diff options
| author | Dale Rahn <drahn@cvs.openbsd.org> | 2003-01-30 21:06:48 +0000 |
|---|---|---|
| committer | Dale Rahn <drahn@cvs.openbsd.org> | 2003-01-30 21:06:48 +0000 |
| commit | 9b47077e91abff859fb1253814138b68d1e5b817 (patch) | |
| tree | 5c5918cc8db29644d0da4b2c91063d79df790e3b /gnu/usr.bin/binutils/ld/scripttempl/elf.sc | |
| parent | 40fa295c7d4b8f2c25a804fbe379c2b34aa6e180 (diff) | |
ELF security enhancement: put .rodata into it's own load section instead
of putting it with the text. This removes the execute permission
from readonly data. This constrains the executable region to portions
of the executable which need to be executable. Note: not all processors
or mmus are capable of -X protection at the page level, but should
handle ELF images which specify specific RWX protections on each section.
Diffstat (limited to 'gnu/usr.bin/binutils/ld/scripttempl/elf.sc')
| -rw-r--r-- | gnu/usr.bin/binutils/ld/scripttempl/elf.sc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/gnu/usr.bin/binutils/ld/scripttempl/elf.sc b/gnu/usr.bin/binutils/ld/scripttempl/elf.sc index e155639eff9..8d47b4ad17b 100644 --- a/gnu/usr.bin/binutils/ld/scripttempl/elf.sc +++ b/gnu/usr.bin/binutils/ld/scripttempl/elf.sc @@ -70,6 +70,7 @@ DYNAMIC=".dynamic ${RELOCATING-0} : { *(.dynamic) }" RODATA=".rodata ${RELOCATING-0} : { *(.rodata) ${RELOCATING+*(.rodata.*)} ${RELOCATING+*(.gnu.linkonce.r.*)} }" SBSS2=".sbss2 ${RELOCATING-0} : { *(.sbss2) ${RELOCATING+*(.sbss2.*)} ${RELOCATING+*(.gnu.linkonce.sb2.*)} }" SDATA2=".sdata2 ${RELOCATING-0} : { *(.sdata2) ${RELOCATING+*(.sdata2.*)} ${RELOCATING+*(.gnu.linkonce.s2.*)} }" +test "$LD_FLAG" = "N" || test "$LD_FLAG" = "Z" || PAD_RO0="${RELOCATING+. = ALIGN(${MAXPAGESIZE}) + (. & (${MAXPAGESIZE} - 1));}" test "$LD_FLAG" = "N" || test "$LD_FLAG" = "Z" || PAD_PLT0="${RELOCATING+. = ALIGN(${MAXPAGESIZE}) + (. & (${MAXPAGESIZE} - 1));} .pltpad0 ${RELOCATING-0} : { ${RELOCATING+__plt_start = .;} }" test "$LD_FLAG" = "N" || test "$LD_FLAG" = "Z" || PAD_PLT1=".pltpad1 ${RELOCATING-0} : { ${RELOCATING+__plt_end = .;}} ${RELOCATING+. = ALIGN(${MAXPAGESIZE}) + (. & (${MAXPAGESIZE} - 1));}" test "$LD_FLAG" = "N" || test "$LD_FLAG" = "Z" || PAD_GOT0="${RELOCATING+. = ALIGN(${MAXPAGESIZE}) + (. & (${MAXPAGESIZE} - 1));} .gotpad0 ${RELOCATING-0} : { ${RELOCATING+__got_start = .;} }" @@ -289,6 +290,7 @@ SECTIONS ${RELOCATING+PROVIDE (__etext = .);} ${RELOCATING+PROVIDE (_etext = .);} ${RELOCATING+PROVIDE (etext = .);} + ${PAD_RO+${PAD_RO0}} ${WRITABLE_RODATA-${RODATA}} .rodata1 ${RELOCATING-0} : { *(.rodata1) } ${CREATE_SHLIB-${SDATA2}} |