[Lldb-commits] [PATCH] D118494: [lldb] Observe SG_READ_ONLY flag in MachO binaries

Wed, 09 Feb 2022 01:22:37 -0800 

labath added inline comments.


================
Comment at: lldb/source/Plugins/ObjectFile/Mach-O/ObjectFileMachO.cpp:1436
     result |= ePermissionsReadable;
-  if (seg_cmd.initprot & VM_PROT_WRITE)
+  if ((seg_cmd.initprot & VM_PROT_WRITE) && !(seg_cmd.flags & SG_READ_ONLY))
     result |= ePermissionsWritable;
----------------
kastiglione wrote:
> aprantl wrote:
> > kastiglione wrote:
> > > augusto2112 wrote:
> > > > Could we add a new value in the enumeration? Something like 
> > > > ePermissionsLinkerWritable? As it is right now this would be dangerous 
> > > > for the existing file-cache optimization as we'd happily read pointers 
> > > > that are supposed to be fixed by the linker from the file-cache.
> > > That works for me. I think we'd want `ePermissionsLoaderWritable`.
> > That sounds good.
> Some idle questions:
> 
> 1. Some code turns permissions into a string, like `rw-` or `r-x`, but 
> there's no string character for this "hybrid" writable flag.
> 2. Other code might make r/w/x assumptions, and have bugs because of this 
> extra state?
> 3. Do any other binary file formats have this notion, or would this be 
> forcing a Mach-O specific flag into a portable concept?
> 
> I haven't looked yet, but I'm thinking it would be good if there were some 
> other set of flags this information could be stored in.
> 
> I'm also not even sure if `SG_READ_ONLY` should modify permissions. For such 
> a segment, should the permissions say it's writable, and something else say 
> "actually no it's not", or should the permissions say it's non-writable, and 
> something else says "actually it is written to by the loader".
> Do any other binary file formats have this notion, or would this be forcing a 
> Mach-O specific flag into a portable concept?

There is a `PT_GNU_RELRO` in linux land:
```
PT_GNU_RELRO            

The array element specifies the location and size of a segment which may be 
made read-only after relocations have been processed.
```

I haven't checked windows, but I'd expect it to have something similar -- 
security hardening is a hot topic these days and writable vtables are a 
tempting target.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D118494/new/

https://reviews.llvm.org/D118494

_______________________________________________
lldb-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-commits

Reply via email to