This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug dynamic-link/20480] Patch: ifunc not executable, crashes sudo qemu

Adam J. Richter <adam_richter2004 at yahoo dot com> changed:

           What    |Removed                     |Added
                 CC|                            |adam_richter2004 at yahoo dot com

--- Comment #8 from Adam J. Richter <adam_richter2004 at yahoo dot com> ---
Created attachment 9471
A simple program to reproduce the problem.  It tuns out the DT_TEXTREL is also
necessary to trigger the problem (DT_TEXTREL + ifunc + setuid)

Hi, Florian.

I have finally made a reproducer C program.

The realization that I was missing is that this problem only occurs in programs
that have DT_TEXTREL set, which usually undesirable and correctable, but I
think this problem still should be addressed, as I get the impression that use
of ifunc is increasing.  In particular, I saw a posting that implied that, at
least for GNU ForTran, standard trigonometric now use ifunc (I don't know if
that is true for "-lm" in general).

Regarding Qemu, where I originally observed the problem, that was caused by it
assuming that a couple of libraries that I had installed as static were
available as shared libraries.  For now, I have restored the shared libraries,
and may later try to fix the Qemu build process, but there is nothing intrinsic
to Qemu that needs this fix.  It just happens to use ifunc is commonly invoked
through a setuid program like sudo for certain use cases.

I recommend applying the version 2 patch that I posted.  It apparently solves
this problem on systems that allow read+write+execute memory mapping, and gives
the current behavior on systems that forbid it.  Fixing the case for systems
that prohibit read-write-execute memory mappings would be bigger project.  In
the meantime, if you do end up applying my patch or some similar partial fix, I
suppose that the problem that remains (problem still happens if rwx is
phohibited) should be documented somewhere.

In case this will speed integration, I hereby release my copyright interest in
anything that I have posted to this bugzilla bug report to the public domain.

Please let me know if you have any questions or if I can be of any further

Thank you for your attention to and analysis of this bug report.

You are receiving this mail because:
You are on the CC list for the bug.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]