From e26ed573b62f69d9813e72fda4ee3da6eaf4d7b7 Mon Sep 17 00:00:00 2001
From: Joakim Tjernlund <joakim.tjernlund@transmode.se>
Date: Fri, 5 Jan 2007 10:20:37 +0000
Subject: Support SecurePLTs for PowerPC. You need a toolchain that supports
 config option --enable-secureplt. The assembler must also supports
 R_PPC_REL16* relocations. gcc 4.1.1 and binutils 2.17 is known to do this.

---
 ldso/ldso/powerpc/dl-startup.h |   7 +++
 ldso/ldso/powerpc/dl-sysdep.h  |  52 +++++++++++++------
 ldso/ldso/powerpc/elfinterp.c  | 113 +++++++++++++++++++++++++----------------
 3 files changed, 114 insertions(+), 58 deletions(-)

(limited to 'ldso/ldso')

diff --git a/ldso/ldso/powerpc/dl-startup.h b/ldso/ldso/powerpc/dl-startup.h
index becfa191e..a5a8a83f2 100644
--- a/ldso/ldso/powerpc/dl-startup.h
+++ b/ldso/ldso/powerpc/dl-startup.h
@@ -16,8 +16,15 @@ asm(
     "	bl	_dl_start@local\n" /* Perform relocation */
     /*  Save the address of the apps entry point in CTR register */
     "	mtctr	3\n" /* application entry point */
+#ifdef HAVE_ASM_PPC_REL16
+    "	bcl	20,31,1f\n"
+    "1:	mflr	31\n"
+    "	addis	31,31,_GLOBAL_OFFSET_TABLE_-1b@ha\n"
+    "	addi	31,31,_GLOBAL_OFFSET_TABLE_-1b@l\n"
+#else
     "	bl	_GLOBAL_OFFSET_TABLE_-4@local\n" /*  Put our GOT pointer in r31, */
     "	mflr	31\n"
+#endif
     "	addi	1,1,16\n" /* Restore SP */
     "	lwz	7,_dl_skip_args@got(31)\n" /* load EA of _dl_skip_args */
     "	lwz	7,0(7)\n"	/* Load word from _dl_skip_args */
diff --git a/ldso/ldso/powerpc/dl-sysdep.h b/ldso/ldso/powerpc/dl-sysdep.h
index a06aa8aff..44f9c955c 100644
--- a/ldso/ldso/powerpc/dl-sysdep.h
+++ b/ldso/ldso/powerpc/dl-sysdep.h
@@ -89,23 +89,38 @@ void _dl_init_got(unsigned long *lpnt,struct elf_resolve *tpnt);
    DT_RELA table.  */
 #define ELF_MACHINE_PLTREL_OVERLAP 1
 
+/* Return the value of the GOT pointer.  */
+static inline Elf32_Addr * __attribute__ ((const))
+ppc_got (void)
+{
+	Elf32_Addr *got;
+#ifdef HAVE_ASM_PPC_REL16
+	asm ("	bcl 20,31,1f\n"
+	     "1:mflr %0\n"
+	     "	addis %0,%0,_GLOBAL_OFFSET_TABLE_-1b@ha\n"
+	     "	addi %0,%0,_GLOBAL_OFFSET_TABLE_-1b@l\n"
+	     : "=b" (got) : : "lr");
+#else
+	asm (" bl _GLOBAL_OFFSET_TABLE_-4@local"
+	     : "=l" (got));
+#endif
+	return got;
+}
+
 /* Return the link-time address of _DYNAMIC, stored as
    the first value in the GOT. */
-static inline Elf32_Addr
+static inline Elf32_Addr __attribute__ ((const))
 elf_machine_dynamic (void)
 {
-  Elf32_Addr *got;
-  asm (" bl _GLOBAL_OFFSET_TABLE_-4@local"
-       : "=l"(got));
-  return *got;
+	return *ppc_got();
 }
 
 /* Return the run-time load address of the shared object.  */
-static inline Elf32_Addr
+static inline Elf32_Addr __attribute__ ((const))
 elf_machine_load_address (void)
 {
-  unsigned int *got;
-  unsigned int *branchaddr;
+  Elf32_Addr *branchaddr;
+  Elf32_Addr runtime_dynamic;
 
   /* This is much harder than you'd expect.  Possibly I'm missing something.
      The 'obvious' way:
@@ -136,19 +151,17 @@ elf_machine_load_address (void)
      the address ourselves. That gives us the following code: */
 
   /* Get address of the 'b _DYNAMIC@local'...  */
-  asm ("bl 0f ;"
+  asm ("bcl 20,31,0f;"
        "b _DYNAMIC@local;"
        "0:"
        : "=l"(branchaddr));
 
-  /* ... and the address of the GOT.  */
-  asm (" bl _GLOBAL_OFFSET_TABLE_-4@local"
-       : "=l"(got));
-
   /* So now work out the difference between where the branch actually points,
      and the offset of that location in memory from the start of the file.  */
-  return ((Elf32_Addr)branchaddr - *got
-	  + ((int)(*branchaddr << 6 & 0xffffff00) >> 6));
+  runtime_dynamic = ((Elf32_Addr) branchaddr
+		     + ((Elf32_Sword) (*branchaddr << 6 & 0xffffff00) >> 6));
+
+  return runtime_dynamic - elf_machine_dynamic ();
 }
 
 static inline void
@@ -163,3 +176,12 @@ elf_machine_relative (Elf32_Addr load_off, const Elf32_Addr rel_addr,
 		*reloc_addr = load_off + rpnt->r_addend;
 	} while (--relative_count);
 }
+
+#define ARCH_NUM 1
+#define DT_PPC_GOT_IDX	(DT_NUM + OS_NUM)
+
+#define ARCH_DYNAMIC_INFO(dpnt,  dynamic, debug_addr) \
+do { \
+if (dpnt->d_tag == DT_PPC_GOT) \
+     dynamic[DT_PPC_GOT_IDX] = dpnt->d_un.d_ptr; \
+} while (0)
diff --git a/ldso/ldso/powerpc/elfinterp.c b/ldso/ldso/powerpc/elfinterp.c
index d2a164287..b48625a37 100644
--- a/ldso/ldso/powerpc/elfinterp.c
+++ b/ldso/ldso/powerpc/elfinterp.c
@@ -41,6 +41,12 @@ void _dl_init_got(unsigned long *plt,struct elf_resolve *tpnt)
 	Elf32_Word rel_offset_words;
 	Elf32_Word dlrr = (Elf32_Word) _dl_linux_resolve;
 
+	if (tpnt->dynamic_info[DT_JMPREL] == 0)
+		return;
+	if (tpnt->dynamic_info[DT_PPC_GOT_IDX] != 0) {
+		tpnt->dynamic_info[DT_PPC_GOT_IDX] += tpnt->loadaddr;
+		return;
+	}
 	num_plt_entries = tpnt->dynamic_info[DT_PLTRELSZ] / sizeof(ELF_RELOC);
 	rel_offset_words = PLT_DATA_START_WORDS(num_plt_entries);
 	data_words = (Elf32_Word) (plt + rel_offset_words);
@@ -148,32 +154,35 @@ unsigned long _dl_linux_resolver(struct elf_resolve *tpnt, int reloc_entry)
 	if (_dl_debug_reloc && _dl_debug_detail)
 		_dl_dprintf(_dl_debug_file, "%x\n", finaladdr);
 #endif
-	delta = finaladdr - (Elf32_Word)reloc_addr;
-	if (delta<<6>>6 == delta) {
-		*reloc_addr = OPCODE_B(delta);
-	} else if (finaladdr <= 0x01fffffc) {
-		*reloc_addr = OPCODE_BA (finaladdr);
+	if (tpnt->dynamic_info[DT_PPC_GOT_IDX] != 0) {
+		*reloc_addr = finaladdr;
 	} else {
-		/* Warning: we don't handle double-sized PLT entries */
-		Elf32_Word *plt, *data_words, index, offset;
+		delta = finaladdr - (Elf32_Word)reloc_addr;
+		if (delta<<6>>6 == delta) {
+			*reloc_addr = OPCODE_B(delta);
+		} else if (finaladdr <= 0x01fffffc) {
+			*reloc_addr = OPCODE_BA (finaladdr);
+		} else {
+			/* Warning: we don't handle double-sized PLT entries */
+			Elf32_Word *plt, *data_words, index, offset;
+
+			plt = (Elf32_Word *)tpnt->dynamic_info[DT_PLTGOT];
+			offset = reloc_addr - plt;
+			index = (offset - PLT_INITIAL_ENTRY_WORDS)/2;
+			data_words = (Elf32_Word *)tpnt->data_words;
+			reloc_addr += 1;
 
-		plt = (Elf32_Word *)tpnt->dynamic_info[DT_PLTGOT];
-		offset = reloc_addr - plt;
-		index = (offset - PLT_INITIAL_ENTRY_WORDS)/2;
-		data_words = (Elf32_Word *)tpnt->data_words;
-		reloc_addr += 1;
+			data_words[index] = finaladdr;
+			PPC_SYNC;
+			*reloc_addr =  OPCODE_B ((PLT_LONGBRANCH_ENTRY_WORDS - (offset+1)) * 4);
+		}
 
-		data_words[index] = finaladdr;
+		/* instructions were modified */
+		PPC_DCBST(reloc_addr);
 		PPC_SYNC;
-		*reloc_addr =  OPCODE_B ((PLT_LONGBRANCH_ENTRY_WORDS - (offset+1)) * 4);
+		PPC_ICBI(reloc_addr);
+		PPC_ISYNC;
 	}
-
-	/* instructions were modified */
-	PPC_DCBST(reloc_addr);
-	PPC_SYNC;
-	PPC_ICBI(reloc_addr);
-	PPC_ISYNC;
-
 	return finaladdr;
 }
 
@@ -219,28 +228,33 @@ _dl_do_reloc (struct elf_resolve *tpnt,struct dyn_elf *scope,
 		goto out_nocode; /* No code code modified */
 	case R_PPC_JMP_SLOT:
 	{
-		Elf32_Sword delta = finaladdr - (Elf32_Word)reloc_addr;
-		if (delta<<6>>6 == delta) {
-			*reloc_addr = OPCODE_B(delta);
-		} else if (finaladdr <= 0x01fffffc) {
-			*reloc_addr = OPCODE_BA (finaladdr);
+		if (tpnt->dynamic_info[DT_PPC_GOT_IDX] != 0) {
+			*reloc_addr = finaladdr;
+			goto out_nocode; /* No code code modified */
 		} else {
-			/* Warning: we don't handle double-sized PLT entries */
-			Elf32_Word *plt, *data_words, index, offset;
-
-			plt = (Elf32_Word *)tpnt->dynamic_info[DT_PLTGOT];
-			offset = reloc_addr - plt;
-			index = (offset - PLT_INITIAL_ENTRY_WORDS)/2;
-			data_words = (Elf32_Word *)tpnt->data_words;
-
-			data_words[index] = finaladdr;
-			reloc_addr[0] = OPCODE_LI(11,index*4);
-			reloc_addr[1] = OPCODE_B((PLT_LONGBRANCH_ENTRY_WORDS - (offset+1)) * 4);
-
-			/* instructions were modified */
-			PPC_DCBST(reloc_addr+1);
-			PPC_SYNC;
-			PPC_ICBI(reloc_addr+1);
+			Elf32_Sword delta = finaladdr - (Elf32_Word)reloc_addr;
+			if (delta<<6>>6 == delta) {
+				*reloc_addr = OPCODE_B(delta);
+			} else if (finaladdr <= 0x01fffffc) {
+				*reloc_addr = OPCODE_BA (finaladdr);
+			} else {
+				/* Warning: we don't handle double-sized PLT entries */
+				Elf32_Word *plt, *data_words, index, offset;
+
+				plt = (Elf32_Word *)tpnt->dynamic_info[DT_PLTGOT];
+				offset = reloc_addr - plt;
+				index = (offset - PLT_INITIAL_ENTRY_WORDS)/2;
+				data_words = (Elf32_Word *)tpnt->data_words;
+
+				data_words[index] = finaladdr;
+				reloc_addr[0] = OPCODE_LI(11,index*4);
+				reloc_addr[1] = OPCODE_B((PLT_LONGBRANCH_ENTRY_WORDS - (offset+1)) * 4);
+
+				/* instructions were modified */
+				PPC_DCBST(reloc_addr+1);
+				PPC_SYNC;
+				PPC_ICBI(reloc_addr+1);
+			}
 		}
 		break;
 	}
@@ -309,9 +323,22 @@ void _dl_parse_lazy_relocation_information(struct dyn_elf *rpnt,
 	Elf32_Word *plt, offset, i,  num_plt_entries, rel_offset_words;
 
 	num_plt_entries = rel_size / sizeof(ELF_RELOC);
+	plt = (Elf32_Word *)tpnt->dynamic_info[DT_PLTGOT];
+	if (tpnt->dynamic_info[DT_PPC_GOT_IDX] != 0) {
+		/* Secure PLT */
+		Elf32_Addr *got = (Elf32_Addr *)tpnt->dynamic_info[DT_PPC_GOT_IDX];
+		Elf32_Word dlrr = (Elf32_Word) _dl_linux_resolve;
+
+		got[1] = (Elf32_Addr) dlrr;
+		got[2] = (Elf32_Addr) tpnt;
+
+		/* Relocate everything in .plt by the load address offset.  */
+		while (num_plt_entries-- != 0)
+			*plt++ += tpnt->loadaddr;
+		return;
+	}
 
 	rel_offset_words = PLT_DATA_START_WORDS(num_plt_entries);
-	plt = (Elf32_Word *)tpnt->dynamic_info[DT_PLTGOT];
 
 	/* Set up the lazy PLT entries.  */
 	offset = PLT_INITIAL_ENTRY_WORDS;
-- 
cgit v1.2.3