From patchwork Thu May 2 16:35:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 794111 Delivered-To: patch@linaro.org Received: by 2002:adf:a153:0:b0:34d:5089:5a9e with SMTP id r19csp345573wrr; Thu, 2 May 2024 09:37:46 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUZbL7MqcyZEF37f++tYQ1YGYGWR6JqX+S3SPYHIXh045rk3mhnViDtYDRIfL6FpgZ0FfFsBFhfrwJWfiIv1HTY X-Google-Smtp-Source: AGHT+IF4Xc2yqZFXU+NFbvm62fxXl4ro+AC0rhsENR1to4AhD+jYLuy9k2Ufo4ksFuKVP8wp+sIK X-Received: by 2002:a05:622a:5d2:b0:43a:5f5e:c10b with SMTP id d18-20020a05622a05d200b0043a5f5ec10bmr493463qtb.20.1714667865884; Thu, 02 May 2024 09:37:45 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714667865; cv=pass; d=google.com; s=arc-20160816; b=dJrkTIYzJcPM9LF6mEggTrZZux0yn0uBx6Vz5lZM4h08a4j+vz440i/1nmfiAwImkb 7uQ/MUZkv9Bi8VqvZvI1qZ05EVrDRfQU3qjfcQqImq87bi3eT32iqfariUDB1Npvb0y+ KMgRtfsU31hMD9phlF6HHq2pPgas0fS474WIzoxZznOIlM6Zb0ULFoZc0AelCMnX9SG/ RqD7zxwOeqRWWl5ccWLcUFoSVDYJxxg7Vu5iMzbjguELMbWUZsCI+w2GGQlubud9az/f bSw8sPzwJn5ESSqqvsLx0jVVH1rBVG8m7YrkMFb4qqn5uBNwyjsUSQz8ab0Dyr8cOMbo N2pg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=TBKbR7Z7AJdSU8AYRfIKNSVobUw15f5XsE8/NePKAHI=; fh=oGn0EFORSY7ye2TnB7Yfd557GIAld9yH1tQXj05miNs=; b=DirqjJVWtlpWO6W8jSwoF4Y1TYmHTSOBxomYUlvu00rjjoZJHOkEo9KHOsftt9JoaE yE6FzP0q+YyaarlpeO0okvxbLCRsQKvglpyniqC7TKN+/jbF+jFhVGfkngDP5QHboJ6C pYZBIYKdXJQFuhfvBe2LWT4990QYldCkPX1047GMRcCO4ZT4j80poGyUiHai439nslZB 1AjMhBMNXT7ajzyuTj+bn9QvuHlSfbbED6zSRlYbWKKOPvd+sFAzc13BjoS3ZOHNB+AQ K9jsDEH5wg5NUrB3jKFtWHaZ1JTh8g1KTdQ/qCxZGhxHFer/dcJbMK6Htd9HfyxX5akK VDKg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=NAjMTPh8; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id br9-20020a05622a1e0900b0043a353ed3b9si1337696qtb.111.2024.05.02.09.37.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:45 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=NAjMTPh8; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 81EBA384AB5D for ; Thu, 2 May 2024 16:37:45 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) by sourceware.org (Postfix) with ESMTPS id 79FA5384AB4B for ; Thu, 2 May 2024 16:37:30 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 79FA5384AB4B Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 79FA5384AB4B Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::430 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667853; cv=none; b=RgDnfQUKTCQcmZ9iYIjjJCGtiHr+ndVyp76tNwwgAArwoE3fPMQXVmj/p6+8lN9JttKCSNCkpqaDUilezTN7oLYPakQ1ab05zL95FXwfb0EwfVCtNOxmcNcPfooTGtgwmyz92LXNHKnukcAQggMcAietWIrNA9N3/9StBkajsjg= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667853; c=relaxed/simple; bh=mVQ7kqXp3Es1g2zzhVeHJKuiPX5wD6KZgx0DxUyjlMM=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=L2WZ6080/KO766QauEdYHWxAfy3/ObuPm1oGOv63mEt3wnC1SsiHdNV46NeD0cViGN2ZlPGP/7KRybJPUEypFG9dOyMDdz31n26JO//qplBKd4RenWhEaQJ9qwu2gzjEJl38vjFkdHcoNoavDM6gGgkJ2/Ugn6nle6hhMiuZg98= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x430.google.com with SMTP id d2e1a72fcca58-6f4302187c0so949478b3a.1 for ; Thu, 02 May 2024 09:37:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667849; x=1715272649; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=TBKbR7Z7AJdSU8AYRfIKNSVobUw15f5XsE8/NePKAHI=; b=NAjMTPh8/ZMCSoObZvssRKZCY7GCtjOZxhrhtC5GnUkw4CfVEDvoFq+fTi1NKnMF0m +7ioTuqPJxzaWXyGiUyMsfAtOxjsKbi2/nUxL6pkY0wKU6JmmcAUmp9JGW6od2XM/s8d HbI5pq48Ynvkhw44SX6zkdbR1Xi8srkts7UARbN7WOSJu6tLcbgKVqOlR9B6izF57EO/ IenCTiwralN1oAxEchG71r+0wxf2fN9SrFMaKNzllRkxOt2r79JoivHzOPZM+RGX0Iw7 NBxKjnr1MQJgf/5lP8LZpxYdBlqmRE9bttu1s2C969trj/VNzyhCNgaByrYYTkkNC9D7 MAxg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667849; x=1715272649; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TBKbR7Z7AJdSU8AYRfIKNSVobUw15f5XsE8/NePKAHI=; b=BgiCaKPQK3htuheHvN2O59VYmTGxLLomhQuxRxifgBSwLPZCTcr1pakga8xWApqBd7 /8/0LSK4reYFwVXjyn1YI+TE3vVEicrV9qq4I3S6ETC8G8sVbybmZwWlo0K4OFAeX9M0 ENvOfJo+RkdR51n4gAeV06YAkpLWBIM9F8oI55cJhH4Ny8VfC0YiA6IMd/WpPc1TGQOU pGh6EtQV3ngtd8jsXb7cCTLW3QSIp58953ulYOMYz+5rwSuYrAKN4iUnU1KQ/YtSnAyT qEWDOaavigTVyCnEJ87a0TxqILcwyBghiDjx+f7bnjvXk6QSLBFsivJKOc2nykEZ9ix6 X5ZA== X-Gm-Message-State: AOJu0Yz5nvKTNFn9cta7Ed58+aDVXLxIctRaoT7JqnMlC3O+vOTJ6sTn 7Aw//zDfMfz5dTt7r1+UFiMEOagUJyCBuMD17cXLWW/ybyGtIiHViIXrmM03g5rGIONIrHlVW0N A X-Received: by 2002:a05:6a20:5524:b0:1ad:8ae:7423 with SMTP id ko36-20020a056a20552400b001ad08ae7423mr215678pzb.30.1714667848648; Thu, 02 May 2024 09:37:28 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:28 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar , Yuto Maeda , Yutaro Shimizu Subject: [PATCH v2 1/4] elf: Only process multiple tunable once (BZ 31686) Date: Thu, 2 May 2024 13:35:56 -0300 Message-ID: <20240502163716.1107975-2-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> References: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org The 680c597e9c3 commit made loader reject ill-formatted strings by first tracking all set tunables and then applying them. However, it does not take into consideration if the same tunable is set multiple times, where parse_tunables_string appends the found tunable without checking if it was already in the list. It leads to a stack-based buffer overflow if the tunable is specified more than the total number of tunables. For instance: GLIBC_TUNABLES=glibc.malloc.check=2:... (repeat over the number of total support for different tunable). Instead, use the index of the tunable list to get the expected tunable entry. Since now the initial list is zero-initialized, the compiler might emit an extra memset and this requires some minor adjustment on some ports. Checked on x86_64-linux-gnu and aarch64-linux-gnu. Reported-by: Yuto Maeda Reported-by: Yutaro Shimizu --- elf/dl-tunables.c | 30 ++++++----- elf/tst-tunables.c | 58 +++++++++++++++++++++- sysdeps/aarch64/multiarch/memset_generic.S | 4 ++ sysdeps/sparc/sparc64/rtld-memset.c | 3 ++ 4 files changed, 81 insertions(+), 14 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index d3ccd2ecd4..1db80e0f92 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -32,6 +32,7 @@ #include #include #include +#include #define TUNABLES_INTERNAL 1 #include "dl-tunables.h" @@ -221,8 +222,7 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) if (tunable_is_name (cur->name, name)) { - tunables[ntunables++] = - (struct tunable_toset_t) { cur, value, p - value }; + tunables[i] = (struct tunable_toset_t) { cur, value, p - value }; /* Ignore tunables if enable_secure is set */ if (tunable_is_name ("glibc.rtld.enable_secure", name)) @@ -245,23 +245,27 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) static void parse_tunables (const char *valstring) { - struct tunable_toset_t tunables[tunables_list_size]; - int ntunables = parse_tunables_string (valstring, tunables); - if (ntunables == -1) + struct tunable_toset_t tunables[tunables_list_size] = { 0 }; + if (parse_tunables_string (valstring, tunables) == -1) { _dl_error_printf ( "WARNING: ld.so: invalid GLIBC_TUNABLES `%s': ignored.\n", valstring); return; } - for (int i = 0; i < ntunables; i++) - if (!tunable_initialize (tunables[i].t, tunables[i].value, - tunables[i].len)) - _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " - "for option `%s': ignored.\n", - (int) tunables[i].len, - tunables[i].value, - tunables[i].t->name); + for (int i = 0; i < tunables_list_size; i++) + { + if (tunables[i].t == NULL) + continue; + + if (!tunable_initialize (tunables[i].t, tunables[i].value, + tunables[i].len)) + _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " + "for option `%s': ignored.\n", + (int) tunables[i].len, + tunables[i].value, + tunables[i].t->name); + } } /* Initialize the tunables list from the environment. For now we only use the diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c index 095b5c81d9..8f4ee46ad5 100644 --- a/elf/tst-tunables.c +++ b/elf/tst-tunables.c @@ -17,6 +17,7 @@ . */ #include +#define TUNABLES_INTERNAL 1 #include #include #include @@ -24,12 +25,13 @@ #include #include #include +#include static int restart; #define CMDLINE_OPTIONS \ { "restart", no_argument, &restart, 1 }, -static const struct test_t +static struct test_t { const char *name; const char *value; @@ -284,6 +286,29 @@ static const struct test_t 0, 0, }, + /* Also check for repeated tunables with a count larger than the total number + of tunables. */ + { + "GLIBC_TUNABLES", + NULL, + 2, + 0, + 0, + }, + { + "GLIBC_TUNABLES", + NULL, + 1, + 0, + 0, + }, + { + "GLIBC_TUNABLES", + NULL, + 0, + 0, + 0, + }, }; static int @@ -327,6 +352,37 @@ do_test (int argc, char *argv[]) spargv[i] = NULL; } + /* Create a tunable line with the duplicate values with a total number + larger than the different number of tunables. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size; i++) + value = xasprintf ("%sglibc.malloc.check=2%c", + value, + i == (tunables_list_size - 1) ? '\0' : ':'); + tests[33].value = value; + } + /* Same as before, but the last tunable vallues is differen than the + rest. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size - 1; i++) + value = xasprintf ("%sglibc.malloc.check=2:", value); + value = xasprintf ("%sglibc.malloc.check=1", value); + tests[34].value = value; + } + /* Same as before, but with an invalid last entry. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size - 1; i++) + value = xasprintf ("%sglibc.malloc.check=2:", value); + value = xasprintf ("%sglibc.malloc.check=1=1", value); + tests[35].value = value; + } + for (int i = 0; i < array_length (tests); i++) { snprintf (nteststr, sizeof nteststr, "%d", i); diff --git a/sysdeps/aarch64/multiarch/memset_generic.S b/sysdeps/aarch64/multiarch/memset_generic.S index 81748bdbce..e125a5ed85 100644 --- a/sysdeps/aarch64/multiarch/memset_generic.S +++ b/sysdeps/aarch64/multiarch/memset_generic.S @@ -33,3 +33,7 @@ #endif #include <../memset.S> + +#if IS_IN (rtld) +strong_alias (memset, __memset_generic) +#endif diff --git a/sysdeps/sparc/sparc64/rtld-memset.c b/sysdeps/sparc/sparc64/rtld-memset.c index 55f3835790..a19202a620 100644 --- a/sysdeps/sparc/sparc64/rtld-memset.c +++ b/sysdeps/sparc/sparc64/rtld-memset.c @@ -1 +1,4 @@ #include +#if IS_IN(rtld) +strong_alias (memset, __memset_ultra1) +#endif From patchwork Thu May 2 16:35:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 794112 Delivered-To: patch@linaro.org Received: by 2002:adf:a153:0:b0:34d:5089:5a9e with SMTP id r19csp345610wrr; Thu, 2 May 2024 09:37:49 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVS5qjYr038pNyxnrt1jRswn6p1jvEIzdBQebuUgf9+Fuwp5RSeKAuZg5ybMfuihdSicfzZa6bTakYuGOYGDtvH X-Google-Smtp-Source: AGHT+IFruFDl1pWBTnhqmaiL+PF8NvC6V7sdFRx72sPiLi17gN9n7UnKiw87oy0G7i6QnZjQfsJs X-Received: by 2002:a05:620a:13c1:b0:790:f5b3:a186 with SMTP id g1-20020a05620a13c100b00790f5b3a186mr506391qkl.8.1714667869367; Thu, 02 May 2024 09:37:49 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714667869; cv=pass; d=google.com; s=arc-20160816; b=d5Dnp8XrOIMMBim4ZiidRHOfYSDDnH8pD0aRVGH104iLDHNbr1ctzQq8bIaPTgKMrL UuxMA8PEpFVMIoRQPvMNRGrAvTeU1xBUWJN9gUXnTGMkyxejr0vrS/YuVYmsQierGXJY CQPqP+oto8yyzG2gQ/xPI2QFq6/52tm401mZP+XWuiizXU+6yMzoGeJNFe95nGX6vK3Z iefdkDhlnuLWhzHult8axbuRQ94LS4PrTXjQxIKqam5kUn+S8gH0xkjCvgaXtLcJacQ+ hZ9r/rRDUtYzBInMOBZa03UaLc0xKCFPvZo7c9UUXjLrcfeI7DzUOAyNAtRD2hQXPwW5 V67Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=sGd9zb7IAiLLy2yVbpl8UkwGDSrGWYwhIDZaoLKhuwA=; fh=Fj4D3X8lmeg8caKyS1psvSc6iiuGGH95h/ZziX55t10=; b=szB8bSF0QJRZdB39reJuKnVFad0s6jVSQMVC1ZXFMqCEKKRQSaHZgtu6nDBxN052ME oomqIfRNmvVCp9lrFLonKJFyKNrV9x3tmjq7mPdDjSAW841f0e0QWnzg2a80ryiVqomm T+wUHZDhWHetSamRMgyvqVQtGM1RHorS880UZhxvIZhCFbnIzf4Yo1PRj/YT7dlGY09L ak/obt7Th52pVOILpWSkmxf9RZqCh5ikuSSbshpDVsT0wlKtnd5mFig1cjwViPTa0utz iNiY41yHm1lV2zUeAoihfkFCD2O0Eg1td0mNuvgo2wyU3lP7mumdn1aDo8gxR6Cf9zWe fdjg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=FjyX9W3Q; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id vk42-20020a05620a70ea00b0079068b4760asi1280438qkn.45.2024.05.02.09.37.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:49 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=FjyX9W3Q; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id F349C3858408 for ; Thu, 2 May 2024 16:37:48 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) by sourceware.org (Postfix) with ESMTPS id B4F7A385840F for ; Thu, 2 May 2024 16:37:34 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org B4F7A385840F Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org B4F7A385840F Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::42e ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667856; cv=none; b=K/q1Npia1CSWx43ue/HwTfgcL1K5qkHXgcyGhBzZh2SCWp1S+0lsZd2lbCgvLtsXYOYkezhfVU/TYEICUlIMb32gN0ZVMDcUYjKL7+mONar7Iszk0z+gJRmC011b2Mvyi3yQmfLxrPTfxWnZm9FL+VsPGKE2f7X333KSwaOIcwk= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667856; c=relaxed/simple; bh=pEMGJzEXOr1M1CokR16EYy+o8E5rQZM7d+ndftfT7AA=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=yDfvhwmpHxcpEBQ7uvF7cjp0CyX1E6Hx30p7fAVPfG9OWTjkURXA1MlXLo3kQKUZyKtGftFoqT8DLoDhx9QwTj1B73T4qpgAfCaad4xMb74TR9QLTttNYeP7DTPHuyUjNRwJ2h286TBFTVbIAARInDs/9phdCz+hvKZ759P/wDo= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-6f0aeee172dso1514270b3a.1 for ; Thu, 02 May 2024 09:37:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667853; x=1715272653; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sGd9zb7IAiLLy2yVbpl8UkwGDSrGWYwhIDZaoLKhuwA=; b=FjyX9W3QHRhuUY/54S12Afxtf1n2SX18JUCpOX0dSKKSP6++yYDSGm6YYb0RUVQx8C 36hcxToC8Ef8FPZ3y7yABxqEuSivEkAuHYxNhUD2lh405BvCje7/dO13qeMXdu6H7eqr 6WVt+eJf6+Zb87UV2C3eKbmAvVfig2cK0pHzwV3yEmRe7jHLpGMu6OAtYQ1cxTR4SBUx GE1ZQATVEP6D4jBStQBtIRQQmI2ecqnZBeiKPca3lN4cuFYJoWYdzQWWhyss34yi7JXG zQ16qQxaZw7n6A3RMRZVUvCGj/NcjjZD3GeaLTiKFm7xjoXNtZbGCne1U6FbIG6i3Yqx Y/1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667853; x=1715272653; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sGd9zb7IAiLLy2yVbpl8UkwGDSrGWYwhIDZaoLKhuwA=; b=X22UBuESiLmpVY7G0aUnFf8+g6B4ksz5EY0UY7xOuhKB9AsrcqtgxJmaWbuycKlF8M AZWfWiQFLvOxhL6+W9re9QeVGpoltIOEtIcHOTs5JoVT/oBt+GyOhUZGja1wZw7M5+c8 8NKUGSkTIMbae5ShnnLPZHsfIwJeXzd+rCwCu7OPZ1I1wKgKFECEqJqkIWeY+iUiXfME gTRORBFDlaKBluKCvr1xqsk1MJwk62P7PoX0o97DpN5ZTqtE8XE5FigeGmvq6DrQMwod P6grQVVK/F5+rsmZqgSeEiiMk9DTisTSheEWuuGj1D1x8Gb52dmBs3p2oGap334IDaHG 5RDw== X-Gm-Message-State: AOJu0YxWXnXlCypWXcETp1wohPk88v7CLlXPFB/VZGKLpgBhzN1FGCDO eBVZQ/7PyCIawLOFICW2oNvY2nOyRx/DGh+DwwlF99PB0kUZc8qcn8Jp5aHSWAPZTDHzvKDvsQC u X-Received: by 2002:a05:6a00:1385:b0:6ed:825b:30c0 with SMTP id t5-20020a056a00138500b006ed825b30c0mr4583227pfg.15.1714667853144; Thu, 02 May 2024 09:37:33 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:32 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v2 2/4] elf: Remove glibc.rtld.enable_secure check from parse_tunables_string Date: Thu, 2 May 2024 13:35:57 -0300 Message-ID: <20240502163716.1107975-3-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> References: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-13.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org And move it to parse_tunables. It avoids a string comparison for each tunable. Checked on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Siddhesh Poyarekar --- elf/dl-tunables.c | 58 +++++++++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 20 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 1db80e0f92..63cf8c7ab5 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -119,6 +119,17 @@ do_tunable_update_val (tunable_t *cur, const tunable_val_t *valp, cur->initialized = true; } +static bool +tunable_parse_num (const char *strval, size_t len, tunable_num_t *val) +{ + char *endptr = NULL; + uint64_t numval = _dl_strtoul (strval, &endptr); + if (endptr != strval + len) + return false; + *val = (tunable_num_t) numval; + return true; +} + /* Validate range of the input value and initialize the tunable CUR if it looks good. */ static bool @@ -128,11 +139,8 @@ tunable_initialize (tunable_t *cur, const char *strval, size_t len) if (cur->type.type_code != TUNABLE_TYPE_STRING) { - char *endptr = NULL; - uint64_t numval = _dl_strtoul (strval, &endptr); - if (endptr != strval + len) + if (!tunable_parse_num (strval, len, &val.numval)) return false; - val.numval = (tunable_num_t) numval; } else val.strval = (struct tunable_str_t) { strval, len }; @@ -223,17 +231,6 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) if (tunable_is_name (cur->name, name)) { tunables[i] = (struct tunable_toset_t) { cur, value, p - value }; - - /* Ignore tunables if enable_secure is set */ - if (tunable_is_name ("glibc.rtld.enable_secure", name)) - { - tunable_num_t val = (tunable_num_t) _dl_strtoul (value, NULL); - if (val == 1) - { - __libc_enable_secure = 1; - return 0; - } - } break; } } @@ -242,6 +239,16 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) return ntunables; } +static void +parse_tunable_print_error (const struct tunable_toset_t *toset) +{ + _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " + "for option `%s': ignored.\n", + (int) toset->len, + toset->value, + toset->t->name); +} + static void parse_tunables (const char *valstring) { @@ -253,6 +260,21 @@ parse_tunables (const char *valstring) return; } + /* Ignore tunables if enable_secure is set */ + struct tunable_toset_t *tsec = + &tunables[TUNABLE_ENUM_NAME(glibc, rtld, enable_secure)]; + if (tsec->t != NULL) + { + tunable_num_t val; + if (!tunable_parse_num (tsec->value, tsec->len, &val)) + parse_tunable_print_error (tsec); + else if (val == 1) + { + __libc_enable_secure = 1; + return; + } + } + for (int i = 0; i < tunables_list_size; i++) { if (tunables[i].t == NULL) @@ -260,11 +282,7 @@ parse_tunables (const char *valstring) if (!tunable_initialize (tunables[i].t, tunables[i].value, tunables[i].len)) - _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " - "for option `%s': ignored.\n", - (int) tunables[i].len, - tunables[i].value, - tunables[i].t->name); + parse_tunable_print_error (&tunables[i]); } } From patchwork Thu May 2 16:35:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 794113 Delivered-To: patch@linaro.org Received: by 2002:adf:a153:0:b0:34d:5089:5a9e with SMTP id r19csp345673wrr; Thu, 2 May 2024 09:37:56 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUR4s/jTjQwHP1/TMAALO+peledOLTDxFmdFGAVC8Uq9jN1v+rdDHPj9CBc13lII6TCgvSoWW1xcPgA5NioIZJy X-Google-Smtp-Source: AGHT+IHolrpycCiJqG+UEekR1FSmpxQDwfNB6uyL1/wWA1RZreJqOzX75Mn1jkJx9hG+uNl3j9UH X-Received: by 2002:a05:622a:4b17:b0:43a:89c1:6b76 with SMTP id et23-20020a05622a4b1700b0043a89c16b76mr7844qtb.65.1714667876232; Thu, 02 May 2024 09:37:56 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714667876; cv=pass; d=google.com; s=arc-20160816; b=euDMzaMsK9dcHgkAgu/4zxlw3z/MGdkHprW8usxscwfZV9+GYaHbyj0O6i/ckvZZf6 t3J0kUTJayd1cJq36xzQpqC3E63cqSbnSm/Bzla1tFPyBvD+V7SnZLZW4ZjnOgum/Us2 fazzzK7c3WX0wVWbDNoPzQrPn1P/GR4UuCuKSDww2//P3FenH3ImxRGPvzR8jMwJ6NwN gyTUMUmRWLGQMf1LKig/7SajX7H2lOMGm4wpDlEaGV6exO98XwWPmUmhWOjiw12gbsq5 dFpi72i9apTkILynGjhHQizPhjAScggJa77lgWpLJzBHC1AJEeS++sHbHyd1B+3QR2ol JXDQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=hcLuJwERMkN7KzVNGEl5vKD/cE8T4rL7LBdvbco4LEw=; fh=Fj4D3X8lmeg8caKyS1psvSc6iiuGGH95h/ZziX55t10=; b=NBy9coKgwZS1GA9y8R31i88zsNL8ujQDpIM1dGcU7TNpkh+TKUIxtmn81OLr2AEcEP oL4/Lq5tWiVbQ6qjrnlin0CXR1idpaldojEymLwxNbYtesYdkxYeaEwpCJ4kRC+gDR8K YHTbeL161+spKOnAuawZTQ4s+ZZnd6KFJ4T5XcNGdQIX6/C7P3bnEhxCablyIR8Gusq2 mZ+zHuczhTPBx7vfS7upjk/12FnHDp3rDpMJeJFey+RitHxLS9tf3qSOsvBCrsTPjsbU KujC1RYF9IqMOnwTgcTNcwOthGjVhvBdmgbm3iOPjGeqDBU7ZKXnwpdGNeabPDSAZesk C32A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UuHqDaxh; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id y12-20020a05622a120c00b0043678e92c3csi1364505qtx.536.2024.05.02.09.37.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:56 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UuHqDaxh; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id C5E063858D20 for ; Thu, 2 May 2024 16:37:55 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) by sourceware.org (Postfix) with ESMTPS id 15006384AB66 for ; Thu, 2 May 2024 16:37:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 15006384AB66 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 15006384AB66 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::42b ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667859; cv=none; b=MnFnt4aXeUFdm/Ay6lp/AEmPtAE3L1KAf15HiKHLK2hGRKgNF/OOgDZBOXHF4ldywdZYg8s3gpaYOjpbxMXuKqafU0LTRxPn2gtaIsN2UevKQE8beppMsrZfhpwIL7I6TTY+xOpXLrIKjE4Z4O6qSUhN5Ej2klMAJ0YX0vvzhRs= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667859; c=relaxed/simple; bh=J2W7DsmC7H35lLzmGW7hA943aT/Vmjb+hnFB1cNmbJc=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=NayIe6Tw9oBHr139aBoNg01yy2SoYbgKtwcu6aGIOgS+vJHoUHijcJf3blwhBvyFkjFLZqruorl4Dwqtwo9nrz6AacwigzMzhuPEdCYoRczRhquFXv9PfbLjxis08SxSpbQxTyZ5cFoovf9yxagFeO90YSxqyefckr+mbEaZQW0= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x42b.google.com with SMTP id d2e1a72fcca58-6f074520c8cso7750834b3a.0 for ; Thu, 02 May 2024 09:37:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667856; x=1715272656; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hcLuJwERMkN7KzVNGEl5vKD/cE8T4rL7LBdvbco4LEw=; b=UuHqDaxhWbzJhqQt9VnEj5nDr1JLrCn2lzn1WCvRzKO2PiwyOfzEdvWo2ilugTKzIw GVzPK3BH/pNdgRli6bsSqjwt/CWDZ4kiE5hEhLJy56eNYRLNj7WvTgDsg70M9m0mEgXg igNrgXhBh2i4u4XMMjt9dicPK0pFbeGRLaQivWoUuw2RZvdGvr+8ZK7rYISOkZrZeeOE rKy5cHykeXSg0ta/k3ZEIazBH3Tr22zjpYbLzjMtGrbgh7xGSpgq+FTAgJrmdqpH5F4l HD31+dKAMkYoKcYTfni6NTDs6wGgrthf76fkCj5n9qycvI7hzKy7+741xQ1YtZQIAe0n Q9Pw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667856; x=1715272656; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hcLuJwERMkN7KzVNGEl5vKD/cE8T4rL7LBdvbco4LEw=; b=vk9A47ey8Li0l9/JjFDu1QkXU27gigcBcX71c8hv87k5LV00eDRN/R+aUV/BQWINyv wARrx4Pa7dfAxUUuLXTKFo6bjrdquBQa5zkMRsPm6Pgz7y909rXuXlxNf+erJyb/cPTn sSwesECb+lZlAC17W180GkEOaQIktbco55RXQ08Qzm1JQZvB9LORC6/j9EbZsJXiVDSr XxvXDLHdKxo/SvsowpbcLCZKpbOoRZuqYKk8SLGcuW4dkJw50Hv0jluXBLpkg3dGisTa T31D4AVfbDnYU472g6B/Azc/lXfnHGjf/klhQVDpCvWPJR7ee6uZgOfX1Vro3IQ13m3u k3Pg== X-Gm-Message-State: AOJu0YwQ7WiVVDkP2s3qyxGfjZk7yafsl00lnzZAZUgivbuJ3ipt6q1i XgqCJecJNteTMaQQ/yEIMjBmmbeWpWlYiGgxTCepvOKJPIA2nHgtrPB503ZrmyzTyo/GCOuk0AU H X-Received: by 2002:aa7:88c2:0:b0:6ed:cece:8160 with SMTP id k2-20020aa788c2000000b006edcece8160mr50140pff.31.1714667855568; Thu, 02 May 2024 09:37:35 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:34 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v2 3/4] support: Add envp argument to support_capture_subprogram Date: Thu, 2 May 2024 13:35:58 -0300 Message-ID: <20240502163716.1107975-4-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> References: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org So tests can specific a list of environment variables. Reviewed-by: Siddhesh Poyarekar --- elf/tst-audit18.c | 2 +- elf/tst-audit19b.c | 2 +- elf/tst-audit22.c | 2 +- elf/tst-audit23.c | 2 +- elf/tst-audit25a.c | 4 ++-- elf/tst-audit25b.c | 4 ++-- elf/tst-glibc-hwcaps-2-cache.c | 2 +- elf/tst-rtld-run-static.c | 4 ++-- elf/tst-tunables-enable_secure.c | 2 +- elf/tst-tunables.c | 2 +- support/capture_subprocess.h | 9 +++++---- support/subprocess.h | 7 ++++--- support/support_capture_subprocess.c | 5 +++-- support/support_subprocess.c | 5 +++-- support/tst-support_capture_subprocess.c | 2 +- sysdeps/x86/tst-hwcap-tunables.c | 2 +- 16 files changed, 30 insertions(+), 26 deletions(-) diff --git a/elf/tst-audit18.c b/elf/tst-audit18.c index 841251dd70..cec93e269c 100644 --- a/elf/tst-audit18.c +++ b/elf/tst-audit18.c @@ -79,7 +79,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod18.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit18", 0, sc_allow_stderr); struct diff --git a/elf/tst-audit19b.c b/elf/tst-audit19b.c index 70bfe4eadf..88d99a416b 100644 --- a/elf/tst-audit19b.c +++ b/elf/tst-audit19b.c @@ -69,7 +69,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod18b.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit18b", 0, sc_allow_stderr); bool find_symbind = false; diff --git a/elf/tst-audit22.c b/elf/tst-audit22.c index 4e97be3be0..6aa18af948 100644 --- a/elf/tst-audit22.c +++ b/elf/tst-audit22.c @@ -83,7 +83,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod22.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit22", 0, sc_allow_stderr); /* The respawned process should always print the vDSO address (otherwise it diff --git a/elf/tst-audit23.c b/elf/tst-audit23.c index 32e7c8b2a3..d2640fe8b2 100644 --- a/elf/tst-audit23.c +++ b/elf/tst-audit23.c @@ -82,7 +82,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod23.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit22", 0, sc_allow_stderr); /* The expected la_objopen/la_objclose: diff --git a/elf/tst-audit25a.c b/elf/tst-audit25a.c index b209ee820f..cdd4f2ce2b 100644 --- a/elf/tst-audit25a.c +++ b/elf/tst-audit25a.c @@ -77,7 +77,7 @@ do_test (int argc, char *argv[]) { struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); @@ -102,7 +102,7 @@ do_test (int argc, char *argv[]) { setenv ("LD_BIND_NOW", "1", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); diff --git a/elf/tst-audit25b.c b/elf/tst-audit25b.c index 9b8665d517..939f4d6188 100644 --- a/elf/tst-audit25b.c +++ b/elf/tst-audit25b.c @@ -76,7 +76,7 @@ do_test (int argc, char *argv[]) { struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); @@ -102,7 +102,7 @@ do_test (int argc, char *argv[]) { setenv ("LD_BIND_NOW", "1", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); diff --git a/elf/tst-glibc-hwcaps-2-cache.c b/elf/tst-glibc-hwcaps-2-cache.c index 81ab44ff78..af91476cca 100644 --- a/elf/tst-glibc-hwcaps-2-cache.c +++ b/elf/tst-glibc-hwcaps-2-cache.c @@ -32,7 +32,7 @@ main (int argc, char **argv) /* Run ldconfig to populate the cache. */ char *command = xasprintf ("%s/ldconfig", support_install_rootsbindir); struct support_capture_subprocess result = - support_capture_subprogram (command, &((char *) { NULL })); + support_capture_subprogram (command, &((char *) { NULL }), NULL); support_capture_subprocess_check (&result, "ldconfig", 0, sc_allow_none); free (command); diff --git a/elf/tst-rtld-run-static.c b/elf/tst-rtld-run-static.c index b2650e85ff..f05c00eb7b 100644 --- a/elf/tst-rtld-run-static.c +++ b/elf/tst-rtld-run-static.c @@ -30,7 +30,7 @@ do_test (void) { char *argv[] = { (char *) "ld.so", ldconfig_path, (char *) "--help", NULL }; struct support_capture_subprocess cap - = support_capture_subprogram (support_objdir_elf_ldso, argv); + = support_capture_subprogram (support_objdir_elf_ldso, argv, NULL); support_capture_subprocess_check (&cap, "no --argv0", 0, sc_allow_stdout); puts ("info: output without --argv0:"); puts (cap.out.buffer); @@ -46,7 +46,7 @@ do_test (void) ldconfig_path, (char *) "--help", NULL }; struct support_capture_subprocess cap - = support_capture_subprogram (support_objdir_elf_ldso, argv); + = support_capture_subprogram (support_objdir_elf_ldso, argv, NULL); support_capture_subprocess_check (&cap, "with --argv0", 0, sc_allow_stdout); puts ("info: output with --argv0:"); puts (cap.out.buffer); diff --git a/elf/tst-tunables-enable_secure.c b/elf/tst-tunables-enable_secure.c index e31e1f7faa..f5db1c84e9 100644 --- a/elf/tst-tunables-enable_secure.c +++ b/elf/tst-tunables-enable_secure.c @@ -113,7 +113,7 @@ do_test (int argc, char *argv[]) printf ("[%d] Spawned test for %s\n", i, tests[i].env); setenv ("GLIBC_TUNABLES", tests[i].env, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables-enable_secure", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c index 8f4ee46ad5..a2b3a677e2 100644 --- a/elf/tst-tunables.c +++ b/elf/tst-tunables.c @@ -393,7 +393,7 @@ do_test (int argc, char *argv[]) tests[i].value); setenv (tests[i].name, tests[i].value, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/support/capture_subprocess.h b/support/capture_subprocess.h index 1ecbdfe4fc..93b7245d2a 100644 --- a/support/capture_subprocess.h +++ b/support/capture_subprocess.h @@ -35,11 +35,12 @@ struct support_capture_subprocess struct support_capture_subprocess support_capture_subprocess (void (*callback) (void *), void *closure); -/* Issue FILE with ARGV arguments by using posix_spawn and capture standard - output, standard error, and the exit status. The out.buffer and err.buffer - are handle as support_capture_subprocess. */ +/* Issue FILE with ARGV arguments and ENVP environments by using posix_spawn + and capture standard output, standard error, and the exit status. If + ENVP is NULL the current environment variable is used. The out.buffer and + err.buffer are handle by support_capture_subprocess. */ struct support_capture_subprocess support_capture_subprogram - (const char *file, char *const argv[]); + (const char *file, char *const argv[], char *const envp[]); /* Copy the running program into a setgid binary and run it with CHILD_ID argument. If execution is successful, return the exit status of the child diff --git a/support/subprocess.h b/support/subprocess.h index 8fbb895353..8274a2b22b 100644 --- a/support/subprocess.h +++ b/support/subprocess.h @@ -33,10 +33,11 @@ struct support_subprocess struct support_subprocess support_subprocess (void (*callback) (void *), void *closure); -/* Issue FILE with ARGV arguments by using posix_spawn and return is PID, a - pipe redirected to STDOUT, and a pipe redirected to STDERR. */ +/* Issue FILE with ARGV arguments and ENVP environments by using posix_spawn + and return is PID, a pipe redirected to STDOUT, and a pipe redirected to + STDERR. If ENVP is NULL the current environment variable is used. */ struct support_subprocess support_subprogram - (const char *file, char *const argv[]); + (const char *file, char *const argv[], char *const envp[]); /* Invoke program FILE with ARGV arguments by using posix_spawn and wait for it to complete. Return program exit status. */ diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c index ffced8a89f..53847194cb 100644 --- a/support/support_capture_subprocess.c +++ b/support/support_capture_subprocess.c @@ -93,13 +93,14 @@ support_capture_subprocess (void (*callback) (void *), void *closure) } struct support_capture_subprocess -support_capture_subprogram (const char *file, char *const argv[]) +support_capture_subprogram (const char *file, char *const argv[], + char *const envp[]) { struct support_capture_subprocess result; xopen_memstream (&result.out); xopen_memstream (&result.err); - struct support_subprocess proc = support_subprogram (file, argv); + struct support_subprocess proc = support_subprogram (file, argv, envp); support_capture_poll (&result, &proc); return result; diff --git a/support/support_subprocess.c b/support/support_subprocess.c index a2fef394d4..b692a7f8b1 100644 --- a/support/support_subprocess.c +++ b/support/support_subprocess.c @@ -69,7 +69,7 @@ support_subprocess (void (*callback) (void *), void *closure) } struct support_subprocess -support_subprogram (const char *file, char *const argv[]) +support_subprogram (const char *file, char *const argv[], char *const envp[]) { struct support_subprocess result = support_subprocess_init (); @@ -84,7 +84,8 @@ support_subprogram (const char *file, char *const argv[]) xposix_spawn_file_actions_addclose (&fa, result.stdout_pipe[1]); xposix_spawn_file_actions_addclose (&fa, result.stderr_pipe[1]); - result.pid = xposix_spawn (file, &fa, NULL, argv, environ); + result.pid = xposix_spawn (file, &fa, NULL, argv, + envp == NULL ? environ : envp); xclose (result.stdout_pipe[1]); xclose (result.stderr_pipe[1]); diff --git a/support/tst-support_capture_subprocess.c b/support/tst-support_capture_subprocess.c index 8145548982..756fb75d19 100644 --- a/support/tst-support_capture_subprocess.c +++ b/support/tst-support_capture_subprocess.c @@ -238,7 +238,7 @@ do_subprogram (const struct test *test) args[argc] = NULL; TEST_VERIFY (argc < argv_size); - return support_capture_subprogram (args[0], args); + return support_capture_subprogram (args[0], args, NULL); } enum test_type diff --git a/sysdeps/x86/tst-hwcap-tunables.c b/sysdeps/x86/tst-hwcap-tunables.c index f6a65b88de..8589a9fd66 100644 --- a/sysdeps/x86/tst-hwcap-tunables.c +++ b/sysdeps/x86/tst-hwcap-tunables.c @@ -133,7 +133,7 @@ do_test (int argc, char *argv[]) setenv ("GLIBC_TUNABLES", tunable, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables", 0, sc_allow_stderr); support_capture_subprocess_free (&result); From patchwork Thu May 2 16:35:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 794114 Delivered-To: patch@linaro.org Received: by 2002:adf:a153:0:b0:34d:5089:5a9e with SMTP id r19csp346046wrr; Thu, 2 May 2024 09:38:43 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVOoYlk3W15D4kOuu3oSidwxupqNq4X5EWrUaDvAh02yQP55E8ER4AOqrMC1GUC7rpNkjmj5P9GQMiDGyUqVQZ1 X-Google-Smtp-Source: AGHT+IHwyawVzwqQGpLo4oAKjig1/hZQHC0QCCIRy0tHsyBeTSYkmurxLF6gi7kFmUGtg9qTjosy X-Received: by 2002:a05:6870:330b:b0:238:fd65:5415 with SMTP id x11-20020a056870330b00b00238fd655415mr483805oae.37.1714667923426; Thu, 02 May 2024 09:38:43 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714667923; cv=pass; d=google.com; s=arc-20160816; b=AlOMvfpXizkFu3JsDDH4vD/OsvU2yoP+MY3+/IyY1gzpUc5rAmhWBxZz8NHE0zE7L1 9B5GS0jzJ2QwmkLh38Ei9q3W7rHowzNwNeECXg7oAipblZoAh3Zg50EIs78e1TvdgJbJ N8X3IrGYsfFmTOu0gvCpvZasvTX95IUN6xcb0jwnObzaOKRCrzAlVhwsLDLPOOAdVZFT C4OKQOp+lsL4wJloA+RKWA7gJNImXgVb8rVMuNLb36WfqqSZ6i5R3M5Rr23dOkdnD34F Ma6yFXWnT1jUG8m+bixBYJzSRr5GkgMifVXmNyvQe6AumVSGdhC6FUQJHvuYWWrIM4Rl jkbA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=Mhvj6p3FIwhaQ4EXE/dOjpwybOlOt/6m3eCX/KLL/+E=; fh=Fj4D3X8lmeg8caKyS1psvSc6iiuGGH95h/ZziX55t10=; b=upzhHJkFSY3inRMaDo9n9RKmXEWubQe5Oi/NnzJSCh8xdBV+ZXNE9yfNSSiESxWxgV tnr/w66/zxMFR97o4Dl9dT98ITYaEUFUlzQAr8tUeLcRNlklz4ax5DsVPBqQ2E0rTGV9 0386ixvyVmm4Q1ffgcez1nofdSJdxXbhYSB4LlowVSaXzkoc4LNOSUrHwRJltxUg6t/t X18sSBvk6SigYFiYNEI5DIKH2RhT0nYtzm/4g5iudBV9tULjTxjVVYFVrHj+4ywdRjEu cE1pstTn+RsBKj7xKvqVAi5kAYXRR6ETwdE0j9B2nYEKh5Q8E1CW4c50pGVUn0Zz+PHP eepw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=wxZpAnq2; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id pc35-20020a05620a842300b0078edc196108si1237321qkn.143.2024.05.02.09.38.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:38:43 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=wxZpAnq2; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 0F220384AB44 for ; Thu, 2 May 2024 16:38:43 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) by sourceware.org (Postfix) with ESMTPS id 5CE43384AB79 for ; Thu, 2 May 2024 16:37:39 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 5CE43384AB79 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 5CE43384AB79 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::432 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667864; cv=none; b=FCvugL2qwDE4wTEAWXCrwZrnN7M4kPAcNGox2ac2wvU+ByORLcSFbpdQWbwcb08j1z9ILDYfVAGX/z6Z7xMNdvsxcFgiv9m65VzybuChZVeYpO1uZ7F4gjJ0vZ594v3yXqoXolFpT/YY24m9akafuI8qBI8PE16WYTT/BbbLRyA= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667864; c=relaxed/simple; bh=DDpzFHaO7t7mIZjlydHBwgAhwbf5aHirbWWQea4vuag=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=kdqvliRByY9jBvH64l1KOshGUsED25AzUhpmmIjJID4kwPVtGLsSD0lUxH5vtYwpFQP82a3369BwNKqZXoEBlsH64Ica68RrfC287sjy+u0MWSVvcm6owGLfJpRqh6CF9jMtjvYBB9q+ZUEChqwq3UlVfIWmNBrOxBv6o8hamNA= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-6ee13f19e7eso7501021b3a.1 for ; Thu, 02 May 2024 09:37:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667858; x=1715272658; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Mhvj6p3FIwhaQ4EXE/dOjpwybOlOt/6m3eCX/KLL/+E=; b=wxZpAnq2QNfEdXSn8ZimEA66Xv0VepewWui8fg4wtK0POCayc0nb9Q0RWanPpoviCO 1BbdXSe+rvDrjf36tPRCrVSFEDdKQJYUWJOpPEFJumOwz09Bg203TAKNa3rBPKAq3KCF Whx4orxA+lEvnYhGrsde5WiAarR+wUlw6EEcBBm8dGuxvHD9QjhG2cEyrVShzyvONmi1 ERqZEs5cskPSrW8bcGLp8Epvo056NCkIP8S47voiQXOxHhTNGZ10+/Uy5+yXXvo7gkEu xkXuHrzOMbd8IYs0ydZ/sjApDSqKijuHetnFhin8QOGBo+DKNDBoGWGh1On+C5jd+Hdf Cp8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667858; x=1715272658; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Mhvj6p3FIwhaQ4EXE/dOjpwybOlOt/6m3eCX/KLL/+E=; b=R8SsTeakDeO1uFHpMTNHBKfTfi0XwXlHvutRtfzSx0wBTWU0VL1tqyarn9CV6vjQH8 GVfPTcrvxgFgc75bf0tntFzuLpgUT2O1w5gLixcokp5QRAOb0eGLJh7SiMR1hydt1/OD Dw1pr3E4VTPppiQ9hqIPH0RjzVltfAj7aVNbyHVN/pav9r6scdzugAfhiJnGEebZmH6l kfL8TDYxxZ+GqBBiUt9QLbS6NtPSYjZfNGsjALOgInjzDwSm8jjpP6z1xjA5WGjwdW9F mm7N0n7NRO5bdxexBJ5ZvmVVKMmwW0C6n1EF+eLMGI1al8q7xPr63DOUe5jn4rYcU0y2 iBAQ== X-Gm-Message-State: AOJu0YyQbGoL1w21oDF84ER0MZqzpS4xf5U3dcwVxfdsRQNjqpwGAIvt fjG4O1MLMXvWPjMUA43h8x/GNwnIDvJ90PzoeV9csC+lFqaP/6YaEdgFfvmejhBEiz4OeoCS6fS l X-Received: by 2002:a05:6a00:3982:b0:6ea:7b29:3ab7 with SMTP id fi2-20020a056a00398200b006ea7b293ab7mr68866pfb.23.1714667857805; Thu, 02 May 2024 09:37:37 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:37 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v2 4/4] elf: Make glibc.rtld.enable_secure ignore alias environment variables Date: Thu, 2 May 2024 13:35:59 -0300 Message-ID: <20240502163716.1107975-5-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> References: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org Tunable with environment variables aliases are also ignored if glibc.rtld.enable_secure is enabled. The tunable parsing is also optimized a bit, where the loop that checks each environment variable only checks for the tunables with aliases instead of all tables. Checked on aarch64-linux-gnu and x86_64-linux-gnu. --- elf/dl-tunables.c | 36 ++++++--- elf/tst-tunables-enable_secure.c | 133 +++++++++++++++++++++++++++---- scripts/gen-tunables.awk | 16 +++- 3 files changed, 161 insertions(+), 24 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 63cf8c7ab5..e87d0628b2 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -300,6 +300,9 @@ __tunables_init (char **envp) if (__libc_enable_secure) return; + enum { tunable_num_env_alias = array_length (tunable_env_alias_list) }; + struct tunable_toset_t tunables_env_alias[tunable_num_env_alias] = { 0 }; + while ((envp = get_next_env (envp, &envname, &envval, &prev_envp)) != NULL) { /* The environment variable is allocated on the stack by the kernel, so @@ -311,29 +314,44 @@ __tunables_init (char **envp) continue; } - for (int i = 0; i < tunables_list_size; i++) + for (int i = 0; i < tunable_num_env_alias; i++) { - tunable_t *cur = &tunable_list[i]; + tunable_t *cur = &tunable_list[tunable_env_alias_list[i]]; + const char *name = cur->env_alias; - /* Skip over tunables that have either been set already or should be - skipped. */ - if (cur->initialized || cur->env_alias[0] == '\0') + if (name[0] == '\0') continue; - const char *name = cur->env_alias; - - /* We have a match. Initialize and move on to the next line. */ if (tunable_is_name (name, envname)) { size_t envvallen = 0; /* The environment variable is always null-terminated. */ for (const char *p = envval; *p != '\0'; p++, envvallen++); - tunable_initialize (cur, envval, envvallen); + tunables_env_alias[i] = + (struct tunable_toset_t) { cur, envval, envvallen }; break; } } } + + /* Check if glibc.rtld.enable_secure was set and skip over the environment + variables aliases. */ + if (__libc_enable_secure) + return; + + for (int i = 0; i < tunable_num_env_alias; i++) + { + /* Skip over tunables that have either been set. */ + if (tunables_env_alias[i].t == NULL + || tunables_env_alias[i].t->initialized) + continue; + + if (!tunable_initialize (tunables_env_alias[i].t, + tunables_env_alias[i].value, + tunables_env_alias[i].len)) + parse_tunable_print_error (&tunables_env_alias[i]); + } } void diff --git a/elf/tst-tunables-enable_secure.c b/elf/tst-tunables-enable_secure.c index f5db1c84e9..a0da0fd179 100644 --- a/elf/tst-tunables-enable_secure.c +++ b/elf/tst-tunables-enable_secure.c @@ -17,6 +17,7 @@ . */ #include +#define TUNABLES_INTERNAL 1 #include #include #include @@ -34,6 +35,8 @@ static int restart; static const struct test_t { const char *env; + const char *extraenv; + bool check_multiple; int32_t expected_malloc_check; int32_t expected_enable_secure; } tests[] = @@ -41,39 +44,124 @@ static const struct test_t /* Expected tunable format. */ /* Tunables should be ignored if enable_secure is set. */ { - "glibc.malloc.check=2:glibc.rtld.enable_secure=1", + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + NULL, + false, 0, 1, }, /* Tunables should be ignored if enable_secure is set. */ { - "glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + NULL, + false, 0, 1, }, /* Tunables should be set if enable_secure is unset. */ { - "glibc.rtld.enable_secure=0:glibc.malloc.check=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + NULL, + false, 2, 0, }, + /* Tunables should be ignored if enable_secure is set. */ + { + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + "MALLOC_CHECK_=2", + false, + 0, + 1, + }, + /* Same as before, but with enviroment alias prior GLIBC_TUNABLES. */ + { + "MALLOC_CHECK_=2", + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + false, + 0, + 1, + }, + /* Tunables should be ignored if enable_secure is set. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "MALLOC_CHECK_=2", + false, + 0, + 1, + }, + { + "MALLOC_CHECK_=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + false, + 0, + 1, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 2, + 0, + }, + { + "MALLOC_CHECK_=1", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + /* Tunable have precedence over the environment variable. */ + false, + 2, + 0, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 1, + 0, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 1, + 0, + }, + /* Check with tunables environment variable alias set multiple times. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "MALLOC_CHECK_=2", + true, + 0, + 1, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + true, + 1, + 0, + }, }; static int handle_restart (int i) { if (tests[i].expected_enable_secure == 1) - { - TEST_COMPARE (1, __libc_enable_secure); - } + TEST_COMPARE (1, __libc_enable_secure); else - { - TEST_COMPARE (tests[i].expected_malloc_check, - TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL)); - TEST_COMPARE (tests[i].expected_enable_secure, - TUNABLE_GET_FULL (glibc, rtld, enable_secure, int32_t, - NULL)); - } + TEST_COMPARE (tests[i].expected_enable_secure, + TUNABLE_GET_FULL (glibc, rtld, enable_secure, int32_t, + NULL)); + TEST_COMPARE (tests[i].expected_malloc_check, + TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL)); return 0; } @@ -106,14 +194,31 @@ do_test (int argc, char *argv[]) spargv[i] = NULL; } + enum { tunable_num_env_alias = array_length (tunable_env_alias_list) }; + for (int i = 0; i < array_length (tests); i++) { snprintf (nteststr, sizeof nteststr, "%d", i); printf ("[%d] Spawned test for %s\n", i, tests[i].env); setenv ("GLIBC_TUNABLES", tests[i].env, 1); + + char *envp[2 + tunable_num_env_alias + 1] = + { + (char *) tests[i].env, + (char *) tests[i].extraenv, + NULL, + }; + if (tests[i].check_multiple) + { + int j; + for (j=0; j < tunable_num_env_alias; j++) + envp[j + 2] = (char *) tests[i].extraenv; + envp[j + 2] = NULL; + } + struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv, NULL); + = support_capture_subprogram (spargv[0], spargv, envp); support_capture_subprocess_check (&result, "tst-tunables-enable_secure", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/scripts/gen-tunables.awk b/scripts/gen-tunables.awk index 9f5336381e..fc3b41376f 100644 --- a/scripts/gen-tunables.awk +++ b/scripts/gen-tunables.awk @@ -156,7 +156,7 @@ END { print "# define TUNABLE_ALIAS_MAX " (max_alias_len + 1) print "# include \"dl-tunable-types.h\"" # Finally, the tunable list. - print "static tunable_t tunable_list[] attribute_relro = {" + print "static tunable_t tunable_list[] attribute_relro __attribute_used__ = {" for (tnm in types) { split (tnm, indices, SUBSEP); t = indices[1]; @@ -168,5 +168,19 @@ END { default_val[t,n,m], env_alias[t,n,m]); } print "};" + + # Map of tunable with environment variables aliases used during parsing. */ + print "\nstatic const tunable_id_t tunable_env_alias_list[] =" + printf "{\n" + for (tnm in types) { + split (tnm, indices, SUBSEP); + t = indices[1]; + n = indices[2]; + m = indices[3]; + if (env_alias[t,n,m] != "{0}") { + printf (" TUNABLE_ENUM_NAME(%s, %s, %s),\n", t, n, m); + } + } + printf "};\n" print "#endif" }