src - OpenBSD base system

diff options


context:
space:
mode:

author	Mark Kettenis <kettenis@cvs.openbsd.org>	2017-01-09 22:51:05 +0000
committer	Mark Kettenis <kettenis@cvs.openbsd.org>	2017-01-09 22:51:05 +0000
commit	91602f733fc8f36bc58a964d8d49479b01293aeb (patch)
tree	4a8a0721223a481bea0b743b9ca2e37191945265
parent	78cdd75ca94c869a8296979fb9d2d95913aafa3e (diff)

Remove dependency on __got_{start,end} symbols and look at PT_GNU_RELRO

instead. Result in a few more pages that aren't writable on some platforms (such as hppa). Based on an initial diff from guenther@. Thanks to deraadt@ for testing. ok guenther@

Diffstat

-rw-r--r--

libexec/ld.so/alpha/archdep.h

-rw-r--r--

libexec/ld.so/amd64/archdep.h

-rw-r--r--

libexec/ld.so/arm/archdep.h

-rw-r--r--

libexec/ld.so/boot.c

-rw-r--r--

libexec/ld.so/hppa/archdep.h

-rw-r--r--

libexec/ld.so/hppa/rtld_machine.c

-rw-r--r--

libexec/ld.so/i386/archdep.h

-rw-r--r--

libexec/ld.so/loader.c

-rw-r--r--

libexec/ld.so/m88k/archdep.h

-rw-r--r--

libexec/ld.so/mips64/archdep.h

-rw-r--r--

libexec/ld.so/powerpc/archdep.h

-rw-r--r--

libexec/ld.so/sh/archdep.h

-rw-r--r--

libexec/ld.so/sparc64/archdep.h

13 files changed, 42 insertions, 55 deletions

diff --git a/libexec/ld.so/alpha/archdep.h b/libexec/ld.so/alpha/archdep.h
index 7cb62da591e..5b6073fa1be 100644
--- a/libexec/ld.so/alpha/archdep.h
+++ b/libexec/ld.so/alpha/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.17 2015/12/06 23:36:12 guenther Exp $ */

+/* $OpenBSD: archdep.h,v 1.18 2017/01/09 22:51:04 kettenis Exp $ */

@@ -65,6 +65,4 @@ RELOC_DYN(Elf64_Rela *r, const Elf64_Sym *s, Elf64_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs)

-#define GOT_PERMS PROT_READ

#endif /* _ALPHA_ARCHDEP_H_ */

diff --git a/libexec/ld.so/amd64/archdep.h b/libexec/ld.so/amd64/archdep.h
index d5c4eba610c..247bebf31c7 100644
--- a/libexec/ld.so/amd64/archdep.h
+++ b/libexec/ld.so/amd64/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.8 2016/05/18 20:40:20 deraadt Exp $ */

+/* $OpenBSD: archdep.h,v 1.9 2017/01/09 22:51:04 kettenis Exp $ */

@@ -68,6 +68,4 @@ RELOC_DYN(Elf64_Rela *r, const Elf64_Sym *s, Elf64_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs)

-#define GOT_PERMS PROT_READ

#endif /* _X86_64_ARCHDEP_H_ */

diff --git a/libexec/ld.so/arm/archdep.h b/libexec/ld.so/arm/archdep.h
index 38c9af0c05b..b0df994afb1 100644
--- a/libexec/ld.so/arm/archdep.h
+++ b/libexec/ld.so/arm/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.8 2016/09/08 18:56:58 kettenis Exp $ */

+/* $OpenBSD: archdep.h,v 1.9 2017/01/09 22:51:04 kettenis Exp $ */

@@ -73,6 +73,4 @@ RELOC_DYN(Elf_Rel *r, const Elf_Sym *s, Elf_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs)

-#define GOT_PERMS (PROT_READ|PROT_EXEC)

#endif /* _ARM_ARCHDEP_H_ */

diff --git a/libexec/ld.so/boot.c b/libexec/ld.so/boot.c
index 52a460fa6ce..a4ed06ea062 100644
--- a/libexec/ld.so/boot.c
+++ b/libexec/ld.so/boot.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: boot.c,v 1.14 2016/08/13 20:57:04 guenther Exp $ */

+/* $OpenBSD: boot.c,v 1.15 2017/01/09 22:51:04 kettenis Exp $ */

@@ -87,6 +87,8 @@ _dl_boot_bind(const long sp, long *dl_data, Elf_Dyn *dynp)

long loff;

Elf_Addr i;

RELOC_TYPE *rp;

+ Elf_Ehdr *ehdp;

+ Elf_Phdr *phdp;

* Scan argument and environment vectors. Find dynamic

@@ -189,4 +191,30 @@ _dl_boot_bind(const long sp, long *dl_data, Elf_Dyn *dynp)

* we have been fully relocated here, so most things no longer

* need the loff adjustment

+ /*

+ * No further changes to the PLT and/or GOT are needed so make

+ * them read-only.

+ */

+ /* do any RWX -> RX fixups for executable PLTs and apply GNU_RELRO */

+ ehdp = (Elf_Ehdr *)loff;

+ phdp = (Elf_Phdr *)(loff + ehdp->e_phoff);

+ for (i = 0; i < ehdp->e_phnum; i++, phdp++) {

+ switch (phdp->p_type) {

+#if defined(__alpha__) || defined(__hppa__) || defined(__powerpc__) || \

+ defined(__sparc64__)

+ case PT_LOAD:

+ if ((phdp->p_flags & (PF_X | PF_W)) != (PF_X | PF_W))

+ break;

+ _dl_mprotect((void *)(phdp->p_vaddr + loff),

+ phdp->p_memsz, PROT_READ);

+ break;

+#endif

+ case PT_GNU_RELRO:

+ _dl_mprotect((void *)(phdp->p_vaddr + loff),

+ phdp->p_memsz, PROT_READ);

+ break;

+ }

}

diff --git a/libexec/ld.so/hppa/archdep.h b/libexec/ld.so/hppa/archdep.h
index 9bcc6e02826..11af4bbb767 100644
--- a/libexec/ld.so/hppa/archdep.h
+++ b/libexec/ld.so/hppa/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.11 2016/05/18 20:40:20 deraadt Exp $ */

+/* $OpenBSD: archdep.h,v 1.12 2017/01/09 22:51:04 kettenis Exp $ */

@@ -85,8 +85,6 @@ RELOC_DYN(Elf_RelA *r, const Elf_Sym *s, Elf_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs)

-#define GOT_PERMS PROT_READ

void _hppa_dl_dtors(void);

Elf_Addr _dl_md_plabel(Elf_Addr, Elf_Addr *);

diff --git a/libexec/ld.so/hppa/rtld_machine.c b/libexec/ld.so/hppa/rtld_machine.c
index c3633370991..1f6a9c80a2e 100644
--- a/libexec/ld.so/hppa/rtld_machine.c
+++ b/libexec/ld.so/hppa/rtld_machine.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: rtld_machine.c,v 1.34 2016/08/27 22:52:21 guenther Exp $ */

+/* $OpenBSD: rtld_machine.c,v 1.35 2017/01/09 22:51:04 kettenis Exp $ */

@@ -430,7 +430,7 @@ _dl_md_reloc_got(elf_object_t *object, int lazy)

/* mprotect the GOT */

_dl_protect_segment(object, 0, "__got_start", "__got_end",

- GOT_PERMS|PROT_EXEC);

+ PROT_READ|PROT_EXEC);

return (fails);

}

diff --git a/libexec/ld.so/i386/archdep.h b/libexec/ld.so/i386/archdep.h
index e2cf5fb8de2..f3152a7ec9e 100644
--- a/libexec/ld.so/i386/archdep.h
+++ b/libexec/ld.so/i386/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.15 2016/05/18 20:40:20 deraadt Exp $ */

+/* $OpenBSD: archdep.h,v 1.16 2017/01/09 22:51:04 kettenis Exp $ */

@@ -77,6 +77,4 @@ RELOC_DYN(Elf32_Rel *r, const Elf32_Sym *s, Elf32_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs)

-#define GOT_PERMS PROT_READ

#endif /* _I386_ARCHDEP_H_ */

diff --git a/libexec/ld.so/loader.c b/libexec/ld.so/loader.c
index 1c29c0dba52..0ce7f59595a 100644
--- a/libexec/ld.so/loader.c
+++ b/libexec/ld.so/loader.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: loader.c,v 1.167 2016/08/28 04:33:17 guenther Exp $ */

+/* $OpenBSD: loader.c,v 1.168 2017/01/09 22:51:04 kettenis Exp $ */

@@ -413,25 +413,6 @@ _dl_boot(const char **argv, char **envp, const long dyn_loff, long *dl_data)

#define ROUND_PG(x) (((x) + align) & ~(align))

#define TRUNC_PG(x) ((x) & ~(align))

- /*

- * now that GOT and PLT have been relocated, and we know

- * page size, protect them from modification

- */

-#ifndef RTLD_NO_WXORX

- {

- extern char *__got_start;

- extern char *__got_end;

- if (&__got_start != &__got_end) {

- _dl_mprotect((void *)ELF_TRUNC((long)&__got_start,

- _dl_pagesz),

- ELF_ROUND((long)&__got_end,_dl_pagesz) -

- ELF_TRUNC((long)&__got_start, _dl_pagesz),

- GOT_PERMS);

- }

-#endif

_dl_setup_env(argv[0], envp);

DL_DEB(("rtld loading: '%s'\n", __progname));

diff --git a/libexec/ld.so/m88k/archdep.h b/libexec/ld.so/m88k/archdep.h
index f55aa46bee9..40ae479b97b 100644
--- a/libexec/ld.so/m88k/archdep.h
+++ b/libexec/ld.so/m88k/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.2 2015/12/06 23:36:12 guenther Exp $ */

+/* $OpenBSD: archdep.h,v 1.3 2017/01/09 22:51:04 kettenis Exp $ */

@@ -62,6 +62,4 @@ RELOC_DYN(Elf32_Rela *r, const Elf32_Sym *s, Elf32_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs) do { } while (0)

-#define GOT_PERMS PROT_READ

#endif /* _M88K_ARCHDEP_H_ */

diff --git a/libexec/ld.so/mips64/archdep.h b/libexec/ld.so/mips64/archdep.h
index 0709c7699ce..4ed01d1b96a 100644
--- a/libexec/ld.so/mips64/archdep.h
+++ b/libexec/ld.so/mips64/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.10 2015/12/06 23:36:12 guenther Exp $ */

+/* $OpenBSD: archdep.h,v 1.11 2017/01/09 22:51:04 kettenis Exp $ */

@@ -90,6 +90,4 @@ do { \

} \

} while (0)

-#define GOT_PERMS PROT_READ

#endif /* _MIPS_ARCHDEP_H_ */

diff --git a/libexec/ld.so/powerpc/archdep.h b/libexec/ld.so/powerpc/archdep.h
index 9d4177c9448..15f3699502a 100644
--- a/libexec/ld.so/powerpc/archdep.h
+++ b/libexec/ld.so/powerpc/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.18 2015/12/06 23:36:12 guenther Exp $ */

+/* $OpenBSD: archdep.h,v 1.19 2017/01/09 22:51:04 kettenis Exp $ */

@@ -87,6 +87,4 @@ RELOC_DYN(Elf32_Rela *r, const Elf32_Sym *s, Elf32_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs)

-#define GOT_PERMS PROT_READ

#endif /* _POWERPC_ARCHDEP_H_ */

diff --git a/libexec/ld.so/sh/archdep.h b/libexec/ld.so/sh/archdep.h
index b1d61b1c75f..46797555391 100644
--- a/libexec/ld.so/sh/archdep.h
+++ b/libexec/ld.so/sh/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.6 2016/05/18 20:40:20 deraadt Exp $ */

+/* $OpenBSD: archdep.h,v 1.7 2017/01/09 22:51:04 kettenis Exp $ */

@@ -43,8 +43,6 @@

#include "syscall.h"

#include "util.h"

-#define RTLD_NO_WXORX

* The following functions are declared inline so they can

* be used before bootstrap linking has been finished.

@@ -73,6 +71,4 @@ RELOC_DYN(Elf32_Rela *r, const Elf32_Sym *s, Elf32_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs)

-#define GOT_PERMS (PROT_READ|PROT_EXEC)

#endif /* _SH_ARCHDEP_H_ */

diff --git a/libexec/ld.so/sparc64/archdep.h b/libexec/ld.so/sparc64/archdep.h
index a27bd147a3c..c3afd159f11 100644
--- a/libexec/ld.so/sparc64/archdep.h
+++ b/libexec/ld.so/sparc64/archdep.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: archdep.h,v 1.21 2016/05/18 20:40:20 deraadt Exp $ */

+/* $OpenBSD: archdep.h,v 1.22 2017/01/09 22:51:04 kettenis Exp $ */

@@ -66,6 +66,4 @@ RELOC_DYN(Elf_RelA *r, const Elf_Sym *s, Elf_Addr *p, unsigned long v)

#define RELOC_GOT(obj, offs)

-#define GOT_PERMS PROT_READ

#endif /* _SPARC64_ARCHDEP_H_ */