From patchwork Thu May 2 16:35:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1930727 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=NAjMTPh8; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VVfkF3pYlz20fb for ; Fri, 3 May 2024 02:37:57 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 5E1AE384B11C for ; Thu, 2 May 2024 16:37:55 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) by sourceware.org (Postfix) with ESMTPS id 79FA5384AB4B for ; Thu, 2 May 2024 16:37:30 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 79FA5384AB4B Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 79FA5384AB4B Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::430 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667853; cv=none; b=RgDnfQUKTCQcmZ9iYIjjJCGtiHr+ndVyp76tNwwgAArwoE3fPMQXVmj/p6+8lN9JttKCSNCkpqaDUilezTN7oLYPakQ1ab05zL95FXwfb0EwfVCtNOxmcNcPfooTGtgwmyz92LXNHKnukcAQggMcAietWIrNA9N3/9StBkajsjg= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667853; c=relaxed/simple; bh=mVQ7kqXp3Es1g2zzhVeHJKuiPX5wD6KZgx0DxUyjlMM=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=L2WZ6080/KO766QauEdYHWxAfy3/ObuPm1oGOv63mEt3wnC1SsiHdNV46NeD0cViGN2ZlPGP/7KRybJPUEypFG9dOyMDdz31n26JO//qplBKd4RenWhEaQJ9qwu2gzjEJl38vjFkdHcoNoavDM6gGgkJ2/Ugn6nle6hhMiuZg98= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x430.google.com with SMTP id d2e1a72fcca58-6f4302187c0so949478b3a.1 for ; Thu, 02 May 2024 09:37:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667849; x=1715272649; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=TBKbR7Z7AJdSU8AYRfIKNSVobUw15f5XsE8/NePKAHI=; b=NAjMTPh8/ZMCSoObZvssRKZCY7GCtjOZxhrhtC5GnUkw4CfVEDvoFq+fTi1NKnMF0m +7ioTuqPJxzaWXyGiUyMsfAtOxjsKbi2/nUxL6pkY0wKU6JmmcAUmp9JGW6od2XM/s8d HbI5pq48Ynvkhw44SX6zkdbR1Xi8srkts7UARbN7WOSJu6tLcbgKVqOlR9B6izF57EO/ IenCTiwralN1oAxEchG71r+0wxf2fN9SrFMaKNzllRkxOt2r79JoivHzOPZM+RGX0Iw7 NBxKjnr1MQJgf/5lP8LZpxYdBlqmRE9bttu1s2C969trj/VNzyhCNgaByrYYTkkNC9D7 MAxg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667849; x=1715272649; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TBKbR7Z7AJdSU8AYRfIKNSVobUw15f5XsE8/NePKAHI=; b=BgiCaKPQK3htuheHvN2O59VYmTGxLLomhQuxRxifgBSwLPZCTcr1pakga8xWApqBd7 /8/0LSK4reYFwVXjyn1YI+TE3vVEicrV9qq4I3S6ETC8G8sVbybmZwWlo0K4OFAeX9M0 ENvOfJo+RkdR51n4gAeV06YAkpLWBIM9F8oI55cJhH4Ny8VfC0YiA6IMd/WpPc1TGQOU pGh6EtQV3ngtd8jsXb7cCTLW3QSIp58953ulYOMYz+5rwSuYrAKN4iUnU1KQ/YtSnAyT qEWDOaavigTVyCnEJ87a0TxqILcwyBghiDjx+f7bnjvXk6QSLBFsivJKOc2nykEZ9ix6 X5ZA== X-Gm-Message-State: AOJu0Yz5nvKTNFn9cta7Ed58+aDVXLxIctRaoT7JqnMlC3O+vOTJ6sTn 7Aw//zDfMfz5dTt7r1+UFiMEOagUJyCBuMD17cXLWW/ybyGtIiHViIXrmM03g5rGIONIrHlVW0N A X-Google-Smtp-Source: AGHT+IHpTlNdHUV2x4lf46LmE2U+AYk6Wix2Gs111/lV0zofxygsTlvpDM0b5g/EnTg02Hs8+NWrKA== X-Received: by 2002:a05:6a20:5524:b0:1ad:8ae:7423 with SMTP id ko36-20020a056a20552400b001ad08ae7423mr215678pzb.30.1714667848648; Thu, 02 May 2024 09:37:28 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:28 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar , Yuto Maeda , Yutaro Shimizu Subject: [PATCH v2 1/4] elf: Only process multiple tunable once (BZ 31686) Date: Thu, 2 May 2024 13:35:56 -0300 Message-ID: <20240502163716.1107975-2-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> References: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org The 680c597e9c3 commit made loader reject ill-formatted strings by first tracking all set tunables and then applying them. However, it does not take into consideration if the same tunable is set multiple times, where parse_tunables_string appends the found tunable without checking if it was already in the list. It leads to a stack-based buffer overflow if the tunable is specified more than the total number of tunables. For instance: GLIBC_TUNABLES=glibc.malloc.check=2:... (repeat over the number of total support for different tunable). Instead, use the index of the tunable list to get the expected tunable entry. Since now the initial list is zero-initialized, the compiler might emit an extra memset and this requires some minor adjustment on some ports. Checked on x86_64-linux-gnu and aarch64-linux-gnu. Reported-by: Yuto Maeda Reported-by: Yutaro Shimizu --- elf/dl-tunables.c | 30 ++++++----- elf/tst-tunables.c | 58 +++++++++++++++++++++- sysdeps/aarch64/multiarch/memset_generic.S | 4 ++ sysdeps/sparc/sparc64/rtld-memset.c | 3 ++ 4 files changed, 81 insertions(+), 14 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index d3ccd2ecd4..1db80e0f92 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -32,6 +32,7 @@ #include #include #include +#include #define TUNABLES_INTERNAL 1 #include "dl-tunables.h" @@ -221,8 +222,7 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) if (tunable_is_name (cur->name, name)) { - tunables[ntunables++] = - (struct tunable_toset_t) { cur, value, p - value }; + tunables[i] = (struct tunable_toset_t) { cur, value, p - value }; /* Ignore tunables if enable_secure is set */ if (tunable_is_name ("glibc.rtld.enable_secure", name)) @@ -245,23 +245,27 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) static void parse_tunables (const char *valstring) { - struct tunable_toset_t tunables[tunables_list_size]; - int ntunables = parse_tunables_string (valstring, tunables); - if (ntunables == -1) + struct tunable_toset_t tunables[tunables_list_size] = { 0 }; + if (parse_tunables_string (valstring, tunables) == -1) { _dl_error_printf ( "WARNING: ld.so: invalid GLIBC_TUNABLES `%s': ignored.\n", valstring); return; } - for (int i = 0; i < ntunables; i++) - if (!tunable_initialize (tunables[i].t, tunables[i].value, - tunables[i].len)) - _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " - "for option `%s': ignored.\n", - (int) tunables[i].len, - tunables[i].value, - tunables[i].t->name); + for (int i = 0; i < tunables_list_size; i++) + { + if (tunables[i].t == NULL) + continue; + + if (!tunable_initialize (tunables[i].t, tunables[i].value, + tunables[i].len)) + _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " + "for option `%s': ignored.\n", + (int) tunables[i].len, + tunables[i].value, + tunables[i].t->name); + } } /* Initialize the tunables list from the environment. For now we only use the diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c index 095b5c81d9..8f4ee46ad5 100644 --- a/elf/tst-tunables.c +++ b/elf/tst-tunables.c @@ -17,6 +17,7 @@ . */ #include +#define TUNABLES_INTERNAL 1 #include #include #include @@ -24,12 +25,13 @@ #include #include #include +#include static int restart; #define CMDLINE_OPTIONS \ { "restart", no_argument, &restart, 1 }, -static const struct test_t +static struct test_t { const char *name; const char *value; @@ -284,6 +286,29 @@ static const struct test_t 0, 0, }, + /* Also check for repeated tunables with a count larger than the total number + of tunables. */ + { + "GLIBC_TUNABLES", + NULL, + 2, + 0, + 0, + }, + { + "GLIBC_TUNABLES", + NULL, + 1, + 0, + 0, + }, + { + "GLIBC_TUNABLES", + NULL, + 0, + 0, + 0, + }, }; static int @@ -327,6 +352,37 @@ do_test (int argc, char *argv[]) spargv[i] = NULL; } + /* Create a tunable line with the duplicate values with a total number + larger than the different number of tunables. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size; i++) + value = xasprintf ("%sglibc.malloc.check=2%c", + value, + i == (tunables_list_size - 1) ? '\0' : ':'); + tests[33].value = value; + } + /* Same as before, but the last tunable vallues is differen than the + rest. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size - 1; i++) + value = xasprintf ("%sglibc.malloc.check=2:", value); + value = xasprintf ("%sglibc.malloc.check=1", value); + tests[34].value = value; + } + /* Same as before, but with an invalid last entry. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size - 1; i++) + value = xasprintf ("%sglibc.malloc.check=2:", value); + value = xasprintf ("%sglibc.malloc.check=1=1", value); + tests[35].value = value; + } + for (int i = 0; i < array_length (tests); i++) { snprintf (nteststr, sizeof nteststr, "%d", i); diff --git a/sysdeps/aarch64/multiarch/memset_generic.S b/sysdeps/aarch64/multiarch/memset_generic.S index 81748bdbce..e125a5ed85 100644 --- a/sysdeps/aarch64/multiarch/memset_generic.S +++ b/sysdeps/aarch64/multiarch/memset_generic.S @@ -33,3 +33,7 @@ #endif #include <../memset.S> + +#if IS_IN (rtld) +strong_alias (memset, __memset_generic) +#endif diff --git a/sysdeps/sparc/sparc64/rtld-memset.c b/sysdeps/sparc/sparc64/rtld-memset.c index 55f3835790..a19202a620 100644 --- a/sysdeps/sparc/sparc64/rtld-memset.c +++ b/sysdeps/sparc/sparc64/rtld-memset.c @@ -1 +1,4 @@ #include +#if IS_IN(rtld) +strong_alias (memset, __memset_ultra1) +#endif From patchwork Thu May 2 16:35:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1930728 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=FjyX9W3Q; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VVfkJ37NMz20fb for ; Fri, 3 May 2024 02:38:00 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 9E9BC384AB4C for ; Thu, 2 May 2024 16:37:58 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) by sourceware.org (Postfix) with ESMTPS id B4F7A385840F for ; Thu, 2 May 2024 16:37:34 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org B4F7A385840F Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org B4F7A385840F Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::42e ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667856; cv=none; b=K/q1Npia1CSWx43ue/HwTfgcL1K5qkHXgcyGhBzZh2SCWp1S+0lsZd2lbCgvLtsXYOYkezhfVU/TYEICUlIMb32gN0ZVMDcUYjKL7+mONar7Iszk0z+gJRmC011b2Mvyi3yQmfLxrPTfxWnZm9FL+VsPGKE2f7X333KSwaOIcwk= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667856; c=relaxed/simple; bh=pEMGJzEXOr1M1CokR16EYy+o8E5rQZM7d+ndftfT7AA=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=yDfvhwmpHxcpEBQ7uvF7cjp0CyX1E6Hx30p7fAVPfG9OWTjkURXA1MlXLo3kQKUZyKtGftFoqT8DLoDhx9QwTj1B73T4qpgAfCaad4xMb74TR9QLTttNYeP7DTPHuyUjNRwJ2h286TBFTVbIAARInDs/9phdCz+hvKZ759P/wDo= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-6f0aeee172dso1514270b3a.1 for ; Thu, 02 May 2024 09:37:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667853; x=1715272653; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sGd9zb7IAiLLy2yVbpl8UkwGDSrGWYwhIDZaoLKhuwA=; b=FjyX9W3QHRhuUY/54S12Afxtf1n2SX18JUCpOX0dSKKSP6++yYDSGm6YYb0RUVQx8C 36hcxToC8Ef8FPZ3y7yABxqEuSivEkAuHYxNhUD2lh405BvCje7/dO13qeMXdu6H7eqr 6WVt+eJf6+Zb87UV2C3eKbmAvVfig2cK0pHzwV3yEmRe7jHLpGMu6OAtYQ1cxTR4SBUx GE1ZQATVEP6D4jBStQBtIRQQmI2ecqnZBeiKPca3lN4cuFYJoWYdzQWWhyss34yi7JXG zQ16qQxaZw7n6A3RMRZVUvCGj/NcjjZD3GeaLTiKFm7xjoXNtZbGCne1U6FbIG6i3Yqx Y/1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667853; x=1715272653; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sGd9zb7IAiLLy2yVbpl8UkwGDSrGWYwhIDZaoLKhuwA=; b=X22UBuESiLmpVY7G0aUnFf8+g6B4ksz5EY0UY7xOuhKB9AsrcqtgxJmaWbuycKlF8M AZWfWiQFLvOxhL6+W9re9QeVGpoltIOEtIcHOTs5JoVT/oBt+GyOhUZGja1wZw7M5+c8 8NKUGSkTIMbae5ShnnLPZHsfIwJeXzd+rCwCu7OPZ1I1wKgKFECEqJqkIWeY+iUiXfME gTRORBFDlaKBluKCvr1xqsk1MJwk62P7PoX0o97DpN5ZTqtE8XE5FigeGmvq6DrQMwod P6grQVVK/F5+rsmZqgSeEiiMk9DTisTSheEWuuGj1D1x8Gb52dmBs3p2oGap334IDaHG 5RDw== X-Gm-Message-State: AOJu0YxWXnXlCypWXcETp1wohPk88v7CLlXPFB/VZGKLpgBhzN1FGCDO eBVZQ/7PyCIawLOFICW2oNvY2nOyRx/DGh+DwwlF99PB0kUZc8qcn8Jp5aHSWAPZTDHzvKDvsQC u X-Google-Smtp-Source: AGHT+IGhYbF+oGBALSBDhuGN7PG7/vpckhi4ImhZLfYx4cSFDuGE82lyfBsk0Ug4B7NAiKB4bYWYMQ== X-Received: by 2002:a05:6a00:1385:b0:6ed:825b:30c0 with SMTP id t5-20020a056a00138500b006ed825b30c0mr4583227pfg.15.1714667853144; Thu, 02 May 2024 09:37:33 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:32 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v2 2/4] elf: Remove glibc.rtld.enable_secure check from parse_tunables_string Date: Thu, 2 May 2024 13:35:57 -0300 Message-ID: <20240502163716.1107975-3-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> References: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-13.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org And move it to parse_tunables. It avoids a string comparison for each tunable. Checked on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Siddhesh Poyarekar --- elf/dl-tunables.c | 58 +++++++++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 20 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 1db80e0f92..63cf8c7ab5 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -119,6 +119,17 @@ do_tunable_update_val (tunable_t *cur, const tunable_val_t *valp, cur->initialized = true; } +static bool +tunable_parse_num (const char *strval, size_t len, tunable_num_t *val) +{ + char *endptr = NULL; + uint64_t numval = _dl_strtoul (strval, &endptr); + if (endptr != strval + len) + return false; + *val = (tunable_num_t) numval; + return true; +} + /* Validate range of the input value and initialize the tunable CUR if it looks good. */ static bool @@ -128,11 +139,8 @@ tunable_initialize (tunable_t *cur, const char *strval, size_t len) if (cur->type.type_code != TUNABLE_TYPE_STRING) { - char *endptr = NULL; - uint64_t numval = _dl_strtoul (strval, &endptr); - if (endptr != strval + len) + if (!tunable_parse_num (strval, len, &val.numval)) return false; - val.numval = (tunable_num_t) numval; } else val.strval = (struct tunable_str_t) { strval, len }; @@ -223,17 +231,6 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) if (tunable_is_name (cur->name, name)) { tunables[i] = (struct tunable_toset_t) { cur, value, p - value }; - - /* Ignore tunables if enable_secure is set */ - if (tunable_is_name ("glibc.rtld.enable_secure", name)) - { - tunable_num_t val = (tunable_num_t) _dl_strtoul (value, NULL); - if (val == 1) - { - __libc_enable_secure = 1; - return 0; - } - } break; } } @@ -242,6 +239,16 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) return ntunables; } +static void +parse_tunable_print_error (const struct tunable_toset_t *toset) +{ + _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " + "for option `%s': ignored.\n", + (int) toset->len, + toset->value, + toset->t->name); +} + static void parse_tunables (const char *valstring) { @@ -253,6 +260,21 @@ parse_tunables (const char *valstring) return; } + /* Ignore tunables if enable_secure is set */ + struct tunable_toset_t *tsec = + &tunables[TUNABLE_ENUM_NAME(glibc, rtld, enable_secure)]; + if (tsec->t != NULL) + { + tunable_num_t val; + if (!tunable_parse_num (tsec->value, tsec->len, &val)) + parse_tunable_print_error (tsec); + else if (val == 1) + { + __libc_enable_secure = 1; + return; + } + } + for (int i = 0; i < tunables_list_size; i++) { if (tunables[i].t == NULL) @@ -260,11 +282,7 @@ parse_tunables (const char *valstring) if (!tunable_initialize (tunables[i].t, tunables[i].value, tunables[i].len)) - _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " - "for option `%s': ignored.\n", - (int) tunables[i].len, - tunables[i].value, - tunables[i].t->name); + parse_tunable_print_error (&tunables[i]); } } From patchwork Thu May 2 16:35:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1930729 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=UuHqDaxh; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VVfkS4tb3z20fb for ; Fri, 3 May 2024 02:38:08 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id D544F384AB7D for ; Thu, 2 May 2024 16:38:06 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) by sourceware.org (Postfix) with ESMTPS id 15006384AB66 for ; Thu, 2 May 2024 16:37:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 15006384AB66 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 15006384AB66 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::42b ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667859; cv=none; b=MnFnt4aXeUFdm/Ay6lp/AEmPtAE3L1KAf15HiKHLK2hGRKgNF/OOgDZBOXHF4ldywdZYg8s3gpaYOjpbxMXuKqafU0LTRxPn2gtaIsN2UevKQE8beppMsrZfhpwIL7I6TTY+xOpXLrIKjE4Z4O6qSUhN5Ej2klMAJ0YX0vvzhRs= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667859; c=relaxed/simple; bh=J2W7DsmC7H35lLzmGW7hA943aT/Vmjb+hnFB1cNmbJc=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=NayIe6Tw9oBHr139aBoNg01yy2SoYbgKtwcu6aGIOgS+vJHoUHijcJf3blwhBvyFkjFLZqruorl4Dwqtwo9nrz6AacwigzMzhuPEdCYoRczRhquFXv9PfbLjxis08SxSpbQxTyZ5cFoovf9yxagFeO90YSxqyefckr+mbEaZQW0= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x42b.google.com with SMTP id d2e1a72fcca58-6f074520c8cso7750834b3a.0 for ; Thu, 02 May 2024 09:37:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667856; x=1715272656; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hcLuJwERMkN7KzVNGEl5vKD/cE8T4rL7LBdvbco4LEw=; b=UuHqDaxhWbzJhqQt9VnEj5nDr1JLrCn2lzn1WCvRzKO2PiwyOfzEdvWo2ilugTKzIw GVzPK3BH/pNdgRli6bsSqjwt/CWDZ4kiE5hEhLJy56eNYRLNj7WvTgDsg70M9m0mEgXg igNrgXhBh2i4u4XMMjt9dicPK0pFbeGRLaQivWoUuw2RZvdGvr+8ZK7rYISOkZrZeeOE rKy5cHykeXSg0ta/k3ZEIazBH3Tr22zjpYbLzjMtGrbgh7xGSpgq+FTAgJrmdqpH5F4l HD31+dKAMkYoKcYTfni6NTDs6wGgrthf76fkCj5n9qycvI7hzKy7+741xQ1YtZQIAe0n Q9Pw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667856; x=1715272656; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hcLuJwERMkN7KzVNGEl5vKD/cE8T4rL7LBdvbco4LEw=; b=vk9A47ey8Li0l9/JjFDu1QkXU27gigcBcX71c8hv87k5LV00eDRN/R+aUV/BQWINyv wARrx4Pa7dfAxUUuLXTKFo6bjrdquBQa5zkMRsPm6Pgz7y909rXuXlxNf+erJyb/cPTn sSwesECb+lZlAC17W180GkEOaQIktbco55RXQ08Qzm1JQZvB9LORC6/j9EbZsJXiVDSr XxvXDLHdKxo/SvsowpbcLCZKpbOoRZuqYKk8SLGcuW4dkJw50Hv0jluXBLpkg3dGisTa T31D4AVfbDnYU472g6B/Azc/lXfnHGjf/klhQVDpCvWPJR7ee6uZgOfX1Vro3IQ13m3u k3Pg== X-Gm-Message-State: AOJu0YwQ7WiVVDkP2s3qyxGfjZk7yafsl00lnzZAZUgivbuJ3ipt6q1i XgqCJecJNteTMaQQ/yEIMjBmmbeWpWlYiGgxTCepvOKJPIA2nHgtrPB503ZrmyzTyo/GCOuk0AU H X-Google-Smtp-Source: AGHT+IHYcGRBCUFONVM9ZQO/aIdDXKBbOUKoKZ/KXSwQIk+eehrT8PIzDQSs1aZL5LMnolNEh0JUFQ== X-Received: by 2002:aa7:88c2:0:b0:6ed:cece:8160 with SMTP id k2-20020aa788c2000000b006edcece8160mr50140pff.31.1714667855568; Thu, 02 May 2024 09:37:35 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:34 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v2 3/4] support: Add envp argument to support_capture_subprogram Date: Thu, 2 May 2024 13:35:58 -0300 Message-ID: <20240502163716.1107975-4-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> References: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org So tests can specific a list of environment variables. Reviewed-by: Siddhesh Poyarekar --- elf/tst-audit18.c | 2 +- elf/tst-audit19b.c | 2 +- elf/tst-audit22.c | 2 +- elf/tst-audit23.c | 2 +- elf/tst-audit25a.c | 4 ++-- elf/tst-audit25b.c | 4 ++-- elf/tst-glibc-hwcaps-2-cache.c | 2 +- elf/tst-rtld-run-static.c | 4 ++-- elf/tst-tunables-enable_secure.c | 2 +- elf/tst-tunables.c | 2 +- support/capture_subprocess.h | 9 +++++---- support/subprocess.h | 7 ++++--- support/support_capture_subprocess.c | 5 +++-- support/support_subprocess.c | 5 +++-- support/tst-support_capture_subprocess.c | 2 +- sysdeps/x86/tst-hwcap-tunables.c | 2 +- 16 files changed, 30 insertions(+), 26 deletions(-) diff --git a/elf/tst-audit18.c b/elf/tst-audit18.c index 841251dd70..cec93e269c 100644 --- a/elf/tst-audit18.c +++ b/elf/tst-audit18.c @@ -79,7 +79,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod18.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit18", 0, sc_allow_stderr); struct diff --git a/elf/tst-audit19b.c b/elf/tst-audit19b.c index 70bfe4eadf..88d99a416b 100644 --- a/elf/tst-audit19b.c +++ b/elf/tst-audit19b.c @@ -69,7 +69,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod18b.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit18b", 0, sc_allow_stderr); bool find_symbind = false; diff --git a/elf/tst-audit22.c b/elf/tst-audit22.c index 4e97be3be0..6aa18af948 100644 --- a/elf/tst-audit22.c +++ b/elf/tst-audit22.c @@ -83,7 +83,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod22.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit22", 0, sc_allow_stderr); /* The respawned process should always print the vDSO address (otherwise it diff --git a/elf/tst-audit23.c b/elf/tst-audit23.c index 32e7c8b2a3..d2640fe8b2 100644 --- a/elf/tst-audit23.c +++ b/elf/tst-audit23.c @@ -82,7 +82,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod23.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit22", 0, sc_allow_stderr); /* The expected la_objopen/la_objclose: diff --git a/elf/tst-audit25a.c b/elf/tst-audit25a.c index b209ee820f..cdd4f2ce2b 100644 --- a/elf/tst-audit25a.c +++ b/elf/tst-audit25a.c @@ -77,7 +77,7 @@ do_test (int argc, char *argv[]) { struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); @@ -102,7 +102,7 @@ do_test (int argc, char *argv[]) { setenv ("LD_BIND_NOW", "1", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); diff --git a/elf/tst-audit25b.c b/elf/tst-audit25b.c index 9b8665d517..939f4d6188 100644 --- a/elf/tst-audit25b.c +++ b/elf/tst-audit25b.c @@ -76,7 +76,7 @@ do_test (int argc, char *argv[]) { struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); @@ -102,7 +102,7 @@ do_test (int argc, char *argv[]) { setenv ("LD_BIND_NOW", "1", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); diff --git a/elf/tst-glibc-hwcaps-2-cache.c b/elf/tst-glibc-hwcaps-2-cache.c index 81ab44ff78..af91476cca 100644 --- a/elf/tst-glibc-hwcaps-2-cache.c +++ b/elf/tst-glibc-hwcaps-2-cache.c @@ -32,7 +32,7 @@ main (int argc, char **argv) /* Run ldconfig to populate the cache. */ char *command = xasprintf ("%s/ldconfig", support_install_rootsbindir); struct support_capture_subprocess result = - support_capture_subprogram (command, &((char *) { NULL })); + support_capture_subprogram (command, &((char *) { NULL }), NULL); support_capture_subprocess_check (&result, "ldconfig", 0, sc_allow_none); free (command); diff --git a/elf/tst-rtld-run-static.c b/elf/tst-rtld-run-static.c index b2650e85ff..f05c00eb7b 100644 --- a/elf/tst-rtld-run-static.c +++ b/elf/tst-rtld-run-static.c @@ -30,7 +30,7 @@ do_test (void) { char *argv[] = { (char *) "ld.so", ldconfig_path, (char *) "--help", NULL }; struct support_capture_subprocess cap - = support_capture_subprogram (support_objdir_elf_ldso, argv); + = support_capture_subprogram (support_objdir_elf_ldso, argv, NULL); support_capture_subprocess_check (&cap, "no --argv0", 0, sc_allow_stdout); puts ("info: output without --argv0:"); puts (cap.out.buffer); @@ -46,7 +46,7 @@ do_test (void) ldconfig_path, (char *) "--help", NULL }; struct support_capture_subprocess cap - = support_capture_subprogram (support_objdir_elf_ldso, argv); + = support_capture_subprogram (support_objdir_elf_ldso, argv, NULL); support_capture_subprocess_check (&cap, "with --argv0", 0, sc_allow_stdout); puts ("info: output with --argv0:"); puts (cap.out.buffer); diff --git a/elf/tst-tunables-enable_secure.c b/elf/tst-tunables-enable_secure.c index e31e1f7faa..f5db1c84e9 100644 --- a/elf/tst-tunables-enable_secure.c +++ b/elf/tst-tunables-enable_secure.c @@ -113,7 +113,7 @@ do_test (int argc, char *argv[]) printf ("[%d] Spawned test for %s\n", i, tests[i].env); setenv ("GLIBC_TUNABLES", tests[i].env, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables-enable_secure", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c index 8f4ee46ad5..a2b3a677e2 100644 --- a/elf/tst-tunables.c +++ b/elf/tst-tunables.c @@ -393,7 +393,7 @@ do_test (int argc, char *argv[]) tests[i].value); setenv (tests[i].name, tests[i].value, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/support/capture_subprocess.h b/support/capture_subprocess.h index 1ecbdfe4fc..93b7245d2a 100644 --- a/support/capture_subprocess.h +++ b/support/capture_subprocess.h @@ -35,11 +35,12 @@ struct support_capture_subprocess struct support_capture_subprocess support_capture_subprocess (void (*callback) (void *), void *closure); -/* Issue FILE with ARGV arguments by using posix_spawn and capture standard - output, standard error, and the exit status. The out.buffer and err.buffer - are handle as support_capture_subprocess. */ +/* Issue FILE with ARGV arguments and ENVP environments by using posix_spawn + and capture standard output, standard error, and the exit status. If + ENVP is NULL the current environment variable is used. The out.buffer and + err.buffer are handle by support_capture_subprocess. */ struct support_capture_subprocess support_capture_subprogram - (const char *file, char *const argv[]); + (const char *file, char *const argv[], char *const envp[]); /* Copy the running program into a setgid binary and run it with CHILD_ID argument. If execution is successful, return the exit status of the child diff --git a/support/subprocess.h b/support/subprocess.h index 8fbb895353..8274a2b22b 100644 --- a/support/subprocess.h +++ b/support/subprocess.h @@ -33,10 +33,11 @@ struct support_subprocess struct support_subprocess support_subprocess (void (*callback) (void *), void *closure); -/* Issue FILE with ARGV arguments by using posix_spawn and return is PID, a - pipe redirected to STDOUT, and a pipe redirected to STDERR. */ +/* Issue FILE with ARGV arguments and ENVP environments by using posix_spawn + and return is PID, a pipe redirected to STDOUT, and a pipe redirected to + STDERR. If ENVP is NULL the current environment variable is used. */ struct support_subprocess support_subprogram - (const char *file, char *const argv[]); + (const char *file, char *const argv[], char *const envp[]); /* Invoke program FILE with ARGV arguments by using posix_spawn and wait for it to complete. Return program exit status. */ diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c index ffced8a89f..53847194cb 100644 --- a/support/support_capture_subprocess.c +++ b/support/support_capture_subprocess.c @@ -93,13 +93,14 @@ support_capture_subprocess (void (*callback) (void *), void *closure) } struct support_capture_subprocess -support_capture_subprogram (const char *file, char *const argv[]) +support_capture_subprogram (const char *file, char *const argv[], + char *const envp[]) { struct support_capture_subprocess result; xopen_memstream (&result.out); xopen_memstream (&result.err); - struct support_subprocess proc = support_subprogram (file, argv); + struct support_subprocess proc = support_subprogram (file, argv, envp); support_capture_poll (&result, &proc); return result; diff --git a/support/support_subprocess.c b/support/support_subprocess.c index a2fef394d4..b692a7f8b1 100644 --- a/support/support_subprocess.c +++ b/support/support_subprocess.c @@ -69,7 +69,7 @@ support_subprocess (void (*callback) (void *), void *closure) } struct support_subprocess -support_subprogram (const char *file, char *const argv[]) +support_subprogram (const char *file, char *const argv[], char *const envp[]) { struct support_subprocess result = support_subprocess_init (); @@ -84,7 +84,8 @@ support_subprogram (const char *file, char *const argv[]) xposix_spawn_file_actions_addclose (&fa, result.stdout_pipe[1]); xposix_spawn_file_actions_addclose (&fa, result.stderr_pipe[1]); - result.pid = xposix_spawn (file, &fa, NULL, argv, environ); + result.pid = xposix_spawn (file, &fa, NULL, argv, + envp == NULL ? environ : envp); xclose (result.stdout_pipe[1]); xclose (result.stderr_pipe[1]); diff --git a/support/tst-support_capture_subprocess.c b/support/tst-support_capture_subprocess.c index 8145548982..756fb75d19 100644 --- a/support/tst-support_capture_subprocess.c +++ b/support/tst-support_capture_subprocess.c @@ -238,7 +238,7 @@ do_subprogram (const struct test *test) args[argc] = NULL; TEST_VERIFY (argc < argv_size); - return support_capture_subprogram (args[0], args); + return support_capture_subprogram (args[0], args, NULL); } enum test_type diff --git a/sysdeps/x86/tst-hwcap-tunables.c b/sysdeps/x86/tst-hwcap-tunables.c index f6a65b88de..8589a9fd66 100644 --- a/sysdeps/x86/tst-hwcap-tunables.c +++ b/sysdeps/x86/tst-hwcap-tunables.c @@ -133,7 +133,7 @@ do_test (int argc, char *argv[]) setenv ("GLIBC_TUNABLES", tunable, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables", 0, sc_allow_stderr); support_capture_subprocess_free (&result); From patchwork Thu May 2 16:35:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1930730 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=wxZpAnq2; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VVflJ2hd0z20fb for ; Fri, 3 May 2024 02:38:52 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 8BD04385840F for ; Thu, 2 May 2024 16:38:50 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) by sourceware.org (Postfix) with ESMTPS id 5CE43384AB79 for ; Thu, 2 May 2024 16:37:39 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 5CE43384AB79 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 5CE43384AB79 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::432 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667864; cv=none; b=FCvugL2qwDE4wTEAWXCrwZrnN7M4kPAcNGox2ac2wvU+ByORLcSFbpdQWbwcb08j1z9ILDYfVAGX/z6Z7xMNdvsxcFgiv9m65VzybuChZVeYpO1uZ7F4gjJ0vZ594v3yXqoXolFpT/YY24m9akafuI8qBI8PE16WYTT/BbbLRyA= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667864; c=relaxed/simple; bh=DDpzFHaO7t7mIZjlydHBwgAhwbf5aHirbWWQea4vuag=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=kdqvliRByY9jBvH64l1KOshGUsED25AzUhpmmIjJID4kwPVtGLsSD0lUxH5vtYwpFQP82a3369BwNKqZXoEBlsH64Ica68RrfC287sjy+u0MWSVvcm6owGLfJpRqh6CF9jMtjvYBB9q+ZUEChqwq3UlVfIWmNBrOxBv6o8hamNA= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-6ee13f19e7eso7501021b3a.1 for ; Thu, 02 May 2024 09:37:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667858; x=1715272658; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Mhvj6p3FIwhaQ4EXE/dOjpwybOlOt/6m3eCX/KLL/+E=; b=wxZpAnq2QNfEdXSn8ZimEA66Xv0VepewWui8fg4wtK0POCayc0nb9Q0RWanPpoviCO 1BbdXSe+rvDrjf36tPRCrVSFEDdKQJYUWJOpPEFJumOwz09Bg203TAKNa3rBPKAq3KCF Whx4orxA+lEvnYhGrsde5WiAarR+wUlw6EEcBBm8dGuxvHD9QjhG2cEyrVShzyvONmi1 ERqZEs5cskPSrW8bcGLp8Epvo056NCkIP8S47voiQXOxHhTNGZ10+/Uy5+yXXvo7gkEu xkXuHrzOMbd8IYs0ydZ/sjApDSqKijuHetnFhin8QOGBo+DKNDBoGWGh1On+C5jd+Hdf Cp8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667858; x=1715272658; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Mhvj6p3FIwhaQ4EXE/dOjpwybOlOt/6m3eCX/KLL/+E=; b=R8SsTeakDeO1uFHpMTNHBKfTfi0XwXlHvutRtfzSx0wBTWU0VL1tqyarn9CV6vjQH8 GVfPTcrvxgFgc75bf0tntFzuLpgUT2O1w5gLixcokp5QRAOb0eGLJh7SiMR1hydt1/OD Dw1pr3E4VTPppiQ9hqIPH0RjzVltfAj7aVNbyHVN/pav9r6scdzugAfhiJnGEebZmH6l kfL8TDYxxZ+GqBBiUt9QLbS6NtPSYjZfNGsjALOgInjzDwSm8jjpP6z1xjA5WGjwdW9F mm7N0n7NRO5bdxexBJ5ZvmVVKMmwW0C6n1EF+eLMGI1al8q7xPr63DOUe5jn4rYcU0y2 iBAQ== X-Gm-Message-State: AOJu0YyQbGoL1w21oDF84ER0MZqzpS4xf5U3dcwVxfdsRQNjqpwGAIvt fjG4O1MLMXvWPjMUA43h8x/GNwnIDvJ90PzoeV9csC+lFqaP/6YaEdgFfvmejhBEiz4OeoCS6fS l X-Google-Smtp-Source: AGHT+IEQ6CbFYugpZXMAm+EUu01hUMHSkgaNd7VbgbsbiRGCqML0uARByDGrOJAhEXRbRTFsGFCUHQ== X-Received: by 2002:a05:6a00:3982:b0:6ea:7b29:3ab7 with SMTP id fi2-20020a056a00398200b006ea7b293ab7mr68866pfb.23.1714667857805; Thu, 02 May 2024 09:37:37 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:37 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v2 4/4] elf: Make glibc.rtld.enable_secure ignore alias environment variables Date: Thu, 2 May 2024 13:35:59 -0300 Message-ID: <20240502163716.1107975-5-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> References: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org Tunable with environment variables aliases are also ignored if glibc.rtld.enable_secure is enabled. The tunable parsing is also optimized a bit, where the loop that checks each environment variable only checks for the tunables with aliases instead of all tables. Checked on aarch64-linux-gnu and x86_64-linux-gnu. --- elf/dl-tunables.c | 36 ++++++--- elf/tst-tunables-enable_secure.c | 133 +++++++++++++++++++++++++++---- scripts/gen-tunables.awk | 16 +++- 3 files changed, 161 insertions(+), 24 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 63cf8c7ab5..e87d0628b2 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -300,6 +300,9 @@ __tunables_init (char **envp) if (__libc_enable_secure) return; + enum { tunable_num_env_alias = array_length (tunable_env_alias_list) }; + struct tunable_toset_t tunables_env_alias[tunable_num_env_alias] = { 0 }; + while ((envp = get_next_env (envp, &envname, &envval, &prev_envp)) != NULL) { /* The environment variable is allocated on the stack by the kernel, so @@ -311,29 +314,44 @@ __tunables_init (char **envp) continue; } - for (int i = 0; i < tunables_list_size; i++) + for (int i = 0; i < tunable_num_env_alias; i++) { - tunable_t *cur = &tunable_list[i]; + tunable_t *cur = &tunable_list[tunable_env_alias_list[i]]; + const char *name = cur->env_alias; - /* Skip over tunables that have either been set already or should be - skipped. */ - if (cur->initialized || cur->env_alias[0] == '\0') + if (name[0] == '\0') continue; - const char *name = cur->env_alias; - - /* We have a match. Initialize and move on to the next line. */ if (tunable_is_name (name, envname)) { size_t envvallen = 0; /* The environment variable is always null-terminated. */ for (const char *p = envval; *p != '\0'; p++, envvallen++); - tunable_initialize (cur, envval, envvallen); + tunables_env_alias[i] = + (struct tunable_toset_t) { cur, envval, envvallen }; break; } } } + + /* Check if glibc.rtld.enable_secure was set and skip over the environment + variables aliases. */ + if (__libc_enable_secure) + return; + + for (int i = 0; i < tunable_num_env_alias; i++) + { + /* Skip over tunables that have either been set. */ + if (tunables_env_alias[i].t == NULL + || tunables_env_alias[i].t->initialized) + continue; + + if (!tunable_initialize (tunables_env_alias[i].t, + tunables_env_alias[i].value, + tunables_env_alias[i].len)) + parse_tunable_print_error (&tunables_env_alias[i]); + } } void diff --git a/elf/tst-tunables-enable_secure.c b/elf/tst-tunables-enable_secure.c index f5db1c84e9..a0da0fd179 100644 --- a/elf/tst-tunables-enable_secure.c +++ b/elf/tst-tunables-enable_secure.c @@ -17,6 +17,7 @@ . */ #include +#define TUNABLES_INTERNAL 1 #include #include #include @@ -34,6 +35,8 @@ static int restart; static const struct test_t { const char *env; + const char *extraenv; + bool check_multiple; int32_t expected_malloc_check; int32_t expected_enable_secure; } tests[] = @@ -41,39 +44,124 @@ static const struct test_t /* Expected tunable format. */ /* Tunables should be ignored if enable_secure is set. */ { - "glibc.malloc.check=2:glibc.rtld.enable_secure=1", + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + NULL, + false, 0, 1, }, /* Tunables should be ignored if enable_secure is set. */ { - "glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + NULL, + false, 0, 1, }, /* Tunables should be set if enable_secure is unset. */ { - "glibc.rtld.enable_secure=0:glibc.malloc.check=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + NULL, + false, 2, 0, }, + /* Tunables should be ignored if enable_secure is set. */ + { + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + "MALLOC_CHECK_=2", + false, + 0, + 1, + }, + /* Same as before, but with enviroment alias prior GLIBC_TUNABLES. */ + { + "MALLOC_CHECK_=2", + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + false, + 0, + 1, + }, + /* Tunables should be ignored if enable_secure is set. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "MALLOC_CHECK_=2", + false, + 0, + 1, + }, + { + "MALLOC_CHECK_=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + false, + 0, + 1, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 2, + 0, + }, + { + "MALLOC_CHECK_=1", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + /* Tunable have precedence over the environment variable. */ + false, + 2, + 0, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 1, + 0, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 1, + 0, + }, + /* Check with tunables environment variable alias set multiple times. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "MALLOC_CHECK_=2", + true, + 0, + 1, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + true, + 1, + 0, + }, }; static int handle_restart (int i) { if (tests[i].expected_enable_secure == 1) - { - TEST_COMPARE (1, __libc_enable_secure); - } + TEST_COMPARE (1, __libc_enable_secure); else - { - TEST_COMPARE (tests[i].expected_malloc_check, - TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL)); - TEST_COMPARE (tests[i].expected_enable_secure, - TUNABLE_GET_FULL (glibc, rtld, enable_secure, int32_t, - NULL)); - } + TEST_COMPARE (tests[i].expected_enable_secure, + TUNABLE_GET_FULL (glibc, rtld, enable_secure, int32_t, + NULL)); + TEST_COMPARE (tests[i].expected_malloc_check, + TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL)); return 0; } @@ -106,14 +194,31 @@ do_test (int argc, char *argv[]) spargv[i] = NULL; } + enum { tunable_num_env_alias = array_length (tunable_env_alias_list) }; + for (int i = 0; i < array_length (tests); i++) { snprintf (nteststr, sizeof nteststr, "%d", i); printf ("[%d] Spawned test for %s\n", i, tests[i].env); setenv ("GLIBC_TUNABLES", tests[i].env, 1); + + char *envp[2 + tunable_num_env_alias + 1] = + { + (char *) tests[i].env, + (char *) tests[i].extraenv, + NULL, + }; + if (tests[i].check_multiple) + { + int j; + for (j=0; j < tunable_num_env_alias; j++) + envp[j + 2] = (char *) tests[i].extraenv; + envp[j + 2] = NULL; + } + struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv, NULL); + = support_capture_subprogram (spargv[0], spargv, envp); support_capture_subprocess_check (&result, "tst-tunables-enable_secure", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/scripts/gen-tunables.awk b/scripts/gen-tunables.awk index 9f5336381e..fc3b41376f 100644 --- a/scripts/gen-tunables.awk +++ b/scripts/gen-tunables.awk @@ -156,7 +156,7 @@ END { print "# define TUNABLE_ALIAS_MAX " (max_alias_len + 1) print "# include \"dl-tunable-types.h\"" # Finally, the tunable list. - print "static tunable_t tunable_list[] attribute_relro = {" + print "static tunable_t tunable_list[] attribute_relro __attribute_used__ = {" for (tnm in types) { split (tnm, indices, SUBSEP); t = indices[1]; @@ -168,5 +168,19 @@ END { default_val[t,n,m], env_alias[t,n,m]); } print "};" + + # Map of tunable with environment variables aliases used during parsing. */ + print "\nstatic const tunable_id_t tunable_env_alias_list[] =" + printf "{\n" + for (tnm in types) { + split (tnm, indices, SUBSEP); + t = indices[1]; + n = indices[2]; + m = indices[3]; + if (env_alias[t,n,m] != "{0}") { + printf (" TUNABLE_ENUM_NAME(%s, %s, %s),\n", t, n, m); + } + } + printf "};\n" print "#endif" }