diff options
| author | kib <kib@FreeBSD.org> | 2017-01-19 06:44:27 +0000 |
|---|---|---|
| committer | kib <kib@FreeBSD.org> | 2017-01-19 06:44:27 +0000 |
| commit | 3935ffe69adbf5923a379ddf4a61ab145a3f5af7 (patch) | |
| tree | c14456ad2944f9040a0513fb8dc46301be4eda2c /libexec/rtld-elf | |
| parent | 008ff9eee5f55c6da4d42a6c3f1201b8dc98a726 (diff) | |
| download | FreeBSD-src-3935ffe69adbf5923a379ddf4a61ab145a3f5af7.zip FreeBSD-src-3935ffe69adbf5923a379ddf4a61ab145a3f5af7.tar.gz | |
MFC r311984:
For the main binary, postpone enforcing relro read-only protection
until copy relocations are done.
Diffstat (limited to 'libexec/rtld-elf')
| -rw-r--r-- | libexec/rtld-elf/rtld.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c index 3b40d39..ecca94c 100644 --- a/libexec/rtld-elf/rtld.c +++ b/libexec/rtld-elf/rtld.c @@ -100,6 +100,7 @@ static int load_needed_objects(Obj_Entry *, int); static int load_preload_objects(void); static Obj_Entry *load_object(const char *, int fd, const Obj_Entry *, int); static void map_stacks_exec(RtldLockState *); +static int obj_enforce_relro(Obj_Entry *); static Obj_Entry *obj_from_addr(const void *); static void objlist_call_fini(Objlist *, Obj_Entry *, RtldLockState *); static void objlist_call_init(Objlist *, RtldLockState *); @@ -613,6 +614,10 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp) if (do_copy_relocations(obj_main) == -1) rtld_die(); + dbg("enforcing main obj relro"); + if (obj_enforce_relro(obj_main) == -1) + rtld_die(); + if (getenv(_LD("DUMP_REL_POST")) != NULL) { dump_relocations(obj_main); exit (0); @@ -2711,14 +2716,8 @@ relocate_object(Obj_Entry *obj, bool bind_now, Obj_Entry *rtldobj, reloc_non_plt(obj, rtldobj, flags | SYMLOOK_IFUNC, lockstate)) return (-1); - if (obj->relro_size > 0) { - if (mprotect(obj->relro_page, obj->relro_size, - PROT_READ) == -1) { - _rtld_error("%s: Cannot enforce relro protection: %s", - obj->path, rtld_strerror(errno)); - return (-1); - } - } + if (!obj->mainprog && obj_enforce_relro(obj) == -1) + return (-1); /* * Set up the magic number and version in the Obj_Entry. These @@ -5061,6 +5060,19 @@ _rtld_is_dlopened(void *arg) return (res); } +int +obj_enforce_relro(Obj_Entry *obj) +{ + + if (obj->relro_size > 0 && mprotect(obj->relro_page, obj->relro_size, + PROT_READ) == -1) { + _rtld_error("%s: Cannot enforce relro protection: %s", + obj->path, rtld_strerror(errno)); + return (-1); + } + return (0); +} + static void map_stacks_exec(RtldLockState *lockstate) { |
