+2014-10-10 Joseph Myers <joseph@codesourcery.com>
+
+ [BZ #14132]
+ * elf/dl-sysdep.c (__libc_enable_secure): Use rtld_hidden_data_def
+ instead of INTVARDEF.
+ (_dl_sysdep_start): Do not use INTUSE with __libc_enable_secure.
+ * sysdeps/mach/hurd/dl-sysdep.c (__libc_enable_secure): Use
+ rtld_hidden_data_def instead of INTVARDEF.
+ (_dl_sysdep_start): Do not use INTUSE with __libc_enable_secure.
+ * elf/dl-deps.c (expand_dst): Likewise.
+ * elf/dl-load.c (_dl_dst_count): Likewise.
+ (_dl_dst_substitute): Likewise.
+ (decompose_rpath): Likewise.
+ (_dl_init_paths): Likewise.
+ (open_path): Likewise.
+ (_dl_map_object): Likewise.
+ * elf/rtld.c (dl_main): Likewise.
+ (process_dl_audit): Likewise.
+ (process_envvars): Likewise.
+ * include/unistd.h [IS_IN_rtld] (__libc_enable_secure_internal):
+ Remove declaration.
+ (__libc_enable_secure): Use rtld_hidden_proto.
+
2014-10-09 Kostya Serebryany <konstantin.s.serebryany@gmail.com>
* elf/dl-load.c
char *__newp; \
\
/* DST must not appear in SUID/SGID programs. */ \
- if (INTUSE(__libc_enable_secure)) \
+ if (__libc_enable_secure) \
_dl_signal_error (0, __str, NULL, N_("\
DST not allowed in SUID/SGID programs")); \
\
is $ORIGIN alone) and it must always appear first in path. */
++name;
if ((len = is_dst (start, name, "ORIGIN", is_path,
- INTUSE(__libc_enable_secure))) != 0
+ __libc_enable_secure)) != 0
|| (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
|| (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
++cnt;
++name;
if ((len = is_dst (start, name, "ORIGIN", is_path,
- INTUSE(__libc_enable_secure))) != 0)
+ __libc_enable_secure)) != 0)
{
repl = l->l_origin;
- check_for_trusted = (INTUSE(__libc_enable_secure)
+ check_for_trusted = (__libc_enable_secure
&& l->l_type == lt_executable);
}
else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
/* First see whether we must forget the RUNPATH and RPATH from this
object. */
if (__glibc_unlikely (GLRO(dl_inhibit_rpath) != NULL)
- && !INTUSE(__libc_enable_secure))
+ && !__libc_enable_secure)
{
const char *inhp = GLRO(dl_inhibit_rpath);
}
(void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
- INTUSE(__libc_enable_secure), "LD_LIBRARY_PATH",
+ __libc_enable_secure, "LD_LIBRARY_PATH",
NULL, l);
if (env_path_list.dirs[0] == NULL)
here_any |= this_dir->status[cnt] != nonexisting;
if (fd != -1 && __glibc_unlikely (mode & __RTLD_SECURE)
- && INTUSE(__libc_enable_secure))
+ && __libc_enable_secure)
{
/* This is an extra security effort to make sure nobody can
preload broken shared objects which are in the trusted
#ifdef USE_LDCONFIG
if (fd == -1
&& (__glibc_likely ((mode & __RTLD_SECURE) == 0)
- || ! INTUSE(__libc_enable_secure))
+ || ! __libc_enable_secure)
&& __glibc_likely (GLRO(dl_inhibit_cache) == 0))
{
/* Check the list of libraries in the file /etc/ld.so.cache,
ElfW(Addr) _dl_base_addr;
#endif
int __libc_enable_secure attribute_relro = 0;
-INTVARDEF(__libc_enable_secure)
+rtld_hidden_data_def (__libc_enable_secure)
int __libc_multiple_libcs = 0; /* Defining this here avoids the inclusion
of init-first. */
/* This variable contains the lowest stack address ever used. */
#ifndef HAVE_AUX_SECURE
seen = -1;
#endif
- INTUSE(__libc_enable_secure) = av->a_un.a_val;
+ __libc_enable_secure = av->a_un.a_val;
break;
case AT_PLATFORM:
GLRO(dl_platform) = (void *) av->a_un.a_val;
/* If one of the two pairs of IDs does not match this is a setuid
or setgid run. */
- INTUSE(__libc_enable_secure) = uid | gid;
+ __libc_enable_secure = uid | gid;
}
#endif
/* If this is a SUID program we make sure that FDs 0, 1, and 2 are
allocated. If necessary we are doing it ourself. If it is not
possible we stop the program. */
- if (__builtin_expect (INTUSE(__libc_enable_secure), 0))
+ if (__builtin_expect (__libc_enable_secure, 0))
__libc_check_standard_fds ();
(*dl_main) (phdr, phnum, &user_entry, GLRO(dl_auxv));
/* Prevent optimizing strsep. Speed is not important here. */
while ((p = (strsep) (&list, " :")) != NULL)
if (p[0] != '\0'
- && (__builtin_expect (! INTUSE(__libc_enable_secure), 1)
+ && (__builtin_expect (! __libc_enable_secure, 1)
|| strchr (p, '/') == NULL))
npreloads += do_preload (p, main_map, "LD_PRELOAD");
while ((p = (strsep) (&str, ":")) != NULL)
if (p[0] != '\0'
- && (__builtin_expect (! INTUSE(__libc_enable_secure), 1)
+ && (__builtin_expect (! __libc_enable_secure, 1)
|| strchr (p, '/') == NULL))
{
/* This is using the local malloc, not the system malloc. The
/* This is the default place for profiling data file. */
GLRO(dl_profile_output)
- = &"/var/tmp\0/var/profile"[INTUSE(__libc_enable_secure) ? 9 : 0];
+ = &"/var/tmp\0/var/profile"[__libc_enable_secure ? 9 : 0];
while ((envline = _dl_next_ld_env_entry (&runp)) != NULL)
{
case 9:
/* Test whether we want to see the content of the auxiliary
array passed up from the kernel. */
- if (!INTUSE(__libc_enable_secure)
+ if (!__libc_enable_secure
&& memcmp (envline, "SHOW_AUXV", 9) == 0)
_dl_show_auxv ();
break;
case 11:
/* Path where the binary is found. */
- if (!INTUSE(__libc_enable_secure)
+ if (!__libc_enable_secure
&& memcmp (envline, "ORIGIN_PATH", 11) == 0)
GLRO(dl_origin_path) = &envline[12];
break;
break;
}
- if (!INTUSE(__libc_enable_secure)
+ if (!__libc_enable_secure
&& memcmp (envline, "DYNAMIC_WEAK", 12) == 0)
GLRO(dl_dynamic_weak) = 1;
break;
#ifdef EXTRA_LD_ENVVARS_13
EXTRA_LD_ENVVARS_13
#endif
- if (!INTUSE(__libc_enable_secure)
+ if (!__libc_enable_secure
&& memcmp (envline, "USE_LOAD_BIAS", 13) == 0)
{
GLRO(dl_use_load_bias) = envline[14] == '1' ? -1 : 0;
case 14:
/* Where to place the profiling data file. */
- if (!INTUSE(__libc_enable_secure)
+ if (!__libc_enable_secure
&& memcmp (envline, "PROFILE_OUTPUT", 14) == 0
&& envline[15] != '\0')
GLRO(dl_profile_output) = &envline[15];
/* Extra security for SUID binaries. Remove all dangerous environment
variables. */
- if (__builtin_expect (INTUSE(__libc_enable_secure), 0))
+ if (__builtin_expect (__libc_enable_secure, 0))
{
static const char unsecure_envvars[] =
#ifdef EXTRA_UNSECURE_ENVVARS
environment variables that normally affect them. */
extern int __libc_enable_secure attribute_relro;
extern int __libc_enable_secure_decided;
-#ifdef IS_IN_rtld
-/* XXX The #ifdef should go. */
-extern int __libc_enable_secure_internal attribute_relro attribute_hidden;
-#endif
+rtld_hidden_proto (__libc_enable_secure)
/* Various internal function. */
extern char **_environ;
int __libc_enable_secure = 0;
-INTVARDEF(__libc_enable_secure)
+rtld_hidden_data_def (__libc_enable_secure)
int __libc_multiple_libcs = 0; /* Defining this here avoids the inclusion
of init-first. */
/* This variable contains the lowest stack address ever used. */
else
_dl_hurd_data = (void *) p;
- INTUSE(__libc_enable_secure) = _dl_hurd_data->flags & EXEC_SECURE;
+ __libc_enable_secure = _dl_hurd_data->flags & EXEC_SECURE;
if (_dl_hurd_data->flags & EXEC_STACK_ARGS &&
_dl_hurd_data->user_entry == 0)
environment list.
We use memmove, since the locations might overlap. */
- if (INTUSE(__libc_enable_secure) || _dl_skip_args)
+ if (__libc_enable_secure || _dl_skip_args)
{
char **newp;
git://sourceware.org / glibc.git / commitdiff