This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

PING^2 [PATCH] Call _dl_open_check after relocation is finished [BZ #24259]

From: "H.J. Lu" <hjl dot tools at gmail dot com>
To: Florian Weimer <fweimer at redhat dot com>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Wed, 26 Jun 2019 09:57:02 -0700
Subject: PING^2 [PATCH] Call _dl_open_check after relocation is finished [BZ #24259]
References: <20190224160159.1804-1-hjl.tools@gmail.com> <87bm2qls3q.fsf@oldenburg2.str.redhat.com> <CAMe9rOqww4-uakE2GNYEndUm32y37c3B-tpUoyJSo_hzN5R81g@mail.gmail.com> <877eddifpg.fsf@oldenburg2.str.redhat.com> <CAMe9rOpwxNNzfVrj1O77i4NQW76e7U4EkySjzmpaZKWaaEMpNA@mail.gmail.com>

On Tue, Apr 9, 2019 at 3:56 PM H.J. Lu <hjl.tools@gmail.com> wrote:
>
> On Tue, Mar 5, 2019 at 6:00 AM Florian Weimer <fweimer@redhat.com> wrote:
> >
> > * H. J. Lu:
> >
> > >> If you report the error at this, doesn't this mean the object is still
> > >> around and in a bad state?  This looks related to this bug:
> > >
> > > Yes.
> > >
> > >>   <https://sourceware.org/bugzilla/show_bug.cgi?id=20839>
> > >>
> > >> Would the CET bug go away if we got rid after the object without trace
> > >> after a failure in _dl_open_check?
> > >
> > > Yes.
> > >
> > >> I can look into fixing the other bug, but I don't know how hard that's
> > >> going to be.
> >
> > I did that now and the required infrastructure changes are fairly
> > involved.  So I think we should add something that works today.
> >
> > A natural place for the CET compatibility check would be
> > elf_machine_reject_phdr_p (currently used only on MIPS).  This way, we
> > can continue searching for a CET-compatible library along the search
> > path.
>
> We only want to check it in dlopen path.  A legacy shared library can
> loaded before main () and shadow stack will be disabled.
>
> > >> > diff --git a/sysdeps/x86/tst-cet-legacy-5.c b/sysdeps/x86/tst-cet-legacy-5.c
> > >> > new file mode 100644
> > >> > index 0000000000..fbf640f664
> > >> > --- /dev/null
> > >> > +++ b/sysdeps/x86/tst-cet-legacy-5.c
> > >>
> > >> > +static void
> > >> > +do_test_1 (const char *modname, bool fail)
> > >> > +{
> > >> > +  int (*fp) (void);
> > >> > +  void *h;
> > >> > +
> > >> > +  h = dlopen (modname, RTLD_LAZY);
> > >> > +  if (h == NULL)
> > >> > +    {
> > >> > +      if (fail)
> > >> > +     {
> > >> > +       const char *err = dlerror ();
> > >> > +       if (strstr (err, "shadow stack isn't enabled") == NULL)
> > >> > +         {
> > >> > +           printf ("incorrect dlopen '%s' error: %s\n", modname,
> > >> > +                   dlerror ());
> > >> > +           exit (1);
> > >> > +         }
> > >> > +
> > >> > +       return;
> > >> > +     }
> > >>
> > >> Is the return supposed to be taken if running on non-CET hardware?  I'm
> > >> looking for the UNSUPPORTED case.
> > >
> > > This path is taken only on CET hardware.  For non-CET hardware, 'h' shouldn't
> > > be NULL.
> >
> > Please add logging to the test for the unsupported case, so that the aim
> > of the test is clearer and when it fails to achieve its objective.
> >
>
> The tests should run on CET/non-CET kernel/processor.    Here is
> the updated patch with FAIL_EXIT1.
>
> OK for master?
>

PING:

https://sourceware.org/ml/libc-alpha/2019-04/msg00228.html

-- 
H.J.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]