[Bug 1412553] Re: RELRO not working on Ubuntu 14.04
Breno Leitão
1412553 at bugs.launchpad.net
Mon Apr 13 17:08:00 UTC 2015
Any idea on when this patch will be accepted in 14.04?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1412553
Title:
RELRO not working on Ubuntu 14.04
Status in binutils package in Ubuntu:
Fix Released
Status in binutils source package in Trusty:
New
Bug description:
RELRO (RELocation Read-Only) is security feature provided by the
linker and implemented in conjunction with glibc to relocations
sections that are used to resolve dynamically loaded functions read-
only.
The GLIBC side looks at the segments placement set by the linker and
if they met some criteria regarding alignment, the are mprotect to be
read-only. More specifically, on GLIBC code:
elf/dl-reloc.c:
324 void internal_function
325 _dl_protect_relro (struct link_map *l)
326 {
327 ElfW(Addr) start = ((l->l_addr + l->l_relro_addr)
328 & ~(GLRO(dl_pagesize) - 1));
329 ElfW(Addr) end = ((l->l_addr + l->l_relro_addr + l->l_relro_size)
330 & ~(GLRO(dl_pagesize) - 1));
331
332 if (start != end
333 && __mprotect ((void *) start, end - start, PROT_READ) < 0)
334 {
335 static const char errstring[] = N_("\
336 cannot apply additional memory protection after relocation");
337 _dl_signal_error (errno, l->l_name, NULL, errstring);
338 }
339 }
The problem is, if linker does not set the alignment correctly,
'start' and 'end' will be equal and thus not protected. And this is
happening on Ubuntu 14.04 due the fact its uses default binutils
elf{32,64}-ppc.c ELF_COMMONPAGESIZE to align it to 4k instead of 64k.
There is a recent patch on binutils-dev maillist [1] to change the
default for 64k and Fedora rawhide already sets it [2] in its
binutils.spec spec:
# On ppc64 and aarch64, we might use 64KiB pages
sed -i -e '/#define.*ELF_COMMONPAGESIZE/s/0x1000$/0x10000/' bfd/elf*ppc.c
sed -i -e '/#define.*ELF_COMMONPAGESIZE/s/0x1000$/0x10000/' bfd/elf*aarch64.c
Ubuntu for powerpc64le should do the same.
[1] https://sourceware.org/ml/binutils/2014-12/msg00165.html
[2] http://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/source/SRPMS/b/binutils-2.24-29.fc22.src.rpm
I tested and building a binutils with the ELF_COMMONPAGESIZE set to
64k instead of default 4k and rebuilding GLIBC I see its relocation
sections being correctly mprotected.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1412553/+subscriptions
More information about the foundations-bugs
mailing list