From patchwork Thu May 2 16:35:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 794110 Delivered-To: patch@linaro.org Received: by 2002:adf:a153:0:b0:34d:5089:5a9e with SMTP id r19csp345504wrr; Thu, 2 May 2024 09:37:37 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXYKjWky6vCw9ejFVyHe5iCnJNkkzoTPlhtUAbVPSBazJ1RI6tdreWxi2SMk5Bb0BOWe4pr9VKp9shwCOaippjA X-Google-Smtp-Source: AGHT+IFT+hU3pejazHREvkkfT94524jGQ7JhNVqx3cA+YpDjaecwe82jvAIrXwJBWy9IDdY9Yg7N X-Received: by 2002:a05:6870:b418:b0:233:ac4c:43a5 with SMTP id x24-20020a056870b41800b00233ac4c43a5mr433491oap.22.1714667857020; Thu, 02 May 2024 09:37:37 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714667856; cv=pass; d=google.com; s=arc-20160816; b=jqxaOQ03AnjSC8E1tIMXuNNsxnaQVzA3qrPFlnsEWjz5MFFd+RJAx3jUZ+q6qCIkQk zVtW46+qtFSVlsYIm4mhp4DkGoIvQepIfCNYQbBjFGp/UphDqGggQA6Sqc0lzOLv3Wh1 V9YmzV5aNtZKlSifuibqMD6n3nVg5FlpNJp85tdWd2a0CM8We/sM/+PvNonCzPnqMSLB ReAMA3OAVFzKQDm0UdSCutnUKxsNilf5L5GWxkHq+IBVCJc+qojbykwaej6YQDaptu2c SNbkNGp877v+gogRrOLwS1YgIEmVOidIVON/kb1y02M8lC7vK/k5GUIDPUE5HfqFJjig qL4A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature :arc-filter:dmarc-filter:delivered-to; bh=pEvHLvO8nfLKMvplB7K+rYi8SwGZH34Lb/alofR3cdw=; fh=Fj4D3X8lmeg8caKyS1psvSc6iiuGGH95h/ZziX55t10=; b=xGUDWfOWRIztKrGk0x31xe3JBkapGN7x7c4HX68Ed9j16/6GGhOlPSkyaTs0sf617l 05W/QEEAePi0k8KIw9F7Rd58gmUJ+hBHf24dB8lftTIT7VNuON/E8NR+Q7k76nFgssBp BY86IXXeSoxPIY6MsmbtZPLSNtlMMBwULQZAI74T9+OszEZaR++cWZ8MO0fwFsaQt3H0 zFQ5QTkt9cCEuTK3p52/G13YOZqEgFYEZZUCGDwXP5QNpzarXlpoHqOaxpDxHy8rcnaf i25oCl1RSdJhVYUmGeS35EQZGSiO6NwDoD89sWrL5mBCOMD+dZx+VTJge7EPrVQTXm3I jpWQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=szWUMd1W; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id g15-20020a0562140acf00b006a0ae4f0cdasi1358431qvi.381.2024.05.02.09.37.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:36 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=szWUMd1W; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id A1811384AB58 for ; Thu, 2 May 2024 16:37:36 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) by sourceware.org (Postfix) with ESMTPS id 8A28B384AB59 for ; Thu, 2 May 2024 16:37:23 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8A28B384AB59 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 8A28B384AB59 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::42e ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667845; cv=none; b=Al6fJDvt+7BzKbaQpUKs0YKcOIN3w57b2F4Yeayc2P65npNnWtkYdhwU3/FyaL0g00VxCQevN0ySvpsQPBTsXj6WeTqrD3D2lDIxaJSF7BNJM+z+Shn2IXBz160vEeJWzD5Np0cPH6oiKWuGMtcjUW0zuxKHTRhwt1jBVYNt0/0= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714667845; c=relaxed/simple; bh=bqv9rDaNAXwkHztEPMEHQ1WkuKDdgg8vTYPYcBHWZRQ=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=U/9vExgEJDV31+LPmVvTz/He9k0aWjZOl9P9zZkjxVdpM6csorqV5uEVOv088xSo1x68dNFrGDctrYmLXJc7SFu2HvgQQCndYymAptT8rFeJQ86v5z5LOTPV1MMyIPg32t5AfCusfIw7PKhig7kwda5oCargm7BJzfjsCwXAU7I= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-6f4178aec15so2426556b3a.0 for ; Thu, 02 May 2024 09:37:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714667842; x=1715272642; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=pEvHLvO8nfLKMvplB7K+rYi8SwGZH34Lb/alofR3cdw=; b=szWUMd1WD9ihb9O6+wzNpiMwQR73L0SCY6xcUP6vevqNHPyZB6siuiFoCfGBjEacpo JR0152JWggyaV8iwC1NcCLEAsZMk64Q21reYWpXZlA95XlT0//d5OHD9f1cP/c6wNuEx 48ApyTJKaK1+RogWnDzl+9sJO9CcZh/Mygp5ww6QIDKMbLniPrM2ABHZv3HQS/49dtHK wtmVR6e/ccoj1Bc6w3Mm6WqXdFnYd+psp78FNgowX76r/6ZIC8/Syo4BpU905K3NqGkQ PhP5f2MSqNGdJgnQ8MkXg9/4WeoVUBAXc8W8iZavX0WDyR4nJHnpjLNrfZHez8zhGAbR Th0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714667842; x=1715272642; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=pEvHLvO8nfLKMvplB7K+rYi8SwGZH34Lb/alofR3cdw=; b=ozIlPA8SGhVw0Tjy08TXjALcclz5rO7oObRyFWOVuPib0QcnqsHRI6nVZND6auMeEO 1DzYEfJH8vGSpn3iPJulfVXPxfqjbkAXN7rmtWzBnD1JPbmtdko9ASGXPvNy/eWn59Eg PymgesVf4W/qYfFJFD/gCSmZ4earzH5qYXDOt1Uq482XjXb/takkJsZyyvPBTyw+Gb3I hdTDhlnsLqFfFC01J9si5nX8b0pUi3ldolDO8oBqJfmGBD4oJnDpaGqx4BL5UzD+cx/O W+C2wVZGZxc4h5jxaVq35KbxoGdEoxhpkPHMSWFLp6zpGyR/yNJ8mu6yP3TucljYznjN PaVQ== X-Gm-Message-State: AOJu0YysLEeo2boX3ePSmf4UENhSw19Y0TiLQWaoWOw9JV+aWVcdD+ne Tt6tzGUkiYGLvVhX3VNRXHpcVfuyTzJ6Nnl2l3PMpu8eoyFFN6Z4HGFLlDDXh8pBMPuzdDkgEsN k X-Received: by 2002:a05:6a00:cc2:b0:6ee:1d03:77b9 with SMTP id b2-20020a056a000cc200b006ee1d0377b9mr31426pfv.31.1714667841552; Thu, 02 May 2024 09:37:21 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c1:e3c5:e62b:fe17:6851:b93]) by smtp.gmail.com with ESMTPSA id j4-20020a62b604000000b006ecfa91a210sm1439524pff.100.2024.05.02.09.37.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 09:37:21 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v2 0/4] More tunable fixes Date: Thu, 2 May 2024 13:35:55 -0300 Message-ID: <20240502163716.1107975-1-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org The 680c597e9c3 commit made loader reject ill-formatted strings by first tracking all set tunables and then applying them. However, it does not take into consideration if the same tunable is set multiple times, where parse_tunables_string appends the found tunable without checking if it was already in the list. It leads to a stack-based buffer overflow if the tunable is specified more than the total number of tunables (BZ 31686). While fixing this issue, I noted that the new glibc.rtld.enable_secure check could be optimized a bit to avoid the string comparison on the tunable loop. I also found an issue where it does have the handle case where the environment alias is handled before the GLIBC_TUNABLES, which will change the tunable even if glibc.rtld.enable_secure it set to 0. Fixing it allows us to optimize the environment alias parsing a bit, since only tunable with aliases need to be checked (instead of the whole list). Changes from v1: * Do not change tunables internal position. Adhemerval Zanella (4): elf: Only process multiple tunable once (BZ 31686) elf: Remove glibc.rtld.enable_secure check from parse_tunables_string support: Add envp argument to support_capture_subprogram elf: Make glibc.rtld.enable_secure ignore alias environment variables elf/dl-tunables.c | 114 ++++++++++++------ elf/tst-audit18.c | 2 +- elf/tst-audit19b.c | 2 +- elf/tst-audit22.c | 2 +- elf/tst-audit23.c | 2 +- elf/tst-audit25a.c | 4 +- elf/tst-audit25b.c | 4 +- elf/tst-glibc-hwcaps-2-cache.c | 2 +- elf/tst-rtld-run-static.c | 4 +- elf/tst-tunables-enable_secure.c | 133 ++++++++++++++++++--- elf/tst-tunables.c | 60 +++++++++- scripts/gen-tunables.awk | 16 ++- support/capture_subprocess.h | 9 +- support/subprocess.h | 7 +- support/support_capture_subprocess.c | 5 +- support/support_subprocess.c | 5 +- support/tst-support_capture_subprocess.c | 2 +- sysdeps/aarch64/multiarch/memset_generic.S | 4 + sysdeps/sparc/sparc64/rtld-memset.c | 3 + sysdeps/x86/tst-hwcap-tunables.c | 2 +- 20 files changed, 304 insertions(+), 78 deletions(-)