aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWilliam Pitcock <nenolod@dereferenced.org>2017-10-13 17:59:07 +0000
committerWilliam Pitcock <nenolod@dereferenced.org>2017-10-13 17:59:49 +0000
commit5a1f998e8321ad91bdf9126330519bf768e810bc (patch)
treeadfc9ce7d5de5f1d2e01318a1bd85d4422b55650
parentd15d3f4b5215614701f41909ff864fd583fd8530 (diff)
downloadaports-5a1f998e8321ad91bdf9126330519bf768e810bc.tar.gz
aports-5a1f998e8321ad91bdf9126330519bf768e810bc.tar.bz2
aports-5a1f998e8321ad91bdf9126330519bf768e810bc.tar.xz
main/libffi: add new pax mprotect race condition fixes, don't use emutramp support on x86_64
-rw-r--r--main/libffi/APKBUILD6
-rw-r--r--main/libffi/pax-dlmmap.patch120
2 files changed, 124 insertions, 2 deletions
diff --git a/main/libffi/APKBUILD b/main/libffi/APKBUILD
index 0aa006fdf3..36ce7085f8 100644
--- a/main/libffi/APKBUILD
+++ b/main/libffi/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libffi
pkgver=3.2.1
-pkgrel=3
+pkgrel=4
pkgdesc="A portable, high level programming interface to various calling conventions."
url="http://sourceware.org/libffi"
arch="all"
@@ -12,6 +12,7 @@ install=
subpackages="$pkgname-dev $pkgname-doc"
source="ftp://sourceware.org/pub/$pkgname/$pkgname-$pkgver.tar.gz
gnu-linux-define.patch
+ pax-dlmmap.patch
"
builddir="$srcdir"/$pkgname-$pkgver
@@ -43,4 +44,5 @@ package() {
}
sha512sums="980ca30a8d76f963fca722432b1fe5af77d7a4e4d2eac5144fbc5374d4c596609a293440573f4294207e1bdd9fda80ad1e1cafb2ffb543df5a275bc3bd546483 libffi-3.2.1.tar.gz
-264af568ae5388d50f647f891a406945c73cc358692266f65ad341787c0bf5f6bf31203b86c39fa1b338101c1a6d2f4fec60f95a90d379951ff5153f8f9e178f gnu-linux-define.patch"
+264af568ae5388d50f647f891a406945c73cc358692266f65ad341787c0bf5f6bf31203b86c39fa1b338101c1a6d2f4fec60f95a90d379951ff5153f8f9e178f gnu-linux-define.patch
+72486b389db16055ae4d7d33ba0cb05840537e28fe7a86aa89e2cb922592125d99c18c26c5df7ffde6282742e79f2b9126353e58b58f091f0486589e14dd6474 pax-dlmmap.patch"
diff --git a/main/libffi/pax-dlmmap.patch b/main/libffi/pax-dlmmap.patch
new file mode 100644
index 0000000000..ec4150410d
--- /dev/null
+++ b/main/libffi/pax-dlmmap.patch
@@ -0,0 +1,120 @@
+From 48d2e46528fb6e621d95a7fa194069fd136b712d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Stefan=20B=C3=BChler?= <buehler@cert.uni-stuttgart.de>
+Date: Wed, 7 Sep 2016 15:49:48 +0200
+Subject: [PATCH 1/2] dlmmap_locked always needs locking as it always modifies
+ execsize
+
+---
+ src/closures.c | 13 ++++---------
+ 1 file changed, 4 insertions(+), 9 deletions(-)
+
+diff --git a/src/closures.c b/src/closures.c
+index 2e0ffb45..04d6e27f 100644
+--- a/src/closures.c
++++ b/src/closures.c
+@@ -769,16 +769,11 @@ dlmmap (void *start, size_t length, int prot,
+ MREMAP_DUP and prot at this point. */
+ }
+
+- if (execsize == 0 || execfd == -1)
+- {
+- pthread_mutex_lock (&open_temp_exec_file_mutex);
+- ptr = dlmmap_locked (start, length, prot, flags, offset);
+- pthread_mutex_unlock (&open_temp_exec_file_mutex);
++ pthread_mutex_lock (&open_temp_exec_file_mutex);
++ ptr = dlmmap_locked (start, length, prot, flags, offset);
++ pthread_mutex_unlock (&open_temp_exec_file_mutex);
+
+- return ptr;
+- }
+-
+- return dlmmap_locked (start, length, prot, flags, offset);
++ return ptr;
+ }
+
+ /* Release memory at the given address, as well as the corresponding
+
+From 7aad5f895e2dfdb79d2ef67e1b231d21063e6511 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Stefan=20B=C3=BChler?= <buehler@cert.uni-stuttgart.de>
+Date: Wed, 7 Sep 2016 15:50:54 +0200
+Subject: [PATCH 2/2] ignore PaX EMUTRAMP flag; instead check for MPROTECT
+
+- code using ffi_closure_alloc doesn't necessarily generate gcc compatible trampolines; only those are allowed by PaX
+- if MPROTECT is enabled use the same workaround as is used for SELinux (double mmap())
+---
+ src/closures.c | 29 +++++++++++++----------------
+ 1 file changed, 13 insertions(+), 16 deletions(-)
+
+diff --git a/src/closures.c b/src/closures.c
+index 04d6e27f..babecc1a 100644
+--- a/src/closures.c
++++ b/src/closures.c
+@@ -401,14 +401,15 @@ selinux_enabled_check (void)
+
+ #endif /* !FFI_MMAP_EXEC_SELINUX */
+
+-/* On PaX enable kernels that have MPROTECT enable we can't use PROT_EXEC. */
++/* On PaX enable kernels that have MPROTECT enabled we can't use PROT_EXEC. */
+ #ifdef FFI_MMAP_EXEC_EMUTRAMP_PAX
+ #include <stdlib.h>
+
+-static int emutramp_enabled = -1;
++/* -1: not read yet; 0: no PaX or MPROTECT disabled; 1: MPROTECT enabled. */
++static int mprotect_enabled = -1;
+
+ static int
+-emutramp_enabled_check (void)
++mprotect_enabled_check (void)
+ {
+ char *buf = NULL;
+ size_t len = 0;
+@@ -422,9 +423,7 @@ emutramp_enabled_check (void)
+ while (getline (&buf, &len, f) != -1)
+ if (!strncmp (buf, "PaX:", 4))
+ {
+- char emutramp;
+- if (sscanf (buf, "%*s %*c%c", &emutramp) == 1)
+- ret = (emutramp == 'E');
++ ret = (NULL != strchr (buf + 4, 'M'));
+ break;
+ }
+ free (buf);
+@@ -432,8 +431,9 @@ emutramp_enabled_check (void)
+ return ret;
+ }
+
+-#define is_emutramp_enabled() (emutramp_enabled >= 0 ? emutramp_enabled \
+- : (emutramp_enabled = emutramp_enabled_check ()))
++#define is_mprotect_enabled() (mprotect_enabled >= 0 ? mprotect_enabled \
++ : (mprotect_enabled = mprotect_enabled_check ()))
++
+ #endif /* FFI_MMAP_EXEC_EMUTRAMP_PAX */
+
+ #elif defined (__CYGWIN__) || defined(__INTERIX)
+@@ -446,7 +446,7 @@ emutramp_enabled_check (void)
+ #endif /* !defined(X86_WIN32) && !defined(X86_WIN64) */
+
+ #ifndef FFI_MMAP_EXEC_EMUTRAMP_PAX
+-#define is_emutramp_enabled() 0
++#define is_mprotect_enabled() 0
+ #endif /* FFI_MMAP_EXEC_EMUTRAMP_PAX */
+
+ /* Declare all functions defined in dlmalloc.c as static. */
+@@ -750,13 +750,10 @@ dlmmap (void *start, size_t length, int prot,
+ && flags == (MAP_PRIVATE | MAP_ANONYMOUS)
+ && fd == -1 && offset == 0);
+
+- if (execfd == -1 && is_emutramp_enabled ())
+- {
+- ptr = mmap (start, length, prot & ~PROT_EXEC, flags, fd, offset);
+- return ptr;
+- }
+-
+- if (execfd == -1 && !is_selinux_enabled ())
++ /* -1 != execfd hints that we already decided to use dlmmap_locked
++ last time. If PaX MPROTECT or SELinux is active fallback to
++ dlmmap_locked. */
++ if (execfd == -1 && !is_mprotect_enabled () && !is_selinux_enabled ())
+ {
+ ptr = mmap (start, length, prot | PROT_EXEC, flags, fd, offset);
+