From patchwork Tue Apr 30 19:25:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1929813 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=U4chFoQ0; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VTVjT5H7Tz23jG for ; Wed, 1 May 2024 05:33:17 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id E07C5385842C for ; Tue, 30 Apr 2024 19:33:15 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) by sourceware.org (Postfix) with ESMTPS id 287073858427 for ; Tue, 30 Apr 2024 19:32:54 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 287073858427 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 287073858427 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::431 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714505576; cv=none; b=uMdbWuACYVkp5hvnTN4QGYPqT+iOyZlM99COQ85KU5zM6e+JbsAWqN4lLkP0bv24yS4yAK5IRPgrojr+QbyoOkaepkO1simXiR7HPRTg+Nme1jVnw/Sza4ueEKX7HVlv4B/9RfppeZCI2rqYNb5BTESajTljCA4RbdBlmz2gV5Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714505576; c=relaxed/simple; bh=5tJ9lLFbyGsFg0h4d92IE+LhoPMx9PlOww2vm4CwJb8=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=elWAPkIXpC8iRL061un4plvHGkXYZJaa0EHsWZIh+vzb6z4hpYdLuvyuxTqE1/YFPbSgXk3Iq+FeLj45Eo6feVT/sJT8CXPt7nArLgnUi+JjSxXEFXc0ziAmO6HChJBY0wygHZFv6ZLEimqzClT+bSm+d10MCGOf0ato2QfrQuk= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x431.google.com with SMTP id d2e1a72fcca58-6ed112c64beso5708478b3a.1 for ; Tue, 30 Apr 2024 12:32:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714505572; x=1715110372; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=TfH54N6gv6DErfWhfWw5ApNvj4CNjG8sOUy91PWaFGU=; b=U4chFoQ07ksIFpTWgU5U0kEtJ0n5adRKE1LdBvMG0O9ac1ASB6UEUrTf1Iv6EKmgRq BbJYftWdFhycrsgPrgvuvZqhdKRqgRo3jssGpoIsR2lK3B+j9h5C2lHyaY2ozqCRNeGn pBu/NUklwRMpAIADuzoJQoJYGgWbBWVwRRydmrooA8NE7Z7JtVzHELzL1l8Pf6wWb/Mv aZ6QJWHoWoBSEu3RNVBFBkPQo00chWdV/kWWM+rdnVX4rdfHEmURxe63DLg6Sq1Ad6GI 5ToCLjRVfSUg8WgTKQMYO7kTKNl7jo2S3nefcGsFM6qwxlmbPDAAuBJ+Qf8q9Sj7PnAT PdWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714505572; x=1715110372; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TfH54N6gv6DErfWhfWw5ApNvj4CNjG8sOUy91PWaFGU=; b=NNFAcwXizn0IuRKpVoDTJsZasZHxRuey9l9LDkwvLI+zZgy1iQBaVeNKAvEUyh5x26 LQZ/6cpEEacQlzxqnFMMa161WdGpXMDoMrqw2C1NJGq4fA8NznqA9Pwb7uMf+xu5I2FF 7BYi1VlqpuyWjCCgVeyjJOgzjmn9laeiMhJ18Y45lPecbz7R66de7jMGplAGFTZDCNHX 9KNhT1DIPGmcCPGNHa9DXiQDPUc2ApzCPiAJ1QkO/rDswxuRU/yyqpXTOiLYCfLdFkNw uzLxiJnl1V1ryxDn9rpHLqLkUzErX6iHn5U1qASoqxCJ6cpjoHGXHamgR6FPF6nr+VlJ yYYg== X-Gm-Message-State: AOJu0Yxy3Ju7x5vP+HQMEO7w5woCKNQrRG7MMZA8TNTHi63zyx/+BB4B 443LEXfDQWVSwEScCG05obkddo4FRJrlDEuKSmkzHxPRu56S1yjgVBsnjrBX7MdSGxojSq+/5Yd F X-Google-Smtp-Source: AGHT+IFE+ksiEo9WQ7PnA1U9pBLTo66eE4K9ZRf44VTAq2MpSlGQzOiu+Nqp3+HS2919wjS+0d/MDw== X-Received: by 2002:a05:6a20:6a12:b0:1af:35da:16 with SMTP id p18-20020a056a206a1200b001af35da0016mr906954pzk.52.1714505572159; Tue, 30 Apr 2024 12:32:52 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:c9b5:f382:64ea:c32b]) by smtp.gmail.com with ESMTPSA id gr6-20020a056a004d0600b006ed1ea5219csm21449143pfb.130.2024.04.30.12.32.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Apr 2024 12:32:51 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar , Yuto Maeda Subject: [PATCH 1/4] elf: Only process multiple tunable once (BZ 31686) Date: Tue, 30 Apr 2024 16:25:02 -0300 Message-ID: <20240430192739.1032549-2-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240430192739.1032549-1-adhemerval.zanella@linaro.org> References: <20240430192739.1032549-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org The parse_tunables_string is a tunable entry on the 'tunable_list' list to be set later without checking if the entry is already present. If leads to a stack overflow if the tunable is set multiple times, for instance: GLIBC_TUNABLES=glibc.malloc.check=2:... (repeat over the number of total support for different tunable). Instead, use the index of the tunable list to get the expected tunable entry. Since now the initial list is zero-initialized, the compiler might emit an extra memset and this requires some minor adjustment on some ports. Checked on x86_64-linux-gnu and aarch64-linux-gnu. Reported-by: Yuto Maeda --- elf/dl-tunables.c | 30 ++++++----- elf/tst-tunables.c | 59 +++++++++++++++++++++- sysdeps/aarch64/multiarch/memset_generic.S | 4 ++ sysdeps/sparc/sparc64/rtld-memset.c | 3 ++ 4 files changed, 82 insertions(+), 14 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index d3ccd2ecd4..1db80e0f92 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -32,6 +32,7 @@ #include #include #include +#include #define TUNABLES_INTERNAL 1 #include "dl-tunables.h" @@ -221,8 +222,7 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) if (tunable_is_name (cur->name, name)) { - tunables[ntunables++] = - (struct tunable_toset_t) { cur, value, p - value }; + tunables[i] = (struct tunable_toset_t) { cur, value, p - value }; /* Ignore tunables if enable_secure is set */ if (tunable_is_name ("glibc.rtld.enable_secure", name)) @@ -245,23 +245,27 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) static void parse_tunables (const char *valstring) { - struct tunable_toset_t tunables[tunables_list_size]; - int ntunables = parse_tunables_string (valstring, tunables); - if (ntunables == -1) + struct tunable_toset_t tunables[tunables_list_size] = { 0 }; + if (parse_tunables_string (valstring, tunables) == -1) { _dl_error_printf ( "WARNING: ld.so: invalid GLIBC_TUNABLES `%s': ignored.\n", valstring); return; } - for (int i = 0; i < ntunables; i++) - if (!tunable_initialize (tunables[i].t, tunables[i].value, - tunables[i].len)) - _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " - "for option `%s': ignored.\n", - (int) tunables[i].len, - tunables[i].value, - tunables[i].t->name); + for (int i = 0; i < tunables_list_size; i++) + { + if (tunables[i].t == NULL) + continue; + + if (!tunable_initialize (tunables[i].t, tunables[i].value, + tunables[i].len)) + _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " + "for option `%s': ignored.\n", + (int) tunables[i].len, + tunables[i].value, + tunables[i].t->name); + } } /* Initialize the tunables list from the environment. For now we only use the diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c index 095b5c81d9..ce5f62f777 100644 --- a/elf/tst-tunables.c +++ b/elf/tst-tunables.c @@ -17,6 +17,7 @@ . */ #include +#define TUNABLES_INTERNAL 1 #include #include #include @@ -24,12 +25,13 @@ #include #include #include +#include static int restart; #define CMDLINE_OPTIONS \ { "restart", no_argument, &restart, 1 }, -static const struct test_t +static struct test_t { const char *name; const char *value; @@ -284,6 +286,29 @@ static const struct test_t 0, 0, }, + /* Also check for repeated tunables with a count larger than the total number + of tunables. */ + { + "GLIBC_TUNABLES", + NULL, + 2, + 0, + 0, + }, + { + "GLIBC_TUNABLES", + NULL, + 1, + 0, + 0, + }, + { + "GLIBC_TUNABLES", + NULL, + 0, + 0, + 0, + }, }; static int @@ -316,6 +341,7 @@ do_test (int argc, char *argv[]) char nteststr[INT_BUFSIZE_BOUND (int)]; + char *spargv[10]; { int i = 0; @@ -327,6 +353,37 @@ do_test (int argc, char *argv[]) spargv[i] = NULL; } + /* Create a tunable line with the duplicate values with a total number + larger than the different number of tunables. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size; i++) + value = xasprintf ("%sglibc.malloc.check=2%c", + value, + i == (tunables_list_size - 1) ? '\0' : ':'); + tests[33].value = value; + } + /* Same as before, but the last tunable vallues is differen than the + rest. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size - 1; i++) + value = xasprintf ("%sglibc.malloc.check=2:", value); + value = xasprintf ("%sglibc.malloc.check=1", value); + tests[34].value = value; + } + /* Same as before, but with an invalid last entry. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size - 1; i++) + value = xasprintf ("%sglibc.malloc.check=2:", value); + value = xasprintf ("%sglibc.malloc.check=1=1", value); + tests[35].value = value; + } + for (int i = 0; i < array_length (tests); i++) { snprintf (nteststr, sizeof nteststr, "%d", i); diff --git a/sysdeps/aarch64/multiarch/memset_generic.S b/sysdeps/aarch64/multiarch/memset_generic.S index 81748bdbce..e125a5ed85 100644 --- a/sysdeps/aarch64/multiarch/memset_generic.S +++ b/sysdeps/aarch64/multiarch/memset_generic.S @@ -33,3 +33,7 @@ #endif #include <../memset.S> + +#if IS_IN (rtld) +strong_alias (memset, __memset_generic) +#endif diff --git a/sysdeps/sparc/sparc64/rtld-memset.c b/sysdeps/sparc/sparc64/rtld-memset.c index 55f3835790..a19202a620 100644 --- a/sysdeps/sparc/sparc64/rtld-memset.c +++ b/sysdeps/sparc/sparc64/rtld-memset.c @@ -1 +1,4 @@ #include +#if IS_IN(rtld) +strong_alias (memset, __memset_ultra1) +#endif From patchwork Tue Apr 30 19:25:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1929816 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=LbUS+Xoz; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VTVkJ0tbnz23jG for ; Wed, 1 May 2024 05:34:00 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 6D0993858D38 for ; Tue, 30 Apr 2024 19:33:58 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-oa1-x29.google.com (mail-oa1-x29.google.com [IPv6:2001:4860:4864:20::29]) by sourceware.org (Postfix) with ESMTPS id 50B72385842C for ; Tue, 30 Apr 2024 19:32:55 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 50B72385842C Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 50B72385842C Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2001:4860:4864:20::29 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714505577; cv=none; b=lg5qNFGd4Yr+T3snEOsJ4N6QGhGdI4CDoEtLF9tNWexWXf5q/JZ9BZH+WPjTKP3fE7+gAg7lFxE7LqR14Fd6h/EudC5m4Ec0426r4Dk4c5pk74gPGNJ5HDS/L60aQrEoQmD9VS8tucsjjDOW0WIzPy96JiBbj32ktc1XTgFYVV4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714505577; c=relaxed/simple; bh=+4DqfOn4hKsm4Av6t01QQbtNi9B67WnvXnQH5sTGuPw=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=XgkRMKdwdmXxiealBmtB+xCzcqU99Sjqbp1Cqe/WiJuLMbD2SNpPTVdMKHPpyqBs9Icg7gRrMkhAJ4PihoputOjIfnlJ6jpxRXk5RNXGf++wp+cEyCJC/+StjN3eRwkHbmi0vBSsOxL3Vy+yGfYuOW3i3ODdxdRa9Ou0Vx2Oo4M= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-oa1-x29.google.com with SMTP id 586e51a60fabf-22ed075a629so2331701fac.3 for ; Tue, 30 Apr 2024 12:32:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714505574; x=1715110374; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sFGLpsj9SY2jBhCIr6HxukXoa+9hkLNBQPPFFnVmwA8=; b=LbUS+XoziUsxzOCsyJGzc7hZqjQLccAHry4nl3vHoMeSCxTrzD0UElkh+dP09IyPw+ 7xmgGwoe1SIzVUtQGTlrUiRmxHPc+N3ceh8yoeSRip3fUCBvnZsclgmpMl1ODhgmcWL/ m6w6vTr9RzfMfR84++TLku3jI/Ia/cBvWkwSzYQeqRyk6TWPTQoCVpbLhShnm8xvBhVC O8uWkKI7YkgLwOxnXedD5D0MjE+jAnD3f33AkGnVqx2p3w2un89gHamMhuP/yVN7SJff +d6NYv9o6ID3+luNDBTmRahSe/qs2Mg4+SfPTA5qKH4UnWHw+v98fLFwsAfYVxYHwhJe B0KA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714505574; x=1715110374; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sFGLpsj9SY2jBhCIr6HxukXoa+9hkLNBQPPFFnVmwA8=; b=cWoppHmBkbaj8Yxx651MIA1sxfcdB3Kgr+y9gXyM3Qf7tgys4ArqMg1gITZO2drld3 /SMz+0acLYd9G5u5dgpkhKzorr7EBhVvNUApqv+YZMRunikxxH1uyGx9I0DtYHLquGgg /7lFJumWyFw2QB9xdTTLcCW/S3GyR+HL3x8TCZiiJXpbdmTTGPqELV2blcYKUNwcBg6b koDGBPiV31xQTo5FZ1Zs56S94/P8MG1jATzeS7q6vhoBKxThKyxKPGRF2n9mDkNG+sZW +05PmCYqp/WfVMfBlQlZAUd3RXT3FC8l72kT4nBm6+fCrOBytuakBSCCd88b74tJ2VUH JL7g== X-Gm-Message-State: AOJu0Yyn26jC6qySg3sQwrzNHsE9l++7qvkddhY7I0XQOEGIMuFV6Ben v5RY0juaYf+pRF3kUO+Rz3rC8vYJDyXg/ncSvZS44EzVdtV7L1t0iErqmAvcjk+5Zf1lVuygcUj 9 X-Google-Smtp-Source: AGHT+IGeACf1KOD5CIeNH9zii6MdZxNL6/RmA6B8hzBTF+Vu+HJ0wOOmCyt6MfUl7K99c6cfscMAQA== X-Received: by 2002:a05:6870:a3c5:b0:239:c163:a400 with SMTP id h5-20020a056870a3c500b00239c163a400mr257969oak.29.1714505573976; Tue, 30 Apr 2024 12:32:53 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:c9b5:f382:64ea:c32b]) by smtp.gmail.com with ESMTPSA id gr6-20020a056a004d0600b006ed1ea5219csm21449143pfb.130.2024.04.30.12.32.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Apr 2024 12:32:53 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH 2/4] elf: Remove glibc.rtld.enable_secure check from parse_tunables_string Date: Tue, 30 Apr 2024 16:25:03 -0300 Message-ID: <20240430192739.1032549-3-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240430192739.1032549-1-adhemerval.zanella@linaro.org> References: <20240430192739.1032549-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org And move it to parse_tunables. It avoids a string comparison for each tunable. Checked on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Siddhesh Poyarekar --- elf/dl-tunables.c | 58 +++++++++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 20 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 1db80e0f92..63cf8c7ab5 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -119,6 +119,17 @@ do_tunable_update_val (tunable_t *cur, const tunable_val_t *valp, cur->initialized = true; } +static bool +tunable_parse_num (const char *strval, size_t len, tunable_num_t *val) +{ + char *endptr = NULL; + uint64_t numval = _dl_strtoul (strval, &endptr); + if (endptr != strval + len) + return false; + *val = (tunable_num_t) numval; + return true; +} + /* Validate range of the input value and initialize the tunable CUR if it looks good. */ static bool @@ -128,11 +139,8 @@ tunable_initialize (tunable_t *cur, const char *strval, size_t len) if (cur->type.type_code != TUNABLE_TYPE_STRING) { - char *endptr = NULL; - uint64_t numval = _dl_strtoul (strval, &endptr); - if (endptr != strval + len) + if (!tunable_parse_num (strval, len, &val.numval)) return false; - val.numval = (tunable_num_t) numval; } else val.strval = (struct tunable_str_t) { strval, len }; @@ -223,17 +231,6 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) if (tunable_is_name (cur->name, name)) { tunables[i] = (struct tunable_toset_t) { cur, value, p - value }; - - /* Ignore tunables if enable_secure is set */ - if (tunable_is_name ("glibc.rtld.enable_secure", name)) - { - tunable_num_t val = (tunable_num_t) _dl_strtoul (value, NULL); - if (val == 1) - { - __libc_enable_secure = 1; - return 0; - } - } break; } } @@ -242,6 +239,16 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) return ntunables; } +static void +parse_tunable_print_error (const struct tunable_toset_t *toset) +{ + _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " + "for option `%s': ignored.\n", + (int) toset->len, + toset->value, + toset->t->name); +} + static void parse_tunables (const char *valstring) { @@ -253,6 +260,21 @@ parse_tunables (const char *valstring) return; } + /* Ignore tunables if enable_secure is set */ + struct tunable_toset_t *tsec = + &tunables[TUNABLE_ENUM_NAME(glibc, rtld, enable_secure)]; + if (tsec->t != NULL) + { + tunable_num_t val; + if (!tunable_parse_num (tsec->value, tsec->len, &val)) + parse_tunable_print_error (tsec); + else if (val == 1) + { + __libc_enable_secure = 1; + return; + } + } + for (int i = 0; i < tunables_list_size; i++) { if (tunables[i].t == NULL) @@ -260,11 +282,7 @@ parse_tunables (const char *valstring) if (!tunable_initialize (tunables[i].t, tunables[i].value, tunables[i].len)) - _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " - "for option `%s': ignored.\n", - (int) tunables[i].len, - tunables[i].value, - tunables[i].t->name); + parse_tunable_print_error (&tunables[i]); } } From patchwork Tue Apr 30 19:25:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1929814 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=f0QZGJ1i; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VTVjg20rMz23jG for ; Wed, 1 May 2024 05:33:27 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 851E1385842C for ; Tue, 30 Apr 2024 19:33:25 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com [IPv6:2607:f8b0:4864:20::436]) by sourceware.org (Postfix) with ESMTPS id 03B263858C33 for ; Tue, 30 Apr 2024 19:32:58 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 03B263858C33 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 03B263858C33 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::436 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714505587; cv=none; b=Y34/VZkLWuFHojOcheAMjqvozytpaY6qZoNsopeAjU+caZF49iHMZ3uDBPYpzheW0bi75hEGcaEXCiHDxpUelJPSBaYhHmCvZCq30cKNybQNu+DxTlCji64kpFXsqxAmsfwLy4wyf5ZF4R/h1IqUPPVl6y/Q0/K4axKqVOZvCDQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714505587; c=relaxed/simple; bh=P4J0KoKCdV+55wEq4myA9bQ2qduvEZrIkT+Gp4IU8fY=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=jgwGE4k6i3D/9/VNOgbIw0aY7X7a0Vivz/dni5wCS2moTN+VmFN/x0sQHSFycYJQhZxewOT6xiQuPM+4OSqpDzJRo4Z0O7z0soZKW2TQIBItHAseyZg8TV9k3cUuLueIETjfl8JqanzeIFQ8QaJDdEXUo2m0Tt4fo8yujBHlo00= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x436.google.com with SMTP id d2e1a72fcca58-6ed32341906so5635061b3a.1 for ; Tue, 30 Apr 2024 12:32:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714505576; x=1715110376; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=13n+TzWxoYQ+vvHkzhxXy03gDQvmjNCEi2ec4oeQRRY=; b=f0QZGJ1iotoYY9isfbLNOvYceCdtGoENogPllPiRbHh9Ea8Drf6flbebSSvlzmdXhv EtnTLmq8g4i+WLz5fcfK+isPQvLjTJi97O20RBoU5a+hEK+H24mU2feX7NGJ+elM3cNE ZwVBu9H3QXZBsOAZJlfujZa6V+s/cCOGurvo/dK+RMedHwHlLu+9GQ+yWDNmxOvZjKeu /tXWif9hKRRdp4LNcAxz8fts/+yj2HjO0dBv57E35Jyl69oLPj53R6f+KN/g2UrktC+J 4WPhuhB7qUTzY9J621Yf7a+GW8bEbcFQ/FcNUKmBina+/apZ9eCBp7CWEfoRWnar4cUa CCYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714505576; x=1715110376; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=13n+TzWxoYQ+vvHkzhxXy03gDQvmjNCEi2ec4oeQRRY=; b=k8hU0eC4MvzYehHFzSd2cSjIcD43iHvUWmyKZif0XKruOD6opEC65U5p4rhJLC9sGy ZdU3b6JYMij56mc5M1us/txgmrTHjlwoFFDeNhRf8hEjHBJOFxZSjLqLN0oIfLiXnud7 PymcLibSWKF3LZ2GN2uZ6WVkttKzMX8JqpnTKNdN4y8+Q0PF/7prFcmtkmgGmVZqFjK+ qRSJM29JuuVwUZQj00vx9UHANEpWBTSMrAA7lDHTzK3ghLXBK7NmGiSMb8CR259wyo8k T+lplWSnHvPhmY+7GZRZrRAJVHJTeso/oju0lv+3oghkVFJYCs7EWJe3CiNAOAUSULby Q/dA== X-Gm-Message-State: AOJu0Yz771XyESPwo9Wxip8RhauYuu7hVwhdQY0nAf1luq+2A75euGCW iz8TehyxQtq0tzsVgGuvUJ+aFdCJATrHhKpkhvlhR+TtuR2n/W/rvG75YT3jYvT1vzHsa8eIVAY U X-Google-Smtp-Source: AGHT+IH2CXH4naOBSmEx+NRq7dC4Qa8wejVOhA+xvzCOFQ7ufOS0gaFnBxk3s1YzjmmHc1AC0NYRRw== X-Received: by 2002:a05:6a20:3213:b0:1a9:c757:a22d with SMTP id hl19-20020a056a20321300b001a9c757a22dmr774192pzc.14.1714505575852; Tue, 30 Apr 2024 12:32:55 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:c9b5:f382:64ea:c32b]) by smtp.gmail.com with ESMTPSA id gr6-20020a056a004d0600b006ed1ea5219csm21449143pfb.130.2024.04.30.12.32.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Apr 2024 12:32:55 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH 3/4] support: Add envp argument to support_capture_subprogram Date: Tue, 30 Apr 2024 16:25:04 -0300 Message-ID: <20240430192739.1032549-4-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240430192739.1032549-1-adhemerval.zanella@linaro.org> References: <20240430192739.1032549-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org So tests can specific a list of environment variables. --- elf/tst-audit18.c | 2 +- elf/tst-audit19b.c | 2 +- elf/tst-audit22.c | 2 +- elf/tst-audit23.c | 2 +- elf/tst-audit25a.c | 4 ++-- elf/tst-audit25b.c | 4 ++-- elf/tst-glibc-hwcaps-2-cache.c | 2 +- elf/tst-rtld-run-static.c | 4 ++-- elf/tst-tunables-enable_secure.c | 2 +- elf/tst-tunables.c | 2 +- support/capture_subprocess.h | 9 +++++---- support/subprocess.h | 7 ++++--- support/support_capture_subprocess.c | 5 +++-- support/support_subprocess.c | 5 +++-- support/tst-support_capture_subprocess.c | 2 +- sysdeps/x86/tst-hwcap-tunables.c | 2 +- 16 files changed, 30 insertions(+), 26 deletions(-) diff --git a/elf/tst-audit18.c b/elf/tst-audit18.c index 841251dd70..cec93e269c 100644 --- a/elf/tst-audit18.c +++ b/elf/tst-audit18.c @@ -79,7 +79,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod18.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit18", 0, sc_allow_stderr); struct diff --git a/elf/tst-audit19b.c b/elf/tst-audit19b.c index 70bfe4eadf..88d99a416b 100644 --- a/elf/tst-audit19b.c +++ b/elf/tst-audit19b.c @@ -69,7 +69,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod18b.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit18b", 0, sc_allow_stderr); bool find_symbind = false; diff --git a/elf/tst-audit22.c b/elf/tst-audit22.c index 4e97be3be0..6aa18af948 100644 --- a/elf/tst-audit22.c +++ b/elf/tst-audit22.c @@ -83,7 +83,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod22.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit22", 0, sc_allow_stderr); /* The respawned process should always print the vDSO address (otherwise it diff --git a/elf/tst-audit23.c b/elf/tst-audit23.c index 32e7c8b2a3..d2640fe8b2 100644 --- a/elf/tst-audit23.c +++ b/elf/tst-audit23.c @@ -82,7 +82,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod23.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit22", 0, sc_allow_stderr); /* The expected la_objopen/la_objclose: diff --git a/elf/tst-audit25a.c b/elf/tst-audit25a.c index b209ee820f..cdd4f2ce2b 100644 --- a/elf/tst-audit25a.c +++ b/elf/tst-audit25a.c @@ -77,7 +77,7 @@ do_test (int argc, char *argv[]) { struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); @@ -102,7 +102,7 @@ do_test (int argc, char *argv[]) { setenv ("LD_BIND_NOW", "1", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); diff --git a/elf/tst-audit25b.c b/elf/tst-audit25b.c index 9b8665d517..939f4d6188 100644 --- a/elf/tst-audit25b.c +++ b/elf/tst-audit25b.c @@ -76,7 +76,7 @@ do_test (int argc, char *argv[]) { struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); @@ -102,7 +102,7 @@ do_test (int argc, char *argv[]) { setenv ("LD_BIND_NOW", "1", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); diff --git a/elf/tst-glibc-hwcaps-2-cache.c b/elf/tst-glibc-hwcaps-2-cache.c index 81ab44ff78..af91476cca 100644 --- a/elf/tst-glibc-hwcaps-2-cache.c +++ b/elf/tst-glibc-hwcaps-2-cache.c @@ -32,7 +32,7 @@ main (int argc, char **argv) /* Run ldconfig to populate the cache. */ char *command = xasprintf ("%s/ldconfig", support_install_rootsbindir); struct support_capture_subprocess result = - support_capture_subprogram (command, &((char *) { NULL })); + support_capture_subprogram (command, &((char *) { NULL }), NULL); support_capture_subprocess_check (&result, "ldconfig", 0, sc_allow_none); free (command); diff --git a/elf/tst-rtld-run-static.c b/elf/tst-rtld-run-static.c index b2650e85ff..f05c00eb7b 100644 --- a/elf/tst-rtld-run-static.c +++ b/elf/tst-rtld-run-static.c @@ -30,7 +30,7 @@ do_test (void) { char *argv[] = { (char *) "ld.so", ldconfig_path, (char *) "--help", NULL }; struct support_capture_subprocess cap - = support_capture_subprogram (support_objdir_elf_ldso, argv); + = support_capture_subprogram (support_objdir_elf_ldso, argv, NULL); support_capture_subprocess_check (&cap, "no --argv0", 0, sc_allow_stdout); puts ("info: output without --argv0:"); puts (cap.out.buffer); @@ -46,7 +46,7 @@ do_test (void) ldconfig_path, (char *) "--help", NULL }; struct support_capture_subprocess cap - = support_capture_subprogram (support_objdir_elf_ldso, argv); + = support_capture_subprogram (support_objdir_elf_ldso, argv, NULL); support_capture_subprocess_check (&cap, "with --argv0", 0, sc_allow_stdout); puts ("info: output with --argv0:"); puts (cap.out.buffer); diff --git a/elf/tst-tunables-enable_secure.c b/elf/tst-tunables-enable_secure.c index e31e1f7faa..f5db1c84e9 100644 --- a/elf/tst-tunables-enable_secure.c +++ b/elf/tst-tunables-enable_secure.c @@ -113,7 +113,7 @@ do_test (int argc, char *argv[]) printf ("[%d] Spawned test for %s\n", i, tests[i].env); setenv ("GLIBC_TUNABLES", tests[i].env, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables-enable_secure", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c index ce5f62f777..7afd76fb9b 100644 --- a/elf/tst-tunables.c +++ b/elf/tst-tunables.c @@ -394,7 +394,7 @@ do_test (int argc, char *argv[]) tests[i].value); setenv (tests[i].name, tests[i].value, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/support/capture_subprocess.h b/support/capture_subprocess.h index 1ecbdfe4fc..d69d1afe65 100644 --- a/support/capture_subprocess.h +++ b/support/capture_subprocess.h @@ -35,11 +35,12 @@ struct support_capture_subprocess struct support_capture_subprocess support_capture_subprocess (void (*callback) (void *), void *closure); -/* Issue FILE with ARGV arguments by using posix_spawn and capture standard - output, standard error, and the exit status. The out.buffer and err.buffer - are handle as support_capture_subprocess. */ +/* Issue FILE with ARGV arguments and ENVP environments by using posix_spawn + and capture standard output, standard error, and the exit status. If + ENVP is NULL the current environment variable is usued. The out.buffer and + err.buffer are handle as support_capture_subprocess. */ struct support_capture_subprocess support_capture_subprogram - (const char *file, char *const argv[]); + (const char *file, char *const argv[], char *const envp[]); /* Copy the running program into a setgid binary and run it with CHILD_ID argument. If execution is successful, return the exit status of the child diff --git a/support/subprocess.h b/support/subprocess.h index 8fbb895353..c7ac6d6536 100644 --- a/support/subprocess.h +++ b/support/subprocess.h @@ -33,10 +33,11 @@ struct support_subprocess struct support_subprocess support_subprocess (void (*callback) (void *), void *closure); -/* Issue FILE with ARGV arguments by using posix_spawn and return is PID, a - pipe redirected to STDOUT, and a pipe redirected to STDERR. */ +/* Issue FILE with ARGV arguments and ENVP environments by using posix_spawn + and return is PID, a pipe redirected to STDOUT, and a pipe redirected to + STDERR. If ENVP is NULL the current environment variable is usued. */ struct support_subprocess support_subprogram - (const char *file, char *const argv[]); + (const char *file, char *const argv[], char *const envp[]); /* Invoke program FILE with ARGV arguments by using posix_spawn and wait for it to complete. Return program exit status. */ diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c index ffced8a89f..53847194cb 100644 --- a/support/support_capture_subprocess.c +++ b/support/support_capture_subprocess.c @@ -93,13 +93,14 @@ support_capture_subprocess (void (*callback) (void *), void *closure) } struct support_capture_subprocess -support_capture_subprogram (const char *file, char *const argv[]) +support_capture_subprogram (const char *file, char *const argv[], + char *const envp[]) { struct support_capture_subprocess result; xopen_memstream (&result.out); xopen_memstream (&result.err); - struct support_subprocess proc = support_subprogram (file, argv); + struct support_subprocess proc = support_subprogram (file, argv, envp); support_capture_poll (&result, &proc); return result; diff --git a/support/support_subprocess.c b/support/support_subprocess.c index a2fef394d4..b692a7f8b1 100644 --- a/support/support_subprocess.c +++ b/support/support_subprocess.c @@ -69,7 +69,7 @@ support_subprocess (void (*callback) (void *), void *closure) } struct support_subprocess -support_subprogram (const char *file, char *const argv[]) +support_subprogram (const char *file, char *const argv[], char *const envp[]) { struct support_subprocess result = support_subprocess_init (); @@ -84,7 +84,8 @@ support_subprogram (const char *file, char *const argv[]) xposix_spawn_file_actions_addclose (&fa, result.stdout_pipe[1]); xposix_spawn_file_actions_addclose (&fa, result.stderr_pipe[1]); - result.pid = xposix_spawn (file, &fa, NULL, argv, environ); + result.pid = xposix_spawn (file, &fa, NULL, argv, + envp == NULL ? environ : envp); xclose (result.stdout_pipe[1]); xclose (result.stderr_pipe[1]); diff --git a/support/tst-support_capture_subprocess.c b/support/tst-support_capture_subprocess.c index 8145548982..756fb75d19 100644 --- a/support/tst-support_capture_subprocess.c +++ b/support/tst-support_capture_subprocess.c @@ -238,7 +238,7 @@ do_subprogram (const struct test *test) args[argc] = NULL; TEST_VERIFY (argc < argv_size); - return support_capture_subprogram (args[0], args); + return support_capture_subprogram (args[0], args, NULL); } enum test_type diff --git a/sysdeps/x86/tst-hwcap-tunables.c b/sysdeps/x86/tst-hwcap-tunables.c index f6a65b88de..8589a9fd66 100644 --- a/sysdeps/x86/tst-hwcap-tunables.c +++ b/sysdeps/x86/tst-hwcap-tunables.c @@ -133,7 +133,7 @@ do_test (int argc, char *argv[]) setenv ("GLIBC_TUNABLES", tunable, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables", 0, sc_allow_stderr); support_capture_subprocess_free (&result); From patchwork Tue Apr 30 19:25:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1929818 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=qBG4xJZK; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VTVl06Y3Bz23jG for ; Wed, 1 May 2024 05:34:36 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 240543858CDB for ; Tue, 30 Apr 2024 19:34:35 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) by sourceware.org (Postfix) with ESMTPS id AFD4A3858D34 for ; Tue, 30 Apr 2024 19:32:59 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org AFD4A3858D34 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org AFD4A3858D34 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::42c ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714505587; cv=none; b=oNJ11GQL+9TJpP1975pr8q4ISMM8p0B660FjWL9JydfV5nzzLbF/nTKXBzdCG67Lkx0n4Hc0uWi+YUJHO83cy18Ll9I3om+T5waO5nl9kDj9UOeCtM7JODVvBxHjbGlFEvlZU8AZ0JkzOqH5qziFoskiOIctdLBXP3zgoepsLvM= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714505587; c=relaxed/simple; bh=SMUji7r5JpEZDeAgvdai+FwmMwfxYqIQmTGvTl61zq4=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=OmQ4j2/s3PsVc4da9xsjxabqDZgr1WZtpAavcDsc1yxMWQtU4qGelWhCOX2I9Y0oqaOdB8en2ylnum2z0MkHQbjdQ3v9hTDnWuy8DSUO/nivcMx8PN/9TZVmvl0IU895xyNAZO5aMjRBnOBVTnAdRIdfcVRuSqZyVuQtQrfF4BU= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x42c.google.com with SMTP id d2e1a72fcca58-6effe9c852eso5474453b3a.3 for ; Tue, 30 Apr 2024 12:32:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714505578; x=1715110378; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ozo/WGZB4PzfVOQdQVAfUM2SMZqnNC5zs1unz/mic2c=; b=qBG4xJZKOXaXCJ1d7qGARnmvKmHjK56SkTqR1nmYVSWi7mxzMwy9kcUFTTbWnbYuv/ ddtrmAxM/rZB61TVFVJG8cX3PUPVQ5MF4C4oG8zTFiBvdj8okMsB9qCKIwvYl6cHYgJ4 dH5RTuNYdTRH6mH/jFlhtEXFaxCzHMLvfzf2uER10q1tRJZuZxgQi8DzYhHGJLE99g6c Qze+F2vLzP0JURahhFEMTNva8BwK9fVsDwe01ln8bvt4T2MV8eemZ1/nxazzP/LkSwFe k2fzA+LNuR9CNyjhXOte6+tIqmP2+D1inclIkE3f4zhFjCfN0DsUi/ReSEChGxifkkhD mHtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714505578; x=1715110378; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ozo/WGZB4PzfVOQdQVAfUM2SMZqnNC5zs1unz/mic2c=; b=l0ZO+jaEmq7IQgLp205BRRYQDOsBPfx6sfT3fEvKZNZShWSGz1Q6DVis9Z9kr29v1+ SCHrY3kOa7/ZJKABhDee7xTwflwYhJWVe0Ayu4kx1sp/VUieYYMv6WyGO6CL9KO8iPkq FfwKc5guKsP1gGmXsnS5xH842O5+Ch+PRTp2b/JngrOY9g08vLycrPA1Hg5iJTGKmI0i IlMvgDiBJixcleEiNqHvp1eHQvvoecPDhN8bnR5ma59KZ5wulBrGwOwRbfZc8qHGzeVa Ywrp5dWamC3X7QHrtlpI9M2mN8pDLiL40gVw3C1fcLS/IM+xUUtn+PrHC3qk/lruLzuF y32A== X-Gm-Message-State: AOJu0YyCrP1scBmlFN71xALBThZ6zqZzfh7Ust81jeJ26llyyxcYVHos UdIqkhrmcVQScFmZSFLcOkhogp+RtcvIRnCpBVdrPy3xFt56ewGYMrDdrSiL//kpzAyitHFaraD w X-Google-Smtp-Source: AGHT+IHscK3B3Jd2B1P2JXbHA67J7q6V9lwkeOrhGgVNuUeXO39gZ/25KBcDgRlseb8mGRIQi9CJnA== X-Received: by 2002:a05:6a21:819a:b0:1a9:8836:ae37 with SMTP id pd26-20020a056a21819a00b001a98836ae37mr927547pzb.12.1714505578050; Tue, 30 Apr 2024 12:32:58 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:c9b5:f382:64ea:c32b]) by smtp.gmail.com with ESMTPSA id gr6-20020a056a004d0600b006ed1ea5219csm21449143pfb.130.2024.04.30.12.32.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Apr 2024 12:32:57 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH 4/4] elf: Make glibc.rtld.enable_secure ignore alias environment variables Date: Tue, 30 Apr 2024 16:25:05 -0300 Message-ID: <20240430192739.1032549-5-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240430192739.1032549-1-adhemerval.zanella@linaro.org> References: <20240430192739.1032549-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org So tunable with environment variables aliases are also ignored if glibc.rtld.enable_secure is enabled. The tunable parsing is also optimized a bit, where the loop that checks each environment variable only checks for the tunables with aliases instead of all tables. Checked on aarch64-linux-gnu and x86_64-linux-gnu. --- elf/dl-tunables.c | 34 ++++++-- elf/tst-tunables-enable_secure.c | 131 +++++++++++++++++++++++++++---- scripts/gen-tunables.awk | 64 ++++++++++----- 3 files changed, 189 insertions(+), 40 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 63cf8c7ab5..c1a1d1a2e3 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -300,6 +300,10 @@ __tunables_init (char **envp) if (__libc_enable_secure) return; + /* The tunable with environment variable alias are placed at the start of + tunable array. */ + struct tunable_toset_t tunables_env_alias[TUNABLE_NUM_ENV_ALIAS] = { 0 }; + while ((envp = get_next_env (envp, &envname, &envval, &prev_envp)) != NULL) { /* The environment variable is allocated on the stack by the kernel, so @@ -311,29 +315,43 @@ __tunables_init (char **envp) continue; } - for (int i = 0; i < tunables_list_size; i++) + for (int i = 0; i < TUNABLE_NUM_ENV_ALIAS; i++) { tunable_t *cur = &tunable_list[i]; + const char *name = cur->env_alias; - /* Skip over tunables that have either been set already or should be - skipped. */ - if (cur->initialized || cur->env_alias[0] == '\0') + if (name[0] == '\0') continue; - const char *name = cur->env_alias; - - /* We have a match. Initialize and move on to the next line. */ if (tunable_is_name (name, envname)) { size_t envvallen = 0; /* The environment variable is always null-terminated. */ for (const char *p = envval; *p != '\0'; p++, envvallen++); - tunable_initialize (cur, envval, envvallen); + tunables_env_alias[i] = + (struct tunable_toset_t) { cur, envval, envvallen }; break; } } } + + /* Check if glibc.rtld.enable_secure was set and skip over the environment + variables aliases. */ + if (__libc_enable_secure) + return; + + for (int i = 0; i < TUNABLE_NUM_ENV_ALIAS; i++) + { + if (tunables_env_alias[i].t == NULL + || tunables_env_alias[i].t->initialized) + continue; + + if (!tunable_initialize (tunables_env_alias[i].t, + tunables_env_alias[i].value, + tunables_env_alias[i].len)) + parse_tunable_print_error (&tunables_env_alias[i]); + } } void diff --git a/elf/tst-tunables-enable_secure.c b/elf/tst-tunables-enable_secure.c index f5db1c84e9..d4938a2e5c 100644 --- a/elf/tst-tunables-enable_secure.c +++ b/elf/tst-tunables-enable_secure.c @@ -17,6 +17,7 @@ . */ #include +#define TUNABLES_INTERNAL 1 #include #include #include @@ -34,6 +35,8 @@ static int restart; static const struct test_t { const char *env; + const char *extraenv; + bool check_multiple; int32_t expected_malloc_check; int32_t expected_enable_secure; } tests[] = @@ -41,39 +44,124 @@ static const struct test_t /* Expected tunable format. */ /* Tunables should be ignored if enable_secure is set. */ { - "glibc.malloc.check=2:glibc.rtld.enable_secure=1", + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + NULL, + false, 0, 1, }, /* Tunables should be ignored if enable_secure is set. */ { - "glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + NULL, + false, 0, 1, }, /* Tunables should be set if enable_secure is unset. */ { - "glibc.rtld.enable_secure=0:glibc.malloc.check=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + NULL, + false, 2, 0, }, + /* Tunables should be ignored if enable_secure is set. */ + { + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + "MALLOC_CHECK_=2", + false, + 0, + 1, + }, + /* Same as before, but with enviroment alias prior GLIBC_TUNABLES. */ + { + "MALLOC_CHECK_=2", + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + false, + 0, + 1, + }, + /* Tunables should be ignored if enable_secure is set. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "MALLOC_CHECK_=2", + false, + 0, + 1, + }, + { + "MALLOC_CHECK_=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + false, + 0, + 1, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 2, + 0, + }, + { + "MALLOC_CHECK_=1", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + /* Tunable have precedence over the environment variable. */ + false, + 2, + 0, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 1, + 0, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 1, + 0, + }, + /* Check with tunables environment variable alias set multiple times. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "MALLOC_CHECK_=2", + true, + 0, + 1, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + true, + 1, + 0, + }, }; static int handle_restart (int i) { if (tests[i].expected_enable_secure == 1) - { - TEST_COMPARE (1, __libc_enable_secure); - } + TEST_COMPARE (1, __libc_enable_secure); else - { - TEST_COMPARE (tests[i].expected_malloc_check, - TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL)); - TEST_COMPARE (tests[i].expected_enable_secure, - TUNABLE_GET_FULL (glibc, rtld, enable_secure, int32_t, - NULL)); - } + TEST_COMPARE (tests[i].expected_enable_secure, + TUNABLE_GET_FULL (glibc, rtld, enable_secure, int32_t, + NULL)); + TEST_COMPARE (tests[i].expected_malloc_check, + TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL)); return 0; } @@ -112,8 +200,23 @@ do_test (int argc, char *argv[]) printf ("[%d] Spawned test for %s\n", i, tests[i].env); setenv ("GLIBC_TUNABLES", tests[i].env, 1); + + char *envp[2 + TUNABLE_NUM_ENV_ALIAS + 1] = + { + (char *) tests[i].env, + (char *) tests[i].extraenv, + NULL, + }; + if (tests[i].check_multiple) + { + int j; + for (j=0; j < TUNABLE_NUM_ENV_ALIAS; j++) + envp[j + 2] = (char *) tests[i].extraenv; + envp[j + 2] = NULL; + } + struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv, NULL); + = support_capture_subprogram (spargv[0], spargv, envp); support_capture_subprocess_check (&result, "tst-tunables-enable_secure", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/scripts/gen-tunables.awk b/scripts/gen-tunables.awk index 9f5336381e..9a18aa6861 100644 --- a/scripts/gen-tunables.awk +++ b/scripts/gen-tunables.awk @@ -14,6 +14,7 @@ BEGIN { top_ns="" max_name_len=0 max_alias_len=0 + num_env_alias=0 } # Skip over blank lines and comments. @@ -60,6 +61,8 @@ $1 == "}" { } if (!env_alias[top_ns,ns,tunable]) { env_alias[top_ns,ns,tunable] = "{0}" + } else { + num_env_alias = num_env_alias + 1 } len = length(top_ns"."ns"."tunable) if (len > max_name_len) @@ -125,6 +128,39 @@ $1 == "}" { } } +function print_tunable_id_t (envfirst) +{ + for (tnm in types) { + split (tnm, indices, SUBSEP); + t = indices[1]; + n = indices[2]; + m = indices[3]; + if ((envfirst && env_alias[t,n,m] == "{0}") \ + || (!envfirst && env_alias[t,n,m] != "{0}")) { + continue; + } + printf (" TUNABLE_ENUM_NAME(%s, %s, %s),\n", t, n, m); + } +} + +function print_tunable_entry (envfirst) +{ + for (tnm in types) { + split (tnm, indices, SUBSEP); + t = indices[1]; + n = indices[2]; + m = indices[3]; + if ((envfirst && env_alias[t,n,m] == "{0}") \ + || (!envfirst && env_alias[t,n,m] != "{0}")) { + continue; + } + printf (" {TUNABLE_NAME_S(%s, %s, %s)", t, n, m) + printf (", {TUNABLE_TYPE_%s, %s, %s}, {%s}, {%s}, false, %s},\n", + types[t,n,m], minvals[t,n,m], maxvals[t,n,m], default_val[t,n,m], + default_val[t,n,m], env_alias[t,n,m]); + } +} + END { if (ns != "") { print "Unterminated namespace. Is a closing brace missing?" @@ -138,35 +174,27 @@ END { print "#endif" print "#include \n" + # asort (types) + # Now, the enum names print "\ntypedef enum" print "{" - for (tnm in types) { - split (tnm, indices, SUBSEP); - t = indices[1]; - n = indices[2]; - m = indices[3]; - printf (" TUNABLE_ENUM_NAME(%s, %s, %s),\n", t, n, m); - } + # Make the tunable with environment variables aliases first, their index + # will be used in the tunable parsing. + print_tunable_id_t(1) + print_tunable_id_t(0) print "} tunable_id_t;\n" print "\n#ifdef TUNABLES_INTERNAL" # Internal definitions. print "# define TUNABLE_NAME_MAX " (max_name_len + 1) print "# define TUNABLE_ALIAS_MAX " (max_alias_len + 1) + print "# define TUNABLE_NUM_ENV_ALIAS " (num_env_alias) print "# include \"dl-tunable-types.h\"" # Finally, the tunable list. - print "static tunable_t tunable_list[] attribute_relro = {" - for (tnm in types) { - split (tnm, indices, SUBSEP); - t = indices[1]; - n = indices[2]; - m = indices[3]; - printf (" {TUNABLE_NAME_S(%s, %s, %s)", t, n, m) - printf (", {TUNABLE_TYPE_%s, %s, %s}, {%s}, {%s}, false, %s},\n", - types[t,n,m], minvals[t,n,m], maxvals[t,n,m], default_val[t,n,m], - default_val[t,n,m], env_alias[t,n,m]); - } + print "static tunable_t tunable_list[] attribute_relro __attribute_used__ = {" + print_tunable_entry(1) + print_tunable_entry(0) print "};" print "#endif" }