Issue an error for read-only segment with dynamic IFUNC relocations

To load an ELF binary with DT_TEXTREL tag, the dynamic linker calls
__mprotect on the read-only segment with PROT_READ|PROT_WRITE before
applying dynamic relocation.  It leads to segfault when performing
IFUNC relocations since the read-only segment has no execute permission.
This patch changes x86 linker to issue an error for read-only segment
with dynamic IFUNC relocations.  Other backends with IFUNC support
may need a similar change.

bfd/

	PR ld/18801
	* elf32-i386.c (elf_i386_size_dynamic_sections): Issue an error
	for read-only segment with dynamic IFUNC relocations.
	* elf64-x86-64.c (elf_x86_64_size_dynamic_sections): Likewise.

ld/testsuite/

	PR ld/18801
	* ld-i386/i386.exp: Run pr18801.
	* ld-x86-64/x86-64.exp: Likewise.
	* ld-i386/pr18801.d: New file.
	* ld-i386/pr18801.s: Likewise.
	* ld-x86-64/pr18801.d: Likewise.
	* ld-x86-64/pr18801.s: Likewise.

10 files changed, 73 insertions, 0 deletions

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index e561764..9ba5902 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,10 @@
+2015-08-13  H.J. Lu  <hongjiu.lu@intel.com>
+
+	PR ld/18801
+	* elf32-i386.c (elf_i386_size_dynamic_sections): Issue an error
+	for read-only segment with dynamic IFUNC relocations.
+	* elf64-x86-64.c (elf_x86_64_size_dynamic_sections): Likewise.
+
 2015-08-12  Simon Dardis  <simon.dardis@imgtec.com>
 
 	* elfxx-mips.c (STUB_MOVE): Change to use 'or' only.
diff --git a/bfd/elf32-i386.c b/bfd/elf32-i386.c
index 3063bed..1e4c3f4 100644
--- a/bfd/elf32-i386.c
+++ b/bfd/elf32-i386.c
@@ -3152,6 +3152,15 @@ elf_i386_size_dynamic_sections (bfd *output_bfd, struct bfd_link_info *info)
 
 	  if ((info->flags & DF_TEXTREL) != 0)
 	    {
+	      if ((elf_tdata (output_bfd)->has_gnu_symbols
+		   & elf_gnu_symbol_ifunc) == elf_gnu_symbol_ifunc)
+		{
+		  info->callbacks->einfo
+		    (_("%P%X: read-only segment has dynamic IFUNC relocations; recompile with -fPIC\n"));
+		  bfd_set_error (bfd_error_bad_value);
+		  return FALSE;
+		}
+
 	      if (!add_dynamic_entry (DT_TEXTREL, 0))
 		return FALSE;
 	    }
diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c
index 2d3c55e..348b297 100644
--- a/bfd/elf64-x86-64.c
+++ b/bfd/elf64-x86-64.c
@@ -3513,6 +3513,15 @@ elf_x86_64_size_dynamic_sections (bfd *output_bfd,
 
 	  if ((info->flags & DF_TEXTREL) != 0)
 	    {
+	      if ((elf_tdata (output_bfd)->has_gnu_symbols
+		   & elf_gnu_symbol_ifunc) == elf_gnu_symbol_ifunc)
+		{
+		  info->callbacks->einfo
+		    (_("%P%X: read-only segment has dynamic IFUNC relocations; recompile with -fPIC\n"));
+		  bfd_set_error (bfd_error_bad_value);
+		  return FALSE;
+		}
+
 	      if (!add_dynamic_entry (DT_TEXTREL, 0))
 		return FALSE;
 	    }
diff --git a/ld/testsuite/ChangeLog b/ld/testsuite/ChangeLog
index a38dc8b..5ae5cd4 100644
--- a/ld/testsuite/ChangeLog
+++ b/ld/testsuite/ChangeLog
@@ -1,3 +1,13 @@
+2015-08-13  H.J. Lu  <hongjiu.lu@intel.com>
+
+	PR ld/18801
+	* ld-i386/i386.exp: Run pr18801.
+	* ld-x86-64/x86-64.exp: Likewise.
+	* ld-i386/pr18801.d: New file.
+	* ld-i386/pr18801.s: Likewise.
+	* ld-x86-64/pr18801.d: Likewise.
+	* ld-x86-64/pr18801.s: Likewise.
+
 2015-08-12  Simon Dardis  <simon.dardis@imgtec.com>
 
 	* ld-mips-elf/compressed-plt-1-n32-mips16.od: Update test.
diff --git a/ld/testsuite/ld-i386/i386.exp b/ld/testsuite/ld-i386/i386.exp
index 0a718cf..47911a6 100644
--- a/ld/testsuite/ld-i386/i386.exp
+++ b/ld/testsuite/ld-i386/i386.exp
@@ -309,6 +309,7 @@ run_dump_test "pr14215"
 run_dump_test "pr17057"
 run_dump_test "pr17935-1"
 run_dump_test "pr17935-2"
+run_dump_test "pr18801"
 run_dump_test "pr18815"
 
 # Add $PLT_CFLAGS if PLT is expected.
diff --git a/ld/testsuite/ld-i386/pr18801.d b/ld/testsuite/ld-i386/pr18801.d
new file mode 100644
index 0000000..4bb2efb
--- /dev/null
+++ b/ld/testsuite/ld-i386/pr18801.d
@@ -0,0 +1,3 @@
+#as: --32
+#ld: -m elf_i386 -pie
+#error: read-only segment has dynamic IFUNC relocations; recompile with -fPIC
diff --git a/ld/testsuite/ld-i386/pr18801.s b/ld/testsuite/ld-i386/pr18801.s
new file mode 100644
index 0000000..ac3377d
--- /dev/null
+++ b/ld/testsuite/ld-i386/pr18801.s
@@ -0,0 +1,15 @@
+	.text
+	.type   selector, %function
+foo:
+	movl	$0, %eax
+	ret
+selector:
+	mov	$foo, %eax
+	ret
+	.type   selector, %gnu_indirect_function
+	.globl	_start
+_start:
+	mov	$selector, %eax
+	call	*%eax
+	ret
+	.section	.note.GNU-stack,"",@progbits
diff --git a/ld/testsuite/ld-x86-64/pr18801.d b/ld/testsuite/ld-x86-64/pr18801.d
new file mode 100644
index 0000000..459db6b
--- /dev/null
+++ b/ld/testsuite/ld-x86-64/pr18801.d
@@ -0,0 +1,3 @@
+#as: --64
+#ld: -melf_x86_64 -pie
+#error: read-only segment has dynamic IFUNC relocations; recompile with -fPIC
diff --git a/ld/testsuite/ld-x86-64/pr18801.s b/ld/testsuite/ld-x86-64/pr18801.s
new file mode 100644
index 0000000..16d36da
--- /dev/null
+++ b/ld/testsuite/ld-x86-64/pr18801.s
@@ -0,0 +1,15 @@
+	.text
+	.type   selector, %function
+foo:
+	movl	$0, %eax
+	ret
+selector:
+	movabs	$foo, %rax
+	ret
+	.type   selector, %gnu_indirect_function
+	.globl	_start
+_start:
+	movabs	$selector, %rax
+	call	*%rax
+	ret
+	.section	.note.GNU-stack,"",@progbits
diff --git a/ld/testsuite/ld-x86-64/x86-64.exp b/ld/testsuite/ld-x86-64/x86-64.exp
index bd48cd3..5409dff 100644
--- a/ld/testsuite/ld-x86-64/x86-64.exp
+++ b/ld/testsuite/ld-x86-64/x86-64.exp
@@ -325,6 +325,7 @@ run_dump_test "pr17935-1"
 run_dump_test "pr17935-2"
 run_dump_test "pr18160"
 run_dump_test "pr18176"
+run_dump_test "pr18801"
 run_dump_test "pr18815"
 
 # Add $PLT_CFLAGS if PLT is expected.