From f0c459ebd2edbf6ad18eac91fb1ad80b98d3359e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johannes=20L=C3=B6thberg?= Date: Thu, 22 Feb 2018 21:28:20 +0100 Subject: [PATCH 1/3] Make relro-level=off explicitly disable RELRO MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Previously relro-level=off would just not tell the linker to use RELRO, but when you want to disable RELRO you most likely want to entirely prevent. Signed-off-by: Johannes Löthberg --- src/librustc_trans/back/link.rs | 4 +++- src/librustc_trans/back/linker.rs | 23 ++++++++++++++++++----- 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/src/librustc_trans/back/link.rs b/src/librustc_trans/back/link.rs index 636b3984117d8..56b845c304932 100644 --- a/src/librustc_trans/back/link.rs +++ b/src/librustc_trans/back/link.rs @@ -1014,7 +1014,9 @@ fn link_args(cmd: &mut Linker, RelroLevel::Partial => { cmd.partial_relro(); }, - RelroLevel::Off => {}, + RelroLevel::Off => { + cmd.no_relro(); + }, } // Pass optimization flags down to the linker. diff --git a/src/librustc_trans/back/linker.rs b/src/librustc_trans/back/linker.rs index 3fe667f154372..9bd7d83a19185 100644 --- a/src/librustc_trans/back/linker.rs +++ b/src/librustc_trans/back/linker.rs @@ -113,8 +113,9 @@ pub trait Linker { fn gc_sections(&mut self, keep_metadata: bool); fn position_independent_executable(&mut self); fn no_position_independent_executable(&mut self); - fn partial_relro(&mut self); fn full_relro(&mut self); + fn partial_relro(&mut self); + fn no_relro(&mut self); fn optimize(&mut self); fn debuginfo(&mut self); fn no_default_libraries(&mut self); @@ -188,8 +189,9 @@ impl<'a> Linker for GccLinker<'a> { fn add_object(&mut self, path: &Path) { self.cmd.arg(path); } fn position_independent_executable(&mut self) { self.cmd.arg("-pie"); } fn no_position_independent_executable(&mut self) { self.cmd.arg("-no-pie"); } - fn partial_relro(&mut self) { self.linker_arg("-z,relro"); } fn full_relro(&mut self) { self.linker_arg("-z,relro,-z,now"); } + fn partial_relro(&mut self) { self.linker_arg("-z,relro"); } + fn no_relro(&mut self) { self.linker_arg("-z,norelro"); } fn build_static_executable(&mut self) { self.cmd.arg("-static"); } fn args(&mut self, args: &[String]) { self.cmd.args(args); } @@ -452,11 +454,15 @@ impl<'a> Linker for MsvcLinker<'a> { // noop } + fn full_relro(&mut self) { + // noop + } + fn partial_relro(&mut self) { // noop } - fn full_relro(&mut self) { + fn no_relro(&mut self) { // noop } @@ -664,11 +670,15 @@ impl<'a> Linker for EmLinker<'a> { // noop } + fn full_relro(&mut self) { + // noop + } + fn partial_relro(&mut self) { // noop } - fn full_relro(&mut self) { + fn no_relro(&mut self) { // noop } @@ -829,10 +839,13 @@ impl Linker for WasmLd { fn position_independent_executable(&mut self) { } + fn full_relro(&mut self) { + } + fn partial_relro(&mut self) { } - fn full_relro(&mut self) { + fn no_relro(&mut self) { } fn build_static_executable(&mut self) { From 54b68b656913baa760dc9daf75796e84172f810a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johannes=20L=C3=B6thberg?= Date: Thu, 22 Feb 2018 20:38:35 +0100 Subject: [PATCH 2/3] Add RELRO run-make tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Johannes Löthberg --- src/test/run-make/relro-levels/Makefile | 21 +++++++++++++++++++++ src/test/run-make/relro-levels/hello.rs | 13 +++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 src/test/run-make/relro-levels/Makefile create mode 100644 src/test/run-make/relro-levels/hello.rs diff --git a/src/test/run-make/relro-levels/Makefile b/src/test/run-make/relro-levels/Makefile new file mode 100644 index 0000000000000..673ba9a9a02c8 --- /dev/null +++ b/src/test/run-make/relro-levels/Makefile @@ -0,0 +1,21 @@ +-include ../tools.mk + +# This tests the different -Zrelro-level values, and makes sure that they they work properly. + +all: +ifeq ($(UNAME),Linux) + # Ensure that binaries built with the full relro level links them with both + # RELRO and BIND_NOW for doing eager symbol resolving. + $(RUSTC) -Zrelro-level=full hello.rs + readelf -l $(TMPDIR)/hello | grep -q GNU_RELRO + readelf -d $(TMPDIR)/hello | grep -q BIND_NOW + + $(RUSTC) -Zrelro-level=partial hello.rs + readelf -l $(TMPDIR)/hello | grep -q GNU_RELRO + + # Ensure that we're *not* built with RELRO when setting it to off. We do + # not want to check for BIND_NOW however, as the linker might have that + # enabled by default. + $(RUSTC) -Zrelro-level=off hello.rs + ! readelf -l $(TMPDIR)/hello | grep -q GNU_RELRO +endif diff --git a/src/test/run-make/relro-levels/hello.rs b/src/test/run-make/relro-levels/hello.rs new file mode 100644 index 0000000000000..41782851a1a6d --- /dev/null +++ b/src/test/run-make/relro-levels/hello.rs @@ -0,0 +1,13 @@ +// Copyright 2017 The Rust Project Developers. See the COPYRIGHT +// file at the top-level directory of this distribution and at +// http://rust-lang.org/COPYRIGHT. +// +// Licensed under the Apache License, Version 2.0 or the MIT license +// , at your +// option. This file may not be copied, modified, or distributed +// except according to those terms. + +fn main() { + println!("Hello, world!"); +} From 1dbce4b0afb8f76eb7cd7aad0e3c34d4f7fc2274 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johannes=20L=C3=B6thberg?= Date: Fri, 9 Mar 2018 14:53:15 +0100 Subject: [PATCH 3/3] Make the default relro level be doing nothing at all MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Johannes Löthberg --- src/librustc_back/lib.rs | 4 ++++ src/librustc_back/target/mod.rs | 2 +- src/librustc_trans/back/link.rs | 2 ++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/librustc_back/lib.rs b/src/librustc_back/lib.rs index 9de56cca3394f..9baee26770998 100644 --- a/src/librustc_back/lib.rs +++ b/src/librustc_back/lib.rs @@ -131,6 +131,7 @@ pub enum RelroLevel { Full, Partial, Off, + None, } impl RelroLevel { @@ -139,6 +140,7 @@ impl RelroLevel { RelroLevel::Full => "full", RelroLevel::Partial => "partial", RelroLevel::Off => "off", + RelroLevel::None => "none", } } } @@ -151,6 +153,7 @@ impl FromStr for RelroLevel { "full" => Ok(RelroLevel::Full), "partial" => Ok(RelroLevel::Partial), "off" => Ok(RelroLevel::Off), + "none" => Ok(RelroLevel::None), _ => Err(()), } } @@ -162,6 +165,7 @@ impl ToJson for RelroLevel { RelroLevel::Full => "full".to_json(), RelroLevel::Partial => "partial".to_json(), RelroLevel::Off => "off".to_json(), + RelroLevel::None => "None".to_json(), } } } diff --git a/src/librustc_back/target/mod.rs b/src/librustc_back/target/mod.rs index 0a3e1826f3a1c..250d85d45203e 100644 --- a/src/librustc_back/target/mod.rs +++ b/src/librustc_back/target/mod.rs @@ -514,7 +514,7 @@ impl Default for TargetOptions { has_rpath: false, no_default_libraries: true, position_independent_executables: false, - relro_level: RelroLevel::Off, + relro_level: RelroLevel::None, pre_link_objects_exe: Vec::new(), pre_link_objects_dll: Vec::new(), post_link_objects: Vec::new(), diff --git a/src/librustc_trans/back/link.rs b/src/librustc_trans/back/link.rs index 56b845c304932..235a95f63e4ca 100644 --- a/src/librustc_trans/back/link.rs +++ b/src/librustc_trans/back/link.rs @@ -1017,6 +1017,8 @@ fn link_args(cmd: &mut Linker, RelroLevel::Off => { cmd.no_relro(); }, + RelroLevel::None => { + }, } // Pass optimization flags down to the linker.