/
0001-Revert-elf-Refuse-to-dlopen-PIE-objects-BZ-24323.patch
150 lines (140 loc) · 5.12 KB
/
0001-Revert-elf-Refuse-to-dlopen-PIE-objects-BZ-24323.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
From aafd1ef00c51824b7cc3b11bf24317400d2289ed Mon Sep 17 00:00:00 2001
From: Matti Kosola <matti.kosola@jolla.com>
Date: Sun, 2 Feb 2020 10:57:54 +0200
Subject: [PATCH] Revert "elf: Refuse to dlopen PIE objects [BZ #24323]"
This reverts commit 2c75b545de6fe3c44138799c68217a94bc669a88.
---
elf/Makefile | 4 +---
elf/dl-load.c | 18 ++++------------
elf/tst-dlopen-pie.c | 49 --------------------------------------------
include/elf.h | 2 +-
4 files changed, 6 insertions(+), 67 deletions(-)
delete mode 100644 elf/tst-dlopen-pie.c
diff --git a/elf/Makefile b/elf/Makefile
index a3eefd1b1f..bc3e092e5a 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -312,7 +312,7 @@ test-xfail-tst-protected1b = yes
endif
ifeq (yesyes,$(have-fpie)$(build-shared))
modules-names += tst-piemod1
-tests += tst-pie1 tst-pie2 tst-dlopen-pie
+tests += tst-pie1 tst-pie2
tests-pie += tst-pie1 tst-pie2
ifeq (yes,$(have-protected-data))
tests += vismain
@@ -1086,8 +1086,6 @@ CFLAGS-tst-pie2.c += $(pie-ccflag)
$(objpfx)tst-piemod1.so: $(libsupport)
$(objpfx)tst-pie1: $(objpfx)tst-piemod1.so
-$(objpfx)tst-dlopen-pie: $(libdl)
-$(objpfx)tst-dlopen-pie.out: $(objpfx)tst-pie1
ifeq (yes,$(build-shared))
# NB: Please keep cet-built-dso in sysdeps/x86/Makefile in sync with
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 5abeb867f1..2bbef81b6e 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -1158,10 +1158,6 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd,
goto call_lose;
}
- /* dlopen of an executable is not valid because it is not possible
- to perform proper relocations, handle static TLS, or run the
- ELF constructors. For PIE, the check needs the dynamic
- section, so there is another check below. */
if (__glibc_unlikely (type != ET_DYN)
&& __glibc_unlikely ((mode & __RTLD_OPENEXEC) == 0))
{
@@ -1198,11 +1194,9 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd,
elf_get_dynamic_info (l, NULL);
/* Make sure we are not dlopen'ing an object that has the
- DF_1_NOOPEN flag set, or a PIE object. */
- if ((__glibc_unlikely (l->l_flags_1 & DF_1_NOOPEN)
- && (mode & __RTLD_DLOPEN))
- || (__glibc_unlikely (l->l_flags_1 & DF_1_PIE)
- && __glibc_unlikely ((mode & __RTLD_OPENEXEC) == 0)))
+ DF_1_NOOPEN flag set. */
+ if (__glibc_unlikely (l->l_flags_1 & DF_1_NOOPEN)
+ && (mode & __RTLD_DLOPEN))
{
/* We are not supposed to load this object. Free all resources. */
_dl_unmap_segments (l);
@@ -1213,11 +1207,7 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd,
if (l->l_phdr_allocated)
free ((void *) l->l_phdr);
- if (l->l_flags_1 & DF_1_PIE)
- errstring
- = N_("cannot dynamically load position-independent executable");
- else
- errstring = N_("shared object cannot be dlopen()ed");
+ errstring = N_("shared object cannot be dlopen()ed");
goto call_lose;
}
diff --git a/elf/tst-dlopen-pie.c b/elf/tst-dlopen-pie.c
deleted file mode 100644
index 6a41c731cb..0000000000
--- a/elf/tst-dlopen-pie.c
+++ /dev/null
@@ -1,49 +0,0 @@
-/* dlopen test for PIE objects.
- Copyright (C) 2019 Free Software Foundation, Inc.
- This file is part of the GNU C Library.
-
- The GNU C Library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
-
- The GNU C Library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with the GNU C Library; if not, see
- <http://www.gnu.org/licenses/>. */
-
-/* This test attempts to open the (otherwise unrelated) PIE test
- program elf/tst-pie1 and expects the attempt to fail. */
-
-#include <dlfcn.h>
-#include <stddef.h>
-#include <string.h>
-#include <support/check.h>
-#include <support/support.h>
-
-static void
-test_mode (int mode)
-{
- char *pie_path = xasprintf ("%s/elf/tst-pie1", support_objdir_root);
- if (dlopen (pie_path, mode) != NULL)
- FAIL_EXIT1 ("dlopen succeeded unexpectedly (%d)", mode);
- const char *message = dlerror ();
- const char *expected
- = "cannot dynamically load position-independent executable";
- if (strstr (message, expected) == NULL)
- FAIL_EXIT1 ("unexpected error message (mode %d): %s", mode, message);
-}
-
-static int
-do_test (void)
-{
- test_mode (RTLD_LAZY);
- test_mode (RTLD_NOW);
- return 0;
-}
-
-#include <support/test-driver.c>
diff --git a/include/elf.h b/include/elf.h
index 14ed67ff67..ab76aafb1e 100644
--- a/include/elf.h
+++ b/include/elf.h
@@ -23,7 +23,7 @@
# endif
# define DT_1_SUPPORTED_MASK \
(DF_1_NOW | DF_1_NODELETE | DF_1_INITFIRST | DF_1_NOOPEN \
- | DF_1_ORIGIN | DF_1_NODEFLIB | DF_1_PIE)
+ | DF_1_ORIGIN | DF_1_NODEFLIB)
#endif /* !_ISOMAC */
#endif /* elf.h */
--
2.24.1