x86: Disallow TLS relocation in non executable section

Since TLS relocations are applied to executable machine instructions,
disallow TLS relocation in non-SHT_PROGBITS, non-SHF_EXECINSTR section.

	PR ld/33451
	PR ld/33502
	* elf32-i386.c (elf_i386_tls_transition): Disallow TLS relocation
	in non-SHT_PROGBITS, non-SHF_EXECINSTR section.
	(elf_i386_scan_relocs): Likewise.
	* elf64-x86-64.c (elf_x86_64_tls_transition): Likewise.
	(elf_x86_64_scan_relocs): Likewise.
	* elfxx-x86.c (_bfd_x86_elf_link_report_tls_invalid_section_error):
	New.
	* elfxx-x86.h (_bfd_x86_elf_link_report_tls_invalid_section_error):
	Likewise.

Signed-off-by: H.J. Lu <hjl.tools@gmail.com>

diff --git a/bfd/elf32-i386.c b/bfd/elf32-i386.c
index 507a0762aff2494f4de44e6ac4a0a2d3145fb58a..0d60eded7010117942d70b55a61691f37d91eca0 100644 (file)
--- a/bfd/elf32-i386.c
+++ b/bfd/elf32-i386.c
@@ -1166,6 +1166,15 @@ elf_i386_tls_transition (struct bfd_link_info *info, bfd *abfd,
       return true;
     }
 
+  if ((elf_section_type (sec) != SHT_PROGBITS
+       || (sec->flags & SEC_CODE) == 0))
+    {
+      reloc_howto_type *howto = elf_i386_rtype_to_howto (from_type);
+      _bfd_x86_elf_link_report_tls_invalid_section_error
+       (abfd, sec, symtab_hdr, h, sym, howto);
+      return false;
+    }
+
   /* Return TRUE if there is no transition.  */
   if (from_type == to_type)
     return true;
@@ -1733,6 +1742,16 @@ elf_i386_scan_relocs (bfd *abfd,
                tls_type = GOT_TLS_IE_POS; break;
              }
 
+           if (tls_type >= GOT_TLS_GD
+               && tls_type <= GOT_TLS_GDESC
+               && (elf_section_type (sec) != SHT_PROGBITS
+                   || (sec->flags & SEC_CODE) == 0))
+             {
+               _bfd_x86_elf_link_report_tls_invalid_section_error
+                 (abfd, sec, symtab_hdr, h, isym, howto);
+               goto error_return;
+             }
+
            if (h != NULL)
              {
                h->got.refcount = 1;

diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c
index 620b6a380cd002d3060357a1f12d82eeb308885d..59b431498971108f9c198efa27a0b524237f74de 100644 (file)
--- a/bfd/elf64-x86-64.c
+++ b/bfd/elf64-x86-64.c
@@ -1626,6 +1626,16 @@ elf_x86_64_tls_transition (struct bfd_link_info *info, bfd *abfd,
       return true;
     }
 
+  if ((elf_section_type (sec) != SHT_PROGBITS
+       || (sec->flags & SEC_CODE) == 0))
+    {
+      reloc_howto_type *howto = elf_x86_64_rtype_to_howto (abfd,
+                                                          from_type);
+      _bfd_x86_elf_link_report_tls_invalid_section_error
+       (abfd, sec, symtab_hdr, h, sym, howto);
+      return false;
+    }
+
   /* Return TRUE if there is no transition.  */
   if (from_type == to_type
       || (from_type == R_X86_64_CODE_4_GOTTPOFF
@@ -2757,6 +2767,16 @@ need_got:
                break;
              }
 
+           if (tls_type >= GOT_TLS_GD
+               && tls_type <= GOT_TLS_GDESC
+               && (elf_section_type (sec) != SHT_PROGBITS
+                   || (sec->flags & SEC_CODE) == 0))
+             {
+               _bfd_x86_elf_link_report_tls_invalid_section_error
+                 (abfd, sec, symtab_hdr, h, isym, howto);
+               goto error_return;
+             }
+
            if (h != NULL)
              {
                h->got.refcount = 1;

diff --git a/bfd/elfxx-x86.c b/bfd/elfxx-x86.c
index 0d389968c9167fa1c92a51c473452b1657628fd6..d8c653a9ad223639701d19bc5eaf13f05fab27b7 100644 (file)
--- a/bfd/elfxx-x86.c
+++ b/bfd/elfxx-x86.c
@@ -3365,6 +3365,26 @@ _bfd_x86_elf_link_report_tls_transition_error
   bfd_set_error (bfd_error_bad_value);
 }
 
+/* Report TLS invalid section error.  */
+
+void
+_bfd_x86_elf_link_report_tls_invalid_section_error
+  (bfd *abfd, asection *sec, Elf_Internal_Shdr *symtab_hdr,
+   struct elf_link_hash_entry *h, Elf_Internal_Sym *sym,
+   reloc_howto_type *howto)
+{
+  const char *name;
+  if (h)
+    name = h->root.root.string;
+  else
+    name = bfd_elf_sym_name (abfd, symtab_hdr, sym, NULL);
+  _bfd_error_handler
+    /* xgettext:c-format */
+    (_("%pB: relocation %s against thread local symbol `%s' in "
+       "invalid section `%pA'"), abfd, howto->name, name, sec);
+  bfd_set_error (bfd_error_bad_value);
+}
+
 /* Return TRUE if symbol should be hashed in the `.gnu.hash' section.  */
 
 bool

diff --git a/bfd/elfxx-x86.h b/bfd/elfxx-x86.h
index 1ebc9d2f2e5c7846155282f91733a5c50a4993c9..f8a24a77577171583734616759e57d8048a2a713 100644 (file)
--- a/bfd/elfxx-x86.h
+++ b/bfd/elfxx-x86.h
@@ -951,6 +951,10 @@ extern void _bfd_x86_elf_link_report_tls_transition_error
    const Elf_Internal_Rela *, const char *, const char *,
    enum elf_x86_tls_error_type);
 
+extern void _bfd_x86_elf_link_report_tls_invalid_section_error
+  (bfd *, asection *, Elf_Internal_Shdr *, struct elf_link_hash_entry *,
+   Elf_Internal_Sym *, reloc_howto_type *);
+
 #define bfd_elf64_mkobject \
   _bfd_x86_elf_mkobject
 #define bfd_elf32_mkobject \