diff options
author | Ryan S. Arnold <rsa@us.ibm.com> | 2010-12-19 22:49:01 -0500 |
---|---|---|
committer | Ulrich Drepper <drepper@gmail.com> | 2010-12-19 22:49:01 -0500 |
commit | 30950a5fd2346c43ba4fc59c16f122cfb59f9629 (patch) | |
tree | 400aceac60bdb17ec66caf2850d173ad8554e135 | |
parent | db753e2cfb2051ebf20dc089f87c5b1297cc2cff (diff) | |
download | glibc-30950a5fd2346c43ba4fc59c16f122cfb59f9629.tar.gz glibc-30950a5fd2346c43ba4fc59c16f122cfb59f9629.tar.xz glibc-30950a5fd2346c43ba4fc59c16f122cfb59f9629.zip |
Make PowerPC64 default to nonexecutable stack
-rw-r--r-- | ChangeLog | 22 | ||||
-rw-r--r-- | elf/Makefile | 8 | ||||
-rw-r--r-- | elf/check-execstack.c | 13 | ||||
-rw-r--r-- | elf/dl-load.c | 6 | ||||
-rw-r--r-- | elf/dl-support.c | 6 | ||||
-rw-r--r-- | elf/rtld.c | 6 | ||||
-rw-r--r-- | sysdeps/i386/stackinfo.h | 8 | ||||
-rw-r--r-- | sysdeps/ia64/stackinfo.h | 8 | ||||
-rw-r--r-- | sysdeps/powerpc/stackinfo.h | 13 | ||||
-rw-r--r-- | sysdeps/s390/stackinfo.h | 8 | ||||
-rw-r--r-- | sysdeps/sh/stackinfo.h | 8 | ||||
-rw-r--r-- | sysdeps/sparc/stackinfo.h | 8 | ||||
-rw-r--r-- | sysdeps/x86_64/stackinfo.h | 8 |
13 files changed, 104 insertions, 18 deletions
diff --git a/ChangeLog b/ChangeLog index 3db482a368..ad3d95d111 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,25 @@ +2010-12-15 Ryan S. Arnold <rsa@us.ibm.com> + + * elf/Makefile: (check-execstack): Replace $(native-compile) with a + similar rule which adds the sysdep directories to the header search in + order to pick up the correct platform stackinfo.h. + * elf/check-execstack.c (main): Check DEFAULT_STACK_PERMS for PF_X and + perform test if it is, otherwise return successfully without testing. + * elf/dl-load.c (_dl_map_object_from_fd): Source stack_flags from + DEFAULT_STACK_PERMS define in stackinfo.h. + * elf/dl-support.c (_dl_stack_flags): Source from DEFAULT_STACK_PERMS + defined in stackinfo.h. + * elf/rtld.c (_dl_starting_up): Source ._dl_stack_flags from + DEFAULT_STACK_PERMS defined in stackinfo.h. + * sysdeps/i386/stackinfo.h: Define DEFAULT_STACK_PERMS with PF_X. + * sysdeps/ia64/stackinfo.h: Likewise. + * sysdeps/s390/stackinfo.h: Likewise. + * sysdeps/sh/stackinfo.h: Likewise. + * sysdeps/sparc/stackinfo.h: Likewise. + * sysdeps/x86_64/stackinfo.h: Likewise. + * sysdeps/powerpc/stackinfo.h: Define DEFAULT_STACK_PERMS without + PF_X for powerpc64. Retain PF_X for powerpc32. + 2010-12-19 Ulrich Drepper <drepper@gmail.com> * sysdeps/unix/readdir_r.c (__READDIR_R): Compute reclen more accurate. diff --git a/elf/Makefile b/elf/Makefile index b0420f50ef..bba6493084 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -899,8 +899,14 @@ $(objpfx)check-textrel: check-textrel.c $(native-compile) check-execstack-CFLAGS = -O -Wall -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -std=gnu99 +# Perform the same operation as $(native-compile) but add the sysdeps +# directories as header search locations. $(objpfx)check-execstack: check-execstack.c - $(native-compile) + $(make-target-directory) + $(patsubst %/,cd % &&,$(objpfx)) \ + $(BUILD_CC) $($(basename $(<F))-CFLAGS) $(ALL_BUILD_CFLAGS) \ + $(addprefix -I$(shell pwd)/,$(sysdirs)) -I$(shell pwd) \ + $(firstword $(filter /%,$< $(shell pwd)/$<)) -o $(@F) check-localplt-CFLAGS = -O -Wall -D_GNU_SOURCE -std=gnu99 $(objpfx)check-localplt: check-localplt.c diff --git a/elf/check-execstack.c b/elf/check-execstack.c index 55cf48721a..64353751e9 100644 --- a/elf/check-execstack.c +++ b/elf/check-execstack.c @@ -1,5 +1,5 @@ /* Check for executable stacks in DSOs. - Copyright (C) 2009 Free Software Foundation, Inc. + Copyright (C) 2009, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. Contribute by Ulrich Drepper <drepper@redhat.com>. 2009. @@ -26,6 +26,7 @@ #include <stdlib.h> #include <string.h> #include <unistd.h> +#include <stackinfo.h> #ifdef BITS @@ -150,9 +151,13 @@ main (int argc, char *argv[]) int cnt; int result = 0; - for (cnt = 1; cnt < argc; ++cnt) - result |= handle_file (argv[cnt]); - + /* We can return successfully, i.e., not fail, if PF_X isn't present. If it + * is present then check for the GNU_STACK header. */ + if (DEFAULT_STACK_PERMS & PF_X) + { + for (cnt = 1; cnt < argc; ++cnt) + result |= handle_file (argv[cnt]); + } return result; } #endif diff --git a/elf/dl-load.c b/elf/dl-load.c index 4c14f08e55..41b5ce7691 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -984,8 +984,10 @@ _dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp, } } - /* Presumed absent PT_GNU_STACK. */ - uint_fast16_t stack_flags = PF_R|PF_W|PF_X; + /* On most platforms presume that PT_GNU_STACK is absent and the stack is + * executable. Other platforms default to a nonexecutable stack and don't + * need PT_GNU_STACK to do so. */ + uint_fast16_t stack_flags = DEFAULT_STACK_PERMS; { /* Scan the program header table, collecting its load commands. */ diff --git a/elf/dl-support.c b/elf/dl-support.c index 5897b32e8c..1b128c37ff 100644 --- a/elf/dl-support.c +++ b/elf/dl-support.c @@ -32,6 +32,7 @@ #include <dl-procinfo.h> #include <unsecvars.h> #include <hp-timing.h> +#include <stackinfo.h> extern char *__progname; char **_dl_argv = &__progname; /* This is checked for some error messages. */ @@ -134,8 +135,9 @@ uint64_t _dl_hwcap __attribute__ ((nocommon)); setting _dl_hwcap nonzero below, but we do anyway. */ uint64_t _dl_hwcap_mask __attribute__ ((nocommon)); -/* Prevailing state of the stack, PF_X indicating it's executable. */ -ElfW(Word) _dl_stack_flags = PF_R|PF_W|PF_X; +/* Prevailing state of the stack. Generally this includes PF_X, indicating it's + * executable but this isn't true for all platforms. */ +ElfW(Word) _dl_stack_flags = DEFAULT_STACK_PERMS; /* If loading a shared object requires that we make the stack executable when it was not, we do it by calling this function. diff --git a/elf/rtld.c b/elf/rtld.c index d53730fe30..851038089c 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -40,6 +40,7 @@ #include <dl-osinfo.h> #include <dl-procinfo.h> #include <tls.h> +#include <stackinfo.h> #include <assert.h> @@ -122,8 +123,9 @@ INTVARDEF(_dl_starting_up) (except those which cannot be added for some reason). */ struct rtld_global _rtld_global = { - /* Default presumption without further information is executable stack. */ - ._dl_stack_flags = PF_R|PF_W|PF_X, + /* Generally the default presumption without further information is an + * executable stack but this is not true for all platforms. */ + ._dl_stack_flags = DEFAULT_STACK_PERMS, #ifdef _LIBC_REENTRANT ._dl_load_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER, ._dl_load_write_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER, diff --git a/sysdeps/i386/stackinfo.h b/sysdeps/i386/stackinfo.h index 2530ea7234..166c1d14ae 100644 --- a/sysdeps/i386/stackinfo.h +++ b/sysdeps/i386/stackinfo.h @@ -1,4 +1,4 @@ -/* Copyright (C) 1999, 2009 Free Software Foundation, Inc. +/* Copyright (C) 1999, 2009, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,9 +22,15 @@ #ifndef _STACKINFO_H #define _STACKINFO_H 1 +#include <elf.h> + /* On x86 the stack grows down. */ #define _STACK_GROWS_DOWN 1 +/* Default to an executable stack. PF_X can be overridden if PT_GNU_STACK is + * present, but it is presumed absent. */ +#define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) + /* Access to the stack pointer. The macros are used in alloca_account for which they need to act as barriers as well, hence the additional (unnecessary) parameters. */ diff --git a/sysdeps/ia64/stackinfo.h b/sysdeps/ia64/stackinfo.h index b7dc5d91dd..a7446e665d 100644 --- a/sysdeps/ia64/stackinfo.h +++ b/sysdeps/ia64/stackinfo.h @@ -1,4 +1,4 @@ -/* Copyright (C) 2001 Free Software Foundation, Inc. +/* Copyright (C) 2001, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,8 +22,14 @@ #ifndef _STACKINFO_H #define _STACKINFO_H 1 +#include <elf.h> + /* On IA-64 the stack grows down. The register stack is of no concern here. */ #define _STACK_GROWS_DOWN 1 +/* Default to an executable stack. PF_X can be overridden if PT_GNU_STACK is + * present, but it is presumed absent. */ +#define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) + #endif /* stackinfo.h */ diff --git a/sysdeps/powerpc/stackinfo.h b/sysdeps/powerpc/stackinfo.h index 839758a4e3..aac86a48a2 100644 --- a/sysdeps/powerpc/stackinfo.h +++ b/sysdeps/powerpc/stackinfo.h @@ -1,4 +1,4 @@ -/* Copyright (C) 1999 Free Software Foundation, Inc. +/* Copyright (C) 1999, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,7 +22,18 @@ #ifndef _STACKINFO_H #define _STACKINFO_H 1 +#include <elf.h> + /* On PPC the stack grows down. */ #define _STACK_GROWS_DOWN 1 +#if __WORDSIZE == 64 +/* PPC64 doesn't need an executable stack and doesn't need PT_GNU_STACK + * to make the stack nonexecutable. */ +# define DEFAULT_STACK_PERMS (PF_R|PF_W) +#else +/* PF_X can be overridden if PT_GNU_STACK is present but is presumed absent. */ +# define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) +#endif + #endif /* stackinfo.h */ diff --git a/sysdeps/s390/stackinfo.h b/sysdeps/s390/stackinfo.h index 7e09c85b9b..058dff6bad 100644 --- a/sysdeps/s390/stackinfo.h +++ b/sysdeps/s390/stackinfo.h @@ -1,4 +1,4 @@ -/* Copyright (C) 2000 Free Software Foundation, Inc. +/* Copyright (C) 2000, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,7 +22,13 @@ #ifndef _STACKINFO_H #define _STACKINFO_H 1 +#include <elf.h> + /* On s390 the stack grows down. */ #define _STACK_GROWS_DOWN 1 +/* Default to an executable stack. PF_X can be overridden if PT_GNU_STACK is + * present, but it is presumed absent. */ +#define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) + #endif /* stackinfo.h */ diff --git a/sysdeps/sh/stackinfo.h b/sysdeps/sh/stackinfo.h index e65338f256..f1c0977457 100644 --- a/sysdeps/sh/stackinfo.h +++ b/sysdeps/sh/stackinfo.h @@ -1,4 +1,4 @@ -/* Copyright (C) 2001 Free Software Foundation, Inc. +/* Copyright (C) 2001, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,7 +22,13 @@ #ifndef _STACKINFO_H #define _STACKINFO_H 1 +#include <elf.h> + /* On SH the stack grows down. */ #define _STACK_GROWS_DOWN 1 +/* Default to an executable stack. PF_X can be overridden if PT_GNU_STACK is + * present, but it is presumed absent. */ +#define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) + #endif /* stackinfo.h */ diff --git a/sysdeps/sparc/stackinfo.h b/sysdeps/sparc/stackinfo.h index fd34e2deb0..189e4b6fa1 100644 --- a/sysdeps/sparc/stackinfo.h +++ b/sysdeps/sparc/stackinfo.h @@ -1,4 +1,4 @@ -/* Copyright (C) 2001 Free Software Foundation, Inc. +/* Copyright (C) 2001, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,7 +22,13 @@ #ifndef _STACKINFO_H #define _STACKINFO_H 1 +#include <elf.h> + /* On sparc the stack grows down. */ #define _STACK_GROWS_DOWN 1 +/* Default to an executable stack. PF_X can be overridden if PT_GNU_STACK is + * present, but it is presumed absent. */ +#define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) + #endif /* stackinfo.h */ diff --git a/sysdeps/x86_64/stackinfo.h b/sysdeps/x86_64/stackinfo.h index b11849d9ab..d4fc25f457 100644 --- a/sysdeps/x86_64/stackinfo.h +++ b/sysdeps/x86_64/stackinfo.h @@ -1,4 +1,4 @@ -/* Copyright (C) 2001, 2009 Free Software Foundation, Inc. +/* Copyright (C) 2001, 2009, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,9 +22,15 @@ #ifndef _STACKINFO_H #define _STACKINFO_H 1 +#include <elf.h> + /* On x86_64 the stack grows down. */ #define _STACK_GROWS_DOWN 1 +/* Default to an executable stack. PF_X can be overridden if PT_GNU_STACK is + * present, but it is presumed absent. */ +#define DEFAULT_STACK_PERMS (PF_R|PF_W|PF_X) + /* Access to the stack pointer. The macros are used in alloca_account for which they need to act as barriers as well, hence the additional (unnecessary) parameters. */ |