summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhilip Guenther <guenther@cvs.openbsd.org>2014-11-03 17:50:57 +0000
committerPhilip Guenther <guenther@cvs.openbsd.org>2014-11-03 17:50:57 +0000
commiteb95f8b1eb1cdff1b338255a639794a0c9034179 (patch)
tree98ca65675934ffa02e215448ad8f63a8521029cf
parent425a87494731ed74050fbd5af2a680639ff49b76 (diff)
Eliminate RTLD_PROTECT_PLT: ld.so is built with -Bsymbolic so the
PLT is empty/unused. On at least macppc and sparc64, ld.so's attempt to mprotect its PLT could instead hit its own allocated data and cause a segfault shortly there after. While here, take a shot at preventing the same issue with the GOT by checking for __got_start != __got_end. reproduction *with ktracing* by afresh1@ provided the key data ok miod@ deraadt@
-rw-r--r--libexec/ld.so/alpha/archdep.h4
-rw-r--r--libexec/ld.so/loader.c25
-rw-r--r--libexec/ld.so/powerpc/archdep.h4
-rw-r--r--libexec/ld.so/sparc/archdep.h4
-rw-r--r--libexec/ld.so/sparc64/archdep.h4
5 files changed, 12 insertions, 29 deletions
diff --git a/libexec/ld.so/alpha/archdep.h b/libexec/ld.so/alpha/archdep.h
index 37f70625bf8..44e7f595bf7 100644
--- a/libexec/ld.so/alpha/archdep.h
+++ b/libexec/ld.so/alpha/archdep.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: archdep.h,v 1.14 2014/04/16 10:52:58 guenther Exp $ */
+/* $OpenBSD: archdep.h,v 1.15 2014/11/03 17:50:56 guenther Exp $ */
/*
* Copyright (c) 1998 Per Fogelstrom, Opsycon AB
@@ -41,8 +41,6 @@
#include "syscall.h"
#include "util.h"
-#define RTLD_PROTECT_PLT
-
static inline void
RELOC_REL(Elf64_Rel *r, const Elf64_Sym *s, Elf64_Addr *p, unsigned long v)
{
diff --git a/libexec/ld.so/loader.c b/libexec/ld.so/loader.c
index c5449df8901..8cc91d2f842 100644
--- a/libexec/ld.so/loader.c
+++ b/libexec/ld.so/loader.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: loader.c,v 1.150 2014/07/10 09:03:01 otto Exp $ */
+/* $OpenBSD: loader.c,v 1.151 2014/11/03 17:50:56 guenther Exp $ */
/*
* Copyright (c) 1998 Per Fogelstrom, Opsycon AB
@@ -399,23 +399,14 @@ _dl_boot(const char **argv, char **envp, const long dyn_loff, long *dl_data)
{
extern char *__got_start;
extern char *__got_end;
-#ifdef RTLD_PROTECT_PLT
- extern char *__plt_start;
- extern char *__plt_end;
-#endif
- _dl_mprotect((void *)ELF_TRUNC((long)&__got_start, _dl_pagesz),
- ELF_ROUND((long)&__got_end,_dl_pagesz) -
- ELF_TRUNC((long)&__got_start, _dl_pagesz),
- GOT_PERMS);
-
-#ifdef RTLD_PROTECT_PLT
- /* only for DATA_PLT or BSS_PLT */
- _dl_mprotect((void *)ELF_TRUNC((long)&__plt_start, _dl_pagesz),
- ELF_ROUND((long)&__plt_end,_dl_pagesz) -
- ELF_TRUNC((long)&__plt_start, _dl_pagesz),
- PROT_READ|PROT_EXEC);
-#endif
+ if (&__got_start != &__got_end) {
+ _dl_mprotect((void *)ELF_TRUNC((long)&__got_start,
+ _dl_pagesz),
+ ELF_ROUND((long)&__got_end,_dl_pagesz) -
+ ELF_TRUNC((long)&__got_start, _dl_pagesz),
+ GOT_PERMS);
+ }
}
#endif
diff --git a/libexec/ld.so/powerpc/archdep.h b/libexec/ld.so/powerpc/archdep.h
index 7bb80dc26c5..8e9733a5af0 100644
--- a/libexec/ld.so/powerpc/archdep.h
+++ b/libexec/ld.so/powerpc/archdep.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: archdep.h,v 1.15 2014/07/05 12:22:41 miod Exp $ */
+/* $OpenBSD: archdep.h,v 1.16 2014/11/03 17:50:56 guenther Exp $ */
/*
* Copyright (c) 1998 Per Fogelstrom, Opsycon AB
@@ -41,8 +41,6 @@
#include "syscall.h"
#include "util.h"
-#define RTLD_PROTECT_PLT
-
/*
* The following functions are declared inline so they can
* be used before bootstrap linking has been finished.
diff --git a/libexec/ld.so/sparc/archdep.h b/libexec/ld.so/sparc/archdep.h
index 509b17c922f..cf3c03743a6 100644
--- a/libexec/ld.so/sparc/archdep.h
+++ b/libexec/ld.so/sparc/archdep.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: archdep.h,v 1.9 2010/01/02 12:16:35 kettenis Exp $ */
+/* $OpenBSD: archdep.h,v 1.10 2014/11/03 17:50:56 guenther Exp $ */
/*
* Copyright (c) 1998 Per Fogelstrom, Opsycon AB
@@ -43,8 +43,6 @@
#include "syscall.h"
#include "util.h"
-#define RTLD_PROTECT_PLT
-
static inline void *
_dl_mmap(void *addr, unsigned int len, unsigned int prot,
unsigned int flags, int fd, off_t offset)
diff --git a/libexec/ld.so/sparc64/archdep.h b/libexec/ld.so/sparc64/archdep.h
index 61e32e7e820..27b4036ac18 100644
--- a/libexec/ld.so/sparc64/archdep.h
+++ b/libexec/ld.so/sparc64/archdep.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: archdep.h,v 1.18 2010/01/02 12:16:35 kettenis Exp $ */
+/* $OpenBSD: archdep.h,v 1.19 2014/11/03 17:50:56 guenther Exp $ */
/*
* Copyright (c) 1998 Per Fogelstrom, Opsycon AB
@@ -43,8 +43,6 @@
#include "syscall.h"
#include "util.h"
-#define RTLD_PROTECT_PLT
-
static inline void *
_dl_mmap(void *addr, unsigned int len, unsigned int prot,
unsigned int flags, int fd, off_t offset)