From patchwork Thu Dec 16 02:06:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "H.J. Lu" X-Patchwork-Id: 49001 X-Patchwork-Delegate: azanella@linux.vnet.ibm.com Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id BFEFF385841C for ; Thu, 16 Dec 2021 02:06:31 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org BFEFF385841C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1639620391; bh=o+YgVGQhcijjCh7790DE5evpYzkOJZ/xawddbouO2II=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=d4dK6G8JB5cyoEo+2RokiP7O2r6tt/raqh/1wIQ+14MRtPYoHUZDz/t4722lB9RTy /ZWkGG9muNnt3YpE5aSVJCDRE+Ogn9oKxWB7BY65tjSDiVO95n8b6MwO2qykX5vPUS KWvYGE1ET3HZkF2XvLMCyub98Vn5SbUA/D84MoxI= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) by sourceware.org (Postfix) with ESMTPS id A1BF63858D3C for ; Thu, 16 Dec 2021 02:06:08 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org A1BF63858D3C Received: by mail-pg1-x531.google.com with SMTP id r138so21617383pgr.13 for ; Wed, 15 Dec 2021 18:06:08 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=o+YgVGQhcijjCh7790DE5evpYzkOJZ/xawddbouO2II=; b=ERSF9Q/FH8LU1KWm8TDTJM7N2AKXZKeNjnAQfsVmtcoA7eNA60Mbo3sxwme1k3PNUA Zx4NQbxNZTfAjlPS59mhR8UK5Cc0nPTNiKYToh1TuDx+MhS8B6Lk3iZX8JROFRY8b16V PbBxgcFkHYMcnt1VQtiVR54itZDxegl3JUCVY39QKAgmcZKy0VdfM/V2N/O03kesQj5H fnSplzRviC/uS5RsjQKGBqBSFBQCBu3kCXFalHf6dEZVLlBxWateze9ui29m8xB05tkk yKC2WKiDm7zINdOvIA7zroroj1jWogzRi7E4DM0aS5+THQS+OHLNardQA3hR52QqLaQ6 Cu2A== X-Gm-Message-State: AOAM531Mzqvu+LPVPpIWjRCgDdX/jcjEMqFn59iHR/7xQvoyBG4c1s+n WZfWwwtQIb8OFJNjTIywMTHaEiI4MbM= X-Google-Smtp-Source: ABdhPJzQDSDHDhoe52xbBet2hNINrPQmVo3EcMQaVi7RFhtphM1od2Gz78SG2xinfucLpi4WeqRdeQ== X-Received: by 2002:a65:558c:: with SMTP id j12mr10099937pgs.373.1639620367706; Wed, 15 Dec 2021 18:06:07 -0800 (PST) Received: from gnu-cfl-2.localdomain ([172.58.35.133]) by smtp.gmail.com with ESMTPSA id u17sm4161676pfk.179.2021.12.15.18.06.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Dec 2021 18:06:07 -0800 (PST) Received: from gnu-cfl-2.. (localhost [IPv6:::1]) by gnu-cfl-2.localdomain (Postfix) with ESMTP id F03CE42013A; Wed, 15 Dec 2021 18:06:05 -0800 (PST) To: libc-alpha@sourceware.org Subject: [PATCH v4] elf: Also try DT_RUNPATH for LD_AUDIT dlopen [BZ #28455] Date: Wed, 15 Dec 2021 18:06:05 -0800 Message-Id: <20211216020605.792222-1-hjl.tools@gmail.com> X-Mailer: git-send-email 2.33.1 MIME-Version: 1.0 X-Spam-Status: No, score=-3029.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: "H.J. Lu via Libc-alpha" From: "H.J. Lu" Reply-To: "H.J. Lu" Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" Changes in v4: 1. Move the RUNPATH search for LD_AUDIT dlopen after the other RUNPATH search 2. Split one test per line and sort. DT_RUNPATH is only used to find the immediate dependencies of the executable or shared object containing the DT_RUNPATH entry. Update LD_AUDIT dlopen call to try the DT_RUNPATH entry of the executable. This partially fixes BZ #28455. --- elf/Makefile | 20 +++++++++++++++++--- elf/dl-load.c | 37 ++++++++++++++++++++++++++++++++----- elf/tst-audit14a.c | 1 + 3 files changed, 50 insertions(+), 8 deletions(-) create mode 100644 elf/tst-audit14a.c diff --git a/elf/Makefile b/elf/Makefile index fe42caeb0e..625b1a023f 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -249,10 +249,19 @@ ifneq ($(selinux-enabled),1) tests-execstack-yes = tst-execstack tst-execstack-needed tst-execstack-prog endif ifeq ($(have-depaudit),yes) -tests += tst-audit14 tst-audit15 tst-audit16 +tests += \ + tst-audit14 \ + tst-audit14a \ + tst-audit15 \ + tst-audit16 \ + ifeq ($(run-built-tests),yes) -tests-special += $(objpfx)tst-audit14-cmp.out $(objpfx)tst-audit15-cmp.out \ - $(objpfx)tst-audit16-cmp.out +tests-special += \ + $(objpfx)tst-audit14-cmp.out \ + $(objpfx)tst-audit14a-cmp.out \ + $(objpfx)tst-audit15-cmp.out \ + $(objpfx)tst-audit16-cmp.out \ + endif endif endif @@ -1529,6 +1538,8 @@ tst-auditmany-ENV = \ LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so $(objpfx)tst-auditlogmod-1.so: $(libsupport) $(objpfx)tst-audit14.out: $(objpfx)tst-auditlogmod-1.so +LDFLAGS-tst-audit14a = -Wl,--audit=tst-auditlogmod-1.so,--enable-new-dtags +$(objpfx)tst-audit14a.out: $(objpfx)tst-auditlogmod-1.so LDFLAGS-tst-audit15 = \ -Wl,--audit=tst-auditlogmod-1.so,--depaudit=tst-auditlogmod-2.so $(objpfx)tst-auditlogmod-2.so: $(libsupport) @@ -1555,6 +1566,9 @@ tst-audit17-ENV = LD_AUDIT=$(objpfx)tst-auditmod17.so $(objpfx)tst-audit14-cmp.out: tst-audit14.exp $(objpfx)tst-audit14.out cmp $^ > $@; \ $(evaluate-test) +$(objpfx)tst-audit14a-cmp.out: tst-audit14.exp $(objpfx)tst-audit14a.out + cmp $^ > $@; \ + $(evaluate-test) $(objpfx)tst-audit15-cmp.out: tst-audit15.exp $(objpfx)tst-audit15.out cmp $^ > $@; \ $(evaluate-test) diff --git a/elf/dl-load.c b/elf/dl-load.c index 721593135e..1c90801903 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -2143,14 +2143,16 @@ _dl_map_object (struct link_map *loader, const char *name, fd = -1; + struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded; + bool did_main_map; + /* When the object has the RUNPATH information we don't use any RPATHs. */ if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL) { /* This is the executable's map (if there is one). Make sure that we do not look at it twice. */ - struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded; - bool did_main_map = false; + did_main_map = false; /* First try the DT_RPATH of the dependent object that caused NAME to be loaded. Then that object's dependent, and on up. */ @@ -2186,13 +2188,38 @@ _dl_map_object (struct link_map *loader, const char *name, loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded, LA_SER_LIBPATH, &found_other_class); + /* Make sure that we do not look at RUNPATH in the executable + twice. */ + did_main_map = false; + /* Look at the RUNPATH information for this binary. */ if (fd == -1 && loader != NULL && cache_rpath (loader, &loader->l_runpath_dirs, DT_RUNPATH, "RUNPATH")) - fd = open_path (name, namelen, mode, - &loader->l_runpath_dirs, &realname, &fb, loader, - LA_SER_RUNPATH, &found_other_class); + { + did_main_map = loader == main_map; + fd = open_path (name, namelen, mode, + &loader->l_runpath_dirs, &realname, &fb, loader, + LA_SER_RUNPATH, &found_other_class); + } + + /* When processing the lookup we may need to additionally try + DT_RUNPATH in the executable for a glibc internal dlopen call + when looking for audit modules. */ + if (__glibc_unlikely (mode & __RTLD_AUDIT) + && fd == -1 + && !did_main_map + && main_map != NULL + && main_map->l_type != lt_loaded) + { + struct r_search_path_struct l_rpath_dirs; + l_rpath_dirs.dirs = NULL; + if (cache_rpath (main_map, &l_rpath_dirs, + DT_RUNPATH, "RUNPATH")) + fd = open_path (name, namelen, mode, &l_rpath_dirs, + &realname, &fb, loader ?: main_map, + LA_SER_RUNPATH, &found_other_class); + } if (fd == -1) { diff --git a/elf/tst-audit14a.c b/elf/tst-audit14a.c new file mode 100644 index 0000000000..c6232eacf2 --- /dev/null +++ b/elf/tst-audit14a.c @@ -0,0 +1 @@ +#include "tst-audit14.c"