Adhemerval Zanella 0ca8785a28 elf: Do not change stack permission on dlopen/dlmopen ... If some shared library loaded with dlopen/dlmopen requires an executable stack, either implicitly because of a missing GNU_STACK ELF header (where the ABI default flags implies in the executable bit) or explicitly because of the executable bit from GNU_STACK; the loader will try to set the both the main thread and all thread stacks (from the pthread cache) as executable. Besides the issue where any __nptl_change_stack_perm failure does not undo the previous executable transition (meaning that if the library fails to load, there can be thread stacks with executable stacks), this behavior was used on a CVE [1] as a vector for RCE. This patch changes that if a shared library requires an executable stack, and the current stack is not executable, dlopen fails. The change is done only for dynamically loaded modules, if the program or any dependency requires an executable stack, the loader will still change the main thread before program execution and any thread created with default stack configuration. [1] https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt Checked on x86_64-linux-gnu and i686-linux-gnu. Reviewed-by: Florian Weimer <fweimer@redhat.com>		2024-12-31 09:04:20 -03:00
..
alloca_cutoff.c
allocatestack.c	elf: Do not change stack permission on dlopen/dlmopen	2024-12-31 09:04:20 -03:00
cancellation.c
cleanup_compat.c
cleanup_defer_compat.c
cleanup_defer.c
cleanup_routine.c
cleanup.c
default-sched.h
descr-const.sym
descr.h	nptl: More useful padding in struct pthread	2024-12-27 07:29:56 +01:00
DESIGN-systemtap-probes.txt
elision-conf.c
elision-conf.h
elision-lock.c
elision-timed.c
elision-trylock.c
elision-unlock.c
errno-loc.c
events.c
futex-internal.c
libc-cleanup.c
libpthread-compat.c
lowlevellock.c
Makefile	Enable execstack tests only if compiler supports trampoline	2024-12-22 12:55:50 +08:00
nptl_deallocate_tsd.c
nptl_free_tcb.c
nptl_lock_constants.pysym
nptl_nthreads.c
nptl_setxid.c
nptl-printers.py
nptl-stack.c
nptl-stack.h
nptlfreeres.c
old_pthread_cond_broadcast.c
old_pthread_cond_destroy.c
old_pthread_cond_init.c
old_pthread_cond_signal.c
old_pthread_cond_timedwait.c
old_pthread_cond_wait.c
perf.c
pthread_attr_copy.c
pthread_attr_destroy.c
pthread_attr_extension.c
pthread_attr_getaffinity.c
pthread_attr_getdetachstate.c
pthread_attr_getguardsize.c
pthread_attr_getinheritsched.c
pthread_attr_getschedparam.c
pthread_attr_getschedpolicy.c
pthread_attr_getscope.c
pthread_attr_getsigmask.c
pthread_attr_getstack.c
pthread_attr_getstackaddr.c
pthread_attr_getstacksize.c
pthread_attr_init.c
pthread_attr_setaffinity.c
pthread_attr_setdetachstate.c
pthread_attr_setguardsize.c
pthread_attr_setinheritsched.c
pthread_attr_setschedparam.c
pthread_attr_setschedpolicy.c
pthread_attr_setscope.c
pthread_attr_setsigmask_internal.c
pthread_attr_setsigmask.c
pthread_attr_setstack.c
pthread_attr_setstackaddr.c
pthread_attr_setstacksize.c
pthread_barrier_destroy.c
pthread_barrier_init.c
pthread_barrier_wait.c
pthread_barrierattr_destroy.c
pthread_barrierattr_getpshared.c
pthread_barrierattr_init.c
pthread_barrierattr_setpshared.c
pthread_cancel.c
pthread_cleanup_upto.c
pthread_clockjoin.c
pthread_cond_broadcast.c
pthread_cond_common.c
pthread_cond_destroy.c
pthread_cond_init.c
pthread_cond_signal.c
pthread_cond_wait.c
pthread_condattr_destroy.c
pthread_condattr_getclock.c
pthread_condattr_getpshared.c
pthread_condattr_init.c
pthread_condattr_setclock.c
pthread_condattr_setpshared.c
pthread_create.c	Silence most -Wzero-as-null-pointer-constant diagnostics	2024-11-25 16:45:59 -03:00
pthread_detach.c
pthread_equal.c
pthread_exit.c
pthread_getaffinity.c
pthread_getattr_default_np.c
pthread_getattr_np.c
pthread_getconcurrency.c
pthread_getcpuclockid.c
pthread_getname.c
pthread_getschedparam.c
pthread_getspecific.c
pthread_join_common.c	Check time arguments to pthread_timedjoin_np and pthread_clockjoin_np	2024-10-21 20:56:48 +00:00
pthread_join.c
pthread_key_create.c
pthread_key_delete.c
pthread_keys.c
pthread_kill_other_threads.c
pthread_kill.c
pthread_mutex_cond_lock.c
pthread_mutex_conf.c
pthread_mutex_consistent.c
pthread_mutex_destroy.c
pthread_mutex_getprioceiling.c
pthread_mutex_init.c
pthread_mutex_lock.c
pthread_mutex_setprioceiling.c
pthread_mutex_timedlock.c
pthread_mutex_trylock.c
pthread_mutex_unlock.c
pthread_mutexattr_destroy.c
pthread_mutexattr_getprioceiling.c
pthread_mutexattr_getprotocol.c
pthread_mutexattr_getpshared.c
pthread_mutexattr_getrobust.c
pthread_mutexattr_gettype.c
pthread_mutexattr_init.c
pthread_mutexattr_setprioceiling.c
pthread_mutexattr_setprotocol.c
pthread_mutexattr_setpshared.c
pthread_mutexattr_setrobust.c
pthread_mutexattr_settype.c
pthread_once.c
pthread_rwlock_clockrdlock.c
pthread_rwlock_clockwrlock.c
pthread_rwlock_common.c
pthread_rwlock_destroy.c
pthread_rwlock_init.c
pthread_rwlock_rdlock.c
pthread_rwlock_timedrdlock.c
pthread_rwlock_timedwrlock.c
pthread_rwlock_tryrdlock.c
pthread_rwlock_trywrlock.c
pthread_rwlock_unlock.c
pthread_rwlock_wrlock.c
pthread_rwlockattr_destroy.c
pthread_rwlockattr_getkind_np.c
pthread_rwlockattr_getpshared.c
pthread_rwlockattr_init.c
pthread_rwlockattr_setkind_np.c
pthread_rwlockattr_setpshared.c
pthread_self.c
pthread_setaffinity.c
pthread_setattr_default_np.c
pthread_setcancelstate.c
pthread_setcanceltype.c
pthread_setconcurrency.c
pthread_setname.c
pthread_setschedparam.c
pthread_setschedprio.c
pthread_setspecific.c
pthread_sigmask.c
pthread_sigqueue.c
pthread_spin_destroy.c
pthread_spin_init.c
pthread_spin_lock.c
pthread_spin_trylock.c
pthread_spin_unlock.c
pthread_testcancel.c
pthread_timedjoin.c
pthread_tryjoin.c
pthread_yield.c
sem_clockwait.c
sem_destroy.c
sem_getvalue.c
sem_init.c
sem_post.c
sem_timedwait.c
sem_wait.c
sem_waitcommon.c
semaphoreP.h
shlib-versions
test-cond-printers.c
test-cond-printers.py
test-condattr-printers.c
test-condattr-printers.py
test-mutex-printers.c
test-mutex-printers.py
test-mutexattr-printers.c
test-mutexattr-printers.py
test-rwlock-printers.c
test-rwlock-printers.py
test-rwlockattr-printers.c
test-rwlockattr-printers.py
thrd_current.c
thrd_yield.c
TODO
TODO-kernel
TODO-testing	pthread_getcpuclockid: Add descriptive comment to smoke test	2024-11-28 13:19:52 -05:00
tpp.c
tst-attr2.c
tst-attr3.c
tst-attr4.c	Add more tests of pthread attributes initial values	2024-10-29 17:35:21 +00:00
tst-audit-threads-mod1.c
tst-audit-threads-mod2.c
tst-audit-threads.c
tst-audit-threads.h
tst-barrier5.c
tst-cancel4_1.c
tst-cancel4_2-time64.c
tst-cancel4_2.c
tst-cancel7.c
tst-cancel17.c
tst-cancel24-static.cc
tst-cancel24.cc
tst-cancel31.c
tst-cancelx7.c
tst-cancelx17.c
tst-cleanup4.c
tst-cleanup4aux.c
tst-cleanupx4.c
tst-cleanupx4aux.c
tst-clock2.c
tst-compat-forwarder-mod.c
tst-compat-forwarder.c
tst-cond22.c
tst-cond26.c
tst-context1.c
tst-default-attr.c
tst-dlsym1.c
tst-eintr1.c
tst-exec4.c
tst-exec5.c
tst-execstack-threads-mod.c
tst-execstack-threads.c
tst-initializers1-c11.c
tst-initializers1-c89.c
tst-initializers1-c99.c
tst-initializers1-gnu11.c
tst-initializers1-gnu89.c
tst-initializers1-gnu99.c
tst-initializers1.c
tst-minstack-cancel.c
tst-minstack-exit.c
tst-minstack-throw.cc	include/sys/cdefs.h: Add __attribute_optimization_barrier__	2024-12-23 06:28:55 +08:00
tst-mutex5a.c
tst-mutex7a.c
tst-mutex8-static.c
tst-mutex8.c
tst-mutexpi1.c
tst-mutexpi2.c
tst-mutexpi3.c
tst-mutexpi4.c
tst-mutexpi5.c
tst-mutexpi6.c
tst-mutexpi7.c
tst-mutexpi8-static.c
tst-mutexpi8.c
tst-mutexpi9.c
tst-mutexpi10.c
tst-mutexpi11.c
tst-mutexpi12.c
tst-mutexpp1.c
tst-mutexpp5.c
tst-mutexpp6.c
tst-mutexpp9.c
tst-mutexpp10.c
tst-oddstacklimit.c
tst-once5.cc
tst-pthread_exit-nothreads-static.c
tst-pthread_exit-nothreads.c
tst-pthread-attr-affinity-fail.c
tst-pthread-attr-affinity.c
tst-pthread-attr-sigmask.c
tst-pthread-defaultattr-free.c
tst-pthread-gdb-attach-static.c
tst-pthread-gdb-attach.c
tst-pthread-getattr.c
tst-pthread-getcpuclockid-invalid.c	pthread_getcpuclockid: Add descriptive comment to smoke test	2024-11-28 13:19:52 -05:00
tst-pthread-key1-static.c
tst-pthread-timedlock-lockloop.c
tst-robust-fork.c
tst-robustpi1.c
tst-robustpi2.c
tst-robustpi3.c
tst-robustpi4.c
tst-robustpi5.c
tst-robustpi6.c
tst-robustpi7.c
tst-robustpi8.c
tst-robustpi9.c
tst-rwlock2.c
tst-rwlock3.c
tst-rwlock6.c
tst-rwlock7.c
tst-rwlock8.c
tst-rwlock9.c
tst-rwlock10.c
tst-rwlock11.c
tst-rwlock15.c
tst-rwlock17.c
tst-rwlock18.c
tst-rwlock19.c
tst-rwlock20.c
tst-rwlock21.c
tst-rwlock22.c
tst-rwlock-pwn.c
tst-sched1.c
tst-sem11-static.c
tst-sem11.c
tst-sem12-static.c
tst-sem12.c
tst-sem13.c
tst-sem17.c
tst-setgetname.c
tst-setgroups.c
tst-setuid1-static.c
tst-setuid1.c
tst-setuid2.c
tst-signal3.c
tst-signal7.c
tst-stack2.c
tst-stack3.c
tst-stack4.c
tst-stack4mod.c
tst-stackguard1-static.c
tst-stackguard1.c
tst-thread_local1.cc	include/sys/cdefs.h: Add __attribute_optimization_barrier__	2024-12-23 06:28:55 +08:00
tst-thread-affinity-pthread2.c
tst-thread-affinity-pthread.c
tst-thread-affinity-sched.c
tst-thread-exit-clobber.cc	include/sys/cdefs.h: Add __attribute_optimization_barrier__	2024-12-23 06:28:55 +08:00
tst-thread-setspecific.c	Suppress -Wmaybe-uninitialized only for GCC	2024-12-22 17:46:56 +08:00
tst-tls3-malloc.c
tst-tls3.c
tst-tls3mod.c
tst-tls5.c
tst-tls5.h
tst-tls5mod.c
tst-tls5moda.c
tst-tls5modb.c
tst-tls5modc.c
tst-tls5modd.c
tst-tls5mode.c
tst-tls5modf.c
tst-tls6.sh
tst-tpp.h
tst-tsd3.c
tst-tsd4.c
unwind.c
unwindbuf.sym
vars.c
Versions