Bug 26047 - Don't allow linking ET_EXEC
Summary: Don't allow linking ET_EXEC
Status: RESOLVED FIXED
Alias: None
Product: binutils
Classification: Unclassified
Component: ld (show other bugs)
Version: 2.35
: P2 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-05-26 17:44 UTC by Fangrui Song
Modified: 2020-07-23 19:26 UTC (History)
3 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed: 2020-05-28 00:00:00
fweimer: security-


Attachments
Proposed patch (1.67 KB, patch)
2020-07-10 10:55 UTC, Nick Clifton
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Fangrui Song 2020-05-26 17:44:28 UTC
% as /dev/null -o a.o
% ld.bfd a.o -o a
ld.bfd: warning: cannot find entry symbol _start; defaulting to 0000000000401000
# a is an ET_EXEC

## GNU ld allows input ET_EXEC like an ET_REL
% ld.bfd a -o b  
ld.bfd: warning: cannot find entry symbol _start; not setting start address

## gold disallows input ET_EXEC
% gold a -o b
gold: error: a: unsupported ELF file type 2

Accepting ET_EXEC may cause problems which will be hard to diagnose.


The Linux kernel for a narrow window misused ET_EXEC as an input, which was fixed by my https://git.kernel.org/torvalds/c/90ceddcb495008ac8ba7a3dce297841efcd7d584
Comment 1 cvs-commit@gcc.gnu.org 2020-05-28 15:43:32 UTC
The master branch has been updated by Nick Clifton <nickc@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a3fc941881e4224eff3ef20ba1e784026bcc17fa

commit a3fc941881e4224eff3ef20ba1e784026bcc17fa
Author: Nick Clifton <nickc@redhat.com>
Date:   Thu May 28 16:43:01 2020 +0100

    Stop the linker from accepting executable ELF files as inputs to other links.
    
            PR 26047
            * ldelf.c (ldelf_after_open): Fail if attempting to link one
            executable into another.
Comment 2 Nick Clifton 2020-05-28 15:50:00 UTC
OK, I have applied an initial patch, although I suspect that it will need to be enhanced.  At the moment the check does not trigger if performing a relocatable link or if the --traditional-format option is used.  I suspect that both of these restrictions need to be removed.
Comment 3 cvs-commit@gcc.gnu.org 2020-05-28 16:44:03 UTC
The master branch has been updated by Nick Clifton <nickc@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a87e1817a435dab6c6c042f9306497c9f13d4236

commit a87e1817a435dab6c6c042f9306497c9f13d4236
Author: Nick Clifton <nickc@redhat.com>
Date:   Thu May 28 17:43:21 2020 +0100

    Have the linker fail if any attempt to link in an executable is made.
    
            PR 26047
            * ldelf.c (ldelf_after_open): Fail if attempting to link one
            executable into another.  Ensure that the test is made for all
            forms of linking.
Comment 4 Nick Clifton 2020-05-28 16:45:19 UTC
OK, that is better.  The test should now be performed for all kinds of linking.
Comment 5 Nick Clifton 2020-07-10 10:55:37 UTC
Created attachment 12688 [details]
Proposed patch

Hi Guys,

  It turns out that there are occasions when linking in executable files does make sense, so I am suggesting this patch as a solution.  It provides a new linker command line option: -z allowexec  which if used disables all warnings about linking in executable files.

  Comments/questions ?

Cheers
  Nick
Comment 6 Florian Weimer 2020-07-13 08:50:43 UTC
(In reply to Nick Clifton from comment #5)
>   It turns out that there are occasions when linking in executable files
> does make sense, so I am suggesting this patch as a solution.  It provides a
> new linker command line option: -z allowexec  which if used disables all
> warnings about linking in executable files.
> 
>   Comments/questions ?

Could you add some ELF test cases for linking against versioned symbols defined in the executable? In particular, it's not clear what to record as the soname in the version records.
Comment 7 cvs-commit@gcc.gnu.org 2020-07-23 19:12:49 UTC
The master branch has been updated by Maciej W. Rozycki <macro@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b5dd7120f6bcbd1fe650b8839a53b2bd423fbf60

commit b5dd7120f6bcbd1fe650b8839a53b2bd423fbf60
Author: Maciej W. Rozycki <macro@wdc.com>
Date:   Thu Jul 23 20:11:29 2020 +0100

    PR ld/26288: Revert obsolete part of PR ld/26047 fix
    
    Revert commit a3fc941881e4 ("Stop the linker from accepting executable
    ELF files as inputs to other links."), which has been made obsolete by
    commit a87e1817a435 ("Have the linker fail if any attempt to link in an
    executable is made.").  An earlier check triggers added with the latter
    commit making the piece of code removed dead.
    
            ld/
            PR ld/26288
    
            Revert:
            PR 26047
            * ldelf.c (ldelf_after_open): Fail if attempting to link one
            executable into another.
Comment 8 cvs-commit@gcc.gnu.org 2020-07-23 19:26:02 UTC
The binutils-2_35-branch branch has been updated by Maciej W. Rozycki <macro@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9b6165529df6a759d65fc786a44eb28e226b81ad

commit 9b6165529df6a759d65fc786a44eb28e226b81ad
Author: Maciej W. Rozycki <macro@wdc.com>
Date:   Thu Jul 23 20:24:58 2020 +0100

    PR ld/26288: Revert obsolete part of PR ld/26047 fix
    
    Revert commit a3fc941881e4 ("Stop the linker from accepting executable
    ELF files as inputs to other links."), which has been made obsolete by
    commit a87e1817a435 ("Have the linker fail if any attempt to link in an
    executable is made.").  An earlier check triggers added with the latter
    commit making the piece of code removed dead.
    
            ld/
            PR ld/26288
    
            Revert:
            PR 26047
            * ldelf.c (ldelf_after_open): Fail if attempting to link one
            executable into another.
    
    (cherry picked from commit b5dd7120f6bcbd1fe650b8839a53b2bd423fbf60)