[Bug dynamic-link/23293] aarch64: getauxval is broken when run as ld.so ./exe and ld.so adjusts argv on the stack

["cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>]

https://sourceware.org/bugzilla/show_bug.cgi?id=23293

--- Comment #12 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.34/master branch has been updated by Szabolcs Nagy
<nsz@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c73c79af7d6f1124fbfa5d935b4f620217d6a2ec

commit c73c79af7d6f1124fbfa5d935b4f620217d6a2ec
Author: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date:   Fri Jun 15 16:14:58 2018 +0100

    rtld: Use generic argv adjustment in ld.so [BZ #23293]

    When an executable is invoked as

      ./ld.so [ld.so-args] ./exe [exe-args]

    then the argv is adujusted in ld.so before calling the entry point of
    the executable so ld.so args are not visible to it.  On most targets
    this requires moving argv, env and auxv on the stack to ensure correct
    stack alignment at the entry point.  This had several issues:

    - The code for this adjustment on the stack is written in asm as part
      of the target specific ld.so _start code which is hard to maintain.

    - The adjustment is done after _dl_start returns, where it's too late
      to update GLRO(dl_auxv), as it is already readonly, so it points to
      memory that was clobbered by the adjustment. This is bug 23293.

    - _environ is also wrong in ld.so after the adjustment, but it is
      likely not used after _dl_start returns so this is not user visible.

    - _dl_argv was updated, but for this it was moved out of relro, which
      changes security properties across targets unnecessarily.

    This patch introduces a generic _dl_start_args_adjust function that
    handles the argument adjustments after ld.so processed its own args
    and before relro protection is applied.

    The same algorithm is used on all targets, _dl_skip_args is now 0, so
    existing target specific adjustment code is no longer used.  The bug
    affects aarch64, alpha, arc, arm, csky, ia64, nios2, s390-32 and sparc,
    other targets don't need the change in principle, only for consistency.

    The GNU Hurd start code relied on _dl_skip_args after dl_main returned,
    now it checks directly if args were adjusted and fixes the Hurd startup
    data accordingly.

    Follow up patches can remove _dl_skip_args and DL_ARGV_NOT_RELRO.

    Tested on aarch64-linux-gnu and cross tested on i686-gnu.

    Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
    (cherry picked from commit ad43cac44a6860eaefcadadfb2acb349921e96bf)

-- 
You are receiving this mail because:
You are on the CC list for the bug.