From patchwork Mon Sep 30 20:08:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 831570 Delivered-To: patch@linaro.org Received: by 2002:a5d:66c8:0:b0:367:895a:4699 with SMTP id k8csp2120197wrw; Mon, 30 Sep 2024 13:08:49 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVfMVE/IaFKsiH72MJbs2HQdJmRfYI+BwNW6qd2rQvg7HrLptEAfvuplBXYkcm5pGalEwY6WQ==@linaro.org X-Google-Smtp-Source: AGHT+IHtwMYgzBP7c8zDZvBw7SNyuVhQnLtWrVVQYoU/D7duVcMlzkI70wCp04VyfFiWCpitJTD5 X-Received: by 2002:a05:620a:2892:b0:7ac:9bdd:6e78 with SMTP id af79cd13be357-7ae5b80d31cmr161878685a.14.1727726928733; Mon, 30 Sep 2024 13:08:48 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1727726928; cv=pass; d=google.com; s=arc-20240605; b=auqsmqmWr31KTt2RBgymaiTe9/laaZMpUR1gN1sXzffCmLMJvPuOQQI+Djuuc+S1Ag ub1P3CP6hqhGIDIq3K90QIbGAvYL+WpdP1Ft7or4RW25kzl10hd2XR84EHX9rdl2ruWF fQ2lASSq6/XznW8zcGrzqtX3nyoLUOAicl6y9UvfuM/AAWLXfDCVy8JDYb/0Hpq5nMNV p0Dw5bBnhifsjRP+GrSpunVXPRfvfS1KgB8gJzT4GjoT6KNpkPmYE9/tHg5S+Sb0JhGn +mPVZA+5hYzoZB+CHWQOXKqlt4RCRhx9t4ak8h1fTrn5R2cRhKBnpgWP9EFvmoeQ1n/2 3VsQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature :arc-filter:dmarc-filter:delivered-to; bh=3hpTOsCRXCgkm8H1Q2GqGU4D9gG5dJ+GGtrDstT6Y0o=; fh=jV+RmF17NVd0KO+x04CXEAt2ahoCnMlV5/fgLD2kZ2g=; b=Km47Gwe9n17BPcMSRScZDkD1hVNnaqKXl2MZzwrYAqYXVMb9DjDip7ua2BcePYXAwC jFO/QUoNV0DFE29b1oZiow1EVj0N9XNsIpPjiQ7EHVrf3W6+Oz8JnUPkYaCi64A/wGej m2gEE3FeIQCbtEdS0dtUWaNtqgm+FRO74ZHDhvvGkZXJh4CsfZ3vCxBMnF2uJ8Xq0Bxh 0zCbilJQJjoX4lqc0JSw1BdCb5xVCQ5fcj7CjBPvtnju/l9UhiXqo4BzG1ERRcUbWr0n sQiiY+4zmUZUqeDfNjv9OILJUGcX/V1yuVs9N3S0PNvYyLjoF2iSYAguRzmEBFoDYWPG k+RQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=a8tJ31aM; arc=pass (i=1); spf=pass (google.com: domain of binutils-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="binutils-bounces~patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id af79cd13be357-7ae378529ffsi927580385a.413.2024.09.30.13.08.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Sep 2024 13:08:48 -0700 (PDT) Received-SPF: pass (google.com: domain of binutils-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=a8tJ31aM; arc=pass (i=1); spf=pass (google.com: domain of binutils-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="binutils-bounces~patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 301393846474 for ; Mon, 30 Sep 2024 20:08:48 +0000 (GMT) X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com [IPv6:2607:f8b0:4864:20::102f]) by sourceware.org (Postfix) with ESMTPS id 8DFE0384A808 for ; Mon, 30 Sep 2024 20:08:32 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8DFE0384A808 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 8DFE0384A808 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::102f ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1727726914; cv=none; b=fz0nKGu2bjiHgxFOhaArajjcr9ZcGKyn2Lv1Wy3VS3Zt+fUAUXL7Cnumya17oBaUnAOOaRTRpKF2fbIy0zPkapetAhw+1k1+f3tghejQtZOusd3xsYNk/+wiOeLLPuhe/PbagsYq6LEeW+QZGAjJPLn7b4eX20tMqePKz0GXrA4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1727726914; c=relaxed/simple; bh=GCpQRETx/QubJfmDuA1wB5l4Q9kp5Olu7kla/5nco5k=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=uQHrypKGGD7KlXEBBPVLeFudTgwFKmRBMxqOJtrp46gBGNsgM3gC5vTQtqKuNOGpIDGLrRThk9BzdpJ1Rc7dkJlHnI8NnbrG1Zx6Rth0SdrRV1vMuJ1D3ZFAZ8/wYi9EZXGLOHuTGBKNveVcNwpe2l9zzALXT4jmm3POJK6XtsM= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pj1-x102f.google.com with SMTP id 98e67ed59e1d1-2db85775c43so3529021a91.0 for ; Mon, 30 Sep 2024 13:08:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1727726911; x=1728331711; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=3hpTOsCRXCgkm8H1Q2GqGU4D9gG5dJ+GGtrDstT6Y0o=; b=a8tJ31aMaSioAbsUvClWcX+N1By9OSw6kpiapa07zHLiL/mTwKSesXwon9g1Nkf4R5 JSxjrWObCHqigWm9xtotfYCTtpCidWjsj+kWqiYU7GCiH1pmS47wQoHy+gW09vXqYQUH 5qsIjuSG0IQPgx9zWMACHmyg9kiap/8UWcm6ZtCVxOWkiCtAfsmk1IctRqhwibDgFzDW SPVJGiXzgo1/NwIbxqodOmdOjgu+LJMVU43FICV6inimUEArH+87QrHAYvZSfl/Nl6fi /K33QHnpip5xPi8tXlv2jNTF1DLxC408S3dkOak/nwx4yDuwqlrtdN7nSJGQHRqjzlXc mkMA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727726911; x=1728331711; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3hpTOsCRXCgkm8H1Q2GqGU4D9gG5dJ+GGtrDstT6Y0o=; b=byVDaIDV6P7hW5fUlkjxFZCrWBJnE3z0+pJzS2/POMWDebsjwab8tO2klKiOVpzb8a qLQfbdYDU4zzNqQoPDS7UsYYbVLp24VFz42jpMtAZEB0dyK9WE6ZK0N6yajIantXqvix Dgmc8YyFq9M/2bj1vG8+t0G8uo1OZWY2GNmIrGxOx1hkT7zZsB+Uxu5Q41CHGEVgMDph x7GjgYgryvWJCOvV4vqYYS7c2GF9+s5Dy7R7aw6aYAGMOqsETVUoNTpvXwTxR+VaK+kF DOPP1fKdcEMTrXeyoL4BDFluSNmlNGPLP8+prwITuPQiCj9aisbaftwgUVRMrYN+Fn+Y QWeQ== X-Gm-Message-State: AOJu0YxWUYUUKkB9Dqbxm567J4PkRRjD0MrMRSklxhcWBDvKc6s/X3aZ Xjboqh2tLuTWFQJZH77OCieoMxTKxhhEk7Jv6BSXHrCo6w2qENC91jcinTHQtZyD8hpKZB1G0kM MjSY= X-Received: by 2002:a17:90a:fd8c:b0:2c9:36bf:ba6f with SMTP id 98e67ed59e1d1-2e15a1b6980mr1136697a91.3.1727726911192; Mon, 30 Sep 2024 13:08:31 -0700 (PDT) Received: from ubuntu-vm.. (201-92-183-102.dsl.telesp.net.br. [201.92.183.102]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2e0b6c9b438sm8464787a91.28.2024.09.30.13.08.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Sep 2024 13:08:30 -0700 (PDT) From: Adhemerval Zanella To: binutils@sourceware.org Cc: Stephen Roettger , Jeff Xu , Florian Weimer , Mike Hommey , Adhemerval Zanella Subject: [PATCH v2 0/3] elf: Add GNU_PROPERTY_MEMORY_SEAL gnu property Date: Mon, 30 Sep 2024 17:08:19 -0300 Message-Id: <20240930200822.1669666-1-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: binutils-bounces~patch=linaro.org@sourceware.org The new attribute indicates that an ET_EXEC or ET_DYN ELF object should be memory-sealed if the loader supports it. Memory sealing is useful as a hardening mechanism to avoid either remapping the memory segments or changing the memory protection segments layout by the dynamic loader (for instance, the RELRO hardening). The Linux 6.10 (8be7258aad44b5e25977a98db136f677fa6f4370) added the mseal syscall accomplishes it. A GNU property is used instead of a new dynamic section tag (like the one proposed for DT_GNU_FLAGS_1) because the memory sealing should be selectable for ET_EXEC and not only for ET_DYN. It also fits new opt-in security features like x86 CET or AArch64 BTI. The first patch adds the -Wl,memory-seal/-Wl,nomemory-seal options to ld.bfd. The GNU_PROPERTY_MEMORY_SEAL property is added only for ET_EXEC or ET_DYN objects. The second patch adds similar support for ld.gold. The third patch adds the ld --enable-memory-seal configure options to enable the memory sealing mark as default (similar to other security hardening as RELRO or non-executable stacks). Changes v1->v2: * Make the security hardening opt-in instead of opt-out. * Add gold support. Adhemerval Zanella (3): elf: Add GNU_PROPERTY_MEMORY_SEAL gnu property gold: Add GNU_PROPERTY_MEMORY_SEAL gnu property ld: Add --enable-memory-seal configure option bfd/elf-properties.c | 72 +++++++++++++++++----- bfd/elfxx-x86.c | 3 +- binutils/readelf.c | 6 ++ binutils/testsuite/lib/binutils-common.exp | 22 +++++++ elfcpp/elfcpp.h | 1 + gold/NEWS | 3 + gold/layout.cc | 4 ++ gold/options.h | 3 + gold/testsuite/Makefile.am | 19 ++++++ gold/testsuite/Makefile.in | 26 +++++++- gold/testsuite/memory_seal_main.c | 5 ++ gold/testsuite/memory_seal_shared.c | 7 +++ gold/testsuite/memory_seal_test.sh | 45 ++++++++++++++ include/bfdlink.h | 3 + include/elf/common.h | 1 + ld/NEWS | 4 ++ ld/config.in | 3 + ld/configure | 28 ++++++++- ld/configure.ac | 17 +++++ ld/emultempl/elf.em | 5 ++ ld/ld.texi | 8 +++ ld/lexsup.c | 11 ++++ ld/testsuite/config/default.exp | 8 +++ ld/testsuite/ld-elf/property-seal-1.d | 15 +++++ ld/testsuite/ld-elf/property-seal-2.d | 14 +++++ ld/testsuite/ld-srec/srec.exp | 4 ++ ld/testsuite/lib/ld-lib.exp | 6 ++ 27 files changed, 320 insertions(+), 23 deletions(-) create mode 100644 gold/testsuite/memory_seal_main.c create mode 100644 gold/testsuite/memory_seal_shared.c create mode 100755 gold/testsuite/memory_seal_test.sh create mode 100644 ld/testsuite/ld-elf/property-seal-1.d create mode 100644 ld/testsuite/ld-elf/property-seal-2.d