This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: dynrelro section for read-only dynamic symbols copied into executable
- From: Alan Modra <amodra at gmail dot com>
- To: Palmer Dabbelt <palmer at dabbelt dot com>
- Cc: Andrew Waterman <andrew at sifive dot com>, binutils at sourceware dot org
- Date: Fri, 30 Dec 2016 08:54:02 +1030
- Subject: Re: dynrelro section for read-only dynamic symbols copied into executable
- Authentication-results: sourceware.org; auth=none
- References: <20161226054448.GC340@bubble.grove.modra.org> <mhng-23a80d07-ef32-4375-9614-a7deb2cefeac@palmer-mbp2014>
On Thu, Dec 29, 2016 at 10:20:06AM -0800, Palmer Dabbelt wrote:
> On Sun, 25 Dec 2016 21:44:48 PST (-0800), amodra@gmail.com wrote:
> > riscv scripts are hosed for -z relro.
>
> Andrew and I can't figure out why relro is broken on RISC-V.
You have this at the start of your scripts.
.interp : { *(.interp) }
.data : { *(.data) *(.data.*) *(.gnu.linkonce.d.*) }
.rodata : { *(.rodata) *(.rodata.*) *(.gnu.linkonce.r.*) }
So .data.rel.ro goes into .data since it matches *(.data.*). Also,
.rodata after .data is a problem. Since you don't give a page gap
between sections with differing write protection, you will make
.interp and .rodata writable. As shown below.
[snip]
> Program Headers:
> Type Offset VirtAddr PhysAddr
> FileSiz MemSiz Flags Align
> PHDR 0x0000000000000040 0x0000000000010040 0x0000000000010040
> 0x00000000000001f8 0x00000000000001f8 R E 0x8
> INTERP 0x0000000000000238 0x0000000000010238 0x0000000000010238
> 0x0000000000000014 0x0000000000000014 R 0x1
> [Requesting program interpreter: /lib64/lp64/ld.so.1]
> LOAD 0x0000000000000000 0x0000000000010000 0x0000000000010000
> 0x00000000000039b4 0x00000000000039f8 RW 0x1000
[snip]
> 02 .interp .note.ABI-tag .data .rodata .sdata .sbss .bss
Run-time permission is determined by the PT_LOAD program header flags.
The section permissions don't matter, nor does the PT_INTERP program
header flags.
--
Alan Modra
Australia Development Lab, IBM