public inbox for binutils-cvs@sourceware.org
help / color / mirror / Atom feed
* [binutils-gdb/binutils-2_39-branch] x86: Disallow invalid relocations against protected symbols
@ 2022-07-25 17:24 H.J. Lu
0 siblings, 0 replies; only message in thread
From: H.J. Lu @ 2022-07-25 17:24 UTC (permalink / raw)
To: bfd-cvs
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=fc69c7e989d531c95c686ce2bed3d3f89c33c142
commit fc69c7e989d531c95c686ce2bed3d3f89c33c142
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Mon Jul 18 18:24:26 2022 -0700
x86: Disallow invalid relocations against protected symbols
Since glibc 2.36 will issue warnings for copy relocation against
protected symbols and non-canonical reference to canonical protected
functions, change the linker to always disallow such relocations.
bfd/
* elf32-i386.c (elf_i386_scan_relocs): Remove check for
elf_has_indirect_extern_access.
* elf64-x86-64.c (elf_x86_64_scan_relocs): Likewise.
(elf_x86_64_relocate_section): Remove check for
elf_has_no_copy_on_protected.
* elfxx-x86.c (elf_x86_allocate_dynrelocs): Check for building
executable instead of elf_has_no_copy_on_protected.
(_bfd_x86_elf_adjust_dynamic_symbol): Disallow copy relocation
against non-copyable protected symbol.
* elfxx-x86.h (SYMBOL_NO_COPYRELOC): Remove check for
elf_has_no_copy_on_protected.
ld/
* testsuite/ld-i386/i386.exp: Expect linker error for PR ld/17709
test.
* testsuite/ld-i386/pr17709.rd: Removed.
* testsuite/ld-i386/pr17709.err: New file.
* testsuite/ld-x86-64/pr17709.rd: Removed.
* testsuite/ld-x86-64/pr17709.err: New file.
* testsuite/ld-x86-64/pr28875-func.err: Updated.
* testsuite/ld-x86-64/x86-64.exp: Expect linker error for PR
ld/17709 test. Add tests for function pointer against protected
function.
(cherry picked from commit f638657759f5b9b4eb31a1aa6b9fe6e6fb01f4a0)
Diff:
---
bfd/elf32-i386.c | 3 +--
bfd/elf64-x86-64.c | 10 +++-------
bfd/elfxx-x86.c | 21 +++++++++++++++++++--
bfd/elfxx-x86.h | 3 +--
ld/testsuite/ld-i386/i386.exp | 2 +-
ld/testsuite/ld-i386/pr17709.err | 2 ++
ld/testsuite/ld-i386/pr17709.rd | 4 ----
ld/testsuite/ld-x86-64/pr17709.err | 2 ++
ld/testsuite/ld-x86-64/pr17709.rd | 4 ----
ld/testsuite/ld-x86-64/pr28875-func.err | 2 +-
ld/testsuite/ld-x86-64/x86-64.exp | 18 +++++++++++++++++-
11 files changed, 47 insertions(+), 24 deletions(-)
diff --git a/bfd/elf32-i386.c b/bfd/elf32-i386.c
index 4bcb06b0030..52b1db44546 100644
--- a/bfd/elf32-i386.c
+++ b/bfd/elf32-i386.c
@@ -1812,8 +1812,7 @@ elf_i386_scan_relocs (bfd *abfd,
&& h->type == STT_FUNC
&& eh->def_protected
&& !SYMBOL_DEFINED_NON_SHARED_P (h)
- && h->def_dynamic
- && elf_has_indirect_extern_access (h->root.u.def.section->owner))
+ && h->def_dynamic)
{
/* Disallow non-canonical reference to canonical
protected function. */
diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c
index 3abc68a4127..62a9a22317a 100644
--- a/bfd/elf64-x86-64.c
+++ b/bfd/elf64-x86-64.c
@@ -2255,8 +2255,7 @@ elf_x86_64_scan_relocs (bfd *abfd, struct bfd_link_info *info,
&& h->type == STT_FUNC
&& eh->def_protected
&& !SYMBOL_DEFINED_NON_SHARED_P (h)
- && h->def_dynamic
- && elf_has_indirect_extern_access (h->root.u.def.section->owner))
+ && h->def_dynamic)
{
/* Disallow non-canonical reference to canonical
protected function. */
@@ -3156,8 +3155,7 @@ elf_x86_64_relocate_section (bfd *output_bfd,
|| (h != NULL
&& !h->root.linker_def
&& !h->root.ldscript_def
- && eh->def_protected
- && elf_has_no_copy_on_protected (h->root.u.def.section->owner)));
+ && eh->def_protected));
if ((input_section->flags & SEC_ALLOC) != 0
&& (input_section->flags & SEC_READONLY) != 0
@@ -4097,9 +4095,7 @@ elf_x86_64_relocate_section (bfd *output_bfd,
{
case R_X86_64_32S:
sec = h->root.u.def.section;
- if ((info->nocopyreloc
- || (eh->def_protected
- && elf_has_no_copy_on_protected (h->root.u.def.section->owner)))
+ if ((info->nocopyreloc || eh->def_protected)
&& !(h->root.u.def.section->flags & SEC_CODE))
return elf_x86_64_need_pic (info, input_bfd, input_section,
h, NULL, NULL, howto);
diff --git a/bfd/elfxx-x86.c b/bfd/elfxx-x86.c
index 18f3d335458..7fb972752b3 100644
--- a/bfd/elfxx-x86.c
+++ b/bfd/elfxx-x86.c
@@ -524,8 +524,7 @@ elf_x86_allocate_dynrelocs (struct elf_link_hash_entry *h, void *inf)
{
asection *sreloc;
- if (eh->def_protected
- && elf_has_no_copy_on_protected (h->root.u.def.section->owner))
+ if (eh->def_protected && bfd_link_executable (info))
{
/* Disallow copy relocation against non-copyable protected
symbol. */
@@ -3041,6 +3040,24 @@ _bfd_x86_elf_adjust_dynamic_symbol (struct bfd_link_info *info,
}
if ((h->root.u.def.section->flags & SEC_ALLOC) != 0 && h->size != 0)
{
+ if (eh->def_protected && bfd_link_executable (info))
+ for (p = h->dyn_relocs; p != NULL; p = p->next)
+ {
+ /* Disallow copy relocation against non-copyable protected
+ symbol. */
+ s = p->sec->output_section;
+ if (s != NULL && (s->flags & SEC_READONLY) != 0)
+ {
+ info->callbacks->einfo
+ /* xgettext:c-format */
+ (_("%F%P: %pB: copy relocation against non-copyable "
+ "protected symbol `%s' in %pB\n"),
+ p->sec->owner, h->root.root.string,
+ h->root.u.def.section->owner);
+ return false;
+ }
+ }
+
srel->size += htab->sizeof_reloc;
h->needs_copy = 1;
}
diff --git a/bfd/elfxx-x86.h b/bfd/elfxx-x86.h
index 77fb1ad72bc..7d23893938c 100644
--- a/bfd/elfxx-x86.h
+++ b/bfd/elfxx-x86.h
@@ -135,12 +135,11 @@
/* Should copy relocation be generated for a symbol. Don't generate
copy relocation against a protected symbol defined in a shared
- object with GNU_PROPERTY_NO_COPY_ON_PROTECTED. */
+ object. */
#define SYMBOL_NO_COPYRELOC(INFO, EH) \
((EH)->def_protected \
&& ((EH)->elf.root.type == bfd_link_hash_defined \
|| (EH)->elf.root.type == bfd_link_hash_defweak) \
- && elf_has_no_copy_on_protected ((EH)->elf.root.u.def.section->owner) \
&& ((EH)->elf.root.u.def.section->owner->flags & DYNAMIC) != 0 \
&& ((EH)->elf.root.u.def.section->flags & SEC_CODE) == 0)
diff --git a/ld/testsuite/ld-i386/i386.exp b/ld/testsuite/ld-i386/i386.exp
index b4f7de49fd5..0ab9c001336 100644
--- a/ld/testsuite/ld-i386/i386.exp
+++ b/ld/testsuite/ld-i386/i386.exp
@@ -224,7 +224,7 @@ set i386tests {
"--32 -mx86-used-note=yes" {pr17709a.s} {} "libpr17709.so"}
{"PR ld/17709 (2)" "-melf_i386 tmpdir/libpr17709.so" ""
"--32 -mx86-used-note=yes"
- {pr17709b.s} {{readelf -r pr17709.rd}} "pr17709"}
+ {pr17709b.s} {{ld "pr17709.err"}} "pr17709"}
{"Build pr19827a.o" "" ""
"--32 -mx86-used-note=yes" { pr19827a.S }}
{"Build pr19827b.so" "-melf_i386 -shared" ""
diff --git a/ld/testsuite/ld-i386/pr17709.err b/ld/testsuite/ld-i386/pr17709.err
new file mode 100644
index 00000000000..fa6a4bacce3
--- /dev/null
+++ b/ld/testsuite/ld-i386/pr17709.err
@@ -0,0 +1,2 @@
+.*: tmpdir/pr17709b.o: copy relocation against non-copyable protected symbol `foo' in tmpdir/libpr17709.so
+#...
diff --git a/ld/testsuite/ld-i386/pr17709.rd b/ld/testsuite/ld-i386/pr17709.rd
deleted file mode 100644
index 8414784b736..00000000000
--- a/ld/testsuite/ld-i386/pr17709.rd
+++ /dev/null
@@ -1,4 +0,0 @@
-
-Relocation section '.rel\..*' at offset .* contains 1 entry:
- Offset Info Type Sym\.Value Sym\. Name
-[0-9a-f ]+R_386_COPY +[0-9a-f]+ +foo
diff --git a/ld/testsuite/ld-x86-64/pr17709.err b/ld/testsuite/ld-x86-64/pr17709.err
new file mode 100644
index 00000000000..fa6a4bacce3
--- /dev/null
+++ b/ld/testsuite/ld-x86-64/pr17709.err
@@ -0,0 +1,2 @@
+.*: tmpdir/pr17709b.o: copy relocation against non-copyable protected symbol `foo' in tmpdir/libpr17709.so
+#...
diff --git a/ld/testsuite/ld-x86-64/pr17709.rd b/ld/testsuite/ld-x86-64/pr17709.rd
deleted file mode 100644
index beffd3cb34c..00000000000
--- a/ld/testsuite/ld-x86-64/pr17709.rd
+++ /dev/null
@@ -1,4 +0,0 @@
-
-Relocation section '.rela\..*' at offset .* contains 1 entry:
- +Offset +Info +Type +Symbol's Value +Symbol's Name \+ Addend
-[0-9a-f ]+R_X86_64_COPY+[0-9a-f ]+ +foo \+ 0
diff --git a/ld/testsuite/ld-x86-64/pr28875-func.err b/ld/testsuite/ld-x86-64/pr28875-func.err
index 64e961cb3d4..f6f4658deaf 100644
--- a/ld/testsuite/ld-x86-64/pr28875-func.err
+++ b/ld/testsuite/ld-x86-64/pr28875-func.err
@@ -1,2 +1,2 @@
-.*: tmpdir/protected-func-1b.o: non-canonical reference to canonical protected function `protected_func_1a' in tmpdir/libprotected-func-2b.so
+.*: tmpdir/protected-func-1b.o: non-canonical reference to canonical protected function `protected_func_1a' in tmpdir/libprotected-func-2..so
#...
diff --git a/ld/testsuite/ld-x86-64/x86-64.exp b/ld/testsuite/ld-x86-64/x86-64.exp
index a096c0b9d0f..e6a834a2a61 100644
--- a/ld/testsuite/ld-x86-64/x86-64.exp
+++ b/ld/testsuite/ld-x86-64/x86-64.exp
@@ -177,7 +177,7 @@ set x86_64tests {
{"PR ld/17709 (1)" "-melf_x86_64 -shared" ""
"--64" {pr17709a.s} {} "libpr17709.so"}
{"PR ld/17709 (2)" "-melf_x86_64 tmpdir/libpr17709.so" ""
- "--64" {pr17709b.s} {{readelf -rW pr17709.rd}} "pr17709"}
+ "--64" {pr17709b.s} {{ld "pr17709.err"}} "pr17709"}
{"Build pr19827a.o" "" ""
"--64" { pr19827a.S }}
{"Build pr19827b.so" "-melf_x86_64 -shared" ""
@@ -1383,6 +1383,22 @@ if { [isnative] && [check_compiler_available] } {
{{error_output "pr28875-func.err"}} \
"protected-func-2" \
] \
+ [list \
+ "Build libprotected-func-2c.so" \
+ "-shared" \
+ "-fPIC -Wa,-mx86-used-note=yes" \
+ { protected-func-2c.c } \
+ {} \
+ "libprotected-func-2c.so" \
+ ] \
+ [list \
+ "Build protected-func-2a without PIE" \
+ "$NOPIE_LDFLAGS -Wl,--no-as-needed tmpdir/libprotected-func-2c.so" \
+ "$NOPIE_CFLAGS -Wa,-mx86-used-note=yes" \
+ { protected-func-1b.c } \
+ {{error_output "pr28875-func.err"}} \
+ "protected-func-2a" \
+ ] \
[list \
"Build libprotected-data-1a.so" \
"-shared -z noindirect-extern-access" \
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-07-25 17:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-25 17:24 [binutils-gdb/binutils-2_39-branch] x86: Disallow invalid relocations against protected symbols H.J. Lu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).