1 |
tamiko 17/06/19 16:45:10 |
2 |
|
3 |
Modified: README.history |
4 |
Added: |
5 |
00_all_0049-rtld-Completely-ignore-LD_LIBRARY_PATH-for-AT_SECURE.patch |
6 |
00_all_0050-rtld-Reject-overly-long-LD_AUDIT-path-elements.patch |
7 |
00_all_0051-rtld-Reject-overly-long-LD_PRELOAD-path-elements.patch |
8 |
00_all_0052-Add-IS_IN-guard-to-multiarch-IFUNC-implementations.patch |
9 |
00_all_0053-Ignore-and-remove-LD_HWCAP_MASK-for-AT_SECURE-progra.patch |
10 |
Log: |
11 |
glibc-2.24: update to patchset 8 |
12 |
|
13 |
Revision Changes Path |
14 |
1.8 src/patchsets/glibc/2.24/README.history |
15 |
|
16 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/README.history?rev=1.8&view=markup |
17 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/README.history?rev=1.8&content-type=text/plain |
18 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/README.history?r1=1.7&r2=1.8 |
19 |
|
20 |
Index: README.history |
21 |
=================================================================== |
22 |
RCS file: /var/cvsroot/gentoo/src/patchsets/glibc/2.24/README.history,v |
23 |
retrieving revision 1.7 |
24 |
retrieving revision 1.8 |
25 |
diff -u -r1.7 -r1.8 |
26 |
--- README.history 14 Jun 2017 22:28:44 -0000 1.7 |
27 |
+++ README.history 19 Jun 2017 16:45:10 -0000 1.8 |
28 |
@@ -1,3 +1,10 @@ |
29 |
+8 15 June 2017 |
30 |
+ + 00_all_0049-rtld-Completely-ignore-LD_LIBRARY_PATH-for-AT_SECURE.patch |
31 |
+ + 00_all_0050-rtld-Reject-overly-long-LD_AUDIT-path-elements.patch |
32 |
+ + 00_all_0051-rtld-Reject-overly-long-LD_PRELOAD-path-elements.patch |
33 |
+ + 00_all_0052-Add-IS_IN-guard-to-multiarch-IFUNC-implementations.patch |
34 |
+ + 00_all_0053-Ignore-and-remove-LD_HWCAP_MASK-for-AT_SECURE-progra.patch |
35 |
+ |
36 |
7 15 June 2017 |
37 |
+ 00_all_0047-posix_spawn-use-a-larger-min-stack-for-fstack-check-.patch |
38 |
+ 00_all_0048-sh-Fix-building-with-gcc5-6.patch |
39 |
|
40 |
|
41 |
|
42 |
1.1 src/patchsets/glibc/2.24/00_all_0049-rtld-Completely-ignore-LD_LIBRARY_PATH-for-AT_SECURE.patch |
43 |
|
44 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0049-rtld-Completely-ignore-LD_LIBRARY_PATH-for-AT_SECURE.patch?rev=1.1&view=markup |
45 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0049-rtld-Completely-ignore-LD_LIBRARY_PATH-for-AT_SECURE.patch?rev=1.1&content-type=text/plain |
46 |
|
47 |
Index: 00_all_0049-rtld-Completely-ignore-LD_LIBRARY_PATH-for-AT_SECURE.patch |
48 |
=================================================================== |
49 |
From 4d009d39ac9ede0369e268554a181b428f177a80 Mon Sep 17 00:00:00 2001 |
50 |
Message-Id: <4d009d39ac9ede0369e268554a181b428f177a80.1495998948.git.fweimer@××××××.com> |
51 |
In-Reply-To: <cover.1495998948.git.fweimer@××××××.com> |
52 |
References: <cover.1495998948.git.fweimer@××××××.com> |
53 |
From: Florian Weimer <fweimer@××××××.com> |
54 |
Date: Sun, 28 May 2017 20:37:40 +0200 |
55 |
Subject: [PATCH 1/3] rtld: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 |
56 |
programs |
57 |
To: libc-alpha@××××××××××.org |
58 |
|
59 |
LD_LIBRARY_PATH can only be used to reorder system search paths, which |
60 |
is not useful functionality. |
61 |
--- |
62 |
elf/rtld.c | 3 ++- |
63 |
1 file changed, 2 insertions(+), 1 deletion(-) |
64 |
|
65 |
diff --git a/elf/rtld.c b/elf/rtld.c |
66 |
index 319ef06..824b6cf 100644 |
67 |
--- a/elf/rtld.c |
68 |
+++ b/elf/rtld.c |
69 |
@@ -2419,7 +2419,8 @@ process_envvars (enum mode *modep) |
70 |
|
71 |
case 12: |
72 |
/* The library search path. */ |
73 |
- if (memcmp (envline, "LIBRARY_PATH", 12) == 0) |
74 |
+ if (!__libc_enable_secure |
75 |
+ && memcmp (envline, "LIBRARY_PATH", 12) == 0) |
76 |
{ |
77 |
library_path = &envline[13]; |
78 |
break; |
79 |
-- |
80 |
2.9.4 |
81 |
|
82 |
|
83 |
|
84 |
|
85 |
1.1 src/patchsets/glibc/2.24/00_all_0050-rtld-Reject-overly-long-LD_AUDIT-path-elements.patch |
86 |
|
87 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0050-rtld-Reject-overly-long-LD_AUDIT-path-elements.patch?rev=1.1&view=markup |
88 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0050-rtld-Reject-overly-long-LD_AUDIT-path-elements.patch?rev=1.1&content-type=text/plain |
89 |
|
90 |
Index: 00_all_0050-rtld-Reject-overly-long-LD_AUDIT-path-elements.patch |
91 |
=================================================================== |
92 |
From ba67ba3275d47e0080f0e5f09d9f5102c000c97e Mon Sep 17 00:00:00 2001 |
93 |
Message-Id: <ba67ba3275d47e0080f0e5f09d9f5102c000c97e.1495998948.git.fweimer@××××××.com> |
94 |
In-Reply-To: <cover.1495998948.git.fweimer@××××××.com> |
95 |
References: <cover.1495998948.git.fweimer@××××××.com> |
96 |
From: Florian Weimer <fweimer@××××××.com> |
97 |
Date: Sun, 28 May 2017 20:44:52 +0200 |
98 |
Subject: [PATCH 3/3] rtld: Reject overly long LD_AUDIT path elements |
99 |
To: libc-alpha@××××××××××.org |
100 |
|
101 |
Also only process the last LD_AUDIT entry. |
102 |
--- |
103 |
elf/rtld.c | 110 ++++++++++++++++++++++++++++++++++++++++++++++++++++--------- |
104 |
1 file changed, 95 insertions(+), 15 deletions(-) |
105 |
|
106 |
diff --git a/elf/rtld.c b/elf/rtld.c |
107 |
index 215a9ae..511c6bf 100644 |
108 |
--- a/elf/rtld.c |
109 |
+++ b/elf/rtld.c |
110 |
@@ -100,13 +100,91 @@ strong_alias (__pointer_chk_guard_local, __pointer_chk_guard) |
111 |
#endif |
112 |
|
113 |
|
114 |
-/* List of auditing DSOs. */ |
115 |
+/* LD_AUDIT variable contents. Must be processed before the |
116 |
+ audit_list below. */ |
117 |
+const char *audit_list_string; |
118 |
+ |
119 |
+/* Cyclic list of auditing DSOs. audit_list->next is the first |
120 |
+ element. */ |
121 |
static struct audit_list |
122 |
{ |
123 |
const char *name; |
124 |
struct audit_list *next; |
125 |
} *audit_list; |
126 |
|
127 |
+/* Iterator for audit_list_string followed by audit_list. */ |
128 |
+struct audit_list_iter |
129 |
+{ |
130 |
+ /* Tail of audit_list_string still needing processing, or NULL. */ |
131 |
+ const char *audit_list_tail; |
132 |
+ |
133 |
+ /* The list element returned in the previous iteration. NULL before |
134 |
+ the first element. */ |
135 |
+ struct audit_list *previous; |
136 |
+ |
137 |
+ /* Scratch buffer for returning a name which is part of |
138 |
+ audit_list_string. */ |
139 |
+ char fname[PATH_MAX]; |
140 |
+}; |
141 |
+ |
142 |
+/* Initialize an audit list iterator. */ |
143 |
+static void |
144 |
+audit_list_iter_init (struct audit_list_iter *iter) |
145 |
+{ |
146 |
+ iter->audit_list_tail = audit_list_string; |
147 |
+ iter->previous = NULL; |
148 |
+} |
149 |
+ |
150 |
+/* Iterate through both audit_list_string and audit_list. */ |
151 |
+static const char * |
152 |
+audit_list_iter_next (struct audit_list_iter *iter) |
153 |
+{ |
154 |
+ if (iter->audit_list_tail != NULL) |
155 |
+ { |
156 |
+ /* First iterate over audit_list_string. */ |
157 |
+ while (*iter->audit_list_tail != '\0') |
158 |
+ { |
159 |
+ /* Split audit list at colon. */ |
160 |
+ size_t len = strcspn (iter->audit_list_tail, ":"); |
161 |
+ if (len > 0 && len < PATH_MAX) |
162 |
+ { |
163 |
+ memcpy (iter->fname, iter->audit_list_tail, len); |
164 |
+ iter->fname[len] = '\0'; |
165 |
+ } |
166 |
+ else |
167 |
+ /* Do not return this name to the caller. */ |
168 |
+ iter->fname[0] = '\0'; |
169 |
+ |
170 |
+ /* Skip over the substring and the following delimiter. */ |
171 |
+ iter->audit_list_tail += len; |
172 |
+ if (*iter->audit_list_tail == ':') |
173 |
+ ++iter->audit_list_tail; |
174 |
+ |
175 |
+ /* If the name is valid, return it. */ |
176 |
+ if (dso_name_valid_for_suid (iter->fname)) |
177 |
+ return iter->fname; |
178 |
+ /* Otherwise, wrap around and try the next name. */ |
179 |
+ } |
180 |
+ /* Fall through to the procesing of audit_list. */ |
181 |
+ } |
182 |
+ |
183 |
+ if (iter->previous == NULL) |
184 |
+ { |
185 |
+ if (audit_list == NULL) |
186 |
+ /* No pre-parsed audit list. */ |
187 |
+ return NULL; |
188 |
+ /* Start of audit list. The first list element is at |
189 |
+ audit_list->next (cyclic list). */ |
190 |
+ iter->previous = audit_list->next; |
191 |
+ return iter->previous->name; |
192 |
+ } |
193 |
+ if (iter->previous == audit_list) |
194 |
+ /* Cyclic list wrap-around. */ |
195 |
+ return NULL; |
196 |
+ iter->previous = iter->previous->next; |
197 |
+ return iter->previous->name; |
198 |
+} |
199 |
+ |
200 |
#ifndef HAVE_INLINED_SYSCALLS |
201 |
/* Set nonzero during loading and initialization of executable and |
202 |
libraries, cleared before the executable's entry point runs. This |
203 |
@@ -1257,11 +1335,13 @@ of this helper program; chances are you did not intend to run this program.\n\ |
204 |
GL(dl_rtld_map).l_tls_modid = _dl_next_tls_modid (); |
205 |
|
206 |
/* If we have auditing DSOs to load, do it now. */ |
207 |
- if (__glibc_unlikely (audit_list != NULL)) |
208 |
+ bool need_security_init = true; |
209 |
+ if (__glibc_unlikely (audit_list != NULL) |
210 |
+ || __glibc_unlikely (audit_list_string != NULL)) |
211 |
{ |
212 |
- /* Iterate over all entries in the list. The order is important. */ |
213 |
struct audit_ifaces *last_audit = NULL; |
214 |
- struct audit_list *al = audit_list->next; |
215 |
+ struct audit_list_iter al_iter; |
216 |
+ audit_list_iter_init (&al_iter); |
217 |
|
218 |
/* Since we start using the auditing DSOs right away we need to |
219 |
initialize the data structures now. */ |
220 |
@@ -1272,9 +1352,14 @@ of this helper program; chances are you did not intend to run this program.\n\ |
221 |
use different values (especially the pointer guard) and will |
222 |
fail later on. */ |
223 |
security_init (); |
224 |
+ need_security_init = false; |
225 |
|
226 |
- do |
227 |
+ while (true) |
228 |
{ |
229 |
+ const char *name = audit_list_iter_next (&al_iter); |
230 |
+ if (name == NULL) |
231 |
+ break; |
232 |
+ |
233 |
int tls_idx = GL(dl_tls_max_dtv_idx); |
234 |
|
235 |
/* Now it is time to determine the layout of the static TLS |
236 |
@@ -1283,7 +1368,7 @@ of this helper program; chances are you did not intend to run this program.\n\ |
237 |
no DF_STATIC_TLS bit is set. The reason is that we know |
238 |
glibc will use the static model. */ |
239 |
struct dlmopen_args dlmargs; |
240 |
- dlmargs.fname = al->name; |
241 |
+ dlmargs.fname = name; |
242 |
dlmargs.map = NULL; |
243 |
|
244 |
const char *objname; |
245 |
@@ -1296,7 +1381,7 @@ of this helper program; chances are you did not intend to run this program.\n\ |
246 |
not_loaded: |
247 |
_dl_error_printf ("\ |
248 |
ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", |
249 |
- al->name, err_str); |
250 |
+ name, err_str); |
251 |
if (malloced) |
252 |
free ((char *) err_str); |
253 |
} |
254 |
@@ -1400,10 +1485,7 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", |
255 |
goto not_loaded; |
256 |
} |
257 |
} |
258 |
- |
259 |
- al = al->next; |
260 |
} |
261 |
- while (al != audit_list->next); |
262 |
|
263 |
/* If we have any auditing modules, announce that we already |
264 |
have two objects loaded. */ |
265 |
@@ -1682,7 +1764,7 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", |
266 |
if (tcbp == NULL) |
267 |
tcbp = init_tls (); |
268 |
|
269 |
- if (__glibc_likely (audit_list == NULL)) |
270 |
+ if (__glibc_likely (need_security_init)) |
271 |
/* Initialize security features. But only if we have not done it |
272 |
earlier. */ |
273 |
security_init (); |
274 |
@@ -2313,9 +2395,7 @@ process_dl_audit (char *str) |
275 |
char *p; |
276 |
|
277 |
while ((p = (strsep) (&str, ":")) != NULL) |
278 |
- if (p[0] != '\0' |
279 |
- && (__builtin_expect (! __libc_enable_secure, 1) |
280 |
- || strchr (p, '/') == NULL)) |
281 |
+ if (dso_name_valid_for_suid (p)) |
282 |
{ |
283 |
/* This is using the local malloc, not the system malloc. The |
284 |
memory can never be freed. */ |
285 |
@@ -2379,7 +2459,7 @@ process_envvars (enum mode *modep) |
286 |
break; |
287 |
} |
288 |
if (memcmp (envline, "AUDIT", 5) == 0) |
289 |
- process_dl_audit (&envline[6]); |
290 |
+ audit_list_string = &envline[6]; |
291 |
break; |
292 |
|
293 |
case 7: |
294 |
|
295 |
|
296 |
|
297 |
1.1 src/patchsets/glibc/2.24/00_all_0051-rtld-Reject-overly-long-LD_PRELOAD-path-elements.patch |
298 |
|
299 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0051-rtld-Reject-overly-long-LD_PRELOAD-path-elements.patch?rev=1.1&view=markup |
300 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0051-rtld-Reject-overly-long-LD_PRELOAD-path-elements.patch?rev=1.1&content-type=text/plain |
301 |
|
302 |
Index: 00_all_0051-rtld-Reject-overly-long-LD_PRELOAD-path-elements.patch |
303 |
=================================================================== |
304 |
From 65ff0b7a085b85271ec8fde99f542281b495e3bc Mon Sep 17 00:00:00 2001 |
305 |
Message-Id: <65ff0b7a085b85271ec8fde99f542281b495e3bc.1495998948.git.fweimer@××××××.com> |
306 |
In-Reply-To: <cover.1495998948.git.fweimer@××××××.com> |
307 |
References: <cover.1495998948.git.fweimer@××××××.com> |
308 |
From: Florian Weimer <fweimer@××××××.com> |
309 |
Date: Sun, 28 May 2017 20:57:40 +0200 |
310 |
Subject: [PATCH 2/3] rtld: Reject overly long LD_PRELOAD path elements |
311 |
To: libc-alpha@××××××××××.org |
312 |
|
313 |
--- |
314 |
elf/rtld.c | 69 +++++++++++++++++++++++++++++++++++++++++++++++--------------- |
315 |
1 file changed, 53 insertions(+), 16 deletions(-) |
316 |
|
317 |
diff --git a/elf/rtld.c b/elf/rtld.c |
318 |
index 68b32df..a5ebb60 100644 |
319 |
--- a/elf/rtld.c |
320 |
+++ b/elf/rtld.c |
321 |
@@ -99,6 +99,22 @@ uintptr_t __pointer_chk_guard_local |
322 |
strong_alias (__pointer_chk_guard_local, __pointer_chk_guard) |
323 |
#endif |
324 |
|
325 |
+/* Check that AT_SECURE=0, or that the passed name does not contain |
326 |
+ directories and is not overly long. Reject empty names |
327 |
+ unconditionally. */ |
328 |
+static bool |
329 |
+dso_name_valid_for_suid (const char *p) |
330 |
+{ |
331 |
+ if (__glibc_unlikely (__libc_enable_secure)) |
332 |
+ { |
333 |
+ /* Ignore pathnames with directories for AT_SECURE=1 |
334 |
+ programs, and also skip overlong names. */ |
335 |
+ size_t len = strlen (p); |
336 |
+ if (len >= NAME_MAX || memchr (p, '/', len) != NULL) |
337 |
+ return false; |
338 |
+ } |
339 |
+ return *p != '\0'; |
340 |
+} |
341 |
|
342 |
/* LD_AUDIT variable contents. Must be processed before the |
343 |
audit_list below. */ |
344 |
@@ -808,6 +824,42 @@ static const char *preloadlist attribute_relro; |
345 |
/* Nonzero if information about versions has to be printed. */ |
346 |
static int version_info attribute_relro; |
347 |
|
348 |
+/* The LD_PRELOAD environment variable gives list of libraries |
349 |
+ separated by white space or colons that are loaded before the |
350 |
+ executable's dependencies and prepended to the global scope list. |
351 |
+ (If the binary is running setuid all elements containing a '/' are |
352 |
+ ignored since it is insecure.) Return the number of preloads |
353 |
+ performed. */ |
354 |
+unsigned int |
355 |
+handle_ld_preload (const char *preloadlist, struct link_map *main_map) |
356 |
+{ |
357 |
+ unsigned int npreloads = 0; |
358 |
+ const char *p = preloadlist; |
359 |
+ char fname[PATH_MAX]; |
360 |
+ |
361 |
+ while (*p != '\0') |
362 |
+ { |
363 |
+ /* Split preload list at space/colon. */ |
364 |
+ size_t len = strcspn (p, " :"); |
365 |
+ if (len > 0 && len < PATH_MAX) |
366 |
+ { |
367 |
+ memcpy (fname, p, len); |
368 |
+ fname[len] = '\0'; |
369 |
+ } |
370 |
+ else |
371 |
+ fname[0] = '\0'; |
372 |
+ |
373 |
+ /* Skip over the substring and the following delimiter. */ |
374 |
+ p += len; |
375 |
+ if (*p == ' ' || *p == ':') |
376 |
+ ++p; |
377 |
+ |
378 |
+ if (dso_name_valid_for_suid (fname)) |
379 |
+ npreloads += do_preload (fname, main_map, "LD_PRELOAD"); |
380 |
+ } |
381 |
+ return npreloads; |
382 |
+} |
383 |
+ |
384 |
static void |
385 |
dl_main (const ElfW(Phdr) *phdr, |
386 |
ElfW(Word) phnum, |
387 |
@@ -1563,23 +1615,8 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", |
388 |
|
389 |
if (__glibc_unlikely (preloadlist != NULL)) |
390 |
{ |
391 |
- /* The LD_PRELOAD environment variable gives list of libraries |
392 |
- separated by white space or colons that are loaded before the |
393 |
- executable's dependencies and prepended to the global scope |
394 |
- list. If the binary is running setuid all elements |
395 |
- containing a '/' are ignored since it is insecure. */ |
396 |
- char *list = strdupa (preloadlist); |
397 |
- char *p; |
398 |
- |
399 |
HP_TIMING_NOW (start); |
400 |
- |
401 |
- /* Prevent optimizing strsep. Speed is not important here. */ |
402 |
- while ((p = (strsep) (&list, " :")) != NULL) |
403 |
- if (p[0] != '\0' |
404 |
- && (__builtin_expect (! __libc_enable_secure, 1) |
405 |
- || strchr (p, '/') == NULL)) |
406 |
- npreloads += do_preload (p, main_map, "LD_PRELOAD"); |
407 |
- |
408 |
+ npreloads += handle_ld_preload (preloadlist, main_map); |
409 |
HP_TIMING_NOW (stop); |
410 |
HP_TIMING_DIFF (diff, start, stop); |
411 |
HP_TIMING_ACCUM_NT (load_time, diff); |
412 |
|
413 |
|
414 |
|
415 |
1.1 src/patchsets/glibc/2.24/00_all_0052-Add-IS_IN-guard-to-multiarch-IFUNC-implementations.patch |
416 |
|
417 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0052-Add-IS_IN-guard-to-multiarch-IFUNC-implementations.patch?rev=1.1&view=markup |
418 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0052-Add-IS_IN-guard-to-multiarch-IFUNC-implementations.patch?rev=1.1&content-type=text/plain |
419 |
|
420 |
Index: 00_all_0052-Add-IS_IN-guard-to-multiarch-IFUNC-implementations.patch |
421 |
=================================================================== |
422 |
From 862ee76acbf83a2d785809734b02c1929c4a0859 Mon Sep 17 00:00:00 2001 |
423 |
From: Matthias Maier <tamiko@××××.org> |
424 |
Date: Wed, 14 Jun 2017 03:22:11 -0500 |
425 |
Subject: [PATCH] Add IS_IN guard to multiarch/IFUNC implementations |
426 |
|
427 |
The two preceding rtld patches add the first reference to strcspn to |
428 |
ld.so, which pulls in the multiarch/IFUNC implementations because the |
429 |
files in question lack an IS_IN (libc) guard (which essentially disables |
430 |
IFUNCs in ld.so). |
431 |
|
432 |
Patch by Florian Weimer <fweimer@××××××.com> |
433 |
--- |
434 |
sysdeps/i386/i686/multiarch/strcspn-c.c | 6 ++++-- |
435 |
sysdeps/i386/i686/multiarch/varshift.c | 4 +++- |
436 |
2 files changed, 7 insertions(+), 3 deletions(-) |
437 |
|
438 |
diff --git a/sysdeps/i386/i686/multiarch/strcspn-c.c b/sysdeps/i386/i686/multiarch/strcspn-c.c |
439 |
index 6d61e19..ec230fb 100644 |
440 |
--- a/sysdeps/i386/i686/multiarch/strcspn-c.c |
441 |
+++ b/sysdeps/i386/i686/multiarch/strcspn-c.c |
442 |
@@ -1,2 +1,4 @@ |
443 |
-#define __strcspn_sse2 __strcspn_ia32 |
444 |
-#include <sysdeps/x86_64/multiarch/strcspn-c.c> |
445 |
+#if IS_IN (libc) |
446 |
+# define __strcspn_sse2 __strcspn_ia32 |
447 |
+# include <sysdeps/x86_64/multiarch/strcspn-c.c> |
448 |
+#endif |
449 |
diff --git a/sysdeps/i386/i686/multiarch/varshift.c b/sysdeps/i386/i686/multiarch/varshift.c |
450 |
index 7760b96..6742a35 100644 |
451 |
--- a/sysdeps/i386/i686/multiarch/varshift.c |
452 |
+++ b/sysdeps/i386/i686/multiarch/varshift.c |
453 |
@@ -1 +1,3 @@ |
454 |
-#include <sysdeps/x86_64/multiarch/varshift.c> |
455 |
+#if IS_IN (libc) |
456 |
+# include <sysdeps/x86_64/multiarch/varshift.c> |
457 |
+#endif |
458 |
-- |
459 |
2.13.0 |
460 |
|
461 |
|
462 |
|
463 |
|
464 |
1.1 src/patchsets/glibc/2.24/00_all_0053-Ignore-and-remove-LD_HWCAP_MASK-for-AT_SECURE-progra.patch |
465 |
|
466 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0053-Ignore-and-remove-LD_HWCAP_MASK-for-AT_SECURE-progra.patch?rev=1.1&view=markup |
467 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.24/00_all_0053-Ignore-and-remove-LD_HWCAP_MASK-for-AT_SECURE-progra.patch?rev=1.1&content-type=text/plain |
468 |
|
469 |
Index: 00_all_0053-Ignore-and-remove-LD_HWCAP_MASK-for-AT_SECURE-progra.patch |
470 |
=================================================================== |
471 |
From 1c1243b6fc33c029488add276e56570a07803bfd Mon Sep 17 00:00:00 2001 |
472 |
From: Siddhesh Poyarekar <siddhesh@××××××××××.org> |
473 |
Date: Tue, 7 Mar 2017 20:52:04 +0530 |
474 |
Subject: [PATCH] Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (bug |
475 |
#21209) |
476 |
|
477 |
The LD_HWCAP_MASK environment variable may alter the selection of |
478 |
function variants for some architectures. For AT_SECURE process it |
479 |
means that if an outdated routine has a bug that would otherwise not |
480 |
affect newer platforms by default, LD_HWCAP_MASK will allow that bug |
481 |
to be exploited. |
482 |
|
483 |
To be on the safe side, ignore and disable LD_HWCAP_MASK for setuid |
484 |
binaries. |
485 |
|
486 |
[BZ #21209] |
487 |
* elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for |
488 |
AT_SECURE processes. |
489 |
* sysdeps/generic/unsecvars.h: Add LD_HWCAP_MASK. |
490 |
* elf/tst-env-setuid.c (test_parent): Test LD_HWCAP_MASK. |
491 |
(test_child): Likewise. |
492 |
* elf/Makefile (tst-env-setuid-ENV): Add LD_HWCAP_MASK. |
493 |
--- |
494 |
ChangeLog | 10 ++++++++++ |
495 |
elf/Makefile | 3 ++- |
496 |
elf/rtld.c | 3 ++- |
497 |
elf/tst-env-setuid.c | 12 ++++++++++++ |
498 |
sysdeps/generic/unsecvars.h | 1 + |
499 |
5 files changed, 27 insertions(+), 2 deletions(-) |
500 |
|
501 |
diff --git a/elf/rtld.c b/elf/rtld.c |
502 |
index a036ece956..5986eaf4a1 100644 |
503 |
--- a/elf/rtld.c |
504 |
+++ b/elf/rtld.c |
505 |
@@ -2404,7 +2404,8 @@ process_envvars (enum mode *modep) |
506 |
|
507 |
case 10: |
508 |
/* Mask for the important hardware capabilities. */ |
509 |
- if (memcmp (envline, "HWCAP_MASK", 10) == 0) |
510 |
+ if (!__libc_enable_secure |
511 |
+ && memcmp (envline, "HWCAP_MASK", 10) == 0) |
512 |
GLRO(dl_hwcap_mask) = __strtoul_internal (&envline[11], NULL, |
513 |
0, 0); |
514 |
break; |
515 |
diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h |
516 |
index a74083786e..5ea8a4a259 100644 |
517 |
--- a/sysdeps/generic/unsecvars.h |
518 |
+++ b/sysdeps/generic/unsecvars.h |
519 |
@@ -16,6 +16,7 @@ |
520 |
"LD_DEBUG\0" \ |
521 |
"LD_DEBUG_OUTPUT\0" \ |
522 |
"LD_DYNAMIC_WEAK\0" \ |
523 |
+ "LD_HWCAP_MASK\0" \ |
524 |
"LD_LIBRARY_PATH\0" \ |
525 |
"LD_ORIGIN_PATH\0" \ |
526 |
"LD_PRELOAD\0" \ |
527 |
-- |
528 |
2.13.0 |