This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
RE: Create a hook for inspecting program headers during library load
- From: Matthew Fortune <Matthew dot Fortune at imgtec dot com>
- To: Roland McGrath <roland at hack dot frob dot com>
- Cc: "libc-alpha at sourceware dot org" <libc-alpha at sourceware dot org>, "Joseph Myers (joseph at codesourcery dot com)" <joseph at codesourcery dot com>, Will Newton <will dot newton at linaro dot org>
- Date: Tue, 14 Oct 2014 21:42:12 +0000
- Subject: RE: Create a hook for inspecting program headers during library load
- Authentication-results: sourceware.org; auth=none
- References: <6D39441BF12EF246A7ABCE6654B0235320F18A1B at LEMAIL01 dot le dot imgtec dot org> <20141001214949 dot 239022C3AAD at topped-with-meat dot com> <6D39441BF12EF246A7ABCE6654B0235320F18CA4 at LEMAIL01 dot le dot imgtec dot org> <20141001230906 dot 9B9852C3AAA at topped-with-meat dot com> <6D39441BF12EF246A7ABCE6654B0235320F1971F at LEMAIL01 dot le dot imgtec dot org> <CANu=DmjjOqGP_35hEBjGHzniPPHqagfBvPam==YCuV5iUo9fOw at mail dot gmail dot com> <6D39441BF12EF246A7ABCE6654B0235320F197DF at LEMAIL01 dot le dot imgtec dot org> <6D39441BF12EF246A7ABCE6654B0235320F199DC at LEMAIL01 dot le dot imgtec dot org> <20141003183255 dot 153452C3AB6 at topped-with-meat dot com>
Hi Roland,
An updated version of this patch is below which should address all of your
comments. It took some time as I have been reworking the MIPS
implementation and wanted to make sure that didn't impact the definition
of the hook.
Thanks,
Matthew
* elf/dl-machine-reject-phdr.h: New file.
* elf/dl-load.c: #include that.
(open_verify): Call elf_machine_reject_phdr_p and ignore the file
if that returned true.
---
elf/dl-load.c | 6 ++++++
elf/dl-machine-reject-phdr.h | 34 ++++++++++++++++++++++++++++++++++
2 files changed, 40 insertions(+)
create mode 100644 elf/dl-machine-reject-phdr.h
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 9dd40e3..ee3c425 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -41,6 +41,7 @@
#include <dl-load.h>
#include <dl-map-segments.h>
#include <dl-unmap-segments.h>
+#include <dl-machine-reject-phdr.h>
#include <endian.h>
@@ -1697,6 +1698,11 @@ open_verify (const char *name, struct filebuf *fbp, struct link_map *loader,
}
}
+ if (__glibc_unlikely (elf_machine_reject_phdr_p
+ (phdr, ehdr->e_phnum, fbp->buf, fbp->len,
+ loader, fd)))
+ goto close_and_out;
+
/* Check .note.ABI-tag if present. */
for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph)
if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4)
diff --git a/elf/dl-machine-reject-phdr.h b/elf/dl-machine-reject-phdr.h
new file mode 100644
index 0000000..d110a32
--- /dev/null
+++ b/elf/dl-machine-reject-phdr.h
@@ -0,0 +1,34 @@
+/* Machine-dependent program header inspection for the ELF loader.
+ Copyright (C) 2014 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _DL_MACHINE_REJECT_PHDR_H
+#define _DL_MACHINE_REJECT_PHDR_H 1
+
+#include <stdbool.h>
+
+/* Return true iff ELF program headers are incompatible with the running
+ host. */
+static inline bool
+elf_machine_reject_phdr_p (const ElfW(Phdr) *phdr, uint_fast16_t phnum,
+ const char *buf, size_t len, struct link_map *map,
+ int fd)
+{
+ return false;
+}
+
+#endif /* dl-machine-reject-phdr.h */
--
1.9.4