Created attachment 299951 [details] A testcase [hjl@gnu-cfl-2 aligned-1]$ make gcc -pie -fPIE -Wl,-z,max-page-size=0x200000 -O2 -o pie main.c load.c gcc -static-pie -fPIE -Wl,-z,max-page-size=0x200000 -O2 -o static-pie main.c load.c gcc -no-pie -Wl,-z,max-page-size=0x200000 -O2 -o pde main.c load.c ./pde foo: 0xe00000 ./pie foo: 0x5562eb800000 ./static-pie foo: 0x7f5c48e89000 make: *** [Makefile:8: all] Aborted (core dumped) [hjl@gnu-cfl-2 aligned-1]$ For PIE, kernel handles it correctly: */ if (interpreter) { load_bias = ELF_ET_DYN_BASE; if (current->flags & PF_RANDOMIZE) load_bias += arch_mmap_rnd(); alignment = maximum_alignment(elf_phdata, elf_ex->e_phnum); if (alignment) load_bias &= ~(alignment - 1); elf_flags |= MAP_FIXED; } else but static PIE isn't handled correctly.
Created attachment 299973 [details] A patch to properly load static PIE
Created attachment 300364 [details] 0001-fs-binfmt_elf-use-ELF_ET_DYN_BASE-for-PIE-ET_DYN-wit.patch H.J. Lu, Hi! This patch [1] breaks PIE binaries. Here is a reproducer - https://gist.github.com/azat/45cdfb46a70474449972258fce0010cf In pre 5.17-rc1: it successfully executes inner() function to the maximum stack size After this patch: it fails earlier due to address overlap. [1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9630f0d60fec5fbcaa4435a66f75df1dc9704b66 How about patch from the attachment? -- Regards, Azat.
(In reply to Azat Khuzhin from comment #2) > Created attachment 300364 [details] > 0001-fs-binfmt_elf-use-ELF_ET_DYN_BASE-for-PIE-ET_DYN-wit.patch > > H.J. Lu, Hi! > > This patch [1] breaks PIE binaries. > > Here is a reproducer - > https://gist.github.com/azat/45cdfb46a70474449972258fce0010cf > > In pre 5.17-rc1: it successfully executes inner() function to the maximum > stack size > > After this patch: it fails earlier due to address overlap. > > [1]: > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ > ?id=9630f0d60fec5fbcaa4435a66f75df1dc9704b66 > > How about patch from the attachment? > Yes, the patch looks correct. Thanks.
The commit 9630f0d60fec5fbcaa4435a66f75df1dc9704b66 introduced a brk() regression in Linux 5.17 on AArch64: https://bugzilla.kernel.org/show_bug.cgi?id=215720