Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Jakub Panek
aports
Commits
029c13c8
Commit
029c13c8
authored
11 years ago
by
Timo Teräs
Browse files
Options
Downloads
Patches
Plain Diff
main/musl: add relro support
ref #2614
parent
6bcaafb2
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
main/musl/1003-implement-PT_GNU_RELRO-support.patch
+145
-0
145 additions, 0 deletions
main/musl/1003-implement-PT_GNU_RELRO-support.patch
main/musl/APKBUILD
+5
-1
5 additions, 1 deletion
main/musl/APKBUILD
with
150 additions
and
1 deletion
main/musl/1003-implement-PT_GNU_RELRO-support.patch
0 → 100644
+
145
−
0
View file @
029c13c8
From 2946056f1963aeb161568a7a8aea5b7bb9fb1edd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Tue, 25 Mar 2014 14:13:27 +0200
Subject: [PATCH 1/1] implement PT_GNU_RELRO support
---
src/ldso/dynlink.c | 48 +++++++++++++++++++++++++++++++++++-------------
1 file changed, 35 insertions(+), 13 deletions(-)
diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c
index 616dc3e..b903e97 100644
--- a/src/ldso/dynlink.c
+++ b/src/ldso/dynlink.c
@@ -74,6 +74,7 @@
struct dso {
char *rpath_orig, *rpath;
void *tls_image;
size_t tls_len, tls_size, tls_align, tls_id, tls_offset;
+ size_t relro_start, relro_end;
void **new_dtv;
unsigned char *new_tls;
int new_dtv_idx, new_tls_idx;
@@ -281,27 +282,29 @@
static void do_relocs(struct dso *dso, size_t *rel, size_t rel_size, size_t stri
* and "donate" them to the heap by setting up minimal malloc
* structures and then freeing them. */
-static void reclaim(unsigned char *base, size_t start, size_t end)
+static void reclaim(struct dso *dso, size_t start, size_t end)
{
size_t *a, *z;
+ if (start >= dso->relro_start && start < dso->relro_end) start = dso->relro_end;
+ if (end >= dso->relro_start && end < dso->relro_end) end = dso->relro_start;
start = start + 6*sizeof(size_t)-1 & -4*sizeof(size_t);
end = (end & -4*sizeof(size_t)) - 2*sizeof(size_t);
if (start>end || end-start < 4*sizeof(size_t)) return;
- a = (size_t *)(base + start);
- z = (size_t *)(base + end);
+ a = (size_t *)(dso->base + start);
+ z = (size_t *)(dso->base + end);
a[-2] = 1;
a[-1] = z[0] = end-start + 2*sizeof(size_t) | 1;
z[1] = 1;
free(a);
}
-static void reclaim_gaps(unsigned char *base, Phdr *ph, size_t phent, size_t phcnt)
+static void reclaim_gaps(struct dso *dso, Phdr *ph, size_t phent, size_t phcnt)
{
for (; phcnt--; ph=(void *)((char *)ph+phent)) {
if (ph->p_type!=PT_LOAD) continue;
if ((ph->p_flags&(PF_R|PF_W))!=(PF_R|PF_W)) continue;
- reclaim(base, ph->p_vaddr & -PAGE_SIZE, ph->p_vaddr);
- reclaim(base, ph->p_vaddr+ph->p_memsz,
+ reclaim(dso, ph->p_vaddr & -PAGE_SIZE, ph->p_vaddr);
+ reclaim(dso, ph->p_vaddr+ph->p_memsz,
ph->p_vaddr+ph->p_memsz+PAGE_SIZE-1 & -PAGE_SIZE);
}
}
@@ -346,11 +349,14 @@
static void *map_library(int fd, struct dso *dso)
for (i=eh->e_phnum; i; i--, ph=(void *)((char *)ph+eh->e_phentsize)) {
if (ph->p_type == PT_DYNAMIC)
dyn = ph->p_vaddr;
- if (ph->p_type == PT_TLS) {
+ else if (ph->p_type == PT_TLS) {
tls_image = ph->p_vaddr;
dso->tls_align = ph->p_align;
dso->tls_len = ph->p_filesz;
dso->tls_size = ph->p_memsz;
+ } else if (ph->p_type == PT_GNU_RELRO) {
+ dso->relro_start = ph->p_vaddr & -PAGE_SIZE;
+ dso->relro_end = (ph->p_vaddr + ph->p_memsz) & -PAGE_SIZE;
}
if (ph->p_type != PT_LOAD) continue;
if (ph->p_vaddr < addr_min) {
@@ -419,12 +425,12 @@
static void *map_library(int fd, struct dso *dso)
goto error;
break;
}
- if (!runtime) reclaim_gaps(base, ph0, eh->e_phentsize, eh->e_phnum);
dso->map = map;
dso->map_len = map_len;
dso->base = base;
dso->dynv = (void *)(base+dyn);
if (dso->tls_size) dso->tls_image = (void *)(base+tls_image);
+ if (!runtime) reclaim_gaps(dso, ph0, eh->e_phentsize, eh->e_phnum);
free(allocated_buf);
return map;
noexec:
@@ -766,6 +772,17 @@
static void reloc_all(struct dso *p)
2+(dyn[DT_PLTREL]==DT_RELA));
do_relocs(p, (void *)(p->base+dyn[DT_REL]), dyn[DT_RELSZ], 2);
do_relocs(p, (void *)(p->base+dyn[DT_RELA]), dyn[DT_RELASZ], 3);
+
+ if (p->relro_start != p->relro_end &&
+ mprotect(p->base+p->relro_start, p->relro_end-p->relro_start, PROT_READ) < 0) {
+ snprintf(errbuf, sizeof errbuf,
+ "Error relocating %s: RELRO protection failed",
+ p->name);
+ if (runtime) longjmp(*rtld_fail, 1);
+ dprintf(2, "%s\n", errbuf);
+ ldso_fail = 1;
+ }
+
p->relocated = 1;
}
}
@@ -1027,6 +1044,9 @@
void *__dynlink(int argc, char **argv)
app->tls_len = phdr->p_filesz;
app->tls_size = phdr->p_memsz;
app->tls_align = phdr->p_align;
+ } else if (phdr->p_type == PT_GNU_RELRO) {
+ app->relro_start = phdr->p_vaddr & -PAGE_SIZE;
+ app->relro_end = (phdr->p_vaddr + phdr->p_memsz) & -PAGE_SIZE;
}
}
if (app->tls_size) app->tls_image = (char *)app->base + tls_image;
@@ -1133,9 +1153,9 @@
void *__dynlink(int argc, char **argv)
/* PAST THIS POINT, ALL LIBC INTERFACES ARE FULLY USABLE. */
/* Donate unused parts of app and library mapping to malloc */
- reclaim_gaps(app->base, (void *)aux[AT_PHDR], aux[AT_PHENT], aux[AT_PHNUM]);
+ reclaim_gaps(app, (void *)aux[AT_PHDR], aux[AT_PHENT], aux[AT_PHNUM]);
ehdr = (void *)lib->base;
- reclaim_gaps(lib->base, (void *)(lib->base+ehdr->e_phoff),
+ reclaim_gaps(lib, (void *)(lib->base+ehdr->e_phoff),
ehdr->e_phentsize, ehdr->e_phnum);
/* Load preload/needed libraries, add their symbols to the global
@@ -1175,9 +1195,11 @@
void *__dynlink(int argc, char **argv)
runtime = 1;
#ifndef DYNAMIC_IS_RO
- for (i=0; app->dynv[i]; i+=2)
- if (app->dynv[i]==DT_DEBUG)
- app->dynv[i+1] = (size_t)&debug;
+ if (app->relro_start == app->relro_end) {
+ for (i=0; app->dynv[i]; i+=2)
+ if (app->dynv[i]==DT_DEBUG)
+ app->dynv[i+1] = (size_t)&debug;
+ }
#endif
debug.ver = 1;
debug.bp = _dl_debug_state;
--
1.9.0
This diff is collapsed.
Click to expand it.
main/musl/APKBUILD
+
5
−
1
View file @
029c13c8
...
...
@@ -2,7 +2,7 @@
# Maintainer: Timo Teräs <timo.teras@iki.fi>
pkgname
=
musl
pkgver
=
1.0.0
pkgrel
=
0
pkgrel
=
1
pkgdesc
=
"the musl c library (libc) implementation"
url
=
"http://www.musl-libc.org/"
arch
=
"all"
...
...
@@ -16,6 +16,7 @@ subpackages="$pkgname-dev $pkgname-utils"
source
=
"http://www.musl-libc.org/releases/musl-
$pkgver
.tar.gz
1001-add-basic-dns-record-parsing-functions.patch
1002-fix-confstr-return-value.patch
1003-implement-PT_GNU_RELRO-support.patch
2001-workaround-gcc-pr58245.patch
getopt_long.c
...
...
@@ -115,6 +116,7 @@ crosstool() {
md5sums
=
"e54664fdf211d27737e328c4462b545e musl-1.0.0.tar.gz
a3810683ef61ac27e2f6ec9801280c81 1001-add-basic-dns-record-parsing-functions.patch
499bced87843940199898d1508ef58df 1002-fix-confstr-return-value.patch
82bdbdb20210ca6e19dbd7da6b54e2e6 1003-implement-PT_GNU_RELRO-support.patch
7a09c5cd7b3e9532e6902f54a5e928bb 2001-workaround-gcc-pr58245.patch
61c6c1e84ed1df82abbe6d75e90cf21c getopt_long.c
0df687757221bbb0fc1aa67f1bd646f9 __stack_chk_fail_local.c
...
...
@@ -124,6 +126,7 @@ ef81489a6258501cf45db58dfc6d5211 getent
sha256sums
=
"1ad7f45d2972daff19c9e6a92714e6d70f4aad003cd8c3d1e6113432114c1a32 musl-1.0.0.tar.gz
758390768b1bc4159d56908ca332b9640cd0552ed3b4b2b8d4a6d499c54c11a1 1001-add-basic-dns-record-parsing-functions.patch
dba7e5155efab40829ec0202f1135942004e8e79cff287cbb455355a0d67705f 1002-fix-confstr-return-value.patch
ad4cf7c3d778514daaf3ad2de5939900214522387c7904a246b2892efe87c3d0 1003-implement-PT_GNU_RELRO-support.patch
45d6efda7450809e4e68f6e951431dcadf6cb7f0260930d50a9f1a8667aca49f 2001-workaround-gcc-pr58245.patch
d9b644ec20bc33e81a7c52b9fcf7973d835923a69faf50f03db45534b811bd96 getopt_long.c
299a7d75a09de3e2e11e7fb4acc3182e4a14e868093d2f30938fce9bfcff13da __stack_chk_fail_local.c
...
...
@@ -133,6 +136,7 @@ d6996273f5aaaed429058257e4646b243d9e3a4d8609522f802762453f5be4cb getent
sha512sums
=
"c76cbfe60cbe9b1ceb1faedddf2dcce0f11c942c8f74e4f217efe63e8e1d7be70fcb6cf1182eeaee90441152c4493d678682cb247a0dbc7537d24f943a7bbdf8 musl-1.0.0.tar.gz
dad965258daf69371b844f76bfe5a914b0eca0ca76f3fc340b8fd7acf598b5f87bbe6d68b1f43ed0293ee0ed3bfd85d5173ccc169aa6265646248d5b8a906708 1001-add-basic-dns-record-parsing-functions.patch
d4c5f3c5a8ab3a9f1f63a22933bf4dcc67d6aff630066c9e3bb0edf9f46ab8b6e228ded906e4f82b7849d3b7e84ca25c9322bf5c5787fca10203482a38176700 1002-fix-confstr-return-value.patch
5199c16d12a46dd990005ad0d2bc4c49e978db440be92cf8e1f848d6a74dcb5e789052c17088bbeac6540365f02fda1603b156c3346f89132f71122f384d734e 1003-implement-PT_GNU_RELRO-support.patch
69ad3fc851b44f33dd7c98b83fd0adbd149b37263d17b989f4d7338ee0703dfe8994f4299744e2509492300227d652de6f21b6cdba9b633fcefd3d9f7ca0cf20 2001-workaround-gcc-pr58245.patch
140f3f20d30bd95ebce8c41b8cc7f616c6cbedf4ea06c729c21014e74f6043796825cc40ebc5180620ea38173afdba23f09ebf6d8b11fa05440b14d23764fca9 getopt_long.c
062bb49fa54839010acd4af113e20f7263dde1c8a2ca359b5fb2661ef9ed9d84a0f7c3bc10c25dcfa10bb3c5a4874588dff636ac43d5dbb3d748d75400756d0b __stack_chk_fail_local.c
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
