Revert "bionic: loader: Extend GNU_RELRO protection"
Revert submission 2803156-loader_crt_pad_segment
Reason for revert: b/324952273
Reverted changes: /q/submissionid:2803156-loader_crt_pad_segment
Change-Id: I22d4ae1972c5de7da908eb090a2fea5565ead88b
diff --git a/linker/linker_phdr.cpp b/linker/linker_phdr.cpp
index 6bfe80c..1547cae 100644
--- a/linker/linker_phdr.cpp
+++ b/linker/linker_phdr.cpp
@@ -993,42 +993,11 @@
should_pad_segments);
}
-static inline void _extend_gnu_relro_prot_end(const ElfW(Phdr)* relro_phdr,
- const ElfW(Phdr)* phdr_table, size_t phdr_count,
- ElfW(Addr) load_bias, ElfW(Addr)* seg_page_end) {
- // Find the index and phdr of the LOAD containing the GNU_RELRO segment
- for (size_t index = 0; index < phdr_count; ++index) {
- const ElfW(Phdr)* phdr = &phdr_table[index];
-
- if (phdr->p_type == PT_LOAD && phdr->p_vaddr == relro_phdr->p_vaddr) {
- // If the PT_GNU_RELRO mem size is not at least as large as the corresponding
- // LOAD segment mem size, we need to protect only a partial region of the
- // LOAD segment and therefore cannot avoid a VMA split.
- if (relro_phdr->p_memsz < phdr->p_memsz) {
- break;
- }
-
- ElfW(Addr) p_memsz = phdr->p_memsz;
- ElfW(Addr) p_filesz = phdr->p_filesz;
-
- // Attempt extending the VMA (mprotect range). Without extending the range
- // mprotect will only RO protect a part of the extend RW LOAD segment, which will
- // leave an extra split RW VMA (the gap).
- _extend_load_segment_vma(phdr_table, phdr_count, index, &p_memsz, &p_filesz);
-
- *seg_page_end = page_end(phdr->p_vaddr + p_memsz + load_bias);
-
- break;
- }
- }
-}
-
/* Used internally by phdr_table_protect_gnu_relro and
* phdr_table_unprotect_gnu_relro.
*/
static int _phdr_table_set_gnu_relro_prot(const ElfW(Phdr)* phdr_table, size_t phdr_count,
- ElfW(Addr) load_bias, int prot_flags,
- bool should_pad_segments) {
+ ElfW(Addr) load_bias, int prot_flags) {
const ElfW(Phdr)* phdr = phdr_table;
const ElfW(Phdr)* phdr_limit = phdr + phdr_count;
@@ -1053,16 +1022,8 @@
// the program is likely to fail at runtime. So in effect the
// linker must only emit a PT_GNU_RELRO segment if it ensures
// that it starts on a page boundary.
- ElfW(Addr) seg_page_start = page_start(phdr->p_vaddr + load_bias);
- ElfW(Addr) seg_page_end = page_end(phdr->p_vaddr + phdr->p_memsz + load_bias);
-
- // Before extending the RO protection, we need to ensure that the segments were extended
- // by bionic, because the kernel won't map gaps so it usually contains unrelated
- // mappings which will be incorrectly protected as RO likely leading to
- // segmentation fault.
- if (phdr->p_align > kPageSize && should_pad_segments) {
- _extend_gnu_relro_prot_end(phdr, phdr_table, phdr_count, load_bias, &seg_page_end);
- }
+ ElfW(Addr) seg_page_start = page_start(phdr->p_vaddr) + load_bias;
+ ElfW(Addr) seg_page_end = page_end(phdr->p_vaddr + phdr->p_memsz) + load_bias;
int ret = mprotect(reinterpret_cast<void*>(seg_page_start),
seg_page_end - seg_page_start,
@@ -1087,14 +1048,12 @@
* phdr_table -> program header table
* phdr_count -> number of entries in tables
* load_bias -> load bias
- * should_pad_segments -> Were segments extended to avoid gaps in the memory map
* Return:
* 0 on success, -1 on failure (error code in errno).
*/
-int phdr_table_protect_gnu_relro(const ElfW(Phdr)* phdr_table, size_t phdr_count,
- ElfW(Addr) load_bias, bool should_pad_segments) {
- return _phdr_table_set_gnu_relro_prot(phdr_table, phdr_count, load_bias, PROT_READ,
- should_pad_segments);
+int phdr_table_protect_gnu_relro(const ElfW(Phdr)* phdr_table,
+ size_t phdr_count, ElfW(Addr) load_bias) {
+ return _phdr_table_set_gnu_relro_prot(phdr_table, phdr_count, load_bias, PROT_READ);
}
/* Serialize the GNU relro segments to the given file descriptor. This can be