Update.
* sysdeps/unisx/sysv/linux/dl-execstack.c: Get protection flag from memory. * elf/dl-load.c (_dl_map_object_from_fd): Add PROT_EXEC flag to __stack_flags.
This commit is contained in:
parent
d72433621f
commit
dcca3fe25f
@ -1,5 +1,10 @@
|
||||
2004-09-18 Ulrich Drepper <drepper@redhat.com>
|
||||
|
||||
* sysdeps/unisx/sysv/linux/dl-execstack.c: Get protection flag
|
||||
from memory.
|
||||
* elf/dl-load.c (_dl_map_object_from_fd): Add PROT_EXEC flag to
|
||||
__stack_flags.
|
||||
|
||||
* sysdeps/posix/getaddrinfo.c (gaih_inet): Do not use
|
||||
gethostbyname3_r if we are not looking for the canonical name.
|
||||
|
||||
|
@ -101,6 +101,9 @@ ELF_PREFERRED_ADDRESS_DATA;
|
||||
# define ELF_FIXED_ADDRESS(loader, mapstart) ((void) 0)
|
||||
#endif
|
||||
|
||||
|
||||
extern int __stack_prot attribute_relro attribute_hidden;
|
||||
|
||||
/* Type for the buffer we put the ELF header and hopefully the program
|
||||
header. This buffer does not really have to be too large. In most
|
||||
cases the program header follows the ELF header directly. If this
|
||||
@ -1302,6 +1305,35 @@ cannot allocate TLS data structures for initial thread");
|
||||
goto call_lose;
|
||||
}
|
||||
|
||||
if (__builtin_expect ((stack_flags &~ GL(dl_stack_flags)) & PF_X, 0))
|
||||
{
|
||||
/* The stack is presently not executable, but this module
|
||||
requires that it be executable. We must change the
|
||||
protection of the variable which contains the flags used in
|
||||
the mprotect calls. */
|
||||
#ifdef HAVE_Z_RELRO
|
||||
if (mode & __RTLD_DLOPEN)
|
||||
{
|
||||
uintptr_t p = ((uintptr_t) &__stack_prot) & ~(GLRO(dl_pagesize) - 1);
|
||||
size_t s = (uintptr_t) &__stack_prot - p + sizeof (int);
|
||||
|
||||
__mprotect ((void *) p, s, PROT_READ|PROT_WRITE);
|
||||
__stack_prot |= PROT_EXEC;
|
||||
__mprotect ((void *) p, s, PROT_READ);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
__stack_prot |= PROT_EXEC;
|
||||
|
||||
errval = (*GL(dl_make_stack_executable_hook)) (stack_endp);
|
||||
if (errval)
|
||||
{
|
||||
errstring = N_("\
|
||||
cannot enable executable stack as shared object requires");
|
||||
goto call_lose;
|
||||
}
|
||||
}
|
||||
|
||||
if (l->l_info[DT_HASH])
|
||||
_dl_setup_hash (l);
|
||||
|
||||
@ -1344,19 +1376,6 @@ cannot allocate TLS data structures for initial thread");
|
||||
l->l_dev = st.st_dev;
|
||||
l->l_ino = st.st_ino;
|
||||
|
||||
if (__builtin_expect ((stack_flags &~ GL(dl_stack_flags)) & PF_X, 0))
|
||||
{
|
||||
/* The stack is presently not executable, but this module
|
||||
requires that it be executable. */
|
||||
errval = (*GL(dl_make_stack_executable_hook)) (stack_endp);
|
||||
if (errval)
|
||||
{
|
||||
errstring = N_("\
|
||||
cannot enable executable stack as shared object requires");
|
||||
goto call_lose;
|
||||
}
|
||||
}
|
||||
|
||||
/* When we profile the SONAME might be needed for something else but
|
||||
loading. Add it right away. */
|
||||
if (__builtin_expect (GLRO(dl_profile) != NULL, 0)
|
||||
|
@ -28,6 +28,14 @@
|
||||
#include "kernel-features.h"
|
||||
|
||||
|
||||
int __stack_prot attribute_hidden attribute_relro
|
||||
#if _STACK_GROWS_DOWN
|
||||
= PROT_READ|PROT_WRITE|PROT_GROWSDOWN;
|
||||
#elif _STACK_GROWS_UP
|
||||
= PROT_READ|PROT_WRITE|PROT_GROWSUP;
|
||||
#endif
|
||||
|
||||
|
||||
int
|
||||
internal_function
|
||||
_dl_make_stack_executable (void **stack_endp)
|
||||
@ -51,8 +59,7 @@ _dl_make_stack_executable (void **stack_endp)
|
||||
# endif
|
||||
{
|
||||
if (__builtin_expect (__mprotect ((void *) page, GLRO(dl_pagesize),
|
||||
PROT_READ|PROT_WRITE|PROT_EXEC
|
||||
|PROT_GROWSDOWN) == 0, 1))
|
||||
__stack_prot) == 0, 1))
|
||||
goto return_success;
|
||||
# if __ASSUME_PROT_GROWSUPDOWN == 0
|
||||
if (errno == EINVAL)
|
||||
@ -76,7 +83,7 @@ _dl_make_stack_executable (void **stack_endp)
|
||||
while (1)
|
||||
{
|
||||
if (__mprotect ((void *) page, size,
|
||||
PROT_READ|PROT_WRITE|PROT_EXEC) == 0)
|
||||
__stack_prot & ~PROT_GROWSDOWN) == 0)
|
||||
/* We got this chunk changed; loop to do another chunk below. */
|
||||
page -= size;
|
||||
else
|
||||
|
Loading…
x
Reference in New Issue
Block a user