Create a hook for inspecting program headers during library load
Commit Message
Hi Roland,
An updated version of this patch is below which should address all of your
comments. It took some time as I have been reworking the MIPS
implementation and wanted to make sure that didn't impact the definition
of the hook.
Thanks,
Matthew
* elf/dl-machine-reject-phdr.h: New file.
* elf/dl-load.c: #include that.
(open_verify): Call elf_machine_reject_phdr_p and ignore the file
if that returned true.
---
elf/dl-load.c | 6 ++++++
elf/dl-machine-reject-phdr.h | 34 ++++++++++++++++++++++++++++++++++
2 files changed, 40 insertions(+)
create mode 100644 elf/dl-machine-reject-phdr.h
Comments
> That looks fine to me.
Rebased, retested with no regression on x86_64 and committed.
@@ -41,6 +41,7 @@
#include <dl-load.h>
#include <dl-map-segments.h>
#include <dl-unmap-segments.h>
+#include <dl-machine-reject-phdr.h>
#include <endian.h>
@@ -1697,6 +1698,11 @@ open_verify (const char *name, struct filebuf *fbp, struct link_map *loader,
}
}
+ if (__glibc_unlikely (elf_machine_reject_phdr_p
+ (phdr, ehdr->e_phnum, fbp->buf, fbp->len,
+ loader, fd)))
+ goto close_and_out;
+
/* Check .note.ABI-tag if present. */
for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph)
if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4)
new file mode 100644
@@ -0,0 +1,34 @@
+/* Machine-dependent program header inspection for the ELF loader.
+ Copyright (C) 2014 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _DL_MACHINE_REJECT_PHDR_H
+#define _DL_MACHINE_REJECT_PHDR_H 1
+
+#include <stdbool.h>
+
+/* Return true iff ELF program headers are incompatible with the running
+ host. */
+static inline bool
+elf_machine_reject_phdr_p (const ElfW(Phdr) *phdr, uint_fast16_t phnum,
+ const char *buf, size_t len, struct link_map *map,
+ int fd)
+{
+ return false;
+}
+
+#endif /* dl-machine-reject-phdr.h */