[glibc] elf: Refine direct extern access diagnostics to protected symbol

[Fangrui Song <maskray@sourceware.org>]

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7374c02b683b7110b853a32496a619410364d70b

commit 7374c02b683b7110b853a32496a619410364d70b
Author: Fangrui Song <maskray@google.com>
Date:   Tue Jun 14 13:07:27 2022 -0700

    elf: Refine direct extern access diagnostics to protected symbol
    
    Refine commit 349b0441dab375099b1d7f6909c1742286a67da9:
    
    1. Copy relocations for extern protected data do not work properly,
    regardless whether GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS is used.
    It makes sense to produce a warning unconditionally.
    
    2. Non-zero value of an undefined function symbol may break pointer
    equality, but may be benign in many cases (many programs don't take the
    address in the shared object then compare it with the address in the
    executable).  Reword the diagnostic to be clearer.
    
    3. Remove the unneeded condition !(undef_map->l_1_needed &
    GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS). If the executable does
    not not have GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (can only
    occur in error cases), the diagnostic should be emitted as well.
    
    When the defining shared object has
    GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS, report an error to apply
    the intended enforcement.

Diff:
---
 sysdeps/generic/dl-protected.h | 50 +++++++++++++++++++++++-------------------
 1 file changed, 27 insertions(+), 23 deletions(-)

diff --git a/sysdeps/generic/dl-protected.h b/sysdeps/generic/dl-protected.h
index 88cb8ec917..38386b5200 100644
--- a/sysdeps/generic/dl-protected.h
+++ b/sysdeps/generic/dl-protected.h
@@ -26,29 +26,33 @@ _dl_check_protected_symbol (const char *undef_name,
 			    const struct link_map *map,
 			    int type_class)
 {
-  if (undef_map != NULL
-      && undef_map->l_type == lt_executable
-      && !(undef_map->l_1_needed
-	   & GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS)
-      && (map->l_1_needed
-	  & GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS))
-    {
-      if ((type_class & ELF_RTYPE_CLASS_COPY))
-	/* Disallow copy relocations in executable against protected
-	   data symbols in a shared object which needs indirect external
-	   access.  */
-	_dl_signal_error (0, map->l_name, undef_name,
-			  N_("copy relocation against non-copyable protected symbol"));
-      else if (ref->st_value != 0
-	       && ref->st_shndx == SHN_UNDEF
-	       && (type_class & ELF_RTYPE_CLASS_PLT))
-	/* Disallow non-zero symbol values of undefined symbols in
-	   executable, which are used as the function pointer, against
-	   protected function symbols in a shared object with indirect
-	   external access.  */
-	_dl_signal_error (0, map->l_name, undef_name,
-			  N_("non-canonical reference to canonical protected function"));
-    }
+  if (undef_map == NULL || undef_map->l_type != lt_executable)
+    return;
+
+  if (type_class & ELF_RTYPE_CLASS_COPY)
+    /* Disallow copy relocations in executable against protected
+       data symbols in a shared object which needs indirect external
+       access.  */
+    _dl_error_printf ("warning: copy relocation against non-copyable "
+		      "protected symbol `%s' in `%s'\n",
+		      undef_name, map->l_name);
+  else if ((type_class & ELF_RTYPE_CLASS_PLT) && ref->st_value != 0
+	   && ref->st_shndx == SHN_UNDEF)
+    /* Disallow non-zero symbol values of undefined symbols in
+       executable, which are used as the function pointer, against
+       protected function symbols in a shared object with indirect
+       external access.  */
+    _dl_error_printf (
+	"warning: direct reference to "
+	"protected function `%s' in `%s' may break pointer equality\n",
+	undef_name, map->l_name);
+  else
+    return;
+
+  if (map->l_1_needed & GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS)
+    _dl_signal_error (
+	0, map->l_name, undef_name,
+	N_ ("error due to GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS"));
 }
 
 #endif /* _DL_PROTECTED_H */