Opened 9 years ago
Closed 8 years ago
#12427 closed bug (fixed)
runtime_loader incorrectly handles non-position-independent executables
| Reported by: | simonsouth | Owned by: | nobody |
|---|---|---|---|
| Priority: | normal | Milestone: | Unscheduled |
| Component: | System/runtime_loader | Version: | R1/Development |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
runtime_loader uses address-space layout randomization for security and will randomly locate in memory any program segments that are relocatable, assuming executables will be position-independent by default.
However the test it uses for relocatability is unreliable: The presence of a dynamic section simply means the executable "participates in dynamic linking", which will be true for a fixed-position executable that relies on code in a shared library, for instance.
As a result runtime_loader will load fixed-position executables but randomly position their segments in memory anyway, causing a speedy crash.
Fixing runtime_loader's test for relocatability will allow it to support both position-independent and fixed-position executables without affecting Haiku's preference for position-independent code.
This change is required to build GNU Emacs and (I believe) gcc 5, which apparently expects to be able to produce fixed-position executables as part of its build process.
Attachments (2)
Change History (6)
by , 9 years ago
| Attachment: | 0001-runtime_loader-Randomly-position-only-relocatable-co.patch added |
|---|
comment:1 by , 9 years ago
| patch: | 0 → 1 |
|---|
by , 9 years ago
| Attachment: | relocation-test.c added |
|---|
Demonstration program that illustrates runtime_loader's relocation behaviour
comment:2 by , 9 years ago
I've attached both a patch that fixes this issue and a sample program that illustrates it.
The patch changes runtime_loader so it bases its relocatability decision on the file's object type, "DYN" or "EXEC", which from the ELF spec appears to be the correct test. (Note that PI executables are always built as shared objects, i.e. "DYN" files.) This means adding to elf_common.h definitions of the object types and undoing most of the changes committed in 26b2423794219b1fa70cc486a24787ed6a3a2921, which was a little aggressive in making random-positioning runtime_loader's default behaviour.
The sample program outputs information about its own areas, which demonstrates runtime_loader's behaviour once patched. When built as a PI executable (the default) the position of the program's two segments can be seen to change on each run. When built as a non-PI executable the program's two segments will always be placed at the same location, which is the location specified in the ELF header rounded down to the nearest page boundary.
comment:3 by , 9 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:4 by , 8 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Applied in hrev49728. Thanks!
Base test for relocatability on object type, not presence of "dynamic" section