diff mbox series

[v4,07/10] Use <startup.h> in __libc_init_secure

Message ID be1b797ea8c1930e49d4e034b5414ff20effc1c3.1610986541.git.szabolcs.nagy@arm.com
State New
Headers show
Series fix ifunc with static pie [BZ #27072] | expand

Commit Message

Szabolcs Nagy Jan. 18, 2021, 4:25 p.m. UTC 
From: "H.J. Lu" <hjl.tools@gmail.com>

Since __libc_init_secure is called before ARCH_SETUP_TLS, it must use
"int $0x80" for system calls in i386 static PIE.  Add startup_getuid,
startup_geteuid, startup_getgid and startup_getegid to <startup.h>.
Update __libc_init_secure to use them.
---
 elf/enbl-secure.c                      |  6 +++---
 sysdeps/generic/startup.h              | 26 +++++++++++++++++++++++
 sysdeps/unix/sysv/linux/i386/startup.h | 29 ++++++++++++++++++++++++--
 3 files changed, 56 insertions(+), 5 deletions(-)

Comments

Adhemerval Zanella Netto Jan. 19, 2021, 1:56 p.m. UTC | #1 
On 18/01/2021 13:25, Szabolcs Nagy via Libc-alpha wrote:
> From: "H.J. Lu" <hjl.tools@gmail.com>
> 
> Since __libc_init_secure is called before ARCH_SETUP_TLS, it must use
> "int $0x80" for system calls in i386 static PIE.  Add startup_getuid,
> startup_geteuid, startup_getgid and startup_getegid to <startup.h>.
> Update __libc_init_secure to use them.

LGTM, thanks.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

> ---
>  elf/enbl-secure.c                      |  6 +++---
>  sysdeps/generic/startup.h              | 26 +++++++++++++++++++++++
>  sysdeps/unix/sysv/linux/i386/startup.h | 29 ++++++++++++++++++++++++--
>  3 files changed, 56 insertions(+), 5 deletions(-)
> 
> diff --git a/elf/enbl-secure.c b/elf/enbl-secure.c
> index ffd7938605..9e47526bd3 100644
> --- a/elf/enbl-secure.c
> +++ b/elf/enbl-secure.c
> @@ -23,7 +23,7 @@
>  #if BUILD_PIE_DEFAULT
>  # pragma GCC visibility push(hidden)
>  #endif
> -#include <unistd.h>
> +#include <startup.h>
>  #include <libc-internal.h>
>  
>  /* If nonzero __libc_enable_secure is already set.  */
> @@ -35,6 +35,6 @@ void
>  __libc_init_secure (void)
>  {
>    if (__libc_enable_secure_decided == 0)
> -    __libc_enable_secure = (__geteuid () != __getuid ()
> -			    || __getegid () != __getgid ());
> +    __libc_enable_secure = (startup_geteuid () != startup_getuid ()
> +			    || startup_getegid () != startup_getgid ());
>  }

Ok.

> diff --git a/sysdeps/generic/startup.h b/sysdeps/generic/startup.h
> index 56c899a65e..04f20cde47 100644
> --- a/sysdeps/generic/startup.h
> +++ b/sysdeps/generic/startup.h
> @@ -19,5 +19,31 @@
>  /* Targets should override this file if the default definitions below
>     will not work correctly very early before TLS is initialized.  */
>  
> +#include <unistd.h>
> +
>  /* Use macro instead of inline function to avoid including <stdio.h>.  */
>  #define _startup_fatal(message) __libc_fatal ((message))
> +
> +static inline uid_t
> +startup_getuid (void)
> +{
> +  return __getuid ();
> +}
> +
> +static inline uid_t
> +startup_geteuid (void)
> +{
> +  return __geteuid ();
> +}
> +
> +static inline gid_t
> +startup_getgid (void)
> +{
> +  return __getgid ();
> +}
> +
> +static inline gid_t
> +startup_getegid (void)
> +{
> +  return __getegid ();
> +}

Ok.

> diff --git a/sysdeps/unix/sysv/linux/i386/startup.h b/sysdeps/unix/sysv/linux/i386/startup.h
> index 3eb4cc43a2..dee7a4f1d3 100644
> --- a/sysdeps/unix/sysv/linux/i386/startup.h
> +++ b/sysdeps/unix/sysv/linux/i386/startup.h
> @@ -17,11 +17,12 @@
>     <https://www.gnu.org/licenses/>.  */
>  
>  #if BUILD_PIE_DEFAULT
> -# include <abort-instr.h>
> -
>  /* Can't use "call *%gs:SYSINFO_OFFSET" during statup in static PIE.  */
>  # define I386_USE_SYSENTER 0
>  
> +# include <sysdep.h>
> +# include <abort-instr.h>
> +
>  __attribute__ ((__noreturn__))
>  static inline void
>  _startup_fatal (const char *message __attribute__ ((unused)))
> @@ -31,6 +32,30 @@ _startup_fatal (const char *message __attribute__ ((unused)))
>    ABORT_INSTRUCTION;
>    __builtin_unreachable ();
>  }
> +
> +static inline uid_t
> +startup_getuid (void)
> +{
> +  return (uid_t) INTERNAL_SYSCALL_CALL (getuid32);
> +}
> +
> +static inline uid_t
> +startup_geteuid (void)
> +{
> +  return (uid_t) INTERNAL_SYSCALL_CALL (geteuid32);
> +}
> +
> +static inline gid_t
> +startup_getgid (void)
> +{
> +  return (gid_t) INTERNAL_SYSCALL_CALL (getgid32);
> +}
> +
> +static inline gid_t
> +startup_getegid (void)
> +{
> +  return (gid_t) INTERNAL_SYSCALL_CALL (getegid32);
> +}
>  #else
>  # include_next <startup.h>
>  #endif
> 

Ok.
diff mbox series

Patch

diff --git a/elf/enbl-secure.c b/elf/enbl-secure.c
index ffd7938605..9e47526bd3 100644
--- a/elf/enbl-secure.c
+++ b/elf/enbl-secure.c
@@ -23,7 +23,7 @@ 
 #if BUILD_PIE_DEFAULT
 # pragma GCC visibility push(hidden)
 #endif
-#include <unistd.h>
+#include <startup.h>
 #include <libc-internal.h>
 
 /* If nonzero __libc_enable_secure is already set.  */
@@ -35,6 +35,6 @@  void
 __libc_init_secure (void)
 {
   if (__libc_enable_secure_decided == 0)
-    __libc_enable_secure = (__geteuid () != __getuid ()
-			    || __getegid () != __getgid ());
+    __libc_enable_secure = (startup_geteuid () != startup_getuid ()
+			    || startup_getegid () != startup_getgid ());
 }
diff --git a/sysdeps/generic/startup.h b/sysdeps/generic/startup.h
index 56c899a65e..04f20cde47 100644
--- a/sysdeps/generic/startup.h
+++ b/sysdeps/generic/startup.h
@@ -19,5 +19,31 @@ 
 /* Targets should override this file if the default definitions below
    will not work correctly very early before TLS is initialized.  */
 
+#include <unistd.h>
+
 /* Use macro instead of inline function to avoid including <stdio.h>.  */
 #define _startup_fatal(message) __libc_fatal ((message))
+
+static inline uid_t
+startup_getuid (void)
+{
+  return __getuid ();
+}
+
+static inline uid_t
+startup_geteuid (void)
+{
+  return __geteuid ();
+}
+
+static inline gid_t
+startup_getgid (void)
+{
+  return __getgid ();
+}
+
+static inline gid_t
+startup_getegid (void)
+{
+  return __getegid ();
+}
diff --git a/sysdeps/unix/sysv/linux/i386/startup.h b/sysdeps/unix/sysv/linux/i386/startup.h
index 3eb4cc43a2..dee7a4f1d3 100644
--- a/sysdeps/unix/sysv/linux/i386/startup.h
+++ b/sysdeps/unix/sysv/linux/i386/startup.h
@@ -17,11 +17,12 @@ 
    <https://www.gnu.org/licenses/>.  */
 
 #if BUILD_PIE_DEFAULT
-# include <abort-instr.h>
-
 /* Can't use "call *%gs:SYSINFO_OFFSET" during statup in static PIE.  */
 # define I386_USE_SYSENTER 0
 
+# include <sysdep.h>
+# include <abort-instr.h>
+
 __attribute__ ((__noreturn__))
 static inline void
 _startup_fatal (const char *message __attribute__ ((unused)))
@@ -31,6 +32,30 @@  _startup_fatal (const char *message __attribute__ ((unused)))
   ABORT_INSTRUCTION;
   __builtin_unreachable ();
 }
+
+static inline uid_t
+startup_getuid (void)
+{
+  return (uid_t) INTERNAL_SYSCALL_CALL (getuid32);
+}
+
+static inline uid_t
+startup_geteuid (void)
+{
+  return (uid_t) INTERNAL_SYSCALL_CALL (geteuid32);
+}
+
+static inline gid_t
+startup_getgid (void)
+{
+  return (gid_t) INTERNAL_SYSCALL_CALL (getgid32);
+}
+
+static inline gid_t
+startup_getegid (void)
+{
+  return (gid_t) INTERNAL_SYSCALL_CALL (getegid32);
+}
 #else
 # include_next <startup.h>
 #endif