[PATCH] RISC-V: Protect .got with relro

public inbox for binutils@sourceware.org
 help / color / mirror / Atom feed

* [PATCH] RISC-V: Protect .got with relro
@ 2023-09-25  8:19 Andreas Schwab
  2023-09-25  9:26 ` Palmer Dabbelt
  0 siblings, 1 reply; 5+ messages in thread
From: Andreas Schwab @ 2023-09-25  8:19 UTC (permalink / raw)
  To: binutils; +Cc: nelson, palmer

Move .got before .data so that it can be protected with -zrelro.  Also
separate .got.plt from .got if -znow is not in effect; the first two words
of .got.plt are placed within the relro region.

ld:
	PR ld/30877
	* emulparams/elf32lriscv-defs.sh (DATA_GOT, SEPARATE_GOTPLT):
	Define.
	* emulparams/elf64lriscv-defs.sh (SEPARATE_GOTPLT): Define.
---
 ld/emulparams/elf32lriscv-defs.sh | 4 ++++
 ld/emulparams/elf64lriscv-defs.sh | 1 +
 2 files changed, 5 insertions(+)

diff --git a/ld/emulparams/elf32lriscv-defs.sh b/ld/emulparams/elf32lriscv-defs.sh
index b823cedacab..016556168c3 100644
--- a/ld/emulparams/elf32lriscv-defs.sh
+++ b/ld/emulparams/elf32lriscv-defs.sh
@@ -47,3 +47,7 @@ INITIAL_READONLY_SECTIONS="${RELOCATING+${CREATE_SHLIB-${INITIAL_READONLY_SECTIO
 OTHER_END_SYMBOLS="${CREATE_SHLIB-__BSS_END__ = .;
     __global_pointer$ = MIN(__SDATA_BEGIN__ + 0x800,
 		            MAX(__DATA_BEGIN__ + 0x800, __BSS_END__ - 0x800));}"
+
+# Put .got before .data
+DATA_GOT=" "
+SEPARATE_GOTPLT="SIZEOF (.got.plt) >= 8 ? 8 : 0"
diff --git a/ld/emulparams/elf64lriscv-defs.sh b/ld/emulparams/elf64lriscv-defs.sh
index 84a700a5f58..ca15338428f 100644
--- a/ld/emulparams/elf64lriscv-defs.sh
+++ b/ld/emulparams/elf64lriscv-defs.sh
@@ -1,2 +1,3 @@
 source_sh ${srcdir}/emulparams/elf32lriscv-defs.sh
 ELFSIZE=64
+SEPARATE_GOTPLT="SIZEOF (.got.plt) >= 16 ? 16 : 0"
-- 
2.42.0


-- 
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] RISC-V: Protect .got with relro
  2023-09-25  8:19 [PATCH] RISC-V: Protect .got with relro Andreas Schwab
@ 2023-09-25  9:26 ` Palmer Dabbelt
  2023-09-25  9:47   ` Andreas Schwab
  0 siblings, 1 reply; 5+ messages in thread
From: Palmer Dabbelt @ 2023-09-25  9:26 UTC (permalink / raw)
  To: schwab; +Cc: binutils, nelson

On Mon, 25 Sep 2023 01:19:57 PDT (-0700), schwab@suse.de wrote:
> Move .got before .data so that it can be protected with -zrelro.  Also
> separate .got.plt from .got if -znow is not in effect; the first two words
> of .got.plt are placed within the relro region.
>
> ld:
> 	PR ld/30877
> 	* emulparams/elf32lriscv-defs.sh (DATA_GOT, SEPARATE_GOTPLT):
> 	Define.
> 	* emulparams/elf64lriscv-defs.sh (SEPARATE_GOTPLT): Define.
> ---
>  ld/emulparams/elf32lriscv-defs.sh | 4 ++++
>  ld/emulparams/elf64lriscv-defs.sh | 1 +
>  2 files changed, 5 insertions(+)
>
> diff --git a/ld/emulparams/elf32lriscv-defs.sh b/ld/emulparams/elf32lriscv-defs.sh
> index b823cedacab..016556168c3 100644
> --- a/ld/emulparams/elf32lriscv-defs.sh
> +++ b/ld/emulparams/elf32lriscv-defs.sh
> @@ -47,3 +47,7 @@ INITIAL_READONLY_SECTIONS="${RELOCATING+${CREATE_SHLIB-${INITIAL_READONLY_SECTIO
>  OTHER_END_SYMBOLS="${CREATE_SHLIB-__BSS_END__ = .;
>      __global_pointer$ = MIN(__SDATA_BEGIN__ + 0x800,
>  		            MAX(__DATA_BEGIN__ + 0x800, __BSS_END__ - 0x800));}"
> +
> +# Put .got before .data
> +DATA_GOT=" "
> +SEPARATE_GOTPLT="SIZEOF (.got.plt) >= 8 ? 8 : 0"
> diff --git a/ld/emulparams/elf64lriscv-defs.sh b/ld/emulparams/elf64lriscv-defs.sh
> index 84a700a5f58..ca15338428f 100644
> --- a/ld/emulparams/elf64lriscv-defs.sh
> +++ b/ld/emulparams/elf64lriscv-defs.sh
> @@ -1,2 +1,3 @@
>  source_sh ${srcdir}/emulparams/elf32lriscv-defs.sh
>  ELFSIZE=64
> +SEPARATE_GOTPLT="SIZEOF (.got.plt) >= 16 ? 16 : 0"

I think we also want something like this

diff --git a/ld/testsuite/ld-elf/binutils.exp b/ld/testsuite/ld-elf/binutils.exp
index 674e8e9a575..b38e29ed6fb 100644
--- a/ld/testsuite/ld-elf/binutils.exp
+++ b/ld/testsuite/ld-elf/binutils.exp
@@ -95,7 +95,6 @@ proc binutils_test { prog_name ld_options test {test_name ""} {readelf_options "
 			      || [istarget "mips*-*-*"] \
 			      || [istarget "nios2*-*-*"] \
 			      || [istarget "or1k-*-*"] \
-			      || [istarget "riscv*-*-*"] \
 			      || [istarget "sh*-*-*"] \
 			      || [istarget "x86_64-*-rdos*"])]
 	# Check if GNU_RELRO segment is generated.


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] RISC-V: Protect .got with relro
  2023-09-25  9:26 ` Palmer Dabbelt
@ 2023-09-25  9:47   ` Andreas Schwab
  2023-09-25  9:53     ` Palmer Dabbelt
  2023-09-27 21:55     ` Jeff Law
  0 siblings, 2 replies; 5+ messages in thread
From: Andreas Schwab @ 2023-09-25  9:47 UTC (permalink / raw)
  To: Palmer Dabbelt; +Cc: binutils, nelson

On Sep 25 2023, Palmer Dabbelt wrote:

> I think we also want something like this
>
> diff --git a/ld/testsuite/ld-elf/binutils.exp b/ld/testsuite/ld-elf/binutils.exp
> index 674e8e9a575..b38e29ed6fb 100644
> --- a/ld/testsuite/ld-elf/binutils.exp
> +++ b/ld/testsuite/ld-elf/binutils.exp
> @@ -95,7 +95,6 @@ proc binutils_test { prog_name ld_options test {test_name ""} {readelf_options "
> 			      || [istarget "mips*-*-*"] \
> 			      || [istarget "nios2*-*-*"] \
> 			      || [istarget "or1k-*-*"] \
> -			      || [istarget "riscv*-*-*"] \
> 			      || [istarget "sh*-*-*"] \
> 			      || [istarget "x86_64-*-rdos*"])]
> 	# Check if GNU_RELRO segment is generated.

Thanks, I will squash that in.

-- 
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] RISC-V: Protect .got with relro
  2023-09-25  9:47   ` Andreas Schwab
@ 2023-09-25  9:53     ` Palmer Dabbelt
  2023-09-27 21:55     ` Jeff Law
  1 sibling, 0 replies; 5+ messages in thread
From: Palmer Dabbelt @ 2023-09-25  9:53 UTC (permalink / raw)
  To: schwab; +Cc: binutils, nelson

On Mon, 25 Sep 2023 02:47:11 PDT (-0700), schwab@suse.de wrote:
> On Sep 25 2023, Palmer Dabbelt wrote:
>
>> I think we also want something like this
>>
>> diff --git a/ld/testsuite/ld-elf/binutils.exp b/ld/testsuite/ld-elf/binutils.exp
>> index 674e8e9a575..b38e29ed6fb 100644
>> --- a/ld/testsuite/ld-elf/binutils.exp
>> +++ b/ld/testsuite/ld-elf/binutils.exp
>> @@ -95,7 +95,6 @@ proc binutils_test { prog_name ld_options test {test_name ""} {readelf_options "
>> 			      || [istarget "mips*-*-*"] \
>> 			      || [istarget "nios2*-*-*"] \
>> 			      || [istarget "or1k-*-*"] \
>> -			      || [istarget "riscv*-*-*"] \
>> 			      || [istarget "sh*-*-*"] \
>> 			      || [istarget "x86_64-*-rdos*"])]
>> 	# Check if GNU_RELRO segment is generated.
>
> Thanks, I will squash that in.

Reviewed-by: Palmer Dabbelt <palmer@rivosinc.com>
Acked-by: Palmer Dabbelt <palmer@rivosinc.com>

Thanks!

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] RISC-V: Protect .got with relro
  2023-09-25  9:47   ` Andreas Schwab
  2023-09-25  9:53     ` Palmer Dabbelt
@ 2023-09-27 21:55     ` Jeff Law
  1 sibling, 0 replies; 5+ messages in thread
From: Jeff Law @ 2023-09-27 21:55 UTC (permalink / raw)
  To: Andreas Schwab, Palmer Dabbelt; +Cc: binutils, nelson



On 9/25/23 03:47, Andreas Schwab via Binutils wrote:
> On Sep 25 2023, Palmer Dabbelt wrote:
> 
>> I think we also want something like this
>>
>> diff --git a/ld/testsuite/ld-elf/binutils.exp b/ld/testsuite/ld-elf/binutils.exp
>> index 674e8e9a575..b38e29ed6fb 100644
>> --- a/ld/testsuite/ld-elf/binutils.exp
>> +++ b/ld/testsuite/ld-elf/binutils.exp
>> @@ -95,7 +95,6 @@ proc binutils_test { prog_name ld_options test {test_name ""} {readelf_options "
>> 			      || [istarget "mips*-*-*"] \
>> 			      || [istarget "nios2*-*-*"] \
>> 			      || [istarget "or1k-*-*"] \
>> -			      || [istarget "riscv*-*-*"] \
>> 			      || [istarget "sh*-*-*"] \
>> 			      || [istarget "x86_64-*-rdos*"])]
>> 	# Check if GNU_RELRO segment is generated.
> 
> Thanks, I will squash that in.
Thanks for taking care of the RELRO stuff.  One of the many items that 
could have easily slipped through the cracks.

jeff

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2023-09-27 21:55 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-09-25  8:19 [PATCH] RISC-V: Protect .got with relro Andreas Schwab
2023-09-25  9:26 ` Palmer Dabbelt
2023-09-25  9:47   ` Andreas Schwab
2023-09-25  9:53     ` Palmer Dabbelt
2023-09-27 21:55     ` Jeff Law

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).