From patchwork Thu Aug 23 05:52:16 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Fangrui Song <maskray@google.com>
X-Patchwork-Id: 961175
Return-Path: 
 <libc-alpha-return-95459-incoming=patchwork.ozlabs.org@sourceware.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=sourceware.org
	(client-ip=209.132.180.131; helo=sourceware.org;
	envelope-from=libc-alpha-return-95459-incoming=patchwork.ozlabs.org@sourceware.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none)
	header.from=google.com
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	secure) header.d=sourceware.org header.i=@sourceware.org
	header.b="gY70H40k"; dkim=pass (2048-bit key;
	unprotected) header.d=google.com header.i=@google.com
	header.b="kH6zJ/vy"; dkim-atps=neutral
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 41wtq06Cjjz9s3C
	for <incoming@patchwork.ozlabs.org>;
	Thu, 23 Aug 2018 15:52:28 +1000 (AEST)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:mime-version
	:content-type:content-transfer-encoding; q=dns; s=default; b=MfW
	JPmAuBczxprvMm+SChwiur1RhERhrP+wi1hM9J9e3rP0RYkcpjwOnJMdk5c1K17e
	wE7OROUBXfQnx+zlnEdgAP8I3esjS+bDPqLpG+9Jy8vamQSHWLOa2Lh8jiVHWiGh
	McsvuP8Ijrb4lfjO6As2367Qr3A9fX2gU9UT1d8M=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:mime-version
	:content-type:content-transfer-encoding; s=default; bh=Ot0o3b//M
	q8OIkfvoX9IUrZ3ER0=; b=gY70H40kQeTsVLJ1NjyObIdZAxyoaG4LnzOeRYKU1
	z0f36xTJUL3JYmeI1Paj2Rs8cXOYIBwdGqS42jBv6WWQlzu4lqzDaBHUDMKf7j7r
	cDr+xFmDT9yRb4oTW+UTQK8pYx1lwUmvR5Uq+e0b1HdDGK33JsZ6lsdxTJanb9Xd
	VE=
Received: (qmail 91336 invoked by alias); 23 Aug 2018 05:52:22 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: 
 <mailto:libc-alpha-unsubscribe-incoming=patchwork.ozlabs.org@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Delivered-To: mailing list libc-alpha@sourceware.org
Received: (qmail 91320 invoked by uid 89); 23 Aug 2018 05:52:21 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-30.9 required=5.0 tests=BAYES_00, BODY_8BITS,
	ENV_AND_HDR_SPF_MATCH, GARBLED_BODY, GIT_PATCH_0, GIT_PATCH_1,
	GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_PASS,
	USER_IN_DEF_SPF_WL autolearn=ham version=3.3.2 spammy=H*r:sk:m3-v6so,
	H*MI:google, Hx-spam-relays-external:209.85.215.194,
	H*RU:209.85.215.194
X-HELO: mail-pg1-f194.google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20161025;
	h=date:from:to:subject:message-id:mime-version:content-disposition
	:content-transfer-encoding:user-agent;
	bh=NFSYdJPp84IlleXn8mnX4nabnNlFuoRA6hz9ENMoKDA=;
	b=kH6zJ/vyNCv8R4xgVfQ5RkHHZ99s5eGjnEomfv3Vwlz61ujBgouVaNqjDhuaXx24pQ
	wEXuIplD42/2PchCcYnIxwZei8wIV1vyAumDTqtgHcS4hvSN/JcSr9P5atH+ZKxQx+Kk
	qHTU80v2P6fO5v1NidY1EwBna61vlbOmfWDapX5pQSl6TF4ykMlhwrtvTqPY2MV1Lb4X
	fXG8ZTbm5g61TZIqIUxuTWIXbkebUC7IoVYObGvhfslDGd/DDmpOe9rZJm6zyofeexzW
	Tf1pvd9jMNMCprxi+MIUWYryxYxBAAigf4HwCaU9w0NiQ4LY5mLar/wUp012XcGGoHK6
	8y8w==
Date: Wed, 22 Aug 2018 22:52:16 -0700
From: Fangrui Song <maskray@google.com>
To: libc-alpha@sourceware.org
Subject: [PATCH] mprotect segments with extra PROT_WRITE bit when DT_TEXTREL
	bit is set
Message-ID: <20180823054723.wbiatxqzp775xfho@google.com>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: NeoMutt/20180223-112-0c5bf3

Currently, DT_TEXTREL is incompatible with IFUNC. When DT_TEXTREL or
DF_TEXTREL is seen, the dynamic linker calls __mprotect on the segments
with PROT_READ|PROT_WRITE before applying dynamic relocations. It leads
to segfault when performing IFUNC resolution.

This patch makes it call __mprotect with extra PROT_WRITE bit, which
will keep the PROT_EXEC bit if exists, and thus fixes the segfault.
FreeBSD rtld libexec/rtld-elf/rtld.c (reloc_textrel_prot) does the same.

2018-08-22  Fangrui Song  <maskray@google.com>

	* elf/dl-reloc.c (_dl_relocate_object): __mprotect with extra
	PROT_WRITE bit.

diff --git a/elf/dl-reloc.c b/elf/dl-reloc.c
index 053916eeae..bd7d1ae84f 100644
--- a/elf/dl-reloc.c
+++ b/elf/dl-reloc.c
@@ -199,14 +199,6 @@ _dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[],
 			- ALIGN_DOWN (ph->p_vaddr, GLRO(dl_pagesize));
 	    newp->start = PTR_ALIGN_DOWN (ph->p_vaddr, GLRO(dl_pagesize))
 			  + (caddr_t) l->l_addr;
-
-	    if (__mprotect (newp->start, newp->len, PROT_READ|PROT_WRITE) < 0)
-	      {
-		errstring = N_("cannot make segment writable for relocation");
-	      call_error:
-		_dl_signal_error (errno, l->l_name, NULL, errstring);
-	      }
-
 #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
 	    newp->prot = (PF_TO_PROT
 			  >> ((ph->p_flags & (PF_R | PF_W | PF_X)) * 4)) & 0xf;
@@ -220,6 +212,14 @@ _dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[],
 	      newp->prot |= PROT_EXEC;
 #endif
 	    newp->next = textrels;
+
+	    if (__mprotect (newp->start, newp->len, newp->prot|PROT_WRITE) < 0)
+	      {
+		errstring = N_("cannot make segment writable for relocation");
+	      call_error:
+		_dl_signal_error (errno, l->l_name, NULL, errstring);
+	      }
+
 	    textrels = newp;
 	  }
     }