From patchwork Fri Jun 14 12:50:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 804154 Delivered-To: patch@linaro.org Received: by 2002:a5d:6545:0:b0:35b:5a80:51b4 with SMTP id z5csp294314wrv; Fri, 14 Jun 2024 05:53:26 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWYQQIUShXbyjSIOJEeQx2T+Gv6BoJ+znhM/qAlCxMp6D2GJ11RcQqzCWmUQpp77tT5ZaohenZb6GrzSDa5uPjG X-Google-Smtp-Source: AGHT+IHIFnnSJ6RtkZuErcjzmTOVBAWjqujEqFW1Wc8kryKpFUz9ESaTeVny/Qdz4BtQ4DNNmjeK X-Received: by 2002:a05:6808:2026:b0:3d2:1c37:25ca with SMTP id 5614622812f47-3d24e9e5038mr2582233b6e.53.1718369606454; Fri, 14 Jun 2024 05:53:26 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718369606; cv=pass; d=google.com; s=arc-20160816; b=urfRVQgoI3K7tPzlDcB0YipxFuDTL9svbeMgMHFM1cXGFR/RCPaKV5Q8LIbBzJqhQw AiG8FNkF3JO9zi6jVO6ZkKpIp8dSX4VhCqS6nohAfolThqo2OyALPW4T99KOfIMv5xwn oKMQVPkUYQC7kiufZDclRzvI9IRtMI0NePgQHcU+gN8eAU+jizj4cqhr4eUVqs5ntr88 0QXftpcYstn4b7unbaqEac+efynAwtcbaxbhvaWRMnDPtEJQ6YRWGKI2LanNlv7D2ECC Yk47QhJ2F9LySDEt2p+bnOyLdxCPVrsppuq+dZ4KCZacbBOTMPjbsX1OO0wRoJitwHD5 24dg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=dArv3wuRvZH7fw63TR/dWY4jNZE7C3+N7F2wQrelluc=; fh=GBLwcZa3Ar5g+0nFTVWUSbowptRVTzvTc/MV+A3rhh4=; b=hF4tMfg78NxcDzP5FqsURhgYy0tFOY2lObTv2QKKX29LEsN7x4gOQEsK6csCR4k2fa yw3ATMpJ2DBJ133ysNxwjAb6guxqv+3qvd93OoS+zbKl6KFytaZY8x0s8iKR/1xHtEsK Yo57wvGoPfLGPcyXqTiSgamUvoE2JOC5/VItUWmXEMfQCXwgRNUwDgnfX5OrSm+szgHl l+T6220K2Iba/RZl34nGak67janZI9EWQ3TNJrTzUYwybJfWqcpK4ubB/ql2GHVwl5R6 fXPh6KeiO41bIKxuYB2WhJTcRyHyLi/po+CgUzEym8N3+tTORySXuQ9aUCZGvdfPBGF2 DOVw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=cQAIFZdS; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id af79cd13be357-798aacc3095si77727785a.162.2024.06.14.05.53.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jun 2024 05:53:26 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=cQAIFZdS; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 0DD8B3882161 for ; Fri, 14 Jun 2024 12:53:26 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) by sourceware.org (Postfix) with ESMTPS id C5AA3388211C for ; Fri, 14 Jun 2024 12:53:08 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C5AA3388211C Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org C5AA3388211C Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::431 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1718369591; cv=none; b=cfNgrpTiii9uws+j7qYtCK6GyYY809O4ReAVYZz2FcArGZ9vyR0gjq0c8GN3b5rvpb03LlpNlpYcLAhIV1YRgbV/JxjjocWC1oQVPx7DlaZ6Hx+cBDRfoU4I6WBYOkTayR+i1jAQDi+LLbVhTsYcn/Uf8eRbN76G5h5qo3ykQW4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1718369591; c=relaxed/simple; bh=s8Vci8rh4HMnzTunCwI2Ou2uUT81ktVnYuYdClg0ks4=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=rFlerD1xMcOamGKXd091M6MNWfORPxdqKqM++nJ09iwT3mNFUsin7kOZR2Kl1ferUeV3+pY5OIscoR1eXpT24PvPPjriE5PnOkh+9uSH0VYliUdpRL1sjsG25aaxf+oOu9OdhX8hpH3G61YWRZqggYeSmJDvdJCYpBZdqmrRD0g= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x431.google.com with SMTP id d2e1a72fcca58-704261a1f67so1621977b3a.3 for ; Fri, 14 Jun 2024 05:53:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1718369587; x=1718974387; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dArv3wuRvZH7fw63TR/dWY4jNZE7C3+N7F2wQrelluc=; b=cQAIFZdSiyQlQdXW1B4Pl0XacsiI5ysiON880CZGkwwwP7yDr/xZR/qKBXUA+cKDbG hZblmEmf6TtKD5lGf3q7H9ExXgCxrJQ1VjfHWBc9XqDBOGBGrzDE3F2t13nXDuTAfSja 6ZXrIgf+DXL98fSa8kFDCdHi8EX5Fkq3GfG/xIiB44NJxruJL/jvcHJPD4dm1arY3JLq ifaCzb4gOPLFHhnHRh8gZhtRFRaXW8owwAi3dvunR1/DXEmH02eW9ewZYFdodqn1mTF8 3qpStUtGz/Afd03Ux8R8vCJrqaCnD58JUBT2CNsGUkqwcIoQtmScmLBYEDwdSvBFpAwN rpiA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718369587; x=1718974387; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dArv3wuRvZH7fw63TR/dWY4jNZE7C3+N7F2wQrelluc=; b=nD9XeE8fJ3XvwxquWhj+f+LyQar+8HWqmuYiYtyCy0NMmrLyxJBblmUYOc3PEqmGA4 pcoy9ZDpNazv89gDf04jlsVH6VEd2EOqrI4QDWJTEOrt/EafydTGI7ejc+37eBXwj1SF CiZ9bQnTRIFTmaFrDVG3PhNKkh+SZheJO9f9hysGNSdrhLMlHrly0TQBdHRv2EUogFE0 jNhami6PBU4aM4l41zfJlBz1e3EYNU3/qxLApDCDG1jXQfzW6U66Kxy5oC3PciOu99T/ SSAAhMZ+LYc5YQmnOzWCWMhKuuzN6keIJ5KufqjzN4nNLHe2E9QYHbOi/5ferm9zS9ng M1JA== X-Gm-Message-State: AOJu0YzJfUPDeQ42+RUQ4akhBUQ4wj9MqAJT6L85jXCcxPNzej1bPNOm Z+JTtoVL8+OJeSuIj9A/GuKAIG7H75Kd21f34Jq9a99MDxTAoTzKSW6rDgZBb0zZWOAz8cZV4V9 B X-Received: by 2002:aa7:9a41:0:b0:6f8:b260:ae9b with SMTP id d2e1a72fcca58-705d71b3103mr2148308b3a.27.1718369586920; Fri, 14 Jun 2024 05:53:06 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c0:c5fb:2445:b09c:5736:f9f6]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-705cc9890d5sm3062140b3a.92.2024.06.14.05.53.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jun 2024 05:53:06 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: "H . J . Lu" , Florian Weimer , Zack Weinberg Subject: [PATCH v2 1/2] elf: Consolidate stackinfo.h Date: Fri, 14 Jun 2024 09:50:51 -0300 Message-ID: <20240614125300.310236-2-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240614125300.310236-1-adhemerval.zanella@linaro.org> References: <20240614125300.310236-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-11.6 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_ASCII_DIVIDERS, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org And use sane default the generic implementation. --- sysdeps/aarch64/stackinfo.h | 33 --------------------- sysdeps/arc/stackinfo.h | 33 --------------------- sysdeps/csky/stackinfo.h | 29 ------------------ sysdeps/generic/stackinfo.h | 15 ++++++++-- sysdeps/loongarch/stackinfo.h | 33 --------------------- sysdeps/nios2/stackinfo.h | 33 --------------------- sysdeps/powerpc/{ => powerpc32}/stackinfo.h | 8 +---- sysdeps/riscv/stackinfo.h | 33 --------------------- 8 files changed, 13 insertions(+), 204 deletions(-) delete mode 100644 sysdeps/aarch64/stackinfo.h delete mode 100644 sysdeps/arc/stackinfo.h delete mode 100644 sysdeps/csky/stackinfo.h delete mode 100644 sysdeps/loongarch/stackinfo.h delete mode 100644 sysdeps/nios2/stackinfo.h rename sysdeps/powerpc/{ => powerpc32}/stackinfo.h (82%) delete mode 100644 sysdeps/riscv/stackinfo.h diff --git a/sysdeps/aarch64/stackinfo.h b/sysdeps/aarch64/stackinfo.h deleted file mode 100644 index 5a4dce7309..0000000000 --- a/sysdeps/aarch64/stackinfo.h +++ /dev/null @@ -1,33 +0,0 @@ -/* Copyright (C) 2001-2024 Free Software Foundation, Inc. - - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of the - License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, see - . */ - -/* This file contains a bit of information about the stack allocation - of the processor. */ - -#ifndef _STACKINFO_H -#define _STACKINFO_H 1 - -#include - -/* On AArch64 the stack grows down. */ -#define _STACK_GROWS_DOWN 1 - -/* Default to a non-executable stack. */ -#define DEFAULT_STACK_PERMS (PF_R|PF_W) - -#endif /* stackinfo.h */ diff --git a/sysdeps/arc/stackinfo.h b/sysdeps/arc/stackinfo.h deleted file mode 100644 index 99a7f56ea0..0000000000 --- a/sysdeps/arc/stackinfo.h +++ /dev/null @@ -1,33 +0,0 @@ -/* Stack environment definitions for ARC. - Copyright (C) 2020-2024 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library. If not, see - . */ - -/* This file contains a bit of information about the stack allocation - of the processor. */ - -#ifndef _STACKINFO_H -#define _STACKINFO_H 1 - -#include - -/* On ARC the stack grows down. */ -#define _STACK_GROWS_DOWN 1 - -/* Default to a non-executable stack. */ -#define DEFAULT_STACK_PERMS (PF_R|PF_W) - -#endif /* stackinfo.h */ diff --git a/sysdeps/csky/stackinfo.h b/sysdeps/csky/stackinfo.h deleted file mode 100644 index ef22fa3249..0000000000 --- a/sysdeps/csky/stackinfo.h +++ /dev/null @@ -1,29 +0,0 @@ -/* Stack environment definitions. C-SKY version. - Copyright (C) 2018-2024 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library. If not, see - . */ - -#ifndef _STACKINFO_H -#define _STACKINFO_H 1 - -#include - -/* On C-SKY the stack grows down. */ -#define _STACK_GROWS_DOWN 1 - -#define DEFAULT_STACK_PERMS (PF_R|PF_W) - -#endif /* stackinfo.h */ diff --git a/sysdeps/generic/stackinfo.h b/sysdeps/generic/stackinfo.h index bf752ce94d..51e5f92055 100644 --- a/sysdeps/generic/stackinfo.h +++ b/sysdeps/generic/stackinfo.h @@ -15,6 +15,15 @@ License along with the GNU C Library; if not, see . */ -/* This file contains a bit of information about the stack allocation - of the processor. Since there is no general truth we can't say - anything here. */ +/* This file contains a bit of information about the stack allocation of the + processor. Default to a non executable stack that grows downwards. */ + +#ifndef _STACKINFO_H +#define _STACKINFO_H 1 + +#include + +#define _STACK_GROWS_DOWN 1 +#define DEFAULT_STACK_PERMS (PF_R|PF_W) + +#endif diff --git a/sysdeps/loongarch/stackinfo.h b/sysdeps/loongarch/stackinfo.h deleted file mode 100644 index 6ee50552b7..0000000000 --- a/sysdeps/loongarch/stackinfo.h +++ /dev/null @@ -1,33 +0,0 @@ -/* Stack environment definitions for LoongArch. - Copyright (C) 2022-2024 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library. If not, see - . */ - -/* This file contains a bit of information about the stack allocation - of the processor. */ - -#ifndef _STACKINFO_H -#define _STACKINFO_H 1 - -#include - -/* On LoongArch the stack grows down. */ -#define _STACK_GROWS_DOWN 1 - -/* Default to a non-executable stack. */ -#define DEFAULT_STACK_PERMS (PF_R | PF_W) - -#endif /* stackinfo.h */ diff --git a/sysdeps/nios2/stackinfo.h b/sysdeps/nios2/stackinfo.h deleted file mode 100644 index e67d53ee87..0000000000 --- a/sysdeps/nios2/stackinfo.h +++ /dev/null @@ -1,33 +0,0 @@ -/* Stack environment definitions for Nios II. - Copyright (C) 2012-2024 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library. If not, see - . */ - -/* This file contains a bit of information about the stack allocation - of the processor. */ - -#ifndef _STACKINFO_H -#define _STACKINFO_H 1 - -#include - -/* On Nios II the stack grows down. */ -#define _STACK_GROWS_DOWN 1 - -/* Default to a non-executable stack. */ -#define DEFAULT_STACK_PERMS (PF_R|PF_W) - -#endif /* stackinfo.h */ diff --git a/sysdeps/powerpc/stackinfo.h b/sysdeps/powerpc/powerpc32/stackinfo.h similarity index 82% rename from sysdeps/powerpc/stackinfo.h rename to sysdeps/powerpc/powerpc32/stackinfo.h index 410689bc27..2ca360068a 100644 --- a/sysdeps/powerpc/stackinfo.h +++ b/sysdeps/powerpc/powerpc32/stackinfo.h @@ -26,13 +26,7 @@ /* On PPC the stack grows down. */ #define _STACK_GROWS_DOWN 1 -#if __WORDSIZE == 64 -/* PPC64 doesn't need an executable stack and doesn't need PT_GNU_STACK - * to make the stack nonexecutable. */ -# define DEFAULT_STACK_PERMS (PF_R|PF_W) -#else /* PF_X can be overridden if PT_GNU_STACK is present but is presumed absent. */ -# define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) -#endif +#define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) #endif /* stackinfo.h */ diff --git a/sysdeps/riscv/stackinfo.h b/sysdeps/riscv/stackinfo.h deleted file mode 100644 index a786d4f9b0..0000000000 --- a/sysdeps/riscv/stackinfo.h +++ /dev/null @@ -1,33 +0,0 @@ -/* Stack environment definitions for RISC-V. - Copyright (C) 2011-2024 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library. If not, see - . */ - -/* This file contains a bit of information about the stack allocation - of the processor. */ - -#ifndef _STACKINFO_H -#define _STACKINFO_H 1 - -#include - -/* On RISC-V the stack grows down. */ -#define _STACK_GROWS_DOWN 1 - -/* Default to a non-executable stack. */ -#define DEFAULT_STACK_PERMS (PF_R | PF_W) - -#endif /* stackinfo.h */ From patchwork Fri Jun 14 12:50:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 804155 Delivered-To: patch@linaro.org Received: by 2002:a5d:6545:0:b0:35b:5a80:51b4 with SMTP id z5csp294623wrv; Fri, 14 Jun 2024 05:54:19 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVoOqTjQxvgYUMFq014AXUZB5bKffYh51InwYqCImba0v0P9bVzcvvrzOUChjU1BvXzit2IZAV42lUhzWQaq9RS X-Google-Smtp-Source: AGHT+IFFiIFpOvp6/QY9o4f8TpxE+DcZlAEOOCV5FXGvwjf37J8qExQC4PD8T+NCiMXsTtssKH/z X-Received: by 2002:a05:620a:462a:b0:795:5616:754a with SMTP id af79cd13be357-798d24216bfmr309380485a.21.1718369659017; Fri, 14 Jun 2024 05:54:19 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718369659; cv=pass; d=google.com; s=arc-20160816; b=HjfYobRZzFPE+HQQWUljXRl1/tRu1KJ6KWO4bS/sC1pn1bcoNgizqA1egmkGM0LSKI fCkp4/Su6HWr3Z3YR2tFBHAoC0l0nD/kXGDwOFQXWOQf/r2XuhG7PKujvhc4uZnkeuGh 0dNnc1ZDQiPBdBS4y5qPs0kr4Ck4pHU6+1UGVxbH74A81Jnh6JCCFdmtnc1trn0svNSk pLbG3ee7T95VcaqIxsDWPBJ18P7kjMsVDp0W/ZLWWY1eEdVRc1nCa3kDTArMzpMguIYm FELeMziHwDHXSNnGwsIhbrOGG1uOWHXJOGweAMs6+0jSiBUNspPUPWEJeHXz4osOsShk MkNw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=Pd85jhBjXCJY2vsR+twZHKxqOyAvfLL6N1NPUinhwTQ=; fh=GBLwcZa3Ar5g+0nFTVWUSbowptRVTzvTc/MV+A3rhh4=; b=H+XmRcY8caFTvLoKQqWIqKKvzNOTZGp194DJDfret6WvqDyvNp+hIgjIk13cEPxPR+ +0Gn09xCU3FwZGpNtPNABPZ6MZueiUbQRqnC0z4mpfi5HK8pzS9aDv9xNfriPLWxAReC +aHVrrVE6ZdgxuxLqt7y+T6H6BHETQVOmZfekMvCVeQLmuO5Ar0jaEeGl3Y8VsopqJ5/ ULlGk3lPeFzYJlopJQhRAIShOClA3hVX0XtcFLxmSrFFPwGwSGJi0HWURx9GyERxoPZe Y2a4tz53PjedxfCID1iIGk7tNeu3hifM6OwDOt79wAovrq+m+mBaVAhFTdhIaXEk8SvO KLvg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=l36BEI+3; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id af79cd13be357-798ac08ed88si396860285a.776.2024.06.14.05.54.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jun 2024 05:54:18 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=l36BEI+3; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 929913882667 for ; Fri, 14 Jun 2024 12:54:18 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) by sourceware.org (Postfix) with ESMTPS id 6F2E13882643 for ; Fri, 14 Jun 2024 12:53:11 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 6F2E13882643 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 6F2E13882643 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::d2a ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1718369595; cv=none; b=CoLx7ML4PcdXRwhY3w2UwsExVjvr2sfT1HZuoL7ZWlvc2NOAvaXkL0SDH9qgzyK2i1dnn0PbSVgNsgaK3GuZx82+AlQ+Ch2cyw7FOybnXt4PDpjK9MM9dElcje3H9WTfCsLA2RzO+8xTz28cBDzvWcaCdCl3i2qHZd6YNJ6dsYs= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1718369595; c=relaxed/simple; bh=mX1Diq0z75ZDJh3lESxc39SfFZOFvpLNIZJNfDqYus4=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=IUdkhiGVepczgVWJVLlCe+br8mMx/vzhIxfVAHtWbCpVTjuGf491aVtFCigDJ9xQLPW3fIqTjgS2Y3fTNbH0oJZ0A/5NUeFU6gcswXjA3nH1OtgPLrdAmwjJjghK/2mrKsTw5jqcB5HYAFwa0hrOqwUD/VY8lXJYxD0ZW97CL7Q= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-io1-xd2a.google.com with SMTP id ca18e2360f4ac-7e9c80adc25so82894439f.3 for ; Fri, 14 Jun 2024 05:53:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1718369590; x=1718974390; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Pd85jhBjXCJY2vsR+twZHKxqOyAvfLL6N1NPUinhwTQ=; b=l36BEI+3w6AXGWa3JQ8H6DES4mTNWGTTWoZdQN29Oj25o/Zf/AnHkDXvZ2JMqa7FwE Ua1q4ud/b4LcXAZSYeFzL6GjZL3g3TuExGcvpJ6PxCT/c0kaqz2TGYUprTRhTX5xIEah gJFKtKIE2RcRywhnT1JmaRMf5u5xitpodqU4uQ9IFZLc2dIQMdgdGxsGrzquZxkE0CnV zqDUEPIgZvSYbSLdLcyyEGj5L8aAtHroccJDkvz8Y2bAqL4qSLOUHCye/VCM56pTRZ0r eq9xO5hLt8AogH08BY8X2aPZ6KzXJfT5ru53Fn5UeeJCXHXj1QFF2elppUUaLuv4iYwk D+/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718369590; x=1718974390; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Pd85jhBjXCJY2vsR+twZHKxqOyAvfLL6N1NPUinhwTQ=; b=FDAokU73v8nscbCObLW5l8sH8n4ft1hYUPzwBbpU4t3r+wxGKLZTo9EkCycVFEwt/T c7rXIRS/l34Jn1tkeNpdCjfRMOCK2V0ZUXtrkMcj+nGYmG7C3yvxV00tsa1q7DP1hHqO 08yOeeiWQQgruGhwdswNnWOzWGAm5V6bgOxBGsrhnNXauLJDZY3g8Fw4rvmTEgu1hvOa PhnSe7Ms/SDXLQhDTobSd5YXMeTCxBhHPZ1lg8W7UkvQTQAvRaucF5l46eLwSJ5EEg9D tEuZ2Lxbu/SAmuTDOKqdu83IYm0/UhaqeXay3wTGT3LKD2AYYXwKvVQfXX+pDn+mpCVS pr5A== X-Gm-Message-State: AOJu0Yy2sv1f5S932ngkWZ0TtjS3d0ZUJAqHCpBa5UEegHq+Qu62NXvq VMy66TU2UTrLOA7XJHNS9/m7qXNXE4jhifapPKhviKBShc0RM/XURJesWtxZyy8LfEz96J3GBw8 k X-Received: by 2002:a05:6602:3f90:b0:7e1:8a93:48ef with SMTP id ca18e2360f4ac-7ebeb65dfb6mr304859039f.21.1718369589308; Fri, 14 Jun 2024 05:53:09 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c0:c5fb:2445:b09c:5736:f9f6]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-705cc9890d5sm3062140b3a.92.2024.06.14.05.53.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jun 2024 05:53:08 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: "H . J . Lu" , Florian Weimer , Zack Weinberg Subject: [PATCH v2 2/2] elf: Make non-executable stack disable by default Date: Fri, 14 Jun 2024 09:50:52 -0300 Message-ID: <20240614125300.310236-3-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240614125300.310236-1-adhemerval.zanella@linaro.org> References: <20240614125300.310236-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org It is past time to not allow executable stacks as default, even if kernel protection like SELinux already exists (although not widely deployed). Binutils 2.39 now warns of the need of executable stacks by default [1] and gcc nested function trampolines can now be heap based [2] (besides being a gcc-only extension). For compatibility, a new tunable, glibc.rtld.noexecstack, can be use to allow programs to run with an executable stack. It has the side effect of complete disable executable stacks for setuid binaries, but allowing in first place is *really* a bad idea. Some ABIs still require executable stacks: hurd, Linux/hppa (where gcc/binutils still does not generate .note.GNU-stack as default [3]), and mips for some ABI on kernels older than 4.8. For such ABIs, the non-executable is not enforced. Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu. [1] https://www.redhat.com/en/blog/linkers-warnings-about-executable-stacks-and-segments [2] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=28d8c680aaea46137170fef2bd1c6a98301518dc [3] https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart --- Makeconfig | 1 + NEWS | 4 + elf/Makefile | 50 ++++++++- elf/dl-load.c | 8 ++ elf/dl-support.c | 5 + elf/dl-tunables.list | 6 + elf/rtld.c | 4 + elf/tst-execstack-prog-static.c | 1 + elf/tst-execstack.c | 106 +++++------------- elf/tst-ro-dynamic-mod.map | 3 +- elf/tst-rtld-list-tunables.exp | 1 + manual/tunables.texi | 20 ++++ nptl/Makefile | 11 +- sysdeps/hppa/dl-tunables.list | 11 ++ sysdeps/mach/hurd/dl-tunables.list | 11 ++ sysdeps/unix/sysv/linux/mips/Makefile | 13 +++ .../sysv/linux/mips/dl-tunables-arch.list | 12 ++ 17 files changed, 188 insertions(+), 79 deletions(-) create mode 100644 elf/tst-execstack-prog-static.c create mode 100644 sysdeps/hppa/dl-tunables.list create mode 100644 sysdeps/mach/hurd/dl-tunables.list create mode 100644 sysdeps/unix/sysv/linux/mips/dl-tunables-arch.list diff --git a/Makeconfig b/Makeconfig index 29819363da..76f5772272 100644 --- a/Makeconfig +++ b/Makeconfig @@ -356,6 +356,7 @@ endif # Must be supported by the linker. no-whole-archive = -Wl,--no-whole-archive whole-archive = -Wl,--whole-archive +noexecstack = -Wl,-z,noexecstack # Installed name of the startup code. # The ELF convention is that the startfile is called crt1.o diff --git a/NEWS b/NEWS index 20e263f581..3419a0a2e8 100644 --- a/NEWS +++ b/NEWS @@ -36,6 +36,10 @@ Major new features: * On Linux, update epoll header to include epoll ioctl definitions and related structure added in Linux kernel 6.9. +* A new tunable, glibc.rtld.noexecstack, can be used to enable executable + stacks from either main program, dependencies, or dynamically loaded + libraries. The default is to disable executable stacks. + Deprecated and removed features, and other changes affecting compatibility: * Architectures which use a 32-bit seconds-since-epoch field in struct diff --git a/elf/Makefile b/elf/Makefile index 57b3a19d36..17768d81f7 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -543,6 +543,15 @@ tests-execstack-yes = \ tst-execstack-needed \ tst-execstack-prog \ # tests-execstack-yes +tests-execstack-static-yes = \ + tst-execstack-prog-static \ + # tests-execstack-static-yes +tests-execstack-special-yes = \ + $(objpfx)tst-execstack-default.out \ + $(objpfx)tst-execstack-needed-default.out \ + $(objpfx)tst-execstack-prog-default.out \ + $(objpfx)tst-execstack-prog-static-default.out \ + # tests-execstack-special-yes endif ifeq ($(have-depaudit),yes) tests += \ @@ -630,6 +639,8 @@ $(objpfx)tst-rtld-does-not-exist.out: tst-rtld-does-not-exist.sh $(objpfx)ld.so $(evaluate-test) tests += $(tests-execstack-$(have-z-execstack)) +tests-static += $(tests-execstack-static-$(have-z-execstack)) +tests-special += $(tests-execstack-special-$(have-z-execstack)) ifeq ($(run-built-tests),yes) tests-special += \ $(objpfx)noload-mem.out \ @@ -1845,16 +1856,53 @@ $(objpfx)unload8.out: $(objpfx)unload8mod1.so $(objpfx)unload8mod1x.so $(objpfx)tst-tls9-static.out: $(objpfx)tst-tlsmod5.so $(objpfx)tst-tlsmod6.so ifeq ($(have-z-execstack),yes) -$(objpfx)tst-execstack.out: $(objpfx)tst-execstack-mod.so +$(objpfx)tst-execstack: $(objpfx)tst-execstack-mod.so CPPFLAGS-tst-execstack.c += -DUSE_PTHREADS=0 LDFLAGS-tst-execstack = -Wl,-z,noexecstack LDFLAGS-tst-execstack-mod.so = -Wl,-z,execstack +$(objpfx)tst-execstack-default.out: $(objpfx)tst-execstack + $(test-program-cmd) $< > $@ 2>&1; echo "status: $$?" >> $@; \ + grep -q 'error while loading shared libraries:.*executable stack is not allowed$$' $@ \ + && grep -q '^status: 127$$' $@; \ + $(evaluate-test) + +tst-execstack-ENV = GLIBC_TUNABLES=glibc.rtld.noexecstack=0 \ + ALLOW_EXECSTACK=1 + $(objpfx)tst-execstack-needed: $(objpfx)tst-execstack-mod.so LDFLAGS-tst-execstack-needed = -Wl,-z,noexecstack +tst-execstack-needed-ENV = GLIBC_TUNABLES=glibc.rtld.noexecstack=0 \ + ALLOW_EXECSTACK=1 + +$(objpfx)tst-execstack-needed-default.out: $(objpfx)tst-execstack-needed + $(test-program-cmd) $< > $@ 2>&1; echo "status: $$?" >> $@; \ + grep -q 'error while loading shared libraries:.*executable stack is not allowed$$' $@ \ + && grep -q '^status: 127$$' $@; \ + $(evaluate-test) + LDFLAGS-tst-execstack-prog = -Wl,-z,execstack CFLAGS-tst-execstack-prog.c += -Wno-trampolines +tst-execstack-prog-ENV = GLIBC_TUNABLES=glibc.rtld.noexecstack=0 + +LDFLAGS-tst-execstack-prog-static = -Wl,-z,execstack +CFLAGS-tst-execstack-prog-static.c += -Wno-trampolines +tst-execstack-prog-static-ENV = GLIBC_TUNABLES=glibc.rtld.noexecstack=0 + +$(objpfx)tst-execstack-prog-default.out: $(objpfx)tst-execstack-prog + $(test-program-cmd) $< > $@ 2>&1; echo "status: $$?" >> $@; \ + grep -q 'executable stack is not allowed$$' $@ \ + grep -q 'error while loading shared libraries:.*executable stack is not allowed$$' $@ \ + && grep -q '^status: 127$$' $@; \ + $(evaluate-test) + +$(objpfx)tst-execstack-prog-static-default.out: $(objpfx)tst-execstack-prog-static + $(host-test-program-cmd) $< > $@ 2>&1; echo "status: $$?" >> $@; \ + grep -q 'executable stack is not allowed$$' $@ \ + && grep -q '^status: 127$$' $@; \ + $(evaluate-test) + CFLAGS-tst-execstack-mod.c += -Wno-trampolines endif diff --git a/elf/dl-load.c b/elf/dl-load.c index 8a89b71016..414955694f 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -32,6 +32,7 @@ #include #include #include +#include /* Type for the buffer we put the ELF header and hopefully the program header. This buffer does not really have to be too large. In most @@ -1297,6 +1298,13 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, if (__glibc_unlikely ((stack_flags &~ GL(dl_stack_flags)) & PF_X)) { + if (TUNABLE_GET (glibc, rtld, noexecstack, int32_t, NULL) == 1) + { + errstring = N_("\ +executable stack is not allowed"); + goto lose; + } + /* The stack is presently not executable, but this module requires that it be executable. */ #if PTHREAD_IN_LIBC diff --git a/elf/dl-support.c b/elf/dl-support.c index 451932dd03..084e2579b1 100644 --- a/elf/dl-support.c +++ b/elf/dl-support.c @@ -45,6 +45,7 @@ #include #include #include +#include extern char *__progname; char **_dl_argv = &__progname; /* This is checked for some error messages. */ @@ -335,6 +336,10 @@ _dl_non_dynamic_init (void) break; } + if ((__glibc_unlikely (GL(dl_stack_flags)) & PF_X) + && TUNABLE_GET (glibc, rtld, noexecstack, int32_t, NULL) == 1) + _dl_fatal_printf ("Fatal glibc error: executable stack is not allowed\n"); + call_function_static_weak (_dl_find_object_init); /* Setup relro on the binary itself. */ diff --git a/elf/dl-tunables.list b/elf/dl-tunables.list index 1186272c81..745c9ce2c1 100644 --- a/elf/dl-tunables.list +++ b/elf/dl-tunables.list @@ -142,6 +142,12 @@ glibc { maxval: 1 default: 0 } + noexecstack { + type: INT_32 + minval: 0 + maxval: 1 + default: 1 + } } mem { diff --git a/elf/rtld.c b/elf/rtld.c index e9525ea987..0762d68d68 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -1668,6 +1668,10 @@ dl_main (const ElfW(Phdr) *phdr, bool has_interp = rtld_setup_main_map (main_map); + if ((__glibc_unlikely (GL(dl_stack_flags)) & PF_X) + && TUNABLE_GET (glibc, rtld, noexecstack, int32_t, NULL) == 1) + _dl_fatal_printf ("Fatal glibc error: executable stack is not allowed\n"); + /* If the current libname is different from the SONAME, add the latter as well. */ if (GL(dl_rtld_map).l_info[DT_SONAME] != NULL diff --git a/elf/tst-execstack-prog-static.c b/elf/tst-execstack-prog-static.c new file mode 100644 index 0000000000..180657e5ef --- /dev/null +++ b/elf/tst-execstack-prog-static.c @@ -0,0 +1 @@ +#include "tst-execstack-prog.c" diff --git a/elf/tst-execstack.c b/elf/tst-execstack.c index 560b353918..56fb8bd874 100644 --- a/elf/tst-execstack.c +++ b/elf/tst-execstack.c @@ -8,17 +8,10 @@ #include #include #include - -static void -print_maps (void) -{ -#if 0 - char *cmd = NULL; - asprintf (&cmd, "cat /proc/%d/maps", getpid ()); - system (cmd); - free (cmd); -#endif -} +#include +#include +#include +#include static void deeper (void (*f) (void)); @@ -47,7 +40,7 @@ waiter_thread (void *arg) } #endif -static bool allow_execstack = true; +static bool kernel_allow_execstack = true; static int @@ -74,61 +67,46 @@ do_test (void) { n = getline (&line, &linelen, fp); if (n > 0 && line[0] == '0') - allow_execstack = false; + kernel_allow_execstack = false; } fclose (fp); } } - printf ("executable stacks %sallowed\n", allow_execstack ? "" : "not "); + printf ("kernel allows executable stacks: %s\n", + kernel_allow_execstack ? "yes" : "not "); + + bool glibc_allow_execstack = getenv ("ALLOW_EXECSTACK") != 0; + printf ("expected allow executable stacks: %s\n", + glibc_allow_execstack ? "yes" : "not "); static void *f; /* Address of this is used in other threads. */ #if USE_PTHREADS /* Create some threads while stacks are nonexecutable. */ #define N 5 - pthread_t thr[N]; - pthread_barrier_init (&startup_barrier, NULL, N + 1); - pthread_barrier_init (&go_barrier, NULL, N + 1); + xpthread_barrier_init (&startup_barrier, NULL, N + 1); + xpthread_barrier_init (&go_barrier, NULL, N + 1); for (int i = 0; i < N; ++i) - { - int rc = pthread_create (&thr[i], NULL, &waiter_thread, &f); - if (rc) - error (1, rc, "pthread_create"); - } + xpthread_create (NULL, &waiter_thread, &f); /* Make sure they are all there using their stacks. */ - pthread_barrier_wait (&startup_barrier); + xpthread_barrier_wait (&startup_barrier); puts ("threads waiting"); #endif - print_maps (); - #if USE_PTHREADS void *old_stack_addr, *new_stack_addr; size_t stack_size; pthread_t me = pthread_self (); pthread_attr_t attr; - int ret = 0; - ret = pthread_getattr_np (me, &attr); - if (ret) - { - printf ("before execstack: pthread_getattr_np returned error: %s\n", - strerror (ret)); - return 1; - } - - ret = pthread_attr_getstack (&attr, &old_stack_addr, &stack_size); - if (ret) - { - printf ("before execstack: pthread_attr_getstack returned error: %s\n", - strerror (ret)); - return 1; - } + TEST_VERIFY_EXIT (pthread_getattr_np (me, &attr) == 0); + TEST_VERIFY_EXIT (pthread_attr_getstack (&attr, &old_stack_addr, + &stack_size) == 0); # if _STACK_GROWS_DOWN old_stack_addr += stack_size; # else @@ -146,39 +124,22 @@ do_test (void) if (h == NULL) { printf ("cannot load: %s\n", dlerror ()); - return allow_execstack; + return kernel_allow_execstack + ? (glibc_allow_execstack ? 1 : 0) + : 0; } - f = dlsym (h, "tryme"); - if (f == NULL) - { - printf ("symbol not found: %s\n", dlerror ()); - return 1; - } + f = xdlsym (h, "tryme"); /* Test if that really made our stack executable. The `tryme' function should crash if not. */ (*((void (*) (void)) f)) (); - print_maps (); - #if USE_PTHREADS - ret = pthread_getattr_np (me, &attr); - if (ret) - { - printf ("after execstack: pthread_getattr_np returned error: %s\n", - strerror (ret)); - return 1; - } - - ret = pthread_attr_getstack (&attr, &new_stack_addr, &stack_size); - if (ret) - { - printf ("after execstack: pthread_attr_getstack returned error: %s\n", - strerror (ret)); - return 1; - } + TEST_VERIFY_EXIT (pthread_getattr_np (me, &attr) == 0); + TEST_VERIFY_EXIT (pthread_attr_getstack (&attr, &new_stack_addr, + &stack_size) == 0); # if _STACK_GROWS_DOWN new_stack_addr += stack_size; @@ -206,26 +167,19 @@ do_test (void) /* Test that growing the stack region gets new executable pages too. */ deeper ((void (*) (void)) f); - print_maps (); - #if USE_PTHREADS /* Test that a fresh thread now gets an executable stack. */ - { - pthread_t th; - int rc = pthread_create (&th, NULL, &tryme_thread, f); - if (rc) - error (1, rc, "pthread_create"); - } + xpthread_create (NULL, &tryme_thread, f); puts ("threads go"); /* The existing threads' stacks should have been changed. Let them run to test it. */ - pthread_barrier_wait (&go_barrier); + xpthread_barrier_wait (&go_barrier); - pthread_exit ((void *) (long int) (! allow_execstack)); + pthread_exit ((void *) (long int) (! kernel_allow_execstack)); #endif - return ! allow_execstack; + return ! kernel_allow_execstack; } static void diff --git a/elf/tst-ro-dynamic-mod.map b/elf/tst-ro-dynamic-mod.map index 2fe4a2998c..b68b036d3a 100644 --- a/elf/tst-ro-dynamic-mod.map +++ b/elf/tst-ro-dynamic-mod.map @@ -4,7 +4,7 @@ SECTIONS .dynamic : { *(.dynamic) } :text :dynamic .rodata : { *(.data*) *(.bss*) } :text /DISCARD/ : { - *(.note.gnu.property) + *(.note.gnu.property) *(.note.GNU-stack) } .note : { *(.note.*) } :text :note } @@ -13,4 +13,5 @@ PHDRS text PT_LOAD FLAGS(5) FILEHDR PHDRS; dynamic PT_DYNAMIC FLAGS(4); note PT_NOTE FLAGS(4); + gnu_stack PT_GNU_STACK FLAGS(6); } diff --git a/elf/tst-rtld-list-tunables.exp b/elf/tst-rtld-list-tunables.exp index db0e1c86e9..2ac06e083a 100644 --- a/elf/tst-rtld-list-tunables.exp +++ b/elf/tst-rtld-list-tunables.exp @@ -14,4 +14,5 @@ glibc.malloc.trim_threshold: 0x0 (min: 0x0, max: 0x[f]+) glibc.rtld.dynamic_sort: 2 (min: 1, max: 2) glibc.rtld.enable_secure: 0 (min: 0, max: 1) glibc.rtld.nns: 0x4 (min: 0x1, max: 0x10) +glibc.rtld.noexecstack: 1 (min: 0, max: 1) glibc.rtld.optional_static_tls: 0x200 (min: 0x0, max: 0x[f]+) diff --git a/manual/tunables.texi b/manual/tunables.texi index 8dd02d8149..bc8ef6effa 100644 --- a/manual/tunables.texi +++ b/manual/tunables.texi @@ -356,6 +356,26 @@ tests for @code{AT_SECURE} programs and not meant to be a security feature. The default value of this tunable is @samp{0}. @end deftp +@deftp Tunable glibc.rtld.noexecstack +Initially, @theglibc{} will use either the default architecture flags (that might +contain the executable bit) or the value of @code{PT_GNU_STACK} (if present). +If any shared library dependency or dynamic object loaded with @code{dlopen} +or @code{dlmopen} requires an executable stack (either by the default flags +or @code{PT_GNU_STACK} from the library) @theglibc{} will try to change the +permission of the stack to enable execution for all running threads. + +The @code{glibc.rtld.noexecstack} tunable allows the user to control whether +to control executable stacks from the main program, dependencies, or from +dynamically loaded libraries. Setting its value to @code{0} allows executable +stacks, where @code{1} disables it. The default value is @code{1} (except +for Hurd, and hppa/mips on Linux which requires executables stacks). + +When executable stacks are not allowed, and if the main program or dependencies +require an executable stack, the loader will fail with an error message. Trying +to load a dynamic shared library with @code{dlopen} or @code{dlmopen} will fail, +with a proper message that can be obtained with @code{dlerror}. +@end deftp + @node Elision Tunables @section Elision Tunables @cindex elision tunables diff --git a/nptl/Makefile b/nptl/Makefile index b3f8af2e1c..e16be8ff13 100644 --- a/nptl/Makefile +++ b/nptl/Makefile @@ -468,6 +468,7 @@ tests-internal += \ # tests-internal ifeq ($(have-z-execstack),yes) tests += tst-execstack-threads +tests-special += $(objpfx)tst-execstack-threads-default.out endif endif @@ -671,10 +672,18 @@ endif tst-exec4-ARGS = $(host-test-program-cmd) -$(objpfx)tst-execstack-threads.out: $(objpfx)tst-execstack-threads-mod.so +$(objpfx)tst-execstack-threads: $(objpfx)tst-execstack-threads-mod.so LDFLAGS-tst-execstack-threads = -Wl,-z,noexecstack LDFLAGS-tst-execstack-threads-mod.so = -Wl,-z,execstack CFLAGS-tst-execstack-threads-mod.c += -Wno-trampolines +tst-execstack-threads-ENV = GLIBC_TUNABLES=glibc.rtld.noexecstack=0 \ + ALLOW_EXECSTACK=1 + +$(objpfx)tst-execstack-threads-default.out: $(objpfx)tst-execstack-threads + $(test-program-cmd) $< > $@ 2>&1; echo "status: $$?" >> $@; \ + grep -q 'error while loading shared libraries:.*executable stack is not allowed$$' $@ \ + && grep -q '^status: 127$$' $@; \ + $(evaluate-test) tst-stackguard1-ARGS = --command "$(host-test-program-cmd) --child" tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child" diff --git a/sysdeps/hppa/dl-tunables.list b/sysdeps/hppa/dl-tunables.list new file mode 100644 index 0000000000..2e53a235db --- /dev/null +++ b/sysdeps/hppa/dl-tunables.list @@ -0,0 +1,11 @@ +# HPPA defaults to executable stacks. +glibc { + rtld { + noexecstack { + type: INT_32 + minval: 0 + maxval: 1 + default: 0 + } + } +} diff --git a/sysdeps/mach/hurd/dl-tunables.list b/sysdeps/mach/hurd/dl-tunables.list new file mode 100644 index 0000000000..dc6a7aa21b --- /dev/null +++ b/sysdeps/mach/hurd/dl-tunables.list @@ -0,0 +1,11 @@ +# Hurd default to an executable stack. +glibc { + rtld { + noexecstack { + type: INT_32 + minval: 0 + maxval: 1 + default: 0 + } + } +} diff --git a/sysdeps/unix/sysv/linux/mips/Makefile b/sysdeps/unix/sysv/linux/mips/Makefile index d5725c69d8..2cb0f6268f 100644 --- a/sysdeps/unix/sysv/linux/mips/Makefile +++ b/sysdeps/unix/sysv/linux/mips/Makefile @@ -78,4 +78,17 @@ ASFLAGS-.o += -Wa,-execstack ASFLAGS-.os += -Wa,-execstack ASFLAGS-.op += -Wa,-execstack ASFLAGS-.oS += -Wa,-execstack +mips_noexecstack := 0 +else +mips_noexecstack := 1 endif + +# Change the default value of glibc.rtld.noexecstack based on mips-force-execstack +$(common-objpfx)dl-tunable-list.stmp: $(common-objpfx)dl-tunable-arch.list +$(common-objpfx)dl-tunable-arch.list: $(common-objpfx)dl-tunable-arch.stmp; @: +$(common-objpfx)dl-tunable-arch.stmp: \ + $(wildcard $(sysdirs:%=%/dl-tunables-arch.list)) + cp $^ ${@:stmp=T} + sed -i 's/mips_noexecstack/$(mips_noexecstack)/' ${@:stmp=T} + $(move-if-change) ${@:stmp=T} ${@:stmp=list} + touch $@ diff --git a/sysdeps/unix/sysv/linux/mips/dl-tunables-arch.list b/sysdeps/unix/sysv/linux/mips/dl-tunables-arch.list new file mode 100644 index 0000000000..c9656c4a15 --- /dev/null +++ b/sysdeps/unix/sysv/linux/mips/dl-tunables-arch.list @@ -0,0 +1,12 @@ +# MIPS migth require an executable stack on kernels older than 4.8. The +# 'mips_noexecstack' is set by configure depending on how glibc is configured. +glibc { + rtld { + noexecstack { + type: INT_32 + minval: 0 + maxval: 1 + default: mips_noexecstack + } + } +}