ldd not working on ET_EXEC executables

mailing list of musl libc
 help / color / mirror / code / Atom feed

* ldd not working on ET_EXEC executables
@ 2016-12-06  1:39 Laine Gholson
  2016-12-06  2:33 ` Rich Felker
  0 siblings, 1 reply; 5+ messages in thread
From: Laine Gholson @ 2016-12-06  1:39 UTC (permalink / raw)
  To: musl

Hello,

I am running musl on a ARM platform, and ldd won't work on a executable with the ET_EXEC type.

running GNU ld 2.25.1, gcc 6.2.0, and musl 1.1.15-git-71-g54991729

  $ gcc -fPIE -pie test.c -o test-pie
  $ ldd test-pie
<no error>
  $ gcc -fno-PIE -no-pie test.c -o test-nopie
  $ ldd test-nopie
ldd: test-nopie: Not a valid dynamic program
  $ elfedit --output-type DYN test-nopie
  $ ldd test-nopie
<no error>

Any idea why ldd says executables with the ET_EXEC type aren't valid?


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: ldd not working on ET_EXEC executables
  2016-12-06  1:39 ldd not working on ET_EXEC executables Laine Gholson
@ 2016-12-06  2:33 ` Rich Felker
  2016-12-08 22:30   ` Laine Gholson
  0 siblings, 1 reply; 5+ messages in thread
From: Rich Felker @ 2016-12-06  2:33 UTC (permalink / raw)
  To: musl

On Mon, Dec 05, 2016 at 07:39:32PM -0600, Laine Gholson wrote:
> Hello,
> 
> I am running musl on a ARM platform, and ldd won't work on a executable with the ET_EXEC type.
> 
> running GNU ld 2.25.1, gcc 6.2.0, and musl 1.1.15-git-71-g54991729
> 
>  $ gcc -fPIE -pie test.c -o test-pie
>  $ ldd test-pie
> <no error>
>  $ gcc -fno-PIE -no-pie test.c -o test-nopie
>  $ ldd test-nopie
> ldd: test-nopie: Not a valid dynamic program
>  $ elfedit --output-type DYN test-nopie
>  $ ldd test-nopie
> <no error>
> 
> Any idea why ldd says executables with the ET_EXEC type aren't valid?

strace it; I suspect you'll find that mmap is not honoring the
requested address. This is a bug introduced intentionally by grsec/pax
and perhaps other hardened kernels.

Rich


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: ldd not working on ET_EXEC executables
  2016-12-06  2:33 ` Rich Felker
@ 2016-12-08 22:30   ` Laine Gholson
  2016-12-08 22:41     ` Rich Felker
  0 siblings, 1 reply; 5+ messages in thread
From: Laine Gholson @ 2016-12-08 22:30 UTC (permalink / raw)
  To: musl

You mean RANDMMAP? PaX's RANDMMAP feature ignoring the address your requesting it (without MAP_FIXED) is perfectly valid, to quote POSIX:
"When MAP_FIXED is not set, the implementation uses addr in an implementation-defined manner to arrive at pa."
mmap2(0x10000, 73728, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x1234abcd
You're not passing MAP_FIXED to mmap() but are expecting the kernel to still use the address you're giving it, which is wrong.

(as a side note, glibc works and it uses MAP_FIXED)

Thanks,

Laine Gholson

On 12/05/16 20:33, Rich Felker wrote:
> On Mon, Dec 05, 2016 at 07:39:32PM -0600, Laine Gholson wrote:
>> Hello,
>>
>> I am running musl on a ARM platform, and ldd won't work on a executable with the ET_EXEC type.
>>
>> running GNU ld 2.25.1, gcc 6.2.0, and musl 1.1.15-git-71-g54991729
>>
>>  $ gcc -fPIE -pie test.c -o test-pie
>>  $ ldd test-pie
>> <no error>
>>  $ gcc -fno-PIE -no-pie test.c -o test-nopie
>>  $ ldd test-nopie
>> ldd: test-nopie: Not a valid dynamic program
>>  $ elfedit --output-type DYN test-nopie
>>  $ ldd test-nopie
>> <no error>
>>
>> Any idea why ldd says executables with the ET_EXEC type aren't valid?
>
> strace it; I suspect you'll find that mmap is not honoring the
> requested address. This is a bug introduced intentionally by grsec/pax
> and perhaps other hardened kernels.
>
> Rich
>


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: ldd not working on ET_EXEC executables
  2016-12-08 22:30   ` Laine Gholson
@ 2016-12-08 22:41     ` Rich Felker
  2016-12-09  0:05       ` Shiz
  0 siblings, 1 reply; 5+ messages in thread
From: Rich Felker @ 2016-12-08 22:41 UTC (permalink / raw)
  To: musl

On Thu, Dec 08, 2016 at 04:30:42PM -0600, Laine Gholson wrote:
> You mean RANDMMAP? PaX's RANDMMAP feature ignoring the address your requesting it (without MAP_FIXED) is perfectly valid, to quote POSIX:
> "When MAP_FIXED is not set, the implementation uses addr in an implementation-defined manner to arrive at pa."
> mmap2(0x10000, 73728, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x1234abcd

It's _valid_, but it's a bad implementation choice; it makes it
impossible to request a particular range, which is necessary for
ldso/ldd to load non-PIE programs.

> You're not passing MAP_FIXED to mmap() but are expecting the kernel to still use the address you're giving it, which is wrong.
> (as a side note, glibc works and it uses MAP_FIXED)

This is invalid, and a bug in glibc, as there's no way to know that
you're not mapping over something that's already there (perhaps even
the function that's calling mmap). You can only use MAP_FIXED to map
over top of an existing mapping you already know about and intend to
replace (same with dup2 and file descriptors), not an arbitrary
address range.

Rich


> Thanks,
> 
> Laine Gholson
> 
> On 12/05/16 20:33, Rich Felker wrote:
> >On Mon, Dec 05, 2016 at 07:39:32PM -0600, Laine Gholson wrote:
> >>Hello,
> >>
> >>I am running musl on a ARM platform, and ldd won't work on a executable with the ET_EXEC type.
> >>
> >>running GNU ld 2.25.1, gcc 6.2.0, and musl 1.1.15-git-71-g54991729
> >>
> >> $ gcc -fPIE -pie test.c -o test-pie
> >> $ ldd test-pie
> >><no error>
> >> $ gcc -fno-PIE -no-pie test.c -o test-nopie
> >> $ ldd test-nopie
> >>ldd: test-nopie: Not a valid dynamic program
> >> $ elfedit --output-type DYN test-nopie
> >> $ ldd test-nopie
> >><no error>
> >>
> >>Any idea why ldd says executables with the ET_EXEC type aren't valid?
> >
> >strace it; I suspect you'll find that mmap is not honoring the
> >requested address. This is a bug introduced intentionally by grsec/pax
> >and perhaps other hardened kernels.
> >
> >Rich
> >


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: ldd not working on ET_EXEC executables
  2016-12-08 22:41     ` Rich Felker
@ 2016-12-09  0:05       ` Shiz
  0 siblings, 0 replies; 5+ messages in thread
From: Shiz @ 2016-12-09  0:05 UTC (permalink / raw)
  To: musl


> On 8 Dec 2016, at 23:41, Rich Felker <dalias@libc.org> wrote:
> 
> On Thu, Dec 08, 2016 at 04:30:42PM -0600, Laine Gholson wrote:
>> You mean RANDMMAP? PaX's RANDMMAP feature ignoring the address your requesting it (without MAP_FIXED) is perfectly valid, to quote POSIX:
>> "When MAP_FIXED is not set, the implementation uses addr in an implementation-defined manner to arrive at pa."
>> mmap2(0x10000, 73728, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x1234abcd
> 
> It's _valid_, but it's a bad implementation choice; it makes it
> impossible to request a particular range, which is necessary for
> ldso/ldd to load non-PIE programs.

Good. Position-dependent executables should not be used or supported.

- Shiz

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2016-12-09  0:05 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-12-06  1:39 ldd not working on ET_EXEC executables Laine Gholson
2016-12-06  2:33 ` Rich Felker
2016-12-08 22:30   ` Laine Gholson
2016-12-08 22:41     ` Rich Felker
2016-12-09  0:05       ` Shiz

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/musl/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).