From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.111.102]) by sourceware.org (Postfix) with ESMTPS id 2DBFC3857805 for ; Tue, 26 Apr 2022 13:56:34 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 2DBFC3857805 Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04lp2059.outbound.protection.outlook.com [104.47.13.59]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-6-wpikLGJCM666n6cv3TAB1Q-1; Tue, 26 Apr 2022 15:56:31 +0200 X-MC-Unique: wpikLGJCM666n6cv3TAB1Q-1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hmz+NO5quQViNxz+SR9GmpimG+xrlS7SLXPvIeFvkL7JOMO8on/OB45+2gwUXDgj6YEJeVBejfpfDqFTESGUuJn2X5fGQrDl8tOgzsnKktYgBwshEQsTDRHG6yosA3KtGikXcZXIAnQo3QG5L3eWOqYnoGL5FNagAP7A+KRq3jwvKAE7q5Lg8lmgzodavwbfFm9eT5fewyVixtFV8VpcpKkLFWY+RWu3Gw+1BS55ZNJCnsVG0Y7Z7teQVrt8ZYa3todJX4QhEvMDwhSniIwIOWa+ogc0kDrKOIjlCVgnJz9vXE71mHS5G9IBFjpva1UJBTvSE8nVNtug9SeeoLoZ3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=URWXLxofTIzYGtBhHefZ5viKDiQt9D56hwSNM0UCmxo=; b=mLVSnqg93frLsHyMuyJijj0f7YwNu8juzqAFL7LS/B6rdFonkUi7/NK1hrltOvzeDhoRpewlNJ4vl/TGsOA3Myze7D/mNaKBPWdjSUQMDInCki8AFGjcseDT8CCo9cFE6nGRZOCIU0nWvkNbPUJWZBlO6mz5L9gTUOWNCblQnjn/pkeMfCXuHOZzhLM/Elnjxq8q+0NI6DFgjJxb3ng3561Q0JRUhXe/AG7zmz8sVUgwMdNUocN6lqp3W4mg73IBumSteyzNm1dnUc6ue+x0PQRjz2jHcFws5DMvF2kPSKIEo+p9w40LjPFaI/NpG77HSh1xA5ljrsEqsmvm96fTTQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none Received: from DU2PR04MB8616.eurprd04.prod.outlook.com (2603:10a6:10:2db::16) by VI1PR04MB5806.eurprd04.prod.outlook.com (2603:10a6:803:e8::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.21; Tue, 26 Apr 2022 13:56:30 +0000 Received: from DU2PR04MB8616.eurprd04.prod.outlook.com ([fe80::5cb0:5195:4203:7c2f]) by DU2PR04MB8616.eurprd04.prod.outlook.com ([fe80::5cb0:5195:4203:7c2f%9]) with mapi id 15.20.5186.021; Tue, 26 Apr 2022 13:56:30 +0000 Message-ID: Date: Tue, 26 Apr 2022 15:56:28 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1 Subject: Re: RFC: Add a linker warning when creating segments with RWX permissions Content-Language: en-US To: Nick Clifton References: <878rrsw074.fsf@redhat.com> Cc: binutils@sourceware.org From: Jan Beulich In-Reply-To: <878rrsw074.fsf@redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-ClientProxiedBy: AS8PR07CA0003.eurprd07.prod.outlook.com (2603:10a6:20b:451::18) To DU2PR04MB8616.eurprd04.prod.outlook.com (2603:10a6:10:2db::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 6a7651f4-b6e4-4e1c-eda8-08da278c907c X-MS-TrafficTypeDiagnostic: VI1PR04MB5806:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 06tME3Cd05lP/bRCqA2yRzJREB2YVisJeKtLR8SH+O7OJlYPPqT+s8ePP8iW/Fzfx4yUxBeuHyUtqrllXfha3+sgbT+BUi8b6tvjnoEXtlUaaZy30TRq/lUvs8Imf3OU1H8R7J/lt8y8YcMvZWvRu80gRkLP7RVc4rKNW6/9KvTIlF3I0rUDtWtbiiylxGKB7/L+itdNQ5iS8Nqztew5MtiEvHagm4UTG3e4ZPxH8QV4LfVPomUuYyBNd5wWBAvsjIis22vQIyy8Htnzmeej0jVgXOj2PC/OgCY0omcJmNc/rriBtCi+UZ3JMY6O/1WjLIrpSE1E8tyUPPFsnZ1n6FLk5YRvTGQZiWJrr68xgC6+mUbK0lifS0hszlFDABMikgGpByEjmY4zcb7y+hozCRVfSLsbPOQ3qHo36Eo8qIxSBqoKjR3yHIZb4DupjKlfkjoXNgGqm7c65kP4epRQ/w+YDG82wNjijT6M7o1NYZfpS/62SxeGV0Z1Yug2Duoh+DCE3ZPmPpI4wtNj2gBmCXjFu3w6SP8dLrTuVvULkzpJXwbgI3OnGN3t3dHVoISR9pndgdO3B9N3tyaZ563ldkMbLqxwHNHUgEHpS1UCGsLWiJqUDkDSQm2ItO1W205jjEG5f/cxVWJ2BC3iGoAJURIEUs55wLsMKzk8udewm8/jYxzXlBf+f+UoAJB8D8+pZlrSWeK8pALe69GY6GM6RNIWPKlIhlRBs5rrSS2UALIVXzrRfLtaGqZIPGYWlDXx X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU2PR04MB8616.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(316002)(66476007)(26005)(66946007)(66556008)(6486002)(83380400001)(508600001)(6506007)(6512007)(2616005)(38100700002)(53546011)(6916009)(86362001)(31696002)(186003)(5660300002)(2906002)(8936002)(31686004)(36756003)(8676002)(4326008)(45980500001)(43740500002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?NmExRk9CSnovcitnVEE0ZjBoVWJreGpvZGJLc0hpbGRsUGx1TVl3NGxGR2E4?= =?utf-8?B?c2JaR1pUNjFPUzZZdWhZbU1xYTBUTHlMSllJWVpBOEo2WnVuRlU3bjVtVVll?= =?utf-8?B?OGFVVmttRE9hSE1CWERIZnZodEdhN3hvQjhHT0t1RG94cjdUckowV1VSaUJN?= =?utf-8?B?NTlTYzlGR1ltUVVhdnZiK2F3ZkFvZStCZ2NHVm5wV3RWV2tUQ3pReTFjd2hk?= =?utf-8?B?M1lzM0lSMlRVeTdGYStJQXpWZTk0WkVKVlZhb2hwQlVBbmVwZEc1RDZiMVFu?= =?utf-8?B?aytrRU9qUUhaRnJQWm56ekNIQUFOYlRFZDZCcW5wVHRoQzNPZnFkbVBqSWQ0?= =?utf-8?B?OFVpbzdtSXZXK2R2WXdoa294cDgvZDVrSGNmVUV6VmpPMVJNSjg0VDFqcGkw?= =?utf-8?B?aWRYdHNSODY1bE10U2JoWk0vQWJjZ05wekcyOWNqUm1FK0N4ZVFGMWgrdE5q?= =?utf-8?B?SStxTk81NDNtbHpSL3VTYzhWdGx4TUoxNDEzN1d3bkFLb0Vxb1gwemhRSy9t?= =?utf-8?B?T1BvS05qWURRcVpEUFRSQi9lTVpOWDUxc3RoL3R1eXN0RU4zaGpENUtrdGNz?= =?utf-8?B?Q2FtajJkRVVCV0hSSVZDZnc2L1R2aXU4VFZOYWs3TERwWG9QYkozek4vZjVH?= =?utf-8?B?aUZSUlFOdC9aNndFU0dkRTd3MHltMDZpaGFxK1FEeUEwZENqSktCa3ZxOUFi?= =?utf-8?B?Ujh1TFVKdEE4b2hBcnJGRStoUTY3UWFrbEZNUlVpZUVEVWFscXJCTElNekRS?= =?utf-8?B?cXpBMENIWk53QXpUMkIvbUUrTU9sYm1wRkxxUFY3N2t4WFpmS3hlVlRkZTd4?= =?utf-8?B?SGh6VW9DclplNVhRZ0N3T2N2dUQ4U1FhZ3c5dWxJcmR1K0FEalNBQlZib0Y3?= =?utf-8?B?SEFMVzI5M2ZtcGVnSU1zU3RZTUF3bVRYQno1V0F6MDZQelRxYlhabk53Ri90?= =?utf-8?B?d2NiS3lkZXFNV0ZMTi9RQ0cvMFhHTDdWcXhUZ2RPbGsraCtkODgxMnphL0tQ?= =?utf-8?B?Q1FoV09zeVFLcHp2WngxWTQvQ1JGaHZBYXM1MWd3ejFmQ0U5eG85eFVaeWdE?= =?utf-8?B?TDhkRjJnVGZ4YTcweVZxRHlBLy8yRGJSN09lZDZHeUFHaVNhazN3K1NjVHhj?= =?utf-8?B?TDZHMTZGdE5NRVZTd2xQc0xJQmh0aVZjMytoUkVYcE5pb2JMVjYyQUFWYzVL?= =?utf-8?B?a0Nva0JKdGxEWXUvVGZCU1VkR1l0ZThwZUVqZkNtMEY2WnVrNU8vTDZQQXJm?= =?utf-8?B?eDRUdGhQK1VBOHdqZ3YvQkJqc3gyUE5MU2hkRG1HM29FZ0hpVEpDdEE2UHFl?= =?utf-8?B?Q1d4eU5jenZVTTQ1Rkd6Y05BbkphdXZFVDI5a1RyVHZpd0ZNTEJycWdKZTZJ?= =?utf-8?B?SithOWR4cFd2Q2dxMmdCeXNFMFBQYjRqTzR2MCtoU1FiOVg3VTIzbEZUS2N1?= =?utf-8?B?L3ZETExzZVNudnZQMENaZzBmR2dKdnllNFl2d1hOV252UTJtajBaeG56TVdF?= =?utf-8?B?OUZOMjBrWTNkRkorUStldGpISVhjbkI1NlNpTzIvNzloMHErT2NrTnpPS290?= =?utf-8?B?V2hWaHdOMTVwenNBVCttZlk1N2wyYURkVXVJOWlldGhUdExMWVpOK1R6bWNm?= =?utf-8?B?RkZPd0RKOU5JbWVjLzdSLzNhbzM3OUZKVS9Cd1d5Um1PN2tSSU9DUUVnY0RF?= =?utf-8?B?Y2d6eUxpeDg4OHpocVhxQkR3Yy9RUWdTYzJaQUNSN0NkbGpFTEdXZ2RTL09U?= =?utf-8?B?ZXdzb1BFN2M1MkZISWN4bFZHcjE5QXY5a3ZXQ0lzK2poZllvZ2k0eUNGaVUw?= =?utf-8?B?MzJJYy9GQlRyY1lRMzVsMlhWbVZTaVdKRHJaVFJzM0d3S2RjN3RjZlNBcHZw?= =?utf-8?B?cWxSL2loamRyMEgvaWFOTmpKWGZYNDRwRjhRSW9xMU5tMWNORzRrUG1nVVNz?= =?utf-8?B?S0c0ZUtLaTZ2YWRNUUNVRFRDVUQ3VjM1ejhGUzA0WGFXM1ZQSUQ3SGNqVGxU?= =?utf-8?B?QkN4NFY4YXdyQTNWeFh0L0dHS01wUytZS25NU0tTTHdZQW5DNUZtU1VVd1Qv?= =?utf-8?B?SXhYOFdVVEpuc0t0R21DbnYrcnVDNDFxZkd4bWY4dkhoWlNERWNMTjNNUmRO?= =?utf-8?B?UVV4cTJmU24rSUV2OVRpNGtWNzFObmR5NEJFVDFKdTZMK25kV29BRU94THRw?= =?utf-8?B?QlN4RG1ZUXNnd2dBTXZLREtMNmFZb3BYbGZXcnpmckN0R0pCQVZGVkdEcGds?= =?utf-8?B?VzB5NGp1bVVBZFkxZEV0bmRpeGFUNVhUUmc2WGpiOCt5TEN5TS9oSERQbkRh?= =?utf-8?B?VlRzVWQ5L0ErNVA4UEMzZGQzdnNocG81cmlMdXhlSVBDakFoczZCQT09?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6a7651f4-b6e4-4e1c-eda8-08da278c907c X-MS-Exchange-CrossTenant-AuthSource: DU2PR04MB8616.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Apr 2022 13:56:30.1232 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 5kQRo4D78lJCOz9Tl2cplJEtDMEvVySOwjU//3/GpheRsnDYvFU9GkXJoQf5vc15kKekdOCFBiCy2J9cEp8L5Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB5806 X-Spam-Status: No, score=-3032.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Apr 2022 13:56:35 -0000 On 26.04.2022 13:31, Nick Clifton via Binutils wrote: > --- a/bfd/elfcode.h > +++ b/bfd/elfcode.h > @@ -388,6 +388,13 @@ elf_swap_phdr_in (bfd *abfd, > dst->p_align = H_GET_WORD (abfd, src->p_align); > } > > +static inline bool > +is_memory_resident (const Elf_Internal_Phdr *src) > +{ > + /* FIXME: Should we return true for PT_TLS segments ? */ > + return src->p_type == PT_LOAD; > +} I think for PT_TLS you would want to warn if X is set, no matter whether R and W are also both set? > @@ -399,6 +406,27 @@ elf_swap_phdr_out (bfd *abfd, > bed = get_elf_backend_data (abfd); > p_paddr = bed->want_p_paddr_set_to_zero ? 0 : src->p_paddr; > > + /* Memory resident segments with non-zero size and RWX permissions are a > + security risk, so we generate a warning here if we are creating any. > + > + We suppress the warning if there is only one memory resident segment > + however. This is an an assist for simple programs that do not separate > + code and data segments or linker scrips that only define one program > + header. Whilst this is not ideal - even those simple programs will be > + vulnerable - the most likely sceanario is that these programs are test > + code and not real apps. */ > + if (src->p_memsz > 0 && is_memory_resident (src)) > + { > + static unsigned int seen = 0; > + > + if (++ seen > 1) > + { > + if ((src->p_flags & (PF_R | PF_W | PF_X)) == (PF_R | PF_W | PF_X)) > + _bfd_error_handler (_("warning: %pB has a segment with RWX permissions"), > + abfd); > + } > + } How would one go about silencing this warning without splitting the segment? Kernels and alike are likely to have such without this necessarily being a security risk (eg when this is code/data which is discarded post-init). I guess that's somewhat similar to PT_GNU_RELRO, which you also don't check, presumably because at runtime W will be gone for it. Jan