diff mbox series

[RFC,1/5] linux: Remove __stack_prot

Message ID 20240611153220.165430-2-adhemerval.zanella@linaro.org
State Accepted
Commit 7edd3814b00c46a404cbaf316eab9db18438c3dd
Headers show
Series Add support for memory sealing | expand

Commit Message

Adhemerval Zanella Netto June 11, 2024, 3:27 p.m. UTC
The __stack_prot is used by Linux to make the stack executable if
a modules requires it.  It is also marked as RELRO, which requires
to change the segment permission to RW to update it.

Also, there is no need to keep track of the flags: either the stack
will have the default permission of the ABI or should be change to
PROT_READ | PROT_WRITE | PROT_EXEC.  The only additional flag,
PROT_GROWSDOWN or PROT_GROWSUP, is Linux only and can be deducted
from _STACK_GROWS_DOWN/_STACK_GROWS_UP.

Also, the check_consistency was alredy removed some time ago.

Checked on x86_64-linux-gnu and i686-linux-gnu.
---
 elf/dl-load.c                          | 46 +-------------------------
 sysdeps/unix/sysv/linux/dl-execstack.c | 25 ++++++--------
 2 files changed, 11 insertions(+), 60 deletions(-)

Comments

Florian Weimer June 11, 2024, 7:15 p.m. UTC | #1
* Adhemerval Zanella:

> The __stack_prot is used by Linux to make the stack executable if
> a modules requires it.  It is also marked as RELRO, which requires
> to change the segment permission to RW to update it.
>
> Also, there is no need to keep track of the flags: either the stack
> will have the default permission of the ABI or should be change to
> PROT_READ | PROT_WRITE | PROT_EXEC.  The only additional flag,
> PROT_GROWSDOWN or PROT_GROWSUP, is Linux only and can be deducted
> from _STACK_GROWS_DOWN/_STACK_GROWS_UP.
>
> Also, the check_consistency was alredy removed some time ago.

“the check_consistency [function] was”, I think.

Patch looks okay to me.

Reviewed-by: Florian Weimer <fweimer@redhat.com>

Thanks,
Florian
diff mbox series

Patch

diff --git a/elf/dl-load.c b/elf/dl-load.c
index a34cb3559c..8a89b71016 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -88,16 +88,6 @@  struct filebuf
 #define STRING(x) __STRING (x)
 
 
-int __stack_prot attribute_hidden attribute_relro
-#if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
-  = PROT_GROWSDOWN;
-#elif _STACK_GROWS_UP && defined PROT_GROWSUP
-  = PROT_GROWSUP;
-#else
-  = 0;
-#endif
-
-
 /* This is the decomposed LD_LIBRARY_PATH search path.  */
 struct r_search_path_struct __rtld_env_path_list attribute_relro;
 
@@ -1308,41 +1298,7 @@  _dl_map_object_from_fd (const char *name, const char *origname, int fd,
   if (__glibc_unlikely ((stack_flags &~ GL(dl_stack_flags)) & PF_X))
     {
       /* The stack is presently not executable, but this module
-	 requires that it be executable.  We must change the
-	 protection of the variable which contains the flags used in
-	 the mprotect calls.  */
-#ifdef SHARED
-      if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN)
-	{
-	  const uintptr_t p = (uintptr_t) &__stack_prot & -GLRO(dl_pagesize);
-	  const size_t s = (uintptr_t) (&__stack_prot + 1) - p;
-
-	  struct link_map *const m = &GL(dl_rtld_map);
-	  const uintptr_t relro_end = ((m->l_addr + m->l_relro_addr
-					+ m->l_relro_size)
-				       & -GLRO(dl_pagesize));
-	  if (__glibc_likely (p + s <= relro_end))
-	    {
-	      /* The variable lies in the region protected by RELRO.  */
-	      if (__mprotect ((void *) p, s, PROT_READ|PROT_WRITE) < 0)
-		{
-		  errstring = N_("cannot change memory protections");
-		  goto lose_errno;
-		}
-	      __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
-	      __mprotect ((void *) p, s, PROT_READ);
-	    }
-	  else
-	    __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
-	}
-      else
-#endif
-	__stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
-
-#ifdef check_consistency
-      check_consistency ();
-#endif
-
+	 requires that it be executable.  */
 #if PTHREAD_IN_LIBC
       errval = _dl_make_stacks_executable (stack_endp);
 #else
diff --git a/sysdeps/unix/sysv/linux/dl-execstack.c b/sysdeps/unix/sysv/linux/dl-execstack.c
index 3d8f3938da..b986898598 100644
--- a/sysdeps/unix/sysv/linux/dl-execstack.c
+++ b/sysdeps/unix/sysv/linux/dl-execstack.c
@@ -27,35 +27,30 @@ 
 #include <sysdep.h>
 #include <unistd.h>
 
-extern int __stack_prot attribute_relro attribute_hidden;
-
 static int
 make_main_stack_executable (void **stack_endp)
 {
   /* This gives us the highest/lowest page that needs to be changed.  */
   uintptr_t page = ((uintptr_t) *stack_endp
 		    & -(intptr_t) GLRO(dl_pagesize));
-  int result = 0;
 
-  if (__builtin_expect (__mprotect ((void *) page, GLRO(dl_pagesize),
-				    __stack_prot) == 0, 1))
-    goto return_success;
-  result = errno;
-  goto out;
+  if (__mprotect ((void *) page, GLRO(dl_pagesize),
+		  PROT_READ | PROT_WRITE | PROT_EXEC
+#if _STACK_GROWS_DOWN
+		  | PROT_GROWSDOWN
+#elif _STACK_GROWS_UP
+		  | PROT_GROWSUP
+#endif
+		  ) != 0)
+    return errno;
 
- return_success:
   /* Clear the address.  */
   *stack_endp = NULL;
 
   /* Remember that we changed the permission.  */
   GL(dl_stack_flags) |= PF_X;
 
- out:
-#ifdef check_consistency
-  check_consistency ();
-#endif
-
-  return result;
+  return 0;
 }
 
 int