This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

GNU C Library master sources branch master updated. glibc-2.28.9000-271-gd524fa6


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  d524fa6c35e675eedbd8fe6cdf4db0b49c658026 (commit)
      from  ac8060265bcaca61568ef3a20b9a0140a270af54 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=d524fa6c35e675eedbd8fe6cdf4db0b49c658026

commit d524fa6c35e675eedbd8fe6cdf4db0b49c658026
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Thu Nov 8 10:06:58 2018 -0800

    Check multiple NT_GNU_PROPERTY_TYPE_0 notes [BZ #23509]
    
    Linkers group input note sections with the same name into one output
    note section with the same name.  One output note section is placed in
    one PT_NOTE segment.  Since new linkers merge input .note.gnu.property
    sections into one output .note.gnu.property section, there is only
    one NT_GNU_PROPERTY_TYPE_0 note in one PT_NOTE segment with new linkers.
    Since older linkers treat input .note.gnu.property section as a generic
    note section and just concatenate all input .note.gnu.property sections
    into one output .note.gnu.property section without merging them, we may
    see multiple NT_GNU_PROPERTY_TYPE_0 notes in one PT_NOTE segment with
    older linkers.
    
    When an older linker is used to created the program on CET-enabled OS,
    the linker output has a single .note.gnu.property section with multiple
    NT_GNU_PROPERTY_TYPE_0 notes, some of which have IBT and SHSTK enable
    bits set even if the program isn't CET enabled.  Such programs will
    crash on CET-enabled machines.  This patch updates the note parser:
    
    1. Skip note parsing if a NT_GNU_PROPERTY_TYPE_0 note has been processed.
    2. Check multiple NT_GNU_PROPERTY_TYPE_0 notes.
    
    	[BZ #23509]
    	* sysdeps/x86/dl-prop.h (_dl_process_cet_property_note): Skip
    	note parsing if a NT_GNU_PROPERTY_TYPE_0 note has been processed.
    	Update the l_cet field when processing NT_GNU_PROPERTY_TYPE_0 note.
    	Check multiple NT_GNU_PROPERTY_TYPE_0 notes.
    	* sysdeps/x86/link_map.h (l_cet): Expand to 3 bits,  Add
    	lc_unknown.

diff --git a/ChangeLog b/ChangeLog
index e11ae31..78cdbcf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2018-11-08  H.J. Lu  <hongjiu.lu@intel.com>
+
+	[BZ #23509]
+	* sysdeps/x86/dl-prop.h (_dl_process_cet_property_note): Skip
+	note parsing if a NT_GNU_PROPERTY_TYPE_0 note has been processed.
+	Update the l_cet field when processing NT_GNU_PROPERTY_TYPE_0 note.
+	Check multiple NT_GNU_PROPERTY_TYPE_0 notes.
+	* sysdeps/x86/link_map.h (l_cet): Expand to 3 bits,  Add
+	lc_unknown.
+
 2018-11-08  Alexandra Hájková  <ahajkova@redhat.com>
 
 	[BZ #17630]
diff --git a/sysdeps/x86/dl-prop.h b/sysdeps/x86/dl-prop.h
index 26c3131..9ab890d 100644
--- a/sysdeps/x86/dl-prop.h
+++ b/sysdeps/x86/dl-prop.h
@@ -49,6 +49,10 @@ _dl_process_cet_property_note (struct link_map *l,
 			      const ElfW(Addr) align)
 {
 #if CET_ENABLED
+  /* Skip if we have seen a NT_GNU_PROPERTY_TYPE_0 note before.  */
+  if (l->l_cet != lc_unknown)
+    return;
+
   /* The NT_GNU_PROPERTY_TYPE_0 note must be aliged to 4 bytes in
      32-bit objects and to 8 bytes in 64-bit objects.  Skip notes
      with incorrect alignment.  */
@@ -57,6 +61,9 @@ _dl_process_cet_property_note (struct link_map *l,
 
   const ElfW(Addr) start = (ElfW(Addr)) note;
 
+  unsigned int feature_1 = 0;
+  unsigned int last_type = 0;
+
   while ((ElfW(Addr)) (note + 1) - start < size)
     {
       /* Find the NT_GNU_PROPERTY_TYPE_0 note.  */
@@ -64,10 +71,18 @@ _dl_process_cet_property_note (struct link_map *l,
 	  && note->n_type == NT_GNU_PROPERTY_TYPE_0
 	  && memcmp (note + 1, "GNU", 4) == 0)
 	{
+	  /* Stop if we see more than one GNU property note which may
+	     be generated by the older linker.  */
+	  if (l->l_cet != lc_unknown)
+	    return;
+
+	  /* Check CET status now.  */
+	  l->l_cet = lc_none;
+
 	  /* Check for invalid property.  */
 	  if (note->n_descsz < 8
 	      || (note->n_descsz % sizeof (ElfW(Addr))) != 0)
-	    break;
+	    return;
 
 	  /* Start and end of property array.  */
 	  unsigned char *ptr = (unsigned char *) (note + 1) + 4;
@@ -78,9 +93,15 @@ _dl_process_cet_property_note (struct link_map *l,
 	      unsigned int type = *(unsigned int *) ptr;
 	      unsigned int datasz = *(unsigned int *) (ptr + 4);
 
+	      /* Property type must be in ascending order.  */
+	      if (type < last_type)
+		return;
+
 	      ptr += 8;
 	      if ((ptr + datasz) > ptr_end)
-		break;
+		return;
+
+	      last_type = type;
 
 	      if (type == GNU_PROPERTY_X86_FEATURE_1_AND)
 		{
@@ -89,14 +110,18 @@ _dl_process_cet_property_note (struct link_map *l,
 		     we stop the search regardless if its size is correct
 		     or not.  There is no point to continue if this note
 		     is ill-formed.  */
-		  if (datasz == 4)
-		    {
-		      unsigned int feature_1 = *(unsigned int *) ptr;
-		      if ((feature_1 & GNU_PROPERTY_X86_FEATURE_1_IBT))
-			l->l_cet |= lc_ibt;
-		      if ((feature_1 & GNU_PROPERTY_X86_FEATURE_1_SHSTK))
-			l->l_cet |= lc_shstk;
-		    }
+		  if (datasz != 4)
+		    return;
+
+		  feature_1 = *(unsigned int *) ptr;
+
+		  /* Keep searching for the next GNU property note
+		     generated by the older linker.  */
+		  break;
+		}
+	      else if (type > GNU_PROPERTY_X86_FEATURE_1_AND)
+		{
+		  /* Stop since property type is in ascending order.  */
 		  return;
 		}
 
@@ -112,6 +137,12 @@ _dl_process_cet_property_note (struct link_map *l,
 	      + ELF_NOTE_NEXT_OFFSET (note->n_namesz, note->n_descsz,
 				      align));
     }
+
+  /* We get here only if there is one or no GNU property note.  */
+  if ((feature_1 & GNU_PROPERTY_X86_FEATURE_1_IBT))
+    l->l_cet |= lc_ibt;
+  if ((feature_1 & GNU_PROPERTY_X86_FEATURE_1_SHSTK))
+    l->l_cet |= lc_shstk;
 #endif
 }
 
diff --git a/sysdeps/x86/link_map.h b/sysdeps/x86/link_map.h
index ef1206a..9367ed0 100644
--- a/sysdeps/x86/link_map.h
+++ b/sysdeps/x86/link_map.h
@@ -19,8 +19,9 @@
 /* If this object is enabled with CET.  */
 enum
   {
-    lc_none = 0,			 /* Not enabled with CET.  */
-    lc_ibt = 1 << 0,			 /* Enabled with IBT.  */
-    lc_shstk = 1 << 1,			 /* Enabled with STSHK.  */
+    lc_unknown = 0,			 /* Unknown CET status.  */
+    lc_none = 1 << 0,			 /* Not enabled with CET.  */
+    lc_ibt = 1 << 1,			 /* Enabled with IBT.  */
+    lc_shstk = 1 << 2,			 /* Enabled with STSHK.  */
     lc_ibt_and_shstk = lc_ibt | lc_shstk /* Enabled with both.  */
-  } l_cet:2;
+  } l_cet:3;

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog              |   10 +++++++++
 sysdeps/x86/dl-prop.h  |   51 ++++++++++++++++++++++++++++++++++++++---------
 sysdeps/x86/link_map.h |    9 ++++---
 3 files changed, 56 insertions(+), 14 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]