1
  [26] .debug_abbrev     PROGBITS         0000000000000000  00918c11
       0000000000021b05  0000000000000000           0     0     1
  [27] .debug_line       PROGBITS         0000000000000000  0093a716
       000000000007d970  0000000000000000           0     0     1
  [28] .debug_str        PROGBITS         0000000000000000  009b8086
       000000000004911a  0000000000000001  MS       0     0     1
  [29] .debug_loc        PROGBITS         0000000000000000  00a011a0
       00000000003277c9  0000000000000000           0     0     1
  [30] .debug_ranges     PROGBITS         0000000000000000  00d28969
       0000000000077ec0  0000000000000000           0     0     1
  [31] .shstrtab         STRTAB           0000000000000000  00da0829
       0000000000000148  0000000000000000           0     0     1
  [32] .symtab           SYMTAB           0000000000000000  00da11f8
       0000000000037bc0  0000000000000018          33   5415     8
  [33] .strtab           STRTAB           0000000000000000  00dd8db8
       000000000002e23b  0000000000000000           0     0     1
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings)
  I (info), L (link order), G (group), T (TLS), E (exclude), x (unknown)
  O (extra OS processing required) o (OS specific), p (processor specific)
Comment 23 Florian Weimer 2015-09-24 11:59:55 UTC 
I am not sure if RELRO makes sense for Emacs.  It embeds a bytecode interpreter, has tons of well-known addresses in the process image, and any potential attack would achieve code execution through the bytecode interpreter, not by RELRO hacks.
Comment 25 Petr Hracek 2015-09-25 06:13:25 UTC 
I have try to build up emacs with the mentioned patch and it seems the upstream has some problem with CANNOT_DUMP.

cd lib-src && make maybe-blessmail  \
  MAKE='make' archlibdir='/usr/libexec/emacs/24.3/ppc64le-redhat-linux-gnu'
make[1]: Entering directory `/builddir/build/BUILD/emacs-24.3/lib-src'
../src/emacs -batch --no-site-file --no-site-lisp -l /builddir/build/BUILD/emacs-24.3/lib-src/../lisp/mail/blessmail.el
Warning: Lisp directory `/usr/share/emacs/24.3/lisp' does not exist.
Warning: Lisp directory `/usr/share/emacs/24.3/leim' does not exist.
Cannot open load file: loadup.el
make[1]: *** [blessmail] Error 255
make[1]: Leaving directory `/builddir/build/BUILD/emacs-24.3/lib-src'
make: *** [blessmail] Error 2
error: Bad exit status from /var/tmp/rpm-tmp.cojE4X (%install)
RPM build errors:


From upstream I have received a message the CANNOT_DUMP could not work.
See: https://lists.gnu.org/archive/html/bug-gnu-emacs/2015-09/msg00805.html
Comment 27 Petr Hracek 2015-10-07 12:29:29 UTC 
Thanks to upstream who provided the patch https://debbugs.gnu.org/cgi/bugreport.cgi?bug=20614#168
Comment 28 Petr Hracek 2015-10-07 12:45:51 UTC 
*** Bug 1265271 has been marked as a duplicate of this bug. ***
Comment 37 errata-xmlrpc 2015-11-19 13:53:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2434.html