a8db42ba53
Upstream commit: 71326f1f2fd09dafb9c34404765fb88129e94237 - nptl: Fix pthread_cancel cancelhandling atomic operations - mips: Fix mips64n32 64 bit time_t stat support (BZ#29069) - hurd: Fix arbitrary error code - nptl: Handle spurious EINTR when thread cancellation is disabled (BZ#29029) - S390: Add new s390 platform z16. - NEWS: Update fixed bug list for LD_AUDIT backports. - hppa: Fix bind-now audit (BZ #28857) - elf: Replace tst-audit24bmod2.so with tst-audit24bmod2 - Fix elf/tst-audit25a with default bind now toolchains - elf: Fix runtime linker auditing on aarch64 (BZ #26643) - elf: Issue la_symbind for bind-now (BZ #23734) - elf: Fix initial-exec TLS access on audit modules (BZ #28096) - elf: Add la_activity during application exit - elf: Do not fail for failed dlmopen on audit modules (BZ #28061) - elf: Issue audit la_objopen for vDSO - elf: Add audit tests for modules with TLSDESC - elf: Avoid unnecessary slowdown from profiling with audit (BZ#15533) - elf: Add _dl_audit_pltexit - elf: Add _dl_audit_pltenter - elf: Add _dl_audit_preinit - elf: Add _dl_audit_symbind_alt and _dl_audit_symbind - elf: Add _dl_audit_objclose - elf: Add _dl_audit_objsearch - elf: Add _dl_audit_activity_map and _dl_audit_activity_nsid - elf: Add _dl_audit_objopen - elf: Move la_activity (LA_ACT_ADD) after _dl_add_to_namespace_list() (BZ #28062) - elf: Move LAV_CURRENT to link_lavcurrent.h - elf: Fix elf_get_dynamic_info() for bootstrap - elf: Fix dynamic-link.h usage on rtld.c - elf: Fix elf_get_dynamic_info definition - elf: Avoid nested functions in the loader [BZ #27220] - powerpc: Delete unneeded ELF_MACHINE_BEFORE_RTLD_RELOC - hppa: Use END instead of PSEUDO_END in swapcontext.S - hppa: Implement swapcontext in assembler (bug 28960) Reviewed-by: Florian Weimer <fweimer at redhat.com>
207 lines
7.0 KiB
Diff
207 lines
7.0 KiB
Diff
commit fd9c4e8a1b72fa1372855051217f9480680d882a
|
|
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
Date: Thu Jul 22 17:45:33 2021 -0300
|
|
|
|
elf: Add _dl_audit_pltenter
|
|
|
|
It consolidates the code required to call la_pltenter audit
|
|
callback.
|
|
|
|
Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu.
|
|
|
|
Reviewed-by: Florian Weimer <fweimer@redhat.com>
|
|
(cherry picked from commit eff687e8462b0eaf65992a6031b54a4b1cd16796)
|
|
|
|
diff --git a/elf/dl-audit.c b/elf/dl-audit.c
|
|
index 0b6fac8e48877c93..15250c67e8ac1658 100644
|
|
--- a/elf/dl-audit.c
|
|
+++ b/elf/dl-audit.c
|
|
@@ -17,7 +17,9 @@
|
|
<https://www.gnu.org/licenses/>. */
|
|
|
|
#include <assert.h>
|
|
+#include <link.h>
|
|
#include <ldsodefs.h>
|
|
+#include <dl-machine.h>
|
|
|
|
void
|
|
_dl_audit_activity_map (struct link_map *l, int action)
|
|
@@ -243,3 +245,78 @@ _dl_audit_symbind (struct link_map *l, struct reloc_result *reloc_result,
|
|
reloc_result->flags = flags;
|
|
*value = DL_FIXUP_ADDR_VALUE (sym.st_value);
|
|
}
|
|
+
|
|
+void
|
|
+_dl_audit_pltenter (struct link_map *l, struct reloc_result *reloc_result,
|
|
+ DL_FIXUP_VALUE_TYPE *value, void *regs, long int *framesize)
|
|
+{
|
|
+ /* Don't do anything if no auditor wants to intercept this call. */
|
|
+ if (GLRO(dl_naudit) == 0
|
|
+ || (reloc_result->enterexit & LA_SYMB_NOPLTENTER))
|
|
+ return;
|
|
+
|
|
+ /* Sanity check: DL_FIXUP_VALUE_CODE_ADDR (value) should have been
|
|
+ initialized earlier in this function or in another thread. */
|
|
+ assert (DL_FIXUP_VALUE_CODE_ADDR (*value) != 0);
|
|
+ ElfW(Sym) *defsym = ((ElfW(Sym) *) D_PTR (reloc_result->bound,
|
|
+ l_info[DT_SYMTAB])
|
|
+ + reloc_result->boundndx);
|
|
+
|
|
+ /* Set up the sym parameter. */
|
|
+ ElfW(Sym) sym = *defsym;
|
|
+ sym.st_value = DL_FIXUP_VALUE_ADDR (*value);
|
|
+
|
|
+ /* Get the symbol name. */
|
|
+ const char *strtab = (const void *) D_PTR (reloc_result->bound,
|
|
+ l_info[DT_STRTAB]);
|
|
+ const char *symname = strtab + sym.st_name;
|
|
+
|
|
+ /* Keep track of overwritten addresses. */
|
|
+ unsigned int flags = reloc_result->flags;
|
|
+
|
|
+ struct audit_ifaces *afct = GLRO(dl_audit);
|
|
+ for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
|
|
+ {
|
|
+ if (afct->ARCH_LA_PLTENTER != NULL
|
|
+ && (reloc_result->enterexit
|
|
+ & (LA_SYMB_NOPLTENTER << (2 * (cnt + 1)))) == 0)
|
|
+ {
|
|
+ long int new_framesize = -1;
|
|
+ struct auditstate *l_state = link_map_audit_state (l, cnt);
|
|
+ struct auditstate *bound_state
|
|
+ = link_map_audit_state (reloc_result->bound, cnt);
|
|
+ uintptr_t new_value
|
|
+ = afct->ARCH_LA_PLTENTER (&sym, reloc_result->boundndx,
|
|
+ &l_state->cookie, &bound_state->cookie,
|
|
+ regs, &flags, symname, &new_framesize);
|
|
+ if (new_value != (uintptr_t) sym.st_value)
|
|
+ {
|
|
+ flags |= LA_SYMB_ALTVALUE;
|
|
+ sym.st_value = new_value;
|
|
+ }
|
|
+
|
|
+ /* Remember the results for every audit library and store a summary
|
|
+ in the first two bits. */
|
|
+ reloc_result->enterexit |= ((flags & (LA_SYMB_NOPLTENTER
|
|
+ | LA_SYMB_NOPLTEXIT))
|
|
+ << (2 * (cnt + 1)));
|
|
+
|
|
+ if ((reloc_result->enterexit & (LA_SYMB_NOPLTEXIT
|
|
+ << (2 * (cnt + 1))))
|
|
+ == 0 && new_framesize != -1 && *framesize != -2)
|
|
+ {
|
|
+ /* If this is the first call providing information, use it. */
|
|
+ if (*framesize == -1)
|
|
+ *framesize = new_framesize;
|
|
+ /* If two pltenter calls provide conflicting information, use
|
|
+ the larger value. */
|
|
+ else if (new_framesize != *framesize)
|
|
+ *framesize = MAX (new_framesize, *framesize);
|
|
+ }
|
|
+ }
|
|
+
|
|
+ afct = afct->next;
|
|
+ }
|
|
+
|
|
+ *value = DL_FIXUP_ADDR_VALUE (sym.st_value);
|
|
+}
|
|
diff --git a/elf/dl-runtime.c b/elf/dl-runtime.c
|
|
index c4413c9165cec8cb..dfedeaf2dd1c7253 100644
|
|
--- a/elf/dl-runtime.c
|
|
+++ b/elf/dl-runtime.c
|
|
@@ -320,78 +320,7 @@ _dl_profile_fixup (
|
|
#ifdef SHARED
|
|
/* Auditing checkpoint: report the PLT entering and allow the
|
|
auditors to change the value. */
|
|
- if (GLRO(dl_naudit) > 0
|
|
- /* Don't do anything if no auditor wants to intercept this call. */
|
|
- && (reloc_result->enterexit & LA_SYMB_NOPLTENTER) == 0)
|
|
- {
|
|
- /* Sanity check: DL_FIXUP_VALUE_CODE_ADDR (value) should have been
|
|
- initialized earlier in this function or in another thread. */
|
|
- assert (DL_FIXUP_VALUE_CODE_ADDR (value) != 0);
|
|
- ElfW(Sym) *defsym = ((ElfW(Sym) *) D_PTR (reloc_result->bound,
|
|
- l_info[DT_SYMTAB])
|
|
- + reloc_result->boundndx);
|
|
-
|
|
- /* Set up the sym parameter. */
|
|
- ElfW(Sym) sym = *defsym;
|
|
- sym.st_value = DL_FIXUP_VALUE_ADDR (value);
|
|
-
|
|
- /* Get the symbol name. */
|
|
- const char *strtab = (const void *) D_PTR (reloc_result->bound,
|
|
- l_info[DT_STRTAB]);
|
|
- const char *symname = strtab + sym.st_name;
|
|
-
|
|
- /* Keep track of overwritten addresses. */
|
|
- unsigned int flags = reloc_result->flags;
|
|
-
|
|
- struct audit_ifaces *afct = GLRO(dl_audit);
|
|
- for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
|
|
- {
|
|
- if (afct->ARCH_LA_PLTENTER != NULL
|
|
- && (reloc_result->enterexit
|
|
- & (LA_SYMB_NOPLTENTER << (2 * (cnt + 1)))) == 0)
|
|
- {
|
|
- long int new_framesize = -1;
|
|
- struct auditstate *l_state = link_map_audit_state (l, cnt);
|
|
- struct auditstate *bound_state
|
|
- = link_map_audit_state (reloc_result->bound, cnt);
|
|
- uintptr_t new_value
|
|
- = afct->ARCH_LA_PLTENTER (&sym, reloc_result->boundndx,
|
|
- &l_state->cookie,
|
|
- &bound_state->cookie,
|
|
- regs, &flags, symname,
|
|
- &new_framesize);
|
|
- if (new_value != (uintptr_t) sym.st_value)
|
|
- {
|
|
- flags |= LA_SYMB_ALTVALUE;
|
|
- sym.st_value = new_value;
|
|
- }
|
|
-
|
|
- /* Remember the results for every audit library and
|
|
- store a summary in the first two bits. */
|
|
- reloc_result->enterexit
|
|
- |= ((flags & (LA_SYMB_NOPLTENTER | LA_SYMB_NOPLTEXIT))
|
|
- << (2 * (cnt + 1)));
|
|
-
|
|
- if ((reloc_result->enterexit & (LA_SYMB_NOPLTEXIT
|
|
- << (2 * (cnt + 1))))
|
|
- == 0 && new_framesize != -1 && framesize != -2)
|
|
- {
|
|
- /* If this is the first call providing information,
|
|
- use it. */
|
|
- if (framesize == -1)
|
|
- framesize = new_framesize;
|
|
- /* If two pltenter calls provide conflicting information,
|
|
- use the larger value. */
|
|
- else if (new_framesize != framesize)
|
|
- framesize = MAX (new_framesize, framesize);
|
|
- }
|
|
- }
|
|
-
|
|
- afct = afct->next;
|
|
- }
|
|
-
|
|
- value = DL_FIXUP_ADDR_VALUE (sym.st_value);
|
|
- }
|
|
+ _dl_audit_pltenter (l, reloc_result, &value, regs, &framesize);
|
|
#endif
|
|
|
|
/* Store the frame size information. */
|
|
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
|
|
index 91193a036fc5c6ef..ea187dd266f14e06 100644
|
|
--- a/sysdeps/generic/ldsodefs.h
|
|
+++ b/sysdeps/generic/ldsodefs.h
|
|
@@ -1411,6 +1411,10 @@ void _dl_audit_symbind (struct link_map *l, struct reloc_result *reloc_result,
|
|
void _dl_audit_symbind_alt (struct link_map *l, const ElfW(Sym) *ref,
|
|
void **value, lookup_t result);
|
|
rtld_hidden_proto (_dl_audit_symbind_alt)
|
|
+void _dl_audit_pltenter (struct link_map *l, struct reloc_result *reloc_result,
|
|
+ DL_FIXUP_VALUE_TYPE *value, void *regs,
|
|
+ long int *framesize)
|
|
+ attribute_hidden;
|
|
#endif /* SHARED */
|
|
|
|
#if PTHREAD_IN_LIBC && defined SHARED
|