rtld: move relro enforcement after ifunc processing

Previously the combination of relro (implicit), -z now and ifunc use
resulted in a segfault when applying ifuncs after relro (test binary
here just calls amd64_get_fsbase()):

| % env LD_DEBUG=1 libexec/rtld-elf/obj/ld-elf.so.1 a.out
| ...
| enforcing main obj relro
| ...
| resolving ifuncs
| reloc_jmpslot: *0x203198 = 0x189368ea4570
| zsh: bus error (core dumped)  LD_DEBUG=1 obj/ld-elf.so.1 ~/a.out

Reported by:	Shawn Webb
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
This commit is contained in:
Ed Maste 2018-11-04 19:21:12 +00:00
parent f6bb885ff6
commit eda66948fe

View File

@ -700,10 +700,6 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp)
if (do_copy_relocations(obj_main) == -1) if (do_copy_relocations(obj_main) == -1)
rtld_die(); rtld_die();
dbg("enforcing main obj relro");
if (obj_enforce_relro(obj_main) == -1)
rtld_die();
if (getenv(_LD("DUMP_REL_POST")) != NULL) { if (getenv(_LD("DUMP_REL_POST")) != NULL) {
dump_relocations(obj_main); dump_relocations(obj_main);
exit (0); exit (0);
@ -739,6 +735,10 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp)
NULL) == -1) NULL) == -1)
rtld_die(); rtld_die();
dbg("enforcing main obj relro");
if (obj_enforce_relro(obj_main) == -1)
rtld_die();
if (!obj_main->crt_no_init) { if (!obj_main->crt_no_init) {
/* /*
* Make sure we don't call the main program's init and fini * Make sure we don't call the main program's init and fini