From patchwork Mon Sep 30 20:08:19 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 831570
Delivered-To: patch@linaro.org
Received: by 2002:a5d:66c8:0:b0:367:895a:4699 with SMTP id k8csp2120197wrw;
 Mon, 30 Sep 2024 13:08:49 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCVfMVE/IaFKsiH72MJbs2HQdJmRfYI+BwNW6qd2rQvg7HrLptEAfvuplBXYkcm5pGalEwY6WQ==@linaro.org
X-Google-Smtp-Source: AGHT+IHtwMYgzBP7c8zDZvBw7SNyuVhQnLtWrVVQYoU/D7duVcMlzkI70wCp04VyfFiWCpitJTD5
X-Received: by 2002:a05:620a:2892:b0:7ac:9bdd:6e78 with SMTP id
 af79cd13be357-7ae5b80d31cmr161878685a.14.1727726928733;
 Mon, 30 Sep 2024 13:08:48 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1727726928; cv=pass;
 d=google.com; s=arc-20240605;
 b=auqsmqmWr31KTt2RBgymaiTe9/laaZMpUR1gN1sXzffCmLMJvPuOQQI+Djuuc+S1Ag
 ub1P3CP6hqhGIDIq3K90QIbGAvYL+WpdP1Ft7or4RW25kzl10hd2XR84EHX9rdl2ruWF
 fQ2lASSq6/XznW8zcGrzqtX3nyoLUOAicl6y9UvfuM/AAWLXfDCVy8JDYb/0Hpq5nMNV
 p0Dw5bBnhifsjRP+GrSpunVXPRfvfS1KgB8gJzT4GjoT6KNpkPmYE9/tHg5S+Sb0JhGn
 +mPVZA+5hYzoZB+CHWQOXKqlt4RCRhx9t4ak8h1fTrn5R2cRhKBnpgWP9EFvmoeQ1n/2
 3VsQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:message-id:date:subject:cc:to:from:dkim-signature
 :arc-filter:dmarc-filter:delivered-to;
 bh=3hpTOsCRXCgkm8H1Q2GqGU4D9gG5dJ+GGtrDstT6Y0o=;
 fh=jV+RmF17NVd0KO+x04CXEAt2ahoCnMlV5/fgLD2kZ2g=;
 b=Km47Gwe9n17BPcMSRScZDkD1hVNnaqKXl2MZzwrYAqYXVMb9DjDip7ua2BcePYXAwC
 jFO/QUoNV0DFE29b1oZiow1EVj0N9XNsIpPjiQ7EHVrf3W6+Oz8JnUPkYaCi64A/wGej
 m2gEE3FeIQCbtEdS0dtUWaNtqgm+FRO74ZHDhvvGkZXJh4CsfZ3vCxBMnF2uJ8Xq0Bxh
 0zCbilJQJjoX4lqc0JSw1BdCb5xVCQ5fcj7CjBPvtnju/l9UhiXqo4BzG1ERRcUbWr0n
 sQiiY+4zmUZUqeDfNjv9OILJUGcX/V1yuVs9N3S0PNvYyLjoF2iSYAguRzmEBFoDYWPG
 k+RQ==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=a8tJ31aM;
 arc=pass (i=1); spf=pass (google.com: domain of
 binutils-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="binutils-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <binutils-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org.
 [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id
 af79cd13be357-7ae378529ffsi927580385a.413.2024.09.30.13.08.48
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 30 Sep 2024 13:08:48 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 binutils-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 client-ip=2620:52:3:1:0:246e:9693:128c;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=a8tJ31aM;
 arc=pass (i=1); spf=pass (google.com: domain of
 binutils-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="binutils-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 301393846474
 for <patch@linaro.org>; Mon, 30 Sep 2024 20:08:48 +0000 (GMT)
X-Original-To: binutils@sourceware.org
Delivered-To: binutils@sourceware.org
Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com
 [IPv6:2607:f8b0:4864:20::102f])
 by sourceware.org (Postfix) with ESMTPS id 8DFE0384A808
 for <binutils@sourceware.org>; Mon, 30 Sep 2024 20:08:32 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8DFE0384A808
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 8DFE0384A808
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::102f
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1727726914; cv=none;
 b=fz0nKGu2bjiHgxFOhaArajjcr9ZcGKyn2Lv1Wy3VS3Zt+fUAUXL7Cnumya17oBaUnAOOaRTRpKF2fbIy0zPkapetAhw+1k1+f3tghejQtZOusd3xsYNk/+wiOeLLPuhe/PbagsYq6LEeW+QZGAjJPLn7b4eX20tMqePKz0GXrA4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1727726914; c=relaxed/simple;
 bh=GCpQRETx/QubJfmDuA1wB5l4Q9kp5Olu7kla/5nco5k=;
 h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version;
 b=uQHrypKGGD7KlXEBBPVLeFudTgwFKmRBMxqOJtrp46gBGNsgM3gC5vTQtqKuNOGpIDGLrRThk9BzdpJ1Rc7dkJlHnI8NnbrG1Zx6Rth0SdrRV1vMuJ1D3ZFAZ8/wYi9EZXGLOHuTGBKNveVcNwpe2l9zzALXT4jmm3POJK6XtsM=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pj1-x102f.google.com with SMTP id
 98e67ed59e1d1-2db85775c43so3529021a91.0
 for <binutils@sourceware.org>; Mon, 30 Sep 2024 13:08:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1727726911; x=1728331711; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=3hpTOsCRXCgkm8H1Q2GqGU4D9gG5dJ+GGtrDstT6Y0o=;
 b=a8tJ31aMaSioAbsUvClWcX+N1By9OSw6kpiapa07zHLiL/mTwKSesXwon9g1Nkf4R5
 JSxjrWObCHqigWm9xtotfYCTtpCidWjsj+kWqiYU7GCiH1pmS47wQoHy+gW09vXqYQUH
 5qsIjuSG0IQPgx9zWMACHmyg9kiap/8UWcm6ZtCVxOWkiCtAfsmk1IctRqhwibDgFzDW
 SPVJGiXzgo1/NwIbxqodOmdOjgu+LJMVU43FICV6inimUEArH+87QrHAYvZSfl/Nl6fi
 /K33QHnpip5xPi8tXlv2jNTF1DLxC408S3dkOak/nwx4yDuwqlrtdN7nSJGQHRqjzlXc
 mkMA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1727726911; x=1728331711;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=3hpTOsCRXCgkm8H1Q2GqGU4D9gG5dJ+GGtrDstT6Y0o=;
 b=byVDaIDV6P7hW5fUlkjxFZCrWBJnE3z0+pJzS2/POMWDebsjwab8tO2klKiOVpzb8a
 qLQfbdYDU4zzNqQoPDS7UsYYbVLp24VFz42jpMtAZEB0dyK9WE6ZK0N6yajIantXqvix
 Dgmc8YyFq9M/2bj1vG8+t0G8uo1OZWY2GNmIrGxOx1hkT7zZsB+Uxu5Q41CHGEVgMDph
 x7GjgYgryvWJCOvV4vqYYS7c2GF9+s5Dy7R7aw6aYAGMOqsETVUoNTpvXwTxR+VaK+kF
 DOPP1fKdcEMTrXeyoL4BDFluSNmlNGPLP8+prwITuPQiCj9aisbaftwgUVRMrYN+Fn+Y
 QWeQ==
X-Gm-Message-State: AOJu0YxWUYUUKkB9Dqbxm567J4PkRRjD0MrMRSklxhcWBDvKc6s/X3aZ
 Xjboqh2tLuTWFQJZH77OCieoMxTKxhhEk7Jv6BSXHrCo6w2qENC91jcinTHQtZyD8hpKZB1G0kM
 MjSY=
X-Received: by 2002:a17:90a:fd8c:b0:2c9:36bf:ba6f with SMTP id
 98e67ed59e1d1-2e15a1b6980mr1136697a91.3.1727726911192;
 Mon, 30 Sep 2024 13:08:31 -0700 (PDT)
Received: from ubuntu-vm.. (201-92-183-102.dsl.telesp.net.br. [201.92.183.102])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-2e0b6c9b438sm8464787a91.28.2024.09.30.13.08.29
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 30 Sep 2024 13:08:30 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: binutils@sourceware.org
Cc: Stephen Roettger <sroettger@google.com>, Jeff Xu <jeffxu@google.com>,
 Florian Weimer <fweimer@redhat.com>, Mike Hommey <mh@glandium.org>,
 Adhemerval Zanella <adhemerval.zanella@linaro.org>
Subject: [PATCH v2 0/3] elf: Add GNU_PROPERTY_MEMORY_SEAL gnu property
Date: Mon, 30 Sep 2024 17:08:19 -0300
Message-Id: <20240930200822.1669666-1-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_BARRACUDACENTRAL,
 RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: binutils@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Binutils mailing list <binutils.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/binutils>,
 <mailto:binutils-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/binutils/>
List-Post: <mailto:binutils@sourceware.org>
List-Help: <mailto:binutils-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils>,
 <mailto:binutils-request@sourceware.org?subject=subscribe>
Errors-To: binutils-bounces~patch=linaro.org@sourceware.org

The new attribute indicates that an ET_EXEC or ET_DYN ELF object should
be memory-sealed if the loader supports it. Memory sealing is useful as
a hardening mechanism to avoid either remapping the memory segments or
changing the memory protection segments layout by the dynamic loader
(for instance, the RELRO hardening). The Linux 6.10
(8be7258aad44b5e25977a98db136f677fa6f4370) added the mseal syscall
accomplishes it.

A GNU property is used instead of a new dynamic section tag (like the
one proposed for DT_GNU_FLAGS_1) because the memory sealing should be
selectable for ET_EXEC and not only for ET_DYN. It also fits new opt-in
security features like x86 CET or AArch64 BTI. 

The first patch adds the -Wl,memory-seal/-Wl,nomemory-seal options to
ld.bfd. The GNU_PROPERTY_MEMORY_SEAL property is added only for ET_EXEC
or ET_DYN objects.

The second patch adds similar support for ld.gold.

The third patch adds the ld --enable-memory-seal configure options to
enable the memory sealing mark as default (similar to other security
hardening as RELRO or non-executable stacks).

Changes v1->v2:
* Make the security hardening opt-in instead of opt-out.
* Add gold support.

Adhemerval Zanella (3):
  elf: Add GNU_PROPERTY_MEMORY_SEAL gnu property
  gold: Add GNU_PROPERTY_MEMORY_SEAL gnu property
  ld: Add --enable-memory-seal configure option

 bfd/elf-properties.c                       | 72 +++++++++++++++++-----
 bfd/elfxx-x86.c                            |  3 +-
 binutils/readelf.c                         |  6 ++
 binutils/testsuite/lib/binutils-common.exp | 22 +++++++
 elfcpp/elfcpp.h                            |  1 +
 gold/NEWS                                  |  3 +
 gold/layout.cc                             |  4 ++
 gold/options.h                             |  3 +
 gold/testsuite/Makefile.am                 | 19 ++++++
 gold/testsuite/Makefile.in                 | 26 +++++++-
 gold/testsuite/memory_seal_main.c          |  5 ++
 gold/testsuite/memory_seal_shared.c        |  7 +++
 gold/testsuite/memory_seal_test.sh         | 45 ++++++++++++++
 include/bfdlink.h                          |  3 +
 include/elf/common.h                       |  1 +
 ld/NEWS                                    |  4 ++
 ld/config.in                               |  3 +
 ld/configure                               | 28 ++++++++-
 ld/configure.ac                            | 17 +++++
 ld/emultempl/elf.em                        |  5 ++
 ld/ld.texi                                 |  8 +++
 ld/lexsup.c                                | 11 ++++
 ld/testsuite/config/default.exp            |  8 +++
 ld/testsuite/ld-elf/property-seal-1.d      | 15 +++++
 ld/testsuite/ld-elf/property-seal-2.d      | 14 +++++
 ld/testsuite/ld-srec/srec.exp              |  4 ++
 ld/testsuite/lib/ld-lib.exp                |  6 ++
 27 files changed, 320 insertions(+), 23 deletions(-)
 create mode 100644 gold/testsuite/memory_seal_main.c
 create mode 100644 gold/testsuite/memory_seal_shared.c
 create mode 100755 gold/testsuite/memory_seal_test.sh
 create mode 100644 ld/testsuite/ld-elf/property-seal-1.d
 create mode 100644 ld/testsuite/ld-elf/property-seal-2.d