Message ID | 20220103235753.2062518-2-hjl.tools@gmail.com |
---|---|
State | New |
Headers | show |
Series | elf: Also try DT_RUNPATH for LD_AUDIT dlopen [BZ #28455] | expand |
On 03/01/2022 20:57, H.J. Lu wrote: > DT_RUNPATH is only used to find the immediate dependencies of the > executable or shared object containing the DT_RUNPATH entry. Update > LD_AUDIT dlopen call to try the DT_RUNPATH entry of the executable. > > Add tst-audit14a, which is copied from tst-audit14, to DT_RUNPATH and > build tst-audit14 with -Wl,--disable-new-dtags to test DT_RPATH. > > This partially fixes BZ #28455. LGTM, thanks. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> > --- > elf/Makefile | 11 ++++++++--- > elf/dl-load.c | 15 +++++++++++++++ > elf/tst-audit14a.c | 1 + > 3 files changed, 24 insertions(+), 3 deletions(-) > create mode 100644 elf/tst-audit14a.c > > diff --git a/elf/Makefile b/elf/Makefile > index 43dd18cc73..f9006e1d1d 100644 > --- a/elf/Makefile > +++ b/elf/Makefile > @@ -354,10 +354,10 @@ ifneq ($(selinux-enabled),1) > tests-execstack-yes = tst-execstack tst-execstack-needed tst-execstack-prog > endif > ifeq ($(have-depaudit),yes) > -tests += tst-audit14 tst-audit15 tst-audit16 > +tests += tst-audit14 tst-audit15 tst-audit16 tst-audit14a > ifeq ($(run-built-tests),yes) > tests-special += $(objpfx)tst-audit14-cmp.out $(objpfx)tst-audit15-cmp.out \ > - $(objpfx)tst-audit16-cmp.out > + $(objpfx)tst-audit16-cmp.out $(objpfx)tst-audit14a-cmp.out > endif > endif > endif > @@ -1832,9 +1832,11 @@ $(objpfx)tst-auditmany.out: $(objpfx)tst-auditmanymod1.so \ > tst-auditmany-ENV = \ > LD_AUDIT=tst-auditmanymod1.so:tst-auditmanymod2.so:tst-auditmanymod3.so:tst-auditmanymod4.so:tst-auditmanymod5.so:tst-auditmanymod6.so:tst-auditmanymod7.so:tst-auditmanymod8.so:tst-auditmanymod9.so > > -LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so > +LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so,--disable-new-dtags > $(objpfx)tst-auditlogmod-1.so: $(libsupport) > $(objpfx)tst-audit14.out: $(objpfx)tst-auditlogmod-1.so > +LDFLAGS-tst-audit14a = -Wl,--audit=tst-auditlogmod-1.so,--enable-new-dtags > +$(objpfx)tst-audit14a.out: $(objpfx)tst-auditlogmod-1.so > LDFLAGS-tst-audit15 = \ > -Wl,--audit=tst-auditlogmod-1.so,--depaudit=tst-auditlogmod-2.so > $(objpfx)tst-auditlogmod-2.so: $(libsupport) > @@ -1861,6 +1863,9 @@ tst-audit17-ENV = LD_AUDIT=$(objpfx)tst-auditmod17.so > $(objpfx)tst-audit14-cmp.out: tst-audit14.exp $(objpfx)tst-audit14.out > cmp $^ > $@; \ > $(evaluate-test) > +$(objpfx)tst-audit14a-cmp.out: tst-audit14.exp $(objpfx)tst-audit14a.out > + cmp $^ > $@; \ > + $(evaluate-test) > $(objpfx)tst-audit15-cmp.out: tst-audit15.exp $(objpfx)tst-audit15.out > cmp $^ > $@; \ > $(evaluate-test) > diff --git a/elf/dl-load.c b/elf/dl-load.c > index ddc4295ef5..12744caf91 100644 > --- a/elf/dl-load.c > +++ b/elf/dl-load.c > @@ -2111,6 +2111,21 @@ _dl_map_object (struct link_map *loader, const char *name, > &main_map->l_rpath_dirs, > &realname, &fb, loader ?: main_map, LA_SER_RUNPATH, > &found_other_class); > + > + /* Also try DT_RUNPATH in the executable for LD_AUDIT dlopen > + call. */ > + if (__glibc_unlikely (mode & __RTLD_AUDIT) > + && fd == -1 && !did_main_map > + && main_map != NULL && main_map->l_type != lt_loaded) > + { > + struct r_search_path_struct l_rpath_dirs; > + l_rpath_dirs.dirs = NULL; > + if (cache_rpath (main_map, &l_rpath_dirs, > + DT_RUNPATH, "RUNPATH")) > + fd = open_path (name, namelen, mode, &l_rpath_dirs, > + &realname, &fb, loader ?: main_map, > + LA_SER_RUNPATH, &found_other_class); > + } > } > > /* Try the LD_LIBRARY_PATH environment variable. */ > diff --git a/elf/tst-audit14a.c b/elf/tst-audit14a.c > new file mode 100644 > index 0000000000..c6232eacf2 > --- /dev/null > +++ b/elf/tst-audit14a.c > @@ -0,0 +1 @@ > +#include "tst-audit14.c"
diff --git a/elf/Makefile b/elf/Makefile index 43dd18cc73..f9006e1d1d 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -354,10 +354,10 @@ ifneq ($(selinux-enabled),1) tests-execstack-yes = tst-execstack tst-execstack-needed tst-execstack-prog endif ifeq ($(have-depaudit),yes) -tests += tst-audit14 tst-audit15 tst-audit16 +tests += tst-audit14 tst-audit15 tst-audit16 tst-audit14a ifeq ($(run-built-tests),yes) tests-special += $(objpfx)tst-audit14-cmp.out $(objpfx)tst-audit15-cmp.out \ - $(objpfx)tst-audit16-cmp.out + $(objpfx)tst-audit16-cmp.out $(objpfx)tst-audit14a-cmp.out endif endif endif @@ -1832,9 +1832,11 @@ $(objpfx)tst-auditmany.out: $(objpfx)tst-auditmanymod1.so \ tst-auditmany-ENV = \ LD_AUDIT=tst-auditmanymod1.so:tst-auditmanymod2.so:tst-auditmanymod3.so:tst-auditmanymod4.so:tst-auditmanymod5.so:tst-auditmanymod6.so:tst-auditmanymod7.so:tst-auditmanymod8.so:tst-auditmanymod9.so -LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so +LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so,--disable-new-dtags $(objpfx)tst-auditlogmod-1.so: $(libsupport) $(objpfx)tst-audit14.out: $(objpfx)tst-auditlogmod-1.so +LDFLAGS-tst-audit14a = -Wl,--audit=tst-auditlogmod-1.so,--enable-new-dtags +$(objpfx)tst-audit14a.out: $(objpfx)tst-auditlogmod-1.so LDFLAGS-tst-audit15 = \ -Wl,--audit=tst-auditlogmod-1.so,--depaudit=tst-auditlogmod-2.so $(objpfx)tst-auditlogmod-2.so: $(libsupport) @@ -1861,6 +1863,9 @@ tst-audit17-ENV = LD_AUDIT=$(objpfx)tst-auditmod17.so $(objpfx)tst-audit14-cmp.out: tst-audit14.exp $(objpfx)tst-audit14.out cmp $^ > $@; \ $(evaluate-test) +$(objpfx)tst-audit14a-cmp.out: tst-audit14.exp $(objpfx)tst-audit14a.out + cmp $^ > $@; \ + $(evaluate-test) $(objpfx)tst-audit15-cmp.out: tst-audit15.exp $(objpfx)tst-audit15.out cmp $^ > $@; \ $(evaluate-test) diff --git a/elf/dl-load.c b/elf/dl-load.c index ddc4295ef5..12744caf91 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -2111,6 +2111,21 @@ _dl_map_object (struct link_map *loader, const char *name, &main_map->l_rpath_dirs, &realname, &fb, loader ?: main_map, LA_SER_RUNPATH, &found_other_class); + + /* Also try DT_RUNPATH in the executable for LD_AUDIT dlopen + call. */ + if (__glibc_unlikely (mode & __RTLD_AUDIT) + && fd == -1 && !did_main_map + && main_map != NULL && main_map->l_type != lt_loaded) + { + struct r_search_path_struct l_rpath_dirs; + l_rpath_dirs.dirs = NULL; + if (cache_rpath (main_map, &l_rpath_dirs, + DT_RUNPATH, "RUNPATH")) + fd = open_path (name, namelen, mode, &l_rpath_dirs, + &realname, &fb, loader ?: main_map, + LA_SER_RUNPATH, &found_other_class); + } } /* Try the LD_LIBRARY_PATH environment variable. */ diff --git a/elf/tst-audit14a.c b/elf/tst-audit14a.c new file mode 100644 index 0000000000..c6232eacf2 --- /dev/null +++ b/elf/tst-audit14a.c @@ -0,0 +1 @@ +#include "tst-audit14.c"