Re: [PATCH 5/7] elf: Enable relro for static build

[Adhemerval Zanella <adhemerval.zanella@linaro.org>]

On 01/12/2019 06:55, Florian Weimer wrote:
> * Adhemerval Zanella:
> 
>> The code is similar to the one at rtld.c, where its check for the
>> PT_GNU_RELRO header values from program headers and call
>> _dl_protected_relro with the updated l_relro_{addr,size} values.
> 
> This is not the actual code that does RELRO in most cases, it's only
> used with prelink.  _dl_relocate_object is what is used.

Ack, I changed the commit message to:

The code is similar to the one at elf/dl-reloc.c, where it checks for
the l_relro_size from the link_map (obtained from PT_GNU_RELRO header
from program headers) and calls_dl_protected_relro.

> 
>> diff --git a/elf/dl-support.c b/elf/dl-support.c
>> index 5526d5ee6e..bdb5c2ae91 100644
>> --- a/elf/dl-support.c
>> +++ b/elf/dl-support.c
>> @@ -367,14 +367,24 @@ _dl_non_dynamic_init (void)
>>    if (_dl_platform != NULL)
>>      _dl_platformlen = strlen (_dl_platform);
>>  
>> -  /* Scan for a program header telling us the stack is nonexecutable.  */
>>    if (_dl_phdr != NULL)
>> -    for (uint_fast16_t i = 0; i < _dl_phnum; ++i)
>> -      if (_dl_phdr[i].p_type == PT_GNU_STACK)
>> +    for (const ElfW(Phdr) *ph = _dl_phdr; ph < &_dl_phdr[_dl_phnum]; ++ph)
>> +      switch (ph->p_type)
>>  	{
>> -	  _dl_stack_flags = _dl_phdr[i].p_flags;
>> +	/* Check if the stack is nonexecutable.  */
>> +	case PT_GNU_STACK:
>> +	  _dl_stack_flags = ph->p_flags;
>> +	  break;
>> +
>> +	case PT_GNU_RELRO:
>> +	  _dl_main_map.l_relro_addr = ph->p_vaddr;
>> +	  _dl_main_map.l_relro_size = ph->p_memsz;
>>  	  break;
>>  	}
>> +
>> +  /* Setup relro on the binary itself.  */
>> +  if (_dl_main_map.l_relro_size)
>> +    _dl_protect_relro (&_dl_main_map);
> 
> Please use an explicit comparison with != 0.

Ack.

> 
> I have a test case for this which I can post.  

Sure, I can attach on the patch itself.

> Somewhat bizarrely,
> full RELRO for statically linked binaries requires linking with -z now.
> 

My understanding it is arch-specific and also depends on how bintuils was
build.  For instance, with my system ld (GNU ld (GNU Binutils for Ubuntu) 2.30)
seemed to be built with DEFAULT_LD_Z_RELRO (set by --enable-relro) which sets 
relro by default.  With this binutils I could only disable relro by explicit 
add norelro, the -z {lazy,now} did not change the GNU_RELRO header creation.

Also the code in ld/emultempl/elf.em does seem to select different linker
scripts for both link_info.relro and (link_info.flags & DF_BIND_NOW), however
it does no have a special case for 
link_info.relro and !(link_info.flags & DF_BIND_NOW). I don't see how -relro
is requiring -z now on ld code.