From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) by sourceware.org (Postfix) with ESMTPS id D44C13858438 for ; Mon, 18 Jul 2022 20:00:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org D44C13858438 Received: by mail-pl1-x62f.google.com with SMTP id j12so10025833plj.8 for ; Mon, 18 Jul 2022 13:00:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=xbJDe894eumorRFtng7efnUePLOBpjEXoG1wFaj1TXQ=; b=Tprr5SUcVMdj6WW5f6KYImihWZo11MBjcrmRCVFrxMZB1/6ecal4oSB9aABKiyma+S KP0/Cyd/M+tgOoTjPqnpWSzzjbgzV21jqyq2fasebf5Ru1ctIzyzHmfZei7N4v6R4Y0J 3V2+406rdvDI8CHGXQEHH+lbcXUHbger7BYV7tjAM73FPZI07X7p+OeLWDeAkwV4tLXn 9AUiCGf3cYoOPj7atBGkgs2TgWJS8Ygk14o1oepBXtStLvkheMneEUGuHdaD9fNxxOCi htv2jXlsRkgWW584PZZ0SIAdew89xGpWmsNYoNxWAor50iu0s6dVA0gZsXwWXFM/IoJz LIvw== X-Gm-Message-State: AJIora+bXK1ZP0cMGITE5T8MdPwMkaAGlgKVkxYaACLPafsE3jHdJx3n XUXFQJCZk1NPmdl+TebaYAtmqEvODZU= X-Google-Smtp-Source: AGRyM1vvgJivAOc+KEz8RBu2peQ6wido8Aa3yRp3FzyD7UvGM+TeFmjai66GDp4mjhFNZbphNSQqkw== X-Received: by 2002:a17:902:8605:b0:16b:e755:3c6e with SMTP id f5-20020a170902860500b0016be7553c6emr29666607plo.42.1658174439540; Mon, 18 Jul 2022 13:00:39 -0700 (PDT) Received: from gnu-tgl-3.localdomain ([172.58.37.102]) by smtp.gmail.com with ESMTPSA id s6-20020a170902a50600b0016784c93f23sm9809299plq.197.2022.07.18.13.00.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Jul 2022 13:00:38 -0700 (PDT) Received: from gnu-tgl-3.. (localhost [IPv6:::1]) by gnu-tgl-3.localdomain (Postfix) with ESMTP id C0328C0149 for ; Mon, 18 Jul 2022 13:00:37 -0700 (PDT) From: "H.J. Lu" To: binutils@sourceware.org Subject: [PATCH] x86: Properly check invalid relocation against protected symbol Date: Mon, 18 Jul 2022 13:00:37 -0700 Message-Id: <20220718200037.1129322-1-hjl.tools@gmail.com> X-Mailer: git-send-email 2.36.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3026.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, KAM_STOCKGEN, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jul 2022 20:00:42 -0000 Only check invalid relocation against protected symbol defined in shared object. bfd/ PR ld/29377 * elf32-i386.c (elf_i386_scan_relocs): Only check invalid relocation against protected symbol defined in shared object. * elf64-x86-64.c (elf_x86_64_scan_relocs): Likewise. ld/ PR ld/29377 * testsuite/ld-elf/linux-x86.exp: Run PR ld/29377 tests. * testsuite/ld-elf/pr29377a.c: New file. * testsuite/ld-elf/pr29377b.c: Likewise. --- bfd/elf32-i386.c | 2 ++ bfd/elf64-x86-64.c | 2 ++ ld/testsuite/ld-elf/linux-x86.exp | 16 ++++++++++++++++ ld/testsuite/ld-elf/pr29377a.c | 5 +++++ ld/testsuite/ld-elf/pr29377b.c | 10 ++++++++++ 5 files changed, 35 insertions(+) create mode 100644 ld/testsuite/ld-elf/pr29377a.c create mode 100644 ld/testsuite/ld-elf/pr29377b.c diff --git a/bfd/elf32-i386.c b/bfd/elf32-i386.c index e4106d9fd3b..3d39dc07fe0 100644 --- a/bfd/elf32-i386.c +++ b/bfd/elf32-i386.c @@ -1811,6 +1811,8 @@ elf_i386_scan_relocs (bfd *abfd, if (h->pointer_equality_needed && h->type == STT_FUNC && eh->def_protected + && !SYMBOL_DEFINED_NON_SHARED_P (h) + && h->def_dynamic && elf_has_indirect_extern_access (h->root.u.def.section->owner)) { /* Disallow non-canonical reference to canonical diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c index 6154a70bdd7..48ca6309d1b 100644 --- a/bfd/elf64-x86-64.c +++ b/bfd/elf64-x86-64.c @@ -2254,6 +2254,8 @@ elf_x86_64_scan_relocs (bfd *abfd, struct bfd_link_info *info, if (h->pointer_equality_needed && h->type == STT_FUNC && eh->def_protected + && !SYMBOL_DEFINED_NON_SHARED_P (h) + && h->def_dynamic && elf_has_indirect_extern_access (h->root.u.def.section->owner)) { /* Disallow non-canonical reference to canonical diff --git a/ld/testsuite/ld-elf/linux-x86.exp b/ld/testsuite/ld-elf/linux-x86.exp index 6035ecd6829..0f0a6f01ec0 100644 --- a/ld/testsuite/ld-elf/linux-x86.exp +++ b/ld/testsuite/ld-elf/linux-x86.exp @@ -134,6 +134,22 @@ run_cc_link_tests [list \ {{readelf {--dyn-syms -W} pr28158.rd} {nm -D pr28158.nd}} \ "pr28158" \ ] \ + [list \ + "Build pr29377.o" \ + "-r -Wl,-z,noexecstack" \ + "" \ + {pr29377a.c indirect-extern-access.S} \ + {} \ + "pr29377.o" \ + ] \ + [list \ + "Build pr29377" \ + "$NOPIE_LDFLAGS tmpdir/pr29377.o" \ + "-fPIC" \ + {pr29377b.c} \ + {} \ + "pr29377" \ + ] \ ] run_ld_link_exec_tests [list \ diff --git a/ld/testsuite/ld-elf/pr29377a.c b/ld/testsuite/ld-elf/pr29377a.c new file mode 100644 index 00000000000..41d9545e3bf --- /dev/null +++ b/ld/testsuite/ld-elf/pr29377a.c @@ -0,0 +1,5 @@ +__attribute__ ((visibility ("protected"))) +void +foo (void) +{ +} diff --git a/ld/testsuite/ld-elf/pr29377b.c b/ld/testsuite/ld-elf/pr29377b.c new file mode 100644 index 00000000000..3cf163b25b4 --- /dev/null +++ b/ld/testsuite/ld-elf/pr29377b.c @@ -0,0 +1,10 @@ +extern void foo (void); + +void (*foo_p) (void); + +int +main () +{ + foo_p = foo; + return 0; +} -- 2.36.1