From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=eUEk=LP=redhat.com=josimmon@sourceware.org>
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by sourceware.org (Postfix) with ESMTPS id 0E51F384AB43
	for <libc-alpha@sourceware.org>; Wed, 10 Apr 2024 19:59:09 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 0E51F384AB43
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 0E51F384AB43
Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712779159; cv=none;
	b=oDigcoQFft0pf6Q8kd/KkyWTVyS+z5RbZkffp8namWZrgKwPa9MnSm9jIYhyXgrjzSTf5jW/KUUjvI5lPm3PBDaB6ABWtLyOL8jHBnoZ7skcdf94pjz19y9KNXicx01qqFr01c2YuZvI3hhAcX+y7qe8coiXxztPA8+YG/iGWis=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
	t=1712779159; c=relaxed/simple;
	bh=baYoAZbzSQHVrgIfJCC3vkv239Hqz7MbmZRfNtK8LEk=;
	h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=YYeMLus2Nv187CjSm+UXQ52U+lreoPuwfIfihfjZSE5mpLYx2351Zzk2ixfHZU3JguUKHQMSa7WewprRwD3Md4wMRJIgM+6YFYlxdLu/nefNyTWM9v7dGfVMe5H39JoWZgDA7nbcquaBbRdA3h446nK2o8zil3ewwUwVlyreVb4=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1712779148;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=/eRf9rCSGnE9n+SjG2MZiLeqhIgrMDPhHTPjN1xmWOU=;
	b=XBT0nMZC4fDstsu+7/aWNx5qF4yKWucfW6bV3BZqG+buIaoQF8yP9Y0/V2XLHjgfKuVEyo
	wHbZiFrPU/rIAi90XSvFZNY7zIO7o5JQJ6DeSl/jqfKS38P1hYoiV7plyIa0Mm5WBTNEIA
	etS1+X79ggwTL43bL6AV6BNyaq4KEtw=
Received: from mail-ej1-f72.google.com (mail-ej1-f72.google.com
 [209.85.218.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-606-Ly2T0Y14PpCltUpEOrdaDA-1; Wed, 10 Apr 2024 15:59:07 -0400
X-MC-Unique: Ly2T0Y14PpCltUpEOrdaDA-1
Received: by mail-ej1-f72.google.com with SMTP id a640c23a62f3a-a4e9ac44d37so434856066b.0
        for <libc-alpha@sourceware.org>; Wed, 10 Apr 2024 12:59:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1712779145; x=1713383945;
        h=content-transfer-encoding:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=/eRf9rCSGnE9n+SjG2MZiLeqhIgrMDPhHTPjN1xmWOU=;
        b=oYPWmdWfU3rp1azesHbmuoS+s4AmyFOn5+LR/PO2sNm0IeUt/UbsIJpSr+Xx4EhHpb
         fZ9L2I2kpVGjEO/+LJzjjN7qNQlJWaKw4fmh4xgUU3CJJfNmH9+Gkqmmlo8VX0aC91eX
         FGKqMdpVz5IPgkAVHEtaKGQ6BnkvcsvCJ32XHvaoKKMNSu/GoGw6cmlMoWfB+1wLQPDd
         +CmjZZcw7NcCNYcau94aEkSyxBNcNe/RRIGfwSFZXbRZzD0moEEk55qsU4aE6dU84ER9
         vQ0gFAZZzHr955SIeIpxcwFZi7I4YBw23pynPSLv+d1GlpmAY2XWAeGgCLH9q9RGk2JB
         9ccw==
X-Gm-Message-State: AOJu0Yzb/WYzX1jBRqUQ39w7Ysv+GsnXnohwIustWqVrueqjIpTHH0e3
	ENoSG9C0XyZsUqcq31NLzQOiyxz3gXf/6OZrtDLbwXhiKfPuJWlXZ4zneDh9z9wkzysgRByyWyQ
	l6YJite+qFoPTVVWW3xokJHkAK3cDOJClhOFMhvrrfWbTKz+dMgInp0ZGgjMdE9eOzeakMW+tkL
	t9NcbZnDUAmrGV4C2oaH5/owAEPc3cCCuz+Uc2/q0W
X-Received: by 2002:a17:907:7e8e:b0:a46:3ce4:5acb with SMTP id qb14-20020a1709077e8e00b00a463ce45acbmr2533235ejc.75.1712779145683;
        Wed, 10 Apr 2024 12:59:05 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IE0z0/R3Kgyzup9clKb6OEJNLN6Cnuvht1Mz8IGS1xvGB4WF24VcYYHlZjMH7pv9PsZKklTaJywj825kAmeWY8=
X-Received: by 2002:a17:907:7e8e:b0:a46:3ce4:5acb with SMTP id
 qb14-20020a1709077e8e00b00a463ce45acbmr2533223ejc.75.1712779145325; Wed, 10
 Apr 2024 12:59:05 -0700 (PDT)
MIME-Version: 1.0
References: <20240307214032.2773074-1-josimmon@redhat.com>
In-Reply-To: <20240307214032.2773074-1-josimmon@redhat.com>
From: Joe Simmons-Talbott <josimmon@redhat.com>
Date: Wed, 10 Apr 2024 15:58:49 -0400
Message-ID: <CAAQBMsPJJKE87TKdc8kGExZ+d=BJhwXP0hVY1+c+j3+-h=7ycg@mail.gmail.com>
Subject: Re: [PATCH v2] elf/rtld: Count skipped environment variables for enable_secure
To: libc-alpha@sourceware.org
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-13.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <libc-alpha.sourceware.org>

Ping

On Thu, Mar 7, 2024 at 4:40=E2=80=AFPM Joe Simmons-Talbott <josimmon@redhat=
.com> wrote:
>
> When using the glibc.rtld.enable_secure tunable we need to keep track of
> the count of environment variables we skip due to __libc_enable_secure
> being set and adjust the auxv section of the stack.  This fixes an
> assertion when running ld.so directly with glibc.rtld.enable_secure set.
>
> elf/rtld.c:1324   assert (auxv =3D=3D sp + 1);
> ---
> Changes to v1:
> * Add comment explaining how and why skip_env is adjusted.
>
>  elf/rtld.c | 31 +++++++++++++++++++++++--------
>  1 file changed, 23 insertions(+), 8 deletions(-)
>
> diff --git a/elf/rtld.c b/elf/rtld.c
> index ac4bb23652..e9525ea987 100644
> --- a/elf/rtld.c
> +++ b/elf/rtld.c
> @@ -155,7 +155,7 @@ static void dl_main_state_init (struct dl_main_state =
*state);
>     Since all of them start with `LD_' we are a bit smarter while finding
>     all the entries.  */
>  extern char **_environ attribute_hidden;
> -static void process_envvars (struct dl_main_state *state);
> +static int process_envvars (struct dl_main_state *state);
>
>  int _dl_argc attribute_relro attribute_hidden;
>  char **_dl_argv attribute_relro =3D NULL;
> @@ -1287,7 +1287,7 @@ rtld_setup_main_map (struct link_map *main_map)
>     _dl_argv and _dl_argc accordingly.  Those arguments are removed from
>     argv here.  */
>  static void
> -_dl_start_args_adjust (int skip_args)
> +_dl_start_args_adjust (int skip_args, int skip_env)
>  {
>    void **sp =3D (void **) (_dl_argv - skip_args - 1);
>    void **p =3D sp + skip_args;
> @@ -1319,7 +1319,7 @@ _dl_start_args_adjust (int skip_args)
>    while (*p !=3D NULL);
>
>  #ifdef HAVE_AUX_VECTOR
> -  void **auxv =3D (void **) GLRO(dl_auxv) - skip_args;
> +  void **auxv =3D (void **) GLRO(dl_auxv) - skip_args - skip_env;
>    GLRO(dl_auxv) =3D (ElfW(auxv_t) *) auxv; /* Aliasing violation.  */
>    assert (auxv =3D=3D sp + 1);
>
> @@ -1350,6 +1350,7 @@ dl_main (const ElfW(Phdr) *phdr,
>    unsigned int i;
>    bool rtld_is_main =3D false;
>    void *tcbp =3D NULL;
> +  int skip_env =3D 0;
>
>    struct dl_main_state state;
>    dl_main_state_init (&state);
> @@ -1363,7 +1364,7 @@ dl_main (const ElfW(Phdr) *phdr,
>  #endif
>
>    /* Process the environment variable which control the behaviour.  */
> -  process_envvars (&state);
> +  skip_env =3D process_envvars (&state);
>
>  #ifndef HAVE_INLINED_SYSCALLS
>    /* Set up a flag which tells we are just starting.  */
> @@ -1628,7 +1629,7 @@ dl_main (const ElfW(Phdr) *phdr,
>          _dl_argv[0] =3D argv0;
>
>        /* Adjust arguments for the application entry point.  */
> -      _dl_start_args_adjust (_dl_argv - orig_argv);
> +      _dl_start_args_adjust (_dl_argv - orig_argv, skip_env);
>      }
>    else
>      {
> @@ -2532,11 +2533,12 @@ a filename can be specified using the LD_DEBUG_OU=
TPUT environment variable.\n");
>      }
>  }
>
> -static void
> +static int
>  process_envvars_secure (struct dl_main_state *state)
>  {
>    char **runp =3D _environ;
>    char *envline;
> +  int skip_env =3D 0;
>
>    while ((envline =3D _dl_next_ld_env_entry (&runp)) !=3D NULL)
>      {
> @@ -2578,6 +2580,14 @@ process_envvars_secure (struct dl_main_state *stat=
e)
>    const char *nextp =3D UNSECURE_ENVVARS;
>    do
>      {
> +      /* Keep track of the number of environment variables that were set=
 in
> +         the environment and are unset below.  Use getenv() which return=
s
> +        non-NULL if the variable is set in the environment.  This count =
is
> +        needed if we need to adjust the location of the AUX vector on th=
e
> +        stack when running ld.so directly. */
> +      if (getenv (nextp) !=3D NULL)
> +        skip_env++;
> +
>        unsetenv (nextp);
>        nextp =3D strchr (nextp, '\0') + 1;
>      }
> @@ -2590,6 +2600,8 @@ process_envvars_secure (struct dl_main_state *state=
)
>        || state->mode !=3D rtld_mode_normal
>        || state->version_info)
>      _exit (5);
> +
> +  return skip_env;
>  }
>
>  static void
> @@ -2743,13 +2755,16 @@ process_envvars_default (struct dl_main_state *st=
ate)
>      }
>  }
>
> -static void
> +static int
>  process_envvars (struct dl_main_state *state)
>  {
> +  int skip_env =3D 0;
>    if (__glibc_unlikely (__libc_enable_secure))
> -    process_envvars_secure (state);
> +    skip_env +=3D process_envvars_secure (state);
>    else
>      process_envvars_default (state);
> +
> +  return skip_env;
>  }
>
>  #if HP_TIMING_INLINE
> --
> 2.43.2
>


--=20
Joe Simmons-Talbott