1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/patches/binutils/2.20.1a/150-pt-pax-flags-20090909.patch Sun Sep 11 18:18:53 2011 +0200
1.3 @@ -0,0 +1,248 @@
1.4 +
1.5 +
1.6 +diff -durN binutils-2.20.1.orig/bfd/elf-bfd.h binutils-2.20.1/bfd/elf-bfd.h
1.7 +--- binutils-2.20.1.orig/bfd/elf-bfd.h 2009-09-10 13:47:12.000000000 +0200
1.8 ++++ binutils-2.20.1/bfd/elf-bfd.h 2010-08-17 19:32:11.000000000 +0200
1.9 +@@ -1531,6 +1531,9 @@
1.10 + /* Segment flags for the PT_GNU_STACK segment. */
1.11 + unsigned int stack_flags;
1.12 +
1.13 ++ /* Segment flags for the PT_PAX_FLAGS segment. */
1.14 ++ unsigned int pax_flags;
1.15 ++
1.16 + /* Symbol version definitions in external objects. */
1.17 + Elf_Internal_Verdef *verdef;
1.18 +
1.19 +diff -durN binutils-2.20.1.orig/bfd/elf.c binutils-2.20.1/bfd/elf.c
1.20 +--- binutils-2.20.1.orig/bfd/elf.c 2009-09-10 13:47:12.000000000 +0200
1.21 ++++ binutils-2.20.1/bfd/elf.c 2010-08-17 19:32:11.000000000 +0200
1.22 +@@ -1083,6 +1083,7 @@
1.23 + case PT_GNU_EH_FRAME: pt = "EH_FRAME"; break;
1.24 + case PT_GNU_STACK: pt = "STACK"; break;
1.25 + case PT_GNU_RELRO: pt = "RELRO"; break;
1.26 ++ case PT_PAX_FLAGS: pt = "PAX_FLAGS"; break;
1.27 + default: pt = NULL; break;
1.28 + }
1.29 + return pt;
1.30 +@@ -2396,6 +2397,9 @@
1.31 + case PT_GNU_RELRO:
1.32 + return _bfd_elf_make_section_from_phdr (abfd, hdr, index, "relro");
1.33 +
1.34 ++ case PT_PAX_FLAGS:
1.35 ++ return _bfd_elf_make_section_from_phdr (abfd, hdr, index, "pax_flags");
1.36 ++
1.37 + default:
1.38 + /* Check for any processor-specific program segment types. */
1.39 + bed = get_elf_backend_data (abfd);
1.40 +@@ -3413,6 +3417,11 @@
1.41 + ++segs;
1.42 + }
1.43 +
1.44 ++ {
1.45 ++ /* We need a PT_PAX_FLAGS segment. */
1.46 ++ ++segs;
1.47 ++ }
1.48 ++
1.49 + for (s = abfd->sections; s != NULL; s = s->next)
1.50 + {
1.51 + if ((s->flags & SEC_LOAD) != 0
1.52 +@@ -3994,6 +4003,20 @@
1.53 + }
1.54 + }
1.55 +
1.56 ++ {
1.57 ++ amt = sizeof (struct elf_segment_map);
1.58 ++ m = bfd_zalloc (abfd, amt);
1.59 ++ if (m == NULL)
1.60 ++ goto error_return;
1.61 ++ m->next = NULL;
1.62 ++ m->p_type = PT_PAX_FLAGS;
1.63 ++ m->p_flags = elf_tdata (abfd)->pax_flags;
1.64 ++ m->p_flags_valid = 1;
1.65 ++
1.66 ++ *pm = m;
1.67 ++ pm = &m->next;
1.68 ++ }
1.69 ++
1.70 + free (sections);
1.71 + elf_tdata (abfd)->segment_map = mfirst;
1.72 + }
1.73 +@@ -5198,7 +5221,8 @@
1.74 + 6. PT_TLS segment includes only SHF_TLS sections.
1.75 + 7. SHF_TLS sections are only in PT_TLS or PT_LOAD segments.
1.76 + 8. PT_DYNAMIC should not contain empty sections at the beginning
1.77 +- (with the possible exception of .dynamic). */
1.78 ++ (with the possible exception of .dynamic).
1.79 ++ 9. PT_PAX_FLAGS segments do not include any sections. */
1.80 + #define IS_SECTION_IN_INPUT_SEGMENT(section, segment, bed) \
1.81 + ((((segment->p_paddr \
1.82 + ? IS_CONTAINED_BY_LMA (section, segment, segment->p_paddr) \
1.83 +@@ -5206,6 +5230,7 @@
1.84 + && (section->flags & SEC_ALLOC) != 0) \
1.85 + || IS_NOTE (segment, section)) \
1.86 + && segment->p_type != PT_GNU_STACK \
1.87 ++ && segment->p_type != PT_PAX_FLAGS \
1.88 + && (segment->p_type != PT_TLS \
1.89 + || (section->flags & SEC_THREAD_LOCAL)) \
1.90 + && (segment->p_type == PT_LOAD \
1.91 +diff -durN binutils-2.20.1.orig/bfd/elflink.c binutils-2.20.1/bfd/elflink.c
1.92 +--- binutils-2.20.1.orig/bfd/elflink.c 2009-09-10 13:47:12.000000000 +0200
1.93 ++++ binutils-2.20.1/bfd/elflink.c 2010-08-17 19:32:11.000000000 +0200
1.94 +@@ -5469,16 +5469,30 @@
1.95 + return TRUE;
1.96 +
1.97 + bed = get_elf_backend_data (output_bfd);
1.98 ++
1.99 ++ elf_tdata (output_bfd)->pax_flags = PF_NORANDEXEC;
1.100 ++ if (info->execheap)
1.101 ++ elf_tdata (output_bfd)->pax_flags |= PF_NOMPROTECT;
1.102 ++ else if (info->noexecheap)
1.103 ++ elf_tdata (output_bfd)->pax_flags |= PF_MPROTECT;
1.104 ++
1.105 + if (info->execstack)
1.106 +- elf_tdata (output_bfd)->stack_flags = PF_R | PF_W | PF_X;
1.107 ++ {
1.108 ++ elf_tdata (output_bfd)->stack_flags = PF_R | PF_W | PF_X;
1.109 ++ elf_tdata (output_bfd)->pax_flags |= PF_EMUTRAMP;
1.110 ++ }
1.111 + else if (info->noexecstack)
1.112 +- elf_tdata (output_bfd)->stack_flags = PF_R | PF_W;
1.113 ++ {
1.114 ++ elf_tdata (output_bfd)->stack_flags = PF_R | PF_W;
1.115 ++ elf_tdata (output_bfd)->pax_flags |= PF_NOEMUTRAMP;
1.116 ++ }
1.117 + else
1.118 + {
1.119 + bfd *inputobj;
1.120 + asection *notesec = NULL;
1.121 + int exec = 0;
1.122 +
1.123 ++ elf_tdata (output_bfd)->pax_flags |= PF_NOEMUTRAMP;
1.124 + for (inputobj = info->input_bfds;
1.125 + inputobj;
1.126 + inputobj = inputobj->link_next)
1.127 +@@ -5491,7 +5505,11 @@
1.128 + if (s)
1.129 + {
1.130 + if (s->flags & SEC_CODE)
1.131 +- exec = PF_X;
1.132 ++ {
1.133 ++ elf_tdata (output_bfd)->pax_flags &= ~PF_NOEMUTRAMP;
1.134 ++ elf_tdata (output_bfd)->pax_flags |= PF_EMUTRAMP;
1.135 ++ exec = PF_X;
1.136 ++ }
1.137 + notesec = s;
1.138 + }
1.139 + else if (bed->default_execstack)
1.140 +diff -durN binutils-2.20.1.orig/binutils/readelf.c binutils-2.20.1/binutils/readelf.c
1.141 +--- binutils-2.20.1.orig/binutils/readelf.c 2010-01-14 11:48:23.000000000 +0100
1.142 ++++ binutils-2.20.1/binutils/readelf.c 2010-08-17 19:32:11.000000000 +0200
1.143 +@@ -2569,6 +2569,7 @@
1.144 + return "GNU_EH_FRAME";
1.145 + case PT_GNU_STACK: return "GNU_STACK";
1.146 + case PT_GNU_RELRO: return "GNU_RELRO";
1.147 ++ case PT_PAX_FLAGS: return "PAX_FLAGS";
1.148 +
1.149 + default:
1.150 + if ((p_type >= PT_LOPROC) && (p_type <= PT_HIPROC))
1.151 +diff -durN binutils-2.20.1.orig/include/bfdlink.h binutils-2.20.1/include/bfdlink.h
1.152 +--- binutils-2.20.1.orig/include/bfdlink.h 2009-09-10 13:47:30.000000000 +0200
1.153 ++++ binutils-2.20.1/include/bfdlink.h 2010-08-17 19:32:11.000000000 +0200
1.154 +@@ -321,6 +321,14 @@
1.155 + /* TRUE if PT_GNU_RELRO segment should be created. */
1.156 + unsigned int relro: 1;
1.157 +
1.158 ++ /* TRUE if PT_PAX_FLAGS segment should be created with PF_NOMPROTECT
1.159 ++ flags. */
1.160 ++ unsigned int execheap: 1;
1.161 ++
1.162 ++ /* TRUE if PT_PAX_FLAGS segment should be created with PF_MPROTECT
1.163 ++ flags. */
1.164 ++ unsigned int noexecheap: 1;
1.165 ++
1.166 + /* TRUE if we should warn when adding a DT_TEXTREL to a shared object. */
1.167 + unsigned int warn_shared_textrel: 1;
1.168 +
1.169 +diff -durN binutils-2.20.1.orig/include/elf/common.h binutils-2.20.1/include/elf/common.h
1.170 +--- binutils-2.20.1.orig/include/elf/common.h 2009-08-09 15:42:26.000000000 +0200
1.171 ++++ binutils-2.20.1/include/elf/common.h 2010-08-17 19:32:11.000000000 +0200
1.172 +@@ -422,6 +422,7 @@
1.173 + #define PT_SUNW_EH_FRAME PT_GNU_EH_FRAME /* Solaris uses the same value */
1.174 + #define PT_GNU_STACK (PT_LOOS + 0x474e551) /* Stack flags */
1.175 + #define PT_GNU_RELRO (PT_LOOS + 0x474e552) /* Read-only after relocation */
1.176 ++#define PT_PAX_FLAGS (PT_LOOS + 0x5041580) /* PaX flags */
1.177 +
1.178 + /* Program segment permissions, in program header p_flags field. */
1.179 +
1.180 +@@ -432,6 +433,21 @@
1.181 + #define PF_MASKOS 0x0FF00000 /* New value, Oct 4, 1999 Draft */
1.182 + #define PF_MASKPROC 0xF0000000 /* Processor-specific reserved bits */
1.183 +
1.184 ++/* Flags to control PaX behavior. */
1.185 ++
1.186 ++#define PF_PAGEEXEC (1 << 4) /* Enable PAGEEXEC */
1.187 ++#define PF_NOPAGEEXEC (1 << 5) /* Disable PAGEEXEC */
1.188 ++#define PF_SEGMEXEC (1 << 6) /* Enable SEGMEXEC */
1.189 ++#define PF_NOSEGMEXEC (1 << 7) /* Disable SEGMEXEC */
1.190 ++#define PF_MPROTECT (1 << 8) /* Enable MPROTECT */
1.191 ++#define PF_NOMPROTECT (1 << 9) /* Disable MPROTECT */
1.192 ++#define PF_RANDEXEC (1 << 10) /* Enable RANDEXEC */
1.193 ++#define PF_NORANDEXEC (1 << 11) /* Disable RANDEXEC */
1.194 ++#define PF_EMUTRAMP (1 << 12) /* Enable EMUTRAMP */
1.195 ++#define PF_NOEMUTRAMP (1 << 13) /* Disable EMUTRAMP */
1.196 ++#define PF_RANDMMAP (1 << 14) /* Enable RANDMMAP */
1.197 ++#define PF_NORANDMMAP (1 << 15) /* Disable RANDMMAP */
1.198 ++
1.199 + /* Values for section header, sh_type field. */
1.200 +
1.201 + #define SHT_NULL 0 /* Section header table entry unused */
1.202 +diff -durN binutils-2.20.1.orig/ld/emultempl/elf32.em binutils-2.20.1/ld/emultempl/elf32.em
1.203 +--- binutils-2.20.1.orig/ld/emultempl/elf32.em 2010-08-17 19:32:09.000000000 +0200
1.204 ++++ binutils-2.20.1/ld/emultempl/elf32.em 2010-08-17 19:32:11.000000000 +0200
1.205 +@@ -2165,6 +2165,16 @@
1.206 + link_info.noexecstack = TRUE;
1.207 + link_info.execstack = FALSE;
1.208 + }
1.209 ++ else if (strcmp (optarg, "execheap") == 0)
1.210 ++ {
1.211 ++ link_info.execheap = TRUE;
1.212 ++ link_info.noexecheap = FALSE;
1.213 ++ }
1.214 ++ else if (strcmp (optarg, "noexecheap") == 0)
1.215 ++ {
1.216 ++ link_info.noexecheap = TRUE;
1.217 ++ link_info.execheap = FALSE;
1.218 ++ }
1.219 + EOF
1.220 +
1.221 + if test -n "$COMMONPAGESIZE"; then
1.222 +@@ -2243,6 +2253,8 @@
1.223 + fprintf (file, _("\
1.224 + -z execstack Mark executable as requiring executable stack\n"));
1.225 + fprintf (file, _("\
1.226 ++ -z execheap Mark executable as requiring executable heap\n"));
1.227 ++ fprintf (file, _("\
1.228 + -z initfirst Mark DSO to be initialized first at runtime\n"));
1.229 + fprintf (file, _("\
1.230 + -z interpose Mark object to interpose all DSOs but executable\n"));
1.231 +@@ -2266,6 +2278,8 @@
1.232 + -z nodump Mark DSO not available to dldump\n"));
1.233 + fprintf (file, _("\
1.234 + -z noexecstack Mark executable as not requiring executable stack\n"));
1.235 ++ fprintf (file, _("\
1.236 ++ -z noexecheap Mark executable as not requiring executable heap\n"));
1.237 + EOF
1.238 +
1.239 + if test -n "$COMMONPAGESIZE"; then
1.240 +diff -durN binutils-2.20.1.orig/ld/ldgram.y binutils-2.20.1/ld/ldgram.y
1.241 +--- binutils-2.20.1.orig/ld/ldgram.y 2009-09-02 09:25:35.000000000 +0200
1.242 ++++ binutils-2.20.1/ld/ldgram.y 2010-08-17 19:32:11.000000000 +0200
1.243 +@@ -1116,6 +1116,8 @@
1.244 + $$ = exp_intop (0x6474e550);
1.245 + else if (strcmp (s, "PT_GNU_STACK") == 0)
1.246 + $$ = exp_intop (0x6474e551);
1.247 ++ else if (strcmp (s, "PT_PAX_FLAGS") == 0)
1.248 ++ $$ = exp_intop (0x65041580);
1.249 + else
1.250 + {
1.251 + einfo (_("\