From patchwork Tue Dec 3 13:53:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 180724 Delivered-To: patch@linaro.org Received: by 2002:a92:3001:0:0:0:0:0 with SMTP id x1csp1529325ile; Tue, 3 Dec 2019 05:53:50 -0800 (PST) X-Google-Smtp-Source: APXvYqxi/RfOvQVRMtgPpPTpTnBXFLvZhcItNRNGOftA2zs3E7JH/NstOlD31vGz55eCzfn5UJqx X-Received: by 2002:a05:6808:312:: with SMTP id i18mr3769617oie.44.1575381230265; Tue, 03 Dec 2019 05:53:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575381230; cv=none; d=google.com; s=arc-20160816; b=GRI8QBSAXCeeNjDpxJVqgr0TXqSFdIwPwqn671XIj2SDzPpvaVLeOdXut3xeJ8Yatj RdWzvsX5YHyNnTRL8vbUKIVJ/YT6h5LrQIP1c2nfHjd78loYN215dfkH6Oo993Ax4hnW BU65HF9Ebg3SNMxWi0iAV7UPIBiVLWysazx4nl/jKwZSJu9jWvoMBc9hoIcvq5mr4Urw YUXS+RBLIvE0KfzubiApL6mth/7dmOif4ObuiakqJ6Kawxw7VWkGo8B+acYfSGmmRzz8 8shdKJ1CTNtesdRLgnngHKMb6GmMnLbRSOgoZd9TmFyLvPNGptEOLjoKcSKmzLr/xj0s 6nzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from :dkim-signature:delivered-to:sender:list-help:list-post:list-archive :list-subscribe:list-unsubscribe:list-id:precedence:mailing-list :dkim-signature:domainkey-signature; bh=v8wbRyTpfAp7Aj6VQsrpq4/zAmax65X/23CQ5iwXDmw=; b=LvGclVFvt3QX6ouPwF42QU3okIIFzwqx+/41SczkQc3HlwbVyKJVMuO09rCA4WB4Ln 7AIWzTuwlRp63wWUZhH3z9gQJXFMrPgRuR2HYUZ/DvMu077x0whdzUg+jTUcDLB/sXPL OfeCt1xicgGdcFDMoLuCHV57euFJ+7rx4n68qQ5MPo1tlWra0hYtlsQalBO0+Kh2Lm33 FJ/zMUmu6i0fXrm/dWuipXTZguFu0dxG8G0K1ciZUvbTHbEzbLdnZal+qeskFnUxMYli dDnMb4oQM7DV1rei9fmdo2obDZ43KoA5va3bNRZjzvmJN3m1VTAx0xZcCyi+jMs3RWRH jZOg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sourceware.org header.s=default header.b=akC5rutv; dkim=pass header.i=@linaro.org header.s=google header.b=bLF3KM5T; spf=pass (google.com: domain of libc-alpha-return-107645-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) smtp.mailfrom="libc-alpha-return-107645-patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from sourceware.org (server1.sourceware.org. [209.132.180.131]) by mx.google.com with ESMTPS id y8si1326443oih.141.2019.12.03.05.53.50 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 03 Dec 2019 05:53:50 -0800 (PST) Received-SPF: pass (google.com: domain of libc-alpha-return-107645-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) client-ip=209.132.180.131; Authentication-Results: mx.google.com; dkim=pass header.i=@sourceware.org header.s=default header.b=akC5rutv; dkim=pass header.i=@linaro.org header.s=google header.b=bLF3KM5T; spf=pass (google.com: domain of libc-alpha-return-107645-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) smtp.mailfrom="libc-alpha-return-107645-patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:in-reply-to :references; q=dns; s=default; b=vleXs5wVpyC3kccKIvT6FptALEO2Epe 0JXdBYws2e3GRQKoWV4kdoYKuXdfQWZYGsmN21CQhizCRLmlZw6mn01A/GgJCpvy ocK0jjANe7eMhVIrl86qzu/STrsggW50Eufo5bqtT0gq9VzFODVTLUpZehMH2cKt HJGf69XZPzbI= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:in-reply-to :references; s=default; bh=Acy226Ncb1hCwb4odfUnDN/akCA=; b=akC5r utvNjqTDTHZjQgr32SgsHEHuz0n4DdLEBAtRXdndyI4j/MBbxKdjAwJay1Vgb8M/ eZliMonXY980XJnsgOh/Ot/gSWkyl1wWiVM+azb0FdGVV4id1GDohfHhWfPH/ge9 Arkpv4X6dakxtfdZTlUOaJzcEZqiTn1+kLGJEo= Received: (qmail 83892 invoked by alias); 3 Dec 2019 13:53:38 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 83788 invoked by uid 89); 3 Dec 2019 13:53:37 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-21.6 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.1 spammy= X-HELO: mail-qk1-f172.google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:subject:date:message-id:in-reply-to:references; bh=v8wbRyTpfAp7Aj6VQsrpq4/zAmax65X/23CQ5iwXDmw=; b=bLF3KM5TOQSZJh0igO/1GHvBWrfMsq8TcnD18umcz9/l3HTUayWAVxGeiPASuRxXwZ sXPEJ4Wnw6zaUucRzc82M+Ej0ES4LJ2bSRf/PcKmnstVytOen6Icz+q5yJ9yetMq7FsW 6PKwncpFAgKi8TN7kyiCemOdQkoG3+BXW3Pgypnw/LbLiHFOqiCtTl3WVeE2blmnLh0h hKTaNcfvurOzqFCUU5Zb0kA/ZuLnwXSxnY6cMCEyfyZV6gQ9k1mSC8hDUFcRlDMFeu10 43322wWEJFxWNjR6WvRsQJceOEpvvd6I4DNRDhoFgAc2GId4Rmgky84G2odf5Ol1yTeA NPVw== Return-Path: From: Adhemerval Zanella To: libc-alpha@sourceware.org Subject: [PATCH v2] elf: Enable relro for static build Date: Tue, 3 Dec 2019 10:53:27 -0300 Message-Id: <20191203135327.14406-1-adhemerval.zanella@linaro.org> In-Reply-To: <2843e494-4810-336e-35d9-6a73bb64a0e9@linaro.org> References: <2843e494-4810-336e-35d9-6a73bb64a0e9@linaro.org> The code is similar to the one at elf/dl-reloc.c, where it checks for the l_relro_size from the link_map (obtained from PT_GNU_RELRO header from program headers) and calls_dl_protected_relro. Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu, aarch64-linux-gnu, s390x-linux-gnu, and sparc64-linux-gnu. I also check with --enable-static pie on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu which seems the only architectures where static PIE is actually working (as per 9d7a3741c9e). On arm-linux-gnueabihf, powerpc64{le}-linux-gnu, and s390x-linux-gnu I am seeing runtime issues not related to my patch. --- elf/Makefile | 11 +++++++-- elf/dl-support.c | 18 +++++++++++--- elf/tst-data-relro-lazy-static.c | 1 + elf/tst-data-relro-lazy.c | 1 + elf/tst-data-relro-now-static.c | 1 + elf/tst-data-relro-now.c | 1 + elf/tst-data-relro.c | 42 ++++++++++++++++++++++++++++++++ 7 files changed, 69 insertions(+), 6 deletions(-) create mode 100644 elf/tst-data-relro-lazy-static.c create mode 100644 elf/tst-data-relro-lazy.c create mode 100644 elf/tst-data-relro-now-static.c create mode 100644 elf/tst-data-relro-now.c create mode 100644 elf/tst-data-relro.c -- 2.17.1 diff --git a/elf/Makefile b/elf/Makefile index 0debea7759..0c0fa7ebcc 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -154,7 +154,8 @@ endif tests-static-normal := tst-leaks1-static tst-array1-static tst-array5-static \ tst-dl-iter-static \ tst-tlsalign-static tst-tlsalign-extern-static \ - tst-linkall-static tst-env-setuid tst-env-setuid-tunables + tst-linkall-static tst-env-setuid tst-env-setuid-tunables \ + tst-data-relro-lazy-static tst-data-relro-now-static tests-static-internal := tst-tls1-static tst-tls2-static \ tst-ptrguard1-static tst-stackguard1-static \ tst-tls1-static-non-pie tst-libc_dlvsym-static @@ -205,7 +206,8 @@ tests-internal += loadtest unload unload2 circleload1 \ neededtest neededtest2 neededtest3 neededtest4 \ tst-tls3 tst-tls6 tst-tls7 tst-tls8 tst-dlmopen2 \ tst-ptrguard1 tst-stackguard1 tst-libc_dlvsym \ - tst-create_format1 + tst-create_format1 \ + tst-data-relro-now tst-data-relro-lazy tests-container += tst-pldd tst-dlopen-tlsmodid-container \ tst-dlopen-self-container test-srcs = tst-pathopt @@ -1627,3 +1629,8 @@ $(objpfx)tst-dlopenfailmod1.so: \ $(shared-thread-library) $(objpfx)tst-dlopenfaillinkmod.so LDFLAGS-tst-dlopenfaillinkmod.so = -Wl,-soname,tst-dlopenfail-missingmod.so $(objpfx)tst-dlopenfailmod2.so: $(shared-thread-library) + +LDFLAGS-tst-data-relro-lazy += -Wl,-z,relro -Wl,-z,lazy +LDFLAGS-tst-data-relro-lazy-static += -Wl,-z,relro -Wl,-z,lazy +LDFLAGS-tst-data-relro-now += -Wl,-z,relro -Wl,-z,now +LDFLAGS-tst-data-relro-now-static += -Wl,-z,relro -Wl,-z,now diff --git a/elf/dl-support.c b/elf/dl-support.c index 5526d5ee6e..b2b1b12f6f 100644 --- a/elf/dl-support.c +++ b/elf/dl-support.c @@ -367,14 +367,24 @@ _dl_non_dynamic_init (void) if (_dl_platform != NULL) _dl_platformlen = strlen (_dl_platform); - /* Scan for a program header telling us the stack is nonexecutable. */ if (_dl_phdr != NULL) - for (uint_fast16_t i = 0; i < _dl_phnum; ++i) - if (_dl_phdr[i].p_type == PT_GNU_STACK) + for (const ElfW(Phdr) *ph = _dl_phdr; ph < &_dl_phdr[_dl_phnum]; ++ph) + switch (ph->p_type) { - _dl_stack_flags = _dl_phdr[i].p_flags; + /* Check if the stack is nonexecutable. */ + case PT_GNU_STACK: + _dl_stack_flags = ph->p_flags; + break; + + case PT_GNU_RELRO: + _dl_main_map.l_relro_addr = ph->p_vaddr; + _dl_main_map.l_relro_size = ph->p_memsz; break; } + + /* Setup relro on the binary itself. */ + if (_dl_main_map.l_relro_size != 0) + _dl_protect_relro (&_dl_main_map); } #ifdef DL_SYSINFO_IMPLEMENTATION diff --git a/elf/tst-data-relro-lazy-static.c b/elf/tst-data-relro-lazy-static.c new file mode 100644 index 0000000000..364a206506 --- /dev/null +++ b/elf/tst-data-relro-lazy-static.c @@ -0,0 +1 @@ +#include diff --git a/elf/tst-data-relro-lazy.c b/elf/tst-data-relro-lazy.c new file mode 100644 index 0000000000..364a206506 --- /dev/null +++ b/elf/tst-data-relro-lazy.c @@ -0,0 +1 @@ +#include diff --git a/elf/tst-data-relro-now-static.c b/elf/tst-data-relro-now-static.c new file mode 100644 index 0000000000..364a206506 --- /dev/null +++ b/elf/tst-data-relro-now-static.c @@ -0,0 +1 @@ +#include diff --git a/elf/tst-data-relro-now.c b/elf/tst-data-relro-now.c new file mode 100644 index 0000000000..364a206506 --- /dev/null +++ b/elf/tst-data-relro-now.c @@ -0,0 +1 @@ +#include diff --git a/elf/tst-data-relro.c b/elf/tst-data-relro.c new file mode 100644 index 0000000000..bd63b24b3f --- /dev/null +++ b/elf/tst-data-relro.c @@ -0,0 +1,42 @@ +/* Test if variables places on relro section are not writable. + Copyright (C) 2019 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +#include +#include + +static volatile int val __attribute__ ((section (".data.rel.ro"))); + +static void +callback (void *closure) +{ + /* It should trigger an invalid write. */ + val = 1; +} + +int do_test (void) +{ + struct support_capture_subprocess result + = support_capture_subprocess (callback, NULL); + support_capture_subprocess_check (&result, "tst-relro", -SIGSEGV, + sc_allow_stdout); + return 0; +} + +#include