int getpid (void), getppid (void);
struct S { int (*p) (void); int (*q) (void); };
const struct S t = { getpid, getppid };
int
main (void)
{
return 0;
}
gcc -g -o test test.c
or
int foo (void) { return 1; }
int bar (void) { return 2; }
struct S { int (*p) (void); int (*q) (void); };
const struct S t = { foo, bar };
int
main (void)
{
return 0;
}
gcc -g -o test2 test2.c -Wl,--export-dynamic
results in DT_TEXTREL binaries, which is very bad from security POV.
E.g. SELinux needs to avoid some execmod checks because of this.
I'd say it is far better to use .data.rel.ro and similar sections for such
constants that require relocations rather than .rodata, with -Wl,-z,relro
they will be write protected as well, but no segment will be executable
and writable at the same time that way.
Looking at config/ia64/, it seems hpux is already doing that with:
/* It is illegal to have relocations in shared segments on HPUX.
Pretend flag_pic is always set. */
#undef TARGET_ASM_SELECT_SECTION
#define TARGET_ASM_SELECT_SECTION ia64_rwreloc_select_section
#undef TARGET_ASM_UNIQUE_SECTION
#define TARGET_ASM_UNIQUE_SECTION ia64_rwreloc_unique_section
#undef TARGET_ASM_SELECT_RTX_SECTION
#define TARGET_ASM_SELECT_RTX_SECTION ia64_rwreloc_select_rtx_section
#define TARGET_RWRELOC true
Any reason why this shouldn't be in config/ia64/linux.h as well?
--
Summary: IA-64 creates DT_TEXTREL binaries
Product: gcc
Version: 4.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: jakub at gcc dot gnu dot org
GCC target triplet: ia64-linux
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26090
