On Tue, Jan 3, 2017 at 2:13 PM, Mark Kettenis <[email protected]> wrote:
> The diff below (partly by guenther@) removes ld.so's dependency on the
> __got_{start,end} symbols by looking at PT_GNU_RELRO instead. On some
> platforms (hppa and perhaps a few others) this leads to even less
> writable pages. However, we're not sure if this will work correctly
> on landisk. So if somebody with a fairly up-to-date landisk could
> give this a spin for us, it would be highly appreciated.
Looks like one change got lost in the back-and-forth...
> --- libexec/ld.so/boot.c 13 Aug 2016 20:57:04 -0000 1.14
> +++ libexec/ld.so/boot.c 2 Jan 2017 15:55:52 -0000
...
> @@ -189,4 +191,30 @@ _dl_boot_bind(const long sp, long *dl_da
> * we have been fully relocated here, so most things no longer
> * need the loff adjustment
> */
> +
> + /*
> + * No further changes to the PLT and/or GOT are needed so make
> + * them read-only.
> + */
> +
> + /* do any RWX -> RX fixups for executable PLTs and apply GNU_RELRO */
> + ehdp = (Elf_Ehdr *)loff;
> + phdp = (Elf_Phdr *)(loff + ehdp->e_phoff);
> + for (i = 0; i < dl_data[AUX_phnum]; i++, phdp++) {
I believe this line should be:
+ for (i = 0; i < ehdp->e_phnum; i++, phdp++) {
Philip Guenther
