From patchwork Mon May 6 16:18:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 795021 Delivered-To: patch@linaro.org Received: by 2002:adf:a453:0:b0:34e:ceec:bfcd with SMTP id e19csp1006772wra; Mon, 6 May 2024 09:20:14 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWI2JDXCM9THmlJq1xEmxl8hOKTB1y4erq7HadCMFO3pKVeaXx8Junc/cXyDNTqVxNhMAQfKs4QSAgTe1XZcq27 X-Google-Smtp-Source: AGHT+IEKaMYOsOLvWjOm0jaYd4BAiRlstxB0ITUku8DL2gyqdbaXLhXtKuNou51UCLFiDwXAHsKJ X-Received: by 2002:a05:6122:4105:b0:4dc:fbc5:d47 with SMTP id ce5-20020a056122410500b004dcfbc50d47mr7142920vkb.16.1715012413954; Mon, 06 May 2024 09:20:13 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715012413; cv=pass; d=google.com; s=arc-20160816; b=r9hKgccnPOfTc3NsqkCaZs5+6CnLBIy7NjAZ4e9r0PGcSQ56wMpLmLzPxxl20EGagz ujiK0hQEsG1kts3hKi7Qd4SubQ24gt9/tIaqp4Sjbp0SRC+WiJFKMzP9rwhkuvn+d6R6 bimKVgTQm9mb+KP/Kt0u4UZeAzKLjX4xKVKTZUuq/1FeQldT4VkUNWHlhBAepypdAFOc c1JHwyj9n5Z98oPBJjiybUNrtsOwWGi4S2vPJLejjk4Q+lKfZtdFoFAvbX5Z5YXfe7bk +LP/ZHD2Pok26jjbpSTJn8gzo/FnzKtEzvQBZlA/7VXuuBPPkqzjCq9jpdENjQzAT7Do ofZg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature :arc-filter:dmarc-filter:delivered-to; bh=jIxFoXVsADzQqRVltB+h11LHnpnfSUkBztfm5qNdrBw=; fh=Fj4D3X8lmeg8caKyS1psvSc6iiuGGH95h/ZziX55t10=; b=Ps4xWzhkA/chYlkt8tABINOpj1+GofNLzwb/HrpBKHx53MFLhb01XpogSrv7VRg5EK tOzFn7+Rx11l7fxUsVuTqujPvePK7iyeTwgyglsvd7fpRCPSjmeasjCzBCb+bKbO2PYE ODK3kWffXkEdh0rYYQbA59iiBHGe9MIHAs2EKq4duJc4mvhGv0J3w3Hx2BjpawHDMvcK VuRAeutIZ79spglZ2zytF7h1XXhojmxgJKbrrYfeT+4xjCuCJYWAe44NRoCnieqoKmmT /0v2HExyf3diH4DbTr+ZtTGE6TTjlldufAF1UEcGJ9+HgBYY/ACcwFsM2zAyk6foofqV bGew==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=wuPLJ9oj; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id ic4-20020a0561024b8400b0047c4e11b4f3si2114954vsb.388.2024.05.06.09.20.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 09:20:13 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=wuPLJ9oj; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 4C9773864C15 for ; Mon, 6 May 2024 16:20:13 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) by sourceware.org (Postfix) with ESMTPS id 130EE3858D33 for ; Mon, 6 May 2024 16:20:02 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 130EE3858D33 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 130EE3858D33 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::434 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012404; cv=none; b=EDjF+IXVKJI1tl7L9cNu145r7zcK8HQaPsdjc0+Jgt2BI8XGezXe97FCAhl2suFv2AUZ0OJHKjon8etUG7MKHjfbKGFn6BXW1nXl5IGQVKdMhA9l/F9vLRN4SWGWIdaSntN2195MZlqF2yuDME9HJc3+9d1i+WLw99v6a5OAiQ4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1715012404; c=relaxed/simple; bh=lKY00NokkgnA1oQ6cHnEeILaKGO93gXvKBU3xUlo/7k=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=B/tINCq53iYe/7mz/uBFlHI42CLNyUvnKUfDvDnw+oQ0yVRgi1bsBJ7vtVLtPTG7CAD4CrxRP0iyxlYIXhFFoDlIm+b2mdaeGx/TG8Z5Hs93UZju/gUzxxK6OLUtbWfey0x1OPI19BlbwMliNY3lSV4idGChEvCeb66yECNuncw= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x434.google.com with SMTP id d2e1a72fcca58-6f44b390d5fso2084786b3a.3 for ; Mon, 06 May 2024 09:20:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1715012400; x=1715617200; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=jIxFoXVsADzQqRVltB+h11LHnpnfSUkBztfm5qNdrBw=; b=wuPLJ9ojA7FUdJRt2uTW8WbCPosfOHdWMKZde4EtcFzfQ3Z+qOPIFgFZNaHWoNm0yy nhMQvX5hHd2GEOLqXJBLfeKmrvoBwNjEBTk84kuLoqtYUQOdlY+fnG3vXGfeu4JRuXPD YjzeRyjzrVwZyacc1vzOqg+eFDTA8cDYNJHgSxYpjX5TZTMi83T8DcPupQPzMfyr1gua XWpuBeS8fMLW68CfCAZVb91olUQHCpk7P8yNdcfD9ZNil5U2NsYpJAc38aBPH1ZA+tnC 8QLclUrHZRZ1w/BinvKtqxYApj20ak7LYdN2n00onOPjgt6cHvnhL2/qXy4NN0AixDw5 HcGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715012400; x=1715617200; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jIxFoXVsADzQqRVltB+h11LHnpnfSUkBztfm5qNdrBw=; b=tTrS9t9cEtOzq4/aL7yFo4Aff6fUsBpssrlBBIXNqQIEpUgak6BqIIF3eU1CqGQ1AN jQFl2Pl/5ww8TJDCq4ng17HrbaXEmHCS0gsucZMeKBc4FOk8MtyqC6qZYLDdNyq7KhwX n8APvJQHg8k8AkDjelBThbH0lW9lid54I6n9nOP8dnTaCvMMjES0TAL40+yGVX4Nn8MA ILHiXHJhv2HLm9qyjRF+mLpUkq0LaIh3QMnGQuurbp9R7vfewjUPsm2BIZP4F0fdxI1n 38ZAmCr0OsmpR05oyUhRZjT4Zdxxs+fdgFevNS03cX+21+LNSMBq0HD7JmzdQcXDADSg 3bqA== X-Gm-Message-State: AOJu0Yzx4xvlvHGqiiMZRojvmaIJLRTUJeOlVV7g62XfKo15JikKgLaT REGpfe2H855XibQPdPtdP14SQIpY3zBxt9Wvpcdd1uPrspcWWcIqMJlv+Sp4LDMzC9GISfy6I8p DbEw= X-Received: by 2002:a05:6a20:c89b:b0:1af:ae3d:59b8 with SMTP id hb27-20020a056a20c89b00b001afae3d59b8mr4764500pzb.60.1715012400468; Mon, 06 May 2024 09:20:00 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c2:6e56:fc45:bb45:8b35:9b81]) by smtp.gmail.com with ESMTPSA id ll12-20020a056a00728c00b006ed0b798f1fsm7883347pfb.119.2024.05.06.09.19.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 09:19:59 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Siddhesh Poyarekar Subject: [PATCH v3 0/4] More tunable fixes Date: Mon, 6 May 2024 13:18:44 -0300 Message-ID: <20240506161955.1570278-1-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org The 680c597e9c3 commit made loader reject ill-formatted strings by first tracking all set tunables and then applying them. However, it does not take into consideration if the same tunable is set multiple times, where parse_tunables_string appends the found tunable without checking if it was already in the list. It leads to a stack-based buffer overflow if the tunable is specified more than the total number of tunables (BZ 31686). While fixing this issue, I noted that the new glibc.rtld.enable_secure check could be optimized a bit to avoid the string comparison on the tunable loop. I also found an issue where it does have the handle case where the environment alias is handled before the GLIBC_TUNABLES, which will change the tunable even if glibc.rtld.enable_secure it set to 0. Fixing it allows us to optimize the environment alias parsing a bit, since only tunable with aliases need to be checked (instead of the whole list). Changes from v2: * Fixed typos and improve comments. Changes from v1: * Do not change tunables internal position. Adhemerval Zanella (4): elf: Only process multiple tunable once (BZ 31686) elf: Remove glibc.rtld.enable_secure check from parse_tunables_string support: Add envp argument to support_capture_subprogram elf: Make glibc.rtld.enable_secure ignore alias environment variables elf/dl-tunables.c | 114 +++++++++++------ elf/tst-audit18.c | 2 +- elf/tst-audit19b.c | 2 +- elf/tst-audit22.c | 2 +- elf/tst-audit23.c | 2 +- elf/tst-audit25a.c | 4 +- elf/tst-audit25b.c | 4 +- elf/tst-glibc-hwcaps-2-cache.c | 2 +- elf/tst-rtld-run-static.c | 4 +- elf/tst-tunables-enable_secure.c | 136 ++++++++++++++++++--- elf/tst-tunables.c | 63 +++++++++- scripts/gen-tunables.awk | 16 ++- support/capture_subprocess.h | 9 +- support/subprocess.h | 7 +- support/support_capture_subprocess.c | 5 +- support/support_subprocess.c | 5 +- support/tst-support_capture_subprocess.c | 2 +- sysdeps/aarch64/multiarch/memset_generic.S | 4 + sysdeps/sparc/sparc64/rtld-memset.c | 3 + sysdeps/x86/tst-hwcap-tunables.c | 2 +- 20 files changed, 310 insertions(+), 78 deletions(-)