From: "Tulio Magno Quites Machado Filho" <tuliom@linux.vnet.ibm.com>
To: libc-stable@sourceware.org
Cc: Florian Weimer <fweimer@redhat.com>
Subject: [COMMITTED 2.18] Always enable pointer guard [BZ #18928]
Date: Thu, 01 Jan 2015 00:00:00 -0000 [thread overview]
Message-ID: <1451566083-22533-1-git-send-email-tuliom@linux.vnet.ibm.com> (raw)
From: Florian Weimer <fweimer@redhat.com>
Honoring the LD_POINTER_GUARD environment variable in AT_SECURE mode
has security implications. This commit enables pointer guard
unconditionally, and the environment variable is now ignored.
[BZ #18928]
* sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Remove
_dl_pointer_guard member.
* elf/rtld.c (_rtld_global_ro): Remove _dl_pointer_guard
initializer.
(security_init): Always set up pointer guard.
(process_envvars): Do not process LD_POINTER_GUARD.
(cherry picked from commit a014cecd82b71b70a6a843e250e06b541ad524f7)
Conflicts:
NEWS
---
ChangeLog | 10 ++++++++++
NEWS | 5 ++++-
elf/rtld.c | 15 ++++-----------
sysdeps/generic/ldsodefs.h | 3 ---
4 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 9c95cc0..d90460f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2015-12-30 Florian Weimer <fweimer@redhat.com>
+
+ [BZ #18928]
+ * sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Remove
+ _dl_pointer_guard member.
+ * elf/rtld.c (_rtld_global_ro): Remove _dl_pointer_guard
+ initializer.
+ (security_init): Always set up pointer guard.
+ (process_envvars): Do not process LD_POINTER_GUARD.
+
2014-06-03 Guo Yixuan <culu.gyx@gmail.com>
[BZ #16882]
diff --git a/NEWS b/NEWS
index 31664e4..d8e7c4d 100644
--- a/NEWS
+++ b/NEWS
@@ -10,7 +10,10 @@ Version 2.18.1
* The following bugs are resolved with this release:
15073, 15128, 15909, 15996, 16150, 16169, 16387, 16510, 16885, 16916,
- 16943, 16958.
+ 16943, 16958, 18928.
+
+* The LD_POINTER_GUARD environment variable can no longer be used to
+ disable the pointer guard feature. It is always enabled.
\f
Version 2.18
diff --git a/elf/rtld.c b/elf/rtld.c
index 91da88c..b2fce26 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -162,7 +162,6 @@ struct rtld_global_ro _rtld_global_ro attribute_relro =
._dl_hwcap_mask = HWCAP_IMPORTANT,
._dl_lazy = 1,
._dl_fpu_control = _FPU_DEFAULT,
- ._dl_pointer_guard = 1,
._dl_pagesize = EXEC_PAGESIZE,
._dl_inhibit_cache = 0,
@@ -857,15 +856,12 @@ security_init (void)
#endif
/* Set up the pointer guard as well, if necessary. */
- if (GLRO(dl_pointer_guard))
- {
- uintptr_t pointer_chk_guard = _dl_setup_pointer_guard (_dl_random,
- stack_chk_guard);
+ uintptr_t pointer_chk_guard
+ = _dl_setup_pointer_guard (_dl_random, stack_chk_guard);
#ifdef THREAD_SET_POINTER_GUARD
- THREAD_SET_POINTER_GUARD (pointer_chk_guard);
+ THREAD_SET_POINTER_GUARD (pointer_chk_guard);
#endif
- __pointer_chk_guard_local = pointer_chk_guard;
- }
+ __pointer_chk_guard_local = pointer_chk_guard;
/* We do not need the _dl_random value anymore. The less
information we leave behind, the better, so clear the
@@ -2606,9 +2602,6 @@ process_envvars (enum mode *modep)
GLRO(dl_use_load_bias) = envline[14] == '1' ? -1 : 0;
break;
}
-
- if (memcmp (envline, "POINTER_GUARD", 13) == 0)
- GLRO(dl_pointer_guard) = envline[14] != '0';
break;
case 14:
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index e7b0516..6ccbd71 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -589,9 +589,6 @@ struct rtld_global_ro
/* List of auditing interfaces. */
struct audit_ifaces *_dl_audit;
unsigned int _dl_naudit;
-
- /* 0 if internal pointer values should not be guarded, 1 if they should. */
- EXTERN int _dl_pointer_guard;
};
# define __rtld_global_attribute__
# ifdef IS_IN_rtld
--
2.1.0
next reply other threads:[~2015-12-31 12:49 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-01 0:00 Tulio Magno Quites Machado Filho [this message]
2015-01-01 0:00 ` [COMMITTED 2.18] Fix BZ #17269 -- _IO_wstr_overflow integer overflow Tulio Magno Quites Machado Filho
2015-01-01 0:00 ` [COMMITTED 2.18] Fix read past end of pattern in fnmatch (bug 18032) Tulio Magno Quites Machado Filho
2015-01-01 0:00 ` [COMMITTED 2.18] Harden tls_dtor_list with pointer mangling [BZ #19018] Tulio Magno Quites Machado Filho
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1451566083-22533-1-git-send-email-tuliom@linux.vnet.ibm.com \
--to=tuliom@linux.vnet.ibm.com \
--cc=fweimer@redhat.com \
--cc=libc-stable@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).