lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-07-28 00:21:52 +03:00
Code Activity

Update.

Browse Source 
2004-03-26  Ulrich Drepper  <drepper@redhat.com>

	* elf/dl-caller.c: New file.
	* include/caller.h: New file.
	* Makefile (distribute): Add include/caller.h.
	* elf/Makefile (dl-routines): Add dl-caller.
	* elf/dl-load.c (_dl_map_object_from_fd): Record l_text_end.
	* elf/dl-open.c (check_libc_caller): Removed.
	(dl_open_worker): Use __check_caller instead.
	* elf/rtld.c (_rtld_global_ro): Initialize _dl_check_caller.
	(_dl_start_final): Record l_text_end for ld.so map.
	(dl_main): Record l_text_end for main object and vdso.
	* include/link.h (struct link_map): Add l_text_end field.
	* sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Add
	_dl_check_caller field.
	Define enum allowmask.  Add declaration of _dl_check_caller.
	* sysdeps/unix/sysv/linux/dl-execstack.c: Also use __check_caller test.
This commit is contained in:
Ulrich Drepper
2004-03-27 03:40:33 +00:00
parent 17c263876b
commit eec8b6cae5
12 changed files with 159 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
ChangeLog
View File

@ -1,3 +1,21 @@
2004-03-26 Ulrich Drepper <drepper@redhat.com>
* elf/dl-caller.c: New file.
* include/caller.h: New file.
* Makefile (distribute): Add include/caller.h.
* elf/Makefile (dl-routines): Add dl-caller.
* elf/dl-load.c (_dl_map_object_from_fd): Record l_text_end.
* elf/dl-open.c (check_libc_caller): Removed.
(dl_open_worker): Use __check_caller instead.
* elf/rtld.c (_rtld_global_ro): Initialize _dl_check_caller.
(_dl_start_final): Record l_text_end for ld.so map.
(dl_main): Record l_text_end for main object and vdso.
* include/link.h (struct link_map): Add l_text_end field.
* sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Add
_dl_check_caller field.
Define enum allowmask. Add declaration of _dl_check_caller.
* sysdeps/unix/sysv/linux/dl-execstack.c: Also use __check_caller test.
2004-03-26 Richard Henderson <rth@redhat.com> 2004-03-26 Richard Henderson <rth@redhat.com>
* sysdeps/alpha/Makefile <gnulib> (sysdep_routines): Merge divrem * sysdeps/alpha/Makefile <gnulib> (sysdep_routines): Merge divrem

2
Makefile
View File

@ -282,7 +282,7 @@ distribute := README README.libm INSTALL FAQ FAQ.in NOTES NEWS BUGS \
rpm/template rpm/rpmrc abi-tags stub-tag.h \ rpm/template rpm/rpmrc abi-tags stub-tag.h \
test-skeleton.c include/des.h include/libc-internal.h \ test-skeleton.c include/des.h include/libc-internal.h \
include/shlib-compat.h include/pthread.h Versions.def \ include/shlib-compat.h include/pthread.h Versions.def \
cppflags-iterator.mk tls.make.c \ cppflags-iterator.mk tls.make.c include/caller.h \
include/stubs-prologue.h include/gnu/stubs.h \ include/stubs-prologue.h include/gnu/stubs.h \
include/atomic.h bits/atomic.h symbol-hacks.h \ include/atomic.h bits/atomic.h symbol-hacks.h \
INTERFACE CONFORMANCE NAMESPACE LICENSES \ INTERFACE CONFORMANCE NAMESPACE LICENSES \

2
elf/Makefile
View File

@ -30,7 +30,7 @@ routines = $(dl-routines) dl-open dl-close dl-support dl-iteratephdr \
dl-routines = $(addprefix dl-,load cache lookup object reloc deps \ dl-routines = $(addprefix dl-,load cache lookup object reloc deps \
runtime error init fini debug misc \ runtime error init fini debug misc \
version profile conflict tls origin \ version profile conflict tls origin \
execstack) execstack caller)
all-dl-routines = $(dl-routines) $(sysdep-dl-routines) all-dl-routines = $(dl-routines) $(sysdep-dl-routines)
# But they are absent from the shared libc, because that code is in ld.so. # But they are absent from the shared libc, because that code is in ld.so.
elide-routines.os = $(all-dl-routines) dl-support enbl-secure dl-origin elide-routines.os = $(all-dl-routines) dl-support enbl-secure dl-origin

85
elf/dl-caller.c Normal file
View File

@ -0,0 +1,85 @@
/* Check whether caller comes from the right place.
Copyright (C) 2004 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA. */
#include <assert.h>
#include <ldsodefs.h>
#include <stddef.h>
#include <caller.h>
#include <gnu/lib-names.h>
int
attribute_hidden
_dl_check_caller (const void *caller, enum allowmask mask)
{
static const char expected1[] = LIBC_SO;
static const char expected2[] = LIBDL_SO;
#ifdef LIBPTHREAD_SO
static const char expected3[] = LIBPTHREAD_SO;
#endif
static const char expected4[] = LD_SO;
for (struct link_map *l = GL(dl_loaded); l != NULL; l = l->l_next)
if (caller >= (const void *) l->l_map_start
&& caller < (const void *) l->l_text_end)
{
/* The address falls into this DSO's address range. Check the
name. */
if ((mask & allow_libc) && strcmp (expected1, l->l_name) == 0)
return 0;
if ((mask & allow_libdl) && strcmp (expected2, l->l_name) == 0)
return 0;
#ifdef LIBPTHREAD_SO
if ((mask & allow_libpthread) && strcmp (expected3, l->l_name) == 0)
return 0;
#endif
if ((mask & allow_ldso) && strcmp (expected4, l->l_name) == 0)
return 0;
struct libname_list *runp = l->l_libname;
while (runp != NULL)
{
if ((mask & allow_libc) && strcmp (expected1, runp->name) == 0)
return 0;
if ((mask & allow_libdl) && strcmp (expected2, runp->name) == 0)
return 0;
#ifdef LIBPTHREAD_SO
if ((mask & allow_libpthread)
&& strcmp (expected3, runp->name) == 0)
return 0;
#endif
if ((mask & allow_ldso) && strcmp (expected4, runp->name) == 0)
return 0;
runp = runp->next;
}
break;
}
/* Maybe the dynamic linker is not yet on the list. */
if ((mask & allow_ldso) != 0
&& caller >= (const void *) GL(dl_rtld_map).l_map_start
&& caller < (const void *) GL(dl_rtld_map).l_text_end)
return 0;
/* No valid caller. */
return 1;
}

5
elf/dl-load.c
View File

@ -1110,7 +1110,7 @@ cannot allocate TLS data structures for initial thread");
unallocated. Then jump into the normal segment-mapping loop to unallocated. Then jump into the normal segment-mapping loop to
handle the portion of the segment past the end of the file handle the portion of the segment past the end of the file
mapping. */ mapping. */
__mprotect ((caddr_t) (l->l_addr + c->mapend), __mprotect ((caddr_t) l->l_text_end,
loadcmds[nloadcmds - 1].allocend - c->mapend, loadcmds[nloadcmds - 1].allocend - c->mapend,
PROT_NONE); PROT_NONE);
@ -1146,6 +1146,9 @@ cannot allocate TLS data structures for initial thread");
goto map_error; goto map_error;
postmap: postmap:
if (c->prot & PROT_EXEC)
l->l_text_end = l->l_addr + c->mapend;
if (l->l_phdr == 0 if (l->l_phdr == 0
&& (ElfW(Off)) c->mapoff <= header->e_phoff && (ElfW(Off)) c->mapoff <= header->e_phoff
&& ((size_t) (c->mapend - c->mapstart + c->mapoff) && ((size_t) (c->mapend - c->mapstart + c->mapoff)

68
elf/dl-open.c
View File

@ -30,7 +30,7 @@
#include <bits/libc-lock.h> #include <bits/libc-lock.h>
#include <ldsodefs.h> #include <ldsodefs.h>
#include <bp-sym.h> #include <bp-sym.h>
#include <gnu/lib-names.h> #include <caller.h>
#include <dl-dst.h> #include <dl-dst.h>
@ -156,68 +156,6 @@ add_to_global (struct link_map *new)
} }
#ifdef SHARED
static int
internal_function
check_libc_caller (const void *caller)
{
static const char expected1[] = LIBC_SO;
static const char expected2[] = LIBDL_SO;
/* If we already know the address ranges, just test. */
static const void *expected1_from;
static const void *expected1_to;
static const void *expected2_from;
static const void *expected2_to;
if (expected1_from == NULL)
{
/* The only other DSO which is allowed to call these functions is
libdl. Find the address range containing the caller. */
struct link_map *l;
for (l = GL(dl_loaded); l != NULL; l = l->l_next)
if (strcmp (expected1, l->l_name) == 0)
{
is_1:
expected1_from = (const void *) l->l_map_start;
expected1_to = (const void *) l->l_map_end;
}
else if (strcmp (expected2, l->l_name) == 0)
{
is_2:
expected2_from = (const void *) l->l_map_start;
expected2_to = (const void *) l->l_map_end;
}
else
{
struct libname_list *runp = l->l_libname;
while (runp != NULL)
{
if (strcmp (expected1, runp->name) == 0)
goto is_1;
else if (strcmp (expected2, runp->name) == 0)
goto is_2;
runp = runp->next;
}
}
assert (expected1_from != NULL);
}
/* When there would be more than two expected caller we could use an
array for the values but for now this is cheaper. */
if ((caller >= expected1_from && caller < expected1_to)
|| (caller >= expected2_from && caller < expected2_to))
return 0;
return 1;
}
#endif
static void static void
dl_open_worker (void *a) dl_open_worker (void *a)
{ {
@ -232,11 +170,9 @@ dl_open_worker (void *a)
bool any_tls; bool any_tls;
#endif #endif
#ifdef SHARED
/* Check whether _dl_open() has been called from a valid DSO. */ /* Check whether _dl_open() has been called from a valid DSO. */
if (check_libc_caller (args->caller_dl_open) != 0) if (__check_caller (args->caller_dl_open, allow_libc|allow_libdl) != 0)
GLRO(dl_signal_error) (0, "dlopen", NULL, N_("invalid caller")); GLRO(dl_signal_error) (0, "dlopen", NULL, N_("invalid caller"));
#endif
/* Maybe we have to expand a DST. */ /* Maybe we have to expand a DST. */
dst = strchr (file, '$'); dst = strchr (file, '$');

12
elf/rtld.c
View File

@ -142,6 +142,7 @@ struct rtld_global_ro _rtld_global_ro attribute_relro =
._dl_start_profile = _dl_start_profile, ._dl_start_profile = _dl_start_profile,
._dl_mcount = _dl_mcount_internal, ._dl_mcount = _dl_mcount_internal,
._dl_lookup_symbol_x = _dl_lookup_symbol_x, ._dl_lookup_symbol_x = _dl_lookup_symbol_x,
._dl_check_caller = _dl_check_caller
}; };
/* If we would use strong_alias here the compiler would see a /* If we would use strong_alias here the compiler would see a
non-hidden definition. This would undo the effect of the previous non-hidden definition. This would undo the effect of the previous
@ -208,6 +209,7 @@ static ElfW(Addr) _dl_start_final (void *arg,
/* These defined magically in the linker script. */ /* These defined magically in the linker script. */
extern char _begin[] attribute_hidden; extern char _begin[] attribute_hidden;
extern char _etext[] attribute_hidden;
extern char _end[] attribute_hidden; extern char _end[] attribute_hidden;
@ -268,6 +270,7 @@ _dl_start_final (void *arg, struct dl_start_final_info *info)
GL(dl_rtld_map).l_opencount = 1; GL(dl_rtld_map).l_opencount = 1;
GL(dl_rtld_map).l_map_start = (ElfW(Addr)) _begin; GL(dl_rtld_map).l_map_start = (ElfW(Addr)) _begin;
GL(dl_rtld_map).l_map_end = (ElfW(Addr)) _end; GL(dl_rtld_map).l_map_end = (ElfW(Addr)) _end;
GL(dl_rtld_map).l_text_end = (ElfW(Addr)) _etext;
/* Copy the TLS related data if necessary. */ /* Copy the TLS related data if necessary. */
#if USE_TLS && !defined DONT_USE_BOOTSTRAP_MAP #if USE_TLS && !defined DONT_USE_BOOTSTRAP_MAP
# if USE___THREAD # if USE___THREAD
@ -899,6 +902,7 @@ of this helper program; chances are you did not intend to run this program.\n\
} }
GL(dl_loaded)->l_map_end = 0; GL(dl_loaded)->l_map_end = 0;
GL(dl_loaded)->l_text_end = 0;
/* Perhaps the executable has no PT_LOAD header entries at all. */ /* Perhaps the executable has no PT_LOAD header entries at all. */
GL(dl_loaded)->l_map_start = ~0; GL(dl_loaded)->l_map_start = ~0;
/* We opened the file, account for it. */ /* We opened the file, account for it. */
@ -969,6 +973,8 @@ of this helper program; chances are you did not intend to run this program.\n\
allocend = GL(dl_loaded)->l_addr + ph->p_vaddr + ph->p_memsz; allocend = GL(dl_loaded)->l_addr + ph->p_vaddr + ph->p_memsz;
if (GL(dl_loaded)->l_map_end < allocend) if (GL(dl_loaded)->l_map_end < allocend)
GL(dl_loaded)->l_map_end = allocend; GL(dl_loaded)->l_map_end = allocend;
if ((ph->p_flags & PF_X) && allocend > GL(dl_loaded)->l_text_end)
GL(dl_loaded)->l_text_end = allocend;
} }
break; break;
#ifdef USE_TLS #ifdef USE_TLS
@ -1012,6 +1018,8 @@ of this helper program; chances are you did not intend to run this program.\n\
#endif #endif
if (! GL(dl_loaded)->l_map_end) if (! GL(dl_loaded)->l_map_end)
GL(dl_loaded)->l_map_end = ~0; GL(dl_loaded)->l_map_end = ~0;
if (! GL(dl_loaded)->l_text_end)
GL(dl_loaded)->l_text_end = ~0;
if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name) if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name)
{ {
/* We were invoked directly, so the program might not have a /* We were invoked directly, so the program might not have a
@ -1271,11 +1279,15 @@ ERROR: ld.so: object '%s' from %s cannot be preloaded: ignored.\n",
l->l_addr = ph->p_vaddr; l->l_addr = ph->p_vaddr;
else if (ph->p_vaddr + ph->p_memsz >= l->l_map_end) else if (ph->p_vaddr + ph->p_memsz >= l->l_map_end)
l->l_map_end = ph->p_vaddr + ph->p_memsz; l->l_map_end = ph->p_vaddr + ph->p_memsz;
else if ((ph->p_flags & PF_X)
&& ph->p_vaddr + ph->p_memsz >= l->l_text_end)
l->l_text_end = ph->p_vaddr + ph->p_memsz;
} }
} }
l->l_map_start = (ElfW(Addr)) GLRO(dl_sysinfo_dso); l->l_map_start = (ElfW(Addr)) GLRO(dl_sysinfo_dso);
l->l_addr = l->l_map_start - l->l_addr; l->l_addr = l->l_map_start - l->l_addr;
l->l_map_end += l->l_addr; l->l_map_end += l->l_addr;
l->l_text_end += l->l_addr;
l->l_ld = (void *) ((ElfW(Addr)) l->l_ld + l->l_addr); l->l_ld = (void *) ((ElfW(Addr)) l->l_ld + l->l_addr);
elf_get_dynamic_info (l, dyn_temp); elf_get_dynamic_info (l, dyn_temp);
_dl_setup_hash (l); _dl_setup_hash (l);

2
include/link.h
View File

@ -208,6 +208,8 @@ struct link_map
/* Start and finish of memory map for this object. l_map_start /* Start and finish of memory map for this object. l_map_start
need not be the same as l_addr. */ need not be the same as l_addr. */
ElfW(Addr) l_map_start, l_map_end; ElfW(Addr) l_map_start, l_map_end;
/* End of the executable part of the mapping. */
ElfW(Addr) l_text_end;
/* Default array for 'l_scope'. */ /* Default array for 'l_scope'. */
struct r_scope_elem *l_scope_mem[4]; struct r_scope_elem *l_scope_mem[4];

5
nptl/ChangeLog
View File

@ -1,3 +1,8 @@
2004-03-26 Ulrich Drepper <drepper@redhat.com>
* allocatestack.c (_make_stacks_executable): Call
_dl_make_stack_executable first.
2004-03-24 Roland McGrath <roland@redhat.com> 2004-03-24 Roland McGrath <roland@redhat.com>
* sysdeps/i386/pthread_spin_lock.c (pthread_spin_lock): Use "m" * sysdeps/i386/pthread_spin_lock.c (pthread_spin_lock): Use "m"

11
nptl/allocatestack.c
View File

@ -676,9 +676,10 @@ int
internal_function internal_function
__make_stacks_executable (void **stack_endp) __make_stacks_executable (void **stack_endp)
{ {
/* Challenge the caller. */ /* First the main thread's stack. */
if (*stack_endp != __libc_stack_end) int err = _dl_make_stack_executable (stack_endp);
return EPERM; if (err != 0)
return err;
#ifdef NEED_SEPARATE_REGISTER_STACK #ifdef NEED_SEPARATE_REGISTER_STACK
const size_t pagemask = ~(__getpagesize () - 1); const size_t pagemask = ~(__getpagesize () - 1);
@ -686,7 +687,6 @@ __make_stacks_executable (void **stack_endp)
lll_lock (stack_cache_lock); lll_lock (stack_cache_lock);
int err = 0;
list_t *runp; list_t *runp;
list_for_each (runp, &stack_used) list_for_each (runp, &stack_used)
{ {
@ -716,9 +716,6 @@ __make_stacks_executable (void **stack_endp)
lll_unlock (stack_cache_lock); lll_unlock (stack_cache_lock);
if (err == 0)
err = _dl_make_stack_executable (stack_endp);
return err; return err;
} }

16
sysdeps/generic/ldsodefs.h
View File

@ -171,6 +171,17 @@ struct libname_list
}; };
/* Bit masks for the objects which valid callers can come from to
functions with restricted interface. */
enum allowmask
{
allow_libc = 1,
allow_libdl = 2,
allow_libpthread = 4,
allow_ldso = 8
};
/* Test whether given NAME matches any of the names of the given object. */ /* Test whether given NAME matches any of the names of the given object. */
extern int _dl_name_match_p (const char *__name, struct link_map *__map) extern int _dl_name_match_p (const char *__name, struct link_map *__map)
internal_function; internal_function;
@ -492,6 +503,7 @@ struct rtld_global_ro
const struct r_found_version *, const struct r_found_version *,
int, int, int, int,
struct link_map *); struct link_map *);
int (*_dl_check_caller) (const void *, enum allowmask);
}; };
# define __rtld_global_attribute__ # define __rtld_global_attribute__
@ -878,6 +890,10 @@ extern size_t _dl_dst_count (const char *name, int is_path) attribute_hidden;
extern char *_dl_dst_substitute (struct link_map *l, const char *name, extern char *_dl_dst_substitute (struct link_map *l, const char *name,
char *result, int is_path) attribute_hidden; char *result, int is_path) attribute_hidden;
/* Check validity of the caller. */
extern int _dl_check_caller (const void *caller, enum allowmask mask)
attribute_hidden;
__END_DECLS __END_DECLS
#endif /* ldsodefs.h */ #endif /* ldsodefs.h */

12
sysdeps/unix/sysv/linux/dl-execstack.c
View File

@ -20,8 +20,10 @@
#include <ldsodefs.h> #include <ldsodefs.h>
#include <sys/mman.h> #include <sys/mman.h>
#include <errno.h> #include <errno.h>
#include <libintl.h>
#include <stdbool.h> #include <stdbool.h>
#include <stackinfo.h> #include <stackinfo.h>
#include <caller.h>
#include "kernel-features.h" #include "kernel-features.h"
@ -31,13 +33,14 @@ internal_function
_dl_make_stack_executable (void **stack_endp) _dl_make_stack_executable (void **stack_endp)
{ {
/* This gives us the highest/lowest page that needs to be changed. */ /* This gives us the highest/lowest page that needs to be changed. */
uintptr_t page = ((uintptr_t) __libc_stack_end uintptr_t page = ((uintptr_t) *stack_endp
& -(intptr_t) GLRO(dl_pagesize)); & -(intptr_t) GLRO(dl_pagesize));
/* Challenge the caller. */ /* Challenge the caller. */
if (__builtin_expect (*stack_endp != __libc_stack_end, 0)) if (__builtin_expect (__check_caller (__builtin_return_address (0),
allow_ldso|allow_libpthread) != 0, 0)
|| __builtin_expect (*stack_endp != __libc_stack_end, 0))
return EPERM; return EPERM;
*stack_endp = NULL;
#if _STACK_GROWS_DOWN #if _STACK_GROWS_DOWN
/* Newer Linux kernels support a flag to make our job easy. */ /* Newer Linux kernels support a flag to make our job easy. */
@ -151,6 +154,9 @@ _dl_make_stack_executable (void **stack_endp)
#endif #endif
return_success: return_success:
/* Clear the address. */
*stack_endp = NULL;
/* Remember that we changed the permission. */ /* Remember that we changed the permission. */
GL(dl_stack_flags) |= PF_X; GL(dl_stack_flags) |= PF_X;