[PATCH] D40029: [ELF] Only add contiguous isRelro sections to PT_GNU_RELRO PHDR
Peter Smith via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Nov 16 05:51:35 PST 2017
peter.smith added a comment.
> I see. Thank you for explaining. But, how much dangerous is it to use only the last RELRO compared to only the first one? I wonder if it makes sense to just reverse the RELRO segments. Anyway, I'm also interested in hearing from pcc.
Looking at the source rtld.c https://code.woboq.org/userspace/glibc/elf/rtld.c.html it looks like it is only the PT_GNU_RELRO for the dynamic loader shared object itself that is searched in reverse order. For all executables and shared objects all the PHDRS in the table are processed in order, with PT_GNU_RELRO just a case in a switch table. I think that this means that the last PT_GNU_RELRO that is encountered will describe the region to be protected. I don't think that this will be dangerous, it will just mean that only one of the RELRO segments will be protected, which could be a security hole.
https://reviews.llvm.org/D40029
More information about the llvm-commits
mailing list