From b6feb2a9c6285192f2406f7d2a83d348422a8641 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Mon, 14 Nov 2022 13:20:23 +0000
Subject: [PATCH] Since the introduction of automatic immutable from the
 kernel, the munmap() of ld.so boot.text region is now (silently) failing
 because the region is contained within the text LOAD, which is immutable.  So
 create a new btext LOAD with flags PF_X|PF_R|PF_OPENBSD_MUTABLE, and place
 all boot.text objects in there.  This LOAD must also be page-aligned so it
 doesn't skip unmapping some of the object region, previously it was
 hilariously unaligned. ok kettenis and guenther seemed to like it also This
 one is for powerpc64 and a modified version of the diff deraadt@ mailed out
 to make sure the LOADs are in increasing address order. this is the i386
 version

---
 libexec/ld.so/i386/Makefile.inc |  3 +-
 libexec/ld.so/i386/ld.script    | 71 +++++++++++++++++++++++++++++++++
 2 files changed, 73 insertions(+), 1 deletion(-)

diff --git a/libexec/ld.so/i386/Makefile.inc b/libexec/ld.so/i386/Makefile.inc
index 24d9972a877..3d053885128 100644
--- a/libexec/ld.so/i386/Makefile.inc
+++ b/libexec/ld.so/i386/Makefile.inc
@@ -1,6 +1,7 @@
-#	$OpenBSD: Makefile.inc,v 1.2 2019/10/20 03:44:49 guenther Exp $
+#	$OpenBSD: Makefile.inc,v 1.3 2022/11/14 13:20:23 deraadt Exp $
 
 CFLAGS += -fPIC
 AFLAGS += -fpic
+LD_SCRIPT = ${.CURDIR}/${MACHINE_CPU}/ld.script
 
 RELATIVE_RELOC=R_386_RELATIVE
diff --git a/libexec/ld.so/i386/ld.script b/libexec/ld.so/i386/ld.script
index e69de29bb2d..72b894e0085 100644
--- a/libexec/ld.so/i386/ld.script
+++ b/libexec/ld.so/i386/ld.script
@@ -0,0 +1,71 @@
+PHDRS
+{
+	rodata	PT_LOAD FILEHDR PHDRS FLAGS (4);
+	text	PT_LOAD;
+	btext	PT_LOAD FLAGS (0x08000005);
+	data	PT_LOAD;
+	random	PT_OPENBSD_RANDOMIZE;
+	relro	PT_GNU_RELRO;
+	dynamic	PT_DYNAMIC;
+	note	PT_NOTE;
+}
+
+SECTIONS
+{
+    . = 0 + SIZEOF_HEADERS;
+    /* RODATA */
+    .gnu.hash	: { *(.gnu.hash) } :rodata
+    .dynsym	: { *(.dynsym) } :rodata
+    .dynstr	: { *(.dynstr) } :rodata
+    .rodata	: { *(.rodata .rodata.*) } :rodata
+    .eh_frame	: { *(.eh_frame) } :rodata
+
+    /* TEXT */
+    . = ALIGN(0x1000);
+    .boot.text	:
+    {
+	. = ALIGN(0x1000);
+	boot_text_start = .;
+	*(.boot.text)
+	. = ALIGN(0x1000);
+	boot_text_end = .;
+    } :btext =0xcccccccc
+    .text	: { *(.text .text.*) } :text =0xcccccccc
+
+    /* RELRO DATA */
+    . = DATA_SEGMENT_ALIGN (0x1000, 0x1000);
+    .openbsd.randomdata :
+    {
+	*(.openbsd.randomdata .openbsd.randomdata.*)
+    } :data :relro :random
+    .data.rel.ro : { *(.data.rel.ro.local*) *(.data.rel.ro*) } :data :relro
+    .dynamic	: { *(.dynamic) } :data :relro :dynamic
+    .got	: { *(.got.plt) *(.got) } :data :relro
+    . = DATA_SEGMENT_RELRO_END (0, .);
+
+    /* BOOTDATA */
+    . = ALIGN(0x1000);
+    boot_data_start = .;
+    .rela.dyn       :
+    {
+	*(.rela.text .rela.text.*)
+	*(.rela.rodata .rela.rodata.*)
+	*(.rela.data .rela.data.*)
+	*(.rela.got)
+	*(.rela.bss .rela.bss.*)
+    } :data
+/* XXX .rela.plt is unused but cannot delete: ld.bfd zeros DT_RELASZ then! */
+    .rela.plt	: { *(.rela.plt) } :data
+    .note	: { *(.note.openbsd.*) } :data :note
+    .hash	: { *(.hash) } :data
+    .boot.data	: { *(.boot.data .boot.data.*) } :data
+    boot_data_end = .;
+
+    /* DATA */
+    . = ALIGN(0x1000);
+    .data	: { *(.data .data.*) } :data
+    .bss	: { *(.dynbss) *(.bss .bss.*) *(COMMON) } :data
+    . = DATA_SEGMENT_END (.);
+
+    /DISCARD/	: { *(.note.GNU-stack) }
+}
-- 
2.20.1