From patchwork Tue Jun 11 15:27:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 1946403 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=JsGE+/Il; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VzCNx5LV7z20Py for ; Wed, 12 Jun 2024 01:33:05 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 0C590385DDC0 for ; Tue, 11 Jun 2024 15:33:04 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) by sourceware.org (Postfix) with ESMTPS id B94F7385842C for ; Tue, 11 Jun 2024 15:32:30 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org B94F7385842C Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org B94F7385842C Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::42e ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1718119952; cv=none; b=k9R2Adyu6HBU238SQCXbLvsuwylf4gJYl+0eyf/Kdjwm3vHFb3EIJTgt4QKCL7fKVnvlyv89k8SkHUsmKujfSuxCU1kUJWTKQK3iD9/5y2DKtRapT6v+AX6qlBDO6CzcZNVo2oSUaY1LCx7q+BffGCbaQyRQOkFHli+xANCePE0= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1718119952; c=relaxed/simple; bh=n+8m14Awi4VduS3zn8DKnXONG7DSvrKwleh5UEchu4Y=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=lWhRlAwPQORg3j8aBvhaXl4s9nwSuNNn70btLAVViJgHNje+k12YXL3L9vTa4gIiN00HlnKkW4d4Go/X2RORIEVgzXLP7HHtpEla/MehORG4FFlOaFknZKyC1KT7DtSV6z6rv8HHe4kzfIBJWcQjydfzXK3y41W7Uh1TFIH4Ymo= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-70109d34a16so5390734b3a.2 for ; Tue, 11 Jun 2024 08:32:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1718119949; x=1718724749; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XETpv7TqiryXGkw+uzXMpgeFjwLh0134lUqsLgystGM=; b=JsGE+/IlHhGHi/IR6YLoixjtlO00xkg1EVv5J+oArjPvB/xLaGwalfoDa56+4SYSJn DRGEwHhfqUe7iKNNE2pWVmsadBoszw9Ha+iFC68arYBxqysdR6IWtE4GpRhwdzVns1oF oqjitkfA+vfItf2c1uEZnKxYs1yY9J3JXm8ZLFuIbtr2tK/W8RdrEAfRBv/uAKQ/rZlS qFJA26M9DZPoFWpiR+Sd5JhbWIRj/0bfjuTd5i0+c/0niwaG81hvNj6vrjts7LlOS44q DF+eBxDiuHn+hcAafAQPu1LOLqTuppmyCyhYOf/6xVwox0gfVcw+GNvA+iaFMP2l9k7D VAUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718119949; x=1718724749; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XETpv7TqiryXGkw+uzXMpgeFjwLh0134lUqsLgystGM=; b=SV1wpJXmCwAFD1zIolgvZK2SHgZn8T/EElQIYLtYgAqYG7OrxjfTO2oBghWq0Aw6bo uwdk4ZPH6upE4WDjHJJkhWdORMEVIng8qfEZGiCuufiWuh6+QxB7dSEUrGpsvEZK1JfS 9uUBkkGcP7jKvDvGhtvktaY8azVeLg4ReXH6QLAWyBJ6LfemaozJsZouNlK4ni6kIulg biMHRsg+3+WckfzsBgCcaWoWA3G5iX8rohnYBCiLAIUhRbyaxxjhahIdjaIfFgY1CFTG KPpi21t7c6SCHkZlAWJzVALAsry6lpEIE3CGzVf6RBfPu5pwcUDCrlu2/0P6vps/23dN ZKXA== X-Gm-Message-State: AOJu0YykANgD/FUxGIiFF2dvt1Z8VGfFLI9GryUiRDXoUj7uR0LR802A BI4UX9/BDfkG5gLlnLxosShROybWHQ+Okh/woAV3Es0XbQeUvhR1Ep6QsBxuwtB3XdKzpX5cbPC P X-Google-Smtp-Source: AGHT+IHYScBTuAgrOz7MHa2efhaRixc6Yfk/vColesqLm1DYSXELrwzA3Xlk0sPdEAfbtwnb6ygytg== X-Received: by 2002:a05:6a00:130c:b0:702:2749:6095 with SMTP id d2e1a72fcca58-7040c619b96mr12973424b3a.6.1718119949241; Tue, 11 Jun 2024 08:32:29 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c0:c5fb:1cf6:d480:34ef:aedf]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-70422c977dasm6023811b3a.62.2024.06.11.08.32.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 08:32:28 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Stephen Roettger , jeffxu@chromium.org, Carlos O'Donell , Florian Weimer Subject: [RFC 1/5] linux: Remove __stack_prot Date: Tue, 11 Jun 2024 12:27:04 -0300 Message-ID: <20240611153220.165430-2-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240611153220.165430-1-adhemerval.zanella@linaro.org> References: <20240611153220.165430-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org The __stack_prot is used by Linux to make the stack executable if a modules requires it. It is also marked as RELRO, which requires to change the segment permission to RW to update it. Also, there is no need to keep track of the flags: either the stack will have the default permission of the ABI or should be change to PROT_READ | PROT_WRITE | PROT_EXEC. The only additional flag, PROT_GROWSDOWN or PROT_GROWSUP, is Linux only and can be deducted from _STACK_GROWS_DOWN/_STACK_GROWS_UP. Also, the check_consistency was alredy removed some time ago. Checked on x86_64-linux-gnu and i686-linux-gnu. Reviewed-by: Florian Weimer --- elf/dl-load.c | 46 +------------------------- sysdeps/unix/sysv/linux/dl-execstack.c | 25 ++++++-------- 2 files changed, 11 insertions(+), 60 deletions(-) diff --git a/elf/dl-load.c b/elf/dl-load.c index a34cb3559c..8a89b71016 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -88,16 +88,6 @@ struct filebuf #define STRING(x) __STRING (x) -int __stack_prot attribute_hidden attribute_relro -#if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN - = PROT_GROWSDOWN; -#elif _STACK_GROWS_UP && defined PROT_GROWSUP - = PROT_GROWSUP; -#else - = 0; -#endif - - /* This is the decomposed LD_LIBRARY_PATH search path. */ struct r_search_path_struct __rtld_env_path_list attribute_relro; @@ -1308,41 +1298,7 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, if (__glibc_unlikely ((stack_flags &~ GL(dl_stack_flags)) & PF_X)) { /* The stack is presently not executable, but this module - requires that it be executable. We must change the - protection of the variable which contains the flags used in - the mprotect calls. */ -#ifdef SHARED - if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN) - { - const uintptr_t p = (uintptr_t) &__stack_prot & -GLRO(dl_pagesize); - const size_t s = (uintptr_t) (&__stack_prot + 1) - p; - - struct link_map *const m = &GL(dl_rtld_map); - const uintptr_t relro_end = ((m->l_addr + m->l_relro_addr - + m->l_relro_size) - & -GLRO(dl_pagesize)); - if (__glibc_likely (p + s <= relro_end)) - { - /* The variable lies in the region protected by RELRO. */ - if (__mprotect ((void *) p, s, PROT_READ|PROT_WRITE) < 0) - { - errstring = N_("cannot change memory protections"); - goto lose_errno; - } - __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; - __mprotect ((void *) p, s, PROT_READ); - } - else - __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; - } - else -#endif - __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; - -#ifdef check_consistency - check_consistency (); -#endif - + requires that it be executable. */ #if PTHREAD_IN_LIBC errval = _dl_make_stacks_executable (stack_endp); #else diff --git a/sysdeps/unix/sysv/linux/dl-execstack.c b/sysdeps/unix/sysv/linux/dl-execstack.c index 3d8f3938da..b986898598 100644 --- a/sysdeps/unix/sysv/linux/dl-execstack.c +++ b/sysdeps/unix/sysv/linux/dl-execstack.c @@ -27,35 +27,30 @@ #include #include -extern int __stack_prot attribute_relro attribute_hidden; - static int make_main_stack_executable (void **stack_endp) { /* This gives us the highest/lowest page that needs to be changed. */ uintptr_t page = ((uintptr_t) *stack_endp & -(intptr_t) GLRO(dl_pagesize)); - int result = 0; - if (__builtin_expect (__mprotect ((void *) page, GLRO(dl_pagesize), - __stack_prot) == 0, 1)) - goto return_success; - result = errno; - goto out; + if (__mprotect ((void *) page, GLRO(dl_pagesize), + PROT_READ | PROT_WRITE | PROT_EXEC +#if _STACK_GROWS_DOWN + | PROT_GROWSDOWN +#elif _STACK_GROWS_UP + | PROT_GROWSUP +#endif + ) != 0) + return errno; - return_success: /* Clear the address. */ *stack_endp = NULL; /* Remember that we changed the permission. */ GL(dl_stack_flags) |= PF_X; - out: -#ifdef check_consistency - check_consistency (); -#endif - - return result; + return 0; } int