[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RFC: Audit external function called indirectly via GOT
On Thu, Mar 22, 2018 at 05:39:18AM -0700, H.J. Lu wrote:
> On Thu, Mar 22, 2018 at 5:29 AM, Alan Modra <firstname.lastname@example.org> wrote:
> > On Wed, Mar 21, 2018 at 10:15:26PM -0700, Cary Coutant wrote:
> >> If you get rid of the GOT entry, and have the point of call jump
> >> indirectly through the PLTGOT entry, which is initialized to point to
> >> part (b) of the PLT entry, everything should work the same as without
> >> -fno-plt. Essentially, all -fno-plt would do is inline part (a) of the
> >> PLT entry.
> >> -cary
> >> * I'm using parts (a) and (b) to refer to the two parts of a PLT
> >> entry: (a) an indirect jump via the PLTGOT entry, and (b) code that
> >> jumps to the lazy binding routine, passing the JUMP_SLOT index.
> > Yes, that essentially is what I've done for -fno-plt on powerpc.
> > The call stub code is inlined while the rest of the PLT is more or
> > less unchanged. So you get all of the usual lazy-binding features
> > by default, and can use "-z now -z relro" if you want a read-only
> > PLT.
> On x86, PLT is always read-only. The issue is the writable PLTGOT.
Yes, I do know how the x86 PLT works. (Or to be more honest, how it
used to work..) To be clear, I was using PLT to refer to the whole
scheme, ie. the code to do an indirect jump (x86 .plt), plus a table
of addresses (x86 .plt.got), plus code for lazy binding (x86 .plt
again). Like x86 the powerpc PLT code to do indirect jumps and lazy
binding is read-only nowadays. -fno-plt on powerpc inlines the code
to do the indirect jump, but leaves the table of addresses and the
lazy binding code functionally unchanged.
> On x86, -fno-plt removes the writable PLTGOT.
I think that may have been a mistake. You could have kept .plt.got
functionally unchanged, giving you a writable .plt.got by default with
-fno-plt, and read-only when "-z now -z relro". Just like the usual
Australia Development Lab, IBM