This is the mail archive of the
mailing list for the binutils project.
Re: secureplt breaks ld on Alpha Linux
- From: Mikulas Patocka <mpatocka at redhat dot com>
- To: Richard Henderson <rth at twiddle dot net>
- Cc: binutils at sourceware dot org, bug-binutils at gnu dot org
- Date: Mon, 1 Sep 2014 19:53:24 -0400 (EDT)
- Subject: Re: secureplt breaks ld on Alpha Linux
- Authentication-results: sourceware.org; auth=none
- References: <alpine dot LRH dot 2 dot 02 dot 1408291448090 dot 3870 at file01 dot intranet dot prod dot int dot rdu2 dot redhat dot com> <54010C55 dot 6070605 at twiddle dot net> <alpine dot LRH dot 2 dot 02 dot 1408300926070 dot 12458 at file01 dot intranet dot prod dot int dot rdu2 dot redhat dot com> <5403EEDF dot 90900 at twiddle dot net> <alpine dot LRH dot 2 dot 02 dot 1409011105270 dot 3613 at file01 dot intranet dot prod dot int dot rdu2 dot redhat dot com> <5404B420 dot 6070809 at twiddle dot net>
On Mon, 1 Sep 2014, Richard Henderson wrote:
> On 09/01/2014 08:09 AM, Mikulas Patocka wrote:
> > So, what exactly should be done? Can we hack ld so that if filename is
> > "libots.so", lazy binding for symbols in this library is turned off
> > automatically?
> Not hack ld.so.
> Modify the libots.so binary such that _OtsZero is STT_NOTYPE. The linker will
> not create a plt entry unless the symbol is STT_FUNC.
> I see that most of the _Ots symbols are already NOTYPE. I wonder if this is
> intentional and _OtsZero just got forgotten, or if it's a happy oversight in
> that they forgot to annotate them entirely.
It is legally questionable if we can redistribute the modified library.
Even if I could distribute it, where would I upload it so that other
people will find it? Obviously I can't upload it to ftp.compaq.com where
the compiler is located.
So, I think a better solution would be to change ld so that it would
recognize "libots.so" filename and act as if symbols in this file were
defined with STT_NOTYPE attribute.
Or, turn off that "secure plt" feature at all if "libots.so" is used -
Alpha is so rare that I doubt anybody will put any effort into writing
exploits for Alpha.