mirror of
git://sourceware.org/git/glibc.git
synced 2025-04-12 14:21:18 +08:00
b861755a84
From the bug report [1], multiple programs still require to dlopen shared libraries with either missing PT_GNU_STACK or with the executable bit set. Although, in some cases, it seems to be a hard-craft assembly source without the required .note.GNU-stack marking (so the static linker is forced to set the stack executable if the ABI requires it), other cases seem that the library uses trampolines [2]. Unfortunately, READ_IMPLIES_EXEC is not an option since on some ABIs (x86_64), the kernel clears the bit, making it unsupported. To avoid reinstating the broken code that changes stack permission on dlopen (0ca8785a28), this patch extends the glibc.rtld.execstack tunable to allow an option to force an executable stack at the program startup. The tunable is a security issue because it defeats the PT_GNU_STACK hardening. It has the slight advantage of making it explicit by the caller, and, as for other tunables, this is disabled for setuid binaries. A tunable also allows us to eventually remove it, but from previous experiences, it would require some time. Checked on aarch64-linux-gnu, x86_64-linux-gnu, and i686-linux-gnu. [1] https://sourceware.org/bugzilla/show_bug.cgi?id=32653 [2] https://github.com/conda-forge/ctng-compiler-activation-feedstock/issues/143 Reviewed-by: Sam James <sam@gentoo.org> (cherry picked from commit 12a497c716f0a06be5946cabb8c3ec22a079771e)
181 lines
3.3 KiB
Plaintext
181 lines
3.3 KiB
Plaintext
# Copyright (C) 2016-2025 Free Software Foundation, Inc.
|
|
# This file is part of the GNU C Library.
|
|
|
|
# The GNU C Library is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU Lesser General Public
|
|
# License as published by the Free Software Foundation; either
|
|
# version 2.1 of the License, or (at your option) any later version.
|
|
|
|
# The GNU C Library is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
# Lesser General Public License for more details.
|
|
|
|
# You should have received a copy of the GNU Lesser General Public
|
|
# License along with the GNU C Library; if not, see
|
|
# <https://www.gnu.org/licenses/>.
|
|
|
|
# Allowed attributes for tunables:
|
|
#
|
|
# type: Defaults to STRING
|
|
# minval: Optional minimum acceptable value
|
|
# maxval: Optional maximum acceptable value
|
|
# default: Optional default value (if not specified it will be 0 or "")
|
|
# env_alias: An alias environment variable
|
|
|
|
glibc {
|
|
malloc {
|
|
check {
|
|
type: INT_32
|
|
minval: 0
|
|
maxval: 3
|
|
env_alias: MALLOC_CHECK_
|
|
}
|
|
top_pad {
|
|
type: SIZE_T
|
|
env_alias: MALLOC_TOP_PAD_
|
|
default: 131072
|
|
}
|
|
perturb {
|
|
type: INT_32
|
|
minval: 0
|
|
maxval: 0xff
|
|
env_alias: MALLOC_PERTURB_
|
|
}
|
|
mmap_threshold {
|
|
type: SIZE_T
|
|
env_alias: MALLOC_MMAP_THRESHOLD_
|
|
}
|
|
trim_threshold {
|
|
type: SIZE_T
|
|
env_alias: MALLOC_TRIM_THRESHOLD_
|
|
}
|
|
mmap_max {
|
|
type: INT_32
|
|
env_alias: MALLOC_MMAP_MAX_
|
|
minval: 0
|
|
}
|
|
arena_max {
|
|
type: SIZE_T
|
|
env_alias: MALLOC_ARENA_MAX
|
|
minval: 1
|
|
}
|
|
arena_test {
|
|
type: SIZE_T
|
|
env_alias: MALLOC_ARENA_TEST
|
|
minval: 1
|
|
}
|
|
tcache_max {
|
|
type: SIZE_T
|
|
}
|
|
tcache_count {
|
|
type: SIZE_T
|
|
}
|
|
tcache_unsorted_limit {
|
|
type: SIZE_T
|
|
}
|
|
mxfast {
|
|
type: SIZE_T
|
|
minval: 0
|
|
}
|
|
hugetlb {
|
|
type: SIZE_T
|
|
minval: 0
|
|
}
|
|
}
|
|
|
|
elision {
|
|
enable {
|
|
type: INT_32
|
|
minval: 0
|
|
maxval: 1
|
|
}
|
|
skip_lock_busy {
|
|
type: INT_32
|
|
default: 3
|
|
minval: 0
|
|
}
|
|
skip_lock_internal_abort {
|
|
type: INT_32
|
|
default: 3
|
|
minval: 0
|
|
}
|
|
skip_lock_after_retries {
|
|
type: INT_32
|
|
default: 3
|
|
minval: 0
|
|
}
|
|
tries {
|
|
type: INT_32
|
|
default: 3
|
|
minval: 0
|
|
}
|
|
skip_trylock_internal_abort {
|
|
type: INT_32
|
|
default: 3
|
|
minval: 0
|
|
}
|
|
}
|
|
|
|
rtld {
|
|
nns {
|
|
type: SIZE_T
|
|
minval: 1
|
|
maxval: 16
|
|
default: 4
|
|
}
|
|
optional_static_tls {
|
|
type: SIZE_T
|
|
minval: 0
|
|
default: 512
|
|
}
|
|
enable_secure {
|
|
type: INT_32
|
|
minval: 0
|
|
maxval: 1
|
|
default: 0
|
|
}
|
|
execstack {
|
|
type: INT_32
|
|
minval: 0
|
|
maxval: 2
|
|
default: 1
|
|
}
|
|
}
|
|
|
|
mem {
|
|
tagging {
|
|
type: INT_32
|
|
minval: 0
|
|
maxval: 255
|
|
}
|
|
decorate_maps {
|
|
type: INT_32
|
|
minval: 0
|
|
maxval: 1
|
|
}
|
|
}
|
|
|
|
rtld {
|
|
dynamic_sort {
|
|
type: INT_32
|
|
minval: 1
|
|
maxval: 2
|
|
default: 2
|
|
}
|
|
}
|
|
|
|
gmon {
|
|
minarcs {
|
|
type: INT_32
|
|
minval: 50
|
|
default: 50
|
|
}
|
|
maxarcs {
|
|
type: INT_32
|
|
minval: 50
|
|
default: 1048576
|
|
}
|
|
}
|
|
}
|