[PATCH] D20024: [ELF] - Protect first entries of got.plt with RelRo.
George Rimar via llvm-commits
llvm-commits at lists.llvm.org
Tue May 10 02:59:43 PDT 2016
grimar abandoned this revision.
grimar added a comment.
Well, I assumed it is useful, at least because even linkerscript has special command
DATA_SEGMENT_RELRO_END to do that:
.got : { *(.got) *(.igot) }
. = DATA_SEGMENT_RELRO_END (24, .);
.got.plt : { *(.got.plt) *(.igot.plt) }
I don't know how realistic is attack using unprotected first 3 entries.
Second and third are reserved for dynamic linker use and it is probably would be very specific attack.
So may be use of -zrelro & -znow is enough to protect (since whole .got.plt is covered by relro which is even more safe)
and also avoids additional code complexity.
http://reviews.llvm.org/D20024
More information about the llvm-commits
mailing list