From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-93412-listarch-libc-alpha=sources.redhat.com@sourceware.org>
Received: (qmail 52225 invoked by alias); 19 Jun 2018 19:13:03 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 52206 invoked by uid 89); 19 Jun 2018 19:13:02 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_NONE autolearn=no version=3.3.2 spammy=Hx-languages-length:1219
X-HELO: albireo.enyo.de
From: Florian Weimer <fw@deneb.enyo.de>
To: Szabolcs Nagy <szabolcs.nagy@arm.com>
Cc: libc-alpha@sourceware.org,  nd@arm.com
Subject: Re: [PATCH] libio: Disable vtable validation in case of interposition [BZ #23313]
References: <E1fVDN1-0003cW-8d@mid.deneb.enyo.de>
	<773dfddc-66ed-730f-d8b3-a0c9392cc5de@arm.com>
	<87in6f5858.fsf@mid.deneb.enyo.de>
Date: Tue, 19 Jun 2018 19:13:00 -0000
In-Reply-To: <87in6f5858.fsf@mid.deneb.enyo.de> (Florian Weimer's message of
	"Tue, 19 Jun 2018 13:26:59 +0200")
Message-ID: <87h8ly3805.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain
X-SW-Source: 2018-06/txt/msg00566.txt.bz2

* Florian Weimer:

> * Szabolcs Nagy:
>
>> the check looks ok to me
>> i think hidden symbol alias would work too
>>
>> return &_IO_2_1_stdin == &_IO_2_1_stdin_internal_alias || ...;
>>
>> and it may be a bit nicer than checking the section.. i'm not sure
>
> I had hoped that GCC would combine the comparisons in some way, but it
> doesn't do that either way.
>
> The hidden alias approach also has the advantage that it does not
> touch the _IO_MTSAFE_IO code.
>
>
> 2018-06-19  Florian Weimer  <fweimer@redhat.com>
>
> 	[BZ #23313]
> 	* libio/libioP.h [SHARED] (_IO_2_1_stdin_hidden)
> 	(_IO_2_1_stdout_hidden, _IO_2_1_stderr_hidden): Declare.
> 	* libio/stdfiles.c [SHARED] (_IO_2_1_stdin_hidden)
> 	(_IO_2_1_stdout_hidden, _IO_2_1_stderr_hidden): Define aliases.
> 	* libio/vtables.c (stdfiles_interposed): New function.
> 	(_IO_vtable_check): Call it.

This seems to be overly conservative.  I think we do not actually have
to care about interposition.  We should read the vtables in the
libc.so startup code and check if they match the values in stdfiles.c.
This way, vtable validation is not disabled if there is merely a copy
relocation.