[PATCH 2/4] elf: Move note processing after l_phdr is updated [BZ #26831]
Szabolcs Nagy
szabolcs.nagy@arm.com
Fri Nov 20 14:35:57 GMT 2020
The 11/03/2020 04:36, H.J. Lu wrote:
> On Tue, Nov 3, 2020 at 2:38 AM Florian Weimer <fweimer@redhat.com> wrote:
> > Is this still compatible with the CET requirements?
> >
> > I hope it is because the CET magic happens in _dl_open_check, so after
> > the the code in elf/dl-load.c has run.
>
> _dl_process_pt_note and _dl_process_pt_gnu_property may call
> _dl_signal_error. Are we prepared to clean more things up when it
> happens? I am investigating:
>
> https://sourceware.org/bugzilla/show_bug.cgi?id=26825
>
> I don't think cleanup of _dl_process_pt_gnu_property failure is done
> properly.
(removed linux devs from cc)
indeed failures are not handled right, the call tree is
dl_open_worker
_dl_map_object
_dl_map_object_from_fd
_dl_process_pt_gnu_property
record bti/cet marking
_dl_map_object_deps
catch(_dl_map_object)
... record bti/cet marking
// maping is complete
dl_open_check
handle bti/cet
_dl_relocate_object
// point of no return
activate_nodelete
catch(dl_init)
dl_main
parse phdr or _dl_map_object if ld.so mapped
... record bti/cet marking
_dl_map_object_deps
... record bti/cet marking
rtld_main_check
handle bti/cet
_dl_relocate_object
the issues:
- dl_open_check is only applied to the dlopened lib not to
its dependencies. does cet check the deps? for bti this
means protection is missed on deps, i opened bug 26926.
- _dl_map_object_from_fd has special failure handling (via
"lose") because there is local clean ups to be done (e.g.
open fd, mallocs), so _dl_process_pt_gnu_property cannot
use _dl_signal_error. however i need to do bti mmap there
while the fd is available.
my plan for bti: do mmap in _dl_process_pt_gnu_property
and record failures in the linkmap, then in dl_open_check
walk dependencies and if any of them failed then signal
the error from there. (this fixes both issues on aarch64.)
if this works out i'll resend the patches and ask linux to
add bti protection to the main exe.
More information about the Libc-alpha
mailing list