From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 23947 invoked by alias); 30 Jul 2007 19:15:23 -0000 Received: (qmail 23938 invoked by uid 22791); 30 Jul 2007 19:15:22 -0000 X-Spam-Check-By: sourceware.org Received: from sunsite.ms.mff.cuni.cz (HELO sunsite.mff.cuni.cz) (195.113.15.26) by sourceware.org (qpsmtpd/0.31) with ESMTP; Mon, 30 Jul 2007 19:15:12 +0000 Received: from sunsite.mff.cuni.cz (localhost.localdomain [127.0.0.1]) by sunsite.mff.cuni.cz (8.13.8/8.13.8) with ESMTP id l6UJJtI9002623 for ; Mon, 30 Jul 2007 21:19:55 +0200 Received: (from jakub@localhost) by sunsite.mff.cuni.cz (8.13.8/8.13.8/Submit) id l6UJJt9c002622 for binutils@sourceware.org; Mon, 30 Jul 2007 21:19:55 +0200 Date: Tue, 31 Jul 2007 03:02:00 -0000 From: Jakub Jelinek To: binutils@sourceware.org Subject: Re: better detection of old powerpc bss-plt objects Message-ID: <20070730191954.GX4603@sunsite.mff.cuni.cz> Reply-To: Jakub Jelinek References: <20070511063737.GB12499@bubble.grove.modra.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070511063737.GB12499@bubble.grove.modra.org> User-Agent: Mutt/1.4.2.2i Mailing-List: contact binutils-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: binutils-owner@sourceware.org X-SW-Source: 2007-07/txt/msg00537.txt.bz2 On Fri, May 11, 2007 at 04:07:37PM +0930, Alan Modra wrote: > This patch fixes an irritating feature of the powerpc linker in that > secure-plt is only available on detecting relocs generated by a newer > gcc with -fpic or -fPIC. This isn't a big deal since secure-plt is > aimed squarely at people who will be using pie executables, however, > there is no real reason a non-pic executable should be forced into > using the old bss-plt. > > I also improve the detection of old object files by requiring REL16 > relocs to appear in the same object file as PLTREL24 rather than just > somewhere in the input. This should help in cases where people mix > old-style object files that make PLT calls but don't happen to use the > GOT, with new style libraries or other object files. Without an > old-style GOT pointer code sequence the linker wouldn't force > bss-plt, and the new plt call stubs would segfault since they require > a GOT pointer. After this change executables with all objects built with -msecure-plt (that's what we default in gcc for quite some time on ppc32), as an example e.g. coreutils, but even int main () { return 0; } will do, are suddenly using BSS PLT rather than the new secure PLT. That has bad consequences with SELinux, all such binaries are causing execmod audit messages when non-enforcing or will not run at all when enforcing. Was that just unintended side-effect of this patch, or do you want gcc built with --enable-secure-plt pass --secure-plt to ld unless -mbss-plt (and --disable-secure-plt gcc pass --secure-plt when -msecure-plt)? Jakub