diff mbox series

[v5,1/1] elf: Also try DT_RUNPATH for LD_AUDIT dlopen [BZ #28455]

Message ID 20220103235753.2062518-2-hjl.tools@gmail.com
State Committed
Commit bfb5ed5df3dd4d9507b4922248dc445b690d19c0
Headers
Series elf: Also try DT_RUNPATH for LD_AUDIT dlopen [BZ #28455] |

Checks

Context Check Description
dj/TryBot-apply_patch success Patch applied to master at the time it was sent
dj/TryBot-32bit success Build for i686

Commit Message

H.J. Lu Jan. 3, 2022, 11:57 p.m. UTC 
  DT_RUNPATH is only used to find the immediate dependencies of the
executable or shared object containing the DT_RUNPATH entry.  Update
LD_AUDIT dlopen call to try the DT_RUNPATH entry of the executable.

Add tst-audit14a, which is copied from tst-audit14, to DT_RUNPATH and
build tst-audit14 with -Wl,--disable-new-dtags to test DT_RPATH.

This partially fixes BZ #28455.
---
 elf/Makefile       | 11 ++++++++---
 elf/dl-load.c      | 15 +++++++++++++++
 elf/tst-audit14a.c |  1 +
 3 files changed, 24 insertions(+), 3 deletions(-)
 create mode 100644 elf/tst-audit14a.c

Comments

Adhemerval Zanella Netto Jan. 4, 2022, 12:37 p.m. UTC | #1 
On 03/01/2022 20:57, H.J. Lu wrote:
> DT_RUNPATH is only used to find the immediate dependencies of the
> executable or shared object containing the DT_RUNPATH entry.  Update
> LD_AUDIT dlopen call to try the DT_RUNPATH entry of the executable.
> 
> Add tst-audit14a, which is copied from tst-audit14, to DT_RUNPATH and
> build tst-audit14 with -Wl,--disable-new-dtags to test DT_RPATH.
> 
> This partially fixes BZ #28455.

LGTM, thanks.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

> ---
>  elf/Makefile       | 11 ++++++++---
>  elf/dl-load.c      | 15 +++++++++++++++
>  elf/tst-audit14a.c |  1 +
>  3 files changed, 24 insertions(+), 3 deletions(-)
>  create mode 100644 elf/tst-audit14a.c
> 
> diff --git a/elf/Makefile b/elf/Makefile
> index 43dd18cc73..f9006e1d1d 100644
> --- a/elf/Makefile
> +++ b/elf/Makefile
> @@ -354,10 +354,10 @@ ifneq ($(selinux-enabled),1)
>  tests-execstack-yes = tst-execstack tst-execstack-needed tst-execstack-prog
>  endif
>  ifeq ($(have-depaudit),yes)
> -tests += tst-audit14 tst-audit15 tst-audit16
> +tests += tst-audit14 tst-audit15 tst-audit16 tst-audit14a
>  ifeq ($(run-built-tests),yes)
>  tests-special += $(objpfx)tst-audit14-cmp.out $(objpfx)tst-audit15-cmp.out \
> -		 $(objpfx)tst-audit16-cmp.out
> +		 $(objpfx)tst-audit16-cmp.out $(objpfx)tst-audit14a-cmp.out
>  endif
>  endif
>  endif
> @@ -1832,9 +1832,11 @@ $(objpfx)tst-auditmany.out: $(objpfx)tst-auditmanymod1.so \
>  tst-auditmany-ENV = \
>    LD_AUDIT=tst-auditmanymod1.so:tst-auditmanymod2.so:tst-auditmanymod3.so:tst-auditmanymod4.so:tst-auditmanymod5.so:tst-auditmanymod6.so:tst-auditmanymod7.so:tst-auditmanymod8.so:tst-auditmanymod9.so
>  
> -LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so
> +LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so,--disable-new-dtags
>  $(objpfx)tst-auditlogmod-1.so: $(libsupport)
>  $(objpfx)tst-audit14.out: $(objpfx)tst-auditlogmod-1.so
> +LDFLAGS-tst-audit14a = -Wl,--audit=tst-auditlogmod-1.so,--enable-new-dtags
> +$(objpfx)tst-audit14a.out: $(objpfx)tst-auditlogmod-1.so
>  LDFLAGS-tst-audit15 = \
>    -Wl,--audit=tst-auditlogmod-1.so,--depaudit=tst-auditlogmod-2.so
>  $(objpfx)tst-auditlogmod-2.so: $(libsupport)
> @@ -1861,6 +1863,9 @@ tst-audit17-ENV = LD_AUDIT=$(objpfx)tst-auditmod17.so
>  $(objpfx)tst-audit14-cmp.out: tst-audit14.exp $(objpfx)tst-audit14.out
>  	cmp $^ > $@; \
>  	$(evaluate-test)
> +$(objpfx)tst-audit14a-cmp.out: tst-audit14.exp $(objpfx)tst-audit14a.out
> +	cmp $^ > $@; \
> +	$(evaluate-test)
>  $(objpfx)tst-audit15-cmp.out: tst-audit15.exp $(objpfx)tst-audit15.out
>  	cmp $^ > $@; \
>  	$(evaluate-test)
> diff --git a/elf/dl-load.c b/elf/dl-load.c
> index ddc4295ef5..12744caf91 100644
> --- a/elf/dl-load.c
> +++ b/elf/dl-load.c
> @@ -2111,6 +2111,21 @@ _dl_map_object (struct link_map *loader, const char *name,
>  			    &main_map->l_rpath_dirs,
>  			    &realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
>  			    &found_other_class);
> +
> +	  /* Also try DT_RUNPATH in the executable for LD_AUDIT dlopen
> +	     call.  */
> +	  if (__glibc_unlikely (mode & __RTLD_AUDIT)
> +	      && fd == -1 && !did_main_map
> +	      && main_map != NULL && main_map->l_type != lt_loaded)
> +	    {
> +	      struct r_search_path_struct l_rpath_dirs;
> +	      l_rpath_dirs.dirs = NULL;
> +	      if (cache_rpath (main_map, &l_rpath_dirs,
> +			       DT_RUNPATH, "RUNPATH"))
> +		fd = open_path (name, namelen, mode, &l_rpath_dirs,
> +				&realname, &fb, loader ?: main_map,
> +				LA_SER_RUNPATH, &found_other_class);
> +	    }
>  	}
>  
>        /* Try the LD_LIBRARY_PATH environment variable.  */
> diff --git a/elf/tst-audit14a.c b/elf/tst-audit14a.c
> new file mode 100644
> index 0000000000..c6232eacf2
> --- /dev/null
> +++ b/elf/tst-audit14a.c
> @@ -0,0 +1 @@
> +#include "tst-audit14.c"
diff mbox series

Patch

diff --git a/elf/Makefile b/elf/Makefile
index 43dd18cc73..f9006e1d1d 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -354,10 +354,10 @@  ifneq ($(selinux-enabled),1)
 tests-execstack-yes = tst-execstack tst-execstack-needed tst-execstack-prog
 endif
 ifeq ($(have-depaudit),yes)
-tests += tst-audit14 tst-audit15 tst-audit16
+tests += tst-audit14 tst-audit15 tst-audit16 tst-audit14a
 ifeq ($(run-built-tests),yes)
 tests-special += $(objpfx)tst-audit14-cmp.out $(objpfx)tst-audit15-cmp.out \
-		 $(objpfx)tst-audit16-cmp.out
+		 $(objpfx)tst-audit16-cmp.out $(objpfx)tst-audit14a-cmp.out
 endif
 endif
 endif
@@ -1832,9 +1832,11 @@  $(objpfx)tst-auditmany.out: $(objpfx)tst-auditmanymod1.so \
 tst-auditmany-ENV = \
   LD_AUDIT=tst-auditmanymod1.so:tst-auditmanymod2.so:tst-auditmanymod3.so:tst-auditmanymod4.so:tst-auditmanymod5.so:tst-auditmanymod6.so:tst-auditmanymod7.so:tst-auditmanymod8.so:tst-auditmanymod9.so
 
-LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so
+LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so,--disable-new-dtags
 $(objpfx)tst-auditlogmod-1.so: $(libsupport)
 $(objpfx)tst-audit14.out: $(objpfx)tst-auditlogmod-1.so
+LDFLAGS-tst-audit14a = -Wl,--audit=tst-auditlogmod-1.so,--enable-new-dtags
+$(objpfx)tst-audit14a.out: $(objpfx)tst-auditlogmod-1.so
 LDFLAGS-tst-audit15 = \
   -Wl,--audit=tst-auditlogmod-1.so,--depaudit=tst-auditlogmod-2.so
 $(objpfx)tst-auditlogmod-2.so: $(libsupport)
@@ -1861,6 +1863,9 @@  tst-audit17-ENV = LD_AUDIT=$(objpfx)tst-auditmod17.so
 $(objpfx)tst-audit14-cmp.out: tst-audit14.exp $(objpfx)tst-audit14.out
 	cmp $^ > $@; \
 	$(evaluate-test)
+$(objpfx)tst-audit14a-cmp.out: tst-audit14.exp $(objpfx)tst-audit14a.out
+	cmp $^ > $@; \
+	$(evaluate-test)
 $(objpfx)tst-audit15-cmp.out: tst-audit15.exp $(objpfx)tst-audit15.out
 	cmp $^ > $@; \
 	$(evaluate-test)
diff --git a/elf/dl-load.c b/elf/dl-load.c
index ddc4295ef5..12744caf91 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -2111,6 +2111,21 @@  _dl_map_object (struct link_map *loader, const char *name,
 			    &main_map->l_rpath_dirs,
 			    &realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
 			    &found_other_class);
+
+	  /* Also try DT_RUNPATH in the executable for LD_AUDIT dlopen
+	     call.  */
+	  if (__glibc_unlikely (mode & __RTLD_AUDIT)
+	      && fd == -1 && !did_main_map
+	      && main_map != NULL && main_map->l_type != lt_loaded)
+	    {
+	      struct r_search_path_struct l_rpath_dirs;
+	      l_rpath_dirs.dirs = NULL;
+	      if (cache_rpath (main_map, &l_rpath_dirs,
+			       DT_RUNPATH, "RUNPATH"))
+		fd = open_path (name, namelen, mode, &l_rpath_dirs,
+				&realname, &fb, loader ?: main_map,
+				LA_SER_RUNPATH, &found_other_class);
+	    }
 	}
 
       /* Try the LD_LIBRARY_PATH environment variable.  */
diff --git a/elf/tst-audit14a.c b/elf/tst-audit14a.c
new file mode 100644
index 0000000000..c6232eacf2
--- /dev/null
+++ b/elf/tst-audit14a.c
@@ -0,0 +1 @@ 
+#include "tst-audit14.c"