* [PATCH v2 0/4] Implement indirect external access marker
@ 2021-06-24 13:49 H.J. Lu
2021-06-24 13:49 ` [PATCH v2 1/4] Initial support for GNU_PROPERTY_1_NEEDED H.J. Lu
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: H.J. Lu @ 2021-06-24 13:49 UTC (permalink / raw)
To: libc-alpha; +Cc: Florian Weimer
Changes in the v2 patch.
1. Rename GNU_PROPERTY_1_NEEDED_SINGLE_GLOBAL_DEFINITION to
GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS.
2. Rename the option to -z [no]indirect-extern-access and move it to
ld/emulparams/extern_protected_data.sh.
3. Clear the indirect external access bit in executable when there are
non-GOT or non-PLT relocations in relocatable input files without this
bit set.
---
On systems with copy relocation:
* A copy in executable is created for the definition in a shared library
at run-time by ld.so.
* The copy is referenced by executable and shared libraries.
* Executable can access the copy directly.
Issues are:
* Overhead of a copy, time and space, may be visible at run-time.
* Read-only data in the shared library becomes read-write copy in
executable at run-time.
* Local access to data with the STV_PROTECTED visibility in the shared
library must use GOT.
On systems without function descriptor, function pointers vary depending
on where and how the functions are defined.
* If the function is defined in executable, it can be the address of
function body.
* If the function, including the function with STV_PROTECTED visibility,
is defined in the shared library, it can be the address of the PLT entry
in executable or shared library.
Issues are:
* The address of function body may not be used as its function pointer.
* ld.so needs to search loaded shared libraries for the function pointer
of the function with STV_PROTECTED visibility.
Here is a proposal to remove copy relocation and use canonical function
pointer:
1. Accesses, including in PIE and non-PIE, to undefined symbols must
use GOT.
a. Linker may optimize out GOT access if the data is defined in PIE or
non-PIE.
2. Read-only data in the shared library remain read-only at run-time
3. Address of global data with the STV_PROTECTED visibility in the shared
library is the address of data body.
a. Can use IP-relative access.
b. May need GOT without IP-relative access.
4. For systems without function descriptor,
a. All global function pointers of undefined functions in PIE and
non-PIE must use GOT. Linker may optimize out GOT access if the
function is defined in PIE or non-PIE.
b. Function pointer of functions with the STV_PROTECTED visibility in
executable and shared library is the address of function body.
i. Can use IP-relative access.
ii. May need GOT without IP-relative access.
iii. Branches to undefined functions may use PLT.
5. Single global definition marker:
Add GNU_PROPERTY_1_NEEDED:
#define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO
to indicate the needed properties by the object file.
Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS:
#define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0)
to indicate that the object file requires canonical function pointers and
cannot be used with copy relocation. This bit should be cleared in
executable when there are non-GOT or non-PLT relocations in relocatable
input files without this bit set.
a. Protected symbol access within the shared library can be treated as
local.
b. Copy relocation should be disallowed at link-time and run-time.
c. GOT function pointer reference is required at link-time and run-time.
The indirect external access marker can be used in the following ways:
1. Linker can decide the best way to resolve a relocation against a
protected symbol before seeing all relocations against the symbol.
2. Dynamic linker can decide if it is an error to have a copy relocation
in executable against the protected symbol in a shared library by checking
if the shared library is built with -fno-direct-extern-access.
Dynamic linker changes:
* Scan the indirect external access marker on all components, including
the executable and its dependency shared libraries.
* When performing symbol lookup for references in executable without
indirect external access:
1. Disallow copy relocations in executable against protected data
symbols in a shared object with indirect external access.
2. Disallow non-zero symbol values of undefined function symbols in
executable, which are used as the function pointer, against protected
function symbols in a shared object with indirect external access.
The corresponding binutils patches are posted at
https://sourceware.org/pipermail/binutils/2021-June/117153.html
and GCC patches are posted at
https://gcc.gnu.org/pipermail/gcc-patches/2021-June/573633.html
We can replace hidden function symbols with protected symbols and build
glibc with -fno-direct-extern-access.
H.J. Lu (4):
Initial support for GNU_PROPERTY_1_NEEDED
Check -z indirect-extern-access and -fno-direct-extern-access
Add run-time chesk for indirect external access
Update tests for protected data and function symbols
configure | 59 +++++++++++++++
configure.ac | 37 ++++++++++
elf/Makefile | 54 ++++++++++++++
elf/dl-lookup.c | 5 ++
elf/elf.h | 17 +++++
elf/tst-protected1moda.c | 10 +--
elf/tst-protected1modb.c | 4 +-
elf/tst-protected2a.c | 130 +++++++++++++++++++++++++++++++++
elf/tst-protected2apie.c | 1 +
elf/tst-protected2b.c | 121 ++++++++++++++++++++++++++++++
elf/tst-protected2bpie.c | 1 +
elf/tst-protected2mod.h | 35 +++++++++
elf/tst-protected2moda.c | 52 +++++++++++++
elf/tst-protected2moda2.c | 41 +++++++++++
elf/tst-protected2modb.c | 45 ++++++++++++
elf/tst-protected2modb2.c | 28 +++++++
sysdeps/generic/dl-prop.h | 9 ++-
sysdeps/generic/dl-protected.h | 54 ++++++++++++++
sysdeps/generic/link_map.h | 3 +-
sysdeps/x86/dl-prop.h | 19 +++--
sysdeps/x86/link_map.h | 2 +
21 files changed, 710 insertions(+), 17 deletions(-)
create mode 100644 elf/tst-protected2a.c
create mode 100644 elf/tst-protected2apie.c
create mode 100644 elf/tst-protected2b.c
create mode 100644 elf/tst-protected2bpie.c
create mode 100644 elf/tst-protected2mod.h
create mode 100644 elf/tst-protected2moda.c
create mode 100644 elf/tst-protected2moda2.c
create mode 100644 elf/tst-protected2modb.c
create mode 100644 elf/tst-protected2modb2.c
create mode 100644 sysdeps/generic/dl-protected.h
--
2.31.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2 1/4] Initial support for GNU_PROPERTY_1_NEEDED
2021-06-24 13:49 [PATCH v2 0/4] Implement indirect external access marker H.J. Lu
@ 2021-06-24 13:49 ` H.J. Lu
2021-06-24 13:49 ` [PATCH v2 2/4] Check -z indirect-extern-access and -fno-direct-extern-access H.J. Lu
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: H.J. Lu @ 2021-06-24 13:49 UTC (permalink / raw)
To: libc-alpha; +Cc: Florian Weimer
1. Add GNU_PROPERTY_1_NEEDED:
#define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO
to indicate the needed properties by the object file.
2. Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS:
#define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0)
to indicate that the object file requires canonical function pointers and
cannot be used with copy relocation.
3. Scan GNU_PROPERTY_1_NEEDED property and store it in l_1_needed.
---
elf/elf.h | 17 +++++++++++++++++
sysdeps/generic/dl-prop.h | 9 ++++++++-
sysdeps/generic/link_map.h | 3 ++-
sysdeps/x86/dl-prop.h | 19 ++++++++++++++-----
sysdeps/x86/link_map.h | 2 ++
5 files changed, 43 insertions(+), 7 deletions(-)
diff --git a/elf/elf.h b/elf/elf.h
index 2a62b98d4a..dd661a6a64 100644
--- a/elf/elf.h
+++ b/elf/elf.h
@@ -1310,6 +1310,23 @@ typedef struct
/* No copy relocation on protected data symbol. */
#define GNU_PROPERTY_NO_COPY_ON_PROTECTED 2
+/* A 4-byte unsigned integer property: A bit is set if it is set in all
+ relocatable inputs. */
+#define GNU_PROPERTY_UINT32_AND_LO 0xb0000000
+#define GNU_PROPERTY_UINT32_AND_HI 0xb0007fff
+
+/* A 4-byte unsigned integer property: A bit is set if it is set in any
+ relocatable inputs. */
+#define GNU_PROPERTY_UINT32_OR_LO 0xb0008000
+#define GNU_PROPERTY_UINT32_OR_HI 0xb000ffff
+
+/* The needed properties by the object file. */
+#define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO
+
+/* Set if the object file requires canonical function pointers and
+ cannot be used with copy relocation. */
+#define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0)
+
/* Processor-specific semantics, lo */
#define GNU_PROPERTY_LOPROC 0xc0000000
/* Processor-specific semantics, hi */
diff --git a/sysdeps/generic/dl-prop.h b/sysdeps/generic/dl-prop.h
index eaee8052b6..207aadb35d 100644
--- a/sysdeps/generic/dl-prop.h
+++ b/sysdeps/generic/dl-prop.h
@@ -47,7 +47,14 @@ static inline int __attribute__ ((always_inline))
_dl_process_gnu_property (struct link_map *l, int fd, uint32_t type,
uint32_t datasz, void *data)
{
- return 0;
+ /* Continue until GNU_PROPERTY_1_NEEDED is found. */
+ if (type == GNU_PROPERTY_1_NEEDED)
+ {
+ if (datasz == 4)
+ l->l_1_needed = *(unsigned int *) data;
+ return 0;
+ }
+ return 1;
}
#endif /* _DL_PROP_H */
diff --git a/sysdeps/generic/link_map.h b/sysdeps/generic/link_map.h
index a056184690..9f482b8c20 100644
--- a/sysdeps/generic/link_map.h
+++ b/sysdeps/generic/link_map.h
@@ -1 +1,2 @@
-/* No architecture specific definitions. */
+/* GNU_PROPERTY_1_NEEDED of this object. */
+unsigned int l_1_needed;
diff --git a/sysdeps/x86/dl-prop.h b/sysdeps/x86/dl-prop.h
index 56bd020b3c..385548fad3 100644
--- a/sysdeps/x86/dl-prop.h
+++ b/sysdeps/x86/dl-prop.h
@@ -97,6 +97,7 @@ _dl_process_property_note (struct link_map *l, const ElfW(Nhdr) *note,
const ElfW(Addr) start = (ElfW(Addr)) note;
+ unsigned int needed_1 = 0;
unsigned int feature_1_and = 0;
unsigned int isa_1_needed = 0;
unsigned int last_type = 0;
@@ -141,7 +142,8 @@ _dl_process_property_note (struct link_map *l, const ElfW(Nhdr) *note,
last_type = type;
if (type == GNU_PROPERTY_X86_FEATURE_1_AND
- || type == GNU_PROPERTY_X86_ISA_1_NEEDED)
+ || type == GNU_PROPERTY_X86_ISA_1_NEEDED
+ || type == GNU_PROPERTY_1_NEEDED)
{
/* The sizes of types which we are searching for are
4 bytes. There is no point to continue if this
@@ -151,12 +153,18 @@ _dl_process_property_note (struct link_map *l, const ElfW(Nhdr) *note,
/* NB: Stop the scan only after seeing all types which
we are searching for. */
- _Static_assert ((GNU_PROPERTY_X86_ISA_1_NEEDED >
- GNU_PROPERTY_X86_FEATURE_1_AND),
+ _Static_assert (((GNU_PROPERTY_X86_ISA_1_NEEDED
+ > GNU_PROPERTY_X86_FEATURE_1_AND)
+ && (GNU_PROPERTY_X86_FEATURE_1_AND
+ > GNU_PROPERTY_1_NEEDED)),
"GNU_PROPERTY_X86_ISA_1_NEEDED > "
- "GNU_PROPERTY_X86_FEATURE_1_AND");
+ "GNU_PROPERTY_X86_FEATURE_1_AND && "
+ "GNU_PROPERTY_X86_FEATURE_1_AND > "
+ "GNU_PROPERTY_1_NEEDED");
if (type == GNU_PROPERTY_X86_FEATURE_1_AND)
feature_1_and = *(unsigned int *) ptr;
+ else if (type == GNU_PROPERTY_1_NEEDED)
+ needed_1 = *(unsigned int *) ptr;
else
{
isa_1_needed = *(unsigned int *) ptr;
@@ -187,9 +195,10 @@ _dl_process_property_note (struct link_map *l, const ElfW(Nhdr) *note,
}
/* We get here only if there is one or no GNU property note. */
- if (isa_1_needed != 0 || feature_1_and != 0)
+ if (needed_1 != 0 || isa_1_needed != 0 || feature_1_and != 0)
{
l->l_property = lc_property_valid;
+ l->l_1_needed = needed_1;
l->l_x86_isa_1_needed = isa_1_needed;
l->l_x86_feature_1_and = feature_1_and;
}
diff --git a/sysdeps/x86/link_map.h b/sysdeps/x86/link_map.h
index 4c46a25f83..0c7e25dc96 100644
--- a/sysdeps/x86/link_map.h
+++ b/sysdeps/x86/link_map.h
@@ -29,3 +29,5 @@ unsigned int l_x86_feature_1_and;
/* GNU_PROPERTY_X86_ISA_1_NEEDED of this object. */
unsigned int l_x86_isa_1_needed;
+
+#include <sysdeps/generic/link_map.h>
--
2.31.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2 2/4] Check -z indirect-extern-access and -fno-direct-extern-access
2021-06-24 13:49 [PATCH v2 0/4] Implement indirect external access marker H.J. Lu
2021-06-24 13:49 ` [PATCH v2 1/4] Initial support for GNU_PROPERTY_1_NEEDED H.J. Lu
@ 2021-06-24 13:49 ` H.J. Lu
2021-06-24 13:49 ` [PATCH v2 3/4] Add run-time chesk for indirect external access H.J. Lu
2021-06-24 13:49 ` [PATCH v2 4/4] Update tests for protected data and function symbols H.J. Lu
3 siblings, 0 replies; 5+ messages in thread
From: H.J. Lu @ 2021-06-24 13:49 UTC (permalink / raw)
To: libc-alpha; +Cc: Florian Weimer
1. Check linker support for -z indirect-extern-access. If
GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS is set on any input
relocatable files:
a. Don't generate copy relocations.
b. Turn off extern_protected_data since it implies
GNU_PROPERTY_NO_COPY_ON_PROTECTED.
c. Treate reference to protected symbols with indirect external access
as local.
d. Set GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS on output.
e. When generating executable, clear this bit when there are non-GOT
or non-PLT relocations in input relocatable files without the bit set.
f. Add -z [no]indirect-extern-access to control indirect external access.
2. Check compiler support for -fno-direct-extern-access:
a. Generate an indirect external access marker in relocatable objects.
i. Always use GOT to access undefined data and function symbols,
including in PIE and non-PIE. These will avoid copy relocations in
executables.
ii. This is compatible with existing executables and shared libraries.
b. In executable and shared library, bind symbols with the STV_PROTECTED
visibility locally:
i. The address of data symbol is the address of data body.
ii. For systems without function descriptor, the function pointer is
the address of function body.
iii. The resulting shared libraries may not be incompatible with
executables which have copy relocations on protected symbols.
Size comparison of non-PIE builds with GCC 12 -O2:
1. On x86-64:
text data bss dec hex filename
189958 9304 416 199678 30bfe ld.so (original)
189974 9304 416 199694 30c0e ld.so (-fno-direct-extern-access)
1922458 20240 52432 1995130 1e717a libc.so (original)
1922474 20240 52432 1995146 1e718a libc.so (-fno-direct-extern-access)
49321 1363 192 50876 c6bc iconv_prog (original)
47053 3638 120 50811 c67b iconv_prog (-fno-direct-extern-access)
261978 10339 744 273061 42aa5 localedef (original)
233344 41734 648 275726 4350e localedef (-fno-direct-extern-access)
The size difference in localedef mainly comes from .data.rel.ro
.data.rel.ro 0x000005 (original)
.data.rel.ro 0x007a88 (-fno-direct-extern-access)
For example, with -fno-direct-extern-access, localedef.o has 172
relocation entries against section '.rela.data.rel.ro.local' vs none
without -fno-direct-extern-access.
---
configure | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++++
configure.ac | 37 ++++++++++++++++++++++++++++++++
2 files changed, 96 insertions(+)
diff --git a/configure b/configure
index 9619c10991..093c59e25e 100755
--- a/configure
+++ b/configure
@@ -5746,6 +5746,65 @@ fi
$as_echo "$libc_cv_insert" >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking -z indirect-extern-access" >&5
+$as_echo_n "checking -z indirect-extern-access... " >&6; }
+if ${libc_cv_z_indirect_extern_access+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat > conftest.c <<EOF
+ __attribute__ ((visibility ("protected")))
+ void bar (void) {}
+ void *bar_p (void) { return &bar; }
+EOF
+ libc_cv_z_indirect_extern_access=no
+ if { ac_try='${CC-cc} -Wl,-z,indirect-extern-access
+ -nostdlib -nostartfiles $CFLAGS $CPPFLAGS $LDFLAGS
+ -fPIC -shared $no_ssp -o conftest.so conftest.c
+ 1>&5'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then
+ libc_cv_z_indirect_extern_access=yes
+ else
+ libc_cv_z_indirect_extern_access=no
+ fi
+ rm -f conftest.*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $libc_cv_z_indirect_extern_access" >&5
+$as_echo "$libc_cv_z_indirect_extern_access" >&6; }
+config_vars="$config_vars
+have-z-indirect-extern-access = $libc_cv_z_indirect_extern_access"
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for -fno-direct-extern-access" >&5
+$as_echo_n "checking for -fno-direct-extern-access... " >&6; }
+if ${libc_cv_fno_direct_extern_access+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat > conftest.c <<EOF
+int foo;
+EOF
+ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -S
+ -fno-direct-extern-access
+ conftest.c 1>&5'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then
+ libc_cv_fno_direct_extern_access=yes
+ else
+ libc_cv_fno_direct_extern_access=no
+ fi
+ rm -f conftest*
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $libc_cv_fno_direct_extern_access" >&5
+$as_echo "$libc_cv_fno_direct_extern_access" >&6; }
+config_vars="$config_vars
+have-fno-direct-extern-access = $libc_cv_fno_direct_extern_access"
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for broken __attribute__((alias()))" >&5
$as_echo_n "checking for broken __attribute__((alias()))... " >&6; }
if ${libc_cv_broken_alias_attribute+:} false; then :
diff --git a/configure.ac b/configure.ac
index 34ecbba540..195abe0827 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1222,6 +1222,43 @@ EOF
])
AC_SUBST(libc_cv_insert)
+AC_CACHE_CHECK(-z indirect-extern-access,
+ libc_cv_z_indirect_extern_access,
+ [cat > conftest.c <<EOF
+ __attribute__ ((visibility ("protected")))
+ void bar (void) {}
+ void *bar_p (void) { return &bar; }
+EOF
+ libc_cv_z_indirect_extern_access=no
+ if AC_TRY_COMMAND([${CC-cc} -Wl,-z,indirect-extern-access
+ -nostdlib -nostartfiles $CFLAGS $CPPFLAGS $LDFLAGS
+ -fPIC -shared $no_ssp -o conftest.so conftest.c
+ 1>&AS_MESSAGE_LOG_FD]); then
+ libc_cv_z_indirect_extern_access=yes
+ else
+ libc_cv_z_indirect_extern_access=no
+ fi
+ rm -f conftest.*
+ ])
+LIBC_CONFIG_VAR([have-z-indirect-extern-access],
+ [$libc_cv_z_indirect_extern_access])
+
+AC_CACHE_CHECK(for -fno-direct-extern-access,
+ libc_cv_fno_direct_extern_access,
+ [cat > conftest.c <<EOF
+int foo;
+EOF
+ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS -S
+ -fno-direct-extern-access
+ conftest.c 1>&AS_MESSAGE_LOG_FD]); then
+ libc_cv_fno_direct_extern_access=yes
+ else
+ libc_cv_fno_direct_extern_access=no
+ fi
+ rm -f conftest*])
+LIBC_CONFIG_VAR([have-fno-direct-extern-access],
+ [$libc_cv_fno_direct_extern_access])
+
AC_CACHE_CHECK(for broken __attribute__((alias())),
libc_cv_broken_alias_attribute,
[cat > conftest.c <<EOF
--
2.31.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2 3/4] Add run-time chesk for indirect external access
2021-06-24 13:49 [PATCH v2 0/4] Implement indirect external access marker H.J. Lu
2021-06-24 13:49 ` [PATCH v2 1/4] Initial support for GNU_PROPERTY_1_NEEDED H.J. Lu
2021-06-24 13:49 ` [PATCH v2 2/4] Check -z indirect-extern-access and -fno-direct-extern-access H.J. Lu
@ 2021-06-24 13:49 ` H.J. Lu
2021-06-24 13:49 ` [PATCH v2 4/4] Update tests for protected data and function symbols H.J. Lu
3 siblings, 0 replies; 5+ messages in thread
From: H.J. Lu @ 2021-06-24 13:49 UTC (permalink / raw)
To: libc-alpha; +Cc: Florian Weimer
When performing symbol lookup for references in executable without
indirect external access:
1. Disallow copy relocations in executable against protected data symbols
in a shared object with indirect external access.
2. Disallow non-zero symbol values of undefined function symbols in
executable, which are used as the function pointer, against protected
function symbols in a shared object with indirect external access.
---
elf/dl-lookup.c | 5 ++++
sysdeps/generic/dl-protected.h | 54 ++++++++++++++++++++++++++++++++++
2 files changed, 59 insertions(+)
create mode 100644 sysdeps/generic/dl-protected.h
diff --git a/elf/dl-lookup.c b/elf/dl-lookup.c
index eea217eb28..430359af39 100644
--- a/elf/dl-lookup.c
+++ b/elf/dl-lookup.c
@@ -24,6 +24,7 @@
#include <ldsodefs.h>
#include <dl-hash.h>
#include <dl-machine.h>
+#include <dl-protected.h>
#include <sysdep-cancel.h>
#include <libc-lock.h>
#include <tls.h>
@@ -527,6 +528,10 @@ do_lookup_x (const char *undef_name, uint_fast32_t new_hash,
if (__glibc_unlikely (dl_symbol_visibility_binds_local_p (sym)))
goto skip;
+ if (ELFW(ST_VISIBILITY) (sym->st_other) == STV_PROTECTED)
+ _dl_check_protected_symbol (undef_name, undef_map, ref, map,
+ type_class);
+
switch (ELFW(ST_BIND) (sym->st_info))
{
case STB_WEAK:
diff --git a/sysdeps/generic/dl-protected.h b/sysdeps/generic/dl-protected.h
new file mode 100644
index 0000000000..244d020dc4
--- /dev/null
+++ b/sysdeps/generic/dl-protected.h
@@ -0,0 +1,54 @@
+/* Support for STV_PROTECTED visibility. Generic version.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _DL_PROTECTED_H
+#define _DL_PROTECTED_H
+
+static inline void __attribute__ ((always_inline))
+_dl_check_protected_symbol (const char *undef_name,
+ const struct link_map *undef_map,
+ const ElfW(Sym) *ref,
+ const struct link_map *map,
+ int type_class)
+{
+ if (undef_map != NULL
+ && undef_map->l_type == lt_executable
+ && !(undef_map->l_1_needed
+ & GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS)
+ && (map->l_1_needed
+ & GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS))
+ {
+ if ((type_class & ELF_RTYPE_CLASS_COPY))
+ /* Disallow copy relocations in executable against protected
+ data symbols in a shared object which needs indirect external
+ access. */
+ _dl_signal_error (0, map->l_name, undef_name,
+ N_("copy relocation against non-copyable protected symbol"));
+ else if (ref->st_value != 0
+ && ref->st_shndx == SHN_UNDEF
+ && (type_class & ELF_RTYPE_CLASS_PLT))
+ /* Disallow non-zero symbol values of undefined symbols in
+ executable, which are used as the function pointer, against
+ protected function symbols in a shared object with indirect
+ external access. */
+ _dl_signal_error (0, map->l_name, undef_name,
+ N_("non-canonical reference to canonical protected function"));
+ }
+}
+
+#endif /* _DL_PROTECTED_H */
--
2.31.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2 4/4] Update tests for protected data and function symbols
2021-06-24 13:49 [PATCH v2 0/4] Implement indirect external access marker H.J. Lu
` (2 preceding siblings ...)
2021-06-24 13:49 ` [PATCH v2 3/4] Add run-time chesk for indirect external access H.J. Lu
@ 2021-06-24 13:49 ` H.J. Lu
3 siblings, 0 replies; 5+ messages in thread
From: H.J. Lu @ 2021-06-24 13:49 UTC (permalink / raw)
To: libc-alpha; +Cc: Florian Weimer
Protected data and function symbols don't work well without
-fno-direct-extern-access:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=37611
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=44166
1. Compile tst-protected1[ab].c and tst-protected1mod[ab].c with
-fno-direct-extern-access if possible so that GOT entries are used
for undefined data accesses.
2. Add tests for protected function pointers.
3. Build tst-prelink.c with direct external access to keep COPY
relocation.
---
elf/Makefile | 54 ++++++++++++++++
elf/tst-protected1moda.c | 10 +--
elf/tst-protected1modb.c | 4 +-
elf/tst-protected2a.c | 130 ++++++++++++++++++++++++++++++++++++++
elf/tst-protected2apie.c | 1 +
elf/tst-protected2b.c | 121 +++++++++++++++++++++++++++++++++++
elf/tst-protected2bpie.c | 1 +
elf/tst-protected2mod.h | 35 ++++++++++
elf/tst-protected2moda.c | 52 +++++++++++++++
elf/tst-protected2moda2.c | 41 ++++++++++++
elf/tst-protected2modb.c | 45 +++++++++++++
elf/tst-protected2modb2.c | 28 ++++++++
12 files changed, 512 insertions(+), 10 deletions(-)
create mode 100644 elf/tst-protected2a.c
create mode 100644 elf/tst-protected2apie.c
create mode 100644 elf/tst-protected2b.c
create mode 100644 elf/tst-protected2bpie.c
create mode 100644 elf/tst-protected2mod.h
create mode 100644 elf/tst-protected2moda.c
create mode 100644 elf/tst-protected2moda2.c
create mode 100644 elf/tst-protected2modb.c
create mode 100644 elf/tst-protected2modb2.c
diff --git a/elf/Makefile b/elf/Makefile
index 38d08e03b8..dc1a073db8 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -367,15 +367,59 @@ tests += tst-protected1a tst-protected1b
$(objpfx)tst-protected1a: $(addprefix $(objpfx),tst-protected1moda.so tst-protected1modb.so)
$(objpfx)tst-protected1b: $(addprefix $(objpfx),tst-protected1modb.so tst-protected1moda.so)
tst-protected1modb.so-no-z-defs = yes
+ifeq (yes,$(have-fno-direct-extern-access))
+CFLAGS-tst-protected1a.c += -fno-direct-extern-access
+CFLAGS-tst-protected1b.c += -fno-direct-extern-access
+CFLAGS-tst-protected1moda.c += -fno-direct-extern-access
+CFLAGS-tst-protected1modb.c += -fno-direct-extern-access
+else
# These tests fail with GCC versions prior to 5.1 and with some versions
# of binutils. See https://sourceware.org/bugzilla/show_bug.cgi?id=17709
# and https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65248 for details.
# Perhaps in future we can make these XFAILs conditional on some detection
# of compiler/linker behavior/version.
+# NB: These tests pass with -fno-direct-extern-access when GOT entries
+# are used for undefined data accesses.
test-xfail-tst-protected1a = yes
test-xfail-tst-protected1b = yes
endif
+ifeq (yes,$(have-z-indirect-extern-access))
+LDFLAGS-tst-protected1moda.so += -Wl,-z,indirect-extern-access
+LDFLAGS-tst-protected1modb.so += -Wl,-z,indirect-extern-access
+endif
+endif
ifeq (yesyes,$(have-fpie)$(build-shared))
+ifeq (yes,$(have-z-indirect-extern-access))
+modules-names += tst-protected2moda tst-protected2modb
+tests += tst-protected2a tst-protected2b
+tests += tst-protected2apie tst-protected2bpie
+tests-pie += tst-protected2apie tst-protected2bpie
+test-extras += tst-protected2moda2 tst-protected2modb2
+extra-test-objs += tst-protected2moda2.os tst-protected2modb2.os
+LDFLAGS-tst-protected2moda.so += -Wl,-z,indirect-extern-access
+LDFLAGS-tst-protected2modb.so += -Wl,-z,indirect-extern-access
+CFLAGS-tst-protected2apie.c += $(PIE-ccflag)
+CFLAGS-tst-protected2bpie.c += $(PIE-ccflag)
+ifeq (yes,$(have-fno-direct-extern-access))
+CFLAGS-tst-protected2a.c += -fno-direct-extern-access
+CFLAGS-tst-protected2b.c += -fno-direct-extern-access
+CFLAGS-tst-protected2moda.c += -fno-direct-extern-access
+CFLAGS-tst-protected2moda2.c += -fno-direct-extern-access
+CFLAGS-tst-protected2modb.c += -fno-direct-extern-access
+CFLAGS-tst-protected2modb2.c += -fno-direct-extern-access
+else
+# These non-PIE tests fail when GOT entries are not used for undefined
+# function pointers.
+test-xfail-tst-protected2a = yes
+test-xfail-tst-protected2b = yes
+endif
+$(objpfx)tst-protected2moda.so: $(objpfx)tst-protected2moda2.os
+$(objpfx)tst-protected2modb.so: $(objpfx)tst-protected2modb2.os
+$(objpfx)tst-protected2a: $(addprefix $(objpfx),tst-protected2moda.so tst-protected2modb.so)
+$(objpfx)tst-protected2b: $(addprefix $(objpfx),tst-protected2modb.so tst-protected2moda.so)
+$(objpfx)tst-protected2apie: $(addprefix $(objpfx),tst-protected2moda.so tst-protected2modb.so)
+$(objpfx)tst-protected2bpie: $(addprefix $(objpfx),tst-protected2modb.so tst-protected2moda.so)
+endif
modules-names += tst-piemod1
tests += tst-pie1 tst-pie2 tst-dlopen-pie tst-dlopen-tlsmodid-pie \
tst-dlopen-self-pie
@@ -469,6 +513,16 @@ tests += tst-prelink
tests-internal += tst-prelink-cmp
# Don't compile tst-prelink.c with PIE for GLOB_DAT relocation.
CFLAGS-tst-prelink.c += -fno-pie
+ifeq ($(have-fno-direct-extern-access),yes)
+# Compile tst-prelink.c with -fdirect-extern-acces to keepp COPY
+# relocation.
+CFLAGS-tst-prelink.c += -fdirect-extern-access
+endif
+ifeq ($(have-z-indirect-extern-access),yes)
+# Link tst-prelink with -z noindirect-extern-access to keepp COPY
+# relocation.
+LDFLAGS-tst-prelink += -Wl,-z,noindirect-extern-access
+endif
tst-prelink-no-pie = yes
endif
diff --git a/elf/tst-protected1moda.c b/elf/tst-protected1moda.c
index eeb18306bb..3d0eb1e877 100644
--- a/elf/tst-protected1moda.c
+++ b/elf/tst-protected1moda.c
@@ -17,17 +17,13 @@
#include "tst-protected1mod.h"
-int protected1 = 3;
+int protected1 __attribute__ ((visibility("protected"))) = 3;
static int expected_protected1 = 3;
-int protected2 = 4;
+int protected2 __attribute__ ((visibility("protected"))) = 4;
static int expected_protected2 = 4;
-int protected3 = 5;
+int protected3 __attribute__ ((visibility("protected"))) = 5;
static int expected_protected3 = 5;
-asm (".protected protected1");
-asm (".protected protected2");
-asm (".protected protected3");
-
void
set_protected1a (int i)
{
diff --git a/elf/tst-protected1modb.c b/elf/tst-protected1modb.c
index 2cb1e61b17..ca82c64689 100644
--- a/elf/tst-protected1modb.c
+++ b/elf/tst-protected1modb.c
@@ -19,11 +19,9 @@
#include "tst-protected1mod.h"
int protected1 = -3;
-int protected3 = -5;
+int protected3 __attribute__ ((visibility("protected"))) = -5;
static int expected_protected3 = -5;
-asm (".protected protected3");
-
void
set_protected1b (int i)
{
diff --git a/elf/tst-protected2a.c b/elf/tst-protected2a.c
new file mode 100644
index 0000000000..21b666e12b
--- /dev/null
+++ b/elf/tst-protected2a.c
@@ -0,0 +1,130 @@
+/* Test the protected visibility when main is linked with moda and modb
+ in that order:
+ 1. Protected function symbols, protected1, protected2 and protected3,
+ defined in moda, are used in moda.
+ 2. Protected function symbol, protected3, defined in modb, are used
+ in modb.
+ 3. Symbol, protected1, defined in moda, is also used in main and modb.
+ 4. Symbol, protected2, defined in main, is used in main.
+ 5. Symbol, protected3, defined in moda, is also used in main.
+
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "tst-protected2mod.h"
+
+int
+protected2 (void)
+{
+ return -1;
+}
+
+int
+__attribute__ ((weak, noclone, noinline))
+call_ptr (protected_func_type ptr)
+{
+ return ptr ();
+}
+
+int
+do_test (void)
+{
+ int res = 0;
+
+ /* Check if we get the same address for the protected function symbol. */
+ protected_func_type ptr = protected1a_p ();
+ if (&protected1 != ptr)
+ {
+ puts ("`protected1' in main and moda doesn't have the same address");
+ res = 1;
+ }
+ ptr = protected1b_p ();
+ if (&protected1 != ptr)
+ {
+ puts ("`protected1' in main and modb doesn't have the same address");
+ res = 1;
+ }
+
+ /* Check if we get the right protected function symbol. */
+ if (call_ptr (ptr) != 3)
+ {
+ puts ("`protected1' in main and moda doesn't return the same value");
+ res = 1;
+ }
+
+ /* Check if we get the right function defined in executable. */
+ if (protected2 () != -1)
+ {
+ puts ("`protected2' in main returns the wrong value");
+ res = 1;
+ }
+
+ /* Check `protected1' in moda. */
+ if (!check_protected1 ())
+ {
+ puts ("`protected1' in moda returns the wrong value");
+ res = 1;
+ }
+
+ /* Check `protected2' in moda. */
+ if (!check_protected2 ())
+ {
+ puts ("`protected2' in moda returns the wrong value");
+ res = 1;
+ }
+
+ /* Check if we get the same address for the protected function symbol. */
+ if (&protected3 != protected3a_p ())
+ {
+ puts ("`protected3' in main and moda doesn't have the same address");
+ res = 1;
+ }
+ if (&protected3 == protected3b_p ())
+ {
+ puts ("`protected3' in main and modb has the same address");
+ res = 1;
+ }
+
+ /* Check if we get the right value for the protected data symbol. */
+ if (protected3 () != 5)
+ {
+ puts ("`protected3' in main and moda doesn't return the same value");
+ res = 1;
+ }
+
+ /* Check `protected3' in moda. */
+ if (!check_protected3a ())
+ {
+ puts ("`protected3' in moda has the wrong value");
+ res = 1;
+ }
+
+ /* Check `protected3' in modb. */
+ if (!check_protected3b ())
+ {
+ puts ("`protected3' in modb has the wrong value");
+ res = 1;
+ }
+
+ return res;
+}
+
+#include <support/test-driver.c>
diff --git a/elf/tst-protected2apie.c b/elf/tst-protected2apie.c
new file mode 100644
index 0000000000..28a7aa3d1a
--- /dev/null
+++ b/elf/tst-protected2apie.c
@@ -0,0 +1 @@
+#include "tst-protected2a.c"
diff --git a/elf/tst-protected2b.c b/elf/tst-protected2b.c
new file mode 100644
index 0000000000..500323e33f
--- /dev/null
+++ b/elf/tst-protected2b.c
@@ -0,0 +1,121 @@
+/* Test the protected visibility when main is linked with modb and moda
+ in that order:
+ 1. Protected function symbols, protected1, protected2 and protected3,
+ defined in moda, are used in moda.
+ 2. Protected function symbol, protected3, defined in modb, are used
+ in modb.
+ 3. Symbol, protected1, defined in modb, is used in main and modb.
+ 4. Symbol, protected2, defined in main, is used in main.
+ 5. Symbol, protected3, defined in modb, is also used in main.
+
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "tst-protected2mod.h"
+
+int
+protected2 (void)
+{
+ return -1;
+}
+
+int
+do_test (void)
+{
+ int res = 0;
+
+ /* Check if we get the same address for the protected data symbol. */
+ if (&protected1 == protected1a_p ())
+ {
+ puts ("`protected1' in main and moda has the same address");
+ res = 1;
+ }
+ if (&protected1 != protected1b_p ())
+ {
+ puts ("`protected1' in main and modb doesn't have the same address");
+ res = 1;
+ }
+
+ /* Check if we get the right protected function symbol. */
+ if (protected1 () != -3)
+ {
+ puts ("`protected1' in main and modb doesn't return the same value");
+ res = 1;
+ }
+
+ /* Check if we get the right function defined in executable. */
+ if (protected2 () != -1)
+ {
+ puts ("`protected2' in main returns the wrong value");
+ res = 1;
+ }
+
+ /* Check `protected1' in moda. */
+ if (!check_protected1 ())
+ {
+ puts ("`protected1' in moda returns the wrong value");
+ res = 1;
+ }
+
+ /* Check `protected2' in moda. */
+ if (!check_protected2 ())
+ {
+ puts ("`protected2' in moda returns the wrong value");
+ res = 1;
+ }
+
+ /* Check if we get the same address for the protected function symbol. */
+ if (&protected3 == protected3a_p ())
+ {
+ puts ("`protected3' in main and moda has the same address");
+ res = 1;
+ }
+ if (&protected3 != protected3b_p ())
+ {
+ puts ("`protected3' in main and modb doesn't have the same address");
+ res = 1;
+ }
+
+ /* Check if we get the right protected function symbol. */
+ if (protected3 () != -5)
+ {
+ puts ("`protected3' in main and modb doesn't return the same value");
+ res = 1;
+ }
+
+ /* Check `protected3' in moda. */
+ if (!check_protected3a ())
+ {
+ puts ("`protected3' in moda returns the wrong value");
+ res = 1;
+ }
+
+ /* Check `protected3' in modb. */
+ if (!check_protected3b ())
+ {
+ puts ("`protected3' in modb returns the wrong value");
+ res = 1;
+ }
+
+ return res;
+}
+
+#include <support/test-driver.c>
diff --git a/elf/tst-protected2bpie.c b/elf/tst-protected2bpie.c
new file mode 100644
index 0000000000..8dcfbd04cb
--- /dev/null
+++ b/elf/tst-protected2bpie.c
@@ -0,0 +1 @@
+#include "tst-protected2b.c"
diff --git a/elf/tst-protected2mod.h b/elf/tst-protected2mod.h
new file mode 100644
index 0000000000..feb28ab0d5
--- /dev/null
+++ b/elf/tst-protected2mod.h
@@ -0,0 +1,35 @@
+/* Test protected function symbols.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+/* Prototypes for the functions in the DSOs. */
+extern int protected1 (void);
+extern int protected2 (void);
+extern int protected3 (void);
+
+typedef int (*protected_func_type) (void);
+
+extern protected_func_type protected1a_p (void);
+extern protected_func_type protected1b_p (void);
+
+extern int check_protected1 (void);
+extern int check_protected2 (void);
+
+extern int check_protected3a (void);
+extern protected_func_type protected3a_p (void);
+extern int check_protected3b (void);
+extern protected_func_type protected3b_p (void);
diff --git a/elf/tst-protected2moda.c b/elf/tst-protected2moda.c
new file mode 100644
index 0000000000..db04e8dfb9
--- /dev/null
+++ b/elf/tst-protected2moda.c
@@ -0,0 +1,52 @@
+/* Test protected function symbols.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include "tst-protected2mod.h"
+
+__attribute__ ((visibility("protected")))
+int
+protected1 (void)
+{
+ return 3;
+}
+
+__attribute__ ((visibility("protected")))
+int
+protected2 (void)
+{
+ return 4;
+}
+
+__attribute__ ((visibility("protected")))
+int
+protected3 (void)
+{
+ return 5;
+}
+
+protected_func_type
+protected1a_p (void)
+{
+ return &protected1;
+}
+
+protected_func_type
+protected3a_p (void)
+{
+ return &protected3;
+}
diff --git a/elf/tst-protected2moda2.c b/elf/tst-protected2moda2.c
new file mode 100644
index 0000000000..fae72177f9
--- /dev/null
+++ b/elf/tst-protected2moda2.c
@@ -0,0 +1,41 @@
+/* Test protected function symbols.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include "tst-protected2mod.h"
+
+extern int protected1 (void) __attribute__ ((visibility("protected")));
+extern int protected2 (void) __attribute__ ((visibility("protected")));
+extern int protected3 (void) __attribute__ ((visibility("protected")));
+
+int
+check_protected1 (void)
+{
+ return protected1 () == 3;
+}
+
+int
+check_protected2 (void)
+{
+ return protected2 () == 4;
+}
+
+int
+check_protected3a (void)
+{
+ return protected3 () == 5;
+}
diff --git a/elf/tst-protected2modb.c b/elf/tst-protected2modb.c
new file mode 100644
index 0000000000..3c5063f0c3
--- /dev/null
+++ b/elf/tst-protected2modb.c
@@ -0,0 +1,45 @@
+/* Test protected function symbols.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <stdlib.h>
+#include "tst-protected2mod.h"
+
+int
+protected1 (void)
+{
+ return -3;
+}
+
+__attribute__ ((visibility("protected")))
+int
+protected3 (void)
+{
+ return -5;
+}
+
+protected_func_type
+protected1b_p (void)
+{
+ return &protected1;
+}
+
+protected_func_type
+protected3b_p (void)
+{
+ return &protected3;
+}
diff --git a/elf/tst-protected2modb2.c b/elf/tst-protected2modb2.c
new file mode 100644
index 0000000000..b21b827134
--- /dev/null
+++ b/elf/tst-protected2modb2.c
@@ -0,0 +1,28 @@
+/* Test protected function symbols.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <stdlib.h>
+#include "tst-protected2mod.h"
+
+extern int protected3 (void) __attribute__ ((visibility("protected")));
+
+int
+check_protected3b (void)
+{
+ return protected3 () == -5;
+}
--
2.31.1
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-06-24 13:49 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-24 13:49 [PATCH v2 0/4] Implement indirect external access marker H.J. Lu
2021-06-24 13:49 ` [PATCH v2 1/4] Initial support for GNU_PROPERTY_1_NEEDED H.J. Lu
2021-06-24 13:49 ` [PATCH v2 2/4] Check -z indirect-extern-access and -fno-direct-extern-access H.J. Lu
2021-06-24 13:49 ` [PATCH v2 3/4] Add run-time chesk for indirect external access H.J. Lu
2021-06-24 13:49 ` [PATCH v2 4/4] Update tests for protected data and function symbols H.J. Lu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).