From patchwork Thu Dec 12 18:16:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 181508 Delivered-To: patch@linaro.org Received: by 2002:ac9:44c4:0:0:0:0:0 with SMTP id t4csp1118649och; Thu, 12 Dec 2019 10:17:39 -0800 (PST) X-Google-Smtp-Source: APXvYqwgWkq8UImiDaMkzM4ehKCRGjV4wIUfg6pEjf4ltgKbOq195AknUjYlkGJent48hvBXKkuo X-Received: by 2002:a9d:7f02:: with SMTP id j2mr9426454otq.123.1576174659351; Thu, 12 Dec 2019 10:17:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1576174659; cv=none; d=google.com; s=arc-20160816; b=VReeyWDSwydw0k0AgMLp34V75zyHp5S/z+bMNwB/h/rmtiLfGLrmQi+5mDTGERMRa0 thgsQeTFk2mdqfxec8i1VSzDelSfArjpg9ZXo/Xw0YoxSzkyZ+n4EGAoDLDyMlauQ7iV uCK/7job1l/ytVDsPmKpKar1nv/XRyhk0hBEYz3cmITLdgUKAX3KLDEa7Qg1GhCtlvTW lcvd8u8I9tUTu6ijNhq9e3h5VvfDD5S+E9bwFpjLY/zrpVsVfgYCHiAWvPhupnX0xYrw +dKBTRF23l6GpIBfGNhbHIAidFoJhxusNGW0E0PmAGPJllPvgYAP8CtKtlg+Iref4Ps2 spdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from :dkim-signature:delivered-to:sender:list-help:list-post:list-archive :list-subscribe:list-unsubscribe:list-id:precedence:mailing-list :dkim-signature:domainkey-signature; bh=3lWEW69jYpbijebuOLoPtSyD04JBUkeMOMByuWuzlTM=; b=R4dHyviKxG60UOR+EUTeEqMQs8ASrRhteq7NLWaZnpqaY/riHvzCQcwEc2tdWPa/hS iC42WfWwEB3pryN4m9CVo8lyo8F0OI9ZBi2j1sYNyvFtVNZ2uKyojPKLmze+PdQ3kvWn lEnZyXF/mhjJVLuu8ezDqpD3iDQ71CW3dRj5mI6JQbrlyTQ/9qvWGYKtaITw/0KITOSk roQmRYDUScRy/xjKfKxdzhuDJR80b6bG/atVMzaX9nr5cS47NAxugvqDm6pDp8W5pEap X48p0PJlvTayPKTE692fxPN4IresNmm0ly3Hgd0xaYlcFXMmDAbQm9pBOmWcfn0w8Ffz c+2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sourceware.org header.s=default header.b=t7mWz2LJ; dkim=pass header.i=@linaro.org header.s=google header.b=ytIt46aB; spf=pass (google.com: domain of libc-alpha-return-108020-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) smtp.mailfrom="libc-alpha-return-108020-patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from sourceware.org (server1.sourceware.org. [209.132.180.131]) by mx.google.com with ESMTPS id q25si3522381otc.115.2019.12.12.10.17.39 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 Dec 2019 10:17:39 -0800 (PST) Received-SPF: pass (google.com: domain of libc-alpha-return-108020-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) client-ip=209.132.180.131; Authentication-Results: mx.google.com; dkim=pass header.i=@sourceware.org header.s=default header.b=t7mWz2LJ; dkim=pass header.i=@linaro.org header.s=google header.b=ytIt46aB; spf=pass (google.com: domain of libc-alpha-return-108020-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) smtp.mailfrom="libc-alpha-return-108020-patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:in-reply-to :references; q=dns; s=default; b=Up9N+WrPeTtqpQ7vTwOTTg5NWW1cD0l 0fJXc+wYWVQwwSO7zbTCvGOUvLhjNhbNZCivnYwW0r9SXxVHrwD5Bk7vZOJq6Hec ZIiu+qSI2S7rJ/7AHr92dJIhWjgqjqAFhM3QlZd6eLrtx041G89+IVNuWSoY1hTs UiA9v/EguZc0= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:in-reply-to :references; s=default; bh=OmPpXrmOE+0ZbDaM8+V2sXhH/yU=; b=t7mWz 2LJ2dLlvOB3wRy9/EEa3OSJXZSU2fsPdDwlM704aacrSNKm2SP493aSq362leQDt ryFVmapR1tz3Yn2l90rxOZmDDT9Oxp0qRLirOcD8NdkkfSTIMer+FbAltlA8oqZ4 ntFdGTaWd5D9laRuBvDxG2RM5rF4cOu2wY48So= Received: (qmail 44543 invoked by alias); 12 Dec 2019 18:16:34 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 44432 invoked by uid 89); 12 Dec 2019 18:16:33 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-21.8 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.1 spammy=telling, UD:ro X-HELO: mail-vk1-f181.google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:subject:date:message-id:in-reply-to:references; bh=3lWEW69jYpbijebuOLoPtSyD04JBUkeMOMByuWuzlTM=; b=ytIt46aBngUilsbfOvaNYpcpz39rhMi5UdfTp77wUZaDVw5eaoE1FIoThgXb0tZ+1n 8CRy36gbC8USijyA6cj09w27lVC6aPdJV8Kmxq8EKMfSwqr0vXNtp7awPx5KKLsUK9pP v2g6QHin5VMuRXjA7DjKqiVKeCqZFg2Qerio3xsDC2riw89iCyGYFdpMuYcedVVTCNss M+c/KWXxD1tdyP/YGpGCL4shXwnkI5TrjfdgXcy7UIVWziWIBtQNlDD+7beP1RjgdICu OLXKPnadt825dV5qykaMohSc0lM5IEYlpThD1EIOuqP0HpdAA8etkvr9j30jwZPCqUzk 1uxw== Return-Path: From: Adhemerval Zanella To: libc-alpha@sourceware.org Subject: [PATCH v2 06/12] elf: Enable relro for static build Date: Thu, 12 Dec 2019 15:16:08 -0300 Message-Id: <20191212181614.31782-6-adhemerval.zanella@linaro.org> In-Reply-To: <20191212181614.31782-1-adhemerval.zanella@linaro.org> References: <20191212181614.31782-1-adhemerval.zanella@linaro.org> Changes from previous version: - Added tests for partial and full relro. -- The code is similar to the one at elf/dl-reloc.c, where it checks for the l_relro_size from the link_map (obtained from PT_GNU_RELRO header from program headers) and calls_dl_protected_relro. Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu, aarch64-linux-gnu, s390x-linux-gnu, and sparc64-linux-gnu. I also check with --enable-static pie on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu which seems the only architectures where static PIE is actually working (as per 9d7a3741c9e, on arm-linux-gnueabihf, powerpc64{le}-linux-gnu, and s390x-linux-gnu I am seeing runtime issues not related to my patch). --- elf/Makefile | 11 +++++++-- elf/dl-support.c | 18 +++++++++++--- elf/tst-data-relro-lazy-static.c | 1 + elf/tst-data-relro-lazy.c | 1 + elf/tst-data-relro-now-static.c | 1 + elf/tst-data-relro-now.c | 1 + elf/tst-data-relro.c | 42 ++++++++++++++++++++++++++++++++ 7 files changed, 69 insertions(+), 6 deletions(-) create mode 100644 elf/tst-data-relro-lazy-static.c create mode 100644 elf/tst-data-relro-lazy.c create mode 100644 elf/tst-data-relro-now-static.c create mode 100644 elf/tst-data-relro-now.c create mode 100644 elf/tst-data-relro.c -- 2.17.1 diff --git a/elf/Makefile b/elf/Makefile index b2b3be203f..45b5ad4ea6 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -154,7 +154,8 @@ endif tests-static-normal := tst-leaks1-static tst-array1-static tst-array5-static \ tst-dl-iter-static \ tst-tlsalign-static tst-tlsalign-extern-static \ - tst-linkall-static tst-env-setuid tst-env-setuid-tunables + tst-linkall-static tst-env-setuid tst-env-setuid-tunables \ + tst-data-relro-lazy-static tst-data-relro-now-static tests-static-internal := tst-tls1-static tst-tls2-static \ tst-ptrguard1-static tst-stackguard1-static \ tst-tls1-static-non-pie tst-libc_dlvsym-static @@ -205,7 +206,8 @@ tests-internal += loadtest unload unload2 circleload1 \ neededtest neededtest2 neededtest3 neededtest4 \ tst-tls3 tst-tls6 tst-tls7 tst-tls8 tst-dlmopen2 \ tst-ptrguard1 tst-stackguard1 tst-libc_dlvsym \ - tst-create_format1 + tst-create_format1 \ + tst-data-relro-now tst-data-relro-lazy tests-container += tst-pldd tst-dlopen-tlsmodid-container \ tst-dlopen-self-container test-srcs = tst-pathopt @@ -1627,3 +1629,8 @@ $(objpfx)tst-dlopenfailmod1.so: \ $(shared-thread-library) $(objpfx)tst-dlopenfaillinkmod.so LDFLAGS-tst-dlopenfaillinkmod.so = -Wl,-soname,tst-dlopenfail-missingmod.so $(objpfx)tst-dlopenfailmod2.so: $(shared-thread-library) + +LDFLAGS-tst-data-relro-lazy += -Wl,-z,relro -Wl,-z,lazy +LDFLAGS-tst-data-relro-lazy-static += -Wl,-z,relro -Wl,-z,lazy +LDFLAGS-tst-data-relro-now += -Wl,-z,relro -Wl,-z,now +LDFLAGS-tst-data-relro-now-static += -Wl,-z,relro -Wl,-z,now diff --git a/elf/dl-support.c b/elf/dl-support.c index 5526d5ee6e..b2b1b12f6f 100644 --- a/elf/dl-support.c +++ b/elf/dl-support.c @@ -367,14 +367,24 @@ _dl_non_dynamic_init (void) if (_dl_platform != NULL) _dl_platformlen = strlen (_dl_platform); - /* Scan for a program header telling us the stack is nonexecutable. */ if (_dl_phdr != NULL) - for (uint_fast16_t i = 0; i < _dl_phnum; ++i) - if (_dl_phdr[i].p_type == PT_GNU_STACK) + for (const ElfW(Phdr) *ph = _dl_phdr; ph < &_dl_phdr[_dl_phnum]; ++ph) + switch (ph->p_type) { - _dl_stack_flags = _dl_phdr[i].p_flags; + /* Check if the stack is nonexecutable. */ + case PT_GNU_STACK: + _dl_stack_flags = ph->p_flags; + break; + + case PT_GNU_RELRO: + _dl_main_map.l_relro_addr = ph->p_vaddr; + _dl_main_map.l_relro_size = ph->p_memsz; break; } + + /* Setup relro on the binary itself. */ + if (_dl_main_map.l_relro_size != 0) + _dl_protect_relro (&_dl_main_map); } #ifdef DL_SYSINFO_IMPLEMENTATION diff --git a/elf/tst-data-relro-lazy-static.c b/elf/tst-data-relro-lazy-static.c new file mode 100644 index 0000000000..364a206506 --- /dev/null +++ b/elf/tst-data-relro-lazy-static.c @@ -0,0 +1 @@ +#include diff --git a/elf/tst-data-relro-lazy.c b/elf/tst-data-relro-lazy.c new file mode 100644 index 0000000000..364a206506 --- /dev/null +++ b/elf/tst-data-relro-lazy.c @@ -0,0 +1 @@ +#include diff --git a/elf/tst-data-relro-now-static.c b/elf/tst-data-relro-now-static.c new file mode 100644 index 0000000000..364a206506 --- /dev/null +++ b/elf/tst-data-relro-now-static.c @@ -0,0 +1 @@ +#include diff --git a/elf/tst-data-relro-now.c b/elf/tst-data-relro-now.c new file mode 100644 index 0000000000..364a206506 --- /dev/null +++ b/elf/tst-data-relro-now.c @@ -0,0 +1 @@ +#include diff --git a/elf/tst-data-relro.c b/elf/tst-data-relro.c new file mode 100644 index 0000000000..bd63b24b3f --- /dev/null +++ b/elf/tst-data-relro.c @@ -0,0 +1,42 @@ +/* Test if variables places on relro section are not writable. + Copyright (C) 2019 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +#include +#include + +static volatile int val __attribute__ ((section (".data.rel.ro"))); + +static void +callback (void *closure) +{ + /* It should trigger an invalid write. */ + val = 1; +} + +int do_test (void) +{ + struct support_capture_subprocess result + = support_capture_subprocess (callback, NULL); + support_capture_subprocess_check (&result, "tst-relro", -SIGSEGV, + sc_allow_stdout); + return 0; +} + +#include