diff options
| author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2025-04-24 12:27:44 -0300 |
|---|---|---|
| committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2025-04-28 10:13:46 -0300 |
| commit | 0c3425942374e72c3bcac28b2578117d36b0f9df (patch) | |
| tree | 34cc4753eec69109e6ff938b7fd1f5d3cf9b12c2 /elf | |
| parent | 4c966c078036abe0e36bd86c9eaeb4501e552977 (diff) | |
nptl: Fix pthread_getattr_np when modules with execstack are allowed (BZ 32897)
The BZ 32653 fix (12a497c716f0a06be5946cabb8c3ec22a079771e) kept the
stack pointer zeroing from make_main_stack_executable on
_dl_make_stack_executable. However, previously the 'stack_endp'
pointed to temporary variable created before the call of
_dl_map_object_from_fd; while now we use the __libc_stack_end
directly.
Since pthread_getattr_np relies on correct __libc_stack_end, if
_dl_make_stack_executable is called (for instance, when
glibc.rtld.execstack=2 is set) __libc_stack_end will be set to zero,
and the call will always fail.
The __libc_stack_end zero was used a mitigation hardening, but since
52a01100ad011293197637e42b5be1a479a2f4ae it is used solely on
pthread_getattr_np code. So there is no point in zeroing anymore.
Checked on x86_64-linux-gnu and i686-linux-gnu.
Reviewed-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'elf')
| -rw-r--r-- | elf/dl-execstack-tunable.c | 2 | ||||
| -rw-r--r-- | elf/dl-execstack.c | 2 | ||||
| -rw-r--r-- | elf/dl-load.c | 4 |
3 files changed, 4 insertions, 4 deletions
diff --git a/elf/dl-execstack-tunable.c b/elf/dl-execstack-tunable.c index 6cef1a3036..e3b638aeaa 100644 --- a/elf/dl-execstack-tunable.c +++ b/elf/dl-execstack-tunable.c @@ -31,7 +31,7 @@ _dl_handle_execstack_tunable (void) break; case stack_tunable_mode_force: - if (_dl_make_stack_executable (&__libc_stack_end) != 0) + if (_dl_make_stack_executable (__libc_stack_end) != 0) _dl_fatal_printf ( "Fatal glibc error: cannot enable executable stack as tunable requires"); break; diff --git a/elf/dl-execstack.c b/elf/dl-execstack.c index e4d7dbe7f8..ceec5b2def 100644 --- a/elf/dl-execstack.c +++ b/elf/dl-execstack.c @@ -23,7 +23,7 @@ so as to mprotect it. */ int -_dl_make_stack_executable (void **stack_endp) +_dl_make_stack_executable (const void *stack_endp) { return ENOSYS; } diff --git a/elf/dl-load.c b/elf/dl-load.c index 6b7e9799f3..bf29ec725d 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -945,7 +945,7 @@ struct link_map * _dl_map_object_from_fd (const char *name, const char *origname, int fd, struct filebuf *fbp, char *realname, struct link_map *loader, int l_type, int mode, - void **stack_endp, Lmid_t nsid) + const void *stack_endp, Lmid_t nsid) { struct link_map *l = NULL; const ElfW(Ehdr) *header; @@ -2181,7 +2181,7 @@ _dl_map_new_object (struct link_map *loader, const char *name, void *stack_end = __libc_stack_end; return _dl_map_object_from_fd (name, origname, fd, &fb, realname, loader, - type, mode, &stack_end, nsid); + type, mode, stack_end, nsid); } struct link_map * |