aarch64: Respect p_flags when protecting code with PROT_BTI

Use PROT_READ and PROT_WRITE according to the load segment p_flags
when adding PROT_BTI.

This is before processing relocations which may drop PROT_BTI in
case of textrels.  Executable stacks are not protected via PROT_BTI
either.  PROT_BTI is hardening in case memory corruption happened,
it's value is reduced if there is writable and executable memory
available so missing it on such memory is fine, but we should
respect the p_flags and should not drop PROT_WRITE.

diff --git a/sysdeps/aarch64/dl-bti.c b/sysdeps/aarch64/dl-bti.c
index 965ddcc732dfca2b0800e0da647d514bb3086aeb..196e462520e0dc49bac57996eaaac5972635204e 100644 (file)
--- a/sysdeps/aarch64/dl-bti.c
+++ b/sysdeps/aarch64/dl-bti.c
@@ -24,13 +24,20 @@ static int
 enable_bti (struct link_map *map, const char *program)
 {
   const ElfW(Phdr) *phdr;
-  unsigned prot = PROT_READ | PROT_EXEC | PROT_BTI;
+  unsigned prot;
 
   for (phdr = map->l_phdr; phdr < &map->l_phdr[map->l_phnum]; ++phdr)
     if (phdr->p_type == PT_LOAD && (phdr->p_flags & PF_X))
       {
        void *start = (void *) (phdr->p_vaddr + map->l_addr);
        size_t len = phdr->p_memsz;
+
+       prot = PROT_EXEC | PROT_BTI;
+       if (phdr->p_flags & PF_R)
+         prot |= PROT_READ;
+       if (phdr->p_flags & PF_W)
+         prot |= PROT_WRITE;
+
        if (__mprotect (start, len, prot) < 0)
          {
            if (program)