Opened 5 years ago

Closed 5 years ago

#12427 closed bug (fixed)

runtime_loader incorrectly handles non-position-independent executables

Reported by: simonsouth Owned by: nobody
Priority: normal Milestone: Unscheduled
Component: System/runtime_loader Version: R1/Development
Keywords: Cc:
Blocked By: Blocking:
Platform: All


runtime_loader uses address-space layout randomization for security and will randomly locate in memory any program segments that are relocatable, assuming executables will be position-independent by default.

However the test it uses for relocatability is unreliable: The presence of a dynamic section simply means the executable "participates in dynamic linking", which will be true for a fixed-position executable that relies on code in a shared library, for instance.

As a result runtime_loader will load fixed-position executables but randomly position their segments in memory anyway, causing a speedy crash.

Fixing runtime_loader's test for relocatability will allow it to support both position-independent and fixed-position executables without affecting Haiku's preference for position-independent code.

This change is required to build GNU Emacs and (I believe) gcc 5, which apparently expects to be able to produce fixed-position executables as part of its build process.

Attachments (2)

0001-runtime_loader-Randomly-position-only-relocatable-co.patch (4.9 KB ) - added by simonsouth 5 years ago.
Base test for relocatability on object type, not presence of "dynamic" section
relocation-test.c (2.0 KB ) - added by simonsouth 5 years ago.
Demonstration program that illustrates runtime_loader's relocation behaviour

Download all attachments as: .zip

Change History (6)

by simonsouth, 5 years ago

Base test for relocatability on object type, not presence of "dynamic" section

comment:1 by simonsouth, 5 years ago

patch: 01

by simonsouth, 5 years ago

Attachment: relocation-test.c added

Demonstration program that illustrates runtime_loader's relocation behaviour

comment:2 by simonsouth, 5 years ago

I've attached both a patch that fixes this issue and a sample program that illustrates it.

The patch changes runtime_loader so it bases its relocatability decision on the file's object type, "DYN" or "EXEC", which from the ELF spec appears to be the correct test. (Note that PI executables are always built as shared objects, i.e. "DYN" files.) This means adding to elf_common.h definitions of the object types and undoing most of the changes committed in 26b2423794219b1fa70cc486a24787ed6a3a2921, which was a little aggressive in making random-positioning runtime_loader's default behaviour.

The sample program outputs information about its own areas, which demonstrates runtime_loader's behaviour once patched. When built as a PI executable (the default) the position of the program's two segments can be seen to change on each run. When built as a non-PI executable the program's two segments will always be placed at the same location, which is the location specified in the ELF header rounded down to the nearest page boundary.

comment:3 by bonefish, 5 years ago

Owner: changed from bonefish to nobody
Status: newassigned

comment:4 by pulkomandy, 5 years ago

Resolution: fixed
Status: assignedclosed

Applied in hrev49728. Thanks!

Note: See TracTickets for help on using tickets.