[Bug backends/32684] aarch64 linux 4 build failure: struct user_pac_mask not defined

[mmayer at broadcom dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=32684

Markus Mayer  changed:

   What|Removed |Added

 CC||mmayer at broadcom dot com

--- Comment #2 from Markus Mayer  ---
FWIW, I just submitted a patch for this, since I was running into this problem
as well.

See https://sourceware.org/pipermail/elfutils-devel/2025q1/007931.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[patch] PR31862: debuginfod client should cache received x-debuginfod-* headers

[Frank Ch. Eigler]

commit 082c0a94eed6706753e8019ce348be095deb72f9 (HEAD -> main)
Author: Frank Ch. Eigler 
Date:   Fri Feb 21 14:33:49 2025 -0500

PR31862: debuginfod: client to cache x-debuginfod-* headers

This feature allows the extra http headers from debuginfod to be saved
into the client cache, and also thus replayed to clients.  This way
they can perform IMA verification again, if they like, or a federating
caching intermediate debuginfod server can replay the headers it
received previously from upstream to future downstream.  The headers
are placed adjacent to the payload files .cache/debuginfod/BUILDID/PAYLOAD
as .cache/debuginfod/BUILDID/hdr-PAYLOAD.  They are aged the same
atime-based way.

Testing via an extension of a previous small test, and hand-running both
client & server code under valgrind.  No memcheck errors reported.

Signed-off-by: Frank Ch. Eigler 

diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index d89beae93ea1..3ea234abb1a8 100644
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -569,7 +569,7 @@ debuginfod_clean_cache(debuginfod_client *c,
 return -errno;
 
   regex_t re;
-  const char * pattern = 
".*/(metadata.*|[a-f0-9]+(/debuginfo|/executable|/source.*|))$"; /* include 
dirs */
+  const char * pattern = 
".*/(metadata.*|[a-f0-9]+(/hdr.*|/debuginfo|/executable|/source.*|))$"; /* 
include dirs */
   /* NB: also matches .../section/ subdirs, so extracted section files also 
get cleaned. */
   if (regcomp (&re, pattern, REG_EXTENDED | REG_NOSUB) != 0)
 return -ENOMEM;
@@ -1777,7 +1777,9 @@ debuginfod_query_server_by_buildid (debuginfod_client *c,
   char *cache_miss_path = NULL;
   char *target_cache_dir = NULL;
   char *target_cache_path = NULL;
+  char *target_cachehdr_path = NULL;
   char *target_cache_tmppath = NULL;
+  char *target_cachehdr_tmppath = NULL;
   char suffix[NAME_MAX];
   char build_id_bytes[MAX_BUILD_ID_BYTES * 2 + 1];
   int vfd = c->verbose_fd;
@@ -1912,6 +1914,8 @@ debuginfod_query_server_by_buildid (debuginfod_client *c,
  target_cache_path: $HOME/.cache/0123abcd/debuginfo
  target_cache_path: $HOME/.cache/0123abcd/executable-.debug_info
  target_cache_path: $HOME/.cache/0123abcd/source-HASH-#PATH#TO#SOURCE
+ target_cachehdr_path: $HOME/.cache/0123abcd/hdr-debuginfo
+ target_cachehdr_path: $HOME/.cache/0123abcd/hdr-executable...
   */
 
   cache_path = make_cache_path();
@@ -1923,11 +1927,15 @@ debuginfod_query_server_by_buildid (debuginfod_client 
*c,
   xalloc_str (target_cache_dir, "%s/%s", cache_path, build_id_bytes);
   (void) mkdir (target_cache_dir, 0700); // failures with this mkdir would be 
caught later too
 
-  if (suffix[0] != '\0') /* section, source queries */
+  if (suffix[0] != '\0') { /* section, source queries */ 
 xalloc_str (target_cache_path, "%s/%s-%s", target_cache_dir, type, suffix);
-  else
+xalloc_str (target_cachehdr_path, "%s/hdr-%s-%s", target_cache_dir, type, 
suffix);
+  } else {
 xalloc_str (target_cache_path, "%s/%s", target_cache_dir, type);
+xalloc_str (target_cachehdr_path, "%s/hdr-%s", target_cache_dir, type);
+  }
   xalloc_str (target_cache_tmppath, "%s.XX", target_cache_path);
+  xalloc_str (target_cachehdr_tmppath, "%s.XX", target_cachehdr_path);  
 
   /* XXX combine these */
   xalloc_str (interval_path, "%s/%s", cache_path, 
cache_clean_interval_filename);
@@ -1978,6 +1986,50 @@ debuginfod_query_server_by_buildid (debuginfod_client *c,
   /* Success */
   update_atime(fd);
   rc = fd;
+
+  /* Attempt to transcribe saved headers. */
+  int fdh = open (target_cachehdr_path, O_RDONLY);
+  if (fdh >= 0)
+{
+  if (fstat (fdh, &st) == 0)
+if (st.st_size > 0)
+  {
+c->winning_headers = malloc(st.st_size);
+if (NULL != c->winning_headers) {
+  
+  // Read all teh bytes, thanks posix.
+  // In case of any error, unlink the file to force a 
redownload later.
+  off_t hdr_read = 0;
+  while (hdr_read < st.st_size)
+{
+  ssize_t bytes_read = read (fdh, c->winning_headers + 
hdr_read,
+ st.st_size - hdr_read);
+  if (bytes_read < 0)
+{
+  if (errno == EINTR)
+continue;
+  free (c->winning_headers);
+  c->winning_headers = NULL;
+  (void) unlink (target_cachehdr_path);
+  break;
+}
+  if (bytes_read == 0) {
+free (c->winning_headers

[Bug debuginfod/31862] debuginfod client should cache received x-debuginfod-* headers

[fche at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=31862

--- Comment #1 from Frank Ch. Eigler  ---
proposed patch 

https://inbox.sourceware.org/elfutils-devel/20250221200714.ga7...@redhat.com/T/#u

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[PATCH] aarch64: define struct user_pac_mask if needed

[Markus Mayer]

On Aarch64, Linux is using Pointer Authentication Code (PAC) for pointer
authentication.[1] The struct "user_pac_mask" has been part of the Linux
kernel since version 5.0 as part of this feature. However, older kernels
do not define it.

Therefore, we want to check if the definition is present in the kernel
headers and provide one if it isn't. This ensures two things:

* elfutils will continue to compile against kernel headers from 4.x
* binaries built against older kernel headers will still be fully
  functional if used on a newer system

For reference, the build error that is being avoided looks like this:

[...]
  CC   aarch64_initreg.o
aarch64_initreg.c: In function 'aarch64_set_initial_registers_tid':
aarch64_initreg.c:61:24: error: storage size of 'pac_mask' isn't known
   struct user_pac_mask pac_mask;
^~~~
aarch64_initreg.c:61:24: warning: unused variable 'pac_mask' [-Wunused-variable]
make[4]: *** [Makefile:831: aarch64_initreg.o] Error 1
make[3]: *** [Makefile:547: all-recursive] Error 1
make[2]: *** [Makefile:463: all] Error 2

[1] https://docs.kernel.org/arch/arm64/pointer-authentication.html

Fixes: 64e3b451ad2c ("aarch64: extend dwfl_thread_state_registers to handle 
PAC")
Signed-off-by: Markus Mayer 
---
 backends/aarch64_initreg.c | 21 +
 configure.ac   |  8 
 2 files changed, 29 insertions(+)

diff --git a/backends/aarch64_initreg.c b/backends/aarch64_initreg.c
index 5ec45ea60d8d..a6badbb45eb0 100644
--- a/backends/aarch64_initreg.c
+++ b/backends/aarch64_initreg.c
@@ -47,6 +47,27 @@
 #define BACKEND aarch64_
 #include "libebl_CPU.h"
 
+/*
+ * pointer authentication masks (NT_ARM_PAC_MASK)
+ *
+ * Defined by Linux kernel headers since Linux 5.0. Define it here if kernel
+ * headers are older than that, to ensure this file builds regardless.
+ */
+#if defined(__aarch64__) && defined(__linux__)
+
+#ifndef NT_ARM_PAC_MASK
+#define NT_ARM_PAC_MASK 0x406
+#endif
+
+#ifndef HAVE_USER_PACK_MASK
+struct user_pac_mask {
+  __u64 data_mask;
+  __u64 insn_mask;
+};
+#endif
+
+#endif /* __aarch64__ && __linux__ */
+
 bool
 aarch64_set_initial_registers_tid (pid_t tid __attribute__ ((unused)),
  ebl_tid_registers_t *setfunc __attribute__ ((unused)),
diff --git a/configure.ac b/configure.ac
index e57d39275591..3298f7fc7761 100644
--- a/configure.ac
+++ b/configure.ac
@@ -777,6 +777,14 @@ if test "$sys_user_has_user_regs" = "yes"; then
 [Define to 1 if  defines struct user_regs_struct])
 fi
 
+AC_CHECK_TYPE([struct user_pac_mask],
+  [has_user_pac_mask=yes], [has_user_pac_mask=no],
+  [[#include ]])
+if test "$has_user_pac_mask" = "yes"; then
+  AC_DEFINE(HAVE_USER_PACK_MASK, 1,
+[Defined if struct user_pac_mask exists.])
+fi
+
 # On a 64-bit host where can can use $CC -m32, we'll run two sets of tests.
 utrace_BIARCH
 CC_BIARCH="$CC $utrace_biarch"
-- 
2.48.1