[PATCH 1/2] No-exec support for ppc64
Jake Moilanen
moilanen at austin.ibm.com
Wed Mar 16 08:51:35 EST 2005
On Tue, 15 Mar 2005 09:18:04 +1100
Paul Mackerras <paulus at samba.org> wrote:
> Jake Moilanen writes:
>
> > > I don't think I can push that upstream. What happens if you leave
> > > that out?
> >
> > The bss and the plt are in the same segment, and plt obviously needs to
> > be executable.
>
> Yes... what I was asking was "do things actually break if you leave
> that out, or does the binfmt_elf loader honour the 'x' permission on
> the PT_LOAD entry for the data/bss region, meaning that it all just
> works anyway?"
It does not work w/o the sys_mprotect. It will hang in one of the first
few binaries.
I believe the problem is that the last PT_LOAD entry does not have the
correct size, and we only mmap up to the sbss. The .sbss, .plt, and
.bss do not get mmapped with the section.
Here is /bin/bash on SLES 9:
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .interp PROGBITS 10000174 000174 00000d 00 A 0 0 1
...
...
[19] .data PROGBITS 1008ca80 07ca80 001b34 00 WA 0 0 4
[20] .eh_frame PROGBITS 1008e5b4 07e5b4 0000b4 00 A 0 0 4
[21] .got2 PROGBITS 1008e668 07e668 000010 00 WA 0 0 1
[22] .dynamic DYNAMIC 1008e678 07e678 0000e8 08 WA 6 0 4
[23] .ctors PROGBITS 1008e760 07e760 000008 00 WA 0 0 4
[24] .dtors PROGBITS 1008e768 07e768 000008 00 WA 0 0 4
[25] .jcr PROGBITS 1008e770 07e770 000004 00 WA 0 0 4
[26] .got PROGBITS 1008e774 07e774 000014 04 WAX 0 0 4
[27] .sdata PROGBITS 1008e788 07e788 0000d4 00 WA 0 0 4
[28] .sbss NOBITS 1008e860 07e860 000704 00 WA 0 0 8
[29] .plt NOBITS 1008ef64 07e860 000aa4 00 WAX 0 0 4
[30] .bss NOBITS 1008fa10 07e868 0062f0 00 WA 0 0 16
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000034 0x10000034 0x10000034 0x00120 0x00120 R E 0x4
INTERP 0x000174 0x10000174 0x10000174 0x0000d 0x0000d R 0x1
[Requesting program interpreter: /lib/ld.so.1]
LOAD 0x000000 0x10000000 0x10000000 0x7ca80 0x7ca80 R E 0x10000
LOAD 0x07ca80 0x1008ca80 0x1008ca80 0x01ddc 0x09280 RWE 0x10000
DYNAMIC 0x07e678 0x1008e678 0x1008e678 0x000e8 0x000e8 RW 0x4
NOTE 0x000184 0x10000184 0x10000184 0x00020 0x00020 R 0x4
NOTE 0x0001a4 0x100001a4 0x100001a4 0x00018 0x00018 R 0x4
GNU_EH_FRAME 0x07ca54 0x1007ca54 0x1007ca54 0x0002c 0x0002c R 0x4
STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4
Section to Segment mapping:
Segment Sections...
00
01 .interp
02 .interp .note.ABI-tag .note.SuSE .hash .dynsym .dynstr .gnu.version .g
nu.version_r .rela.dyn .rela.plt .init .text text.unlikely text.hot .fini .rodat
a .eh_frame_hdr
03 .data .eh_frame .got2 .dynamic .ctors .dtors .jcr .got .sdata .sbss .p
lt .bss
04 .dynamic
05 .note.ABI-tag
06 .note.SuSE
07 .eh_frame_hdr
08
In the program headers section, the FileSiz for the last PT_LOAD is
0x1ddc. If we go back to the Section Headers and look at .data it is at
0x1008ca80. So the segment should end at 0x1008e85c. We round up for
alignment and we get 0x1008e860 or .sbss. The sbss, plt, and bss are
not mmapped. So the sys_mprotect is used to pick it up.
Did I miss something to explain this? Can you think of another way to
fix it?
Jake
More information about the Linuxppc64-dev
mailing list