[gnutls-devel] GnuTLS | wrong text relocations on i386 due to non-PIC assembly (#818)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Aug 8 19:48:16 CEST 2019
Andreas Metzler created an issue:
Hello,
this is https://bugs.debian.org/934193 reported by Steve Langasek against 3.6.9:
```
In Ubuntu we discovered that the new version of libgnutls was causing
systemd-resolved to fail to start on i386, due to forbidden text relocations:
Aug 07 23:21:43 vorlon-i386-test systemd-resolved[8810]: /lib/systemd/systemd-resolved: error while loading shared libraries: /lib/i386-linux-gnu/libgnutls.so.30: cannot make segment writable for relocation: Operation not permitted
This is a fatal error for systemd-resolved because the systemd unit sets
MemoryDenyWriteExecute=yes, but the problem can be more generally seen by
examining the library with readelf:
$ readelf -d ./debian/tmp/usr/lib/i386-linux-gnu/libgnutls.so.30.25.0 |grep TEXTREL
0x00000016 (TEXTREL) 0x0
0x0000001e (FLAGS) TEXTREL BIND_NOW
$
These text relocations should not be there.
This is a one-line fix (see attached), but I don't understand how the bug
occurred in the first place, as this looks like a case of a version of an
"automatically generated" file being checked into upstream git that was in
fact hand-edited (wrongly) since it does not match what is generated by the
upstream openssl assembly-generating perl scripts.
```
[i386-fix-wrong-reloc.patch](/uploads/e612ab336204e1495fa3b8204ac79ced/i386-fix-wrong-reloc.patch)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/818
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190808/d7b7b35f/attachment.html>
More information about the Gnutls-devel
mailing list