elf: Implement DT_AUDIT, DT_DEPAUDIT support [BZ #24943]
Commit Message
binutils ld has supported --audit, --depaudit for a long time,
only support in glibc has been missing.
[Rebased &repost of an old, unreviewed patch.]
-----
NEWS | 3 ++
elf/Makefile | 22 ++++++++++++--
elf/rtld.c | 78 +++++++++++++++++++++++++++++++++++++++++++++----
elf/tst-audit14.c | 46 +++++++++++++++++++++++++++++
elf/tst-audit15.c | 50 +++++++++++++++++++++++++++++++
elf/tst-audit16.c | 54 ++++++++++++++++++++++++++++++++++
elf/tst-auditlogmod-1.c | 27 +++++++++++++++++
elf/tst-auditlogmod-2.c | 27 +++++++++++++++++
elf/tst-auditlogmod-3.c | 27 +++++++++++++++++
support/Makefile | 1 +
support/xgetline.c | 39 +++++++++++++++++++++++++
support/xstdio.h | 6 ++++
12 files changed, 373 insertions(+), 7 deletions(-)
Comments
On 2/17/20 11:02 AM, Florian Weimer wrote:
> binutils ld has supported --audit, --depaudit for a long time,
> only support in glibc has been missing.
>
> [Rebased &repost of an old, unreviewed patch.]
OK for master.
Includes tests of DT_AUDIT, and DT_DEPAUDIT for a variable number
of audit libraries.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> -----
> NEWS | 3 ++
> elf/Makefile | 22 ++++++++++++--
> elf/rtld.c | 78 +++++++++++++++++++++++++++++++++++++++++++++----
> elf/tst-audit14.c | 46 +++++++++++++++++++++++++++++
> elf/tst-audit15.c | 50 +++++++++++++++++++++++++++++++
> elf/tst-audit16.c | 54 ++++++++++++++++++++++++++++++++++
> elf/tst-auditlogmod-1.c | 27 +++++++++++++++++
> elf/tst-auditlogmod-2.c | 27 +++++++++++++++++
> elf/tst-auditlogmod-3.c | 27 +++++++++++++++++
> support/Makefile | 1 +
> support/xgetline.c | 39 +++++++++++++++++++++++++
> support/xstdio.h | 6 ++++
> 12 files changed, 373 insertions(+), 7 deletions(-)
>
> diff --git a/NEWS b/NEWS
> index 77631ca707..3d75d6cfc6 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -11,6 +11,9 @@ Major new features:
>
> * New locale added: ckb_IQ (Kurdish/Sorani spoken in Iraq)
>
> +* The GNU C Library now loads audit modules listed in the DT_AUDIT and
> + DT_DEPAUDIT dynamic section entries of the main executable.
> +
> Deprecated and removed features, and other changes affecting compatibility:
>
> [Add deprecations, removals and changes affecting compatibility here]
> diff --git a/elf/Makefile b/elf/Makefile
> index a137143db7..12c505f3b7 100644
> --- a/elf/Makefile
> +++ b/elf/Makefile
> @@ -202,7 +202,8 @@ tests += restest1 preloadtest loadfail multiload origtest resolvfail \
> tst-sonamemove-link tst-sonamemove-dlopen tst-dlopen-tlsmodid \
> tst-dlopen-self tst-auditmany tst-initfinilazyfail tst-dlopenfail \
> tst-dlopenfail-2 \
> - tst-filterobj tst-filterobj-dlopen tst-auxobj tst-auxobj-dlopen
> + tst-filterobj tst-filterobj-dlopen tst-auxobj tst-auxobj-dlopen \
> + tst-audit14 tst-audit15 tst-audit16
> # reldep9
> tests-internal += loadtest unload unload2 circleload1 \
> neededtest neededtest2 neededtest3 neededtest4 \
> @@ -314,7 +315,8 @@ modules-names = testobj1 testobj2 testobj3 testobj4 testobj5 testobj6 \
> tst-initlazyfailmod tst-finilazyfailmod \
> tst-dlopenfailmod1 tst-dlopenfaillinkmod tst-dlopenfailmod2 \
> tst-dlopenfailmod3 tst-ldconfig-ld-mod \
> - tst-filterobj-flt tst-filterobj-aux tst-filterobj-filtee
> + tst-filterobj-flt tst-filterobj-aux tst-filterobj-filtee \
> + tst-auditlogmod-1 tst-auditlogmod-2 tst-auditlogmod-3
> # Most modules build with _ISOMAC defined, but those filtered out
> # depend on internal headers.
> modules-names-tests = $(filter-out ifuncmod% tst-libc_dlvsym-dso tst-tlsmod%,\
> @@ -1491,6 +1493,22 @@ $(objpfx)tst-auditmany.out: $(objpfx)tst-auditmanymod1.so \
> tst-auditmany-ENV = \
> LD_AUDIT=tst-auditmanymod1.so:tst-auditmanymod2.so:tst-auditmanymod3.so:tst-auditmanymod4.so:tst-auditmanymod5.so:tst-auditmanymod6.so:tst-auditmanymod7.so:tst-auditmanymod8.so:tst-auditmanymod9.so
>
> +LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so
> +$(objpfx)tst-auditlogmod-1.so: $(libsupport)
> +$(objpfx)tst-audit14.out: $(objpfx)tst-auditlogmod-1.so
> +LDFLAGS-tst-audit15 = \
> + -Wl,--audit=tst-auditlogmod-1.so,--depaudit=tst-auditlogmod-2.so
> +$(objpfx)tst-auditlogmod-2.so: $(libsupport)
> +$(objpfx)tst-audit15.out: \
> + $(objpfx)tst-auditlogmod-1.so $(objpfx)tst-auditlogmod-2.so
> +LDFLAGS-tst-audit16 = \
> + -Wl,--audit=tst-auditlogmod-1.so:tst-auditlogmod-2.so \
> + -Wl,--depaudit=tst-auditlogmod-3.so
> +$(objpfx)tst-auditlogmod-3.so: $(libsupport)
> +$(objpfx)tst-audit16.out: \
> + $(objpfx)tst-auditlogmod-1.so $(objpfx)tst-auditlogmod-2.so \
> + $(objpfx)tst-auditlogmod-3.so
> +
> # tst-sonamemove links against an older implementation of the library.
> LDFLAGS-tst-sonamemove-linkmod1.so = \
> -Wl,--version-script=tst-sonamemove-linkmod1.map \
> diff --git a/elf/rtld.c b/elf/rtld.c
> index 51dfaf966a..167da48def 100644
> --- a/elf/rtld.c
> +++ b/elf/rtld.c
> @@ -188,6 +188,15 @@ static struct audit_list
> struct audit_list *next;
> } *audit_list;
>
> +/* State flag for hte struct audit_list_iter iterator. */
> +enum audit_iter_list_state
> + {
> + audit_iter_list_in_string,
> + audit_iter_list_in_dt_audit,
> + audit_iter_list_in_dt_depaudit,
> + audit_iter_list_in_list,
> + };
> +
> /* Iterator for audit_list_string followed by audit_list. */
> struct audit_list_iter
> {
> @@ -198,6 +207,9 @@ struct audit_list_iter
> the first element. */
> struct audit_list *previous;
>
> + /* One of the enum audit_iter_list_state values. */
> + unsigned char state;
> +
> /* Scratch buffer for returning a name which is part of
> audit_list_string. */
> char fname[SECURE_NAME_LIMIT];
> @@ -209,14 +221,66 @@ audit_list_iter_init (struct audit_list_iter *iter)
> {
> iter->audit_list_tail = audit_list_string;
> iter->previous = NULL;
> + iter->state = audit_iter_list_in_string;
> +}
> +
> +/* Look up the INDEX of a dynamic tag in MAIN_MAP and store it in
> + ITER->audit_list_tail if it exists. */
> +static void
> +audit_list_iter_fetch_index (struct audit_list_iter *iter,
> + struct link_map *main_map, size_t index)
> +{
> + if (main_map->l_info[index] != NULL)
> + iter->audit_list_tail
> + = ((const char *) D_PTR (main_map, l_info[DT_STRTAB])
> + + main_map->l_info[index]->d_un.d_val);
> +}
> +
> +/* Advance ITER->state and put the next string into
> + ITER->audit_list_tail. */
> +static void
> +audit_list_iter_fetch_string (struct audit_list_iter *iter,
> + struct link_map *main_map)
> +{
> + /* Advance the state. */
> + ++iter->state;
> + assert (iter->state <= audit_iter_list_in_list);
> +
> + /* Default to a missing string. */
> + iter->audit_list_tail = NULL;
> +
> + /* Determine the next string. */
> + switch ((enum audit_iter_list_state) iter->state)
> + {
> + case audit_iter_list_in_string:
> + /* Not possible because state was advanced. */
> + __builtin_unreachable ();
> + case audit_iter_list_in_dt_audit:
> + audit_list_iter_fetch_index (iter, main_map, ADDRIDX (DT_AUDIT));
> + break;
> + case audit_iter_list_in_dt_depaudit:
> + audit_list_iter_fetch_index (iter, main_map, ADDRIDX (DT_DEPAUDIT));
> + break;
> + case audit_iter_list_in_list:
> + /* No DT_* tag left to process. */
> + return;
> + }
> }
>
> /* Iterate through both audit_list_string and audit_list. */
> static const char *
> -audit_list_iter_next (struct audit_list_iter *iter)
> +audit_list_iter_next (struct audit_list_iter *iter, struct link_map *main_map)
> {
> - if (iter->audit_list_tail != NULL)
> + while (iter->state != audit_iter_list_in_list)
> {
> + /* If the current string is missing or exhausted, fetch the next
> + string. This advances iter->state. */
> + if (iter->audit_list_tail == NULL || *iter->audit_list_tail == '\0')
> + {
> + audit_list_iter_fetch_string (iter, main_map);
> + continue;
> + }
> +
> /* First iterate over audit_list_string. */
> while (*iter->audit_list_tail != '\0')
> {
> @@ -241,7 +305,9 @@ audit_list_iter_next (struct audit_list_iter *iter)
> return iter->fname;
> /* Otherwise, wrap around and try the next name. */
> }
> - /* Fall through to the procesing of audit_list. */
> +
> + /* Fetch the next audit string, or fall through to linked list
> + processing below. */
> }
>
> if (iter->previous == NULL)
> @@ -1070,7 +1136,7 @@ load_audit_modules (struct link_map *main_map)
>
> while (true)
> {
> - const char *name = audit_list_iter_next (&al_iter);
> + const char *name = audit_list_iter_next (&al_iter, main_map);
> if (name == NULL)
> break;
> load_audit_module (name, &last_audit);
> @@ -1620,7 +1686,9 @@ ERROR: '%s': cannot process note segment.\n", _dl_argv[0]);
> /* If we have auditing DSOs to load, do it now. */
> bool need_security_init = true;
> if (__glibc_unlikely (audit_list != NULL)
> - || __glibc_unlikely (audit_list_string != NULL))
> + || __glibc_unlikely (audit_list_string != NULL)
> + || __glibc_unlikely (main_map->l_info[ADDRIDX (DT_AUDIT)] != NULL)
> + || __glibc_unlikely (main_map->l_info[ADDRIDX (DT_DEPAUDIT)] != NULL))
OK.
> {
> /* Since we start using the auditing DSOs right away we need to
> initialize the data structures now. */
> diff --git a/elf/tst-audit14.c b/elf/tst-audit14.c
> new file mode 100644
> index 0000000000..73e6634e35
> --- /dev/null
> +++ b/elf/tst-audit14.c
> @@ -0,0 +1,46 @@
> +/* Main program with DT_AUDIT. One audit module.
> + Copyright (C) 2020 Free Software Foundation, Inc.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <http://www.gnu.org/licenses/>. */
> +
> +#include <stdlib.h>
> +#include <string.h>
> +#include <support/check.h>
> +#include <support/xstdio.h>
> +
> +static int
> +do_test (void)
> +{
> + /* Verify what the audit module has written. This test assumes that
> + standard output has been redirected to a regular file. */
> + FILE *fp = xfopen ("/dev/stdout", "r");
> +
> + char *buffer = NULL;
> + size_t buffer_length = 0;
> + size_t line_length = xgetline (&buffer, &buffer_length, fp);
> + const char *message = "info: tst-auditlogmod-1.so loaded\n";
OK.
> + TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
> +
> + /* No more audit module output. */
> + line_length = xgetline (&buffer, &buffer_length, fp);
> + TEST_COMPARE_BLOB ("", 0, buffer, line_length);
> +
> + free (buffer);
> + xfclose (fp);
> + return 0;
> +}
> +
> +#include <support/test-driver.c>
> diff --git a/elf/tst-audit15.c b/elf/tst-audit15.c
> new file mode 100644
> index 0000000000..3d6a31c242
> --- /dev/null
> +++ b/elf/tst-audit15.c
> @@ -0,0 +1,50 @@
> +/* Main program with DT_AUDIT and DT_DEPAUDIT. Two audit modules.
> + Copyright (C) 2020 Free Software Foundation, Inc.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <http://www.gnu.org/licenses/>. */
> +
> +#include <stdlib.h>
> +#include <string.h>
> +#include <support/check.h>
> +#include <support/xstdio.h>
> +
> +static int
> +do_test (void)
> +{
> + /* Verify what the audit modules have written. This test assumes
> + that standard output has been redirected to a regular file. */
> + FILE *fp = xfopen ("/dev/stdout", "r");
> +
> + char *buffer = NULL;
> + size_t buffer_length = 0;
> + size_t line_length = xgetline (&buffer, &buffer_length, fp);
> + const char *message = "info: tst-auditlogmod-1.so loaded\n";
> + TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
> +
> + line_length = xgetline (&buffer, &buffer_length, fp);
> + message = "info: tst-auditlogmod-2.so loaded\n";
> + TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
> +
> + /* No more audit module output. */
> + line_length = xgetline (&buffer, &buffer_length, fp);
> + TEST_COMPARE_BLOB ("", 0, buffer, line_length);
> +
> + free (buffer);
> + xfclose (fp);
> + return 0;
> +}
> +
> +#include <support/test-driver.c>
> diff --git a/elf/tst-audit16.c b/elf/tst-audit16.c
> new file mode 100644
> index 0000000000..1a7d6eee5e
> --- /dev/null
> +++ b/elf/tst-audit16.c
> @@ -0,0 +1,54 @@
> +/* Main program with DT_AUDIT and DT_DEPAUDIT. Three audit modules.
> + Copyright (C) 2020 Free Software Foundation, Inc.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <http://www.gnu.org/licenses/>. */
> +
> +#include <stdlib.h>
> +#include <string.h>
> +#include <support/check.h>
> +#include <support/xstdio.h>
> +
> +static int
> +do_test (void)
> +{
> + /* Verify what the audit modules have written. This test assumes
> + that standard output has been redirected to a regular file. */
> + FILE *fp = xfopen ("/dev/stdout", "r");
> +
> + char *buffer = NULL;
> + size_t buffer_length = 0;
> + size_t line_length = xgetline (&buffer, &buffer_length, fp);
> + const char *message = "info: tst-auditlogmod-1.so loaded\n";
> + TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
> +
> + line_length = xgetline (&buffer, &buffer_length, fp);
> + message = "info: tst-auditlogmod-2.so loaded\n";
> + TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
> +
> + line_length = xgetline (&buffer, &buffer_length, fp);
> + message = "info: tst-auditlogmod-3.so loaded\n";
> + TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
> +
> + /* No more audit module output. */
> + line_length = xgetline (&buffer, &buffer_length, fp);
> + TEST_COMPARE_BLOB ("", 0, buffer, line_length);
> +
> + free (buffer);
> + xfclose (fp);
> + return 0;
> +}
> +
> +#include <support/test-driver.c>
> diff --git a/elf/tst-auditlogmod-1.c b/elf/tst-auditlogmod-1.c
> new file mode 100644
> index 0000000000..e6b8cd9094
> --- /dev/null
> +++ b/elf/tst-auditlogmod-1.c
> @@ -0,0 +1,27 @@
> +/* Audit module which logs that it was loaded. Variant 1.
> + Copyright (C) 2020 Free Software Foundation, Inc.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <http://www.gnu.org/licenses/>. */
> +
> +#include <link.h>
> +#include <support/support.h>
> +
> +unsigned int
> +la_version (unsigned int v)
> +{
> + write_message ("info: tst-auditlogmod-1.so loaded\n");
> + return LAV_CURRENT;
> +}
OK.
> diff --git a/elf/tst-auditlogmod-2.c b/elf/tst-auditlogmod-2.c
> new file mode 100644
> index 0000000000..9e7f0acabc
> --- /dev/null
> +++ b/elf/tst-auditlogmod-2.c
> @@ -0,0 +1,27 @@
> +/* Audit module which logs that it was loaded. Variant 2.
> + Copyright (C) 2020 Free Software Foundation, Inc.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <http://www.gnu.org/licenses/>. */
> +
> +#include <link.h>
> +#include <support/support.h>
> +
> +unsigned int
> +la_version (unsigned int v)
> +{
> + write_message ("info: tst-auditlogmod-2.so loaded\n");
> + return LAV_CURRENT;
> +}
OK.
> diff --git a/elf/tst-auditlogmod-3.c b/elf/tst-auditlogmod-3.c
> new file mode 100644
> index 0000000000..c4c1a58145
> --- /dev/null
> +++ b/elf/tst-auditlogmod-3.c
> @@ -0,0 +1,27 @@
> +/* Audit module which logs that it was loaded. Variant 3.
> + Copyright (C) 2020 Free Software Foundation, Inc.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <http://www.gnu.org/licenses/>. */
> +
> +#include <link.h>
> +#include <support/support.h>
> +
> +unsigned int
> +la_version (unsigned int v)
> +{
> + write_message ("info: tst-auditlogmod-3.so loaded\n");
> + return LAV_CURRENT;
> +}
OK.
> diff --git a/support/Makefile b/support/Makefile
> index a0304e6def..0c1e622286 100644
> --- a/support/Makefile
> +++ b/support/Makefile
> @@ -95,6 +95,7 @@ libsupport-routines = \
> xfopen \
> xfork \
> xftruncate \
> + xgetline \
> xgetsockname \
> xlisten \
> xlseek \
> diff --git a/support/xgetline.c b/support/xgetline.c
> new file mode 100644
> index 0000000000..50326a44cd
> --- /dev/null
> +++ b/support/xgetline.c
> @@ -0,0 +1,39 @@
> +/* getline with error checking.
> + Copyright (C) 2020 Free Software Foundation, Inc.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <http://www.gnu.org/licenses/>. */
> +
> +#include <support/check.h>
> +#include <support/xstdio.h>
> +
> +size_t
> +xgetline (char **buffer, size_t *length, FILE *fp)
> +{
> + TEST_VERIFY (!ferror (fp));
> + ssize_t ret = getline (buffer, length, fp);
> + if (ferror (fp))
> + {
> + TEST_VERIFY (ret < 0);
> + FAIL_EXIT1 ("getline: %m");
> + }
> + if (feof (fp))
> + {
> + TEST_VERIFY (ret <= 0);
> + return 0;
> + }
> + TEST_VERIFY (ret > 0);
> + return ret;
> +}
OK.
> diff --git a/support/xstdio.h b/support/xstdio.h
> index b62267a2a2..de32a8fe1d 100644
> --- a/support/xstdio.h
> +++ b/support/xstdio.h
> @@ -19,6 +19,7 @@
> #ifndef SUPPORT_XSTDIO_H
> #define SUPPORT_XSTDIO_H
>
> +#include <stddef.h>
> #include <stdio.h>
> #include <sys/cdefs.h>
>
> @@ -27,6 +28,11 @@ __BEGIN_DECLS
> FILE *xfopen (const char *path, const char *mode);
> void xfclose (FILE *);
>
> +/* Read a line from FP, using getline. *BUFFER must be NULL, or a
> + heap-allocated pointer of *LENGTH bytes. Return the number of bytes
> + in the line if a line was read, or 0 on EOF. */
> +size_t xgetline (char **buffer, size_t *length, FILE *fp);
OK.
> +
> __END_DECLS
>
> #endif /* SUPPORT_XSTDIO_H */
>
On 17/02/2020 13:02, Florian Weimer wrote:
> diff --git a/elf/rtld.c b/elf/rtld.c
> index 51dfaf966a..167da48def 100644
> --- a/elf/rtld.c
> +++ b/elf/rtld.c
> @@ -188,6 +188,15 @@ static struct audit_list
> struct audit_list *next;
> } *audit_list;
>
> +/* State flag for hte struct audit_list_iter iterator. */
> +enum audit_iter_list_state
> + {
> + audit_iter_list_in_string,
> + audit_iter_list_in_dt_audit,
> + audit_iter_list_in_dt_depaudit,
> + audit_iter_list_in_list,
> + };
> +
> /* Iterator for audit_list_string followed by audit_list. */
> struct audit_list_iter
> {
> @@ -198,6 +207,9 @@ struct audit_list_iter
> the first element. */
> struct audit_list *previous;
>
> + /* One of the enum audit_iter_list_state values. */
> + unsigned char state;
Why not use enum audit_iter_list_state as the type?
Rest looks ok, thanks.
* Adhemerval Zanella via Libc-alpha:
> On 17/02/2020 13:02, Florian Weimer wrote:
>> diff --git a/elf/rtld.c b/elf/rtld.c
>> index 51dfaf966a..167da48def 100644
>> --- a/elf/rtld.c
>> +++ b/elf/rtld.c
>> @@ -188,6 +188,15 @@ static struct audit_list
>> struct audit_list *next;
>> } *audit_list;
>>
>> +/* State flag for hte struct audit_list_iter iterator. */
>> +enum audit_iter_list_state
>> + {
>> + audit_iter_list_in_string,
>> + audit_iter_list_in_dt_audit,
>> + audit_iter_list_in_dt_depaudit,
>> + audit_iter_list_in_list,
>> + };
>> +
>> /* Iterator for audit_list_string followed by audit_list. */
>> struct audit_list_iter
>> {
>> @@ -198,6 +207,9 @@ struct audit_list_iter
>> the first element. */
>> struct audit_list *previous;
>>
>> + /* One of the enum audit_iter_list_state values. */
>> + unsigned char state;
>
> Why not use enum audit_iter_list_state as the type?
It avoids increasing the size of struct audit_list_iter.
Thanks,
Florian
On 02/04/2020 05:46, Florian Weimer wrote:
> * Adhemerval Zanella via Libc-alpha:
>
>> On 17/02/2020 13:02, Florian Weimer wrote:
>>> diff --git a/elf/rtld.c b/elf/rtld.c
>>> index 51dfaf966a..167da48def 100644
>>> --- a/elf/rtld.c
>>> +++ b/elf/rtld.c
>>> @@ -188,6 +188,15 @@ static struct audit_list
>>> struct audit_list *next;
>>> } *audit_list;
>>>
>>> +/* State flag for hte struct audit_list_iter iterator. */
>>> +enum audit_iter_list_state
>>> + {
>>> + audit_iter_list_in_string,
>>> + audit_iter_list_in_dt_audit,
>>> + audit_iter_list_in_dt_depaudit,
>>> + audit_iter_list_in_list,
>>> + };
>>> +
>>> /* Iterator for audit_list_string followed by audit_list. */
>>> struct audit_list_iter
>>> {
>>> @@ -198,6 +207,9 @@ struct audit_list_iter
>>> the first element. */
>>> struct audit_list *previous;
>>>
>>> + /* One of the enum audit_iter_list_state values. */
>>> + unsigned char state;
>>
>> Why not use enum audit_iter_list_state as the type?
>
> It avoids increasing the size of struct audit_list_iter.
But do we care for this specific usage?
* Adhemerval Zanella:
> On 02/04/2020 05:46, Florian Weimer wrote:
>> * Adhemerval Zanella via Libc-alpha:
>>
>>> On 17/02/2020 13:02, Florian Weimer wrote:
>>>> diff --git a/elf/rtld.c b/elf/rtld.c
>>>> index 51dfaf966a..167da48def 100644
>>>> --- a/elf/rtld.c
>>>> +++ b/elf/rtld.c
>>>> @@ -188,6 +188,15 @@ static struct audit_list
>>>> struct audit_list *next;
>>>> } *audit_list;
>>>>
>>>> +/* State flag for hte struct audit_list_iter iterator. */
>>>> +enum audit_iter_list_state
>>>> + {
>>>> + audit_iter_list_in_string,
>>>> + audit_iter_list_in_dt_audit,
>>>> + audit_iter_list_in_dt_depaudit,
>>>> + audit_iter_list_in_list,
>>>> + };
>>>> +
>>>> /* Iterator for audit_list_string followed by audit_list. */
>>>> struct audit_list_iter
>>>> {
>>>> @@ -198,6 +207,9 @@ struct audit_list_iter
>>>> the first element. */
>>>> struct audit_list *previous;
>>>>
>>>> + /* One of the enum audit_iter_list_state values. */
>>>> + unsigned char state;
>>>
>>> Why not use enum audit_iter_list_state as the type?
>>
>> It avoids increasing the size of struct audit_list_iter.
>
> But do we care for this specific usage?
No, not really.
I looked at this again from a larger view and will use a simple
stack-allocated array for all string lists. It turns out that all list
strings use ':' as a separator, so there is no reason to handle
individual strings differently.
Thanks,
Florian
@@ -11,6 +11,9 @@ Major new features:
* New locale added: ckb_IQ (Kurdish/Sorani spoken in Iraq)
+* The GNU C Library now loads audit modules listed in the DT_AUDIT and
+ DT_DEPAUDIT dynamic section entries of the main executable.
+
Deprecated and removed features, and other changes affecting compatibility:
[Add deprecations, removals and changes affecting compatibility here]
@@ -202,7 +202,8 @@ tests += restest1 preloadtest loadfail multiload origtest resolvfail \
tst-sonamemove-link tst-sonamemove-dlopen tst-dlopen-tlsmodid \
tst-dlopen-self tst-auditmany tst-initfinilazyfail tst-dlopenfail \
tst-dlopenfail-2 \
- tst-filterobj tst-filterobj-dlopen tst-auxobj tst-auxobj-dlopen
+ tst-filterobj tst-filterobj-dlopen tst-auxobj tst-auxobj-dlopen \
+ tst-audit14 tst-audit15 tst-audit16
# reldep9
tests-internal += loadtest unload unload2 circleload1 \
neededtest neededtest2 neededtest3 neededtest4 \
@@ -314,7 +315,8 @@ modules-names = testobj1 testobj2 testobj3 testobj4 testobj5 testobj6 \
tst-initlazyfailmod tst-finilazyfailmod \
tst-dlopenfailmod1 tst-dlopenfaillinkmod tst-dlopenfailmod2 \
tst-dlopenfailmod3 tst-ldconfig-ld-mod \
- tst-filterobj-flt tst-filterobj-aux tst-filterobj-filtee
+ tst-filterobj-flt tst-filterobj-aux tst-filterobj-filtee \
+ tst-auditlogmod-1 tst-auditlogmod-2 tst-auditlogmod-3
# Most modules build with _ISOMAC defined, but those filtered out
# depend on internal headers.
modules-names-tests = $(filter-out ifuncmod% tst-libc_dlvsym-dso tst-tlsmod%,\
@@ -1491,6 +1493,22 @@ $(objpfx)tst-auditmany.out: $(objpfx)tst-auditmanymod1.so \
tst-auditmany-ENV = \
LD_AUDIT=tst-auditmanymod1.so:tst-auditmanymod2.so:tst-auditmanymod3.so:tst-auditmanymod4.so:tst-auditmanymod5.so:tst-auditmanymod6.so:tst-auditmanymod7.so:tst-auditmanymod8.so:tst-auditmanymod9.so
+LDFLAGS-tst-audit14 = -Wl,--audit=tst-auditlogmod-1.so
+$(objpfx)tst-auditlogmod-1.so: $(libsupport)
+$(objpfx)tst-audit14.out: $(objpfx)tst-auditlogmod-1.so
+LDFLAGS-tst-audit15 = \
+ -Wl,--audit=tst-auditlogmod-1.so,--depaudit=tst-auditlogmod-2.so
+$(objpfx)tst-auditlogmod-2.so: $(libsupport)
+$(objpfx)tst-audit15.out: \
+ $(objpfx)tst-auditlogmod-1.so $(objpfx)tst-auditlogmod-2.so
+LDFLAGS-tst-audit16 = \
+ -Wl,--audit=tst-auditlogmod-1.so:tst-auditlogmod-2.so \
+ -Wl,--depaudit=tst-auditlogmod-3.so
+$(objpfx)tst-auditlogmod-3.so: $(libsupport)
+$(objpfx)tst-audit16.out: \
+ $(objpfx)tst-auditlogmod-1.so $(objpfx)tst-auditlogmod-2.so \
+ $(objpfx)tst-auditlogmod-3.so
+
# tst-sonamemove links against an older implementation of the library.
LDFLAGS-tst-sonamemove-linkmod1.so = \
-Wl,--version-script=tst-sonamemove-linkmod1.map \
@@ -188,6 +188,15 @@ static struct audit_list
struct audit_list *next;
} *audit_list;
+/* State flag for hte struct audit_list_iter iterator. */
+enum audit_iter_list_state
+ {
+ audit_iter_list_in_string,
+ audit_iter_list_in_dt_audit,
+ audit_iter_list_in_dt_depaudit,
+ audit_iter_list_in_list,
+ };
+
/* Iterator for audit_list_string followed by audit_list. */
struct audit_list_iter
{
@@ -198,6 +207,9 @@ struct audit_list_iter
the first element. */
struct audit_list *previous;
+ /* One of the enum audit_iter_list_state values. */
+ unsigned char state;
+
/* Scratch buffer for returning a name which is part of
audit_list_string. */
char fname[SECURE_NAME_LIMIT];
@@ -209,14 +221,66 @@ audit_list_iter_init (struct audit_list_iter *iter)
{
iter->audit_list_tail = audit_list_string;
iter->previous = NULL;
+ iter->state = audit_iter_list_in_string;
+}
+
+/* Look up the INDEX of a dynamic tag in MAIN_MAP and store it in
+ ITER->audit_list_tail if it exists. */
+static void
+audit_list_iter_fetch_index (struct audit_list_iter *iter,
+ struct link_map *main_map, size_t index)
+{
+ if (main_map->l_info[index] != NULL)
+ iter->audit_list_tail
+ = ((const char *) D_PTR (main_map, l_info[DT_STRTAB])
+ + main_map->l_info[index]->d_un.d_val);
+}
+
+/* Advance ITER->state and put the next string into
+ ITER->audit_list_tail. */
+static void
+audit_list_iter_fetch_string (struct audit_list_iter *iter,
+ struct link_map *main_map)
+{
+ /* Advance the state. */
+ ++iter->state;
+ assert (iter->state <= audit_iter_list_in_list);
+
+ /* Default to a missing string. */
+ iter->audit_list_tail = NULL;
+
+ /* Determine the next string. */
+ switch ((enum audit_iter_list_state) iter->state)
+ {
+ case audit_iter_list_in_string:
+ /* Not possible because state was advanced. */
+ __builtin_unreachable ();
+ case audit_iter_list_in_dt_audit:
+ audit_list_iter_fetch_index (iter, main_map, ADDRIDX (DT_AUDIT));
+ break;
+ case audit_iter_list_in_dt_depaudit:
+ audit_list_iter_fetch_index (iter, main_map, ADDRIDX (DT_DEPAUDIT));
+ break;
+ case audit_iter_list_in_list:
+ /* No DT_* tag left to process. */
+ return;
+ }
}
/* Iterate through both audit_list_string and audit_list. */
static const char *
-audit_list_iter_next (struct audit_list_iter *iter)
+audit_list_iter_next (struct audit_list_iter *iter, struct link_map *main_map)
{
- if (iter->audit_list_tail != NULL)
+ while (iter->state != audit_iter_list_in_list)
{
+ /* If the current string is missing or exhausted, fetch the next
+ string. This advances iter->state. */
+ if (iter->audit_list_tail == NULL || *iter->audit_list_tail == '\0')
+ {
+ audit_list_iter_fetch_string (iter, main_map);
+ continue;
+ }
+
/* First iterate over audit_list_string. */
while (*iter->audit_list_tail != '\0')
{
@@ -241,7 +305,9 @@ audit_list_iter_next (struct audit_list_iter *iter)
return iter->fname;
/* Otherwise, wrap around and try the next name. */
}
- /* Fall through to the procesing of audit_list. */
+
+ /* Fetch the next audit string, or fall through to linked list
+ processing below. */
}
if (iter->previous == NULL)
@@ -1070,7 +1136,7 @@ load_audit_modules (struct link_map *main_map)
while (true)
{
- const char *name = audit_list_iter_next (&al_iter);
+ const char *name = audit_list_iter_next (&al_iter, main_map);
if (name == NULL)
break;
load_audit_module (name, &last_audit);
@@ -1620,7 +1686,9 @@ ERROR: '%s': cannot process note segment.\n", _dl_argv[0]);
/* If we have auditing DSOs to load, do it now. */
bool need_security_init = true;
if (__glibc_unlikely (audit_list != NULL)
- || __glibc_unlikely (audit_list_string != NULL))
+ || __glibc_unlikely (audit_list_string != NULL)
+ || __glibc_unlikely (main_map->l_info[ADDRIDX (DT_AUDIT)] != NULL)
+ || __glibc_unlikely (main_map->l_info[ADDRIDX (DT_DEPAUDIT)] != NULL))
{
/* Since we start using the auditing DSOs right away we need to
initialize the data structures now. */
new file mode 100644
@@ -0,0 +1,46 @@
+/* Main program with DT_AUDIT. One audit module.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <stdlib.h>
+#include <string.h>
+#include <support/check.h>
+#include <support/xstdio.h>
+
+static int
+do_test (void)
+{
+ /* Verify what the audit module has written. This test assumes that
+ standard output has been redirected to a regular file. */
+ FILE *fp = xfopen ("/dev/stdout", "r");
+
+ char *buffer = NULL;
+ size_t buffer_length = 0;
+ size_t line_length = xgetline (&buffer, &buffer_length, fp);
+ const char *message = "info: tst-auditlogmod-1.so loaded\n";
+ TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
+
+ /* No more audit module output. */
+ line_length = xgetline (&buffer, &buffer_length, fp);
+ TEST_COMPARE_BLOB ("", 0, buffer, line_length);
+
+ free (buffer);
+ xfclose (fp);
+ return 0;
+}
+
+#include <support/test-driver.c>
new file mode 100644
@@ -0,0 +1,50 @@
+/* Main program with DT_AUDIT and DT_DEPAUDIT. Two audit modules.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <stdlib.h>
+#include <string.h>
+#include <support/check.h>
+#include <support/xstdio.h>
+
+static int
+do_test (void)
+{
+ /* Verify what the audit modules have written. This test assumes
+ that standard output has been redirected to a regular file. */
+ FILE *fp = xfopen ("/dev/stdout", "r");
+
+ char *buffer = NULL;
+ size_t buffer_length = 0;
+ size_t line_length = xgetline (&buffer, &buffer_length, fp);
+ const char *message = "info: tst-auditlogmod-1.so loaded\n";
+ TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
+
+ line_length = xgetline (&buffer, &buffer_length, fp);
+ message = "info: tst-auditlogmod-2.so loaded\n";
+ TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
+
+ /* No more audit module output. */
+ line_length = xgetline (&buffer, &buffer_length, fp);
+ TEST_COMPARE_BLOB ("", 0, buffer, line_length);
+
+ free (buffer);
+ xfclose (fp);
+ return 0;
+}
+
+#include <support/test-driver.c>
new file mode 100644
@@ -0,0 +1,54 @@
+/* Main program with DT_AUDIT and DT_DEPAUDIT. Three audit modules.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <stdlib.h>
+#include <string.h>
+#include <support/check.h>
+#include <support/xstdio.h>
+
+static int
+do_test (void)
+{
+ /* Verify what the audit modules have written. This test assumes
+ that standard output has been redirected to a regular file. */
+ FILE *fp = xfopen ("/dev/stdout", "r");
+
+ char *buffer = NULL;
+ size_t buffer_length = 0;
+ size_t line_length = xgetline (&buffer, &buffer_length, fp);
+ const char *message = "info: tst-auditlogmod-1.so loaded\n";
+ TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
+
+ line_length = xgetline (&buffer, &buffer_length, fp);
+ message = "info: tst-auditlogmod-2.so loaded\n";
+ TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
+
+ line_length = xgetline (&buffer, &buffer_length, fp);
+ message = "info: tst-auditlogmod-3.so loaded\n";
+ TEST_COMPARE_BLOB (message, strlen (message), buffer, line_length);
+
+ /* No more audit module output. */
+ line_length = xgetline (&buffer, &buffer_length, fp);
+ TEST_COMPARE_BLOB ("", 0, buffer, line_length);
+
+ free (buffer);
+ xfclose (fp);
+ return 0;
+}
+
+#include <support/test-driver.c>
new file mode 100644
@@ -0,0 +1,27 @@
+/* Audit module which logs that it was loaded. Variant 1.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <link.h>
+#include <support/support.h>
+
+unsigned int
+la_version (unsigned int v)
+{
+ write_message ("info: tst-auditlogmod-1.so loaded\n");
+ return LAV_CURRENT;
+}
new file mode 100644
@@ -0,0 +1,27 @@
+/* Audit module which logs that it was loaded. Variant 2.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <link.h>
+#include <support/support.h>
+
+unsigned int
+la_version (unsigned int v)
+{
+ write_message ("info: tst-auditlogmod-2.so loaded\n");
+ return LAV_CURRENT;
+}
new file mode 100644
@@ -0,0 +1,27 @@
+/* Audit module which logs that it was loaded. Variant 3.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <link.h>
+#include <support/support.h>
+
+unsigned int
+la_version (unsigned int v)
+{
+ write_message ("info: tst-auditlogmod-3.so loaded\n");
+ return LAV_CURRENT;
+}
@@ -95,6 +95,7 @@ libsupport-routines = \
xfopen \
xfork \
xftruncate \
+ xgetline \
xgetsockname \
xlisten \
xlseek \
new file mode 100644
@@ -0,0 +1,39 @@
+/* getline with error checking.
+ Copyright (C) 2020 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <support/check.h>
+#include <support/xstdio.h>
+
+size_t
+xgetline (char **buffer, size_t *length, FILE *fp)
+{
+ TEST_VERIFY (!ferror (fp));
+ ssize_t ret = getline (buffer, length, fp);
+ if (ferror (fp))
+ {
+ TEST_VERIFY (ret < 0);
+ FAIL_EXIT1 ("getline: %m");
+ }
+ if (feof (fp))
+ {
+ TEST_VERIFY (ret <= 0);
+ return 0;
+ }
+ TEST_VERIFY (ret > 0);
+ return ret;
+}
@@ -19,6 +19,7 @@
#ifndef SUPPORT_XSTDIO_H
#define SUPPORT_XSTDIO_H
+#include <stddef.h>
#include <stdio.h>
#include <sys/cdefs.h>
@@ -27,6 +28,11 @@ __BEGIN_DECLS
FILE *xfopen (const char *path, const char *mode);
void xfclose (FILE *);
+/* Read a line from FP, using getline. *BUFFER must be NULL, or a
+ heap-allocated pointer of *LENGTH bytes. Return the number of bytes
+ in the line if a line was read, or 0 on EOF. */
+size_t xgetline (char **buffer, size_t *length, FILE *fp);
+
__END_DECLS
#endif /* SUPPORT_XSTDIO_H */