From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS31976 209.132.180.0/23 X-Spam-Status: No, score=-4.1 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id 169701F453 for ; Mon, 29 Apr 2019 21:36:26 +0000 (UTC) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:cc:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=GoeaoJgIXE7GwveQ FxTKOP6HlDCtTfyImQEIKAbQXEOiJ38c2H1wHglEJygij4kkz7arSFbeJ+gCX8PR myDQJQ9seYDRNfYBmIhsHb68JQdN/t4y1TlgOFe8FqrYO14HrI8lulpu0biUv0c5 kJTPpACAVCZyjDp9hztQBzcPDSo= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:cc:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; s=default; bh=0Mx1EIWg+O2S+UeFQEW9e0 OfDXw=; b=iLsf2KGrBYIhIEtONt6q08X5jL3tR1vmDbKwITN2i/47PlXDgCJFMk siCQsaY+evDuYzHAB2KrtcH3QrSvQaiF3wOLSvPuNeIiAjaX076XWCMn4nBh6+oq lvujbwVI+8kH6klQNu5kTGYKSYsoyGpDIGI82bZaSXzZKwCs47e1w= Received: (qmail 44300 invoked by alias); 29 Apr 2019 21:36:24 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Received: (qmail 44292 invoked by uid 89); 29 Apr 2019 21:36:23 -0000 Authentication-Results: sourceware.org; auth=none X-HELO: mail-qt1-f196.google.com Subject: Re: [PATCH] elf: Refuse to dlopen PIE objects [BZ #24323] To: Florian Weimer Cc: libc-alpha@sourceware.org References: <20190312130235.8E82C89CE49C@oldenburg2.str.redhat.com> <87r29kbilj.fsf@oldenburg2.str.redhat.com> From: Carlos O'Donell Message-ID: <5d7cf811-1ea3-5b5b-4e5a-f5f290655b47@redhat.com> Date: Mon, 29 Apr 2019 17:36:18 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: <87r29kbilj.fsf@oldenburg2.str.redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit On 4/29/19 5:35 PM, Florian Weimer wrote: > * Carlos O'Donell: > >>> ifeq (yes,$(build-shared)) >>> # NB: Please keep cet-built-dso in sysdeps/x86/Makefile in sync with >>> diff --git a/elf/dl-load.c b/elf/dl-load.c >>> index 2bbef81b6e..9b0c1406c9 100644 >>> --- a/elf/dl-load.c >>> +++ b/elf/dl-load.c >>> @@ -1158,6 +1158,10 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, >>> goto call_lose; >>> } >>> + /* dlopen of an executable is not valid because it is not >>> possible >>> + to perform proper relocations and run the ELF constructors. >>> + For PIE, the check needs the dynamic section, so there is >>> + another check below. */ >> >> Suggest you mention exactly which relocations are the problem. >> I assume it's COPY relocs into the main executable which can't be >> done twice, because both execs will want to reference their own >> copy. Likewise the problem with ELF constructors should be expanded >> with more details. > > I assume that static TLS is also negatively impacted. TLS variables > from the dlopen'ed PIE binary and the real main program will probably > overlap. Absolutely. They will both use constant offsets from TP and that will be directly encoded in the program code with no way to change it. -- Cheers, Carlos.