svn commit: r312401 - stable/11/libexec/rtld-elf

Wed, 18 Jan 2017 22:45:07 -0800 

Author: kib
Date: Thu Jan 19 06:44:27 2017
New Revision: 312401
URL: https://svnweb.freebsd.org/changeset/base/312401

Log:
  MFC r311984:
  For the main binary, postpone enforcing relro read-only protection
  until copy relocations are done.

Modified:
  stable/11/libexec/rtld-elf/rtld.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/libexec/rtld-elf/rtld.c
==============================================================================
--- stable/11/libexec/rtld-elf/rtld.c   Wed Jan 18 23:26:10 2017        
(r312400)
+++ stable/11/libexec/rtld-elf/rtld.c   Thu Jan 19 06:44:27 2017        
(r312401)
@@ -100,6 +100,7 @@ static int load_needed_objects(Obj_Entry
 static int load_preload_objects(void);
 static Obj_Entry *load_object(const char *, int fd, const Obj_Entry *, int);
 static void map_stacks_exec(RtldLockState *);
+static int obj_enforce_relro(Obj_Entry *);
 static Obj_Entry *obj_from_addr(const void *);
 static void objlist_call_fini(Objlist *, Obj_Entry *, RtldLockState *);
 static void objlist_call_init(Objlist *, RtldLockState *);
@@ -613,6 +614,10 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_
     if (do_copy_relocations(obj_main) == -1)
        rtld_die();
 
+    dbg("enforcing main obj relro");
+    if (obj_enforce_relro(obj_main) == -1)
+       rtld_die();
+
     if (getenv(_LD("DUMP_REL_POST")) != NULL) {
        dump_relocations(obj_main);
        exit (0);
@@ -2711,14 +2716,8 @@ relocate_object(Obj_Entry *obj, bool bin
            reloc_non_plt(obj, rtldobj, flags | SYMLOOK_IFUNC, lockstate))
                return (-1);
 
-       if (obj->relro_size > 0) {
-               if (mprotect(obj->relro_page, obj->relro_size,
-                   PROT_READ) == -1) {
-                       _rtld_error("%s: Cannot enforce relro protection: %s",
-                           obj->path, rtld_strerror(errno));
-                       return (-1);
-               }
-       }
+       if (!obj->mainprog && obj_enforce_relro(obj) == -1)
+               return (-1);
 
        /*
         * Set up the magic number and version in the Obj_Entry.  These
@@ -5061,6 +5060,19 @@ _rtld_is_dlopened(void *arg)
        return (res);
 }
 
+int
+obj_enforce_relro(Obj_Entry *obj)
+{
+
+       if (obj->relro_size > 0 && mprotect(obj->relro_page, obj->relro_size,
+           PROT_READ) == -1) {
+               _rtld_error("%s: Cannot enforce relro protection: %s",
+                   obj->path, rtld_strerror(errno));
+               return (-1);
+       }
+       return (0);
+}
+
 static void
 map_stacks_exec(RtldLockState *lockstate)
 {
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to