| Message ID | 20231106202552.3404059-15-adhemerval.zanella@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | Improve loader environment variable handling | expand |
On 2023-11-06 15:25, Adhemerval Zanella wrote: > Loader already ignores LD_DEBUG, LD_DEBUG_OUTPUT, and > LD_TRACE_LOADED_OBJECTS. Both LD_WARN and LD_VERBOSE are similar to > LD_DEBUG, in the sense they enable additional checks and debug > information, so it makes sense to disable them. > > Checked on x86_64-linux-gnu. > --- Maybe also put it in unsecvars.h? > elf/rtld.c | 22 ++++++++++++++-------- > elf/tst-env-setuid.c | 2 ++ > 2 files changed, 16 insertions(+), 8 deletions(-) > > diff --git a/elf/rtld.c b/elf/rtld.c > index a09cf2a9df..e7f90d37e7 100644 > --- a/elf/rtld.c > +++ b/elf/rtld.c > @@ -2552,13 +2552,15 @@ process_envvars (struct dl_main_state *state) > { > case 4: > /* Warning level, verbose or not. */ > - if (memcmp (envline, "WARN", 4) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "WARN", 4) == 0) > GLRO(dl_verbose) = envline[5] != '\0'; > break; > > case 5: > /* Debugging of the dynamic linker? */ > - if (memcmp (envline, "DEBUG", 5) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "DEBUG", 5) == 0) > { > process_dl_debug (state, &envline[6]); > break; > @@ -2569,7 +2571,8 @@ process_envvars (struct dl_main_state *state) > > case 7: > /* Print information about versions. */ > - if (memcmp (envline, "VERBOSE", 7) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "VERBOSE", 7) == 0) > { > state->version_info = envline[8] != '\0'; > break; > @@ -2625,7 +2628,8 @@ process_envvars (struct dl_main_state *state) > } > > /* Where to place the profiling data file. */ > - if (memcmp (envline, "DEBUG_OUTPUT", 12) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "DEBUG_OUTPUT", 12) == 0) > { > debug_output = &envline[13]; > break; > @@ -2646,7 +2650,8 @@ process_envvars (struct dl_main_state *state) > > case 20: > /* The mode of the dynamic linker can be set. */ > - if (memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0) > { > state->mode = rtld_mode_trace; > state->mode_trace_program > @@ -2668,9 +2673,10 @@ process_envvars (struct dl_main_state *state) > } > while (*nextp != '\0'); > > - GLRO(dl_debug_mask) = 0; > - > - if (state->mode != rtld_mode_normal) > + if (GLRO(dl_debug_mask) != 0 > + || GLRO(dl_verbose) != 0 > + || state->mode != rtld_mode_normal > + || state->version_info) > _exit (5); > } > /* If we have to run the dynamic linker in debugging mode and the > diff --git a/elf/tst-env-setuid.c b/elf/tst-env-setuid.c > index 76b8e1fb45..dcf213a4cd 100644 > --- a/elf/tst-env-setuid.c > +++ b/elf/tst-env-setuid.c > @@ -59,6 +59,8 @@ static const struct envvar_t filtered_envvars[] = > { "MALLOC_TRACE", FILTERED_VALUE }, > { "MALLOC_TRIM_THRESHOLD_", FILTERED_VALUE }, > { "RES_OPTIONS", FILTERED_VALUE }, > + { "LD_DEBUG", "all" }, > + { "LD_DEBUG_OUTPUT", "/tmp/some-file" }, > }; > > static const struct envvar_t unfiltered_envvars[] =
On 20/11/23 19:57, Siddhesh Poyarekar wrote: > On 2023-11-06 15:25, Adhemerval Zanella wrote: >> Loader already ignores LD_DEBUG, LD_DEBUG_OUTPUT, and >> LD_TRACE_LOADED_OBJECTS. Both LD_WARN and LD_VERBOSE are similar to >> LD_DEBUG, in the sense they enable additional checks and debug >> information, so it makes sense to disable them. >> >> Checked on x86_64-linux-gnu. >> --- > > Maybe also put it in unsecvars.h? Ack. > >> elf/rtld.c | 22 ++++++++++++++-------- >> elf/tst-env-setuid.c | 2 ++ >> 2 files changed, 16 insertions(+), 8 deletions(-) >> >> diff --git a/elf/rtld.c b/elf/rtld.c >> index a09cf2a9df..e7f90d37e7 100644 >> --- a/elf/rtld.c >> +++ b/elf/rtld.c >> @@ -2552,13 +2552,15 @@ process_envvars (struct dl_main_state *state) >> { >> case 4: >> /* Warning level, verbose or not. */ >> - if (memcmp (envline, "WARN", 4) == 0) >> + if (!__libc_enable_secure >> + && memcmp (envline, "WARN", 4) == 0) >> GLRO(dl_verbose) = envline[5] != '\0'; >> break; >> case 5: >> /* Debugging of the dynamic linker? */ >> - if (memcmp (envline, "DEBUG", 5) == 0) >> + if (!__libc_enable_secure >> + && memcmp (envline, "DEBUG", 5) == 0) >> { >> process_dl_debug (state, &envline[6]); >> break; >> @@ -2569,7 +2571,8 @@ process_envvars (struct dl_main_state *state) >> case 7: >> /* Print information about versions. */ >> - if (memcmp (envline, "VERBOSE", 7) == 0) >> + if (!__libc_enable_secure >> + && memcmp (envline, "VERBOSE", 7) == 0) >> { >> state->version_info = envline[8] != '\0'; >> break; >> @@ -2625,7 +2628,8 @@ process_envvars (struct dl_main_state *state) >> } >> /* Where to place the profiling data file. */ >> - if (memcmp (envline, "DEBUG_OUTPUT", 12) == 0) >> + if (!__libc_enable_secure >> + && memcmp (envline, "DEBUG_OUTPUT", 12) == 0) >> { >> debug_output = &envline[13]; >> break; >> @@ -2646,7 +2650,8 @@ process_envvars (struct dl_main_state *state) >> case 20: >> /* The mode of the dynamic linker can be set. */ >> - if (memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0) >> + if (!__libc_enable_secure >> + && memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0) >> { >> state->mode = rtld_mode_trace; >> state->mode_trace_program >> @@ -2668,9 +2673,10 @@ process_envvars (struct dl_main_state *state) >> } >> while (*nextp != '\0'); >> - GLRO(dl_debug_mask) = 0; >> - >> - if (state->mode != rtld_mode_normal) >> + if (GLRO(dl_debug_mask) != 0 >> + || GLRO(dl_verbose) != 0 >> + || state->mode != rtld_mode_normal >> + || state->version_info) >> _exit (5); >> } >> /* If we have to run the dynamic linker in debugging mode and the >> diff --git a/elf/tst-env-setuid.c b/elf/tst-env-setuid.c >> index 76b8e1fb45..dcf213a4cd 100644 >> --- a/elf/tst-env-setuid.c >> +++ b/elf/tst-env-setuid.c >> @@ -59,6 +59,8 @@ static const struct envvar_t filtered_envvars[] = >> { "MALLOC_TRACE", FILTERED_VALUE }, >> { "MALLOC_TRIM_THRESHOLD_", FILTERED_VALUE }, >> { "RES_OPTIONS", FILTERED_VALUE }, >> + { "LD_DEBUG", "all" }, >> + { "LD_DEBUG_OUTPUT", "/tmp/some-file" }, >> }; >> static const struct envvar_t unfiltered_envvars[] =
diff --git a/elf/rtld.c b/elf/rtld.c index a09cf2a9df..e7f90d37e7 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -2552,13 +2552,15 @@ process_envvars (struct dl_main_state *state) { case 4: /* Warning level, verbose or not. */ - if (memcmp (envline, "WARN", 4) == 0) + if (!__libc_enable_secure + && memcmp (envline, "WARN", 4) == 0) GLRO(dl_verbose) = envline[5] != '\0'; break; case 5: /* Debugging of the dynamic linker? */ - if (memcmp (envline, "DEBUG", 5) == 0) + if (!__libc_enable_secure + && memcmp (envline, "DEBUG", 5) == 0) { process_dl_debug (state, &envline[6]); break; @@ -2569,7 +2571,8 @@ process_envvars (struct dl_main_state *state) case 7: /* Print information about versions. */ - if (memcmp (envline, "VERBOSE", 7) == 0) + if (!__libc_enable_secure + && memcmp (envline, "VERBOSE", 7) == 0) { state->version_info = envline[8] != '\0'; break; @@ -2625,7 +2628,8 @@ process_envvars (struct dl_main_state *state) } /* Where to place the profiling data file. */ - if (memcmp (envline, "DEBUG_OUTPUT", 12) == 0) + if (!__libc_enable_secure + && memcmp (envline, "DEBUG_OUTPUT", 12) == 0) { debug_output = &envline[13]; break; @@ -2646,7 +2650,8 @@ process_envvars (struct dl_main_state *state) case 20: /* The mode of the dynamic linker can be set. */ - if (memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0) + if (!__libc_enable_secure + && memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0) { state->mode = rtld_mode_trace; state->mode_trace_program @@ -2668,9 +2673,10 @@ process_envvars (struct dl_main_state *state) } while (*nextp != '\0'); - GLRO(dl_debug_mask) = 0; - - if (state->mode != rtld_mode_normal) + if (GLRO(dl_debug_mask) != 0 + || GLRO(dl_verbose) != 0 + || state->mode != rtld_mode_normal + || state->version_info) _exit (5); } /* If we have to run the dynamic linker in debugging mode and the diff --git a/elf/tst-env-setuid.c b/elf/tst-env-setuid.c index 76b8e1fb45..dcf213a4cd 100644 --- a/elf/tst-env-setuid.c +++ b/elf/tst-env-setuid.c @@ -59,6 +59,8 @@ static const struct envvar_t filtered_envvars[] = { "MALLOC_TRACE", FILTERED_VALUE }, { "MALLOC_TRIM_THRESHOLD_", FILTERED_VALUE }, { "RES_OPTIONS", FILTERED_VALUE }, + { "LD_DEBUG", "all" }, + { "LD_DEBUG_OUTPUT", "/tmp/some-file" }, }; static const struct envvar_t unfiltered_envvars[] =