From patchwork Mon May 6 16:18:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1932110 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=aupmfQiv; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VY68K1gblz1yZk for ; Tue, 7 May 2024 02:20:33 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 82C3E385B50A for ; Mon, 6 May 2024 16:20:31 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) by sourceware.org (Postfix) with ESMTPS id 63CF23858C31 for ; Mon, 6 May 2024 16:20:06 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 63CF23858C31 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 63CF23858C31 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::430 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012410; cv=none; b=mdRFmgaYqvJ0n7PK+4bCQPVZXbnWMBlNG2xU5h942/kGYpGcxPluddzrZPZZJAXOkk3GTpxK4BQkyatEh1GI34YR43iyQ9n/uxln+nezlucuQ+9o6bG74QwVBvM/kYmf66MhC8klYpiAgfjE64QjaQdr56I7A8AHVVCn0XM7gIQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012410; c=relaxed/simple; bh=HvOqX6LamIK67ZZvV9jqTEoeNFy+a8dRyF+cVSgw728=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=U279HhL6nptY5j0QuhdDd4xA4bfz8UcLCKFJN6iH7SZI6mpwR/x6MWQ6nXz1lcgUZxsF/LpgiHyoKueo3ly2VdJinjiyax+8M8fg9inwOBrM2ZqFdxIeJYO581ztda5SA2V5IDHtATWgpIDl9QRK52TikjhrWWlsgTQLNdb0Lx0= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x430.google.com with SMTP id d2e1a72fcca58-6f4521ad6c0so1470509b3a.0 for ; Mon, 06 May 2024 09:20:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1715012405; x=1715617205; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JdIyqjgopqnPVPBcV8efwJkiueJ3EZUkKVX9lnewc4E=; b=aupmfQivZ/MG5MKcpbTCWKGXUpYzXq7iZt37ehm0uNZ+EvOaoXmoUMjVB45+/FWrbl 2cGfUxNdGnRgowx+dVx9IJV4DGONja7li6SpXSHgTMe8Y/So2cd+YbsL8Qlu5ODRWc4F viCc9jmZUb+yyFrdirDJL1j54BNVrBg7sRC1lRuWLOMmOoytPpNJC72CX9GL6bU6zUh9 pXxkm+qCReZdrih31BW4ktzqERuK4AHrAxwcJ9TAJsuQLSAWY+YrApHSH0ZTgyBqaz6S TvpAagM+/6TilVU9BbjArei1Ecelk5mLn0F44CaFle7xpih0gY5pWtbv8idfXSBfaS8r IK5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715012405; x=1715617205; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JdIyqjgopqnPVPBcV8efwJkiueJ3EZUkKVX9lnewc4E=; b=KYvGdHYIsU64NWWC2CPg8bEf6QUF+tPrFye6SB23uOTvLsh3od3f0MzN7UTXq/aXpq pHCVhY+Yu9wNePAS2Dhlh5Bp5OiJ+RntvLuagmX2lbP/QBEtwl3jNHhMZrSN/uASWsjV BulKQEB+RX1WU66VyQ7kd1zp1mUvZ03vEEkkgfOovRMV0SXO5aPwD5bqYBEvd325hvWV WKU3QNtIQmwPWyyZ60zVh0Mb5z7txUFRYy8bPB3KZmyyP3NWMWEaz9O43XEd1/swNEZ0 gIqx9ict6e0PvdBhDqW45kxSxSqHBthzMa92snJImKdyOwjnkCifEhaToKAUf5+P3O/9 JcZg== X-Gm-Message-State: AOJu0YzpkHbpDraJY7QwnxR6tHtkoBWijc34vIqXmet40xLq8iioCSyF 8b/Wee5H/f+g+StwcqbYOfbqBSc2LqqiEglpGyjMBRQDer+TV7KZQpV1KtZxgTlLaPdFTekpb5T f5BY= X-Google-Smtp-Source: AGHT+IHLLacIGQZB1Ak3rjZeFro7C7xYPQf3dKS03QTaCw8l+Q+8E064UMgfnOYHNfWWXR1ihe3kMw== X-Received: by 2002:a05:6a21:3a41:b0:1ad:8755:976 with SMTP id zu1-20020a056a213a4100b001ad87550976mr11401403pzb.13.1715012404742; Mon, 06 May 2024 09:20:04 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c2:6e56:fc45:bb45:8b35:9b81]) by smtp.gmail.com with ESMTPSA id ll12-20020a056a00728c00b006ed0b798f1fsm7883347pfb.119.2024.05.06.09.20.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 09:20:04 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar , Yuto Maeda , Yutaro Shimizu Subject: [PATCH v3 1/4] elf: Only process multiple tunable once (BZ 31686) Date: Mon, 6 May 2024 13:18:45 -0300 Message-ID: <20240506161955.1570278-2-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> References: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org The 680c597e9c3 commit made loader reject ill-formatted strings by first tracking all set tunables and then applying them. However, it does not take into consideration if the same tunable is set multiple times, where parse_tunables_string appends the found tunable without checking if it was already in the list. It leads to a stack-based buffer overflow if the tunable is specified more than the total number of tunables. For instance: GLIBC_TUNABLES=glibc.malloc.check=2:... (repeat over the number of total support for different tunable). Instead, use the index of the tunable list to get the expected tunable entry. Since now the initial list is zero-initialized, the compiler might emit an extra memset and this requires some minor adjustment on some ports. Checked on x86_64-linux-gnu and aarch64-linux-gnu. Reported-by: Yuto Maeda Reported-by: Yutaro Shimizu Reviewed-by: Siddhesh Poyarekar --- elf/dl-tunables.c | 30 ++++++----- elf/tst-tunables.c | 61 +++++++++++++++++++++- sysdeps/aarch64/multiarch/memset_generic.S | 4 ++ sysdeps/sparc/sparc64/rtld-memset.c | 3 ++ 4 files changed, 84 insertions(+), 14 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index d3ccd2ecd4..1db80e0f92 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -32,6 +32,7 @@ #include #include #include +#include #define TUNABLES_INTERNAL 1 #include "dl-tunables.h" @@ -221,8 +222,7 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) if (tunable_is_name (cur->name, name)) { - tunables[ntunables++] = - (struct tunable_toset_t) { cur, value, p - value }; + tunables[i] = (struct tunable_toset_t) { cur, value, p - value }; /* Ignore tunables if enable_secure is set */ if (tunable_is_name ("glibc.rtld.enable_secure", name)) @@ -245,23 +245,27 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) static void parse_tunables (const char *valstring) { - struct tunable_toset_t tunables[tunables_list_size]; - int ntunables = parse_tunables_string (valstring, tunables); - if (ntunables == -1) + struct tunable_toset_t tunables[tunables_list_size] = { 0 }; + if (parse_tunables_string (valstring, tunables) == -1) { _dl_error_printf ( "WARNING: ld.so: invalid GLIBC_TUNABLES `%s': ignored.\n", valstring); return; } - for (int i = 0; i < ntunables; i++) - if (!tunable_initialize (tunables[i].t, tunables[i].value, - tunables[i].len)) - _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " - "for option `%s': ignored.\n", - (int) tunables[i].len, - tunables[i].value, - tunables[i].t->name); + for (int i = 0; i < tunables_list_size; i++) + { + if (tunables[i].t == NULL) + continue; + + if (!tunable_initialize (tunables[i].t, tunables[i].value, + tunables[i].len)) + _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " + "for option `%s': ignored.\n", + (int) tunables[i].len, + tunables[i].value, + tunables[i].t->name); + } } /* Initialize the tunables list from the environment. For now we only use the diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c index 095b5c81d9..dff34ed748 100644 --- a/elf/tst-tunables.c +++ b/elf/tst-tunables.c @@ -17,6 +17,10 @@ . */ #include +/* The test uses the tunable_list size, which is only exported for + ld.so. This will result in a copy of tunable_list, which is ununsed by + the test itself. */ +#define TUNABLES_INTERNAL 1 #include #include #include @@ -24,12 +28,13 @@ #include #include #include +#include static int restart; #define CMDLINE_OPTIONS \ { "restart", no_argument, &restart, 1 }, -static const struct test_t +static struct test_t { const char *name; const char *value; @@ -284,6 +289,29 @@ static const struct test_t 0, 0, }, + /* Also check for repeated tunables with a count larger than the total number + of tunables. */ + { + "GLIBC_TUNABLES", + NULL, + 2, + 0, + 0, + }, + { + "GLIBC_TUNABLES", + NULL, + 1, + 0, + 0, + }, + { + "GLIBC_TUNABLES", + NULL, + 0, + 0, + 0, + }, }; static int @@ -327,6 +355,37 @@ do_test (int argc, char *argv[]) spargv[i] = NULL; } + /* Create a tunable line with the duplicate values with a total number + larger than the different number of tunables. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size; i++) + value = xasprintf ("%sglibc.malloc.check=2%c", + value, + i == (tunables_list_size - 1) ? '\0' : ':'); + tests[33].value = value; + } + /* Same as before, but the last tunable values is differen than the + rest. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size - 1; i++) + value = xasprintf ("%sglibc.malloc.check=2:", value); + value = xasprintf ("%sglibc.malloc.check=1", value); + tests[34].value = value; + } + /* Same as before, but with an invalid last entry. */ + { + enum { tunables_list_size = array_length (tunable_list) }; + const char *value = ""; + for (int i = 0; i < tunables_list_size - 1; i++) + value = xasprintf ("%sglibc.malloc.check=2:", value); + value = xasprintf ("%sglibc.malloc.check=1=1", value); + tests[35].value = value; + } + for (int i = 0; i < array_length (tests); i++) { snprintf (nteststr, sizeof nteststr, "%d", i); diff --git a/sysdeps/aarch64/multiarch/memset_generic.S b/sysdeps/aarch64/multiarch/memset_generic.S index 81748bdbce..e125a5ed85 100644 --- a/sysdeps/aarch64/multiarch/memset_generic.S +++ b/sysdeps/aarch64/multiarch/memset_generic.S @@ -33,3 +33,7 @@ #endif #include <../memset.S> + +#if IS_IN (rtld) +strong_alias (memset, __memset_generic) +#endif diff --git a/sysdeps/sparc/sparc64/rtld-memset.c b/sysdeps/sparc/sparc64/rtld-memset.c index 55f3835790..a19202a620 100644 --- a/sysdeps/sparc/sparc64/rtld-memset.c +++ b/sysdeps/sparc/sparc64/rtld-memset.c @@ -1 +1,4 @@ #include +#if IS_IN(rtld) +strong_alias (memset, __memset_ultra1) +#endif From patchwork Mon May 6 16:18:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1932111 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=Gwikuyu0; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VY69R5tdZz1yZk for ; Tue, 7 May 2024 02:21:31 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id A2D733858C62 for ; Mon, 6 May 2024 16:21:29 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x435.google.com (mail-pf1-x435.google.com [IPv6:2607:f8b0:4864:20::435]) by sourceware.org (Postfix) with ESMTPS id B9FA23858D1E for ; Mon, 6 May 2024 16:20:09 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org B9FA23858D1E Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org B9FA23858D1E Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::435 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012411; cv=none; b=f3MjoSJttF0KfTAHilcngJ/HsGii0VnXlxtAqXLjFxnx0M07Nz1Y4kMVk2zmV+2DA9mCfsmkVkC/wlysShSF4WglXBpuvVrjhacZ7ReB2rVpvcsflx0d6AGWGghXzBd3la2eUpidNYWL8R5VxEpYo/tCYhxag+mzrBMnotwdCXg= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012411; c=relaxed/simple; bh=pEMGJzEXOr1M1CokR16EYy+o8E5rQZM7d+ndftfT7AA=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=McRzf7/0K1bA9GDjWR/9Quu5UfUpp+w5/aarWuBYpnO78lXixoF5LYP8+Ig34sLqNMVJ/mj3v7Z4YZoxsIuVbRXfI0aSrF018uBL0vCPElsyo1emzTWqgBTIVQ1BWBVN6GsFQf/Jhojyd0e5ymg6gvaKRDaBAuPYW2PQqBMlC6I= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x435.google.com with SMTP id d2e1a72fcca58-6f460e05101so1200160b3a.1 for ; Mon, 06 May 2024 09:20:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1715012408; x=1715617208; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sGd9zb7IAiLLy2yVbpl8UkwGDSrGWYwhIDZaoLKhuwA=; b=Gwikuyu0nIiQU23xHeh3FKR0YtKdan65buoxvFPZsqIF7nyQpVEDIdluQER3FbEfEK clFlHdBKzQhoO+tUzg/c6MyqdhjNLtpg4aekS6nsrZM2VK6J2F3oH8RfCKzgxO9c7lYm vJEad+0Ql5uHIz0aAlPl40w8lZUqEZxqiq2JtHgoRsNn1/7lVzeS+VcHsaBv7GgsfVdO 1fqwDzbaU8PNfqi4+yY5tfuiRTkXWiLcTRbYDYgdOIjF1wIvIuHS2SbzQlpT2JepUkLm 8jfVRsoJAVKmxXkMa/NqnlTQaxpyrYPXUoU/YySNnF5dmc7WJi6odaH+vlBBlmGW5K9d rEaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715012408; x=1715617208; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sGd9zb7IAiLLy2yVbpl8UkwGDSrGWYwhIDZaoLKhuwA=; b=lKA9BS4speDhdcrPhR71isYDy9DyZKaJ0c8efhlo4iPLSV/2zimbguJZw3fmVoeORP XliE0IiLKxD8P9EtFJKdTT8dTrqMADj3o4TT9Bjm0M3GFH4TTnrT/2uBLA4YUM3hMhqg 1ryad/s0mvDH5QshmBegUAUugus3Ha4STKQQTNTyCQ4U+G10dujilFIA/koPJJTpom1S PAOgbbCeETm4zabHj6czjRphA/pE//z4CmHXDxr+u7PX1CN01x1AfJdutgDhTrUUSB+k eNAN1vmxFM/zSV2tJFYBUQS4tbI1+ABRoaYp6as5Czo1W/iB3jXBkeauf6YDBzq34Ctd fF+g== X-Gm-Message-State: AOJu0YwYV6/w9n6M0B1GO6Bl1u81sMEwRSVSD9cC/OIf83UusE/aM+Ul hCuTtpurYtss3HQAv2X1r0mOPi22EewOXVKBIsellTGiK2fKkvB9+FgTuyR9FBA3VBtJsWjA9+5 xbyc= X-Google-Smtp-Source: AGHT+IE234E2sD4uTjlBcVbe61svR8it+HbFHI9u9faTS6bHIspgEmVrO/AlvkOeJqcV/EwJu5kLpA== X-Received: by 2002:a05:6a20:1059:b0:1aa:954f:d466 with SMTP id gt25-20020a056a20105900b001aa954fd466mr163344pzc.23.1715012408006; Mon, 06 May 2024 09:20:08 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c2:6e56:fc45:bb45:8b35:9b81]) by smtp.gmail.com with ESMTPSA id ll12-20020a056a00728c00b006ed0b798f1fsm7883347pfb.119.2024.05.06.09.20.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 09:20:07 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v3 2/4] elf: Remove glibc.rtld.enable_secure check from parse_tunables_string Date: Mon, 6 May 2024 13:18:46 -0300 Message-ID: <20240506161955.1570278-3-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> References: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-13.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org And move it to parse_tunables. It avoids a string comparison for each tunable. Checked on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Siddhesh Poyarekar --- elf/dl-tunables.c | 58 +++++++++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 20 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 1db80e0f92..63cf8c7ab5 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -119,6 +119,17 @@ do_tunable_update_val (tunable_t *cur, const tunable_val_t *valp, cur->initialized = true; } +static bool +tunable_parse_num (const char *strval, size_t len, tunable_num_t *val) +{ + char *endptr = NULL; + uint64_t numval = _dl_strtoul (strval, &endptr); + if (endptr != strval + len) + return false; + *val = (tunable_num_t) numval; + return true; +} + /* Validate range of the input value and initialize the tunable CUR if it looks good. */ static bool @@ -128,11 +139,8 @@ tunable_initialize (tunable_t *cur, const char *strval, size_t len) if (cur->type.type_code != TUNABLE_TYPE_STRING) { - char *endptr = NULL; - uint64_t numval = _dl_strtoul (strval, &endptr); - if (endptr != strval + len) + if (!tunable_parse_num (strval, len, &val.numval)) return false; - val.numval = (tunable_num_t) numval; } else val.strval = (struct tunable_str_t) { strval, len }; @@ -223,17 +231,6 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) if (tunable_is_name (cur->name, name)) { tunables[i] = (struct tunable_toset_t) { cur, value, p - value }; - - /* Ignore tunables if enable_secure is set */ - if (tunable_is_name ("glibc.rtld.enable_secure", name)) - { - tunable_num_t val = (tunable_num_t) _dl_strtoul (value, NULL); - if (val == 1) - { - __libc_enable_secure = 1; - return 0; - } - } break; } } @@ -242,6 +239,16 @@ parse_tunables_string (const char *valstring, struct tunable_toset_t *tunables) return ntunables; } +static void +parse_tunable_print_error (const struct tunable_toset_t *toset) +{ + _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " + "for option `%s': ignored.\n", + (int) toset->len, + toset->value, + toset->t->name); +} + static void parse_tunables (const char *valstring) { @@ -253,6 +260,21 @@ parse_tunables (const char *valstring) return; } + /* Ignore tunables if enable_secure is set */ + struct tunable_toset_t *tsec = + &tunables[TUNABLE_ENUM_NAME(glibc, rtld, enable_secure)]; + if (tsec->t != NULL) + { + tunable_num_t val; + if (!tunable_parse_num (tsec->value, tsec->len, &val)) + parse_tunable_print_error (tsec); + else if (val == 1) + { + __libc_enable_secure = 1; + return; + } + } + for (int i = 0; i < tunables_list_size; i++) { if (tunables[i].t == NULL) @@ -260,11 +282,7 @@ parse_tunables (const char *valstring) if (!tunable_initialize (tunables[i].t, tunables[i].value, tunables[i].len)) - _dl_error_printf ("WARNING: ld.so: invalid GLIBC_TUNABLES value `%.*s' " - "for option `%s': ignored.\n", - (int) tunables[i].len, - tunables[i].value, - tunables[i].t->name); + parse_tunable_print_error (&tunables[i]); } } From patchwork Mon May 6 16:18:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1932112 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=ImHafg7p; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VY6B83MN8z1yZk for ; Tue, 7 May 2024 02:22:08 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id A23803858429 for ; Mon, 6 May 2024 16:22:06 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) by sourceware.org (Postfix) with ESMTPS id 74186384AB45 for ; Mon, 6 May 2024 16:20:12 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 74186384AB45 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 74186384AB45 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::432 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012415; cv=none; b=Vj9fOCwq/0bA6HRr9VJB2ohvmQ3Vogejt/kr1X0i7IFIBAgB8EQZAkRAtytP7GyhesENbh8OatDUsqS2OqJwZTfiPc+p8KnjbvOfGEiCt9P7RlCD79ZTWVyrIpUVRuIcHBUATcRkqu/HVMMdUB5lOGfRkuDUYbADUBvGE3OWTBY= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012415; c=relaxed/simple; bh=oyQyp6YUiBMQ8jUJrGaVozYmppImDJsGZaY9yU9tROs=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=OU1nOiDyWOUcSsa7dDpkn5mi/fgB+VXuQnl5L/v2Hyyiw0X6m/YbZ1XPqRYdPfzpDQw2yPQbjcCbDYR2n6WYPmItxtfq/Grzri2S5yvWJrLfJEHcGQWhp2tEbXqNy0Iq5N67xsl9GcS3OHK/Sx31rJR0ypLSSuqtuVn6GDgYZ5U= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-6f472d550cbso971573b3a.1 for ; Mon, 06 May 2024 09:20:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1715012411; x=1715617211; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FOPYZAo6AIGkDUAtI/84eAjoYfS0jVRDmQSIgMa23vI=; b=ImHafg7pv+VZ/gnC3BP4pqmY0tntSvE0mA5ldyfOOl3pLEiimXUXMumH/PMQj61L5s q48/wf2XSvLZj1bkSCuFSIQcZOCDHghi9r2nsm0K+Qvl7EWcYgzQ6SPUiqxVGDwzVF0d EWK2lBcfoYhkWDzvIq36EisPSm2+DlI0GMq0BxVymPAvi8jZFTnfOBCk5VjEpgBGXUzW SegGpn+i4gSENzWdLj/ghQmojqGyQ2iGPd5xCYqD3gZFkCItQiBGMi0HV+tmQytxhBPZ e2bzEoj/Lf4lijxyy/hncgy+uVyg6RzdMRe5ezajzhJuwGDhNZgSEBkv6RrX133h+Krd LngQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715012411; x=1715617211; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FOPYZAo6AIGkDUAtI/84eAjoYfS0jVRDmQSIgMa23vI=; b=FbURdObj5TxqFegCSaRSjbSmhmnnoIRrmfkyO6GqlTm3oP8g0tmbBEz8XfPjo4b/xd /PIRNqN/hvD9UrTAjGmPNquO4cK/ry+mR+2BKFt8GjM+zY4PxN1zOmpZTiz8fXsClp0C 8CFWDWem5kfb8jr4eXedtCMbJ7cQlozJQSr9POs+mjZQ8RgrYqxaz2ciz+tf9nAMQ07x wo0bdRQaS63SNdx5MRynXqJz/OXa9Wyiqy9I125PZFgY5KLPdbkTcHJkDN2CG74gcMWS v7/61t/ynwH4LhoEiqKXvrVm1/g+Sn0Uyn8ONHL0CqKyK7tCCQZDOH/B8r2v2ZqYpy0w kTTA== X-Gm-Message-State: AOJu0YxlFsEPzPG2o8PcFGumUXPV72G8CcrgOVjk8xxd1N48lpi8OPS2 R97TsUypRIF0lwTL9HCLZPgTlEn0UC/VzhXeW9nBgU4TwzmTctD4/bOqrD8fzXcpL6QKoC2VWDc oWbk= X-Google-Smtp-Source: AGHT+IFgzYinuGF5J9rWn+OKcgFsVSejV/S5Hnv+sBOcdft2urlP2BccRFgBcwfIfSItlCVkSNP9Bw== X-Received: by 2002:a05:6a00:c84:b0:6ea:b073:c10c with SMTP id a4-20020a056a000c8400b006eab073c10cmr13936487pfv.6.1715012410825; Mon, 06 May 2024 09:20:10 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c2:6e56:fc45:bb45:8b35:9b81]) by smtp.gmail.com with ESMTPSA id ll12-20020a056a00728c00b006ed0b798f1fsm7883347pfb.119.2024.05.06.09.20.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 09:20:10 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v3 3/4] support: Add envp argument to support_capture_subprogram Date: Mon, 6 May 2024 13:18:47 -0300 Message-ID: <20240506161955.1570278-4-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> References: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org So tests can specify a list of environment variables. Reviewed-by: Siddhesh Poyarekar --- elf/tst-audit18.c | 2 +- elf/tst-audit19b.c | 2 +- elf/tst-audit22.c | 2 +- elf/tst-audit23.c | 2 +- elf/tst-audit25a.c | 4 ++-- elf/tst-audit25b.c | 4 ++-- elf/tst-glibc-hwcaps-2-cache.c | 2 +- elf/tst-rtld-run-static.c | 4 ++-- elf/tst-tunables-enable_secure.c | 2 +- elf/tst-tunables.c | 2 +- support/capture_subprocess.h | 9 +++++---- support/subprocess.h | 7 ++++--- support/support_capture_subprocess.c | 5 +++-- support/support_subprocess.c | 5 +++-- support/tst-support_capture_subprocess.c | 2 +- sysdeps/x86/tst-hwcap-tunables.c | 2 +- 16 files changed, 30 insertions(+), 26 deletions(-) diff --git a/elf/tst-audit18.c b/elf/tst-audit18.c index 841251dd70..cec93e269c 100644 --- a/elf/tst-audit18.c +++ b/elf/tst-audit18.c @@ -79,7 +79,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod18.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit18", 0, sc_allow_stderr); struct diff --git a/elf/tst-audit19b.c b/elf/tst-audit19b.c index 70bfe4eadf..88d99a416b 100644 --- a/elf/tst-audit19b.c +++ b/elf/tst-audit19b.c @@ -69,7 +69,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod18b.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit18b", 0, sc_allow_stderr); bool find_symbind = false; diff --git a/elf/tst-audit22.c b/elf/tst-audit22.c index 4e97be3be0..6aa18af948 100644 --- a/elf/tst-audit22.c +++ b/elf/tst-audit22.c @@ -83,7 +83,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod22.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit22", 0, sc_allow_stderr); /* The respawned process should always print the vDSO address (otherwise it diff --git a/elf/tst-audit23.c b/elf/tst-audit23.c index 32e7c8b2a3..d2640fe8b2 100644 --- a/elf/tst-audit23.c +++ b/elf/tst-audit23.c @@ -82,7 +82,7 @@ do_test (int argc, char *argv[]) setenv ("LD_AUDIT", "tst-auditmod23.so", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit22", 0, sc_allow_stderr); /* The expected la_objopen/la_objclose: diff --git a/elf/tst-audit25a.c b/elf/tst-audit25a.c index b209ee820f..cdd4f2ce2b 100644 --- a/elf/tst-audit25a.c +++ b/elf/tst-audit25a.c @@ -77,7 +77,7 @@ do_test (int argc, char *argv[]) { struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); @@ -102,7 +102,7 @@ do_test (int argc, char *argv[]) { setenv ("LD_BIND_NOW", "1", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); diff --git a/elf/tst-audit25b.c b/elf/tst-audit25b.c index 9b8665d517..939f4d6188 100644 --- a/elf/tst-audit25b.c +++ b/elf/tst-audit25b.c @@ -76,7 +76,7 @@ do_test (int argc, char *argv[]) { struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); @@ -102,7 +102,7 @@ do_test (int argc, char *argv[]) { setenv ("LD_BIND_NOW", "1", 0); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-audit25a", 0, sc_allow_stderr); diff --git a/elf/tst-glibc-hwcaps-2-cache.c b/elf/tst-glibc-hwcaps-2-cache.c index 81ab44ff78..af91476cca 100644 --- a/elf/tst-glibc-hwcaps-2-cache.c +++ b/elf/tst-glibc-hwcaps-2-cache.c @@ -32,7 +32,7 @@ main (int argc, char **argv) /* Run ldconfig to populate the cache. */ char *command = xasprintf ("%s/ldconfig", support_install_rootsbindir); struct support_capture_subprocess result = - support_capture_subprogram (command, &((char *) { NULL })); + support_capture_subprogram (command, &((char *) { NULL }), NULL); support_capture_subprocess_check (&result, "ldconfig", 0, sc_allow_none); free (command); diff --git a/elf/tst-rtld-run-static.c b/elf/tst-rtld-run-static.c index b2650e85ff..f05c00eb7b 100644 --- a/elf/tst-rtld-run-static.c +++ b/elf/tst-rtld-run-static.c @@ -30,7 +30,7 @@ do_test (void) { char *argv[] = { (char *) "ld.so", ldconfig_path, (char *) "--help", NULL }; struct support_capture_subprocess cap - = support_capture_subprogram (support_objdir_elf_ldso, argv); + = support_capture_subprogram (support_objdir_elf_ldso, argv, NULL); support_capture_subprocess_check (&cap, "no --argv0", 0, sc_allow_stdout); puts ("info: output without --argv0:"); puts (cap.out.buffer); @@ -46,7 +46,7 @@ do_test (void) ldconfig_path, (char *) "--help", NULL }; struct support_capture_subprocess cap - = support_capture_subprogram (support_objdir_elf_ldso, argv); + = support_capture_subprogram (support_objdir_elf_ldso, argv, NULL); support_capture_subprocess_check (&cap, "with --argv0", 0, sc_allow_stdout); puts ("info: output with --argv0:"); puts (cap.out.buffer); diff --git a/elf/tst-tunables-enable_secure.c b/elf/tst-tunables-enable_secure.c index e31e1f7faa..f5db1c84e9 100644 --- a/elf/tst-tunables-enable_secure.c +++ b/elf/tst-tunables-enable_secure.c @@ -113,7 +113,7 @@ do_test (int argc, char *argv[]) printf ("[%d] Spawned test for %s\n", i, tests[i].env); setenv ("GLIBC_TUNABLES", tests[i].env, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables-enable_secure", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c index dff34ed748..4884dd09f0 100644 --- a/elf/tst-tunables.c +++ b/elf/tst-tunables.c @@ -396,7 +396,7 @@ do_test (int argc, char *argv[]) tests[i].value); setenv (tests[i].name, tests[i].value, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/support/capture_subprocess.h b/support/capture_subprocess.h index 1ecbdfe4fc..93b7245d2a 100644 --- a/support/capture_subprocess.h +++ b/support/capture_subprocess.h @@ -35,11 +35,12 @@ struct support_capture_subprocess struct support_capture_subprocess support_capture_subprocess (void (*callback) (void *), void *closure); -/* Issue FILE with ARGV arguments by using posix_spawn and capture standard - output, standard error, and the exit status. The out.buffer and err.buffer - are handle as support_capture_subprocess. */ +/* Issue FILE with ARGV arguments and ENVP environments by using posix_spawn + and capture standard output, standard error, and the exit status. If + ENVP is NULL the current environment variable is used. The out.buffer and + err.buffer are handle by support_capture_subprocess. */ struct support_capture_subprocess support_capture_subprogram - (const char *file, char *const argv[]); + (const char *file, char *const argv[], char *const envp[]); /* Copy the running program into a setgid binary and run it with CHILD_ID argument. If execution is successful, return the exit status of the child diff --git a/support/subprocess.h b/support/subprocess.h index 8fbb895353..8274a2b22b 100644 --- a/support/subprocess.h +++ b/support/subprocess.h @@ -33,10 +33,11 @@ struct support_subprocess struct support_subprocess support_subprocess (void (*callback) (void *), void *closure); -/* Issue FILE with ARGV arguments by using posix_spawn and return is PID, a - pipe redirected to STDOUT, and a pipe redirected to STDERR. */ +/* Issue FILE with ARGV arguments and ENVP environments by using posix_spawn + and return is PID, a pipe redirected to STDOUT, and a pipe redirected to + STDERR. If ENVP is NULL the current environment variable is used. */ struct support_subprocess support_subprogram - (const char *file, char *const argv[]); + (const char *file, char *const argv[], char *const envp[]); /* Invoke program FILE with ARGV arguments by using posix_spawn and wait for it to complete. Return program exit status. */ diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c index ffced8a89f..53847194cb 100644 --- a/support/support_capture_subprocess.c +++ b/support/support_capture_subprocess.c @@ -93,13 +93,14 @@ support_capture_subprocess (void (*callback) (void *), void *closure) } struct support_capture_subprocess -support_capture_subprogram (const char *file, char *const argv[]) +support_capture_subprogram (const char *file, char *const argv[], + char *const envp[]) { struct support_capture_subprocess result; xopen_memstream (&result.out); xopen_memstream (&result.err); - struct support_subprocess proc = support_subprogram (file, argv); + struct support_subprocess proc = support_subprogram (file, argv, envp); support_capture_poll (&result, &proc); return result; diff --git a/support/support_subprocess.c b/support/support_subprocess.c index a2fef394d4..b692a7f8b1 100644 --- a/support/support_subprocess.c +++ b/support/support_subprocess.c @@ -69,7 +69,7 @@ support_subprocess (void (*callback) (void *), void *closure) } struct support_subprocess -support_subprogram (const char *file, char *const argv[]) +support_subprogram (const char *file, char *const argv[], char *const envp[]) { struct support_subprocess result = support_subprocess_init (); @@ -84,7 +84,8 @@ support_subprogram (const char *file, char *const argv[]) xposix_spawn_file_actions_addclose (&fa, result.stdout_pipe[1]); xposix_spawn_file_actions_addclose (&fa, result.stderr_pipe[1]); - result.pid = xposix_spawn (file, &fa, NULL, argv, environ); + result.pid = xposix_spawn (file, &fa, NULL, argv, + envp == NULL ? environ : envp); xclose (result.stdout_pipe[1]); xclose (result.stderr_pipe[1]); diff --git a/support/tst-support_capture_subprocess.c b/support/tst-support_capture_subprocess.c index 8145548982..756fb75d19 100644 --- a/support/tst-support_capture_subprocess.c +++ b/support/tst-support_capture_subprocess.c @@ -238,7 +238,7 @@ do_subprogram (const struct test *test) args[argc] = NULL; TEST_VERIFY (argc < argv_size); - return support_capture_subprogram (args[0], args); + return support_capture_subprogram (args[0], args, NULL); } enum test_type diff --git a/sysdeps/x86/tst-hwcap-tunables.c b/sysdeps/x86/tst-hwcap-tunables.c index f6a65b88de..8589a9fd66 100644 --- a/sysdeps/x86/tst-hwcap-tunables.c +++ b/sysdeps/x86/tst-hwcap-tunables.c @@ -133,7 +133,7 @@ do_test (int argc, char *argv[]) setenv ("GLIBC_TUNABLES", tunable, 1); struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv); + = support_capture_subprogram (spargv[0], spargv, NULL); support_capture_subprocess_check (&result, "tst-tunables", 0, sc_allow_stderr); support_capture_subprocess_free (&result); From patchwork Mon May 6 16:18:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 1932113 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=ULUEcJic; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VY6Br1tMvz1yZk for ; Tue, 7 May 2024 02:22:44 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 8A7DE385841E for ; Mon, 6 May 2024 16:22:42 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x435.google.com (mail-pf1-x435.google.com [IPv6:2607:f8b0:4864:20::435]) by sourceware.org (Postfix) with ESMTPS id 7DE743858C62 for ; Mon, 6 May 2024 16:20:14 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7DE743858C62 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 7DE743858C62 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::435 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012416; cv=none; b=QQcu8Io4DhYiGbmSMXw1sfo1OKOZtE/XE6+xn1/4B051MfiUCekw0aPIcTFkXJAYrFHvVN5+WZCelmwV/3okL4GqvNz6aGNhSXwNpLcapKBIuX7oIfk+byqLObk7Ogp8s/oUXor5I91orH3NjT0xqVbhn8DMMeKKWPEd+fJp0fs= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012416; c=relaxed/simple; bh=Bx77GcPaoV/PKQ0ks4wegqXSG/Uhi2kZPuxk7dT6cZ0=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=uWmIKtyK++UYKjU1gwoeln72zcLXPKx0qrSPTSffThDuSpByEdYbVLPTRrSMkmA1l/YNCxfhhM+30CO32jTKMNnJlGO9q8Ex8EGUGmJcAs4PHhKMxoWUc7ZZhTZtlGWDmGrU06mCLCk909cTeqfYn4khdrJJs+h0t8TdRgDzi4o= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x435.google.com with SMTP id d2e1a72fcca58-6f44ed6e82fso1999868b3a.3 for ; Mon, 06 May 2024 09:20:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1715012413; x=1715617213; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=qoiKmHdX0UZ9a/7145q2mKR55bpO592xOlaygD0jzrM=; b=ULUEcJicJrgl8ponBKjQ1oZU80WF0wiytdJlN+UhSfMHporrRqInIoWKgzk3I3NiBx dVs3rIRQe3N+81t2lHYwdSpYvLnKdqNmZgty85oPtRQF0hur2bvnTPIaUYPjzGyIaaCg hscSvzijdWiAp7YfBgnOGu4mNL6tJdLjtWUa+TN4WKFMtNAB2Mpa1exdhSpscylJfgmO ICHNNfb09rpisO/THlyI1zDh8nfVjX+D4KFDMAu9ANUU6vImOch/SNEPOjyE6muFSNPn Csdt5sMBEA8fKw/RQPUUKAyS4BoDy0OOI2D8i7NHUxsx2YrKIFlp2Q6yAE9EgpfK4s2e CMlw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715012413; x=1715617213; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qoiKmHdX0UZ9a/7145q2mKR55bpO592xOlaygD0jzrM=; b=itZ9wry8BampLSwGjTa2kv7LGaAYGpETKdiugmPeXGQqyCuXV9W9kC7rz56nwK9gGh IVknci61xmxwfE6Md+U1jcw9MuXhEd0QNcxMUp4yXuxNpRYCKS/prYjFtqINzXGWTA4b 0qUoxfkHH3A77rlFgh4eM+HCstDc8L/VqjHr28s4757xA4R27RDzocDUOov8dxwHL5E5 mR8zBA5ahY32JzamagRhT97ogHhECmXiwA3WneH6YvDuzHw/32G9uTMZzUdiNCS0/rDy lnOoWDak+wxpxL4NrIQL4Ehh1Yyu+BcqL+rbD8aS9XTa2fHIbSuxx0HmXelQcwKNCfmD A/NQ== X-Gm-Message-State: AOJu0Ywh8jZmq278pVrK/EFPkNepsLnp55pdMT0BzNfLJNXFd8bc5SWi zwxqBULrbFBqfoGZ+bLXKJdDfS0VJtokMin7ALPoU/3r5HEJ/0ELqBIBsY5Hmx9eJAjAYxmX91M CF+Y= X-Google-Smtp-Source: AGHT+IEf7HlN6rV+L3d93ypmdD4XkKYgcEkEZQglwwG6kgHvpsUTJWj4ZOOTdWLJ2zS3q5nlsLK5hw== X-Received: by 2002:a05:6a00:2287:b0:6f3:ee4f:e28a with SMTP id f7-20020a056a00228700b006f3ee4fe28amr11953302pfe.32.1715012412854; Mon, 06 May 2024 09:20:12 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c2:6e56:fc45:bb45:8b35:9b81]) by smtp.gmail.com with ESMTPSA id ll12-20020a056a00728c00b006ed0b798f1fsm7883347pfb.119.2024.05.06.09.20.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 09:20:12 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v3 4/4] elf: Make glibc.rtld.enable_secure ignore alias environment variables Date: Mon, 6 May 2024 13:18:48 -0300 Message-ID: <20240506161955.1570278-5-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> References: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-13.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org Tunable with environment variables aliases are also ignored if glibc.rtld.enable_secure is enabled. The tunable parsing is also optimized a bit, where the loop that checks each environment variable only checks for the tunables with aliases instead of all tables. Checked on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Siddhesh Poyarekar --- elf/dl-tunables.c | 36 ++++++-- elf/tst-tunables-enable_secure.c | 136 +++++++++++++++++++++++++++---- scripts/gen-tunables.awk | 16 +++- 3 files changed, 164 insertions(+), 24 deletions(-) diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c index 63cf8c7ab5..147cc4cf23 100644 --- a/elf/dl-tunables.c +++ b/elf/dl-tunables.c @@ -300,6 +300,9 @@ __tunables_init (char **envp) if (__libc_enable_secure) return; + enum { tunable_num_env_alias = array_length (tunable_env_alias_list) }; + struct tunable_toset_t tunables_env_alias[tunable_num_env_alias] = { 0 }; + while ((envp = get_next_env (envp, &envname, &envval, &prev_envp)) != NULL) { /* The environment variable is allocated on the stack by the kernel, so @@ -311,29 +314,44 @@ __tunables_init (char **envp) continue; } - for (int i = 0; i < tunables_list_size; i++) + for (int i = 0; i < tunable_num_env_alias; i++) { - tunable_t *cur = &tunable_list[i]; + tunable_t *cur = &tunable_list[tunable_env_alias_list[i]]; + const char *name = cur->env_alias; - /* Skip over tunables that have either been set already or should be - skipped. */ - if (cur->initialized || cur->env_alias[0] == '\0') + if (name[0] == '\0') continue; - const char *name = cur->env_alias; - - /* We have a match. Initialize and move on to the next line. */ if (tunable_is_name (name, envname)) { size_t envvallen = 0; /* The environment variable is always null-terminated. */ for (const char *p = envval; *p != '\0'; p++, envvallen++); - tunable_initialize (cur, envval, envvallen); + tunables_env_alias[i] = + (struct tunable_toset_t) { cur, envval, envvallen }; break; } } } + + /* Check if glibc.rtld.enable_secure was set and skip over the environment + variables aliases. */ + if (__libc_enable_secure) + return; + + for (int i = 0; i < tunable_num_env_alias; i++) + { + /* Skip over tunables that have either been set or already initialized. */ + if (tunables_env_alias[i].t == NULL + || tunables_env_alias[i].t->initialized) + continue; + + if (!tunable_initialize (tunables_env_alias[i].t, + tunables_env_alias[i].value, + tunables_env_alias[i].len)) + parse_tunable_print_error (&tunables_env_alias[i]); + } } void diff --git a/elf/tst-tunables-enable_secure.c b/elf/tst-tunables-enable_secure.c index f5db1c84e9..99a065e8db 100644 --- a/elf/tst-tunables-enable_secure.c +++ b/elf/tst-tunables-enable_secure.c @@ -17,6 +17,10 @@ . */ #include +/* The test uses the tunable_env_alias_list size, which is only exported for + ld.so. This will result in a copy of tunable_list and + tunable_env_alias_list, which is ununsed by the test itself. */ +#define TUNABLES_INTERNAL 1 #include #include #include @@ -34,6 +38,8 @@ static int restart; static const struct test_t { const char *env; + const char *extraenv; + bool check_multiple; int32_t expected_malloc_check; int32_t expected_enable_secure; } tests[] = @@ -41,39 +47,124 @@ static const struct test_t /* Expected tunable format. */ /* Tunables should be ignored if enable_secure is set. */ { - "glibc.malloc.check=2:glibc.rtld.enable_secure=1", + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + NULL, + false, 0, 1, }, /* Tunables should be ignored if enable_secure is set. */ { - "glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + NULL, + false, 0, 1, }, /* Tunables should be set if enable_secure is unset. */ { - "glibc.rtld.enable_secure=0:glibc.malloc.check=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + NULL, + false, 2, 0, }, + /* Tunables should be ignored if enable_secure is set. */ + { + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + "MALLOC_CHECK_=2", + false, + 0, + 1, + }, + /* Same as before, but with enviroment alias prior GLIBC_TUNABLES. */ + { + "MALLOC_CHECK_=2", + "GLIBC_TUNABLES=glibc.malloc.check=2:glibc.rtld.enable_secure=1", + false, + 0, + 1, + }, + /* Tunables should be ignored if enable_secure is set. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "MALLOC_CHECK_=2", + false, + 0, + 1, + }, + { + "MALLOC_CHECK_=2", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + false, + 0, + 1, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 2, + 0, + }, + { + "MALLOC_CHECK_=1", + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0:glibc.malloc.check=2", + /* Tunable have precedence over the environment variable. */ + false, + 2, + 0, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 1, + 0, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + false, + 1, + 0, + }, + /* Check with tunables environment variable alias set multiple times. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=1:glibc.malloc.check=2", + "MALLOC_CHECK_=2", + true, + 0, + 1, + }, + /* Tunables should be set if enable_secure is unset. */ + { + "GLIBC_TUNABLES=glibc.rtld.enable_secure=0", + /* Tunable have precedence over the environment variable. */ + "MALLOC_CHECK_=1", + true, + 1, + 0, + }, }; static int handle_restart (int i) { if (tests[i].expected_enable_secure == 1) - { - TEST_COMPARE (1, __libc_enable_secure); - } + TEST_COMPARE (1, __libc_enable_secure); else - { - TEST_COMPARE (tests[i].expected_malloc_check, - TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL)); - TEST_COMPARE (tests[i].expected_enable_secure, - TUNABLE_GET_FULL (glibc, rtld, enable_secure, int32_t, - NULL)); - } + TEST_COMPARE (tests[i].expected_enable_secure, + TUNABLE_GET_FULL (glibc, rtld, enable_secure, int32_t, + NULL)); + TEST_COMPARE (tests[i].expected_malloc_check, + TUNABLE_GET_FULL (glibc, malloc, check, int32_t, NULL)); return 0; } @@ -106,14 +197,31 @@ do_test (int argc, char *argv[]) spargv[i] = NULL; } + enum { tunable_num_env_alias = array_length (tunable_env_alias_list) }; + for (int i = 0; i < array_length (tests); i++) { snprintf (nteststr, sizeof nteststr, "%d", i); printf ("[%d] Spawned test for %s\n", i, tests[i].env); setenv ("GLIBC_TUNABLES", tests[i].env, 1); + + char *envp[2 + tunable_num_env_alias + 1] = + { + (char *) tests[i].env, + (char *) tests[i].extraenv, + NULL, + }; + if (tests[i].check_multiple) + { + int j; + for (j=0; j < tunable_num_env_alias; j++) + envp[j + 2] = (char *) tests[i].extraenv; + envp[j + 2] = NULL; + } + struct support_capture_subprocess result - = support_capture_subprogram (spargv[0], spargv, NULL); + = support_capture_subprogram (spargv[0], spargv, envp); support_capture_subprocess_check (&result, "tst-tunables-enable_secure", 0, sc_allow_stderr); support_capture_subprocess_free (&result); diff --git a/scripts/gen-tunables.awk b/scripts/gen-tunables.awk index 9f5336381e..fc3b41376f 100644 --- a/scripts/gen-tunables.awk +++ b/scripts/gen-tunables.awk @@ -156,7 +156,7 @@ END { print "# define TUNABLE_ALIAS_MAX " (max_alias_len + 1) print "# include \"dl-tunable-types.h\"" # Finally, the tunable list. - print "static tunable_t tunable_list[] attribute_relro = {" + print "static tunable_t tunable_list[] attribute_relro __attribute_used__ = {" for (tnm in types) { split (tnm, indices, SUBSEP); t = indices[1]; @@ -168,5 +168,19 @@ END { default_val[t,n,m], env_alias[t,n,m]); } print "};" + + # Map of tunable with environment variables aliases used during parsing. */ + print "\nstatic const tunable_id_t tunable_env_alias_list[] =" + printf "{\n" + for (tnm in types) { + split (tnm, indices, SUBSEP); + t = indices[1]; + n = indices[2]; + m = indices[3]; + if (env_alias[t,n,m] != "{0}") { + printf (" TUNABLE_ENUM_NAME(%s, %s, %s),\n", t, n, m); + } + } + printf "};\n" print "#endif" }