From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1039) id 241A23877020; Mon, 25 Jul 2022 17:24:24 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 241A23877020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: H.J. Lu To: bfd-cvs@sourceware.org Subject: [binutils-gdb/binutils-2_39-branch] x86: Disallow invalid relocations against protected symbols X-Act-Checkin: binutils-gdb X-Git-Author: H.J. Lu X-Git-Refname: refs/heads/binutils-2_39-branch X-Git-Oldrev: 366e8fc8f7b269f4c68d0d5768c64a5a7ca42d6b X-Git-Newrev: fc69c7e989d531c95c686ce2bed3d3f89c33c142 Message-Id: <20220725172424.241A23877020@sourceware.org> Date: Mon, 25 Jul 2022 17:24:24 +0000 (GMT) X-BeenThere: binutils-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jul 2022 17:24:24 -0000 https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3Dfc69c7e989d5= 31c95c686ce2bed3d3f89c33c142 commit fc69c7e989d531c95c686ce2bed3d3f89c33c142 Author: H.J. Lu Date: Mon Jul 18 18:24:26 2022 -0700 x86: Disallow invalid relocations against protected symbols =20 Since glibc 2.36 will issue warnings for copy relocation against protected symbols and non-canonical reference to canonical protected functions, change the linker to always disallow such relocations. =20 bfd/ =20 * elf32-i386.c (elf_i386_scan_relocs): Remove check for elf_has_indirect_extern_access. * elf64-x86-64.c (elf_x86_64_scan_relocs): Likewise. (elf_x86_64_relocate_section): Remove check for elf_has_no_copy_on_protected. * elfxx-x86.c (elf_x86_allocate_dynrelocs): Check for building executable instead of elf_has_no_copy_on_protected. (_bfd_x86_elf_adjust_dynamic_symbol): Disallow copy relocation against non-copyable protected symbol. * elfxx-x86.h (SYMBOL_NO_COPYRELOC): Remove check for elf_has_no_copy_on_protected. =20 ld/ =20 * testsuite/ld-i386/i386.exp: Expect linker error for PR ld/177= 09 test. * testsuite/ld-i386/pr17709.rd: Removed. * testsuite/ld-i386/pr17709.err: New file. * testsuite/ld-x86-64/pr17709.rd: Removed. * testsuite/ld-x86-64/pr17709.err: New file. * testsuite/ld-x86-64/pr28875-func.err: Updated. * testsuite/ld-x86-64/x86-64.exp: Expect linker error for PR ld/17709 test. Add tests for function pointer against protected function. =20 (cherry picked from commit f638657759f5b9b4eb31a1aa6b9fe6e6fb01f4a0) Diff: --- bfd/elf32-i386.c | 3 +-- bfd/elf64-x86-64.c | 10 +++------- bfd/elfxx-x86.c | 21 +++++++++++++++++++-- bfd/elfxx-x86.h | 3 +-- ld/testsuite/ld-i386/i386.exp | 2 +- ld/testsuite/ld-i386/pr17709.err | 2 ++ ld/testsuite/ld-i386/pr17709.rd | 4 ---- ld/testsuite/ld-x86-64/pr17709.err | 2 ++ ld/testsuite/ld-x86-64/pr17709.rd | 4 ---- ld/testsuite/ld-x86-64/pr28875-func.err | 2 +- ld/testsuite/ld-x86-64/x86-64.exp | 18 +++++++++++++++++- 11 files changed, 47 insertions(+), 24 deletions(-) diff --git a/bfd/elf32-i386.c b/bfd/elf32-i386.c index 4bcb06b0030..52b1db44546 100644 --- a/bfd/elf32-i386.c +++ b/bfd/elf32-i386.c @@ -1812,8 +1812,7 @@ elf_i386_scan_relocs (bfd *abfd, && h->type =3D=3D STT_FUNC && eh->def_protected && !SYMBOL_DEFINED_NON_SHARED_P (h) - && h->def_dynamic - && elf_has_indirect_extern_access (h->root.u.def.section->owner)) + && h->def_dynamic) { /* Disallow non-canonical reference to canonical protected function. */ diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c index 3abc68a4127..62a9a22317a 100644 --- a/bfd/elf64-x86-64.c +++ b/bfd/elf64-x86-64.c @@ -2255,8 +2255,7 @@ elf_x86_64_scan_relocs (bfd *abfd, struct bfd_link_in= fo *info, && h->type =3D=3D STT_FUNC && eh->def_protected && !SYMBOL_DEFINED_NON_SHARED_P (h) - && h->def_dynamic - && elf_has_indirect_extern_access (h->root.u.def.section->owner)) + && h->def_dynamic) { /* Disallow non-canonical reference to canonical protected function. */ @@ -3156,8 +3155,7 @@ elf_x86_64_relocate_section (bfd *output_bfd, || (h !=3D NULL && !h->root.linker_def && !h->root.ldscript_def - && eh->def_protected - && elf_has_no_copy_on_protected (h->root.u.def.section->owner))); + && eh->def_protected)); =20 if ((input_section->flags & SEC_ALLOC) !=3D 0 && (input_section->flags & SEC_READONLY) !=3D 0 @@ -4097,9 +4095,7 @@ elf_x86_64_relocate_section (bfd *output_bfd, { case R_X86_64_32S: sec =3D h->root.u.def.section; - if ((info->nocopyreloc - || (eh->def_protected - && elf_has_no_copy_on_protected (h->root.u.def.section->owner))) + if ((info->nocopyreloc || eh->def_protected) && !(h->root.u.def.section->flags & SEC_CODE)) return elf_x86_64_need_pic (info, input_bfd, input_section, h, NULL, NULL, howto); diff --git a/bfd/elfxx-x86.c b/bfd/elfxx-x86.c index 18f3d335458..7fb972752b3 100644 --- a/bfd/elfxx-x86.c +++ b/bfd/elfxx-x86.c @@ -524,8 +524,7 @@ elf_x86_allocate_dynrelocs (struct elf_link_hash_entry = *h, void *inf) { asection *sreloc; =20 - if (eh->def_protected - && elf_has_no_copy_on_protected (h->root.u.def.section->owner)) + if (eh->def_protected && bfd_link_executable (info)) { /* Disallow copy relocation against non-copyable protected symbol. */ @@ -3041,6 +3040,24 @@ _bfd_x86_elf_adjust_dynamic_symbol (struct bfd_link_= info *info, } if ((h->root.u.def.section->flags & SEC_ALLOC) !=3D 0 && h->size !=3D 0) { + if (eh->def_protected && bfd_link_executable (info)) + for (p =3D h->dyn_relocs; p !=3D NULL; p =3D p->next) + { + /* Disallow copy relocation against non-copyable protected + symbol. */ + s =3D p->sec->output_section; + if (s !=3D NULL && (s->flags & SEC_READONLY) !=3D 0) + { + info->callbacks->einfo + /* xgettext:c-format */ + (_("%F%P: %pB: copy relocation against non-copyable " + "protected symbol `%s' in %pB\n"), + p->sec->owner, h->root.root.string, + h->root.u.def.section->owner); + return false; + } + } + srel->size +=3D htab->sizeof_reloc; h->needs_copy =3D 1; } diff --git a/bfd/elfxx-x86.h b/bfd/elfxx-x86.h index 77fb1ad72bc..7d23893938c 100644 --- a/bfd/elfxx-x86.h +++ b/bfd/elfxx-x86.h @@ -135,12 +135,11 @@ =20 /* Should copy relocation be generated for a symbol. Don't generate copy relocation against a protected symbol defined in a shared - object with GNU_PROPERTY_NO_COPY_ON_PROTECTED. */ + object. */ #define SYMBOL_NO_COPYRELOC(INFO, EH) \ ((EH)->def_protected \ && ((EH)->elf.root.type =3D=3D bfd_link_hash_defined \ || (EH)->elf.root.type =3D=3D bfd_link_hash_defweak) \ - && elf_has_no_copy_on_protected ((EH)->elf.root.u.def.section->owner) \ && ((EH)->elf.root.u.def.section->owner->flags & DYNAMIC) !=3D 0 \ && ((EH)->elf.root.u.def.section->flags & SEC_CODE) =3D=3D 0) =20 diff --git a/ld/testsuite/ld-i386/i386.exp b/ld/testsuite/ld-i386/i386.exp index b4f7de49fd5..0ab9c001336 100644 --- a/ld/testsuite/ld-i386/i386.exp +++ b/ld/testsuite/ld-i386/i386.exp @@ -224,7 +224,7 @@ set i386tests { "--32 -mx86-used-note=3Dyes" {pr17709a.s} {} "libpr17709.so"} {"PR ld/17709 (2)" "-melf_i386 tmpdir/libpr17709.so" "" "--32 -mx86-used-note=3Dyes" - {pr17709b.s} {{readelf -r pr17709.rd}} "pr17709"} + {pr17709b.s} {{ld "pr17709.err"}} "pr17709"} {"Build pr19827a.o" "" "" "--32 -mx86-used-note=3Dyes" { pr19827a.S }} {"Build pr19827b.so" "-melf_i386 -shared" "" diff --git a/ld/testsuite/ld-i386/pr17709.err b/ld/testsuite/ld-i386/pr1770= 9.err new file mode 100644 index 00000000000..fa6a4bacce3 --- /dev/null +++ b/ld/testsuite/ld-i386/pr17709.err @@ -0,0 +1,2 @@ +.*: tmpdir/pr17709b.o: copy relocation against non-copyable protected symb= ol `foo' in tmpdir/libpr17709.so +#... diff --git a/ld/testsuite/ld-i386/pr17709.rd b/ld/testsuite/ld-i386/pr17709= .rd deleted file mode 100644 index 8414784b736..00000000000 --- a/ld/testsuite/ld-i386/pr17709.rd +++ /dev/null @@ -1,4 +0,0 @@ - -Relocation section '.rel\..*' at offset .* contains 1 entry: - Offset Info Type Sym\.Value Sym\. Name -[0-9a-f ]+R_386_COPY +[0-9a-f]+ +foo diff --git a/ld/testsuite/ld-x86-64/pr17709.err b/ld/testsuite/ld-x86-64/pr= 17709.err new file mode 100644 index 00000000000..fa6a4bacce3 --- /dev/null +++ b/ld/testsuite/ld-x86-64/pr17709.err @@ -0,0 +1,2 @@ +.*: tmpdir/pr17709b.o: copy relocation against non-copyable protected symb= ol `foo' in tmpdir/libpr17709.so +#... diff --git a/ld/testsuite/ld-x86-64/pr17709.rd b/ld/testsuite/ld-x86-64/pr1= 7709.rd deleted file mode 100644 index beffd3cb34c..00000000000 --- a/ld/testsuite/ld-x86-64/pr17709.rd +++ /dev/null @@ -1,4 +0,0 @@ - -Relocation section '.rela\..*' at offset .* contains 1 entry: - +Offset +Info +Type +Symbol's Value +Symbol's Name \+ Addend -[0-9a-f ]+R_X86_64_COPY+[0-9a-f ]+ +foo \+ 0 diff --git a/ld/testsuite/ld-x86-64/pr28875-func.err b/ld/testsuite/ld-x86-= 64/pr28875-func.err index 64e961cb3d4..f6f4658deaf 100644 --- a/ld/testsuite/ld-x86-64/pr28875-func.err +++ b/ld/testsuite/ld-x86-64/pr28875-func.err @@ -1,2 +1,2 @@ -.*: tmpdir/protected-func-1b.o: non-canonical reference to canonical prote= cted function `protected_func_1a' in tmpdir/libprotected-func-2b.so +.*: tmpdir/protected-func-1b.o: non-canonical reference to canonical prote= cted function `protected_func_1a' in tmpdir/libprotected-func-2..so #... diff --git a/ld/testsuite/ld-x86-64/x86-64.exp b/ld/testsuite/ld-x86-64/x86= -64.exp index a096c0b9d0f..e6a834a2a61 100644 --- a/ld/testsuite/ld-x86-64/x86-64.exp +++ b/ld/testsuite/ld-x86-64/x86-64.exp @@ -177,7 +177,7 @@ set x86_64tests { {"PR ld/17709 (1)" "-melf_x86_64 -shared" "" "--64" {pr17709a.s} {} "libpr17709.so"} {"PR ld/17709 (2)" "-melf_x86_64 tmpdir/libpr17709.so" "" - "--64" {pr17709b.s} {{readelf -rW pr17709.rd}} "pr17709"} + "--64" {pr17709b.s} {{ld "pr17709.err"}} "pr17709"} {"Build pr19827a.o" "" "" "--64" { pr19827a.S }} {"Build pr19827b.so" "-melf_x86_64 -shared" "" @@ -1383,6 +1383,22 @@ if { [isnative] && [check_compiler_available] } { {{error_output "pr28875-func.err"}} \ "protected-func-2" \ ] \ + [list \ + "Build libprotected-func-2c.so" \ + "-shared" \ + "-fPIC -Wa,-mx86-used-note=3Dyes" \ + { protected-func-2c.c } \ + {} \ + "libprotected-func-2c.so" \ + ] \ + [list \ + "Build protected-func-2a without PIE" \ + "$NOPIE_LDFLAGS -Wl,--no-as-needed tmpdir/libprotected-func-2c.so" \ + "$NOPIE_CFLAGS -Wa,-mx86-used-note=3Dyes" \ + { protected-func-1b.c } \ + {{error_output "pr28875-func.err"}} \ + "protected-func-2a" \ + ] \ [list \ "Build libprotected-data-1a.so" \ "-shared -z noindirect-extern-access" \