From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=mofQ=HQ=redhat.com=josimmon@sourceware.org>
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by sourceware.org (Postfix) with ESMTPS id EEBA23858D32
	for <libc-alpha@sourceware.org>; Tue,  5 Dec 2023 17:54:56 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org EEBA23858D32
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org EEBA23858D32
Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1701798898; cv=none;
	b=wQoclybmAktF9pPCRJQNOSarA6C8jOFIZkL+ttv5VD8TKIjpBXgcEt+9n7osOe3sNSQqi2zBcNmkL1GPkZBK80/yIRopSjao+NW5OjnJnpYw0vnymBb2NzGgPDtIp45J2PwZqEBaBTE003dRAJketpVIYqzF+6nnYGIpoaJdtks=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
	t=1701798898; c=relaxed/simple;
	bh=yQ7bms3lABzTRnfHGM61PIJeOVA+RyplcatdqqEIn9U=;
	h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=H7F+i+/Jnu7a6RX58g6gkS8cG3fjYLq1CyL3hrK4tARsP3UPD9YEUysYky0B/1g/7HPg/CJLj0oD9okJz7y63zRgg2Esl1AjZv1Erkiadc1ENOGiRZmED70+kHG9igpiNUX+hqSysZnzeIQqluS0bKQZLgbnAwBUWLTDj6wR+gQ=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1701798896;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=6g/KhuTSXH8fdkg66KorDtReoGStA7N1CuiNflFa4BM=;
	b=PbS1l90oSG136106wetzohP+a5242nin6jC/dCw+kifMypx2LDN3hdSskqEdgVwN+3FdVy
	vFnaT0kXDcBHLtLreVHaUqkuXvSTnUO5nfyWdV1IFS5tMh877S9AFddY6ZWGiEQSPQe44B
	zA0ZDmeDEfbDew3KUheiPaAj1o4RfUg=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-638-APAhGMkyPKKIAioTpknTaw-1; Tue, 05 Dec 2023 12:54:55 -0500
X-MC-Unique: APAhGMkyPKKIAioTpknTaw-1
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id BBA97869EC0;
	Tue,  5 Dec 2023 17:54:54 +0000 (UTC)
Received: from oak (unknown [10.22.18.132])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 92BDB492BC6;
	Tue,  5 Dec 2023 17:54:54 +0000 (UTC)
Date: Tue, 5 Dec 2023 12:54:53 -0500
From: Joe Simmons-Talbott <josimmon@redhat.com>
To: Szabolcs Nagy <szabolcs.nagy@arm.com>
Cc: libc-alpha@sourceware.org
Subject: Re: [PATCH] rtld: Add glibc.rtld.enable_secure tunable.
Message-ID: <20231205175453.GA3179278@oak>
References: <20231205153543.4084715-1-josimmon@redhat.com>
 <ZW9G916C1R73dfjV@arm.com>
MIME-Version: 1.0
In-Reply-To: <ZW9G916C1R73dfjV@arm.com>
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Status: No, score=-5.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <libc-alpha.sourceware.org>

On Tue, Dec 05, 2023 at 03:51:19PM +0000, Szabolcs Nagy wrote:
> The 12/05/2023 10:35, Joe Simmons-Talbott wrote:
> > Add a tunable for setting __libc_enable_secure to 1.  Does not set
> > __libc_enable_secure to 0 if the tunable is set to 0.  Ignores any
> > tunables following glib.rtld.enable_secure.  One use-case for this
> 
> why do you want to ignore later tunables?

Tunables are currently ignored in __tunables_init when __libc_enable_secure
is set.  Therefore once we set __libc_enable_secure during tunable
processing we should not set any more tunables.

> 
> > addition is to enable testing code paths that depend on
> > __libc_eanble_secure being set without the need to use setxid binaries.
> > ---
> > NOTE: I'm not certain I've picked the appropriate place to handle
> > glibc.rtld.enable_secure.  I tried to make it happen as early as
> > possible to minimize and places where __libc_enable_secure might be
> > checked before the tunable initialization takes place.
> > 
> >  NEWS                             |   4 ++
> >  csu/libc-start.c                 |   4 ++
> 
> your code only seem to affect static linking.
> (apart from the 'ignore later tunables' behaviour)
> 
> e.g. i'd expect some change in sysdeps/unix/sysv/linux/dl-sysdep.c
> 

Thanks for catching that.  I've sent an updated v2 patch[1].

Thanks,
Joe

[1] https://inbox.sourceware.org/libc-alpha/20231205174527.1689844-1-josimmon@redhat.com/

> >  elf/Makefile                     |   2 +
> >  elf/dl-tunables.c                |   8 ++-
> >  elf/dl-tunables.h                |  11 +++
> >  elf/dl-tunables.list             |   6 ++
> >  elf/tst-rtld-list-tunables.exp   |   1 +
> >  elf/tst-tunables-enable_secure.c | 115 +++++++++++++++++++++++++++++++
> >  8 files changed, 150 insertions(+), 1 deletion(-)
> >  create mode 100644 elf/tst-tunables-enable_secure.c
>