From: Alan Modra <amodra@gmail.com>
To: binutils@sourceware.org
Subject: [PATCH 2/4] PR28824, relro security issues, x86 keep COMMONPAGESIZE relro
Date: Tue, 8 Feb 2022 11:38:31 +1030 [thread overview]
Message-ID: <20220208010833.2103874-3-amodra@gmail.com> (raw)
In-Reply-To: <20220208010833.2103874-1-amodra@gmail.com>
x86 treats MAXPAGESIZE as a memory optimisation parameter, actual
hardware paging is always COMMPAGESIZE of 4k. Use COMMONPAGESIZE for
the end of the relro segment alignment.
The previous patch regresses pr18176, increasing the testcase file
size from 322208 to 2099872 bytes. Fixing this on x86 will require
introducing a gap after the end of the relro segment (of up to
relropagesize-1 bytes).
PR 28824
PR 18176
* ld.h (ld_config_type): Add relro_use_commonpagesize field.
* ldexp.c (fold_segment_align): Set relropagesize depending on
relro_use_commonpagesize.
* emultempl/elf-x86.em (elf_x86_create_output_section_statements):
Set relro_use_commonpagesize.
* testsuite/ld-x86-64/pr18176.d: xfail.
diff --git a/ld/emultempl/elf-x86.em b/ld/emultempl/elf-x86.em
index f75521cecea..134e4e1b616 100644
--- a/ld/emultempl/elf-x86.em
+++ b/ld/emultempl/elf-x86.em
@@ -33,6 +33,7 @@ static struct elf_linker_x86_params params;
static void
elf_x86_create_output_section_statements (void)
{
+ config.relro_use_commonpagesize = true;
_bfd_elf_linker_x86_set_options (&link_info, ¶ms);
}
diff --git a/ld/ld.h b/ld/ld.h
index f3086bf30de..c7e4ca3d334 100644
--- a/ld/ld.h
+++ b/ld/ld.h
@@ -276,6 +276,10 @@ typedef struct
/* If set, code and non-code sections should never be in one segment. */
bool separate_code;
+ /* TRUE if the end of the relro segment should be aligned to
+ COMMONPAGESIZE rather than MAXPAGESIZE. */
+ bool relro_use_commonpagesize;
+
/* The rpath separation character. Usually ':'. */
char rpath_separator;
diff --git a/ld/ldexp.c b/ld/ldexp.c
index a38cec7829d..ab724074732 100644
--- a/ld/ldexp.c
+++ b/ld/ldexp.c
@@ -481,7 +481,10 @@ fold_segment_align (seg_align_type *seg, etree_value_type *lhs)
seg->base = expld.result.value;
seg->commonpagesize = commonpage;
seg->maxpagesize = maxpage;
- seg->relropagesize = maxpage;
+ if (config.relro_use_commonpagesize)
+ seg->relropagesize = commonpage;
+ else
+ seg->relropagesize = maxpage;
seg->relro_end = 0;
}
else
diff --git a/ld/testsuite/ld-x86-64/pr18176.d b/ld/testsuite/ld-x86-64/pr18176.d
index a99ff15ac6b..728c15a3dd8 100644
--- a/ld/testsuite/ld-x86-64/pr18176.d
+++ b/ld/testsuite/ld-x86-64/pr18176.d
@@ -3,6 +3,7 @@
#ld: -melf_x86_64 -shared -z relro -T pr18176.t -z max-page-size=0x200000 -z common-page-size=0x1000 $NO_DT_RELR_LDFLAGS
#readelf: -l --wide
#target: x86_64-*-linux*
+#xfail: *-*-*
#...
GNU_RELRO 0x04bd17 0x000000000024bd17 0x000000000024bd17 0x0022e9 0x0022e9 R 0x1
next prev parent reply other threads:[~2022-02-08 1:09 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-08 1:08 [PATCH 0/4] PR28824, relro security issues Alan Modra
2022-02-08 1:08 ` [PATCH 1/4] " Alan Modra
2022-02-08 1:08 ` Alan Modra [this message]
2022-02-14 2:18 ` [PATCH 2/4] PR28824, relro security issues, x86 keep COMMONPAGESIZE relro Alan Modra
2022-02-14 3:13 ` H.J. Lu
2022-02-08 1:08 ` [PATCH 3/4] Remove bfd ELF_RELROPAGESIZE Alan Modra
2022-02-08 1:08 ` [PATCH 4/4] Don't pass around expld.dataseg pointer Alan Modra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220208010833.2103874-3-amodra@gmail.com \
--to=amodra@gmail.com \
--cc=binutils@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).