Document and fix --enable-bind-now [BZ #21015]

2025-08-07 06:43:00 +03:00 · 2017-03-02 14:44:28 +01:00
parent 9090848d06
commit 2d6ab5df3b
9 changed files with 47 additions and 9 deletions
--- a/17
+++ b/17
@@ -1,3 +1,20 @@
 2017-03-02  Florian Weimer  <fweimer@redhat.com>
 	[BZ #21015]
 	* manual/install.texi (Configuring and compiling): Document
 	--enable-bind-now.
 	* Makeconfig [bind-now] (LDFLAGS-lib.so): Set.
 	(build-shlib-helper): Use $(LDFLAGS-lib.so).
 	(format.lds): Likewise.
 	[bind-now] (LDFLAGS-c.so): Remove.
 	* sysdeps/x86_64/localplt.data (libm.so): matherr relocation can
 	be R_X86_64_GLOB_DAT.
 	* sysdeps/unix/sysv/linux/i386/localplt.data (libm.so): matherr
 	relocation can be R_386_GLOB_DAT.
 	* sysdeps/unix/sysv/linux/alpha/localplt.data (libm.so): matherr
 	relocaiton can be R_ALPHA_GLOB_DAT.
 	* iconvdata/Makefile [bind-now] (LDFLAGS.so): Add -Wl,-z,now.
 2017-03-01  Zack Weinberg  <zackw@panix.com>
 	* include/libc-pointer-arith.h: New file.  Define
--- a/6
+++ b/6
@@ -146,6 +146,12 @@ will be used, and CFLAGS sets optimization options for the compiler.
     of routines called directly from assembler are excluded from this
     protection.
 '--enable-bind-now'
     Disable lazy binding for installed shared objects.  This provides
     additional security hardening because it enables full RELRO and a
     read-only global offset table (GOT), at the cost of slightly
     increased program load times.
 '--enable-pt_chown'
     The file 'pt_chown' is a helper binary for 'grantpt' (*note
     Pseudo-Terminals: Allocation.) that is installed setuid root to fix
--- a/7
+++ b/7
@@ -386,6 +386,13 @@ LDFLAGS.so += $(hashstyle-LDFLAGS)
 LDFLAGS-rtld += $(hashstyle-LDFLAGS)
 endif
 # If lazy relocations are disabled, add the -z now flag.  Use
 # LDFLAGS-lib.so instead of LDFLAGS.so, to avoid adding the flag to
 # test modules.
 ifeq ($(bind-now),yes)
 LDFLAGS-lib.so += -Wl,-z,now
 endif
 # Command to run after every final link (executable or shared object).
 # This is invoked with $(call after-link,...), so it should operate on
 # the file $1.  This can be set to do some sort of post-processing on
--- a/9
+++ b/9
@@ -588,7 +588,7 @@ $(LINK.o) -shared -static-libgcc -Wl,-O1 $(sysdep-LDFLAGS) \
 	  $(extra-B-$(@F:lib%.so=%).so) -B$(csu-objpfx) \
 	  $(extra-B-$(@F:lib%.so=%).so) $(load-map-file) \
 	  -Wl,-soname=lib$(libprefix)$(@F:lib%.so=%).so$($(@F)-version) \
-	  $(LDFLAGS.so) $(LDFLAGS-$(@F:lib%.so=%).so) \
+	  $(LDFLAGS.so) $(LDFLAGS-lib.so) $(LDFLAGS-$(@F:lib%.so=%).so) \
 	  -L$(subst :, -L,$(rpath-link)) -Wl,-rpath-link=$(rpath-link)
 endef
@@ -686,10 +686,6 @@ LDFLAGS-c.so = -nostdlib -nostartfiles
 LDLIBS-c.so += $(libc.so-gnulib)
 # Give libc.so an entry point and make it directly runnable itself.
 LDFLAGS-c.so += -e __libc_main
 # If lazy relocation is disabled add the -z now flag.
 ifeq ($(bind-now),yes)
 LDFLAGS-c.so += -Wl,-z,now
 endif
 # Pre-link the objects of libc_pic.a so that we can locally resolve
 # COMMON symbols before we link against ld.so.  This is because ld.so
 # contains some of libc_pic.a already, which will prevent the COMMONs
@@ -1104,7 +1100,8 @@ $(common-objpfx)format.lds: $(..)scripts/output-format.sed \
 ifneq (unknown,$(output-format))
 	echo > $@.new 'OUTPUT_FORMAT($(output-format))'
 else
-	$(LINK.o) -shared $(sysdep-LDFLAGS) $(rtld-LDFLAGS) $(LDFLAGS.so) \
+	$(LINK.o) -shared $(sysdep-LDFLAGS) $(rtld-LDFLAGS) \
 		  $(LDFLAGS.so) $(LDFLAGS-lib.so) \
 		  -x c /dev/null -o $@.so -Wl,--verbose -v 2>&1 \
 	| sed -n -f $< > $@.new
 	test -s $@.new
--- a/iconvdata/Makefile
+++ b/iconvdata/Makefile
@@ -63,6 +63,11 @@ modules	:= ISO8859-1 ISO8859-2 ISO8859-3 ISO8859-4 ISO8859-5		 \
 	   MAC-CENTRALEUROPE KOI8-RU ISO8859-9E				 \
 	   CP770 CP771 CP772 CP773 CP774
 # If lazy binding is disabled, use BIND_NOW for the gconv modules.
 ifeq ($(bind-now),yes)
 LDFLAGS.so += -Wl,-z,now
 endif
 modules.so := $(addsuffix .so, $(modules))
 ifeq (yes,$(build-shared))
--- a/manual/install.texi
+++ b/manual/install.texi
@@ -175,6 +175,12 @@ options to detect stack overruns.  Only the dynamic linker and a small
 number of routines called directly from assembler are excluded from this
 protection.
@item --enable-bind-now
 Disable lazy binding for installed shared objects.  This provides
 additional security hardening because it enables full RELRO and a
 read-only global offset table (GOT), at the cost of slightly increased
 program load times.
@pindex pt_chown
@findex grantpt
@item --enable-pt_chown
--- a/sysdeps/unix/sysv/linux/alpha/localplt.data
+++ b/sysdeps/unix/sysv/linux/alpha/localplt.data
@@ -20,7 +20,7 @@ libc.so: free + RELA R_ALPHA_GLOB_DAT
 libc.so: malloc + RELA R_ALPHA_GLOB_DAT
 libc.so: memalign + RELA R_ALPHA_GLOB_DAT
 libc.so: realloc + RELA R_ALPHA_GLOB_DAT
-libm.so: matherr
+libm.so: matherr + RELA R_ALPHA_GLOB_DAT
 # We used to offer inline functions that used this, so it must be exported.
 # Ought to reorg things such that carg isn't thus forced to use a plt.
 libm.so: __atan2
--- a/sysdeps/unix/sysv/linux/i386/localplt.data
+++ b/sysdeps/unix/sysv/linux/i386/localplt.data
@@ -6,7 +6,7 @@ libc.so: free + REL R_386_GLOB_DAT
 libc.so: malloc + REL R_386_GLOB_DAT
 libc.so: memalign + REL R_386_GLOB_DAT
 libc.so: realloc + REL R_386_GLOB_DAT
-libm.so: matherr
+libm.so: matherr + REL R_386_GLOB_DAT
 # The main malloc is interposed into the dynamic linker, for
 # allocations after the initial link (when dlopen is used).
 ld.so: malloc + REL R_386_GLOB_DAT
--- a/sysdeps/x86_64/localplt.data
+++ b/sysdeps/x86_64/localplt.data
@@ -8,7 +8,7 @@ libc.so: free + RELA R_X86_64_GLOB_DAT
 libc.so: malloc + RELA R_X86_64_GLOB_DAT
 libc.so: memalign + RELA R_X86_64_GLOB_DAT
 libc.so: realloc + RELA R_X86_64_GLOB_DAT
-libm.so: matherr
+libm.so: matherr + RELA R_X86_64_GLOB_DAT
 # The main malloc is interposed into the dynamic linker, for
 # allocations after the initial link (when dlopen is used).
 ld.so: malloc + RELA R_X86_64_GLOB_DAT