diff options
author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2019-11-29 10:26:30 -0300 |
---|---|---|
committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2020-01-03 11:22:07 -0300 |
commit | 57013650f7e796428ac2c0b7512757e99327bfc9 (patch) | |
tree | 9ff129f0545943210666229fa5335d0acd1b4ee6 /elf/dl-support.c | |
parent | e760874ee3315ca3a8a2978b5f8e4dba1e336197 (diff) | |
download | glibc-57013650f7e796428ac2c0b7512757e99327bfc9.tar.gz glibc-57013650f7e796428ac2c0b7512757e99327bfc9.tar.xz glibc-57013650f7e796428ac2c0b7512757e99327bfc9.zip |
elf: Enable relro for static build
The code is similar to the one at elf/dl-reloc.c, where it checks for the l_relro_size from the link_map (obtained from PT_GNU_RELRO header from program headers) and calls_dl_protected_relro. For testing I will use the ones proposed by Florian's patch 'elf: Add tests for working RELRO protection' [1]. Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu, aarch64-linux-gnu, s390x-linux-gnu, and sparc64-linux-gnu. I also check with --enable-static pie on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu which seems the only architectures where static PIE is actually working (as per 9d7a3741c9e, on arm-linux-gnueabihf, powerpc64{le}-linux-gnu, and s390x-linux-gnu I am seeing runtime issues not related to my patch). [1] https://sourceware.org/ml/libc-alpha/2019-10/msg00059.html Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Diffstat (limited to 'elf/dl-support.c')
-rw-r--r-- | elf/dl-support.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/elf/dl-support.c b/elf/dl-support.c index 957a810938..508a5c1196 100644 --- a/elf/dl-support.c +++ b/elf/dl-support.c @@ -367,14 +367,24 @@ _dl_non_dynamic_init (void) if (_dl_platform != NULL) _dl_platformlen = strlen (_dl_platform); - /* Scan for a program header telling us the stack is nonexecutable. */ if (_dl_phdr != NULL) - for (uint_fast16_t i = 0; i < _dl_phnum; ++i) - if (_dl_phdr[i].p_type == PT_GNU_STACK) + for (const ElfW(Phdr) *ph = _dl_phdr; ph < &_dl_phdr[_dl_phnum]; ++ph) + switch (ph->p_type) { - _dl_stack_flags = _dl_phdr[i].p_flags; + /* Check if the stack is nonexecutable. */ + case PT_GNU_STACK: + _dl_stack_flags = ph->p_flags; + break; + + case PT_GNU_RELRO: + _dl_main_map.l_relro_addr = ph->p_vaddr; + _dl_main_map.l_relro_size = ph->p_memsz; break; } + + /* Setup relro on the binary itself. */ + if (_dl_main_map.l_relro_size != 0) + _dl_protect_relro (&_dl_main_map); } #ifdef DL_SYSINFO_IMPLEMENTATION |