Tree - rpms/glibc - CentOS Git server

olga / rpms / glibc

Forked from rpms/glibc 5 years ago

Source
Stats

Files

Commit: 2569bea5e4262a8ae5f07f090c17c4d145c4d73f

Blob Blame History Raw

 From a014cecd82b71b70a6a843e250e06b541ad524f7 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 15 Oct 2015 09:23:07 +0200
Subject: [PATCH] Always enable pointer guard [BZ #18928]
 
Honoring the LD_POINTER_GUARD environment variable in AT_SECURE mode
has security implications.  This commit enables pointer guard
unconditionally, and the environment variable is now ignored.
 
        [BZ #18928]
        * sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Remove
        _dl_pointer_guard member.
        * elf/rtld.c (_rtld_global_ro): Remove _dl_pointer_guard
        initializer.
        (security_init): Always set up pointer guard.
        (process_envvars): Do not process LD_POINTER_GUARD.
 
diff -rup a/elf/rtld.c b/elf/rtld.c
--- a/elf/rtld.c	2017-03-06 14:38:55.000000000 -0500
+++ b/elf/rtld.c	2017-03-06 14:41:19.502556336 -0500
@@ -160,7 +160,6 @@ struct rtld_global_ro _rtld_global_ro at
     ._dl_hwcap_mask = HWCAP_IMPORTANT,
     ._dl_lazy = 1,
     ._dl_fpu_control = _FPU_DEFAULT,
-    ._dl_pointer_guard = 1,
     ._dl_pagesize = EXEC_PAGESIZE,
     ._dl_inhibit_cache = 0,
 
@@ -844,15 +843,12 @@ security_init (void)
 #endif
 
   /* Set up the pointer guard as well, if necessary.  */
-  if (GLRO(dl_pointer_guard))
-    {
-      uintptr_t pointer_chk_guard = _dl_setup_pointer_guard (_dl_random,
-							     stack_chk_guard);
+  uintptr_t pointer_chk_guard
+    = _dl_setup_pointer_guard (_dl_random, stack_chk_guard);
 #ifdef THREAD_SET_POINTER_GUARD
-      THREAD_SET_POINTER_GUARD (pointer_chk_guard);
+  THREAD_SET_POINTER_GUARD (pointer_chk_guard);
 #endif
-      __pointer_chk_guard_local = pointer_chk_guard;
-    }
+  __pointer_chk_guard_local = pointer_chk_guard;
 
   /* We do not need the _dl_random value anymore.  The less
      information we leave behind, the better, so clear the
@@ -2599,9 +2595,6 @@ process_envvars (enum mode *modep)
 	      GLRO(dl_use_load_bias) = envline[14] == '1' ? -1 : 0;
 	      break;
 	    }
-
-	  if (memcmp (envline, "POINTER_GUARD", 13) == 0)
-	    GLRO(dl_pointer_guard) = envline[14] != '0';
 	  break;
 
 	case 14:
diff -rup a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
--- a/sysdeps/generic/ldsodefs.h	2017-03-06 14:38:57.000000000 -0500
+++ b/sysdeps/generic/ldsodefs.h	2017-03-06 14:41:19.506556361 -0500
@@ -588,9 +588,6 @@ struct rtld_global_ro
   /* List of auditing interfaces.  */
   struct audit_ifaces *_dl_audit;
   unsigned int _dl_naudit;
-
-  /* 0 if internal pointer values should not be guarded, 1 if they should.  */
-  EXTERN int _dl_pointer_guard;
 };
 # define __rtld_global_attribute__
 # if IS_IN (rtld)

	From a014cecd82b71b70a6a843e250e06b541ad524f7 Mon Sep 17 00:00:00 2001
	From: Florian Weimer <fweimer@redhat.com>
	Date: Thu, 15 Oct 2015 09:23:07 +0200
	Subject: [PATCH] Always enable pointer guard [BZ #18928]

	Honoring the LD_POINTER_GUARD environment variable in AT_SECURE mode
	has security implications. This commit enables pointer guard
	unconditionally, and the environment variable is now ignored.

	[BZ #18928]
	* sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Remove
	_dl_pointer_guard member.
	* elf/rtld.c (_rtld_global_ro): Remove _dl_pointer_guard
	initializer.
	(security_init): Always set up pointer guard.
	(process_envvars): Do not process LD_POINTER_GUARD.

	diff -rup a/elf/rtld.c b/elf/rtld.c
	--- a/elf/rtld.c 2017-03-06 14:38:55.000000000 -0500
	+++ b/elf/rtld.c 2017-03-06 14:41:19.502556336 -0500
	@@ -160,7 +160,6 @@ struct rtld_global_ro _rtld_global_ro at
	._dl_hwcap_mask = HWCAP_IMPORTANT,
	._dl_lazy = 1,
	._dl_fpu_control = _FPU_DEFAULT,
	- ._dl_pointer_guard = 1,
	._dl_pagesize = EXEC_PAGESIZE,
	._dl_inhibit_cache = 0,

	@@ -844,15 +843,12 @@ security_init (void)
	#endif

	/* Set up the pointer guard as well, if necessary. */
	- if (GLRO(dl_pointer_guard))
	- {
	- uintptr_t pointer_chk_guard = _dl_setup_pointer_guard (_dl_random,
	- stack_chk_guard);
	+ uintptr_t pointer_chk_guard
	+ = _dl_setup_pointer_guard (_dl_random, stack_chk_guard);
	#ifdef THREAD_SET_POINTER_GUARD
	- THREAD_SET_POINTER_GUARD (pointer_chk_guard);
	+ THREAD_SET_POINTER_GUARD (pointer_chk_guard);
	#endif
	- __pointer_chk_guard_local = pointer_chk_guard;
	- }
	+ __pointer_chk_guard_local = pointer_chk_guard;

	/* We do not need the _dl_random value anymore. The less
	information we leave behind, the better, so clear the
	@@ -2599,9 +2595,6 @@ process_envvars (enum mode *modep)
	GLRO(dl_use_load_bias) = envline[14] == '1' ? -1 : 0;
	break;
	}
	-
	- if (memcmp (envline, "POINTER_GUARD", 13) == 0)
	- GLRO(dl_pointer_guard) = envline[14] != '0';
	break;

	case 14:
	diff -rup a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
	--- a/sysdeps/generic/ldsodefs.h 2017-03-06 14:38:57.000000000 -0500
	+++ b/sysdeps/generic/ldsodefs.h 2017-03-06 14:41:19.506556361 -0500
	@@ -588,9 +588,6 @@ struct rtld_global_ro
	/* List of auditing interfaces. */
	struct audit_ifaces *_dl_audit;
	unsigned int _dl_naudit;
	-
	- /* 0 if internal pointer values should not be guarded, 1 if they should. */
	- EXTERN int _dl_pointer_guard;
	};
	# define __rtld_global_attribute__
	# if IS_IN (rtld)

olga / rpms / glibc

Source Code

Files