From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <hjl.tools@gmail.com>
Received: from mail-pg1-x534.google.com (mail-pg1-x534.google.com
 [IPv6:2607:f8b0:4864:20::534])
 by sourceware.org (Postfix) with ESMTPS id D7A323858403
 for <libc-alpha@sourceware.org>; Fri, 10 Dec 2021 15:26:42 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org D7A323858403
Received: by mail-pg1-x534.google.com with SMTP id r138so8329830pgr.13
 for <libc-alpha@sourceware.org>; Fri, 10 Dec 2021 07:26:42 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=7K51FkTCt4EaON+/grz48eDiJyzGlEpQFLscObub5ww=;
 b=s4IjTmhbXtbMV39XZy8yvF3euoYEQTW0i4unzzaMfve5+UrsW++SJDp4L4Jgt8REQM
 r+v3rToYa58EPOSmp/A6hhRZvfZmwzTkYbaH8tf9vYg8PE7WhB1QKXRKEg/+OIw/nrTD
 hKNRHl0K1V9Ma1bYr8mVZWx5Nr/5cLbSIzqzomh6LLKPbxiSlFysGkOq52QbyY4wM4py
 +TbJ0Gp86lxrz9Qtrlivne4OP3i4BNYhpqn8hBcnIkdU1oJ9WGUVDDivwLqtqRP8OopI
 C0Ay4MUbhUef9TZ5wa5iqYKKdnXfLBPyrmFgKp78osQcDAhaz4pdaA8O2xc6n+fDYgOM
 mk7A==
X-Gm-Message-State: AOAM530Cv4oaNv1ck6IMmpGi/OpacH5fprNEmeCDpd4IpCA+NQ1SLD7f
 oqCVcNskhdksmyg1k+HJZIIwwhse77l+pDHcsdE=
X-Google-Smtp-Source: ABdhPJx+V6st/5LXV6+9wxM0wz93zGmRuhm2I6h8pSv8LQlkIhgp+3w3Tt3m2H25wHdSuNOo6AlwaulFQYNNoo1AG8w=
X-Received: by 2002:a05:6a00:8cd:b0:4a2:82d7:1703 with SMTP id
 s13-20020a056a0008cd00b004a282d71703mr18935101pfu.43.1639150001816; Fri, 10
 Dec 2021 07:26:41 -0800 (PST)
MIME-Version: 1.0
References: <20211210145220.3750010-1-hjl.tools@gmail.com>
 <87r1ak7bgw.fsf@oldenburg.str.redhat.com>
In-Reply-To: <87r1ak7bgw.fsf@oldenburg.str.redhat.com>
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Fri, 10 Dec 2021 07:26:06 -0800
Message-ID: <CAMe9rOrAcKQ89Sa+GSwS0Em5CHGzKvPBUGG3rwKBXok-P6QCnw@mail.gmail.com>
Subject: Re: [PATCH v4] elf: Only allow execute libc.so.6 directly [BZ #28453]
To: Florian Weimer <fweimer@redhat.com>
Cc: GNU C Library <libc-alpha@sourceware.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-3021.6 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,
 SPF_HELO_NONE, SPF_PASS, TXREP,
 URIBL_BLACK autolearn=no autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Dec 2021 15:26:45 -0000

On Fri, Dec 10, 2021 at 6:59 AM Florian Weimer <fweimer@redhat.com> wrote:
>
> * H. J. Lu:
>
> > +  /* With DT_NEEDED dependencies, it is a shared library.  Only allow
> > +     execute libc.so directly.  */
> > +  if (__glibc_unlikely (main_map->l_info[DT_NEEDED] != NULL))
> > +    return (main_map->l_info[DT_SONAME] != NULL
> > +         && strncmp ("libc.so.6",
> > +                     ((const char *) D_PTR (main_map, l_info[DT_STRTAB])
> > +                      + main_map->l_info[DT_SONAME]->d_un.d_val),
> > +                     sizeof ("libc.so.6") - 1) == 0);
>
> I don't think this works.  See /usr/bin/npc in Fedora, it has a soname.

It should work:

$ readelf -l /usr/bin/npc

Elf file type is DYN (Position-Independent Executable file)
Entry point 0x2a5c0
There are 14 program headers, starting at offset 64

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
  PHDR           0x0000000000000040 0x0000000000000040 0x0000000000000040
                 0x0000000000000310 0x0000000000000310  R      0x8
  INTERP         0x0000000000000350 0x0000000000000350 0x0000000000000350
                 0x000000000000001c 0x000000000000001c  R      0x1
      [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]

My patch checks PT_INTERP first.

-- 
H.J.