From patchwork Thu Jan 2 19:19:27 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 854748 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp7928919wrq; Thu, 2 Jan 2025 11:21:02 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXsw/9EMHbrCUzOlXvISoEjHxg9caR+XcB1Xuz3/aGW8Cio1d+7c3hQtHWJP3NZEOgv1tXKrw==@linaro.org X-Google-Smtp-Source: AGHT+IEGOjzYzVEYR1LJLbAxU/MquUdEFKcr8TdN8wQyrQx5ve8V5dJy1m7QXsquxGceKE8TJIUP X-Received: by 2002:ac8:5acc:0:b0:462:e827:c11a with SMTP id d75a77b69052e-46a4a8cb0c6mr761720981cf.19.1735845661794; Thu, 02 Jan 2025 11:21:01 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1735845661; cv=pass; d=google.com; s=arc-20240605; b=QVyX7BIMmRCKfXEbjawgZfMU3z1rVWwJT/YX+AMcBHHv3OXiDFr/3u5xf+3DELrfNl Z2ujkuGR9nrC3yTmYpxF00vOlIDHOT+QNrQWUkSPZna9+xhGJZDkkDO/XOwwphoBfPYZ yz4ihcTdV/cG/n7ycDwK9x0Ht/jnNMkSUtNBOm5q6X56dpRIySxMC8W2doBuqyj6Q7Sa KdQHv2pCS6Ie0PBAKHf+EoGT82FYtozfZ+ej08EdBiDYzv6MDvWihx52LzP4n+SuG4ou qXJPZcLIEuxotMZm0SzW0tBwFUTsARbScPxMKjUqSJcKUWi9+1cOSK4qkihkrYJSnctV CnvQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature :dkim-filter:arc-filter:dmarc-filter:delivered-to:dkim-filter; bh=dBvrtLkC+Omunsc61EBNBx311jrt/XzJOKoA6RpyRcM=; fh=JruiOR+n5wiv4jZbtXJYp9lJ8UkedxUHyGOCC37Fjus=; b=ESptzzNQQrIUzXUyzA7uXZhxftrFqh1pVTp4l3jfN6cp5K4kcQ4FzDgdbgUgyltx7K NU+D7B9TajaSOvI6rf3ePC5JeGX3cmeKWtJL6jiWzSxDzKSjqEZE3Rr5p4OPUgZxRIgE 57hzXoPWNbTjqDtDXFTqsNu2n8vlSPkBxxy6ybE/TUdtmL3cohQ0Ypw7y/C/zJRyvsxP nE4hnn/MkFFDXMOEVFrAYnH6ZS48lyLQWZqVxkyR1jzvdgfGsYLCZ5wBO6Ws5i2LADFM UvAeiSuuO2gZPEvwtm1YsmRWeHtKtWHTAzQrpGkeob/zERLtiNZxmbSqpE6hIQCc/Dcx ocHQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=TMg6T+eh; arc=pass (i=1); spf=pass (google.com: domain of binutils-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="binutils-bounces~patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id d75a77b69052e-46a3eb9875bsi177378701cf.245.2025.01.02.11.21.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 Jan 2025 11:21:01 -0800 (PST) Received-SPF: pass (google.com: domain of binutils-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=TMg6T+eh; arc=pass (i=1); spf=pass (google.com: domain of binutils-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="binutils-bounces~patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 5A7393858D39 for ; Thu, 2 Jan 2025 19:21:01 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 5A7393858D39 Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=TMg6T+eh X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) by sourceware.org (Postfix) with ESMTPS id AA8803858D38 for ; Thu, 2 Jan 2025 19:20:12 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org AA8803858D38 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org AA8803858D38 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::62c ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1735845612; cv=none; b=puSP94VvJupnbyQkTHnC0zrHYrkQ8SLCTr67AzK/noAC3bTZeRB0QzZDppRf2N0njzLjw/aCE5sRHo/2NhSGDg8givqJw3sfzVlZ2FaarMTPesAjccnjvTlsvsy+qn9futgMxSKTYz0vwKypnSgth9uQG6ONiRyDBZL5dwQkr+s= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1735845612; c=relaxed/simple; bh=txdbwGzF4vnjDFbGlbvsfML7J+UG21KBY/KRg6+vFQw=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=Tkr/U5KPIuYA9KaqIfxbNcW7SR6pWk6wKsBaFKBpm7VaVAElphYcyjvXRzdqAPUsj6e6Ci6uBEFli3OKgwonDcZa2OGe9GMBYrHzNjz5JmizC1rhfsOhbHO/d0Nb/OPE1ww/mnnW8qxe5QN8uAGg9ARj4+yqKEWFLgQ6nsmpXcU= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org AA8803858D38 Received: by mail-pl1-x62c.google.com with SMTP id d9443c01a7336-215770613dbso117994635ad.2 for ; Thu, 02 Jan 2025 11:20:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735845611; x=1736450411; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=dBvrtLkC+Omunsc61EBNBx311jrt/XzJOKoA6RpyRcM=; b=TMg6T+eheT45ULCMFAkzf4gT0Wa9PRkPI665H2ts2V9lSXdOfJrYX0204EY90lr0OS TNWj3lmeP+kgyN5BjtrXJLCYrD1/D7NNjG/F3XNlh+/NFV+2Yv8wdgXc+EdRhKSAImsa yA+dnAG0Hjyt7j++A4Wyerrkc+Qi4wcRsbqy9LeMoc+NhppXmLEFwWijDE8wFiU7RJQ8 CRUVwDSlYCLoGREJ8rgE/Dc9QzASD+R1yRDZEymKh3qj1LPe3dgIojtPfbfV8ZR8yPR2 36SZTaDMUZdaqHO3RP3gqGxkun6dLE4qo7aLlLuJv5T/Vc4YW1pjgbDRI4jzF8LP9pzk 1meg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735845611; x=1736450411; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=dBvrtLkC+Omunsc61EBNBx311jrt/XzJOKoA6RpyRcM=; b=kiiiyyllwOO6md8wU3JykD3Ugg3AV5qnv0klnUO2Yp+Ukx3wLq0M380ld2s8qplWwQ njynwAG51cQylVt0vvHwuqRsxUyClN57uq0nn2qB1ErxQ+o7lsYTERbCHPVb4zed2uoU ih7MMyOpjxW089yLe2tvVPzjUMl5xJklWNDr9qip62dNGwMHN5Lv85hsDwmzWnELSGOj L2tVVAXWYdWspLuJfO9fHEaqhcmmOCWNNOdH7FmPswLY7dbeQLZjo339Ypmsd8JOTJat xmERRA2eWpJYRp2pUFEBqI8Zr5DflcrZpian1pw0O4zs2ncVzPhpeM+hCjGQV6cJuOW3 xaNw== X-Gm-Message-State: AOJu0YzEnhmQWmiUUI9XbgjU+zd22A0BRol9dAlb0jaTUucgNvAX3d8m 1SnvD6eC18qs3kOxMcrX4krpvlPQ3HdpeDEZbRXftZYRzMDH8McoAsha/rXZB4LjSuW7M5Fr13t 8 X-Gm-Gg: ASbGnctQt26PHeH7JoMTcJ5dzcd1c2Ko9mYo3Fcyzw0nUeq3Cg28jy9qyBjgiNF/SAM cLmFgXh0U2jlz4uW1kbuqMPwtKR+sYq/x/If5YvMMWIhvBycNZtcpT3fHfehzsHTJ8QmAnnrxl7 4EbyV9dj57Jx2PxnbWhAbSa3t3so24Jh5+cu+8xGFHhoeOMhficHOWicsRlnq6W2ZEXRAgyPWEi hQ8IU4f9L9wQF9iHW9OOuB/F9Gz54CLRJYuWS9FQd63gpGU3O05urnzTDi7/LTKL6seL8Z7b0Xe 2YFOpdXXq6mgMSO8ocy2XZBIhVfO X-Received: by 2002:a05:6a21:3989:b0:1db:e3a2:ea47 with SMTP id adf61e73a8af0-1e5e0461d58mr76358977637.14.1735845611193; Thu, 02 Jan 2025 11:20:11 -0800 (PST) Received: from ubuntu-vm.. (201-92-186-201.dsl.telesp.net.br. [201.92.186.201]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-842b85efb58sm22604630a12.34.2025.01.02.11.20.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 Jan 2025 11:20:10 -0800 (PST) From: Adhemerval Zanella To: binutils@sourceware.org Cc: Jeff Xu , "H . J . Lu" Subject: [PATCH v5 0/3] elf: Add GNU_PROPERTY_MEMORY_SEAL gnu property Date: Thu, 2 Jan 2025 16:19:27 -0300 Message-ID: <20250102192006.1318325-1-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: binutils-bounces~patch=linaro.org@sourceware.org The new GNU property is a way to mark binaries to be memory-sealed by the loader, to avoid further changes of PT_LOAD segments (such as unmapping or changing permission flags). This is done along with Linux (the mseal syscall [1]), and C runtime supports to instruct the kernel on the correct time to seal the mapping during program startup (for instance, after RELRO setup). The support for the new property is already in Linux-ABI [1], and there is a PoC support for glibc [3]. The first patch adds the -Wl,memory-seal and -Wl,nomemory-seal optionsi to ld.bfd. The GNU_PROPERTY_MEMORY_SEAL property is added only for ET_EXEC or ET_DYN objects. The second patch adds similar support for ld.gold. The third patch adds the ld --enable-memory-seal configure option to enable the memory sealing as default. [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8be7258aad44b5e25977a98db136f677fa6f4370 [2] https://gitlab.com/x86-psABIs/Linux-ABI/-/commit/25a851b99665e7b22db5fabe818efaaa52466893 [3] https://sourceware.org/pipermail/libc-alpha/2024-September/160291.html Changes v4->v5: * Rebase against master * Add a note of Linux-ABI inclusion * Rebase against master * Address comments from last version Changes v2->v3: * Do not add or merge the GNU_PROPERTY_MEMORY_SEAL property if present on ET_REL. * Extend testing. Changes v1->v2: * Make the security hardening opt-in instead of opt-out. * Add gold support. Adhemerval Zanella (3): elf: Add GNU_PROPERTY_MEMORY_SEAL gnu property gold: Add GNU_PROPERTY_MEMORY_SEAL gnu property ld: Add --enable-memory-seal configure option Adhemerval Zanella (3): elf: Add GNU_PROPERTY_MEMORY_SEAL gnu property gold: Add GNU_PROPERTY_MEMORY_SEAL gnu property ld: Add --enable-memory-seal configure option bfd/elf-properties.c | 85 +++++++++++++++++----- bfd/elfxx-x86.c | 3 +- binutils/readelf.c | 6 ++ binutils/testsuite/lib/binutils-common.exp | 22 ++++++ elfcpp/elfcpp.h | 1 + gold/NEWS | 3 + gold/layout.cc | 4 + gold/options.h | 3 + gold/testsuite/Makefile.am | 19 +++++ gold/testsuite/Makefile.in | 26 ++++++- gold/testsuite/memory_seal_main.c | 5 ++ gold/testsuite/memory_seal_shared.c | 7 ++ gold/testsuite/memory_seal_test.sh | 45 ++++++++++++ include/bfdlink.h | 3 + include/elf/common.h | 1 + ld/NEWS | 4 + ld/config.in | 3 + ld/configure | 38 ++++++++-- ld/configure.ac | 17 +++++ ld/emultempl/elf.em | 5 ++ ld/ld.texi | 8 ++ ld/lexsup.c | 11 +++ ld/testsuite/config/default.exp | 8 ++ ld/testsuite/ld-elf/property-seal-1.d | 16 ++++ ld/testsuite/ld-elf/property-seal-1.s | 11 +++ ld/testsuite/ld-elf/property-seal-2.d | 17 +++++ ld/testsuite/ld-elf/property-seal-3.d | 16 ++++ ld/testsuite/ld-elf/property-seal-4.d | 16 ++++ ld/testsuite/ld-elf/property-seal-5.d | 15 ++++ ld/testsuite/ld-elf/property-seal-6.d | 16 ++++ ld/testsuite/ld-elf/property-seal-7.d | 14 ++++ ld/testsuite/ld-elf/property-seal-8.d | 15 ++++ ld/testsuite/ld-srec/srec.exp | 4 + ld/testsuite/lib/ld-lib.exp | 6 ++ 34 files changed, 445 insertions(+), 28 deletions(-) create mode 100644 gold/testsuite/memory_seal_main.c create mode 100644 gold/testsuite/memory_seal_shared.c create mode 100755 gold/testsuite/memory_seal_test.sh create mode 100644 ld/testsuite/ld-elf/property-seal-1.d create mode 100644 ld/testsuite/ld-elf/property-seal-1.s create mode 100644 ld/testsuite/ld-elf/property-seal-2.d create mode 100644 ld/testsuite/ld-elf/property-seal-3.d create mode 100644 ld/testsuite/ld-elf/property-seal-4.d create mode 100644 ld/testsuite/ld-elf/property-seal-5.d create mode 100644 ld/testsuite/ld-elf/property-seal-6.d create mode 100644 ld/testsuite/ld-elf/property-seal-7.d create mode 100644 ld/testsuite/ld-elf/property-seal-8.d