Re: [PATCH v2 1/6] aarch64: Fix missing BTI protection from dependencies [BZ #26926]
The 12/10/2020 14:51, Adhemerval Zanella wrote:
> On 27/11/2020 10:19, Szabolcs Nagy via Libc-alpha wrote:
> > The _dl_open_check and _rtld_main_check hooks are not called on the
> > dependencies of a loaded module, so BTI protection was missed on
> > every module other than the main executable and directly dlopened
> > libraries.
> >
> > The fix just iterates over dependencies to enable BTI.
> >
> > Fixes bug 26926.
>
> LGTM, modulus the argument name change.
>
> I also think it would be better to add a testcase, for both DT_NEEDED
> and dlopen case.
thanks, i committed this with fixed argument name as attached.
i plan to do tests later once i understand the BTI semantics
(right now it's not clear if in the presence of some W^X
policy BTI may be silently ignored or not).
>From 72739c79f61989a76b7dd719f34fcfb7b8eadde9 Mon Sep 17 00:00:00 2001
From: Szabolcs Nagy
Date: Fri, 20 Nov 2020 15:27:06 +
Subject: [PATCH] aarch64: Fix missing BTI protection from dependencies [BZ #26926]
The _dl_open_check and _rtld_main_check hooks are not called on the
dependencies of a loaded module, so BTI protection was missed on
every module other than the main executable and directly dlopened
libraries.
The fix just iterates over dependencies to enable BTI.
Fixes bug 26926.
---
sysdeps/aarch64/dl-bti.c | 17 +++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff --git a/sysdeps/aarch64/dl-bti.c b/sysdeps/aarch64/dl-bti.c
index 196e462520..56c097210a 100644
--- a/sysdeps/aarch64/dl-bti.c
+++ b/sysdeps/aarch64/dl-bti.c
@@ -51,11 +51,24 @@ enable_bti (struct link_map *map, const char *program)
return 0;
}
-/* Enable BTI for L if required. */
+/* Enable BTI for L and its dependencies. */
void
_dl_bti_check (struct link_map *l, const char *program)
{
- if (GLRO(dl_aarch64_cpu_features).bti && l->l_mach.bti)
+ if (!GLRO(dl_aarch64_cpu_features).bti)
+return;
+
+ if (l->l_mach.bti)
enable_bti (l, program);
+
+ unsigned int i = l->l_searchlist.r_nlist;
+ while (i-- > 0)
+{
+ struct link_map *dep = l->l_initfini[i];
+ if (dep->l_init_called)
+ continue;
+ if (dep->l_mach.bti)
+ enable_bti (dep, program);
+}
}
--
2.17.1
Re: [PATCH v2 1/6] aarch64: Fix missing BTI protection from dependencies [BZ #26926]
On 27/11/2020 10:19, Szabolcs Nagy via Libc-alpha wrote:
> The _dl_open_check and _rtld_main_check hooks are not called on the
> dependencies of a loaded module, so BTI protection was missed on
> every module other than the main executable and directly dlopened
> libraries.
>
> The fix just iterates over dependencies to enable BTI.
>
> Fixes bug 26926.
LGTM, modulus the argument name change.
I also think it would be better to add a testcase, for both DT_NEEDED
and dlopen case.
> ---
> sysdeps/aarch64/dl-bti.c | 21 +
> 1 file changed, 17 insertions(+), 4 deletions(-)
>
> diff --git a/sysdeps/aarch64/dl-bti.c b/sysdeps/aarch64/dl-bti.c
> index 196e462520..8f4728adce 100644
> --- a/sysdeps/aarch64/dl-bti.c
> +++ b/sysdeps/aarch64/dl-bti.c
> @@ -51,11 +51,24 @@ enable_bti (struct link_map *map, const char *program)
>return 0;
> }
>
> -/* Enable BTI for L if required. */
> +/* Enable BTI for MAP and its dependencies. */
>
> void
> -_dl_bti_check (struct link_map *l, const char *program)
> +_dl_bti_check (struct link_map *map, const char *program)
I don't see much gain changing the argument name.
> {
> - if (GLRO(dl_aarch64_cpu_features).bti && l->l_mach.bti)
> -enable_bti (l, program);
> + if (!GLRO(dl_aarch64_cpu_features).bti)
> +return;
> +
> + if (map->l_mach.bti)
> +enable_bti (map, program);
> +
> + unsigned int i = map->l_searchlist.r_nlist;
> + while (i-- > 0)
> +{
> + struct link_map *l = map->l_initfini[i];
> + if (l->l_init_called)
> + continue;
> + if (l->l_mach.bti)
> + enable_bti (l, program);
> +}
> }
>
Ok.
[PATCH v2 1/6] aarch64: Fix missing BTI protection from dependencies [BZ #26926]
The _dl_open_check and _rtld_main_check hooks are not called on the
dependencies of a loaded module, so BTI protection was missed on
every module other than the main executable and directly dlopened
libraries.
The fix just iterates over dependencies to enable BTI.
Fixes bug 26926.
---
sysdeps/aarch64/dl-bti.c | 21 +
1 file changed, 17 insertions(+), 4 deletions(-)
diff --git a/sysdeps/aarch64/dl-bti.c b/sysdeps/aarch64/dl-bti.c
index 196e462520..8f4728adce 100644
--- a/sysdeps/aarch64/dl-bti.c
+++ b/sysdeps/aarch64/dl-bti.c
@@ -51,11 +51,24 @@ enable_bti (struct link_map *map, const char *program)
return 0;
}
-/* Enable BTI for L if required. */
+/* Enable BTI for MAP and its dependencies. */
void
-_dl_bti_check (struct link_map *l, const char *program)
+_dl_bti_check (struct link_map *map, const char *program)
{
- if (GLRO(dl_aarch64_cpu_features).bti && l->l_mach.bti)
-enable_bti (l, program);
+ if (!GLRO(dl_aarch64_cpu_features).bti)
+return;
+
+ if (map->l_mach.bti)
+enable_bti (map, program);
+
+ unsigned int i = map->l_searchlist.r_nlist;
+ while (i-- > 0)
+{
+ struct link_map *l = map->l_initfini[i];
+ if (l->l_init_called)
+ continue;
+ if (l->l_mach.bti)
+ enable_bti (l, program);
+}
}
--
2.17.1
