From patchwork Mon Nov 6 20:25:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 741453 Delivered-To: patch@linaro.org Received: by 2002:adf:fd90:0:b0:32d:baff:b0ca with SMTP id d16csp1294301wrr; Mon, 6 Nov 2023 12:26:14 -0800 (PST) X-Google-Smtp-Source: AGHT+IFKIeK/aY6EcLzYd5suoCXMjZVqRwvha2QGg7PQ2ZGfS2J9q0kHh0sBmswhfKorckthMgyD X-Received: by 2002:a05:6214:21ad:b0:675:66e5:7405 with SMTP id t13-20020a05621421ad00b0067566e57405mr14105993qvc.35.1699302373823; Mon, 06 Nov 2023 12:26:13 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1699302373; cv=pass; d=google.com; s=arc-20160816; b=c1VhWhQ+UeLWsYdWyj1sjaDD2SDqPo4mz4RrV0kRs2Lq8Y5hhXBlRtzj94xeJ1AI3F q+3irSRjUE+B5lfaBbUPq/FbOBoFVQrT8WfqfZifY6EIVvTLqdyofRT8p5Qu2MP2LCs3 4TNJemXIeKUAMRR6BCKM+HIAj6cgxBdXmMH5ONyjjdcwap4sTZSgWb6E+ywVaBD+zo+b hQFah2iI4vgF3CHzaUleexCu1Noem4VvQJPO2UhCMfDMJFoSdqXsnO1HBmll79nNgMa4 pjIdXVvj2vOhK28cUMrZxahFlqZbzz+dxc6ZFb4U8xPV3iIL3tN2U5VyoOkqMf3HAGhI i2fw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=esjAsFKyq1qOv7OubaudS7wN9qGWBRX0L7Tv1Wq1oWQ=; fh=VMuAjWLc97wcDarQBhQuFh9YVmIwEj8w9Q+Q5DjP2hw=; b=GJg1THhlhGt1isn0otiDu6EIJe4pYWpw4XJOXhAxmP6ura4JyBx6sd2y/xE2AtI99g S+B120QBAtd1flq1icOdWqCJn8wBJTTE2LLJfPKAoCj3tR3tapVM/us0GJcN3i4VgQ/z NQ+pl99jJfEqFrCj2EifYXzqIdIjGvHWcos2qLc49Sr0NNB98zVRYDOCLzavenhsatGU jC2X/Tyt3qohpJRwfMSvIrg6PxCgcNvWfM9emMcmTye6ZMjfskHK2W0JBd5cVLPKbiit w9n8N8k+qtCIkrPBZXDruhbt19FCpdM0RZ0yrAN4qXI3BRY7UToad4TuE/gqqCGeGr7r nQSA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=C8wjjsrR; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id a7-20020a0cefc7000000b0065b11081339si6211946qvt.417.2023.11.06.12.26.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Nov 2023 12:26:13 -0800 (PST) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=C8wjjsrR; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 7D101385800C for ; Mon, 6 Nov 2023 20:26:13 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-yw1-x1134.google.com (mail-yw1-x1134.google.com [IPv6:2607:f8b0:4864:20::1134]) by sourceware.org (Postfix) with ESMTPS id 451513858C5E for ; Mon, 6 Nov 2023 20:26:03 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 451513858C5E Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 451513858C5E Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::1134 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699302364; cv=none; b=IDHw0ut0lYIiUzqrcoFrV2Yi3sPj8BVvpA2xW6FoYtKTPKd3sx8gVzEjjbWcFUh4dvozmAvpLL0koV4uAEzPVjIgXF7YEXCA+Zhmdqw7B5IxUx2gc/A+XMSNY0DGSwu/O2Nr7VzTF4904RjGWyLAQfh7GNDHaImmmoZv6X0r6yk= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699302364; c=relaxed/simple; bh=OKUD/2lFPcVvxRUkXmamLbtzYo3WNGkXnSD+xfFQYGo=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=NiYTQMD/r293u/6xZYBv7HQD8kHWDL/miuUueyxgs1Jktv6gCjMD9QFvRay7kVqpBqrZEcfpV82xoOOXTQlmyiD4iC1mQyeb22Uf1UAqW8v5VOMiQi2LJ3+ejsIbpTDVzfCr9s5qZFEtSMcOvFoYnYGTppEd+eAn8pbyTX9aL6k= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-yw1-x1134.google.com with SMTP id 00721157ae682-5afa5dbc378so53181757b3.0 for ; Mon, 06 Nov 2023 12:26:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1699302362; x=1699907162; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=esjAsFKyq1qOv7OubaudS7wN9qGWBRX0L7Tv1Wq1oWQ=; b=C8wjjsrRlMPl4rrId60bjyVTnUuky8P2AARgc3nl6i2oFvUgH7C3TmVKnL9CT/xZZf +le0cbKxb0aEx0MInRxyOCxRgR+9v7juKwve4G4uVaH185dUqDPUcyyP5zq4Ja2/ZUih Tu1Rj3cluieeEAhXJjtwSnuEkFHacTW4LgQ9rMb3NE1X4TVdeT4GDaoor6VjZQyxOUUQ X6S+sJ8U5qrPlM7qIsbadISonrPaVDZBZ5G8Ij6K2C5Lt87bhEeiUmrlVzJs3IoqhaTl KIYKK5Fd5gOmO6ATjuivFfch1SKzpG/mCbLmE1xvcbhgeR/BKT1TrliOE/EPs+bqg9+k 1ykA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699302362; x=1699907162; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=esjAsFKyq1qOv7OubaudS7wN9qGWBRX0L7Tv1Wq1oWQ=; b=HXd9e0X3jgiHRN4jic4KFyWTH3ThfGEoWT4YVb8hgPcaUm72TghrjXq7bkjWQ9Wrmf PEp9oYF1CnWvgWdu1CZimQ93pCerOME1eBxvu8osEUXnWe/xYfxplV8inyXNfiKkq9T+ BMPi+RDFmKVEl6Xsi74wr/pHpEiYJQDXE76eCoxtfNw9T4w6+1ds/HXLPY5CVIAJBkpI 9+Ix9S/dXjFM+pmKjS3mGjuSXb65Tl6q9aIorBj7FUc/IqdM0VS2HDrB1NZZU+mrXdz1 dzVEN9DnjecZdAW0l950DK0KrLwQxj4VoVs0PIvDEV13BDvk2NPq4WiLTWZZLYXIiVUZ N95Q== X-Gm-Message-State: AOJu0Ywu796CgAOQJX2gWbO5MhyVHgdKmUahJ2NJLmxjjqEbYqo6kVui tlfUHNwctwR3w3LQjPM8pt2/CovIDh99dCOLEgfFXw== X-Received: by 2002:a81:9b50:0:b0:592:2a17:9d88 with SMTP id s77-20020a819b50000000b005922a179d88mr8132166ywg.47.1699302362213; Mon, 06 Nov 2023 12:26:02 -0800 (PST) Received: from mandiga.. ([2804:1b3:a7c0:a715:c1a0:7281:6384:2ee9]) by smtp.gmail.com with ESMTPSA id ci7-20020a05690c0a8700b005a7b8fddfedsm4707154ywb.41.2023.11.06.12.26.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Nov 2023 12:26:01 -0800 (PST) From: Adhemerval Zanella To: libc-alpha@sourceware.org, Siddhesh Poyarekar Cc: Florian Weimer Subject: [PATCH v3 02/19] elf: Add GLIBC_TUNABLES to unsecvars Date: Mon, 6 Nov 2023 17:25:35 -0300 Message-Id: <20231106202552.3404059-3-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231106202552.3404059-1-adhemerval.zanella@linaro.org> References: <20231106202552.3404059-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org setuid/setgid process now ignores any glibc tunables, and filters out all environment variables that might changes its behavior. This patch also adds GLIBC_TUNABLES, so any spawned process by setuid/setgid processes should set tunable explicitly. Checked on x86_64-linux-gnu. Reviewed-by: Florian Weimer Reviewed-by: Siddhesh Poyarekar --- elf/tst-env-setuid-tunables.c | 32 ++++---------------------------- sysdeps/generic/unsecvars.h | 1 + 2 files changed, 5 insertions(+), 28 deletions(-) diff --git a/elf/tst-env-setuid-tunables.c b/elf/tst-env-setuid-tunables.c index f0b92c97e7..2603007b7b 100644 --- a/elf/tst-env-setuid-tunables.c +++ b/elf/tst-env-setuid-tunables.c @@ -60,45 +60,21 @@ const char *teststrings[] = "glibc.not_valid.check=2", }; -const char *resultstrings[] = -{ - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.perturb=0x800", - "glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096", - "glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096", - "", - "", - "", - "", - "", - "", - "", -}; - static int test_child (int off) { const char *val = getenv ("GLIBC_TUNABLES"); + int ret = 1; printf (" [%d] GLIBC_TUNABLES is %s\n", off, val); fflush (stdout); - if (val != NULL && strcmp (val, resultstrings[off]) == 0) - return 0; - if (val != NULL) - printf (" [%d] Unexpected GLIBC_TUNABLES VALUE %s, expected %s\n", - off, val, resultstrings[off]); + printf (" [%d] Unexpected GLIBC_TUNABLES VALUE %s\n", off, val); else - printf (" [%d] GLIBC_TUNABLES environment variable absent\n", off); - + ret = 0; fflush (stdout); - return 1; + return ret; } static int diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h index 8278c50a84..81397fb90b 100644 --- a/sysdeps/generic/unsecvars.h +++ b/sysdeps/generic/unsecvars.h @@ -4,6 +4,7 @@ #define UNSECURE_ENVVARS \ "GCONV_PATH\0" \ "GETCONF_DIR\0" \ + "GLIBC_TUNABLES\0" \ "HOSTALIASES\0" \ "LD_AUDIT\0" \ "LD_DEBUG\0" \