diff options
| author |   drahn <drahn@openbsd.org> | 2003-02-15 22:43:06 +0000 |
|---|---|---|
| committer | drahn <drahn@openbsd.org> | 2003-02-15 22:43:06 +0000 |
| commit | 1d1aa375f8cc6b83128ebef9655c22c4a4f19d8d (patch) | |
| tree | 90aac1828b6a7b2da5b31c3641aa551a9793cf50 | |
| parent | Paranoia about mprotect, mprotect page aligned regions for got and plt. (diff) | |
| download | wireguard-openbsd-1d1aa375f8cc6b83128ebef9655c22c4a4f19d8d.tar.xz wireguard-openbsd-1d1aa375f8cc6b83128ebef9655c22c4a4f19d8d.zip | |
After relocation is completed, remove write protection from GOT/PLT in ld.so.
| -rw-r--r-- | libexec/ld.so/alpha/archdep.h | 4 | ||||
| -rw-r--r-- | libexec/ld.so/i386/archdep.h | 4 | ||||
| -rw-r--r-- | libexec/ld.so/loader.c | 29 | ||||
| -rw-r--r-- | libexec/ld.so/mips/archdep.h | 4 | ||||
| -rw-r--r-- | libexec/ld.so/powerpc/archdep.h | 4 | ||||
| -rw-r--r-- | libexec/ld.so/sparc/archdep.h | 3 | ||||
| -rw-r--r-- | libexec/ld.so/sparc64/archdep.h | 4 |
7 files changed, 45 insertions, 7 deletions
diff --git a/libexec/ld.so/alpha/archdep.h b/libexec/ld.so/alpha/archdep.h index 144378a1f5b..8a732f209e5 100644 --- a/libexec/ld.so/alpha/archdep.h +++ b/libexec/ld.so/alpha/archdep.h @@ -1,4 +1,4 @@ -/* $OpenBSD: archdep.h,v 1.8 2002/10/25 10:39:52 pefo Exp $ */ +/* $OpenBSD: archdep.h,v 1.9 2003/02/15 22:43:06 drahn Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -78,4 +78,6 @@ RELOC_RELA(Elf64_Rela *r, const Elf64_Sym *s, Elf64_Addr *p, unsigned long v) #define RELOC_GOT(obj, offs) +#define GOT_PERMS PROT_READ + #endif /* _ALPHA_ARCHDEP_H_ */ diff --git a/libexec/ld.so/i386/archdep.h b/libexec/ld.so/i386/archdep.h index f62afbcde9c..fc9a8918de1 100644 --- a/libexec/ld.so/i386/archdep.h +++ b/libexec/ld.so/i386/archdep.h @@ -1,4 +1,4 @@ -/* $OpenBSD: archdep.h,v 1.2 2002/10/25 10:39:52 pefo Exp $ */ +/* $OpenBSD: archdep.h,v 1.3 2003/02/15 22:43:06 drahn Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -87,4 +87,6 @@ RELOC_RELA(Elf32_Rela *r, const Elf32_Sym *s, Elf32_Addr *p, unsigned long v) #define RELOC_GOT(obj, offs) +#define GOT_PERMS PROT_READ + #endif /* _I386_ARCHDEP_H_ */ diff --git a/libexec/ld.so/loader.c b/libexec/ld.so/loader.c index 7be6c73e70d..04587cb007f 100644 --- a/libexec/ld.so/loader.c +++ b/libexec/ld.so/loader.c @@ -1,4 +1,4 @@ -/* $OpenBSD: loader.c,v 1.54 2003/02/02 16:57:58 deraadt Exp $ */ +/* $OpenBSD: loader.c,v 1.55 2003/02/15 22:43:06 drahn Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -173,6 +173,33 @@ _dl_boot(const char **argv, char **envp, const long loff, long *dl_data) else _dl_pagesz = 4096; + /* + * now that GOT and PLT has been relocated, and we know page size + * protect it from modification + */ + { + extern char *__got_start; + extern char *__got_end; +#ifndef __i386__ + extern char *__plt_start; + extern char *__plt_end; +#endif + + _dl_mprotect((void *)ELF_TRUNC((long)&__got_start, _dl_pagesz), + ELF_ROUND((long)&__got_end,_dl_pagesz) - + ELF_TRUNC((long)&__got_start, _dl_pagesz), + GOT_PERMS); + +#ifndef __i386__ + /* only for DATA_PLT or BSS_PLT */ + _dl_mprotect((void *)ELF_TRUNC((long)&__plt_start, _dl_pagesz), + ELF_ROUND((long)&__plt_end,_dl_pagesz) - + ELF_TRUNC((long)&__plt_start, _dl_pagesz), + PROT_READ|PROT_EXEC); +#endif + } + + DL_DEB(("rtld loading: '%s'\n", _dl_progname)); exe_obj = NULL; diff --git a/libexec/ld.so/mips/archdep.h b/libexec/ld.so/mips/archdep.h index 929325909b7..36dc6856835 100644 --- a/libexec/ld.so/mips/archdep.h +++ b/libexec/ld.so/mips/archdep.h @@ -1,4 +1,4 @@ -/* $OpenBSD: archdep.h,v 1.4 2002/10/23 12:38:29 pefo Exp $ */ +/* $OpenBSD: archdep.h,v 1.5 2003/02/15 22:43:06 drahn Exp $ */ /* * Copyright (c) 1998-2002 Opsycon AB, Sweden. @@ -98,4 +98,6 @@ RELOC_GOT(struct elf_object *dynld, long loff) dynld->status |= STAT_GOT_DONE; } +#define GOT_PERMS PROT_READ + #endif /* _MIPS_ARCHDEP_H_ */ diff --git a/libexec/ld.so/powerpc/archdep.h b/libexec/ld.so/powerpc/archdep.h index cb367e4f3a8..433fd09da00 100644 --- a/libexec/ld.so/powerpc/archdep.h +++ b/libexec/ld.so/powerpc/archdep.h @@ -1,4 +1,4 @@ -/* $OpenBSD: archdep.h,v 1.10 2002/10/25 10:39:52 pefo Exp $ */ +/* $OpenBSD: archdep.h,v 1.11 2003/02/15 22:43:06 drahn Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -104,4 +104,6 @@ RELOC_RELA(Elf32_Rela *r, const Elf32_Sym *s, Elf32_Addr *p, unsigned long v) #define RELOC_GOT(obj, offs) +#define GOT_PERMS (PROT_READ|PROT_EXEC) + #endif /* _POWERPC_ARCHDEP_H_ */ diff --git a/libexec/ld.so/sparc/archdep.h b/libexec/ld.so/sparc/archdep.h index 8fb7135a6e3..afa23ac9c87 100644 --- a/libexec/ld.so/sparc/archdep.h +++ b/libexec/ld.so/sparc/archdep.h @@ -1,4 +1,4 @@ -/* $OpenBSD: archdep.h,v 1.5 2002/11/23 19:14:25 drahn Exp $ */ +/* $OpenBSD: archdep.h,v 1.6 2003/02/15 22:43:06 drahn Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -84,5 +84,6 @@ RELOC_RELA(Elf_RelA *r, const Elf_Sym *s, Elf_Addr *p, unsigned long v) #define RELOC_GOT(obj, offs) _dl_mul_fixup() void _dl_mul_fixup(void); +#define GOT_PERMS PROT_READ #endif /* _SPARC_ARCHDEP_H_ */ diff --git a/libexec/ld.so/sparc64/archdep.h b/libexec/ld.so/sparc64/archdep.h index dc174b56d7d..f73b7a9cffc 100644 --- a/libexec/ld.so/sparc64/archdep.h +++ b/libexec/ld.so/sparc64/archdep.h @@ -1,4 +1,4 @@ -/* $OpenBSD: archdep.h,v 1.14 2002/10/25 10:39:52 pefo Exp $ */ +/* $OpenBSD: archdep.h,v 1.15 2003/02/15 22:43:06 drahn Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -78,4 +78,6 @@ RELOC_RELA(Elf_RelA *r, const Elf_Sym *s, Elf_Addr *p, unsigned long v) #define RELOC_GOT(obj, offs) +#define GOT_PERMS PROT_READ + #endif /* _SPARC64_ARCHDEP_H_ */ |