From patchwork Thu Oct 2 16:05:51 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Fortune X-Patchwork-Id: 396019 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id D1554140188 for ; Fri, 3 Oct 2014 02:06:05 +1000 (EST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id:references :in-reply-to:content-type:content-transfer-encoding :mime-version; q=dns; s=default; b=y5c/4Rd/Ny2I4YLZjQtcv7s2S7VM8 8/UuSnUXnuhAl+C8fz6ROY+vXsgWlNGWLeQc7rJTUZGt5XbvEd7imYPuSZJod6bF x3Di2Ia4/+5SV2R/bWYggxalCp6xBmwRP5W2h4RpK1v6f4O1udMCtU+qexH14NbR evZU0B71VPMJWo= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id:references :in-reply-to:content-type:content-transfer-encoding :mime-version; s=default; bh=Wyx1+42h7tVEcqRYk0JS629HJIM=; b=YVC BVBwllP2v4XEGe0EbSG8ofOICnSzZGDewRw44PmDfdmVh/E9hqf00vUruX3vWMCs rp4Vp0EYKglR4FNhrtu3rTPiFkpBEVLwLe/qC7fOYwtEYSClkhwabju6f7SKhpMc 73OcCA/J2ICxIA9vflc+UkOMWB1ysgAPvQZEeJF4= Received: (qmail 10495 invoked by alias); 2 Oct 2014 16:06:00 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 10486 invoked by uid 89); 2 Oct 2014 16:06:00 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.6 required=5.0 tests=AWL, BAYES_00, MIME_BASE64_BLANKS, RP_MATCHES_RCVD, SPF_PASS autolearn=ham version=3.3.2 X-HELO: mailapp01.imgtec.com From: Matthew Fortune To: "libc-alpha@sourceware.org" CC: Roland McGrath , "Joseph Myers (joseph@codesourcery.com)" , Will Newton Subject: RE: Create a hook for inspecting program headers during library load Date: Thu, 2 Oct 2014 16:05:51 +0000 Message-ID: <6D39441BF12EF246A7ABCE6654B0235320F199DC@LEMAIL01.le.imgtec.org> References: <6D39441BF12EF246A7ABCE6654B0235320F18A1B@LEMAIL01.le.imgtec.org> <20141001214949.239022C3AAD@topped-with-meat.com> <6D39441BF12EF246A7ABCE6654B0235320F18CA4@LEMAIL01.le.imgtec.org> <20141001230906.9B9852C3AAA@topped-with-meat.com> <6D39441BF12EF246A7ABCE6654B0235320F1971F@LEMAIL01.le.imgtec.org> <6D39441BF12EF246A7ABCE6654B0235320F197DF@LEMAIL01.le.imgtec.org> In-Reply-To: <6D39441BF12EF246A7ABCE6654B0235320F197DF@LEMAIL01.le.imgtec.org> MIME-Version: 1.0 > > On 2 October 2014 16:02, Matthew Fortune > > wrote: > > > Patch updated below. Though I did remember Joseph steering me away > from > > > an ifdef based interface while reworking this: > > > > > > https://sourceware.org/ml/libc-alpha/2014-05/msg00045.html > > > > > > Does this seem more appropriate? > > > > You could implement it using the sysdeps mechanism, e.g. see how > > dl-irel.h and similar headers operate. Now using sysdeps... No regression on x86_64-linux-gnu. Thanks, Matthew * elf/dl-load.c (dl-load-phdr.h): Include. (open_verify): Add hook for phdr check. * sysdeps/generic/dl-load-phdr.h: New file. --- elf/dl-load.c | 6 ++++++ sysdeps/generic/dl-load-phdr.h | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+) create mode 100644 sysdeps/generic/dl-load-phdr.h -- 1.9.4 diff --git a/elf/dl-load.c b/elf/dl-load.c index 016a99c..c1fa923 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -41,6 +41,7 @@ #include #include #include +#include #include @@ -1697,6 +1698,11 @@ open_verify (const char *name, struct filebuf *fbp, struct link_map *loader, } } + if (__glibc_unlikely ( + elf_machine_reject_phdr_p (phdr, ehdr->e_phnum, fbp->buf, fbp->len, + fd, loader))) + goto close_and_out; + /* Check .note.ABI-tag if present. */ for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph) if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4) diff --git a/sysdeps/generic/dl-load-phdr.h b/sysdeps/generic/dl-load-phdr.h new file mode 100644 index 0000000..4e98f92 --- /dev/null +++ b/sysdeps/generic/dl-load-phdr.h @@ -0,0 +1,32 @@ +/* Machine-dependent ELF loader functions. + Copyright (C) 2014 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#ifndef _DL_LOAD_PHDR_H +#define _DL_LOAD_PHDR_H + +/* Return true iff ELF program headers are incompatible with the running + host. */ +static inline bool +elf_machine_reject_phdr_p (const ElfW(Phdr) *phdr, uint_fast16_t phnum, + const char *buf, size_t len, int fd, + struct link_map *map) +{ + return false; +} + +#endif /* dl-load-phdr.h */