From patchwork Wed Jul 15 15:44:45 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Szabolcs Nagy <szabolcs.nagy@arm.com>
X-Patchwork-Id: 40113
Return-Path: <libc-alpha-bounces@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id AC5103840C0C;
	Wed, 15 Jul 2020 15:45:05 +0000 (GMT)
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from EUR03-VE1-obe.outbound.protection.outlook.com
 (mail-eopbgr50055.outbound.protection.outlook.com [40.107.5.55])
 by sourceware.org (Postfix) with ESMTPS id 830D1386F457
 for <libc-alpha@sourceware.org>; Wed, 15 Jul 2020 15:45:02 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 830D1386F457
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=arm.com
Authentication-Results: sourceware.org;
 spf=pass smtp.mailfrom=Szabolcs.Nagy@arm.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com;
 s=selector2-armh-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=bNj7BRhyeENqaCSzpwRmRXaaTJxTzD2/9dIQGdXohNI=;
 b=S4QehyZK60LxTut2drHOfVkYSnWDUtYkPZKz/6CxGjro9QqexBYnqSZruKfwpC5l7k3/25XmNp6jmaKtJ9VRj8zO+5QqxVcS5zzAHOV6XnHufBlZp7kEVIe3YoI6MA/piZCBh2jLcGxWC0AAexDI5lHblMnQnHRfrQtuBq2T1Uk=
Received: from DB6PR0201CA0041.eurprd02.prod.outlook.com (2603:10a6:4:3f::51)
 by DB8PR08MB3977.eurprd08.prod.outlook.com (2603:10a6:10:ad::31) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.22; Wed, 15 Jul
 2020 15:45:00 +0000
Received: from DB5EUR03FT006.eop-EUR03.prod.protection.outlook.com
 (2603:10a6:4:3f:cafe::c8) by DB6PR0201CA0041.outlook.office365.com
 (2603:10a6:4:3f::51) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3195.18 via Frontend
 Transport; Wed, 15 Jul 2020 15:44:59 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123)
 smtp.mailfrom=arm.com; sourceware.org; dkim=pass (signature was verified)
 header.d=armh.onmicrosoft.com; sourceware.org;
 dmarc=bestguesspass action=none
 header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates
 63.35.35.123 as permitted sender) receiver=protection.outlook.com;
 client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by
 DB5EUR03FT006.mail.protection.outlook.com (10.152.20.106) with
 Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3195.18 via Frontend Transport; Wed, 15 Jul 2020 15:44:59 +0000
Received: ("Tessian outbound 1c27ecaec3d6:v62");
 Wed, 15 Jul 2020 15:44:59 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 2ad7e44716b4e989
X-CR-MTA-TID: 64aa7808
Received: from 4a7fde77b95f.1
 by 64aa7808-outbound-1.mta.getcheckrecipient.com id
 5E8CAEE1-543F-4A15-A05B-282A40739896.1;
 Wed, 15 Jul 2020 15:44:53 +0000
Received: from EUR03-DB5-obe.outbound.protection.outlook.com
 by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id
 4a7fde77b95f.1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384);
 Wed, 15 Jul 2020 15:44:53 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=hbAG+XuW5EK1Aqt8j5B7RNEVFt65o3Ua37nKi2k5+8lvCs9wbIlMaUhXcerc2DHm9O+oA2Rf5UU/TGfqb6sSXDRPkdWTZPQKsvxQiEyC9tNvlum2tCZBkjFxy5cuIbssDCDzduKI3YvzrsRmBAtFmdbK8acpPGUaZ6+bWALpQ2G/C6yk7GjF89cwyGn18nETTFKIDGVCPVam45PXYfmc/50lhxaESuwo7+qkHnFMFGWfV41Q2ymiINXtn2+FAfBDSWDQky5tZTl6skjQS700TlvQY9V7YzYWOctPwsqtXGuHMgAW4orcXSmyZNo6w1PgXueF2p9FHGsGtcRksJZZaQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=bNj7BRhyeENqaCSzpwRmRXaaTJxTzD2/9dIQGdXohNI=;
 b=aMMPD3dY7saHfgsIrXA+5AWhPgdBr2vENcPekX+xpoJ16ROtcG3RBgaFKWoD2oT8V/vox8drLNBT51VzupkkMqa5MEK7JWACiCoiPz5Z2HRHCW28tjxlM3hVM5dT96SCWgRy8HNDSfU8oJqXg5L18zoY7IH1IIfIknjcez7UpOTnTpXZ+lmvq8yTF0/TtD1B+NSAMIxy5SNsb747ZkBm+2czvSkbsMVzOl/UNKjSNC/5VUdIKP9S2oQz4mEeH15r8n9nHvcHMZQPasfDTAPAcbe7vE4Ryat/hByZvxdX4KUWHd5PI3Y0cibp7w+3D2hQGL+LzWEHBvQt4S44lfmVlQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass
 header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com;
 s=selector2-armh-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=bNj7BRhyeENqaCSzpwRmRXaaTJxTzD2/9dIQGdXohNI=;
 b=S4QehyZK60LxTut2drHOfVkYSnWDUtYkPZKz/6CxGjro9QqexBYnqSZruKfwpC5l7k3/25XmNp6jmaKtJ9VRj8zO+5QqxVcS5zzAHOV6XnHufBlZp7kEVIe3YoI6MA/piZCBh2jLcGxWC0AAexDI5lHblMnQnHRfrQtuBq2T1Uk=
Authentication-Results-Original: sourceware.org; dkim=none (message not
 signed) header.d=none;sourceware.org; dmarc=none action=none
 header.from=arm.com;
Received: from AM6PR08MB3047.eurprd08.prod.outlook.com (2603:10a6:209:4c::23)
 by AM6PR08MB4087.eurprd08.prod.outlook.com (2603:10a6:20b:ac::10)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.20; Wed, 15 Jul
 2020 15:44:52 +0000
Received: from AM6PR08MB3047.eurprd08.prod.outlook.com
 ([fe80::2404:de9f:78c0:313c]) by AM6PR08MB3047.eurprd08.prod.outlook.com
 ([fe80::2404:de9f:78c0:313c%6]) with mapi id 15.20.3174.026; Wed, 15 Jul 2020
 15:44:52 +0000
Date: Wed, 15 Jul 2020 16:44:45 +0100
From: Szabolcs Nagy <szabolcs.nagy@arm.com>
To: libc-alpha@sourceware.org
Subject: [PATCH] aarch64: Respect p_flags when protecting code with PROT_BTI
Message-ID: <20200715154444.GA26693@arm.com>
Content-Disposition: inline
User-Agent: Mutt/1.9.4 (2018-02-28)
X-ClientProxiedBy: DM5PR19CA0031.namprd19.prod.outlook.com
 (2603:10b6:3:9a::17) To AM6PR08MB3047.eurprd08.prod.outlook.com
 (2603:10a6:209:4c::23)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from arm.com (217.140.106.53) by
 DM5PR19CA0031.namprd19.prod.outlook.com (2603:10b6:3:9a::17) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3195.18 via Frontend Transport; Wed, 15 Jul 2020 15:44:51 +0000
X-Originating-IP: [217.140.106.53]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: a743fedc-c0af-4b0b-8188-08d828d60831
X-MS-TrafficTypeDiagnostic: AM6PR08MB4087:|DB8PR08MB3977:
X-Microsoft-Antispam-PRVS: 
 <DB8PR08MB3977AE3615C3A4C299A36841ED7E0@DB8PR08MB3977.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
NoDisclaimer: true
X-MS-Oob-TLC-OOBClassifiers: OLM:2276;OLM:2276;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: 
 DQnS+avvyMnowKHwUFa7U04xipETRJBUwalTLOvKB5JPxw48uHWqN+CrXP7v23XneHJh13jf/NxaxrswE8wvYEZdnAVJ4VZOKr7UklEqFIkufGpmBHH5Bt2964OUhHeW3Jmx2HcWw5jSO9CFSWJooacGbWAsCeAbs2W0HDj6r6tumutKWbWBCyAV8aQWmoihNALjS4ncCYMQGaZqNfTtes8oGGWet2IwsGMze2WXDTdv0++86wIB6YahJ6ImF+QPP4WvT94igN8WAtiloCBTJzKwnqcjUfcLFqwMGoFt5F1TjoCzy2XChFgRI9akGkwDbFcKg0tgmfZbbINM0Qtm9DZ4W8YllaWeFdHXgtpQt301nhgC0jRYcpVsldJdgZi8
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en;
 SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR08MB3047.eurprd08.prod.outlook.com;
 PTR:; CAT:NONE; SFTY:;
 SFS:(4636009)(136003)(39860400002)(366004)(376002)(346002)(396003)(66616009)(66556008)(66476007)(316002)(26005)(5660300002)(2906002)(33656002)(235185007)(36756003)(8886007)(2616005)(66946007)(8676002)(8936002)(16526019)(186003)(7696005)(478600001)(55016002)(44144004)(564344004)(6916009)(86362001)(1076003)(44832011)(956004)(52116002)(6666004)(33964004)(2700100001);
 DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 
 wCYPyw57eer3BxRE18wIn1L3PCO33fLWAWS+lpsMNktd85GnfPm9ln4Db+Pwk1XEA3iV3Ykay0ApdRKMnWML4XXMPSQfJTiKFO8zzI07qn6BsNN0UOt64dmpTTXCBZQ0ez0WUgm7QvutaDsIpozKy8x2LzophXaUAAm3pmoG+NG6OJL6BSBB5PLIagN95OPu56FQWA9gCRqMxjhwUnVeQuTUoeD1qU1MStqZc+R7482GVJWQJJzsyqOX9yJRLdDb3lNaSuKjXDH69eJ/QITnA/AHDglDL0u2YFRQCeiJxxKiSJEHn/lYd1Bz/YORyolzqfENE6oi02HJ80B2YuNS0UDFON7k2NQpyOnn56XsaZnS7ADlcPOSpYD7Y3C2GQixkre9aUwqaJcyAsxJO3xkRYAATixbJRrF1AD1umtCsbJlQnczmRJllp9NvM7WQAaCbpoa/6dt1SPdGh0R6StvZvA5p1PU/VXr/kJGWXMFMCkwaBgIEa996AD6qThiBBjA
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4087
Original-Authentication-Results: sourceware.org;
 dkim=none (message not signed)
 header.d=none; sourceware.org;
 dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: 
 DB5EUR03FT006.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:;
 IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com;
 PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:;
 SFS:(4636009)(39860400002)(376002)(136003)(346002)(396003)(46966005)(47076004)(70206006)(81166007)(356005)(66616009)(2906002)(44832011)(82740400003)(316002)(70586007)(8676002)(36756003)(82310400002)(33656002)(6666004)(2616005)(26005)(336012)(8886007)(564344004)(186003)(86362001)(235185007)(5660300002)(6916009)(44144004)(7696005)(33964004)(956004)(55016002)(478600001)(16526019)(1076003)(8936002)(2700100001);
 DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 
 e27207b2-ba67-473a-bd5e-08d828d603c7
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
 m4r3TkSWWI5rndrR8KBTCchQDRUdtJZFVzFCxRBqyCkuKp2DrdbDQ8GOfWzk/6f6WYqDz2Yoem4f44vqhNB47xutRyxuSfRHUopSkEaS1qDBIx1ZbSaWvNhX1hXSQmR+hGI13EQZSJ3QS6gS+Hvlu+DqeL4w9tpwni8zQ0Lhdy7eCeDUyKX7zRjwknQ1EEZSjWSD2EY0lM4lZszUuBplvVp2465Vq/+poX27UiSPDNvVlqoTpAot61EgD/YdnKn35E9Z6z6pu6C6myeOxm6aFcoIcvSd+mLadwf5gM4xzzJuBDyDtspIq5mIa9ryzRHCkyl4YLTU6L5viOFmK6hSi4rJkURrxBBhZ3H1fyRH1mdgkDRfTAypT3srP7ojNeffkvXI2vqBYZ9CEU+t2fF4KijGAME1IxEmpyezjKdL7zQ=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Jul 2020 15:44:59.8429 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 a743fedc-c0af-4b0b-8188-08d828d60831
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123];
 Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 DB5EUR03FT006.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR08MB3977
X-Spam-Status: No, score=-15.4 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, GIT_PATCH_0, MSGID_FROM_MTA_HEADER, RCVD_IN_DNSWL_NONE,
 RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, SPF_PASS, TXREP,
 UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <http://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <http://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces@sourceware.org
Sender: "Libc-alpha" <libc-alpha-bounces@sourceware.org>

i'd like to commit the attached patch for 2.32

From af3c11a811cfcc2b72f07efa0696c2200e928e12 Mon Sep 17 00:00:00 2001
From: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date: Mon, 13 Jul 2020 11:28:18 +0100
Subject: [PATCH] aarch64: Respect p_flags when protecting code with PROT_BTI

Use PROT_READ and PROT_WRITE according to the load segment p_flags
when adding PROT_BTI.

This is before processing relocations which may drop PROT_BTI in
case of textrels.  Executable stacks are not protected via PROT_BTI
either.  PROT_BTI is hardening in case memory corruption happened,
it's value is reduced if there is writable and executable memory
available so missing it on such memory is fine, but we should
respect the p_flags and should not drop PROT_WRITE.
---
 sysdeps/aarch64/dl-bti.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sysdeps/aarch64/dl-bti.c b/sysdeps/aarch64/dl-bti.c
index 965ddcc732..196e462520 100644
--- a/sysdeps/aarch64/dl-bti.c
+++ b/sysdeps/aarch64/dl-bti.c
@@ -24,13 +24,20 @@ static int
 enable_bti (struct link_map *map, const char *program)
 {
   const ElfW(Phdr) *phdr;
-  unsigned prot = PROT_READ | PROT_EXEC | PROT_BTI;
+  unsigned prot;
 
   for (phdr = map->l_phdr; phdr < &map->l_phdr[map->l_phnum]; ++phdr)
     if (phdr->p_type == PT_LOAD && (phdr->p_flags & PF_X))
       {
 	void *start = (void *) (phdr->p_vaddr + map->l_addr);
 	size_t len = phdr->p_memsz;
+
+	prot = PROT_EXEC | PROT_BTI;
+	if (phdr->p_flags & PF_R)
+	  prot |= PROT_READ;
+	if (phdr->p_flags & PF_W)
+	  prot |= PROT_WRITE;
+
 	if (__mprotect (start, len, prot) < 0)
 	  {
 	    if (program)
-- 
2.17.1