From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1944) id 3B5B33852C51; Wed, 23 Nov 2022 14:47:45 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3B5B33852C51 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1669214865; bh=m7k6ik4vivSl+1QjGLJHGAsLp8hRaxwYiwueN3hWRQg=; h=From:To:Subject:Date:From; b=g9V75YfReVex6sCQzb++YuHR55zBTDTcsU/HAorsohyn4o/AV6JpKt3FWgVKnxxW4 F5xSvl8xFiA8526FCijUPePRC2n+ro9LX/XBEoqz/3WojHttRicvgupNY7yCyRooB5 giRBKrgxQjyHJnBIthyYeDO1vKwzXkWsYTB18SFw= Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Szabolcs Nagy To: glibc-cvs@sourceware.org Subject: [glibc/arm/morello/main] cheri: elf: Fix segment mapping permissions X-Act-Checkin: glibc X-Git-Author: Szabolcs Nagy X-Git-Refname: refs/heads/arm/morello/main X-Git-Oldrev: 0b5f254b4daa0307a898b17eeb994a84e5e1a89f X-Git-Newrev: 81c2de89c6f6e9ade26f28e2ff65c5c0510600da Message-Id: <20221123144745.3B5B33852C51@sourceware.org> Date: Wed, 23 Nov 2022 14:47:45 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=81c2de89c6f6e9ade26f28e2ff65c5c0510600da commit 81c2de89c6f6e9ade26f28e2ff65c5c0510600da Author: Szabolcs Nagy Date: Fri Oct 21 12:38:26 2022 +0100 cheri: elf: Fix segment mapping permissions Ensure mmap returns pointers with RWX permission covering all segments. These pointers later get restricted to RX and RW permission. Diff: --- elf/dl-map-segments.h | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/elf/dl-map-segments.h b/elf/dl-map-segments.h index ce51585ce4..e25fb579df 100644 --- a/elf/dl-map-segments.h +++ b/elf/dl-map-segments.h @@ -22,6 +22,13 @@ # include #endif +/* Allow RWX mprotect later, on CHERI this means RWX capability permission. */ +#ifdef PROT_MAX +# define PROT_MAX_RWX PROT_MAX (PROT_READ | PROT_WRITE | PROT_EXEC) +#else +# define PROT_MAX_RWX 0 +#endif + /* Map a segment and align it properly. */ static __always_inline elfptr_t @@ -29,7 +36,8 @@ _dl_map_segment (const struct loadcmd *c, ElfW(Addr) mappref, const size_t maplength, int fd) { if (__glibc_likely (c->mapalign <= GLRO(dl_pagesize))) - return (elfptr_t) __mmap ((void *) mappref, maplength, c->prot, + return (elfptr_t) __mmap ((void *) mappref, maplength, + c->prot|PROT_MAX_RWX, MAP_COPY|MAP_FILE, fd, c->mapoff); /* If the segment alignment > the page size, allocate enough space to @@ -38,7 +46,7 @@ _dl_map_segment (const struct loadcmd *c, ElfW(Addr) mappref, ? (maplength + c->mapalign) : (2 * c->mapalign)); elfptr_t map_start = (elfptr_t) __mmap ((void *) mappref, maplen, - PROT_NONE, + PROT_NONE|PROT_MAX_RWX, MAP_ANONYMOUS|MAP_PRIVATE, -1, 0); if (__glibc_unlikely ((void *) map_start == MAP_FAILED)) @@ -46,7 +54,7 @@ _dl_map_segment (const struct loadcmd *c, ElfW(Addr) mappref, elfptr_t map_start_aligned = ALIGN_UP (map_start, c->mapalign); map_start_aligned = (elfptr_t) __mmap ((void *) map_start_aligned, - maplength, c->prot, + maplength, c->prot|PROT_MAX_RWX, MAP_COPY|MAP_FILE|MAP_FIXED, fd, c->mapoff); if (__glibc_unlikely ((void *) map_start_aligned == MAP_FAILED)) @@ -137,7 +145,8 @@ _dl_map_segments (struct link_map *l, int fd, else { /* Need a single capability to cover all load segments. */ - void *p = __mmap ((void *) c->mapstart, maplength, c->prot, + void *p = __mmap ((void *) c->mapstart, maplength, + c->prot|PROT_MAX_RWX, MAP_FIXED|MAP_COPY|MAP_FILE, fd, c->mapoff); if (p == MAP_FAILED)