This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[PATCH] fix GNU_STACK default when linking against non-DYN, non-REL

From: Kees Cook <kees at canonical dot com>
To: binutils at sources dot redhat dot com
Date: Fri, 4 Apr 2008 09:27:04 -0700
Subject: [PATCH] fix GNU_STACK default when linking against non-DYN, non-REL

Hello, while eliminating the executable stack markings[1] from klibc[2],
I ended up examining ld's behavior (really bfd's) when linking klibc's
utilities, which has an uncommon use-case.  All the involved object
files had the appropriate .note.GNU-stack and GNU_STACK flags, but
linking with -R produced executables with an "E" in their GNU_STACK.
Here is an example of the linking:

ld -m elf_x86_64 -o usr/utils/shared/cat -e main usr/klibc/interp.o \
    --start-group  usr/utils/cat.o  -R usr/klibc/libc.so \
    /usr/lib/gcc/x86_64-linux-gnu/4.2.3/libgcc.a --end-group

The unusual thing here is the "-R usr/klibc/libc.so".  That file isn't
DYN, but EXEC.  As a result, when trying to determine the exec_stack
default for the resulting output, bfd (correctly) believes usr/klibc/libc.so
lacks the .note.GNU-stack marker (since it assumes it is a REL file).

I see two possible fixes for this behavior.  The "better" approach seems
to be to replace the "(DYNAMIC | BFD_LINKER_CREATED)" test with something
that examines the existing GNU_STACK of the bfd when it is DYNAMIC or
EXEC_P, and examines the "E" flag (I assume BFD_LINKER_CREATED would
remain skipped).  The quick approach may be to just use the attached
patch, expanding the exception.

Thoughts or commments?

-Kees

[1] http://people.ubuntu.com/~kees/30-drop-executable-stack.patch
[2] http://git.kernel.org/?p=libs/klibc/klibc.git;a=summary

Signed-off-by: Kees Cook <kees@canonical.com>


Index: bfd/elflink.c
===================================================================
RCS file: /cvs/src/src/bfd/elflink.c,v
retrieving revision 1.302
diff -u -p -r1.302 elflink.c
--- bfd/elflink.c	13 Mar 2008 05:27:42 -0000	1.302
+++ bfd/elflink.c	4 Apr 2008 16:18:26 -0000
@@ -5403,7 +5403,7 @@ bfd_elf_size_dynamic_sections (bfd *outp
 	{
 	  asection *s;
 
-	  if (inputobj->flags & (DYNAMIC | BFD_LINKER_CREATED))
+	  if (inputobj->flags & (DYNAMIC | EXEC_P | BFD_LINKER_CREATED))
 	    continue;
 	  s = bfd_get_section_by_name (inputobj, ".note.GNU-stack");
 	  if (s)

-- 
Kees Cook
Ubuntu Security Team

Follow-Ups:
- Re: [PATCH] fix GNU_STACK default when linking against non-DYN, non-REL
  - From: Alan Modra

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]