From d6f373d21b19565838cb9848c15b8070f2fe1305 Mon Sep 17 00:00:00 2001 From: Matthew Fortune Date: Wed, 1 Oct 2014 17:08:51 +0100 Subject: Add a hook to enable load-time inspection of program headers This hook can be used to perform additional compatibility checks between shared libraries by inspecting custom program header information. * elf/dl-machine-reject-phdr.h: New file. * elf/dl-load.c: #include that. (open_verify): Call elf_machine_reject_phdr_p and ignore the file if that returned true. --- ChangeLog | 7 +++++++ elf/dl-load.c | 6 ++++++ elf/dl-machine-reject-phdr.h | 34 ++++++++++++++++++++++++++++++++++ 3 files changed, 47 insertions(+) create mode 100644 elf/dl-machine-reject-phdr.h diff --git a/ChangeLog b/ChangeLog index 2f7e6f62b5..fac4138f5b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2014-10-31 Matthew Fortune + + * elf/dl-machine-reject-phdr.h: New file. + * elf/dl-load.c: #include that. + (open_verify): Call elf_machine_reject_phdr_p and ignore the file + if that returned true. + 2014-10-31 Roland McGrath [BZ #17496] diff --git a/elf/dl-load.c b/elf/dl-load.c index ce5b626b26..7a03ccfd2a 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -41,6 +41,7 @@ #include #include #include +#include #include @@ -1683,6 +1684,11 @@ open_verify (const char *name, struct filebuf *fbp, struct link_map *loader, } } + if (__glibc_unlikely (elf_machine_reject_phdr_p + (phdr, ehdr->e_phnum, fbp->buf, fbp->len, + loader, fd))) + goto close_and_out; + /* Check .note.ABI-tag if present. */ for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph) if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4) diff --git a/elf/dl-machine-reject-phdr.h b/elf/dl-machine-reject-phdr.h new file mode 100644 index 0000000000..d110a32023 --- /dev/null +++ b/elf/dl-machine-reject-phdr.h @@ -0,0 +1,34 @@ +/* Machine-dependent program header inspection for the ELF loader. + Copyright (C) 2014 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#ifndef _DL_MACHINE_REJECT_PHDR_H +#define _DL_MACHINE_REJECT_PHDR_H 1 + +#include + +/* Return true iff ELF program headers are incompatible with the running + host. */ +static inline bool +elf_machine_reject_phdr_p (const ElfW(Phdr) *phdr, uint_fast16_t phnum, + const char *buf, size_t len, struct link_map *map, + int fd) +{ + return false; +} + +#endif /* dl-machine-reject-phdr.h */ -- cgit v1.2.1