GNU C Library master sources branch, fedora/2.11/master, updated. fedora/glibc-2.11.2-1-10-g55a1694

schwab@sourceware.org schwab@sourceware.org
Fri Oct 22 17:48:00 GMT 2010


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, fedora/2.11/master has been updated
       via  55a16942705d2ad448196c90fd0bbe90826f1b67 (commit)
       via  351265a2f039d61ecec740f10fc4f63de98ef3f2 (commit)
      from  232b9ad51c023e55d3c726adc0da754db26ea2b2 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=55a16942705d2ad448196c90fd0bbe90826f1b67

commit 55a16942705d2ad448196c90fd0bbe90826f1b67
Author: Andreas Schwab <schwab@redhat.com>
Date:   Fri Oct 22 14:15:40 2010 +0200

    2.11.2-3

diff --git a/fedora/glibc.spec.in b/fedora/glibc.spec.in
index abafe75..b334189 100644
--- a/fedora/glibc.spec.in
+++ b/fedora/glibc.spec.in
@@ -25,7 +25,7 @@
 Summary: The GNU libc libraries
 Name: glibc
 Version: %{glibcversion}
-Release: 2
+Release: 3
 # GPLv2+ is used in a bunch of programs, LGPLv2+ is used for libraries.
 # Things that are linked directly into dynamically linked programs
 # and shared libraries (e.g. crt files, lib*_nonshared.a) have an additional
@@ -1034,6 +1034,9 @@ rm -f *.filelist*
 %endif
 
 %changelog
+* Fri Oct 22 2010 Andreas Schwab <schwab@redhat.com> - 2.11.2-3
+- Require suid bit on audit objects in privileged programs (CVE-2010-3856)
+
 * Thu Oct 21 2010 Andreas Schwab <schwab@redhat.com> - 2.11.2-2
 - Update from 2.11 branch
   - Correct x86 CPU family and model check (BZ#11640, #596554)

http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=351265a2f039d61ecec740f10fc4f63de98ef3f2

commit 351265a2f039d61ecec740f10fc4f63de98ef3f2
Author: Andreas Schwab <schwab@redhat.com>
Date:   Fri Oct 22 12:42:40 2010 +0200

    Require suid bit on audit objects in privileged programs

diff --git a/ChangeLog b/ChangeLog
index 690f7aa..0e1306e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2010-10-22  Andreas Schwab  <schwab@redhat.com>
+
+	* include/dlfcn.h (__RTLD_SECURE): Define.
+	* elf/dl-load.c (_dl_map_object): Remove preloaded parameter.  Use
+	mode & __RTLD_SECURE instead.
+	(open_path): Remove preloaded parameter to secure.
+	* sysdeps/generic/ldsodefs.h (_dl_map_object): Adjust declaration.
+	* elf/dl-open.c (dl_open_worker): Adjust call to _dl_map_object.
+	* elf/dl-deps.c (openaux): Likewise.
+	* elf/rtld.c (struct map_args): Remove is_preloaded.
+	(map_doit): Don't use it.
+	(dl_main): Likewise.
+	(do_preload): Use __RTLD_SECURE instead of is_preloaded.
+	(dlmopen_doit): Add __RTLD_SECURE to mode bits.
+
 2010-10-18  Andreas Schwab  <schwab@redhat.com>
 
 	* elf/dl-load.c (is_dst): Remove last parameter.
diff --git a/elf/dl-deps.c b/elf/dl-deps.c
index 34c6024..7191508 100644
--- a/elf/dl-deps.c
+++ b/elf/dl-deps.c
@@ -62,7 +62,7 @@ openaux (void *a)
 {
   struct openaux_args *args = (struct openaux_args *) a;
 
-  args->aux = _dl_map_object (args->map, args->name, 0,
+  args->aux = _dl_map_object (args->map, args->name,
 			      (args->map->l_type == lt_executable
 			       ? lt_library : args->map->l_type),
 			      args->trace_mode, args->open_mode,
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 7115c68..fa82118 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -1798,7 +1798,7 @@ open_verify (const char *name, struct filebuf *fbp, struct link_map *loader,
    if MAY_FREE_DIRS is true.  */
 
 static int
-open_path (const char *name, size_t namelen, int preloaded,
+open_path (const char *name, size_t namelen, int secure,
 	   struct r_search_path_struct *sps, char **realname,
 	   struct filebuf *fbp, struct link_map *loader, int whatcode,
 	   bool *found_other_class)
@@ -1880,7 +1880,7 @@ open_path (const char *name, size_t namelen, int preloaded,
 	  /* Remember whether we found any existing directory.  */
 	  here_any |= this_dir->status[cnt] != nonexisting;
 
-	  if (fd != -1 && __builtin_expect (preloaded, 0)
+	  if (fd != -1 && __builtin_expect (secure, 0)
 	      && INTUSE(__libc_enable_secure))
 	    {
 	      /* This is an extra security effort to make sure nobody can
@@ -1949,7 +1949,7 @@ open_path (const char *name, size_t namelen, int preloaded,
 
 struct link_map *
 internal_function
-_dl_map_object (struct link_map *loader, const char *name, int preloaded,
+_dl_map_object (struct link_map *loader, const char *name,
 		int type, int trace_mode, int mode, Lmid_t nsid)
 {
   int fd;
@@ -2053,7 +2053,8 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
 	  for (l = loader; l; l = l->l_loader)
 	    if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
 	      {
-		fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs,
+		fd = open_path (name, namelen, mode & __RTLD_SECURE,
+				&l->l_rpath_dirs,
 				&realname, &fb, loader, LA_SER_RUNPATH,
 				&found_other_class);
 		if (fd != -1)
@@ -2068,14 +2069,15 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
 	      && main_map != NULL && main_map->l_type != lt_loaded
 	      && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH,
 			      "RPATH"))
-	    fd = open_path (name, namelen, preloaded, &main_map->l_rpath_dirs,
+	    fd = open_path (name, namelen, mode & __RTLD_SECURE,
+			    &main_map->l_rpath_dirs,
 			    &realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
 			    &found_other_class);
 	}
 
       /* Try the LD_LIBRARY_PATH environment variable.  */
       if (fd == -1 && env_path_list.dirs != (void *) -1)
-	fd = open_path (name, namelen, preloaded, &env_path_list,
+	fd = open_path (name, namelen, mode & __RTLD_SECURE, &env_path_list,
 			&realname, &fb,
 			loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded,
 			LA_SER_LIBPATH, &found_other_class);
@@ -2084,12 +2086,12 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
       if (fd == -1 && loader != NULL
 	  && cache_rpath (loader, &loader->l_runpath_dirs,
 			  DT_RUNPATH, "RUNPATH"))
-	fd = open_path (name, namelen, preloaded,
+	fd = open_path (name, namelen, mode & __RTLD_SECURE,
 			&loader->l_runpath_dirs, &realname, &fb, loader,
 			LA_SER_RUNPATH, &found_other_class);
 
       if (fd == -1
-	  && (__builtin_expect (! preloaded, 1)
+	  && (__builtin_expect (! (mode & __RTLD_SECURE), 1)
 	      || ! INTUSE(__libc_enable_secure)))
 	{
 	  /* Check the list of libraries in the file /etc/ld.so.cache,
@@ -2155,7 +2157,7 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
 	  && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL
 	      || __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1))
 	  && rtld_search_dirs.dirs != (void *) -1)
-	fd = open_path (name, namelen, preloaded, &rtld_search_dirs,
+	fd = open_path (name, namelen, mode & __RTLD_SECURE, &rtld_search_dirs,
 			&realname, &fb, l, LA_SER_DEFAULT, &found_other_class);
 
       /* Add another newline when we are tracing the library loading.  */
diff --git a/elf/dl-open.c b/elf/dl-open.c
index e920c77..2d3932f 100644
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -251,7 +251,7 @@ dl_open_worker (void *a)
 
   /* Load the named object.  */
   struct link_map *new;
-  args->map = new = _dl_map_object (call_map, file, 0, lt_loaded, 0,
+  args->map = new = _dl_map_object (call_map, file, lt_loaded, 0,
 				    mode | __RTLD_CALLMAP, args->nsid);
 
   /* If the pointer returned is NULL this means the RTLD_NOLOAD flag is
diff --git a/elf/rtld.c b/elf/rtld.c
index 55b84c3..5b7eabc 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -588,7 +588,6 @@ struct map_args
   /* Argument to map_doit.  */
   char *str;
   struct link_map *loader;
-  int is_preloaded;
   int mode;
   /* Return value of map_doit.  */
   struct link_map *map;
@@ -626,16 +625,17 @@ static void
 map_doit (void *a)
 {
   struct map_args *args = (struct map_args *) a;
-  args->map = _dl_map_object (args->loader, args->str,
-			      args->is_preloaded, lt_library, 0, args->mode,
-			      LM_ID_BASE);
+  args->map = _dl_map_object (args->loader, args->str, lt_library, 0,
+			      args->mode, LM_ID_BASE);
 }
 
 static void
 dlmopen_doit (void *a)
 {
   struct dlmopen_args *args = (struct dlmopen_args *) a;
-  args->map = _dl_open (args->fname, RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT,
+  args->map = _dl_open (args->fname,
+			(RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT
+			 | __RTLD_SECURE),
 			dl_main, LM_ID_NEWLM, _dl_argc, INTUSE(_dl_argv),
 			__environ);
 }
@@ -805,8 +805,7 @@ do_preload (char *fname, struct link_map *main_map, const char *where)
 
   args.str = fname;
   args.loader = main_map;
-  args.is_preloaded = 1;
-  args.mode = 0;
+  args.mode = __RTLD_SECURE;
 
   unsigned int old_nloaded = GL(dl_ns)[LM_ID_BASE]._ns_nloaded;
 
@@ -1052,7 +1051,6 @@ of this helper program; chances are you did not intend to run this program.\n\
 
 	  args.str = rtld_progname;
 	  args.loader = NULL;
-	  args.is_preloaded = 0;
 	  args.mode = __RTLD_OPENEXEC;
 	  (void) _dl_catch_error (&objname, &err_str, &malloced, map_doit,
 				  &args);
@@ -1064,7 +1062,7 @@ of this helper program; chances are you did not intend to run this program.\n\
       else
 	{
 	  HP_TIMING_NOW (start);
-	  _dl_map_object (NULL, rtld_progname, 0, lt_library, 0,
+	  _dl_map_object (NULL, rtld_progname, lt_library, 0,
 			  __RTLD_OPENEXEC, LM_ID_BASE);
 	  HP_TIMING_NOW (stop);
 
diff --git a/include/dlfcn.h b/include/dlfcn.h
index a67426d..af92483 100644
--- a/include/dlfcn.h
+++ b/include/dlfcn.h
@@ -9,6 +9,7 @@
 #define __RTLD_OPENEXEC	0x20000000
 #define __RTLD_CALLMAP	0x10000000
 #define __RTLD_AUDIT	0x08000000
+#define __RTLD_SECURE	0x04000000 /* Apply additional security checks.  */
 
 #define __LM_ID_CALLER	-2
 
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index e18e60f..707e859 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -820,11 +820,9 @@ extern void _dl_receive_error (receiver_fct fct, void (*operate) (void *),
 
 /* Open the shared object NAME and map in its segments.
    LOADER's DT_RPATH is used in searching for NAME.
-   If the object is already opened, returns its existing map.
-   For preloaded shared objects PRELOADED is set to a non-zero
-   value to allow additional security checks.  */
+   If the object is already opened, returns its existing map.  */
 extern struct link_map *_dl_map_object (struct link_map *loader,
-					const char *name, int preloaded,
+					const char *name,
 					int type, int trace_mode, int mode,
 					Lmid_t nsid)
      internal_function attribute_hidden;

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                  |   15 +++++++++++++++
 elf/dl-deps.c              |    2 +-
 elf/dl-load.c              |   20 +++++++++++---------
 elf/dl-open.c              |    2 +-
 elf/rtld.c                 |   16 +++++++---------
 fedora/glibc.spec.in       |    5 ++++-
 include/dlfcn.h            |    1 +
 sysdeps/generic/ldsodefs.h |    6 ++----
 8 files changed, 42 insertions(+), 25 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources



More information about the Glibc-cvs mailing list