git: e3be51b2bc7c - main - rtld-elf: Check the return value of obj_enforce_relro()

[Alex Richardson]

The branch main has been updated by arichardson:

URL: https://cgit.FreeBSD.org/src/commit/?id=e3be51b2bc7cb41eb9a238cced2ee650d9bb2d41

commit e3be51b2bc7cb41eb9a238cced2ee650d9bb2d41
Author:     Alex Richardson <arichardson at FreeBSD.org>
AuthorDate: 2021-06-22 08:09:44 +0000
Commit:     Alex Richardson <arichardson at FreeBSD.org>
CommitDate: 2021-06-22 08:10:48 +0000

    rtld-elf: Check the return value of obj_enforce_relro()
    
    The mprotect() call was failing on CheriBSD when changing rtld's relro
    page permissions due to missing CHERI capability permissions on the
    mprotect() argument but did not report an error since the return value
    was being ignored. It should never fail on any supported FreeBSD
    architecture, but checking the return value seems like a good
    sanity check to me.
    
    Reviewed By:    kib, imp
    MFC after:      1 week
    Differential Revision: https://reviews.freebsd.org/D30820
---
 libexec/rtld-elf/rtld.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index 9897248bffbb..f60872f12c52 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -2288,7 +2288,8 @@ init_rtld(caddr_t mapbase, Elf_Auxinfo **aux_info)
     obj_rtld.path = xstrdup(ld_path_rtld);
 
     parse_rtld_phdr(&obj_rtld);
-    obj_enforce_relro(&obj_rtld);
+    if (obj_enforce_relro(&obj_rtld) == -1)
+	rtld_die();
 
     r_debug.r_version = R_DEBUG_VERSION;
     r_debug.r_brk = r_debug_state;