On Mon, 2018-01-29 at 11:43 +0200, Nadav Har'El wrote:
>
> Hmm, I don't know, I wasn't aware anything like that changed.
> We usually change parts of the object marked by PT_GNU_RELRO to read-
> only in object::fix_permissions(), I'm guessing (but didn't check)
> this what caused the read-only page you're seeing.
I'll take a look.
> The compiler usually does NOT mark the .GOT.PLT section - for
> function lookup - as RELRO, because this needs to be modified after
> startup, every time a function is used for the first time;
Maybe I'm not following. The GNU_RELO sections look the same between
the 2 versions of erlexec. First one (-ubuntu17.10) fails, second one
is fine:
rickp@mo:~$ readelf --headers /usr/local/packages/OTP-20.0.5-OSv-
ubuntu17.10/erts-9.0.5/bin/erlexec | grep -2 RELRO
GNU_STACK 0x0000000000000000 0x0000000000000000
0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 0x10
GNU_RELRO 0x000000000000ebe8 0x000000000020ebe8
0x000000000020ebe8
0x0000000000000418 0x0000000000000418 R 0x1
rickp@mo:~$ readelf --headers /usr/local/packages/OTP-20.0.5-OSv/erts-
9.0.5/bin/erlexec | grep -2 RELRO
GNU_STACK 0x0000000000000000 0x0000000000000000
0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 0x10
GNU_RELRO 0x000000000000ec08 0x000000000020ec08
0x000000000020ec08
0x00000000000003f8 0x00000000000003f8 R 0x1
> Only when "-z now" is used during linking (DT_BIND_NOW object flag)
> do we do all the function lookups on startup (see
> object::relocate_pltgot()) and then, it's ok that the .GOT.PLT is
> also marked RELRO and made read-only.
>
> I'm *guessing* (with no evidence) that one of the following happened:
> 1. Your compiler defaults to "full relro" (-Wl,-z,now -Wl,-z,relro)
> but for some reason object::relocate_pltgot() doesn't recognize the
> bind_now.
So there is definitely a difference in the binaries. In the one that
fails, getenv is defined like this, in the .rela.plt section:
00000020ee30 000100000007 R_X86_64_JUMP_SLO 0000000000000000 getenv@GL
IBC_2.2.5 + 0
But in the one that works, its like this, .rela.dyn section:
00000020ee28 000100000006 R_X86_64_GLOB_DAT 0000000000000000 getenv@GL
IBC_2.2.5 + 0
I see LDFLAGS being set to '-pie' so I don't really understand why the
first one is a jump slot, vs what I'd expect (GLOB_DAT).
> 2. Somehow the loop in object::relocate_pltgot() missed some of the
> functions - like getenv()
I think its suspicious that getenv() is the first thing to be fixed up,
so I suspect its more fundamental.
> 3. Something in the new compiler changed the meaning of PT_GNU_RELRO
> or added other flags which confused object::fix_permissions() and
> caused it to make a page read-only when it shouldn't have.
Ok. I think I need to do some more reading on elf...
Rick
--
You received this message because you are subscribed to the Google Groups "OSv
Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to osv-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
